last executing test programs: 16.501390772s ago: executing program 2 (id=1646): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) socket(0xa, 0x801, 0x84) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x6}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0x5) r2 = socket(0x2, 0x1, 0x106) setsockopt$auto(r2, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x7}, 0x6}, 0x5, 0x20000000) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x81) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r3, 0x0, 0x0) getsockopt$auto(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 14.990640854s ago: executing program 2 (id=1650): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) prctl$auto(0x1000000003b, 0x101, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rmdir$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) connect$auto(0x3, 0x0, 0x55) 10.861144363s ago: executing program 2 (id=1659): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/projid_map\x00', 0x100000, 0x0) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r0, 0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) select$auto(0xfffffffb, 0x0, &(0x7f0000000500)={[0x1, 0x101, 0x9, 0x4a, 0x0, 0x7, 0x0, 0x3, 0x3, 0x7f, 0x51c7, 0x7, 0x8, 0x9, 0x1, 0x8000000000000001]}, &(0x7f0000000580)={[0x9, 0x8, 0xfffffffffffffc01, 0x4, 0xfffd, 0x9, 0x16, 0x7fffffff, 0x8, 0x400, 0x69, 0x1, 0x5, 0x2, 0x5]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0x9, 0x37, 0x948a, 0x101, 0x15f4da0b, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x8, 0x9, 0xfffffffffffffffc]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x8000000000000000, 0x15) inotify_rm_watch$auto(r0, 0x3) madvise$auto(0x0, 0x2000000080000001, 0x3) 10.100469625s ago: executing program 0 (id=1660): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181400, 0x0) mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) r0 = socket(0x1, 0x80000, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x101080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r1 = socket(0x15, 0x5, 0x0) r2 = socket(0x2, 0x6, 0x0) getsockopt$auto(r2, 0x10d, 0xc, 0x0, 0x0) setsockopt$auto(r1, 0x114, 0xa, 0x0, 0x4) ioctl$auto(r0, 0x4004d4d8, r0) 9.548175956s ago: executing program 0 (id=1662): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x6, 0x0) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(r0, 0x1, 0x3e, 0x0, 0xc20) (async) setsockopt$auto(r0, 0x1, 0x3e, 0x0, 0xc20) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback}, 0x55) (async) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback}, 0x55) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) (async) write$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioperm$auto(0x1000, 0x43, 0x6) socket$nl_generic(0x10, 0x3, 0x10) process_mrelease$auto(0x24d, 0xd) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xc8440, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) (async) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0xe0000, 0x0) (async) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0xe0000, 0x0) socketpair$auto(0x500, 0x3c000, 0x40, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/system/node/node1/cpumap\x00', 0x48000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/124, 0x7c) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x0, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x7, 0x10000000007, 0x6d3c, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x0, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x7, 0x10000000007, 0x6d3c, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) mkdir$auto(0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffff7effffd01, &(0x7f00000001c0)) ioctl$auto_BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x1) read$auto(r4, 0x0, 0x1f40) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 8.295978058s ago: executing program 0 (id=1665): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2020009, 0xe2, 0xeb1, 0x8, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x4, &(0x7f0000000000), 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) sendmsg$auto_NL80211_CMD_GET_POWER_SAVE(r1, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r2, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x35}]}, 0x1c}}, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0xffffffff, 0x1, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x2, 0x5, 0x5, @inferred, @integer={0x7, 0x5, 0x5}, "7a9ec199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0eda71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) r3 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r3, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='L\f', 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7, 0x9}, 0x4}, 0x7, 0x2) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffb8, &(0x7f00000002c0)={0x0, 0xfdef}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 7.89654981s ago: executing program 2 (id=1667): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) prctl$auto(0x1000000003b, 0x101, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rmdir$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) connect$auto(0x3, 0x0, 0x55) 7.516834578s ago: executing program 3 (id=1668): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000080) sendmsg$auto_NFC_CMD_VENDOR(r0, 0x0, 0x4000001) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x9, 0x4, 0x9, 0x7, 0x3c, 0x101, 0x1ffc0, 0x4, 0x6, 0x7fffffffffffffff, 0x0, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x82, 0x7, 0x0, 0x7, 0x8, 0x200, 0x4, 0x84, [0x0, 0x7, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x401, 0x6, 0x70624ce7, 0x0, 0x4, 0xb, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x400000000005b8, 0x100000000c, 0x0, 0x800, 0x0, 0x7, 0x2, 0xfc78, 0x8000000000008, 0x4, 0x200000000009, 0xa38, 0x4, 0xffffffffffffffff, 0x3, 0x2, 0x4000000001, 0x0, 0x4, 0xffff]}, 0x202, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x1) madvise$auto(0x0, 0x20499d, 0x9) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, 0x0) clock_adjtime$auto(0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/name\x00', 0x8e0a00, 0x0) read$auto_drm_debugfs_entry_fops_drm_debugfs(r5, &(0x7f0000000180)=""/4125, 0x101d) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r6, 0x5412, 0x0) 6.318492587s ago: executing program 0 (id=1671): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x163742, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x282000b, 0x2, 0xeb1, 0xffffffffffffffff, 0x495ce92a) futex_wake$auto(0x0, 0x7, 0xffefffff, 0x12) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x4) write$auto(0x3, 0x0, 0xfffffded) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101a41, 0x0) write$auto(r1, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) socket(0x2b, 0x2, 0xfffffffd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYBLOB="01", @ANYRES32], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) recvfrom$auto(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffff5, 0xaa, 0x0, 0x0) io_uring_setup$auto(0xd, 0x0) migrate_pages$auto(0x0, 0x99, 0x0, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) madvise$auto_MADV_PAGEOUT(0x0, 0x4655, 0x15) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 5.175702175s ago: executing program 1 (id=1673): r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) unshare$auto(0x40000080) open(0x0, 0x0, 0x408) socket(0x8, 0x5, 0x0) ioctl$auto(0x1, 0x8941, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), r1) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x3c, r3, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @u32=0x4}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44000884}, 0xc880) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000a00)={'wlan1\x00', 0x0}) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001440)='/sys/devices/virtual/block/nbd1/queue/iosched/fifo_batch\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000001480)=""/248, 0xf8) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) sendfile$auto(r7, r7, 0x0, 0xe00000000) mseal$auto(0x1ffff000, 0xfffffffffffffff3, 0x0) socket(0x2, 0x80002, 0x73) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1fd, 0x7, 0x2, 0x7184, 0x1ffe1, 0x7, 0x3, 0x9, 0x9, 0x8, 0x4, 0x200000000001, 0x6, 0xfffffffffffffff8, 0x8, 0x6, 0x4000080, 0x8000, 0x100, 0x9, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x6, 0x0, 0x2, 0x7, 0x2000, 0x0, 0x5a17a924, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x4080, 0x7fffffff, 0xa, 0xfffffffffffbfff9, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x0, 0x8, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x1, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa3c, 0x0, 0x3, 0x3ff, 0x2, 0x8, 0x7, 0xc567]}, 0x1fe, 0x4000d) r8 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r8, 0xfffffff7fffffd06, &(0x7f00000001c0)) r9 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/rpc/auth.unix.gid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r9, &(0x7f00000001c0)="202dd9", 0x3) socket(0x23, 0x2, 0x0) ioctl$auto(0x3, 0x89e0, 0x38) mseal$auto(0x1, 0xa11, 0x41) sendmsg$auto_ETHTOOL_MSG_RINGS_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000000)={0x20, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000805}, 0x20004884) lstat$auto(0x0, &(0x7f0000000180)={0x7, 0xfffffffffffffffe, 0x100000001, 0x1, 0x0, 0x0, 0x0, 0x100000000a, 0x7, 0x7fffffffffffffff, 0x1, 0x7fffffff, 0x5, 0x8000000000007, 0x7, 0x7d6, 0x40000103}) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) 5.012699819s ago: executing program 0 (id=1674): read$auto(0x3, 0x0, 0x7) fallocate$auto(0xffffffffffffffff, 0x40, 0x80000000000010, 0xdbd60) write$auto(0xffffffffffffffff, 0x0, 0x2) lsm_set_self_attr$auto(0x3, 0xfffffffffffffffc, 0x1f, 0x8000000000000000) write$auto(0xffffffffffffffff, &(0x7f0000000900)='j\xa2\xb1\n\xb4\xd3\x00\x00\x00\x00\x8e\xc4\x97\x8a\x10\xd5<\xa7J\xb1\x00$\xd6\xfd\xca}\xa3\v\xfc7\x93S8\x02\x88pmh\x14\x86p\x04\\8\xe1|\xa8s\xa7\xdbLq\x0e\xdb\xa7\xb3\x94R\xb3D0\xf1Uf\a\x9f4\xb0\x957\xa6\xcd\xeb\x87^I\xf4\x0f\x18\x80h\xaau\x94\x1c\xd1\xb1c\xafZ\xb1\xf3\v\xd5\x1f\x14\x8c\x1bi\x90\xc8[\xecE\xfdwm\xb6\xf1Wj\xab\xfcIU\xce9\b\xcc\xfc&G*\xe5\x96\x91x\x93}$\x813*\xd4\x16\'w\xad<\xf6\xb1\xd2\xe5\xc3\x19\xfb\x15\xd5U\x80BL\xd8\x19\'\x19\b8\x96\xfb\x9f\xf9y\xf0:\xa18\xd8s\xf6~\x86\x84\xd6\xc1\xdaGo\xcc\xe1\xedq\x06\xb8\xb5\xaf4\xa3\xf5\xf0\xd1\xc13F\xfa.\xf0\"\x12\xe4\x1a\xed\xb7\xaeC\xceDwn\xc5C3v&%\xe0\xe7\xc6\x89\xbb\nH\x0fF\xdc\x03\xba\x18Y\x9d\x7f\xc8B\xfai\x8f]\xcf\x11F\xcb4\x90\x84\n\xea\xd0\x1d0\xb5\xcc\x1f\xf8\xf7\xbb\xf6\xb0\xc3D\xffb\xdchM\xeaq`\xc3\x9bfw\x9d|m0:\xd3\xb3$\xabJ\x84b\x1d\x12\xd0\xf7{\x19\x1cu\x94\x85\xd7\xf7\x88\x8a\xb1\x1c\xc3\x8d\x85.\xb3\xebE\xc2\xa5\r\xf7l\xdd~\xfe\a\xd5K\xb0\v}_\x92s\x9a\x06\x06\xa9I\x86\xc4\xdc\x83\x03\r\x93HXz4\xed\xa5\xd2f3E\xc6\xb7)\x1d\xb2^\x8a\x0e\x1bv\x10\xeffv\x95|\xfb+|\b\xf5\xf4\"t\xd5\xf3%\xb0\x12Y\xa4\xbf\xf8\xb8\xeaF\x91\x96\x9dO`\xf0Pv\xb9\xeb\xf7\xc6\xd7\n\x90B\xe9\f\x8c)\x83iYy\xf3\n\xd7\xbb\x19\xe9~\xbc\x8f\xf4\xda\xcc\xfe6nu\xb8\x82l\x1djc\xe9\xce\"\x1a\x19:G\xa3\xb5\xd34\xe3\xf9>\x91*\xb4\xd7M\xa7\xd3\x19\xed\xf3\xbb\xd8\xb6_\xdb\xec\xacM\xb1\xfc\xcd^\xd1\x18\xf6\t\x12\xdd\n\x16VT\xedT\xa2J\xa4\xe4{\x12\x8df\xed\xd9Q.\xd7\x03+?\r\x98J\x9a\x13\x17\x9c1\xe6\xf7\xaf\x99k&\x96w\xa5\x0e \x01\xe5\xeb\x92\xe2\xd5\xc0\x88D\x06tE\xeb~q>T\x0f\xfa\x1e\xea\xb9H\x1a\xf9VHW;D\xc0\x98\ncs\xbf\xe48*\x8b\ry\x9di\xb2=\xeaI\xd6\xec\xd9\xf6\x15\xf9\x02R\xd0\xaeb\xe0\xab\x01\xb6R\xbc\x88\x13r:\x9a\x99\xc0\x81\x01\xd7\xe2\xcd\xe5\x1f9+\xd2hOp\x95\xf0\x18x\xda{\xbe\x82\xa7\xc1\xbdZ\xc1\xa2o\xae\x13w\xd6\xe3\xfe\x91\x81\x9c\xbb\x9d\x9a\x10\xf9\xd7\xcc\'\xdc\xbf\x1b\xd0\x14F\x19\x86\x9b\xeb\xce\xba\xe4*\x8a\x11\x1b=\xa6\x89Y\x1b\xa2\xde\xac\x0e[N\xb4\xd7x!\x95\xbb%\xb3o\x00\xc3\x9f\xaa(\xac\xf7\xcc\xe6\xeb\x97\xab\xabz\xd5\xe8\x15:\xd8Ck\xed.\x81\xa0I:Vs0\xe6\xf5jE\xff\xd1\xd8\x1bHQXd-ifA\xdcO\xfb\xe4\xca\xcb\xc0\xd8~\xf1\xb2u\xb1B-\x90\xfe\xd5\xe7\x85\xea /\xa0\r|\x04\x8fG\x8e\x8e\x8d{\xbd\x9bb\x02\x96d\'\xc7\"_\b\xae\xef\xdb\xa8dqY\xaa\x13]H\xe0\xf9\x8a\xa2\xec\xb0eI\x9f\xc9\x8bhw\xcfTG\xdf\x19\x83\x04\xe7\xa4\xa21\xbd\"\x89\xb9\xc2\xe8\xad\x1aR-\x95\x10\xde(\x01\xbf\xe0\x04b\x84S\au\r\x1d\x8c\x19\x81\xb8\xf2\xcd\a\xe3-\xc6\x82O0\x14\v}^\x00\x00\xca\x1f\x83\x85z\x81\xd9\xa3\xbc\xac\x1e\xf4\xfb\xef9t\')\xe1Q\x03\x80\xcc\x13\xd5\x16\x03\xe7\xab\xf2a\x9a}4]\xbd\xb6\x98\x02\xa2\"$\xb9\x9cb\xfc<\x99\xd1S\x9e=\xd7w66\xf4\x86\v\x00`\x95\x1bT\x0f\"\xe9P\x85UR\xbc\xda\x1fH\x9c\x00\x00\x00\x00\x00\x00\x00\b-LW\xc4\x91\x17\xc5\x86,N6\x9e\xa6\xeb@VA\xf6\xd0\x14\xcc{:', 0x8) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) ioctl$auto_TIOCSBRK(r0, 0x5427, &(0x7f0000000240)) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) r1 = socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x84, 0x3, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x20, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x2, 0x5, 0x0, 0x4, 0x5, 0xffffffffffffff00, 0x2, 0x3, 0x4000205, 0x7, 0x0, 0x0, 0x0, 0x3, 0x100, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x800000008, 0x0, 0x413f, 0xfee, 0x4, 0x0, 0x0, 0x0, 0x1000, 0xde7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9, 0x3, 0xfffffffffffffffc, 0x6, 0xfffffffffffffffe, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x9, 0x0, 0xfffffffffffffffc, 0x6, 0xfffffffffffffffe, 0xe6e, 0x0, 0x0, 0x0, 0xfffffbfffffffffe]}, 0x7, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (fail_nth: 19) lsm_get_self_attr$auto(0x9, &(0x7f0000000380)={0x5, 0x9, 0x4, 0x6c, "cccfb92cefc3e485caac0d32080d87ddadbb134398dc134470e1cb36294e03c0b0fe212af8999ccad089dfa6f1c02df45e8b1c1f06a7d1f2d5c6a5adc8f54db11c71ed3a2d9aa3978866b8afde07ab5eb37d74e57413d65b3b2738bcc38e367d97567cbe0932502d0f6b5e1b"}, &(0x7f0000000000)=0x5, 0x10001) 4.331678297s ago: executing program 3 (id=1675): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/projid_map\x00', 0x100000, 0x0) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r0, 0x0, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0) select$auto(0xfffffffb, 0x0, &(0x7f0000000500)={[0x1, 0x101, 0x9, 0x4a, 0x0, 0x7, 0x0, 0x3, 0x3, 0x7f, 0x51c7, 0x7, 0x8, 0x9, 0x1, 0x8000000000000001]}, &(0x7f0000000580)={[0x9, 0x8, 0xfffffffffffffc01, 0x4, 0xfffd, 0x9, 0x16, 0x7fffffff, 0x8, 0x400, 0x69, 0x1, 0x5, 0x2, 0x5]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0x9, 0x37, 0x948a, 0x101, 0x15f4da0b, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x8, 0x9, 0xfffffffffffffffc]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x8000000000000000, 0x15) inotify_rm_watch$auto(r0, 0x3) madvise$auto(0x0, 0x2000000080000001, 0x3) 4.164356285s ago: executing program 0 (id=1676): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) prctl$auto(0x1000000003b, 0x101, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rmdir$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) connect$auto(0x3, 0x0, 0x55) 3.655579154s ago: executing program 1 (id=1677): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video23\x00', 0x80000, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) ioctl$auto(0x3, 0x4020565a, 0x38) close_range$auto(0x2, 0xa, 0x0) 3.592534879s ago: executing program 3 (id=1678): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7, 0x9}, 0x4}, 0x7, 0x2) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffb8, &(0x7f00000002c0)={0x0, 0xfdef}, 0x1, 0x0, 0xa00, 0x9}, 0x7}, 0x3, 0x0) 3.334411919s ago: executing program 1 (id=1679): mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = eventfd$auto(0x3) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) ioctl$auto_PPPIOCSFLAGS(r2, 0x40047459, &(0x7f0000000040)=0x200) recvmmsg$auto(r1, &(0x7f0000000380)={{0x0, 0x1, &(0x7f0000000000)={0x0, 0x400}, 0x4, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10010, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4) mmap$auto(0x2, 0x20009, 0xe4, 0x10, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) 3.037067984s ago: executing program 3 (id=1680): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/tx_maxrate\x00', 0x10b142, 0x0) read$auto(r0, &(0x7f0000000000)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/tx_maxrate\x00', 0x3) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video23\x00', 0x80000, 0x0) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r1, 0x0, 0x400018) ioctl$auto(0x3, 0x4020565a, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2, 0x1, 0x0) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0xffff, 0x20000000) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) close_range$auto(0x2, 0xa, 0x0) 2.877997614s ago: executing program 2 (id=1681): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000040), 0x251380, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = userfaultfd$auto(0x0) statx$auto(r2, 0x0, 0x1000, 0x8, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffdb, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x8000, 0x9, 0x8, 0x77, 0x4000077, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x0, 0x2, 0x1, 0x2, 0x0, 0x402000, 0x0, 0xe, 0x1, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x3, 0x6, 0x0, 0x8, 0xfffffffffffffffe, 0x8, 0x10000000000, 0xfbffffffffffffff, 0xc2, 0x2f, 0x0, 0x6, 0x1006, 0x400000000005b5, 0xffff, 0x0, 0xff, 0x0, 0x1000, 0x2, 0x88e, 0x7, 0xfffffffffffffffc, 0x8, 0xa38, 0x4, 0x4000003, 0x9, 0x2, 0x8, 0x10000000027, 0xc567]}, 0x9, 0xd) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8003) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="ea12e528ded30ff1309c8b1613"], 0x14}}, 0x4000080) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) write$auto(r4, &(0x7f0000000000)='y\x8c', 0x2) close_range$auto(r2, r2, 0x0) get_mempolicy$auto(&(0x7f0000000180)=0x6, &(0x7f0000000280)=0x5, 0xa6, 0xfff, 0x3) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r0, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fcdbdf252900000020cf5a801400020076657468ff7f00005f626f6e640000370008000400faff"], 0x34}, 0x1, 0x300, 0x0, 0x408d1}, 0x0) socket(0x2, 0x2, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) socket(0x28, 0x1, 0x0) 1.835383809s ago: executing program 2 (id=1682): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) prctl$auto(0x1000000003b, 0x101, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc) madvise$auto(0x0, 0xffffffffffff0001, 0x15) rmdir$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) connect$auto(0x3, 0x0, 0x55) 1.79639367s ago: executing program 3 (id=1683): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IEEE802154_LIST_IFACE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0003293d7000fbdbdf251f000000050020000100000006000bde0b0006000500190005000009003712764f1612e88fa70000000c000f000000000000100000050022d2bb86ebe3fd2b6ae67fb91e239244b12461465e9a6c0ea500eca3416ef46f30166d91558bcb59a782d1d16116f60cd1d3727381ec9f0d7bc7d21041a982b25d614a352f"], 0x50}, 0x1, 0x0, 0x0, 