last executing test programs: 7.198899896s ago: executing program 2 (id=697): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="205c2020027e0dc0023af10e9bfa1babfa203753ca9a20370a", 0x19) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000100)={0x30, 0x0, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x2}, @OVS_METER_ATTR_STATS={0x14, 0x3, {0x2, 0xd}}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x40480d4) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x1, 0x948b, 0x0, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x40009, 0x9, 0x9, 0x1, 0x8]}, 0x0) capset$auto(0x0, 0x0) select$auto(0x9, &(0x7f0000000180)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0x100000a, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000062c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000006380)={0xfffffffffffffffd, 0x0, &(0x7f0000006340)={&(0x7f0000006300)={0x14, r2, 0x38f, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4044041}, 0x4000) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00') close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) 5.590039283s ago: executing program 1 (id=702): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x68a80, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x88000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setpriority$auto_PRIO_USER(0x2, 0x0, 0x8) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) arch_prctl$auto_ARCH_SHSTK_UNLOCK(0x5004, 0xf2) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x81a0ae8c, 0x0) 5.344049559s ago: executing program 2 (id=703): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x90203, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0082, 0x0) mmap$auto(0x0, 0xd, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) write$auto(r2, &(0x7f00000002c0)='/d-:\xe7J\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xea>=\xe8hUs\xf3N\x10$#_\x01\xdc\x16<\xda>ui\x9eS;\n\xeaG@\xf9\\r\xbc\x06\xfa\x1b\x8d \x9ebd\x10\xea#\xcb(o\x9ei\x89\x84\xa7\x85\xad\xe1\xe0\xf19\xfa4\xb5\ad\x84\f\xc9\x12a3\xb9~\x87\x1c\xd1\xf4V\x06\xa7\x00\x01D\x1eo\xfd\x03\xbe\xd8\x05H|+wsSs\xf9\x11\xc9\x13x\xe0\x8e\x109J\xe7\x9f\x99\x82G(\xabH\xee\xaaPs_\xc3\x00'/157, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) socket(0xb, 0x80000, 0x5) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) 5.305514341s ago: executing program 1 (id=704): setitimer$auto(0x2, 0x0, 0x0) unshare$auto(0x40000080) socket(0x10, 0x2, 0xc) getitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f00000000c0)={{0x2, 0x4be0}, {0x9, 0x6}}) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) socket(0x10, 0x2, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/0/affinity_hint\x00', 0x40301, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) iopl$auto(0x3) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) read$auto(r2, 0x0, 0xcefbce6) 5.130388191s ago: executing program 0 (id=706): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) shmdt$auto(&(0x7f0000000000)=':-h!/-^@(\']@%]/(') 4.626134083s ago: executing program 1 (id=707): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f00000001c0)='./file0\x00', 0x121142, 0x13d) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/sound/ctl-led/mic/card0/reset\x00', 0xa001, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/crash_elfcorehdr_size\x00', 0x0, 0x0) write$auto(r0, &(0x7f0000000140)='/sys/devices/virtual/sound/ctl-led/mic/card0/reset\x00', 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/116, 0x74) get_mempolicy$auto(0xfffffffffffffffe, 0x0, 0x3, 0x1ff, 0x3) write$auto(r1, &(0x7f0000000000)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x7) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0xfffffdef) socket$nl_generic(0x10, 0x3, 0x10) getxattr$auto(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='+/\'&%\x00', 0x0, 0x401) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x2000b, 0x4080000000df, 0x100000010, 0x401, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) sendmsg$auto_NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x1) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x5, 0x0, 0x4a) pread64$auto(r3, 0x0, 0x23, 0x7) sendfile$auto(0x6, 0x3, 0x0, 0x8000) 4.604744198s ago: executing program 2 (id=708): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0xc, 0x940, 0x1ffde, 0x7, 0x6, 0x3ff, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x5, 0x7, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a]}, 0x400, 0x81) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0x1, 0x8, "3112d598004a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe000900000000000755015e48d"}, 0x3, 0x5, 0x4, @inferred, @integer={0x1, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd7327b386425608af790ada71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r4, 0x5453, r4) getrandom$auto(0x0, 0x6000000, 0x3) fsconfig$auto_HIDEPID_OFF(r3, 0x80000000, &(0x7f0000000100)='\x00', &(0x7f0000000140)="c666234535154c810d2ea848dbc90156a2b68f9c3eeb5e4f6750d2b02c807339de7b8e41e39c2ceed5c02097e02d0743ea1808bf3e2fa1", 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x110c230000, 0x1, 0x9) fcntl$auto_F_UNLCK(r2, 0x4, 0x2) 4.570023418s ago: executing program 0 (id=709): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/debug/tracing/error_log\x00', 0x603, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x40, 0x0) ioctl$auto_SOUND_PCM_READ_CHANNELS(r1, 0x80045006, &(0x7f0000000040)) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0) madvise$auto(0x7fffffffffffffff, 0x0, 0x1ff) sendmsg$auto_NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000480)={0x53c, r2, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x77}, @NL80211_ATTR_AUTH_DATA={0x74, 0x9c, "577cb13115e7446ed7881bef2bbf59b7516632f2fbf4a23bda8eed6d9ca4ce91c5c114c17ce2052a28de1177ce5cb4c1eff785ddced629c926f6924028372b7f6ae1afdd952c694f02cdca19bd00c47bb7075fee3534076e0e37e47ddf41fb17ef6eaba6a15f26b1bbdcf2d98b5b2542"}, @NL80211_ATTR_BEACON_HEAD={0x4aa, 0xe, "8125cdcf6a976dc6df2f3b6db9ee2615a0cbe789e915caed88df89989014c5df101285e45b19a4e4b32e8e81568c36d0e2ae827d6c65c12b1d0ebf28252b48a17fadf162bded08426a5e8d8c4de26bcfd9c029745cecf674727495667e438156ff8d3902d348e1f37429f8083fb1916956861f7f214aa4d8097bcda735aabe440d3d77d33b04b18b934fc388c65508b133cde21268f73037136919cb518272a8d02c63674d51b5b1d8fafdc48a4561e917bcb0fb79e06722ec44fd362985136b1e432f1a48c54e9f2ee87d4666bf800f204137efeba544338d20b77d98467c99a615e7f22d68f22d1bbf6b18d8c9d2c87fea9939f0a0a976329add90e69f67b549d27f17836a9c3d30e6958371f31e824c944cebf1fcdc3d1f1a96a49ee75474ab689894e88d2d9da646cd0625b7dec640d8fc167c366fdc6125e579eb7da888d62592cc1ca570e3840337077c95c639c3d6efa3a34e7e7580adf9acdc2395fcd0d6de00017417c3ec4aed87072fd230cec5a15cd7dacbff5c07c220b475b0b3bba68507ccadd5e742a448bae1868ffea127024598ed494e942e80a531099104061edceba9705de646e0c8aad6d8bbb37c5de14f1c2865a5bcb793159bd7d7111753b6c97572a14acb411ae3b3e4eb12eb0d892ddb0e99d0de81a4e120c52c9507818520be5256b48b09d2e993808aea712e30d61dedc1a97e81f15e13cc6c0ea30ed807d5956e3b3cf3af9f0cc9a592de28e3f6e6df1e5e2c286c7352471ce7a842278c1328275ca800ca7439cb50a3777933b251e851a854ada5bb3b5abe4cd477bd79f5bd3187cbd0d08c1a4aa35944b3186c5877cab36f6a89276cb7cc485e91a65a3b11145da4bb1bb39a033835c8b760c716cb62a0a376e37e9ccd0ee24254aafd757bbf7f2dea8919acea4692623e24f16c8dd8f3f602cc6de52a280fab9289c033a130b4ad22bbcd879cd96bc42f9238d8a0e4d05bdc4647ee582ebb40b55fb497fe1cd9ceb5c0d2c62c412e9837d3d813194aaac599e9508e7228f94f63e1c5318d992d20a20a6b3729776063ea93ed17ef8a691ea4d5236b06285b17d5957e28d39e9aa37c457ca374b683ca530951e83cb85b80392ad9241f34c3d50e432cbc347f4d47aa6ed332d3573c29e0311232585bb57d607e62bbb565f7b85e6b601a44156d67c0c57e850d233e376eb1ae1a9f336322a960b72c8200ec2cc4cb9bd6f5b4fb9a04eefa1a8b3a18dcaa7c9756174e34783b60b99aee78e49d614c4855436908e6707c09367a934ebb3f6b2733e55821a41363749654731db7f50b4097dd705df72d094803ac63ebe59a362d0eb116b062a6ce98f11c99aa42a33093adf064d11b49644e76c088fd81e211368f63fe79e191d5744876dffdd51d3e9f85e9018d4f0d53cbd61e70ca2052a87ab37bdc2e5ca1473b75c92d7e7e3fd63c5d75d5d14ae74eacfb27b9a5b8f925b2a78d785b513791e0547b86cdd7811d7ec48987839c9b1ddebd103220d15f3b1f3a56055dcfec8b8f985e685ebdae00ef65890de7bf4f4911e246a0d725e935894ddced94ee591ed94bf11bc64c0f75864389da7057d1486d80d114df1510bab17af553e123067740423772e25a03378fbf7d74f73542b09985eb92ef5dd0139d31a6ecbeb68c2cb863f5c767c678b960e465"}]}, 0x53c}, 0x1, 0x0, 0x0, 0x1}, 0x24010800) getdents64$auto(r0, &(0x7f0000000200)={0x7, 0x8000, 0x9, 0x1, "cb512bdf87b24fe22b646aaa815f8f08423bf90fab2d5ddcf78f1b7b39f6fe2d1c5daa12db1be32f8950176ecfd74e34f2ad1178aedd424531ad902e3c042ae2f95a17adbcb1c3674710120a570d95aa1e04aa5930970e344d1d85ebac50e60a8183b2256dacd4832600d957c3b810bfcc49519c18deeff32b8b9473b4170ba1b8acbb685e5ceb76911134d5c24e0175e61a56615ec3fbe45baa81ab6d8cb594eaed58"}, 0x3) socketcall$auto(0x37, &(0x7f0000000080)=0x3) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) flock$auto(r3, 0x1) r4 = open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x40) flock$auto(r4, 0x2) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(r3, &(0x7f0000000380)={{&(0x7f00000002c0)="6ae81b33f157b4a56b4feae24b4ec9312ee14714547e", 0xa1, &(0x7f0000000340)={&(0x7f0000000300)="d30018c890cd522ccb00bf26da7b9b6b38586b5e2be4b57b70013ae8d06df9234a898c5787f6", 0x2}, 0x0, &(0x7f00000009c0)="197778c407fe7bafd35e0abc52126d0a70863fc7df41d6d3acc0374639a6889ebbd32599647ee559ea13b693d7208c319492301eb060eb71f97796dea4269f4113617a12dfa5fd8d2763db6c4e3d20af3d48d8e58753ceed937f3c434ade1a989b835b7051c2cac1b12bd32b2cd8e88902dfc74814cc8ce68e3d0c208ef98db4c03d13d9416fdbd1b059b1d16d0febd547c7c9a215293dd4cf4d6837d525e84a7f81f6c760697ebfd5664a297776cdeb571287172172097cf8314ac37b7bf4f502f241a1c687b1f0c1", 0x8, 0x92}, 0x5}, 0xfd66, 0x0) r5 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/syscall\x00', 0x0, 0x0) read$auto_proc_single_file_operations_base(r5, &(0x7f0000000100)=""/41, 0x29) 3.832973242s ago: executing program 0 (id=711): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0xffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x8f3b7a51b8360c21, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) io_uring_setup$auto(0x1, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb2, 0x401, 0x8000) ioctl$auto_SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000500)={0x0, 0x0, "a68a78cddb9af7ac4c80865002a0d2e3", "213ea76652ad28e8b96ec5ed5243aea3", "25222c3aac25ccff5de7b81eefde747e7674da7f6154e6bcf81ec7dadaa3b485", "12f251f2492bb43c598ef0237d522cb86954c0763131c2f67eaa6356799448a9576c948fc3fb995daec2f1fc9170a70b4b71b44f04809f3ca99cb9b4e9d3abb67d33f3d3fe57d0289938f4ce01d60bfd", "e9e7f824968ee78f73dc2749d12c7e05", "402beaf8e2dfaba5303a6efa74256963183267b80c0b5a1f17a2c919b4c43dc3817ea4719a3e48cdb8c3e9873ecfe260f627c94bc35f96d615979b05547405d7e633a060cdb0fc80f9562c947ed257fd", "5c84948d2c357792b0c4be9a3a15ecfee836d93ae475d2bc8193e8ac53c0494bf16e9a6d85fa65416177e39fac9de9d4869f6e9602c6f01a500ba2ba3d5fef158c908f502afdfe316cf3ac63f1f4842ec3c180d103084776592ff9e4a66125f8f285cabc67891f381c9bcc345f41ee4f2d7f4bffb05d58b0377a76a50de67bb8"}) r4 = getpgid(0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x1, 0x6, 0x80000001, "a2b8e85fc56865ba529faa0000000000000000000000692a240000008000", @raw=0x6}, 0x6, 0x5, 0x7, @inferred=r4, @reserved="fb99d320be0de941ac3f58d7aae0c84cbe332d618e0342771e3ac6e9a9df07cf9b1c017c611ac455c01804d0d4c89bee7005c5affd5ab891b44e48364e8de3f344584996c31f9ae16c6c4f062d38f590125ed264000000000000000000000000000000000000000600", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f4ab606c276852295e00af49090000008034"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(0xffffffffffffffff, 0xc0405519, &(0x7f00000000c0)={@inferred=r4, 0x6, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @inferred=r4}) setsockopt$auto_SO_BSDCOMPAT(0xffffffffffffffff, 0x7f, 0xe, &(0x7f00000018c0)='\x00', 0x4) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000000)="e954a56f9017eca0d7a70a54e028f72457aa24d4723cd785", 0x9, &(0x7f0000000100)={&(0x7f0000000040)="b1e32a62c344b856a23a449acba9b409be234445b2b317bfeef250b7179a05701a12274b75596b2a944c26f96e1678691058a8", 0x37}, 0x0, &(0x7f0000000200)="64cbaa33427ba6be9cd444df224685889427509a1720cf345ba94c91045757c0a35df6b0297857d03966f6c2cd8c3afa326cd440846511065e8892d7723bc51ad7702bc459f3d9b4c94976c979f14d6015fecc3ff6570a1fb125d52b2e88505bff97691dbb7b2481114f62afa95877289da5ede4d9d073b23054a762b0becaffe9ed6ba428a866455999db927e3beaf1c2ddbcb318ec3e1b608498", 0x7a7, 0x6}, 0x3}, 0x4, 0x81, &(0x7f0000000180)={0x3, 0x9}) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_RESET(r1, 0x5000, 0x0) ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(r0, 0xc0884123, 0x0) socket(0xa, 0x801, 0x84) 3.798561122s ago: executing program 2 (id=712): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="205c2020027e0dc0023af10e9bfa1babfa203753ca9a20370a", 0x19) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000100)={0x30, 0x0, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x2}, @OVS_METER_ATTR_STATS={0x14, 0x3, {0x2, 0xd}}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x40480d4) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x1, 0x948b, 0x0, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x40009, 0x9, 0x9, 0x1, 0x8]}, 0x0) capset$auto(0x0, 0x0) select$auto(0x9, &(0x7f0000000180)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0x100000a, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000062c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000006380)={0xfffffffffffffffd, 0x0, &(0x7f0000006340)={&(0x7f0000006300)={0x14, r2, 0x38f, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4044041}, 0x4000) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00') close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) 3.363597985s ago: executing program 1 (id=713): r0 = socket(0xa, 0x2, 0x0) setsockopt$auto(r0, 0x29, 0x8, 0x0, 0x1) (async) lseek$auto(0xffffffffffffffff, 0x8001, 0x4) unshare$auto(0x40000080) mmap$auto(0x405, 0x20009, 0x3, 0xeb1, 0x3fd, 0x8000) settimeofday$auto(0x0, &(0x7f0000000100)={0x82, 0x4}) getsockopt$auto(0xffffffffffffffff, 0x10002, 0x2, 0x0, &(0x7f0000000040)=0x2000000) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0x1d, 0x2, 0x7) (async) setsockopt$auto(0x3, 0x6b, 0x4, 0x0, 0xfb3) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x13, 0xfffffffffffffffb, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x29, 0x17000000, 0x0, 0x0, 0x0) 3.159801839s ago: executing program 0 (id=714): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x1, 0x15f4da0a, 0x1, 0xffffffffd09d8d67, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x2]}, 0x0) unshare$auto(0x40000080) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x2, 0x4020009, 0x6, 0xeb1, 0x401, 0xfffffffffffffffc) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x4000811) socket(0x10, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x20000000000eb1, 0x0, 0x8000) socket(0x2, 0x80002, 0x73) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xbfb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 3.04657228s ago: executing program 3 (id=715): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x90203, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0) mmap$auto(0x0, 0xd, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) write$auto(r2, &(0x7f00000002c0)='/d-:\xe7J\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xea>=\xe8hUs\xf3N\x10$#_\x01\xdc\x16<\xda>ui\x9eS;\n\xeaG@\xf9\\r\xbc\x06\xfa\x1b\x8d \x9ebd\x10\xea#\xcb(o\x9ei\x89\x84\xa7\x85\xad\xe1\xe0\xf19\xfa4\xb5\ad\x84\f\xc9\x12a3\xb9~\x87\x1c\xd1\xf4V\x06\xa7\x00\x01D\x1eo\xfd\x03\xbe\xd8\x05H|+wsSs\xf9\x11\xc9\x13x\xe0\x8e\x109J\xe7\x9f\x99\x82G(\xabH\xee\xaaPs_\xc3\x00'/157, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) socket(0xb, 0x80000, 0x5) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) 2.156826771s ago: executing program 3 (id=716): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x90203, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0082, 0x0) mmap$auto(0x0, 0xd, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) write$auto(r2, &(0x7f00000002c0)='/d-:\xe7J\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xea>=\xe8hUs\xf3N\x10$#_\x01\xdc\x16<\xda>ui\x9eS;\n\xeaG@\xf9\\r\xbc\x06\xfa\x1b\x8d \x9ebd\x10\xea#\xcb(o\x9ei\x89\x84\xa7\x85\xad\xe1\xe0\xf19\xfa4\xb5\ad\x84\f\xc9\x12a3\xb9~\x87\x1c\xd1\xf4V\x06\xa7\x00\x01D\x1eo\xfd\x03\xbe\xd8\x05H|+wsSs\xf9\x11\xc9\x13x\xe0\x8e\x109J\xe7\x9f\x99\x82G(\xabH\xee\xaaPs_\xc3\x00'/157, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) socket(0xb, 0x80000, 0x5) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) 1.795932454s ago: executing program 1 (id=717): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x90203, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0) mmap$auto(0x0, 0xd, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, &(0x7f0000000040)='nbd\x00', 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(r1, 0xe, 0x0, 0x20) write$auto(r3, &(0x7f00000002c0)='/d-:\xe7J\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xea>=\xe8hUs\xf3N\x10$#_\x01\xdc\x16<\xda>ui\x9eS;\n\xeaG@\xf9\\r\xbc\x06\xfa\x1b\x8d \x9ebd\x10\xea#\xcb(o\x9ei\x89\x84\xa7\x85\xad\xe1\xe0\xf19\xfa4\xb5\ad\x84\f\xc9\x12a3\xb9~\x87\x1c\xd1\xf4V\x06\xa7\x00\x01D\x1eo\xfd\x03\xbe\xd8\x05H|+wsSs\xf9\x11\xc9\x13x\xe0\x8e\x109J\xe7\x9f\x99\x82G(\xabH\xee\xaaPs_\xc3\x00'/157, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) socket(0xb, 0x80000, 0x5) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) 1.745991476s ago: executing program 3 (id=718): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x4020aeb2, 0x10000000000402) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r1, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/cifs/smbd_send_credit_target\x00', 0x40, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x43}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8) 1.630090637s ago: executing program 0 (id=719): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/soft_watchdog\x00', 0x101201, 0x0) mmap$auto(0xae30, 0x40009, 0x20000000000df, 0x9b72, 0x7, 0x7) write$auto(0x3, 0x0, 0xffd8) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) r2 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0x103001, 0x0) write$auto_tracing_mark_raw_fops_trace(r2, &(0x7f00000001c0)="00222f9b", 0x4) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[], 0xf5c}, 0x1, 0x0, 0x0, 0x4044055}, 0x10) recvmmsg$auto(r3, &(0x7f0000000180)={{0x0, 0xf240, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x50}, 0x80000}, 0x10c, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) readahead$auto(r4, 0xcc7f, 0x6) r5 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB=' 6\x00\x00', @ANYRES16=r5, @ANYBLOB="010025bd7000fcdbdf250300000004000180083601"], 0x3620}, 0x1, 0x0, 0x0, 0x20000000}, 0x200400d0) ioctl$auto_TIOCSBRK2(r0, 0x5427, &(0x7f0000000080)="22ea6e2e2af10ad88a10613d3bd82e334e21e780568e8eac71cda97060c366a14e3de6357d9b49857cebe04c37dc3b67994a9a5d99b9df0020b8204f9de4a8be857f5cfd9592fb45837a8bfb256338623c8f131b273cfac1f82ed68b8b7e8c76a3161e300cd42d8ca430ff5acbef47f9556e28a5c719af0ac0dbe8201d5ca4cd6a2cde362a887b6ad3a66cfd93748a1dfe32e6ab00944a83e2566aa85dd5e5785c8ee6e4bd65e69b33481b0f737292f35f2afecf3a3d1df7af52ba9498af534694c07c89609d9cedf2fc1ec2fb6b0ecbcb190bde5619a2d39efb19f5d3551949899cafc20925be0f") mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file1\x00') 1.60332844s ago: executing program 2 (id=720): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x90203, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0) mmap$auto(0x0, 0xd, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4) (fail_nth: 2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) write$auto(r2, &(0x7f00000002c0)='/d-:\xe7J\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xea>=\xe8hUs\xf3N\x10$#_\x01\xdc\x16<\xda>ui\x9eS;\n\xeaG@\xf9\\r\xbc\x06\xfa\x1b\x8d \x9ebd\x10\xea#\xcb(o\x9ei\x89\x84\xa7\x85\xad\xe1\xe0\xf19\xfa4\xb5\ad\x84\f\xc9\x12a3\xb9~\x87\x1c\xd1\xf4V\x06\xa7\x00\x01D\x1eo\xfd\x03\xbe\xd8\x05H|+wsSs\xf9\x11\xc9\x13x\xe0\x8e\x109J\xe7\x9f\x99\x82G(\xabH\xee\xaaPs_\xc3\x00'/157, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) socket(0xb, 0x80000, 0x5) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) 1.512143671s ago: executing program 3 (id=721): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0xc, 0x940, 0x1ffde, 0x7, 0x6, 0x3ff, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x5, 0x7, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a]}, 0x400, 0x81) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0x1, 0x8, "3112d598004a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe000900000000000755015e48d"}, 0x3, 0x5, 0x4, @inferred, @integer={0x1, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd7327b386425608af790ada71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r4, 0x5453, r4) getrandom$auto(0x0, 0x6000000, 0x3) fsconfig$auto_HIDEPID_OFF(r3, 0x80000000, &(0x7f0000000100)='\x00', &(0x7f0000000140)="c666234535154c810d2ea848dbc90156a2b68f9c3eeb5e4f6750d2b02c807339de7b8e41e39c2ceed5c02097e02d0743ea1808bf3e2fa1", 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x110c230000, 0x1, 0x9) fcntl$auto_F_UNLCK(r2, 0x4, 0x2) 876.75469ms ago: executing program 0 (id=722): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f00000001c0)='./file0\x00', 0x121142, 0x13d) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/sound/ctl-led/mic/card0/reset\x00', 0xa001, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/crash_elfcorehdr_size\x00', 0x0, 0x0) write$auto(r0, &(0x7f0000000140)='/sys/devices/virtual/sound/ctl-led/mic/card0/reset\x00', 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/116, 0x74) get_mempolicy$auto(0xfffffffffffffffe, 0x0, 0x3, 0x1ff, 0x3) write$auto(r1, &(0x7f0000000000)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x7) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0xfffffdef) socket$nl_generic(0x10, 0x3, 0x10) getxattr$auto(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='+/\'&%\x00', 0x0, 0x401) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x2000b, 0x4080000000df, 0x100000010, 0x401, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) sendmsg$auto_NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x1) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x5, 0x0, 0x4a) pread64$auto(r3, 0x0, 0x23, 0x7) sendfile$auto(0x6, 0x3, 0x0, 0x8000) 812.880782ms ago: executing program 1 (id=723): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0xffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x8f3b7a51b8360c21, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) io_uring_setup$auto(0x1, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb2, 0x401, 0x8000) ioctl$auto_SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000500)={0x0, 0x0, "a68a78cddb9af7ac4c80865002a0d2e3", "213ea76652ad28e8b96ec5ed5243aea3", "25222c3aac25ccff5de7b81eefde747e7674da7f6154e6bcf81ec7dadaa3b485", "12f251f2492bb43c598ef0237d522cb86954c0763131c2f67eaa6356799448a9576c948fc3fb995daec2f1fc9170a70b4b71b44f04809f3ca99cb9b4e9d3abb67d33f3d3fe57d0289938f4ce01d60bfd", "e9e7f824968ee78f73dc2749d12c7e05", "402beaf8e2dfaba5303a6efa74256963183267b80c0b5a1f17a2c919b4c43dc3817ea4719a3e48cdb8c3e9873ecfe260f627c94bc35f96d615979b05547405d7e633a060cdb0fc80f9562c947ed257fd", "5c84948d2c357792b0c4be9a3a15ecfee836d93ae475d2bc8193e8ac53c0494bf16e9a6d85fa65416177e39fac9de9d4869f6e9602c6f01a500ba2ba3d5fef158c908f502afdfe316cf3ac63f1f4842ec3c180d103084776592ff9e4a66125f8f285cabc67891f381c9bcc345f41ee4f2d7f4bffb05d58b0377a76a50de67bb8"}) r4 = getpgid(0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x1, 0x6, 0x80000001, "a2b8e85fc56865ba529faa0000000000000000000000692a240000008000", @raw=0x6}, 0x6, 0x5, 0x7, @inferred=r4, @reserved="fb99d320be0de941ac3f58d7aae0c84cbe332d618e0342771e3ac6e9a9df07cf9b1c017c611ac455c01804d0d4c89bee7005c5affd5ab891b44e48364e8de3f344584996c31f9ae16c6c4f062d38f590125ed264000000000000000000000000000000000000000600", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f4ab606c276852295e00af49090000008034"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(0xffffffffffffffff, 0xc0405519, &(0x7f00000000c0)={@inferred=r4, 0x6, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @inferred=r4}) setsockopt$auto_SO_BSDCOMPAT(0xffffffffffffffff, 0x7f, 0xe, &(0x7f00000018c0)='\x00', 0x4) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000000)="e954a56f9017eca0d7a70a54e028f72457aa24d4723cd785", 0x9, &(0x7f0000000100)={&(0x7f0000000040)="b1e32a62c344b856a23a449acba9b409be234445b2b317bfeef250b7179a05701a12274b75596b2a944c26f96e1678691058a8", 0x37}, 0x0, &(0x7f0000000200)="64cbaa33427ba6be9cd444df224685889427509a1720cf345ba94c91045757c0a35df6b0297857d03966f6c2cd8c3afa326cd440846511065e8892d7723bc51ad7702bc459f3d9b4c94976c979f14d6015fecc3ff6570a1fb125d52b2e88505bff97691dbb7b2481114f62afa95877289da5ede4d9d073b23054a762b0becaffe9ed6ba428a866455999db927e3beaf1c2ddbcb318ec3e1b608498", 0x7a7, 0x6}, 0x3}, 0x4, 0x81, &(0x7f0000000180)={0x3, 0x9}) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_RESET(r1, 0x5000, 0x0) ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(r0, 0xc0884123, 0x0) socket(0xa, 0x801, 0x84) 780.431782ms ago: executing program 3 (id=724): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r1, 0x5453, r1) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x110c23fffd, 0x1, 0x9) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x43102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f00000007c0)=""/153, 0x99) 626.132297ms ago: executing program 2 (id=725): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xfffffffeffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0xe) fanotify_init$auto(0x8, 0x2000000000002) r0 = open(&(0x7f0000000100)='./bus\x00', 0x12ba7e, 0x45) fanotify_mark$auto(0x0, 0x451, 0xa, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) close_range$auto(0x2, 0x8000, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) write$auto(0x3, 0x0, 0x100082) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file1\x00') r1 = open(0x0, 0x161342, 0x100) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_MON_PEER_GET(r2, 0x0, 0x4c848) r3 = socket(0x11, 0x80003, 0x0) setsockopt$auto(r3, 0x107, 0x5, 0x0, 0xce24) sendmsg$auto(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'dvmrp0\x00', 0x0}) bpf$auto_BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000300)=@bpf_attr_0={0x8, 0x3, 0x1ff, 0x9, 0x7, r1, 0x3, "ece0fa9772e590864143c24ba9dfe034", r4, 0xffffffffffffffff, 0x2, 0x3, 0xed70, 0xc1, 0xffffffffffffffff, r2}, 0x2) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket(0x2000000000000021, 0x2, 0x10000000000002) 0s ago: executing program 3 (id=726): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x90203, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0082, 0x0) mmap$auto(0x0, 0xd, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) write$auto(r2, &(0x7f00000002c0)='/d-:\xe7J\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xea>=\xe8hUs\xf3N\x10$#_\x01\xdc\x16<\xda>ui\x9eS;\n\xeaG@\xf9\\r\xbc\x06\xfa\x1b\x8d \x9ebd\x10\xea#\xcb(o\x9ei\x89\x84\xa7\x85\xad\xe1\xe0\xf19\xfa4\xb5\ad\x84\f\xc9\x12a3\xb9~\x87\x1c\xd1\xf4V\x06\xa7\x00\x01D\x1eo\xfd\x03\xbe\xd8\x05H|+wsSs\xf9\x11\xc9\x13x\xe0\x8e\x109J\xe7\x9f\x99\x82G(\xabH\xee\xaaPs_\xc3\x00'/157, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) socket(0xb, 0x80000, 0x5) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts. [ 89.483803][ T5819] cgroup: Unknown subsys name 'net' [ 89.661759][ T5819] cgroup: Unknown subsys name 'cpuset' [ 89.671083][ T5819] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 91.557049][ T5819] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 93.925244][ T5832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.934254][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.942726][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.950595][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.971150][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.983886][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.992058][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.999764][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.000700][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.008284][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.021293][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.021646][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.031835][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 94.043604][ T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.051396][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 94.058938][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.075728][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 94.078203][ T5832] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.083759][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.090766][ T5832] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.708688][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 94.786670][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 94.815219][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 94.893326][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 94.987208][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.995041][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.002920][ T5829] bridge_slave_0: entered allmulticast mode [ 95.010519][ T5829] bridge_slave_0: entered promiscuous mode [ 95.020498][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.027672][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.034851][ T5829] bridge_slave_1: entered allmulticast mode [ 95.042867][ T5829] bridge_slave_1: entered promiscuous mode [ 95.162363][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.216470][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.226085][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.233496][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.241152][ T5828] bridge_slave_0: entered allmulticast mode [ 95.249014][ T5828] bridge_slave_0: entered promiscuous mode [ 95.256652][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.264036][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.271843][ T5830] bridge_slave_0: entered allmulticast mode [ 95.279943][ T5830] bridge_slave_0: entered promiscuous mode [ 95.287962][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.295062][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.302349][ T5830] bridge_slave_1: entered allmulticast mode [ 95.310368][ T5830] bridge_slave_1: entered promiscuous mode [ 95.359584][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.366763][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.374212][ T5828] bridge_slave_1: entered allmulticast mode [ 95.384071][ T5828] bridge_slave_1: entered promiscuous mode [ 95.404753][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.412037][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.419870][ T5831] bridge_slave_0: entered allmulticast mode [ 95.427421][ T5831] bridge_slave_0: entered promiscuous mode [ 95.435949][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.443248][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.450492][ T5831] bridge_slave_1: entered allmulticast mode [ 95.459113][ T5831] bridge_slave_1: entered promiscuous mode [ 95.469357][ T5829] team0: Port device team_slave_0 added [ 95.519146][ T5829] team0: Port device team_slave_1 added [ 95.560687][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.601186][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.614777][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.628143][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.641625][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.657689][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.668797][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.675769][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.701808][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.778665][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.785652][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.812095][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.851452][ T5831] team0: Port device team_slave_0 added [ 95.860788][ T5828] team0: Port device team_slave_0 added [ 95.886298][ T5830] team0: Port device team_slave_0 added [ 95.904761][ T5830] team0: Port device team_slave_1 added [ 95.914128][ T5831] team0: Port device team_slave_1 added [ 95.922227][ T5828] team0: Port device team_slave_1 added [ 96.036219][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.043345][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.070102][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.088405][ T5829] hsr_slave_0: entered promiscuous mode [ 96.094794][ T5829] hsr_slave_1: entered promiscuous mode [ 96.102904][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.110026][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.136018][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.138497][ T5141] Bluetooth: hci2: command tx timeout [ 96.146886][ T5838] Bluetooth: hci0: command tx timeout [ 96.152059][ T5832] Bluetooth: hci3: command tx timeout [ 96.157479][ T5841] Bluetooth: hci1: command tx timeout [ 96.169559][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.176532][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.202590][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.215485][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.222624][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.248600][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.261410][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.268453][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.294525][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.306828][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.313939][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.340545][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.520929][ T5828] hsr_slave_0: entered promiscuous mode [ 96.527584][ T5828] hsr_slave_1: entered promiscuous mode [ 96.533725][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.541974][ T5828] Cannot create hsr debugfs directory [ 96.580624][ T5831] hsr_slave_0: entered promiscuous mode [ 96.587778][ T5831] hsr_slave_1: entered promiscuous mode [ 96.594030][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.602637][ T5831] Cannot create hsr debugfs directory [ 96.613703][ T5830] hsr_slave_0: entered promiscuous mode [ 96.620407][ T5830] hsr_slave_1: entered promiscuous mode [ 96.626582][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.634288][ T5830] Cannot create hsr debugfs directory [ 96.946303][ T975] cfg80211: failed to load regulatory.db [ 97.034838][ T5829] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.067773][ T5829] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.113588][ T5829] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.140799][ T5829] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.240210][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.271103][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.283580][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.294797][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.370146][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.382907][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.402768][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.415458][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.529636][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.542659][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.571557][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.594344][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.646095][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.722856][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.750517][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.757866][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.775220][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.782413][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.815481][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.860890][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.916316][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.944643][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.971391][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.978566][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.994711][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.001950][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.028776][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.035954][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.080640][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.101050][ T2959] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.108293][ T2959] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.186868][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.217722][ T5841] Bluetooth: hci1: command tx timeout [ 98.223229][ T5841] Bluetooth: hci0: command tx timeout [ 98.231640][ T5838] Bluetooth: hci3: command tx timeout [ 98.231727][ T5832] Bluetooth: hci2: command tx timeout [ 98.284376][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.291635][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.343262][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.350528][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.566812][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.690882][ T5829] veth0_vlan: entered promiscuous mode [ 98.724063][ T5829] veth1_vlan: entered promiscuous mode [ 98.833718][ T5829] veth0_macvtap: entered promiscuous mode [ 98.890599][ T5829] veth1_macvtap: entered promiscuous mode [ 98.945468][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.002717][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.020111][ T5829] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.030114][ T5829] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.042518][ T5829] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.051417][ T5829] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.100263][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.111925][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.167742][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.292478][ T5831] veth0_vlan: entered promiscuous mode [ 99.302148][ T5828] veth0_vlan: entered promiscuous mode [ 99.325532][ T2941] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.338019][ T2941] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.350203][ T5828] veth1_vlan: entered promiscuous mode [ 99.366314][ T5831] veth1_vlan: entered promiscuous mode [ 99.441974][ T5830] veth0_vlan: entered promiscuous mode [ 99.458113][ T2959] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.471160][ T2959] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.472347][ T5828] veth0_macvtap: entered promiscuous mode [ 99.519882][ T5828] veth1_macvtap: entered promiscuous mode [ 99.530468][ T5830] veth1_vlan: entered promiscuous mode [ 99.580461][ T5831] veth0_macvtap: entered promiscuous mode [ 99.581220][ T5829] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.597120][ T5831] veth1_macvtap: entered promiscuous mode [ 99.635051][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.663575][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.709098][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.723312][ T5830] veth0_macvtap: entered promiscuous mode [ 99.780334][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.797427][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.806653][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.815572][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.864807][ T5830] veth1_macvtap: entered promiscuous mode [ 99.885347][ T975] smpboot: CPU 1 is now offline [ 99.901970][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.983277][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.996821][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.009827][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.019113][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.080725][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.126542][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.203567][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.237308][ T5832] Bluetooth: hci1: command tx timeout [ 100.245145][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.258178][ T5832] Bluetooth: hci2: command tx timeout [ 100.281938][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.297278][ T5838] Bluetooth: hci0: command tx timeout [ 100.302749][ T5832] Bluetooth: hci3: command tx timeout [ 100.314588][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.615787][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.647434][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.705753][ T5905] mkiss: ax0: crc mode is auto. [ 100.798774][ T2959] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.806635][ T2959] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.914908][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.970947][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.118809][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.172092][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.250247][ T1000] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.325412][ T1000] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.729270][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.878451][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.269597][ T5922] mmap: syz.0.1 (5922) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 102.298546][ T5832] Bluetooth: hci2: command tx timeout [ 102.298583][ T5832] Bluetooth: hci1: command tx timeout [ 102.377350][ T5838] Bluetooth: hci3: command tx timeout [ 102.377386][ T5838] Bluetooth: hci0: command tx timeout [ 102.776737][ T5929] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7'. [ 102.970809][ T5929] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.025697][ T5929] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.108953][ T5929] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.172088][ T5929] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.554131][ T5929] Zero length message leads to an empty skb [ 105.779409][ T5945] FAULT_INJECTION: forcing a failure. [ 105.779409][ T5945] name failslab, interval 1, probability 0, space 0, times 1 [ 105.853374][ T5945] CPU: 0 UID: 0 PID: 5945 Comm: syz.3.11 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 105.853408][ T5945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 105.853425][ T5945] Call Trace: [ 105.853432][ T5945] [ 105.853443][ T5945] dump_stack_lvl+0x16c/0x1f0 [ 105.853488][ T5945] should_fail_ex+0x512/0x640 [ 105.853524][ T5945] ? __kmalloc_noprof+0xbf/0x510 [ 105.853553][ T5945] ? copy_splice_read+0x1a8/0xba0 [ 105.853587][ T5945] should_failslab+0xc2/0x120 [ 105.853618][ T5945] __kmalloc_noprof+0xd2/0x510 [ 105.853651][ T5945] copy_splice_read+0x1a8/0xba0 [ 105.853707][ T5945] ? __pfx_pipe_to_null+0x10/0x10 [ 105.853744][ T5945] ? __pfx_copy_splice_read+0x10/0x10 [ 105.853779][ T5945] ? pipe_unlock+0x4a/0x70 [ 105.853804][ T5945] ? __pfx_splice_from_pipe+0x10/0x10 [ 105.853851][ T5945] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 105.853877][ T5945] ? __pfx_copy_splice_read+0x10/0x10 [ 105.853913][ T5945] do_splice_read+0x285/0x370 [ 105.853953][ T5945] splice_direct_to_actor+0x2a1/0xa30 [ 105.853993][ T5945] ? __pfx_direct_splice_actor+0x10/0x10 [ 105.854037][ T5945] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 105.854084][ T5945] do_splice_direct+0x174/0x240 [ 105.854122][ T5945] ? __pfx_do_splice_direct+0x10/0x10 [ 105.854167][ T5945] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 105.854206][ T5945] ? bpf_lsm_file_permission+0x9/0x10 [ 105.854228][ T5945] ? security_file_permission+0x71/0x210 [ 105.854264][ T5945] ? rw_verify_area+0xcf/0x680 [ 105.854316][ T5945] do_sendfile+0xafd/0xe50 [ 105.854343][ T5945] ? __pfx_do_sendfile+0x10/0x10 [ 105.854369][ T5945] ? __x64_sys_futex+0x1e0/0x4c0 [ 105.854394][ T5945] ? __x64_sys_futex+0x1e9/0x4c0 [ 105.854424][ T5945] __x64_sys_sendfile64+0x1d8/0x220 [ 105.854454][ T5945] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 105.854483][ T5945] ? rcu_is_watching+0x12/0xc0 [ 105.854513][ T5945] do_syscall_64+0xcd/0x230 [ 105.854552][ T5945] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.854576][ T5945] RIP: 0033:0x7f516098e969 [ 105.854594][ T5945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.854616][ T5945] RSP: 002b:00007f5161831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 105.854638][ T5945] RAX: ffffffffffffffda RBX: 00007f5160bb5fa0 RCX: 00007f516098e969 [ 105.854653][ T5945] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 105.854666][ T5945] RBP: 00007f5160a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 105.854680][ T5945] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 105.854694][ T5945] R13: 0000000000000000 R14: 00007f5160bb5fa0 R15: 00007ffdbeb547f8 [ 105.854722][ T5945] [ 106.487678][ T30] audit: type=1800 audit(6042819477.078:2): pid=5943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.10" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 107.060562][ T5965] netlink: 350 bytes leftover after parsing attributes in process `syz.2.13'. [ 109.018389][ T5980] netlink: 350 bytes leftover after parsing attributes in process `syz.3.17'. [ 110.117956][ T5988] capability: warning: `syz.1.18' uses 32-bit capabilities (legacy support in use) [ 111.529535][ T5995] FAULT_INJECTION: forcing a failure. [ 111.529535][ T5995] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 111.613996][ T5995] CPU: 0 UID: 0 PID: 5995 Comm: syz.3.19 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 111.614034][ T5995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 111.614051][ T5995] Call Trace: [ 111.614060][ T5995] [ 111.614070][ T5995] dump_stack_lvl+0x16c/0x1f0 [ 111.614109][ T5995] should_fail_ex+0x512/0x640 [ 111.614147][ T5995] _copy_from_user+0x2e/0xd0 [ 111.614184][ T5995] copy_mount_options+0x76/0x190 [ 111.614215][ T5995] __x64_sys_mount+0x1ac/0x310 [ 111.614240][ T5995] ? __pfx___x64_sys_mount+0x10/0x10 [ 111.614263][ T5995] ? syscall_user_dispatch+0x78/0x140 [ 111.614305][ T5995] do_syscall_64+0xcd/0x230 [ 111.614342][ T5995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.614364][ T5995] RIP: 0033:0x7f516098e969 [ 111.614381][ T5995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.614401][ T5995] RSP: 002b:00007f5161831038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 111.614421][ T5995] RAX: ffffffffffffffda RBX: 00007f5160bb5fa0 RCX: 00007f516098e969 [ 111.614436][ T5995] RDX: 0000200000000180 RSI: 0000000000000000 RDI: 0000200000000100 [ 111.614449][ T5995] RBP: 00007f5160a10ab1 R08: 0000200000000240 R09: 0000000000000000 [ 111.614463][ T5995] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 111.614475][ T5995] R13: 0000000000000000 R14: 00007f5160bb5fa0 R15: 00007ffdbeb547f8 [ 111.614502][ T5995] [ 112.267800][ T6003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.21'. [ 118.119499][ T30] audit: type=1800 audit(6042819488.858:3): pid=6066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.32" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 118.589162][ T6079] syz.2.34 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 119.110182][ T6079] FAULT_INJECTION: forcing a failure. [ 119.110182][ T6079] name failslab, interval 1, probability 0, space 0, times 0 [ 119.330633][ T6079] CPU: 0 UID: 0 PID: 6079 Comm: syz.2.34 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 119.330667][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.330681][ T6079] Call Trace: [ 119.330688][ T6079] [ 119.330696][ T6079] dump_stack_lvl+0x16c/0x1f0 [ 119.330741][ T6079] should_fail_ex+0x512/0x640 [ 119.330777][ T6079] ? __kmalloc_noprof+0xbf/0x510 [ 119.330807][ T6079] ? snd_pcm_plugin_build+0x64/0x650 [ 119.330829][ T6079] should_failslab+0xc2/0x120 [ 119.330859][ T6079] __kmalloc_noprof+0xd2/0x510 [ 119.330893][ T6079] snd_pcm_plugin_build+0x64/0x650 [ 119.330920][ T6079] snd_pcm_plugin_build_io+0x207/0x5f0 [ 119.330952][ T6079] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 119.330979][ T6079] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 119.331027][ T6079] snd_pcm_oss_change_params_locked+0x2f61/0x3b40 [ 119.331081][ T6079] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 119.331143][ T6079] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 119.331187][ T6079] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 119.331227][ T6079] ? hook_file_ioctl_common+0x145/0x410 [ 119.331256][ T6079] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 119.331298][ T6079] ? __fget_files+0x20e/0x3c0 [ 119.331324][ T6079] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 119.331365][ T6079] __x64_sys_ioctl+0x190/0x200 [ 119.331401][ T6079] do_syscall_64+0xcd/0x230 [ 119.331440][ T6079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.331464][ T6079] RIP: 0033:0x7f9c1978e969 [ 119.331488][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.331513][ T6079] RSP: 002b:00007f9c1a59b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 119.331535][ T6079] RAX: ffffffffffffffda RBX: 00007f9c199b5fa0 RCX: 00007f9c1978e969 [ 119.331550][ T6079] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000c [ 119.331564][ T6079] RBP: 00007f9c19810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 119.331579][ T6079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.331592][ T6079] R13: 0000000000000000 R14: 00007f9c199b5fa0 R15: 00007ffec8f0a0f8 [ 119.331621][ T6079] [ 119.553237][ C0] vkms_vblank_simulate: vblank timer overrun [ 121.277991][ T6100] netlink: 350 bytes leftover after parsing attributes in process `syz.1.37'. [ 122.914240][ T30] audit: type=1800 audit(6042819493.648:4): pid=6102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.39" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 123.438452][ T6118] netlink: 350 bytes leftover after parsing attributes in process `syz.3.41'. [ 124.131420][ T6121] tc_dump_action: action bad kind [ 126.350241][ T6140] rtc_cmos 00:00: Alarms can be up to one day in the future [ 127.210507][ T975] rtc_cmos 00:00: Alarms can be up to one day in the future [ 127.246403][ T975] rtc_cmos 00:00: Alarms can be up to one day in the future [ 127.301830][ T975] rtc_cmos 00:00: Alarms can be up to one day in the future [ 127.335149][ T975] rtc_cmos 00:00: Alarms can be up to one day in the future [ 127.383188][ T975] rtc rtc0: __rtc_set_alarm: err=-22 [ 128.650493][ T5832] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 130.176095][ T6196] netlink: 8 bytes leftover after parsing attributes in process `syz.0.55'. [ 130.418251][ T6192] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 131.297764][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 131.327508][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 131.337795][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 131.422955][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 131.441734][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 131.820550][ T6221] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 132.564420][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802e618400: rx timeout, send abort [ 132.574399][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802e618400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 132.863218][ T6235] netlink: 350 bytes leftover after parsing attributes in process `syz.1.64'. [ 133.057064][ T6231] ALSA: mixer_oss: invalid OSS volume '' [ 133.263096][ T6241] netlink: 350 bytes leftover after parsing attributes in process `syz.2.66'. [ 133.279111][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 133.288607][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 134.257447][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 134.257536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 134.257640][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 134.815355][ T5832] Bluetooth: hci1: unexpected subevent 0x19 length: 252 > 28 [ 134.824933][ T5832] Bluetooth: hci1: Unable to find connection with handle 0xc3d2 [ 135.060849][ T6263] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 135.394190][ T6265] netlink: 8 bytes leftover after parsing attributes in process `syz.3.69'. [ 135.563089][ T6264] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 136.325245][ T6272] process 'syz.0.71' launched '/dev/fd/5' with NULL argv: empty string added [ 136.625564][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 136.637046][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.677862][ T6294] FAULT_INJECTION: forcing a failure. [ 137.677862][ T6294] name failslab, interval 1, probability 0, space 0, times 0 [ 137.777075][ T6294] CPU: 0 UID: 0 PID: 6294 Comm: syz.1.75 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 137.777115][ T6294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 137.777133][ T6294] Call Trace: [ 137.777143][ T6294] [ 137.777154][ T6294] dump_stack_lvl+0x16c/0x1f0 [ 137.777209][ T6294] should_fail_ex+0x512/0x640 [ 137.777254][ T6294] ? __kmalloc_noprof+0xbf/0x510 [ 137.777291][ T6294] ? snd_pcm_plugin_build+0x434/0x650 [ 137.777319][ T6294] should_failslab+0xc2/0x120 [ 137.777358][ T6294] __kmalloc_noprof+0xd2/0x510 [ 137.777403][ T6294] snd_pcm_plugin_build+0x434/0x650 [ 137.777438][ T6294] snd_pcm_plugin_build_io+0x207/0x5f0 [ 137.777471][ T6294] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 137.777506][ T6294] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 137.777583][ T6294] snd_pcm_oss_change_params_locked+0x2f61/0x3b40 [ 137.777654][ T6294] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 137.777734][ T6294] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 137.777789][ T6294] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 137.777836][ T6294] ? hook_file_ioctl_common+0x145/0x410 [ 137.777874][ T6294] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 137.777928][ T6294] ? __fget_files+0x20e/0x3c0 [ 137.777963][ T6294] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 137.778014][ T6294] __x64_sys_ioctl+0x190/0x200 [ 137.778058][ T6294] do_syscall_64+0xcd/0x230 [ 137.778108][ T6294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.778137][ T6294] RIP: 0033:0x7f7e47d8e969 [ 137.778160][ T6294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.778189][ T6294] RSP: 002b:00007f7e48bd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 137.778215][ T6294] RAX: ffffffffffffffda RBX: 00007f7e47fb6080 RCX: 00007f7e47d8e969 [ 137.778235][ T6294] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000b [ 137.778252][ T6294] RBP: 00007f7e47e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 137.778269][ T6294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.778286][ T6294] R13: 0000000000000000 R14: 00007f7e47fb6080 R15: 00007fff0aa90e68 [ 137.778324][ T6294] [ 138.354333][ T6310] netlink: 350 bytes leftover after parsing attributes in process `syz.1.80'. [ 139.152603][ T30] audit: type=1800 audit(6042819509.888:5): pid=6311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.79" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 140.057341][ T6327] netlink: 350 bytes leftover after parsing attributes in process `syz.0.83'. [ 140.516774][ T6336] netlink: 350 bytes leftover after parsing attributes in process `syz.2.85'. [ 141.003926][ T6340] netlink: 8 bytes leftover after parsing attributes in process `syz.1.87'. [ 142.861167][ T5832] Bluetooth: hci3: unexpected event 0x23 length: 12 < 13 [ 143.144241][ T6369] mkiss: ax0: crc mode is auto. [ 144.134752][ T6379] can: request_module (can-proto-3) failed. [ 144.511292][ T6390] FAULT_INJECTION: forcing a failure. [ 144.511292][ T6390] name failslab, interval 1, probability 0, space 0, times 0 [ 144.537571][ T6390] CPU: 0 UID: 0 PID: 6390 Comm: syz.2.97 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 144.537613][ T6390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.537631][ T6390] Call Trace: [ 144.537641][ T6390] [ 144.537653][ T6390] dump_stack_lvl+0x16c/0x1f0 [ 144.537706][ T6390] should_fail_ex+0x512/0x640 [ 144.537755][ T6390] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 144.537796][ T6390] should_failslab+0xc2/0x120 [ 144.537837][ T6390] __kmalloc_cache_noprof+0x6a/0x3e0 [ 144.537870][ T6390] ? vkms_plane_duplicate_state+0x87/0x130 [ 144.537923][ T6390] ? kasan_save_track+0x14/0x30 [ 144.537964][ T6390] vkms_plane_duplicate_state+0x87/0x130 [ 144.538018][ T6390] drm_atomic_get_plane_state+0x20e/0x590 [ 144.538061][ T6390] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 144.538100][ T6390] ? __pfx___might_resched+0x10/0x10 [ 144.538139][ T6390] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 144.538222][ T6390] drm_client_modeset_commit_locked+0x14d/0x580 [ 144.538261][ T6390] drm_client_modeset_commit+0x4f/0x80 [ 144.538296][ T6390] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 144.538328][ T6390] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 144.538389][ T6390] drm_fbdev_client_restore+0x2c/0x40 [ 144.538431][ T6390] drm_client_dev_restore+0x1f3/0x2a0 [ 144.538472][ T6390] drm_release+0x2c4/0x360 [ 144.538508][ T6390] ? __pfx_drm_release+0x10/0x10 [ 144.538539][ T6390] __fput+0x3ff/0xb70 [ 144.538580][ T6390] task_work_run+0x150/0x240 [ 144.538624][ T6390] ? __pfx_task_work_run+0x10/0x10 [ 144.538677][ T6390] ? __pfx___do_sys_close_range+0x10/0x10 [ 144.538701][ T6390] ? rcu_is_watching+0x12/0xc0 [ 144.538733][ T6390] syscall_exit_to_user_mode+0x27b/0x2a0 [ 144.538775][ T6390] do_syscall_64+0xda/0x230 [ 144.538834][ T6390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.538861][ T6390] RIP: 0033:0x7f9c1978e969 [ 144.538882][ T6390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.538908][ T6390] RSP: 002b:00007f9c1a59b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 144.538932][ T6390] RAX: 0000000000000000 RBX: 00007f9c199b5fa0 RCX: 00007f9c1978e969 [ 144.538949][ T6390] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 144.538963][ T6390] RBP: 00007f9c19810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 144.538984][ T6390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.538999][ T6390] R13: 0000000000000000 R14: 00007f9c199b5fa0 R15: 00007ffec8f0a0f8 [ 144.539034][ T6390] [ 145.022405][ T6390] mkiss: ax0: crc mode is auto. [ 145.514475][ T6398] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 150.001849][ T6458] sctp: [Deprecated]: syz.0.110 (pid 6458) Use of int in max_burst socket option deprecated. [ 150.001849][ T6458] Use struct sctp_assoc_value instead [ 150.541205][ T6468] netlink: 350 bytes leftover after parsing attributes in process `syz.2.113'. [ 152.759070][ T6494] netlink: 350 bytes leftover after parsing attributes in process `syz.1.119'. [ 153.012543][ T6497] netlink: 350 bytes leftover after parsing attributes in process `syz.0.120'. [ 155.305376][ T6527] netlink: 28 bytes leftover after parsing attributes in process `syz.3.128'. [ 155.365715][ T6530] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 155.906795][ T6532] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(384.8192.60), cmd(6) [ 156.487931][ T6544] netlink: 4 bytes leftover after parsing attributes in process `syz.0.131'. [ 160.291799][ T6580] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present syzkaller syzkaller login: [ 163.984549][ T6650] FAULT_INJECTION: forcing a failure. [ 163.984549][ T6650] name failslab, interval 1, probability 0, space 0, times 0 [ 164.030128][ T6650] CPU: 0 UID: 0 PID: 6650 Comm: syz.3.148 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 164.030176][ T6650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 164.030195][ T6650] Call Trace: [ 164.030205][ T6650] [ 164.030218][ T6650] dump_stack_lvl+0x16c/0x1f0 [ 164.030280][ T6650] should_fail_ex+0x512/0x640 [ 164.030329][ T6650] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 164.030367][ T6650] should_failslab+0xc2/0x120 [ 164.030409][ T6650] __kmalloc_cache_noprof+0x6a/0x3e0 [ 164.030444][ T6650] ? kvm_dev_ioctl+0xa45/0x1ad0 [ 164.030491][ T6650] kvm_dev_ioctl+0xa45/0x1ad0 [ 164.030549][ T6650] ? find_held_lock+0x2b/0x80 [ 164.030579][ T6650] ? hook_file_ioctl_common+0x145/0x410 [ 164.030619][ T6650] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 164.030661][ T6650] ? __fget_files+0x20e/0x3c0 [ 164.030698][ T6650] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 164.030739][ T6650] __x64_sys_ioctl+0x190/0x200 [ 164.030789][ T6650] do_syscall_64+0xcd/0x230 [ 164.030841][ T6650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.030872][ T6650] RIP: 0033:0x7f516098e969 [ 164.030898][ T6650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.030929][ T6650] RSP: 002b:00007f5161831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 164.030959][ T6650] RAX: ffffffffffffffda RBX: 00007f5160bb5fa0 RCX: 00007f516098e969 [ 164.030980][ T6650] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 164.030999][ T6650] RBP: 00007f5160a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 164.031017][ T6650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.031035][ T6650] R13: 0000000000000000 R14: 00007f5160bb5fa0 R15: 00007ffdbeb547f8 [ 164.031075][ T6650] [ 164.414264][ T6654] netlink: 350 bytes leftover after parsing attributes in process `syz.0.149'. [ 165.402994][ T6677] FAULT_INJECTION: forcing a failure. [ 165.402994][ T6677] name failslab, interval 1, probability 0, space 0, times 0 [ 165.445021][ T6677] CPU: 1 UID: 0 PID: 6677 Comm: syz.1.154 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 165.445061][ T6677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 