last executing test programs: 1m58.734231136s ago: executing program 0 (id=471): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x64842, 0x0) msgctl$auto(0x6, 0x3, &(0x7f00000001c0)={{0x1, 0xffffffffffffffff, 0xee01, 0x6, 0x0, 0x6, 0x3}, 0x0, 0x0, 0x8, 0x9, 0x6, 0x205, 0x5b73, 0x49, 0x9, 0x2}) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a) (async) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a) write$auto(0x3, 0x0, 0x7fffffff) (async) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x3, 0x0, 0x5c8) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) ioctl$auto_FIOASYNC(0xffffffffffffffff, 0x5452, 0xffffffffffffffff) (async) ioctl$auto_FIOASYNC(0xffffffffffffffff, 0x5452, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) bind$auto(r0, &(0x7f0000000000)=@in={0x2, 0xffff, @empty}, 0x6a) (async) bind$auto(r0, &(0x7f0000000000)=@in={0x2, 0xffff, @empty}, 0x6a) socket(0x10, 0x2, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x5, 0x5, 0xffffffff, 0x0) (async) socketpair$auto(0x5, 0x5, 0xffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) r1 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r1, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c03000000000000002f", 0x49}, 0x5, &(0x7f0000000700), 0x6, 0x1}, 0x5}, 0x2, 0x100) socket(0x2, 0x3, 0xa) (async) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) (async) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) write$auto(0x3, 0x0, 0xbc0d) ioctl$auto_SNDCTL_SEQ_PANIC(r0, 0x5111, &(0x7f0000000100)="b68856ede41d25a205ab8cc14886939532867ed2da6ff8c8a0bf1cedf777e7784074053457edbe5886c190fe8418a8d8c6a7e2c5b273702d6c2e7bd84eccd25178aa641a6a4d217d0350b8e0a307724b") connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sysfs$auto(0x2, 0x4d, 0x0) 1m56.590139956s ago: executing program 0 (id=477): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_PPPIOCSMAXCID(r0, 0x40047451, 0x0) (fail_nth: 6) 1m55.470153697s ago: executing program 0 (id=481): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0x80000) r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/clear_refs\x00', 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="0392c96ecd1b0865f3147827a7a7e9cff019b71397d75d643864943db94c2949f24f5d5210868f1413239eab6fba330f9dd65b181e1a3e76e37588417f68ffb6f564", @ANYBLOB="1200", @ANYBLOB="59ba4121d9e2ee5f90f440179d03f73e3c9498570e529730083a0300000000de0000735bddca3d49a9ee2411b51f3354bb97e8f133ee1a26a984291ede5a7a6261ce3845d47694439e1731ac7c1561b97e2c955c09b48caaa0d6f7ec800d9467dee7b9c011425f1e0de5e2c7255d2f45139427464d0ff1f40e62a15ae0ea1c9ce6947058469aa9e3eefd3808cb5de07a64f6aba48e45489d156b0a45ffe4aa50c3e271f0d84b20777eae4d360c1c9255f7b1f18c8e8997578d3a491c5868307abed126ecf0537b2cd85534dbc2439c4182ef"], 0x1ac}}, 0x8000000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) write$auto(0x3, 0x0, 0xfdef) 1m54.475904097s ago: executing program 0 (id=486): openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x9, 0x0) fanotify_init$auto(0x9, 0x9) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd3\x00', 0xc2c00aab5cc5ee16, 0x0) open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) setsockopt$auto(r0, 0x0, 0xfffffff7, &(0x7f0000000100)='/dev\xafZ\xd5r\x9bM\xe3=\xfc\x13\x9f', 0x0) r1 = socket(0x18, 0x2, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000038c0), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000003980)={0x0, 0x0, &(0x7f0000003940)={&(0x7f0000003900)={0x1c, r3, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0xba}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x20008800) sendmsg$auto_L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x5c, r3, 0x4, 0x70bd2c, 0x25dfdbff, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x6}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x8}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x2}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x3}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x7fffffff}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e24}, @L2TP_ATTR_DATA_SEQ={0x5}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0xb5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20040084}, 0x40c0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0xfffffffc, &(0x7f0000000080)={0x0, 0xfc2}, 0x71, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r4 = socket(0x29, 0x2, 0x0) epoll_create$auto(0x1000) r5 = socket(0x10, 0x2, 0x0) recvmmsg$auto(r5, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r4, 0x89f2, 0x24) 1m52.940065326s ago: executing program 0 (id=491): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) r0 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x2, 0x0, 0x4000000000e1, 0x13, r0, 0x8002) ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(0xffffffffffffffff, 0x810c5701, &(0x7f00000000c0)={0x8, 0x1, 0x2, 0xe, 0xf2, "387c2eeeb16ab1febcbfca5deb7e53123ca3ddd20833fe080d73e3f4ad9dcd37ba38d7353f63d0ef81ac27ee8f0c909cae392c59b25963b373698c3a7262b0b7", "4a8877a45492456d08545dcdbbe6eea9fc2cc40a675b820ce12b6bfbed02bacdc1ed9adf6c09a3459a946a00c64696b8a70db2743a2c71f275cda35036f30e579bcfac05e88f98087792f768704c6470", "0a442cc716e79a03e973a516ff2771e3ffdb4a346671a44a5f55077bff79f0e5", 0x9, 0x9, "98f274223a333e5e3e1de73bb27a019c5911fd34e96693f2563bbfcaf5553c50006598360dc1a795dae44654795fd827088616cdb80bd1be3c134e46f99bb556"}) mmap$auto(0x0, 0x4, 0x6, 0x40eb2, 0x402, 0x300000000000) unshare$auto(0x200) (async) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r1, 0x0) (async) getcwd$auto(0x0, 0xffffffffffffffff) mount_setattr$auto(0x5, 0x0, 0x8000, &(0x7f0000000640)={0x1, 0x4, 0x100000, @raw=0xf980}, 0x283) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) (async) ioctl$auto(0x3, 0x5402, 0x38) 1m51.797875101s ago: executing program 0 (id=497): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0xc) r0 = socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x3fd, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = open(0x0, 0xa22c0, 0x155) ioctl$auto_FS_IOC_FSSETXATTR(r1, 0x401c5820, r0) socket(0x2, 0x6, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x4) r2 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @rand_addr=0x64010101}, 0x55) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1017cb80", @ANYRES16=r4, @ANYBLOB="01002abd7000fcdbdf25080000000400038008000100", @ANYRES32=0x0, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x844}, 0x20004010) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r5, 0x0) mmap$auto(0x0, 0x20009, 0x100000000000df, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r5, 0x0) 1m51.295263728s ago: executing program 32 (id=497): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0xc) r0 = socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x3fd, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = open(0x0, 0xa22c0, 0x155) ioctl$auto_FS_IOC_FSSETXATTR(r1, 0x401c5820, r0) socket(0x2, 0x6, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x4) r2 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @rand_addr=0x64010101}, 0x55) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1017cb80", @ANYRES16=r4, @ANYBLOB="01002abd7000fcdbdf25080000000400038008000100", @ANYRES32=0x0, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x844}, 0x20004010) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r5, 0x0) mmap$auto(0x0, 0x20009, 0x100000000000df, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r5, 0x0) 8.192610679s ago: executing program 2 (id=773): openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000200)=""/114, 0x72) r0 = socket(0x9, 0x1, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x5, 0x8000000000000004, 0x5) madvise$auto(0x0, 0xffffffffffff0001, 0x15) msync$auto(0x0, 0x2000000005, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = syz_clone(0x40040000, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r2, 0x1002, 0x0, 0x0, 0x0, 0x5) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x40000000}, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="f845f900", @ANYRES16=r4, @ANYBLOB="000125bd7000fbdbdf250700000008001c00", @ANYRES32=r5, @ANYBLOB="05001200080000000c002e800800ae00ffffffff1400040076657468305f746f5f687372000000009c002d809100e780f994f9b391316f24fa09192d3264478cdf0681ef8b848605fa3d7ae821f9f922072f6c873c36fc72f5944680c3ee5f88a4739ad41f30df6df64524d0b81b5892d0a06e8a7818f2cd7f470a7d3749545cedbacb84eac07a5cec6b56b73e28ba4600fbb16180a67f89eff562dc172dfc95dab69ca6f7e96416a8357f4a89024d1eb5b71ada5c040014800400ac8000000004002a80080005000500000008001c00", @ANYRES32, @ANYBLOB="0500120006000000"], 0xf8}, 0x1, 0x0, 0x0, 0x800}, 0x40800) ioctl$auto(r3, 0x5646, r3) read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000080)=""/27, 0x1b) r6 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) read$auto_proc_mountinfo_operations_mnt_namespace(r6, 0x0, 0x0) ioctl$auto_SNDCTL_MIDI_PRETIME(r6, 0xc0046d00, &(0x7f0000000380)="0cb82ab5082f17e24aee1e7660716ea00cff5697d4eed0f1ad76e44b9498a976fe9ef1c4852134ab6c1b1b5602d49ec8645b405ea7cb819c7ea19fe896c34043f810cd0101e85db95f7776a332590bde3faf01c40bc39056d9dc1c9839040b48ff2dbfeca102d13379124cf26db4c156460a7707c2e93be89f8760") r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r7, &(0x7f0000001080)=""/244, 0xf4) 8.192443236s ago: executing program 3 (id=774): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) bpf$auto(0x5, &(0x7f0000000240)=@bpf_attr_3={0x9, 0x4, 0xf455, 0x1, 0x9, 0x4, 0x3, 0x1000, 0x10000, "06dbde4e070000001b0000000800", 0x0, 0x6, 0x2, 0x100, 0x0, 0x81, 0x200, 0x1, 0x4, 0x5, @attach_prog_fd, 0x6, 0x1ff, 0x100000002, 0x101, 0xe4, 0x6}, 0x1000) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x42006, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec27\x00', 0x8000, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd2) ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f00000001c0)={r0, 0x47, 0xfff, 0x9}) close_range$auto(r1, r2, 0x2) r3 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd2, 0x4, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x4}, 0x3, 0x7, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) lseek$auto(r3, 0x7f, 0x2a21) sysfs$auto(0x2, 0x1, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) sendmsg$auto_IPVS_CMD_GET_SERVICE(r6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x80800) syz_clone(0x4200, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 7.718194602s ago: executing program 1 (id=776): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x40, 0x0) pread64$auto(r0, 0x0, 0xb, 0x5af) 7.022437628s ago: executing program 3 (id=777): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_DEL_STATION(r0, 0x0, 0x40) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r1 = socket(0x1d, 0x2, 0x7) r2 = socket(0x2, 0xa, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x24, r3, 0x13, 0x70bd26, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x7c}]}, 0x24}, 0x1, 0x0, 0x0, 0x8880}, 0x20040894) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6}, 0x6a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r7}, 0x18) io_uring_setup$auto(0xa, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x80000400008, 0xdf, 0x13, 0x2, 0x48ff) socket(0x2a, 0x7, 0x0) r8 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x9, 0xfffffffffffffffe, 0xffffefff, 0x800000000009b72, r8, 0x4) sendmmsg$auto(r1, 0x0, 0x800809a6, 0x1000000c) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x3, 0xff) ioctl$auto(0x3, 0x89e0, 0x91) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) 7.019475669s ago: executing program 1 (id=786): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x40, 0x0) pread64$auto(r0, 0x0, 0xb, 0x5af) 6.882119786s ago: executing program 1 (id=780): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) bpf$auto(0x5, &(0x7f0000000240)=@bpf_attr_3={0x9, 0x4, 0xf455, 0x1, 0x9, 0x4, 0x3, 0x1000, 0x10000, "06dbde4e070000001b0000000800", 0x0, 0x6, 0x2, 0x100, 0x0, 0x81, 0x200, 0x1, 0x4, 0x5, @attach_prog_fd, 0x6, 0x1ff, 0x100000002, 0x101, 0xe4, 0x6}, 0x1000) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x42006, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec27\x00', 0x8000, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd2) ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f00000001c0)={r0, 0x47, 0xfff, 0x9}) close_range$auto(r1, r2, 0x2) r3 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd2, 0x4, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x4}, 0x3, 0x7, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fsopen$auto(&(0x7f00000000c0)='/d\x00\x00\x00\x00et/tun\x00', 0x3) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) lseek$auto(r3, 0x7f, 0x2a21) sysfs$auto(0x2, 0x1, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) sendmsg$auto_IPVS_CMD_GET_SERVICE(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x80800) syz_clone(0x4200, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 6.805481833s ago: executing program 4 (id=781): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x9, 0x42, 0x13, 0xc3f) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x3ff) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) lseek$auto(0xffffffffffffffff, 0xacb, 0x7) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/de\xe5\xec\x9c\xbe\xeb\xaf\x87X/2\xa6id-\x1av/audis1\x00\xe2\x1d|\xb0\'%\xb9\xe2Te\xd9nOl\xf2\xdd0\x04\xb62\x8e\x8dtB\xaaOs\x04+\xbdu\xeb\x93v<$\x93\xf3\b2\xc7\xb5\'\xc0S\x84\x1eo\xba\x12\x86\xf7\x91\xf5\x1e\x03v7\xdc\xd0\fT\x17\xf8\xbbdU\x02\x99R\x15J\xb50\x9e\xcad\a\x97\xd5\x12\x8c\xe8\x04y\xd0j\xc8\x8b\xa9)\xbbb\xbf\xc2\xdd\xd4T?\xbe\xf8z\xd0\xbd\x12\xdf\\\x1d|T\xd6\xeb\"Z\x99&\xd3\x1d\x99kY\xb5M\x05\xd8\x11\xd3\xec\xfe\xc8U', 0xa3d9) unshare$auto(0x40000080) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1, 0x0) r3 = prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0x0, 0x0, 0x8001) r4 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r4, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x720, [0x0]}) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000040)=0x0) connect$auto(r2, &(0x7f0000000240)=@nfc={0x27, r5, 0xffffffffffffffff, 0x3}, 0xb49e) r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_WRITE(r6, 0x40085503, &(0x7f0000000600)={0xd, 0x0, 0x3}) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) setresgid$auto(0x0, 0xee01, 0xffffffffffffffff) r7 = getegid() ioctl$auto_XFS_IOC_SWAPEXT(r3, 0xc0c0586d, &(0x7f0000000180)={0x7, @raw=0x4, @inferred=r3, 0x3c, 0x3, '\x00', {0x4, 0xff, 0xa, 0x0, r7, 0x8, 0x7, 0x9, {0x4, 0x5}, {0x40, 0x169}, {0x6, 0x6}, 0x0, 0x5c, 0x7fffffff, 0x40, 0x5, 0x800, 0x8, 0x5, 0x7, 0x81, '\x00', 0x5, 0x1, 0x8, 0x100}}) setregid$auto(r7, r7) close_range$auto(0x2, 0x8, 0x0) r8 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) ioctl$auto_SG_GET_REQUEST_TABLE(r8, 0x2286, 0x0) 6.02929203s ago: executing program 1 (id=782): ioctl$auto(0x3, 0x1, 0x90000800000402) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20040045) unshare$auto(0x40000080) madvise$auto(0x0, 0x2003f0, 0x15) epoll_create$auto(0x6) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x801, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x15, 0xfffffffffffffffa, 0x8000) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, 0x0, 0x80301, 0x0) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x120, 0x0, 0x1c) pwrite64$auto(0xc8, 0x0, 0x6, 0x7a) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0x1000, 0x6) write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x0, 0x0) socket(0x28, 0x1, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000000c0)={0x8, "e6c26c22ab5e89520000c500", @raw=0x7}) r2 = open(&(0x7f0000000000)='./file0\x00', 0x4cd9c0, 0x304) close_range$auto(0x2, r0, 0x58) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, r3, 0x4, 0x1ff, 0xffffffffffffffff, @relative_fd=r1, 0xe600}, 0xf) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0xc0403d11, 0x0) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x6}, 0xc) 5.514363402s ago: executing program 4 (id=783): mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xc8) execve$auto(&(0x7f00000000c0)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) lseek$auto(0xffffffffffffffff, 0x8001, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xde, 0xeb1, 0x3fd, 0x8000) prctl$auto(0x6, 0xe, 0x0, 0x68, 0xee43) settimeofday$auto(0x0, &(0x7f0000000000)={0x0, 0x6000}) getsockopt$auto(0xffffffffffffffff, 0x10002, 0x2, 0x0, &(0x7f0000000040)=0x2000000) mmap$auto(0x0, 0x2020009, 0x7, 0x13, 0xfffffffffffffffb, 0x1) r0 = io_uring_setup$auto(0x3, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, r0, 0x8000) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0x8, 0x329, 0x10011, 0x2, 0x8000) mprotect$auto(0x0, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0xfffffffc, 0x8000000000000000, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x600000, 0x0) 5.224465144s ago: executing program 2 (id=784): madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket(0x2, 0x1, 0x0) r0 = socket(0x2, 0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = epoll_create$auto(0x100008) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/026/001\x00', 0x8002, 0x0) epoll_ctl$auto(r1, 0x1, r0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x1a, 0x0, 0x83) ioperm$auto(0x7, 0x6, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r3 = socket(0xa, 0x2, 0x0) setsockopt$auto(r3, 0x29, 0x1b, 0x0, 0x56b) 4.926608219s ago: executing program 1 (id=785): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0) ioctl$auto(r0, 0x3, r0) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) poll$auto(&(0x7f0000003640)={r1, 0x7, 0x6}, 0x6, 0x100000) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async, rerun: 64) socket(0x18, 0x2, 0x0) (async, rerun: 64) socket(0xa, 0x801, 0x84) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) getsockopt$auto(0x6, 0x84, 0x25, 0x0, &(0x7f00000000c0)=0x10000) socket(0x10, 0x3, 0x4) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003980)={&(0x7f0000000000)={0x54, r3, 0x301, 0x70bd2b, 0x25dfdbfd, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0xfffffffb}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x4}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x2004c005}, 0xc4) (async) mmap$auto(0x0, 0x8, 0xfff, 0x8000000008011, 0x3, 0x4000000) 4.535161422s ago: executing program 4 (id=787): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) bpf$auto(0x5, &(0x7f0000000240)=@bpf_attr_3={0x9, 0x4, 0xf455, 0x1, 0x9, 0x4, 0x3, 0x1000, 0x10000, "06dbde4e070000001b0000000800", 0x0, 0x6, 0x2, 0x100, 0x0, 0x81, 0x200, 0x1, 0x4, 0x5, @attach_prog_fd, 0x6, 0x1ff, 0x100000002, 0x101, 0xe4, 0x6}, 0x1000) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x42006, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec27\x00', 0x8000, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd2) ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f00000001c0)={r0, 0x47, 0xfff, 0x9}) close_range$auto(r1, r2, 0x2) r3 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd2, 0x4, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x4}, 0x3, 0x7, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) lseek$auto(r3, 0x7f, 0x2a21) sysfs$auto(0x2, 