0x2000004}, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/lowpan0/phys_port_name\x00', 0x80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000240)=""/56, 0x38) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x29, 0x2, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r3, 0x89f2, 0x24) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) write$auto(r5, 0x0, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0) sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x20004085) write$auto(r6, 0x0, 0x3) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200", @ANYRES32=0xee00, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) 1.717563287s ago: executing program 1 (id=1684): r0 = semctl$auto_IPC_STAT(0xe, 0xc, 0x2, 0x3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRES8=r2, @ANYRES8=r1, @ANYRES8=r1, @ANYRES8=r3, @ANYRESHEX=0x0, @ANYRESHEX=r1, @ANYRES32=r0, @ANYRES16=r0, @ANYRESOCT, @ANYRES16], 0x34}, 0x1, 0x0, 0x0, 0x20000091}, 0x24000080) mmap$auto(0x2, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x5e45, 0x1200, 0x0, 0x0) r4 = socket(0x9, 0x1, 0x4) syz_genetlink_get_family_id$auto_ethtool(0x0, r4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x800db, 0xebe, r4, 0xb08) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0x1a, 0x1, 0x106) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x6, 0x19, 0x0, 0xfb3) bind$auto(0x3, 0x0, 0x6a) close_range$auto(0x2, 0xa, 0x0) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r5, 0x5522, 0xf15) ioctl$auto(r5, 0x5522, r5) write$auto(0xffffffffffffffff, 0x0, 0x81) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/README\x00', 0x20400, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 1.282837274s ago: executing program 1 (id=1685): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x163742, 0x0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x282000b, 0x2, 0xeb1, 0xffffffffffffffff, 0x495ce92a) futex_wake$auto(0x0, 0x7, 0xffefffff, 0x12) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x4) (fail_nth: 3) write$auto(0x3, 0x0, 0xfffffded) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/dfscache\x00', 0x101a41, 0x0) write$auto(r1, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) socket(0x2b, 0x2, 0xfffffffd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYBLOB="01", @ANYRES32], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) recvfrom$auto(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffff5, 0xaa, 0x0, 0x0) io_uring_setup$auto(0xd, 0x0) migrate_pages$auto(0x0, 0x99, 0x0, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) madvise$auto_MADV_PAGEOUT(0x0, 0x4655, 0x15) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 341.313061ms ago: executing program 3 (id=1686): set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x282000b, 0x2, 0xeb1, 0xffffffffffffffff, 0x495ce92a) futex_wake$auto(0x0, 0x7, 0xffefffff, 0x12) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) (fail_nth: 7) write$auto(r0, 0x0, 0x4) write$auto(0x3, 0x0, 0xfffffded) socket(0xa, 0x3, 0x6) write$auto(0xffffffffffffffff, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) socket(0x2b, 0x2, 0xfffffffd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYRES8, @ANYBLOB="01", @ANYRES32], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) recvfrom$auto(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffff5, 0xaa, 0x0, 0x0) io_uring_setup$auto(0xd, 0x0) migrate_pages$auto(0x0, 0x99, 0x0, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) madvise$auto_MADV_PAGEOUT(0x0, 0x4655, 0x15) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 0s ago: executing program 1 (id=1687): openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x10b040, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x44000, 0x0) socket(0x2, 0x1, 0x0) sendmsg$auto_NFC_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0) open(0x0, 0x2a4c0, 0x0) unshare$auto(0x40000080) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) prctl$auto_PR_GET_UNALIGN(0x5, 0x5, 0xffffffffffffffff, 0x5, 0x5) openat$auto_proc_mountstats_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) mmap$auto(0x3, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0xa, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)=""/226, 0xe2) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) pipe$auto(&(0x7f0000000180)=r1) vmsplice$auto(r3, &(0x7f0000000000)={0x0, 0x7}, 0x5, 0x1) close_range$auto(0x2, 0xa, 0x0) statmount$auto(&(0x7f0000000140)={0x9, @inferred=r0, 0x6, 0x5, 0xfffffffffffffff8}, &(0x7f0000000240)={0x1, 0xc0e, 0x0, 0x5, 0x7, 0x0, 0x1, 0xb32d, 0x0, 0x100000000, 0xfffffffd, 0x299f, 0x4, 0xfffffffffffffff7, 0xdaf, 0xb, 0x100000001, 0x0, 0x1, 0xffffffffffffffc0, 0x40, 0x5, 0x7f, 0x9de, 0x7fffffff, 0x2, [0xa84, 0x3, 0x5b1, 0x0, 0x8, 0x7, 0xfff, 0x401, 0x2, 0x67, 0x67, 0xb8, 0x2, 0x5, 0xe16, 0x3, 0x5, 0xf, 0x4, 0x5, 0x3e1, 0x90, 0x3, 0x7fffffff, 0x9, 0x100000001, 0x5aa, 0x4, 0xa60f, 0x2, 0x2, 0x3, 0xfffffffffffffffe, 0x5, 0xffff, 0x2, 0x2d, 0x6, 0x5f8, 0x4, 0x5, 0x9, 0x8000000000000000, 0x4d6, 0x7, 0x7fffffff], "a918d164dab2238b07fd640eb380f91c9e40ee0395f87673fbe955ba69da0697863630fe3fba1c758e8b87ab7d4d725fab16d52f0e4a7972eea3135c6a8aa2eb99a987d1efa9b317f906cdb2d954d9acc75460905b852763b71578e1fdc919656c6bb8fd03a1fcbb4948e8e47a494eb93d4f38a7be1b3c0f7cb1aae2b5daa8921fad967f2bdf5ce3d35ce24a9b99c72fc1ea5d5770c8a6d351e2b2a5f1b2be3f99ebdb22558b88"}, 0x1, 0x3) madvise$auto(0x0, 0x9, 0x19) madvise$auto(0x0, 0x53, 0x9) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000200)='5', 0x1) msync$auto(0x0, 0x2000000005, 0x6) mmap$auto(0x0, 0x2020008, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kernel console output (not intermixed with test programs): T10526] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1095'. [ 485.421064][T10546] FAULT_INJECTION: forcing a failure. [ 485.421064][T10546] name failslab, interval 1, probability 0, space 0, times 0 [ 485.458169][T10546] CPU: 1 UID: 0 PID: 10546 Comm: syz.0.1101 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 485.458211][T10546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 485.458229][T10546] Call Trace: [ 485.458238][T10546] [ 485.458249][T10546] dump_stack_lvl+0x16c/0x1f0 [ 485.458295][T10546] should_fail_ex+0x50a/0x650 [ 485.458344][T10546] ? fs_reclaim_acquire+0xae/0x150 [ 485.458387][T10546] ? constrain_params_by_rules+0x176/0xca0 [ 485.458423][T10546] should_failslab+0xc2/0x120 [ 485.458470][T10546] __kmalloc_noprof+0xcb/0x510 [ 485.458514][T10546] ? unwind_get_return_address+0x59/0xa0 [ 485.458562][T10546] ? arch_stack_walk+0xa7/0x100 [ 485.458592][T10546] constrain_params_by_rules+0x176/0xca0 [ 485.458638][T10546] ? stack_trace_save+0x95/0xd0 [ 485.458677][T10546] ? stack_depot_save_flags+0x28/0x9c0 [ 485.458728][T10546] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 485.458776][T10546] ? __kasan_kmalloc+0xaa/0xb0 [ 485.458827][T10546] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 485.458863][T10546] ? snd_pcm_oss_change_params_locked+0x136c/0x3a60 [ 485.458896][T10546] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 485.458948][T10546] ? snd_interval_refine+0x2fa/0x580 [ 485.459001][T10546] snd_pcm_hw_refine+0x7e8/0xad0 [ 485.459045][T10546] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 485.459100][T10546] ? _snd_pcm_hw_param_min+0x259/0x630 [ 485.459141][T10546] snd_pcm_hw_param_near.constprop.0+0x597/0x8f0 [ 485.459184][T10546] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 485.459224][T10546] ? calc_src_frames.isra.0+0x187/0x1d0 [ 485.459270][T10546] snd_pcm_oss_change_params_locked+0x136c/0x3a60 [ 485.459323][T10546] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 485.459360][T10546] ? __mutex_lock+0x1cc/0xb10 [ 485.459428][T10546] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 485.459473][T10546] snd_pcm_oss_ioctl+0x21d5/0x3780 [ 485.459516][T10546] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 485.459559][T10546] ? __fget_files+0x206/0x3a0 [ 485.459610][T10546] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 485.459648][T10546] __x64_sys_ioctl+0x190/0x200 [ 485.459692][T10546] do_syscall_64+0xcd/0x250 [ 485.459738][T10546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.459783][T10546] RIP: 0033:0x7f2e6cb8d169 [ 485.459815][T10546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.459845][T10546] RSP: 002b:00007f2e6d9ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 485.459875][T10546] RAX: ffffffffffffffda RBX: 00007f2e6cda6080 RCX: 00007f2e6cb8d169 [ 485.459896][T10546] RDX: 0000400000000040 RSI: 00000000c0045002 RDI: 0000000000000005 [ 485.459915][T10546] RBP: 00007f2e6d9ae090 R08: 0000000000000000 R09: 0000000000000000 [ 485.459934][T10546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 485.459951][T10546] R13: 0000000000000001 R14: 00007f2e6cda6080 R15: 00007ffc75bf2eb8 [ 485.459991][T10546] [ 485.757488][ C1] vkms_vblank_simulate: vblank timer overrun [ 486.159088][T10548] cougar: G6 mapped to space [ 486.171954][T10548] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1102'. [ 486.387140][T10553] FAULT_INJECTION: forcing a failure. [ 486.387140][T10553] name failslab, interval 1, probability 0, space 0, times 0 [ 486.449602][T10553] CPU: 1 UID: 0 PID: 10553 Comm: syz.2.1103 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 486.449644][T10553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 486.449662][T10553] Call Trace: [ 486.449671][T10553] [ 486.449689][T10553] dump_stack_lvl+0x16c/0x1f0 [ 486.449737][T10553] should_fail_ex+0x50a/0x650 [ 486.449787][T10553] ? fs_reclaim_acquire+0xae/0x150 [ 486.449830][T10553] ? constrain_params_by_rules+0x176/0xca0 [ 486.449864][T10553] should_failslab+0xc2/0x120 [ 486.449894][T10553] __kmalloc_noprof+0xcb/0x510 [ 486.449958][T10553] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 486.450002][T10553] constrain_params_by_rules+0x176/0xca0 [ 486.450042][T10553] ? arch_stack_walk+0xa7/0x100 [ 486.450085][T10553] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 486.450124][T10553] ? stack_trace_save+0x95/0xd0 [ 486.450159][T10553] ? __pfx_stack_trace_save+0x10/0x10 [ 486.450195][T10553] ? hlock_class+0x4e/0x130 [ 486.450242][T10553] ? snd_pcm_oss_change_params_locked+0x9ad/0x3a60 [ 486.450278][T10553] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 486.450312][T10553] ? snd_pcm_oss_write+0x4a3/0xa00 [ 486.450346][T10553] ? vfs_write+0x24c/0x1150 [ 486.450386][T10553] ? ksys_write+0x12b/0x250 [ 486.450426][T10553] ? do_syscall_64+0xcd/0x250 [ 486.450463][T10553] ? snd_interval_refine+0x2fa/0x580 [ 486.450515][T10553] snd_pcm_hw_refine+0x7e8/0xad0 [ 486.450560][T10553] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 486.450624][T10553] snd_pcm_hw_param_first+0x328/0x6e0 [ 486.450679][T10553] snd_pcm_hw_param_near.constprop.0+0x711/0x8f0 [ 486.450727][T10553] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 486.450766][T10553] ? snd_pcm_oss_change_params_locked+0x93b/0x3a60 [ 486.450810][T10553] snd_pcm_oss_change_params_locked+0x9ad/0x3a60 [ 486.450862][T10553] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 486.450929][T10553] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 486.450968][T10553] snd_pcm_oss_write+0x4a3/0xa00 [ 486.451006][T10553] ? bpf_lsm_file_permission+0x9/0x10 [ 486.451062][T10553] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 486.451098][T10553] vfs_write+0x24c/0x1150 [ 486.451142][T10553] ? __fget_files+0x1fc/0x3a0 [ 486.451186][T10553] ? __pfx_lock_release+0x10/0x10 [ 486.451231][T10553] ? __pfx_vfs_write+0x10/0x10 [ 486.451276][T10553] ? lock_acquire+0x2f/0xb0 [ 486.451316][T10553] ? __fget_files+0x40/0x3a0 [ 486.451365][T10553] ? __fget_files+0x206/0x3a0 [ 486.451421][T10553] ksys_write+0x12b/0x250 [ 486.451464][T10553] ? __pfx_ksys_write+0x10/0x10 [ 486.451518][T10553] do_syscall_64+0xcd/0x250 [ 486.451560][T10553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.451605][T10553] RIP: 0033:0x7f0186f8d169 [ 486.451628][T10553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.451658][T10553] RSP: 002b:00007f0187e58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 486.451693][T10553] RAX: ffffffffffffffda RBX: 00007f01871a6080 RCX: 00007f0186f8d169 [ 486.451712][T10553] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 486.451729][T10553] RBP: 00007f0187e58090 R08: 0000000000000000 R09: 0000000000000000 [ 486.451745][T10553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 486.451762][T10553] R13: 0000000000000000 R14: 00007f01871a6080 R15: 00007ffe9977ef18 [ 486.451799][T10553] [ 490.122517][T10599] cougar: G6 mapped to space [ 490.130955][T10599] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1114'. [ 492.122007][T10614] Line length is too long: Should be less than 4094 [ 492.218750][T10614] Invalid ELF header magic: != ELF [ 492.290446][T10626] [U]  [ 492.293315][T10626] [U] [ 492.296040][T10626] [U] [ 492.298765][T10626] [U] [ 492.368655][T10626] [U] [ 492.371458][T10626] [U] [ 492.374231][T10626] [U] [ 492.376996][T10626] [U] [ 492.442896][T10626] [U] [ 492.445841][T10626] [U] [ 492.448633][T10626] [U] [ 492.451389][T10626] [U] [ 492.522808][T10626] [U] [ 492.525593][T10626] [U] [ 492.528323][T10626] [U] [ 492.531061][T10626] [U] [ 492.603278][T10626] [U] [ 494.839843][T10658] netlink: set zone limit has 4 unknown bytes [ 495.463182][T10663] ima: policy update failed [ 495.503306][ T29] audit: type=1802 audit(6035552576.142:6): pid=10663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1130" res=0 errno=0 [ 499.842029][T10727] netlink: set zone limit has 4 unknown bytes [ 504.637705][T10762] kexec: Could not allocate control_code_buffer [ 507.202115][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 507.208569][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 509.269071][T10832] cougar: G6 mapped to space [ 509.310880][T10832] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1167'. [ 510.210134][T10846] Invalid ELF header magic: != ELF [ 511.062518][T10855] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1170'. [ 514.398292][T10875] cougar: G6 mapped to space [ 514.446252][T10875] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1179'. [ 515.017593][T10884] FAULT_INJECTION: forcing a failure. [ 515.017593][T10884] name failslab, interval 1, probability 0, space 0, times 0 [ 515.092896][T10884] CPU: 1 UID: 0 PID: 10884 Comm: syz.1.1182 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 515.092947][T10884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 515.092968][T10884] Call Trace: [ 515.092978][T10884] [ 515.092990][T10884] dump_stack_lvl+0x16c/0x1f0 [ 515.093049][T10884] should_fail_ex+0x50a/0x650 [ 515.093102][T10884] ? fs_reclaim_acquire+0xae/0x150 [ 515.093151][T10884] should_failslab+0xc2/0x120 [ 515.093183][T10884] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 515.093237][T10884] ? security_inode_alloc+0x3b/0x2b0 [ 515.093279][T10884] security_inode_alloc+0x3b/0x2b0 [ 515.093320][T10884] inode_init_always_gfp+0xce4/0x1030 [ 515.093377][T10884] alloc_inode+0x82/0x230 [ 515.093409][T10884] iget_locked+0x2ee/0x8a0 [ 515.093444][T10884] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 515.093501][T10884] ? __pfx_iget_locked+0x10/0x10 [ 515.093548][T10884] ? kernfs_iop_lookup+0xa3/0x330 [ 515.093613][T10884] kernfs_get_inode+0x48/0x460 [ 515.093659][T10884] kernfs_iop_lookup+0x1ec/0x330 [ 515.093707][T10884] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 515.093752][T10884] lookup_open.isra.0+0x4d9/0x1580 [ 515.093802][T10884] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 515.093852][T10884] ? path_openat+0x88a/0x2d80 [ 515.093912][T10884] ? lookup_fast+0x153/0x5f0 [ 515.093961][T10884] path_openat+0x904/0x2d80 [ 515.094045][T10884] ? __pfx_path_openat+0x10/0x10 [ 515.094090][T10884] ? __pfx___lock_acquire+0x10/0x10 [ 515.094131][T10884] ? lock_acquire.part.0+0x11b/0x380 [ 515.094175][T10884] ? find_held_lock+0x2d/0x110 [ 515.094213][T10884] do_filp_open+0x20c/0x470 [ 515.094261][T10884] ? __pfx_do_filp_open+0x10/0x10 [ 515.094306][T10884] ? find_held_lock+0x2d/0x110 [ 515.094369][T10884] ? alloc_fd+0x41f/0x760 [ 515.094427][T10884] do_sys_openat2+0x17a/0x1e0 [ 515.094461][T10884] ? __pfx_do_sys_openat2+0x10/0x10 [ 515.094512][T10884] __x64_sys_openat+0x175/0x210 [ 515.094547][T10884] ? __pfx___x64_sys_openat+0x10/0x10 [ 515.094596][T10884] do_syscall_64+0xcd/0x250 [ 515.094640][T10884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.094683][T10884] RIP: 0033:0x7ff50f58d169 [ 515.094707][T10884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 515.094737][T10884] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 515.094768][T10884] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 515.094788][T10884] RDX: 0000000000000000 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 515.094808][T10884] RBP: 00007ff50f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 515.094826][T10884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 515.094844][T10884] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 515.094883][T10884] [ 517.404513][T10909] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 519.066525][T10932] FAULT_INJECTION: forcing a failure. [ 519.066525][T10932] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 519.145469][T10932] CPU: 1 UID: 0 PID: 10932 Comm: syz.2.1195 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 519.145509][T10932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 519.145527][T10932] Call Trace: [ 519.145536][T10932] [ 519.145547][T10932] dump_stack_lvl+0x16c/0x1f0 [ 519.145590][T10932] should_fail_ex+0x50a/0x650 [ 519.145651][T10932] _copy_to_iter+0x2a1/0x1560 [ 519.145688][T10932] ? chacha_block_generic+0x18a/0x270 [ 519.145736][T10932] ? __pfx__copy_to_iter+0x10/0x10 [ 519.145774][T10932] ? lockdep_hardirqs_on+0x7c/0x110 [ 519.145811][T10932] ? crng_make_state+0x48e/0x6d0 [ 519.145860][T10932] get_random_bytes_user+0x180/0x3c0 [ 519.145910][T10932] ? __pfx_get_random_bytes_user+0x10/0x10 [ 519.145963][T10932] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 519.146014][T10932] ? import_ubuf+0x1b6/0x220 [ 519.146045][T10932] __x64_sys_getrandom+0x184/0x290 [ 519.146074][T10932] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 519.146119][T10932] do_syscall_64+0xcd/0x250 [ 519.146160][T10932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.146202][T10932] RIP: 0033:0x7f0186f8d169 [ 519.146226][T10932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 519.146254][T10932] RSP: 002b:00007f0187e79038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 519.146282][T10932] RAX: ffffffffffffffda RBX: 00007f01871a5fa0 RCX: 00007f0186f8d169 [ 519.146301][T10932] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 519.146318][T10932] RBP: 00007f0187e79090 R08: 0000000000000000 R09: 0000000000000000 [ 519.146335][T10932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 519.146350][T10932] R13: 