165.445077][ T6677] Call Trace: [ 165.445086][ T6677] [ 165.445096][ T6677] dump_stack_lvl+0x16c/0x1f0 [ 165.445143][ T6677] should_fail_ex+0x512/0x640 [ 165.445186][ T6677] ? __kmalloc_noprof+0xbf/0x510 [ 165.445219][ T6677] ? snd_pcm_plugin_build+0x434/0x650 [ 165.445245][ T6677] should_failslab+0xc2/0x120 [ 165.445280][ T6677] __kmalloc_noprof+0xd2/0x510 [ 165.445319][ T6677] snd_pcm_plugin_build+0x434/0x650 [ 165.445350][ T6677] snd_pcm_plugin_build_io+0x207/0x5f0 [ 165.445397][ T6677] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 165.445429][ T6677] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 165.445475][ T6677] ? __sanitizer_cov_trace_switch+0x87/0x90 [ 165.445526][ T6677] snd_pcm_oss_change_params_locked+0x2f61/0x3b40 [ 165.445590][ T6677] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 165.445669][ T6677] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 165.445724][ T6677] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 165.445775][ T6677] ? hook_file_ioctl_common+0x145/0x410 [ 165.445809][ T6677] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 165.445860][ T6677] ? __fget_files+0x20e/0x3c0 [ 165.445905][ T6677] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 165.445957][ T6677] __x64_sys_ioctl+0x190/0x200 [ 165.446001][ T6677] do_syscall_64+0xcd/0x230 [ 165.446052][ T6677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.446085][ T6677] RIP: 0033:0x7f7e47d8e969 [ 165.446111][ T6677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.446141][ T6677] RSP: 002b:00007f7e48bd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 165.446170][ T6677] RAX: ffffffffffffffda RBX: 00007f7e47fb6080 RCX: 00007f7e47d8e969 [ 165.446190][ T6677] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000b [ 165.446209][ T6677] RBP: 00007f7e47e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 165.446227][ T6677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.446246][ T6677] R13: 0000000000000000 R14: 00007f7e47fb6080 R15: 00007fff0aa90e68 [ 165.446287][ T6677] [ 167.480054][ T30] audit: type=1400 audit(6042819543.215:6): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=6685 comm="syz.0.158" [ 168.034882][ T6703] netlink: 350 bytes leftover after parsing attributes in process `syz.0.162'. [ 171.323343][ T6773] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 172.884071][ T6790] netlink: 350 bytes leftover after parsing attributes in process `syz.3.175'. [ 173.678086][ T6788] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 173.852026][ T6798] netlink: 'syz.3.177': attribute type 1 has an invalid length. [ 174.653708][ T6813] can: request_module (can-proto-3) failed. [ 177.117944][ T6834] netlink: 350 bytes leftover after parsing attributes in process `syz.2.195'. [ 177.684541][ T6842] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 178.190270][ T6850] FAULT_INJECTION: forcing a failure. [ 178.190270][ T6850] name failslab, interval 1, probability 0, space 0, times 0 [ 178.205505][ T6850] CPU: 1 UID: 0 PID: 6850 Comm: syz.2.190 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 178.205547][ T6850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.205566][ T6850] Call Trace: [ 178.205576][ T6850] [ 178.205588][ T6850] dump_stack_lvl+0x16c/0x1f0 [ 178.205641][ T6850] should_fail_ex+0x512/0x640 [ 178.205687][ T6850] ? fs_reclaim_acquire+0xae/0x150 [ 178.205780][ T6850] ? tomoyo_encode2+0x100/0x3e0 [ 178.205826][ T6850] should_failslab+0xc2/0x120 [ 178.205869][ T6850] __kmalloc_noprof+0xd2/0x510 [ 178.205906][ T6850] ? d_absolute_path+0x136/0x1a0 [ 178.205954][ T6850] tomoyo_encode2+0x100/0x3e0 [ 178.206007][ T6850] tomoyo_encode+0x29/0x50 [ 178.206052][ T6850] tomoyo_realpath_from_path+0x18f/0x6e0 [ 178.206114][ T6850] tomoyo_path_number_perm+0x245/0x580 [ 178.206156][ T6850] ? tomoyo_path_number_perm+0x237/0x580 [ 178.206201][ T6850] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 178.206288][ T6850] ? find_held_lock+0x2b/0x80 [ 178.206320][ T6850] ? hook_file_ioctl_common+0x145/0x410 [ 178.206368][ T6850] ? __fget_files+0x20e/0x3c0 [ 178.206403][ T6850] security_file_ioctl+0x9b/0x240 [ 178.206446][ T6850] __x64_sys_ioctl+0xb7/0x200 [ 178.206492][ T6850] do_syscall_64+0xcd/0x230 [ 178.206542][ T6850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.206573][ T6850] RIP: 0033:0x7f9c1978e969 [ 178.206597][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.206626][ T6850] RSP: 002b:00007f9c1a57a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 178.206654][ T6850] RAX: ffffffffffffffda RBX: 00007f9c199b6080 RCX: 00007f9c1978e969 [ 178.206673][ T6850] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000c [ 178.206691][ T6850] RBP: 00007f9c19810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 178.206709][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.206727][ T6850] R13: 0000000000000000 R14: 00007f9c199b6080 R15: 00007ffec8f0a0f8 [ 178.206772][ T6850] [ 178.206799][ T6850] ERROR: Out of memory at tomoyo_realpath_from_path. [ 179.720414][ T6870] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 180.542001][ T6874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.196'. [ 183.124286][ T6911] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 185.078387][ T6967] can: request_module (can-proto-3) failed. [ 186.477963][ T6981] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 187.249706][ T7014] can: request_module (can-proto-3) failed. [ 188.095966][ T7024] can: request_module (can-proto-3) failed. [ 189.953629][ T7052] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 191.478831][ T7082] FAULT_INJECTION: forcing a failure. [ 191.478831][ T7082] name fail_futex, interval 1, probability 0, space 0, times 1 [ 191.710132][ T7082] CPU: 1 UID: 0 PID: 7082 Comm: syz.0.234 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 191.710180][ T7082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 191.710199][ T7082] Call Trace: [ 191.710210][ T7082] [ 191.710223][ T7082] dump_stack_lvl+0x16c/0x1f0 [ 191.710280][ T7082] should_fail_ex+0x512/0x640 [ 191.710336][ T7082] get_futex_key+0x49e/0x1000 [ 191.710379][ T7082] ? __pfx_get_futex_key+0x10/0x10 [ 191.710415][ T7082] ? pick_eevdf+0x3be/0x5b0 [ 191.710454][ T7082] ? update_curr_se+0x8b/0x270 [ 191.710514][ T7082] ? update_curr+0x74/0x800 [ 191.710571][ T7082] futex_wait_setup+0x78/0x290 [ 191.710626][ T7082] __futex_wait+0x266/0x3c0 [ 191.710672][ T7082] ? __pfx___futex_wait+0x10/0x10 [ 191.710714][ T7082] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 191.710767][ T7082] ? __pfx_futex_wake_mark+0x10/0x10 [ 191.710835][ T7082] futex_wait+0xe8/0x380 [ 191.710879][ T7082] ? __pfx_futex_wait+0x10/0x10 [ 191.710944][ T7082] do_futex+0x229/0x350 [ 191.710982][ T7082] ? __pfx_do_futex+0x10/0x10 [ 191.711022][ T7082] ? __pfx___might_resched+0x10/0x10 [ 191.711064][ T7082] __x64_sys_futex+0x1e0/0x4c0 [ 191.711102][ T7082] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 191.711156][ T7082] ? __pfx___x64_sys_futex+0x10/0x10 [ 191.711194][ T7082] ? rcu_is_watching+0x12/0xc0 [ 191.711236][ T7082] do_syscall_64+0xcd/0x230 [ 191.711290][ T7082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.711324][ T7082] RIP: 0033:0x7f35ab38e969 [ 191.711348][ T7082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.711380][ T7082] RSP: 002b:00007f35ac1560e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 191.711410][ T7082] RAX: ffffffffffffffda RBX: 00007f35ab5b6088 RCX: 00007f35ab38e969 [ 191.711432][ T7082] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f35ab5b6088 [ 191.711450][ T7082] RBP: 00007f35ab5b6080 R08: 0000000000000000 R09: 0000000000000000 [ 191.711470][ T7082] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35ab5b608c [ 191.711490][ T7082] R13: 0000000000000000 R14: 00007ffd4f4a7340 R15: 00007ffd4f4a7428 [ 191.711532][ T7082] [ 194.913163][ T7137] can: request_module (can-proto-3) failed. [ 194.971422][ T7141] ERROR: Out of memory at tomoyo_memory_ok. [ 194.977792][ T7141] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/66/file0' not defined. [ 195.144717][ T7143] ERROR: Out of memory at tomoyo_memory_ok. [ 196.452873][ T30] audit: type=1800 audit(6042819572.185:7): pid=7155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.246" name="trace_pipe" dev="tracefs" ino=1160 res=0 errno=0 [ 196.599702][ T7167] ERROR: Out of memory at tomoyo_memory_ok. [ 196.782910][ T7168] can: request_module (can-proto-3) failed. [ 197.524788][ T7160] ERROR: Out of memory at tomoyo_memory_ok. [ 198.409049][ T7198] ERROR: Out of memory at tomoyo_memory_ok. [ 199.343482][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.350051][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.423964][ T7216] can: request_module (can-proto-3) failed. [ 200.728054][ T7231] FAULT_INJECTION: forcing a failure. [ 200.728054][ T7231] name failslab, interval 1, probability 0, space 0, times 0 [ 200.777391][ T7231] CPU: 1 UID: 0 PID: 7231 Comm: syz.0.261 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 200.777431][ T7231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 200.777447][ T7231] Call Trace: [ 200.777457][ T7231] [ 200.777467][ T7231] dump_stack_lvl+0x16c/0x1f0 [ 200.777516][ T7231] should_fail_ex+0x512/0x640 [ 200.777559][ T7231] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 200.777598][ T7231] should_failslab+0xc2/0x120 [ 200.777634][ T7231] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 200.777670][ T7231] ? __asan_memcpy+0x3c/0x60 [ 200.777696][ T7231] ? __kernfs_new_node+0xd2/0x8a0 [ 200.777731][ T7231] __kernfs_new_node+0xd2/0x8a0 [ 200.777763][ T7231] ? __pfx___kernfs_new_node+0x10/0x10 [ 200.777802][ T7231] ? find_held_lock+0x2b/0x80 [ 200.777832][ T7231] ? kernfs_root+0xee/0x2a0 [ 200.777868][ T7231] kernfs_new_node+0x13c/0x1e0 [ 200.777908][ T7231] kernfs_create_link+0xcc/0x240 [ 200.777953][ T7231] sysfs_do_create_link_sd+0x90/0x140 [ 200.778003][ T7231] sysfs_create_link+0x61/0xc0 [ 200.778050][ T7231] device_add+0x62c/0x1a70 [ 200.778104][ T7231] ? __pfx_device_add+0x10/0x10 [ 200.778146][ T7231] ? lockdep_init_map_type+0x5c/0x280 [ 200.778187][ T7231] ? __init_waitqueue_head+0xca/0x150 [ 200.778223][ T7231] netdev_register_kobject+0x182/0x3a0 [ 200.778272][ T7231] register_netdevice+0x13dc/0x2270 [ 200.778321][ T7231] ? __pfx_register_netdevice+0x10/0x10 [ 200.778359][ T7231] ? rcu_is_watching+0x12/0xc0 [ 200.778387][ T7231] ? trace_kmalloc+0x2b/0xd0 [ 200.778424][ T7231] ? __kmalloc_noprof+0x242/0x510 [ 200.778464][ T7231] register_netdev+0x34/0x50 [ 200.778502][ T7231] mkiss_open+0x4cd/0x9a0 [ 200.778531][ T7231] ? __pfx_mkiss_open+0x10/0x10 [ 200.778559][ T7231] tty_ldisc_open+0x9c/0x120 [ 200.778592][ T7231] tty_set_ldisc+0x32b/0x780 [ 200.778630][ T7231] tty_ioctl+0xc42/0x1610 [ 200.778667][ T7231] ? __pfx_tty_ioctl+0x10/0x10 [ 200.778715][ T7231] ? find_held_lock+0x2b/0x80 [ 200.778741][ T7231] ? hook_file_ioctl_common+0x145/0x410 [ 200.778784][ T7231] ? __fget_files+0x20e/0x3c0 [ 200.778817][ T7231] ? __pfx_tty_ioctl+0x10/0x10 [ 200.778856][ T7231] __x64_sys_ioctl+0x190/0x200 [ 200.778900][ T7231] do_syscall_64+0xcd/0x230 [ 200.778949][ T7231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.778978][ T7231] RIP: 0033:0x7f35ab38e969 [ 200.779000][ T7231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.779026][ T7231] RSP: 002b:00007f35ac177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 200.779057][ T7231] RAX: ffffffffffffffda RBX: 00007f35ab5b5fa0 RCX: 00007f35ab38e969 [ 200.779076][ T7231] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 200.779093][ T7231] RBP: 00007f35ac177090 R08: 0000000000000000 R09: 0000000000000000 [ 200.779110][ T7231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 200.779127][ T7231] R13: 0000000000000000 R14: 00007f35ab5b5fa0 R15: 00007ffd4f4a7428 [ 200.779165][ T7231] [ 201.081631][ C1] vkms_vblank_simulate: vblank timer overrun [ 201.161940][ T7225] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 201.266190][ T7233] ERROR: Out of memory at tomoyo_memory_ok. [ 201.988823][ T7243] ERROR: Out of memory at tomoyo_memory_ok. [ 204.465604][ T7281] program syz.0.273 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.564166][ T7288] syz.3.272 uses obsolete (PF_INET,SOCK_PACKET) [ 205.015320][ T7286] can: request_module (can-proto-3) failed. [ 205.418563][ T7273] ERROR: Out of memory at tomoyo_memory_ok. [ 205.766662][ T7294] ERROR: Out of memory at tomoyo_memory_ok. [ 206.302659][ T6936] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 206.733833][ T30] audit: type=1800 audit(6042819582.465:8): pid=7296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.275" name="trace_pipe" dev="tracefs" ino=1160 res=0 errno=0 [ 208.201684][ T7327] can: request_module (can-proto-3) failed. [ 208.322221][ T7307] kexec: Could not allocate control_code_buffer [ 208.703532][ T7324] ERROR: Out of memory at tomoyo_memory_ok. [ 209.199965][ T7358] ERROR: Out of memory at tomoyo_memory_ok. [ 209.262224][ T7355] can: request_module (can-proto-3) failed. [ 209.811021][ T7364] ERROR: Out of memory at tomoyo_memory_ok. [ 209.840922][ T7369] FAULT_INJECTION: forcing a failure. [ 209.840922][ T7369] name failslab, interval 1, probability 0, space 0, times 0 [ 209.870526][ T7366] ERROR: Out of memory at tomoyo_memory_ok. [ 209.883195][ T7369] CPU: 0 UID: 0 PID: 7369 Comm: syz.1.290 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 209.883238][ T7369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 209.883256][ T7369] Call Trace: [ 209.883266][ T7369] [ 209.883278][ T7369] dump_stack_lvl+0x16c/0x1f0 [ 209.883332][ T7369] should_fail_ex+0x512/0x640 [ 209.883380][ T7369] ? __kmalloc_noprof+0xbf/0x510 [ 209.883420][ T7369] ? kobject_get_path+0xd2/0x2a0 [ 209.883470][ T7369] should_failslab+0xc2/0x120 [ 209.883511][ T7369] __kmalloc_noprof+0xd2/0x510 [ 209.883554][ T7369] kobject_get_path+0xd2/0x2a0 [ 209.883612][ T7369] kobject_uevent_env+0x289/0x1870 [ 209.883645][ T7369] ? __pfx_dev_uevent_name+0x10/0x10 [ 209.883683][ T7369] ? queue_work_on+0x12a/0x1f0 [ 209.883711][ T7369] ? bus_to_subsys+0x131/0x160 [ 209.883766][ T7369] driver_bound+0x164/0x230 [ 209.883806][ T7369] device_bind_driver+0x3a/0x70 [ 209.883844][ T7369] mac80211_hwsim_new_radio+0x3e5/0x54d0 [ 209.883916][ T7369] ? __asan_memset+0x23/0x50 [ 209.883948][ T7369] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 209.884023][ T7369] hwsim_new_radio_nl+0xb51/0x12c0 [ 209.884080][ T7369] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 209.884163][ T7369] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 209.884217][ T7369] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 209.884278][ T7369] genl_family_rcv_msg_doit+0x206/0x2f0 [ 209.884305][ T7341] ERROR: Out of memory at tomoyo_memory_ok. [ 209.884333][ T7369] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 209.884383][ T7369] ? trace_cap_capable+0x18d/0x200 [ 209.884435][ T7369] ? bpf_lsm_capable+0x9/0x10 [ 209.884474][ T7369] ? security_capable+0x7e/0x260 [ 209.884514][ T7369] ? ns_capable+0xd7/0x110 [ 209.884557][ T7369] genl_rcv_msg+0x55c/0x800 [ 209.884618][ T7369] ? __pfx_genl_rcv_msg+0x10/0x10 [ 209.884671][ T7369] ? __pfx___dev_queue_xmit+0x10/0x10 [ 209.884706][ T7369] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 209.884767][ T7369] ? __lock_acquire+0xaa4/0x1ba0 [ 209.884824][ T7369] netlink_rcv_skb+0x16d/0x440 [ 209.884872][ T7369] ? __pfx_genl_rcv_msg+0x10/0x10 [ 209.884928][ T7369] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 