last executing test programs: 14.602398892s ago: executing program 1 (id=1972): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r1 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r1, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @multicast1}, 0x55) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000004540)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0xd6, 0xffc, 0x0, &(0x7f0000000080)=0x3) nanosleep$auto(0x0, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x1, 0x4020009, 0x4000000000000db, 0xeb1, 0x401, 0x8000) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x24040071}, 0x800) socketpair$auto(0x1, 0xffffffff, 0x8000000000000000, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x7fffffff, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x440, 0x0) 14.266732843s ago: executing program 2 (id=1974): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto(0x3, 0x40103e05, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/video25\x00', 0x189a40, 0x0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto_VHOST_SET_VRING_ERR(r1, 0x4008af22, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x88002, 0x0) sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, 0x0, 0x20000000) ioctl$auto_FBIO_CURSOR(0xffffffffffffffff, 0xc0684608, &(0x7f00000001c0)={0x6, 0x1, 0x600, 0x0, {0x1003, 0x9b72}, {0x5, 0x3, 0x2, 0x9, 0x4, 0x7f, 0x9, 0x0, {0x1fe, 0xffffff81, 0x0, 0x0, 0x0, 0x0}}}) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\r\xfb\xff\xf6OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) ioctl$auto(0x3, 0x4020565a, 0x38) 12.512588662s ago: executing program 2 (id=1978): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) writev$auto(r4, 0x0, 0x3) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) madvise$auto(0x0, 0x20499d, 0x9) 10.858487035s ago: executing program 1 (id=1979): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) waitid$auto(0x1, r5, &(0x7f0000000240)={@siginfo_0_0={0x81, 0xffffffff, 0x7, @_sigfault={&(0x7f0000000380)="9dac742e92519b449cd5d70b552d0f684079c317f3d4dfae91b180c9015685ec84d8ff050f9856249c4e0a16aec213baee2e66d58aeb0ed5b7f8b427566f88446b41e2415cce9b2ba58d760ca0d290556ce5f512e85cae4d36554e66f6bb735712e43590c972d1d4fbb662b7090ce1d3b7f66f07dea09364", @_trapno=0x7}}}, 0xfffffff7, &(0x7f00000002c0)={{0x1}, {0x4, 0x5}, 0x8, 0x9, 0x4, 0x7, 0x7ff, 0x9, 0x0, 0x5, 0xa, 0x3, 0x37, 0x7, 0x6, 0x1}) madvise$auto(0x0, 0x20499d, 0x9) 10.043829562s ago: executing program 2 (id=1982): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) mmap$auto(0xfffffffffffff25c, 0x3, 0x121, 0x16, r0, 0x8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000100)={{@raw=0x2, 0x85, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value_ptr=&(0x7f0000000040)=0x2, "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000640), 0x4c4ac3, 0x0) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0) read$auto(0x3, 0x0, 0x80) r2 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0) write$auto(r2, 0x0, 0xc70) pread64$auto(r1, 0x0, 0x7ff, 0x400) r3 = socket(0x1a, 0x1, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x5, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(r3, 0x0, 0x41) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x8800) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0xc805) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0) madvise$auto(0x0, 0x2003f0, 0x17) ioctl$auto_SNDRV_PCM_IOCTL_REWIND2(0xffffffffffffffff, 0x40084146, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) 10.027201537s ago: executing program 3 (id=1983): r0 = open(0x0, 0xd02, 0xc3) unshare$auto(0x40000080) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) userfaultfd$auto(0x1) socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x400002, 0x4, 0x0, &(0x7f00000001c0)=0x2) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r2 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x406040, 0x0) ioctl$auto_XFS_IOC_COMMIT_RANGE(r2, 0x40585883, &(0x7f0000000240)={r1, 0x0, 0xd7, 0x6, 0x401, 0x0, [0x7, 0x2, 0x9, 0x2b, 0x9, 0x10]}) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x7, 0xffff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) 9.294191866s ago: executing program 1 (id=1985): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/virt_wifi0/route_localnet\x00', 0x2202, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r1, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"]) ioctl$auto(r1, 0x4008550c, 0xffffffffffffffff) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) socket(0x1e, 0x6, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0) write$auto(r4, 0x0, 0x7) mremap$auto(0x4000, 0x9, 0x1fd6, 0x3, 0x0) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) mmap$auto(0x2b5, 0xe983, 0xdf, 0xebf, r2, 0x7) socketpair$auto(0x1, 0x2, 0x2, 0x0) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r6 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r5, 0x541c, r6) 8.766454911s ago: executing program 3 (id=1986): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/ipc\x00') ioctl$auto(0x3, 0x40103e05, r0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/video25\x00', 0x189a40, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto_VHOST_SET_VRING_ERR(r2, 0x4008af22, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x88002, 0x0) sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, 0x0, 0x20000000) ioctl$auto_FBIO_CURSOR(0xffffffffffffffff, 0xc0684608, &(0x7f00000001c0)={0x6, 0x1, 0x600, 0x0, {0x1003, 0x9b72}, {0x5, 0x3, 0x2, 0x9, 0x4, 0x7f, 0x9, 0x0, {0x1fe, 0xffffff81, 0x0, 0x0, 0x0, 0x0}}}) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\r\xfb\xff\xf6OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) ioctl$auto(0x3, 0x4020565a, 0x38) 8.629229763s ago: executing program 2 (id=1987): mmap$auto(0x1, 0x400009, 0x9, 0x4000000009b72, 0xffffffffffffffff, 0x200000000005) madvise$auto(0x0, 0xffffffffffff0101, 0x15) clone$auto(0x1, 0x3, 0x0, 0x0, 0x3) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop8/io-timeout-fail\x00', 0x22100, 0x0) mmap$auto(0xfffffffffffffffe, 0x200, 0xfffffffffffffffd, 0x9b72, 0x2, 0x8) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x4b66, r2) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$auto_KVM_GET_API_VERSION(r3, 0xae00, 0x0) rt_sigqueueinfo$auto(0x0, 0x1, 0x0) ptrace$auto_PTRACE_GETEVENTMSG(0x4201, 0x0, 0x3, 0xb) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003480)=""/247, 0xf7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x2, 0x1, 0x0, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0x2, 0x1, 0x100) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@vsock={0x28, 0x0, 0x0, @host}, 0x1) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) shutdown$auto(0x200000003, 0x2) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x8, 0x9, 0x1, 0xeb3, 0xfffefffffffffffa, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000100)=""/192, 0xc0) write$auto(r4, 0x0, 0x0) mmap$auto(0x8, 0x1000, 0xdf, 0x13, 0x401, 0x8000) 6.929770015s ago: executing program 1 (id=1990): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) writev$auto(r4, 0x0, 0x3) r5 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) waitid$auto(0x1, r5, &(0x7f0000000240)={@siginfo_0_0={0x81, 0xffffffff, 0x7, @_sigfault={&(0x7f0000000380)="9dac742e92519b449cd5d70b552d0f684079c317f3d4dfae91b180c9015685ec84d8ff050f9856249c4e0a16aec213baee2e66d58aeb0ed5b7f8b427566f88446b41e2415cce9b2ba58d760ca0d290556ce5f512e85cae4d36554e66f6bb735712e43590c972d1d4fbb662b7090ce1d3b7f66f07dea09364", @_trapno=0x7}}}, 0xfffffff7, &(0x7f00000002c0)={{0x1}, {0x4, 0x5}, 0x8, 0x9, 0x4, 0x7, 0x7ff, 0x9, 0x0, 0x5, 0xa, 0x3, 0x37, 0x7, 0x6, 0x1}) madvise$auto(0x0, 0x20499d, 0x9) 6.89073012s ago: executing program 3 (id=1991): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) writev$auto(r4, 0x0, 0x3) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) madvise$auto(0x0, 0x20499d, 0x9) 5.799520439s ago: executing program 3 (id=1993): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) waitid$auto(0x1, r5, &(0x7f0000000240)={@siginfo_0_0={0x81, 0xffffffff, 0x7, @_sigfault={&(0x7f0000000380)="9dac742e92519b449cd5d70b552d0f684079c317f3d4dfae91b180c9015685ec84d8ff050f9856249c4e0a16aec213baee2e66d58aeb0ed5b7f8b427566f88446b41e2415cce9b2ba58d760ca0d290556ce5f512e85cae4d36554e66f6bb735712e43590c972d1d4fbb662b7090ce1d3b7f66f07dea09364", @_trapno=0x7}}}, 0xfffffff7, &(0x7f00000002c0)={{0x1}, {0x4, 0x5}, 0x8, 0x9, 0x4, 0x7, 0x7ff, 0x9, 0x0, 0x5, 0xa, 0x3, 0x37, 0x7, 0x6, 0x1}) madvise$auto(0x0, 0x20499d, 0x9) 5.60737457s ago: executing program 1 (id=1995): r0 = open(0x0, 0xd02, 0xc3) unshare$auto(0x40000080) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) userfaultfd$auto(0x1) socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x400002, 0x4, 0x0, &(0x7f00000001c0)=0x2) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r2 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x406040, 0x0) ioctl$auto_XFS_IOC_COMMIT_RANGE(r2, 0x40585883, &(0x7f0000000240)={r1, 0x0, 0xd7, 0x6, 0x401, 0x0, [0x7, 0x2, 0x9, 0x2b, 0x9, 0x10]}) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x7, 0xffff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) 5.425612108s ago: executing program 2 (id=1996): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) writev$auto(r4, 0x0, 0x3) r5 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) waitid$auto(0x1, r5, &(0x7f0000000240)={@siginfo_0_0={0x81, 0xffffffff, 0x7, @_sigfault={&(0x7f0000000380)="9dac742e92519b449cd5d70b552d0f684079c317f3d4dfae91b180c9015685ec84d8ff050f9856249c4e0a16aec213baee2e66d58aeb0ed5b7f8b427566f88446b41e2415cce9b2ba58d760ca0d290556ce5f512e85cae4d36554e66f6bb735712e43590c972d1d4fbb662b7090ce1d3b7f66f07dea09364", @_trapno=0x7}}}, 0xfffffff7, &(0x7f00000002c0)={{0x1}, {0x4, 0x5}, 0x8, 0x9, 0x4, 0x7, 0x7ff, 0x9, 0x0, 0x5, 0xa, 0x3, 0x37, 0x7, 0x6, 0x1}) madvise$auto(0x0, 0x20499d, 0x9) 4.240845364s ago: executing program 3 (id=1998): r0 = open(0x0, 0xd02, 0xc3) unshare$auto(0x40000080) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) userfaultfd$auto(0x1) socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x400002, 0x4, 0x0, &(0x7f00000001c0)=0x2) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r2 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x406040, 0x0) ioctl$auto_XFS_IOC_COMMIT_RANGE(r2, 0x40585883, &(0x7f0000000240)={r1, 0x0, 0xd7, 0x6, 0x401, 0x0, [0x7, 0x2, 0x9, 0x2b, 0x9, 0x10]}) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x7, 0xffff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) 3.815437364s ago: executing program 0 (id=2000): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) writev$auto(r4, 0x0, 0x3) r5 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) waitid$auto(0x1, r5, &(0x7f0000000240)={@siginfo_0_0={0x81, 0xffffffff, 0x7, @_sigfault={&(0x7f0000000380)="9dac742e92519b449cd5d70b552d0f684079c317f3d4dfae91b180c9015685ec84d8ff050f9856249c4e0a16aec213baee2e66d58aeb0ed5b7f8b427566f88446b41e2415cce9b2ba58d760ca0d290556ce5f512e85cae4d36554e66f6bb735712e43590c972d1d4fbb662b7090ce1d3b7f66f07dea09364", @_trapno=0x7}}}, 0xfffffff7, &(0x7f00000002c0)={{0x1}, {0x4, 0x5}, 0x8, 0x9, 0x4, 0x7, 0x7ff, 0x9, 0x0, 0x5, 0xa, 0x3, 0x37, 0x7, 0x6, 0x1}) madvise$auto(0x0, 0x20499d, 0x9) 3.731079162s ago: executing program 1 (id=2001): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) brk$auto(0xffffffffffffff66) r4 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r5, 0x0, 0x800003, 0x270) r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r6, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4b9b3f30", 0x25) setrlimit$auto(0x8, 0x0) mlockall$auto(0x7) r7 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto_TUNSETVNETLE(r7, 0x400454dc, &(0x7f0000000240)=0x427) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x364f9cefc8a0a83, 0x0) shmctl$auto_IPC_RMID(0x5, 0x0, &(0x7f0000000380)={{0x81, 0x0, 0x0, 0x5, 0x6, 0x1, 0x1}, 0xfffffff7, 0xffffffffffffffff, 0x3, 0xb, @inferred=0x0, @raw=0x9, 0x2, 0x0, &(0x7f0000000280)="aa757d70f1f09bd8eaa9", &(0x7f0000001680)="08749ff4df35b75598629815e764e8491468fdee9079bd455261f3c12af31e72dd791e875cd7b47f19b1f97db7ffc84a8b8cfb1a797248310467b7aeb0f74733b23e7571d2878ceecbaaf91127b7dad93fcf0ece1ab11340072b43d017cd7186e2edad8471949f0e47b7b643dbcb9db8a8fde30ae065eb190136a96660eb14e7c34717b80e50f2a82e82c81ed70773c0ca0369a3da197a95c26bd775695b59799231eb84f9279387a7012a8dd7ce9838d92ff0776d2ce8c68c1b6b5836c68da3627d29"}) syz_clone(0x13081000, &(0x7f0000000480)="e156179aa5e36c4e0634e39e136fd01fc8a7691975e5d98e5a6dfd9de04a746f8784a2cb41f87cbc99c214969bd719fdfb8ff7995a9392d7efd0cd6c61ee8b359b216d3c54cf010e28c4ce5b5a2e2ff26b7e87d0c074ee25eb54058206f590692343a305791c44e7853cb3e12054466a28b5b78368d9aaecb9edd8e660e9c48ab4918b3a5594f6c694e524c7f3ee2ffe6b37692cbb3777b5e8ef402fcc83925b16f2fb30fd7e23a3814b6a1851832a41a5461aef267b8f214fc218d62d4cd232bcaa65956e7f58c5701400fb303e7d76", 0xd0, &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600)="6bf5d1590f48c50bff9124fc06ef5db9eeff17113697288c311b533835eb8fbd3438a16dca1d9450a88d57c4311e035649556de15150de76ca2fc7df99aba9435d0eadee76515b56ab5d9f29048caa765f2546f2db11625dafe44af50bf3f9492189737a3b5d0a3f0f50d7835fd155bb6de32c79a1e9626d03f53cb1596d997d907584925821a30455066d54abae764cbd3395f4d29a40227ff638942f499fe637d4add87b9426817dc12aa9d4732f97e5a14685cb4070040b382c399eaf6f0b9a562355d76fb5d173780a2fc22c510821118490bb0c2010f369bbc9561317b725671f7bc5b5ad2bc1e7884374c61a8ff0431e2eef2f162ff7d02cc5ae6b48a40e4edf82e756b3018dbd4182a07138d9e98a68afd32dd021e3b4113eae006d14b8b6318274d4e57088aeae3ffcb464fba174289e6c63c65559c30411b7e022816bdf207561716fbae6b8264dad74953588a955ecf22479108a104a7ddccc86e9e694843b79019282af02299231d588cc300a469c90eb95e571b5c866287ea1dfcabbc40dcc96ac6f23e4a26b823bc3b0173559f0e15e5586a368753d737455df6533196e832c073dc05f40ac03b6ce42b278cd299514563a18199844a7cf0326314035d85cbb103e706c27b76e39d0dd47ef2525640034832ccda63a222eabd8d9e18572b5a6612593f95e4b327a56bbbd9e8364634bf2610de13bcfad9d7bd112581dc81aa81def1558b9f15062fdd3de63e3d6487b3bd8c880ab70800ca9a106a4c1e065bc1d1150af38a499c4f26845b6355426f51f5088d932d981a1fb7eebc7efb7bfbc26df2c870fd743748a8817d95e793ad28570b516f7a4c45c6a002b5a026435b73079a2af0d516c398574e8fea5bbd2a18ec49d033a5f7ec092bd04d27710b9253b3d73c979fa852bd4eb35389d165eaa0c769feac43c172b7e20bec524cf413cb501e4429179ca1eeab505ac25f480e689b6210b554c9ffdfff0cc26f308879f53658bf09cf716fd8b700a5dbad7c2be291333ac1e802408b76153cc827d46080489899a2152e8997a690c6ed6570df5c9e01bcb8e8d95d2608e906a77fef889cd7022388a1042dc35617359dde8098bad2827429158a0c06d972902b9bb45fe4daf50d3b06e9dd214cab38a347cec85cd117a0b788eb7b17c18cf6531fb0ad321e037101ca79f9b31ebc109f5dfe7d6ec1daf584dbe428c1898d7f75c46cfeed3132df7999815fc35538a9409d69205d8132db3edbb51d94e3e2b19811a8fb81216734c433714e2bb34312d70e473807a950178db31daa8ad40cb56adfe87cd65f22fc53771b0ac6107c914b117f4bb4d40122ebf6e465107d1498ae89ff6136839b94b9d862128c92ffa12c284f31d85c51a5357c476b7dc562cce6a866d6e2e4cf8d618a0bce7b8cf97acbc63dc9c8fa8f1ffd895c63e79e09d25dd5984143389405c789244631413065e940c134fc4e689ba7d31df460266a2a8313aa419c91d944ffa0091719db5874f271ebb7a817a7cf70dd39c49abeeab38fdea234eaa600ad857ab080e6d39b653c99546fd342fc173e0ca441b6d4443dfd2108704c5027669499d20405ff6fcbbcda5c20bc69c94d9681aa4be9e3bf74c746f92b01629c265588780444293f4616ea710af089af0a525c5d90f60a6fb21e42fa09a5fa71c11501ea56430c5192acfe8d00d3e1b092669fbce1aad8d62cc79e6ce2434efef20802ca8ccc6f0cfef45bb4084d8063cf4ab1b46b4e6ce0172227caa2f5bf98e944ddcf04ba3128ec9e4c93179e5ce36bc1230cb3a087794bc7bfea0919d73eb8278a3b3b0f37e8dc21a5e400ecb559495a9178f4353e03afa671bac66b44fd625b2932e6ab70dc45c7ff4f9cd2dfccab3cf1f0849d3f08109cc6d26c0030b149d49f66c17b3b85c82900ae0ec2ec62b9966ec7d699cfea42e52c21f146d56684c8323a6797ce19d21c7db9c352ced4408c1ea5d8ed789f8b57613a310ba1670444706ecb98851c62cc860f45fc190353bf31039fc5c11f9265c797b329040ab0d4cc5610afb22b0f100cc068cb70eff69cf92aabdfd08bc76719ed6a3206b12a2bf7ff8046d38216ca30ceca73762a3dddcd206f60af10a5009d573539b4b527f2bbffe02e818fb715696fc24c45c7269c527849d8b6e683bc76c97966c14946e2ec2dd2c42d28b46d370b9edd1b0a2aaf0bff4bb813c0975611071a84784a0321bcb4059734ef2fc7e5a38312ccfa32eea284b0bc0e3db2fe3ed62271926d2e3538b07c1186a9c3d6da809b568f50aec330f34e6f750de3adc151f13766e22a32caa50917da35d383a6511e3faf611e57e6369a8e01f8acf5b6cf56552c13c3f08535cfb435fd820d4328d258a360e7d18e44f98a7348ac317ebaf9ebfcc698de6fb1ea7361365c2bba376af6252b48bd791e0ce4e3f01820288d0cb8f2e784907efd30ab4fac3891b33aa9d40b5457abc633d963f658495db35bc02d1fac7fb655c16488aff5379f81a847ced8bf1774404cf5fa9e439e0a1f7305ccbe16dc2886a8cb563a59937239779d5b1753bfd6afddd8bb9a49f042ca295eeddc1d022d7988bbaab512c4f30a29549ae83784c4e627f272875c115782889942bba63f00ada73ee1e4eadc0f8146747f650e3e5131fc60f38ac27183c0e3aa7295377838fe6c028658413f8991c23ea690a04ccbbbceea471b79dc454e6ccc633d11cc378adcd20b5a47b0ac3543923621c740b5e119c2febc469a58dfaf291309fd4577384fb025004b61bcef7d8dd65eb66cf7a6365bba6da41b785dbb7e406ca9e38ae7e0b5db0ec60c95e9ebdfdb8d3363934657dab93adaf3a9dbe4464b4b0fa8d80a91cc6e806924df6cf947e920735bb0c9e59735a8326aff2734c15bd99993e3ca50fcb8159d63aaca784e86bcb4b3c5533288abd1f1b0ad6fa3b9a40c418fa7d62014ac3db1042101949cc50809eacf5dd8f95acb5a23524a4f530950002a40c4c64683f24e717ac754d4ef09d2429188f78ff5d868a752c8fabd35b8abe12a7f14c09e2c3f3fb89f6fc0b57cbfe684284a142646efa75090ac46a6e093d2097fb1561f364b31c1e8d18f895d6ff06ecc3b98e0491d35ff7257c524a35ffc89765d2b59a8802d64e97b05b863a8c0766a86bf3532e3f9330ed0b4e4c888e9279cbf5e25e03137c1d97bfb2da18b01d9b1827eb7c3abbbb3554040fbef4123f8c9160c00a6ccd836c2be3ce9bc22e1271d041c3fb73c9a939a56e544bfb941cb72a468f87bf46e2526922ae67712471cf1d745e0a83dcd8c27d731317e315532c283edc8481a9373e80977c4f853ed55dbbf941b04870eb77cd1b1bc7187c03080b261a95ff2e9a50a921e3bb867847a8dbab0d4d7904880fddd219305e5fac93a544dba5f6bdad0da6645c499788290f857c06ad82c8209d1ee4d9cc27eed601cd3f4d9390bd2a179e5473ede7568b8216223dd6b47a2c45a82144b2f9c70ae160b2d7dcb251cb745e6c72a32d1a13e75e750b62c1a13ee5893ed9aefebe1cee27d0d0786627d8af53d7745951544a4e676f6799fbc76763e95df284f6db28ca6839dc90f8447e0f6f78662c3300715028c14c8573115b7e5ebc146d7019a2976dd392c8b28e98a01183d33fb1cb0f801ce5ec6ac977cbbd0a4e297906a9d3efdb7a244a6a4d3b76807a2be74d1c4ab8a9d3d18934bb47f682e54c2c4912bf7f7a81e247429566bb0c4bae22fdd388a2627f809dbbaf210d9cbede7c55c4b5ecb8a62d6623b3b13093c63de57c9ab4e0bc3