last executing test programs: 2m1.272340539s ago: executing program 2 (id=1472): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r0, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000000480)={0x50, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x38, 0x1, 0x0, 0x1, [@typed={0x8, 0xbb, 0x0, 0x0, @fd}, @typed={0x8, 0x7e, 0x0, 0x0, @fd}, @nested={0x22, 0x1f, 0x0, 0x1, [@generic="6389cdd41a6c5ba0a60c11fc62f29a5e710442a7831161c779e050d08772"]}]}]}, 0x50}, 0x1, 0x0, 0x700000000000000, 0x40c4}, 0x8800) 2m1.105746499s ago: executing program 2 (id=1482): iopl$auto(0x3) signalfd4$auto(0xffffffff, &(0x7f0000000080)={0x8000}, 0x8, 0x0) setresgid$auto(0x0, 0x6, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) clone$auto(0x8001, 0x3, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) 2m0.148545732s ago: executing program 2 (id=1481): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14, r1, 0x301, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0xa6ffffffffffffff, 0x0, 0x801}, 0x8800) 2m0.071010791s ago: executing program 2 (id=1483): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x400, 0x0) r1 = getpid() r2 = gettid() rt_tgsigqueueinfo$auto(r1, r2, 0x21, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51bb8aa5e5fabfd72444df55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9", @inferred=r1}, 0x0, @integer64=@value_ptr=0x0, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"}) 1m59.848372867s ago: executing program 2 (id=1485): timer_create$auto(0x9, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0) socket(0xa, 0x3, 0xffd) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) setsockopt$auto(0x400000000000003, 0x29, 0xc9, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) keyctl$auto(0x13, 0x102000000010001, 0x7d, 0x201, 0x3) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) shutdown$auto(0x200000003, 0x2) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) socket(0x22, 0x2, 0x2) bind$auto(0x7, &(0x7f0000000180)=@in={0x2, 0x0, @rand_addr=0x64010100}, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(r0, 0x3, 0x6, &(0x7f0000000000)='.', &(0x7f00000000c0)=0x5) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r4, 0x29, 0x1b, &(0x7f0000000040)='!\x00', 0x1ff) sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, 0x0, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r5, 0x0, 0x20000000) sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r2, 0x5, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_NAME={0xb, 0x1, '.\x02:\xb6-$\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024) 1m58.844020998s ago: executing program 2 (id=1491): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x4000000028000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/dfscache\x00', 0x40080, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) write$auto_tty_fops_tty_io(r0, 0x0, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0x10000000000eb1, 0x401, 0x8000) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) listen$auto(r1, 0x2) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0xc8, 0x400454de, 0x5c8d) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000004140), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_NL802154_CMD_DISASSOCIATE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008040) 1m43.131890116s ago: executing program 32 (id=1491): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x4000000028000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/dfscache\x00', 0x40080, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) write$auto_tty_fops_tty_io(r0, 0x0, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0x10000000000eb1, 0x401, 0x8000) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) listen$auto(r1, 0x2) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0xc8, 0x400454de, 0x5c8d) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000004140), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_NL802154_CMD_DISASSOCIATE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008040) 5.492771107s ago: executing program 3 (id=2020): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) socket(0x22, 0x3, 0x0) ioctl$auto(0x3, 0x800005411, 0x38) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040), 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x8004) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x400c000) sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x303, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8050}, 0x4000004) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', &(0x7f00000000c0)=&(0x7f0000000080)='$+[-+\x98%(,\x00', 0x0) r2 = bpf$auto(0x0, 0x0, 0xfbf) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89b0, &(0x7f0000000140)={'vlan0\x00'}) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0x296) sendmsg$auto_NLBL_MGMT_C_LISTDEF(r1, 0x0, 0x20048800) select$auto(0x1000009, 0x0, &(0x7f0000000100)={[0xa, 0x200, 0x80000000000000b, 0xc, 0x9, 0xf6, 0x6, 0x1, 0x40009, 0x2000000000003, 0x4000000000000000, 0x6, 0x95, 0x8, 0x8, 0x6]}, 0x0, 0x0) setreuid$auto(0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f00000011c0)=ANY=[@ANYBLOB="c40b0020c2d2a9573cbcb3ad5602eae51f61c92b490600000012364b4eb3345662b0fa30a1fdf25e3296e00f34c69c2628b770ad3f595eeca49c9df93388c5514844b75ab10eb2965002fddc5b9b1edb2f00406bab843cbe28118d29844700000000000000", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="8a200c8227635acf28c0280b172ede4e6c1f406b222163fff073460710ed765939626b8c6a7a13df05930385b46ba0ef54460a590f6d1fafc285827e31917e5210503c4ffc276176c29afbdc597e36377b59602749cd571ee9107ad099e8907b71e3adced76d48e824fd9d04003300880010800400bd801d53ee07a3e32042b2eef2233c396515b11c047a49af5a276026399463633ad0f62cfaf20ad3b33130869e432c823c5aba0ccd248b202ab2dcdc06a1b8d5bbe15b50544b31ccebb20454e2611ef09ae3555bca7c323384ec9ce4f6cc3fb3690f11125bcf2c335137cc06c23cf33b657d0400b0800400ac000800b60007000000001000ba000811701f00e463b4b701591204001601"], 0xbc4}, 0x1, 0x0, 0x0, 0x40010}, 0x0) pipe2$auto(&(0x7f0000000000)=r0, 0x4) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x40000080) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) 4.961076274s ago: executing program 1 (id=2023): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/sctp/assocs\x00', 0x101800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, r0, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020008, 0x3, 0x100000011, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x23, 0x0) socket(0xa, 0x3, 0x6) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f00000000c0)='./cgroup\x00', 0x204040, 0x12f) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/tty34\x00', 0x629042, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/controlC2\x00', 0x141200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000900)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:21/sun\x00', 0x2000, 0x0) poll$auto(0x0, 0xa, 0x8) read$auto_fops_u16_(0xffffffffffffffff, &(0x7f0000000980)=""/245, 0xf5) openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) fchmod$auto(r0, 0xfffa) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptywa\x00', 0x400, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000140)={0x14, r3, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0xc010}, 0x20000010) sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r3, 0x309, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) socketpair$auto(0xfffffffb, 0x4, 0x7, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 4.645429273s ago: executing program 1 (id=2026): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xf7, 0x2) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) socket(0x2b, 0x1, 0x1) socket(0xa, 0x3, 0x73) read$auto(r1, &(0x7f00000000c0)=')}!