last executing test programs: 5m47.427039016s ago: executing program 0 (id=321): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) brk$auto(0xffffffffffffff66) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) sendmmsg$auto(0x3, 0x0, 0x3, 0x3) 5m46.591597843s ago: executing program 0 (id=325): socket(0x2c, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x80400, 0x0) socket(0x2, 0x801, 0x100) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r0, 0x4b4e, r0) 5m46.371796202s ago: executing program 0 (id=330): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) r2 = socket(0x18, 0x5, 0x1) connect$auto(r2, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) 5m46.204787391s ago: executing program 0 (id=332): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 5m45.928174777s ago: executing program 0 (id=338): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x3, 0xa) socket(0x11, 0x80003, 0x300) clone3$auto(0x0, 0x9) socketpair$auto(0x1, 0x0, 0xfffffffc, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 5m45.436152947s ago: executing program 0 (id=340): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000082, 0x400}]}) 5m45.205421996s ago: executing program 32 (id=340): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000082, 0x400}]}) 5m8.881974604s ago: executing program 2 (id=638): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x189e42, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = fanotify_init$auto(0xc00, 0x2000000000002) r1 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r1, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000300)=""/239, 0xef) 5m8.768641719s ago: executing program 2 (id=639): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_BTRFS_IOC_FORGET_DEV(0xffffffffffffffff, 0x50009405, &(0x7f00000001c0)={@raw=0xbe, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e5fff4cbe4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ce52a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a7"}) socket(0x18, 0xa, 0x1) r0 = socket(0x2b, 0x1, 0x1) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x59e, 0x0, 0x2, 0x9}, 0x207}, 0x40, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x5}, 0x5, 0x0, 0x2, 0x200}, 0x7ff}, 0x10a, 0x8, 0x0) setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x23) 5m7.788551623s ago: executing program 2 (id=644): socket(0x2, 0x80002, 0x73) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x101000, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/250, 0xfa) mmap$auto(0x0, 0x400004, 0x3ff, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) pkey_free$auto(0xfffffffd) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x4, 0x8, &(0x7f0000000480)={0x0, 0x2}) sched_setattr$auto(0x0, 0x0, 0x0) 5m6.65411381s ago: executing program 2 (id=653): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) r1 = socket(0x10, 0x80002, 0x8) close_range$auto(r1, r1, 0x0) pipe$auto(0x0) splice$auto(r1, 0x0, r0, 0x0, 0x3fb, 0x9) write$auto(0x6, 0x0, 0x100000001) 5m5.749001282s ago: executing program 2 (id=659): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 5m5.332188724s ago: executing program 2 (id=660): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) brk$auto(0xffffffffffffff66) 4m50.15140402s ago: executing program 33 (id=660): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) brk$auto(0xffffffffffffff66) 2m59.018312494s ago: executing program 4 (id=1655): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400000000000400, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r1, 0x0) pivot_root$auto(&(0x7f0000000300)='.\x00\xaf\xeb)\xae$\xfc\x00\xf8\x05AC\x9f\xbbR\xec\xc6c\x85\xc8\xa7\xe84sF\xe3U\x94\x99\x8fR\xd0\x98\f\xa5\xb1S\x7f\xc3\xa5\xc0\x97\x10qa\r\x02\xd2\xc8\xd2\x8e\xc7\x80\x11\x06#\xf5\x18|\xdc\x81Ai\xb6\x96iaR\xdbA\x04\x10\x99\xe6\xdb\xae`G\x1d9`T\xd8\xc6\xea\xf7\x96\xb5\xe9\x164e\xb1 S\x8f\x12_\x15y\x91F\xc89\xb1\xd24?\x89.,Z\xba,\"v\xde\xc4\xe0\x84\xca|\"\x96V\xd5P\xe4\xb9\xea\x88\x15\xacs\xc6\x83\xd6\x81\xd7\x11\x88\x9c\xdd\x8a\x0e\xea\x19|\x7f\xe3A8x\xce\xc1!q\xbbi\\\xd8\xa9\xe0\xed\x9e\x19\xc0IC9^\xfcJG\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000280)='.\x00') 2m58.862085021s ago: executing program 4 (id=1656): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, r0, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x803, 0x8000000000000000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) close_range$auto(0x2, 0x8, 0x0) 2m58.720041464s ago: executing program 4 (id=1659): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x28, 0x805, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, r0, @relative_id=0x13, 0xe600}, 0xf) r3 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) 2m58.44663384s ago: executing program 4 (id=1660): close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x40802, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x29, 0x5, 0x0) r0 = socket(0xa, 0x2, 0x3a) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0x11, 0x80003, 0x300) socket(0xa, 0x801, 0x106) setsockopt$auto(r0, 0x29, 0x4e, 0x0, 0x10000110) 2m57.872086563s ago: executing program 4 (id=1662): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) socket(0x2, 0x1, 0x106) getsockopt$auto(0xffffffffffffffff, 0x110, 0x9, 0xffffffffffffffff, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x1e, 0x805, 0x0) sysfs$auto(0x2, 0x1a, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x3, &(0x7f0000000000)='4\x93f\x06\x04\x00\x00', &(0x7f0000000040), 0x7f) 2m57.253637144s ago: executing program 4 (id=1666): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd4/queue/scheduler\x00', 0x20140, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/180, 0x11e) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800) openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xfffffffc}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010) 2m43.55498422s ago: executing program 5 (id=1765): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1, r2, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) 2m43.507006729s ago: executing program 5 (id=1766): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x42000, 0x0) socket(0x10, 0x2, 0xc) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) socket(0x25, 0x3, 0x6) socket(0x10, 0x2, 0x0) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x3, 0x0) bpf$auto(0x5, &(0x7f0000001540)=@bpf_attr_3={0x9, 0x9, 0x10000, 0x1, 0x9, 0x80000000, 0x3, 0x5, 0x10000, "06dbde4e070000001b0000000800", 0x0, 0x6, 0x2, 0x2, 0x0, 0x81, 0x4eaf, 0x1, 0x2, 0x5, @attach_prog_fd, 0x3, 0x1ff, 0x100000002, 0x101, 0xe4, 0x6, r0}, 0x1000) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) 2m43.377034883s ago: executing program 5 (id=1768): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) sysfs$auto(0x2, 0x48, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x6, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 2m43.289218432s ago: executing program 5 (id=1771): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x2, 0x8, 0x0) connect$auto(0x3, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x10, 0x2, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2m42.410666532s ago: executing program 5 (id=1777): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x401, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x4, 0xffb, 0x8000000008012, 0x3, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\x00\x00\x00', 0x0, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) fspick$auto(0xffffffffffffffff, 0x0, 0x5) sysfs$auto(0x2, 0x2, 0x0) fsmount$auto(0x4, 0x0, 0x200003) 2m42.34627227s ago: executing program 5 (id=1778): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r2, 0x1002, 0x0, 0x0, 0x0, 0x0) 2m42.158978027s ago: executing program 34 (id=1666): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd4/queue/scheduler\x00', 0x20140, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/180, 0x11e) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800) openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xfffffffc}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010) 2m27.309501619s ago: executing program 35 (id=1778): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r2, 0x1002, 0x0, 0x0, 0x0, 0x0) 2m21.525745297s ago: executing program 3 (id=1921): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x4f1, 0x2, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) write$auto(0x3, 0x0, 0xfdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x400053, 0x9) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) 2m20.269207973s ago: executing program 3 (id=1934): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x68, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_SEQ={0x6, 0x6, 0x81}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xe}, @HSR_A_NODE_ADDR={0xa, 0x1, @broadcast}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="db678e66a130"}, @HSR_A_IF1_AGE={0x8, 0x3, 0x3e}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x7fff}, @HSR_A_IFINDEX={0x8}]}, 0x68}, 0x1, 0x0, 0x0, 0x20040084}, 0x40090) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004000800100003800c000980"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf25020000000800030000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000200bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m19.479041001s ago: executing program 3 (id=1938): mmap$auto(0x0, 0x400400009, 0xdf, 0x10, 0xffffffffffffffff, 0xffffffffffffffc9) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) fcntl$auto(r1, 0x400, 0x1) fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) mmap$auto(0x3, 0x4, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) close_range$auto(0x2, 0x8, 0x0) ptrace$auto(0x10, r0, 0x4, 0x8000) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r0, 0xb, 0x5) 2m19.273527596s ago: executing program 3 (id=1940): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) bind$auto(0x4, 0xfffffffffffffffe, 0x0) bind$auto(0x3, 0xfffffffffffffffd, 0x0) write$auto(0x3, 0x0, 0xfdef) 2m19.146075521s ago: executing program 3 (id=1943): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8003) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') mount$auto(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x100000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, 0x0, 0x6f4) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) clone$auto(0x10fffffffe22000, 0x2, 0xfffffffffffffffc, 0xfffffffffffffffc, 0xe45e) 2m18.598107585s ago: executing program 3 (id=1948): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x0, 0x5, 0x7f, 0x10}, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) getpgid$auto(0x0) timer_create$auto(0xffff, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/122, 0x7a) 2m3.505942645s ago: executing program 36 (id=1948): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x0, 0x5, 0x7f, 0x10}, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) getpgid$auto(0x0) timer_create$auto(0xffff, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/122, 0x7a) 3.800113754s ago: executing program 1 (id=2792): syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x80100, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) keyctl$auto(0xe, 0x1, 0x0, 0x5eaf, 0x8) r1 = socket(0x2b, 0x1, 0x1) listen$auto(r1, 0x6) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) close_range$auto(0x2, 0x8, 0x0) 3.697188767s ago: executing program 8 (id=2794): io_uring_setup$auto(0x6, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) socket(0x11, 0x80003, 0x300) socket(0x10, 0x2, 0xffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0) ioctl$auto_BLKCLOSEZONE(0xffffffffffffffff, 0x40101287, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002100)=""/4091, 0xffe2) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffe, 0xd, 0x3000, 0x6, 0x8, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c47, 0x29f, 0x100, 0x1, 0x105, 0x20000800, 0x3}, {0x8, 0x2, 0x52, 0x5, 0x9, 0x800100, 0x76c5, 0x8, 0x100000004}}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000340)='\xa3o\a`\f\f4\xc6\xe7\x8a\x16h\x80\xb5\xed\xe4\xec\xfe\xe50\xb9\xbb1/#\xdc\xdd\xed\xa2\x85\xa1\xd5\xf5\xfeG\xdcI\xe3c\xb8BS\x04Y\xc9N\x98\xc6I_E \xc8^T\x84Mh\xf4Y\xcc\xe4\x9al\x88\x8fX\xcb\xad\x1d*\xec\x1dG@H/N\xaa\x1b\xce\x8b\xff\xcfe\xac\xda\xb0\xbe;-y\x12\x13\x93\x1d\xb5>\x1c\x02Tv\x92\xc0\x1c\xaa\x8a8\x0e_Fv\x00\xdc\nfd\x16\xa6d\xa3z\xdf\xc7o+1\xf4Q\xf7i\xd6.\t\x10\x99\xc4\x06\xa3\xbf*\xbb\xe0H\xc9u+\x17\x93!\x1c\xc3\xcd\xc1y\xaf\xf1\xd1B\xaa[\x9d\xb6\xad\xe2\xff\x9b[{\xd1z\x18\xba\x7f\xb5\x10\xdd1\xf2\x9c\xb0=\xf09\r\xc3\x1b9\xbe\xa8\xe76[/<,\xe1\x90\xb3G}\x85E\xc6\x8ak4\xc3+\xf0\x9f\xe0F\x1b\xdb\x84\x17\xc0\x99\xf1\xb5,\x1f\x8a\xe7\x0f\xd7\xc2{>\xb9q\xc3\xa7\xaaF|\\4\x03Z\xecH\x99\xber\xab\xe6+>\x95\x86\x83\xfb\x16o\x98\xe0\xe9d\xa1z^}\xc7\x12\xe6b\xa2\xb1X\x062\x12\xec\x12.\xbb\x10\x11\xdb_Xo\xfc\xcd\x8av\x80\xf0!n\x8d\xee)\rm\xc5\xee\xd6\xde\xc7\xf8\xdf\xc1?\x82\xca\xb6X\xe3\xfc\xf8\x1a\xe7U\xd6\f\x8e\x98+\x99\x1dqtV\xb4\x05\xa4ge', 0x110000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2000000003, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0x8]}, 0x0) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, 0x0, 0x0, 0x9) 3.534543887s ago: executing program 1 (id=2795): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x147602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fb0\x00', 0x8100, 0x0) socket(0x1d, 0x2, 0x7) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) socket(0xa, 0x3, 0x100) socketpair$auto(0x8, 0x7, 0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_TCFLSH2(r0, 0x8926, 0x0) 3.059619175s ago: executing program 1 (id=2797): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xe1, 0x1000009b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) getrandom$auto(0x0, 0x6000000, 0x3) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0xb) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) timerfd_create$auto(0x7, 0x7) close_range$auto(0x2, 0x8, 0x0) 3.059528377s ago: executing program 7 (id=2798): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) r0 = socket(0x18, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r2 = socket(0x18, 0x5, 0x1) connect$auto(r2, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x80047437, 0x0) 3.003748235s ago: executing program 6 (id=2799): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram4\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce7cb454168d6c0000000000002713df81000000ffffffffffffff2900", 0x3fd, 0x408, 0xffc, 0x400004, 0x200000000040000d}) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) setrlimit$auto(0xb, 0x0) r1 = getpid() r2 = gettid() rt_tgsigqueueinfo$auto(r1, r2, 0x21, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x1fe, 0x81) pkey_mprotect$auto(0x80000000, 0x3000000, 0x7, 0x4) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.95518576s ago: executing program 7 (id=2800): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x40, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 2.876312093s ago: executing program 7 (id=2801): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x20002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24000000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) brk$auto(0xffffffffffffff66) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r3, 0x0, 0x800003, 0x270) 2.802346993s ago: executing program 8 (id=2802): getsockopt$auto_SO_RCVLOWAT(0xffffffffffffffff, 0xe, 0x12, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) r0 = inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(r0, 0x0, 0x2) inotify_add_watch$auto(r0, 0x0, 0x20000e6e) 2.712626534s ago: executing program 8 (id=2803): r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="600000a7", @ANYRES16=r0, @ANYBLOB="01002cbd7000fbdbdf250300000004000800100001800c001080060008"], 0x2c}, 0x1, 0x0, 0x0, 0x24040071}, 0x800) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) sendfile$auto(r4, 0xffffffffffffffff, 0x0, 0x2) sendfile$auto(r2, r3, 0x0, 0x3) acct$auto(&(0x7f00000000c0)='/dev/vcs1\x00') r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)={0x14, r6, 0x1, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) sendfile$auto(r7, r7, 0x0, 0x3) 2.657929974s ago: executing program 6 (id=2804): openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x189002, 0x0) creat$auto(&(0x7f00000000c0)='./file0\x00', 0x0) setreuid$auto(0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/veth1_to_team/arp_ignore\x00', 0x701202, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x40242, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, 0x0, 0x11) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r1, 0x5393, r0) 2.406525827s ago: executing program 8 (id=2805): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x107, 0x18, 0x0, 0x9) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x0, 0x0, 0x92) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mprotect$auto(0xc000, 0x8, 0x8) 2.321948603s ago: executing program 6 (id=2806): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) socket(0x11, 0x80003, 0x300) r2 = socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0x4) r3 = open(0x0, 0x261c2, 0x84) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) 2.167039552s ago: executing program 6 (id=2807): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) read$auto(r0, 0x0, 0x7) r1 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x2, 0x48}) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) shutdown$auto(0x200000003, 0x2) listen$auto(0x3, 0x83) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) r2 = semctl$auto_GETPID(0x6, 0x1, 0xb, 0xb7d2) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r2, 0x5, 0x8) sendmmsg$auto(r1, &(0x7f0000000640)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={&(0x7f0000000780), 0x49}, 0x8, 0x0, 0x5, 0x3}, 0x1}, 0x0, 0x7) 1.943365584s ago: executing program 1 (id=2808): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) io_uring_setup$auto(0x9, 0x0) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r0, r3, 0x4, 0x401, r2, @relative_id=0x14, 0xe600}, 0xd) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) 1.681779847s ago: executing program 6 (id=2809): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1ac}}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0xffffffff, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 1.418317434s ago: executing program 6 (id=2810): socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0) 1.418227946s ago: executing program 1 (id=2811): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0x4, 0x0, 0x100082) 1.260333371s ago: executing program 8 (id=2812): socket(0x2, 0x2, 0x1) setresuid$auto(0x8, 0x8, 0x0) r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x801, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) fsopen$auto(0x0, 0x1) r2 = epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) epoll_ctl$auto(r2, 0x40008, r1, 0x0) 1.163121204s ago: executing program 7 (id=2813): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x2) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video20\x00', 0x80000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/irq/default_smp_affinity\x00', 0x200c82, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 1.047261728s ago: executing program 7 (id=2814): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) socket(0x29, 0x2, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x8040, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r1, 0x0, 0x0) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) 1.047117257s ago: executing program 8 (id=2815): getitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000000)={{0x4, 0xfffffffffffffffe}, {0x6, 0xec}}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) rseq$auto(0x0, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) socket(0x2, 0x3, 0x1) socket$nl_generic(0x10, 0x3, 0x10) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) sendfile$auto(0x6, 0x3, 0x0, 0x20000fffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x17) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x3, 0x0, 0x4, 0x0) remap_file_pages$auto(0x46a27, 0x1003, 0x0, 0xb74, 0x66a) 856.839µs ago: executing program 7 (id=2816): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x400000ff, 0x400, 0x9}]}) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x200007, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x1ff, 0x3) 0s ago: executing program 1 (id=2824): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) recvmmsg$auto(0x3, 0x0, 0x10000, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x4c, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x4}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x2ec}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}, @NFSD_A_SERVER_GRACETIME={0x8}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0xffffffff}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x6}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x1ff}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40040) shutdown$auto(0x200000003, 0x2) kernel console output (not intermixed with test programs): 5861] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 331.248698][ T5861] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 331.257248][ T5861] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 331.536143][T12155] chnl_net:caif_netlink_parms(): no params data found [ 331.677392][T12155] bridge0: port 1(bridge_slave_0) entered blocking state [ 331.685101][T12155] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.699149][T12155] bridge_slave_0: entered allmulticast mode [ 331.706774][T12155] bridge_slave_0: entered promiscuous mode [ 331.714819][T12155] bridge0: port 2(bridge_slave_1) entered blocking state [ 331.722113][T12155] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.729930][T12155] bridge_slave_1: entered allmulticast mode [ 331.737562][T12155] bridge_slave_1: entered promiscuous mode [ 331.794753][T12155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 331.810243][T12155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 331.910259][T12155] team0: Port device team_slave_0 added [ 331.924273][T12155] team0: Port device team_slave_1 added [ 331.981564][T12155] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 331.989116][T12155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 332.016055][T12155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 332.042856][T12155] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 332.061010][T12155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 332.089422][T12155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 332.145666][T12155] hsr_slave_0: entered promiscuous mode [ 332.162454][T12155] hsr_slave_1: entered promiscuous mode [ 332.179018][T12155] debugfs: 'hsr0' already exists in 'hsr' [ 332.189435][T12155] Cannot create hsr debugfs directory [ 332.378313][T12155] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 332.388415][T12155] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 332.402669][T12155] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 332.473260][T12155] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 332.617405][T12155] 8021q: adding VLAN 0 to HW filter on device bond0 [ 332.648864][T12155] 8021q: adding VLAN 0 to HW filter on device team0 [ 332.665690][ T2983] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.668416][T12192] : Can't lookup blockdev [ 332.672860][ T2983] bridge0: port 1(bridge_slave_0) entered forwarding state [ 332.694741][T12192] FAULT_INJECTION: forcing a failure. [ 332.694741][T12192] name failslab, interval 1, probability 0, space 0, times 0 [ 332.709180][T12192] CPU: 1 UID: 0 PID: 12192 Comm: syz.1.2072 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 332.709234][T12192] Tainted: [U]=USER [ 332.709244][T12192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 332.709264][T12192] Call Trace: [ 332.709273][T12192] [ 332.709284][T12192] dump_stack_lvl+0x16c/0x1f0 [ 332.709324][T12192] should_fail_ex+0x512/0x640 [ 332.709365][T12192] ? snd_pcm_plugin_build+0x64/0x650 [ 332.709396][T12192] should_failslab+0xc2/0x120 [ 332.709437][T12192] __kmalloc_noprof+0xd2/0x510 [ 332.709473][T12192] ? __mutex_unlock_slowpath+0x163/0x800 [ 332.709517][T12192] snd_pcm_plugin_build+0x64/0x650 [ 332.709559][T12192] ? snd_pcm_plugin_build+0x4b7/0x650 [ 332.709595][T12192] snd_pcm_plugin_build_linear+0x29d/0x850 [ 332.709628][T12192] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 332.709664][T12192] ? snd_pcm_hw_params+0xcd/0x1ba0 [ 332.709696][T12192] snd_pcm_plug_format_plugins+0x614/0x1430 [ 332.709728][T12192] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 332.709760][T12192] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 332.709806][T12192] snd_pcm_oss_change_params_locked+0x2dec/0x3a30 [ 332.709858][T12192] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 332.709921][T12192] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 332.709974][T12192] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 332.710003][T12192] ? __fget_files+0x204/0x3c0 [ 332.710034][T12192] ? hook_file_ioctl_common+0x145/0x410 [ 332.710076][T12192] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 332.710108][T12192] ? __fget_files+0x20e/0x3c0 [ 332.710143][T12192] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 332.710174][T12192] __x64_sys_ioctl+0x18e/0x210 [ 332.710223][T12192] do_syscall_64+0xcd/0x490 [ 332.710262][T12192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.710293][T12192] RIP: 0033:0x7f94fcd8ebe9 [ 332.710317][T12192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.710348][T12192] RSP: 002b:00007f94fdbb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 332.710380][T12192] RAX: ffffffffffffffda RBX: 00007f94fcfb5fa0 RCX: 00007f94fcd8ebe9 [ 332.710402][T12192] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 332.710422][T12192] RBP: 00007f94fce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 332.710442][T12192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.710461][T12192] R13: 00007f94fcfb6038 R14: 00007f94fcfb5fa0 R15: 00007fff6a9186b8 [ 332.710490][T12192] [ 332.753302][T12155] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 332.982926][T12155] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 332.998678][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 333.005947][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 333.245783][T12155] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 333.292911][ T5861] Bluetooth: hci6: command tx timeout [ 333.757061][T12155] veth0_vlan: entered promiscuous mode [ 333.772591][T12155] veth1_vlan: entered promiscuous mode [ 333.804010][T12155] veth0_macvtap: entered promiscuous mode [ 333.822456][T12155] veth1_macvtap: entered promiscuous mode [ 333.861893][T12155] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 333.885501][T12155] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 333.912595][ T13] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.945760][ T13] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.963470][ T13] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.977408][T12220] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 333.993588][ T13] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.070292][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.083054][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.176006][ T3546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.193817][ T3546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.819432][T12239] FAULT_INJECTION: forcing a failure. [ 334.819432][T12239] name failslab, interval 1, probability 0, space 0, times 0 [ 334.833115][T12239] CPU: 1 UID: 0 PID: 12239 Comm: syz.8.2082 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 334.833167][T12239] Tainted: [U]=USER [ 334.833177][T12239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 334.833193][T12239] Call Trace: [ 334.833203][T12239] [ 334.833213][T12239] dump_stack_lvl+0x16c/0x1f0 [ 334.833253][T12239] should_fail_ex+0x512/0x640 [ 334.833294][T12239] should_failslab+0xc2/0x120 [ 334.833327][T12239] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 334.833362][T12239] ? inode_set_ctime_current+0x2a1/0x8f0 [ 334.833401][T12239] ? jbd2__journal_start+0x193/0x6a0 [ 334.833447][T12239] jbd2__journal_start+0x193/0x6a0 [ 334.833495][T12239] __ext4_journal_start_sb+0x195/0x690 [ 334.833534][T12239] ? ext4_dirty_inode+0xa1/0x130 [ 334.833577][T12239] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 334.833617][T12239] ext4_dirty_inode+0xa1/0x130 [ 334.833656][T12239] ? rcu_is_watching+0x12/0xc0 [ 334.833687][T12239] __mark_inode_dirty+0x1eb/0xe50 [ 334.833734][T12239] generic_update_time+0xcf/0xf0 [ 334.833773][T12239] file_modified+0x207/0x240 [ 334.833814][T12239] ext4_fallocate+0x24a/0x37a0 [ 334.833870][T12239] ? lock_acquire+0x2cd/0x350 [ 334.833910][T12239] ? __pfx___might_resched+0x10/0x10 [ 334.833941][T12239] ? common_file_perm+0x1a9/0x340 [ 334.833981][T12239] ? __pfx_ext4_fallocate+0x10/0x10 [ 334.834036][T12239] vfs_fallocate+0x5b4/0x10e0 [ 334.834072][T12239] ? __pfx_vfs_fallocate+0x10/0x10 [ 334.834109][T12239] ? madvise_vma_behavior+0x2b20/0x2d60 [ 334.834150][T12239] ? lock_release+0x201/0x2f0 [ 334.834183][T12239] madvise_vma_behavior+0x2ad7/0x2d60 [ 334.834217][T12239] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 334.834247][T12239] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 334.834281][T12239] ? __pfx_mas_prev+0x10/0x10 [ 334.834312][T12239] ? find_vma_prev+0xda/0x160 [ 334.834344][T12239] ? __pfx_find_vma_prev+0x10/0x10 [ 334.834378][T12239] ? lock_release+0x201/0x2f0 [ 334.834409][T12239] ? __futex_wait+0x24c/0x2f0 [ 334.834444][T12239] madvise_walk_vmas+0x31f/0x9c0 [ 334.834478][T12239] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 334.834514][T12239] madvise_do_behavior+0x1e2/0x530 [ 334.834546][T12239] ? futex_private_hash_put+0x11c/0x300 [ 334.834573][T12239] ? __pfx_madvise_do_behavior+0x10/0x10 [ 334.834608][T12239] ? down_read+0x13d/0x480 [ 334.834646][T12239] do_madvise+0x176/0x240 [ 334.834677][T12239] ? __pfx_do_madvise+0x10/0x10 [ 334.834709][T12239] ? do_futex+0x122/0x350 [ 334.834744][T12239] ? xfd_validate_state+0x61/0x180 [ 334.834778][T12239] ? __pfx_ksys_write+0x10/0x10 [ 334.834806][T12239] __x64_sys_madvise+0xa9/0x110 [ 334.834838][T12239] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 334.834882][T12239] do_syscall_64+0xcd/0x490 [ 334.834912][T12239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.834936][T12239] RIP: 0033:0x7fc94e58ebe9 [ 334.834955][T12239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.834980][T12239] RSP: 002b:00007fc94f32a038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 334.835005][T12239] RAX: ffffffffffffffda RBX: 00007fc94e7b5fa0 RCX: 00007fc94e58ebe9 [ 334.835021][T12239] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 000000110c230000 [ 334.835036][T12239] RBP: 00007fc94e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 334.835051][T12239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.835065][T12239] R13: 00007fc94e7b6038 R14: 00007fc94e7b5fa0 R15: 00007ffc476155e8 [ 334.835087][T12239] [ 335.360127][ T5861] Bluetooth: hci6: command tx timeout [ 336.804207][ T5861] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 336.813396][ T5861] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 337.428989][ T5861] Bluetooth: hci6: command tx timeout [ 339.034175][T12313] netlink: 306 bytes leftover after parsing attributes in process `syz.7.2106'. [ 339.498319][ T5861] Bluetooth: hci6: command tx timeout [ 340.716257][ T5861] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 341.323355][T12365] futex_wake_op: syz.1.2123 tries to shift op by -2048; fix this program [ 341.362985][T12365] futex_wake_op: syz.1.2123 tries to shift op by -2048; fix this program [ 341.422111][T12365] FAULT_INJECTION: forcing a failure. [ 341.422111][T12365] name failslab, interval 1, probability 0, space 0, times 0 [ 341.436202][T12366] netlink: 226 bytes leftover after parsing attributes in process `syz.8.2122'. [ 341.474542][T12365] CPU: 0 UID: 0 PID: 12365 Comm: syz.1.2123 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 341.474577][T12365] Tainted: [U]=USER [ 341.474584][T12365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 341.474595][T12365] Call Trace: [ 341.474601][T12365] [ 341.474608][T12365] dump_stack_lvl+0x16c/0x1f0 [ 341.474635][T12365] should_fail_ex+0x512/0x640 [ 341.474661][T12365] should_failslab+0xc2/0x120 [ 341.474684][T12365] __kvmalloc_node_noprof+0x137/0x620 [ 341.474705][T12365] ? __pfx_down_write+0x10/0x10 [ 341.474729][T12365] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 341.474756][T12365] ? cache_write_procfs+0xd2/0x160 [ 341.474783][T12365] ? __pfx_cache_write_procfs+0x10/0x10 [ 341.474802][T12365] ? cache_write_procfs+0xd2/0x160 [ 341.474820][T12365] cache_write_procfs+0xd2/0x160 [ 341.474839][T12365] ? __pfx_cache_write_procfs+0x10/0x10 [ 341.474859][T12365] proc_reg_write+0x240/0x330 [ 341.474883][T12365] ? __pfx_proc_reg_write+0x10/0x10 [ 341.474905][T12365] vfs_write+0x29d/0x11d0 [ 341.474926][T12365] ? __pfx___mutex_lock+0x10/0x10 [ 341.474948][T12365] ? __pfx_vfs_write+0x10/0x10 [ 341.474967][T12365] ? __fget_files+0x204/0x3c0 [ 341.474985][T12365] ? rcu_is_watching+0x12/0xc0 [ 341.475005][T12365] ? __fget_files+0x20e/0x3c0 [ 341.475025][T12365] ksys_write+0x12a/0x250 [ 341.475045][T12365] ? __pfx_ksys_write+0x10/0x10 [ 341.475066][T12365] do_syscall_64+0xcd/0x490 [ 341.475088][T12365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.475107][T12365] RIP: 0033:0x7f94fcd8ebe9 [ 341.475122][T12365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.475140][T12365] RSP: 002b:00007f94fdbb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.475158][T12365] RAX: ffffffffffffffda RBX: 00007f94fcfb5fa0 RCX: 00007f94fcd8ebe9 [ 341.475170][T12365] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 341.475180][T12365] RBP: 00007f94fce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 341.475191][T12365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.475201][T12365] R13: 00007f94fcfb6038 R14: 00007f94fcfb5fa0 R15: 00007fff6a9186b8 [ 341.475216][T12365] [ 341.766594][T12366] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2122'. [ 341.776784][T12366] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 342.074122][ T5185] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 342.074163][ T5185] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 342.090831][ T5185] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 342.090888][ T5185] Bluetooth: hci2: Malformed LE Event: 0x0d [ 342.332854][T12376] netlink: 62 bytes leftover after parsing attributes in process `syz.8.2126'. [ 342.435183][T12382] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2127'. [ 342.559229][ T30] audit: type=1806 audit(6050340674.831:14): xattr="." res=0 [ 342.690103][T12390] FAULT_INJECTION: forcing a failure. [ 342.690103][T12390] name failslab, interval 1, probability 0, space 0, times 0 [ 342.748399][T12392] FAULT_INJECTION: forcing a failure. [ 342.748399][T12392] name failslab, interval 1, probability 0, space 0, times 0 [ 342.761447][T12392] CPU: 0 UID: 0 PID: 12392 Comm: syz.8.2134 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 342.761498][T12392] Tainted: [U]=USER [ 342.761509][T12392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 342.761527][T12392] Call Trace: [ 342.761536][T12392] [ 342.761547][T12392] dump_stack_lvl+0x16c/0x1f0 [ 342.761590][T12392] should_fail_ex+0x512/0x640 [ 342.761634][T12392] ? memcg_list_lru_alloc+0x4e9/0x740 [ 342.761671][T12392] should_failslab+0xc2/0x120 [ 342.761711][T12392] __kmalloc_noprof+0xd2/0x510 [ 342.761745][T12392] ? ioctx_alloc+0x5ab/0x2120 [ 342.761787][T12392] ? __x64_sys_io_setup+0xc9/0x210 [ 342.761820][T12392] ? do_syscall_64+0xcd/0x490 [ 342.761859][T12392] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.761893][T12392] memcg_list_lru_alloc+0x4e9/0x740 [ 342.761950][T12392] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 342.761987][T12392] ? rcu_read_unlock+0x17/0x60 [ 342.762031][T12392] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 342.762063][T12392] __memcg_slab_post_alloc_hook+0x133/0x960 [ 342.762106][T12392] ? kasan_save_track+0x14/0x30 [ 342.762142][T12392] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 342.762178][T12392] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 342.762222][T12392] ? __d_alloc+0x32/0xae0 [ 342.762260][T12392] __d_alloc+0x32/0xae0 [ 342.762297][T12392] d_alloc_pseudo+0x1c/0xc0 [ 342.762342][T12392] alloc_file_pseudo+0xcf/0x230 [ 342.762387][T12392] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 342.762436][T12392] ioctx_alloc+0x5ab/0x2120 [ 