002fbc00194a84941a5206191058c10cf3fe1bec4d939e7eb355a6bd3e3b39163ec0235c6e1cf0dcee974f08b62d7e67f6261bdcc26a193f712e1d722e099595f105d67277e5b1f32c8fc6240c205336758cf55bc2a34e19495a5ad6700a09069353e72db30e374be467e9671eb4564c963cb4c18e5f47be1f3c983fdc7ec84f73e6e63573ba38bc2c29c2cfb98d623dd5bd5874a60f22eb9424ff977804a026026c00745bf85ac60d05cce4444da75fe44ef7d4594627cbc2841292344eb16c7f75e0525838f7a903920fa8ca9db196add3e57b82772da51810e5b5c848fc13e7c5511ebce0c2a6197aab7198ab3e8f20740e49e028b304b254fa1c694d26016b0b143fb762fa3a7dd21fbcfc7dd1e98b483a5f83f1540c5912b5f37efc08552808851aa3ca65403b24dd76edcefd9abf8ec31cf168bf0f18a6fed38343d82f4ccdb6646db0474ac27704184b685dd3504061b143524bf7c7c60848b4f47813915da97755a4819bb61bd938368cde0ddfdc6fb9df3ce37e7ac2ed421f30268a29f1745795d8e16bf94ed918ede289f5bd4f0c02fcb9a10fe65f0b640e3f74c2e3f1d76c62fe9300868400d1566a71ad2d88ce7dff4135d21ba21b01893ac4adc973fb6e5a97ec06f411f1d52eead24f357efa28335f207e1bd6c206bdcd19c66ef504fb237852eeebff128fdf3f16253062ee3a98ce08ffea04975c799a699d55cd0b7b05b0cd959c42bf874b56f4d85611bfe7e72f6a9cf8e2a3d468770b0f022e93eeceec1fa8cf2da3e1fb669426899c21db86549f20225af2060103e6f5a49b49b53dcb349ce6ee034a224ece4af5bef8f18776fcbb192a30bf66472b5e031c507b0bc7e65649ddef18a176017c11bd39f71ae41334e15cd907737fa31cce0328cdd6c019d215b9db937f9da81cb045de46c1bf08528a16c0f71273888afb93b183e8aeaccd9fac7307945175ea4fd95daa0fa107ec6ad16a70db6f7104f104b6817c268d1a49f51929b5df775ada8e4579cda245fb339c51ce53f72a46261bb47de27c1b4ca7de968b94100aff83b769ab0a5653f703db869a947f55289130d74a32f39415f5a6e8db9a10fa4ddc4da164b13d8c9029bee4f3d60cb3645e36640820eed87e2ef88b7e621a1db8d2e7aa1665ec8137c9b4d37c2ae77a7bebdabaeecc490aa8aacddc8aa13f931769a2e529dde0dff6e1e0fa6c875850395619eeb05471b17a8d38d72d2d3830b6a63d6bd47c5fc43f68ffc15e04a9db297496d7edc180344e69bec3b6d6611a629b81202a3685df2289048d5ee757bce4ea76aa3c0718f9dad99e2f0c6f7056e8cb6d44f4d63496648397f5380c0c751747e950a34e914cbe084409910db96d40e150ce85be6fa4f7dd27472869ec69914c5ee5db52bf0e4f4a0ca53fb0ddecd785321ea127838bf1aba342a4bb08e2eef15b13dc99ad66da8b14bced05062c82b15fbec68b68c5afb800a862065eceb3b1d7bbfbfc9d3470a21b8413dea85bf8e3486ea767516cf444f10f394b8be07cade7e2cd8ec8cb6d26ec34a2ab411caadeda1543acd548e4bd321a46250acce8d4751deaeaab866c49a16845c38c30a64b05f1d5efcf0eaa5d311d3fa4383732e54a2c2ab09c08935d1cd1bcb4a8c064c5a6725e4250a056a95bb4c4cacd66bf0de5465df57b12b6008c5ebfada592b293e36831b303c412f51a4d85538ade69f52be840cccc9ae03262b096be1d8886c481e06b8761c62e1ad14b8d10b0c63b540a2ea555c841bab1a8cab6b611f929d72a95b78a5b1198560b03c7b33958e86b46c6074fd4511bae1ebad70620f322c84f05137da189c1bbe595885c761b2d8767d13afd18830fa4c13a6e418da999420741899e4298781cf3e9e80b08fe820497b6412372ae04c2eb7ca359468b74241792ed23e2bfdf48bd76d9220069bdebb614483730fb3e8b960db4671f58a93675e9df18773ba02b2ea54e4286f08eecbf1e2") msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001600)={{0x7b0, 0x0, r8, 0xd, 0x3ff, 0x7, 0xb}, &(0x7f0000000400)=0x9, &(0x7f0000000440)=0x10, 0x1, 0xd80, 0x9, 0x0, 0x8000000000000000, 0x6, 0xa, 0xfff9, @raw=0x8, @raw=0x9}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001780)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000426bd7000fea6d37480e6eedbdf25030000560800030000020000060007000080000008000300020000000a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32=r9, @ANYRES16=r3, @ANYRES64=r4, @ANYBLOB="ae804daaa56c70e31e1c3a04b1ef004baa00bcbd79cea954b6720dce19125a1bc5c32e29f13507907b4d99ce4d94480e679e797d4969466a5d2bc90356e29d6c177806868bd1e6da97ed6c3097fd2214a93aed3b5f298ed888674806318cd7f651f723c7bb382e67fe1c29a0424746b22c1eea842130bb22fdbc9d45367d307c0ee7ae86e68fd66119bf91193d5dca047b614c1011d3d3ce69c399d8fff682d95bad23fd834921ba623ba8891bbdd25ac1a79afbbd1ce8195894020f8a53a6558339b93a4b68d4b87e70"], 0x60}, 0x1, 0x0, 0x0, 0x404c081}, 0x40090) close_range$auto(0x2, 0x8, 0x7) setrlimit$auto(0x1, &(0x7f00000001c0)={0x0, 0x7dfb7663}) socket(0x2, 0x3, 0x100) 3.50754734s ago: executing program 0 (id=2002): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0) socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, 0x0, 0xa3) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0) madvise$auto(0x0, 0x20499d, 0x9) 2.552160921s ago: executing program 2 (id=2003): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) shmctl$auto_SHM_STAT_ANY(0x7ff, 0xf, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) select$auto(0x8, 0x0, 0x0, 0x0, 0x0) mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0) r0 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/environ\x00', 0x88f80, 0x0) readv$auto(r0, &(0x7f0000001780)={0x0, 0x400}, 0x7f) ioctl$auto(0x3, 0x400454ca, 0x38) socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/cmdline\x00', 0x8000, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101c00, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xfffffffffffffffb, 0x8) write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0) 2.552022885s ago: executing program 3 (id=2004): madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffff) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0xc0000101, 0x7, 0x800000000006}]}) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) setresgid$auto(0x9, 0xffffffffffffffff, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x400000000000000, 0xffffffffffff0005, 0x1a) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) madvise$auto(0x20000000, 0xffffffffffff0001, 0x95) read$auto_proc_pid_maps_operations_internal(0xffffffffffffffff, &(0x7f00000015c0)=""/4049, 0xfd1) setgroups$auto(0x1e9, &(0x7f0000000180)=0x400000) 2.550808796s ago: executing program 0 (id=2011): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/virt_wifi0/route_localnet\x00', 0x2202, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r1, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"]) ioctl$auto(r1, 0x4008550c, 0xffffffffffffffff) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) socket(0x1e, 0x6, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0) write$auto(r4, 0x0, 0x7) mremap$auto(0x4000, 0x9, 0x1fd6, 0x3, 0x0) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) mmap$auto(0x2b5, 0xe983, 0xdf, 0xebf, r2, 0x7) socketpair$auto(0x1, 0x2, 0x2, 0x0) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r6 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r5, 0x541c, r6) 1.052262983s ago: executing program 0 (id=2005): preadv$auto(0x40000000000003, &(0x7f00000000c0)={0x0, 0xff7ffffd}, 0x9, 0x8f, 0x10) 890.734373ms ago: executing program 0 (id=2006): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) ioctl$auto_BCH_IOCTL_DISK_RESIZE(0xffffffffffffffff, 0x4018bc0e, 0x0) ioctl$auto_CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x39) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, 0x0, 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0xaedb, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0xe1]}, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) msync$auto(0x2, 0x9, 0x40) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x10001a000, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x5, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) 0s ago: executing program 0 (id=2007): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) ioctl$auto_BCH_IOCTL_DISK_RESIZE(0xffffffffffffffff, 0x4018bc0e, 0x0) ioctl$auto_CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x39) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) msync$auto(0x2, 0x9, 0x40) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x10001a000, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x5, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) kernel console output (not intermixed with test programs): 00246 R12: 0000000000000000 [ 163.042666][ T6567] R13: 0000000000000000 R14: 00007fac8dfb5fa0 R15: 00007ffe648dd068 [ 163.042695][ T6567] [ 163.283399][ T6573] [U] [ 167.307288][ T9] Process accounting resumed [ 169.790487][ T6690] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 170.993706][ T9] Process accounting resumed [ 172.230542][ T6733] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 172.999343][ T6747] netlink: 28 bytes leftover after parsing attributes in process `syz.2.119'. [ 174.059070][ T30] audit: type=1800 audit(6048834214.626:2): pid=6762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.120" name="features" dev="configfs" ino=9534 res=0 errno=0 [ 176.376202][ T6799] misc userio: No port type given on /dev/userio [ 178.011134][ T5879] Process accounting resumed [ 179.185005][ T6843] ptrace attach of "./syz-executor exec"[5850] was attempted by "./syz-executor exec"[6843] [ 182.073797][ T6858] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 182.103179][ T6858] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 182.162072][ T6858] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 182.843923][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 183.126378][ T5879] Process accounting resumed [ 183.192639][ T6896] ptp ptp0: only physical clock in use now [ 184.651311][ T6917] netlink: 28 bytes leftover after parsing attributes in process `syz.3.150'. [ 184.925308][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.686886][ T9] Process accounting resumed [ 187.003824][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 188.274542][ T6960] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 188.368663][ T6954] Invalid ELF header magic: != ELF [ 188.597327][ T6961] netlink: 28 bytes leftover after parsing attributes in process `syz.0.156'. [ 188.940174][ T6961] bond0: (slave bond_slave_1): Releasing backup interface [ 189.136291][ T6965] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.682727][ T5879] Process accounting resumed [ 189.864429][ T6972] FAULT_INJECTION: forcing a failure. [ 189.864429][ T6972] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 189.926779][ T6972] CPU: 0 UID: 0 PID: 6972 Comm: syz.2.159 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 189.926836][ T6972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 189.926850][ T6972] Call Trace: [ 189.926858][ T6972] [ 189.926866][ T6972] dump_stack_lvl+0x16c/0x1f0 [ 189.926901][ T6972] should_fail_ex+0x512/0x640 [ 189.926943][ T6972] should_fail_alloc_page+0xe7/0x130 [ 189.926978][ T6972] prepare_alloc_pages+0x3c2/0x610 [ 189.927021][ T6972] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 189.927057][ T6972] ? find_held_lock+0x2b/0x80 [ 189.927083][ T6972] ? is_bpf_text_address+0x8a/0x1a0 [ 189.927119][ T6972] ? bpf_ksym_find+0x124/0x1c0 [ 189.927149][ T6972] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 189.927189][ T6972] ? is_bpf_text_address+0x94/0x1a0 [ 189.927225][ T6972] ? __kernel_text_address+0xd/0x40 [ 189.927263][ T6972] ? unwind_get_return_address+0x59/0xa0 [ 189.927300][ T6972] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 189.927341][ T6972] ? policy_nodemask+0xea/0x4e0 [ 189.927373][ T6972] alloc_pages_mpol+0x1fb/0x550 [ 189.927405][ T6972] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 189.927433][ T6972] ? kasan_save_stack+0x33/0x60 [ 189.927458][ T6972] ? __kasan_kmalloc+0xaa/0xb0 [ 189.927481][ T6972] ? __get_vm_area_node+0x101/0x330 [ 189.927524][ T6972] alloc_pages_noprof+0x131/0x390 [ 189.927555][ T6972] get_free_pages_noprof+0x10/0xb0 [ 189.927594][ T6972] kasan_populate_vmalloc+0x89/0x1f0 [ 189.927625][ T6972] alloc_vmap_area+0x959/0x29c0 [ 189.927671][ T6972] ? __pfx_alloc_vmap_area+0x10/0x10 [ 189.927718][ T6972] __get_vm_area_node+0x1ca/0x330 [ 189.927761][ T6972] __vmalloc_node_range_noprof+0x271/0x14b0 [ 189.927809][ T6972] ? n_tty_open+0x1a/0x170 [ 189.927845][ T6972] ? do_raw_spin_unlock+0x172/0x230 [ 189.927891][ T6972] ? n_tty_open+0x1a/0x170 [ 189.927934][ T6972] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 189.927972][ T6972] ? console_unlock+0x184/0x210 [ 189.927995][ T6972] ? __pfx_console_unlock+0x10/0x10 [ 189.928020][ T6972] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 189.928065][ T6972] ? n_tty_open+0x1a/0x170 [ 189.928117][ T6972] __vmalloc_node_noprof+0xad/0xf0 [ 189.928156][ T6972] ? n_tty_open+0x1a/0x170 [ 189.928193][ T6972] ? __pfx_n_tty_open+0x10/0x10 [ 189.928232][ T6972] n_tty_open+0x1a/0x170 [ 189.928269][ T6972] ? __pfx_n_tty_open+0x10/0x10 [ 189.928306][ T6972] tty_ldisc_open+0x9f/0x120 [ 189.928335][ T6972] tty_ldisc_setup+0x40/0x100 [ 189.928365][ T6972] tty_init_dev.part.0+0x1ec/0x500 [ 189.928404][ T6972] tty_open+0xa50/0xf90 [ 189.928444][ T6972] ? __pfx_tty_open+0x10/0x10 [ 189.928479][ T6972] ? chrdev_open+0x10b/0x6a0 [ 189.928513][ T6972] ? __pfx_tty_open+0x10/0x10 [ 189.928547][ T6972] chrdev_open+0x231/0x6a0 [ 189.928575][ T6972] ? __pfx_apparmor_file_open+0x10/0x10 [ 189.928599][ T6972] ? __pfx_chrdev_open+0x10/0x10 [ 189.928631][ T6972] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 189.928662][ T6972] do_dentry_open+0x741/0x1c10 [ 189.928690][ T6972] ? __pfx_chrdev_open+0x10/0x10 [ 189.928726][ T6972] vfs_open+0x82/0x3f0 [ 189.928765][ T6972] path_openat+0x1de4/0x2cb0 [ 189.928807][ T6972] ? __pfx_path_openat+0x10/0x10 [ 189.928835][ T6972] ? __lock_acquire+0xb8a/0x1c90 [ 189.928873][ T6972] do_filp_open+0x20b/0x470 [ 189.928900][ T6972] ? __pfx_do_filp_open+0x10/0x10 [ 189.928949][ T6972] ? alloc_fd+0x471/0x7d0 [ 189.928981][ T6972] do_sys_openat2+0x11b/0x1d0 [ 189.929016][ T6972] ? __pfx_do_sys_openat2+0x10/0x10 [ 189.929064][ T6972] __x64_sys_openat+0x174/0x210 [ 189.929101][ T6972] ? __pfx___x64_sys_openat+0x10/0x10 [ 189.929150][ T6972] do_syscall_64+0xcd/0x490 [ 189.929183][ T6972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.929208][ T6972] RIP: 0033:0x7f506438e9a9 [ 189.929253][ T6972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.929275][ T6972] RSP: 002b:00007f506519e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 189.929296][ T6972] RAX: ffffffffffffffda RBX: 00007f50645b6080 RCX: 00007f506438e9a9 [ 189.929311][ T6972] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 189.929337][ T6972] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 189.929350][ T6972] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 189.929363][ T6972] R13: 0000000000000000 R14: 00007f50645b6080 R15: 00007ffc5bb3e0a8 [ 189.929391][ T6972] [ 190.362827][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.469427][ T6972] syz.2.159: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 190.484418][ T6972] CPU: 0 UID: 0 PID: 6972 Comm: syz.2.159 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 190.484451][ T6972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 190.484465][ T6972] Call Trace: [ 190.484475][ T6972] [ 190.484484][ T6972] dump_stack_lvl+0x16c/0x1f0 [ 190.484519][ T6972] warn_alloc+0x248/0x3a0 [ 190.484548][ T6972] ? __pfx_warn_alloc+0x10/0x10 [ 190.484579][ T6972] ? kfree+0x2b4/0x4d0 [ 190.484606][ T6972] ? __get_vm_area_node+0x208/0x330 [ 190.484651][ T6972] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 190.484692][ T6972] ? do_raw_spin_unlock+0x172/0x230 [ 190.484740][ T6972] ? n_tty_open+0x1a/0x170 [ 190.484786][ T6972] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 190.484826][ T6972] ? console_unlock+0x184/0x210 [ 190.484856][ T6972] ? __pfx_console_unlock+0x10/0x10 [ 190.484882][ T6972] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 190.484926][ T6972] ? n_tty_open+0x1a/0x170 [ 190.484963][ T6972] __vmalloc_node_noprof+0xad/0xf0 [ 190.485002][ T6972] ? n_tty_open+0x1a/0x170 [ 190.485039][ T6972] ? __pfx_n_tty_open+0x10/0x10 [ 190.485079][ T6972] n_tty_open+0x1a/0x170 [ 190.485115][ T6972] ? __pfx_n_tty_open+0x10/0x10 [ 190.485152][ T6972] tty_ldisc_open+0x9f/0x120 [ 190.485181][ T6972] tty_ldisc_setup+0x40/0x100 [ 190.485211][ T6972] tty_init_dev.part.0+0x1ec/0x500 [ 190.485249][ T6972] tty_open+0xa50/0xf90 [ 190.485290][ T6972] ? __pfx_tty_open+0x10/0x10 [ 190.485324][ T6972] ? chrdev_open+0x10b/0x6a0 [ 190.485358][ T6972] ? __pfx_tty_open+0x10/0x10 [ 190.485392][ T6972] chrdev_open+0x231/0x6a0 [ 190.485420][ T6972] ? __pfx_apparmor_file_open+0x10/0x10 [ 190.485444][ T6972] ? __pfx_chrdev_open+0x10/0x10 [ 190.485475][ T6972] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 190.485506][ T6972] do_dentry_open+0x741/0x1c10 [ 190.485535][ T6972] ? __pfx_chrdev_open+0x10/0x10 [ 190.485570][ T6972] vfs_open+0x82/0x3f0 [ 190.485608][ T6972] path_openat+0x1de4/0x2cb0 [ 190.485644][ T6972] ? __pfx_path_openat+0x10/0x10 [ 190.485672][ T6972] ? __lock_acquire+0xb8a/0x1c90 [ 190.485709][ T6972] do_filp_open+0x20b/0x470 [ 190.485736][ T6972] ? __pfx_do_filp_open+0x10/0x10 [ 190.485784][ T6972] ? alloc_fd+0x471/0x7d0 [ 190.485816][ T6972] do_sys_openat2+0x11b/0x1d0 [ 190.485857][ T6972] ? __pfx_do_sys_openat2+0x10/0x10 [ 190.485905][ T6972] __x64_sys_openat+0x174/0x210 [ 190.485942][ T6972] ? __pfx___x64_sys_openat+0x10/0x10 [ 190.485992][ T6972] do_syscall_64+0xcd/0x490 [ 190.486026][ T6972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.486050][ T6972] RIP: 0033:0x7f506438e9a9 [ 190.486070][ T6972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.486093][ T6972] RSP: 002b:00007f506519e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 190.486114][ T6972] RAX: ffffffffffffffda RBX: 00007f50645b6080 RCX: 00007f506438e9a9 [ 190.486130][ T6972] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 190.486145][ T6972] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 190.486159][ T6972] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 190.486174][ T6972] R13: 0000000000000000 R14: 00007f50645b6080 R15: 00007ffc5bb3e0a8 [ 190.486204][ T6972] [ 190.486221][ T6972] Mem-Info: [ 190.820317][ T6972] active_anon:10289 inactive_anon:12 isolated_anon:0 [ 190.820317][ T6972] active_file:9751 inactive_file:41694 isolated_file:0 [ 190.820317][ T6972] unevictable:768 dirty:877 writeback:0 [ 190.820317][ T6972] slab_reclaimable:10004 slab_unreclaimable:93722 [ 190.820317][ T6972] mapped:28985 shmem:2547 pagetables:1058 [ 190.820317][ T6972] sec_pagetables:0 bounce:0 [ 190.820317][ T6972] kernel_misc_reclaimable:0 [ 190.820317][ T6972] free:1331146 free_pcp:9163 free_cma:0 [ 190.865846][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.872116][ T6972] Node 0 active_anon:41156kB inactive_anon:48kB active_file:39004kB inactive_file:166572kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115940kB dirty:3508kB writeback:0kB shmem:8652kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:11344kB