&\x00', 0x2) socket(0xa, 0x2, 0x3a) r2 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x1801, @old_map_fd=0x3ff}, 0xa3) move_pages$auto(r0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) 3.856221055s ago: executing program 1 (id=2028): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="80060000", @ANYRES16=0x0, @ANYBLOB="040026bd7000fcdbdf2504000000b1000180f5c53c7461b64f8c60fb90f69a1d13d52d6da3527ec7b5be48e686e7364c12793198cdcb6a78253c3bdd79b3374fb2b5b19762a914baa53cfd10bfbf1477407c42963b5791e719e91567d82c697af89370f6f7872979c6713c9b4265a481e529d48a81e88f9d76bc1a060000000000000048f9cffcaa0bed04dad70c00c2d584eb40a6d01a4f463f88d47ae307e73bfd4123c7765a43faedde7088214666ba0cf2c894acec08005c00e8b38dd6dd140b485b867ea9b025e602dd2d017f5a4e642b590f844247806da336eb69e69ed2bff265377c50e537245f6c9c34af088fd7a1638eec1d0da7a65d143e14e5746f475892", @ANYRES32, @ANYBLOB="0000000800040003000000b0050280ac05da8004009f0005e969299377c515fba1ec068cf4bc524696ccfa31f0636e86e9ead7a57c5dbae9d25916617bca2061dd5109486efe289114244d0c6b80caaf44760684e204b8876de8a0be5b0e17915bb9319b3c9b0ea637785ac9c473387c78951f2e5681ea6de1c41585d4670ddf860bee32d836b7c722958b98d3c6ca547a8d2a99f065c895a7a693ce1c31ee96b46349a872953f95a123cdd6b248acb46bfdee74435ae6960a7f9110d0ea3cea56807ee682aa3818fef4060a827c6c620eab5f613a328e5b19470fa68d3e826521934812845d14a26c47162bcf977874cd87d5daf11c6ddff26a7c90d36a2d49505279443e865f2beec2a52ff4647a39e8a9095099451761676eeef529b758e77058e60eee85cc1a11b8173bdc6390f34fe4b2d2b6aa970a1f910e17f15b76f23cebd2db9a666baa88a0af389db9d878b62228aabdb38027a0099eb28639daf5bd097fcb651bd20c6285ef1132bcd652c10d1a82e509664187f88d18fb34fece5cd402d2d44de461c8e4e245904bd84a5b84536f98bc99656e175bc70d347c1ae0db88bb8f8a83dc6ad41337219bf9a455fd49d08fa9e1510fd2bc9aa21cc0d2f0a7da678b1131e84cbb17f4bae6a4e1275a923da597227894408b42621463854c2413378da3ac87ee8a3e062eb7b848d75e2f8b7829def9cb40535f8692e425829e9ac0897f2bc69101b37560cf143836552c50503f4935b0da024cff0eb4c078717e8333a12d535fa892b66b83fb53d54fc86f2f35ec87270380abe8c87cacf9b19aec7ea950bd374ecefa9c64c1d9e607a6fd71a4192aa1ab0e56d7cf158926d30423efc5d623475976b104306eef14bde160ce0921bb758c1967d648b8783fc7990e3f3850fd0d81297d7b69bbe8b9337a7e308e36b7bade455e0fb1adb59c65ccc16ec14eae89bb24c748d7e4c191e75f6bbf4712f0c40a926f46382c545d8798866b9e5019ca6a9c810eda98396710d530e9767e13ac6140eb5bc7c62aed158d6b745d5f450e1fd95e082c68de1376bd039d5638542e82595b381c4d6cac2006a120b7be7f1d991705a7334750227013dd1b6f163545231183609cba6bb9b53baffb8957472ab6e485c86c71c26bd8d2b8b5c2fc479a6e4f1ff5eee91ce71d624ccc44d758ce3d2f5043603d4933cf8b8b09eb894227b4dea165c9ad122b5f4ce583d1cf08ed47da02bb5108fe332f239e6906273d91354e9f695d18df47fbcbd0e59a2432748dc7f5ca673b085cf19a4fb9d642708e1c991bd8f25cf7d48c0e14e59b39be576916e317e72a64d8c40f8a75eee9efb7276dab0122cda1ca10b2c48692537475b41bc52c1c8bee6278097e8fd1dfd711578397b50ca9f50d6ae3a97eced747f78fa7d137331221af418526280ec2cd5c69e7e793854749b99b314c8e2132a32841ba7af631c0a26af6f1954b0209ce52d933ba21680638f7fcd89eee4c5862f15d17cb6a047ee1c64cf2e1461d01eb88b5f847992cf1bde67e105f5b624aebd2d9757dd6ad37c07b16a9db75ab3ea399219cb5e32785bfe8cd8f150b35b21b44db2a3f707a02e46858b09d24cc077fe2f093da116f11816fb1b2573f975986e624ecba2365b0ed2f0f6afb05d1214b36f539afbe471335b9f7de18f909937abe5c17357f9acb42ff7b8980b8ffc6da6a65c0edb22d715137dce8fe4f4b1230482ed972db6f11e15fac7080cea74ec9008f1cf20de595cab5fb8649b6e0cfed593bd4ff0170f5622888e91338b48592253cedb683e4e9ae867c03f3e776bc4b8981312fbe7846d8301906f194a011f7aebbb100b222861e29027c5c349b1bd338ee5b4294baa16e49cd2dc2146d5f05c431487293312f6cf653b7673ea562100b61140074020b0533a382adb694b6786d2b34ae9a241ae3e181b8c992342a5b3cb02744e92a78a730fbaaab85216af83e555f8adb2ae5bb99a307ac267b133236c7755b4682327c59426a681a3cdef4f53643e1a90d82980b925c3740dd29f08965457c10fb9147044583e704834cbb2e9dfd"], 0x680}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) write$auto_bm_entry_operations_binfmt_misc(0xffffffffffffffff, &(0x7f0000000500)="b72202b15a374a58daee3b243a7e0bae10e3a251bf530b0f7d3d97432fabaa1964ca4124758436a74012b4c39224c9308cd167d9bf66d83453de0d374120d3b4c2697202461da20ce5048bbdf2ab6b6d614a076a10dfaee4f406fcfcc53b369234cc4a91c521f74351a4322cb986fa92daf918199aa48b5868d4226c6890f5bde000662c5dcbd13106b879f29eadf442d7a6c9b66650386fbaae4d3e4e44fe5143c1bda89bb099ae5696b2587863e54dd4d941cf09f9b785a3d104341ea4a0fffe109263c05a617687d8f8941cdc273e1231c8d207db65dddc38ba3f8c9a7145b107db5331d0ce7535a4b86406bac9264efd44753bab020633b90779ce0916cebabb1e9b1884ec5853b69b57f22cc95059541d31369561b93e3177f1b8a21594159d3e55ae955b8ded9c54aa0c0d91a97fa15621045c426f1b515e9d2e86a5f3fc146e6540ab441419d35d252ca8ddc94992a53f80b75ac112a79db837bc90d5c2230b710cf37451baf26f7afaf7f02c0a9e2c035fe29218fc39e87263482cefe8a6f4a18348c872396a3172096bf6138c1ea262020d6519b7d28d48517b66bfbceed515f62a98593e8a3d509b7fb9841d8ccc4ec466ebdfe4bc9b58794bbb4ad2b284b531a849a4b1af99d390b29fe698776ceab6d62557d7334b0f13e5dbe7d28000b4d2a33de873f57c89b13518296c16a8e580f6e3bcf11ba3fd30de19b351b538d31067503ba8eda3867000133df97fe2adde19b88da4777a23bc821c765d4d2aa47df24962e1b682030c1a51e3299a735ec2b00d8cb2ba0c94f984eb6581b8c50177f145dc0aab114da4a8401f3250d10cea972c20737e75f593239f94eb4b43ff77cb0f34b04ecbd737436ba1b96574cbc41703f28f52369f25a41154f74cc3a2889689d22ab1fc7b962c78b8c04f80b3085b7d1c5147a17292dc20b87dfe20e97fa41a4b1d428f7ff4bde9c70ac458e6f4a40f8c603a86028bd112ee50681d926fbcaa3d8416e855de74de9544eacb1f59bc00b179d41c0263856f7fe6ffa4cab588072c0f5126e9bd0827b28d9b3667050a12f797c033cbcdaf865bea2abf43961aa43952a4731c60152cee8d928541cdc7ecf40cad21c12a11ff124e8ce2a308409040669c0b9700e4c02fa8261f3180e2cf259b9cf50e9d7d5f02eb04eda42e912542306a1f134ec2aa3a63c52d00ad7af778961124e056ba77fadb51ecea91d6ef80d70fd668225c73f9e8087d7a94d8844e65283f837a4cd7813ef8bb22601fa5f08ee4fd43acb74d90f64d6dc8ffca05a424884e2a023c2075cd2eb5c05f4c7097f0af6dcd1b6fa6694a223ea1a1d9662df2bafac63c8592aceb163564da69f6c97fcfb580fa7bfe1d8d7d6b7d7402d4a6766c884c9d0b63c63c388c4f68212f3a1baa46256d5999fc9d8961a6d81ba1beff9d99786423c7e4a163b02d929d645181d410cf4a8733a4e7b77883aa82fa89f6edfced671b60ffa01147b6e9166b9ea3a581b174caf7988abb7699792e986874b1ab1f7cdbcc92afa8daf2d5bdca431b1826a644b5a6cc1994ea6e9b114d175ed4684ff16876fbef9b993d68feb5a065399795e06af87179beffcb044a6493f7513292ea3fd2d14613adfa6cde3b6604e82b4b9ecb30001bb1567ed36dac57ab9a78f7c7981dcf48bb4fe5b944a6104f35d5f2d3425b53c69e3b9f578b6de41665a500f1ba04", 0x4bf) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) inotify_rm_watch$auto(0xffffffffffffffff, 0x84e4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x8e3e, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys1\x00', 0x20400, 0x0) ioctl$auto_TIOCSWINSZ2(r0, 0x5414, 0x0) modify_ldt$auto(0x1, 0x0, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x501940, 0x0) write$auto_sg_fops_sg(r1, &(0x7f00000000c0)="a1ba24b57d711f4e59f1811652787c5101cb0829a875b2d9578d9655abf7c485c8de20d5960e8c62ec71394cfe643c1d66616df32faac3d9971e269890fc975cb7ec23cec2fb8d61dd015954fe6ce3c1cb410e8a6ee8e2c6c7b3552fef0f6fad5b76832b31f15ab17e2fb67a0ccc17ae93ab9fd848ba3a602bf250428c99aee4d32f213fce9a32e1ca51fa3dbf51", 0x8e) madvise$auto(0xfffffffffffffffd, 0xffffffffffff0002, 0x19) fallocate$auto(0xffffffffffffffff, 0x1, 0x9, 0x80000000) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000600), 0x800, 0x0) ioctl$auto_RTC_AIE_ON(r2, 0x7001, 0x1300) setgroups$auto(0xe32, &(0x7f0000000040)=0x9) uname$auto(&(0x7f0000000280)={"017a23d49d4e4f89b7bb66d0528142ad4998ea9c70c06d0408e91b30b0b0d300722823e67e78003cff84dfc2528569e4ca4367c6216df84c3958d96ed2c499caff", "1e2157148e99091f121521269985a6a599863e135818f2ccc77a864d50fd1b2447c13d33dfb37033d53d69c4ff062abf19efab53fd75a00d4af7dbdef66e913103", "1fa81ccc6ffd05b516bdc4046cdfee68955b5ae48f8a322b6a0e4d8233d9491029f04050fca8a76d8b02739e3347e73f0f398e219952ca06e6c78655a70e097917", "0749ebba3d6f1ed9c077eeeb6deae36535af268af804ea0614e6c5ef0445f6fb05bec835636e440d94396dbeef246ceff774a1af2e8884df1be20351da9874f6fa", "4fbb5ffd975d9cf0800c3bf9046b1351f7371fcaea1fac30b4de0ac23b4d950cba906c482378f4337fe941454b8dbd36e51d285c95a92a20bec5a9907616fad85e", "d802740973602ea52b49799bc04ddb3c4e8995a5f9bd70c8c718fc2ebdffc648dd1195b4ac34305e0d8651eee2435736984e421114030659dd79fedec147e0e6ee"}) madvise$auto(0x0, 0x200007, 0x19) pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdds\x1cJ\x99\x00:+\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\xadCl\x9e\xeb\xcd\vp\x99\x00\xc8\x06\xa5\xdc3\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0A\x94\xa3\xaef\x87\xd8\x95I\xfd\xa8\t\xac\x87\xb7\x1d\xd5\x83\xdcyu]\xde\xbe\xbf$<.}\x8b`\x04\xfc\xa2\xab\xb5]\x80\x00\xb9D\xc5\xbc\xf2a\xd66\xa5\xd3\xc1r\x96\x1e\x8db\x05=`\x01\x11\x04Tz\x87A$\x115\x95PUf\xa7\xfe\x19\x00\x82go}@W\xd5\xaej\x01\xbf>5n\x17S\xc0\x8a\xaf%O\xd1W\xa3ua+sUJ\xea\xf9\xb7p-\x128\x9d\xbaM_\xff\x1c\xc3sG\x04\xf2\xd3\xf3{;\xd4\xd7\x1c\x1dZ\xe9\xe9\xc9\x9cu5\xe9\xa2\xb3N\xd2\xc1\xc8\xa5\xadt\xd5BKD\x86\xeb%\a*\x06\xbb\x1e\xfb\x11U\f&\xcbP\xf1\xcf\xccb\xe8Wb\xc5ae\xe3\xf9l\xa9vK\xed\x8cL\xfb%g\x83;\xe1\xe2w\xd6\xaa6\x16\x8fx\x1a\xd7\xc8\xf4[\xbc\b\xe1Z\x92\x14Q\xde0x0, 0x5, 0x80000001, 0x1, "4941aa833e2fc65b6b3cf7cec76d6778b655282135ba9c2b2d43eeb0dc59b6000000001581914679c9535300"}, 0x4, 0x8, 0x1, @inferred, @integer={0x6, 0x8, 0xfffffffffffff000}, "fbff888a6393f1b4285854c5368de438f8cc142ef6df1259b05ba1183bedbd31b642b4051bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc1"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r3, 0x40405515, &(0x7f0000000000)={@inferred=r4, 0x5, 0xd3, 0x816, "d03f501f6546fceddb733a9ef9efff7c2ea4cee1eefd55b35d194fc58813a523cdc9447dcef419114c100004", @raw=0x80}) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x880, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x5, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82082, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) listen$auto(0x3, 0x81) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) close_range$auto(0x2, 0x8, 0x0) socket(0x29, 0x80000, 0x0) write$auto(0x3, 0x0, 0x296) select$auto(0x1006000d, 0x0, 0x0, 0x0, 0x0) r5 = getpid() fcntl$auto(r2, 0x2, r5) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x2, 0x24) r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x40000, 0x0) ppoll$auto(&(0x7f0000000000)={r6, 0x40}, 0x2, 0x0, 0x0, 