last executing test programs: 20.353186885s ago: executing program 0 (id=624): ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000500)={0xffffffffffffffff, &(0x7f0000000080)="cf4ed6e2aca8fbd912586313b86f765b86c99a1655e1d805a3e67279ee511d3ed5930d6aba3bd4030831321da83890a0638b607127b192e773521417958f94d747563bc9bbd8ab95cb79d48500eb6aea2804a6e2c110e110f5b0ee0799edc6d29beed3048f517227a641b04474420971967f8032e2ec7d0eee6c", 0x3, &(0x7f0000000380)="97ea6781cd9e7192342ba12cc9e60a4bbfcf57b8bf8a0fe3925f50e7fb803570d20cbf99ec30666beec94e88ba54eabebcd327df0a09dd745e350a93b917364e4bea91f604f739ca65f326b53c5e6a144957d37be1c093680f6fd0229d55c6479363654b0118e5a389", 0x0, &(0x7f0000000440)="f4ce0cc437131e6928ac66ee0c8448b31bd58dc9f1632f0734689f3e7738aa02ea0b13b51e88911a5a892cd66dcaeb23ea7e42ac7eab40555968fe8690ab2342833f26e119485a95e46566ffa07b146c25340f4d59e33f1a615822404ba799d282e468bd93cbe56dd2286cedb8b4e523eb835175d9955249979bbbad7f522d2e34997721fb2f5659cfcf03293569a78fba44", &(0x7f0000000100)=0x7ff}) mmap$auto(0x0, 0x1, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0) preadv$auto(r1, &(0x7f0000000040)={0x0, 0x8010000}, 0x5, 0x9, 0x7ffffffffd) fsconfig$auto_HIDEPID_NO_ACCESS(r0, 0x40002, &(0x7f0000000540), &(0x7f0000000580)="ec56e6632afc7c69297640f5098d77e657e90ec9f00d4b72b9e20d2b25bb07902240430e9827b32a30fb823abf4353b8b4dd4bed39d760bc43d4fb3824fc6a9c1a54793bbcf43d3c770a962d5a645db53de10c3513aaa134ae041af566560f835f300f545888785170955821de76e01d2762ccac443304c3bf636a324ccd16cd5718d9c392f1c4066fa7e3d50493bf2938f04aaf65492c45b351fbc90b39b6d4726fa36ee32aad79db70cc6633f020a31fc6fa1837aa2ed2ba9dab39b9d4e558b366a2f3aeaeeb3e86c577e8a9649111", 0x1) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) 17.336449589s ago: executing program 0 (id=628): mmap$auto(0xd, 0x0, 0xc00000072, 0xfffffffffffffff7, 0x1000000002, 0x2c) r0 = io_uring_setup$auto(0x86, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x28, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f0000000040)={[0x1, 0x100000007, 0x800000000000000d, 0x8fd6, 0x19488, 0xb7f, 0x8, 0x2, 0x3, 0x6, 0x8, 0x8, 0x1, 0xb, 0x1, 0xfffffffffffffffe]}, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x128e2, 0x0) write$auto(r2, &(0x7f00000001c0)='\b\x1c\xc7\x00\x80\x00\x00\x00\x00\x00\x00\x00', 0x81) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) mmap$auto(0x3, 0x8000000000000009, 0x8, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x5, 0xa, 0x0, 0x10000004) splice$auto(r0, &(0x7f0000000200)=0x22, r2, &(0x7f0000000240)=0x23a0fb, 0x1, 0x10000002) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) unshare$auto(0x40000080) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_MSG_INFO(0x8, 0xc, &(0x7f00000004c0)={{0x1, 0x0, 0x0, 0x9, 0x5c, 0x4, 0xffff}, &(0x7f0000000440)=0xf8, &(0x7f0000000480)=0x6, 0x2, 0x4, 0xfffffffffffffff8, 0xd3, 0x5, 0xb, 0x101, 0x7, @inferred, @inferred=0xffffffffffffffff}) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="34ed35f1", @ANYRES16=r5, @ANYBLOB="010029bd7000fddbdf251600000018000180140002006e657464657673696d300006000000000500040008000000"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) write$auto_console_fops_tty_io(r3, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54", 0xcb6) socket(0x8, 0x2, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x2, 0x9, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 10.101738787s ago: executing program 1 (id=634): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = gettid() kexec_load$auto(0x5, 0x2, 0x0, 0x4) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x20000, 0x4) epoll_pwait2$auto(r1, &(0x7f00000000c0)={0x0, 0x1}, 0x81, &(0x7f0000000100)={0xbd7, 0xffffffffffffffff}, &(0x7f0000000140)={0x6}, 0x8) ioperm$auto(0x3, 0x5, 0x149) kill$auto(r0, 0x11) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_cmdlines\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'wlan0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) r3 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_rng_chrdev_ops_core(r3, &(0x7f0000000140)=""/229, 0xe5) timer_create$auto(0x3, 0x0, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) read$auto_proc_pid_maps_operations_internal(r3, &(0x7f00000015c0)=""/4079, 0xfef) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020011, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r4 = open(0x0, 0xcd1e23e41b02d660, 0x154) execveat$auto(r4, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000) 9.946439653s ago: executing program 0 (id=635): r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000052c4030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001"], 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='%'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto(r0, 0xaf01, 0xffffffffffffffff) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x80042, 0x0) mmap$auto(0x0, 0x68, 0x3, 0x80000010, 0x3, 0x83000000) 8.410326055s ago: executing program 0 (id=636): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r1 = gettid() kill$auto(r1, 0x11) 7.56254711s ago: executing program 0 (id=639): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0xc200, 0x0) write$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x15, 0x5, 0x0) socket(0x18, 0x1, 0xff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x9, 0xfffffffffffffffa, 0x3, 0x0) setsockopt$auto(0x3, 0x1, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000080), 0x6b) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) mq_open$auto(0x0, 0x5, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x203, 0x7, 0xd, 0xfffffffffffffffe, 0x80000948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0) sched_get_priority_min$auto(0x40) socket(0x2, 0xa, 0x0) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) listen$auto(0x3, 0x81) setrlimit$auto(0x5, &(0x7f0000000240)={0x3, 0x9}) 7.012782613s ago: executing program 2 (id=641): socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xf, 0x3, 0x2) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x0, 0x0) (async) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) (async) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8010) (async, rerun: 64) sendmsg$auto_KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE(r1, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x8000010}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x14, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x45000}, 0x5) (async, rerun: 64) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x81, 0x3, 0x62, 0x80000001, 0x7, 0x2000000006d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) (async) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/cmdline\x00', 0x481, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) (async) r2 = socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04, 0x0) (async) waitid$auto_P_ALL(0x0, 0x468e, &(0x7f00000001c0)={@siginfo_0_0={0x7, 0x4, 0x309, @_rt={0x0, 0x0, @sival_ptr=&(0x7f00000000c0)="361da6425979f321f15c64a6f5fa0b6cba1f0e4285504a768d83e5b21be75dd346782ab711f42ffe91741f05e24e30be16bbe7ac358ec9c81c091f1f8538451b6f89c6fbc4edbf8b0a309e31b55bc7f04f5f7a39aaee1b9943cd809e753b48adfca1b8999cf49a034b6a1835aaff1eaa34c364213b7df217625611245492fc0e3344619c7f8c79e20c0c2ca448aac0028414eb84dac36cf99955c1a0157637d946cdd5f278e8899416017fc51b9bdd234f221af70a2a0fe07932883053f77b6ed448fee764"}}}, 0x3, &(0x7f0000000340)={{0x8, 0x5}, {0x7, 0xffe}, 0x7, 0x1af, 0xfffffffffffffffa, 0x2, 0xfffffffffffff5a2, 0x5, 0x402, 0x2, 0xe6, 0x8, 0x4e6033bf, 0x6, 0x101, 0x8}) (async, rerun: 64) r4 = gettid() (rerun: 64) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) pread64$auto(r5, 0x0, 0x8, 0x7fff) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000440)={{@inferred=r3, 0x80, 0x3, 0x1, "977d648a0881449f3ce8ba5b483e904dfacb519a28d0b90b462bf9ad3e3c7e488826dc0852829cf353806ac4", @inferred=r4}, 0x0, 0x7, 0x4, @raw=0x9, @integer={0x5, 0xfffffffffffffff4, 0x4}, "b957b0168b84987d4211529b4bf24c25c2a1e7c1cbcff5c254d7954a4ffb435e9426e9c83a87cd49439334e9a0bf167595e50bfb2200e43a76fd8e68ce7be399"}) (async, rerun: 64) syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000580), r2) (async, rerun: 64) sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000700)={&(0x7f00000005c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRESHEX=r5, @ANYBLOB="040028bd7000ffdbdf2502a4b4403240ff33d37d7e19afab0000000800050005000000050003"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x40000) (async) unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) 6.445831083s ago: executing program 2 (id=642): r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1c\x00', 0x40002, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(r0, 0x40084149, &(0x7f0000000040)) mmap$auto(0x1, 0x3, 0x1, 0xe31, 0xffffffffffffffff, 0xe0) socket(0xa, 0x1, 0x84) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80082, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="070986acbdecd86de2", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000080) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x20, r2, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x2}, @NL80211_ATTR_MLD_ADDR={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x0) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x3, 0xa00006, 0x4, 0x40eb1, 0x602, 0x300000000000) ioprio_set$auto(0x2, 0x0, 0x208) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x2400, 0x0) read$auto(r5, 0x0, 0x9) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r6, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) 5.257820868s ago: executing program 2 (id=643): mmap$auto(0x0, 0x80000040009, 0x0, 0x9b71, 0xffffffffffffffff, 0x37ffe) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x7ffd) poll$auto(&(0x7f00000000c0)={0xffffffffffffffff, 0x7, 0x81}, 0x3, 0x5b37) socket(0x28, 0x4, 0x7ffffffc) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x40a40, 0x0) mmap$auto(0x5, 0x7, 0x7fffffffffffffff, 0x13d, 0xfffffffffffffffa, 0x36) mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb0, 0xffffffffffffffff, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) readv$auto(r2, &(0x7f00000000c0)={0x0, 0x5}, 0x3) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) acct$auto(&(0x7f0000000000)='/dev/snd/controlC1\x00') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x1010001, 0x100000003) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x20) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000080)={0xf249, 0x2, 0x800, 0xb3f, 0x1f807, 0xffffffffffffffff}) ioctl$auto_XFS_IOC_FREESP64(r0, 0x40305825, &(0x7f00000000c0)={0x9, 0xb3, 0x4, 0x5c7, 0x80}) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x100000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x801, 0x6) connect$auto(0x3, 0x0, 0x54) 3.957693587s ago: executing program 1 (id=645): mmap$auto(0x0, 0x20009, 0x20df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0xffffffffffffffff, 0x3, 0x0, 0x4000000000000eb1, 0x401, 0xfffffffffffffffc) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x400, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x400000000000003, 0x2d, 0x1c, 0x0, 0x3) r0 = socket(0x2e, 0x2, 0x4) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0xc) r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="fb92f48e", @ANYRES16=r3, @ANYBLOB="10002cbd7000fadbdf250a00000a00000200252f00e2a85c41e75a02715bcbc0b04e5cdcdf28fffe65c31770799fdab838aaf6712a82e628c9e6429a4a38320b2d692863927bd744b4f7b409b29862d3257675d4fd09d74a831929b1005bdd28ef3fc5ae2884ef6a78fedbebbc656141771e57124268c37932c90ec99923926a97bb444f6903a41102463c79baf78c35827f46efb37be97277d81130bd43e31c60347610f3e65f3d60d3d1e231c0cc23ad56ff23565d95cfafc7a92a64da18c0c01c0600010006000000"], 0x51}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004859}, 0x8004) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10044010) mmap$auto(0x0, 0x5, 0xffb, 0x8000000008011, 0x3, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x88, 0x22, 0x0, 0x0) write$auto(0x3, 0x0, 0x100082) socket(0xa, 0x801, 0x84) r4 = socket(0x1e, 0x1, 0x0) bind$auto(r4, &(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x2, {{0x41}, 0xffffffff}}, 0x66) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 3.80515699s ago: executing program 0 (id=646): userfaultfd$auto(0x6ce0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c"], 0x30}, 0x1, 0x0, 0x0, 0x8841}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000040)={0x0, 0x8d}, 0x1, 0x0, 0x7, 0xa505}, 0x800}, 0x400, 0x4004) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0xffffffffffffffff, 0x400004, 0xdf, 0x13, 0x2, 0xfffffffffffffffe) r1 = socket(0x26, 0x1, 0xfffffffd) ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2) bind$auto(0x3, &(0x7f0000000040)=@xdp={0x2c, 0x4, 0x0, 0x25}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) unshare$auto(0x40000080) get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="00000000c7ff7567b8b8bb2596186d87ef96aa93cad5590efe28aedfc4f6a4faf8a3e12d44e9e99e75867d9c852863be0223902e776471908a5e5a2c2975e4caa347f43d87b67a15ffbb05ab9e46a22fc59da804dfa74934107dbc56eba38defebbb07eca99c826c6593f9dc487a211c76c1dabcc3c37cd260a99381a21596b2119b43264b47d24ff14f95aeae1fe59154a55810257fd54cdad504", @ANYRESDEC=0x0, @ANYBLOB="00024d80261cfbdbdf25140000005c000180140002007465616d3000000000000000000000001400020064756d6d79300000000000000000000014000200626f6e645f736c6176655f30000000001400020074756e6c30000000000000000000000008000300000800000800090000800000"], 0x78}, 0x1, 0x0, 0x0, 0x8000000}, 0x4000810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1) openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0) mmap$auto(0x0, 0xe9, 0xdf, 0x9b72, 0x2, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xf90000, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/power/pm_qos_no_power_off\x00', 0x20a42, 0x0) 3.684176209s ago: executing program 2 (id=647): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, 0x0, 0x81) r1 = gettid() kill$auto(r1, 0x11) 3.557869921s ago: executing program 3 (id=648): mmap$auto(0x800000, 0x8, 0x0, 0x40eb2, 0x401, 0x300000000000) munmap$auto(0x0, 0xffffffff) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/bridge0/proxy_arp\x00', 0x83, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) r5 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x401, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0x1000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'veth1_vlan\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x40, r7, 0x100, 0x70bd24, 0x25dddbfc, {}, [@ETHTOOL_A_TSINFO_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'veth0_to_batadv\x00'}) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r5, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80802104}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0xdc, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_PLCA_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PLCA_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3ff}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_PLCA_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xc}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x3}]}, @ETHTOOL_A_PLCA_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x807}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0xc0}, 0x0) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup/cpu.weight\x00', 0x23582, 0x0) write$auto(r9, 0x0, 0x4) socket(0x2b, 0x1, 0x80001000) socket(0x27, 0x2, 0x6) r10 = mq_open$auto(0x0, 0x56a, 0xb275, 0x0) mq_timedreceive$auto(0x8, 0x0, 0xfffffffd, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r10, 0x3, &(0x7f0000000040)="f2fcedfa74869da86d30028ad8d2217c357e7eb5e3b16ffbac6effab3cccf7e924eda1fdf9a0dd2757f1425ab02ff12b587fb3f764b31e9152ec35b6498c7847fe5130a0c566b0920770c965bd9e606abe964ec6f3e5fbab") write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) 3.389777128s ago: executing program 2 (id=649): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe$auto(&(0x7f0000000000)) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x642, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) 3.121918116s ago: executing program 3 (id=650): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mtdblock0\x00', 0x288043, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f00000001c0)={0x0, 0x80000000}, 0x2, 0xfffbffffffffffff, 0x80000000, 0x2e) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x408802, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfs4.idtoname/content\x00', 0x181b80, 0x0) read$auto(r1, &(0x7f0000000440)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceW\x1a\x1f\xae\xd8\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xecC\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb08\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk\x02_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1e\xe9T1\xbf\xc8_^\a\x03\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xddC\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3\xb0\x84\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda+U\b\x88\xa7\x88\x1fC\xbb\xa8\xce\x0f\xd5\xdew\x99\x18G.s\x16\xfa\xf2\x96|\x1e]\xe5\xf8\xb1\x8b.