pagetables:4100kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 190.906244][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.913546][ T6972] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 190.946674][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.964000][ T5879] Process accounting resumed [ 191.015735][ T6972] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 191.044824][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.091420][ T6972] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 191.103648][ T6972] Node 0 DMA32 free:1392072kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:41124kB inactive_anon:32kB active_file:39004kB inactive_file:165256kB unevictable:1536kB writepending:3496kB present:3129332kB managed:2540408kB mlocked:0kB bounce:0kB free_pcp:35296kB local_pcp:35296kB free_cma:0kB [ 191.136172][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.192296][ T6972] lowmem_reserve[]: 0 0 1 1 1 [ 191.198098][ T6972] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 191.227257][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.236290][ T6972] lowmem_reserve[]: 0 0 0 0 0 [ 191.241068][ T6972] Node 1 Normal free:3917144kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:240kB local_pcp:240kB free_cma:0kB [ 191.271988][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.284800][ T6972] lowmem_reserve[]: 0 0 0 0 0 [ 191.289601][ T6972] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 191.302717][ T6972] Node 0 DMA32: 1246*4kB (UME) 898*8kB (UME) 1318*16kB (UME) 956*32kB (UME) 598*64kB (UME) 238*128kB (UME) 75*256kB (UME) 110*512kB (UME) 54*1024kB (UME) 13*2048kB (UME) 269*4096kB (UME) = 1391848kB [ 191.322396][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.329742][ T6972] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 191.343111][ T6972] Node 1 Normal: 112*4kB (UME) 49*8kB (UME) 33*16kB (UME) 228*32kB (UME) 108*64kB (UME) 35*128kB (UME) 13*256kB (UM) 5*512kB (UM) 4*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3917144kB [ 191.363129][ T6972] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 191.377890][ T6972] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 191.387555][ T6972] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 191.402059][ T6972] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 191.411553][ T6972] 54031 total pagecache pages [ 191.421690][ T6972] 39 pages in swap cache [ 191.426407][ T6972] Free swap = 122916kB [ 191.430587][ T6972] Total swap = 124996kB [ 191.437416][ T6972] 2097051 pages RAM [ 191.441272][ T6972] 0 pages HighMem/MovableOnly [ 191.446287][ T6972] 429971 pages reserved [ 191.450570][ T6972] 0 pages cma reserved [ 191.457339][ T6972] tty tty26: ldisc open failed (-12), clearing slot 25 [ 194.659580][ T7023] vhci_hcd: invalid port number 16 [ 194.671980][ T7023] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 197.108230][ T5879] Process accounting resumed [ 197.210294][ T5879] Process accounting resumed [ 199.602761][ T5879] Process accounting resumed [ 201.721320][ T7113] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 202.298100][ T7133] random: crng reseeded on system resumption [ 204.270211][ T7171] binder: 7165:7171 ioctl c018620c 0 returned -1 [ 204.625529][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.631873][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.676319][ T7167] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 207.034968][ T5879] Process accounting resumed [ 211.435292][ T7260] FAULT_INJECTION: forcing a failure. [ 211.435292][ T7260] name failslab, interval 1, probability 0, space 0, times 0 [ 211.540105][ T7260] CPU: 0 UID: 0 PID: 7260 Comm: syz.1.200 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 211.540139][ T7260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 211.540154][ T7260] Call Trace: [ 211.540162][ T7260] [ 211.540171][ T7260] dump_stack_lvl+0x16c/0x1f0 [ 211.540207][ T7260] should_fail_ex+0x512/0x640 [ 211.540243][ T7260] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 211.540274][ T7260] should_failslab+0xc2/0x120 [ 211.540304][ T7260] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 211.540329][ T7260] ? __pfx___might_resched+0x10/0x10 [ 211.540354][ T7260] ? alloc_vmap_area+0x645/0x29c0 [ 211.540392][ T7260] alloc_vmap_area+0x645/0x29c0 [ 211.540438][ T7260] ? __pfx_alloc_vmap_area+0x10/0x10 [ 211.540479][ T7260] __get_vm_area_node+0x1ca/0x330 [ 211.540520][ T7260] __vmalloc_node_range_noprof+0x271/0x14b0 [ 211.540560][ T7260] ? n_tty_open+0x1a/0x170 [ 211.540595][ T7260] ? do_raw_spin_unlock+0x172/0x230 [ 211.540640][ T7260] ? n_tty_open+0x1a/0x170 [ 211.540682][ T7260] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 211.540720][ T7260] ? console_unlock+0x184/0x210 [ 211.540742][ T7260] ? __pfx_console_unlock+0x10/0x10 [ 211.540767][ T7260] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 211.540816][ T7260] ? n_tty_open+0x1a/0x170 [ 211.540852][ T7260] __vmalloc_node_noprof+0xad/0xf0 [ 211.540892][ T7260] ? n_tty_open+0x1a/0x170 [ 211.540929][ T7260] ? __pfx_n_tty_open+0x10/0x10 [ 211.540968][ T7260] n_tty_open+0x1a/0x170 [ 211.541006][ T7260] ? __pfx_n_tty_open+0x10/0x10 [ 211.541043][ T7260] tty_ldisc_open+0x9f/0x120 [ 211.541071][ T7260] tty_ldisc_setup+0x40/0x100 [ 211.541102][ T7260] tty_init_dev.part.0+0x1ec/0x500 [ 211.541140][ T7260] tty_open+0xa50/0xf90 [ 211.541180][ T7260] ? __pfx_tty_open+0x10/0x10 [ 211.541215][ T7260] ? chrdev_open+0x10b/0x6a0 [ 211.541249][ T7260] ? __pfx_tty_open+0x10/0x10 [ 211.541283][ T7260] chrdev_open+0x231/0x6a0 [ 211.541311][ T7260] ? __pfx_apparmor_file_open+0x10/0x10 [ 211.541334][ T7260] ? __pfx_chrdev_open+0x10/0x10 [ 211.541366][ T7260] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 211.541397][ T7260] do_dentry_open+0x741/0x1c10 [ 211.541425][ T7260] ? __pfx_chrdev_open+0x10/0x10 [ 211.541461][ T7260] vfs_open+0x82/0x3f0 [ 211.541499][ T7260] path_openat+0x1de4/0x2cb0 [ 211.541535][ T7260] ? __pfx_path_openat+0x10/0x10 [ 211.541563][ T7260] ? __lock_acquire+0xb8a/0x1c90 [ 211.541600][ T7260] do_filp_open+0x20b/0x470 [ 211.541627][ T7260] ? __pfx_do_filp_open+0x10/0x10 [ 211.541675][ T7260] ? alloc_fd+0x471/0x7d0 [ 211.541707][ T7260] do_sys_openat2+0x11b/0x1d0 [ 211.541742][ T7260] ? __pfx_do_sys_openat2+0x10/0x10 [ 211.541789][ T7260] __x64_sys_openat+0x174/0x210 [ 211.541833][ T7260] ? __pfx___x64_sys_openat+0x10/0x10 [ 211.541895][ T7260] do_syscall_64+0xcd/0x490 [ 211.541928][ T7260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.541952][ T7260] RIP: 0033:0x7fac8dd8e9a9 [ 211.541972][ T7260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.541995][ T7260] RSP: 002b:00007fac8ebeb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 211.542016][ T7260] RAX: ffffffffffffffda RBX: 00007fac8dfb5fa0 RCX: 00007fac8dd8e9a9 [ 211.542031][ T7260] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 211.542045][ T7260] RBP: 00007fac8de10d69 R08: 0000000000000000 R09: 0000000000000000 [ 211.542058][ T7260] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 211.542071][ T7260] R13: 0000000000000000 R14: 00007fac8dfb5fa0 R15: 00007ffe648dd068 [ 211.542100][ T7260] [ 211.542130][ T7260] syz.1.200: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 213.041786][ T7260] CPU: 0 UID: 0 PID: 7260 Comm: syz.1.200 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 213.041821][ T7260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 213.041835][ T7260] Call Trace: [ 213.041843][ T7260] [ 213.041851][ T7260] dump_stack_lvl+0x16c/0x1f0 [ 213.041886][ T7260] warn_alloc+0x248/0x3a0 [ 213.041916][ T7260] ? __pfx_warn_alloc+0x10/0x10 [ 213.041946][ T7260] ? kfree+0x2b4/0x4d0 [ 213.041974][ T7260] ? __get_vm_area_node+0x208/0x330 [ 213.042018][ T7260] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 213.042058][ T7260] ? do_raw_spin_unlock+0x172/0x230 [ 213.042106][ T7260] ? n_tty_open+0x1a/0x170 [ 213.042152][ T7260] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 213.042192][ T7260] ? console_unlock+0x184/0x210 [ 213.042215][ T7260] ? __pfx_console_unlock+0x10/0x10 [ 213.042242][ T7260] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 213.042285][ T7260] ? n_tty_open+0x1a/0x170 [ 213.042322][ T7260] __vmalloc_node_noprof+0xad/0xf0 [ 213.042361][ T7260] ? n_tty_open+0x1a/0x170 [ 213.042398][ T7260] ? __pfx_n_tty_open+0x10/0x10 [ 213.042437][ T7260] n_tty_open+0x1a/0x170 [ 213.042474][ T7260] ? __pfx_n_tty_open+0x10/0x10 [ 213.042511][ T7260] tty_ldisc_open+0x9f/0x120 [ 213.042539][ T7260] tty_ldisc_setup+0x40/0x100 [ 213.042570][ T7260] tty_init_dev.part.0+0x1ec/0x500 [ 213.042608][ T7260] tty_open+0xa50/0xf90 [ 213.042649][ T7260] ? __pfx_tty_open+0x10/0x10 [ 213.042684][ T7260] ? chrdev_open+0x10b/0x6a0 [ 213.042717][ T7260] ? __pfx_tty_open+0x10/0x10 [ 213.042756][ T7260] chrdev_open+0x231/0x6a0 [ 213.042785][ T7260] ? __pfx_apparmor_file_open+0x10/0x10 [ 213.042808][ T7260] ? __pfx_chrdev_open+0x10/0x10 [ 213.042844][ T7260] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 213.042876][ T7260] do_dentry_open+0x741/0x1c10 [ 213.042904][ T7260] ? __pfx_chrdev_open+0x10/0x10 [ 213.042940][ T7260] vfs_open+0x82/0x3f0 [ 213.042978][ T7260] path_openat+0x1de4/0x2cb0 [ 213.043014][ T7260] ? __pfx_path_openat+0x10/0x10 [ 213.043043][ T7260] ? __lock_acquire+0xb8a/0x1c90 [ 213.043079][ T7260] do_filp_open+0x20b/0x470 [ 213.043106][ T7260] ? __pfx_do_filp_open+0x10/0x10 [ 213.043155][ T7260] ? alloc_fd+0x471/0x7d0 [ 213.043187][ T7260] do_sys_openat2+0x11b/0x1d0 [ 213.043222][ T7260] ? __pfx_do_sys_openat2+0x10/0x10 [ 213.043270][ T7260] __x64_sys_openat+0x174/0x210 [ 213.043307][ T7260] ? __pfx___x64_sys_openat+0x10/0x10 [ 213.043356][ T7260] do_syscall_64+0xcd/0x490 [ 213.043389][ T7260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.043413][ T7260] RIP: 0033:0x7fac8dd8e9a9 [ 213.043432][ T7260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.043454][ T7260] RSP: 002b:00007fac8ebeb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 213.043476][ T7260] RAX: ffffffffffffffda RBX: 00007fac8dfb5fa0 RCX: 00007fac8dd8e9a9 [ 213.043492][ T7260] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 213.043507][ T7260] RBP: 00007fac8de10d69 R08: 0000000000000000 R09: 0000000000000000 [ 213.043521][ T7260] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 213.043535][ T7260] R13: 0000000000000000 R14: 00007fac8dfb5fa0 R15: 00007ffe648dd068 [ 213.043565][ T7260] [ 214.194586][ T7260] Mem-Info: [ 214.201460][ T7260] active_anon:11533 inactive_anon:7 isolated_anon:0 [ 214.201460][ T7260] active_file:13676 inactive_file:42170 isolated_file:0 [ 214.201460][ T7260] unevictable:768 dirty:719 writeback:0 [ 214.201460][ T7260] slab_reclaimable:10043 slab_unreclaimable:93020 [ 214.201460][ T7260] mapped:27443 shmem:1830 pagetables:1064 [ 214.201460][ T7260] sec_pagetables:0 bounce:0 [ 214.201460][ T7260] kernel_misc_reclaimable:0 [ 214.201460][ T7260] free:1323110 free_pcp:12819 free_cma:0 [ 214.264811][ T7260] Node 0 active_anon:44208kB inactive_anon:28kB active_file:54704kB inactive_file:168476kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:109772kB dirty:2872kB writeback:0kB shmem:3912kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:11088kB pagetables:4124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 214.305603][ T7260] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 214.339915][ T7260] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 214.375107][ T7260] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 214.380929][ T7260] Node 0 DMA32 free:1363496kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44160kB inactive_anon:28kB active_file:54704kB inactive_file:167160kB unevictable:1536kB writepending:2872kB present:3129332kB managed:2540408kB mlocked:0kB bounce:0kB free_pcp:49496kB local_pcp:49496kB free_cma:0kB [ 214.420312][ T7260] lowmem_reserve[]: 0 0 1 1 1 [ 214.425397][ T7260] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 214.459884][ T7260] lowmem_reserve[]: 0 0 0 0 0 [ 214.465071][ T7260] Node 1 Normal free:3917320kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:68kB local_pcp:68kB free_cma:0kB [ 214.499240][ T7260] lowmem_reserve[]: 0 0 0 0 0 [ 214.504215][ T7260] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 214.519718][ T7260] Node 0 DMA32: 2516*4kB (UME) 1316*8kB (UME) 1132*16kB (UM) 542*32kB (UME) 291*64kB (UME) 251*128kB (UME) 81*256kB (UME) 110*512kB (UME) 54*1024kB (UME) 11*2048kB (UME) 269*4096kB (UME) = 1363504kB [ 214.545842][ T7260] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 214.561536][ T7260] Node 1 Normal: 180*4kB (UME) 53*8kB (UME) 35*16kB (UME) 229*32kB (UME) 109*64kB (UME) 35*128kB (UME) 14*256kB (UM) 4*512kB (UM) 4*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3917320kB [ 214.582883][ T7260] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 214.592794][ T7260] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 214.604951][ T7260] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 214.616070][ T7260] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 214.626966][ T7260] 57204 total pagecache pages [ 214.631670][ T7260] 0 pages in swap cache [ 214.637434][ T7260] Free swap = 124996kB [ 214.641616][ T7260] Total swap = 124996kB [ 214.650172][ T7260] 2097051 pages RAM [ 214.655580][ T7260] 0 pages HighMem/MovableOnly [ 214.663460][ T7260] 429971 pages reserved [ 214.669021][ T7260] 0 pages cma reserved [ 214.673108][ T7260] tty tty26: ldisc open failed (-12), clearing slot 25 [ 214.687382][ T7286] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 214.706120][ T7287] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 214.714076][ T7291] ttyS ttyS1: ldisc open failed (-12), clearing slot 1 [ 215.957065][ T5895] Process accounting resumed [ 217.365841][ T30] audit: type=1804 audit(1843104527.520:3): pid=7336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.210" name="/newroot/51/file0" dev="tmpfs" ino=310 res=1 errno=0 [ 217.830469][ T7331] random: crng reseeded on system resumption [ 218.648241][ T7345] can0: slcan on ttyS2. [ 218.854177][ T7345] can0 (unregistered): slcan off ttyS2. [ 218.936410][ T7327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 219.154884][ T7327] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 219.873920][ T7370] netlink: 28 bytes leftover after parsing attributes in process `syz.3.216'. [ 224.813832][ T5895] Process accounting resumed [ 224.943929][ T7436] FAULT_INJECTION: forcing a failure. [ 224.943929][ T7436] name failslab, interval 1, probability 0, space 0, times 0 [ 225.142421][ T7436] CPU: 0 UID: 0 PID: 7436 Comm: syz.3.222 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 225.142454][ T7436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 225.142467][ T7436] Call Trace: [ 225.142475][ T7436] [ 225.142483][ T7436] dump_stack_lvl+0x16c/0x1f0 [ 225.142516][ T7436] should_fail_ex+0x512/0x640 [ 225.142552][ T7436] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 225.142578][ T7436] should_failslab+0xc2/0x120 [ 225.142616][ T7436] __kmalloc_cache_noprof+0x6a/0x3e0 [ 225.142639][ T7436] ? io_uring_setup+0x24f/0x2080 [ 225.142676][ T7436] io_uring_setup+0x24f/0x2080 [ 225.142711][ T7436] ? __pfx_io_uring_setup+0x10/0x10 [ 225.142743][ T7436] ? do_futex+0x122/0x350 [ 225.142775][ T7436] ? __pfx_do_futex+0x10/0x10 [ 225.142803][ T7436] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 225.142850][ T7436] ? xfd_validate_state+0x61/0x180 [ 225.142884][ T7436] ? __pfx_do_writev+0x10/0x10 [ 225.142912][ T7436] __x64_sys_io_uring_setup+0xc2/0x170 [ 225.142947][ T7436] do_syscall_64+0xcd/0x490 [ 225.142979][ T7436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.143002][ T7436] RIP: 0033:0x7fd72878e9a9 [ 225.143020][ T7436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.143042][ T7436] RSP: 002b:00007fd729588038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 225.143063][ T7436] RAX: ffffffffffffffda RBX: 00007fd7289b6160 RCX: 00007fd72878e9a9 [ 225.143078][ T7436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 225.143091][ T7436] RBP: 00007fd728810d69 R08: 0000000000000000 R09: 0000000000000000 [ 225.143105][ T7436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.143118][ T7436] R13: 0000000000000000 R14: 00007fd7289b6160 R15: 00007ffd675b2ab8 [ 225.143147][ T7436] [ 226.850604][ T9] Process accounting resumed [ 228.243751][ T7482] kafs: addr_prefs: Too many elements in string [ 229.287431][ T7494] random: crng reseeded on system resumption [ 229.835774][ T7482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.011381][ T7482] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.283975][ T9] Process accounting resumed [ 237.123720][ T10] Process accounting resumed [ 237.861732][ T10] Process accounting resumed [ 244.710212][ T7684] zswap: compressor not available [ 244.729479][ T10] Process accounting resumed [ 245.402024][ T7708] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 245.882547][ T7709] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 246.026300][ T7708] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 246.120475][ T7711] netlink: 8 bytes leftover after parsing attributes in process `syz.0.268'. [ 246.163231][ T21] sched: DL replenish lagged too much [ 247.414267][ T7732] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 247.470576][ T7729] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 247.550944][ T7729] netlink: 'syz.0.271': attribute type 1 has an invalid length. [ 247.568291][ T7729] netlink: 33 bytes leftover after parsing attributes in process `syz.0.271'. [ 247.929553][ T7726] kexec: Could not allocate control_code_buffer [ 248.598214][ T7748] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 249.628120][ T7759] kafs: addr_prefs: Too many elements in string [ 249.916476][ T7758] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 250.153771][ T2152] Process accounting resumed [ 250.276083][ T7765] random: crng reseeded on system resumption [ 250.424368][ T7759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 250.435136][ T7759] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 250.519381][ T7763] FAULT_INJECTION: forcing a failure. [ 250.519381][ T7763] name failslab, interval 1, probability 0, space 0, times 0 [ 250.588028][ T7772] mmap: syz.1.279 (7772) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 