last executing test programs: 6.006807053s ago: executing program 2 (id=835): bind$auto(0xffffffffffffffff, 0x0, 0x66) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, 0x0, 0xa00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x100) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) open(0x0, 0x80842, 0x20) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x591002, 0x0) vmsplice$auto(0xffffffffffffffff, 0x0, 0x2, 0x5) writev$auto(0xffffffffffffffff, 0x0, 0x4) mprotect$auto(0x8000, 0x8, 0x8) 5.929835449s ago: executing program 1 (id=836): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x80001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x735383, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x204300, 0x0) io_uring_setup$auto(0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x3, 0x8) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xb0, @raw=0x68e8}}) write$auto(0x3, 0x0, 0x6) 5.375847516s ago: executing program 1 (id=839): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4c041) r0 = socket(0xf, 0x5, 0xf) setsockopt$auto(r0, 0x6, 0xc, 0x0, 0x7fffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f00000000c0)={0x0, 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) pidfd_open$auto(0xffffffffffffffff, 0x5) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\xf6\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') 4.245032251s ago: executing program 1 (id=841): statmount$auto(0x0, 0x0, 0x1fa, 0xd) socket(0x15, 0x5, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x2802, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000000)='/dev/media8\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x42200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x801, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0xfc6, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0)) r2 = pipe$auto(0x0) splice$auto(0x4, 0x0, r2, 0x0, 0x80000001, 0x9) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r3, 0x4b63, 0x4) ioctl$auto_MON_IOCQ_URB_LEN(r2, 0x9201, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000000) sysfs$auto(0x2, 0x0, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) r6 = accept$auto(r0, &(0x7f00000000c0)=@nfc={0x27, 0x0, 0x1, 0x4}, &(0x7f0000000100)=0xf) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x101a02, 0x0) close_range$auto(r6, r5, 0x9) acct$auto(&(0x7f0000000040)=')\'$-{%+\'@,\x00') syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) 3.801606589s ago: executing program 0 (id=842): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4c041) r0 = socket(0xf, 0x5, 0xf) setsockopt$auto(r0, 0x6, 0xc, 0x0, 0x7fffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f00000000c0)={0x0, 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) pidfd_open$auto(0xffffffffffffffff, 0x5) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x8c\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') 3.59642306s ago: executing program 3 (id=843): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) landlock_create_ruleset$auto(0x0, 0x9, 0x0) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:02.0/power/runtime_suspended_time\x00', 0x10000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya2\x00', 0x420880, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x40076f3f, 0x38) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x0, 0x9) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x10, r0, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) mbind$auto(0x0, 0x2, 0x4, 0x0, 0x6, 0x2) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000240)={0x8040, 0xc9, 0xa}, 0x18) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x682, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r2, 0x80044dfb, &(0x7f0000000040)) 3.472102384s ago: executing program 2 (id=844): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x7ffffffc, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x10b000, 0x0) r2 = ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x27bb, 0x3, 0x7fff, 0xfffffffffffffffa, 0x8001) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bpf$auto(0x5, &(0x7f0000000340)=@test={r4, 0x6, 0x4, 0xd50, 0xd, 0x44, 0x7, 0x100, 0x6, 0x5, 0x3, 0x20, 0x2, 0x31, 0xae}, 0xf8) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/conf/wg0/promote_secondaries\x00', 0x14b101, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r2, 0x40285881, &(0x7f00000000c0)={r0, 0x0, 0x7fff, 0x1, 0xff, 0x6}) syz_genetlink_get_family_id$auto_handshake(&(0x7f00000001c0), r5) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) write$auto(r6, 0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000080)={0x1, 0x6}, 0x8, 0x7) 2.830163236s ago: executing program 1 (id=845): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) landlock_create_ruleset$auto(0x0, 0x9, 0x0) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:02.0/power/runtime_suspended_time\x00', 0x10000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya2\x00', 0x420880, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x40076f3f, 0x38) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x0, 0x9) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x10, r0, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) mbind$auto(0x0, 0x2, 0x4, 0x0, 0x6, 0x2) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000240)={0x8040, 0xc9, 0xa}, 0x18) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x682, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r2, 0x80044dfb, &(0x7f0000000040)) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) 2.69994067s ago: executing program 0 (id=846): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x3, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyw5\x00', 0x0, 0x0) ioperm$auto(0x3, 0xe, 0x2000000000000149) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) listen$auto(0x3, 0x83) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x40045431, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x80, 0x0) 2.348665948s ago: executing program 0 (id=847): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioperm$auto(0x7, 0x7, 0x4) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) timer_create$auto(0x1000008, 0x0, 0x0) timer_getoverrun$auto(0x0) r1 = open(0x0, 0x22240, 0x44) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(r1, &(0x7f0000000040)=@can, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000081) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) bpf$auto(0x2f7, &(0x7f0000000300)=@bpf_attr_5={@target_fd=r1, r0, 0x7fff, 0x4, r1, @relative_id, 0xfffffffffffffffb}, 0x2) close_range$auto(0x2, r1, 0x0) socket(0x10, 0x2, 0x4) r3 = socket(0x10, 0x3, 0x6) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x7ff, 0x9, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x800000000100002, 0x40000406, 0x2, 0xc, 0x2, 0x11, 0x6, 0x7}) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000780), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_ECHOREQ(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="030225bd7000ffdbdf25030000000800040000000000080800000000000008000200cd0d0000fd2bcc69cbd69781c8a5c9d3e4aa3f6504fa19a5bbefe90600bd94edb11bcd02a731ded19861be2accfa9bbac7556f9f13666e127986f230b0834ec86c6a5fb001e7795e5940b03547ba603cf71668ddd9086b37a35e532bd0aca5db5fa9b7a0ad97fdf1aad3858f44990e037a59b48e67bc00"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(r3, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="040026bd7000fedbdf25000000000800010008000000b9f8d062053fd61a944b7a3bdf6a2ebff9511886224641165384726b0523ae"], 0x1c}, 0x1, 0x0, 0x0, 0x20008005}, 0x10) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000440), r0) sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000400), 0xc, &(0x7f0000000700)={&(0x7f0000000480)=ANY=[@ANYBLOB="7c020000", @ANYRES16=r6, @ANYBLOB="00012bbd7000fbdbdf25070000007d011380530ae8ef89e189905b5f00020b8812f7b1b84fbe9aaffaa63513de3df182652471900fa8f41186865af0bebfdf5c2bfc609396c0bb35d2282a2f1ee80004005d00350130806608872d70a0df70d05b601b378c05d59f6f94d56538ca85a42ec5e3302f013ba6334647e2cca882c253e4bca4c51044099a678a3c9f094c207b85639ba9880a87a146efb08a7aef11608fa342334c3f6c3a6c1a71062f42caa817c148949f2aabc4e93911df864f9335178288a686ad478048bfddf204004500e05a0f45f7fc57ce7f4ff375a882040010807a19522c62f689affe048fa10687a5d2ad54ef6b19ae346e7b7748b78dbb23751fdbac79ee50f96c2e1c31606672d7128832283985bd751bbc08facf34d864e01537e530372ddf3a809f5c4fc754cfb2be03e6f60869b8a73e09158c0b2364acfabfa7b8bcb0922e3915b0916ae6876ab8718e5445bb1d2208c461ad65cc92b9982447d2fce9bb8dc888684cbc1fe2ac62b3042709e58af5339e4a0400508000000000000008000d000400000008001500b60e0000080015000700000005000a0003000000c0001f00342296dc64ae66abed66009e53f0e2a0b6536bb49dfc58f805fe1f5169e3956c72f3b61668eb2a910f6219b7772e284b43f6417b6aa0b651a6594f38a9bee36f9fbd9a8fa53df2234545bce9d6f7b0bf47fc87aa0d9c9802d912162fe3a31b8771cf7fc90279b1532b62949434dfbf5efa3f79a34d0b1c19d45eee6a0c1d81dfcc08bfb8a32728ee66d7e956f1dff7f29a31ce64748c0e2eedbff1715f087a4a4228df4ac370a8d70acfdce31f64edaf2fa88f1e526bcc8fa47978800800030004000000000000000000"], 0x27c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xee46}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.326150644s ago: executing program 2 (id=848): statmount$auto(0x0, 0x0, 0x1fa, 0xd) socket(0x15, 0x5, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x2802, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000000)='/dev/media8\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x42200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x801, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0xfc6, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0)) r1 = pipe$auto(0x0) splice$auto(0x4, 0x0, r1, 0x0, 0x80000001, 0x9) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4b63, 0x4) ioctl$auto_MON_IOCQ_URB_LEN(r1, 0x9201, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000000) sysfs$auto(0x2, 0x0, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) r5 = accept$auto(r0, &(0x7f00000000c0)=@nfc={0x27, 0x0, 0x1, 0x4}, &(0x7f0000000100)=0xf) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x101a02, 0x0) close_range$auto(r5, r4, 0x9) acct$auto(&(0x7f0000000040)=')\'$-{%+\'@,\x00') syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) 2.253777578s ago: executing program 3 (id=849): socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x801, 0x106) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1258, 0x1, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x5, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0x3, 0x7, 0x10007, 0x80, 0x2a0, 0x0, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x1fe, 0xd) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd03, &(0x7f00000001c0)) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000003fc0), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r2, &(0x7f0000004540)={0x0, 0x0, &(0x7f0000004500)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="ffff2bbd7000fedbdf250300040005"], 0x18}, 0x1, 0x0, 0x0, 0x40081}, 0x20000c50) write$auto(r0, &(0x7f0000000000)='*\x00', 0xfd) socket(0xa, 0x1, 0x84) r4 = io_uring_setup$auto(0x6, 0x0) symlink$auto(&(0x7f0000000300)='\\\':.\x00', &(0x7f0000000100)='\xfb\x00') r5 = socket(0x2d, 0x1, 0x0) readlink$auto(&(0x7f0000000b00)='\xfb\x00', 0x0, 0x800) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) ioctl$auto_SNDCTL_DSP_PROFILE(r4, 0x40045017, &(0x7f0000000340)="6f9aa57035cdb7db1c06d5ac1a94cc12b8ef1faaff30221cf40293ad9206d45ce2b46c30484042c80da63fa4e642417571fc90c9dc7dbf39ebd28f11903a1a7dc1181dad6d049db7d36a7d3579223fa6") sendto$auto(0x3, 0x0, 0x6, 0x1101, &(0x7f0000000000)=@in={0x2, 0x4e22, @loopback}, 0xdf) shutdown$auto(0x200000003, 0x2) r6 = open(&(0x7f00000001c0)='./cgroup\x00', 0x800, 0x8a) r7 = bpf$auto(0x10, &(0x7f00000000c0)=@link_detach={r6}, 0x40) seccomp$auto(0xff, 0x679efe8f, 0xfffffffffffffffd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x1006, 0xffffffffffffffff, 0x0, 0x11}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d4000000", @ANYRESDEC=r1, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac88ad14000200766574683100000000000000000000000800070063fbfbff17eb05daef34469ed6dc938766fd46d25a4d297d01cd3b7da38d3110574c015b10e1bd7112889cc50d505ffd3dc42d0a3c0a", @ANYRESOCT=r5, @ANYRES16=r7], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/default/regen_max_retry\x00', 0x2202a0, 0x0) 2.183876155s ago: executing program 0 (id=850): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/rc_rateidx_mask_5ghz\x00', 0x101200, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = ioctl$auto_TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0) ioctl$auto(0xffffffffffffffff, 0x2, r1) unshare$auto(0x40000080) socket(0x22, 0x1, 0x80000000) mmap$auto(0x0, 0x7, 0x1, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x200, 0x0) read$auto(r3, 0x0, 0x20) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000001d40), 0x40a40, 0x0) 2.116111624s ago: executing program 3 (id=851): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyu0\x00', 0x89b41, 0x0) socket(0x2, 0x3, 0xa) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/ip6_tables_targets\x00', 0x608100, 0x0) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x3c, 0x9, 0x0, 0x1, 0x9) ioctl$auto_TIOCMGET2(r0, 0x5415, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 2.077455067s ago: executing program 1 (id=852): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyu0\x00', 0x89b41, 0x0) socket(0x2, 0x3, 0xa) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/ip6_tables_targets\x00', 0x608100, 0x0) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x3c, 0x9, 0x0, 0x1, 0x9) ioctl$auto_TIOCMGET2(r0, 0x5415, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 1.027890491s ago: executing program 3 (id=853): statmount$auto(0x0, 0x0, 0x1fa, 0xd) r0 = socket(0x10, 0x2, 0x0) setsockopt$auto(r0, 0x114, 0x6, 0x0, 0x2) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_proc_single_file_operations_base(0xffffffffffffffff, 0x0, 0x0) bind$auto(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x1, 0x1, 0x14, &(0x7f0000000000)='\x00', 0xbb) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x200, 0x0) ioctl$auto_EVIOCSMASK(r2, 0x40104593, &(0x7f0000000080)={0x2, 0x80000000, 0x7f}) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r1, 0x0, 0x1fffffffffd, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/exception_policy\x00', 0xc0080, 0x0) pread64$auto(r4, 0x0, 0xb69a, 0x5) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) ioctl$auto_PPPIOCSFLAGS(r3, 0x40047459, 0x0) 873.82047ms ago: executing program 2 (id=854): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dri/renderD128\x00', 0x10000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)={0x2c, r0, 0x13, 0x70bd26, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x3}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x7ff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000640)={'pimreg0\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r6) sendmsg$auto_NL80211_CMD_STOP_AP(r6, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="29012cbd7000fbdbdfa51000000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x5a88314c8e109829}, 0x14) semctl$auto_IPC_STAT(0x1, 0x8, 0x2, 0xffffffff) r8 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000001280)={@siginfo_0_0={0x2, 0x0, 0x2, @_sigchld={0xffffffffffffffff, 0x0, 0x0, 0x7, 0x5}}}, 0x4, &(0x7f0000001300)={{0x7, 0x7}, {0x5, 0xffff}, 0x6, 0xf, 0xfff, 0x16280000000, 0x3, 0x8000000000000000, 0x7, 0x9, 0x10800, 0xbb0, 0x7, 0x9, 0x3, 0x9}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r10 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r4) sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r4, &(0x7f0000000600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x12000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000a80)=ANY=[@ANYBLOB="289f58b5ae670e7d02fe75a1de0c8bc183b78045ac000d00bd97362cdcbda65663bc2db6f10cce759383e206cab09c93d63b10b7412e1906071bc78a6d9a7bd57cd13e6d54714387f7aab6c0f1dd3f48aea7daf2395d1ffb8184c7db221093cc31d450507982c307f7dc8b01be", @ANYRES16=r10, @ANYBLOB="00012bbd7000fedbdf25160000000c000600000000000000000008002a00b1020000"], 0x28}, 0x1, 0x0, 0x0, 0x44080}, 0x20000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r11 = socket(0x18, 0x3, 0x100000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00', @ANYRES16=0x0, @ANYBLOB="1b0026bd70941214f9274fcdb10000000000000002ff070004"], 0x30}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(r11, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) shmctl$auto_SHM_LOCK(0x100, 0xb, &(0x7f0000001580)={{0x8, 0xffffffffffffffff, 0xffffffffffffffff, 0x7, 0x7, 0x812f, 0x9}, 0x5, 0x80, 0x1ff, 0x6, @inferred=0xffffffffffffffff, @inferred, 0x8, 0x0, &(0x7f00000013c0)="ad0f73b2ab625f53f8e32c59", &(0x7f0000001480)="e64b1d1aca7239d0409811f1a09776545897aa79b9875c81e6ce4766dbe1459ddb8a9e5e3e4cd3d99b819dcfd271533a9b32b9feb1cf166afd4be8a65b534842a3b29380cbd1ff06290cfa70695a50cbf5f4c6d39dadaf34aa846508b6f09c169968b0f3dd2f7184d02f21349eb16412e69a7ef05ddf7de33e4a1e934e8a4cedf3619b9d1d906072612fdb56da526bcceb176f3d2875bbe447fd058dde9b78a798c0ffe5f405e42f14b484cd72e54db20475eb9cdc53ca5cbf9cf3c8295f19df2bae77046a131e8bbd27fd2e4781e001e885781a33c0bdb6135a3150902409fbbe608cdc502f64b66e"}) sendmsg$auto_NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000001a80)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001a40)={&(0x7f0000003080)=ANY=[@ANYBLOB="380a00e01af4f2dd960f8444fd516ad7cda6edf1352d39d747838b7b04319b979185da4d171b44da12425538eb2a020e8f04e0ff585d64c2076f29e96d6cdb216c984cfe4c0c1ef5ac3db3f55ec4aedb9fd0b210d55c83e858cc3690b2f8cc2fbcefd1530ddf76a9cc332cb0c55619b646a25e92cb28f82fbfbd0140ffdc41214427e8fa622d10d1186ea4fd228b6a3bee4f0000000000000000", @ANYRES16=r7, @ANYBLOB="040028bd7000fedbdf2552000000140a6e80de28bc2e1904062051f8e91d8169b5d9f1597989892a6704318222835b4469896f3dd09a159bd15283858639aa6f2c88bac7b855721953ae3795606626037c3ae89ce81ba8d4d3112d6bae2022d16340696897ab798e64e7a44ab26700649c3d41096208437595641bb71018d56c92e98f02fc3d89e107a5e7b2067273941e31209b94f9db579d28105c102afe049c2d8f8e46edb26e94c3fe8f202311258f56aa7cd774afed1c95ad4efd90d40124238d54fccbfbb609f1ea00175151ce3ea08549a9279f255c3411e95da1b71dd521338cac3ea3ecdb8020d82400a5800400028004008f8065fdbe610c002c00000100000000000008003900", @ANYRES32=r9, @ANYBLOB="6e07048004006a807e7748021a2f24f0814232b02dfc06b67891e807ab87807d0d914c4908755692d533564c8bce1d789c032207818089e01c81844b2f3e26516925062203ac3bb21c1af1e71a468b3d666df68ef79ab9469b68618dec6c50ce32dcfd93c19202dc9822fa544be8016f8d4a970d2970e2d79390712065012142917075fd2baf9ea66f9c106d9183cc72810866685be8f21e3e9bd3b68c2dee1d989615b2f81801b9d53057b3392968aa960e1ab39195edde270c78212b035173b408b93114d4448ca86f82efe5298b84916be5fc6cd6cb95d020d03673f4bca286db036924411a5fdfaf57823f410caaecd6882908002700040000002d74d3638a108d8618cab92942f5d2496d13771892aadf3592aaa307bf1e901d58c91b168f3830b354500b182aeefb258d206a23e4aabc14bad19af812d22dabe5b156e8fdb0f997924896404b0ab23441425c90a8d548bb16d1ed8a91085b98ebb0630306a852d47d2f9548a3474815a5a228f69ec9a216c2880fc5e690f028e3c4fc53261e8a6c3aeeb8fae69f0046308843ff37a3bbcdb5b04b93cf3c1f42556f3057cbaa92115a4503ca6901c8846cad5af667a3b3a335df3cfce9d2619d1df97e39f448b9017bbf9b37208af57ce6ce8d029c803340239ffbe4e0b9c0b99d4da992b044da2d8288cdc1e854479f7215204e053ba57fa02d2a6da9bee9ca3e83b384f154fa9c0a066cc2c81c74bfda28e2f83bbc7694ad98abdef2f22e39c43f28d107f4c7a74ab74a28f8e08d8842a56d372389f6b9485ecf23e00e4ca1c9ba93106a7c45edf5aac599a7aa7220a68e85faf66fdaa992673a5e52d23e55e6e9584a79ccbd7be9404b6af3cfc6ba7f0c91afd4ed58b55062b765787f8ce97f703bf8dd266dab002180ff2c7771fb3618e9e06812a76199a505269fbbe88c464280595edf1209eabaf30daba3