last executing test programs: 5.007732847s ago: executing program 0 (id=1936): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r0 = socket(0x2a, 0x4, 0x1000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000380)={{&(0x7f0000000440)="190a13d8866eb569215208b0b3c9f5d6e917664c6da572405b3fc380f939ffa91c7b499d742a883c04dea58ff1bdfad322f5c473ad556ec867920777142776ee906f5b7474dcd9b00f4ed6c104792a004304f583779ebc0539a6a3dc6b14dc5ceed942393bbfe9ab83eaf8ffcc42c2f3e87ebf3ff88399d95daef2565c23e55d62c6cfba1baff8069e17c5a9049d2a80470b61371be8c44b968af9f2c0cae237ec1425e76daca7138971", 0x12, 0x0, 0x9, 0x0, 0x23, 0x101}, 0x8}, 0x7, 0x20020000) (async) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00') ioctl$NS_GET_PARENT(r4, 0xb701, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="046adc17", @ANYRES16=r2, @ANYBLOB="000326bd7000ffdbdf2588000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) lseek$auto(0x3, 0x2, 0x4) (async) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f00000001c0)=0xa) (async) unshare$auto(0x40000080) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async) socket(0x1e, 0x1, 0x0) (async) r6 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0) readv$auto(r6, &(0x7f00000000c0)={&(0x7f0000000180), 0x200}, 0x6) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) 4.925456859s ago: executing program 3 (id=1937): signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, 0x0, 0x80c02, 0x0) setpriority$auto(0x1, 0x0, 0xe55c) 4.764455708s ago: executing program 3 (id=1938): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(0xffffffffffffffff, 0x5422, 0xf15) ioctl$auto(r0, 0x8108551b, r0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) socket(0xa, 0x3, 0x3a) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000440)={0x8, 0x3, 0x1ff, 0x0, 0x5, 0x717e, 0x0, 0x7, 0x200000000000003, 0xd, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0xfffffffffffffffe, 0x7, 0x10002, 0x7f, 0x2a2, 0x2, 0xa, 0x4, 0x200, 0x4, 0x84, 0x3, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0xe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x40000000000, 0x0, 0x0, 0x0, 0x0, 0x100000000000], "a3cd47e71a9af4579f56a1342a727dfb205c21b67b7906a3a621792823de8da5df97dd756cde157405af69f5b52b5e57585d6b3a406435ba62c5577494b7664728dd45cf95f602e60a368b7998d7a866277e99e26f1fcaa70e82c9a2b3c17435578fe48eaaa5c32d59db16549798"}, 0x1fe, 0xd) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0) socket(0x2, 0x3, 0x6) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd03, 0x0) r2 = socket(0x1e, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) setsockopt$auto_SO_TXREHASH(r2, 0x3, 0x4a, &(0x7f0000000080)='\x00', 0x8) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) ioctl$auto(0x3, 0x50434903, 0x1) read$auto(r3, &(0x7f00000000c0)=',\x00', 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setpriority$auto(0x4000000001, 0x100000001, 0x6) mmap$auto(0x2000000, 0x400008, 0xdf, 0x9b72, 0x100000000002, 0x8000) pidfd_send_signal$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x7, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) connect$auto(0x3, 0x0, 0x55) ioctl$auto_UBI_IOCATT(r4, 0x40186f40, &(0x7f0000000100)={0xe, 0x3d0, 0x3, 0xc, 0x12, 0x4}) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) 3.599111256s ago: executing program 0 (id=1944): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0xffffffffffffffff, 0xffff2878, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop15/queue/rotational\x00', 0xa081, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x4, 0x4020009, 0x6, 0xffff, 0x401, 0x8000) r1 = socket(0xa, 0x1, 0x84) r2 = io_uring_setup$auto(0x40000002c55, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/028/001\x00', 0x800, 0x0) ioctl$auto_USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000400)={0x8b, 0x9, 0x3, 0x8, 0x7, 0x7, &(0x7f0000000680)="ed0ab7d3720de43eb08d3fc0949e10f5ac159cfaf976266d63c1942efdc3f8b67ea0347edb214fe177f98db6aa8362574b4ff2e300b724f336224beeb6a051209762033136cf540faf977bfeed208eb879c33f291e57975395df5531149c099b7b9878bd156aa06887f91332008dee4f94424198bf59ef70e55adb78e3c54c685e68bcc5f796b18c397e35f4296ebedfa7a65fb837b363987bc9485fb49a0551a2386614ff808936e51cde8fa21b8ff83a17ef23109b443ef32923f818e9e1b53738111b0991046647f63c2e3afc76f84421984324cb112cf99341164a4867174b059fa3a739fefd9cf3396c1bb522719da3e1ee403b836aeab330"}) setsockopt$auto(r1, 0x10000000084, 0x7f, 0x0, 0xad4) ioctl$auto_TCSBRKP2(r2, 0x5425, &(0x7f0000000100)="788532e68dbf1212dc7f03fcdf6ec9f3ca511a7994f9288a4f7758c5c4dc567f4540ae811cae5553a9e448481aaa156d324a440bf200cdda638ddd3a49d0a0110e008da0efdbe31f1cc3592e5a6d11a60d2895547c10ec10a00ff4acc81a1f2d32ea45f59fd6cfb34fa6086935e43e7bd124df320411d4c152c7867853e6558598a3a7db391aa5f0e82cc1e0b4c8fc8e97652f2a3478d4fa7f8cb82f0f626594bd33f51e58c7d3086631c2c3409f6a4162b5d8b90470f51419f7f1c1b4af") r3 = ioctl$auto_TUNSETGROUP(0xffffffffffffffff, 0x400454ce, &(0x7f0000000000)=0x6) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000280)={0x7fffffff, 0x102f, 0x5, 0xa6e, 0x2, 0x1, 0x100, 0xffffffffffffff01, 0x9, 0xf, 0x2, 0x10001}) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x34, r5, 0x1b, 0x70bd26, 0x25dfcbfc, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044}, 0xc800) setsockopt$auto_SO_BINDTOIFINDEX(r4, 0x3, 0x3e, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x5) pidfd_send_signal$auto_PIDFD_SIGNAL_PROCESS_GROUP(r3, 0x2, &(0x7f0000000040)={@siginfo_0_0={0x7ff, 0xfffffff8, 0x60d, @_sigfault={&(0x7f0000000580)="56905ad066597c61add23967adf989837f8321daa063602d6f3a88138348c36b9e7d621bba035f24f96c16a71704afdf022c15284d263cc2da08d4f251491f646cd501001087d48a9c54c8513b3d8cb0c28a09b8030a53b8a47dd55cbea168380346796eaad9a9156c8f00fd54d13e54d2aca24b918b695232498e87598b705218318593ba066730465bbfffff035825267ac26eba4a87bb511bfcb13c48fdf22db4f2edde8fc8285b15e21da951e175d243e380f7b070dfe7ecc9eb129cf6843ba430bc4d11d2fe3e", @_perf={0xc, 0xcc43, 0x3}}}}, 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x54, r7, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, "1bc6e7e10bc66696ea9b05d53fcb46cdea5e227f20ea27bbee943b059ee673eb196cbf758915ad0d31d27b34b0e98cd68af9d349f9047fced32270"}]}, 0x54}}, 0x4004010) sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x24000081}, 0x14000080) socket(0x2, 0x1, 0x2) fcntl$auto(0x3, 0x4, 0xa553) unshare$auto(0x40000080) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000280), 0x201, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) getpid() 3.192549447s ago: executing program 3 (id=1945): r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r0, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x0) ioctl$auto(r1, 0xaf01, r0) mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) fremovexattr$auto(r2, &(0x7f0000000000)='system.posix_acl_access\x00') r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, 0x0, 0x10500, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/blkio.bfq.avg_queue_size\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000001c00)=""/4111, 0x100f) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) 3.145797471s ago: executing program 1 (id=1946): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, 0x0, 0x80c02, 0x0) setpriority$auto(0x1, 0x0, 0xe55c) 2.880699606s ago: executing program 0 (id=1947): r0 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, r0, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r1, 0x400, 0x0) open(&(0x7f0000000800)='./file0\x00', 0xe6200, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000180)=""/250, 0xfa) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x26, 0x80805, 0x0) socket(0x28, 0x1, 0x0) socket(0x1, 0x1, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x22042, 0x45) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x40000000002263, 0x0, 0x7fff, 0x9}, 0x7}, 0x9, 0xfffffffe) readv$auto(0x0, &(0x7f0000000080)={0x0, 0x60}, 0x3) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) close_range$auto(0x2, 0x8, 0x0) unlink$auto(&(0x7f0000000040)='./bus\x00') r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) getsockopt$auto_SO_WIFI_STATUS(r3, 0x2, 0x29, &(0x7f0000000000)='#{\x00', &(0x7f0000000080)=0xe9) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'vlan0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_RINGS_GET(r4, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010039bd0f0000000c000180"], 0x20}, 0x1, 0x0, 0x0, 0x8004805}, 0x20004804) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x1ff}, 0xd) 2.791148575s ago: executing program 1 (id=1948): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f000000adc0)={0x38, r1, 0x1b, 0x70bd26, 0x25dfcbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x11}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4044}, 0xc800) r2 = socket(0x2, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x80900, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_SMC_NETLINK_DUMP_SEID(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xa0, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {}, "612385ad06c5b2529e35783aea12f8e467421101044f0a21a6087a508c969ef2bc5e315c126b402c0ecb993e385dc62b3c3b73cff8474c5bf2722f838710bdd1c5cc07ce261dd65c4cb69f00a9cd18dbbf9d4b656b2ed8c1a1dd8684b7faf2426dcc0e44cdb457dc1b0f39e192786e508a07d65f3aa722efecfbb22568d5560766ef392d71aabab065"}, 0xa0}, 0x1, 0x0, 0x0, 0x4000811}, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0xd, 0x1, 0x948f, 0x1003, 0x15f4da07, 0x3, 0xfffffffffffffff6, 0x7, 0x9, 0x79d, 0x6, 0x0, 0x2, 0xb]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.642885035s ago: executing program 2 (id=1949): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) kexec_load$auto(0x0, 0x4, 0x0, 0x1) mmap$auto(0x0, 0x2024009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x202000a, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) mknod$auto(&(0x7f0000000000)='./file0\x00', 0x5, 0x4) madvise$auto(0x0, 0x1010001, 0x100000003) 2.586251859s ago: executing program 2 (id=1950): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x3, 0x6) semctl$auto(0x9, 0x20000001, 0x13, 0x4) poll$auto(0x0, 0x6, 0x8) umount2$auto(0x0, 0xa) close_range$auto(0x2, 0x8, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) open(0x0, 0x22240, 0x154) sendmsg$auto_NL80211_CMD_ADD_LINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x14, 0x0, 0x8, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x40010) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1b, &(0x7f00000000c0), 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) 2.484888433s ago: executing program 2 (id=1951): mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x40120, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek$auto(r1, 0x0, 0x2) readv$auto(r1, &(0x7f0000000a80)={0x0, 0x5b54}, 0x1) read$auto(0x3, 0x0, 0x80) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r2, 0x4008af25, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) close_range$auto(r0, r3, 0xd) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='$o9', 0x80000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000080), r4) sendmsg$auto_NBD_CMD_RECONFIGURE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="03812dbddeae5b02cf49781a06f0230d387000ffdbdf25037921c8d9868249122bf4000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000) connect$auto(0x3, &(0x7f0000000080)=@generic={0x18, "a138a4cd8ec5430b1af98f278448"}, 0x2) ioperm$auto(0x7, 0x75, 0x4) mmap$auto(0x0, 0x20009, 0xdd, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0xfff, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0xd) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), r6) 2.299618121s ago: executing program 3 (id=1952): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) writev$auto(r2, &(0x7f0000000140)={&(0x7f0000002ac0), 0xe4}, 0x4) mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r3, 0x0, 0x7) ioctl$auto_BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000f80)=[{0x3ff, 0x3, 0x8000000000000000}, {0x5, 0x5, 0x2}, {0xa6, 0x1, 0x2}]) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x149802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x11, 0x3, 0x9) sendmsg$auto_IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010028bd7000fedbdf250c0000001d000280d2f7abf5204c1c01107d33d6d37bc50e476301cfa9375e0781"], 0x34}, 0x1, 0x0, 0x0, 0x20004014}, 0x4014) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x80}, 0x40000) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a) mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r5, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0) unshare$auto(0x40000080) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r5) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f00000004c0)={0x384, r6, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'veth1_to_hsr\x00'}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0xd}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0x2bf, 0x80, "cfb8a52fa150c78abf73f1484110a8779b78b3853c5225a9b9164440b7a785ad77311aff9497f3500fb0b772a4fdc632392897221fb210b11afe473ab4546451613993a8fff74036c2b184890a07caf5975886e58b3a812c366a46b0a0a2b9146f0494121cbe5317e55a52f6bf2efc8d7587f1a4357effe79c0e07e787bafbe4b0cd1c1f054d1e54e0f0745e57ec37d1dc0cd315124d329ea95cc2e5d7882df968313328bc319a7e9bb550d7968915ffe7893504ac966098e05c1d982fec46e5c61b47af7d69036bd4f91cd63a356ba5fff01cd7742c3a4825ce6896dd00367d49f332b815c93d49ad3bce2aa6303adae7246dc184c33ed815b4e95c1c0fc59185d548215ed39a8a15f62dc96a533b26787766657bd26d0fb5299147ebe6441b18559de13dad9551d70c522d5b4daaaba3cd4bbdac82f97c0cd9c81d5678d36a20486bb9ec7ce40a5f60abaca8711ddda8c6d7bbd7355ccc45da42af90da630b1d6d6b01e2f1b17223ce2554de306e5dc87082a514a97a47b8196d0bf5a8a69c928555062b31792c3638c274fc5d7f0605a2e6ae0c5a348d5e348075079bdc324713a223e6fc4bd8dfba836fe84f47bd6b52264aaffc99137cd1cf77390854e5f9490988700449124dcb32c1bf233c9af3e907db12f3fb478ae0e0c6b5da39c9e128ab03f0a4818ef584474d2f85e4418414cf6901479accce93959a0457d721bca3e6dfb6af22770e74db2c1e0f24213a879b11874fa6dfd1d8b19887b617dc221abca5176d0ed0a599d1ecc7bf8fa574a9545e65fa62679d6a5360e2a598602441b3313c053703b6822c119648e34ca0ff0b6273d79931f5f50c37609d78ec964ef5790b9fc01c40362283c03952ff84d1f2a853079b6a88670eddfb63dde58fe26f173c08fa89f8708c1209bbdadfc529a775b93be3942b7d7277c861afe040984be5a64c91f73ee3be8a7dd291748acef92e5d68288243256a"}, @NL80211_ATTR_MESH_ID={0x1d, 0x18, "65430903147e6dcec78ea53596c96ceaee3e0670ece52155b2"}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6b, 0xcd, "10080d283148dc37fe3e37b3edac16d6b53dbe5122432aeab76a1fd65d7f4d72b83d8b9a9cc536821f6a2c241957bfaaf1a79275164702d32c0c0b1964f5eb3c8136187a8abb7bd8eeafeccef25b17cd3ff231d252b6339e0d2faeecfd3cd998a6616928a3430f"}]}, 0x384}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)={0x78, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0x8}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_AGE={0x8, 0x3, 0xfffffffa}, @HSR_A_IF2_AGE={0x8, 0x4, 0xb7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x3}, @HSR_A_IF2_SEQ={0x6}]}, 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) r7 = openat$auto_dai_list_fops_(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) read$auto_dai_list_fops_(r7, &(0x7f0000000780)=""/34, 0x22) close_range$auto(0x2, 0x8, 0x0) remap_file_pages$auto(0xfffffffffffffe01, 0x9, 0x8, 0x7, 0x6) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x4000800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 1.902854034s ago: executing program 0 (id=1953): bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket(0xa, 0x2, 0x88) (async) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) mincore$auto(0x1000, 0x8003, 0x0) (async) mincore$auto(0x1000, 0x8003, 0x0) setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r0 = ioctl$auto_TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000540)={0x2, &(0x7f0000000500)={0xa7, 0xf3, 0x1, @raw=0x2}}) socket(0x15, 0x5, 0x0) ioctl$auto(0x3, 0x8b35, 0x91) (async) ioctl$auto(0x3, 0x8b35, 0x91) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r1) (async) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14) sendmsg$auto_NET_SHAPER_CMD_DELETE(r0, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x6c, r2, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@NET_SHAPER_A_HANDLE={0x1c, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x200}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x5}]}, @NET_SHAPER_A_HANDLE={0x3c, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0xfffff801}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0xe4f}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0xff}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x5}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4040011}, 0x10) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x81, 0x0, 0x0, &(0x7f0000000300)={[0x1ff, 0x5, 0xd, 0xfffffffffffff4d6, 0x948b, 0x3, 0x15f4da0e, 0x3, 0x0, 0x9, 0x80000001, 0x1000, 0x1, 0x9, 0x3, 0x1]}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) clock_adjtime$auto(0x1, &(0x7f0000000280)={0xfff, 0x0, 0x6fe, 0x40004, 0x7, 0x4, 0x8227, 0x0, 0x2, 0x0, 0x8, {0x7, 0x800}, 0x101, 0xf8, 0xa, 0xd94, 0x0, 0x1, 0x7, 0x6, 0xa9, 0x3, 0xfffffffe}) (async) clock_adjtime$auto(0x1, &(0x7f0000000280)={0xfff, 0x0, 0x6fe, 0x40004, 0x7, 0x4, 0x8227, 0x0, 0x2, 0x0, 0x8, {0x7, 0x800}, 0x101, 0xf8, 0xa, 0xd94, 0x0, 0x1, 0x7, 0x6, 0xa9, 0x3, 0xfffffffe}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0x80002, 0x0) (async) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0x80002, 0x0) writev$auto(r4, &(0x7f0000000240)={0x0, 0x9}, 0xb) write$auto(r3, &(0x7f0000000240)='//ev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (async) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(r5, 0x0, 0xfffffdef) (async) write$auto(r5, 0x0, 0xfffffdef) write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caf", 0x383) 1.84912636s ago: executing program 1 (id=1954): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x3, 0x6, 0x202) r2 = getsockopt$auto(r0, 0x84, 0x83, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setfsuid$auto(0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000100), r4) sendmsg$auto_NFSD_CMD_LISTENER_SET(r4, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000229bd107d4e1f50e8d5d76d56486b071f2437308b11e74b0f406e5d681e62c590b6240cdf1f28b799a6af0defaa323778a0d668f1648fed3d0904ab77701043a9dde915a11cbc41d2d8687af9d3d0b3e76a2e77de371aa98299022b58894602184592d79252fbb00296a0a576d2833e018ee3eeca27175211a3f7f79b274a42ab0716e39e88b4e46fd86daa6ec16e5fab41decac36cc2c44d", @ANYRES16=r5, @ANYBLOB="01002bbd700800dcdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), r6) sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000008c8df105b091df29408528af23c1d601ccd4fbd7f81b3066d4a25cfb29a2d112507677b3a1c67adca61b33a87b373946f39764a23aacf34cd4ab2d2421d45fe4747da81b072898ad76b8644779b7933fef620315fc36541f96369f776802c867c04380bae338cc6389361705f7742c616ae620a3d498bd3fc4b60f52ca24a32ebfbb7fe959", @ANYRES16=r7, @ANYBLOB="02002bbd7000fbdbdf2507000000"], 0x14}}, 0x30040800) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, r3, 0x8000) mremap$auto(0x1ff000, 0x8, 0x843, 0x3, 0xfffff000) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000040), r3) getpgid$auto(0x0) mmap$auto(0x0, 0x20006, 0xdf, 0x19, r1, 0x8003) fcntl$auto_F_ADD_SEALS(r2, 0x409, 0x4) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r8 = open(0x0, 0x507640, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x80086601, 0x0) r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x80002, 0x0) ioctl$auto_KVM_CREATE_VM(r9, 0xc008ae09, 0x0) 1.586984393s ago: executing program 3 (id=1955): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x6, 0x6, 0xdf, 0x11, r0, 0x800008000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/udp6\x00', 0x80, 0x0) pread64$auto(r1, 0x0, 0x8202000, 0x2d) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7073000000001400000008000300", @ANYRES32=r4], 0x24}, 0x1, 0x1400, 0x0, 0xaee2e45ddcc9e3a5}, 0x20040080) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0xa, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket(0x0, 0x80000, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) mincore$auto(0x1000, 0x8003, 0x0) setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r8 = ioctl$auto_TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000540)={0x2, &(0x7f0000000500)={0xa7, 0xf3, 0x1, @raw=0x2}}) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r9) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r9, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000002c0)=ANY=[@ANYRESDEC=r7, @ANYRES16=r5, @ANYBLOB="010029bd7000fedbdf25040000000c000300000010000a800c000180080001000200000008000800", @ANYRES32=r11, @ANYBLOB="38df14f698f9fa936f37db4171a4e378b2b02cca032ac36b187536206ed0bf68e0b62c5dd6164c54bfc950d0db8994e4b80ec8ec92b7d1076af4344d9724ea3823929f5850779c3434b297695e2889727bce7a085e017e027b9e98be0d0000440799b7c72e23ffac3dff1282b2b8d9cec9a13dd2a2476991a694e98c16551ce2a1d0a2cf1da448f3a3ccdf5a7a8179ee2f8abacf29e8cb095e21b455e256a6d5bfff32e67aa2bb609b989e9574b373ffaa4300b976f0f69a7f59f1c3dbd4edff6e574695fd471b83a6a922b042589e6845566fa965a3f1642c7ad156d691f80f2c68dc6332587fd7eaf781c925748db9cf03f141941bfe2d2093b98a1e63d337dc15d69a05c7f754ecbde1eeeca6c6c01fd43b6c2519c3b6e0910629add3b181e879c773"], 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14) sendmsg$auto_NET_SHAPER_CMD_DELETE(r8, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="08002cbd7000fcdbdf25030000001c00018008000100000200000800010001000000080001000500000044000180080001000000000008000200818100000800020001f8ffff080001004f0e00bfea1800419e08bdfe8b89d2000800010001000000502fe021ee08"], 0x74}, 0x1, 0x0, 0x0, 0x4000011}, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 1.552866027s ago: executing program 1 (id=1956): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, 0x0, 0x80c02, 0x0) setpriority$auto(0x1, 0x0, 0xe55c) 1.520346527s ago: executing program 2 (id=1957): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x80, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x40047459, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r1) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x5, 0x1, 0x9, 0x7, 0x5, 0x6, 0x8, 0x7, 0x3, 0x9, 0x9, 0xffff, 0x4, 0x200000000001, 0xb4, 0xb, 0x9, 0x10007, 0x7, 0x10000000000, 0x0, 0x3, 0x22000, 0x203, 0x9, 0x84, 0x0, 0x4, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7fffffff, 0x9, 0x7, 0x6, 0x0, 0x8, 0xfffffffffffffffd, 0x3, 0x0, 0x10000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1, 0x8000200000000001, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x81, 0x968c) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1441, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffffffffffd10, &(0x7f00000001c0)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/bus/serio/drivers/pulse8-cec/bind_mode\x00', 0x1eb842, 0x0) write$auto(r4, &(0x7f00000001c0)='\x00', 0xffffffff) mmap$auto(0x4000, 0x400008, 0x3, 0x9b72, 0x2, 0x7ffe) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r5, 0x0, 0x9) close_range$auto(0x2, r5, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{&(0x7f0000000280), 0x1, &(0x7f0000000100)={&(0x7f0000000780)="4c0300000000000000a3677337f9ecba075f6bba44", 0xfffffffffffffff7}, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100) open(0x0, 0x7ffd, 0x12) r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x14b402, 0x0) read$auto(r6, &(0x7f0000000240)='/proc/scsi/sg\x00\x00\x00\x00ices\x00\r\xe2\xc9\x04\x986\xbc\xb0FI\xb9-E\xe3\x87j\xdes1\xa7\xdf\xc4\b\xb3\xeelc\x7f\xfdg\x18*\a:_\xb0\x92\xacwH\x9c\x9dF\xb1\xc47\x85\xc7\x13\xe1\x19UR\x96\xd8\x86\xd3\xe4\xa9R\x1c\xeb\xc8\xe5X\xfcR\xc7\vdU\x8b\xaa^\xfd\x83#\xc1o\x04\xeca\xbf\x8bYz\xd9\r\xcbk\xfd\x9e\x97\xcbOf\x80', 0x100000001) prctl$auto(0x35, 0x1, 0x8, 0x0, 0x0) prctl$auto(0x34, 0x1, 0x0, 0x0, 0x0) read$auto(0x3, 0x0, 0x80) 1.393712398s ago: executing program 1 (id=1958): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0xffffffffffffffff, 0xffff2878, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop15/queue/rotational\x00', 0xa081, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x6, 0x40000, 0xeb1, 0x401, 0x7fff) r1 = socket(0xa, 0x1, 0x84) r2 = io_uring_setup$auto(0x40000002c55, 0x0) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/028/001\x00', 0x800, 0x0) ioctl$auto_USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000400)={0x8b, 0x9, 0x3, 0x8, 0x7, 0x7, &(0x7f0000000300)="ed0ab7d3720de43eb08d3fc0949e10f5ac159cfaf976266d63c1942efdc3f8b67ea0347edb214fe177f98db6aa8362574b4ff2e300b724f336224beeb6a051209762033136cf540faf977bfeed208eb879c33f291e57975395df5531149c099b7b9878bd156aa06887f91332008dee4f94424198bf59ef70e55adb78e3c54c685e68bcc5f796b18c397e35f4296ebedfa7a65fb837b363987bc9485fb49a0551a2386614ff808936e51cde8fa21b8ff83a17ef23109b443ef32923f818e9e1b53738111b0991046647f63c2e3afc76f84421984324cb112cf99341164a4867174b059fa3a739fefd9cf3396c1bb522719da3e1ee403b836aeab330"}) setsockopt$auto(r1, 0x10000000084, 0x7f, 0x0, 0xad4) ioctl$auto_TCSBRKP2(r2, 0x5425, &(0x7f0000000100)="788532e68dbf1212dc7f03fcdf6ec9f3ca511a7994f9288a4f7758c5c4dc567f4540ae811cae5553a9e448481aaa156d324a440bf200cdda638ddd3a49d0a0110e008da0efdbe31f1cc3592e5a6d11a60d2895547c10ec10a00ff4acc81a1f2d32ea45f59fd6cfb34fa6086935e43e7bd124df320411d4c152c7867853e6558598a3a7db391aa5f0e82cc1e0b4c8fc8e97652f2a3478d4fa7f8cb82f0f626594bd33f51e58c7d3086631c2c3409f6a4162b5d8b90470f51419f7f1c1b4af") r4 = ioctl$auto_TUNSETGROUP(0xffffffffffffffff, 0x400454ce, &(0x7f0000000000)=0x6) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000280)={0x7fffffff, 0x102f, 0x5, 0xa6e, 0x2, 0x1, 0x100, 0xffffffffffffff01, 0x9, 0xf, 0x2, 0x10001}) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x34, r6, 0x1b, 0x70bd26, 0x25dfcbfc, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044}, 0xc800) setsockopt$auto_SO_BINDTOIFINDEX(r5, 0x3, 0x3e, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x5) pidfd_send_signal$auto_PIDFD_SIGNAL_PROCESS_GROUP(r4, 0x2, &(0x7f0000000040)={@siginfo_0_0={0x7ff, 0xfffffff8, 0x60d, @_sigfault={&(0x7f0000000580)="56905ad066597c61add23967adf989837f8321daa063602d6f3a88138348c36b9e7d621bba035f24f96c16a71704afdf022c15284d263cc2da08d4f251491f646cd501001087d48a9c54c8513b3d8cb0c28a09b8030a53b8a47dd55cbea168380346796eaad9a9156c8f00fd54d13e54d2aca24b918b695232498e87598b705218318593ba066730465bbfffff035825267ac26eba4a87bb511bfcb13c48fdf22db4f2edde8fc8285b15e21da951e175d243e380f7b070dfe7ecc9eb129cf6843ba430bc4d11d2fe3e", @_perf={0xc, 0xcc43, 0x3}}}}, 0x4) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x54, r8, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, "1bc6e7e10bc66696ea9b05d53fcb46cdea5e227f20ea27bbee943b059ee673eb196cbf758915ad0d31d27b34b0e98cd68af9d349f9047fced32270"}]}, 0x54}}, 0x4004010) sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x24000081}, 0x14000080) socket(0x2, 0x1, 0x2) fcntl$auto(0x3, 0x4, 0xa553) unshare$auto(0x40000080) socket(0xa, 0x1, 0x84) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000280), 0x201, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) getpid() 745.466898ms ago: executing program 0 (id=1959): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x80102, 0x0) mmap$auto(0x0, 0x400, 0x0, 0x1000000eb1, 0x401, 0x1) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x80080, 0x0) connect$auto(r0, 0x0, 0x1e) mmap$auto(0x4000000000000039, 0x1f69, 0x4000000000e2, 0x15, 0x401, 0xfffffffffffffffc) r1 = socket(0xa, 0x801, 0x106) ioctl$auto(r1, 0x8936, r1) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) madvise$auto(0x0, 0x9, 0xffffff57) ioctl$auto_PPPIOCSMRU(r0, 0x40047452, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty0\x00', 0x2c80, 0x0) r2 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x20000, 0x0) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/module/rcutree/parameters/rcu_fanout_leaf\x00', 0x40002, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffffff, 0x0, 0x0) r4 = prctl$auto(0x1000000003b, 0x3, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r4) fstat$auto(r3, &(0x7f00000001c0)={0x9, 0xfffffffffffffffc, 0x8bbf, 0x8, 0xee00, 0x0, 0x0, 0x2, 0xfffffffffffffff9, 0x77, 0x1, 0x66, 0x1, 0x0, 0x9, 0x4, 0x4}) newfstatat$auto(r4, &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)={0x7, 0x3, 0x6, 0x1, 0xee00, r5, 0x0, 0x4, 0x9, 0x3, 0x9, 0x0, 0x0, 0x5, 0xfffffffffffffffa, 0xa, 0x7ff}, 0x8) landlock_add_rule$auto(r2, 0xd7393533b915ff26, &(0x7f00000000c0)="6489384cb0a281c20c4f2402caf6cbd857a5099aa172c9faec3f8a6657527bd6e1a5536a250a243a4740ec6ea7410bd998b7d0f5fcadf600e880ac0000", 0x4006) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) write$auto(r6, 0x0, 0x300001000000) write$auto(r3, 0x0, 0xfdef) mmap$auto(0x0, 0x400004, 0x20000000000000cf, 0x9b72, r2, 0xfffffffffffffffd) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000100), 0xa0080, 0x0) 676.862963ms ago: executing program 1 (id=1960): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/011/001\x00', 0x101041, 0x0) ioctl$auto_USBDEVFS_RELEASEINTERFACE(r0, 0x80045510, &(0x7f0000000000)=0xffffccec) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/pci/drivers/ahci/bind\x00', 0xa001, 0x0) write$auto(r1, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x05\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x06z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x1000) sendmsg$auto_GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYRESDEC=r1, @ANYRES16=0x0, @ANYBLOB="01002c", @ANYRESOCT=r1], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/usb/usbmon/35u\x00', 0x20100, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) r3 = socket(0x10, 0x2, 0x4) r4 = socketpair$auto(0x3, 0xc9, 0x7ffffffc, &(0x7f0000000280)=0x80000001) ioctl$auto_TUNATTACHFILTER(r4, 0x401054d5, &(0x7f00000001c0)={0x5, &(0x7f0000000180)={0x6, 0xc, 0x9, @inferred=r2}}) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = io_uring_setup$auto(0x401, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) open_by_handle_at$auto(r5, 0x0, 0x5) socket(0x1, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x240000c5}, 0x80) socket(0x15, 0x5, 0x0) ioctl$auto(0x3, 0x89e0, 0x38) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r6 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r6, 0x107, 0x2, 0x0, 0x28) mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0x401, 0x8000) r7 = socket(0xa, 0x1, 0x84) getsockopt$auto(r7, 0x84, 0x7c, 0x0, 0x0) 547.413208ms ago: executing program 3 (id=1961): mmap$auto(0x0, 0x2020009, 0x3, 0xeb5, 0xffffffffffffffff, 0x8000) socket(0xa, 0x5, 0x0) socket(0xa, 0x3, 0xff) bpf$auto(0x4000, &(0x7f00000001c0)=@task_fd_query={0x0, 0x21eb, 0x7ff, 0x1ff, 0xa, 0x1000009, 0x5f, 0x6, 0x3}, 0x5) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x3, 0x2f) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027b4839f3015398d3b61", @ANYRES32, @ANYRES32=r0, @ANYRES64], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x1, 0x100) r3 = eventfd2$auto(0x6af3, 0x800) r4 = socket(0xa, 0x2, 0x0) setsockopt$auto(r4, 0x29, 0x11, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) r5 = socket(0x2, 0x800, 0x4) bpf$auto_BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)=@link_update={r5, @new_map_fd=r1, 0x3, @old_prog_fd=r2}, 0x1) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pipe2$auto(&(0x7f0000000040)=r3, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) unshare$auto(0x40000080) bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4) socket(0x10, 0x2, 0x0) 514.06895ms ago: executing program 0 (id=1962): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, 0x0) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) (async) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) rseq$auto(&(0x7f0000000580)={0x0, 0x85, 0x9416, 0x1, 0x7, 0x6}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) socket(0xf, 0xa, 0x5) (async) connect$auto(0x3, &(0x7f0000000080)=@l2={0x1f, 0x6, @none, 0x5}, 0x2) (async) ioctl$auto_BTRFS_IOC_GET_DEV_STATS(r3, 0xc4089434, &(0x7f00000005c0)={0x8, 0x7, 0xf28, [0x51c, 0x100, 0xf0, 0x4a3, 0xb]}) (async) ioperm$auto(0x7, 0x75, 0x4) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_UNLCK(r1, 0x8, 0x2) (async) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) (async) close_range$auto(0x2, 0xa, 0x0) (async) socket(0x18, 0xa, 0x1) (async) socket(0x3b, 0x5, 0x8) 151.306807ms ago: executing program 2 (id=1963): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x4b64, r1) (async) ioctl$auto(r0, 0x4b64, r1) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x2000, 0x0, 0xb, 0x8000000008011, r2, 0x0) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000) 0s ago: executing program 2 (id=1964): r0 = socket(0x2, 0x5, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32) ioperm$auto(0x7, 0x6, 0x2) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) socket(0x2, 0x80002, 0x73) (rerun: 64) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@generic={0x1e, "9fd0994bc78bef8ce5d1b0323edc"}, 0x54) (async) write$auto(0x3, 0x0, 0xffd8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) io_uring_setup$auto(0x1, 0x0) (async) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) (async) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64) write$auto(0x3, 0x0, 0xfdef) (async, rerun: 64) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='./cgroup\x00') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) (async) r1 = socket(0x3, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) (async) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r1) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)={0x74, r2, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_MLD_ADDR={0x58, 0x13a, "65e41e366f040a4d15c7bd45f60e0e92cd08b158519ccde47ed05adebf629f225a1450c86dbf52dcc05aa24137d3baf3df43f3ef8156f0b1eb0a08b0168dce3a84170a4936a10b5f80057713b5d9502ab97748cb"}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0xd}]}, 0x74}, 0x1, 0x0, 0x0, 0xc0}, 0xe810) kernel console output (not intermixed with test programs): 6.787568][T12332] Call Trace: [ 506.787574][T12332] [ 506.787580][T12332] dump_stack_lvl+0x16c/0x1f0 [ 506.787614][T12332] should_fail_ex+0x512/0x640 [ 506.787641][T12332] get_futex_key+0x1d0/0x1560 [ 506.787663][T12332] ? __pfx_get_futex_key+0x10/0x10 [ 506.787687][T12332] futex_wake+0xea/0x530 [ 506.787708][T12332] ? rcu_is_watching+0x12/0xc0 [ 506.787724][T12332] ? __pfx_futex_wake+0x10/0x10 [ 506.787748][T12332] ? kmem_cache_free+0x2d1/0x4d0 [ 506.787763][T12332] ? fd_install+0x225/0x750 [ 506.787777][T12332] ? putname+0x154/0x1a0 [ 506.787800][T12332] do_futex+0x1e3/0x350 [ 506.787818][T12332] ? __pfx_do_futex+0x10/0x10 [ 506.787841][T12332] __x64_sys_futex+0x1e0/0x4c0 [ 506.787861][T12332] ? __x64_sys_openat+0x174/0x210 [ 506.787883][T12332] ? __pfx___x64_sys_futex+0x10/0x10 [ 506.787901][T12332] ? xfd_validate_state+0x61/0x180 [ 506.787929][T12332] do_syscall_64+0xcd/0x490 [ 506.787952][T12332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.787967][T12332] RIP: 0033:0x7fd3bb98ebe9 [ 506.787979][T12332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 506.787993][T12332] RSP: 002b:00007fd3bc7e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 506.788008][T12332] RAX: ffffffffffffffda RBX: 00007fd3bbbc6098 RCX: 00007fd3bb98ebe9 [ 506.788017][T12332] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd3bbbc609c [ 506.788025][T12332] RBP: 00007fd3bbbc6090 R08: 00007fd3bc806000 R09: 0000000000000000 [ 506.788034][T12332] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 506.788042][T12332] R13: 00007fd3bbbc6128 R14: 00007ffdea5a3140 R15: 00007ffdea5a3228 [ 506.788060][T12332] [ 506.983552][ C0] vkms_vblank_simulate: vblank timer overrun [ 509.507708][T12347] rnbd_client L202: map_device: Unknown parameter or missing value '(' [ 510.099076][T12355] nbd: must specify a device to reconfigure [ 510.743161][T12364] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input51 [ 511.708058][T12366] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52 [ 515.061361][T12408] nbd: must specify a device to reconfigure [ 518.153717][T12223] syz.1.1238 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 518.627187][T12223] CPU: 0 UID: 0 PID: 12223 Comm: syz.1.1238 Not tainted syzkaller #0 PREEMPT(full) [ 518.627226][T12223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 518.627239][T12223] Call Trace: [ 518.627248][T12223] [ 518.627259][T12223] dump_stack_lvl+0x16c/0x1f0 [ 518.627300][T12223] dump_header+0x101/0x930 [ 518.627337][T12223] oom_kill_process+0x272/0xa40 [ 518.627373][T12223] out_of_memory+0x350/0x1700 [ 518.627410][T12223] ? __pfx_out_of_memory+0x10/0x10 [ 518.627446][T12223] mem_cgroup_out_of_memory+0x118/0x130 [ 518.627482][T12223] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 518.627527][T12223] ? do_raw_spin_unlock+0x172/0x230 [ 518.627567][T12223] try_charge_memcg+0x72b/0xd50 [ 518.627602][T12223] ? __pfx_try_charge_memcg+0x10/0x10 [ 518.627631][T12223] ? __print_lock_name+0x41/0xe0 [ 518.627654][T12223] ? rcu_read_unlock+0x17/0x60 [ 518.627695][T12223] charge_memcg+0x8a/0x230 [ 518.627724][T12223] __mem_cgroup_charge+0x2b/0x1e0 [ 518.627757][T12223] shmem_alloc_and_add_folio+0x514/0xc20 [ 518.627794][T12223] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 518.627828][T12223] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 518.627864][T12223] shmem_get_folio_gfp+0x67f/0x1600 [ 518.627901][T12223] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 518.627942][T12223] shmem_write_begin+0x160/0x300 [ 518.627981][T12223] ? __pfx_shmem_write_begin+0x10/0x10 [ 518.628007][T12223] ? timestamp_truncate+0x21e/0x2d0 [ 518.628039][T12223] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 518.628083][T12223] generic_perform_write+0x3c2/0x900 [ 518.628130][T12223] ? __pfx_generic_perform_write+0x10/0x10 [ 518.628161][T12223] ? inode_needs_update_time.part.0+0x191/0x270 [ 518.628201][T12223] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 518.628240][T12223] shmem_file_write_iter+0x10e/0x140 [ 518.628276][T12223] __kernel_write_iter+0x31a/0xb10 [ 518.628309][T12223] ? __pfx___kernel_write_iter+0x10/0x10 [ 518.628337][T12223] ? __up_read+0x1f8/0x750 [ 518.628376][T12223] ? dump_user_range+0x756/0xb70 [ 518.628409][T12223] dump_user_range+0x413/0xb70 [ 518.628448][T12223] ? __pfx_dump_user_range+0x10/0x10 [ 518.628476][T12223] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 518.628521][T12223] ? __pfx_writenote+0x10/0x10 [ 518.628557][T12223] elf_core_dump+0x2929/0x3b60 [ 518.628605][T12223] ? __pfx_elf_core_dump+0x10/0x10 [ 518.628641][T12223] ? __pfx_event_filter_pid_sched_wakeup_probe_post+0x10/0x10 [ 518.628678][T12223] ? find_held_lock+0x2b/0x80 [ 518.628702][T12223] ? 