342.762474][T12392] ? rcu_is_watching+0x12/0xc0 [ 342.762506][T12392] ? __might_fault+0xe3/0x190 [ 342.762539][T12392] ? __pfx_ioctx_alloc+0x10/0x10 [ 342.762570][T12392] ? __might_fault+0xe3/0x190 [ 342.762608][T12392] __x64_sys_io_setup+0xc9/0x210 [ 342.762644][T12392] do_syscall_64+0xcd/0x490 [ 342.762684][T12392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.762714][T12392] RIP: 0033:0x7fc94e58ebe9 [ 342.762737][T12392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.762768][T12392] RSP: 002b:00007fc94f32a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 342.762805][T12392] RAX: ffffffffffffffda RBX: 00007fc94e7b5fa0 RCX: 00007fc94e58ebe9 [ 342.762825][T12392] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 342.762844][T12392] RBP: 00007fc94e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 342.762863][T12392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.762881][T12392] R13: 00007fc94e7b6038 R14: 00007fc94e7b5fa0 R15: 00007ffc476155e8 [ 342.762922][T12392] [ 342.768976][ T5185] Bluetooth: hci1: command tx timeout [ 342.772933][T12392] FAULT_INJECTION: forcing a failure. [ 342.772933][T12392] name failslab, interval 1, probability 0, space 0, times 0 [ 342.989828][T12390] CPU: 1 UID: 0 PID: 12390 Comm: syz.7.2132 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 342.989884][T12390] Tainted: [U]=USER [ 342.989894][T12390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 342.989910][T12390] Call Trace: [ 342.989920][T12390] [ 342.989930][T12390] dump_stack_lvl+0x16c/0x1f0 [ 342.989967][T12390] should_fail_ex+0x512/0x640 [ 342.990004][T12390] ? do_sys_poll+0x24a/0xdf0 [ 342.990031][T12390] should_failslab+0xc2/0x120 [ 342.990066][T12390] __kmalloc_noprof+0xd2/0x510 [ 342.990099][T12390] do_sys_poll+0x24a/0xdf0 [ 342.990130][T12390] ? __pfx_do_sys_poll+0x10/0x10 [ 342.990157][T12390] ? __pfx___schedule+0x10/0x10 [ 342.990197][T12390] ? __futex_wait+0x24c/0x2f0 [ 342.990261][T12390] ? __pfx_timespec64_add_safe+0x10/0x10 [ 342.990300][T12390] ? read_tsc+0x9/0x20 [ 342.990330][T12390] ? ktime_get_ts64+0x256/0x400 [ 342.990365][T12390] __x64_sys_poll+0x1a6/0x450 [ 342.990393][T12390] ? __pfx___x64_sys_poll+0x10/0x10 [ 342.990425][T12390] do_syscall_64+0xcd/0x490 [ 342.990460][T12390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.990486][T12390] RIP: 0033:0x7fad33b8ebe9 [ 342.990508][T12390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.990541][T12390] RSP: 002b:00007fad34a80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 342.990568][T12390] RAX: ffffffffffffffda RBX: 00007fad33db5fa0 RCX: 00007fad33b8ebe9 [ 342.990586][T12390] RDX: 000000000000800a RSI: 000000000000007f RDI: 0000200000000180 [ 342.990603][T12390] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 342.990619][T12390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.990635][T12390] R13: 00007fad33db6038 R14: 00007fad33db5fa0 R15: 00007ffdf8bd3588 [ 342.990660][T12390] [ 343.280561][T12392] CPU: 0 UID: 0 PID: 12392 Comm: syz.8.2134 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 343.280618][T12392] Tainted: [U]=USER [ 343.280629][T12392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 343.280648][T12392] Call Trace: [ 343.280657][T12392] [ 343.280669][T12392] dump_stack_lvl+0x16c/0x1f0 [ 343.280713][T12392] should_fail_ex+0x512/0x640 [ 343.280758][T12392] should_failslab+0xc2/0x120 [ 343.280796][T12392] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 343.280831][T12392] ? rcu_is_watching+0x12/0xc0 [ 343.280863][T12392] ? vm_area_dup+0x27/0x8d0 [ 343.280896][T12392] vm_area_dup+0x27/0x8d0 [ 343.280928][T12392] __split_vma+0x18e/0x1070 [ 343.280963][T12392] ? __pfx___split_vma+0x10/0x10 [ 343.280999][T12392] ? __pfx_mas_prev+0x10/0x10 [ 343.281042][T12392] vms_gather_munmap_vmas+0x3b1/0x1340 [ 343.281080][T12392] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 343.281117][T12392] ? mas_walk+0x6f5/0x980 [ 343.281155][T12392] __mmap_region+0x436/0x27b0 [ 343.281192][T12392] ? __pfx___mmap_region+0x10/0x10 [ 343.281227][T12392] ? finish_task_switch.isra.0+0x21c/0xc10 [ 343.281259][T12392] ? rcu_is_watching+0x12/0xc0 [ 343.281293][T12392] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 343.281340][T12392] ? finish_task_switch.isra.0+0x221/0xc10 [ 343.281372][T12392] ? rcu_is_watching+0x12/0xc0 [ 343.281403][T12392] ? trace_sched_exit_tp+0xd1/0x120 [ 343.281450][T12392] ? __schedule+0x11a3/0x5de0 [ 343.281511][T12392] ? trace_cap_capable+0x18d/0x200 [ 343.281552][T12392] ? cap_capable+0xb3/0x250 [ 343.281585][T12392] mmap_region+0x1ab/0x3f0 [ 343.281619][T12392] ? __get_unmapped_area+0x267/0x440 [ 343.281663][T12392] do_mmap+0xa3e/0x1210 [ 343.281705][T12392] ? __pfx_do_mmap+0x10/0x10 [ 343.281746][T12392] ? __pfx_down_write_killable+0x10/0x10 [ 343.281788][T12392] ? kmem_cache_free+0x2d1/0x4d0 [ 343.281824][T12392] vm_mmap_pgoff+0x29e/0x470 [ 343.281870][T12392] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.281917][T12392] ? __x64_sys_futex+0x1e0/0x4c0 [ 343.281954][T12392] ? __x64_sys_futex+0x1e9/0x4c0 [ 343.281994][T12392] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.282035][T12392] ? xfd_validate_state+0x61/0x180 [ 343.282083][T12392] __x64_sys_mmap+0x125/0x190 [ 343.282132][T12392] do_syscall_64+0xcd/0x490 [ 343.282172][T12392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.282204][T12392] RIP: 0033:0x7fc94e58ebe9 [ 343.282227][T12392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.282258][T12392] RSP: 002b:00007fc94f32a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 343.282289][T12392] RAX: ffffffffffffffda RBX: 00007fc94e7b5fa0 RCX: 00007fc94e58ebe9 [ 343.282310][T12392] RDX: 00000000000000df RSI: 0000000000400004 RDI: 0000000000000000 [ 343.282328][T12392] RBP: 00007fc94e611e19 R08: ffffffffffffffff R09: 0000000000008000 [ 343.282347][T12392] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 343.282366][T12392] R13: 00007fc94e7b6038 R14: 00007fc94e7b5fa0 R15: 00007ffc476155e8 [ 343.282395][T12392] [ 344.739948][T12428] netlink: 'syz.7.2144': attribute type 10 has an invalid length. [ 344.750189][T12428] netlink: 230 bytes leftover after parsing attributes in process `syz.7.2144'. [ 344.763785][T12428] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 345.689864][T12447] netlink: 'syz.1.2150': attribute type 19 has an invalid length. [ 345.722828][T12447] netlink: 226 bytes leftover after parsing attributes in process `syz.1.2150'. [ 346.804443][T12461] random: crng reseeded on system resumption [ 347.109434][T12468] netlink: 'syz.7.2157': attribute type 10 has an invalid length. [ 347.117327][T12468] netlink: 230 bytes leftover after parsing attributes in process `syz.7.2157'. [ 347.378089][T12473] random: crng reseeded on system resumption [ 348.708496][T12496] FAULT_INJECTION: forcing a failure. [ 348.708496][T12496] name failslab, interval 1, probability 0, space 0, times 0 [ 348.792865][T12496] CPU: 1 UID: 0 PID: 12496 Comm: syz.8.2167 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 348.792921][T12496] Tainted: [U]=USER [ 348.792932][T12496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 348.792950][T12496] Call Trace: [ 348.792959][T12496] [ 348.792971][T12496] dump_stack_lvl+0x16c/0x1f0 [ 348.793012][T12496] should_fail_ex+0x512/0x640 [ 348.793057][T12496] ? tomoyo_encode2+0x100/0x3e0 [ 348.793098][T12496] should_failslab+0xc2/0x120 [ 348.793137][T12496] __kmalloc_noprof+0xd2/0x510 [ 348.793170][T12496] ? rcu_is_watching+0x12/0xc0 [ 348.793210][T12496] tomoyo_encode2+0x100/0x3e0 [ 348.793251][T12496] tomoyo_encode+0x29/0x50 [ 348.793291][T12496] tomoyo_mount_acl+0x144/0x850 [ 348.793326][T12496] ? lock_release+0x201/0x2f0 [ 348.793363][T12496] ? bpf_ksym_find+0x124/0x1c0 [ 348.793391][T12496] ? is_bpf_text_address+0x94/0x1a0 [ 348.793429][T12496] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 348.793478][T12496] ? __kernel_text_address+0xd/0x40 [ 348.793506][T12496] ? unwind_get_return_address+0x59/0xa0 [ 348.793539][T12496] ? arch_stack_walk+0xa6/0x100 [ 348.793584][T12496] ? rcu_is_watching+0x12/0xc0 [ 348.793613][T12496] ? lock_acquire+0x2cd/0x350 [ 348.793649][T12496] ? kasan_save_free_info+0x3b/0x60 [ 348.793695][T12496] ? tomoyo_domain+0xbb/0x150 [ 348.793719][T12496] ? tomoyo_profile+0x47/0x60 [ 348.793747][T12496] tomoyo_mount_permission+0x16d/0x420 [ 348.793785][T12496] ? tomoyo_mount_permission+0x14f/0x420 [ 348.793825][T12496] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 348.793875][T12496] security_sb_mount+0x9b/0x260 [ 348.793908][T12496] path_mount+0x15f/0x1fd0 [ 348.793948][T12496] ? __pfx_path_mount+0x10/0x10 [ 348.793986][T12496] ? kmem_cache_free+0x2d1/0x4d0 [ 348.794018][T12496] ? putname+0x154/0x1a0 [ 348.794060][T12496] ? putname+0x154/0x1a0 [ 348.794100][T12496] ? __x64_sys_mount+0x28d/0x310 [ 348.794136][T12496] __x64_sys_mount+0x28d/0x310 [ 348.794173][T12496] ? __pfx___x64_sys_mount+0x10/0x10 [ 348.794217][T12496] do_syscall_64+0xcd/0x490 [ 348.794256][T12496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.794287][T12496] RIP: 0033:0x7fc94e58ebe9 [ 348.794309][T12496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.794336][T12496] RSP: 002b:00007fc94f32a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 348.794366][T12496] RAX: ffffffffffffffda RBX: 00007fc94e7b5fa0 RCX: 00007fc94e58ebe9 [ 348.794386][T12496] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000000 [ 348.794403][T12496] RBP: 00007fc94e611e19 R08: 00002000000001c0 R09: 0000000000000000 [ 348.794423][T12496] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000 [ 348.794440][T12496] R13: 00007fc94e7b6038 R14: 00007fc94e7b5fa0 R15: 00007ffc476155e8 [ 348.794474][T12496] [ 349.437507][T12498] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2168'. [ 349.507948][T12498] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2168'. [ 349.669529][T12505] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2170'. [ 350.813249][T12528] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 351.810949][T12538] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:7 is already present [ 353.649005][T12581] random: crng reseeded on system resumption [ 353.671023][T12579] Invalid ELF header magic: != ELF [ 353.672187][T12581] FAULT_INJECTION: forcing a failure. [ 353.672187][T12581] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 353.726616][T12581] CPU: 1 UID: 0 PID: 12581 Comm: syz.8.2195 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 353.726673][T12581] Tainted: [U]=USER [ 353.726685][T12581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 353.726704][T12581] Call Trace: [ 353.726715][T12581] [ 353.726727][T12581] dump_stack_lvl+0x16c/0x1f0 [ 353.726781][T12581] should_fail_ex+0x512/0x640 [ 353.726828][T12581] should_fail_alloc_page+0xe7/0x130 [ 353.726873][T12581] prepare_alloc_pages+0x3c2/0x610 [ 353.726919][T12581] ? rcu_is_watching+0x12/0xc0 [ 353.726953][T12581] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 353.726997][T12581] ? stack_trace_save+0x8e/0xc0 [ 353.727032][T12581] ? __pfx_stack_trace_save+0x10/0x10 [ 353.727069][T12581] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 353.727110][T12581] ? kasan_save_stack+0x42/0x60 [ 353.727141][T12581] ? kasan_save_stack+0x33/0x60 [ 353.727175][T12581] ? do_dentry_open+0x97f/0x1530 [ 353.727212][T12581] ? vfs_open+0x82/0x3f0 [ 353.727254][T12581] ? path_openat+0x1de4/0x2cb0 [ 353.727289][T12581] ? do_filp_open+0x20b/0x470 [ 353.727323][T12581] ? do_sys_openat2+0x11b/0x1d0 [ 353.727368][T12581] ? __x64_sys_openat+0x174/0x210 [ 353.727415][T12581] ? do_syscall_64+0xcd/0x490 [ 353.727453][T12581] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.727485][T12581] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 353.727529][T12581] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 353.727576][T12581] ? policy_nodemask+0xea/0x4e0 [ 353.727622][T12581] alloc_pages_mpol+0x1fb/0x550 [ 353.727664][T12581] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 353.727709][T12581] alloc_pages_noprof+0x131/0x390 [ 353.727756][T12581] get_zeroed_page_noprof+0x18/0xb0 [ 353.727801][T12581] get_image_page+0x18/0x190 [ 353.727845][T12581] alloc_rtree_node+0x3c/0xb0 [ 353.727876][T12581] memory_bm_create+0x519/0x810 [ 353.727927][T12581] create_basic_memory_bitmaps+0xbd/0x320 [ 353.727965][T12581] snapshot_open+0x235/0x2b0 [ 353.728011][T12581] ? __pfx_snapshot_open+0x10/0x10 [ 353.728049][T12581] misc_open+0x35a/0x420 [ 353.728082][T12581] ? __pfx_misc_open+0x10/0x10 [ 353.728113][T12581] chrdev_open+0x231/0x6a0 [ 353.728154][T12581] ? __pfx_apparmor_file_open+0x10/0x10 [ 353.728188][T12581] ? __pfx_chrdev_open+0x10/0x10 [ 353.728227][T12581] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 353.728263][T12581] do_dentry_open+0x97f/0x1530 [ 353.728296][T12581] ? __pfx_chrdev_open+0x10/0x10 [ 353.728331][T12581] vfs_open+0x82/0x3f0 [ 353.728368][T12581] path_openat+0x1de4/0x2cb0 [ 353.728402][T12581] ? __pfx_path_openat+0x10/0x10 [ 353.728436][T12581] do_filp_open+0x20b/0x470 [ 353.728466][T12581] ? __pfx_do_filp_open+0x10/0x10 [ 353.728506][T12581] ? alloc_fd+0x471/0x7d0 [ 353.728537][T12581] do_sys_openat2+0x11b/0x1d0 [ 353.728581][T12581] ? __pfx_do_sys_openat2+0x10/0x10 [ 353.728625][T12581] ? rcu_is_watching+0x12/0xc0 [ 353.728661][T12581] __x64_sys_openat+0x174/0x210 [ 353.728708][T12581] ? __pfx___x64_sys_openat+0x10/0x10 [ 353.728767][T12581] do_syscall_64+0xcd/0x490 [ 353.728808][T12581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.728835][T12581] RIP: 0033:0x7fc94e58ebe9 [ 353.728857][T12581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.728883][T12581] RSP: 002b:00007fc94f32a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 353.728909][T12581] RAX: ffffffffffffffda RBX: 00007fc94e7b5fa0 RCX: 00007fc94e58ebe9 [ 353.728928][T12581] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 353.728946][T12581] RBP: 00007fc94e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 353.728964][T12581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 353.728981][T12581] R13: 00007fc94e7b6038 R14: 00007fc94e7b5fa0 R15: 00007ffc476155e8 [ 353.729010][T12581] [ 354.324605][T12591] FAULT_INJECTION: forcing a failure. [ 354.324605][T12591] name failslab, interval 1, probability 0, space 0, times 0 [ 354.337516][T12591] CPU: 1 UID: 0 PID: 12591 Comm: syz.6.2199 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 354.337547][T12591] Tainted: [U]=USER [ 354.337553][T12591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 354.337564][T12591] Call Trace: [ 354.337570][T12591] [ 354.337577][T12591] dump_stack_lvl+0x16c/0x1f0 [ 354.337603][T12591] should_fail_ex+0x512/0x640 [ 354.337630][T12591] should_failslab+0xc2/0x120 [ 354.337655][T12591] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 354.337676][T12591] ? trace_fib6_table_lookup+0x183/0x200 [ 354.337703][T12591] ? dst_alloc+0x99/0x1a0 [ 354.337722][T12591] ? fib6_table_lookup+0x7e3/0xa30 [ 354.337746][T12591] ? __pfx_ip6_dst_gc+0x10/0x10 [ 354.337768][T12591] dst_alloc+0x99/0x1a0 [ 354.337787][T12591] ip6_rt_cache_alloc+0x1f6/0x8c0 [ 354.337806][T12591] ? __pfx_ip6_rt_cache_alloc+0x10/0x10 [ 354.337827][T12591] ip6_pol_route+0xd7b/0x1230 [ 354.337847][T12591] ? lock_release+0x201/0x2f0 [ 354.337869][T12591] ? __pfx_ip6_pol_route+0x10/0x10 [ 354.337889][T12591] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 354.337910][T12591] ? kernel_text_address+0x8d/0x100 [ 354.337927][T12591] ? unwind_get_return_address+0x59/0xa0 [ 354.337946][T12591] ? arch_stack_walk+0xa6/0x100 [ 354.337966][T12591] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 354.337986][T12591] fib6_rule_lookup+0x24c/0x720 [ 354.338005][T12591] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 354.338024][T12591] ? stack_trace_save+0x8e/0xc0 [ 354.338043][T12591] ? __pfx_stack_trace_save+0x10/0x10 [ 354.338061][T12591] ? __find_rr_leaf+0x3fc/0xe00 [ 354.338079][T12591] ? stack_depot_save_flags+0x29/0x9c0 [ 354.338104][T12591] ? rcu_is_watching+0x12/0xc0 [ 354.338121][T12591] ? lock_acquire+0x2cd/0x350 [ 354.338143][T12591] ? kasan_save_stack+0x42/0x60 [ 354.338161][T12591] ? kasan_save_stack+0x33/0x60 [ 354.338180][T12591] ? kasan_record_aux_stack+0xa7/0xc0 [ 354.338206][T12591] ? __call_rcu_common.constprop.0+0xa5/0xa10 [ 354.338233][T12591] ip6_route_output_flags+0x1d0/0x640 [ 354.338251][T12591] ip6_dst_lookup_tail.constprop.0+0x115a/0x2140 [ 354.338275][T12591] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 354.338301][T12591] ip6_dst_lookup_flow+0x99/0x1d0 [ 354.338321][T12591] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 354.338340][T12591] ? rawv6_sendmsg+0xb6e/0x4820 [ 354.338365][T12591] ? rcu_is_watching+0x12/0xc0 [ 354.338391][T12591] ? lock_release+0x201/0x2f0 [ 354.338427][T12591] rawv6_sendmsg+0xe85/0x4820 [ 354.338452][T12591] ? aa_label_sk_perm+0x195/0x600 [ 354.338474][T12591] ? ipv6_get_saddr_eval+0x639/0x1090 [ 354.338508][T12591] ? __pfx_aa_label_sk_perm+0x1/0x10 [ 354.338537][T12591] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 354.338553][T12591] ? do_raw_spin_lock+0x12c/0x2b0 [ 354.338580][T12591] ? lock_release+0x201/0x2f0 [ 354.338603][T12591] ? rcu_is_watching+0x12/0xc0 [ 354.338621][T12591] ? finish_task_switch.isra.0+0x21c/0xc10 [ 354.338640][T12591] ? rcu_is_watching+0x12/0xc0 [ 354.338659][T12591] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 354.338692][T12591] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 354.338709][T12591] ? inet_sendmsg+0x11c/0x140 [ 354.338725][T12591] inet_sendmsg+0x11c/0x140 [ 354.338744][T12591] ____sys_sendmsg+0x973/0xc70 [ 354.338771][T12591] ? copy_msghdr_from_user+0x10a/0x160 [ 354.338793][T12591] ? __pfx_____sys_sendmsg+0x10/0x10 [ 354.338820][T12591] ? kfree+0x24f/0x4d0 [ 354.338835][T12591] ? futex_unqueue+0x133/0x2c0 [ 354.338854][T12591] ? rcu_is_watching+0x12/0xc0 [ 354.338871][T12591] ? lock_release+0x201/0x2f0 [ 354.338893][T12591] ___sys_sendmsg+0x134/0x1d0 [ 354.338914][T12591] ? __pfx____sys_sendmsg+0x10/0x10 [ 354.338936][T12591] ? __pfx___futex_wait+0x10/0x10 [ 354.338963][T12591] ? rcu_is_watching+0x12/0xc0 [ 354.338983][T12591] ? __pfx___might_resched+0x10/0x10 [ 354.339003][T12591] __sys_sendmmsg+0x200/0x420 [ 354.339026][T12591] ? __pfx___sys_sendmmsg+0x10/0x10 [ 354.339047][T12591] ? __local_bh_enable_ip+0xa4/0x120 [ 354.339070][T12591] ? __pfx_do_futex+0x10/0x10 [ 354.339095][T12591] ? xfd_validate_state+0x61/0x180 [ 354.339122][T12591] __x64_sys_sendmmsg+0x9c/0x100 [ 354.339143][T12591] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 354.339170][T12591] do_syscall_64+0xcd/0x490 [ 354.339193][T12591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.339211][T12591] RIP: 0033:0x7f238d38ebe9 [ 354.339226][T12591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.339244][T12591] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 354.339262][T12591] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 354.339274][T12591] RDX: 00000000000009a5 RSI: 0000000000000000 RDI: 0000000000000003 [ 354.339285][T12591] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 354.339295][T12591] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000000 [ 354.339306][T12591] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 354.339322][T12591] [ 356.918935][T12624] random: crng reseeded on system resumption [ 356.933084][T12624] FAULT_INJECTION: forcing a failure. [ 356.933084][T12624] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 356.965299][T12624] CPU: 1 UID: 0 PID: 12624 Comm: syz.6.2216 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 356.965354][T12624] Tainted: [U]=USER [ 356.965364][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 356.965384][T12624] Call Trace: [ 356.965392][T12624] [ 356.965404][T12624] dump_stack_lvl+0x16c/0x1f0 [ 356.965475][T12624] should_fail_ex+0x512/0x640 [ 356.965520][T12624] should_fail_alloc_page+0xe7/0x130 [ 356.965563][T12624] prepare_alloc_pages+0x3c2/0x610 [ 356.965607][T12624] ? rcu_is_watching+0x12/0xc0 [ 356.965646][T12624] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 356.965687][T12624] ? stack_trace_save+0x8e/0xc0 [ 356.965720][T12624] ? __pfx_stack_trace_save+0x10/0x10 [ 356.965756][T12624] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 356.965795][T12624] ? kasan_save_stack+0x42/0x60 [ 356.965829][T12624] ? kasan_save_stack+0x33/0x60 [ 356.965865][T12624] ? do_dentry_open+0x97f/0x1530 [ 356.965900][T12624] ? vfs_open+0x82/0x3f0 [ 356.965940][T12624] ? path_openat+0x1de4/0x2cb0 [ 356.965973][T12624] ? do_filp_open+0x20b/0x470 [ 356.966005][T12624] ? do_sys_openat2+0x11b/0x1d0 [ 356.966049][T12624] ? __x64_sys_openat+0x174/0x210 [ 356.966092][T12624] ? do_syscall_64+0xcd/0x490 [ 356.966126][T12624] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.966158][T12624] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 356.966199][T12624] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 356.966243][T12624] ? policy_nodemask+0xea/0x4e0 [ 356.966283][T12624] alloc_pages_mpol+0x1fb/0x550 [ 356.966323][T12624] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 356.966368][T12624] alloc_pages_noprof+0x131/0x390 [ 356.966406][T12624] get_zeroed_page_noprof+0x18/0xb0 [ 356.966451][T12624] get_image_page+0x18/0x190 [ 356.966481][T12624] alloc_rtree_node+0x3c/0xb0 [ 356.966511][T12624] memory_bm_create+0x519/0x810 [ 356.966547][T12624] create_basic_memory_bitmaps+0xbd/0x320 [ 356.966584][T12624] snapshot_open+0x235/0x2b0 [ 356.966618][T12624] ? __pfx_snapshot_open+0x10/0x10 [ 356.966662][T12624] misc_open+0x35a/0x420 [ 356.966694][T12624] ? __pfx_misc_open+0x10/0x10 [ 356.966724][T12624] chrdev_open+0x231/0x6a0 [ 356.966763][T12624] ? __pfx_apparmor_file_open+0x10/0x10 [ 356.966796][T12624] ? __pfx_chrdev_open+0x10/0x10 [ 356.966836][T12624] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 356.966874][T12624] do_dentry_open+0x97f/0x1530 [ 356.966911][T12624] ? __pfx_chrdev_open+0x10/0x10 [ 356.966953][T12624] vfs_open+0x82/0x3f0 [ 356.966999][T12624] path_openat+0x1de4/0x2cb0 [ 356.967045][T12624] ? __pfx_path_openat+0x10/0x10 [ 356.967079][T12624] do_filp_open+0x20b/0x470 [ 356.967110][T12624] ? __pfx_do_filp_open+0x10/0x10 [ 356.967152][T12624] ? alloc_fd+0x471/0x7d0 [ 356.967184][T12624] do_sys_openat2+0x11b/0x1d0 [ 356.967222][T12624] ? __pfx_do_sys_openat2+0x10/0x10 [ 356.967262][T12624] ? rcu_is_watching+0x12/0xc0 [ 356.967297][T12624] __x64_sys_openat+0x174/0x210 [ 356.967342][T12624] ? __pfx___x64_sys_openat+0x10/0x10 [ 356.967393][T12624] do_syscall_64+0xcd/0x490 [ 356.967432][T12624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.967460][T12624] RIP: 0033:0x7f238d38ebe9 [ 356.967484][T12624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.967514][T12624] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 356.967542][T12624] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 356.967562][T12624] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 356.967579][T12624] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 356.967597][T12624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.967615][T12624] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 356.967648][T12624] [ 358.012829][T12635] [U] [ 358.015615][T12635] [U] [ 358.018349][T12635] [U] [ 358.021073][T12635] [U] [ 358.024504][T12635] [U] [ 358.027251][T12635] [U] [ 358.029984][T12635] [U] [ 358.032726][T12635] [U] [ 358.035847][T12635] [U] [ 358.038632][T12635] [U] [ 358.041449][T12635] [U] [ 358.044174][T12635] [U] [ 358.047289][T12635] [U] [ 358.050030][T12635] [U] [ 358.052767][T12635] [U] [ 358.055502][T12635] [U] [ 358.058522][T12635] [U] [ 358.061348][T12635] [U] [ 358.064082][T12635] [U] [ 358.066806][T12635] [U] [ 358.116971][T12635] [U] [ 358.119730][T12635] [U] [ 358.122442][T12635] [U] [ 358.125149][T12635] [U] [ 358.196479][T12635] [U] [ 358.199255][T12635] [U] [ 358.201997][T12635] [U] [ 358.204747][T12635] [U] [ 358.237954][T12635] [U] [ 358.240745][T12635] [U] [ 358.243478][T12635] [U] [ 358.246200][T12635] [U] [ 358.261349][T12635] [U] [ 358.264133][T12635] [U] [ 358.266883][T12635] [U] [ 358.269620][T12635] [U] [ 358.299994][T12635] [U] [ 358.302775][T12635] [U] [ 358.305512][T12635] [U] [ 358.308245][T12635] [U] [ 358.325740][T12644] [U] [ 358.353509][T12641] Invalid ELF header magic: != ELF [ 359.397029][T12667] [U] [ 359.399824][T12667] [U] [ 359.402580][T12667] [U] [ 359.405316][T12667] [U] [ 359.424809][T12667] [U] [ 359.427588][T12667] [U] [ 359.430334][T12667] [U] [ 359.433073][T12667] [U] [ 359.449712][T12667] [U] [ 359.452487][T12667] [U] [ 359.455227][T12667] [U] [ 359.457954][T12667] [U] [ 359.483016][T12667] [U] [ 359.485759][T12667] [U] [ 359.488452][T12667] [U] [ 359.491155][T12667] [U] [ 359.497660][T12667] [U] [ 359.500424][T12667] [U] [ 359.503168][T12667] [U] [ 359.505902][T12667] [U] [ 359.511741][T12667] [U] [ 359.514671][T12667] [U] [ 359.517403][T12667] [U] [ 359.520291][T12667] [U] [ 359.524229][T12667] [U] [ 359.526993][T12667] [U] [ 359.529743][T12667] [U] [ 359.532471][T12667] [U] [ 359.536998][T12667] [U] [ 359.539766][T12667] [U] [ 359.542498][T12667] [U] [ 359.545243][T12667] [U] [ 359.553365][T12667] [U] [ 359.556130][T12667] [U] [ 359.558867][T12667] [U] [ 359.561708][T12667] [U] [ 359.566688][T12667] [U] [ 359.569442][T12667] [U] [ 359.572176][T12667] [U] [ 359.574914][T12667] [U] [ 359.604129][T12683] [U] [ 359.853854][T12687] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2227'. [ 360.311713][T12693] blktrace: Concurrent blktraces are not allowed on loop2 [ 360.960705][T12711] netlink: 25 bytes leftover after parsing attributes in process `syz.6.2242'. [ 363.476241][T12781] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2257'. [ 363.653975][T12787] __vm_enough_memory: pid: 12787, comm: syz.7.2266, bytes: 4398046511104 not enough memory for the allocation [ 363.859277][T12789] FAULT_INJECTION: forcing a failure. [ 363.859277][T12789] name failslab, interval 1, probability 0, space 0, times 0 [ 363.880454][T12789] CPU: 0 UID: 0 PID: 12789 Comm: syz.8.2258 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 363.880510][T12789] Tainted: [U]=USER [ 363.880523][T12789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 363.880543][T12789] Call Trace: [ 363.880554][T12789] [ 363.880565][T12789] dump_stack_lvl+0x16c/0x1f0 [ 363.880608][T12789] should_fail_ex+0x512/0x640 [ 363.880653][T12789] should_failslab+0xc2/0x120 [ 363.880694][T12789] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 363.880730][T12789] ? __pfx___might_resched+0x10/0x10 [ 363.880760][T12789] ? __anon_vma_prepare+0x344/0x5e0 [ 363.880794][T12789] __anon_vma_prepare+0x344/0x5e0 [ 363.880825][T12789] ? __pfx___pte_alloc+0x10/0x10 [ 363.880866][T12789] __vmf_anon_prepare+0x11c/0x240 [ 363.880912][T12789] do_pte_missing+0x10bd/0x3ba0 [ 363.880943][T12789] ? do_raw_spin_unlock+0x172/0x230 [ 363.880991][T12789] ? __pmd_alloc+0x3fb/0x930 [ 363.881038][T12789] __handle_mm_fault+0x152a/0x2a50 [ 363.881075][T12789] ? __pfx___handle_mm_fault+0x10/0x10 [ 363.881105][T12789] ? mt_validate+0x1d6/0x4210 [ 363.881148][T12789] ? find_vma+0xbf/0x140 [ 363.881182][T12789] ? __pfx_find_vma+0x10/0x10 [ 363.881218][T12789] handle_mm_fault+0x589/0xd10 [ 363.881250][T12789] __get_user_pages+0x551/0x34a0 [ 363.881295][T12789] ? __pfx___get_user_pages+0x10/0x10 [ 363.881333][T12789] ? __pfx___might_resched+0x10/0x10 [ 363.881367][T12789] ? cap_capable+0xb3/0x250 [ 363.881397][T12789] populate_vma_page_range+0x267/0x3f0 [ 363.881438][T12789] ? __pfx_populate_vma_page_range+0x10/0x10 [ 363.881478][T12789] ? __pfx_find_vma_intersection+0x10/0x10 [ 363.881516][T12789] ? do_mmap+0x69c/0x1210 [ 363.881555][T12789] __mm_populate+0x1d8/0x380 [ 363.881595][T12789] ? __pfx___mm_populate+0x10/0x10 [ 363.881635][T12789] ? up_write+0x1b2/0x520 [ 363.881673][T12789] vm_mmap_pgoff+0x37f/0x470 [ 363.881710][T12789] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 363.881750][T12789] ? __x64_sys_futex+0x1e0/0x4c0 [ 363.881781][T12789] ? __x64_sys_futex+0x1e9/0x4c0 [ 363.881815][T12789] ksys_mmap_pgoff+0x7d/0x5c0 [ 363.881851][T12789] ? xfd_validate_state+0x61/0x180 [ 363.881887][T12789] ? __pfx_do_writev+0x10/0x10 [ 363.881917][T12789] __x64_sys_mmap+0x125/0x190 [ 363.881959][T12789] do_syscall_64+0xcd/0x490 [ 363.881994][T12789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.882021][T12789] RIP: 0033:0x7fc94e58ebe9 [ 363.882044][T12789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.882071][T12789] RSP: 002b:00007fc94f32a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 363.882099][T12789] RAX: ffffffffffffffda RBX: 00007fc94e7b5fa0 RCX: 00007fc94e58ebe9 [ 363.882119][T12789] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 363.882136][T12789] RBP: 00007fc94e611e19 R08: 0000000000000002 R09: 0000000000008000 [ 363.882153][T12789] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 363.882170][T12789] R13: 00007fc94e7b6038 R14: 00007fc94e7b5fa0 R15: 00007ffc476155e8 [ 363.882196][T12789] [ 364.646241][T12799] blktrace: Concurrent blktraces are not allowed on loop2 [ 364.955499][T12806] [U] [ 364.958284][T12806] [U] [ 364.961007][T12806] [U] [ 364.963724][T12806] [U] [ 364.992201][T12806] [U] [ 364.995075][T12806] [U] [ 364.997811][T12806] [U] [ 365.000537][T12806] [U] [ 365.006005][T12806] [U] [ 365.008768][T12806] [U] [ 365.011514][T12806] [U] [ 365.014236][T12806] [U] [ 365.017500][T12806] [U] [ 365.020247][T12806] [U] [ 365.022977][T12806] [U] [ 365.025734][T12806] [U] [ 365.037715][T12806] [U] [ 365.040482][T12806] [U] [ 365.043216][T12806] [U] [ 365.045952][T12806] [U] [ 365.053599][T12806] [U] [ 365.056358][T12806] [U] [ 365.059101][T12806] [U] [ 365.061844][T12806] [U] [ 365.084374][T12806] [U] [ 365.087147][T12806] [U] [ 365.089885][T12806] [U] [ 365.092618][T12806] [U] [ 365.096851][T12806] [U] [ 365.099599][T12806] [U] [ 365.102331][T12806] [U] [ 365.105073][T12806] [U] [ 365.110063][T12806] [U] [ 365.112783][T12806] [U] [ 365.115597][T12806] [U] [ 365.118298][T12806] [U] [ 365.121738][T12806] [U] [ 365.124484][T12806] [U] [ 365.127216][T12806] [U] [ 365.129941][T12806] [U] [ 365.134176][T12806] [U] [ 365.136907][T12806] [U] [ 365.139635][T12806] [U] [ 365.142371][T12806] [U] [ 365.145615][T12806] [U] [ 365.148394][T12806] [U] [ 365.151106][T12806] [U] [ 365.153805][T12806] [U] [ 365.157542][T12806] [U] [ 365.160303][T12806] [U] [ 365.163035][T12806] [U] [ 365.165814][T12806] [U] [ 365.171076][T12816] [U] [ 367.907514][T12895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2286'. [ 368.164072][T12900] futex_wake_op: syz.8.2287 tries to shift op by -2048; fix this program [ 368.605133][T12916] netlink: 334 bytes leftover after parsing attributes in process `syz.7.2292'. [ 368.739490][T12923] netlink: 330 bytes leftover after parsing attributes in process `syz.8.2293'. [ 368.790217][T12923] veth1_macvtap: left promiscuous mode [ 368.825929][T12923] macsec0: entered promiscuous mode [ 368.836931][T12923] macsec0: entered allmulticast mode [ 369.927671][T12954] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2302'. [ 369.960184][T12955] FAULT_INJECTION: forcing a failure. [ 369.960184][T12955] name failslab, interval 1, probability 0, space 0, times 0 [ 370.006654][T12955] CPU: 0 UID: 0 PID: 12955 Comm: syz.1.2304 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 370.006709][T12955] Tainted: [U]=USER [ 370.006718][T12955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 370.006733][T12955] Call Trace: [ 370.006741][T12955] [ 370.006751][T12955] dump_stack_lvl+0x16c/0x1f0 [ 370.006787][T12955] should_fail_ex+0x512/0x640 [ 370.006821][T12955] ? drm_atomic_state_init+0x17b/0x320 [ 370.006848][T12955] should_failslab+0xc2/0x120 [ 370.006879][T12955] __kmalloc_noprof+0xd2/0x510 [ 370.006909][T12955] drm_atomic_state_init+0x17b/0x320 [ 370.006932][T12955] ? __kasan_kmalloc+0xaa/0xb0 [ 370.006958][T12955] drm_atomic_state_alloc+0xd3/0x120 [ 370.006982][T12955] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 370.007011][T12955] ? __pfx___might_resched+0x10/0x10 [ 370.007037][T12955] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 370.007063][T12955] ? __mutex_lock+0x1c4/0x10b0 [ 370.007091][T12955] ? rcu_is_watching+0x12/0xc0 [ 370.007125][T12955] drm_client_modeset_commit_locked+0x14d/0x580 [ 370.007153][T12955] drm_client_modeset_commit+0x4f/0x80 [ 370.007183][T12955] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 370.007211][T12955] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 370.007252][T12955] drm_fbdev_client_restore+0x2c/0x40 [ 370.007292][T12955] drm_client_dev_restore+0x1f3/0x2a0 [ 370.007323][T12955] drm_release+0x2c4/0x360 [ 370.007352][T12955] ? __pfx_drm_release+0x10/0x10 [ 370.007377][T12955] __fput+0x3ff/0xb70 [ 370.007421][T12955] task_work_run+0x150/0x240 [ 370.007466][T12955] ? __pfx_task_work_run+0x10/0x10 [ 370.007507][T12955] ? __pfx___do_sys_close_range+0x10/0x10 [ 370.007538][T12955] exit_to_user_mode_loop+0xeb/0x110 [ 370.007580][T12955] do_syscall_64+0x3f6/0x490 [ 370.007612][T12955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.007636][T12955] RIP: 0033:0x7f94fcd8ebe9 [ 370.007655][T12955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 370.007678][T12955] RSP: 002b:00007f94fdb98038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 370.007701][T12955] RAX: 0000000000000000 RBX: 00007f94fcfb6090 RCX: 00007f94fcd8ebe9 [ 370.007717][T12955] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 370.007732][T12955] RBP: 00007f94fce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 370.007747][T12955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 370.007761][T12955] R13: 00007f94fcfb6128 R14: 00007f94fcfb6090 R15: 00007fff6a9186b8 [ 370.007785][T12955] [ 370.761622][T12971] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2307'. [ 372.628986][T13015] : Can't lookup blockdev [ 372.645270][T13015] FAULT_INJECTION: forcing a failure. [ 372.645270][T13015] name failslab, interval 1, probability 0, space 0, times 0 [ 372.704065][T13015] CPU: 1 UID: 0 PID: 13015 Comm: syz.6.2322 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 372.704107][T13015] Tainted: [U]=USER [ 372.704114][T13015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 372.704125][T13015] Call Trace: [ 372.704132][T13015] [ 372.704139][T13015] dump_stack_lvl+0x16c/0x1f0 [ 372.704165][T13015] should_fail_ex+0x512/0x640 [ 372.704192][T13015] ? snd_pcm_plugin_build+0x434/0x650 [ 372.704211][T13015] should_failslab+0xc2/0x120 [ 372.704235][T13015] __kmalloc_noprof+0xd2/0x510 [ 372.704255][T13015] ? __mutex_unlock_slowpath+0x163/0x800 [ 372.704284][T13015] snd_pcm_plugin_build+0x434/0x650 [ 372.704304][T13015] snd_pcm_plugin_build_rate+0x27c/0x760 [ 372.704326][T13015] ? __pfx_snd_pcm_plugin_build_rate+0x10/0x10 [ 372.704349][T13015] ? snd_pcm_hw_params+0xcd/0x1ba0 [ 372.704369][T13015] snd_pcm_plug_format_plugins+0x866/0x1430 [ 372.704389][T13015] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 372.704410][T13015] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 372.704441][T13015] snd_pcm_oss_change_params_locked+0x2dec/0x3a30 [ 372.704473][T13015] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 372.704509][T13015] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 372.704547][T13015] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 372.704564][T13015] ? __fget_files+0x204/0x3c0 [ 372.704583][T13015] ? hook_file_ioctl_common+0x145/0x410 [ 372.704606][T13015] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 372.704624][T13015] ? __fget_files+0x20e/0x3c0 [ 372.704643][T13015] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 372.704660][T13015] __x64_sys_ioctl+0x18e/0x210 [ 372.704687][T13015] do_syscall_64+0xcd/0x490 [ 372.704711][T13015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.704730][T13015] RIP: 0033:0x7f238d38ebe9 [ 372.704744][T13015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.704762][T13015] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 372.704780][T13015] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 372.704792][T13015] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 372.704803][T13015] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 372.704814][T13015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.704824][T13015] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 372.704840][T13015] [ 374.131212][T13043] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2329'. [ 374.470691][T13052] FAULT_INJECTION: forcing a failure. [ 374.470691][T13052] name failslab, interval 1, probability 0, space 0, times 0 [ 374.493263][T13052] CPU: 1 UID: 0 PID: 13052 Comm: syz.6.2331 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 374.493314][T13052] Tainted: [U]=USER [ 374.493326][T13052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 374.493342][T13052] Call Trace: [ 