250.620103][ T7763] CPU: 0 UID: 0 PID: 7763 Comm: syz.3.276 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 250.620136][ T7763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 250.620150][ T7763] Call Trace: [ 250.620157][ T7763] [ 250.620165][ T7763] dump_stack_lvl+0x16c/0x1f0 [ 250.620200][ T7763] should_fail_ex+0x512/0x640 [ 250.620237][ T7763] ? __lock_acquire+0x622/0x1c90 [ 250.620272][ T7763] should_failslab+0xc2/0x120 [ 250.620308][ T7763] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 250.620335][ T7763] ? __alloc_skb+0x2b2/0x380 [ 250.620368][ T7763] __alloc_skb+0x2b2/0x380 [ 250.620397][ T7763] ? __pfx___alloc_skb+0x10/0x10 [ 250.620424][ T7763] ? sctp_data_ready+0x1d9/0x600 [ 250.620456][ T7763] _sctp_make_chunk+0x51/0x270 [ 250.620486][ T7763] sctp_make_control+0x2f/0x2d0 [ 250.620519][ T7763] sctp_make_sack+0x1af/0x520 [ 250.620551][ T7763] ? __pfx_sctp_make_sack+0x10/0x10 [ 250.620590][ T7763] ? sctp_sf_eat_data_6_2+0x56b/0xba0 [ 250.620632][ T7763] sctp_do_sm+0x4215/0x5c80 [ 250.620663][ T7763] ? __pfx_sctp_do_sm+0x10/0x10 [ 250.620687][ T7763] ? __pfx_sctp_do_sm+0x10/0x10 [ 250.620711][ T7763] ? _copy_from_iter+0x15d/0x16f0 [ 250.620766][ T7763] ? ktime_get+0x200/0x310 [ 250.620794][ T7763] ? lockdep_hardirqs_on+0x7c/0x110 [ 250.620826][ T7763] sctp_assoc_bh_rcv+0x392/0x6f0 [ 250.620871][ T7763] sctp_inq_push+0x1d8/0x270 [ 250.620910][ T7763] sctp_backlog_rcv+0x169/0x590 [ 250.620939][ T7763] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 250.620965][ T7763] __release_sock+0x35f/0x400 [ 250.621003][ T7763] release_sock+0x5a/0x220 [ 250.621034][ T7763] sctp_sendmsg+0xf17/0x1ee0 [ 250.621064][ T7763] ? __pfx_sctp_sendmsg+0x10/0x10 [ 250.621088][ T7763] ? __pfx___might_resched+0x10/0x10 [ 250.621123][ T7763] ? aa_file_perm+0x495/0xf70 [ 250.621148][ T7763] ? __pfx_aa_sk_perm+0x10/0x10 [ 250.621189][ T7763] ? __pfx_sctp_sendmsg+0x10/0x10 [ 250.621212][ T7763] inet_sendmsg+0x11c/0x140 [ 250.621239][ T7763] sock_write_iter+0x4aa/0x5b0 [ 250.621279][ T7763] ? __pfx_sock_write_iter+0x10/0x10 [ 250.621327][ T7763] ? bpf_lsm_file_permission+0x9/0x10 [ 250.621360][ T7763] ? security_file_permission+0x71/0x210 [ 250.621384][ T7763] ? rw_verify_area+0xcf/0x680 [ 250.621425][ T7763] vfs_write+0x6c4/0x1150 [ 250.621450][ T7763] ? __pfx_sock_write_iter+0x10/0x10 [ 250.621492][ T7763] ? __pfx_vfs_write+0x10/0x10 [ 250.621520][ T7763] ? find_held_lock+0x2b/0x80 [ 250.621561][ T7763] ksys_write+0x1f8/0x250 [ 250.621585][ T7763] ? __pfx_ksys_write+0x10/0x10 [ 250.621637][ T7763] do_syscall_64+0xcd/0x490 [ 250.621670][ T7763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.621694][ T7763] RIP: 0033:0x7fd72878e9a9 [ 250.621713][ T7763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.621736][ T7763] RSP: 002b:00007fd729588038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 250.621770][ T7763] RAX: ffffffffffffffda RBX: 00007fd7289b6160 RCX: 00007fd72878e9a9 [ 250.621786][ T7763] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 250.621799][ T7763] RBP: 00007fd728810d69 R08: 0000000000000000 R09: 0000000000000000 [ 250.621813][ T7763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.621826][ T7763] R13: 0000000000000000 R14: 00007fd7289b6160 R15: 00007ffd675b2ab8 [ 250.621874][ T7763] [ 252.028722][ T10] Process accounting resumed [ 252.776161][ T2152] Process accounting resumed [ 257.498961][ T5895] Process accounting resumed [ 259.045424][ T7864] FAULT_INJECTION: forcing a failure. [ 259.045424][ T7864] name failslab, interval 1, probability 0, space 0, times 0 [ 259.754336][ T7864] CPU: 0 UID: 0 PID: 7864 Comm: syz.2.297 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 259.754381][ T7864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 259.754400][ T7864] Call Trace: [ 259.754410][ T7864] [ 259.754430][ T7864] dump_stack_lvl+0x16c/0x1f0 [ 259.754475][ T7864] should_fail_ex+0x512/0x640 [ 259.754521][ T7864] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 259.754563][ T7864] should_failslab+0xc2/0x120 [ 259.754603][ T7864] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 259.754641][ T7864] ? shmem_alloc_inode+0x25/0x50 [ 259.754690][ T7864] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 259.754729][ T7864] shmem_alloc_inode+0x25/0x50 [ 259.754769][ T7864] alloc_inode+0x61/0x240 [ 259.754811][ T7864] new_inode+0x22/0x1c0 [ 259.754855][ T7864] shmem_get_inode+0x19a/0xfb0 [ 259.754911][ T7864] shmem_symlink+0xf8/0x9f0 [ 259.754950][ T7864] ? __pfx_shmem_symlink+0x10/0x10 [ 259.754984][ T7864] ? bpf_lsm_inode_permission+0x9/0x10 [ 259.755022][ T7864] ? security_inode_permission+0xbf/0x260 [ 259.755071][ T7864] ? inode_permission+0x156/0x630 [ 259.755120][ T7864] vfs_symlink+0x403/0x680 [ 259.755173][ T7864] do_symlinkat+0x261/0x310 [ 259.755213][ T7864] ? __pfx_do_symlinkat+0x10/0x10 [ 259.755249][ T7864] ? getname_flags.part.0+0x1c5/0x550 [ 259.755306][ T7864] __x64_sys_symlink+0x75/0x90 [ 259.755360][ T7864] do_syscall_64+0xcd/0x490 [ 259.755429][ T7864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.755463][ T7864] RIP: 0033:0x7f506438e9a9 [ 259.755490][ T7864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.755521][ T7864] RSP: 002b:00007f506519e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 259.755551][ T7864] RAX: ffffffffffffffda RBX: 00007f50645b6080 RCX: 00007f506438e9a9 [ 259.755572][ T7864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180 [ 259.755592][ T7864] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 259.755610][ T7864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.755628][ T7864] R13: 0000000000000000 R14: 00007f50645b6080 R15: 00007ffc5bb3e0a8 [ 259.755670][ T7864] [ 263.562178][ T7943] netlink: 28 bytes leftover after parsing attributes in process `syz.1.308'. [ 266.013284][ T7969] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 266.047826][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.054299][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.518468][ T7971] FAULT_INJECTION: forcing a failure. [ 266.518468][ T7971] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 266.533850][ T7971] CPU: 1 UID: 0 PID: 7971 Comm: syz.1.312 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 266.533909][ T7971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 266.533930][ T7971] Call Trace: [ 266.533943][ T7971] [ 266.533956][ T7971] dump_stack_lvl+0x16c/0x1f0 [ 266.534014][ T7971] should_fail_ex+0x512/0x640 [ 266.534071][ T7971] should_fail_alloc_page+0xe7/0x130 [ 266.534118][ T7971] prepare_alloc_pages+0x3c2/0x610 [ 266.534168][ T7971] ? rcu_is_watching+0x12/0xc0 [ 266.534208][ T7971] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 266.534260][ T7971] ? __lock_acquire+0xb8a/0x1c90 [ 266.534323][ T7971] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 266.534362][ T7971] ? do_raw_spin_lock+0x12c/0x2b0 [ 266.534416][ T7971] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 266.534468][ T7971] ? find_held_lock+0x2b/0x80 [ 266.534514][ T7971] ? __lock_acquire+0xb8a/0x1c90 [ 266.534558][ T7971] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 266.534613][ T7971] ? policy_nodemask+0xea/0x4e0 [ 266.534659][ T7971] alloc_pages_mpol+0x1fb/0x550 [ 266.534703][ T7971] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 266.534778][ T7971] folio_alloc_mpol_noprof+0x36/0x2f0 [ 266.534833][ T7971] shmem_alloc_folio+0x135/0x160 [ 266.534888][ T7971] shmem_alloc_and_add_folio+0x499/0xc20 [ 266.534933][ T7971] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 266.534973][ T7971] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 266.535024][ T7971] shmem_get_folio_gfp+0x67f/0x1600 [ 266.535071][ T7971] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 266.535111][ T7971] ? filemap_map_pages+0xf6f/0x1680 [ 266.535153][ T7971] shmem_fault+0x1fe/0xa30 [ 266.535189][ T7971] ? __pfx_shmem_fault+0x10/0x10 [ 266.535232][ T7971] ? __pfx_filemap_map_pages+0x10/0x10 [ 266.535283][ T7971] __do_fault+0x10d/0x490 [ 266.535326][ T7971] __handle_mm_fault+0x3bf8/0x5390 [ 266.535370][ T7971] ? __pfx___handle_mm_fault+0x10/0x10 [ 266.535399][ T7971] ? __pfx_mt_find+0x10/0x10 [ 266.535468][ T7971] ? find_vma+0xbf/0x140 [ 266.535511][ T7971] ? __pfx_find_vma+0x10/0x10 [ 266.535560][ T7971] handle_mm_fault+0x589/0xd10 [ 266.535594][ T7971] ? __pkru_allows_pkey+0x51/0xb0 [ 266.535648][ T7971] do_user_addr_fault+0x7a6/0x1370 [ 266.535703][ T7971] ? rcu_is_watching+0x12/0xc0 [ 266.535742][ T7971] exc_page_fault+0x5c/0xb0 [ 266.535782][ T7971] asm_exc_page_fault+0x26/0x30 [ 266.535814][ T7971] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 266.535870][ T7971] Code: 21 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 266.535901][ T7971] RSP: 0018:ffffc90003d2f640 EFLAGS: 00050202 [ 266.535929][ T7971] RAX: 0000000000000001 RBX: 000000000000fdf3 RCX: 000000000000bdf3 [ 266.535948][ T7971] RDX: ffffed1009ddbfc1 RSI: 0000000000004000 RDI: ffff88804eed4010 [ 266.535968][ T7971] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1009ddbfc0 [ 266.535986][ T7971] R10: ffff88804eedfe02 R11: 0000000000000000 R12: ffffc90003d2fc58 [ 266.536017][ T7971] R13: 000000000000fdf3 R14: ffff88804eed0010 R15: 00007ffffffff000 [ 266.536060][ T7971] _copy_from_iter+0x383/0x16f0 [ 266.536106][ T7971] ? __pfx__copy_from_iter+0x10/0x10 [ 266.536137][ T7971] ? sctp_addto_chunk+0xfa/0x2a0 [ 266.536176][ T7971] ? __asan_memcpy+0x3c/0x60 [ 266.536208][ T7971] ? sctp_make_datafrag_empty+0x1c3/0x240 [ 266.536254][ T7971] ? __pfx_sctp_make_datafrag_empty+0x10/0x10 [ 266.536303][ T7971] sctp_user_addto_chunk+0x84/0x240 [ 266.536351][ T7971] sctp_datamsg_from_user+0x5b6/0x1320 [ 266.536412][ T7971] sctp_sendmsg_to_asoc+0xaf5/0x1bf0 [ 266.536480][ T7971] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 266.536531][ T7971] ? __pfx_autoremove_wake_function+0x10/0x10 [ 266.536584][ T7971] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 266.536635][ T7971] sctp_sendmsg+0xef5/0x1ee0 [ 266.536677][ T7971] ? __pfx_sctp_sendmsg+0x10/0x10 [ 266.536710][ T7971] ? __pfx___might_resched+0x10/0x10 [ 266.536759][ T7971] ? aa_file_perm+0x495/0xf70 [ 266.536795][ T7971] ? __pfx_aa_sk_perm+0x10/0x10 [ 266.536844][ T7971] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 266.536886][ T7971] ? __pfx_sctp_sendmsg+0x10/0x10 [ 266.536919][ T7971] inet_sendmsg+0x11c/0x140 [ 266.536957][ T7971] sock_write_iter+0x4aa/0x5b0 [ 266.537019][ T7971] ? __pfx_sock_write_iter+0x10/0x10 [ 266.537089][ T7971] ? bpf_lsm_file_permission+0x9/0x10 [ 266.537135][ T7971] ? security_file_permission+0x71/0x210 [ 266.537170][ T7971] ? rw_verify_area+0xcf/0x680 [ 266.537227][ T7971] vfs_write+0x6c4/0x1150 [ 266.537263][ T7971] ? __pfx_sock_write_iter+0x10/0x10 [ 266.537320][ T7971] ? __pfx_vfs_write+0x10/0x10 [ 266.537351][ T7971] ? find_held_lock+0x2b/0x80 [ 266.537414][ T7971] ksys_write+0x1f8/0x250 [ 266.537450][ T7971] ? __pfx_ksys_write+0x10/0x10 [ 266.537498][ T7971] do_syscall_64+0xcd/0x490 [ 266.537542][ T7971] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.537575][ T7971] RIP: 0033:0x7fac8dd8e9a9 [ 266.537601][ T7971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.537632][ T7971] RSP: 002b:00007fac8ebca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 266.537663][ T7971] RAX: ffffffffffffffda RBX: 00007fac8dfb6080 RCX: 00007fac8dd8e9a9 [ 266.537683][ T7971] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 266.537701][ T7971] RBP: 00007fac8de10d69 R08: 0000000000000000 R09: 0000000000000000 [ 266.537720][ T7971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 266.537738][ T7971] R13: 0000000000000000 R14: 00007fac8dfb6080 R15: 00007ffe648dd068 [ 266.537782][ T7971] [ 267.469563][ T7994] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 267.862908][ T8000] netlink: 8 bytes leftover after parsing attributes in process `syz.1.315'. [ 268.754775][ T5895] Process accounting resumed [ 269.626329][ T8023] kafs: addr_prefs: Too many elements in string [ 269.671669][ T2152] Process accounting resumed [ 269.980178][ T8031] i2c i2c-0: Failed to register i2c client card: at 0x01 (-16) [ 270.100081][ T8031] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 270.112145][ T8034] netlink: 'syz.2.321': attribute type 1 has an invalid length. [ 270.144215][ T8034] netlink: 33 bytes leftover after parsing attributes in process `syz.2.321'. [ 270.425851][ T8024] random: crng reseeded on system resumption [ 270.465050][ T8024] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 270.478195][ T8024] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 274.098330][ T5822] Process accounting resumed [ 275.161825][ T10] Process accounting resumed [ 276.508570][ T5822] Process accounting resumed [ 277.761498][ T8121] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 278.026978][ T8122] FAULT_INJECTION: forcing a failure. [ 278.026978][ T8122] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 278.054031][ T8122] CPU: 1 UID: 0 PID: 8122 Comm: syz.2.337 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 278.054076][ T8122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 278.054095][ T8122] Call Trace: [ 278.054106][ T8122] [ 278.054119][ T8122] dump_stack_lvl+0x16c/0x1f0 [ 278.054161][ T8122] should_fail_ex+0x512/0x640 [ 278.054204][ T8122] should_fail_alloc_page+0xe7/0x130 [ 278.054238][ T8122] prepare_alloc_pages+0x3c2/0x610 [ 278.054276][ T8122] ? rcu_is_watching+0x12/0xc0 [ 278.054305][ T8122] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 278.054336][ T8122] ? __lock_acquire+0xb8a/0x1c90 [ 278.054381][ T8122] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 278.054410][ T8122] ? do_raw_spin_lock+0x12c/0x2b0 [ 278.054455][ T8122] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 278.054508][ T8122] ? find_held_lock+0x2b/0x80 [ 278.054542][ T8122] ? __lock_acquire+0xb8a/0x1c90 [ 278.054575][ T8122] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 278.054617][ T8122] ? policy_nodemask+0xea/0x4e0 [ 278.054651][ T8122] alloc_pages_mpol+0x1fb/0x550 [ 278.054691][ T8122] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 278.054732][ T8122] folio_alloc_mpol_noprof+0x36/0x2f0 [ 278.054771][ T8122] shmem_alloc_folio+0x135/0x160 [ 278.054811][ T8122] shmem_alloc_and_add_folio+0x499/0xc20 [ 278.054844][ T8122] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 278.054873][ T8122] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 278.054904][ T8122] shmem_get_folio_gfp+0x67f/0x1600 [ 278.054938][ T8122] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 278.054967][ T8122] ? filemap_map_pages+0xf6f/0x1680 [ 278.054998][ T8122] shmem_fault+0x1fe/0xa30 [ 278.055025][ T8122] ? __pfx_shmem_fault+0x10/0x10 [ 278.055063][ T8122] ? __pfx_filemap_map_pages+0x10/0x10 [ 278.055100][ T8122] __do_fault+0x10d/0x490 [ 278.055131][ T8122] __handle_mm_fault+0x3bf8/0x5390 [ 278.055162][ T8122] ? __pfx___handle_mm_fault+0x10/0x10 [ 278.055184][ T8122] ? __pfx_mt_find+0x10/0x10 [ 278.055233][ T8122] ? find_vma+0xbf/0x140 [ 278.055265][ T8122] ? __pfx_find_vma+0x10/0x10 [ 278.055301][ T8122] handle_mm_fault+0x589/0xd10 [ 278.055325][ T8122] ? __pkru_allows_pkey+0x51/0xb0 [ 278.055364][ T8122] do_user_addr_fault+0x7a6/0x1370 [ 278.055406][ T8122] ? rcu_is_watching+0x12/0xc0 [ 278.055434][ T8122] exc_page_fault+0x5c/0xb0 [ 278.055463][ T8122] asm_exc_page_fault+0x26/0x30 [ 278.055486][ T8122] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 278.055527][ T8122] Code: 21 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 278.055550][ T8122] RSP: 0018:ffffc90002f07640 EFLAGS: 00050202 [ 278.055568][ T8122] RAX: 0000000000000001 RBX: 000000000000fdf3 RCX: 000000000000bdf3 [ 278.055583][ T8122] RDX: ffffed100f68bfc1 RSI: 0000000000004000 RDI: ffff88807b454010 [ 278.055598][ T8122] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100f68bfc0 [ 278.055612][ T8122] R10: ffff88807b45fe02 R11: 0000000000000000 R12: ffffc90002f07c58 [ 278.055627][ T8122] R13: 000000000000fdf3 R14: ffff88807b450010 R15: 00007ffffffff000 [ 278.055658][ T8122] _copy_from_iter+0x383/0x16f0 [ 278.055696][ T8122] ? __pfx__copy_from_iter+0x10/0x10 [ 278.055718][ T8122] ? sctp_addto_chunk+0xfa/0x2a0 [ 278.055748][ T8122] ? __asan_memcpy+0x3c/0x60 [ 278.055772][ T8122] ? sctp_make_datafrag_empty+0x1c3/0x240 [ 278.055805][ T8122] ? __pfx_sctp_make_datafrag_empty+0x10/0x10 [ 278.055842][ T8122] sctp_user_addto_chunk+0x84/0x240 [ 278.055878][ T8122] sctp_datamsg_from_user+0x5b6/0x1320 [ 278.055921][ T8122] sctp_sendmsg_to_asoc+0xaf5/0x1bf0 [ 278.055969][ T8122] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 278.056007][ T8122] ? __pfx_autoremove_wake_function+0x10/0x10 [ 278.056045][ T8122] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 278.056083][ T8122] sctp_sendmsg+0xef5/0x1ee0 [ 278.056115][ T8122] ? __pfx_sctp_sendmsg+0x10/0x10 [ 278.056140][ T8122] ? __pfx___might_resched+0x10/0x10 [ 278.056175][ T8122] ? aa_file_perm+0x495/0xf70 [ 278.056202][ T8122] ? __pfx_aa_sk_perm+0x10/0x10 [ 278.056244][ T8122] ? __pfx_sctp_sendmsg+0x10/0x10 [ 278.056268][ T8122] inet_sendmsg+0x11c/0x140 [ 278.056296][ T8122] sock_write_iter+0x4aa/0x5b0 [ 278.056337][ T8122] ? __pfx_sock_write_iter+0x10/0x10 [ 278.056388][ T8122] ? bpf_lsm_file_permission+0x9/0x10 [ 278.056422][ T8122] ? security_file_permission+0x71/0x210 [ 278.056448][ T8122] ? rw_verify_area+0xcf/0x680 [ 278.056490][ T8122] vfs_write+0x6c4/0x1150 [ 278.056516][ T8122] ? __pfx_sock_write_iter+0x10/0x10 [ 278.056559][ T8122] ? __pfx_vfs_write+0x10/0x10 [ 278.056582][ T8122] ? find_held_lock+0x2b/0x80 [ 278.056625][ T8122] ksys_write+0x1f8/0x250 [ 278.056651][ T8122] ? __pfx_ksys_write+0x10/0x10 [ 278.056700][ T8122] do_syscall_64+0xcd/0x490 [ 278.056734][ T8122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.056758][ T8122] RIP: 0033:0x7f506438e9a9 [ 278.056777][ T8122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.056800][ T8122] RSP: 002b:00007f506519e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 278.056821][ T8122] RAX: ffffffffffffffda RBX: 00007f50645b6080 RCX: 00007f506438e9a9 [ 278.056837][ T8122] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 278.056851][ T8122] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 278.056865][ T8122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.056879][ T8122] R13: 0000000000000000 R14: 