last executing test programs: 6.530931422s ago: executing program 3 (id=475): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) r2 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x100) ppoll$auto(&(0x7f0000000180)={r2, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) 5.699673771s ago: executing program 3 (id=478): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) pread64$auto(0xffffffffffffffff, 0xfffffffffffffffc, 0x5, 0xffffffffffff8000) statx$auto(0xffffff9c, 0x0, 0x1000, 0x6, 0x0) r0 = open(0x0, 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) arch_prctl$auto(0x1025, 0x12) listxattrat$auto(r0, &(0x7f0000000000)='./file0\x00', 0x5, &(0x7f0000000080)='\x00', 0x2040000000000) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x8, &(0x7f00000001c0)="e91953b4785d013864d94542b23a79ca42a8805672de3b12e3a0a72f90af0e0a064eb93524c67841d257f71cf65f41d9384235419ad40e299d6442c5ea6f6779bc15c7fb0ee32ad41db1cbf6e73803b0fd02b6964fbd80e6763604da1abe512a0e17fd350e2cac5e2aae8e9bf1b5fe90d0cdcb27126b24528c4067e89cd2c0953ce736639a5730bdfd26bc55a6c4c645db43cdf1ad4ce5bf10fee0a71ebac4bcd472a1343ac87a90c8f5e93ff79b1f853c2d0321b35c27fa28df327e3ed007c1aa122528a621be8170b8a92509b2dc", 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/035/001\x00', 0xa901, 0x0) ioctl$auto(0x3, 0x8004550f, 0x1) 5.140682613s ago: executing program 0 (id=479): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010725bd0c00831dfa3c22"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) 5.037189339s ago: executing program 2 (id=480): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) 4.060061895s ago: executing program 2 (id=481): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) ioperm$auto(0x3, 0xe, 0x2000000000000149) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) 4.058839853s ago: executing program 0 (id=489): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x5, r0, 0x0) r1 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(0xffffffffffffffff, 0x40285881, &(0x7f0000000000)={r1, 0x0, 0x6aad, 0x5, 0x0, 0x4}) r3 = fcntl$auto_F_UNLCK(r2, 0x7, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000005680)='/sys/kernel/debug/tracing/set_event\x00', 0x8000, 0x0) inotify_add_watch$auto(r3, &(0x7f0000000040)='./file0\x00', 0xd9a5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto(0x3, 0x0, 0x400000) 4.05843145s ago: executing program 1 (id=482): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) pread64$auto(0xffffffffffffffff, 0xfffffffffffffffc, 0x5, 0xffffffffffff8000) statx$auto(0xffffff9c, 0x0, 0x1000, 0x6, 0x0) r0 = open(0x0, 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) arch_prctl$auto(0x1025, 0x12) listxattrat$auto(r0, &(0x7f0000000000)='./file0\x00', 0x5, &(0x7f0000000080)='\x00', 0x2040000000000) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x8, &(0x7f00000001c0)="e91953b4785d013864d94542b23a79ca42a8805672de3b12e3a0a72f90af0e0a064eb93524c67841d257f71cf65f41d9384235419ad40e299d6442c5ea6f6779bc15c7fb0ee32ad41db1cbf6e73803b0fd02b6964fbd80e6763604da1abe512a0e17fd350e2cac5e2aae8e9bf1b5fe90d0cdcb27126b24528c4067e89cd2c0953ce736639a5730bdfd26bc55a6c4c645db43cdf1ad4ce5bf10fee0a71ebac4bcd472a1343ac87a90c8f5e93ff79b1f853c2d0321b35c27fa28df327e3ed007c1aa122528a621be8170b8a92509b2dc", 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0x100) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/035/001\x00', 0xa901, 0x0) ioctl$auto(0x3, 0x8004550f, 0x1) 3.656887731s ago: executing program 3 (id=483): stat$auto(0x0, &(0x7f0000000080)={0xb, 0x3, 0x9, 0x7ff, 0x0, 0x0, 0x0, 0x9, 0xfff, 0xfffffffffffffff9, 0x9, 0x2, 0x93a8, 0x9, 0xff, 0x63, 0x8}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_5={@target_ifindex, r0, 0x22, 0x1, r0, @relative_fd=r0, 0xca1}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x40200, 0x0) ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(r2, 0x3304, 0x0) capget$auto(0x0, 0xfffffffffffffffe) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r4 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000380)={0x2, 0x7, 0x1ff, 0x7, 0x8, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x7, 0xa121, 0x3, 0x0, 0x4, 0x9, 0x7, 0x20000006, 0x10011, 0x80, 0x100000000, 0x0, 0x5, 0x2100, 0x1ff, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0x7, 0xa982, 0x0, 0x94cf, 0xfffffffffffffffd, 0x0, 0x80000, 0x5, 0x7ff, 0xffffffffffffbfff, 0x1, 0x6, 0x0, 0xfffffffffffffffd, 0x7, 0x4, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0x8, 0x0, 0x20, 0x0, 0x80000000006, 0xfffffffffffffffc, 0x2, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x5, 0x3, 0xfffffffffffffffd, 0x8, 0x4000000000, 0x7], "cef831e9b12b6ffc923e986c9b46895d012582ef898774ccc5e03ccbe2f92f5dc287c31008a243463dd9d0124b74ff0e42f7c267a735e710659980702d0ab4cea96dcc0667154984d685166f7a836323dbecc312ef199b8760afb780e17addc5f9fdc74d8d8df911543375cf1c055f6fd846ddc7998c94667e64bc6c4ad34b636067677c20d923f16b4f28cfd546c1"}, 0xd, 0xe) sendmsg$auto_OVS_VPORT_CMD_DEL(r3, 0x0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0xc094}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) setdomainname$auto(0x0, 0x551) close_range$auto(0x2, 0x8, 0x0) read$auto_o2hb_debug_fops_heartbeat(r1, &(0x7f0000000140)=""/128, 0x80) socket(0xa, 0x3, 0x3b) sendto$auto(0xffffffffffffffff, 0x0, 0x3fe, 0x101, 0x0, 0x1c) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYRES16=r5, @ANYRES8=r5], 0x18}, 0x1, 0x0, 0x0, 0x400d0}, 0x404c054) r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) write$auto(r6, &(0x7f0000000000)='/dev/input/event0\x00', 0x7fe) 3.655009832s ago: executing program 0 (id=484): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) r2 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x100) ppoll$auto(&(0x7f0000000180)={r2, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) 2.982525149s ago: executing program 0 (id=485): stat$auto(0x0, &(0x7f0000000080)={0xb, 0x3, 0x9, 0x7ff, 0x0, 0x0, 0x0, 0x9, 0xfff, 0xfffffffffffffff9, 0x9, 0x2, 0x93a8, 0x9, 0xff, 0x63, 0x8}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_5={@target_ifindex, r0, 0x22, 0x1, r0, @relative_fd=r0, 0xca1}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x40200, 0x0) ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(r2, 0x3304, 0x0) capget$auto(0x0, 0xfffffffffffffffe) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r4 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000380)={0x2, 0x7, 0x1ff, 0x7, 0x8, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x7, 0xa121, 0x3, 0x0, 0x4, 0x9, 0x7, 0x20000006, 0x10011, 0x80, 0x100000000, 0x0, 0x5, 0x2100, 0x1ff, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0x7, 0xa982, 0x0, 0x94cf, 0xfffffffffffffffd, 0x0, 0x80000, 0x5, 0x7ff, 0xffffffffffffbfff, 0x1, 0x6, 0x0, 0xfffffffffffffffd, 0x7, 0x4, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0x8, 0x0, 0x20, 0x0, 0x80000000006, 0xfffffffffffffffc, 0x2, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x5, 0x3, 0xfffffffffffffffd, 0x8, 0x4000000000, 0x7], "cef831e9b12b6ffc923e986c9b46895d012582ef898774ccc5e03ccbe2f92f5dc287c31008a243463dd9d0124b74ff0e42f7c267a735e710659980702d0ab4cea96dcc0667154984d685166f7a836323dbecc312ef199b8760afb780e17addc5f9fdc74d8d8df911543375cf1c055f6fd846ddc7998c94667e64bc6c4ad34b636067677c20d923f16b4f28cfd546c1"}, 0xd, 0xe) sendmsg$auto_OVS_VPORT_CMD_DEL(r3, 0x0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0xc094}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) setdomainname$auto(0x0, 0x551) close_range$auto(0x2, 0x8, 0x0) read$auto_o2hb_debug_fops_heartbeat(r1, &(0x7f0000000140)=""/128, 0x80) socket(0xa, 0x3, 0x3b) sendto$auto(0xffffffffffffffff, 0x0, 0x3fe, 0x101, 0x0, 0x1c) socket(0x2, 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYRES16, @ANYRES8], 0x18}, 0x1, 0x0, 0x0, 0x400d0}, 0x404c054) r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) write$auto(r5, &(0x7f0000000000)='/dev/input/event0\x00', 0x7fe) 2.981958664s ago: executing program 2 (id=486): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x1a1000, 0x83) r1 = socket(0xa, 0x1, 0x6) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r1) shmctl$auto_IPC_RMID(0xfffffffd, 0x0, &(0x7f0000000200)={{0xfffffe01, 0xffffffffffffffff, 0xee00, 0xfff, 0xfffffffe, 0x8, 0x8001}, 0x3, 0x10, 0xfffffffffffffff8, 0x80, @raw=0x9, @raw=0x1, 0xfff7, 0x0, &(0x7f0000000140)="8742595998b710c14eb3f2f608c0d35ef7d4d9af48cde0f7b2b5a1c051abc23ede0f83610ad5af9346cbc320d7057f46fe07e62c2c0e1e0822a339966c9661d718dfee77bac980670079af2ef6a170181cd4df7fdb69b3c25f32", &(0x7f00000001c0)="b48a947e624ad3dc831a8f8d844c6bf735d2547d589acfe4bec80b049ec2f1e1dcd5f5437ff00421e6d8ac34a854dcb7eaf43fa6b3df1bc987baeb31b00438e9"}) add_key$auto(&(0x7f0000000700)=':\x00', &(0x7f0000000740)='\x00', 0x0, 0x7aef, 0x5) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r4, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r4, 0x7a4, 0x0) r5 = semctl$auto_GETALL(0x7, 0x6, 0xd, 0xfffffffffffffff8) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) r6 = getsockopt$auto_SO_TIMESTAMPING_NEW(r0, 0x9e, 0x41, &(0x7f0000000040)='.\x00', &(0x7f0000000100)=0x1000) sendmsg$auto_L2TP_CMD_SESSION_DELETE(r0, &(0x7f00000006c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000680)={&(0x7f0000000e80)=ANY=[@ANYBLOB='H\a\x00\x00', @ANYRES16=r2, @ANYBLOB="02002dbd7000fbdbdf250600000008000a0000010000000000000400060020001d8008ca3b00", @ANYRES32=r3, @ANYBLOB="0400028004001d8008004400", @ANYRES32=r5, @ANYBLOB="04001e80100934cc40943bd78a628af8c90a861dc7134f64d0d8f0e815081b36eea671d8632c03479f7f047c587748ea141c7d09d2a5f481ba34e27228f839afdfc0c6808d9d9d195ee1deb353f8c132d5e70346d25557d640f6d999101f74127f1d5c4166a78c63f50015ccc560e529fced0c410cb66c2dd7e1722fec4dd532577df583026a77c82c266f7653a60ae5b5df25f97de4dea3160028190400b40059e827f649dcba65d78e97aeaf77915b1236876c8646084a17dde367b4d5e72859cb5708001b00402a2400b99c628ad1ccdaed93254683ff5ca447dee86bcd94163705f16b3ce283f5372422a6f8255f91c4afe6de32a08d5411c1e6805ea0f32bcc4ba0611930edd1be8583f014dbe7f965b2a3538d35a930a4ce0e53df051d0a9a486dbbeeb9cac649c965c3f8cf761e96b14f3f723f75c2332b347742637f6bac6dd32177e6993e3b8145d25b5f47b7c9a800e5fbac11d61b7852dc32bcc06a39e08f1b75a5c16ae1a1ef96840240336112eed9d201d503bd1f6a2bbcbb5f6bf785ca0bcf241e313caaa98978e148a67bd29d14bdae5b36c9db8f514f89970f66b09ae5b2f74b700fa92e9cc7c11beae890dc269bf872f557044b804c03e980c6ba33ffd66ecfb24396b7f5441787eb3abb72b43b72530535e1a58c882df1ec843e6608617a489fa529602eaccc9c7fa411d871ef10bbdb54db5e97674e16c19315507b7b5d63e6c8c18680afd76c36f91a5c7c622faab63084d8d0456c34a58350b0702f8c1abbe959a93a49b635528463f5f687c37d293c9f58997303964c76a882d798680b1fd5dc6d7313ebd773de297a8e3361f68c9778734220009a801c0095800c00070006000000000000000800490006000000040084808c02d0807602de80755ef8291fe3661897d7a5c6a117bf827fc3d86540d1cf50ccadd2b045b7b97c6baa6b434b072bef3594677f0abdb0832300f8e019acfb8c1e535b810b7d42f02bd5144c6e89d0201634725750e4d02db3f56d82318434d1525022bcb9fa6d538632ae5e1380afd839c39d250ca09297e72d01f1c78afcc321df15391ee350ed0962aa3b7f47ba8a5c22332b67456808838cd1693c708038e337df71682f7c8e4298cc89d01012e26168379a2e8fc35133a9f71bd0faff400192817dc0d49b8e54201cd431566135fcf6c5f9590c3e7d974f9cb3fbac343f470b849637b806b67b91665ad72a0c58eac9f729d8356ac129f6a5ed8b741ee299c1154757476af067056e92dd7db41457b2e887fdb334b8940afd88b724b606fa30313f9fbe5ba83637c5b4713753baafb0e05a557b6aeee72ccebf06b56a2aa4834023800c624a9a34234daec72aeb53624eb981b4ac79a9fc429653be58bc245b2c03eaa4055e5faae89b1516619cef2455c1288785081d2ec5c4458f2e08b4adf8db4e0a9b687444cdc0de68ae68422a0b678f5411c424841fede4eb8bcfffc8e7ea7ae0f47be22518c45b967b9f2d8729c391debd1429ecb6d8d30400a8000400f2800800450046000000040079800400c6801f44c13cd65253c49e2320823d66feb66ad2ed0a95d9ea7a5ba53059724153461f2bc90077a0084655c7f0a473be065c17b12bfb160b661d97de780b2778f3d49f1992484b2f8db2e823e6a1ce66692e7f907f1ef38c9c521b34673911ee52190e819250212fdfacd6988c635b2d2a641f5d3b1bae83ae7c6b9f31793867c2e811e2a6ddd22cd2f2c954245ab5fadaf7ad13715e7bfe4e037b82213f5908001a000a0101020000100042800400468008009900", @ANYRES32=r6, @ANYBLOB="240089002e2f6367726f75702f6367726f75702e737562747265655f636f6e74726f6c0004000f800400cb80140039002001000000000000000000000000000204004580d7f9114ead3a7553b0d4c35833d676d06047e11d93a1c1223dffa1afafcd8c7370953c97688627cb7d8fd3ad17ff24be23fd82c981467ffcd1a4f967cfae4657b73478cd38aae4cdf0a064ff29694d646367f9afc692102d614a505717ea621b51cf564b82cdd1ff2b4cbbb0b529fb7f513f13c00231c04e5c0a01a9bd2f50b1bc28a6d523af4d07359215d27b2196af058c3f5ccba3c5d2dd72c6242737bee4dc8519bc441e556058084c0a6fc69b440708ffb3972a58e366d6048a7eadf2040054000000000008000c0008000000ea000000c268bbb64fc5f3ec0dee62868daa380d632d16fdbbb82edfc45dd94f66ae0ef8620d7bf5622b5c27f0b8cf7c25f7530f87d05c3a84e21b87280979f658c2b4d81d55b9cb157633cba6b28d7ae225a4e7f1ae1968bb9b282c350eaab02f610128c00b3f829e76f44d921f5eebd4e6388d33c947cc0f60c69d5c88207ed50d30cd375cb7426d16ba60da7de84f041b1e61b3c8df499fcd69197e203e9d8c3073e95530f694a3922bae9f9370d4f19ae7f8b096831888ee8dec584eed303e26a8979ae88b3748ffc7048455ee5317888e09d9ae7b60885af0a630433a2b0a220d2ce5056fc4c35f0000"], 0x748}, 0x1, 0x0, 0x0, 0x41}, 0x10) ioctl$auto(0xffffffffffffffff, 0xc0285629, 0xffffffffffffffff) 2.769985747s ago: executing program 1 (id=487): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) pread64$auto(0xffffffffffffffff, 0xfffffffffffffffc, 0x5, 0xffffffffffff8000) statx$auto(0xffffff9c, 0x0, 0x1000, 0x6, 0x0) r0 = open(0x0, 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) arch_prctl$auto(0x1025, 0x12) listxattrat$auto(r0, &(0x7f0000000000)='./file0\x00', 0x5, &(0x7f0000000080)='\x00', 0x2040000000000) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x8, &(0x7f00000001c0)="e91953b4785d013864d94542b23a79ca42a8805672de3b12e3a0a72f90af0e0a064eb93524c67841d257f71cf65f41d9384235419ad40e299d6442c5ea6f6779bc15c7fb0ee32ad41db1cbf6e73803b0fd02b6964fbd80e6763604da1abe512a0e17fd350e2cac5e2aae8e9bf1b5fe90d0cdcb27126b24528c4067e89cd2c0953ce736639a5730bdfd26bc55a6c4c645db43cdf1ad4ce5bf10fee0a71ebac4bcd472a1343ac87a90c8f5e93ff79b1f853c2d0321b35c27fa28df327e3ed007c1aa122528a621be8170b8a92509b2dc", 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0x100) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/035/001\x00', 0xa901, 0x0) ioctl$auto(0x3, 0x8004550f, 0x1) 2.181535084s ago: executing program 3 (id=488): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) r1 = socket(0x1e, 0x1, 0x0) listen$auto(r1, 0x2) mmap$auto(0x4, 0x8, 0x8c, 0x12, r0, 0xcd0) accept$auto(r1, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) read$auto(0x3, 0x0, 0x10) r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/nbd4/sched/read1_fifo_list\x00', 0x48040, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r2, &(0x7f00000000c0)=""/216, 0xd8) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000d80), r3) mmap$auto(0x0, 0xc00009, 0x4a, 0x9b72, 0x2, 0x800008000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_INFO(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="f1000000", @ANYRES16=r5, @ANYBLOB="010025bd7000ffdbdf250f000000"], 0x14}, 0x1, 0x0, 0x0, 0x40011}, 0x4000000) sendmsg$auto_IPVS_CMD_GET_SERVICE(r3, &(0x7f0000000d40)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000040)={&(0x7f00000001c0)={0xb54, r5, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x77d, 0x3, 0x0, 0x1, [@nested={0x159, 0x87, 0x0, 0x1, [@nested={0x4, 0x5c}, @typed={0x37, 0x43, 0x0, 0x0, @str='/sys/kernel/debug/block/nbd4/sched/read1_fifo_list\x00'}, @generic="e508d6f602d7c082494396679ed4ce0f1985b44c775292069c96538ea9dd0ef4e26bd6f6dd7aa56e776a55dcd6a72623852bf26358e846be34ab7795f0fc59b492d230b161a6750cc752da14460f7e55dd81fad8ece36a31f86da15bb8b76a54e7ea6c2bc5e0080d52847341273bc5dd0e659e5f95eece728e4d359d92e671de9e287aa1f26d422f806c36eba2b5cd743fb7bd2e041f2f564ca692caa867917e924ab26ed651c0f99b9d25c388b6496fc6fbd25e15779760e4e9f86c04c4b32e1e726c19267c3211", @nested={0x4, 0x2f}, @generic="b2a42cafd44b3cd760a305e8ee522ea321a494ce2e8e38053ade37d9f3495812ebea6ffc9eecbcb475f7ff2cc99594328da7a3118bc380f1e5035db3431c216e229f7d117d9c11237dc139b23d"]}, @generic="ace59238b19d2a830669f0875244b1fe2c4b1b5a45690c9d8df1e9a636c4a5bba81c6eddb8c677d47037d6b996ec851096ba36c96b563f2889726035183fc96dce992fd8a010403002e83797106e8f44b249d1769251b76172c99863485dd0314c77ab61887dd0dcdc8329a17ffe569583a51347725c", @generic="0a6951202491e25169261a825a286950b65906f2e9238bf2226eed6c92217072b716eecfb3b7a9ec1bc0780943ff98c91fce53a9fe9ab16854ba145712121b0b7a586e3c5347b528c8c71d528893e0c06bc5c3436ab323", @generic="21657ae1a461ea6dcb995bb0630d4584cfc5c83852f51760872c5a26e4afe23f5634e9b0a6dc0dce1be91ef49ac585b4cd118c6acf7b9522db794d40436613205e3049707caa6ca068e88a559eaa7ef4d1c1fe2ac1c62468930ffc549e119622780f6f8e5ddd472dd991566fce542d22d59e396658ad3ebed888", @generic="032127d9b6ae04229bd8de1512b6dd06af0725a71eb8753c8c642cf04b8f1c05ddc30d9c5ee13162ae0c358b47f50b1de85db95a56f0b10cba51e356348b568a50f3c4dfd1ecae1054bce21ee6fbf7750f6564962931702fd51017acdd9d2645f621", @typed={0x8, 0x111, 0x0, 0x0, @fd=r3}, @nested={0x10, 0x84, 0x0, 0x1, [@nested={0x4, 0x26}, @typed={0x8, 0x71, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x1d}}]}, @typed={0x8, 0x142, 0x0, 0x0, @u32=0x5}, @nested={0x453, 0x13a, 0x0, 0x1, [@generic="03081ccd8e4aa46e10c28c2eb59153becec4c5fc1de20f71f44c26990e814a70f3c4b354d2fa513c973aa846b8fd568a5cb99b20b79f6529d417145e13cc42a0f9699bfb30d3814cf03e45535f721996cecdf6ef8120f34b9659d876e1320a8c8c603159c3b50951cb626a112b56022e760a63b5f14bc5224ba1c663d6b6a29a85c6cb77cc06a1d81e2624b196183b7e1b87fc96fef8242480cc64ef121cb1f98b54f38d753fa9bee0dcf6e8e092e2f86e745f0aaecf73bda28241d02f57fe21e9e541bf1781b1c031e6b2b8f95ede5c3c19c9811f4ffcfc82d414c9ae4e57dc8479cc86388f56713062", @generic="1e5c5fb6221836fad9a7b00d7fbbcc9312c17693b5da859e10d39191ef3875c336c9574271456f1544726c352e1415c19652be84920830b0413236ec16b1a17bb3e234ddbf5e0e04360897c16600717f0bf36eebe3e5f5469b4e48682b4bfd0eb9a84f6f1552baf0ca990701be4fd1bd2fedafb9aa464430c487066bf48922e75ddc772df448bcaf626087459c23683bed1c2796091960098f5c5b44c4b035f23393eac75e5722e69b5acefaf4c55e17efc6793df30fa7dc64fc464c598213f434b88ad8a166aa6a7befb0e388fbae5d1d1f47255fc0ef26b3ad36cb3ee0220291060a57742c36ca34690e7a8c3ca36a0519303f934e54d7a9", @generic="61a60078bea214bea360c77dad9fbcd5c68c880628f46d766200b65c40d0c96960de36ef31d305385476c6b3b92e72d1edba5dfc150a91ff9fffb11aa89f2dfea5b3f91ce6c1c69720a70c94ff03a721efee608b2352177d5f038fca99830f4849fa7a68d6d0559f73e7446184722929cbdd66bceba3ab578be3e0049438a9c98dec056310edbc737fa764263f367c53928e98a431cdd03ce0481bb6019ef7c2eee3dc66917779e03129d1006fb931725822c30134d48d53625987f567e74b0d40", @nested={0x4, 