last executing test programs: 11.283934815s ago: executing program 1 (id=1503): getrandom$auto(0x0, 0x6000000, 0x3) 10.930669807s ago: executing program 1 (id=1505): socket(0x2, 0x800, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x900, 0x0) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2101, 0x0) write$auto(r2, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000280)=""/175, 0xaf) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/tx_maxrate\x00', 0x10b142, 0x0) read$auto(r3, &(0x7f0000000000)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/tx_maxrate\x00', 0x3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 9.208608233s ago: executing program 1 (id=1513): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) r1 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) r2 = socket(0xa, 0x1, 0x100) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f00000000c0), r2) sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r3, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x8000) read$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400404, 0x9, 0x9b72, 0x2, 0x4000000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x24, r5, 0x1, 0x70bd2c, 0x25dfdbfa, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x140000e4) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000)) socket(0xa, 0x1, 0x100) modify_ldt$auto(0xc, 0x0, 0x100000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd1\x00', 0x40, 0x0) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) socket(0xa, 0x2, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) fcntl$auto(0x8000000000000001, 0x26, 0x8) 8.861189408s ago: executing program 3 (id=1514): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffff5fdffe00, &(0x7f0000000400)=';') openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x840, 0x152) socket(0x1d, 0x2, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x2100, 0x0) io_uring_setup$auto(0x7, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0x82080, 0x0) socket(0x10, 0x2, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) io_uring_setup$auto(0x85, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TCFLSH2(r1, 0x40204706, 0x0) 8.587911033s ago: executing program 3 (id=1516): openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0xc0802, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001240)={0x1c, r5, 0xb01, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_PEER_MEASUREMENTS={0x8, 0x117, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000084) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x2b, 0x1, 0x0) ioctl$auto_TCSBRK2(r3, 0x5409, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x2, 0x5, 0x0) 8.445265189s ago: executing program 2 (id=1517): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x3, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0xc01) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x2, 0xc, 0x0, 0x7fb, 0x0}) quotactl_fd$auto(0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x0) setpgid$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(r2, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) epoll_ctl$auto_EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x4, 0x3}) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x1f40) read$auto(0x3, 0x0, 0x1f40) 6.965082906s ago: executing program 2 (id=1518): openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_CONFIG(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010026bd7000fddbdf250c000000080004"], 0x1c}, 0x1, 0x0, 0x0, 0x804}, 0x0) r2 = socket(0x1a, 0x1, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) r4 = socket(0xa, 0x2, 0x0) fadvise64$auto_POSIX_FADV_WILLNEED(r2, 0x7fff, 0x0, 0x3) setsockopt$auto(r4, 0x0, 0x30, 0x0, 0x568) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000001700)={0x110, r6, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0xfc, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x84, 0x5, 0x0, 0x1, [{0x80, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x4}, @NL80211_PMSR_PEER_ATTR_ADDR={0x47, 0x1, "15498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f8"}, @NL80211_PMSR_PEER_ATTR_RESP={0x4}, @NL80211_PMSR_PEER_ATTR_RESP={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0xff7ffffffffff2bc}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}]}]}]}, @NL80211_PMSR_ATTR_PEERS={0x74, 0x5, 0x0, 0x1, [{0x70, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x30, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xfffff7f7}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_DATA={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x5cbb}]}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x3c, 0x1, "133545fe144249383690d25836a9e1b8e5920d3c13713ee7305edf6be0471098cc202f4a67a0e31975104f0fcf28f0a91d60c491bafd662d"}]}]}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x24000841}, 0x800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/modules\x00', 0x88400, 0x0) read$auto_proc_reg_file_ops_compat_inode(r7, &(0x7f0000000040)=""/209, 0xd1) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8) socket(0x2, 0x1, 0x0) unshare$auto(0x80000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r8, &(0x7f0000000080)={0x0, 0x1000}, 0x3) close_range$auto(0x2, 0x8, 0x0) r9 = socket(0x28, 0x5, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x7}, 0x3, 0x0) bind$auto(r9, &(0x7f0000000080)=@in={0x28, 0x4e20, @multicast2}, 0x68) 6.519214421s ago: executing program 3 (id=1522): r0 = socket(0x2, 0x3, 0xa) connect$auto(r0, &(0x7f0000000100)=@l2tp={0x2, 0x0, @remote}, 0x54) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1a1442, 0x0) pread64$auto(r2, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100) setsockopt$auto_SO_ZEROCOPY(r2, 0x7, 0x3c, &(0x7f0000000000)='/dev/loop12\x00', 0xd5f) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0xa688, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioperm$auto(0x400, 0x7f, 0xd) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x88) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x149002, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r3, 0x0) 6.090468554s ago: executing program 1 (id=1523): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) sendfile$auto(0x1, r2, 0x0, 0x400007ffff000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x2, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x14b040, 0x0) r4 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000001040)='/proc/thread-self/ns/cgroup\x00', 0x200400, 0x0) ioctl$auto_NS_GET_TGID_FROM_PIDNS(r4, 0x8004b707, &(0x7f0000001080)=0x9) read$auto_rng_chrdev_ops_core(r3, &(0x7f0000000040)=""/4096, 0xfffffe82) fsopen$auto(0x0, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) mmap$auto(0x0, 0x4, 0x7f, 0x40eb1, 0xffffffffffffffff, 0x300000000000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, 0x0) ioctl$auto_TIOCSTI2(r5, 0x545c, 0x0) ioctl$auto_TIOCVHANGUP2(r5, 0x5437, 0x0) 5.581332763s ago: executing program 3 (id=1524): socket(0xa, 0x3, 0x3b) semctl$auto(0x2, 0x9, 0x939, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x3) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc080}, 0x24000040) io_uring_setup$auto(0x6, 0x0) syz_clone3(&(0x7f0000000400)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x39b8) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xffffffffffffb8f1, 0x5, 0x3, 0x613, 0xfffffffffffffffa, 0x100000000000006) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x5602, 0x1) sysfs$auto(0x2, 0x1a, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f0000000040)={0x0, 0x4}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0xda, 0x5) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) 5.574710731s ago: executing program 2 (id=1525): pread64$auto(0xffffffffffffffff, 0x0, 0x7fc, 0x400) mmap$auto(0x0, 0x5f, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy6/aql_enable\x00', 0x2481, 0x0) mmap$auto(0x0, 0x1000000000000004, 0x9, 0x91, 0xffffffffffffffff, 0x300000000000) socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) prctl$auto(0x801, 0x1, 0x0, 0x3, 0xfffffffffffffffb) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) socket(0x22, 0x2, 0x2) setsockopt$auto(0x7, 0x114, 0x3, 0xffffffffffffffff, 0xa0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0xe8) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) pwrite64$auto(r0, 0x0, 0x3, 0x4200000000000005) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socket(0x22, 0x1, 0x80000000) r3 = syz_clone(0x40000000, &(0x7f0000000440)="5618df865a61b9931716996869b62323b19ed503e10d639e6a78d06f96b46d548440225f36118d0999405f56776b267670e7c33bba99538bf5d138a9ede83fd8f86c7c25a9b7a355f39fe25b48ae628c54257ffd4ebe553cd9b9a7c23a8a7690c422e89bbfe4d8a014f8860ee49abb4b7a0fd62f606efef30cb3bb772c79fc93f3be9899dd56a9bb70486149ceca2e90ac87262887d39481909e952fd484f85caeac59bcb2aef8a91ae2116c4b68dbc2ef29ddb89023a9686f77f0862bc1b75e10426c7b1701a6079c21804ba5003bb8e473e233d18f04c21af3c193510893bef7dea8c0db7cf51936b3a73e63099948c96f9ed6c4c68fa4dfa65a1f4fb8e790fcd0cdbbb0238aa8b93183fc2c943a52ae5f134d5fa36cc4b14cc817154413bd6fd38c4b1cbaf7bf91844860e9398b6db934136113fa069dcfd0ab39d46cc2a50651ee7b5f859f408aaef55b7a4ea4b708ed3f1c1cf8d00cb189fd39eea9065b4eb0dbdf9bd53f750afbea7566b44549fc7a3612f8863202b7cd1ef0d43ecea22270a32e0de014fe3a4ea786085d93c92a443aafbbfc7def9964806e9f030a950464d98d72ee424500f2e418cca34569a8469f6db6afd438eb7a4762626990eea8edac884a9262443ac988eb0efff56080ad9f743c9f88a8d8e910a1f29d990abac136f2da5f3f797b403a54ccc54ad15a3854b2f2f94234fca9ba171f3f651786f55bc984c759b218efce51ef2674d0de048ae6d6ae2f7a118a501ae09f78fd14111ab41ef4d6bba3ba8c8ff138b1180e070b825b908329b9393045b661f9d74a375241db7a82224b0e73aa72e3d634ef59931d6be050d1bbea8cdd890761fbcfe774997dd68be7224bf267f011ccb8fa24b3bcedff74a9eeda6a812ad409c9891fda6d23858fcb431624955cfbb53f89e5ac5ec7616b09d072f8956f48358c36a669e4665e51708f7cc0c81d01905ebb8361284cc72b1bfea7b41fa24234098b90e25f518e50e83171882cfc1eb50afd7e1d0df748866ef7f640b5650b92e81f18467dcbe65af9f03933de6c212d4592e0e9bec66ee1cf1711700ed9c422f87db3f50660eaa35c170d15067ffa01544064aeecec2e2fc82a0875fa12a78484124b80a2e77db6cc9b92d6f51b1c575d71f744eb4422b6f1af654ede9885f7a8f6b6c8e6fe51aab9dc6077944f50aac247e90d16076a1e61c9a62dc3625a74d204bd144340f68909023fe7b872c45a0f5be335d43cea9b3c34eb6207ac04cf3c8b866fd076e4be052e363b54bbb542c2fd9d81ed672a235f9cee50f8011fa0bc9078610be366a1f6b8c5ce73e314ff3d7a75c286dc366b03fa8db6af72245dde0e9663fdfe8b3d3516e91c1bd4e78b3184c2a2dae5839107b64f625d6bcbc0d77aa1ad2bed0c47c1bc9f7c4912f9d5bc2c5ac8027949d6f45e70a7d2e276b731aa6b6e5bad08b4e1c2fc293cb21e2eca3f1d21abb634238ed65f70786f0fe9a942ececf87f4f726a92b3f484f908080432b2c0bc4270258eb6ab34c992b427121ea7e91f4a839b3232e9ba1aa3e25651e14b68bae04085a662977796d4b46730b7a3b292de611d365098f81ce9d72a53d78fa3ebf270709a94535ac757ebc26e20759853c813a63ef7c17a533f5d1dde449708ca61f90e783e5f7cf2b5b48d8cfa4fde5d68ea4c6e6d1098c2dcd75390152395cdeb33385de144a3587b450fcf25ee0f405d681e8e4eecf4a6c03fdc5703c25250fc72352b10816a46efddb015505e2fc55f754fd41edae5bf58210a4abd26ff758c59161733b534ec9147850b63963e2e61cbb966701e39c4d472d572b50b94ba23d824b288771ccb7fe628b95a217c723a061c54005f8c6d972519e7285ff9e44105bd6a60d2685a8f8cf0271d782f8ba39c6915c8e98aa0eac0fab9f30865b08d2b53b343a2f893dfc5dbd305d652c9a5849d9db4789df791d508a794658f9fc00d2a473fc5920ac46e5c3c9e57328b69a93c0c2d6a4875e3af4833656561dc767f0555a4469f13d9360514940c7e071b0bb3ead8b5f4cb425f76d4760866e6c7864b15159ad4fb1c50aa584d2a67d5c3743d3b9dc8fd151cd5556ab35ac24c2bf8a55279b1f4a0ab907c68de7293c935bb7764624cd525fc32a0aeb2d24c97f082d5ecc26fd2e6def8dd9ac21f31e3dc2e4fcedd022818009085ff81251c1a65ccceb4f326cdace93151e40919099246610e3b9ba592f0b30b17ac7cfcfb62f5cb0ed2a463bdf73857fd9488d68be7f088c67a09dd1c7b5365491d82e57aa9d47990c7866fbc6d17a2f1a425616412b9420d15b06cdfaab20d901af1268109fdc81374fc24f00d067b7f4a94815e0eee3277bcfa334a8c13cc728eee5f1474fb8e37f2b76133db2a0ac167da4f85ac6012b2373e5e6142f52f88e65ffdc65e48a1b11681504cc880a9902e77289a4447e4bd9cad0db7bdd346a481e8f1165946340fd18ef78f5400de4376e04cad8b5fd1379c13f40533fdc86fc0ffe73df4c34333b5c3de3e8bd989bf9afe912fb4823cf142fc5b31afbe3289f3be57ed1d17148b3012805aa35e0f60abee91667a83835b1da1e8cd8eebc58954a75c6905057b8c1fbc05ec82ce6420680babc25ad745a02cac8923151942a2babb884b174006a0fa2f3ec9adc3d971adb4c014dc748edf01e6bf3490dfec15a7b0b91b88ebddf4968dcc385e90dac7ea3c6d98bc0f1a1c13d4889187322062a8aa8e669f14ab9dd78f638dda1803f390061eeab71165a4ffdc42021e9b24c3b470400013d8b3c5f6da36f24008d0038dbdb2c66be3e63f668e1f48de9e8851259307c85b52722cfc623f187c2c2f8343d91b7d7f0283403d3cd76d73044911a9db4228240b6527dbe3b207de6a03dc04cc7def59ff762e0c6bb7aa80eb505d35a36577f73bce5206ddd0574eff688ad61e252db192544f29f910967778b37a1305b0dd917228d5d4ce9588791f672d68c73a259fc17ce0ee6b922be8b46f13d33a5843b2ddac31629b7f6f010ef6dd65daed6b274590d47efd5757c93e48d8f2d2d1db79a84343d227b46c1dc230d01ec0b94c62e9fa18903b1fbdec6aa78743e637cf8e881dedc0779180c9df2fb4ea7e35755628db25a6b5abdee13f6221757581c7bf30a12d2a6f98af19c18dc9e816d453b955e5c97662b9e1a44e98ebf4b33fbbc434f65a3b8a7f2d4e591ed3e6a6f216b68ec92e2630accb2b489fbd71a2ed8f790e3a75f89f70b2977dc6b1ecf860ee8936bd9c663a44f5fc0df2ea3c0193dc37fbb18caf5db7802a2a7b7ed55d3eaabfdbf96aff14958e2a95a4ea73c8347f74e5a226de2188659755bc295b5fb33c3d63a9c5e9c9d3c986428e282c50052ee8e2f532a3cda91d0572730911646a0dc5efceef2ebecd2e2e3498ea9cbcc70a823bd1c1e7ff58fbb5d99ef4c784394b5efc0360e4baf54357e34c85777a2abf51de7519d59628a28c508a0f92efa992a7d4284a9a4a9aa7990c82ea6f73c94db65dc9d655e57e59a1bab00fd536895d3b4e0fa313eaa4298f06d63579a2325c3f97497b56439b18717f168327624cfbcbde510a2ec41b075f6ebbc67d740d912a622ba1be8abe86e42f3c2fc48f8da4a1deb23a523ba18e4ebc417b212cf873c63cfcb3769d2c85fecd1080a7efc8ffbf1d3a171bcfa5961eb37ba112dc2699fc3108f6cd3f2d12bb5918e7c38e45b382f726e062b58efb69e16665059d88d747a28a85a89cd1b2348a1e92f4aa3f5e2e5e10019d5b77290855d0a9ad77dc61489441d4cdff151c2e96bf6e08c1ea789dd78bfabaf795cf746854b2f97861cabd87d2d82e7a436f63bf10b44cb2a0c981cebe648467c11156fb635e4aeb335c6f54058be619b99cb590eae7c55cdef192463147d3ad3c4897ea93a3e2a61203067f91e2cbc856c1ecc0d7f5f533ef944639b0dab77601888218065a6a5e32da83e9cb1281bf45e5e78f23a645b3ea63ba0687d2566a689fc64751b1a546574dd4430bddaaebebbb50dc852991f67fb2c9ac067216307ed0d396b80533e6aa8c33b57876a19afcf4ef3c86624804f2dc28c6602e267a0b585a5a178a89b01ebec1bc6d1f7fd26826792f92525e668b110e053ff1bfed91cebf27755b9487877759dfebc05f55dba25384d4a507eb219b3d42fe41e9638e40b1d38032373c415f5e40fd691c425d2d243192af12adb49f2d674cbba20244cab1f2e73d0551e188ac760062322e85c783ca0575c3b5f8f94b3d443449b448e7d04d7a86a48c67612c640719462ca8f12135de5a271bf170ff0adf769cc00caea538454f701ff34172bc538570df188dd80d28994a13f1d9aeab34655c1c66def2697a931a0f00a0c084dcddb7d5c3095a775726e82fa3939be4e61fc74e147ac12612ffccc353be4912285db5b248ef4fe91ae0677fe2766b84bfa63abda25c63ab0204d655961d3e53671eb9e401f088968adb1a1754bf9c73f7bf5a2061b7e3baaab37f57da524e0ab8b68eeb728f9bd0a71c4a5d86479494f6069004ebfa55cf25e6822d851ecc4538cc8016754999caba43c07cefc3568420601fab3ec60e8b97984d9a85fb41b8ecf55773b47854d085dce844b00fe7bc789ebdaa578e1c5374b2ec9f16418d8c1212335fd0777e90bc82488f050538b85fc211dcfb1d5a75e8d7d289e6aff8d1e30ef0e0306f6db5ed920110e9750f3020d8ed31f06f883c6b73847d6f612db4361a7f16b81c6edc513ff0f80093e6f2cbb08af41d5af3ed1a3acdfa32aa122cc6b1e81e10013a981c0733bb5799f8f9ecdfd3b63acb085643843f995a655f369641667fa389ec865248b7c0b85123c625be882183c738d9482f2171642902a851a1ab45dbb29468e43ca9ff09a3fe557ccfe60dbc452654d6db03f5eab9fc0d0a98a18cf9da36dc326deb7509ade42d745e468c6fd0a3b05444f4de3bb17fc3a49f3388d1b7f6a0def5fed9ac930081a9ace2e94174a0c92c19636fbb0aeed27dd7f3994cab12f1f97b9e0e3a54838ccefc76c19f824affc2f3bf89ee634536227b056e09204eec25fa8587281416448d851134aae16155f3f2e4e29995eb1093530672f9743a8eb22e287d76bb9e72e980cfc8fe896ae962f5cc585a2df7ee0c12dc33e53e90d2484256bf6b32b4f1a26372f4cdb53980e78d2726fcca554b7f5dbfec4413d831ef8d9830730911939cf35dcd5e95f3661a6c57b86079d500a3dd934c2bdd3e8f00305fc504ff0ee8c819efbfbf9cd9a667b0fffcbd52b626b232812efd0b2f40343d5be56b553ebcb4455543e85c8639e008c2819248004b4c2d43477cf8662d8c6f5b499ed8257683febf953fb472a1545e4cd92bfb9db93738975478dd4547e67677eab6509ee5d90ddcdf94a27b38d87ca8232c0799bc584e12eb0a394c04438370af4c45e865964226433517ace58472950a836acc023ae5f8c6adfeb2e631db3795f1805264ae51fd5e0015c8ae409fce3fbe0447b1841cdf9f3f7c19276cab85d15d93e556b01deed75040b378aa1bcc3c6e630397009343a2633a6a2713e89d119b0cfa76236c8eaf5bcd4f44a4740b0791a1be47ae1b0916eacd7144a50a65574b476ba1b02ed2b0a61fcb59c9cd2a9170162cd59ab037ffc1fa35f5ae9a6c5696b64ca30686e9bbf9056173c473d7b54bca8cd5fe1bc4f9cdd5e3d88198c97bd3b60f2609d54ec60eb4d1ae5daee1bf73a08076182e439b47d41d56ddfd5d567c2a501a881d45549a9f311b22ea6c", 0xff0, &(0x7f0000000080), &(0x7f00000000c0), 0x0) ptrace$auto_PTRACE_GETFPREGS(0xe, r3, 0xd, 0x3) sendfile$auto(0x1, 0x3, 0x0, 0x74c) 4.321084446s ago: executing program 2 (id=1526): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b165498937eb7396525f9be44e1d5455f2fb0e9b0d79a2b05104239ddb65afabac40f2568353278905243edcffa25dbe93c91fd0982c77eb13c90cde8107888e9891ed1f3fd75b91f275544db3fb132c587243bdd433ad395ec44311df726aa04c20709aa456adebeba0e42ba8be3710f9e8f307febbb8bf1971d6e02b435ec6e209f6d3e3200f51b17e97c7b8eed34b6b297b03db790c857329989e778133d2f9ca40e62aafa5a053d416a09d36a78e1b0716aa049da6fc9fedc96a02d10a13260d6f7cc86a7c681b97ec9987e16bb190e75137bc3e3ce64b51a599f1ebed0683f55240e49eeb6588a13b55c266ee997d1b237f0deefa3bd5670293249c6e79decfc6ee39a08d1ffb71231ed36b9aea01fd0804fc591b7100e6cf5cf97ddb1871afe44a534f2eeafb12d217c6684d474f19bf7d957b11429843723823da2e555a9a9f9d5af6d1ddd40a59a67c459581604f280f4412b0a4b8736bbdd1cd2d4d27cd273ad39d3d52036832e968f93ff343a92f4001c8a2c43ec1f3377c67f3b49f6297de1e2dc5a10abafbf034a029e5d1d89e627fc3741ab5fa68afc24f"}, 0x6, 0x3, 0xff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_UNLCK(r2, 0x8, 0x2) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0x3b, 0x5, 0x8) 3.778553302s ago: executing program 0 (id=1527): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948f, 0x803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, &(0x7f0000004440)) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0)=0xffffffffffffffff) mmap$auto(0x0, 0x9, 0xdf, 0x9b75, r1, 0x8000) r4 = open_by_handle_at$auto(r1, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) setsockopt$auto(r4, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0xffffffffffffffff, 0x8000) geteuid() sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001a80)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040840}, 0x200000c0) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x1ff000, 0x100008, 0x843, 0x3, 0xfffff000) msgctl$auto(0x7, 0xa3, &(0x7f0000000240)={{0x8, 0xee00, 0xee01, 0x5, 0xa, 0x6, 0xfe01}, 0x0, 0x0, 0x1, 0xa, 0x400000000005, 0x31f4, 0x51c, 0x3, 0xfffd, 0x3, @inferred=0xffffffffffffffff, @raw=0x8}) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={0x0, 0x401}, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x48802, 0x0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/hugepages-2048kB/enabled\x00', 0x22b42, 0x0) sendfile$auto(r9, r9, 0x0, 