0x1, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) sendmsg$auto_IPVS_CMD_GET_SERVICE(r6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x80800) syz_clone(0x4200, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 4.534422641s ago: executing program 2 (id=788): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r0) sendmsg$auto_NFSD_CMD_VERSION_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fbdbdf25040000001400018008000200000000000800010002"], 0x28}, 0x1, 0x0, 0x0, 0x24000001}, 0x844) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) syslog$auto(0x9, 0x0, 0x3) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r4, 0x9210641e, r4) open(&(0x7f0000000040)='./file0\x00', 0x400000, 0x13a) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004044}, 0xc840) openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0xb02, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) r5 = socket(0xa, 0x2, 0x88) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) r8 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x1ff, r5, @relative_id=0x13, 0xe600}, 0xf) r9 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0), 0x161000, 0x0) sendto$auto(r9, 0x0, 0x8000, 0x800, &(0x7f0000000000)=@nl=@unspec, 0x1c) r10 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r8) sendmsg$auto_NL80211_CMD_SET_PMK(r5, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="18000080", @ANYRES16=r10, @ANYBLOB="000226bd7000fddbdf257b00000004008700"], 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x24000045) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/members\x00', 0x40000, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) 4.53394855s ago: executing program 3 (id=795): r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0xc0403d11, 0x0) 4.122459709s ago: executing program 2 (id=789): mmap$auto(0x2000000000000, 0x6a1, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) adjtimex$auto(&(0x7f00000005c0)={0xf33236e, 0x0, 0x2, 0x8, 0xd4, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0x1, 0x1800}) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0) r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x20100, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0) r2 = socket(0x22, 0x4, 0x6a) bind$auto(r0, &(0x7f0000000040)=@ax25={0x3, @bcast, 0x2}, 0x6a) r3 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x3, 0xfdd) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = io_uring_setup$auto(0x6, 0x0) sendmsg$auto_SEG6_CMD_DUMPHMAC(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000001200)=ANY=[@ANYBLOB="79d0218f47474a0e5d13db380cb4cc841db2315fba11671f317ba9440d0ad43ea2d82963cb03a9374563361cb174839ae236af5aeeeb57746432ed46b10f78018c9aa651407bd4145d4367d152ace5d35665e041477b36e84797b7fc75fd0f346618b762de6aaccf11662736e92970de17a47f7efac29b13d56a306738ae2e045e3c549710e09500e9cc2c52fe45de0bf5fd490df784e64c6787f21acd7290adaa45f05cd66289091eadddfaae", @ANYRES8=0xffffffffffffffff, @ANYBLOB="d1b99af3843cf30362bc04376cb96f696ee315d0ac0e5adb3c05457458588970a26ec32ed804c3e669befdf8c70eb6ae7a194af4190e3c92abc48d9528644b8647a3cbe36295572c3cf07bd6ede295eb516a8a26", @ANYRESDEC], 0x23c}, 0x1, 0x0, 0x0, 0x4000841}, 0x200240d1) write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\b\x1a\x1e`0x0}) r4 = socket(0xa, 0x801, 0x84) getsockopt$auto(r4, 0x84, 0x1a, 0x0, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x64, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x8e0}, @OVS_DP_ATTR_NAME={0x45, 0x1, '/sys/devices/system/clocksource/clocksource0/current_clocksource\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x40040}, 0x40) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0) io_uring_setup$auto(0x9, 0x0) connect$auto(0x3, 0x0, 0x54) signalfd4$auto(r0, &(0x7f00000001c0)={0x1d8}, 0x5, 0x4f) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYRESOCT=r3, @ANYRES16=r3, @ANYBLOB="0100cda4429629bd7100f9db5f250200000000000000", @ANYBLOB="c7e050306e5be514092eb3f4b1e7533ca151804a360d71f7597288a7d34f3dcf58c7291fa429011f5f1e97"], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) msgctl$auto_IPC_STAT(0x8, 0x2, &(0x7f00000006c0)={{0x675, 0x0, 0xee01, 0x4, 0x81, 0x4}, &(0x7f0000000640)=0x5, &(0x7f0000000680)=0x7, 0x8, 0x6, 0x7, 0x80000000, 0x10, 0x1de, 0x3ff, 0x2}) fstat$auto(0xffffffffffffffff, &(0x7f0000000740)={0x3, 0x357c17c5, 0x18b, 0xd4f, 0x0, r7, 0x0, 0x4, 0x40, 0x0, 0xfffffffffffff88f, 0x3, 0x9, 0xffffffffffff7fff, 0xbe7, 0x8e2, 0x6}) r8 = gettid() rt_sigqueueinfo$auto(r8, 0x1, 0x0) syz_open_procfs$namespace(r8, 0x0) fcntl$auto_F_GETOWN_EX(r2, 0x10, r8) ioctl$auto_VHOST_SET_LOG_FD2(r2, 0x4004af07, &(0x7f0000000000)=r6) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x800, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x9) 3.850149768s ago: executing program 1 (id=790): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r0 = socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) mmap$auto(0x0, 0x400005, 0xe3, 0x9b72, r0, 0x7) madvise$auto(0x0, 0xffffffffffff0004, 0x19) kill$auto(0x0, 0x21) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket(0x15, 0x5, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) madvise$auto(0x9, 0x0, 0x8) sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x44084) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) 2.704946625s ago: executing program 4 (id=791): mprotect$auto(0x0, 0x3ff, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f00000001c0)=""/191, 0x1f8) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000000)=""/194, 0xc2) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) setrlimit$auto(0x7, &(0x7f0000007b00)={0x6, 0xff}) ioctl$auto(r2, 0x9210642d, 0xc5) r3 = memfd_create$auto(0x0, 0x4) statx$auto(r3, 0x0, 0x1000, 0xbdfc, 0x0) write$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r3, &(0x7f0000000080)="9cc8865b37a1fb1298866c14c53ea8", 0xf) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) open_by_handle_at$auto(r4, &(0x7f0000000040)={0x8, 0x20002, "0600000000000000"}, 0x2) 2.303978768s ago: executing program 3 (id=792): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x9, 0x42, 0x13, 0xc3f) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x3ff) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) lseek$auto(0xffffffffffffffff, 0xacb, 0x7) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/de\xe5\xec\x9c\xbe\xeb\xaf\x87X/2\xa6id-\x1av/audis1\x00\xe2\x1d|\xb0\'%\xb9\xe2Te\xd9nOl\xf2\xdd0\x04\xb62\x8e\x8dtB\xaaOs\x04+\xbdu\xeb\x93v<$\x93\xf3\b2\xc7\xb5\'\xc0S\x84\x1eo\xba\x12\x86\xf7\x91\xf5\x1e\x03v7\xdc\xd0\fT\x17\xf8\xbbdU\x02\x99R\x15J\xb50\x9e\xcad\a\x97\xd5\x12\x8c\xe8\x04y\xd0j\xc8\x8b\xa9)\xbbb\xbf\xc2\xdd\xd4T?\xbe\xf8z\xd0\xbd\x12\xdf\\\x1d|T\xd6\xeb\"Z\x99&\xd3\x1d\x99kY\xb5M\x05\xd8\x11\xd3\xec\xfe\xc8U', 0xa3d9) unshare$auto(0x40000080) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1, 0x0) r3 = prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0x0, 0x0, 0x8001) r4 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r4, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x720, [0x0]}) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000040)=0x0) connect$auto(r2, &(0x7f0000000240)=@nfc={0x27, r5, 0xffffffffffffffff, 0x3}, 0xb49e) r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_WRITE(r6, 0x40085503, &(0x7f0000000600)={0xd, 0x0, 0x3}) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) setresgid$auto(0x0, 0xee01, 0xffffffffffffffff) r7 = getegid() ioctl$auto_XFS_IOC_SWAPEXT(r3, 0xc0c0586d, &(0x7f0000000180)={0x7, @raw=0x4, @inferred=r3, 0x3c, 0x3, '\x00', {0x4, 0xff, 0xa, 0x0, r7, 0x8, 0x7, 0x9, {0x4, 0x5}, {0x40, 0x169}, {0x6, 0x6}, 0x0, 0x5c, 0x7fffffff, 0x40, 0x5, 0x800, 0x8, 0x5, 0x7, 0x81, '\x00', 0x5, 0x1, 0x8, 0x100}}) setregid$auto(r7, r7) close_range$auto(0x2, 0x8, 0x0) r8 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) ioctl$auto_SG_GET_REQUEST_TABLE(r8, 0x2286, 0x0) 1.812290539s ago: executing program 2 (id=793): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x9, 0x42, 0x13, 0xc3f) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x3ff) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) lseek$auto(0xffffffffffffffff, 0xacb, 0x7) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/de\xe5\xec\x9c\xbe\xeb\xaf\x87X/2\xa6id-\x1av/audis1\x00\xe2\x1d|\xb0\'%\xb9\xe2Te\xd9nOl\xf2\xdd0\x04\xb62\x8e\x8dtB\xaaOs\x04+\xbdu\xeb\x93v<$\x93\xf3\b2\xc7\xb5\'\xc0S\x84\x1eo\xba\x12\x86\xf7\x91\xf5\x1e\x03v7\xdc\xd0\fT\x17\xf8\xbbdU\x02\x99R\x15J\xb50\x9e\xcad\a\x97\xd5\x12\x8c\xe8\x04y\xd0j\xc8\x8b\xa9)\xbbb\xbf\xc2\xdd\xd4T?\xbe\xf8z\xd0\xbd\x12\xdf\\\x1d|T\xd6\xeb\"Z\x99&\xd3\x1d\x99kY\xb5M\x05\xd8\x11\xd3\xec\xfe\xc8U', 0xa3d9) unshare$auto(0x40000080) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1, 0x0) r3 = prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0x0, 0x0, 0x8001) r4 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r4, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x720, [0x0]}) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000040)=0x0) connect$auto(r2, &(0x7f0000000240)=@nfc={0x27, r5, 0xffffffffffffffff, 0x3}, 0xb49e) r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_WRITE(r6, 0x40085503, &(0x7f0000000600)={0xd, 0x0, 0x3}) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) setresgid$auto(0x0, 0xee01, 0xffffffffffffffff) r7 = getegid() ioctl$auto_XFS_IOC_SWAPEXT(r3, 0xc0c0586d, &(0x7f0000000180)={0x7, @raw=0x4, @inferred=r3, 0x3c, 0x3, '\x00', {0x4, 0xff, 0xa, 0x0, r7, 0x8, 0x7, 0x9, {0x4, 0x5}, {0x40, 0x169}, {0x6, 0x6}, 0x0, 0x5c, 0x7fffffff, 0x40, 0x5, 0x800, 0x8, 0x5, 0x7, 0x81, '\x00', 0x5, 0x1, 0x8, 0x100}}) setregid$auto(r7, r7) close_range$auto(0x2, 0x8, 0x0) r8 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) ioctl$auto_SG_GET_REQUEST_TABLE(r8, 0x2286, 0x0) 1.794962524s ago: executing program 4 (id=803): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x9, 0x42, 0x13, 0xc3f) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x3ff) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) lseek$auto(0xffffffffffffffff, 0xacb, 0x7) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/de\xe5\xec\x9c\xbe\xeb\xaf\x87X/2\xa6id-\x1av/audis1\x00\xe2\x1d|\xb0\'%\xb9\xe2Te\xd9nOl\xf2\xdd0\x04\xb62\x8e\x8dtB\xaaOs\x04+\xbdu\xeb\x93v<$\x93\xf3\b2\xc7\xb5\'\xc0S\x84\x1eo\xba\x12\x86\xf7\x91\xf5\x1e\x03v7\xdc\xd0\fT\x17\xf8\xbbdU\x02\x99R\x15J\xb50\x9e\xcad\a\x97\xd5\x12\x8c\xe8\x04y\xd0j\xc8\x8b\xa9)\xbbb\xbf\xc2\xdd\xd4T?\xbe\xf8z\xd0\xbd\x12\xdf\\\x1d|T\xd6\xeb\"Z\x99&\xd3\x1d\x99kY\xb5M\x05\xd8\x11\xd3\xec\xfe\xc8U', 0xa3d9) unshare$auto(0x40000080) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1, 0x0) r3 = prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) socket(0xa, 0x2, 0x73) fcntl$auto(0x0, 0x0, 0x8001) r4 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r4, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x720, [0x0]}) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000040)=0x0) connect$auto(r2, &(0x7f0000000240)=@nfc={0x27, r5, 0xffffffffffffffff, 0x3}, 0xb49e) r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_WRITE(r6, 0x40085503, &(0x7f0000000600)={0xd, 0x0, 0x3}) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) setresgid$auto(0x0, 0xee01, 0xffffffffffffffff) r7 = getegid() ioctl$auto_XFS_IOC_SWAPEXT(r3, 0xc0c0586d, &(0x7f0000000180)={0x7, @raw=0x4, @inferred=r3, 0x3c, 0x3, '\x00', {0x4, 0xff, 0xa, 0x0, r7, 0x8, 0x7, 0x9, {0x4, 0x5}, {0x40, 0x169}, {0x6, 0x6}, 0x0, 0x5c, 0x7fffffff, 0x40, 0x5, 0x800, 0x8, 0x5, 0x7, 0x81, '\x00', 0x5, 0x1, 0x8, 0x100}}) setregid$auto(r7, r7) close_range$auto(0x2, 0x8, 0x0) r8 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) ioctl$auto_SG_GET_REQUEST_TABLE(r8, 0x2286, 0x0) 77.323031ms ago: executing program 4 (id=794): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x14f642, 0x0) readahead$auto(r0, 0x7ff, 0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_SEQ={0x6, 0x6, 0x4}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x3}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8, 0x2, r2}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) r3 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) r4 = fcntl$auto_F_DUPFD_QUERY(r3, 0x403, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) sendmsg$auto_NL80211_CMD_GET_MPP(r4, 0x0, 0x80) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r6, 0x5607, 0xffffffffffffffff) read$auto(r5, 0x0, 0xe8) r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x5) mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, r5, 0x28000) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, 0x0, 0x5, 0x80000000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) r8 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r8, 0x0, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4044885) 76.6526ms ago: executing program 3 (id=796): r0 = accept$auto(0xffffffffffffffff, 0x0, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x3, 0x5) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4000000) mmap$auto(0x0, 0xc, 0xdf, 0xeb1, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x6) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x256800, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x5, 0x1, 0x4, 0x3, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x2a, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x8000}, 0x6b) madvise$auto(0xffffffffffffffff, 0x200007, 0x19) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x8, 0xb, 0x5, 0x9, 0xfffffffffffffffc, 0x83, 0x6, 0x2, 0x9, 0x5, 0x4000000000000002, 0xd, 0x3, 0xfffffffffffffffa, 0x7, 0x1000000006]}, 0x0, 0x0) mmap$auto(0xd, 0x2020009, 0x9, 0x1b, r1, 0x3) mmap$auto(0x400000000, 0x20009, 0x4000000000df, 0x40000000000eb1, r0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'}) r3 = socket(0x2, 0xa, 0xa) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendmmsg$auto(r3, &(0x7f0000000300)={{&(0x7f0000000140), 0x12, &(0x7f0000000280)={0x0, 0x4e}, 0x7, 0x0, 0x3, 0x1}, 0x7}, 0x8, 0x7fff) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x5, 0x5) r4 = pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, r4, 0x0, 0x7, 0x9) close_range$auto(r2, r4, 0x0) 0s ago: executing program 2 (id=797): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x40, 0x0) pread64$auto(r0, 0x0, 0xb, 0x5af) (fail_nth: 2) kernel console output (not intermixed with test programs): message leads to an empty skb [ 100.100595][ T5993] syz.3.23 uses obsolete (PF_INET,SOCK_PACKET) [ 101.408682][ T5981] mmap: syz.1.19 (5981) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 105.440107][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 105.450275][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.460402][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.470025][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.478578][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.487233][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.495900][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.506031][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.060214][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.217044][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.900051][ T6070] Invalid ELF header magic: != ELF [ 108.224911][ T6091] netlink: 28 bytes leftover after parsing attributes in process `syz.3.40'. [ 108.257096][ T6091] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 108.335338][ T6091] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.294359][ T6114] netlink: 28 bytes leftover after parsing attributes in process `syz.2.47'. [ 109.343518][ T6114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.47'. [ 109.818884][ T6145] FAULT_INJECTION: forcing a failure. [ 109.818884][ T6145] name failslab, interval 1, probability 0, space 0, times 0 [ 109.870234][ T6145] CPU: 1 UID: 0 PID: 6145 Comm: syz.2.53 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 109.870261][ T6145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 109.870271][ T6145] Call Trace: [ 109.870277][ T6145] [ 109.870284][ T6145] dump_stack_lvl+0x16c/0x1f0 [ 109.870313][ T6145] should_fail_ex+0x512/0x640 [ 109.870333][ T6145] ? __kvmalloc_node_noprof+0x122/0x600 [ 109.870360][ T6145] should_failslab+0xc2/0x120 [ 109.870376][ T6145] __kvmalloc_node_noprof+0x135/0x600 [ 109.870400][ T6145] ? lockdep_init_map_type+0x5c/0x280 [ 109.870433][ T6145] ? open_substream+0x30c/0x9b0 [ 109.870469][ T6145] ? open_substream+0x30c/0x9b0 [ 109.870493][ T6145] ? open_substream+0x19a/0x9b0 [ 109.870518][ T6145] open_substream+0x30c/0x9b0 [ 109.870544][ T6145] ? lockdep_hardirqs_on+0x7c/0x110 [ 109.870574][ T6145] rawmidi_open_priv+0x513/0x6e0 [ 109.870596][ T6145] snd_rawmidi_open+0x4cc/0xbf0 [ 109.870618][ T6145] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 109.870638][ T6145] ? __pfx_default_wake_function+0x10/0x10 [ 109.870662][ T6145] ? kobject_get_unless_zero+0x156/0x1e0 [ 109.870693][ T6145] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 109.870712][ T6145] snd_open+0x1fe/0x450 [ 109.870736][ T6145] ? __pfx_snd_open+0x10/0x10 [ 109.870758][ T6145] chrdev_open+0x231/0x6a0 [ 109.870783][ T6145] ? __pfx_apparmor_file_open+0x10/0x10 [ 109.870804][ T6145] ? __pfx_chrdev_open+0x10/0x10 [ 109.870831][ T6145] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 109.870858][ T6145] do_dentry_open+0x741/0x1c10 [ 109.870882][ T6145] ? __pfx_chrdev_open+0x10/0x10 [ 109.870911][ T6145] vfs_open+0x82/0x3f0 [ 109.870931][ T6145] path_openat+0x1e5e/0x2d40 [ 109.870963][ T6145] ? __pfx_path_openat+0x10/0x10 [ 109.870993][ T6145] do_filp_open+0x20b/0x470 [ 109.871018][ T6145] ? __pfx_do_filp_open+0x10/0x10 [ 109.871058][ T6145] ? alloc_fd+0x471/0x7d0 [ 109.871087][ T6145] do_sys_openat2+0x11b/0x1d0 [ 109.871104][ T6145] ? __pfx_do_sys_openat2+0x10/0x10 [ 109.871130][ T6145] __x64_sys_openat+0x174/0x210 [ 109.871157][ T6145] ? __pfx___x64_sys_openat+0x10/0x10 [ 109.871188][ T6145] ? rcu_is_watching+0x12/0xc0 [ 109.871231][ T6145] do_syscall_64+0xcd/0x260 [ 109.871260][ T6145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.871277][ T6145] RIP: 0033:0x7f7710b8d169 [ 109.871291][ T6145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.871307][ T6145] RSP: 002b:00007f771198a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 109.871323][ T6145] RAX: ffffffffffffffda RBX: 00007f7710da6080 RCX: 00007f7710b8d169 [ 109.871333][ T6145] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 109.871343][ T6145] RBP: 00007f7710c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 109.871353][ T6145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.871362][ T6145] R13: 0000000000000000 R14: 00007f7710da6080 R15: 00007ffc6efd0d08 [ 109.871382][ T6145] [ 110.693838][ T6162] Invalid ELF header magic: != ELF [ 112.033756][ T6182] netlink: 4 bytes leftover after parsing attributes in process `syz.2.62'. [ 112.125949][ T6190] process 'syz.0.63' launched ':,' with NULL argv: empty string added [ 112.252124][ T6187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.63'. [ 112.540191][ T6206] usbip-vudc usbip-vudc.0: gadget not bound [ 115.391736][ T6260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.77'. [ 115.478388][ T6260] netlink: 146 bytes leftover after parsing