00007f50645b6080 R15: 00007ffc5bb3e0a8 [ 278.056909][ T8122] [ 280.085224][ T2152] Process accounting resumed [ 282.262174][ T8191] vivid-007: ================= START STATUS ================= [ 282.360200][ T8191] vivid-007: Generate PTS: true [ 282.367991][ T8191] vivid-007: Generate SCR: true [ 282.372976][ T8191] tpg source WxH: 320x240 (Y'CbCr) [ 282.379781][ T8191] tpg field: 1 [ 282.383222][ T8191] tpg crop: (0,0)/320x240 [ 282.388201][ T8191] tpg compose: (0,0)/320x240 [ 282.392991][ T8191] tpg colorspace: 8 [ 282.397326][ T8191] tpg transfer function: 0/0 [ 282.401987][ T8191] tpg Y'CbCr encoding: 0/0 [ 282.407108][ T8191] tpg quantization: 0/0 [ 282.411327][ T8191] tpg RGB range: 0/2 [ 282.427445][ T8191] vivid-007: ================== END STATUS ================== [ 282.510122][ T10] Process accounting resumed [ 283.246034][ T8210] netlink: 28 bytes leftover after parsing attributes in process `syz.3.347'. [ 283.285556][ T8210] netlink: 330 bytes leftover after parsing attributes in process `syz.3.347'. [ 283.314858][ T8210] netlink: 20 bytes leftover after parsing attributes in process `syz.3.347'. [ 285.470066][ T8245] random: crng reseeded on system resumption [ 286.684693][ T8256] FAULT_INJECTION: forcing a failure. [ 286.684693][ T8256] name failslab, interval 1, probability 0, space 0, times 0 [ 286.727888][ T8256] CPU: 1 UID: 0 PID: 8256 Comm: syz.2.355 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 286.727933][ T8256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 286.727952][ T8256] Call Trace: [ 286.727963][ T8256] [ 286.727975][ T8256] dump_stack_lvl+0x16c/0x1f0 [ 286.728020][ T8256] should_fail_ex+0x512/0x640 [ 286.728070][ T8256] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 286.728114][ T8256] should_failslab+0xc2/0x120 [ 286.728157][ T8256] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 286.728195][ T8256] ? do_raw_spin_lock+0x12c/0x2b0 [ 286.728248][ T8256] ? __d_alloc+0x32/0xae0 [ 286.728290][ T8256] __d_alloc+0x32/0xae0 [ 286.728335][ T8256] d_alloc_parallel+0x111/0x1480 [ 286.728398][ T8256] ? find_held_lock+0x2b/0x80 [ 286.728432][ T8256] ? __pfx_d_alloc_parallel+0x10/0x10 [ 286.728486][ T8256] ? __d_lookup+0x266/0x4a0 [ 286.728546][ T8256] lookup_open.isra.0+0x665/0x1580 [ 286.728608][ T8256] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 286.728682][ T8256] ? mnt_get_write_access+0x20c/0x300 [ 286.728734][ T8256] path_openat+0x893/0x2cb0 [ 286.728785][ T8256] ? __pfx_path_openat+0x10/0x10 [ 286.728823][ T8256] ? __lock_acquire+0xb8a/0x1c90 [ 286.728881][ T8256] do_filp_open+0x20b/0x470 [ 286.728918][ T8256] ? __pfx_do_filp_open+0x10/0x10 [ 286.728987][ T8256] ? alloc_fd+0x471/0x7d0 [ 286.729031][ T8256] do_sys_openat2+0x11b/0x1d0 [ 286.729078][ T8256] ? __pfx_do_sys_openat2+0x10/0x10 [ 286.729127][ T8256] ? __sys_sendmsg+0x18c/0x220 [ 286.729179][ T8256] __x64_sys_openat+0x174/0x210 [ 286.729227][ T8256] ? __pfx___x64_sys_openat+0x10/0x10 [ 286.729292][ T8256] do_syscall_64+0xcd/0x490 [ 286.729338][ T8256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.729371][ T8256] RIP: 0033:0x7f506438e9a9 [ 286.729397][ T8256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.729429][ T8256] RSP: 002b:00007f50651bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 286.729461][ T8256] RAX: ffffffffffffffda RBX: 00007f50645b5fa0 RCX: 00007f506438e9a9 [ 286.729481][ T8256] RDX: 0000000000000202 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 286.729501][ T8256] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 286.729519][ T8256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.729537][ T8256] R13: 0000000000000000 R14: 00007f50645b5fa0 R15: 00007ffc5bb3e0a8 [ 286.729579][ T8256] [ 287.474563][ T8273] FAULT_INJECTION: forcing a failure. [ 287.474563][ T8273] name failslab, interval 1, probability 0, space 0, times 0 [ 287.584054][ T8273] CPU: 0 UID: 0 PID: 8273 Comm: syz.2.356 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 287.584102][ T8273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 287.584129][ T8273] Call Trace: [ 287.584140][ T8273] [ 287.584153][ T8273] dump_stack_lvl+0x16c/0x1f0 [ 287.584200][ T8273] should_fail_ex+0x512/0x640 [ 287.584249][ T8273] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 287.584294][ T8273] should_failslab+0xc2/0x120 [ 287.584336][ T8273] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 287.584373][ T8273] ? __lock_acquire+0xb8a/0x1c90 [ 287.584417][ T8273] ? __d_alloc+0x32/0xae0 [ 287.584459][ T8273] __d_alloc+0x32/0xae0 [ 287.584493][ T8273] ? do_raw_spin_lock+0x12c/0x2b0 [ 287.584549][ T8273] d_alloc+0x4a/0x1e0 [ 287.584589][ T8273] d_alloc_name+0x83/0xb0 [ 287.584627][ T8273] ? __pfx_d_alloc_name+0x10/0x10 [ 287.584663][ T8273] ? __d_add+0x403/0xa50 [ 287.584712][ T8273] simple_fill_super+0x2eb/0x720 [ 287.584752][ T8273] ? __pfx_nfsd_fill_super+0x10/0x10 [ 287.584803][ T8273] nfsd_fill_super+0x90/0x530 [ 287.584851][ T8273] ? __pfx_set_anon_super_fc+0x10/0x10 [ 287.584905][ T8273] ? __pfx_nfsd_fill_super+0x10/0x10 [ 287.584955][ T8273] get_tree_keyed+0x10b/0x1d0 [ 287.584997][ T8273] vfs_get_tree+0x8e/0x340 [ 287.585048][ T8273] path_mount+0x1482/0x1fd0 [ 287.585093][ T8273] ? __pfx_path_mount+0x10/0x10 [ 287.585138][ T8273] ? kmem_cache_free+0x2d1/0x4d0 [ 287.585171][ T8273] ? putname+0x154/0x1a0 [ 287.585217][ T8273] ? putname+0x154/0x1a0 [ 287.585263][ T8273] ? __x64_sys_mount+0x28d/0x310 [ 287.585299][ T8273] __x64_sys_mount+0x28d/0x310 [ 287.585335][ T8273] ? __pfx___x64_sys_mount+0x10/0x10 [ 287.585386][ T8273] do_syscall_64+0xcd/0x490 [ 287.585432][ T8273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.585463][ T8273] RIP: 0033:0x7f506438e9a9 [ 287.585488][ T8273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.585519][ T8273] RSP: 002b:00007f506519e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 287.585549][ T8273] RAX: ffffffffffffffda RBX: 00007f50645b6080 RCX: 00007f506438e9a9 [ 287.585570][ T8273] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000 [ 287.585589][ T8273] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 287.585607][ T8273] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000 [ 287.585625][ T8273] R13: 0000000000000000 R14: 00007f50645b6080 R15: 00007ffc5bb3e0a8 [ 287.585667][ T8273] [ 289.199731][ T8285] FAULT_INJECTION: forcing a failure. [ 289.199731][ T8285] name failslab, interval 1, probability 0, space 0, times 0 [ 289.284435][ T8285] CPU: 1 UID: 0 PID: 8285 Comm: syz.2.357 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 289.284470][ T8285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 289.284485][ T8285] Call Trace: [ 289.284493][ T8285] [ 289.284502][ T8285] dump_stack_lvl+0x16c/0x1f0 [ 289.284535][ T8285] should_fail_ex+0x512/0x640 [ 289.284573][ T8285] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 289.284604][ T8285] should_failslab+0xc2/0x120 [ 289.284639][ T8285] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 289.284665][ T8285] ? __proc_create+0xc3/0x8e0 [ 289.284699][ T8285] ? __proc_create+0x2ce/0x8e0 [ 289.284736][ T8285] __proc_create+0x2ce/0x8e0 [ 289.284769][ T8285] ? __pfx___proc_create+0x10/0x10 [ 289.284807][ T8285] ? _raw_write_unlock+0x28/0x50 [ 289.284834][ T8285] ? proc_register+0x314/0x5f0 [ 289.284871][ T8285] proc_create_reg+0x7d/0x180 [ 289.284916][ T8285] proc_create_net_data+0x8e/0x1c0 [ 289.284952][ T8285] ? __pfx_proc_create_net_data+0x10/0x10 [ 289.284994][ T8285] ? __pfx_vlan_init_net+0x10/0x10 [ 289.285028][ T8285] vlan_proc_init+0xe3/0x180 [ 289.285057][ T8285] ops_init+0x1e2/0x5f0 [ 289.285095][ T8285] setup_net+0x1ff/0x510 [ 289.285127][ T8285] ? lockdep_init_map_type+0x5c/0x280 [ 289.285163][ T8285] ? __pfx_setup_net+0x10/0x10 [ 289.285200][ T8285] ? debug_mutex_init+0x37/0x70 [ 289.285227][ T8285] copy_net_ns+0x2a6/0x5f0 [ 289.285268][ T8285] create_new_namespaces+0x3ea/0xa90 [ 289.285302][ T8285] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 289.285332][ T8285] ksys_unshare+0x45b/0xa40 [ 289.285366][ T8285] ? __pfx_ksys_unshare+0x10/0x10 [ 289.285402][ T8285] ? syscall_user_dispatch+0x78/0x140 [ 289.285449][ T8285] __x64_sys_unshare+0x31/0x40 [ 289.285482][ T8285] do_syscall_64+0xcd/0x490 [ 289.285515][ T8285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.285540][ T8285] RIP: 0033:0x7f506438e9a9 [ 289.285559][ T8285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.285582][ T8285] RSP: 002b:00007f50651bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 289.285604][ T8285] RAX: ffffffffffffffda RBX: 00007f50645b5fa0 RCX: 00007f506438e9a9 [ 289.285620][ T8285] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 289.285636][ T8285] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 289.285650][ T8285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.285664][ T8285] R13: 0000000000000000 R14: 00007f50645b5fa0 R15: 00007ffc5bb3e0a8 [ 289.285694][ T8285] [ 289.285704][ T8285] 8021q: can't create entry in proc filesystem! [ 290.021895][ T5822] Process accounting resumed [ 292.692239][ T10] Process accounting resumed [ 294.810393][ T24] Process accounting resumed [ 295.996826][ T2152] Process accounting resumed [ 296.826366][ T8387] ubi0: attaching mtd0 [ 296.833120][ T8387] ubi0: scanning is finished [ 296.839152][ T8387] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 297.131985][ T8387] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 298.401950][ T8414] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 300.202410][ T10] Process accounting resumed [ 302.452713][ T8473] vivid-007: ================= START STATUS ================= [ 302.463300][ T8473] vivid-007: Generate PTS: true [ 302.468652][ T8473] vivid-007: Generate SCR: true [ 302.487205][ T8473] tpg source WxH: 320x240 (Y'CbCr) [ 302.554010][ T8473] tpg field: 1 [ 302.561307][ T8473] tpg crop: (0,0)/320x240 [ 302.570083][ T8473] tpg compose: (0,0)/320x240 [ 302.579794][ T8473] tpg colorspace: 8 [ 302.613613][ T8473] tpg transfer function: 0/0 [ 302.643690][ T8473] tpg Y'CbCr encoding: 0/0 [ 302.648210][ T8473] tpg quantization: 0/0 [ 302.652414][ T8473] tpg RGB range: 0/2 [ 302.744256][ T8473] vivid-007: ================== END STATUS ================== [ 303.049763][ T8486] mkiss: ax0: crc mode is auto. [ 307.047868][ T9] Process accounting resumed [ 310.457007][ T8620] random: crng reseeded on system resumption [ 310.467529][ T10] Process accounting resumed [ 310.957570][ T24] Process accounting resumed [ 315.678439][ T8670] kexec: Could not allocate control_code_buffer [ 316.741813][ T30] audit: type=1804 audit(1843104528.100:4): pid=8715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.413" name="/newroot/100/file0" dev="tmpfs" ino=579 res=1 errno=0 [ 317.316480][ T8718] ubi0: attaching mtd0 [ 317.617104][ T8718] ubi0: scanning is finished [ 317.622833][ T8718] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 317.819171][ T8718] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 318.920629][ T5895] Process accounting resumed [ 319.746300][ T5895] Process accounting resumed [ 323.720060][ T8800] kexec: Could not allocate control_code_buffer [ 326.851987][ T8875] FAULT_INJECTION: forcing a failure. [ 326.851987][ T8875] name failslab, interval 1, probability 0, space 0, times 0 [ 326.872541][ T8875] CPU: 0 UID: 0 PID: 8875 Comm: syz.0.430 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 326.872587][ T8875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 326.872617][ T8875] Call Trace: [ 326.872628][ T8875] [ 326.872640][ T8875] dump_stack_lvl+0x16c/0x1f0 [ 326.872687][ T8875] should_fail_ex+0x512/0x640 [ 326.872737][ T8875] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 326.872780][ T8875] should_failslab+0xc2/0x120 [ 326.872823][ T8875] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 326.872860][ T8875] ? __proc_create+0xc3/0x8e0 [ 326.872904][ T8875] ? __proc_create+0x2ce/0x8e0 [ 326.872955][ T8875] __proc_create+0x2ce/0x8e0 [ 326.873001][ T8875] ? __pfx___proc_create+0x10/0x10 [ 326.873050][ T8875] ? __lock_acquire+0x622/0x1c90 [ 326.873107][ T8875] proc_create_reg+0x7d/0x180 [ 326.873160][ T8875] proc_create_net_data+0x8e/0x1c0 [ 326.873209][ T8875] ? __pfx_proc_create_net_data+0x10/0x10 [ 326.873264][ T8875] ? __pfx_phonet_init_net+0x10/0x10 [ 326.873310][ T8875] phonet_init_net+0x66/0x120 [ 326.873354][ T8875] ops_init+0x1e2/0x5f0 [ 326.873405][ T8875] setup_net+0x1ff/0x510 [ 326.873447][ T8875] ? lockdep_init_map_type+0x5c/0x280 [ 326.873492][ T8875] ? __pfx_setup_net+0x10/0x10 [ 326.873555][ T8875] ? debug_mutex_init+0x37/0x70 [ 326.873592][ T8875] copy_net_ns+0x2a6/0x5f0 [ 326.873642][ T8875] create_new_namespaces+0x3ea/0xa90 [ 326.873689][ T8875] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 326.873729][ T8875] ksys_unshare+0x45b/0xa40 [ 326.873776][ T8875] ? __pfx_ksys_unshare+0x10/0x10 [ 326.873824][ T8875] ? syscall_user_dispatch+0x78/0x140 [ 326.873886][ T8875] __x64_sys_unshare+0x31/0x40 [ 326.873928][ T8875] do_syscall_64+0xcd/0x490 [ 326.873971][ T8875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.874003][ T8875] RIP: 0033:0x7f560978e9a9 [ 326.874029][ T8875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.874060][ T8875] RSP: 002b:00007f560a632038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 326.874090][ T8875] RAX: ffffffffffffffda RBX: 00007f56099b5fa0 RCX: 00007f560978e9a9 [ 326.874111][ T8875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 326.874130][ T8875] RBP: 00007f5609810d69 R08: 0000000000000000 R09: 0000000000000000 [ 326.874148][ T8875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.874166][ T8875] R13: 0000000000000000 R14: 00007f56099b5fa0 R15: 00007ffe983edf48 [ 326.874209][ T8875] [ 327.494051][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.500465][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.618735][ T24] Process accounting resumed [ 330.567851][ T8923] Invalid ELF header magic: != ELF [ 333.432001][ T8932] kexec: Could not allocate control_code_buffer [ 336.169588][ T9008] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 337.529443][ T9022] Invalid ELF header magic: != ELF [ 338.049955][ T9] Process accounting resumed [ 341.543842][ T9071] FAULT_INJECTION: forcing a failure. [ 341.543842][ T9071] name failslab, interval 1, probability 0, space 0, times 0 [ 341.576176][ T9071] CPU: 1 UID: 0 PID: 9071 Comm: syz.2.459 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 341.576220][ T9071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 341.576238][ T9071] Call Trace: [ 341.576248][ T9071] [ 341.576260][ T9071] dump_stack_lvl+0x16c/0x1f0 [ 341.576306][ T9071] should_fail_ex+0x512/0x640 [ 341.576355][ T9071] ? __kmalloc_noprof+0xbf/0x510 [ 341.576385][ T9071] ? devlink_fmsg_put_name+0xf0/0x3f0 [ 341.576421][ T9071] should_failslab+0xc2/0x120 [ 341.576452][ T9071] __kmalloc_noprof+0xd2/0x510 [ 341.576487][ T9071] devlink_fmsg_put_name+0xf0/0x3f0 [ 341.576526][ T9071] devlink_fmsg_bool_pair_put+0xff/0x2f0 [ 341.576568][ T9071] ? __pfx_devlink_fmsg_bool_pair_put+0x10/0x10 [ 341.576609][ T9071] ? __kasan_kmalloc+0xaa/0xb0 [ 341.576637][ T9071] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 341.576680][ T9071] nsim_dev_dummy_fmsg_put+0xe7/0x1e0 [ 341.576721][ T9071] devlink_health_do_dump+0x240/0x620 [ 341.576749][ T9071] devlink_health_report+0x3c9/0x9c0 [ 341.576777][ T9071] ? __pfx_devlink_health_report+0x10/0x10 [ 341.576809][ T9071] nsim_dev_health_break_write+0x166/0x210 [ 341.576851][ T9071] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 341.576902][ T9071] full_proxy_write+0x131/0x1a0 [ 341.576942][ T9071] ? __pfx_full_proxy_write+0x10/0x10 [ 341.576971][ T9071] vfs_write+0x29d/0x1150 [ 341.577002][ T9071] ? __pfx___mutex_lock+0x10/0x10 [ 341.577033][ T9071] ? __pfx_vfs_write+0x10/0x10 [ 341.577072][ T9071] ? __fget_files+0x20e/0x3c0 [ 341.577106][ T9071] ksys_write+0x12a/0x250 [ 341.577148][ T9071] ? __pfx_ksys_write+0x10/0x10 [ 341.577183][ T9071] do_syscall_64+0xcd/0x490 [ 341.577216][ T9071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.577241][ T9071] RIP: 0033:0x7f506438e9a9 [ 341.577260][ T9071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.577283][ T9071] RSP: 002b:00007f50651bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.577306][ T9071] RAX: ffffffffffffffda RBX: 00007f50645b5fa0 RCX: 00007f506438e9a9 [ 341.577322][ T9071] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000008 [ 341.577336][ T9071] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 341.577351][ T9071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.577365][ T9071] R13: 0000000000000000 R14: 00007f50645b5fa0 R15: 00007ffc5bb3e0a8 [ 341.577395][ T9071] [ 343.472497][ T9077] kexec: Could not allocate control_code_buffer [ 345.426863][ T9134] program syz.2.469 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 345.449923][ T9134] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 346.752286][ T9152] netlink: 28 bytes leftover after parsing attributes in process `syz.1.468'. [ 347.060575][ T9152] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.275367][ T9152] bridge_slave_1 (unregistering): left allmulticast mode [ 347.282680][ T9152] bridge_slave_1 (unregistering): left promiscuous mode [ 347.311986][ T9152] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.998850][ T9180] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 349.425131][ T9180] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 351.007071][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 353.824725][ T5822] Process accounting resumed [ 354.779151][ T9252] Invalid ELF header magic: != ELF [ 355.099447][ T9] Process accounting resumed [ 355.376646][ T9] Process accounting resumed [ 355.842439][ T9272] syz.3.487 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 356.801785][ T9270] kexec: Could not allocate control_code_buffer [ 357.252873][ T9280] could not allocate digest TFM handle [ 358.198187][ T9288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.490'. [ 358.663777][ T9294] zswap: compressor not available [ 362.732493][ T2152] Process accounting resumed [ 364.158274][ T9375] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 365.406980][ T9394] program syz.1.507 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 365.430461][ T9394] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 