0x6) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r7, @ANYBLOB="010025bd7000fedbdf257e000000000066004e21000000002680000002000400000000000200000000000000010009000000000001000400000000000200070000000000980006000000000014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1cb162ef14fb7ab2ee731fdc7f0fc553a3c07226a2160d350ed7f30000360103e17d2b53cce133a6674f5b8600a49a8403c6bdfd3e0c464ed8a2fe254a5939fb09cb1dc350c9230c189febda65557207893e11deb595e622008d945c914692afa24b99bf04b003881b9fc35a628e8a1f7dd36490920c7ce2dbffcf61124f39b5329db3d8f56f48af0b3b31b588771b14d045e0ea69404cf54596db22abd3d35b4f3d484faa4ac1eca1bbbe82ed861aee4715f465c010e98899929b521dea88b03c97f8d005000000987004d3b262d91b7e4b6d005ebb201517953c89225c186080b4836ccb358d624f4b134a11c7ec39e49d80d2c40312c250508a0e8c0969f1fe6830e50c3f2623b31882a5409300737b3fe096e8da90fa050194db696c605c6f82e18f9fc334aa232483df49ed13478a9bd48a"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) sendmsg$auto_NL80211_CMD_GET_KEY(r3, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRESDEC=r2, @ANYRESOCT=r6], 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) 3.237636211s ago: executing program 0 (id=1528): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysinfo$auto(0x0) r0 = socket(0xa, 0x801, 0x100) setsockopt$auto(r0, 0x6, 0x2, 0x0, 0xfb3) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x5, 0xeb1, 0xffffffffffffffff, 0x0) 2.69168498s ago: executing program 1 (id=1529): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffff5fdffe00, &(0x7f0000000400)=';') openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x840, 0x152) socket(0x1d, 0x2, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x2100, 0x0) io_uring_setup$auto(0x7, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0x82080, 0x0) socket(0x10, 0x2, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0) io_uring_setup$auto(0x85, 0x0) socketpair$auto(0x4004, 0x7, 0x10001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x40204706, 0x0) 2.369373737s ago: executing program 2 (id=1530): socket(0x25, 0x1, 0x0) sendto$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r0, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000380)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000005, 0x7, 0xffffffffffffffff, 0x9, 0x1, 0x400]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) getxattrat$auto(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x9, &(0x7f0000000300)='^\x00', &(0x7f0000000340)={0x2, 0x5, 0xfffff517}, 0x8) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/enable\x00', 0xa0102, 0x0) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x2, 0x0) msgctl$auto(0x7, 0xa3, &(0x7f0000000240)={{0x8, 0xee00, 0xee01, 0x5, 0xa, 0x0, 0xfe01}, 0x0, 0x0, 0x6, 0x9, 0x6, 0x31f4, 0x51c, 0x3, 0x1, 0x3, @inferred=0xffffffffffffffff, @raw=0x8}) getpid() 2.156045646s ago: executing program 0 (id=1531): madvise$auto(0x40, 0x7, 0x78) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000) read$auto(0xffffffffffffffff, 0x0, 0x9) mmap$auto(0x0, 0x21004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2) mmap$auto(0x0, 0x810006, 0xff7, 0x13, 0xffffffffffffffff, 0x8000) msync$auto(0x7f, 0x6, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(r0, &(0x7f00000002c0)='5\x0e@\x90\a\x1b\xb3\xff\t\xe8e!\xf6\x84\x9b_c\x9dK\x02\xfa\x82\xd8\xed\x05\xda6\t\x1a\x9d\xa3[\xb6\x1e\xe3~\x02\xf50\xaf\x10so\'\xc3\x02\xfb,v\x06\xdf\xef\b_\x1cFXD(P\xb7\xe8\x8f\x14\x983\x8a\xb7\x86\x90\xc7\x8f2\x16\xc6\xa2?\x93\x18=\x87\x88\xc4\xf0q\xd6\xb3c\x89\xb8\xbcW\x94\x1d\x12\x05\xb1\xddD\x8f\xf9\xb1\x8b_\x0f\x95\xbc{\x1c\xbc\xf5-\xa6\x1c\xe4d\xc8', 0x800026) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000100)="000004") write$auto(r0, 0x0, 0x41ec) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(0xffffffffffffffff, 0x0, 0x1) inotify_init1$auto(0x7) inotify_add_watch$auto(0x4, 0x0, 0xe6e) 1.900268213s ago: executing program 3 (id=1533): socket(0x25, 0x1, 0x0) sendto$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r0, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000380)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000005, 0x7, 0xffffffffffffffff, 0x9, 0x1, 0x400]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) getxattrat$auto(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x9, &(0x7f0000000300)='^\x00', &(0x7f0000000340)={0x2, 0x5, 0xfffff517}, 0x8) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/enable\x00', 0xa0102, 0x0) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x1ff000, 0x100008, 0x843, 0x3, 0xfffff000) msgctl$auto(0x7, 0xa3, &(0x7f0000000240)={{0x8, 0xee00, 0xee01, 0x5, 0xa, 0x0, 0xfe01}, 0x0, 0x0, 0x6, 0x9, 0x6, 0x31f4, 0x51c, 0x3, 0x1, 0x3, @inferred=0xffffffffffffffff, @raw=0x8}) getpid() 1.239453642s ago: executing program 2 (id=1534): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) r1 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) r2 = socket(0xa, 0x1, 0x100) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f00000000c0), r2) sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r3, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x8000) read$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400404, 0x9, 0x9b72, 0x2, 0x4000000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x24, r5, 0x1, 0x70bd2c, 0x25dfdbfa, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x140000e4) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000)) socket(0xa, 0x1, 0x100) modify_ldt$auto(0xc, 0x0, 0x100000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd1\x00', 0x40, 0x0) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) socket(0xa, 0x2, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) fcntl$auto(0x8000000000000001, 0x26, 0x8) 1.235676074s ago: executing program 1 (id=1543): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysinfo$auto(0x0) r0 = socket(0xa, 0x801, 0x100) setsockopt$auto(r0, 0x6, 0x2, 0x0, 0xfb3) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x5, 0xeb1, 0xffffffffffffffff, 0x0) 1.117342807s ago: executing program 0 (id=1536): socket(0x2, 0x1, 0x106) r0 = getsockopt$auto(0xffffffffffffffff, 0x110, 0x9, 0xffffffffffffffff, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1e, 0x805, 0x0) unshare$auto(0x40000080) rmdir$auto(&(0x7f00000001c0)='./cgroup.cpu/cpuset.cpus\x00') ioctl$auto_BTRFS_IOC_GET_FEATURES(r0, 0x80189439, 0x0) sysfs$auto(0x2, 0x1a, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r3 = socket(0x29, 0x2, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r3, 0x89f1, 0x24) sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000001380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x800) 805.804276ms ago: executing program 0 (id=1537): socket(0x2, 0x800, 0x9) mmap$auto(0x3, 0x2020009, 0x8, 0xe72, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x900, 0x0) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2101, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000280)=""/175, 0xaf) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/tx_maxrate\x00', 0x10b142, 0x0) read$auto(r3, &(0x7f0000000000)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/tx_maxrate\x00', 0x3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x8000000000000000, 0x15) 163.57626ms ago: executing program 3 (id=1538): mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r0, 0x400454a4, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x42140, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40840}, 0x4000840) fsmount$auto(r1, 0xc, 0xe5a6dab6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x311) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) fcntl$auto(0x3, 0x4, 0xa553) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x2a540, 0x0) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) madvise$auto(0x0, 0xffffffffffff0005, 0x19) pwrite64$auto(0xc8, 0x0, 0xedef, 0x3) 0s ago: executing program 0 (id=1539): socket(0x2, 0x1, 0x106) r0 = getsockopt$auto(0xffffffffffffffff, 0x110, 0x9, 0xffffffffffffffff, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1e, 0x805, 0x0) unshare$auto(0x40000080) rmdir$auto(&(0x7f00000001c0)='./cgroup.cpu/cpuset.cpus\x00') ioctl$auto_BTRFS_IOC_GET_FEATURES(r0, 0x80189439, 0x0) sysfs$auto(0x2, 0x1a, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r3 = socket(0x29, 0x2, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r3, 0x89f1, 0x24) sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000001380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x800) kernel console output (not intermixed with test programs): sghdr_from_user+0x10a/0x160 [ 212.834869][ T8468] ? __pfx_____sys_sendmsg+0x10/0x10 [ 212.834894][ T8468] ? __pfx_futex_wake_mark+0x10/0x10 [ 212.834919][ T8468] ___sys_sendmsg+0x134/0x1d0 [ 212.834940][ T8468] ? __pfx____sys_sendmsg+0x10/0x10 [ 212.834981][ T8468] __sys_sendmsg+0x16d/0x220 [ 212.834997][ T8468] ? __pfx___sys_sendmsg+0x10/0x10 [ 212.835012][ T8468] ? __x64_sys_futex+0x1e0/0x4c0 [ 212.835045][ T8468] do_syscall_64+0xcd/0xfa0 [ 212.835062][ T8468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.835076][ T8468] RIP: 0033:0x7fe7bcf8eec9 [ 212.835088][ T8468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.835101][ T8468] RSP: 002b:00007fe7bdd9d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 212.835115][ T8468] RAX: ffffffffffffffda RBX: 00007fe7bd1e5fa0 RCX: 00007fe7bcf8eec9 [ 212.835124][ T8468] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005 [ 212.835134][ T8468] RBP: 00007fe7bd011f91 R08: 0000000000000000 R09: 0000000000000000 [ 212.835144][ T8468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 212.835152][ T8468] R13: 00007fe7bd1e6038 R14: 00007fe7bd1e5fa0 R15: 00007fffd1b29078 [ 212.835172][ T8468] [ 213.427248][ T8477] netlink: 268 bytes leftover after parsing attributes in process `syz.0.742'. [ 213.715058][ T8489] netlink: 504 bytes leftover after parsing attributes in process `syz.0.739'. [ 213.757851][ T8489] netlink: 504 bytes leftover after parsing attributes in process `syz.0.739'. [ 214.271873][ T8497] netlink: 8 bytes leftover after parsing attributes in process `syz.0.741'. [ 214.344256][ T8497] Invalid ELF header magic: != ELF [ 214.512942][ T8497] delete_channel: no stack [ 214.544853][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805adee000: rx timeout, send abort [ 214.671238][ T8501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.750'. [ 214.671871][ T8501] netlink: 25 bytes leftover after parsing attributes in process `syz.3.750'. [ 215.053088][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805adee000: abort rx timeout. Force session deactivation [ 215.320717][ T8515] sp0: Synchronizing with TNC [ 216.318837][ T8530] FAULT_INJECTION: forcing a failure. [ 216.318837][ T8530] name failslab, interval 1, probability 0, space 0, times 0 [ 216.341682][ T8530] CPU: 1 UID: 0 PID: 8530 Comm: syz.0.761 Not tainted syzkaller #0 PREEMPT(full) [ 216.341704][ T8530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 216.341713][ T8530] Call Trace: [ 216.341718][ T8530] [ 216.341724][ T8530] dump_stack_lvl+0x16c/0x1f0 [ 216.341745][ T8530] should_fail_ex+0x512/0x640 [ 216.341763][ T8530] ? __kmalloc_cache_noprof+0x5f/0x780 [ 216.341787][ T8530] should_failslab+0xc2/0x120 [ 216.341806][ T8530] __kmalloc_cache_noprof+0x72/0x780 [ 216.341827][ T8530] ? nl80211_dump_station+0x26f/0xa80 [ 216.341850][ T8530] ? nl80211_dump_station+0x26f/0xa80 [ 216.341866][ T8530] nl80211_dump_station+0x26f/0xa80 [ 216.341888][ T8530] ? __pfx_nl80211_dump_station+0x10/0x10 [ 216.341937][ T8530] ? __alloc_skb+0x200/0x380 [ 216.341960][ T8530] genl_dumpit+0x125/0x230 [ 216.341983][ T8530] netlink_dump+0x536/0xd30 [ 216.342003][ T8530] ? __pfx_netlink_dump+0x10/0x10 [ 216.342027][ T8530] ? __asan_memset+0x23/0x50 [ 216.342042][ T8530] ? genl_start+0x67f/0x980 [ 216.342062][ T8530] __netlink_dump_start+0x6d6/0x990 [ 216.342081][ T8530] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 216.342102][ T8530] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 216.342120][ T8530] ? genl_op_from_small+0x25/0x440 [ 216.342141][ T8530] ? __pfx_genl_get_cmd+0x10/0x10 [ 216.342156][ T8530] ? __pfx_genl_start+0x10/0x10 [ 216.342172][ T8530] ? __pfx_genl_dumpit+0x10/0x10 [ 216.342189][ T8530] ? __pfx_genl_done+0x10/0x10 [ 216.342209][ T8530] ? __radix_tree_lookup+0x21f/0x2c0 [ 216.342242][ T8530] genl_rcv_msg+0x46e/0x800 [ 216.342264][ T8530] ? __pfx_genl_rcv_msg+0x10/0x10 [ 216.342284][ T8530] ? __pfx_nl80211_dump_station+0x10/0x10 [ 216.342309][ T8530] netlink_rcv_skb+0x155/0x420 [ 216.342327][ T8530] ? __pfx_genl_rcv_msg+0x10/0x10 [ 216.342348][ T8530] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 216.342373][ T8530] ? netlink_deliver_tap+0x1ae/0xd30 [ 216.342391][ T8530] genl_rcv+0x28/0x40 [ 216.342408][ T8530] netlink_unicast+0x5aa/0x870 [ 216.342427][ T8530] ? __pfx_netlink_unicast+0x10/0x10 [ 216.342452][ T8530] netlink_sendmsg+0x8c8/0xdd0 [ 216.342472][ T8530] ? __pfx_netlink_sendmsg+0x10/0x10 [ 216.342491][ T8530] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 216.342513][ T8530] ____sys_sendmsg+0xa98/0xc70 [ 216.342534][ T8530] ? copy_msghdr_from_user+0x10a/0x160 [ 216.342549][ T8530] ? __pfx_____sys_sendmsg+0x10/0x10 [ 216.342573][ T8530] ? __pfx_futex_wake_mark+0x10/0x10 [ 216.342597][ T8530] ___sys_sendmsg+0x134/0x1d0 [ 216.342614][ T8530] ? __pfx____sys_sendmsg+0x10/0x10 [ 216.342654][ T8530] __sys_sendmsg+0x16d/0x220 [ 216.342672][ T8530] ? __pfx___sys_sendmsg+0x10/0x10 [ 216.342686][ T8530] ? __x64_sys_futex+0x1e0/0x4c0 [ 216.342720][ T8530] do_syscall_64+0xcd/0xfa0 [ 216.342737][ T8530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.342752][ T8530] RIP: 0033:0x7fef3258eec9 [ 216.342765][ T8530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.342780][ T8530] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 216.342795][ T8530] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 216.342805][ T8530] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005 [ 216.342814][ T8530] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 216.342823][ T8530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.342832][ T8530] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 216.342853][ T8530] [ 216.803155][ T8519] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 216.824782][ T8537] netlink: 4 bytes leftover after parsing attributes in process `syz.0.754'. [ 216.825021][ T8535] netlink: 8 bytes leftover after parsing attributes in process `syz.2.753'. [ 216.988650][ T8535] Invalid ELF header magic: != ELF [ 217.036365][ T8534] delete_channel: no stack [ 217.166191][ T8543] __nla_validate_parse: 1 callbacks suppressed [ 217.166213][ T8543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.756'. [ 217.219950][ T8543] netlink: 25 bytes leftover after parsing attributes in process `syz.3.756'. [ 217.295846][ T8546] netlink: 'syz.1.759': attribute type 11 has an invalid length. [ 217.310612][ T8546] netlink: 'syz.1.759': attribute type 11 has an invalid length. [ 218.241016][ T8567] netlink: 8 bytes leftover after parsing attributes in process `syz.2.769'. [ 218.336718][ T8572] netlink: 'syz.1.770': attribute type 11 has an invalid length. [ 218.375949][ T8572] netlink: 'syz.1.770': attribute type 11 has an invalid length. [ 218.456094][ T8574] Invalid ELF header magic: != ELF [ 218.652752][ T8566] delete_channel: no stack [ 219.297602][ T8585] netlink: 268 bytes leftover after parsing attributes in process `syz.1.772'. [ 219.537017][ T8590] netlink: 'syz.2.774': attribute type 11 has an invalid length. [ 219.561033][ T8590] netlink: 'syz.2.774': attribute type 11 has an invalid length. [ 220.121690][ T8573] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 220.465787][ T8599] netlink: 'syz.0.786': attribute type 11 has an invalid length. [ 220.473839][ T8599] netlink: 'syz.0.786': attribute type 11 has an invalid length. [ 221.290344][ T8616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.781'. [ 221.391377][ T8616] Invalid ELF header magic: != ELF [ 221.403812][ T8615] delete_channel: no stack [ 221.574704][ T8620] FAULT_INJECTION: forcing a failure. [ 221.574704][ T8620] name failslab, interval 1, probability 0, space 0, times 0 [ 221.588192][ T8620] CPU: 1 UID: 0 PID: 8620 Comm: syz.2.782 Not tainted syzkaller #0 PREEMPT(full) [ 221.588225][ T8620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 221.588241][ T8620] Call Trace: [ 221.588250][ T8620] [ 221.588260][ T8620] dump_stack_lvl+0x16c/0x1f0 [ 221.588294][ T8620] should_fail_ex+0x512/0x640 [ 221.588324][ T8620] ? __kmalloc_noprof+0xca/0x880 [ 221.588366][ T8620] should_failslab+0xc2/0x120 [ 221.588400][ T8620] __kmalloc_noprof+0xdd/0x880 [ 221.588441][ T8620] ? lsm_blob_alloc+0x68/0x90 [ 221.588478][ T8620] ? lsm_blob_alloc+0x68/0x90 [ 221.588505][ T8620] lsm_blob_alloc+0x68/0x90 [ 221.588533][ T8620] security_sk_alloc+0x30/0x270 [ 221.588566][ T8620] sk_prot_alloc+0x1c7/0x2a0 [ 221.588613][ T8620] sk_alloc+0x36/0xc20 [ 221.588640][ T8620] alg_create+0x9e/0x150 [ 221.588668][ T8620] __sock_create+0x335/0x8d0 [ 221.588711][ T8620] __sys_socket+0x14d/0x260 [ 221.588746][ T8620] ? __fget_files+0x20e/0x3c0 [ 221.588771][ T8620] ? __pfx___sys_socket+0x10/0x10 [ 221.588807][ T8620] ? xfd_validate_state+0x61/0x180 [ 221.588849][ T8620] __x64_sys_socket+0x72/0xb0 [ 221.588885][ T8620] ? lockdep_hardirqs_on+0x7c/0x110 [ 221.588913][ T8620] do_syscall_64+0xcd/0xfa0 [ 221.588943][ T8620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.588966][ T8620] RIP: 0033:0x7f966bd8eec9 [ 221.588987][ T8620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.589008][ T8620] RSP: 002b:00007f966ccdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 221.589036][ T8620] RAX: ffffffffffffffda RBX: 00007f966bfe5fa0 RCX: 00007f966bd8eec9 [ 221.589053][ T8620] RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000026 [ 221.589070][ T8620] RBP: 00007f966be11f91 R08: 0000000000000000 R09: 0000000000000000 [ 221.589085][ T8620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.589101][ T8620] R13: 00007f966bfe6038 R14: 00007f966bfe5fa0 R15: 00007ffdb851e468 [ 221.589134][ T8620] [ 222.262947][ T8631] netlink: 338 bytes leftover after parsing attributes in process `syz.1.789'. [ 222.273894][ T8631] netlink: 338 bytes leftover after parsing attributes in process `syz.1.789'. [ 222.348639][ T8632] netlink: 290 bytes leftover after parsing attributes in process `syz.1.789'. [ 222.832731][ T8642] netlink: 8 bytes leftover after parsing attributes in process `syz.3.793'. [ 222.981843][ T8627] netlink: 268 bytes leftover after parsing attributes in process `syz.2.785'. [ 223.054037][ T8642] netlink: 'syz.3.793': attribute type 11 has an invalid length. [ 223.109706][ T8642] netlink: 'syz.3.793': attribute type 11 has an invalid length. [ 224.644663][ T8675] netlink: 50 bytes leftover after parsing attributes in process `syz.0.802'. [ 224.748813][ T8677] FAULT_INJECTION: forcing a failure. [ 224.748813][ T8677] name failslab, interval 1, probability 0, space 0, times 0 [ 224.778361][ T8677] CPU: 1 UID: 0 PID: 8677 Comm: syz.0.803 Not tainted syzkaller #0 PREEMPT(full) [ 224.778399][ T8677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 