0000000000000000 R14: 00007f01871a5fa0 R15: 00007ffe9977ef18 [ 519.146396][T10932] [ 520.514333][T10951] cougar: G6 mapped to space [ 520.536802][T10951] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1199'. [ 522.745891][T10970] random: crng reseeded on system resumption [ 525.170052][T11012] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1215'. [ 525.261338][T11013] capability: warning: `syz.3.1215' uses 32-bit capabilities (legacy support in use) [ 526.864402][T11016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1216'. [ 526.874996][T11016] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 527.083390][T11016] bond0: (slave bond_slave_0): Releasing backup interface [ 527.277958][T11022] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 527.379099][T11022] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 527.470127][T11020] FAULT_INJECTION: forcing a failure. [ 527.470127][T11020] name failslab, interval 1, probability 0, space 0, times 0 [ 527.549282][T11020] CPU: 1 UID: 0 PID: 11020 Comm: syz.2.1218 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 527.549329][T11020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 527.549349][T11020] Call Trace: [ 527.549358][T11020] [ 527.549370][T11020] dump_stack_lvl+0x16c/0x1f0 [ 527.549419][T11020] should_fail_ex+0x50a/0x650 [ 527.549469][T11020] ? fs_reclaim_acquire+0xae/0x150 [ 527.549514][T11020] should_failslab+0xc2/0x120 [ 527.549545][T11020] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 527.549595][T11020] ? __kernfs_new_node+0xd3/0x890 [ 527.549648][T11020] __kernfs_new_node+0xd3/0x890 [ 527.549698][T11020] ? __pfx___kernfs_new_node+0x10/0x10 [ 527.549741][T11020] ? __pfx_lock_release+0x10/0x10 [ 527.549785][T11020] ? kernfs_add_one+0x39d/0x520 [ 527.549844][T11020] ? up_write+0x1b2/0x520 [ 527.549897][T11020] kernfs_new_node+0x186/0x240 [ 527.549962][T11020] __kernfs_create_file+0x53/0x350 [ 527.550000][T11020] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 527.550048][T11020] internal_create_group+0x56c/0xf10 [ 527.550100][T11020] ? __pfx_internal_create_group+0x10/0x10 [ 527.550149][T11020] ? kernfs_create_link+0x1bd/0x240 [ 527.550212][T11020] internal_create_groups+0x9d/0x150 [ 527.550263][T11020] device_add+0x6d3/0x1a70 [ 527.550312][T11020] ? __pfx_device_add+0x10/0x10 [ 527.550360][T11020] ? __init_waitqueue_head+0xca/0x150 [ 527.550406][T11020] netdev_register_kobject+0x183/0x3a0 [ 527.550468][T11020] register_netdevice+0x147b/0x1eb0 [ 527.550526][T11020] ? __pfx_register_netdevice+0x10/0x10 [ 527.550589][T11020] __ip_tunnel_create+0x4aa/0x690 [ 527.550632][T11020] ? __pfx___ip_tunnel_create+0x10/0x10 [ 527.550675][T11020] ? read_word_at_a_time+0xe/0x20 [ 527.550732][T11020] ip_tunnel_init_net+0x22a/0x790 [ 527.550779][T11020] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 527.550828][T11020] ? __kmalloc_noprof+0x23b/0x510 [ 527.550882][T11020] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 527.550916][T11020] ops_init+0x1df/0x5f0 [ 527.550967][T11020] setup_net+0x21f/0x860 [ 527.551019][T11020] ? __pfx_setup_net+0x10/0x10 [ 527.551066][T11020] ? down_read_killable+0xcc/0x380 [ 527.551112][T11020] ? __pfx_down_read_killable+0x10/0x10 [ 527.551156][T11020] ? __raw_spin_lock_init+0x3a/0x110 [ 527.551216][T11020] ? debug_mutex_init+0x37/0x70 [ 527.551255][T11020] copy_net_ns+0x2a6/0x5f0 [ 527.551290][T11020] create_new_namespaces+0x3ea/0xad0 [ 527.551351][T11020] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 527.551409][T11020] ksys_unshare+0x45d/0xa40 [ 527.551442][T11020] ? __pfx_ksys_unshare+0x10/0x10 [ 527.551473][T11020] ? xfd_validate_state+0x5d/0x180 [ 527.551529][T11020] __x64_sys_unshare+0x31/0x40 [ 527.551561][T11020] do_syscall_64+0xcd/0x250 [ 527.551606][T11020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.551648][T11020] RIP: 0033:0x7f0186f8d169 [ 527.551674][T11020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.551706][T11020] RSP: 002b:00007f0187e79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 527.551736][T11020] RAX: ffffffffffffffda RBX: 00007f01871a5fa0 RCX: 00007f0186f8d169 [ 527.551756][T11020] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 527.551775][T11020] RBP: 00007f018700e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 527.551793][T11020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.551811][T11020] R13: 0000000000000000 R14: 00007f01871a5fa0 R15: 00007ffe9977ef18 [ 527.551851][T11020] [ 529.322495][T11033] cougar: G6 mapped to space [ 529.330986][T11033] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1221'. [ 529.697101][T11042] cougar: G6 mapped to space [ 531.124814][T11062] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 540.893412][T11167] FAULT_INJECTION: forcing a failure. [ 540.893412][T11167] name failslab, interval 1, probability 0, space 0, times 0 [ 540.935911][T11167] CPU: 1 UID: 0 PID: 11167 Comm: syz.1.1255 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 540.935954][T11167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 540.935971][T11167] Call Trace: [ 540.935979][T11167] [ 540.935991][T11167] dump_stack_lvl+0x16c/0x1f0 [ 540.936044][T11167] should_fail_ex+0x50a/0x650 [ 540.936094][T11167] ? fs_reclaim_acquire+0xae/0x150 [ 540.936136][T11167] ? tomoyo_realpath_from_path+0xb9/0x720 [ 540.936179][T11167] should_failslab+0xc2/0x120 [ 540.936209][T11167] __kmalloc_noprof+0xcb/0x510 [ 540.936254][T11167] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 540.936305][T11167] tomoyo_realpath_from_path+0xb9/0x720 [ 540.936348][T11167] ? tomoyo_path_perm+0x262/0x460 [ 540.936384][T11167] ? tomoyo_path_perm+0x262/0x460 [ 540.936423][T11167] tomoyo_path_perm+0x276/0x460 [ 540.936455][T11167] ? tomoyo_path_perm+0x262/0x460 [ 540.936494][T11167] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 540.936572][T11167] ? __pfx_ima_file_check+0x10/0x10 [ 540.936630][T11167] security_file_truncate+0x84/0x1e0 [ 540.936672][T11167] path_openat+0xc8c/0x2d80 [ 540.936732][T11167] ? __pfx_path_openat+0x10/0x10 [ 540.936779][T11167] ? __pfx___lock_acquire+0x10/0x10 [ 540.936819][T11167] ? lock_acquire.part.0+0x11b/0x380 [ 540.936860][T11167] ? find_held_lock+0x2d/0x110 [ 540.936904][T11167] do_filp_open+0x20c/0x470 [ 540.936950][T11167] ? __pfx_do_filp_open+0x10/0x10 [ 540.936994][T11167] ? find_held_lock+0x2d/0x110 [ 540.937060][T11167] ? alloc_fd+0x41f/0x760 [ 540.937112][T11167] do_sys_openat2+0x17a/0x1e0 [ 540.937142][T11167] ? __pfx_do_sys_openat2+0x10/0x10 [ 540.937179][T11167] ? __fget_files+0x206/0x3a0 [ 540.937232][T11167] __x64_sys_openat+0x175/0x210 [ 540.937265][T11167] ? __pfx___x64_sys_openat+0x10/0x10 [ 540.937296][T11167] ? ksys_write+0x1ba/0x250 [ 540.937351][T11167] do_syscall_64+0xcd/0x250 [ 540.937392][T11167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.937435][T11167] RIP: 0033:0x7ff50f58d169 [ 540.937457][T11167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 540.937485][T11167] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 540.937513][T11167] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 540.937532][T11167] RDX: 1a6b75d63882a712 RSI: 00004000000000c0 RDI: ffffffffffffff9c [ 540.937551][T11167] RBP: 00007ff50d3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 540.937568][T11167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 540.937585][T11167] R13: 0000000000000001 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 540.937623][T11167] [ 540.943112][T11167] ERROR: Out of memory at tomoyo_realpath_from_path. [ 542.461860][T11184] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1258'. [ 544.870629][T11208] FAULT_INJECTION: forcing a failure. [ 544.870629][T11208] name failslab, interval 1, probability 0, space 0, times 0 [ 544.870841][T11208] CPU: 1 UID: 0 PID: 11208 Comm: syz.3.1266 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 544.870879][T11208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 544.870899][T11208] Call Trace: [ 544.870909][T11208] [ 544.870921][T11208] dump_stack_lvl+0x16c/0x1f0 [ 544.870989][T11208] should_fail_ex+0x50a/0x650 [ 544.871056][T11208] ? fs_reclaim_acquire+0xae/0x150 [ 544.871102][T11208] should_failslab+0xc2/0x120 [ 544.871133][T11208] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 544.871184][T11208] ? skb_clone+0x190/0x3f0 [ 544.871236][T11208] skb_clone+0x190/0x3f0 [ 544.871285][T11208] netlink_broadcast_filtered+0xb11/0xef0 [ 544.871341][T11208] ? sprintf+0xcd/0x110 [ 544.871376][T11208] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 544.871442][T11208] netlink_broadcast+0x39/0x50 [ 544.871485][T11208] kobject_uevent_env+0xc69/0x1870 [ 544.871540][T11208] ? kernfs_put+0x35/0x50 [ 544.871584][T11208] ? sysfs_do_create_link_sd+0xbb/0x140 [ 544.871624][T11208] ? bus_to_subsys+0x12d/0x160 [ 544.871677][T11208] device_add+0x10e0/0x1a70 [ 544.871725][T11208] ? __pfx_device_add+0x10/0x10 [ 544.871801][T11208] device_create_groups_vargs+0x1f8/0x270 [ 544.871854][T11208] device_create+0xe9/0x130 [ 544.871902][T11208] ? __pfx_device_create+0x10/0x10 [ 544.871945][T11208] ? __pfx_lock_release+0x10/0x10 [ 544.871993][T11208] ? is_console_locked+0x9/0x20 [ 544.872033][T11208] ? con_is_visible+0x65/0x150 [ 544.872062][T11208] ? csi_J+0x547/0xad0 [ 544.872108][T11208] vcs_make_sysfs+0x55/0x80 [ 544.872141][T11208] vc_allocate+0x502/0x880 [ 544.872179][T11208] ? __pfx_vc_allocate+0x10/0x10 [ 544.872218][T11208] ? lock_acquire+0x2f/0xb0 [ 544.872258][T11208] ? con_install+0x9a/0x600 [ 544.872302][T11208] con_install+0xa2/0x600 [ 544.872345][T11208] ? __pfx_con_install+0x10/0x10 [ 544.872411][T11208] ? __pfx_con_install+0x10/0x10 [ 544.872454][T11208] tty_init_dev.part.0+0x99/0x660 [ 544.872502][T11208] tty_open+0xac1/0xf80 [ 544.872543][T11208] ? chrdev_open+0x596/0x6a0 [ 544.872598][T11208] ? __pfx_tty_open+0x10/0x10 [ 544.872640][T11208] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 544.872670][T11208] ? lock_acquire+0x2f/0xb0 [ 544.872713][T11208] ? chrdev_open+0x36b/0x6a0 [ 544.872773][T11208] ? __pfx_tty_open+0x10/0x10 [ 544.872816][T11208] chrdev_open+0x237/0x6a0 [ 544.872868][T11208] ? __pfx_chrdev_open+0x10/0x10 [ 544.872924][T11208] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 544.872977][T11208] do_dentry_open+0x735/0x1c40 [ 544.873024][T11208] ? __pfx_chrdev_open+0x10/0x10 [ 544.873076][T11208] ? inode_permission+0xdd/0x5f0 [ 544.873116][T11208] vfs_open+0x82/0x3f0 [ 544.873146][T11208] ? may_open+0x1f2/0x400 [ 544.873189][T11208] path_openat+0x1e88/0x2d80 [ 544.873253][T11208] ? __pfx_path_openat+0x10/0x10 [ 544.873303][T11208] ? __pfx___lock_acquire+0x10/0x10 [ 544.873345][T11208] ? lock_acquire.part.0+0x11b/0x380 [ 544.873391][T11208] ? find_held_lock+0x2d/0x110 [ 544.873432][T11208] do_filp_open+0x20c/0x470 [ 544.873482][T11208] ? __pfx_do_filp_open+0x10/0x10 [ 544.873527][T11208] ? find_held_lock+0x2d/0x110 [ 544.873605][T11208] ? alloc_fd+0x41f/0x760 [ 544.873662][T11208] do_sys_openat2+0x17a/0x1e0 [ 544.873696][T11208] ? __pfx_do_sys_openat2+0x10/0x10 [ 544.873753][T11208] __x64_sys_openat+0x175/0x210 [ 544.873788][T11208] ? __pfx___x64_sys_openat+0x10/0x10 [ 544.873842][T11208] do_syscall_64+0xcd/0x250 [ 544.873885][T11208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 544.873930][T11208] RIP: 0033:0x7f7d1138d169 [ 544.873955][T11208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 544.873987][T11208] RSP: 002b:00007f7d1228e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 544.874016][T11208] RAX: ffffffffffffffda RBX: 00007f7d115a5fa0 RCX: 00007f7d1138d169 [ 544.874035][T11208] RDX: 0000000000000001 RSI: 00004000000003c0 RDI: ffffffffffffff9c [ 544.874054][T11208] RBP: 00007f7d1140e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 544.874071][T11208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 544.874088][T11208] R13: 0000000000000000 R14: 00007f7d115a5fa0 R15: 00007ffd0746e088 [ 544.874129][T11208] [ 547.275212][T11234] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1271'. [ 549.598862][T11208] tty tty42: ldisc open failed (-12), clearing slot 41 [ 556.031280][T11288] [U]  [ 556.034174][T11288] [U] [ 556.036904][T11288] [U] [ 556.039686][T11288] [U] [ 556.043025][T11288] [U] [ 556.045794][T11288] [U] [ 556.048579][T11288] [U] [ 556.051337][T11288] [U] [ 556.083728][T11288] [U] [ 556.086547][T11288] [U] [ 556.089307][T11288] [U] [ 556.092070][T11288] [U] [ 556.134835][T11288] [U] [ 556.137654][T11288] [U] [ 556.140421][T11288] [U] [ 556.143196][T11288] [U] [ 556.195020][T11288] [U] [ 556.197830][T11288] [U] [ 556.200624][T11288] [U] [ 556.203381][T11288] [U] [ 556.245236][T11288] [U] [ 556.248048][T11288] [U] [ 556.250817][T11288] [U] [ 556.253578][T11288] [U] [ 556.313926][T11288] [U] [ 556.316745][T11288] [U] [ 556.319507][T11288] [U] [ 556.322265][T11288] [U] [ 556.394167][T11288] [U] [ 556.396967][T11288] [U] [ 556.399733][T11288] [U] [ 556.402502][T11288] [U] [ 556.437514][T11288] [U] [ 558.907791][T11308] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 562.036501][T11332] FAULT_INJECTION: forcing a failure. [ 562.036501][T11332] name failslab, interval 1, probability 0, space 0, times 0 [ 562.153687][T11332] CPU: 1 UID: 0 PID: 11332 Comm: syz.2.1296 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 562.153731][T11332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 562.153748][T11332] Call Trace: [ 562.153757][T11332] [ 562.153769][T11332] dump_stack_lvl+0x16c/0x1f0 [ 562.153814][T11332] should_fail_ex+0x50a/0x650 [ 562.153865][T11332] ? fs_reclaim_acquire+0xae/0x150 [ 562.153907][T11332] should_failslab+0xc2/0x120 [ 562.153962][T11332] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 562.154014][T11332] ? ptlock_alloc+0x1f/0x70 [ 562.154067][T11332] ptlock_alloc+0x1f/0x70 [ 562.154125][T11332] pte_alloc_one+0x74/0x390 [ 562.154173][T11332] do_pte_missing+0x1aff/0x3e10 [ 562.154220][T11332] ? do_raw_spin_unlock+0x172/0x230 [ 562.154252][T11332] ? __pmd_alloc+0x3c2/0x870 [ 562.154296][T11332] __handle_mm_fault+0x1166/0x2c60 [ 562.154350][T11332] ? __pfx___handle_mm_fault+0x10/0x10 [ 562.154392][T11332] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 562.154477][T11332] ? find_vma+0xc0/0x140 [ 562.154515][T11332] ? __pfx_find_vma+0x10/0x10 [ 562.154549][T11332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.154600][T11332] handle_mm_fault+0x3fa/0xaa0 [ 562.154653][T11332] do_user_addr_fault+0x7a3/0x13f0 [ 562.154707][T11332] exc_page_fault+0x5c/0xc0 [ 562.154746][T11332] asm_exc_page_fault+0x26/0x30 [ 562.154789][T11332] RIP: 0010:strncpy_from_user+0x148/0x2d0 [ 562.154838][T11332] Code: 00 00 48 83 ed 08 4d 89 74 1d 00 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 66 4b c8 fc 48 83 fd 07 76 22 e8 2b 50 c8 fc 45 31 ff <49> 8b 04 1c 31 ff 44 89 fe 49 89 c6 e8 17 4b c8 fc 45 85 ff 0f 84 [ 562.154869][T11332] RSP: 0018:ffffc9000c4afea8 EFLAGS: 00050246 [ 562.154894][T11332] RAX: 0000000000000052 RBX: 0000000000000000 RCX: ffffc9000bdb2000 [ 562.154913][T11332] RDX: 0000000000080000 RSI: ffffffff84f18f25 RDI: 0000000000000007 [ 562.154939][T11332] RBP: 00000000000000fa R08: 0000000000000007 R09: 0000000000000007 [ 562.154957][T11332] R10: 00000000000000fa R11: 0000000000000000 R12: 0000000000000000 [ 562.154976][T11332] R13: ffff88803420c406 R14: 00000000000000fa R15: 0000000000000000 [ 562.155008][T11332] ? strncpy_from_user+0x145/0x2d0 [ 562.155059][T11332] ? strncpy_from_user+0x145/0x2d0 [ 562.155110][T11332] __do_sys_memfd_create+0x1b1/0x8b0 [ 562.155151][T11332] do_syscall_64+0xcd/0x250 [ 562.155195][T11332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.155239][T11332] RIP: 0033:0x7f0186f8d169 [ 562.155263][T11332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 562.155293][T11332] RSP: 002b:00007f0187e79038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 562.155320][T11332] RAX: ffffffffffffffda RBX: 00007f01871a5fa0 RCX: 00007f0186f8d169 [ 562.155339][T11332] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000 [ 562.155357][T11332] RBP: 00007f018700e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 562.155374][T11332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 562.155392][T11332] R13: 0000000000000000 R14: 00007f01871a5fa0 R15: 00007ffe9977ef18 [ 562.155429][T11332] [ 564.508901][T11357] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1300'. [ 567.352390][T11382] FAULT_INJECTION: forcing a failure. [ 567.352390][T11382] name failslab, interval 1, probability 0, space 0, times 0 [ 567.438958][T11382] CPU: 1 UID: 0 PID: 11382 Comm: syz.3.1308 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 567.438998][T11382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 567.439015][T11382] Call Trace: [ 567.439023][T11382] [ 567.439033][T11382] dump_stack_lvl+0x16c/0x1f0 [ 567.439074][T11382] should_fail_ex+0x50a/0x650 [ 567.439117][T11382] ? fs_reclaim_acquire+0xae/0x150 [ 567.439154][T11382] ? constrain_params_by_rules+0x176/0xca0 [ 567.439185][T11382] should_failslab+0xc2/0x120 [ 567.439210][T11382] __kmalloc_noprof+0xcb/0x510 [ 567.439248][T11382] ? unwind_get_return_address+0x59/0xa0 [ 567.439290][T11382] ? arch_stack_walk+0xa7/0x100 [ 567.439319][T11382] constrain_params_by_rules+0x176/0xca0 [ 567.439362][T11382] ? stack_trace_save+0x95/0xd0 [ 567.439396][T11382] ? stack_depot_save_flags+0x28/0x9c0 [ 567.439442][T11382] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 567.439502][T11382] ? __kasan_kmalloc+0xaa/0xb0 [ 567.439542][T11382] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 567.439573][T11382] ? snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 567.439606][T11382] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 567.439650][T11382] ? snd_interval_refine+0x2fa/0x580 [ 567.439698][T11382] snd_pcm_hw_refine+0x7e8/0xad0 [ 567.439753][T11382] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 567.439806][T11382] ? _snd_pcm_hw_param_min+0x259/0x630 [ 567.439842][T11382] snd_pcm_hw_param_near.constprop.0+0x597/0x8f0 [ 567.439882][T11382] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 567.439919][T11382] ? calc_src_frames.isra.0+0x187/0x1d0 [ 567.439962][T11382] snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 567.440014][T11382] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 567.440048][T11382] ? __mutex_lock+0x1cc/0xb10 [ 567.440114][T11382] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 567.440155][T11382] snd_pcm_oss_ioctl+0x21d5/0x3780 [ 567.440197][T11382] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 567.440236][T11382] ? __fget_files+0x206/0x3a0 [ 567.440284][T11382] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 567.440323][T11382] __x64_sys_ioctl+0x190/0x200 [ 567.440364][T11382] do_syscall_64+0xcd/0x250 [ 567.440406][T11382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.440450][T11382] RIP: 0033:0x7f7d1138d169 [ 567.440474][T11382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.440504][T11382] RSP: 