last executing test programs: 6.531395875s ago: executing program 1 (id=1846): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/lockdep\x00', 0x400, 0x0) readlink$auto(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='/sys/module/xpad/parameters/auto_poweroff\x00', 0x6) sendfile$auto(0x2, 0x3, &(0x7f0000000040)=0x80, 0xc3e0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/xpad/parameters/auto_poweroff\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)="b8", 0x1) 6.36555506s ago: executing program 1 (id=1848): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pkey_free$auto(0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0) ioperm$auto(0x2, 0x3, 0x383a) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/profile\x00', 0x200000, 0x0) setsockopt$auto_SO_PASSPIDFD(r0, 0x3, 0x4c, &(0x7f00000000c0)='\x00', 0x3) mq_open$auto(0x0, 0xde8, 0xb, 0x0) mq_unlink$auto(0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x3b) socket(0x2, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYRES16=r1, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x400d0}, 0x404c054) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) write$auto(r2, &(0x7f0000000000)='/dev/input/event0\x00', 0x7fe) 5.542739384s ago: executing program 1 (id=1850): mmap$auto(0x0, 0x100000005, 0xdf, 0x2000000000000eb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}}, 0x4000000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(0x0, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8003) write$auto(0x3, 0x0, 0x100082) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) setns(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="ea12e528ded30ff1309c8b1613007984cb"], 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x4000080) getgroups$auto(0x1, &(0x7f0000000100)=0xffff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x4, 0x2, 0x4, 0x0, 0xfffffffffffffffa, 0x1, 0x0, 0x9, 0x7, 0x5}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) write$auto(r0, &(0x7f0000000000)='y\x8c', 0x2) quotactl_fd$auto(0xffffffffffffffff, 0x2, 0xee01, &(0x7f0000000380)="c7a34676508b060b6a2b") get_mempolicy$auto(&(0x7f0000000180)=0x6, &(0x7f0000000280)=0x5, 0xa6, 0xfff, 0x3) mmap$auto(0x400000000000, 0xe983, 0x2000000df, 0xeb1, 0x402, 0x8000) msgctl$auto_IPC_SET(0x7fffffff, 0x1, &(0x7f0000000680)={{0x1, 0x0, 0x0, 0xd46, 0x4, 0x8, 0x1}, &(0x7f0000000140)=0x6, &(0x7f00000001c0)=0x2, 0x8000000000000000, 0x81, 0x1, 0x401, 0xfffffffffffffffc, 0x6, 0xf89d, 0x4, @inferred, @raw=0x2}) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff) io_uring_setup$auto(0x4, &(0x7f0000000280)={0x1, 0xd, 0x800ef, 0x9, 0x0, 0x6, 0xffffffffffffffff, [0x7, 0xc, 0x4], {0x100, 0x4, 0x0, 0x2, 0x80007, 0x0, 0xfefffffa, 0x8, 0x23}, {0x2, 0x7, 0x1, 0x9010, 0x3, 0x7ffffff8, 0x1, 0x8, 0x6}}) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) prctl$auto(0x23, 0xe, 0x1ff, 0x68, 0x0) sendmsg$auto_WG_CMD_SET_DEVICE(r1, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="210026bd7000fedbdf250100000014000200776730000000000000000000000000000b000880002e023a69d4270094d206db42241cbf34337b97398198a9e10c635711eecf208700220164c665f416e1f8577ad082474cd45bfbcd3f9f455143704135310468b7e2e020abc93fee47585f74c9840da5f9c77f58dae6302376760ae518bb74f49b5a5a6fec53f98aea332c4d5c83bb0bf8d5324e3608dedd61c0fce20973adf1cba15f8d681992ce4347f66bbdf9ce660b6b295d8b3d95c12792d1f3c64450e0071eab469b87cd320b7835f43ba7"], 0x34}, 0x1, 0x0, 0x0, 0x4040094}, 0x80) 5.176871829s ago: executing program 1 (id=1852): socket(0x23, 0x2, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, r0) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\b\x00\x00', @ANYRES16=r1], 0x60}, 0x1, 0x0, 0x0, 0x54}, 0x1) getsockopt$auto(0xffffffffffffffff, 0x84, 0x24, 0x0, &(0x7f00000000c0)=0x3) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x6, 0xa, 0xffffffffffffffff, 0x15, 0x5, 0x7ffd) r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$auto_RTC_SET_TIME(r3, 0x4024700a, &(0x7f0000000040)={0x1, 0x7, 0x5, 0x10001, 0x3, 0x80000000, 0x3, 0x81, 0x10001}) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) getsockopt$auto(r2, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r4, 0x0, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x8000, 0x0, 0xfffffffffffffffd) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) execve$auto(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)=0x0, &(0x7f0000000300)=&(0x7f00000002c0)='*@}:{-}-[\x00') write$auto(0x3, 0x0, 0x100082) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) 4.103249068s ago: executing program 1 (id=1853): syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x20008040) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20540, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) sysfs$auto(0x2, 0x2, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_netdev(0x0, r0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video20\x00', 0x102f00, 0x0) poll$auto(&(0x7f0000000480)={r3, 0xffff, 0x29}, 0x6, 0x8) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x6, 0x1e, 0x0, 0x409) r4 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0xc, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x3, 0x8, 0x100000000}}) io_uring_enter$auto(r4, 0x9, 0x820e, 0x9, 0x0, 0x18) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, 0x0, 0x6a) 4.103052954s ago: executing program 2 (id=1854): r0 = socket$nl_generic(0x10, 0x3, 0x10) fsconfig$auto(r0, 0x3, &(0x7f0000000200)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96\fd\xa3\xf9&\xc9~\x10\x06X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8\x06\x00\x00\x00z`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x1b\x9d\xd4\x99_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\x06\x00Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2zsx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\xedFx\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\x03\xe2T\xea\xa0\xba\xd7R8T\x00\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3WYX\x8a/\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2', &(0x7f0000000580)="de", 0x0) getsockopt$auto_SO_REUSEPORT(r0, 0x2, 0xf, &(0x7f0000000000)='\x00', &(0x7f0000000080)=0x107) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000040)={0x9, 0x8000, 0x6a9, 0x7, 0x1, 0x0}) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x10000000000006, 0x4, 0x400007, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) fanotify_init$auto(0x5, 0x0) socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f00000000c0), 0x55) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x800005411, 0x38) r2 = open(0x0, 0x22240, 0x55) statx$auto(r2, 0x0, 0x2001003, 0x4005, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) fcntl$auto(r3, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) prctl$auto_PR_GET_AUXV(0x41555856, 0x2, r1, 0x5, 0x1) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f0000000480)) 2.934176202s ago: executing program 1 (id=1856): r0 = socket(0x2, 0x1, 0x106) getsockopt$auto_SO_MEMINFO(r0, 0x1, 0x37, &(0x7f0000000100)='/dev/kvm\x00', &(0x7f0000000180)=0x7) prctl$auto(0x1b, 0x3, 0x2009, 0x0, 0x0) prctl$auto(0x21, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001700), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01eb87a70326bd7000ffdbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x4005}, 0x28044004) read$auto(0x3, 0x0, 0x400000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000040), r3) sendmsg$auto_NLBL_MGMT_C_LISTDEF(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="918935a4718124000008", @ANYRES16=r4, @ANYBLOB="04002bbd7000fbdbdf250600000008000300080000000800020007000000"], 0x24}, 0x1, 0x0, 0x0, 0x4050}, 0x0) sendmsg$auto_NLBL_MGMT_C_LISTALL(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00082bbd7000fddbdf25030000000800020080000008080002005300000008000300070000000b0001006e657464657600000f0001002f6465762f6164737031000008000200030000000800030001000000"], 0x58}}, 0x4044080) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) write$auto(0x3, 0x0, 0xffd8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0x28, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) 2.166184626s ago: executing program 2 (id=1859): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) (fail_nth: 8) 2.085908061s ago: executing program 3 (id=1860): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/vulnerabilities/tsx_async_abort\x00', 0xa000, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x6, 0xfffffffffffffffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/snd_hda_intel/parameters/power_save\x00', 0x80002, 0x0) write$auto(r1, 0x0, 0x10001) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/ip_tables_matches\x00', 0x10b402, 0x0) socket(0x2, 0x801, 0x100) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, 0xffffffffffffffff, 0x4, 0x1ff, 0xffffffffffffffff, @relative_fd, 0xe600}, 0x6) connect$auto(0x3, &(0x7f00000000c0), 0x55) pread64$auto(r2, 0x0, 0x8100000041, 0x413e) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x4b000) 1.952382176s ago: executing program 3 (id=1863): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) setsockopt$auto(0x3, 0x10d, 0x11, 0x0, 0x17) mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000280)=0xc9e, 0x400, 0x1) mlock$auto(0x81, 0xffff) 1.825410624s ago: executing program 3 (id=1864): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x1c9002, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="88320f1e", @ANYRES16, @ANYBLOB="000428bd7000fddbdf2505000000c904030013001c90401d49d70a5d3de6e79d0eaacc0f734ed1a8606d40b53461aced192be80faee30a616b5ba4d82b26e864a51cb446eecc12d9247c2f5033d431a2e186f6e548cbce46b817d635628d449dc98e9091eeed00951b3426a6a5070f0fd6818fe57ee11cb95d754c350b027f0bd0a8b15a2e257dfa4fe7df859f78e8ac61d86d6bdd64c46445adddec1d07fbba99526993ca3894d1410152e84a4613ba51cfaa15d677bf8de25e652e5692cdf9b96b02fa08eae516b0eb2f0d225dde827e023f3af2d4d14e88ddbc64c32aea15d8533b2556b37534d96ee7793be18ffbc561bb947476b51b28bca77086bd69c08c16494eb34d1f5b19a59ea4f0114b3019f9a855b9ecc5ddb71f92372708fddea5c99d895885ad64939880def39a347f8c1afabfdc7c87ccdda52a6b46d87dd69aebdbb1604a0be94b6761351d9855b799b54e62a30c001ecc617b22ccaa896b4ca5da79772c4592abc920b64d0632b023301080806ce6a4f1d55c1db06bfe229943d7198a239387888d9ead9a7729c97a430bde4d4c5cb3eb61c8b387ba8146318add8df2b31371dbad914fb7a8afd162b2f6f357e13a20bac61bd29972a316268cdadd4a15d0b5079272f06ded9c4d48de13191636a395d23c11ecb5345030bac7fa6e2327e5d33eb03279aa1746c56722f80204b0156524d2ce5a2cd300b0128496335610a84cea559615f0fa4c44994720b89867af77f77a6ac788ad57699b4a1758ce3eb32eb2d05f4935557181547a49c0252319e7a3aac0b59870773721082134acfa9ae7fa42907900ffc4621696fe9d427ab2703944f153f4e8f762bb1019b3c806f72292e273e7a19616a3945fa6f70ab74a8f69b5275d9c34a3415bf03f84ce51144612328a917f5c59174e815285fc9485fee22c66c9d383dbcfe52f8af9ab5f25802f1ab2fc87b85c63cd28702658c0facb88b1e2f4dcfb46785ff344e4e057775554e16cc0d9a8817997b57259bf66cf2d2b54c87df3ecf86cf6fa39423e9330f27cb2c1b1649de0b1082832d7d2e78b2b801b9c4f80a5d2df18d1b5c23a9982576676ba19a0408e517fbd996caa159e8aab5083eda8bdf405b09b4228a37d7e606226888d256630d56bdb840a2da08d3b0c6e3422731f6a49d490a09f739a58f2568a23fb97286b3d99dc9c96ab6115c3a3a1b2173769bf50785fe5b2ea62d5cb16d8e9e1643f18105c6365d29f8de3ae41241a9bef9f75bb6c32e9ff7cb71bdd28ea931af8d0b4305b56af1c01551df2eb3d9dd069fc33f3032932b3cf087ed06644628462293a758533922d06ac7df2e2aa3d7ea71124a909a7a2e7529e53a595a9672ffb0eac69a97073c451c6fb692ab1fe1d2cd8cb1abc6ecffc7c52ed57baca0162f41db573b001d9868f9a471c544566496be6e4123ce5b6248ae65966d8126a53f8307734910ec40ca474b93d1e8248538b4356b4de5a9ae4817acba61c1d40f1da440b3de4c4b4595e4712519d74123dc17596eb9d6649a8311373cbeb3ee7df3ab9e5d16bcc92a55089ff7cc424e54fcf98d87ec12f0ff3a754aeff183ab7a21184ae599898187d199adacc4681a0718fbba8b45b74bc341052bc957fa16d4ff06120ca36b5f30e22959fbe87e89f2c8a6f08d5387d8b5c169c3c18347cb69dd02d5f498a02c6752d8278b7145798566c598cf5859ee65a33fdce0fd55692df15bdb4b908b09eac9f9d2e00000008000b00255e2e3a1d0002009c0ff3cc900150d0842193d5e5d0ec9ba23afa85e5b51b7637000000080004000400000004000f0008001a8004000300682d1c80ac030580a8030080c1000100ee6a50b3594a50a8f7fae59a34ddd3b101371d06f3ed8f3a8f035f2577dba2279e14cf3d1c8fbd3ef4e7888e67850c98fda2218fcd3ed2e066f27f3d86905eea583b5a9cb90945de594f9c285f6005895ff4dac1bcfa98fb3cf3ce0fc5d7bf91148fe07eead49e8ec903b4c4e16f5aaaf55ad75566a97a88f549abe43754f6aca1b1d41336bd2b5fe0bae793ee078f7dd7a96fb4b1d8034d8f8ffe39fc95846ae959eb7085e717ac1034eff1817e8a7921ebf1af1b64ba7b56a6efd7ff000000480204800c000400090000000000000008000200040000000400050004000500200201805800018006000200050000000c00120003000000000000000c000d00070000000000000005000800040000000c000c8005000200040000000c000e00070000000000000008000400fdffffff0c00110003000000000000002c0001800c000d0004000000000000000c001100fcffffffffffffff05000800ce00000005000700f7000000500001800c000f004400000000000000050007003000000006000200ff0000000c001000fbffffffffffffff050006000900000008000300c15f00000c000d00ffffffffffffffff050007000800000020000180080004000000000008000400090000000c000d0006000000000000004c00018014000b8005000700090000000500050000000000310013002f7379732f6b65726e656c2f64656275672f706167655f7461626c65732f63757272656e745f6b65726e656c000000005800018005000800290000000800010002000000080009000000000008000100050000000c000f00070000000000000005000700050000000c000f00000000000000000014000c8005000a004000000005000b0003000000280001801c000b8005000800090000000500080006000000050001000600000005000500830000005c00018008000100060000003c000b8005000b00070000000500070004000000050007000d00000005000600020000000500090008000000050009000600000005000200df0000000c00120080bb0600000000000600020008000000040005000400050097000100dc56e548a9d297b9746eb6813b76b3ab11a76d4635d2251fd5cb6cb213eeee77319c75db9157686f50620c403076e30272b95a2eaf16d070de24934d14daec04b31f132a4bcf4ca6b0fc1d04fec8ebf2a8cd571bff56d0ccfacbcea5f0861278fb55bbbd0fee276c931904994277f1d600c64b329b5897fc0231b86696dcc2173f8de128a116fd1eb6708c2fbf2a5559cc715600f8290580101500800c020480040005000c00040001000000000000000c0004000300000000000000dc0101804c00018005000700040000002c000c80060003000600000005000900e000000005000800040000000600030008000000060003009600000008000a00870e00000c000d00090000000000000038000180090014002323252c23000000050008006f0000000c000d00060000000000000005000800380000000c001200fdffffffffffffff840001802c000b80050002000700000006000300080000000500060005000000050007000700000005000a00810000000500060009000000050005002000000008000900000400000c000d000100008000000000080009000000ffff080001000600000008000300060000000c00100002000000000000000c001200ff7f000000000000280001800500080006000000050008000000000005000800d30000000c000f00c1050000000000002000018006001400272b000008000100070000000c00120006000000000000005c0001800c00100000000000000000000c000e0000000000000000000c001300282d3a2f7b7b2b681c000b80050004000500000005000b000000000005000b000800000008000400040000000800010004000000060002000e0d000018000180050014005d0000000c000e0008000000000000001400018008000300080000000800090006000000080002000200000008000200ad000000041001006ef0e6093c7f35f426234c9a598c02947ade24fe8d584f7c69078f488c8cbb7fc226daa2cfafb36b402c5170d2d65a53f18a26a80e8a5a065b458b19e37a94f71f5dbd3f44cae33283a5623c2e325f50f9fdab4ece23323a553b8206ae5bfcae2bafea5fcd485ac459ab25691682fd1ed36baf9f63a7ff57f4ab1826141dd2af019c10a4374ec6ca47f5f1c7f415f08e251cd933a4d4a155fe46013cb5809d4e8a6bceee56948c2421359c382fdf0487061778c9cd965cd9ec6c48a35b7e4ad6845a00efec76f5cb2c18f1c0e3b94fb8a62bc8dc0218c6d9d1f86ab4036e784e3e352c0fcbd67ca94054fd4ae746a607c8f00fbd5dbb90579e418ba848a5b048e9e1502080b196fc1947fd6d205490e264c2f13b3443d1a317df2e209b95ef8a42c5a0a818a72f6fde36d53a135ab10bbacd07078b860e0fab3703582989307dd7617f2df0b226f8beed3e178ab4c0e3c82b7b8603adc04754c8a522cd6b0cd69950623d0ec29ab8d29d35bc7f8a3f069db8313bb40324011a18f52ccc44d568c50955b6c2e1faba3368a22d7d009be8f8e9f46f4ee3ad1bab8fd341877ba0fe0ac0b784973dfb4fdac96b7cc4c738d71ae6d073f37fea6514380799235b0998e807ad957ac4e81145820ffca592813a8393c3e192545e72b42349dfc4ec8a5a2fc9ff1dabd24009c7f34d138e094bbc04bc11f2ee468a2c81861b62dd8bbb807f5e662fa0ea36a0dcf66d7b0b62f787c0e70652421d057093b278cbfa0bab7e0fe66398405c68291002842c9c68296e1147e12f27fd8fab80c7151ce134e3946ae4ff54c78d4106ae631fb060a88bbd3cb3687036690d292d52414ee389672ed4af35b80538a2e76aa163ffafd00086b4bd4fef965d3e03bf61e5c1483a0a022d785b00eb686f642e6c88c7032698c6f2ebb264401ce756ffbe8185a811f8ba45b6283939321530c00ecb0173e7cc99fcb50f85a7ca78518a5dcf19d8c076648704459ebb4e44441139a21d1c2179dd0498a7103c7a1cddbc5ea9231a784182d79338fb30581fa667a6eb3df5b57ab07609fca4f14c283f50c93003942b57d527d2ab67867b6bac611dbf4a42e213c198f82734c6fdc3230d259ac9f956387be2c1d6f3c937e9328884735b844ac452aad8c266b1073539227bb6879a15b667a33e56ac06a3a6d0007d11fc63873cac8579a25c0f57e4e0473a0c675510f0759e8dd4e822cc6527702ac062a2736cccf1c5ea69fcd7dcb9c698c2fe959e5b424c55656797c5cd1d39959cf91bfa45c5cf357fe686f9771a9b31c5b15133a470277119a2166715a6443ed50c3a69f5c0e6c13d2ce6fa796af96630996d7fbd65ea5ef31d4742834beebf194ea417c7141cb840faa1df505f5c06656e62f1893ee65a4e69f2363450465f8b2724b560396ccb0386dedd73cb353be872b895b384702d8d94e2ec9c0208bc46f4cbcd0372bbf8459fe671e080e468b6e2a54b7afcc8458da2f9ae0e09a61c22405b7b90bb0fa5a2694828aa9e56d16438470fa5f41baaf56d39f211fd2d708f4590e5d1bb24b43045f390d027571be0ee881e08bb0aeba9434746f8c1d7b4b517c94d98b05ca5e01606283df8dae9f6bb6d4df27cb2555e2bc56401edbc4ac45e67be0d6c8a2d858c6527704de44fb27d2eff8fafa9cf894773c8ff257ebbe1255addf1e12490e24f0b249042f8868cb996a198ca701b79426488e2e30b5d66e06a6d067222394e897b864543acd4816288ae1af48c78b82c6211447fcbe5ce6994fbb77b2a98be8f86da8d340ec7e434381d6fa6f094043db9f30e34d9013c5c5a852faf3a80b3355f5b3d2660d8d61eb441318a77019601ed2bb5f1b98686d2041f287f947056c91c168cca684f403cb89cfe674f47a0d3c168ce1244420f5aedc2bf1cfd184ee7ba613162c75d732370e8bbf98dcf1bb6c05f3c3244166622d19bdfa0b332206f400b6905e6727eaf6e02c87a713298a94ef05bc57d4e447b05319f9d5474bc0f32fb9e236872d25e741e26b0abe1da8b300bf771cbf64b15056aab14294c2b999e57a847608a2336364a528f6ef878051c714b016db8e82f2d026d898f5a84751a4142a97cce5cfb7fc5b053c888a0e54e48a47fd848ce9c5cce73ea2a0c5e3f26d92be0b090971f9d386bdfed433bd5f69b80d172e4d31f9d2ede55672dc0ea37325d079b0a9baadc17ea190e2d9dfb77e2a62ce679267a367b554e42b8fb38e13e8a12f81ff4e8c48d5d0ed9e3d948005166d22af47665f118d66a3352ce7fb03533044d2db5c8f0a147304a8aac30d356643a1e0d523ff0745b76f2d36e0228a1df219afbf90c6d4c97a8e641d5191e4e14102208b2d92afebdd820149ce1d2f98eb297e2868c8aaa25bb4749e2f50144f9cc93f8b7624446d9"], 0x13288}, 0x1, 0x0, 0x0, 0x4000000}, 0x13) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) creat$auto(&(0x7f0000000680)='./file0\x00', 0x3) pipe$auto(&(0x7f0000000000)) socket(0x1d, 0x2, 0x7) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xffffffffffffffc0, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) prctl$auto(0x2f, 0x4, 0xd85, 0x1, 0x5) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub2/xrun_injection\x00', 0x2, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) uname$auto(0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/v4l-subdev3\x00', 0x0, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xc0305602, 0x38) write$auto(0xca, &(0x7f0000000040)='\x04>2\x0f\x00\x00\x96\x18am\xea\xf4\x1b\xf8', 0x7e) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x4, 0x4000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.655861037s ago: executing program 2 (id=1865): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="050725bd7000fbdbdf251c000000a34afc407b6c0578c658737d22f985a67fe1b9bf84cb29220b4b8f8b127830ae3aa08602cd95640918be3f46ed6fd1d8e0b14671f6"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ptp/ptp0/n_periodic_outputs\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/58, 0x3a) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) keyctl$auto_KEYCTL_PKEY_VERIFY(0x1c, 0x0, 0x0, 0x0, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x25, 0x5, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x8800}, 0x24004045) r5 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0x541b, 0xffffffffffffffff) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001640), r5) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) r7 = socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x401, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r8 = socket(0x2, 0x6, 0x0) getsockopt$auto(r8, 0x0, 0xe, 0x0, &(0x7f0000000000)=0x9) getsockopt$auto(r7, 0x84, 0x0, 0x0, 0x0) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f00000001c0)={0x1c, r6, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r3, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f00000034c0)={0xa0, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x8c, 0x1, 0x0, 0x1, [@nested={0x85, 0x2f, 0x0, 0x1, [@generic="8ac0eb3e572204a44edfe808d83c1f3ca60d0aaf0498e468d0359e24ad6369ac0fddce3df9fe6eb2a7e077bba8be9eed10fbfdbb3b85af6259249822e87f54ec3c1fe23fafe6936508203f5c297f1dc4a2a11fcb5743f2dbe3ccad76d627f720d762", @generic="2b4d02edce816134154a0f50376a72eb39", @nested={0x4, 0xf7}, @generic="2bb6aff7fd45", @typed={0x4, 0x119, 0x0, 0x0, @binary}]}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 1.279770754s ago: executing program 3 (id=1866): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x5, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2b, 0x1, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x3, 0x71) socket(0xa, 0x2, 0x88) setresuid$auto(0x0, 0x8, 0x8000) ioctl$auto(0x1, 0x8936, 0x8) socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(0x6, 0x1, 0x22, 0xfffffffffffffffe, 0x0) getsockopt$auto(r1, 0x11e, 0x1, 0xfffffffffffffffe, 0x0) write$auto(r0, &(0x7f00000000c0)=')]..