224.778415][ T8677] Call Trace: [ 224.778424][ T8677] [ 224.778435][ T8677] dump_stack_lvl+0x16c/0x1f0 [ 224.778471][ T8677] should_fail_ex+0x512/0x640 [ 224.778501][ T8677] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 224.778532][ T8677] should_failslab+0xc2/0x120 [ 224.778567][ T8677] kmem_cache_alloc_noprof+0x75/0x6e0 [ 224.778605][ T8677] ? __proc_create+0x2ce/0x8e0 [ 224.778648][ T8677] ? __proc_create+0x2ce/0x8e0 [ 224.778682][ T8677] __proc_create+0x2ce/0x8e0 [ 224.778718][ T8677] ? __pfx___proc_create+0x10/0x10 [ 224.778767][ T8677] proc_mkdir+0x81/0x170 [ 224.778802][ T8677] ? __pfx_proc_mkdir+0x10/0x10 [ 224.778838][ T8677] ? cache_register_net+0x137/0x5e0 [ 224.778876][ T8677] cache_register_net+0x18f/0x5e0 [ 224.778910][ T8677] nfsd_idmap_init+0xb6/0x250 [ 224.778938][ T8677] ? __pfx_nfsd_net_init+0x10/0x10 [ 224.778972][ T8677] nfsd_net_init+0x69/0x3d0 [ 224.779011][ T8677] ? __pfx_nfsd_net_init+0x10/0x10 [ 224.779047][ T8677] ops_init+0x1df/0x5f0 [ 224.779081][ T8677] setup_net+0x100/0x390 [ 224.779112][ T8677] ? __pfx_setup_net+0x10/0x10 [ 224.779144][ T8677] ? debug_mutex_init+0x37/0x70 [ 224.779176][ T8677] copy_net_ns+0x2f8/0x690 [ 224.779212][ T8677] create_new_namespaces+0x3ea/0xa90 [ 224.779251][ T8677] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 224.779293][ T8677] ksys_unshare+0x45b/0xa40 [ 224.779329][ T8677] ? __pfx_ksys_unshare+0x10/0x10 [ 224.779364][ T8677] ? xfd_validate_state+0x61/0x180 [ 224.779407][ T8677] __x64_sys_unshare+0x31/0x40 [ 224.779440][ T8677] do_syscall_64+0xcd/0xfa0 [ 224.779471][ T8677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.779497][ T8677] RIP: 0033:0x7fef3258eec9 [ 224.779519][ T8677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.779544][ T8677] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 224.779569][ T8677] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 224.779587][ T8677] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 224.779603][ T8677] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 224.779618][ T8677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.779633][ T8677] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 224.779670][ T8677] [ 225.065855][ T8679] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 225.393929][ T8685] FAULT_INJECTION: forcing a failure. [ 225.393929][ T8685] name failslab, interval 1, probability 0, space 0, times 0 [ 225.427314][ T8685] CPU: 0 UID: 0 PID: 8685 Comm: syz.3.805 Not tainted syzkaller #0 PREEMPT(full) [ 225.427350][ T8685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 225.427364][ T8685] Call Trace: [ 225.427372][ T8685] [ 225.427381][ T8685] dump_stack_lvl+0x16c/0x1f0 [ 225.427413][ T8685] should_fail_ex+0x512/0x640 [ 225.427444][ T8685] ? __kmalloc_cache_noprof+0x5f/0x780 [ 225.427484][ T8685] should_failslab+0xc2/0x120 [ 225.427516][ T8685] __kmalloc_cache_noprof+0x72/0x780 [ 225.427551][ T8685] ? kvm_io_bus_register_dev+0x505/0x720 [ 225.427588][ T8685] ? kvm_ioapic_init+0x4f/0x590 [ 225.427620][ T8685] ? kvm_ioapic_init+0x4f/0x590 [ 225.427644][ T8685] kvm_ioapic_init+0x4f/0x590 [ 225.427674][ T8685] kvm_arch_vm_ioctl+0x912/0x18b0 [ 225.427709][ T8685] ? register_lock_class+0x41/0x4c0 [ 225.427741][ T8685] ? find_held_lock+0x2b/0x80 [ 225.427766][ T8685] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 225.427808][ T8685] ? __lock_acquire+0x62e/0x1ce0 [ 225.427845][ T8685] ? __lock_acquire+0x62e/0x1ce0 [ 225.427887][ T8685] ? __lock_acquire+0x62e/0x1ce0 [ 225.427927][ T8685] ? __lock_acquire+0x62e/0x1ce0 [ 225.427984][ T8685] ? bpf_ksym_find+0x124/0x1c0 [ 225.428012][ T8685] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 225.428042][ T8685] ? is_bpf_text_address+0x94/0x1a0 [ 225.428075][ T8685] ? kernel_text_address+0x8d/0x100 [ 225.428111][ T8685] ? widen_string+0xdc/0x2d0 [ 225.428143][ T8685] ? __kernel_text_address+0xd/0x40 [ 225.428165][ T8685] ? unwind_get_return_address+0x59/0xa0 [ 225.428203][ T8685] ? arch_stack_walk+0xa6/0x100 [ 225.428245][ T8685] ? stack_trace_save+0x8e/0xc0 [ 225.428272][ T8685] ? __pfx_stack_trace_save+0x10/0x10 [ 225.428306][ T8685] ? stack_depot_save_flags+0x29/0x9c0 [ 225.428337][ T8685] ? __lock_acquire+0xb97/0x1ce0 [ 225.428373][ T8685] ? kasan_save_stack+0x42/0x60 [ 225.428398][ T8685] ? kasan_save_stack+0x33/0x60 [ 225.428423][ T8685] ? kasan_save_track+0x14/0x30 [ 225.428446][ T8685] ? __kasan_save_free_info+0x3b/0x60 [ 225.428481][ T8685] ? __kasan_slab_free+0x5f/0x80 [ 225.428508][ T8685] ? kfree+0x2b8/0x6d0 [ 225.428540][ T8685] ? tomoyo_path_number_perm+0x470/0x580 [ 225.428580][ T8685] kvm_vm_ioctl+0x1a91/0x3fd0 [ 225.428629][ T8685] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 225.428686][ T8685] ? kasan_quarantine_put+0x10a/0x240 [ 225.428713][ T8685] ? lockdep_hardirqs_on+0x7c/0x110 [ 225.428744][ T8685] ? find_held_lock+0x2b/0x80 [ 225.428776][ T8685] ? tomoyo_path_number_perm+0x295/0x580 [ 225.428819][ T8685] ? tomoyo_path_number_perm+0x18d/0x580 [ 225.428859][ T8685] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 225.428915][ T8685] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 225.428958][ T8685] ? do_vfs_ioctl+0x128/0x14f0 [ 225.428992][ T8685] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 225.429037][ T8685] ? find_held_lock+0x2b/0x80 [ 225.429061][ T8685] ? hook_file_ioctl_common+0x145/0x410 [ 225.429105][ T8685] ? __fget_files+0x20e/0x3c0 [ 225.429135][ T8685] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 225.429170][ T8685] __x64_sys_ioctl+0x18b/0x210 [ 225.429216][ T8685] do_syscall_64+0xcd/0xfa0 [ 225.429248][ T8685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.429273][ T8685] RIP: 0033:0x7fadd4d8eec9 [ 225.429295][ T8685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.429320][ T8685] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 225.429345][ T8685] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 225.429364][ T8685] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 225.429380][ T8685] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 225.429396][ T8685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.429413][ T8685] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 225.429449][ T8685] [ 226.444831][ T8691] netlink: 20 bytes leftover after parsing attributes in process `syz.0.808'. [ 226.955005][ T8713] FAULT_INJECTION: forcing a failure. [ 226.955005][ T8713] name failslab, interval 1, probability 0, space 0, times 0 [ 226.955046][ T8713] CPU: 1 UID: 0 PID: 8713 Comm: syz.3.818 Not tainted syzkaller #0 PREEMPT(full) [ 226.955073][ T8713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 226.955088][ T8713] Call Trace: [ 226.955096][ T8713] [ 226.955106][ T8713] dump_stack_lvl+0x16c/0x1f0 [ 226.955141][ T8713] should_fail_ex+0x512/0x640 [ 226.955171][ T8713] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 226.955204][ T8713] should_failslab+0xc2/0x120 [ 226.955239][ T8713] kmem_cache_alloc_noprof+0x75/0x6e0 [ 226.955266][ T8713] ? security_file_alloc+0x34/0x2b0 [ 226.955298][ T8713] ? security_file_alloc+0x34/0x2b0 [ 226.955320][ T8713] security_file_alloc+0x34/0x2b0 [ 226.955354][ T8713] init_file+0x93/0x4c0 [ 226.955393][ T8713] alloc_empty_file+0x73/0x1e0 [ 226.955436][ T8713] path_openat+0xda/0x2cb0 [ 226.955477][ T8713] ? __pfx_path_openat+0x10/0x10 [ 226.955517][ T8713] do_filp_open+0x20b/0x470 [ 226.955546][ T8713] ? __pfx_do_filp_open+0x10/0x10 [ 226.955597][ T8713] ? alloc_fd+0x471/0x7d0 [ 226.955632][ T8713] do_sys_openat2+0x11b/0x1d0 [ 226.955666][ T8713] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.955714][ T8713] __x64_sys_openat+0x174/0x210 [ 226.955748][ T8713] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.955798][ T8713] do_syscall_64+0xcd/0xfa0 [ 226.955825][ T8713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.955848][ T8713] RIP: 0033:0x7fadd4d8eec9 [ 226.955864][ T8713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.955887][ T8713] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.955915][ T8713] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 226.955931][ T8713] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 226.955944][ T8713] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 226.955956][ T8713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.955969][ T8713] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 226.956003][ T8713] [ 227.119438][ T8717] netlink: 186 bytes leftover after parsing attributes in process `syz.3.819'. [ 228.734453][ T8753] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 228.795208][ T8755] FAULT_INJECTION: forcing a failure. [ 228.795208][ T8755] name failslab, interval 1, probability 0, space 0, times 0 [ 228.809961][ T8755] CPU: 1 UID: 0 PID: 8755 Comm: syz.3.842 Not tainted syzkaller #0 PREEMPT(full) [ 228.809986][ T8755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 228.809995][ T8755] Call Trace: [ 228.810001][ T8755] [ 228.810007][ T8755] dump_stack_lvl+0x16c/0x1f0 [ 228.810029][ T8755] should_fail_ex+0x512/0x640 [ 228.810046][ T8755] ? fs_reclaim_acquire+0xae/0x150 [ 228.810066][ T8755] should_failslab+0xc2/0x120 [ 228.810086][ T8755] __kmalloc_cache_noprof+0x72/0x780 [ 228.810115][ T8755] ? tomoyo_find_next_domain+0x145/0x20b0 [ 228.810138][ T8755] ? tomoyo_find_next_domain+0x145/0x20b0 [ 228.810158][ T8755] tomoyo_find_next_domain+0x145/0x20b0 [ 228.810185][ T8755] ? __pfx_tomoyo_find_next_domain+0x10/0x10 [ 228.810211][ T8755] tomoyo_bprm_check_security+0x12e/0x1d0 [ 228.810228][ T8755] ? tomoyo_bprm_check_security+0x120/0x1d0 [ 228.810246][ T8755] security_bprm_check+0x1b9/0x1e0 [ 228.810264][ T8755] bprm_execve+0x81a/0x1640 [ 228.810281][ T8755] ? __pfx_bprm_execve+0x10/0x10 [ 228.810292][ T8755] ? copy_strings.isra.0+0x4a7/0x990 [ 228.810310][ T8755] do_execveat_common.isra.0+0x4a5/0x610 [ 228.810329][ T8755] __x64_sys_execve+0x8e/0xb0 [ 228.810343][ T8755] do_syscall_64+0xcd/0xfa0 [ 228.810360][ T8755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.810375][ T8755] RIP: 0033:0x7fadd4d8eec9 [ 228.810386][ T8755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.810406][ T8755] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 228.810420][ T8755] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 228.810429][ T8755] RDX: 0000200000000200 RSI: 00002000000000c0 RDI: 0000200000000040 [ 228.810438][ T8755] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 228.810447][ T8755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.810456][ T8755] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 228.810477][ T8755] [ 229.558186][ T8771] FAULT_INJECTION: forcing a failure. [ 229.558186][ T8771] name fail_futex, interval 1, probability 0, space 0, times 1 [ 229.693209][ T8771] CPU: 1 UID: 0 PID: 8771 Comm: syz.1.839 Not tainted syzkaller #0 PREEMPT(full) [ 229.693244][ T8771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 229.693258][ T8771] Call Trace: [ 229.693267][ T8771] [ 229.693275][ T8771] dump_stack_lvl+0x16c/0x1f0 [ 229.693307][ T8771] should_fail_ex+0x512/0x640 [ 229.693343][ T8771] get_futex_key+0x1d0/0x1560 [ 229.693375][ T8771] ? rcu_is_watching+0x12/0xc0 [ 229.693401][ T8771] ? __pfx_get_futex_key+0x10/0x10 [ 229.693425][ T8771] ? lockdep_hardirqs_on+0x7c/0x110 [ 229.693456][ T8771] ? kfree+0x2b8/0x6d0 [ 229.693488][ T8771] ? do_getxattr+0x1f7/0x360 [ 229.693516][ T8771] futex_wake+0xea/0x530 [ 229.693553][ T8771] ? do_getxattr+0x1f7/0x360 [ 229.693571][ T8771] ? do_getxattr+0x1fc/0x360 [ 229.693593][ T8771] ? __pfx_futex_wake+0x10/0x10 [ 229.693627][ T8771] ? path_getxattrat+0x139/0x2d0 [ 229.693654][ T8771] ? __pfx_path_getxattrat+0x10/0x10 [ 229.693687][ T8771] do_futex+0x1e3/0x350 [ 229.693721][ T8771] ? __pfx_do_futex+0x10/0x10 [ 229.693760][ T8771] __x64_sys_futex+0x1e0/0x4c0 [ 229.693807][ T8771] ? __pfx___x64_sys_futex+0x10/0x10 [ 229.693840][ T8771] ? xfd_validate_state+0x61/0x180 [ 229.693870][ T8771] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 229.693903][ T8771] do_syscall_64+0xcd/0xfa0 [ 229.693933][ T8771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.693959][ T8771] RIP: 0033:0x7fe7bcf8eec9 [ 229.693979][ T8771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.694002][ T8771] RSP: 002b:00007fe7bdd9d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 229.694027][ T8771] RAX: ffffffffffffffda RBX: 00007fe7bd1e5fa8 RCX: 00007fe7bcf8eec9 [ 229.694041][ T8771] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe7bd1e5fac [ 229.694055][ T8771] RBP: 00007fe7bd1e5fa0 R08: 00007fe7bdd9e000 R09: 0000000000000000 [ 229.694071][ T8771] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 229.694086][ T8771] R13: 00007fe7bd1e6038 R14: 00007fffd1b28f90 R15: 00007fffd1b29078 [ 229.694123][ T8771] [ 230.185026][ T8780] FAULT_INJECTION: forcing a failure. [ 230.185026][ T8780] name failslab, interval 1, probability 0, space 0, times 0 [ 230.198249][ T8780] CPU: 0 UID: 0 PID: 8780 Comm: syz.0.841 Not tainted syzkaller #0 PREEMPT(full) [ 230.198285][ T8780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 230.198302][ T8780] Call Trace: [ 230.198311][ T8780] [ 230.198322][ T8780] dump_stack_lvl+0x16c/0x1f0 [ 230.198357][ T8780] should_fail_ex+0x512/0x640 [ 230.198394][ T8780] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 230.198427][ T8780] should_failslab+0xc2/0x120 [ 230.198463][ T8780] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 230.198492][ T8780] ? alloc_inode+0x61/0x240 [ 230.198531][ T8780] ? __pfx_rpc_alloc_inode+0x10/0x10 [ 230.198569][ T8780] ? alloc_inode+0x61/0x240 [ 230.198599][ T8780] alloc_inode+0x61/0x240 [ 230.198632][ T8780] new_inode+0x22/0x1c0 [ 230.198668][ T8780] rpc_mkpipe_dentry+0x12f/0x560 [ 230.198714][ T8780] rpc_fill_super+0x3c6/0x4f0 [ 230.198753][ T8780] ? __pfx_rpc_fill_super+0x10/0x10 [ 230.198790][ T8780] get_tree_keyed+0x10e/0x1d0 [ 230.198819][ T8780] vfs_get_tree+0x8e/0x340 [ 230.198856][ T8780] vfs_cmd_create+0xd7/0x2a0 [ 230.198890][ T8780] __do_sys_fsconfig+0x7b8/0xbe0 [ 230.198927][ T8780] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 230.198986][ T8780] do_syscall_64+0xcd/0xfa0 [ 230.199019][ T8780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.199051][ T8780] RIP: 0033:0x7fef3258eec9 [ 230.199073][ T8780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.199099][ T8780] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 230.199124][ T8780] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 230.199142][ T8780] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 230.199158][ T8780] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 230.199173][ T8780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.199189][ T8780] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 230.199227][ T8780] [ 230.199468][ T8780] rpc_mkpipe_dentry() failed to create pipe clntXX/gssd (errno = -12) [ 230.607063][ T8787] random: crng reseeded on system resumption [ 230.623373][ T8786] netlink: 146 bytes leftover after parsing attributes in process `syz.3.844'. [ 232.159077][ T8808] netlink: 268 bytes leftover after parsing attributes in process `syz.3.850'. [ 234.928892][ T8846] netlink: 28 bytes leftover after parsing attributes in process `syz.0.863'. [ 235.594773][ T8857] netlink: 268 bytes leftover after parsing attributes in process `syz.0.866'. [ 236.035077][ T8866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.868'. [ 236.060907][ T8840] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 236.143958][ T8868] netlink: 'syz.0.868': attribute type 11 has an invalid length. [ 236.151838][ T8868] netlink: 'syz.0.868': attribute type 11 has an invalid length. [ 236.384188][ T8870] random: crng reseeded on system resumption [ 236.398896][ T8870] Restarting kernel threads ... [ 236.406981][ T8870] Done restarting kernel threads. [ 236.413431][ T8870] FAULT_INJECTION: forcing a failure. [ 236.413431][ T8870] name failslab, interval 1, probability 0, space 0, times 0 [ 236.426773][ T8870] CPU: 0 UID: 0 PID: 8870 Comm: syz.1.869 Not tainted syzkaller #0 PREEMPT(full) [ 236.426798][ T8870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 236.426807][ T8870] Call Trace: [ 236.426812][ T8870] [ 236.426818][ T8870] dump_stack_lvl+0x16c/0x1f0 [ 236.426839][ T8870] should_fail_ex+0x512/0x640 [ 236.426858][ T8870] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 236.426877][ T8870] should_failslab+0xc2/0x120 [ 236.426895][ T8870] __kvmalloc_node_noprof+0x141/0x9c0 [ 236.426913][ T8870] ? alloc_fdtable+0x17f/0x2d0 [ 236.426937][ T8870] ? alloc_fdtable+0x17f/0x2d0 [ 236.426957][ T8870] alloc_fdtable+0x17f/0x2d0 [ 236.426979][ T8870] dup_fd+0x83b/0xb90 [ 236.426998][ T8870] __do_sys_close_range+0x4ca/0x730 [ 236.427015][ T8870] ? __pfx___do_sys_close_range+0x10/0x10 [ 236.427036][ T8870] do_syscall_64+0xcd/0xfa0 [ 236.427053][ T8870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.427067][ T8870] RIP: 0033:0x7fe7bcf8eec9 [ 236.427079][ T8870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.427093][ T8870] RSP: 002b:00007fe7bdd9d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 236.427107][ T8870] RAX: ffffffffffffffda RBX: 00007fe7bd1e5fa0 RCX: 00007fe7bcf8eec9 [ 236.427116][ T8870] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 236.427125][ T8870] RBP: 00007fe7bd011f91 R08: 0000000000000000 R09: 0000000000000000 [ 236.427134][ T8870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.427142][ T8870] R13: 00007fe7bd1e6038 R14: 00007fe7bd1e5fa0 R15: 00007fffd1b29078 [ 236.427161][ T8870] [ 236.966606][ T8881] FAULT_INJECTION: forcing a failure. [ 236.966606][ T8881] name failslab, interval 1, probability 0, space 0, times 0 [ 236.983697][ T8881] CPU: 1 UID: 0 PID: 8881 Comm: syz.0.872 Not tainted syzkaller #0 PREEMPT(full) [ 236.983731][ T8881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 236.983746][ T8881] Call Trace: [ 236.983755][ T8881] [ 236.983765][ T8881] dump_stack_lvl+0x16c/0x1f0 [ 236.983800][ T8881] should_fail_ex+0x512/0x640 [ 236.983831][ T8881] ? __kmalloc_noprof+0xca/0x880 [ 236.983874][ T8881] should_failslab+0xc2/0x120 [ 236.983908][ T8881] __kmalloc_noprof+0xdd/0x880 [ 236.983944][ T8881] ? ima_eventdigest_init_common+0x154/0x430 [ 236.983973][ T8881] ? ima_write_template_field_data+0x5d/0x1f0 [ 236.984008][ T8881] ? ima_write_template_field_data+0x5d/0x1f0 [ 236.984035][ T8881] ima_write_template_field_data+0x5d/0x1f0 [ 236.984070][ T8881] ima_eventname_init_common+0x1b8/0x260 [ 236.984102][ T8881] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 236.984135][ T8881] ? __kmalloc_noprof+0x34f/0x880 [ 236.984171][ T8881] ? __pfx_prepend_path+0x10/0x10 [ 236.984204][ T8881] ? ima_alloc_init_template+0x19d/0x720 [ 236.984250][ T8881] ima_alloc_init_template+0x39d/0x720 [ 236.984296][ T8881] ima_store_measurement+0x1eb/0x5c0 [ 236.984337][ T8881] ? __pfx_ima_store_measurement+0x10/0x10 [ 236.984385][ T8881] ? vfs_getxattr_alloc+0xec/0x350 [ 236.984423][ T8881] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 236.984464][ T8881] process_measurement+0x1ddb/0x23e0 [ 236.984514][ T8881] ? __pfx_process_measurement+0x10/0x10 [ 236.984554][ T8881] ? __pfx___might_resched+0x10/0x10 [ 236.984587][ T8881] ? trace_contention_end+0xdd/0x130 [ 236.984623][ T8881] ? find_held_lock+0x2b/0x80 [ 236.984650][ T8881] ? tracing_buffers_open+0x280/0x360 [ 236.984723][ T8881] ? inode_to_bdi+0x9e/0x160 [ 236.984759][ T8881] ima_file_check+0xc5/0x110 [ 236.984793][ T8881] ? __pfx_ima_file_check+0x10/0x10 [ 236.984836][ T8881] security_file_post_open+0x8e/0x210 [ 236.984877][ T8881] path_openat+0x1404/0x2cb0 [ 236.984923][ T8881] ? __pfx_path_openat+0x10/0x10 [ 236.984962][ T8881] do_filp_open+0x20b/0x470 [ 236.984992][ T8881] ? __pfx_do_filp_open+0x10/0x10 [ 236.985052][ T8881] ? alloc_fd+0x471/0x7d0 [ 236.985089][ T8881] do_sys_openat2+0x11b/0x1d0 [ 236.985124][ T8881] ? __pfx_do_sys_openat2+0x10/0x10 [ 236.985175][ T8881] __x64_sys_openat+0x174/0x210 [ 236.985211][ T8881] ? __pfx___x64_sys_openat+0x10/0x10 [ 236.985264][ T8881] do_syscall_64+0xcd/0xfa0 [ 236.985296][ T8881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.985322][ T8881] RIP: 0033:0x7fef3258eec9 [ 236.985345][ T8881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.985378][ T8881] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 236.985404][ T8881] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 236.985421][ T8881] RDX: 0000000000000600 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 236.985439][ T8881] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 236.985455][ T8881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.985470][ T8881] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 236.985513][ T8881] [ 236.986725][ T30] audit: type=1804 audit(1759912601.715:5): pid=8881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.872" name="/newroot/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw" dev="tracefs" ino=1172 res=0 errno=0 [ 237.596270][ T8894] netlink: 'syz.1.873': attribute type 11 has an invalid length. [ 237.604235][ T8894] netlink: 'syz.1.873': attribute type 11 has an invalid length. [ 238.048506][ T8903] netlink: 350 bytes leftover after parsing attributes in process `syz.3.874'. [ 238.848244][ T8921] netlink: 'syz.2.876': attribute type 11 has an invalid length. [ 238.894526][ T8921] netlink: 'syz.2.876': attribute type 11 has an invalid length. [ 238.945465][ T5888] Process accounting resumed [ 239.916388][ T8927] FAULT_INJECTION: forcing a failure. [ 239.916388][ T8927] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 239.937678][ T8936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.883'. [ 239.973190][ T8936] vivid-007: ================= START STATUS ================= [ 239.981346][ T8936] vivid-007: Generate PTS: true [ 239.996076][ T8936] vivid-007: Generate SCR: true [ 240.001058][ T8936] tpg source WxH: 320x240 (Y'CbCr) [ 240.015511][ T8936] tpg field: 1 [ 240.023722][ T8927] CPU: 0 UID: 0 PID: 8927 Comm: syz.3.881 Not tainted syzkaller #0 PREEMPT(full) [ 240.023759][ T8927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 240.023774][ T8927] Call Trace: [ 240.023784][ T8927] [ 240.023794][ T8927] dump_stack_lvl+0x16c/0x1f0 [ 240.023829][ T8927] should_fail_ex+0x512/0x640 [ 240.023867][ T8927] should_fail_alloc_page+0xe7/0x130 [ 240.023903][ T8927] prepare_alloc_pages+0x3c2/0x610 [ 240.023936][ T8927] ? rcu_is_watching+0x12/0xc0 [ 240.023968][ T8927] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 240.023997][ T8927] ? xas_alloc+0x34f/0x460 [ 240.024037][ T8927] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 240.024096][ T8927] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 240.024144][ T8927] ? policy_nodemask+0xea/0x4e0 [ 240.024181][ T8927] alloc_pages_mpol+0x1fb/0x550 [ 240.024213][ T8927] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 240.024248][ T8927] ? find_held_lock+0x2b/0x80 [ 240.024281][ T8927] alloc_pages_noprof+0x131/0x390 [ 240.024315][ T8927] brd_submit_bio+0x11ce/0x2490 [ 240.024361][ T8927] ? __pfx_brd_submit_bio+0x10/0x10 [ 240.024401][ T8927] ? submit_bio_noacct_nocheck+0x75c/0xc10 [ 240.024441][ T8927] ? blk_try_enter_queue+0x1c6/0x4e0 [ 240.024478][ T8927] __submit_bio+0x301/0x690 [ 240.024513][ T8927] ? __pfx___submit_bio+0x10/0x10 [ 240.024555][ T8927] ? __pfx_blk_cgroup_bio_start+0x10/0x10 [ 240.024589][ T8927] ? submit_bio_noacct_nocheck+0x75c/0xc10 [ 240.024626][ T8927] submit_bio_noacct_nocheck+0x75c/0xc10 [ 240.024665][ T8927] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 240.024706][ T8927] ? __pfx___might_resched+0x10/0x10 [ 240.024740][ T8927] submit_bio_noacct+0xbbb/0x1f60 [ 240.024786][ T8927] blkdev_direct_IO+0x1585/0x2100 [ 240.024835][ T8927] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 240.024867][ T8927] ? filemap_check_errors+0xa9/0x160 [ 240.024908][ T8927] blkdev_write_iter+0x703/0xe00 [ 240.024938][ T8927] vfs_write+0x7d3/0x11d0 [ 240.024966][ T8927] ? __pfx_blkdev_write_iter+0x10/0x10 [ 240.024996][ T8927] ? __pfx_vfs_write+0x10/0x10 [ 240.025019][ T8927] ? find_held_lock+0x2b/0x80 [ 240.025075][ T8927] ksys_write+0x12a/0x250 [ 240.025110][ T8927] ? __pfx_ksys_write+0x10/0x10 [ 240.025147][ T8927] do_syscall_64+0xcd/0xfa0 [ 240.025177][ T8927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.025204][ T8927] RIP: 0033:0x7fadd4d8eec9 [ 240.025225][ T8927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.025250][ T8927] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 240.025275][ T8927] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 240.025294][ T8927] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 240.025309][ T8927] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 240.025326][ T8927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.025341][ T8927] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 240.025378][ T8927] [ 240.026381][ T8936] tpg crop: (0,0)/320x240 [ 240.360245][ T8936] tpg compose: (0,0)/320x240 [ 240.381150][ T8936] tpg colorspace: 8 [ 240.389793][ T8936] tpg transfer function: 0/0 [ 240.401496][ T8936] tpg Y'CbCr encoding: 0/0 [ 240.406101][ T8936] tpg quantization: 0/0 [ 240.410346][ T8936] tpg RGB range: 0/2 [ 240.415836][ T8936] vivid-007: ================== END STATUS ================== [ 240.529986][ T8927] Process accounting resumed [ 241.392590][ T8955] netlink: 'syz.0.887': attribute type 11 has an invalid length. [ 241.400433][ T8955] netlink: 'syz.0.887': attribute type 11 has an invalid length. [ 242.677959][ T8977] db_root: not a directory: /dev/audio1 [ 242.752517][ T30] audit: type=1800 audit(1759912607.395:6): pid=8977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.889" name="dbroot" dev="configfs" ino=25592 res=0 errno=0 [ 243.314976][ T8985] netlink: 268 bytes leftover after parsing attributes in process `syz.0.891'. [ 243.850174][ T8997] netlink: 'syz.0.894': attribute type 11 has an invalid length. [ 243.858103][ T8997] netlink: 'syz.0.894': attribute type 11 has an invalid length. [ 244.149128][ T8999] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 245.249479][ T9027] netlink: 'syz.0.898': attribute type 11 has an invalid length. [ 245.259235][ T9027] netlink: 'syz.0.898': attribute type 11 has an invalid length. [ 246.875849][ T9058] netlink: 'syz.0.905': attribute type 11 has an invalid length. [ 246.893022][ T9058] netlink: 'syz.0.905': attribute type 11 has an invalid length. [ 247.216597][ T9066] __vm_enough_memory: pid: 9066, comm: syz.0.906, bytes: 4398046511104 not enough memory for the allocation [ 247.416929][ T142] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.498306][ T30] audit: type=1804 audit(1759912612.225:7): pid=9069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.907" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 247.543443][ T9057] netlink: 268 bytes leftover after parsing attributes in process `syz.2.903'. [ 250.922432][ T9117] FAULT_INJECTION: forcing a failure. [ 250.922432][ T9117] name failslab, interval 1, probability 0, space 0, times 0 [ 250.935290][ T9117] CPU: 0 UID: 0 PID: 9117 Comm: syz.3.917 Not tainted syzkaller #0 PREEMPT(full) [ 250.935326][ T9117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 250.935343][ T9117] Call Trace: [ 250.935351][ T9117] [ 250.935361][ T9117] dump_stack_lvl+0x16c/0x1f0 [ 250.935394][ T9117] should_fail_ex+0x512/0x640 [ 250.935423][ T9117] ? fs_reclaim_acquire+0xae/0x150 [ 250.935459][ T9117] should_failslab+0xc2/0x120 [ 250.935492][ T9117] kmem_cache_alloc_noprof+0x75/0x6e0 [ 250.935516][ T9117] ? __pfx_map_id_range_down+0x10/0x10 [ 250.935552][ T9117] ? security_inode_alloc+0x3b/0x2b0 [ 250.935591][ T9117] ? security_inode_alloc+0x3b/0x2b0 [ 250.935622][ T9117] security_inode_alloc+0x3b/0x2b0 [ 250.935656][ T9117] inode_init_always_gfp+0xce4/0x1030 [ 250.935690][ T9117] alloc_inode+0x86/0x240 [ 250.935721][ T9117] new_inode+0x22/0x1c0 [ 250.935755][ T9117] rpc_new_file+0xaa/0x430 [ 250.935789][ T9117] ? rpc_new_dir+0x2d7/0x440 [ 250.935826][ T9117] ? d_instantiate+0x77/0x90 [ 250.935859][ T9117] rpc_fill_super+0x386/0x4f0 [ 250.935908][ T9117] ? __pfx_rpc_fill_super+0x10/0x10 [ 250.935945][ T9117] get_tree_keyed+0x10e/0x1d0 [ 250.935974][ T9117] vfs_get_tree+0x8e/0x340 [ 250.936009][ T9117] vfs_cmd_create+0xd7/0x2a0 [ 250.936038][ T9117] __do_sys_fsconfig+0x7b8/0xbe0 [ 250.936078][ T9117] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 250.936129][ T9117] do_syscall_64+0xcd/0xfa0 [ 250.936161][ T9117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.936187][ T9117] RIP: 0033:0x7fadd4d8eec9 [ 250.936210][ T9117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.936235][ T9117] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 250.936261][ T9117] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 250.936279][ T9117] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 250.936295][ T9117] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 250.936311][ T9117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.936326][ T9117] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 250.936365][ T9117] [ 251.521740][ T9118] random: crng reseeded on system resumption [ 252.040227][ T9137] netlink: 504 bytes leftover after parsing attributes in process `syz.0.927'. [ 252.057095][ T9137] netlink: 504 bytes leftover after parsing attributes in process `syz.0.927'. [ 252.394209][ T9150] netlink: 8 bytes leftover after parsing attributes in process `syz.0.922'. [ 252.505586][ T9150] Invalid ELF header magic: != ELF [ 252.615280][ T9148] netlink: 268 bytes leftover after parsing attributes in process `syz.3.920'. [ 252.675490][ T9149] delete_channel: no stack [ 254.651469][ T9176] netlink: 146 bytes leftover after parsing attributes in process `syz.2.930'. [ 254.965903][ T9180] netlink: 'syz.3.931': attribute type 11 has an invalid length. [ 254.979704][ T9180] netlink: 'syz.3.931': attribute type 11 has an invalid length. [ 255.952263][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.958618][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.401020][ T5841] Process accounting resumed [ 256.496605][ T9202] FAULT_INJECTION: forcing a failure. [ 256.496605][ T9202] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 256.513731][ T9202] CPU: 0 UID: 0 PID: 9202 Comm: syz.0.935 Not tainted syzkaller #0 PREEMPT(full) [ 256.513766][ T9202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 256.513781][ T9202] Call Trace: [ 256.513788][ T9202] [ 256.513797][ T9202] dump_stack_lvl+0x16c/0x1f0 [ 256.513829][ T9202] should_fail_ex+0x512/0x640 [ 256.513862][ T9202] should_fail_alloc_page+0xe7/0x130 [ 256.513896][ T9202] prepare_alloc_pages+0x3c2/0x610 [ 256.513927][ T9202] ? rcu_is_watching+0x12/0xc0 [ 256.513959][ T9202] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 256.513988][ T9202] ? xas_alloc+0x34f/0x460 [ 256.514029][ T9202] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 256.514060][ T9202] ? sanity_check_pinned_pages+0x23/0x11d0 [ 256.514111][ T9202] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 256.514153][ T9202] ? policy_nodemask+0xea/0x4e0 [ 256.514189][ T9202] alloc_pages_mpol+0x1fb/0x550 [ 256.514221][ T9202] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 256.514255][ T9202] ? find_held_lock+0x2b/0x80 [ 256.514287][ T9202] alloc_pages_noprof+0x131/0x390 [ 256.514321][ T9202] brd_submit_bio+0x11ce/0x2490 [ 256.514379][ T9202] ? __pfx_brd_submit_bio+0x10/0x10 [ 256.514420][ T9202] ? submit_bio_noacct_nocheck+0x75c/0xc10 [ 256.514462][ T9202] ? blk_try_enter_queue+0x1c6/0x4e0 [ 256.514505][ T9202] __submit_bio+0x301/0x690 [ 256.514544][ T9202] ? __pfx___submit_bio+0x10/0x10 [ 256.514592][ T9202] ? __pfx_blk_cgroup_bio_start+0x10/0x10 [ 256.514626][ T9202] ? submit_bio_noacct_nocheck+0x75c/0xc10 [ 256.514666][ T9202] submit_bio_noacct_nocheck+0x75c/0xc10 [ 256.514710][ T9202] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 256.514755][ T9202] ? __pfx___might_resched+0x10/0x10 [ 256.514789][ T9202] submit_bio_noacct+0xbbb/0x1f60 [ 256.514836][ T9202] blkdev_direct_IO+0x1585/0x2100 [ 256.514879][ T9202] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 256.514911][ T9202] ? filemap_check_errors+0xa9/0x160 [ 256.514954][ T9202] blkdev_write_iter+0x703/0xe00 [ 256.514988][ T9202] vfs_write+0x7d3/0x11d0 [ 256.515017][ T9202] ? __pfx_blkdev_write_iter+0x10/0x10 [ 256.515048][ T9202] ? __pfx_vfs_write+0x10/0x10 [ 256.515071][ T9202] ? find_held_lock+0x2b/0x80 [ 256.515120][ T9202] ksys_write+0x12a/0x250 [ 256.515147][ T9202] ? __pfx_ksys_write+0x10/0x10 [ 256.515184][ T9202] do_syscall_64+0xcd/0xfa0 [ 256.515216][ T9202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.515243][ T9202] RIP: 0033:0x7fef3258eec9 [ 256.515266][ T9202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.515291][ T9202] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 256.515317][ T9202] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 256.515334][ T9202] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 256.515350][ T9202] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 256.515366][ T9202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.515390][ T9202] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 256.515428][ T9202] [ 256.824833][ C0] vkms_vblank_simulate: vblank timer overrun [ 256.874856][ T9201] Process accounting resumed [ 257.005840][ T9208] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 257.160825][ T30] audit: type=1804 audit(1759930965.751:8): pid=9208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.938" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 258.071335][ T9230] FAULT_INJECTION: forcing a failure. [ 258.071335][ T9230] name failslab, interval 1, probability 0, space 0, times 0 [ 258.095866][ T9230] CPU: 1 UID: 0 PID: 9230 Comm: syz.2.943 Not tainted syzkaller #0 PREEMPT(full) [ 258.095903][ T9230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 258.095919][ T9230] Call Trace: [ 258.095928][ T9230] [ 258.095939][ T9230] dump_stack_lvl+0x16c/0x1f0 [ 258.095974][ T9230] should_fail_ex+0x512/0x640 [ 258.096006][ T9230] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 258.096035][ T9230] should_failslab+0xc2/0x120 [ 258.096068][ T9230] kmem_cache_alloc_noprof+0x75/0x6e0 [ 258.096095][ T9230] ? __proc_create+0x2ce/0x8e0 [ 258.096136][ T9230] ? __proc_create+0x2ce/0x8e0 [ 258.096168][ T9230] __proc_create+0x2ce/0x8e0 [ 258.096204][ T9230] ? __pfx___proc_create+0x10/0x10 [ 258.096252][ T9230] proc_mkdir+0x81/0x170 [ 258.096288][ T9230] ? __pfx_proc_mkdir+0x10/0x10 [ 258.096325][ T9230] ? cache_register_net+0x137/0x5e0 [ 258.096363][ T9230] cache_register_net+0x18f/0x5e0 [ 258.096398][ T9230] ip_map_cache_create+0x8b/0x130 [ 258.096429][ T9230] ? __pfx_sunrpc_init_net+0x10/0x10 [ 258.096453][ T9230] sunrpc_init_net+0x55/0x190 [ 258.096486][ T9230] ops_init+0x1df/0x5f0 [ 258.096522][ T9230] setup_net+0x100/0x390 [ 258.096554][ T9230] ? __pfx_setup_net+0x10/0x10 [ 258.096586][ T9230] ? debug_mutex_init+0x37/0x70 [ 258.096618][ T9230] copy_net_ns+0x2f8/0x690 [ 258.096655][ T9230] create_new_namespaces+0x3ea/0xa90 [ 258.096695][ T9230] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 258.096728][ T9230] ksys_unshare+0x45b/0xa40 [ 258.096763][ T9230] ? __pfx_ksys_unshare+0x10/0x10 [ 258.096798][ T9230] ? xfd_validate_state+0x61/0x180 [ 258.096850][ T9230] __x64_sys_unshare+0x31/0x40 [ 258.096888][ T9230] do_syscall_64+0xcd/0xfa0 [ 258.096921][ T9230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.096947][ T9230] RIP: 0033:0x7f966bd8eec9 [ 258.096969][ T9230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.096997][ T9230] RSP: 002b:00007f966ccbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 258.097023][ T9230] RAX: ffffffffffffffda RBX: 00007f966bfe6090 RCX: 00007f966bd8eec9 [ 258.097041][ T9230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 258.097061][ T9230] RBP: 00007f966be11f91 R08: 0000000000000000 R09: 0000000000000000 [ 258.097078][ T9230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 258.097094][ T9230] R13: 00007f966bfe6128 R14: 00007f966bfe6090 R15: 00007ffdb851e468 [ 258.097130][ T9230] [ 258.705560][ T9239] bond0: invalid ARP target specified [ 262.405158][ T9280] kexec: Could not allocate control_code_buffer [ 263.224698][ T9305] netlink: 8 bytes leftover after parsing attributes in process `syz.1.961'. [ 263.633889][ T9305] Invalid ELF header magic: != ELF [ 263.714833][ T9304] delete_channel: no stack [ 264.074785][ T9318] FAULT_INJECTION: forcing a failure. [ 264.074785][ T9318] name failslab, interval 1, probability 0, space 0, times 0 [ 264.114271][ T9318] CPU: 1 UID: 0 PID: 9318 Comm: syz.2.964 Not tainted syzkaller #0 PREEMPT(full) [ 264.114307][ T9318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 264.114324][ T9318] Call Trace: [ 264.114332][ T9318] [ 264.114347][ T9318] dump_stack_lvl+0x16c/0x1f0 [ 264.114385][ T9318] should_fail_ex+0x512/0x640 [ 264.114416][ T9318] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 264.114447][ T9318] should_failslab+0xc2/0x120 [ 264.114479][ T9318] kmem_cache_alloc_noprof+0x75/0x6e0 [ 264.114506][ T9318] ? proc_reg_open+0x23f/0x5f0 [ 264.114543][ T9318] ? proc_reg_open+0x23f/0x5f0 [ 264.114573][ T9318] proc_reg_open+0x23f/0x5f0 [ 264.114607][ T9318] do_dentry_open+0x982/0x1530 [ 264.114636][ T9318] ? __pfx_proc_reg_open+0x10/0x10 [ 264.114673][ T9318] vfs_open+0x82/0x3f0 [ 264.114712][ T9318] path_openat+0x1de4/0x2cb0 [ 264.114751][ T9318] ? __pfx_path_openat+0x10/0x10 [ 264.114797][ T9318] do_filp_open+0x20b/0x470 [ 264.114830][ T9318] ? __pfx_do_filp_open+0x10/0x10 [ 264.114884][ T9318] ? alloc_fd+0x471/0x7d0 [ 264.114918][ T9318] do_sys_openat2+0x11b/0x1d0 [ 264.114953][ T9318] ? __pfx_do_sys_openat2+0x10/0x10 [ 264.115002][ T9318] __x64_sys_openat+0x174/0x210 [ 264.115038][ T9318] ? __pfx___x64_sys_openat+0x10/0x10 [ 264.115088][ T9318] do_syscall_64+0xcd/0xfa0 [ 264.115119][ T9318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.115145][ T9318] RIP: 0033:0x7f966bd8eec9 [ 264.115167][ T9318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 264.115192][ T9318] RSP: 002b:00007f966ccbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 264.115221][ T9318] RAX: ffffffffffffffda RBX: 00007f966bfe6090 RCX: 00007f966bd8eec9 [ 