last executing test programs: 1m17.171589933s ago: executing program 2 (id=2561): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/drivers\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)=""/158, 0x9e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop3\x00', 0x200b02, 0x0) fanotify_init$auto(0x5, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/ext4/sda1/sra_exceeded_retry_limit\x00', 0x103080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000003800)=""/168, 0xa8) io_uring_setup$auto(0x6, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/trace_marker\x00', 0x145e02, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r2 = socket(0x1d, 0x3, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm1c/sub6/info\x00', 0x100, 0x0) getsockopt$auto(r2, 0x65, 0x5, 0x0, 0x0) 1m16.49120957s ago: executing program 2 (id=2563): r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) getdents$auto(r0, &(0x7f0000000080)={0x7, 0xc, 0x3ff}, 0x201) 1m16.297905403s ago: executing program 2 (id=2565): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="720100003f710cd00ab4e54fcf0a3835db4860b50efdb6edb6f3601b742a6ceb338e0bc65ea25d3b8577d71e602980887a6336b41666bb41728e1fe403e06581cd4891f8d33bddf705c95264d8a41060bb1b0bf87b4baf5be1890ba9c9f1c1c9217b2d918d7764eb32c427ed8394a7165a215a40246a80f86da3fa26d4278e6246804c42e6bbd26a127e007ff36c8a2c71003ce161162d531f5f0850222a23e40b11a186c360f59e54ae96e6da213b08f794503718e46b0000000000000000122ba0b58925582044ca93fef1a9d13f5498e0f9123e1a940bedb2f15269028daad95080efccbf32fb1f7bc5ff0c9b7ce2efcf731ac1801007067599e0e55239007deebc8fda881d0bac1c0e620989a22d24181d82873f066ff26ba65cff98b3e82c162995725b26b33dfed4", @ANYRES32=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x2006, 0x6, 0x8c48, 0x29b, 0x7f, 0x7f, 0x4, 0x6}, {0x100, 0x1, 0x52, 0x8, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0xfffffffd}}) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2519000000a4a5999f7dc195604d5bbe6cf3fa35547bd23cd7fa791051793fef158d99d0648dd5f28652a00bd9f49f4632b95305bf8c2d4ba7dfb2c0b06c89aab775f3ebd5b6fb0b9320c0e3f8d6bf71cf77973ffa1b0fe4d5ef17482b08cca957280fe38ecdded98ecb2f3f117ec9e5dc5da142babec71d3c6e78cf78b60be908bee33cbb813725481cf5310f183ef5786f8a490b0ff793fd11"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x804) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nf_conntrack/parameters/hashsize\x00', 0xa102, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim0/accept_source_route\x00', 0xc0202, 0x0) sendfile$auto(r2, r3, 0x0, 0x5b) mmap$auto(0x0, 0xd, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmdt$auto(0x0) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd700002dcdf250200000004000800040008000808011004001080"], 0x24}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) 1m15.575701968s ago: executing program 2 (id=2566): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x2006, 0x6, 0x8c48, 0x29b, 0x7f, 0x7f, 0x4, 0x6}, {0x100, 0x1, 0x52, 0x8, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0xfffffffd}}) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2519000000a4a5999f7dc195604d5bbe6cf3fa35547bd23cd7fa791051793fef158d99d0648dd5f28652a00bd9f49f4632b95305bf8c2d4ba7dfb2c0b06c89aab775f3ebd5b6fb0b9320c0e3f8d6bf71cf77973ffa1b0fe4d5ef17482b08cca957280fe38ecdded98ecb2f3f117ec9e5dc5da142babec71d3c6e78cf78b60be908bee33cbb813725481cf5310f183ef5786f8a490b0ff793fd11"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x804) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nf_conntrack/parameters/hashsize\x00', 0xa102, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim0/accept_source_route\x00', 0xc0202, 0x0) sendfile$auto(r2, r3, 0x0, 0x5b) mmap$auto(0x0, 0xd, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmdt$auto(&(0x7f0000000000)='(\x00') r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010025bd700002dcdf250200000004000800040008000808011004001080"], 0x24}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) 1m14.771689002s ago: executing program 2 (id=2569): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) write$auto(0xffffffffffffffff, 0x0, 0x7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYRES16=0x0, @ANYBLOB="2f212abd7800fddb"], 0x14}}, 0x4000000) socket(0x1d, 0x2, 0x6) setsockopt$auto(0x3, 0x69, 0x5, 0xffffffffffffffff, 0x5) mmap$auto(0x2, 0xffffffff, 0x0, 0x410, r0, 0x101) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x3]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4810}, 0x800) close_range$auto(r2, 0x8, 0x1107) statmount$auto(0x0, &(0x7f0000000480)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x384, 0x10001, 0x8, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84}, 0x9, 0xd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyc7/dev\x00', 0x4000, 0x0) ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0xe73, 0xbb}, 0x20, 0x0, 0x0, 0x8) 1m13.211765549s ago: executing program 2 (id=2575): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer\x00', 0x0, 0x0) ioctl$auto_SNDCTL_SEQ_THRESHOLD(r1, 0x4004510d, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_register$auto(0x10, 0x7, 0xfffffffffffffffc, 0x1) r3 = socket(0x9, 0x1, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x0) pipe2$auto(0x0, 0x80) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r5 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) ioctl$auto_TUNSETVNETLE2(r5, 0x400454dc, 0x0) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r3) r7 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto_RTC_WKALM_RD(r7, 0x80287010, &(0x7f00000001c0)={0x1, 0x2, {0x7, 0x6, 0x8, 0x7, 0x11, 0x101, 0x4d4b6a92, 0xc, 0x9}}) r8 = getpid() process_vm_readv$auto(r8, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="04010000", @ANYRES16=r6, @ANYBLOB="000125bd7000fbdbdf250700000008001c00", @ANYRES32=r8, @ANYBLOB="05001200080000000c002e800800ae00ffffffff1400040076657468305f746f5f68737200000000a8002d809100e780f994f9b391316f24fa09192d3264478cdf0681ef8b848605fa3d7ae821f9f922072f6c873c36fc72f5944680c3ee5f88a4739ad41f30df6df64524d0b81b5892d0a06e8a7818f2cd7f470a7d3749545cedbacb84eac07a5cec6b56b73e28ba4600fbb16180a67f89eff562dc172dfc95dab69ca6f7e96416a8357f4a89024d1eb5b71ada5c040014800400ac8000000010002a800400ae800800b90064010102080005000500000008001c00", @ANYRES32, @ANYBLOB="0500120006000092"], 0x104}, 0x1, 0x0, 0x0, 0x800}, 0x40800) r9 = prctl$auto(0x8, 0x8001, 0x0, 0xc, 0xfffffffffffffff9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r9) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="cc050000", @ANYRES16=r6, @ANYBLOB="000827bd70008b9fd264210009000000060008de0d4a0000020008001d00", @ANYRES32=r9, @ANYBLOB="08000c000e0000000b042e805a79024310152ce400ab8008004d00e0000002c2b10bead7d84b8b689d80b56566792b3a797756fb3dc429b0f7b8bfa052599791d3a3e8cf9f4bca52e841173a5406c821b7f3af6193546c6715f0c87703d71373ed2929971ef3c2471cba29b9e4aa32a749b6cf605074a4df77a0c7670ccaa649480f642ed74b24380789be02b18c60e76e3c6ea21d9cabb44a92f78d0dc48e040181d51c65eb931b32cba27041e2bc5e2ae989b18f9c438acca8b998d305bc892909227344e290e36ca45ca644697f14037aa3063cde10e2e7c7a5bd8d23e2df762e72e362907172602e47cd67981a63016381da98343c07032f80b7027980ed0098800400b0800800a100030000008d8817bf57f4e786f3c4869dee67b211ea91f52b490bb8d43475678b8166b21ea3128070203f33fa785799869970853d425658347cebd6af5ed725006ace89652dfca87fc52bfd4ac7e3b20ed1e19c731e0ad9487e927a496cd06be354e732d8362f93f84faf84c7f08e122d76e521f4977e8aa86ec0f5ee1fd1973cf928f349baf069994aa211b88cf576c712b10ec46a1ee49f2a87325ad3f1163449e0d83d512d4d96ef493a453f58a842bbeb1eacf77299987547d06d58b0fec0f38adc2141e03cb615e881c01a08027a655a8857da4ed14ae11cb796c4b1dbb1f90000000c00d08008003100ac14143aba4f375549de545022839c460bc780a1d963eabfdf0988561eae987cb878c7ce1f965333330794b3744449a421886ff52fa445e819b8c19e47bc65a36cbc4430226d53ece54d6c121c99aa71690bb2e5527ecf86906eb32d526dab1f7cf1405cd3c771ad5fd1cc0c4c27b8689496a1ea82525d8de59e77bb5862a77d8fb5884c752e634e9cd9a736a78594d80899f297fbacf2a9dc55c1742186404f995dde0b50c167345ab9911158b093ccd711599adbbc842ae15476f1ce225493f425979fcf48fec3dc095a15ec4237fe07bdc5140f271a31a3a65b380405022c7ec5dd49011a1e08001000", @ANYRES32=r8, @ANYBLOB="6b002980ee618ce3320f0729d21028026235b6a3e005a903f300ed634eb2e40160be8d181ef40dbf9dc3084a0a36126485c37aa874116eaddab2f27288512a4937c82769c3c5b4c5f9a1668443ca580baf8ad4b9f8d14d73b2c8e853211c4faf90a0d04b41b5692c021464001411e3b69e425201734d6ad560e9dddef398bd1bcdd9d2c7bcc2b000a30fb5fcbe2116e98d00b911c3df48506f20ad5c7765baee71ca05057a97a7a6ef02cf3816f62cb01c31f8115f525bc56b469fd811132dad21611aa34378ec882ee17675000400d0800400ff80070088002f5c000044ef42dbfe2df89b0da8604b90b68f325281b43e4ab8a8285a11c8b9b0daa7e52a7ea97dea5ade65fd9d606d601000211c229b7c6dbb25052ea5f4001400a500000000000000000000000000000000000006000a0009000000780130807201608004001e800400bb800400878008004100ac14143f1096e99486d528b24908972d34c6fd266ac040b95f0fddaff43c06023040ea8deaeb738001f4b63a610e659fddbb3d8b0f79a507d64b659dcc735c86d152405ffbb47c54872f9591c7dd7e3bf26fc7e48aaacbb8325bd1186f45f26e73bf2b6acc54c32d1ed080689be83f3626faac23a3908fd2609e0598aae9f1519e1fab82b660b7f7dd1532bf292291f4b3c2ae496e1640211064f820d3e698a28fad95192c016359b8aef63f643c5b70cf808d365beb28185222fb9b05fd28f5fb525eb4fc8dde575418348fc60ea220f7608f03e5a3ed40ae77fd2b155e88ff8efa5100ea70d908ad8f4b180e7038e58c21024a90887f2b77d8c8ae3ed43c6f62c215b3ed154e602a31a20c8d21119f5c9881d8cb50e500123cfa973471be93a6e003934575e838e7d26881e89214ac0a961890d026455e364e658908a61a9a4d6ef7404ac4646f477d43a2cf6933e2b2d15ce3c422efc7b0f4c84100150000080027000000000005001f00e9000000"], 0x5cc}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x2, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 57.990916229s ago: executing program 32 (id=2575): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer\x00', 0x0, 0x0) ioctl$auto_SNDCTL_SEQ_THRESHOLD(r1, 0x4004510d, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_register$auto(0x10, 0x7, 0xfffffffffffffffc, 0x1) r3 = socket(0x9, 0x1, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x0) pipe2$auto(0x0, 0x80) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r5 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) ioctl$auto_TUNSETVNETLE2(r5, 0x400454dc, 0x0) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r3) r7 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto_RTC_WKALM_RD(r7, 0x80287010, &(0x7f00000001c0)={0x1, 0x2, {0x7, 0x6, 0x8, 0x7, 0x11, 0x101, 0x4d4b6a92, 0xc, 0x9}}) r8 = getpid() process_vm_readv$auto(r8, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="04010000", @ANYRES16=r6, @ANYBLOB="000125bd7000fbdbdf250700000008001c00", @ANYRES32=r8, @ANYBLOB="05001200080000000c002e800800ae00ffffffff1400040076657468305f746f5f68737200000000a8002d809100e780f994f9b391316f24fa09192d3264478cdf0681ef8b848605fa3d7ae821f9f922072f6c873c36fc72f5944680c3ee5f88a4739ad41f30df6df64524d0b81b5892d0a06e8a7818f2cd7f470a7d3749545cedbacb84eac07a5cec6b56b73e28ba4600fbb16180a67f89eff562dc172dfc95dab69ca6f7e96416a8357f4a89024d1eb5b71ada5c040014800400ac8000000010002a800400ae800800b90064010102080005000500000008001c00", @ANYRES32, @ANYBLOB="0500120006000092"], 0x104}, 0x1, 0x0, 0x0, 0x800}, 0x40800) r9 = prctl$auto(0x8, 0x8001, 0x0, 0xc, 0xfffffffffffffff9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r9) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="cc050000", @ANYRES16=r6, @ANYBLOB="000827bd70008b9fd264210009000000060008de0d4a0000020008001d00", @ANYRES32=r9, @ANYBLOB="08000c000e0000000b042e805a79024310152ce400ab8008004d00e0000002c2b10bead7d84b8b689d80b56566792b3a797756fb3dc429b0f7b8bfa052599791d3a3e8cf9f4bca52e841173a5406c821b7f3af6193546c6715f0c87703d71373ed2929971ef3c2471cba29b9e4aa32a749b6cf605074a4df77a0c7670ccaa649480f642ed74b24380789be02b18c60e76e3c6ea21d9cabb44a92f78d0dc48e040181d51c65eb931b32cba27041e2bc5e2ae989b18f9c438acca8b998d305bc892909227344e290e36ca45ca644697f14037aa3063cde10e2e7c7a5bd8d23e2df762e72e362907172602e47cd67981a63016381da98343c07032f80b7027980ed0098800400b0800800a100030000008d8817bf57f4e786f3c4869dee67b211ea91f52b490bb8d43475678b8166b21ea3128070203f33fa785799869970853d425658347cebd6af5ed725006ace89652dfca87fc52bfd4ac7e3b20ed1e19c731e0ad9487e927a496cd06be354e732d8362f93f84faf84c7f08e122d76e521f4977e8aa86ec0f5ee1fd1973cf928f349baf069994aa211b88cf576c712b10ec46a1ee49f2a87325ad3f1163449e0d83d512d4d96ef493a453f58a842bbeb1eacf77299987547d06d58b0fec0f38adc2141e03cb615e881c01a08027a655a8857da4ed14ae11cb796c4b1dbb1f90000000c00d08008003100ac14143aba4f375549de545022839c460bc780a1d963eabfdf0988561eae987cb878c7ce1f965333330794b3744449a421886ff52fa445e819b8c19e47bc65a36cbc4430226d53ece54d6c121c99aa71690bb2e5527ecf86906eb32d526dab1f7cf1405cd3c771ad5fd1cc0c4c27b8689496a1ea82525d8de59e77bb5862a77d8fb5884c752e634e9cd9a736a78594d80899f297fbacf2a9dc55c1742186404f995dde0b50c167345ab9911158b093ccd711599adbbc842ae15476f1ce225493f425979fcf48fec3dc095a15ec4237fe07bdc5140f271a31a3a65b380405022c7ec5dd49011a1e08001000", @ANYRES32=r8, @ANYBLOB="6b002980ee618ce3320f0729d21028026235b6a3e005a903f300ed634eb2e40160be8d181ef40dbf9dc3084a0a36126485c37aa874116eaddab2f27288512a4937c82769c3c5b4c5f9a1668443ca580baf8ad4b9f8d14d73b2c8e853211c4faf90a0d04b41b5692c021464001411e3b69e425201734d6ad560e9dddef398bd1bcdd9d2c7bcc2b000a30fb5fcbe2116e98d00b911c3df48506f20ad5c7765baee71ca05057a97a7a6ef02cf3816f62cb01c31f8115f525bc56b469fd811132dad21611aa34378ec882ee17675000400d0800400ff80070088002f5c000044ef42dbfe2df89b0da8604b90b68f325281b43e4ab8a8285a11c8b9b0daa7e52a7ea97dea5ade65fd9d606d601000211c229b7c6dbb25052ea5f4001400a500000000000000000000000000000000000006000a0009000000780130807201608004001e800400bb800400878008004100ac14143f1096e99486d528b24908972d34c6fd266ac040b95f0fddaff43c06023040ea8deaeb738001f4b63a610e659fddbb3d8b0f79a507d64b659dcc735c86d152405ffbb47c54872f9591c7dd7e3bf26fc7e48aaacbb8325bd1186f45f26e73bf2b6acc54c32d1ed080689be83f3626faac23a3908fd2609e0598aae9f1519e1fab82b660b7f7dd1532bf292291f4b3c2ae496e1640211064f820d3e698a28fad95192c016359b8aef63f643c5b70cf808d365beb28185222fb9b05fd28f5fb525eb4fc8dde575418348fc60ea220f7608f03e5a3ed40ae77fd2b155e88ff8efa5100ea70d908ad8f4b180e7038e58c21024a90887f2b77d8c8ae3ed43c6f62c215b3ed154e602a31a20c8d21119f5c9881d8cb50e500123cfa973471be93a6e003934575e838e7d26881e89214ac0a961890d026455e364e658908a61a9a4d6ef7404ac4646f477d43a2cf6933e2b2d15ce3c422efc7b0f4c84100150000080027000000000005001f00e9000000"], 0x5cc}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x2, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 6.323862514s ago: executing program 3 (id=2817): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x5, 0x0) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx9\x00', 0x40, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) fcntl$auto(0x8000000000000001, 0x26, 0x8) close_range$auto(0x2, 0x8, 0x0) 5.180514974s ago: executing program 4 (id=2821): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x200, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gre0/gro_flush_timeout\x00', 0x80302, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) epoll_create$auto(0x3e) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) setreuid$auto(0x0, 0xee00) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) timer_gettime$auto(0x0, 0x0) 4.930687255s ago: executing program 4 (id=2822): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_generic(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0xd, 0x2020009, 0x5, 0xeb1, r0, 0x8000) (async) mmap$auto(0xd, 0x2020009, 0x5, 0xeb1, r0, 0x8000) r1 = socket(0x2, 0x3, 0xa) connect$auto(r1, &(0x7f00000000c0), 0x55) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x0, 0xa02) ustat$auto(0x20000801, &(0x7f0000000000)={0xbff, 0x2, "be5705f65205", "064885ca64ad"}) (async) ustat$auto(0x20000801, &(0x7f0000000000)={0xbff, 0x2, "be5705f65205", "064885ca64ad"}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000100)=ANY=[@ANYRESDEC], 0xa8}}, 0xc2) (async) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000100)=ANY=[@ANYRESDEC], 0xa8}}, 0xc2) sigaltstack$auto(&(0x7f0000000080)={0x0, 0x80000002}, 0x0) mmap$auto(0x0, 0x400005, 0x8000000000000e2, 0x411, 0x2, 0x5) madvise$auto(0x0, 0x80000001, 0x4000e) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) madvise$auto(0x110c230000, 0x8031ca, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r2) (async) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x23, 0x80805, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x5, 0x2000000000002) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mtrr\x00', 0x280000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioctl$auto(0x3, 0x400c4d01, r4) (async) ioctl$auto(0x3, 0x400c4d01, r4) openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r3, 0x0, 0x840) 3.64310542s ago: executing program 3 (id=2826): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x400042, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) r2 = getpgrp(0x0) r3 = fcntl$auto(r0, 0x4040a, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567) unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f00000001c0)) readv$auto(r4, &(0x7f0000000a80)={0x0, 0xffff}, 0x1f) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0) ioctl$auto_TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)=0x4) migrate_pages$auto(0xffffffffffffffff, 0x4000000b7c, &(0x7f0000000080)=0xf, &(0x7f0000000100)=0x7) sendfile$auto(r5, r5, 0x0, 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x6d2fc1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x408440, 0x0) 2.739615008s ago: executing program 0 (id=2829): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="720100003f710cd00ab4e54fcf0a3835db4860b50efdb6edb6f3601b742a6ceb338e0bc65ea25d3b8577d71e602980887a6336b41666bb41728e1fe403e06581cd4891f8d33bddf705c95264d8a41060bb1b0bf87b4baf5be1890ba9c9f1c1c9217b2d918d7764eb32c427ed8394a7165a215a40246a80f86da3fa26d4278e6246804c42e6bbd26a127e007ff36c8a2c71003ce161162d531f5f0850222a23e40b11a186c360f59e54ae96e6da213b08f794503718e46b0000000000000000122ba0b58925582044ca93fef1a9d13f5498e0f9123e1a940bedb2f15269028daad95080efccbf32fb1f7bc5ff0c9b7ce2efcf731ac1801007067599e0e55239007deebc8fda881d0bac1c0e620989a22d24181d82873f066ff26ba65cff98b3e82c162995725b26b33dfed4", @ANYRES32=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x2006, 0x6, 0x8c48, 0x29b, 0x7f, 0x7f, 0x4, 0x6}, {0x100, 0x1, 0x52, 0x8, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0xfffffffd}}) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2519000000a4a5999f7dc195604d5bbe6cf3fa35547bd23cd7fa791051793fef158d99d0648dd5f28652a00bd9f49f4632b95305bf8c2d4ba7dfb2c0b06c89aab775f3ebd5b6fb0b9320c0e3f8d6bf71cf77973ffa1b0fe4d5ef17482b08cca957280fe38ecdded98ecb2f3f117ec9e5dc5da142babec71d3c6e78cf78b60be908bee33cbb813725481cf5310f183ef5786f8a490b0ff793fd11"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x804) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nf_conntrack/parameters/hashsize\x00', 0xa102, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim0/accept_source_route\x00', 0xc0202, 0x0) sendfile$auto(r2, r3, 0x0, 0x5b) mmap$auto(0x0, 0xd, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmdt$auto(&(0x7f0000000000)='(\x00') r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd700002dcdf250200000004"], 0x24}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) 2.416971419s ago: executing program 1 (id=2830): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x200, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gre0/gro_flush_timeout\x00', 0x80302, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) epoll_create$auto(0x3e) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) setreuid$auto(0x0, 