$(\xbc:\x00\x0f\b!\x9b\xe3\a1\xac\xb9Mm\x04\xb7\x88\'\xae\x05\xf3\xeb\xf5\x0fkl\x81\x8bpLY\x80\x17\xa6|x\xbb\x0fy\xb5\x80\x10z\xea\xff\x10\xf5\xa0V\x7f\r\x16\x1dz\xd5\xbd\x81\xceSRY\x98\xf0\xd7a\xf0\xce\xe7\x82\x8b\xaaP/\x11\t-W\xae\b\xe5\x1b\xea\x04\xe1\xce\xbf|', 0x45c) 1.136675528s ago: executing program 3 (id=1868): mmap$auto(0x0, 0x100000005, 0xdf, 0x2000000000000eb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}}, 0x4000000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(0x0, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8003) write$auto(0x3, 0x0, 0x100082) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) setns(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="ea12e528ded30ff1309c8b1613007984cb"], 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x4000080) getgroups$auto(0x1, &(0x7f0000000100)=0xffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x4, 0x2, 0x4, 0x0, 0xfffffffffffffffa, 0x1, 0x0, 0x9, 0x7, 0x5}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) write$auto(r1, &(0x7f0000000000)='y\x8c', 0x2) quotactl_fd$auto(r0, 0x2, 0xee01, &(0x7f0000000380)="c7a34676508b060b6a2b") get_mempolicy$auto(&(0x7f0000000180)=0x6, &(0x7f0000000280)=0x5, 0xa6, 0xfff, 0x3) mmap$auto(0x400000000000, 0xe983, 0x2000000df, 0xeb1, 0x402, 0x8000) msgctl$auto_IPC_SET(0x7fffffff, 0x1, &(0x7f0000000680)={{0x1, 0x0, 0x0, 0xd46, 0x4, 0x8, 0x1}, &(0x7f0000000140)=0x6, &(0x7f00000001c0)=0x2, 0x8000000000000000, 0x81, 0x1, 0x401, 0xfffffffffffffffc, 0x6, 0xf89d, 0x4, @inferred, @raw=0x2}) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff) io_uring_setup$auto(0x4, &(0x7f0000000280)={0x1, 0xd, 0x800ef, 0x9, 0x0, 0x6, 0xffffffffffffffff, [0x7, 0xc, 0x4], {0x100, 0x4, 0x0, 0x2, 0x80007, 0x0, 0xfefffffa, 0x8, 0x23}, {0x2, 0x7, 0x1, 0x9010, 0x3, 0x7ffffff8, 0x1, 0x8, 0x6}}) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) prctl$auto(0x23, 0xe, 0x1ff, 0x68, 0x0) sendmsg$auto_WG_CMD_SET_DEVICE(r2, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="210026bd7000fedbdf250100000014000200776730000000000000000000000000000b000880002e023a69d4270094d206db42241cbf34337b97398198a9e10c635711eecf208700220164c665f416e1f8577ad082474cd45bfbcd3f9f455143704135310468b7e2e020abc93fee47585f74c9840da5f9c77f58dae6302376760ae518bb74f49b5a5a6fec53f98aea332c4d5c83bb0bf8d5324e3608dedd61c0fce20973adf1cba15f8d681992ce4347f66bbdf9ce660b6b295d8b3d95c12792d1f3c64450e0071eab469b87cd320b7835f43ba7"], 0x34}, 0x1, 0x0, 0x0, 0x4040094}, 0x80) 843.427629ms ago: executing program 3 (id=1869): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2400, 0x0) socket(0x1d, 0x2, 0x0) socket(0x11, 0x80003, 0x304) r0 = openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000001900)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x2, 0x0) readv$auto(r0, &(0x7f0000002840)={0x0, 0x7fffffff}, 0x6) setsockopt$auto(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb3, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0x7, 0x0, 0x7d, 0xfffffffffffffffd, 0xd4, 0x4, 0x4, 0x0, 0x1, 0x368e, 0x2, {0x100000400, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0x800a747, 0x0, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x12bc01, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socket(0xa, 0x3, 0x3a) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000003340)='/dev/sg0\x00', 0x202, 0x0) write$auto_sg_fops_sg(r3, &(0x7f0000003380)="b25b1a8c398ef400dbcbc7a996eea7f3804ca6c7591adef6578d2f5f520f687f316ba7329774c854d58309037c0ae2ae6eb53b1d", 0x34) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00'}) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) mount_setattr$auto(0x3, 0x0, 0x0, 0x0, 0xdec) clock_gettime$auto(0x9, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 840.874472ms ago: executing program 0 (id=1877): mmap$auto(0x0, 0x100000005, 0xdf, 0x2000000000000eb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}}, 0x4000000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(0x0, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8003) write$auto(0x3, 0x0, 0x100082) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) setns(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="ea12e528ded30ff1309c8b1613007984cb"], 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x4000080) getgroups$auto(0x1, &(0x7f0000000100)=0xffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x4, 0x2, 0x4, 0x0, 0xfffffffffffffffa, 0x1, 0x0, 0x9, 0x7, 0x5}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) write$auto(r1, &(0x7f0000000000)='y\x8c', 0x2) quotactl_fd$auto(r0, 0x2, 0xee01, &(0x7f0000000380)="c7a34676508b060b6a2b") get_mempolicy$auto(&(0x7f0000000180)=0x6, &(0x7f0000000280)=0x5, 0xa6, 0xfff, 0x3) mmap$auto(0x400000000000, 0xe983, 0x2000000df, 0xeb1, 0x402, 0x8000) msgctl$auto_IPC_SET(0x7fffffff, 0x1, &(0x7f0000000680)={{0x1, 0x0, 0x0, 0xd46, 0x4, 0x8, 0x1}, &(0x7f0000000140)=0x6, &(0x7f00000001c0)=0x2, 0x8000000000000000, 0x81, 0x1, 0x401, 0xfffffffffffffffc, 0x6, 0xf89d, 0x4, @inferred, @raw=0x2}) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff) io_uring_setup$auto(0x4, &(0x7f0000000280)={0x1, 0xd, 0x800ef, 0x9, 0x0, 0x6, 0xffffffffffffffff, [0x7, 0xc, 0x4], {0x100, 0x4, 0x0, 0x2, 0x80007, 0x0, 0xfefffffa, 0x8, 0x23}, {0x2, 0x7, 0x1, 0x9010, 0x3, 0x7ffffff8, 0x1, 0x8, 0x6}}) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) prctl$auto(0x23, 0xe, 0x1ff, 0x68, 0x0) sendmsg$auto_WG_CMD_SET_DEVICE(r2, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="210026bd7000fedbdf250100000014000200776730000000000000000000000000000b000880002e023a69d4270094d206db42241cbf34337b97398198a9e10c635711eecf208700220164c665f416e1f8577ad082474cd45bfbcd3f9f455143704135310468b7e2e020abc93fee47585f74c9840da5f9c77f58dae6302376760ae518bb74f49b5a5a6fec53f98aea332c4d5c83bb0bf8d5324e3608dedd61c0fce20973adf1cba15f8d681992ce4347f66bbdf9ce660b6b295d8b3d95c12792d1f3c64450e0071eab469b87cd320b7835f43ba7"], 0x34}, 0x1, 0x0, 0x0, 0x4040094}, 0x80) 694.005289ms ago: executing program 0 (id=1870): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/fs/suid_dumpable\x00', 0x1a9442, 0x0) write$auto(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) 649.044217ms ago: executing program 2 (id=1871): openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0xfff, 0x5, 0x10, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_7={@link_id=0xfffffffe, 0x0, 0x8}, 0xa3) bpf$auto(0x1, &(0x7f00000001c0)=@test={r0, 0x9, 0x2179, 0x40, 0x100000000, 0x8, 0x9, 0x3, 0x38a9, 0x4e2587dc, 0xc49, 0xfffffffffff7fff8, 0x6, 0xc0, 0x7}, 0x8001) ioctl$auto_EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x57, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) read$auto(r2, 0x0, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 485.333912ms ago: executing program 0 (id=1872): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pkey_free$auto(0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0) ioperm$auto(0x2, 0x3, 0x383a) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/profile\x00', 0x200000, 0x0) setsockopt$auto_SO_PASSPIDFD(r0, 0x3, 0x4c, &(0x7f00000000c0)='\x00', 0x3) mq_open$auto(0x0, 0xde8, 0xb, 0x0) mq_unlink$auto(0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x3b) socket(0x2, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYRES16=r1, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x400d0}, 0x404c054) write$auto(0xffffffffffffffff, &(0x7f0000000000)='/dev/input/event0\x00', 0x7fe) 245.964513ms ago: executing program 0 (id=1873): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/vulnerabilities/tsx_async_abort\x00', 0xa000, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x6, 0xfffffffffffffffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/snd_hda_intel/parameters/power_save\x00', 0x80002, 0x0) write$auto(r1, 0x0, 0x10001) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/ip_tables_matches\x00', 0x10b402, 0x0) socket(0x2, 0x801, 0x100) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, 0xffffffffffffffff, 0x4, 0x1ff, 0xffffffffffffffff, @relative_fd, 0xe600}, 0x6) connect$auto(0x3, &(0x7f00000000c0), 0x55) pread64$auto(r2, 0x0, 0x8100000041, 0x413e) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x4b000) 139.419009ms ago: executing program 0 (id=1874): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x7352, 0x41, 0x200000000065f, 0x401ffde, 0x7, 0x3, 0x2, 0x9, 0x3eb, 0x5, 0x2, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffb, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x2000000000000000, 0x2000, 0xfffffffffffffffd, 0xa, 0x70604ce7, 0x0, 0xfffffffffffffffd, 0x80000000, 0x3, 0x1, 0x4, 0x4, 0x800, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0xffffffff80000000, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x3fffffffff, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x5, 0x6, 0x0, 0xfffff]}, 0x9, 0xd) (async, rerun: 64) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async, rerun: 32) r0 = socket(0x10, 0x2, 0x0) (rerun: 32) sendmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x4, &(0x7f00000001c0), 0x5, 0xa505}, 0x800}, 0x7, 0x400c) 105.229239ms ago: executing program 2 (id=1875): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000005680)='/sys/kernel/debug/tracing/set_event\x00', 0x8000, 0x0) read$auto(0x3, 0x0, 0x400000) 46.235915ms ago: executing program 2 (id=1876): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000005680)='/sys/kernel/debug/tracing/set_event\x00', 0x8000, 0x0) read$auto(0x3, 0x0, 0x400000) (fail_nth: 2) 0s ago: executing program 0 (id=1878): setsockopt$auto_SO_DETACH_FILTER(0xffffffffffffffff, 0x6, 0x1b, 0x0, 0xf) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x101801, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x28, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf"], 0x14}}, 0x4000000) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0xa00, 0x948b, 0x2, 0xfffffffffffffffc, 0x6, 0x3, 0x300000010000000, 0x80000001, 0x5, 0x6d3c, 0x5, 0x2]}, 0x0) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(r1, 0x0, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 656][ T6992] ? may_open+0x1f2/0x400 [ 123.964686][ T6992] path_openat+0x1e88/0x2d80 [ 123.964734][ T6992] ? __pfx_path_openat+0x10/0x10 [ 123.964767][ T6992] ? __pfx___lock_acquire+0x10/0x10 [ 123.964796][ T6992] ? lock_acquire.part.0+0x11b/0x380 [ 123.964829][ T6992] ? find_held_lock+0x2d/0x110 [ 123.964858][ T6992] do_filp_open+0x20c/0x470 [ 123.964891][ T6992] ? __pfx_do_filp_open+0x10/0x10 [ 123.964922][ T6992] ? find_held_lock+0x2d/0x110 [ 123.964975][ T6992] ? alloc_fd+0x41f/0x760 [ 123.965019][ T6992] do_sys_openat2+0x17a/0x1e0 [ 123.965045][ T6992] ? __pfx_do_sys_openat2+0x10/0x10 [ 123.965086][ T6992] __x64_sys_openat+0x175/0x210 [ 123.965114][ T6992] ? __pfx___x64_sys_openat+0x10/0x10 [ 123.965156][ T6992] do_syscall_64+0xcd/0x250 [ 123.965190][ T6992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.965223][ T6992] RIP: 0033:0x7f2ae898cde9 [ 123.965242][ T6992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.965264][ T6992] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 123.965286][ T6992] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 123.965300][ T6992] RDX: 0000000000000001 RSI: 0000400000000040 RDI: ffffffffffffff9c [ 123.965314][ T6992] RBP: 00007f2ae8a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.965327][ T6992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.965339][ T6992] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 123.965373][ T6992] [ 124.627163][ T6992] syz.1.309: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 124.656768][ T6992] CPU: 0 UID: 0 PID: 6992 Comm: syz.1.309 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 124.656808][ T6992] Tainted: [U]=USER [ 124.656816][ T6992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 124.656830][ T6992] Call Trace: [ 124.656837][ T6992] [ 124.656847][ T6992] dump_stack_lvl+0x16c/0x1f0 [ 124.656886][ T6992] warn_alloc+0x24d/0x3a0 [ 124.656926][ T6992] ? __pfx_warn_alloc+0x10/0x10 [ 124.656967][ T6992] ? kfree+0x2c4/0x4d0 [ 124.657006][ T6992] ? __get_vm_area_node+0x1dc/0x2f0 [ 124.657046][ T6992] __vmalloc_node_range_noprof+0xd24/0x1530 [ 124.657080][ T6992] ? rcu_is_watching+0x12/0xc0 [ 124.657111][ T6992] ? tty_ldisc_lock+0x65/0xb0 [ 124.657140][ T6992] ? n_tty_open+0x1a/0x170 [ 124.657179][ T6992] ? __ldsem_down_write_nested+0x10f/0x8d0 [ 124.657216][ T6992] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 124.657260][ T6992] ? n_tty_open+0x1a/0x170 [ 124.657294][ T6992] vzalloc_noprof+0x6b/0x90 [ 124.657325][ T6992] ? n_tty_open+0x1a/0x170 [ 124.657356][ T6992] ? __pfx_n_tty_open+0x10/0x10 [ 124.657388][ T6992] n_tty_open+0x1a/0x170 [ 124.657419][ T6992] ? __pfx_n_tty_open+0x10/0x10 [ 124.657447][ T6992] tty_ldisc_open+0x9c/0x120 [ 124.657472][ T6992] tty_ldisc_setup+0x40/0x100 [ 124.657507][ T6992] tty_init_dev.part.0+0x1e7/0x660 [ 124.657542][ T6992] tty_open+0xac1/0xf80 [ 124.657567][ T6992] ? chrdev_open+0x10e/0x6a0 [ 124.657603][ T6992] ? __pfx_tty_open+0x10/0x10 [ 124.657631][ T6992] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 124.657654][ T6992] ? lock_acquire+0x2f/0xb0 [ 124.657682][ T6992] ? chrdev_open+0x80/0x6a0 [ 124.657719][ T6992] ? __pfx_tty_open+0x10/0x10 [ 124.657752][ T6992] chrdev_open+0x237/0x6a0 [ 124.657785][ T6992] ? __pfx_apparmor_file_open+0x10/0x10 [ 124.657813][ T6992] ? __pfx_chrdev_open+0x10/0x10 [ 124.657847][ T6992] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 124.657883][ T6992] do_dentry_open+0x735/0x1c40 [ 124.657912][ T6992] ? __pfx_chrdev_open+0x10/0x10 [ 124.657948][ T6992] ? inode_permission+0xdd/0x5f0 [ 124.657977][ T6992] vfs_open+0x82/0x3f0 [ 124.657999][ T6992] ? may_open+0x1f2/0x400 [ 124.658027][ T6992] path_openat+0x1e88/0x2d80 [ 124.658070][ T6992] ? __pfx_path_openat+0x10/0x10 [ 124.658100][ T6992] ? __pfx___lock_acquire+0x10/0x10 [ 124.658129][ T6992] ? lock_acquire.part.0+0x11b/0x380 [ 124.658159][ T6992] ? find_held_lock+0x2d/0x110 [ 124.658188][ T6992] do_filp_open+0x20c/0x470 [ 124.658222][ T6992] ? __pfx_do_filp_open+0x10/0x10 [ 124.658251][ T6992] ? find_held_lock+0x2d/0x110 [ 124.658303][ T6992] ? alloc_fd+0x41f/0x760 [ 124.658345][ T6992] do_sys_openat2+0x17a/0x1e0 [ 124.658370][ T6992] ? __pfx_do_sys_openat2+0x10/0x10 [ 124.658410][ T6992] __x64_sys_openat+0x175/0x210 [ 124.658437][ T6992] ? __pfx___x64_sys_openat+0x10/0x10 [ 124.658479][ T6992] do_syscall_64+0xcd/0x250 [ 124.658519][ T6992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.658552][ T6992] RIP: 0033:0x7f2ae898cde9 [ 124.658573][ T6992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.658595][ T6992] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 124.658618][ T6992] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 124.658635][ T6992] RDX: 0000000000000001 RSI: 0000400000000040 RDI: ffffffffffffff9c [ 124.658650][ T6992] RBP: 00007f2ae8a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 124.658664][ T6992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.658678][ T6992] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 124.658713][ T6992] [ 124.658811][ T6992] Mem-Info: [ 125.028623][ T6992] active_anon:9038 inactive_anon:0 isolated_anon:0 [ 125.028623][ T6992] active_file:7264 inactive_file:48017 isolated_file:0 [ 125.028623][ T6992] unevictable:768 dirty:319 writeback:0 [ 125.028623][ T6992] slab_reclaimable:10102 slab_unreclaimable:95303 [ 125.028623][ T6992] mapped:24328 shmem:1421 pagetables:801 [ 125.028623][ T6992] sec_pagetables:0 bounce:0 [ 125.028623][ T6992] kernel_misc_reclaimable:0 [ 125.028623][ T6992] free:1333593 free_pcp:2620 free_cma:0 [ 125.076999][ T6992] Node 0 active_anon:36152kB inactive_anon:0kB active_file:29056kB inactive_file:192060kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97412kB dirty:1276kB writeback:0kB shmem:4148kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10636kB pagetables:3204kB sec_pagetables:0kB all_unreclaimable? no [ 125.110921][ T6992] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 125.145107][ T6992] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 125.176066][ T6992] lowmem_reserve[]: 0 2487 2487 0 0 [ 125.181685][ T6992] Node 0 DMA32 free:1413188kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:36144kB inactive_anon:0kB active_file:29056kB inactive_file:191976kB unevictable:1536kB writepending:1276kB present:3129332kB managed:2547544kB mlocked:0kB bounce:0kB free_pcp:9904kB local_pcp:8764kB free_cma:0kB [ 125.223574][ T6992] lowmem_reserve[]: 0 0 0 0 0 [ 125.228769][ T6992] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:84kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 125.260845][ T6992] lowmem_reserve[]: 