0xffffffffff600000 [ 518.628723][T12223] ? rcu_is_watching+0x12/0xc0 [ 518.628747][T12223] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 518.628779][T12223] ? lockdep_hardirqs_on+0x7c/0x110 [ 518.628870][T12223] ? vfs_coredump+0x2b94/0x5670 [ 518.628891][T12223] vfs_coredump+0x2b94/0x5670 [ 518.628930][T12223] ? __pfx_vfs_coredump+0x10/0x10 [ 518.628957][T12223] ? __lock_acquire+0x62e/0x1ce0 [ 518.628996][T12223] ? __lock_acquire+0x62e/0x1ce0 [ 518.629031][T12223] ? lock_acquire+0x179/0x350 [ 518.629079][T12223] ? is_bpf_text_address+0x8a/0x1a0 [ 518.629106][T12223] ? bpf_ksym_find+0x124/0x1c0 [ 518.629137][T12223] ? __kernel_text_address+0xd/0x40 [ 518.629160][T12223] ? unwind_get_return_address+0x59/0xa0 [ 518.629185][T12223] ? arch_stack_walk+0xa6/0x100 [ 518.629233][T12223] ? stack_trace_save+0x8e/0xc0 [ 518.629260][T12223] ? __pfx_stack_trace_save+0x10/0x10 [ 518.629288][T12223] ? stack_depot_save_flags+0x29/0x9c0 [ 518.629326][T12223] ? __lock_acquire+0xb97/0x1ce0 [ 518.629424][T12223] ? proc_coredump_connector+0x2d1/0x4f0 [ 518.629454][T12223] ? __pfx_proc_coredump_connector+0x10/0x10 [ 518.629493][T12223] ? rcu_is_watching+0x12/0xc0 [ 518.629524][T12223] get_signal+0x22e3/0x26d0 [ 518.629561][T12223] ? force_sig_fault+0xc4/0x100 [ 518.629591][T12223] ? __pfx_get_signal+0x10/0x10 [ 518.629630][T12223] arch_do_signal_or_restart+0x8f/0x790 [ 518.629661][T12223] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 518.629696][T12223] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 518.629757][T12223] irqentry_exit_to_user_mode+0x12a/0x270 [ 518.629798][T12223] asm_exc_page_fault+0x26/0x30 [ 518.629822][T12223] RIP: 0033:0x7fd78558ebf1 [ 518.629842][T12223] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 518.629867][T12223] RSP: 002b:00000000fffffffe EFLAGS: 00010217 [ 518.629887][T12223] RAX: 0000000000000000 RBX: 00007fd7857c5fa0 RCX: 00007fd78558ebe9 [ 518.629903][T12223] RDX: 00002000000003c0 RSI: 00000000fffffffe RDI: 000000000000b74b [ 518.629925][T12223] RBP: 00007fd785611e19 R08: 000000000000000c R09: 0000000000000000 [ 518.629940][T12223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 518.629955][T12223] R13: 00007fd7857c6038 R14: 00007fd7857c5fa0 R15: 00007ffda91af778 [ 518.629992][T12223] [ 519.157350][T12223] memory: usage 307200kB, limit 307200kB, failcnt 24393 [ 519.297993][T12223] memory+swap: usage 431908kB, limit 9007199254740988kB, failcnt 0 [ 519.548030][T12223] kmem: usage 6408kB, limit 9007199254740988kB, failcnt 0 [ 519.555186][T12223] Memory cgroup stats for /syz1: [ 519.555472][T12223] cache 307957760 [ 519.564382][T12223] rss 16384 [ 519.567511][T12223] rss_huge 0 [ 519.570691][T12223] shmem 307953664 [ 519.574299][T12223] mapped_file 0 [ 519.577783][T12223] dirty 0 [ 519.580707][T12223] writeback 0 [ 519.584136][T12223] workingset_refault_anon 206 [ 519.588858][T12223] workingset_refault_file 2402 [ 519.593626][T12223] swap 127655936 [ 519.597425][T12223] swapcached 0 [ 519.602220][T12223] pgpgin 909135 [ 519.605691][T12223] pgpgout 835470 [ 519.609409][T12223] pgfault 569943 [ 519.612964][T12223] pgmajfault 134 [ 519.616509][T12223] inactive_anon 266653696 [ 519.621914][T12223] active_anon 41345024 [ 519.626008][T12223] inactive_file 4096 [ 519.630003][T12223] active_file 0 [ 519.635220][T12223] unevictable 0 [ 519.707325][T12223] hierarchical_memory_limit 314572800 [ 519.712741][T12223] hierarchical_memsw_limit 9223372036854771712 [ 519.749664][T12223] total_cache 307957760 [ 519.753858][T12223] total_rss 16384 [ 519.797567][T12223] total_rss_huge 0 [ 519.868804][T12223] total_shmem 307953664 [ 519.873002][T12223] total_mapped_file 0 [ 519.876985][T12223] total_dirty 0 [ 519.887269][T12223] total_writeback 0 [ 519.903549][T12223] total_workingset_refault_anon 206 [ 519.914047][T12223] total_workingset_refault_file 2402 [ 519.927428][T12223] total_swap 127655936 [ 519.931529][T12223] total_swapcached 0 [ 519.949514][T12223] total_pgpgin 909135 [ 519.953533][T12223] total_pgpgout 835470 [ 519.976633][T12223] total_pgfault 569943 [ 519.981382][T12223] total_pgmajfault 134 [ 519.985471][T12223] total_inactive_anon 266653696 [ 519.998313][T12223] total_active_anon 41345024 [ 520.002927][T12223] total_inactive_file 4096 [ 520.060371][T12223] total_active_file 0 [ 520.120247][T12223] total_unevictable 0 [ 520.124276][T12223] anon_cost 0 [ 520.174474][T12223] file_cost 0 [ 520.218913][T12223] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.611,pid=9051,uid=0 [ 520.301689][T12223] Memory cgroup out of memory: Killed process 9051 (syz.1.611) total-vm:134852kB, anon-rss:1140kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000 [ 520.643896][T12212] syz.1.1238 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 520.831639][T12212] CPU: 0 UID: 0 PID: 12212 Comm: syz.1.1238 Not tainted syzkaller #0 PREEMPT(full) [ 520.831674][T12212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 520.831688][T12212] Call Trace: [ 520.831695][T12212] [ 520.831704][T12212] dump_stack_lvl+0x16c/0x1f0 [ 520.831743][T12212] dump_header+0x101/0x930 [ 520.831775][T12212] oom_kill_process+0x272/0xa40 [ 520.831809][T12212] out_of_memory+0x350/0x1700 [ 520.831847][T12212] ? __pfx_out_of_memory+0x10/0x10 [ 520.831884][T12212] mem_cgroup_out_of_memory+0x118/0x130 [ 520.831919][T12212] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 520.831961][T12212] ? do_raw_spin_unlock+0x172/0x230 [ 520.832003][T12212] try_charge_memcg+0x72b/0xd50 [ 520.832038][T12212] ? __pfx_try_charge_memcg+0x10/0x10 [ 520.832069][T12212] ? __print_lock_name+0x40/0xe0 [ 520.832094][T12212] ? rcu_read_unlock+0x17/0x60 [ 520.832133][T12212] charge_memcg+0x8a/0x230 [ 520.832160][T12212] __mem_cgroup_charge+0x2b/0x1e0 [ 520.832194][T12212] shmem_alloc_and_add_folio+0x514/0xc20 [ 520.832229][T12212] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 520.832258][T12212] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 520.832301][T12212] shmem_get_folio_gfp+0x67f/0x1600 [ 520.832336][T12212] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 520.832364][T12212] ? timestamp_truncate+0x21e/0x2d0 [ 520.832399][T12212] shmem_write_begin+0x160/0x300 [ 520.832427][T12212] ? __pfx_shmem_write_begin+0x10/0x10 [ 520.832448][T12212] ? inode_set_ctime_current+0x2a1/0x8f0 [ 520.832475][T12212] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 520.832512][T12212] generic_perform_write+0x3c2/0x900 [ 520.832542][T12212] ? __pfx_generic_perform_write+0x10/0x10 [ 520.832567][T12212] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 520.832593][T12212] ? generic_update_time+0xcf/0xf0 [ 520.832617][T12212] ? mnt_put_write_access_file+0x45/0xf0 [ 520.832641][T12212] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 520.832667][T12212] shmem_file_write_iter+0x10e/0x140 [ 520.832695][T12212] __kernel_write_iter+0x31a/0xb10 [ 520.832722][T12212] ? __pfx___kernel_write_iter+0x10/0x10 [ 520.832744][T12212] ? __up_read+0x1f8/0x750 [ 520.832776][T12212] ? dump_user_range+0x756/0xb70 [ 520.832801][T12212] dump_user_range+0x413/0xb70 [ 520.832827][T12212] ? __pfx_dump_user_range+0x10/0x10 [ 520.832848][T12212] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 520.832886][T12212] ? __pfx_writenote+0x10/0x10 [ 520.832914][T12212] elf_core_dump+0x2929/0x3b60 [ 520.832950][T12212] ? __pfx_elf_core_dump+0x10/0x10 [ 520.832970][T12212] ? kasan_save_stack+0x42/0x60 [ 520.832992][T12212] ? kasan_save_stack+0x33/0x60 [ 520.833012][T12212] ? kasan_save_track+0x14/0x30 [ 520.833041][T12212] ? find_held_lock+0x2b/0x80 [ 520.833059][T12212] ? 0xffffffffff600000 [ 520.833076][T12212] ? rcu_is_watching+0x12/0xc0 [ 520.833095][T12212] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 520.833122][T12212] ? lockdep_hardirqs_on+0x7c/0x110 [ 520.833192][T12212] ? vfs_coredump+0x2b94/0x5670 [ 520.833209][T12212] vfs_coredump+0x2b94/0x5670 [ 520.833238][T12212] ? __pfx_vfs_coredump+0x10/0x10 [ 520.833259][T12212] ? __lock_acquire+0x62e/0x1ce0 [ 520.833295][T12212] ? __lock_acquire+0x62e/0x1ce0 [ 520.833323][T12212] ? lock_acquire+0x179/0x350 [ 520.833366][T12212] ? is_bpf_text_address+0x8a/0x1a0 [ 520.833390][T12212] ? bpf_ksym_find+0x124/0x1c0 [ 520.833415][T12212] ? __kernel_text_address+0xd/0x40 [ 520.833433][T12212] ? unwind_get_return_address+0x59/0xa0 [ 520.833454][T12212] ? arch_stack_walk+0xa6/0x100 [ 520.833486][T12212] ? stack_trace_save+0x8e/0xc0 [ 520.833508][T12212] ? __pfx_stack_trace_save+0x10/0x10 [ 520.833530][T12212] ? stack_depot_save_flags+0x29/0x9c0 [ 520.833561][T12212] ? __lock_acquire+0xb97/0x1ce0 [ 520.833636][T12212] ? proc_coredump_connector+0x2d1/0x4f0 [ 520.833661][T12212] ? __pfx_proc_coredump_connector+0x10/0x10 [ 520.833692][T12212] ? rcu_is_watching+0x12/0xc0 [ 520.833716][T12212] get_signal+0x22e3/0x26d0 [ 520.833745][T12212] ? force_sig_fault+0xc4/0x100 [ 520.833769][T12212] ? __pfx_get_signal+0x10/0x10 [ 520.833799][T12212] arch_do_signal_or_restart+0x8f/0x790 [ 520.833825][T12212] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 520.833855][T12212] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 520.833897][T12212] irqentry_exit_to_user_mode+0x12a/0x270 [ 520.833927][T12212] asm_exc_page_fault+0x26/0x30 [ 520.833946][T12212] RIP: 0033:0x7fd78558ebf1 [ 520.833962][T12212] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 520.833982][T12212] RSP: 002b:00000000fffffffe EFLAGS: 00010217 [ 520.833999][T12212] RAX: 0000000000000000 RBX: 00007fd7857c5fa0 RCX: 00007fd78558ebe9 [ 520.834011][T12212] RDX: 00002000000003c0 RSI: 00000000fffffffe RDI: 000000000000b74b [ 520.834024][T12212] RBP: 00007fd785611e19 R08: 000000000000000c R09: 0000000000000000 [ 520.834037][T12212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 520.834049][T12212] R13: 00007fd7857c6038 R14: 00007fd7857c5fa0 R15: 00007ffda91af778 [ 520.834076][T12212] [ 520.834089][T12212] memory: usage 307200kB, limit 307200kB, failcnt 24631 [ 520.999049][T12451] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1276'. [ 521.402364][T12212] memory+swap: usage 431880kB, limit 9007199254740988kB, failcnt 0 [ 521.469715][T12212] kmem: usage 6080kB, limit 9007199254740988kB, failcnt 0 [ 521.492053][T12212] Memory cgroup stats for /syz1: [ 521.492296][T12212] cache 308281344 [ 521.503652][T12451] bridge_slave_1: left allmulticast mode [ 521.517335][T12212] rss 45056 [ 521.520488][T12212] rss_huge 0 [ 521.523691][T12212] shmem 308277248 [ 521.531249][T12451] bridge_slave_1: left promiscuous mode [ 521.538490][T12451] bridge0: port 2(bridge_slave_1) entered disabled state [ 521.549905][T12212] mapped_file 0 [ 521.553395][T12212] dirty 0 [ 521.565865][T12212] writeback 0 [ 521.571982][T12212] workingset_refault_anon 217 [ 521.576683][T12212] workingset_refault_file 2402 [ 521.587173][T12212] swap 127672320 [ 521.590746][T12212] swapcached 32768 [ 521.594587][T12212] pgpgin 909789 [ 521.604188][T12212] pgpgout 836042 [ 521.608158][T12212] pgfault 569953 [ 521.611722][T12212] pgmajfault 140 [ 521.615272][T12212] inactive_anon 37965824 [ 521.625111][T12212] active_anon 270106624 [ 521.629839][T12212] inactive_file 0 [ 521.633581][T12212] active_file 4096 [ 521.637853][T12212] unevictable 0 [ 521.641324][T12212] hierarchical_memory_limit 314572800 [ 521.650817][T12212] hierarchical_memsw_limit 9223372036854771712 [ 521.656995][T12212] total_cache 308281344 [ 521.661724][T12212] total_rss 45056 [ 521.665375][T12212] total_rss_huge 0 [ 521.669840][T12451] bridge_slave_0: left allmulticast mode [ 521.670456][T12212] total_shmem 308277248 [ 521.675489][T12451] bridge_slave_0: left promiscuous mode [ 521.675731][T12451] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.680480][T12212] total_mapped_file 0 [ 521.696382][T12212] total_dirty 0 [ 521.699911][T12212] total_writeback 0 [ 521.703729][T12212] total_workingset_refault_anon 217 [ 521.712531][T12212] total_workingset_refault_file 2402 [ 521.717891][T12212] total_swap 127672320 [ 521.721959][T12212] total_swapcached 32768 [ 521.726301][T12212] total_pgpgin 909789 [ 521.732879][T12212] total_pgpgout 836042 [ 521.737054][T12212] total_pgfault 569953 [ 521.742506][T12212] total_pgmajfault 140 [ 521.773204][T12212] total_inactive_anon 37965824 [ 521.781234][T12212] total_active_anon 270106624 [ 521.785945][T12212] total_inactive_file 0 [ 521.864360][T12212] total_active_file 4096 [ 521.877228][T12212] total_unevictable 0 [ 521.881245][T12212] anon_cost 0 [ 521.884542][T12212] file_cost 0 [ 521.909484][T12212] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1238,pid=12230,uid=0 [ 522.015861][T12212] Memory cgroup out of memory: Killed process 12230 (syz.1.1238) total-vm:102740kB, anon-rss:1020kB, file-rss:49340kB, shmem-rss:128kB, UID:0 pgtables:184kB oom_score_adj:0 [ 524.251652][ T32] oom_reaper: reaped process 12230 (syz.1.1238), now anon-rss:8kB, file-rss:21692kB, shmem-rss:128kB [ 527.528785][T12527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1288'. [ 527.667318][T12532] FAULT_INJECTION: forcing a failure. [ 527.667318][T12532] name fail_futex, interval 1, probability 0, space 0, times 0 [ 527.680992][T12532] CPU: 1 UID: 0 PID: 12532 Comm: syz.0.1286 Not tainted syzkaller #0 PREEMPT(full) [ 527.681029][T12532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 527.681044][T12532] Call Trace: [ 527.681053][T12532] [ 527.681065][T12532] dump_stack_lvl+0x16c/0x1f0 [ 527.681107][T12532] should_fail_ex+0x512/0x640 [ 527.681150][T12532] get_futex_key+0x1d0/0x1560 [ 527.681186][T12532] ? __pfx_get_futex_key+0x10/0x10 [ 527.681221][T12532] ? __lock_acquire+0x62e/0x1ce0 [ 527.681258][T12532] futex_wake+0xea/0x530 [ 527.681299][T12532] ? __pfx_futex_wake+0x10/0x10 [ 527.681341][T12532] ? task_mm_cid_work+0x704/0x900 [ 527.681373][T12532] do_futex+0x1e3/0x350 [ 527.681411][T12532] ? __pfx_do_futex+0x10/0x10 [ 527.681443][T12532] ? __pfx_task_mm_cid_work+0x10/0x10 [ 527.681468][T12532] ? __pfx___might_resched+0x10/0x10 [ 527.681499][T12532] __x64_sys_futex+0x1e0/0x4c0 [ 527.681533][T12532] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 527.681569][T12532] ? __pfx___x64_sys_futex+0x10/0x10 [ 527.681601][T12532] ? xfd_validate_state+0x61/0x180 [ 527.681648][T12532] do_syscall_64+0xcd/0x490 [ 527.681688][T12532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.681714][T12532] RIP: 0033:0x7f34a3d8ebe9 [ 527.681735][T12532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.681761][T12532] RSP: 002b:00007f34a4c540e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 527.681786][T12532] RAX: ffffffffffffffda RBX: 00007f34a3fc6098 RCX: 00007f34a3d8ebe9 [ 527.681804][T12532] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34a3fc609c [ 527.681820][T12532] RBP: 00007f34a3fc6090 R08: 00007f34a4c76000 R09: 0000000000000000 [ 527.681837][T12532] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 527.681853][T12532] R13: 00007f34a3fc6128 R14: 00007ffdad43a9d0 R15: 00007ffdad43aab8 [ 527.681889][T12532] [ 529.381202][T12509] FAULT_INJECTION: forcing a failure. [ 529.381202][T12509] name fail_futex, interval 1, probability 0, space 0, times 0 [ 529.396357][T12509] CPU: 0 UID: 0 PID: 12509 Comm: syz.2.1283 Not tainted syzkaller #0 PREEMPT(full) [ 529.396388][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 529.396401][T12509] Call Trace: [ 529.396409][T12509] [ 529.396418][T12509] dump_stack_lvl+0x16c/0x1f0 [ 529.396457][T12509] should_fail_ex+0x512/0x640 [ 529.396498][T12509] get_futex_key+0x1d0/0x1560 [ 529.396529][T12509] ? __pfx_get_futex_key+0x10/0x10 [ 529.396554][T12509] ? __mutex_trylock_common+0xe9/0x250 [ 529.396594][T12509] futex_wake+0xea/0x530 [ 529.396630][T12509] ? __pfx_futex_wake+0x10/0x10 [ 529.396679][T12509] do_futex+0x1e3/0x350 [ 529.396708][T12509] ? __pfx_do_futex+0x10/0x10 [ 529.396733][T12509] ? __might_fault+0xe3/0x190 [ 529.396770][T12509] mm_release+0x24e/0x300 [ 529.396799][T12509] do_exit+0x68e/0x2bf0 [ 529.396838][T12509] ? __pfx_do_exit+0x10/0x10 [ 529.396868][T12509] ? do_raw_spin_lock+0x12c/0x2b0 [ 529.396906][T12509] ? find_held_lock+0x2b/0x80 [ 529.396936][T12509] do_group_exit+0xd3/0x2a0 [ 529.396970][T12509] get_signal+0x2673/0x26d0 [ 529.397006][T12509] ? __pfx_get_signal+0x10/0x10 [ 529.397032][T12509] ? do_futex+0x122/0x350 [ 529.397059][T12509] ? __pfx_do_futex+0x10/0x10 [ 529.397095][T12509] arch_do_signal_or_restart+0x8f/0x790 [ 529.397126][T12509] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 529.397165][T12509] ? xfd_validate_state+0x61/0x180 [ 529.397196][T12509] ? __pfx___do_sys_prctl+0x10/0x10 [ 529.397239][T12509] exit_to_user_mode_loop+0x84/0x110 [ 529.397281][T12509] do_syscall_64+0x3f6/0x490 [ 529.397318][T12509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.397342][T12509] RIP: 0033:0x7fd3bb98ebe9 [ 529.397362][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 529.397384][T12509] RSP: 002b:00007fd3bc7c30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 529.397407][T12509] RAX: fffffffffffffe00 RBX: 00007fd3bbbc6188 RCX: 00007fd3bb98ebe9 [ 529.397424][T12509] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd3bbbc6188 [ 529.397439][T12509] RBP: 00007fd3bbbc6180 R08: 0000000000000000 R09: 0000000000000000 [ 529.397454][T12509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.397468][T12509] R13: 00007fd3bbbc6218 R14: 00007ffdea5a3140 R15: 00007ffdea5a3228 [ 529.397502][T12509] [ 530.381586][T12558] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1296'. [ 530.470603][T12554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1296'. [ 531.684983][T12574] net_ratelimit: 19 callbacks suppressed [ 531.685005][T12574] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 534.939447][T12609] Invalid ELF header magic: != ELF [ 535.542648][T12619] nbd: must specify a device to reconfigure [ 536.307020][T12622] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1312'. [ 536.601762][T12630] random: crng reseeded on system resumption [ 538.678404][T12660] delete_channel: no stack [ 538.947513][T12671] nbd: must specify a device to reconfigure [ 544.409602][T12750] FAULT_INJECTION: forcing a failure. [ 544.409602][T12750] name failslab, interval 1, probability 0, space 0, times 0 [ 544.497361][T12750] CPU: 1 UID: 0 PID: 12750 Comm: syz.3.1342 Not tainted syzkaller #0 PREEMPT(full) [ 544.497400][T12750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 544.497415][T12750] Call Trace: [ 544.497425][T12750] [ 544.497435][T12750] dump_stack_lvl+0x16c/0x1f0 [ 544.497481][T12750] should_fail_ex+0x512/0x640 [ 544.497519][T12750] ? __kmalloc_noprof+0xbf/0x510 [ 544.497552][T12750] ? ima_write_template_field_data+0x5d/0x1f0 [ 544.497589][T12750] should_failslab+0xc2/0x120 [ 544.497623][T12750] __kmalloc_noprof+0xd2/0x510 [ 544.497662][T12750] ima_write_template_field_data+0x5d/0x1f0 [ 544.497704][T12750] ima_eventname_init_common+0x1b8/0x260 [ 544.497745][T12750] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 544.497788][T12750] ? trace_kmalloc+0x2b/0xd0 [ 544.497819][T12750] ? __kmalloc_noprof+0x242/0x510 [ 544.497857][T12750] ima_alloc_init_template+0x3a0/0x720 [ 544.497891][T12750] ? rcu_is_watching+0x12/0xc0 [ 544.497921][T12750] ima_store_measurement+0x1eb/0x5c0 [ 544.497956][T12750] ? __pfx_ima_store_measurement+0x10/0x10 [ 544.497989][T12750] ? vfs_getxattr_alloc+0xec/0x340 [ 544.498028][T12750] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 544.498069][T12750] process_measurement+0x1ddb/0x23e0 [ 544.498112][T12750] ? __pfx_process_measurement+0x10/0x10 [ 544.498159][T12750] ? rcu_read_unlock+0x17/0x60 [ 544.498223][T12750] ? debug_mutex_init+0x37/0x70 [ 544.498250][T12750] ? inode_to_bdi+0x9e/0x160 [ 544.498290][T12750] ima_file_check+0xc5/0x110 [ 544.498317][T12750] ? __pfx_ima_file_check+0x10/0x10 [ 544.498351][T12750] security_file_post_open+0x8e/0x210 [ 544.498387][T12750] path_openat+0x1404/0x2cb0 [ 544.498430][T12750] ? __pfx_path_openat+0x10/0x10 [ 544.498470][T12750] do_filp_open+0x20b/0x470 [ 544.498500][T12750] ? __pfx_do_filp_open+0x10/0x10 [ 544.498558][T12750] ? alloc_fd+0x471/0x7d0 [ 544.498595][T12750] do_sys_openat2+0x11b/0x1d0 [ 544.498632][T12750] ? __pfx_do_sys_openat2+0x10/0x10 [ 544.498684][T12750] __x64_sys_openat+0x174/0x210 [ 544.498722][T12750] ? __pfx___x64_sys_openat+0x10/0x10 [ 544.498775][T12750] do_syscall_64+0xcd/0x490 [ 544.498816][T12750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 544.498844][T12750] RIP: 0033:0x7fe04c98ebe9 [ 544.498865][T12750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 544.498891][T12750] RSP: 002b:00007fe04d819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 544.498918][T12750] RAX: ffffffffffffffda RBX: 00007fe04cbc6090 RCX: 00007fe04c98ebe9 [ 544.498937][T12750] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 544.498954][T12750] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 544.498971][T12750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 544.498987][T12750] R13: 00007fe04cbc6128 R14: 00007fe04cbc6090 R15: 00007ffdc8d5c7c8 [ 544.499024][T12750] [ 544.500545][ T30] audit: type=1804 audit(4294967406.960:25): pid=12750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.1342" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=29 res=0 errno=0 [ 544.811956][ C1] vkms_vblank_simulate: vblank timer overrun [ 548.042351][T12800] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1353'. [ 548.780762][ T30] audit: type=1800 audit(4294967411.240:26): pid=12803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1353" name="dbroot" dev="configfs" ino=38377 res=0 errno=0 [ 550.810995][T12819] netlink: zone id is out of range [ 550.816118][T12819] netlink: zone id is out of range [ 550.841205][T12821] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 550.901288][T12819] netlink: zone id is out of range [ 550.906443][T12819] netlink: zone id is out of range [ 550.991531][T12819] netlink: zone id is out of range [ 550.996678][T12819] netlink: zone id is out of range [ 