264.115239][ T9318] RDX: 00000000001c9802 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 264.115256][ T9318] RBP: 00007f966be11f91 R08: 0000000000000000 R09: 0000000000000000 [ 264.115272][ T9318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.115287][ T9318] R13: 00007f966bfe6128 R14: 00007f966bfe6090 R15: 00007ffdb851e468 [ 264.115324][ T9318] [ 265.002324][ T30] audit: type=1800 audit(1759930973.721:9): pid=9334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.967" name="discovery_nqn" dev="configfs" ino=28049 res=0 errno=0 [ 266.040900][ T9347] netlink: 268 bytes leftover after parsing attributes in process `syz.3.972'. [ 267.506142][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.974'. [ 268.013313][ T9365] Invalid ELF header magic: != ELF [ 268.060679][ T9362] delete_channel: no stack [ 268.378939][ T9385] syz.2.978 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 268.858491][ T9400] netlink: 'syz.1.980': attribute type 11 has an invalid length. [ 268.884993][ T9400] netlink: 'syz.1.980': attribute type 11 has an invalid length. [ 268.914929][ T9401] ICMPv6: process `syz.3.984' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 269.404798][ T9398] netlink: 268 bytes leftover after parsing attributes in process `syz.2.982'. [ 270.370684][ T9424] FAULT_INJECTION: forcing a failure. [ 270.370684][ T9424] name failslab, interval 1, probability 0, space 0, times 0 [ 270.388776][ T9424] CPU: 0 UID: 0 PID: 9424 Comm: syz.0.989 Not tainted syzkaller #0 PREEMPT(full) [ 270.388802][ T9424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 270.388811][ T9424] Call Trace: [ 270.388817][ T9424] [ 270.388823][ T9424] dump_stack_lvl+0x16c/0x1f0 [ 270.388849][ T9424] should_fail_ex+0x512/0x640 [ 270.388867][ T9424] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 270.388884][ T9424] should_failslab+0xc2/0x120 [ 270.388904][ T9424] kmem_cache_alloc_noprof+0x75/0x6e0 [ 270.388918][ T9424] ? mas_preallocate+0xe6a/0x11f0 [ 270.388938][ T9424] ? mas_preallocate+0xe6a/0x11f0 [ 270.388952][ T9424] mas_preallocate+0xe6a/0x11f0 [ 270.388987][ T9424] ? __pfx_mas_preallocate+0x10/0x10 [ 270.389009][ T9424] ? vm_area_alloc+0x1f/0x160 [ 270.389036][ T9424] ? lockdep_init_map_type+0x5c/0x280 [ 270.389063][ T9424] __mmap_region+0x117f/0x27a0 [ 270.389080][ T9424] ? __pfx___mmap_region+0x10/0x10 [ 270.389092][ T9424] ? finish_task_switch.isra.0+0x21c/0xc10 [ 270.389108][ T9424] ? rcu_is_watching+0x12/0xc0 [ 270.389124][ T9424] ? finish_task_switch.isra.0+0x221/0xc10 [ 270.389140][ T9424] ? lockdep_hardirqs_on+0x7c/0x110 [ 270.389155][ T9424] ? finish_task_switch.isra.0+0x221/0xc10 [ 270.389186][ T9424] ? __pfx___schedule+0x10/0x10 [ 270.389222][ T9424] ? trace_cap_capable+0x18d/0x200 [ 270.389247][ T9424] mmap_region+0x1ab/0x3f0 [ 270.389260][ T9424] ? __get_unmapped_area+0x267/0x440 [ 270.389279][ T9424] do_mmap+0xa3e/0x1210 [ 270.389299][ T9424] ? __pfx_do_mmap+0x10/0x10 [ 270.389316][ T9424] ? __pfx_down_write_killable+0x10/0x10 [ 270.389334][ T9424] ? kmem_cache_free+0x2d4/0x6c0 [ 270.389351][ T9424] vm_mmap_pgoff+0x29e/0x470 [ 270.389378][ T9424] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 270.389402][ T9424] ? __x64_sys_futex+0x1e0/0x4c0 [ 270.389421][ T9424] ? __x64_sys_futex+0x1e9/0x4c0 [ 270.389442][ T9424] ksys_mmap_pgoff+0x7d/0x5c0 [ 270.389459][ T9424] ? xfd_validate_state+0x61/0x180 [ 270.389482][ T9424] __x64_sys_mmap+0x125/0x190 [ 270.389504][ T9424] do_syscall_64+0xcd/0xfa0 [ 270.389521][ T9424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.389535][ T9424] RIP: 0033:0x7fef3258eec9 [ 270.389548][ T9424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.389561][ T9424] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 270.389575][ T9424] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 270.389585][ T9424] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 270.389594][ T9424] RBP: 00007fef32611f91 R08: 0000000000000401 R09: 0000000000008000 [ 270.389603][ T9424] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 270.389612][ T9424] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 270.389634][ T9424] [ 270.690226][ T9425] input: 00 [ 270.690226][ T9425] as /devices/virtual/input/input6 [ 270.699438][ T9425] FAULT_INJECTION: forcing a failure. [ 270.699438][ T9425] name failslab, interval 1, probability 0, space 0, times 0 [ 270.712705][ T9425] CPU: 0 UID: 0 PID: 9425 Comm: syz.3.988 Not tainted syzkaller #0 PREEMPT(full) [ 270.712727][ T9425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 270.712735][ T9425] Call Trace: [ 270.712742][ T9425] [ 270.712748][ T9425] dump_stack_lvl+0x16c/0x1f0 [ 270.712770][ T9425] should_fail_ex+0x512/0x640 [ 270.712787][ T9425] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 270.712804][ T9425] should_failslab+0xc2/0x120 [ 270.712822][ T9425] kmem_cache_alloc_noprof+0x75/0x6e0 [ 270.712836][ T9425] ? __kernfs_new_node+0xd2/0x8e0 [ 270.712856][ T9425] ? __kernfs_new_node+0xd2/0x8e0 [ 270.712872][ T9425] __kernfs_new_node+0xd2/0x8e0 [ 270.712892][ T9425] ? __pfx___kernfs_new_node+0x10/0x10 [ 270.712913][ T9425] ? find_held_lock+0x2b/0x80 [ 270.712933][ T9425] ? kernfs_root+0xee/0x2a0 [ 270.712961][ T9425] kernfs_new_node+0x13c/0x1e0 [ 270.712985][ T9425] __kernfs_create_file+0x53/0x350 [ 270.713002][ T9425] sysfs_add_file_mode_ns+0x207/0x3c0 [ 270.713024][ T9425] sysfs_merge_group+0x1aa/0x340 [ 270.713044][ T9425] ? __pfx_sysfs_merge_group+0x10/0x10 [ 270.713064][ T9425] ? __pfx_dev_add_physical_location+0x10/0x10 [ 270.713083][ T9425] ? bus_to_subsys+0x131/0x160 [ 270.713110][ T9425] dpm_sysfs_add+0x237/0x280 [ 270.713129][ T9425] device_add+0x9a6/0x1aa0 [ 270.713148][ T9425] ? __pfx_device_add+0x10/0x10 [ 270.713165][ T9425] ? __pfx_exact_lock+0x10/0x10 [ 270.713184][ T9425] ? kobject_get+0xbb/0x150 [ 270.713202][ T9425] cdev_device_add+0xc2/0x1e0 [ 270.713219][ T9425] evdev_connect+0x3a4/0x4c0 [ 270.713240][ T9425] input_attach_handler.isra.0+0x173/0x250 [ 270.713260][ T9425] input_register_device+0xab9/0x1180 [ 270.713282][ T9425] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 270.713298][ T9425] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 270.713317][ T9425] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 270.713336][ T9425] ? find_held_lock+0x2b/0x80 [ 270.713360][ T9425] ? __pfx_uinput_ioctl+0x10/0x10 [ 270.713375][ T9425] __x64_sys_ioctl+0x18b/0x210 [ 270.713396][ T9425] do_syscall_64+0xcd/0xfa0 [ 270.713413][ T9425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.713427][ T9425] RIP: 0033:0x7fadd4d8eec9 [ 270.713439][ T9425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.713454][ T9425] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 270.713468][ T9425] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 270.713477][ T9425] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006 [ 270.713486][ T9425] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 270.713494][ T9425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.713502][ T9425] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 270.713532][ T9425] [ 271.135354][ T9425] input: failed to attach handler evdev to device input6, error: -12 [ 271.256292][ T9426] Process accounting paused [ 271.509018][ T9437] netlink: 'syz.0.994': attribute type 11 has an invalid length. [ 271.525707][ T9437] netlink: 'syz.0.994': attribute type 11 has an invalid length. [ 274.039476][ T9480] netlink: 'syz.0.1003': attribute type 11 has an invalid length. [ 274.049716][ T9480] netlink: 'syz.0.1003': attribute type 11 has an invalid length. [ 275.084657][ T9502] netlink: 'syz.0.1011': attribute type 11 has an invalid length. [ 275.092666][ T9502] netlink: 'syz.0.1011': attribute type 11 has an invalid length. [ 276.251269][ T9519] netlink: 'syz.0.1015': attribute type 11 has an invalid length. [ 276.266023][ T9519] netlink: 'syz.0.1015': attribute type 11 has an invalid length. [ 277.091712][ T9540] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1019'. [ 278.471650][ T9555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1023'. [ 278.752497][ T9558] ICMPv6: process `syz.1.1024' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 278.869289][ T9560] netlink: 'syz.3.1025': attribute type 11 has an invalid length. [ 278.923910][ T9560] netlink: 'syz.3.1025': attribute type 11 has an invalid length. [ 279.574204][ T9569] FAULT_INJECTION: forcing a failure. [ 279.574204][ T9569] name failslab, interval 1, probability 0, space 0, times 0 [ 280.182050][ T9569] CPU: 0 UID: 0 PID: 9569 Comm: syz.3.1026 Not tainted syzkaller #0 PREEMPT(full) [ 280.182082][ T9569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 280.182098][ T9569] Call Trace: [ 280.182108][ T9569] [ 280.182119][ T9569] dump_stack_lvl+0x16c/0x1f0 [ 280.182155][ T9569] should_fail_ex+0x512/0x640 [ 280.182180][ T9569] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 280.182208][ T9569] should_failslab+0xc2/0x120 [ 280.182237][ T9569] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 280.182268][ T9569] ? rcu_is_watching+0x12/0xc0 [ 280.182297][ T9569] ? shmem_alloc_inode+0x25/0x50 [ 280.182335][ T9569] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 280.182364][ T9569] ? shmem_alloc_inode+0x25/0x50 [ 280.182393][ T9569] shmem_alloc_inode+0x25/0x50 [ 280.182423][ T9569] alloc_inode+0x61/0x240 [ 280.182456][ T9569] new_inode+0x22/0x1c0 [ 280.182485][ T9569] ? trace_cap_capable+0x18d/0x200 [ 280.182521][ T9569] shmem_get_inode+0x19a/0xfb0 [ 280.182556][ T9569] ? __vm_enough_memory+0x184/0x3f0 [ 280.182591][ T9569] __shmem_file_setup+0x279/0x330 [ 280.182632][ T9569] shmem_zero_setup+0x93/0x1a0 [ 280.182661][ T9569] __mmap_region+0x2076/0x27a0 [ 280.182693][ T9569] ? __pfx___mmap_region+0x10/0x10 [ 280.182716][ T9569] ? finish_task_switch.isra.0+0x21c/0xc10 [ 280.182745][ T9569] ? rcu_is_watching+0x12/0xc0 [ 280.182771][ T9569] ? finish_task_switch.isra.0+0x221/0xc10 [ 280.182797][ T9569] ? lockdep_hardirqs_on+0x7c/0x110 [ 280.182825][ T9569] ? finish_task_switch.isra.0+0x221/0xc10 [ 280.182885][ T9569] ? __pfx___schedule+0x10/0x10 [ 280.182952][ T9569] ? trace_cap_capable+0x18d/0x200 [ 280.182996][ T9569] mmap_region+0x1ab/0x3f0 [ 280.183021][ T9569] ? __get_unmapped_area+0x267/0x440 [ 280.183055][ T9569] do_mmap+0xa3e/0x1210 [ 280.183093][ T9569] ? __pfx_do_mmap+0x10/0x10 [ 280.183124][ T9569] ? __pfx_down_write_killable+0x10/0x10 [ 280.183154][ T9569] ? kmem_cache_free+0x2d4/0x6c0 [ 280.183186][ T9569] vm_mmap_pgoff+0x29e/0x470 [ 280.183224][ T9569] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 280.183270][ T9569] ? __x64_sys_futex+0x1e0/0x4c0 [ 280.183303][ T9569] ? __x64_sys_futex+0x1e9/0x4c0 [ 280.183342][ T9569] ksys_mmap_pgoff+0x7d/0x5c0 [ 280.183373][ T9569] ? xfd_validate_state+0x61/0x180 [ 280.183414][ T9569] __x64_sys_mmap+0x125/0x190 [ 280.183454][ T9569] do_syscall_64+0xcd/0xfa0 [ 280.183485][ T9569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.183514][ T9569] RIP: 0033:0x7fadd4d8eec9 [ 280.183534][ T9569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.183557][ T9569] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 280.183579][ T9569] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 280.183594][ T9569] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 280.183608][ T9569] RBP: 00007fadd4e11f91 R08: 0000000000000401 R09: 0000000000008000 [ 280.183620][ T9569] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 280.183633][ T9569] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 280.183665][ T9569] [ 280.657831][ T9566] kexec: Could not allocate control_code_buffer [ 281.208860][ T9583] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1031'. [ 281.414677][ T9598] netlink: 'syz.1.1031': attribute type 1 has an invalid length. [ 281.422455][ T9598] netlink: 'syz.1.1031': attribute type 2 has an invalid length. [ 281.473810][ T9598] netlink: 'syz.1.1031': attribute type 7 has an invalid length. [ 281.546552][ T9598] netlink: 274 bytes leftover after parsing attributes in process `syz.1.1031'. [ 281.722799][ T9603] netlink: 'syz.0.1035': attribute type 11 has an invalid length. [ 281.730913][ T9603] netlink: 'syz.0.1035': attribute type 11 has an invalid length. [ 283.559437][ T9641] random: crng reseeded on system resumption [ 284.160962][ T9648] netlink: 'syz.0.1051': attribute type 11 has an invalid length. [ 284.169110][ T9648] netlink: 'syz.0.1051': attribute type 11 has an invalid length. [ 284.260270][ T9652] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 284.431022][ T9657] netlink: set zone limit has 8 unknown bytes [ 284.448310][ T9657] netlink: zone id is out of range [ 284.453485][ T9657] netlink: del zone limit has 4 unknown bytes [ 284.482480][ T9657] HfR: entered promiscuous mode [ 287.452086][ T9693] Process accounting paused [ 288.169809][ T9676] kexec: Could not allocate control_code_buffer [ 290.273757][ T9755] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 290.555183][ T9763] netlink: 'syz.0.1075': attribute type 11 has an invalid length. [ 290.563022][ T9763] netlink: 'syz.0.1075': attribute type 11 has an invalid length. [ 291.098114][ T9774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1069'. [ 292.454830][ T30] audit: type=1800 audit(1759931001.191:10): pid=9794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1074" name="discovery_nqn" dev="configfs" ino=30267 res=0 errno=0 [ 292.629222][ T9762] kexec: Could not allocate control_code_buffer [ 293.949492][ T9805] zswap: compressor not available [ 294.128410][ T5148] Bluetooth: hci0: unexpected event 0x3e length: 728 > 260 [ 294.128434][ T5148] Bluetooth: hci0: unexpected subevent 0x0c length: 727 > 5 [ 294.160667][ T9822] FAULT_INJECTION: forcing a failure. [ 294.160667][ T9822] name failslab, interval 1, probability 0, space 0, times 0 [ 294.174020][ T9822] CPU: 0 UID: 0 PID: 9822 Comm: syz.0.1090 Not tainted syzkaller #0 PREEMPT(full) [ 294.174044][ T9822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 294.174060][ T9822] Call Trace: [ 294.174065][ T9822] [ 294.174071][ T9822] dump_stack_lvl+0x16c/0x1f0 [ 294.174093][ T9822] should_fail_ex+0x512/0x640 [ 294.174111][ T9822] ? __kmalloc_cache_noprof+0x5f/0x780 [ 294.174136][ T9822] should_failslab+0xc2/0x120 [ 294.174156][ T9822] __kmalloc_cache_noprof+0x72/0x780 [ 294.174177][ T9822] ? alloc_netdev_mqs+0xed3/0x1550 [ 294.174198][ T9822] ? alloc_netdev_mqs+0xed3/0x1550 [ 294.174213][ T9822] alloc_netdev_mqs+0xed3/0x1550 [ 294.174233][ T9822] ppp_ioctl+0x168f/0x2880 [ 294.174252][ T9822] ? find_held_lock+0x2b/0x80 [ 294.174267][ T9822] ? __pfx_ppp_ioctl+0x10/0x10 [ 294.174286][ T9822] ? __fget_files+0x20e/0x3c0 [ 294.174304][ T9822] ? __pfx_ppp_ioctl+0x10/0x10 [ 294.174319][ T9822] __x64_sys_ioctl+0x18b/0x210 [ 294.174341][ T9822] do_syscall_64+0xcd/0xfa0 [ 294.174358][ T9822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.174373][ T9822] RIP: 0033:0x7fef3258eec9 [ 294.174385][ T9822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.174399][ T9822] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.174413][ T9822] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 294.174422][ T9822] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000008 [ 294.174430][ T9822] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 294.174439][ T9822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.174448][ T9822] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 294.174468][ T9822] [ 294.435859][ T9824] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1082'. [ 294.844893][ T9826] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 294.857500][ T9826] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 295.129759][ T9826] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 295.136026][ T9826] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 295.152908][ T9826] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 295.159576][ T9826] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 295.209871][ T9826] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 295.217101][ T9826] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 295.572786][ T9853] random: crng reseeded on system resumption [ 295.642356][ T9853] Restarting kernel threads ... [ 295.663641][ T9853] Done restarting kernel threads. [ 296.896188][ T5148] Bluetooth: hci0: command 0x0406 tx timeout [ 297.213949][ T5148] Bluetooth: hci3: command 0x0406 tx timeout [ 297.214054][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 297.221800][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 297.238976][ T9860] kexec: Could not allocate control_code_buffer [ 299.036398][ T5148] Bluetooth: hci0: command 0x0406 tx timeout [ 299.187268][ T9908] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 299.203435][ T9908] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 299.210494][ T9908] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 299.255927][ T9908] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.194907][ T9940] ICMPv6: process `syz.0.1106' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 301.213987][ T5148] Bluetooth: hci2: command 0x0406 tx timeout [ 301.220038][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 301.226321][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 301.293691][ T5148] Bluetooth: hci3: command 0x0406 tx timeout [ 302.288570][ T9924] kexec: Could not allocate control_code_buffer [ 302.332622][ T9935] Process accounting resumed [ 303.320400][ T9979] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1114'. [ 303.524202][ T9979] Invalid ELF header magic: != ELF [ 303.612372][ T9978] delete_channel: no stack [ 303.951794][ T9982] random: crng reseeded on system resumption [ 304.719658][ T9973] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 304.864650][ T9993] netlink: 'syz.0.1117': attribute type 11 has an invalid length. [ 304.926964][ T9993] netlink: 'syz.0.1117': attribute type 11 has an invalid length. [ 308.566430][T10015] kexec: Could not allocate control_code_buffer [ 308.825664][T10030] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1124'. [ 308.982802][T10030] Invalid ELF header magic: != ELF [ 309.001615][T10028] delete_channel: no stack [ 311.069398][T10061] FAULT_INJECTION: forcing a failure. [ 311.069398][T10061] name failslab, interval 1, probability 0, space 0, times 0 [ 311.097913][T10061] CPU: 0 UID: 0 PID: 10061 Comm: syz.2.1134 Not tainted syzkaller #0 PREEMPT(full) [ 311.097950][T10061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 311.097966][T10061] Call Trace: [ 311.097975][T10061] [ 311.097985][T10061] dump_stack_lvl+0x16c/0x1f0 [ 311.098019][T10061] should_fail_ex+0x512/0x640 [ 311.098049][T10061] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 311.098079][T10061] should_failslab+0xc2/0x120 [ 311.098112][T10061] kmem_cache_alloc_noprof+0x75/0x6e0 [ 311.098138][T10061] ? key_alloc+0xbef/0x1330 [ 311.098168][T10061] ? key_alloc+0xbef/0x1330 [ 311.098190][T10061] key_alloc+0xbef/0x1330 [ 311.098226][T10061] ? __pfx_key_alloc+0x10/0x10 [ 311.098261][T10061] keyring_alloc+0x44/0xc0 [ 311.098292][T10061] keyctl_get_persistent+0x6a8/0x8c0 [ 311.098322][T10061] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 311.098355][T10061] ? __x64_sys_futex+0x1e0/0x4c0 [ 311.098387][T10061] ? __x64_sys_futex+0x1e9/0x4c0 [ 311.098426][T10061] ? xfd_validate_state+0x61/0x180 [ 311.098469][T10061] ? __pfx_do_writev+0x10/0x10 [ 311.098501][T10061] __do_sys_keyctl+0x1a9/0x590 [ 311.098539][T10061] do_syscall_64+0xcd/0xfa0 [ 311.098573][T10061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.098599][T10061] RIP: 0033:0x7f966bd8eec9 [ 311.098621][T10061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.098643][T10061] RSP: 002b:00007f966ccdf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 311.098669][T10061] RAX: ffffffffffffffda RBX: 00007f966bfe5fa0 RCX: 00007f966bd8eec9 [ 311.098686][T10061] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000016 [ 311.098700][T10061] RBP: 00007f966be11f91 R08: 0000000000000001 R09: 0000000000000000 [ 311.098717][T10061] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 311.098733][T10061] R13: 00007f966bfe6038 R14: 00007f966bfe5fa0 R15: 00007ffdb851e468 [ 311.098770][T10061] [ 313.939889][T10119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1140'. [ 314.011513][T10120] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 317.378630][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.385203][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.484140][T10130] Process accounting resumed [ 323.757618][T10248] Invalid ELF header magic: != ELF [ 324.157091][T10251] random: crng reseeded on system resumption [ 324.471766][T10267] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1164'. [ 324.530765][T10267] Invalid ELF header magic: != ELF [ 324.537444][T10265] delete_channel: no stack [ 325.157063][T10274] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 325.163327][T10274] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 325.174469][T10274] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 325.182825][T10274] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 325.819459][T10281] netlink: 'syz.0.1168': attribute type 11 has an invalid length. [ 325.827404][T10281] netlink: 'syz.0.1168': attribute type 11 has an invalid length. [ 325.922868][T10283] random: crng reseeded on system resumption [ 326.703153][T10292] ICMPv6: process `syz.1.1172' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 327.216910][ T5148] Bluetooth: hci3: command 0x0406 tx timeout [ 327.222993][ T5148] Bluetooth: hci2: command 0x0406 tx timeout [ 327.229106][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 327.235159][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 331.818282][T10363] Invalid ELF header magic: != ELF [ 333.037047][ T5148] Bluetooth: hci2: unexpected event 0x16 length: 440 > 6 [ 333.464864][T10235] Process accounting paused [ 335.567126][T10404] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1192'. [ 335.707757][T10405] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 336.196686][T10404] team0 (unregistering): Port device team_slave_0 removed [ 336.219751][T10404] team0 (unregistering): Port device team_slave_1 removed [ 337.494371][T10424] random: crng reseeded on system resumption [ 338.358931][T10445] Invalid ELF header magic: != ELF [ 339.117772][T10450] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 339.124294][T10450] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 339.130357][T10450] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 339.136790][T10450] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 340.010958][ T12] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:0: bg 1: bad block bitmap checksum [ 340.047987][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 984 with max blocks 6 with error 74 [ 340.062086][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 340.062086][ T12] [ 341.133904][ T5148] Bluetooth: hci2: command 0x0406 tx timeout [ 341.133914][ T5835] Bluetooth: hci1: command 0x0406 tx timeout [ 341.133963][ T5835] Bluetooth: hci0: command 0x0406 tx timeout [ 341.213586][ T5835] Bluetooth: hci3: command 0x0406 tx timeout [ 345.239010][T10541] FAULT_INJECTION: forcing a failure. [ 345.239010][T10541] name failslab, interval 1, probability 0, space 0, times 0 [ 345.264827][T10541] CPU: 1 UID: 0 PID: 10541 Comm: syz.2.1216 Not tainted syzkaller #0 PREEMPT(full) [ 345.264868][T10541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 345.264884][T10541] Call Trace: [ 345.264892][T10541] [ 345.264902][T10541] dump_stack_lvl+0x16c/0x1f0 [ 345.264938][T10541] should_fail_ex+0x512/0x640 [ 345.264972][T10541] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 345.265013][T10541] should_failslab+0xc2/0x120 [ 345.265047][T10541] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 345.265080][T10541] ? kstrdup_const+0x63/0x80 [ 345.265117][T10541] ? kstrdup+0x53/0x100 [ 345.265146][T10541] kstrdup+0x53/0x100 [ 345.265178][T10541] kstrdup_const+0x63/0x80 [ 345.265208][T10541] kvasprintf_const+0x10f/0x1a0 [ 345.265255][T10541] kobject_set_name_vargs+0x5a/0x140 [ 345.265292][T10541] kobject_init_and_add+0xe7/0x190 [ 345.265325][T10541] ? __pfx_kobject_init_and_add+0x10/0x10 [ 345.265370][T10541] ? up_write+0x1b2/0x520 [ 345.265431][T10541] sysfs_slab_add+0x194/0x1f0 [ 345.265465][T10541] do_kmem_cache_create+0x5bb/0x740 [ 345.265512][T10541] __kmem_cache_create_args+0x202/0x3c0 [ 345.265564][T10541] mon_text_open+0x333/0x510 [ 345.265609][T10541] ? __pfx_mon_text_open+0x10/0x10 [ 345.265645][T10541] ? __pfx_mon_text_ctor+0x10/0x10 [ 345.265689][T10541] ? __pfx_apparmor_file_open+0x10/0x10 [ 345.265723][T10541] ? lockdown_is_locked_down+0x3f/0x130 [ 345.265754][T10541] ? bpf_lsm_locked_down+0x9/0x10 [ 345.265786][T10541] ? __pfx_mon_text_open+0x10/0x10 [ 345.265814][T10541] full_proxy_open_regular+0x1b9/0x360 [ 345.265852][T10541] do_dentry_open+0x982/0x1530 [ 345.265883][T10541] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 345.265926][T10541] vfs_open+0x82/0x3f0 [ 345.265965][T10541] path_openat+0x1de4/0x2cb0 [ 345.266004][T10541] ? __pfx_path_openat+0x10/0x10 [ 345.266042][T10541] do_filp_open+0x20b/0x470 [ 345.266070][T10541] ? __pfx_do_filp_open+0x10/0x10 [ 345.266119][T10541] ? alloc_fd+0x471/0x7d0 [ 345.266154][T10541] do_sys_openat2+0x11b/0x1d0 [ 345.266185][T10541] ? __pfx_do_sys_openat2+0x10/0x10 [ 345.266233][T10541] __x64_sys_openat+0x174/0x210 [ 345.266269][T10541] ? __pfx___x64_sys_openat+0x10/0x10 [ 345.266318][T10541] do_syscall_64+0xcd/0xfa0 [ 345.266350][T10541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.266375][T10541] RIP: 0033:0x7f966bd8eec9 [ 345.266396][T10541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.266419][T10541] RSP: 002b:00007f966ccdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 345.266444][T10541] RAX: ffffffffffffffda RBX: 00007f966bfe5fa0 RCX: 00007f966bd8eec9 [ 345.266462][T10541] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 345.266479][T10541] RBP: 00007f966be11f91 R08: 0000000000000000 R09: 0000000000000000 [ 345.266496][T10541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 345.266512][T10541] R13: 00007f966bfe6038 R14: 00007f966bfe5fa0 R15: 00007ffdb851e468 [ 345.266546][T10541] [ 345.430754][T10541] kobject: can not set name properly! [ 345.580015][T10541] SLUB: Unable to add cache mon_text_ffff888059b3e400 to sysfs [ 346.458426][T10563] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1229'. [ 346.944761][T10573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1222'. [ 348.068797][T10583] Process accounting paused [ 348.396626][T10603] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1227'. [ 353.883088][T10675] Invalid ELF header magic: != ELF [ 354.268194][T10688] batman_adv: batadv0: adding TT local entry 00:00:03:00:00:00 to non-existent VLAN 48 [ 355.464897][T10692] FAULT_INJECTION: forcing a failure. [ 355.464897][T10692] name failslab, interval 1, probability 0, space 0, times 0 [ 355.494150][T10692] CPU: 1 UID: 0 PID: 10692 Comm: syz.0.1242 Not tainted syzkaller #0 PREEMPT(full) [ 355.494173][T10692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 355.494184][T10692] Call Trace: [ 355.494190][T10692] [ 355.494196][T10692] dump_stack_lvl+0x16c/0x1f0 [ 355.494218][T10692] should_fail_ex+0x512/0x640 [ 355.494237][T10692] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 355.494260][T10692] should_failslab+0xc2/0x120 [ 355.494290][T10692] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 355.494318][T10692] ? kstrdup_const+0x63/0x80 [ 355.494346][T10692] ? kstrdup+0x53/0x100 [ 355.494374][T10692] kstrdup+0x53/0x100 [ 355.494400][T10692] kstrdup_const+0x63/0x80 [ 355.494416][T10692] __kernfs_new_node+0x9b/0x8e0 [ 355.494436][T10692] ? __pfx___kernfs_new_node+0x10/0x10 [ 355.494458][T10692] ? find_held_lock+0x2b/0x80 [ 355.494481][T10692] ? kernfs_root+0xee/0x2a0 [ 355.494514][T10692] kernfs_new_node+0x13c/0x1e0 [ 355.494538][T10692] kernfs_create_dir_ns+0x4c/0x1a0 [ 355.494560][T10692] sysfs_create_dir_ns+0x13a/0x2b0 [ 355.494578][T10692] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 355.494593][T10692] ? find_held_lock+0x2b/0x80 [ 355.494611][T10692] ? do_raw_spin_unlock+0x172/0x230 [ 355.494633][T10692] kobject_add_internal+0x2c4/0x9b0 [ 355.494654][T10692] kobject_init_and_add+0x11b/0x190 [ 355.494673][T10692] ? __pfx_kobject_init_and_add+0x10/0x10 [ 355.494695][T10692] ? up_write+0x1b2/0x520 [ 355.494727][T10692] sysfs_slab_add+0x194/0x1f0 [ 355.494744][T10692] do_kmem_cache_create+0x5bb/0x740 [ 355.494765][T10692] __kmem_cache_create_args+0x202/0x3c0 [ 355.494791][T10692] mon_text_open+0x333/0x510 [ 355.494812][T10692] ? __pfx_mon_text_open+0x10/0x10 [ 355.494832][T10692] ? __pfx_mon_text_ctor+0x10/0x10 [ 355.494851][T10692] ? __pfx_apparmor_file_open+0x10/0x10 [ 355.494870][T10692] ? lockdown_is_locked_down+0x3f/0x130 [ 355.494887][T10692] ? bpf_lsm_locked_down+0x9/0x10 [ 355.494907][T10692] ? __pfx_mon_text_open+0x10/0x10 [ 355.494924][T10692] full_proxy_open_regular+0x1b9/0x360 [ 355.494946][T10692] do_dentry_open+0x982/0x1530 [ 355.494962][T10692] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 355.494985][T10692] vfs_open+0x82/0x3f0 [ 355.495006][T10692] path_openat+0x1de4/0x2cb0 [ 355.495028][T10692] ? __pfx_path_openat+0x10/0x10 [ 355.495048][T10692] do_filp_open+0x20b/0x470 [ 355.495063][T10692] ? __pfx_do_filp_open+0x10/0x10 [ 355.495092][T10692] ? alloc_fd+0x471/0x7d0 [ 355.495110][T10692] do_sys_openat2+0x11b/0x1d0 [ 355.495129][T10692] ? __pfx_do_sys_openat2+0x10/0x10 [ 355.495157][T10692] __x64_sys_openat+0x174/0x210 [ 355.495176][T10692] ? __pfx___x64_sys_openat+0x10/0x10 [ 355.495204][T10692] do_syscall_64+0xcd/0xfa0 [ 355.495221][T10692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.495236][T10692] RIP: 0033:0x7fef3258eec9 [ 355.495249][T10692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 355.495263][T10692] RSP: 002b:00007fef33422038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 355.495277][T10692] RAX: ffffffffffffffda RBX: 00007fef327e6090 RCX: 00007fef3258eec9 [ 355.495287][T10692] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 355.495296][T10692] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 355.495304][T10692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 355.495313][T10692] R13: 00007fef327e6128 R14: 00007fef327e6090 R15: 00007ffd244bca68 [ 355.495334][T10692] [ 355.495345][T10692] kobject: kobject_add_internal failed for mon_text_ffff88805a35b000 (error: -12 parent: slab) [ 355.965848][T10692] SLUB: Unable to add cache mon_text_ffff88805a35b000 to sysfs [ 357.880146][T10718] Invalid ELF header magic: != ELF [ 358.750555][T10732] Invalid ELF header magic: != ELF [ 359.484063][T10740] random: crng reseeded on system resumption [ 362.514437][T10782] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1264'. [ 364.342345][T10781] Process accounting resumed [ 364.833433][T10819] netlink: 266 bytes leftover after parsing attributes in process `syz.0.1263'. [ 366.114291][T10844] serio: Serial port pty6 [ 366.890923][T10852] Invalid ELF header magic: != ELF [ 369.955762][T10862] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 369.989689][T10862] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 370.034115][T10862] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 370.054388][T10862] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 370.273812][T10913] netlink: 'syz.0.1279': attribute type 11 has an invalid length. [ 370.810742][T10915] random: crng reseeded on system resumption [ 371.555319][ T5835] Bluetooth: hci0: command 0x0406 tx timeout [ 372.013684][ T5835] Bluetooth: hci1: command 0x0406 tx timeout [ 372.093929][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 372.093975][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 373.144884][T10952] random: crng reseeded on system resumption [ 374.513543][T10970] FAULT_INJECTION: forcing a failure. [ 374.513543][T10970] name failslab, interval 1, probability 0, space 0, times 0 [ 374.526483][T10970] CPU: 1 UID: 0 PID: 10970 Comm: syz.2.1286 Not tainted syzkaller #0 PREEMPT(full) [ 374.526505][T10970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 374.526515][T10970] Call Trace: [ 374.526521][T10970] [ 374.526527][T10970] dump_stack_lvl+0x16c/0x1f0 [ 374.526549][T10970] should_fail_ex+0x512/0x640 [ 374.526570][T10970] should_failslab+0xc2/0x120 [ 374.526590][T10970] kmem_cache_alloc_noprof+0x75/0x6e0 [ 374.526605][T10970] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 374.526632][T10970] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 374.526651][T10970] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 374.526675][T10970] idr_get_free+0x528/0xa30 [ 374.526696][T10970] idr_alloc_u32+0x190/0x2f0 [ 374.526711][T10970] ? __pfx_idr_alloc_u32+0x10/0x10 [ 374.526723][T10970] ? do_raw_spin_lock+0x12c/0x2b0 [ 374.526746][T10970] ? net_generic+0xea/0x2a0 [ 374.526766][T10970] l2tp_tunnel_register+0xf8/0xbe0 [ 374.526786][T10970] ? __pfx___debug_object_init+0x10/0x10 [ 374.526807][T10970] ? sprintf+0xcc/0x100 [ 374.526822][T10970] ? __pfx_l2tp_tunnel_register+0x10/0x10 [ 374.526845][T10970] ? lockdep_init_map_type+0x5c/0x280 [ 374.526865][T10970] ? lockdep_init_map_type+0x5c/0x280 [ 374.526884][T10970] ? l2tp_tunnel_create+0x2cf/0x460 [ 374.526899][T10970] ? l2tp_tunnel_create+0x37d/0x460 [ 374.526926][T10970] l2tp_nl_cmd_tunnel_create+0x44e/0x990 [ 374.526956][T10970] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 374.526993][T10970] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 374.527030][T10970] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 374.527086][T10970] genl_family_rcv_msg_doit+0x206/0x2f0 [ 374.527125][T10970] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 374.527174][T10970] ? bpf_lsm_capable+0x9/0x10 [ 374.527205][T10970] ? security_capable+0x7e/0x260 [ 374.527239][T10970] ? ns_capable+0xd7/0x110 [ 374.527270][T10970] genl_rcv_msg+0x55c/0x800 [ 374.527305][T10970] ? __pfx_genl_rcv_msg+0x10/0x10 [ 374.527340][T10970] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 374.527380][T10970] netlink_rcv_skb+0x155/0x420 [ 374.527412][T10970] ? __pfx_genl_rcv_msg+0x10/0x10 [ 374.527449][T10970] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 374.527497][T10970] ? netlink_deliver_tap+0x1ae/0xd30 [ 374.527533][T10970] genl_rcv+0x28/0x40 [ 374.527562][T10970] netlink_unicast+0x5aa/0x870 [ 374.527598][T10970] ? __pfx_netlink_unicast+0x10/0x10 [ 374.527643][T10970] netlink_sendmsg+0x8c8/0xdd0 [ 374.527680][T10970] ? __pfx_netlink_sendmsg+0x10/0x10 [ 374.527716][T10970] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 374.527757][T10970] ____sys_sendmsg+0xa98/0xc70 [ 374.527795][T10970] ? copy_msghdr_from_user+0x10a/0x160 [ 374.527822][T10970] ? __pfx_____sys_sendmsg+0x10/0x10 [ 374.527867][T10970] ? __pfx_futex_wake_mark+0x10/0x10 [ 374.527912][T10970] ___sys_sendmsg+0x134/0x1d0 [ 374.527943][T10970] ? __pfx____sys_sendmsg+0x10/0x10 [ 374.528020][T10970] __sys_sendmsg+0x16d/0x220 [ 374.528048][T10970] ? __pfx___sys_sendmsg+0x10/0x10 [ 374.528083][T10970] ? __x64_sys_futex+0x1e0/0x4c0 [ 374.528141][T10970] do_syscall_64+0xcd/0xfa0 [ 374.528174][T10970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.528200][T10970] RIP: 0033:0x7f966bd8eec9 [ 374.528221][T10970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 374.528246][T10970] RSP: 002b:00007f966ccdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 374.528271][T10970] RAX: ffffffffffffffda RBX: 00007f966bfe5fa0 RCX: 00007f966bd8eec9 [ 374.528290][T10970] RDX: 0000000000048080 RSI: 0000200000000140 RDI: 0000000000000004 [ 374.528307][T10970] RBP: 00007f966be11f91 R08: 0000000000000000 R09: 0000000000000000 [ 374.528323][T10970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 374.528339][T10970] R13: 00007f966bfe6038 R14: 00007f966bfe5fa0 R15: 00007ffdb851e468 [ 374.528380][T10970] [ 375.110295][T10975] netlink: 'syz.0.1289': attribute type 11 has an invalid length. [ 376.252497][T10970] kexec: Could not allocate control_code_buffer [ 376.280883][T10995] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 377.006428][T11006] random: crng reseeded on system resumption [ 377.318016][T11001] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1293'. [ 378.307252][T11023] serio: Serial port pty6 [ 378.358571][T11017] Process accounting resumed [ 378.509618][T11027] netlink: 'syz.0.1299': attribute type 11 has an invalid length. [ 378.608275][T11029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1298'. [ 378.826526][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.836086][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.572569][T11066] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1305'. [ 381.238111][T11071] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 381.350423][T11053] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 381.363848][T11053] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 381.380772][T11053] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 381.396251][T11053] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 383.145483][T11102] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1311'. [ 383.373746][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 383.379913][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 383.453675][ T5835] Bluetooth: hci3: command 0x0406 tx timeout [ 383.454602][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 383.686434][T11106] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1312'. [ 383.772498][T11106] Invalid ELF header magic: != ELF [ 383.876345][T11105] delete_channel: no stack [ 385.607481][T11131] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1317'. [ 387.589848][T11165] input: jJǸ-9%v as /devices/virtual/input/input8 [ 387.987697][T11166] usb usb37: usbfs: process 11166 (syz.2.1323) did not claim interface 0 before use [ 388.195531][T11169] random: crng reseeded on system resumption [ 389.568120][T11189] random: crng reseeded on system resumption [ 391.229525][ T30] audit: type=1800 audit(1759938899.860:11): pid=11202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1329" name="dbroot" dev="configfs" ino=34660 