002b:00007f7d1226d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 567.440531][T11382] RAX: ffffffffffffffda RBX: 00007f7d115a6080 RCX: 00007f7d1138d169 [ 567.440551][T11382] RDX: 0000400000000040 RSI: 00000000c0045002 RDI: 0000000000000005 [ 567.440569][T11382] RBP: 00007f7d1226d090 R08: 0000000000000000 R09: 0000000000000000 [ 567.440585][T11382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 567.440602][T11382] R13: 0000000000000001 R14: 00007f7d115a6080 R15: 00007ffd0746e088 [ 567.440638][T11382] [ 568.024361][T11385] [U]  [ 568.027268][T11385] [U] [ 568.030031][T11385] [U] [ 568.032792][T11385] [U] [ 568.128116][T11385] [U] [ 568.131001][T11385] [U] [ 568.133743][T11385] [U] [ 568.136488][T11385] [U] [ 568.207399][T11385] [U] [ 568.210309][T11385] [U] [ 568.213070][T11385] [U] [ 568.215821][T11385] [U] [ 568.263269][T11385] [U] [ 568.266066][T11385] [U] [ 568.268823][T11385] [U] [ 568.271581][T11385] [U] [ 568.313878][T11385] [U] [ 568.316687][T11385] [U] [ 568.319448][T11385] [U] [ 568.322203][T11385] [U] [ 568.449871][T11387] [U] [ 568.452788][T11387] [U] [ 568.455571][T11387] [U] [ 568.458333][T11387] [U] [ 568.539800][T11387] [U] [ 568.542587][T11387] [U] [ 568.545317][T11387] [U] [ 568.548040][T11387] [U] [ 568.609957][T11387] [U] [ 568.612756][T11387] [U] [ 568.615511][T11387] [U] [ 568.618283][T11387] [U] [ 568.659113][T11387] [U] [ 568.662017][T11387] [U] [ 568.664782][T11387] [U] [ 568.667557][T11387] [U] [ 568.680016][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.686403][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.803512][T11387] [U] [ 568.806321][T11387] [U] [ 568.809063][T11387] [U] [ 568.811824][T11387] [U] [ 568.920050][T11387] [U] [ 570.462920][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 570.741015][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 570.928177][T11418] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1316'. [ 571.257505][T11419] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1315'. [ 571.411328][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 571.771927][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 572.492185][T11434] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1319'. [ 572.852135][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 577.586801][T11472] FAULT_INJECTION: forcing a failure. [ 577.586801][T11472] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 577.600311][T11472] CPU: 0 UID: 0 PID: 11472 Comm: syz.1.1331 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 577.600372][T11472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 577.600393][T11472] Call Trace: [ 577.600403][T11472] [ 577.600416][T11472] dump_stack_lvl+0x16c/0x1f0 [ 577.600466][T11472] should_fail_ex+0x50a/0x650 [ 577.600518][T11472] ? __pfx___might_resched+0x10/0x10 [ 577.600576][T11472] should_fail_alloc_page+0xe7/0x130 [ 577.600612][T11472] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 577.600664][T11472] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 577.600721][T11472] ? __pfx_mark_lock+0x10/0x10 [ 577.600770][T11472] ? finish_task_switch.isra.0+0x160/0xcc0 [ 577.600828][T11472] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 577.600898][T11472] ? hlock_class+0x4e/0x130 [ 577.600955][T11472] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 577.601012][T11472] ? policy_nodemask+0xea/0x4e0 [ 577.601070][T11472] alloc_pages_mpol+0x1fc/0x540 [ 577.601104][T11472] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 577.601137][T11472] ? find_held_lock+0x2d/0x110 [ 577.601180][T11472] alloc_pages_noprof+0x131/0x390 [ 577.601213][T11472] __pmd_alloc+0x3f/0x870 [ 577.601261][T11472] __handle_mm_fault+0x9fb/0x2c60 [ 577.601321][T11472] ? __pfx___handle_mm_fault+0x10/0x10 [ 577.601369][T11472] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 577.601442][T11472] ? find_vma+0xc0/0x140 [ 577.601481][T11472] ? __pfx_find_vma+0x10/0x10 [ 577.601517][T11472] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.601595][T11472] handle_mm_fault+0x3fa/0xaa0 [ 577.601653][T11472] do_user_addr_fault+0x7a3/0x13f0 [ 577.601710][T11472] exc_page_fault+0x5c/0xc0 [ 577.601752][T11472] asm_exc_page_fault+0x26/0x30 [ 577.601795][T11472] RIP: 0010:strncpy_from_user+0x148/0x2d0 [ 577.601846][T11472] Code: 00 00 48 83 ed 08 4d 89 74 1d 00 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 66 4b c8 fc 48 83 fd 07 76 22 e8 2b 50 c8 fc 45 31 ff <49> 8b 04 1c 31 ff 44 89 fe 49 89 c6 e8 17 4b c8 fc 45 85 ff 0f 84 [ 577.601886][T11472] RSP: 0018:ffffc90018ebfea8 EFLAGS: 00050246 [ 577.601913][T11472] RAX: 0000000000000051 RBX: 0000000000000000 RCX: ffffc9000b9b1000 [ 577.601934][T11472] RDX: 0000000000080000 RSI: ffffffff84f18f25 RDI: 0000000000000007 [ 577.601954][T11472] RBP: 00000000000000fa R08: 0000000000000007 R09: 0000000000000007 [ 577.601972][T11472] R10: 00000000000000fa R11: 0000000000000000 R12: 0000000000000000 [ 577.601991][T11472] R13: ffff88806f611206 R14: 00000000000000fa R15: 0000000000000000 [ 577.602024][T11472] ? strncpy_from_user+0x145/0x2d0 [ 577.602079][T11472] ? strncpy_from_user+0x145/0x2d0 [ 577.602145][T11472] __do_sys_memfd_create+0x1b1/0x8b0 [ 577.602204][T11472] do_syscall_64+0xcd/0x250 [ 577.602249][T11472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.602294][T11472] RIP: 0033:0x7ff50f58d169 [ 577.602320][T11472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.602358][T11472] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 577.602387][T11472] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 577.602408][T11472] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000 [ 577.602427][T11472] RBP: 00007ff50f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 577.602446][T11472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 577.602465][T11472] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 577.602506][T11472] [ 578.325484][T11474] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1330'. [ 578.491666][T11488] [U]  [ 578.494575][T11488] [U] [ 578.497332][T11488] [U] [ 578.500095][T11488] [U] [ 578.534819][T11488] [U] [ 578.537635][T11488] [U] [ 578.540401][T11488] [U] [ 578.543165][T11488] [U] [ 578.576351][T11488] [U] [ 578.579153][T11488] [U] [ 578.581916][T11488] [U] [ 578.584677][T11488] [U] [ 578.633551][T11488] [U] [ 578.636363][T11488] [U] [ 578.639123][T11488] [U] [ 578.641887][T11488] [U] [ 578.679804][T11488] [U] [ 578.682699][T11488] [U] [ 578.685461][T11488] [U] [ 578.688222][T11488] [U] [ 578.711674][T11488] [U] [ 578.714487][T11488] [U] [ 578.717266][T11488] [U] [ 578.720045][T11488] [U] [ 578.744192][T11488] [U] [ 579.093332][T11496] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1334'. [ 579.102593][T11496] FAULT_INJECTION: forcing a failure. [ 579.102593][T11496] name failslab, interval 1, probability 0, space 0, times 0 [ 579.123758][T11496] CPU: 1 UID: 0 PID: 11496 Comm: syz.1.1334 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 579.123811][T11496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 579.123829][T11496] Call Trace: [ 579.123838][T11496] [ 579.123850][T11496] dump_stack_lvl+0x16c/0x1f0 [ 579.123896][T11496] should_fail_ex+0x50a/0x650 [ 579.123968][T11496] should_failslab+0xc2/0x120 [ 579.123999][T11496] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 579.124063][T11496] ? skb_clone+0x190/0x3f0 [ 579.124115][T11496] skb_clone+0x190/0x3f0 [ 579.124162][T11496] netlink_deliver_tap+0xabd/0xd30 [ 579.124210][T11496] netlink_unicast+0x6b4/0x7f0 [ 579.124258][T11496] ? __pfx_netlink_unicast+0x10/0x10 [ 579.124304][T11496] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 579.124359][T11496] netlink_ack+0x6ac/0xb80 [ 579.124413][T11496] netlink_rcv_skb+0x348/0x440 [ 579.124467][T11496] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 579.124516][T11496] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 579.124580][T11496] ? netlink_deliver_tap+0x1ae/0xd30 [ 579.124627][T11496] netlink_unicast+0x53c/0x7f0 [ 579.124673][T11496] ? __pfx_netlink_unicast+0x10/0x10 [ 579.124716][T11496] ? __phys_addr_symbol+0x30/0x80 [ 579.124745][T11496] ? __check_object_size+0x488/0x710 [ 579.124779][T11496] netlink_sendmsg+0x8b8/0xd70 [ 579.124825][T11496] ? __pfx_netlink_sendmsg+0x10/0x10 [ 579.124890][T11496] ____sys_sendmsg+0xaaf/0xc90 [ 579.124920][T11496] ? copy_msghdr_from_user+0x10b/0x160 [ 579.124956][T11496] ? __pfx_____sys_sendmsg+0x10/0x10 [ 579.124983][T11496] ? __lock_acquire+0xcc5/0x3c40 [ 579.125025][T11496] ? hlock_class+0x4e/0x130 [ 579.125052][T11496] ? __lock_acquire+0x15a9/0x3c40 [ 579.125097][T11496] ___sys_sendmsg+0x135/0x1e0 [ 579.125140][T11496] ? __pfx____sys_sendmsg+0x10/0x10 [ 579.125179][T11496] ? __pfx___lock_acquire+0x10/0x10 [ 579.125249][T11496] ? __pfx___might_resched+0x10/0x10 [ 579.125292][T11496] ? __might_fault+0xe3/0x190 [ 579.125326][T11496] __sys_sendmmsg+0x201/0x420 [ 579.125372][T11496] ? __pfx___sys_sendmmsg+0x10/0x10 [ 579.125425][T11496] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 579.125487][T11496] ? fput+0x67/0x440 [ 579.125514][T11496] ? ksys_write+0x1ba/0x250 [ 579.125553][T11496] ? __pfx_ksys_write+0x10/0x10 [ 579.125598][T11496] __x64_sys_sendmmsg+0x9c/0x100 [ 579.125639][T11496] ? lockdep_hardirqs_on+0x7c/0x110 [ 579.125671][T11496] do_syscall_64+0xcd/0x250 [ 579.125709][T11496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.125802][T11496] RIP: 0033:0x7ff50f58d169 [ 579.125825][T11496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 579.125852][T11496] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 579.125877][T11496] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 579.125895][T11496] RDX: 0000000000000007 RSI: 0000400000000200 RDI: 0000000000000004 [ 579.125910][T11496] RBP: 00007ff50d3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 579.125926][T11496] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 579.125942][T11496] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 579.125976][T11496] [ 579.437720][ C1] vkms_vblank_simulate: vblank timer overrun [ 584.344628][T11531] cougar: G6 mapped to space [ 584.444287][T11531] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1342'. [ 586.391282][T11553] kAFS: No cell specified [ 587.863878][T11568] cougar: G6 mapped to space [ 587.868772][T11569] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1348'. [ 589.567390][T11588] netlink: zone id is out of range [ 589.600236][T11588] netlink: zone id is out of range [ 589.605420][T11588] netlink: zone id is out of range [ 589.688425][T11592] random: crng reseeded on system resumption [ 589.750214][T11588] netlink: zone id is out of range [ 589.755429][T11588] netlink: zone id is out of range [ 589.830771][T11588] netlink: zone id is out of range [ 589.886930][T11588] netlink: zone id is out of range [ 589.964773][T11588] netlink: zone id is out of range [ 590.019398][T11588] netlink: zone id is out of range [ 590.087367][T11588] netlink: zone id is out of range [ 590.827179][T11604] FAULT_INJECTION: forcing a failure. [ 590.827179][T11604] name failslab, interval 1, probability 0, space 0, times 0 [ 590.895540][T11604] CPU: 1 UID: 0 PID: 11604 Comm: syz.2.1360 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 590.895583][T11604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 590.895601][T11604] Call Trace: [ 590.895610][T11604] [ 590.895622][T11604] dump_stack_lvl+0x16c/0x1f0 [ 590.895668][T11604] should_fail_ex+0x50a/0x650 [ 590.895718][T11604] ? fs_reclaim_acquire+0xae/0x150 [ 590.895763][T11604] ? constrain_params_by_rules+0x176/0xca0 [ 590.895801][T11604] should_failslab+0xc2/0x120 [ 590.895830][T11604] __kmalloc_noprof+0xcb/0x510 [ 590.895877][T11604] ? hlock_class+0x4e/0x130 [ 590.895909][T11604] ? mark_lock+0xb5/0xc60 [ 590.895958][T11604] constrain_params_by_rules+0x176/0xca0 [ 590.895998][T11604] ? __pfx___lock_acquire+0x10/0x10 [ 590.896057][T11604] ? __pfx_mark_lock+0x10/0x10 [ 590.896097][T11604] ? psi_task_switch+0x203/0x8e0 [ 590.896139][T11604] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 590.896176][T11604] ? lock_acquire.part.0+0x11b/0x380 [ 590.896243][T11604] ? hlock_class+0x4e/0x130 [ 590.896275][T11604] ? mark_lock+0xb5/0xc60 [ 590.896313][T11604] ? snd_interval_refine+0x2fa/0x580 [ 590.896364][T11604] snd_pcm_hw_refine+0x7e8/0xad0 [ 590.896408][T11604] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 590.896459][T11604] ? __pfx_lock_release+0x10/0x10 [ 590.896509][T11604] ? mark_held_locks+0x9f/0xe0 [ 590.896562][T11604] snd_pcm_hw_params+0x3e6/0x1b20 [ 590.896608][T11604] ? preempt_schedule_thunk+0x1a/0x30 [ 590.896646][T11604] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 590.896685][T11604] ? preempt_schedule_common+0x44/0xc0 [ 590.896723][T11604] ? preempt_schedule_thunk+0x1a/0x30 [ 590.896775][T11604] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 590.896818][T11604] snd_pcm_oss_change_params_locked+0x1406/0x3a60 [ 590.896872][T11604] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 590.896907][T11604] ? __mutex_lock+0x1cc/0xb10 [ 590.896974][T11604] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 590.897018][T11604] snd_pcm_oss_ioctl+0x21d5/0x3780 [ 590.897061][T11604] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 590.897102][T11604] ? __fget_files+0x206/0x3a0 [ 590.897153][T11604] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 590.897192][T11604] __x64_sys_ioctl+0x190/0x200 [ 590.897233][T11604] do_syscall_64+0xcd/0x250 [ 590.897275][T11604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.897315][T11604] RIP: 0033:0x7f0186f8d169 [ 590.897338][T11604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.897368][T11604] RSP: 002b:00007f0187e58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 590.897396][T11604] RAX: ffffffffffffffda RBX: 00007f01871a6080 RCX: 00007f0186f8d169 [ 590.897415][T11604] RDX: 0000400000000040 RSI: 00000000c0045002 RDI: 0000000000000005 [ 590.897441][T11604] RBP: 00007f0187e58090 R08: 0000000000000000 R09: 0000000000000000 [ 590.897479][T11604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 590.897498][T11604] R13: 0000000000000001 R14: 00007f01871a6080 R15: 00007ffe9977ef18 [ 590.897539][T11604] [ 591.200112][ C1] vkms_vblank_simulate: vblank timer overrun [ 594.720612][T11635] FAULT_INJECTION: forcing a failure. [ 594.720612][T11635] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 594.780410][T11635] CPU: 1 UID: 0 PID: 11635 Comm: syz.3.1368 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 594.780453][T11635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 594.780472][T11635] Call Trace: [ 594.780481][T11635] [ 594.780493][T11635] dump_stack_lvl+0x16c/0x1f0 [ 594.780539][T11635] should_fail_ex+0x50a/0x650 [ 594.780592][T11635] _copy_to_iter+0x2a1/0x1560 [ 594.780631][T11635] ? chacha_block_generic+0x18a/0x270 [ 594.780682][T11635] ? __pfx__copy_to_iter+0x10/0x10 [ 594.780722][T11635] ? lockdep_hardirqs_on+0x7c/0x110 [ 594.780761][T11635] ? crng_make_state+0x48e/0x6d0 [ 594.780815][T11635] get_random_bytes_user+0x180/0x3c0 [ 594.780867][T11635] ? __pfx_get_random_bytes_user+0x10/0x10 [ 594.780924][T11635] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 594.780979][T11635] ? import_ubuf+0x1b6/0x220 [ 594.781014][T11635] __x64_sys_getrandom+0x184/0x290 [ 594.781045][T11635] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 594.781095][T11635] do_syscall_64+0xcd/0x250 [ 594.781139][T11635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.781185][T11635] RIP: 0033:0x7f7d1138d169 [ 594.781209][T11635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 594.781240][T11635] RSP: 002b:00007f7d1228e038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 594.781269][T11635] RAX: ffffffffffffffda RBX: 00007f7d115a5fa0 RCX: 00007f7d1138d169 [ 594.781301][T11635] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 594.781320][T11635] RBP: 00007f7d1228e090 R08: 0000000000000000 R09: 0000000000000000 [ 594.781339][T11635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 594.781356][T11635] R13: 0000000000000000 R14: 00007f7d115a5fa0 R15: 00007ffd0746e088 [ 594.781403][T11635] [ 594.962322][ C1] vkms_vblank_simulate: vblank timer overrun [ 595.558346][T11642] FAULT_INJECTION: forcing a failure. [ 595.558346][T11642] name failslab, interval 1, probability 0, space 0, times 0 [ 595.639906][T11642] CPU: 1 UID: 0 PID: 11642 Comm: syz.1.1370 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 595.639953][T11642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 595.639972][T11642] Call Trace: [ 595.639982][T11642] [ 595.640034][T11642] dump_stack_lvl+0x16c/0x1f0 [ 595.640079][T11642] should_fail_ex+0x50a/0x650 [ 595.640128][T11642] ? fs_reclaim_acquire+0xae/0x150 [ 595.640171][T11642] ? tomoyo_realpath_from_path+0xb9/0x720 [ 595.640215][T11642] should_failslab+0xc2/0x120 [ 595.640251][T11642] __kmalloc_noprof+0xcb/0x510 [ 595.640300][T11642] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 595.640355][T11642] tomoyo_realpath_from_path+0xb9/0x720 [ 595.640397][T11642] ? tomoyo_path_number_perm+0x235/0x590 [ 595.640436][T11642] ? tomoyo_path_number_perm+0x235/0x590 [ 595.640478][T11642] tomoyo_path_number_perm+0x248/0x590 [ 595.640514][T11642] ? tomoyo_path_number_perm+0x235/0x590 [ 595.640554][T11642] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 595.640629][T11642] ? __pfx_lock_release+0x10/0x10 [ 595.640670][T11642] ? trace_lock_acquire+0x14e/0x1f0 [ 595.640710][T11642] ? lock_acquire+0x2f/0xb0 [ 595.640749][T11642] ? __fget_files+0x40/0x3a0 [ 595.640800][T11642] ? __fget_files+0x206/0x3a0 [ 595.640852][T11642] security_file_ioctl+0x9b/0x240 [ 595.640894][T11642] __x64_sys_ioctl+0xb7/0x200 [ 595.640941][T11642] do_syscall_64+0xcd/0x250 [ 595.640986][T11642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.641031][T11642] RIP: 0033:0x7ff50f58d169 [ 595.641055][T11642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.641085][T11642] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 595.641115][T11642] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 595.641134][T11642] RDX: 0000000000000000 RSI: 0000000000005412 RDI: 0000000000000005 [ 595.641152][T11642] RBP: 00007ff50d3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 595.641170][T11642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 595.641188][T11642] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 595.641227][T11642] [ 595.859841][ C1] vkms_vblank_simulate: vblank timer overrun [ 595.933595][T11642] ERROR: Out of memory at tomoyo_realpath_from_path. [ 596.204896][T11646] cougar: G6 mapped to space [ 596.265787][T11646] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1371'. [ 597.107731][T11654] [U]  [ 597.110641][T11654] [U] [ 597.113413][T11654] [U] [ 597.116184][T11654] [U] [ 597.227884][T11654] [U] [ 597.230698][T11654] [U] [ 597.233467][T11654] [U] [ 597.236240][T11654] [U] [ 597.340018][T11654] [U] [ 597.342910][T11654] [U] [ 