0xee00) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) timer_gettime$auto(0x0, 0x0) 2.259672101s ago: executing program 4 (id=2831): ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={"5c61a5057b3a70f95e070cec9c565bd3a0da040a95be17b796f65d14ad18643f", 0xd7, 0x7f, 0x4, 0x9, 0x2}) (async) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, 0x0, 0x14) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x80383, 0x0) (async) getsockopt$auto_SO_TIMESTAMP_NEW(0xffffffffffffffff, 0xf04d, 0x3f, 0x0, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x9) (async) io_setup$auto(0xffff, &(0x7f0000000580)) (async) connect$auto(0x3, 0x0, 0x54) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb1\x00', 0x80002, 0x0) ioctl$auto_FBIOPAN_DISPLAY(r0, 0x4606, &(0x7f0000000500)) 2.07611351s ago: executing program 0 (id=2832): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) r0 = open(&(0x7f0000000100)='./file0\x00', 0x2240, 0x154) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socket(0xa, 0x2, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000440)="c818464ee269e76f8a82dedbad00a6f78f2262c97eb0626a048b8aff4f30e6b029f3a9f8f36d47f1df92475cd5370669cb2a38c2caaa8aee8a5027d9a70141e6e15f180603a745a4b71a3906356d250b4dcb8119c9cd524e7cfbe9d4c6c5e3bfb4eac5102dcfb866eacb9be3a3b182f01b9459fbb8aa4b220874e822965ec027aa1cdcd3fcceecb475bcce525ca2f0d93fc3a55b6db293542312e2087a52a296ff1095c429acc907662f760382be0338c0e82639ae88b600ab123a7f82093dc353160e05be21154673faaef24d680cd9cd3b5d99755492c402faa3b4566781fdafff07000000000000c6ae655d9b93961c13f971e57f10fe6d399cfe74c23eba04ef23ccaa1532acc9bb42dd831ef10110cdce4ffec8954ac6130ecef0f4712e71b2615ba72725f8c8522d669f65df3279f064aa2c5fa6a9072c1a6e0121f1f26efdf5631b675873c13972d33dd93e168bcb00409fad10578be1363203209f2a449f95358e40d701bbcd3a7ac29188540b88036f585cf744f9fbc29f704c7e27cabc8be24001a84db7aaa4f4b7fc19cb4502e54c71a5e1b2a97a3eec2795d790ca6ead6a8103e61341ba5416c0") unshare$auto(0x40000080) mmap$auto(0x0, 0x3f, 0x4000000000e7, 0xeb1, 0x0, 0x8003) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:12/power/runtime_suspended_time\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000140)=""/12, 0xc) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r2 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) writev$auto(r2, &(0x7f00000035c0)={0x0, 0x4}, 0x9) fcntl$auto(r1, 0x400, 0x0) execve$auto(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) 2.071938044s ago: executing program 3 (id=2833): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, 0x0, 0x801, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video39\x00', 0x82, 0x0) read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000001900)=""/4083, 0xff3) write$auto_trace_clock_fops_trace(r1, &(0x7f0000000100)="e45c3d0fe768e7a93166c7155453458e75deade1b781ca34a3f45016cac99ec1f387aa2328834f4f85905e5175470162f076b2b122befc522ca586a3a386257d6cce509d8007c71a9d71627221ae1ea177f90ad797e02336ab91e4be481da4b35f405853642e1716dce3b3d13c0690d287ddadd4fd0c70a490bd91a1c52e75f0df1b058b456b564885f103c4789c511c71f5fc25efe11d05cb61b9cda863f836c1bb1173936c4ec407f67a4d6891a6d33bfb0ed6e0367efde2", 0xb9) mmap$auto_kernfs_file_fops_kernfs_internal(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x9013) socket(0xa, 0x801, 0x84) socket(0x2c, 0x3, 0x0) socket(0x28, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x1, 0x6, 0x5, "a2b8e85fc56865ba529faa000000000000000000000018f4ffffdeffff0000000000c7692a240000008000", @inferred=0xffffffffffffffff}, 0x6, 0x0, 0x7, @inferred, @reserved="fb99d320be0de941ac3f58d7aae0c84cbe332d618e0342771e3ac6e9a9df07cf9b1c017c611ac455c01804d0d3c89bee7005c5affd5ab811fd53443e6cf63a902991b44e48364e8de3f344584996c31f9ae16c6c4f064c38f590125ed26400", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f4ab606c276852295e00af49090000008034"}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x400, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.032286969s ago: executing program 1 (id=2834): bpf$auto(0x3f00, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1, 0x8, 0xf, 0x66b, 0x0, 0x1}, 0x6f4) 1.795655431s ago: executing program 4 (id=2835): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x2006, 0x6, 0x8c48, 0x29b, 0x7f, 0x7f, 0x4, 0x6}, {0x100, 0x1, 0x52, 0x8, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0xfffffffd}}) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2519000000a4a5999f7dc195604d5bbe6cf3fa35547bd23cd7fa791051793fef158d99d0648dd5f28652a00bd9f49f4632b95305bf8c2d4ba7dfb2c0b06c89aab775f3ebd5b6fb0b9320c0e3f8d6bf71cf77973ffa1b0fe4d5ef17482b08cca957280fe38ecdded98ecb2f3f117ec9e5dc5da142babec71d3c6e78cf78b60be908bee33cbb813725481cf5310f183ef5786f8a490b0ff793fd11"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x804) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nf_conntrack/parameters/hashsize\x00', 0xa102, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim0/accept_source_route\x00', 0xc0202, 0x0) sendfile$auto(r2, r3, 0x0, 0x5b) mmap$auto(0x0, 0xd, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmdt$auto(&(0x7f0000000000)='(\x00') r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd700002dcdf250200000004000800040008000808011004001080"], 0x24}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) 1.794262243s ago: executing program 3 (id=2836): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x5, 0x0) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx9\x00', 0x40, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) fcntl$auto(0x8000000000000001, 0x26, 0x8) close_range$auto(0x2, 0x8, 0x0) 1.723764749s ago: executing program 1 (id=2837): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) io_uring_setup$auto(0x2, &(0x7f0000000240)={0x8, 0x8, 0x4, 0x3, 0x4, 0x8, 0xffffffffffffffff, [0x6, 0xc4f, 0x401], {0x5711, 0x379645e4, 0x2, 0x5, 0x10001, 0x6, 0x81, 0xffffff01, 0xcb}, {0x9, 0x1, 0x9, 0xffffffff, 0xabfd, 0x8, 0x1, 0x9, 0x4}}) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x800) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x80) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x200, 0x0, 0x2000}, {0xfffffffa, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) open(0x0, 0x22240, 0x80) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) shmctl$auto(0x6, 0x3, &(0x7f0000000840)={{0x4, 0x0, 0xee01, 0xfffffffe, 0x45, 0x9}, 0x7, 0x9247, 0x401, 0x6, @inferred, @inferred, 0x101, 0x0, &(0x7f0000000780), &(0x7f0000000800)}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1], 0x14}, 0x1, 0x0, 0x0, 0x48884}, 0x4) 1.324267826s ago: executing program 0 (id=2838): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, 0x0, 0x801, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video39\x00', 0x82, 0x0) read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000001900)=""/4083, 0xff3) write$auto_trace_clock_fops_trace(r1, &(0x7f0000000100)="e45c3d0fe768e7a93166c7155453458e75deade1b781ca34a3f45016cac99ec1f387aa2328834f4f85905e5175470162f076b2b122befc522ca586a3a386257d6cce509d8007c71a9d71627221ae1ea177f90ad797e02336ab91e4be481da4b35f405853642e1716dce3b3d13c0690d287ddadd4fd0c70a490bd91a1c52e75f0df1b058b456b564885f103c4789c511c71f5fc25efe11d05cb61b9cda863f836c1bb1173936c4ec407f67a4d6891a6d33bfb0ed6e0367efde2", 0xb9) mmap$auto_kernfs_file_fops_kernfs_internal(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x9013) socket(0xa, 0x801, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2c, 0x3, 0x0) r3 = socket(0x28, 0x1, 0x0) getsockopt$auto(r3, 0x28, 0x1, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, '\x00\x00\x00?\x00'}, 0x55) 1.269160077s ago: executing program 4 (id=2839): socket(0x21, 0x2, 0x2) (fail_nth: 6) 883.73342ms ago: executing program 0 (id=2840): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="720100003f710cd00ab4e54fcf0a3835db4860b50efdb6edb6f3601b742a6ceb338e0bc65ea25d3b8577d71e602980887a6336b41666bb41728e1fe403e06581cd4891f8d33bddf705c95264d8a41060bb1b0bf87b4baf5be1890ba9c9f1c1c9217b2d918d7764eb32c427ed8394a7165a215a40246a80f86da3fa26d4278e6246804c42e6bbd26a127e007ff36c8a2c71003ce161162d531f5f0850222a23e40b11a186c360f59e54ae96e6da213b08f794503718e46b0000000000000000122ba0b58925582044ca93fef1a9d13f5498e0f9123e1a940bedb2f15269028daad95080efccbf32fb1f7bc5ff0c9b7ce2efcf731ac1801007067599e0e55239007deebc8fda881d0bac1c0e620989a22d24181d82873f066ff26ba65cff98b3e82c162995725b26b33dfed4", @ANYRES32=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x2006, 0x6, 0x8c48, 0x29b, 0x7f, 0x7f, 0x4, 0x6}, {0x100, 0x1, 0x52, 0x8, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0xfffffffd}}) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2519000000a4a5999f7dc195604d5bbe6cf3fa35547bd23cd7fa791051793fef158d99d0648dd5f28652a00bd9f49f4632b95305bf8c2d4ba7dfb2c0b06c89aab775f3ebd5b6fb0b9320c0e3f8d6bf71cf77973ffa1b0fe4d5ef17482b08cca957280fe38ecdded98ecb2f3f117ec9e5dc5da142babec71d3c6e78cf78b60be908bee33cbb813725481cf5310f183ef5786f8a490b0ff793fd11"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x804) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nf_conntrack/parameters/hashsize\x00', 0xa102, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim0/accept_source_route\x00', 0xc0202, 0x0) sendfile$auto(r2, r3, 0x0, 0x5b) mmap$auto(0x0, 0xd, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmdt$auto(&(0x7f0000000000)='(\x00') r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd700002dcdf250200000004"], 0x24}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) 812.563604ms ago: executing program 4 (id=2841): unshare$auto(0x40000080) r0 = socket(0x0, 0x6, 0x7fffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) r1 = socket(0x28, 0x1, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYRES32=r1], 0x14}}, 0x4000000) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb1\x00', 0x0, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f00000000c0)="58fcb282bcbc38bfaef257e019406e8ec445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e9ce53883444996d1721d7f3ae627c6c68118e15b5a753fd37910fbc02d898cfc8254c80582fc6184113a38c8937e") openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.max.depth\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) read$auto(0x3, 0x0, 0x80) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x20000000003, 0x19, 0xffffffffffffffff, 0x800000000008000) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f00000001c0), 0x1cb803, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x6) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x80100, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0xa, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x7, 0x10000000000007, 0xd, 0x1, 0x800000000948b, 0x80000001, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x10000007, 0x1, 0x5, 0x2]}, 0x0) unshare$auto(0x40001080) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0) io_uring_setup$auto(0x4bf15e08, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, &(0x7f0000000180)={0x1, 0xfa, 0xd, 0x1, 0x8418, "e7b555facc1e8f000100"}) bpf$auto(0xfffffffc, &(0x7f0000000480)=@link_update={0xa, @new_map_fd, 0x4007, @old_map_fd=r0}, 0xa1) 729.475252ms ago: executing program 1 (id=2842): openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20008004) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0xf0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000001740)='/dev/snd/controlC0\x00', 0x2100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) 468.950751ms ago: executing program 1 (id=2843): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x200, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gre0/gro_flush_timeout\x00', 0x80302, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) epoll_create$auto(0x3e) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) socket(0x2, 0x3, 0x100) socket(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) setreuid$auto(0x0, 0xee00) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) timer_gettime$auto(0x0, 0x0) 305.98095ms ago: executing program 3 (id=2844): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1, 0x8, 0xf, 0x66b, 0x0, 0x1}, 0x6f4) setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000040)={{0x6, 0x5}, {0x2ffd, 0x1}}, &(0x7f0000000080)={{0x8, 0xe1}, {0x5, 0x485f}}) setsockopt$auto_SO_TIMESTAMP_OLD(r0, 0x616f, 0x1d, &(0x7f0000000000)='@!}\'\x00', 0x5290) 218.517902ms ago: executing program 0 (id=2845): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) r1 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, 0x0, 0x801, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video39\x00', 0x82, 0x0) read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000001900)=""/4083, 0xff3) write$auto_trace_clock_fops_trace(r1, &(0x7f0000000100)="e45c3d0fe768e7a93166c7155453458e75deade1b781ca34a3f45016cac99ec1f387aa2328834f4f85905e5175470162f076b2b122befc522ca586a3a386257d6cce509d8007c71a9d71627221ae1ea177f90ad797e02336ab91e4be481da4b35f405853642e1716dce3b3d13c0690d287ddadd4fd0c70a490bd91a1c52e75f0df1b058b456b564885f103c4789c511c71f5fc25efe11d05cb61b9cda863f836c1bb1173936c4ec407f67a4d6891a6d33bfb0ed6e0367efde2", 0xb9) mmap$auto_kernfs_file_fops_kernfs_internal(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0x9013) socket(0xa, 0x801, 0x84) socket(0x2c, 0x3, 0x0) socket(0x28, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x1, 0x6, 0x5, "a2b8e85fc56865ba529faa000000000000000000000018f4ffffdeffff0000000000c7692a240000008000", @inferred=0xffffffffffffffff}, 0x6, 0x0, 0x7, @inferred, @reserved="fb99d320be0de941ac3f58d7aae0c84cbe332d618e0342771e3ac6e9a9df07cf9b1c017c611ac455c01804d0d3c89bee7005c5affd5ab811fd53443e6cf63a902991b44e48364e8de3f344584996c31f9ae16c6c4f064c38f590125ed26400", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f4ab606c276852295e00af49090000008034"}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x400, 0x0) close_range$auto(0x2, 0x8, 0x0) 209.528074ms ago: executing program 1 (id=2846): unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/ceph/parameters/disable_send_metrics\x00', 0xc0202, 0x0) write$auto(r0, &(0x7f0000000000)='P^\x00', 0x8) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) mmap$auto(0x0, 0x9, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8001) r2 = socket(0x18, 0x2, 0xb) socket(0x22, 0x80000, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x1010, r3, 0x0) bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x200000, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x0, 0x40000003, 0x18, 0xfffffffffffffffa, 0xfffffffffffffff6) capget$auto(0x0, 0xfffffffffffffffe) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) r4 = pidfd_open$auto(0x1, 0x5) setns(r4, 0x60020000) umount2$auto(&(0x7f0000000080)='.\x00', 0xa) ioprio_set$auto(0x2, 0x800000000, 0x8) mmap$auto(0x0, 0x4, 0x6, 0x40eb3, 0x401, 0x300000000000) move_pages$auto(0x0, 0x5, 0x0, &(0x7f00000003c0)=0x1, 0x0, 0x2) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) bind$auto(0x3, &(0x7f0000000040)=@l2={0x1f, 0x240, @none, 0x1d, 0x2}, 0x6c) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 31.210812ms ago: executing program 3 (id=2847): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) fcntl$auto(0xffffffffffffffff, 0x400, 0x0) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socket(0xa, 0x2, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000440)="c818464ee269e76f8a82dedbad00a6f78f2262c97eb0626a048b8aff4f30e6b029f3a9f8f36d47f1df92475cd5370669cb2a38c2caaa8aee8a5027d9a70141e6e15f180603a745a4b71a3906356d250b4dcb8119c9cd524e7cfbe9d4c6c5e3bfb4eac5102dcfb866eacb9be3a3b182f01b9459fbb8aa4b220874e822965ec027aa1cdcd3fcceecb475bcce525ca2f0d93fc3a55b6db293542312e2087a52a296ff1095c429acc907662f760382be0338c0e82639ae88b600ab123a7f82093dc353160e05be21154673faaef24d680cd9cd3b5d99755492c402faa3b4566781fdafff07000000000000c6ae655d9b93961c13f971e57f10fe6d399cfe74c23eba04ef23ccaa1532acc9bb42dd831ef10110cdce4ffec8954ac6130ecef0f4712e71b2615ba72725f8c8522d669f65df3279f064aa2c5fa6a9072c1a6e0121f1f26efdf5631b675873c13972d33dd93e168bcb00409fad10578be1363203209f2a449f95358e40d701bbcd3a7ac29188540b88036f585cf744f9fbc29f704c7e27cabc8be24001a84db7aaa4f4b7fc19cb4502e54c71a5e1b2a97a3eec2795d790ca6ead6a8103e61341ba5416c0") unshare$auto(0x40000080) mmap$auto(0x0, 0x3f, 0x4000000000e7, 0xeb1, 0x0, 0x8003) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:12/power/runtime_suspended_time\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/12, 0xc) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r1 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) writev$auto(r1, &(0x7f00000035c0)={0x0, 0x4}, 0x9) fcntl$auto(r0, 0x400, 0x0) execve$auto(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) 0s ago: executing program 0 (id=2848): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x2006, 0x6, 0x8c48, 0x29b, 0x7f, 0x7f, 0x4, 0x6}, {0x100, 0x1, 0x52, 0x8, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0xfffffffd}}) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2519000000a4a5999f7dc195604d5bbe6cf3fa35547bd23cd7fa791051793fef158d99d0648dd5f28652a00bd9f49f4632b95305bf8c2d4ba7dfb2c0b06c89aab775f3ebd5b6fb0b9320c0e3f8d6bf71cf77973ffa1b0fe4d5ef17482b08cca957280fe38ecdded98ecb2f3f117ec9e5dc5da142babec71d3c6e78cf78b60be908bee33cbb813725481cf5310f183ef5786f8a490b0ff793fd11"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x804) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nf_conntrack/parameters/hashsize\x00', 0xa102, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim0/accept_source_route\x00', 0xc0202, 0x0) sendfile$auto(r2, r3, 0x0, 0x5b) mmap$auto(0x0, 0xd, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmdt$auto(&(0x7f0000000000)='(\x00') r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd700002dcdf250200000004000800040008000808011004001080"], 0x24}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) kernel console output (not intermixed with test programs): ame: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 650.508997][T20420] Call Trace: [ 650.509007][T20420] [ 650.509018][T20420] dump_stack_lvl+0x16c/0x1f0 [ 650.509071][T20420] should_fail_ex+0x512/0x640 [ 650.509115][T20420] _copy_from_user+0x2e/0xd0 [ 650.509157][T20420] move_addr_to_kernel+0x65/0x170 [ 650.509192][T20420] __copy_msghdr+0x386/0x470 [ 650.509234][T20420] copy_msghdr_from_user+0xc1/0x160 [ 650.509277][T20420] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 650.509327][T20420] ? __pfx__kstrtoull+0x10/0x10 [ 650.509383][T20420] ___sys_sendmsg+0xfe/0x1d0 [ 650.509428][T20420] ? __pfx____sys_sendmsg+0x10/0x10 [ 650.509499][T20420] ? find_held_lock+0x2b/0x80 [ 650.509554][T20420] ? proc_fail_nth_write+0x9f/0x250 [ 650.509599][T20420] ? find_held_lock+0x2b/0x80 [ 650.509643][T20420] __sys_sendmmsg+0x200/0x420 [ 650.509692][T20420] ? __pfx___sys_sendmmsg+0x10/0x10 [ 650.509745][T20420] ? do_sys_openat2+0x157/0x1d0 [ 650.509780][T20420] ? __pfx_do_sys_openat2+0x10/0x10 [ 650.509832][T20420] ? ksys_write+0x1b9/0x240 [ 650.509876][T20420] ? __pfx_ksys_write+0x10/0x10 [ 650.509917][T20420] ? rcu_is_watching+0x12/0xc0 [ 650.509963][T20420] __x64_sys_sendmmsg+0x9c/0x100 [ 650.510006][T20420] ? lockdep_hardirqs_on+0x7c/0x110 [ 650.510051][T20420] do_syscall_64+0xcd/0x260 [ 650.510102][T20420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.510135][T20420] RIP: 0033:0x7f398d98e169 [ 650.510160][T20420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.510192][T20420] RSP: 002b:00007f398e7ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 650.510223][T20420] RAX: ffffffffffffffda RBX: 00007f398dbb6080 RCX: 00007f398d98e169 [ 650.510244][T20420] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000003 [ 650.510264][T20420] RBP: 00007f398e7ca090 R08: 0000000000000000 R09: 0000000000000000 [ 650.510284][T20420] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 650.510303][T20420] R13: 0000000000000000 R14: 00007f398dbb6080 R15: 00007ffe2d563738 [ 650.510344][T20420] [ 650.759732][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 650.778644][T19653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 650.790368][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 650.804001][T19653] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 650.892082][T20421] CPU: 0 UID: 0 PID: 20421 Comm: syz.1.2520 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 650.892125][T20421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 650.892143][T20421] Call Trace: [ 650.892152][T20421] [ 650.892165][T20421] dump_stack_lvl+0x16c/0x1f0 [ 650.892216][T20421] should_fail_ex+0x512/0x640 [ 650.892251][T20421] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 650.892302][T20421] should_failslab+0xc2/0x120 [ 650.892330][T20421] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 650.892394][T20421] ? sock_alloc_inode+0x25/0x1c0 [ 650.892455][T20421] ? __pfx_sock_alloc_inode+0x10/0x10 [ 650.892503][T20421] sock_alloc_inode+0x25/0x1c0 [ 650.892550][T20421] alloc_inode+0x61/0x240 [ 650.892585][T20421] sock_alloc+0x40/0x280 [ 650.892636][T20421] __sock_create+0xc1/0x8d0 [ 650.892674][T20421] mptcp_subflow_create_socket+0xf5/0xed0 [ 650.892717][T20421] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 650.892785][T20421] __mptcp_nmpc_sk+0x182/0x7d0 [ 650.892824][T20421] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 650.892866][T20421] ? __local_bh_enable_ip+0xa4/0x120 [ 650.892915][T20421] mptcp_bind+0xa3/0x1e0 [ 650.892952][T20421] __sys_bind+0x211/0x260 [ 650.892987][T20421] ? __pfx___sys_bind+0x10/0x10 [ 650.893016][T20421] ? __fget_files+0x20e/0x3c0 [ 650.893075][T20421] ? __pfx_ksys_write+0x10/0x10 [ 650.893128][T20421] __x64_sys_bind+0x72/0xb0 [ 650.893158][T20421] ? lockdep_hardirqs_on+0x7c/0x110 [ 650.893204][T20421] do_syscall_64+0xcd/0x260 [ 650.893254][T20421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.893286][T20421] RIP: 0033:0x7f6e6078e169 [ 650.893311][T20421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.893342][T20421] RSP: 002b:00007f6e6159c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 650.893372][T20421] RAX: ffffffffffffffda RBX: 00007f6e609b6080 RCX: 00007f6e6078e169 [ 650.893393][T20421] RDX: 000000000000006a RSI: 0000200000000040 RDI: 0000000000000003 [ 650.893413][T20421] RBP: 00007f6e6159c090 R08: 0000000000000000 R09: 0000000000000000 [ 650.893439][T20421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 650.893457][T20421] R13: 0000000000000000 R14: 00007f6e609b6080 R15: 00007ffdda100458 [ 650.893498][T20421] [ 650.962577][T20421] net_ratelimit: 49 callbacks suppressed [ 650.962601][T20421] socket: no more sockets [ 650.966343][ C0] vkms_vblank_simulate: vblank timer overrun [ 651.146392][ C0] vkms_vblank_simulate: vblank timer overrun [ 651.152443][ C0] hrtimer: interrupt took 250586389 ns [ 651.156232][T19653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 651.175849][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 651.210643][T19653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 651.252500][ C0] vkms_vblank_simulate: vblank timer overrun [ 651.263149][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 651.279476][T19653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 651.290332][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 651.301367][T19653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 651.313150][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 651.323065][T19653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 651.333706][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 651.343615][T19653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 651.354266][T19653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 651.366607][T19653] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 651.387256][T19653] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.399338][T19653] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.408194][T19653] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.418275][T19653] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.896193][ T1164] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 651.951960][ T1164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 652.051046][T11364] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 652.091628][T11364] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 653.048510][T20555] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2530'. [ 653.315315][T20563] FAULT_INJECTION: forcing a failure. [ 653.315315][T20563] name failslab, interval 1, probability 0, space 0, times 0 [ 653.361982][T20563] CPU: 1 UID: 0 PID: 20563 Comm: syz.0.2533 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 653.362028][T20563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 653.362046][T20563] Call Trace: [ 653.362055][T20563] [ 653.362066][T20563] dump_stack_lvl+0x16c/0x1f0 [ 653.362118][T20563] should_fail_ex+0x512/0x640 [ 653.362154][T20563] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 653.362242][T20563] should_failslab+0xc2/0x120 [ 653.362270][T20563] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 653.362319][T20563] ? __pmd_alloc+0xc3/0x870 [ 653.362361][T20563] __pmd_alloc+0xc3/0x870 [ 653.362395][T20563] ? find_held_lock+0x2b/0x80 [ 653.362438][T20563] __handle_mm_fault+0x948/0x2a40 [ 653.362495][T20563] ? __pfx___handle_mm_fault+0x10/0x10 [ 653.362564][T20563] ? find_vma+0xbf/0x140 [ 653.362596][T20563] ? __pfx_find_vma+0x10/0x10 [ 653.362635][T20563] handle_mm_fault+0x3fe/0xad0 [ 653.362688][T20563] do_user_addr_fault+0x7a6/0x1370 [ 653.362731][T20563] ? rcu_is_watching+0x12/0xc0 [ 653.362775][T20563] exc_page_fault+0x5c/0xc0 [ 653.362821][T20563] asm_exc_page_fault+0x26/0x30 [ 653.362852][T20563] RIP: 0010:filldir64+0x29c/0x5e0 [ 653.362893][T20563] Code: db e8 48 2e 84 ff 89 d8 48 83 c4 50 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 2e 2e 84 ff 0f 01 cb 0f ae e8 48 8b 04 24 <49> 89 47 08 e8 1b 2e 84 ff 4c 8b 7c 24 30 48 8b 74 24 10 49 89 37 [ 653.362925][T20563] RSP: 0018:ffffc9000b6b7cf0 EFLAGS: 00050293 [ 653.362950][T20563] RAX: 0000000000000000 RBX: ffffc9000b6b7e80 RCX: ffffffff82370e3a [ 653.362970][T20563] RDX: ffff88802e3b1e00 RSI: ffffffff82370e92 RDI: 0000000000000006 [ 653.362992][T20563] RBP: 0000000000000018 R08: 0000000000000006 R09: 0000000000000000 [ 653.363012][T20563] R10: 0000000000000018 R11: 0000000000000000 R12: 0000000000000001 [ 653.363031][T20563] R13: 0000000000000018 R14: ffffffff8b9f8800 R15: 0000000000000000 [ 653.363063][T20563] ? filldir64+0x23a/0x5e0 [ 653.363100][T20563] ? filldir64+0x292/0x5e0 [ 653.363159][T20563] ? __pfx_filldir64+0x10/0x10 [ 653.363196][T20563] offset_readdir+0x1c4/0x6d0 [ 653.363248][T20563] ? apparmor_file_permission+0x251/0x400 [ 653.363293][T20563] iterate_dir+0x293/0xb40 [ 653.363340][T20563] __x64_sys_getdents64+0x14d/0x2d0 [ 653.363387][T20563] ? __pfx___x64_sys_getdents64+0x10/0x10 [ 653.363428][T20563] ? fput+0x70/0xf0 [ 653.363457][T20563] ? __pfx_filldir64+0x10/0x10 [ 653.363499][T20563] ? rcu_is_watching+0x12/0xc0 [ 653.363550][T20563] do_syscall_64+0xcd/0x260 [ 653.363600][T20563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.363630][T20563] RIP: 0033:0x7f0f7418e169 [ 653.363655][T20563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.363685][T20563] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 653.363713][T20563] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 653.363734][T20563] RDX: 0000000000000400 RSI: 0000000000000000 RDI: 0000000000000003 [ 653.363753][T20563] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 653.363773][T20563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 653.363792][T20563] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 653.363835][T20563] [ 654.170918][T20589] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2536'. [ 654.574243][T20600] FAULT_INJECTION: forcing a failure. [ 654.574243][T20600] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 654.612313][T20600] CPU: 1 UID: 0 PID: 20600 Comm: syz.3.2538 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 654.612358][T20600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 654.612376][T20600] Call Trace: [ 654.612387][T20600] [ 654.612397][T20600] dump_stack_lvl+0x16c/0x1f0 [ 654.612448][T20600] should_fail_ex+0x512/0x640 [ 654.612490][T20600] _copy_from_user+0x2e/0xd0 [ 654.612530][T20600] copy_msghdr_from_user+0x98/0x160 [ 654.612572][T20600] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 654.612633][T20600] ___sys_sendmsg+0xfe/0x1d0 [ 654.612676][T20600] ? __pfx____sys_sendmsg+0x10/0x10 [ 654.612787][T20600] __sys_sendmsg+0x16d/0x220 [ 654.612829][T20600] ? __pfx___sys_sendmsg+0x10/0x10 [ 654.612883][T20600] ? rcu_is_watching+0x12/0xc0 [ 654.612944][T20600] do_syscall_64+0xcd/0x260 [ 654.612995][T20600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.613027][T20600] RIP: 0033:0x7f398d98e169 [ 654.613052][T20600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 654.613083][T20600] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 654.613111][T20600] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 654.613130][T20600] RDX: 000000000400c004 RSI: 0000200000000140 RDI: 0000000000000003 [ 654.613149][T20600] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 654.613167][T20600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 654.613185][T20600] R13: 0000000000000000 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 654.613223][T20600] [ 655.275066][T20628] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2542'. [ 655.364704][ T30] audit: type=1800 audit(6039811273.780:12): pid=20629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2544" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 655.483310][T20645] FAULT_INJECTION: forcing a failure. [ 655.483310][T20645] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 655.532030][T20645] CPU: 1 UID: 0 PID: 20645 Comm: syz.3.2543 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 655.532071][T20645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 655.532089][T20645] Call Trace: [ 655.532098][T20645] [ 655.532109][T20645] dump_stack_lvl+0x16c/0x1f0 [ 655.532158][T20645] should_fail_ex+0x512/0x640 [ 655.532200][T20645] strncpy_from_user+0x3b/0x2e0 [ 655.532236][T20645] getname_flags.part.0+0x8f/0x550 [ 655.532277][T20645] getname_flags+0x93/0xf0 [ 655.532319][T20645] do_sys_openat2+0xb8/0x1d0 [ 655.532352][T20645] ? __pfx_do_sys_openat2+0x10/0x10 [ 655.532389][T20645] ? __fget_files+0x20e/0x3c0 [ 655.532442][T20645] __x64_sys_openat+0x174/0x210 [ 655.532475][T20645] ? __pfx___x64_sys_openat+0x10/0x10 [ 655.532508][T20645] ? ksys_write+0x1b9/0x240 [ 655.532564][T20645] do_syscall_64+0xcd/0x260 [ 655.532613][T20645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.532643][T20645] RIP: 0033:0x7f398d98e169 [ 655.532667][T20645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.532697][T20645] RSP: 002b:00007f398e7a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 655.532726][T20645] RAX: ffffffffffffffda RBX: 00007f398dbb6160 RCX: 00007f398d98e169 [ 655.532747][T20645] RDX: 0000000000000102 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 655.532767][T20645] RBP: 00007f398e7a9090 R08: 0000000000000000 R09: 0000000000000000 [ 655.532785][T20645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 655.532804][T20645] R13: 0000000000000001 R14: 00007f398dbb6160 R15: 00007ffe2d563738 [ 655.532850][T20645] [ 656.012786][T20678] FAULT_INJECTION: forcing a failure. [ 656.012786][T20678] name failslab, interval 1, probability 0, space 0, times 0 [ 656.030046][T20678] CPU: 1 UID: 0 PID: 20678 Comm: syz.0.2547 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 656.030090][T20678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 656.030108][T20678] Call Trace: [ 656.030118][T20678] [ 656.030129][T20678] dump_stack_lvl+0x16c/0x1f0 [ 656.030180][T20678] should_fail_ex+0x512/0x640 [ 656.030223][T20678] should_failslab+0xc2/0x120 [ 656.030255][T20678] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 656.030305][T20678] ? __lock_acquire+0x5ca/0x1ba0 [ 656.030354][T20678] ? dst_alloc+0x99/0x1a0 [ 656.030397][T20678] dst_alloc+0x99/0x1a0 [ 656.030438][T20678] rt_dst_alloc+0x35/0x3a0 [ 656.030488][T20678] ip_route_output_key_hash_rcu+0x87a/0x28f0 [ 656.030539][T20678] ip_route_output_key_hash+0x137/0x2e0 [ 656.030575][T20678] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 656.030634][T20678] tcp_v4_connect+0x7e2/0x1ba0 [ 656.030701][T20678] ? __pfx_tcp_v4_connect+0x10/0x10 [ 656.030758][T20678] ? __local_bh_enable_ip+0xa4/0x120 [ 656.030806][T20678] mptcp_connect+0x579/0xfe0 [ 656.030859][T20678] __inet_stream_connect+0x3c5/0x1020 [ 656.030901][T20678] ? __pfx___inet_stream_connect+0x10/0x10 [ 656.030933][T20678] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 656.030972][T20678] ? __pfx_inet_stream_connect+0x10/0x10 [ 656.031006][T20678] ? __local_bh_enable_ip+0xa4/0x120 [ 656.031053][T20678] ? __pfx_inet_stream_connect+0x10/0x10 [ 656.031081][T20678] inet_stream_connect+0x57/0xa0 [ 656.031114][T20678] __sys_connect_file+0x13e/0x1a0 [ 656.031154][T20678] __sys_connect+0x14d/0x170 [ 656.031189][T20678] ? __pfx___sys_connect+0x10/0x10 [ 656.031241][T20678] ? __pfx_ksys_write+0x10/0x10 [ 656.031306][T20678] __x64_sys_connect+0x72/0xb0 [ 656.031340][T20678] ? lockdep_hardirqs_on+0x7c/0x110 [ 656.031386][T20678] do_syscall_64+0xcd/0x260 [ 656.031437][T20678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.031470][T20678] RIP: 0033:0x7f0f7418e169 [ 656.031495][T20678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 656.031526][T20678] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 656.031555][T20678] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 656.031577][T20678] RDX: 0000000000000055 RSI: 00002000000000c0 RDI: 0000000000000003 [ 656.031596][T20678] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 656.031615][T20678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 656.031633][T20678] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 656.031675][T20678] [ 657.118903][T20723] delete_channel: no stack [ 657.463397][T20768] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2553'. [ 657.831091][T20780] FAULT_INJECTION: forcing a failure. [ 657.831091][T20780] name failslab, interval 1, probability 0, space 0, times 0 [ 657.889932][T20780] CPU: 0 UID: 0 PID: 20780 Comm: syz.1.2556 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 657.889979][T20780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 657.889999][T20780] Call Trace: [ 657.890009][T20780] [ 657.890019][T20780] dump_stack_lvl+0x16c/0x1f0 [ 657.890071][T20780] should_fail_ex+0x512/0x640 [ 657.890105][T20780] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 657.890159][T20780] should_failslab+0xc2/0x120 [ 657.890189][T20780] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 657.890238][T20780] ? __alloc_skb+0x2b2/0x380 [ 657.890285][T20780] __alloc_skb+0x2b2/0x380 [ 657.890324][T20780] ? __pfx___alloc_skb+0x10/0x10 [ 657.890367][T20780] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 657.890412][T20780] ? __lock_acquire+0xaa4/0x1ba0 [ 657.890468][T20780] netlink_alloc_large_skb+0x69/0x130 [ 657.890518][T20780] netlink_sendmsg+0x6a1/0xdd0 [ 657.890572][T20780] ? __pfx_netlink_sendmsg+0x10/0x10 [ 657.890634][T20780] ____sys_sendmsg+0xa95/0xc70 [ 657.890665][T20780] ? copy_msghdr_from_user+0x10a/0x160 [ 657.890707][T20780] ? __pfx_____sys_sendmsg+0x10/0x10 [ 657.890757][T20780] ___sys_sendmsg+0x134/0x1d0 [ 657.890802][T20780] ? __pfx____sys_sendmsg+0x10/0x10 [ 657.890906][T20780] __sys_sendmsg+0x16d/0x220 [ 657.890951][T20780] ? __pfx___sys_sendmsg+0x10/0x10 [ 657.891007][T20780] ? rcu_is_watching+0x12/0xc0 [ 657.891057][T20780] do_syscall_64+0xcd/0x260 [ 657.891110][T20780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.891143][T20780] RIP: 0033:0x7f6e6078e169 [ 657.891167][T20780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.891198][T20780] RSP: 002b:00007f6e615bd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 657.891227][T20780] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078e169 [ 657.891248][T20780] RDX: 0000000000009800 RSI: 00002000000007c0 RDI: 0000000000000003 [ 657.891267][T20780] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 657.891285][T20780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.891303][T20780] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 657.891343][T20780] [ 658.112468][ C0] vkms_vblank_simulate: vblank timer overrun [ 658.138081][T20782] syz.2.2557 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 658.160007][T20782] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2557'. [ 658.643060][T20801] FAULT_INJECTION: forcing a failure. [ 658.643060][T20801] name failslab, interval 1, probability 0, space 0, times 0 [ 658.689012][T20801] CPU: 1 UID: 0 PID: 20801 Comm: syz.3.2560 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 658.689058][T20801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 658.689077][T20801] Call Trace: [ 658.689087][T20801] [ 658.689098][T20801] dump_stack_lvl+0x16c/0x1f0 [ 658.689150][T20801] should_fail_ex+0x512/0x640 [ 658.689186][T20801] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 658.689237][T20801] should_failslab+0xc2/0x120 [ 658.689268][T20801] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 658.689317][T20801] ? __alloc_skb+0x2b2/0x380 [ 658.689363][T20801] __alloc_skb+0x2b2/0x380 [ 658.689401][T20801] ? __pfx___alloc_skb+0x10/0x10 [ 658.689444][T20801] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 658.689489][T20801] ? __lock_acquire+0xaa4/0x1ba0 [ 658.689545][T20801] netlink_alloc_large_skb+0x69/0x130 [ 658.689594][T20801] netlink_sendmsg+0x6a1/0xdd0 [ 658.689649][T20801] ? __pfx_netlink_sendmsg+0x10/0x10 [ 658.689712][T20801] ____sys_sendmsg+0xa95/0xc70 [ 658.689742][T20801] ? copy_msghdr_from_user+0x10a/0x160 [ 658.689785][T20801] ? __pfx_____sys_sendmsg+0x10/0x10 [ 658.689840][T20801] ___sys_sendmsg+0x134/0x1d0 [ 658.689884][T20801] ? __pfx____sys_sendmsg+0x10/0x10 [ 658.689972][T20801] __sys_sendmsg+0x16d/0x220 [ 658.690016][T20801] ? __pfx___sys_sendmsg+0x10/0x10 [ 658.690071][T20801] ? rcu_is_watching+0x12/0xc0 [ 658.690122][T20801] do_syscall_64+0xcd/0x260 [ 658.690173][T20801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 658.690205][T20801] RIP: 0033:0x7f398d98e169 [ 658.690228][T20801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 658.690258][T20801] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 658.690288][T20801] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 658.690309][T20801] RDX: 0000000010000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 658.690328][T20801] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 658.690348][T20801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 658.690365][T20801] R13: 0000000000000000 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 658.690402][T20801] [ 659.630408][T20855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2565'. [ 660.353954][T20848] ima: policy update failed [ 660.403272][ T30] audit: type=1802 audit(6039811278.830:13): pid=20848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2564" res=0 errno=0 [ 660.996818][T20868] delete_channel: no stack [ 