ce89cbe8ebf265851bb642226ebee857291058c1327abb800c557a0e2765dd1b832c445a3c0b12f0067eabbe89b33e9480d045abccff1e037d45741f89b014c1015b9c7103d3c0727de57048f18f7b7315dce117868e6dce0291b91d260ab142c917edc52d519cef8510af8b129dd7c00a6a36843d9a66ba80190120c4b431a8192083f700710eb4831516cdf780a1b735ae129c875dde9a951c77e5845ffde8630da8033e1af1c828d07ba4c0a539c40be5b89442337783a5778218887bcb60893a8e7b25b0ef2acfcd5f8ad25afeaab28d15ac14eb915f1e217facbcdcd04d697e87e200bd5cf18980aa4ce9130cbc8cbeacfc29cdbe9a5c1a847ee83d079d3c18b9f2d660249dcad481c0d71ad7dd4f31bf2fb7adbca6788febd7fd6ccff0e2db5a51d57ac621a0080ffcad58137f1b2e018f7e477f9964df546e104c72f233df9a326e28819f11c4b780c1f0fe5d0dfb7c89ee0994ef2ed09bec3f3f8f2319c556dd3b5fbf57be3eb7c7290c5728bcfe5e3b8de3f32986de81ae2c10e0b0f508d60b0a71a63a75a2a5140d58faf977c9cb632cf21ee9cc59246ebf50ccc4c5959f5e9870c5732a1faec7a70400f28000000079139fe9a81677032c15f971fdb10750f1f51f8ae7fb7c85faef9d96fdc616a0318d917ed15605f03fcd7802ebfee87b393f06b0c7fa7099e94b3a86d5118b1c3910669d45936dd8f1ad2092afcdf1c45a78d01671bda8fa529ee6eae14283b64b22537063f7d05ba15d70a598b7091c99758b9e2c03fc4eee61f064444dca29a069343d35fde7acc4d2881258db8bf6a6b7d1ee2d0b33880cd48dd3f581cb2740053738ff82b72c9b0cc28e6e20862279ad66104813c5b8b000bac78c31423b8498ebfae5e2e195ce384ada54d50fbf8ab014282a81473ae4fb479ac1e405c5035e56d53b269404947261f1562017276d03c6038c97fef0cdf4446307d03bb5e324cdc1e469aca6f5990f5b732d439eae6e79741e5fcc006f62fc3240447fc56e4f1042101059b6022848b367e47debfd488c2b402e10c582632dd57cf7ec7c267f5b801dc3d5dfa0be61e596bcf524f52b6ae43db2a1d11f86cc22ddd0091e84eb036d43674deaabf078cc8af2e8da013f4123d340df761b64f64dfb9c427976a67183aa3dab7018ca8d2d2c7c770406025b364467a5c2b9f2ac6f17ec564989e77ecfd508f8e0df15dd02c2cdbf103b1835194780c58944a2b1095a8190a00e625ed647dc622a13fc995e91582afe6a1f0febba1d659ab90bb45c4fe6bef5269a7ea6129efb1a8a340f31e8ae0b9441a57494c5a1ef6819e794764c928c0d713936e546ca9e2d2b89f49041e9c5c6dc76695fa58bcf40d82b3b18c4d1acd9fcc89503c6f4233e3c11087a7c2b78028ba3c09a67315ad8c9ee764e669f5d20d2216ed1a14482f324fb5ec6fea8d061edeebb50affbf24c70f285de12b66d1ff4e69dd949658c42c0054a93c1996f350cf6ba68068b1cfeb891e87c6cbc22bb34d43d7c4b6e15aec5fcbe5593a7c70b0c13cc8e3da695ec975baee57b77a123b3c2a1f09a47888b5a498f3c60a07134e42ce0fc9024a75e2f74132d38d84a78dfc196d36e87a131466d484eefbb666294c52e998b5bd0837d1f8d4293e414c54b8e7f8869e439bd5c65cd47050b080022000b0000000000080023000200000008007d00", @ANYRES32=r1, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="000008008f00", @ANYRES32=r8, @ANYBLOB="1400ea0000000000000000000000ffff000000001400988004003d800a00e00026253a5b2c000000d0003980040012800400348006ca8787b036e0776bfb8ea8e4268cf88210403071ad4dceeb827cbce09612fca6437ffdea632cb9a16b3cdb3f6a0636ce7a1e376479059403093306d9f15949b706ff3bbabd10e9268e8f97975f65ea42c8335d0fd3a4823d026f44e8e3848b0211d6ccb80f8f7f51e5f644064e94218a6a6f73a848b87f182f4a57320853086cd519a0ef8eff1bd45e1b287b98b3e19030b4ccba022df53a17aee2d69f3d52ddc9a4bae498456852c47ba619e7173ac03b3a84237b717e9826fe3cfc84602aeb4e617e0800398004002480dabb80d7cfb6baef6dc74dc975af01983f6a621c593a80f0e3b643aa97be642bb748974eaff3d525b78fad166db9b89d698ed539615c51494480ee1a1ce07a6a382f281d5062637dc668168ddcb42d9816e822938786173be7c7faf2d0dd7742b48ecb17bf02cd84dacf0cf7acfe619ce267c6e621f97756b27ac2a611588ba6fe81296720d41400088008008a006401010208003800", @ANYRES32=r12, @ANYBLOB="08000100050000000500e40005000000"], 0xa38}, 0x1, 0x0, 0x0, 0x40004}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r13 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r13, 0x5608, 0x7) r14 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) lseek$auto(r14, 0x4, 0x1) r15 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) write$auto(r15, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) 803.469212ms ago: executing program 1 (id=855): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) r0 = socket(0x6, 0x80000, 0x800) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x800, &(0x7f0000000500)={[0x7, 0x80000001, 0x8, 0x7, 0x2, 0x4, 0x152, 0x8, 0x6, 0x5, 0x3, 0x5, 0x9ad, 0x3, 0x8, 0x6]}, &(0x7f0000000580)={[0x3, 0x3ff, 0x101, 0x5, 0x8, 0x40, 0x80000000, 0x6e6, 0x9, 0x3ff, 0x1ff, 0x0, 0x4, 0x7, 0x3, 0x5]}, &(0x7f0000000600)={[0x6, 0x0, 0x0, 0x4, 0x282, 0xb1, 0x8, 0x8, 0xfffffffffffffff9, 0x9, 0xfffffffffffffffc, 0x3, 0x3, 0x9f5, 0x0, 0x8]}, &(0x7f0000000340)={0x10000, 0x4}) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x3014880, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x7, 0x400005, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r3, &(0x7f0000000040)=""/4099, 0xfd98) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1d, 0x2, 0x7) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6}, 0x6a) sendto$auto(r4, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, 0x0, 0x3f}, 0x36) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0xfffffe8c, &(0x7f0000001080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="d47b1cab1fd31e0d040047f1", @ANYRES16=r2, @ANYBLOB="000426bd7000fddbdf25060000000c001100657468746f6f6c000800060002000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x440440d4) r8 = socket(0x10, 0x3, 0x6) r9 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001100)=ANY=[@ANYRESHEX=r7, @ANYRES16=r9, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 726.23023ms ago: executing program 0 (id=856): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x30, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@OVS_METER_ATTR_CLEAR={0x4}, @OVS_METER_ATTR_BANDS={0xd, 0x4, 0x0, 0x1, [@typed={0x4, 0x67, 0x0, 0x0, @binary}, @generic="ac", @nested={0x4, 0x83}]}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x9}]}, 0x30}, 0x1, 0x0, 0x0, 0x48804}, 0x4004) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x8) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xb}]}, 0x24}}, 0x4000) 456.945581ms ago: executing program 2 (id=857): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x2) socket(0x2, 0x801, 0x106) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x2, 0x88) r1 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) ioctl$auto_SNDCTL_DSP_SETDUPLEX(r1, 0x5016, &(0x7f0000000200)="814fd2965f4077b7f97e08a270fe3129820e1e34cefd6577be5150645fbce27272cbc16ac208eeed1b19a6a8e9ceaac46fe2f2bdf1625f7da50268f30a6738a5c1ae61e255ad9a4aefc8a45b6308f3519a8e5fa1d62bfbe8fa5e84d45c4eb0f559371a0ee2eb93d2fa92e54d91841ba17303f09d1c8cb8de8071cf51b5b4e7cf023c48b3d6a0fe80ac99627ee2f7a14f5ac72170295d377ebb848ee2259de8d297960491907b59c97072707e4cde92899199d8ef1ebcb02df15fb68807ff9bcf48") r2 = socket(0x2a, 0x2, 0x1) connect$auto(r2, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x20000008000) socket(0x26, 0x5, 0x80) r3 = socket(0x10, 0x3, 0x6) socketpair$auto(0x0, 0x9, 0xffffffff, &(0x7f0000000000)) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x50, r4, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x7}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x40}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2000000}]}, 0x50}, 0x1, 0x0, 0x0, 0x4048081}, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) close_range$auto(0x2, 0xffffffffffffffff, 0x0) copy_file_range$auto(r1, &(0x7f0000000040)=0xfffffffffffffff9, r1, 0x0, 0x2000000002, 0x0) ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, &(0x7f0000000140)={0x6, 0x0, 0x10001, @lost_msgs={0xfffffff8}}) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r5, 0x4, 0x7ff) ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r5, 0xf72, 0x0) capset$auto(&(0x7f00000000c0)={0x0, r5}, &(0x7f0000000100)={0x80, 0x3, 0x20000}) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x8, @old_prog_fd=r0}, 0xa3) bpf$auto(0x2, 0x0, 0x9) 287.82745ms ago: executing program 3 (id=858): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x7ffffffc, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x10b000, 0x0) r2 = ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x27bb, 0x3, 0x7fff, 0xfffffffffffffffa, 0x8001) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bpf$auto(0x5, &(0x7f0000000340)=@test={r3, 0x6, 0x4, 0xd50, 0xd, 0x44, 0x7, 0x100, 0x6, 0x5, 0x3, 0x20, 0x2, 0x31, 0xae}, 0xf8) mmap$auto(0x99f, 0x10001, 0xd8, 0x9b7e, 0x7, 0x27ffd) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/conf/wg0/promote_secondaries\x00', 0x14b101, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r2, 0x40285881, &(0x7f00000000c0)={r0, 0x0, 0x7fff, 0x1, 0xff, 0x6}) syz_genetlink_get_family_id$auto_handshake(&(0x7f00000001c0), r4) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) write$auto(r5, 0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000080)={0x1, 0x6}, 0x8, 0x7) 147.600971ms ago: executing program 2 (id=859): mmap$auto(0x800000000000000, 0x20009, 0xdf, 0xeb1, 0x401, 0x8001) semctl$auto(0x80001ff, 0x804, 0x13, 0x4) keyctl$auto(0x1, 0x7, 0x100, 0x0, 0x4) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x7, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0x1e, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) r1 = getpid() mlockall$auto(0x5) rt_sigprocmask$auto(0x26, &(0x7f0000000040)={0x80000000}, &(0x7f0000000080)={0x9}, 0x8) mmap$auto(0xfffffffffffffffe, 0x40000a, 0x2bb, 0x14, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/async_depth\x00', 0x40800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000280)=""/4096, 0x1000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) mincore$auto(0x1000, 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001245}, 0xa, 0x40000000000000) 84.552204ms ago: executing program 0 (id=860): openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0) capset$auto(0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x280303, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) r0 = open(&(0x7f0000000000)='}[,&*}\x00', 0x1652c2, 0xe1d2b27bdc14aa98) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/afs/addr_prefs\x00', 0x441, 0x0) write$auto(r1, &(0x7f0000000300)='/ ys -ernel/tracing/set_event_notrace_p}d\xde\xc7\xbd8\xbe\xd7\xdeN\x86\xcf\x1d\rD!U\xb4\xe4+\v\xc3\x063\xe1o\xcf5$\xe1\x0eA\xf3ua\x8fT\xd9J\xfd\x02\x00\x00\x00\x00\x00\x00\x00\xbf\x9f\xb0e\xfex,c-\xdf\a\x9e\x9bX\x13n\xdf\xc8\x94%\x7fp\xe0\xa0x\x1f\x17\xea\xc3\xbf\xb2(}\x7f\xd3\xf6\xc5\x9bj\xcf~\x7f)\xd2\x7f\tN\xa9m\xe8\xdc\xb1\xe3\xf3L\xad\xdd%(0c\x9d\x13\xc7\x0elZ\x87K\x14_\xbau\x88\x9f\xe2\x04\x16\xec\xfa\xad\xe0\x87G[N\xf1\xb5\xc0\xab\x00\x00\x00\x00\x00\x00\x00\x04+\xc1\xd3m\xb8\xe5\a\x92\xc2\xd4\xcc\x91\x90\x05$G\x9a\x9b\xe1I\xa9/(\xd3\xa1\\8\x1afmY\xd6m\x931\xe6\xbd\xfb\xd6\x91\xbb\xef\xa1\x03\xd8j\x06ngka\xd1\xf1\xfd\xaeX)w\x1e4\x91', 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x2ad00, 0x0) readv$auto(r2, 0x0, 0x3) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x1142, 0x1ffe}, 0x4, 0x0, 0x0, 0x8) modify_ldt$auto(0x1, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x7) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/stats\x00', 0x202400, 0x0) readv$auto(0x3, 0x0, 0x3) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 0s ago: executing program 3 (id=861): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) landlock_create_ruleset$auto(0x0, 0x9, 0x0) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:02.0/power/runtime_suspended_time\x00', 0x10000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya2\x00', 0x420880, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x40076f3f, 0x38) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x0, 0x9) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x10, r0, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) mbind$auto(0x0, 0x2, 0x4, 0x0, 0x6, 0x2) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000240)={0x8040, 0xc9, 0xa}, 0x18) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x682, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r2, 0x80044dfb, &(0x7f0000000040)) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) kernel console output (not intermixed with test programs): 2/0x510 [ 228.445005][ T7863] ? d_absolute_path+0x136/0x1a0 [ 228.445046][ T7863] tomoyo_encode2+0x100/0x3e0 [ 228.445098][ T7863] tomoyo_encode+0x29/0x50 [ 228.445142][ T7863] tomoyo_realpath_from_path+0x18f/0x6e0 [ 228.445202][ T7863] tomoyo_path_number_perm+0x245/0x580 [ 228.445241][ T7863] ? tomoyo_path_number_perm+0x237/0x580 [ 228.445287][ T7863] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 228.445330][ T7863] ? find_held_lock+0x2b/0x80 [ 228.445400][ T7863] ? fd_install+0x244/0x750 [ 228.445445][ T7863] ? hook_file_ioctl_common+0x145/0x410 [ 228.445523][ T7863] security_file_ioctl+0x9b/0x240 [ 228.445569][ T7863] __x64_sys_ioctl+0xb7/0x210 [ 228.445613][ T7863] do_syscall_64+0xcd/0x490 [ 228.445648][ T7863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.445681][ T7863] RIP: 0033:0x7f5a1fb8e929 [ 228.445706][ T7863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.445738][ T7863] RSP: 002b:00007f5a20a0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 228.445774][ T7863] RAX: ffffffffffffffda RBX: 00007f5a1fdb5fa0 RCX: 00007f5a1fb8e929 [ 228.445794][ T7863] RDX: 0000000000000008 RSI: 00000000c0285628 RDI: 0000000000000003 [ 228.445812][ T7863] RBP: 00007f5a20a0a090 R08: 0000000000000000 R09: 0000000000000000 [ 228.445830][ T7863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.445847][ T7863] R13: 0000000000000000 R14: 00007f5a1fdb5fa0 R15: 00007fff772d2678 [ 228.445888][ T7863] [ 228.445946][ T7863] ERROR: Out of memory at tomoyo_realpath_from_path. [ 229.373380][ T7883] can: request_module (can-proto-0) failed. [ 229.558152][ T7883] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input34 [ 231.512694][ T7898] netlink: 342 bytes leftover after parsing attributes in process `syz.3.409'. [ 231.551302][ T7898] IPv6: NLM_F_CREATE should be specified when creating new route [ 231.683054][ T7898] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 231.690721][ T7898] IPv6: NLM_F_CREATE should be set when creating new route [ 231.698094][ T7898] IPv6: NLM_F_CREATE should be set when creating new route [ 231.739016][ T7894] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 231.793779][ T7898] netlink: 25 bytes leftover after parsing attributes in process `syz.3.409'. [ 231.808383][ T7903] FAULT_INJECTION: forcing a failure. [ 231.808383][ T7903] name failslab, interval 1, probability 0, space 0, times 0 [ 231.852078][ T7903] CPU: 0 UID: 0 PID: 7903 Comm: syz.1.410 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 231.852126][ T7903] Tainted: [U]=USER [ 231.852136][ T7903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 231.852154][ T7903] Call Trace: [ 231.852164][ T7903] [ 231.852175][ T7903] dump_stack_lvl+0x16c/0x1f0 [ 231.852235][ T7903] should_fail_ex+0x512/0x640 [ 231.852287][ T7903] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 231.852342][ T7903] should_failslab+0xc2/0x120 [ 231.852374][ T7903] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 231.852426][ T7903] ? mas_alloc_nodes+0x18b/0x8b0 [ 231.852480][ T7903] mas_alloc_nodes+0x18b/0x8b0 [ 231.852545][ T7903] mas_node_count_gfp+0x105/0x130 [ 231.852597][ T7903] mas_preallocate+0x77b/0xda0 [ 231.852642][ T7903] ? __pfx_mas_preallocate+0x10/0x10 [ 231.852690][ T7903] ? __pfx_mas_prev+0x10/0x10 [ 231.852732][ T7903] expand_downwards+0x327/0xed0 [ 231.852772][ T7903] ? __pfx_expand_downwards+0x10/0x10 [ 231.852814][ T7903] ? __pfx_down_write+0x10/0x10 [ 231.852861][ T7903] mmap_read_lock_maybe_expand+0x11e/0x3c0 [ 231.852910][ T7903] get_arg_page+0xbb/0x310 [ 231.852956][ T7903] ? __pfx_get_arg_page+0x10/0x10 [ 231.853001][ T7903] ? __pfx___might_resched+0x10/0x10 [ 231.853046][ T7903] copy_strings.isra.0+0x1cc/0x950 [ 231.853104][ T7903] do_execveat_common.isra.0+0x397/0x610 [ 231.853159][ T7903] __x64_sys_execve+0x8e/0xb0 [ 231.853207][ T7903] do_syscall_64+0xcd/0x490 [ 231.853241][ T7903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.853273][ T7903] RIP: 0033:0x7f8ef3b8e929 [ 231.853298][ T7903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.853328][ T7903] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 231.853357][ T7903] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 231.853377][ T7903] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 231.853396][ T7903] RBP: 00007f8ef49ba090 R08: 0000000000000000 R09: 0000000000000000 [ 231.853414][ T7903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 231.853432][ T7903] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 231.853472][ T7903] [ 232.281360][ T7909] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 233.205204][ T7920] FAULT_INJECTION: forcing a failure. [ 233.205204][ T7920] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 233.220877][ T7920] CPU: 0 UID: 0 PID: 7920 Comm: syz.1.413 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 233.220927][ T7920] Tainted: [U]=USER [ 233.220937][ T7920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 233.220956][ T7920] Call Trace: [ 233.220966][ T7920] [ 233.220978][ T7920] dump_stack_lvl+0x16c/0x1f0 [ 233.221036][ T7920] should_fail_ex+0x512/0x640 [ 233.221094][ T7920] strncpy_from_user+0x3b/0x2e0 [ 233.221150][ T7920] getname_flags.part.0+0x8f/0x550 [ 233.221211][ T7920] getname_flags+0x93/0xf0 [ 233.221256][ T7920] do_sys_openat2+0xb8/0x1d0 [ 233.221295][ T7920] ? __pfx_do_sys_openat2+0x10/0x10 [ 233.221345][ T7920] ? __fget_files+0x20e/0x3c0 [ 233.221401][ T7920] __x64_sys_open+0x153/0x1e0 [ 233.221442][ T7920] ? __pfx___x64_sys_open+0x10/0x10 [ 233.221490][ T7920] ? rcu_is_watching+0x12/0xc0 [ 233.221528][ T7920] do_syscall_64+0xcd/0x490 [ 233.221564][ T7920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.221596][ T7920] RIP: 0033:0x7f8ef3b8e929 [ 233.221622][ T7920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.221653][ T7920] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 233.221683][ T7920] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 233.221704][ T7920] RDX: 0000000000000154 RSI: 0000000000022240 RDI: 0000200000000800 [ 233.221723][ T7920] RBP: 00007f8ef49ba090 R08: 0000000000000000 R09: 0000000000000000 [ 233.221743][ T7920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 233.221761][ T7920] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 233.221802][ T7920] [ 233.334820][ T7921] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 233.668516][ T7924] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 235.136439][ T7943] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 235.951381][ T7960] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 236.374783][ T7961] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 236.407549][ T7955] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 236.419154][ T7955] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 236.428124][ T7955] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 236.435643][ T7955] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 238.063062][ T6108] Bluetooth: hci0: command 0x0c1a tx timeout [ 238.147802][ T7988] can: request_module (can-proto-0) failed. [ 238.480357][ T6108] Bluetooth: hci1: command 0x0c1a tx timeout [ 238.486719][ T7077] Bluetooth: hci2: command 0x0c1a tx timeout [ 238.487846][ T6128] Bluetooth: hci3: command 0x0c1a tx timeout [ 238.972637][ T8002] usb usb28: usbfs: process 8002 (syz.0.428) did not claim interface 0 before use [ 239.257437][ T8011] FAULT_INJECTION: forcing a failure. [ 239.257437][ T8011] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 239.281515][ T8011] CPU: 1 UID: 0 PID: 8011 Comm: syz.2.429 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 239.281568][ T8011] Tainted: [U]=USER [ 239.281578][ T8011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 239.281596][ T8011] Call Trace: [ 239.281606][ T8011] [ 239.281618][ T8011] dump_stack_lvl+0x16c/0x1f0 [ 239.281684][ T8011] should_fail_ex+0x512/0x640 [ 239.281741][ T8011] _copy_from_user+0x2e/0xd0 [ 239.281772][ T8011] copy_msghdr_from_user+0x98/0x160 [ 239.281804][ T8011] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 239.281842][ T8011] ? kfree+0x24f/0x4d0 [ 239.281884][ T8011] ? __lock_acquire+0x622/0x1c90 [ 239.281934][ T8011] ___sys_recvmsg+0xdb/0x1a0 [ 239.281967][ T8011] ? __pfx____sys_recvmsg+0x10/0x10 [ 239.282022][ T8011] ? __pfx___might_resched+0x10/0x10 [ 239.282066][ T8011] do_recvmmsg+0x2fe/0x750 [ 239.282104][ T8011] ? __pfx_do_recvmmsg+0x10/0x10 [ 239.282145][ T8011] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 239.282192][ T8011] ? __fget_files+0x20e/0x3c0 [ 239.282249][ T8011] __x64_sys_recvmmsg+0x22a/0x280 [ 239.282286][ T8011] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 239.282331][ T8011] do_syscall_64+0xcd/0x490 [ 239.282366][ T8011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.282398][ T8011] RIP: 0033:0x7fd2fa18e929 [ 239.282422][ T8011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.282463][ T8011] RSP: 002b:00007fd2fb008038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 239.282491][ T8011] RAX: ffffffffffffffda RBX: 00007fd2fa3b6160 RCX: 00007fd2fa18e929 [ 239.282512][ T8011] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 239.282530][ T8011] RBP: 00007fd2fb008090 R08: 0000000000000000 R09: 0000000000000000 [ 239.282548][ T8011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 239.282566][ T8011] R13: 0000000000000000 R14: 00007fd2fa3b6160 R15: 00007ffedbaabc98 [ 239.282607][ T8011] [ 239.545181][ T8015] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 240.686178][ T8033] FAULT_INJECTION: forcing a failure. [ 240.686178][ T8033] name failslab, interval 1, probability 0, space 0, times 0 [ 240.701490][ T8033] CPU: 1 UID: 0 PID: 8033 Comm: syz.0.434 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 240.701541][ T8033] Tainted: [U]=USER [ 240.701552][ T8033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 240.701570][ T8033] Call Trace: [ 240.701580][ T8033] [ 240.701591][ T8033] dump_stack_lvl+0x16c/0x1f0 [ 240.701652][ T8033] should_fail_ex+0x512/0x640 [ 240.701704][ T8033] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 240.701761][ T8033] should_failslab+0xc2/0x120 [ 240.701794][ T8033] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 240.701848][ T8033] ? alloc_empty_file+0x55/0x1e0 [ 240.701890][ T8033] alloc_empty_file+0x55/0x1e0 [ 240.701929][ T8033] path_openat+0xda/0x2cb0 [ 240.701975][ T8033] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.702024][ T8033] ? __pfx_path_openat+0x10/0x10 [ 240.702084][ T8033] do_filp_open+0x20b/0x470 [ 240.702135][ T8033] ? __pfx_do_filp_open+0x10/0x10 [ 240.702215][ T8033] ? _raw_spin_unlock+0x28/0x50 [ 240.702263][ T8033] ? alloc_fd+0x471/0x7d0 [ 240.702321][ T8033] do_sys_openat2+0x11b/0x1d0 [ 240.702364][ T8033] ? __pfx_do_sys_openat2+0x10/0x10 [ 240.702415][ T8033] ? __fget_files+0x20e/0x3c0 [ 240.702471][ T8033] __x64_sys_open+0x153/0x1e0 [ 240.702511][ T8033] ? __pfx___x64_sys_open+0x10/0x10 [ 240.702559][ T8033] ? rcu_is_watching+0x12/0xc0 [ 240.702598][ T8033] do_syscall_64+0xcd/0x490 [ 240.702634][ T8033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.702666][ T8033] RIP: 0033:0x7f6f3858e929 [ 240.702692][ T8033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.702722][ T8033] RSP: 002b:00007f6f3938d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 240.702752][ T8033] RAX: ffffffffffffffda RBX: 00007f6f387b6080 RCX: 00007f6f3858e929 [ 240.702773][ T8033] RDX: 0000000000000154 RSI: 0000000000022240 RDI: 0000200000000800 [ 240.702793][ T8033] RBP: 00007f6f3938d090 R08: 0000000000000000 R09: 0000000000000000 [ 240.702812][ T8033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 240.702830][ T8033] R13: 0000000000000000 R14: 00007f6f387b6080 R15: 00007ffe5dd1c528 [ 240.702871][ T8033] [ 241.629205][ T8045] FAULT_INJECTION: forcing a failure. [ 241.629205][ T8045] name failslab, interval 1, probability 0, space 0, times 0 [ 241.651562][ T8045] CPU: 1 UID: 0 PID: 8045 Comm: syz.2.436 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 241.651602][ T8045] Tainted: [U]=USER [ 241.651610][ T8045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 241.651624][ T8045] Call Trace: [ 241.651631][ T8045] [ 241.651640][ T8045] dump_stack_lvl+0x16c/0x1f0 [ 241.651684][ T8045] should_fail_ex+0x512/0x640 [ 241.651721][ T8045] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 241.651764][ T8045] should_failslab+0xc2/0x120 [ 241.651787][ T8045] __kmalloc_cache_noprof+0x6a/0x3e0 [ 241.651820][ T8045] ? kasan_save_track+0x14/0x30 [ 241.651856][ T8045] ? snd_info_text_entry_open+0xfb/0x2a0 [ 241.651889][ T8045] snd_info_text_entry_open+0xfb/0x2a0 [ 241.651918][ T8045] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 241.651946][ T8045] ? trace_kmem_cache_alloc+0x28/0xc0 [ 241.651971][ T8045] ? __pfx_apparmor_file_open+0x10/0x10 [ 241.652003][ T8045] ? proc_reg_open+0x21d/0x610 [ 241.652039][ T8045] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 241.652072][ T8045] proc_reg_open+0x286/0x610 [ 241.652109][ T8045] do_dentry_open+0x741/0x1c10 [ 241.652146][ T8045] ? __pfx_proc_reg_open+0x10/0x10 [ 241.652187][ T8045] vfs_open+0x82/0x3f0 [ 241.652217][ T8045] path_openat+0x1de4/0x2cb0 [ 241.652263][ T8045] ? __pfx_path_openat+0x10/0x10 [ 241.652301][ T8045] ? __lock_acquire+0xb8a/0x1c90 [ 241.652336][ T8045] do_filp_open+0x20b/0x470 [ 241.652372][ T8045] ? __pfx_do_filp_open+0x10/0x10 [ 241.652429][ T8045] ? alloc_fd+0x471/0x7d0 [ 241.652471][ T8045] do_sys_openat2+0x11b/0x1d0 [ 241.652497][ T8045] ? __pfx_do_sys_openat2+0x10/0x10 [ 241.652544][ T8045] __x64_sys_openat+0x174/0x210 [ 241.652574][ T8045] ? __pfx___x64_sys_openat+0x10/0x10 [ 241.652615][ T8045] do_syscall_64+0xcd/0x490 [ 241.652640][ T8045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.652664][ T8045] RIP: 0033:0x7fd2fa18e929 [ 241.652682][ T8045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.652704][ T8045] RSP: 002b:00007fd2fb029038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 241.652726][ T8045] RAX: ffffffffffffffda RBX: 00007fd2fa3b6080 RCX: 00007fd2fa18e929 [ 241.652741][ T8045] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 241.652756][ T8045] RBP: 00007fd2fa210b39 R08: 0000000000000000 R09: 0000000000000000 [ 241.652770][ T8045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.652784][ T8045] R13: 0000000000000000 R14: 00007fd2fa3b6080 R15: 00007ffedbaabc98 [ 241.652813][ T8045] [ 242.405994][ T8050] FAULT_INJECTION: forcing a failure. [ 242.405994][ T8050] name failslab, interval 1, probability 0, space 0, times 0 [ 242.440467][ T8050] CPU: 1 UID: 0 PID: 8050 Comm: syz.1.439 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 242.440516][ T8050] Tainted: [U]=USER [ 242.440526][ T8050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 242.440555][ T8050] Call Trace: [ 242.440569][ T8050] [ 242.440579][ T8050] dump_stack_lvl+0x16c/0x1f0 [ 242.440641][ T8050] should_fail_ex+0x512/0x640 [ 242.440690][ T8050] ? __kvmalloc_node_noprof+0x124/0x620 [ 242.440740][ T8050] should_failslab+0xc2/0x120 [ 242.440767][ T8050] __kvmalloc_node_noprof+0x137/0x620 [ 242.440810][ T8050] ? video_usercopy+0x9c3/0x1440 [ 242.440858][ T8050] ? video_usercopy+0x9c3/0x1440 [ 242.440899][ T8050] video_usercopy+0x9c3/0x1440 [ 242.440943][ T8050] ? __pfx___video_do_ioctl+0x10/0x10 [ 242.440986][ T8050] ? __pfx_video_usercopy+0x10/0x10 [ 242.441050][ T8050] v4l2_ioctl+0x1bd/0x250 [ 242.441088][ T8050] ? __pfx_v4l2_ioctl+0x10/0x10 [ 242.441135][ T8050] __x64_sys_ioctl+0x18e/0x210 [ 242.441185][ T8050] do_syscall_64+0xcd/0x490 [ 242.441218][ T8050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.441246][ T8050] RIP: 0033:0x7f8ef3b8e929 [ 242.441267][ T8050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.441294][ T8050] RSP: 002b:00007f8ef49db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.441319][ T8050] RAX: ffffffffffffffda RBX: 00007f8ef3db5fa0 RCX: 00007f8ef3b8e929 [ 242.441337][ T8050] RDX: 0000000000000008 RSI: 00000000c0285628 RDI: 0000000000000003 [ 242.441352][ T8050] RBP: 00007f8ef49db090 R08: 0000000000000000 R09: 0000000000000000 [ 242.441369][ T8050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 242.441384][ T8050] R13: 0000000000000000 R14: 00007f8ef3db5fa0 R15: 00007ffc22ced088 [ 242.441419][ T8050] [ 242.806953][ T8059] usb usb28: usbfs: process 8059 (syz.3.440) did not claim interface 0 before use [ 243.082820][ T8066] netlink: 12 bytes leftover after parsing attributes in process `syz.0.443'. [ 243.155475][ T8066] openvswitch: HfR: Dropping previously announced user features [ 243.383752][ T8076] FAULT_INJECTION: forcing a failure. [ 243.383752][ T8076] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 243.414047][ T8076] CPU: 0 UID: 0 PID: 8076 Comm: syz.3.444 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 243.414100][ T8076] Tainted: [U]=USER [ 243.414111][ T8076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 243.414129][ T8076] Call Trace: [ 243.414139][ T8076] [ 243.414151][ T8076] dump_stack_lvl+0x16c/0x1f0 [ 243.414210][ T8076] should_fail_ex+0x512/0x640 [ 243.414267][ T8076] _copy_from_user+0x2e/0xd0 [ 243.414301][ T8076] copy_strings.isra.0+0x38a/0x950 [ 243.414368][ T8076] do_execveat_common.isra.0+0x397/0x610 [ 243.414426][ T8076] __x64_sys_execve+0x8e/0xb0 [ 243.414475][ T8076] do_syscall_64+0xcd/0x490 [ 243.414511][ T8076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.414544][ T8076] RIP: 0033:0x7f5a1fb8e929 [ 243.414569][ T8076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.414599][ T8076] RSP: 002b:00007f5a209e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 243.414629][ T8076] RAX: ffffffffffffffda RBX: 00007f5a1fdb6080 RCX: 00007f5a1fb8e929 [ 243.414650][ T8076] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 243.414670][ T8076] RBP: 00007f5a209e9090 R08: 0000000000000000 R09: 0000000000000000 [ 243.414689][ T8076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 243.414707][ T8076] R13: 0000000000000000 R14: 00007f5a1fdb6080 R15: 00007fff772d2678 [ 243.414739][ T8076] [ 244.145910][ T8085] FAULT_INJECTION: forcing a failure. [ 244.145910][ T8085] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 244.178835][ T8085] CPU: 0 UID: 0 PID: 8085 Comm: syz.1.447 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 244.178892][ T8085] Tainted: [U]=USER [ 244.178909][ T8085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 244.178929][ T8085] Call Trace: [ 244.178939][ T8085] [ 244.178952][ T8085] dump_stack_lvl+0x16c/0x1f0 [ 244.179024][ T8085] should_fail_ex+0x512/0x640 [ 244.179086][ T8085] _copy_from_user+0x2e/0xd0 [ 244.179121][ T8085] copy_msghdr_from_user+0x98/0x160 [ 244.179157][ T8085] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 244.179199][ T8085] ? kfree+0x24f/0x4d0 [ 244.179273][ T8085] ? __lock_acquire+0x622/0x1c90 [ 244.179316][ T8085] ___sys_recvmsg+0xdb/0x1a0 [ 244.179341][ T8085] ? __pfx____sys_recvmsg+0x10/0x10 [ 244.179384][ T8085] ? __pfx___might_resched+0x10/0x10 [ 244.179418][ T8085] do_recvmmsg+0x2fe/0x750 [ 244.179448][ T8085] ? __pfx_do_recvmmsg+0x10/0x10 [ 244.179488][ T8085] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 244.179524][ T8085] ? __fget_files+0x20e/0x3c0 [ 244.179573][ T8085] __x64_sys_recvmmsg+0x22a/0x280 [ 244.179609][ T8085] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 244.179646][ T8085] do_syscall_64+0xcd/0x490 [ 244.179674][ T8085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.179700][ T8085] RIP: 0033:0x7f8ef3b8e929 [ 244.179720][ T8085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.179744][ T8085] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 244.179769][ T8085] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 244.179786][ T8085] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 244.179801][ T8085] RBP: 00007f8ef49ba090 R08: 0000000000000000 R09: 0000000000000000 [ 244.179817][ T8085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 244.179833][ T8085] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 244.179865][ T8085] [ 245.267194][ T8102] FAULT_INJECTION: forcing a failure. [ 245.267194][ T8102] name failslab, interval 1, probability 0, space 0, times 0 [ 245.315851][ T8102] CPU: 1 UID: 0 PID: 8102 Comm: syz.1.450 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 245.315917][ T8102] Tainted: [U]=USER [ 245.315928][ T8102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 245.316007][ T8102] Call Trace: [ 245.316018][ T8102] [ 245.316028][ T8102] dump_stack_lvl+0x16c/0x1f0 [ 245.316072][ T8102] should_fail_ex+0x512/0x640 [ 245.316108][ T8102] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 245.316153][ T8102] should_failslab+0xc2/0x120 [ 245.316177][ T8102] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 245.316215][ T8102] ? security_file_alloc+0x34/0x2b0 [ 245.316251][ T8102] security_file_alloc+0x34/0x2b0 [ 245.316283][ T8102] init_file+0x93/0x4c0 [ 245.316307][ T8102] alloc_empty_file+0x73/0x1e0 [ 245.316334][ T8102] path_openat+0xda/0x2cb0 [ 245.316367][ T8102] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.316401][ T8102] ? __pfx_path_openat+0x10/0x10 [ 245.316443][ T8102] do_filp_open+0x20b/0x470 [ 245.316478][ T8102] ? __pfx_do_filp_open+0x10/0x10 [ 245.316533][ T8102] ? _raw_spin_unlock+0x28/0x50 [ 245.316566][ T8102] ? alloc_fd+0x471/0x7d0 [ 245.316607][ T8102] do_sys_openat2+0x11b/0x1d0 [ 245.316644][ T8102] ? __pfx_do_sys_openat2+0x10/0x10 [ 245.316678][ T8102] ? __fget_files+0x20e/0x3c0 [ 245.316717][ T8102] __x64_sys_open+0x153/0x1e0 [ 245.316744][ T8102] ? __pfx___x64_sys_open+0x10/0x10 [ 245.316778][ T8102] ? rcu_is_watching+0x12/0xc0 [ 245.316805][ T8102] do_syscall_64+0xcd/0x490 [ 245.316829][ T8102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.316852][ T8102] RIP: 0033:0x7f8ef3b8e929 [ 245.316870][ T8102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.316936][ T8102] RSP: 002b:00007f8ef4999038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 245.316959][ T8102] RAX: ffffffffffffffda RBX: 00007f8ef3db6160 RCX: 00007f8ef3b8e929 [ 245.316974][ T8102] RDX: 0000000000000154 RSI: 0000000000022240 RDI: 0000200000000800 [ 245.316989][ T8102] RBP: 00007f8ef4999090 R08: 0000000000000000 R09: 0000000000000000 [ 245.317003][ T8102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.317017][ T8102] R13: 0000000000000001 R14: 00007f8ef3db6160 R15: 00007ffc22ced088 [ 245.317045][ T8102] [ 245.874646][ T8094] program syz.3.449 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 246.145934][ T8109] usb usb28: usbfs: process 8109 (syz.0.452) did not claim interface 0 before use [ 246.275827][ T8112] usb usb28: usbfs: process 8112 (syz.1.453) did not claim interface 0 before use [ 247.570843][ T8123] mkiss: ax0: crc mode is auto. [ 250.367211][ T8173] usb usb28: usbfs: process 8173 (syz.1.466) did not claim interface 0 before use [ 251.132065][ T8192] block nbd7: not configured, cannot reconfigure [ 251.529712][ T8194] mkiss: ax0: crc mode is auto. [ 252.638745][ T8210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.474'. [ 252.696102][ T8210] HfR: entered promiscuous mode [ 253.264884][ T8221] FAULT_INJECTION: forcing a failure. [ 253.264884][ T8221] name failslab, interval 1, probability 0, space 0, times 0 [ 253.298004][ T8221] CPU: 1 UID: 7 PID: 8221 Comm: syz.1.477 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 253.298063][ T8221] Tainted: [U]=USER [ 253.298074][ T8221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 253.298094][ T8221] Call Trace: [ 253.298105][ T8221] [ 253.298131][ T8221] dump_stack_lvl+0x16c/0x1f0 [ 253.298193][ T8221] should_fail_ex+0x512/0x640 [ 253.298244][ T8221] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 253.298304][ T8221] should_failslab+0xc2/0x120 [ 253.298338][ T8221] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 253.298403][ T8221] ? sock_alloc_inode+0x25/0x1c0 [ 253.298448][ T8221] ? __pfx_sock_alloc_inode+0x10/0x10 [ 253.298487][ T8221] sock_alloc_inode+0x25/0x1c0 [ 253.298525][ T8221] alloc_inode+0x61/0x240 [ 253.298561][ T8221] sock_alloc+0x40/0x280 [ 253.298599][ T8221] __sock_create+0xc1/0x8d0 [ 253.298651][ T8221] __sys_socket+0x14d/0x260 [ 253.298695][ T8221] ? __pfx___sys_socket+0x10/0x10 [ 253.298743][ T8221] ? do_user_addr_fault+0x843/0x1370 [ 253.298798][ T8221] __x64_sys_socket+0x72/0xb0 [ 253.298842][ T8221] ? lockdep_hardirqs_on+0x7c/0x110 [ 253.298905][ T8221] do_syscall_64+0xcd/0x490 [ 253.298942][ T8221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.298981][ T8221] RIP: 0033:0x7f8ef3b90847 [ 253.299007][ T8221] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.299039][ T8221] RSP: 002b:00007f8ef49d9fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 253.299070][ T8221] RAX: ffffffffffffffda RBX: 00007f8ef3db5fa0 RCX: 00007f8ef3b90847 [ 253.299092][ T8221] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 253.299111][ T8221] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 253.299130][ T8221] R10: 0000200000000340 R11: 0000000000000286 R12: 0000000000000000 [ 253.299150][ T8221] R13: 0000000000000000 R14: 00007f8ef3db5fa0 R15: 00007ffc22ced088 [ 253.299191][ T8221] [ 253.538530][ T8221] socket: no more sockets [ 254.323505][ T8239] FAULT_INJECTION: forcing a failure. [ 254.323505][ T8239] name failslab, interval 1, probability 0, space 0, times 0 [ 254.408984][ T8239] CPU: 0 UID: 0 PID: 8239 Comm: syz.0.481 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 254.409037][ T8239] Tainted: [U]=USER [ 254.409048][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 254.409066][ T8239] Call Trace: [ 254.409076][ T8239] [ 254.409089][ T8239] dump_stack_lvl+0x16c/0x1f0 [ 254.409148][ T8239] should_fail_ex+0x512/0x640 [ 254.409199][ T8239] ? fs_reclaim_acquire+0xae/0x150 [ 254.409251][ T8239] ? tomoyo_encode2+0x100/0x3e0 [ 254.409297][ T8239] should_failslab+0xc2/0x120 [ 254.409331][ T8239] __kmalloc_noprof+0xd2/0x510 [ 254.409379][ T8239] ? d_absolute_path+0x136/0x1a0 [ 254.409420][ T8239] tomoyo_encode2+0x100/0x3e0 [ 254.409476][ T8239] tomoyo_encode+0x29/0x50 [ 254.409521][ T8239] tomoyo_realpath_from_path+0x18f/0x6e0 [ 254.409582][ T8239] tomoyo_check_open_permission+0x2ab/0x3c0 [ 254.409624][ T8239] ? init_file+0x93/0x4c0 [ 254.409656][ T8239] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 254.409696][ T8239] ? do_sys_openat2+0x11b/0x1d0 [ 254.409735][ T8239] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.409807][ T8239] ? do_raw_spin_lock+0x12c/0x2b0 [ 254.409868][ T8239] tomoyo_file_open+0x6b/0x90 [ 254.409900][ T8239] security_file_open+0x84/0x1e0 [ 254.409947][ T8239] do_dentry_open+0x596/0x1c10 [ 254.410023][ T8239] vfs_open+0x82/0x3f0 [ 254.410064][ T8239] path_openat+0x1de4/0x2cb0 [ 254.410128][ T8239] ? __pfx_path_openat+0x10/0x10 [ 254.410191][ T8239] do_filp_open+0x20b/0x470 [ 254.410241][ T8239] ? __pfx_do_filp_open+0x10/0x10 [ 254.410321][ T8239] ? _raw_spin_unlock+0x28/0x50 [ 254.410370][ T8239] ? alloc_fd+0x471/0x7d0 [ 254.410431][ T8239] do_sys_openat2+0x11b/0x1d0 [ 254.410469][ T8239] ? __pfx_do_sys_openat2+0x10/0x10 [ 254.410513][ T8239] ? __fget_files+0x20e/0x3c0 [ 254.410573][ T8239] __x64_sys_open+0x153/0x1e0 [ 254.410614][ T8239] ? __pfx___x64_sys_open+0x10/0x10 [ 254.410665][ T8239] ? rcu_is_watching+0x12/0xc0 [ 254.410705][ T8239] do_syscall_64+0xcd/0x490 [ 254.410743][ T8239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.410776][ T8239] RIP: 0033:0x7f6f3858e929 [ 254.410803][ T8239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.410836][ T8239] RSP: 