551.040767][T12819] netlink: zone id is out of range [ 551.097491][T12819] netlink: zone id is out of range [ 551.107281][T12819] netlink: zone id is out of range [ 551.117335][T12819] netlink: zone id is out of range [ 551.123311][T12828] FAULT_INJECTION: forcing a failure. [ 551.123311][T12828] name failslab, interval 1, probability 0, space 0, times 0 [ 551.151711][T12828] CPU: 0 UID: 0 PID: 12828 Comm: syz.3.1360 Not tainted syzkaller #0 PREEMPT(full) [ 551.151749][T12828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 551.151766][T12828] Call Trace: [ 551.151775][T12828] [ 551.151785][T12828] dump_stack_lvl+0x16c/0x1f0 [ 551.151828][T12828] should_fail_ex+0x512/0x640 [ 551.151867][T12828] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 551.151899][T12828] should_failslab+0xc2/0x120 [ 551.151933][T12828] __kmalloc_cache_noprof+0x6a/0x3e0 [ 551.151961][T12828] ? find_held_lock+0x2b/0x80 [ 551.151986][T12828] ? alloc_fdtable+0xbd/0x2d0 [ 551.152017][T12828] alloc_fdtable+0xbd/0x2d0 [ 551.152045][T12828] dup_fd+0x83b/0xb90 [ 551.152077][T12828] ? apparmor_task_alloc+0x2c2/0x3b0 [ 551.152110][T12828] copy_process+0x230c/0x7690 [ 551.152157][T12828] ? __pfx_copy_process+0x10/0x10 [ 551.152189][T12828] ? futex_private_hash_put+0x176/0x300 [ 551.152224][T12828] ? futex_private_hash_put+0x18a/0x300 [ 551.152261][T12828] kernel_clone+0xfc/0x930 [ 551.152292][T12828] ? __pfx_futex_wake+0x10/0x10 [ 551.152327][T12828] ? __pfx_kernel_clone+0x10/0x10 [ 551.152379][T12828] __do_sys_clone+0xce/0x120 [ 551.152411][T12828] ? __pfx___do_sys_clone+0x10/0x10 [ 551.152473][T12828] ? xfd_validate_state+0x61/0x180 [ 551.152510][T12828] ? __pfx_do_writev+0x10/0x10 [ 551.152551][T12828] do_syscall_64+0xcd/0x490 [ 551.152593][T12828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.152620][T12828] RIP: 0033:0x7fe04c98ebe9 [ 551.152642][T12828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 551.152667][T12828] RSP: 002b:00007fe04d839fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 551.152693][T12828] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98ebe9 [ 551.152711][T12828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 551.152728][T12828] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 551.152745][T12828] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 551.152761][T12828] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 551.152796][T12828] [ 551.683067][T12832] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 552.238672][T12843] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input53 [ 552.548925][T12840] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1362'. [ 552.782773][T12846] FAULT_INJECTION: forcing a failure. [ 552.782773][T12846] name fail_futex, interval 1, probability 0, space 0, times 0 [ 552.887224][T12846] CPU: 0 UID: 0 PID: 12846 Comm: syz.0.1365 Not tainted syzkaller #0 PREEMPT(full) [ 552.887257][T12846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 552.887278][T12846] Call Trace: [ 552.887286][T12846] [ 552.887294][T12846] dump_stack_lvl+0x16c/0x1f0 [ 552.887333][T12846] should_fail_ex+0x512/0x640 [ 552.887372][T12846] get_futex_key+0x1d0/0x1560 [ 552.887406][T12846] ? __pfx_get_futex_key+0x10/0x10 [ 552.887433][T12846] ? futex_private_hash_put+0x176/0x300 [ 552.887472][T12846] futex_wake+0xea/0x530 [ 552.887509][T12846] ? __pfx_futex_wake+0x10/0x10 [ 552.887559][T12846] do_futex+0x1e3/0x350 [ 552.887589][T12846] ? __pfx_do_futex+0x10/0x10 [ 552.887617][T12846] ? __fget_files+0x20e/0x3c0 [ 552.887652][T12846] __x64_sys_futex+0x1e0/0x4c0 [ 552.887693][T12846] ? __pfx___x64_sys_futex+0x10/0x10 [ 552.887724][T12846] ? xfd_validate_state+0x61/0x180 [ 552.887770][T12846] do_syscall_64+0xcd/0x490 [ 552.887806][T12846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.887830][T12846] RIP: 0033:0x7f34a3d8ebe9 [ 552.887850][T12846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 552.887873][T12846] RSP: 002b:00007f34a4c750e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 552.887897][T12846] RAX: ffffffffffffffda RBX: 00007f34a3fc5fa8 RCX: 00007f34a3d8ebe9 [ 552.887913][T12846] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34a3fc5fac [ 552.887928][T12846] RBP: 00007f34a3fc5fa0 R08: 00007f34a4c76000 R09: 0000000000000000 [ 552.887944][T12846] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 552.887959][T12846] R13: 00007f34a3fc6038 R14: 00007ffdad43a9d0 R15: 00007ffdad43aab8 [ 552.887993][T12846] [ 554.551712][T12869] HSR: entered promiscuous mode [ 555.037784][T12896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1377'. [ 555.072848][T12896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1377'. [ 556.766120][ T5873] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 557.309165][T12940] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54 [ 557.881484][T12947] FAULT_INJECTION: forcing a failure. [ 557.881484][T12947] name failslab, interval 1, probability 0, space 0, times 0 [ 557.945877][T12947] CPU: 0 UID: 0 PID: 12947 Comm: syz.3.1386 Not tainted syzkaller #0 PREEMPT(full) [ 557.945915][T12947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 557.945931][T12947] Call Trace: [ 557.945940][T12947] [ 557.945952][T12947] dump_stack_lvl+0x16c/0x1f0 [ 557.945996][T12947] should_fail_ex+0x512/0x640 [ 557.946033][T12947] ? fs_reclaim_acquire+0xae/0x150 [ 557.946073][T12947] ? tomoyo_encode2+0x100/0x3e0 [ 557.946105][T12947] should_failslab+0xc2/0x120 [ 557.946138][T12947] __kmalloc_noprof+0xd2/0x510 [ 557.946167][T12947] ? d_absolute_path+0x136/0x1a0 [ 557.946209][T12947] tomoyo_encode2+0x100/0x3e0 [ 557.946249][T12947] tomoyo_encode+0x29/0x50 [ 557.946283][T12947] tomoyo_realpath_from_path+0x18f/0x6e0 [ 557.946329][T12947] tomoyo_check_open_permission+0x2ab/0x3c0 [ 557.946364][T12947] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 557.946434][T12947] ? find_held_lock+0x2b/0x80 [ 557.946470][T12947] tomoyo_file_open+0x6b/0x90 [ 557.946496][T12947] security_file_open+0x84/0x1e0 [ 557.946530][T12947] do_dentry_open+0x596/0x1530 [ 557.946566][T12947] vfs_open+0x82/0x3f0 [ 557.946607][T12947] path_openat+0x1de4/0x2cb0 [ 557.946651][T12947] ? __pfx_path_openat+0x10/0x10 [ 557.946693][T12947] do_filp_open+0x20b/0x470 [ 557.946725][T12947] ? __pfx_do_filp_open+0x10/0x10 [ 557.946793][T12947] ? alloc_fd+0x471/0x7d0 [ 557.946832][T12947] do_sys_openat2+0x11b/0x1d0 [ 557.946871][T12947] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.946923][T12947] __x64_sys_openat+0x174/0x210 [ 557.946961][T12947] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.947014][T12947] do_syscall_64+0xcd/0x490 [ 557.947055][T12947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.947083][T12947] RIP: 0033:0x7fe04c98ebe9 [ 557.947102][T12947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.947127][T12947] RSP: 002b:00007fe04d819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.947151][T12947] RAX: ffffffffffffffda RBX: 00007fe04cbc6090 RCX: 00007fe04c98ebe9 [ 557.947166][T12947] RDX: 0000000000000142 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 557.947180][T12947] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 557.947195][T12947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.947210][T12947] R13: 00007fe04cbc6128 R14: 00007fe04cbc6090 R15: 00007ffdc8d5c7c8 [ 557.947247][T12947] [ 558.184928][ C0] vkms_vblank_simulate: vblank timer overrun [ 558.306403][T12947] ERROR: Out of memory at tomoyo_realpath_from_path. [ 558.395689][T12941] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55 [ 558.798944][ T5880] Bluetooth: hci3: command 0x0406 tx timeout [ 559.548426][T12979] FAULT_INJECTION: forcing a failure. [ 559.548426][T12979] name failslab, interval 1, probability 0, space 0, times 0 [ 559.599772][T12979] CPU: 1 UID: 0 PID: 12979 Comm: syz.3.1393 Not tainted syzkaller #0 PREEMPT(full) [ 559.599807][T12979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 559.599822][T12979] Call Trace: [ 559.599830][T12979] [ 559.599840][T12979] dump_stack_lvl+0x16c/0x1f0 [ 559.599881][T12979] should_fail_ex+0x512/0x640 [ 559.599925][T12979] ? __kvmalloc_node_noprof+0x124/0x620 [ 559.599957][T12979] should_failslab+0xc2/0x120 [ 559.599988][T12979] __kvmalloc_node_noprof+0x137/0x620 [ 559.600016][T12979] ? __lock_acquire+0xb97/0x1ce0 [ 559.600046][T12979] ? seq_read_iter+0x826/0x12c0 [ 559.600077][T12979] ? seq_read_iter+0x826/0x12c0 [ 559.600098][T12979] seq_read_iter+0x826/0x12c0 [ 559.600123][T12979] ? __mutex_trylock_common+0xe9/0x250 [ 559.600168][T12979] kernfs_fop_read_iter+0x40f/0x5a0 [ 559.600191][T12979] ? rw_verify_area+0xcf/0x6c0 [ 559.600221][T12979] vfs_read+0x8bc/0xcf0 [ 559.600253][T12979] ? __pfx___mutex_lock+0x10/0x10 [ 559.600289][T12979] ? __pfx_vfs_read+0x10/0x10 [ 559.600341][T12979] ksys_read+0x12a/0x250 [ 559.600369][T12979] ? __pfx_ksys_read+0x10/0x10 [ 559.600407][T12979] do_syscall_64+0xcd/0x490 [ 559.600446][T12979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.600472][T12979] RIP: 0033:0x7fe04c98ebe9 [ 559.600491][T12979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 559.600516][T12979] RSP: 002b:00007fe04d83a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 559.600540][T12979] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98ebe9 [ 559.600557][T12979] RDX: 000000000000002e RSI: 0000200000000000 RDI: 0000000000000003 [ 559.600572][T12979] RBP: 00007fe04d83a090 R08: 0000000000000000 R09: 0000000000000000 [ 559.600588][T12979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 559.600602][T12979] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 559.600643][T12979] [ 560.580819][T13004] FAULT_INJECTION: forcing a failure. [ 560.580819][T13004] name failslab, interval 1, probability 0, space 0, times 0 [ 560.647222][T13004] CPU: 1 UID: 0 PID: 13004 Comm: syz.3.1399 Not tainted syzkaller #0 PREEMPT(full) [ 560.647257][T13004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 560.647273][T13004] Call Trace: [ 560.647282][T13004] [ 560.647291][T13004] dump_stack_lvl+0x16c/0x1f0 [ 560.647333][T13004] should_fail_ex+0x512/0x640 [ 560.647368][T13004] ? fs_reclaim_acquire+0xae/0x150 [ 560.647404][T13004] ? tomoyo_encode2+0x100/0x3e0 [ 560.647433][T13004] should_failslab+0xc2/0x120 [ 560.647462][T13004] __kmalloc_noprof+0xd2/0x510 [ 560.647489][T13004] ? d_absolute_path+0x136/0x1a0 [ 560.647533][T13004] tomoyo_encode2+0x100/0x3e0 [ 560.647573][T13004] tomoyo_encode+0x29/0x50 [ 560.647612][T13004] tomoyo_realpath_from_path+0x18f/0x6e0 [ 560.647658][T13004] tomoyo_check_open_permission+0x2ab/0x3c0 [ 560.647693][T13004] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 560.647763][T13004] ? find_held_lock+0x2b/0x80 [ 560.647797][T13004] tomoyo_file_open+0x6b/0x90 [ 560.647824][T13004] security_file_open+0x84/0x1e0 [ 560.647859][T13004] do_dentry_open+0x596/0x1530 [ 560.647900][T13004] vfs_open+0x82/0x3f0 [ 560.647940][T13004] path_openat+0x1de4/0x2cb0 [ 560.647981][T13004] ? __pfx_path_openat+0x10/0x10 [ 560.648020][T13004] do_filp_open+0x20b/0x470 [ 560.648051][T13004] ? __pfx_do_filp_open+0x10/0x10 [ 560.648105][T13004] ? alloc_fd+0x471/0x7d0 [ 560.648142][T13004] do_sys_openat2+0x11b/0x1d0 [ 560.648178][T13004] ? __pfx_do_sys_openat2+0x10/0x10 [ 560.648229][T13004] __x64_sys_openat+0x174/0x210 [ 560.648266][T13004] ? __pfx___x64_sys_openat+0x10/0x10 [ 560.648319][T13004] do_syscall_64+0xcd/0x490 [ 560.648359][T13004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 560.648384][T13004] RIP: 0033:0x7fe04c98ebe9 [ 560.648405][T13004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 560.648430][T13004] RSP: 002b:00007fe04d819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 560.648455][T13004] RAX: ffffffffffffffda RBX: 00007fe04cbc6090 RCX: 00007fe04c98ebe9 [ 560.648473][T13004] RDX: 0000000000000142 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 560.648489][T13004] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 560.648506][T13004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 560.648522][T13004] R13: 00007fe04cbc6128 R14: 00007fe04cbc6090 R15: 00007ffdc8d5c7c8 [ 560.648558][T13004] [ 560.648593][T13004] ERROR: Out of memory at tomoyo_realpath_from_path. [ 561.773461][T13018] nbd: illegal input index -5 [ 563.129877][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.136222][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.228393][T13052] FAULT_INJECTION: forcing a failure. [ 563.228393][T13052] name failslab, interval 1, probability 0, space 0, times 0 [ 563.254597][T13052] CPU: 0 UID: 0 PID: 13052 Comm: syz.3.1409 Not tainted syzkaller #0 PREEMPT(full) [ 563.254635][T13052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 563.254651][T13052] Call Trace: [ 563.254660][T13052] [ 563.254670][T13052] dump_stack_lvl+0x16c/0x1f0 [ 563.254712][T13052] should_fail_ex+0x512/0x640 [ 563.254748][T13052] ? __kmalloc_noprof+0xbf/0x510 [ 563.254781][T13052] ? realloc_user_queue+0x288/0x320 [ 563.254807][T13052] should_failslab+0xc2/0x120 [ 563.254841][T13052] __kmalloc_noprof+0xd2/0x510 [ 563.254877][T13052] realloc_user_queue+0x288/0x320 [ 563.254907][T13052] ? __pfx_snd_timer_user_open+0x10/0x10 [ 563.254936][T13052] snd_timer_user_open+0xfc/0x180 [ 563.254966][T13052] snd_open+0x22a/0x4c0 [ 563.254990][T13052] ? __pfx_snd_open+0x10/0x10 [ 563.255013][T13052] chrdev_open+0x234/0x6a0 [ 563.255043][T13052] ? __pfx_apparmor_file_open+0x10/0x10 [ 563.255081][T13052] ? __pfx_chrdev_open+0x10/0x10 [ 563.255115][T13052] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 563.255150][T13052] do_dentry_open+0x982/0x1530 [ 563.255183][T13052] ? __pfx_chrdev_open+0x10/0x10 [ 563.255222][T13052] vfs_open+0x82/0x3f0 [ 563.255262][T13052] path_openat+0x1de4/0x2cb0 [ 563.255302][T13052] ? __pfx_path_openat+0x10/0x10 [ 563.255341][T13052] do_filp_open+0x20b/0x470 [ 563.255371][T13052] ? __pfx_do_filp_open+0x10/0x10 [ 563.255425][T13052] ? alloc_fd+0x471/0x7d0 [ 563.255461][T13052] do_sys_openat2+0x11b/0x1d0 [ 563.255496][T13052] ? __pfx_do_sys_openat2+0x10/0x10 [ 563.255545][T13052] __x64_sys_openat+0x174/0x210 [ 563.255582][T13052] ? __pfx___x64_sys_openat+0x10/0x10 [ 563.255632][T13052] do_syscall_64+0xcd/0x490 [ 563.255671][T13052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.255696][T13052] RIP: 0033:0x7fe04c98ebe9 [ 563.255717][T13052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 563.255742][T13052] RSP: 002b:00007fe04d83a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 563.255768][T13052] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98ebe9 [ 563.255786][T13052] RDX: 0000000000101440 RSI: 0000200000001cc0 RDI: ffffffffffffff9c [ 563.255804][T13052] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 563.255821][T13052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.255837][T13052] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 563.255872][T13052] [ 563.868319][T13060] FAULT_INJECTION: forcing a failure. [ 563.868319][T13060] name failslab, interval 1, probability 0, space 0, times 0 [ 563.878047][T13063] FAULT_INJECTION: forcing a failure. [ 563.878047][T13063] name failslab, interval 1, probability 0, space 0, times 0 [ 563.911636][T13060] CPU: 1 UID: 0 PID: 13060 Comm: syz.2.1411 Not tainted syzkaller #0 PREEMPT(full) [ 563.911677][T13060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 563.911694][T13060] Call Trace: [ 563.911703][T13060] [ 563.911713][T13060] dump_stack_lvl+0x16c/0x1f0 [ 563.911759][T13060] should_fail_ex+0x512/0x640 [ 563.911800][T13060] ? __kmalloc_noprof+0xbf/0x510 [ 563.911835][T13060] ? ima_write_template_field_data+0x5d/0x1f0 [ 563.911872][T13060] should_failslab+0xc2/0x120 [ 563.911905][T13060] __kmalloc_noprof+0xd2/0x510 [ 563.911945][T13060] ima_write_template_field_data+0x5d/0x1f0 [ 563.911990][T13060] ima_eventname_init_common+0x1b8/0x260 [ 563.912039][T13060] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 563.912081][T13060] ? trace_kmalloc+0x2b/0xd0 [ 563.912110][T13060] ? __kmalloc_noprof+0x242/0x510 [ 563.912141][T13060] ima_alloc_init_template+0x3a0/0x720 [ 563.912170][T13060] ? rcu_is_watching+0x12/0xc0 [ 563.912195][T13060] ima_store_measurement+0x1eb/0x5c0 [ 563.912225][T13060] ? __pfx_ima_store_measurement+0x10/0x10 [ 563.912253][T13060] ? vfs_getxattr_alloc+0xec/0x340 [ 563.912286][T13060] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 563.912314][T13060] process_measurement+0x1ddb/0x23e0 [ 563.912349][T13060] ? __pfx_process_measurement+0x10/0x10 [ 563.912385][T13060] ? rcu_read_unlock+0x17/0x60 [ 563.912435][T13060] ? debug_mutex_init+0x37/0x70 [ 563.912456][T13060] ? inode_to_bdi+0x9e/0x160 [ 563.912489][T13060] ima_file_check+0xc5/0x110 [ 563.912512][T13060] ? __pfx_ima_file_check+0x10/0x10 [ 563.912542][T13060] security_file_post_open+0x8e/0x210 [ 563.912572][T13060] path_openat+0x1404/0x2cb0 [ 563.912607][T13060] ? __pfx_path_openat+0x10/0x10 [ 563.912640][T13060] do_filp_open+0x20b/0x470 [ 563.912666][T13060] ? __pfx_do_filp_open+0x10/0x10 [ 563.912712][T13060] ? alloc_fd+0x471/0x7d0 [ 563.912743][T13060] do_sys_openat2+0x11b/0x1d0 [ 563.912775][T13060] ? __pfx_do_sys_openat2+0x10/0x10 [ 563.912819][T13060] __x64_sys_openat+0x174/0x210 [ 563.912851][T13060] ? __pfx___x64_sys_openat+0x10/0x10 [ 563.912895][T13060] do_syscall_64+0xcd/0x490 [ 563.912930][T13060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.912953][T13060] RIP: 0033:0x7fd3bb98ebe9 [ 563.912993][T13060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 563.913022][T13060] RSP: 002b:00007fd3bc7e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 563.913046][T13060] RAX: ffffffffffffffda RBX: 00007fd3bbbc6090 RCX: 00007fd3bb98ebe9 [ 563.913063][T13060] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 563.913079][T13060] RBP: 00007fd3bba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 563.913093][T13060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.913106][T13060] R13: 00007fd3bbbc6128 R14: 00007fd3bbbc6090 R15: 00007ffdea5a3228 [ 563.913134][T13060] [ 564.442495][T13063] CPU: 0 UID: 0 PID: 13063 Comm: syz.3.1412 Not tainted syzkaller #0 PREEMPT(full) [ 564.442533][T13063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 564.442547][T13063] Call Trace: [ 564.442554][T13063] [ 564.442563][T13063] dump_stack_lvl+0x16c/0x1f0 [ 564.442608][T13063] should_fail_ex+0x512/0x640 [ 564.442643][T13063] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 564.442679][T13063] should_failslab+0xc2/0x120 [ 564.442710][T13063] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 564.442743][T13063] ? getname_flags.part.0+0x4c/0x550 [ 564.442789][T13063] getname_flags.part.0+0x4c/0x550 [ 564.442828][T13063] getname_flags+0x93/0xf0 [ 564.442859][T13063] do_sys_openat2+0xb8/0x1d0 [ 564.442893][T13063] ? __pfx_do_sys_openat2+0x10/0x10 [ 564.442937][T13063] ? __fget_files+0x20e/0x3c0 [ 564.442977][T13063] __x64_sys_openat+0x174/0x210 [ 564.443018][T13063] ? __pfx___x64_sys_openat+0x10/0x10 [ 564.443051][T13063] ? ksys_write+0x1ac/0x250 [ 564.443094][T13063] do_syscall_64+0xcd/0x490 [ 564.443136][T13063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.443161][T13063] RIP: 0033:0x7fe04c98ebe9 [ 564.443181][T13063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 564.443204][T13063] RSP: 002b:00007fe04d819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 564.443232][T13063] RAX: ffffffffffffffda RBX: 00007fe04cbc6090 RCX: 00007fe04c98ebe9 [ 564.443249][T13063] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 564.443265][T13063] RBP: 00007fe04d819090 R08: 0000000000000000 R09: 0000000000000000 [ 564.443280][T13063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 564.443299][T13063] R13: 00007fe04cbc6128 R14: 00007fe04cbc6090 R15: 00007ffdc8d5c7c8 [ 564.443332][T13063] [ 564.691577][ T30] audit: type=1804 audit(4294967426.669:27): pid=13060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.1411" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=29 res=0 errno=0 [ 566.219844][T13098] FAULT_INJECTION: forcing a failure. [ 566.219844][T13098] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 566.250833][T13098] CPU: 0 UID: 0 PID: 13098 Comm: syz.3.1419 Not tainted syzkaller #0 PREEMPT(full) [ 566.250864][T13098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 