661.528554][T20902] FAULT_INJECTION: forcing a failure. [ 661.528554][T20902] name failslab, interval 1, probability 0, space 0, times 0 [ 661.544070][T20902] CPU: 1 UID: 0 PID: 20902 Comm: syz.3.2571 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 661.544113][T20902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 661.544132][T20902] Call Trace: [ 661.544142][T20902] [ 661.544154][T20902] dump_stack_lvl+0x16c/0x1f0 [ 661.544205][T20902] should_fail_ex+0x512/0x640 [ 661.544238][T20902] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 661.544283][T20902] should_failslab+0xc2/0x120 [ 661.544313][T20902] __kmalloc_cache_noprof+0x6a/0x3e0 [ 661.544355][T20902] ? alloc_pipe_info+0x10e/0x590 [ 661.544398][T20902] alloc_pipe_info+0x10e/0x590 [ 661.544437][T20902] splice_direct_to_actor+0x77d/0xa30 [ 661.544471][T20902] ? __pfx_direct_splice_actor+0x10/0x10 [ 661.544505][T20902] ? __pfx_aa_file_perm+0x10/0x10 [ 661.544537][T20902] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 661.544566][T20902] ? get_pid_task+0xfc/0x250 [ 661.544602][T20902] do_splice_direct+0x174/0x240 [ 661.544634][T20902] ? __pfx_do_splice_direct+0x10/0x10 [ 661.544672][T20902] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 661.544707][T20902] ? rw_verify_area+0xcf/0x680 [ 661.544738][T20902] do_sendfile+0xafd/0xe50 [ 661.544772][T20902] ? __pfx_do_sendfile+0x10/0x10 [ 661.544802][T20902] ? __fget_files+0x20e/0x3c0 [ 661.544842][T20902] __x64_sys_sendfile64+0x1d8/0x220 [ 661.544863][T20902] ? ksys_write+0x1b9/0x240 [ 661.544893][T20902] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 661.544914][T20902] ? rcu_is_watching+0x12/0xc0 [ 661.544949][T20902] do_syscall_64+0xcd/0x260 [ 661.544985][T20902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.545008][T20902] RIP: 0033:0x7f398d98e169 [ 661.545026][T20902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 661.545048][T20902] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 661.545069][T20902] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 661.545085][T20902] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 661.545098][T20902] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 661.545112][T20902] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 661.545125][T20902] R13: 0000000000000000 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 661.545153][T20902] [ 664.349052][T21005] FAULT_INJECTION: forcing a failure. [ 664.349052][T21005] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 664.396323][T21005] CPU: 1 UID: 0 PID: 21005 Comm: syz.3.2579 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 664.396366][T21005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 664.396393][T21005] Call Trace: [ 664.396404][T21005] [ 664.396415][T21005] dump_stack_lvl+0x16c/0x1f0 [ 664.396466][T21005] should_fail_ex+0x512/0x640 [ 664.396509][T21005] _copy_to_user+0x32/0xd0 [ 664.396552][T21005] simple_read_from_buffer+0xcb/0x170 [ 664.396599][T21005] proc_fail_nth_read+0x197/0x270 [ 664.396644][T21005] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 664.396690][T21005] ? rw_verify_area+0xcf/0x680 [ 664.396728][T21005] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 664.396773][T21005] vfs_read+0x1de/0xc70 [ 664.396820][T21005] ? __pfx___mutex_lock+0x10/0x10 [ 664.396868][T21005] ? __pfx_vfs_read+0x10/0x10 [ 664.396923][T21005] ? __fget_files+0x20e/0x3c0 [ 664.396982][T21005] ksys_read+0x12a/0x240 [ 664.397024][T21005] ? __pfx_ksys_read+0x10/0x10 [ 664.397066][T21005] ? rcu_is_watching+0x12/0xc0 [ 664.397119][T21005] do_syscall_64+0xcd/0x260 [ 664.397171][T21005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.397204][T21005] RIP: 0033:0x7f398d98cb7c [ 664.397228][T21005] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 664.397259][T21005] RSP: 002b:00007f398e7a9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 664.397288][T21005] RAX: ffffffffffffffda RBX: 00007f398dbb6160 RCX: 00007f398d98cb7c [ 664.397309][T21005] RDX: 000000000000000f RSI: 00007f398e7a90a0 RDI: 0000000000000008 [ 664.397327][T21005] RBP: 00007f398e7a9090 R08: 0000000000000000 R09: 0000000000000000 [ 664.397346][T21005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 664.397364][T21005] R13: 0000000000000000 R14: 00007f398dbb6160 R15: 00007ffe2d563738 [ 664.397412][T21005] [ 666.243014][T21052] FAULT_INJECTION: forcing a failure. [ 666.243014][T21052] name failslab, interval 1, probability 0, space 0, times 0 [ 666.292105][T21052] CPU: 0 UID: 0 PID: 21052 Comm: syz.3.2590 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 666.292150][T21052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 666.292169][T21052] Call Trace: [ 666.292180][T21052] [ 666.292191][T21052] dump_stack_lvl+0x16c/0x1f0 [ 666.292242][T21052] should_fail_ex+0x512/0x640 [ 666.292294][T21052] should_failslab+0xc2/0x120 [ 666.292325][T21052] __kmalloc_cache_noprof+0x6a/0x3e0 [ 666.292368][T21052] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 666.292403][T21052] ? tipc_group_create+0xbc/0x660 [ 666.292451][T21052] tipc_group_create+0xbc/0x660 [ 666.292499][T21052] tipc_setsockopt+0x7f0/0xdb0 [ 666.292554][T21052] ? __pfx_tipc_setsockopt+0x10/0x10 [ 666.292625][T21052] ? __pfx_tipc_setsockopt+0x10/0x10 [ 666.292677][T21052] do_sock_setsockopt+0x221/0x470 [ 666.292727][T21052] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 666.292800][T21052] __sys_setsockopt+0x1a0/0x230 [ 666.292849][T21052] __x64_sys_setsockopt+0xbd/0x160 [ 666.292887][T21052] ? do_syscall_64+0x91/0x260 [ 666.292934][T21052] ? lockdep_hardirqs_on+0x7c/0x110 [ 666.292978][T21052] do_syscall_64+0xcd/0x260 [ 666.293039][T21052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.293072][T21052] RIP: 0033:0x7f398d98e169 [ 666.293097][T21052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 666.293128][T21052] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 666.293157][T21052] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 666.293177][T21052] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 666.293195][T21052] RBP: 00007f398e7eb090 R08: 0000000000000014 R09: 0000000000000000 [ 666.293213][T21052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.293230][T21052] R13: 0000000000000000 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 666.293270][T21052] [ 667.173296][T21097] netlink: 146 bytes leftover after parsing attributes in process `syz.3.2593'. [ 667.598203][T21114] FAULT_INJECTION: forcing a failure. [ 667.598203][T21114] name failslab, interval 1, probability 0, space 0, times 0 [ 667.656932][T21114] CPU: 1 UID: 0 PID: 21114 Comm: syz.3.2595 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 667.656975][T21114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 667.656993][T21114] Call Trace: [ 667.657003][T21114] [ 667.657015][T21114] dump_stack_lvl+0x16c/0x1f0 [ 667.657064][T21114] should_fail_ex+0x512/0x640 [ 667.657099][T21114] ? fs_reclaim_acquire+0xae/0x150 [ 667.657139][T21114] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 667.657191][T21114] should_failslab+0xc2/0x120 [ 667.657220][T21114] __kmalloc_noprof+0xd2/0x510 [ 667.657275][T21114] tomoyo_realpath_from_path+0xc2/0x6e0 [ 667.657324][T21114] ? tomoyo_profile+0x47/0x60 [ 667.657405][T21114] tomoyo_path_number_perm+0x245/0x580 [ 667.657441][T21114] ? tomoyo_path_number_perm+0x237/0x580 [ 667.657481][T21114] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 667.657520][T21114] ? find_held_lock+0x2b/0x80 [ 667.657607][T21114] ? find_held_lock+0x2b/0x80 [ 667.657643][T21114] ? hook_file_ioctl_common+0x145/0x410 [ 667.657683][T21114] ? __fget_files+0x20e/0x3c0 [ 667.657731][T21114] security_file_ioctl+0x9b/0x240 [ 667.657770][T21114] __x64_sys_ioctl+0xb7/0x200 [ 667.657807][T21114] do_syscall_64+0xcd/0x260 [ 667.657853][T21114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.657882][T21114] RIP: 0033:0x7f398d98e169 [ 667.657904][T21114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 667.657932][T21114] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 667.657959][T21114] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 667.657978][T21114] RDX: 0000000000000000 RSI: 000000000000545c RDI: 0000000000000005 [ 667.657996][T21114] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 667.658013][T21114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.658030][T21114] R13: 0000000000000000 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 667.658068][T21114] [ 667.967916][T21114] ERROR: Out of memory at tomoyo_realpath_from_path. [ 669.917645][T21179] usbip-vudc usbip-vudc.0: gadget not bound [ 670.653559][T21191] FAULT_INJECTION: forcing a failure. [ 670.653559][T21191] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 670.719297][T21191] CPU: 1 UID: 0 PID: 21191 Comm: syz.1.2603 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 670.719338][T21191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 670.719355][T21191] Call Trace: [ 670.719364][T21191] [ 670.719374][T21191] dump_stack_lvl+0x16c/0x1f0 [ 670.719440][T21191] should_fail_ex+0x512/0x640 [ 670.719480][T21191] _copy_to_user+0x32/0xd0 [ 670.719521][T21191] simple_read_from_buffer+0xcb/0x170 [ 670.719566][T21191] proc_fail_nth_read+0x197/0x270 [ 670.719608][T21191] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 670.719654][T21191] ? rw_verify_area+0xcf/0x680 [ 670.719688][T21191] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 670.719731][T21191] vfs_read+0x1de/0xc70 [ 670.719778][T21191] ? __pfx___mutex_lock+0x10/0x10 [ 670.719824][T21191] ? __pfx_vfs_read+0x10/0x10 [ 670.719877][T21191] ? __fget_files+0x20e/0x3c0 [ 670.719943][T21191] ksys_read+0x12a/0x240 [ 670.719984][T21191] ? __pfx_ksys_read+0x10/0x10 [ 670.720024][T21191] ? rcu_is_watching+0x12/0xc0 [ 670.720075][T21191] do_syscall_64+0xcd/0x260 [ 670.720125][T21191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.720157][T21191] RIP: 0033:0x7f6e6078cb7c [ 670.720182][T21191] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 670.720211][T21191] RSP: 002b:00007f6e615bd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 670.720239][T21191] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078cb7c [ 670.720260][T21191] RDX: 000000000000000f RSI: 00007f6e615bd0a0 RDI: 0000000000000005 [ 670.720279][T21191] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 670.720298][T21191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 670.720321][T21191] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 670.720362][T21191] [ 672.021014][T21225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 672.082012][T21225] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 672.212061][T21225] memcg:ffff88807d14f481 [ 672.216368][T21225] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 672.281969][T21225] page_type: f5(slab) [ 672.286130][T21225] raw: 00fff00000000040 ffff88801b44b500 0000000000000000 dead000000000001 [ 672.351449][T21225] raw: 0000000000000000 0000000000040004 00000000f5000000 ffff88807d14f481 [ 672.602014][T21225] head: 00fff00000000040 ffff88801b44b500 0000000000000000 dead000000000001 [ 672.716972][T21225] head: 0000000000000000 0000000000040004 00000000f5000000 ffff88807d14f481 [ 672.765671][T21225] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 672.922262][T21225] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 672.931016][T21225] page dumped because: unmovable page [ 673.074153][T21225] page_owner tracks the page as allocated [ 673.171743][T21225] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 18613, tgid 18612 (syz.2.2421), ts 615806735839, free_ts 612710854574 [ 673.385450][T21225] post_alloc_hook+0x181/0x1b0 [ 673.390353][T21225] get_page_from_freelist+0x1193/0x39b0 [ 673.485822][T21225] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 673.552379][T21225] alloc_pages_mpol+0x1fb/0x550 [ 673.641635][T21225] new_slab+0x23c/0x330 [ 673.660042][T21225] ___slab_alloc+0xd9c/0x1940 [ 673.712281][T21225] __slab_alloc.constprop.0+0x56/0xb0 [ 673.717770][T21225] __kvmalloc_node_noprof+0x3a6/0x600 [ 673.782272][T21225] alloc_netdev_mqs+0xd2/0x1570 [ 673.832446][T21225] __ip_tunnel_create+0x31d/0x680 [ 673.857832][T21225] ip_tunnel_init_net+0x22f/0x7d0 [ 673.902990][T21225] ops_init+0x1df/0x5f0 [ 673.907252][T21225] setup_net+0x21e/0x850 [ 673.911551][T21225] copy_net_ns+0x2a6/0x5f0 [ 674.001980][T21225] create_new_namespaces+0x3ea/0xad0 [ 674.017796][T21225] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 674.088894][T21225] page last free pid 5900 tgid 5900 stack trace: [ 674.148856][T21225] __free_frozen_pages+0x69d/0xff0 [ 674.207213][T21225] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 674.261971][T21225] __apply_to_page_range+0x5f9/0xd30 [ 674.267380][T21225] kasan_release_vmalloc+0xd1/0xe0 [ 674.356992][T21225] purge_vmap_node+0x1cb/0xa70 [ 674.415245][T21225] __purge_vmap_area_lazy+0x9d1/0xc90 [ 674.420748][T21225] drain_vmap_area_work+0x27/0x40 [ 674.537484][T21225] process_one_work+0x9cc/0x1b70 [ 674.587655][T21225] worker_thread+0x6c8/0xf10 [ 674.607569][T21225] kthread+0x3c2/0x780 [ 674.611745][T21225] ret_from_fork+0x45/0x80 [ 674.622061][T21225] ret_from_fork_asm+0x1a/0x30 [ 675.763872][T21313] FAULT_INJECTION: forcing a failure. [ 675.763872][T21313] name failslab, interval 1, probability 0, space 0, times 0 [ 675.818057][T21313] CPU: 1 UID: 0 PID: 21313 Comm: syz.0.2609 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 675.818098][T21313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 675.818115][T21313] Call Trace: [ 675.818125][T21313] [ 675.818136][T21313] dump_stack_lvl+0x16c/0x1f0 [ 675.818182][T21313] should_fail_ex+0x512/0x640 [ 675.818225][T21313] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 675.818291][T21313] should_failslab+0xc2/0x120 [ 675.818317][T21313] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 675.818362][T21313] ? __alloc_skb+0x2b2/0x380 [ 675.818421][T21313] __alloc_skb+0x2b2/0x380 [ 675.818455][T21313] ? __pfx___alloc_skb+0x10/0x10 [ 675.818492][T21313] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 675.818531][T21313] ? __lock_acquire+0xaa4/0x1ba0 [ 675.818579][T21313] netlink_alloc_large_skb+0x69/0x130 [ 675.818641][T21313] netlink_sendmsg+0x6a1/0xdd0 [ 675.818690][T21313] ? __pfx_netlink_sendmsg+0x10/0x10 [ 675.818747][T21313] ____sys_sendmsg+0xa95/0xc70 [ 675.818776][T21313] ? copy_msghdr_from_user+0x10a/0x160 [ 675.818814][T21313] ? __pfx_____sys_sendmsg+0x10/0x10 [ 675.818858][T21313] ___sys_sendmsg+0x134/0x1d0 [ 675.818898][T21313] ? __pfx____sys_sendmsg+0x10/0x10 [ 675.818978][T21313] __sys_sendmsg+0x16d/0x220 [ 675.819018][T21313] ? __pfx___sys_sendmsg+0x10/0x10 [ 675.819067][T21313] ? rcu_is_watching+0x12/0xc0 [ 675.819114][T21313] do_syscall_64+0xcd/0x260 [ 675.819160][T21313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.819189][T21313] RIP: 0033:0x7f0f7418e169 [ 675.819210][T21313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 675.819238][T21313] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 675.819265][T21313] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 675.819285][T21313] RDX: 0000000000000004 RSI: 0000200000000300 RDI: 0000000000000003 [ 675.819303][T21313] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 675.819321][T21313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 675.819338][T21313] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 675.819375][T21313] [ 676.707246][T21328] FAULT_INJECTION: forcing a failure. [ 676.707246][T21328] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 676.780052][T21328] CPU: 0 UID: 0 PID: 21328 Comm: syz.1.2613 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 676.780095][T21328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 676.780111][T21328] Call Trace: [ 676.780120][T21328] [ 676.780131][T21328] dump_stack_lvl+0x16c/0x1f0 [ 676.780176][T21328] should_fail_ex+0x512/0x640 [ 676.780215][T21328] _copy_to_user+0x32/0xd0 [ 676.780260][T21328] simple_read_from_buffer+0xcb/0x170 [ 676.780303][T21328] proc_fail_nth_read+0x197/0x270 [ 676.780344][T21328] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 676.780386][T21328] ? rw_verify_area+0xcf/0x680 [ 676.780420][T21328] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 676.780460][T21328] vfs_read+0x1de/0xc70 [ 676.780505][T21328] ? __pfx___mutex_lock+0x10/0x10 [ 676.780548][T21328] ? __pfx_vfs_read+0x10/0x10 [ 676.780597][T21328] ? __fget_files+0x20e/0x3c0 [ 676.780649][T21328] ksys_read+0x12a/0x240 [ 676.780688][T21328] ? __pfx_ksys_read+0x10/0x10 [ 676.780725][T21328] ? rcu_is_watching+0x12/0xc0 [ 676.780771][T21328] do_syscall_64+0xcd/0x260 [ 676.780817][T21328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 676.780846][T21328] RIP: 0033:0x7f6e6078cb7c [ 676.780868][T21328] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 676.780896][T21328] RSP: 002b:00007f6e615bd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 676.780922][T21328] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078cb7c [ 676.780940][T21328] RDX: 000000000000000f RSI: 00007f6e615bd0a0 RDI: 0000000000000004 [ 676.780956][T21328] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 676.780972][T21328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 676.780988][T21328] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 676.781025][T21328] [ 678.863490][T21377] FAULT_INJECTION: forcing a failure. [ 678.863490][T21377] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 678.938908][T21377] CPU: 0 UID: 0 PID: 21377 Comm: syz.1.2621 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 678.938951][T21377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 678.938970][T21377] Call Trace: [ 678.938980][T21377] [ 678.938991][T21377] dump_stack_lvl+0x16c/0x1f0 [ 678.939039][T21377] should_fail_ex+0x512/0x640 [ 678.939080][T21377] _copy_from_user+0x2e/0xd0 [ 678.939120][T21377] memdup_user+0x6b/0xe0 [ 678.939151][T21377] strndup_user+0x78/0xe0 [ 678.939182][T21377] __x64_sys_mount+0x137/0x310 [ 678.939213][T21377] ? __pfx___x64_sys_mount+0x10/0x10 [ 678.939241][T21377] ? rcu_is_watching+0x12/0xc0 [ 678.939290][T21377] do_syscall_64+0xcd/0x260 [ 678.939345][T21377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.939375][T21377] RIP: 0033:0x7f6e6078e169 [ 678.939398][T21377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 678.939428][T21377] RSP: 002b:00007f6e615bd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 678.939456][T21377] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078e169 [ 678.939477][T21377] RDX: 0000200000000140 RSI: 00002000000000c0 RDI: 0000000000000000 [ 678.939496][T21377] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 678.939514][T21377] R10: 0000000000000808 R11: 0000000000000246 R12: 0000000000000001 [ 678.939532][T21377] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 678.939571][T21377] [ 679.286291][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 679.309513][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 679.318384][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 679.326766][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 679.334664][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 680.473593][T21381] chnl_net:caif_netlink_parms(): no params data found [ 680.706722][T21540] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2628'. [ 680.926889][T21540] syz.1.2628 (21540) used greatest stack depth: 21416 bytes left [ 681.169604][T21566] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2629'. [ 681.306495][T21381] bridge0: port 1(bridge_slave_0) entered blocking state [ 681.319346][T21381] bridge0: port 1(bridge_slave_0) entered