597.345661][T11654] [U] [ 597.348396][T11654] [U] [ 597.525965][T11654] [U] [ 597.528764][T11654] [U] [ 597.531501][T11654] [U] [ 597.534240][T11654] [U] [ 597.588798][T11654] [U] [ 597.591642][T11654] [U] [ 597.594417][T11654] [U] [ 597.597180][T11654] [U] [ 597.703499][T11654] [U] [ 604.885736][T11716] FAULT_INJECTION: forcing a failure. [ 604.885736][T11716] name failslab, interval 1, probability 0, space 0, times 0 [ 604.938891][T11716] CPU: 1 UID: 0 PID: 11716 Comm: syz.3.1388 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 604.938935][T11716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 604.938953][T11716] Call Trace: [ 604.938961][T11716] [ 604.938974][T11716] dump_stack_lvl+0x16c/0x1f0 [ 604.939018][T11716] should_fail_ex+0x50a/0x650 [ 604.939066][T11716] ? fs_reclaim_acquire+0xae/0x150 [ 604.939108][T11716] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 604.939142][T11716] should_failslab+0xc2/0x120 [ 604.939172][T11716] __kmalloc_cache_noprof+0x68/0x410 [ 604.939233][T11716] ? snd_pcm_hw_param_first+0x301/0x6e0 [ 604.939267][T11716] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 604.939309][T11716] snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 604.939351][T11716] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 604.939408][T11716] ? calc_src_frames.isra.0+0x187/0x1d0 [ 604.939451][T11716] ? calc_dst_frames.constprop.0.isra.0+0x103/0x130 [ 604.939498][T11716] snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 604.939553][T11716] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 604.939621][T11716] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 604.939661][T11716] snd_pcm_oss_write+0x4a3/0xa00 [ 604.939700][T11716] ? bpf_lsm_file_permission+0x9/0x10 [ 604.939759][T11716] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 604.939795][T11716] vfs_write+0x24c/0x1150 [ 604.939839][T11716] ? __fget_files+0x1fc/0x3a0 [ 604.939884][T11716] ? __pfx_lock_release+0x10/0x10 [ 604.939931][T11716] ? __pfx_vfs_write+0x10/0x10 [ 604.939976][T11716] ? lock_acquire+0x2f/0xb0 [ 604.940016][T11716] ? __fget_files+0x40/0x3a0 [ 604.940067][T11716] ? __fget_files+0x206/0x3a0 [ 604.940123][T11716] ksys_write+0x12b/0x250 [ 604.940167][T11716] ? __pfx_ksys_write+0x10/0x10 [ 604.940223][T11716] do_syscall_64+0xcd/0x250 [ 604.940268][T11716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.940312][T11716] RIP: 0033:0x7f7d1138d169 [ 604.940336][T11716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.940367][T11716] RSP: 002b:00007f7d1226d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 604.940396][T11716] RAX: ffffffffffffffda RBX: 00007f7d115a6080 RCX: 00007f7d1138d169 [ 604.940417][T11716] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 604.940435][T11716] RBP: 00007f7d1226d090 R08: 0000000000000000 R09: 0000000000000000 [ 604.940461][T11716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 604.940478][T11716] R13: 0000000000000000 R14: 00007f7d115a6080 R15: 00007ffd0746e088 [ 604.940516][T11716] [ 607.890834][T11735] cougar: G6 mapped to space [ 608.554157][T11739] FAULT_INJECTION: forcing a failure. [ 608.554157][T11739] name failslab, interval 1, probability 0, space 0, times 0 [ 608.694047][T11739] CPU: 0 UID: 0 PID: 11739 Comm: syz.2.1396 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 608.694090][T11739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 608.694108][T11739] Call Trace: [ 608.694117][T11739] [ 608.694128][T11739] dump_stack_lvl+0x16c/0x1f0 [ 608.694170][T11739] should_fail_ex+0x50a/0x650 [ 608.694218][T11739] ? fs_reclaim_acquire+0xae/0x150 [ 608.694260][T11739] should_failslab+0xc2/0x120 [ 608.694289][T11739] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 608.694336][T11739] ? __kernfs_new_node+0xd3/0x890 [ 608.694383][T11739] __kernfs_new_node+0xd3/0x890 [ 608.694428][T11739] ? __pfx___kernfs_new_node+0x10/0x10 [ 608.694488][T11739] ? __pfx_lock_release+0x10/0x10 [ 608.694533][T11739] ? kernfs_add_one+0x39d/0x520 [ 608.694594][T11739] ? up_write+0x1b2/0x520 [ 608.694649][T11739] kernfs_new_node+0x186/0x240 [ 608.694704][T11739] __kernfs_create_file+0x53/0x350 [ 608.694744][T11739] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 608.694795][T11739] internal_create_group+0x56c/0xf10 [ 608.694851][T11739] ? __pfx_internal_create_group+0x10/0x10 [ 608.694902][T11739] ? kernfs_create_link+0x1bd/0x240 [ 608.694950][T11739] internal_create_groups+0x9d/0x150 [ 608.694998][T11739] device_add+0x781/0x1a70 [ 608.695048][T11739] ? __pfx_device_add+0x10/0x10 [ 608.695096][T11739] ? __init_waitqueue_head+0xca/0x150 [ 608.695141][T11739] netdev_register_kobject+0x183/0x3a0 [ 608.695195][T11739] register_netdevice+0x147b/0x1eb0 [ 608.695252][T11739] ? idr_alloc+0xde/0x130 [ 608.695287][T11739] ? __pfx_register_netdevice+0x10/0x10 [ 608.695349][T11739] ppp_dev_configure+0x99e/0xc80 [ 608.695396][T11739] ppp_ioctl+0x17eb/0x2590 [ 608.695431][T11739] ? __pfx_lock_release+0x10/0x10 [ 608.695475][T11739] ? trace_lock_acquire+0x14e/0x1f0 [ 608.695511][T11739] ? __pfx_ppp_ioctl+0x10/0x10 [ 608.695557][T11739] ? __fget_files+0x206/0x3a0 [ 608.695609][T11739] ? __pfx_ppp_ioctl+0x10/0x10 [ 608.695658][T11739] __x64_sys_ioctl+0x190/0x200 [ 608.695697][T11739] do_syscall_64+0xcd/0x250 [ 608.695738][T11739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.695798][T11739] RIP: 0033:0x7f0186f8d169 [ 608.695822][T11739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.695852][T11739] RSP: 002b:00007f0187e58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 608.695881][T11739] RAX: ffffffffffffffda RBX: 00007f01871a6080 RCX: 00007f0186f8d169 [ 608.695902][T11739] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000009 [ 608.695921][T11739] RBP: 00007f018700e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 608.695945][T11739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.695964][T11739] R13: 0000000000000000 R14: 00007f01871a6080 R15: 00007ffe9977ef18 [ 608.696005][T11739] [ 613.202445][T11767] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 613.305299][T11768] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 613.314324][T11765] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 613.344713][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 613.351090][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 613.422334][T11768] File: /dev/ram2 PID: 11768 Comm: syz.3.1401 [ 613.522001][T11767] File: /dev/ram2 PID: 11767 Comm: syz.3.1401 [ 613.572524][T11765] File: /dev/ram2 PID: 11765 Comm: syz.3.1401 [ 615.115510][T11795] cougar: G6 mapped to space [ 616.092804][T11801] cougar: G6 mapped to space [ 619.370980][T11822] [U]  [ 619.373870][T11822] [U] [ 619.376631][T11822] [U] [ 619.379439][T11822] [U] [ 619.396639][T11822] [U] [ 619.399439][T11822] [U] [ 619.402197][T11822] [U] [ 619.404952][T11822] [U] [ 619.507409][T11822] [U] [ 619.510211][T11822] [U] [ 619.512972][T11822] [U] [ 619.515730][T11822] [U] [ 619.633465][T11822] [U] [ 619.636286][T11822] [U] [ 619.639038][T11822] [U] [ 619.641801][T11822] [U] [ 619.695471][T11822] [U] [ 619.698291][T11822] [U] [ 619.701063][T11822] [U] [ 619.703823][T11822] [U] [ 619.707512][T11822] [U] [ 619.710307][T11822] [U] [ 619.713090][T11822] [U] [ 619.715852][T11822] [U] [ 619.720165][T11822] [U] [ 619.722950][T11822] [U] [ 619.725725][T11822] [U] [ 619.728484][T11822] [U] [ 619.829847][T11822] [U] [ 619.832669][T11822] [U] [ 619.835425][T11822] [U] [ 619.838195][T11822] [U] [ 620.002716][T11822] [U] [ 620.831401][T11842] cougar: G6 mapped to space [ 623.097447][T11853] FAULT_INJECTION: forcing a failure. [ 623.097447][T11853] name failslab, interval 1, probability 0, space 0, times 0 [ 623.300505][T11853] CPU: 1 UID: 0 PID: 11853 Comm: syz.2.1420 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 623.300554][T11853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 623.300572][T11853] Call Trace: [ 623.300579][T11853] [ 623.300589][T11853] dump_stack_lvl+0x16c/0x1f0 [ 623.300631][T11853] should_fail_ex+0x50a/0x650 [ 623.300680][T11853] ? fs_reclaim_acquire+0xae/0x150 [ 623.300716][T11853] should_failslab+0xc2/0x120 [ 623.300742][T11853] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 623.300783][T11853] ? alloc_empty_file+0x73/0x1e0 [ 623.300813][T11853] alloc_empty_file+0x73/0x1e0 [ 623.300842][T11853] alloc_file_pseudo+0x13b/0x230 [ 623.300871][T11853] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 623.300899][T11853] ? alloc_fd+0x41f/0x760 [ 623.300942][T11853] sock_alloc_file+0x50/0x210 [ 623.300985][T11853] __sys_socket+0x1c2/0x260 [ 623.301014][T11853] ? __pfx___sys_socket+0x10/0x10 [ 623.301044][T11853] ? rcu_is_watching+0x12/0xc0 [ 623.301078][T11853] __x64_sys_socket+0x72/0xb0 [ 623.301106][T11853] ? lockdep_hardirqs_on+0x7c/0x110 [ 623.301138][T11853] do_syscall_64+0xcd/0x250 [ 623.301173][T11853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.301210][T11853] RIP: 0033:0x7f0186f8d169 [ 623.301230][T11853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 623.301255][T11853] RSP: 002b:00007f0187e58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 623.301283][T11853] RAX: ffffffffffffffda RBX: 00007f01871a6080 RCX: 00007f0186f8d169 [ 623.301300][T11853] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b [ 623.301316][T11853] RBP: 00007f018700e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 623.301332][T11853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 623.301348][T11853] R13: 0000000000000000 R14: 00007f01871a6080 R15: 00007ffe9977ef18 [ 623.301378][T11853] [ 623.497443][ C1] vkms_vblank_simulate: vblank timer overrun [ 623.505460][ C1] hrtimer: interrupt took 198564647 ns [ 623.605732][ C1] vkms_vblank_simulate: vblank timer overrun [ 625.346403][T11870] [U]  [ 625.349284][T11870] [U] [ 625.352043][T11870] [U] [ 625.354773][T11870] [U] [ 625.448685][T11870] [U] [ 625.451497][T11870] [U] [ 625.454254][T11870] [U] [ 625.457014][T11870] [U] [ 625.529392][T11870] [U] [ 625.532292][T11870] [U] [ 625.535049][T11870] [U] [ 625.537808][T11870] [U] [ 625.641646][T11870] [U] [ 629.148178][T11898] cougar: G6 mapped to space [ 630.143225][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 630.149710][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.146071][T11920] [U]  [ 631.148979][T11920] [U] [ 631.151752][T11920] [U] [ 631.154494][T11920] [U] [ 631.211200][T11920] [U] [ 631.214006][T11920] [U] [ 631.216781][T11920] [U] [ 631.219553][T11920] [U] [ 631.321546][T11920] [U] [ 631.324373][T11920] [U] [ 631.327129][T11920] [U] [ 631.329890][T11920] [U] [ 631.486003][T11920] [U] [ 631.509953][T11929] cougar: G6 mapped to space [ 632.122596][T11933] FAULT_INJECTION: forcing a failure. [ 632.122596][T11933] name failslab, interval 1, probability 0, space 0, times 0 [ 632.173616][T11933] CPU: 1 UID: 0 PID: 11933 Comm: syz.1.1440 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 632.173674][T11933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 632.173692][T11933] Call Trace: [ 632.173701][T11933] [ 632.173714][T11933] dump_stack_lvl+0x16c/0x1f0 [ 632.173762][T11933] should_fail_ex+0x50a/0x650 [ 632.173814][T11933] ? fs_reclaim_acquire+0xae/0x150 [ 632.173857][T11933] should_failslab+0xc2/0x120 [ 632.173886][T11933] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 632.173937][T11933] ? alloc_empty_file+0x73/0x1e0 [ 632.173976][T11933] alloc_empty_file+0x73/0x1e0 [ 632.174039][T11933] path_openat+0xe1/0x2d80 [ 632.174084][T11933] ? hlock_class+0x4e/0x130 [ 632.174230][T11933] ? __lock_acquire+0x15a9/0x3c40 [ 632.174300][T11933] ? __pfx_path_openat+0x10/0x10 [ 632.174350][T11933] ? __pfx___lock_acquire+0x10/0x10 [ 632.174394][T11933] ? lock_acquire.part.0+0x11b/0x380 [ 632.174441][T11933] ? find_held_lock+0x2d/0x110 [ 632.174482][T11933] do_filp_open+0x20c/0x470 [ 632.174531][T11933] ? __pfx_do_filp_open+0x10/0x10 [ 632.174578][T11933] ? find_held_lock+0x2d/0x110 [ 632.174639][T11933] ? alloc_fd+0x41f/0x760 [ 632.174697][T11933] do_sys_openat2+0x17a/0x1e0 [ 632.174733][T11933] ? __pfx_do_sys_openat2+0x10/0x10 [ 632.174782][T11933] __x64_sys_openat+0x175/0x210 [ 632.174819][T11933] ? __pfx___x64_sys_openat+0x10/0x10 [ 632.174868][T11933] do_syscall_64+0xcd/0x250 [ 632.174915][T11933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.174961][T11933] RIP: 0033:0x7ff50f58d169 [ 632.174987][T11933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 632.175019][T11933] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 632.175050][T11933] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 632.175070][T11933] RDX: 0000000000048041 RSI: 00004000000000c0 RDI: ffffffffffffff9c [ 632.175176][T11933] RBP: 00007ff50f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 632.175202][T11933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 632.175222][T11933] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 632.175263][T11933] [ 632.401138][ C1] vkms_vblank_simulate: vblank timer overrun [ 632.918919][T11943] [U]  [ 632.921818][T11943] [U] [ 632.924578][T11943] [U] [ 632.927345][T11943] [U] [ 632.984728][T11943] [U] [ 632.987543][T11943] [U] [ 632.990308][T11943] [U] [ 632.993069][T11943] [U] [ 633.025385][T11943] [U] [ 633.028194][T11943] [U] [ 633.030969][T11943] [U] [ 633.033733][T11943] [U] [ 633.132202][T11943] [U] [ 633.135011][T11943] [U] [ 633.137778][T11943] [U] [ 633.140534][T11943] [U] [ 633.183227][T11943] [U] [ 633.186033][T11943] [U] [ 633.188799][T11943] [U] [ 633.191549][T11943] [U] [ 633.227590][T11943] [U] [ 633.230402][T11943] [U] [ 633.233173][T11943] [U] [ 633.235935][T11943] [U] [ 633.291970][T11943] [U] [ 635.207450][T11980] FAULT_INJECTION: forcing a failure. [ 635.207450][T11980] name failslab, interval 1, probability 0, space 0, times 0 [ 635.221867][ T29] audit: type=1804 audit(6035556807.776:7): pid=11980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1452" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=1259 res=1 errno=0 [ 635.255219][T11980] CPU: 1 UID: 0 PID: 11980 Comm: syz.0.1452 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 635.255263][T11980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 635.255283][T11980] Call Trace: [ 635.255293][T11980] [ 635.255305][T11980] dump_stack_lvl+0x16c/0x1f0 [ 635.255352][T11980] should_fail_ex+0x50a/0x650 [ 635.255403][T11980] ? fs_reclaim_acquire+0xae/0x150 [ 635.255449][T11980] should_failslab+0xc2/0x120 [ 635.255479][T11980] kmem_cache_alloc_lru_noprof+0x73/0x3d0 [ 635.255532][T11980] ? __d_alloc+0x31/0xaa0 [ 635.255566][T11980] __d_alloc+0x31/0xaa0 [ 635.255600][T11980] d_alloc_pseudo+0x1c/0xc0 [ 635.255638][T11980] alloc_file_pseudo+0xd0/0x230 [ 635.255675][T11980] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 635.255711][T11980] ? shmem_get_inode+0x73a/0xf00 [ 635.255768][T11980] __shmem_file_setup+0x210/0x300 [ 635.255806][T11980] shmem_zero_setup+0x93/0x1b0 [ 635.255847][T11980] __mmap_region+0x2021/0x2760 [ 635.255891][T11980] ? __pfx___mmap_region+0x10/0x10 [ 635.255920][T11980] ? finish_task_switch.isra.0+0x217/0xcc0 [ 635.255969][T11980] ? __switch_to+0x749/0x1190 [ 635.256010][T11980] ? hlock_class+0x4e/0x130 [ 635.256048][T11980] ? mark_lock+0xb5/0xc60 [ 635.256107][T11980] ? __pfx___schedule+0x10/0x10 [ 635.256190][T11980] ? cap_capable+0xb3/0x250 [ 635.256230][T11980] mmap_region+0x1ab/0x3f0 [ 635.256268][T11980] do_mmap+0xd8d/0x11b0 [ 635.256317][T11980] ? __pfx_do_mmap+0x10/0x10 [ 635.256359][T11980] ? __pfx_down_write_killable+0x10/0x10 [ 635.256415][T11980] vm_mmap_pgoff+0x203/0x3a0 [ 635.256468][T11980] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 635.256519][T11980] ? __x64_sys_futex+0x1e1/0x4c0 [ 635.256557][T11980] ? __x64_sys_futex+0x1ea/0x4c0 [ 635.256621][T11980] ksys_mmap_pgoff+0x7d/0x5c0 [ 635.256662][T11980] ? rcu_is_watching+0x12/0xc0 [ 635.256701][T11980] __x64_sys_mmap+0x125/0x190 [ 635.256754][T11980] do_syscall_64+0xcd/0x250 [ 635.256799][T11980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.256845][T11980] RIP: 0033:0x7f2e6cb8d169 [ 635.256877][T11980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 635.256908][T11980] RSP: 002b:00007f2e6d9cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 635.256938][T11980] RAX: ffffffffffffffda RBX: 00007f2e6cda5fa0 RCX: 00007f2e6cb8d169 [ 635.256959][T11980] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 635.256978][T11980] RBP: 00007f2e6cc0e2a0 R08: fffffffffffffffa R09: 0000000000008000 [ 635.256998][T11980] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 635.257016][T11980] R13: 0000000000000000 R14: 00007f2e6cda5fa0 R15: 00007ffc75bf2eb8 [ 635.257054][T11980] [ 635.529457][ C1] vkms_vblank_simulate: vblank timer overrun [ 637.239409][T12010] FAULT_INJECTION: forcing a failure. [ 637.239409][T12010] name failslab, interval 1, probability 0, space 0, times 0 [ 637.297303][T12010] CPU: 1 UID: 0 PID: 12010 Comm: syz.3.1459 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 637.297347][T12010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 637.297364][T12010] Call Trace: [ 637.297373][T12010] [ 637.297385][T12010] dump_stack_lvl+0x16c/0x1f0 [ 637.297429][T12010] should_fail_ex+0x50a/0x650 [ 637.297478][T12010] ? fs_reclaim_acquire+0xae/0x150 [ 637.297521][T12010] ? constrain_params_by_rules+0x176/0xca0 [ 637.297555][T12010] should_failslab+0xc2/0x120 [ 637.297585][T12010] __kmalloc_noprof+0xcb/0x510 [ 637.297631][T12010] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 637.297675][T12010] constrain_params_by_rules+0x176/0xca0 [ 637.297724][T12010] ? arch_stack_walk+0xa7/0x100 [ 637.297765][T12010] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 637.297804][T12010] ? stack_trace_save+0x95/0xd0 [ 637.297842][T12010] ? __pfx_stack_trace_save+0x10/0x10 [ 637.297892][T12010] ? snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 637.297928][T12010] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 637.297961][T12010] ? snd_pcm_oss_write+0x4a3/0xa00 [ 637.297994][T12010] ? vfs_write+0x24c/0x1150 [ 637.298034][T12010] ? ksys_write+0x12b/0x250 [ 637.298073][T12010] ? do_syscall_64+0xcd/0x250 [ 637.298111][T12010] ? snd_interval_refine+0x2fa/0x580 [ 637.298162][T12010] snd_pcm_hw_refine+0x7e8/0xad0 [ 637.298205][T12010] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 637.298267][T12010] snd_pcm_hw_param_last+0x32d/0x710 [ 637.298312][T12010] snd_pcm_hw_param_near.constprop.0+0x57d/0x8f0 [ 637.298354][T12010] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 637.298394][T12010] ? calc_src_frames.isra.0+0x187/0x1d0 [ 637.298428][T12010] ? calc_dst_frames.constprop.0.isra.0+0x103/0x130 [ 637.298474][T12010] snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 637.298528][T12010] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 637.298595][T12010] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 637.298635][T12010] snd_pcm_oss_write+0x4a3/0xa00 [ 637.298672][T12010] ? bpf_lsm_file_permission+0x9/0x10 [ 