366.213728][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 366.561221][ T5895] Process accounting resumed [ 367.963091][ T5895] Process accounting resumed [ 368.220983][ T9429] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 369.519956][ T9437] syz.1.519 (9437) used greatest stack depth: 19144 bytes left [ 369.623618][ T2152] Process accounting resumed [ 370.149200][ T9452] Invalid ELF header magic: != ELF [ 370.287196][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 372.648810][ T24] Process accounting resumed [ 374.997760][ T5925] Process accounting resumed [ 376.027043][ T5895] Process accounting resumed [ 376.056519][ T9534] could not allocate digest TFM handle binfmt_misc [ 376.702624][ T24] Process accounting resumed [ 376.739648][ T5895] Process accounting resumed [ 377.551106][ T9555] ptrace attach of "./syz-executor exec"[5836] was attempted by "./syz-executor exec"[9555] [ 378.363235][ T5925] Process accounting resumed [ 380.498459][ T2152] Process accounting resumed [ 381.937469][ T5925] Process accounting resumed [ 382.705643][ T9630] ptrace attach of "./syz-executor exec"[5844] was attempted by "./syz-executor exec"[9630] [ 384.471508][ T9650] ima: policy update failed [ 384.534802][ T30] audit: type=1802 audit(1843104595.890:5): pid=9650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.562" res=0 errno=0 [ 385.049308][ T9659] netlink: 28 bytes leftover after parsing attributes in process `syz.0.563'. [ 385.131146][ T9663] hub 8-0:1.0: USB hub found [ 385.137072][ T9663] hub 8-0:1.0: 1 port detected [ 385.784513][ T5895] Process accounting resumed [ 388.187332][ T9705] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[9705] [ 388.930755][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.940095][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.772019][ T5908] Process accounting resumed [ 390.945234][ T5895] Process accounting resumed [ 394.614273][ T9774] ptrace attach of "./syz-executor exec"[5850] was attempted by ""[9774] [ 394.719673][ T9774] FAULT_INJECTION: forcing a failure. [ 394.719673][ T9774] name failslab, interval 1, probability 0, space 0, times 0 [ 394.834472][ T9774] CPU: 0 UID: 0 PID: 9774 Comm: syz.2.581 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 394.834519][ T9774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 394.834538][ T9774] Call Trace: [ 394.834549][ T9774] [ 394.834561][ T9774] dump_stack_lvl+0x16c/0x1f0 [ 394.834607][ T9774] should_fail_ex+0x512/0x640 [ 394.834656][ T9774] ? fs_reclaim_acquire+0xae/0x150 [ 394.834709][ T9774] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 394.834745][ T9774] should_failslab+0xc2/0x120 [ 394.834788][ T9774] __kmalloc_noprof+0xd2/0x510 [ 394.834836][ T9774] tomoyo_realpath_from_path+0xc2/0x6e0 [ 394.834878][ T9774] ? tomoyo_profile+0x47/0x60 [ 394.834932][ T9774] tomoyo_path_perm+0x274/0x460 [ 394.834984][ T9774] ? tomoyo_path_perm+0x260/0x460 [ 394.835041][ T9774] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 394.835139][ T9774] ? __pfx_ima_file_check+0x10/0x10 [ 394.835177][ T9774] ? hook_file_truncate+0xc7/0x250 [ 394.835246][ T9774] security_file_truncate+0x84/0x1e0 [ 394.835282][ T9774] path_openat+0xc10/0x2cb0 [ 394.835335][ T9774] ? __pfx_path_openat+0x10/0x10 [ 394.835374][ T9774] ? __lock_acquire+0xb8a/0x1c90 [ 394.835426][ T9774] do_filp_open+0x20b/0x470 [ 394.835463][ T9774] ? __pfx_do_filp_open+0x10/0x10 [ 394.835532][ T9774] ? alloc_fd+0x471/0x7d0 [ 394.835578][ T9774] do_sys_openat2+0x11b/0x1d0 [ 394.835627][ T9774] ? __pfx_do_sys_openat2+0x10/0x10 [ 394.835695][ T9774] __x64_sys_openat+0x174/0x210 [ 394.835744][ T9774] ? __pfx___x64_sys_openat+0x10/0x10 [ 394.835811][ T9774] do_syscall_64+0xcd/0x490 [ 394.835857][ T9774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.835892][ T9774] RIP: 0033:0x7f506438e9a9 [ 394.835919][ T9774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.835953][ T9774] RSP: 002b:00007f50651bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 394.835984][ T9774] RAX: ffffffffffffffda RBX: 00007f50645b5fa0 RCX: 00007f506438e9a9 [ 394.836005][ T9774] RDX: 0000000000080302 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 394.836026][ T9774] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 394.836046][ T9774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 394.836066][ T9774] R13: 0000000000000000 R14: 00007f50645b5fa0 R15: 00007ffc5bb3e0a8 [ 394.836110][ T9774] [ 394.836293][ T9774] ERROR: Out of memory at tomoyo_realpath_from_path. [ 395.577804][ T2152] Process accounting resumed [ 396.427027][ T9801] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 402.042033][ T5908] Process accounting resumed [ 409.611855][ T2152] Process accounting resumed [ 411.974356][ T9989] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 412.329018][ T9980] random: crng reseeded on system resumption [ 413.780685][ T5895] Process accounting resumed [ 418.302641][ T9] Process accounting resumed [ 419.327670][T10090] random: crng reseeded on system resumption [ 422.487571][ T5895] Process accounting resumed [ 422.756864][ T5925] Process accounting resumed [ 425.033467][ T5895] Process accounting resumed [ 426.544849][T10159] random: crng reseeded on system resumption [ 427.249107][ T5925] Process accounting resumed [ 435.944121][T10287] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 436.124976][T10291] can0: slcan on ttyS2. [ 436.653969][T10273] random: crng reseeded on system resumption [ 437.128920][ T5895] Process accounting resumed [ 437.234460][T10286] can0 (unregistered): slcan off ttyS2. [ 442.401689][T10371] can: request_module (can-proto-0) failed. [ 442.782245][T10376] netlink: 28 bytes leftover after parsing attributes in process `syz.1.683'. [ 443.069133][T10385] hub 8-0:1.0: USB hub found [ 443.105034][ T5822] Process accounting resumed [ 443.110535][T10385] hub 8-0:1.0: 1 port detected [ 446.561740][T10417] random: crng reseeded on system resumption [ 450.276222][ T5908] Process accounting resumed [ 450.394223][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 450.400734][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 452.814614][T10546] futex_wake_op: syz.0.709 tries to shift op by -9; fix this program [ 463.122372][T10627] slcan: can't register candev [ 463.180666][T10627] Falling back ldisc for ttyS2. [ 463.832201][T10665] FAULT_INJECTION: forcing a failure. [ 463.832201][T10665] name failslab, interval 1, probability 0, space 0, times 0 [ 463.875136][T10665] CPU: 1 UID: 0 PID: 10665 Comm: syz.1.724 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 463.875181][T10665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 463.875202][T10665] Call Trace: [ 463.875213][T10665] [ 463.875224][T10665] dump_stack_lvl+0x16c/0x1f0 [ 463.875273][T10665] should_fail_ex+0x512/0x640 [ 463.875322][T10665] ? __kmalloc_noprof+0xbf/0x510 [ 463.875364][T10665] ? __register_sysctl_table+0xb3/0x1900 [ 463.875410][T10665] should_failslab+0xc2/0x120 [ 463.875454][T10665] __kmalloc_noprof+0xd2/0x510 [ 463.875503][T10665] __register_sysctl_table+0xb3/0x1900 [ 463.875550][T10665] ? is_module_address+0x5f/0xf0 [ 463.875608][T10665] ? __pfx___register_sysctl_table+0x10/0x10 [ 463.875654][T10665] ? is_module_address+0x69/0xf0 [ 463.875702][T10665] ? register_net_sysctl_sz+0x228/0x3e0 [ 463.875752][T10665] ? __asan_memcpy+0x3c/0x60 [ 463.875789][T10665] sctp_sysctl_net_register+0x15d/0x200 [ 463.875848][T10665] ? __pfx_sctp_defaults_init+0x10/0x10 [ 463.875895][T10665] sctp_defaults_init+0x6c4/0xd80 [ 463.875939][T10665] ? __pfx_sctp_defaults_init+0x10/0x10 [ 463.875985][T10665] ops_init+0x1e2/0x5f0 [ 463.876036][T10665] setup_net+0x1ff/0x510 [ 463.876079][T10665] ? lockdep_init_map_type+0x5c/0x280 [ 463.876126][T10665] ? __pfx_setup_net+0x10/0x10 [ 463.876174][T10665] ? debug_mutex_init+0x37/0x70 [ 463.876211][T10665] copy_net_ns+0x2a6/0x5f0 [ 463.876263][T10665] create_new_namespaces+0x3ea/0xa90 [ 463.876313][T10665] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 463.876354][T10665] ksys_unshare+0x45b/0xa40 [ 463.876398][T10665] ? __pfx_ksys_unshare+0x10/0x10 [ 463.876446][T10665] ? syscall_user_dispatch+0x78/0x140 [ 463.876507][T10665] __x64_sys_unshare+0x31/0x40 [ 463.876565][T10665] do_syscall_64+0xcd/0x490 [ 463.876608][T10665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.876641][T10665] RIP: 0033:0x7fac8dd8e9a9 [ 463.876668][T10665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.876700][T10665] RSP: 002b:00007fac8ebeb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 463.876733][T10665] RAX: ffffffffffffffda RBX: 00007fac8dfb5fa0 RCX: 00007fac8dd8e9a9 [ 463.876754][T10665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 463.876772][T10665] RBP: 00007fac8de10d69 R08: 0000000000000000 R09: 0000000000000000 [ 463.876791][T10665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.876810][T10665] R13: 0000000000000000 R14: 00007fac8dfb5fa0 R15: 00007ffe648dd068 [ 463.876858][T10665] [ 467.762074][T10710] ptrace attach of "./syz-executor exec"[10711] was attempted by "./syz-executor exec"[10710] [ 470.952865][ T5925] Process accounting resumed [ 477.261478][ T5822] Process accounting resumed [ 478.780626][T10844] tipc: Started in network mode [ 478.807251][T10844] tipc: Node identity ee00, cluster identity 4711 [ 478.924175][T10844] tipc: Node number set to 60928 [ 480.810411][ T30] audit: type=1804 audit(1843104692.170:6): pid=10874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.764" name="/newroot/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw" dev="tracefs" ino=153 res=1 errno=0 [ 480.834437][ C0] vkms_vblank_simulate: vblank timer overrun [ 482.279729][T10888] Console: switching to colour VGA+ 80x25 [ 487.900110][T10954] FAULT_INJECTION: forcing a failure. [ 487.900110][T10954] name failslab, interval 1, probability 0, space 0, times 0 [ 487.913324][T10954] CPU: 1 UID: 0 PID: 10954 Comm: syz.0.781 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 487.913376][T10954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 487.913395][T10954] Call Trace: [ 487.913406][T10954] [ 487.913419][T10954] dump_stack_lvl+0x16c/0x1f0 [ 487.913470][T10954] should_fail_ex+0x512/0x640 [ 487.913519][T10954] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 487.913561][T10954] should_failslab+0xc2/0x120 [ 487.913604][T10954] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 487.913640][T10954] ? __proc_create+0xc3/0x8e0 [ 487.913682][T10954] ? __proc_create+0x2ce/0x8e0 [ 487.913731][T10954] __proc_create+0x2ce/0x8e0 [ 487.913777][T10954] ? __pfx___proc_create+0x10/0x10 [ 487.913827][T10954] ? __pfx_can_rcvlist_sff_proc_show+0x10/0x10 [ 487.913883][T10954] _proc_mkdir+0xb9/0x210 [ 487.913929][T10954] ? __pfx__proc_mkdir+0x10/0x10 [ 487.913975][T10954] ? can_init_proc+0x37f/0x4d0 [ 487.914015][T10954] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 487.914062][T10954] canbcm_pernet_init+0x4d/0xa0 [ 487.914107][T10954] ops_init+0x1e2/0x5f0 [ 487.914152][T10954] setup_net+0x1ff/0x510 [ 487.914195][T10954] ? lockdep_init_map_type+0x5c/0x280 [ 487.914240][T10954] ? __pfx_setup_net+0x10/0x10 [ 487.914288][T10954] ? debug_mutex_init+0x37/0x70 [ 487.914343][T10954] copy_net_ns+0x2a6/0x5f0 [ 487.914409][T10954] create_new_namespaces+0x3ea/0xa90 [ 487.914455][T10954] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 487.914496][T10954] ksys_unshare+0x45b/0xa40 [ 487.914541][T10954] ? __pfx_ksys_unshare+0x10/0x10 [ 487.914589][T10954] ? syscall_user_dispatch+0x78/0x140 [ 487.914651][T10954] __x64_sys_unshare+0x31/0x40 [ 487.914696][T10954] do_syscall_64+0xcd/0x490 [ 487.914742][T10954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 487.914775][T10954] RIP: 0033:0x7f560978e9a9 [ 487.914802][T10954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 487.914833][T10954] RSP: 002b:00007f560a632038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 487.914863][T10954] RAX: ffffffffffffffda RBX: 00007f56099b5fa0 RCX: 00007f560978e9a9 [ 487.914882][T10954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 487.914898][T10954] RBP: 00007f5609810d69 R08: 0000000000000000 R09: 0000000000000000 [ 487.914915][T10954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 487.914931][T10954] R13: 0000000000000000 R14: 00007f56099b5fa0 R15: 00007ffe983edf48 [ 487.914968][T10954] [ 490.494300][T10993] vhci_hcd: invalid port number 16 [ 490.499512][T10993] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 492.702811][T11020] ecryptfs_parse_packet_length: Error parsing packet length [ 492.722135][T11020] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 496.945963][T11057] random: crng reseeded on system resumption [ 501.976597][T11102] tipc: Started in network mode [ 501.998741][T11102] tipc: Node identity ee00, cluster identity 4711 [ 502.052871][T11102] tipc: Node number set to 60928 [ 502.500243][T11101] Process accounting resumed [ 503.827315][T11133] ptp ptp0: new virtual clock ptp1 [ 504.228697][T11143] random: crng reseeded on system resumption [ 504.235873][T11133] ptp ptp0: new virtual clock ptp2 [ 504.301652][T11133] ptp ptp0: new virtual clock ptp3 [ 504.344206][T11133] ptp ptp0: guarantee physical clock free running [ 507.500449][T11182] FAULT_INJECTION: forcing a failure. [ 507.500449][T11182] name failslab, interval 1, probability 0, space 0, times 0 [ 507.576408][T11182] CPU: 1 UID: 0 PID: 11182 Comm: syz.2.819 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 507.576456][T11182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 507.576474][T11182] Call Trace: [ 507.576485][T11182] [ 507.576497][T11182] dump_stack_lvl+0x16c/0x1f0 [ 507.576544][T11182] should_fail_ex+0x512/0x640 [ 507.576595][T11182] ? __kmalloc_noprof+0xbf/0x510 [ 507.576637][T11182] ? constrain_params_by_rules+0x175/0xca0 [ 507.576689][T11182] should_failslab+0xc2/0x120 [ 507.576733][T11182] __kmalloc_noprof+0xd2/0x510 [ 507.576768][T11182] ? unwind_get_return_address+0x59/0xa0 [ 507.576826][T11182] constrain_params_by_rules+0x175/0xca0 [ 507.576887][T11182] ? stack_trace_save+0x8e/0xc0 [ 507.576928][T11182] ? stack_depot_save_flags+0x28/0xa40 [ 507.576982][T11182] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 507.577043][T11182] ? __kasan_kmalloc+0xaa/0xb0 [ 507.577077][T11182] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 507.577125][T11182] ? snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 507.577174][T11182] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 507.577236][T11182] ? snd_interval_refine+0x2fa/0x580 [ 507.577276][T11182] snd_pcm_hw_refine+0x7de/0xad0 [ 507.577329][T11182] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 507.577390][T11182] ? _snd_pcm_hw_param_min+0x259/0x630 [ 507.577439][T11182] snd_pcm_hw_param_near.constprop.0+0x58a/0x8e0 [ 507.577489][T11182] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 507.577536][T11182] ? __asan_memset+0x23/0x50 [ 507.577561][T11182] ? calc_src_frames.isra.0+0x187/0x1d0 [ 507.577596][T11182] snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 507.577660][T11182] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 507.577705][T11182] ? snd_pcm_oss_ioctl+0x110e/0x37a0 [ 507.577777][T11182] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 507.577836][T11182] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 507.577886][T11182] ? hook_file_ioctl_common+0x145/0x410 [ 507.577931][T11182] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 507.577981][T11182] ? __fget_files+0x20e/0x3c0 [ 507.578014][T11182] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 507.578068][T11182] __x64_sys_ioctl+0x18b/0x210 [ 507.578121][T11182] do_syscall_64+0xcd/0x490 [ 507.578166][T11182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.578199][T11182] RIP: 0033:0x7f506438e9a9 [ 507.578225][T11182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.578256][T11182] RSP: 002b:00007f506519e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 507.578286][T11182] RAX: ffffffffffffffda RBX: 00007f50645b6080 RCX: 00007f506438e9a9 [ 507.578307][T11182] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000a [ 507.578326][T11182] RBP: 00007f5064410d69 R08: 0000000000000000 R09: 0000000000000000 [ 507.578344][T11182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.578363][T11182] R13: 0000000000000000 R14: 00007f50645b6080 R15: 00007ffc5bb3e0a8 [ 507.578406][T11182] [ 508.046468][T11181] tipc: Started in network mode [ 508.051533][T11181] tipc: Node identity ee00, cluster identity 4711 [ 508.068565][T11181] tipc: Node number set to 60928 [ 508.128586][T11181] Process accounting resumed [ 510.177524][T11209] netlink: 12 bytes leftover after parsing attributes in process `syz.0.829'. [ 511.534082][T11228] random: crng reseeded on system resumption [ 511.833518][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.842376][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.970216][T11226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 511.979380][T11226] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 515.667590][T11253] tipc: Started in network mode [ 515.677225][T11253] tipc: Node identity ee00, cluster identity 4711 [ 515.763656][T11253] tipc: Node number set to 60928 [ 517.071073][T11281] netlink: 186 bytes leftover after parsing attributes in process `syz.0.846'. [ 518.951418][T11313] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 529.491445][T11465] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 537.593389][T11479] Process accounting paused [ 538.146814][T11545] vhci_hcd: invalid port number 16 [ 538.151988][T11545] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 539.035493][T11543] Process accounting paused [ 540.980078][T11571] random: crng reseeded on system resumption [ 542.074749][T11557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 542.104269][T11557] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 542.272564][T11596] FAULT_INJECTION: forcing a failure. [ 542.272564][T11596] name fail_futex, interval 1, probability 0, space 0, times 1 [ 542.315589][T11596] CPU: 0 UID: 0 PID: 11596 Comm: syz.2.889 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 542.315636][T11596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 542.315656][T11596] Call Trace: [ 542.315667][T11596] [ 542.315680][T11596] dump_stack_lvl+0x16c/0x1f0 [ 542.315727][T11596] should_fail_ex+0x512/0x640 [ 