disabled state [ 681.340959][T21381] bridge_slave_0: entered allmulticast mode [ 681.381341][T21381] bridge_slave_0: entered promiscuous mode [ 681.417887][T21381] bridge0: port 2(bridge_slave_1) entered blocking state [ 681.425256][T21381] bridge0: port 2(bridge_slave_1) entered disabled state [ 681.432659][ T5845] Bluetooth: hci0: command tx timeout [ 681.457579][T21381] bridge_slave_1: entered allmulticast mode [ 681.481687][T21381] bridge_slave_1: entered promiscuous mode [ 681.494541][T21609] FAULT_INJECTION: forcing a failure. [ 681.494541][T21609] name failslab, interval 1, probability 0, space 0, times 0 [ 681.522059][T21609] CPU: 1 UID: 0 PID: 21609 Comm: syz.1.2631 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 681.522103][T21609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 681.522128][T21609] Call Trace: [ 681.522139][T21609] [ 681.522150][T21609] dump_stack_lvl+0x16c/0x1f0 [ 681.522201][T21609] should_fail_ex+0x512/0x640 [ 681.522237][T21609] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 681.522289][T21609] should_failslab+0xc2/0x120 [ 681.522318][T21609] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 681.522366][T21609] ? mas_alloc_nodes+0x18b/0x8b0 [ 681.522414][T21609] mas_alloc_nodes+0x18b/0x8b0 [ 681.522463][T21609] mas_node_count_gfp+0x105/0x130 [ 681.522508][T21609] mas_preallocate+0x53e/0xcd0 [ 681.522540][T21609] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 681.522577][T21609] ? __pfx_mas_preallocate+0x10/0x10 [ 681.522623][T21609] ? anon_vma_name+0x75/0x100 [ 681.522662][T21609] __split_vma+0x33b/0x1030 [ 681.522713][T21609] ? __pfx___split_vma+0x10/0x10 [ 681.522754][T21609] ? __kernel_text_address+0xd/0x40 [ 681.522802][T21609] ? __lock_acquire+0x5ca/0x1ba0 [ 681.522858][T21609] vms_gather_munmap_vmas+0x1c2/0x1310 [ 681.522904][T21609] ? _parse_integer_limit+0x17f/0x1d0 [ 681.522972][T21609] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 681.523017][T21609] ? __pfx__kstrtoull+0x10/0x10 [ 681.523070][T21609] ? find_held_lock+0x2b/0x80 [ 681.523122][T21609] do_vmi_align_munmap+0x27c/0x7d0 [ 681.523174][T21609] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 681.523274][T21609] do_vmi_munmap+0x208/0x3e0 [ 681.523326][T21609] __vm_munmap+0x19a/0x390 [ 681.523357][T21609] ? __pfx___vm_munmap+0x10/0x10 [ 681.523399][T21609] ? __pfx_ksys_write+0x10/0x10 [ 681.523450][T21609] __x64_sys_munmap+0x59/0x80 [ 681.523488][T21609] do_syscall_64+0xcd/0x260 [ 681.523536][T21609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.523567][T21609] RIP: 0033:0x7f6e6078e169 [ 681.523590][T21609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.523620][T21609] RSP: 002b:00007f6e6159c038 EFLAGS: 00000246 ORIG_RAX: 000000000000000b [ 681.523648][T21609] RAX: ffffffffffffffda RBX: 00007f6e609b6080 RCX: 00007f6e6078e169 [ 681.523667][T21609] RDX: 0000000000000000 RSI: 0000000000000fff RDI: 0000000000008000 [ 681.523684][T21609] RBP: 00007f6e6159c090 R08: 0000000000000000 R09: 0000000000000000 [ 681.523702][T21609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 681.523719][T21609] R13: 0000000000000001 R14: 00007f6e609b6080 R15: 00007ffdda100458 [ 681.523757][T21609] [ 682.310462][T21381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 682.337910][T21381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 682.757536][T21381] team0: Port device team_slave_0 added [ 682.788097][T21381] team0: Port device team_slave_1 added [ 682.997141][T21381] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 683.013992][T21381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 683.081933][T21381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 683.132546][T21381] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 683.139645][T21381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 683.211901][T21381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 683.523792][ T5845] Bluetooth: hci0: command tx timeout [ 683.580418][T21381] hsr_slave_0: entered promiscuous mode [ 683.643873][T21381] hsr_slave_1: entered promiscuous mode [ 683.650382][T21381] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 683.711812][T21381] Cannot create hsr debugfs directory [ 683.806128][T21752] FAULT_INJECTION: forcing a failure. [ 683.806128][T21752] name failslab, interval 1, probability 0, space 0, times 0 [ 683.870456][T21752] CPU: 0 UID: 0 PID: 21752 Comm: syz.0.2636 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 683.870500][T21752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 683.870518][T21752] Call Trace: [ 683.870528][T21752] [ 683.870540][T21752] dump_stack_lvl+0x16c/0x1f0 [ 683.870589][T21752] should_fail_ex+0x512/0x640 [ 683.870623][T21752] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 683.870670][T21752] should_failslab+0xc2/0x120 [ 683.870698][T21752] __kmalloc_cache_noprof+0x6a/0x3e0 [ 683.870741][T21752] ? madvise_collapse+0x1cb/0xb20 [ 683.870781][T21752] madvise_collapse+0x1cb/0xb20 [ 683.870820][T21752] ? mtree_range_walk+0x718/0xc00 [ 683.870860][T21752] ? __pfx_madvise_collapse+0x10/0x10 [ 683.870901][T21752] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 683.870947][T21752] madvise_vma_behavior+0xca3/0x1d50 [ 683.870987][T21752] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 683.871024][T21752] ? find_vma_prev+0xda/0x160 [ 683.871061][T21752] ? __pfx_find_vma_prev+0x10/0x10 [ 683.871095][T21752] ? get_pid_task+0xfc/0x250 [ 683.871134][T21752] ? proc_fail_nth_write+0x9f/0x250 [ 683.871184][T21752] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 683.871217][T21752] madvise_walk_vmas+0x1ce/0x2c0 [ 683.871251][T21752] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 683.871293][T21752] madvise_do_behavior+0x12b/0x3b0 [ 683.871323][T21752] ? __pfx___might_resched+0x10/0x10 [ 683.871370][T21752] ? __pfx_madvise_do_behavior+0x10/0x10 [ 683.871421][T21752] ? fput+0x70/0xf0 [ 683.871458][T21752] do_madvise+0x10b/0x170 [ 683.871493][T21752] __x64_sys_madvise+0xa9/0x110 [ 683.871526][T21752] ? lockdep_hardirqs_on+0x7c/0x110 [ 683.871569][T21752] do_syscall_64+0xcd/0x260 [ 683.871617][T21752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.871666][T21752] RIP: 0033:0x7f0f7418e169 [ 683.871690][T21752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.871722][T21752] RSP: 002b:00007f0f7501b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 683.871751][T21752] RAX: ffffffffffffffda RBX: 00007f0f743b6080 RCX: 00007f0f7418e169 [ 683.871772][T21752] RDX: 0000000000000019 RSI: 0000000000200007 RDI: 0000000000000000 [ 683.871790][T21752] RBP: 00007f0f7501b090 R08: 0000000000000000 R09: 0000000000000000 [ 683.871809][T21752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 683.871825][T21752] R13: 0000000000000000 R14: 00007f0f743b6080 R15: 00007ffe844b32f8 [ 683.871862][T21752] [ 684.646364][ T30] audit: type=1800 audit(6039811303.070:14): pid=21813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2639" name="members" dev="configfs" ino=50055 res=0 errno=0 [ 684.786589][T21802] block2mtd: device name too long [ 685.518186][T21381] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 685.577536][T21381] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 685.592633][ T5845] Bluetooth: hci0: command tx timeout [ 685.645957][T21381] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 685.692736][T21381] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 685.720280][T21875] FAULT_INJECTION: forcing a failure. [ 685.720280][T21875] name fail_futex, interval 1, probability 0, space 0, times 1 [ 685.776034][T21875] CPU: 1 UID: 0 PID: 21875 Comm: syz.0.2643 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 685.776077][T21875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 685.776095][T21875] Call Trace: [ 685.776104][T21875] [ 685.776115][T21875] dump_stack_lvl+0x16c/0x1f0 [ 685.776165][T21875] should_fail_ex+0x512/0x640 [ 685.776204][T21875] get_futex_key+0x49e/0x1000 [ 685.776245][T21875] ? find_held_lock+0x2b/0x80 [ 685.776287][T21875] ? __pfx_get_futex_key+0x10/0x10 [ 685.776332][T21875] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 685.776386][T21875] futex_wake+0xe7/0x4e0 [ 685.776416][T21875] ? __fget_files+0x20e/0x3c0 [ 685.776460][T21875] ? __pfx_futex_wake+0x10/0x10 [ 685.776494][T21875] ? fput+0x70/0xf0 [ 685.776523][T21875] ? ksys_write+0x1b9/0x240 [ 685.776563][T21875] ? __pfx_ksys_write+0x10/0x10 [ 685.776609][T21875] __x64_sys_futex_wake+0x223/0x2a0 [ 685.776660][T21875] do_syscall_64+0xcd/0x260 [ 685.776709][T21875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.776740][T21875] RIP: 0033:0x7f0f7418e169 [ 685.776763][T21875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.776811][T21875] RSP: 002b:00007f0f7501b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c6 [ 685.776857][T21875] RAX: ffffffffffffffda RBX: 00007f0f743b6080 RCX: 00007f0f7418e169 [ 685.776878][T21875] RDX: 00000000fffffffb RSI: 0000000000000007 RDI: 0000000000000000 [ 685.776897][T21875] RBP: 00007f0f7501b090 R08: 0000000000000000 R09: 0000000000000000 [ 685.776915][T21875] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 685.776934][T21875] R13: 0000000000000001 R14: 00007f0f743b6080 R15: 00007ffe844b32f8 [ 685.776973][T21875] [ 686.205081][T21381] 8021q: adding VLAN 0 to HW filter on device bond0 [ 686.361002][T21381] 8021q: adding VLAN 0 to HW filter on device team0 [ 686.469071][T11365] bridge0: port 1(bridge_slave_0) entered blocking state [ 686.476345][T11365] bridge0: port 1(bridge_slave_0) entered forwarding state [ 686.581738][T11365] bridge0: port 2(bridge_slave_1) entered blocking state [ 686.589055][T11365] bridge0: port 2(bridge_slave_1) entered forwarding state [ 686.786594][T21892] random: crng reseeded on system resumption [ 686.799675][T21890] FAULT_INJECTION: forcing a failure. [ 686.799675][T21890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 686.844850][T21381] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 686.866202][T21890] CPU: 1 UID: 0 PID: 21890 Comm: syz.0.2647 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 686.866249][T21890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 686.866268][T21890] Call Trace: [ 686.866279][T21890] [ 686.866291][T21890] dump_stack_lvl+0x16c/0x1f0 [ 686.866342][T21890] should_fail_ex+0x512/0x640 [ 686.866385][T21890] _copy_to_user+0x32/0xd0 [ 686.866428][T21890] simple_read_from_buffer+0xcb/0x170 [ 686.866475][T21890] proc_fail_nth_read+0x197/0x270 [ 686.866520][T21890] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 686.866566][T21890] ? rw_verify_area+0xcf/0x680 [ 686.866602][T21890] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 686.866646][T21890] vfs_read+0x1de/0xc70 [ 686.866694][T21890] ? __pfx___mutex_lock+0x10/0x10 [ 686.866747][T21890] ? __pfx_vfs_read+0x10/0x10 [ 686.866801][T21890] ? __fget_files+0x20e/0x3c0 [ 686.866859][T21890] ksys_read+0x12a/0x240 [ 686.866901][T21890] ? __pfx_ksys_read+0x10/0x10 [ 686.866940][T21890] ? syscall_user_dispatch+0x78/0x140 [ 686.866988][T21890] do_syscall_64+0xcd/0x260 [ 686.867050][T21890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 686.867082][T21890] RIP: 0033:0x7f0f7418cb7c [ 686.867105][T21890] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 686.867135][T21890] RSP: 002b:00007f0f7503c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 686.867163][T21890] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418cb7c [ 686.867184][T21890] RDX: 000000000000000f RSI: 00007f0f7503c0a0 RDI: 0000000000000008 [ 686.867202][T21890] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 686.867221][T21890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 686.867239][T21890] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 686.867279][T21890] [ 687.674806][ T5845] Bluetooth: hci0: command tx timeout [ 687.915772][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 687.974007][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 687.976223][T21381] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 688.082402][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 688.134683][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 688.187151][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 688.252349][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 688.311158][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 688.367464][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 688.432383][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 688.482430][T21916] netlink: 121 bytes leftover after parsing attributes in process `syz.3.2651'. [ 689.279428][T21961] FAULT_INJECTION: forcing a failure. [ 689.279428][T21961] name failslab, interval 1, probability 0, space 0, times 0 [ 689.374737][T21961] CPU: 1 UID: 0 PID: 21961 Comm: syz.1.2655 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 689.374779][T21961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 689.374797][T21961] Call Trace: [ 689.374807][T21961] [ 689.374818][T21961] dump_stack_lvl+0x16c/0x1f0 [ 689.374868][T21961] should_fail_ex+0x512/0x640 [ 689.374902][T21961] ? __kvmalloc_node_noprof+0x122/0x600 [ 689.374950][T21961] should_failslab+0xc2/0x120 [ 689.374979][T21961] __kvmalloc_node_noprof+0x135/0x600 [ 689.375026][T21961] ? seq_read_iter+0x826/0x12c0 [ 689.375074][T21961] ? seq_read_iter+0x826/0x12c0 [ 689.375116][T21961] seq_read_iter+0x826/0x12c0 [ 689.375160][T21961] ? __mutex_trylock_common+0xe9/0x250 [ 689.375202][T21961] kernfs_fop_read_iter+0x40f/0x5a0 [ 689.375240][T21961] ? rw_verify_area+0xcf/0x680 [ 689.375281][T21961] vfs_read+0x8c8/0xc70 [ 689.375335][T21961] ? __pfx___mutex_lock+0x10/0x10 [ 689.375381][T21961] ? __pfx_vfs_read+0x10/0x10 [ 689.375447][T21961] ksys_read+0x12a/0x240 [ 689.375486][T21961] ? __pfx_ksys_read+0x10/0x10 [ 689.375525][T21961] ? rcu_is_watching+0x12/0xc0 [ 689.375574][T21961] do_syscall_64+0xcd/0x260 [ 689.375622][T21961] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.375652][T21961] RIP: 0033:0x7f6e6078e169 [ 689.375675][T21961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 689.375704][T21961] RSP: 002b:00007f6e615bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 689.375731][T21961] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078e169 [ 689.375751][T21961] RDX: 00000000000000bb RSI: 0000200000000180 RDI: 0000000000000003 [ 689.375769][T21961] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 689.375788][T21961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 689.375806][T21961] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 689.375845][T21961] [ 690.029383][T21381] veth0_vlan: entered promiscuous mode [ 690.133322][T21381] veth1_vlan: entered promiscuous mode [ 690.656013][T21381] veth0_macvtap: entered promiscuous mode [ 690.660782][T21381] veth1_macvtap: entered promiscuous mode [ 690.779925][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.779957][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.779973][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.779994][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.780009][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.780030][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.780047][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.780067][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.780083][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.780104][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.780120][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.780141][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.780165][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.780186][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.787255][T21381] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 690.810382][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 690.988228][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.016520][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.031813][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.060204][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.070811][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.080873][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.092001][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.103247][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.114185][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.132135][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.151980][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.162263][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.180637][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.206044][T21381] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.229210][T21381] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.261104][T21381] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 691.305609][T21381] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.362126][T21381] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.370997][T21381] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.397742][T21381] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.683121][T11366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 691.726721][T11366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 692.030050][T11365] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 692.083667][T11365] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 692.853772][T22089] FAULT_INJECTION: forcing a failure. [ 692.853772][T22089] name failslab, interval 1, probability 0, space 0, times 0 [ 692.854510][T22081] FAULT_INJECTION: forcing a failure. [ 692.854510][T22081] name failslab, interval 1, probability 0, space 0, times 0 [ 692.917750][T22089] CPU: 0 UID: 0 PID: 22089 Comm: syz.3.2667 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 692.917799][T22089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 692.917819][T22089] Call Trace: [ 692.917830][T22089] [ 692.917842][T22089] dump_stack_lvl+0x16c/0x1f0 [ 692.917895][T22089] should_fail_ex+0x512/0x640 [ 692.917931][T22089] ? fs_reclaim_acquire+0xae/0x150 [ 692.917973][T22089] should_failslab+0xc2/0x120 [ 692.918013][T22089] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 692.918064][T22089] ? security_inode_alloc+0x3b/0x2b0 [ 692.918106][T22089] security_inode_alloc+0x3b/0x2b0 [ 692.918143][T22089] inode_init_always_gfp+0xce4/0x1030 [ 692.918199][T22089] alloc_inode+0x86/0x240 [ 692.918235][T22089] iget_locked+0x2e4/0x830 [ 692.918276][T22089] ? __pfx_iget_locked+0x10/0x10 [ 692.918316][T22089] ? find_held_lock+0x2b/0x80 [ 692.918358][T22089] ? kernfs_root+0xee/0x2a0 [ 692.918416][T22089] kernfs_get_inode+0x48/0x460 [ 692.918467][T22089] kernfs_iop_lookup+0x1a7/0x2d0 [ 692.918499][T22089] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 692.918529][T22089] lookup_open.isra.0+0x4d7/0x1580 [ 692.918580][T22089] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 692.918653][T22089] ? mnt_get_write_access+0x20c/0x300 [ 692.918695][T22089] path_openat+0x905/0x2d40 [ 692.918755][T22089] ? __pfx_path_openat+0x10/0x10 [ 692.918815][T22089] do_filp_open+0x20b/0x470 [ 692.918860][T22089] ? __pfx_do_filp_open+0x10/0x10 [ 692.918956][T22089] ? alloc_fd+0x471/0x7d0 [ 692.919022][T22089] do_sys_openat2+0x11b/0x1d0 [ 692.919058][T22089] ? __pfx_do_sys_openat2+0x10/0x10 [ 692.919109][T22089] __x64_sys_openat+0x174/0x210 [ 692.919146][T22089] ? __pfx___x64_sys_openat+0x10/0x10 [ 692.919183][T22089] ? rcu_is_watching+0x12/0xc0 [ 692.919234][T22089] do_syscall_64+0xcd/0x260 [ 692.919288][T22089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.919322][T22089] RIP: 