374.493352][T13052] [ 374.493374][T13052] dump_stack_lvl+0x16c/0x1f0 [ 374.493417][T13052] should_fail_ex+0x512/0x640 [ 374.493464][T13052] ? drm_atomic_state_init+0xe4/0x320 [ 374.493494][T13052] should_failslab+0xc2/0x120 [ 374.493532][T13052] __kmalloc_noprof+0xd2/0x510 [ 374.493569][T13052] drm_atomic_state_init+0xe4/0x320 [ 374.493599][T13052] ? __kasan_kmalloc+0xaa/0xb0 [ 374.493631][T13052] drm_atomic_state_alloc+0xd3/0x120 [ 374.493662][T13052] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 374.493695][T13052] ? __pfx___might_resched+0x10/0x10 [ 374.493731][T13052] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 374.493764][T13052] ? __mutex_lock+0x1c4/0x10b0 [ 374.493802][T13052] ? rcu_is_watching+0x12/0xc0 [ 374.493848][T13052] drm_client_modeset_commit_locked+0x14d/0x580 [ 374.493883][T13052] drm_client_modeset_commit+0x4f/0x80 [ 374.493916][T13052] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 374.493949][T13052] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 374.493992][T13052] drm_fbdev_client_restore+0x2c/0x40 [ 374.494034][T13052] drm_client_dev_restore+0x1f3/0x2a0 [ 374.494067][T13052] drm_release+0x2c4/0x360 [ 374.494095][T13052] ? __pfx_drm_release+0x10/0x10 [ 374.494120][T13052] __fput+0x3ff/0xb70 [ 374.494159][T13052] task_work_run+0x150/0x240 [ 374.494203][T13052] ? __pfx_task_work_run+0x10/0x10 [ 374.494248][T13052] ? __pfx___do_sys_close_range+0x10/0x10 [ 374.494290][T13052] exit_to_user_mode_loop+0xeb/0x110 [ 374.494335][T13052] do_syscall_64+0x3f6/0x490 [ 374.494386][T13052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.494417][T13052] RIP: 0033:0x7f238d38ebe9 [ 374.494442][T13052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 374.494472][T13052] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 374.494503][T13052] RAX: 0000000000000000 RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 374.494524][T13052] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 374.494543][T13052] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 374.494562][T13052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 374.494581][T13052] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 374.494607][T13052] [ 375.151574][T13070] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2338'. [ 375.265164][T13067] netlink: 13 bytes leftover after parsing attributes in process `syz.8.2338'. [ 376.292782][T13081] netlink: 334 bytes leftover after parsing attributes in process `syz.8.2340'. [ 376.579999][T13092] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2341'. [ 377.876206][T13116] FAULT_INJECTION: forcing a failure. [ 377.876206][T13116] name failslab, interval 1, probability 0, space 0, times 0 [ 377.912692][T13116] CPU: 1 UID: 0 PID: 13116 Comm: syz.8.2346 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 377.912744][T13116] Tainted: [U]=USER [ 377.912756][T13116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 377.912775][T13116] Call Trace: [ 377.912786][T13116] [ 377.912797][T13116] dump_stack_lvl+0x16c/0x1f0 [ 377.912840][T13116] should_fail_ex+0x512/0x640 [ 377.912886][T13116] ? drm_atomic_state_init+0x17b/0x320 [ 377.912918][T13116] should_failslab+0xc2/0x120 [ 377.912960][T13116] __kmalloc_noprof+0xd2/0x510 [ 377.913000][T13116] drm_atomic_state_init+0x17b/0x320 [ 377.913031][T13116] ? __kasan_kmalloc+0xaa/0xb0 [ 377.913066][T13116] drm_atomic_state_alloc+0xd3/0x120 [ 377.913100][T13116] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 377.913134][T13116] ? __pfx___might_resched+0x10/0x10 [ 377.913170][T13116] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 377.913205][T13116] ? __mutex_lock+0x1c4/0x10b0 [ 377.913243][T13116] ? rcu_is_watching+0x12/0xc0 [ 377.913288][T13116] drm_client_modeset_commit_locked+0x14d/0x580 [ 377.913325][T13116] drm_client_modeset_commit+0x4f/0x80 [ 377.913358][T13116] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 377.913392][T13116] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 377.913436][T13116] drm_fbdev_client_restore+0x2c/0x40 [ 377.913478][T13116] drm_client_dev_restore+0x1f3/0x2a0 [ 377.913521][T13116] drm_release+0x2c4/0x360 [ 377.913552][T13116] ? __pfx_drm_release+0x10/0x10 [ 377.913579][T13116] __fput+0x3ff/0xb70 [ 377.913625][T13116] task_work_run+0x150/0x240 [ 377.913673][T13116] ? __pfx_task_work_run+0x10/0x10 [ 377.913720][T13116] ? __pfx___do_sys_close_range+0x10/0x10 [ 377.913761][T13116] exit_to_user_mode_loop+0xeb/0x110 [ 377.913806][T13116] do_syscall_64+0x3f6/0x490 [ 377.913847][T13116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.913878][T13116] RIP: 0033:0x7fc94e58ebe9 [ 377.913901][T13116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.913928][T13116] RSP: 002b:00007fc94c7f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 377.913957][T13116] RAX: 0000000000000000 RBX: 00007fc94e7b6090 RCX: 00007fc94e58ebe9 [ 377.913976][T13116] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 377.913994][T13116] RBP: 00007fc94e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 377.914012][T13116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 377.914029][T13116] R13: 00007fc94e7b6128 R14: 00007fc94e7b6090 R15: 00007ffc476155e8 [ 377.914057][T13116] [ 380.173797][T13164] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2361'. [ 380.191934][T13164] netlink: 13 bytes leftover after parsing attributes in process `syz.7.2361'. [ 381.585261][T13190] netlink: 334 bytes leftover after parsing attributes in process `syz.7.2369'. [ 382.501100][T13206] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2372'. [ 382.511844][T13206] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2372'. [ 383.123369][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.136389][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.849907][T13268] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2399'. [ 386.070197][T13308] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2412'. [ 386.081482][T13308] netlink: 298 bytes leftover after parsing attributes in process `syz.1.2412'. [ 386.141500][T13310] ubi0: attaching mtd0 [ 386.153790][T13310] ubi0: scanning is finished [ 386.158936][T13310] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 386.247087][T13310] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 386.303094][T13316] FAULT_INJECTION: forcing a failure. [ 386.303094][T13316] name failslab, interval 1, probability 0, space 0, times 0 [ 386.317367][T13316] CPU: 1 UID: 0 PID: 13316 Comm: syz.7.2416 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 386.317421][T13316] Tainted: [U]=USER [ 386.317433][T13316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 386.317451][T13316] Call Trace: [ 386.317461][T13316] [ 386.317471][T13316] dump_stack_lvl+0x16c/0x1f0 [ 386.317514][T13316] should_fail_ex+0x512/0x640 [ 386.317558][T13316] should_failslab+0xc2/0x120 [ 386.317599][T13316] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 386.317640][T13316] ? __kthread_create_on_node+0x186/0x3f0 [ 386.317684][T13316] kvasprintf+0xbc/0x160 [ 386.317712][T13316] ? __pfx_kvasprintf+0x10/0x10 [ 386.317746][T13316] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 386.317782][T13316] __kthread_create_on_node+0x186/0x3f0 [ 386.317822][T13316] ? __pfx___kthread_create_on_node+0x10/0x10 [ 386.317869][T13316] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 386.317906][T13316] kthread_create_on_node+0xc7/0x100 [ 386.317945][T13316] ? __pfx_kthread_create_on_node+0x10/0x10 [ 386.317988][T13316] ? tomoyo_notify_gc+0xc6/0x470 [ 386.318023][T13316] ? rcu_is_watching+0x12/0xc0 [ 386.318052][T13316] ? lock_release+0x201/0x2f0 [ 386.318091][T13316] tomoyo_notify_gc+0xea/0x470 [ 386.318123][T13316] ? ima_iint_find+0xea/0x130 [ 386.318151][T13316] ? __pfx_tomoyo_release+0x10/0x10 [ 386.318191][T13316] tomoyo_release+0x31/0x40 [ 386.318239][T13316] __fput+0x3ff/0xb70 [ 386.318284][T13316] task_work_run+0x150/0x240 [ 386.318328][T13316] ? __pfx_task_work_run+0x10/0x10 [ 386.318374][T13316] ? __pfx___do_sys_close_range+0x10/0x10 [ 386.318410][T13316] exit_to_user_mode_loop+0xeb/0x110 [ 386.318453][T13316] do_syscall_64+0x3f6/0x490 [ 386.318491][T13316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 386.318521][T13316] RIP: 0033:0x7fad33b8ebe9 [ 386.318544][T13316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 386.318574][T13316] RSP: 002b:00007fad34a80038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 386.318600][T13316] RAX: 0000000000000000 RBX: 00007fad33db5fa0 RCX: 00007fad33b8ebe9 [ 386.318618][T13316] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 386.318636][T13316] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 386.318654][T13316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 386.318673][T13316] R13: 00007fad33db6038 R14: 00007fad33db5fa0 R15: 00007ffdf8bd3588 [ 386.318700][T13316] [ 388.137890][ T5185] Bluetooth: hci6: unexpected event 0x1d length: 6 > 5 [ 388.584054][T13364] netlink: 'syz.7.2430': attribute type 10 has an invalid length. [ 388.647110][T13364] netlink: 230 bytes leftover after parsing attributes in process `syz.7.2430'. [ 388.687374][T13364] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 389.176148][T13375] FAULT_INJECTION: forcing a failure. [ 389.176148][T13375] name failslab, interval 1, probability 0, space 0, times 0 [ 389.199950][T13375] CPU: 0 UID: 0 PID: 13375 Comm: syz.7.2432 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 389.199993][T13375] Tainted: [U]=USER [ 389.199999][T13375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 389.200011][T13375] Call Trace: [ 389.200017][T13375] [ 389.200024][T13375] dump_stack_lvl+0x16c/0x1f0 [ 389.200051][T13375] should_fail_ex+0x512/0x640 [ 389.200079][T13375] should_failslab+0xc2/0x120 [ 389.200103][T13375] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 389.200125][T13375] ? acpi_ut_allocate_owner_id+0x2d6/0x3a0 [ 389.200144][T13375] ? acpi_ps_alloc_op+0xf1/0x310 [ 389.200168][T13375] acpi_ps_alloc_op+0xf1/0x310 [ 389.200190][T13375] acpi_ps_create_scope_op+0x1a/0x70 [ 389.200213][T13375] acpi_ps_execute_method+0x1b1/0xb30 [ 389.200237][T13375] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 389.200264][T13375] acpi_ns_evaluate+0x76c/0xca0 [ 389.200296][T13375] ? kasan_save_track+0x14/0x30 [ 389.200317][T13375] acpi_evaluate_object+0x1fa/0xa90 [ 389.200337][T13375] ? __kvmalloc_node_noprof+0x27b/0x620 [ 389.200355][T13375] ? seq_read_iter+0x826/0x12c0 [ 389.200372][T13375] ? kernfs_fop_read_iter+0x40f/0x5a0 [ 389.200390][T13375] ? do_syscall_64+0xcd/0x490 [ 389.200412][T13375] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.200431][T13375] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 389.200451][T13375] ? __mutex_trylock_common+0xe9/0x250 [ 389.200476][T13375] acpi_evaluate_integer+0xdd/0x200 [ 389.200494][T13375] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 389.200514][T13375] ? __pfx_status_show+0x10/0x10 [ 389.200534][T13375] status_show+0xa0/0x120 [ 389.200554][T13375] ? __pfx_status_show+0x10/0x10 [ 389.200574][T13375] ? rcu_is_watching+0x12/0xc0 [ 389.200592][T13375] ? lock_release+0x201/0x2f0 [ 389.200614][T13375] dev_attr_show+0x53/0xe0 [ 389.200640][T13375] ? __pfx_dev_attr_show+0x10/0x10 [ 389.200664][T13375] sysfs_kf_seq_show+0x216/0x3e0 [ 389.200685][T13375] seq_read_iter+0x506/0x12c0 [ 389.200702][T13375] ? __mutex_trylock_common+0xe9/0x250 [ 389.200727][T13375] kernfs_fop_read_iter+0x40f/0x5a0 [ 389.200743][T13375] ? rw_verify_area+0xcf/0x6c0 [ 389.200761][T13375] vfs_read+0x8bf/0xcf0 [ 389.200781][T13375] ? __pfx___mutex_lock+0x10/0x10 [ 389.200803][T13375] ? __pfx_vfs_read+0x10/0x10 [ 389.200827][T13375] ksys_read+0x12a/0x250 [ 389.200846][T13375] ? __pfx_ksys_read+0x10/0x10 [ 389.200867][T13375] do_syscall_64+0xcd/0x490 [ 389.200889][T13375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.200907][T13375] RIP: 0033:0x7fad33b8ebe9 [ 389.200921][T13375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.200939][T13375] RSP: 002b:00007fad34a5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 389.200957][T13375] RAX: ffffffffffffffda RBX: 00007fad33db6090 RCX: 00007fad33b8ebe9 [ 389.200969][T13375] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 389.200980][T13375] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 389.200991][T13375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 389.201001][T13375] R13: 00007fad33db6128 R14: 00007fad33db6090 R15: 00007ffdf8bd3588 [ 389.201016][T13375] [ 390.347754][T13387] netlink: 330 bytes leftover after parsing attributes in process `syz.8.2437'. [ 391.783864][T13413] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2447'. [ 391.793354][T13413] : renamed from bond0 (while UP) [ 392.405864][T13429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2452'. [ 392.466814][T13429] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2452'. [ 393.818123][T13422] kexec: Could not allocate control_code_buffer [ 393.894603][T13447] FAULT_INJECTION: forcing a failure. [ 393.894603][T13447] name failslab, interval 1, probability 0, space 0, times 0 [ 393.931972][T13447] CPU: 1 UID: 0 PID: 13447 Comm: syz.8.2456 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 393.932029][T13447] Tainted: [U]=USER [ 393.932040][T13447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 393.932060][T13447] Call Trace: [ 393.932071][T13447] [ 393.932083][T13447] dump_stack_lvl+0x16c/0x1f0 [ 393.932126][T13447] should_fail_ex+0x512/0x640 [ 393.932173][T13447] should_failslab+0xc2/0x120 [ 393.932226][T13447] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 393.932264][T13447] ? acpi_ps_alloc_op+0xf1/0x310 [ 393.932308][T13447] acpi_ps_alloc_op+0xf1/0x310 [ 393.932349][T13447] acpi_ps_create_scope_op+0x1a/0x70 [ 393.932390][T13447] acpi_ps_execute_method+0x1b1/0xb30 [ 393.932434][T13447] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 393.932481][T13447] acpi_ns_evaluate+0x76c/0xca0 [ 393.932526][T13447] ? kasan_save_track+0x14/0x30 [ 393.932564][T13447] acpi_evaluate_object+0x1fa/0xa90 [ 393.932598][T13447] ? __kvmalloc_node_noprof+0x27b/0x620 [ 393.932630][T13447] ? seq_read_iter+0x826/0x12c0 [ 393.932658][T13447] ? kernfs_fop_read_iter+0x40f/0x5a0 [ 393.932686][T13447] ? do_syscall_64+0xcd/0x490 [ 393.932724][T13447] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.932756][T13447] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 393.932792][T13447] ? __mutex_trylock_common+0xe9/0x250 [ 393.932838][T13447] acpi_evaluate_integer+0xdd/0x200 [ 393.932870][T13447] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 393.932908][T13447] ? __pfx_status_show+0x10/0x10 [ 393.932945][T13447] status_show+0xa0/0x120 [ 393.932982][T13447] ? __pfx_status_show+0x10/0x10 [ 393.933018][T13447] ? rcu_is_watching+0x12/0xc0 [ 393.933049][T13447] ? lock_release+0x201/0x2f0 [ 393.933091][T13447] dev_attr_show+0x53/0xe0 [ 393.933137][T13447] ? __pfx_dev_attr_show+0x10/0x10 [ 393.933182][T13447] sysfs_kf_seq_show+0x216/0x3e0 [ 393.933227][T13447] seq_read_iter+0x506/0x12c0 [ 393.933263][T13447] ? __mutex_trylock_common+0xe9/0x250 [ 393.933311][T13447] kernfs_fop_read_iter+0x40f/0x5a0 [ 393.933340][T13447] ? rw_verify_area+0xcf/0x6c0 [ 393.933374][T13447] vfs_read+0x8bf/0xcf0 [ 393.933411][T13447] ? __pfx___mutex_lock+0x10/0x10 [ 393.933454][T13447] ? __pfx_vfs_read+0x10/0x10 [ 393.933497][T13447] ksys_read+0x12a/0x250 [ 393.933532][T13447] ? __pfx_ksys_read+0x10/0x10 [ 393.933572][T13447] do_syscall_64+0xcd/0x490 [ 393.933614][T13447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.933646][T13447] RIP: 0033:0x7fc94e58ebe9 [ 393.933671][T13447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.933703][T13447] RSP: 002b:00007fc94c7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 393.933734][T13447] RAX: ffffffffffffffda RBX: 00007fc94e7b6090 RCX: 00007fc94e58ebe9 [ 393.933755][T13447] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 393.933775][T13447] RBP: 00007fc94e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 393.933794][T13447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.933813][T13447] R13: 00007fc94e7b6128 R14: 00007fc94e7b6090 R15: 00007ffc476155e8 [ 393.933842][T13447] [ 394.490638][T13451] : Can't lookup blockdev [ 394.629646][T13451] FAULT_INJECTION: forcing a failure. [ 394.629646][T13451] name failslab, interval 1, probability 0, space 0, times 0 [ 394.831528][T13451] CPU: 1 UID: 0 PID: 13451 Comm: syz.7.2459 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 394.831585][T13451] Tainted: [U]=USER [ 394.831597][T13451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 394.831617][T13451] Call Trace: [ 394.831627][T13451] [ 394.831639][T13451] dump_stack_lvl+0x16c/0x1f0 [ 394.831685][T13451] should_fail_ex+0x512/0x640 [ 394.831732][T13451] should_failslab+0xc2/0x120 [ 394.831773][T13451] __kvmalloc_node_noprof+0x137/0x620 [ 394.831807][T13451] ? rcu_is_watching+0x12/0xc0 [ 394.831841][T13451] ? kfree+0x24f/0x4d0 [ 394.831868][T13451] ? snd_pcm_plugin_alloc+0x5f8/0x7f0 [ 394.831904][T13451] ? snd_pcm_plugin_alloc+0x5f8/0x7f0 [ 394.831934][T13451] snd_pcm_plugin_alloc+0x5f8/0x7f0 [ 394.831970][T13451] snd_pcm_plug_alloc+0x146/0x330 [ 394.832004][T13451] snd_pcm_oss_change_params_locked+0x19b8/0x3a30 [ 394.832064][T13451] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 394.832129][T13451] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 394.832183][T13451] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 394.832226][T13451] ? __fget_files+0x204/0x3c0 [ 394.832260][T13451] ? hook_file_ioctl_common+0x145/0x410 [ 394.832302][T13451] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 394.832335][T13451] ? __fget_files+0x20e/0x3c0 [ 394.832372][T13451] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 394.832404][T13451] __x64_sys_ioctl+0x18e/0x210 [ 394.832453][T13451] do_syscall_64+0xcd/0x490 [ 394.832498][T13451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.832529][T13451] RIP: 0033:0x7fad33b8ebe9 [ 394.832555][T13451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.832588][T13451] RSP: 002b:00007fad34a80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 394.832620][T13451] RAX: ffffffffffffffda RBX: 00007fad33db5fa0 RCX: 00007fad33b8ebe9 [ 394.832642][T13451] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 394.832661][T13451] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 394.832680][T13451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 