542.315795][T11596] get_futex_key+0x1d0/0x1540 [ 542.315840][T11596] ? __pfx_get_futex_key+0x10/0x10 [ 542.315877][T11596] ? __pfx_stack_trace_save+0x10/0x10 [ 542.315914][T11596] ? stack_depot_save_flags+0x28/0xa40 [ 542.315967][T11596] ? stack_trace_save+0x8e/0xc0 [ 542.316010][T11596] futex_wait_setup+0x9d/0x550 [ 542.316074][T11596] __futex_wait+0x194/0x2f0 [ 542.316125][T11596] ? __pfx___futex_wait+0x10/0x10 [ 542.316178][T11596] ? __pfx_futex_wake_mark+0x10/0x10 [ 542.316234][T11596] ? futex_private_hash_put+0x176/0x300 [ 542.316288][T11596] ? futex_private_hash_put+0x18a/0x300 [ 542.316326][T11596] futex_wait+0xe8/0x380 [ 542.316367][T11596] ? __pfx_futex_wait+0x10/0x10 [ 542.316420][T11596] ? __lock_acquire+0x622/0x1c90 [ 542.316462][T11596] do_futex+0x229/0x350 [ 542.316498][T11596] ? __pfx_do_futex+0x10/0x10 [ 542.316540][T11596] ? lock_acquire+0x179/0x350 [ 542.316580][T11596] __x64_sys_futex+0x1e0/0x4c0 [ 542.316620][T11596] ? __pfx___x64_sys_futex+0x10/0x10 [ 542.316654][T11596] ? fd_install+0x244/0x750 [ 542.316682][T11596] ? anon_inode_getfd+0x81/0xb0 [ 542.316717][T11596] do_syscall_64+0xcd/0x490 [ 542.316753][T11596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.316799][T11596] RIP: 0033:0x7f506438e9a9 [ 542.316821][T11596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 542.316861][T11596] RSP: 002b:00007f50651bf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 542.316886][T11596] RAX: ffffffffffffffda RBX: 00007f50645b5fa8 RCX: 00007f506438e9a9 [ 542.316903][T11596] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f50645b5fa8 [ 542.316919][T11596] RBP: 00007f50645b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 542.316935][T11596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f50645b5fac [ 542.316951][T11596] R13: 0000000000000000 R14: 00007ffc5bb3dfc0 R15: 00007ffc5bb3e0a8 [ 542.316983][T11596] [ 546.295965][T11649] bond0: option all_slaves_active: invalid value () [ 546.679781][T11646] bond0: option all_slaves_active: invalid value () [ 547.520508][T11660] ALSA: mixer_oss: invalid OSS volume '0' [ 547.613675][T11660] ALSA: mixer_oss: invalid OSS volume '' [ 548.459515][T11664] can: request_module (can-proto-0) failed. [ 550.407335][T11695] ptrace attach of "./syz-executor exec"[5850] was attempted by ""[11695] [ 552.554254][T11727] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 554.037349][T11749] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 556.333998][T11780] vhci_hcd: invalid port number 16 [ 556.341157][T11780] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 560.113722][T11812] netlink: 186 bytes leftover after parsing attributes in process `syz.3.932'. [ 560.656227][T11848] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input24 [ 564.319183][T11904] netlink: 20 bytes leftover after parsing attributes in process `syz.0.947'. [ 566.921891][T11918] netlink: 186 bytes leftover after parsing attributes in process `syz.2.949'. [ 568.964903][T11969] Process accounting resumed [ 569.904995][T11972] Process accounting resumed [ 571.075603][ T30] audit: type=1800 audit(1843104782.440:7): pid=12003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.965" name="discovery_nqn" dev="configfs" ino=27760 res=0 errno=0 [ 572.057600][T12015] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 572.109925][T12017] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 573.241542][T12016] netlink: 186 bytes leftover after parsing attributes in process `syz.1.966'. [ 573.255983][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.284307][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 575.585938][T12061] ALSA: mixer_oss: invalid OSS volume '0' [ 575.591751][T12061] ALSA: mixer_oss: invalid OSS volume '' [ 577.937647][T12095] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 579.323923][T12097] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 580.364321][T12112] netlink: 186 bytes leftover after parsing attributes in process `syz.0.983'. [ 582.154993][T12140] bond0: option all_slaves_active: invalid value () [ 582.283640][T12140] bond0: option all_slaves_active: invalid value () [ 584.174940][T12170] ptrace attach of "./syz-executor exec"[5836] was attempted by ""[12170] [ 592.189234][T12284] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 593.416815][T12286] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 593.601672][T12305] FAULT_INJECTION: forcing a failure. [ 593.601672][T12305] name failslab, interval 1, probability 0, space 0, times 0 [ 593.614626][T12305] CPU: 0 UID: 0 PID: 12305 Comm: syz.0.1016 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 593.614659][T12305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 593.614674][T12305] Call Trace: [ 593.614682][T12305] [ 593.614690][T12305] dump_stack_lvl+0x16c/0x1f0 [ 593.614734][T12305] should_fail_ex+0x512/0x640 [ 593.614783][T12305] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 593.614839][T12305] should_failslab+0xc2/0x120 [ 593.614881][T12305] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 593.614909][T12305] ? lockdep_init_map_type+0x5c/0x280 [ 593.614944][T12305] ? __d_alloc+0x32/0xae0 [ 593.614976][T12305] __d_alloc+0x32/0xae0 [ 593.615007][T12305] d_alloc_pseudo+0x1c/0xc0 [ 593.615043][T12305] alloc_file_pseudo+0xcf/0x230 [ 593.615079][T12305] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 593.615115][T12305] ? alloc_fd+0x471/0x7d0 [ 593.615143][T12305] sock_alloc_file+0x50/0x210 [ 593.615180][T12305] __sys_socket+0x1c0/0x260 [ 593.615203][T12305] ? __pfx___sys_socket+0x10/0x10 [ 593.615227][T12305] ? xfd_validate_state+0x61/0x180 [ 593.615271][T12305] __x64_sys_socket+0x72/0xb0 [ 593.615293][T12305] ? lockdep_hardirqs_on+0x7c/0x110 [ 593.615322][T12305] do_syscall_64+0xcd/0x490 [ 593.615355][T12305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.615380][T12305] RIP: 0033:0x7f560978e9a9 [ 593.615399][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.615423][T12305] RSP: 002b:00007f560a611038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 593.615446][T12305] RAX: ffffffffffffffda RBX: 00007f56099b6080 RCX: 00007f560978e9a9 [ 593.615462][T12305] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 593.615477][T12305] RBP: 00007f5609810d69 R08: 0000000000000000 R09: 0000000000000000 [ 593.615492][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.615506][T12305] R13: 0000000000000000 R14: 00007f56099b6080 R15: 00007ffe983edf48 [ 593.615537][T12305] [ 594.716957][T12315] random: crng reseeded on system resumption [ 594.782804][T12310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 594.791892][T12310] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 596.912280][T12339] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 598.300740][T12343] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 599.269800][T12358] Process accounting paused [ 600.611336][T12392] bond0: option all_slaves_active: invalid value () [ 600.762487][T12391] bond0: option all_slaves_active: invalid value () [ 600.811442][ T30] audit: type=1800 audit(1843104812.170:8): pid=12399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1035" name="discovery_nqn" dev="configfs" ino=27457 res=0 errno=0 [ 603.252845][T12432] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 603.309203][T12431] binder: 12429:12431 unknown command 3 [ 603.435906][T12431] binder: 12429:12431 ioctl c0306201 0 returned -22 [ 604.144605][T12433] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 604.405578][T12446] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 604.700085][T12454] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1044'. [ 605.082846][T12447] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 606.807267][T12482] ALSA: mixer_oss: invalid OSS volume '0' [ 606.945647][T12482] ALSA: mixer_oss: invalid OSS volume '' [ 611.023050][T12537] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1061'. [ 616.337678][T12622] binder: 12621:12622 unknown command 3 [ 616.344391][T12622] binder: 12621:12622 ioctl c0306201 0 returned -22 [ 621.243175][T12684] binder: 12683:12684 unknown command 3 [ 621.319828][T12684] binder: 12683:12684 ioctl c0306201 0 returned -22 [ 623.105113][T12716] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 623.281106][T12717] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 629.630636][T12790] FAULT_INJECTION: forcing a failure. [ 629.630636][T12790] name failslab, interval 1, probability 0, space 0, times 0 [ 629.676354][T12790] CPU: 1 UID: 0 PID: 12790 Comm: syz.1.1113 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 629.676402][T12790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 629.676421][T12790] Call Trace: [ 629.676432][T12790] [ 629.676444][T12790] dump_stack_lvl+0x16c/0x1f0 [ 629.676499][T12790] should_fail_ex+0x512/0x640 [ 629.676550][T12790] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 629.676595][T12790] should_failslab+0xc2/0x120 [ 629.676637][T12790] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 629.676677][T12790] ? sk_prot_alloc+0x60/0x2a0 [ 629.676737][T12790] sk_prot_alloc+0x60/0x2a0 [ 629.676791][T12790] sk_alloc+0x36/0xc20 [ 629.676834][T12790] tipc_sk_create+0xcf/0x21a0 [ 629.676898][T12790] ? find_held_lock+0x2b/0x80 [ 629.676934][T12790] ? __sock_create+0x2f2/0x8d0 [ 629.676970][T12790] __sock_create+0x335/0x8d0 [ 629.677009][T12790] __sys_socket+0x14d/0x260 [ 629.677043][T12790] ? __pfx___sys_socket+0x10/0x10 [ 629.677075][T12790] ? xfd_validate_state+0x61/0x180 [ 629.677135][T12790] __x64_sys_socket+0x72/0xb0 [ 629.677165][T12790] ? lockdep_hardirqs_on+0x7c/0x110 [ 629.677204][T12790] do_syscall_64+0xcd/0x490 [ 629.677249][T12790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.677282][T12790] RIP: 0033:0x7fac8dd8e9a9 [ 629.677308][T12790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 629.677340][T12790] RSP: 002b:00007fac8ebeb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 629.677371][T12790] RAX: ffffffffffffffda RBX: 00007fac8dfb5fa0 RCX: 00007fac8dd8e9a9 [ 629.677392][T12790] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 629.677411][T12790] RBP: 00007fac8de10d69 R08: 0000000000000000 R09: 0000000000000000 [ 629.677429][T12790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 629.677447][T12790] R13: 0000000000000000 R14: 00007fac8dfb5fa0 R15: 00007ffe648dd068 [ 629.677496][T12790] [ 630.004782][T12798] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 630.745241][T12809] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 631.281309][T12801] Process accounting resumed [ 631.777497][T12820] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1119'. [ 634.694779][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.705314][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 636.476249][T12865] syz.1.1129 uses obsolete (PF_INET,SOCK_PACKET) [ 637.056301][T12879] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41 [ 638.062473][T12880] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42 [ 640.207614][T12915] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1139'. [ 640.660627][T12915] hsr_slave_0 (unregistering): left promiscuous mode [ 640.683053][T12927] kafs: addr_prefs: Too many elements in string [ 642.216697][T12945] random: crng reseeded on system resumption [ 650.693759][T13056] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 651.938222][T13057] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 653.511228][T13083] random: crng reseeded on system resumption [ 654.105455][T13080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 654.124101][T13080] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 657.407502][T13128] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1177'. [ 657.931703][T13128] hsr_slave_0 (unregistering): left promiscuous mode [ 658.544727][T13152] ACPI: Can not change Invalid GPE/Fixed Event status [ 662.743080][T13184] Process accounting paused [ 662.883866][T13204] ubi0: attaching mtd0 [ 662.889398][T13204] ubi0: scanning is finished [ 662.894428][T13204] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 663.123262][T13204] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 670.699694][T13307] vivid-003: ================= START STATUS ================= [ 670.707537][T13307] vivid-003: Radio HW Seek Mode: Bounded [ 670.723527][T13307] vivid-003: Radio Programmable HW Seek: false [ 670.740064][T13307] vivid-003: RDS Rx I/O Mode: Block I/O [ 670.746169][T13307] vivid-003: Generate RBDS Instead of RDS: false [ 670.752595][T13307] vivid-003: RDS Reception: true [ 670.758169][T13307] vivid-003: RDS Program Type: 0 inactive [ 670.788345][T13307] vivid-003: RDS PS Name: inactive [ 670.803939][T13307] vivid-003: RDS Radio Text: inactive [ 670.810376][T13307] vivid-003: RDS Traffic Announcement: false inactive [ 670.817464][T13307] vivid-003: RDS Traffic Program: false inactive [ 670.825407][T13307] vivid-003: RDS Music: false inactive [ 670.831050][T13307] vivid-003: ================== END STATUS ================== [ 673.348628][T13349] ACPI: Can not change Invalid GPE/Fixed Event status [ 674.467968][T11896] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 674.468181][T11896] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 674.484668][T11896] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 674.484911][T11896] Bluetooth: hci3: adv larger than maximum supported [ 674.492431][T11896] Bluetooth: hci3: Malformed LE Event: 0x0d [ 678.544196][T13419] netlink: zone id is out of range [ 678.555192][T13419] netlink: zone id is out of range [ 678.651813][T13419] netlink: set zone limit has 8 unknown bytes [ 688.487000][T13569] netlink: zone id is out of range [ 688.492249][T13569] netlink: zone id is out of range [ 688.533491][T13569] netlink: zone id is out of range [ 688.538751][T13569] netlink: zone id is out of range [ 688.544771][T13569] netlink: zone id is out of range [ 688.549987][T13569] netlink: zone id is out of range [ 688.557339][T13569] netlink: zone id is out of range [ 688.584280][T13569] netlink: zone id is out of range [ 688.599990][T13569] netlink: zone id is out of range [ 688.610220][T13569] netlink: zone id is out of range [ 690.428097][ T30] audit: type=1800 audit(1843104901.780:9): pid=13596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1267" name="features" dev="configfs" ino=33109 res=0 errno=0 [ 693.219308][T13643] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1277'. [ 693.245467][T13643] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1277'. [ 694.105740][T13624] Process accounting resumed [ 696.136688][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 696.143103][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 707.888163][T13866] bridge0: port 3(team0) entered blocking state [ 707.911777][T13866] bridge0: port 3(team0) entered disabled state [ 707.919295][T13866] team0: entered allmulticast mode [ 707.928670][T13866] team_slave_0: entered allmulticast mode [ 707.934646][T13866] team_slave_1: entered allmulticast mode [ 707.945519][T13866] team0: entered promiscuous mode [ 707.950639][T13866] team_slave_0: entered promiscuous mode [ 707.962093][T13866] team_slave_1: entered promiscuous mode [ 707.982716][T13866] bridge0: port 3(team0) entered blocking state [ 707.989218][T13866] bridge0: port 3(team0) entered forwarding state [ 714.086598][T13959] Invalid ELF header magic: != ELF [ 719.373480][T14044] FAULT_INJECTION: forcing a failure. [ 719.373480][T14044] name failslab, interval 1, probability 0, space 0, times 0 [ 719.386736][T14044] CPU: 1 UID: 0 PID: 14044 Comm: syz.0.1354 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 719.386782][T14044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 719.386803][T14044] Call Trace: [ 719.386813][T14044] [ 719.386826][T14044] dump_stack_lvl+0x16c/0x1f0 [ 719.386876][T14044] should_fail_ex+0x512/0x640 [ 719.386924][T14044] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 719.386974][T14044] ? __pfx_mon_text_open+0x10/0x10 [ 719.387019][T14044] should_failslab+0xc2/0x120 [ 719.387075][T14044] __kmalloc_cache_noprof+0x6a/0x3e0 [ 719.387106][T14044] ? lockdep_init_map_type+0x5c/0x280 [ 719.387169][T14044] ? mon_text_open+0xd5/0x4f0 [ 719.387232][T14044] ? __pfx_mon_text_open+0x10/0x10 [ 719.387279][T14044] mon_text_open+0xd5/0x4f0 [ 719.387324][T14044] ? __pfx_mon_text_open+0x10/0x10 [ 719.387367][T14044] ? __debugfs_file_get+0x1fe/0x840 [ 719.387409][T14044] ? __pfx___debugfs_file_get+0x10/0x10 [ 719.387448][T14044] ? __pfx_apparmor_file_open+0x10/0x10 [ 719.387477][T14044] ? lockdown_is_locked_down+0x3f/0x130 [ 719.387514][T14044] ? bpf_lsm_locked_down+0x9/0x10 [ 719.387569][T14044] ? __pfx_mon_text_open+0x10/0x10 [ 719.387613][T14044] full_proxy_open_regular+0x1b9/0x360 [ 719.387663][T14044] do_dentry_open+0x741/0x1c10 [ 719.387703][T14044] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 719.387760][T14044] vfs_open+0x82/0x3f0 [ 719.387810][T14044] path_openat+0x1de4/0x2cb0 [ 719.387864][T14044] ? __pfx_path_openat+0x10/0x10 [ 719.387904][T14044] ? __lock_acquire+0xb8a/0x1c90 [ 719.387964][T14044] do_filp_open+0x20b/0x470 [ 719.388003][T14044] ? __pfx_do_filp_open+0x10/0x10 [ 719.388074][T14044] ? alloc_fd+0x471/0x7d0 [ 719.388121][T14044] do_sys_openat2+0x11b/0x1d0 [ 719.388170][T14044] ? __pfx_do_sys_openat2+0x10/0x10 [ 719.388234][T14044] __x64_sys_openat+0x174/0x210 [ 719.388283][T14044] ? __pfx___x64_sys_openat+0x10/0x10 [ 719.388350][T14044] do_syscall_64+0xcd/0x490 [ 719.388396][T14044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.388431][T14044] RIP: 0033:0x7f560978e9a9 [ 719.388459][T14044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 719.388491][T14044] RSP: 002b:00007f560a5ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 719.388523][T14044] RAX: ffffffffffffffda RBX: 00007f56099b6320 RCX: 00007f560978e9a9 [ 719.388543][T14044] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 719.388563][T14044] RBP: 00007f5609810d69 R08: 0000000000000000 R09: 0000000000000000 [ 719.388582][T14044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 719.388600][T14044] R13: 0000000000000000 R14: 00007f56099b6320 R15: 00007ffe983edf48 [ 719.388642][T14044] [ 727.452742][T14146] can: request_module (can-proto-0) failed. [ 727.878293][T14109] Process accounting paused [ 733.856231][T14239] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 