0 0 0 0 0 [ 125.265952][ T6992] Node 1 Normal free:3905272kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:1008kB local_pcp:504kB free_cma:0kB [ 125.302502][ T6992] lowmem_reserve[]: 0 0 0 0 0 [ 125.307626][ T6992] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 125.331510][ T6992] Node 0 DMA32: 3493*4kB (UM) 667*8kB (UME) 976*16kB (UME) 866*32kB (UME) 621*64kB (UME) 99*128kB (UME) 123*256kB (UM) 54*512kB (ME) 25*1024kB (UME) 10*2048kB (UME) 292*4096kB (M) = 1416300kB [ 125.355179][ T6992] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 125.371026][ T6992] Node 1 Normal: 18*4kB (UM) 50*8kB (UME) 36*16kB (UME) 231*32kB (UME) 120*64kB (UME) 32*128kB (UME) 18*256kB (UME) 5*512kB (UME) 3*1024kB (UE) 2*2048kB (UE) 945*4096kB (UM) = 3905272kB [ 125.391758][ T6992] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 125.402349][ T6992] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 125.412716][ T6992] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 125.422429][ T6992] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 125.431995][ T6992] 56702 total pagecache pages [ 125.436801][ T6992] 0 pages in swap cache [ 125.441009][ T6992] Free swap = 124792kB [ 125.445853][ T6992] Total swap = 124996kB [ 125.450038][ T6992] 2097051 pages RAM [ 125.453857][ T6992] 0 pages HighMem/MovableOnly [ 125.458772][ T6992] 428507 pages reserved [ 125.462943][ T6992] 0 pages cma reserved [ 125.467311][ T6992] tty tty17: ldisc open failed (-12), clearing slot 16 [ 125.743888][ T7014] can: request_module (can-proto-5) failed. [ 125.752558][ T7019] ubi: mtd0 is already attached to ubi0 [ 127.934705][ T7061] ubi: mtd0 is already attached to ubi0 [ 127.978372][ T7063] FAULT_INJECTION: forcing a failure. [ 127.978372][ T7063] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 127.999001][ T7063] CPU: 1 UID: 0 PID: 7063 Comm: syz.3.326 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 127.999039][ T7063] Tainted: [U]=USER [ 127.999047][ T7063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 127.999060][ T7063] Call Trace: [ 127.999068][ T7063] [ 127.999077][ T7063] dump_stack_lvl+0x16c/0x1f0 [ 127.999112][ T7063] should_fail_ex+0x50a/0x650 [ 127.999146][ T7063] ? __pfx___might_resched+0x10/0x10 [ 127.999184][ T7063] should_fail_alloc_page+0xe7/0x130 [ 127.999209][ T7063] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 127.999240][ T7063] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 127.999272][ T7063] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 127.999310][ T7063] ? unwind_get_return_address+0x59/0xa0 [ 127.999344][ T7063] ? arch_stack_walk+0xa7/0x100 [ 127.999374][ T7063] ? hlock_class+0x4e/0x130 [ 127.999398][ T7063] ? mark_lock+0xb5/0xc60 [ 127.999428][ T7063] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 127.999465][ T7063] ? __pfx_mark_lock+0x10/0x10 [ 127.999494][ T7063] ? __pfx_stack_trace_save+0x10/0x10 [ 127.999520][ T7063] ? stack_depot_save_flags+0x28/0x9c0 [ 127.999562][ T7063] ? kasan_save_stack+0x42/0x60 [ 127.999594][ T7063] ? kasan_save_stack+0x33/0x60 [ 127.999624][ T7063] ? kasan_save_track+0x14/0x30 [ 127.999651][ T7063] ? __kasan_slab_alloc+0x89/0x90 [ 127.999681][ T7063] ? kmem_cache_alloc_node_noprof+0x223/0x3c0 [ 127.999715][ T7063] ? alloc_vmap_area+0x636/0x2a60 [ 127.999739][ T7063] ? __get_vm_area_node+0x19e/0x2f0 [ 127.999765][ T7063] ? __vmalloc_node_range_noprof+0x26a/0x1530 [ 127.999795][ T7063] ? vzalloc_noprof+0x6b/0x90 [ 127.999823][ T7063] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.999862][ T7063] ? policy_nodemask+0xea/0x4e0 [ 127.999901][ T7063] alloc_pages_mpol+0x1fc/0x540 [ 127.999927][ T7063] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 127.999998][ T7063] ? __pfx___lock_acquire+0x10/0x10 [ 128.000036][ T7063] alloc_pages_noprof+0x131/0x390 [ 128.000060][ T7063] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 128.000091][ T7063] get_free_pages_noprof+0xc/0x40 [ 128.000115][ T7063] kasan_populate_vmalloc_pte+0x2d/0x160 [ 128.000146][ T7063] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 128.000177][ T7063] __apply_to_page_range+0x5fd/0xd30 [ 128.000213][ T7063] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 128.000250][ T7063] ? __pfx___apply_to_page_range+0x10/0x10 [ 128.000291][ T7063] ? insert_vmap_area+0x2ef/0x4d0 [ 128.000325][ T7063] alloc_vmap_area+0x93e/0x2a60 [ 128.000371][ T7063] ? __pfx_alloc_vmap_area+0x10/0x10 [ 128.000413][ T7063] __get_vm_area_node+0x19e/0x2f0 [ 128.000452][ T7063] __vmalloc_node_range_noprof+0x26a/0x1530 [ 128.000485][ T7063] ? n_tty_open+0x1a/0x170 [ 128.000519][ T7063] ? rcu_is_watching+0x12/0xc0 [ 128.000548][ T7063] ? tty_ldisc_lock+0x65/0xb0 [ 128.000575][ T7063] ? n_tty_open+0x1a/0x170 [ 128.000611][ T7063] ? __ldsem_down_write_nested+0x10f/0x8d0 [ 128.000647][ T7063] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 128.000692][ T7063] ? n_tty_open+0x1a/0x170 [ 128.000725][ T7063] vzalloc_noprof+0x6b/0x90 [ 128.000756][ T7063] ? n_tty_open+0x1a/0x170 [ 128.000786][ T7063] ? __pfx_n_tty_open+0x10/0x10 [ 128.000817][ T7063] n_tty_open+0x1a/0x170 [ 128.000848][ T7063] ? __pfx_n_tty_open+0x10/0x10 [ 128.000879][ T7063] tty_ldisc_open+0x9c/0x120 [ 128.000906][ T7063] tty_ldisc_setup+0x40/0x100 [ 128.000933][ T7063] tty_init_dev.part.0+0x1e7/0x660 [ 128.000967][ T7063] tty_open+0xac1/0xf80 [ 128.001003][ T7063] ? chrdev_open+0x10e/0x6a0 [ 128.001044][ T7063] ? __pfx_tty_open+0x10/0x10 [ 128.001073][ T7063] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 128.001096][ T7063] ? lock_acquire+0x2f/0xb0 [ 128.001127][ T7063] ? chrdev_open+0x80/0x6a0 [ 128.001163][ T7063] ? __pfx_tty_open+0x10/0x10 [ 128.001191][ T7063] chrdev_open+0x237/0x6a0 [ 128.001221][ T7063] ? __pfx_apparmor_file_open+0x10/0x10 [ 128.001248][ T7063] ? __pfx_chrdev_open+0x10/0x10 [ 128.001287][ T7063] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 128.001323][ T7063] do_dentry_open+0x735/0x1c40 [ 128.001355][ T7063] ? __pfx_chrdev_open+0x10/0x10 [ 128.001388][ T7063] ? inode_permission+0xdd/0x5f0 [ 128.001416][ T7063] vfs_open+0x82/0x3f0 [ 128.001438][ T7063] ? may_open+0x1f2/0x400 [ 128.001468][ T7063] path_openat+0x1e88/0x2d80 [ 128.001515][ T7063] ? __pfx_path_openat+0x10/0x10 [ 128.001548][ T7063] ? __pfx___lock_acquire+0x10/0x10 [ 128.001577][ T7063] ? lock_acquire.part.0+0x11b/0x380 [ 128.001608][ T7063] ? find_held_lock+0x2d/0x110 [ 128.001638][ T7063] do_filp_open+0x20c/0x470 [ 128.001671][ T7063] ? __pfx_do_filp_open+0x10/0x10 [ 128.001701][ T7063] ? find_held_lock+0x2d/0x110 [ 128.001752][ T7063] ? alloc_fd+0x41f/0x760 [ 128.001795][ T7063] do_sys_openat2+0x17a/0x1e0 [ 128.001842][ T7063] ? __pfx_do_sys_openat2+0x10/0x10 [ 128.001883][ T7063] __x64_sys_openat+0x175/0x210 [ 128.001907][ T7063] ? __pfx___x64_sys_openat+0x10/0x10 [ 128.001947][ T7063] do_syscall_64+0xcd/0x250 [ 128.001980][ T7063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.002023][ T7063] RIP: 0033:0x7f345f58cde9 [ 128.002044][ T7063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.002065][ T7063] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 128.002088][ T7063] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 128.002104][ T7063] RDX: 0000000000000001 RSI: 0000400000000040 RDI: ffffffffffffff9c [ 128.002120][ T7063] RBP: 00007f345f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 128.002134][ T7063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.002148][ T7063] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 128.002182][ T7063] [ 128.002236][ T7063] tty tty17: ldisc open failed (-12), clearing slot 16 [ 129.625401][ T7087] size and base must be multiples of 4 kiB [ 129.644724][ T7087] CPU: 0 UID: 0 PID: 7087 Comm: syz.3.333 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 129.644764][ T7087] Tainted: [U]=USER [ 129.644772][ T7087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 129.644786][ T7087] Call Trace: [ 129.644794][ T7087] [ 129.644803][ T7087] dump_stack_lvl+0x16c/0x1f0 [ 129.644839][ T7087] mtrr_add+0xdf/0x110 [ 129.644872][ T7087] mtrr_ioctl+0x7f1/0xcf0 [ 129.644904][ T7087] ? __pfx_mtrr_ioctl+0x10/0x10 [ 129.644938][ T7087] ? __pfx_lock_release+0x10/0x10 [ 129.644984][ T7087] ? __fget_files+0x206/0x3a0 [ 129.645017][ T7087] ? __pfx_mtrr_ioctl+0x10/0x10 [ 129.645048][ T7087] proc_reg_unlocked_ioctl+0x226/0x320 [ 129.645090][ T7087] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 129.645130][ T7087] __x64_sys_ioctl+0x190/0x200 [ 129.645163][ T7087] do_syscall_64+0xcd/0x250 [ 129.645199][ T7087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.645230][ T7087] RIP: 0033:0x7f345f58cde9 [ 129.645248][ T7087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.645269][ T7087] RSP: 002b:00007f3460303038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 129.645290][ T7087] RAX: ffffffffffffffda RBX: 00007f345f7a6160 RCX: 00007f345f58cde9 [ 129.645305][ T7087] RDX: 0000000000000006 RSI: 00000000400c4d01 RDI: 0000000000000006 [ 129.645317][ T7087] RBP: 00007f345f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 129.645331][ T7087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.645345][ T7087] R13: 0000000000000000 R14: 00007f345f7a6160 R15: 00007fff414c3758 [ 129.645372][ T7087] [ 129.895358][ T7088] can: request_module (can-proto-5) failed. [ 131.014805][ T7111] ubi: mtd0 is already attached to ubi0 [ 132.785644][ T7141] size and base must be multiples of 4 kiB [ 132.802423][ T7141] CPU: 0 UID: 0 PID: 7141 Comm: syz.0.346 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 132.802464][ T7141] Tainted: [U]=USER [ 132.802472][ T7141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 132.802487][ T7141] Call Trace: [ 132.802495][ T7141] [ 132.802504][ T7141] dump_stack_lvl+0x16c/0x1f0 [ 132.802541][ T7141] mtrr_add+0xdf/0x110 [ 132.802573][ T7141] mtrr_ioctl+0x7f1/0xcf0 [ 132.802606][ T7141] ? __pfx_mtrr_ioctl+0x10/0x10 [ 132.802637][ T7141] ? __pfx_lock_release+0x10/0x10 [ 132.802682][ T7141] ? __fget_files+0x206/0x3a0 [ 132.802717][ T7141] ? __pfx_mtrr_ioctl+0x10/0x10 [ 132.802747][ T7141] proc_reg_unlocked_ioctl+0x226/0x320 [ 132.802782][ T7141] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 132.802820][ T7141] __x64_sys_ioctl+0x190/0x200 [ 132.802852][ T7141] do_syscall_64+0xcd/0x250 [ 132.802895][ T7141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.802929][ T7141] RIP: 0033:0x7f63c358cde9 [ 132.802948][ T7141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.802975][ T7141] RSP: 002b:00007f63c431b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 132.802997][ T7141] RAX: ffffffffffffffda RBX: 00007f63c37a5fa0 RCX: 00007f63c358cde9 [ 132.803014][ T7141] RDX: 0000000000000006 RSI: 00000000400c4d01 RDI: 0000000000000006 [ 132.803028][ T7141] RBP: 00007f63c360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 132.803043][ T7141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 132.803057][ T7141] R13: 0000000000000000 R14: 00007f63c37a5fa0 R15: 00007ffc4940fcd8 [ 132.803088][ T7141] [ 133.174122][ T8] Process accounting resumed [ 133.303623][ T7153] ubi: mtd0 is already attached to ubi0 [ 134.498140][ T7175] can: request_module (can-proto-5) failed. [ 135.647795][ T7202] ubi: mtd0 is already attached to ubi0 [ 136.281278][ T1221] Process accounting resumed [ 136.650076][ T7231] svc: failed to register nfsdv3 RPC service (errno 111). [ 136.655073][ T7234] Invalid ELF header magic: != ELF [ 136.664168][ T7237] ubi: mtd0 is already attached to ubi0 [ 136.698083][ T7234] FAULT_INJECTION: forcing a failure. [ 136.698083][ T7234] name failslab, interval 1, probability 0, space 0, times 0 [ 136.714794][ T7231] svc: failed to register nfsaclv3 RPC service (errno 111). [ 136.725444][ T7234] CPU: 1 UID: 0 PID: 7234 Comm: syz.1.371 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 136.725476][ T7234] Tainted: [U]=USER [ 136.725484][ T7234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 136.725495][ T7234] Call Trace: [ 136.725500][ T7234] [ 136.725508][ T7234] dump_stack_lvl+0x16c/0x1f0 [ 136.725541][ T7234] should_fail_ex+0x50a/0x650 [ 136.725579][ T7234] ? fs_reclaim_acquire+0xae/0x150 [ 136.725606][ T7234] ? tomoyo_encode2+0x100/0x3e0 [ 136.725631][ T7234] should_failslab+0xc2/0x120 [ 136.725653][ T7234] __kmalloc_noprof+0xcb/0x510 [ 136.725683][ T7234] ? d_absolute_path+0x137/0x1b0 [ 136.725711][ T7234] tomoyo_encode2+0x100/0x3e0 [ 136.725745][ T7234] tomoyo_encode+0x29/0x50 [ 136.725773][ T7234] tomoyo_realpath_from_path+0x19d/0x720 [ 136.725814][ T7234] tomoyo_path_number_perm+0x248/0x590 [ 136.725839][ T7234] ? tomoyo_path_number_perm+0x235/0x590 [ 136.725869][ T7234] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 136.725931][ T7234] ? _raw_spin_unlock+0x28/0x50 [ 136.725954][ T7234] ? d_splice_alias+0x4d4/0xf50 [ 136.725988][ T7234] ? kernfs_iop_lookup+0x28e/0x330 [ 136.726021][ T7234] ? get_current_fs_domain+0x184/0x1f0 [ 136.726053][ T7234] tomoyo_path_mkdir+0x9c/0xe0 [ 136.726085][ T7234] ? __pfx_tomoyo_path_mkdir+0x10/0x10 [ 136.726129][ T7234] security_path_mkdir+0x154/0x2f0 [ 136.726158][ T7234] do_mkdirat+0x176/0x3a0 [ 136.726193][ T7234] ? __pfx_do_mkdirat+0x10/0x10 [ 136.726228][ T7234] ? getname_flags.part.0+0x1c5/0x550 [ 136.726258][ T7234] __x64_sys_mkdir+0xef/0x140 [ 136.726291][ T7234] do_syscall_64+0xcd/0x250 [ 136.726322][ T7234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.726353][ T7234] RIP: 0033:0x7f2ae898cde9 [ 136.726372][ T7234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.726392][ T7234] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 136.726414][ T7234] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 136.726429][ T7234] RDX: 0000000000000000 RSI: 00000000000003ff RDI: 0000400000000000 [ 136.726443][ T7234] RBP: 00007f2ae9773090 R08: 0000000000000000 R09: 0000000000000000 [ 136.726456][ T7234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.726469][ T7234] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 136.726502][ T7234] [ 136.726522][ T7234] ERROR: Out of memory at tomoyo_realpath_from_path. [ 137.147793][ T7235] openvswitch: netlink: Message has 29 unknown bytes. [ 138.174913][ T7270] ubi: mtd0 is already attached to ubi0 [ 138.512279][ T7275] Invalid ELF header magic: != ELF [ 139.343705][ T7297] netlink: 24 bytes leftover after parsing attributes in process `syz.0.390'. [ 139.380453][ T7300] FAULT_INJECTION: forcing a failure. [ 139.380453][ T7300] name failslab, interval 1, probability 0, space 0, times 0 [ 139.393419][ T7300] CPU: 1 UID: 0 PID: 7300 Comm: syz.3.391 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 139.393451][ T7300] Tainted: [U]=USER [ 139.393459][ T7300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 139.393471][ T7300] Call Trace: [ 139.393479][ T7300] [ 139.393488][ T7300] dump_stack_lvl+0x16c/0x1f0 [ 139.393522][ T7300] should_fail_ex+0x50a/0x650 [ 139.393556][ T7300] ? fs_reclaim_acquire+0xae/0x150 [ 139.393588][ T7300] should_failslab+0xc2/0x120 [ 139.393610][ T7300] __kmalloc_node_noprof+0xd1/0x510 [ 139.393645][ T7300] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 139.393680][ T7300] __kvmalloc_node_noprof+0xad/0x1a0 [ 139.393713][ T7300] io_alloc_cache_init+0x33/0x170 [ 139.393744][ T7300] io_uring_setup+0x60b/0x2200 [ 139.393771][ T7300] ? __pfx_io_uring_setup+0x10/0x10 [ 139.393799][ T7300] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 139.393832][ T7300] ? __fget_files+0x206/0x3a0 [ 139.393873][ T7300] ? ksys_write+0x1ba/0x250 [ 139.393903][ T7300] ? __pfx_ksys_write+0x10/0x10 [ 139.393940][ T7300] __x64_sys_io_uring_setup+0x98/0x140 [ 139.393966][ T7300] do_syscall_64+0xcd/0x250 [ 139.393996][ T7300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.394027][ T7300] RIP: 0033:0x7f345f58cde9 [ 139.394046][ T7300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.394066][ T7300] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 139.394088][ T7300] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 139.394103][ T7300] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 139.394116][ T7300] RBP: 00007f3460345090 R08: 0000000000000000 R09: 0000000000000000 [ 139.394130][ T7300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 139.394143][ T7300] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 139.394172][ T7300] [ 139.394832][ T7298] netlink: 24 bytes leftover after parsing attributes in process `syz.0.390'. [ 139.788293][ T7309] ubi: mtd0 is already attached to ubi0 [ 141.476918][ T7346] ubi: mtd0 is already attached to ubi0 [ 141.951023][ T7356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.408'. [ 143.076493][ T7396] ubi: mtd0 is already attached to ubi0 [ 144.466596][ T7428] FAULT_INJECTION: forcing a failure. [ 144.466596][ T7428] name failslab, interval 1, probability 0, space 0, times 0 [ 144.497632][ T7428] CPU: 0 UID: 0 PID: 7428 Comm: syz.3.427 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 144.497670][ T7428] Tainted: [U]=USER [ 144.497678][ T7428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 144.497690][ T7428] Call Trace: [ 144.497697][ T7428] [ 144.497706][ T7428] dump_stack_lvl+0x16c/0x1f0 [ 144.497740][ T7428] should_fail_ex+0x50a/0x650 [ 144.497772][ T7428] ? fs_reclaim_acquire+0xae/0x150 [ 144.497803][ T7428] should_failslab+0xc2/0x120 [ 144.497826][ T7428] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 144.497861][ T7428] ? __alloc_skb+0x2b1/0x380 [ 144.497894][ T7428] __alloc_skb+0x2b1/0x380 [ 144.497922][ T7428] ? __pfx___alloc_skb+0x10/0x10 [ 144.497950][ T7428] ? inet_diag_rcv_msg_compat+0x1b5/0x2d0 [ 144.497981][ T7428] ? __pfx_lock_release+0x10/0x10 [ 144.498017][ T7428] ? trace_lock_acquire+0x14e/0x1f0 [ 144.498048][ T7428] netlink_ack+0x15f/0xb80 [ 144.498086][ T7428] netlink_rcv_skb+0x348/0x440 [ 144.498115][ T7428] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 144.498143][ T7428] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 144.498189][ T7428] ? netlink_deliver_tap+0x1ae/0xd30 [ 144.498223][ T7428] netlink_unicast+0x53c/0x7f0 [ 144.498256][ T7428] ? __pfx_netlink_unicast+0x10/0x10 [ 144.498286][ T7428] ? __phys_addr_symbol+0x30/0x80 [ 144.498309][ T7428] ? __check_object_size+0x488/0x710 [ 144.498336][ T7428] netlink_sendmsg+0x8b8/0xd70 [ 144.498369][ T7428] ? __pfx_netlink_sendmsg+0x10/0x10 [ 144.498409][ T7428] ____sys_sendmsg+0xaaf/0xc90 [ 144.498434][ T7428] ? copy_msghdr_from_user+0x10b/0x160 [ 144.498465][ T7428] ? __pfx_____sys_sendmsg+0x10/0x10 [ 144.498505][ T7428] ___sys_sendmsg+0x135/0x1e0 [ 144.498538][ T7428] ? __pfx____sys_sendmsg+0x10/0x10 [ 144.498582][ T7428] ? __pfx_lock_release+0x10/0x10 [ 144.498611][ T7428] ? trace_lock_acquire+0x14e/0x1f0 [ 144.498647][ T7428] ? __fget_files+0x206/0x3a0 [ 144.498687][ T7428] __sys_sendmsg+0x16e/0x220 [ 144.498719][ T7428] ? __pfx___sys_sendmsg+0x10/0x10 [ 144.498771][ T7428] do_syscall_64+0xcd/0x250 [ 144.498801][ T7428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.498832][ T7428] RIP: 0033:0x7f345f58cde9 [ 144.498850][ T7428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.498871][ T7428] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 144.498893][ T7428] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 144.498908][ T7428] RDX: 0000000000040000 RSI: 0000400000000240 RDI: 0000000000000003 [ 144.498922][ T7428] RBP: 00007f3460345090 R08: 0000000000000000 R09: 0000000000000000 [ 144.498936][ T7428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.498950][ T7428] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 144.498980][ T7428] [ 145.003252][ T7442] ubi: mtd0 is already attached to ubi0 [ 146.794656][ T7469] syz.3.438 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 146.963373][ T7481] ubi: mtd0 is already attached to ubi0 [ 149.240937][ T7527] ubi: mtd0 is already attached to ubi0 [ 149.503189][ T7532] netlink: 28 bytes leftover after parsing attributes in process `syz.0.454'. [ 149.552790][ T7532] veth0_to_bond: entered promiscuous mode [ 150.537782][ T7565] ubi: mtd0 is already attached to ubi0 [ 151.638197][ T7598] netlink: 244 bytes leftover after parsing attributes in process `syz.0.472'. [ 152.037884][ T7612] ubi: mtd0 is already attached to ubi0 [ 152.779428][ T7624] FAULT_INJECTION: forcing a failure. [ 152.779428][ T7624] name failslab, interval 1, probability 0, space 0, times 0 [ 152.841699][ T7624] CPU: 1 UID: 0 PID: 7624 Comm: syz.1.477 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 152.841736][ T7624] Tainted: [U]=USER [ 152.841743][ T7624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 152.841755][ T7624] Call Trace: [ 152.841761][ T7624] [ 152.841770][ T7624] dump_stack_lvl+0x16c/0x1f0 [ 152.841803][ T7624] should_fail_ex+0x50a/0x650 [ 152.841840][ T7624] should_failslab+0xc2/0x120 [ 152.841861][ T7624] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 152.841895][ T7624] ? __alloc_skb+0x2b1/0x380 [ 152.841932][ T7624] __alloc_skb+0x2b1/0x380 [ 152.841958][ T7624] ? __pfx___alloc_skb+0x10/0x10 [ 152.841984][ T7624] ? hlock_class+0x4e/0x130 [ 152.842007][ T7624] ? mark_lock+0xb5/0xc60 [ 152.842034][ T7624] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 152.842058][ T7624] ? stack_depot_save_flags+0x38f/0x9c0 [ 152.842094][ T7624] sctp_ulpevent_make_assoc_change+0x75a/0x9c0 [ 152.842129][ T7624] sctp_sf_do_9_2_final+0x321/0x800 [ 152.842162][ T7624] ? __pfx_sctp_cname+0x10/0x10 [ 152.842184][ T7624] sctp_do_sm+0x17f/0x5c90 [ 152.842221][ T7624] ? __lock_acquire+0x15a9/0x3c40 [ 152.842255][ T7624] ? __pfx_sctp_do_sm+0x10/0x10 [ 152.842289][ T7624] ? hlock_class+0x4e/0x130 [ 152.842342][ T7624] ? mark_held_locks+0x9f/0xe0 [ 152.842381][ T7624] ? ktime_get+0x200/0x310 [ 152.842405][ T7624] ? lockdep_hardirqs_on+0x7c/0x110 [ 152.842433][ T7624] sctp_assoc_bh_rcv+0x392/0x6f0 [ 152.842469][ T7624] sctp_inq_push+0x1d8/0x270 [ 152.842497][ T7624] sctp_backlog_rcv+0x169/0x590 [ 152.842534][ T7624] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 152.842567][ T7624] __release_sock+0x35f/0x400 [ 152.842597][ T7624] ? release_sock+0x21/0x220 [ 152.842628][ T7624] ? __pfx_sctp_shutdown+0x10/0x10 [ 152.842654][ T7624] release_sock+0x5a/0x220 [ 152.842682][ T7624] ? __pfx_sctp_shutdown+0x10/0x10 [ 152.842706][ T7624] inet_shutdown+0x1e3/0x440 [ 152.842738][ T7624] __sys_shutdown+0x113/0x1a0 [ 152.842770][ T7624] __x64_sys_shutdown+0x53/0x80 [ 152.842799][ T7624] do_syscall_64+0xcd/0x250 [ 152.842828][ T7624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.842858][ T7624] RIP: 0033:0x7f2ae898cde9 [ 152.842877][ T7624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.842897][ T7624] RSP: 002b:00007f2ae9752038 EFLAGS: 00000246 ORIG_RAX: 0000000000000030 [ 152.842918][ T7624] RAX: ffffffffffffffda RBX: 00007f2ae8ba6080 RCX: 00007f2ae898cde9 [ 152.842932][ T7624] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000200000003 [ 152.842944][ T7624] RBP: 00007f2ae9752090 R08: 0000000000000000 R09: 0000000000000000 [ 152.842956][ T7624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 152.842968][ T7624] R13: 0000000000000001 R14: 00007f2ae8ba6080 R15: 00007fffb63a8da8 [ 152.842996][ T7624] [ 154.078389][ T7650] ubi: mtd0 is already attached to ubi0 [ 154.639989][ T7663] netlink: 244 bytes leftover after parsing attributes in process `syz.3.490'. [ 155.732312][ T7680] ubi: mtd0 is already attached to ubi0 [ 155.814652][ T7665] FAULT_INJECTION: forcing a failure. [ 155.814652][ T7665] name failslab, interval 1, probability 0, space 0, times 0 [ 155.827917][ T7665] CPU: 1 UID: 0 PID: 7665 Comm: syz.3.491 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 155.827955][ T7665] Tainted: [U]=USER [ 155.827962][ T7665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 155.827976][ T7665] Call Trace: [ 155.827984][ T7665] [ 155.827995][ T7665] dump_stack_lvl+0x16c/0x1f0 [ 155.828032][ T7665] should_fail_ex+0x50a/0x650 [ 155.828070][ T7665] ? fs_reclaim_acquire+0xae/0x150 [ 155.828104][ T7665] should_failslab+0xc2/0x120 [ 155.828128][ T7665] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 155.828165][ T7665] ? security_inode_alloc+0x3b/0x2b0 [ 155.828197][ T7665] security_inode_alloc+0x3b/0x2b0 [ 155.828233][ T7665] inode_init_always_gfp+0xce4/0x1030 [ 155.828275][ T7665] alloc_inode+0x82/0x230 [ 155.828300][ T7665] iget_locked+0x2ee/0x8a0 [ 155.828325][ T7665] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 155.828366][ T7665] ? __pfx_iget_locked+0x10/0x10 [ 155.828390][ T7665] ? kernfs_iop_lookup+0xa3/0x330 [ 155.828441][ T7665] kernfs_get_inode+0x48/0x460 [ 155.828473][ T7665] kernfs_iop_lookup+0x1ec/0x330 [ 155.828508][ T7665] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 155.828541][ T7665] lookup_open.isra.0+0x4d9/0x1580 [ 155.828580][ T7665] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 155.828619][ T7665] ? path_openat+0x88a/0x2d80 [ 155.828663][ T7665] ? lookup_fast+0x153/0x5f0 [ 155.828698][ T7665] path_openat+0x904/0x2d80 [ 155.828746][ T7665] ? __pfx_path_openat+0x10/0x10 [ 155.828779][ T7665] ? __pfx___lock_acquire+0x10/0x10 [ 155.828809][ T7665] ? lock_acquire.part.0+0x11b/0x380 [ 155.828841][ T7665] ? find_held_lock+0x2d/0x110 [ 155.828870][ T7665] do_filp_open+0x20c/0x470 [ 155.828903][ T7665] ? __pfx_do_filp_open+0x10/0x10 [ 155.828934][ T7665] ? find_held_lock+0x2d/0x110 [ 155.828984][ T7665] ? alloc_fd+0x41f/0x760 [ 155.829028][ T7665] do_sys_openat2+0x17a/0x1e0 [ 155.829053][ T7665] ? __pfx_do_sys_openat2+0x10/0x10 [ 155.829093][ T7665] __x64_sys_openat+0x175/0x210 [ 155.829119][ T7665] ? __pfx___x64_sys_openat+0x10/0x10 [ 155.829161][ T7665] do_syscall_64+0xcd/0x250 [ 155.829193][ T7665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.829232][ T7665] RIP: 0033:0x7f345f58cde9 [ 155.829252][ T7665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.829275][ T7665] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 155.829299][ T7665] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 155.829315][ T7665] RDX: 0000000000000000 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 155.829331][ T7665] RBP: 00007f345f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 155.829347][ T7665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.829362][ T7665] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 155.829396][ T7665] [ 156.841971][ T7697] netlink: 244 bytes leftover after parsing attributes in process `syz.1.500'. [ 157.881090][ T7717] ubi: mtd0 is already attached to ubi0 [ 158.238463][ T7726] netlink: 28 bytes leftover after parsing attributes in process `syz.3.509'. [ 158.247673][ T7726] bridge_slave_1: left allmulticast mode [ 158.253356][ T7726] bridge_slave_1: left promiscuous mode [ 158.261270][ T7726] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.280247][ T7726] bridge_slave_0: left allmulticast mode [ 158.300844][ T7726] bridge_slave_0: left promiscuous mode [ 158.322029][ T7726] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.749304][ T7721] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 158.756198][ T7721] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 158.772775][ T7721] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 158.782232][ T7721] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 158.790080][ T7721] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 158.796259][ T7721] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 158.803512][ T7721] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 158.811590][ T7721] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 158.818141][ T7721] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 158.827504][ T7721] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 158.834771][ T7721] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 158.840947][ T7721] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 158.848025][ T7721] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 159.948493][ T7747] FAULT_INJECTION: forcing a failure. [ 159.948493][ T7747] name failslab, interval 1, probability 0, space 0, times 0 [ 159.962597][ T7747] CPU: 0 UID: 0 PID: 7747 Comm: syz.1.511 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 159.962650][ T7747] Tainted: [U]=USER [ 159.962658][ T7747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 159.962671][ T7747] Call Trace: [ 159.962679][ T7747] [ 159.962688][ T7747] dump_stack_lvl+0x16c/0x1f0 [ 159.962725][ T7747] should_fail_ex+0x50a/0x650 [ 159.962761][ T7747] ? fs_reclaim_acquire+0xae/0x150 [ 159.962794][ T7747] should_failslab+0xc2/0x120 [ 159.962817][ T7747] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 159.962852][ T7747] ? security_inode_alloc+0x3b/0x2b0 [ 159.962882][ T7747] security_inode_alloc+0x3b/0x2b0 [ 159.962909][ T7747] inode_init_always_gfp+0xce4/0x1030 [ 159.962948][ T7747] alloc_inode+0x82/0x230 [ 159.962972][ T7747] iget_locked+0x2ee/0x8a0 [ 159.962995][ T7747] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 159.963036][ T7747] ? __pfx_iget_locked+0x10/0x10 [ 159.963060][ T7747] ? kernfs_iop_lookup+0xa3/0x330 [ 159.963109][ T7747] kernfs_get_inode+0x48/0x460 [ 159.963141][ T7747] kernfs_iop_lookup+0x1ec/0x330 [ 159.963176][ T7747] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 159.963208][ T7747] lookup_open.isra.0+0x4d9/0x1580 [ 159.963251][ T7747] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 159.963286][ T7747] ? path_openat+0x88a/0x2d80 [ 159.963326][ T7747] ? lookup_fast+0x153/0x5f0 [ 159.963358][ T7747] path_openat+0x904/0x2d80 [ 159.963403][ T7747] ? __pfx_path_openat+0x10/0x10 [ 159.963433][ T7747] ? __pfx___lock_acquire+0x10/0x10 [ 159.963467][ T7747] ? lock_acquire.part.0+0x11b/0x380 [ 159.963498][ T7747] ? find_held_lock+0x2d/0x110 [ 159.963526][ T7747] do_filp_open+0x20c/0x470 [ 159.963561][ T7747] ? __pfx_do_filp_open+0x10/0x10 [ 159.963592][ T7747] ? find_held_lock+0x2d/0x110 [ 159.963643][ T7747] ? alloc_fd+0x41f/0x760 [ 159.963687][ T7747] do_sys_openat2+0x17a/0x1e0 [ 159.963715][ T7747] ? __pfx_do_sys_openat2+0x10/0x10 [ 159.963753][ T7747] __x64_sys_openat+0x175/0x210 [ 159.963776][ T7747] ? __pfx___x64_sys_openat+0x10/0x10 [ 159.963814][ T7747] do_syscall_64+0xcd/0x250 [ 159.963846][ T7747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.963878][ T7747] RIP: 0033:0x7f2ae898cde9 [ 159.963897][ T7747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.963919][ T7747] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 159.963942][ T7747] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 159.963958][ T7747] RDX: 0000000000000000 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 159.963973][ T7747] RBP: 00007f2ae8a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 159.963987][ T7747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.964001][ T7747] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 159.964033][ T7747] [ 160.267115][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 160.375171][ T7771] ubi: mtd0 is already attached to ubi0 [ 160.815805][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 160.821955][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 160.896511][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 161.134545][ T7798] ubi: mtd0 is already attached to ubi0 [ 162.336543][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 162.405530][ T7810] FAULT_INJECTION: forcing a failure. [ 162.405530][ T7810] name failslab, interval 1, probability 0, space 0, times 0 [ 162.432311][ T7810] CPU: 1 UID: 0 PID: 7810 Comm: syz.2.532 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 162.432366][ T7810] Tainted: [U]=USER [ 162.432375][ T7810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 162.432388][ T7810] Call Trace: [ 162.432396][ T7810] [ 162.432405][ T7810] dump_stack_lvl+0x16c/0x1f0 [ 162.432441][ T7810] should_fail_ex+0x50a/0x650 [ 162.432488][ T7810] ? fs_reclaim_acquire+0xae/0x150 [ 162.432523][ T7810] should_failslab+0xc2/0x120 [ 162.432547][ T7810] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 162.432585][ T7810] ? security_inode_alloc+0x3b/0x2b0 [ 162.432617][ T7810] security_inode_alloc+0x3b/0x2b0 [ 162.432645][ T7810] inode_init_always_gfp+0xce4/0x1030 [ 162.432685][ T7810] alloc_inode+0x82/0x230 [ 162.432707][ T7810] iget_locked+0x2ee/0x8a0 [ 162.432731][ T7810] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 162.432772][ T7810] ? __pfx_iget_locked+0x10/0x10 [ 162.432796][ T7810] ? kernfs_iop_lookup+0xa3/0x330 [ 162.432847][ T7810] kernfs_get_inode+0x48/0x460 [ 162.432879][ T7810] kernfs_iop_lookup+0x1ec/0x330 [ 162.432915][ T7810] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 162.432947][ T7810] lookup_open.isra.0+0x4d9/0x1580 [ 162.432986][ T7810] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 162.433023][ T7810] ? path_openat+0x88a/0x2d80 [ 162.433069][ T7810] ? lookup_fast+0x153/0x5f0 [ 162.433100][ T7810] path_openat+0x904/0x2d80 [ 162.433142][ T7810] ? __pfx_path_openat+0x10/0x10 [ 162.433172][ T7810] ? __pfx___lock_acquire+0x10/0x10 [ 162.433200][ T7810] ? lock_acquire.part.0+0x11b/0x380 [ 162.433231][ T7810] ? find_held_lock+0x2d/0x110 [ 162.433264][ T7810] do_filp_open+0x20c/0x470 [ 162.433300][ T7810] ? __pfx_do_filp_open+0x10/0x10 [ 162.433333][ T7810] ? find_held_lock+0x2d/0x110 [ 162.433385][ T7810] ? alloc_fd+0x41f/0x760 [ 162.433428][ T7810] do_sys_openat2+0x17a/0x1e0 [ 162.433461][ T7810] ? __pfx_do_sys_openat2+0x10/0x10 [ 162.433502][ T7810] __x64_sys_openat+0x175/0x210 [ 162.433530][ T7810] ? __pfx___x64_sys_openat+0x10/0x10 [ 162.433572][ T7810] do_syscall_64+0xcd/0x250 [ 162.433605][ T7810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.433639][ T7810] RIP: 0033:0x7f23f118cde9 [ 162.433660][ T7810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.433682][ T7810] RSP: 002b:00007f23f1f65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 162.433710][ T7810] RAX: ffffffffffffffda RBX: 00007f23f13a5fa0 RCX: 00007f23f118cde9 [ 162.433727][ T7810] RDX: 0000000000000000 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 162.433743][ T7810] RBP: 00007f23f120e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 162.433758][ T7810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.433772][ T7810] R13: 0000000000000000 R14: 00007f23f13a5fa0 R15: 00007ffd964d06c8 [ 162.433804][ T7810] [ 162.891006][ T7844] ubi: mtd0 is already attached to ubi0 [ 162.898193][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 162.905266][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 162.976991][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 164.418185][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 164.979669][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 164.985755][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 165.057878][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 166.498945][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 166.551711][ T7885] ubi: mtd0 is already attached to ubi0 [ 168.566677][ T7931] ubi: mtd0 is already attached to ubi0 [ 170.116470][ T7962] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 170.142770][ T7962] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 170.167584][ T7962] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 170.178336][ T7962] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 170.187943][ T7962] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 171.328703][ T7985] ubi: mtd0 is already attached to ubi0 [ 172.182381][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.188469][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.194819][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.261505][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 174.262737][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 174.368663][ T8029] ubi: mtd0 is already attached to ubi0 [ 176.519109][ T8066] ubi: mtd0 is already attached to ubi0 [ 178.691119][ T8099] netlink: 338 bytes leftover after parsing attributes in process `syz.2.602'. [ 179.623021][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 179.647135][ T8072] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 179.832056][ T8072] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 179.839565][ T8072] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 179.852573][ T8072] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 179.859107][ T8072] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 180.432358][ T8126] ubi: mtd0 is already attached to ubi0 [ 181.494470][ T8152] FAULT_INJECTION: forcing a failure. [ 181.494470][ T8152] name failslab, interval 1, probability 0, space 0, times 0 [ 181.543264][ T8152] CPU: 1 UID: 0 PID: 8152 Comm: syz.0.615 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 181.543307][ T8152] Tainted: [U]=USER [ 181.543314][ T8152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 181.543330][ T8152] Call Trace: [ 181.543337][ T8152] [ 181.543348][ T8152] dump_stack_lvl+0x16c/0x1f0 [ 181.543380][ T8152] should_fail_ex+0x50a/0x650 [ 181.543413][ T8152] ? fs_reclaim_acquire+0xae/0x150 [ 181.543444][ T8152] ? pagemap_read+0x29c/0x880 [ 181.543472][ T8152] should_failslab+0xc2/0x120 [ 181.543494][ T8152] __kmalloc_cache_noprof+0x68/0x410 [ 181.543524][ T8152] ? bpf_lsm_capable+0x9/0x10 [ 181.543547][ T8152] ? security_capable+0x7e/0x260 [ 181.543586][ T8152] pagemap_read+0x29c/0x880 [ 181.543621][ T8152] ? __pfx_pagemap_read+0x10/0x10 [ 181.543654][ T8152] ? iov_iter_advance+0x1e3/0x6c0 [ 181.543676][ T8152] ? rw_verify_area+0xcf/0x680 [ 181.543704][ T8152] ? __pfx_pagemap_read+0x10/0x10 [ 181.543732][ T8152] vfs_readv+0x6c2/0x8a0 [ 181.543757][ T8152] ? fdget_pos+0x267/0x390 [ 181.543797][ T8152] ? __pfx_vfs_readv+0x10/0x10 [ 181.543822][ T8152] ? __mutex_lock+0x1cc/0xb10 [ 181.543847][ T8152] ? find_held_lock+0x2d/0x110 [ 181.543879][ T8152] ? __pfx___mutex_lock+0x10/0x10 [ 181.543905][ T8152] ? trace_lock_acquire+0x14e/0x1f0 [ 181.543942][ T8152] ? __fget_files+0x206/0x3a0 [ 181.543982][ T8152] ? do_readv+0x133/0x340 [ 181.544007][ T8152] do_readv+0x133/0x340 [ 181.544034][ T8152] ? __pfx_do_readv+0x10/0x10 [ 181.544071][ T8152] do_syscall_64+0xcd/0x250 [ 181.544100][ T8152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.544129][ T8152] RIP: 0033:0x7f63c358cde9 [ 181.544147][ T8152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.544166][ T8152] RSP: 002b:00007f63c431b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 