209.885008][ T7369] ? __pfx_down_read+0x10/0x10 [ 209.885046][ T7369] ? netlink_deliver_tap+0x1ae/0xd30 [ 209.885101][ T7369] genl_rcv+0x28/0x40 [ 209.885150][ T7369] netlink_unicast+0x53a/0x7f0 [ 209.885213][ T7369] ? __pfx_netlink_unicast+0x10/0x10 [ 209.885259][ T7369] ? __lock_acquire+0xaa4/0x1ba0 [ 209.885319][ T7369] netlink_sendmsg+0x8d1/0xdd0 [ 209.885376][ T7369] ? __pfx_netlink_sendmsg+0x10/0x10 [ 209.885444][ T7369] ____sys_sendmsg+0xa95/0xc70 [ 209.885501][ T7369] ? copy_msghdr_from_user+0x10a/0x160 [ 209.885544][ T7369] ? __pfx_____sys_sendmsg+0x10/0x10 [ 209.885623][ T7369] ___sys_sendmsg+0x134/0x1d0 [ 209.885682][ T7369] ? __pfx____sys_sendmsg+0x10/0x10 [ 209.885781][ T7369] __sys_sendmsg+0x16d/0x220 [ 209.885825][ T7369] ? __pfx___sys_sendmsg+0x10/0x10 [ 209.885869][ T7369] ? __x64_sys_futex+0x1e0/0x4c0 [ 209.885922][ T7369] ? rcu_is_watching+0x12/0xc0 [ 209.885973][ T7369] do_syscall_64+0xcd/0x230 [ 209.886031][ T7369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.886065][ T7369] RIP: 0033:0x7f7e47d8e969 [ 209.886093][ T7369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.886124][ T7369] RSP: 002b:00007f7e48bf1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 209.886156][ T7369] RAX: ffffffffffffffda RBX: 00007f7e47fb5fa0 RCX: 00007f7e47d8e969 [ 209.886178][ T7369] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000007 [ 209.886199][ T7369] RBP: 00007f7e47e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 209.886219][ T7369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.886239][ T7369] R13: 0000000000000000 R14: 00007f7e47fb5fa0 R15: 00007fff0aa90e68 [ 209.886283][ T7369] [ 210.345620][ T7364] ERROR: Out of memory at tomoyo_memory_ok. [ 210.375992][ T7370] ERROR: Out of memory at tomoyo_memory_ok. [ 211.572894][ T7388] ERROR: Out of memory at tomoyo_memory_ok. [ 211.751619][ T7395] can: request_module (can-proto-3) failed. [ 213.505824][ T7412] ERROR: Out of memory at tomoyo_memory_ok. [ 213.567656][ T7418] netlink: 350 bytes leftover after parsing attributes in process `syz.2.301'. [ 213.903440][ T7425] netlink: 350 bytes leftover after parsing attributes in process `syz.3.303'. [ 214.025564][ T7422] ERROR: Out of memory at tomoyo_memory_ok. [ 214.629987][ T7432] ERROR: Out of memory at tomoyo_memory_ok. [ 215.660558][ T7446] can: request_module (can-proto-3) failed. [ 216.245829][ T7455] ERROR: Out of memory at tomoyo_memory_ok. [ 216.858152][ T7437] Bluetooth: hci1: command 0x0406 tx timeout [ 216.864598][ T7437] Bluetooth: hci0: command 0x0406 tx timeout [ 216.870843][ T7437] Bluetooth: hci3: command 0x0406 tx timeout [ 216.876978][ T7437] Bluetooth: hci2: command 0x0406 tx timeout [ 217.007266][ T7442] ERROR: Out of memory at tomoyo_memory_ok. [ 217.422068][ T7464] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 217.546661][ T7469] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 217.627179][ T7473] ERROR: Out of memory at tomoyo_memory_ok. [ 217.881273][ T7475] ERROR: Out of memory at tomoyo_memory_ok. [ 217.922824][ T7473] ERROR: Out of memory at tomoyo_memory_ok. [ 219.608735][ T7495] ERROR: Out of memory at tomoyo_memory_ok. [ 220.400130][ T7500] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 221.076453][ T7523] can: request_module (can-proto-3) failed. [ 221.562600][ T7538] FAULT_INJECTION: forcing a failure. [ 221.562600][ T7538] name failslab, interval 1, probability 0, space 0, times 0 [ 221.602635][ T7505] kexec: Could not allocate control_code_buffer [ 221.617099][ T7538] CPU: 1 UID: 0 PID: 7538 Comm: syz.3.320 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 221.617141][ T7538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.617159][ T7538] Call Trace: [ 221.617169][ T7538] [ 221.617180][ T7538] dump_stack_lvl+0x16c/0x1f0 [ 221.617232][ T7538] should_fail_ex+0x512/0x640 [ 221.617278][ T7538] ? __kvmalloc_node_noprof+0x122/0x600 [ 221.617317][ T7538] should_failslab+0xc2/0x120 [ 221.617355][ T7538] __kvmalloc_node_noprof+0x135/0x600 [ 221.617390][ T7538] ? __pfx___mutex_lock+0x10/0x10 [ 221.617438][ T7538] ? traverse.part.0.constprop.0+0x392/0x640 [ 221.617496][ T7538] ? traverse.part.0.constprop.0+0x392/0x640 [ 221.617545][ T7538] traverse.part.0.constprop.0+0x392/0x640 [ 221.617605][ T7538] seq_read_iter+0x932/0x12c0 [ 221.617672][ T7538] proc_reg_read_iter+0x220/0x310 [ 221.617710][ T7538] vfs_read+0x8c8/0xc70 [ 221.617750][ T7538] ? __pfx_vfs_read+0x10/0x10 [ 221.617778][ T7538] ? find_held_lock+0x2b/0x80 [ 221.617836][ T7538] __x64_sys_pread64+0x1f4/0x250 [ 221.617872][ T7538] ? __pfx___x64_sys_pread64+0x10/0x10 [ 221.617904][ T7538] ? rcu_is_watching+0x12/0xc0 [ 221.617947][ T7538] do_syscall_64+0xcd/0x230 [ 221.618007][ T7538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.618039][ T7538] RIP: 0033:0x7f516098e969 [ 221.618063][ T7538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.618092][ T7538] RSP: 002b:00007f5161831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 221.618120][ T7538] RAX: ffffffffffffffda RBX: 00007f5160bb5fa0 RCX: 00007f516098e969 [ 221.618139][ T7538] RDX: 00000000682c3390 RSI: 0000000000000000 RDI: 0000000000000003 [ 221.618157][ T7538] RBP: 00007f5161831090 R08: 0000000000000000 R09: 0000000000000000 [ 221.618175][ T7538] R10: 0000000000000cff R11: 0000000000000246 R12: 0000000000000001 [ 221.618193][ T7538] R13: 0000000000000000 R14: 00007f5160bb5fa0 R15: 00007ffdbeb547f8 [ 221.618233][ T7538] [ 221.630739][ T7515] ERROR: Out of memory at tomoyo_memory_ok. [ 222.656669][ T7546] ERROR: Out of memory at tomoyo_memory_ok. [ 223.953061][ T7559] FAULT_INJECTION: forcing a failure. [ 223.953061][ T7559] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 224.008030][ T7559] CPU: 1 UID: 0 PID: 7559 Comm: syz.0.325 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 224.008071][ T7559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 224.008087][ T7559] Call Trace: [ 224.008095][ T7559] [ 224.008105][ T7559] dump_stack_lvl+0x16c/0x1f0 [ 224.008150][ T7559] should_fail_ex+0x512/0x640 [ 224.008195][ T7559] _copy_from_user+0x2e/0xd0 [ 224.008237][ T7559] copy_msghdr_from_user+0x98/0x160 [ 224.008270][ T7559] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 224.008308][ T7559] ? kfree+0x252/0x4d0 [ 224.008331][ T7559] ? __pfx__kstrtoull+0x10/0x10 [ 224.008373][ T7559] ___sys_sendmsg+0xfe/0x1d0 [ 224.008410][ T7559] ? __pfx____sys_sendmsg+0x10/0x10 [ 224.008480][ T7559] ? __pfx___might_resched+0x10/0x10 [ 224.008520][ T7559] __sys_sendmmsg+0x200/0x420 [ 224.008560][ T7559] ? __pfx___sys_sendmmsg+0x10/0x10 [ 224.008608][ T7559] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 224.008666][ T7559] ? fput+0x70/0xf0 [ 224.008701][ T7559] ? ksys_write+0x1b9/0x240 [ 224.008738][ T7559] ? __pfx_ksys_write+0x10/0x10 [ 224.008765][ T7559] ? rcu_is_watching+0x12/0xc0 [ 224.008800][ T7559] __x64_sys_sendmmsg+0x9c/0x100 [ 224.008837][ T7559] ? lockdep_hardirqs_on+0x7c/0x110 [ 224.008881][ T7559] do_syscall_64+0xcd/0x230 [ 224.008930][ T7559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.008959][ T7559] RIP: 0033:0x7f35ab38e969 [ 224.008982][ T7559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.009007][ T7559] RSP: 002b:00007f35ac177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 224.009035][ T7559] RAX: ffffffffffffffda RBX: 00007f35ab5b5fa0 RCX: 00007f35ab38e969 [ 224.009057][ T7559] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 224.009073][ T7559] RBP: 00007f35ac177090 R08: 0000000000000000 R09: 0000000000000000 [ 224.009091][ T7559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 224.009108][ T7559] R13: 0000000000000000 R14: 00007f35ab5b5fa0 R15: 00007ffd4f4a7428 [ 224.009145][ T7559] [ 224.343221][ T7556] ERROR: Out of memory at tomoyo_memory_ok. [ 228.892074][ T7575] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 228.986016][ T7599] can: request_module (can-proto-3) failed. [ 229.691537][ T7589] ERROR: Out of memory at tomoyo_memory_ok. [ 230.013704][ T7611] can: request_module (can-proto-3) failed. [ 230.144439][ T7613] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 231.213040][ T7621] ERROR: Out of memory at tomoyo_memory_ok. [ 233.822285][ T7644] FAULT_INJECTION: forcing a failure. [ 233.822285][ T7644] name failslab, interval 1, probability 0, space 0, times 0 [ 233.835285][ T7644] CPU: 0 UID: 0 PID: 7644 Comm: syz.2.340 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 233.835345][ T7644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 233.835372][ T7644] Call Trace: [ 233.835383][ T7644] [ 233.835395][ T7644] dump_stack_lvl+0x16c/0x1f0 [ 233.835448][ T7644] should_fail_ex+0x512/0x640 [ 233.835496][ T7644] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 233.835540][ T7644] should_failslab+0xc2/0x120 [ 233.835581][ T7644] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 233.835622][ T7644] ? __d_alloc+0x31/0xaa0 [ 233.835663][ T7644] __d_alloc+0x31/0xaa0 [ 233.835696][ T7644] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 233.835765][ T7644] d_alloc+0x4a/0x1e0 [ 233.835803][ T7644] d_alloc_name+0x83/0xb0 [ 233.835837][ T7644] ? __pfx_d_alloc_name+0x10/0x10 [ 233.835873][ T7644] ? _raw_spin_unlock+0x28/0x50 [ 233.835913][ T7644] ? d_instantiate+0x77/0x90 [ 233.835951][ T7644] simple_fill_super+0x2eb/0x720 [ 233.835987][ T7644] ? __pfx_nfsd_fill_super+0x10/0x10 [ 233.836019][ T7644] nfsd_fill_super+0x90/0x530 [ 233.836047][ T7644] ? __pfx_set_anon_super_fc+0x10/0x10 [ 233.836097][ T7644] ? __pfx_nfsd_fill_super+0x10/0x10 [ 233.836128][ T7644] get_tree_keyed+0x10e/0x1d0 [ 233.836176][ T7644] vfs_get_tree+0x8b/0x340 [ 233.836219][ T7644] path_mount+0x14d4/0x1f20 [ 233.836257][ T7644] ? kmem_cache_free+0x2d4/0x4d0 [ 233.836291][ T7644] ? __pfx_path_mount+0x10/0x10 [ 233.836333][ T7644] ? putname+0x154/0x1a0 [ 233.836376][ T7644] __x64_sys_mount+0x28d/0x310 [ 233.836412][ T7644] ? __pfx___x64_sys_mount+0x10/0x10 [ 233.836445][ T7644] ? rcu_is_watching+0x12/0xc0 [ 233.836487][ T7644] do_syscall_64+0xcd/0x230 [ 233.836541][ T7644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.836573][ T7644] RIP: 0033:0x7f9c1978e969 [ 233.836597][ T7644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.836626][ T7644] RSP: 002b:00007f9c1a538038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 233.836654][ T7644] RAX: ffffffffffffffda RBX: 00007f9c199b6240 RCX: 00007f9c1978e969 [ 233.836673][ T7644] RDX: 0000200000000140 RSI: 00002000000000c0 RDI: 0000000000000000 [ 233.836692][ T7644] RBP: 00007f9c1a538090 R08: 0000000000000000 R09: 0000000000000000 [ 233.836711][ T7644] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000000002 [ 233.836728][ T7644] R13: 0000000000000000 R14: 00007f9c199b6240 R15: 00007ffec8f0a0f8 [ 233.836770][ T7644] [ 235.355104][ T7651] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 236.567491][ T7649] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 237.822347][ T7700] binder: 7693:7700 ioctl c0306201 0 returned -14 [ 238.708249][ T7715] can: request_module (can-proto-3) failed. [ 239.544225][ T7696] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 239.737128][ T7703] ERROR: Out of memory at tomoyo_memory_ok. [ 241.295986][ T7739] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 242.449669][ T7770] netlink: 12 bytes leftover after parsing attributes in process `syz.2.359'. [ 242.531965][ T7766] ERROR: Out of memory at tomoyo_memory_ok. [ 243.289181][ T7787] ERROR: Out of memory at tomoyo_memory_ok. [ 243.638688][ T7790] ERROR: Out of memory at tomoyo_memory_ok. [ 244.731860][ T7811] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 244.902579][ T7815] can: request_module (can-proto-3) failed. [ 245.052426][ T7808] ERROR: Out of memory at tomoyo_memory_ok. [ 247.968777][ T7858] ERROR: Out of memory at tomoyo_memory_ok. [ 249.630306][ T7879] ERROR: Out of memory at tomoyo_memory_ok. [ 252.877879][ T7923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.383'. [ 252.917038][ T7923] bridge_slave_1: left allmulticast mode [ 252.922758][ T7923] bridge_slave_1: left promiscuous mode [ 252.935249][ T7923] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.028250][ T7923] bridge_slave_0: left allmulticast mode [ 253.034091][ T7923] bridge_slave_0: left promiscuous mode [ 253.052280][ T7923] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.172840][ T7924] ERROR: Out of memory at tomoyo_memory_ok. [ 258.634186][ T7993] ERROR: Out of memory at tomoyo_memory_ok. [ 258.761041][ T7996] ERROR: Out of memory at tomoyo_memory_ok. [ 260.032568][ T8011] can: request_module (can-proto-3) failed. [ 260.457092][ T8014] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 260.787607][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.794006][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.882735][ T8005] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 262.781034][ T8050] netlink: 28 bytes leftover after parsing attributes in process `syz.1.405'. [ 262.849473][ T8050] bridge_slave_1: left allmulticast mode [ 262.855216][ T8050] bridge_slave_1: left promiscuous mode [ 262.867418][ T8050] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.878888][ T8050] bridge_slave_0: left allmulticast mode [ 262.884674][ T8050] bridge_slave_0: left promiscuous mode [ 262.891748][ T8050] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.774205][ T8095] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 265.491366][ T8107] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 265.662854][ T8103] can: request_module (can-proto-3) failed. [ 266.543537][ T8122] can: request_module (can-proto-3) failed. [ 266.549713][ T8132] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 266.606940][ T8125] can: request_module (can-proto-3) failed. [ 266.619982][ T8133] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 266.807202][ T8117] ERROR: Out of memory at tomoyo_memory_ok. [ 266.863494][ T8112] ERROR: Out of memory at tomoyo_memory_ok. [ 267.890389][ T8140] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 268.240959][ T8155] FAULT_INJECTION: forcing a failure. [ 268.240959][ T8155] name failslab, interval 1, probability 0, space 0, times 0 [ 268.302183][ T8155] CPU: 0 UID: 0 PID: 8155 Comm: syz.1.424 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 268.302226][ T8155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 268.302248][ T8155] Call Trace: [ 268.302258][ T8155] [ 268.302275][ T8155] dump_stack_lvl+0x16c/0x1f0 [ 268.302329][ T8155] should_fail_ex+0x512/0x640 [ 268.302377][ T8155] ? fs_reclaim_acquire+0xae/0x150 [ 268.302428][ T8155] ? tomoyo_encode2+0x100/0x3e0 [ 268.302473][ T8155] should_failslab+0xc2/0x120 [ 268.302513][ T8155] __kmalloc_noprof+0xd2/0x510 [ 268.302548][ T8155] ? d_absolute_path+0x136/0x1a0 [ 268.302595][ T8155] tomoyo_encode2+0x100/0x3e0 [ 268.302647][ T8155] tomoyo_encode+0x29/0x50 [ 268.302691][ T8155] tomoyo_realpath_from_path+0x18f/0x6e0 [ 268.302749][ T8155] tomoyo_get_exe+0x63/0xa0 [ 268.302784][ T8155] tomoyo_write_control+0x689/0x1430 [ 268.302873][ T8155] ? __pfx_tomoyo_write_control+0x10/0x10 [ 268.302923][ T8155] vfs_write+0x25c/0x1180 [ 268.302953][ T8155] ? __pfx_tomoyo_write+0x10/0x10 [ 268.303010][ T8155] ? __pfx___mutex_lock+0x10/0x10 [ 268.303060][ T8155] ? __pfx_vfs_write+0x10/0x10 [ 268.303105][ T8155] ? __fget_files+0x20e/0x3c0 [ 268.303148][ T8155] ksys_write+0x12a/0x240 [ 268.303180][ T8155] ? __pfx_ksys_write+0x10/0x10 [ 268.303210][ T8155] ? rcu_is_watching+0x12/0xc0 [ 268.303256][ T8155] do_syscall_64+0xcd/0x230 [ 268.303310][ T8155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.303343][ T8155] RIP: 0033:0x7f7e47d8e969 [ 268.303368][ T8155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.303398][ T8155] RSP: 002b:00007f7e48bf1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 268.303427][ T8155] RAX: ffffffffffffffda RBX: 00007f7e47fb5fa0 RCX: 00007f7e47d8e969 [ 268.303448][ T8155] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 268.303467][ T8155] RBP: 00007f7e48bf1090 R08: 0000000000000000 R09: 0000000000000000 [ 268.303486][ T8155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 268.303505][ T8155] R13: 0000000000000000 R14: 00007f7e47fb5fa0 R15: 00007fff0aa90e68 [ 268.303549][ T8155] [ 268.533870][ T8155] ERROR: Out of memory at tomoyo_realpath_from_path. [ 269.914667][ T8169] can: request_module (can-proto-3) failed. [ 269.967453][ T8169] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 271.655749][ T8194] netlink: 28 bytes leftover after parsing attributes in process `syz.0.433'. [ 272.883797][ T8210] ERROR: Out of memory at tomoyo_memory_ok. [ 273.295229][ T8214] ERROR: Out of memory at tomoyo_memory_ok. [ 275.134652][ T8234] netlink: 28 bytes leftover after parsing attributes in process `syz.1.444'. [ 275.884493][ T8246] netlink: 28 bytes leftover after parsing attributes in process `syz.1.445'. [ 277.192766][ T8266] ERROR: Out of memory at tomoyo_memory_ok. [ 278.255280][ T8277] WARNING! power/level is deprecated; use power/control instead [ 278.316384][ T8280] netlink: 8 bytes leftover after parsing attributes in process `syz.2.452'. [ 279.676182][ T8311] netlink: 28 bytes leftover after parsing attributes in process `syz.1.457'. [ 279.934008][ T8313] can: request_module (can-proto-3) failed. [ 280.041377][ T8313] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 280.436612][ T8333] FAULT_INJECTION: forcing a failure. [ 280.436612][ T8333] name failslab, interval 1, probability 0, space 0, times 0 [ 280.456101][ T8333] CPU: 1 UID: 0 PID: 8333 Comm: syz.3.459 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 280.456144][ T8333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 280.456162][ T8333] Call Trace: [ 280.456172][ T8333] [ 280.456184][ T8333] dump_stack_lvl+0x16c/0x1f0 [ 280.456238][ T8333] should_fail_ex+0x512/0x640 [ 280.456290][ T8333] ? __kmalloc_noprof+0xbf/0x510 [ 280.456334][ T8333] ? constrain_params_by_rules+0x175/0xca0 [ 280.456387][ T8333] should_failslab+0xc2/0x120 [ 280.456427][ T8333] __kmalloc_noprof+0xd2/0x510 [ 280.456459][ T8333] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 280.456501][ T8333] constrain_params_by_rules+0x175/0xca0 [ 280.456554][ T8333] ? arch_stack_walk+0xa6/0x100 [ 280.456609][ T8333] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 280.456663][ T8333] ? stack_trace_save+0x8e/0xc0 [ 280.456697][ T8333] ? __pfx_stack_trace_save+0x10/0x10 [ 280.456751][ T8333] ? snd_pcm_oss_change_params_locked+0x92b/0x3b40 [ 280.456806][ T8333] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 280.456857][ T8333] ? snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 280.456906][ T8333] ? __x64_sys_ioctl+0x190/0x200 [ 280.456948][ T8333] ? do_syscall_64+0xcd/0x230 [ 280.457017][ T8333] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.457049][ T8333] ? snd_interval_refine+0x2fa/0x580 [ 280.457095][ T8333] snd_pcm_hw_refine+0x7de/0xad0 [ 280.457158][ T8333] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 280.457239][ T8333] snd_pcm_hw_param_last+0x32d/0x710 [ 280.457297][ T8333] snd_pcm_hw_param_near.constprop.0+0x570/0x8e0 [ 280.457358][ T8333] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 280.457426][ T8333] snd_pcm_oss_change_params_locked+0x92b/0x3b40 [ 280.457501][ T8333] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 280.457561][ T8333] ? __pfx___mutex_lock+0x10/0x10 [ 280.457642][ T8333] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 280.457705][ T8333] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 280.457763][ T8333] ? hook_file_ioctl_common+0x145/0x410 [ 280.457806][ T8333] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 280.457865][ T8333] ? __fget_files+0x20e/0x3c0 [ 280.457903][ T8333] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 280.457960][ T8333] __x64_sys_ioctl+0x190/0x200 [ 280.458021][ T8333] do_syscall_64+0xcd/0x230 [ 280.458076][ T8333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.458110][ T8333] RIP: 0033:0x7f516098e969 [ 280.458136][ T8333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.458165][ T8333] RSP: 002b:00007f51617ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 280.458197][ T8333] RAX: ffffffffffffffda RBX: 00007f5160bb6160 RCX: 00007f516098e969 [ 280.458218][ T8333] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000a [ 280.458238][ T8333] RBP: 00007f5160a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 280.458270][ T8333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.458288][ T8333] R13: 0000000000000000 R14: 00007f5160bb6160 R15: 00007ffdbeb547f8 [ 280.458330][ T8333] [ 281.069548][ T8347] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 281.319938][ T8332] ERROR: Out of memory at tomoyo_memory_ok. [ 281.320221][ T8342] can: request_module (can-proto-3) failed. [ 282.354383][ T8356] netlink: 'syz.3.463': attribute type 1 has an invalid length. [ 284.691212][ T8380] FAULT_INJECTION: forcing a failure. [ 284.691212][ T8380] name failslab, interval 1, probability 0, space 0, times 0 [ 284.726939][ T8380] CPU: 1 UID: 0 PID: 8380 Comm: syz.2.469 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 284.726972][ T8380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 284.726986][ T8380] Call Trace: [ 284.726993][ T8380] [ 284.727019][ T8380] dump_stack_lvl+0x16c/0x1f0 [ 284.727060][ T8380] should_fail_ex+0x512/0x640 [ 284.727094][ T8380] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 284.727125][ T8380] should_failslab+0xc2/0x120 [ 284.727155][ T8380] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 284.727183][ T8380] ? __kernfs_new_node+0xd2/0x8a0 [ 284.727211][ T8380] __kernfs_new_node+0xd2/0x8a0 [ 284.727237][ T8380] ? __pfx___kernfs_new_node+0x10/0x10 [ 284.727268][ T8380] ? find_held_lock+0x2b/0x80 [ 284.727296][ T8380] ? kernfs_root+0xee/0x2a0 [ 284.727324][ T8380] kernfs_new_node+0x13c/0x1e0 [ 284.727357][ T8380] __kernfs_create_file+0x53/0x350 [ 284.727394][ T8380] sysfs_add_file_mode_ns+0x207/0x3c0 [ 284.727442][ T8380] internal_create_group+0x578/0xf30 [ 284.727474][ T8380] ? __pfx_internal_create_group+0x10/0x10 [ 284.727504][ T8380] ? kernfs_create_link+0x1bd/0x240 [ 284.727543][ T8380] internal_create_groups+0x9d/0x150 [ 284.727570][ T8380] device_add+0x6d1/0x1a70 [ 284.727608][ T8380] ? __pfx_device_add+0x10/0x10 [ 284.727642][ T8380] ? lockdep_init_map_type+0x5c/0x280 [ 284.727681][ T8380] ? __init_waitqueue_head+0xca/0x150 [ 284.727710][ T8380] netdev_register_kobject+0x182/0x3a0 [ 284.727750][ T8380] register_netdevice+0x13dc/0x2270 [ 284.727790][ T8380] ? __pfx_register_netdevice+0x10/0x10 [ 284.727821][ T8380] ? rcu_is_watching+0x12/0xc0 [ 284.727843][ T8380] ? trace_kmalloc+0x2b/0xd0 [ 284.727872][ T8380] ? __kmalloc_noprof+0x242/0x510 [ 284.727903][ T8380] register_netdev+0x34/0x50 [ 284.727933][ T8380] mkiss_open+0x4cd/0x9a0 [ 284.727955][ T8380] ? __pfx_mkiss_open+0x10/0x10 [ 284.727978][ T8380] tty_ldisc_open+0x9c/0x120 [ 284.728004][ T8380] tty_set_ldisc+0x32b/0x780 [ 284.728034][ T8380] tty_ioctl+0xc42/0x1610 [ 284.728065][ T8380] ? __pfx_tty_ioctl+0x10/0x10 [ 284.728115][ T8380] ? find_held_lock+0x2b/0x80 [ 284.728135][ T8380] ? hook_file_ioctl_common+0x145/0x410 [ 284.728168][ T8380] ? __fget_files+0x20e/0x3c0 [ 284.728192][ T8380] ? __pfx_tty_ioctl+0x10/0x10 [ 284.728221][ T8380] __x64_sys_ioctl+0x190/0x200 [ 284.728255][ T8380] do_syscall_64+0xcd/0x230 [ 284.728292][ T8380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.728333][ T8380] RIP: 0033:0x7f9c1978e969 [ 284.728351][ T8380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.728373][ T8380] RSP: 002b:00007f9c1a59b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.728394][ T8380] RAX: ffffffffffffffda RBX: 00007f9c199b5fa0 RCX: 00007f9c1978e969 [ 284.728409][ T8380] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 284.728422][ T8380] RBP: 00007f9c1a59b090 R08: 0000000000000000 R09: 0000000000000000 [ 284.728437][ T8380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 284.728451][ T8380] R13: 0000000000000000 R14: 00007f9c199b5fa0 R15: 00007ffec8f0a0f8 [ 284.728481][ T8380] [ 285.574067][ T8389] ERROR: Out of memory at tomoyo_memory_ok. [ 286.675824][ T8391] can: request_module (can-proto-3) failed. [ 286.701600][ T8391] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 286.859331][ T8392] ERROR: Out of memory at tomoyo_memory_ok. [ 287.084195][ T8405] netlink: 28 bytes leftover after parsing attributes in process `syz.2.475'. [ 287.134262][ T8405] bridge_slave_1: left allmulticast mode [ 287.174760][ T8405] bridge_slave_1: left promiscuous mode [ 287.200229][ T8405] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.269551][ T8405] bridge_slave_0: left allmulticast mode [ 287.275358][ T8405] bridge_slave_0: left promiscuous mode [ 287.302169][ T8407] svc: failed to register nfsdv3 RPC service (errno 111). [ 287.329117][ T8407] svc: failed to register nfsaclv3 RPC service (errno 111). [ 287.365762][ T8405] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.018574][ T8438] tc_dump_action: action bad kind [ 289.324216][ T8441] ERROR: Out of memory at tomoyo_memory_ok. [ 290.098814][ T8448] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 290.542437][ T8455] netlink: 28 bytes leftover after parsing attributes in process `syz.2.486'. [ 293.759197][ T8522] ERROR: Out of memory at tomoyo_memory_ok. [ 293.957126][ T8527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.496'. [ 294.372014][ T8532] syz.0.498(8532): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 294.439917][ T8530] ERROR: Out of memory at tomoyo_memory_ok. [ 294.816207][ T30] audit: type=1326 audit(6042819670.541:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.2.501" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9c1978e969 code=0x0 [ 298.022724][ T30] audit: type=1800 audit(6042819673.751:10): pid=8582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.509" name="lu_gp_id" dev="configfs" ino=19551 res=0 errno=0 [ 298.031828][ T8585] ERROR: Out of memory at tomoyo_memory_ok. [ 298.261691][ T8581] tc_dump_action: action bad kind [ 299.116767][ T8594] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 299.432719][ T8591] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 299.843047][ T8605] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 299.855192][ T8609] svc: failed to register nfsdv3 RPC service (errno 111). [ 299.865652][ T8609] svc: failed to register nfsaclv3 RPC service (errno 111). [ 300.455450][ T8624] netlink: 334 bytes leftover after parsing attributes in process `syz.2.519'. [ 302.171773][ T8652] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 302.479478][ T8663] netlink: 28 bytes leftover after parsing attributes in process `syz.1.526'. [ 302.823879][ T8666] ERROR: Out of memory at tomoyo_memory_ok. [ 303.733248][ T8677] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 303.800459][ T8687] ERROR: Out of memory at tomoyo_memory_ok. [ 304.836312][ T8705] netlink: 28 bytes leftover after parsing attributes in process `syz.2.535'. [ 305.849006][ T8726] ima: policy update failed [ 305.854852][ T30] audit: type=1802 audit(6042819681.590:11): pid=8726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.538" res=0 errno=0 [ 305.993081][ T8728] ERROR: Out of memory at tomoyo_memory_ok. [ 306.532662][ T8739] ERROR: Out of memory at tomoyo_memory_ok. [ 307.785824][ T30] audit: type=1326 audit(6042819683.520:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8746 comm="syz.1.542" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e47d8e969 code=0x0 [ 307.956875][ T8752] ERROR: Out of memory at tomoyo_memory_ok. [ 308.699481][ T30] audit: type=1800 audit(6042819684.440:13): pid=8763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.546" name="lu_gp_id" dev="configfs" ino=19157 res=0 errno=0 [ 309.455004][ T8768] netlink: 28 bytes leftover after parsing attributes in process `syz.0.548'. [ 309.794952][ T8772] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 311.512188][ T8808] ERROR: Out of memory at tomoyo_memory_ok. [ 311.982249][ T8816] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 312.556148][ T8813] ERROR: Out of memory at tomoyo_memory_ok. [ 313.352504][ T8843] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 314.087609][ T8826] ERROR: Out of memory at tomoyo_memory_ok. [ 314.807631][ T8861] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 315.863993][ T8879] ERROR: Out of memory at tomoyo_memory_ok. [ 317.038598][ T8887] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 317.429724][ T8906] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 319.407316][ T8915] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 319.465788][ T8926] netlink: 28 bytes leftover after parsing attributes in process `syz.1.581'. [ 320.354751][ T8946] ERROR: Out of memory at tomoyo_memory_ok. [ 321.060954][ T8955] ERROR: Out of memory at tomoyo_memory_ok. [ 321.397129][ T8958] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 321.775226][ T8964] ERROR: Out of memory at tomoyo_memory_ok. [ 322.064214][ T8967] ERROR: Out of memory at tomoyo_memory_ok. [ 322.221019][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.232378][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.433035][ T8997] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 324.823429][ T8992] ERROR: Out of memory at tomoyo_memory_ok. [ 326.142040][ T9020] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 329.279871][ T9090] ERROR: Out of memory at tomoyo_memory_ok. [ 329.549253][ T9095] netlink: 28 bytes leftover after parsing attributes in process `syz.2.609'. [ 330.178793][ T9101] ERROR: Out of memory at tomoyo_memory_ok. [ 331.853839][ T9124] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 333.019969][ T9139] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 333.522047][ T9135] ERROR: Out of memory at tomoyo_memory_ok. [ 333.590181][ T9143] netlink: 28 bytes leftover after parsing attributes in process `syz.3.619'. [ 333.627465][ T9143] bridge_slave_1: left allmulticast mode [ 333.647062][ T9143] bridge_slave_1: left promiscuous mode [ 333.652883][ T9143] bridge0: port 2(bridge_slave_1) entered disabled state [ 333.698289][ T9143] bridge_slave_0: left allmulticast mode [ 333.709598][ T9143] bridge_slave_0: left promiscuous mode [ 333.721098][ T9143] bridge0: port 1(bridge_slave_0) entered disabled state [ 334.003950][ T9157] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 334.278480][ T9160] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 334.618321][ T30] audit: type=1326 audit(6042819710.294:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="syz.3.623" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f516098e969 code=0x0 [ 334.765358][ T9154] ERROR: Out of memory at tomoyo_memory_ok. [ 336.691948][ T9204] ERROR: Out of memory at tomoyo_memory_ok. [ 338.273475][ T9236] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 338.558668][ T9240] ERROR: Out of memory at tomoyo_memory_ok. [ 339.728819][ T9253] netlink: 28 bytes leftover after parsing attributes in process `syz.1.636'. [ 340.722557][ T9272] ERROR: Out of memory