0x8) socket(0xa, 0x801, 0x84) 2.718747626s ago: executing program 4 (id=2037): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mq_open$auto(0x0, 0x3ff, 0x7, 0x0) socket(0xa, 0x3, 0xa) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_enter$auto(0xffffffffffffffff, 0x5, 0x0, 0x101, 0x0, 0x5) lremovexattr$auto(0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000000c0)=ANY=[@ANYBLOB="d09b16d5", @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf25140000000c00018008000100", @ANYRES32=r2, @ANYBLOB="05000c0005000000"], 0x28}, 0x1, 0x0, 0x0, 0x44805}, 0x0) 2.604096263s ago: executing program 0 (id=2038): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vivid.0/cec11/uevent\x00', 0x2000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001c00)=""/4111, 0x100f) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0xd, 0x0, 0x8000) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0x1, 0xffffffffffffffff, 0x3) r2 = bpf$auto(0x6, &(0x7f0000001080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x2, 0x6, 0x0) getsockopt$auto(r3, 0x10d, 0x2, 0x0, &(0x7f0000000040)=0x800b) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x261c2, 0x84) setreuid$auto(0x7, 0x806) fcntl$auto(0xff80000000000000, 0x406, 0x1) bind$auto(0x3, &(0x7f0000002000), 0xf) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) pipe2$auto(0x0, 0x80) mmap$auto(0x8, 0x4, 0xc000000, 0x19, 0xfffffffffffffffc, 0x29400000000000) settimeofday$auto(&(0x7f0000000180)={0x1ed5d7403, 0x1}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0x8b0b, 0x91) setsockopt$auto(0x4, 0x29, 0x13, 0x0, 0x200577) semctl$auto(0x0, 0x1e, 0x8, 0xa57) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), r2) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000001140)={0x40, r4, 0x4, 0x70bd29, 0x25dfdbfe, {}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'lo\x00'}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x8b}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e23}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x81}, 0x400c000) 2.357168492s ago: executing program 1 (id=2039): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/radio25\x00', 0x141a40, 0x0) bpf$auto(0x5, &(0x7f0000000440)=@test={0x9, 0x1, 0xa93f, 0x9, 0x3, 0x3, 0x2, 0x0, 0xb4, 0x5, 0x140000000000, 0x0, 0x7fffffff, 0x9, 0x1}, 0x171) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x20203, 0x0, 0xc, 0x5, 0x3, 0x5, 0x2000000000000002, 0x9, 0x8, 0xff, 0xa, 0x7, 0x6, 0x5, 0x4006]}, 0x0, 0x0) 2.164387363s ago: executing program 1 (id=2040): mmap$auto(0x1, 0x9, 0x20000000072, 0x8b72, 0x2, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x800000000000) ioperm$auto(0x7, 0x6, 0x800010) setxattrat$auto(r0, 0x0, 0x3, 0x0, 0x0, 0x9) mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xcb) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) write$auto(0x800000000000c8, 0x0, 0x1a) mmap$auto(0x8, 0x3, 0x6, 0x32d4, 0x10000, 0x80000001) ioctl$auto(0xc8, 0xffffffff800454dd, 0x4000000000008) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mremap$auto(0xffffffffffffff5d, 0xfee0, 0xd, 0x8000000000000000, 0xfffff000) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0xfa1, 0x6, 0xeb1, 0x401, 0x8000) mbind$auto(0x2004, 0x100000004, 0x100000000, 0x0, 0x7, 0x2) mmap$auto(0x0, 0x7fffffffffffffff, 0xdf, 0x15, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) read$auto(r1, 0x0, 0x80) getsockopt$auto(0xffffffffffffffff, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4, 0x4000000020df, 0x40eb2, 0x402, 0x300000000000) capset$auto(0x0, 0x0) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0) read$auto(r2, 0x0, 0x39b8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb5, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) 2.131695798s ago: executing program 0 (id=2041): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e23}, 0x67) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) rseq$auto(&(0x7f00000000c0)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) read$auto(0x3, 0x0, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0xa, 0x2, 0x0) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) write$auto(0x3, 0x0, 0xfdef) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x810) bpf$auto(0x0, 0x0, 0xfbf) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setresuid$auto(0xa59c, 0x8000000000000000, 0x0) unshare$auto(0x8000000000000000) iopl$auto(0xfffffff9) setns(0xffffffffffffffff, 0x0) 2.014119777s ago: executing program 4 (id=2042): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)={0x20, r2, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r1}, @NL80211_ATTR_SCAN_SSIDS={0x4}]}, 0x20}}, 0x4000000) (fail_nth: 6) 1.346253313s ago: executing program 3 (id=2043): mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/binderfs/binder0\x00', 0x400341, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card1/pcm0p/sub0/status\x00', 0x200, 0x0) pread64$auto(r0, 0x0, 0x100000000008, 0x8) r1 = fanotify_init$auto(0x65, 0x2) socket(0xa, 0x806, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_BTRFS_IOC_SCAN_DEV(r1, 0x50009404, &(0x7f0000000140)={@inferred=r2, "33fa8eec0c4a184c17584424b9e592529bd04d9b270c0d84f6e0687be58ce85b87288a1a178ba824375b374d5e954fe76f31490034e4a8f26385a5a37a85c6123ee7392ba4cabef6e45bffe761c5fda133c632561b30d07d2404dfab3bfb61494f0ff2aef5810b4c5c6a1be78d1c5bad6efedd5e63715e344451b0ee353bc405e452fd23af70133947fe28cc76513e2047df6195ef868a786f397c0007a572ee0f1bffb9582d4810f5117c61ca374f31ec1a4d54a08395426a7eace51022f6e7aea500fa01dfdcbb2e47a43244d5c02910ab90baf67c5a6f23bd1fb001c5bc520593e88a6f65dd06197b4d97ced925c38c3e5381108ec2aabfa8c2af3244422473fb0c874293ed6346da4871f0a10ad64afad2fc9166a2b02c3998704548fafc9efbd8ce8eb6a4bce2ae8d5bf6035ad1f3559d32b0c221c11d2822758bda63cbb85144e4f73bed67311b37d08715af544da0492c46619fdcc490c84d53b4c9c4fd9b86e9b6ae329c29b79d6447c13ae6487f2741415a1bf5e3edae7d50a30c351371671ddd4f5fe10b013cb50bf405eac4995d5c04f8a86ca5b66c027d87ae12c6d8316b8878e90de56d6a62193124e1b54d25b5096cca4bbf8bf97003b6e5dc485d16e99ed9b4abf3491c8ecfa21c9af7a944c083abebfb300570037d8cad36ef77ad192a0432b2942ef8d31b3703104b3848a172c035123db8b16271311dfbeaf2e6abc9562c2e28e22199d12da47d4cc894813feeaf7f6f585f72098cbf034550969cb72d750904ae13e9bedabf08eb2bc60a43a315b526c1a1672315913cc8307f877df890aeac8097c9a1fa9c32aa0947458084268fc4458ed67762a9e34edb8d56765eaeb63508b48232e50665944a37adf5c332287c913282f1301dc10ed39a3eccea7f53511b3b0c13a08a7c675c729c018542c266b0a5b73bd10644d2fdc50227c3ee8cc7a49dcdc87a28e1d9f92e4d9b58f50d11c418a55d7b7a73f0a8fc1a3714b826b5db73868c5e6354da26bb795afd0ef8fda43851c994a801ecf4ccf43096e533fa58d1e755bcadf515510d9da0b47da1eb102eff788d25132b4bf1a1cebbd12a24b91a7c9ac0630a153846872e5f9997acd5c732bcc81453224cc296611ca9dec6138aa348c9b6d0aed60b8c18119d98c6245e15af7b2dc59bd4b6356f20aa2f317459704149d91e7b1bb190153fa350576e2fc90ee41f0f2eb7908ad86de86d6a0db77e788238f3de21d71ebd190fdbf0ce79f9cb2de1a5606d18c5649a8015d70aed29864b011017ac054a01eeab9d7c7490c7e7766c42cdab4169d7efed74dd9e812ccdeb2653e51c2a0b63c6a0b21c90f2f082923e257d60e3e5fbcdf51fc4af295f679761c3f217e93e74520a9c146358c42a999376c5414499c9b9de19fa3a5a4345cf7f6c9b4a51d1ecd9028ae9665a4e6e03cf73cd47bc951589c2620e567347309c6fdb605001fb0d980690b61d2a1d327f9dab672b21e560e30a8de1c96496d5d8620cfc670d45414d17d9e337170830f6ffa6475cf035904ac331c7bff7794cb38b79fee47528f6a433e7e8e3d6caa25f45c41062c77be6426ecc32780801f7b3616bd7c339d07888ed57c5c980c10b38857e4374bd8e4b3223138903b838d48b35cdd127775c697950a6d77971103e1788ca4096348243919c581d133d32c183a9164c15f1c1eefd7fb2b96b74f88e76ce752e7272a069127dd5bbd11225d589f7d36fb40ed9a82df671b1f6311a90845970968d56b528f4a65bb8506f6c64b415fad238dd461f0c7c45c99ff196154b14516a604c7895db65c92e863423c997e5a86dfc9457ee0a97d42726fcd1c3ab105f835c6b380fc5bfbb6b2aa4b77c95d377d223a57ce26fdb0832191a2e2a7dd94f00c95c3edb26801131b41f6cc5ddeb15f754f990ea0decaf42f5be700772c6b7c5ef8544e3c7cf57a1025f718b05695afc57e9f6da80d91ba1f9aac4c90b0684b89a599aec2166b46a506dc88ac10833544e00d6a0e8cbea38e71867b30250d1a1875de67d14a9811a30e9b35a173604e6f22649c2e6e1f3c74ddd4c17e092d7cedd9fc92fd66be9bf71eaed7ac769ac9606902fba78ed6da434cade52b72f5840887a72732842cd7b9e20b7659195711d9cd857a3d49122d0491756e2d1f7e2a613a1b5350c8059e34accbe813c9ef96d946bb03f358d825a2077b7b507bc620850e18f25e3295c8350866369246f03776d9bdf8b1962d41fc4eecf50100c99b916bd6f35c188d6438d5d60feaaea7499529a4817deb16a788c038d6f9451b95cb4ea0f1aac70fa05b53def0d764d2708c6eb92ddea588675cb2091f029b1d1861d3c4ad9e50dbae406907f9d2c1702ecc5df9be704fb49eb81599dbf8a67508f44849021641992a93061651b3f7b4fb517b0548ab1fc9165f1fb8c129fdb4766ad6e0d8b30b2146ccf4fd4ff784c6a9a07ad17511c2d31b23f32f525ff45ad205395db62dd8c76715c6c9f698785007fb7e4e3ecc3cf1946edaf5ecfee5cd508511e1be9402caf360e7cd9d98be744f898d58fb2b4bf39c558435b3450b1cd6ce035d4c2bd0b49536c454c40addb2c17162a8abd1c55da52b46a16e7c2950690cd22c4d431751a258f305384650bded2975cdc7bb2065276352373ab12fb54d5e5cb30237ca8dff0adb0cc25553dbeb6f00cd919b18097200187009b1dd5d18473fefa589da5c3b01a829c27c4a083f52c9a1fb9b5ee3fd4ff35bbfd777b18cb4803bbc268162dfe0aed1e7aaa9f5fa588d56e9e0d135c8868a068d7e1f7413f3b5c941c5a089d94c56287917cfad89f50a3488d654b540e169419df05fd0404f4a29a39b8d098811f08bdb72d3299fc212a35c42ec7c45e89c420a1ba592688dd9e62f79545ea4a30a0097606f242c82f9ae002ca34f3fc135a93ba6c63b621976204661d9e7eabb045bd229efd47d3fc10ef4daf2baf7d1e4a980470051bb591889db300ead079736cd0a87c34b2a26824c698655445633ce513247c48b2f2744c92e9fb0be99d42f4a5af4a0c69e940950b65b1ff0200676465d4e2b7460f988032bc430d03e8a664f0250a204d3e1f538914ba71c5889ee9d2ad335e599ab29bcfe0428b31cc315f3365e7ec146b66901a9973d28eba02985db3cb63fc149097ef1a0f071812c657aedf2509ff072ace397e74e07e69b45653b0434e81f5dc9b7c2e9b20305b9e953245f708e9c9e490899f3502bc19dbbdc7481f7ec2de80b24b99ddc170f5bfeedf601d090f3e39312813f426aadc46bcb3a9514d58ef363d2611b5dfa0c34ce7590c06d6febdceafb420934f50bedda66abc674b1e9b68d872ccd9269c0ce9beb320897185d399757461831a31be28d13cbe04523c03c1840d06c5148b53e015bf9e0cc0404ac703ff47a835d142e09e29f6611778491e1558c871fa526f46b4a513af0ecf5d39223e4e121e60b852bd4cb3ba10b11a61e327bb8ad59754b8f16d38b81230f0f68e1681e7940166f0a40b46613cc1fa3697b4974253c23b6acfbeb2f08a19ed2069b1a09aa6281a99c6f3cbb5f68d72062426d624389099eb517e1751c743ae8ffb55321cdbf42f905a93a9c110d432cda052f2b56301c707f93772e77f234bb3ee5058ac3a4ad89628c6c1575e484a9acd4d821c91ba703ece4e30a329eca9937fca8c5c0aedb65865c75f090bdaf26069e96cf12bd070c79b5d98ef01473fc69d9ca1949e8425d00a5f6e79b0fa6371fc6d0aa66d65615f324742b0461b6c9ea186d83ab9119fae73d02b02c2e1d8accc6a1de527e082879dc0c7f3a9eb75590e6207f3207771badeb91519cbc361e6d7d63e38e398d3242265c9e76db31a3f277c8c10d039d339cb15e9806a04a43c8978128dd131445a96545552ca25018f41fd659644542aa0d0a3a06a369ab16d5226f5ad9e8ece7e89ecfdec0235acc68f39e148e9c02e82befeb175aa61f5495fdc97bd4ea8258fc3bf7a95d67b3bc3e73ac5c4441d035f65ac03d6e493b3e3a2085f60c54c10304407ebca57667218d44cc2639afa6fc6917f927e251fc84410ad66ac8d658c4c8aabbf68f3d5bf82e9081e6ead45ac2d8fe37d16b1e0c7f111377a6204944314af6a7d7789ee33949a0f61315149ab1e12db9990093651a9c5b23cb8da7d5d86077fd6020080b08760ecfd6c36e5be28f15a28121144534dccdb3c2d8f2c612f6eff42869e9f5dd65b3859596aa1c0a461e1691b2470749e4d2e41a19b2419e9f96a22aac1b5cca83bd020475f1312e2838cb56dcb144416e7096e5fe9b39bdf45e453af3a93d3d4aba138140e56e18bcb3ca70e9d1d9790ed4bc3b6df3d7820f0f6b6c3a69b588460e1c42cbfb498ca9b0a21b656d0b1d2777e7c19878088d31d189d8defd1b41d9543a30688dfe5d72310bce257ca6c973fab70faf333e6c044a9d059c2d3afc49942ca41a1bdf5e6df346ccf3d26a25fd5dcbe816f744ca56501cbfc39fd93b5426ae4b4acdd2a6bdb71c2dcbfd38901e21d2cf2ebc188796d437fc27db2c9d174510f46a591d5c34e6789e2dcf3e01970cdde293da7ad59868a4a2959510af1ea6e6fdbb1b5fd6c8fdc78f28001115a4365dfc7becc00f2eca391af37900f15252669fab33ad28db9256ce48b9961991259b64728e19aafa34b7f5e59416e5379effd8fd75a6d7a985afd1f739b7aabaaeada1bace17b04f0942414c1b75cbf0c7a5c93f0b3774436da7721c84ad8e1fc726f955e040f2e1ff05debdc5860f3cfdd14c06db1205976be82d428a13e06438af04295575e6fc321fcbe180490fcd020f359ba22b6a4bff61f7bbab71c0fa1310018e9c74cb9a65ac9434a78e989999ba0029f73d4b25269d7af90ede036bea1caa900bd0e6e72c63b194331ec5d4da580c6ed5b881af8ffc1a4e246f6da7edafe9cab32de606e0ed07db79c76ca228f3b8b6ee9d53c3c03a0fc0a21421c2964d1736ff5caadd60c5302e1b496ab6aa59631116aea13cd85349be68839d4c861de447811c1da0c90276d643c20c28610c5ed2de60a8c09cc5d91a3ac8e3b2eb61d8dbc398adb79dae19bbed171d5e4044344bc6d86dce55ab048843556aaed4d1cf7b8099d71ae588538d695f314b21dbacea870e693bbd45e2800216f48fd3e3dfd740990663dca6dbd68fc76eaa77b9ffe9876e229ab6a2f9adbaf947e4894d7d3973343a79b75bac516123c7df1655dc0cc8291e7c3c7102013fc4b610815b427832846f2caf0f7c780440a757962a85288e594317e2fa993e3afc82c08be9f74fad31ccdc4c9588377910a901c481b9f5aa118be94dbdd0da359fb4ba6e010ab00bb8e3a3d0700daf99dd784860d187e519960a51e98e912d56bb579c9969882f399e358564d48b14db059ad26d8a784d54dd41042967204604456918f64390294da3f901653f6b7e2ae9e78aa9d91cf42b9a519b8f2cd629dcf2bb53ac3cc0110bd5f7280770ae7d9944b7cd15648cf328a9657961b3c10d1372e056d6965e2b0431f8ade3b33b7696f74e937facd1458e28328c13be9e158e2a721d582974be0147bd3bed07ff152386ea0f8a428c7870f78798212968310eff439f060fabcc4dcb0b1d820b2ed7973ef1b3e1dd622d9a381bdb04dc41f69bf4b4eff6aa43daae75557537bedc19773ac994dfc185a97b178dbc4e344133b94a1acc21d600566a65bbe185e1e28858ce395e646e3b01fd46de1a314b691c8d9d4952651b6183b5f08d36c5ab12c44c2c9031e4a5d85dd7c"}) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2000c, 0x6, 0xcb1, 0xffffffffffffffff, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) mmap$auto(0x6d9, 0x400008, 0xe0, 0xffffdffffffffff9, 0x5, 0xffffffff) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82082, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x29, 0x80000, 0x0) futex$auto(&(0x7f00000000c0)=0x4, 0x400, 0x3ff, &(0x7f0000001140)={0x1, 0x2}, &(0x7f0000001180)=0x2, 0x9) write$auto(0x3, 0x0, 0x296) select$auto(0xb, 0x0, 0x0, 0x0, 0x0) msgrcv$auto(0x0, 0x0, 0x1000, 0xffffffffffffffff, 0xb1) getpid() mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x2, 0x24) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ppoll$auto(0x0, 0x2, 0x0, 0x0, 0x8) socket(0xa, 0x801, 0x84) 1.260410985s ago: executing program 4 (id=2044): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x800000002, 0x8000) openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x420801, 0x0) mlock$auto(0xfbe8, 0xc) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0) mlock$auto(0xffd, 0x2) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={0x40, r1, 0x1, 0x70bd26, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x2c, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x3}]}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x894}, 0x4) map_shadow_stack$auto(0x40, 0x7, 0x1ff) mlock$auto(0x81, 0xffff) 1.171409883s ago: executing program 0 (id=2045): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x5}]}, 0x28}, 0x1, 0x1446, 0x0, 0x44805}, 0x0) 1.035974849s ago: executing program 0 (id=2046): unshare$auto(0x40000080) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) removexattr$auto(0x0, 0x0) mmap$auto(0x4, 0x2020009, 0x8, 0xeb1, 0xffffffffffeffffa, 0x7ffd) getrandom$auto(0x0, 0x58e, 0x3) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000001080)=""/4092, 0xffc) mmap$auto(0x0, 0x20009, 0xe2, 0xeb4, 0x405, 0x8000) socketpair$auto(0x1d, 0x2, 0x2, 0x0) unshare$auto(0xfffffffffffffff8) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x252802, 0x190) socket(0x1, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0xfffffff0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x0) fstat$auto(r0, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x7ff, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) inotify_init1$auto(0x3000000000000) socket(0x1e, 0x4, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) get_robust_list$auto(0x0, 0x0, 0x0) accept$auto(0xffffffffffffffff, &(0x7f0000000080)=@ax25={0x3, @default, 0x7}, &(0x7f00000000c0)=0x6) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) connect$auto(0x3, &(0x7f00000001c0), 0x55) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x800) 908.479563ms ago: executing program 1 (id=2047): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="80060000", @ANYRES16=0x0, @ANYBLOB="040026bd7000fcdbdf2504000000b1000180f5c53c7461b64f8c60fb90f69a1d13d52d6da3527ec7b5be48e686e7364c12793198cdcb6a78253c3bdd79b3374fb2b5b19762a914baa53cfd10bfbf1477407c42963b5791e719e91567d82c697af89370f6f7872979c6713c9b4265a481e529d48a81e88f9d76bc1a060000000000000048f9cffcaa0bed04dad70c00c2d584eb40a6d01a4f463f88d47ae307e73bfd4123c7765a43faedde7088214666ba0cf2c894acec08005c00e8b38dd6dd140b485b867ea9b025e602dd2d017f5a4e642b590f844247806da336eb69e69ed2bff265377c50e537245f6c9c34af088fd7a1638eec1d0da7a65d143e14e5746f475892", @ANYRES32, @ANYBLOB="0000000800040003000000b0050280ac05da8004009f0005e969299377c515fba1ec068cf4bc524696ccfa31f0636e86e9ead7a57c5dbae9d25916617bca2061dd5109486efe289114244d0c6b80caaf44760684e204b8876de8a0be5b0e17915bb9319b3c9b0ea637785ac9c473387c78951f2e5681ea6de1c41585d4670ddf860bee32d836b7c722958b98d3c6ca547a8d2a99f065c895a7a693ce1c31ee96b46349a872953f95a123cdd6b248acb46bfdee74435ae6960a7f9110d0ea3cea56807ee682aa3818fef4060a827c6c620eab5f613a328e5b19470fa68d3e826521934812845d14a26c47162bcf977874cd87d5daf11c6ddff26a7c90d36a2d49505279443e865f2beec2a52ff4647a39e8a9095099451761676eeef529b758e77058e60eee85cc1a11b8173bdc6390f34fe4b2d2b6aa970a1f910e17f15b76f23cebd2db9a666baa88a0af389db9d878b62228aabdb38027a0099eb28639daf5bd097fcb651bd20c6285ef1132bcd652c10d1a82e509664187f88d18fb34fece5cd402d2d44de461c8e4e245904bd84a5b84536f98bc99656e175bc70d347c1ae0db88bb8f8a83dc6ad41337219bf9a455fd49d08fa9e1510fd2bc9aa21cc0d2f0a7da678b1131e84cbb17f4bae6a4e1275a923da597227894408b42621463854c2413378da3ac87ee8a3e062eb7b848d75e2f8b7829def9cb40535f8692e425829e9ac0897f2bc69101b37560cf143836552c50503f4935b0da024cff0eb4c078717e8333a12d535fa892b66b83fb53d54fc86f2f35ec87270380abe8c87cacf9b19aec7ea950bd374ecefa9c64c1d9e607a6fd71a4192aa1ab0e56d7cf158926d30423efc5d623475976b104306eef14bde160ce0921bb758c1967d648b8783fc7990e3f3850fd0d81297d7b69bbe8b9337a7e308e36b7bade455e0fb1adb59c65ccc16ec14eae89bb24c748d7e4c191e75f6bbf4712f0c40a926f46382c545d8798866b9e5019ca6a9c810eda98396710d530e9767e13ac6140eb5bc7c62aed158d6b745d5f450e1fd95e082c68de1376bd039d5638542e82595b381c4d6cac2006a120b7be7f1d991705a7334750227013dd1b6f163545231183609cba6bb9b53baffb8957472ab6e485c86c71c26bd8d2b8b5c2fc479a6e4f1ff5eee91ce71d624ccc44d758ce3d2f5043603d4933cf8b8b09eb894227b4dea165c9ad122b5f4ce583d1cf08ed47da02bb5108fe332f239e6906273d91354e9f695d18df47fbcbd0e59a2432748dc7f5ca673b085cf19a4fb9d642708e1c991bd8f25cf7d48c0e14e59b39be576916e317e72a64d8c40f8a75eee9efb7276dab0122cda1ca10b2c48692537475b41bc52c1c8bee6278097e8fd1dfd711578397b50ca9f50d6ae3a97eced747f78fa7d137331221af418526280ec2cd5c69e7e793854749b99b314c8e2132a32841ba7af631c0a26af6f1954b0209ce52d933ba21680638f7fcd89eee4c5862f15d17cb6a047ee1c64cf2e1461d01eb88b5f847992cf1bde67e105f5b624aebd2d9757dd6ad37c07b16a9db75ab3ea399219cb5e32785bfe8cd8f150b35b21b44db2a3f707a02e46858b09d24cc077fe2f093da116f11816fb1b2573f975986e624ecba2365b0ed2f0f6afb05d1214b36f539afbe471335b9f7de18f909937abe5c17357f9acb42ff7b8980b8ffc6da6a65c0edb22d715137dce8fe4f4b1230482ed972db6f11e15fac7080cea74ec9008f1cf20de595cab5fb8649b6e0cfed593bd4ff0170f5622888e91338b48592253cedb683e4e9ae867c03f3e776bc4b8981312fbe7846d8301906f194a011f7aebbb100b222861e29027c5c349b1bd338ee5b4294baa16e49cd2dc2146d5f05c431487293312f6cf653b7673ea562100b61140074020b0533a382adb694b6786d2b34ae9a241ae3e181b8c992342a5b3cb02744e92a78a730fbaaab85216af83e555f8adb2ae5bb99a307ac267b133236c7755b4682327c59426a681a3cdef4f53643e1a90d82980b925c3740dd29f08965457c10fb9147044583e704834cbb2e9dfd"], 0x680}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) write$auto_bm_entry_operations_binfmt_misc(0xffffffffffffffff, &(0x7f0000000500)="b72202b15a374a58daee3b243a7e0bae10e3a251bf530b0f7d3d97432fabaa1964ca4124758436a74012b4c39224c9308cd167d9bf66d83453de0d374120d3b4c2697202461da20ce5048bbdf2ab6b6d614a076a10dfaee4f406fcfcc53b369234cc4a91c521f74351a4322cb986fa92daf918199aa48b5868d4226c6890f5bde000662c5dcbd13106b879f29eadf442d7a6c9b66650386fbaae4d3e4e44fe5143c1bda89bb099ae5696b2587863e54dd4d941cf09f9b785a3d104341ea4a0fffe109263c05a617687d8f8941cdc273e1231c8d207db65dddc38ba3f8c9a7145b107db5331d0ce7535a4b86406bac9264efd44753bab020633b90779ce0916cebabb1e9b1884ec5853b69b57f22cc95059541d31369561b93e3177f1b8a21594159d3e55ae955b8ded9c54aa0c0d91a97fa15621045c426f1b515e9d2e86a5f3fc146e6540ab441419d35d252ca8ddc94992a53f80b75ac112a79db837bc90d5c2230b710cf37451baf26f7afaf7f02c0a9e2c035fe29218fc39e87263482cefe8a6f4a18348c872396a3172096bf6138c1ea262020d6519b7d28d48517b66bfbceed515f62a98593e8a3d509b7fb9841d8ccc4ec466ebdfe4bc9b58794bbb4ad2b284b531a849a4b1af99d390b29fe698776ceab6d62557d7334b0f13e5dbe7d28000b4d2a33de873f57c89b13518296c16a8e580f6e3bcf11ba3fd30de19b351b538d31067503ba8eda3867000133df97fe2adde19b88da4777a23bc821c765d4d2aa47df24962e1b682030c1a51e3299a735ec2b00d8cb2ba0c94f984eb6581b8c50177f145dc0aab114da4a8401f3250d10cea972c20737e75f593239f94eb4b43ff77cb0f34b04ecbd737436ba1b96574cbc41703f28f52369f25a41154f74cc3a2889689d22ab1fc7b962c78b8c04f80b3085b7d1c5147a17292dc20b87dfe20e97fa41a4b1d428f7ff4bde9c70ac458e6f4a40f8c603a86028bd112ee50681d926fbcaa3d8416e855de74de9544eacb1f59bc00b179d41c0263856f7fe6ffa4cab588072c0f5126e9bd0827b28d9b3667050a12f797c033cbcdaf865bea2abf43961aa43952a4731c60152cee8d928541cdc7ecf40cad21c12a11ff124e8ce2a308409040669c0b9700e4c02fa8261f3180e2cf259b9cf50e9d7d5f02eb04eda42e912542306a1f134ec2aa3a63c52d00ad7af778961124e056ba77fadb51ecea91d6ef80d70fd668225c73f9e8087d7a94d8844e65283f837a4cd7813ef8bb22601fa5f08ee4fd43acb74d90f64d6dc8ffca05a424884e2a023c2075cd2eb5c05f4c7097f0af6dcd1b6fa6694a223ea1a1d9662df2bafac63c8592aceb163564da69f6c97fcfb580fa7bfe1d8d7d6b7d7402d4a6766c884c9d0b63c63c388c4f68212f3a1baa46256d5999fc9d8961a6d81ba1beff9d99786423c7e4a163b02d929d645181d410cf4a8733a4e7b77883aa82fa89f6edfced671b60ffa01147b6e9166b9ea3a581b174caf7988abb7699792e986874b1ab1f7cdbcc92afa8daf2d5bdca431b1826a644b5a6cc1994ea6e9b114d175ed4684ff16876fbef9b993d68feb5a065399795e06af87179beffcb044a6493f7513292ea3fd2d14613adfa6cde3b6604e82b4b9ecb30001bb1567ed36dac57ab9a78f7c7981dcf48bb4fe5b944a6104f35d5f2d3425b53c69e3b9f578b6de41665a500f1ba04", 0x4bf) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) inotify_rm_watch$auto(0xffffffffffffffff, 0x84e4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x8e3e, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys1\x00', 0x20400, 0x0) ioctl$auto_TIOCSWINSZ2(r0, 0x5414, 0x0) modify_ldt$auto(0x1, 0x0, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x501940, 0x0) write$auto_sg_fops_sg(r1, &(0x7f00000000c0)="a1ba24b57d711f4e59f1811652787c5101cb0829a875b2d9578d9655abf7c485c8de20d5960e8c62ec71394cfe643c1d66616df32faac3d9971e269890fc975cb7ec23cec2fb8d61dd015954fe6ce3c1cb410e8a6ee8e2c6c7b3552fef0f6fad5b76832b31f15ab17e2fb67a0ccc17ae93ab9fd848ba3a602bf250428c99aee4d32f213fce9a32e1ca51fa3dbf51", 0x8e) madvise$auto(0xfffffffffffffffd, 0xffffffffffff0002, 0x19) fallocate$auto(0xffffffffffffffff, 0x1, 0x9, 0x80000000) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000600), 0x800, 0x0) ioctl$auto_RTC_AIE_ON(r2, 0x7001, 0x1300) setgroups$auto(0xe32, &(0x7f0000000040)=0x9) uname$auto(&(0x7f0000000280)={"017a23d49d4e4f89b7bb66d0528142ad4998ea9c70c06d0408e91b30b0b0d300722823e67e78003cff84dfc2528569e4ca4367c6216df84c3958d96ed2c499caff", "1e2157148e99091f121521269985a6a599863e135818f2ccc77a864d50fd1b2447c13d33dfb37033d53d69c4ff062abf19efab53fd75a00d4af7dbdef66e913103", "1fa81ccc6ffd05b516bdc4046cdfee68955b5ae48f8a322b6a0e4d8233d9491029f04050fca8a76d8b02739e3347e73f0f398e219952ca06e6c78655a70e097917", "0749ebba3d6f1ed9c077eeeb6deae36535af268af804ea0614e6c5ef0445f6fb05bec835636e440d94396dbeef246ceff774a1af2e8884df1be20351da9874f6fa", "4fbb5ffd975d9cf0800c3bf9046b1351f7371fcaea1fac30b4de0ac23b4d950cba906c482378f4337fe941454b8dbd36e51d285c95a92a20bec5a9907616fad85e", "d802740973602ea52b49799bc04ddb3c4e8995a5f9bd70c8c718fc2ebdffc648dd1195b4ac34305e0d8651eee2435736984e421114030659dd79fedec147e0e6ee"}) madvise$auto(0x0, 0x200007, 0x19) pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdds\x1cJ\x99\x00:+\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\xadCl\x9e\xeb\xcd\vp\x99\x00\xc8\x06\xa5\xdc3\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0A\x94\xa3\xaef\x87\xd8\x95I\xfd\xa8\t\xac\x87\xb7\x1d\xd5\x83\xdcyu]\xde\xbe\xbf$<.}\x8b`\x04\xfc\xa2\xab\xb5]\x80\x00\xb9D\xc5\xbc\xf2a\xd66\xa5\xd3\xc1r\x96\x1e\x8db\x05=`\x01\x11\x04Tz\x87A$\x115\x95PUf\xa7\xfe\x19\x00\x82go}@W\xd5\xaej\x01\xbf>5n\x17S\xc0\x8a\xaf%O\xd1W\xa3ua+sUJ\xea\xf9\xb7p-\x128\x9d\xbaM_\xff\x1c\xc3sG\x04\xf2\xd3\xf3{;\xd4\xd7\x1c\x1dZ\xe9\xe9\xc9\x9cu5\xe9\xa2\xb3N\xd2\xc1\xc8\xa5\xadt\xd5BKD\x86\xeb%\a*\x06\xbb\x1e\xfb\x11U\f&\xcbP\xf1\xcf\xccb\xe8Wb\xc5ae\xe3\xf9l\xa9vK\xed\x8cL\xfb%g\x83;\xe1\xe2w\xd6\xaa6\x16\x8fx\x1a\xd7\xc8\xf4[\xbc\b\xe1Z\x92\x14Q\xde0x0}) r9 = socket(0x18, 0x1, 0x1) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r11 = socket(0xa, 0x801, 0x100) setsockopt$auto(r11, 0x6, 0x8, 0x0, 0xfb3) sendmsg$auto_BATADV_CMD_GET_HARDIF(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)={0x24, r6, 0x14264b2b184ca509, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r10}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, r4, 0x20, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0xbbda}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x200}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x6d50}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x810) pread64$auto(r1, &(0x7f0000000080)='[\xe3{]}\x00', 0x667e, 0x400000000e85) r12 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram3/queue/stable_writes\x00', 0x182, 0x0) sendfile$auto(r12, r12, 0x0, 0x6) read$auto_clk_dump_fops_(r2, &(0x7f0000000140)=""/108, 0x6c) 0s ago: executing program 3 (id=2051): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/sockstat6\x00', 0x88400, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000180)=""/210, 0xd2) socket(0x2, 0x80002, 0x73) r1 = syz_clone(0x20000880, &(0x7f00000000c0)="966d4deb0c4bdfa84f965bc40185cc56f8cdcd58ef0ceb8f8ed0375e40d7ec9f0d6ff64d489efb9282fb22588680909686d2dc2f0b", 0x35, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000280)="1bc5dde92ceecb4a5e1879beb34fe120009ff72ae81840b4fdded53c5d98306f0a71732d6f7a676dc2e6670fc001cd306616a6649c1329e5566a16af3ba2118ad64fcd9660dffb10122095efc81ef9c10862409c0e12793b232a263b0883cd") rt_tgsigqueueinfo$auto(r1, 0xffffffffffffffff, 0x4, &(0x7f0000000340)={@siginfo_0_0={0x4, 0x5, 0x2, @_sigfault={&(0x7f0000000300)="d432035958e9b8c5b5656465b819780cb98f82a99ae9282e83c0572149e58849ec03839ea111a16560", @_perf={0x40, 0x7, 0x101}}}}) mlockall$auto(0x7) set_mempolicy$auto(0x2005, &(0x7f0000000080)=0x87e, 0x4) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x18, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) fallocate$auto(0x8000000000000003, 0x0, 0xf, 0x200000002) mmap$auto(0x7000000, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) r2 = socket(0x2, 0x1, 