566.250878][T13098] Call Trace: [ 566.250886][T13098] [ 566.250895][T13098] dump_stack_lvl+0x16c/0x1f0 [ 566.250934][T13098] should_fail_ex+0x512/0x640 [ 566.250973][T13098] _copy_to_user+0x32/0xd0 [ 566.251003][T13098] simple_read_from_buffer+0xcb/0x170 [ 566.251038][T13098] proc_fail_nth_read+0x197/0x240 [ 566.251067][T13098] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 566.251093][T13098] ? rw_verify_area+0xcf/0x6c0 [ 566.251116][T13098] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 566.251139][T13098] vfs_read+0x1e4/0xcf0 [ 566.251170][T13098] ? __pfx___mutex_lock+0x10/0x10 [ 566.251204][T13098] ? __pfx_vfs_read+0x10/0x10 [ 566.251241][T13098] ? __fget_files+0x20e/0x3c0 [ 566.251278][T13098] ksys_read+0x12a/0x250 [ 566.251305][T13098] ? __pfx_ksys_read+0x10/0x10 [ 566.251343][T13098] do_syscall_64+0xcd/0x490 [ 566.251381][T13098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.251407][T13098] RIP: 0033:0x7fe04c98d5fc [ 566.251428][T13098] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 566.251451][T13098] RSP: 002b:00007fe04d83a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 566.251475][T13098] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98d5fc [ 566.251492][T13098] RDX: 000000000000000f RSI: 00007fe04d83a0a0 RDI: 0000000000000004 [ 566.251508][T13098] RBP: 00007fe04d83a090 R08: 0000000000000000 R09: 0000000000000000 [ 566.251523][T13098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 566.251538][T13098] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 566.251573][T13098] [ 566.435338][ C0] vkms_vblank_simulate: vblank timer overrun [ 568.529067][T13131] nfs4: Unknown parameter 'nfsd' [ 569.508607][T13152] random: crng reseeded on system resumption [ 571.128295][T13199] binder: 13197:13199 ioctl c018620c 0 returned -14 [ 571.151054][T13199] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1437'. [ 571.710446][T13201] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 572.891450][T13211] sd 0:0:1:0: PR command failed: 1026 [ 572.896918][T13211] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 572.933055][T13211] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 573.259577][T13223] Invalid ELF header magic: != ELF [ 573.901401][T13241] nbd: illegal input index -5 [ 574.215025][T13244] Invalid ELF header magic: != ELF [ 574.249753][T13249] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1446'. [ 578.787722][T13315] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 579.661887][ T30] audit: type=1800 audit(4294967442.119:28): pid=13330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1460" name="features" dev="configfs" ino=41563 res=0 errno=0 [ 581.553922][T13338] FAULT_INJECTION: forcing a failure. [ 581.553922][T13338] name failslab, interval 1, probability 0, space 0, times 0 [ 581.644039][T13338] CPU: 1 UID: 0 PID: 13338 Comm: syz.3.1463 Not tainted syzkaller #0 PREEMPT(full) [ 581.644076][T13338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 581.644092][T13338] Call Trace: [ 581.644101][T13338] [ 581.644112][T13338] dump_stack_lvl+0x16c/0x1f0 [ 581.644156][T13338] should_fail_ex+0x512/0x640 [ 581.644194][T13338] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 581.644229][T13338] should_failslab+0xc2/0x120 [ 581.644263][T13338] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 581.644296][T13338] ? alloc_inode+0x64/0x240 [ 581.644349][T13338] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 581.644379][T13338] alloc_inode+0x64/0x240 [ 581.644421][T13338] new_inode+0x22/0x1c0 [ 581.644461][T13338] debugfs_create_dir+0xdd/0x5f0 [ 581.644496][T13338] drm_debugfs_clients_add+0x6f/0x200 [ 581.644527][T13338] drm_file_alloc+0x5c6/0xb40 [ 581.644562][T13338] drm_open_helper+0x204/0x550 [ 581.644595][T13338] drm_open+0x1a0/0x3e0 [ 581.644624][T13338] ? __pfx_drm_open+0x10/0x10 [ 581.644651][T13338] drm_stub_open+0x20c/0x380 [ 581.644682][T13338] ? __pfx_drm_stub_open+0x10/0x10 [ 581.644710][T13338] chrdev_open+0x234/0x6a0 [ 581.644741][T13338] ? __pfx_apparmor_file_open+0x10/0x10 [ 581.644770][T13338] ? __pfx_chrdev_open+0x10/0x10 [ 581.644804][T13338] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 581.644840][T13338] do_dentry_open+0x982/0x1530 [ 581.644872][T13338] ? __pfx_chrdev_open+0x10/0x10 [ 581.644912][T13338] vfs_open+0x82/0x3f0 [ 581.644952][T13338] path_openat+0x1de4/0x2cb0 [ 581.644995][T13338] ? __pfx_path_openat+0x10/0x10 [ 581.645035][T13338] do_filp_open+0x20b/0x470 [ 581.645066][T13338] ? __pfx_do_filp_open+0x10/0x10 [ 581.645117][T13338] ? alloc_fd+0x471/0x7d0 [ 581.645151][T13338] do_sys_openat2+0x11b/0x1d0 [ 581.645189][T13338] ? __pfx_do_sys_openat2+0x10/0x10 [ 581.645240][T13338] __x64_sys_openat+0x174/0x210 [ 581.645278][T13338] ? __pfx___x64_sys_openat+0x10/0x10 [ 581.645388][T13338] do_syscall_64+0xcd/0x490 [ 581.645432][T13338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.645459][T13338] RIP: 0033:0x7fe04c98ebe9 [ 581.645482][T13338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 581.645508][T13338] RSP: 002b:00007fe04d83a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 581.645533][T13338] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98ebe9 [ 581.645557][T13338] RDX: 0000000000129843 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 581.645575][T13338] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 581.645590][T13338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 581.645606][T13338] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 581.645642][T13338] [ 581.645652][T13338] debugfs: out of free dentries, can not create directory 'client-61' [ 583.068077][T13350] FAULT_INJECTION: forcing a failure. [ 583.068077][T13350] name failslab, interval 1, probability 0, space 0, times 0 [ 583.118165][T13341] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 583.125312][T13341] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 583.137913][T13341] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 583.148632][T13341] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 583.162052][T13350] CPU: 1 UID: 0 PID: 13350 Comm: syz.0.1465 Not tainted syzkaller #0 PREEMPT(full) [ 583.162073][T13350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 583.162082][T13350] Call Trace: [ 583.162087][T13350] [ 583.162093][T13350] dump_stack_lvl+0x16c/0x1f0 [ 583.162120][T13350] should_fail_ex+0x512/0x640 [ 583.162143][T13350] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 583.162162][T13350] should_failslab+0xc2/0x120 [ 583.162181][T13350] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 583.162198][T13350] ? security_file_alloc+0x34/0x2b0 [ 583.162224][T13350] security_file_alloc+0x34/0x2b0 [ 583.162243][T13350] init_file+0x93/0x4c0 [ 583.162264][T13350] alloc_empty_file+0x73/0x1e0 [ 583.162285][T13350] path_openat+0xda/0x2cb0 [ 583.162300][T13350] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.162321][T13350] ? __pfx_path_openat+0x10/0x10 [ 583.162342][T13350] do_filp_open+0x20b/0x470 [ 583.162358][T13350] ? __pfx_do_filp_open+0x10/0x10 [ 583.162387][T13350] ? alloc_fd+0x471/0x7d0 [ 583.162406][T13350] do_sys_openat2+0x11b/0x1d0 [ 583.162427][T13350] ? __pfx_do_sys_openat2+0x10/0x10 [ 583.162450][T13350] ? __fget_files+0x20e/0x3c0 [ 583.162473][T13350] __x64_sys_openat+0x174/0x210 [ 583.162495][T13350] ? __pfx___x64_sys_openat+0x10/0x10 [ 583.162515][T13350] ? ksys_write+0x1ac/0x250 [ 583.162537][T13350] do_syscall_64+0xcd/0x490 [ 583.162559][T13350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.162573][T13350] RIP: 0033:0x7f34a3d8ebe9 [ 583.162585][T13350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.162598][T13350] RSP: 002b:00007f34a4c54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 583.162612][T13350] RAX: ffffffffffffffda RBX: 00007f34a3fc6090 RCX: 00007f34a3d8ebe9 [ 583.162621][T13350] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 583.162629][T13350] RBP: 00007f34a4c54090 R08: 0000000000000000 R09: 0000000000000000 [ 583.162637][T13350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 583.162645][T13350] R13: 00007f34a3fc6128 R14: 00007f34a3fc6090 R15: 00007ffdad43aab8 [ 583.162663][T13350] [ 583.380189][ C1] vkms_vblank_simulate: vblank timer overrun [ 583.427583][T13341] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 584.098363][T13357] [U]  [ 584.101275][T13357] [U] [ 584.103986][T13357] [U] [ 584.106704][T13357] [U] [ 584.131292][T13357] [U] [ 584.134034][T13357] [U] [ 584.136737][T13357] [U] [ 584.139452][T13357] [U] [ 584.177359][T13357] [U] [ 584.180119][T13357] [U] [ 584.182830][T13357] [U] [ 584.185541][T13357] [U] [ 584.209586][T13357] [U] [ 584.212328][T13357] [U] [ 584.215042][T13357] [U] [ 584.217753][T13357] [U] [ 584.219619][T13370] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1470'. [ 584.250501][T13357] [U] [ 584.253206][T13357] [U] [ 584.255889][T13357] [U] [ 584.258575][T13357] [U] [ 584.262575][T13357] [U] [ 584.265255][T13357] [U] [ 584.267926][T13357] [U] [ 584.270598][T13357] [U] [ 584.284117][T13370] veth0_macvtap: left promiscuous mode [ 584.292184][T13357] [U] [ 584.294882][T13357] [U] [ 584.297553][T13357] [U] [ 584.300221][T13357] [U] [ 584.459222][T13357] [U] [ 584.461927][T13357] [U] [ 584.464600][T13357] [U] [ 584.467268][T13357] [U] [ 584.474837][T13370] macvtap0: entered promiscuous mode [ 584.487654][T13357] [U] [ 584.490398][T13357] [U] [ 584.493112][T13357] [U] [ 584.495829][T13357] [U] [ 584.502174][T13370] macvtap0: entered allmulticast mode [ 584.554442][T13357] [U] [ 584.557168][T13357] [U] [ 584.559883][T13357] [U] [ 584.562594][T13357] [U] [ 584.633558][T13357] [U] [ 584.797334][ T5880] Bluetooth: hci0: command 0x0406 tx timeout [ 585.197285][ T5880] Bluetooth: hci3: command 0x0406 tx timeout [ 585.203500][ T5880] Bluetooth: hci1: command 0x0406 tx timeout [ 585.210849][ T5880] Bluetooth: hci2: command 0x0406 tx timeout [ 586.920111][T13440] FAULT_INJECTION: forcing a failure. [ 586.920111][T13440] name failslab, interval 1, probability 0, space 0, times 0 [ 587.007303][T13440] CPU: 0 UID: 0 PID: 13440 Comm: syz.0.1482 Not tainted syzkaller #0 PREEMPT(full) [ 587.007339][T13440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 587.007355][T13440] Call Trace: [ 587.007365][T13440] [ 587.007374][T13440] dump_stack_lvl+0x16c/0x1f0 [ 587.007413][T13440] should_fail_ex+0x512/0x640 [ 587.007436][T13440] ? __kmalloc_noprof+0xbf/0x510 [ 587.007454][T13440] ? ima_write_template_field_data+0x5d/0x1f0 [ 587.007475][T13440] should_failslab+0xc2/0x120 [ 587.007494][T13440] __kmalloc_noprof+0xd2/0x510 [ 587.007515][T13440] ima_write_template_field_data+0x5d/0x1f0 [ 587.007539][T13440] ima_eventname_init_common+0x1b8/0x260 [ 587.007562][T13440] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 587.007587][T13440] ? trace_kmalloc+0x2b/0xd0 [ 587.007605][T13440] ? __kmalloc_noprof+0x242/0x510 [ 587.007626][T13440] ima_alloc_init_template+0x3a0/0x720 [ 587.007645][T13440] ? rcu_is_watching+0x12/0xc0 [ 587.007662][T13440] ima_store_measurement+0x1eb/0x5c0 [ 587.007681][T13440] ? __pfx_ima_store_measurement+0x10/0x10 [ 587.007700][T13440] ? vfs_getxattr_alloc+0xec/0x340 [ 587.007721][T13440] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 587.007739][T13440] process_measurement+0x1ddb/0x23e0 [ 587.007761][T13440] ? __pfx_process_measurement+0x10/0x10 [ 587.007785][T13440] ? rcu_read_unlock+0x17/0x60 [ 587.007818][T13440] ? debug_mutex_init+0x37/0x70 [ 587.007833][T13440] ? inode_to_bdi+0x9e/0x160 [ 587.007854][T13440] ima_file_check+0xc5/0x110 [ 587.007869][T13440] ? __pfx_ima_file_check+0x10/0x10 [ 587.007889][T13440] security_file_post_open+0x8e/0x210 [ 587.007909][T13440] path_openat+0x1404/0x2cb0 [ 587.007961][T13440] ? __pfx_path_openat+0x10/0x10 [ 587.007984][T13440] do_filp_open+0x20b/0x470 [ 587.008001][T13440] ? __pfx_do_filp_open+0x10/0x10 [ 587.008033][T13440] ? alloc_fd+0x471/0x7d0 [ 587.008053][T13440] do_sys_openat2+0x11b/0x1d0 [ 587.008075][T13440] ? __pfx_do_sys_openat2+0x10/0x10 [ 587.008104][T13440] __x64_sys_openat+0x174/0x210 [ 587.008125][T13440] ? __pfx___x64_sys_openat+0x10/0x10 [ 587.008155][T13440] do_syscall_64+0xcd/0x490 [ 587.008178][T13440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.008193][T13440] RIP: 0033:0x7f34a3d8ebe9 [ 587.008209][T13440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 587.008224][T13440] RSP: 002b:00007f34a4c54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 587.008238][T13440] RAX: ffffffffffffffda RBX: 00007f34a3fc6090 RCX: 00007f34a3d8ebe9 [ 587.008248][T13440] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 587.008258][T13440] RBP: 00007f34a3e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 587.008267][T13440] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000000 [ 587.008276][T13440] R13: 00007f34a3fc6128 R14: 00007f34a3fc6090 R15: 00007ffdad43aab8 [ 587.008296][T13440] [ 587.027257][ T30] audit: type=1804 audit(4294967449.469:29): pid=13440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.1482" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=29 res=0 errno=0 [ 587.306880][T13404] Bluetooth: hci3: command 0x0406 tx timeout [ 588.166566][T13447] ubi: mtd0 is already attached to ubi0 [ 588.637988][T13462] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1487'. [ 589.024449][T13468] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1489'. [ 589.132024][T13469] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1489'. [ 589.869237][T13474] FAULT_INJECTION: forcing a failure. [ 589.869237][T13474] name failslab, interval 1, probability 0, space 0, times 0 [ 589.869274][T13474] CPU: 0 UID: 0 PID: 13474 Comm: syz.2.1490 Not tainted syzkaller #0 PREEMPT(full) [ 589.869302][T13474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 589.869316][T13474] Call Trace: [ 589.869324][T13474] [ 589.869333][T13474] dump_stack_lvl+0x16c/0x1f0 [ 589.869371][T13474] should_fail_ex+0x512/0x640 [ 589.869406][T13474] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 589.869438][T13474] should_failslab+0xc2/0x120 [ 589.869469][T13474] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 589.869496][T13474] ? d_instantiate+0x77/0x90 [ 589.869525][T13474] ? alloc_empty_file+0x55/0x1e0 [ 589.869564][T13474] alloc_empty_file+0x55/0x1e0 [ 589.869597][T13474] alloc_file_pseudo+0x13a/0x230 [ 589.869640][T13474] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 589.869674][T13474] ? alloc_fd+0x471/0x7d0 [ 589.869705][T13474] sock_alloc_file+0x50/0x210 [ 589.869731][T13474] __sys_socket+0x1c0/0x260 [ 589.869759][T13474] ? __pfx___sys_socket+0x10/0x10 [ 589.869786][T13474] ? xfd_validate_state+0x61/0x180 [ 589.869827][T13474] __x64_sys_socket+0x72/0xb0 [ 589.869852][T13474] ? lockdep_hardirqs_on+0x7c/0x110 [ 589.869883][T13474] do_syscall_64+0xcd/0x490 [ 589.869917][T13474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.869939][T13474] RIP: 0033:0x7fd3bb98ebe9 [ 589.869957][T13474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.869979][T13474] RSP: 002b:00007fd3bc7c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 589.869999][T13474] RAX: ffffffffffffffda RBX: 00007fd3bbbc6180 RCX: 00007fd3bb98ebe9 [ 589.870013][T13474] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 589.870026][T13474] RBP: 00007fd3bba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 589.870040][T13474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.870053][T13474] R13: 00007fd3bbbc6218 R14: 00007fd3bbbc6180 R15: 00007ffdea5a3228 [ 589.870084][T13474] [ 590.478222][T13490] bond0: option all_slaves_active: invalid value () [ 591.202809][T13472] tty tty46: ldisc open failed (-12), clearing slot 45 [ 594.280123][T13552] FAULT_INJECTION: forcing a failure. [ 594.280123][T13552] name fail_futex, interval 1, probability 0, space 0, times 0 [ 594.306543][T13552] CPU: 1 UID: 0 PID: 13552 Comm: syz.3.1503 Not tainted syzkaller #0 PREEMPT(full) [ 594.306566][T13552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 594.306576][T13552] Call Trace: [ 594.306581][T13552] [ 594.306587][T13552] dump_stack_lvl+0x16c/0x1f0 [ 594.306614][T13552] should_fail_ex+0x512/0x640 [ 594.306639][T13552] get_futex_key+0x1d0/0x1560 [ 594.306660][T13552] ? __pfx_get_futex_key+0x10/0x10 [ 594.306683][T13552] futex_wake+0xea/0x530 [ 594.306704][T13552] ? rcu_is_watching+0x12/0xc0 [ 594.306719][T13552] ? __pfx_futex_wake+0x10/0x10 [ 594.306740][T13552] ? kmem_cache_free+0x2d1/0x4d0 [ 594.306755][T13552] ? fd_install+0x225/0x750 [ 594.306770][T13552] ? putname+0x154/0x1a0 [ 594.306792][T13552] do_futex+0x1e3/0x350 [ 594.306810][T13552] ? __pfx_do_futex+0x10/0x10 [ 594.306832][T13552] __x64_sys_futex+0x1e0/0x4c0 [ 594.306852][T13552] ? __x64_sys_openat+0x174/0x210 [ 594.306874][T13552] ? __pfx___x64_sys_futex+0x10/0x10 [ 594.306893][T13552] ? xfd_validate_state+0x61/0x180 [ 594.306921][T13552] do_syscall_64+0xcd/0x490 [ 594.306944][T13552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.306958][T13552] RIP: 0033:0x7fe04c98ebe9 [ 594.306970][T13552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 594.306984][T13552] RSP: 002b:00007fe04d8190e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 594.306998][T13552] RAX: ffffffffffffffda RBX: 00007fe04cbc6098 RCX: 00007fe04c98ebe9 [ 594.307007][T13552] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe04cbc609c [ 594.307016][T13552] RBP: 00007fe04cbc6090 R08: 00007fe04d83b000 R09: 0000000000000000 [ 594.307024][T13552] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 594.307032][T13552] R13: 00007fe04cbc6128 R14: 00007ffdc8d5c6e0 R15: 00007ffdc8d5c7c8 [ 594.307050][T13552] [ 594.978759][T13558] kvm: kvm [13557]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0xffffffffffffffff [ 595.385730][T13572] FAULT_INJECTION: forcing a failure. [ 595.385730][T13572] name failslab, interval 1, probability 0, space 0, times 0 [ 595.437497][T13572] CPU: 1 UID: 0 PID: 13572 Comm: syz.0.1508 Not tainted syzkaller #0 PREEMPT(full) [ 595.437538][T13572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 595.437555][T13572] Call Trace: [ 595.437563][T13572] [ 595.437573][T13572] dump_stack_lvl+0x16c/0x1f0 [ 595.437617][T13572] should_fail_ex+0x512/0x640 [ 595.437655][T13572] ? fs_reclaim_acquire+0xae/0x150 [ 595.437694][T13572] should_failslab+0xc2/0x120 [ 595.437727][T13572] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 595.437758][T13572] ? security_inode_alloc+0x3b/0x2b0 [ 595.437792][T13572] security_inode_alloc+0x3b/0x2b0 [ 595.437823][T13572] inode_init_always_gfp+0xce4/0x1030 [ 595.437855][T13572] alloc_inode+0x86/0x240 [ 595.437888][T13572] sock_alloc+0x40/0x280 [ 595.437914][T13572] __sock_create+0xc1/0x8d0 [ 595.437951][T13572] __sys_socket+0x14d/0x260 [ 595.437982][T13572] ? __pfx___sys_socket+0x10/0x10 [ 595.438014][T13572] ? do_user_addr_fault+0x843/0x1370 [ 595.438070][T13572] __x64_sys_socket+0x72/0xb0 [ 595.438100][T13572] ? lockdep_hardirqs_on+0x7c/0x110 [ 595.438137][T13572] do_syscall_64+0xcd/0x490 [ 595.438175][T13572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.438201][T13572] RIP: 0033:0x7f34a3d90b07 [ 595.438221][T13572] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.438246][T13572] RSP: 002b:00007f34a4c52fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 595.438272][T13572] RAX: ffffffffffffffda RBX: 00007f34a3fc6090 RCX: 00007f34a3d90b07 [ 595.438289][T13572] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 595.438303][T13572] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 595.438319][T13572] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 595.438333][T13572] R13: 00007f34a3fc6128 R14: 00007f34a3fc6090 R15: 00007ffdad43aab8 [ 595.438367][T13572] [ 595.441937][T13572] net_ratelimit: 520 callbacks suppressed [ 595.441956][T13572] socket: no more sockets [ 596.207815][T13586] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 596.450060][T13592] : Can't lookup blockdev [ 596.527820][T13597] FAULT_INJECTION: forcing a failure. [ 596.527820][T13597] name failslab, interval 1, probability 0, space 0, times 0 [ 596.607288][T13597] CPU: 0 UID: 0 PID: 13597 Comm: syz.3.1515 Not tainted syzkaller #0 PREEMPT(full) [ 596.607321][T13597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 596.607336][T13597] Call Trace: [ 