}\x841\xd8\x98\xd8f86h\xab\x94\x7f\xc4<\x03\xdd\x86=\xb6\x1e@\xab6\x81\xce\xaa\xcf\xfd\x947\xc3\x86\xfe\xb7O\xd9\xa9\xb6[\xcc\xd8\xe1\xa9\x84[\xe0\xd4\x03\x90@\x03\xbe\xba\xee\xed\xe9\xb1\xd2\xf1\x8cgn\xb7m/\xf1\"\xc2\xeb\x1d\x04\xf3\xf1\x96\xf2\x00C\xf0wg\xd6\x11\x18\xb5o\x9d\xd7`\xce\x81\x9b1b\x8ce\x99*\xa3\xd2\x8dAw\xd9\xa6l\\\x17\xbb\xf6\xe2\xa2<\n\xc0\f:\x97\xff\xc6y\x05<\xa6\x81\xd92\xc9\x9e\f[\xf9\xfc\xf1ih\"J\x92\xd2\xd4\xc2\xe8\x89 \x81\xbf8C\xa9\x1at\xa1\xdc\x94\xc5\xc8K\xbb\x14h\xa9)\xaa\xf2\xda\xaf\xb1\rs\xe6\x97\x1e\xcc6\x94\xff\x1b\x8e\x98\xf7\xa0', 0x67b) r2 = socket(0x23, 0x6, 0xfffffffd) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0) write$auto(r3, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_LINK_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="2d7d11f61fa55cee1422a887003256acf5e78a404f9d9fbd0308688c047ee54127d59de7232e364324f4cfd098408fca1ec17810011aecf817fe9f04fe8e2790b4011253981b0c71f5ce815556716e8dc69b91ba4b8e8c9ea436b747127ad8346faadc1bbff8d4ac6b01ad37dfdf5965d01b46c9a23f9c28617a15d885a684bc2bacdc9240a00dd5f7", @ANYRES32=r2, @ANYBLOB="010326bd7000fedbdf25080000000800048004000180"], 0x1c}, 0x1, 0x0, 0x0, 0x24000055}, 0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8c6, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) read$auto(r4, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0x70) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mbind$auto(0x0, 0x0, 0x4, 0x0, 0x6, 0x2) mremap$auto(0x4000, 0xba, 0x13fd4, 0x3, 0xfffff000) ioctl$auto(0xc8, 0x800454da, 0x5) 3.028726112s ago: executing program 2 (id=651): bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4) (async) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) (async) bind$auto(0x3, 0x0, 0x6a) (async) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) (async) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x663, 0xa, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x0, 0x4, 0x65, 0x8000001f, 0xffe, 0x6d3e, 0x8000000000000009, 0x7, 0x8]}, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) (async) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x6, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) (async) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) (async) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x2, 0x0) (async) unshare$auto(0x40000080) (async) socket(0xa, 0x1, 0x100) (async) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/fib_trie\x00', 0x0, 0x0) (async) socket(0xa, 0x3, 0x3b) 2.657233214s ago: executing program 1 (id=652): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x7f, 0x0) r1 = gettid() kill$auto(r1, 0x1f) 1.719475534s ago: executing program 3 (id=653): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x29d3e6c4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x1, &(0x7f0000000100)={&(0x7f0000000780)="4c0300000000000000a3677337f9ecba075f6bba44", 0xfffffffffffffff7}, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100) pivot_root$auto(0x0, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/afs/addr_prefs\x00', 0x441, 0x0) write$auto(r2, &(0x7f0000000300)='/ ys -ernel/tracing/set_event_notrace_p}d\xde\xc7\xbd8\xbe\xd7\xdeN\x86\xcf\x1d\rD!U\xb4\xe4+\v\xc3\x06$\xe1\x0eA\xf3ua\x8fT\xd9J\xfd\x02\x00\x00\x00\x00\x00\x00\x00\xbf\x9f\xb0e\xfex,c-\xdf\a\x9e\x9bX\x13n\xdf\xc8\x94%\x7fp\xe0\xa0x\x1f\x17\xea\xc3\xbf\xb2(}\x7f\xd3\xf6\xc5\x9bj\xcf~\x7f)\xd2\x7f\tN\xa9m\xe8\xdc\xb1\xe3\xf3L\xad\xdd%(0c\x9d\x13\xc7\x0elZ\x87K\x14_\xbau\x88\x9f\xe2\x04\x16\xec\xfa\xad\xe0\x87G[N\xf1\xb5\xc0\xab\x00\x00\x00\x00\x00\x00\x00\x04+\xc1\xd3m\xb8\xe5\a\x92\xc2\xd4\xcc\x91\x90\x05$G\x9a\x9b\xe1I\xa9/(\xd3\xa1\\8\x1afmY\xd6m\x931\xe6\xbd\xfb\xd6\x91\xbb\xef\xa1\x03\xd8j\x06ngka\xd1\xf1\xfd\xaeX)w\x1e4\x91\xc9\xce4\x97\x00', 0x40) open(0x0, 0x7ffd, 0x12) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) r3 = socket(0x2, 0x2, 0x1) getsockopt$auto(r3, 0x1, 0x4, &(0x7f0000000040)='/dev/cec27\x00', 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x20000, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r4, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x3}) ioctl$auto_USB_RAW_IOCTL_RUN(r4, 0x5501, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000080), 0x90442, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/keys\x00', 0x8af00, 0x0) mmap$auto(0x0, 0x20009, 0x2000000000000a4a, 0xeb0, 0x401, 0x40) write$auto_dev_fops_plock(r1, &(0x7f0000000400)="adbd305be550737b1bc1298e5bd093c0c4f737d87c925b3848c995d3bb03f8a967716ad0ff360ff24b46ac7ece549c101b34e06c77033b86e429a885d799cb473cbf2a0c9d901cd041a146ea7c83a82be956a081b25201a8dec7dc263693f3fa107183db13b4b082326d3a750102735f8b4352eed79dbb4e229cdf76f0bdbbdd72de0a44ab5f", 0x86) r6 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r6, 0x10f, 0x81, 0x0, 0x14) pread64$auto(r5, 0x0, 0x8100000041, 0x413e) 827.882977ms ago: executing program 1 (id=654): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/shmem_fallback\x00', 0x30004, 0x0) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) (async) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) (async) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x23c802, 0x0) (async, rerun: 64) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async, rerun: 64) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/amidi2\x00', 0x8080, 0x0) prctl$auto(0xdd7e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000480)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) mmap$auto(0x3004, 0x2020009, 0x7fffffff, 0x1a, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r2, 0x0, 0xfff) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'}) (async) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/psaux\x00', 0x800, 0x0) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(0xffffffffffffffff, 0x0, 0x2fb) unshare$auto(0x40000080) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x9) (async) remap_file_pages$auto(0x8, 0xda, 0x5, 0x4, 0x4) mmap$auto(0x0, 0x6, 0x4000000000df, 0xeb1, 0x401, 0x20000008000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xfff, 0x8000000008012, 0x3, 0x8000) (async, rerun: 32) bind$auto(0x3, 0x0, 0x6a) (async, rerun: 32) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x1f40) 525.844399ms ago: executing program 1 (id=655): close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x3, 0xb) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x80, 0x0, 0x0) io_uring_setup$auto(0x401, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0xf, 0x0, 0x6) sendmmsg$auto(r0, 0x0, 0x4, 0x100) sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x48, 0x0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x9111}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x6}, @NL802154_ATTR_BEACON_INTERVAL={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x7}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x4c804}, 0x40) socket(0x2b, 0x1, 0x0) 319.551395ms ago: executing program 3 (id=656): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) fcntl$auto(0xffffffffffffffff, 0x7, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop12\x00', 0x64742, 0x0) fcntl$auto_F_SET_RW_HINT(r1, 0x40c, 0x0) ioperm$auto(0x7, 0x5ad2, 0x8) sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010326bd7000ffdbdf252d"], 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 89.228525ms ago: executing program 3 (id=657): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, 0x0, 0x81) r1 = gettid() kill$auto(r1, 0x11) 15.35127ms ago: executing program 1 (id=658): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0xffffffffffffffff, 0x7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8) read$auto(r1, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000040)={0x0, 0x8}, 0x40000000003) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x801, 0x84) socket(0x23, 0x5, 0x2) setsockopt$auto(0x1, 0x1, 0xa, &(0x7f0000000000)='\xe1', 0xbb) ioctl$auto(0x1, 0x541b, 0x8) socket(0x15, 0x800, 0x81) prctl$auto_PR_SET_MM_START_STACK(0x5, 0x5, 0xffffffffffffffff, 0x2, 0x2) open(0x0, 0x161342, 0x100) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) prctl$auto(0x10000000024, 0x2, 0x2008, 0x4000000c, 0x80001) madvise$auto(0x0, 0xf663, 0x15) 0s ago: executing program 3 (id=659): mmap$auto(0x0, 0x200004, 0x4000000010e3, 0x40eb2, 0xd, 0x7) r0 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x800) (async) timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x800) mmap$auto(0x80000000, 0x4, 0xfffffffffffffff0, 0xffffffffffffffff, r0, 0x1) r1 = getpgrp(0x0) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003ec, 0x14) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsopen$auto(0x0, 0x1) (async) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptyu9\x00', 0x400, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'dvmrp1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="28010000", @ANYRES16=r5, @ANYBLOB="080028bd7000fedbdf2505000000c700038039e3557b50e574143ad978f4e002367e69668b90033566b6bab6ef76b516596f41f0ea29ab0e693e990f35c7215949d7aca356245716be5ea0d8b1585351747d1e6fa51f0bf3419fff05602597dc53ed36328deedb689f1f735eec4c33747539f80ef5d0fe0979ced9b2469391c3f7f8b76138a7dfaa496e0a9409b524cc1aa3f0debedc8daa70661758af63b67e2db71d8906472fcdc28598d125bf77f265975463e76d19eac4497284ca89caaca004ed307daef3f823102d35462244ac294c047ccb0008000900fffeffff04000380050007000800000008000500ff0700000800050001000000280001801400020070696d72656731000000000000000000080003000000000008000100", @ANYRES32=r6, @ANYBLOB], 0x128}, 0x1, 0x0, 0x0, 0x1}, 0x8000) (async) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="28010000", @ANYRES16=r5, @ANYBLOB="080028bd7000fedbdf2505000000c700038039e3557b50e574143ad978f4e002367e69668b90033566b6bab6ef76b516596f41f0ea29ab0e693e990f35c7215949d7aca356245716be5ea0d8b1585351747d1e6fa51f0bf3419fff05602597dc53ed36328deedb689f1f735eec4c33747539f80ef5d0fe0979ced9b2469391c3f7f8b76138a7dfaa496e0a9409b524cc1aa3f0debedc8daa70661758af63b67e2db71d8906472fcdc28598d125bf77f265975463e76d19eac4497284ca89caaca004ed307daef3f823102d35462244ac294c047ccb0008000900fffeffff04000380050007000800000008000500ff0700000800050001000000280001801400020070696d72656731000000000000000000080003000000000008000100", @ANYRES32=r6, @ANYBLOB], 0x128}, 0x1, 0x0, 0x0, 0x1}, 0x8000) ptrace$auto(0x8, r1, 0x8, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(r4, 0x0, 0x8800) (async) sendmsg$auto_NL80211_CMD_GET_REG(r4, 0x0, 0x8800) ptrace$auto(0x10001, r1, 0x4, 0x40c) (async) ptrace$auto(0x10001, r1, 0x4, 0x40c) r7 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000400), r3) sendmsg$auto_OVS_DP_CMD_SET(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10040}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="100028bd7000ffdb8f1c04000000080009006cb3bce9011385ad05e79cfc4f15d4bb6f55f52e288af8436ed23fb630fb", @ANYRES32=r6, @ANYBLOB="08000200", @ANYRES32=r1, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x91}, 0x0) (async) sendmsg$auto_OVS_DP_CMD_SET(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10040}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="100028bd7000ffdb8f1c04000000080009006cb3bce9011385ad05e79cfc4f15d4bb6f55f52e288af8436ed23fb630fb", @ANYRES32=r6, @ANYBLOB="08000200", @ANYRES32=r1, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x91}, 0x0) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x101102, 0x0) (async) r8 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x101102, 0x0) write$auto_proc_pid_attr_operations_base(r8, 0x0, 0x0) read$auto_proc_pid_smaps_operations_internal(r0, &(0x7f00000002c0)=""/190, 0xfffffe39) kernel console output (not intermixed with test programs): 3] ? alloc_fd+0x471/0x7d0 [ 115.352740][ T5993] do_sys_openat2+0x11b/0x1d0 [ 115.352773][ T5993] ? __pfx_do_sys_openat2+0x10/0x10 [ 115.352823][ T5993] __x64_sys_openat+0x174/0x210 [ 115.352856][ T5993] ? __pfx___x64_sys_openat+0x10/0x10 [ 115.352908][ T5993] do_syscall_64+0xcd/0x490 [ 115.352954][ T5993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.352989][ T5993] RIP: 0033:0x7f6638f8e9a9 [ 115.353023][ T5993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.353055][ T5993] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 115.353088][ T5993] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 115.353109][ T5993] RDX: 0000000000101901 RSI: 0000200000002c00 RDI: ffffffffffffff9c [ 115.353131][ T5993] RBP: 00007f6639010d69 R08: 0000000000000000 R09: 0000000000000000 [ 115.353152][ T5993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.353172][ T5993] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 115.353222][ T5993] [ 116.626856][ T5851] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 117.371447][ T6007] syz.0.16 uses obsolete (PF_INET,SOCK_PACKET) [ 117.572796][ T5851] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 117.780647][ T6015] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 119.579020][ T6053] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 120.191489][ T6055] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 120.800667][ T6074] __vm_enough_memory: pid: 6074, comm: syz.0.28, bytes: 4398046511104 not enough memory for the allocation [ 121.379207][ T5851] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 122.836141][ T6106] netlink: 334 bytes leftover after parsing attributes in process `syz.2.35'. [ 123.345829][ T6116] FAULT_INJECTION: forcing a failure. [ 123.345829][ T6116] name failslab, interval 1, probability 0, space 0, times 0 [ 123.381377][ T6116] CPU: 0 UID: 0 PID: 6116 Comm: syz.3.38 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 123.381424][ T6116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 123.381444][ T6116] Call Trace: [ 123.381454][ T6116] [ 123.381466][ T6116] dump_stack_lvl+0x16c/0x1f0 [ 123.381513][ T6116] should_fail_ex+0x512/0x640 [ 123.381548][ T6116] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 123.381594][ T6116] should_failslab+0xc2/0x120 [ 123.381645][ T6116] __kmalloc_cache_noprof+0x6a/0x3e0 [ 123.381686][ T6116] ? fib6_net_init+0x3f9/0xb20 [ 123.381741][ T6116] fib6_net_init+0x3f9/0xb20 [ 123.381803][ T6116] ? __pfx_fib6_net_init+0x10/0x10 [ 123.381852][ T6116] ops_init+0x1e2/0x5f0 [ 123.381901][ T6116] setup_net+0x10f/0x380 [ 123.381940][ T6116] ? lockdep_init_map_type+0x5c/0x280 [ 123.381989][ T6116] ? __pfx_setup_net+0x10/0x10 [ 123.382035][ T6116] ? debug_mutex_init+0x37/0x70 [ 123.382072][ T6116] copy_net_ns+0x2a6/0x5f0 [ 123.382123][ T6116] create_new_namespaces+0x3ea/0xa90 [ 123.382171][ T6116] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 123.382214][ T6116] ksys_unshare+0x45b/0xa40 [ 123.382260][ T6116] ? __pfx_ksys_unshare+0x10/0x10 [ 123.382313][ T6116] ? xfd_validate_state+0x61/0x180 [ 123.382376][ T6116] __x64_sys_unshare+0x31/0x40 [ 123.382422][ T6116] do_syscall_64+0xcd/0x490 [ 123.382468][ T6116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.382501][ T6116] RIP: 0033:0x7f0369d8e9a9 [ 123.382528][ T6116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.382566][ T6116] RSP: 002b:00007f036ab98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 123.382597][ T6116] RAX: ffffffffffffffda RBX: 00007f0369fb5fa0 RCX: 00007f0369d8e9a9 [ 123.382619][ T6116] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 123.382639][ T6116] RBP: 00007f0369e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 123.382660][ T6116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.382679][ T6116] R13: 0000000000000000 R14: 00007f0369fb5fa0 R15: 00007ffe36453098 [ 123.382723][ T6116] [ 123.455014][ T6122] __vm_enough_memory: pid: 6122, comm: syz.2.40, bytes: 4398046511104 not enough memory for the allocation [ 123.564097][ C1] vkms_vblank_simulate: vblank timer overrun [ 123.919268][ T6121] syz.3.38 (6121) used greatest stack depth: 19752 bytes left [ 125.554040][ T6147] zswap: compressor not available [ 126.575145][ T6172] netlink: 330 bytes leftover after parsing attributes in process `syz.2.51'. [ 126.690356][ T6172] Zero length message leads to an empty skb [ 127.702747][ T6189] FAULT_INJECTION: forcing a failure. [ 127.702747][ T6189] name failslab, interval 1, probability 0, space 0, times 0 [ 127.717208][ T6189] CPU: 1 UID: 0 PID: 6189 Comm: syz.0.55 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 127.717253][ T6189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 127.717271][ T6189] Call Trace: [ 127.717282][ T6189] [ 127.717294][ T6189] dump_stack_lvl+0x16c/0x1f0 [ 127.717339][ T6189] should_fail_ex+0x512/0x640 [ 127.717379][ T6189] should_failslab+0xc2/0x120 [ 127.717430][ T6189] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 127.717477][ T6189] ? skb_clone+0x190/0x3f0 [ 127.717523][ T6189] skb_clone+0x190/0x3f0 [ 127.717566][ T6189] netlink_deliver_tap+0xabd/0xd30 [ 127.717615][ T6189] netlink_unicast+0x64c/0x870 [ 127.717663][ T6189] ? __pfx_netlink_unicast+0x10/0x10 [ 127.717722][ T6189] netlink_sendmsg+0x8d1/0xdd0 [ 127.717773][ T6189] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.717831][ T6189] __sys_sendto+0x4a0/0x520 [ 127.717868][ T6189] ? __pfx___sys_sendto+0x10/0x10 [ 127.717939][ T6189] ? ksys_write+0x1ac/0x250 [ 127.717981][ T6189] ? __pfx_ksys_write+0x10/0x10 [ 127.718038][ T6189] __x64_sys_sendto+0xe0/0x1c0 [ 127.718072][ T6189] ? do_syscall_64+0x91/0x490 [ 127.718112][ T6189] ? lockdep_hardirqs_on+0x7c/0x110 [ 127.718149][ T6189] do_syscall_64+0xcd/0x490 [ 127.718192][ T6189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.718224][ T6189] RIP: 0033:0x7fd857d9083c [ 127.718250][ T6189] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 127.718280][ T6189] RSP: 002b:00007fd858b45ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 127.718310][ T6189] RAX: ffffffffffffffda RBX: 00007fd858b45fc0 RCX: 00007fd857d9083c [ 127.718331][ T6189] RDX: 000000000000001c RSI: 00007fd858b46010 RDI: 0000000000000002 [ 127.718350][ T6189] RBP: 0000000000000000 R08: 00007fd858b45f14 R09: 000000000000000c [ 127.718369][ T6189] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 127.718388][ T6189] R13: 00007fd858b45f68 R14: 00007fd858b46010 R15: 0000000000000000 [ 127.718429][ T6189] [ 135.102014][ T6263] netlink: 146 bytes leftover after parsing attributes in process `syz.3.72'. [ 135.112960][ T6264] netlink: 146 bytes leftover after parsing attributes in process `syz.3.72'. [ 137.221733][ T6311] random: crng reseeded on system resumption [ 137.583202][ T6307] FAULT_INJECTION: forcing a failure. [ 137.583202][ T6307] name failslab, interval 1, probability 0, space 0, times 0 [ 137.777538][ T6307] CPU: 0 UID: 0 PID: 6307 Comm: syz.2.81 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 137.777580][ T6307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 137.777597][ T6307] Call Trace: [ 137.777607][ T6307] [ 137.777618][ T6307] dump_stack_lvl+0x16c/0x1f0 [ 137.777659][ T6307] should_fail_ex+0x512/0x640 [ 137.777689][ T6307] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 137.777730][ T6307] should_failslab+0xc2/0x120 [ 137.777779][ T6307] __kmalloc_cache_noprof+0x6a/0x3e0 [ 137.777818][ T6307] ? can_pernet_init+0xb7/0x370 [ 137.777857][ T6307] ? __pfx_can_pernet_init+0x10/0x10 [ 137.777908][ T6307] can_pernet_init+0xb7/0x370 [ 137.777946][ T6307] ? __pfx_can_pernet_init+0x10/0x10 [ 137.777981][ T6307] ops_init+0x1e2/0x5f0 [ 137.778029][ T6307] setup_net+0x10f/0x380 [ 137.778069][ T6307] ? lockdep_init_map_type+0x5c/0x280 [ 137.778117][ T6307] ? __pfx_setup_net+0x10/0x10 [ 137.778163][ T6307] ? debug_mutex_init+0x37/0x70 [ 137.778201][ T6307] copy_net_ns+0x2a6/0x5f0 [ 137.778253][ T6307] create_new_namespaces+0x3ea/0xa90 [ 137.778300][ T6307] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 137.778342][ T6307] ksys_unshare+0x45b/0xa40 [ 137.778387][ T6307] ? __pfx_ksys_unshare+0x10/0x10 [ 137.778434][ T6307] ? syscall_user_dispatch+0x78/0x140 [ 137.778498][ T6307] __x64_sys_unshare+0x31/0x40 [ 137.778541][ T6307] do_syscall_64+0xcd/0x490 [ 137.778587][ T6307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.778622][ T6307] RIP: 0033:0x7f6638f8e9a9 [ 137.778648][ T6307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.778679][ T6307] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 137.778709][ T6307] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 137.778729][ T6307] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 137.778749][ T6307] RBP: 00007f6639010d69 R08: 0000000000000000 R09: 0000000000000000 [ 137.778769][ T6307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.778789][ T6307] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 137.778831][ T6307] [ 139.195064][ T6318] tty tty23: ldisc open failed (-12), clearing slot 22 [ 139.257229][ T6316] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 141.431842][ T6359] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 141.604302][ T6365] netlink: 12 bytes leftover after parsing attributes in process `syz.3.94'. [ 142.896621][ T6382] FAULT_INJECTION: forcing a failure. [ 142.896621][ T6382] name failslab, interval 1, probability 0, space 0, times 0 [ 143.022187][ T6382] CPU: 0 UID: 0 PID: 6382 Comm: syz.1.97 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 