0x84) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/console\x00', 0x2, 0x0) ioctl$auto_TCSBRKP(r3, 0x5425, 0x0) openat2$auto(0xffffffffffffffff, 0x0, 0x0, 0xe7) acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00') acct$auto(0x0) setsockopt$auto(r2, 0x10000000084, 0x17, 0x0, 0x5) r4 = timerfd_create$auto(0x1, 0x9) eventfd$auto(0x200) ioctl$auto_SW_SYNC_IOC_INC(r4, 0x40045701, &(0x7f0000000000)=0x5) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                syzkaller syzkaller login: [ 601.310816][ T9801] Process accounting resumed [ 601.315966][ T9801] kstrtoul() returned -22 for lu_gp_id [ 601.382612][ T9803] snd_aloop snd_aloop.0: control 1:6:0:ªõèìFË·PǺí¶C‡Ã|Õ:0 is already present [ 601.414793][ T9801] program syz.3.1015 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 601.459870][ T29] audit: type=1800 audit(4294967531.135:30): pid=9808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1016" name="features" dev="configfs" ino=25507 res=0 errno=0 [ 603.275914][ T9863] snd_aloop snd_aloop.0: control 5:-2147483647:1:IAªƒ>/Æ[k<÷ÎÇmgx¶U(!5ºœ+-Cî°ÜY¶:0 is already present [ 603.304348][ T9863] FAULT_INJECTION: forcing a failure. [ 603.304348][ T9863] name failslab, interval 1, probability 0, space 0, times 0 [ 603.335532][ T9863] CPU: 1 UID: 0 PID: 9863 Comm: syz.1.1035 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 603.347447][ T9863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 603.358538][ T9863] Call Trace: [ 603.362170][ T9863] [ 603.365416][ T9863] dump_stack_lvl+0x16c/0x1f0 [ 603.370599][ T9863] should_fail_ex+0x497/0x5b0 [ 603.375781][ T9863] ? fs_reclaim_acquire+0xae/0x150 [ 603.381443][ T9863] should_failslab+0xc2/0x120 [ 603.386625][ T9863] __kmalloc_noprof+0xce/0x4f0 [ 603.391903][ T9863] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 603.398139][ T9863] ? tomoyo_realpath_from_path+0xbf/0x710 [ 603.404477][ T9863] tomoyo_realpath_from_path+0xbf/0x710 [ 603.410609][ T9863] ? tomoyo_path_number_perm+0x235/0x5b0 [ 603.416856][ T9863] tomoyo_path_number_perm+0x248/0x5b0 [ 603.422905][ T9863] ? tomoyo_path_number_perm+0x235/0x5b0 [ 603.429155][ T9863] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 603.435811][ T9863] ? __pfx_lock_release+0x10/0x10 [ 603.441371][ T9863] ? trace_lock_acquire+0x14e/0x1f0 [ 603.447133][ T9863] ? lock_acquire+0x2f/0xb0 [ 603.452116][ T9863] ? __fget_files+0x40/0x3a0 [ 603.457205][ T9863] ? __fget_files+0x206/0x3a0 [ 603.462390][ T9863] security_file_ioctl+0x9b/0x240 [ 603.467960][ T9863] __x64_sys_ioctl+0xb7/0x200 [ 603.473140][ T9863] do_syscall_64+0xcd/0x250 [ 603.478136][ T9863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.484656][ T9863] RIP: 0033:0x7fc4ba585d29 [ 603.489529][ T9863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 603.511700][ T9863] RSP: 002b:00007fc4bb3db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 603.520991][ T9863] RAX: ffffffffffffffda RBX: 00007fc4ba775fa0 RCX: 00007fc4ba585d29 [ 603.529789][ T9863] RDX: 0000000020000000 RSI: 0000000040405515 RDI: 0000000000000006 [ 603.538581][ T9863] RBP: 00007fc4bb3db090 R08: 0000000000000000 R09: 0000000000000000 [ 603.547381][ T9863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.556182][ T9863] R13: 0000000000000000 R14: 00007fc4ba775fa0 R15: 00007ffd27f34c68 [ 603.565005][ T9863] [ 603.578952][ T9863] ERROR: Out of memory at tomoyo_realpath_from_path. [ 603.782049][ T9862] delete_channel: no stack [ 607.231637][ T9923] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1052'. [ 607.273544][ T9920] Process accounting resumed [ 607.278822][ T9920] kstrtoul() returned -22 for lu_gp_id [ 608.391601][ T9939] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1056'. [ 609.945109][ T9962] svc: failed to register nfsdv3 RPC service (errno 111). [ 609.987172][ T9962] svc: failed to register nfsaclv3 RPC service (errno 111). [ 610.651294][ T9969] snd_aloop snd_aloop.0: control 5:-2147483647:1:IAªƒ>/Æ[k<÷ÎÇmgx¶U(!5ºœ+-Cî°ÜY¶:0 is already present [ 611.028102][ T9969] delete_channel: no stack [ 611.326221][ T9983] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1064'. [ 611.348682][ T9971] can: request_module (can-proto-0) failed. [ 613.461491][T10034] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1083'. [ 614.406830][T10051] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1086'. [ 614.897811][T10066] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1093'. [ 615.926078][T10080] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1097'. [ 615.992571][T10100] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1103'. [ 616.062650][T10102] vivid-013: ================= START STATUS ================= [ 616.092864][T10102] vivid-013: Generate PTS: true [ 616.098393][T10102] vivid-013: Generate SCR: true [ 616.108134][T10104] Process accounting resumed [ 616.110468][T10102] tpg source WxH: 640x360 (Y'CbCr) [ 616.155778][T10102] tpg field: 1 [ 616.174372][T10102] tpg crop: 640x360@0x0 [ 616.219076][T10102] tpg compose: 640x360@0x0 [ 616.224006][T10102] tpg colorspace: 8 [ 616.242236][T10102] tpg transfer function: 0/0 [ 616.248826][T10102] tpg Y'CbCr encoding: 0/0 [ 616.254145][T10102] tpg quantization: 0/0 [ 616.258749][T10102] tpg RGB range: 0/2 [ 616.264388][T10102] vivid-013: ================== END STATUS ================== [ 616.457719][T10113] Process accounting resumed [ 616.467890][T10113] kstrtoul() returned -22 for lu_gp_id [ 617.328200][T10135] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1113'. [ 617.510310][T10139] Process accounting resumed [ 617.535199][T10139] FAULT_INJECTION: forcing a failure. [ 617.535199][T10139] name failslab, interval 1, probability 0, space 0, times 0 [ 617.571305][T10139] CPU: 1 UID: 0 PID: 10139 Comm: syz.2.1115 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 617.583220][T10139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 617.594319][T10139] Call Trace: [ 617.597960][T10139] [ 617.601214][T10139] dump_stack_lvl+0x16c/0x1f0 [ 617.606405][T10139] should_fail_ex+0x497/0x5b0 [ 617.611599][T10139] ? fs_reclaim_acquire+0xae/0x150 [ 617.617273][T10139] should_failslab+0xc2/0x120 [ 617.622477][T10139] __kmalloc_noprof+0xce/0x4f0 [ 617.627775][T10139] ? kernfs_fop_write_iter+0x223/0x500 [ 617.633866][T10139] kernfs_fop_write_iter+0x223/0x500 [ 617.639742][T10139] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 617.646202][T10139] __kernel_write_iter+0x318/0xa80 [ 617.651881][T10139] ? __pfx___kernel_write_iter+0x10/0x10 [ 617.658103][T10139] __kernel_write+0xf6/0x140 [ 617.663165][T10139] ? __pfx___kernel_write+0x10/0x10 [ 617.668900][T10139] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 617.675108][T10139] ? rcu_is_watching+0x12/0xc0 [ 617.680365][T10139] ? acct_pin_kill+0x2d/0x100 [ 617.685541][T10139] ? lock_acquire+0x2f/0xb0 [ 617.690515][T10139] ? acct_pin_kill+0x2d/0x100 [ 617.695674][T10139] do_acct_process+0xcb0/0x14a0 [ 617.701018][T10139] ? __pfx_do_acct_process+0x10/0x10 [ 617.706843][T10139] ? do_raw_spin_lock+0x12d/0x2c0 [ 617.712389][T10139] acct_pin_kill+0x2d/0x100 [ 617.717353][T10139] pin_kill+0x194/0x7c0 [ 617.721937][T10139] ? __pfx_pin_kill+0x10/0x10 [ 617.727087][T10139] ? rcu_is_watching+0x12/0xc0 [ 617.732343][T10139] ? __pfx_autoremove_wake_function+0x10/0x10 [ 617.739037][T10139] ? __x64_sys_acct+0xfe/0x220 [ 617.744285][T10139] ? lock_acquire+0x2f/0xb0 [ 617.749242][T10139] ? __x64_sys_acct+0xfe/0x220 [ 617.754488][T10139] __x64_sys_acct+0x15b/0x220 [ 617.759638][T10139] ? lockdep_hardirqs_on+0x7c/0x110 [ 617.765364][T10139] do_syscall_64+0xcd/0x250 [ 617.770331][T10139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.776829][T10139] RIP: 0033:0x7fd67eb85d29 [ 617.781694][T10139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 617.803268][T10139] RSP: 002b:00007fd67e9f9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 617.812530][T10139] RAX: ffffffffffffffda RBX: 00007fd67ed75fa0 RCX: 00007fd67eb85d29 [ 617.821301][T10139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 617.830071][T10139] RBP: 00007fd67e9f9090 R08: 0000000000000000 R09: 0000000000000000 [ 617.838852][T10139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 617.847636][T10139] R13: 0000000000000000 R14: 00007fd67ed75fa0 R15: 00007ffce538e3e8 [ 617.856424][T10139] [ 618.350361][T10155] vivid-013: ================= START STATUS ================= [ 618.383545][T10155] vivid-013: Generate PTS: true [ 618.398127][T10155] vivid-013: Generate SCR: true [ 618.419032][T10155] tpg source WxH: 640x360 (Y'CbCr) [ 618.424739][T10155] tpg field: 1 [ 618.428491][T10155] tpg crop: 640x360@0x0 [ 618.433294][T10155] tpg compose: 640x360@0x0 [ 618.439398][T10155] tpg colorspace: 8 [ 618.460008][T10155] tpg transfer function: 0/0 [ 618.465190][T10155] tpg Y'CbCr encoding: 0/0 [ 618.479132][T10155] tpg quantization: 0/0 [ 618.483769][T10155] tpg RGB range: 0/2 [ 618.488077][T10155] vivid-013: ================== END STATUS ================== [ 619.402890][T10170] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1125'. [ 619.578538][T10173] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1126'. [ 619.956748][T10182] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1128'. [ 620.032011][T10183] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1129'. [ 620.064703][T10186] Process accounting resumed [ 620.323919][T10189] mkiss: ax0: crc mode is auto. [ 620.742857][T10201] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1134'. [ 621.091853][T10205] Process accounting resumed [ 621.104305][T10205] kstrtoul() returned -22 for lu_gp_id [ 621.844381][T10223] mkiss: ax0: crc mode is auto. [ 622.089774][T10217] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1140'. [ 622.365905][T10229] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1142'. [ 622.829733][T10233] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1144'. [ 623.099197][T10235] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1145'.