596.607344][T13597] [ 596.607353][T13597] dump_stack_lvl+0x16c/0x1f0 [ 596.607396][T13597] should_fail_ex+0x512/0x640 [ 596.607434][T13597] ? __kmalloc_noprof+0xbf/0x510 [ 596.607468][T13597] ? ima_write_template_field_data+0x5d/0x1f0 [ 596.607505][T13597] should_failslab+0xc2/0x120 [ 596.607540][T13597] __kmalloc_noprof+0xd2/0x510 [ 596.607576][T13597] ima_write_template_field_data+0x5d/0x1f0 [ 596.607619][T13597] ima_eventname_init_common+0x1b8/0x260 [ 596.607660][T13597] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 596.607704][T13597] ? trace_kmalloc+0x2b/0xd0 [ 596.607734][T13597] ? __kmalloc_noprof+0x242/0x510 [ 596.607770][T13597] ima_alloc_init_template+0x3a0/0x720 [ 596.607804][T13597] ? rcu_is_watching+0x12/0xc0 [ 596.607835][T13597] ima_store_measurement+0x1eb/0x5c0 [ 596.607869][T13597] ? __pfx_ima_store_measurement+0x10/0x10 [ 596.607902][T13597] ? vfs_getxattr_alloc+0xec/0x340 [ 596.607940][T13597] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 596.607974][T13597] process_measurement+0x1ddb/0x23e0 [ 596.608017][T13597] ? __pfx_process_measurement+0x10/0x10 [ 596.608042][T13597] ? find_held_lock+0x2b/0x80 [ 596.608084][T13597] ? rcu_read_unlock+0x17/0x60 [ 596.608143][T13597] ? debug_mutex_init+0x37/0x70 [ 596.608168][T13597] ? inode_to_bdi+0x9e/0x160 [ 596.608215][T13597] ima_file_check+0xc5/0x110 [ 596.608243][T13597] ? __pfx_ima_file_check+0x10/0x10 [ 596.608281][T13597] security_file_post_open+0x8e/0x210 [ 596.608321][T13597] path_openat+0x1404/0x2cb0 [ 596.608360][T13597] ? __pfx_path_openat+0x10/0x10 [ 596.608399][T13597] do_filp_open+0x20b/0x470 [ 596.608428][T13597] ? __pfx_do_filp_open+0x10/0x10 [ 596.608482][T13597] ? alloc_fd+0x471/0x7d0 [ 596.608519][T13597] do_sys_openat2+0x11b/0x1d0 [ 596.608555][T13597] ? __pfx_do_sys_openat2+0x10/0x10 [ 596.608602][T13597] __x64_sys_openat+0x174/0x210 [ 596.608639][T13597] ? __pfx___x64_sys_openat+0x10/0x10 [ 596.608692][T13597] do_syscall_64+0xcd/0x490 [ 596.608732][T13597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.608759][T13597] RIP: 0033:0x7fe04c98ebe9 [ 596.608781][T13597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.608805][T13597] RSP: 002b:00007fe04d819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 596.608832][T13597] RAX: ffffffffffffffda RBX: 00007fe04cbc6090 RCX: 00007fe04c98ebe9 [ 596.608849][T13597] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 596.608866][T13597] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 596.608881][T13597] R10: 000000000000ebff R11: 0000000000000246 R12: 0000000000000000 [ 596.608897][T13597] R13: 00007fe04cbc6128 R14: 00007fe04cbc6090 R15: 00007ffdc8d5c7c8 [ 596.608932][T13597] [ 596.609345][ T30] audit: type=1804 audit(4294967459.069:30): pid=13597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.1515" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=29 res=0 errno=0 [ 597.035246][T13598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1513'. [ 597.176521][T13591] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1513'. [ 597.199903][T13601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078001dc0 pfn:0x78001 [ 597.264782][T13601] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 597.307243][T13601] page_type: f2(table) [ 597.321759][T13601] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 597.360711][T13601] raw: ffff888078001dc0 ffff88807b323c60 00000001f2000000 0000000000000000 [ 597.370384][T13601] page dumped because: unmovable page [ 597.375915][T13601] page_owner tracks the page as allocated [ 597.396182][T13601] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 5514, tgid 5514 (dbus-daemon), ts 52640630679, free_ts 52569176009 [ 597.435638][T13601] post_alloc_hook+0x1c0/0x230 [ 597.457658][T13601] get_page_from_freelist+0x132b/0x38e0 [ 597.463237][T13601] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 597.492321][T13601] alloc_pages_mpol+0x1fb/0x550 [ 597.541883][T13601] alloc_pages_noprof+0x131/0x390 [ 597.581312][T13601] pte_alloc_one+0x1c/0x3a0 [ 597.596119][T13601] __pte_alloc+0x6d/0x3c0 [ 597.828433][T13601] copy_page_range+0x3b83/0x5c80 [ 597.836606][ T30] audit: type=1800 audit(4294967460.289:31): pid=13606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1517" name="version" dev="configfs" ino=43177 res=0 errno=0 [ 597.877897][T13601] dup_mmap+0xe88/0x21d0 [ 597.882205][T13601] copy_process+0x4081/0x7690 [ 597.909598][T13601] kernel_clone+0xfc/0x930 [ 598.007229][T13601] __do_sys_clone+0xce/0x120 [ 598.055481][T13601] do_syscall_64+0xcd/0x490 [ 598.074954][T13601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.110483][T13601] page last free pid 23 tgid 23 stack trace: [ 598.138307][T13601] __free_frozen_pages+0x7d5/0x10f0 [ 598.169367][T13601] tlb_remove_table_rcu+0x116/0x1a0 [ 598.261169][T13601] rcu_core+0x799/0x1530 [ 598.284189][T13601] handle_softirqs+0x216/0x8e0 [ 598.291182][T13601] run_ksoftirqd+0x3a/0x60 [ 598.295748][T13601] smpboot_thread_fn+0x3f7/0xae0 [ 598.303058][T13601] kthread+0x3c5/0x780 [ 598.309714][T13601] ret_from_fork+0x5d7/0x6f0 [ 598.314688][T13601] ret_from_fork_asm+0x1a/0x30 [ 599.751240][T13652] ======================================================= [ 599.751240][T13652] WARNING: The mand mount option has been deprecated and [ 599.751240][T13652] and is ignored by this kernel. Remove the mand [ 599.751240][T13652] option from the mount to silence this warning. [ 599.751240][T13652] ======================================================= [ 601.878300][T13685] __vm_enough_memory: pid: 13685, comm: syz.1.1530, bytes: 4398046511104 not enough memory for the allocation [ 603.797868][T13710] FAULT_INJECTION: forcing a failure. [ 603.797868][T13710] name failslab, interval 1, probability 0, space 0, times 0 [ 603.823249][T13710] CPU: 1 UID: 0 PID: 13710 Comm: syz.3.1535 Not tainted syzkaller #0 PREEMPT(full) [ 603.823289][T13710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 603.823303][T13710] Call Trace: [ 603.823312][T13710] [ 603.823321][T13710] dump_stack_lvl+0x16c/0x1f0 [ 603.823360][T13710] should_fail_ex+0x512/0x640 [ 603.823395][T13710] ? fs_reclaim_acquire+0xae/0x150 [ 603.823431][T13710] ? ima_alloc_init_template+0xb5/0x720 [ 603.823457][T13710] should_failslab+0xc2/0x120 [ 603.823488][T13710] __kmalloc_noprof+0xd2/0x510 [ 603.823524][T13710] ima_alloc_init_template+0xb5/0x720 [ 603.823555][T13710] ? __pfx_d_absolute_path+0x10/0x10 [ 603.823587][T13710] ? rcu_is_watching+0x12/0xc0 [ 603.823615][T13710] ima_store_measurement+0x1eb/0x5c0 [ 603.823648][T13710] ? __pfx_ima_store_measurement+0x10/0x10 [ 603.823679][T13710] ? vfs_getxattr_alloc+0xec/0x340 [ 603.823716][T13710] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 603.823748][T13710] process_measurement+0x1ddb/0x23e0 [ 603.823788][T13710] ? __pfx_process_measurement+0x10/0x10 [ 603.823830][T13710] ? rcu_read_unlock+0x17/0x60 [ 603.823890][T13710] ? debug_mutex_init+0x37/0x70 [ 603.823915][T13710] ? inode_to_bdi+0x9e/0x160 [ 603.823951][T13710] ima_file_check+0xc5/0x110 [ 603.823976][T13710] ? __pfx_ima_file_check+0x10/0x10 [ 603.824008][T13710] security_file_post_open+0x8e/0x210 [ 603.824039][T13710] path_openat+0x1404/0x2cb0 [ 603.824078][T13710] ? __pfx_path_openat+0x10/0x10 [ 603.824122][T13710] do_filp_open+0x20b/0x470 [ 603.824151][T13710] ? __pfx_do_filp_open+0x10/0x10 [ 603.824206][T13710] ? alloc_fd+0x471/0x7d0 [ 603.824243][T13710] do_sys_openat2+0x11b/0x1d0 [ 603.824286][T13710] ? __pfx_do_sys_openat2+0x10/0x10 [ 603.824325][T13710] ? __fget_files+0x20e/0x3c0 [ 603.824359][T13710] __x64_sys_openat+0x174/0x210 [ 603.824395][T13710] ? __pfx___x64_sys_openat+0x10/0x10 [ 603.824429][T13710] ? ksys_write+0x1ac/0x250 [ 603.824469][T13710] do_syscall_64+0xcd/0x490 [ 603.824507][T13710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.824532][T13710] RIP: 0033:0x7fe04c98ebe9 [ 603.824552][T13710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 603.824576][T13710] RSP: 002b:00007fe04d819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 603.824600][T13710] RAX: ffffffffffffffda RBX: 00007fe04cbc6090 RCX: 00007fe04c98ebe9 [ 603.824617][T13710] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 603.824633][T13710] RBP: 00007fe04d819090 R08: 0000000000000000 R09: 0000000000000000 [ 603.824648][T13710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.824663][T13710] R13: 00007fe04cbc6128 R14: 00007fe04cbc6090 R15: 00007ffdc8d5c7c8 [ 603.824698][T13710] [ 603.826225][ T30] audit: type=1804 audit(4294967466.279:32): pid=13710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.1535" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=29 res=0 errno=0 [ 608.106411][T13769] FAULT_INJECTION: forcing a failure. [ 608.106411][T13769] name fail_futex, interval 1, probability 0, space 0, times 0 [ 608.183535][T13769] CPU: 0 UID: 0 PID: 13769 Comm: syz.0.1548 Not tainted syzkaller #0 PREEMPT(full) [ 608.183558][T13769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 608.183568][T13769] Call Trace: [ 608.183574][T13769] [ 608.183580][T13769] dump_stack_lvl+0x16c/0x1f0 [ 608.183608][T13769] should_fail_ex+0x512/0x640 [ 608.183633][T13769] get_futex_key+0x1d0/0x1560 [ 608.183654][T13769] ? __pfx_get_futex_key+0x10/0x10 [ 608.183677][T13769] futex_wake+0xea/0x530 [ 608.183697][T13769] ? rcu_is_watching+0x12/0xc0 [ 608.183712][T13769] ? __pfx_futex_wake+0x10/0x10 [ 608.183734][T13769] ? kmem_cache_free+0x2d1/0x4d0 [ 608.183749][T13769] ? fd_install+0x225/0x750 [ 608.183764][T13769] ? putname+0x154/0x1a0 [ 608.183786][T13769] do_futex+0x1e3/0x350 [ 608.183804][T13769] ? __pfx_do_futex+0x10/0x10 [ 608.183827][T13769] __x64_sys_futex+0x1e0/0x4c0 [ 608.183846][T13769] ? __x64_sys_openat+0x174/0x210 [ 608.183868][T13769] ? __pfx___x64_sys_futex+0x10/0x10 [ 608.183886][T13769] ? xfd_validate_state+0x61/0x180 [ 608.183913][T13769] do_syscall_64+0xcd/0x490 [ 608.183936][T13769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.183952][T13769] RIP: 0033:0x7f34a3d8ebe9 [ 608.183966][T13769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.183980][T13769] RSP: 002b:00007f34a4c540e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 608.183995][T13769] RAX: ffffffffffffffda RBX: 00007f34a3fc6098 RCX: 00007f34a3d8ebe9 [ 608.184005][T13769] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34a3fc609c [ 608.184013][T13769] RBP: 00007f34a3fc6090 R08: 00007f34a4c76000 R09: 0000000000000000 [ 608.184022][T13769] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 608.184030][T13769] R13: 00007f34a3fc6128 R14: 00007ffdad43a9d0 R15: 00007ffdad43aab8 [ 608.184047][T13769] [ 610.909004][T13800] syz.1.1554 (13800): attempted to duplicate a private mapping with mremap. This is not supported. [ 613.046972][T13815] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1557'. [ 613.244947][T13823] hugetlbfs: syz.3.1560 (13823): Using mlock ulimits for SHM_HUGETLB is obsolete [ 613.619710][T13829] random: crng reseeded on system resumption [ 615.439799][T13849] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56 [ 615.780012][T13856] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1568'. [ 616.177291][T13864] zswap: compressor not available [ 618.642429][T13902] QAT: Stopping all acceleration devices. [ 622.144500][T13954] nbd: must specify a device to reconfigure [ 624.378373][T13404] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 624.564801][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.571175][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.966363][T14011] FAULT_INJECTION: forcing a failure. [ 624.966363][T14011] name failslab, interval 1, probability 0, space 0, times 0 [ 625.124571][T14011] CPU: 1 UID: 0 PID: 14011 Comm: syz.2.1600 Not tainted syzkaller #0 PREEMPT(full) [ 625.124607][T14011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 625.124622][T14011] Call Trace: [ 625.124632][T14011] [ 625.124641][T14011] dump_stack_lvl+0x16c/0x1f0 [ 625.124688][T14011] should_fail_ex+0x512/0x640 [ 625.124725][T14011] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 625.124758][T14011] should_failslab+0xc2/0x120 [ 625.124791][T14011] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 625.124820][T14011] ? __d_alloc+0x32/0xae0 [ 625.124853][T14011] __d_alloc+0x32/0xae0 [ 625.124885][T14011] d_alloc_parallel+0x111/0x1480 [ 625.124929][T14011] ? kasan_save_stack+0x42/0x60 [ 625.124956][T14011] ? kasan_save_stack+0x33/0x60 [ 625.124983][T14011] ? kasan_save_track+0x14/0x30 [ 625.125011][T14011] ? __kasan_slab_alloc+0x89/0x90 [ 625.125039][T14011] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 625.125068][T14011] ? look_up_lock_class+0x59/0x150 [ 625.125103][T14011] ? __pfx_d_alloc_parallel+0x10/0x10 [ 625.125145][T14011] ? lockdep_init_map_type+0x5c/0x280 [ 625.125181][T14011] ? lockdep_init_map_type+0x5c/0x280 [ 625.125222][T14011] __lookup_slow+0x193/0x460 [ 625.125262][T14011] ? __pfx___lookup_slow+0x10/0x10 [ 625.125304][T14011] ? perf_trace_mm_compaction_suitable_template+0x1c0/0x5e0 [ 625.125364][T14011] ? perf_trace_mm_compaction_suitable_template+0x1c0/0x5e0 [ 625.125406][T14011] ? d_lookup+0xe7/0x190 [ 625.125452][T14011] lookup_noperm+0xe1/0x110 [ 625.125492][T14011] simple_start_creating+0xd1/0x1b0 [ 625.125525][T14011] rpc_mkpipe_dentry+0xdf/0x560 [ 625.125553][T14011] ? try_lookup_noperm+0x5c/0x70 [ 625.125595][T14011] rpc_pipefs_event+0x151/0x1a0 [ 625.125625][T14011] notifier_call_chain+0xb9/0x410 [ 625.125657][T14011] ? __pfx_rpc_pipefs_event+0x10/0x10 [ 625.125693][T14011] blocking_notifier_call_chain+0x69/0xa0 [ 625.125731][T14011] rpc_fill_super+0x41f/0x4f0 [ 625.125760][T14011] ? __pfx_rpc_fill_super+0x10/0x10 [ 625.125787][T14011] get_tree_keyed+0x10e/0x1d0 [ 625.125818][T14011] vfs_get_tree+0x8b/0x340 [ 625.125843][T14011] vfs_cmd_create+0xd7/0x2a0 [ 625.125878][T14011] __do_sys_fsconfig+0x7b8/0xbe0 [ 625.125916][T14011] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 625.125969][T14011] do_syscall_64+0xcd/0x490 [ 625.126010][T14011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.126036][T14011] RIP: 0033:0x7fd3bb98ebe9 [ 625.126059][T14011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 625.126086][T14011] RSP: 002b:00007fd3bc805038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 625.126112][T14011] RAX: ffffffffffffffda RBX: 00007fd3bbbc5fa0 RCX: 00007fd3bb98ebe9 [ 625.126129][T14011] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000006 [ 625.126144][T14011] RBP: 00007fd3bba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 625.126159][T14011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 625.126174][T14011] R13: 00007fd3bbbc6038 R14: 00007fd3bbbc5fa0 R15: 00007ffdea5a3228 [ 625.126211][T14011] [ 625.437669][T14011] rpc_mkpipe_dentry() failed to create pipe nfs/blocklayout (errno = -12) [ 626.397260][ T5873] Bluetooth: hci3: command 0x0406 tx timeout [ 627.087930][T14044] bond0: option all_slaves_active: invalid value () [ 627.094782][T14044] bond0: option all_slaves_active: invalid value () [ 628.136631][T14064] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input57 [ 629.676875][T14093] FAULT_INJECTION: forcing a failure. [ 629.676875][T14093] name failslab, interval 1, probability 0, space 0, times 0 [ 629.707286][T14093] CPU: 0 UID: 0 PID: 14093 Comm: syz.3.1620 Not tainted syzkaller #0 PREEMPT(full) [ 629.707309][T14093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 629.707318][T14093] Call Trace: [ 629.707325][T14093] [ 629.707331][T14093] dump_stack_lvl+0x16c/0x1f0 [ 629.707357][T14093] should_fail_ex+0x512/0x640 [ 629.707380][T14093] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 629.707400][T14093] should_failslab+0xc2/0x120 [ 629.707420][T14093] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 629.707438][T14093] ? __d_alloc+0x32/0xae0 [ 629.707458][T14093] __d_alloc+0x32/0xae0 [ 629.707473][T14093] ? do_raw_spin_lock+0x12c/0x2b0 [ 629.707497][T14093] d_alloc+0x4a/0x1e0 [ 629.707516][T14093] d_alloc_name+0x83/0xb0 [ 629.707534][T14093] ? __pfx_d_alloc_name+0x10/0x10 [ 629.707550][T14093] ? __d_add+0x403/0xa50 [ 629.707572][T14093] simple_fill_super+0x2eb/0x720 [ 629.707591][T14093] ? __pfx_nfsd_fill_super+0x10/0x10 [ 629.707609][T14093] nfsd_fill_super+0x90/0x530 [ 629.707624][T14093] ? __pfx_set_anon_super_fc+0x10/0x10 [ 629.707639][T14093] ? __pfx_nfsd_fill_super+0x10/0x10 [ 629.707655][T14093] get_tree_keyed+0x10e/0x1d0 [ 629.707672][T14093] vfs_get_tree+0x8b/0x340 [ 629.707685][T14093] path_mount+0x1513/0x2000 [ 629.707706][T14093] ? __pfx_path_mount+0x10/0x10 [ 629.707733][T14093] ? kmem_cache_free+0x2d1/0x4d0 [ 629.707749][T14093] ? putname+0x154/0x1a0 [ 629.707771][T14093] ? putname+0x154/0x1a0 [ 629.707793][T14093] ? __x64_sys_mount+0x28d/0x310 [ 629.707809][T14093] __x64_sys_mount+0x28d/0x310 [ 629.707828][T14093] ? __pfx___x64_sys_mount+0x10/0x10 [ 629.707852][T14093] do_syscall_64+0xcd/0x490 [ 629.707876][T14093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.707896][T14093] RIP: 0033:0x7fe04c98ebe9 [ 629.707909][T14093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 629.707923][T14093] RSP: 002b:00007fe04d83a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 629.707938][T14093] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98ebe9 [ 629.707947][T14093] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000 [ 629.707955][T14093] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 629.707964][T14093] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000 [ 629.707973][T14093] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 629.707992][T14093] [ 630.918560][T14101] FAULT_INJECTION: forcing a failure. [ 630.918560][T14101] name fail_futex, interval 1, probability 0, space 0, times 0 [ 631.072239][T14101] CPU: 1 UID: 0 PID: 14101 Comm: syz.0.1622 Not tainted syzkaller #0 PREEMPT(full) [ 631.072274][T14101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 631.072290][T14101] Call Trace: [ 631.072299][T14101] [ 631.072309][T14101] dump_stack_lvl+0x16c/0x1f0 [ 631.072352][T14101] should_fail_ex+0x512/0x640 [ 631.072396][T14101] get_futex_key+0x1d0/0x1560 [ 631.072430][T14101] ? __pfx_get_futex_key+0x10/0x10 [ 631.072475][T14101] futex_wake+0xea/0x530 [ 631.072510][T14101] ? rcu_is_watching+0x12/0xc0 [ 631.072536][T14101] ? __pfx_futex_wake+0x10/0x10 [ 631.072577][T14101] ? kmem_cache_free+0x2d1/0x4d0 [ 631.072605][T14101] ? fd_install+0x225/0x750 [ 631.072629][T14101] ? putname+0x154/0x1a0 [ 631.072668][T14101] do_futex+0x1e3/0x350 [ 631.072700][T14101] ? __pfx_do_futex+0x10/0x10 [ 631.072741][T14101] __x64_sys_futex+0x1e0/0x4c0 [ 631.072775][T14101] ? __x64_sys_openat+0x174/0x210 [ 631.072812][T14101] ? __pfx___x64_sys_futex+0x10/0x10 [ 631.072844][T14101] ? xfd_validate_state+0x61/0x180 [ 631.072891][T14101] do_syscall_64+0xcd/0x490 [ 631.072932][T14101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.072958][T14101] RIP: 0033:0x7f34a3d8ebe9 [ 631.072978][T14101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 631.073002][T14101] RSP: 002b:00007f34a4c540e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 631.073032][T14101] RAX: ffffffffffffffda RBX: 00007f34a3fc6098 RCX: 00007f34a3d8ebe9 [ 631.073050][T14101] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34a3fc609c [ 631.073066][T14101] RBP: 00007f34a3fc6090 R08: 00007f34a4c76000 R09: 0000000000000000 [ 631.073083][T14101] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 631.073100][T14101] R13: 00007f34a3fc6128 R14: 00007ffdad43a9d0 R15: 00007ffdad43aab8 [ 631.073136][T14101] [ 631.906571][T14112] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1623'. [ 632.200263][T14112] bond0: (slave bond_slave_1): Releasing backup interface [ 635.302157][T14151] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 635.435545][T14151] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 635.490210][T14151] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 635.496439][T14151] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 635.507425][T14151] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 637.357303][ T5873] Bluetooth: hci0: command 0x0406 tx timeout [ 637.447141][ T5873] Bluetooth: hci1: command 0x0406 tx timeout [ 637.521098][ T5873] Bluetooth: hci2: command 0x0406 tx timeout [ 