143.022232][ T6382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 143.022251][ T6382] Call Trace: [ 143.022261][ T6382] [ 143.022272][ T6382] dump_stack_lvl+0x16c/0x1f0 [ 143.022316][ T6382] should_fail_ex+0x512/0x640 [ 143.022346][ T6382] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 143.022385][ T6382] should_failslab+0xc2/0x120 [ 143.022434][ T6382] __kmalloc_cache_noprof+0x6a/0x3e0 [ 143.022470][ T6382] ? rcu_is_watching+0x12/0xc0 [ 143.022501][ T6382] ? call_usermodehelper_setup+0xaf/0x360 [ 143.022535][ T6382] ? __pfx_free_modprobe_argv+0x10/0x10 [ 143.022584][ T6382] call_usermodehelper_setup+0xaf/0x360 [ 143.022621][ T6382] __request_module+0x3bd/0x690 [ 143.022670][ T6382] ? __pfx___request_module+0x10/0x10 [ 143.022726][ T6382] ? __mutex_unlock_slowpath+0x163/0x800 [ 143.022775][ T6382] ? __up_read+0x1f8/0x750 [ 143.022822][ T6382] ? __pfx___up_read+0x10/0x10 [ 143.022870][ T6382] ? ctrl_getfamily+0x1cb/0x540 [ 143.022927][ T6382] ctrl_getfamily+0x1e9/0x540 [ 143.022974][ T6382] ? __pfx_ctrl_getfamily+0x10/0x10 [ 143.023025][ T6382] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 143.023076][ T6382] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 143.023135][ T6382] genl_family_rcv_msg_doit+0x206/0x2f0 [ 143.023187][ T6382] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 143.023235][ T6382] ? genl_get_cmd+0x194/0x580 [ 143.023293][ T6382] ? __radix_tree_lookup+0x21f/0x2c0 [ 143.023341][ T6382] genl_rcv_msg+0x55c/0x800 [ 143.023393][ T6382] ? __pfx_genl_rcv_msg+0x10/0x10 [ 143.023442][ T6382] ? __pfx_ctrl_getfamily+0x10/0x10 [ 143.023505][ T6382] netlink_rcv_skb+0x155/0x420 [ 143.023547][ T6382] ? __pfx_genl_rcv_msg+0x10/0x10 [ 143.023597][ T6382] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 143.023654][ T6382] ? netlink_deliver_tap+0x1ae/0xd30 [ 143.023706][ T6382] genl_rcv+0x28/0x40 [ 143.023748][ T6382] netlink_unicast+0x5aa/0x870 [ 143.023797][ T6382] ? __pfx_netlink_unicast+0x10/0x10 [ 143.023855][ T6382] netlink_sendmsg+0x8d1/0xdd0 [ 143.023904][ T6382] ? __pfx_netlink_sendmsg+0x10/0x10 [ 143.023960][ T6382] __sys_sendto+0x4a0/0x520 [ 143.023998][ T6382] ? __pfx___sys_sendto+0x10/0x10 [ 143.024069][ T6382] ? ksys_write+0x1ac/0x250 [ 143.024109][ T6382] ? __pfx_ksys_write+0x10/0x10 [ 143.024155][ T6382] __x64_sys_sendto+0xe0/0x1c0 [ 143.024188][ T6382] ? do_syscall_64+0x91/0x490 [ 143.024226][ T6382] ? lockdep_hardirqs_on+0x7c/0x110 [ 143.024280][ T6382] do_syscall_64+0xcd/0x490 [ 143.024322][ T6382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.024354][ T6382] RIP: 0033:0x7f8d7f19083c [ 143.024380][ T6382] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 143.024410][ T6382] RSP: 002b:00007f8d7ffc1ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 143.024441][ T6382] RAX: ffffffffffffffda RBX: 00007f8d7ffc1fc0 RCX: 00007f8d7f19083c [ 143.024483][ T6382] RDX: 000000000000001c RSI: 00007f8d7ffc2010 RDI: 0000000000000002 [ 143.024503][ T6382] RBP: 0000000000000000 R08: 00007f8d7ffc1f14 R09: 000000000000000c [ 143.024522][ T6382] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 143.024541][ T6382] R13: 00007f8d7ffc1f68 R14: 00007f8d7ffc2010 R15: 0000000000000000 [ 143.024583][ T6382] [ 143.380106][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.403771][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.157827][ T6392] device-mapper: ioctl: Invalid ioctl structure: name , dev b00010007 [ 145.842573][ T6409] netlink: 330 bytes leftover after parsing attributes in process `syz.1.104'. [ 148.261999][ T6427] vivid-009: ================= START STATUS ================= [ 148.308679][ T6427] vivid-009: Enable Output Cropping: true [ 148.357773][ T6427] vivid-009: Enable Output Composing: true [ 148.423397][ T6427] vivid-009: Enable Output Scaler: true [ 148.458855][ T6427] vivid-009: Tx RGB Quantization Range: Automatic [ 148.561779][ T5851] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 148.671379][ T6427] vivid-009: Transmit Mode: HDMI [ 148.676516][ T6427] vivid-009: Hotplug Present: 0x00000000 [ 148.703280][ T6427] vivid-009: RxSense Present: 0x00000000 [ 148.841471][ T6427] vivid-009: EDID Present: 0x00000000 [ 148.854620][ T6427] vivid-009: ================== END STATUS ================== [ 150.626179][ T6477] netlink: 334 bytes leftover after parsing attributes in process `syz.2.122'. [ 152.448505][ T5851] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 154.651801][ T6535] FAULT_INJECTION: forcing a failure. [ 154.651801][ T6535] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 154.781790][ T6535] CPU: 0 UID: 0 PID: 6535 Comm: syz.2.138 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 154.781841][ T6535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 154.781871][ T6535] Call Trace: [ 154.781882][ T6535] [ 154.781895][ T6535] dump_stack_lvl+0x16c/0x1f0 [ 154.781944][ T6535] should_fail_ex+0x512/0x640 [ 154.781986][ T6535] should_fail_alloc_page+0xe7/0x130 [ 154.782042][ T6535] prepare_alloc_pages+0x3c2/0x610 [ 154.782084][ T6535] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 154.782137][ T6535] ? __pfx_stack_trace_save+0x10/0x10 [ 154.782175][ T6535] ? stack_depot_save_flags+0x28/0xa40 [ 154.782215][ T6535] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 154.782267][ T6535] ? kasan_save_stack+0x42/0x60 [ 154.782310][ T6535] ? kasan_save_stack+0x33/0x60 [ 154.782354][ T6535] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 154.782400][ T6535] ? __pmd_alloc+0xbf/0x930 [ 154.782431][ T6535] ? handle_mm_fault+0x589/0xd10 [ 154.782469][ T6535] ? populate_vma_page_range+0x278/0x3a0 [ 154.782505][ T6535] ? __mm_populate+0x1d8/0x380 [ 154.782537][ T6535] ? vm_mmap_pgoff+0x362/0x450 [ 154.782585][ T6535] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 154.782614][ T6535] ? __x64_sys_mmap+0x125/0x190 [ 154.782664][ T6535] ? do_syscall_64+0xcd/0x490 [ 154.782704][ T6535] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.782756][ T6535] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 154.782822][ T6535] ? policy_nodemask+0xea/0x4e0 [ 154.782878][ T6535] alloc_pages_mpol+0x1fb/0x550 [ 154.782933][ T6535] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 154.782983][ T6535] ? css_rstat_updated+0x9d/0xd30 [ 154.783031][ T6535] alloc_pages_noprof+0x131/0x390 [ 154.783085][ T6535] pte_alloc_one+0x1c/0x3a0 [ 154.783120][ T6535] __pte_alloc+0x6d/0x3c0 [ 154.783171][ T6535] ? __pfx___pte_alloc+0x10/0x10 [ 154.783224][ T6535] ? _raw_spin_unlock+0x28/0x50 [ 154.783257][ T6535] ? __pmd_alloc+0x3fb/0x930 [ 154.783315][ T6535] __handle_mm_fault+0x4262/0x5390 [ 154.783373][ T6535] ? __pfx___handle_mm_fault+0x10/0x10 [ 154.783453][ T6535] handle_mm_fault+0x589/0xd10 [ 154.783503][ T6535] __get_user_pages+0x589/0x3b80 [ 154.783550][ T6535] ? __pfx_mt_find+0x10/0x10 [ 154.783607][ T6535] ? __pfx___get_user_pages+0x10/0x10 [ 154.783657][ T6535] populate_vma_page_range+0x278/0x3a0 [ 154.783699][ T6535] ? __pfx_populate_vma_page_range+0x10/0x10 [ 154.783736][ T6535] ? __pfx_find_vma_intersection+0x10/0x10 [ 154.783779][ T6535] ? do_mmap+0x69c/0x1210 [ 154.783818][ T6535] __mm_populate+0x1d8/0x380 [ 154.783856][ T6535] ? __pfx___mm_populate+0x10/0x10 [ 154.783897][ T6535] ? up_write+0x1b2/0x520 [ 154.783951][ T6535] vm_mmap_pgoff+0x362/0x450 [ 154.784010][ T6535] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 154.784073][ T6535] ? __x64_sys_futex+0x1e0/0x4c0 [ 154.784114][ T6535] ? __x64_sys_futex+0x1e9/0x4c0 [ 154.784163][ T6535] ksys_mmap_pgoff+0x7d/0x5c0 [ 154.784195][ T6535] ? xfd_validate_state+0x61/0x180 [ 154.784242][ T6535] ? __pfx_ksys_write+0x10/0x10 [ 154.784292][ T6535] __x64_sys_mmap+0x125/0x190 [ 154.784350][ T6535] do_syscall_64+0xcd/0x490 [ 154.784396][ T6535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.784431][ T6535] RIP: 0033:0x7f6638f8e9a9 [ 154.784458][ T6535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.784491][ T6535] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 154.784524][ T6535] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 154.784546][ T6535] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 154.784566][ T6535] RBP: 00007f6639010d69 R08: 0000000000000002 R09: 0000000000008000 [ 154.784586][ T6535] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 154.784606][ T6535] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 154.784649][ T6535] [ 155.170391][ C0] vkms_vblank_simulate: vblank timer overrun [ 155.940876][ T6543] FAULT_INJECTION: forcing a failure. [ 155.940876][ T6543] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 155.989869][ T6543] CPU: 0 UID: 0 PID: 6543 Comm: syz.3.140 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 155.989915][ T6543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 155.989933][ T6543] Call Trace: [ 155.989943][ T6543] [ 155.989955][ T6543] dump_stack_lvl+0x16c/0x1f0 [ 155.990001][ T6543] should_fail_ex+0x512/0x640 [ 155.990041][ T6543] _copy_to_iter+0x29f/0x16f0 [ 155.990084][ T6543] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 155.990122][ T6543] ? kasan_quarantine_put+0x10a/0x240 [ 155.990166][ T6543] ? __pfx__copy_to_iter+0x10/0x10 [ 155.990209][ T6543] ? __skb_recv_datagram+0x1b2/0x220 [ 155.990247][ T6543] ? __pfx___skb_recv_datagram+0x10/0x10 [ 155.990285][ T6543] simple_copy_to_iter+0x46/0x90 [ 155.990317][ T6543] __skb_datagram_iter+0x129/0x900 [ 155.990348][ T6543] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 155.990384][ T6543] ? skb_recv_datagram+0x88/0xc0 [ 155.990424][ T6543] skb_copy_datagram_iter+0x40/0x50 [ 155.990459][ T6543] netlink_recvmsg+0x27e/0xa90 [ 155.990502][ T6543] ? __pfx_netlink_recvmsg+0x10/0x10 [ 155.990560][ T6543] sock_recvmsg+0x1f9/0x250 [ 155.990619][ T6543] __sys_recvfrom+0x203/0x310 [ 155.990658][ T6543] ? __pfx___sys_recvfrom+0x10/0x10 [ 155.990732][ T6543] ? xfd_validate_state+0x61/0x180 [ 155.990779][ T6543] ? __pfx_ksys_write+0x10/0x10 [ 155.990827][ T6543] __x64_sys_recvfrom+0xe0/0x1c0 [ 155.990863][ T6543] ? do_syscall_64+0x91/0x490 [ 155.990909][ T6543] ? lockdep_hardirqs_on+0x7c/0x110 [ 155.990946][ T6543] do_syscall_64+0xcd/0x490 [ 155.990990][ T6543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.991023][ T6543] RIP: 0033:0x7f0369d90774 [ 155.991048][ T6543] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04 [ 155.991079][ T6543] RSP: 002b:00007f036ab96ed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 155.991108][ T6543] RAX: ffffffffffffffda RBX: 00007f036ab96fc0 RCX: 00007f0369d90774 [ 155.991129][ T6543] RDX: 0000000000001000 RSI: 00007f036ab97010 RDI: 0000000000000002 [ 155.991148][ T6543] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 155.991167][ T6543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 155.991185][ T6543] R13: 00007f036ab96f68 R14: 00007f036ab97010 R15: 0000000000000000 [ 155.991224][ T6543] [ 156.222638][ C0] vkms_vblank_simulate: vblank timer overrun [ 156.887185][ T5851] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 158.530144][ T6572] can: request_module (can-proto-0) failed. [ 161.158864][ T5851] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 164.050751][ T6623] ubi0: attaching mtd0 [ 164.160713][ T6626] netlink: 334 bytes leftover after parsing attributes in process `syz.3.162'. [ 164.216663][ T6623] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 164.636774][ T6634] vhci_hcd: invalid port number 16 [ 167.272544][ T6656] FAULT_INJECTION: forcing a failure. [ 167.272544][ T6656] name failslab, interval 1, probability 0, space 0, times 0 [ 167.425710][ T6656] CPU: 0 UID: 0 PID: 6656 Comm: syz.2.168 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 167.425761][ T6656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 167.425782][ T6656] Call Trace: [ 167.425794][ T6656] [ 167.425806][ T6656] dump_stack_lvl+0x16c/0x1f0 [ 167.425855][ T6656] should_fail_ex+0x512/0x640 [ 167.425890][ T6656] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 167.425943][ T6656] should_failslab+0xc2/0x120 [ 167.425994][ T6656] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 167.426043][ T6656] ? alloc_inode+0xc3/0x240 [ 167.426101][ T6656] alloc_inode+0xc3/0x240 [ 167.426154][ T6656] path_from_stashed+0x25b/0x750 [ 167.426198][ T6656] ? do_raw_spin_unlock+0x172/0x230 [ 167.426258][ T6656] ns_get_path+0x5f/0x80 [ 167.426298][ T6656] proc_ns_get_link+0x121/0x230 [ 167.426344][ T6656] ? __pfx_proc_ns_get_link+0x10/0x10 [ 167.426394][ T6656] ? atime_needs_update+0x8b/0x710 [ 167.426429][ T6656] ? __pfx_proc_ns_get_link+0x10/0x10 [ 167.426486][ T6656] step_into+0x1a2c/0x2270 [ 167.426534][ T6656] ? __pfx_step_into+0x10/0x10 [ 167.426571][ T6656] ? find_held_lock+0x2b/0x80 [ 167.426617][ T6656] path_openat+0x6db/0x2cb0 [ 167.426676][ T6656] ? __pfx_path_openat+0x10/0x10 [ 167.426723][ T6656] ? __lock_acquire+0xb8a/0x1c90 [ 167.426772][ T6656] do_filp_open+0x20b/0x470 [ 167.426818][ T6656] ? __pfx_do_filp_open+0x10/0x10 [ 167.426894][ T6656] ? alloc_fd+0x471/0x7d0 [ 167.426946][ T6656] do_sys_openat2+0x11b/0x1d0 [ 167.426980][ T6656] ? __pfx_do_sys_openat2+0x10/0x10 [ 167.427030][ T6656] __x64_sys_openat+0x174/0x210 [ 167.427064][ T6656] ? __pfx___x64_sys_openat+0x10/0x10 [ 167.427116][ T6656] do_syscall_64+0xcd/0x490 [ 167.427162][ T6656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.427196][ T6656] RIP: 0033:0x7f6638f8d310 [ 167.427222][ T6656] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 167.427254][ T6656] RSP: 002b:00007f6639d6cf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 167.427285][ T6656] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6638f8d310 [ 167.427307][ T6656] RDX: 0000000000000002 RSI: 00007f6639d6cfa0 RDI: 00000000ffffff9c [ 167.427328][ T6656] RBP: 00007f6639d6cfa0 R08: 0000000000000000 R09: 0000000000000000 [ 167.427348][ T6656] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 167.427368][ T6656] R13: 0000000000000000 R14: 00007f66391b6080 R15: 00007fffce862cd8 [ 167.427410][ T6656] [ 172.830194][ T6731] can: request_module (can-proto-0) failed. [ 174.071408][ T31] audit: type=1800 audit(6048916741.171:2): pid=6759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.194" name="dbroot" dev="configfs" ino=11322 res=0 errno=0 [ 174.903395][ T6763] FAULT_INJECTION: forcing a failure. [ 174.903395][ T6763] name failslab, interval 1, probability 0, space 0, times 0 [ 174.936391][ T6763] CPU: 0 UID: 0 PID: 6763 Comm: syz.1.195 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 174.936429][ T6763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 174.936443][ T6763] Call Trace: [ 174.936451][ T6763] [ 174.936460][ T6763] dump_stack_lvl+0x16c/0x1f0 [ 174.936498][ T6763] should_fail_ex+0x512/0x640 [ 174.936527][ T6763] ? fs_reclaim_acquire+0xae/0x150 [ 174.936558][ T6763] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 174.936595][ T6763] should_failslab+0xc2/0x120 [ 174.936635][ T6763] __kmalloc_noprof+0xd2/0x510 [ 174.936680][ T6763] tomoyo_realpath_from_path+0xc2/0x6e0 [ 174.936719][ T6763] ? tomoyo_profile+0x47/0x60 [ 174.936761][ T6763] tomoyo_path_number_perm+0x245/0x580 [ 174.936792][ T6763] ? tomoyo_path_number_perm+0x237/0x580 [ 174.936826][ T6763] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 174.936862][ T6763] ? find_held_lock+0x2b/0x80 [ 174.936931][ T6763] ? find_held_lock+0x2b/0x80 [ 174.936961][ T6763] ? hook_file_ioctl_common+0x145/0x410 [ 174.937003][ T6763] ? __fget_files+0x20e/0x3c0 [ 174.937060][ T6763] security_file_ioctl+0x9b/0x240 [ 174.937100][ T6763] __x64_sys_ioctl+0xb7/0x210 [ 174.937136][ T6763] do_syscall_64+0xcd/0x490 [ 174.937179][ T6763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.937211][ T6763] RIP: 0033:0x7f8d7f18e9a9 [ 174.937236][ T6763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.937265][ T6763] RSP: 002b:00007f8d7ffc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 174.937291][ T6763] RAX: ffffffffffffffda RBX: 00007f8d7f3b5fa0 RCX: 00007f8d7f18e9a9 [ 174.937312][ T6763] RDX: 0000000000000002 RSI: 000000000000540a RDI: 0000000000000002 [ 174.937331][ T6763] RBP: 00007f8d7ffc3090 R08: 0000000000000000 R09: 0000000000000000 [ 174.937350][ T6763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.937369][ T6763] R13: 0000000000000000 R14: 00007f8d7f3b5fa0 R15: 00007ffeebc05628 [ 174.937410][ T6763] [ 174.937422][ T6763] ERROR: Out of memory at tomoyo_realpath_from_path. [ 175.353224][ T2941] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.267579][ T6788] FAULT_INJECTION: forcing a failure. [ 176.267579][ T6788] name failslab, interval 1, probability 0, space 0, times 0 [ 176.291837][ T6788] CPU: 1 UID: 0 PID: 6788 Comm: syz.2.203 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 176.291887][ T6788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 176.291915][ T6788] Call Trace: [ 176.291925][ T6788] [ 176.291938][ T6788] dump_stack_lvl+0x16c/0x1f0 [ 176.291985][ T6788] should_fail_ex+0x512/0x640 [ 176.292020][ T6788] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 176.292077][ T6788] should_failslab+0xc2/0x120 [ 176.292128][ T6788] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 176.292181][ T6788] ? kstrdup_const+0x63/0x80 [ 176.292232][ T6788] kstrdup+0x53/0x100 [ 176.292280][ T6788] kstrdup_const+0x63/0x80 [ 176.292325][ T6788] __kernfs_new_node+0x9b/0x8e0 [ 176.292378][ T6788] ? __pfx___kernfs_new_node+0x10/0x10 [ 176.292437][ T6788] ? find_held_lock+0x2b/0x80 [ 176.292471][ T6788] ? kernfs_root+0xee/0x2a0 [ 176.292525][ T6788] kernfs_new_node+0x13c/0x1e0 [ 176.292579][ T6788] ? net_ns_get_ownership+0xf8/0x1b0 [ 176.292627][ T6788] kernfs_create_dir_ns+0x4c/0x1a0 [ 176.292687][ T6788] sysfs_create_dir_ns+0x13a/0x2b0 [ 176.292733][ T6788] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 176.292777][ T6788] ? find_held_lock+0x2b/0x80 [ 176.292812][ T6788] ? net_namespace+0x12/0x50 [ 176.292858][ T6788] ? device_namespace+0x76/0xa0 [ 176.292897][ T6788] kobject_add_internal+0x2c4/0x9b0 [ 176.292960][ T6788] kobject_add+0x16e/0x240 [ 176.293006][ T6788] ? __pfx_kobject_add+0x10/0x10 [ 176.293055][ T6788] ? get_device_parent+0x1c5/0x4e0 [ 176.293089][ T6788] ? kobject_put+0xab/0x5a0 [ 176.293145][ T6788] device_add+0x288/0x1a70 [ 176.293184][ T6788] ? __pfx_dev_set_name+0x10/0x10 [ 176.293228][ T6788] ? __pfx_device_add+0x10/0x10 [ 176.293266][ T6788] ? lockdep_init_map_type+0x5c/0x280 [ 176.293314][ T6788] ? __init_waitqueue_head+0xca/0x150 [ 176.293376][ T6788] netdev_register_kobject+0x1a9/0x3d0 [ 176.293432][ T6788] register_netdevice+0x13dc/0x2270 [ 176.293488][ T6788] ? __pfx_register_netdevice+0x10/0x10 [ 176.293545][ T6788] ? __pfx_loopback_net_init+0x10/0x10 [ 176.293589][ T6788] register_netdev+0x34/0x50 [ 176.293634][ T6788] loopback_net_init+0x7a/0x170 [ 176.293679][ T6788] ? __pfx_loopback_net_init+0x10/0x10 [ 176.293720][ T6788] ops_init+0x1e2/0x5f0 [ 176.293767][ T6788] setup_net+0x10f/0x380 [ 176.293807][ T6788] ? lockdep_init_map_type+0x5c/0x280 [ 176.293854][ T6788] ? __pfx_setup_net+0x10/0x10 [ 176.293898][ T6788] ? debug_mutex_init+0x37/0x70 [ 176.293943][ T6788] copy_net_ns+0x2a6/0x5f0 [ 176.293994][ T6788] create_new_namespaces+0x3ea/0xa90 [ 176.294041][ T6788] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 176.294083][ T6788] ksys_unshare+0x45b/0xa40 [ 176.294129][ T6788] ? __pfx_ksys_unshare+0x10/0x10 [ 176.294176][ T6788] ? xfd_validate_state+0x61/0x180 [ 176.294238][ T6788] __x64_sys_unshare+0x31/0x40 [ 176.294280][ T6788] do_syscall_64+0xcd/0x490 [ 176.294324][ T6788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.294358][ T6788] RIP: 0033:0x7f6638f8e9a9 [ 176.294395][ T6788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.294427][ T6788] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 176.294459][ T6788] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 176.294481][ T6788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 176.294501][ T6788] RBP: 00007f6639010d69 R08: 0000000000000000 R09: 0000000000000000 [ 176.294521][ T6788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 176.294540][ T6788] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 176.294583][ T6788] [ 176.295574][ T6788] kobject: kobject_add_internal failed for lo (error: -12 parent: net) [ 177.228836][ T6791] netlink: 146 bytes leftover after parsing attributes in process `syz.0.202'. [ 177.462445][ T6801] ptrace attach of "./syz-executor exec"[6804] was attempted by "./syz-executor exec"[6801] [ 179.220731][ T6828] FAULT_INJECTION: forcing a failure. [ 179.220731][ T6828] name failslab, interval 1, probability 0, space 0, times 0 [ 179.288878][ T6828] CPU: 1 UID: 0 PID: 6828 Comm: syz.2.215 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 179.288929][ T6828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 179.288950][ T6828] Call Trace: [ 179.288961][ T6828] [ 179.288973][ T6828] dump_stack_lvl+0x16c/0x1f0 [ 179.289022][ T6828] should_fail_ex+0x512/0x640 [ 179.289056][ T6828] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 179.289107][ T6828] should_failslab+0xc2/0x120 [ 179.289159][ T6828] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 179.289207][ T6828] ? __kernfs_new_node+0xd2/0x8e0 [ 179.289260][ T6828] __kernfs_new_node+0xd2/0x8e0 [ 179.289313][ T6828] ? __pfx___kernfs_new_node+0x10/0x10 [ 179.289372][ T6828] ? find_held_lock+0x2b/0x80 [ 179.289406][ T6828] ? kernfs_root+0xee/0x2a0 [ 179.289468][ T6828] kernfs_new_node+0x13c/0x1e0 [ 179.289530][ T6828] __kernfs_create_file+0x53/0x350 [ 179.289574][ T6828] sysfs_add_file_mode_ns+0x207/0x3c0 [ 179.289630][ T6828] internal_create_group+0x578/0xf30 [ 179.289689][ T6828] ? __pfx_internal_create_group+0x10/0x10 [ 179.289746][ T6828] ? kernfs_create_link+0x1bd/0x240 [ 179.289790][ T6828] internal_create_groups+0x9d/0x150 [ 179.289843][ T6828] device_add+0xf30/0x1a70 [ 179.289887][ T6828] ? __pfx_device_add+0x10/0x10 [ 179.289925][ T6828] ? lockdep_init_map_type+0x5c/0x280 [ 179.289972][ T6828] ? __init_waitqueue_head+0xca/0x150 [ 179.290034][ T6828] netdev_register_kobject+0x1a9/0x3d0 [ 179.290090][ T6828] register_netdevice+0x13dc/0x2270 [ 179.290145][ T6828] ? __pfx_register_netdevice+0x10/0x10 [ 179.290202][ T6828] ? __pfx_loopback_net_init+0x10/0x10 [ 179.290245][ T6828] register_netdev+0x34/0x50 [ 179.290287][ T6828] loopback_net_init+0x7a/0x170 [ 179.290331][ T6828] ? __pfx_loopback_net_init+0x10/0x10 [ 179.290370][ T6828] ops_init+0x1e2/0x5f0 [ 179.290417][ T6828] setup_net+0x10f/0x380 [ 179.290464][ T6828] ? lockdep_init_map_type+0x5c/0x280 [ 179.290511][ T6828] ? __pfx_setup_net+0x10/0x10 [ 179.290558][ T6828] ? debug_mutex_init+0x37/0x70 [ 179.290596][ T6828] copy_net_ns+0x2a6/0x5f0 [ 179.290648][ T6828] create_new_namespaces+0x3ea/0xa90 [ 179.290695][ T6828] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 179.290736][ T6828] ksys_unshare+0x45b/0xa40 [ 179.290781][ T6828] ? __pfx_ksys_unshare+0x10/0x10 [ 179.290827][ T6828] ? xfd_validate_state+0x61/0x180 [ 179.290888][ T6828] __x64_sys_unshare+0x31/0x40 [ 179.290933][ T6828] do_syscall_64+0xcd/0x490 [ 179.290980][ T6828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.291013][ T6828] RIP: 0033:0x7f6638f8e9a9 [ 179.291040][ T6828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.291073][ T6828] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 179.291104][ T6828] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 179.291125][ T6828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 179.291145][ T6828] RBP: 00007f6639010d69 R08: 0000000000000000 R09: 0000000000000000 [ 179.291164][ T6828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.291183][ T6828] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 179.291229][ T6828] [ 180.859145][ T6851] netlink: 28 bytes leftover after parsing attributes in process `syz.1.221'. [ 181.169227][ T5851] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 182.531521][ T6863] mkiss: ax0: crc mode is auto. [ 183.681533][ T6890] FAULT_INJECTION: forcing a failure. [ 183.681533][ T6890] name failslab, interval 1, probability 0, space 0, times 0 [ 183.702979][ T6890] CPU: 1 UID: 0 PID: 6890 Comm: syz.2.234 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 183.703027][ T6890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 183.703046][ T6890] Call Trace: [ 183.703057][ T6890] [ 183.703070][ T6890] dump_stack_lvl+0x16c/0x1f0 [ 183.703124][ T6890] should_fail_ex+0x512/0x640 [ 183.703166][ T6890] should_failslab+0xc2/0x120 [ 183.703219][ T6890] __kmalloc_cache_noprof+0x6a/0x3e0 [ 183.703263][ T6890] ? proc_thread_self_get_link+0x1c6/0x240 [ 183.703320][ T6890] proc_thread_self_get_link+0x1c6/0x240 [ 183.703377][ T6890] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 183.703426][ T6890] step_into+0x195b/0x2270 [ 183.703474][ T6890] ? __pfx_step_into+0x10/0x10 [ 183.703520][ T6890] ? lookup_fast+0x156/0x610 [ 183.703565][ T6890] walk_component+0xfc/0x5b0 [ 183.703607][ T6890] link_path_walk+0x627/0xe20 [ 183.703663][ T6890] path_openat+0x1b0/0x2cb0 [ 183.703704][ T6890] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.703755][ T6890] ? __pfx_path_openat+0x10/0x10 [ 183.703803][ T6890] ? __lock_acquire+0xb8a/0x1c90 [ 183.703854][ T6890] do_filp_open+0x20b/0x470 [ 183.703899][ T6890] ? __pfx_do_filp_open+0x10/0x10 [ 183.703976][ T6890] ? alloc_fd+0x471/0x7d0 [ 183.704029][ T6890] do_sys_openat2+0x11b/0x1d0 [ 183.704063][ T6890] ? __pfx_do_sys_openat2+0x10/0x10 [ 183.704114][ T6890] __x64_sys_openat+0x174/0x210 [ 183.704157][ T6890] ? __pfx___x64_sys_openat+0x10/0x10 [ 183.704210][ T6890] do_syscall_64+0xcd/0x490 [ 183.704257][ T6890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.704291][ T6890] RIP: 0033:0x7f6638f8e9a9 [ 183.704317][ T6890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.704349][ T6890] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 183.704392][ T6890] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 183.704414][ T6890] RDX: 0000000000040002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 183.704436][ T6890] RBP: 00007f6639010d69 R08: 0000000000000000 R09: 0000000000000000 [ 183.704456][ T6890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.704475][ T6890] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 183.704519][ T6890] [ 183.710390][ T6890] random: crng reseeded on system resumption [ 184.311713][ T6893] netlink: 146 bytes leftover after parsing attributes in process `syz.3.233'. [ 184.602583][ T5851] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 185.522874][ T6536] syz.0.135 (6536) used greatest stack depth: 17944 bytes left [ 185.919054][ T6913] queue_state_write: unsupported operation '' [ 185.949227][ T6913] queue_state_write: use 'run', 'start' or 'kick' [ 187.498599][ T5851] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 187.978248][ T6945] sg_write: data in/out 65426/34141 bytes for SCSI command 0x0-- guessing data in; [ 187.978248][ T6945] program syz.3.250 not setting count and/or reply_len properly [ 188.917875][ T6958] FAULT_INJECTION: forcing a failure. [ 188.917875][ T6958] name failslab, interval 1, probability 0, space 0, times 0 [ 189.081305][ T6958] CPU: 1 UID: 0 PID: 6958 Comm: syz.3.250 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 189.081349][ T6958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 189.081368][ T6958] Call Trace: [ 189.081378][ T6958] [ 189.081390][ T6958] dump_stack_lvl+0x16c/0x1f0 [ 189.081440][ T6958] should_fail_ex+0x512/0x640 [ 189.081475][ T6958] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 189.081527][ T6958] should_failslab+0xc2/0x120 [ 189.081578][ T6958] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 189.081626][ T6958] ? security_file_alloc+0x34/0x2b0 [ 189.081675][ T6958] security_file_alloc+0x34/0x2b0 [ 189.081716][ T6958] init_file+0x93/0x4c0 [ 189.081769][ T6958] alloc_empty_file+0x73/0x1e0 [ 189.081802][ T6958] alloc_file_pseudo+0x13a/0x230 [ 189.081835][ T6958] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 189.081868][ T6958] ? alloc_fd+0x471/0x7d0 [ 189.081922][ T6958] sock_alloc_file+0x50/0x210 [ 189.081969][ T6958] __sys_socket+0x1c0/0x260 [ 189.081997][ T6958] ? __x64_sys_openat+0x174/0x210 [ 189.082031][ T6958] ? __pfx___sys_socket+0x10/0x10 [ 189.082060][ T6958] ? xfd_validate_state+0x61/0x180 [ 189.082119][ T6958] __x64_sys_socket+0x72/0xb0 [ 189.082147][ T6958] ? lockdep_hardirqs_on+0x7c/0x110 [ 189.082185][ T6958] do_syscall_64+0xcd/0x490 [ 189.082227][ T6958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.082259][ T6958] RIP: 0033:0x7f0369d8e9a9 [ 189.082284][ T6958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.082314][ T6958] RSP: 002b:00007f036ab56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 189.082343][ T6958] RAX: ffffffffffffffda RBX: 00007f0369fb6160 RCX: 00007f0369d8e9a9 [ 189.082363][ T6958] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000010 [ 189.082382][ T6958] RBP: 00007f0369e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 189.082401][ T6958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.082421][ T6958] R13: 0000000000000000 R14: 00007f0369fb6160 R15: 00007ffe36453098 [ 189.082463][ T6958] [ 189.391948][ T6954] mkiss: ax0: crc mode is auto. [ 191.927679][ T7004] netlink: 8 bytes leftover after parsing attributes in process `syz.2.262'. [ 192.874457][ T7016] random: crng reseeded on system resumption [ 195.076853][ T7044] kafs: addr_prefs: Too many elements in string [ 195.562996][ T7058] random: crng reseeded on system resumption [ 195.839348][ T7044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 195.854174][ T7044] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 196.585096][ T7050] mmap: syz.0.272 (7050) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 197.167050][ T7076] netlink: 28 bytes leftover after parsing attributes in process `syz.1.281'. [ 197.815226][ T7076] team_slave_1 (unregistering): left promiscuous mode [ 197.838011][ T7076] team_slave_1 (unregistering): left allmulticast mode [ 197.906399][ T7076] team0: Port device team_slave_1 removed [ 201.335990][ T5851] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 202.128149][ T7137] random: crng reseeded on system resumption [ 204.778541][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.785173][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.576407][ T7174] FAULT_INJECTION: forcing a failure. [ 205.576407][ T7174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 205.671126][ T7174] CPU: 0 UID: 0 PID: 7174 Comm: syz.0.307 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 205.671173][ T7174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 205.671191][ T7174] Call Trace: [ 205.671200][ T7174] [ 205.671211][ T7174] dump_stack_lvl+0x16c/0x1f0 [ 205.671255][ T7174] should_fail_ex+0x512/0x640 [ 205.671294][ T7174] _copy_from_user+0x2e/0xd0 [ 205.671342][ T7174] io_uring_setup+0xb4/0x2080 [ 205.671396][ T7174] ? __pfx_io_uring_setup+0x10/0x10 [ 205.671447][ T7174] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 205.671495][ T7174] ? __fget_files+0x20e/0x3c0 [ 205.671546][ T7174] ? ksys_write+0x1ac/0x250 [ 205.671586][ T7174] ? __pfx_ksys_write+0x10/0x10 [ 205.671634][ T7174] __x64_sys_io_uring_setup+0xc2/0x170 [ 205.671686][ T7174] do_syscall_64+0xcd/0x490 [ 205.671725][ T7174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.671756][ T7174] RIP: 0033:0x7fd857d8e9a9 [ 205.671781][ T7174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.671811][ T7174] RSP: 002b:00007fd858b26038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 205.671839][ T7174] RAX: ffffffffffffffda RBX: 00007fd857fb6080 RCX: 00007fd857d8e9a9 [ 205.671858][ T7174] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 205.671876][ T7174] RBP: 00007fd858b26090 R08: 0000000000000000 R09: 0000000000000000 [ 205.671896][ T7174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 205.671914][ T7174] R13: 0000000000000000 R14: 00007fd857fb6080 R15: 00007ffd900e4998 [ 205.671955][ T7174] [ 208.723808][ T7207] netlink: 504 bytes leftover after parsing attributes in process `syz.1.317'. [ 208.764722][ T7207] netlink: 350 bytes leftover after parsing attributes in process `syz.1.317'. [ 208.813643][ T7208] netlink: 350 bytes leftover after parsing attributes in process `syz.1.317'. [ 211.016081][ T7246] mkiss: ax0: crc mode is auto. [ 211.129789][ T7241] zswap: compressor not available [ 211.148941][ T7246] FAULT_INJECTION: forcing a failure. [ 211.148941][ T7246] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 211.241403][ T7246] CPU: 1 UID: 0 PID: 7246 Comm: syz.2.327 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 211.241453][ T7246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 211.241473][ T7246] Call Trace: [ 211.241485][ T7246] [ 211.241498][ T7246] dump_stack_lvl+0x16c/0x1f0 [ 211.241546][ T7246] should_fail_ex+0x512/0x640 [ 211.241595][ T7246] should_fail_alloc_page+0xe7/0x130 [ 211.241649][ T7246] prepare_alloc_pages+0x3c2/0x610 [ 211.241692][ T7246] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 211.241749][ T7246] ? mas_next_slot+0x12d3/0x21b0 [ 211.241803][ T7246] ? __up_read+0x1f8/0x750 [ 211.241864][ T7246] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 211.241916][ T7246] ? validate_mm+0x40a/0x570 [ 211.241964][ T7246] ? __pfx_validate_mm+0x10/0x10 [ 211.242004][ T7246] ? lockdep_hardirqs_on+0x7c/0x110 [ 211.242051][ T7246] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 211.242106][ T7246] ? policy_nodemask+0xea/0x4e0 [ 211.242160][ T7246] alloc_pages_mpol+0x1fb/0x550 [ 211.242213][ T7246] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 211.242277][ T7246] alloc_pages_noprof+0x131/0x390 [ 211.242330][ T7246] __pmd_alloc+0x3b/0x930 [ 211.242368][ T7246] __handle_mm_fault+0xaac/0x5390 [ 211.242419][ T7246] ? __pfx___handle_mm_fault+0x10/0x10 [ 211.242497][ T7246] handle_mm_fault+0x589/0xd10 [ 211.242546][ T7246] __get_user_pages+0x589/0x3b80 [ 211.242593][ T7246] ? __pfx_mt_find+0x10/0x10 [ 211.242639][ T7246] ? __pfx___get_user_pages+0x10/0x10 [ 211.242684][ T7246] populate_vma_page_range+0x278/0x3a0 [ 211.242722][ T7246] ? __pfx_populate_vma_page_range+0x10/0x10 [ 211.242756][ T7246] ? __pfx_find_vma_intersection+0x10/0x10 [ 211.242800][ T7246] ? do_mmap+0x69c/0x1210 [ 211.242834][ T7246] __mm_populate+0x1d8/0x380 [ 211.242868][ T7246] ? __pfx___mm_populate+0x10/0x10 [ 211.242908][ T7246] ? up_write+0x1b2/0x520 [ 211.242959][ T7246] vm_mmap_pgoff+0x362/0x450 [ 211.243017][ T7246] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 211.243081][ T7246] ? __x64_sys_futex+0x1e0/0x4c0 [ 211.243122][ T7246] ? __x64_sys_futex+0x1e9/0x4c0 [ 211.243169][ T7246] ksys_mmap_pgoff+0x7d/0x5c0 [ 211.243199][ T7246] ? xfd_validate_state+0x61/0x180 [ 211.243244][ T7246] ? __pfx_ksys_write+0x10/0x10 [ 211.243292][ T7246] __x64_sys_mmap+0x125/0x190 [ 211.243347][ T7246] do_syscall_64+0xcd/0x490 [ 211.243393][ T7246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.243425][ T7246] RIP: 0033:0x7f6638f8e9a9 [ 211.243450][ T7246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.243481][ T7246] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 211.243511][ T7246] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 211.243533][ T7246] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 211.243553][ T7246] RBP: 00007f6639010d69 R08: 0000000000000002 R09: 0000000000008000 [ 211.243571][ T7246] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 211.243591][ T7246] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 211.243632][ T7246] [ 214.543950][ T7270] sp0: Synchronizing with TNC [ 217.563777][ T7306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 217.602809][ T7306] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 217.656943][ T7306] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 217.719441][ T7306] page_type: f5(slab) [ 217.759925][ T7306] raw: 00fff00000000040 ffff88801ce95640 dead000000000122 0000000000000000 [ 217.840946][ T7306] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 217.891434][ T7306] head: 00fff00000000040 ffff88801ce95640 dead000000000122 0000000000000000 [ 217.966635][ T7306] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 218.036932][ T7306] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 218.166396][ T7306] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 218.297455][ T7306] page dumped because: unmovable page [ 218.327658][ T7306] page_owner tracks the page as allocated [ 218.401795][ T7306] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5857, tgid 5857 (udevd), ts 206102494905, free_ts 206072373723 [ 218.497613][ T7306] post_alloc_hook+0x1c0/0x230 [ 218.511335][ T7306] get_page_from_freelist+0x1321/0x3890 [ 218.516987][ T7306] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 218.561307][ T7306] alloc_pages_mpol+0x1fb/0x550 [ 218.627580][ T7306] new_slab+0x247/0x330 [ 218.667927][ T7306] ___slab_alloc+0xd1e/0x1780 [ 218.791419][ T7306] __slab_alloc.constprop.0+0x56/0xb0 [ 218.842171][ T7306] kmem_cache_alloc_noprof+0xef/0x3b0 [ 218.847650][ T7306] getname_flags.part.0+0x4c/0x550 [ 218.871380][ T7306] getname_flags+0x93/0xf0 [ 218.875899][ T7306] vfs_fstatat+0xe1/0xf0 [ 218.880290][ T7306] __do_sys_newfstatat+0x97/0x120 [ 218.901384][ T7306] do_syscall_64+0xcd/0x490 [ 218.910867][ T7306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.993107][ T7306] page last free pid 5208 tgid 5208 stack trace: [ 218.999554][ T7306] __free_frozen_pages+0x7fe/0x1180 [ 219.086313][ T7306] __put_partials+0x165/0x1c0 [ 219.094913][ T7306] qlist_free_all+0x4d/0x120 [ 219.099596][ T7306] kasan_quarantine_reduce+0x195/0x1e0 [ 219.141551][ T7306] __kasan_slab_alloc+0x69/0x90 [ 219.146517][ T7306] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 219.291899][ T7306] getname_flags.part.0+0x4c/0x550 [ 219.341295][ T7306] getname_flags+0x93/0xf0 [ 219.434809][ T7306] vfs_fstatat+0xe1/0xf0 [ 219.439291][ T7306] __do_sys_newfstatat+0x97/0x120 [ 219.539685][ T7306] do_syscall_64+0xcd/0x490 [ 219.567343][ T7306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.996978][ T7163] syz.1.302 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 220.231328][ T7163] CPU: 0 UID: 0 PID: 7163 Comm: syz.1.302 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 