0033:0x7f398d98e169 [ 692.919348][T22089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 692.919380][T22089] RSP: 002b:00007f398e7ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 692.919410][T22089] RAX: ffffffffffffffda RBX: 00007f398dbb6080 RCX: 00007f398d98e169 [ 692.919431][T22089] RDX: 0000000000124001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 692.919451][T22089] RBP: 00007f398da10a68 R08: 0000000000000000 R09: 0000000000000000 [ 692.919470][T22089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 692.919488][T22089] R13: 0000000000000000 R14: 00007f398dbb6080 R15: 00007ffe2d563738 [ 692.919529][T22089] [ 693.178959][ C0] vkms_vblank_simulate: vblank timer overrun [ 693.343174][T22081] CPU: 1 UID: 0 PID: 22081 Comm: syz.0.2666 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 693.343225][T22081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 693.343244][T22081] Call Trace: [ 693.343255][T22081] [ 693.343267][T22081] dump_stack_lvl+0x16c/0x1f0 [ 693.343318][T22081] should_fail_ex+0x512/0x640 [ 693.343361][T22081] should_failslab+0xc2/0x120 [ 693.343392][T22081] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 693.343443][T22081] ? __alloc_skb+0x2b2/0x380 [ 693.343483][T22081] ? __lock_acquire+0x5ca/0x1ba0 [ 693.343539][T22081] __alloc_skb+0x2b2/0x380 [ 693.343578][T22081] ? __pfx___alloc_skb+0x10/0x10 [ 693.343634][T22081] tipc_buf_acquire+0x26/0xe0 [ 693.343670][T22081] tipc_msg_create+0x39/0x1d0 [ 693.343711][T22081] tipc_group_proto_xmit+0x150/0x7c0 [ 693.343756][T22081] ? arch_stack_walk+0xa6/0x100 [ 693.343814][T22081] tipc_group_cong+0x436/0x530 [ 693.343860][T22081] ? __pfx_tipc_group_cong+0x10/0x10 [ 693.343926][T22081] tipc_group_bc_cong+0x1d7/0x290 [ 693.343970][T22081] ? __pfx_tipc_group_bc_cong+0x10/0x10 [ 693.344018][T22081] ? net_generic+0xf4/0x2a0 [ 693.344050][T22081] tipc_send_group_bcast+0x3cf/0xa50 [ 693.344112][T22081] ? __pfx_tipc_send_group_bcast+0x10/0x10 [ 693.344162][T22081] ? find_held_lock+0x2b/0x80 [ 693.344201][T22081] ? __pfx_woken_wake_function+0x10/0x10 [ 693.344267][T22081] ? process_measurement+0x1e7/0x2360 [ 693.344327][T22081] __tipc_sendmsg+0x4ab/0x19a0 [ 693.344373][T22081] ? __pfx___tipc_sendmsg+0x10/0x10 [ 693.344405][T22081] ? __lock_acquire+0xaa4/0x1ba0 [ 693.344463][T22081] ? __pfx___might_resched+0x10/0x10 [ 693.344532][T22081] ? __local_bh_enable_ip+0xa4/0x120 [ 693.344582][T22081] tipc_sendmsg+0x4f/0x70 [ 693.344620][T22081] ____sys_sendmsg+0xa95/0xc70 [ 693.344651][T22081] ? copy_msghdr_from_user+0x10a/0x160 [ 693.344691][T22081] ? __pfx_____sys_sendmsg+0x10/0x10 [ 693.344747][T22081] ? __pfx__kstrtoull+0x10/0x10 [ 693.344805][T22081] ___sys_sendmsg+0x134/0x1d0 [ 693.344851][T22081] ? __pfx____sys_sendmsg+0x10/0x10 [ 693.344915][T22081] ? find_held_lock+0x2b/0x80 [ 693.344982][T22081] __sys_sendmmsg+0x200/0x420 [ 693.345031][T22081] ? __pfx___sys_sendmmsg+0x10/0x10 [ 693.345089][T22081] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 693.345155][T22081] ? fput+0x70/0xf0 [ 693.345185][T22081] ? ksys_write+0x1b9/0x240 [ 693.345240][T22081] ? __pfx_ksys_write+0x10/0x10 [ 693.345281][T22081] ? rcu_is_watching+0x12/0xc0 [ 693.345328][T22081] __x64_sys_sendmmsg+0x9c/0x100 [ 693.345371][T22081] ? lockdep_hardirqs_on+0x7c/0x110 [ 693.345416][T22081] do_syscall_64+0xcd/0x260 [ 693.345467][T22081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.345499][T22081] RIP: 0033:0x7f0f7418e169 [ 693.345524][T22081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.345554][T22081] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 693.345584][T22081] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 693.345605][T22081] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 693.345625][T22081] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 693.345645][T22081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 693.345664][T22081] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 693.345705][T22081] [ 694.283813][ T5845] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 694.373034][T22171] FAULT_INJECTION: forcing a failure. [ 694.373034][T22171] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 694.391913][T22171] CPU: 0 UID: 0 PID: 22171 Comm: syz.0.2669 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 694.391957][T22171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 694.391976][T22171] Call Trace: [ 694.391986][T22171] [ 694.391998][T22171] dump_stack_lvl+0x16c/0x1f0 [ 694.392050][T22171] should_fail_ex+0x512/0x640 [ 694.392093][T22171] _copy_from_user+0x2e/0xd0 [ 694.392134][T22171] xfrm_user_policy+0x4f5/0xb50 [ 694.392181][T22171] ? trace_cap_capable+0x18d/0x200 [ 694.392212][T22171] ? __pfx_xfrm_user_policy+0x10/0x10 [ 694.392258][T22171] ? apparmor_capable+0x114/0x1d0 [ 694.392290][T22171] ? bpf_lsm_capable+0x9/0x10 [ 694.392339][T22171] ? ns_capable+0xd7/0x110 [ 694.392381][T22171] do_ip_setsockopt+0x2a57/0x3240 [ 694.392417][T22171] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 694.392461][T22171] ? __pfx___might_resched+0x10/0x10 [ 694.392512][T22171] ip_setsockopt+0x59/0xf0 [ 694.392548][T22171] dccp_setsockopt+0xfa/0x970 [ 694.392592][T22171] ? __pfx_dccp_setsockopt+0x10/0x10 [ 694.392634][T22171] ? sock_common_setsockopt+0x2e/0xf0 [ 694.392684][T22171] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 694.392734][T22171] do_sock_setsockopt+0x221/0x470 [ 694.392783][T22171] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 694.392855][T22171] __sys_setsockopt+0x1a0/0x230 [ 694.392915][T22171] __x64_sys_setsockopt+0xbd/0x160 [ 694.392954][T22171] ? do_syscall_64+0x91/0x260 [ 694.393001][T22171] ? lockdep_hardirqs_on+0x7c/0x110 [ 694.393045][T22171] do_syscall_64+0xcd/0x260 [ 694.393097][T22171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.393129][T22171] RIP: 0033:0x7f0f7418e169 [ 694.393154][T22171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 694.393184][T22171] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 694.393214][T22171] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 694.393235][T22171] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000003 [ 694.393255][T22171] RBP: 00007f0f7503c090 R08: 0000000000000017 R09: 0000000000000000 [ 694.393274][T22171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 694.393293][T22171] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 694.393335][T22171] [ 694.631062][ C0] vkms_vblank_simulate: vblank timer overrun [ 696.370370][T22230] Invalid ELF header magic: != ELF [ 696.379647][T22245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 696.709646][T22259] HfR: entered promiscuous mode [ 696.964720][T22267] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 697.019353][T22270] FAULT_INJECTION: forcing a failure. [ 697.019353][T22270] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 697.102599][T22270] CPU: 0 UID: 0 PID: 22270 Comm: syz.0.2678 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 697.102642][T22270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 697.102660][T22270] Call Trace: [ 697.102670][T22270] [ 697.102688][T22270] dump_stack_lvl+0x16c/0x1f0 [ 697.102738][T22270] should_fail_ex+0x512/0x640 [ 697.102779][T22270] _copy_from_user+0x2e/0xd0 [ 697.102818][T22270] copy_msghdr_from_user+0x98/0x160 [ 697.102860][T22270] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 697.102921][T22270] ___sys_sendmsg+0xfe/0x1d0 [ 697.102964][T22270] ? __pfx____sys_sendmsg+0x10/0x10 [ 697.103051][T22270] __sys_sendmsg+0x16d/0x220 [ 697.103091][T22270] ? __pfx___sys_sendmsg+0x10/0x10 [ 697.103141][T22270] ? rcu_is_watching+0x12/0xc0 [ 697.103190][T22270] do_syscall_64+0xcd/0x260 [ 697.103239][T22270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.103270][T22270] RIP: 0033:0x7f0f7418e169 [ 697.103293][T22270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.103322][T22270] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 697.103350][T22270] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 697.103371][T22270] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000003 [ 697.103390][T22270] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 697.103408][T22270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 697.103427][T22270] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 697.103466][T22270] [ 698.882193][ T30] audit: type=1800 audit(6039811317.318:15): pid=22357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2685" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 699.205503][T22367] FAULT_INJECTION: forcing a failure. [ 699.205503][T22367] name failslab, interval 1, probability 0, space 0, times 0 [ 699.241956][T22367] CPU: 0 UID: 0 PID: 22367 Comm: syz.1.2686 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 699.242000][T22367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 699.242018][T22367] Call Trace: [ 699.242028][T22367] [ 699.242038][T22367] dump_stack_lvl+0x16c/0x1f0 [ 699.242089][T22367] should_fail_ex+0x512/0x640 [ 699.242125][T22367] ? __kvmalloc_node_noprof+0x122/0x600 [ 699.242175][T22367] should_failslab+0xc2/0x120 [ 699.242204][T22367] __kvmalloc_node_noprof+0x135/0x600 [ 699.242247][T22367] ? __pfx_net_ctl_permissions+0x10/0x10 [ 699.242296][T22367] ? proc_sys_call_handler+0x2a6/0x5c0 [ 699.242336][T22367] ? proc_sys_call_handler+0x2a6/0x5c0 [ 699.242377][T22367] proc_sys_call_handler+0x2a6/0x5c0 [ 699.242428][T22367] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 699.242470][T22367] ? rw_verify_area+0xcf/0x680 [ 699.242513][T22367] vfs_read+0x8c8/0xc70 [ 699.242560][T22367] ? __pfx___mutex_lock+0x10/0x10 [ 699.242606][T22367] ? __pfx_vfs_read+0x10/0x10 [ 699.242675][T22367] ksys_read+0x12a/0x240 [ 699.242718][T22367] ? __pfx_ksys_read+0x10/0x10 [ 699.242757][T22367] ? rcu_is_watching+0x12/0xc0 [ 699.242807][T22367] do_syscall_64+0xcd/0x260 [ 699.242865][T22367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.242897][T22367] RIP: 0033:0x7f6e6078e169 [ 699.242921][T22367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 699.242951][T22367] RSP: 002b:00007f6e615bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 699.242979][T22367] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078e169 [ 699.242999][T22367] RDX: 0000000000000006 RSI: 0000200000001080 RDI: 0000000000000003 [ 699.243018][T22367] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 699.243036][T22367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 699.243054][T22367] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 699.243093][T22367] [ 700.094179][T22141] Process accounting resumed [ 700.215742][T22378] FAULT_INJECTION: forcing a failure. [ 700.215742][T22378] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 700.302090][T22378] CPU: 0 UID: 0 PID: 22378 Comm: syz.1.2689 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 700.302136][T22378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 700.302156][T22378] Call Trace: [ 700.302166][T22378] [ 700.302177][T22378] dump_stack_lvl+0x16c/0x1f0 [ 700.302229][T22378] should_fail_ex+0x512/0x640 [ 700.302272][T22378] _copy_from_user+0x2e/0xd0 [ 700.302315][T22378] kstrtouint_from_user+0xd6/0x1d0 [ 700.302366][T22378] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 700.302415][T22378] ? __lock_acquire+0xaa4/0x1ba0 [ 700.302488][T22378] proc_fail_nth_write+0x83/0x250 [ 700.302533][T22378] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 700.302590][T22378] vfs_write+0x25c/0x1180 [ 700.302632][T22378] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 700.302684][T22378] ? __pfx___mutex_lock+0x10/0x10 [ 700.302740][T22378] ? __pfx_vfs_write+0x10/0x10 [ 700.302798][T22378] ? __fget_files+0x20e/0x3c0 [ 700.302857][T22378] ksys_write+0x12a/0x240 [ 700.302901][T22378] ? __pfx_ksys_write+0x10/0x10 [ 700.302942][T22378] ? rcu_is_watching+0x12/0xc0 [ 700.302994][T22378] do_syscall_64+0xcd/0x260 [ 700.303046][T22378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 700.303078][T22378] RIP: 0033:0x7f6e6078cc1f [ 700.303104][T22378] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 700.303134][T22378] RSP: 002b:00007f6e615bd030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 700.303163][T22378] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6e6078cc1f [ 700.303183][T22378] RDX: 0000000000000001 RSI: 00007f6e615bd0a0 RDI: 0000000000000005 [ 700.303203][T22378] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 700.303223][T22378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 700.303242][T22378] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 700.303285][T22378] [ 700.844772][T22385] program syz.4.2691 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 701.360545][T22397] FAULT_INJECTION: forcing a failure. [ 701.360545][T22397] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 701.410321][T22397] CPU: 0 UID: 0 PID: 22397 Comm: syz.3.2693 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 701.410377][T22397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 701.410395][T22397] Call Trace: [ 701.410405][T22397] [ 701.410417][T22397] dump_stack_lvl+0x16c/0x1f0 [ 701.410466][T22397] should_fail_ex+0x512/0x640 [ 701.410508][T22397] _copy_to_user+0x32/0xd0 [ 701.410548][T22397] do_pages_stat+0x5a5/0x850 [ 701.410593][T22397] ? __pfx_do_pages_stat+0x10/0x10 [ 701.410676][T22397] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 701.410718][T22397] ? lockdep_hardirqs_on+0x7c/0x110 [ 701.410762][T22397] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 701.410810][T22397] kernel_move_pages+0x107a/0x1430 [ 701.410846][T22397] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 701.410911][T22397] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 701.410959][T22397] ? __pfx_kernel_move_pages+0x10/0x10 [ 701.410994][T22397] ? __fget_files+0x20e/0x3c0 [ 701.411044][T22397] ? fput+0x70/0xf0 [ 701.411073][T22397] ? ksys_write+0x1b9/0x240 [ 701.411114][T22397] ? __pfx_ksys_write+0x10/0x10 [ 701.411154][T22397] ? rcu_is_watching+0x12/0xc0 [ 701.411197][T22397] __x64_sys_move_pages+0xe0/0x1c0 [ 701.411231][T22397] ? do_syscall_64+0x91/0x260 [ 701.411274][T22397] ? lockdep_hardirqs_on+0x7c/0x110 [ 701.411315][T22397] do_syscall_64+0xcd/0x260 [ 701.411370][T22397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 701.411399][T22397] RIP: 0033:0x7f398d98e169 [ 701.411423][T22397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 701.411451][T22397] RSP: 002b:00007f398e7ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 701.411480][T22397] RAX: ffffffffffffffda RBX: 00007f398dbb6080 RCX: 00007f398d98e169 [ 701.411500][T22397] RDX: 0000000000000000 RSI: 0000000000001002 RDI: 0000000000000000 [ 701.411518][T22397] RBP: 00007f398e7ca090 R08: 0000000000000000 R09: 0000000000000002 [ 701.411537][T22397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 701.411555][T22397] R13: 0000000000000000 R14: 00007f398dbb6080 R15: 00007ffe2d563738 [ 701.411594][T22397] [ 702.028336][T22406] FAULT_INJECTION: forcing a failure. [ 702.028336][T22406] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 702.060732][T22406] CPU: 1 UID: 0 PID: 22406 Comm: syz.3.2696 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 702.060777][T22406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 702.060796][T22406] Call Trace: [ 702.060806][T22406] [ 702.060817][T22406] dump_stack_lvl+0x16c/0x1f0 [ 702.060869][T22406] should_fail_ex+0x512/0x640 [ 702.060911][T22406] _copy_to_user+0x32/0xd0 [ 702.060955][T22406] simple_read_from_buffer+0xcb/0x170 [ 702.061002][T22406] proc_fail_nth_read+0x197/0x270 [ 702.061047][T22406] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 702.061093][T22406] ? rw_verify_area+0xcf/0x680 [ 702.061132][T22406] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 702.061178][T22406] vfs_read+0x1de/0xc70 [ 702.061227][T22406] ? __pfx___mutex_lock+0x10/0x10 [ 702.061274][T22406] ? __pfx_vfs_read+0x10/0x10 [ 702.061330][T22406] ? __fget_files+0x20e/0x3c0 [ 702.061408][T22406] ksys_read+0x12a/0x240 [ 702.061450][T22406] ? __pfx_ksys_read+0x10/0x10 [ 702.061491][T22406] ? rcu_is_watching+0x12/0xc0 [ 702.061541][T22406] do_syscall_64+0xcd/0x260 [ 702.061591][T22406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.061623][T22406] RIP: 0033:0x7f398d98cb7c [ 702.061647][T22406] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 702.061677][T22406] RSP: 002b:00007f398e7eb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 702.061707][T22406] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98cb7c [ 702.061728][T22406] RDX: 000000000000000f RSI: 00007f398e7eb0a0 RDI: 0000000000000004 [ 702.061748][T22406] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 702.061768][T22406] R10: 0000000000000eb3 R11: 0000000000000246 R12: 0000000000000001 [ 702.061788][T22406] R13: 0000000000000000 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 702.061829][T22406] [ 703.431502][T22482] FAULT_INJECTION: forcing a failure. [ 703.431502][T22482] name failslab, interval 1, probability 0, space 0, times 0 [ 703.482923][T22482] CPU: 0 UID: 0 PID: 22482 Comm: syz.1.2701 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 703.482968][T22482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 703.482987][T22482] Call Trace: [ 703.482998][T22482] [ 703.483010][T22482] dump_stack_lvl+0x16c/0x1f0 [ 703.483061][T22482] should_fail_ex+0x512/0x640 [ 703.483096][T22482] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 703.483144][T22482] should_failslab+0xc2/0x120 [ 703.483192][T22482] __kmalloc_cache_noprof+0x6a/0x3e0 [ 703.483259][T22482] ? __vb2_init_fileio+0x253/0x1100 [ 703.483306][T22482] __vb2_init_fileio+0x253/0x1100 [ 703.483374][T22482] ? vb2_fop_read+0xe6/0x3e0 [ 703.483413][T22482] __vb2_perform_fileio+0x9c2/0x1660 [ 703.483478][T22482] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 703.483520][T22482] ? get_pid_task+0xfc/0x250 [ 703.483559][T22482] vb2_fop_read+0x215/0x3e0 [ 703.483602][T22482] v4l2_read+0x226/0x360 [ 703.483648][T22482] ? __pfx_v4l2_read+0x10/0x10 [ 703.483696][T22482] vfs_read+0x1de/0xc70 [ 703.483747][T22482] ? __pfx_vfs_read+0x10/0x10 [ 703.483786][T22482] ? find_held_lock+0x2b/0x80 [ 703.483827][T22482] ? __fget_files+0x204/0x3c0 [ 703.483876][T22482] ? __fget_files+0x20e/0x3c0 [ 703.483931][T22482] ksys_read+0x12a/0x240 [ 703.483992][T22482] ? __pfx_ksys_read+0x10/0x10 [ 703.484033][T22482] ? rcu_is_watching+0x12/0xc0 [ 703.484084][T22482] do_syscall_64+0xcd/0x260 [ 703.484134][T22482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.484164][T22482] RIP: 0033:0x7f6e6078e169 [ 703.484189][T22482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.484220][T22482] RSP: 002b:00007f6e615bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 703.484260][T22482] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078e169 [ 703.484282][T22482] RDX: 0000000000000ff3 RSI: 0000200000001900 RDI: 0000000000000003 [ 703.484302][T22482] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 703.484323][T22482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 703.484343][T22482] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 703.484385][T22482] [ 703.847481][T22491] hub 8-0:1.0: USB hub found [ 703.853720][T22491] hub 8-0:1.0: 1 port detected [ 704.901604][T22550] FAULT_INJECTION: forcing a failure. [ 704.901604][T22550] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 704.933215][T22550] CPU: 0 UID: 0 PID: 22550 Comm: syz.0.2709 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 704.933260][T22550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 704.933279][T22550] Call Trace: [ 704.933290][T22550] [ 