attributes in process `syz.3.77'. [ 117.407677][ T6297] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.741286][ T6310] openvswitch: netlink: IP tunnel TTL not specified. [ 117.830391][ T6310] syz.2.86 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 117.955031][ T6308] tty tty31: ldisc open failed (-12), clearing slot 30 [ 118.333872][ T6294] kexec: Could not allocate control_code_buffer [ 125.047153][ T6440] netlink: 24 bytes leftover after parsing attributes in process `syz.0.107'. [ 125.288272][ T30] audit: type=1800 audit(6039137979.860:2): pid=6440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.107" name="discovery_nqn" dev="configfs" ino=8931 res=0 errno=0 [ 127.184794][ T30] audit: type=1800 audit(6039137981.770:3): pid=6462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.110" name="dbroot" dev="configfs" ino=9363 res=0 errno=0 [ 127.204649][ C1] vkms_vblank_simulate: vblank timer overrun [ 127.221994][ T6462] db_root: not a directory: /dev/audio1 [ 127.351162][ T6463] random: crng reseeded on system resumption [ 127.415988][ T6463] FAULT_INJECTION: forcing a failure. [ 127.415988][ T6463] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 127.519795][ T6463] CPU: 1 UID: 0 PID: 6463 Comm: syz.2.110 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 127.519838][ T6463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 127.519854][ T6463] Call Trace: [ 127.519864][ T6463] [ 127.519874][ T6463] dump_stack_lvl+0x16c/0x1f0 [ 127.519917][ T6463] should_fail_ex+0x512/0x640 [ 127.519952][ T6463] should_fail_alloc_page+0xe7/0x130 [ 127.519980][ T6463] prepare_alloc_pages+0x3c2/0x610 [ 127.520012][ T6463] ? rcu_is_watching+0x12/0xc0 [ 127.520052][ T6463] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 127.520100][ T6463] ? mark_held_locks+0x49/0x80 [ 127.520149][ T6463] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 127.520186][ T6463] ? lockdep_hardirqs_on+0x7c/0x110 [ 127.520225][ T6463] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 127.520262][ T6463] ? stack_depot_save_flags+0x3e6/0xa50 [ 127.520300][ T6463] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 127.520349][ T6463] ? kasan_save_stack+0x42/0x60 [ 127.520400][ T6463] ? kasan_save_stack+0x33/0x60 [ 127.520438][ T6463] ? kasan_save_track+0x14/0x30 [ 127.520485][ T6463] ? vfs_open+0x82/0x3f0 [ 127.520511][ T6463] ? path_openat+0x1e5e/0x2d40 [ 127.520549][ T6463] ? do_filp_open+0x20b/0x470 [ 127.520587][ T6463] ? do_sys_openat2+0x11b/0x1d0 [ 127.520615][ T6463] ? __x64_sys_openat+0x174/0x210 [ 127.520641][ T6463] ? do_syscall_64+0xcd/0x260 [ 127.520678][ T6463] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.520711][ T6463] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.520741][ T6463] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.520774][ T6463] ? policy_nodemask+0xea/0x4e0 [ 127.520806][ T6463] alloc_pages_mpol+0x1fb/0x550 [ 127.520835][ T6463] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 127.520875][ T6463] alloc_pages_noprof+0x131/0x390 [ 127.520903][ T6463] get_zeroed_page_noprof+0x14/0x50 [ 127.520935][ T6463] get_image_page+0x18/0x190 [ 127.520971][ T6463] alloc_rtree_node+0x3c/0xb0 [ 127.521008][ T6463] memory_bm_create+0x515/0x810 [ 127.521062][ T6463] create_basic_memory_bitmaps+0xc1/0x680 [ 127.521110][ T6463] snapshot_open+0x235/0x2b0 [ 127.521151][ T6463] ? __pfx_snapshot_open+0x10/0x10 [ 127.521193][ T6463] misc_open+0x35a/0x420 [ 127.521231][ T6463] ? __pfx_misc_open+0x10/0x10 [ 127.521266][ T6463] chrdev_open+0x231/0x6a0 [ 127.521311][ T6463] ? __pfx_chrdev_open+0x10/0x10 [ 127.521359][ T6463] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 127.521416][ T6463] do_dentry_open+0x741/0x1c10 [ 127.521458][ T6463] ? __pfx_chrdev_open+0x10/0x10 [ 127.521510][ T6463] vfs_open+0x82/0x3f0 [ 127.521546][ T6463] path_openat+0x1e5e/0x2d40 [ 127.521605][ T6463] ? __pfx_path_openat+0x10/0x10 [ 127.521657][ T6463] do_filp_open+0x20b/0x470 [ 127.521700][ T6463] ? __pfx_do_filp_open+0x10/0x10 [ 127.521773][ T6463] ? alloc_fd+0x471/0x7d0 [ 127.521828][ T6463] do_sys_openat2+0x11b/0x1d0 [ 127.521857][ T6463] ? __pfx_do_sys_openat2+0x10/0x10 [ 127.521904][ T6463] __x64_sys_openat+0x174/0x210 [ 127.521937][ T6463] ? __pfx___x64_sys_openat+0x10/0x10 [ 127.521971][ T6463] ? rcu_is_watching+0x12/0xc0 [ 127.522019][ T6463] do_syscall_64+0xcd/0x260 [ 127.522064][ T6463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.522092][ T6463] RIP: 0033:0x7f7710b8d169 [ 127.522116][ T6463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.522143][ T6463] RSP: 002b:00007f771198a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 127.522170][ T6463] RAX: ffffffffffffffda RBX: 00007f7710da6080 RCX: 00007f7710b8d169 [ 127.522188][ T6463] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 127.522206][ T6463] RBP: 00007f7710c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 127.522222][ T6463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.522238][ T6463] R13: 0000000000000000 R14: 00007f7710da6080 R15: 00007ffc6efd0d08 [ 127.522277][ T6463] [ 127.910395][ C1] vkms_vblank_simulate: vblank timer overrun [ 129.967825][ T6493] Invalid ELF header magic: != ELF [ 131.155547][ T6520] netlink: 504 bytes leftover after parsing attributes in process `syz.3.122'. [ 131.231222][ T6520] netlink: 350 bytes leftover after parsing attributes in process `syz.3.122'. [ 133.071160][ T6546] FAULT_INJECTION: forcing a failure. [ 133.071160][ T6546] name failslab, interval 1, probability 0, space 0, times 0 [ 133.100214][ T6546] CPU: 0 UID: 0 PID: 6546 Comm: syz.2.126 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 133.100259][ T6546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 133.100275][ T6546] Call Trace: [ 133.100286][ T6546] [ 133.100297][ T6546] dump_stack_lvl+0x16c/0x1f0 [ 133.100356][ T6546] should_fail_ex+0x512/0x640 [ 133.100389][ T6546] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 133.100438][ T6546] should_failslab+0xc2/0x120 [ 133.100467][ T6546] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 133.100512][ T6546] ? __kernfs_new_node+0xd2/0x8a0 [ 133.100565][ T6546] __kernfs_new_node+0xd2/0x8a0 [ 133.100614][ T6546] ? __pfx___kernfs_new_node+0x10/0x10 [ 133.100672][ T6546] ? find_held_lock+0x2b/0x80 [ 133.100711][ T6546] ? kernfs_root+0xee/0x2a0 [ 133.100766][ T6546] kernfs_new_node+0x13c/0x1e0 [ 133.100806][ T6546] __kernfs_create_file+0x53/0x350 [ 133.100850][ T6546] sysfs_add_file_mode_ns+0x207/0x3c0 [ 133.100906][ T6546] internal_create_group+0x578/0xf30 [ 133.100965][ T6546] ? __pfx_internal_create_group+0x10/0x10 [ 133.101015][ T6546] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 133.101060][ T6546] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 133.101100][ T6546] ? find_held_lock+0x2b/0x80 [ 133.101144][ T6546] internal_create_groups+0x9d/0x150 [ 133.101182][ T6546] kobject_add_internal+0x311/0x9b0 [ 133.101236][ T6546] kobject_init_and_add+0x11b/0x190 [ 133.101266][ T6546] ? __pfx_kobject_init_and_add+0x10/0x10 [ 133.101322][ T6546] nfs_netns_sysfs_setup+0x12a/0x1f0 [ 133.101368][ T6546] nfs_net_init+0x10a/0x300 [ 133.101409][ T6546] ? __pfx_nfs_net_init+0x10/0x10 [ 133.101446][ T6546] ops_init+0x1df/0x5f0 [ 133.101491][ T6546] setup_net+0x21e/0x850 [ 133.101536][ T6546] ? __pfx_setup_net+0x10/0x10 [ 133.101569][ T6546] ? lockdep_init_map_type+0x5c/0x280 [ 133.101596][ T6546] ? __pfx_down_read_killable+0x10/0x10 [ 133.101629][ T6546] ? debug_mutex_init+0x37/0x70 [ 133.101669][ T6546] copy_net_ns+0x2a6/0x5f0 [ 133.101717][ T6546] create_new_namespaces+0x3ea/0xad0 [ 133.101769][ T6546] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 133.101814][ T6546] ksys_unshare+0x45b/0xa40 [ 133.101859][ T6546] ? __pfx_ksys_unshare+0x10/0x10 [ 133.101900][ T6546] ? xfd_validate_state+0x5d/0x180 [ 133.101935][ T6546] ? rcu_is_watching+0x12/0xc0 [ 133.101981][ T6546] __x64_sys_unshare+0x31/0x40 [ 133.102025][ T6546] do_syscall_64+0xcd/0x260 [ 133.102069][ T6546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.102098][ T6546] RIP: 0033:0x7f7710b8d169 [ 133.102123][ T6546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.102151][ T6546] RSP: 002b:00007f77119ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 133.102179][ T6546] RAX: ffffffffffffffda RBX: 00007f7710da5fa0 RCX: 00007f7710b8d169 [ 133.102198][ T6546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 133.102215][ T6546] RBP: 00007f7710c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 133.102232][ T6546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.102248][ T6546] R13: 0000000000000000 R14: 00007f7710da5fa0 R15: 00007ffc6efd0d08 [ 133.102287][ T6546] [ 133.413786][ C0] vkms_vblank_simulate: vblank timer overrun [ 133.473884][ T6546] kobject: kobject_add_internal failed for nfs_client (error: -12 parent: net) [ 134.447700][ T6561] netlink: 214 bytes leftover after parsing attributes in process `syz.0.131'. [ 135.710212][ T6585] FAULT_INJECTION: forcing a failure. [ 135.710212][ T6585] name failslab, interval 1, probability 0, space 0, times 0 [ 135.797526][ T6585] CPU: 0 UID: 0 PID: 6585 Comm: syz.2.137 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 135.797575][ T6585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 135.797590][ T6585] Call Trace: [ 135.797598][ T6585] [ 135.797609][ T6585] dump_stack_lvl+0x16c/0x1f0 [ 135.797651][ T6585] should_fail_ex+0x512/0x640 [ 135.797681][ T6585] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 135.797726][ T6585] should_failslab+0xc2/0x120 [ 135.797752][ T6585] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 135.797790][ T6585] ? vma_merge_new_range+0x3f8/0xc10 [ 135.797827][ T6585] ? vm_area_alloc+0x1f/0x160 [ 135.797869][ T6585] vm_area_alloc+0x1f/0x160 [ 135.797904][ T6585] __mmap_region+0xfd0/0x27c0 [ 135.797947][ T6585] ? __pfx___mmap_region+0x10/0x10 [ 135.797986][ T6585] ? finish_task_switch.isra.0+0x221/0xc10 [ 135.798030][ T6585] ? trace_sched_exit_tp+0xde/0x130 [ 135.798135][ T6585] ? trace_cap_capable+0x18d/0x200 [ 135.798166][ T6585] ? cap_capable+0xb3/0x250 [ 135.798199][ T6585] mmap_region+0x1ab/0x3f0 [ 135.798246][ T6585] do_mmap+0xd8e/0x11b0 [ 135.798286][ T6585] ? __pfx_do_mmap+0x10/0x10 [ 135.798316][ T6585] ? __pfx_down_write_killable+0x10/0x10 [ 135.798362][ T6585] vm_mmap_pgoff+0x281/0x450 [ 135.798398][ T6585] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 135.798424][ T6585] ? _copy_to_user+0x48/0xd0 [ 135.798464][ T6585] ? __x64_sys_futex+0x1e0/0x4c0 [ 135.798501][ T6585] ? __x64_sys_futex+0x1e9/0x4c0 [ 135.798542][ T6585] ksys_mmap_pgoff+0x7d/0x5c0 [ 135.798582][ T6585] ? syscall_user_dispatch+0x78/0x140 [ 135.798617][ T6585] __x64_sys_mmap+0x125/0x190 [ 135.798655][ T6585] do_syscall_64+0xcd/0x260 [ 135.798697][ T6585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.798723][ T6585] RIP: 0033:0x7f7710b8d169 [ 135.798745][ T6585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.798769][ T6585] RSP: 002b:00007f771198a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 135.798796][ T6585] RAX: ffffffffffffffda RBX: 00007f7710da6080 RCX: 00007f7710b8d169 [ 135.798813][ T6585] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 135.798829][ T6585] RBP: 00007f7710c0e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 135.798845][ T6585] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 135.798860][ T6585] R13: 0000000000000000 R14: 00007f7710da6080 R15: 00007ffc6efd0d08 [ 135.798894][ T6585] [ 136.045391][ C0] vkms_vblank_simulate: vblank timer overrun [ 138.180868][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.187760][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.683214][ T6628] netlink: 330 bytes leftover after parsing attributes in process `syz.3.147'. [ 138.800398][ T6628] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.809024][ T6628] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.967025][ T6646] netlink: 342 bytes leftover after parsing attributes in process `syz.3.151'. [ 141.431208][ T6663] netlink: 28 bytes leftover after parsing attributes in process `syz.1.157'. [ 141.721970][ T6663] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.915638][ T6663] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.659050][ T6764] FAULT_INJECTION: forcing a failure. [ 147.659050][ T6764] name fail_futex, interval 1, probability 0, space 0, times 1 [ 147.728979][ T6764] CPU: 1 UID: 0 PID: 6764 Comm: syz.1.171 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 147.729019][ T6764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 147.729035][ T6764] Call Trace: [ 147.729044][ T6764] [ 147.729054][ T6764] dump_stack_lvl+0x16c/0x1f0 [ 147.729099][ T6764] should_fail_ex+0x512/0x640 [ 147.729136][ T6764] get_futex_key+0x49e/0x1000 [ 147.729179][ T6764] ? __pfx_get_futex_key+0x10/0x10 [ 147.729214][ T6764] ? __pfx___schedule+0x10/0x10 [ 147.729260][ T6764] futex_wait_setup+0x78/0x290 [ 147.729295][ T6764] __futex_wait+0x266/0x3c0 [ 147.729325][ T6764] ? __pfx___futex_wait+0x10/0x10 [ 147.729358][ T6764] ? __pfx_futex_wake_mark+0x10/0x10 [ 147.729402][ T6764] futex_wait+0xe8/0x380 [ 147.729428][ T6764] ? __pfx_futex_wait+0x10/0x10 [ 147.729464][ T6764] ? vfs_write+0x316/0x1180 [ 147.729510][ T6764] ? __pfx_sg_write+0x10/0x10 [ 147.729550][ T6764] do_futex+0x229/0x350 [ 147.729589][ T6764] ? __pfx_do_futex+0x10/0x10 [ 147.729639][ T6764] __x64_sys_futex+0x1e0/0x4c0 [ 147.729686][ T6764] ? __pfx___x64_sys_futex+0x10/0x10 [ 147.729728][ T6764] ? rcu_is_watching+0x12/0xc0 [ 147.729775][ T6764] do_syscall_64+0xcd/0x260 [ 147.729819][ T6764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.729848][ T6764] RIP: 0033:0x7fe787d8d169 [ 147.729872][ T6764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.729898][ T6764] RSP: 002b:00007fe788c570e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 147.729925][ T6764] RAX: ffffffffffffffda RBX: 00007fe787fa5fa8 RCX: 00007fe787d8d169 [ 147.729942][ T6764] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe787fa5fa8 [ 147.729958][ T6764] RBP: 00007fe787fa5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 147.729975][ T6764] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe787fa5fac [ 147.729991][ T6764] R13: 0000000000000000 R14: 00007ffd263d0710 R15: 00007ffd263d07f8 [ 147.730027][ T6764] [ 148.237419][ T6767] Invalid ELF header magic: != ELF [ 148.577770][ T5841] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 153.725546][ T6822] netlink: 'syz.1.190': attribute type 16 has an invalid length. [ 153.765001][ T6822] netlink: 330 bytes leftover after parsing attributes in process `syz.1.190'. [ 154.840506][ T6850] FAULT_INJECTION: forcing a failure. [ 154.840506][ T6850] name failslab, interval 1, probability 0, space 0, times 0 [ 154.897959][ T6850] CPU: 0 UID: 0 PID: 6850 Comm: syz.2.184 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 154.898002][ T6850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 154.898020][ T6850] Call Trace: [ 154.898030][ T6850] [ 154.898042][ T6850] dump_stack_lvl+0x16c/0x1f0 [ 154.898089][ T6850] should_fail_ex+0x512/0x640 [ 154.898121][ T6850] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 154.898166][ T6850] should_failslab+0xc2/0x120 [ 154.898216][ T6850] __kmalloc_cache_noprof+0x6a/0x3e0 [ 154.898256][ T6850] ? trace_kmalloc+0x2b/0xd0 [ 154.898282][ T6850] ? snd_virmidi_input_open+0xc8/0x4a0 [ 154.898334][ T6850] snd_virmidi_input_open+0xc8/0x4a0 [ 154.898386][ T6850] open_substream+0x478/0x9b0 [ 154.898421][ T6850] rawmidi_open_priv+0x513/0x6e0 [ 154.898460][ T6850] snd_rawmidi_open+0x4cc/0xbf0 [ 154.898501][ T6850] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 154.898537][ T6850] ? __pfx_default_wake_function+0x10/0x10 [ 154.898580][ T6850] ? kobject_get_unless_zero+0x156/0x1e0 [ 154.898628][ T6850] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 154.898660][ T6850] snd_open+0x1fe/0x450 [ 154.898701][ T6850] ? __pfx_snd_open+0x10/0x10 [ 154.898740][ T6850] chrdev_open+0x231/0x6a0 [ 154.898783][ T6850] ? __pfx_apparmor_file_open+0x10/0x10 [ 154.898814][ T6850] ? __pfx_chrdev_open+0x10/0x10 [ 154.898860][ T6850] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 154.898909][ T6850] do_dentry_open+0x741/0x1c10 [ 154.898952][ T6850] ? __pfx_chrdev_open+0x10/0x10 [ 154.899005][ T6850] vfs_open+0x82/0x3f0 [ 154.899041][ T6850] path_openat+0x1e5e/0x2d40 [ 154.899098][ T6850] ? __pfx_path_openat+0x10/0x10 [ 154.899151][ T6850] do_filp_open+0x20b/0x470 [ 154.899197][ T6850] ? __pfx_do_filp_open+0x10/0x10 [ 154.899269][ T6850] ? alloc_fd+0x471/0x7d0 [ 154.899321][ T6850] do_sys_openat2+0x11b/0x1d0 [ 154.899351][ T6850] ? __pfx_do_sys_openat2+0x10/0x10 [ 154.899399][ T6850] __x64_sys_openat+0x174/0x210 [ 154.899431][ T6850] ? __pfx___x64_sys_openat+0x10/0x10 [ 154.899464][ T6850] ? rcu_is_watching+0x12/0xc0 [ 154.899512][ T6850] do_syscall_64+0xcd/0x260 [ 154.899556][ T6850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.899585][ T6850] RIP: 0033:0x7f7710b8d169 [ 154.899609][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.899635][ T6850] RSP: 002b:00007f771198a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 154.899663][ T6850] RAX: ffffffffffffffda RBX: 00007f7710da6080 RCX: 00007f7710b8d169 [ 154.899681][ T6850] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 154.899699][ T6850] RBP: 00007f7710c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 154.899716][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.899730][ T6850] R13: 0000000000000000 R14: 00007f7710da6080 R15: 00007ffc6efd0d08 [ 154.899768][ T6850] [ 155.275289][ T6853] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 155.492136][ T6853] CPU: 1 UID: 0 PID: 6853 Comm: syz.0.183 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 155.492163][ T6853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 155.492173][ T6853] Call Trace: [ 155.492179][ T6853] [ 155.492186][ T6853] dump_stack_lvl+0x16c/0x1f0 [ 155.492215][ T6853] sysfs_warn_dup+0x7f/0xa0 [ 155.492242][ T6853] sysfs_create_dir_ns+0x24b/0x2b0 [ 155.492268][ T6853] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 155.492291][ T6853] ? find_held_lock+0x2b/0x80 [ 155.492317][ T6853] ? nfs_netns_namespace+0xd/0x40 [ 155.492337][ T6853] kobject_add_internal+0x2c4/0x9b0 [ 155.492367][ T6853] kobject_init_and_add+0x11b/0x190 [ 155.492383][ T6853] ? __pfx_kobject_init_and_add+0x10/0x10 [ 155.492410][ T6853] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 155.492431][ T6853] nfs_net_init+0x10a/0x300 [ 155.492455][ T6853] ? __pfx_nfs_net_init+0x10/0x10 [ 155.492476][ T6853] ops_init+0x1df/0x5f0 [ 155.492513][ T6853] setup_net+0x21e/0x850 [ 155.492538][ T6853] ? __pfx_setup_net+0x10/0x10 [ 155.492560][ T6853] ? lockdep_init_map_type+0x5c/0x280 [ 155.492577][ T6853] ? __pfx_down_read_killable+0x10/0x10 [ 155.492596][ T6853] ? debug_mutex_init+0x37/0x70 [ 155.492619][ T6853] copy_net_ns+0x2a6/0x5f0 [ 155.492647][ T6853] create_new_namespaces+0x3ea/0xad0 [ 155.492676][ T6853] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 155.492702][ T6853] ksys_unshare+0x45b/0xa40 [ 155.492734][ T6853] ? __pfx_ksys_unshare+0x10/0x10 [ 155.492768][ T6853] ? xfd_validate_state+0x5d/0x180 [ 155.492799][ T6853] ? rcu_is_watching+0x12/0xc0 [ 155.492832][ T6853] __x64_sys_unshare+0x31/0x40 [ 155.492857][ T6853] do_syscall_64+0xcd/0x260 [ 155.492882][ T6853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.492899][ T6853] RIP: 0033:0x7f62d0d8d169 [ 155.492914][ T6853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.492937][ T6853] RSP: 002b:00007f62d1b23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 155.492962][ T6853] RAX: ffffffffffffffda RBX: 00007f62d0fa6320 RCX: 00007f62d0d8d169 [ 155.492979][ T6853] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 155.492992][ T6853] RBP: 00007f62d0e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 155.493006][ T6853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.493021][ T6853] R13: 0000000000000000 R14: 00007f62d0fa6320 R15: 00007ffd603a1498 [ 155.493056][ T6853] [ 156.119229][ T6853] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 158.603737][ T6886] Invalid ELF header magic: != ELF [ 161.883550][ T6928] input input8: cannot allocate more than FF_MAX_EFFECTS effects [ 165.272911][ T6958] netlink: 4 bytes leftover after parsing attributes in process `syz.0.210'. [ 165.478820][ T6965] netlink: 32 bytes leftover after parsing attributes in process `syz.0.212'. [ 167.669697][ T6977] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 171.401477][ T7044] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 171.450415][ T7048] Invalid ELF header magic: != ELF [ 172.110100][ T5841] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 172.235884][ T30] audit: type=1800 audit(6039139057.800:4): pid=7062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.236" name="dbroot" dev="configfs" ino=11809 res=0 errno=0 [ 172.767651][ T7061] vivid-003: ================= START STATUS ================= [ 172.851135][ T7061] vivid-003: Radio HW Seek Mode: Bounded [ 172.859171][ T7061] vivid-003: Radio Programmable HW Seek: false [ 172.888706][ T7061] vivid-003: RDS Rx I/O Mode: Block I/O [ 173.003233][ T7061] vivid-003: Generate RBDS Instead of RDS: false [ 173.047134][ T7061] vivid-003: RDS Reception: true [ 173.057247][ T7061] vivid-003: RDS Program Type: 0 inactive [ 173.111221][ T7061] vivid-003: RDS PS Name: inactive [ 173.201252][ T7061] vivid-003: RDS Radio Text: inactive [ 173.203376][ T7053] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.216075][ T7053] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.253209][ T7061] vivid-003: RDS Traffic Announcement: false inactive [ 173.347796][ T7061] vivid-003: RDS Traffic Program: false inactive [ 173.365326][ T7053] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.370233][ T7061] vivid-003: RDS Music: false inactive [ 173.378618][ T7061] vivid-003: ================== END STATUS ================== [ 173.501666][ T7053] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 173.507726][ T7053] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 174.015955][ T7053] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 174.047766][ T7053] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 174.085017][ T7053] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 174.137998][ T7053] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 174.296660][ T7053] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 174.313321][ T7053] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 174.336591][ T7053] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 175.231178][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.551167][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 176.111943][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 176.351142][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 176.384811][ T7100] netlink: 346 bytes leftover after parsing attributes in process `syz.2.240'. [ 176.696562][ T7107] Invalid ELF header magic: != ELF [ 177.254358][ T7115] FAULT_INJECTION: forcing a failure. [ 177.254358][ T7115] name failslab, interval 1, probability 0, space 0, times 0 [ 177.282037][ T7115] CPU: 0 UID: 0 PID: 7115 Comm: syz.3.246 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 177.282081][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 177.282097][ T7115] Call Trace: [ 177.282106][ T7115] [ 177.282117][ T7115] dump_stack_lvl+0x16c/0x1f0 [ 177.282173][ T7115] should_fail_ex+0x512/0x640 [ 177.282203][ T7115] ? fs_reclaim_acquire+0xae/0x150 [ 177.282237][ T7115] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 177.282269][ T7115] should_failslab+0xc2/0x120 [ 177.282294][ T7115] __kmalloc_noprof+0xd2/0x510 [ 177.282341][ T7115] tomoyo_realpath_from_path+0xc2/0x6e0 [ 177.282389][ T7115] tomoyo_check_open_permission+0x2ab/0x3c0 [ 177.282420][ T7115] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 177.282492][ T7115] ? do_raw_spin_lock+0x12c/0x2b0 [ 177.282531][ T7115] tomoyo_file_open+0x6b/0x90 [ 177.282569][ T7115] security_file_open+0x84/0x1e0 [ 177.282619][ T7115] do_dentry_open+0x596/0x1c10 [ 177.282672][ T7115] vfs_open+0x82/0x3f0 [ 177.282706][ T7115] path_openat+0x1e5e/0x2d40 [ 177.282758][ T7115] ? __pfx_path_openat+0x10/0x10 [ 177.282800][ T7115] do_filp_open+0x20b/0x470 [ 177.282838][ T7115] ? __pfx_do_filp_open+0x10/0x10 [ 177.282905][ T7115] ? alloc_fd+0x471/0x7d0 [ 177.282955][ T7115] do_sys_openat2+0x11b/0x1d0 [ 177.282982][ T7115] ? __pfx_do_sys_openat2+0x10/0x10 [ 177.283014][ T7115] ? find_held_lock+0x2b/0x80 [ 177.283059][ T7115] __x64_sys_openat+0x174/0x210 [ 177.283085][ T7115] ? __pfx___x64_sys_openat+0x10/0x10 [ 177.283116][ T7115] ? rcu_is_watching+0x12/0xc0 [ 177.283170][ T7115] do_syscall_64+0xcd/0x260 [ 177.283211][ T7115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.283237][ T7115] RIP: 0033:0x7fb1d618d169 [ 177.283260][ T7115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.283284][ T7115] RSP: 002b:00007fb1d6fe6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 177.283311][ T7115] RAX: ffffffffffffffda RBX: 00007fb1d63a5fa0 RCX: 00007fb1d618d169 [ 177.283329][ T7115] RDX: 0000000000040080 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 177.283344][ T7115] RBP: 00007fb1d620e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 177.283360][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.283376][ T7115] R13: 0000000000000000 R14: 00007fb1d63a5fa0 R15: 00007ffce4a9b3c8 [ 177.283410][ T7115] [ 177.283420][ T7115] ERROR: Out of memory at tomoyo_realpath_from_path. [ 177.321246][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.631195][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 177.806585][ T7141] FAULT_INJECTION: forcing a failure. [ 177.806585][ T7141] name fail_futex, interval 1, probability 0, space 0, times 0 [ 177.867982][ T7141] CPU: 0 UID: 0 PID: 7141 Comm: syz.3.252 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 177.868021][ T7141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 177.868036][ T7141] Call Trace: [ 177.868045][ T7141] [ 177.868055][ T7141] dump_stack_lvl+0x16c/0x1f0 [ 177.868098][ T7141] should_fail_ex+0x512/0x640 [ 177.868135][ T7141] get_futex_key+0x49e/0x1000 [ 177.868177][ T7141] ? __pfx_get_futex_key+0x10/0x10 [ 177.868212][ T7141] ? kfree+0x252/0x4d0 [ 177.868259][ T7141] futex_wake+0xe7/0x4e0 [ 177.868288][ T7141] ? __pfx_futex_wake+0x10/0x10 [ 177.868313][ T7141] ? __pfx_vfs_writev+0x10/0x10 [ 177.868362][ T7141] ? do_writev+0x218/0x330 [ 177.868405][ T7141] do_futex+0x1e3/0x350 [ 177.868444][ T7141] ? __pfx_do_futex+0x10/0x10 [ 177.868479][ T7141] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 177.868530][ T7141] __x64_sys_futex+0x1e0/0x4c0 [ 177.868571][ T7141] ? fput+0x70/0xf0 [ 177.868596][ T7141] ? __pfx___x64_sys_futex+0x10/0x10 [ 177.868635][ T7141] ? __pfx_do_writev+0x10/0x10 [ 177.868664][ T7141] ? rcu_is_watching+0x12/0xc0 [ 177.868708][ T7141] do_syscall_64+0xcd/0x260 [ 177.868750][ T7141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.868777][ T7141] RIP: 0033:0x7fb1d618d169 [ 177.868799][ T7141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.868823][ T7141] RSP: 002b:00007fb1d6fa40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 177.868847][ T7141] RAX: ffffffffffffffda RBX: 00007fb1d63a6168 RCX: 00007fb1d618d169 [ 177.868864][ T7141] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb1d63a616c [ 177.868880][ T7141] RBP: 00007fb1d63a6160 R08: 00007fb1d6fe7000 R09: 0000000000000000 [ 177.868895][ T7141] R10: 0000000000000007 R11: 0000000000000246 R12: 00007fb1d63a616c [ 177.868911][ T7141] R13: 0000000000000000 R14: 00007ffce4a9b2e0 R15: 00007ffce4a9b3c8 [ 177.868947][ T7141] [ 178.191288][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.356028][ T7147] netlink: 330 bytes leftover after parsing attributes in process `syz.2.251'. [ 178.431271][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.482656][ T7143] netlink: 20 bytes leftover after parsing attributes in process `syz.2.251'. [ 178.682057][ T7147] syz.2.251 (7147) used greatest stack depth: 21416 bytes left [ 179.294495][ T7159] can: request_module (can-proto-0) failed. [ 179.641142][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 179.711129][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 180.273886][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.530701][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 182.003602][ T7211] netlink: 342 bytes leftover after parsing attributes in process `syz.2.267'. [ 182.684916][ T7211] cougar: G6 mapped to space [ 184.279579][ T5841] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 184.425640][ T30] audit: type=1800 audit(6039139077.931:5): pid=7238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.272" name="dbroot" dev="configfs" ino=13350 res=0 errno=0 [ 185.525578][ T5841] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 185.525621][ T5841] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 185.543810][ T5841] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 185.543875][ T5841] Bluetooth: hci1: adv larger than maximum supported [ 185.551264][ T5841] Bluetooth: hci1: Unknown advertising packet type: 0x73 [ 185.558012][ T5841] Bluetooth: hci1: Malformed LE Event: 0x0d [ 186.079740][ T7263] FAULT_INJECTION: forcing a failure. [ 186.079740][ T7263] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 186.080409][ T7270] netlink: 322 bytes leftover after parsing attributes in process `syz.0.279'. [ 186.117530][ T7263] CPU: 0 UID: 0 PID: 7263 Comm: syz.3.277 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 186.117572][ T7263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 186.117589][ T7263] Call Trace: [ 186.117599][ T7263] [ 186.117610][ T7263] dump_stack_lvl+0x16c/0x1f0 [ 186.117658][ T7263] should_fail_ex+0x512/0x640 [ 186.117698][ T7263] should_fail_alloc_page+0xe7/0x130 [ 186.117728][ T7263] prepare_alloc_pages+0x3c2/0x610 [ 186.117763][ T7263] ? rcu_is_watching+0x12/0xc0 [ 186.117803][ T7263] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 186.117856][ T7263] ? cgroup_rstat_updated+0x2a/0xb20 [ 186.117904][ T7263] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 186.117964][ T7263] ? __lock_acquire+0x5ca/0x1ba0 [ 186.117996][ T7263] ? __lock_acquire+0x5ca/0x1ba0 [ 186.118021][ T7263] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 186.118054][ T7263] ? policy_nodemask+0xea/0x4e0 [ 186.118084][ T7263] alloc_pages_mpol+0x1fb/0x550 [ 186.118114][ T7263] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 186.118142][ T7263] ? __lock_acquire+0x5ca/0x1ba0 [ 186.118174][ T7263] folio_alloc_mpol_noprof+0x36/0x2f0 [ 186.118211][ T7263] vma_alloc_folio_noprof+0xed/0x1e0 [ 186.118242][ T7263] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 186.118288][ T7263] do_pte_missing+0x223d/0x3fb0 [ 186.118344][ T7263] __handle_mm_fault+0x103d/0x2a40 [ 186.118397][ T7263] ? __pfx___handle_mm_fault+0x10/0x10 [ 186.118442][ T7263] ? __pte_offset_map_lock+0x155/0x2f0 [ 186.118474][ T7263] ? find_held_lock+0x2b/0x80 [ 186.118508][ T7263] ? find_held_lock+0x2b/0x80 [ 186.118571][ T7263] handle_mm_fault+0x3fe/0xad0 [ 186.118618][ T7263] __get_user_pages+0x771/0x36f0 [ 186.118666][ T7263] ? __pfx_mt_find+0x10/0x10 [ 186.118711][ T7263] ? __pfx___get_user_pages+0x10/0x10 [ 186.118763][ T7263] populate_vma_page_range+0x278/0x3a0 [ 186.118804][ T7263] ? __pfx_populate_vma_page_range+0x10/0x10 [ 186.118840][ T7263] ? __pfx_find_vma_intersection+0x10/0x10 [ 186.118885][ T7263] __mm_populate+0x1d8/0x380 [ 186.118925][ T7263] ? __pfx___mm_populate+0x10/0x10 [ 186.118966][ T7263] ? up_write+0x1b2/0x520 [ 186.119001][ T7263] vm_mmap_pgoff+0x362/0x450 [ 186.119039][ T7263] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 186.119082][ T7263] ? __x64_sys_futex+0x1e0/0x4c0 [ 186.119121][ T7263] ? __x64_sys_futex+0x1e9/0x4c0 [ 186.119165][ T7263] ksys_mmap_pgoff+0x7d/0x5c0 [ 186.119198][ T7263] ? rcu_is_watching+0x12/0xc0 [ 186.119238][ T7263] __x64_sys_mmap+0x125/0x190 [ 186.119277][ T7263] do_syscall_64+0xcd/0x260 [ 186.119322][ T7263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.119350][ T7263] RIP: 0033:0x7fb1d618d169 [ 186.119375][ T7263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.119402][ T7263] RSP: 002b:00007fb1d6fe6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 186.119438][ T7263] RAX: ffffffffffffffda RBX: 00007fb1d63a5fa0 RCX: 00007fb1d618d169 [ 186.119458][ T7263] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 186.119474][ T7263] RBP: 00007fb1d620e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 186.119490][ T7263] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 186.119506][ T7263] R13: 0000000000000000 R14: 00007fb1d63a5fa0 R15: 00007ffce4a9b3c8 [ 186.119545][ T7263] [ 187.650551][ T7286] netlink: 4 bytes leftover after parsing attributes in process `syz.0.283'. [ 189.156684][ T7320] block2mtd: device name too long [ 189.209169][ T7320] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input10 [ 189.309714][ T7323] netlink: 544 bytes leftover after parsing attributes in process `syz.1.290'. [ 190.441910][ T7325] ima: policy update failed [ 190.464399][ T30] audit: type=1802 audit(6039140107.021:6): pid=7325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.292" res=0 errno=0 [ 191.971444][ T7365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 192.024695][ T7365] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 192.079842][ T7365] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 192.115300][ T7365] page_type: f5(slab) [ 192.127287][ T7365] raw: 00fff00000000040 ffff8880216a7b40 dead000000000122 0000000000000000 [ 192.149656][ T7365] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 192.174815][ T7365] head: 00fff00000000040 ffff8880216a7b40 dead000000000122 0000000000000000 [ 192.202090][ T7365] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 192.231538][ T7365] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 192.250767][ T7365] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 192.270352][ T7365] page dumped because: unmovable page [ 192.280324][ T7365] page_owner tracks the page as allocated [ 192.287575][ T7365] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5692, tgid 5692 (sshd), ts 71144052136, free_ts 31312241733 [ 192.327004][ T7365] post_alloc_hook+0x181/0x1b0 [ 192.356593][ T7365] get_page_from_freelist+0x1193/0x39b0 [ 192.362245][ T7365] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 192.413516][ T7365] alloc_pages_mpol+0x1fb/0x550 [ 192.427670][ T7365] new_slab+0x23c/0x330 [ 192.432561][ T7365] ___slab_alloc+0xd9c/0x1940 [ 192.439947][ T7365] __slab_alloc.constprop.0+0x56/0xb0 [ 192.454479][ T7365] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 192.474671][ T7365] ext4_alloc_inode+0x28/0x610 [ 192.485050][ T7365] alloc_inode+0x61/0x240 [ 192.489504][ T7365] iget_locked+0x2e4/0x830 [ 192.508199][ T7365] __ext4_iget+0x3ca/0x4490 [ 192.512792][ T7365] ext4_lookup+0x37c/0x730 [ 192.538071][ T7365] __lookup_slow+0x24e/0x460 [ 192.542755][ T7365] walk_component+0x353/0x5b0 [ 192.584845][ T7365] path_lookupat+0x17e/0x780 [ 192.593374][ T7365] page last free pid 1 tgid 1 stack trace: [ 192.609973][ T7365] __free_frozen_pages+0x69d/0xff0 [ 192.621837][ T7365] free_contig_range+0x135/0x3f0 [ 192.632482][ T7365] destroy_args+0x66f/0x830 [ 192.644798][ T7365] debug_vm_pgtable+0x130e/0x2d50 [ 192.659839][ T7365] do_one_initcall+0x120/0x6e0 [ 192.675393][ T7365] kernel_init_freeable+0x5c2/0x900 [ 192.692105][ T7365] kernel_init+0x1c/0x2b0 [ 192.707989][ T7365] ret_from_fork+0x45/0x80 [ 192.728977][ T7365] ret_from_fork_asm+0x1a/0x30 [ 198.608064][ T7514] FAULT_INJECTION: forcing a failure. [ 198.608064][ T7514] name failslab, interval 1, probability 0, space 0, times 0 [ 198.647807][ T7514] CPU: 1 UID: 0 PID: 7514 Comm: syz.0.323 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 198.647850][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 198.647868][ T7514] Call Trace: [ 198.647877][ T7514] [ 198.647888][ T7514] dump_stack_lvl+0x16c/0x1f0 [ 198.647935][ T7514] should_fail_ex+0x512/0x640 [ 198.647966][ T7514] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 198.648005][ T7514] should_failslab+0xc2/0x120 [ 198.648033][ T7514] __kmalloc_cache_noprof+0x6a/0x3e0 [ 198.648074][ T7514] ? __do_sys_fanotify_init+0x4ca/0xb80 [ 198.648108][ T7514] ? kasan_save_track+0x14/0x30 [ 198.648165][ T7514] __do_sys_fanotify_init+0x4ca/0xb80 [ 198.648205][ T7514] do_syscall_64+0xcd/0x260 [ 198.648251][ T7514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.648281][ T7514] RIP: 0033:0x7f62d0d8d169 [ 198.648303][ T7514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.648328][ T7514] RSP: 002b:00007f62d1ba7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 198.648356][ T7514] RAX: ffffffffffffffda RBX: 00007f62d0fa5fa0 RCX: 00007f62d0d8d169 [ 198.648376][ T7514] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 198.648393][ T7514] RBP: 00007f62d0e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 198.648409][ T7514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.648425][ T7514] R13: 0000000000000000 R14: 00007f62d0fa5fa0 R15: 00007ffd603a1498 [ 198.648463][ T7514] [ 199.668976][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.676836][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 202.292968][ T30] audit: type=1800 audit(6039140118.856:7): pid=7559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.332" name="members" dev="configfs" ino=14096 res=0 errno=0 [ 202.710606][ T7557] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 202.716830][ T7557] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 202.865671][ T7557] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 202.889425][ T7557] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 204.037279][ T7585] sd 0:0:1:0: PR command failed: 1026 [ 204.043110][ T7585] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 204.049887][ T7585] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 204.201051][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 204.606431][ T7597] netlink: 186 bytes leftover after parsing attributes in process `syz.1.335'. [ 204.762823][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 204.921071][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 