220.231373][ T7163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 220.231391][ T7163] Call Trace: [ 220.231401][ T7163] [ 220.231412][ T7163] dump_stack_lvl+0x16c/0x1f0 [ 220.231456][ T7163] dump_header+0x101/0x930 [ 220.231507][ T7163] oom_kill_process+0x272/0xa40 [ 220.231558][ T7163] out_of_memory+0x350/0x1700 [ 220.231613][ T7163] ? __pfx_out_of_memory+0x10/0x10 [ 220.231671][ T7163] mem_cgroup_out_of_memory+0x118/0x130 [ 220.231710][ T7163] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 220.231757][ T7163] ? do_raw_spin_unlock+0x172/0x230 [ 220.231816][ T7163] try_charge_memcg+0x72b/0xd50 [ 220.231872][ T7163] ? __pfx_try_charge_memcg+0x10/0x10 [ 220.231921][ T7163] ? find_held_lock+0x1/0x80 [ 220.231953][ T7163] ? rcu_read_unlock+0x17/0x60 [ 220.232015][ T7163] charge_memcg+0x8a/0x230 [ 220.232073][ T7163] __mem_cgroup_charge+0x2b/0x1e0 [ 220.232108][ T7163] shmem_alloc_and_add_folio+0x514/0xc20 [ 220.232160][ T7163] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 220.232208][ T7163] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 220.232258][ T7163] shmem_get_folio_gfp+0x67f/0x1600 [ 220.232306][ T7163] ? __lock_acquire+0xb8a/0x1c90 [ 220.232349][ T7163] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 220.232394][ T7163] ? __pte_offset_map_lock+0x174/0x310 [ 220.232442][ T7163] ? vm_normal_page+0x152/0x2e0 [ 220.232499][ T7163] shmem_write_begin+0x160/0x300 [ 220.232545][ T7163] ? __pfx_shmem_write_begin+0x10/0x10 [ 220.232584][ T7163] ? timestamp_truncate+0x21e/0x2d0 [ 220.232630][ T7163] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 220.232674][ T7163] generic_perform_write+0x3c2/0x900 [ 220.232729][ T7163] ? __pfx_generic_perform_write+0x10/0x10 [ 220.232774][ T7163] ? inode_needs_update_time.part.0+0x191/0x270 [ 220.232833][ T7163] shmem_file_write_iter+0x10e/0x140 [ 220.232885][ T7163] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 220.232932][ T7163] __kernel_write_iter+0x31a/0xa90 [ 220.232979][ T7163] ? __pfx___kernel_write_iter+0x10/0x10 [ 220.233021][ T7163] ? __up_read+0x1f8/0x750 [ 220.233082][ T7163] ? dump_user_range+0x756/0xb70 [ 220.233117][ T7163] ? __kernel_write_iter+0x396/0xa90 [ 220.233166][ T7163] dump_user_range+0x413/0xb70 [ 220.233212][ T7163] ? __pfx_dump_user_range+0x10/0x10 [ 220.233251][ T7163] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 220.233311][ T7163] ? __pfx_writenote+0x10/0x10 [ 220.233360][ T7163] elf_core_dump+0x2929/0x3b60 [ 220.233430][ T7163] ? __pfx_elf_core_dump+0x10/0x10 [ 220.233469][ T7163] ? kasan_save_stack+0x42/0x60 [ 220.233516][ T7163] ? kasan_save_stack+0x33/0x60 [ 220.233555][ T7163] ? kasan_save_track+0x14/0x30 [ 220.233595][ T7163] ? __kasan_kmalloc+0xaa/0xb0 [ 220.233635][ T7163] ? vfs_coredump+0x1dc8/0x56d0 [ 220.233666][ T7163] ? get_signal+0x22e3/0x26d0 [ 220.233699][ T7163] ? arch_do_signal_or_restart+0x8f/0x790 [ 220.233748][ T7163] ? 0xffffffffff600000 [ 220.233846][ T7163] ? vfs_coredump+0x2ba2/0x56d0 [ 220.233878][ T7163] vfs_coredump+0x2ba2/0x56d0 [ 220.233930][ T7163] ? __pfx_vfs_coredump+0x10/0x10 [ 220.233969][ T7163] ? __lock_acquire+0x622/0x1c90 [ 220.234034][ T7163] ? lock_acquire+0x179/0x350 [ 220.234097][ T7163] ? is_bpf_text_address+0x8a/0x1a0 [ 220.234141][ T7163] ? bpf_ksym_find+0x124/0x1c0 [ 220.234187][ T7163] ? __kernel_text_address+0xd/0x40 [ 220.234236][ T7163] ? unwind_get_return_address+0x59/0xa0 [ 220.234269][ T7163] ? arch_stack_walk+0xa6/0x100 [ 220.234320][ T7163] ? stack_trace_save+0x8e/0xc0 [ 220.234354][ T7163] ? __pfx_stack_trace_save+0x10/0x10 [ 220.234390][ T7163] ? stack_depot_save_flags+0x28/0xa40 [ 220.234427][ T7163] ? __lock_acquire+0xb8a/0x1c90 [ 220.234544][ T7163] ? proc_coredump_connector+0x2d1/0x4f0 [ 220.234588][ T7163] ? __pfx_proc_coredump_connector+0x10/0x10 [ 220.234641][ T7163] ? rcu_is_watching+0x12/0xc0 [ 220.234681][ T7163] get_signal+0x22e3/0x26d0 [ 220.234727][ T7163] ? force_sig_fault+0xc4/0x100 [ 220.234765][ T7163] ? __pfx_get_signal+0x10/0x10 [ 220.234814][ T7163] arch_do_signal_or_restart+0x8f/0x790 [ 220.234854][ T7163] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 220.234908][ T7163] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 220.234977][ T7163] irqentry_exit_to_user_mode+0x12a/0x270 [ 220.235020][ T7163] asm_exc_page_fault+0x26/0x30 [ 220.235061][ T7163] RIP: 0033:0x7f8d7f18e9b1 [ 220.235086][ T7163] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 220.235117][ T7163] RSP: 002b:0000080000000002 EFLAGS: 00010217 [ 220.235142][ T7163] RAX: 0000000000000000 RBX: 00007f8d7f3b5fa0 RCX: 00007f8d7f18e9a9 [ 220.235162][ T7163] RDX: 0000000000000000 RSI: 0000080000000002 RDI: 0100000020003b49 [ 220.235182][ T7163] RBP: 00007f8d7f210d69 R08: 0000000000000004 R09: 0000000000000000 [ 220.235201][ T7163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.235220][ T7163] R13: 0000000000000000 R14: 00007f8d7f3b5fa0 R15: 00007ffeebc05628 [ 220.235263][ T7163] [ 220.235274][ T7163] memory: usage 307200kB, limit 307200kB, failcnt 2385 [ 220.826529][ T7163] memory+swap: usage 307056kB, limit 9007199254740988kB, failcnt 0 [ 220.976177][ T7163] kmem: usage 2332kB, limit 9007199254740988kB, failcnt 0 [ 221.091990][ T7163] Memory cgroup stats for /syz1: [ 221.092508][ T7163] cache 311590912 [ 221.127587][ T7163] rss 512000 [ 221.130852][ T7163] rss_huge 0 [ 221.191321][ T7163] shmem 309645312 [ 221.210321][ T7163] mapped_file 138326016 [ 221.270637][ T7163] dirty 217088 [ 221.281030][ T7163] writeback 0 [ 221.282791][ T7340] FAULT_INJECTION: forcing a failure. [ 221.282791][ T7340] name failslab, interval 1, probability 0, space 0, times 0 [ 221.381477][ T7163] workingset_refault_anon 178 [ 221.386409][ T7163] workingset_refault_file 593 [ 221.391123][ T7163] swap 0 [ 221.438602][ T7163] swapcached 0 [ 221.442235][ T7163] pgpgin 183024 [ 221.445815][ T7163] pgpgout 106827 [ 221.461857][ T7340] CPU: 1 UID: 0 PID: 7340 Comm: syz.3.349 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 221.461903][ T7340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 221.461922][ T7340] Call Trace: [ 221.461932][ T7340] [ 221.461944][ T7340] dump_stack_lvl+0x16c/0x1f0 [ 221.461988][ T7340] should_fail_ex+0x512/0x640 [ 221.462021][ T7340] ? __kvmalloc_node_noprof+0x124/0x620 [ 221.462068][ T7340] should_failslab+0xc2/0x120 [ 221.462117][ T7340] __kvmalloc_node_noprof+0x137/0x620 [ 221.462158][ T7340] ? __pfx___mutex_lock+0x10/0x10 [ 221.462199][ T7340] ? traverse.part.0.constprop.0+0x392/0x640 [ 221.462252][ T7340] ? traverse.part.0.constprop.0+0x392/0x640 [ 221.462287][ T7340] traverse.part.0.constprop.0+0x392/0x640 [ 221.462328][ T7340] ? aa_file_perm+0x486/0xf70 [ 221.462376][ T7340] seq_read_iter+0x932/0x12c0 [ 221.462429][ T7340] seq_read+0x39e/0x4e0 [ 221.462464][ T7340] ? __pfx_seq_read+0x10/0x10 [ 221.462501][ T7340] ? get_pid_task+0xfc/0x250 [ 221.462564][ T7340] ? rw_verify_area+0xcf/0x680 [ 221.462600][ T7340] ? __pfx_seq_read+0x10/0x10 [ 221.462635][ T7340] vfs_read+0x1e1/0xc60 [ 221.462684][ T7340] ? __pfx_vfs_read+0x10/0x10 [ 221.462721][ T7340] ? find_held_lock+0x2b/0x80 [ 221.462754][ T7340] ? __fget_files+0x204/0x3c0 [ 221.462799][ T7340] ? __fget_files+0x20e/0x3c0 [ 221.462833][ T7340] ? __fget_files+0x160/0x3c0 [ 221.462889][ T7340] __x64_sys_pread64+0x1eb/0x250 [ 221.462933][ T7340] ? __pfx___x64_sys_pread64+0x10/0x10 [ 221.462991][ T7340] do_syscall_64+0xcd/0x490 [ 221.463034][ T7340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.463066][ T7340] RIP: 0033:0x7f0369d8e9a9 [ 221.463090][ T7340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.463120][ T7340] RSP: 002b:00007f036ab98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 221.463149][ T7340] RAX: ffffffffffffffda RBX: 00007f0369fb5fa0 RCX: 00007f0369d8e9a9 [ 221.463169][ T7340] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000004 [ 221.463188][ T7340] RBP: 00007f036ab98090 R08: 0000000000000000 R09: 0000000000000000 [ 221.463207][ T7340] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 221.463226][ T7340] R13: 0000000000000000 R14: 00007f0369fb5fa0 R15: 00007ffe36453098 [ 221.463274][ T7340] [ 221.463509][ T7163] pgfault 106797 [ 221.748043][ T7163] pgmajfault 119 [ 221.791358][ T7163] inactive_anon 291545088 [ 221.795755][ T7163] active_anon 18583552 [ 221.799861][ T7163] inactive_file 1744896 [ 221.831011][ T7163] active_file 200704 [ 221.846893][ T7163] unevictable 0 [ 221.850423][ T7163] hierarchical_memory_limit 314572800 [ 221.913676][ T7163] hierarchical_memsw_limit 9223372036854771712 [ 221.919913][ T7163] total_cache 311590912 [ 221.961478][ T7163] total_rss 512000 [ 221.965265][ T7163] total_rss_huge 0 [ 221.981307][ T7163] total_shmem 309645312 [ 221.985517][ T7163] total_mapped_file 138326016 [ 221.990253][ T7163] total_dirty 217088 [ 221.997637][ T7163] total_writeback 0 [ 222.007768][ T7163] total_workingset_refault_anon 178 [ 222.016554][ T7163] total_workingset_refault_file 593 [ 222.035488][ T7163] total_swap 0 [ 222.038929][ T7163] total_swapcached 0 [ 222.059992][ T7163] total_pgpgin 183024 [ 222.085093][ T7163] total_pgpgout 106827 [ 222.089325][ T7163] total_pgfault 106797 [ 222.104797][ T7163] total_pgmajfault 119 [ 222.108950][ T7163] total_inactive_anon 291545088 [ 222.124669][ T7163] total_active_anon 18583552 [ 222.146025][ T7163] total_inactive_file 1744896 [ 222.150773][ T7163] total_active_file 200704 [ 222.168355][ T7163] total_unevictable 0 [ 222.178504][ T7163] anon_cost 0 [ 222.191601][ T7163] file_cost 0 [ 222.194965][ T7163] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.302,pid=7163,uid=0 [ 222.235955][ T7163] Memory cgroup out of memory: Killed process 7163 (syz.1.302) total-vm:167420kB, anon-rss:1076kB, file-rss:23080kB, shmem-rss:52608kB, UID:0 pgtables:232kB oom_score_adj:1000 [ 222.374014][ T7350] netlink: 8 bytes leftover after parsing attributes in process `syz.0.350'. [ 222.445112][ T7337] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 223.234013][ T31] audit: type=1326 audit(4294967303.170:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.3.353" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0369d8e9a9 code=0x0 [ 223.302165][ T7356] FAULT_INJECTION: forcing a failure. [ 223.302165][ T7356] name failslab, interval 1, probability 0, space 0, times 0 [ 223.373690][ T7356] CPU: 0 UID: 0 PID: 7356 Comm: syz.3.353 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 223.373740][ T7356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 223.373760][ T7356] Call Trace: [ 223.373771][ T7356] [ 223.373784][ T7356] dump_stack_lvl+0x16c/0x1f0 [ 223.373834][ T7356] should_fail_ex+0x512/0x640 [ 223.373870][ T7356] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 223.373916][ T7356] should_failslab+0xc2/0x120 [ 223.373969][ T7356] __kmalloc_cache_noprof+0x6a/0x3e0 [ 223.374011][ T7356] ? snd_seq_prioq_new+0x3f/0x110 [ 223.374052][ T7356] snd_seq_prioq_new+0x3f/0x110 [ 223.374086][ T7356] snd_seq_queue_alloc+0x12b/0x550 [ 223.374156][ T7356] snd_seq_ioctl_create_queue+0xa9/0x380 [ 223.374202][ T7356] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 223.374255][ T7356] alloc_seq_queue+0xda/0x180 [ 223.374301][ T7356] ? __pfx_alloc_seq_queue+0x10/0x10 [ 223.374372][ T7356] ? mark_held_locks+0x49/0x80 [ 223.374415][ T7356] ? _raw_spin_unlock_irq+0x23/0x50 [ 223.374455][ T7356] snd_seq_oss_open+0x38c/0xa20 [ 223.374510][ T7356] odev_open+0x6f/0x90 [ 223.374550][ T7356] ? __pfx_odev_open+0x10/0x10 [ 223.374590][ T7356] soundcore_open+0x409/0x580 [ 223.374635][ T7356] ? __pfx_soundcore_open+0x10/0x10 [ 223.374675][ T7356] chrdev_open+0x234/0x6a0 [ 223.374722][ T7356] ? __pfx_apparmor_file_open+0x10/0x10 [ 223.374762][ T7356] ? __pfx_chrdev_open+0x10/0x10 [ 223.374815][ T7356] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 223.374867][ T7356] do_dentry_open+0x744/0x1c10 [ 223.374915][ T7356] ? __pfx_chrdev_open+0x10/0x10 [ 223.374971][ T7356] vfs_open+0x82/0x3f0 [ 223.375008][ T7356] path_openat+0x1de4/0x2cb0 [ 223.375067][ T7356] ? __pfx_path_openat+0x10/0x10 [ 223.375125][ T7356] ? __lock_acquire+0xb8a/0x1c90 [ 223.375175][ T7356] do_filp_open+0x20b/0x470 [ 223.375221][ T7356] ? __pfx_do_filp_open+0x10/0x10 [ 223.375299][ T7356] ? alloc_fd+0x471/0x7d0 [ 223.375353][ T7356] do_sys_openat2+0x11b/0x1d0 [ 223.375387][ T7356] ? __pfx_do_sys_openat2+0x10/0x10 [ 223.375418][ T7356] ? find_held_lock+0x2b/0x80 [ 223.375451][ T7356] ? handle_mm_fault+0x2ab/0xd10 [ 223.375503][ T7356] __x64_sys_openat+0x174/0x210 [ 223.375538][ T7356] ? __pfx___x64_sys_openat+0x10/0x10 [ 223.375591][ T7356] do_syscall_64+0xcd/0x490 [ 223.375638][ T7356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.375673][ T7356] RIP: 0033:0x7f0369d8e9a9 [ 223.375701][ T7356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.375734][ T7356] RSP: 002b:00007f036ab77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 223.375766][ T7356] RAX: ffffffffffffffda RBX: 00007f0369fb6080 RCX: 00007f0369d8e9a9 [ 223.375788][ T7356] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 223.375809][ T7356] RBP: 00007f0369e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 223.375830][ T7356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.375849][ T7356] R13: 0000000000000000 R14: 00007f0369fb6080 R15: 00007ffe36453098 [ 223.375892][ T7356] [ 227.238224][ T7386] FAULT_INJECTION: forcing a failure. [ 227.238224][ T7386] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.353843][ T5850] Bluetooth: hci2: command 0x0406 tx timeout [ 227.353898][ T5158] Bluetooth: hci3: command 0x0406 tx timeout [ 227.359946][ T5850] Bluetooth: hci1: command 0x0406 tx timeout [ 227.366085][ T5854] Bluetooth: hci0: command 0x0406 tx timeout [ 227.502522][ T7386] CPU: 1 UID: 0 PID: 7386 Comm: syz.2.359 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 227.502566][ T7386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 227.502586][ T7386] Call Trace: [ 227.502596][ T7386] [ 227.502607][ T7386] dump_stack_lvl+0x16c/0x1f0 [ 227.502653][ T7386] should_fail_ex+0x512/0x640 [ 227.502694][ T7386] _copy_to_user+0x32/0xd0 [ 227.502735][ T7386] simple_read_from_buffer+0xcb/0x170 [ 227.502775][ T7386] proc_fail_nth_read+0x197/0x240 [ 227.502815][ T7386] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 227.502857][ T7386] ? rw_verify_area+0xcf/0x680 [ 227.502891][ T7386] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 227.502930][ T7386] vfs_read+0x1e1/0xc60 [ 227.502976][ T7386] ? __pfx___mutex_lock+0x10/0x10 [ 227.503016][ T7386] ? __pfx_vfs_read+0x10/0x10 [ 227.503069][ T7386] ? __fget_files+0x20e/0x3c0 [ 227.503120][ T7386] ksys_read+0x12a/0x250 [ 227.503160][ T7386] ? __pfx_ksys_read+0x10/0x10 [ 227.503214][ T7386] do_syscall_64+0xcd/0x490 [ 227.503258][ T7386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.503291][ T7386] RIP: 0033:0x7f6638f8d3bc [ 227.503315][ T7386] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 227.503345][ T7386] RSP: 002b:00007f6639d8e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 227.503381][ T7386] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8d3bc [ 227.503401][ T7386] RDX: 000000000000000f RSI: 00007f6639d8e0a0 RDI: 0000000000000005 [ 227.503427][ T7386] RBP: 00007f6639d8e090 R08: 0000000000000000 R09: 0000000000000000 [ 227.503446][ T7386] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 227.503464][ T7386] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 227.503509][ T7386] [ 228.894588][ T7395] netlink: 28 bytes leftover after parsing attributes in process `syz.3.362'. [ 229.735887][ T7401] FAULT_INJECTION: forcing a failure. [ 229.735887][ T7401] name fail_futex, interval 1, probability 0, space 0, times 1 [ 229.899418][ T7401] CPU: 0 UID: 0 PID: 7401 Comm: syz.0.361 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 229.899466][ T7401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 229.899486][ T7401] Call Trace: [ 229.899498][ T7401] [ 229.899511][ T7401] dump_stack_lvl+0x16c/0x1f0 [ 229.899559][ T7401] should_fail_ex+0x512/0x640 [ 229.899602][ T7401] get_futex_key+0x1d0/0x1540 [ 229.899650][ T7401] ? __pfx_get_futex_key+0x10/0x10 [ 229.899689][ T7401] ? futex_private_hash_put+0x176/0x300 [ 229.899741][ T7401] futex_wake+0xea/0x530 [ 229.899795][ T7401] ? __pfx_futex_wake+0x10/0x10 [ 229.899845][ T7401] ? __pfx_vfs_writev+0x10/0x10 [ 229.899889][ T7401] ? do_writev+0x218/0x340 [ 229.899938][ T7401] do_futex+0x1e3/0x350 [ 229.899982][ T7401] ? __pfx_do_futex+0x10/0x10 [ 229.900021][ T7401] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 229.900078][ T7401] __x64_sys_futex+0x1e0/0x4c0 [ 229.900124][ T7401] ? fput+0x70/0xf0 [ 229.900174][ T7401] ? __pfx___x64_sys_futex+0x10/0x10 [ 229.900229][ T7401] ? xfd_validate_state+0x61/0x180 [ 229.900278][ T7401] ? __pfx_do_writev+0x10/0x10 [ 229.900332][ T7401] do_syscall_64+0xcd/0x490 [ 229.900379][ T7401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.900413][ T7401] RIP: 0033:0x7fd857d8e9a9 [ 229.900440][ T7401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.900473][ T7401] RSP: 002b:00007fd858b260e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 229.900506][ T7401] RAX: ffffffffffffffda RBX: 00007fd857fb6088 RCX: 00007fd857d8e9a9 [ 229.900528][ T7401] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd857fb608c [ 229.900549][ T7401] RBP: 00007fd857fb6080 R08: 00007fd858b48000 R09: 0000000000000000 [ 229.900570][ T7401] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fd857fb608c [ 229.900591][ T7401] R13: 0000000000000000 R14: 00007ffd900e48b0 R15: 00007ffd900e4998 [ 229.900633][ T7401] [ 237.663768][ T7455] kernel read not supported for file /gMQ_g _N{7vGlq wĉu}OUVW.uw.