704.933302][T22550] dump_stack_lvl+0x16c/0x1f0 [ 704.933365][T22550] should_fail_ex+0x512/0x640 [ 704.933410][T22550] _copy_from_user+0x2e/0xd0 [ 704.933451][T22550] memdup_user+0x6b/0xe0 [ 704.933485][T22550] __x64_sys_kexec_load+0x18e/0x230 [ 704.933528][T22550] do_syscall_64+0xcd/0x260 [ 704.933579][T22550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.933611][T22550] RIP: 0033:0x7f0f7418e169 [ 704.933636][T22550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 704.933668][T22550] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 704.933698][T22550] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 704.933721][T22550] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 704.933742][T22550] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 704.933762][T22550] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 704.933781][T22550] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 704.933824][T22550] [ 705.302643][T22561] __nla_validate_parse: 23 callbacks suppressed [ 705.302667][T22561] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2714'. [ 705.354766][T22566] FAULT_INJECTION: forcing a failure. [ 705.354766][T22566] name failslab, interval 1, probability 0, space 0, times 0 [ 705.411221][T22566] CPU: 1 UID: 0 PID: 22566 Comm: syz.1.2713 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 705.411266][T22566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 705.411285][T22566] Call Trace: [ 705.411296][T22566] [ 705.411315][T22566] dump_stack_lvl+0x16c/0x1f0 [ 705.411366][T22566] should_fail_ex+0x512/0x640 [ 705.411401][T22566] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 705.411453][T22566] should_failslab+0xc2/0x120 [ 705.411482][T22566] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 705.411530][T22566] ? __alloc_skb+0x2b2/0x380 [ 705.411574][T22566] __alloc_skb+0x2b2/0x380 [ 705.411613][T22566] ? __pfx___alloc_skb+0x10/0x10 [ 705.411657][T22566] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 705.411702][T22566] ? __lock_acquire+0xaa4/0x1ba0 [ 705.411758][T22566] netlink_alloc_large_skb+0x69/0x130 [ 705.411807][T22566] netlink_sendmsg+0x6a1/0xdd0 [ 705.411863][T22566] ? __pfx_netlink_sendmsg+0x10/0x10 [ 705.411923][T22566] ____sys_sendmsg+0xa95/0xc70 [ 705.411955][T22566] ? copy_msghdr_from_user+0x10a/0x160 [ 705.411997][T22566] ? __pfx_____sys_sendmsg+0x10/0x10 [ 705.412047][T22566] ___sys_sendmsg+0x134/0x1d0 [ 705.412091][T22566] ? __pfx____sys_sendmsg+0x10/0x10 [ 705.412181][T22566] __sys_sendmsg+0x16d/0x220 [ 705.412224][T22566] ? __pfx___sys_sendmsg+0x10/0x10 [ 705.412277][T22566] ? rcu_is_watching+0x12/0xc0 [ 705.412335][T22566] do_syscall_64+0xcd/0x260 [ 705.412382][T22566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.412408][T22566] RIP: 0033:0x7f6e6078e169 [ 705.412428][T22566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 705.412453][T22566] RSP: 002b:00007f6e615bd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 705.412477][T22566] RAX: ffffffffffffffda RBX: 00007f6e609b5fa0 RCX: 00007f6e6078e169 [ 705.412494][T22566] RDX: 000000000400c004 RSI: 0000200000000140 RDI: 0000000000000003 [ 705.412510][T22566] RBP: 00007f6e615bd090 R08: 0000000000000000 R09: 0000000000000000 [ 705.412526][T22566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 705.412542][T22566] R13: 0000000000000000 R14: 00007f6e609b5fa0 R15: 00007ffdda100458 [ 705.412573][T22566] [ 705.659927][T22572] netlink: 'syz.3.2715': attribute type 1 has an invalid length. [ 706.401136][T22612] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(1734553390.1886744434.0), cmd(2) [ 707.133941][ T5845] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 708.196694][T22752] FAULT_INJECTION: forcing a failure. [ 708.196694][T22752] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 708.221678][T22752] CPU: 0 UID: 0 PID: 22752 Comm: syz.0.2725 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 708.221722][T22752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 708.221741][T22752] Call Trace: [ 708.221751][T22752] [ 708.221763][T22752] dump_stack_lvl+0x16c/0x1f0 [ 708.221815][T22752] should_fail_ex+0x512/0x640 [ 708.221860][T22752] _copy_from_user+0x2e/0xd0 [ 708.221910][T22752] get_timespec64+0x8b/0x240 [ 708.221954][T22752] ? __pfx_get_timespec64+0x10/0x10 [ 708.221995][T22752] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 708.222049][T22752] get_itimerspec64+0x40/0x60 [ 708.222096][T22752] __x64_sys_timer_settime+0x17d/0x2c0 [ 708.222130][T22752] ? __pfx___x64_sys_timer_settime+0x10/0x10 [ 708.222166][T22752] ? ksys_write+0x1b9/0x240 [ 708.222222][T22752] do_syscall_64+0xcd/0x260 [ 708.222271][T22752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.222301][T22752] RIP: 0033:0x7f0f7418e169 [ 708.222324][T22752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 708.222354][T22752] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df [ 708.222384][T22752] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 708.222405][T22752] RDX: 0000200000000200 RSI: 0000000000000100 RDI: 0000000000000000 [ 708.222424][T22752] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 708.222443][T22752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 708.222461][T22752] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 708.222501][T22752] [ 708.260944][T22745] Process accounting resumed [ 708.629910][T22781] FAULT_INJECTION: forcing a failure. [ 708.629910][T22781] name failslab, interval 1, probability 0, space 0, times 0 [ 708.652428][T22781] CPU: 0 UID: 0 PID: 22781 Comm: syz.3.2727 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 708.652473][T22781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 708.652491][T22781] Call Trace: [ 708.652502][T22781] [ 708.652514][T22781] dump_stack_lvl+0x16c/0x1f0 [ 708.652564][T22781] should_fail_ex+0x512/0x640 [ 708.652603][T22781] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 708.652668][T22781] should_failslab+0xc2/0x120 [ 708.652700][T22781] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 708.652745][T22781] ? __alloc_skb+0x2b2/0x380 [ 708.652787][T22781] __alloc_skb+0x2b2/0x380 [ 708.652835][T22781] ? __pfx___alloc_skb+0x10/0x10 [ 708.652875][T22781] ? __lock_acquire+0xaa4/0x1ba0 [ 708.652926][T22781] netlink_alloc_large_skb+0x69/0x130 [ 708.652971][T22781] netlink_sendmsg+0x6a1/0xdd0 [ 708.653020][T22781] ? __pfx_netlink_sendmsg+0x10/0x10 [ 708.653078][T22781] ____sys_sendmsg+0xa95/0xc70 [ 708.653107][T22781] ? copy_msghdr_from_user+0x10a/0x160 [ 708.653146][T22781] ? __pfx_____sys_sendmsg+0x10/0x10 [ 708.653190][T22781] ___sys_sendmsg+0x134/0x1d0 [ 708.653231][T22781] ? __pfx____sys_sendmsg+0x10/0x10 [ 708.653314][T22781] __sys_sendmsg+0x16d/0x220 [ 708.653354][T22781] ? __pfx___sys_sendmsg+0x10/0x10 [ 708.653402][T22781] ? rcu_is_watching+0x12/0xc0 [ 708.653449][T22781] do_syscall_64+0xcd/0x260 [ 708.653496][T22781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.653525][T22781] RIP: 0033:0x7f398d98e169 [ 708.653549][T22781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 708.653576][T22781] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 708.653603][T22781] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 708.653622][T22781] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003 [ 708.653640][T22781] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 708.653656][T22781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 708.653673][T22781] R13: 0000000000000000 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 708.653708][T22781] [ 709.880042][T22868] FAULT_INJECTION: forcing a failure. [ 709.880042][T22868] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 709.985411][T22868] CPU: 0 UID: 0 PID: 22868 Comm: syz.0.2734 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 709.985457][T22868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 709.985476][T22868] Call Trace: [ 709.985488][T22868] [ 709.985500][T22868] dump_stack_lvl+0x16c/0x1f0 [ 709.985553][T22868] should_fail_ex+0x512/0x640 [ 709.985597][T22868] _copy_from_user+0x2e/0xd0 [ 709.985639][T22868] rxrpc_request_key+0x2d3/0x3a0 [ 709.985683][T22868] ? __pfx_rxrpc_request_key+0x10/0x10 [ 709.985729][T22868] ? __local_bh_enable_ip+0xa4/0x120 [ 709.985779][T22868] rxrpc_setsockopt+0x4df/0x710 [ 709.985814][T22868] ? __pfx_rxrpc_setsockopt+0x10/0x10 [ 709.985846][T22868] ? find_held_lock+0x2b/0x80 [ 709.985896][T22868] ? __pfx_rxrpc_setsockopt+0x10/0x10 [ 709.985928][T22868] do_sock_setsockopt+0x221/0x470 [ 709.985986][T22868] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 709.986061][T22868] __sys_setsockopt+0x1a0/0x230 [ 709.986109][T22868] __x64_sys_setsockopt+0xbd/0x160 [ 709.986148][T22868] ? do_syscall_64+0x91/0x260 [ 709.986195][T22868] ? lockdep_hardirqs_on+0x7c/0x110 [ 709.986239][T22868] do_syscall_64+0xcd/0x260 [ 709.986286][T22868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.986319][T22868] RIP: 0033:0x7f0f7418e169 [ 709.986344][T22868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.986375][T22868] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 709.986405][T22868] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 709.986432][T22868] RDX: 0000000000000001 RSI: 0000000000000110 RDI: 0000000000000003 [ 709.986452][T22868] RBP: 00007f0f7503c090 R08: 0000000000000004 R09: 0000000000000000 [ 709.986471][T22868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 709.986489][T22868] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 709.986530][T22868] [ 710.506421][T22887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2736'. [ 711.447949][T22963] FAULT_INJECTION: forcing a failure. [ 711.447949][T22963] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 711.504529][T22963] CPU: 1 UID: 0 PID: 22963 Comm: syz.3.2741 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 711.504574][T22963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 711.504593][T22963] Call Trace: [ 711.504604][T22963] [ 711.504616][T22963] dump_stack_lvl+0x16c/0x1f0 [ 711.504669][T22963] should_fail_ex+0x512/0x640 [ 711.504711][T22963] _copy_from_user+0x2e/0xd0 [ 711.504754][T22963] __do_sys_adjtimex+0x92/0x140 [ 711.504801][T22963] ? __pfx___do_sys_adjtimex+0x10/0x10 [ 711.504849][T22963] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 711.504930][T22963] ? __pfx_ksys_write+0x10/0x10 [ 711.504982][T22963] ? rcu_is_watching+0x12/0xc0 [ 711.505027][T22963] do_syscall_64+0xcd/0x260 [ 711.505078][T22963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.505111][T22963] RIP: 0033:0x7f398d98e169 [ 711.505137][T22963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 711.505167][T22963] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000009f [ 711.505197][T22963] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 711.505220][T22963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000006c0 [ 711.505240][T22963] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 711.505260][T22963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 711.505279][T22963] R13: 0000000000000001 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 711.505319][T22963] [ 713.813289][T23053] FAULT_INJECTION: forcing a failure. [ 713.813289][T23053] name failslab, interval 1, probability 0, space 0, times 0 [ 713.830760][T23058] svc: failed to register nfsdv3 RPC service (errno 111). [ 713.867867][T23058] svc: failed to register nfsaclv3 RPC service (errno 111). [ 713.894996][T23053] CPU: 1 UID: 0 PID: 23053 Comm: syz.0.2749 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 713.895041][T23053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 713.895061][T23053] Call Trace: [ 713.895072][T23053] [ 713.895085][T23053] dump_stack_lvl+0x16c/0x1f0 [ 713.895138][T23053] should_fail_ex+0x512/0x640 [ 713.895175][T23053] ? fs_reclaim_acquire+0xae/0x150 [ 713.895217][T23053] ? tomoyo_encode2+0x100/0x3e0 [ 713.895259][T23053] should_failslab+0xc2/0x120 [ 713.895290][T23053] __kmalloc_noprof+0xd2/0x510 [ 713.895339][T23053] ? d_absolute_path+0x136/0x1a0 [ 713.895382][T23053] tomoyo_encode2+0x100/0x3e0 [ 713.895434][T23053] tomoyo_encode+0x29/0x50 [ 713.895476][T23053] tomoyo_realpath_from_path+0x18f/0x6e0 [ 713.895535][T23053] tomoyo_path_number_perm+0x245/0x580 [ 713.895572][T23053] ? tomoyo_path_number_perm+0x237/0x580 [ 713.895615][T23053] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 713.895657][T23053] ? find_held_lock+0x2b/0x80 [ 713.895745][T23053] ? find_held_lock+0x2b/0x80 [ 713.895786][T23053] ? hook_file_ioctl_common+0x145/0x410 [ 713.895831][T23053] ? __fget_files+0x20e/0x3c0 [ 713.895886][T23053] security_file_ioctl+0x9b/0x240 [ 713.895930][T23053] __x64_sys_ioctl+0xb7/0x200 [ 713.895974][T23053] do_syscall_64+0xcd/0x260 [ 713.896042][T23053] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.896076][T23053] RIP: 0033:0x7f0f7418e169 [ 713.896100][T23053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.896131][T23053] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 713.896160][T23053] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 713.896180][T23053] RDX: 0000000000000000 RSI: 0000000000004b72 RDI: 0000000000000004 [ 713.896198][T23053] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 713.896216][T23053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 713.896234][T23053] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 713.896273][T23053] [ 713.896367][T23053] ERROR: Out of memory at tomoyo_realpath_from_path. [ 714.542742][T23080] FAULT_INJECTION: forcing a failure. [ 714.542742][T23080] name failslab, interval 1, probability 0, space 0, times 0 [ 714.596583][T23080] CPU: 1 UID: 0 PID: 23080 Comm: syz.3.2754 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 714.596636][T23080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 714.596655][T23080] Call Trace: [ 714.596666][T23080] [ 714.596677][T23080] dump_stack_lvl+0x16c/0x1f0 [ 714.596727][T23080] should_fail_ex+0x512/0x640 [ 714.596762][T23080] ? __kmalloc_node_noprof+0xc5/0x500 [ 714.596814][T23080] should_failslab+0xc2/0x120 [ 714.596843][T23080] __kmalloc_node_noprof+0xd8/0x500 [ 714.596892][T23080] ? load_msg+0x43/0x4a0 [ 714.596935][T23080] load_msg+0x43/0x4a0 [ 714.596982][T23080] do_msgsnd+0x1a7/0x17b0 [ 714.597031][T23080] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 714.597086][T23080] ? __pfx_do_msgsnd+0x10/0x10 [ 714.597132][T23080] ? find_held_lock+0x2b/0x80 [ 714.597170][T23080] ? __might_fault+0xe3/0x190 [ 714.597215][T23080] ? __might_fault+0xe3/0x190 [ 714.597259][T23080] ? __might_fault+0x13b/0x190 [ 714.597314][T23080] ? __x64_sys_msgsnd+0xe5/0x130 [ 714.597361][T23080] __x64_sys_msgsnd+0xe5/0x130 [ 714.597411][T23080] do_syscall_64+0xcd/0x260 [ 714.597461][T23080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.597495][T23080] RIP: 0033:0x7f398d98e169 [ 714.597519][T23080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 714.597550][T23080] RSP: 002b:00007f398e7eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000045 [ 714.597579][T23080] RAX: ffffffffffffffda RBX: 00007f398dbb5fa0 RCX: 00007f398d98e169 [ 714.597599][T23080] RDX: 0000000000000400 RSI: 0000200000000600 RDI: 0000000000000000 [ 714.597625][T23080] RBP: 00007f398e7eb090 R08: 0000000000000000 R09: 0000000000000000 [ 714.597644][T23080] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 714.597662][T23080] R13: 0000000000000001 R14: 00007f398dbb5fa0 R15: 00007ffe2d563738 [ 714.597701][T23080] [ 715.517884][T23119] FAULT_INJECTION: forcing a failure. [ 715.517884][T23119] name failslab, interval 1, probability 0, space 0, times 0 [ 715.541638][T23119] CPU: 0 UID: 0 PID: 23119 Comm: syz.0.2759 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 715.541683][T23119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 715.541702][T23119] Call Trace: [ 715.541713][T23119] [ 715.541725][T23119] dump_stack_lvl+0x16c/0x1f0 [ 715.541777][T23119] should_fail_ex+0x512/0x640 [ 715.541812][T23119] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 715.541867][T23119] should_failslab+0xc2/0x120 [ 715.541896][T23119] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 715.541943][T23119] ? __alloc_skb+0x2b2/0x380 [ 715.541987][T23119] __alloc_skb+0x2b2/0x380 [ 715.542024][T23119] ? __pfx___alloc_skb+0x10/0x10 [ 715.542067][T23119] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 715.542110][T23119] ? __lock_acquire+0xaa4/0x1ba0 [ 715.542166][T23119] netlink_alloc_large_skb+0x69/0x130 [ 715.542215][T23119] netlink_sendmsg+0x6a1/0xdd0 [ 715.542266][T23119] ? __pfx_netlink_sendmsg+0x10/0x10 [ 715.542332][T23119] ____sys_sendmsg+0xa95/0xc70 [ 715.542360][T23119] ? copy_msghdr_from_user+0x10a/0x160 [ 715.542399][T23119] ? __pfx_____sys_sendmsg+0x10/0x10 [ 715.542446][T23119] ___sys_sendmsg+0x134/0x1d0 [ 715.542489][T23119] ? __pfx____sys_sendmsg+0x10/0x10 [ 715.542580][T23119] __sys_sendmsg+0x16d/0x220 [ 715.542632][T23119] ? __pfx___sys_sendmsg+0x10/0x10 [ 715.542685][T23119] ? rcu_is_watching+0x12/0xc0 [ 715.542736][T23119] do_syscall_64+0xcd/0x260 [ 715.542786][T23119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.542818][T23119] RIP: 0033:0x7f0f7418e169 [ 715.542843][T23119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.542872][T23119] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 715.542901][T23119] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 715.542921][T23119] RDX: 0000000000000040 RSI: 0000200000000080 RDI: 0000000000000003 [ 715.542940][T23119] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 715.542959][T23119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 715.542976][T23119] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 715.543015][T23119] [ 716.383375][T23143] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 716.418420][T23143] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 716.516330][T23143] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 716.621738][T23143] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 716.684639][T23143] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 716.754009][T23143] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 716.816245][T23143] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 716.897587][T23143] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 716.928300][T23143] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 717.005511][T23143] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 717.131654][T23143] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 717.161112][T23143] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 717.253844][T23143] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 717.481175][T23232] FAULT_INJECTION: forcing a failure. [ 717.481175][T23232] name failslab, interval 1, probability 0, space 0, times 0 [ 717.562850][T23232] CPU: 1 UID: 0 PID: 23232 Comm: syz.0.2763 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 717.562889][T23232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 717.562908][T23232] Call Trace: [ 717.562918][T23232] [ 717.562929][T23232] dump_stack_lvl+0x16c/0x1f0 [ 717.562976][T23232] should_fail_ex+0x512/0x640 [ 717.563009][T23232] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 717.563057][T23232] should_failslab+0xc2/0x120 [ 717.563105][T23232] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 717.563152][T23232] ? getname_flags.part.0+0x4c/0x550 [ 717.563195][T23232] getname_flags.part.0+0x4c/0x550 [ 717.563228][T23232] ? rcu_is_watching+0x12/0xc0 [ 717.563272][T23232] getname_flags+0x93/0xf0 [ 717.563315][T23232] __x64_sys_execve+0x74/0xb0 [ 717.563360][T23232] do_syscall_64+0xcd/0x260 [ 717.563418][T23232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.563451][T23232] RIP: 