181.544187][ T8152] RAX: ffffffffffffffda RBX: 00007f63c37a5fa0 RCX: 00007f63c358cde9 [ 181.544205][ T8152] RDX: 000000000000000d RSI: 0000400000000140 RDI: 0000000000000003 [ 181.544219][ T8152] RBP: 00007f63c431b090 R08: 0000000000000000 R09: 0000000000000000 [ 181.544232][ T8152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.544245][ T8152] R13: 0000000000000000 R14: 00007f63c37a5fa0 R15: 00007ffc4940fcd8 [ 181.544282][ T8152] [ 181.920272][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 181.926380][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 181.932439][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 181.939512][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 183.435272][ T8160] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 183.451574][ T8160] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 183.461613][ T8160] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 183.482107][ T8160] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 183.489460][ T8160] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 184.559652][ T8215] ubi: mtd0 is already attached to ubi0 [ 184.673954][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 184.729316][ T8218] loop6: detected capacity change from 0 to 8 [ 185.462960][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.553052][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.559134][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 186.738490][ T8264] ubi: mtd0 is already attached to ubi0 [ 186.754071][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 187.723410][ T8256] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 187.754277][ T8256] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 187.787359][ T8256] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 187.820953][ T8256] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 187.835543][ T8256] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 189.063015][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 189.793182][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 189.871225][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 189.871351][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 190.182734][ T8324] ubi: mtd0 is already attached to ubi0 [ 191.143851][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 194.083771][ T8378] ubi: mtd0 is already attached to ubi0 [ 200.146829][ T8502] FAULT_INJECTION: forcing a failure. [ 200.146829][ T8502] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 200.285052][ T8502] CPU: 0 UID: 0 PID: 8502 Comm: syz.2.698 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 200.285092][ T8502] Tainted: [U]=USER [ 200.285099][ T8502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 200.285112][ T8502] Call Trace: [ 200.285120][ T8502] [ 200.285129][ T8502] dump_stack_lvl+0x16c/0x1f0 [ 200.285162][ T8502] should_fail_ex+0x50a/0x650 [ 200.285202][ T8502] _copy_from_iter+0x2a1/0x1560 [ 200.285227][ T8502] ? trace_lock_acquire+0x14e/0x1f0 [ 200.285254][ T8502] ? __alloc_skb+0x1fe/0x380 [ 200.285285][ T8502] ? __pfx__copy_from_iter+0x10/0x10 [ 200.285307][ T8502] ? __virt_addr_valid+0x1a4/0x590 [ 200.285337][ T8502] ? __virt_addr_valid+0x5e/0x590 [ 200.285361][ T8502] ? __phys_addr_symbol+0x30/0x80 [ 200.285383][ T8502] ? __check_object_size+0x488/0x710 [ 200.285410][ T8502] netlink_sendmsg+0x813/0xd70 [ 200.285446][ T8502] ? __pfx_netlink_sendmsg+0x10/0x10 [ 200.285488][ T8502] __sys_sendto+0x488/0x4f0 [ 200.285518][ T8502] ? __pfx___sys_sendto+0x10/0x10 [ 200.285544][ T8502] ? reacquire_held_locks+0x20b/0x4c0 [ 200.285576][ T8502] ? do_user_addr_fault+0xdc7/0x13f0 [ 200.285646][ T8502] __x64_sys_sendto+0xe0/0x1c0 [ 200.285674][ T8502] ? do_syscall_64+0x91/0x250 [ 200.285701][ T8502] ? lockdep_hardirqs_on+0x7c/0x110 [ 200.285727][ T8502] do_syscall_64+0xcd/0x250 [ 200.285757][ T8502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.285788][ T8502] RIP: 0033:0x7f23f118ec7c [ 200.285807][ T8502] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 200.285829][ T8502] RSP: 002b:00007f23f1f63ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 200.285851][ T8502] RAX: ffffffffffffffda RBX: 00007f23f1f63fc0 RCX: 00007f23f118ec7c [ 200.285867][ T8502] RDX: 0000000000000020 RSI: 00007f23f1f64010 RDI: 0000000000000004 [ 200.285881][ T8502] RBP: 0000000000000000 R08: 00007f23f1f63f14 R09: 000000000000000c [ 200.285894][ T8502] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 200.285908][ T8502] R13: 00007f23f1f63f68 R14: 00007f23f1f64010 R15: 0000000000000000 [ 200.285938][ T8502] [ 204.831954][ T8596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.720'. [ 207.035658][ T8647] netlink: 342 bytes leftover after parsing attributes in process `syz.0.732'. [ 208.489770][ T8678] FAULT_INJECTION: forcing a failure. [ 208.489770][ T8678] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 208.503353][ T8678] CPU: 0 UID: 0 PID: 8678 Comm: syz.2.739 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 208.503389][ T8678] Tainted: [U]=USER [ 208.503396][ T8678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 208.503409][ T8678] Call Trace: [ 208.503416][ T8678] [ 208.503426][ T8678] dump_stack_lvl+0x16c/0x1f0 [ 208.503459][ T8678] should_fail_ex+0x50a/0x650 [ 208.503498][ T8678] _copy_from_user+0x2e/0xd0 [ 208.503523][ T8678] blkdev_common_ioctl+0xefc/0x2220 [ 208.503545][ T8678] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 208.503571][ T8678] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 208.503607][ T8678] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 208.503632][ T8678] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 208.503679][ T8678] ? trace_lock_acquire+0x14e/0x1f0 [ 208.503712][ T8678] blkdev_ioctl+0x1cd/0x6d0 [ 208.503731][ T8678] ? __pfx_blkdev_ioctl+0x10/0x10 [ 208.503749][ T8678] ? __fget_files+0x206/0x3a0 [ 208.503781][ T8678] ? __pfx_blkdev_ioctl+0x10/0x10 [ 208.503802][ T8678] __x64_sys_ioctl+0x190/0x200 [ 208.503830][ T8678] do_syscall_64+0xcd/0x250 [ 208.503857][ T8678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.503885][ T8678] RIP: 0033:0x7f23f118cde9 [ 208.503902][ T8678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.503922][ T8678] RSP: 002b:00007f23f1f65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 208.503942][ T8678] RAX: ffffffffffffffda RBX: 00007f23f13a5fa0 RCX: 00007f23f118cde9 [ 208.503956][ T8678] RDX: 0000000000000000 RSI: 0000000000001277 RDI: 0000000000000004 [ 208.503969][ T8678] RBP: 00007f23f1f65090 R08: 0000000000000000 R09: 0000000000000000 [ 208.503982][ T8678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.503996][ T8678] R13: 0000000000000000 R14: 00007f23f13a5fa0 R15: 00007ffd964d06c8 [ 208.504023][ T8678] [ 210.849690][ T8718] mtrr: base(0x1000) is not aligned on a size(0x4000000) boundary [ 214.794662][ T8816] FAULT_INJECTION: forcing a failure. [ 214.794662][ T8816] name failslab, interval 1, probability 0, space 0, times 0 [ 214.808371][ T8816] CPU: 0 UID: 0 PID: 8816 Comm: syz.3.776 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 214.808401][ T8816] Tainted: [U]=USER [ 214.808407][ T8816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 214.808418][ T8816] Call Trace: [ 214.808424][ T8816] [ 214.808432][ T8816] dump_stack_lvl+0x16c/0x1f0 [ 214.808463][ T8816] should_fail_ex+0x50a/0x650 [ 214.808494][ T8816] ? fs_reclaim_acquire+0xae/0x150 [ 214.808522][ T8816] should_failslab+0xc2/0x120 [ 214.808543][ T8816] __kmalloc_node_noprof+0xd1/0x510 [ 214.808572][ T8816] ? __pfx_aa_file_perm+0x10/0x10 [ 214.808598][ T8816] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 214.808643][ T8816] __kvmalloc_node_noprof+0xad/0x1a0 [ 214.808671][ T8816] seq_read_iter+0x82a/0x12b0 [ 214.808699][ T8816] ? __mutex_trylock_common+0xea/0x250 [ 214.808735][ T8816] kernfs_fop_read_iter+0x414/0x580 [ 214.808757][ T8816] ? rw_verify_area+0xcf/0x680 [ 214.808785][ T8816] vfs_read+0x886/0xbf0 [ 214.808815][ T8816] ? __pfx_vfs_read+0x10/0x10 [ 214.808857][ T8816] ksys_read+0x12b/0x250 [ 214.808883][ T8816] ? __pfx_ksys_read+0x10/0x10 [ 214.808919][ T8816] do_syscall_64+0xcd/0x250 [ 214.808949][ T8816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.808978][ T8816] RIP: 0033:0x7f345f58cde9 [ 214.808996][ T8816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.809017][ T8816] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 214.809039][ T8816] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 214.809055][ T8816] RDX: 00000000000000d5 RSI: 0000400000000140 RDI: 0000000000000003 [ 214.809069][ T8816] RBP: 00007f3460345090 R08: 0000000000000000 R09: 0000000000000000 [ 214.809083][ T8816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 214.809096][ T8816] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 214.809127][ T8816] [ 217.353873][ T8873] netlink: 28 bytes leftover after parsing attributes in process `syz.0.792'. [ 217.696807][ T8890] HfR: entered promiscuous mode [ 218.338227][ T8916] netlink: 32 bytes leftover after parsing attributes in process `syz.0.803'. [ 218.365998][ T8916] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 220.291133][ T8958] FAULT_INJECTION: forcing a failure. [ 220.291133][ T8958] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 220.371697][ T8958] CPU: 1 UID: 0 PID: 8958 Comm: syz.1.813 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 220.371734][ T8958] Tainted: [U]=USER [ 220.371741][ T8958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 220.371754][ T8958] Call Trace: [ 220.371760][ T8958] [ 220.371769][ T8958] dump_stack_lvl+0x16c/0x1f0 [ 220.371801][ T8958] should_fail_ex+0x50a/0x650 [ 220.371838][ T8958] _copy_to_iter+0x2a1/0x1560 [ 220.371864][ T8958] ? chacha_block_generic+0x18a/0x270 [ 220.371898][ T8958] ? __pfx__copy_to_iter+0x10/0x10 [ 220.371925][ T8958] ? lockdep_hardirqs_on+0x7c/0x110 [ 220.371950][ T8958] ? crng_make_state+0x48e/0x6d0 [ 220.371985][ T8958] get_random_bytes_user+0x180/0x3c0 [ 220.372019][ T8958] ? __pfx_get_random_bytes_user+0x10/0x10 [ 220.372055][ T8958] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 220.372091][ T8958] ? import_ubuf+0x1b6/0x220 [ 220.372114][ T8958] __x64_sys_getrandom+0x184/0x290 [ 220.372148][ T8958] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 220.372194][ T8958] do_syscall_64+0xcd/0x250 [ 220.372230][ T8958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.372260][ T8958] RIP: 0033:0x7f2ae898cde9 [ 220.372279][ T8958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.372301][ T8958] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 220.372323][ T8958] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 220.372338][ T8958] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 220.372351][ T8958] RBP: 00007f2ae9773090 R08: 0000000000000000 R09: 0000000000000000 [ 220.372365][ T8958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 220.372378][ T8958] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 220.372408][ T8958] [ 222.076962][ T8998] FAULT_INJECTION: forcing a failure. [ 222.076962][ T8998] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 222.125468][ T9008] HfR: entered promiscuous mode [ 222.191226][ T8998] CPU: 0 UID: 0 PID: 8998 Comm: syz.1.823 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 222.191264][ T8998] Tainted: [U]=USER [ 222.191272][ T8998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 222.191284][ T8998] Call Trace: [ 222.191292][ T8998] [ 222.191302][ T8998] dump_stack_lvl+0x16c/0x1f0 [ 222.191336][ T8998] should_fail_ex+0x50a/0x650 [ 222.191382][ T8998] _copy_to_user+0x32/0xd0 [ 222.191410][ T8998] simple_read_from_buffer+0xd0/0x160 [ 222.191444][ T8998] proc_fail_nth_read+0x198/0x270 [ 222.191473][ T8998] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 222.191504][ T8998] ? rw_verify_area+0xcf/0x680 [ 222.191532][ T8998] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 222.191561][ T8998] vfs_read+0x1df/0xbf0 [ 222.191592][ T8998] ? __fget_files+0x1fc/0x3a0 [ 222.191625][ T8998] ? __pfx___mutex_lock+0x10/0x10 [ 222.191652][ T8998] ? __pfx_vfs_read+0x10/0x10 [ 222.191691][ T8998] ? __fget_files+0x206/0x3a0 [ 222.191734][ T8998] ksys_read+0x12b/0x250 [ 222.191763][ T8998] ? __pfx_ksys_read+0x10/0x10 [ 222.191804][ T8998] do_syscall_64+0xcd/0x250 [ 222.191835][ T8998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.191866][ T8998] RIP: 0033:0x7f2ae898b7fc [ 222.191886][ T8998] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 222.191908][ T8998] RSP: 002b:00007f2ae9773030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 222.191931][ T8998] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898b7fc [ 222.191947][ T8998] RDX: 000000000000000f RSI: 00007f2ae97730a0 RDI: 0000000000000004 [ 222.191961][ T8998] RBP: 00007f2ae9773090 R08: 0000000000000000 R09: 0000000000000000 [ 222.191976][ T8998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 222.191990][ T8998] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 222.192022][ T8998] [ 222.248793][ T9008] netlink: 12 bytes leftover after parsing attributes in process `syz.3.825'. [ 222.397123][ T9008] HfR: left promiscuous mode [ 222.399564][ T9010] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 224.236815][ T9060] openvswitch: HfR: Dropping previously announced user features [ 224.262292][ T9060] netlink: 12 bytes leftover after parsing attributes in process `syz.1.839'. [ 224.282208][ T9060] HfR: left promiscuous mode [ 224.356149][ T9071] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 224.786317][ T9073] can: request_module (can-proto-0) failed. [ 225.730488][ T9102] FAULT_INJECTION: forcing a failure. [ 225.730488][ T9102] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 225.743839][ T9102] CPU: 1 UID: 0 PID: 9102 Comm: syz.1.848 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 225.743873][ T9102] Tainted: [U]=USER [ 225.743880][ T9102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 225.743893][ T9102] Call Trace: [ 225.743900][ T9102] [ 225.743909][ T9102] dump_stack_lvl+0x16c/0x1f0 [ 225.743942][ T9102] should_fail_ex+0x50a/0x650 [ 225.743975][ T9102] ? shmem_get_folio_gfp+0x315/0x1530 [ 225.744000][ T9102] ? page_copy_sane+0xcd/0x2d0 [ 225.744037][ T9102] copy_page_from_iter_atomic+0x39f/0x1920 [ 225.744080][ T9102] ? __pfx_copy_page_from_iter_atomic+0x10/0x10 [ 225.744113][ T9102] ? shmem_write_begin+0x177/0x300 [ 225.744140][ T9102] ? __pfx_fault_in_readable+0x10/0x10 [ 225.744170][ T9102] ? __pfx_shmem_write_begin+0x10/0x10 [ 225.744208][ T9102] generic_perform_write+0x4a1/0x920 [ 225.744247][ T9102] ? __pfx_generic_perform_write+0x10/0x10 [ 225.744276][ T9102] ? inode_needs_update_time.part.0+0x191/0x270 [ 225.744322][ T9102] shmem_file_write_iter+0x10e/0x140 [ 225.744356][ T9102] vfs_write+0x5ae/0x1150 [ 225.744387][ T9102] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 225.744420][ T9102] ? __pfx___mutex_lock+0x10/0x10 [ 225.744448][ T9102] ? __pfx_vfs_write+0x10/0x10 [ 225.744502][ T9102] ksys_write+0x12b/0x250 [ 225.744531][ T9102] ? __pfx_ksys_write+0x10/0x10 [ 225.744572][ T9102] do_syscall_64+0xcd/0x250 [ 225.744603][ T9102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.744634][ T9102] RIP: 0033:0x7f2ae898cde9 [ 225.744653][ T9102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.744674][ T9102] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 225.744695][ T9102] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 225.744711][ T9102] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000004 [ 225.744725][ T9102] RBP: 00007f2ae9773090 R08: 0000000000000000 R09: 0000000000000000 [ 225.744739][ T9102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.744752][ T9102] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 225.744786][ T9102] [ 226.550627][ T9119] HfR: entered promiscuous mode [ 226.561390][ T9123] FAULT_INJECTION: forcing a failure. [ 226.561390][ T9123] name failslab, interval 1, probability 0, space 0, times 0 [ 226.576830][ T9123] CPU: 1 UID: 0 PID: 9123 Comm: syz.1.854 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 226.576862][ T9123] Tainted: [U]=USER [ 226.576868][ T9123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 226.576878][ T9123] Call Trace: [ 226.576885][ T9123] [ 226.576894][ T9123] dump_stack_lvl+0x16c/0x1f0 [ 226.576926][ T9123] should_fail_ex+0x50a/0x650 [ 226.576958][ T9123] ? fs_reclaim_acquire+0xae/0x150 [ 226.576989][ T9123] ? shrinker_alloc+0xfb/0xbb0 [ 226.577022][ T9123] should_failslab+0xc2/0x120 [ 226.577044][ T9123] __kmalloc_cache_noprof+0x68/0x410 [ 226.577082][ T9123] shrinker_alloc+0xfb/0xbb0 [ 226.577113][ T9123] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 226.577140][ T9123] ? rcu_is_watching+0x12/0xc0 [ 226.577165][ T9123] ? __pfx_shrinker_alloc+0x10/0x10 [ 226.577194][ T9123] ? lockdep_init_map_type+0x16d/0x7d0 [ 226.577224][ T9123] ? lockdep_init_map_type+0x16d/0x7d0 [ 226.577258][ T9123] ? __raw_spin_lock_init+0x3a/0x110 [ 226.577291][ T9123] ? __init_rwsem+0x12d/0x1b0 [ 226.577328][ T9123] alloc_super+0x7cc/0xbd0 [ 226.577361][ T9123] ? __pfx_test_keyed_super+0x10/0x10 [ 226.577386][ T9123] sget_fc+0x116/0xc20 [ 226.577414][ T9123] ? __pfx_set_anon_super_fc+0x10/0x10 [ 226.577442][ T9123] ? __pfx_nfsd_fill_super+0x10/0x10 [ 226.577472][ T9123] get_tree_keyed+0x59/0x1d0 [ 226.577503][ T9123] vfs_get_tree+0x8b/0x340 [ 226.577528][ T9123] path_mount+0x14e6/0x1f10 [ 226.577564][ T9123] ? kmem_cache_free+0x2e2/0x4d0 [ 226.577594][ T9123] ? __pfx_path_mount+0x10/0x10 [ 226.577631][ T9123] ? putname+0x13c/0x180 [ 226.577657][ T9123] __x64_sys_mount+0x28f/0x310 [ 226.577690][ T9123] ? __pfx___x64_sys_mount+0x10/0x10 [ 226.577732][ T9123] do_syscall_64+0xcd/0x250 [ 226.577760][ T9123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.577790][ T9123] RIP: 0033:0x7f2ae898cde9 [ 226.577808][ T9123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.577829][ T9123] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 226.577851][ T9123] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 226.577866][ T9123] RDX: 0000400000000140 RSI: 00004000000000c0 RDI: 0000000000000000 [ 226.577880][ T9123] RBP: 00007f2ae9773090 R08: 0000000000000000 R09: 0000000000000000 [ 226.577894][ T9123] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002 [ 226.577907][ T9123] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 226.577938][ T9123] [ 226.596487][ T9119] netlink: 12 bytes leftover after parsing attributes in process `syz.2.852'. [ 226.717554][ T9127] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 226.942309][ T9119] HfR: left promiscuous mode [ 227.180636][ T9139] can: request_module (can-proto-0) failed. [ 227.918573][ T9154] netlink: 186 bytes leftover after parsing attributes in process `syz.2.861'. [ 231.730800][ T9237] can: request_module (can-proto-0) failed. [ 232.583167][ T9257] ucma_write: process 687 (syz.1.883) changed security contexts after opening file descriptor, this is not allowed. [ 233.614787][ T9241] lo: entered allmulticast mode [ 234.088457][ T9232] lo: left allmulticast mode [ 238.521407][ T9342] lo: entered allmulticast mode [ 238.883600][ T9336] lo: left allmulticast mode [ 243.669789][ T9470] netlink: 186 bytes leftover after parsing attributes in process `syz.1.929'. [ 243.859214][ T9462] lo: entered allmulticast mode [ 244.499641][ T9442] lo: left allmulticast mode [ 245.406620][ T9502] ubi: mtd0 is already attached to ubi0 [ 247.106294][ T9540] netlink: 186 bytes leftover after parsing attributes in process `syz.3.944'. [ 249.974510][ T9623] netlink: 'syz.3.966': attribute type 2 has an invalid length. [ 249.990793][ T9623] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.966'. [ 251.379590][ T9659] cgroup: fork rejected by pids controller in /syz0 [ 253.260338][ T29] audit: type=1800 audit(6035014686.632:2): pid=9793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.992" name="discovery_nqn" dev="configfs" ino=23756 res=0 errno=0 [ 256.481604][ T9870] FAULT_INJECTION: forcing a failure. [ 256.481604][ T9870] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 256.528031][ T9870] CPU: 1 UID: 0 PID: 9870 Comm: syz.1.1013 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 256.528069][ T9870] Tainted: [U]=USER [ 256.528077][ T9870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 256.528090][ T9870] Call Trace: [ 256.528096][ T9870] [ 256.528106][ T9870] dump_stack_lvl+0x16c/0x1f0 [ 256.528139][ T9870] should_fail_ex+0x50a/0x650 [ 256.528178][ T9870] _copy_from_user+0x2e/0xd0 [ 256.528203][ T9870] copy_msghdr_from_user+0x99/0x160 [ 256.528234][ T9870] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 256.528264][ T9870] ? __lock_acquire+0xcc5/0x3c40 [ 256.528299][ T9870] ? hlock_class+0x4e/0x130 [ 256.528322][ T9870] ? __lock_acquire+0x15a9/0x3c40 [ 256.528358][ T9870] ___sys_sendmsg+0xff/0x1e0 [ 256.528391][ T9870] ? __pfx____sys_sendmsg+0x10/0x10 [ 256.528418][ T9870] ? __pfx___lock_acquire+0x10/0x10 [ 256.528477][ T9870] ? __pfx___might_resched+0x10/0x10 [ 256.528510][ T9870] ? __might_fault+0xe3/0x190 [ 256.528538][ T9870] __sys_sendmmsg+0x201/0x420 [ 256.528580][ T9870] ? __pfx___sys_sendmmsg+0x10/0x10 [ 256.528622][ T9870] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 256.528663][ T9870] ? fput+0x67/0x440 [ 256.528686][ T9870] ? ksys_write+0x1ba/0x250 [ 256.528716][ T9870] ? __pfx_ksys_write+0x10/0x10 [ 256.528751][ T9870] __x64_sys_sendmmsg+0x9c/0x100 [ 256.528782][ T9870] ? lockdep_hardirqs_on+0x7c/0x110 [ 256.528806][ T9870] do_syscall_64+0xcd/0x250 [ 256.528836][ T9870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.528866][ T9870] RIP: 0033:0x7f2ae898cde9 [ 256.528884][ T9870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.528905][ T9870] RSP: 002b:00007f2ae9752038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 256.528927][ T9870] RAX: ffffffffffffffda RBX: 00007f2ae8ba6080 RCX: 00007f2ae898cde9 [ 256.528943][ T9870] RDX: 0000000000000003 RSI: 0000400000000080 RDI: 0000000000000003 [ 256.528957][ T9870] RBP: 00007f2ae9752090 R08: 0000000000000000 R09: 0000000000000000 [ 256.528971][ T9870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 256.528984][ T9870] R13: 0000000000000000 R14: 00007f2ae8ba6080 R15: 00007fffb63a8da8 [ 256.529014][ T9870] [ 259.868499][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1029'. [ 259.877920][ T9925] random: crng reseeded on system resumption [ 260.800264][ T9943] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 260.919632][ T9943] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 261.079753][ T9935] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 261.113006][ T9935] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 262.877670][ T9957] netlink: 'syz.0.1047': attribute type 11 has an invalid length. [ 262.888850][ T9957] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1047'. [ 262.899360][ T9957] ipvlan1: entered allmulticast mode [ 262.905421][ T9957] veth0_vlan: entered allmulticast mode [ 270.149493][T10089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1072'. [ 270.211232][T10070] netlink: 'syz.1.1066': attribute type 11 has an invalid length. [ 270.605801][T10070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1066'. [ 270.616406][T10070] ipvlan1: entered allmulticast mode [ 270.621831][T10070] veth0_vlan: entered allmulticast mode [ 271.047140][T10095] random: crng reseeded on system resumption [ 274.277474][T10161] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 274.284990][T10161] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 274.296817][T10161] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 274.305109][T10161] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 275.610735][T10195] random: crng reseeded on system resumption [ 285.476744][T10395] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1155'. [ 286.867402][T10433] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1165'. [ 288.145118][T10467] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1175'. [ 289.226973][T10485] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1185'. [ 290.833871][T10527] cougar: G6 mapped to space [ 290.964324][T10529] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1191'. [ 291.715482][T10551] cougar: G6 mapped to space [ 292.585896][T10566] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1203'. [ 294.140832][T10601] FAULT_INJECTION: forcing a failure. [ 294.140832][T10601] name failslab, interval 1, probability 0, space 0, times 0 [ 294.206216][T10601] CPU: 0 UID: 0 PID: 10601 Comm: syz.1.1212 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 294.206258][T10601] Tainted: [U]=USER [ 294.206266][T10601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 294.206281][T10601] Call Trace: [ 294.206288][T10601] [ 294.206298][T10601] dump_stack_lvl+0x16c/0x1f0 [ 294.206333][T10601] should_fail_ex+0x50a/0x650 [ 294.206370][T10601] ? fs_reclaim_acquire+0xae/0x150 [ 294.206412][T10601] should_failslab+0xc2/0x120 [ 294.206438][T10601] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 294.206477][T10601] ? __kernfs_new_node+0xd3/0x890 [ 294.206516][T10601] __kernfs_new_node+0xd3/0x890 [ 294.206552][T10601] ? __pfx___kernfs_new_node+0x10/0x10 [ 294.206584][T10601] ? __pfx_lock_release+0x10/0x10 [ 294.206616][T10601] ? kernfs_add_one+0x39d/0x520 [ 294.206664][T10601] ? up_write+0x1b2/0x520 [ 294.206704][T10601] kernfs_new_node+0x186/0x240 [ 294.206749][T10601] __kernfs_create_file+0x53/0x350 [ 294.206780][T10601] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 294.206819][T10601] sysfs_merge_group+0x1b1/0x340 [ 294.206854][T10601] ? __pfx_sysfs_merge_group+0x10/0x10 [ 294.206890][T10601] ? __pfx_dev_add_physical_location+0x10/0x10 [ 294.206919][T10601] ? bus_to_subsys+0x12d/0x160 [ 294.206964][T10601] dpm_sysfs_add+0x237/0x280 [ 294.206996][T10601] device_add+0x9a8/0x1a70 [ 294.207032][T10601] ? __pfx_device_add+0x10/0x10 [ 294.207076][T10601] ? lockdep_init_map_type+0x16d/0x7d0 [ 294.207117][T10601] nfc_register_device+0x41/0x3c0 [ 294.207147][T10601] nci_register_device+0x7f4/0xb80 [ 294.207183][T10601] ? __pfx_nci_register_device+0x10/0x10 [ 294.207227][T10601] virtual_ncidev_open+0x141/0x220 [ 294.207260][T10601] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 294.207292][T10601] misc_open+0x35a/0x420 [ 294.207313][T10601] ? __pfx_misc_open+0x10/0x10 [ 294.207341][T10601] chrdev_open+0x237/0x6a0 [ 294.207375][T10601] ? __pfx_apparmor_file_open+0x10/0x10 [ 294.207405][T10601] ? __pfx_chrdev_open+0x10/0x10 [ 294.207441][T10601] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 294.207475][T10601] do_dentry_open+0x735/0x1c40 [ 294.207507][T10601] ? __pfx_chrdev_open+0x10/0x10 [ 294.207573][T10601] ? inode_permission+0xdd/0x5f0 [ 294.207601][T10601] vfs_open+0x82/0x3f0 [ 294.207623][T10601] ? may_open+0x1f2/0x400 [ 294.207651][T10601] path_openat+0x1e88/0x2d80 [ 294.207699][T10601] ? __pfx_path_openat+0x10/0x10 [ 294.207758][T10601] ? __pfx___lock_acquire+0x10/0x10 [ 294.207823][T10601] ? lock_acquire.part.0+0x11b/0x380 [ 294.207871][T10601] ? find_held_lock+0x2d/0x110 [ 294.207939][T10601] do_filp_open+0x20c/0x470 [ 294.208007][T10601] ? __pfx_do_filp_open+0x10/0x10 [ 294.208075][T10601] ? find_held_lock+0x2d/0x110 [ 294.208135][T10601] ? alloc_fd+0x41f/0x760 [ 294.208197][T10601] do_sys_openat2+0x17a/0x1e0 [ 294.208223][T10601] ? __pfx_do_sys_openat2+0x10/0x10 [ 294.208270][T10601] __x64_sys_openat+0x175/0x210 [ 294.208303][T10601] ? __pfx___x64_sys_openat+0x10/0x10 [ 294.208355][T10601] do_syscall_64+0xcd/0x250 [ 294.208387][T10601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.208420][T10601] RIP: 0033:0x7f2ae898cde9 [ 294.208439][T10601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.208462][T10601] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 294.208486][T10601] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 294.208502][T10601] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 294.208517][T10601] RBP: 00007f2ae8a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 294.208531][T10601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.208545][T10601] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 294.208578][T10601] [ 296.857362][T10653] FAULT_INJECTION: forcing a failure. [ 296.857362][T10653] name failslab, interval 1, probability 0, space 0, times 0 [ 296.888521][T10653] CPU: 1 UID: 0 PID: 10653 Comm: syz.3.1227 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 296.888565][T10653] Tainted: [U]=USER [ 296.888574][T10653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 296.888589][T10653] Call Trace: [ 296.888597][T10653] [ 296.888608][T10653] dump_stack_lvl+0x16c/0x1f0 [ 296.888650][T10653] should_fail_ex+0x50a/0x650 [ 296.888689][T10653] ? fs_reclaim_acquire+0xae/0x150 [ 296.888724][T10653] should_failslab+0xc2/0x120 [ 296.888749][T10653] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 296.888786][T10653] ? __kernfs_new_node+0xd3/0x890 [ 296.888823][T10653] __kernfs_new_node+0xd3/0x890 [ 296.888867][T10653] ? __pfx___kernfs_new_node+0x10/0x10 [ 296.888901][T10653] ? __pfx_lock_release+0x10/0x10 [ 296.888935][T10653] ? kernfs_add_one+0x39d/0x520 [ 296.888983][T10653] ? up_write+0x1b2/0x520 [ 296.889033][T10653] kernfs_new_node+0x186/0x240 [ 296.889077][T10653] __kernfs_create_file+0x53/0x350 [ 296.889109][T10653] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 296.889150][T10653] sysfs_merge_group+0x1b1/0x340 [ 296.889185][T10653] ? __pfx_sysfs_merge_group+0x10/0x10 [ 296.889222][T10653] ? __pfx_dev_add_physical_location+0x10/0x10 [ 296.889253][T10653] ? bus_to_subsys+0x12d/0x160 [ 296.889292][T10653] dpm_sysfs_add+0x237/0x280 [ 296.889324][T10653] device_add+0x9a8/0x1a70 [ 296.889359][T10653] ? __pfx_device_add+0x10/0x10 [ 296.889394][T10653] ? lockdep_init_map_type+0x16d/0x7d0 [ 296.889450][T10653] nfc_register_device+0x41/0x3c0 [ 296.889484][T10653] nci_register_device+0x7f4/0xb80 [ 296.889524][T10653] ? __pfx_nci_register_device+0x10/0x10 [ 296.889578][T10653] virtual_ncidev_open+0x141/0x220 [ 296.889612][T10653] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 296.889645][T10653] misc_open+0x35a/0x420 [ 296.889670][T10653] ? __pfx_misc_open+0x10/0x10 [ 296.889693][T10653] chrdev_open+0x237/0x6a0 [ 296.889727][T10653] ? __pfx_apparmor_file_open+0x10/0x10 [ 296.889758][T10653] ? __pfx_chrdev_open+0x10/0x10 [ 296.889801][T10653] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 296.889840][T10653] do_dentry_open+0x735/0x1c40 [ 296.889879][T10653] ? __pfx_chrdev_open+0x10/0x10 [ 296.889918][T10653] ? inode_permission+0xdd/0x5f0 [ 296.889949][T10653] vfs_open+0x82/0x3f0 [ 296.889972][T10653] ? may_open+0x1f2/0x400 [ 296.890001][T10653] path_openat+0x1e88/0x2d80 [ 296.890048][T10653] ? __pfx_path_openat+0x10/0x10 [ 296.890079][T10653] ? __pfx___lock_acquire+0x10/0x10 [ 296.890109][T10653] ? lock_acquire.part.0+0x11b/0x380 [ 296.890142][T10653] ? find_held_lock+0x2d/0x110 [ 296.890172][T10653] do_filp_open+0x20c/0x470 [ 296.890207][T10653] ? __pfx_do_filp_open+0x10/0x10 [ 296.890238][T10653] ? find_held_lock+0x2d/0x110 [ 296.890291][T10653] ? alloc_fd+0x41f/0x760 [ 296.890335][T10653] do_sys_openat2+0x17a/0x1e0 [ 296.890361][T10653] ? __pfx_do_sys_openat2+0x10/0x10 [ 296.890401][T10653] __x64_sys_openat+0x175/0x210 [ 296.890428][T10653] ? __pfx___x64_sys_openat+0x10/0x10 [ 296.890470][T10653] do_syscall_64+0xcd/0x250 [ 296.890503][T10653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.890536][T10653] RIP: 0033:0x7f345f58cde9 [ 296.890557][T10653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.890580][T10653] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 296.890606][T10653] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 296.890623][T10653] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 296.890639][T10653] RBP: 00007f345f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 296.890654][T10653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.890668][T10653] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 296.890707][T10653] [ 297.704393][T10672] cougar: G6 mapped to space [ 300.333046][T10739] ubi: mtd0 is already attached to ubi0 [ 301.068409][T10759] cougar: G6 mapped to space [ 303.631730][T10819] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1272'. [ 304.449428][T10845] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1282'. [ 304.612205][T10850] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1285'. [ 307.219707][T10885] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1296'. [ 307.415605][T10898] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1302'. [ 307.911442][T10901] svc: failed to register nfsdv3 RPC service (errno 111). [ 307.919983][T10901] svc: failed to register nfsaclv3 RPC service (errno 111). [ 308.500832][T10901] openvswitch: netlink: Message has 29 unknown bytes. [ 311.855071][T10960] ubi: mtd0 is already attached to ubi0 [ 311.961579][ T29] audit: type=1800 audit(6035016791.359:3): pid=10963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1320" name="dummy_udc" dev="gadgetfs" ino=6466 res=0 errno=0 [ 313.036705][T10988] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1324'. [ 313.386154][T10991] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1325'. [ 313.939253][T11001] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1336'. [ 314.087597][T11005] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1338'. [ 315.463263][T11028] cougar: G6 mapped to space [ 315.807176][T11030] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1334'. [ 318.147921][T11066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1346'. [ 318.281576][ T29] audit: type=1800 audit(6035016797.676:4): pid=11068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1347" name="dummy_udc" dev="gadgetfs" ino=6466 res=0 errno=0 [ 321.585861][T11123] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1357'. [ 321.960817][ T29] audit: type=1800 audit(6035016801.334:5): pid=11137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1367" name="dummy_udc" dev="gadgetfs" ino=6466 res=0 errno=0 [ 323.376534][T11168] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1375'. [ 323.524485][ T29] audit: type=1800 audit(6035016802.913:6): pid=11172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1377" name="dummy_udc" dev="gadgetfs" ino=6466 res=0 errno=0 [ 338.088497][T11430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1451'. [ 345.442565][T11579] cougar: G6 mapped to space [ 347.633929][T11625] cougar: G6 mapped to space [ 350.097479][T11675] cougar: G6 mapped to space [ 351.367052][T11695] cougar: G6 mapped to space [ 351.729984][T11700] cougar: G6 mapped to space [ 353.601361][T11740] cougar: G6 mapped to space [ 355.696017][T11779] cougar: G6 mapped to space [ 355.786404][T11771] cougar: G6 mapped to space [ 356.629162][T11784] cougar: G6 mapped to space [ 356.805974][T11787] cougar: G6 mapped to space [ 358.039641][T11811] cougar: G6 mapped to space [ 358.262646][T11822] cougar: G6 mapped to space [ 359.442231][T11834] cougar: G6 mapped to space [ 359.465367][T11838] cougar: G6 mapped to space [ 360.683187][T11856] cougar: G6 mapped to space [ 361.780219][T11879] cougar: G6 mapped to space [ 362.987688][T11894] cougar: G6 mapped to space [ 364.560567][T11930] cougar: G6 mapped to space [ 365.321012][T11953] cougar: G6 mapped to space [ 366.236035][T11959] cougar: G6 mapped to space [ 366.549567][T11970] cougar: G6 mapped to space [ 367.984612][T11987] cougar: G6 mapped to space [ 368.658007][T11994] cougar: G6 mapped to space [ 369.208687][T12001] cougar: G6 mapped to space [ 369.988177][T12018] cougar: G6 mapped to space [ 370.035262][T12019] cougar: G6 mapped to space [ 371.098193][T12034] cougar: G6 mapped to space [ 372.645495][T12054] cougar: G6 mapped to space [ 373.252878][T12069] cougar: G6 mapped to space [ 373.344212][T12068] cougar: G6 mapped to space [ 374.832542][T12091] cougar: G6 mapped to space [ 375.506539][T12101] cougar: G6 mapped to space [ 375.905033][T12108] cougar: G6 mapped to space [ 377.476856][T12135] cougar: G6 mapped to space [ 378.671664][T12154] cougar: G6 mapped to space [ 379.464567][T12161] cougar: G6 mapped to space [ 379.960219][T12166] cougar: G6 mapped to space [ 380.755829][T12181] cougar: G6 mapped to space [ 381.614816][T12198] cougar: G6 mapped to space [ 382.661160][T12212] cougar: G6 mapped to space [ 383.541033][T12231] cougar: G6 mapped to space [ 386.047902][T12290] cougar: G6 mapped to space [ 386.305473][T12282] cougar: G6 mapped to space [ 386.933027][T12304] cougar: G6 mapped to space [ 388.062817][T12322] cougar: G6 mapped to space [ 388.517193][T12333] cougar: G6 mapped to space [ 389.242038][T12345] cougar: G6 mapped to space [ 390.263256][T12363] cougar: G6 mapped to space [ 392.106306][T12404] cougar: G6 mapped to space [ 393.942974][T12440] cougar: G6 mapped to space [ 394.750062][T12456] cougar: G6 mapped to space [ 395.017094][T12458] cougar: G6 mapped to space [ 395.116277][T12459] cougar: G6 mapped to space [ 395.433811][T12460] cougar: G6 mapped to space [ 396.688063][T12497] cougar: G6 mapped to space [ 397.791626][T12520] cougar: G6 mapped to space [ 398.326880][T12523] cougar: G6 mapped to space [ 399.250338][T12545] cougar: G6 mapped to space [ 399.765086][T12551] cougar: G6 mapped to space [ 400.217039][T12561] cougar: G6 mapped to space [ 401.023645][T12572] cougar: G6 mapped to space [ 402.195203][T12590] cougar: G6 mapped to space [ 403.074435][T12600] cougar: G6 mapped to space [ 405.412944][T12650] cougar: G6 mapped to space [ 406.351502][T12668] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1773'. [ 406.381290][T12664] cougar: G6 mapped to space [ 408.271672][T12687] FAULT_INJECTION: forcing a failure. [ 408.271672][T12687] name failslab, interval 1, probability 0, space 0, times 0 [ 408.320031][T12687] CPU: 1 UID: 0 PID: 12687 Comm: syz.0.1780 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 408.320069][T12687] Tainted: [U]=USER [ 408.320076][T12687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 408.320090][T12687] Call Trace: [ 408.320097][T12687] [ 408.320106][T12687] dump_stack_lvl+0x16c/0x1f0 [ 408.320140][T12687] should_fail_ex+0x50a/0x650 [ 