res=0 errno=0 [ 391.481736][T11215] Invalid ELF header magic: != ELF [ 393.814641][T11242] random: crng reseeded on system resumption [ 394.634209][T11247] Process accounting paused [ 394.718776][T11254] random: crng reseeded on system resumption [ 395.993663][T11267] netlink: 'syz.0.1351': attribute type 11 has an invalid length. [ 396.001498][T11267] netlink: 'syz.0.1351': attribute type 11 has an invalid length. [ 396.310733][T11272] random: crng reseeded on system resumption [ 398.162293][T11286] ima: policy update failed [ 398.304721][ T30] audit: type=1802 audit(1759938907.040:12): pid=11286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1346" res=0 errno=0 [ 400.435470][T11332] random: crng reseeded on system resumption [ 400.675531][T11337] netlink: 'syz.0.1365': attribute type 11 has an invalid length. [ 402.538806][T11367] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 403.039734][T11380] random: crng reseeded on system resumption [ 404.134187][T11398] netlink: 'syz.2.1368': attribute type 11 has an invalid length. [ 405.234252][T11415] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1375'. [ 406.214008][T11432] random: crng reseeded on system resumption [ 406.936958][T11445] random: crng reseeded on system resumption [ 408.654606][ T12] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:0: bg 3: bad block bitmap checksum [ 408.987610][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 951 with max blocks 18 with error 74 [ 409.404875][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 409.404875][ T12] [ 409.559951][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 946 with max blocks 5 with error 117 [ 409.586818][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 409.586818][ T12] [ 409.905014][T11464] Process accounting paused [ 410.496234][ T60] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 946 with max blocks 1 with error 117 [ 410.519296][ T60] EXT4-fs (sda1): This should not happen!! Data will be lost [ 410.519296][ T60] [ 413.273165][T11526] netlink: 'syz.1.1398': attribute type 11 has an invalid length. [ 413.999888][T11537] netlink: 'syz.2.1401': attribute type 11 has an invalid length. [ 414.009778][T11537] netlink: 'syz.2.1401': attribute type 11 has an invalid length. [ 414.065840][T11538] bond0: option all_slaves_active: invalid value () [ 414.125573][T11540] random: crng reseeded on system resumption [ 414.168245][ T60] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 966 with max blocks 3 with error 117 [ 414.223251][ T60] EXT4-fs (sda1): This should not happen!! Data will be lost [ 414.223251][ T60] [ 415.367252][T11561] mtrr: base(0x1000000) is not aligned on a size(0x0000) boundary [ 416.766846][T11567] kexec: Could not allocate control_code_buffer [ 416.969471][T11584] netlink: 'syz.2.1412': attribute type 11 has an invalid length. [ 417.537026][T11574] ima: policy update failed [ 417.552205][ T30] audit: type=1802 audit(1759938926.280:13): pid=11574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1410" res=0 errno=0 [ 419.675290][T11642] random: crng reseeded on system resumption [ 420.701644][T11652] netlink: 'syz.0.1428': attribute type 11 has an invalid length. [ 421.119758][T11645] ima: policy update failed [ 421.124524][ T30] audit: type=1802 audit(1759938929.860:14): pid=11645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1427" res=0 errno=0 [ 421.225667][T11659] random: crng reseeded on system resumption [ 421.710036][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1383 with max blocks 5 with error 117 [ 421.749122][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 421.749122][ T36] [ 421.765734][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1383 with max blocks 1 with error 117 [ 421.823555][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 421.823555][ T36] [ 422.117029][T11675] FAULT_INJECTION: forcing a failure. [ 422.117029][T11675] name failslab, interval 1, probability 0, space 0, times 0 [ 422.138442][T11675] CPU: 0 UID: 0 PID: 11675 Comm: syz.3.1434 Not tainted syzkaller #0 PREEMPT(full) [ 422.138475][T11675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 422.138489][T11675] Call Trace: [ 422.138498][T11675] [ 422.138507][T11675] dump_stack_lvl+0x16c/0x1f0 [ 422.138541][T11675] should_fail_ex+0x512/0x640 [ 422.138582][T11675] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 422.138610][T11675] should_failslab+0xc2/0x120 [ 422.138642][T11675] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 422.138667][T11675] ? __debug_object_init+0x2de/0x3d0 [ 422.138708][T11675] ? bdev_alloc_inode+0x26/0x90 [ 422.138747][T11675] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 422.138780][T11675] ? bdev_alloc_inode+0x26/0x90 [ 422.138811][T11675] bdev_alloc_inode+0x26/0x90 [ 422.138844][T11675] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 422.138877][T11675] alloc_inode+0x61/0x240 [ 422.138910][T11675] new_inode+0x22/0x1c0 [ 422.138944][T11675] bdev_alloc+0x2b/0x420 [ 422.138985][T11675] __alloc_disk_node+0x116/0x640 [ 422.139021][T11675] __blk_mq_alloc_disk+0x89/0x120 [ 422.139052][T11675] loop_add+0x490/0xb70 [ 422.139089][T11675] ? __pfx_loop_add+0x10/0x10 [ 422.139147][T11675] ? find_held_lock+0x2b/0x80 [ 422.139180][T11675] loop_control_ioctl+0x13e/0x630 [ 422.139216][T11675] ? __pfx_loop_control_ioctl+0x10/0x10 [ 422.139256][T11675] ? __pfx_loop_control_ioctl+0x10/0x10 [ 422.139293][T11675] __x64_sys_ioctl+0x18b/0x210 [ 422.139331][T11675] do_syscall_64+0xcd/0xfa0 [ 422.139362][T11675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.139388][T11675] RIP: 0033:0x7fadd4d8eec9 [ 422.139409][T11675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.139435][T11675] RSP: 002b:00007fadd5b71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 422.139460][T11675] RAX: ffffffffffffffda RBX: 00007fadd4fe6090 RCX: 00007fadd4d8eec9 [ 422.139478][T11675] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 422.139495][T11675] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 422.139511][T11675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.139526][T11675] R13: 00007fadd4fe6128 R14: 00007fadd4fe6090 R15: 00007ffcb360bf38 [ 422.139571][T11675] [ 422.681839][T11684] netlink: 'syz.1.1436': attribute type 11 has an invalid length. [ 422.698067][T11684] netlink: 'syz.1.1436': attribute type 11 has an invalid length. [ 423.428595][ T30] audit: type=1800 audit(1759938932.160:15): pid=11687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1438" name="dbroot" dev="configfs" ino=37239 res=0 errno=0 [ 423.585474][ T1339] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 968 with max blocks 1 with error 117 [ 423.696253][ T1339] EXT4-fs (sda1): This should not happen!! Data will be lost [ 423.696253][ T1339] [ 424.061826][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 966 with max blocks 2 with error 117 [ 424.307865][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 424.307865][ T12] [ 424.793439][T11692] Process accounting resumed [ 425.055014][T11715] input: jJǸ-9%v as /devices/virtual/input/input9 [ 425.075444][T11717] netlink: 'syz.0.1449': attribute type 11 has an invalid length. [ 425.725089][T11719] usb usb37: usbfs: process 11719 (syz.3.1442) did not claim interface 0 before use [ 427.396738][T11735] zswap: compressor 000 not available [ 428.027074][T11749] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1447'. [ 428.044537][T11738] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 428.065940][T11738] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 428.073830][T11738] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 428.080583][T11738] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 428.386760][ T50] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 966 with max blocks 3 with error 117 [ 428.435134][ T50] EXT4-fs (sda1): This should not happen!! Data will be lost [ 428.435134][ T50] [ 428.659870][ T50] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 966 with max blocks 1 with error 117 [ 428.758552][ T50] EXT4-fs (sda1): This should not happen!! Data will be lost [ 428.758552][ T50] [ 428.849659][ T50] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 965 with max blocks 1 with error 117 [ 428.950529][ T50] EXT4-fs (sda1): This should not happen!! Data will be lost [ 428.950529][ T50] [ 429.320956][T11771] random: crng reseeded on system resumption [ 429.533684][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 429.756847][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 965 with max blocks 1 with error 117 [ 429.889108][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 429.889108][ T12] [ 430.102475][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 430.108596][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 430.108635][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 431.144201][T11792] netlink: 'syz.2.1453': attribute type 11 has an invalid length. [ 431.152034][T11792] netlink: 'syz.2.1453': attribute type 11 has an invalid length. [ 432.871554][T11800] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 432.968525][T11800] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 433.038531][T11800] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 433.048623][T11800] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 433.548639][T11832] random: crng reseeded on system resumption [ 433.632782][T11827] FAULT_INJECTION: forcing a failure. [ 433.632782][T11827] name failslab, interval 1, probability 0, space 0, times 0 [ 433.673646][T11827] CPU: 0 UID: 0 PID: 11827 Comm: syz.1.1463 Not tainted syzkaller #0 PREEMPT(full) [ 433.673679][T11827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 433.673695][T11827] Call Trace: [ 433.673704][T11827] [ 433.673713][T11827] dump_stack_lvl+0x16c/0x1f0 [ 433.673753][T11827] should_fail_ex+0x512/0x640 [ 433.673772][T11827] ? __kmalloc_noprof+0xca/0x880 [ 433.673796][T11827] should_failslab+0xc2/0x120 [ 433.673814][T11827] __kmalloc_noprof+0xdd/0x880 [ 433.673836][T11827] ? lsm_blob_alloc+0x68/0x90 [ 433.673855][T11827] ? lsm_blob_alloc+0x68/0x90 [ 433.673869][T11827] lsm_blob_alloc+0x68/0x90 [ 433.673885][T11827] security_sk_alloc+0x30/0x270 [ 433.673904][T11827] sk_prot_alloc+0x1c7/0x2a0 [ 433.673927][T11827] sk_alloc+0x36/0xc20 [ 433.673941][T11827] __netlink_create+0x5e/0x2c0 [ 433.673954][T11827] ? __wake_up+0x3f/0x60 [ 433.673971][T11827] netlink_create+0x39e/0x620 [ 433.673984][T11827] ? __pfx_genl_bind+0x10/0x10 [ 433.674000][T11827] ? __pfx_genl_unbind+0x10/0x10 [ 433.674016][T11827] ? __pfx_genl_release+0x10/0x10 [ 433.674035][T11827] __sock_create+0x335/0x8d0 [ 433.674058][T11827] __sys_socket+0x14d/0x260 [ 433.674076][T11827] ? __x64_sys_openat+0x174/0x210 [ 433.674096][T11827] ? __pfx___sys_socket+0x10/0x10 [ 433.674116][T11827] ? xfd_validate_state+0x61/0x180 [ 433.674139][T11827] __x64_sys_socket+0x72/0xb0 [ 433.674158][T11827] ? lockdep_hardirqs_on+0x7c/0x110 [ 433.674174][T11827] do_syscall_64+0xcd/0xfa0 [ 433.674190][T11827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.674204][T11827] RIP: 0033:0x7fe7bcf8eec9 [ 433.674217][T11827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.674231][T11827] RSP: 002b:00007fe7bdd9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 433.674245][T11827] RAX: ffffffffffffffda RBX: 00007fe7bd1e5fa0 RCX: 00007fe7bcf8eec9 [ 433.674254][T11827] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 433.674262][T11827] RBP: 00007fe7bd011f91 R08: 0000000000000000 R09: 0000000000000000 [ 433.674272][T11827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 433.674280][T11827] R13: 00007fe7bd1e6038 R14: 00007fe7bd1e5fa0 R15: 00007fffd1b29078 [ 433.674306][T11827] [ 434.333650][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 434.437465][T11838] random: crng reseeded on system resumption [ 434.893583][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 435.055904][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 435.062075][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 435.161813][T11845] random: crng reseeded on system resumption [ 435.922176][T11858] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78000 [ 435.935869][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 435.943887][T11858] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 435.961097][T11858] raw: ffff888000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 436.003714][T11858] page dumped because: unmovable page [ 436.009138][T11858] page_owner tracks the page as allocated [ 436.023988][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2c00(GFP_NOIO|__GFP_NOWARN), pid 11697, tgid 11696 (syz.2.1439), ts 423933203037, free_ts 417485320328 [ 436.042974][T11858] post_alloc_hook+0x1c0/0x230 [ 436.047843][T11858] get_page_from_freelist+0x10a3/0x3a30 [ 436.053636][T11858] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 436.053725][T11858] alloc_pages_bulk_noprof+0x71c/0x1410 [ 436.065553][T11858] kasan_populate_vmalloc+0x112/0x2d0 [ 436.070981][T11858] alloc_vmap_area+0x960/0x29e0 [ 436.075952][T11858] __get_vm_area_node+0x1ca/0x330 [ 436.081022][T11858] __vmalloc_node_range_noprof+0x271/0x1480 [ 436.087672][T11858] __vmalloc_node_noprof+0xad/0xf0 [ 436.092819][T11858] pcpu_mem_zalloc+0x54/0xb0 [ 436.097584][T11858] pcpu_create_chunk+0x432/0x730 [ 436.102622][T11858] pcpu_alloc_noprof+0x128f/0x14c0 [ 436.116764][T11858] bpf_map_alloc_percpu+0x9a/0x4b0 [ 436.121901][T11858] htab_map_alloc+0x10ca/0x1570 [ 436.134052][T11858] map_create+0x659/0x27e0 [ 436.142012][T11858] __sys_bpf+0x3d9d/0x4980 [ 436.153839][T11858] page last free pid 11589 tgid 11576 stack trace: [ 436.162116][T11858] __free_frozen_pages+0x7df/0x1160 [ 436.167638][T11858] vfree+0x1fd/0xb50 [ 436.171533][T11858] snd_dma_free_pages+0x51/0x70 [ 436.193554][T11858] snd_pcm_lib_free_pages+0x172/0x390 [ 436.204428][T11858] snd_pcm_release_substream.part.0+0x2a8/0x340 [ 436.214738][T11858] snd_pcm_release_substream+0x5b/0x70 [ 436.226127][T11858] snd_pcm_oss_release+0x16f/0x310 [ 436.238480][T11858] __fput+0x3ff/0xb70 [ 436.243863][T11858] task_work_run+0x150/0x240 [ 436.248697][T11858] exit_to_user_mode_loop+0xec/0x130 [ 436.260571][T11858] do_syscall_64+0x426/0xfa0 [ 436.265588][T11858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.895354][T11876] FAULT_INJECTION: forcing a failure. [ 436.895354][T11876] name failslab, interval 1, probability 0, space 0, times 0 [ 436.910794][T11876] CPU: 0 UID: 0 PID: 11876 Comm: syz.0.1484 Not tainted syzkaller #0 PREEMPT(full) [ 436.910829][T11876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 436.910844][T11876] Call Trace: [ 436.910852][T11876] [ 436.910862][T11876] dump_stack_lvl+0x16c/0x1f0 [ 436.910898][T11876] should_fail_ex+0x512/0x640 [ 436.910929][T11876] ? fs_reclaim_acquire+0xae/0x150 [ 436.910962][T11876] should_failslab+0xc2/0x120 [ 436.910995][T11876] kmem_cache_alloc_noprof+0x75/0x6e0 [ 436.911022][T11876] ? __kernfs_new_node+0xd2/0x8e0 [ 436.911060][T11876] ? __kernfs_new_node+0xd2/0x8e0 [ 436.911089][T11876] __kernfs_new_node+0xd2/0x8e0 [ 436.911125][T11876] ? __pfx___kernfs_new_node+0x10/0x10 [ 436.911167][T11876] ? find_held_lock+0x2b/0x80 [ 436.911196][T11876] ? kernfs_root+0xee/0x2a0 [ 436.911235][T11876] kernfs_new_node+0x13c/0x1e0 [ 436.911276][T11876] __kernfs_create_file+0x53/0x350 [ 436.911307][T11876] sysfs_add_file_mode_ns+0x207/0x3c0 [ 436.911348][T11876] internal_create_group+0x578/0xf30 [ 436.911390][T11876] ? __pfx_internal_create_group+0x10/0x10 [ 436.911429][T11876] ? kernfs_create_link+0x1bd/0x240 [ 436.911469][T11876] internal_create_groups+0x9d/0x150 [ 436.911508][T11876] device_add+0x731/0x1aa0 [ 436.911546][T11876] ? __pfx_device_add+0x10/0x10 [ 436.911574][T11876] ? __pfx___might_resched+0x10/0x10 [ 436.911602][T11876] ? is_dynamic_key+0xb4/0x160 [ 436.911649][T11876] __add_disk+0x457/0xf00 [ 436.911688][T11876] add_disk_fwnode+0x13f/0x5d0 [ 436.911721][T11876] nbd_dev_add+0x783/0xbb0 [ 436.911750][T11876] ? __pfx_nbd_dev_add+0x10/0x10 [ 436.911801][T11876] ? bpf_lsm_capable+0x9/0x10 [ 436.911834][T11876] ? __radix_tree_lookup+0x21f/0x2c0 [ 436.911882][T11876] nbd_genl_connect+0x8b0/0x1c60 [ 436.911919][T11876] ? __pfx_nbd_genl_connect+0x10/0x10 [ 436.911950][T11876] ? __nla_parse+0x40/0x60 [ 436.911991][T11876] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 436.912028][T11876] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 436.912073][T11876] genl_family_rcv_msg_doit+0x206/0x2f0 [ 436.912109][T11876] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 436.912146][T11876] ? genl_get_cmd+0x194/0x580 [ 436.912190][T11876] ? __radix_tree_lookup+0x21f/0x2c0 [ 436.912235][T11876] genl_rcv_msg+0x55c/0x800 [ 436.912276][T11876] ? __pfx_genl_rcv_msg+0x10/0x10 [ 436.912311][T11876] ? __pfx_nbd_genl_connect+0x10/0x10 [ 436.912355][T11876] netlink_rcv_skb+0x155/0x420 [ 436.912386][T11876] ? __pfx_genl_rcv_msg+0x10/0x10 [ 436.912423][T11876] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 436.912477][T11876] ? netlink_deliver_tap+0x1ae/0xd30 [ 436.912514][T11876] genl_rcv+0x28/0x40 [ 436.912546][T11876] netlink_unicast+0x5aa/0x870 [ 436.912583][T11876] ? __pfx_netlink_unicast+0x10/0x10 [ 436.912630][T11876] netlink_sendmsg+0x8c8/0xdd0 [ 436.912669][T11876] ? __pfx_netlink_sendmsg+0x10/0x10 [ 436.912705][T11876] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 436.912746][T11876] ____sys_sendmsg+0xa98/0xc70 [ 436.912784][T11876] ? copy_msghdr_from_user+0x10a/0x160 [ 436.912813][T11876] ? __pfx_____sys_sendmsg+0x10/0x10 [ 436.912858][T11876] ? __pfx_futex_wake_mark+0x10/0x10 [ 436.912904][T11876] ___sys_sendmsg+0x134/0x1d0 [ 436.912936][T11876] ? __pfx____sys_sendmsg+0x10/0x10 [ 436.913014][T11876] __sys_sendmsg+0x16d/0x220 [ 436.913045][T11876] ? __pfx___sys_sendmsg+0x10/0x10 [ 436.913073][T11876] ? __x64_sys_futex+0x1e0/0x4c0 [ 436.913131][T11876] do_syscall_64+0xcd/0xfa0 [ 436.913162][T11876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.913189][T11876] RIP: 0033:0x7fef3258eec9 [ 436.913211][T11876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.913237][T11876] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 436.913264][T11876] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 436.913282][T11876] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000005 [ 436.913299][T11876] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 436.913315][T11876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.913331][T11876] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 436.913370][T11876] [ 437.755718][T11876] nbd: failed to add new device [ 437.802890][T11876] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 438.383946][T11872] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 438.402082][T11872] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 438.444142][T11872] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 438.499500][T11872] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 439.189022][T11910] netlink: 'syz.0.1478': attribute type 11 has an invalid length. [ 440.155403][T11920] FAULT_INJECTION: forcing