637.528018][ T5873] Bluetooth: hci3: command 0x0406 tx timeout [ 638.519214][T14186] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1635'. [ 639.407366][T14212] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1639'. [ 639.417971][T14208] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1639'. [ 639.539892][T14203] nbd: must specify a device to reconfigure [ 639.602313][T13404] Bluetooth: hci3: command 0x0406 tx timeout [ 640.781323][T14231] FAULT_INJECTION: forcing a failure. [ 640.781323][T14231] name failslab, interval 1, probability 0, space 0, times 0 [ 640.829473][T14231] CPU: 1 UID: 0 PID: 14231 Comm: syz.2.1643 Not tainted syzkaller #0 PREEMPT(full) [ 640.829495][T14231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 640.829504][T14231] Call Trace: [ 640.829509][T14231] [ 640.829515][T14231] dump_stack_lvl+0x16c/0x1f0 [ 640.829541][T14231] should_fail_ex+0x512/0x640 [ 640.829564][T14231] ? __kmalloc_noprof+0xbf/0x510 [ 640.829583][T14231] ? lsm_blob_alloc+0x68/0x90 [ 640.829594][T14231] should_failslab+0xc2/0x120 [ 640.829613][T14231] __kmalloc_noprof+0xd2/0x510 [ 640.829634][T14231] lsm_blob_alloc+0x68/0x90 [ 640.829647][T14231] security_sk_alloc+0x30/0x270 [ 640.829664][T14231] sk_prot_alloc+0xfb/0x2a0 [ 640.829682][T14231] sk_alloc+0x36/0xc20 [ 640.829701][T14231] inet_create+0x3a1/0x1040 [ 640.829720][T14231] ? inet_create+0x93/0x1040 [ 640.829739][T14231] __sock_create+0x335/0x8d0 [ 640.829758][T14231] __sys_socket+0x14d/0x260 [ 640.829775][T14231] ? __pfx___sys_socket+0x10/0x10 [ 640.829792][T14231] ? syscall_user_dispatch+0x78/0x140 [ 640.829818][T14231] __x64_sys_socket+0x72/0xb0 [ 640.829835][T14231] do_syscall_64+0xcd/0x490 [ 640.829868][T14231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.829883][T14231] RIP: 0033:0x7fd3bb98ebe9 [ 640.829895][T14231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 640.829909][T14231] RSP: 002b:00007fd3bc7c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 640.829924][T14231] RAX: ffffffffffffffda RBX: 00007fd3bbbc6180 RCX: 00007fd3bb98ebe9 [ 640.829934][T14231] RDX: 0000000000000100 RSI: 0000000000000801 RDI: 0000000000000002 [ 640.829942][T14231] RBP: 00007fd3bba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 640.829950][T14231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 640.829958][T14231] R13: 00007fd3bbbc6218 R14: 00007fd3bbbc6180 R15: 00007ffdea5a3228 [ 640.829976][T14231] [ 642.416669][T14250] bridge0: port 3(team0) entered blocking state [ 642.424673][T14250] bridge0: port 3(team0) entered disabled state [ 642.431469][T14250] team0: entered allmulticast mode [ 642.437331][T14250] team_slave_0: entered allmulticast mode [ 642.446499][T14250] team_slave_1: entered allmulticast mode [ 642.500448][T14244] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58 [ 642.502363][T14250] team0: entered promiscuous mode [ 642.568417][T14250] team_slave_0: entered promiscuous mode [ 642.574410][T14250] team_slave_1: entered promiscuous mode [ 642.581971][T14250] bridge0: port 3(team0) entered blocking state [ 642.588461][T14250] bridge0: port 3(team0) entered forwarding state [ 643.636845][T14248] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59 [ 643.661479][T14262] nbd: must specify a device to reconfigure [ 643.904583][T14267] nbd: must specify a device to reconfigure [ 643.918357][T14264] FAULT_INJECTION: forcing a failure. [ 643.918357][T14264] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 643.947390][T14264] CPU: 1 UID: 0 PID: 14264 Comm: syz.2.1649 Not tainted syzkaller #0 PREEMPT(full) [ 643.947411][T14264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 643.947419][T14264] Call Trace: [ 643.947425][T14264] [ 643.947430][T14264] dump_stack_lvl+0x16c/0x1f0 [ 643.947456][T14264] should_fail_ex+0x512/0x640 [ 643.947482][T14264] _copy_to_user+0x32/0xd0 [ 643.947498][T14264] devkmsg_read+0x32d/0x5a0 [ 643.947515][T14264] ? __pfx_devkmsg_read+0x10/0x10 [ 643.947527][T14264] ? import_ubuf+0x1b6/0x220 [ 643.947544][T14264] ? __pfx_autoremove_wake_function+0x10/0x10 [ 643.947565][T14264] ? bpf_lsm_file_permission+0x9/0x10 [ 643.947586][T14264] ? security_file_permission+0x71/0x210 [ 643.947606][T14264] ? rw_verify_area+0xcf/0x6c0 [ 643.947621][T14264] ? __pfx_devkmsg_read+0x10/0x10 [ 643.947633][T14264] vfs_readv+0x5c1/0x8b0 [ 643.947652][T14264] ? __pfx_vfs_readv+0x10/0x10 [ 643.947680][T14264] ? __fget_files+0x20e/0x3c0 [ 643.947694][T14264] ? __fget_files+0x130/0x3c0 [ 643.947713][T14264] ? do_readv+0x132/0x340 [ 643.947726][T14264] do_readv+0x132/0x340 [ 643.947740][T14264] ? __pfx_do_readv+0x10/0x10 [ 643.947760][T14264] do_syscall_64+0xcd/0x490 [ 643.947783][T14264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.947797][T14264] RIP: 0033:0x7fd3bb98ebe9 [ 643.947817][T14264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 643.947831][T14264] RSP: 002b:00007fd3bc805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 643.947845][T14264] RAX: ffffffffffffffda RBX: 00007fd3bbbc5fa0 RCX: 00007fd3bb98ebe9 [ 643.947855][T14264] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003 [ 643.947863][T14264] RBP: 00007fd3bc805090 R08: 0000000000000000 R09: 0000000000000000 [ 643.947871][T14264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 643.947879][T14264] R13: 00007fd3bbbc6038 R14: 00007fd3bbbc5fa0 R15: 00007ffdea5a3228 [ 643.947897][T14264] [ 644.891764][T14269] FAULT_INJECTION: forcing a failure. [ 644.891764][T14269] name failslab, interval 1, probability 0, space 0, times 0 [ 644.940484][T14269] CPU: 1 UID: 0 PID: 14269 Comm: syz.2.1650 Not tainted syzkaller #0 PREEMPT(full) [ 644.940529][T14269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 644.940539][T14269] Call Trace: [ 644.940545][T14269] [ 644.940552][T14269] dump_stack_lvl+0x16c/0x1f0 [ 644.940578][T14269] should_fail_ex+0x512/0x640 [ 644.940601][T14269] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 644.940621][T14269] should_failslab+0xc2/0x120 [ 644.940640][T14269] __kmalloc_cache_noprof+0x6a/0x3e0 [ 644.940655][T14269] ? kvm_dev_ioctl+0x15f6/0x1af0 [ 644.940673][T14269] kvm_dev_ioctl+0x15f6/0x1af0 [ 644.940693][T14269] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 644.940713][T14269] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 644.940728][T14269] __x64_sys_ioctl+0x18e/0x210 [ 644.940752][T14269] do_syscall_64+0xcd/0x490 [ 644.940778][T14269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.940792][T14269] RIP: 0033:0x7fd3bb98ebe9 [ 644.940804][T14269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 644.940817][T14269] RSP: 002b:00007fd3bc805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 644.940832][T14269] RAX: ffffffffffffffda RBX: 00007fd3bbbc5fa0 RCX: 00007fd3bb98ebe9 [ 644.940842][T14269] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007 [ 644.940851][T14269] RBP: 00007fd3bba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 644.940859][T14269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 644.940867][T14269] R13: 00007fd3bbbc6038 R14: 00007fd3bbbc5fa0 R15: 00007ffdea5a3228 [ 644.940885][T14269] [ 645.697360][T14274] can: request_module (can-proto-4) failed. [ 647.026713][T14298] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1656'. [ 649.543423][T14333] can0: slcan on ptm0. [ 649.749403][T14332] can0 (unregistered): slcan off ptm0. [ 649.819709][T14342] program syz.3.1665 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 652.294850][T14394] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1672'. [ 655.852710][T14430] sctp: failed to load transform for md5: -4 [ 656.319361][T14451] random: crng reseeded on system resumption [ 656.685155][ T30] audit: type=1800 audit(4294967519.142:33): pid=14434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1679" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 658.880960][T14433] kexec: Could not allocate control_code_buffer [ 660.475037][T14514] FAULT_INJECTION: forcing a failure. [ 660.475037][T14514] name fail_futex, interval 1, probability 0, space 0, times 0 [ 660.499496][T14514] CPU: 1 UID: 0 PID: 14514 Comm: syz.0.1695 Not tainted syzkaller #0 PREEMPT(full) [ 660.499534][T14514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 660.499549][T14514] Call Trace: [ 660.499558][T14514] [ 660.499567][T14514] dump_stack_lvl+0x16c/0x1f0 [ 660.499612][T14514] should_fail_ex+0x512/0x640 [ 660.499659][T14514] get_futex_key+0x1d0/0x1560 [ 660.499697][T14514] ? __pfx_get_futex_key+0x10/0x10 [ 660.499742][T14514] futex_wake+0xea/0x530 [ 660.499780][T14514] ? rcu_is_watching+0x12/0xc0 [ 660.499809][T14514] ? __pfx_futex_wake+0x10/0x10 [ 660.499846][T14514] ? kmem_cache_free+0x2d1/0x4d0 [ 660.499875][T14514] ? fd_install+0x225/0x750 [ 660.499901][T14514] ? putname+0x154/0x1a0 [ 660.499944][T14514] do_futex+0x1e3/0x350 [ 660.499976][T14514] ? __pfx_do_futex+0x10/0x10 [ 660.500020][T14514] __x64_sys_futex+0x1e0/0x4c0 [ 660.500055][T14514] ? __x64_sys_openat+0x174/0x210 [ 660.500097][T14514] ? __pfx___x64_sys_futex+0x10/0x10 [ 660.500130][T14514] ? xfd_validate_state+0x61/0x180 [ 660.500181][T14514] do_syscall_64+0xcd/0x490 [ 660.500226][T14514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.500255][T14514] RIP: 0033:0x7f34a3d8ebe9 [ 660.500277][T14514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.500303][T14514] RSP: 002b:00007f34a4c540e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 660.500331][T14514] RAX: ffffffffffffffda RBX: 00007f34a3fc6098 RCX: 00007f34a3d8ebe9 [ 660.500351][T14514] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34a3fc609c [ 660.500377][T14514] RBP: 00007f34a3fc6090 R08: 00007f34a4c76000 R09: 0000000000000000 [ 660.500396][T14514] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 660.500413][T14514] R13: 00007f34a3fc6128 R14: 00007ffdad43a9d0 R15: 00007ffdad43aab8 [ 660.500449][T14514] [ 661.567833][T14525] random: crng reseeded on system resumption [ 662.462114][T14535] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1698'. [ 664.083177][T14577] FAULT_INJECTION: forcing a failure. [ 664.083177][T14577] name fail_futex, interval 1, probability 0, space 0, times 0 [ 664.181852][T14577] CPU: 0 UID: 0 PID: 14577 Comm: syz.0.1705 Not tainted syzkaller #0 PREEMPT(full) [ 664.181890][T14577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 664.181906][T14577] Call Trace: [ 664.181915][T14577] [ 664.181924][T14577] dump_stack_lvl+0x16c/0x1f0 [ 664.181965][T14577] should_fail_ex+0x512/0x640 [ 664.182006][T14577] get_futex_key+0x1d0/0x1560 [ 664.182037][T14577] ? __pfx_get_futex_key+0x10/0x10 [ 664.182077][T14577] futex_wake+0xea/0x530 [ 664.182116][T14577] ? rcu_is_watching+0x12/0xc0 [ 664.182144][T14577] ? __pfx_futex_wake+0x10/0x10 [ 664.182185][T14577] ? kmem_cache_free+0x2d1/0x4d0 [ 664.182214][T14577] ? fd_install+0x225/0x750 [ 664.182239][T14577] ? putname+0x154/0x1a0 [ 664.182279][T14577] do_futex+0x1e3/0x350 [ 664.182313][T14577] ? __pfx_do_futex+0x10/0x10 [ 664.182355][T14577] __x64_sys_futex+0x1e0/0x4c0 [ 664.182389][T14577] ? __x64_sys_openat+0x174/0x210 [ 664.182429][T14577] ? __pfx___x64_sys_futex+0x10/0x10 [ 664.182464][T14577] ? xfd_validate_state+0x61/0x180 [ 664.182516][T14577] do_syscall_64+0xcd/0x490 [ 664.182558][T14577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.182586][T14577] RIP: 0033:0x7f34a3d8ebe9 [ 664.182608][T14577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 664.182635][T14577] RSP: 002b:00007f34a4c540e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 664.182662][T14577] RAX: ffffffffffffffda RBX: 00007f34a3fc6098 RCX: 00007f34a3d8ebe9 [ 664.182682][T14577] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f34a3fc609c [ 664.182699][T14577] RBP: 00007f34a3fc6090 R08: 00007f34a4c76000 R09: 0000000000000000 [ 664.182717][T14577] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 664.182743][T14577] R13: 00007f34a3fc6128 R14: 00007ffdad43a9d0 R15: 00007ffdad43aab8 [ 664.182781][T14577] [ 666.100645][T14590] FAULT_INJECTION: forcing a failure. [ 666.100645][T14590] name failslab, interval 1, probability 0, space 0, times 0 [ 666.139474][T14590] CPU: 0 UID: 0 PID: 14590 Comm: syz.3.1708 Not tainted syzkaller #0 PREEMPT(full) [ 666.139512][T14590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 666.139528][T14590] Call Trace: [ 666.139537][T14590] [ 666.139547][T14590] dump_stack_lvl+0x16c/0x1f0 [ 666.139592][T14590] should_fail_ex+0x512/0x640 [ 666.139629][T14590] ? __kmalloc_noprof+0xbf/0x510 [ 666.139664][T14590] ? ima_write_template_field_data+0x5d/0x1f0 [ 666.139701][T14590] should_failslab+0xc2/0x120 [ 666.139735][T14590] __kmalloc_noprof+0xd2/0x510 [ 666.139772][T14590] ima_write_template_field_data+0x5d/0x1f0 [ 666.139823][T14590] ima_eventname_init_common+0x1b8/0x260 [ 666.139866][T14590] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 666.139914][T14590] ? trace_kmalloc+0x2b/0xd0 [ 666.139946][T14590] ? __kmalloc_noprof+0x242/0x510 [ 666.139985][T14590] ima_alloc_init_template+0x3a0/0x720 [ 666.140020][T14590] ? rcu_is_watching+0x12/0xc0 [ 666.140053][T14590] ima_store_measurement+0x1eb/0x5c0 [ 666.140089][T14590] ? __pfx_ima_store_measurement+0x10/0x10 [ 666.140124][T14590] ? vfs_getxattr_alloc+0xec/0x340 [ 666.140164][T14590] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 666.140199][T14590] process_measurement+0x1ddb/0x23e0 [ 666.140242][T14590] ? __pfx_process_measurement+0x10/0x10 [ 666.140288][T14590] ? rcu_read_unlock+0x17/0x60 [ 666.140351][T14590] ? debug_mutex_init+0x37/0x70 [ 666.140379][T14590] ? inode_to_bdi+0x9e/0x160 [ 666.140418][T14590] ima_file_check+0xc5/0x110 [ 666.140447][T14590] ? __pfx_ima_file_check+0x10/0x10 [ 666.140498][T14590] security_file_post_open+0x8e/0x210 [ 666.140536][T14590] path_openat+0x1404/0x2cb0 [ 666.140579][T14590] ? __pfx_path_openat+0x10/0x10 [ 666.140621][T14590] do_filp_open+0x20b/0x470 [ 666.140654][T14590] ? __pfx_do_filp_open+0x10/0x10 [ 666.140713][T14590] ? alloc_fd+0x471/0x7d0 [ 666.140752][T14590] do_sys_openat2+0x11b/0x1d0 [ 666.140790][T14590] ? __pfx_do_sys_openat2+0x10/0x10 [ 666.140850][T14590] __x64_sys_openat+0x174/0x210 [ 666.140891][T14590] ? __pfx___x64_sys_openat+0x10/0x10 [ 666.140945][T14590] do_syscall_64+0xcd/0x490 [ 666.140987][T14590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.141015][T14590] RIP: 0033:0x7fe04c98ebe9 [ 666.141043][T14590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 666.141076][T14590] RSP: 002b:00007fe04d819038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 666.141120][T14590] RAX: ffffffffffffffda RBX: 00007fe04cbc6090 RCX: 00007fe04c98ebe9 [ 666.141147][T14590] RDX: 0000000000000142 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 666.141166][T14590] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 666.141192][T14590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 666.141209][T14590] R13: 00007fe04cbc6128 R14: 00007fe04cbc6090 R15: 00007ffdc8d5c7c8 [ 666.141246][T14590] [ 666.144683][ T30] audit: type=1804 audit(4294967528.602:34): pid=14590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.1708" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=29 res=0 errno=0 [ 667.746419][ T30] audit: type=1800 audit(4294967530.202:35): pid=14616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1712" name="features" dev="configfs" ino=47011 res=0 errno=0 [ 668.236972][T14622] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1713'. [ 674.914919][T14732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1736'. [ 675.245898][T14737] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1738'. [ 678.206827][T14786] bond0: Unable to set peer notification delay as MII monitoring is disabled [ 679.479770][T14811] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input60 [ 679.615450][T14810] nbd: must specify a device to reconfigure [ 680.721572][T14847] FAULT_INJECTION: forcing a failure. [ 680.721572][T14847] name failslab, interval 1, probability 0, space 0, times 0 [ 680.734528][T14847] CPU: 0 UID: 0 PID: 14847 Comm: syz.3.1762 Not tainted syzkaller #0 PREEMPT(full) [ 680.734548][T14847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 680.734558][T14847] Call Trace: [ 680.734565][T14847] [ 680.734571][T14847] dump_stack_lvl+0x16c/0x1f0 [ 680.734597][T14847] should_fail_ex+0x512/0x640 [ 680.734619][T14847] ? __kmalloc_noprof+0xbf/0x510 [ 680.734638][T14847] ? kernfs_fop_write_iter+0x237/0x510 [ 680.734651][T14847] should_failslab+0xc2/0x120 [ 680.734671][T14847] __kmalloc_noprof+0xd2/0x510 [ 680.734696][T14847] kernfs_fop_write_iter+0x237/0x510 [ 680.734713][T14847] vfs_write+0x7d0/0x11d0 [ 680.734731][T14847] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 680.734746][T14847] ? __pfx___mutex_lock+0x10/0x10 [ 680.734769][T14847] ? __pfx_vfs_write+0x10/0x10 [ 680.734797][T14847] ksys_write+0x12a/0x250 [ 680.734813][T14847] ? __pfx_ksys_write+0x10/0x10 [ 680.734836][T14847] do_syscall_64+0xcd/0x490 [ 680.734859][T14847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 680.734874][T14847] RIP: 0033:0x7fe04c98ebe9 [ 680.734886][T14847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 680.734900][T14847] RSP: 002b:00007fe04d83a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 680.734914][T14847] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98ebe9 [ 680.734924][T14847] RDX: 0000000000000081 RSI: 0000200000000040 RDI: 0000000000000003 [ 680.734933][T14847] RBP: 00007fe04d83a090 R08: 0000000000000000 R09: 0000000000000000 [ 680.734941][T14847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 680.734950][T14847] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 680.734968][T14847] [ 683.388250][T14905] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 [ 684.211634][T14909] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62 [ 686.003450][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.010338][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.745752][T14953] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1782'. [ 686.786727][T14953] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1782'. [ 687.215542][T14968] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 688.702334][T14997] FAULT_INJECTION: forcing a failure. [ 688.702334][T14997] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 688.718189][T14997] CPU: 1 UID: 0 PID: 14997 Comm: syz.0.1793 Not tainted syzkaller #0 PREEMPT(full) [ 688.718223][T14997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 688.718239][T14997] Call Trace: [ 688.718248][T14997] [ 688.718259][T14997] dump_stack_lvl+0x16c/0x1f0 [ 688.718300][T14997] should_fail_ex+0x512/0x640 [ 688.718342][T14997] _copy_to_user+0x32/0xd0 [ 688.718372][T14997] simple_read_from_buffer+0xcb/0x170 [ 688.718401][T14997] proc_fail_nth_read+0x197/0x240 [ 688.718429][T14997] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 688.718459][T14997] ? rw_verify_area+0xcf/0x6c0 [ 688.718485][T14997] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 688.718512][T14997] vfs_read+0x1e4/0xcf0 [ 688.718545][T14997] ? __pfx___mutex_lock+0x10/0x10 [ 688.718581][T14997] ? __pfx_vfs_read+0x10/0x10 [ 688.718619][T14997] ? __fget_files+0x20e/0x3c0 [ 688.718656][T14997] ksys_read+0x12a/0x250 [ 688.718692][T14997] ? __pfx_ksys_read+0x10/0x10 [ 688.718731][T14997] do_syscall_64+0xcd/0x490 [ 688.718770][T14997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.718795][T14997] RIP: 0033:0x7f34a3d8d5fc [ 688.718815][T14997] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 688.718840][T14997] RSP: 002b:00007f34a4c75030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 688.718865][T14997] RAX: ffffffffffffffda RBX: 00007f34a3fc5fa0 RCX: 00007f34a3d8d5fc [ 688.718883][T14997] RDX: 000000000000000f RSI: 00007f34a4c750a0 RDI: 0000000000000004 [ 688.718898][T14997] RBP: 00007f34a4c75090 R08: 0000000000000000 R09: 0000000000000000 [ 688.718913][T14997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 688.718928][T14997] R13: 00007f34a3fc6038 R14: 00007f34a3fc5fa0 R15: 00007ffdad43aab8 [ 688.718961][T14997] [ 688.906152][ C1] vkms_vblank_simulate: vblank timer overrun [ 689.395220][T15007] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1795'. [ 689.689658][T15012] random: crng reseeded on system resumption [ 