408.320173][T12687] ? fs_reclaim_acquire+0xae/0x150 [ 408.320204][T12687] ? tomoyo_realpath_from_path+0xb9/0x720 [ 408.320234][T12687] should_failslab+0xc2/0x120 [ 408.320257][T12687] __kmalloc_noprof+0xcb/0x510 [ 408.320289][T12687] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 408.320323][T12687] ? rcu_is_watching+0x12/0xc0 [ 408.320351][T12687] tomoyo_realpath_from_path+0xb9/0x720 [ 408.320391][T12687] tomoyo_check_open_permission+0x2ad/0x3c0 [ 408.320419][T12687] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 408.320481][T12687] ? __pfx_hook_file_open+0x10/0x10 [ 408.320509][T12687] ? lock_acquire+0x2f/0xb0 [ 408.320537][T12687] ? mnt_get_write_access+0x6a/0x300 [ 408.320566][T12687] tomoyo_file_open+0x6b/0x90 [ 408.320601][T12687] security_file_open+0x84/0x1e0 [ 408.320631][T12687] do_dentry_open+0x57c/0x1c40 [ 408.320667][T12687] ? inode_permission+0xdd/0x5f0 [ 408.320696][T12687] vfs_open+0x82/0x3f0 [ 408.320723][T12687] ? may_open+0x1f2/0x400 [ 408.320750][T12687] path_openat+0x1e88/0x2d80 [ 408.320795][T12687] ? __pfx_path_openat+0x10/0x10 [ 408.320827][T12687] ? __pfx___lock_acquire+0x10/0x10 [ 408.320855][T12687] ? lock_acquire.part.0+0x11b/0x380 [ 408.320885][T12687] ? find_held_lock+0x2d/0x110 [ 408.320914][T12687] do_filp_open+0x20c/0x470 [ 408.320946][T12687] ? __pfx_do_filp_open+0x10/0x10 [ 408.320976][T12687] ? find_held_lock+0x2d/0x110 [ 408.321025][T12687] ? alloc_fd+0x41f/0x760 [ 408.321066][T12687] do_sys_openat2+0x17a/0x1e0 [ 408.321090][T12687] ? __pfx_do_sys_openat2+0x10/0x10 [ 408.321119][T12687] ? __fget_files+0x206/0x3a0 [ 408.321155][T12687] __x64_sys_openat+0x175/0x210 [ 408.321180][T12687] ? __pfx___x64_sys_openat+0x10/0x10 [ 408.321204][T12687] ? ksys_write+0x1ba/0x250 [ 408.321247][T12687] do_syscall_64+0xcd/0x250 [ 408.321294][T12687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.321325][T12687] RIP: 0033:0x7f63c358cde9 [ 408.321344][T12687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.321365][T12687] RSP: 002b:00007f63c431b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 408.321389][T12687] RAX: ffffffffffffffda RBX: 00007f63c37a5fa0 RCX: 00007f63c358cde9 [ 408.321404][T12687] RDX: 0000000000189002 RSI: 0000400000000100 RDI: ffffffffffffff9c [ 408.321419][T12687] RBP: 00007f63c431b090 R08: 0000000000000000 R09: 0000000000000000 [ 408.321433][T12687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 408.321447][T12687] R13: 0000000000000001 R14: 00007f63c37a5fa0 R15: 00007ffc4940fcd8 [ 408.321479][T12687] [ 408.321488][T12687] ERROR: Out of memory at tomoyo_realpath_from_path. [ 408.832050][ T29] audit: type=1800 audit(6035016904.248:7): pid=12687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1780" name="discovery_nqn" dev="configfs" ino=35487 res=0 errno=0 [ 410.670743][T12643] GUP no longer grows the stack in syz.0.1765 (12643): 1000-41000 (0) [ 410.707722][T12643] CPU: 0 UID: 0 PID: 12643 Comm: syz.0.1765 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 410.707761][T12643] Tainted: [U]=USER [ 410.707769][T12643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 410.707782][T12643] Call Trace: [ 410.707789][T12643] [ 410.707798][T12643] dump_stack_lvl+0x16c/0x1f0 [ 410.707831][T12643] gup_vma_lookup+0x1d2/0x220 [ 410.707864][T12643] __get_user_pages+0x236/0x36f0 [ 410.707895][T12643] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 410.707931][T12643] ? get_dump_page+0xb6/0x230 [ 410.707963][T12643] ? get_dump_page+0xb6/0x230 [ 410.707998][T12643] ? __pfx___get_user_pages+0x10/0x10 [ 410.708027][T12643] ? down_read_killable+0xcc/0x380 [ 410.708057][T12643] ? __pfx_down_read_killable+0x10/0x10 [ 410.708099][T12643] get_dump_page+0xff/0x230 [ 410.708129][T12643] ? __pfx_get_dump_page+0x10/0x10 [ 410.708160][T12643] ? do_raw_spin_unlock+0x172/0x230 [ 410.708184][T12643] ? _raw_spin_unlock+0x28/0x50 [ 410.708216][T12643] dump_user_range+0x135/0x8c0 [ 410.708252][T12643] ? __pfx_dump_user_range+0x10/0x10 [ 410.708280][T12643] ? irqentry_exit+0x3b/0x90 [ 410.708312][T12643] ? lockdep_hardirqs_on+0x7c/0x110 [ 410.708360][T12643] elf_core_dump+0x287c/0x3a50 [ 410.708408][T12643] ? __pfx_elf_core_dump+0x10/0x10 [ 410.708434][T12643] ? kasan_save_stack+0x33/0x60 [ 410.708465][T12643] ? kasan_save_track+0x14/0x30 [ 410.708494][T12643] ? __kasan_kmalloc+0xaa/0xb0 [ 410.708522][T12643] ? __kmalloc_node_noprof+0x21f/0x510 [ 410.708554][T12643] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 410.708584][T12643] ? get_signal+0x230b/0x26c0 [ 410.708615][T12643] ? arch_do_signal_or_restart+0x90/0x7e0 [ 410.708640][T12643] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 410.708720][T12643] ? rcu_is_watching+0x12/0xc0 [ 410.708745][T12643] ? trace_lock_acquire+0x14e/0x1f0 [ 410.708769][T12643] ? __pfx_sort+0x10/0x10 [ 410.708790][T12643] ? get_signal+0x230b/0x26c0 [ 410.708830][T12643] ? do_coredump+0x3134/0x4400 [ 410.708853][T12643] do_coredump+0x3134/0x4400 [ 410.708892][T12643] ? __pfx_do_coredump+0x10/0x10 [ 410.708919][T12643] ? stack_trace_save+0x95/0xd0 [ 410.708945][T12643] ? __pfx_stack_trace_save+0x10/0x10 [ 410.708970][T12643] ? hlock_class+0x4e/0x130 [ 410.708992][T12643] ? stack_depot_save_flags+0x28/0x9c0 [ 410.709038][T12643] ? kmem_cache_free+0x2e2/0x4d0 [ 410.709068][T12643] ? __sigqueue_free+0xba/0x2a0 [ 410.709090][T12643] ? get_signal+0xcbc/0x26c0 [ 410.709120][T12643] ? arch_do_signal_or_restart+0x90/0x7e0 [ 410.709145][T12643] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 410.709213][T12643] ? find_held_lock+0x2d/0x110 [ 410.709241][T12643] ? proc_coredump_connector+0x2d2/0x4f0 [ 410.709276][T12643] ? __pfx_proc_coredump_connector+0x10/0x10 [ 410.709331][T12643] get_signal+0x230b/0x26c0 [ 410.709378][T12643] ? __pfx_get_signal+0x10/0x10 [ 410.709411][T12643] ? rcu_is_watching+0x12/0xc0 [ 410.709434][T12643] ? trace_irq_disable.constprop.0+0xea/0x140 [ 410.709474][T12643] arch_do_signal_or_restart+0x90/0x7e0 [ 410.709501][T12643] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 410.709536][T12643] ? do_user_addr_fault+0xa4b/0x13f0 [ 410.709576][T12643] irqentry_exit_to_user_mode+0x13f/0x280 [ 410.709605][T12643] asm_exc_page_fault+0x26/0x30 [ 410.709635][T12643] RIP: 0033:0x80000 [ 410.709659][T12643] Code: Unable to access opcode bytes at 0x7ffd6. [ 410.709668][T12643] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 410.709686][T12643] RAX: 0000000000000000 RBX: 00007f63c37a5fa0 RCX: 00007f63c358cde9 [ 410.709701][T12643] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 410.709715][T12643] RBP: 00007f63c360e2a0 R08: 0000000000000002 R09: 0000000000000000 [ 410.709729][T12643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 410.709743][T12643] R13: 0000000000000000 R14: 00007f63c37a5fa0 R15: 00007ffc4940fcd8 [ 410.709775][T12643] [ 411.087889][ C0] vkms_vblank_simulate: vblank timer overrun [ 412.711906][T12746] FAULT_INJECTION: forcing a failure. [ 412.711906][T12746] name failslab, interval 1, probability 0, space 0, times 0 [ 412.746701][T12746] CPU: 1 UID: 0 PID: 12746 Comm: syz.1.1790 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 412.746743][T12746] Tainted: [U]=USER [ 412.746751][T12746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 412.746766][T12746] Call Trace: [ 412.746773][T12746] [ 412.746782][T12746] dump_stack_lvl+0x16c/0x1f0 [ 412.746820][T12746] should_fail_ex+0x50a/0x650 [ 412.746856][T12746] ? fs_reclaim_acquire+0xae/0x150 [ 412.746888][T12746] ? ops_init+0x77/0x5f0 [ 412.746918][T12746] should_failslab+0xc2/0x120 [ 412.746941][T12746] __kmalloc_noprof+0xcb/0x510 [ 412.746978][T12746] ops_init+0x77/0x5f0 [ 412.747009][T12746] setup_net+0x21f/0x860 [ 412.747040][T12746] ? __pfx_setup_net+0x10/0x10 [ 412.747068][T12746] ? down_read_killable+0xcc/0x380 [ 412.747095][T12746] ? __pfx_down_read_killable+0x10/0x10 [ 412.747122][T12746] ? __raw_spin_lock_init+0x3a/0x110 [ 412.747155][T12746] ? debug_mutex_init+0x37/0x70 [ 412.747180][T12746] copy_net_ns+0x2b4/0x6c0 [ 412.747202][T12746] create_new_namespaces+0x3ea/0xad0 [ 412.747241][T12746] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 412.747275][T12746] ksys_unshare+0x45d/0xa40 [ 412.747297][T12746] ? __pfx_ksys_unshare+0x10/0x10 [ 412.747316][T12746] ? xfd_validate_state+0x5d/0x180 [ 412.747363][T12746] __x64_sys_unshare+0x31/0x40 [ 412.747385][T12746] do_syscall_64+0xcd/0x250 [ 412.747414][T12746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.747443][T12746] RIP: 0033:0x7f2ae898cde9 [ 412.747460][T12746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.747479][T12746] RSP: 002b:00007f2ae9773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 412.747499][T12746] RAX: ffffffffffffffda RBX: 00007f2ae8ba5fa0 RCX: 00007f2ae898cde9 [ 412.747514][T12746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 412.747527][T12746] RBP: 00007f2ae8a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 412.747540][T12746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.747554][T12746] R13: 0000000000000000 R14: 00007f2ae8ba5fa0 R15: 00007fffb63a8da8 [ 412.747582][T12746] [ 413.308061][ T29] audit: type=1800 audit(6035016908.720:8): pid=12752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1791" name="discovery_nqn" dev="configfs" ino=34623 res=0 errno=0 [ 413.328772][ C0] vkms_vblank_simulate: vblank timer overrun [ 413.800223][T12746] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 413.816289][T12746] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 413.850965][T12746] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 413.859507][T12746] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 413.865688][T12746] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 414.221938][T12769] FAULT_INJECTION: forcing a failure. [ 414.221938][T12769] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 414.286295][T12769] CPU: 1 UID: 0 PID: 12769 Comm: syz.3.1794 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 414.286333][T12769] Tainted: [U]=USER [ 414.286341][T12769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 414.286354][T12769] Call Trace: [ 414.286361][T12769] [ 414.286370][T12769] dump_stack_lvl+0x16c/0x1f0 [ 414.286404][T12769] should_fail_ex+0x50a/0x650 [ 414.286444][T12769] _copy_to_user+0x32/0xd0 [ 414.286471][T12769] simple_read_from_buffer+0xd0/0x160 [ 414.286504][T12769] proc_fail_nth_read+0x198/0x270 [ 414.286533][T12769] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 414.286564][T12769] ? rw_verify_area+0xcf/0x680 [ 414.286592][T12769] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 414.286620][T12769] vfs_read+0x1df/0xbf0 [ 414.286651][T12769] ? __fget_files+0x1fc/0x3a0 [ 414.286683][T12769] ? __pfx___mutex_lock+0x10/0x10 [ 414.286711][T12769] ? __pfx_vfs_read+0x10/0x10 [ 414.286750][T12769] ? __fget_files+0x206/0x3a0 [ 414.286792][T12769] ksys_read+0x12b/0x250 [ 414.286820][T12769] ? __pfx_ksys_read+0x10/0x10 [ 414.286860][T12769] do_syscall_64+0xcd/0x250 [ 414.286891][T12769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.286923][T12769] RIP: 0033:0x7f345f58b7fc [ 414.286941][T12769] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 414.286963][T12769] RSP: 002b:00007f3460345030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 414.286985][T12769] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58b7fc [ 414.287000][T12769] RDX: 000000000000000f RSI: 00007f34603450a0 RDI: 0000000000000003 [ 414.287022][T12769] RBP: 00007f3460345090 R08: 0000000000000000 R09: 0000000000000000 [ 414.287036][T12769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 414.287050][T12769] R13: 0000000000000001 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 414.287082][T12769] [ 414.790245][T12781] cougar: G6 mapped to space [ 415.845187][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 415.928807][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 415.928900][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 415.935130][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 415.978321][T12795] cougar: G6 mapped to space [ 417.635926][T12806] FAULT_INJECTION: forcing a failure. [ 417.635926][T12806] name failslab, interval 1, probability 0, space 0, times 0 [ 417.754133][T12806] CPU: 1 UID: 0 PID: 12806 Comm: syz.3.1805 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 417.754175][T12806] Tainted: [U]=USER [ 417.754183][T12806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 417.754197][T12806] Call Trace: [ 417.754205][T12806] [ 417.754215][T12806] dump_stack_lvl+0x16c/0x1f0 [ 417.754251][T12806] should_fail_ex+0x50a/0x650 [ 417.754287][T12806] ? fs_reclaim_acquire+0xae/0x150 [ 417.754321][T12806] ? lsm_blob_alloc+0x68/0x90 [ 417.754356][T12806] should_failslab+0xc2/0x120 [ 417.754385][T12806] __kmalloc_noprof+0xcb/0x510 [ 417.754430][T12806] lsm_blob_alloc+0x68/0x90 [ 417.754466][T12806] security_sk_alloc+0x30/0x270 [ 417.754492][T12806] sk_prot_alloc+0xfb/0x2a0 [ 417.754519][T12806] sk_alloc+0x36/0xb90 [ 417.754554][T12806] inet6_create+0x380/0x1320 [ 417.754582][T12806] ? inet6_create+0x5d/0x1320 [ 417.754613][T12806] __sock_create+0x335/0x8d0 [ 417.754647][T12806] inet_ctl_sock_create+0x96/0x230 [ 417.754682][T12806] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 417.754722][T12806] ? __pfx_dccp_v6_init_net+0x10/0x10 [ 417.754759][T12806] dccp_v6_init_net+0x63/0x90 [ 417.754793][T12806] ops_init+0x1df/0x5f0 [ 417.754841][T12806] setup_net+0x21f/0x860 [ 417.754880][T12806] ? __pfx_setup_net+0x10/0x10 [ 417.754911][T12806] ? down_read_killable+0xcc/0x380 [ 417.754943][T12806] ? __pfx_down_read_killable+0x10/0x10 [ 417.754973][T12806] ? __raw_spin_lock_init+0x3a/0x110 [ 417.755012][T12806] ? debug_mutex_init+0x37/0x70 [ 417.755046][T12806] copy_net_ns+0x2b4/0x6c0 [ 417.755075][T12806] create_new_namespaces+0x3ea/0xad0 [ 417.755124][T12806] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 417.755168][T12806] ksys_unshare+0x45d/0xa40 [ 417.755195][T12806] ? __pfx_ksys_unshare+0x10/0x10 [ 417.755219][T12806] ? xfd_validate_state+0x5d/0x180 [ 417.755265][T12806] __x64_sys_unshare+0x31/0x40 [ 417.755290][T12806] do_syscall_64+0xcd/0x250 [ 417.755322][T12806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.755356][T12806] RIP: 0033:0x7f345f58cde9 [ 417.755375][T12806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.755398][T12806] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 417.755423][T12806] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 417.755440][T12806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 417.755455][T12806] RBP: 00007f345f60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 417.755471][T12806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.755486][T12806] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 417.755519][T12806] [ 418.167638][T12794] Bluetooth: hci0: command 0x0c1a tx timeout [ 419.686470][T12820] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 419.713547][T12820] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 419.719660][T12820] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 419.825574][T12820] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 419.939336][T12820] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 420.962555][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout [ 421.382697][T12850] FAULT_INJECTION: forcing a failure. [ 421.382697][T12850] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 421.458400][T12850] CPU: 0 UID: 0 PID: 12850 Comm: syz.2.1815 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 421.458439][T12850] Tainted: [U]=USER [ 421.458447][T12850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 421.458460][T12850] Call Trace: [ 421.458466][T12850] [ 421.458476][T12850] dump_stack_lvl+0x16c/0x1f0 [ 421.458510][T12850] should_fail_ex+0x50a/0x650 [ 421.458550][T12850] _copy_to_iter+0x465/0x1560 [ 421.458579][T12850] ? snd_seq_client_use_ptr+0x7b/0x3c0 [ 421.458618][T12850] ? __pfx__copy_to_iter+0x10/0x10 [ 421.458640][T12850] ? __virt_addr_valid+0x1a4/0x590 [ 421.458670][T12850] ? __virt_addr_valid+0x5e/0x590 [ 421.458695][T12850] ? __phys_addr_symbol+0x30/0x80 [ 421.458725][T12850] ? __check_object_size+0x488/0x710 [ 421.458755][T12850] seq_read_iter+0xd00/0x12b0 [ 421.458799][T12850] seq_read+0x39f/0x4e0 [ 421.458828][T12850] ? __pfx_seq_read+0x10/0x10 [ 421.458879][T12850] ? __pfx_seq_read+0x10/0x10 [ 421.458907][T12850] proc_reg_read+0x23d/0x330 [ 421.458941][T12850] ? __pfx_proc_reg_read+0x10/0x10 [ 421.458976][T12850] vfs_read+0x1df/0xbf0 [ 421.459006][T12850] ? __fget_files+0x1fc/0x3a0 [ 421.459039][T12850] ? __pfx___mutex_lock+0x10/0x10 [ 421.459067][T12850] ? __pfx_vfs_read+0x10/0x10 [ 421.459106][T12850] ? __fget_files+0x206/0x3a0 [ 421.459148][T12850] ksys_read+0x12b/0x250 [ 421.459188][T12850] ? __pfx_ksys_read+0x10/0x10 [ 421.459230][T12850] do_syscall_64+0xcd/0x250 [ 421.459261][T12850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.459292][T12850] RIP: 0033:0x7f23f118cde9 [ 421.459312][T12850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.459333][T12850] RSP: 002b:00007f23f1f65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 421.459354][T12850] RAX: ffffffffffffffda RBX: 00007f23f13a5fa0 RCX: 00007f23f118cde9 [ 421.459368][T12850] RDX: 00000000000000c7 RSI: 0000400000000e80 RDI: 0000000000000005 [ 421.459382][T12850] RBP: 00007f23f1f65090 R08: 0000000000000000 R09: 0000000000000000 [ 421.459395][T12850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 421.459408][T12850] R13: 0000000000000000 R14: 00007f23f13a5fa0 R15: 00007ffd964d06c8 [ 421.459438][T12850] [ 421.685480][ C0] vkms_vblank_simulate: vblank timer overrun [ 421.785934][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 421.842114][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 422.002100][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 422.343299][T12866] FAULT_INJECTION: forcing a failure. [ 422.343299][T12866] name failslab, interval 1, probability 0, space 0, times 0 [ 422.452268][T12866] CPU: 0 UID: 0 PID: 12866 Comm: syz.0.1820 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 422.452308][T12866] Tainted: [U]=USER [ 422.452316][T12866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 422.452329][T12866] Call Trace: [ 422.452336][T12866] [ 422.452346][T12866] dump_stack_lvl+0x16c/0x1f0 [ 422.452379][T12866] should_fail_ex+0x50a/0x650 [ 422.452413][T12866] ? fs_reclaim_acquire+0xae/0x150 [ 422.452453][T12866] should_failslab+0xc2/0x120 [ 422.452476][T12866] __kmalloc_node_noprof+0xd1/0x510 [ 422.452509][T12866] ? kasan_save_stack+0x42/0x60 [ 422.452539][T12866] ? kasan_save_stack+0x33/0x60 [ 422.452569][T12866] ? kasan_save_track+0x14/0x30 [ 422.452598][T12866] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 422.452629][T12866] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 422.452668][T12866] __kvmalloc_node_noprof+0xad/0x1a0 [ 422.452699][T12866] v4l2_ctrl_new+0x99a/0x2090 [ 422.452739][T12866] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 422.452768][T12866] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 422.452807][T12866] v4l2_ctrl_new_std+0x1b3/0x280 [ 