a failure. [ 440.155403][T11920] name failslab, interval 1, probability 0, space 0, times 0 [ 440.199572][T11920] CPU: 1 UID: 0 PID: 11920 Comm: syz.2.1481 Not tainted syzkaller #0 PREEMPT(full) [ 440.199595][T11920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 440.199604][T11920] Call Trace: [ 440.199610][T11920] [ 440.199615][T11920] dump_stack_lvl+0x16c/0x1f0 [ 440.199637][T11920] should_fail_ex+0x512/0x640 [ 440.199654][T11920] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 440.199670][T11920] should_failslab+0xc2/0x120 [ 440.199689][T11920] kmem_cache_alloc_noprof+0x75/0x6e0 [ 440.199703][T11920] ? alloc_empty_file+0x55/0x1e0 [ 440.199725][T11920] ? alloc_empty_file+0x55/0x1e0 [ 440.199742][T11920] alloc_empty_file+0x55/0x1e0 [ 440.199760][T11920] alloc_file_pseudo+0x13a/0x230 [ 440.199780][T11920] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 440.199800][T11920] ? alloc_fd+0x471/0x7d0 [ 440.199816][T11920] sock_alloc_file+0x50/0x210 [ 440.199835][T11920] __sys_socket+0x1c0/0x260 [ 440.199853][T11920] ? __x64_sys_openat+0x174/0x210 [ 440.199874][T11920] ? __pfx___sys_socket+0x10/0x10 [ 440.199895][T11920] ? xfd_validate_state+0x61/0x180 [ 440.199919][T11920] __x64_sys_socket+0x72/0xb0 [ 440.199938][T11920] ? lockdep_hardirqs_on+0x7c/0x110 [ 440.199953][T11920] do_syscall_64+0xcd/0xfa0 [ 440.199976][T11920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.199992][T11920] RIP: 0033:0x7f966bd8eec9 [ 440.200005][T11920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.200019][T11920] RSP: 002b:00007f966ccdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 440.200033][T11920] RAX: ffffffffffffffda RBX: 00007f966bfe5fa0 RCX: 00007f966bd8eec9 [ 440.200042][T11920] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 440.200051][T11920] RBP: 00007f966be11f91 R08: 0000000000000000 R09: 0000000000000000 [ 440.200059][T11920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 440.200068][T11920] R13: 00007f966bfe6038 R14: 00007f966bfe5fa0 R15: 00007ffdb851e468 [ 440.200088][T11920] [ 440.260788][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.260847][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.352573][T11924] random: crng reseeded on system resumption [ 440.390248][T11915] Process accounting resumed [ 440.414031][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 440.414041][ T5835] Bluetooth: hci0: command 0x0406 tx timeout [ 440.493631][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 440.614355][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 440.822464][T11932] random: crng reseeded on system resumption [ 441.918393][T11952] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1489'. [ 442.156259][T11941] zswap: compressor 000 not available [ 442.553227][T11966] FAULT_INJECTION: forcing a failure. [ 442.553227][T11966] name failslab, interval 1, probability 0, space 0, times 0 [ 442.573609][T11966] CPU: 1 UID: 0 PID: 11966 Comm: syz.0.1494 Not tainted syzkaller #0 PREEMPT(full) [ 442.573644][T11966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 442.573659][T11966] Call Trace: [ 442.573668][T11966] [ 442.573677][T11966] dump_stack_lvl+0x16c/0x1f0 [ 442.573717][T11966] should_fail_ex+0x512/0x640 [ 442.573747][T11966] ? __kmalloc_cache_noprof+0x5f/0x780 [ 442.573786][T11966] should_failslab+0xc2/0x120 [ 442.573813][T11966] __kmalloc_cache_noprof+0x72/0x780 [ 442.573851][T11966] ? kvm_dev_ioctl+0xa8a/0x1a80 [ 442.573894][T11966] ? kvm_dev_ioctl+0xa8a/0x1a80 [ 442.573929][T11966] kvm_dev_ioctl+0xa8a/0x1a80 [ 442.573971][T11966] ? find_held_lock+0x2b/0x80 [ 442.573997][T11966] ? hook_file_ioctl_common+0x145/0x410 [ 442.574037][T11966] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 442.574078][T11966] ? __fget_files+0x20e/0x3c0 [ 442.574108][T11966] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 442.574147][T11966] __x64_sys_ioctl+0x18b/0x210 [ 442.574185][T11966] do_syscall_64+0xcd/0xfa0 [ 442.574215][T11966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.574240][T11966] RIP: 0033:0x7fef3258eec9 [ 442.574259][T11966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.574285][T11966] RSP: 002b:00007fef33443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 442.574310][T11966] RAX: ffffffffffffffda RBX: 00007fef327e5fa0 RCX: 00007fef3258eec9 [ 442.574328][T11966] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 442.574344][T11966] RBP: 00007fef32611f91 R08: 0000000000000000 R09: 0000000000000000 [ 442.574360][T11966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 442.574376][T11966] R13: 00007fef327e6038 R14: 00007fef327e5fa0 R15: 00007ffd244bca68 [ 442.574413][T11966] [ 445.842769][T12015] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 445.851310][T12034] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1502'. [ 445.904352][T12015] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 445.948337][T12015] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 445.958402][T12015] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 446.243177][T12034] team0: Port device team_slave_1 removed [ 446.515186][T12058] netlink: 'syz.0.1507': attribute type 11 has an invalid length. [ 446.523290][T12058] netlink: 'syz.0.1507': attribute type 11 has an invalid length. [ 447.373976][ T5835] Bluetooth: hci0: command 0x0406 tx timeout [ 447.943667][ T5835] Bluetooth: hci1: command 0x0406 tx timeout [ 448.032522][ T5835] Bluetooth: hci3: command 0x0406 tx timeout [ 448.032533][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 448.841767][T12112] FAULT_INJECTION: forcing a failure. [ 448.841767][T12112] name failslab, interval 1, probability 0, space 0, times 0 [ 448.862484][T12112] CPU: 1 UID: 0 PID: 12112 Comm: syz.3.1516 Not tainted syzkaller #0 PREEMPT(full) [ 448.862520][T12112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 448.862536][T12112] Call Trace: [ 448.862544][T12112] [ 448.862555][T12112] dump_stack_lvl+0x16c/0x1f0 [ 448.862588][T12112] should_fail_ex+0x512/0x640 [ 448.862621][T12112] ? fs_reclaim_acquire+0xae/0x150 [ 448.862656][T12112] should_failslab+0xc2/0x120 [ 448.862691][T12112] __kmalloc_noprof+0xdd/0x880 [ 448.862727][T12112] ? lockdep_init_map_type+0x5c/0x280 [ 448.862763][T12112] ? tomoyo_open_control+0x51f/0xa30 [ 448.862796][T12112] ? tomoyo_open_control+0x51f/0xa30 [ 448.862823][T12112] tomoyo_open_control+0x51f/0xa30 [ 448.862859][T12112] do_dentry_open+0x982/0x1530 [ 448.862889][T12112] ? __pfx_tomoyo_open+0x10/0x10 [ 448.862930][T12112] vfs_open+0x82/0x3f0 [ 448.862971][T12112] path_openat+0x1de4/0x2cb0 [ 448.863012][T12112] ? __pfx_path_openat+0x10/0x10 [ 448.863057][T12112] do_filp_open+0x20b/0x470 [ 448.863087][T12112] ? __pfx_do_filp_open+0x10/0x10 [ 448.863146][T12112] ? alloc_fd+0x471/0x7d0 [ 448.863181][T12112] do_sys_openat2+0x11b/0x1d0 [ 448.863216][T12112] ? __pfx_do_sys_openat2+0x10/0x10 [ 448.863265][T12112] __x64_sys_openat+0x174/0x210 [ 448.863306][T12112] ? __pfx___x64_sys_openat+0x10/0x10 [ 448.863357][T12112] do_syscall_64+0xcd/0xfa0 [ 448.863388][T12112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.863420][T12112] RIP: 0033:0x7fadd4d8eec9 [ 448.863440][T12112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.863462][T12112] RSP: 002b:00007fadd5b92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 448.863486][T12112] RAX: ffffffffffffffda RBX: 00007fadd4fe5fa0 RCX: 00007fadd4d8eec9 [ 448.863501][T12112] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 448.863516][T12112] RBP: 00007fadd4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 448.863531][T12112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.863546][T12112] R13: 00007fadd4fe6038 R14: 00007fadd4fe5fa0 R15: 00007ffcb360bf38 [ 448.863583][T12112] [ 449.668608][ T36] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:2: bg 4: bad block bitmap checksum [ 449.801304][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2049 with max blocks 1 with error 74 [ 449.853046][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 449.853046][ T36] [ 450.478607][T12132] random: crng reseeded on system resumption [ 450.521243][T12130] netlink: 'syz.2.1518': attribute type 11 has an invalid length. [ 450.529354][T12130] netlink: 'syz.2.1518': attribute type 11 has an invalid length. [ 451.668032][T12161] netlink: 'syz.0.1532': attribute type 11 has an invalid length. [ 451.676059][T12161] netlink: 'syz.0.1532': attribute type 11 has an invalid length. [ 451.763230][T12159] FAULT_INJECTION: forcing a failure. [ 451.763230][T12159] name failslab, interval 1, probability 0, space 0, times 0 [ 451.815069][T12159] CPU: 0 UID: 0 PID: 12159 Comm: syz.2.1525 Not tainted syzkaller #0 PREEMPT(full) [ 451.815097][T12159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 451.815106][T12159] Call Trace: [ 451.815112][T12159] [ 451.815118][T12159] dump_stack_lvl+0x16c/0x1f0 [ 451.815140][T12159] should_fail_ex+0x512/0x640 [ 451.815158][T12159] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 451.815179][T12159] should_failslab+0xc2/0x120 [ 451.815197][T12159] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 451.815215][T12159] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 451.815228][T12159] ? fib_notifier_ops_register+0x32/0x270 [ 451.815246][T12159] ? lockdep_hardirqs_on+0x7c/0x110 [ 451.815264][T12159] ? kmemdup_noprof+0x29/0x60 [ 451.815278][T12159] kmemdup_noprof+0x29/0x60 [ 451.815292][T12159] fib_notifier_ops_register+0x32/0x270 [ 451.815312][T12159] fib4_notifier_init+0x4f/0xd0 [ 451.815333][T12159] fib_net_init+0xbf/0x3f0 [ 451.815350][T12159] ? __pfx___register_sysctl_table+0x10/0x10 [ 451.815372][T12159] ? __pfx_fib_net_init+0x10/0x10 [ 451.815390][T12159] ? lockdep_init_map_type+0x5c/0x280 [ 451.815411][T12159] ? do_init_timer+0xc9/0x110 [ 451.815429][T12159] ? devinet_init_net+0x5c2/0x910 [ 451.815450][T12159] ? __pfx_fib_net_init+0x10/0x10 [ 451.815467][T12159] ops_init+0x1df/0x5f0 [ 451.815486][T12159] setup_net+0x100/0x390 [ 451.815502][T12159] ? __pfx_setup_net+0x10/0x10 [ 451.815520][T12159] ? debug_mutex_init+0x37/0x70 [ 451.815536][T12159] copy_net_ns+0x2f8/0x690 [ 451.815556][T12159] create_new_namespaces+0x3ea/0xa90 [ 451.815583][T12159] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 451.815602][T12159] ksys_unshare+0x45b/0xa40 [ 451.815622][T12159] ? __pfx_ksys_unshare+0x10/0x10 [ 451.815641][T12159] ? xfd_validate_state+0x61/0x180 [ 451.815668][T12159] __x64_sys_unshare+0x31/0x40 [ 451.815686][T12159] do_syscall_64+0xcd/0xfa0 [ 451.815702][T12159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.815717][T12159] RIP: 0033:0x7f966bd8eec9 [ 451.815729][T12159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.815742][T12159] RSP: 002b:00007f966ccdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 451.815757][T12159] RAX: ffffffffffffffda RBX: 00007f966bfe5fa0 RCX: 00007f966bd8eec9 [ 451.815766][T12159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 451.815775][T12159] RBP: 00007f966be11f91 R08: 0000000000000000 R09: 0000000000000000 [ 451.815784][T12159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 451.815793][T12159] R13: 00007f966bfe6038 R14: 00007f966bfe5fa0 R15: 00007ffdb851e468 [ 451.815812][T12159] [ 452.618266][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2051 with max blocks 1 with error 117 [ 452.683601][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 452.683601][ T13] [ 452.880830][T12177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1535'. [ 452.991064][T12177] Invalid ELF header magic: != ELF [ 453.065400][T12176] delete_channel: no stack [ 453.486253][T12190] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1527'. [ 454.964844][T12205] __vm_enough_memory: pid: 12205, comm: syz.0.1531, bytes: 4398046511104 not enough memory for the allocation [ 455.018079][T12207] random: crng reseeded on system resumption [ 455.148825][T12168] Process accounting paused [ 455.264532][T12214] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2055 with max blocks 1 with error 117 [ 455.293529][T12214] EXT4-fs (sda1): This should not happen!! Data will be lost [ 455.293529][T12214] [ 456.774497][ T60] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2060 with max blocks 1 with error 117 [ 456.787556][ T60] EXT4-fs (sda1): This should not happen!! Data will be lost [ 456.787556][ T60] [ 457.542890][T12143] ------------[ cut here ]------------ [ 457.548656][T12143] WARNING: CPU: 1 PID: 12143 at kernel/trace/trace.c:8604 tracing_buffers_mmap_close+0xdd/0x130 [ 457.559212][T12143] Modules linked in: [ 457.563531][T12143] CPU: 1 UID: 0 PID: 12143 Comm: syz.3.1522 Not tainted syzkaller #0 PREEMPT(full) [ 457.572967][T12143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 457.583176][T12143] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 457.589708][T12143] Code: 75 46 48 8b 7b 08 e8 d2 96 ff ff 31 ff 89 c3 89 c6 e8 37 4d fb ff 85 db 75 0a 48 83 c4 08 5b e9 e9 51 fb ff e8 e4 51 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 d6 51 fb ff e8 71 d0 62 00 eb 87 e8 9a [ 457.609628][T12143] RSP: 0018:ffffc90002f679b0 EFLAGS: 00010293 [ 457.615886][T12143] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81c08269 [ 457.623942][T12143] RDX: ffff888033fd3c80 RSI: ffffffff81c0827c RDI: 0000000000000005 [ 457.631971][T12143] RBP: ffffffff81c081a0 R08: 0000000000000005 R09: 0000000000000000 [ 457.641328][T12143] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff8880565882c8 [ 457.650391][T12143] R13: dffffc0000000000 R14: ffffc90002f67a38 R15: 0000000000000000 [ 457.658487][T12143] FS: 0000000000000000(0000) GS:ffff888124ae7000(0000) knlGS:0000000000000000 [ 457.667604][T12143] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 457.674679][T12143] CR2: 0000000000008000 CR3: 00000000309ea000 CR4: 00000000003526f0 [ 457.682723][T12143] Call Trace: [ 457.686085][T12143] [ 457.689066][T12143] remove_vma+0x88/0x160 [ 457.693380][T12143] exit_mmap+0x50a/0xb90 [ 457.697777][T12143] ? __pfx_exit_mmap+0x10/0x10 [ 457.702610][T12143] ? rcu_is_watching+0x12/0xc0 [ 457.707529][T12143] ? kasan_quarantine_put+0x10a/0x240 [ 457.712965][T12143] __mmput+0x12a/0x410 [ 457.717136][T12143] mmput+0x62/0x70 [ 457.720892][T12143] do_exit+0x7c7/0x2bf0 [ 457.725169][T12143] ? proc_coredump_connector+0x2d1/0x4f0 [ 457.730864][T12143] ? __pfx_do_exit+0x10/0x10 [ 457.736453][T12143] do_group_exit+0xd3/0x2a0 [ 457.740992][T12143] get_signal+0x2671/0x26d0 [ 457.746819][T12143] ? force_sig_fault+0xc4/0x100 [ 457.751930][T12143] ? __pfx_get_signal+0x10/0x10 [ 457.756952][T12143] arch_do_signal_or_restart+0x8f/0x790 [ 457.762568][T12143] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 457.768726][T12143] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 457.775054][T12143] irqentry_exit_to_user_mode+0x176/0x310 [ 457.780818][T12143] asm_exc_page_fault+0x26/0x30 [ 457.785706][T12143] RIP: 0033:0x40fff [ 457.789524][T12143] Code: Unable to access opcode bytes at 0x40fd5. [ 457.795986][T12143] RSP: 002b:000000000000000a EFLAGS: 00010206 [ 457.802091][T12143] RAX: 0000000000000000 RBX: 00007fadd4fe6090 RCX: 00007fadd4d8eec9 [ 457.810094][T12143] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 457.818117][T12143] RBP: 00007fadd4e11f91 R08: 0000000000000002 R09: 0000000000000000 [ 457.826136][T12143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 457.834145][T12143] R13: 00007fadd4fe6128 R14: 00007fadd4fe6090 R15: 00007ffcb360bf38 [ 457.843394][T12143] [ 457.846556][T12143] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 457.853834][T12143] CPU: 1 UID: 0 PID: 12143 Comm: syz.3.1522 Not tainted syzkaller #0 PREEMPT(full) [ 457.863187][T12143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 457.873233][T12143] Call Trace: [ 457.876509][T12143] [ 457.879437][T12143] dump_stack_lvl+0x3d/0x1f0 [ 457.884021][T12143] vpanic+0x640/0x6f0 [ 457.887999][T12143] ? tracing_buffers_mmap_close+0xdd/0x130 [ 457.893796][T12143] panic+0xca/0xd0 [ 457.897516][T12143] ? __pfx_panic+0x10/0x10 [ 457.901931][T12143] ? check_panic_on_warn+0x1f/0xb0 [ 457.907039][T12143] check_panic_on_warn+0xab/0xb0 [ 457.911972][T12143] __warn+0xf6/0x3c0 [ 457.915863][T12143] ? tracing_buffers_mmap_close+0xdd/0x130 [ 457.921667][T12143] report_bug+0x3c3/0x580 [ 457.925985][T12143] ? tracing_buffers_mmap_close+0xdd/0x130 [ 457.931794][T12143] handle_bug+0x184/0x210 [ 457.936139][T12143] exc_invalid_op+0x17/0x50 [ 457.940641][T12143] asm_exc_invalid_op+0x1a/0x20 [ 457.945503][T12143] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 457.951909][T12143] Code: 75 46 48 8b 7b 08 e8 d2 96 ff ff 31 ff 89 c3 89 c6 e8 37 4d fb ff 85 db 75 0a 48 83 c4 08 5b e9 e9 51 fb ff e8 e4 51 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 d6 51 fb ff e8 71 d0 62 00 eb 87 e8 9a [ 457.971511][T12143] RSP: 0018:ffffc90002f679b0 EFLAGS: 00010293 [ 457.977580][T12143] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81c08269 [ 457.985547][T12143] RDX: ffff888033fd3c80 RSI: ffffffff81c0827c RDI: 0000000000000005 [ 457.993538][T12143] RBP: ffffffff81c081a0 R08: 0000000000000005 R09: 0000000000000000 [ 458.001517][T12143] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff8880565882c8 [ 458.009500][T12143] R13: dffffc0000000000 R14: ffffc90002f67a38 R15: 0000000000000000 [ 458.017470][T12143] ? __pfx_tracing_buffers_mmap_close+0x10/0x10 [ 458.023711][T12143] ? tracing_buffers_mmap_close+0xc9/0x130 [ 458.029512][T12143] ? tracing_buffers_mmap_close+0xdc/0x130 [ 458.035326][T12143] remove_vma+0x88/0x160 [ 458.039570][T12143] exit_mmap+0x50a/0xb90 [ 458.043806][T12143] ? __pfx_exit_mmap+0x10/0x10 [ 458.048570][T12143] ? rcu_is_watching+0x12/0xc0 [ 458.053323][T12143] ? kasan_quarantine_put+0x10a/0x240 [ 458.058699][T12143] __mmput+0x12a/0x410 [ 458.062762][T12143] mmput+0x62/0x70 [ 458.066469][T12143] do_exit+0x7c7/0x2bf0 [ 458.070619][T12143] ? proc_coredump_connector+0x2d1/0x4f0 [ 458.076242][T12143] ? __pfx_do_exit+0x10/0x10 [ 458.080844][T12143] do_group_exit+0xd3/0x2a0 [ 458.085339][T12143] get_signal+0x2671/0x26d0 [ 458.089832][T12143] ? force_sig_fault+0xc4/0x100 [ 458.094669][T12143] ? __pfx_get_signal+0x10/0x10 [ 458.099510][T12143] arch_do_signal_or_restart+0x8f/0x790 [ 458.105050][T12143] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 458.111128][T12143] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 458.117307][T12143] irqentry_exit_to_user_mode+0x176/0x310 [ 458.123026][T12143] asm_exc_page_fault+0x26/0x30 [ 458.127868][T12143] RIP: 0033:0x40fff [ 458.131702][T12143] Code: Unable to access opcode bytes at 0x40fd5. [ 458.138095][T12143] RSP: 002b:000000000000000a EFLAGS: 00010206 [ 458.144150][T12143] RAX: 0000000000000000 RBX: 00007fadd4fe6090 RCX: 00007fadd4d8eec9 [ 458.152116][T12143] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 458.160091][T12143] RBP: 00007fadd4e11f91 R08: 0000000000000002 R09: 0000000000000000 [ 458.168055][T12143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 458.176024][T12143] R13: 00007fadd4fe6128 R14: 00007fadd4fe6090 R15: 00007ffcb360bf38 [ 458.184006][T12143] [ 458.187299][T12143] Kernel Offset: disabled [ 458.191622][T12143] Rebooting in 86400 seconds..