637.298736][T12010] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 637.298771][T12010] vfs_write+0x24c/0x1150 [ 637.298815][T12010] ? __fget_files+0x1fc/0x3a0 [ 637.298861][T12010] ? __pfx_lock_release+0x10/0x10 [ 637.298906][T12010] ? __pfx_vfs_write+0x10/0x10 [ 637.298949][T12010] ? lock_acquire+0x2f/0xb0 [ 637.298990][T12010] ? __fget_files+0x40/0x3a0 [ 637.299038][T12010] ? __fget_files+0x206/0x3a0 [ 637.299094][T12010] ksys_write+0x12b/0x250 [ 637.299136][T12010] ? __pfx_ksys_write+0x10/0x10 [ 637.299191][T12010] do_syscall_64+0xcd/0x250 [ 637.299232][T12010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.299274][T12010] RIP: 0033:0x7f7d1138d169 [ 637.299295][T12010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.299324][T12010] RSP: 002b:00007f7d1226d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 637.299352][T12010] RAX: ffffffffffffffda RBX: 00007f7d115a6080 RCX: 00007f7d1138d169 [ 637.299372][T12010] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 637.299390][T12010] RBP: 00007f7d1226d090 R08: 0000000000000000 R09: 0000000000000000 [ 637.299408][T12010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 637.299425][T12010] R13: 0000000000000000 R14: 00007f7d115a6080 R15: 00007ffd0746e088 [ 637.299462][T12010] [ 637.633975][ C1] vkms_vblank_simulate: vblank timer overrun [ 639.268144][T12028] FAULT_INJECTION: forcing a failure. [ 639.268144][T12028] name failslab, interval 1, probability 0, space 0, times 0 [ 639.330945][T12028] CPU: 1 UID: 0 PID: 12028 Comm: syz.1.1463 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 639.330993][T12028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 639.331013][T12028] Call Trace: [ 639.331023][T12028] [ 639.331036][T12028] dump_stack_lvl+0x16c/0x1f0 [ 639.331084][T12028] should_fail_ex+0x50a/0x650 [ 639.331135][T12028] ? fs_reclaim_acquire+0xae/0x150 [ 639.331180][T12028] should_failslab+0xc2/0x120 [ 639.331209][T12028] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 639.331268][T12028] ? alloc_empty_file+0x73/0x1e0 [ 639.331309][T12028] alloc_empty_file+0x73/0x1e0 [ 639.331344][T12028] alloc_file_pseudo+0x13b/0x230 [ 639.331381][T12028] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 639.331416][T12028] ? alloc_fd+0x41f/0x760 [ 639.331467][T12028] sock_alloc_file+0x50/0x210 [ 639.331521][T12028] __sys_socket+0x1c2/0x260 [ 639.331557][T12028] ? __pfx___sys_socket+0x10/0x10 [ 639.331594][T12028] ? rcu_is_watching+0x12/0xc0 [ 639.331635][T12028] __x64_sys_socket+0x72/0xb0 [ 639.331671][T12028] ? lockdep_hardirqs_on+0x7c/0x110 [ 639.331710][T12028] do_syscall_64+0xcd/0x250 [ 639.331754][T12028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.331798][T12028] RIP: 0033:0x7ff50f58d169 [ 639.331823][T12028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.331854][T12028] RSP: 002b:00007ff50d3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 639.331884][T12028] RAX: ffffffffffffffda RBX: 00007ff50f7a6080 RCX: 00007ff50f58d169 [ 639.331905][T12028] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b [ 639.331924][T12028] RBP: 00007ff50f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 639.331943][T12028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.331961][T12028] R13: 0000000000000000 R14: 00007ff50f7a6080 R15: 00007fff65d3d6d8 [ 639.332000][T12028] [ 639.525414][ C1] vkms_vblank_simulate: vblank timer overrun [ 639.975103][T12036] cougar: G6 mapped to space [ 643.026780][ T54] Bluetooth: hci1: unexpected event 0x03 length: 725 > 11 [ 645.019110][T12079] cougar: G6 mapped to space [ 645.158250][T12082] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1478'. [ 645.219625][T12082] FAULT_INJECTION: forcing a failure. [ 645.219625][T12082] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 645.340187][T12080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1476'. [ 645.358202][T12082] CPU: 1 UID: 0 PID: 12082 Comm: syz.0.1478 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 645.358245][T12082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 645.358263][T12082] Call Trace: [ 645.358272][T12082] [ 645.358283][T12082] dump_stack_lvl+0x16c/0x1f0 [ 645.358328][T12082] should_fail_ex+0x50a/0x650 [ 645.358383][T12082] _copy_from_user+0x2e/0xd0 [ 645.358417][T12082] move_addr_to_kernel+0x68/0x160 [ 645.358455][T12082] __copy_msghdr+0x386/0x470 [ 645.358501][T12082] copy_msghdr_from_user+0xc2/0x160 [ 645.358547][T12082] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 645.358597][T12082] ? hlock_class+0x4e/0x130 [ 645.358630][T12082] ? __lock_acquire+0x15a9/0x3c40 [ 645.358682][T12082] ___sys_sendmsg+0xff/0x1e0 [ 645.358738][T12082] ? __pfx____sys_sendmsg+0x10/0x10 [ 645.358781][T12082] ? __pfx___lock_acquire+0x10/0x10 [ 645.358858][T12082] ? __pfx___might_resched+0x10/0x10 [ 645.358906][T12082] ? __might_fault+0xe3/0x190 [ 645.358943][T12082] __sys_sendmmsg+0x201/0x420 [ 645.358992][T12082] ? __pfx___sys_sendmmsg+0x10/0x10 [ 645.359048][T12082] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 645.359107][T12082] ? fput+0x67/0x440 [ 645.359139][T12082] ? ksys_write+0x1ba/0x250 [ 645.359181][T12082] ? __pfx_ksys_write+0x10/0x10 [ 645.359231][T12082] __x64_sys_sendmmsg+0x9c/0x100 [ 645.359276][T12082] ? lockdep_hardirqs_on+0x7c/0x110 [ 645.359313][T12082] do_syscall_64+0xcd/0x250 [ 645.359356][T12082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.359399][T12082] RIP: 0033:0x7f2e6cb8d169 [ 645.359423][T12082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 645.359452][T12082] RSP: 002b:00007f2e6d9cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 645.359481][T12082] RAX: ffffffffffffffda RBX: 00007f2e6cda5fa0 RCX: 00007f2e6cb8d169 [ 645.359502][T12082] RDX: 0000000000000007 RSI: 0000400000000200 RDI: 0000000000000004 [ 645.359520][T12082] RBP: 00007f2e6d9cf090 R08: 0000000000000000 R09: 0000000000000000 [ 645.359537][T12082] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 645.359553][T12082] R13: 0000000000000000 R14: 00007f2e6cda5fa0 R15: 00007ffc75bf2eb8 [ 645.359589][T12082] [ 645.411699][T12078] HfR: entered promiscuous mode [ 645.613546][T12085] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 645.639878][T12080] HfR: left promiscuous mode [ 645.930940][T12091] cougar: G6 mapped to space [ 647.341391][T12103] cougar: G6 mapped to space [ 648.572435][T12108] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1484'. [ 649.959720][ T54] Bluetooth: hci2: unexpected event 0x03 length: 725 > 11 [ 651.533898][T12147] cougar: G6 mapped to space [ 652.221785][T12150] HfR: entered promiscuous mode [ 652.256549][T12150] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1493'. [ 652.287273][T12150] HfR: left promiscuous mode [ 652.343164][T12150] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 652.422631][T12152] [U]  [ 652.425536][T12152] [U] [ 652.428307][T12152] [U] [ 652.431070][T12152] [U] [ 652.461789][T12152] [U] [ 652.464605][T12152] [U] [ 652.467377][T12152] [U] [ 652.470140][T12152] [U] [ 652.528668][T12152] [U] [ 652.531466][T12152] [U] [ 652.534233][T12152] [U] [ 652.537001][T12152] [U] [ 652.575977][T12152] [U] [ 654.294699][ T54] Bluetooth: hci0: unexpected event 0x03 length: 725 > 11 [ 655.479855][T12187] FAULT_INJECTION: forcing a failure. [ 655.479855][T12187] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 655.644057][T12187] CPU: 1 UID: 0 PID: 12187 Comm: syz.2.1501 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 655.644103][T12187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 655.644122][T12187] Call Trace: [ 655.644131][T12187] [ 655.644142][T12187] dump_stack_lvl+0x16c/0x1f0 [ 655.644188][T12187] should_fail_ex+0x50a/0x650 [ 655.644243][T12187] _copy_from_user+0x2e/0xd0 [ 655.644277][T12187] copy_msghdr_from_user+0x99/0x160 [ 655.644325][T12187] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 655.644369][T12187] ? __lock_acquire+0xcc5/0x3c40 [ 655.644430][T12187] ___sys_sendmsg+0xff/0x1e0 [ 655.644476][T12187] ? __pfx____sys_sendmsg+0x10/0x10 [ 655.644537][T12187] ? trace_lock_acquire+0x14e/0x1f0 [ 655.644598][T12187] __sys_sendmmsg+0x201/0x420 [ 655.644648][T12187] ? __pfx___sys_sendmmsg+0x10/0x10 [ 655.644705][T12187] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 655.644772][T12187] ? fput+0x67/0x440 [ 655.644802][T12187] ? ksys_write+0x1ba/0x250 [ 655.644849][T12187] ? __pfx_ksys_write+0x10/0x10 [ 655.644897][T12187] __x64_sys_sendmmsg+0x9c/0x100 [ 655.644941][T12187] ? lockdep_hardirqs_on+0x7c/0x110 [ 655.644976][T12187] do_syscall_64+0xcd/0x250 [ 655.645018][T12187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.645061][T12187] RIP: 0033:0x7f0186f8d169 [ 655.645084][T12187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.645112][T12187] RSP: 002b:00007f0187e37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 655.645140][T12187] RAX: ffffffffffffffda RBX: 00007f01871a6160 RCX: 00007f0186f8d169 [ 655.645158][T12187] RDX: 0000000000000003 RSI: 0000400000000080 RDI: 0000000000000003 [ 655.645187][T12187] RBP: 00007f0187e37090 R08: 0000000000000000 R09: 0000000000000000 [ 655.645203][T12187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 655.645220][T12187] R13: 0000000000000001 R14: 00007f01871a6160 R15: 00007ffe9977ef18 [ 655.645253][T12187] [ 656.420572][T12196] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 656.464066][T12196] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 657.623874][T12209] HfR: entered promiscuous mode [ 657.706564][T12209] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1508'. [ 657.746479][T12209] HfR: left promiscuous mode [ 657.764791][T12211] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 659.344049][T12229] [U]  [ 659.346945][T12229] [U] [ 659.349689][T12229] [U] [ 659.352438][T12229] [U] [ 659.355779][T12229] [U] [ 659.358539][T12229] [U] [ 659.361285][T12229] [U] [ 659.364034][T12229] [U] [ 659.435525][T12229] [U] [ 659.438334][T12229] [U] [ 659.441092][T12229] [U] [ 659.443851][T12229] [U] [ 659.580069][T12229] [U] [ 659.582869][T12229] [U] [ 659.585714][T12229] [U] [ 659.588481][T12229] [U] [ 659.648746][T12235] cougar: G6 mapped to space [ 659.665956][T12230] [U] [ 660.588318][T12241] cougar: G6 mapped to F18 [ 661.222619][T12253] FAULT_INJECTION: forcing a failure. [ 661.222619][T12253] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 661.336064][T12253] CPU: 0 UID: 0 PID: 12253 Comm: syz.2.1520 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 661.336106][T12253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 661.336124][T12253] Call Trace: [ 661.336132][T12253] [ 661.336143][T12253] dump_stack_lvl+0x16c/0x1f0 [ 661.336188][T12253] should_fail_ex+0x50a/0x650 [ 661.336240][T12253] _copy_to_iter+0x2a1/0x1560 [ 661.336275][T12253] ? chacha_block_generic+0x18a/0x270 [ 661.336324][T12253] ? __pfx__copy_to_iter+0x10/0x10 [ 661.336362][T12253] ? lockdep_hardirqs_on+0x7c/0x110 [ 661.336399][T12253] ? crng_make_state+0x48e/0x6d0 [ 661.336451][T12253] get_random_bytes_user+0x180/0x3c0 [ 661.336501][T12253] ? __pfx_get_random_bytes_user+0x10/0x10 [ 661.336559][T12253] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 661.336617][T12253] ? import_ubuf+0x1b6/0x220 [ 661.336658][T12253] __x64_sys_getrandom+0x184/0x290 [ 661.336684][T12253] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 661.336727][T12253] do_syscall_64+0xcd/0x250 [ 661.336767][T12253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.336808][T12253] RIP: 0033:0x7f0186f8d169 [ 661.336848][T12253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 661.336880][T12253] RSP: 002b:00007f0187e79038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 661.336907][T12253] RAX: ffffffffffffffda RBX: 00007f01871a5fa0 RCX: 00007f0186f8d169 [ 661.336926][T12253] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 661.336942][T12253] RBP: 00007f0187e79090 R08: 0000000000000000 R09: 0000000000000000 [ 661.336958][T12253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 661.336974][T12253] R13: 0000000000000000 R14: 00007f01871a5fa0 R15: 00007ffe9977ef18 [ 661.337007][T12253] [ 661.727584][T12255] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 661.778879][T12255] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 661.836309][T12256] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 661.843718][T12256] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 662.151581][T12266] FAULT_INJECTION: forcing a failure. [ 662.151581][T12266] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 662.226289][T12266] CPU: 0 UID: 0 PID: 12266 Comm: syz.2.1523 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 662.226331][T12266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 662.226348][T12266] Call Trace: [ 662.226356][T12266] [ 662.226368][T12266] dump_stack_lvl+0x16c/0x1f0 [ 662.226412][T12266] should_fail_ex+0x50a/0x650 [ 662.226467][T12266] _copy_to_user+0x32/0xd0 [ 662.226503][T12266] simple_read_from_buffer+0xd0/0x160 [ 662.226546][T12266] proc_fail_nth_read+0x198/0x270 [ 662.226591][T12266] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 662.226629][T12266] ? rw_verify_area+0xcf/0x680 [ 662.226691][T12266] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 662.226729][T12266] vfs_read+0x1df/0xbf0 [ 662.226770][T12266] ? __fget_files+0x1fc/0x3a0 [ 662.226815][T12266] ? __pfx___mutex_lock+0x10/0x10 [ 662.226859][T12266] ? __pfx_vfs_read+0x10/0x10 [ 662.226910][T12266] ? __fget_files+0x206/0x3a0 [ 662.226990][T12266] ksys_read+0x12b/0x250 [ 662.227045][T12266] ? __pfx_ksys_read+0x10/0x10 [ 662.227101][T12266] do_syscall_64+0xcd/0x250 [ 662.227152][T12266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.227220][T12266] RIP: 0033:0x7f0186f8bb7c [ 662.227244][T12266] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 662.227275][T12266] RSP: 002b:00007f0187e79030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 662.227304][T12266] RAX: ffffffffffffffda RBX: 00007f01871a5fa0 RCX: 00007f0186f8bb7c [ 662.227325][T12266] RDX: 000000000000000f RSI: 00007f0187e790a0 RDI: 0000000000000006 [ 662.227350][T12266] RBP: 00007f0187e79090 R08: 0000000000000000 R09: 0000000000000000 [ 662.227370][T12266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 662.227388][T12266] R13: 0000000000000000 R14: 00007f01871a5fa0 R15: 00007ffe9977ef18 [ 662.227427][T12266] [ 662.555909][T12268] [U]  [ 662.558807][T12268] [U] [ 662.561575][T12268] [U] [ 662.564369][T12268] [U] [ 662.621132][T12268] [U] [ 662.623945][T12268] [U] [ 662.626709][T12268] [U] [ 662.629525][T12268] [U] [ 662.673779][T12268] [U] [ 662.676568][T12268] [U] [ 662.679341][T12268] [U] [ 662.682105][T12268] [U] [ 662.685365][T12268] [U] [ 662.688133][T12268] [U] [ 662.690884][T12268] [U] [ 662.693649][T12268] [U] [ 662.730633][T12268] [U] [ 663.167967][T12279] cougar: G6 mapped to space [ 663.721597][T12281] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 663.786786][T12281] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 666.731763][T12325] cougar: G6 mapped to space [ 669.779163][T12354] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 669.844217][T12354] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 669.910351][T12357] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 669.955581][T12357] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 672.863914][T12376] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1549'. [ 672.934417][T12384] [U]  [ 672.937323][T12384] [U] [ 672.940177][T12384] [U] [ 672.942937][T12384] [U] [ 673.003471][T12384] [U] [ 673.006283][T12384] [U] [ 673.009031][T12384] [U] [ 673.011770][T12384] [U] [ 673.022275][T12384] [U] [ 673.025071][T12384] [U] [ 673.027829][T12384] [U] [ 673.030603][T12384] [U] [ 673.033936][T12384] [U] [ 673.036716][T12384] [U] [ 673.039472][T12384] [U] [ 673.042230][T12384] [U] [ 673.045572][T12384] [U] [ 673.048348][T12384] [U] [ 673.051105][T12384] [U] [ 673.053860][T12384] [U] [ 673.060656][T12384] [U] [ 673.063450][T12384] [U] [ 673.066205][T12384] [U] [ 673.068961][T12384] [U] [ 673.081238][T12384] [U] [ 673.084128][T12384] [U] [ 673.086895][T12384] [U] [ 673.089639][T12384] [U] [ 673.094488][T12384] [U] [ 673.097282][T12384] [U] [ 673.100039][T12384] [U] [ 673.102804][T12384] [U] [ 673.106709][T12384] [U] [ 673.109481][T12384] [U] [ 673.112213][T12384] [U] [ 673.114937][T12384] [U] [ 673.199327][T12384] [U] [ 674.113636][T12402] cougar: G6 mapped to space [ 677.074369][T12423] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1562'. [ 678.244948][T12433] FAULT_INJECTION: forcing a failure. [ 678.244948][T12433] name failslab, interval 1, probability 0, space 0, times 0 [ 678.284477][T12433] CPU: 1 UID: 0 PID: 12433 Comm: syz.0.1567 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 678.284518][T12433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 678.284534][T12433] Call Trace: [ 678.284542][T12433] [ 678.284552][T12433] dump_stack_lvl+0x16c/0x1f0 [ 678.284591][T12433] should_fail_ex+0x50a/0x650 [ 678.284635][T12433] ? fs_reclaim_acquire+0xae/0x150 [ 678.284671][T12433] ? tomoyo_realpath_from_path+0xb9/0x720 [ 678.284706][T12433] should_failslab+0xc2/0x120 [ 678.284730][T12433] __kmalloc_noprof+0xcb/0x510 [ 678.284768][T12433] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 678.284806][T12433] ? rcu_is_watching+0x12/0xc0 [ 678.284836][T12433] tomoyo_realpath_from_path+0xb9/0x720 [ 678.284883][T12433] tomoyo_check_open_permission+0x2ad/0x3c0 [ 678.284915][T12433] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 678.284978][T12433] ? __pfx_hook_file_open+0x10/0x10 [ 678.285009][T12433] ? lock_acquire+0x2f/0xb0 [ 678.285040][T12433] ? mnt_get_write_access+0x6a/0x300 [ 678.285072][T12433] tomoyo_file_open+0x6b/0x90 [ 678.285120][T12433] security_file_open+0x84/0x1e0 [ 678.285155][T12433] do_dentry_open+0x57c/0x1c40 [ 678.285195][T12433] ? inode_permission+0xdd/0x5f0 [ 678.285226][T12433] vfs_open+0x82/0x3f0 [ 678.285249][T12433] ? may_open+0x1f2/0x400 [ 678.285298][T12433] path_openat+0x1e88/0x2d80 [ 678.285350][T12433] ? __pfx_path_openat+0x10/0x10 [ 678.285387][T12433] ? __pfx___lock_acquire+0x10/0x10 [ 678.285421][T12433] ? lock_acquire.part.0+0x11b/0x380 [ 678.285457][T12433] ? find_held_lock+0x2d/0x110 [ 678.285489][T12433] do_filp_open+0x20c/0x470 [ 678.285527][T12433] ? __pfx_do_filp_open+0x10/0x10 [ 678.285563][T12433] ? find_held_lock+0x2d/0x110 [ 678.285625][T12433] ? alloc_fd+0x41f/0x760 [ 678.285669][T12433] do_sys_openat2+0x17a/0x1e0 [ 678.285696][T12433] ? __pfx_do_sys_openat2+0x10/0x10 [ 678.285726][T12433] ? __fget_files+0x206/0x3a0 [ 678.285768][T12433] __x64_sys_openat+0x175/0x210 [ 678.285795][T12433] ? __pfx___x64_sys_openat+0x10/0x10 [ 678.285821][T12433] ? ksys_write+0x1ba/0x250 [ 678.285867][T12433] do_syscall_64+0xcd/0x250 [ 678.285903][T12433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.285938][T12433] RIP: 0033:0x7f2e6cb8d169 [ 678.285958][T12433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 678.285983][T12433] RSP: 