422.452843][T12866] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 422.452872][T12866] ? rcu_is_watching+0x12/0xc0 [ 422.452897][T12866] ? trace_kmalloc+0x2d/0xd0 [ 422.452923][T12866] ? lockdep_init_map_type+0x16d/0x7d0 [ 422.452964][T12866] ? media_request_object_init+0x100/0x180 [ 422.453005][T12866] vicodec_open+0x1da/0xf80 [ 422.453048][T12866] v4l2_open+0x222/0x490 [ 422.453071][T12866] ? __pfx_v4l2_open+0x10/0x10 [ 422.453094][T12866] chrdev_open+0x237/0x6a0 [ 422.453127][T12866] ? __pfx_apparmor_file_open+0x10/0x10 [ 422.453156][T12866] ? __pfx_chrdev_open+0x10/0x10 [ 422.453192][T12866] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 422.453228][T12866] do_dentry_open+0x735/0x1c40 [ 422.453261][T12866] ? __pfx_chrdev_open+0x10/0x10 [ 422.453300][T12866] ? inode_permission+0xdd/0x5f0 [ 422.453329][T12866] vfs_open+0x82/0x3f0 [ 422.453351][T12866] ? may_open+0x1f2/0x400 [ 422.453379][T12866] path_openat+0x1e88/0x2d80 [ 422.453433][T12866] ? __pfx_path_openat+0x10/0x10 [ 422.453465][T12866] ? __pfx___lock_acquire+0x10/0x10 [ 422.453495][T12866] ? lock_acquire.part.0+0x11b/0x380 [ 422.453526][T12866] ? find_held_lock+0x2d/0x110 [ 422.453554][T12866] do_filp_open+0x20c/0x470 [ 422.453587][T12866] ? __pfx_do_filp_open+0x10/0x10 [ 422.453617][T12866] ? find_held_lock+0x2d/0x110 [ 422.453665][T12866] ? alloc_fd+0x41f/0x760 [ 422.453706][T12866] do_sys_openat2+0x17a/0x1e0 [ 422.453730][T12866] ? __pfx_do_sys_openat2+0x10/0x10 [ 422.453759][T12866] ? __fget_files+0x206/0x3a0 [ 422.453796][T12866] __x64_sys_openat+0x175/0x210 [ 422.453822][T12866] ? __pfx___x64_sys_openat+0x10/0x10 [ 422.453846][T12866] ? ksys_write+0x1ba/0x250 [ 422.453888][T12866] do_syscall_64+0xcd/0x250 [ 422.453920][T12866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.453952][T12866] RIP: 0033:0x7f63c358cde9 [ 422.453972][T12866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.453994][T12866] RSP: 002b:00007f63c431b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 422.454016][T12866] RAX: ffffffffffffffda RBX: 00007f63c37a5fa0 RCX: 00007f63c358cde9 [ 422.454031][T12866] RDX: 0000000000080000 RSI: 0000400000000340 RDI: ffffffffffffff9c [ 422.454046][T12866] RBP: 00007f63c431b090 R08: 0000000000000000 R09: 0000000000000000 [ 422.454060][T12866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 422.454074][T12866] R13: 0000000000000001 R14: 00007f63c37a5fa0 R15: 00007ffc4940fcd8 [ 422.454106][T12866] [ 422.812990][ C0] vkms_vblank_simulate: vblank timer overrun [ 423.041494][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout [ 424.645764][T12888] cougar: G6 mapped to space [ 425.725358][T12899] FAULT_INJECTION: forcing a failure. [ 425.725358][T12899] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 425.934460][T12899] CPU: 1 UID: 0 PID: 12899 Comm: syz.3.1827 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 425.934500][T12899] Tainted: [U]=USER [ 425.934508][T12899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 425.934521][T12899] Call Trace: [ 425.934529][T12899] [ 425.934540][T12899] dump_stack_lvl+0x16c/0x1f0 [ 425.934575][T12899] should_fail_ex+0x50a/0x650 [ 425.934608][T12899] ? __pfx___might_resched+0x10/0x10 [ 425.934648][T12899] should_fail_alloc_page+0xe7/0x130 [ 425.934674][T12899] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 425.934712][T12899] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 425.934751][T12899] ? __pfx_mark_lock+0x10/0x10 [ 425.934781][T12899] ? find_held_lock+0x2d/0x110 [ 425.934811][T12899] ? is_bpf_text_address+0x8a/0x1a0 [ 425.934843][T12899] ? __pfx_lock_release+0x10/0x10 [ 425.934874][T12899] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 425.934911][T12899] ? hlock_class+0x4e/0x130 [ 425.934935][T12899] ? is_bpf_text_address+0x30/0x1a0 [ 425.934982][T12899] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 425.935020][T12899] ? policy_nodemask+0xea/0x4e0 [ 425.935059][T12899] alloc_pages_mpol+0x1fc/0x540 [ 425.935084][T12899] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 425.935121][T12899] ? find_held_lock+0x2d/0x110 [ 425.935153][T12899] alloc_pages_noprof+0x131/0x390 [ 425.935178][T12899] __pmd_alloc+0x3f/0x870 [ 425.935211][T12899] __handle_mm_fault+0x9fb/0x2c60 [ 425.935254][T12899] ? __pfx___handle_mm_fault+0x10/0x10 [ 425.935286][T12899] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 425.935338][T12899] ? find_vma+0xc0/0x140 [ 425.935371][T12899] ? __pfx_find_vma+0x10/0x10 [ 425.935396][T12899] ? __pfx___lock_acquire+0x10/0x10 [ 425.935431][T12899] handle_mm_fault+0x3fa/0xaa0 [ 425.935472][T12899] do_user_addr_fault+0x7a3/0x13f0 [ 425.935513][T12899] exc_page_fault+0x5c/0xc0 [ 425.935544][T12899] asm_exc_page_fault+0x26/0x30 [ 425.935575][T12899] RIP: 0010:__get_user_4+0x18/0x30 [ 425.935598][T12899] Code: 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 [ 425.935620][T12899] RSP: 0018:ffffc90004f57d40 EFLAGS: 00050283 [ 425.935639][T12899] RAX: 0000000000000004 RBX: 00000000c0045520 RCX: ffffc90004f57ca8 [ 425.935655][T12899] RDX: 00007ffffffff000 RSI: ffffffff88ecdde5 RDI: ffffffff8bd34440 [ 425.935670][T12899] RBP: 00000000fffffdfd R08: 0000000000000000 R09: fffffbfff20c4e22 [ 425.935685][T12899] R10: ffffffff90627117 R11: 0000000000000001 R12: ffff88814d3c2028 [ 425.935700][T12899] R13: ffff88814d3c2028 R14: 0000000000000004 R15: ffff8880300da340 [ 425.935728][T12899] ? snd_hwdep_control_ioctl+0x65/0x3c0 [ 425.935768][T12899] snd_hwdep_control_ioctl+0x6d/0x3c0 [ 425.935808][T12899] snd_ctl_ioctl+0xa61/0x1310 [ 425.935843][T12899] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 425.935878][T12899] ? __pfx_lock_release+0x10/0x10 [ 425.935908][T12899] ? trace_lock_acquire+0x14e/0x1f0 [ 425.935948][T12899] ? __fget_files+0x206/0x3a0 [ 425.935985][T12899] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 425.936021][T12899] __x64_sys_ioctl+0x190/0x200 [ 425.936051][T12899] do_syscall_64+0xcd/0x250 [ 425.936082][T12899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.936113][T12899] RIP: 0033:0x7f345f58cde9 [ 425.936132][T12899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.936154][T12899] RSP: 002b:00007f3460345038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 425.936175][T12899] RAX: ffffffffffffffda RBX: 00007f345f7a5fa0 RCX: 00007f345f58cde9 [ 425.936191][T12899] RDX: 0000000000000004 RSI: 00000000c0045520 RDI: 0000000000000005 [ 425.936204][T12899] RBP: 00007f3460345090 R08: 0000000000000000 R09: 0000000000000000 [ 425.936218][T12899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 425.936232][T12899] R13: 0000000000000000 R14: 00007f345f7a5fa0 R15: 00007fff414c3758 [ 425.936264][T12899] [ 429.621548][T12943] can: request_module (can-proto-0) failed. [ 432.137558][T12991] cougar: G6 mapped to space [ 432.402654][T12994] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 433.142703][T12992] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 433.173368][T12992] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 433.444914][T13005] random: crng reseeded on system resumption [ 435.471949][T13034] FAULT_INJECTION: forcing a failure. [ 435.471949][T13034] name failslab, interval 1, probability 0, space 0, times 0 [ 435.511585][T13034] CPU: 0 UID: 0 PID: 13034 Comm: syz.0.1862 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 435.511624][T13034] Tainted: [U]=USER [ 435.511631][T13034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 435.511644][T13034] Call Trace: [ 435.511650][T13034] [ 435.511660][T13034] dump_stack_lvl+0x16c/0x1f0 [ 435.511688][T13034] should_fail_ex+0x50a/0x650 [ 435.511717][T13034] ? fs_reclaim_acquire+0xae/0x150 [ 435.511745][T13034] ? tomoyo_encode2+0x100/0x3e0 [ 435.511769][T13034] should_failslab+0xc2/0x120 [ 435.511788][T13034] __kmalloc_noprof+0xcb/0x510 [ 435.511823][T13034] tomoyo_encode2+0x100/0x3e0 [ 435.511851][T13034] tomoyo_encode+0x29/0x50 [ 435.511874][T13034] tomoyo_realpath_from_path+0x19d/0x720 [ 435.511908][T13034] tomoyo_check_open_permission+0x2ad/0x3c0 [ 435.511931][T13034] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 435.511964][T13034] ? __pfx___lock_acquire+0x10/0x10 [ 435.511990][T13034] ? __pfx___lock_acquire+0x10/0x10 [ 435.512030][T13034] ? __pfx_hook_file_open+0x10/0x10 [ 435.512054][T13034] ? lock_acquire+0x2f/0xb0 [ 435.512078][T13034] ? mnt_get_write_access+0x6a/0x300 [ 435.512103][T13034] tomoyo_file_open+0x6b/0x90 [ 435.512133][T13034] security_file_open+0x84/0x1e0 [ 435.512158][T13034] do_dentry_open+0x57c/0x1c40 [ 435.512189][T13034] ? inode_permission+0xdd/0x5f0 [ 435.512212][T13034] vfs_open+0x82/0x3f0 [ 435.512231][T13034] ? may_open+0x1f2/0x400 [ 435.512254][T13034] path_openat+0x1e88/0x2d80 [ 435.512291][T13034] ? __pfx_path_openat+0x10/0x10 [ 435.512318][T13034] ? __pfx___lock_acquire+0x10/0x10 [ 435.512342][T13034] ? lock_acquire.part.0+0x11b/0x380 [ 435.512367][T13034] ? find_held_lock+0x2d/0x110 [ 435.512392][T13034] do_filp_open+0x20c/0x470 [ 435.512419][T13034] ? __pfx_do_filp_open+0x10/0x10 [ 435.512444][T13034] ? find_held_lock+0x2d/0x110 [ 435.512473][T13034] ? __pfx_kfree_link+0x10/0x10 [ 435.512508][T13034] ? alloc_fd+0x41f/0x760 [ 435.512543][T13034] do_sys_openat2+0x17a/0x1e0 [ 435.512563][T13034] ? __pfx_do_sys_openat2+0x10/0x10 [ 435.512594][T13034] __x64_sys_openat+0x175/0x210 [ 435.512615][T13034] ? __pfx___x64_sys_openat+0x10/0x10 [ 435.512635][T13034] ? ksys_read+0x1ba/0x250 [ 435.512670][T13034] do_syscall_64+0xcd/0x250 [ 435.512695][T13034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.512722][T13034] RIP: 0033:0x7f63c358b750 [ 435.512738][T13034] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 435.512757][T13034] RSP: 002b:00007f63c431afe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 435.512777][T13034] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f63c358b750 [ 435.512789][T13034] RDX: 0000000000000002 RSI: 00007f63c360e585 RDI: 00000000ffffff9c [ 435.512802][T13034] RBP: 00007f63c360e585 R08: 0000000000000000 R09: 00007f63c431c000 [ 435.512814][T13034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 435.512825][T13034] R13: 0000000000000000 R14: 00007f63c37a5fa0 R15: 00007ffc4940fcd8 [ 435.512851][T13034] [ 435.512873][T13034] ERROR: Out of memory at tomoyo_realpath_from_path. [ 435.845292][T13034] FAULT_INJECTION: forcing a failure. [ 435.845292][T13034] name failslab, interval 1, probability 0, space 0, times 0 [ 435.858123][T13034] CPU: 0 UID: 0 PID: 13034 Comm: syz.0.1862 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 435.858156][T13034] Tainted: [U]=USER [ 435.858164][T13034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 435.858177][T13034] Call Trace: [ 435.858184][T13034] [ 435.858193][T13034] dump_stack_lvl+0x16c/0x1f0 [ 435.858226][T13034] should_fail_ex+0x50a/0x650 [ 435.858259][T13034] ? fs_reclaim_acquire+0xae/0x150 [ 435.858289][T13034] ? tomoyo_realpath_from_path+0xb9/0x720 [ 435.858321][T13034] should_failslab+0xc2/0x120 [ 435.858344][T13034] __kmalloc_noprof+0xcb/0x510 [ 435.858377][T13034] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 435.858411][T13034] ? rcu_is_watching+0x12/0xc0 [ 435.858439][T13034] tomoyo_realpath_from_path+0xb9/0x720 [ 435.858490][T13034] tomoyo_check_open_permission+0x2ad/0x3c0 [ 435.858519][T13034] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 435.858559][T13034] ? __pfx___lock_acquire+0x10/0x10 [ 435.858607][T13034] ? __pfx_hook_file_open+0x10/0x10 [ 435.858635][T13034] ? lock_acquire+0x2f/0xb0 [ 435.858668][T13034] tomoyo_file_open+0x6b/0x90 [ 435.858703][T13034] security_file_open+0x84/0x1e0 [ 435.858731][T13034] do_dentry_open+0x57c/0x1c40 [ 435.858765][T13034] ? inode_permission+0xdd/0x5f0 [ 435.858791][T13034] vfs_open+0x82/0x3f0 [ 435.858811][T13034] ? may_open+0x1f2/0x400 [ 435.858834][T13034] path_openat+0x1e88/0x2d80 [ 435.858880][T13034] ? __pfx_path_openat+0x10/0x10 [ 435.858910][T13034] ? __pfx___lock_acquire+0x10/0x10 [ 435.858937][T13034] ? lock_acquire.part.0+0x11b/0x380 [ 435.858966][T13034] ? find_held_lock+0x2d/0x110 [ 435.858994][T13034] do_filp_open+0x20c/0x470 [ 435.859025][T13034] ? __pfx_do_filp_open+0x10/0x10 [ 435.859054][T13034] ? find_held_lock+0x2d/0x110 [ 435.859101][T13034] ? alloc_fd+0x41f/0x760 [ 435.859140][T13034] do_sys_openat2+0x17a/0x1e0 [ 435.859161][T13034] ? __pfx_do_sys_openat2+0x10/0x10 [ 435.859187][T13034] ? __fget_files+0x206/0x3a0 [ 435.859222][T13034] __x64_sys_openat+0x175/0x210 [ 435.859245][T13034] ? __pfx___x64_sys_openat+0x10/0x10 [ 435.859286][T13034] ? ksys_write+0x1ba/0x250 [ 435.859327][T13034] do_syscall_64+0xcd/0x250 [ 435.859358][T13034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.859389][T13034] RIP: 0033:0x7f63c358cde9 [ 435.859408][T13034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 435.859429][T13034] RSP: 002b:00007f63c431b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 435.859451][T13034] RAX: ffffffffffffffda RBX: 00007f63c37a5fa0 RCX: 00007f63c358cde9 [ 435.859472][T13034] RDX: 0000000000004000 RSI: 0000400000000140 RDI: ffffffffffffff9c [ 435.859487][T13034] RBP: 00007f63c431b090 R08: 0000000000000000 R09: 0000000000000000 [ 435.859501][T13034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 435.859514][T13034] R13: 0000000000000000 R14: 00007f63c37a5fa0 R15: 00007ffc4940fcd8 [ 435.859545][T13034] [ 436.366373][T13045] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1867'. [ 436.509981][T13051] cougar: G6 mapped to space [ 436.731868][T13055] cougar: G6 mapped to space [ 436.772085][T13057] can: request_module (can-proto-0) failed. [ 437.490469][T13084] FAULT_INJECTION: forcing a failure. [ 437.490469][T13084] name failslab, interval 1, probability 0, space 0, times 0 [ 437.510198][T13084] CPU: 0 UID: 0 PID: 13084 Comm: syz.2.1876 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 437.510236][T13084] Tainted: [U]=USER [ 437.510244][T13084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 437.510258][T13084] Call Trace: [ 437.510264][T13084] [ 437.510274][T13084] dump_stack_lvl+0x16c/0x1f0 [ 437.510309][T13084] should_fail_ex+0x50a/0x650 [ 437.510344][T13084] ? fs_reclaim_acquire+0xae/0x150 [ 437.510377][T13084] ? s_start+0x7b/0x310 [ 437.510406][T13084] should_failslab+0xc2/0x120 [ 437.510429][T13084] __kmalloc_cache_noprof+0x68/0x410 [ 437.510461][T13084] ? trace_kmalloc+0x2d/0xd0 [ 437.510486][T13084] ? __kmalloc_node_noprof+0x23d/0x510 [ 437.510539][T13084] s_start+0x7b/0x310 [ 437.510576][T13084] seq_read_iter+0x2ab/0x12b0 [ 437.510621][T13084] seq_read+0x39f/0x4e0 [ 437.510650][T13084] ? __pfx_seq_read+0x10/0x10 [ 437.510699][T13084] ? rw_verify_area+0xcf/0x680 [ 437.510727][T13084] ? __pfx_seq_read+0x10/0x10 [ 437.510757][T13084] vfs_read+0x1df/0xbf0 [ 437.510787][T13084] ? __fget_files+0x1fc/0x3a0 [ 437.510820][T13084] ? __pfx___mutex_lock+0x10/0x10 [ 437.510849][T13084] ? __pfx_vfs_read+0x10/0x10 [ 437.510889][T13084] ? __fget_files+0x206/0x3a0 [ 437.510931][T13084] ksys_read+0x12b/0x250 [ 437.510961][T13084] ? __pfx_ksys_read+0x10/0x10 [ 437.511002][T13084] do_syscall_64+0xcd/0x250 [ 437.511033][T13084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.511064][T13084] RIP: 0033:0x7f23f118cde9 [ 437.511084][T13084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 437.511106][T13084] RSP: 002b:00007f23f1f65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 437.511128][T13084] RAX: ffffffffffffffda RBX: 00007f23f13a5fa0 RCX: 00007f23f118cde9 [ 437.511144][T13084] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 437.511159][T13084] RBP: 00007f23f1f65090 R08: 0000000000000000 R09: 0000000000000000 [ 437.511173][T13084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 437.511187][T13084] R13: 0000000000000000 R14: 00007f23f13a5fa0 R15: 00007ffd964d06c8 [ 437.511220][T13084] [ 437.511241][T13084] [ 437.728835][T13084] ===================================== [ 437.734364][T13084] WARNING: bad unlock balance detected! [ 437.739914][T13084] 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 Tainted: G U [ 437.748509][T13084] ------------------------------------- [ 437.754042][T13084] syz.2.1876/13084 is trying to release lock (event_mutex) at: [ 437.761601][T13084] [] seq_read_iter+0x5ff/0x12b0 [ 437.768028][T13084] but there are no more locks to release! [ 437.773731][T13084] [ 437.773731][T13084] other info that might help us debug this: [ 437.781773][T13084] 2 locks held by syz.2.1876/13084: [ 437.786958][T13084] #0: ffff88803240f5f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x267/0x390 [ 437.796022][T13084] #1: ffff888022353c30 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xd8/0x12b0 [ 437.804904][T13084] [ 437.804904][T13084] stack backtrace: [ 437.810786][T13084] CPU: 0 UID: 0 PID: 13084 Comm: syz.2.1876 Tainted: G U 6.14.0-rc3-syzkaller-00079-g87a132e73910 #0 [ 437.810812][T13084] Tainted: [U]=USER [ 437.810818][T13084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 437.810829][T13084] Call Trace: [ 437.810835][T13084] [ 437.810842][T13084] dump_stack_lvl+0x116/0x1f0 [ 437.810867][T13084] ? seq_read_iter+0x5ff/0x12b0 [ 437.810888][T13084] print_unlock_imbalance_bug+0x1aa/0x1f0 [ 437.810913][T13084] lock_release+0x525/0x6f0 [ 437.810936][T13084] ? seq_read_iter+0x5ff/0x12b0 [ 437.810958][T13084] ? __pfx_lock_release+0x10/0x10 [ 437.810981][T13084] ? s_start+0x7b/0x310 [ 437.811004][T13084] ? mark_held_locks+0x9f/0xe0 [ 437.811028][T13084] ? dump_stack_lvl+0x185/0x1f0 [ 437.811048][T13084] ? lockdep_hardirqs_on+0x7c/0x110 [ 437.811071][T13084] __mutex_unlock_slowpath+0xa3/0x6a0 [ 437.811093][T13084] ? rcu_is_watching+0x12/0xc0 [ 437.811112][T13084] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 437.811134][T13084] ? __kmalloc_cache_noprof+0x2a2/0x410 [ 437.811160][T13084] ? rcu_is_watching+0x12/0xc0 [ 437.811178][T13084] ? kfree+0x260/0x4d0 [ 437.811200][T13084] ? s_start+0x27d/0x310 [ 437.811224][T13084] seq_read_iter+0x5ff/0x12b0 [ 437.811251][T13084] seq_read+0x39f/0x4e0 [ 437.811272][T13084] ? __pfx_seq_read+0x10/0x10 [ 437.811299][T13084] ? rw_verify_area+0xcf/0x680 [ 437.811320][T13084] ? __pfx_seq_read+0x10/0x10 [ 437.811341][T13084] vfs_read+0x1df/0xbf0 [ 437.811365][T13084] ? __fget_files+0x1fc/0x3a0 [ 437.811390][T13084] ? __pfx___mutex_lock+0x10/0x10 [ 437.811411][T13084] ? __pfx_vfs_read+0x10/0x10 [ 437.811436][T13084] ? __fget_files+0x206/0x3a0 [ 437.811463][T13084] ksys_read+0x12b/0x250 [ 437.811491][T13084] ? __pfx_ksys_read+0x10/0x10 [ 437.811518][T13084] do_syscall_64+0xcd/0x250 [ 437.811541][T13084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.811566][T13084] RIP: 0033:0x7f23f118cde9 [ 437.811581][T13084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 437.811599][T13084] RSP: 002b:00007f23f1f65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 437.811615][T13084] RAX: ffffffffffffffda RBX: 00007f23f13a5fa0 RCX: 00007f23f118cde9 [ 437.811628][T13084] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 437.811639][T13084] RBP: 00007f23f1f65090 R08: 0000000000000000 R09: 0000000000000000 [ 437.811650][T13084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 437.811661][T13084] R13: 0000000000000000 R14: 00007f23f13a5fa0 R15: 00007ffd964d06c8 [ 437.811678][T13084]