002b:00007f6f3938d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 254.410867][ T8239] RAX: ffffffffffffffda RBX: 00007f6f387b6080 RCX: 00007f6f3858e929 [ 254.410888][ T8239] RDX: 0000000000000154 RSI: 0000000000022240 RDI: 0000200000000800 [ 254.410908][ T8239] RBP: 00007f6f3938d090 R08: 0000000000000000 R09: 0000000000000000 [ 254.410928][ T8239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 254.410947][ T8239] R13: 0000000000000000 R14: 00007f6f387b6080 R15: 00007ffe5dd1c528 [ 254.410999][ T8239] [ 255.014843][ T8239] ERROR: Out of memory at tomoyo_realpath_from_path. [ 255.156030][ T8244] random: crng reseeded on system resumption [ 255.892008][ T8252] FAULT_INJECTION: forcing a failure. [ 255.892008][ T8252] name failslab, interval 1, probability 0, space 0, times 0 [ 255.906711][ T8252] CPU: 1 UID: 0 PID: 8252 Comm: syz.0.485 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 255.906763][ T8252] Tainted: [U]=USER [ 255.906774][ T8252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 255.906792][ T8252] Call Trace: [ 255.906802][ T8252] [ 255.906814][ T8252] dump_stack_lvl+0x16c/0x1f0 [ 255.906876][ T8252] should_fail_ex+0x512/0x640 [ 255.906928][ T8252] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 255.906980][ T8252] should_failslab+0xc2/0x120 [ 255.907012][ T8252] __kmalloc_cache_noprof+0x6a/0x3e0 [ 255.907061][ T8252] ? fuse_dev_alloc+0x48/0x280 [ 255.907129][ T8252] fuse_dev_alloc+0x48/0x280 [ 255.907183][ T8252] fuse_dev_alloc_install+0x13/0x40 [ 255.907237][ T8252] cuse_channel_open+0x100/0x7f0 [ 255.907286][ T8252] ? __pfx_cuse_channel_open+0x10/0x10 [ 255.907335][ T8252] misc_open+0x35d/0x420 [ 255.907381][ T8252] ? __pfx_misc_open+0x10/0x10 [ 255.907426][ T8252] chrdev_open+0x234/0x6a0 [ 255.907453][ T8252] ? __pfx_apparmor_file_open+0x10/0x10 [ 255.907501][ T8252] ? __pfx_chrdev_open+0x10/0x10 [ 255.907534][ T8252] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 255.907592][ T8252] do_dentry_open+0x741/0x1c10 [ 255.907655][ T8252] ? __pfx_chrdev_open+0x10/0x10 [ 255.907695][ T8252] vfs_open+0x82/0x3f0 [ 255.907741][ T8252] path_openat+0x1de4/0x2cb0 [ 255.907807][ T8252] ? __pfx_path_openat+0x10/0x10 [ 255.907861][ T8252] ? __lock_acquire+0xb8a/0x1c90 [ 255.907912][ T8252] do_filp_open+0x20b/0x470 [ 255.907965][ T8252] ? __pfx_do_filp_open+0x10/0x10 [ 255.908047][ T8252] ? alloc_fd+0x471/0x7d0 [ 255.908119][ T8252] do_sys_openat2+0x11b/0x1d0 [ 255.908159][ T8252] ? __pfx_do_sys_openat2+0x10/0x10 [ 255.908218][ T8252] __x64_sys_openat+0x174/0x210 [ 255.908259][ T8252] ? __pfx___x64_sys_openat+0x10/0x10 [ 255.908320][ T8252] do_syscall_64+0xcd/0x490 [ 255.908356][ T8252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.908391][ T8252] RIP: 0033:0x7f6f3858e929 [ 255.908419][ T8252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.908451][ T8252] RSP: 002b:00007f6f393ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 255.908485][ T8252] RAX: ffffffffffffffda RBX: 00007f6f387b5fa0 RCX: 00007f6f3858e929 [ 255.908507][ T8252] RDX: 00000000001c5041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 255.908528][ T8252] RBP: 00007f6f38610b39 R08: 0000000000000000 R09: 0000000000000000 [ 255.908547][ T8252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.908567][ T8252] R13: 0000000000000000 R14: 00007f6f387b5fa0 R15: 00007ffe5dd1c528 [ 255.908612][ T8252] [ 258.346761][ T8297] random: crng reseeded on system resumption [ 259.461836][ T8307] netlink: 4 bytes leftover after parsing attributes in process `syz.0.498'. [ 259.538677][ T8307] openvswitch: HfR: Dropping previously announced user features [ 259.656037][ T8309] FAULT_INJECTION: forcing a failure. [ 259.656037][ T8309] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 259.745073][ T8309] CPU: 1 UID: 0 PID: 8309 Comm: syz.1.499 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 259.745131][ T8309] Tainted: [U]=USER [ 259.745143][ T8309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 259.745162][ T8309] Call Trace: [ 259.745173][ T8309] [ 259.745186][ T8309] dump_stack_lvl+0x16c/0x1f0 [ 259.745250][ T8309] should_fail_ex+0x512/0x640 [ 259.745309][ T8309] _copy_from_iter+0x29f/0x16f0 [ 259.745347][ T8309] ? __alloc_skb+0x200/0x380 [ 259.745403][ T8309] ? __pfx__copy_from_iter+0x10/0x10 [ 259.745440][ T8309] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 259.745495][ T8309] netlink_sendmsg+0x829/0xdd0 [ 259.745554][ T8309] ? __pfx_netlink_sendmsg+0x10/0x10 [ 259.745614][ T8309] ____sys_sendmsg+0xa98/0xc70 [ 259.745659][ T8309] ? copy_msghdr_from_user+0x10a/0x160 [ 259.745691][ T8309] ? __pfx_____sys_sendmsg+0x10/0x10 [ 259.745732][ T8309] ? preempt_schedule_thunk+0x16/0x30 [ 259.745782][ T8309] ? try_to_wake_up+0xa2f/0x1680 [ 259.745823][ T8309] ___sys_sendmsg+0x134/0x1d0 [ 259.745859][ T8309] ? __pfx____sys_sendmsg+0x10/0x10 [ 259.745888][ T8309] ? __lock_acquire+0x622/0x1c90 [ 259.745983][ T8309] __sys_sendmsg+0x16d/0x220 [ 259.746016][ T8309] ? __pfx___sys_sendmsg+0x10/0x10 [ 259.746046][ T8309] ? __x64_sys_futex+0x1e0/0x4c0 [ 259.746113][ T8309] do_syscall_64+0xcd/0x490 [ 259.746148][ T8309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.746182][ T8309] RIP: 0033:0x7f8ef3b8e929 [ 259.746209][ T8309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.746241][ T8309] RSP: 002b:00007f8ef49db038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 259.746273][ T8309] RAX: ffffffffffffffda RBX: 00007f8ef3db5fa0 RCX: 00007f8ef3b8e929 [ 259.746295][ T8309] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000007 [ 259.746315][ T8309] RBP: 00007f8ef3c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 259.746335][ T8309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.746354][ T8309] R13: 0000000000000000 R14: 00007f8ef3db5fa0 R15: 00007ffc22ced088 [ 259.746396][ T8309] [ 260.221697][ T8312] can: request_module (can-proto-0) failed. [ 261.112540][ T8336] random: crng reseeded on system resumption [ 263.139617][ T8376] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 263.310663][ T8379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.514'. [ 263.966367][ T8392] Process accounting resumed [ 265.059082][ T8410] vcan0: tx drop: invalid da for name 0x000000000000003f [ 265.379177][ T8421] FAULT_INJECTION: forcing a failure. [ 265.379177][ T8421] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 265.394066][ T8421] CPU: 0 UID: 0 PID: 8421 Comm: syz.1.520 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 265.394119][ T8421] Tainted: [U]=USER [ 265.394130][ T8421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 265.394149][ T8421] Call Trace: [ 265.394159][ T8421] [ 265.394171][ T8421] dump_stack_lvl+0x16c/0x1f0 [ 265.394233][ T8421] should_fail_ex+0x512/0x640 [ 265.394293][ T8421] should_fail_alloc_page+0xe7/0x130 [ 265.394331][ T8421] prepare_alloc_pages+0x3c2/0x610 [ 265.394373][ T8421] ? stack_depot_save_flags+0x28/0xa40 [ 265.394433][ T8421] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 265.394491][ T8421] ? kasan_save_stack+0x42/0x60 [ 265.394541][ T8421] ? kasan_save_stack+0x33/0x60 [ 265.394585][ T8421] ? kasan_record_aux_stack+0xa7/0xc0 [ 265.394624][ T8421] ? __call_rcu_common.constprop.0+0x9a/0x9f0 [ 265.394673][ T8421] ? mas_wr_node_store+0xdc8/0x1620 [ 265.394705][ T8421] ? mas_wr_store_entry+0x102d/0x2550 [ 265.394740][ T8421] ? mas_store_prealloc+0x771/0x1680 [ 265.394775][ T8421] ? expand_downwards+0xbba/0xed0 [ 265.394805][ T8421] ? mmap_read_lock_maybe_expand+0x11e/0x3c0 [ 265.394849][ T8421] ? get_arg_page+0xbb/0x310 [ 265.394891][ T8421] ? copy_strings.isra.0+0x1cc/0x950 [ 265.394946][ T8421] ? do_execveat_common.isra.0+0x397/0x610 [ 265.394994][ T8421] ? __x64_sys_execve+0x8e/0xb0 [ 265.395039][ T8421] ? do_syscall_64+0xcd/0x490 [ 265.395070][ T8421] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.395109][ T8421] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 265.395193][ T8421] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 265.395244][ T8421] ? policy_nodemask+0xea/0x4e0 [ 265.395270][ T8421] alloc_pages_mpol+0x1fb/0x550 [ 265.395294][ T8421] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 265.395326][ T8421] folio_alloc_mpol_noprof+0x36/0x2f0 [ 265.395356][ T8421] vma_alloc_folio_noprof+0xed/0x1e0 [ 265.395384][ T8421] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 265.395410][ T8421] ? find_held_lock+0x2b/0x80 [ 265.395434][ T8421] ? __handle_mm_fault+0x1092/0x5490 [ 265.395471][ T8421] __handle_mm_fault+0x2f21/0x5490 [ 265.395512][ T8421] ? __pfx___handle_mm_fault+0x10/0x10 [ 265.395546][ T8421] ? __pte_offset_map_lock+0x174/0x310 [ 265.395571][ T8421] ? find_held_lock+0x2b/0x80 [ 265.395592][ T8421] ? find_held_lock+0x2b/0x80 [ 265.395622][ T8421] ? follow_page_pte+0x3af/0x14c0 [ 265.395657][ T8421] handle_mm_fault+0x589/0xd10 [ 265.395695][ T8421] __get_user_pages+0x589/0x3b80 [ 265.395734][ T8421] ? __pfx___get_user_pages+0x10/0x10 [ 265.395760][ T8421] ? reacquire_held_locks+0xcd/0x1f0 [ 265.395790][ T8421] ? mmap_read_lock_maybe_expand+0x1ba/0x3c0 [ 265.395823][ T8421] ? expand_downwards+0x53a/0xed0 [ 265.395851][ T8421] get_user_pages_remote+0x258/0xb20 [ 265.395886][ T8421] ? __pfx_get_user_pages_remote+0x10/0x10 [ 265.395934][ T8421] get_arg_page+0xf4/0x310 [ 265.395966][ T8421] ? __pfx_get_arg_page+0x10/0x10 [ 265.395999][ T8421] ? __pfx___might_resched+0x10/0x10 [ 265.396031][ T8421] copy_strings.isra.0+0x1cc/0x950 [ 265.396074][ T8421] do_execveat_common.isra.0+0x397/0x610 [ 265.396115][ T8421] __x64_sys_execve+0x8e/0xb0 [ 265.396151][ T8421] do_syscall_64+0xcd/0x490 [ 265.396176][ T8421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.396200][ T8421] RIP: 0033:0x7f8ef3b8e929 [ 265.396219][ T8421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.396242][ T8421] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 265.396264][ T8421] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 265.396280][ T8421] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 265.396295][ T8421] RBP: 00007f8ef49ba090 R08: 0000000000000000 R09: 0000000000000000 [ 265.396309][ T8421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 265.396323][ T8421] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 265.396353][ T8421] [ 266.146464][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.153229][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.962983][ T8441] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input42 [ 267.099993][ T8433] can: request_module (can-proto-0) failed. [ 267.321251][ T6128] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 267.383669][ T8455] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 269.494772][ T8485] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input43 [ 269.533244][ T8480] can: request_module (can-proto-0) failed. [ 270.187349][ T8499] random: crng reseeded on system resumption [ 271.704571][ T8527] netlink: 28 bytes leftover after parsing attributes in process `syz.0.542'. [ 271.886805][ T8530] netlink: 4 bytes leftover after parsing attributes in process `syz.0.542'. [ 272.034726][ T8527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.542'. [ 272.459239][ T8535] FAULT_INJECTION: forcing a failure. [ 272.459239][ T8535] name failslab, interval 1, probability 0, space 0, times 0 [ 272.511413][ T8535] CPU: 1 UID: 0 PID: 8535 Comm: syz.3.543 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 272.511469][ T8535] Tainted: [U]=USER [ 272.511480][ T8535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 272.511506][ T8535] Call Trace: [ 272.511515][ T8535] [ 272.511526][ T8535] dump_stack_lvl+0x16c/0x1f0 [ 272.511581][ T8535] should_fail_ex+0x512/0x640 [ 272.511625][ T8535] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 272.511669][ T8535] should_failslab+0xc2/0x120 [ 272.511698][ T8535] __kmalloc_cache_noprof+0x6a/0x3e0 [ 272.511737][ T8535] ? snd_seq_pool_new+0x44/0x230 [ 272.511775][ T8535] ? __pfx_snd_seq_open+0x10/0x10 [ 272.511804][ T8535] snd_seq_pool_new+0x44/0x230 [ 272.511840][ T8535] seq_create_client1+0x66/0x5e0 [ 272.511873][ T8535] ? __pfx_snd_seq_open+0x10/0x10 [ 272.511904][ T8535] snd_seq_open+0x59/0x550 [ 272.511937][ T8535] ? __pfx_snd_seq_open+0x10/0x10 [ 272.511964][ T8535] snd_open+0x201/0x450 [ 272.511994][ T8535] ? __pfx_snd_open+0x10/0x10 [ 272.512022][ T8535] chrdev_open+0x234/0x6a0 [ 272.512046][ T8535] ? __pfx_apparmor_file_open+0x10/0x10 [ 272.512084][ T8535] ? __pfx_chrdev_open+0x10/0x10 [ 272.512112][ T8535] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 272.512157][ T8535] do_dentry_open+0x741/0x1c10 [ 272.512202][ T8535] ? __pfx_chrdev_open+0x10/0x10 [ 272.512234][ T8535] vfs_open+0x82/0x3f0 [ 272.512271][ T8535] path_openat+0x1de4/0x2cb0 [ 272.512324][ T8535] ? __pfx_path_openat+0x10/0x10 [ 272.512369][ T8535] ? __lock_acquire+0xb8a/0x1c90 [ 272.512411][ T8535] do_filp_open+0x20b/0x470 [ 272.512454][ T8535] ? __pfx_do_filp_open+0x10/0x10 [ 272.512526][ T8535] ? alloc_fd+0x471/0x7d0 [ 272.512575][ T8535] do_sys_openat2+0x11b/0x1d0 [ 272.512607][ T8535] ? __pfx_do_sys_openat2+0x10/0x10 [ 272.512654][ T8535] __x64_sys_openat+0x174/0x210 [ 272.512689][ T8535] ? __pfx___x64_sys_openat+0x10/0x10 [ 272.512738][ T8535] do_syscall_64+0xcd/0x490 [ 272.512768][ T8535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.512796][ T8535] RIP: 0033:0x7f5a1fb8e929 [ 272.512819][ T8535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.512846][ T8535] RSP: 002b:00007f5a209e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 272.512872][ T8535] RAX: ffffffffffffffda RBX: 00007f5a1fdb6080 RCX: 00007f5a1fb8e929 [ 272.512891][ T8535] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 272.512909][ T8535] RBP: 00007f5a1fc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 272.512926][ T8535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.512943][ T8535] R13: 0000000000000000 R14: 00007f5a1fdb6080 R15: 00007fff772d2678 [ 272.512979][ T8535] [ 274.067171][ T8547] aoe: could not set interface list: too many interfaces [ 274.271986][ T8552] usb usb28: usbfs: process 8552 (syz.1.548) did not claim interface 0 before use [ 274.422840][ T8555] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 274.514250][ T6108] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 274.514349][ T6108] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 274.531399][ T6108] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 274.531519][ T6108] Bluetooth: hci3: adv larger than maximum supported [ 274.538981][ T6108] Bluetooth: hci3: adv larger than maximum supported [ 274.547480][ T6108] Bluetooth: hci3: Malformed LE Event: 0x0d [ 275.588643][ T8571] random: crng reseeded on system resumption [ 276.491529][ T8590] usb usb28: usbfs: process 8590 (syz.3.556) did not claim interface 0 before use [ 277.522614][ T8613] vcan0: tx drop: invalid da for name 0x000000000000003f [ 277.710854][ T8604] zswap: compressor not available [ 278.332915][ T8621] usb usb28: usbfs: process 8621 (syz.1.562) did not claim interface 0 before use [ 278.426920][ T8623] FAULT_INJECTION: forcing a failure. [ 278.426920][ T8623] name failslab, interval 1, probability 0, space 0, times 0 [ 278.451335][ T8623] CPU: 0 UID: 0 PID: 8623 Comm: syz.1.562 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 278.451378][ T8623] Tainted: [U]=USER [ 278.451385][ T8623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 278.451400][ T8623] Call Trace: [ 278.451407][ T8623] [ 278.451417][ T8623] dump_stack_lvl+0x16c/0x1f0 [ 278.451460][ T8623] should_fail_ex+0x512/0x640 [ 278.451494][ T8623] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 278.451534][ T8623] should_failslab+0xc2/0x120 [ 278.451557][ T8623] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 278.451591][ T8623] ? __pfx___might_resched+0x10/0x10 [ 278.451617][ T8623] ? __anon_vma_prepare+0xae/0x5e0 [ 278.451657][ T8623] __anon_vma_prepare+0xae/0x5e0 [ 278.451695][ T8623] __vmf_anon_prepare+0x11c/0x240 [ 278.451724][ T8623] __handle_mm_fault+0x27f6/0x5490 [ 278.451765][ T8623] ? __pfx___handle_mm_fault+0x10/0x10 [ 278.451798][ T8623] ? __pte_offset_map_lock+0x174/0x310 [ 278.451823][ T8623] ? find_held_lock+0x2b/0x80 [ 278.451845][ T8623] ? find_held_lock+0x2b/0x80 [ 278.451882][ T8623] ? follow_page_pte+0x3af/0x14c0 [ 278.451917][ T8623] handle_mm_fault+0x589/0xd10 [ 278.451954][ T8623] __get_user_pages+0x589/0x3b80 [ 278.451990][ T8623] ? __pfx_mt_find+0x10/0x10 [ 278.452016][ T8623] ? __pfx___get_user_pages+0x10/0x10 [ 278.452055][ T8623] populate_vma_page_range+0x278/0x3a0 [ 278.452087][ T8623] ? __pfx_populate_vma_page_range+0x10/0x10 [ 278.452115][ T8623] ? __pfx_find_vma_intersection+0x10/0x10 [ 278.452144][ T8623] ? do_mmap+0x69c/0x1210 [ 278.452174][ T8623] __mm_populate+0x1d8/0x380 [ 278.452204][ T8623] ? __pfx___mm_populate+0x10/0x10 [ 278.452235][ T8623] ? up_write+0x1b2/0x520 [ 278.452273][ T8623] vm_mmap_pgoff+0x362/0x450 [ 278.452301][ T8623] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 278.452328][ T8623] ? __fget_files+0x20e/0x3c0 [ 278.452370][ T8623] ksys_mmap_pgoff+0x7d/0x5c0 [ 278.452396][ T8623] ? __pfx_ksys_write+0x10/0x10 [ 278.452435][ T8623] __x64_sys_mmap+0x125/0x190 [ 278.452471][ T8623] do_syscall_64+0xcd/0x490 [ 278.452496][ T8623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.452520][ T8623] RIP: 0033:0x7f8ef3b8e929 [ 278.452538][ T8623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.452561][ T8623] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 278.452583][ T8623] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 278.452598][ T8623] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 278.452613][ T8623] RBP: 00007f8ef49ba090 R08: 0000000000000007 R09: 0000000000028000 [ 278.452629][ T8623] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001 [ 278.452642][ T8623] R13: 0000000000000001 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 278.452672][ T8623] [ 279.026723][ T8630] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 279.469451][ T8633] random: crng reseeded on system resumption [ 279.862058][ T8638] FAULT_INJECTION: forcing a failure. [ 279.862058][ T8638] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 279.878584][ T8638] CPU: 1 UID: 0 PID: 8638 Comm: syz.1.566 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 279.878642][ T8638] Tainted: [U]=USER [ 279.878653][ T8638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 279.878674][ T8638] Call Trace: [ 279.878686][ T8638] [ 279.878698][ T8638] dump_stack_lvl+0x16c/0x1f0 [ 279.878764][ T8638] should_fail_ex+0x512/0x640 [ 279.878826][ T8638] _copy_from_user+0x2e/0xd0 [ 279.878862][ T8638] copy_msghdr_from_user+0x98/0x160 [ 279.878900][ T8638] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 279.878942][ T8638] ? kfree+0x24f/0x4d0 [ 279.878990][ T8638] ? __lock_acquire+0x622/0x1c90 [ 279.879047][ T8638] ___sys_recvmsg+0xdb/0x1a0 [ 279.879083][ T8638] ? __pfx____sys_recvmsg+0x10/0x10 [ 279.879143][ T8638] ? __pfx___might_resched+0x10/0x10 [ 279.879192][ T8638] do_recvmmsg+0x2fe/0x750 [ 279.879234][ T8638] ? __pfx_do_recvmmsg+0x10/0x10 [ 279.879279][ T8638] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 279.879329][ T8638] ? __fget_files+0x20e/0x3c0 [ 279.879379][ T8638] ? rcu_watching_snap_stopped_since+0x80/0x110 [ 279.879431][ T8638] __x64_sys_recvmmsg+0x22a/0x280 [ 279.879471][ T8638] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 279.879523][ T8638] do_syscall_64+0xcd/0x490 [ 279.879570][ T8638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.879607][ T8638] RIP: 0033:0x7f8ef3b8e929 [ 279.879634][ T8638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.879669][ T8638] RSP: 002b:00007f8ef49db038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 279.879702][ T8638] RAX: ffffffffffffffda