002b:00007f2e6d9cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 678.286007][T12433] RAX: ffffffffffffffda RBX: 00007f2e6cda5fa0 RCX: 00007f2e6cb8d169 [ 678.286024][T12433] RDX: 0000000000020201 RSI: 0000400000000100 RDI: ffffffffffffff9c [ 678.286040][T12433] RBP: 00007f2e6d9cf090 R08: 0000000000000000 R09: 0000000000000000 [ 678.286055][T12433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 678.286070][T12433] R13: 0000000000000000 R14: 00007f2e6cda5fa0 R15: 00007ffc75bf2eb8 [ 678.286102][T12433] [ 678.286163][T12433] ERROR: Out of memory at tomoyo_realpath_from_path. [ 679.205226][T12425] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1564'. [ 681.337623][T12464] vivid-009: ================= START STATUS ================= [ 681.345762][T12464] vivid-009: Enable Output Cropping: true grabbed [ 681.429411][T12464] vivid-009: Enable Output Composing: true grabbed [ 681.456043][T12464] vivid-009: Enable Output Scaler: true grabbed [ 681.477906][T12464] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 681.508345][T12464] vivid-009: Transmit Mode: HDMI grabbed [ 681.536116][T12464] vivid-009: Hotplug Present: 0x00000000 [ 681.557043][T12464] vivid-009: RxSense Present: 0x00000000 [ 681.579047][T12464] vivid-009: EDID Present: 0x00000000 [ 681.597502][T12464] vivid-009: ================== END STATUS ================== [ 681.935503][T12472] [U]  [ 681.938422][T12472] [U] [ 681.941181][T12472] [U] [ 681.943935][T12472] [U] [ 681.978118][T12472] [U] [ 681.980944][T12472] [U] [ 681.983713][T12472] [U] [ 681.986461][T12472] [U] [ 682.028020][T12472] [U] [ 682.030823][T12472] [U] [ 682.033603][T12472] [U] [ 682.036374][T12472] [U] [ 682.164202][T12472] [U] [ 682.167030][T12472] [U] [ 682.169783][T12472] [U] [ 682.172573][T12472] [U] [ 682.237527][T12472] [U] [ 682.240420][T12472] [U] [ 682.243163][T12472] [U] [ 682.246031][T12472] [U] [ 682.296688][T12472] [U] [ 682.299564][T12472] [U] [ 682.302300][T12472] [U] [ 682.305021][T12472] [U] [ 682.308451][T12472] [U] [ 682.311235][T12472] [U] [ 682.313991][T12472] [U] [ 682.316737][T12472] [U] [ 682.345491][T12472] [U] [ 682.757952][T12479] cougar: G6 mapped to space [ 682.777235][T12479] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1574'. [ 684.747779][T12496] FAULT_INJECTION: forcing a failure. [ 684.747779][T12496] name failslab, interval 1, probability 0, space 0, times 0 [ 684.818334][T12496] CPU: 1 UID: 0 PID: 12496 Comm: syz.2.1577 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 684.818378][T12496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 684.818397][T12496] Call Trace: [ 684.818406][T12496] [ 684.818418][T12496] dump_stack_lvl+0x16c/0x1f0 [ 684.818461][T12496] should_fail_ex+0x50a/0x650 [ 684.818511][T12496] ? fs_reclaim_acquire+0xae/0x150 [ 684.818554][T12496] ? sctp_datamsg_from_user+0x8d/0x1320 [ 684.818614][T12496] should_failslab+0xc2/0x120 [ 684.818643][T12496] __kmalloc_cache_noprof+0x68/0x410 [ 684.818698][T12496] sctp_datamsg_from_user+0x8d/0x1320 [ 684.818750][T12496] ? __sk_mem_raise_allocated+0x8a1/0x1710 [ 684.818805][T12496] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 684.818856][T12496] ? __sk_mem_schedule+0xd0/0x100 [ 684.818909][T12496] sctp_sendmsg_to_asoc+0xafd/0x1ad0 [ 684.818949][T12496] ? print_usage_bug.part.0+0x630/0x680 [ 684.819010][T12496] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 684.819053][T12496] ? sctp_sendmsg+0xff0/0x1eb0 [ 684.819105][T12496] ? mark_held_locks+0x9f/0xe0 [ 684.819152][T12496] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 684.819198][T12496] sctp_sendmsg+0xf0a/0x1eb0 [ 684.819259][T12496] ? __pfx_sctp_sendmsg+0x10/0x10 [ 684.819331][T12496] ? __pfx_aa_sk_perm+0x10/0x10 [ 684.819377][T12496] ? __pfx_sctp_sendmsg+0x10/0x10 [ 684.819427][T12496] inet_sendmsg+0x119/0x140 [ 684.819477][T12496] ____sys_sendmsg+0x98c/0xc90 [ 684.819512][T12496] ? copy_msghdr_from_user+0x10b/0x160 [ 684.819557][T12496] ? __pfx_____sys_sendmsg+0x10/0x10 [ 684.819597][T12496] ? __lock_acquire+0xcc5/0x3c40 [ 684.819659][T12496] ___sys_sendmsg+0x135/0x1e0 [ 684.819708][T12496] ? __pfx____sys_sendmsg+0x10/0x10 [ 684.819773][T12496] ? trace_lock_acquire+0x14e/0x1f0 [ 684.819837][T12496] __sys_sendmmsg+0x201/0x420 [ 684.819889][T12496] ? __pfx___sys_sendmmsg+0x10/0x10 [ 684.819950][T12496] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 684.820009][T12496] ? fput+0x67/0x440 [ 684.820040][T12496] ? ksys_write+0x1ba/0x250 [ 684.820084][T12496] ? __pfx_ksys_write+0x10/0x10 [ 684.820133][T12496] __x64_sys_sendmmsg+0x9c/0x100 [ 684.820179][T12496] ? lockdep_hardirqs_on+0x7c/0x110 [ 684.820219][T12496] do_syscall_64+0xcd/0x250 [ 684.820263][T12496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 684.820307][T12496] RIP: 0033:0x7f0186f8d169 [ 684.820331][T12496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 684.820359][T12496] RSP: 002b:00007f0187e37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 684.820389][T12496] RAX: ffffffffffffffda RBX: 00007f01871a6160 RCX: 00007f0186f8d169 [ 684.820410][T12496] RDX: 0000000000000003 RSI: 0000400000000080 RDI: 0000000000000003 [ 684.820428][T12496] RBP: 00007f0187e37090 R08: 0000000000000000 R09: 0000000000000000 [ 684.820446][T12496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 684.820464][T12496] R13: 0000000000000001 R14: 00007f01871a6160 R15: 00007ffe9977ef18 [ 684.820502][T12496] [ 686.932599][T12511] cougar: G6 mapped to space [ 687.002751][T12510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1583'. [ 687.915757][T12517] FAULT_INJECTION: forcing a failure. [ 687.915757][T12517] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 688.009215][T12517] CPU: 1 UID: 0 PID: 12517 Comm: syz.1.1587 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 688.009258][T12517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 688.009277][T12517] Call Trace: [ 688.009286][T12517] [ 688.009298][T12517] dump_stack_lvl+0x16c/0x1f0 [ 688.009344][T12517] should_fail_ex+0x50a/0x650 [ 688.009400][T12517] _copy_to_iter+0x2a1/0x1560 [ 688.009439][T12517] ? chacha_block_generic+0x18a/0x270 [ 688.009491][T12517] ? __pfx__copy_to_iter+0x10/0x10 [ 688.009532][T12517] ? lockdep_hardirqs_on+0x7c/0x110 [ 688.009570][T12517] ? crng_make_state+0x48e/0x6d0 [ 688.009622][T12517] get_random_bytes_user+0x180/0x3c0 [ 688.009675][T12517] ? __pfx_get_random_bytes_user+0x10/0x10 [ 688.009732][T12517] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 688.009785][T12517] ? import_ubuf+0x1b6/0x220 [ 688.009819][T12517] __x64_sys_getrandom+0x184/0x290 [ 688.009848][T12517] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 688.009898][T12517] do_syscall_64+0xcd/0x250 [ 688.009944][T12517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.009989][T12517] RIP: 0033:0x7ff50f58d169 [ 688.010013][T12517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.010044][T12517] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 688.010081][T12517] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 688.010101][T12517] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 688.010119][T12517] RBP: 00007ff50d3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 688.010137][T12517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 688.010155][T12517] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 688.010192][T12517] [ 688.825216][T12522] [U]  [ 688.828120][T12522] [U] [ 688.830891][T12522] [U] [ 688.833673][T12522] [U] [ 688.906408][T12522] [U] [ 688.909223][T12522] [U] [ 688.912003][T12522] [U] [ 688.914761][T12522] [U] [ 688.950300][T12522] [U] [ 688.953100][T12522] [U] [ 688.955868][T12522] [U] [ 688.958615][T12522] [U] [ 689.013032][T12522] [U] [ 689.015827][T12522] [U] [ 689.018585][T12522] [U] [ 689.021348][T12522] [U] [ 689.051236][T12522] [U] [ 689.054040][T12522] [U] [ 689.056793][T12522] [U] [ 689.059551][T12522] [U] [ 689.099949][T12522] [U] [ 689.830372][T12514] syz.2.1585 (12514) used greatest stack depth: 20176 bytes left [ 690.591117][T12542] cougar: G6 mapped to space [ 691.140989][T12546] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1593'. [ 691.620333][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.626750][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.925978][T12551] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1594'. [ 693.783696][T12564] cougar: G6 mapped to space [ 693.840818][T12564] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1596'. [ 694.018592][T12568] [U]  [ 694.021484][T12568] [U] [ 694.024235][T12568] [U] [ 694.026987][T12568] [U] [ 694.072296][T12568] [U] [ 694.075100][T12568] [U] [ 694.077858][T12568] [U] [ 694.080612][T12568] [U] [ 694.204998][T12568] [U] [ 694.207820][T12568] [U] [ 694.210579][T12568] [U] [ 694.213338][T12568] [U] [ 694.296298][T12568] [U] [ 694.706812][T12578] cougar: G6 mapped to space [ 694.760438][T12578] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1602'. [ 695.071523][T12584] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1603'. [ 695.217724][T12584] FAULT_INJECTION: forcing a failure. [ 695.217724][T12584] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 695.400003][T12584] CPU: 0 UID: 0 PID: 12584 Comm: syz.1.1603 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 695.400047][T12584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 695.400065][T12584] Call Trace: [ 695.400073][T12584] [ 695.400085][T12584] dump_stack_lvl+0x16c/0x1f0 [ 695.400128][T12584] should_fail_ex+0x50a/0x650 [ 695.400181][T12584] _copy_from_user+0x2e/0xd0 [ 695.400216][T12584] ____sys_sendmsg+0x8d2/0xc90 [ 695.400253][T12584] ? __pfx_____sys_sendmsg+0x10/0x10 [ 695.400284][T12584] ? __lock_acquire+0xcc5/0x3c40 [ 695.400330][T12584] ? hlock_class+0x4e/0x130 [ 695.400362][T12584] ? __lock_acquire+0x15a9/0x3c40 [ 695.400413][T12584] ___sys_sendmsg+0x135/0x1e0 [ 695.400466][T12584] ? __pfx____sys_sendmsg+0x10/0x10 [ 695.400509][T12584] ? __pfx___lock_acquire+0x10/0x10 [ 695.400587][T12584] ? __pfx___might_resched+0x10/0x10 [ 695.400667][T12584] ? __might_fault+0xe3/0x190 [ 695.400713][T12584] __sys_sendmmsg+0x201/0x420 [ 695.400763][T12584] ? __pfx___sys_sendmmsg+0x10/0x10 [ 695.400822][T12584] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 695.400878][T12584] ? fput+0x67/0x440 [ 695.400907][T12584] ? ksys_write+0x1ba/0x250 [ 695.400949][T12584] ? __pfx_ksys_write+0x10/0x10 [ 695.400998][T12584] __x64_sys_sendmmsg+0x9c/0x100 [ 695.401043][T12584] ? lockdep_hardirqs_on+0x7c/0x110 [ 695.401081][T12584] do_syscall_64+0xcd/0x250 [ 695.401124][T12584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.401167][T12584] RIP: 0033:0x7ff50f58d169 [ 695.401190][T12584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 695.401220][T12584] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 695.401248][T12584] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 695.401267][T12584] RDX: 0000000000000007 RSI: 0000400000000200 RDI: 0000000000000004 [ 695.401284][T12584] RBP: 00007ff50d3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 695.401302][T12584] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 695.401318][T12584] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 695.401355][T12584] [ 696.005493][T12594] cougar: G6 mapped to space [ 696.015106][T12594] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1605'. [ 696.107291][T12595] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1606'. [ 696.251456][T12595] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 696.366374][T12595] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 696.611122][T12595] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 696.750479][T12595] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 698.330075][T12610] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:22: corrupted in-inode xattr: bad magic number in in-inode xattr [ 698.408487][T12613] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:22: corrupted in-inode xattr: bad magic number in in-inode xattr [ 698.446120][T12612] [U]  [ 698.449019][T12612] [U] [ 698.451782][T12612] [U] [ 698.454538][T12612] [U] [ 698.472192][T12612] [U] [ 698.475003][T12612] [U] [ 698.477769][T12612] [U] [ 698.480529][T12612] [U] [ 698.501041][T12612] [U] [ 698.503827][T12612] [U] [ 698.506557][T12612] [U] [ 698.509298][T12612] [U] [ 698.568738][T12612] [U] [ 698.571533][T12612] [U] [ 698.574296][T12612] [U] [ 698.577058][T12612] [U] [ 698.585133][T12612] [U] [ 698.587917][T12612] [U] [ 698.590685][T12612] [U] [ 698.593448][T12612] [U] [ 698.598472][T12612] [U] [ 698.601259][T12612] [U] [ 698.604016][T12612] [U] [ 698.606766][T12612] [U] [ 698.641927][T12612] [U] [ 698.644742][T12612] [U] [ 698.647502][T12612] [U] [ 698.650256][T12612] [U] [ 698.680346][T12612] [U] [ 698.683153][T12612] [U] [ 698.685910][T12612] [U] [ 698.688668][T12612] [U] [ 698.706605][T12612] [U] [ 699.121014][T12615] zram: Added device: zram1 [ 700.590314][T12633] cougar: G6 mapped to space [ 700.757448][T12633] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1616'. [ 700.786222][T12639] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr [ 701.205330][T12644] FAULT_INJECTION: forcing a failure. [ 701.205330][T12644] name failslab, interval 1, probability 0, space 0, times 0 [ 701.442160][T12226] syz.3.1507 (12226) used greatest stack depth: 18976 bytes left [ 701.461038][T12644] CPU: 1 UID: 0 PID: 12644 Comm: syz.0.1618 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 701.461076][T12644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 701.461094][T12644] Call Trace: [ 701.461102][T12644] [ 701.461114][T12644] dump_stack_lvl+0x16c/0x1f0 [ 701.461157][T12644] should_fail_ex+0x50a/0x650 [ 701.461211][T12644] ? fs_reclaim_acquire+0xae/0x150 [ 701.461257][T12644] ? tomoyo_encode2+0x100/0x3e0 [ 701.461298][T12644] should_failslab+0xc2/0x120 [ 701.461328][T12644] __kmalloc_noprof+0xcb/0x510 [ 701.461381][T12644] tomoyo_encode2+0x100/0x3e0 [ 701.461427][T12644] tomoyo_encode+0x29/0x50 [ 701.461466][T12644] tomoyo_realpath_from_path+0x19d/0x720 [ 701.461517][T12644] tomoyo_check_open_permission+0x2ad/0x3c0 [ 701.461556][T12644] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 701.461635][T12644] ? __pfx_hook_file_open+0x10/0x10 [ 701.461672][T12644] ? lock_acquire+0x2f/0xb0 [ 701.461713][T12644] ? mnt_get_write_access+0x6a/0x300 [ 701.461752][T12644] tomoyo_file_open+0x6b/0x90 [ 701.461801][T12644] security_file_open+0x84/0x1e0 [ 701.461844][T12644] do_dentry_open+0x57c/0x1c40 [ 701.461893][T12644] ? inode_permission+0xdd/0x5f0 [ 701.461931][T12644] vfs_open+0x82/0x3f0 [ 701.461959][T12644] ? may_open+0x1f2/0x400 [ 701.461999][T12644] path_openat+0x1e88/0x2d80 [ 701.462060][T12644] ? __pfx_path_openat+0x10/0x10 [ 701.462105][T12644] ? __pfx___lock_acquire+0x10/0x10 [ 701.462146][T12644] ? lock_acquire.part.0+0x11b/0x380 [ 701.462197][T12644] ? find_held_lock+0x2d/0x110 [ 701.462235][T12644] do_filp_open+0x20c/0x470 [ 701.462282][T12644] ? __pfx_do_filp_open+0x10/0x10 [ 701.462325][T12644] ? find_held_lock+0x2d/0x110 [ 701.462383][T12644] ? alloc_fd+0x41f/0x760 [ 701.462457][T12644] do_sys_openat2+0x17a/0x1e0 [ 701.462489][T12644] ? __pfx_do_sys_openat2+0x10/0x10 [ 701.462529][T12644] ? __fget_files+0x206/0x3a0 [ 701.462583][T12644] __x64_sys_openat+0x175/0x210 [ 701.462617][T12644] ? __pfx___x64_sys_openat+0x10/0x10 [ 701.462651][T12644] ? ksys_write+0x1ba/0x250 [ 701.462709][T12644] do_syscall_64+0xcd/0x250 [ 701.462753][T12644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 701.462798][T12644] RIP: 0033:0x7f2e6cb8d169 [ 701.462822][T12644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 701.462853][T12644] RSP: 002b:00007f2e6d9ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 701.462883][T12644] RAX: ffffffffffffffda RBX: 00007f2e6cda6080 RCX: 00007f2e6cb8d169 [ 701.462902][T12644] RDX: 0000000000020201 RSI: 0000400000000100 RDI: ffffffffffffff9c [ 701.462922][T12644] RBP: 00007f2e6d9ae090 R08: 0000000000000000 R09: 0000000000000000 [ 701.462940][T12644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 701.462957][T12644] R13: 0000000000000000 R14: 00007f2e6cda6080 R15: 00007ffc75bf2eb8 [ 701.462997][T12644] [ 701.465456][T12644] ERROR: Out of memory at tomoyo_realpath_from_path. [ 702.402451][T12651] [U]  [ 702.405352][T12651] [U] [ 702.408115][T12651] [U] [ 702.410891][T12651] [U] [ 702.500636][T12651] [U] [ 702.503436][T12651] [U] [ 702.506194][T12651] [U] [ 702.508936][T12651] [U] [ 702.623668][T12651] [U] [ 702.626477][T12651] [U] [ 702.629238][T12651] [U] [ 702.631995][T12651] [U] [ 702.730033][T12651] [U] [ 703.139239][T12660] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr [ 703.208513][T12664] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr [ 703.770200][T12667] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1631'. [ 703.811329][T12668] cougar: G6 mapped to space [ 703.902123][T12668] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1624'. [ 704.281548][T12673] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1625'. [ 705.033432][T12684] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:2: corrupted in-inode xattr: bad magic number in in-inode xattr [ 705.940389][T12695] [U]  [ 705.943288][T12695] [U] [ 705.946035][T12695] [U] [ 705.948782][T12695] [U] [ 705.982047][T12695] [U] [ 705.984850][T12695] [U] [ 705.987612][T12695] [U] [ 705.990362][T12695] [U] [ 706.035230][T12695] [U] [ 706.038022][T12695] [U] [ 706.040811][T12695] [U] [ 706.043568][T12695] [U] [ 706.046795][T12695] [U] [ 706.049557][T12695] [U] [ 706.052317][T12695] [U] [ 706.055074][T12695] [U] [ 706.059374][T12695] [U] [ 706.062184][T12695] [U] [ 706.064943][T12695] [U] [ 706.067728][T12695] [U] [ 706.100643][T12695] [U] [ 706.103458][T12695] [U] [ 706.106223][T12695] [U] [ 706.108992][T12695] [U] [ 706.132862][T12677] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1628'. [ 706.140483][T12695] [U] [ 706.144622][T12695] [U] [ 706.147370][T12695] [U] [ 706.150125][T12695] [U] [ 706.162601][T12695] [U] [ 706.165403][T12695] [U] [ 706.168162][T12695] [U] [ 706.170920][T12695] [U] [ 706.280272][T12695] [U] [ 707.115148][T12713] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:2: corrupted in-inode xattr: bad magic number in in-inode xattr [ 707.215702][T12711] net_ratelimit: 19 callbacks suppressed [ 707.215728][T12711] netlink: Unknown conntrack attr (0) [ 707.244836][T12712] netlink: 'syz.1.1637': attribute type 10 has an invalid length. [ 707.252980][T12712] netlink: 230 bytes leftover after parsing attributes in process `syz.1.1637'. [ 707.512033][T12719] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:14: corrupted in-inode xattr: bad magic number in in-inode xattr [ 707.530271][T12711] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006 [ 707.656757][T12247] syz.3.1514 (12247) used greatest stack depth: 18320 bytes left [ 707.697598][T12720] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1638'. [ 