at tomoyo_memory_ok. [ 340.806187][ T9275] ERROR: Out of memory at tomoyo_memory_ok. [ 340.824336][ T9272] ERROR: Out of memory at tomoyo_memory_ok. [ 340.875466][ T9275] ERROR: Out of memory at tomoyo_memory_ok. [ 341.021627][ T9285] ERROR: Out of memory at tomoyo_memory_ok. [ 342.480903][ T9305] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 343.714240][ T30] audit: type=1326 audit(6042819719.400:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9319 comm="syz.3.647" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f516098e969 code=0x0 [ 344.119315][ T9334] netlink: 28 bytes leftover after parsing attributes in process `syz.2.648'. [ 344.447405][ T9340] netlink: 28 bytes leftover after parsing attributes in process `syz.3.649'. [ 345.423898][ T9348] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 346.368624][ T9368] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 346.750648][ T9385] netlink: 28 bytes leftover after parsing attributes in process `syz.1.658'. [ 347.832818][ T30] audit: type=1326 audit(6042819723.526:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.1.662" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e47d8e969 code=0x0 [ 348.276199][ T9424] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 350.507630][ T9464] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 350.834852][ T30] audit: type=1326 audit(6042819726.566:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9474 comm="syz.1.671" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e47d8e969 code=0x0 [ 351.042035][ T9482] ERROR: Out of memory at tomoyo_memory_ok. [ 352.483645][ T9496] ERROR: Out of memory at tomoyo_memory_ok. [ 353.919474][ T9519] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 356.928527][ T9563] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 357.336447][ T9569] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 357.383243][ T9574] netlink: 28 bytes leftover after parsing attributes in process `syz.3.690'. [ 358.586613][ T9601] netlink: zone id is out of range [ 358.609282][ T9601] netlink: zone id is out of range [ 358.668271][ T9601] netlink: zone id is out of range [ 358.696036][ T9601] netlink: zone id is out of range [ 358.746039][ T9601] netlink: zone id is out of range [ 358.752831][ T9601] netlink: zone id is out of range [ 358.770458][ T9601] netlink: zone id is out of range [ 358.816664][ T9601] netlink: zone id is out of range [ 358.886948][ T9601] netlink: zone id is out of range [ 358.896460][ T9601] netlink: zone id is out of range [ 359.361272][ T9613] netlink: 28 bytes leftover after parsing attributes in process `syz.0.695'. [ 359.729270][ T9627] FAULT_INJECTION: forcing a failure. [ 359.729270][ T9627] name failslab, interval 1, probability 0, space 0, times 0 [ 359.742039][ T9627] CPU: 1 UID: 0 PID: 9627 Comm: syz.1.696 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 359.742076][ T9627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 359.742093][ T9627] Call Trace: [ 359.742103][ T9627] [ 359.742115][ T9627] dump_stack_lvl+0x16c/0x1f0 [ 359.742166][ T9627] should_fail_ex+0x512/0x640 [ 359.742211][ T9627] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 359.742254][ T9627] should_failslab+0xc2/0x120 [ 359.742295][ T9627] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 359.742331][ T9627] ? _raw_spin_unlock+0x28/0x50 [ 359.742371][ T9627] ? alloc_inode+0xc3/0x240 [ 359.742425][ T9627] alloc_inode+0xc3/0x240 [ 359.742466][ T9627] new_inode+0x22/0x1c0 [ 359.742504][ T9627] ? d_instantiate+0x77/0x90 [ 359.742543][ T9627] simple_fill_super+0x306/0x720 [ 359.742579][ T9627] ? __pfx_nfsd_fill_super+0x10/0x10 [ 359.742611][ T9627] nfsd_fill_super+0x90/0x530 [ 359.742640][ T9627] ? __pfx_set_anon_super_fc+0x10/0x10 [ 359.742689][ T9627] ? __pfx_nfsd_fill_super+0x10/0x10 [ 359.742720][ T9627] get_tree_keyed+0x10e/0x1d0 [ 359.742752][ T9627] vfs_get_tree+0x8b/0x340 [ 359.742806][ T9627] path_mount+0x14d4/0x1f20 [ 359.742841][ T9627] ? kmem_cache_free+0x2d4/0x4d0 [ 359.742875][ T9627] ? __pfx_path_mount+0x10/0x10 [ 359.742916][ T9627] ? putname+0x154/0x1a0 [ 359.742960][ T9627] __x64_sys_mount+0x28d/0x310 [ 359.742996][ T9627] ? __pfx___x64_sys_mount+0x10/0x10 [ 359.743028][ T9627] ? rcu_is_watching+0x12/0xc0 [ 359.743072][ T9627] do_syscall_64+0xcd/0x230 [ 359.743131][ T9627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.743163][ T9627] RIP: 0033:0x7f7e47d8e969 [ 359.743187][ T9627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.743214][ T9627] RSP: 002b:00007f7e48b8e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 359.743242][ T9627] RAX: ffffffffffffffda RBX: 00007f7e47fb6240 RCX: 00007f7e47d8e969 [ 359.743261][ T9627] RDX: 0000200000000140 RSI: 00002000000000c0 RDI: 0000000000000000 [ 359.743279][ T9627] RBP: 00007f7e48b8e090 R08: 0000000000000000 R09: 0000000000000000 [ 359.743298][ T9627] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000000002 [ 359.743316][ T9627] R13: 0000000000000000 R14: 00007f7e47fb6240 R15: 00007fff0aa90e68 [ 359.743357][ T9627] [ 360.617975][ T9645] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 360.913938][ T30] audit: type=1326 audit(6042819736.650:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9644 comm="syz.0.700" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f35ab38e969 code=0x0 [ 365.226147][ T9728] FAULT_INJECTION: forcing a failure. [ 365.226147][ T9728] name failslab, interval 1, probability 0, space 0, times 0 [ 365.243296][ T9728] CPU: 0 UID: 0 PID: 9728 Comm: syz.2.720 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 365.243334][ T9728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 365.243350][ T9728] Call Trace: [ 365.243358][ T9728] [ 365.243369][ T9728] dump_stack_lvl+0x16c/0x1f0 [ 365.243416][ T9728] should_fail_ex+0x512/0x640 [ 365.243456][ T9728] ? __kmalloc_noprof+0xbf/0x510 [ 365.243490][ T9728] ? tracepoint_add_func+0x2a6/0xea0 [ 365.243527][ T9728] should_failslab+0xc2/0x120 [ 365.243565][ T9728] __kmalloc_noprof+0xd2/0x510 [ 365.243601][ T9728] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 365.243639][ T9728] tracepoint_add_func+0x2a6/0xea0 [ 365.243675][ T9728] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 365.243719][ T9728] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 365.243754][ T9728] tracepoint_probe_register+0xbf/0x100 [ 365.243794][ T9728] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 365.243834][ T9728] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 365.243880][ T9728] ? lockdep_hardirqs_on+0x7c/0x110 [ 365.243947][ T9728] tracing_start_sched_switch+0xaf/0x1e0 [ 365.243981][ T9728] __ftrace_event_enable_disable+0x670/0x8b0 [ 365.244029][ T9728] __ftrace_set_clr_event_nolock+0x390/0xb70 [ 365.244082][ T9728] ftrace_set_clr_event+0x16e/0x330 [ 365.244131][ T9728] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 365.244187][ T9728] ftrace_event_write+0x243/0x290 [ 365.244230][ T9728] ? __pfx_ftrace_event_write+0x10/0x10 [ 365.244299][ T9728] vfs_write+0x25c/0x1180 [ 365.244325][ T9728] ? __pfx_ftrace_event_write+0x10/0x10 [ 365.244374][ T9728] ? __pfx___mutex_lock+0x10/0x10 [ 365.244416][ T9728] ? __pfx_vfs_write+0x10/0x10 [ 365.244455][ T9728] ? __fget_files+0x20e/0x3c0 [ 365.244492][ T9728] ksys_write+0x12a/0x240 [ 365.244519][ T9728] ? __pfx_ksys_write+0x10/0x10 [ 365.244545][ T9728] ? rcu_is_watching+0x12/0xc0 [ 365.244583][ T9728] do_syscall_64+0xcd/0x230 [ 365.244629][ T9728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.244657][ T9728] RIP: 0033:0x7f9c1978e969 [ 365.244678][ T9728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 365.244704][ T9728] RSP: 002b:00007f9c1a59b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 365.244729][ T9728] RAX: ffffffffffffffda RBX: 00007f9c199b5fa0 RCX: 00007f9c1978e969 [ 365.244746][ T9728] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000006 [ 365.244762][ T9728] RBP: 00007f9c1a59b090 R08: 0000000000000000 R09: 0000000000000000 [ 365.244778][ T9728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 365.244794][ T9728] R13: 0000000000000000 R14: 00007f9c199b5fa0 R15: 00007ffec8f0a0f8 [ 365.244831][ T9728] [ 365.244918][ T9728] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup [ 366.863152][ T9756] netlink: 350 bytes leftover after parsing attributes in process `syz.3.726'. [ 366.887433][ T9756] ------------[ cut here ]------------ [ 366.893193][ T9756] WARNING: CPU: 0 PID: 9756 at kernel/tracepoint.c:358 tracepoint_probe_unregister+0x894/0xd70 [ 366.903767][ T9756] Modules linked in: [ 366.908293][ T9756] CPU: 0 UID: 0 PID: 9756 Comm: syz.3.726 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 366.920702][ T9756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.931427][ T9756] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 366.938576][ T9756] Code: 41 5e 41 5f e9 4d f7 af 09 e8 38 1e fe ff 48 c7 c6 70 80 bc 81 48 89 df e8 d9 2b e5 ff eb 9f bb fe ff ff ff e8 1d 1e fe ff 90 <0f> 0b 90 eb 91 e8 12 1e fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 366.958312][ C0] vkms_vblank_simulate: vblank timer overrun [ 366.964797][ T9756] RSP: 0018:ffffc90003957890 EFLAGS: 00010283 [ 366.972938][ T9756] RAX: 000000000000adda RBX: 00000000fffffffe RCX: ffffc9000cafc000 [ 366.982719][ T9756] RDX: 0000000000080000 RSI: ffffffff81bc91b3 RDI: 0000000000000005 [ 366.991456][ T9756] RBP: ffffffff8f308fe0 R08: 0000000000000005 R09: 0000000000000000 [ 366.999900][ T9756] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff81c26380 [ 367.008507][ T9756] R13: ffff88801be80dc8 R14: 0000000000000002 R15: ffff88801be80d80 [ 367.016582][ T9756] FS: 00007f51618316c0(0000) GS:ffff8881249e7000(0000) knlGS:0000000000000000 [ 367.025810][ T9756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 367.032534][ T9756] CR2: 0000001b3030cff8 CR3: 000000001e2b6000 CR4: 00000000003526f0 [ 367.040662][ T9756] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 367.048715][ T9756] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 367.056724][ T9756] Call Trace: [ 367.060090][ T9756] [ 367.064067][ T9756] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 367.071367][ T9756] tracing_stop_cmdline_record+0x66/0xa0 [ 367.077149][ T9756] __ftrace_event_enable_disable+0x762/0x8b0 [ 367.083215][ T9756] ftrace_event_set_open+0x232/0x380 [ 367.088624][ T9756] do_dentry_open+0x741/0x1c10 [ 367.093461][ T9756] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 367.099476][ T9756] vfs_open+0x82/0x3f0 [ 367.103608][ T9756] path_openat+0x1e5e/0x2d40 [ 367.108854][ T9756] ? __pfx_path_openat+0x10/0x10 [ 367.113834][ T9756] do_filp_open+0x20b/0x470 [ 367.118476][ T9756] ? __pfx_do_filp_open+0x10/0x10 [ 367.123600][ T9756] ? alloc_fd+0x471/0x7d0 [ 367.128047][ T9756] do_sys_openat2+0x11b/0x1d0 [ 367.132784][ T9756] ? __pfx_do_sys_openat2+0x10/0x10 [ 367.138115][ T9756] ? __sock_release+0x20b/0x270 [ 367.143059][ T9756] __x64_sys_openat+0x174/0x210 [ 367.147999][ T9756] ? __pfx___x64_sys_openat+0x10/0x10 [ 367.153432][ T9756] ? rcu_is_watching+0x12/0xc0 [ 367.158351][ T9756] do_syscall_64+0xcd/0x230 [ 367.162919][ T9756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.170040][ T9756] RIP: 0033:0x7f516098e969 [ 367.175249][ T9756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.195416][ T9756] RSP: 002b:00007f5161831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 367.203959][ T9756] RAX: ffffffffffffffda RBX: 00007f5160bb5fa0 RCX: 00007f516098e969 [ 367.212049][ T9756] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 367.220094][ T9756] RBP: 00007f5160a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 367.228222][ T9756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.236222][ T9756] R13: 0000000000000000 R14: 00007f5160bb5fa0 R15: 00007ffdbeb547f8 [ 367.244353][ T9756] [ 367.247454][ T9756] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 367.254866][ T9756] CPU: 0 UID: 0 PID: 9756 Comm: syz.3.726 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) [ 367.266783][ T9756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 367.276885][ T9756] Call Trace: [ 367.280194][ T9756] [ 367.283142][ T9756] dump_stack_lvl+0x3d/0x1f0 [ 367.287766][ T9756] panic+0x71c/0x800 [ 367.291707][ T9756] ? __pfx_panic+0x10/0x10 [ 367.296179][ T9756] ? show_trace_log_lvl+0x29b/0x3e0 [ 367.301430][ T9756] ? tracepoint_probe_unregister+0x894/0xd70 [ 367.307544][ T9756] check_panic_on_warn+0xab/0xb0 [ 367.312539][ T9756] __warn+0xf6/0x3c0 [ 367.316476][ T9756] ? tracepoint_probe_unregister+0x894/0xd70 [ 367.322486][ T9756] report_bug+0x3c3/0x580 [ 367.326854][ T9756] ? tracepoint_probe_unregister+0x894/0xd70 [ 367.332879][ T9756] handle_bug+0x184/0x210 [ 367.337228][ T9756] exc_invalid_op+0x17/0x50 [ 367.341750][ T9756] asm_exc_invalid_op+0x1a/0x20 [ 367.346615][ T9756] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 367.353230][ T9756] Code: 41 5e 41 5f e9 4d f7 af 09 e8 38 1e fe ff 48 c7 c6 70 80 bc 81 48 89 df e8 d9 2b e5 ff eb 9f bb fe ff ff ff e8 1d 1e fe ff 90 <0f> 0b 90 eb 91 e8 12 1e fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 367.372888][ T9756] RSP: 0018:ffffc90003957890 EFLAGS: 00010283 [ 367.378983][ T9756] RAX: 000000000000adda RBX: 00000000fffffffe RCX: ffffc9000cafc000 [ 367.386969][ T9756] RDX: 0000000000080000 RSI: ffffffff81bc91b3 RDI: 0000000000000005 [ 367.394956][ T9756] RBP: ffffffff8f308fe0 R08: 0000000000000005 R09: 0000000000000000 [ 367.402937][ T9756] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff81c26380 [ 367.410946][ T9756] R13: ffff88801be80dc8 R14: 0000000000000002 R15: ffff88801be80d80 [ 367.418934][ T9756] ? __pfx_probe_sched_switch+0x10/0x10 [ 367.424513][ T9756] ? tracepoint_probe_unregister+0x893/0xd70 [ 367.430536][ T9756] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 367.436903][ T9756] tracing_stop_cmdline_record+0x66/0xa0 [ 367.442562][ T9756] __ftrace_event_enable_disable+0x762/0x8b0 [ 367.448573][ T9756] ftrace_event_set_open+0x232/0x380 [ 367.453892][ T9756] do_dentry_open+0x741/0x1c10 [ 367.458676][ T9756] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 367.464546][ T9756] vfs_open+0x82/0x3f0 [ 367.468647][ T9756] path_openat+0x1e5e/0x2d40 [ 367.473263][ T9756] ? __pfx_path_openat+0x10/0x10 [ 367.478246][ T9756] do_filp_open+0x20b/0x470 [ 367.482766][ T9756] ? __pfx_do_filp_open+0x10/0x10 [ 367.487863][ T9756] ? alloc_fd+0x471/0x7d0 [ 367.492239][ T9756] do_sys_openat2+0x11b/0x1d0 [ 367.496964][ T9756] ? __pfx_do_sys_openat2+0x10/0x10 [ 367.502188][ T9756] ? __sock_release+0x20b/0x270 [ 367.507093][ T9756] __x64_sys_openat+0x174/0x210 [ 367.511990][ T9756] ? __pfx___x64_sys_openat+0x10/0x10 [ 367.517394][ T9756] ? rcu_is_watching+0x12/0xc0 [ 367.522193][ T9756] do_syscall_64+0xcd/0x230 [ 367.526729][ T9756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.532648][ T9756] RIP: 0033:0x7f516098e969 [ 367.537072][ T9756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.556699][ T9756] RSP: 002b:00007f5161831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 367.565312][ T9756] RAX: ffffffffffffffda RBX: 00007f5160bb5fa0 RCX: 00007f516098e969 [ 367.573330][ T9756] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 367.581331][ T9756] RBP: 00007f5160a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 367.589331][ T9756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.597320][ T9756] R13: 0000000000000000 R14: 00007f5160bb5fa0 R15: 00007ffdbeb547f8 [ 367.605347][ T9756] [ 367.608548][ T9756] Kernel Offset: disabled [ 367.612898][ T9756] Rebooting in 86400 seconds..