RBX: 00007f8ef3db5fa0 RCX: 00007f8ef3b8e929 [ 279.879725][ T8638] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 279.879746][ T8638] RBP: 00007f8ef49db090 R08: 0000000000000000 R09: 0000000000000000 [ 279.879765][ T8638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 279.879785][ T8638] R13: 0000000000000000 R14: 00007f8ef3db5fa0 R15: 00007ffc22ced088 [ 279.879827][ T8638] [ 280.438806][ T8653] device-mapper: ioctl: Invalid ioctl structure: name , dev 7ffffffffe [ 281.194136][ T8661] FAULT_INJECTION: forcing a failure. [ 281.194136][ T8661] name failslab, interval 1, probability 0, space 0, times 0 [ 281.207671][ T8661] CPU: 1 UID: 0 PID: 8661 Comm: syz.3.571 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 281.207720][ T8661] Tainted: [U]=USER [ 281.207731][ T8661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 281.207749][ T8661] Call Trace: [ 281.207759][ T8661] [ 281.207773][ T8661] dump_stack_lvl+0x16c/0x1f0 [ 281.207834][ T8661] should_fail_ex+0x512/0x640 [ 281.207888][ T8661] ? fs_reclaim_acquire+0xae/0x150 [ 281.207934][ T8661] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 281.207986][ T8661] should_failslab+0xc2/0x120 [ 281.208022][ T8661] __kmalloc_noprof+0xd2/0x510 [ 281.208086][ T8661] tomoyo_realpath_from_path+0xc2/0x6e0 [ 281.208142][ T8661] ? tomoyo_profile+0x47/0x60 [ 281.208178][ T8661] tomoyo_path_perm+0x274/0x460 [ 281.208218][ T8661] ? tomoyo_path_perm+0x260/0x460 [ 281.208263][ T8661] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 281.208354][ T8661] ? __pfx_ima_file_check+0x10/0x10 [ 281.208406][ T8661] ? hook_file_truncate+0xc7/0x250 [ 281.208467][ T8661] security_file_truncate+0x84/0x1e0 [ 281.208519][ T8661] path_openat+0xc10/0x2cb0 [ 281.208586][ T8661] ? __pfx_path_openat+0x10/0x10 [ 281.208652][ T8661] do_filp_open+0x20b/0x470 [ 281.208707][ T8661] ? __pfx_do_filp_open+0x10/0x10 [ 281.208792][ T8661] ? _raw_spin_unlock+0x28/0x50 [ 281.208841][ T8661] ? alloc_fd+0x471/0x7d0 [ 281.208903][ T8661] do_sys_openat2+0x11b/0x1d0 [ 281.208944][ T8661] ? __pfx_do_sys_openat2+0x10/0x10 [ 281.208989][ T8661] ? __fget_files+0x20e/0x3c0 [ 281.209048][ T8661] __x64_sys_open+0x153/0x1e0 [ 281.209089][ T8661] ? __pfx___x64_sys_open+0x10/0x10 [ 281.209140][ T8661] ? rcu_is_watching+0x12/0xc0 [ 281.209180][ T8661] do_syscall_64+0xcd/0x490 [ 281.209218][ T8661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.209253][ T8661] RIP: 0033:0x7f5a1fb8e929 [ 281.209280][ T8661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.209313][ T8661] RSP: 002b:00007f5a209e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 281.209345][ T8661] RAX: ffffffffffffffda RBX: 00007f5a1fdb6080 RCX: 00007f5a1fb8e929 [ 281.209380][ T8661] RDX: 0000000000000154 RSI: 0000000000022240 RDI: 0000200000000800 [ 281.209400][ T8661] RBP: 00007f5a209e9090 R08: 0000000000000000 R09: 0000000000000000 [ 281.209420][ T8661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 281.209491][ T8661] R13: 0000000000000000 R14: 00007f5a1fdb6080 R15: 00007fff772d2678 [ 281.209534][ T8661] [ 281.209559][ T8661] ERROR: Out of memory at tomoyo_realpath_from_path. [ 281.882542][ T8657] FAULT_INJECTION: forcing a failure. [ 281.882542][ T8657] name failslab, interval 1, probability 0, space 0, times 0 [ 281.912210][ T8657] CPU: 0 UID: 0 PID: 8657 Comm: syz.1.570 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 281.912252][ T8657] Tainted: [U]=USER [ 281.912260][ T8657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 281.912274][ T8657] Call Trace: [ 281.912281][ T8657] [ 281.912290][ T8657] dump_stack_lvl+0x16c/0x1f0 [ 281.912335][ T8657] should_fail_ex+0x512/0x640 [ 281.912373][ T8657] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 281.912411][ T8657] should_failslab+0xc2/0x120 [ 281.912435][ T8657] __kmalloc_cache_noprof+0x6a/0x3e0 [ 281.912468][ T8657] ? lockdep_hardirqs_on+0x7c/0x110 [ 281.912505][ T8657] ? snd_seq_fifo_new+0x42/0x260 [ 281.912540][ T8657] ? seq_create_client1+0x420/0x5e0 [ 281.912572][ T8657] ? __pfx_snd_seq_open+0x10/0x10 [ 281.912597][ T8657] snd_seq_fifo_new+0x42/0x260 [ 281.912632][ T8657] snd_seq_open+0x15c/0x550 [ 281.912658][ T8657] ? __pfx_snd_seq_open+0x10/0x10 [ 281.912681][ T8657] snd_open+0x201/0x450 [ 281.912707][ T8657] ? __pfx_snd_open+0x10/0x10 [ 281.912732][ T8657] chrdev_open+0x234/0x6a0 [ 281.912753][ T8657] ? __pfx_apparmor_file_open+0x10/0x10 [ 281.912786][ T8657] ? __pfx_chrdev_open+0x10/0x10 [ 281.912810][ T8657] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 281.912849][ T8657] do_dentry_open+0x741/0x1c10 [ 281.912888][ T8657] ? __pfx_chrdev_open+0x10/0x10 [ 281.912916][ T8657] vfs_open+0x82/0x3f0 [ 281.912946][ T8657] path_openat+0x1de4/0x2cb0 [ 281.912992][ T8657] ? __pfx_path_openat+0x10/0x10 [ 281.913030][ T8657] ? __lock_acquire+0xb8a/0x1c90 [ 281.913070][ T8657] do_filp_open+0x20b/0x470 [ 281.913107][ T8657] ? __pfx_do_filp_open+0x10/0x10 [ 281.913164][ T8657] ? alloc_fd+0x471/0x7d0 [ 281.913212][ T8657] do_sys_openat2+0x11b/0x1d0 [ 281.913239][ T8657] ? __pfx_do_sys_openat2+0x10/0x10 [ 281.913279][ T8657] __x64_sys_openat+0x174/0x210 [ 281.913307][ T8657] ? __pfx___x64_sys_openat+0x10/0x10 [ 281.913350][ T8657] do_syscall_64+0xcd/0x490 [ 281.913375][ T8657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.913400][ T8657] RIP: 0033:0x7f8ef3b8e929 [ 281.913418][ T8657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.913441][ T8657] RSP: 002b:00007f8ef49db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 281.913464][ T8657] RAX: ffffffffffffffda RBX: 00007f8ef3db5fa0 RCX: 00007f8ef3b8e929 [ 281.913480][ T8657] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 281.913495][ T8657] RBP: 00007f8ef3c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 281.913509][ T8657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.913524][ T8657] R13: 0000000000000000 R14: 00007f8ef3db5fa0 R15: 00007ffc22ced088 [ 281.913554][ T8657] [ 282.988201][ T8677] FAULT_INJECTION: forcing a failure. [ 282.988201][ T8677] name failslab, interval 1, probability 0, space 0, times 0 [ 283.001715][ T8672] usb usb28: usbfs: process 8672 (syz.0.575) did not claim interface 0 before use [ 283.011713][ T8677] CPU: 1 UID: 0 PID: 8677 Comm: syz.1.574 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 283.011754][ T8677] Tainted: [U]=USER [ 283.011762][ T8677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 283.011777][ T8677] Call Trace: [ 283.011785][ T8677] [ 283.011794][ T8677] dump_stack_lvl+0x16c/0x1f0 [ 283.011843][ T8677] should_fail_ex+0x512/0x640 [ 283.011882][ T8677] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.011926][ T8677] should_failslab+0xc2/0x120 [ 283.011954][ T8677] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.011995][ T8677] ? mas_alloc_nodes+0x18b/0x8b0 [ 283.012039][ T8677] mas_alloc_nodes+0x18b/0x8b0 [ 283.012087][ T8677] mas_node_count_gfp+0x105/0x130 [ 283.012130][ T8677] mas_preallocate+0x77b/0xda0 [ 283.012165][ T8677] ? __pfx_mas_preallocate+0x10/0x10 [ 283.012206][ T8677] ? __pfx_mas_prev+0x10/0x10 [ 283.012240][ T8677] expand_downwards+0x327/0xed0 [ 283.012271][ T8677] ? __pfx_expand_downwards+0x10/0x10 [ 283.012307][ T8677] ? __pfx_down_write+0x10/0x10 [ 283.012346][ T8677] mmap_read_lock_maybe_expand+0x11e/0x3c0 [ 283.012388][ T8677] get_arg_page+0xbb/0x310 [ 283.012437][ T8677] ? __pfx_get_arg_page+0x10/0x10 [ 283.012473][ T8677] ? __pfx___might_resched+0x10/0x10 [ 283.012510][ T8677] copy_strings.isra.0+0x1cc/0x950 [ 283.012561][ T8677] do_execveat_common.isra.0+0x397/0x610 [ 283.012613][ T8677] __x64_sys_execve+0x8e/0xb0 [ 283.012662][ T8677] do_syscall_64+0xcd/0x490 [ 283.012695][ T8677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.012729][ T8677] RIP: 0033:0x7f8ef3b8e929 [ 283.012754][ T8677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.012787][ T8677] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 283.012817][ T8677] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 283.012839][ T8677] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 283.012859][ T8677] RBP: 00007f8ef49ba090 R08: 0000000000000000 R09: 0000000000000000 [ 283.012879][ T8677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 283.012897][ T8677] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 283.012940][ T8677] [ 283.483252][ T8675] FAULT_INJECTION: forcing a failure. [ 283.483252][ T8675] name failslab, interval 1, probability 0, space 0, times 0 [ 283.501474][ T8675] CPU: 1 UID: 0 PID: 8675 Comm: syz.0.575 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 283.501527][ T8675] Tainted: [U]=USER [ 283.501537][ T8675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 283.501556][ T8675] Call Trace: [ 283.501568][ T8675] [ 283.501577][ T8675] dump_stack_lvl+0x16c/0x1f0 [ 283.501621][ T8675] should_fail_ex+0x512/0x640 [ 283.501657][ T8675] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.501698][ T8675] should_failslab+0xc2/0x120 [ 283.501721][ T8675] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.501757][ T8675] ? __pfx___might_resched+0x10/0x10 [ 283.501782][ T8675] ? __anon_vma_prepare+0x344/0x5e0 [ 283.501820][ T8675] __anon_vma_prepare+0x344/0x5e0 [ 283.501857][ T8675] __vmf_anon_prepare+0x11c/0x240 [ 283.501885][ T8675] __handle_mm_fault+0x27f6/0x5490 [ 283.501925][ T8675] ? __pfx___handle_mm_fault+0x10/0x10 [ 283.501957][ T8675] ? __pte_offset_map_lock+0x174/0x310 [ 283.501982][ T8675] ? find_held_lock+0x2b/0x80 [ 283.502003][ T8675] ? find_held_lock+0x2b/0x80 [ 283.502032][ T8675] ? follow_page_pte+0x3af/0x14c0 [ 283.502066][ T8675] handle_mm_fault+0x589/0xd10 [ 283.502102][ T8675] __get_user_pages+0x589/0x3b80 [ 283.502144][ T8675] ? __pfx_mt_find+0x10/0x10 [ 283.502170][ T8675] ? __pfx___get_user_pages+0x10/0x10 [ 283.502208][ T8675] populate_vma_page_range+0x278/0x3a0 [ 283.502240][ T8675] ? __pfx_populate_vma_page_range+0x10/0x10 [ 283.502269][ T8675] ? __pfx_find_vma_intersection+0x10/0x10 [ 283.502298][ T8675] ? do_mmap+0x69c/0x1210 [ 283.502327][ T8675] __mm_populate+0x1d8/0x380 [ 283.502356][ T8675] ? __pfx___mm_populate+0x10/0x10 [ 283.502389][ T8675] ? up_write+0x1b2/0x520 [ 283.502426][ T8675] vm_mmap_pgoff+0x362/0x450 [ 283.502453][ T8675] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 283.502479][ T8675] ? __fget_files+0x20e/0x3c0 [ 283.502524][ T8675] ksys_mmap_pgoff+0x7d/0x5c0 [ 283.502556][ T8675] ? __pfx_ksys_write+0x10/0x10 [ 283.502609][ T8675] __x64_sys_mmap+0x125/0x190 [ 283.502655][ T8675] do_syscall_64+0xcd/0x490 [ 283.502684][ T8675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.502712][ T8675] RIP: 0033:0x7f6f3858e929 [ 283.502733][ T8675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.502759][ T8675] RSP: 002b:00007f6f3938d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 283.502784][ T8675] RAX: ffffffffffffffda RBX: 00007f6f387b6080 RCX: 00007f6f3858e929 [ 283.502803][ T8675] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 283.502820][ T8675] RBP: 00007f6f3938d090 R08: 0000000000000007 R09: 0000000000028000 [ 283.502837][ T8675] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001 [ 283.502853][ T8675] R13: 0000000000000000 R14: 00007f6f387b6080 R15: 00007ffe5dd1c528 [ 283.502887][ T8675] [ 284.600183][ T8690] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 285.293777][ T8696] can: request_module (can-proto-0) failed. [ 285.503969][ T8696] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input44 [ 287.462681][ T8720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.584'. [ 288.019108][ T8726] usb usb28: usbfs: process 8726 (syz.1.586) did not claim interface 0 before use [ 288.664382][ T8733] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 290.326245][ T8750] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input45 [ 290.371338][ T8742] can: request_module (can-proto-0) failed. [ 291.015739][ T8758] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 291.876840][ T8771] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 292.036782][ T8774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.596'. [ 292.742387][ T8797] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 293.750614][ T8791] Invalid ELF header magic: != ELF [ 294.817176][ T8814] Invalid ELF header magic: != ELF [ 295.788112][ T8833] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 295.942944][ T8841] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 296.063743][ T8828] FAULT_INJECTION: forcing a failure. [ 296.063743][ T8828] name failslab, interval 1, probability 0, space 0, times 0 [ 296.161432][ T8828] CPU: 1 UID: 0 PID: 8828 Comm: syz.2.606 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 296.161488][ T8828] Tainted: [U]=USER [ 296.161499][ T8828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 296.161518][ T8828] Call Trace: [ 296.161528][ T8828] [ 296.161540][ T8828] dump_stack_lvl+0x16c/0x1f0 [ 296.161600][ T8828] should_fail_ex+0x512/0x640 [ 296.161652][ T8828] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 296.161705][ T8828] should_failslab+0xc2/0x120 [ 296.161740][ T8828] __kmalloc_cache_noprof+0x6a/0x3e0 [ 296.161788][ T8828] ? snd_seq_pool_new+0x44/0x230 [ 296.161831][ T8828] ? __pfx_snd_seq_open+0x10/0x10 [ 296.161867][ T8828] snd_seq_pool_new+0x44/0x230 [ 296.161915][ T8828] seq_create_client1+0x66/0x5e0 [ 296.161963][ T8828] ? __pfx_snd_seq_open+0x10/0x10 [ 296.162003][ T8828] snd_seq_open+0x59/0x550 [ 296.162042][ T8828] ? __pfx_snd_seq_open+0x10/0x10 [ 296.162076][ T8828] snd_open+0x201/0x450 [ 296.162115][ T8828] ? __pfx_snd_open+0x10/0x10 [ 296.162150][ T8828] chrdev_open+0x234/0x6a0 [ 296.162181][ T8828] ? __pfx_apparmor_file_open+0x10/0x10 [ 296.162227][ T8828] ? __pfx_chrdev_open+0x10/0x10 [ 296.162262][ T8828] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 296.162319][ T8828] do_dentry_open+0x741/0x1c10 [ 296.162374][ T8828] ? __pfx_chrdev_open+0x10/0x10 [ 296.162414][ T8828] vfs_open+0x82/0x3f0 [ 296.162458][ T8828] path_openat+0x1de4/0x2cb0 [ 296.162523][ T8828] ? __pfx_path_openat+0x10/0x10 [ 296.162578][ T8828] ? __lock_acquire+0xb8a/0x1c90 [ 296.162629][ T8828] do_filp_open+0x20b/0x470 [ 296.162680][ T8828] ? __pfx_do_filp_open+0x10/0x10 [ 296.162760][ T8828] ? alloc_fd+0x471/0x7d0 [ 296.162818][ T8828] do_sys_openat2+0x11b/0x1d0 [ 296.162856][ T8828] ? __pfx_do_sys_openat2+0x10/0x10 [ 296.162912][ T8828] __x64_sys_openat+0x174/0x210 [ 296.162960][ T8828] ? __pfx___x64_sys_openat+0x10/0x10 [ 296.163019][ T8828] do_syscall_64+0xcd/0x490 [ 296.163056][ T8828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.163091][ T8828] RIP: 0033:0x7fd2fa18e929 [ 296.163123][ T8828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.163158][ T8828] RSP: 002b:00007fd2fb029038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 296.163191][ T8828] RAX: ffffffffffffffda RBX: 00007fd2fa3b6080 RCX: 00007fd2fa18e929 [ 296.163214][ T8828] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 296.163237][ T8828] RBP: 00007fd2fa210b39 R08: 0000000000000000 R09: 0000000000000000 [ 296.163257][ T8828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.163277][ T8828] R13: 0000000000000000 R14: 00007fd2fa3b6080 R15: 00007ffedbaabc98 [ 296.163321][ T8828] [ 297.905912][ T8873] netlink: 4 bytes leftover after parsing attributes in process `syz.0.618'. [ 297.950737][ T8873] openvswitch: HfR: Dropping previously announced user features [ 298.650923][ T8882] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 298.678326][ T8883] capability: warning: `syz.0.619' uses 32-bit capabilities (legacy support in use) [ 299.018262][ T8886] FAULT_INJECTION: forcing a failure. [ 299.018262][ T8886] name failslab, interval 1, probability 0, space 0, times 0 [ 299.105521][ T8886] CPU: 1 UID: 0 PID: 8886 Comm: syz.1.621 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 299.105592][ T8886] Tainted: [U]=USER [ 299.105605][ T8886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 299.105634][ T8886] Call Trace: [ 299.105645][ T8886] [ 299.105658][ T8886] dump_stack_lvl+0x16c/0x1f0 [ 299.105721][ T8886] should_fail_ex+0x512/0x640 [ 299.105774][ T8886] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 299.105831][ T8886] should_failslab+0xc2/0x120 [ 299.105865][ T8886] __kmalloc_cache_noprof+0x6a/0x3e0 [ 299.105912][ T8886] ? snd_seq_pool_new+0x44/0x230 [ 299.105959][ T8886] ? __pfx_snd_seq_open+0x10/0x10 [ 299.105997][ T8886] snd_seq_pool_new+0x44/0x230 [ 299.106042][ T8886] seq_create_client1+0x66/0x5e0 [ 299.106081][ T8886] ? __pfx_snd_seq_open+0x10/0x10 [ 299.106116][ T8886] snd_seq_open+0x59/0x550 [ 299.106150][ T8886] ? __pfx_snd_seq_open+0x10/0x10 [ 299.106181][ T8886] snd_open+0x201/0x450 [ 299.106217][ T8886] ? __pfx_snd_open+0x10/0x10 [ 299.106252][ T8886] chrdev_open+0x234/0x6a0 [ 299.106282][ T8886] ? __pfx_apparmor_file_open+0x10/0x10 [ 299.106330][ T8886] ? __pfx_chrdev_open+0x10/0x10 [ 299.106362][ T8886] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 299.106416][ T8886] do_dentry_open+0x741/0x1c10 [ 299.106468][ T8886] ? __pfx_chrdev_open+0x10/0x10 [ 299.106507][ T8886] vfs_open+0x82/0x3f0 [ 299.106548][ T8886] path_openat+0x1de4/0x2cb0 [ 299.106612][ T8886] ? __pfx_path_openat+0x10/0x10 [ 299.106678][ T8886] ? __lock_acquire+0xb8a/0x1c90 [ 299.106728][ T8886] do_filp_open+0x20b/0x470 [ 299.106780][ T8886] ? __pfx_do_filp_open+0x10/0x10 [ 299.106863][ T8886] ? alloc_fd+0x471/0x7d0 [ 299.106924][ T8886] do_sys_openat2+0x11b/0x1d0 [ 299.106963][ T8886] ? __pfx_do_sys_openat2+0x10/0x10 [ 299.107021][ T8886] __x64_sys_openat+0x174/0x210 [ 299.107063][ T8886] ? __pfx___x64_sys_openat+0x10/0x10 [ 299.107123][ T8886] do_syscall_64+0xcd/0x490 [ 299.107161][ T8886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.107195][ T8886] RIP: 0033:0x7f8ef3b8e929 [ 299.107222][ T8886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.107257][ T8886] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 299.107289][ T8886] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 299.107312][ T8886] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 299.107333][ T8886] RBP: 00007f8ef3c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 299.107353][ T8886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.107374][ T8886] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 299.107419][ T8886] [ 299.383854][ C1] vkms_vblank_simulate: vblank timer overrun [ 300.024677][ T8907] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 300.155446][ T8909] can: request_module (can-proto-0) failed. [ 300.308352][ T8913] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input46 [ 301.053385][ T8922] FAULT_INJECTION: forcing a failure. [ 301.053385][ T8922] name failslab, interval 1, probability 0, space 0, times 0 [ 301.066340][ T8922] CPU: 1 UID: 0 PID: 8922 Comm: syz.1.627 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 301.066390][ T8922] Tainted: [U]=USER [ 301.066401][ T8922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 301.066420][ T8922] Call Trace: [ 301.066430][ T8922] [ 301.066442][ T8922] dump_stack_lvl+0x16c/0x1f0 [ 301.066502][ T8922] should_fail_ex+0x512/0x640 [ 301.066554][ T8922] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 301.066611][ T8922] should_failslab+0xc2/0x120 [ 301.066645][ T8922] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 301.066699][ T8922] ? mas_alloc_nodes+0x18b/0x8b0 [ 301.066762][ T8922] mas_alloc_nodes+0x18b/0x8b0 [ 301.066820][ T8922] mas_node_count_gfp+0x105/0x130 [ 301.066874][ T8922] mas_preallocate+0x77b/0xda0 [ 301.066920][ T8922] ? __pfx_mas_preallocate+0x10/0x10 [ 301.066969][ T8922] ? __pfx_mas_prev+0x10/0x10 [ 301.067013][ T8922] expand_downwards+0x327/0xed0 [ 301.067055][ T8922] ? __pfx_expand_downwards+0x10/0x10 [ 301.067098][ T8922] ? __pfx_down_write+0x10/0x10 [ 301.067132][ T8922] ? rcu_is_watching+0x12/0xc0 [ 301.067165][ T8922] ? irqentry_exit+0x3b/0x90 [ 301.067193][ T8922] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.067253][ T8922] mmap_read_lock_maybe_expand+0x11e/0x3c0 [ 301.067303][ T8922] get_arg_page+0xbb/0x310 [ 301.067349][ T8922] ? __pfx_get_arg_page+0x10/0x10 [ 301.067395][ T8922] ? __pfx___might_resched+0x10/0x10 [ 301.067439][ T8922] copy_strings.isra.0+0x1cc/0x950 [ 301.067501][ T8922] do_execveat_common.isra.0+0x397/0x610 [ 301.067559][ T8922] __x64_sys_execve+0x8e/0xb0 [ 301.067609][ T8922] do_syscall_64+0xcd/0x490 [ 301.067645][ T8922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.067679][ T8922] RIP: 0033:0x7f8ef3b8e929 [ 301.067715][ T8922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.067748][ T8922] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 301.067778][ T8922] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 301.067800][ T8922] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 301.067820][ T8922] RBP: 00007f8ef49ba090 R08: 0000000000000000 R09: 0000000000000000 [ 301.067840][ T8922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 301.067859][ T8922] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 301.067903][ T8922] [ 301.313889][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.253933][ T8936] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 304.464175][ T8968] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 304.552746][ T8973] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input47 [ 304.712604][ T8969] can: request_module (can-proto-0) failed. [ 305.541992][ T8984] netlink: 4 bytes leftover after parsing attributes in process `syz.0.641'. [ 305.626651][ T8984] openvswitch: HfR: Dropping previously announced user features [ 306.157202][ T8998] usb usb28: usbfs: process 8998 (syz.0.644) did not claim interface 0 before use [ 306.465399][ T9010] netlink: 'syz.0.646': attribute type 11 has an invalid length. [ 306.473578][ T9010] netlink: 252 bytes leftover after parsing attributes in process `syz.0.646'. [ 306.607220][ T9006] vcan0: tx drop: invalid da for name 0x000000000000003f [ 308.660424][ T9042] can: request_module (can-proto-0) failed. [ 308.810725][ T9050] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input48 [ 309.482938][ T9059] FAULT_INJECTION: forcing a failure. [ 309.482938][ T9059] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 309.512907][ T9059] CPU: 1 UID: 0 PID: 9059 Comm: syz.2.657 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 309.512961][ T9059] Tainted: [U]=USER [ 309.512971][ T9059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 309.512991][ T9059] Call Trace: [ 309.513003][ T9059] [ 309.513015][ T9059] dump_stack_lvl+0x16c/0x1f0 [ 309.513074][ T9059] should_fail_ex+0x512/0x640 [ 309.513133][ T9059] _copy_from_user+0x2e/0xd0 [ 309.513162][ T9059] copy_strings.isra.0+0x38a/0x950 [ 309.513218][ T9059] do_execveat_common.isra.0+0x397/0x610 [ 309.513272][ T9059] __x64_sys_execve+0x8e/0xb0 [ 309.513318][ T9059] do_syscall_64+0xcd/0x490 [ 309.513352][ T9059] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.513385][ T9059] RIP: 0033:0x7fd2fa18e929 [ 309.513409][ T9059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.513440][ T9059] RSP: 002b:00007fd2fb029038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 309.513470][ T9059] RAX: ffffffffffffffda RBX: 00007fd2fa3b6080 RCX: 00007fd2fa18e929 [ 309.513491][ T9059] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 309.513511][ T9059] RBP: 00007fd2fb029090 R08: 0000000000000000 R09: 0000000000000000 [ 309.513530][ T9059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 309.513549][ T9059] R13: 0000000000000000 R14: 00007fd2fa3b6080 R15: 00007ffedbaabc98 [ 309.513587][ T9059] [ 310.748038][ T9086] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input49 [ 310.799414][ T9087] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 310.864276][ T9080] can: request_module (can-proto-0) failed. [ 311.803902][ T9099] random: crng reseeded on system resumption [ 312.399134][ T9106] vcan0: tx drop: invalid da for name 0x000000000000003f [ 314.008834][ T9136] can: request_module (can-proto-0) failed. [ 314.104222][ T9136] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input50 [ 314.152730][ T9147] usb usb28: usbfs: process 9147 (syz.2.677) did not claim interface 0 before use [ 314.179022][ T9150] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 314.245610][ T9152] FAULT_INJECTION: forcing a failure. [ 314.245610][ T9152] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 314.304125][ T9152] CPU: 1 UID: 0 PID: 9152 Comm: syz.2.677 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 314.304175][ T9152] Tainted: [U]=USER [ 314.304186][ T9152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 314.304205][ T9152] Call Trace: [ 314.304215][ T9152] [ 314.304227][ T9152] dump_stack_lvl+0x16c/0x1f0 [ 314.304283][ T9152] should_fail_ex+0x512/0x640 [ 314.304324][ T9152] should_fail_alloc_page+0xe7/0x130 [ 314.304350][ T9152] prepare_alloc_pages+0x3c2/0x610 [ 314.304379][ T9152] ? rcu_is_watching+0x12/0xc0 [ 314.304406][ T9152] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 314.304447][ T9152] ? find_held_lock+0x2b/0x80 [ 314.304475][ T9152] ? free_unref_folios+0x118b/0x1800 [ 314.304512][ T9152] ? do_raw_spin_unlock+0x172/0x230 [ 314.304552][ T9152] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 314.304592][ T9152] ? __lock_acquire+0x622/0x1c90 [ 314.304634][ T9152] ? __lock_acquire+0x622/0x1c90 [ 314.304666][ T9152] ? __lock_acquire+0x622/0x1c90 [ 314.304695][ T9152] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 314.304734][ T9152] ? policy_nodemask+0xea/0x4e0 [ 314.304762][ T9152] alloc_pages_mpol+0x1fb/0x550 [ 314.304787][ T9152] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 314.304819][ T9152] folio_alloc_mpol_noprof+0x36/0x2f0 [ 314.304849][ T9152] vma_alloc_folio_noprof+0xed/0x1e0 [ 314.304877][ T9152] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 314.304904][ T9152] ? find_held_lock+0x2b/0x80 [ 314.304927][ T9152] ? __handle_mm_fault+0x1092/0x5490 [ 314.304968][ T9152] __handle_mm_fault+0x2f21/0x5490 [ 314.305008][ T9152] ? __pfx___handle_mm_fault+0x10/0x10 [ 314.305042][ T9152] ? __pte_offset_map_lock+0x174/0x310 [ 314.305068][ T9152] ? find_held_lock+0x2b/0x80 [ 314.305089][ T9152] ? find_held_lock+0x2b/0x80 [ 314.305119][ T9152] ? follow_page_pte+0x3af/0x14c0 [ 314.305154][ T9152] handle_mm_fault+0x589/0xd10 [ 314.305192][ T9152] __get_user_pages+0x589/0x3b80 [ 314.305227][ T9152] ? __pfx_mt_find+0x10/0x10 [ 314.305258][ T9152] ? __pfx___get_user_pages+0x10/0x10 [ 314.305297][ T9152] populate_vma_page_range+0x278/0x3a0 [ 314.305328][ T9152] ? __pfx_populate_vma_page_range+0x10/0x10 [ 314.305357][ T9152] ? __pfx_find_vma_intersection+0x10/0x10 [ 314.305387][ T9152] ? do_mmap+0x69c/0x1210 [ 314.305417][ T9152] __mm_populate+0x1d8/0x380 [ 314.305447][ T9152] ? __pfx___mm_populate+0x10/0x10 [ 314.305478][ T9152] ? up_write+0x1b2/0x520 [ 314.305516][ T9152] vm_mmap_pgoff+0x362/0x450 [ 314.305544][ T9152] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 314.305571][ T9152] ? __fget_files+0x20e/0x3c0 [ 314.305614][ T9152] ksys_mmap_pgoff+0x7d/0x5c0 [ 314.305640][ T9152] ? __pfx_ksys_write+0x10/0x10 [ 314.305678][ T9152] __x64_sys_mmap+0x125/0x190 [ 314.305714][ T9152] do_syscall_64+0xcd/0x490 [ 314.305740][ T9152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.305763][ T9152] RIP: 0033:0x7fd2fa18e929 [ 314.305781][ T9152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.305805][ T9152] RSP: 002b:00007fd2fb029038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 314.305826][ T9152] RAX: ffffffffffffffda RBX: 00007fd2fa3b6080 RCX: 00007fd2fa18e929 [ 314.305842][ T9152] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 314.305856][ T9152] RBP: 00007fd2fb029090 R08: 0000000000000007 R09: 0000000000028000 [ 314.305871][ T9152] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 314.305885][ T9152] R13: 0000000000000001 R14: 00007fd2fa3b6080 R15: 00007ffedbaabc98 [ 314.305915][ T9152] [ 315.033582][ T9161] random: crng reseeded on system resumption [ 315.202597][ T9167] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 315.287967][ T9164] netlink: 266 bytes leftover after parsing attributes in process `syz.2.681'. [ 315.297387][ T9164] IPv6: NLM_F_CREATE should be specified when creating new route [ 317.660748][ T9207] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 318.962653][ T9231] vcan0: tx drop: invalid da for name 0x000000000000003f [ 321.039757][ T9258] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 321.423037][ T5577] Process accounting resumed [ 321.747981][ T9269] can: request_module (can-proto-0) failed. [ 321.979439][ T9276] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input51 [ 322.021996][ T9277] FAULT_INJECTION: forcing a failure. [ 322.021996][ T9277] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 322.043364][ T9277] CPU: 1 UID: 0 PID: 9277 Comm: syz.2.704 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 322.043417][ T9277] Tainted: [U]=USER [ 322.043428][ T9277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 322.043446][ T9277] Call Trace: [ 322.043456][ T9277] [ 322.043468][ T9277] dump_stack_lvl+0x16c/0x1f0 [ 322.043529][ T9277] should_fail_ex+0x512/0x640 [ 322.043587][ T9277] _copy_from_user+0x2e/0xd0 [ 322.043620][ T9277] copy_strings.isra.0+0x38a/0x950 [ 322.043680][ T9277] do_execveat_common.isra.0+0x397/0x610 [ 322.043747][ T9277] __x64_sys_execve+0x8e/0xb0 [ 322.043797][ T9277] do_syscall_64+0xcd/0x490 [ 322.043833][ T9277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.043867][ T9277] RIP: 0033:0x7fd2fa18e929 [ 322.043893][ T9277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.043923][ T9277] RSP: 002b:00007fd2fb029038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 322.043947][ T9277] RAX: ffffffffffffffda RBX: 00007fd2fa3b6080 RCX: 00007fd2fa18e929 [ 322.043963][ T9277] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 322.043984][ T9277] RBP: 00007fd2fb029090 R08: 0000000000000000 R09: 0000000000000000 [ 322.043998][ T9277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 322.044012][ T9277] R13: 0000000000000000 R14: 00007fd2fa3b6080 R15: 00007ffedbaabc98 [ 322.044041][ T9277] [ 322.838867][ T9284] usb usb28: usbfs: process 9284 (syz.1.706) did not claim interface 0 before use [ 323.936224][ T9302] netlink: 4 bytes leftover after parsing attributes in process `syz.1.710'. [ 323.976674][ T9302] HfR: entered promiscuous mode [ 324.358322][ T9311] usb usb28: usbfs: process 9311 (syz.3.713) did not claim interface 0 before use [ 324.440767][ T9317] FAULT_INJECTION: forcing a failure. [ 324.440767][ T9317] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 324.470270][ T9317] CPU: 1 UID: 0 PID: 9317 Comm: syz.3.713 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 324.470316][ T9317] Tainted: [U]=USER [ 324.470324][ T9317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 324.470338][ T9317] Call Trace: [ 324.470346][ T9317] [ 324.470355][ T9317] dump_stack_lvl+0x16c/0x1f0 [ 324.470399][ T9317] should_fail_ex+0x512/0x640 [ 324.470441][ T9317] should_fail_alloc_page+0xe7/0x130 [ 324.470467][ T9317] prepare_alloc_pages+0x3c2/0x610 [ 324.470495][ T9317] ? rcu_is_watching+0x12/0xc0 [ 324.470526][ T9317] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 324.470573][ T9317] ? __lock_acquire+0x622/0x1c90 [ 324.470611][ T9317] ? __vmf_anon_prepare+0x11c/0x240 [ 324.470641][ T9317] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 324.470678][ T9317] ? __lock_acquire+0x622/0x1c90 [ 324.470718][ T9317] ? __lock_acquire+0x622/0x1c90 [ 324.470749][ T9317] ? __lock_acquire+0x622/0x1c90 [ 324.470783][ T9317] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 324.470833][ T9317] ? policy_nodemask+0xea/0x4e0 [ 324.470859][ T9317] alloc_pages_mpol+0x1fb/0x550 [ 324.470883][ T9317] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 324.470915][ T9317] folio_alloc_mpol_noprof+0x36/0x2f0 [ 324.470945][ T9317] vma_alloc_folio_noprof+0xed/0x1e0 [ 324.470973][ T9317] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 324.470999][ T9317] ? find_held_lock+0x2b/0x80 [ 324.471022][ T9317] ? __handle_mm_fault+0x1092/0x5490 [ 324.471058][ T9317] __handle_mm_fault+0x2f21/0x5490 [ 324.471104][ T9317] ? __pfx___handle_mm_fault+0x10/0x10 [ 324.471148][ T9317] ? __pte_offset_map_lock+0x174/0x310 [ 324.471189][ T9317] ? find_held_lock+0x2b/0x80 [ 324.471215][ T9317] ? find_held_lock+0x2b/0x80 [ 324.471245][ T9317] ? follow_page_pte+0x3af/0x14c0 [ 324.471278][ T9317] handle_mm_fault+0x589/0xd10 [ 324.471315][ T9317] __get_user_pages+0x589/0x3b80 [ 324.471350][ T9317] ? __pfx_mt_find+0x10/0x10 [ 324.471374][ T9317] ? __pfx___get_user_pages+0x10/0x10 [ 324.471412][ T9317] populate_vma_page_range+0x278/0x3a0 [ 324.471445][ T9317] ? __pfx_populate_vma_page_range+0x10/0x10 [ 324.471473][ T9317] ? __pfx_find_vma_intersection+0x10/0x10 [ 324.471502][ T9317] ? do_mmap+0x69c/0x1210 [ 324.471538][ T9317] __mm_populate+0x1d8/0x380 [ 324.471568][ T9317] ? __pfx___mm_populate+0x10/0x10 [ 324.471599][ T9317] ? up_write+0x1b2/0x520 [ 324.471636][ T9317] vm_mmap_pgoff+0x362/0x450 [ 324.471664][ T9317] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 324.471691][ T9317] ? __fget_files+0x20e/0x3c0 [ 324.471734][ T9317] ksys_mmap_pgoff+0x7d/0x5c0 [ 324.471760][ T9317] ? __pfx_ksys_write+0x10/0x10 [ 324.471799][ T9317] __x64_sys_mmap+0x125/0x190 [ 324.471834][ T9317] do_syscall_64+0xcd/0x490 [ 324.471859][ T9317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.471883][ T9317] RIP: 0033:0x7f5a1fb8e929 [ 324.471901][ T9317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 324.471923][ T9317] RSP: 002b:00007f5a209e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 324.471945][ T9317] RAX: ffffffffffffffda RBX: 00007f5a1fdb6080 RCX: 00007f5a1fb8e929 [ 324.471961][ T9317] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 324.471975][ T9317] RBP: 00007f5a209e9090 R08: 0000000000000007 R09: 0000000000028000 [ 324.471989][ T9317] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 324.472003][ T9317] R13: 0000000000000001 R14: 00007f5a1fdb6080 R15: 00007fff772d2678 [ 324.472032][ T9317] [ 327.479605][ T9372] FAULT_INJECTION: forcing a failure. [ 327.479605][ T9372] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 327.559802][ T9372] CPU: 0 UID: 0 PID: 9372 Comm: syz.0.723 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 327.559854][ T9372] Tainted: [U]=USER [ 327.559864][ T9372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 327.559883][ T9372] Call Trace: [ 327.559893][ T9372] [ 327.559904][ T9372] dump_stack_lvl+0x16c/0x1f0 [ 327.559956][ T9372] should_fail_ex+0x512/0x640 [ 327.559996][ T9372] should_fail_alloc_page+0xe7/0x130 [ 327.560022][ T9372] prepare_alloc_pages+0x3c2/0x610 [ 327.560050][ T9372] ? stack_depot_save_flags+0x28/0xa40 [ 327.560089][ T9372] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 327.560128][ T9372] ? kasan_save_stack+0x42/0x60 [ 327.560161][ T9372] ? kasan_save_stack+0x33/0x60 [ 327.560201][ T9372] ? kasan_record_aux_stack+0xa7/0xc0 [ 327.560229][ T9372] ? __call_rcu_common.constprop.0+0x9a/0x9f0 [ 327.560265][ T9372] ? mas_wr_node_store+0xdc8/0x1620 [ 327.560287][ T9372] ? mas_wr_store_entry+0x102d/0x2550 [ 327.560311][ T9372] ? mas_store_prealloc+0x771/0x1680 [ 327.560335][ T9372] ? expand_downwards+0xbba/0xed0 [ 327.560355][ T9372] ? mmap_read_lock_maybe_expand+0x11e/0x3c0 [ 327.560386][ T9372] ? get_arg_page+0xbb/0x310 [ 327.560415][ T9372] ? copy_strings.isra.0+0x1cc/0x950 [ 327.560446][ T9372] ? do_execveat_common.isra.0+0x397/0x610 [ 327.560478][ T9372] ? __x64_sys_execve+0x8e/0xb0 [ 327.560509][ T9372] ? do_syscall_64+0xcd/0x490 [ 327.560530][ T9372] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.560556][ T9372] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 327.560613][ T9372] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 327.560651][ T9372] ? policy_nodemask+0xea/0x4e0 [ 327.560676][ T9372] alloc_pages_mpol+0x1fb/0x550 [ 327.560700][ T9372] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 327.560732][ T9372] folio_alloc_mpol_noprof+0x36/0x2f0 [ 327.560761][ T9372] vma_alloc_folio_noprof+0xed/0x1e0 [ 327.560789][ T9372] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 327.560815][ T9372] ? find_held_lock+0x2b/0x80 [ 327.560839][ T9372] ? __handle_mm_fault+0x1092/0x5490 [ 327.560879][ T9372] __handle_mm_fault+0x2f21/0x5490 [ 327.560937][ T9372] ? __pfx___handle_mm_fault+0x10/0x10 [ 327.560986][ T9372] ? __pte_offset_map_lock+0x174/0x310 [ 327.561013][ T9372] ? find_held_lock+0x2b/0x80 [ 327.561034][ T9372] ? find_held_lock+0x2b/0x80 [ 327.561063][ T9372] ? follow_page_pte+0x3af/0x14c0 [ 327.561106][ T9372] handle_mm_fault+0x589/0xd10 [ 327.561157][ T9372] __get_user_pages+0x589/0x3b80 [ 327.561218][ T9372] ? __pfx___get_user_pages+0x10/0x10 [ 327.561254][ T9372] ? reacquire_held_locks+0xcd/0x1f0 [ 327.561292][ T9372] ? mmap_read_lock_maybe_expand+0x1ba/0x3c0 [ 327.561325][ T9372] ? expand_downwards+0x53a/0xed0 [ 327.561353][ T9372] get_user_pages_remote+0x258/0xb20 [ 327.561388][ T9372] ? __pfx_get_user_pages_remote+0x10/0x10 [ 327.561428][ T9372] get_arg_page+0xf4/0x310 [ 327.561460][ T9372] ? __pfx_get_arg_page+0x10/0x10 [ 327.561492][ T9372] ? __pfx___might_resched+0x10/0x10 [ 327.561523][ T9372] copy_strings.isra.0+0x1cc/0x950 [ 327.561565][ T9372] do_execveat_common.isra.0+0x397/0x610 [ 327.561611][ T9372] __x64_sys_execve+0x8e/0xb0 [ 327.561646][ T9372] do_syscall_64+0xcd/0x490 [ 327.561670][ T9372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.561694][ T9372] RIP: 0033:0x7f6f3858e929 [ 327.561712][ T9372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.561735][ T9372] RSP: 002b:00007f6f3938d038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 327.561757][ T9372] RAX: ffffffffffffffda RBX: 00007f6f387b6080 RCX: 00007f6f3858e929 [ 327.561773][ T9372] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000 [ 327.561787][ T9372] RBP: 00007f6f3938d090 R08: 0000000000000000 R09: 0000000000000000 [ 327.561801][ T9372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 327.561815][ T9372] R13: 0000000000000000 R14: 00007f6f387b6080 R15: 00007ffe5dd1c528 [ 327.561845][ T9372] [ 327.589429][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.991275][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.756367][ T9383] netlink: 4 bytes leftover after parsing attributes in process `syz.2.725'. [ 329.440983][ T9388] FAULT_INJECTION: forcing a failure. [ 329.440983][ T9388] name failslab, interval 1, probability 0, space 0, times 0 [ 329.457141][ T9388] CPU: 1 UID: 0 PID: 9388 Comm: syz.3.727 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 329.457191][ T9388] Tainted: [U]=USER [ 329.457201][ T9388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 329.457220][ T9388] Call Trace: [ 329.457230][ T9388] [ 329.457242][ T9388] dump_stack_lvl+0x16c/0x1f0 [ 329.457295][ T9388] should_fail_ex+0x512/0x640 [ 329.457330][ T9388] ? fs_reclaim_acquire+0xae/0x150 [ 329.457360][ T9388] ? tomoyo_encode2+0x100/0x3e0 [ 329.457392][ T9388] should_failslab+0xc2/0x120 [ 329.457414][ T9388] __kmalloc_noprof+0xd2/0x510 [ 329.457449][ T9388] ? d_absolute_path+0x136/0x1a0 [ 329.457478][ T9388] tomoyo_encode2+0x100/0x3e0 [ 329.457514][ T9388] tomoyo_encode+0x29/0x50 [ 329.457545][ T9388] tomoyo_realpath_from_path+0x18f/0x6e0 [ 329.457587][ T9388] tomoyo_path_number_perm+0x245/0x580 [ 329.457614][ T9388] ? tomoyo_path_number_perm+0x237/0x580 [ 329.457644][ T9388] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 329.457677][ T9388] ? find_held_lock+0x2b/0x80 [ 329.457729][ T9388] ? find_held_lock+0x2b/0x80 [ 329.457751][ T9388] ? hook_file_ioctl_common+0x145/0x410 [ 329.457788][ T9388] ? __fget_files+0x20e/0x3c0 [ 329.457827][ T9388] security_file_ioctl+0x9b/0x240 [ 329.457859][ T9388] __x64_sys_ioctl+0xb7/0x210 [ 329.457890][ T9388] do_syscall_64+0xcd/0x490 [ 329.457915][ T9388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.457947][ T9388] RIP: 0033:0x7f5a1fb8e929 [ 329.457966][ T9388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.457988][ T9388] RSP: 002b:00007f5a20a0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 329.458010][ T9388] RAX: ffffffffffffffda RBX: 00007f5a1fdb5fa0 RCX: 00007f5a1fb8e929 [ 329.458026][ T9388] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000002 [ 329.458040][ T9388] RBP: 00007f5a20a0a090 R08: 0000000000000000 R09: 0000000000000000 [ 329.458054][ T9388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.458068][ T9388] R13: 0000000000000000 R14: 00007f5a1fdb5fa0 R15: 00007fff772d2678 [ 329.458098][ T9388] [ 329.748428][ T9388] ERROR: Out of memory at tomoyo_realpath_from_path. [ 332.862118][ T9466] usb usb28: usbfs: process 9466 (syz.0.744) did not claim interface 0 before use [ 332.950486][ T9469] FAULT_INJECTION: forcing a failure. [ 332.950486][ T9469] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 332.974834][ T9467] usb usb28: usbfs: process 9467 (syz.3.743) did not claim interface 0 before use [ 333.031765][ T9469] CPU: 0 UID: 0 PID: 9469 Comm: syz.0.744 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 333.031822][ T9469] Tainted: [U]=USER [ 333.031833][ T9469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 333.031851][ T9469] Call Trace: [ 333.031861][ T9469] [ 333.031873][ T9469] dump_stack_lvl+0x16c/0x1f0 [ 333.031930][ T9469] should_fail_ex+0x512/0x640 [ 333.031988][ T9469] should_fail_alloc_page+0xe7/0x130 [ 333.032025][ T9469] prepare_alloc_pages+0x3c2/0x610 [ 333.032067][ T9469] ? rcu_is_watching+0x12/0xc0 [ 333.032106][ T9469] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 333.032167][ T9469] ? css_rstat_updated+0x9d/0xd30 [ 333.032203][ T9469] ? rcu_is_watching+0x12/0xc0 [ 333.032234][ T9469] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 333.032285][ T9469] ? __mod_zone_page_state+0xcc/0x1a0 [ 333.032350][ T9469] ? __lock_acquire+0x622/0x1c90 [ 333.032401][ T9469] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 333.032453][ T9469] ? policy_nodemask+0xea/0x4e0 [ 333.032488][ T9469] alloc_pages_mpol+0x1fb/0x550 [ 333.032523][ T9469] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 333.032569][ T9469] folio_alloc_mpol_noprof+0x36/0x2f0 [ 333.032611][ T9469] vma_alloc_folio_noprof+0xed/0x1e0 [ 333.032651][ T9469] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 333.032688][ T9469] ? find_held_lock+0x2b/0x80 [ 333.032721][ T9469] ? __handle_mm_fault+0x1092/0x5490 [ 333.032772][ T9469] __handle_mm_fault+0x2f21/0x5490 [ 333.032831][ T9469] ? __pfx___handle_mm_fault+0x10/0x10 [ 333.032879][ T9469] ? __pte_offset_map_lock+0x174/0x310 [ 333.032913][ T9469] ? find_held_lock+0x2b/0x80 [ 333.032942][ T9469] ? find_held_lock+0x2b/0x80 [ 333.032990][ T9469] ? follow_page_pte+0x3af/0x14c0 [ 333.033038][ T9469] handle_mm_fault+0x589/0xd10 [ 333.033089][ T9469] __get_user_pages+0x589/0x3b80 [ 333.033140][ T9469] ? __pfx_mt_find+0x10/0x10 [ 333.033176][ T9469] ? __pfx___get_user_pages+0x10/0x10 [ 333.033231][ T9469] populate_vma_page_range+0x278/0x3a0 [ 333.033288][ T9469] ? __pfx_populate_vma_page_range+0x10/0x10 [ 333.033335][ T9469] ? __pfx_find_vma_intersection+0x10/0x10 [ 333.033378][ T9469] ? do_mmap+0x69c/0x1210 [ 333.033421][ T9469] __mm_populate+0x1d8/0x380 [ 333.033464][ T9469] ? __pfx___mm_populate+0x10/0x10 [ 333.033507][ T9469] ? up_write+0x1b2/0x520 [ 333.033562][ T9469] vm_mmap_pgoff+0x362/0x450 [ 333.033602][ T9469] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 333.033641][ T9469] ? __fget_files+0x20e/0x3c0 [ 333.033699][ T9469] ksys_mmap_pgoff+0x7d/0x5c0 [ 333.033737][ T9469] ? __pfx_ksys_write+0x10/0x10 [ 333.033792][ T9469] __x64_sys_mmap+0x125/0x190 [ 333.033844][ T9469] do_syscall_64+0xcd/0x490 [ 333.033879][ T9469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.033909][ T9469] RIP: 0033:0x7f6f3858e929 [ 333.033933][ T9469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.033963][ T9469] RSP: 002b:00007f6f3938d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 333.033991][ T9469] RAX: ffffffffffffffda RBX: 00007f6f387b6080 RCX: 00007f6f3858e929 [ 333.034011][ T9469] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 333.034031][ T9469] RBP: 00007f6f3938d090 R08: 0000000000000007 R09: 0000000000028000 [ 333.034048][ T9469] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 333.034066][ T9469] R13: 0000000000000001 R14: 00007f6f387b6080 R15: 00007ffe5dd1c528 [ 333.034108][ T9469] [ 334.268018][ T9478] FAULT_INJECTION: forcing a failure. [ 334.268018][ T9478] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 334.313146][ T9478] CPU: 1 UID: 0 PID: 9478 Comm: syz.1.747 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 334.313203][ T9478] Tainted: [U]=USER [ 334.313214][ T9478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 334.313235][ T9478] Call Trace: [ 334.313246][ T9478] [ 334.313259][ T9478] dump_stack_lvl+0x16c/0x1f0 [ 334.313331][ T9478] should_fail_ex+0x512/0x640 [ 334.313390][ T9478] strncpy_from_user+0x3b/0x2e0 [ 334.313446][ T9478] getname_flags.part.0+0x8f/0x550 [ 334.313492][ T9478] getname_flags+0x93/0xf0 [ 334.313540][ T9478] do_sys_openat2+0xb8/0x1d0 [ 334.313588][ T9478] ? __pfx_do_sys_openat2+0x10/0x10 [ 334.313644][ T9478] __x64_sys_openat+0x174/0x210 [ 334.313685][ T9478] ? __pfx___x64_sys_openat+0x10/0x10 [ 334.313744][ T9478] do_syscall_64+0xcd/0x490 [ 334.313781][ T9478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.313815][ T9478] RIP: 0033:0x7f8ef3b8e929 [ 334.313841][ T9478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.313873][ T9478] RSP: 002b:00007f8ef49db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 334.313905][ T9478] RAX: ffffffffffffffda RBX: 00007f8ef3db5fa0 RCX: 00007f8ef3b8e929 [ 334.313927][ T9478] RDX: c7f16bff2a10ba01 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 334.313950][ T9478] RBP: 00007f8ef3c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 334.313971][ T9478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.313989][ T9478] R13: 0000000000000000 R14: 00007f8ef3db5fa0 R15: 00007ffc22ced088 [ 334.314031][ T9478] [ 335.231467][ T9482] can: request_module (can-proto-0) failed. [ 335.236309][ T9486] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input52 [ 335.455951][ T9488] can: request_module (can-proto-0) failed. [ 335.767043][ T9492] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input53 [ 336.488354][ T9497] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 338.674836][ T9521] usb usb28: usbfs: process 9521 (syz.1.756) did not claim interface 0 before use [ 339.276970][ T6108] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 339.286822][ T6108] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0' [ 339.296328][ T6108] CPU: 0 UID: 0 PID: 6108 Comm: kworker/u11:0 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 339.296380][ T6108] Tainted: [U]=USER [ 339.296391][ T6108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 339.296413][ T6108] Workqueue: hci3 hci_rx_work [ 339.296450][ T6108] Call Trace: [ 339.296462][ T6108] [ 339.296474][ T6108] dump_stack_lvl+0x16c/0x1f0 [ 339.296534][ T6108] sysfs_warn_dup+0x7f/0xa0 [ 339.296581][ T6108] sysfs_create_dir_ns+0x24b/0x2b0 [ 339.296630][ T6108] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 339.296674][ T6108] ? find_held_lock+0x2b/0x80 [ 339.296756][ T6108] ? do_raw_spin_unlock+0x172/0x230 [ 339.296818][ T6108] kobject_add_internal+0x2c4/0x9b0 [ 339.296867][ T6108] kobject_add+0x16e/0x240 [ 339.296905][ T6108] ? __pfx_kobject_add+0x10/0x10 [ 339.296946][ T6108] ? do_raw_spin_unlock+0x172/0x230 [ 339.297000][ T6108] ? kobject_put+0xab/0x5a0 [ 339.297048][ T6108] device_add+0x288/0x1a70 [ 339.297088][ T6108] ? __pfx_dev_set_name+0x10/0x10 [ 339.297132][ T6108] ? __pfx_device_add+0x10/0x10 [ 339.297171][ T6108] ? mgmt_send_event_skb+0x2fb/0x460 [ 339.297213][ T6108] hci_conn_add_sysfs+0x17e/0x230 [ 339.297253][ T6108] le_conn_complete_evt+0x1075/0x1d70 [ 339.297324][ T6108] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 339.297387][ T6108] ? bt_warn+0xe4/0x120 [ 339.297438][ T6108] ? __pfx_bt_warn+0x10/0x10 [ 339.297500][ T6108] hci_le_conn_complete_evt+0x23c/0x370 [ 339.297569][ T6108] hci_le_meta_evt+0x357/0x5e0 [ 339.297604][ T6108] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 339.297667][ T6108] hci_event_packet+0x682/0x11c0 [ 339.297734][ T6108] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 339.297774][ T6108] ? __pfx_hci_event_packet+0x10/0x10 [ 339.297837][ T6108] ? kcov_remote_start+0x3c9/0x6d0 [ 339.297890][ T6108] ? lockdep_hardirqs_on+0x7c/0x110 [ 339.297956][ T6108] hci_rx_work+0x2c5/0x16b0 [ 339.297994][ T6108] ? rcu_is_watching+0x12/0xc0 [ 339.298036][ T6108] process_one_work+0x9cf/0x1b70 [ 339.298107][ T6108] ? __pfx_process_one_work+0x10/0x10 [ 339.298174][ T6108] ? assign_work+0x1a0/0x250 [ 339.298227][ T6108] worker_thread+0x6c8/0xf10 [ 339.298300][ T6108] ? __pfx_worker_thread+0x10/0x10 [ 339.298353][ T6108] kthread+0x3c2/0x780 [ 339.298404][ T6108] ? __pfx_kthread+0x10/0x10 [ 339.298455][ T6108] ? rcu_is_watching+0x12/0xc0 [ 339.298490][ T6108] ? __pfx_kthread+0x10/0x10 [ 339.298541][ T6108] ret_from_fork+0x5d7/0x6f0 [ 339.298585][ T6108] ? __pfx_kthread+0x10/0x10 [ 339.298642][ T6108] ret_from_fork_asm+0x1a/0x30 [ 339.298699][ T6108] [ 339.298748][ T6108] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 339.581329][ T6108] Bluetooth: hci3: failed to register connection device [ 343.782395][ T9617] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input54 [ 343.820010][ T9619] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input55 [ 343.867306][ T9602] can: request_module (can-proto-0) failed. [ 344.100027][ T9608] can: request_module (can-proto-0) failed. [ 344.413440][ T9626] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input56 [ 344.552200][ T9621] can: request_module (can-proto-0) failed. [ 346.284453][ T9649] netlink: 4 bytes leftover after parsing attributes in process `syz.0.781'. [ 346.324539][ T9649] openvswitch: HfR: Dropping previously announced user features [ 346.680291][ T9656] tipc: Enabling of bearer rejected, media not registered [ 349.196570][ T9694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.792'. [ 349.263849][ T9694] HfR: entered promiscuous mode [ 349.492018][ T9701] usb usb28: usbfs: process 9701 (syz.2.794) did not claim interface 0 before use [ 349.595893][ T9701] FAULT_INJECTION: forcing a failure. [ 349.595893][ T9701] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 349.618051][ T9697] FAULT_INJECTION: forcing a failure. [ 349.618051][ T9697] name failslab, interval 1, probability 0, space 0, times 0 [ 349.661511][ T9701] CPU: 0 UID: 0 PID: 9701 Comm: syz.2.794 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 349.661563][ T9701] Tainted: [U]=USER [ 349.661573][ T9701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 349.661592][ T9701] Call Trace: [ 349.661603][ T9701] [ 349.661614][ T9701] dump_stack_lvl+0x16c/0x1f0 [ 349.661675][ T9701] should_fail_ex+0x512/0x640 [ 349.661742][ T9701] should_fail_alloc_page+0xe7/0x130 [ 349.661771][ T9701] prepare_alloc_pages+0x3c2/0x610 [ 349.661801][ T9701] ? rcu_is_watching+0x12/0xc0 [ 349.661829][ T9701] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 349.661872][ T9701] ? __lock_acquire+0x622/0x1c90 [ 349.661906][ T9701] ? __vmf_anon_prepare+0x11c/0x240 [ 349.661936][ T9701] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 349.661972][ T9701] ? __lock_acquire+0x622/0x1c90 [ 349.662013][ T9701] ? __lock_acquire+0x622/0x1c90 [ 349.662045][ T9701] ? __lock_acquire+0x622/0x1c90 [ 349.662075][ T9701] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 349.662117][ T9701] ? policy_nodemask+0xea/0x4e0 [ 349.662143][ T9701] alloc_pages_mpol+0x1fb/0x550 [ 349.662168][ T9701] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 349.662200][ T9701] folio_alloc_mpol_noprof+0x36/0x2f0 [ 349.662230][ T9701] vma_alloc_folio_noprof+0xed/0x1e0 [ 349.662258][ T9701] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 349.662285][ T9701] ? find_held_lock+0x2b/0x80 [ 349.662308][ T9701] ? __handle_mm_fault+0x1092/0x5490 [ 349.662345][ T9701] __handle_mm_fault+0x2f21/0x5490 [ 349.662385][ T9701] ? __pfx___handle_mm_fault+0x10/0x10 [ 349.662419][ T9701] ? __pte_offset_map_lock+0x174/0x310 [ 349.662445][ T9701] ? find_held_lock+0x2b/0x80 [ 349.662465][ T9701] ? find_held_lock+0x2b/0x80 [ 349.662495][ T9701] ? follow_page_pte+0x3af/0x14c0 [ 349.662529][ T9701] handle_mm_fault+0x589/0xd10 [ 349.662568][ T9701] __get_user_pages+0x589/0x3b80 [ 349.662603][ T9701] ? __pfx_mt_find+0x10/0x10 [ 349.662629][ T9701] ? __pfx___get_user_pages+0x10/0x10 [ 349.662667][ T9701] populate_vma_page_range+0x278/0x3a0 [ 349.662699][ T9701] ? __pfx_populate_vma_page_range+0x10/0x10 [ 349.662734][ T9701] ? __pfx_find_vma_intersection+0x10/0x10 [ 349.662764][ T9701] ? do_mmap+0x69c/0x1210 [ 349.662795][ T9701] __mm_populate+0x1d8/0x380 [ 349.662825][ T9701] ? __pfx___mm_populate+0x10/0x10 [ 349.662856][ T9701] ? up_write+0x1b2/0x520 [ 349.662893][ T9701] vm_mmap_pgoff+0x362/0x450 [ 349.662922][ T9701] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 349.662949][ T9701] ? __fget_files+0x20e/0x3c0 [ 349.662991][ T9701] ksys_mmap_pgoff+0x7d/0x5c0 [ 349.663017][ T9701] ? __pfx_ksys_write+0x10/0x10 [ 349.663055][ T9701] __x64_sys_mmap+0x125/0x190 [ 349.663096][ T9701] do_syscall_64+0xcd/0x490 [ 349.663122][ T9701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.663145][ T9701] RIP: 0033:0x7fd2fa18e929 [ 349.663163][ T9701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.663187][ T9701] RSP: 002b:00007fd2fb029038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 349.663209][ T9701] RAX: ffffffffffffffda RBX: 00007fd2fa3b6080 RCX: 00007fd2fa18e929 [ 349.663224][ T9701] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 349.663239][ T9701] RBP: 00007fd2fb029090 R08: 0000000000000007 R09: 0000000000028000 [ 349.663253][ T9701] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 349.663267][ T9701] R13: 0000000000000000 R14: 00007fd2fa3b6080 R15: 00007ffedbaabc98 [ 349.663296][ T9701] [ 349.663388][ T9697] CPU: 1 UID: 0 PID: 9697 Comm: syz.1.791 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 349.663439][ T9697] Tainted: [U]=USER [ 349.663450][ T9697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 349.663469][ T9697] Call Trace: [ 349.663479][ T9697] [ 349.663490][ T9697] dump_stack_lvl+0x16c/0x1f0 [ 349.663545][ T9697] should_fail_ex+0x512/0x640 [ 349.663592][ T9697] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 349.663642][ T9697] should_failslab+0xc2/0x120 [ 349.663675][ T9697] __kmalloc_cache_noprof+0x6a/0x3e0 [ 349.663721][ T9697] ? snd_seq_pool_new+0x44/0x230 [ 349.663764][ T9697] ? __pfx_snd_seq_open+0x10/0x10 [ 349.663802][ T9697] snd_seq_pool_new+0x44/0x230 [ 349.663845][ T9697] seq_create_client1+0x66/0x5e0 [ 349.663884][ T9697] ? __pfx_snd_seq_open+0x10/0x10 [ 349.663919][ T9697] snd_seq_open+0x59/0x550 [ 349.663954][ T9697] ? __pfx_snd_seq_open+0x10/0x10 [ 349.663997][ T9697] snd_open+0x201/0x450 [ 349.664035][ T9697] ? __pfx_snd_open+0x10/0x10 [ 349.664070][ T9697] chrdev_open+0x234/0x6a0 [ 349.664101][ T9697] ? __pfx_apparmor_file_open+0x10/0x10 [ 349.664146][ T9697] ? __pfx_chrdev_open+0x10/0x10 [ 349.664181][ T9697] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 349.664236][ T9697] do_dentry_open+0x741/0x1c10 [ 349.664288][ T9697] ? __pfx_chrdev_open+0x10/0x10 [ 349.664326][ T9697] vfs_open+0x82/0x3f0 [ 349.664367][ T9697] path_openat+0x1de4/0x2cb0 [ 349.664431][ T9697] ? __pfx_path_openat+0x10/0x10 [ 349.664483][ T9697] ? __lock_acquire+0xb8a/0x1c90 [ 349.664533][ T9697] do_filp_open+0x20b/0x470 [ 349.664583][ T9697] ? __pfx_do_filp_open+0x10/0x10 [ 349.664661][ T9697] ? alloc_fd+0x471/0x7d0 [ 349.664719][ T9697] do_sys_openat2+0x11b/0x1d0 [ 349.664758][ T9697] ? __pfx_do_sys_openat2+0x10/0x10 [ 349.664811][ T9697] __x64_sys_openat+0x174/0x210 [ 349.664851][ T9697] ? __pfx___x64_sys_openat+0x10/0x10 [ 349.664911][ T9697] do_syscall_64+0xcd/0x490 [ 349.664947][ T9697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.664991][ T9697] RIP: 0033:0x7f8ef3b8e929 [ 349.665017][ T9697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.665051][ T9697] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 349.665083][ T9697] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 349.665105][ T9697] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 349.665126][ T9697] RBP: 00007f8ef3c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 349.665146][ T9697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 349.665166][ T9697] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 349.665206][ T9697] [ 351.138243][ T9721] netlink: 'syz.0.799': attribute type 11 has an invalid length. [ 351.146173][ T9721] netlink: 'syz.0.799': attribute type 11 has an invalid length. [ 351.644121][ T9731] page: refcount:5 mapcount:4 mapping:0000000000000000 index:0x7f62ce7ab pfn:0x78000 [ 351.760504][ T9731] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 351.776133][ T9731] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 351.837430][ T9731] raw: 00000007f62ce7ab 0000000000000000 0000000500000003 0000000000000000 [ 351.924703][ T9731] page dumped because: unmovable page [ 351.934987][ T9731] page_owner tracks the page as allocated [ 351.942055][ T9731] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5832, tgid 5832 (syz-executor), ts 96273180000, free_ts 91018165557 [ 351.961542][ T9731] post_alloc_hook+0x1c0/0x230 [ 351.966617][ T9731] get_page_from_freelist+0x1321/0x3890 [ 351.972879][ T9731] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 351.980874][ T9731] alloc_pages_mpol+0x1fb/0x550 [ 351.987127][ T9731] alloc_pages_noprof+0x131/0x390 [ 351.992665][ T9731] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 351.998802][ T9731] vmalloc_user_noprof+0x9e/0xe0 [ 352.004458][ T9731] kcov_ioctl+0x4c/0x730 [ 352.008934][ T9731] __x64_sys_ioctl+0x18e/0x210 [ 352.016327][ T9731] do_syscall_64+0xcd/0x490 [ 352.021046][ T9731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.082158][ T9731] page last free pid 5824 tgid 5824 stack trace: [ 352.090319][ T9731] free_unref_folios+0xa65/0x1800 [ 352.097852][ T9731] folios_put_refs+0x56f/0x740 [ 352.103107][ T9731] free_pages_and_swap_cache+0x245/0x4a0 [ 352.108866][ T9731] __tlb_batch_free_encoded_pages+0xf9/0x290 [ 352.115520][ T9731] tlb_finish_mmu+0x168/0x7c0 [ 352.120360][ T9731] vms_clear_ptes+0x55e/0x770 [ 352.220102][ T9731] vms_complete_munmap_vmas+0x1ca/0x970 [ 352.238673][ T9731] do_vmi_align_munmap+0x43b/0x7d0 [ 352.257442][ T9731] do_vmi_munmap+0x204/0x3e0 [ 352.268000][ T9731] __vm_munmap+0x19a/0x390 [ 352.357163][ T9731] __x64_sys_munmap+0x59/0x80 [ 352.371354][ T9731] do_syscall_64+0xcd/0x490 [ 352.397878][ T9731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.974767][ T9759] usb usb28: usbfs: process 9759 (syz.0.809) did not claim interface 0 before use [ 353.094660][ T9763] FAULT_INJECTION: forcing a failure. [ 353.094660][ T9763] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 353.109737][ T9763] CPU: 1 UID: 0 PID: 9763 Comm: syz.0.809 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 