204.930957][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 206.565548][ T7618] program syz.3.343 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 210.415600][ T7692] netlink: 'syz.2.359': attribute type 11 has an invalid length. [ 210.471933][ T7692] netlink: 'syz.2.359': attribute type 11 has an invalid length. [ 210.554216][ T7692] netlink: 'syz.2.359': attribute type 11 has an invalid length. [ 210.719631][ T7698] nbd: socks must be embedded in a SOCK_ITEM attr [ 213.039792][ T7737] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 213.047078][ T7737] CPU: 1 UID: 0 PID: 7737 Comm: syz.0.368 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 213.047114][ T7737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 213.047128][ T7737] Call Trace: [ 213.047136][ T7737] [ 213.047146][ T7737] dump_stack_lvl+0x16c/0x1f0 [ 213.047187][ T7737] sysfs_warn_dup+0x7f/0xa0 [ 213.047225][ T7737] sysfs_create_dir_ns+0x24b/0x2b0 [ 213.047262][ T7737] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 213.047298][ T7737] ? find_held_lock+0x2b/0x80 [ 213.047337][ T7737] ? nfs_netns_namespace+0xd/0x40 [ 213.047368][ T7737] kobject_add_internal+0x2c4/0x9b0 [ 213.047415][ T7737] kobject_init_and_add+0x11b/0x190 [ 213.047439][ T7737] ? __pfx_kobject_init_and_add+0x10/0x10 [ 213.047484][ T7737] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 213.047518][ T7737] nfs_net_init+0x10a/0x300 [ 213.047554][ T7737] ? __pfx_nfs_net_init+0x10/0x10 [ 213.047587][ T7737] ops_init+0x1df/0x5f0 [ 213.047627][ T7737] setup_net+0x21e/0x850 [ 213.047666][ T7737] ? __pfx_setup_net+0x10/0x10 [ 213.047696][ T7737] ? lockdep_init_map_type+0x5c/0x280 [ 213.047720][ T7737] ? __pfx_down_read_killable+0x10/0x10 [ 213.047749][ T7737] ? debug_mutex_init+0x37/0x70 [ 213.047784][ T7737] copy_net_ns+0x2a6/0x5f0 [ 213.047825][ T7737] create_new_namespaces+0x3ea/0xad0 [ 213.047870][ T7737] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 213.047909][ T7737] ksys_unshare+0x45b/0xa40 [ 213.047949][ T7737] ? __pfx_ksys_unshare+0x10/0x10 [ 213.047985][ T7737] ? xfd_validate_state+0x5d/0x180 [ 213.048015][ T7737] ? rcu_is_watching+0x12/0xc0 [ 213.048055][ T7737] __x64_sys_unshare+0x31/0x40 [ 213.048100][ T7737] do_syscall_64+0xcd/0x260 [ 213.048140][ T7737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.048165][ T7737] RIP: 0033:0x7f62d0d8d169 [ 213.048184][ T7737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.048207][ T7737] RSP: 002b:00007f62d1b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 213.048232][ T7737] RAX: ffffffffffffffda RBX: 00007f62d0fa6080 RCX: 00007f62d0d8d169 [ 213.048248][ T7737] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 213.048262][ T7737] RBP: 00007f62d0e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 213.048276][ T7737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.048290][ T7737] R13: 0000000000000000 R14: 00007f62d0fa6080 R15: 00007ffd603a1498 [ 213.048324][ T7737] [ 213.048353][ T7737] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 213.479845][ T7745] netlink: 20 bytes leftover after parsing attributes in process `syz.3.367'. [ 213.743707][ T7750] ima: policy update failed [ 213.766807][ T30] audit: type=1802 audit(6039141153.319:8): pid=7750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.370" res=0 errno=0 [ 213.908766][ T7743] FAULT_INJECTION: forcing a failure. [ 213.908766][ T7743] name failslab, interval 1, probability 0, space 0, times 0 [ 214.015415][ T7743] CPU: 1 UID: 0 PID: 7743 Comm: syz.1.369 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 214.015459][ T7743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 214.015475][ T7743] Call Trace: [ 214.015484][ T7743] [ 214.015495][ T7743] dump_stack_lvl+0x16c/0x1f0 [ 214.015543][ T7743] should_fail_ex+0x512/0x640 [ 214.015575][ T7743] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 214.015626][ T7743] should_failslab+0xc2/0x120 [ 214.015653][ T7743] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 214.015699][ T7743] ? sock_alloc_inode+0x25/0x1c0 [ 214.015746][ T7743] ? __pfx_sock_alloc_inode+0x10/0x10 [ 214.015785][ T7743] sock_alloc_inode+0x25/0x1c0 [ 214.015826][ T7743] alloc_inode+0x61/0x240 [ 214.015859][ T7743] sock_alloc+0x40/0x280 [ 214.015899][ T7743] __sock_create+0xc1/0x8d0 [ 214.015934][ T7743] inet_ctl_sock_create+0x94/0x230 [ 214.015978][ T7743] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 214.016018][ T7743] ? lockdep_init_map_type+0x5c/0x280 [ 214.016046][ T7743] ? do_init_timer+0xc9/0x110 [ 214.016089][ T7743] ? __pfx_sctp_ctrlsock_init+0x10/0x10 [ 214.016130][ T7743] sctp_ctrlsock_init+0x40/0xf0 [ 214.016170][ T7743] ops_init+0x1df/0x5f0 [ 214.016215][ T7743] setup_net+0x21e/0x850 [ 214.016258][ T7743] ? __pfx_setup_net+0x10/0x10 [ 214.016304][ T7743] ? lockdep_init_map_type+0x5c/0x280 [ 214.016332][ T7743] ? __pfx_down_read_killable+0x10/0x10 [ 214.016364][ T7743] ? debug_mutex_init+0x37/0x70 [ 214.016405][ T7743] copy_net_ns+0x2a6/0x5f0 [ 214.016451][ T7743] create_new_namespaces+0x3ea/0xad0 [ 214.016502][ T7743] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 214.016546][ T7743] ksys_unshare+0x45b/0xa40 [ 214.016591][ T7743] ? __pfx_ksys_unshare+0x10/0x10 [ 214.016630][ T7743] ? xfd_validate_state+0x5d/0x180 [ 214.016665][ T7743] ? rcu_is_watching+0x12/0xc0 [ 214.016709][ T7743] __x64_sys_unshare+0x31/0x40 [ 214.016752][ T7743] do_syscall_64+0xcd/0x260 [ 214.016796][ T7743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.016825][ T7743] RIP: 0033:0x7fe787d8d169 [ 214.016848][ T7743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.016875][ T7743] RSP: 002b:00007fe788c57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 214.016903][ T7743] RAX: ffffffffffffffda RBX: 00007fe787fa5fa0 RCX: 00007fe787d8d169 [ 214.016921][ T7743] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 214.016937][ T7743] RBP: 00007fe787e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 214.016953][ T7743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.016968][ T7743] R13: 0000000000000000 R14: 00007fe787fa5fa0 R15: 00007ffd263d07f8 [ 214.017005][ T7743] [ 214.017018][ T7743] socket: no more sockets [ 215.869865][ T7773] netlink: 28 bytes leftover after parsing attributes in process `syz.1.376'. [ 216.116146][ T7773] team0: Port device team_slave_0 removed [ 217.734058][ T7817] random: crng reseeded on system resumption [ 218.311626][ T7827] program syz.0.388 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 224.175721][ T7910] delete_channel: no stack [ 224.756060][ T7939] netlink: 8 bytes leftover after parsing attributes in process `syz.2.410'. [ 224.911496][ T7936] netlink: 338 bytes leftover after parsing attributes in process `syz.3.411'. [ 225.791143][ T7950] FAULT_INJECTION: forcing a failure. [ 225.791143][ T7950] name failslab, interval 1, probability 0, space 0, times 0 [ 225.849579][ T7950] CPU: 0 UID: 0 PID: 7950 Comm: syz.2.414 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 225.849618][ T7950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 225.849634][ T7950] Call Trace: [ 225.849644][ T7950] [ 225.849654][ T7950] dump_stack_lvl+0x16c/0x1f0 [ 225.849700][ T7950] should_fail_ex+0x512/0x640 [ 225.849730][ T7950] ? fs_reclaim_acquire+0xae/0x150 [ 225.849768][ T7950] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 225.849805][ T7950] should_failslab+0xc2/0x120 [ 225.849832][ T7950] __kmalloc_noprof+0xd2/0x510 [ 225.849881][ T7950] tomoyo_realpath_from_path+0xc2/0x6e0 [ 225.849923][ T7950] ? tomoyo_profile+0x47/0x60 [ 225.849968][ T7950] tomoyo_path_number_perm+0x245/0x580 [ 225.849999][ T7950] ? tomoyo_path_number_perm+0x237/0x580 [ 225.850043][ T7950] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 225.850078][ T7950] ? find_held_lock+0x2b/0x80 [ 225.850149][ T7950] ? find_held_lock+0x2b/0x80 [ 225.850182][ T7950] ? hook_file_ioctl_common+0x145/0x410 [ 225.850229][ T7950] ? __fget_files+0x20e/0x3c0 [ 225.850275][ T7950] security_file_ioctl+0x9b/0x240 [ 225.850311][ T7950] __x64_sys_ioctl+0xb7/0x200 [ 225.850348][ T7950] do_syscall_64+0xcd/0x260 [ 225.850391][ T7950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.850417][ T7950] RIP: 0033:0x7f7710b8d169 [ 225.850439][ T7950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.850464][ T7950] RSP: 002b:00007f77119ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 225.850490][ T7950] RAX: ffffffffffffffda RBX: 00007f7710da5fa0 RCX: 00007f7710b8d169 [ 225.850508][ T7950] RDX: 0000000000000000 RSI: 0000000040047451 RDI: 0000000000000003 [ 225.850523][ T7950] RBP: 00007f77119ab090 R08: 0000000000000000 R09: 0000000000000000 [ 225.850538][ T7950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.850553][ T7950] R13: 0000000000000000 R14: 00007f7710da5fa0 R15: 00007ffc6efd0d08 [ 225.850597][ T7950] [ 226.058527][ T7950] ERROR: Out of memory at tomoyo_realpath_from_path. [ 227.727881][ T30] audit: type=1807 audit(6039144894.269:9): UNKNOWN=§ res=0 [ 227.727949][ T7995] ima: policy update failed [ 227.790120][ T30] audit: type=1802 audit(6039144894.269:10): pid=7996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.426" res=0 errno=0 [ 227.845128][ T30] audit: type=1802 audit(6039144894.309:11): pid=7995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.426" res=0 errno=0 [ 228.243523][ T7999] netlink: 4 bytes leftover after parsing attributes in process `syz.1.425'. [ 228.455567][ T8007] FAULT_INJECTION: forcing a failure. [ 228.455567][ T8007] name failslab, interval 1, probability 0, space 0, times 0 [ 228.485643][ T8007] CPU: 0 UID: 0 PID: 8007 Comm: syz.3.428 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 228.485682][ T8007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 228.485697][ T8007] Call Trace: [ 228.485706][ T8007] [ 228.485717][ T8007] dump_stack_lvl+0x16c/0x1f0 [ 228.485760][ T8007] should_fail_ex+0x512/0x640 [ 228.485789][ T8007] ? fs_reclaim_acquire+0xae/0x150 [ 228.485846][ T8007] ? tomoyo_encode2+0x100/0x3e0 [ 228.485880][ T8007] should_failslab+0xc2/0x120 [ 228.485905][ T8007] __kmalloc_noprof+0xd2/0x510 [ 228.485945][ T8007] ? d_absolute_path+0x136/0x1a0 [ 228.485982][ T8007] tomoyo_encode2+0x100/0x3e0 [ 228.486023][ T8007] tomoyo_encode+0x29/0x50 [ 228.486056][ T8007] tomoyo_realpath_from_path+0x18f/0x6e0 [ 228.486105][ T8007] tomoyo_path_number_perm+0x245/0x580 [ 228.486134][ T8007] ? tomoyo_path_number_perm+0x237/0x580 [ 228.486168][ T8007] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 228.486201][ T8007] ? find_held_lock+0x2b/0x80 [ 228.486269][ T8007] ? find_held_lock+0x2b/0x80 [ 228.486311][ T8007] ? hook_file_ioctl_common+0x145/0x410 [ 228.486348][ T8007] ? __fget_files+0x20e/0x3c0 [ 228.486394][ T8007] security_file_ioctl+0x9b/0x240 [ 228.486439][ T8007] __x64_sys_ioctl+0xb7/0x200 [ 228.486476][ T8007] do_syscall_64+0xcd/0x260 [ 228.486518][ T8007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.486545][ T8007] RIP: 0033:0x7fb1d618d169 [ 228.486565][ T8007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.486590][ T8007] RSP: 002b:00007fb1d6fe6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 228.486615][ T8007] RAX: ffffffffffffffda RBX: 00007fb1d63a5fa0 RCX: 00007fb1d618d169 [ 228.486632][ T8007] RDX: 0000000000000000 RSI: 0000000040047451 RDI: 0000000000000003 [ 228.486648][ T8007] RBP: 00007fb1d6fe6090 R08: 0000000000000000 R09: 0000000000000000 [ 228.486669][ T8007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.486684][ T8007] R13: 0000000000000000 R14: 00007fb1d63a5fa0 R15: 00007ffce4a9b3c8 [ 228.486721][ T8007] [ 228.487537][ T8007] ERROR: Out of memory at tomoyo_realpath_from_path. [ 230.929410][ T8043] netlink: 16 bytes leftover after parsing attributes in process `syz.0.436'. [ 231.354423][ T8051] FAULT_INJECTION: forcing a failure. [ 231.354423][ T8051] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 231.385084][ T8051] CPU: 1 UID: 0 PID: 8051 Comm: syz.0.438 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 231.385120][ T8051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 231.385135][ T8051] Call Trace: [ 231.385143][ T8051] [ 231.385152][ T8051] dump_stack_lvl+0x16c/0x1f0 [ 231.385200][ T8051] should_fail_ex+0x512/0x640 [ 231.385236][ T8051] should_fail_alloc_page+0xe7/0x130 [ 231.385265][ T8051] prepare_alloc_pages+0x3c2/0x610 [ 231.385308][ T8051] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 231.385350][ T8051] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 231.385386][ T8051] ? is_bpf_text_address+0x94/0x1a0 [ 231.385412][ T8051] ? kernel_text_address+0x8d/0x100 [ 231.385440][ T8051] ? __kernel_text_address+0xd/0x40 [ 231.385470][ T8051] ? unwind_get_return_address+0x59/0xa0 [ 231.385506][ T8051] ? arch_stack_walk+0xa6/0x100 [ 231.385540][ T8051] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 231.385584][ T8051] ? __lock_acquire+0x5ca/0x1ba0 [ 231.385615][ T8051] ? __pfx_stack_trace_save+0x10/0x10 [ 231.385648][ T8051] ? stack_depot_save_flags+0x28/0xa50 [ 231.385683][ T8051] ? look_up_lock_class+0x59/0x150 [ 231.385717][ T8051] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 231.385748][ T8051] ? policy_nodemask+0xea/0x4e0 [ 231.385777][ T8051] alloc_pages_mpol+0x1fb/0x550 [ 231.385826][ T8051] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 231.385864][ T8051] folio_alloc_mpol_noprof+0x36/0x2f0 [ 231.385897][ T8051] shmem_alloc_folio+0x135/0x160 [ 231.385935][ T8051] shmem_alloc_and_add_folio+0x499/0xc20 [ 231.385983][ T8051] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 231.386026][ T8051] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 231.386075][ T8051] shmem_get_folio_gfp+0x687/0x1530 [ 231.386121][ T8051] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 231.386165][ T8051] ? filemap_map_pages+0xf6c/0x1680 [ 231.386207][ T8051] shmem_fault+0x1fe/0xa30 [ 231.386247][ T8051] ? __pfx_shmem_fault+0x10/0x10 [ 231.386293][ T8051] ? __pfx_filemap_map_pages+0x10/0x10 [ 231.386329][ T8051] __do_fault+0x10a/0x490 [ 231.386357][ T8051] do_pte_missing+0x1031/0x3fb0 [ 231.386398][ T8051] ? __handle_mm_fault+0x1010/0x2a40 [ 231.386438][ T8051] __handle_mm_fault+0x103d/0x2a40 [ 231.386486][ T8051] ? __pfx___handle_mm_fault+0x10/0x10 [ 231.386544][ T8051] ? find_vma+0xbf/0x140 [ 231.386573][ T8051] ? __pfx_find_vma+0x10/0x10 [ 231.386607][ T8051] handle_mm_fault+0x3fe/0xad0 [ 231.386650][ T8051] do_user_addr_fault+0x7a6/0x1370 [ 231.386687][ T8051] ? rcu_is_watching+0x12/0xc0 [ 231.386724][ T8051] exc_page_fault+0x5c/0xc0 [ 231.386756][ T8051] asm_exc_page_fault+0x26/0x30 [ 231.386782][ T8051] RIP: 0010:__get_user_4+0x14/0x20 [ 231.386812][ T8051] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 [ 231.386836][ T8051] RSP: 0018:ffffc90003357db8 EFLAGS: 00050287 [ 231.386860][ T8051] RAX: 0000000000000000 RBX: ffff88805f864d80 RCX: ffffc90003357d5c [ 231.386878][ T8051] RDX: 00007ffffffff000 RSI: ffffffff86aef0dd RDI: ffffffff8bf451c0 [ 231.386893][ T8051] RBP: 1ffff9200066afbf R08: 43e115041ddeadd5 R09: 0000000000000001 [ 231.386908][ T8051] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 231.386923][ T8051] R13: 0000000040047451 R14: 0000000000000000 R15: ffff888034dd5a40 [ 231.386951][ T8051] ? ppp_ioctl+0x39d/0x2660 [ 231.386983][ T8051] ppp_ioctl+0x3a5/0x2660 [ 231.387012][ T8051] ? find_held_lock+0x2b/0x80 [ 231.387044][ T8051] ? __pfx_ppp_ioctl+0x10/0x10 [ 231.387078][ T8051] ? __fget_files+0x20e/0x3c0 [ 231.387122][ T8051] ? __pfx_ppp_ioctl+0x10/0x10 [ 231.387149][ T8051] __x64_sys_ioctl+0x190/0x200 [ 231.387183][ T8051] do_syscall_64+0xcd/0x260 [ 231.387233][ T8051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.387258][ T8051] RIP: 0033:0x7f62d0d8d169 [ 231.387279][ T8051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.387300][ T8051] RSP: 002b:00007f62d1ba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 231.387321][ T8051] RAX: ffffffffffffffda RBX: 00007f62d0fa5fa0 RCX: 00007f62d0d8d169 [ 231.387337][ T8051] RDX: 0000000000000000 RSI: 0000000040047451 RDI: 0000000000000003 [ 231.387353][ T8051] RBP: 00007f62d1ba7090 R08: 0000000000000000 R09: 0000000000000000 [ 231.387367][ T8051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.387381][ T8051] R13: 0000000000000000 R14: 00007f62d0fa5fa0 R15: 00007ffd603a1498 [ 231.387418][ T8051] [ 232.775230][ T8061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 232.857171][ T8061] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 232.889828][ T8061] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 233.010760][ T8061] page_type: f5(slab) [ 233.027335][ T8061] raw: 00fff00000000040 ffff8880216a7b40 dead000000000122 0000000000000000 [ 233.055433][ T8061] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 233.085485][ T8061] head: 00fff00000000040 ffff8880216a7b40 dead000000000122 0000000000000000 [ 233.094247][ T8061] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 233.138685][ T8061] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 233.165433][ T8061] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 233.192353][ T8061] page dumped because: unmovable page [ 233.215790][ T8061] page_owner tracks the page as allocated [ 233.228077][ T8061] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5692, tgid 5692 (sshd), ts 71144052136, free_ts 31312241733 [ 233.322468][ T8061] post_alloc_hook+0x181/0x1b0 [ 233.342136][ T8061] get_page_from_freelist+0x1193/0x39b0 [ 233.363715][ T8061] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 233.397421][ T8061] alloc_pages_mpol+0x1fb/0x550 [ 233.462916][ T8061] new_slab+0x23c/0x330 [ 233.473109][ T8061] ___slab_alloc+0xd9c/0x1940 [ 233.483272][ T8061] __slab_alloc.constprop.0+0x56/0xb0 [ 233.491561][ T8061] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 233.498014][ T8061] ext4_alloc_inode+0x28/0x610 [ 233.502937][ T8061] alloc_inode+0x61/0x240 [ 233.508761][ T8061] iget_locked+0x2e4/0x830 [ 233.513313][ T8061] __ext4_iget+0x3ca/0x4490 [ 233.518420][ T8061] ext4_lookup+0x37c/0x730 [ 233.523057][ T8061] __lookup_slow+0x24e/0x460 [ 233.528296][ T8061] walk_component+0x353/0x5b0 [ 233.533282][ T8061] path_lookupat+0x17e/0x780 [ 233.538514][ T8061] page last free pid 1 tgid 1 stack trace: [ 233.544535][ T8061] __free_frozen_pages+0x69d/0xff0 [ 233.550319][ T8061] free_contig_range+0x135/0x3f0 [ 233.555815][ T8061] destroy_args+0x66f/0x830 [ 233.560461][ T8061] debug_vm_pgtable+0x130e/0x2d50 [ 233.566324][ T8061] do_one_initcall+0x120/0x6e0 [ 233.571258][ T8061] kernel_init_freeable+0x5c2/0x900 [ 233.578330][ T8061] kernel_init+0x1c/0x2b0 [ 233.582830][ T8061] ret_from_fork+0x45/0x80 [ 233.587877][ T8061] ret_from_fork_asm+0x1a/0x30 [ 233.927414][ T8088] zero sized request [ 235.307371][ T8115] FAULT_INJECTION: forcing a failure. [ 235.307371][ T8115] name failslab, interval 1, probability 0, space 0, times 0 [ 235.335518][ T8115] CPU: 1 UID: 0 PID: 8115 Comm: syz.0.453 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 235.335560][ T8115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 235.335576][ T8115] Call Trace: [ 235.335586][ T8115] [ 235.335596][ T8115] dump_stack_lvl+0x16c/0x1f0 [ 235.335642][ T8115] should_fail_ex+0x512/0x640 [ 235.335676][ T8115] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 235.335724][ T8115] should_failslab+0xc2/0x120 [ 235.335751][ T8115] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 235.335791][ T8115] ? __pfx_apparmor_file_open+0x10/0x10 [ 235.335828][ T8115] ? proc_reg_open+0x21d/0x610 [ 235.335859][ T8115] proc_reg_open+0x21d/0x610 [ 235.335889][ T8115] do_dentry_open+0x741/0x1c10 [ 235.335931][ T8115] ? __pfx_proc_reg_open+0x10/0x10 [ 235.335966][ T8115] vfs_open+0x82/0x3f0 [ 235.336000][ T8115] path_openat+0x1e5e/0x2d40 [ 235.336064][ T8115] ? __pfx_path_openat+0x10/0x10 [ 235.336113][ T8115] do_filp_open+0x20b/0x470 [ 235.336154][ T8115] ? __pfx_do_filp_open+0x10/0x10 [ 235.336225][ T8115] ? alloc_fd+0x471/0x7d0 [ 235.336273][ T8115] do_sys_openat2+0x11b/0x1d0 [ 235.336302][ T8115] ? __pfx_do_sys_openat2+0x10/0x10 [ 235.336348][ T8115] __x64_sys_openat+0x174/0x210 [ 235.336378][ T8115] ? __pfx___x64_sys_openat+0x10/0x10 [ 235.336411][ T8115] ? rcu_is_watching+0x12/0xc0 [ 235.336456][ T8115] do_syscall_64+0xcd/0x260 [ 235.336500][ T8115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.336529][ T8115] RIP: 0033:0x7f62d0d8d169 [ 235.336553][ T8115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.336579][ T8115] RSP: 002b:00007f62d1ba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 235.336607][ T8115] RAX: ffffffffffffffda RBX: 00007f62d0fa5fa0 RCX: 00007f62d0d8d169 [ 235.336626][ T8115] RDX: 0000000000088400 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 235.336643][ T8115] RBP: 00007f62d0e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 235.336659][ T8115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.336675][ T8115] R13: 0000000000000000 R14: 00007f62d0fa5fa0 R15: 00007ffd603a1498 [ 235.336712][ T8115] [ 235.621746][ T8113] FAULT_INJECTION: forcing a failure. [ 235.621746][ T8113] name failslab, interval 1, probability 0, space 0, times 0 [ 235.693412][ T8113] CPU: 0 UID: 0 PID: 8113 Comm: syz.3.451 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 235.693449][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 235.693464][ T8113] Call Trace: [ 235.693479][ T8113] [ 235.693489][ T8113] dump_stack_lvl+0x16c/0x1f0 [ 235.693532][ T8113] should_fail_ex+0x512/0x640 [ 235.693562][ T8113] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 235.693600][ T8113] should_failslab+0xc2/0x120 [ 235.693626][ T8113] __kmalloc_cache_noprof+0x6a/0x3e0 [ 235.693661][ T8113] ? slhc_init+0x7d/0x570 [ 235.693695][ T8113] slhc_init+0x7d/0x570 [ 235.693723][ T8113] ppp_ioctl+0x3ff/0x2660 [ 235.693752][ T8113] ? find_held_lock+0x2b/0x80 [ 235.693784][ T8113] ? __pfx_ppp_ioctl+0x10/0x10 [ 235.693814][ T8113] ? __fget_files+0x20e/0x3c0 [ 235.693857][ T8113] ? __pfx_ppp_ioctl+0x10/0x10 [ 235.693882][ T8113] __x64_sys_ioctl+0x190/0x200 [ 235.693927][ T8113] do_syscall_64+0xcd/0x260 [ 235.693968][ T8113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.693993][ T8113] RIP: 0033:0x7fb1d618d169 [ 235.694014][ T8113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.694038][ T8113] RSP: 002b:00007fb1d6fe6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 235.694064][ T8113] RAX: ffffffffffffffda RBX: 00007fb1d63a5fa0 RCX: 00007fb1d618d169 [ 235.694081][ T8113] RDX: 0000000000000000 RSI: 0000000040047451 RDI: 0000000000000003 [ 235.694097][ T8113] RBP: 00007fb1d6fe6090 R08: 0000000000000000 R09: 0000000000000000 [ 235.694112][ T8113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 235.694127][ T8113] R13: 0000000000000000 R14: 00007fb1d63a5fa0 R15: 00007ffce4a9b3c8 [ 235.694165][ T8113] [ 235.785107][ T8120] netlink: 338 bytes leftover after parsing attributes in process `syz.0.454'. [ 235.914238][ T8121] netlink: 338 bytes leftover after parsing attributes in process `syz.0.454'. [ 237.563015][ T8146] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 237.674282][ T8146] CPU: 1 UID: 0 PID: 8146 Comm: syz.3.460 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 237.674327][ T8146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 237.674345][ T8146] Call Trace: [ 237.674355][ T8146] [ 237.674367][ T8146] dump_stack_lvl+0x16c/0x1f0 [ 237.674415][ T8146] sysfs_warn_dup+0x7f/0xa0 [ 237.674459][ T8146] sysfs_create_dir_ns+0x24b/0x2b0 [ 237.674503][ T8146] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 237.674544][ T8146] ? find_held_lock+0x2b/0x80 [ 237.674589][ T8146] ? nfs_netns_namespace+0xd/0x40 [ 237.674626][ T8146] kobject_add_internal+0x2c4/0x9b0 [ 237.674679][ T8146] kobject_init_and_add+0x11b/0x190 [ 237.674708][ T8146] ? __pfx_kobject_init_and_add+0x10/0x10 [ 237.674760][ T8146] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 237.674799][ T8146] nfs_net_init+0x10a/0x300 [ 237.674840][ T8146] ? __pfx_nfs_net_init+0x10/0x10 [ 237.674877][ T8146] ops_init+0x1df/0x5f0 [ 237.674932][ T8146] setup_net+0x21e/0x850 [ 237.674977][ T8146] ? __pfx_setup_net+0x10/0x10 [ 237.675013][ T8146] ? lockdep_init_map_type+0x5c/0x280 [ 237.675042][ T8146] ? __pfx_down_read_killable+0x10/0x10 [ 237.675074][ T8146] ? debug_mutex_init+0x37/0x70 [ 237.675116][ T8146] copy_net_ns+0x2a6/0x5f0 [ 237.675163][ T8146] create_new_namespaces+0x3ea/0xad0 [ 237.675214][ T8146] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 237.675259][ T8146] ksys_unshare+0x45b/0xa40 [ 237.675306][ T8146] ? __pfx_ksys_unshare+0x10/0x10 [ 237.675348][ T8146] ? do_user_addr_fault+0x843/0x1370 [ 237.675385][ T8146] __x64_sys_unshare+0x31/0x40 [ 237.675428][ T8146] do_syscall_64+0xcd/0x260 [ 237.675473][ T8146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.675502][ T8146] RIP: 0033:0x7fb1d618d169 [ 237.675528][ T8146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.675555][ T8146] RSP: 002b:00007fb1d6fc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 237.675584][ T8146] RAX: ffffffffffffffda RBX: 00007fb1d63a6080 RCX: 00007fb1d618d169 [ 237.675603][ T8146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 237.675619][ T8146] RBP: 00007fb1d620e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 237.675636][ T8146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.675653][ T8146] R13: 0000000000000001 R14: 00007fb1d63a6080 R15: 00007ffce4a9b3c8 [ 237.675692][ T8146] [ 238.500814][ T8146] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 239.844865][ T8164] netlink: 'syz.1.463': attribute type 1 has an invalid length. [ 239.873085][ T8164] netlink: 33 bytes leftover after parsing attributes in process `syz.1.463'. [ 240.202184][ T8170] FAULT_INJECTION: forcing a failure. [ 240.202184][ T8170] name failslab, interval 1, probability 0, space 0, times 0 [ 240.253160][ T8170] CPU: 0 UID: 0 PID: 8170 Comm: syz.3.464 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 240.253208][ T8170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 240.253224][ T8170] Call Trace: [ 240.253233][ T8170] [ 240.253243][ T8170] dump_stack_lvl+0x16c/0x1f0 [ 240.253287][ T8170] should_fail_ex+0x512/0x640 [ 240.253318][ T8170] ? __kmalloc_noprof+0xbf/0x510 [ 240.253362][ T8170] ? slhc_init+0x3dd/0x570 [ 240.253388][ T8170] should_failslab+0xc2/0x120 [ 240.253414][ T8170] __kmalloc_noprof+0xd2/0x510 [ 240.253463][ T8170] slhc_init+0x3dd/0x570 [ 240.253496][ T8170] ppp_ioctl+0x3ff/0x2660 [ 240.253526][ T8170] ? find_held_lock+0x2b/0x80 [ 240.253562][ T8170] ? __pfx_ppp_ioctl+0x10/0x10 [ 240.253595][ T8170] ? __fget_files+0x20e/0x3c0 [ 240.253640][ T8170] ? __pfx_ppp_ioctl+0x10/0x10 [ 240.253669][ T8170] __x64_sys_ioctl+0x190/0x200 [ 240.253705][ T8170] do_syscall_64+0xcd/0x260 [ 240.253749][ T8170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.253776][ T8170] RIP: 0033:0x7fb1d618d169 [ 240.253797][ T8170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.253822][ T8170] RSP: 002b:00007fb1d6fe6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.253848][ T8170] RAX: ffffffffffffffda RBX: 00007fb1d63a5fa0 RCX: 00007fb1d618d169 [ 240.253866][ T8170] RDX: 0000000000000000 RSI: 0000000040047451 RDI: 0000000000000003 [ 240.253881][ T8170] RBP: 00007fb1d6fe6090 R08: 0000000000000000 R09: 0000000000000000 [ 240.253897][ T8170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 240.253913][ T8170] R13: 0000000000000000 R14: 00007fb1d63a5fa0 R15: 00007ffce4a9b3c8 [ 240.253950][ T8170] [ 240.430454][ C0] vkms_vblank_simulate: vblank timer overrun [ 241.118553][ T8177] Invalid ELF header magic: != ELF [ 241.684381][ T8171] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 241.753353][ T8171] CIFS mount error: No usable UNC path provided in device string! [ 241.753353][ T8171] [ 241.835518][ T8171] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 242.527159][ T8204] netlink: 36 bytes leftover after parsing attributes in process `syz.3.472'. [ 243.646655][ T8213] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 243.705726][ T8213] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 243.773101][ T8213] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 243.856820][ T8213] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 244.548480][ T8224] FAULT_INJECTION: forcing a failure. [ 244.548480][ T8224] name failslab, interval 1, probability 0, space 0, times 0 [ 244.645900][ T8224] CPU: 1 UID: 0 PID: 8224 Comm: syz.0.477 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 244.645940][ T8224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 244.645956][ T8224] Call Trace: [ 244.645965][ T8224] [ 244.646027][ T8224] dump_stack_lvl+0x16c/0x1f0 [ 244.646081][ T8224] should_fail_ex+0x512/0x640 [ 244.646113][ T8224] ? __kmalloc_noprof+0xbf/0x510 [ 244.646176][ T8224] ? slhc_init+0x1ad/0x570 [ 244.646202][ T8224] should_failslab+0xc2/0x120 [ 244.646230][ T8224] __kmalloc_noprof+0xd2/0x510 [ 244.646280][ T8224] slhc_init+0x1ad/0x570 [ 244.646314][ T8224] ppp_ioctl+0x3ff/0x2660 [ 244.646344][ T8224] ? find_held_lock+0x2b/0x80 [ 244.646379][ T8224] ? __pfx_ppp_ioctl+0x10/0x10 [ 244.646413][ T8224] ? __fget_files+0x20e/0x3c0 [ 244.646457][ T8224] ? __pfx_ppp_ioctl+0x10/0x10 [ 244.646486][ T8224] __x64_sys_ioctl+0x190/0x200 [ 244.646525][ T8224] do_syscall_64+0xcd/0x260 [ 244.646568][ T8224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.646596][ T8224] RIP: 0033:0x7f62d0d8d169 [ 244.646620][ T8224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.646646][ T8224] RSP: 002b:00007f62d1ba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 244.646672][ T8224] RAX: ffffffffffffffda RBX: 00007f62d0fa5fa0 RCX: 00007f62d0d8d169 [ 244.646690][ T8224] RDX: 0000000000000000 RSI: 0000000040047451 RDI: 0000000000000003 [ 244.646707][ T8224] RBP: 00007f62d1ba7090 R08: 0000000000000000 R09: 0000000000000000 [ 244.646723][ T8224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 244.646749][ T8224] R13: 0000000000000000 R14: 00007f62d0fa5fa0 R15: 00007ffd603a1498 [ 244.646794][ T8224] [ 245.401647][ T30] audit: type=1800 audit(6039144911.949:12): pid=8231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.479" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 245.486367][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 245.506822][ T8243] zswap: compressor not available [ 245.659981][ T8248] delete_channel: no stack [ 245.728080][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 245.805460][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 245.885545][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 247.664094][ T8290] FAULT_INJECTION: forcing a failure. [ 247.664094][ T8290] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 247.735437][ T8290] CPU: 1 UID: 0 PID: 8290 Comm: syz.1.490 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 247.735477][ T8290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 247.735492][ T8290] Call Trace: [ 247.735502][ T8290] [ 247.735512][ T8290] dump_stack_lvl+0x16c/0x1f0 [ 247.735556][ T8290] should_fail_ex+0x512/0x640 [ 247.735595][ T8290] _copy_from_user+0x2e/0xd0 [ 247.735631][ T8290] kstrtouint_from_user+0xd6/0x1d0 [ 247.735674][ T8290] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 247.735714][ T8290] ? __lock_acquire+0xaa4/0x1ba0 [ 247.735760][ T8290] proc_fail_nth_write+0x83/0x250 [ 247.735798][ T8290] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 247.735848][ T8290] vfs_write+0x25c/0x1180 [ 247.735891][ T8290] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 247.735934][ T8290] ? __pfx___mutex_lock+0x10/0x10 [ 247.735973][ T8290] ? __pfx_vfs_write+0x10/0x10 [ 247.736021][ T8290] ? __fget_files+0x20e/0x3c0 [ 247.736074][ T8290] ksys_write+0x12a/0x240 [ 247.736111][ T8290] ? __pfx_ksys_write+0x10/0x10 [ 247.736143][ T8290] ? rcu_is_watching+0x12/0xc0 [ 247.736189][ T8290] do_syscall_64+0xcd/0x260 [ 247.736231][ T8290] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.736258][ T8290] RIP: 0033:0x7fe787d8bc1f [ 247.736279][ T8290] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 247.736303][ T8290] RSP: 002b:00007fe788c36030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 247.736330][ T8290] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe787d8bc1f [ 247.736347][ T8290] RDX: 0000000000000001 RSI: 00007fe788c360a0 RDI: 0000000000000004 [ 247.736363][ T8290] RBP: 00007fe788c36090 R08: 0000000000000000 R09: 0000000000000000 [ 247.736378][ T8290] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 247.736393][ T8290] R13: 0000000000000000 R14: 00007fe787fa6080 R15: 00007ffd263d07f8 [ 247.736431][ T8290] [ 249.812661][ T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.069118][ T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.206767][ T8322] netlink: 160 bytes leftover after parsing attributes in process `syz.1.502'. [ 250.223662][ T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.223874][ T8322] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 250.269804][ T5852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 250.288129][ T5852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 250.298194][ T5852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 250.310728][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 250.320073][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 250.408344][ T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.676971][ T8329] .SR: entered promiscuous mode [ 250.770405][ T8329] Invalid ELF header magic: != ELF [ 251.099578][ T36] bridge_slave_1: left allmulticast mode [ 251.107421][ T36] bridge_slave_1: left promiscuous mode [ 251.114814][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.197789][ T36] bridge_slave_0: left allmulticast mode [ 251.203510][ T36] bridge_slave_0: left promiscuous mode [ 251.210363][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.365826][ T5841] Bluetooth: hci0: command tx timeout [ 254.117338][ T8375] netlink: 4 bytes leftover after parsing attributes in process `syz.1.511'. [ 254.275442][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 254.301736][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 254.327561][ T36] bond0 (unregistering): Released all slaves [ 254.445730][ T5841] Bluetooth: hci0: command tx timeout [ 254.845835][ T8323] chnl_net:caif_netlink_parms(): no params data found [ 256.525446][ T5841] Bluetooth: hci0: command tx timeout [ 256.859723][ T36] hsr_slave_0: left promiscuous mode [ 256.872730][ T36] hsr_slave_1: left promiscuous mode [ 256.892506][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 256.904356][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 256.918013][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 256.935428][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 256.968428][ T36] veth1_macvtap: left promiscuous mode [ 256.983664][ T36] veth0_macvtap: left promiscuous mode [ 256.995859][ T36] veth1_vlan: left promiscuous mode [ 257.001411][ T36] veth0_vlan: left promiscuous mode [ 257.682336][ T36] team0 (unregistering): Port device team_slave_1 removed [ 257.741549][ T36] team0 (unregistering): Port device team_slave_0 removed [ 258.270351][ T8323] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.286577][ T8323] bridge0: port 1(bridge_slave_0) entered disabled state [ 258.293831][ T8323] bridge_slave_0: entered allmulticast mode [ 258.303998][ T8323] bridge_slave_0: entered promiscuous mode [ 258.329832][ T8323] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.345481][ T8323] bridge0: port 2(bridge_slave_1) entered disabled state [ 258.352831][ T8323] bridge_slave_1: entered allmulticast mode [ 258.364174][ T8323] bridge_slave_1: entered promiscuous mode [ 258.539050][ T8323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.564259][ T8323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 258.605462][ T5841] Bluetooth: hci0: command tx timeout [ 258.752336][ T8323] team0: Port device team_slave_0 added [ 258.774907][ T8323] team0: Port device team_slave_1 added [ 258.853029][ T8323] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 258.860665][ T8323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.889603][ T8323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 258.905903][ T8323] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 258.912911][ T8323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.939769][ T8323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.094444][ T8323] hsr_slave_0: entered promiscuous mode [ 259.111586][ T8323] hsr_slave_1: entered promiscuous mode [ 259.120716][ T8323] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.132626][ T8323] Cannot create hsr debugfs directory [ 259.845079][ T8453] netlink: zone id is out of range [ 259.896746][ T8454] netlink: zone id is out of range [ 259.901922][ T8454] netlink: zone id is out of range [ 259.923298][ T8453] netlink: zone id is out of range [ 259.939805][ T8453] netlink: zone id is out of range [ 259.993331][ T8454] netlink: zone id is out of range [ 260.021970][ T8453] netlink: zone id is out of range [ 260.067043][ T8454] netlink: zone id is out of range [ 260.175129][ T8453] netlink: zone id is out of range [ 260.243907][ T8454] netlink: zone id is out of range [ 260.631190][ T8460] FAULT_INJECTION: forcing a failure. [ 260.631190][ T8460] name failslab, interval 1, probability 0, space 0, times 0 [ 260.645135][ T8323] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 260.663116][ T8460] CPU: 1 UID: 0 PID: 8460 Comm: syz.3.518 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 260.663158][ T8460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 260.663175][ T8460] Call Trace: [ 260.663185][ T8460] [ 260.663196][ T8460] dump_stack_lvl+0x16c/0x1f0 [ 260.663238][ T8460] should_fail_ex+0x512/0x640 [ 260.663267][ T8460] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 260.663315][ T8460] should_failslab+0xc2/0x120 [ 260.663344][ T8460] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 260.663386][ T8460] ? nlmsg_notify+0x11e/0x220 [ 260.663425][ T8460] ? __devinet_sysctl_register+0xbc/0x360 [ 260.663470][ T8460] kmemdup_noprof+0x29/0x60 [ 260.663498][ T8460] __devinet_sysctl_register+0xbc/0x360 [ 260.663545][ T8460] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 260.663582][ T8460] ? trace_kmalloc+0x2b/0xd0 [ 260.663612][ T8460] ? devinet_init_net+0xeb/0x910 [ 260.663655][ T8460] ? __asan_memcpy+0x3c/0x60 [ 260.663695][ T8460] devinet_init_net+0x347/0x910 [ 260.663736][ T8460] ? __pfx_devinet_init_net+0x10/0x10 [ 260.663774][ T8460] ops_init+0x1df/0x5f0 [ 260.663817][ T8460] setup_net+0x21e/0x850 [ 260.663873][ T8460] ? __pfx_setup_net+0x10/0x10 [ 260.663902][ T8460] ? lockdep_init_map_type+0x5c/0x280 [ 260.663927][ T8460] ? __pfx_down_read_killable+0x10/0x10 [ 260.663959][ T8460] ? debug_mutex_init+0x37/0x70 [ 260.663998][ T8460] copy_net_ns+0x2a6/0x5f0 [ 260.664041][ T8460] create_new_namespaces+0x3ea/0xad0 [ 260.664091][ T8460] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 260.664133][ T8460] ksys_unshare+0x45b/0xa40 [ 260.664175][ T8460] ? __pfx_ksys_unshare+0x10/0x10 [ 260.664208][ T8460] ? xfd_validate_state+0x5d/0x180 [ 260.664239][ T8460] ? rcu_is_watching+0x12/0xc0 [ 260.664280][ T8460] __x64_sys_unshare+0x31/0x40 [ 260.664317][ T8460] do_syscall_64+0xcd/0x260 [ 260.664357][ T8460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.664386][ T8460] RIP: 0033:0x7fb1d618d169 [ 260.664407][ T8460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.664433][ T8460] RSP: 002b:00007fb1d6fc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 260.664460][ T8460] RAX: ffffffffffffffda RBX: 00007fb1d63a6080 RCX: 00007fb1d618d169 [ 260.664478][ T8460] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 260.664495][ T8460] RBP: 00007fb1d620e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 260.664511][ T8460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.664526][ T8460] R13: 0000000000000000 R14: 00007fb1d63a6080 R15: 00007ffce4a9b3c8 [ 260.664564][ T8460] [ 260.796976][ T8323] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 261.001815][ T8323] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 261.040649][ T8323] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 261.093765][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.100191][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.467332][ T8323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.530921][ T8323] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.592448][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.599834][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.712148][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.719412][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.949999][ T8323] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 262.391436][ T8484] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 262.415969][ T8484] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 262.763721][ T8323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 264.243391][ T8323] veth0_vlan: entered promiscuous mode [ 264.337107][ T8323] veth1_vlan: entered promiscuous mode [ 264.483154][ T8323] veth0_macvtap: entered promiscuous mode [ 264.525061][ T8323] veth1_macvtap: entered promiscuous mode [ 264.634565][ T8323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 264.714421][ T8323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.746354][ T8540] ecryptfs_parse_packet_length: Error parsing packet length [ 264.784964][ T8323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 264.799706][ T8541] ecryptfs_parse_packet_length: Error parsing packet length [ 264.819853][ T8541] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 264.822863][ T8540] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 265.074529][ T8323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.086069][ T8323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.096298][ T8323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.112615][ T8323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.124216][ T8323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.134800][ T8323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.146910][ T8323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.164186][ T8323] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.174921][ T8323] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.184164][ T8323] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.192942][ T8323] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.771948][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 265.826221][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.023426][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.039920][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.347039][ T8610] Invalid ELF header magic: != ELF [ 268.899363][ T8622] netlink: 206 bytes leftover after parsing attributes in process `syz.1.540'. [ 269.469939][ T8632] netlink: 354 bytes leftover after parsing attributes in process `syz.1.541'. [ 271.714489][ T8679] ubi0: attaching mtd0 [ 271.789275][ T8679] ubi0: scanning is finished [ 271.794096][ T8679] ubi0: empty MTD device detected [ 271.797876][ T8682] openvswitch: .SR: Dropping previously announced user features [ 271.800637][ T8679] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 272.089101][ T8679] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 272.194725][ T8682] Invalid ELF header magic: != ELF [ 272.854830][ T8695] FAULT_INJECTION: forcing a failure. [ 272.854830][ T8695] name failslab, interval 1, probability 0, space 0, times 0 [ 272.914686][ T8695] CPU: 0 UID: 0 PID: 8695 Comm: syz.2.551 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 272.914731][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 272.914747][ T8695] Call Trace: [ 272.914758][ T8695] [ 272.914769][ T8695] dump_stack_lvl+0x16c/0x1f0 [ 272.914816][ T8695] should_fail_ex+0x512/0x640 [ 272.914848][ T8695] ? __kmalloc_noprof+0xbf/0x510 [ 272.914902][ T8695] ? sk_prot_alloc+0x1a8/0x2a0 [ 272.914944][ T8695] should_failslab+0xc2/0x120 [ 272.914969][ T8695] __kmalloc_noprof+0xd2/0x510 [ 272.915009][ T8695] ? evm_inode_alloc_security+0x49/0xc0 [ 272.915059][ T8695] sk_prot_alloc+0x1a8/0x2a0 [ 272.915108][ T8695] sk_alloc+0x36/0xc20 [ 272.915145][ T8695] __netlink_create+0x5e/0x2c0 [ 272.915183][ T8695] __netlink_kernel_create+0xed/0x750 [ 272.915226][ T8695] ? __pfx___netlink_kernel_create+0x10/0x10 [ 272.915278][ T8695] fib_net_init+0x26d/0x3f0 [ 272.915311][ T8695] ? __pfx___register_sysctl_table+0x10/0x10 [ 272.915343][ T8695] ? __pfx_fib_net_init+0x10/0x10 [ 272.915379][ T8695] ? lockdep_init_map_type+0x5c/0x280 [ 272.915409][ T8695] ? __pfx_nl_fib_input+0x10/0x10 [ 272.915452][ T8695] ? devinet_init_net+0x5c2/0x910 [ 272.915495][ T8695] ? __pfx_fib_net_init+0x10/0x10 [ 272.915528][ T8695] ops_init+0x1df/0x5f0 [ 272.915571][ T8695] setup_net+0x21e/0x850 [ 272.915614][ T8695] ? __pfx_setup_net+0x10/0x10 [ 272.915648][ T8695] ? lockdep_init_map_type+0x5c/0x280 [ 272.915675][ T8695] ? __pfx_down_read_killable+0x10/0x10 [ 272.915707][ T8695] ? debug_mutex_init+0x37/0x70 [ 272.915746][ T8695] copy_net_ns+0x2a6/0x5f0 [ 272.915792][ T8695] create_new_namespaces+0x3ea/0xad0 [ 272.915842][ T8695] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 272.915895][ T8695] ksys_unshare+0x45b/0xa40 [ 272.915939][ T8695] ? __pfx_ksys_unshare+0x10/0x10 [ 272.915980][ T8695] ? xfd_validate_state+0x5d/0x180 [ 272.916015][ T8695] ? rcu_is_watching+0x12/0xc0 [ 272.916061][ T8695] __x64_sys_unshare+0x31/0x40 [ 272.916103][ T8695] do_syscall_64+0xcd/0x260 [ 272.916147][ T8695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.916175][ T8695] RIP: 0033:0x7f7710b8d169 [ 272.916200][ T8695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.916227][ T8695] RSP: 002b:00007f77119ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 272.916253][ T8695] RAX: ffffffffffffffda RBX: 00007f7710da5fa0 RCX: 00007f7710b8d169 [ 272.916272][ T8695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 272.916288][ T8695] RBP: 00007f7710c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 272.916304][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.916320][ T8695] R13: 0000000000000000 R14: 00007f7710da5fa0 R15: 00007ffc6efd0d08 [ 272.916359][ T8695] [ 273.193903][ C0] vkms_vblank_simulate: vblank timer overrun [ 275.005210][ T8736] netlink: 354 bytes leftover after parsing attributes in process `syz.3.559'. [ 275.026792][ T8680] kexec: Could not allocate control_code_buffer [ 275.095589][ T8732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.558'. [ 276.065141][ T8745] syz.4.561: vmalloc error: size 24576, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 276.166963][ T8745] CPU: 1 UID: 0 PID: 8745 Comm: syz.4.561 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 276.167002][ T8745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 276.167016][ T8745] Call Trace: [ 276.167023][ T8745] [ 276.167032][ T8745] dump_stack_lvl+0x16c/0x1f0 [ 276.167075][ T8745] warn_alloc+0x248/0x3a0 [ 276.167118][ T8745] ? __pfx_warn_alloc+0x10/0x10 [ 276.167162][ T8745] ? alloc_pages_mpol+0x25a/0x550 [ 276.167190][ T8745] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 276.167235][ T8745] __vmalloc_node_range_noprof+0x12d2/0x1540 [ 276.167288][ T8745] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 276.167326][ T8745] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 276.167363][ T8745] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 276.167390][ T8745] vmalloc_user_noprof+0x6b/0x90 [ 276.167417][ T8745] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 276.167442][ T8745] vb2_vmalloc_alloc+0x135/0x3f0 [ 276.167470][ T8745] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 276.167497][ T8745] __vb2_queue_alloc+0x8c6/0x1280 [ 276.167541][ T8745] vb2_core_reqbufs+0xa90/0xfe0 [ 276.167575][ T8745] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 276.167619][ T8745] __vb2_init_fileio+0x3f1/0x1100 [ 276.167652][ T8745] ? vb2_fop_read+0xe6/0x3e0 [ 276.167677][ T8745] __vb2_perform_fileio+0x9c2/0x1660 [ 276.167712][ T8745] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 276.167749][ T8745] vb2_fop_read+0x215/0x3e0 [ 276.167778][ T8745] v4l2_read+0x226/0x360 [ 276.167816][ T8745] ? __pfx_v4l2_read+0x10/0x10 [ 276.167848][ T8745] vfs_read+0x1de/0xc70 [ 276.167883][ T8745] ? __pfx_vfs_read+0x10/0x10 [ 276.167909][ T8745] ? find_held_lock+0x2b/0x80 [ 276.167938][ T8745] ? __fget_files+0x204/0x3c0 [ 276.167973][ T8745] ? __fget_files+0x20e/0x3c0 [ 276.168012][ T8745] ksys_read+0x12a/0x240 [ 276.168040][ T8745] ? __pfx_ksys_read+0x10/0x10 [ 276.168067][ T8745] ? rcu_is_watching+0x12/0xc0 [ 276.168101][ T8745] do_syscall_64+0xcd/0x260 [ 276.168134][ T8745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.168156][ T8745] RIP: 0033:0x7f1a9a78d169 [ 276.168173][ T8745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.168193][ T8745] RSP: 002b:00007f1a9b5fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 276.168214][ T8745] RAX: ffffffffffffffda RBX: 00007f1a9a9a5fa0 RCX: 00007f1a9a78d169 [ 276.168228][ T8745] RDX: 0000000000070800 RSI: 0000200000000000 RDI: 0000000000000006 [ 276.168241][ T8745] RBP: 00007f1a9a80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 276.168254][ T8745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.168266][ T8745] R13: 0000000000000000 R14: 00007f1a9a9a5fa0 R15: 00007ffc11bcad38 [ 276.168295][ T8745] [ 276.168307][ T8745] Mem-Info: [ 276.595406][ T8745] active_anon:10909 inactive_anon:0 isolated_anon:0 [ 276.595406][ T8745] active_file:7288 inactive_file:49322 isolated_file:0 [ 276.595406][ T8745] unevictable:768 dirty:48 writeback:0 [ 276.595406][ T8745] slab_reclaimable:10239 slab_unreclaimable:101824 [ 276.595406][ T8745] mapped:24837 shmem:1431 pagetables:985 [ 276.595406][ T8745] sec_pagetables:0 bounce:0 [ 276.595406][ T8745] kernel_misc_reclaimable:0 [ 276.595406][ T8745] free:1322381 free_pcp:3714 free_cma:0 [ 276.654075][ T8753] netlink: 330 bytes leftover after parsing attributes in process `syz.2.563'. [ 276.704223][ T8745] Node 0 active_anon:43036kB inactive_anon:0kB active_file:29152kB inactive_file:197280kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99348kB dirty:192kB writeback:0kB shmem:4188kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11428kB pagetables:4040kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 276.785449][ T8745] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 276.816552][ C0] vkms_vblank_simulate: vblank timer overrun [ 276.874882][ T8745] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 276.954518][ T8745] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 276.982950][ T8745] Node 0 DMA32 free:1381700kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:46688kB inactive_anon:0kB active_file:29152kB inactive_file:195720kB unevictable:1536kB writepending:292kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:1476kB local_pcp:456kB free_cma:0kB [ 277.096472][ T8745] lowmem_reserve[]: 0 0 1 1 1 [ 277.114901][ T8745] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1560kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 277.195463][ T8745] lowmem_reserve[]: 0 0 0 0 0 [ 277.201106][ T8745] Node 1 Normal free:3894032kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:10076kB local_pcp:0kB free_cma:0kB [ 277.319782][ T8745] lowmem_reserve[]: 0 0 0 0 0 [ 277.385477][ T8745] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 277.411178][ T8790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.569'. [ 277.485532][ T8745] Node 0 DMA32: 87*4kB (UME) 357*8kB (UME) 1220*16kB (UME) 1071*32kB (UME) 615*64kB (UME) 318*128kB (UME) 217*256kB (UME) 103*512kB (UM) 49*1024kB (UM) 14*2048kB (UME) 256*4096kB (UM) = 1372772kB [ 277.505094][ C0] vkms_vblank_simulate: vblank timer overrun [ 277.554419][ T8745] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 277.567988][ T8745] Node 1 Normal: 276*4kB (UME) 66*8kB (UME) 45*16kB (UME) 221*32kB (UME) 103*64kB (UE) 25*128kB (UME) 20*256kB (UME) 12*512kB (UM) 5*1024kB (UME) 4*2048kB (UME) 940*4096kB (M) = 3894032kB [ 277.587058][ T8745] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 277.598811][ T8745] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 277.610257][ T8745] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 277.620289][ T8745] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 277.646266][ T8745] 58048 total pagecache pages [ 277.658163][ T8745] 0 pages in swap cache [ 277.680225][ T8745] Free swap = 124996kB [ 277.702851][ T8745] Total swap = 124996kB [ 277.745795][ T8745] 2097051 pages RAM [ 277.769528][ T8745] 0 pages HighMem/MovableOnly [ 277.807910][ T8745] 429587 pages reserved [ 277.812135][ T8745] 0 pages cma reserved [ 278.460915][ T8802] netlink: 8 bytes leftover after parsing attributes in process `syz.4.572'. [ 279.740747][ T8841] netlink: 342 bytes leftover after parsing attributes in process `syz.3.578'. [ 279.872336][ T8841] netlink: 326 bytes leftover after parsing attributes in process `syz.3.578'. [ 281.142629][ T8868] netlink: 28 bytes leftover after parsing attributes in process `syz.1.584'. [ 281.204385][ T8870] netlink: 28 bytes leftover after parsing attributes in process `syz.1.584'. [ 281.963074][ T8867] Process accounting resumed [ 284.235908][ T8925] HfR: entered promiscuous mode [ 284.306957][ T8925] netlink: 12 bytes leftover after parsing attributes in process `syz.1.594'. [ 284.364716][ T8925] HfR: left promiscuous mode [ 284.496281][ T8918] FAULT_INJECTION: forcing a failure. [ 284.496281][ T8918] name failslab, interval 1, probability 0, space 0, times 0 [ 284.551710][ T8918] CPU: 1 UID: 0 PID: 8918 Comm: syz.2.593 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 284.551752][ T8918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 284.551770][ T8918] Call Trace: [ 284.551780][ T8918] [ 284.551792][ T8918] dump_stack_lvl+0x16c/0x1f0 [ 284.551843][ T8918] should_fail_ex+0x512/0x640 [ 284.551877][ T8918] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 284.551923][ T8918] should_failslab+0xc2/0x120 [ 284.551951][ T8918] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 284.551995][ T8918] ? mas_alloc_nodes+0x18b/0x8b0 [ 284.552036][ T8918] mas_alloc_nodes+0x18b/0x8b0 [ 284.552090][ T8918] mas_node_count_gfp+0x105/0x130 [ 284.552130][ T8918] mas_preallocate+0x53e/0xcd0 [ 284.552166][ T8918] ? __pfx_mas_preallocate+0x10/0x10 [ 284.552210][ T8918] ? anon_vma_name+0x75/0x100 [ 284.552248][ T8918] __split_vma+0x33b/0x1030 [ 284.552296][ T8918] ? __pfx___split_vma+0x10/0x10 [ 284.552360][ T8918] vms_gather_munmap_vmas+0x392/0x1310 [ 284.552412][ T8918] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 284.552460][ T8918] ? mas_walk+0x6a6/0x910 [ 284.552516][ T8918] __mmap_region+0x314/0x27c0 [ 284.552559][ T8918] ? finish_task_switch.isra.0+0x221/0xc10 [ 284.552601][ T8918] ? __pfx___mmap_region+0x10/0x10 [ 284.552648][ T8918] ? trace_sched_exit_tp+0xde/0x130 [ 284.552707][ T8918] ? __lock_acquire+0x5ca/0x1ba0 [ 284.552744][ T8918] ? __pfx___schedule+0x10/0x10 [ 284.552828][ T8918] ? trace_cap_capable+0x18d/0x200 [ 284.552859][ T8918] ? cap_capable+0xb3/0x250 [ 284.552893][ T8918] mmap_region+0x1ab/0x3f0 [ 284.552946][ T8918] do_mmap+0xd8e/0x11b0 [ 284.552988][ T8918] ? __pfx_do_mmap+0x10/0x10 [ 284.553023][ T8918] ? __pfx_down_write_killable+0x10/0x10 [ 284.553077][ T8918] vm_mmap_pgoff+0x281/0x450 [ 284.553127][ T8918] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 284.553173][ T8918] ? __x64_sys_futex+0x1e0/0x4c0 [ 284.553211][ T8918] ? __x64_sys_futex+0x1e9/0x4c0 [ 284.553260][ T8918] ksys_mmap_pgoff+0x7d/0x5c0 [ 284.553294][ T8918] ? rcu_is_watching+0x12/0xc0 [ 284.553335][ T8918] __x64_sys_mmap+0x125/0x190 [ 284.553373][ T8918] do_syscall_64+0xcd/0x260 [ 284.553419][ T8918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.553448][ T8918] RIP: 0033:0x7f7710b8d169 [ 284.553471][ T8918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.553498][ T8918] RSP: 002b:00007f77119ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 284.553525][ T8918] RAX: ffffffffffffffda RBX: 00007f7710da5fa0 RCX: 00007f7710b8d169 [ 284.553545][ T8918] RDX: 00010000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 284.553563][ T8918] RBP: 00007f7710c0e2a0 R08: 0000000000000401 R09: 0000000000008000 [ 284.553580][ T8918] R10: 0000000000000eb2 R11: 0000000000000246 R12: 0000000000000000 [ 284.553597][ T8918] R13: 0000000000000000 R14: 00007f7710da5fa0 R15: 00007ffc6efd0d08 [ 284.553637][ T8918] [ 287.278210][ T8990] netlink: 8 bytes leftover after parsing attributes in process `syz.1.604'. [ 287.296903][ T8993] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 287.370569][ T8993] CPU: 1 UID: 0 PID: 8993 Comm: syz.4.605 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 287.370608][ T8993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.370622][ T8993] Call Trace: [ 287.370631][ T8993] [ 287.370642][ T8993] dump_stack_lvl+0x16c/0x1f0 [ 287.370683][ T8993] sysfs_warn_dup+0x7f/0xa0 [ 287.370721][ T8993] sysfs_create_dir_ns+0x24b/0x2b0 [ 287.370756][ T8993] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 287.370790][ T8993] ? find_held_lock+0x2b/0x80 [ 287.370829][ T8993] ? nfs_netns_namespace+0xd/0x40 [ 287.370860][ T8993] kobject_add_internal+0x2c4/0x9b0 [ 287.370906][ T8993] kobject_init_and_add+0x11b/0x190 [ 287.370932][ T8993] ? __pfx_kobject_init_and_add+0x10/0x10 [ 287.370982][ T8993] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 287.371019][ T8993] nfs_net_init+0x10a/0x300 [ 287.371055][ T8993] ? __pfx_nfs_net_init+0x10/0x10 [ 287.371097][ T8993] ops_init+0x1df/0x5f0 [ 287.371140][ T8993] setup_net+0x21e/0x850 [ 287.371183][ T8993] ? __pfx_setup_net+0x10/0x10 [ 287.371218][ T8993] ? lockdep_init_map_type+0x5c/0x280 [ 287.371243][ T8993] ? __pfx_down_read_killable+0x10/0x10 [ 287.371274][ T8993] ? debug_mutex_init+0x37/0x70 [ 287.371309][ T8993] copy_net_ns+0x2a6/0x5f0 [ 287.371348][ T8993] create_new_namespaces+0x3ea/0xad0 [ 287.371392][ T8993] copy_namespaces+0x468/0x560 [ 287.371432][ T8993] copy_process+0x29ff/0x91a0 [ 287.371495][ T8993] ? __pfx_copy_process+0x10/0x10 [ 287.371531][ T8993] ? __pfx___futex_wait+0x10/0x10 [ 287.371593][ T8993] kernel_clone+0xfc/0x960 [ 287.371636][ T8993] ? __pfx_kernel_clone+0x10/0x10 [ 287.371700][ T8993] __do_sys_clone+0xce/0x120 [ 287.371741][ T8993] ? __pfx___do_sys_clone+0x10/0x10 [ 287.371800][ T8993] ? rcu_is_watching+0x12/0xc0 [ 287.371845][ T8993] do_syscall_64+0xcd/0x260 [ 287.371887][ T8993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.371912][ T8993] RIP: 0033:0x7f1a9a78d169 [ 287.371933][ T8993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.371957][ T8993] RSP: 002b:00007f1a9b5f9fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 287.371983][ T8993] RAX: ffffffffffffffda RBX: 00007f1a9a9a5fa0 RCX: 00007f1a9a78d169 [ 287.371999][ T8993] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040100000 [ 287.372014][ T8993] RBP: 00007f1a9a80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 287.372031][ T8993] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 287.372046][ T8993] R13: 0000000000000000 R14: 00007f1a9a9a5fa0 R15: 00007ffc11bcad38 [ 287.372091][ T8993] [ 287.372126][ T8993] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 289.444184][ T9050] lo: entered allmulticast mode [ 289.633673][ T9050] lo: left allmulticast mode [ 289.759193][ T9058] FAULT_INJECTION: forcing a failure. [ 289.759193][ T9058] name failslab, interval 1, probability 0, space 0, times 0 [ 289.829462][ T9058] CPU: 1 UID: 0 PID: 9058 Comm: syz.4.612 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 289.829507][ T9058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 289.829524][ T9058] Call Trace: [ 289.829534][ T9058] [ 289.829546][ T9058] dump_stack_lvl+0x16c/0x1f0 [ 289.829592][ T9058] should_fail_ex+0x512/0x640 [ 289.829622][ T9058] ? fs_reclaim_acquire+0xae/0x150 [ 289.829658][ T9058] should_failslab+0xc2/0x120 [ 289.829685][ T9058] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 289.829730][ T9058] ? security_inode_alloc+0x3b/0x2b0 [ 289.829776][ T9058] security_inode_alloc+0x3b/0x2b0 [ 289.829811][ T9058] inode_init_always_gfp+0xce4/0x1030 [ 289.829862][ T9058] alloc_inode+0x86/0x240 [ 289.829897][ T9058] sock_alloc+0x40/0x280 [ 289.829940][ T9058] sock_create_lite+0x82/0x120 [ 289.829985][ T9058] __netlink_kernel_create+0xbd/0x750 [ 289.830025][ T9058] ? __kvmalloc_node_noprof+0x296/0x600 [ 289.830068][ T9058] ? __pfx___netlink_kernel_create+0x10/0x10 [ 289.830122][ T9058] fib_net_init+0x26d/0x3f0 [ 289.830173][ T9058] ? __pfx___register_sysctl_table+0x10/0x10 [ 289.830207][ T9058] ? __pfx_fib_net_init+0x10/0x10 [ 289.830245][ T9058] ? lockdep_init_map_type+0x5c/0x280 [ 289.830275][ T9058] ? __pfx_nl_fib_input+0x10/0x10 [ 289.830321][ T9058] ? devinet_init_net+0x5c2/0x910 [ 289.830368][ T9058] ? __pfx_fib_net_init+0x10/0x10 [ 289.830404][ T9058] ops_init+0x1df/0x5f0 [ 289.830449][ T9058] setup_net+0x21e/0x850 [ 289.830498][ T9058] ? __pfx_setup_net+0x10/0x10 [ 289.830535][ T9058] ? lockdep_init_map_type+0x5c/0x280 [ 289.830563][ T9058] ? __pfx_down_read_killable+0x10/0x10 [ 289.830595][ T9058] ? debug_mutex_init+0x37/0x70 [ 289.830637][ T9058] copy_net_ns+0x2a6/0x5f0 [ 289.830684][ T9058] create_new_namespaces+0x3ea/0xad0 [ 289.830743][ T9058] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 289.830790][ T9058] ksys_unshare+0x45b/0xa40 [ 289.830835][ T9058] ? __pfx_ksys_unshare+0x10/0x10 [ 289.830877][ T9058] ? xfd_validate_state+0x5d/0x180 [ 289.830913][ T9058] ? rcu_is_watching+0x12/0xc0 [ 289.830959][ T9058] __x64_sys_unshare+0x31/0x40 [ 289.831000][ T9058] do_syscall_64+0xcd/0x260 [ 289.831045][ T9058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.831075][ T9058] RIP: 0033:0x7f1a9a78d169 [ 289.831101][ T9058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.831129][ T9058] RSP: 002b:00007f1a9b597038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 289.831158][ T9058] RAX: ffffffffffffffda RBX: 00007f1a9a9a6240 RCX: 00007f1a9a78d169 [ 289.831178][ T9058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 289.831195][ T9058] RBP: 00007f1a9a80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 289.831212][ T9058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.831228][ T9058] R13: 0000000000000000 R14: 00007f1a9a9a6240 R15: 00007ffc11bcad38 [ 289.831268][ T9058] [ 290.378689][ T9065] netlink: 342 bytes leftover after parsing attributes in process `syz.1.622'. [ 297.032796][ T9136] kexec: Could not allocate control_code_buffer [ 298.719713][ T9224] netlink: 28 bytes leftover after parsing attributes in process `syz.3.631'. [ 298.786656][ T9224] team0: Port device team_slave_0 removed [ 298.968530][ T9229] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 298.974797][ T9229] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 298.998744][ T9229] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 299.007588][ T9229] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 299.014568][ T9229] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 299.176857][ T9229] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 299.519618][ T9248] netlink: 56 bytes leftover after parsing attributes in process `syz.3.635'. [ 299.530811][ T9247] netlink: 56 bytes leftover after parsing attributes in process `syz.3.635'. [ 301.005609][ T9141] Bluetooth: hci3: command 0x0c1a tx timeout [ 301.011839][ T9141] Bluetooth: hci2: command 0x0c1a tx timeout [ 301.019034][ T9141] Bluetooth: hci1: command 0x0c1a tx timeout [ 301.090127][ T9269] Bluetooth: hci0: command 0x0c1a tx timeout [ 303.166603][ T9269] Bluetooth: hci0: command 0x0c1a tx timeout [ 305.252109][ T9269] Bluetooth: hci0: command 0x0c1a tx timeout [ 306.104023][ T9311] netlink: 4 bytes leftover after parsing attributes in process `syz.4.647'. [ 307.145546][ T9326] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 307.174860][ T9326] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 307.295620][ T9326] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 307.301826][ T9326] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 309.169409][ T9269] Bluetooth: hci1: command 0x0c1a tx timeout [ 309.245733][ T9269] Bluetooth: hci2: command 0x0c1a tx timeout [ 309.325558][ T9269] Bluetooth: hci0: command 0x0c1a tx timeout [ 309.331675][ T9269] Bluetooth: hci3: command 0x0c1a tx timeout [ 310.466262][ T9383] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 310.498391][ T9383] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 310.525572][ T9383] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 310.556371][ T9383] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 310.743078][ T9387] netlink: 206 bytes leftover after parsing attributes in process `syz.2.666'. [ 311.145801][ T9269] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 311.279585][ T30] audit: type=1800 audit(6039144989.819:13): pid=9394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.667" name="dbroot" dev="configfs" ino=22511 res=0 errno=0 [ 312.535422][ T9269] Bluetooth: hci2: command 0x0c1a tx timeout [ 312.541520][ T9269] Bluetooth: hci1: command 0x0c1a tx timeout [ 312.606014][ T9269] Bluetooth: hci0: command 0x0c1a tx timeout [ 312.612130][ T9269] Bluetooth: hci3: command 0x0c1a tx timeout [ 312.955961][ T9388] Process accounting paused [ 315.390625][ T9434] sd 0:0:1:0: PR command failed: 1026 [ 315.416968][ T9434] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 315.423785][ T9434] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 316.167640][ T9453] netlink: 330 bytes leftover after parsing attributes in process `syz.4.678'. [ 316.264871][ T9453] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.272861][ T9453] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.272467][ T30] audit: type=1800 audit(6039144997.829:14): pid=9494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.686" name="dbroot" dev="configfs" ino=22790 res=0 errno=0 [ 322.379090][ T9530] cifs: Unknown parameter 'X' [ 322.535993][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.542477][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.749506][ T9547] netlink: 338 bytes leftover after parsing attributes in process `syz.3.696'. [ 324.232987][ T9553] netlink: 206 bytes leftover after parsing attributes in process `syz.1.699'. [ 326.362298][ T9572] could not allocate digest TFM handle [ 326.974163][ T9572] netlink: 28 bytes leftover after parsing attributes in process `syz.2.705'. [ 327.894311][ T9605] sp0: Synchronizing with TNC [ 328.191910][ T9609] Invalid ELF header magic: != ELF [ 329.260839][ T9269] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 329.437283][ T30] audit: type=1800 audit(6039145015.935:15): pid=9631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.718" name="dbroot" dev="configfs" ino=23083 res=0 errno=0 [ 329.845739][ T9625] kexec: Could not allocate control_code_buffer [ 330.269034][ T9644] netlink: 24 bytes leftover after parsing attributes in process `syz.4.719'. [ 333.105976][ T9676] netlink: 338 bytes leftover after parsing attributes in process `syz.1.727'. [ 335.236552][ T9269] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 335.357341][ T30] audit: type=1800 audit(6039145029.859:16): pid=9714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.734" name="dbroot" dev="configfs" ino=23949 res=0 errno=0 [ 337.845604][ T9729] could not allocate digest TFM handle [ 338.847704][ T9729] netlink: 28 bytes leftover after parsing attributes in process `syz.3.739'. [ 342.431268][ T9789] mkiss: ax0: crc mode is auto. [ 343.255877][ T9804] could not allocate digest TFM handle [ 344.068888][ T9817] netlink: 28 bytes leftover after parsing attributes in process `syz.1.753'. [ 345.242229][ T9837] Process accounting resumed [ 345.661715][ T9838] vivid-003: ================= START STATUS ================= [ 345.954360][ T9838] vivid-003: Radio HW Seek Mode: Bounded [ 345.960197][ T9838] vivid-003: Radio Programmable HW Seek: false [ 345.967717][ T9838] vivid-003: RDS Rx I/O Mode: Block I/O [ 345.973355][ T9838] vivid-003: Generate RBDS Instead of RDS: false [ 345.979914][ T9838] vivid-003: RDS Reception: true [ 345.984919][ T9838] vivid-003: RDS Program Type: 0 inactive [ 345.990831][ T9838] vivid-003: RDS PS Name: inactive [ 345.996196][ T9838] vivid-003: RDS Radio Text: inactive [ 346.001826][ T9838] vivid-003: RDS Traffic Announcement: false inactive [ 346.008739][ T9838] vivid-003: RDS Traffic Program: false inactive [ 346.015971][ T9838] vivid-003: RDS Music: false inactive [ 346.021605][ T9838] vivid-003: ================== END STATUS ================== [ 349.678755][ T9893] could not allocate digest TFM handle [ 350.291419][ T9269] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 350.408491][ T30] audit: type=1800 audit(6039145052.910:17): pid=9905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.779" name="dbroot" dev="configfs" ino=24727 res=0 errno=0 [ 351.430026][ T9895] netlink: 28 bytes leftover after parsing attributes in process `syz.4.768'. [ 353.640463][ T9941] kexec: Could not allocate control_code_buffer [ 354.575461][ T9936] vivid-003: ================= START STATUS ================= [ 354.598806][ T9936] vivid-003: Radio HW Seek Mode: Bounded [ 354.604553][ T9936] vivid-003: Radio Programmable HW Seek: false [ 354.620368][ T9936] vivid-003: RDS Rx I/O Mode: Block I/O [ 354.626515][ T9936] vivid-003: Generate RBDS Instead of RDS: false [ 354.633014][ T9936] vivid-003: RDS Reception: true [ 354.638715][ T9936] vivid-003: RDS Program Type: 0 inactive [ 354.651395][ T9936] vivid-003: RDS PS Name: inactive [ 354.657173][ T9936] vivid-003: RDS Radio Text: inactive [ 354.662921][ T9936] vivid-003: RDS Traffic Announcement: false inactive [ 354.670282][ T9936] vivid-003: RDS Traffic Program: false inactive [ 354.677446][ T9936] vivid-003: RDS Music: false inactive [ 354.683599][ T9936] vivid-003: ================== END STATUS ================== [ 356.008458][ T9985] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 356.016654][ T9985] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 356.022874][ T9985] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 356.030906][ T9985] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 356.322546][ T30] audit: type=1800 audit(6039145058.870:18): pid=9998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.788" name="members" dev="configfs" ino=25072 res=0 errno=0 [ 357.033837][ T9152] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 357.136503][ T30] audit: type=1800 audit(6039145067.650:19): pid=10005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.789" name="dbroot" dev="configfs" ino=25095 res=0 errno=0 [ 357.725802][ T9152] Bluetooth: hci1: command 0x0c1a tx timeout [ 358.045462][ T9152] Bluetooth: hci0: command 0x0c1a tx timeout [ 358.052525][ T9269] Bluetooth: hci3: command 0x0c1a tx timeout [ 358.059416][ T9269] Bluetooth: hci2: command 0x0c1a tx timeout [ 360.727551][T10049] FAULT_INJECTION: forcing a failure. [ 360.727551][T10049] name failslab, interval 1, probability 0, space 0, times 0 [ 360.752414][T10049] CPU: 1 UID: 0 PID: 10049 Comm: syz.2.797 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 360.752452][T10049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 360.752468][T10049] Call Trace: [ 360.752477][T10049] [ 360.752489][T10049] dump_stack_lvl+0x16c/0x1f0 [ 360.752532][T10049] should_fail_ex+0x512/0x640 [ 360.752563][T10049] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 360.752605][T10049] should_failslab+0xc2/0x120 [ 360.752631][T10049] __kmalloc_cache_noprof+0x6a/0x3e0 [ 360.752666][T10049] ? rcu_is_watching+0x12/0xc0 [ 360.752700][T10049] ? s_start+0x7b/0x320 [ 360.752733][T10049] s_start+0x7b/0x320 [ 360.752764][T10049] traverse.part.0.constprop.0+0xac/0x640 [ 360.752825][T10049] seq_read_iter+0x932/0x12c0 [ 360.752880][T10049] seq_read+0x39e/0x4e0 [ 360.752917][T10049] ? __pfx_seq_read+0x10/0x10 [ 360.752954][T10049] ? get_pid_task+0xfc/0x250 [ 360.753000][T10049] ? rw_verify_area+0xcf/0x680 [ 360.753032][T10049] ? __pfx_seq_read+0x10/0x10 [ 360.753070][T10049] vfs_read+0x1de/0xc70 [ 360.753115][T10049] ? __pfx_vfs_read+0x10/0x10 [ 360.753149][T10049] ? find_held_lock+0x2b/0x80 [ 360.753185][T10049] ? __fget_files+0x204/0x3c0 [ 360.753228][T10049] ? __fget_files+0x20e/0x3c0 [ 360.753259][T10049] ? __fget_files+0x1e0/0x3c0 [ 360.753307][T10049] __x64_sys_pread64+0x1f4/0x250 [ 360.753347][T10049] ? __pfx___x64_sys_pread64+0x10/0x10 [ 360.753382][T10049] ? rcu_is_watching+0x12/0xc0 [ 360.753424][T10049] do_syscall_64+0xcd/0x260 [ 360.753464][T10049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.753491][T10049] RIP: 0033:0x7f7710b8d169 [ 360.753512][T10049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.753536][T10049] RSP: 002b:00007f77119ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 360.753562][T10049] RAX: ffffffffffffffda RBX: 00007f7710da5fa0 RCX: 00007f7710b8d169 [ 360.753580][T10049] RDX: 000000000000000b RSI: 0000000000000000 RDI: 0000000000000003 [ 360.753594][T10049] RBP: 00007f77119ab090 R08: 0000000000000000 R09: 0000000000000000 [ 360.753610][T10049] R10: 00000000000005af R11: 0000000000000246 R12: 0000000000000001 [ 360.753625][T10049] R13: 0000000000000000 R14: 00007f7710da5fa0 R15: 00007ffc6efd0d08 [ 360.753658][T10049] [ 360.753669][T10049] [ 360.983590][T10049] ===================================== [ 360.989135][T10049] WARNING: bad unlock balance detected! [ 360.994677][T10049] 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 Not tainted [ 361.001790][T10049] ------------------------------------- [ 361.007507][T10049] syz.2.797/10049 is trying to release lock (event_mutex) at: [ 361.014982][T10049] [] traverse.part.0.constprop.0+0x2bd/0x640 [ 361.022557][T10049] but there are no more locks to release! [ 361.028282][T10049] [ 361.028282][T10049] other info that might help us debug this: [ 361.036350][T10049] 1 lock held by syz.2.797/10049: [ 361.041388][T10049] #0: ffff88807d4ec540 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0 [ 361.050296][T10049] [ 361.050296][T10049] stack backtrace: [ 361.056187][T10049] CPU: 1 UID: 0 PID: 10049 Comm: syz.2.797 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) [ 361.056214][T10049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 361.056227][T10049] Call Trace: [ 361.056233][T10049] [ 361.056241][T10049] dump_stack_lvl+0x116/0x1f0 [ 361.056271][T10049] ? traverse.part.0.constprop.0+0x2bd/0x640 [ 361.056298][T10049] print_unlock_imbalance_bug+0x11b/0x130 [ 361.056328][T10049] ? traverse.part.0.constprop.0+0x2bd/0x640 [ 361.056354][T10049] lock_release+0x242/0x2f0 [ 361.056373][T10049] __mutex_unlock_slowpath+0xa2/0x6a0 [ 361.056403][T10049] ? rcu_is_watching+0x12/0xc0 [ 361.056426][T10049] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 361.056454][T10049] ? __kmalloc_cache_noprof+0x249/0x3e0 [ 361.056482][T10049] ? rcu_is_watching+0x12/0xc0 [ 361.056505][T10049] ? kfree+0x252/0x4d0 [ 361.056528][T10049] ? s_start+0x28c/0x320 [ 361.056548][T10049] traverse.part.0.constprop.0+0x2bd/0x640 [ 361.056578][T10049] seq_read_iter+0x932/0x12c0 [ 361.056608][T10049] seq_read+0x39e/0x4e0 [ 361.056632][T10049] ? __pfx_seq_read+0x10/0x10 [ 361.056657][T10049] ? get_pid_task+0xfc/0x250 [ 361.056681][T10049] ? rw_verify_area+0xcf/0x680 [ 361.056704][T10049] ? __pfx_seq_read+0x10/0x10 [ 361.056729][T10049] vfs_read+0x1de/0xc70 [ 361.056756][T10049] ? __pfx_vfs_read+0x10/0x10 [ 361.056788][T10049] ? find_held_lock+0x2b/0x80 [ 361.056812][T10049] ? __fget_files+0x204/0x3c0 [ 361.056841][T10049] ? __fget_files+0x20e/0x3c0 [ 361.056867][T10049] ? __fget_files+0x1e0/0x3c0 [ 361.056897][T10049] __x64_sys_pread64+0x1f4/0x250 [ 361.056924][T10049] ? __pfx___x64_sys_pread64+0x10/0x10 [ 361.056951][T10049] ? rcu_is_watching+0x12/0xc0 [ 361.056977][T10049] do_syscall_64+0xcd/0x260 [ 361.057006][T10049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.057026][T10049] RIP: 0033:0x7f7710b8d169 [ 361.057042][T10049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 361.057062][T10049] RSP: 002b:00007f77119ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 361.057080][T10049] RAX: ffffffffffffffda RBX: 00007f7710da5fa0 RCX: 00007f7710b8d169 [ 361.057093][T10049] RDX: 000000000000000b RSI: 0000000000000000 RDI: 0000000000000003 [ 361.057105][T10049] RBP: 00007f77119ab090 R08: 0000000000000000 R09: 0000000000000000 [ 361.057117][T10049] R10: 00000000000005af R11: 0000000000000246 R12: 0000000000000001 [ 361.057129][T10049] R13: 0000000000000000 R14: 00007f7710da5fa0 R15: 00007ffc6efd0d08 [ 361.057147][T10049]