`O:KdYѮaj7nwKQHg[壣%'ϖX:DktހX [$O8 bŹ9F@eMU;$Q8҇ŝ赵DtS^0YJpu (pid: 7455 comm: syz.1.378) [ 237.841584][ T7456] FAULT_INJECTION: forcing a failure. [ 237.841584][ T7456] name failslab, interval 1, probability 0, space 0, times 0 [ 237.854621][ T7456] CPU: 0 UID: 0 PID: 7456 Comm: syz.1.378 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 237.854663][ T7456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 237.854681][ T7456] Call Trace: [ 237.854690][ T7456] [ 237.854701][ T7456] dump_stack_lvl+0x116/0x1f0 [ 237.854744][ T7456] should_fail_ex+0x512/0x640 [ 237.854780][ T7456] should_failslab+0xc2/0x120 [ 237.854825][ T7456] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 237.854866][ T7456] ? __send_signal_locked+0x159/0x12c0 [ 237.854919][ T7456] ? sig_get_ucounts+0x1c0/0x5b0 [ 237.854964][ T7456] __send_signal_locked+0x159/0x12c0 [ 237.855019][ T7456] group_send_sig_info+0x2a4/0x300 [ 237.855055][ T7456] ? __pfx_group_send_sig_info+0x10/0x10 [ 237.855100][ T7456] ? kill_pid_info_type+0x1a/0x2a0 [ 237.855132][ T7456] kill_pid_info_type+0x92/0x2a0 [ 237.855169][ T7456] kill_proc_info+0x6f/0x1b0 [ 237.855204][ T7456] kill_something_info+0x2a2/0x310 [ 237.855237][ T7456] ? __task_pid_nr_ns+0x186/0x500 [ 237.855280][ T7456] __x64_sys_kill+0xd7/0x140 [ 237.855315][ T7456] ? __pfx___x64_sys_kill+0x10/0x10 [ 237.855361][ T7456] ? rcu_is_watching+0x12/0xc0 [ 237.855392][ T7456] do_syscall_64+0xcd/0x490 [ 237.855430][ T7456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.855459][ T7456] RIP: 0033:0x7f8d7f18e9a9 [ 237.855482][ T7456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.855510][ T7456] RSP: 002b:00007f8d7ffa2038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 237.855536][ T7456] RAX: ffffffffffffffda RBX: 00007f8d7f3b6080 RCX: 00007f8d7f18e9a9 [ 237.855554][ T7456] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000170 [ 237.855571][ T7456] RBP: 00007f8d7f210d69 R08: 0000000000000000 R09: 0000000000000000 [ 237.855587][ T7456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.855603][ T7456] R13: 0000000000000000 R14: 00007f8d7f3b6080 R15: 00007ffeebc05628 [ 237.855640][ T7456] [ 238.199764][ T31] audit: type=1800 audit(4294967318.120:4): pid=7455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.378" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=15423 res=0 errno=0 [ 240.346549][ T7463] openvswitch: netlink: Flow key attribute not present in set flow. [ 243.056705][ T7468] Invalid ELF header magic: != ELF [ 245.774766][ T7483] delete_channel: no stack [ 247.340581][ T7522] FAULT_INJECTION: forcing a failure. [ 247.340581][ T7522] name failslab, interval 1, probability 0, space 0, times 0 [ 247.421975][ T7522] CPU: 0 UID: 0 PID: 7522 Comm: syz.3.390 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 247.422032][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 247.422053][ T7522] Call Trace: [ 247.422065][ T7522] [ 247.422077][ T7522] dump_stack_lvl+0x16c/0x1f0 [ 247.422125][ T7522] should_fail_ex+0x512/0x640 [ 247.422158][ T7522] ? fs_reclaim_acquire+0xae/0x150 [ 247.422197][ T7522] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 247.422243][ T7522] should_failslab+0xc2/0x120 [ 247.422294][ T7522] __kmalloc_noprof+0xd2/0x510 [ 247.422351][ T7522] tomoyo_realpath_from_path+0xc2/0x6e0 [ 247.422408][ T7522] tomoyo_check_open_permission+0x2ab/0x3c0 [ 247.422448][ T7522] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 247.422527][ T7522] ? do_raw_spin_lock+0x12c/0x2b0 [ 247.422587][ T7522] tomoyo_file_open+0x6b/0x90 [ 247.422637][ T7522] security_file_open+0x84/0x1e0 [ 247.422678][ T7522] do_dentry_open+0x596/0x1c10 [ 247.422735][ T7522] vfs_open+0x82/0x3f0 [ 247.422770][ T7522] path_openat+0x1de4/0x2cb0 [ 247.422828][ T7522] ? __pfx_path_openat+0x10/0x10 [ 247.422875][ T7522] ? __lock_acquire+0xb8a/0x1c90 [ 247.422925][ T7522] do_filp_open+0x20b/0x470 [ 247.422970][ T7522] ? __pfx_do_filp_open+0x10/0x10 [ 247.423052][ T7522] ? alloc_fd+0x471/0x7d0 [ 247.423101][ T7522] do_sys_openat2+0x11b/0x1d0 [ 247.423132][ T7522] ? __pfx_do_sys_openat2+0x10/0x10 [ 247.423179][ T7522] __x64_sys_openat+0x174/0x210 [ 247.423212][ T7522] ? __pfx___x64_sys_openat+0x10/0x10 [ 247.423262][ T7522] do_syscall_64+0xcd/0x490 [ 247.423307][ T7522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.423340][ T7522] RIP: 0033:0x7f0369d8e9a9 [ 247.423364][ T7522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.423395][ T7522] RSP: 002b:00007f036ab77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 247.423425][ T7522] RAX: ffffffffffffffda RBX: 00007f0369fb6080 RCX: 00007f0369d8e9a9 [ 247.423447][ T7522] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 247.423467][ T7522] RBP: 00007f0369e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 247.423485][ T7522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 247.423504][ T7522] R13: 0000000000000000 R14: 00007f0369fb6080 R15: 00007ffe36453098 [ 247.423547][ T7522] [ 247.975862][ T7522] ERROR: Out of memory at tomoyo_realpath_from_path. [ 248.086800][ T31] audit: type=1804 audit(4294967328.010:5): pid=7529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.391" name="/newroot/92/file0" dev="tmpfs" ino=497 res=1 errno=0 [ 248.368806][ T7534] kexec: Could not allocate control_code_buffer [ 249.834298][ T5909] smpboot: CPU 1 is now offline [ 250.866491][ T7554] warning: `syz.2.396' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 251.495932][ T7570] openvswitch: netlink: Flow key attribute not present in set flow. [ 251.850158][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.400'. [ 253.193787][ T7590] FAULT_INJECTION: forcing a failure. [ 253.193787][ T7590] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 253.393525][ T7590] CPU: 0 UID: 0 PID: 7590 Comm: syz.2.405 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 253.393558][ T7590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 253.393571][ T7590] Call Trace: [ 253.393579][ T7590] [ 253.393587][ T7590] dump_stack_lvl+0x16c/0x1f0 [ 253.393620][ T7590] should_fail_ex+0x512/0x640 [ 253.393649][ T7590] _copy_to_user+0x32/0xd0 [ 253.393679][ T7590] simple_read_from_buffer+0xcb/0x170 [ 253.393709][ T7590] proc_fail_nth_read+0x197/0x240 [ 253.393737][ T7590] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 253.393767][ T7590] ? rw_verify_area+0xcf/0x680 [ 253.393793][ T7590] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 253.393821][ T7590] vfs_read+0x1e1/0xc60 [ 253.393854][ T7590] ? __pfx___mutex_lock+0x10/0x10 [ 253.393884][ T7590] ? __pfx_vfs_read+0x10/0x10 [ 253.393921][ T7590] ? __fget_files+0x20e/0x3c0 [ 253.393957][ T7590] ksys_read+0x12a/0x250 [ 253.393986][ T7590] ? __pfx_ksys_read+0x10/0x10 [ 253.394024][ T7590] do_syscall_64+0xcd/0x490 [ 253.394055][ T7590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.394079][ T7590] RIP: 0033:0x7f6638f8d3bc [ 253.394096][ T7590] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 253.394119][ T7590] RSP: 002b:00007f6639d8e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 253.394139][ T7590] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8d3bc [ 253.394155][ T7590] RDX: 000000000000000f RSI: 00007f6639d8e0a0 RDI: 0000000000000004 [ 253.394168][ T7590] RBP: 00007f6639d8e090 R08: 0000000000000000 R09: 0000000000000000 [ 253.394182][ T7590] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001 [ 253.394195][ T7590] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 253.394224][ T7590] [ 253.852390][ T7593] FAULT_INJECTION: forcing a failure. [ 253.852390][ T7593] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 253.901355][ T7593] CPU: 0 UID: 0 PID: 7593 Comm: syz.3.407 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 253.901389][ T7593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 253.901403][ T7593] Call Trace: [ 253.901410][ T7593] [ 253.901418][ T7593] dump_stack_lvl+0x16c/0x1f0 [ 253.901451][ T7593] should_fail_ex+0x512/0x640 [ 253.901480][ T7593] _copy_from_user+0x2e/0xd0 [ 253.901509][ T7593] generic_map_delete_batch+0x439/0x700 [ 253.901553][ T7593] ? __pfx_generic_map_delete_batch+0x10/0x10 [ 253.901597][ T7593] ? __pfx_generic_map_delete_batch+0x10/0x10 [ 253.901637][ T7593] bpf_map_do_batch+0x4a9/0x680 [ 253.901671][ T7593] __sys_bpf+0x18ae/0x4de0 [ 253.901697][ T7593] ? __pfx___sys_bpf+0x10/0x10 [ 253.901719][ T7593] ? ksys_write+0x190/0x250 [ 253.901753][ T7593] ? __mutex_unlock_slowpath+0x163/0x800 [ 253.901801][ T7593] ? fput+0x70/0xf0 [ 253.901835][ T7593] ? ksys_write+0x1ac/0x250 [ 253.901864][ T7593] ? __pfx_ksys_write+0x10/0x10 [ 253.901899][ T7593] __x64_sys_bpf+0x78/0xc0 [ 253.901921][ T7593] ? lockdep_hardirqs_on+0x7c/0x110 [ 253.901949][ T7593] do_syscall_64+0xcd/0x490 [ 253.901979][ T7593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.902003][ T7593] RIP: 0033:0x7f0369d8e9a9 [ 253.902020][ T7593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.902042][ T7593] RSP: 002b:00007f036ab98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 253.902063][ T7593] RAX: ffffffffffffffda RBX: 00007f0369fb5fa0 RCX: 00007f0369d8e9a9 [ 253.902078][ T7593] RDX: 0000000000000092 RSI: 0000200000000380 RDI: 000000000000001b [ 253.902092][ T7593] RBP: 00007f036ab98090 R08: 0000000000000000 R09: 0000000000000000 [ 253.902105][ T7593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 253.902119][ T7593] R13: 0000000000000000 R14: 00007f0369fb5fa0 R15: 00007ffe36453098 [ 253.902147][ T7593] [ 256.970957][ T7615] random: crng reseeded on system resumption [ 257.884233][ T7600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 257.947764][ T7600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 258.276676][ T5845] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 258.902271][ T7631] FAULT_INJECTION: forcing a failure. [ 258.902271][ T7631] name failslab, interval 1, probability 0, space 0, times 0 [ 258.915275][ T7631] CPU: 0 UID: 0 PID: 7631 Comm: syz.3.416 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 258.915308][ T7631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 258.915321][ T7631] Call Trace: [ 258.915329][ T7631] [ 258.915337][ T7631] dump_stack_lvl+0x16c/0x1f0 [ 258.915372][ T7631] should_fail_ex+0x512/0x640 [ 258.915396][ T7631] ? __kernel_text_address+0xd/0x40 [ 258.915438][ T7631] should_failslab+0xc2/0x120 [ 258.915475][ T7631] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 258.915508][ T7631] ? skb_clone+0x190/0x3f0 [ 258.915541][ T7631] skb_clone+0x190/0x3f0 [ 258.915571][ T7631] dev_queue_xmit_nit+0x3e7/0xca0 [ 258.915609][ T7631] dev_hard_start_xmit+0x5c3/0x740 [ 258.915632][ T7631] ? skb_clone+0x190/0x3f0 [ 258.915663][ T7631] __dev_queue_xmit+0xa46/0x4490 [ 258.915699][ T7631] ? __pfx___dev_queue_xmit+0x10/0x10 [ 258.915745][ T7631] ? __asan_memcpy+0x3c/0x60 [ 258.915774][ T7631] ? __asan_memcpy+0x3c/0x60 [ 258.915802][ T7631] ? __skb_clone+0x570/0x760 [ 258.915833][ T7631] netlink_deliver_tap+0xa87/0xd30 [ 258.915879][ T7631] netlink_unicast+0x64c/0x870 [ 258.915914][ T7631] ? __pfx_netlink_unicast+0x10/0x10 [ 258.915956][ T7631] netlink_sendmsg+0x8d1/0xdd0 [ 258.915991][ T7631] ? __pfx_netlink_sendmsg+0x10/0x10 [ 258.916033][ T7631] ____sys_sendmsg+0xa95/0xc70 [ 258.916071][ T7631] ? copy_msghdr_from_user+0x10a/0x160 [ 258.916100][ T7631] ? __pfx_____sys_sendmsg+0x10/0x10 [ 258.916140][ T7631] ? kfree+0x24f/0x4d0 [ 258.916166][ T7631] ? futex_unqueue+0x133/0x2c0 [ 258.916199][ T7631] ___sys_sendmsg+0x134/0x1d0 [ 258.916229][ T7631] ? __pfx____sys_sendmsg+0x10/0x10 [ 258.916285][ T7631] ? __pfx___might_resched+0x10/0x10 [ 258.916316][ T7631] __sys_sendmmsg+0x200/0x420 [ 258.916349][ T7631] ? __pfx___sys_sendmmsg+0x10/0x10 [ 258.916387][ T7631] ? __pfx_do_futex+0x10/0x10 [ 258.916433][ T7631] ? xfd_validate_state+0x61/0x180 [ 258.916473][ T7631] __x64_sys_sendmmsg+0x9c/0x100 [ 258.916502][ T7631] ? lockdep_hardirqs_on+0x7c/0x110 [ 258.916530][ T7631] do_syscall_64+0xcd/0x490 [ 258.916561][ T7631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.916585][ T7631] RIP: 0033:0x7f0369d8e9a9 [ 258.916603][ T7631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.916626][ T7631] RSP: 002b:00007f036ab98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 258.916647][ T7631] RAX: ffffffffffffffda RBX: 00007f0369fb5fa0 RCX: 00007f0369d8e9a9 [ 258.916662][ T7631] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 258.916676][ T7631] RBP: 00007f0369e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 258.916690][ T7631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 258.916703][ T7631] R13: 0000000000000000 R14: 00007f0369fb5fa0 R15: 00007ffe36453098 [ 258.916732][ T7631] [ 262.706685][ T7676] random: crng reseeded on system resumption [ 263.091411][ T7666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 263.205529][ T7666] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 264.546256][ T5845] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 264.939224][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 264.946541][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.396642][ T7729] random: crng reseeded on system resumption [ 268.233992][ T7755] kernel read not supported for file /gMQ_g _N{7vGlq wĉu}OUVW.uw.`O:KdYѮaj7nwKQHg[壣%'ϖX:DktހX [$O8 bŹ9F@eMU;$Q8҇ŝ赵DtS^0YJpu (pid: 7755 comm: syz.2.447) [ 268.325379][ T31] audit: type=1800 audit(4294967348.270:6): pid=7755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.447" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=17996 res=0 errno=0 [ 268.389747][ T7761] FAULT_INJECTION: forcing a failure. [ 268.389747][ T7761] name fail_futex, interval 1, probability 0, space 0, times 0 [ 268.461747][ T7761] CPU: 0 UID: 0 PID: 7761 Comm: syz.2.447 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 268.461782][ T7761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 268.461796][ T7761] Call Trace: [ 268.461803][ T7761] [ 268.461812][ T7761] dump_stack_lvl+0x16c/0x1f0 [ 268.461846][ T7761] should_fail_ex+0x512/0x640 [ 268.461875][ T7761] get_futex_key+0x1d0/0x1540 [ 268.461908][ T7761] ? __pfx_get_futex_key+0x10/0x10 [ 268.461938][ T7761] ? __lock_acquire+0xb8a/0x1c90 [ 268.461975][ T7761] futex_wait_setup+0x9d/0x550 [ 268.462019][ T7761] __futex_wait+0x194/0x2f0 [ 268.462055][ T7761] ? __pfx___futex_wait+0x10/0x10 [ 268.462089][ T7761] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 268.462120][ T7761] ? __pfx_futex_wake_mark+0x10/0x10 [ 268.462160][ T7761] ? futex_private_hash_put+0x176/0x300 [ 268.462191][ T7761] ? futex_private_hash_put+0x18a/0x300 [ 268.462223][ T7761] futex_wait+0xe8/0x380 [ 268.462260][ T7761] ? __pfx_futex_wait+0x10/0x10 [ 268.462302][ T7761] ? group_send_sig_info+0x11f/0x300 [ 268.462331][ T7761] ? __pfx_group_send_sig_info+0x10/0x10 [ 268.462359][ T7761] ? lock_acquire+0x179/0x350 [ 268.462401][ T7761] do_futex+0x229/0x350 [ 268.462432][ T7761] ? __pfx_do_futex+0x10/0x10 [ 268.462462][ T7761] ? do_raw_read_unlock+0x44/0xe0 [ 268.462499][ T7761] ? _raw_read_unlock+0x28/0x50 [ 268.462531][ T7761] __x64_sys_futex+0x1e0/0x4c0 [ 268.462565][ T7761] ? __pfx___x64_sys_futex+0x10/0x10 [ 268.462607][ T7761] do_syscall_64+0xcd/0x490 [ 268.462639][ T7761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.462663][ T7761] RIP: 0033:0x7f6638f8e9a9 [ 268.462681][ T7761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.462703][ T7761] RSP: 002b:00007f6639d6d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 268.462725][ T7761] RAX: ffffffffffffffda RBX: 00007f66391b6088 RCX: 00007f6638f8e9a9 [ 268.462740][ T7761] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f66391b6088 [ 268.462754][ T7761] RBP: 00007f66391b6080 R08: 0000000000000000 R09: 0000000000000000 [ 268.462768][ T7761] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f66391b608c [ 268.462781][ T7761] R13: 0000000000000000 R14: 00007fffce862bf0 R15: 00007fffce862cd8 [ 268.462810][ T7761] [ 269.222182][ T7767] Invalid ELF header magic: != ELF [ 269.457454][ T7767] FAULT_INJECTION: forcing a failure. [ 269.457454][ T7767] name fail_futex, interval 1, probability 0, space 0, times 0 [ 269.474308][ T7767] CPU: 0 UID: 0 PID: 7767 Comm: syz.2.448 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 269.474341][ T7767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 269.474355][ T7767] Call Trace: [ 269.474362][ T7767] [ 269.474371][ T7767] dump_stack_lvl+0x16c/0x1f0 [ 269.474404][ T7767] should_fail_ex+0x512/0x640 [ 269.474432][ T7767] get_futex_key+0x1d0/0x1540 [ 269.474461][ T7767] ? find_held_lock+0x2b/0x80 [ 269.474483][ T7767] ? __pfx_get_futex_key+0x10/0x10 [ 269.474512][ T7767] ? __mutex_trylock_common+0xe9/0x250 [ 269.474550][ T7767] futex_wake+0xea/0x530 [ 269.474586][ T7767] ? __pfx_futex_wake+0x10/0x10 [ 269.474617][ T7767] ? __lock_acquire+0xb8a/0x1c90 [ 269.474660][ T7767] do_futex+0x1e3/0x350 [ 269.474689][ T7767] ? __pfx_do_futex+0x10/0x10 [ 269.474716][ T7767] ? __might_fault+0xe3/0x190 [ 269.474755][ T7767] mm_release+0x24e/0x300 [ 269.474781][ T7767] do_exit+0x68e/0x2bf0 [ 269.474818][ T7767] ? __pfx_do_exit+0x10/0x10 [ 269.474849][ T7767] ? do_raw_spin_lock+0x12c/0x2b0 [ 269.474883][ T7767] ? find_held_lock+0x2b/0x80 [ 269.474910][ T7767] do_group_exit+0xd3/0x2a0 [ 269.474944][ T7767] get_signal+0x2673/0x26d0 [ 269.474982][ T7767] ? __pfx_get_signal+0x10/0x10 [ 269.475006][ T7767] ? do_futex+0x122/0x350 [ 269.475034][ T7767] ? __pfx_do_futex+0x10/0x10 [ 269.475072][ T7767] arch_do_signal_or_restart+0x8f/0x790 [ 269.475104][ T7767] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 269.475141][ T7767] ? ksys_mmap_pgoff+0x85/0x5c0 [ 269.475161][ T7767] ? xfd_validate_state+0x61/0x180 [ 269.475202][ T7767] exit_to_user_mode_loop+0x84/0x110 [ 269.475237][ T7767] do_syscall_64+0x3f6/0x490 [ 269.475270][ T7767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.475293][ T7767] RIP: 0033:0x7f6638f8e9a9 [ 269.475311][ T7767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.475332][ T7767] RSP: 002b:00007f6639d8e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 269.475354][ T7767] RAX: fffffffffffffe00 RBX: 00007f66391b5fa8 RCX: 00007f6638f8e9a9 [ 269.475369][ T7767] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f66391b5fa8 [ 269.475382][ T7767] RBP: 00007f66391b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 269.475396][ T7767] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f66391b5fac [ 269.475410][ T7767] R13: 0000000000000000 R14: 00007fffce862bf0 R15: 00007fffce862cd8 [ 269.475438][ T7767] [ 270.969586][ T7788] FAULT_INJECTION: forcing a failure. [ 270.969586][ T7788] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 270.969665][ T7788] CPU: 0 UID: 0 PID: 7788 Comm: syz.2.455 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 270.969695][ T7788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 270.969709][ T7788] Call Trace: [ 270.969716][ T7788] [ 270.969725][ T7788] dump_stack_lvl+0x16c/0x1f0 [ 270.969762][ T7788] should_fail_ex+0x512/0x640 [ 270.969791][ T7788] should_fail_alloc_page+0xe7/0x130 [ 270.969830][ T7788] prepare_alloc_pages+0x3c2/0x610 [ 270.969856][ T7788] ? rcu_is_watching+0x12/0xc0 [ 270.969882][ T7788] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 270.969919][ T7788] ? mark_held_locks+0x49/0x80 [ 270.969949][ T7788] ? finish_task_switch.isra.0+0x221/0xc10 [ 270.969974][ T7788] ? lockdep_hardirqs_on+0x7c/0x110 [ 270.970002][ T7788] ? finish_task_switch.isra.0+0x221/0xc10 [ 270.970030][ T7788] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 270.970063][ T7788] ? __lock_acquire+0x622/0x1c90 [ 270.970111][ T7788] ? __lock_acquire+0x622/0x1c90 [ 270.970144][ T7788] ? __lock_acquire+0x622/0x1c90 [ 270.970175][ T7788] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 270.970214][ T7788] ? policy_nodemask+0xea/0x4e0 [ 270.970253][ T7788] alloc_pages_mpol+0x1fb/0x550 [ 270.970290][ T7788] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 270.970335][ T7788] folio_alloc_mpol_noprof+0x36/0x2f0 [ 270.970361][ T7788] vma_alloc_folio_noprof+0xed/0x1e0 [ 270.970384][ T7788] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 270.970407][ T7788] ? find_held_lock+0x2b/0x80 [ 270.970430][ T7788] ? __handle_mm_fault+0x1092/0x5390 [ 270.970464][ T7788] __handle_mm_fault+0x2f21/0x5390 [ 270.970500][ T7788] ? __pfx___handle_mm_fault+0x10/0x10 [ 270.970529][ T7788] ? __pte_offset_map_lock+0x174/0x310 [ 270.970568][ T7788] ? find_held_lock+0x2b/0x80 [ 270.970589][ T7788] ? find_held_lock+0x2b/0x80 [ 270.970619][ T7788] ? follow_page_pte+0x3af/0x14c0 [ 270.970653][ T7788] handle_mm_fault+0x589/0xd10 [ 270.970688][ T7788] __get_user_pages+0x589/0x3b80 [ 270.970719][ T7788] ? __pfx_mt_find+0x10/0x10 [ 270.970752][ T7788] ? __pfx___get_user_pages+0x10/0x10 [ 270.970786][ T7788] populate_vma_page_range+0x278/0x3a0 [ 270.970814][ T7788] ? __pfx_populate_vma_page_range+0x10/0x10 [ 270.970839][ T7788] ? __pfx_find_vma_intersection+0x10/0x10 [ 270.970864][ T7788] ? do_mmap+0x69c/0x1210 [ 270.970890][ T7788] __mm_populate+0x1d8/0x380 [ 270.970916][ T7788] ? __pfx___mm_populate+0x10/0x10 [ 270.970943][ T7788] ? up_write+0x1b2/0x520 [ 270.970981][ T7788] vm_mmap_pgoff+0x362/0x450 [ 270.971022][ T7788] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 270.971057][ T7788] ? __sock_release+0x20b/0x270 [ 270.971101][ T7788] ? __x64_sys_futex+0x1e0/0x4c0 [ 270.971130][ T7788] ? __x64_sys_futex+0x1e9/0x4c0 [ 270.971164][ T7788] ksys_mmap_pgoff+0x7d/0x5c0 [ 270.971185][ T7788] ? xfd_validate_state+0x61/0x180 [ 270.971225][ T7788] __x64_sys_mmap+0x125/0x190 [ 270.971265][ T7788] do_syscall_64+0xcd/0x490 [ 270.971297][ T7788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.971321][ T7788] RIP: 0033:0x7f6638f8e9a9 [ 270.971339][ T7788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.971362][ T7788] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 270.971383][ T7788] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 270.971399][ T7788] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 270.971413][ T7788] RBP: 00007f6639010d69 R08: ffffffffffffffff R09: 0000000000008000 [ 270.971428][ T7788] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 270.971442][ T7788] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 270.971471][ T7788] [ 271.028131][ T7789] Console: switching to colour VGA+ 80x25 [ 271.479889][ T7796] FAULT_INJECTION: forcing a failure. [ 271.479889][ T7796] name fail_futex, interval 1, probability 0, space 0, times 0 [ 271.479926][ T7796] CPU: 0 UID: 0 PID: 7796 Comm: syz.2.457 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 271.479955][ T7796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 271.479969][ T7796] Call Trace: [ 271.479976][ T7796] [ 271.479984][ T7796] dump_stack_lvl+0x16c/0x1f0 [ 271.480017][ T7796] should_fail_ex+0x512/0x640 [ 271.480041][ T7796] ? __pfx_stack_trace_save+0x10/0x10 [ 271.480081][ T7796] get_futex_key+0x1d0/0x1540 [ 271.480116][ T7796] ? __pfx_get_futex_key+0x10/0x10 [ 271.480145][ T7796] ? __lock_acquire+0xb8a/0x1c90 [ 271.480183][ T7796] futex_wait_setup+0x9d/0x550 [ 271.480227][ T7796] __futex_wait+0x194/0x2f0 [ 271.480263][ T7796] ? __pfx___futex_wait+0x10/0x10 [ 271.480303][ T7796] ? __pfx_futex_wake_mark+0x10/0x10 [ 271.480343][ T7796] ? futex_private_hash_put+0x176/0x300 [ 271.480374][ T7796] ? futex_private_hash_put+0x18a/0x300 [ 271.480404][ T7796] futex_wait+0xe8/0x380 [ 271.480439][ T7796] ? __pfx_futex_wait+0x10/0x10 [ 271.480480][ T7796] ? group_send_sig_info+0x11f/0x300 [ 271.480510][ T7796] ? __pfx_group_send_sig_info+0x10/0x10 [ 271.480559][ T7796] ? lock_acquire+0x179/0x350 [ 271.480593][ T7796] do_futex+0x229/0x350 [ 271.480623][ T7796] ? __pfx_do_futex+0x10/0x10 [ 271.480652][ T7796] ? do_raw_read_unlock+0x44/0xe0 [ 271.480689][ T7796] ? _raw_read_unlock+0x28/0x50 [ 271.480745][ T7796] __x64_sys_futex+0x1e0/0x4c0 [ 271.480779][ T7796] ? __pfx___x64_sys_futex+0x10/0x10 [ 271.480821][ T7796] do_syscall_64+0xcd/0x490 [ 271.480853][ T7796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.480877][ T7796] RIP: 0033:0x7f6638f8e9a9 [ 271.480896][ T7796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.480918][ T7796] RSP: 002b:00007f6639d8e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 271.480940][ T7796] RAX: ffffffffffffffda RBX: 00007f66391b5fa8 RCX: 00007f6638f8e9a9 [ 271.480955][ T7796] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f66391b5fa8 [ 271.480969][ T7796] RBP: 00007f66391b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 271.480983][ T7796] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f66391b5fac [ 271.480997][ T7796] R13: 0000000000000000 R14: 00007fffce862bf0 R15: 00007fffce862cd8 [ 271.481025][ T7796] [ 275.415997][ T5845] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 276.012223][ T7841] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 280.151619][ T7894] kernel read not supported for file /gMQ_g _N{7vGlq wĉu}OUVW.uw.`O:KdYѮaj7nwKQHg[壣%'ϖX:DktހX [$O8 bŹ9F@eMU;$Q8҇ŝ赵DtS^0YJpu (pid: 7894 comm: syz.0.482) [ 280.327302][ T31] audit: type=1800 audit(4294967360.270:7): pid=7894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.482" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=18918 res=0 errno=0 [ 280.420576][ T7896] FAULT_INJECTION: forcing a failure. [ 280.420576][ T7896] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 280.488464][ T7896] CPU: 0 UID: 0 PID: 7896 Comm: syz.0.482 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 280.488499][ T7896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 280.488513][ T7896] Call Trace: [ 280.488520][ T7896] [ 280.488528][ T7896] dump_stack_lvl+0x16c/0x1f0 [ 280.488563][ T7896] should_fail_ex+0x512/0x640 [ 280.488593][ T7896] _copy_from_user+0x2e/0xd0 [ 280.488623][ T7896] restore_altstack+0x93/0x170 [ 280.488658][ T7896] ? __pfx_restore_altstack+0x10/0x10 [ 280.488693][ T7896] ? _raw_spin_unlock_irq+0x23/0x50 [ 280.488717][ T7896] ? lockdep_hardirqs_on+0x7c/0x110 [ 280.488745][ T7896] ? _raw_spin_unlock_irq+0x2e/0x50 [ 280.488769][ T7896] ? set_current_blocked+0xdd/0x120 [ 280.488792][ T7896] __do_sys_rt_sigreturn+0x13c/0x230 [ 280.488824][ T7896] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 280.488864][ T7896] do_syscall_64+0xcd/0x490 [ 280.488895][ T7896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.488919][ T7896] RIP: 0033:0x7fd857d2ab89 [ 280.488938][ T7896] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 280.488960][ T7896] RSP: 002b:00007fd858b25a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 280.488982][ T7896] RAX: ffffffffffffffda RBX: 00007fd857fb6080 RCX: 00007fd857d2ab89 [ 280.488997][ T7896] RDX: 00007fd858b25a80 RSI: 00007fd858b25bb0 RDI: 0000000000000011 [ 280.489012][ T7896] RBP: 00007fd857e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 280.489025][ T7896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.489039][ T7896] R13: 0000000000000000 R14: 00007fd857fb6080 R15: 00007ffd900e4998 [ 280.489068][ T7896] [ 281.697790][ T7910] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 282.545445][ T7913] svc: failed to register nfsdv3 RPC service (errno 512). [ 282.626157][ T7913] svc: failed to register nfsaclv3 RPC service (errno 512). [ 283.502060][ T7931] Console: switching to colour frame buffer device 128x48 [ 283.695331][ T7928] Console: switching to colour VGA+ 80x25 [ 284.853457][ T7961] ICMPv6: process `syz.1.495' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 287.610645][ T8002] FAULT_INJECTION: forcing a failure. [ 287.610645][ T8002] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.610684][ T8002] CPU: 0 UID: 0 PID: 8002 Comm: syz.0.503 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 287.610713][ T8002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 287.610727][ T8002] Call Trace: [ 287.610735][ T8002] [ 287.610743][ T8002] dump_stack_lvl+0x16c/0x1f0 [ 287.610776][ T8002] should_fail_ex+0x512/0x640 [ 287.610805][ T8002] _copy_from_user+0x2e/0xd0 [ 287.610835][ T8002] restore_altstack+0x93/0x170 [ 287.610869][ T8002] ? __pfx_restore_altstack+0x10/0x10 [ 287.610907][ T8002] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.610932][ T8002] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.610960][ T8002] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.610984][ T8002] ? set_current_blocked+0xdd/0x120 [ 287.611008][ T8002] __do_sys_rt_sigreturn+0x13c/0x230 [ 287.611039][ T8002] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 287.611079][ T8002] do_syscall_64+0xcd/0x490 [ 287.611110][ T8002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.611134][ T8002] RIP: 0033:0x7fd857d2ab89 [ 287.611151][ T8002] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 287.611174][ T8002] RSP: 002b:00007fd858b46a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 287.611195][ T8002] RAX: ffffffffffffffda RBX: 00007fd857fb5fa0 RCX: 00007fd857d2ab89 [ 287.611211][ T8002] RDX: 00007fd858b46a80 RSI: 00007fd858b46bb0 RDI: 0000000000000011 [ 287.611226][ T8002] RBP: 00007fd857e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 287.611240][ T8002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.611254][ T8002] R13: 0000000000000000 R14: 00007fd857fb5fa0 R15: 00007ffd900e4998 [ 287.611283][ T8002] [ 287.799596][ T8003] Console: switching to colour frame buffer device 128x48 [ 289.449957][ T7999] Console: switching to colour VGA+ 80x25 [ 289.812113][ T31] audit: type=1800 audit(4294967369.760:8): pid=8030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.512" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 291.013315][ T8038] FAULT_INJECTION: forcing a failure. [ 291.013315][ T8038] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 291.228775][ T8038] CPU: 0 UID: 0 PID: 8038 Comm: syz.2.516 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 291.228809][ T8038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 291.228824][ T8038] Call Trace: [ 291.228831][ T8038] [ 291.228840][ T8038] dump_stack_lvl+0x16c/0x1f0 [ 291.228874][ T8038] should_fail_ex+0x512/0x640 [ 291.228902][ T8038] should_fail_alloc_page+0xe7/0x130 [ 291.228940][ T8038] prepare_alloc_pages+0x3c2/0x610 [ 291.228969][ T8038] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 291.229012][ T8038] ? __up_read+0x1f8/0x750 [ 291.229048][ T8038] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 291.229108][ T8038] __folio_alloc_noprof+0x11/0x220 [ 291.229140][ T8038] alloc_migration_target+0x2bf/0x770 [ 291.229181][ T8038] migrate_pages_batch+0x3bf/0x31a0 [ 291.229208][ T8038] ? __pfx_alloc_migration_target+0x10/0x10 [ 291.229256][ T8038] ? __pfx_migrate_pages_batch+0x10/0x10 [ 291.229289][ T8038] migrate_pages_sync+0x12d/0x8a0 [ 291.229313][ T8038] ? __pfx_alloc_migration_target+0x10/0x10 [ 291.229357][ T8038] ? __pfx_migrate_pages_sync+0x10/0x10 [ 291.229378][ T8038] ? __pfx_queue_pages_test_walk+0x10/0x10 [ 291.229422][ T8038] ? walk_page_range_mm+0x269/0x8a0 [ 291.229461][ T8038] migrate_pages+0x1b67/0x23b0 [ 291.229495][ T8038] ? __pfx_alloc_migration_target+0x10/0x10 [ 291.229540][ T8038] ? __pfx_migrate_pages+0x10/0x10 [ 291.229563][ T8038] ? queue_pages_range+0x11e/0x180 [ 291.229601][ T8038] ? __pfx___up_read+0x10/0x10 [ 291.229654][ T8038] ? do_migrate_pages+0x458/0x750 [ 291.229695][ T8038] do_migrate_pages+0x48e/0x750 [ 291.229738][ T8038] ? __pfx_do_migrate_pages+0x10/0x10 [ 291.229776][ T8038] ? rcu_is_watching+0x12/0xc0 [ 291.229803][ T8038] ? cap_capable+0xb3/0x250 [ 291.229837][ T8038] ? get_task_mm+0xc2/0xf0 [ 291.229862][ T8038] ? security_capable+0x250/0x260 [ 291.229921][ T8038] kernel_migrate_pages+0x55b/0x700 [ 291.229959][ T8038] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 291.230005][ T8038] __x64_sys_migrate_pages+0x96/0x100 [ 291.230043][ T8038] ? lockdep_hardirqs_on+0x7c/0x110 [ 291.230071][ T8038] do_syscall_64+0xcd/0x490 [ 291.230103][ T8038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.230128][ T8038] RIP: 0033:0x7f6638f8e9a9 [ 291.230146][ T8038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.230171][ T8038] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 291.230193][ T8038] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 291.230208][ T8038] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000 [ 291.230223][ T8038] RBP: 00007f6639010d69 R08: 0000000000000000 R09: 0000000000000000 [ 291.230237][ T8038] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 291.230252][ T8038] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 291.230282][ T8038] [ 291.517441][ C0] vkms_vblank_simulate: vblank timer overrun [ 293.624546][ T8081] FAULT_INJECTION: forcing a failure. [ 293.624546][ T8081] name failslab, interval 1, probability 0, space 0, times 0 [ 293.637290][ T8081] CPU: 0 UID: 0 PID: 8081 Comm: syz.0.525 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 293.637323][ T8081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 293.637338][ T8081] Call Trace: [ 293.637348][ T8081] [ 293.637356][ T8081] dump_stack_lvl+0x116/0x1f0 [ 293.637391][ T8081] should_fail_ex+0x512/0x640 [ 293.637421][ T8081] should_failslab+0xc2/0x120 [ 293.637458][ T8081] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 293.637493][ T8081] ? __send_signal_locked+0x159/0x12c0 [ 293.637532][ T8081] ? sig_get_ucounts+0x1c0/0x5b0 [ 293.637568][ T8081] __send_signal_locked+0x159/0x12c0 [ 293.637613][ T8081] group_send_sig_info+0x2a4/0x300 [ 293.637644][ T8081] ? __pfx_group_send_sig_info+0x10/0x10 [ 293.637681][ T8081] ? kill_pid_info_type+0x1a/0x2a0 [ 293.637709][ T8081] kill_pid_info_type+0x92/0x2a0 [ 293.637740][ T8081] kill_proc_info+0x6f/0x1b0 [ 293.637770][ T8081] kill_something_info+0x2a2/0x310 [ 293.637798][ T8081] ? __task_pid_nr_ns+0x186/0x500 [ 293.637835][ T8081] __x64_sys_kill+0xd7/0x140 [ 293.637866][ T8081] ? __pfx___x64_sys_kill+0x10/0x10 [ 293.637905][ T8081] ? rcu_is_watching+0x12/0xc0 [ 293.637931][ T8081] do_syscall_64+0xcd/0x490 [ 293.637964][ T8081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.637989][ T8081] RIP: 0033:0x7fd857d8e9a9 [ 293.638008][ T8081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.638032][ T8081] RSP: 002b:00007fd858b47038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 293.638054][ T8081] RAX: ffffffffffffffda RBX: 00007fd857fb5fa0 RCX: 00007fd857d8e9a9 [ 293.638069][ T8081] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00000000000001da [ 293.638083][ T8081] RBP: 00007fd857e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 293.638098][ T8081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.638112][ T8081] R13: 0000000000000000 R14: 00007fd857fb5fa0 R15: 00007ffd900e4998 [ 293.638141][ T8081] [ 293.837219][ C0] vkms_vblank_simulate: vblank timer overrun [ 293.901025][ T8088] netlink: 28 bytes leftover after parsing attributes in process `syz.2.527'. [ 294.144832][ T8088] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.543649][ T8088] bridge_slave_1 (unregistering): left allmulticast mode [ 295.562291][ T8088] bridge_slave_1 (unregistering): left promiscuous mode [ 295.582409][ T8088] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.429863][ T8110] netlink: 330 bytes leftover after parsing attributes in process `syz.3.531'. [ 296.784163][ T8110] : renamed from hsr0 (while UP) [ 301.913792][ T8160] capability: warning: `syz.1.545' uses 32-bit capabilities (legacy support in use) [ 301.989204][ T8162] random: crng reseeded on system resumption [ 305.575574][ T5845] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 306.169110][ T8217] FAULT_INJECTION: forcing a failure. [ 306.169110][ T8217] name failslab, interval 1, probability 0, space 0, times 0 [ 306.181762][ T8217] CPU: 0 UID: 0 PID: 8217 Comm: syz.1.557 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 306.181797][ T8217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 306.181823][ T8217] Call Trace: [ 306.181834][ T8217] [ 306.181844][ T8217] dump_stack_lvl+0x116/0x1f0 [ 306.181879][ T8217] should_fail_ex+0x512/0x640 [ 306.181909][ T8217] should_failslab+0xc2/0x120 [ 306.181992][ T8217] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 306.182027][ T8217] ? __send_signal_locked+0x159/0x12c0 [ 306.182067][ T8217] ? sig_get_ucounts+0x1c0/0x5b0 [ 306.182104][ T8217] __send_signal_locked+0x159/0x12c0 [ 306.182150][ T8217] group_send_sig_info+0x2a4/0x300 [ 306.182180][ T8217] ? __pfx_group_send_sig_info+0x10/0x10 [ 306.182218][ T8217] ? kill_pid_info_type+0x1a/0x2a0 [ 306.182246][ T8217] kill_pid_info_type+0x92/0x2a0 [ 306.182278][ T8217] kill_proc_info+0x6f/0x1b0 [ 306.182308][ T8217] kill_something_info+0x2a2/0x310 [ 306.182336][ T8217] ? __task_pid_nr_ns+0x186/0x500 [ 306.182373][ T8217] __x64_sys_kill+0xd7/0x140 [ 306.182404][ T8217] ? __pfx___x64_sys_kill+0x10/0x10 [ 306.182443][ T8217] ? rcu_is_watching+0x12/0xc0 [ 306.182470][ T8217] do_syscall_64+0xcd/0x490 [ 306.182502][ T8217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.182527][ T8217] RIP: 0033:0x7f8d7f18e9a9 [ 306.182547][ T8217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.182571][ T8217] RSP: 002b:00007f8d7ffc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 306.182592][ T8217] RAX: ffffffffffffffda RBX: 00007f8d7f3b5fa0 RCX: 00007f8d7f18e9a9 [ 306.182608][ T8217] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000228 [ 306.182622][ T8217] RBP: 00007f8d7f210d69 R08: 0000000000000000 R09: 0000000000000000 [ 306.182637][ T8217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.182651][ T8217] R13: 0000000000000000 R14: 00007f8d7f3b5fa0 R15: 00007ffeebc05628 [ 306.182681][ T8217] [ 308.234599][ T8236] netlink: 'syz.1.561': attribute type 1 has an invalid length. [ 308.292643][ T8242] block nbd0: not configured, cannot reconfigure [ 308.394903][ T8246] netlink: 342 bytes leftover after parsing attributes in process `syz.3.562'. [ 308.645332][ T8249] bridge0: port 2(dummy0) entered blocking state [ 308.726603][ T8249] bridge0: port 2(dummy0) entered disabled state [ 308.802590][ T8249] dummy0: entered allmulticast mode [ 308.871521][ T8249] dummy0: entered promiscuous mode [ 308.927893][ T8249] bridge0: port 2(dummy0) entered blocking state [ 308.934561][ T8249] bridge0: port 2(dummy0) entered forwarding state [ 310.122636][ T8263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.567'. [ 310.488761][ T8272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.569'. [ 310.550082][ T8275] netlink: 25 bytes leftover after parsing attributes in process `syz.3.569'. [ 311.630086][ T8288] FAULT_INJECTION: forcing a failure. [ 311.630086][ T8288] name failslab, interval 1, probability 0, space 0, times 0 [ 311.716969][ T8288] CPU: 0 UID: 0 PID: 8288 Comm: syz.2.576 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 311.717003][ T8288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 311.717018][ T8288] Call Trace: [ 311.717025][ T8288] [ 311.717034][ T8288] dump_stack_lvl+0x16c/0x1f0 [ 311.717069][ T8288] should_fail_ex+0x512/0x640 [ 311.717093][ T8288] ? __kvmalloc_node_noprof+0x124/0x620 [ 311.717128][ T8288] should_failslab+0xc2/0x120 [ 311.717164][ T8288] __kvmalloc_node_noprof+0x137/0x620 [ 311.717194][ T8288] ? lockdep_init_map_type+0x5c/0x280 [ 311.717228][ T8288] ? alloc_netdev_mqs+0xc82/0x1500 [ 311.717263][ T8288] ? alloc_netdev_mqs+0xc82/0x1500 [ 311.717292][ T8288] alloc_netdev_mqs+0xc82/0x1500 [ 311.717328][ T8288] ppp_ioctl+0x1761/0x2660 [ 311.717369][ T8288] ? find_held_lock+0x2b/0x80 [ 311.717391][ T8288] ? __pfx_ppp_ioctl+0x10/0x10 [ 311.717434][ T8288] ? __fget_files+0x20e/0x3c0 [ 311.717467][ T8288] ? __pfx_ppp_ioctl+0x10/0x10 [ 311.717516][ T8288] __x64_sys_ioctl+0x18e/0x210 [ 311.717543][ T8288] do_syscall_64+0xcd/0x490 [ 311.717576][ T8288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.717600][ T8288] RIP: 0033:0x7f6638f8e9a9 [ 311.717618][ T8288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.717642][ T8288] RSP: 002b:00007f6639d8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 311.717664][ T8288] RAX: ffffffffffffffda RBX: 00007f66391b5fa0 RCX: 00007f6638f8e9a9 [ 311.717680][ T8288] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000004 [ 311.717694][ T8288] RBP: 00007f6639010d69 R08: 0000000000000000 R09: 0000000000000000 [ 311.717708][ T8288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 311.717722][ T8288] R13: 0000000000000000 R14: 00007f66391b5fa0 R15: 00007fffce862cd8 [ 311.717752][ T8288] [ 313.173181][ T8305] netlink: 4 bytes leftover after parsing attributes in process `syz.3.579'. [ 313.764247][ T8309] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 316.774042][ T5845] Bluetooth: hci1: Malformed Event: 0x02 [ 317.534516][ T8355] random: crng reseeded on system resumption [ 319.307805][ T8370] ICMPv6: process `syz.0.595' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 319.747055][ T5845] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 320.121245][ T8376] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 320.347391][ T8387] FAULT_INJECTION: forcing a failure. [ 320.347391][ T8387] name failslab, interval 1, probability 0, space 0, times 0 [ 320.420020][ T8387] CPU: 0 UID: 0 PID: 8387 Comm: syz.1.598 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 320.420056][ T8387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 320.420071][ T8387] Call Trace: [ 320.420079][ T8387] [ 320.420088][ T8387] dump_stack_lvl+0x16c/0x1f0 [ 320.420123][ T8387] should_fail_ex+0x512/0x640 [ 320.420147][ T8387] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 320.420184][ T8387] should_failslab+0xc2/0x120 [ 320.420221][ T8387] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 320.420253][ T8387] ? __lock_acquire+0x622/0x1c90 [ 320.420283][ T8387] ? sk_prot_alloc+0x60/0x2a0 [ 320.420322][ T8387] sk_prot_alloc+0x60/0x2a0 [ 320.420359][ T8387] sk_alloc+0x36/0xc20 [ 320.420386][ T8387] __vsock_create.constprop.0+0x3c/0xbb0 [ 320.420413][ T8387] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 320.420452][ T8387] vsock_create+0x139/0x500 [ 320.420483][ T8387] __sock_create+0x335/0x8d0 [ 320.420525][ T8387] __sys_socket+0x14d/0x260 [ 320.420547][ T8387] ? __pfx___sys_socket+0x10/0x10 [ 320.420568][ T8387] ? xfd_validate_state+0x61/0x180 [ 320.420602][ T8387] ? __sys_setsockopt+0x140/0x1a0 [ 320.420634][ T8387] __x64_sys_socket+0x72/0xb0 [ 320.420654][ T8387] ? lockdep_hardirqs_on+0x7c/0x110 [ 320.420682][ T8387] do_syscall_64+0xcd/0x490 [ 320.420714][ T8387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.420738][ T8387] RIP: 0033:0x7f8d7f18e9a9 [ 320.420756][ T8387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.420780][ T8387] RSP: 002b:00007f8d7ffc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 320.420811][ T8387] RAX: ffffffffffffffda RBX: 00007f8d7f3b5fa0 RCX: 00007f8d7f18e9a9 [ 320.420828][ T8387] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028 [ 320.420842][ T8387] RBP: 00007f8d7f210d69 R08: 0000000000000000 R09: 0000000000000000 [ 320.420857][ T8387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.420871][ T8387] R13: 0000000000000000 R14: 00007f8d7f3b5fa0 R15: 00007ffeebc05628 [ 320.420900][ T8387] [ 323.396361][ T8443] netlink: 4 bytes leftover after parsing attributes in process `syz.1.602'. [ 325.633617][ T5845] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 326.339985][ T8469] FAULT_INJECTION: forcing a failure. [ 326.339985][ T8469] name failslab, interval 1, probability 0, space 0, times 0 [ 326.359926][ T8469] CPU: 0 UID: 0 PID: 8469 Comm: syz.0.607 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 326.359960][ T8469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 326.359974][ T8469] Call Trace: [ 326.359984][ T8469] [ 326.359994][ T8469] dump_stack_lvl+0x116/0x1f0 [ 326.360030][ T8469] should_fail_ex+0x512/0x640 [ 326.360060][ T8469] should_failslab+0xc2/0x120 [ 326.360097][ T8469] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 326.360131][ T8469] ? __send_signal_locked+0x159/0x12c0 [ 326.360170][ T8469] ? sig_get_ucounts+0x1c0/0x5b0 [ 326.360207][ T8469] __send_signal_locked+0x159/0x12c0 [ 326.360259][ T8469] group_send_sig_info+0x2a4/0x300 [ 326.360289][ T8469] ? __pfx_group_send_sig_info+0x10/0x10 [ 326.360326][ T8469] ? kill_pid_info_type+0x1a/0x2a0 [ 326.360354][ T8469] kill_pid_info_type+0x92/0x2a0 [ 326.360387][ T8469] kill_proc_info+0x6f/0x1b0 [ 326.360417][ T8469] kill_something_info+0x2a2/0x310 [ 326.360446][ T8469] ? __task_pid_nr_ns+0x186/0x500 [ 326.360483][ T8469] __x64_sys_kill+0xd7/0x140 [ 326.360514][ T8469] ? __pfx___x64_sys_kill+0x10/0x10 [ 326.360554][ T8469] ? rcu_is_watching+0x12/0xc0 [ 326.360580][ T8469] do_syscall_64+0xcd/0x490 [ 326.360613][ T8469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.360637][ T8469] RIP: 0033:0x7fd857d8e9a9 [ 326.360657][ T8469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.360680][ T8469] RSP: 002b:00007fd858b47038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 326.360703][ T8469] RAX: ffffffffffffffda RBX: 00007fd857fb5fa0 RCX: 00007fd857d8e9a9 [ 326.360719][ T8469] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000020b [ 326.360733][ T8469] RBP: 00007fd857e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 326.360748][ T8469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.360762][ T8469] R13: 0000000000000000 R14: 00007fd857fb5fa0 R15: 00007ffd900e4998 [ 326.360798][ T8469] [ 327.668887][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.687639][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 331.062837][ T8505] netlink: 206 bytes leftover after parsing attributes in process `syz.2.616'. [ 331.323339][ T8503] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 332.702175][ T8526] random: crng reseeded on system resumption [ 335.767796][ T8545] FAULT_INJECTION: forcing a failure. [ 335.767796][ T8545] name failslab, interval 1, probability 0, space 0, times 0 [ 335.780440][ T8545] CPU: 0 UID: 0 PID: 8545 Comm: syz.1.623 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 335.780473][ T8545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 335.780487][ T8545] Call Trace: [ 335.780496][ T8545] [ 335.780519][ T8545] dump_stack_lvl+0x116/0x1f0 [ 335.780555][ T8545] should_fail_ex+0x512/0x640 [ 335.780585][ T8545] should_failslab+0xc2/0x120 [ 335.780623][ T8545] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 335.780657][ T8545] ? __send_signal_locked+0x159/0x12c0 [ 335.780697][ T8545] ? sig_get_ucounts+0x1c0/0x5b0 [ 335.780733][ T8545] __send_signal_locked+0x159/0x12c0 [ 335.780779][ T8545] group_send_sig_info+0x2a4/0x300 [ 335.780809][ T8545] ? __pfx_group_send_sig_info+0x10/0x10 [ 335.780847][ T8545] ? kill_pid_info_type+0x1a/0x2a0 [ 335.780874][ T8545] kill_pid_info_type+0x92/0x2a0 [ 335.780906][ T8545] kill_proc_info+0x6f/0x1b0 [ 335.780936][ T8545] kill_something_info+0x2a2/0x310 [ 335.780964][ T8545] ? __task_pid_nr_ns+0x186/0x500 [ 335.781001][ T8545] __x64_sys_kill+0xd7/0x140 [ 335.781032][ T8545] ? __pfx___x64_sys_kill+0x10/0x10 [ 335.781071][ T8545] ? rcu_is_watching+0x12/0xc0 [ 335.781097][ T8545] do_syscall_64+0xcd/0x490 [ 335.781130][ T8545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.781155][ T8545] RIP: 0033:0x7f8d7f18e9a9 [ 335.781175][ T8545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.781198][ T8545] RSP: 002b:00007f8d7ffc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 335.781220][ T8545] RAX: ffffffffffffffda RBX: 00007f8d7f3b5fa0 RCX: 00007f8d7f18e9a9 [ 335.781237][ T8545] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000286 [ 335.781251][ T8545] RBP: 00007f8d7f210d69 R08: 0000000000000000 R09: 0000000000000000 [ 335.781266][ T8545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.781281][ T8545] R13: 0000000000000000 R14: 00007f8d7f3b5fa0 R15: 00007ffeebc05628 [ 335.781310][ T8545] [ 337.296972][ T8518] kexec: Could not allocate control_code_buffer [ 340.439746][ T8576] usb usb36: usbfs: process 8576 (syz.3.629) did not claim interface 0 before use [ 344.935741][ T8599] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 345.394892][ T8598] netlink: 12 bytes leftover after parsing attributes in process `syz.1.632'. [ 345.483969][ T8598] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 347.458746][ T8613] netlink: 350 bytes leftover after parsing attributes in process `syz.0.635'. [ 352.327471][ T8608] kexec: Could not allocate control_code_buffer [ 354.332067][ T8678] FAULT_INJECTION: forcing a failure. [ 354.332067][ T8678] name fail_futex, interval 1, probability 0, space 0, times 0 [ 354.524971][ T8678] CPU: 0 UID: 0 PID: 8678 Comm: syz.1.652 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 354.525017][ T8678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 354.525031][ T8678] Call Trace: [ 354.525039][ T8678] [ 354.525047][ T8678] dump_stack_lvl+0x16c/0x1f0 [ 354.525082][ T8678] should_fail_ex+0x512/0x640 [ 354.525111][ T8678] get_futex_key+0x1d0/0x1540 [ 354.525144][ T8678] ? __pfx_get_futex_key+0x10/0x10 [ 354.525172][ T8678] ? __pfx_prepare_signal+0x10/0x10 [ 354.525210][ T8678] ? rcu_is_watching+0x12/0xc0 [ 354.525243][ T8678] futex_wake+0xea/0x530 [ 354.525277][ T8678] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 354.525305][ T8678] ? __pfx_futex_wake+0x10/0x10 [ 354.525337][ T8678] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 354.525363][ T8678] ? group_send_sig_info+0x11f/0x300 [ 354.525394][ T8678] ? find_held_lock+0x2b/0x80 [ 354.525417][ T8678] ? kill_pid_info_type+0xea/0x2a0 [ 354.525449][ T8678] do_futex+0x1e3/0x350 [ 354.525479][ T8678] ? __pfx_do_futex+0x10/0x10 [ 354.525509][ T8678] ? kill_proc_info+0xa6/0x1b0 [ 354.525542][ T8678] __x64_sys_futex+0x1e0/0x4c0 [ 354.525577][ T8678] ? __pfx___x64_sys_futex+0x10/0x10 [ 354.525618][ T8678] do_syscall_64+0xcd/0x490 [ 354.525651][ T8678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.525674][ T8678] RIP: 0033:0x7f8d7f18e9a9 [ 354.525693][ T8678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.525716][ T8678] RSP: 002b:00007f8d7ffc30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 354.525738][ T8678] RAX: ffffffffffffffda RBX: 00007f8d7f3b5fa8 RCX: 00007f8d7f18e9a9 [ 354.525754][ T8678] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d7f3b5fac [ 354.525769][ T8678] RBP: 00007f8d7f3b5fa0 R08: 00007f8d7ffc4000 R09: 0000000000000000 [ 354.525783][ T8678] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d7f3b5fac [ 354.525798][ T8678] R13: 0000000000000000 R14: 00007ffeebc05540 R15: 00007ffeebc05628 [ 354.525827][ T8678] [ 355.109122][ T8684] kafs: addr_prefs: Too many elements in string [ 355.286777][ T8687] random: crng reseeded on system resumption [ 355.328805][ T8686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 355.349132][ T8686] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 356.960271][ T8706] [ 356.962641][ T8706] ====================================================== [ 356.969670][ T8706] WARNING: possible circular locking dependency detected [ 356.976704][ T8706] 6.16.0-syzkaller-06699-ge8d780dcd957 #0 Not tainted [ 356.983480][ T8706] ------------------------------------------------------ [ 356.990514][ T8706] syz.1.658/8706 is trying to acquire lock: [ 356.996414][ T8706] ffffffff8e75f680 (fs_reclaim){+.+.}-{0:0}, at: prepare_alloc_pages+0x162/0x610 [ 357.005585][ T8706] [ 357.005585][ T8706] but task is already holding lock: [ 357.012962][ T8706] ffffffff8e72b1a8 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470 [ 357.023580][ T8706] [ 357.023580][ T8706] which lock already depends on the new lock. [ 357.023580][ T8706] [ 357.034004][ T8706] [ 357.034004][ T8706] the existing dependency chain (in reverse order) is: [ 357.043038][ T8706] [ 357.043038][ T8706] -> #3 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 357.050825][ T8706] __mutex_lock+0x191/0x1070 [ 357.055961][ T8706] pcpu_alloc_noprof+0xb4c/0x1470 [ 357.061520][ T8706] sbitmap_init_node+0x2fd/0x770 [ 357.067010][ T8706] sbitmap_queue_init_node+0x41/0x560 [ 357.072932][ T8706] blk_mq_init_tags+0x12d/0x2b0 [ 357.078337][ T8706] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 357.084620][ T8706] blk_mq_init_sched+0x30c/0x610 [ 357.090111][ T8706] elevator_switch+0x1e1/0x7f0 [ 357.095426][ T8706] elevator_change+0x2ac/0x400 [ 357.100728][ T8706] elevator_set_default+0x2c4/0x360 [ 357.106468][ T8706] blk_register_queue+0x393/0x4f0 [ 357.112165][ T8706] __add_disk+0x74a/0xf00 [ 357.117032][ T8706] add_disk_fwnode+0x13f/0x5d0 [ 357.122352][ T8706] nbd_dev_add+0x783/0xbb0 [ 357.127307][ T8706] nbd_init+0x181/0x320 [ 357.131997][ T8706] do_one_initcall+0x120/0x6e0 [ 357.137304][ T8706] kernel_init_freeable+0x5c2/0x900 [ 357.143219][ T8706] kernel_init+0x1c/0x2b0 [ 357.148188][ T8706] ret_from_fork+0x5d7/0x6f0 [ 357.153427][ T8706] ret_from_fork_asm+0x1a/0x30 [ 357.158730][ T8706] [ 357.158730][ T8706] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 357.166587][ T8706] __mutex_lock+0x191/0x1070 [ 357.171771][ T8706] elevator_change+0x103/0x400 [ 357.177106][ T8706] elv_iosched_store+0x2eb/0x3a0 [ 357.182596][ T8706] queue_attr_store+0x268/0x310 [ 357.187983][ T8706] sysfs_kf_write+0xef/0x150 [ 357.193108][ T8706] kernfs_fop_write_iter+0x354/0x510 [ 357.198922][ T8706] vfs_write+0x6c4/0x1150 [ 357.203797][ T8706] ksys_write+0x12a/0x250 [ 357.208695][ T8706] do_syscall_64+0xcd/0x490 [ 357.213763][ T8706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.220195][ T8706] [ 357.220195][ T8706] -> #1 (&q->q_usage_counter(io)#18){++++}-{0:0}: [ 357.229004][ T8706] blk_alloc_queue+0x619/0x760 [ 357.234416][ T8706] blk_mq_alloc_queue+0x172/0x280 [ 357.239986][ T8706] __blk_mq_alloc_disk+0x29/0x120 [ 357.245551][ T8706] loop_add+0x490/0xb70 [ 357.250246][ T8706] loop_init+0x164/0x270 [ 357.255035][ T8706] do_one_initcall+0x120/0x6e0 [ 357.260349][ T8706] kernel_init_freeable+0x5c2/0x900 [ 357.266101][ T8706] kernel_init+0x1c/0x2b0 [ 357.271079][ T8706] ret_from_fork+0x5d7/0x6f0 [ 357.276217][ T8706] ret_from_fork_asm+0x1a/0x30 [ 357.281730][ T8706] [ 357.281730][ T8706] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 357.289111][ T8706] __lock_acquire+0x126f/0x1c90 [ 357.294599][ T8706] lock_acquire+0x179/0x350 [ 357.299644][ T8706] fs_reclaim_acquire+0x102/0x150 [ 357.305194][ T8706] prepare_alloc_pages+0x162/0x610 [ 357.310835][ T8706] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 357.317267][ T8706] __alloc_pages_noprof+0xb/0x1b0 [ 357.322914][ T8706] pcpu_populate_chunk+0x110/0xb00 [ 357.328565][ T8706] pcpu_alloc_noprof+0x86a/0x1470 [ 357.334136][ T8706] bpf_map_alloc_percpu+0x9a/0x4b0 [ 357.339793][ T8706] htab_map_alloc+0x10ca/0x1570 [ 357.345276][ T8706] map_create+0x58f/0x1db0 [ 357.351040][ T8706] __sys_bpf+0x44d2/0x4de0 [ 357.356013][ T8706] __x64_sys_bpf+0x78/0xc0 [ 357.360976][ T8706] do_syscall_64+0xcd/0x490 [ 357.366037][ T8706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.372548][ T8706] [ 357.372548][ T8706] other info that might help us debug this: [ 357.372548][ T8706] [ 357.382798][ T8706] Chain exists of: [ 357.382798][ T8706] fs_reclaim --> &q->elevator_lock --> pcpu_alloc_mutex [ 357.382798][ T8706] [ 357.395679][ T8706] Possible unsafe locking scenario: [ 357.395679][ T8706] [ 357.403130][ T8706] CPU0 CPU1 [ 357.408496][ T8706] ---- ---- [ 357.413863][ T8706] lock(pcpu_alloc_mutex); [ 357.418370][ T8706] lock(&q->elevator_lock); [ 357.425496][ T8706] lock(pcpu_alloc_mutex); [ 357.432531][ T8706] lock(fs_reclaim); [ 357.436516][ T8706] [ 357.436516][ T8706] *** DEADLOCK *** [ 357.436516][ T8706] [ 357.444830][ T8706] 1 lock held by syz.1.658/8706: [ 357.449767][ T8706] #0: ffffffff8e72b1a8 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470 [ 357.459806][ T8706] [ 357.459806][ T8706] stack backtrace: [ 357.465789][ T8706] CPU: 0 UID: 0 PID: 8706 Comm: syz.1.658 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) [ 357.465820][ T8706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 357.465835][ T8706] Call Trace: [ 357.465844][ T8706] [ 357.465853][ T8706] dump_stack_lvl+0x116/0x1f0 [ 357.465884][ T8706] print_circular_bug+0x275/0x350 [ 357.465916][ T8706] check_noncircular+0x14c/0x170 [ 357.465949][ T8706] __lock_acquire+0x126f/0x1c90 [ 357.465984][ T8706] lock_acquire+0x179/0x350 [ 357.466014][ T8706] ? prepare_alloc_pages+0x162/0x610 [ 357.466043][ T8706] fs_reclaim_acquire+0x102/0x150 [ 357.466066][ T8706] ? prepare_alloc_pages+0x162/0x610 [ 357.466090][ T8706] prepare_alloc_pages+0x162/0x610 [ 357.466113][ T8706] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 357.466148][ T8706] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 357.466183][ T8706] ? __lock_acquire+0x622/0x1c90 [ 357.466216][ T8706] ? do_raw_spin_unlock+0x172/0x230 [ 357.466253][ T8706] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 357.466289][ T8706] ? find_held_lock+0x2b/0x80 [ 357.466314][ T8706] ? find_held_lock+0x2b/0x80 [ 357.466335][ T8706] ? find_held_lock+0x2b/0x80 [ 357.466361][ T8706] __alloc_pages_noprof+0xb/0x1b0 [ 357.466393][ T8706] pcpu_populate_chunk+0x110/0xb00 [ 357.466421][ T8706] ? mark_held_locks+0x49/0x80 [ 357.466451][ T8706] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 357.466479][ T8706] pcpu_alloc_noprof+0x86a/0x1470 [ 357.466515][ T8706] bpf_map_alloc_percpu+0x9a/0x4b0 [ 357.466562][ T8706] htab_map_alloc+0x10ca/0x1570 [ 357.466591][ T8706] ? ns_capable+0xd7/0x110 [ 357.466615][ T8706] map_create+0x58f/0x1db0 [ 357.466656][ T8706] ? __pfx_map_create+0x10/0x10 [ 357.466691][ T8706] ? __might_fault+0xe3/0x190 [ 357.466721][ T8706] ? __might_fault+0xe3/0x190 [ 357.466751][ T8706] ? __might_fault+0x13b/0x190 [ 357.466792][ T8706] __sys_bpf+0x44d2/0x4de0 [ 357.466815][ T8706] ? __pfx___sys_bpf+0x10/0x10 [ 357.466836][ T8706] ? kmem_cache_free+0x2d1/0x4d0 [ 357.466870][ T8706] ? do_futex+0x122/0x350 [ 357.466900][ T8706] ? __pfx_do_futex+0x10/0x10 [ 357.466934][ T8706] ? fput+0x70/0xf0 [ 357.466970][ T8706] ? xfd_validate_state+0x61/0x180 [ 357.467005][ T8706] ? __pfx_do_writev+0x10/0x10 [ 357.467034][ T8706] __x64_sys_bpf+0x78/0xc0 [ 357.467057][ T8706] ? lockdep_hardirqs_on+0x7c/0x110 [ 357.467085][ T8706] do_syscall_64+0xcd/0x490 [ 357.467115][ T8706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.467139][ T8706] RIP: 0033:0x7f8d7f18e9a9 [ 357.467157][ T8706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.467181][ T8706] RSP: 002b:00007f8d7ffc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 357.467203][ T8706] RAX: ffffffffffffffda RBX: 00007f8d7f3b5fa0 RCX: 00007f8d7f18e9a9 [ 357.467219][ T8706] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000 [ 357.467233][ T8706] RBP: 00007f8d7f210d69 R08: 0000000000000000 R09: 0000000000000000 [ 357.467248][ T8706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 357.467262][ T8706] R13: 0000000000000000 R14: 00007f8d7f3b5fa0 R15: 00007ffeebc05628 [ 357.467284][ T8706]