690.593695][T15033] ptrace attach of "./syz-executor exec"[15036] was attempted by "./syz-executor exec"[15033] [ 693.436056][T15072] netlink: 'syz.0.1806': attribute type 30 has an invalid length. [ 693.902098][T15086] FAULT_INJECTION: forcing a failure. [ 693.902098][T15086] name fail_futex, interval 1, probability 0, space 0, times 0 [ 693.949183][T15086] CPU: 1 UID: 0 PID: 15086 Comm: syz.2.1807 Not tainted syzkaller #0 PREEMPT(full) [ 693.949223][T15086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 693.949240][T15086] Call Trace: [ 693.949249][T15086] [ 693.949261][T15086] dump_stack_lvl+0x16c/0x1f0 [ 693.949304][T15086] should_fail_ex+0x512/0x640 [ 693.949348][T15086] get_futex_key+0x1d0/0x1560 [ 693.949384][T15086] ? __pfx_get_futex_key+0x10/0x10 [ 693.949428][T15086] futex_wake+0xea/0x530 [ 693.949467][T15086] ? rcu_is_watching+0x12/0xc0 [ 693.949495][T15086] ? __pfx_futex_wake+0x10/0x10 [ 693.949535][T15086] ? kmem_cache_free+0x2d1/0x4d0 [ 693.949563][T15086] ? fd_install+0x225/0x750 [ 693.949588][T15086] ? putname+0x154/0x1a0 [ 693.949629][T15086] do_futex+0x1e3/0x350 [ 693.949661][T15086] ? __pfx_do_futex+0x10/0x10 [ 693.949704][T15086] __x64_sys_futex+0x1e0/0x4c0 [ 693.949738][T15086] ? __x64_sys_openat+0x174/0x210 [ 693.949776][T15086] ? __pfx___x64_sys_futex+0x10/0x10 [ 693.949809][T15086] ? xfd_validate_state+0x61/0x180 [ 693.949857][T15086] do_syscall_64+0xcd/0x490 [ 693.949897][T15086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.949923][T15086] RIP: 0033:0x7fd3bb98ebe9 [ 693.949945][T15086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.949971][T15086] RSP: 002b:00007fd3bc7e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 693.949996][T15086] RAX: ffffffffffffffda RBX: 00007fd3bbbc6098 RCX: 00007fd3bb98ebe9 [ 693.950013][T15086] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd3bbbc609c [ 693.950030][T15086] RBP: 00007fd3bbbc6090 R08: 00007fd3bc806000 R09: 0000000000000000 [ 693.950047][T15086] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 693.950063][T15086] R13: 00007fd3bbbc6128 R14: 00007ffdea5a3140 R15: 00007ffdea5a3228 [ 693.950099][T15086] [ 694.430579][T15092] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 694.647845][T15095] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input63 [ 695.965997][T15118] random: crng reseeded on system resumption [ 695.978235][T15115] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1816'. [ 701.083870][T15234] random: crng reseeded on system resumption [ 707.107312][T15296] could not allocate digest TFM handle [ 707.503355][T15296] could not allocate digest TFM handle @ [ 708.587609][T15333] __vm_enough_memory: pid: 15333, comm: syz.1.1859, bytes: 4398046511104 not enough memory for the allocation [ 714.878580][T15415] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 715.487372][T15425] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1881'. [ 715.736148][T15425] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 717.113425][T15448] FAULT_INJECTION: forcing a failure. [ 717.113425][T15448] name fail_futex, interval 1, probability 0, space 0, times 0 [ 717.126778][T15448] CPU: 0 UID: 0 PID: 15448 Comm: syz.3.1884 Not tainted syzkaller #0 PREEMPT(full) [ 717.126801][T15448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 717.126811][T15448] Call Trace: [ 717.126817][T15448] [ 717.126823][T15448] dump_stack_lvl+0x16c/0x1f0 [ 717.126864][T15448] should_fail_ex+0x512/0x640 [ 717.126891][T15448] get_futex_key+0x1d0/0x1560 [ 717.126914][T15448] ? __pfx_get_futex_key+0x10/0x10 [ 717.126931][T15448] ? kvm_sched_clock_read+0x11/0x20 [ 717.126951][T15448] ? sched_clock+0x38/0x60 [ 717.126970][T15448] ? sched_clock_cpu+0x6c/0x530 [ 717.126988][T15448] ? __cgroup_account_cputime+0xcc/0x120 [ 717.127007][T15448] futex_wait_setup+0x9d/0x550 [ 717.127033][T15448] __futex_wait+0x194/0x2f0 [ 717.127055][T15448] ? __pfx___futex_wait+0x10/0x10 [ 717.127089][T15448] ? __pfx_futex_wake_mark+0x10/0x10 [ 717.127113][T15448] ? futex_private_hash_put+0x176/0x300 [ 717.127133][T15448] ? futex_private_hash_put+0x18a/0x300 [ 717.127152][T15448] futex_wait+0xe8/0x380 [ 717.127174][T15448] ? __pfx_futex_wait+0x10/0x10 [ 717.127195][T15448] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 717.127223][T15448] ? preempt_schedule_thunk+0x16/0x30 [ 717.127246][T15448] do_futex+0x229/0x350 [ 717.127265][T15448] ? __pfx_do_futex+0x10/0x10 [ 717.127284][T15448] ? __pfx_sched_core_share_pid+0x10/0x10 [ 717.127302][T15448] __x64_sys_futex+0x1e0/0x4c0 [ 717.127323][T15448] ? __pfx___x64_sys_futex+0x10/0x10 [ 717.127342][T15448] ? __pfx___do_sys_prctl+0x10/0x10 [ 717.127370][T15448] do_syscall_64+0xcd/0x490 [ 717.127394][T15448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.127409][T15448] RIP: 0033:0x7fe04c98ebe9 [ 717.127421][T15448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.127435][T15448] RSP: 002b:00007fe04d83a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 717.127450][T15448] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa8 RCX: 00007fe04c98ebe9 [ 717.127459][T15448] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe04cbc5fa8 [ 717.127468][T15448] RBP: 00007fe04cbc5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 717.127476][T15448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 717.127485][T15448] R13: 00007fe04cbc6038 R14: 00007ffdc8d5c6e0 R15: 00007ffdc8d5c7c8 [ 717.127504][T15448] [ 718.290641][T15458] vivid-003: ================= START STATUS ================= [ 718.316392][T15458] vivid-003: Radio HW Seek Mode: Bounded [ 718.336009][T15458] vivid-003: Radio Programmable HW Seek: false [ 718.348561][T15458] vivid-003: RDS Rx I/O Mode: Block I/O [ 718.366994][T15458] vivid-003: Generate RBDS Instead of RDS: false [ 718.407783][T15458] vivid-003: RDS Reception: true [ 718.417191][T15458] vivid-003: RDS Program Type: 0 inactive [ 718.425962][T15458] vivid-003: RDS PS Name: inactive [ 718.432612][T15458] vivid-003: RDS Radio Text: inactive [ 718.448028][T15458] vivid-003: RDS Traffic Announcement: false inactive [ 718.456164][T15458] vivid-003: RDS Traffic Program: false inactive [ 718.462843][T15458] vivid-003: RDS Music: false inactive [ 718.470144][T15458] vivid-003: ================== END STATUS ================== [ 719.832715][T13404] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 720.493349][T15513] __vm_enough_memory: pid: 15513, comm: syz.3.1897, bytes: 4398046511104 not enough memory for the allocation [ 720.783003][T15518] Invalid ELF header magic: != ELF [ 722.694095][T15541] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1905'. [ 723.084840][T15557] ptrace attach of "./syz-executor exec"[15558] was attempted by "./syz-executor exec"[15557] [ 723.824073][T15564] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 724.532603][T15583] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1912'. [ 725.137855][T15607] random: crng reseeded on system resumption [ 726.627185][T15638] netlink: 'syz.2.1920': attribute type 1 has an invalid length. [ 726.661059][T15638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1920'. [ 726.995326][T15649] random: crng reseeded on system resumption [ 728.855477][T15686] nbd: must specify a device to reconfigure [ 728.865697][T15685] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1926'. [ 728.867359][T15681] HfR: entered promiscuous mode [ 728.929107][T15685] HfR: left promiscuous mode [ 730.344964][T15719] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 730.750660][T15729] random: crng reseeded on system resumption [ 732.221469][T15758] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 732.677682][T15771] FAULT_INJECTION: forcing a failure. [ 732.677682][T15771] name failslab, interval 1, probability 0, space 0, times 0 [ 732.693802][T15771] CPU: 0 UID: 0 PID: 15771 Comm: syz.3.1952 Not tainted syzkaller #0 PREEMPT(full) [ 732.693838][T15771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 732.693854][T15771] Call Trace: [ 732.693864][T15771] [ 732.693874][T15771] dump_stack_lvl+0x16c/0x1f0 [ 732.693930][T15771] should_fail_ex+0x512/0x640 [ 732.693955][T15771] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 732.693976][T15771] should_failslab+0xc2/0x120 [ 732.693995][T15771] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 732.694012][T15771] ? __proc_create+0xc3/0x8e0 [ 732.694033][T15771] ? __proc_create+0x2ce/0x8e0 [ 732.694056][T15771] __proc_create+0x2ce/0x8e0 [ 732.694077][T15771] ? __pfx___proc_create+0x10/0x10 [ 732.694105][T15771] proc_mkdir+0x81/0x170 [ 732.694125][T15771] ? __pfx_proc_mkdir+0x10/0x10 [ 732.694146][T15771] ? cache_register_net+0x137/0x5e0 [ 732.694171][T15771] cache_register_net+0x18f/0x5e0 [ 732.694193][T15771] unix_gid_cache_create+0x8b/0x130 [ 732.694214][T15771] ? __pfx_sunrpc_init_net+0x10/0x10 [ 732.694230][T15771] sunrpc_init_net+0x71/0x190 [ 732.694248][T15771] ops_init+0x1df/0x5f0 [ 732.694273][T15771] setup_net+0x10f/0x380 [ 732.694284][T15771] ? lockdep_init_map_type+0x5c/0x280 [ 732.694305][T15771] ? __pfx_setup_net+0x10/0x10 [ 732.694319][T15771] ? debug_mutex_init+0x37/0x70 [ 732.694342][T15771] copy_net_ns+0x2a6/0x5f0 [ 732.694360][T15771] create_new_namespaces+0x3ea/0xa90 [ 732.694383][T15771] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 732.694401][T15771] ksys_unshare+0x45b/0xa40 [ 732.694423][T15771] ? __pfx_ksys_unshare+0x10/0x10 [ 732.694443][T15771] ? xfd_validate_state+0x61/0x180 [ 732.694471][T15771] __x64_sys_unshare+0x31/0x40 [ 732.694489][T15771] do_syscall_64+0xcd/0x490 [ 732.694513][T15771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.694528][T15771] RIP: 0033:0x7fe04c98ebe9 [ 732.694541][T15771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 732.694555][T15771] RSP: 002b:00007fe04d83a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 732.694570][T15771] RAX: ffffffffffffffda RBX: 00007fe04cbc5fa0 RCX: 00007fe04c98ebe9 [ 732.694580][T15771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 732.694591][T15771] RBP: 00007fe04ca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 732.694600][T15771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.694609][T15771] R13: 00007fe04cbc6038 R14: 00007fe04cbc5fa0 R15: 00007ffdc8d5c7c8 [ 732.694627][T15771] [ 733.402027][T15780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1955'. [ 735.133731][T15827] ================================================================== [ 735.141916][T15827] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 735.149994][T15827] Read of size 8 at addr ffff88802ae33e18 by task syz.2.1964/15827 [ 735.157866][T15827] [ 735.160183][T15827] CPU: 0 UID: 0 PID: 15827 Comm: syz.2.1964 Not tainted syzkaller #0 PREEMPT(full) [ 735.160202][T15827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 735.160211][T15827] Call Trace: [ 735.160217][T15827] [ 735.160225][T15827] dump_stack_lvl+0x116/0x1f0 [ 735.160250][T15827] print_report+0xcd/0x630 [ 735.160268][T15827] ? __virt_addr_valid+0x81/0x610 [ 735.160287][T15827] ? __phys_addr+0xe8/0x180 [ 735.160303][T15827] ? dvb_device_open+0x36a/0x3b0 [ 735.160317][T15827] kasan_report+0xe0/0x110 [ 735.160335][T15827] ? dvb_device_open+0x36a/0x3b0 [ 735.160348][T15827] ? __pfx_dvb_device_open+0x10/0x10 [ 735.160364][T15827] dvb_device_open+0x36a/0x3b0 [ 735.160376][T15827] ? __pfx_dvb_device_open+0x10/0x10 [ 735.160389][T15827] chrdev_open+0x234/0x6a0 [ 735.160407][T15827] ? __pfx_apparmor_file_open+0x10/0x10 [ 735.160424][T15827] ? __pfx_chrdev_open+0x10/0x10 [ 735.160442][T15827] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 735.160460][T15827] do_dentry_open+0x982/0x1530 [ 735.160477][T15827] ? __pfx_chrdev_open+0x10/0x10 [ 735.160498][T15827] vfs_open+0x82/0x3f0 [ 735.160519][T15827] path_openat+0x1de4/0x2cb0 [ 735.160539][T15827] ? __pfx_path_openat+0x10/0x10 [ 735.160557][T15827] do_filp_open+0x20b/0x470 [ 735.160573][T15827] ? __pfx_do_filp_open+0x10/0x10 [ 735.160596][T15827] ? alloc_fd+0x471/0x7d0 [ 735.160613][T15827] do_sys_openat2+0x11b/0x1d0 [ 735.160633][T15827] ? __pfx_do_sys_openat2+0x10/0x10 [ 735.160657][T15827] __x64_sys_openat+0x174/0x210 [ 735.160681][T15827] ? __pfx___x64_sys_openat+0x10/0x10 [ 735.160706][T15827] do_syscall_64+0xcd/0x490 [ 735.160728][T15827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.160743][T15827] RIP: 0033:0x7fd3bb98ebe9 [ 735.160755][T15827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 735.160770][T15827] RSP: 002b:00007fd3bc805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 735.160784][T15827] RAX: ffffffffffffffda RBX: 00007fd3bbbc5fa0 RCX: 00007fd3bb98ebe9 [ 735.160794][T15827] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 735.160802][T15827] RBP: 00007fd3bba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 735.160811][T15827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 735.160820][T15827] R13: 00007fd3bbbc6038 R14: 00007fd3bbbc5fa0 R15: 00007ffdea5a3228 [ 735.160833][T15827] [ 735.160838][T15827] [ 735.400108][T15827] Allocated by task 15660: [ 735.404507][T15827] kasan_save_stack+0x33/0x60 [ 735.409195][T15827] kasan_save_track+0x14/0x30 [ 735.413859][T15827] __kasan_kmalloc+0xaa/0xb0 [ 735.418436][T15827] sample_init_net+0x56/0x270 [ 735.423110][T15827] ops_init+0x1df/0x5f0 [ 735.427270][T15827] setup_net+0x10f/0x380 [ 735.431583][T15827] copy_net_ns+0x2a6/0x5f0 [ 735.435991][T15827] create_new_namespaces+0x3ea/0xa90 [ 735.441275][T15827] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 735.446967][T15827] ksys_unshare+0x45b/0xa40 [ 735.451471][T15827] __x64_sys_unshare+0x31/0x40 [ 735.456234][T15827] do_syscall_64+0xcd/0x490 [ 735.460739][T15827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.466643][T15827] [ 735.468962][T15827] Freed by task 12484: [ 735.473022][T15827] kasan_save_stack+0x33/0x60 [ 735.477707][T15827] kasan_save_track+0x14/0x30 [ 735.482390][T15827] kasan_save_free_info+0x3b/0x60 [ 735.487435][T15827] __kasan_slab_free+0x60/0x70 [ 735.492195][T15827] kfree+0x2b4/0x4d0 [ 735.496085][T15827] sample_exit_net+0xaa/0x120 [ 735.500770][T15827] ops_undo_list+0x363/0xab0 [ 735.505349][T15827] cleanup_net+0x408/0x890 [ 735.509787][T15827] process_one_work+0x9cf/0x1b70 [ 735.514725][T15827] worker_thread+0x6c8/0xf10 [ 735.519305][T15827] kthread+0x3c5/0x780 [ 735.523378][T15827] ret_from_fork+0x5d7/0x6f0 [ 735.527973][T15827] ret_from_fork_asm+0x1a/0x30 [ 735.532741][T15827] [ 735.535057][T15827] The buggy address belongs to the object at ffff88802ae33e00 [ 735.535057][T15827] which belongs to the cache kmalloc-256 of size 256 [ 735.549104][T15827] The buggy address is located 24 bytes inside of [ 735.549104][T15827] freed 256-byte region [ffff88802ae33e00, ffff88802ae33f00) [ 735.562802][T15827] [ 735.565113][T15827] The buggy address belongs to the physical page: [ 735.571505][T15827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ae32 [ 735.580271][T15827] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 735.588766][T15827] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 735.596651][T15827] page_type: f5(slab) [ 735.600624][T15827] raw: 00fff00000000040 ffff88801b841b40 ffffea00009cc600 dead000000000003 [ 735.609200][T15827] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 735.617790][T15827] head: 00fff00000000040 ffff88801b841b40 ffffea00009cc600 dead000000000003 [ 735.626458][T15827] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 735.635173][T15827] head: 00fff00000000001 ffffea0000ab8c81 00000000ffffffff 00000000ffffffff [ 735.643842][T15827] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 735.652505][T15827] page dumped because: kasan: bad access detected [ 735.658915][T15827] page_owner tracks the page as allocated [ 735.664627][T15827] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 19434166116, free_ts 0 [ 735.684428][T15827] post_alloc_hook+0x1c0/0x230 [ 735.689198][T15827] get_page_from_freelist+0x132b/0x38e0 [ 735.694739][T15827] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 735.700711][T15827] alloc_pages_mpol+0x1fb/0x550 [ 735.705576][T15827] new_slab+0x247/0x330 [ 735.709736][T15827] ___slab_alloc+0xcf2/0x1750 [ 735.714413][T15827] __slab_alloc.constprop.0+0x56/0xb0 [ 735.719782][T15827] __kmalloc_cache_noprof+0xfb/0x3e0 [ 735.725060][T15827] bus_add_driver+0x92/0x690 [ 735.729656][T15827] driver_register+0x15c/0x4b0 [ 735.734412][T15827] usb_register_driver+0x216/0x4d0 [ 735.739512][T15827] do_one_initcall+0x120/0x6e0 [ 735.744269][T15827] kernel_init_freeable+0x5c2/0x910 [ 735.749473][T15827] kernel_init+0x1c/0x2b0 [ 735.753805][T15827] ret_from_fork+0x5d7/0x6f0 [ 735.758399][T15827] ret_from_fork_asm+0x1a/0x30 [ 735.763161][T15827] page_owner free stack trace missing [ 735.768513][T15827] [ 735.770822][T15827] Memory state around the buggy address: [ 735.776450][T15827] ffff88802ae33d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 735.784515][T15827] ffff88802ae33d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 735.792584][T15827] >ffff88802ae33e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 735.800637][T15827] ^ [ 735.805477][T15827] ffff88802ae33e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 735.813529][T15827] ffff88802ae33f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 735.821580][T15827] ================================================================== [ 736.054346][T15827] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 736.061576][T15827] CPU: 0 UID: 0 PID: 15827 Comm: syz.2.1964 Not tainted syzkaller #0 PREEMPT(full) [ 736.070960][T15827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 736.081028][T15827] Call Trace: [ 736.084315][T15827] [ 736.087253][T15827] dump_stack_lvl+0x3d/0x1f0 [ 736.091871][T15827] vpanic+0x6e8/0x7a0 [ 736.095873][T15827] ? __pfx_vpanic+0x10/0x10 [ 736.100399][T15827] ? __pfx_vprintk_emit+0x10/0x10 [ 736.105439][T15827] ? dvb_device_open+0x36a/0x3b0 [ 736.110386][T15827] panic+0xca/0xd0 [ 736.114099][T15827] ? __pfx_panic+0x10/0x10 [ 736.118500][T15827] ? dvb_device_open+0x36a/0x3b0 [ 736.123418][T15827] ? preempt_schedule_common+0x44/0xc0 [ 736.128863][T15827] ? preempt_schedule_thunk+0x16/0x30 [ 736.134221][T15827] ? check_panic_on_warn+0x1f/0xb0 [ 736.139321][T15827] check_panic_on_warn+0xab/0xb0 [ 736.144246][T15827] end_report+0x107/0x170 [ 736.148566][T15827] kasan_report+0xee/0x110 [ 736.152968][T15827] ? dvb_device_open+0x36a/0x3b0 [ 736.157888][T15827] ? __pfx_dvb_device_open+0x10/0x10 [ 736.163165][T15827] dvb_device_open+0x36a/0x3b0 [ 736.167910][T15827] ? __pfx_dvb_device_open+0x10/0x10 [ 736.173185][T15827] chrdev_open+0x234/0x6a0 [ 736.177588][T15827] ? __pfx_apparmor_file_open+0x10/0x10 [ 736.183120][T15827] ? __pfx_chrdev_open+0x10/0x10 [ 736.188477][T15827] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 736.194786][T15827] do_dentry_open+0x982/0x1530 [ 736.199534][T15827] ? __pfx_chrdev_open+0x10/0x10 [ 736.204458][T15827] vfs_open+0x82/0x3f0 [ 736.208516][T15827] path_openat+0x1de4/0x2cb0 [ 736.213092][T15827] ? __pfx_path_openat+0x10/0x10 [ 736.218015][T15827] do_filp_open+0x20b/0x470 [ 736.222504][T15827] ? __pfx_do_filp_open+0x10/0x10 [ 736.227515][T15827] ? alloc_fd+0x471/0x7d0 [ 736.231832][T15827] do_sys_openat2+0x11b/0x1d0 [ 736.236495][T15827] ? __pfx_do_sys_openat2+0x10/0x10 [ 736.241685][T15827] __x64_sys_openat+0x174/0x210 [ 736.246525][T15827] ? __pfx___x64_sys_openat+0x10/0x10 [ 736.251888][T15827] do_syscall_64+0xcd/0x490 [ 736.256381][T15827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.262259][T15827] RIP: 0033:0x7fd3bb98ebe9 [ 736.268659][T15827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 736.288252][T15827] RSP: 002b:00007fd3bc805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 736.296650][T15827] RAX: ffffffffffffffda RBX: 00007fd3bbbc5fa0 RCX: 00007fd3bb98ebe9 [ 736.304606][T15827] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 736.312560][T15827] RBP: 00007fd3bba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 736.320516][T15827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 736.328466][T15827] R13: 00007fd3bbbc6038 R14: 00007fd3bbbc5fa0 R15: 00007ffdea5a3228 [ 736.336438][T15827] [ 736.339689][T15827] Kernel Offset: disabled [ 736.344001][T15827] Rebooting in 86400 seconds..