0x2d}, @generic="92a024cf6345ffc044eb09fa2a6074cdba134e992604604b95528914b13aebd5f8d891a1b7d8a42b8bd022ecf93d6c0c88359e3dd3bca58435b73c294c4dfccd1fbb2551b81d2ab82e68b231d507276b8099cbae6c1ae92162e1d66cae85cffe724caa310d8eed53bceb79148d476479605884a6b3bcdb7146abc9201e0116a52202136f624774c2454063a7e09bea70330a7885e77fe78308399595fd69724a918e04168d8c294d640b79f8865435", @typed={0xea, 0x9f, 0x0, 0x0, @binary="1d9dfbf82577016ed8dda3ad9bb5ce714e7baf57a5587623920433094b8666aa8f9aef4d51bf985f5ec35f62e85a00635cc627706c4fb8215cbe56317ca98344a2a51c4a518f6ee9095c120554bee03f3f8c7713564fd71a872a47b7c12176ee3933c5aa8cc0fc125636b6d4132188e29e6cea1d4196471abd89c694ea6c8ef3e92844d295973b077cfbfc54c3831ec129c6e306b0494219783e3946ecd5b590cfcf5c9b51f6d74f08947a0c8a3a3047c1a1c693613206cab12dcd339f95f8aa3118b0dfc2b073f3ec952710b9d50bb1d9f91df8c8a0066684a814e821ea8881e9a02a248d3a"}, @typed={0x8, 0x13b, 0x0, 0x0, @u32=0x5}, @nested={0x4, 0x6b}]}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x3b6, 0x1, 0x0, 0x1, [@nested={0x155, 0x149, 0x0, 0x1, [@generic="5c7b6592f6874457a80097128064bf2d9e9de3099229b9e7d5cfe1a9583dc838b8b09fd7440a88f4de78e1ed3a24121c2055dbd0858621df8a383877f6617515417b54bee7f09e538dcb2aad15c2ebe98ef1b3ce824f7cab2bb8bf0139131d668b9a6913c83dea8dfbc7ba72e04cc8c8befae25643af3a3a7ce24848c41fcd86491865f50c58abd65fdbe33e48a27e45ad1aa099", @generic="101eb0eb9da1ba7f6dd5cf83d1d553007e372bdf5b53e4a6d8cb20c9cc1d12ed4ccf38a9922a69e4b63d0ac2ed03466af496bfc18cd6603112d918f1331a76314bf9ba4012a9031b7432d536d1d8e8d1c13dac875e237ac9f3121c1bfecd0f8710b9e3016c98857a1928edc20ba73b502c46e7a71384ee1e3456a2bbc939d6232ec7dc0b109768e3a6b1a7d7789f90922b31665ee5c0e6c9f2851dbb19cfca5fbd0ae190422edbc1975e077278cb7eab99e0f811161aa3fd2be4b3c9d0"]}, @typed={0x4, 0x9e}, @generic="438a1782609cfb7766eff72f3b39a939461c2478c811c9724b029d88728d00c9a966eca55bc9738c668958f26d1faefaad7a620d860063a0bc9b54", @generic="877d0d3107215476cea1f5b76eefbbf39597c651e96822e7ce1267be0af111f0a78587d6b5a48f7f2d67d5ff3389d009f7b437b03800c51c4d07c769e8c090b6c7282349c3d58cb58d55a57997d8976b4904c8075db52b56195febbc4e33afadd13884acd09694a93f5024dac7bb28a004f032ac", @nested={0xf8, 0x12b, 0x0, 0x1, [@generic="5dd60ed6a210237857fcab1211c490cfcc66e558ca21c6a529210bd63d597b09e265f2d362016c9168afa08e8fc8e21f713ee00d9deddb3859a74a45bf57b2953ff761c3df94a04dad103242147776b7760b24336fbf29d4b42706c63c3ac32d88b12709", @nested={0x4, 0x4d}, @typed={0x8, 0xd5, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2f}}, @nested={0x4, 0x47}, @typed={0x76, 0xe4, 0x0, 0x0, @binary="dc593c5fcb362da581905e80c4cab5eaaf8d0d49144ea04b2b2468cf1f7ac45d05777f3af540e17ce0568f1aef81a24462fb226803b2bb4dc7e6d90ee664900c236324294b6c2c98ea8130a763b199d22ee47fb4896b459cf9a0712d3ffb00785f7c5be7c7ca0293949ab0f43942b0597fe9"}, @nested={0x4, 0xae}, @nested={0x4, 0x28}]}, @generic="3d0aa44ce18cc2c6675e6be87c86b95671ab36ca180e6558e6f3918b0c0f8efc62137e957be15d1b02725b477847fe54e8aae1a50aa2e8dc6909f456891b5ad2e320950699", @generic="426a38395e738cf23a9f9ea1ba2e4d8313f7f88604fcc368d08bb77e79023cec25070998dee5392b13bd28a6c416623d4d4f93dd31ea4348338e0670d7dec7ad83f88ddb7e5dfb90aad187dca115d58a54757b4437e96c00d72c625f90778dd1f227768105e41f97763c"]}]}, 0xb54}, 0x1, 0x0, 0x0, 0x10800}, 0x8046) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x29, 0x5, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) migrate_pages$auto(0x0, 0x99, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) close_range$auto(0x0, 0x5, 0x0) 1.962561627s ago: executing program 2 (id=490): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) 1.569908527s ago: executing program 0 (id=491): bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) (async) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0xeca0, 0x13, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x4, 0x20019) madvise$auto(0x0, 0x8000000000000000, 0x15) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) (async) madvise$auto(0x0, 0x2000000080000001, 0x3) socket(0x22, 0x1, 0x103) socket(0x2b, 0x1, 0x1) (async) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x404, 0x8000) getsockopt$auto(0x4, 0x6, 0x15, 0xfffffffffffffffc, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) (async) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x30, 0x80000006, 0x4) (async) madvise$auto(0x30, 0x80000006, 0x4) socket(0x10, 0x2, 0x0) (async) r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1, 0x7, 0x44, 0x4909b6f8, 0x201ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x2000, 0x81, [0x2, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0x6, 0x70624ce7, 0x3, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xffffffffffff7ffe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x40000, 0x6, 0x0, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x8001, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xfa68) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) 1.28566239s ago: executing program 1 (id=492): openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x3, 0x0) unshare$auto(0xab20) r0 = openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000001100), 0x40, 0x0) read$auto_transactions_fops_(r0, &(0x7f0000001140)=""/67, 0x43) r1 = gettid() getpgrp(r1) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) socket(0x2c, 0x3, 0x2fd) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, 0x0, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3000, 0x9, 0x6, 0x10002, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x6, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0x6, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x4, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x8, 0x0, 0x100000]}, 0x1fe, 0xfffffff9) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace\x00', 0x80800, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) 1.233171347s ago: executing program 3 (id=493): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0xd) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0xffff) write$auto(r0, 0x0, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffded) sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x3, 0x8000000000000000, 0x0) socket(0xa, 0x3, 0x6) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x472100, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x0) r3 = socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x23}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) setsockopt$auto(r3, 0x1, 0x3f, 0x0, 0xb) 1.011303215s ago: executing program 2 (id=494): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r0, 0x4b4a, 0x0) 797.134194ms ago: executing program 1 (id=495): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000005680)='/sys/kernel/debug/tracing/set_event\x00', 0x8000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto(0x3, 0x0, 0x400000) 760.01035ms ago: executing program 2 (id=496): r0 = prctl$auto_PR_SET_THP_DISABLE(0x29, 0x7fffffff, 0xffffffffffffffff, 0xa4c7, 0xd) getsockopt$auto_SO_TIMESTAMP_NEW(r0, 0x80000000, 0x3f, &(0x7f0000000000)='/sys/kernel/config/target/version\x00', &(0x7f0000000080)=0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x18000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x19) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) connect$auto(0x3, 0x0, 0x55) r2 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x5}, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) pread64$auto(0xffffffffffffffff, 0x0, 0x400000000007, 0x10000) r3 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config/target/version\x00', 0x0, 0x0) write$auto_configfs_file_operations_configfs_internal(r3, 0x0, 0x0) read$auto(0x3, 0x0, 0x80) 343.425964ms ago: executing program 1 (id=497): unshare$auto(0x40000080) rename$auto(0x0, &(0x7f0000000080)='./file0\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010725bd0c00831dfa3c22"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) 285.514948ms ago: executing program 3 (id=498): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000005680)='/sys/kernel/debug/tracing/set_event\x00', 0x8000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto(0x3, 0x0, 0x400000) (fail_nth: 2) 143.45703ms ago: executing program 0 (id=499): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) ioperm$auto(0x3, 0xe, 0x2000000000000149) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) r1 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x100) ppoll$auto(&(0x7f0000000180)={r1, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, 0x0, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) write$auto(0x3, 0x0, 0xfffffdef) 0s ago: executing program 1 (id=500): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) kernel console output (not intermixed with test programs): 1560 would solve the problem. [ 77.531997][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.597741][ T5837] hsr_slave_0: entered promiscuous mode [ 77.604034][ T5837] hsr_slave_1: entered promiscuous mode [ 77.609885][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 77.617605][ T5837] Cannot create hsr debugfs directory [ 77.654412][ T5842] hsr_slave_0: entered promiscuous mode [ 77.660493][ T5842] hsr_slave_1: entered promiscuous mode [ 77.667014][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 77.674638][ T5842] Cannot create hsr debugfs directory [ 77.773488][ T5838] Bluetooth: hci1: command tx timeout [ 77.773666][ T5146] Bluetooth: hci2: command tx timeout [ 77.853170][ T5146] Bluetooth: hci0: command tx timeout [ 77.853205][ T5838] Bluetooth: hci3: command tx timeout [ 77.896228][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 77.916174][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 77.939074][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 77.953996][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 77.970869][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.988752][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 78.006898][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 78.030012][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 78.059221][ T5842] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 78.069258][ T5842] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 78.079557][ T5842] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 78.089170][ T5842] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 78.169942][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 78.184026][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 78.197598][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 78.208075][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 78.301486][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.330114][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.366990][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.383536][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.404014][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.411209][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.427186][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.434313][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.443796][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.450870][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.476315][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.492384][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.499500][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.546880][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.576915][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.594747][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.601836][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.610630][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.617727][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.631386][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.659761][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.666954][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.700623][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.707754][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.794517][ T5837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 78.892588][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.988726][ T5831] veth0_vlan: entered promiscuous mode [ 79.024771][ T5831] veth1_vlan: entered promiscuous mode [ 79.110822][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.129359][ T5831] veth0_macvtap: entered promiscuous mode [ 79.150155][ T5831] veth1_macvtap: entered promiscuous mode [ 79.181017][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.200126][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.210547][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.227243][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.236223][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.245298][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.258224][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.267082][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.348645][ T5835] veth0_vlan: entered promiscuous mode [ 79.375949][ T5837] veth0_vlan: entered promiscuous mode [ 79.390054][ T5835] veth1_vlan: entered promiscuous mode [ 79.414409][ T5837] veth1_vlan: entered promiscuous mode [ 79.441939][ T5842] veth0_vlan: entered promiscuous mode [ 79.472496][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.486821][ T5842] veth1_vlan: entered promiscuous mode [ 79.493828][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.537619][ T5837] veth0_macvtap: entered promiscuous mode [ 79.546180][ T5835] veth0_macvtap: entered promiscuous mode [ 79.561149][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.577601][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.579322][ T5837] veth1_macvtap: entered promiscuous mode [ 79.597889][ T5835] veth1_macvtap: entered promiscuous mode [ 79.606508][ T5842] veth0_macvtap: entered promiscuous mode [ 79.632479][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.645479][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.661239][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.681618][ T5842] veth1_macvtap: entered promiscuous mode [ 79.692303][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.709530][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.721240][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.740471][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.751393][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.762217][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.774090][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.787774][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.791606][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 79.819734][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.828989][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.838033][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.846816][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.853700][ T5838] Bluetooth: hci1: command tx timeout [ 79.856286][ T5146] Bluetooth: hci2: command tx timeout [ 79.869969][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.880830][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.891101][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.901830][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.912603][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.933286][ T5146] Bluetooth: hci3: command tx timeout [ 79.943222][ T5146] Bluetooth: hci0: command tx timeout [ 79.949904][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.962099][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.983859][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.994529][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.004405][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.015267][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.030799][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.057812][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.070260][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.086284][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.098671][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.113722][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.128792][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.141329][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.155971][ T5842] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.165523][ T5842] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.171159][ T5896] mmap: syz.1.2 (5896) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 80.175330][ T5842] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.195987][ T5842] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.219148][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.228511][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.240360][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.251423][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.285447][ T5896] HfR: entered promiscuous mode [ 80.424777][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.432613][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.499525][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.508296][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.534400][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.545476][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.562639][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.579947][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.609619][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.623692][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.661494][ T595] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.679170][ T595] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.913947][ T5906] FAULT_INJECTION: forcing a failure. [ 80.913947][ T5906] name failslab, interval 1, probability 0, space 0, times 1 [ 80.943808][ T5906] CPU: 0 UID: 0 PID: 5906 Comm: syz.3.4 Not tainted 6.14.0-rc1-syzkaller #0 [ 80.943840][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 80.943857][ T5906] Call Trace: [ 80.943864][ T5906] [ 80.943876][ T5906] dump_stack_lvl+0x16c/0x1f0 [ 80.943922][ T5906] should_fail_ex+0x50a/0x650 [ 80.943952][ T5906] ? fs_reclaim_acquire+0xae/0x150 [ 80.943994][ T5906] should_failslab+0xc2/0x120 [ 80.944024][ T5906] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 80.944051][ T5906] ? __alloc_skb+0x2b3/0x380 [ 80.944075][ T5906] ? genl_start+0x1e7/0x960 [ 80.944115][ T5906] __alloc_skb+0x2b3/0x380 [ 80.944136][ T5906] ? __pfx___alloc_skb+0x10/0x10 [ 80.944156][ T5906] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.944203][ T5906] netlink_dump+0x699/0xd00 [ 80.944241][ T5906] ? __pfx_netlink_dump+0x10/0x10 [ 80.944287][ T5906] ? kasan_save_track+0x14/0x30 [ 80.944313][ T5906] ? __kasan_kmalloc+0xaa/0xb0 [ 80.944339][ T5906] ? genl_start+0x67d/0x960 [ 80.944381][ T5906] __netlink_dump_start+0x6d9/0x980 [ 80.944419][ T5906] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 80.944446][ T5906] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 80.944471][ T5906] ? rcu_is_watching+0x12/0xc0 [ 80.944535][ T5906] ? __pfx_genl_start+0x10/0x10 [ 80.944571][ T5906] ? __pfx_genl_dumpit+0x10/0x10 [ 80.944590][ T5906] ? __pfx_genl_done+0x10/0x10 [ 80.944612][ T5906] ? bpf_lsm_capable+0x9/0x10 [ 80.944652][ T5906] ? security_capable+0x7e/0x260 [ 80.944691][ T5906] ? ns_capable+0xd7/0x110 [ 80.944725][ T5906] genl_rcv_msg+0x470/0x800 [ 80.944752][ T5906] ? __pfx_genl_rcv_msg+0x10/0x10 [ 80.944776][ T5906] ? __pfx_nl80211_dump_mpp+0x10/0x10 [ 80.944824][ T5906] netlink_rcv_skb+0x165/0x410 [ 80.944860][ T5906] ? __pfx_genl_rcv_msg+0x10/0x10 [ 80.944886][ T5906] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 80.944937][ T5906] ? down_read+0xc9/0x330 [ 80.944960][ T5906] ? __pfx_down_read+0x10/0x10 [ 80.944986][ T5906] ? netlink_deliver_tap+0x1ae/0xca0 [ 80.945025][ T5906] genl_rcv+0x28/0x40 [ 80.945060][ T5906] netlink_unicast+0x53c/0x7f0 [ 80.945098][ T5906] ? __pfx_netlink_unicast+0x10/0x10 [ 80.945133][ T5906] ? __phys_addr_symbol+0x30/0x80 [ 80.945171][ T5906] ? __check_object_size+0x488/0x710 [ 80.945206][ T5906] netlink_sendmsg+0x8b8/0xd70 [ 80.945246][ T5906] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.945292][ T5906] ____sys_sendmsg+0x9ae/0xb40 [ 80.945324][ T5906] ? copy_msghdr_from_user+0x10b/0x160 [ 80.945348][ T5906] ? __pfx_____sys_sendmsg+0x10/0x10 [ 80.945396][ T5906] ___sys_sendmsg+0x135/0x1e0 [ 80.945424][ T5906] ? __pfx____sys_sendmsg+0x10/0x10 [ 80.945463][ T5906] ? __pfx_lock_release+0x10/0x10 [ 80.945492][ T5906] ? trace_lock_acquire+0x14e/0x1f0 [ 80.945527][ T5906] ? __fget_files+0x206/0x3a0 [ 80.945561][ T5906] __sys_sendmsg+0x16e/0x220 [ 80.945588][ T5906] ? __pfx___sys_sendmsg+0x10/0x10 [ 80.945633][ T5906] do_syscall_64+0xcd/0x250 [ 80.945662][ T5906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.945694][ T5906] RIP: 0033:0x7f2af638cda9 [ 80.945717][ T5906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.945739][ T5906] RSP: 002b:00007f2af72c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.945780][ T5906] RAX: ffffffffffffffda RBX: 00007f2af65a5fa0 RCX: 00007f2af638cda9 [ 80.945798][ T5906] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000003 [ 80.945814][ T5906] RBP: 00007f2af72c5090 R08: 0000000000000000 R09: 0000000000000000 [ 80.945830][ T5906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.945845][ T5906] R13: 0000000000000000 R14: 00007f2af65a5fa0 R15: 00007ffc0c1c6c48 [ 80.945881][ T5906] [ 81.809975][ T5908] HfR: entered promiscuous mode [ 81.949877][ T5146] Bluetooth: hci1: command tx timeout [ 81.949915][ T5838] Bluetooth: hci2: command tx timeout [ 82.013993][ T5838] Bluetooth: hci0: command tx timeout [ 82.014006][ T5146] Bluetooth: hci3: command tx timeout [ 82.564015][ T5912] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 83.024650][ T5936] HfR: entered promiscuous mode [ 83.133503][ T5936] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10'. [ 83.178546][ T5936] HfR: left promiscuous mode [ 83.801258][ T29] audit: type=1800 audit(1738594694.514:2): pid=5947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.12" name="file0" dev="tmpfs" ino=44 res=0 errno=0 [ 84.013658][ T5838] Bluetooth: hci1: command tx timeout [ 84.013669][ T5146] Bluetooth: hci2: command tx timeout [ 84.093284][ T5838] Bluetooth: hci3: command tx timeout [ 84.272999][ T5949] openvswitch: HfR: Dropping previously announced user features [ 84.296266][ T5949] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13'. [ 84.311538][ T5949] HfR: left promiscuous mode [ 84.575406][ T5944] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 84.591882][ T5944] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 84.619275][ T5944] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 84.657664][ T5944] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 84.673594][ T5955] FAULT_INJECTION: forcing a failure. [ 84.673594][ T5955] name failslab, interval 1, probability 0, space 0, times 0 [ 84.683056][ T5944] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 84.690692][ T5955] CPU: 0 UID: 0 PID: 5955 Comm: syz.2.14 Not tainted 6.14.0-rc1-syzkaller #0 [ 84.690730][ T5955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 84.690748][ T5955] Call Trace: [ 84.690758][ T5955] [ 84.690768][ T5955] dump_stack_lvl+0x16c/0x1f0 [ 84.690825][ T5955] should_fail_ex+0x50a/0x650 [ 84.690865][ T5955] ? fs_reclaim_acquire+0xae/0x150 [ 84.690922][ T5955] should_failslab+0xc2/0x120 [ 84.690963][ T5955] __kmalloc_noprof+0xce/0x4f0 [ 84.691001][ T5955] ? rcu_is_watching+0x12/0xc0 [ 84.691048][ T5955] ? handler_new_ref+0x1b0/0xc60 [ 84.691097][ T5955] handler_new_ref+0x1b0/0xc60 [ 84.691148][ T5955] v4l2_ctrl_new+0x11a0/0x2030 [ 84.691203][ T5955] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 84.691243][ T5955] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 84.691286][ T5955] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 84.691337][ T5955] v4l2_ctrl_new_std+0x1b3/0x280 [ 84.691389][ T5955] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 84.691439][ T5955] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 84.691488][ T5955] ? trace_kmalloc+0x2d/0xd0 [ 84.691537][ T5955] ? lockdep_init_map_type+0x16d/0x7d0 [ 84.691590][ T5955] ? media_request_object_init+0x100/0x180 [ 84.691631][ T5955] vicodec_open+0x201/0xf80 [ 84.691685][ T5955] v4l2_open+0x222/0x490 [ 84.691719][ T5955] ? __pfx_v4l2_open+0x10/0x10 [ 84.691753][ T5955] chrdev_open+0x237/0x6a0 [ 84.691786][ T5955] ? __pfx_apparmor_file_open+0x10/0x10 [ 84.691819][ T5955] ? __pfx_chrdev_open+0x10/0x10 [ 84.691858][ T5955] ? file_set_fsnotify_mode+0x163/0x5d0 [ 84.691911][ T5955] do_dentry_open+0x735/0x1c40 [ 84.691944][ T5955] ? __pfx_chrdev_open+0x10/0x10 [ 84.691981][ T5955] ? inode_permission+0xdd/0x5f0 [ 84.692027][ T5955] vfs_open+0x82/0x3f0 [ 84.692070][ T5955] ? may_open+0x1f2/0x400 [ 84.692116][ T5955] path_openat+0x1e88/0x2d80 [ 84.692163][ T5955] ? __pfx_path_openat+0x10/0x10 [ 84.692196][ T5955] ? __pfx___lock_acquire+0x10/0x10 [ 84.692230][ T5955] ? lock_acquire.part.0+0x11b/0x380 [ 84.692265][ T5955] ? find_held_lock+0x2d/0x110 [ 84.692315][ T5955] do_filp_open+0x20c/0x470 [ 84.692349][ T5955] ? __pfx_do_filp_open+0x10/0x10 [ 84.692380][ T5955] ? find_held_lock+0x2d/0x110 [ 84.692462][ T5955] ? alloc_fd+0x41f/0x760 [ 84.692517][ T5955] do_sys_openat2+0x17a/0x1e0 [ 84.692557][ T5955] ? __pfx_do_sys_openat2+0x10/0x10 [ 84.692612][ T5955] __x64_sys_openat+0x175/0x210 [ 84.692656][ T5955] ? __pfx___x64_sys_openat+0x10/0x10 [ 84.692730][ T5955] do_syscall_64+0xcd/0x250 [ 84.692761][ T5955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.692804][ T5955] RIP: 0033:0x7f596e58cda9 [ 84.692827][ T5955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.692855][ T5955] RSP: 002b:00007f596f394038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 84.692882][ T5955] RAX: ffffffffffffffda RBX: 00007f596e7a5fa0 RCX: 00007f596e58cda9 [ 84.692901][ T5955] RDX: 00000000001ab442 RSI: 0000000020000340 RDI: ffffffffffffff9c [ 84.692920][ T5955] RBP: 00007f596e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 84.692937][ T5955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.692954][ T5955] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 84.692991][ T5955] [ 85.053593][ T5944] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 85.076482][ T5944] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 85.098041][ T5944] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 85.119579][ T5944] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 85.161666][ T5944] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 85.184427][ T5944] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 85.215653][ T5944] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 85.772787][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 86.190283][ T5969] FAULT_INJECTION: forcing a failure. [ 86.190283][ T5969] name failslab, interval 1, probability 0, space 0, times 0 [ 86.243505][ T5969] CPU: 0 UID: 0 PID: 5969 Comm: syz.1.18 Not tainted 6.14.0-rc1-syzkaller #0 [ 86.243541][ T5969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 86.243556][ T5969] Call Trace: [ 86.243564][ T5969] [ 86.243575][ T5969] dump_stack_lvl+0x16c/0x1f0 [ 86.243626][ T5969] should_fail_ex+0x50a/0x650 [ 86.243660][ T5969] ? fs_reclaim_acquire+0xae/0x150 [ 86.243709][ T5969] should_failslab+0xc2/0x120 [ 86.243744][ T5969] __kmalloc_noprof+0xce/0x4f0 [ 86.243777][ T5969] ? handler_new_ref+0x1b0/0xc60 [ 86.243819][ T5969] handler_new_ref+0x1b0/0xc60 [ 86.243863][ T5969] v4l2_ctrl_new+0x11a0/0x2030 [ 86.243911][ T5969] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 86.243951][ T5969] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 86.243995][ T5969] v4l2_ctrl_new_std+0x1b3/0x280 [ 86.244041][ T5969] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 86.244080][ T5969] ? rcu_is_watching+0x12/0xc0 [ 86.244122][ T5969] ? trace_kmalloc+0x2d/0xd0 [ 86.244161][ T5969] ? lockdep_init_map_type+0x16d/0x7d0 [ 86.244223][ T5969] ? media_request_object_init+0x100/0x180 [ 86.244259][ T5969] vicodec_open+0x1da/0xf80 [ 86.244295][ T5969] v4l2_open+0x222/0x490 [ 86.244335][ T5969] ? __pfx_v4l2_open+0x10/0x10 [ 86.244367][ T5969] chrdev_open+0x237/0x6a0 [ 86.244399][ T5969] ? __pfx_apparmor_file_open+0x10/0x10 [ 86.244430][ T5969] ? __pfx_chrdev_open+0x10/0x10 [ 86.244465][ T5969] ? file_set_fsnotify_mode+0x163/0x5d0 [ 86.244513][ T5969] do_dentry_open+0x735/0x1c40 [ 86.244543][ T5969] ? __pfx_chrdev_open+0x10/0x10 [ 86.244577][ T5969] ? inode_permission+0xdd/0x5f0 [ 86.244619][ T5969] vfs_open+0x82/0x3f0 [ 86.244652][ T5969] ? may_open+0x1f2/0x400 [ 86.244694][ T5969] path_openat+0x1e88/0x2d80 [ 86.244737][ T5969] ? __pfx_path_openat+0x10/0x10 [ 86.244768][ T5969] ? __pfx___lock_acquire+0x10/0x10 [ 86.244799][ T5969] ? lock_acquire.part.0+0x11b/0x380 [ 86.244832][ T5969] ? find_held_lock+0x2d/0x110 [ 86.244880][ T5969] do_filp_open+0x20c/0x470 [ 86.244911][ T5969] ? __pfx_do_filp_open+0x10/0x10 [ 86.244938][ T5969] ? find_held_lock+0x2d/0x110 [ 86.245005][ T5969] ? alloc_fd+0x41f/0x760 [ 86.245043][ T5969] do_sys_openat2+0x17a/0x1e0 [ 86.245081][ T5969] ? __pfx_do_sys_openat2+0x10/0x10 [ 86.245132][ T5969] __x64_sys_openat+0x175/0x210 [ 86.245171][ T5969] ? __pfx___x64_sys_openat+0x10/0x10 [ 86.245224][ T5969] do_syscall_64+0xcd/0x250 [ 86.245253][ T5969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.245291][ T5969] RIP: 0033:0x7f98cb98cda9 [ 86.245312][ T5969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.245345][ T5969] RSP: 002b:00007f98cc891038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 86.245370][ T5969] RAX: ffffffffffffffda RBX: 00007f98cbba5fa0 RCX: 00007f98cb98cda9 [ 86.245388][ T5969] RDX: 00000000001ab442 RSI: 0000000020000340 RDI: ffffffffffffff9c [ 86.245405][ T5969] RBP: 00007f98cba0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 86.245422][ T5969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.245438][ T5969] R13: 0000000000000000 R14: 00007f98cbba5fa0 R15: 00007ffc6189a3e8 [ 86.245474][ T5969] [ 86.762733][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 87.137488][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 87.212796][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 87.634177][ T5974] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 87.713360][ T5973] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 87.852751][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 88.814798][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 89.133724][ T5992] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 89.168227][ T5992] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 89.212825][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 89.231886][ T5989] HfR: entered promiscuous mode [ 89.294873][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 89.913586][ T6001] FAULT_INJECTION: forcing a failure. [ 89.913586][ T6001] name failslab, interval 1, probability 0, space 0, times 0 [ 89.933872][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 89.954717][ T6001] CPU: 0 UID: 0 PID: 6001 Comm: syz.3.28 Not tainted 6.14.0-rc1-syzkaller #0 [ 89.954749][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 89.954764][ T6001] Call Trace: [ 89.954772][ T6001] [ 89.954782][ T6001] dump_stack_lvl+0x16c/0x1f0 [ 89.954830][ T6001] should_fail_ex+0x50a/0x650 [ 89.954864][ T6001] ? fs_reclaim_acquire+0xae/0x150 [ 89.954914][ T6001] should_failslab+0xc2/0x120 [ 89.954950][ T6001] __kmalloc_node_noprof+0xd1/0x520 [ 89.954986][ T6001] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 89.955016][ T6001] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 89.955056][ T6001] __kvmalloc_node_noprof+0xad/0x1a0 [ 89.955086][ T6001] v4l2_ctrl_new+0x962/0x2030 [ 89.955133][ T6001] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 89.955167][ T6001] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 89.955205][ T6001] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 89.955246][ T6001] v4l2_ctrl_new_std+0x1b3/0x280 [ 89.955291][ T6001] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 89.955327][ T6001] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 89.955367][ T6001] ? trace_kmalloc+0x2d/0xd0 [ 89.955417][ T6001] ? lockdep_init_map_type+0x16d/0x7d0 [ 89.955463][ T6001] ? media_request_object_init+0x100/0x180 [ 89.955499][ T6001] vicodec_open+0x201/0xf80 [ 89.955535][ T6001] v4l2_open+0x222/0x490 [ 89.955566][ T6001] ? __pfx_v4l2_open+0x10/0x10 [ 89.955598][ T6001] chrdev_open+0x237/0x6a0 [ 89.955629][ T6001] ? __pfx_apparmor_file_open+0x10/0x10 [ 89.955660][ T6001] ? __pfx_chrdev_open+0x10/0x10 [ 89.955696][ T6001] ? file_set_fsnotify_mode+0x163/0x5d0 [ 89.955745][ T6001] do_dentry_open+0x735/0x1c40 [ 89.955794][ T6001] ? __pfx_chrdev_open+0x10/0x10 [ 89.955835][ T6001] ? inode_permission+0xdd/0x5f0 [ 89.955885][ T6001] vfs_open+0x82/0x3f0 [ 89.955925][ T6001] ? may_open+0x1f2/0x400 [ 89.955974][ T6001] path_openat+0x1e88/0x2d80 [ 89.956024][ T6001] ? __pfx_path_openat+0x10/0x10 [ 89.956060][ T6001] ? __pfx___lock_acquire+0x10/0x10 [ 89.956097][ T6001] ? lock_acquire.part.0+0x11b/0x380 [ 89.956136][ T6001] ? find_held_lock+0x2d/0x110 [ 89.956190][ T6001] do_filp_open+0x20c/0x470 [ 89.956227][ T6001] ? __pfx_do_filp_open+0x10/0x10 [ 89.956259][ T6001] ? find_held_lock+0x2d/0x110 [ 89.956339][ T6001] ? alloc_fd+0x41f/0x760 [ 89.956393][ T6001] do_sys_openat2+0x17a/0x1e0 [ 89.956438][ T6001] ? __pfx_do_sys_openat2+0x10/0x10 [ 89.956500][ T6001] __x64_sys_openat+0x175/0x210 [ 89.956547][ T6001] ? __pfx___x64_sys_openat+0x10/0x10 [ 89.956608][ T6001] do_syscall_64+0xcd/0x250 [ 89.956641][ T6001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.956690][ T6001] RIP: 0033:0x7f2af638cda9 [ 89.956716][ T6001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.956747][ T6001] RSP: 002b:00007f2af72c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 89.956776][ T6001] RAX: ffffffffffffffda RBX: 00007f2af65a5fa0 RCX: 00007f2af638cda9 [ 89.956797][ T6001] RDX: 00000000001ab442 RSI: 0000000020000340 RDI: ffffffffffffff9c [ 89.956816][ T6001] RBP: 00007f2af640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 89.956834][ T6001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.956852][ T6001] R13: 0000000000000000 R14: 00007f2af65a5fa0 R15: 00007ffc0c1c6c48 [ 89.956902][ T6001] [ 90.483732][ T6000] Zero length message leads to an empty skb [ 90.903440][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 91.069820][ T6013] FAULT_INJECTION: forcing a failure. [ 91.069820][ T6013] name failslab, interval 1, probability 0, space 0, times 0 [ 91.082744][ T6013] CPU: 1 UID: 0 PID: 6013 Comm: syz.3.31 Not tainted 6.14.0-rc1-syzkaller #0 [ 91.082775][ T6013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 91.082790][ T6013] Call Trace: [ 91.082797][ T6013] [ 91.082806][ T6013] dump_stack_lvl+0x16c/0x1f0 [ 91.082852][ T6013] should_fail_ex+0x50a/0x650 [ 91.082885][ T6013] ? fs_reclaim_acquire+0xae/0x150 [ 91.082932][ T6013] ? v4l2_m2m_ctx_init+0x4d/0x380 [ 91.082964][ T6013] should_failslab+0xc2/0x120 [ 91.082999][ T6013] __kmalloc_cache_noprof+0x68/0x420 [ 91.083032][ T6013] ? __pfx_queue_init+0x10/0x10 [ 91.083058][ T6013] v4l2_m2m_ctx_init+0x4d/0x380 [ 91.083094][ T6013] vicodec_open+0xb0c/0xf80 [ 91.083128][ T6013] v4l2_open+0x222/0x490 [ 91.083159][ T6013] ? __pfx_v4l2_open+0x10/0x10 [ 91.083189][ T6013] chrdev_open+0x237/0x6a0 [ 91.083220][ T6013] ? __pfx_apparmor_file_open+0x10/0x10 [ 91.083250][ T6013] ? __pfx_chrdev_open+0x10/0x10 [ 91.083285][ T6013] ? file_set_fsnotify_mode+0x163/0x5d0 [ 91.083342][ T6013] do_dentry_open+0x735/0x1c40 [ 91.083373][ T6013] ? __pfx_chrdev_open+0x10/0x10 [ 91.083407][ T6013] ? inode_permission+0xdd/0x5f0 [ 91.083449][ T6013] vfs_open+0x82/0x3f0 [ 91.083483][ T6013] ? may_open+0x1f2/0x400 [ 91.083526][ T6013] path_openat+0x1e88/0x2d80 [ 91.083569][ T6013] ? __pfx_path_openat+0x10/0x10 [ 91.083599][ T6013] ? __pfx___lock_acquire+0x10/0x10 [ 91.083629][ T6013] ? lock_acquire.part.0+0x11b/0x380 [ 91.083663][ T6013] ? find_held_lock+0x2d/0x110 [ 91.083710][ T6013] do_filp_open+0x20c/0x470 [ 91.083741][ T6013] ? __pfx_do_filp_open+0x10/0x10 [ 91.083767][ T6013] ? find_held_lock+0x2d/0x110 [ 91.083835][ T6013] ? alloc_fd+0x41f/0x760 [ 91.083873][ T6013] do_sys_openat2+0x17a/0x1e0 [ 91.083925][ T6013] ? __pfx_do_sys_openat2+0x10/0x10 [ 91.083966][ T6013] ? __pfx___might_resched+0x10/0x10 [ 91.084012][ T6013] __x64_sys_openat+0x175/0x210 [ 91.084051][ T6013] ? __pfx___x64_sys_openat+0x10/0x10 [ 91.084104][ T6013] do_syscall_64+0xcd/0x250 [ 91.084133][ T6013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.084173][ T6013] RIP: 0033:0x7f2af638cda9 [ 91.084195][ T6013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.084221][ T6013] RSP: 002b:00007f2af72c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 91.084246][ T6013] RAX: ffffffffffffffda RBX: 00007f2af65a5fa0 RCX: 00007f2af638cda9 [ 91.084263][ T6013] RDX: 00000000001ab442 RSI: 0000000020000340 RDI: ffffffffffffff9c [ 91.084279][ T6013] RBP: 00007f2af640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 91.084302][ T6013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 91.084317][ T6013] R13: 0000000000000000 R14: 00007f2af65a5fa0 R15: 00007ffc0c1c6c48 [ 91.084352][ T6013] [ 91.577284][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 91.583525][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 91.862163][ T25] cfg80211: failed to load regulatory.db [ 92.637748][ T6045] HfR: entered promiscuous mode [ 93.708979][ T6052] HfR: entered promiscuous mode [ 93.718590][ T6060] netlink: 330 bytes leftover after parsing attributes in process `syz.0.42'. [ 93.937478][ T6064] netlink: 314 bytes leftover after parsing attributes in process `syz.0.43'. [ 95.417719][ T6083] ICMPv6: process `syz.3.49' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 95.444838][ T6083] Process accounting resumed [ 95.449778][ T6083] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6083 comm: syz.3.49) [ 95.621797][ T6087] netlink: 12 bytes leftover after parsing attributes in process `syz.0.50'. [ 95.635316][ T6087] HfR: left promiscuous mode [ 96.351824][ T6104] netlink: 342 bytes leftover after parsing attributes in process `syz.1.54'. [ 96.366912][ T6104] IPv6: NLM_F_CREATE should be specified when creating new route [ 96.374926][ T6104] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 96.382419][ T6104] IPv6: NLM_F_CREATE should be set when creating new route [ 96.389721][ T6104] IPv6: NLM_F_CREATE should be set when creating new route [ 96.431910][ T6107] netlink: 342 bytes leftover after parsing attributes in process `syz.1.54'. [ 96.441173][ T6107] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 96.846110][ T6110] openvswitch: HfR: Dropping previously announced user features [ 96.924380][ T6116] Process accounting resumed [ 97.350032][ T6116] Process accounting resumed [ 97.875151][ T6130] ICMPv6: process `syz.3.64' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 97.921282][ T6130] Process accounting resumed [ 97.933055][ T6130] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6130 comm: syz.3.64) [ 98.295467][ T6128] HfR: entered promiscuous mode [ 98.302147][ T6128] netlink: 12 bytes leftover after parsing attributes in process `syz.0.62'. [ 98.302248][ T6128] HfR: left promiscuous mode [ 99.441252][ T6161] Invalid ELF header magic: != ELF [ 99.460115][ T6159] netlink: 32 bytes leftover after parsing attributes in process `syz.1.72'. [ 100.051894][ T6169] ICMPv6: process `syz.2.74' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 100.094500][ T6169] Process accounting resumed [ 100.100175][ T6169] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6169 comm: syz.2.74) [ 100.764929][ T6187] FAULT_INJECTION: forcing a failure. [ 100.764929][ T6187] name failslab, interval 1, probability 0, space 0, times 0 [ 100.791463][ T6187] CPU: 0 UID: 0 PID: 6187 Comm: syz.3.80 Not tainted 6.14.0-rc1-syzkaller #0 [ 100.791500][ T6187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 100.791516][ T6187] Call Trace: [ 100.791524][ T6187] [ 100.791534][ T6187] dump_stack_lvl+0x16c/0x1f0 [ 100.791584][ T6187] should_fail_ex+0x50a/0x650 [ 100.791617][ T6187] ? fs_reclaim_acquire+0xae/0x150 [ 100.791666][ T6187] should_failslab+0xc2/0x120 [ 100.791702][ T6187] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 100.791744][ T6187] ? proc_net_ns_init+0x42/0x410 [ 100.791781][ T6187] ? __pfx_proc_net_ns_init+0x10/0x10 [ 100.791817][ T6187] proc_net_ns_init+0x42/0x410 [ 100.791851][ T6187] ? __pfx_proc_net_ns_init+0x10/0x10 [ 100.791884][ T6187] ops_init+0x1df/0x5f0 [ 100.791919][ T6187] setup_net+0x21f/0x860 [ 100.791953][ T6187] ? __pfx_setup_net+0x10/0x10 [ 100.791982][ T6187] ? down_read_killable+0xcc/0x380 [ 100.792012][ T6187] ? __pfx_down_read_killable+0x10/0x10 [ 100.792045][ T6187] ? debug_mutex_init+0x37/0x70 [ 100.792095][ T6187] copy_net_ns+0x2b4/0x6c0 [ 100.792133][ T6187] create_new_namespaces+0x3ea/0xad0 [ 100.792183][ T6187] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 100.792228][ T6187] ksys_unshare+0x45d/0xa40 [ 100.792274][ T6187] ? __pfx_ksys_unshare+0x10/0x10 [ 100.792323][ T6187] ? syscall_user_dispatch+0x77/0x140 [ 100.792372][ T6187] __x64_sys_unshare+0x31/0x40 [ 100.792416][ T6187] do_syscall_64+0xcd/0x250 [ 100.792445][ T6187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.792497][ T6187] RIP: 0033:0x7f2af638cda9 [ 100.792516][ T6187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.792557][ T6187] RSP: 002b:00007f2af72c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 100.792582][ T6187] RAX: ffffffffffffffda RBX: 00007f2af65a5fa0 RCX: 00007f2af638cda9 [ 100.792600][ T6187] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 100.792615][ T6187] RBP: 00007f2af72c5090 R08: 0000000000000000 R09: 0000000000000000 [ 100.792630][ T6187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.792645][ T6187] R13: 0000000000000000 R14: 00007f2af65a5fa0 R15: 00007ffc0c1c6c48 [ 100.792678][ T6187] [ 101.017373][ T6184] can: request_module (can-proto-0) failed. [ 101.538832][ T6198] ICMPv6: process `syz.1.82' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 101.568547][ T6198] Process accounting resumed [ 101.578147][ T6198] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6198 comm: syz.1.82) [ 101.601778][ T6205] process 'syz.0.81' launched '/dev/fd/4' with NULL argv: empty string added [ 101.897339][ T6211] ICMPv6: process `syz.1.85' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead [ 101.920960][ T6211] Process accounting resumed [ 101.931926][ T6211] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6211 comm: syz.1.85) [ 104.003340][ T6236] Process accounting resumed [ 104.678617][ T6235] Process accounting resumed [ 104.883018][ T6246] Process accounting resumed [ 104.887680][ T6246] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6246 comm: syz.1.94) [ 104.940500][ T6248] Process accounting resumed [ 104.945794][ T6248] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6248 comm: syz.2.95) [ 105.658221][ T6256] netlink: 28 bytes leftover after parsing attributes in process `syz.2.98'. [ 105.689882][ T6256] veth1_macvtap: left promiscuous mode [ 107.023959][ T6284] Process accounting resumed [ 107.028701][ T6284] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6284 comm: syz.2.105) [ 107.305360][ T6295] FAULT_INJECTION: forcing a failure. [ 107.305360][ T6295] name failslab, interval 1, probability 0, space 0, times 0 [ 107.389936][ T6295] CPU: 0 UID: 0 PID: 6295 Comm: syz.2.108 Not tainted 6.14.0-rc1-syzkaller #0 [ 107.389972][ T6295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 107.389989][ T6295] Call Trace: [ 107.389997][ T6295] [ 107.390007][ T6295] dump_stack_lvl+0x16c/0x1f0 [ 107.390058][ T6295] should_fail_ex+0x50a/0x650 [ 107.390092][ T6295] ? fs_reclaim_acquire+0xae/0x150 [ 107.390140][ T6295] should_failslab+0xc2/0x120 [ 107.390184][ T6295] __kmalloc_node_noprof+0xd1/0x520 [ 107.390220][ T6295] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 107.390255][ T6295] __kvmalloc_node_noprof+0xad/0x1a0 [ 107.390287][ T6295] v4l2_ctrl_new+0x962/0x2030 [ 107.390336][ T6295] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 107.390371][ T6295] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 107.390409][ T6295] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 107.390452][ T6295] v4l2_ctrl_new_std+0x1b3/0x280 [ 107.390497][ T6295] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 107.390532][ T6295] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 107.390587][ T6295] ? media_request_object_init+0x100/0x180 [ 107.390621][ T6295] vicodec_open+0x228/0xf80 [ 107.390657][ T6295] v4l2_open+0x222/0x490 [ 107.390689][ T6295] ? __pfx_v4l2_open+0x10/0x10 [ 107.390720][ T6295] chrdev_open+0x237/0x6a0 [ 107.390751][ T6295] ? __pfx_apparmor_file_open+0x10/0x10 [ 107.390782][ T6295] ? __pfx_chrdev_open+0x10/0x10 [ 107.390818][ T6295] ? file_set_fsnotify_mode+0x163/0x5d0 [ 107.390866][ T6295] do_dentry_open+0x735/0x1c40 [ 107.390895][ T6295] ? __pfx_chrdev_open+0x10/0x10 [ 107.390929][ T6295] ? inode_permission+0xdd/0x5f0 [ 107.390972][ T6295] vfs_open+0x82/0x3f0 [ 107.391006][ T6295] ? may_open+0x1f2/0x400 [ 107.391048][ T6295] path_openat+0x1e88/0x2d80 [ 107.391090][ T6295] ? __pfx_path_openat+0x10/0x10 [ 107.391121][ T6295] ? __pfx___lock_acquire+0x10/0x10 [ 107.391160][ T6295] ? lock_acquire.part.0+0x11b/0x380 [ 107.391195][ T6295] ? find_held_lock+0x2d/0x110 [ 107.391244][ T6295] do_filp_open+0x20c/0x470 [ 107.391275][ T6295] ? __pfx_do_filp_open+0x10/0x10 [ 107.391303][ T6295] ? find_held_lock+0x2d/0x110 [ 107.391370][ T6295] ? alloc_fd+0x41f/0x760 [ 107.391408][ T6295] do_sys_openat2+0x17a/0x1e0 [ 107.391446][ T6295] ? __pfx_do_sys_openat2+0x10/0x10 [ 107.391516][ T6295] __x64_sys_openat+0x175/0x210 [ 107.391557][ T6295] ? __pfx___x64_sys_openat+0x10/0x10 [ 107.391614][ T6295] do_syscall_64+0xcd/0x250 [ 107.391644][ T6295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.391697][ T6295] RIP: 0033:0x7f596e58cda9 [ 107.391719][ T6295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.391745][ T6295] RSP: 002b:00007f596f394038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 107.391770][ T6295] RAX: ffffffffffffffda RBX: 00007f596e7a5fa0 RCX: 00007f596e58cda9 [ 107.391787][ T6295] RDX: 00000000001ab442 RSI: 0000000020000340 RDI: ffffffffffffff9c [ 107.391803][ T6295] RBP: 00007f596e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 107.391818][ T6295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 107.391833][ T6295] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 107.391866][ T6295] [ 107.846132][ T6289] Process accounting resumed [ 107.850791][ T6289] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6289 comm: syz.1.106) [ 108.374960][ T6300] netlink: 12 bytes leftover after parsing attributes in process `syz.2.109'. [ 108.390121][ T6300] HfR: left promiscuous mode [ 109.467650][ T6310] HfR: entered promiscuous mode [ 109.983230][ T6309] netlink: 32 bytes leftover after parsing attributes in process `syz.1.112'. [ 110.514194][ T6315] netlink: 32 bytes leftover after parsing attributes in process `syz.3.114'. [ 110.794816][ T6323] openvswitch: HfR: Dropping previously announced user features [ 110.815083][ T6323] netlink: 12 bytes leftover after parsing attributes in process `syz.2.116'. [ 110.849037][ T6323] HfR: left promiscuous mode [ 112.442606][ T6342] netlink: 12 bytes leftover after parsing attributes in process `syz.1.122'. [ 112.480091][ T6342] HfR: left promiscuous mode [ 113.614039][ T6353] HfR: entered promiscuous mode [ 113.626801][ T6353] netlink: 12 bytes leftover after parsing attributes in process `syz.0.125'. [ 113.636039][ T6353] HfR: left promiscuous mode [ 114.218595][ T6358] netlink: 32 bytes leftover after parsing attributes in process `syz.0.126'. [ 114.366262][ T6361] Process accounting resumed [ 114.381189][ T6361] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6361 comm: syz.1.128) [ 115.933583][ T6386] netlink: 28 bytes leftover after parsing attributes in process `syz.2.134'. [ 116.118217][ T6385] Process accounting resumed [ 116.123652][ T6385] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6385 comm: syz.1.133) [ 116.203809][ T6392] Invalid ELF header magic: != ELF [ 116.839074][ T6402] Process accounting resumed [ 116.843950][ T6402] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6402 comm: syz.2.139) [ 117.170408][ T6403] HfR: entered promiscuous mode [ 117.731402][ T6421] netlink: 28 bytes leftover after parsing attributes in process `syz.2.146'. [ 118.395910][ T6426] Process accounting resumed [ 118.400591][ T6426] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6426 comm: syz.2.147) [ 118.885619][ T6431] Process accounting resumed [ 118.890274][ T6431] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6431 comm: syz.2.149) [ 119.254420][ T6445] netlink: 28 bytes leftover after parsing attributes in process `syz.2.155'. [ 119.477976][ T6451] Process accounting resumed [ 119.487495][ T6451] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6451 comm: syz.3.157) [ 121.016247][ T6475] Process accounting resumed [ 121.020953][ T6475] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6475 comm: syz.3.163) [ 121.060767][ T6478] netlink: 16 bytes leftover after parsing attributes in process `syz.1.164'. [ 121.494112][ T6487] Process accounting resumed [ 121.509360][ T6487] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6487 comm: syz.1.168) [ 122.681001][ T6501] Process accounting resumed [ 122.685961][ T6501] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6501 comm: syz.1.174) [ 122.893290][ T6512] FAULT_INJECTION: forcing a failure. [ 122.893290][ T6512] name failslab, interval 1, probability 0, space 0, times 0 [ 122.917458][ T6512] CPU: 1 UID: 0 PID: 6512 Comm: syz.1.176 Not tainted 6.14.0-rc1-syzkaller #0 [ 122.917490][ T6512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 122.917507][ T6512] Call Trace: [ 122.917515][ T6512] [ 122.917526][ T6512] dump_stack_lvl+0x16c/0x1f0 [ 122.917576][ T6512] should_fail_ex+0x50a/0x650 [ 122.917610][ T6512] ? fs_reclaim_acquire+0xae/0x150 [ 122.917659][ T6512] ? usb_control_msg+0xbd/0x4b0 [ 122.917691][ T6512] should_failslab+0xc2/0x120 [ 122.917727][ T6512] __kmalloc_cache_noprof+0x68/0x420 [ 122.917754][ T6512] ? hub_ext_port_status+0x5e/0x670 [ 122.917791][ T6512] usb_control_msg+0xbd/0x4b0 [ 122.917826][ T6512] ? __pfx_usb_control_msg+0x10/0x10 [ 122.917858][ T6512] ? __pfx_schedule_timeout+0x10/0x10 [ 122.917903][ T6512] hub_ext_port_status+0x14e/0x670 [ 122.917945][ T6512] hub_activate+0x6e6/0x1be0 [ 122.917990][ T6512] ? __pfx_hub_activate+0x10/0x10 [ 122.918025][ T6512] ? __pfx_lock_release+0x10/0x10 [ 122.918057][ T6512] ? usbfs_notify_resume+0x25/0xf0 [ 122.918097][ T6512] hub_resume+0xaa/0x3f0 [ 122.918140][ T6512] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 122.918188][ T6512] ? __pfx_hub_resume+0x10/0x10 [ 122.918223][ T6512] ? __pfx_hcd_bus_resume+0x10/0x10 [ 122.918260][ T6512] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 122.918310][ T6512] usb_resume_both+0x274/0x800 [ 122.918358][ T6512] ? __pfx_usb_resume_both+0x10/0x10 [ 122.918409][ T6512] ? __pfx_usb_runtime_resume+0x10/0x10 [ 122.918438][ T6512] __rpm_callback+0xc5/0x4c0 [ 122.918470][ T6512] ? __pfx_usb_runtime_resume+0x10/0x10 [ 122.918498][ T6512] rpm_callback+0x192/0x1d0 [ 122.918525][ T6512] ? __pfx_usb_runtime_resume+0x10/0x10 [ 122.918553][ T6512] rpm_resume+0xd25/0x1330 [ 122.918579][ T6512] ? lock_acquire.part.0+0xc1/0x380 [ 122.918621][ T6512] ? __pfx_rpm_resume+0x10/0x10 [ 122.918648][ T6512] ? do_raw_spin_lock+0x12d/0x2c0 [ 122.918688][ T6512] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 122.918730][ T6512] ? lock_acquire+0x2f/0xb0 [ 122.918760][ T6512] ? __pm_runtime_resume+0xa9/0x170 [ 122.918798][ T6512] __pm_runtime_resume+0xb6/0x170 [ 122.918831][ T6512] usb_autoresume_device+0x23/0xe0 [ 122.918860][ T6512] usbdev_open+0x22a/0x8c0 [ 122.918891][ T6512] ? do_raw_spin_lock+0x12d/0x2c0 [ 122.918929][ T6512] ? __pfx_usbdev_open+0x10/0x10 [ 122.918956][ T6512] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 122.918996][ T6512] ? lock_acquire+0x2f/0xb0 [ 122.919027][ T6512] ? chrdev_open+0x36b/0x6a0 [ 122.919063][ T6512] ? __pfx_usbdev_open+0x10/0x10 [ 122.919093][ T6512] chrdev_open+0x237/0x6a0 [ 122.919131][ T6512] ? __pfx_chrdev_open+0x10/0x10 [ 122.919168][ T6512] ? file_set_fsnotify_mode+0x163/0x5d0 [ 122.919216][ T6512] do_dentry_open+0x735/0x1c40 [ 122.919244][ T6512] ? __pfx_chrdev_open+0x10/0x10 [ 122.919284][ T6512] vfs_open+0x82/0x3f0 [ 122.919317][ T6512] ? may_open+0x1f2/0x400 [ 122.919360][ T6512] path_openat+0x1e88/0x2d80 [ 122.919404][ T6512] ? __pfx_path_openat+0x10/0x10 [ 122.919435][ T6512] ? __pfx___lock_acquire+0x10/0x10 [ 122.919465][ T6512] ? lock_acquire.part.0+0x11b/0x380 [ 122.919499][ T6512] ? find_held_lock+0x2d/0x110 [ 122.919547][ T6512] do_filp_open+0x20c/0x470 [ 122.919577][ T6512] ? __pfx_do_filp_open+0x10/0x10 [ 122.919606][ T6512] ? find_held_lock+0x2d/0x110 [ 122.919673][ T6512] ? alloc_fd+0x41f/0x760 [ 122.919713][ T6512] do_sys_openat2+0x17a/0x1e0 [ 122.919749][ T6512] ? __pfx_do_sys_openat2+0x10/0x10 [ 122.919799][ T6512] __x64_sys_openat+0x175/0x210 [ 122.919838][ T6512] ? __pfx___x64_sys_openat+0x10/0x10 [ 122.919890][ T6512] do_syscall_64+0xcd/0x250 [ 122.919917][ T6512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.919955][ T6512] RIP: 0033:0x7f98cb98cda9 [ 122.919987][ T6512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.920018][ T6512] RSP: 002b:00007f98cc891038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 122.920043][ T6512] RAX: ffffffffffffffda RBX: 00007f98cbba5fa0 RCX: 00007f98cb98cda9 [ 122.920061][ T6512] RDX: 0000000000040401 RSI: 0000000020002b40 RDI: ffffffffffffff9c [ 122.920078][ T6512] RBP: 00007f98cba0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 122.920094][ T6512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.920110][ T6512] R13: 0000000000000000 R14: 00007f98cbba5fa0 R15: 00007ffc6189a3e8 [ 122.920151][ T6512] [ 122.920167][ T6512] hub 36-0:1.0: hub_ext_port_status failed (err = -12) [ 123.183050][ T6513] sctp: [Deprecated]: syz.1.176 (pid 6513) Use of int in maxseg socket option. [ 123.183050][ T6513] Use struct sctp_assoc_value instead [ 123.424086][ T6513] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 123.852981][ T6517] Process accounting resumed [ 123.866148][ T6517] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6517 comm: syz.0.177) [ 123.887454][ T6521] netlink: 12 bytes leftover after parsing attributes in process `syz.3.179'. [ 123.934213][ T6521] HfR: left promiscuous mode [ 124.355260][ T6533] HfR: entered promiscuous mode [ 124.377346][ T6533] netlink: 12 bytes leftover after parsing attributes in process `syz.2.182'. [ 124.398741][ T6533] HfR: left promiscuous mode [ 125.045392][ T6542] Process accounting resumed [ 125.050764][ T6542] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6542 comm: syz.0.184) [ 125.938565][ T6566] netlink: 28 bytes leftover after parsing attributes in process `syz.3.190'. [ 125.993925][ T6566] veth1_macvtap: left promiscuous mode [ 126.058437][ T6568] Process accounting resumed [ 126.076189][ T6568] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6568 comm: syz.1.191) [ 126.120541][ T6556] netlink: 12 bytes leftover after parsing