394.832697][T13451] R13: 00007fad33db6038 R14: 00007fad33db5fa0 R15: 00007ffdf8bd3588 [ 394.832724][T13451] [ 396.634116][T13490] netlink: 50 bytes leftover after parsing attributes in process `syz.8.2472'. [ 398.363525][T13527] sp0: Synchronizing with TNC [ 398.614982][T13508] kexec: Could not allocate control_code_buffer [ 399.670386][T13553] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 400.970859][T13546] kexec: Could not allocate control_code_buffer [ 401.481955][T13573] netlink: 338 bytes leftover after parsing attributes in process `syz.8.2496'. [ 401.552781][T13573] netlink: 338 bytes leftover after parsing attributes in process `syz.8.2496'. [ 401.618129][T13576] netlink: 290 bytes leftover after parsing attributes in process `syz.8.2496'. [ 401.636993][T13573] netlink: 290 bytes leftover after parsing attributes in process `syz.8.2496'. [ 402.205229][T13583] ubi0: attaching mtd0 [ 402.222965][T13583] ubi0 warning: ubi_attach: valid VID header but corrupted EC header at PEB 0 [ 402.251819][T13583] ubi0 warning: ubi_attach: valid VID header but corrupted EC header at PEB 1 [ 402.260958][T13583] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1 [ 402.269484][T13583] eraseblock attaching information dump: [ 402.281648][T13583] ec -1 [ 402.292242][T13583] pnum 0 [ 402.295559][T13583] lnum 0 [ 402.310223][T13583] scrub 1 [ 402.314747][T13583] sqnum 1 [ 402.320279][T13583] Volume identifier header dump: [ 402.329468][T13583] magic 55424921 [ 402.361305][T13583] version 1 [ 402.369600][T13583] vol_type 1 [ 402.377446][T13583] copy_flag 0 [ 402.382921][T13583] compat 5 [ 402.388568][T13583] vol_id 2147479551 [ 402.392949][T13583] lnum 0 [ 402.397379][T13583] data_size 0 [ 402.402907][T13583] used_ebs 0 [ 402.408662][T13583] data_pad 0 [ 402.414698][T13583] sqnum 1 [ 402.420245][T13583] hdr_crc 65b3bd2d [ 402.425760][T13583] Volume identifier header hexdump: [ 402.629374][T13583] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 403.417772][T13616] sp0: Synchronizing with TNC [ 403.460590][ T5185] Bluetooth: hci5: unexpected event 0x36 length: 123 > 7 [ 403.508663][T13618] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2507'. [ 403.533215][T13618] veth0_macvtap: entered allmulticast mode [ 404.354784][T13641] FAULT_INJECTION: forcing a failure. [ 404.354784][T13641] name failslab, interval 1, probability 0, space 0, times 0 [ 404.430366][T13641] CPU: 0 UID: 0 PID: 13641 Comm: syz.7.2516 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 404.430419][T13641] Tainted: [U]=USER [ 404.430431][T13641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 404.430451][T13641] Call Trace: [ 404.430460][T13641] [ 404.430472][T13641] dump_stack_lvl+0x16c/0x1f0 [ 404.430516][T13641] should_fail_ex+0x512/0x640 [ 404.430562][T13641] should_failslab+0xc2/0x120 [ 404.430602][T13641] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 404.430643][T13641] ? ref_tracker_alloc+0x2fe/0x5b0 [ 404.430687][T13641] ? neigh_sysctl_register+0xb2/0x670 [ 404.430730][T13641] kmemdup_noprof+0x29/0x60 [ 404.430766][T13641] neigh_sysctl_register+0xb2/0x670 [ 404.430804][T13641] ? call_netdevice_notifiers_info+0xbe/0x140 [ 404.430853][T13641] ? __pfx_neigh_sysctl_register+0x10/0x10 [ 404.430891][T13641] ? inetdev_init+0x245/0x5a0 [ 404.430934][T13641] ? inetdev_event+0xc5f/0x18a0 [ 404.430974][T13641] ? notifier_call_chain+0xbc/0x410 [ 404.431013][T13641] ? copy_net_ns+0x2a6/0x5f0 [ 404.431054][T13641] ? create_new_namespaces+0x3ea/0xa90 [ 404.431085][T13641] ? unshare_nsproxy_namespaces+0xc0/0x1f0 [ 404.431119][T13641] ? ksys_unshare+0x45b/0xa40 [ 404.431259][T13641] ? __x64_sys_unshare+0x31/0x40 [ 404.431299][T13641] ? do_syscall_64+0xcd/0x490 [ 404.431337][T13641] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.431371][T13641] devinet_sysctl_register+0xb6/0x200 [ 404.431415][T13641] inetdev_init+0x2b8/0x5a0 [ 404.431457][T13641] inetdev_event+0xc5f/0x18a0 [ 404.431502][T13641] ? ib_netdevice_event+0xfc/0x330 [ 404.431549][T13641] ? __pfx_inetdev_event+0x10/0x10 [ 404.431600][T13641] ? cfg802154_netdev_notifier_call+0x391/0xa00 [ 404.431641][T13641] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 404.431688][T13641] notifier_call_chain+0xbc/0x410 [ 404.431725][T13641] ? __pfx_inetdev_event+0x10/0x10 [ 404.431772][T13641] call_netdevice_notifiers_info+0xbe/0x140 [ 404.431821][T13641] register_netdevice+0x182e/0x2270 [ 404.431866][T13641] ? __pfx_register_netdevice+0x10/0x10 [ 404.431914][T13641] __ip_tunnel_create+0x540/0x6e0 [ 404.431958][T13641] ? __pfx___ip_tunnel_create+0x10/0x10 [ 404.432005][T13641] ip_tunnel_init_net+0x22f/0x7d0 [ 404.432051][T13641] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 404.432099][T13641] ? trace_kmalloc+0x2b/0xd0 [ 404.432147][T13641] ? __kmalloc_noprof+0x242/0x510 [ 404.432179][T13641] ? lockdep_init_map_type+0x5c/0x280 [ 404.432222][T13641] ? __pfx_ipgre_init_net+0x10/0x10 [ 404.432257][T13641] ops_init+0x1df/0x5f0 [ 404.432296][T13641] setup_net+0x10f/0x380 [ 404.432334][T13641] ? lockdep_init_map_type+0x5c/0x280 [ 404.432375][T13641] ? __pfx_setup_net+0x10/0x10 [ 404.432414][T13641] ? debug_mutex_init+0x37/0x70 [ 404.432445][T13641] copy_net_ns+0x2a6/0x5f0 [ 404.432490][T13641] create_new_namespaces+0x3ea/0xa90 [ 404.432528][T13641] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 404.432564][T13641] ksys_unshare+0x45b/0xa40 [ 404.432604][T13641] ? __pfx_ksys_unshare+0x10/0x10 [ 404.432645][T13641] ? xfd_validate_state+0x61/0x180 [ 404.432694][T13641] __x64_sys_unshare+0x31/0x40 [ 404.432734][T13641] do_syscall_64+0xcd/0x490 [ 404.432774][T13641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.432804][T13641] RIP: 0033:0x7fad33b8ebe9 [ 404.432828][T13641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 404.432857][T13641] RSP: 002b:00007fad34a80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 404.432888][T13641] RAX: ffffffffffffffda RBX: 00007fad33db5fa0 RCX: 00007fad33b8ebe9 [ 404.432909][T13641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 404.432928][T13641] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 404.432946][T13641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 404.432964][T13641] R13: 00007fad33db6038 R14: 00007fad33db5fa0 R15: 00007ffdf8bd3588 [ 404.432993][T13641] [ 405.197241][T13649] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2518'. [ 406.722849][ T5185] Bluetooth: hci1: unexpected event 0x36 length: 123 > 7 [ 409.270751][ T5185] Bluetooth: hci1: Malformed Event: 0x02 [ 410.223469][ T30] audit: type=1804 audit(6050340742.833:15): pid=13734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.2544" name="/newroot/124/file0" dev="tmpfs" ino=672 res=1 errno=0 [ 413.247446][T13777] netlink: 25 bytes leftover after parsing attributes in process `syz.7.2557'. [ 413.399873][T13784] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2559'. [ 415.041346][T13819] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2568'. [ 415.068077][T13819] netlink: 25 bytes leftover after parsing attributes in process `syz.7.2568'. [ 415.741602][ T5861] Bluetooth: hci1: command 0x0406 tx timeout [ 416.535628][T13849] FAULT_INJECTION: forcing a failure. [ 416.535628][T13849] name failslab, interval 1, probability 0, space 0, times 0 [ 416.565123][T13849] CPU: 1 UID: 0 PID: 13849 Comm: syz.7.2577 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 416.565178][T13849] Tainted: [U]=USER [ 416.565190][T13849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 416.565209][T13849] Call Trace: [ 416.565219][T13849] [ 416.565231][T13849] dump_stack_lvl+0x16c/0x1f0 [ 416.565273][T13849] should_fail_ex+0x512/0x640 [ 416.565319][T13849] should_failslab+0xc2/0x120 [ 416.565358][T13849] __kmalloc_cache_noprof+0x6a/0x3e0 [ 416.565391][T13849] ? apply_subsystem_event_filter+0x460/0x17e0 [ 416.565434][T13849] ? kasan_save_track+0x14/0x30 [ 416.565471][T13849] apply_subsystem_event_filter+0x460/0x17e0 [ 416.565516][T13849] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 416.565559][T13849] ? _copy_from_user+0x59/0xd0 [ 416.565608][T13849] subsystem_filter_write+0x95/0x120 [ 416.565648][T13849] ? __pfx_subsystem_filter_write+0x10/0x10 [ 416.565686][T13849] vfs_write+0x29d/0x11d0 [ 416.565723][T13849] ? __pfx___mutex_lock+0x10/0x10 [ 416.565763][T13849] ? __pfx_vfs_write+0x10/0x10 [ 416.565797][T13849] ? __fget_files+0x204/0x3c0 [ 416.565828][T13849] ? rcu_is_watching+0x12/0xc0 [ 416.565863][T13849] ? __fget_files+0x20e/0x3c0 [ 416.565900][T13849] ksys_write+0x12a/0x250 [ 416.565936][T13849] ? __pfx_ksys_write+0x10/0x10 [ 416.565976][T13849] do_syscall_64+0xcd/0x490 [ 416.566018][T13849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.566050][T13849] RIP: 0033:0x7fad33b8ebe9 [ 416.566074][T13849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 416.566121][T13849] RSP: 002b:00007fad34a5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 416.566152][T13849] RAX: ffffffffffffffda RBX: 00007fad33db6090 RCX: 00007fad33b8ebe9 [ 416.566174][T13849] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 416.566194][T13849] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 416.566213][T13849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 416.566232][T13849] R13: 00007fad33db6128 R14: 00007fad33db6090 R15: 00007ffdf8bd3588 [ 416.566261][T13849] [ 417.380828][T13861] netlink: 342 bytes leftover after parsing attributes in process `syz.8.2582'. [ 417.437117][T13861] netlink: 274 bytes leftover after parsing attributes in process `syz.8.2582'. [ 417.580345][T13867] FAULT_INJECTION: forcing a failure. [ 417.580345][T13867] name failslab, interval 1, probability 0, space 0, times 0 [ 417.630270][T13867] CPU: 1 UID: 0 PID: 13867 Comm: syz.8.2584 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 417.630328][T13867] Tainted: [U]=USER [ 417.630339][T13867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 417.630357][T13867] Call Trace: [ 417.630367][T13867] [ 417.630378][T13867] dump_stack_lvl+0x16c/0x1f0 [ 417.630419][T13867] should_fail_ex+0x512/0x640 [ 417.630462][T13867] should_failslab+0xc2/0x120 [ 417.630502][T13867] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 417.630538][T13867] ? __asan_memcpy+0x3c/0x60 [ 417.630566][T13867] ? __kernfs_new_node+0xd2/0x8e0 [ 417.630606][T13867] __kernfs_new_node+0xd2/0x8e0 [ 417.630642][T13867] ? __kernel_text_address+0xd/0x40 [ 417.630673][T13867] ? __pfx___kernfs_new_node+0x10/0x10 [ 417.630714][T13867] ? rcu_is_watching+0x12/0xc0 [ 417.630744][T13867] ? kernfs_root+0xee/0x2a0 [ 417.630777][T13867] ? rcu_is_watching+0x12/0xc0 [ 417.630807][T13867] ? lock_release+0x201/0x2f0 [ 417.630846][T13867] kernfs_new_node+0x13c/0x1e0 [ 417.630889][T13867] kernfs_create_dir_ns+0x4c/0x1a0 [ 417.630934][T13867] sysfs_create_dir_ns+0x13a/0x2b0 [ 417.630970][T13867] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 417.631006][T13867] ? kobject_add_internal+0x25b/0x9b0 [ 417.631048][T13867] ? lock_release+0x201/0x2f0 [ 417.631095][T13867] ? class_dir_child_ns_type+0xd/0x60 [ 417.631143][T13867] kobject_add_internal+0x2c4/0x9b0 [ 417.631188][T13867] kobject_add+0x16e/0x240 [ 417.631231][T13867] ? __pfx_kobject_add+0x10/0x10 [ 417.631274][T13867] ? lock_release+0x201/0x2f0 [ 417.631307][T13867] ? kobject_put+0xab/0x5a0 [ 417.631344][T13867] device_add+0x288/0x1aa0 [ 417.631371][T13867] ? rcu_is_watching+0x12/0xc0 [ 417.631401][T13867] ? __pfx_device_add+0x10/0x10 [ 417.631433][T13867] device_create_groups_vargs+0x1f8/0x270 [ 417.631466][T13867] device_create+0xed/0x130 [ 417.631492][T13867] ? __pfx_device_create+0x10/0x10 [ 417.631519][T13867] ? do_init_timer+0xc9/0x110 [ 417.631549][T13867] ? ieee80211_roc_setup+0x136/0x270 [ 417.631579][T13867] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 417.631615][T13867] mac80211_hwsim_new_radio+0x369/0x54d0 [ 417.631653][T13867] ? __asan_memset+0x23/0x50 [ 417.631684][T13867] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 417.631719][T13867] hwsim_new_radio_nl+0xb51/0x12c0 [ 417.631747][T13867] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 417.631782][T13867] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 417.631826][T13867] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 417.631876][T13867] genl_family_rcv_msg_doit+0x206/0x2f0 [ 417.631919][T13867] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 417.631966][T13867] ? bpf_lsm_capable+0x9/0x10 [ 417.631993][T13867] ? security_capable+0x7e/0x260 [ 417.632023][T13867] ? ns_capable+0xd7/0x110 [ 417.632054][T13867] genl_rcv_msg+0x55c/0x800 [ 417.632114][T13867] ? __pfx_genl_rcv_msg+0x10/0x10 [ 417.632158][T13867] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 417.632193][T13867] netlink_rcv_skb+0x155/0x420 [ 417.632232][T13867] ? __pfx_genl_rcv_msg+0x10/0x10 [ 417.632276][T13867] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 417.632332][T13867] ? netlink_deliver_tap+0x1ae/0xd30 [ 417.632369][T13867] genl_rcv+0x28/0x40 [ 417.632406][T13867] netlink_unicast+0x5aa/0x870 [ 417.632446][T13867] ? __pfx_netlink_unicast+0x10/0x10 [ 417.632485][T13867] ? __pfx___might_resched+0x10/0x10 [ 417.632520][T13867] netlink_sendmsg+0x8d1/0xdd0 [ 417.632561][T13867] ? __pfx_netlink_sendmsg+0x10/0x10 [ 417.632603][T13867] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 417.632636][T13867] ____sys_sendmsg+0xa95/0xc70 [ 417.632684][T13867] ? copy_msghdr_from_user+0x10a/0x160 [ 417.632722][T13867] ? __pfx_____sys_sendmsg+0x10/0x10 [ 417.632772][T13867] ? __pfx_futex_wake_mark+0x10/0x10 [ 417.632817][T13867] ___sys_sendmsg+0x134/0x1d0 [ 417.632855][T13867] ? __pfx____sys_sendmsg+0x10/0x10 [ 417.632892][T13867] ? futex_private_hash_put+0x11c/0x300 [ 417.632932][T13867] ? rcu_is_watching+0x12/0xc0 [ 417.632973][T13867] __sys_sendmsg+0x16d/0x220 [ 417.633010][T13867] ? __pfx___sys_sendmsg+0x10/0x10 [ 417.633047][T13867] ? __x64_sys_futex+0x1e0/0x4c0 [ 417.633105][T13867] do_syscall_64+0xcd/0x490 [ 417.633147][T13867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.633177][T13867] RIP: 0033:0x7fc94e58ebe9 [ 417.633200][T13867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.633229][T13867] RSP: 002b:00007fc94f32a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 417.633258][T13867] RAX: ffffffffffffffda RBX: 00007fc94e7b5fa0 RCX: 00007fc94e58ebe9 [ 417.633278][T13867] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006 [ 417.633297][T13867] RBP: 00007fc94e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 417.633315][T13867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.633333][T13867] R13: 00007fc94e7b6038 R14: 00007fc94e7b5fa0 R15: 00007ffc476155e8 [ 417.633359][T13867] [ 418.180901][T13867] kobject: kobject_add_internal failed for hwsim31 (error: -12 parent: mac80211_hwsim) [ 418.661577][T13881] netlink: 25 bytes leftover after parsing attributes in process `syz.8.2588'. [ 419.011583][T13891] netlink: 46 bytes leftover after parsing attributes in process `syz.8.2591'. [ 419.998134][T13926] netlink: 354 bytes leftover after parsing attributes in process `syz.6.2600'. [ 421.037818][T13943] netlink: 186 bytes leftover after parsing attributes in process `syz.8.2608'. [ 421.085492][T13943] netlink: 186 bytes leftover after parsing attributes in process `syz.8.2608'. [ 421.558318][T13965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2615'. [ 421.575379][T13965] netlink: 'syz.1.2615': attribute type 1 has an invalid length. [ 421.585405][T13965] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2615'. [ 422.175582][T13972] FAULT_INJECTION: forcing a failure. [ 422.175582][T13972] name failslab, interval 1, probability 0, space 0, times 0 [ 422.198184][T13972] CPU: 0 UID: 0 PID: 13972 Comm: syz.6.2625 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 422.198240][T13972] Tainted: [U]=USER [ 422.198250][T13972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 422.198269][T13972] Call Trace: [ 422.198288][T13972] [ 422.198300][T13972] dump_stack_lvl+0x16c/0x1f0 [ 422.198343][T13972] should_fail_ex+0x512/0x640 [ 422.198389][T13972] should_failslab+0xc2/0x120 [ 422.198429][T13972] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 422.198468][T13972] ? copy_process+0x4b6/0x7690 [ 422.198509][T13972] copy_process+0x4b6/0x7690 [ 422.198554][T13972] ? __pfx_copy_process+0x10/0x10 [ 422.198594][T13972] ? lockdep_init_map_type+0x5c/0x280 [ 422.198637][T13972] ? __raw_spin_lock_init+0x3a/0x110 [ 422.198683][T13972] ? lockdep_init_map_type+0x5c/0x280 [ 422.198724][T13972] ? __pfx_vhost_worker_killed+0x10/0x10 [ 422.198763][T13972] ? __pfx_vhost_run_work_list+0x10/0x10 [ 422.198802][T13972] vhost_task_create+0x1d2/0x2e0 [ 422.198845][T13972] ? __pfx_vhost_task_create+0x10/0x10 [ 422.198888][T13972] ? vsnprintf+0x318/0x1160 [ 422.198926][T13972] ? __pfx_vhost_task_fn+0x10/0x10 [ 422.198973][T13972] ? snprintf+0xc7/0x100 [ 422.199009][T13972] vhost_task_worker_create+0x8d/0x200 [ 422.199050][T13972] ? __pfx_vhost_task_worker_create+0x10/0x10 [ 422.199091][T13972] ? lockdep_init_map_type+0x5c/0x280 [ 422.199132][T13972] ? __raw_spin_lock_init+0x3a/0x110 [ 422.199177][T13972] ? lockdep_init_map_type+0x5c/0x280 [ 422.199220][T13972] vhost_worker_create+0x243/0x310 [ 422.199257][T13972] ? rcu_is_watching+0x12/0xc0 [ 422.199295][T13972] ? __pfx_vhost_worker_create+0x10/0x10 [ 422.199331][T13972] ? __kmalloc_noprof+0x242/0x510 [ 422.199369][T13972] vhost_dev_set_owner+0x742/0xa50 [ 422.199419][T13972] vhost_dev_ioctl+0x2eb/0xe20 [ 422.199465][T13972] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 422.199511][T13972] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 422.199564][T13972] vhost_vsock_dev_ioctl+0x3a5/0xb30 [ 422.199607][T13972] ? __fget_files+0x204/0x3c0 [ 422.199637][T13972] ? hook_file_ioctl_common+0x145/0x410 [ 422.199678][T13972] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 422.199721][T13972] ? __fget_files+0x20e/0x3c0 [ 422.199754][T13972] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 422.199799][T13972] __x64_sys_ioctl+0x18e/0x210 [ 422.199847][T13972] do_syscall_64+0xcd/0x490 [ 422.199886][T13972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.199917][T13972] RIP: 0033:0x7f238d38ebe9 [ 422.199942][T13972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.199972][T13972] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 422.200002][T13972] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 422.200022][T13972] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000004 [ 422.200039][T13972] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 422.200057][T13972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.200075][T13972] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 422.200104][T13972] [ 423.719080][T14010] Dead loop on virtual device ip6_vti0, fix it urgently! [ 423.730369][T14010] Dead loop on virtual device ip6_vti0, fix it urgently! [ 423.747956][T14010] Dead loop on virtual device ip6_vti0, fix it urgently! [ 423.768187][T14010] Dead loop on virtual device ip6_vti0, fix it urgently! [ 423.796355][T14010] Dead loop on virtual device ip6_vti0, fix it urgently! [ 423.817695][T14010] Dead loop on virtual device ip6_vti0, fix it urgently! [ 424.244915][T14023] netlink: 186 bytes leftover after parsing attributes in process `syz.7.2632'. [ 424.269085][T14023] netlink: 186 bytes leftover after parsing attributes in process `syz.7.2632'. [ 424.745373][T14036] FAULT_INJECTION: forcing a failure. [ 424.745373][T14036] name failslab, interval 1, probability 0, space 0, times 0 [ 424.776466][T14036] CPU: 1 UID: 0 PID: 14036 Comm: syz.6.2637 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 424.776518][T14036] Tainted: [U]=USER [ 424.776529][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 424.776546][T14036] Call Trace: [ 424.776556][T14036] [ 424.776566][T14036] dump_stack_lvl+0x16c/0x1f0 [ 424.776608][T14036] should_fail_ex+0x512/0x640 [ 424.776648][T14036] should_failslab+0xc2/0x120 [ 424.776683][T14036] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 424.776715][T14036] ? rcu_is_watching+0x12/0xc0 [ 424.776745][T14036] ? prepare_creds+0x2c/0x7d0 [ 424.776788][T14036] prepare_creds+0x2c/0x7d0 [ 424.776831][T14036] copy_creds+0xa7/0xa50 [ 424.776875][T14036] copy_process+0xff6/0x7690 [ 424.776910][T14036] ? __pfx___futex_wait+0x10/0x10 [ 424.776956][T14036] ? __pfx_copy_process+0x10/0x10 [ 424.776989][T14036] ? lock_release+0x201/0x2f0 [ 424.777025][T14036] ? futex_private_hash_put+0x11c/0x300 [ 424.777061][T14036] kernel_clone+0xfc/0x930 [ 424.777098][T14036] ? __pfx_kernel_clone+0x10/0x10 [ 424.777145][T14036] __do_sys_clone+0xce/0x120 [ 424.777180][T14036] ? __pfx___do_sys_clone+0x10/0x10 [ 424.777224][T14036] ? xfd_validate_state+0x61/0x180 [ 424.777280][T14036] do_syscall_64+0xcd/0x490 [ 424.777318][T14036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.777348][T14036] RIP: 0033:0x7f238d38ebe9 [ 424.777370][T14036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 424.777399][T14036] RSP: 002b:00007f238e28dfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 424.777428][T14036] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 424.777448][T14036] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 424.777464][T14036] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 424.777482][T14036] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 424.777499][T14036] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 424.777526][T14036] [ 425.157731][T14043] overlayfs: missing 'lowerdir' [ 426.617070][T14068] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2645'. [ 426.629284][T14068] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2645'. [ 426.774210][T14074] netlink: 'syz.6.2649': attribute type 5 has an invalid length. [ 426.803141][T14074] netlink: 'syz.6.2649': attribute type 1 has an invalid length. [ 426.814308][T14074] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2649'. [ 426.855095][T14074] netlink: 'syz.6.2649': attribute type 5 has an invalid length. [ 426.863302][T14074] netlink: 'syz.6.2649': attribute type 1 has an invalid length. [ 426.893474][T14074] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2649'. [ 427.840072][T14093] FAULT_INJECTION: forcing a failure. [ 427.840072][T14093] name failslab, interval 1, probability 0, space 0, times 0 [ 427.853467][T14093] CPU: 0 UID: 0 PID: 14093 Comm: syz.1.2654 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 427.853523][T14093] Tainted: [U]=USER [ 427.853535][T14093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 427.853555][T14093] Call Trace: [ 427.853565][T14093] [ 427.853577][T14093] dump_stack_lvl+0x16c/0x1f0 [ 427.853621][T14093] should_fail_ex+0x512/0x640 [ 427.853668][T14093] should_failslab+0xc2/0x120 [ 427.853709][T14093] __kmalloc_cache_noprof+0x6a/0x3e0 [ 427.853743][T14093] ? shrinker_alloc+0xf5/0xbf0 [ 427.853784][T14093] shrinker_alloc+0xf5/0xbf0 [ 427.853820][T14093] ? pcpu_alloc_noprof+0x7d6/0x1470 [ 427.853854][T14093] ? rcu_is_watching+0x12/0xc0 [ 427.853887][T14093] ? rcu_is_watching+0x12/0xc0 [ 427.853918][T14093] ? pcpu_memcg_post_alloc_hook+0x1e/0x690 [ 427.853958][T14093] ? __pfx_shrinker_alloc+0x10/0x10 [ 427.853999][T14093] ? lockdep_init_map_type+0x5c/0x280 [ 427.854040][T14093] ? lockdep_init_map_type+0x5c/0x280 [ 427.854100][T14093] ? __raw_spin_lock_init+0x3a/0x110 [ 427.854146][T14093] ? __init_rwsem+0x12d/0x1b0 [ 427.854193][T14093] alloc_super+0x7c8/0xbd0 [ 427.854231][T14093] sget_fc+0x116/0xc20 [ 427.854264][T14093] ? __pfx_set_anon_super_fc+0x10/0x10 [ 427.854296][T14093] ? __pfx_mqueue_fill_super+0x10/0x10 [ 427.854324][T14093] get_tree_nodev+0x28/0x190 [ 427.854359][T14093] mqueue_get_tree+0xf1/0x130 [ 427.854388][T14093] vfs_get_tree+0x8b/0x340 [ 427.854416][T14093] fc_mount_longterm+0x18/0x160 [ 427.854464][T14093] mq_init_ns+0x426/0x620 [ 427.854500][T14093] copy_ipcs+0x383/0x610 [ 427.854533][T14093] ? copy_utsname+0xab/0x470 [ 427.854576][T14093] create_new_namespaces+0x20a/0xa90 [ 427.854612][T14093] ? security_capable+0x7e/0x260 [ 427.854644][T14093] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 427.854681][T14093] ksys_unshare+0x45b/0xa40 [ 427.854723][T14093] ? __pfx_ksys_unshare+0x10/0x10 [ 427.854765][T14093] ? xfd_validate_state+0x61/0x180 [ 427.854814][T14093] __x64_sys_unshare+0x31/0x40 [ 427.854857][T14093] do_syscall_64+0xcd/0x490 [ 427.854896][T14093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.854928][T14093] RIP: 0033:0x7f94fcd8ebe9 [ 427.854954][T14093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.854985][T14093] RSP: 002b:00007f94fdbb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 427.855018][T14093] RAX: ffffffffffffffda RBX: 00007f94fcfb5fa0 RCX: 00007f94fcd8ebe9 [ 427.855041][T14093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 427.855068][T14093] RBP: 00007f94fce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 427.855088][T14093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 427.855105][T14093] R13: 00007f94fcfb6038 R14: 00007f94fcfb5fa0 R15: 00007fff6a9186b8 [ 427.855135][T14093] [ 428.826174][T14110] bond0: option xmit_hash_policy: invalid value (0x00060000) [ 429.004786][T14113] ALSA: mixer_oss: invalid OSS volume '' [ 429.267616][T14119] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2663'. [ 429.331396][T14119] bond_slave_1: entered allmulticast mode [ 429.555820][T14127] zswap: compressor not available [ 430.654597][T14150] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2672'. [ 430.851673][T14157] bond0: option xmit_hash_policy: invalid value (0x00060000) [ 431.022147][ T5861] Bluetooth: hci5: command 0x0406 tx timeout [ 431.247554][ T5185] Bluetooth: hci1: unexpected event 0x14 length: 16 > 6 [ 431.723289][T14183] netlink: 13 bytes leftover after parsing attributes in process `syz.6.2682'. [ 432.663575][T14203] FAULT_INJECTION: forcing a failure. [ 432.663575][T14203] name failslab, interval 1, probability 0, space 0, times 0 [ 432.703286][T14203] CPU: 1 UID: 0 PID: 14203 Comm: syz.7.2687 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 432.703338][T14203] Tainted: [U]=USER [ 432.703350][T14203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 432.703368][T14203] Call Trace: [ 432.703379][T14203] [ 432.703390][T14203] dump_stack_lvl+0x16c/0x1f0 [ 432.703434][T14203] should_fail_ex+0x512/0x640 [ 432.703480][T14203] should_failslab+0xc2/0x120 [ 432.703520][T14203] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 432.703557][T14203] ? security_inode_alloc+0x3b/0x2b0 [ 432.703595][T14203] security_inode_alloc+0x3b/0x2b0 [ 432.703629][T14203] inode_init_always_gfp+0xce4/0x1030 [ 432.703666][T14203] alloc_inode+0x86/0x240 [ 432.703707][T14203] new_inode+0x22/0x1c0 [ 432.703749][T14203] __debugfs_create_file+0x11c/0x6b0 [ 432.703785][T14203] debugfs_create_file_full+0x41/0x60 [ 432.703822][T14203] ref_tracker_dir_debugfs+0x19d/0x290 [ 432.703866][T14203] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 432.703925][T14203] ? lockdep_init_map_type+0x5c/0x280 [ 432.703970][T14203] preinit_net+0x296/0x8f0 [ 432.704009][T14203] copy_net_ns+0x1da/0x5f0 [ 432.704055][T14203] create_new_namespaces+0x3ea/0xa90 [ 432.704092][T14203] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 432.704129][T14203] ksys_unshare+0x45b/0xa40 [ 432.704169][T14203] ? __pfx_ksys_unshare+0x10/0x10 [ 432.704213][T14203] ? fput+0x9b/0xd0 [ 432.704265][T14203] __x64_sys_unshare+0x31/0x40 [ 432.704306][T14203] do_syscall_64+0xcd/0x490 [ 432.704347][T14203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.704380][T14203] RIP: 0033:0x7fad33b8ebe9 [ 432.704403][T14203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.704432][T14203] RSP: 002b:00007fad34a80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 432.704462][T14203] RAX: ffffffffffffffda RBX: 00007fad33db5fa0 RCX: 00007fad33b8ebe9 [ 432.704484][T14203] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 432.704503][T14203] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 432.704522][T14203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.704539][T14203] R13: 00007fad33db6038 R14: 00007fad33db5fa0 R15: 00007ffdf8bd3588 [ 432.704568][T14203] [ 432.704600][T14203] debugfs: out of free dentries, can not create file 'net_refcnt@ffff888056a949f0' [ 433.390185][T14214] FAULT_INJECTION: forcing a failure. [ 433.390185][T14214] name failslab, interval 1, probability 0, space 0, times 0 [ 433.429710][T14214] CPU: 0 UID: 0 PID: 14214 Comm: syz.6.2689 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 433.429764][T14214] Tainted: [U]=USER [ 433.429775][T14214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 433.429794][T14214] Call Trace: [ 433.429804][T14214] [ 433.429815][T14214] dump_stack_lvl+0x16c/0x1f0 [ 433.429856][T14214] should_fail_ex+0x512/0x640 [ 433.429899][T14214] should_failslab+0xc2/0x120 [ 433.429940][T14214] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 433.429986][T14214] ? security_file_alloc+0x34/0x2b0 [ 433.430028][T14214] security_file_alloc+0x34/0x2b0 [ 433.430067][T14214] init_file+0x93/0x4c0 [ 433.430109][T14214] alloc_empty_file+0x73/0x1e0 [ 433.430151][T14214] alloc_file_pseudo+0x13a/0x230 [ 433.430193][T14214] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 433.430234][T14214] ? __pfx_unix_socketpair+0x10/0x10 [ 433.430274][T14214] sock_alloc_file+0x50/0x210 [ 433.430317][T14214] __sys_socketpair+0x31c/0x5a0 [ 433.430349][T14214] ? __pfx___sys_socketpair+0x10/0x10 [ 433.430381][T14214] ? xfd_validate_state+0x61/0x180 [ 433.430423][T14214] ? do_execveat_common.isra.0+0x4c6/0x610 [ 433.430462][T14214] __x64_sys_socketpair+0x96/0x100 [ 433.430492][T14214] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 433.430539][T14214] do_syscall_64+0xcd/0x490 [ 433.430578][T14214] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.430608][T14214] RIP: 0033:0x7f238d38ebe9 [ 433.430631][T14214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.430661][T14214] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 433.430690][T14214] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 433.430710][T14214] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 433.430729][T14214] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 433.430747][T14214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 433.430765][T14214] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 433.430793][T14214] [ 433.964607][T14220] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2691'. [ 434.052864][T14226] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2692'. [ 434.085248][T14226] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2692'. [ 434.418271][ T5185] Bluetooth: hci1: unexpected event 0x3e length: 728 > 260 [ 434.418312][ T5185] Bluetooth: hci1: unexpected subevent 0x0c length: 727 > 5 [ 434.449546][T14236] FAULT_INJECTION: forcing a failure. [ 434.449546][T14236] name failslab, interval 1, probability 0, space 0, times 0 [ 434.496939][T14236] CPU: 1 UID: 0 PID: 14236 Comm: syz.6.2696 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 434.496986][T14236] Tainted: [U]=USER [ 434.496995][T14236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 434.497011][T14236] Call Trace: [ 434.497019][T14236] [ 434.497029][T14236] dump_stack_lvl+0x16c/0x1f0 [ 434.497062][T14236] should_fail_ex+0x512/0x640 [ 434.497097][T14236] ? tomoyo_encode2+0x100/0x3e0 [ 434.497129][T14236] should_failslab+0xc2/0x120 [ 434.497160][T14236] __kmalloc_noprof+0xd2/0x510 [ 434.497191][T14236] tomoyo_encode2+0x100/0x3e0 [ 434.497230][T14236] tomoyo_encode+0x29/0x50 [ 434.497268][T14236] tomoyo_realpath_from_path+0x18f/0x6e0 [ 434.497306][T14236] tomoyo_check_open_permission+0x2ab/0x3c0 [ 434.497334][T14236] ? security_file_alloc+0x34/0x2b0 [ 434.497366][T14236] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 434.497394][T14236] ? do_mq_open+0x4df/0x8c0 [ 434.497415][T14236] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.497450][T14236] ? rcu_is_watching+0x12/0xc0 [ 434.497476][T14236] ? lock_release+0x201/0x2f0 [ 434.497504][T14236] ? rcu_is_watching+0x12/0xc0 [ 434.497528][T14236] tomoyo_file_open+0x6b/0x90 [ 434.497549][T14236] security_file_open+0x84/0x1e0 [ 434.497580][T14236] do_dentry_open+0x596/0x1530 [ 434.497612][T14236] vfs_open+0x82/0x3f0 [ 434.497646][T14236] dentry_open+0x71/0xd0 [ 434.497679][T14236] do_mq_open+0x4df/0x8c0 [ 434.497701][T14236] ? __pfx_do_mq_open+0x10/0x10 [ 434.497725][T14236] __x64_sys_mq_open+0x155/0x1e0 [ 434.497749][T14236] ? __pfx___x64_sys_mq_open+0x10/0x10 [ 434.497779][T14236] do_syscall_64+0xcd/0x490 [ 434.497809][T14236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.497832][T14236] RIP: 0033:0x7f238d38ebe9 [ 434.497850][T14236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.497873][T14236] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0 [ 434.497896][T14236] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 434.497912][T14236] RDX: 0000000000000001 RSI: 00000000000060d6 RDI: 0000200000000280 [ 434.497927][T14236] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 434.497941][T14236] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000 [ 434.497956][T14236] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 434.497978][T14236] [ 434.498419][T14236] ERROR: Out of memory at tomoyo_realpath_from_path. [ 436.190858][T14263] FAULT_INJECTION: forcing a failure. [ 436.190858][T14263] name fail_futex, interval 1, probability 0, space 0, times 0 [ 436.215446][T14263] CPU: 1 UID: 0 PID: 14263 Comm: syz.6.2706 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 436.215499][T14263] Tainted: [U]=USER [ 436.215511][T14263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 436.215528][T14263] Call Trace: [ 436.215537][T14263] [ 436.215548][T14263] dump_stack_lvl+0x16c/0x1f0 [ 436.215586][T14263] should_fail_ex+0x512/0x640 [ 436.215625][T14263] get_futex_key+0x1d0/0x1560 [ 436.215659][T14263] ? __pfx_get_futex_key+0x10/0x10 [ 436.215687][T14263] ? rcu_is_watching+0x12/0xc0 [ 436.215715][T14263] ? lock_release+0x201/0x2f0 [ 436.215752][T14263] futex_wait_setup+0x9d/0x550 [ 436.215794][T14263] __futex_wait+0x194/0x2f0 [ 436.215833][T14263] ? __pfx___futex_wait+0x10/0x10 [ 436.215869][T14263] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 436.215911][T14263] ? __pfx_futex_wake_mark+0x10/0x10 [ 436.215951][T14263] ? lock_release+0x201/0x2f0 [ 436.216000][T14263] ? futex_private_hash_put+0x11c/0x300 [ 436.216032][T14263] futex_wait+0xe8/0x380 [ 436.216073][T14263] ? __pfx_futex_wait+0x10/0x10 [ 436.216117][T14263] ? ksys_write+0x190/0x250 [ 436.216150][T14263] ? rcu_is_watching+0x12/0xc0 [ 436.216177][T14263] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 436.216217][T14263] ? do_raw_spin_lock+0x12c/0x2b0 [ 436.216257][T14263] do_futex+0x229/0x350 [ 436.216288][T14263] ? __pfx_do_futex+0x10/0x10 [ 436.216320][T14263] ? _raw_spin_unlock_irq+0x2e/0x50 [ 436.216349][T14263] ? do_sigaltstack.constprop.0+0x547/0x800 [ 436.216389][T14263] __x64_sys_futex+0x1e0/0x4c0 [ 436.216425][T14263] ? __pfx___x64_sys_futex+0x10/0x10 [ 436.216467][T14263] do_syscall_64+0xcd/0x490 [ 436.216504][T14263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.216532][T14263] RIP: 0033:0x7f238d38ebe9 [ 436.216554][T14263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.216582][T14263] RSP: 002b:00007f238e28e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 436.216611][T14263] RAX: ffffffffffffffda RBX: 00007f238d5b5fa8 RCX: 00007f238d38ebe9 [ 436.216630][T14263] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f238d5b5fa8 [ 436.216647][T14263] RBP: 00007f238d5b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 436.216665][T14263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.216682][T14263] R13: 00007f238d5b6038 R14: 00007fff123550f0 R15: 00007fff123551d8 [ 436.216708][T14263] [ 436.650613][T14272] HfR: entered promiscuous mode [ 437.440555][T14281] zswap: compressor not available [ 439.610356][T14340] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2725'. [ 439.687056][T14335] netlink: 342 bytes leftover after parsing attributes in process `syz.8.2723'. [ 439.714402][T14335] netlink: 298 bytes leftover after parsing attributes in process `syz.8.2723'. [ 440.042767][T14352] binder: 14345:14352 ioctl c00c620f 200000000180 returned -22 [ 440.842025][T14360] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 441.171476][T14362] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 441.539113][T14369] netlink: 25 bytes leftover after parsing attributes in process `syz.8.2741'. [ 443.561267][T14410] netlink: 25 bytes leftover after parsing attributes in process `syz.7.2745'. [ 443.637444][T14409] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 443.659900][T14409] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 443.671156][T14409] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 443.681031][T14409] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 