353.109788][ T9763] Tainted: [U]=USER [ 353.109798][ T9763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 353.109818][ T9763] Call Trace: [ 353.109828][ T9763] [ 353.109840][ T9763] dump_stack_lvl+0x16c/0x1f0 [ 353.109894][ T9763] should_fail_ex+0x512/0x640 [ 353.109973][ T9763] should_fail_alloc_page+0xe7/0x130 [ 353.110000][ T9763] prepare_alloc_pages+0x3c2/0x610 [ 353.110034][ T9763] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 353.110074][ T9763] ? find_held_lock+0x2b/0x80 [ 353.110099][ T9763] ? free_unref_folios+0x118b/0x1800 [ 353.110135][ T9763] ? do_raw_spin_unlock+0x172/0x230 [ 353.110173][ T9763] ? _raw_spin_unlock+0x28/0x50 [ 353.110206][ T9763] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 353.110256][ T9763] ? __lock_acquire+0x622/0x1c90 [ 353.110290][ T9763] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 353.110329][ T9763] ? policy_nodemask+0xea/0x4e0 [ 353.110355][ T9763] alloc_pages_mpol+0x1fb/0x550 [ 353.110379][ T9763] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 353.110410][ T9763] folio_alloc_mpol_noprof+0x36/0x2f0 [ 353.110442][ T9763] vma_alloc_folio_noprof+0xed/0x1e0 [ 353.110470][ T9763] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 353.110497][ T9763] ? find_held_lock+0x2b/0x80 [ 353.110520][ T9763] ? __handle_mm_fault+0x1092/0x5490 [ 353.110557][ T9763] __handle_mm_fault+0x2f21/0x5490 [ 353.110597][ T9763] ? __pfx___handle_mm_fault+0x10/0x10 [ 353.110630][ T9763] ? __pte_offset_map_lock+0x174/0x310 [ 353.110656][ T9763] ? find_held_lock+0x2b/0x80 [ 353.110685][ T9763] ? find_held_lock+0x2b/0x80 [ 353.110715][ T9763] ? follow_page_pte+0x3af/0x14c0 [ 353.110749][ T9763] handle_mm_fault+0x589/0xd10 [ 353.110788][ T9763] __get_user_pages+0x589/0x3b80 [ 353.110823][ T9763] ? __pfx_mt_find+0x10/0x10 [ 353.110848][ T9763] ? __pfx___get_user_pages+0x10/0x10 [ 353.110892][ T9763] populate_vma_page_range+0x278/0x3a0 [ 353.110938][ T9763] ? __pfx_populate_vma_page_range+0x10/0x10 [ 353.110977][ T9763] ? __pfx_find_vma_intersection+0x10/0x10 [ 353.111016][ T9763] ? do_mmap+0x69c/0x1210 [ 353.111059][ T9763] __mm_populate+0x1d8/0x380 [ 353.111105][ T9763] ? __pfx___mm_populate+0x10/0x10 [ 353.111147][ T9763] ? up_write+0x1b2/0x520 [ 353.111196][ T9763] vm_mmap_pgoff+0x362/0x450 [ 353.111234][ T9763] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 353.111273][ T9763] ? __fget_files+0x20e/0x3c0 [ 353.111332][ T9763] ksys_mmap_pgoff+0x7d/0x5c0 [ 353.111368][ T9763] ? __pfx_ksys_write+0x10/0x10 [ 353.111422][ T9763] __x64_sys_mmap+0x125/0x190 [ 353.111472][ T9763] do_syscall_64+0xcd/0x490 [ 353.111507][ T9763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.111541][ T9763] RIP: 0033:0x7f6f3858e929 [ 353.111568][ T9763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.111599][ T9763] RSP: 002b:00007f6f3938d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 353.111629][ T9763] RAX: ffffffffffffffda RBX: 00007f6f387b6080 RCX: 00007f6f3858e929 [ 353.111650][ T9763] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 353.111676][ T9763] RBP: 00007f6f3938d090 R08: 0000000000000007 R09: 0000000000028000 [ 353.111696][ T9763] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 353.111714][ T9763] R13: 0000000000000001 R14: 00007f6f387b6080 R15: 00007ffe5dd1c528 [ 353.111755][ T9763] [ 353.157202][ T9762] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 353.766963][ T9771] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 355.214504][ T9798] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 355.533613][ T9805] netlink: 4 bytes leftover after parsing attributes in process `syz.1.819'. [ 355.601979][ T9805] openvswitch: HfR: Dropping previously announced user features [ 356.355827][ T9815] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 356.400206][ T9820] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 358.516807][ T9846] FAULT_INJECTION: forcing a failure. [ 358.516807][ T9846] name failslab, interval 1, probability 0, space 0, times 0 [ 358.543011][ T9846] CPU: 0 UID: 0 PID: 9846 Comm: syz.1.827 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 358.543072][ T9846] Tainted: [U]=USER [ 358.543084][ T9846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 358.543106][ T9846] Call Trace: [ 358.543126][ T9846] [ 358.543140][ T9846] dump_stack_lvl+0x16c/0x1f0 [ 358.543206][ T9846] should_fail_ex+0x512/0x640 [ 358.543263][ T9846] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 358.543319][ T9846] should_failslab+0xc2/0x120 [ 358.543355][ T9846] __kmalloc_cache_noprof+0x6a/0x3e0 [ 358.543405][ T9846] ? snd_seq_pool_new+0x44/0x230 [ 358.543454][ T9846] ? __pfx_snd_seq_open+0x10/0x10 [ 358.543493][ T9846] snd_seq_pool_new+0x44/0x230 [ 358.543541][ T9846] seq_create_client1+0x66/0x5e0 [ 358.543583][ T9846] ? __pfx_snd_seq_open+0x10/0x10 [ 358.543626][ T9846] snd_seq_open+0x59/0x550 [ 358.543664][ T9846] ? __pfx_snd_seq_open+0x10/0x10 [ 358.543699][ T9846] snd_open+0x201/0x450 [ 358.543737][ T9846] ? __pfx_snd_open+0x10/0x10 [ 358.543774][ T9846] chrdev_open+0x234/0x6a0 [ 358.543805][ T9846] ? __pfx_apparmor_file_open+0x10/0x10 [ 358.543854][ T9846] ? __pfx_chrdev_open+0x10/0x10 [ 358.543891][ T9846] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 358.543950][ T9846] do_dentry_open+0x741/0x1c10 [ 358.544007][ T9846] ? __pfx_chrdev_open+0x10/0x10 [ 358.544049][ T9846] vfs_open+0x82/0x3f0 [ 358.544094][ T9846] path_openat+0x1de4/0x2cb0 [ 358.544172][ T9846] ? __pfx_path_openat+0x10/0x10 [ 358.544231][ T9846] ? __lock_acquire+0xb8a/0x1c90 [ 358.544286][ T9846] do_filp_open+0x20b/0x470 [ 358.544341][ T9846] ? __pfx_do_filp_open+0x10/0x10 [ 358.544429][ T9846] ? alloc_fd+0x471/0x7d0 [ 358.544493][ T9846] do_sys_openat2+0x11b/0x1d0 [ 358.544536][ T9846] ? __pfx_do_sys_openat2+0x10/0x10 [ 358.544596][ T9846] __x64_sys_openat+0x174/0x210 [ 358.544641][ T9846] ? __pfx___x64_sys_openat+0x10/0x10 [ 358.544703][ T9846] do_syscall_64+0xcd/0x490 [ 358.544744][ T9846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.544780][ T9846] RIP: 0033:0x7f8ef3b8e929 [ 358.544809][ T9846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.544845][ T9846] RSP: 002b:00007f8ef49ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 358.544892][ T9846] RAX: ffffffffffffffda RBX: 00007f8ef3db6080 RCX: 00007f8ef3b8e929 [ 358.544916][ T9846] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 358.544938][ T9846] RBP: 00007f8ef3c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 358.544959][ T9846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.544980][ T9846] R13: 0000000000000000 R14: 00007f8ef3db6080 R15: 00007ffc22ced088 [ 358.545024][ T9846] [ 359.105166][ T9853] zswap: compressor not available [ 359.959265][ T9875] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 360.669109][ T9887] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 362.389145][ T9907] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 364.132904][ T9932] netlink: 16 bytes leftover after parsing attributes in process `syz.0.847'. [ 364.235833][ T9939] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 364.862422][ T9940] FAULT_INJECTION: forcing a failure. [ 364.862422][ T9940] name failslab, interval 1, probability 0, space 0, times 0 [ 364.880466][ T9940] CPU: 1 UID: 0 PID: 9940 Comm: syz.0.850 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 364.880523][ T9940] Tainted: [U]=USER [ 364.880534][ T9940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 364.880554][ T9940] Call Trace: [ 364.880564][ T9940] [ 364.880577][ T9940] dump_stack_lvl+0x16c/0x1f0 [ 364.880641][ T9940] should_fail_ex+0x512/0x640 [ 364.880695][ T9940] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 364.880748][ T9940] should_failslab+0xc2/0x120 [ 364.880783][ T9940] __kmalloc_cache_noprof+0x6a/0x3e0 [ 364.880831][ T9940] ? snd_seq_pool_new+0x44/0x230 [ 364.880877][ T9940] ? __pfx_snd_seq_open+0x10/0x10 [ 364.880915][ T9940] snd_seq_pool_new+0x44/0x230 [ 364.880961][ T9940] seq_create_client1+0x66/0x5e0 [ 364.881001][ T9940] ? __pfx_snd_seq_open+0x10/0x10 [ 364.881037][ T9940] snd_seq_open+0x59/0x550 [ 364.881074][ T9940] ? __pfx_snd_seq_open+0x10/0x10 [ 364.881110][ T9940] snd_open+0x201/0x450 [ 364.881148][ T9940] ? __pfx_snd_open+0x10/0x10 [ 364.881183][ T9940] chrdev_open+0x234/0x6a0 [ 364.881213][ T9940] ? __pfx_apparmor_file_open+0x10/0x10 [ 364.881269][ T9940] ? __pfx_chrdev_open+0x10/0x10 [ 364.881305][ T9940] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 364.881362][ T9940] do_dentry_open+0x741/0x1c10 [ 364.881416][ T9940] ? __pfx_chrdev_open+0x10/0x10 [ 364.881457][ T9940] vfs_open+0x82/0x3f0 [ 364.881501][ T9940] path_openat+0x1de4/0x2cb0 [ 364.881565][ T9940] ? __pfx_path_openat+0x10/0x10 [ 364.881620][ T9940] ? __lock_acquire+0xb8a/0x1c90 [ 364.881672][ T9940] do_filp_open+0x20b/0x470 [ 364.881725][ T9940] ? __pfx_do_filp_open+0x10/0x10 [ 364.881811][ T9940] ? alloc_fd+0x471/0x7d0 [ 364.881870][ T9940] do_sys_openat2+0x11b/0x1d0 [ 364.881909][ T9940] ? __pfx_do_sys_openat2+0x10/0x10 [ 364.881966][ T9940] __x64_sys_openat+0x174/0x210 [ 364.882009][ T9940] ? __pfx___x64_sys_openat+0x10/0x10 [ 364.882067][ T9940] do_syscall_64+0xcd/0x490 [ 364.882105][ T9940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.882140][ T9940] RIP: 0033:0x7f6f3858e929 [ 364.882167][ T9940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.882201][ T9940] RSP: 002b:00007f6f393ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 364.882233][ T9940] RAX: ffffffffffffffda RBX: 00007f6f387b5fa0 RCX: 00007f6f3858e929 [ 364.882266][ T9940] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 364.882288][ T9940] RBP: 00007f6f38610b39 R08: 0000000000000000 R09: 0000000000000000 [ 364.882309][ T9940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 364.882330][ T9940] R13: 0000000000000000 R14: 00007f6f387b5fa0 R15: 00007ffe5dd1c528 [ 364.882374][ T9940] [ 365.535468][ T9958] random: crng reseeded on system resumption [ 365.923450][ T9969] svc: failed to register nfsdv3 RPC service (errno 111). [ 365.944080][ T9969] svc: failed to register nfsaclv3 RPC service (errno 111). [ 366.432905][ T9970] vcan0: tx drop: invalid da for name 0x000000000000003f [ 366.904051][T10001] ================================================================== [ 366.912188][T10001] BUG: KASAN: slab-out-of-bounds in afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 366.920905][T10001] Read of size 1 at addr ffff8880789c2724 by task syz.0.860/10001 [ 366.928754][T10001] [ 366.931146][T10001] CPU: 1 UID: 0 PID: 10001 Comm: syz.0.860 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 366.931196][T10001] Tainted: [U]=USER [ 366.931204][T10001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.931219][T10001] Call Trace: [ 366.931228][T10001] [ 366.931238][T10001] dump_stack_lvl+0x116/0x1f0 [ 366.931281][T10001] print_report+0xcd/0x680 [ 366.931304][T10001] ? __virt_addr_valid+0x81/0x610 [ 366.931328][T10001] ? __phys_addr+0xe8/0x180 [ 366.931355][T10001] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 366.931383][T10001] kasan_report+0xe0/0x110 [ 366.931406][T10001] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 366.931437][T10001] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 366.931470][T10001] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 366.931500][T10001] ? find_held_lock+0x2b/0x80 [ 366.931522][T10001] ? __might_fault+0xe3/0x190 [ 366.931557][T10001] ? __might_fault+0xe3/0x190 [ 366.931591][T10001] ? __might_fault+0x13b/0x190 [ 366.931632][T10001] ? proc_simple_write+0x114/0x1b0 [ 366.931657][T10001] proc_simple_write+0x114/0x1b0 [ 366.931682][T10001] ? __pfx_proc_simple_write+0x10/0x10 [ 366.931707][T10001] proc_reg_write+0x240/0x330 [ 366.931744][T10001] ? __pfx_proc_reg_write+0x10/0x10 [ 366.931780][T10001] vfs_write+0x2a0/0x1150 [ 366.931818][T10001] ? __pfx_vfs_write+0x10/0x10 [ 366.931851][T10001] ? do_futex+0x122/0x350 [ 366.931880][T10001] ? __pfx_do_futex+0x10/0x10 [ 366.931908][T10001] ? __pfx_do_sys_openat2+0x10/0x10 [ 366.931939][T10001] ? __x64_sys_futex+0x1e0/0x4c0 [ 366.931966][T10001] ? __x64_sys_futex+0x1e9/0x4c0 [ 366.931997][T10001] ksys_write+0x12a/0x250 [ 366.932050][T10001] ? __pfx_ksys_write+0x10/0x10 [ 366.932089][T10001] do_syscall_64+0xcd/0x490 [ 366.932139][T10001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.932169][T10001] RIP: 0033:0x7f6f3858e929 [ 366.932189][T10001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.932213][T10001] RSP: 002b:00007f6f3934b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 366.932235][T10001] RAX: ffffffffffffffda RBX: 00007f6f387b6240 RCX: 00007f6f3858e929 [ 366.932252][T10001] RDX: 0000000000000003 RSI: 0000200000000300 RDI: 0000000000000003 [ 366.932271][T10001] RBP: 00007f6f38610b39 R08: 0000000000000000 R09: 0000000000000000 [ 366.932286][T10001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.932301][T10001] R13: 0000000000000000 R14: 00007f6f387b6240 R15: 00007ffe5dd1c528 [ 366.932324][T10001] [ 366.932331][T10001] [ 367.188423][T10001] Allocated by task 10001: [ 367.192864][T10001] kasan_save_stack+0x33/0x60 [ 367.197596][T10001] kasan_save_track+0x14/0x30 [ 367.202423][T10001] __kasan_kmalloc+0xaa/0xb0 [ 367.207071][T10001] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 367.213551][T10001] memdup_user_nul+0x2b/0x120 [ 367.218267][T10001] proc_simple_write+0xc7/0x1b0 [ 367.223166][T10001] proc_reg_write+0x240/0x330 [ 367.227891][T10001] vfs_write+0x2a0/0x1150 [ 367.232298][T10001] ksys_write+0x12a/0x250 [ 367.236676][T10001] do_syscall_64+0xcd/0x490 [ 367.241234][T10001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.247171][T10001] [ 367.249521][T10001] The buggy address belongs to the object at ffff8880789c2720 [ 367.249521][T10001] which belongs to the cache kmalloc-8 of size 8 [ 367.263345][T10001] The buggy address is located 0 bytes to the right of [ 367.263345][T10001] allocated 4-byte region [ffff8880789c2720, ffff8880789c2724) [ 367.277756][T10001] [ 367.280113][T10001] The buggy address belongs to the physical page: [ 367.286557][T10001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880789c2480 pfn:0x789c2 [ 367.296678][T10001] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 367.303840][T10001] page_type: f5(slab) [ 367.307888][T10001] raw: 00fff00000000000 ffff88801b441500 ffffea0000a4ea00 dead000000000002 [ 367.316552][T10001] raw: ffff8880789c2480 000000008080005d 00000000f5000000 0000000000000000 [ 367.325179][T10001] page dumped because: kasan: bad access detected [ 367.331635][T10001] page_owner tracks the page as allocated [ 367.337372][T10001] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8012, tgid 8009 (syz.3.430), ts 239640441905, free_ts 238762489711 [ 367.356615][T10001] post_alloc_hook+0x1c0/0x230 [ 367.361465][T10001] get_page_from_freelist+0x1321/0x3890 [ 367.367064][T10001] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 367.373005][T10001] alloc_pages_mpol+0x1fb/0x550 [ 367.377891][T10001] new_slab+0x23b/0x330 [ 367.382089][T10001] ___slab_alloc+0xd9c/0x1940 [ 367.386808][T10001] __slab_alloc.constprop.0+0x56/0xb0 [ 367.392221][T10001] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 367.398694][T10001] kstrdup+0x53/0x100 [ 367.402738][T10001] kstrdup_const+0x63/0x80 [ 367.407200][T10001] __kernfs_new_node+0x9b/0x8e0 [ 367.412106][T10001] kernfs_new_node+0x13c/0x1e0 [ 367.416917][T10001] kernfs_create_dir_ns+0x4c/0x1a0 [ 367.422072][T10001] sysfs_create_dir_ns+0x13a/0x2b0 [ 367.427233][T10001] kobject_add_internal+0x2c4/0x9b0 [ 367.432506][T10001] kobject_init_and_add+0x11b/0x190 [ 367.437745][T10001] page last free pid 23 tgid 23 stack trace: [ 367.443749][T10001] __free_frozen_pages+0x7fe/0x1180 [ 367.448998][T10001] tlb_remove_table_rcu+0x116/0x1a0 [ 367.454242][T10001] rcu_core+0x79c/0x14e0 [ 367.458539][T10001] handle_softirqs+0x219/0x8e0 [ 367.463337][T10001] run_ksoftirqd+0x3a/0x60 [ 367.467792][T10001] smpboot_thread_fn+0x3f7/0xae0 [ 367.472763][T10001] kthread+0x3c2/0x780 [ 367.476880][T10001] ret_from_fork+0x5d7/0x6f0 [ 367.481519][T10001] ret_from_fork_asm+0x1a/0x30 [ 367.486316][T10001] [ 367.488705][T10001] Memory state around the buggy address: [ 367.494368][T10001] ffff8880789c2600: 05 fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 367.502458][T10001] ffff8880789c2680: 05 fc fc fc 05 fc fc fc fa fc fc fc 05 fc fc fc [ 367.510552][T10001] >ffff8880789c2700: 00 fc fc fc 04 fc fc fc 00 fc fc fc 05 fc fc fc [ 367.518634][T10001] ^ [ 367.523765][T10001] ffff8880789c2780: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 367.531858][T10001] ffff8880789c2800: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 367.539973][T10001] ================================================================== [ 367.626156][T10001] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 367.633464][T10001] CPU: 1 UID: 0 PID: 10001 Comm: syz.0.860 Tainted: G U 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) [ 367.646812][T10001] Tainted: [U]=USER [ 367.650713][T10001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 367.660958][T10001] Call Trace: [ 367.664276][T10001] [ 367.667221][T10001] dump_stack_lvl+0x3d/0x1f0 [ 367.671869][T10001] panic+0x71c/0x800 [ 367.675833][T10001] ? __pfx_panic+0x10/0x10 [ 367.680290][T10001] ? mark_held_locks+0x49/0x80 [ 367.685271][T10001] ? preempt_schedule_thunk+0x16/0x30 [ 367.690668][T10001] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 367.696676][T10001] ? preempt_schedule_common+0x44/0xc0 [ 367.702181][T10001] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 367.708209][T10001] check_panic_on_warn+0xab/0xb0 [ 367.713193][T10001] end_report+0x107/0x170 [ 367.717546][T10001] kasan_report+0xee/0x110 [ 367.721985][T10001] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 367.727997][T10001] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 367.733834][T10001] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 367.740029][T10001] ? find_held_lock+0x2b/0x80 [ 367.744818][T10001] ? __might_fault+0xe3/0x190 [ 367.749619][T10001] ? __might_fault+0xe3/0x190 [ 367.754328][T10001] ? __might_fault+0x13b/0x190 [ 367.759132][T10001] ? proc_simple_write+0x114/0x1b0 [ 367.764276][T10001] proc_simple_write+0x114/0x1b0 [ 367.769275][T10001] ? __pfx_proc_simple_write+0x10/0x10 [ 367.774848][T10001] proc_reg_write+0x240/0x330 [ 367.779567][T10001] ? __pfx_proc_reg_write+0x10/0x10 [ 367.784835][T10001] vfs_write+0x2a0/0x1150 [ 367.789218][T10001] ? __pfx_vfs_write+0x10/0x10 [ 367.794035][T10001] ? do_futex+0x122/0x350 [ 367.798396][T10001] ? __pfx_do_futex+0x10/0x10 [ 367.803182][T10001] ? __pfx_do_sys_openat2+0x10/0x10 [ 367.808447][T10001] ? __x64_sys_futex+0x1e0/0x4c0 [ 367.813436][T10001] ? __x64_sys_futex+0x1e9/0x4c0 [ 367.818419][T10001] ksys_write+0x12a/0x250 [ 367.822793][T10001] ? __pfx_ksys_write+0x10/0x10 [ 367.827688][T10001] do_syscall_64+0xcd/0x490 [ 367.832215][T10001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.838238][T10001] RIP: 0033:0x7f6f3858e929 [ 367.842675][T10001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.862404][T10001] RSP: 002b:00007f6f3934b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 367.870856][T10001] RAX: ffffffffffffffda RBX: 00007f6f387b6240 RCX: 00007f6f3858e929 [ 367.878855][T10001] RDX: 0000000000000003 RSI: 0000200000000300 RDI: 0000000000000003 [ 367.886846][T10001] RBP: 00007f6f38610b39 R08: 0000000000000000 R09: 0000000000000000 [ 367.894980][T10001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.902980][T10001] R13: 0000000000000000 R14: 00007f6f387b6240 R15: 00007ffe5dd1c528 [ 367.911003][T10001] [ 367.914333][T10001] Kernel Offset: disabled [ 367.918682][T10001] Rebooting in 86400 seconds..