attributes in process `syz.0.188'. [ 126.577153][ T6576] syz.1.192 (6576) used obsolete PPPIOCDETACH ioctl [ 127.069747][ T6582] Process accounting resumed [ 127.085759][ T6582] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6582 comm: syz.1.196) [ 127.416776][ T6593] netlink: 4 bytes leftover after parsing attributes in process `syz.0.199'. [ 127.447114][ T6590] Process accounting resumed [ 127.451813][ T6590] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6590 comm: syz.1.200) [ 127.888182][ T6601] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'. [ 128.874390][ T6616] FAULT_INJECTION: forcing a failure. [ 128.874390][ T6616] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 128.924315][ T6616] CPU: 0 UID: 0 PID: 6616 Comm: syz.0.205 Not tainted 6.14.0-rc1-syzkaller #0 [ 128.924345][ T6616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 128.924360][ T6616] Call Trace: [ 128.924366][ T6616] [ 128.924375][ T6616] dump_stack_lvl+0x16c/0x1f0 [ 128.924420][ T6616] should_fail_ex+0x50a/0x650 [ 128.924457][ T6616] _copy_from_iter+0x29b/0x1400 [ 128.924496][ T6616] ? trace_lock_acquire+0x14e/0x1f0 [ 128.924521][ T6616] ? __alloc_skb+0x200/0x380 [ 128.924546][ T6616] ? __pfx__copy_from_iter+0x10/0x10 [ 128.924581][ T6616] ? __virt_addr_valid+0x1a4/0x590 [ 128.924609][ T6616] ? __virt_addr_valid+0x5e/0x590 [ 128.924632][ T6616] ? __phys_addr_symbol+0x30/0x80 [ 128.924673][ T6616] ? __check_object_size+0x488/0x710 [ 128.924711][ T6616] netlink_sendmsg+0x813/0xd70 [ 128.924755][ T6616] ? __pfx_netlink_sendmsg+0x10/0x10 [ 128.924804][ T6616] ____sys_sendmsg+0x9ae/0xb40 [ 128.924840][ T6616] ? copy_msghdr_from_user+0x10b/0x160 [ 128.924866][ T6616] ? __pfx_____sys_sendmsg+0x10/0x10 [ 128.924918][ T6616] ___sys_sendmsg+0x135/0x1e0 [ 128.924947][ T6616] ? __pfx____sys_sendmsg+0x10/0x10 [ 128.924987][ T6616] ? __pfx_lock_release+0x10/0x10 [ 128.925018][ T6616] ? trace_lock_acquire+0x14e/0x1f0 [ 128.925060][ T6616] ? __fget_files+0x206/0x3a0 [ 128.925096][ T6616] __sys_sendmsg+0x16e/0x220 [ 128.925124][ T6616] ? __pfx___sys_sendmsg+0x10/0x10 [ 128.925171][ T6616] do_syscall_64+0xcd/0x250 [ 128.925197][ T6616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.925233][ T6616] RIP: 0033:0x7f98e2d8cda9 [ 128.925252][ T6616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.925276][ T6616] RSP: 002b:00007f98e3b7b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 128.925299][ T6616] RAX: ffffffffffffffda RBX: 00007f98e2fa5fa0 RCX: 00007f98e2d8cda9 [ 128.925316][ T6616] RDX: 0000000000044892 RSI: 00000000200011c0 RDI: 0000000000000003 [ 128.925331][ T6616] RBP: 00007f98e3b7b090 R08: 0000000000000000 R09: 0000000000000000 [ 128.925345][ T6616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.925359][ T6616] R13: 0000000000000000 R14: 00007f98e2fa5fa0 R15: 00007ffdb25927c8 [ 128.925389][ T6616] [ 129.342376][ T6625] Process accounting resumed [ 129.347126][ T6625] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6625 comm: syz.0.209) [ 129.577921][ T6618] HfR: entered promiscuous mode [ 129.680292][ T6622] Process accounting resumed [ 129.685197][ T6622] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6622 comm: syz.2.208) [ 130.085227][ T6641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.214'. [ 130.815385][ T6650] netlink: 28 bytes leftover after parsing attributes in process `syz.2.215'. [ 131.286314][ T6664] vhci_hcd: not connected 4 [ 132.034159][ T6673] Process accounting resumed [ 132.038820][ T6673] kernel write not supported for file net/rpc/nfs4.nametoid/channel (pid: 6673 comm: syz.3.221) [ 132.055077][ T6675] openvswitch: HfR: Dropping previously announced user features [ 133.675204][ T6701] netlink: 330 bytes leftover after parsing attributes in process `syz.1.229'. [ 133.756858][ T6696] nvme_fabrics: missing parameter 'transport=%s' [ 133.809336][ T6696] nvme_fabrics: missing parameter 'nqn=%s' [ 134.583498][ T6706] netlink: 28 bytes leftover after parsing attributes in process `syz.2.231'. [ 134.726613][ T6714] netlink: 12 bytes leftover after parsing attributes in process `syz.0.233'. [ 135.676757][ T6739] vhci_hcd: not connected 4 [ 136.423903][ T29] audit: type=1326 audit(1738594747.154:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.239" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f98e2d8cda9 code=0x0 [ 136.477890][ T6749] Process accounting resumed [ 137.254153][ T6758] FAULT_INJECTION: forcing a failure. [ 137.254153][ T6758] name fail_futex, interval 1, probability 0, space 0, times 1 [ 137.314086][ T6758] CPU: 0 UID: 0 PID: 6758 Comm: syz.3.242 Not tainted 6.14.0-rc1-syzkaller #0 [ 137.314120][ T6758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 137.314135][ T6758] Call Trace: [ 137.314142][ T6758] [ 137.314152][ T6758] dump_stack_lvl+0x16c/0x1f0 [ 137.314201][ T6758] should_fail_ex+0x50a/0x650 [ 137.314238][ T6758] get_futex_key+0x4a3/0x1000 [ 137.314290][ T6758] ? __pfx_get_futex_key+0x10/0x10 [ 137.314331][ T6758] ? __destroy_inode+0x2e4/0x730 [ 137.314363][ T6758] ? __pfx_sock_free_inode+0x10/0x10 [ 137.314396][ T6758] futex_wake+0xe8/0x4e0 [ 137.314423][ T6758] ? __pfx_evict+0x10/0x10 [ 137.314451][ T6758] ? __pfx_futex_wake+0x10/0x10 [ 137.314490][ T6758] do_futex+0x1e5/0x350 [ 137.314514][ T6758] ? __pfx_do_futex+0x10/0x10 [ 137.314540][ T6758] ? __sock_release+0x20b/0x270 [ 137.314577][ T6758] __x64_sys_futex+0x1e1/0x4c0 [ 137.314606][ T6758] ? __sys_socket+0xad/0x260 [ 137.314644][ T6758] ? __pfx___x64_sys_futex+0x10/0x10 [ 137.314672][ T6758] ? rcu_is_watching+0x12/0xc0 [ 137.314723][ T6758] do_syscall_64+0xcd/0x250 [ 137.314749][ T6758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.314786][ T6758] RIP: 0033:0x7f2af638cda9 [ 137.314824][ T6758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.314850][ T6758] RSP: 002b:00007f2af72c50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 137.314875][ T6758] RAX: ffffffffffffffda RBX: 00007f2af65a5fa8 RCX: 00007f2af638cda9 [ 137.314892][ T6758] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2af65a5fac [ 137.314908][ T6758] RBP: 00007f2af65a5fa0 R08: 00007f2af72c6000 R09: 0000000000000000 [ 137.314924][ T6758] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f2af65a5fac [ 137.314940][ T6758] R13: 0000000000000000 R14: 00007ffc0c1c6b60 R15: 00007ffc0c1c6c48 [ 137.314974][ T6758] [ 137.533093][ T6759] netlink: 28 bytes leftover after parsing attributes in process `syz.1.241'. [ 137.643921][ T6759] veth1_macvtap: left promiscuous mode [ 137.943171][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.949556][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.380276][ T6769] FAULT_INJECTION: forcing a failure. [ 138.380276][ T6769] name failslab, interval 1, probability 0, space 0, times 0 [ 138.402075][ T6767] netlink: 28 bytes leftover after parsing attributes in process `syz.3.243'. [ 138.416498][ T6769] CPU: 0 UID: 0 PID: 6769 Comm: syz.1.245 Not tainted 6.14.0-rc1-syzkaller #0 [ 138.416536][ T6769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 138.416554][ T6769] Call Trace: [ 138.416563][ T6769] [ 138.416575][ T6769] dump_stack_lvl+0x16c/0x1f0 [ 138.416631][ T6769] should_fail_ex+0x50a/0x650 [ 138.416671][ T6769] ? fs_reclaim_acquire+0xae/0x150 [ 138.416728][ T6769] should_failslab+0xc2/0x120 [ 138.416770][ T6769] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 138.416815][ T6769] ? __request_module+0x2e4/0x6c0 [ 138.416864][ T6769] kstrdup+0x42/0xb0 [ 138.416913][ T6769] __request_module+0x2e4/0x6c0 [ 138.416954][ T6769] ? __sock_create+0x5c3/0x8d0 [ 138.417010][ T6769] ? __pfx___request_module+0x10/0x10 [ 138.417060][ T6769] ? security_inode_alloc+0x3b/0x2b0 [ 138.417095][ T6769] ? inode_init_always_gfp+0xd05/0x1030 [ 138.417138][ T6769] __sock_create+0x5c3/0x8d0 [ 138.417182][ T6769] __sys_socket+0x14f/0x260 [ 138.417220][ T6769] ? __pfx___sys_socket+0x10/0x10 [ 138.417261][ T6769] ? rcu_is_watching+0x12/0xc0 [ 138.417310][ T6769] __x64_sys_socket+0x72/0xb0 [ 138.417346][ T6769] ? lockdep_hardirqs_on+0x7c/0x110 [ 138.417389][ T6769] do_syscall_64+0xcd/0x250 [ 138.417417][ T6769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.417462][ T6769] RIP: 0033:0x7f98cb98cda9 [ 138.417484][ T6769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.417511][ T6769] RSP: 002b:00007f98cc891038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 138.417536][ T6769] RAX: ffffffffffffffda RBX: 00007f98cbba5fa0 RCX: 00007f98cb98cda9 [ 138.417553][ T6769] RDX: 0000000000e0ffff RSI: 0000000000000001 RDI: 000000000000002d [ 138.417568][ T6769] RBP: 00007f98cba0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 138.417583][ T6769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.417597][ T6769] R13: 0000000000000000 R14: 00007f98cbba5fa0 R15: 00007ffc6189a3e8 [ 138.417629][ T6769] [ 139.303082][ T6776] netlink: 12 bytes leftover after parsing attributes in process `syz.0.246'. [ 141.109798][ T6807] FAULT_INJECTION: forcing a failure. [ 141.109798][ T6807] name failslab, interval 1, probability 0, space 0, times 0 [ 141.153248][ T6807] CPU: 1 UID: 0 PID: 6807 Comm: syz.3.253 Not tainted 6.14.0-rc1-syzkaller #0 [ 141.153290][ T6807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 141.153307][ T6807] Call Trace: [ 141.153316][ T6807] [ 141.153327][ T6807] dump_stack_lvl+0x16c/0x1f0 [ 141.153375][ T6807] should_fail_ex+0x50a/0x650 [ 141.153408][ T6807] ? fs_reclaim_acquire+0xae/0x150 [ 141.153455][ T6807] ? __request_module+0x2c6/0x6c0 [ 141.153489][ T6807] should_failslab+0xc2/0x120 [ 141.153524][ T6807] __kmalloc_cache_noprof+0x68/0x420 [ 141.153552][ T6807] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 141.153592][ T6807] ? lockdep_hardirqs_on+0x7c/0x110 [ 141.153632][ T6807] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 141.153673][ T6807] __request_module+0x2c6/0x6c0 [ 141.153706][ T6807] ? __sock_create+0x5c3/0x8d0 [ 141.153742][ T6807] ? __pfx___request_module+0x10/0x10 [ 141.153779][ T6807] ? security_inode_alloc+0x3b/0x2b0 [ 141.153813][ T6807] ? inode_init_always_gfp+0xd05/0x1030 [ 141.153855][ T6807] __sock_create+0x5c3/0x8d0 [ 141.153897][ T6807] __sys_socket+0x14f/0x260 [ 141.153933][ T6807] ? __pfx___sys_socket+0x10/0x10 [ 141.153967][ T6807] ? rcu_is_watching+0x12/0xc0 [ 141.154009][ T6807] __x64_sys_socket+0x72/0xb0 [ 141.154042][ T6807] ? lockdep_hardirqs_on+0x7c/0x110 [ 141.154081][ T6807] do_syscall_64+0xcd/0x250 [ 141.154106][ T6807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.154143][ T6807] RIP: 0033:0x7f2af638cda9 [ 141.154162][ T6807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.154187][ T6807] RSP: 002b:00007f2af72c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 141.154210][ T6807] RAX: ffffffffffffffda RBX: 00007f2af65a5fa0 RCX: 00007f2af638cda9 [ 141.154226][ T6807] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002d [ 141.154240][ T6807] RBP: 00007f2af640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 141.154255][ T6807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.154269][ T6807] R13: 0000000000000000 R14: 00007f2af65a5fa0 R15: 00007ffc0c1c6c48 [ 141.154308][ T6807] [ 141.719879][ T6814] scsi_dev_info_list_add_str: bad dev info string 'íÙ)&cžÀ~j] ò | [ 141.719879][ T6814] MÅ' '' '' [ 141.986896][ T6815] netlink: 28 bytes leftover after parsing attributes in process `syz.0.254'. [ 142.268333][ T6815] veth1_macvtap: left promiscuous mode [ 142.294404][ T6826] netlink: 28 bytes leftover after parsing attributes in process `syz.1.258'. [ 142.635761][ T6827] netlink: 12 bytes leftover after parsing attributes in process `syz.3.259'. [ 142.749525][ T6827] HfR: left promiscuous mode [ 143.764710][ T6843] HfR: entered promiscuous mode [ 143.820987][ T6843] netlink: 12 bytes leftover after parsing attributes in process `syz.3.262'. [ 143.932881][ T6843] HfR: left promiscuous mode [ 144.024323][ T6847] netlink: 12 bytes leftover after parsing attributes in process `syz.2.263'. [ 144.041415][ T6846] HfR: entered promiscuous mode [ 144.055124][ T6847] HfR: left promiscuous mode [ 144.992145][ T6859] netlink: 330 bytes leftover after parsing attributes in process `syz.2.266'. [ 145.017013][ T6859] net veth1_virt_wifi ›: renamed from virt_wifi0 [ 145.714326][ T6877] netlink: 28 bytes leftover after parsing attributes in process `syz.1.270'. [ 146.491417][ T6893] Invalid ELF header magic: != ELF [ 147.174355][ T6903] netlink: 330 bytes leftover after parsing attributes in process `syz.1.277'. [ 147.183696][ T6903] net veth1_virt_wifi ›: renamed from virt_wifi0 [ 147.608630][ T6910] FAULT_INJECTION: forcing a failure. [ 147.608630][ T6910] name failslab, interval 1, probability 0, space 0, times 0 [ 147.632404][ T6910] CPU: 1 UID: 0 PID: 6910 Comm: syz.1.278 Not tainted 6.14.0-rc1-syzkaller #0 [ 147.632440][ T6910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 147.632456][ T6910] Call Trace: [ 147.632464][ T6910] [ 147.632475][ T6910] dump_stack_lvl+0x16c/0x1f0 [ 147.632525][ T6910] should_fail_ex+0x50a/0x650 [ 147.632559][ T6910] ? fs_reclaim_acquire+0xae/0x150 [ 147.632608][ T6910] ? copy_net_ns+0x136/0x6c0 [ 147.632644][ T6910] should_failslab+0xc2/0x120 [ 147.632679][ T6910] __kmalloc_cache_noprof+0x68/0x420 [ 147.632707][ T6910] ? net_alloc_generic+0x1e/0x70 [ 147.632736][ T6910] ? copy_net_ns+0xe9/0x6c0 [ 147.632773][ T6910] copy_net_ns+0x136/0x6c0 [ 147.632803][ T6910] ? copy_cgroup_ns+0xa4/0x6f0 [ 147.632828][ T6910] create_new_namespaces+0x3ea/0xad0 [ 147.632870][ T6910] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 147.632919][ T6910] ksys_unshare+0x45d/0xa40 [ 147.632959][ T6910] ? __pfx_ksys_unshare+0x10/0x10 [ 147.632995][ T6910] ? xfd_validate_state+0x5d/0x180 [ 147.633036][ T6910] __x64_sys_unshare+0x31/0x40 [ 147.633075][ T6910] do_syscall_64+0xcd/0x250 [ 147.633099][ T6910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.633134][ T6910] RIP: 0033:0x7f98cb98cda9 [ 147.633154][ T6910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.633176][ T6910] RSP: 002b:00007f98cc870038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 147.633198][ T6910] RAX: ffffffffffffffda RBX: 00007f98cbba6080 RCX: 00007f98cb98cda9 [ 147.633214][ T6910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 147.633229][ T6910] RBP: 00007f98cba0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 147.633243][ T6910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.633257][ T6910] R13: 0000000000000000 R14: 00007f98cbba6080 R15: 00007ffc6189a3e8 [ 147.633287][ T6910] [ 150.184977][ T6936] netlink: 330 bytes leftover after parsing attributes in process `syz.3.286'. [ 150.212711][ T6936] net veth1_virt_wifi ›: renamed from virt_wifi0 [ 150.611593][ T6949] FAULT_INJECTION: forcing a failure. [ 150.611593][ T6949] name failslab, interval 1, probability 0, space 0, times 0 [ 150.659346][ T6949] CPU: 0 UID: 0 PID: 6949 Comm: syz.2.291 Not tainted 6.14.0-rc1-syzkaller #0 [ 150.659381][ T6949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 150.659397][ T6949] Call Trace: [ 150.659405][ T6949] [ 150.659415][ T6949] dump_stack_lvl+0x16c/0x1f0 [ 150.659476][ T6949] should_fail_ex+0x50a/0x650 [ 150.659511][ T6949] ? fs_reclaim_acquire+0xae/0x150 [ 150.659559][ T6949] should_failslab+0xc2/0x120 [ 150.659596][ T6949] __kmalloc_noprof+0xce/0x4f0 [ 150.659628][ T6949] ? __pfx_smc_net_stat_init+0x10/0x10 [ 150.659658][ T6949] ? ops_init+0x77/0x5f0 [ 150.659692][ T6949] ops_init+0x77/0x5f0 [ 150.659723][ T6949] setup_net+0x21f/0x860 [ 150.659756][ T6949] ? __pfx_setup_net+0x10/0x10 [ 150.659785][ T6949] ? down_read_killable+0xcc/0x380 [ 150.659813][ T6949] ? __pfx_down_read_killable+0x10/0x10 [ 150.659850][ T6949] ? debug_mutex_init+0x37/0x70 [ 150.659898][ T6949] copy_net_ns+0x2b4/0x6c0 [ 150.659936][ T6949] create_new_namespaces+0x3ea/0xad0 [ 150.659984][ T6949] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 150.660029][ T6949] ksys_unshare+0x45d/0xa40 [ 150.660072][ T6949] ? __pfx_ksys_unshare+0x10/0x10 [ 150.660114][ T6949] ? xfd_validate_state+0x5d/0x180 [ 150.660153][ T6949] ? syscall_user_dispatch+0x77/0x140 [ 150.660202][ T6949] __x64_sys_unshare+0x31/0x40 [ 150.660244][ T6949] do_syscall_64+0xcd/0x250 [ 150.660273][ T6949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.660313][ T6949] RIP: 0033:0x7f596e58cda9 [ 150.660348][ T6949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.660392][ T6949] RSP: 002b:00007f596f394038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 150.660418][ T6949] RAX: ffffffffffffffda RBX: 00007f596e7a5fa0 RCX: 00007f596e58cda9 [ 150.660436][ T6949] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 150.660453][ T6949] RBP: 00007f596e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 150.660477][ T6949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.660494][ T6949] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 150.660530][ T6949] [ 150.967756][ T6953] netlink: 28 bytes leftover after parsing attributes in process `syz.0.289'. [ 151.458986][ T6958] netlink: 12 bytes leftover after parsing attributes in process `syz.1.292'. [ 151.492875][ T6958] HfR: left promiscuous mode [ 151.588258][ T6963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.293'. [ 152.544127][ T6975] HfR: entered promiscuous mode [ 152.552359][ T6975] netlink: 12 bytes leftover after parsing attributes in process `syz.2.297'. [ 152.570866][ T6975] HfR: left promiscuous mode [ 152.723249][ T6983] netlink: 330 bytes leftover after parsing attributes in process `syz.1.296'. [ 152.843832][ T6980] netlink: 28 bytes leftover after parsing attributes in process `syz.3.295'. [ 153.771494][ T7001] netlink: 28 bytes leftover after parsing attributes in process `syz.2.302'. [ 154.760120][ T7015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.305'. [ 155.121860][ T7006] netlink: 28 bytes leftover after parsing attributes in process `syz.0.304'. [ 156.092959][ T7026] sp0: Synchronizing with TNC [ 156.245370][ T7023] FAULT_INJECTION: forcing a failure. [ 156.245370][ T7023] name failslab, interval 1, probability 0, space 0, times 0 [ 156.344908][ T7023] CPU: 1 UID: 0 PID: 7023 Comm: syz.1.308 Not tainted 6.14.0-rc1-syzkaller #0 [ 156.344940][ T7023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 156.344955][ T7023] Call Trace: [ 156.344962][ T7023] [ 156.344972][ T7023] dump_stack_lvl+0x16c/0x1f0 [ 156.345020][ T7023] should_fail_ex+0x50a/0x650 [ 156.345052][ T7023] ? fs_reclaim_acquire+0xae/0x150 [ 156.345099][ T7023] should_failslab+0xc2/0x120 [ 156.345133][ T7023] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 156.345166][ T7023] ? __alloc_skb+0x2b3/0x380 [ 156.345198][ T7023] __alloc_skb+0x2b3/0x380 [ 156.345223][ T7023] ? __pfx___alloc_skb+0x10/0x10 [ 156.345247][ T7023] ? kasan_quarantine_put+0x10a/0x240 [ 156.345276][ T7023] ? warn_bogus_irq_restore+0x20/0x30 [ 156.345328][ T7023] mpls_netconf_notify_devconf+0x4a/0x110 [ 156.345376][ T7023] mpls_dev_notify+0x727/0xa20 [ 156.345419][ T7023] notifier_call_chain+0xb7/0x410 [ 156.345464][ T7023] ? __pfx_mpls_dev_notify+0x10/0x10 [ 156.345510][ T7023] call_netdevice_notifiers_info+0xbe/0x140 [ 156.345547][ T7023] unregister_netdevice_many_notify+0xc8a/0x1f30 [ 156.345582][ T7023] ? __pfx_lock_release+0x10/0x10 [ 156.345621][ T7023] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 156.345655][ T7023] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 156.345694][ T7023] ? lockdep_hardirqs_on+0x7c/0x110 [ 156.345742][ T7023] ? unregister_netdev+0x17/0x30 [ 156.345774][ T7023] ? __pfx___mutex_lock+0x10/0x10 [ 156.345847][ T7023] unregister_netdevice_queue+0x307/0x3f0 [ 156.345885][ T7023] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 156.345925][ T7023] ? mark_held_locks+0x9f/0xe0 [ 156.345970][ T7023] unregister_netdev+0x21/0x30 [ 156.346004][ T7023] sixpack_close+0x1e7/0x2f0 [ 156.346040][ T7023] ? __pfx_sixpack_close+0x10/0x10 [ 156.346077][ T7023] tty_ldisc_close+0x111/0x1a0 [ 156.346121][ T7023] tty_ldisc_kill+0x8e/0x150 [ 156.346163][ T7023] tty_ldisc_hangup+0x311/0x6a0 [ 156.346214][ T7023] __tty_hangup.part.0+0x3f8/0x890 [ 156.346274][ T7023] tty_ioctl+0xe59/0x1640 [ 156.346323][ T7023] ? __pfx_tty_ioctl+0x10/0x10 [ 156.346393][ T7023] ? __pfx_lock_release+0x10/0x10 [ 156.346431][ T7023] ? trace_lock_acquire+0x14e/0x1f0 [ 156.346477][ T7023] ? __fget_files+0x206/0x3a0 [ 156.346517][ T7023] ? __pfx_tty_ioctl+0x10/0x10 [ 156.346567][ T7023] __x64_sys_ioctl+0x190/0x200 [ 156.346618][ T7023] do_syscall_64+0xcd/0x250 [ 156.346651][ T7023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.346694][ T7023] RIP: 0033:0x7f98cb98cda9 [ 156.346717][ T7023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.346745][ T7023] RSP: 002b:00007f98cc891038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 156.346773][ T7023] RAX: ffffffffffffffda RBX: 00007f98cbba5fa0 RCX: 00007f98cb98cda9 [ 156.346791][ T7023] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000006 [ 156.346808][ T7023] RBP: 00007f98cc891090 R08: 0000000000000000 R09: 0000000000000000 [ 156.346825][ T7023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.346840][ T7023] R13: 0000000000000000 R14: 00007f98cbba5fa0 R15: 00007ffc6189a3e8 [ 156.346879][ T7023] [ 157.563978][ T7045] FAULT_INJECTION: forcing a failure. [ 157.563978][ T7045] name failslab, interval 1, probability 0, space 0, times 0 [ 157.613095][ T7045] CPU: 1 UID: 0 PID: 7045 Comm: syz.2.313 Not tainted 6.14.0-rc1-syzkaller #0 [ 157.613136][ T7045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 157.613154][ T7045] Call Trace: [ 157.613163][ T7045] [ 157.613175][ T7045] dump_stack_lvl+0x16c/0x1f0 [ 157.613232][ T7045] should_fail_ex+0x50a/0x650 [ 157.613272][ T7045] ? fs_reclaim_acquire+0xae/0x150 [ 157.613328][ T7045] should_failslab+0xc2/0x120 [ 157.613370][ T7045] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 157.613408][ T7045] ? lockdep_init_map_type+0x16d/0x7d0 [ 157.613450][ T7045] ? security_inode_alloc+0x3b/0x2b0 [ 157.613488][ T7045] security_inode_alloc+0x3b/0x2b0 [ 157.613520][ T7045] inode_init_always_gfp+0xce4/0x1030 [ 157.613562][ T7045] alloc_inode+0x82/0x230 [ 157.613603][ T7045] sock_alloc+0x40/0x280 [ 157.613641][ T7045] __sock_create+0xc1/0x8d0 [ 157.613685][ T7045] ? __pfx_lock_release+0x10/0x10 [ 157.613728][ T7045] __sys_socket+0x14f/0x260 [ 157.613775][ T7045] ? __pfx___sys_socket+0x10/0x10 [ 157.613825][ T7045] ? do_user_addr_fault+0x83d/0x13f0 [ 157.613872][ T7045] __x64_sys_socket+0x72/0xb0 [ 157.613915][ T7045] ? lockdep_hardirqs_on+0x7c/0x110 [ 157.613970][ T7045] do_syscall_64+0xcd/0x250 [ 157.614002][ T7045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.614055][ T7045] RIP: 0033:0x7f596e58ecc7 [ 157.614080][ T7045] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.614109][ T7045] RSP: 002b:00007f596f392fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 157.614139][ T7045] RAX: ffffffffffffffda RBX: 00007f596e7a5fa0 RCX: 00007f596e58ecc7 [ 157.614159][ T7045] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 157.614177][ T7045] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 157.614194][ T7045] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 157.614212][ T7045] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 157.614268][ T7045] [ 157.614660][ T7045] socket: no more sockets [ 158.660081][ T7053] netlink: 28 bytes leftover after parsing attributes in process `syz.0.314'. [ 158.824446][ T7051] netlink: 28 bytes leftover after parsing attributes in process `syz.2.315'. [ 159.647302][ T7073] FAULT_INJECTION: forcing a failure. [ 159.647302][ T7073] name failslab, interval 1, probability 0, space 0, times 0 [ 159.732787][ T7073] CPU: 0 UID: 0 PID: 7073 Comm: syz.1.319 Not tainted 6.14.0-rc1-syzkaller #0 [ 159.732822][ T7073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 159.732837][ T7073] Call Trace: [ 159.732846][ T7073] [ 159.732856][ T7073] dump_stack_lvl+0x16c/0x1f0 [ 159.732904][ T7073] should_fail_ex+0x50a/0x650 [ 159.732939][ T7073] ? fs_reclaim_acquire+0xae/0x150 [ 159.732986][ T7073] ? ccid_get_builtin_ccids+0x79/0x200 [ 159.733016][ T7073] should_failslab+0xc2/0x120 [ 159.733052][ T7073] __kmalloc_cache_noprof+0x68/0x420 [ 159.733089][ T7073] ccid_get_builtin_ccids+0x79/0x200 [ 159.733124][ T7073] dccp_feat_init+0x363/0x800 [ 159.733163][ T7073] ? __pfx_dccp_feat_init+0x10/0x10 [ 159.733207][ T7073] ? lockdep_init_map_type+0xa0/0x7d0 [ 159.733248][ T7073] ? do_init_timer+0xc9/0x110 [ 159.733272][ T7073] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 159.733298][ T7073] ? __pfx_dccp_delack_timer+0x10/0x10 [ 159.733329][ T7073] dccp_init_sock+0x327/0x420 [ 159.733372][ T7073] dccp_v4_init_sock+0x1f/0xa0 [ 159.733408][ T7073] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 159.733444][ T7073] inet_create+0x94a/0x10a0 [ 159.733486][ T7073] ? inet_create+0x90/0x10a0 [ 159.733531][ T7073] __sock_create+0x335/0x8d0 [ 159.733575][ T7073] inet_ctl_sock_create+0x96/0x230 [ 159.733615][ T7073] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 159.733662][ T7073] ? __pfx_dccp_v4_init_net+0x10/0x10 [ 159.733700][ T7073] dccp_v4_init_net+0x63/0x90 [ 159.733738][ T7073] ops_init+0x1df/0x5f0 [ 159.733771][ T7073] setup_net+0x21f/0x860 [ 159.733810][ T7073] ? __pfx_setup_net+0x10/0x10 [ 159.733837][ T7073] ? down_read_killable+0xcc/0x380 [ 159.733867][ T7073] ? __pfx_down_read_killable+0x10/0x10 [ 159.733899][ T7073] ? debug_mutex_init+0x37/0x70 [ 159.733946][ T7073] copy_net_ns+0x2b4/0x6c0 [ 159.733983][ T7073] create_new_namespaces+0x3ea/0xad0 [ 159.734031][ T7073] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 159.734074][ T7073] ksys_unshare+0x45d/0xa40 [ 159.734117][ T7073] ? __pfx_ksys_unshare+0x10/0x10 [ 159.734157][ T7073] ? xfd_validate_state+0x5d/0x180 [ 159.734202][ T7073] ? syscall_user_dispatch+0x77/0x140 [ 159.734251][ T7073] __x64_sys_unshare+0x31/0x40 [ 159.734293][ T7073] do_syscall_64+0xcd/0x250 [ 159.734338][ T7073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.734378][ T7073] RIP: 0033:0x7f98cb98cda9 [ 159.734401][ T7073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.734428][ T7073] RSP: 002b:00007f98cc891038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 159.734455][ T7073] RAX: ffffffffffffffda RBX: 00007f98cbba5fa0 RCX: 00007f98cb98cda9 [ 159.734473][ T7073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 159.734490][ T7073] RBP: 00007f98cba0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 159.734506][ T7073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.734523][ T7073] R13: 0000000000000000 R14: 00007f98cbba5fa0 R15: 00007ffc6189a3e8 [ 159.734559][ T7073] [ 160.275077][ T7077] vivid-003: ================= START STATUS ================= [ 160.382787][ T7077] vivid-003: Radio HW Seek Mode: Bounded [ 160.388641][ T7077] vivid-003: Radio Programmable HW Seek: false [ 160.455977][ T7077] vivid-003: RDS Rx I/O Mode: Block I/O [ 160.469536][ T7077] vivid-003: Generate RBDS Instead of RDS: false [ 160.596612][ T7077] vivid-003: RDS Reception: true [ 160.601631][ T7077] vivid-003: RDS Program Type: 0 inactive [ 160.652703][ T7077] vivid-003: RDS PS Name: inactive [ 160.658003][ T7077] vivid-003: RDS Radio Text: inactive [ 160.731685][ T7077] vivid-003: RDS Traffic Announcement: false inactive [ 160.821089][ T7077] vivid-003: RDS Traffic Program: false inactive [ 160.950217][ T7077] vivid-003: RDS Music: false inactive [ 160.956903][ T7077] vivid-003: ================== END STATUS ================== [ 161.589517][ T7101] netlink: 12 bytes leftover after parsing attributes in process `syz.2.326'. [ 161.637262][ T7100] HfR: entered promiscuous mode [ 161.660294][ T7101] HfR: left promiscuous mode [ 163.230498][ T7127] netlink: 28 bytes leftover after parsing attributes in process `syz.0.330'. [ 164.914065][ T7154] FAULT_INJECTION: forcing a failure. [ 164.914065][ T7154] name failslab, interval 1, probability 0, space 0, times 0 [ 164.972322][ T7154] CPU: 0 UID: 0 PID: 7154 Comm: syz.0.335 Not tainted 6.14.0-rc1-syzkaller #0 [ 164.972355][ T7154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 164.972370][ T7154] Call Trace: [ 164.972377][ T7154] [ 164.972387][ T7154] dump_stack_lvl+0x16c/0x1f0 [ 164.972434][ T7154] should_fail_ex+0x50a/0x650 [ 164.972466][ T7154] ? fs_reclaim_acquire+0xae/0x150 [ 164.972512][ T7154] should_failslab+0xc2/0x120 [ 164.972546][ T7154] __kmalloc_noprof+0xce/0x4f0 [ 164.972576][ T7154] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 164.972608][ T7154] ? tomoyo_realpath_from_path+0xbf/0x710 [ 164.972650][ T7154] tomoyo_realpath_from_path+0xbf/0x710 [ 164.972687][ T7154] ? tomoyo_path_number_perm+0x235/0x5b0 [ 164.972724][ T7154] tomoyo_path_number_perm+0x248/0x5b0 [ 164.972751][ T7154] ? tomoyo_path_number_perm+0x235/0x5b0 [ 164.972781][ T7154] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 164.972840][ T7154] ? __pfx_lock_release+0x10/0x10 [ 164.972880][ T7154] ? trace_lock_acquire+0x14e/0x1f0 [ 164.972909][ T7154] ? lock_acquire+0x2f/0xb0 [ 164.972937][ T7154] ? __fget_files+0x40/0x3a0 [ 164.972970][ T7154] ? __fget_files+0x206/0x3a0 [ 164.973002][ T7154] security_file_ioctl+0x9b/0x240 [ 164.973033][ T7154] __x64_sys_ioctl+0xb7/0x200 [ 164.973082][ T7154] do_syscall_64+0xcd/0x250 [ 164.973109][ T7154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.973147][ T7154] RIP: 0033:0x7f98e2d8cda9 [ 164.973166][ T7154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.973190][ T7154] RSP: 002b:00007f98e3b5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 164.973214][ T7154] RAX: ffffffffffffffda RBX: 00007f98e2fa6080 RCX: 00007f98e2d8cda9 [ 164.973231][ T7154] RDX: 0000000000000000 RSI: 0000000080089203 RDI: 0000000000000004 [ 164.973246][ T7154] RBP: 00007f98e3b5a090 R08: 0000000000000000 R09: 0000000000000000 [ 164.973260][ T7154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.973274][ T7154] R13: 0000000000000001 R14: 00007f98e2fa6080 R15: 00007ffdb25927c8 [ 164.973306][ T7154] [ 165.272717][ T7154] ERROR: Out of memory at tomoyo_realpath_from_path. [ 165.492350][ T7164] FAULT_INJECTION: forcing a failure. [ 165.492350][ T7164] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 165.556953][ T7164] CPU: 0 UID: 0 PID: 7164 Comm: syz.2.339 Not tainted 6.14.0-rc1-syzkaller #0 [ 165.557001][ T7164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 165.557027][ T7164] Call Trace: [ 165.557035][ T7164] [ 165.557044][ T7164] dump_stack_lvl+0x16c/0x1f0 [ 165.557091][ T7164] should_fail_ex+0x50a/0x650 [ 165.557122][ T7164] ? __pfx___might_resched+0x10/0x10 [ 165.557162][ T7164] should_fail_alloc_page+0xe7/0x130 [ 165.557199][ T7164] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 165.557244][ T7164] ? rcu_is_watching+0x12/0xc0 [ 165.557289][ T7164] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 165.557325][ T7164] ? hlock_class+0x4e/0x130 [ 165.557365][ T7164] ? mark_lock+0xb5/0xc60 [ 165.557394][ T7164] ? lockdep_hardirqs_on+0x7c/0x110 [ 165.557433][ T7164] ? finish_task_switch.isra.0+0x217/0xcc0 [ 165.557468][ T7164] ? __pfx_mark_lock+0x10/0x10 [ 165.557500][ T7164] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 165.557534][ T7164] ? __pfx___lock_acquire+0x10/0x10 [ 165.557569][ T7164] ? hlock_class+0x4e/0x130 [ 165.557616][ T7164] ? hlock_class+0x4e/0x130 [ 165.557656][ T7164] ? __lock_acquire+0xcc5/0x3c40 [ 165.557687][ T7164] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 165.557725][ T7164] ? policy_nodemask+0xea/0x4e0 [ 165.557761][ T7164] alloc_pages_mpol+0x1fc/0x540 [ 165.557796][ T7164] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 165.557828][ T7164] ? hlock_class+0x4e/0x130 [ 165.557867][ T7164] ? __lock_acquire+0xcc5/0x3c40 [ 165.557913][ T7164] folio_alloc_mpol_noprof+0x36/0x2f0 [ 165.557955][ T7164] vma_alloc_folio_noprof+0xee/0x1b0 [ 165.557995][ T7164] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 165.558037][ T7164] ? find_held_lock+0x2d/0x110 [ 165.558085][ T7164] do_pte_missing+0x202f/0x3e10 [ 165.558127][ T7164] __handle_mm_fault+0x1166/0x2c60 [ 165.558164][ T7164] ? lock_vma_under_rcu+0x6b9/0x980 [ 165.558191][ T7164] ? __pfx___handle_mm_fault+0x10/0x10 [ 165.558249][ T7164] handle_mm_fault+0x3fa/0xaa0 [ 165.558286][ T7164] do_user_addr_fault+0x60d/0x13f0 [ 165.558327][ T7164] exc_page_fault+0x5c/0xc0 [ 165.558366][ T7164] asm_exc_page_fault+0x26/0x30 [ 165.558402][ T7164] RIP: 0033:0x7f596e458b7b [ 165.558423][ T7164] Code: 00 00 00 48 8d 3d 9d 33 19 00 48 89 c1 31 c0 e8 0b 44 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d d1 33 19 00 48 89 34 24 48 8b 14 24 48 8b [ 165.558447][ T7164] RSP: 002b:00007f596f392fb0 EFLAGS: 00010202 [ 165.558467][ T7164] RAX: 0000000000000000 RBX: 00007f596e7a5fa0 RCX: 0000000000000000 [ 165.558481][ T7164] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000 [ 165.558497][ T7164] RBP: 00007f596e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 165.558511][ T7164] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 165.558525][ T7164] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 165.558557][ T7164] [ 165.558763][ T7164] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 166.004453][ T7169] FAULT_INJECTION: forcing a failure. [ 166.004453][ T7169] name failslab, interval 1, probability 0, space 0, times 0 [ 166.022812][ T7169] CPU: 0 UID: 0 PID: 7169 Comm: syz.1.340 Not tainted 6.14.0-rc1-syzkaller #0 [ 166.022844][ T7169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 166.022859][ T7169] Call Trace: [ 166.022866][ T7169] [ 166.022876][ T7169] dump_stack_lvl+0x16c/0x1f0 [ 166.022924][ T7169] should_fail_ex+0x50a/0x650 [ 166.022958][ T7169] ? fs_reclaim_acquire+0xae/0x150 [ 166.023005][ T7169] should_failslab+0xc2/0x120 [ 166.023039][ T7169] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 166.023072][ T7169] ? __kernfs_new_node+0xd3/0x890 [ 166.023120][ T7169] __kernfs_new_node+0xd3/0x890 [ 166.023169][ T7169] ? __pfx___kernfs_new_node+0x10/0x10 [ 166.023214][ T7169] ? __pfx_lock_release+0x10/0x10 [ 166.023248][ T7169] ? kernfs_add_one+0x39d/0x520 [ 166.023282][ T7169] ? lock_acquire.part.0+0x11b/0x380 [ 166.023316][ T7169] ? find_held_lock+0x2d/0x110 [ 166.023369][ T7169] kernfs_new_node+0x186/0x240 [ 166.023404][ T7169] kernfs_create_link+0xcc/0x240 [ 166.023443][ T7169] sysfs_do_create_link_sd+0x90/0x140 [ 166.023487][ T7169] sysfs_create_link+0x61/0xc0 [ 166.023529][ T7169] device_add+0x62e/0x1a70 [ 166.023567][ T7169] ? alloc_workqueue+0x199/0x200 [ 166.023614][ T7169] ? __pfx_device_add+0x10/0x10 [ 166.023656][ T7169] ? lockdep_init_map_type+0x16d/0x7d0 [ 166.023698][ T7169] nfc_register_device+0x41/0x3c0 [ 166.023744][ T7169] nci_register_device+0x7f4/0xb80 [ 166.023780][ T7169] ? __pfx_nci_register_device+0x10/0x10 [ 166.023839][ T7169] virtual_ncidev_open+0x141/0x220 [ 166.023880][ T7169] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 166.023919][ T7169] misc_open+0x35a/0x420 [ 166.023952][ T7169] ? __pfx_misc_open+0x10/0x10 [ 166.023984][ T7169] chrdev_open+0x237/0x6a0 [ 166.024016][ T7169] ? __pfx_chrdev_open+0x10/0x10 [ 166.024051][ T7169] ? file_set_fsnotify_mode+0x163/0x5d0 [ 166.024099][ T7169] do_dentry_open+0x735/0x1c40 [ 166.024128][ T7169] ? __pfx_chrdev_open+0x10/0x10 [ 166.024161][ T7169] ? inode_permission+0xdd/0x5f0 [ 166.024202][ T7169] vfs_open+0x82/0x3f0 [ 166.024235][ T7169] ? may_open+0x1f2/0x400 [ 166.024277][ T7169] path_openat+0x1e88/0x2d80 [ 166.024319][ T7169] ? __pfx_path_openat+0x10/0x10 [ 166.024349][ T7169] ? __pfx___lock_acquire+0x10/0x10 [ 166.024379][ T7169] ? lock_acquire.part.0+0x11b/0x380 [ 166.024411][ T7169] ? find_held_lock+0x2d/0x110 [ 166.024455][ T7169] do_filp_open+0x20c/0x470 [ 166.024486][ T7169] ? __pfx_do_filp_open+0x10/0x10 [ 166.024513][ T7169] ? find_held_lock+0x2d/0x110 [ 166.024579][ T7169] ? alloc_fd+0x41f/0x760 [ 166.024618][ T7169] do_sys_openat2+0x17a/0x1e0 [ 166.024655][ T7169] ? __pfx_do_sys_openat2+0x10/0x10 [ 166.024690][ T7169] ? fput+0x67/0x440 [ 166.024725][ T7169] ? __sys_sendmsg+0x19a/0x220 [ 166.024761][ T7169] __x64_sys_openat+0x175/0x210 [ 166.024807][ T7169] ? __pfx___x64_sys_openat+0x10/0x10 [ 166.024860][ T7169] do_syscall_64+0xcd/0x250 [ 166.024889][ T7169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.024927][ T7169] RIP: 0033:0x7f98cb98cda9 [ 166.024948][ T7169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.024972][ T7169] RSP: 002b:00007f98cc891038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 166.024997][ T7169] RAX: ffffffffffffffda RBX: 00007f98cbba5fa0 RCX: 00007f98cb98cda9 [ 166.025012][ T7169] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 166.025026][ T7169] RBP: 00007f98cba0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 166.025039][ T7169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.025052][ T7169] R13: 0000000000000000 R14: 00007f98cbba5fa0 R15: 00007ffc6189a3e8 [ 166.025079][ T7169] [ 166.678005][ T7169] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 166.945395][ T7172] HfR: entered promiscuous mode [ 167.043696][ T7177] FAULT_INJECTION: forcing a failure. [ 167.043696][ T7177] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 167.152739][ T7177] CPU: 1 UID: 0 PID: 7177 Comm: syz.2.341 