443.688356][T14409] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 443.698824][T14409] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 443.709452][T14409] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 443.717144][T14409] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 443.725580][T14409] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 443.733932][T14409] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 443.743424][T14409] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 443.759575][T14409] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 444.236342][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.242762][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.352887][T14422] netlink: 186 bytes leftover after parsing attributes in process `syz.8.2749'. [ 444.521202][T14429] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2751'. [ 444.547162][T14429] netlink: 314 bytes leftover after parsing attributes in process `syz.1.2751'. [ 444.617272][T14431] netlink: 'syz.1.2752': attribute type 2 has an invalid length. [ 444.629604][T14431] netlink: 'syz.1.2752': attribute type 2 has an invalid length. [ 445.306805][T14445] FAULT_INJECTION: forcing a failure. [ 445.306805][T14445] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 445.367867][T14445] CPU: 0 UID: 0 PID: 14445 Comm: syz.6.2757 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 445.367930][T14445] Tainted: [U]=USER [ 445.367942][T14445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 445.367959][T14445] Call Trace: [ 445.367981][T14445] [ 445.367993][T14445] dump_stack_lvl+0x16c/0x1f0 [ 445.368033][T14445] should_fail_ex+0x512/0x640 [ 445.368072][T14445] should_fail_alloc_page+0xe7/0x130 [ 445.368107][T14445] prepare_alloc_pages+0x3c2/0x610 [ 445.368133][T14445] ? rcu_is_watching+0x12/0xc0 [ 445.368153][T14445] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 445.368175][T14445] ? rcu_is_watching+0x12/0xc0 [ 445.368193][T14445] ? trace_kmem_cache_alloc+0x28/0xc0 [ 445.368222][T14445] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 445.368244][T14445] ? xas_alloc+0x34f/0x460 [ 445.368267][T14445] ? xas_alloc+0x27c/0x460 [ 445.368287][T14445] ? css_rstat_updated+0x1c2/0x510 [ 445.368306][T14445] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 445.368327][T14445] ? do_raw_spin_lock+0x12c/0x2b0 [ 445.368354][T14445] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 445.368381][T14445] ? do_raw_spin_unlock+0x172/0x230 [ 445.368407][T14445] ? _raw_spin_unlock+0x28/0x50 [ 445.368425][T14445] ? __dquot_alloc_space+0x520/0xe20 [ 445.368448][T14445] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 445.368474][T14445] ? policy_nodemask+0xea/0x4e0 [ 445.368497][T14445] alloc_pages_mpol+0x1fb/0x550 [ 445.368519][T14445] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 445.368541][T14445] ? __folio_batch_add_and_move+0x602/0xc90 [ 445.368564][T14445] ? rcu_is_watching+0x12/0xc0 [ 445.368581][T14445] ? lock_release+0x201/0x2f0 [ 445.368603][T14445] folio_alloc_mpol_noprof+0x36/0x2f0 [ 445.368630][T14445] shmem_alloc_folio+0x135/0x160 [ 445.368658][T14445] shmem_alloc_and_add_folio+0x499/0xc20 [ 445.368679][T14445] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 445.368699][T14445] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 445.368721][T14445] shmem_get_folio_gfp+0x67f/0x1600 [ 445.368742][T14445] ? rcu_is_watching+0x12/0xc0 [ 445.368759][T14445] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 445.368780][T14445] ? filemap_map_pages+0xf58/0x1670 [ 445.368807][T14445] shmem_fault+0x1fe/0xa30 [ 445.368828][T14445] ? __pfx_shmem_fault+0x10/0x10 [ 445.368848][T14445] ? __pfx_filemap_map_pages+0x10/0x10 [ 445.368871][T14445] ? __pfx_filemap_map_pages+0x10/0x10 [ 445.368892][T14445] __do_fault+0x10d/0x490 [ 445.368913][T14445] ? __pfx_filemap_map_pages+0x10/0x10 [ 445.368933][T14445] do_pte_missing+0xf50/0x3ba0 [ 445.368951][T14445] ? __handle_mm_fault+0x14fd/0x2a50 [ 445.368975][T14445] ? rcu_is_watching+0x12/0xc0 [ 445.368993][T14445] ? lock_release+0x201/0x2f0 [ 445.369020][T14445] __handle_mm_fault+0x152a/0x2a50 [ 445.369039][T14445] ? mt_find+0x3ef/0xa30 [ 445.369063][T14445] ? __pfx___handle_mm_fault+0x10/0x10 [ 445.369086][T14445] ? __pfx_mt_find+0x10/0x10 [ 445.369127][T14445] ? find_vma+0xbf/0x140 [ 445.369160][T14445] ? __pfx_find_vma+0x10/0x10 [ 445.369194][T14445] handle_mm_fault+0x589/0xd10 [ 445.369212][T14445] ? __bpf_trace_exceptions+0x1/0x40 [ 445.369240][T14445] do_user_addr_fault+0x7a6/0x1370 [ 445.369268][T14445] ? rcu_is_watching+0x12/0xc0 [ 445.369286][T14445] exc_page_fault+0x5c/0xb0 [ 445.369307][T14445] asm_exc_page_fault+0x26/0x30 [ 445.369324][T14445] RIP: 0010:__get_user_1+0x14/0x30 [ 445.369344][T14445] Code: 42 1c 04 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <0f> b6 10 31 c0 0f 01 ca e9 0f 1c 04 00 66 66 2e 0f 1f 84 00 00 00 [ 445.369362][T14445] RSP: 0018:ffffc90003647c00 EFLAGS: 00050287 [ 445.369378][T14445] RAX: 0000000000004000 RBX: 0000000000004000 RCX: 000000000000fdef [ 445.369390][T14445] RDX: 00007ffffffff000 RSI: ffffffff84955e21 RDI: 0000000000000000 [ 445.369401][T14445] RBP: ffff888058bd0800 R08: 0000000000000001 R09: 0000000000000000 [ 445.369411][T14445] R10: 0000000000000000 R11: 0000000000000001 R12: 000000000000bdef [ 445.369422][T14445] R13: 0000000000003e40 R14: ffffed100b17a161 R15: 0000000000003fff [ 445.369436][T14445] ? tomoyo_write_control+0x321/0x1430 [ 445.369454][T14445] tomoyo_write_control+0x336/0x1430 [ 445.369475][T14445] ? __pfx_tomoyo_write_control+0x10/0x10 [ 445.369491][T14445] ? lock_acquire+0x2cd/0x350 [ 445.369513][T14445] ? __pfx___might_resched+0x10/0x10 [ 445.369532][T14445] ? __pfx_tomoyo_write+0x10/0x10 [ 445.369556][T14445] vfs_write+0x29d/0x11d0 [ 445.369578][T14445] ? __pfx___mutex_lock+0x10/0x10 [ 445.369601][T14445] ? __pfx_vfs_write+0x10/0x10 [ 445.369620][T14445] ? __fget_files+0x204/0x3c0 [ 445.369638][T14445] ? rcu_is_watching+0x12/0xc0 [ 445.369657][T14445] ? __fget_files+0x20e/0x3c0 [ 445.369678][T14445] ksys_write+0x12a/0x250 [ 445.369698][T14445] ? __pfx_ksys_write+0x10/0x10 [ 445.369721][T14445] do_syscall_64+0xcd/0x490 [ 445.369744][T14445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.369762][T14445] RIP: 0033:0x7f238d38ebe9 [ 445.369775][T14445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.369793][T14445] RSP: 002b:00007f238e28e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 445.369810][T14445] RAX: ffffffffffffffda RBX: 00007f238d5b5fa0 RCX: 00007f238d38ebe9 [ 445.369822][T14445] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 445.369833][T14445] RBP: 00007f238d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 445.369845][T14445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 445.369856][T14445] R13: 00007f238d5b6038 R14: 00007f238d5b5fa0 R15: 00007fff123551d8 [ 445.369872][T14445] [ 445.986862][ T5185] Bluetooth: hci3: command 0x0c1a tx timeout [ 445.988894][ T5861] Bluetooth: hci2: command 0x0c1a tx timeout [ 445.992988][ T5185] Bluetooth: hci0: command 0x0c1a tx timeout [ 445.999077][ T5861] Bluetooth: hci6: command 0x0c1a tx timeout [ 446.008001][ T5185] Bluetooth: hci5: command 0x0406 tx timeout [ 446.011281][ T5861] Bluetooth: hci1: command 0x0406 tx timeout [ 446.023377][ T5861] Bluetooth: hci4: command 0x0c1a tx timeout [ 446.207092][T14450] netlink: 'syz.8.2758': attribute type 16 has an invalid length. [ 446.245441][T14450] netlink: 226 bytes leftover after parsing attributes in process `syz.8.2758'. [ 446.290903][T14450] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2758'. [ 446.314828][T14452] netlink: 330 bytes leftover after parsing attributes in process `syz.6.2759'. [ 446.512842][T14454] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2760'. [ 447.006919][T14470] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2765'. [ 448.053599][T14447] Bluetooth: hci1: command 0x0406 tx timeout [ 448.059755][ T51] Bluetooth: hci6: command 0x0c1a tx timeout [ 448.066223][ T5185] Bluetooth: hci5: command 0x0406 tx timeout [ 448.375075][T14502] sctp: [Deprecated]: syz.6.2775 (pid 14502) Use of struct sctp_assoc_value in delayed_ack socket option. [ 448.375075][T14502] Use struct sctp_sack_info instead [ 448.382730][T14507] netlink: 342 bytes leftover after parsing attributes in process `syz.8.2776'. [ 448.411569][T14506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2777'. [ 448.483692][T14507] netlink: 294 bytes leftover after parsing attributes in process `syz.8.2776'. [ 449.695978][T14530] netlink: 252 bytes leftover after parsing attributes in process `syz.6.2786'. [ 449.707605][T14530] netlink: 252 bytes leftover after parsing attributes in process `syz.6.2786'. [ 449.921813][T14535] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 449.979330][T14535] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 450.054887][T14535] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 450.098107][T14535] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 450.122872][T14447] Bluetooth: hci1: command 0x0406 tx timeout [ 450.131424][T14447] Bluetooth: hci6: command 0x0c1a tx timeout [ 450.995779][T14553] sp0: Synchronizing with TNC [ 451.404196][T14565] blktrace: Concurrent blktraces are not allowed on ram4 [ 451.417886][T14565] __nla_validate_parse: 3 callbacks suppressed [ 451.417911][T14565] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2799'. [ 451.437283][T14568] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2800'. [ 451.437672][T14565] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 451.454721][T14568] netlink: 354 bytes leftover after parsing attributes in process `syz.7.2800'. [ 451.471866][T14565] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 451.490387][T14565] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 451.504834][T14565] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 451.539864][T14571] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2801'. [ 451.830194][T14576] zswap: compressor 000 not available [ 451.900831][ C1] sd 0:0:1:0: [sda] tag#7891 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 451.911341][ C1] sd 0:0:1:0: [sda] tag#7891 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 454.422603][ T31] INFO: task syz-executor:7988 blocked for more than 163 seconds. [ 454.435035][ T31] Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 454.480973][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 454.531326][ T31] task:syz-executor state:D stack:24248 pid:7988 tgid:7988 ppid:1 task_flags:0x400140 flags:0x00004004 [ 454.579450][ T31] Call Trace: [ 454.610040][ T31] [ 454.613103][ T31] __schedule+0x1190/0x5de0 [ 454.617891][ T31] ? stack_trace_save+0x8e/0xc0 [ 454.638073][ T31] ? stack_depot_save_flags+0x29/0x9c0 [ 454.661027][ T31] ? __pfx___schedule+0x10/0x10 [ 454.676483][ T31] ? kasan_save_stack+0x33/0x60 [ 454.686551][ T31] ? kasan_record_aux_stack+0xa7/0xc0 [ 454.706708][ T31] ? __call_rcu_common.constprop.0+0xa5/0xa10 [ 454.727961][ T31] ? deactivate_locked_super+0x94/0x1a0 [ 454.741136][ T31] ? schedule+0x2d7/0x3a0 [ 454.745990][ T31] ? rcu_is_watching+0x12/0xc0 [ 454.771231][ T31] ? lock_release+0x201/0x2f0 [ 454.776066][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 454.794186][ T31] schedule+0xe7/0x3a0 [ 454.808280][ T31] schedule_preempt_disabled+0x13/0x30 [ 454.828378][ T31] __mutex_lock+0x82a/0x10b0 [ 454.833187][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 454.857975][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 454.865630][ T31] ? net_generic+0xea/0x2a0 [ 454.883352][ T31] ? rcu_is_watching+0x12/0xc0 [ 454.892844][ T31] ? lock_release+0x201/0x2f0 [ 454.900401][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 454.905790][ T31] nfsd_shutdown_threads+0x5b/0xf0 [ 454.921557][ T31] nfsd_umount+0x48/0xe0 [ 454.926171][ T31] deactivate_locked_super+0xc1/0x1a0 [ 454.942016][ T31] deactivate_super+0xde/0x100 [ 454.947443][ T31] cleanup_mnt+0x225/0x450 [ 454.955464][ T31] task_work_run+0x150/0x240 [ 454.965231][ T31] ? __pfx_task_work_run+0x10/0x10 [ 454.972712][ T31] ? __pfx___x64_sys_umount+0x10/0x10 [ 454.981014][ T31] exit_to_user_mode_loop+0xeb/0x110 [ 454.986653][ T31] do_syscall_64+0x3f6/0x490 [ 454.998266][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.004477][ T31] RIP: 0033:0x7f83c198ff17 [ 455.014564][ T31] RSP: 002b:00007fff639c24c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 455.024351][ T31] RAX: 0000000000000000 RBX: 00007f83c1a11c05 RCX: 00007f83c198ff17 [ 455.038803][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff639c3610 [ 455.071980][ T31] RBP: 00007fff639c35fc R08: 0000000000000000 R09: 0000000000000000 [ 455.080219][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff639c3610 [ 455.096745][ T31] R13: 00007f83c1a11c05 R14: 00000000000475e8 R15: 00007fff639c3650 [ 455.105216][ T31] [ 455.116736][ T31] INFO: lockdep is turned off. [ 455.121593][ T31] NMI backtrace for cpu 0 [ 455.121620][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 455.121666][ T31] Tainted: [U]=USER [ 455.121677][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 455.121694][ T31] Call Trace: [ 455.121704][ T31] [ 455.121715][ T31] dump_stack_lvl+0x116/0x1f0 [ 455.121758][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 455.121784][ T31] ? watchdog+0xd17/0x1260 [ 455.121825][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 455.121868][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 455.121899][ T31] watchdog+0xf0e/0x1260 [ 455.121943][ T31] ? __pfx_watchdog+0x10/0x10 [ 455.121983][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 455.122019][ T31] ? __kthread_parkme+0x19e/0x250 [ 455.122055][ T31] ? __pfx_watchdog+0x10/0x10 [ 455.122104][ T31] kthread+0x3c2/0x780 [ 455.122145][ T31] ? __pfx_kthread+0x10/0x10 [ 455.122187][ T31] ? rcu_is_watching+0x12/0xc0 [ 455.122216][ T31] ? __pfx_kthread+0x10/0x10 [ 455.122258][ T31] ret_from_fork+0x5d4/0x6f0 [ 455.122301][ T31] ? __pfx_kthread+0x10/0x10 [ 455.122343][ T31] ret_from_fork_asm+0x1a/0x30 [ 455.122387][ T31] [ 455.122399][ T31] Sending NMI from CPU 0 to CPUs 1: [ 455.253597][ C1] NMI backtrace for cpu 1 [ 455.253621][ C1] CPU: 1 UID: 0 PID: 14621 Comm: syz.7.2816 Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 455.253657][ C1] Tainted: [U]=USER [ 455.253665][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 455.253679][ C1] RIP: 0010:count_memcg_events+0xe/0x4f0 [ 455.253709][ C1] Code: eb bf 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 41 57 41 56 41 55 41 54 55 53 <89> f3 48 83 ec 28 48 89 7c 24 08 89 5c 24 24 48 89 54 24 18 83 fb [ 455.253731][ C1] RSP: 0018:ffffc90003387a28 EFLAGS: 00000246 [ 455.253750][ C1] RAX: 0000000000080000 RBX: ffff88807dd51a00 RCX: ffffc9001bc57000 [ 455.253765][ C1] RDX: 0000000000000001 RSI: 0000000000000017 RDI: ffff88807dd51a00 [ 455.253779][ C1] RBP: 0000000000000015 R08: 0000000000000005 R09: 0000000000000000 [ 455.253793][ C1] R10: 0000000000000000 R11: 0000000000010404 R12: 0000000000004200 [ 455.253807][ C1] R13: 0000000000000000 R14: ffff888057148150 R15: ffff888057148160 [ 455.253824][ C1] FS: 00007fad34a806c0(0000) GS:ffff8881247c4000(0000) knlGS:0000000000000000 [ 455.253859][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 455.253878][ C1] CR2: 0000001b343fdff8 CR3: 000000007a33e000 CR4: 00000000003526f0 [ 455.253896][ C1] Call Trace: [ 455.253905][ C1] [ 455.253917][ C1] handle_mm_fault+0x27b/0xd10 [ 455.253948][ C1] __get_user_pages+0x551/0x34a0 [ 455.253984][ C1] ? down_read_killable+0x220/0x4b0 [ 455.254016][ C1] ? __pfx___get_user_pages+0x10/0x10 [ 455.254046][ C1] ? gup_signal_pending+0x6d/0x190 [ 455.254074][ C1] ? gup_signal_pending+0x76/0x190 [ 455.254103][ C1] ? __sanitizer_cov_trace_pc+0x46/0x70 [ 455.254137][ C1] faultin_page_range+0x338/0x940 [ 455.254173][ C1] madvise_do_behavior+0x34c/0x530 [ 455.254205][ C1] ? __pfx_madvise_do_behavior+0x10/0x10 [ 455.254237][ C1] ? down_read+0x13d/0x480 [ 455.254271][ C1] do_madvise+0x176/0x240 [ 455.254300][ C1] ? __pfx_do_madvise+0x10/0x10 [ 455.254329][ C1] ? do_futex+0x122/0x350 [ 455.254364][ C1] ? xfd_validate_state+0x61/0x180 [ 455.254398][ C1] __x64_sys_madvise+0xa9/0x110 [ 455.254428][ C1] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 455.254462][ C1] do_syscall_64+0xcd/0x490 [ 455.254490][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.254512][ C1] RIP: 0033:0x7fad33b8ebe9 [ 455.254529][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.254550][ C1] RSP: 002b:00007fad34a80038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 455.254571][ C1] RAX: ffffffffffffffda RBX: 00007fad33db5fa0 RCX: 00007fad33b8ebe9 [ 455.254586][ C1] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 455.254600][ C1] RBP: 00007fad33c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 455.254614][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 455.254627][ C1] R13: 00007fad33db6038 R14: 00007fad33db5fa0 R15: 00007ffdf8bd3588 [ 455.254648][ C1] [ 455.738640][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 455.745569][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) [ 455.759076][ T31] Tainted: [U]=USER [ 455.762913][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 455.773091][ T31] Call Trace: [ 455.776405][ T31] [ 455.779360][ T31] dump_stack_lvl+0x3d/0x1f0 [ 455.783990][ T31] vpanic+0x6e8/0x7a0 [ 455.788022][ T31] ? __pfx_vpanic+0x10/0x10 [ 455.792663][ T31] panic+0xca/0xd0 [ 455.796434][ T31] ? __pfx_panic+0x10/0x10 [ 455.800912][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 455.806493][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 455.812677][ T31] ? watchdog+0xd78/0x1260 [ 455.817125][ T31] ? watchdog+0xd6b/0x1260 [ 455.821576][ T31] watchdog+0xd89/0x1260 [ 455.825845][ T31] ? __pfx_watchdog+0x10/0x10 [ 455.830553][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 455.835773][ T31] ? __kthread_parkme+0x19e/0x250 [ 455.840816][ T31] ? __pfx_watchdog+0x10/0x10 [ 455.845519][ T31] kthread+0x3c2/0x780 [ 455.849607][ T31] ? __pfx_kthread+0x10/0x10 [ 455.854218][ T31] ? rcu_is_watching+0x12/0xc0 [ 455.858993][ T31] ? __pfx_kthread+0x10/0x10 [ 455.863607][ T31] ret_from_fork+0x5d4/0x6f0 [ 455.868228][ T31] ? __pfx_kthread+0x10/0x10 [ 455.872844][ T31] ret_from_fork_asm+0x1a/0x30 [ 455.877637][ T31] [ 455.880998][ T31] Kernel Offset: disabled [ 455.885327][ T31] Rebooting in 86400 seconds..