0033:0x7f0f7418e169 [ 717.563476][T23232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.563505][T23232] RSP: 002b:00007f0f7501b038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 717.563534][T23232] RAX: ffffffffffffffda RBX: 00007f0f743b6080 RCX: 00007f0f7418e169 [ 717.563555][T23232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 717.563579][T23232] RBP: 00007f0f7501b090 R08: 0000000000000000 R09: 0000000000000000 [ 717.563598][T23232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 717.563618][T23232] R13: 0000000000000000 R14: 00007f0f743b6080 R15: 00007ffe844b32f8 [ 717.563667][T23232] [ 718.232322][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 718.631988][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 718.992025][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 719.192350][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 720.267917][T23334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2772'. [ 720.312203][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 720.714151][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 721.035384][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 721.276710][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 722.153189][T23409] FAULT_INJECTION: forcing a failure. [ 722.153189][T23409] name failslab, interval 1, probability 0, space 0, times 0 [ 722.222276][T23409] CPU: 1 UID: 0 PID: 23409 Comm: syz.0.2782 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 722.222322][T23409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 722.222342][T23409] Call Trace: [ 722.222355][T23409] [ 722.222368][T23409] dump_stack_lvl+0x16c/0x1f0 [ 722.222425][T23409] should_fail_ex+0x512/0x640 [ 722.222463][T23409] ? __kmalloc_noprof+0xbf/0x510 [ 722.222515][T23409] ? lsm_blob_alloc+0x68/0x90 [ 722.222562][T23409] should_failslab+0xc2/0x120 [ 722.222594][T23409] __kmalloc_noprof+0xd2/0x510 [ 722.222652][T23409] lsm_blob_alloc+0x68/0x90 [ 722.222703][T23409] security_prepare_creds+0x30/0x270 [ 722.222752][T23409] prepare_creds+0x56f/0x7d0 [ 722.222791][T23409] copy_creds+0xa7/0xa50 [ 722.222841][T23409] copy_process+0x10b1/0x91a0 [ 722.222888][T23409] ? find_held_lock+0x2b/0x80 [ 722.222932][T23409] ? schedule+0x2d7/0x3a0 [ 722.222977][T23409] ? futex_wait_queue+0x24/0x220 [ 722.223010][T23409] ? schedule+0xf1/0x3a0 [ 722.223051][T23409] ? futex_wait_queue+0x14c/0x220 [ 722.223092][T23409] ? __pfx_copy_process+0x10/0x10 [ 722.223138][T23409] ? __pfx___futex_wait+0x10/0x10 [ 722.223180][T23409] ? __pfx_futex_wake_mark+0x10/0x10 [ 722.223221][T23409] ? __lock_acquire+0xaa4/0x1ba0 [ 722.223283][T23409] kernel_clone+0xfc/0x960 [ 722.223335][T23409] ? __pfx_kernel_clone+0x10/0x10 [ 722.223405][T23409] __do_sys_clone+0xce/0x120 [ 722.223454][T23409] ? __pfx___do_sys_clone+0x10/0x10 [ 722.223524][T23409] ? rcu_is_watching+0x12/0xc0 [ 722.223577][T23409] do_syscall_64+0xcd/0x260 [ 722.223630][T23409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.223664][T23409] RIP: 0033:0x7f0f7418e169 [ 722.223692][T23409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 722.223725][T23409] RSP: 002b:00007f0f7503bfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 722.223756][T23409] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 722.223779][T23409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 722.223799][T23409] RBP: 00007f0f74210a68 R08: 0000000000000000 R09: 0000000000000000 [ 722.223845][T23409] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 722.223865][T23409] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 722.223908][T23409] [ 722.591925][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 722.793512][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 723.112013][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 723.352003][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 723.602483][T23447] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2786'. [ 724.872553][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 725.211093][T23534] FAULT_INJECTION: forcing a failure. [ 725.211093][T23534] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 725.259883][T23534] CPU: 1 UID: 0 PID: 23534 Comm: syz.4.2796 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 725.259924][T23534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 725.259942][T23534] Call Trace: [ 725.259952][T23534] [ 725.259964][T23534] dump_stack_lvl+0x16c/0x1f0 [ 725.260016][T23534] should_fail_ex+0x512/0x640 [ 725.260056][T23534] strncpy_from_user+0x3b/0x2e0 [ 725.260093][T23534] getname_flags.part.0+0x8f/0x550 [ 725.260134][T23534] getname_flags+0x93/0xf0 [ 725.260176][T23534] do_sys_openat2+0xb8/0x1d0 [ 725.260210][T23534] ? __pfx_do_sys_openat2+0x10/0x10 [ 725.260248][T23534] ? __fget_files+0x20e/0x3c0 [ 725.260302][T23534] __x64_sys_openat+0x174/0x210 [ 725.260336][T23534] ? __pfx___x64_sys_openat+0x10/0x10 [ 725.260370][T23534] ? ksys_write+0x1b9/0x240 [ 725.260414][T23534] ? rcu_is_watching+0x12/0xc0 [ 725.260465][T23534] do_syscall_64+0xcd/0x260 [ 725.260515][T23534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.260551][T23534] RIP: 0033:0x7fd23dd8e169 [ 725.260576][T23534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 725.260607][T23534] RSP: 002b:00007fd23eb18038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 725.260639][T23534] RAX: ffffffffffffffda RBX: 00007fd23dfb5fa0 RCX: 00007fd23dd8e169 [ 725.260661][T23534] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 725.260682][T23534] RBP: 00007fd23eb18090 R08: 0000000000000000 R09: 0000000000000000 [ 725.260702][T23534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 725.260722][T23534] R13: 0000000000000000 R14: 00007fd23dfb5fa0 R15: 00007ffd5c36a5c8 [ 725.260763][T23534] [ 725.800931][T23543] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2798'. [ 726.444088][T23594] FAULT_INJECTION: forcing a failure. [ 726.444088][T23594] name failslab, interval 1, probability 0, space 0, times 0 [ 726.486403][T23594] CPU: 0 UID: 0 PID: 23594 Comm: syz.0.2801 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 726.486468][T23594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 726.486487][T23594] Call Trace: [ 726.486499][T23594] [ 726.486512][T23594] dump_stack_lvl+0x16c/0x1f0 [ 726.486569][T23594] should_fail_ex+0x512/0x640 [ 726.486607][T23594] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 726.486661][T23594] should_failslab+0xc2/0x120 [ 726.486692][T23594] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 726.486755][T23594] ? __alloc_skb+0x2b2/0x380 [ 726.486819][T23594] __alloc_skb+0x2b2/0x380 [ 726.486859][T23594] ? __pfx___alloc_skb+0x10/0x10 [ 726.486904][T23594] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 726.486950][T23594] ? __lock_acquire+0xaa4/0x1ba0 [ 726.487010][T23594] netlink_alloc_large_skb+0x69/0x130 [ 726.487062][T23594] netlink_sendmsg+0x6a1/0xdd0 [ 726.487117][T23594] ? __pfx_netlink_sendmsg+0x10/0x10 [ 726.487182][T23594] ____sys_sendmsg+0xa95/0xc70 [ 726.487214][T23594] ? copy_msghdr_from_user+0x10a/0x160 [ 726.487258][T23594] ? __pfx_____sys_sendmsg+0x10/0x10 [ 726.487309][T23594] ___sys_sendmsg+0x134/0x1d0 [ 726.487354][T23594] ? __pfx____sys_sendmsg+0x10/0x10 [ 726.487433][T23594] ? __pfx_vfs_write+0x10/0x10 [ 726.487479][T23594] ? do_sys_openat2+0x157/0x1d0 [ 726.487524][T23594] __sys_sendmsg+0x16d/0x220 [ 726.487568][T23594] ? __pfx___sys_sendmsg+0x10/0x10 [ 726.487624][T23594] ? rcu_is_watching+0x12/0xc0 [ 726.487676][T23594] do_syscall_64+0xcd/0x260 [ 726.487728][T23594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.487761][T23594] RIP: 0033:0x7f0f7418e169 [ 726.487787][T23594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.487819][T23594] RSP: 002b:00007f0f7503c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 726.487850][T23594] RAX: ffffffffffffffda RBX: 00007f0f743b5fa0 RCX: 00007f0f7418e169 [ 726.487873][T23594] RDX: 0000000000048080 RSI: 0000200000000180 RDI: 0000000000000001 [ 726.487893][T23594] RBP: 00007f0f7503c090 R08: 0000000000000000 R09: 0000000000000000 [ 726.487914][T23594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 726.487933][T23594] R13: 0000000000000000 R14: 00007f0f743b5fa0 R15: 00007ffe844b32f8 [ 726.487975][T23594] [ 728.442936][T23677] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2810'. [ 730.282547][T23778] FAULT_INJECTION: forcing a failure. [ 730.282547][T23778] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 730.326989][T23778] CPU: 1 UID: 0 PID: 23778 Comm: syz.0.2820 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 730.327031][T23778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 730.327049][T23778] Call Trace: [ 730.327060][T23778] [ 730.327093][T23778] dump_stack_lvl+0x16c/0x1f0 [ 730.327142][T23778] should_fail_ex+0x512/0x640 [ 730.327180][T23778] _copy_from_user+0x2e/0xd0 [ 730.327218][T23778] move_addr_to_kernel+0x65/0x170 [ 730.327249][T23778] __copy_msghdr+0x386/0x470 [ 730.327286][T23778] copy_msghdr_from_user+0xc1/0x160 [ 730.327323][T23778] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 730.327365][T23778] ? __pfx__kstrtoull+0x10/0x10 [ 730.327415][T23778] ___sys_sendmsg+0xfe/0x1d0 [ 730.327467][T23778] ? __pfx____sys_sendmsg+0x10/0x10 [ 730.327527][T23778] ? find_held_lock+0x2b/0x80 [ 730.327592][T23778] __sys_sendmmsg+0x200/0x420 [ 730.327639][T23778] ? __pfx___sys_sendmmsg+0x10/0x10 [ 730.327702][T23778] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 730.327766][T23778] ? fput+0x70/0xf0 [ 730.327795][T23778] ? ksys_write+0x1b9/0x240 [ 730.327837][T23778] ? __pfx_ksys_write+0x10/0x10 [ 730.327877][T23778] ? rcu_is_watching+0x12/0xc0 [ 730.327923][T23778] __x64_sys_sendmmsg+0x9c/0x100 [ 730.327967][T23778] ? lockdep_hardirqs_on+0x7c/0x110 [ 730.328012][T23778] do_syscall_64+0xcd/0x260 [ 730.328065][T23778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 730.328098][T23778] RIP: 0033:0x7f0f7418e169 [ 730.328124][T23778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 730.328155][T23778] RSP: 002b:00007f0f7501b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 730.328185][T23778] RAX: ffffffffffffffda RBX: 00007f0f743b6080 RCX: 00007f0f7418e169 [ 730.328206][T23778] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000004 [ 730.328227][T23778] RBP: 00007f0f7501b090 R08: 0000000000000000 R09: 0000000000000000 [ 730.328247][T23778] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 730.328268][T23778] R13: 0000000000000000 R14: 00007f0f743b6080 R15: 00007ffe844b32f8 [ 730.328311][T23778] [ 730.369366][T23759] Process accounting paused [ 731.364763][T23837] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2823'. [ 733.163663][T23942] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2829'. [ 734.176069][T23989] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2835'. [ 734.607259][T24048] FAULT_INJECTION: forcing a failure. [ 734.607259][T24048] name failslab, interval 1, probability 0, space 0, times 0 [ 734.657887][T24048] CPU: 1 UID: 0 PID: 24048 Comm: syz.4.2839 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 734.657934][T24048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 734.657954][T24048] Call Trace: [ 734.657965][T24048] [ 734.657978][T24048] dump_stack_lvl+0x16c/0x1f0 [ 734.658032][T24048] should_fail_ex+0x512/0x640 [ 734.658069][T24048] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 734.658123][T24048] should_failslab+0xc2/0x120 [ 734.658154][T24048] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 734.658202][T24048] ? d_instantiate+0x77/0x90 [ 734.658233][T24048] ? alloc_empty_file+0x55/0x1e0 [ 734.658274][T24048] alloc_empty_file+0x55/0x1e0 [ 734.658311][T24048] alloc_file_pseudo+0x13a/0x230 [ 734.658350][T24048] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 734.658387][T24048] ? alloc_fd+0x471/0x7d0 [ 734.658439][T24048] sock_alloc_file+0x50/0x210 [ 734.658488][T24048] __sys_socket+0x1c0/0x260 [ 734.658519][T24048] ? fput+0x70/0xf0 [ 734.658549][T24048] ? __pfx___sys_socket+0x10/0x10 [ 734.658579][T24048] ? ksys_write+0x1b9/0x240 [ 734.658624][T24048] ? __pfx_ksys_write+0x10/0x10 [ 734.658676][T24048] __x64_sys_socket+0x72/0xb0 [ 734.658708][T24048] ? lockdep_hardirqs_on+0x7c/0x110 [ 734.658754][T24048] do_syscall_64+0xcd/0x260 [ 734.658806][T24048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.658838][T24048] RIP: 0033:0x7fd23dd8e169 [ 734.658871][T24048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.658902][T24048] RSP: 002b:00007fd23eb18038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 734.658932][T24048] RAX: ffffffffffffffda RBX: 00007fd23dfb5fa0 RCX: 00007fd23dd8e169 [ 734.658965][T24048] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000021 [ 734.658983][T24048] RBP: 00007fd23eb18090 R08: 0000000000000000 R09: 0000000000000000 [ 734.659001][T24048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 734.659019][T24048] R13: 0000000000000001 R14: 00007fd23dfb5fa0 R15: 00007ffd5c36a5c8 [ 734.659057][T24048] [ 735.091054][T24064] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2840'. [ 735.700696][T24113] ceph: Failed to parse sending metrics switch value 'P^' [ 735.879167][T24129] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2848'. [ 735.940406][T24113] Invalid ELF header magic: != ELF [ 736.217776][T24151] [ 736.220178][T24151] ====================================================== [ 736.227226][T24151] WARNING: possible circular locking dependency detected [ 736.234256][T24151] 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 Not tainted [ 736.241375][T24151] ------------------------------------------------------ [ 736.248403][T24151] syz.3.2847/24151 is trying to acquire lock: [ 736.254478][T24151] ffff88803c491bd8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 736.263926][T24151] [ 736.263926][T24151] but task is already holding lock: [ 736.271317][T24151] ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 736.280606][T24151] [ 736.280606][T24151] which lock already depends on the new lock. [ 736.280606][T24151] [ 736.291025][T24151] [ 736.291025][T24151] the existing dependency chain (in reverse order) is: [ 736.300060][T24151] [ 736.300060][T24151] -> #2 (rtnl_mutex){+.+.}-{4:4}: [ 736.307310][T24151] __mutex_lock+0x199/0xb90 [ 736.312377][T24151] do_ipv6_setsockopt+0x2042/0x4420 [ 736.318133][T24151] ipv6_setsockopt+0xcb/0x170 [ 736.323366][T24151] tcp_setsockopt+0xa4/0x100 [ 736.328503][T24151] smc_setsockopt+0x1b3/0xa00 [ 736.333720][T24151] do_sock_setsockopt+0x221/0x470 [ 736.339325][T24151] __sys_setsockopt+0x1a0/0x230 [ 736.344738][T24151] __x64_sys_setsockopt+0xbd/0x160 [ 736.350394][T24151] do_syscall_64+0xcd/0x260 [ 736.355449][T24151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.361885][T24151] [ 736.361885][T24151] -> #1 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 736.370518][T24151] __mutex_lock+0x199/0xb90 [ 736.376444][T24151] smc_switch_to_fallback+0x2d/0x9f0 [ 736.382271][T24151] smc_sendmsg+0x13d/0x520 [ 736.387226][T24151] ____sys_sendmsg+0xa95/0xc70 [ 736.392535][T24151] ___sys_sendmsg+0x134/0x1d0 [ 736.397763][T24151] __sys_sendmsg+0x16d/0x220 [ 736.402899][T24151] do_syscall_64+0xcd/0x260 [ 736.407957][T24151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.414397][T24151] [ 736.414397][T24151] -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 736.422164][T24151] __lock_acquire+0x1173/0x1ba0 [ 736.427587][T24151] lock_acquire+0x179/0x350 [ 736.432649][T24151] lock_sock_nested+0x41/0xf0 [ 736.437886][T24151] sockopt_lock_sock+0x54/0x70 [ 736.443202][T24151] do_ipv6_setsockopt+0x204a/0x4420 [ 736.448980][T24151] ipv6_setsockopt+0xcb/0x170 [ 736.454229][T24151] udpv6_setsockopt+0x7d/0xd0 [ 736.459443][T24151] do_sock_setsockopt+0x221/0x470 [ 736.465022][T24151] __sys_setsockopt+0x1a0/0x230 [ 736.470419][T24151] __x64_sys_setsockopt+0xbd/0x160 [ 736.476084][T24151] do_syscall_64+0xcd/0x260 [ 736.481175][T24151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.487637][T24151] [ 736.487637][T24151] other info that might help us debug this: [ 736.487637][T24151] [ 736.497877][T24151] Chain exists of: [ 736.497877][T24151] sk_lock-AF_INET6 --> &smc->clcsock_release_lock --> rtnl_mutex [ 736.497877][T24151] [ 736.511563][T24151] Possible unsafe locking scenario: [ 736.511563][T24151] [ 736.519022][T24151] CPU0 CPU1 [ 736.524401][T24151] ---- ---- [ 736.529773][T24151] lock(rtnl_mutex); [ 736.533775][T24151] lock(&smc->clcsock_release_lock); [ 736.541690][T24151] lock(rtnl_mutex); [ 736.548214][T24151] lock(sk_lock-AF_INET6); [ 736.552740][T24151] [ 736.552740][T24151] *** DEADLOCK *** [ 736.552740][T24151] [ 736.560890][T24151] 1 lock held by syz.3.2847/24151: [ 736.566011][T24151] #0: ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 736.575727][T24151] [ 736.575727][T24151] stack backtrace: [ 736.581675][T24151] CPU: 0 UID: 0 PID: 24151 Comm: syz.3.2847 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 736.581728][T24151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 736.581744][T24151] Call Trace: [ 736.581753][T24151] [ 736.581762][T24151] dump_stack_lvl+0x116/0x1f0 [ 736.581802][T24151] print_circular_bug+0x275/0x350 [ 736.581846][T24151] check_noncircular+0x14c/0x170 [ 736.581894][T24151] __lock_acquire+0x1173/0x1ba0 [ 736.581938][T24151] ? do_ipv6_setsockopt+0x2042/0x4420 [ 736.581978][T24151] lock_acquire+0x179/0x350 [ 736.582001][T24151] ? sockopt_lock_sock+0x54/0x70 [ 736.582039][T24151] lock_sock_nested+0x41/0xf0 [ 736.582071][T24151] ? sockopt_lock_sock+0x54/0x70 [ 736.582103][T24151] sockopt_lock_sock+0x54/0x70 [ 736.582136][T24151] do_ipv6_setsockopt+0x204a/0x4420 [ 736.582177][T24151] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 736.582216][T24151] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 736.582246][T24151] ? preempt_schedule_common+0x44/0xc0 [ 736.582282][T24151] ? preempt_schedule_thunk+0x16/0x30 [ 736.582312][T24151] ? try_to_wake_up+0xa2f/0x1680 [ 736.582350][T24151] ? __pfx___might_resched+0x10/0x10 [ 736.582386][T24151] ? wake_up_q+0xb0/0x160 [ 736.582416][T24151] ? do_raw_spin_unlock+0x172/0x230 [ 736.582447][T24151] ? aa_sk_perm+0x2f4/0xb10 [ 736.582476][T24151] ? ipv6_setsockopt+0xcb/0x170 [ 736.582512][T24151] ipv6_setsockopt+0xcb/0x170 [ 736.582549][T24151] udpv6_setsockopt+0x7d/0xd0 [ 736.582575][T24151] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 736.582617][T24151] do_sock_setsockopt+0x221/0x470 [ 736.582656][T24151] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 736.582709][T24151] __sys_setsockopt+0x1a0/0x230 [ 736.582743][T24151] __x64_sys_setsockopt+0xbd/0x160 [ 736.582774][T24151] ? do_syscall_64+0x91/0x260 [ 736.582812][T24151] ? lockdep_hardirqs_on+0x7c/0x110 [ 736.582848][T24151] do_syscall_64+0xcd/0x260 [ 736.582887][T24151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.582913][T24151] RIP: 0033:0x7f398d98e169 [ 736.582934][T24151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 736.582960][T24151] RSP: 002b:00007f398e7a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 736.582982][T24151] RAX: ffffffffffffffda RBX: 00007f398dbb6160 RCX: 00007f398d98e169 [ 736.582999][T24151] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0400000000000003 [ 736.583015][T24151] RBP: 00007f398da10a68 R08: 000000000000056b R09: 0000000000000000 [ 736.583032][T24151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 736.583047][T24151] R13: 0000000000000000 R14: 00007f398dbb6160 R15: 00007ffe2d563738 [ 736.583071][T24151] [ 738.722062][ T6243] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3