Not tainted 6.14.0-rc1-syzkaller #0 [ 167.152779][ T7177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 167.152795][ T7177] Call Trace: [ 167.152803][ T7177] [ 167.152813][ T7177] dump_stack_lvl+0x16c/0x1f0 [ 167.152863][ T7177] should_fail_ex+0x50a/0x650 [ 167.152904][ T7177] _copy_to_user+0x32/0xd0 [ 167.152948][ T7177] simple_read_from_buffer+0xd0/0x160 [ 167.152996][ T7177] proc_fail_nth_read+0x198/0x270 [ 167.153039][ T7177] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 167.153084][ T7177] ? rw_verify_area+0xcf/0x680 [ 167.153129][ T7177] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 167.153172][ T7177] vfs_read+0x1df/0xbf0 [ 167.153200][ T7177] ? __fget_files+0x1fc/0x3a0 [ 167.153230][ T7177] ? __pfx___mutex_lock+0x10/0x10 [ 167.153276][ T7177] ? __pfx_vfs_read+0x10/0x10 [ 167.153315][ T7177] ? __fget_files+0x206/0x3a0 [ 167.153356][ T7177] ksys_read+0x12b/0x250 [ 167.153384][ T7177] ? __pfx_ksys_read+0x10/0x10 [ 167.153424][ T7177] do_syscall_64+0xcd/0x250 [ 167.153453][ T7177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.153494][ T7177] RIP: 0033:0x7f596e58b7bc [ 167.153515][ T7177] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 167.153540][ T7177] RSP: 002b:00007f596f394030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 167.153565][ T7177] RAX: ffffffffffffffda RBX: 00007f596e7a5fa0 RCX: 00007f596e58b7bc [ 167.153582][ T7177] RDX: 000000000000000f RSI: 00007f596f3940a0 RDI: 0000000000000003 [ 167.153598][ T7177] RBP: 00007f596f394090 R08: 0000000000000000 R09: 0000000000000000 [ 167.153613][ T7177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.153628][ T7177] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 167.153662][ T7177] [ 167.741727][ T7189] openvswitch: HfR: Dropping previously announced user features [ 167.792977][ T7189] netlink: 12 bytes leftover after parsing attributes in process `syz.3.343'. [ 168.050187][ T7196] Invalid ELF header magic: != ELF [ 168.087930][ T7189] HfR: left promiscuous mode [ 168.957968][ T7200] netlink: 28 bytes leftover after parsing attributes in process `syz.0.346'. [ 170.664675][ T7227] netlink: 28 bytes leftover after parsing attributes in process `syz.0.351'. [ 171.479979][ T7242] HfR: entered promiscuous mode [ 171.495768][ T7242] netlink: 12 bytes leftover after parsing attributes in process `syz.3.352'. [ 171.515041][ T7242] HfR: left promiscuous mode [ 171.773274][ T7262] FAULT_INJECTION: forcing a failure. [ 171.773274][ T7262] name failslab, interval 1, probability 0, space 0, times 0 [ 171.821727][ T7262] CPU: 1 UID: 0 PID: 7262 Comm: syz.2.357 Not tainted 6.14.0-rc1-syzkaller #0 [ 171.821763][ T7262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 171.821780][ T7262] Call Trace: [ 171.821787][ T7262] [ 171.821797][ T7262] dump_stack_lvl+0x16c/0x1f0 [ 171.821846][ T7262] should_fail_ex+0x50a/0x650 [ 171.821881][ T7262] ? fs_reclaim_acquire+0xae/0x150 [ 171.821932][ T7262] should_failslab+0xc2/0x120 [ 171.821968][ T7262] __kmalloc_node_noprof+0xd1/0x520 [ 171.822005][ T7262] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 171.822041][ T7262] __kvmalloc_node_noprof+0xad/0x1a0 [ 171.822074][ T7262] v4l2_ctrl_new+0x962/0x2030 [ 171.822124][ T7262] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 171.822161][ T7262] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 171.822200][ T7262] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 171.822245][ T7262] v4l2_ctrl_new_std+0x1b3/0x280 [ 171.822293][ T7262] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 171.822329][ T7262] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 171.822385][ T7262] ? media_request_object_init+0x100/0x180 [ 171.822419][ T7262] vicodec_open+0x228/0xf80 [ 171.822465][ T7262] v4l2_open+0x222/0x490 [ 171.822498][ T7262] ? __pfx_v4l2_open+0x10/0x10 [ 171.822529][ T7262] chrdev_open+0x237/0x6a0 [ 171.822561][ T7262] ? __pfx_apparmor_file_open+0x10/0x10 [ 171.822593][ T7262] ? __pfx_chrdev_open+0x10/0x10 [ 171.822633][ T7262] ? file_set_fsnotify_mode+0x163/0x5d0 [ 171.822683][ T7262] do_dentry_open+0x735/0x1c40 [ 171.822713][ T7262] ? __pfx_chrdev_open+0x10/0x10 [ 171.822750][ T7262] ? inode_permission+0xdd/0x5f0 [ 171.822793][ T7262] vfs_open+0x82/0x3f0 [ 171.822828][ T7262] ? may_open+0x1f2/0x400 [ 171.822872][ T7262] path_openat+0x1e88/0x2d80 [ 171.822914][ T7262] ? __pfx_path_openat+0x10/0x10 [ 171.822945][ T7262] ? __pfx___lock_acquire+0x10/0x10 [ 171.822980][ T7262] ? lock_acquire.part.0+0x11b/0x380 [ 171.823015][ T7262] ? find_held_lock+0x2d/0x110 [ 171.823063][ T7262] do_filp_open+0x20c/0x470 [ 171.823094][ T7262] ? __pfx_do_filp_open+0x10/0x10 [ 171.823124][ T7262] ? find_held_lock+0x2d/0x110 [ 171.823192][ T7262] ? alloc_fd+0x41f/0x760 [ 171.823231][ T7262] do_sys_openat2+0x17a/0x1e0 [ 171.823270][ T7262] ? __pfx_do_sys_openat2+0x10/0x10 [ 171.823324][ T7262] __x64_sys_openat+0x175/0x210 [ 171.823365][ T7262] ? __pfx___x64_sys_openat+0x10/0x10 [ 171.823421][ T7262] do_syscall_64+0xcd/0x250 [ 171.823460][ T7262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.823502][ T7262] RIP: 0033:0x7f596e58cda9 [ 171.823523][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.823549][ T7262] RSP: 002b:00007f596f394038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 171.823575][ T7262] RAX: ffffffffffffffda RBX: 00007f596e7a5fa0 RCX: 00007f596e58cda9 [ 171.823593][ T7262] RDX: 00000000001ab442 RSI: 0000000020000340 RDI: ffffffffffffff9c [ 171.823610][ T7262] RBP: 00007f596e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 171.823626][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.823641][ T7262] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 171.823675][ T7262] [ 174.303916][ T7306] FAULT_INJECTION: forcing a failure. [ 174.303916][ T7306] name failslab, interval 1, probability 0, space 0, times 0 [ 174.342686][ T7306] CPU: 0 UID: 0 PID: 7306 Comm: syz.2.362 Not tainted 6.14.0-rc1-syzkaller #0 [ 174.342721][ T7306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 174.342736][ T7306] Call Trace: [ 174.342743][ T7306] [ 174.342753][ T7306] dump_stack_lvl+0x16c/0x1f0 [ 174.342799][ T7306] should_fail_ex+0x50a/0x650 [ 174.342831][ T7306] ? fs_reclaim_acquire+0xae/0x150 [ 174.342877][ T7306] should_failslab+0xc2/0x120 [ 174.342912][ T7306] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 174.342944][ T7306] ? __kernfs_new_node+0xd3/0x890 [ 174.342992][ T7306] __kernfs_new_node+0xd3/0x890 [ 174.343033][ T7306] ? __pfx___kernfs_new_node+0x10/0x10 [ 174.343089][ T7306] ? __pfx___lock_acquire+0x10/0x10 [ 174.343128][ T7306] kernfs_new_node+0x186/0x240 [ 174.343163][ T7306] __kernfs_create_file+0x53/0x350 [ 174.343202][ T7306] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 174.343250][ T7306] sysfs_create_file_ns+0x13e/0x1d0 [ 174.343290][ T7306] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 174.343340][ T7306] ? down_read+0xc9/0x330 [ 174.343366][ T7306] ? __pfx___up_read+0x10/0x10 [ 174.343401][ T7306] ? kobject_put+0xab/0x5a0 [ 174.343430][ T7306] device_create_file+0xf2/0x1e0 [ 174.343469][ T7306] device_add+0x2c0/0x1a70 [ 174.343503][ T7306] ? __pfx_device_add+0x10/0x10 [ 174.343534][ T7306] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 174.343568][ T7306] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 174.343601][ T7306] wiphy_register+0x1c7a/0x2860 [ 174.343636][ T7306] ? netdev_run_todo+0x877/0x1320 [ 174.343671][ T7306] ? __pfx_wiphy_register+0x10/0x10 [ 174.343718][ T7306] ieee80211_register_hw+0x23ff/0x3ff0 [ 174.343760][ T7306] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 174.343788][ T7306] ? net_generic+0xea/0x2a0 [ 174.343825][ T7306] ? lockdep_init_map_type+0x16d/0x7d0 [ 174.343859][ T7306] ? rcu_is_watching+0x12/0xc0 [ 174.343895][ T7306] ? trace_hrtimer_init+0x1a6/0x230 [ 174.343928][ T7306] ? __hrtimer_init+0x106/0x2c0 [ 174.343962][ T7306] mac80211_hwsim_new_radio+0x2c47/0x56d0 [ 174.344001][ T7306] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.344057][ T7306] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 174.344108][ T7306] hwsim_new_radio_nl+0xb42/0x12b0 [ 174.344151][ T7306] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 174.344201][ T7306] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 174.344245][ T7306] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 174.344293][ T7306] genl_family_rcv_msg_doit+0x202/0x2f0 [ 174.344344][ T7306] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 174.344384][ T7306] ? trace_cap_capable+0x1a2/0x210 [ 174.344432][ T7306] ? bpf_lsm_capable+0x9/0x10 [ 174.344466][ T7306] ? security_capable+0x7e/0x260 [ 174.344503][ T7306] ? ns_capable+0xd7/0x110 [ 174.344538][ T7306] genl_rcv_msg+0x565/0x800 [ 174.344565][ T7306] ? __pfx_genl_rcv_msg+0x10/0x10 [ 174.344589][ T7306] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 174.344641][ T7306] netlink_rcv_skb+0x165/0x410 [ 174.344677][ T7306] ? __pfx_genl_rcv_msg+0x10/0x10 [ 174.344703][ T7306] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 174.344754][ T7306] ? down_read+0xc9/0x330 [ 174.344777][ T7306] ? __pfx_down_read+0x10/0x10 [ 174.344802][ T7306] ? netlink_deliver_tap+0x1ae/0xca0 [ 174.344842][ T7306] genl_rcv+0x28/0x40 [ 174.344877][ T7306] netlink_unicast+0x53c/0x7f0 [ 174.344916][ T7306] ? __pfx_netlink_unicast+0x10/0x10 [ 174.344952][ T7306] ? __phys_addr_symbol+0x30/0x80 [ 174.344991][ T7306] ? __check_object_size+0x488/0x710 [ 174.345028][ T7306] netlink_sendmsg+0x8b8/0xd70 [ 174.345070][ T7306] ? __pfx_netlink_sendmsg+0x10/0x10 [ 174.345119][ T7306] ____sys_sendmsg+0x9ae/0xb40 [ 174.345153][ T7306] ? copy_msghdr_from_user+0x10b/0x160 [ 174.345178][ T7306] ? __pfx_____sys_sendmsg+0x10/0x10 [ 174.345229][ T7306] ___sys_sendmsg+0x135/0x1e0 [ 174.345257][ T7306] ? __pfx____sys_sendmsg+0x10/0x10 [ 174.345303][ T7306] ? __pfx_lock_release+0x10/0x10 [ 174.345333][ T7306] ? trace_lock_acquire+0x14e/0x1f0 [ 174.345368][ T7306] ? __fget_files+0x206/0x3a0 [ 174.345403][ T7306] __sys_sendmsg+0x16e/0x220 [ 174.345430][ T7306] ? __pfx___sys_sendmsg+0x10/0x10 [ 174.345455][ T7306] ? __x64_sys_futex+0x1e1/0x4c0 [ 174.345501][ T7306] do_syscall_64+0xcd/0x250 [ 174.345527][ T7306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.345561][ T7306] RIP: 0033:0x7f596e58cda9 [ 174.345581][ T7306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.345603][ T7306] RSP: 002b:00007f596f394038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 174.345624][ T7306] RAX: ffffffffffffffda RBX: 00007f596e7a5fa0 RCX: 00007f596e58cda9 [ 174.345639][ T7306] RDX: 00000000040000c0 RSI: 0000000020000300 RDI: 0000000000000006 [ 174.345652][ T7306] RBP: 00007f596e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 174.345665][ T7306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.345678][ T7306] R13: 0000000000000000 R14: 00007f596e7a5fa0 R15: 00007fff873b14b8 [ 174.345709][ T7306] [ 175.063658][ T7313] HfR: entered promiscuous mode [ 175.262198][ T7311] netlink: 28 bytes leftover after parsing attributes in process `syz.3.363'. [ 175.622790][ T7319] netlink: 12 bytes leftover after parsing attributes in process `syz.2.365'. [ 176.702239][ T7340] netlink: 222 bytes leftover after parsing attributes in process `syz.1.373'. [ 176.741802][ T7340] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.363552][ T7347] netlink: 12 bytes leftover after parsing attributes in process `syz.1.375'. [ 177.372786][ T7347] HfR: left promiscuous mode [ 177.474590][ T7354] netlink: 'syz.3.377': attribute type 1 has an invalid length. [ 177.492544][ T7354] netlink: 32 bytes leftover after parsing attributes in process `syz.3.377'. [ 177.505967][ T7354] netlink: 'syz.3.377': attribute type 1 has an invalid length. [ 177.608721][ T7358] Invalid ELF header magic: != ELF [ 177.689859][ T7361] netlink: 12 bytes leftover after parsing attributes in process `syz.0.379'. [ 178.002692][ T7369] netlink: 28 bytes leftover after parsing attributes in process `syz.1.381'. [ 178.253579][ T7373] Invalid ELF header magic: != ELF [ 179.379147][ T7381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.385'. [ 180.559607][ T7402] HfR: entered promiscuous mode [ 181.430988][ T7428] netlink: 28 bytes leftover after parsing attributes in process `syz.3.399'. [ 183.347415][ T7456] netlink: 12 bytes leftover after parsing attributes in process `syz.1.407'. [ 183.752943][ T7461] openvswitch: HfR: Dropping previously announced user features [ 185.879019][ T7489] netlink: 12 bytes leftover after parsing attributes in process `syz.0.422'. [ 185.902904][ T7489] HfR: left promiscuous mode [ 186.588373][ T7495] FAULT_INJECTION: forcing a failure. [ 186.588373][ T7495] name fail_futex, interval 1, probability 0, space 0, times 0 [ 186.616172][ T7495] CPU: 1 UID: 0 PID: 7495 Comm: syz.0.416 Not tainted 6.14.0-rc1-syzkaller #0 [ 186.616212][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 186.616241][ T7495] Call Trace: [ 186.616251][ T7495] [ 186.616267][ T7495] dump_stack_lvl+0x16c/0x1f0 [ 186.616332][ T7495] should_fail_ex+0x50a/0x650 [ 186.616379][ T7495] get_futex_key+0x4a3/0x1000 [ 186.616440][ T7495] ? __pfx_get_futex_key+0x10/0x10 [ 186.616499][ T7495] ? __destroy_inode+0x2e4/0x730 [ 186.616542][ T7495] ? __pfx_sock_free_inode+0x10/0x10 [ 186.616591][ T7495] futex_wake+0xe8/0x4e0 [ 186.616631][ T7495] ? __pfx_evict+0x10/0x10 [ 186.616675][ T7495] ? __pfx_futex_wake+0x10/0x10 [ 186.616732][ T7495] do_futex+0x1e5/0x350 [ 186.616765][ T7495] ? __pfx_do_futex+0x10/0x10 [ 186.616798][ T7495] ? __sock_release+0x20b/0x270 [ 186.616844][ T7495] __x64_sys_futex+0x1e1/0x4c0 [ 186.616878][ T7495] ? __sys_socket+0xad/0x260 [ 186.616923][ T7495] ? __pfx___x64_sys_futex+0x10/0x10 [ 186.616958][ T7495] ? rcu_is_watching+0x12/0xc0 [ 186.617027][ T7495] do_syscall_64+0xcd/0x250 [ 186.617054][ T7495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.617093][ T7495] RIP: 0033:0x7f98e2d8cda9 [ 186.617114][ T7495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.617140][ T7495] RSP: 002b:00007f98e3b7b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 186.617165][ T7495] RAX: ffffffffffffffda RBX: 00007f98e2fa5fa8 RCX: 00007f98e2d8cda9 [ 186.617183][ T7495] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f98e2fa5fac [ 186.617199][ T7495] RBP: 00007f98e2fa5fa0 R08: 00007f98e3b7c000 R09: 0000000000000000 [ 186.617216][ T7495] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f98e2fa5fac [ 186.617234][ T7495] R13: 0000000000000000 R14: 00007ffdb25926e0 R15: 00007ffdb25927c8 [ 186.617267][ T7495] [ 187.668859][ T7512] netlink: 12 bytes leftover after parsing attributes in process `syz.1.421'. [ 187.958634][ T7508] HfR: entered promiscuous mode [ 187.995094][ T7508] netlink: 12 bytes leftover after parsing attributes in process `syz.0.419'. [ 188.024664][ T7508] HfR: left promiscuous mode [ 188.180318][ T7517] netlink: 12 bytes leftover after parsing attributes in process `syz.2.423'. [ 188.876858][ T7524] HfR: entered promiscuous mode [ 189.449732][ T7533] Invalid ELF header magic: != ELF [ 189.984484][ T7531] netlink: 12 bytes leftover after parsing attributes in process `syz.3.427'. [ 190.012163][ T7534] HfR: entered promiscuous mode [ 190.468212][ T7540] FAULT_INJECTION: forcing a failure. [ 190.468212][ T7540] name failslab, interval 1, probability 0, space 0, times 0 [ 190.500699][ T7540] CPU: 0 UID: 0 PID: 7540 Comm: syz.1.429 Not tainted 6.14.0-rc1-syzkaller #0 [ 190.500731][ T7540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 190.500745][ T7540] Call Trace: [ 190.500753][ T7540] [ 190.500762][ T7540] dump_stack_lvl+0x16c/0x1f0 [ 190.500809][ T7540] should_fail_ex+0x50a/0x650 [ 190.500842][ T7540] ? fs_reclaim_acquire+0xae/0x150 [ 190.500889][ T7540] should_failslab+0xc2/0x120 [ 190.500923][ T7540] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 190.500955][ T7540] ? getname_flags.part.0+0x4c/0x550 [ 190.500993][ T7540] ? vfs_write+0x306/0x1150 [ 190.501021][ T7540] getname_flags.part.0+0x4c/0x550 [ 190.501061][ T7540] getname+0x8d/0xe0 [ 190.501092][ T7540] do_sys_openat2+0x104/0x1e0 [ 190.501130][ T7540] ? __pfx_do_sys_openat2+0x10/0x10 [ 190.501171][ T7540] ? __fget_files+0x206/0x3a0 [ 190.501205][ T7540] __x64_sys_openat+0x175/0x210 [ 190.501243][ T7540] ? __pfx___x64_sys_openat+0x10/0x10 [ 190.501279][ T7540] ? ksys_write+0x1ba/0x250 [ 190.501317][ T7540] do_syscall_64+0xcd/0x250 [ 190.501344][ T7540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.501382][ T7540] RIP: 0033:0x7f98cb98cda9 [ 190.501402][ T7540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.501426][ T7540] RSP: 002b:00007f98cc891038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 190.501449][ T7540] RAX: ffffffffffffffda RBX: 00007f98cbba5fa0 RCX: 00007f98cb98cda9 [ 190.501464][ T7540] RDX: 00000000001ab442 RSI: 0000000020000340 RDI: ffffffffffffff9c [ 190.501479][ T7540] RBP: 00007f98cc891090 R08: 0000000000000000 R09: 0000000000000000 [ 190.501493][ T7540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.501506][ T7540] R13: 0000000000000000 R14: 00007f98cbba5fa0 R15: 00007ffc6189a3e8 [ 190.501536][ T7540] [ 191.674792][ T7566] Invalid ELF header magic: != ELF [ 192.139870][ T7569] Invalid ELF header magic: != ELF [ 194.026714][ T7593] Invalid ELF header magic: != ELF [ 194.615762][ T7585] openvswitch: HfR: Dropping previously announced user features [ 194.673288][ T7591] netlink: 12 bytes leftover after parsing attributes in process `syz.0.438'. [ 194.770587][ T7591] HfR: left promiscuous mode [ 196.822246][ T7624] Invalid ELF header magic: != ELF [ 197.661346][ T7632] Invalid ELF header magic: != ELF [ 197.896665][ T7630] HfR: entered promiscuous mode [ 197.932932][ T7630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.449'. [ 197.952847][ T7630] HfR: left promiscuous mode [ 199.375817][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.390483][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.398382][ T7647] openvswitch: HfR: Dropping previously announced user features [ 199.587913][ T7649] vhci_hcd: not connected 4 [ 200.091080][ T7655] HfR: entered promiscuous mode [ 200.392575][ T7660] FAULT_INJECTION: forcing a failure. [ 200.392575][ T7660] name failslab, interval 1, probability 0, space 0, times 0 [ 200.449781][ T7660] CPU: 0 UID: 0 PID: 7660 Comm: syz.3.464 Not tainted 6.14.0-rc1-syzkaller #0 [ 200.449813][ T7660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 200.449829][ T7660] Call Trace: [ 200.449836][ T7660] [ 200.449846][ T7660] dump_stack_lvl+0x16c/0x1f0 [ 200.449895][ T7660] should_fail_ex+0x50a/0x650 [ 200.449928][ T7660] ? fs_reclaim_acquire+0xae/0x150 [ 200.449976][ T7660] should_failslab+0xc2/0x120 [ 200.450013][ T7660] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 200.450047][ T7660] ? __kernfs_new_node+0xd3/0x890 [ 200.450098][ T7660] __kernfs_new_node+0xd3/0x890 [ 200.450164][ T7660] ? __pfx___kernfs_new_node+0x10/0x10 [ 200.450212][ T7660] ? __pfx_lock_release+0x10/0x10 [ 200.450248][ T7660] ? kernfs_add_one+0x39d/0x520 [ 200.450291][ T7660] ? up_write+0x1b2/0x520 [ 200.450336][ T7660] kernfs_new_node+0x186/0x240 [ 200.450375][ T7660] __kernfs_create_file+0x53/0x350 [ 200.450418][ T7660] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 200.450470][ T7660] sysfs_merge_group+0x1b1/0x340 [ 200.450499][ T7660] ? __pfx_sysfs_merge_group+0x10/0x10 [ 200.450533][ T7660] ? __pfx_dev_add_physical_location+0x10/0x10 [ 200.450570][ T7660] ? bus_to_subsys+0x12d/0x160 [ 200.450619][ T7660] dpm_sysfs_add+0x237/0x280 [ 200.450656][ T7660] device_add+0x9a8/0x1a70 [ 200.450700][ T7660] ? __pfx_device_add+0x10/0x10 [ 200.450753][ T7660] ? lockdep_init_map_type+0x16d/0x7d0 [ 200.450799][ T7660] nfc_register_device+0x41/0x3c0 [ 200.450852][ T7660] nci_register_device+0x7f4/0xb80 [ 200.450891][ T7660] ? __pfx_nci_register_device+0x10/0x10 [ 200.450943][ T7660] virtual_ncidev_open+0x141/0x220 [ 200.450986][ T7660] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 200.451027][ T7660] misc_open+0x35a/0x420 [ 200.451063][ T7660] ? __pfx_misc_open+0x10/0x10 [ 200.451097][ T7660] chrdev_open+0x237/0x6a0 [ 200.451129][ T7660] ? __pfx_apparmor_file_open+0x10/0x10 [ 200.451162][ T7660] ? __pfx_chrdev_open+0x10/0x10 [ 200.451199][ T7660] ? file_set_fsnotify_mode+0x163/0x5d0 [ 200.451253][ T7660] do_dentry_open+0x735/0x1c40 [ 200.451285][ T7660] ? __pfx_chrdev_open+0x10/0x10 [ 200.451331][ T7660] ? inode_permission+0xdd/0x5f0 [ 200.451373][ T7660] vfs_open+0x82/0x3f0 [ 200.451407][ T7660] ? may_open+0x1f2/0x400 [ 200.451451][ T7660] path_openat+0x1e88/0x2d80 [ 200.451493][ T7660] ? __pfx_path_openat+0x10/0x10 [ 200.451541][ T7660] ? __pfx___lock_acquire+0x10/0x10 [ 200.451575][ T7660] ? lock_acquire.part.0+0x11b/0x380 [ 200.451610][ T7660] ? find_held_lock+0x2d/0x110 [ 200.451661][ T7660] do_filp_open+0x20c/0x470 [ 200.451694][ T7660] ? __pfx_do_filp_open+0x10/0x10 [ 200.451723][ T7660] ? find_held_lock+0x2d/0x110 [ 200.451804][ T7660] ? alloc_fd+0x41f/0x760 [ 200.451847][ T7660] do_sys_openat2+0x17a/0x1e0 [ 200.451887][ T7660] ? __pfx_do_sys_openat2+0x10/0x10 [ 200.451927][ T7660] ? fput+0x67/0x440 [ 200.451965][ T7660] ? __sys_sendmsg+0x19a/0x220 [ 200.452005][ T7660] __x64_sys_openat+0x175/0x210 [ 200.452045][ T7660] ? __pfx___x64_sys_openat+0x10/0x10 [ 200.452103][ T7660] do_syscall_64+0xcd/0x250 [ 200.452133][ T7660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.452174][ T7660] RIP: 0033:0x7f2af638cda9 [ 200.452197][ T7660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.452225][ T7660] RSP: 002b:00007f2af72c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 200.452251][ T7660] RAX: ffffffffffffffda RBX: 00007f2af65a5fa0 RCX: 00007f2af638cda9 [ 200.452269][ T7660] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 200.452287][ T7660] RBP: 00007f2af640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 200.452303][ T7660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.452319][ T7660] R13: 0000000000000000 R14: 00007f2af65a5fa0 R15: 00007ffc0c1c6c48 [ 200.452355][ T7660] [ 201.524840][ T7678] vhci_hcd: not connected 4 [ 201.808334][ T7671] openvswitch: HfR: Dropping previously announced user features [ 201.847930][ T7671] netlink: 12 bytes leftover after parsing attributes in process `syz.2.458'. [ 201.872711][ T7671] HfR: left promiscuous mode [ 203.230177][ T7699] Invalid ELF header magic: != ELF [ 204.620546][ T7708] HfR: entered promiscuous mode [ 205.105061][ T7710] HfR: entered promiscuous mode [ 205.123732][ T7710] netlink: 12 bytes leftover after parsing attributes in process `syz.3.469'. [ 205.163364][ T7710] HfR: left promiscuous mode [ 205.328741][ T7718] FAULT_INJECTION: forcing a failure. [ 205.328741][ T7718] name failslab, interval 1, probability 0, space 0, times 0 [ 205.341527][ T7718] CPU: 0 UID: 0 PID: 7718 Comm: syz.2.470 Not tainted 6.14.0-rc1-syzkaller #0 [ 205.341558][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 205.341574][ T7718] Call Trace: [ 205.341581][ T7718] [ 205.341592][ T7718] dump_stack_lvl+0x16c/0x1f0 [ 205.341640][ T7718] should_fail_ex+0x50a/0x650 [ 205.341674][ T7718] ? fs_reclaim_acquire+0xae/0x150 [ 205.341722][ T7718] should_failslab+0xc2/0x120 [ 205.341759][ T7718] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 205.341794][ T7718] ? __kernfs_new_node+0xd3/0x890 [ 205.341846][ T7718] __kernfs_new_node+0xd3/0x890 [ 205.341889][ T7718] ? __pfx___lock_acquire+0x10/0x10 [ 205.341926][ T7718] ? __pfx___kernfs_new_node+0x10/0x10 [ 205.341985][ T7718] ? find_held_lock+0x2d/0x110 [ 205.342035][ T7718] kernfs_new_node+0x186/0x240 [ 205.342070][ T7718] kernfs_create_dir_ns+0x4c/0x150 [ 205.342105][ T7718] internal_create_group+0x34e/0xf10 [ 205.342160][ T7718] ? __pfx_internal_create_group+0x10/0x10 [ 205.342217][ T7718] ? __pfx_dev_add_physical_location+0x10/0x10 [ 205.342252][ T7718] ? bus_to_subsys+0x12d/0x160 [ 205.342300][ T7718] dpm_sysfs_add+0x80/0x280 [ 205.342334][ T7718] device_add+0x9a8/0x1a70 [ 205.342376][ T7718] ? __pfx_device_add+0x10/0x10 [ 205.342418][ T7718] ? lockdep_init_map_type+0x16d/0x7d0 [ 205.342461][ T7718] nfc_register_device+0x41/0x3c0 [ 205.342506][ T7718] nci_register_device+0x7f4/0xb80 [ 205.342541][ T7718] ? __pfx_nci_register_device+0x10/0x10 [ 205.342593][ T7718] virtual_ncidev_open+0x141/0x220 [ 205.342632][ T7718] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 205.342671][ T7718] misc_open+0x35a/0x420 [ 205.342703][ T7718] ? __pfx_misc_open+0x10/0x10 [ 205.342733][ T7718] chrdev_open+0x237/0x6a0 [ 205.342762][ T7718] ? __pfx_apparmor_file_open+0x10/0x10 [ 205.342791][ T7718] ? __pfx_chrdev_open+0x10/0x10 [ 205.342825][ T7718] ? file_set_fsnotify_mode+0x163/0x5d0 [ 205.342872][ T7718] do_dentry_open+0x735/0x1c40 [ 205.342901][ T7718] ? __pfx_chrdev_open+0x10/0x10 [ 205.342933][ T7718] ? inode_permission+0xdd/0x5f0 [ 205.342974][ T7718] vfs_open+0x82/0x3f0 [ 205.343005][ T7718] ? may_open+0x1f2/0x400 [ 205.343046][ T7718] path_openat+0x1e88/0x2d80 [ 205.343086][ T7718] ? __pfx_path_openat+0x10/0x10 [ 205.343114][ T7718] ? __pfx___lock_acquire+0x10/0x10 [ 205.343144][ T7718] ? lock_acquire.part.0+0x11b/0x380 [ 205.343176][ T7718] ? find_held_lock+0x2d/0x110 [ 205.343230][ T7718] do_filp_open+0x20c/0x470 [ 205.343260][ T7718] ? __pfx_do_filp_open+0x10/0x10 [ 205.343286][ T7718] ? find_held_lock+0x2d/0x110 [ 205.343351][ T7718] ? alloc_fd+0x41f/0x760 [ 205.343389][ T7718] do_sys_openat2+0x17a/0x1e0 [ 205.343424][ T7718] ? __pfx_do_sys_openat2+0x10/0x10 [ 205.343460][ T7718] ? fput+0x67/0x440 [ 205.343493][ T7718] ? __sys_sendmsg+0x19a/0x220 [ 205.343529][ T7718] __x64_sys_openat+0x175/0x210 [ 205.343565][ T7718] ? __pfx___x64_sys_openat+0x10/0x10 [ 205.343616][ T7718] do_syscall_64+0xcd/0x250 [ 205.343642][ T7718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.343679][ T7718] RIP: 0033:0x7f596e58cda9 [ 205.343699][ T7718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.343724][ T7718] RSP: 002b:00007f596f373038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 205.343747][ T7718] RAX: ffffffffffffffda RBX: 00007f596e7a6080 RCX: 00007f596e58cda9 [ 205.343764][ T7718] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 205.343778][ T7718] RBP: 00007f596e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 205.343794][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.343809][ T7718] R13: 0000000000000000 R14: 00007f596e7a6080 R15: 00007fff873b14b8 [ 205.343842][ T7718] [ 206.213438][ T7723] netlink: 28 bytes leftover after parsing attributes in process `syz.3.471'. [ 206.233486][ T7725] FAULT_INJECTION: forcing a failure. [ 206.233486][ T7725] name failslab, interval 1, probability 0, space 0, times 0 [ 206.256951][ T7725] CPU: 1 UID: 0 PID: 7725 Comm: syz.0.472 Not tainted 6.14.0-rc1-syzkaller #0 [ 206.257008][ T7725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 206.257038][ T7725] Call Trace: [ 206.257048][ T7725] [ 206.257059][ T7725] dump_stack_lvl+0x16c/0x1f0 [ 206.257112][ T7725] should_fail_ex+0x50a/0x650 [ 206.257150][ T7725] ? fs_reclaim_acquire+0xae/0x150 [ 206.257205][ T7725] should_failslab+0xc2/0x120 [ 206.257246][ T7725] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 206.257284][ T7725] ? __kernfs_new_node+0xd3/0x890 [ 206.257342][ T7725] __kernfs_new_node+0xd3/0x890 [ 206.257396][ T7725] ? __pfx___lock_acquire+0x10/0x10 [ 206.257438][ T7725] ? __pfx___kernfs_new_node+0x10/0x10 [ 206.257507][ T7725] ? find_held_lock+0x2d/0x110 [ 206.257566][ T7725] kernfs_new_node+0x186/0x240 [ 206.257609][ T7725] kernfs_create_dir_ns+0x4c/0x150 [ 206.257648][ T7725] internal_create_group+0x34e/0xf10 [ 206.257711][ T7725] ? __pfx_internal_create_group+0x10/0x10 [ 206.257769][ T7725] ? __pfx_dev_add_physical_location+0x10/0x10 [ 206.257808][ T7725] ? bus_to_subsys+0x12d/0x160 [ 206.257861][ T7725] dpm_sysfs_add+0x80/0x280 [ 206.257900][ T7725] device_add+0x9a8/0x1a70 [ 206.257947][ T7725] ? __pfx_device_add+0x10/0x10 [ 206.257994][ T7725] ? lockdep_init_map_type+0x16d/0x7d0 [ 206.258043][ T7725] nfc_register_device+0x41/0x3c0 [ 206.258095][ T7725] nci_register_device+0x7f4/0xb80 [ 206.258136][ T7725] ? __pfx_nci_register_device+0x10/0x10 [ 206.258202][ T7725] virtual_ncidev_open+0x141/0x220 [ 206.258241][ T7725] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 206.258280][ T7725] misc_open+0x35a/0x420 [ 206.258313][ T7725] ? __pfx_misc_open+0x10/0x10 [ 206.258346][ T7725] chrdev_open+0x237/0x6a0 [ 206.258377][ T7725] ? __pfx_apparmor_file_open+0x10/0x10 [ 206.258416][ T7725] ? __pfx_chrdev_open+0x10/0x10 [ 206.258452][ T7725] ? file_set_fsnotify_mode+0x163/0x5d0 [ 206.258503][ T7725] do_dentry_open+0x735/0x1c40 [ 206.258533][ T7725] ? __pfx_chrdev_open+0x10/0x10 [ 206.258568][ T7725] ? inode_permission+0xdd/0x5f0 [ 206.258609][ T7725] vfs_open+0x82/0x3f0 [ 206.258643][ T7725] ? may_open+0x1f2/0x400 [ 206.258686][ T7725] path_openat+0x1e88/0x2d80 [ 206.258729][ T7725] ? __pfx_path_openat+0x10/0x10 [ 206.258759][ T7725] ? __pfx___lock_acquire+0x10/0x10 [ 206.258790][ T7725] ? lock_acquire.part.0+0x11b/0x380 [ 206.258824][ T7725] ? find_held_lock+0x2d/0x110 [ 206.258870][ T7725] do_filp_open+0x20c/0x470 [ 206.258902][ T7725] ? __pfx_do_filp_open+0x10/0x10 [ 206.258929][ T7725] ? find_held_lock+0x2d/0x110 [ 206.258998][ T7725] ? alloc_fd+0x41f/0x760 [ 206.259037][ T7725] do_sys_openat2+0x17a/0x1e0 [ 206.259075][ T7725] ? __pfx_do_sys_openat2+0x10/0x10 [ 206.259110][ T7725] ? fput+0x67/0x440 [ 206.259146][ T7725] ? __sys_sendmsg+0x19a/0x220 [ 206.259183][ T7725] __x64_sys_openat+0x175/0x210 [ 206.259222][ T7725] ? __pfx___x64_sys_openat+0x10/0x10 [ 206.259296][ T7725] do_syscall_64+0xcd/0x250 [ 206.259326][ T7725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.259368][ T7725] RIP: 0033:0x7f98e2d8cda9 [ 206.259397][ T7725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.259426][ T7725] RSP: 002b:00007f98e3b7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 206.259452][ T7725] RAX: ffffffffffffffda RBX: 00007f98e2fa5fa0 RCX: 00007f98e2d8cda9 [ 206.259471][ T7725] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 206.259488][ T7725] RBP: 00007f98e2e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 206.259505][ T7725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.259522][ T7725] R13: 0000000000000000 R14: 00007f98e2fa5fa0 R15: 00007ffdb25927c8 [ 206.259559][ T7725] [ 207.466317][ T7740] HfR: entered promiscuous mode [ 207.484757][ T7740] netlink: 12 bytes leftover after parsing attributes in process `syz.3.475'. [ 207.493904][ T7740] HfR: left promiscuous mode [ 207.544408][ T7746] Invalid ELF header magic: != ELF [ 208.709540][ T7761] HfR: entered promiscuous mode [ 209.800005][ T7771] openvswitch: HfR: Dropping previously announced user features [ 209.861528][ T7780] Invalid ELF header magic: != ELF [ 210.206426][ T7782] openvswitch: HfR: Dropping previously announced user features [ 210.218757][ T7782] netlink: 12 bytes leftover after parsing attributes in process `syz.0.484'. [ 210.227771][ T7782] HfR: left promiscuous mode [ 210.624745][ T7789] Invalid ELF header magic: != ELF [ 211.730259][ T7803] openvswitch: HfR: Dropping previously announced user features [ 211.976850][ T7807] Invalid ELF header magic: != ELF [ 212.638992][ T29] audit: type=1804 audit(1738594823.364:4): pid=7821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.495" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=29 res=1 errno=0 [ 213.307073][ T7836] FAULT_INJECTION: forcing a failure. [ 213.307073][ T7836] name failslab, interval 1, probability 0, space 0, times 0 [ 213.367067][ T7836] CPU: 1 UID: 0 PID: 7836 Comm: syz.3.498 Not tainted 6.14.0-rc1-syzkaller #0 [ 213.367101][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 213.367116][ T7836] Call Trace: [ 213.367126][ T7836] [ 213.367136][ T7836] dump_stack_lvl+0x16c/0x1f0 [ 213.367183][ T7836] should_fail_ex+0x50a/0x650 [ 213.367215][ T7836] ? fs_reclaim_acquire+0xae/0x150 [ 213.367261][ T7836] ? s_start+0x7b/0x310 [ 213.367289][ T7836] should_failslab+0xc2/0x120 [ 213.367322][ T7836] __kmalloc_cache_noprof+0x68/0x420 [ 213.367350][ T7836] ? trace_kmalloc+0x2d/0xd0 [ 213.367388][ T7836] ? __kmalloc_node_noprof+0x23d/0x520 [ 213.367425][ T7836] s_start+0x7b/0x310 [ 213.367462][ T7836] seq_read_iter+0x2ab/0x12b0 [ 213.367519][ T7836] seq_read+0x39f/0x4e0 [ 213.367560][ T7836] ? __pfx_seq_read+0x10/0x10 [ 213.367619][ T7836] ? rw_verify_area+0xcf/0x680 [ 213.367659][ T7836] ? __pfx_seq_read+0x10/0x10 [ 213.367700][ T7836] vfs_read+0x1df/0xbf0 [ 213.367725][ T7836] ? __fget_files+0x1fc/0x3a0 [ 213.367753][ T7836] ? __pfx___mutex_lock+0x10/0x10 [ 213.367794][ T7836] ? __pfx_vfs_read+0x10/0x10 [ 213.367829][ T7836] ? __fget_files+0x206/0x3a0 [ 213.367867][ T7836] ksys_read+0x12b/0x250 [ 213.367892][ T7836] ? __pfx_ksys_read+0x10/0x10 [ 213.367929][ T7836] do_syscall_64+0xcd/0x250 [ 213.367963][ T7836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.368001][ T7836] RIP: 0033:0x7f2af638cda9 [ 213.368021][ T7836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.368046][ T7836] RSP: 002b:00007f2af72a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 213.368070][ T7836] RAX: ffffffffffffffda RBX: 00007f2af65a6080 RCX: 00007f2af638cda9 [ 213.368087][ T7836] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 213.368102][ T7836] RBP: 00007f2af72a4090 R08: 0000000000000000 R09: 0000000000000000 [ 213.368118][ T7836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 213.368133][ T7836] R13: 0000000000000001 R14: 00007f2af65a6080 R15: 00007ffc0c1c6c48 [ 213.368167][ T7836] [ 213.368303][ T7836] [ 213.422769][ T29] audit: type=1800 audit(1738594824.094:5): pid=7826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.496" name="version" dev="configfs" ino=16773 res=0 errno=0 [ 213.426492][ T7836] ===================================== [ 213.426504][ T7836] WARNING: bad unlock balance detected! [ 213.609646][ T7836] 6.14.0-rc1-syzkaller #0 Not tainted [ 213.615014][ T7836] ------------------------------------- [ 213.620549][ T7836] syz.3.498/7836 is trying to release lock (event_mutex) at: [ 213.627928][ T7836] [] seq_read_iter+0x5ff/0x12b0 [ 213.634380][ T7836] but there are no more locks to release! [ 213.640103][ T7836] [ 213.640103][ T7836] other info that might help us debug this: [ 213.648154][ T7836] 2 locks held by syz.3.498/7836: [ 213.653174][ T7836] #0: ffff88802dee4638 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x267/0x390 [ 213.662256][ T7836] #1: ffff888030d7d0a0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xd8/0x12b0 [ 213.671166][ T7836] [ 213.671166][ T7836] stack backtrace: [ 213.677062][ T7836] CPU: 1 UID: 0 PID: 7836 Comm: syz.3.498 Not tainted 6.14.0-rc1-syzkaller #0 [ 213.677088][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 213.677102][ T7836] Call Trace: [ 213.677108][ T7836] [ 213.677117][ T7836] dump_stack_lvl+0x116/0x1f0 [ 213.677154][ T7836] ? seq_read_iter+0x5ff/0x12b0 [ 213.677188][ T7836] print_unlock_imbalance_bug+0x1aa/0x1f0 [ 213.677216][ T7836] lock_release+0x525/0x6f0 [ 213.677242][ T7836] ? seq_read_iter+0x5ff/0x12b0 [ 213.677277][ T7836] ? __pfx_lock_release+0x10/0x10 [ 213.677304][ T7836] ? dump_stack_lvl+0x197/0x1f0 [ 213.677338][ T7836] ? dump_stack_lvl+0x1a1/0x1f0 [ 213.677371][ T7836] ? dump_stack_lvl+0x1a3/0x1f0 [ 213.677407][ T7836] __mutex_unlock_slowpath+0xa3/0x6a0 [ 213.677446][ T7836] ? rcu_is_watching+0x12/0xc0 [ 213.677481][ T7836] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 213.677517][ T7836] ? __kmalloc_cache_noprof+0x261/0x420 [ 213.677542][ T7836] ? rcu_is_watching+0x12/0xc0 [ 213.677576][ T7836] ? kfree+0x260/0x4d0 [ 213.677597][ T7836] ? s_start+0x27d/0x310 [ 213.677624][ T7836] seq_read_iter+0x5ff/0x12b0 [ 213.677664][ T7836] seq_read+0x39f/0x4e0 [ 213.677700][ T7836] ? __pfx_seq_read+0x10/0x10 [ 213.677741][ T7836] ? rw_verify_area+0xcf/0x680 [ 213.677776][ T7836] ? __pfx_seq_read+0x10/0x10 [ 213.677811][ T7836] vfs_read+0x1df/0xbf0 [ 213.677832][ T7836] ? __fget_files+0x1fc/0x3a0 [ 213.677855][ T7836] ? __pfx___mutex_lock+0x10/0x10 [ 213.677891][ T7836] ? __pfx_vfs_read+0x10/0x10 [ 213.677915][ T7836] ? __fget_files+0x206/0x3a0 [ 213.677947][ T7836] ksys_read+0x12b/0x250 [ 213.677968][ T7836] ? __pfx_ksys_read+0x10/0x10 [ 213.677993][ T7836] do_syscall_64+0xcd/0x250 [ 213.678014][ T7836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.678047][ T7836] RIP: 0033:0x7f2af638cda9 [ 213.678064][ T7836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.678087][ T7836] RSP: 002b:00007f2af72a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 213.678107][ T7836] RAX: ffffffffffffffda RBX: 00007f2af65a6080 RCX: 00007f2af638cda9 [ 213.678122][ T7836] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 213.678135][ T7836] RBP: 00007f2af72a4090 R08: 0000000000000000 R09: 0000000000000000 [ 213.678149][ T7836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 213.678162][ T7836] R13: 0000000000000001 R14: 00007f2af65a6080 R15: 00007ffc0c1c6c48 [ 213.678182][ T7836] [ 214.010193][ T7838] netlink: 12 bytes leftover after parsing attributes in process `syz.0.499'. [ 214.074289][ T7840] openvswitch: HfR: Dropping previously announced user features