733.972075][T14239] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1389'. [ 741.353275][T14363] net_ratelimit: 20 callbacks suppressed [ 741.353295][T14363] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 746.309939][T14433] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1430'. [ 757.571784][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 757.581346][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 758.495021][T14616] Process accounting resumed [ 758.682523][T14630] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1469'. [ 761.696407][T14681] netlink: 19 bytes leftover after parsing attributes in process `syz.0.1480'. [ 762.190421][T14695] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1481'. [ 766.976223][T14761] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 774.166765][T14850] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1509'. [ 780.751953][T14959] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078000dc0 pfn:0x78000 [ 780.769058][T14959] memcg:ffff888030459202 [ 780.782554][T14959] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 780.789816][T14959] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 780.799670][T14959] raw: ffff888078000dc0 0000000000000000 00000001ffffffff ffff888030459202 [ 780.808392][T14959] page dumped because: unmovable page [ 780.814139][T14959] page_owner tracks the page as allocated [ 780.822033][T14959] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 12554, tgid 12554 (kworker/u10:8), ts 779346936892, free_ts 779073558439 [ 780.903816][T14959] post_alloc_hook+0x1c0/0x230 [ 780.913715][T14959] get_page_from_freelist+0x1321/0x3890 [ 780.919333][T14959] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 780.943376][T14959] alloc_pages_mpol+0x1fb/0x550 [ 780.948872][T14959] alloc_pages_noprof+0x131/0x390 [ 780.958679][T14959] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 780.975110][T14959] __vmalloc_node_noprof+0xad/0xf0 [ 780.980364][T14959] copy_process+0x2c70/0x7690 [ 780.997441][T14959] kernel_clone+0xfc/0x930 [ 781.001970][T14959] user_mode_thread+0xc7/0x110 [ 781.011425][T14959] call_usermodehelper_exec_work+0x6b/0x170 [ 781.023375][T14959] process_one_work+0x9cc/0x1b70 [ 781.049655][T14959] worker_thread+0x6c8/0xf10 [ 781.063478][T14959] kthread+0x3c2/0x780 [ 781.067793][T14959] ret_from_fork+0x5d4/0x6f0 [ 781.072490][T14959] ret_from_fork_asm+0x1a/0x30 [ 781.092031][T14959] page last free pid 0 tgid 0 stack trace: [ 781.102133][T14959] __free_frozen_pages+0x7fe/0x1180 [ 781.112266][T14959] tlb_remove_table_rcu+0x116/0x1a0 [ 781.122380][T14959] rcu_core+0x79c/0x14e0 [ 781.132529][T14959] handle_softirqs+0x219/0x8e0 [ 781.142144][T14959] __irq_exit_rcu+0x109/0x170 [ 781.153450][T14959] irq_exit_rcu+0x9/0x30 [ 781.163459][T14959] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 781.173386][T14959] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 786.914087][T15027] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 788.808832][T15038] Process accounting paused [ 792.754468][T11896] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 792.754516][T11896] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 792.771914][T11896] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 792.771957][T11896] Bluetooth: hci3: adv larger than maximum supported [ 792.779068][T11896] Bluetooth: hci3: Malformed LE Event: 0x0d [ 796.132245][T15149] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1566'. [ 796.159227][T15149] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 798.743056][T15189] random: crng reseeded on system resumption [ 799.453816][T15182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 799.640077][T15182] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 810.949959][T15382] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1610'. [ 819.007375][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 819.013806][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 819.732487][T15525] Process accounting resumed [ 820.538740][T11896] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 820.538838][T11896] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 820.555043][T11896] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 820.555199][T11896] Bluetooth: hci3: adv larger than maximum supported [ 820.564794][T11896] Bluetooth: hci3: Malformed LE Event: 0x0d [ 821.480560][ T30] audit: type=1800 audit(1843105032.840:10): pid=15562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1644" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 syzkaller syzkaller login: [ 825.521620][T11896] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 825.521652][T11896] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 825.536514][T11896] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 825.536546][T11896] Bluetooth: hci3: adv larger than maximum supported [ 825.543866][T11896] Bluetooth: hci3: Malformed LE Event: 0x0d [ 827.540604][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 827.549932][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 827.987144][T15671] sp0: Synchronizing with TNC [ 832.624373][T15745] random: crng reseeded on system resumption syzkaller syzkaller login: [ 850.219851][T15996] Process accounting paused [ 853.990760][T16064] netlink: 25520 bytes leftover after parsing attributes in process `syz.2.1737'. [ 854.002356][T16064] netlink: zone id is out of range [ 854.010549][T16064] netlink: zone id is out of range [ 854.016937][T16064] netlink: zone id is out of range [ 854.024178][T16064] netlink: zone id is out of range [ 854.036715][T16064] netlink: zone id is out of range [ 854.041962][T16064] netlink: zone id is out of range [ 854.054023][T16064] netlink: zone id is out of range [ 854.073073][T16064] netlink: zone id is out of range [ 854.079624][T16064] netlink: zone id is out of range [ 854.086414][T16064] netlink: zone id is out of range [ 864.361272][T16221] kexec: Could not allocate control_code_buffer [ 880.454145][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 880.479664][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 881.687684][T16517] Invalid ELF header magic: != ELF [ 882.063349][T16509] Process accounting resumed [ 883.292198][T16528] net_ratelimit: 228 callbacks suppressed [ 883.292218][T16528] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 884.850887][T16573] Invalid ELF header magic: != ELF [ 891.232348][T16662] FAULT_INJECTION: forcing a failure. [ 891.232348][T16662] name failslab, interval 1, probability 0, space 0, times 0 [ 891.291993][T16662] CPU: 1 UID: 0 PID: 16662 Comm: syz.3.1848 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 891.292028][T16662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 891.292043][T16662] Call Trace: [ 891.292051][T16662] [ 891.292059][T16662] dump_stack_lvl+0x16c/0x1f0 [ 891.292093][T16662] should_fail_ex+0x512/0x640 [ 891.292129][T16662] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 891.292166][T16662] should_failslab+0xc2/0x120 [ 891.292196][T16662] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 891.292242][T16662] ? d_instantiate+0x77/0x90 [ 891.292271][T16662] ? alloc_empty_file+0x55/0x1e0 [ 891.292308][T16662] alloc_empty_file+0x55/0x1e0 [ 891.292344][T16662] alloc_file_pseudo+0x13a/0x230 [ 891.292380][T16662] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 891.292420][T16662] ? do_raw_spin_unlock+0x172/0x230 [ 891.292463][T16662] __anon_inode_getfile+0xe8/0x280 [ 891.292494][T16662] anon_inode_getfile_fmode+0x37/0xa0 [ 891.292525][T16662] do_eventfd+0x19b/0x2c0 [ 891.292556][T16662] ? rcu_is_watching+0x12/0xc0 [ 891.292582][T16662] __x64_sys_eventfd+0x32/0x50 [ 891.292621][T16662] do_syscall_64+0xcd/0x490 [ 891.292654][T16662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.292679][T16662] RIP: 0033:0x7fd72878e9a9 [ 891.292698][T16662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 891.292722][T16662] RSP: 002b:00007fd729588038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 891.292745][T16662] RAX: ffffffffffffffda RBX: 00007fd7289b6160 RCX: 00007fd72878e9a9 [ 891.292761][T16662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 891.292775][T16662] RBP: 00007fd728810d69 R08: 0000000000000000 R09: 0000000000000000 [ 891.292790][T16662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 891.292805][T16662] R13: 0000000000000000 R14: 00007fd7289b6160 R15: 00007ffd675b2ab8 [ 891.292834][T16662] [ 901.738166][ T30] audit: type=1800 audit(6138072409.071:11): pid=16799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1876" name="members" dev="configfs" ino=43727 res=0 errno=0 [ 903.065960][T11896] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 903.065992][T11896] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 903.080787][T11896] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 903.080827][T11896] Bluetooth: hci3: adv larger than maximum supported [ 903.087948][T11896] Bluetooth: hci3: Malformed LE Event: 0x0d [ 905.502752][T16854] random: crng reseeded on system resumption [ 905.797577][T16843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 905.810196][T16843] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 912.145738][T16936] Process accounting paused [ 917.867274][T17037] zram0: detected capacity change from 0 to 8 [ 925.140442][T17138] FAULT_INJECTION: forcing a failure. [ 925.140442][T17138] name failslab, interval 1, probability 0, space 0, times 0 [ 925.412165][T17138] CPU: 1 UID: 0 PID: 17138 Comm: syz.1.1934 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 925.412200][T17138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 925.412217][T17138] Call Trace: [ 925.412224][T17138] [ 925.412233][T17138] dump_stack_lvl+0x16c/0x1f0 [ 925.412282][T17138] should_fail_ex+0x512/0x640 [ 925.412318][T17138] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 925.412346][T17138] should_failslab+0xc2/0x120 [ 925.412377][T17138] __kmalloc_cache_noprof+0x6a/0x3e0 [ 925.412400][T17138] ? do_eventfd+0x67/0x2c0 [ 925.412436][T17138] do_eventfd+0x67/0x2c0 [ 925.412466][T17138] ? rcu_is_watching+0x12/0xc0 [ 925.412510][T17138] __x64_sys_eventfd+0x32/0x50 [ 925.412544][T17138] do_syscall_64+0xcd/0x490 [ 925.412578][T17138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 925.412614][T17138] RIP: 0033:0x7fac8dd8e9a9 [ 925.412631][T17138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 925.412655][T17138] RSP: 002b:00007fac8ebeb038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 925.412676][T17138] RAX: ffffffffffffffda RBX: 00007fac8dfb5fa0 RCX: 00007fac8dd8e9a9 [ 925.412692][T17138] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 925.412706][T17138] RBP: 00007fac8de10d69 R08: 0000000000000000 R09: 0000000000000000 [ 925.412720][T17138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 925.412734][T17138] R13: 0000000000000000 R14: 00007fac8dfb5fa0 R15: 00007ffe648dd068 [ 925.412763][T17138] [ 929.899007][T17209] FAULT_INJECTION: forcing a failure. [ 929.899007][T17209] name failslab, interval 1, probability 0, space 0, times 0 [ 929.920215][T17209] CPU: 0 UID: 0 PID: 17209 Comm: syz.0.1949 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 929.920259][T17209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 929.920278][T17209] Call Trace: [ 929.920288][T17209] [ 929.920302][T17209] dump_stack_lvl+0x16c/0x1f0 [ 929.920345][T17209] should_fail_ex+0x512/0x640 [ 929.920393][T17209] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 929.920431][T17209] should_failslab+0xc2/0x120 [ 929.920472][T17209] __kmalloc_cache_noprof+0x6a/0x3e0 [ 929.920503][T17209] ? __pfx___x64_sys_futex+0x10/0x10 [ 929.920549][T17209] ? do_eventfd+0x67/0x2c0 [ 929.920598][T17209] do_eventfd+0x67/0x2c0 [ 929.920636][T17209] ? rcu_is_watching+0x12/0xc0 [ 929.920674][T17209] __x64_sys_eventfd+0x32/0x50 [ 929.920718][T17209] do_syscall_64+0xcd/0x490 [ 929.920770][T17209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.920804][T17209] RIP: 0033:0x7f560978e9a9 [ 929.920832][T17209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 929.920863][T17209] RSP: 002b:00007f560a632038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 929.920894][T17209] RAX: ffffffffffffffda RBX: 00007f56099b5fa0 RCX: 00007f560978e9a9 [ 929.920914][T17209] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 929.920933][T17209] RBP: 00007f5609810d69 R08: 0000000000000000 R09: 0000000000000000 [ 929.920951][T17209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 929.920970][T17209] R13: 0000000000000000 R14: 00007f56099b5fa0 R15: 00007ffe983edf48 [ 929.921010][T17209] [ 936.073359][T17303] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 938.813346][ T30] audit: type=1800 audit(6138072446.091:12): pid=17343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1971" name="members" dev="configfs" ino=45876 res=0 errno=0 [ 939.635211][T17351] usb usb36: usbfs: process 17351 (syz.0.1973) did not claim interface 0 before use [ 939.677708][T17351] device-mapper: ioctl: Unable to rename non-existent device,  to [ 940.649242][T11896] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 940.649366][T11896] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 940.671523][T11896] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 940.671652][T11896] Bluetooth: hci3: Malformed LE Event: 0x0d [ 941.889600][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 941.896167][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 943.347727][T17361] Process accounting resumed [ 949.844067][T17486] capability: warning: `syz.0.1999' uses 32-bit capabilities (legacy support in use) [ 949.900470][T17486] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1999'. [ 949.922842][T17486] HfR: entered promiscuous mode [ 950.449024][T17494] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2001'. [ 954.043666][T11896] ================================================================== [ 954.051767][T11896] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 [ 954.059601][T11896] Read of size 140 at addr ffffc90003147000 by task kworker/u11:1/11896 [ 954.067956][T11896] [ 954.070327][T11896] CPU: 0 UID: 0 PID: 11896 Comm: kworker/u11:1 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 954.070358][T11896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 954.070375][T11896] Workqueue: hci0 hci_devcd_timeout [ 954.070403][T11896] Call Trace: [ 954.070413][T11896] [ 954.070423][T11896] dump_stack_lvl+0x116/0x1f0 [ 954.070454][T11896] print_report+0xcd/0x630 [ 954.070496][T11896] ? __virt_addr_valid+0x81/0x610 [ 954.070527][T11896] ? hci_devcd_dump+0x142/0x240 [ 954.070549][T11896] kasan_report+0xe0/0x110 [ 954.070578][T11896] ? hci_devcd_dump+0x142/0x240 [ 954.070604][T11896] kasan_check_range+0x100/0x1b0 [ 954.070646][T11896] __asan_memcpy+0x23/0x60 [ 954.070668][T11896] hci_devcd_dump+0x142/0x240 [ 954.070692][T11896] hci_devcd_timeout+0xb5/0x2e0 [ 954.070715][T11896] ? rcu_is_watching+0x12/0xc0 [ 954.070742][T11896] process_one_work+0x9cc/0x1b70 [ 954.070785][T11896] ? __pfx_process_one_work+0x10/0x10 [ 954.070826][T11896] ? assign_work+0x1a0/0x250 [ 954.070860][T11896] worker_thread+0x6c8/0xf10 [ 954.070900][T11896] ? __kthread_parkme+0x19e/0x250 [ 954.070929][T11896] ? __pfx_worker_thread+0x10/0x10 [ 954.070984][T11896] kthread+0x3c2/0x780 [ 954.071017][T11896] ? __pfx_kthread+0x10/0x10 [ 954.071052][T11896] ? rcu_is_watching+0x12/0xc0 [ 954.071076][T11896] ? __pfx_kthread+0x10/0x10 [ 954.071111][T11896] ret_from_fork+0x5d4/0x6f0 [ 954.071148][T11896] ? __pfx_kthread+0x10/0x10 [ 954.071182][T11896] ret_from_fork_asm+0x1a/0x30 [ 954.071218][T11896] [ 954.071226][T11896] [ 954.223687][T11896] The buggy address belongs to a vmalloc virtual mapping [ 954.230739][T11896] Memory state around the buggy address: [ 954.236395][T11896] ffffc90003146f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 954.244473][T11896] ffffc90003146f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 954.252547][T11896] >ffffc90003147000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 954.260616][T11896] ^ [ 954.264685][T11896] ffffc90003147080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 954.272748][T11896] ffffc90003147100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 954.280967][T11896] ================================================================== [ 954.297738][T11896] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 954.304987][T11896] CPU: 0 UID: 0 PID: 11896 Comm: kworker/u11:1 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 954.317014][T11896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 954.327090][T11896] Workqueue: hci0 hci_devcd_timeout [ 954.332317][T11896] Call Trace: [ 954.335620][T11896] [ 954.338572][T11896] dump_stack_lvl+0x3d/0x1f0 [ 954.343201][T11896] panic+0x71c/0x800 [ 954.347142][T11896] ? __pfx_panic+0x10/0x10 [ 954.351593][T11896] ? mark_held_locks+0x49/0x80 [ 954.356408][T11896] ? preempt_schedule_thunk+0x16/0x30 [ 954.361810][T11896] ? hci_devcd_dump+0x142/0x240 [ 954.366694][T11896] ? preempt_schedule_common+0x44/0xc0 [ 954.372174][T11896] ? check_panic_on_warn+0x1f/0xb0 [ 954.377321][T11896] ? hci_devcd_dump+0x142/0x240 [ 954.382219][T11896] check_panic_on_warn+0xab/0xb0 [ 954.387236][T11896] end_report+0x107/0x170 [ 954.391608][T11896] kasan_report+0xee/0x110 [ 954.396085][T11896] ? hci_devcd_dump+0x142/0x240 [ 954.400992][T11896] kasan_check_range+0x100/0x1b0 [ 954.405977][T11896] __asan_memcpy+0x23/0x60 [ 954.410406][T11896] hci_devcd_dump+0x142/0x240 [ 954.415220][T11896] hci_devcd_timeout+0xb5/0x2e0 [ 954.420114][T11896] ? rcu_is_watching+0x12/0xc0 [ 954.424908][T11896] process_one_work+0x9cc/0x1b70 [ 954.429902][T11896] ? __pfx_process_one_work+0x10/0x10 [ 954.435323][T11896] ? assign_work+0x1a0/0x250 [ 954.439963][T11896] worker_thread+0x6c8/0xf10 [ 954.444592][T11896] ? __kthread_parkme+0x19e/0x250 [ 954.449650][T11896] ? __pfx_worker_thread+0x10/0x10 [ 954.454796][T11896] kthread+0x3c2/0x780 [ 954.458904][T11896] ? __pfx_kthread+0x10/0x10 [ 954.463533][T11896] ? rcu_is_watching+0x12/0xc0 [ 954.468317][T11896] ? __pfx_kthread+0x10/0x10 [ 954.472933][T11896] ret_from_fork+0x5d4/0x6f0 [ 954.477576][T11896] ? __pfx_kthread+0x10/0x10 [ 954.482197][T11896] ret_from_fork_asm+0x1a/0x30 [ 954.486996][T11896] [ 954.490490][T11896] Kernel Offset: disabled [ 954.494850][T11896] Rebooting in 86400 seconds..