708.803235][T12729] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr [ 709.530066][T12742] [U]  [ 709.532974][T12742] [U] [ 709.535735][T12742] [U] [ 709.538580][T12742] [U] [ 709.594929][T12742] [U] [ 709.597751][T12742] [U] [ 709.600520][T12742] [U] [ 709.603285][T12742] [U] [ 709.833545][T12742] [U] [ 710.650218][T12752] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1645'. [ 711.430167][T12759] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1648'. [ 713.447707][ T29] audit: type=1800 audit(6035556885.999:8): pid=12775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1654" name="discovery_nqn" dev="configfs" ino=41035 res=0 errno=0 [ 713.619311][T12780] [U]  [ 713.622219][T12780] [U] [ 713.624972][T12780] [U] [ 713.627723][T12780] [U] [ 713.667558][T12780] [U] [ 713.670374][T12780] [U] [ 713.673147][T12780] [U] [ 713.675919][T12780] [U] [ 713.721297][T12780] [U] [ 713.724108][T12780] [U] [ 713.726872][T12780] [U] [ 713.729632][T12780] [U] [ 713.806512][T12780] [U] [ 713.809327][T12780] [U] [ 713.812092][T12780] [U] [ 713.814854][T12780] [U] [ 713.851537][T12780] [U] [ 713.854351][T12780] [U] [ 713.857202][T12780] [U] [ 713.859953][T12780] [U] [ 713.907718][T12780] [U] [ 714.447426][T12370] syz.3.1541 (12370) used greatest stack depth: 17840 bytes left [ 715.812855][T12784] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1656'. [ 717.265914][T12813] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:11: corrupted in-inode xattr: bad magic number in in-inode xattr [ 717.357321][T12815] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr [ 717.600426][T12819] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(1) [ 718.597895][T12830] FAULT_INJECTION: forcing a failure. [ 718.597895][T12830] name failslab, interval 1, probability 0, space 0, times 0 [ 718.696216][T12830] CPU: 1 UID: 0 PID: 12830 Comm: syz.1.1664 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 718.696257][T12830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 718.696276][T12830] Call Trace: [ 718.696284][T12830] [ 718.696296][T12830] dump_stack_lvl+0x16c/0x1f0 [ 718.696343][T12830] should_fail_ex+0x50a/0x650 [ 718.696391][T12830] ? fs_reclaim_acquire+0xae/0x150 [ 718.696435][T12830] ? constrain_params_by_rules+0x176/0xca0 [ 718.696470][T12830] should_failslab+0xc2/0x120 [ 718.696499][T12830] __kmalloc_noprof+0xcb/0x510 [ 718.696544][T12830] ? kasan_quarantine_put+0x10a/0x240 [ 718.696587][T12830] ? constrain_params_by_rules+0xa0e/0xca0 [ 718.696631][T12830] constrain_params_by_rules+0x176/0xca0 [ 718.696692][T12830] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 718.696738][T12830] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 718.696774][T12830] ? lock_acquire.part.0+0x11b/0x380 [ 718.696848][T12830] snd_pcm_hw_refine+0x7e8/0xad0 [ 718.696893][T12830] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 718.696955][T12830] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 718.696999][T12830] ? __pfx_lock_release+0x10/0x10 [ 718.697042][T12830] ? snd_pcm_hw_param_value+0x266/0x5b0 [ 718.697082][T12830] snd_pcm_hw_param_first+0x328/0x6e0 [ 718.697119][T12830] ? trace_hw_mask_param+0x19e/0x210 [ 718.697156][T12830] snd_pcm_hw_params+0x5b2/0x1b20 [ 718.697201][T12830] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 718.697242][T12830] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 718.697287][T12830] ? snd_pcm_hw_param_near.constprop.0+0x743/0x8f0 [ 718.697331][T12830] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 718.697376][T12830] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 718.697422][T12830] snd_pcm_oss_change_params_locked+0x1406/0x3a60 [ 718.697478][T12830] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 718.697549][T12830] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 718.697589][T12830] snd_pcm_oss_write+0x4a3/0xa00 [ 718.697627][T12830] ? bpf_lsm_file_permission+0x9/0x10 [ 718.697691][T12830] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 718.697727][T12830] vfs_write+0x24c/0x1150 [ 718.697773][T12830] ? __fget_files+0x1fc/0x3a0 [ 718.697818][T12830] ? __pfx_lock_release+0x10/0x10 [ 718.697862][T12830] ? __pfx_vfs_write+0x10/0x10 [ 718.697919][T12830] ? lock_acquire+0x2f/0xb0 [ 718.697959][T12830] ? __fget_files+0x40/0x3a0 [ 718.698027][T12830] ? __fget_files+0x206/0x3a0 [ 718.698086][T12830] ksys_write+0x12b/0x250 [ 718.698141][T12830] ? __pfx_ksys_write+0x10/0x10 [ 718.698196][T12830] do_syscall_64+0xcd/0x250 [ 718.698239][T12830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.698281][T12830] RIP: 0033:0x7ff50f58d169 [ 718.698304][T12830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 718.698332][T12830] RSP: 002b:00007ff50d3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 718.698360][T12830] RAX: ffffffffffffffda RBX: 00007ff50f7a6080 RCX: 00007ff50f58d169 [ 718.698379][T12830] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 718.698396][T12830] RBP: 00007ff50d3d5090 R08: 0000000000000000 R09: 0000000000000000 [ 718.698412][T12830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 718.698429][T12830] R13: 0000000000000000 R14: 00007ff50f7a6080 R15: 00007fff65d3d6d8 [ 718.698468][T12830] [ 719.463341][T12837] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1668'. [ 719.493322][T12837] ipvlan1: entered promiscuous mode [ 720.932233][T12856] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1672'. [ 721.999554][T12858] netlink: Unknown conntrack attr (0) [ 722.015556][T12861] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1674'. [ 722.105277][T12861] FAULT_INJECTION: forcing a failure. [ 722.105277][T12861] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 722.177628][T12861] CPU: 0 UID: 0 PID: 12861 Comm: syz.0.1674 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 722.177670][T12861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 722.177687][T12861] Call Trace: [ 722.177697][T12861] [ 722.177708][T12861] dump_stack_lvl+0x16c/0x1f0 [ 722.177754][T12861] should_fail_ex+0x50a/0x650 [ 722.177808][T12861] _copy_to_user+0x32/0xd0 [ 722.177844][T12861] simple_read_from_buffer+0xd0/0x160 [ 722.177888][T12861] proc_fail_nth_read+0x198/0x270 [ 722.177927][T12861] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 722.177967][T12861] ? rw_verify_area+0xcf/0x680 [ 722.178003][T12861] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 722.178041][T12861] vfs_read+0x1df/0xbf0 [ 722.178082][T12861] ? __fget_files+0x1fc/0x3a0 [ 722.178127][T12861] ? __pfx___mutex_lock+0x10/0x10 [ 722.178173][T12861] ? __pfx_vfs_read+0x10/0x10 [ 722.178234][T12861] ? __fget_files+0x206/0x3a0 [ 722.178306][T12861] ksys_read+0x12b/0x250 [ 722.178345][T12861] ? __pfx_ksys_read+0x10/0x10 [ 722.178398][T12861] do_syscall_64+0xcd/0x250 [ 722.178441][T12861] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.178484][T12861] RIP: 0033:0x7f2e6cb8bb7c [ 722.178508][T12861] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 722.178538][T12861] RSP: 002b:00007f2e6d9cf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 722.178566][T12861] RAX: ffffffffffffffda RBX: 00007f2e6cda5fa0 RCX: 00007f2e6cb8bb7c [ 722.178585][T12861] RDX: 000000000000000f RSI: 00007f2e6d9cf0a0 RDI: 0000000000000005 [ 722.178602][T12861] RBP: 00007f2e6d9cf090 R08: 0000000000000000 R09: 0000000000000000 [ 722.178619][T12861] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 722.178637][T12861] R13: 0000000000000000 R14: 00007f2e6cda5fa0 R15: 00007ffc75bf2eb8 [ 722.178675][T12861] [ 722.890349][T12858] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006 [ 724.301368][T12885] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1681'. [ 725.643248][T12900] FAULT_INJECTION: forcing a failure. [ 725.643248][T12900] name failslab, interval 1, probability 0, space 0, times 0 [ 725.690212][T12900] CPU: 1 UID: 0 PID: 12900 Comm: syz.1.1685 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 725.690255][T12900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 725.690273][T12900] Call Trace: [ 725.690282][T12900] [ 725.690293][T12900] dump_stack_lvl+0x16c/0x1f0 [ 725.690339][T12900] should_fail_ex+0x50a/0x650 [ 725.690387][T12900] ? fs_reclaim_acquire+0xae/0x150 [ 725.690429][T12900] ? tracepoint_add_func+0x2a9/0xeb0 [ 725.690477][T12900] should_failslab+0xc2/0x120 [ 725.690506][T12900] __kmalloc_noprof+0xcb/0x510 [ 725.690557][T12900] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 725.690604][T12900] tracepoint_add_func+0x2a9/0xeb0 [ 725.690651][T12900] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 725.690702][T12900] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 725.690745][T12900] tracepoint_probe_register+0xc0/0x110 [ 725.690796][T12900] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 725.690848][T12900] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 725.690906][T12900] tracing_start_sched_switch+0xdc/0x1e0 [ 725.690948][T12900] __ftrace_event_enable_disable+0x64d/0x850 [ 725.691005][T12900] __ftrace_set_clr_event_nolock+0x397/0xb80 [ 725.691075][T12900] ftrace_set_clr_event+0x16f/0x330 [ 725.691108][T12900] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 725.691154][T12900] ftrace_event_write+0x245/0x290 [ 725.691186][T12900] ? __pfx_ftrace_event_write+0x10/0x10 [ 725.691219][T12900] ? ksys_write+0x12b/0x250 [ 725.691267][T12900] ? __pfx_ftrace_event_write+0x10/0x10 [ 725.691296][T12900] vfs_write+0x24c/0x1150 [ 725.691337][T12900] ? __fget_files+0x1fc/0x3a0 [ 725.691382][T12900] ? __pfx___mutex_lock+0x10/0x10 [ 725.691422][T12900] ? __pfx_vfs_write+0x10/0x10 [ 725.691475][T12900] ? __fget_files+0x206/0x3a0 [ 725.691533][T12900] ksys_write+0x12b/0x250 [ 725.691575][T12900] ? __pfx_ksys_write+0x10/0x10 [ 725.691631][T12900] do_syscall_64+0xcd/0x250 [ 725.691675][T12900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.691718][T12900] RIP: 0033:0x7ff50f58d169 [ 725.691741][T12900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 725.691770][T12900] RSP: 002b:00007ff50d3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 725.691798][T12900] RAX: ffffffffffffffda RBX: 00007ff50f7a5fa0 RCX: 00007ff50f58d169 [ 725.691815][T12900] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000004 [ 725.691831][T12900] RBP: 00007ff50d3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 725.691848][T12900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 725.691864][T12900] R13: 0000000000000000 R14: 00007ff50f7a5fa0 R15: 00007fff65d3d6d8 [ 725.691903][T12900] [ 726.041070][T12900] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup_new [ 726.768819][T12905] ------------[ cut here ]------------ [ 726.774991][T12905] WARNING: CPU: 1 PID: 12905 at kernel/tracepoint.c:358 tracepoint_probe_unregister+0x894/0xd70 [ 726.785950][T12905] Modules linked in: [ 726.790349][T12905] CPU: 1 UID: 0 PID: 12905 Comm: syz.3.1686 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 726.801256][T12905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 726.811424][T12905] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 726.818097][T12905] Code: 41 5e 41 5f c3 cc cc cc cc e8 98 1a fe ff 48 c7 c6 90 b3 bb 81 48 89 df e8 a9 d9 e4 ff eb 9f bb fe ff ff ff e8 7d 1a fe ff 90 <0f> 0b 90 eb 91 e8 72 1a fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 726.837930][T12905] RSP: 0018:ffffc90004ab7890 EFLAGS: 00010293 [ 726.844333][T12905] RAX: 0000000000000000 RBX: 00000000fffffffe RCX: ffffffff81bbc22f [ 726.852467][T12905] RDX: ffff888031beda00 RSI: ffffffff81bbc4d3 RDI: 0000000000000005 [ 726.860619][T12905] RBP: ffffffff8e57b780 R08: 0000000000000005 R09: 0000000000000000 [ 726.868642][T12905] R10: 0000000000000001 R11: 0000000000000003 R12: ffffffff81c18560 [ 726.876815][T12905] R13: 0000000000000402 R14: 0000000000000002 R15: ffffffff8e240bf8 [ 726.884885][T12905] FS: 00007f7d1228e6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 726.894389][T12905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 726.901533][T12905] CR2: 0000000000000000 CR3: 00000000202c4000 CR4: 00000000003526f0 [ 726.909564][T12905] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 726.917648][T12905] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 726.925724][T12905] Call Trace: [ 726.929047][T12905] [ 726.932097][T12905] ? __warn+0xea/0x3c0 [ 726.936232][T12905] ? tracepoint_probe_unregister+0x894/0xd70 [ 726.942361][T12905] ? report_bug+0x3c0/0x580 [ 726.946946][T12905] ? handle_bug+0x54/0xa0 [ 726.951407][T12905] ? exc_invalid_op+0x17/0x50 [ 726.956155][T12905] ? asm_exc_invalid_op+0x1a/0x20 [ 726.961571][T12905] ? __pfx_probe_sched_switch+0x10/0x10 [ 726.967191][T12905] ? tracepoint_probe_unregister+0x5ef/0xd70 [ 726.973507][T12905] ? tracepoint_probe_unregister+0x893/0xd70 [ 726.979573][T12905] ? tracepoint_probe_unregister+0x894/0xd70 [ 726.985920][T12905] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 726.993027][T12905] tracing_stop_cmdline_record+0x66/0xa0 [ 726.998744][T12905] __ftrace_event_enable_disable+0x73f/0x850 [ 727.005707][T12905] ftrace_event_set_open+0x240/0x390 [ 727.011360][T12905] do_dentry_open+0x735/0x1c40 [ 727.016217][T12905] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 727.022351][T12905] ? inode_permission+0xdd/0x5f0 [ 727.027352][T12905] vfs_open+0x82/0x3f0 [ 727.031723][T12905] ? may_open+0x1f2/0x400 [ 727.036213][T12905] path_openat+0x1e88/0x2d80 [ 727.041202][T12905] ? __pfx_path_openat+0x10/0x10 [ 727.046237][T12905] ? __pfx___lock_acquire+0x10/0x10 [ 727.051915][T12905] ? lock_acquire.part.0+0x11b/0x380 [ 727.057286][T12905] ? find_held_lock+0x2d/0x110 [ 727.062360][T12905] do_filp_open+0x20c/0x470 [ 727.067111][T12905] ? __pfx_do_filp_open+0x10/0x10 [ 727.072451][T12905] ? find_held_lock+0x2d/0x110 [ 727.077357][T12905] ? alloc_fd+0x41f/0x760 [ 727.082025][T12905] do_sys_openat2+0x17a/0x1e0 [ 727.086773][T12905] ? __pfx_do_sys_openat2+0x10/0x10 [ 727.092273][T12905] ? __fget_files+0x206/0x3a0 [ 727.097029][T12905] __x64_sys_openat+0x175/0x210 [ 727.102599][T12905] ? __pfx___x64_sys_openat+0x10/0x10 [ 727.108031][T12905] ? ksys_write+0x1ba/0x250 [ 727.113256][T12905] do_syscall_64+0xcd/0x250 [ 727.117855][T12905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.124182][T12905] RIP: 0033:0x7f7d1138d169 [ 727.128674][T12905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.148797][T12905] RSP: 002b:00007f7d1228e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 727.157490][T12905] RAX: ffffffffffffffda RBX: 00007f7d115a5fa0 RCX: 00007f7d1138d169 [ 727.165718][T12905] RDX: 0000000000020201 RSI: 0000400000000100 RDI: ffffffffffffff9c [ 727.174007][T12905] RBP: 00007f7d1228e090 R08: 0000000000000000 R09: 0000000000000000 [ 727.182292][T12905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 727.190592][T12905] R13: 0000000000000000 R14: 00007f7d115a5fa0 R15: 00007ffd0746e088 [ 727.199189][T12905] [ 727.202728][T12905] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 727.210059][T12905] CPU: 1 UID: 0 PID: 12905 Comm: syz.3.1686 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 [ 727.220866][T12905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 727.230969][T12905] Call Trace: [ 727.234278][T12905] [ 727.237222][T12905] dump_stack_lvl+0x3d/0x1f0 [ 727.241845][T12905] panic+0x71d/0x800 [ 727.245772][T12905] ? __pfx_panic+0x10/0x10 [ 727.250211][T12905] ? show_trace_log_lvl+0x29d/0x3d0 [ 727.255452][T12905] ? check_panic_on_warn+0x1f/0xb0 [ 727.260608][T12905] ? tracepoint_probe_unregister+0x894/0xd70 [ 727.266628][T12905] check_panic_on_warn+0xab/0xb0 [ 727.271605][T12905] __warn+0xf6/0x3c0 [ 727.275520][T12905] ? tracepoint_probe_unregister+0x894/0xd70 [ 727.281554][T12905] report_bug+0x3c0/0x580 [ 727.285933][T12905] handle_bug+0x54/0xa0 [ 727.290120][T12905] exc_invalid_op+0x17/0x50 [ 727.294655][T12905] asm_exc_invalid_op+0x1a/0x20 [ 727.299532][T12905] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 727.306156][T12905] Code: 41 5e 41 5f c3 cc cc cc cc e8 98 1a fe ff 48 c7 c6 90 b3 bb 81 48 89 df e8 a9 d9 e4 ff eb 9f bb fe ff ff ff e8 7d 1a fe ff 90 <0f> 0b 90 eb 91 e8 72 1a fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 727.325788][T12905] RSP: 0018:ffffc90004ab7890 EFLAGS: 00010293 [ 727.331898][T12905] RAX: 0000000000000000 RBX: 00000000fffffffe RCX: ffffffff81bbc22f [ 727.339894][T12905] RDX: ffff888031beda00 RSI: ffffffff81bbc4d3 RDI: 0000000000000005 [ 727.347891][T12905] RBP: ffffffff8e57b780 R08: 0000000000000005 R09: 0000000000000000 [ 727.355885][T12905] R10: 0000000000000001 R11: 0000000000000003 R12: ffffffff81c18560 [ 727.363869][T12905] R13: 0000000000000402 R14: 0000000000000002 R15: ffffffff8e240bf8 [ 727.371859][T12905] ? __pfx_probe_sched_switch+0x10/0x10 [ 727.377444][T12905] ? tracepoint_probe_unregister+0x5ef/0xd70 [ 727.383461][T12905] ? tracepoint_probe_unregister+0x893/0xd70 [ 727.389491][T12905] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 727.395882][T12905] tracing_stop_cmdline_record+0x66/0xa0 [ 727.401544][T12905] __ftrace_event_enable_disable+0x73f/0x850 [ 727.407572][T12905] ftrace_event_set_open+0x240/0x390 [ 727.412904][T12905] do_dentry_open+0x735/0x1c40 [ 727.417707][T12905] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 727.423570][T12905] ? inode_permission+0xdd/0x5f0 [ 727.428551][T12905] vfs_open+0x82/0x3f0 [ 727.432643][T12905] ? may_open+0x1f2/0x400 [ 727.437002][T12905] path_openat+0x1e88/0x2d80 [ 727.441633][T12905] ? __pfx_path_openat+0x10/0x10 [ 727.446597][T12905] ? __pfx___lock_acquire+0x10/0x10 [ 727.451828][T12905] ? lock_acquire.part.0+0x11b/0x380 [ 727.457160][T12905] ? find_held_lock+0x2d/0x110 [ 727.461953][T12905] do_filp_open+0x20c/0x470 [ 727.466489][T12905] ? __pfx_do_filp_open+0x10/0x10 [ 727.471542][T12905] ? find_held_lock+0x2d/0x110 [ 727.476349][T12905] ? alloc_fd+0x41f/0x760 [ 727.480720][T12905] do_sys_openat2+0x17a/0x1e0 [ 727.485418][T12905] ? __pfx_do_sys_openat2+0x10/0x10 [ 727.490647][T12905] ? __fget_files+0x206/0x3a0 [ 727.495366][T12905] __x64_sys_openat+0x175/0x210 [ 727.500247][T12905] ? __pfx___x64_sys_openat+0x10/0x10 [ 727.505652][T12905] ? ksys_write+0x1ba/0x250 [ 727.510210][T12905] do_syscall_64+0xcd/0x250 [ 727.514760][T12905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.520684][T12905] RIP: 0033:0x7f7d1138d169 [ 727.525125][T12905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.544765][T12905] RSP: 002b:00007f7d1228e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 727.553199][T12905] RAX: ffffffffffffffda RBX: 00007f7d115a5fa0 RCX: 00007f7d1138d169 [ 727.561196][T12905] RDX: 0000000000020201 RSI: 0000400000000100 RDI: ffffffffffffff9c [ 727.569195][T12905] RBP: 00007f7d1228e090 R08: 0000000000000000 R09: 0000000000000000 [ 727.577187][T12905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 727.585169][T12905] R13: 0000000000000000 R14: 00007f7d115a5fa0 R15: 00007ffd0746e088 [ 727.593177][T12905] [ 727.596611][T12905] Kernel Offset: disabled [ 727.601032][T12905] Rebooting in 86400 seconds..