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            [ 739.378399][T12271] FAULT_INJECTION: forcing a failure. [ 739.378399][T12271] name failslab, interval 1, probability 0, space 0, times 0 [ 739.434053][T12271] CPU: 0 UID: 0 PID: 12271 Comm: syz.1.1676 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 739.444894][T12271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 739.454961][T12271] Call Trace: [ 739.458252][T12271] [ 739.461191][T12271] dump_stack_lvl+0x16c/0x1f0 [ 739.465893][T12271] should_fail_ex+0x497/0x5b0 [ 739.470583][T12271] ? fs_reclaim_acquire+0xae/0x150 [ 739.475712][T12271] should_failslab+0xc2/0x120 [ 739.480422][T12271] __kmalloc_noprof+0xce/0x4f0 [ 739.485203][T12271] ? d_absolute_path+0x137/0x1b0 [ 739.490173][T12271] ? tomoyo_encode2+0x100/0x3e0 [ 739.495048][T12271] tomoyo_encode2+0x100/0x3e0 [ 739.499747][T12271] tomoyo_realpath_from_path+0x1a7/0x710 [ 739.505405][T12271] tomoyo_path_number_perm+0x248/0x5b0 [ 739.510884][T12271] ? tomoyo_path_number_perm+0x235/0x5b0 [ 739.516560][T12271] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 739.522589][T12271] ? __pfx_lock_release+0x10/0x10 [ 739.527625][T12271] ? trace_lock_acquire+0x14e/0x1f0 [ 739.532842][T12271] ? lock_acquire+0x2f/0xb0 [ 739.537352][T12271] ? __fget_files+0x40/0x3a0 [ 739.541958][T12271] ? __fget_files+0x206/0x3a0 [ 739.546650][T12271] security_file_ioctl+0x9b/0x240 [ 739.551685][T12271] __x64_sys_ioctl+0xb7/0x200 [ 739.556401][T12271] do_syscall_64+0xcd/0x250 [ 739.560936][T12271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.566856][T12271] RIP: 0033:0x7fc4ba585d29 [ 739.571280][T12271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 739.590903][T12271] RSP: 002b:00007fc4bb3db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 739.599330][T12271] RAX: ffffffffffffffda RBX: 00007fc4ba775fa0 RCX: 00007fc4ba585d29 [ 739.607307][T12271] RDX: 0000000020000000 RSI: 0000000040405515 RDI: 0000000000000006 [ 739.615286][T12271] RBP: 00007fc4bb3db090 R08: 0000000000000000 R09: 0000000000000000 [ 739.623281][T12271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 739.631268][T12271] R13: 0000000000000000 R14: 00007fc4ba775fa0 R15: 00007ffd27f34c68 [ 739.639269][T12271] [ 739.642397][ C0] vkms_vblank_simulate: vblank timer overrun syzkaller syzkaller login: [ 739.679681][T12271] ERROR: Out of memory at tomoyo_realpath_from_path. [ 740.141131][T12275] delete_channel: no stack [ 740.270257][T12300] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1681'. [ 740.290047][T12302] snd_aloop snd_aloop.0: control 5:-2147483647:1:IAªƒ>/Æ[k<÷ÎÇmgx¶U(!5ºœ+-Cî°ÜY¶:0 is already present [ 740.603471][T12313] FAULT_INJECTION: forcing a failure. [ 740.603471][T12313] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 740.625250][T12313] CPU: 1 UID: 0 PID: 12313 Comm: syz.0.1683 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 740.636100][T12313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 740.646188][T12313] Call Trace: [ 740.649481][T12313] [ 740.652414][T12313] dump_stack_lvl+0x16c/0x1f0 [ 740.657105][T12313] should_fail_ex+0x497/0x5b0 [ 740.661800][T12313] _copy_to_user+0x32/0xd0 [ 740.666234][T12313] simple_read_from_buffer+0xd0/0x160 [ 740.671616][T12313] proc_fail_nth_read+0x198/0x270 [ 740.676660][T12313] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 740.682227][T12313] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 740.687790][T12313] vfs_read+0x1df/0xbe0 [ 740.691961][T12313] ? __fget_files+0x1fc/0x3a0 [ 740.696681][T12313] ? __pfx___mutex_lock+0x10/0x10 [ 740.701739][T12313] ? __pfx_vfs_read+0x10/0x10 [ 740.706499][T12313] ? __fget_files+0x206/0x3a0 [ 740.711244][T12313] ksys_read+0x12b/0x250 [ 740.715543][T12313] ? __pfx_ksys_read+0x10/0x10 [ 740.720335][T12313] do_syscall_64+0xcd/0x250 [ 740.724857][T12313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.730762][T12313] RIP: 0033:0x7f1ae9f8473c [ 740.735184][T12313] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 740.754807][T12313] RSP: 002b:00007f1aead82030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 740.763233][T12313] RAX: ffffffffffffffda RBX: 00007f1aea176080 RCX: 00007f1ae9f8473c [ 740.771217][T12313] RDX: 000000000000000f RSI: 00007f1aead820a0 RDI: 0000000000000004 [ 740.779196][T12313] RBP: 00007f1aead82090 R08: 0000000000000000 R09: 0000000000000000 [ 740.787174][T12313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 740.795153][T12313] R13: 0000000000000001 R14: 00007f1aea176080 R15: 00007ffe26947b98 [ 740.803150][T12313] [ 741.159826][T12322] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1688'. [ 741.238289][T12301] delete_channel: no stack [ 741.857959][T12340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1692'. [ 742.466852][T12365] nl80211: entered promiscuous mode [ 743.160784][T12385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1705'. [ 743.691030][T12413] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1713'. [ 744.333029][T12423] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1716'. [ 744.373168][T12423] team_slave_0: entered allmulticast mode [ 744.569596][T12430] vivid-003: ================= START STATUS ================= [ 744.609172][T12430] vivid-003: Radio HW Seek Mode: Bounded [ 744.628030][T12430] vivid-003: Radio Programmable HW Seek: false [ 744.647977][T12430] vivid-003: RDS Rx I/O Mode: Block I/O [ 744.743749][T12430] vivid-003: Generate RBDS Instead of RDS: false [ 744.799619][T12430] vivid-003: RDS Reception: true [ 744.961357][T12430] vivid-003: RDS Program Type: 0 inactive [ 744.967189][T12430] vivid-003: RDS PS Name: inactive [ 744.993100][T12430] vivid-003: RDS Radio Text: inactive [ 745.009111][T12430] vivid-003: RDS Traffic Announcement: false inactive [ 745.034953][T12430] vivid-003: RDS Traffic Program: false inactive [ 745.054059][T12430] vivid-003: RDS Music: false inactive [ 745.120087][T12430] vivid-003: ================== END STATUS ================== [ 745.168149][T12431] FAULT_INJECTION: forcing a failure. [ 745.168149][T12431] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 745.249264][T12431] CPU: 1 UID: 0 PID: 12431 Comm: syz.0.1717 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 745.260095][T12431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 745.270160][T12431] Call Trace: [ 745.273445][T12431] [ 745.276405][T12431] dump_stack_lvl+0x16c/0x1f0 [ 745.281118][T12431] should_fail_ex+0x497/0x5b0 [ 745.285820][T12431] _copy_to_user+0x32/0xd0 [ 745.290258][T12431] vivid_radio_rx_read+0x7c9/0xb90 [ 745.295476][T12431] ? __pfx_vivid_radio_rx_read+0x10/0x10 [ 745.301128][T12431] vivid_radio_read+0x86/0xc0 [ 745.305826][T12431] v4l2_read+0x226/0x360 [ 745.310083][T12431] ? __pfx_v4l2_read+0x10/0x10 [ 745.314864][T12431] vfs_read+0x1df/0xbe0 [ 745.319116][T12431] ? __fget_files+0x1fc/0x3a0 [ 745.323844][T12431] ? __pfx_lock_release+0x10/0x10 [ 745.328899][T12431] ? __pfx_vfs_read+0x10/0x10 [ 745.333598][T12431] ? lock_acquire+0x2f/0xb0 [ 745.338119][T12431] ? __fget_files+0x40/0x3a0 [ 745.342726][T12431] ? __fget_files+0x206/0x3a0 [ 745.347431][T12431] ksys_read+0x12b/0x250 [ 745.351686][T12431] ? __pfx_ksys_read+0x10/0x10 [ 745.356464][T12431] do_syscall_64+0xcd/0x250 [ 745.360986][T12431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.366895][T12431] RIP: 0033:0x7f1ae9f85d29 [ 745.371345][T12431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.390981][T12431] RSP: 002b:00007f1aead82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 745.399419][T12431] RAX: ffffffffffffffda RBX: 00007f1aea176080 RCX: 00007f1ae9f85d29 [ 745.407404][T12431] RDX: 000000000000001b RSI: 0000000020000080 RDI: 0000000000000003 [ 745.415409][T12431] RBP: 00007f1aead82090 R08: 0000000000000000 R09: 0000000000000000 [ 745.423405][T12431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 745.431392][T12431] R13: 0000000000000000 R14: 00007f1aea176080 R15: 00007ffe26947b98 [ 745.439388][T12431] [ 745.665510][T12453] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(1484647914.1483266178.1667499521), cmd(14) [ 745.725837][T12455] vivid-013: ================= START STATUS ================= [ 745.734034][T12455] vivid-013: Generate PTS: true [ 745.741411][T12455] vivid-013: Generate SCR: true [ 745.746352][T12455] tpg source WxH: 640x360 (Y'CbCr) [ 745.754097][T12455] tpg field: 1 [ 745.757517][T12455] tpg crop: 640x360@0x0 [ 745.762896][T12455] tpg compose: 640x360@0x0 [ 745.767358][T12455] tpg colorspace: 8 [ 745.789179][T12455] tpg transfer function: 0/0 [ 745.793839][T12455] tpg Y'CbCr encoding: 0/0 [ 745.798288][T12455] tpg quantization: 0/0 [ 745.810230][T12455] tpg RGB range: 0/2 [ 745.814188][T12455] vivid-013: ================== END STATUS ================== [ 745.874204][T12460] Invalid input. Must be >= 4608 [ 746.322991][T12475] vivid-013: ================= START STATUS ================= [ 746.341332][T12475] vivid-013: Generate PTS: true [ 746.346530][T12475] vivid-013: Generate SCR: true [ 746.380087][T12475] tpg source WxH: 640x360 (Y'CbCr) [ 746.399484][T12475] tpg field: 1 [ 746.455613][T12475] tpg crop: 640x360@0x0 [ 746.512825][T12475] tpg compose: 640x360@0x0 [ 746.517324][T12475] tpg colorspace: 8 [ 746.564712][T12475] tpg transfer function: 0/0 [ 746.581216][T12475] tpg Y'CbCr encoding: 0/0 [ 746.608978][T12475] tpg quantization: 0/0 [ 746.613196][T12475] tpg RGB range: 0/2 [ 746.617115][T12475] vivid-013: ================== END STATUS ================== [ 746.809345][T12485] vivid-003: ================= START STATUS ================= [ 746.827400][T12485] vivid-003: Radio HW Seek Mode: Bounded [ 746.833494][T12485] vivid-003: Radio Programmable HW Seek: false [ 746.842111][T12475] FAULT_INJECTION: forcing a failure. [ 746.842111][T12475] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 746.855610][T12485] vivid-003: RDS Rx I/O Mode: Block I/O [ 746.866991][T12485] vivid-003: Generate RBDS Instead of RDS: false [ 746.873958][T12485] vivid-003: RDS Reception: true [ 746.898999][T12485] vivid-003: RDS Program Type: 0 inactive [ 746.904828][T12485] vivid-003: RDS PS Name: inactive [ 746.923446][T12475] CPU: 1 UID: 0 PID: 12475 Comm: syz.3.1731 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 746.934280][T12475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 746.944370][T12475] Call Trace: [ 746.947762][T12475] [ 746.950810][T12475] dump_stack_lvl+0x16c/0x1f0 [ 746.955534][T12475] should_fail_ex+0x497/0x5b0 [ 746.960268][T12475] _copy_to_user+0x32/0xd0 [ 746.964740][T12475] simple_read_from_buffer+0xd0/0x160 [ 746.970159][T12475] proc_fail_nth_read+0x198/0x270 [ 746.975242][T12475] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 746.980839][T12475] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 746.986442][T12475] vfs_read+0x1df/0xbe0 [ 746.990642][T12475] ? __fget_files+0x1fc/0x3a0 [ 746.995339][T12475] ? __pfx___mutex_lock+0x10/0x10 [ 747.000466][T12475] ? __pfx_vfs_read+0x10/0x10 [ 747.005165][T12475] ? __fget_files+0x206/0x3a0 [ 747.009860][T12475] ksys_read+0x12b/0x250 [ 747.014110][T12475] ? __pfx_ksys_read+0x10/0x10 [ 747.018894][T12475] do_syscall_64+0xcd/0x250 [ 747.023424][T12475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.029331][T12475] RIP: 0033:0x7f8d6f58473c [ 747.033754][T12475] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 747.053382][T12475] RSP: 002b:00007f8d70340030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 747.061814][T12475] RAX: ffffffffffffffda RBX: 00007f8d6f775fa0 RCX: 00007f8d6f58473c [ 747.069796][T12475] RDX: 000000000000000f RSI: 00007f8d703400a0 RDI: 0000000000000007 [ 747.077773][T12475] RBP: 00007f8d70340090 R08: 0000000000000000 R09: 0000000000000000 [ 747.085754][T12475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 747.093732][T12475] R13: 0000000000000000 R14: 00007f8d6f775fa0 R15: 00007fff55e12a98 [ 747.101724][T12475] [ 747.125336][T12485] vivid-003: RDS Radio Text: inactive [ 747.131897][T12485] vivid-003: RDS Traffic Announcement: false inactive [ 747.145479][T12485] vivid-003: RDS Traffic Program: false inactive [ 747.175547][T12485] vivid-003: RDS Music: false inactive [ 747.188963][T12485] vivid-003: ================== END STATUS ================== [ 747.198194][T12482] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1732'. [ 747.684076][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.690676][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.194654][T12509] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1739'. [ 748.606913][T12516] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1742'. [ 748.797869][T12520] Invalid ELF header magic: != ELF [ 749.359334][T12542] openvswitch: netlink: IP tunnel dst address not specified [ 750.284887][T12554] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1751'. [ 751.075635][T12575] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1756'. [ 751.495890][T12581] futex_wake_op: syz.4.1759 tries to shift op by 64; fix this program [ 751.938395][T12575] team0 (unregistering): Port device team_slave_0 removed [ 751.989814][T12575] team0 (unregistering): Port device team_slave_1 removed [ 752.193599][T12591] mkiss: ax0: crc mode is auto. [ 754.881441][T12644] netlink: zone id is out of range [ 754.961459][T12644] netlink: zone id is out of range [ 755.041282][T12644] netlink: zone id is out of range [ 755.121817][T12644] netlink: set zone limit has 8 unknown bytes [ 757.105599][T12696] vmstat_refresh: nr_hugetlb -3072 [ 757.506030][T12702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1794'. [ 758.253497][T12706] ima: policy update failed [ 758.300118][ T29] audit: type=1802 audit(8277292054.560:38): pid=12706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1795" res=0 errno=0 [ 760.142473][T12759] netlink: zone id is out of range [ 760.155012][T12759] netlink: zone id is out of range [ 760.173431][T12759] netlink: zone id is out of range [ 760.183802][T12759] netlink: set zone limit has 8 unknown bytes [ 760.629487][T12770] FAULT_INJECTION: forcing a failure. [ 760.629487][T12770] name failslab, interval 1, probability 0, space 0, times 0 [ 760.708975][T12770] CPU: 1 UID: 0 PID: 12770 Comm: syz.4.1815 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 760.719827][T12770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 760.729922][T12770] Call Trace: [ 760.733225][T12770] [ 760.736181][T12770] dump_stack_lvl+0x16c/0x1f0 [ 760.740903][T12770] should_fail_ex+0x497/0x5b0 [ 760.745642][T12770] ? fs_reclaim_acquire+0xae/0x150 [ 760.750788][T12770] should_failslab+0xc2/0x120 [ 760.755486][T12770] __kmalloc_node_noprof+0xd1/0x520 [ 760.760701][T12770] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 760.766178][T12770] __kvmalloc_node_noprof+0xad/0x1a0 [ 760.771476][T12770] traverse.part.0.constprop.0+0x392/0x640 [ 760.777293][T12770] ? __lock_acquire+0xcc5/0x3c40 [ 760.782250][T12770] seq_read_iter+0x934/0x12b0 [ 760.786961][T12770] proc_reg_read_iter+0x21d/0x310 [ 760.792003][T12770] vfs_read+0x87f/0xbe0 [ 760.796174][T12770] ? __pfx_vfs_read+0x10/0x10 [ 760.800871][T12770] ? lock_acquire+0x2f/0xb0 [ 760.805381][T12770] ? __fget_files+0x40/0x3a0 [ 760.809997][T12770] __x64_sys_pread64+0x1f6/0x250 [ 760.814945][T12770] ? __pfx___x64_sys_pread64+0x10/0x10 [ 760.820424][T12770] do_syscall_64+0xcd/0x250 [ 760.824943][T12770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 760.830853][T12770] RIP: 0033:0x7fae26985d29 [ 760.835275][T12770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 760.854917][T12770] RSP: 002b:00007fae277a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 760.863349][T12770] RAX: ffffffffffffffda RBX: 00007fae26b75fa0 RCX: 00007fae26985d29 [ 760.871343][T12770] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 760.879322][T12770] RBP: 00007fae277a2090 R08: 0000000000000000 R09: 0000000000000000 [ 760.887312][T12770] R10: 00000000000000ff R11: 0000000000000246 R12: 0000000000000001 [ 760.895295][T12770] R13: 0000000000000000 R14: 00007fae26b75fa0 R15: 00007ffc73f1f628 [ 760.903313][T12770] [ 761.206752][T12777] netlink: 'syz.4.1818': attribute type 2 has an invalid length. [ 762.687348][T12815] Process accounting resumed [ 762.867594][T12819] vivid-003: ================= START STATUS ================= [ 762.879107][T12819] vivid-003: Radio HW Seek Mode: Bounded [ 762.884941][T12819] vivid-003: Radio Programmable HW Seek: false [ 762.932824][T12819] vivid-003: RDS Rx I/O Mode: Block I/O [ 762.965409][T12819] vivid-003: Generate RBDS Instead of RDS: false [ 762.986229][T12819] vivid-003: RDS Reception: true [ 763.012711][T12819] vivid-003: RDS Program Type: 0 inactive [ 763.041674][T12819] vivid-003: RDS PS Name: inactive [ 763.056950][T12819] vivid-003: RDS Radio Text: inactive [ 763.078699][T12819] vivid-003: RDS Traffic Announcement: false inactive [ 763.128984][T12819] vivid-003: RDS Traffic Program: false inactive [ 763.157598][T12819] vivid-003: RDS Music: false inactive [ 763.169018][T12819] vivid-003: ================== END STATUS ================== [ 763.683098][T12825] Process accounting resumed [ 763.753684][T12827] Invalid ELF header magic: != ELF [ 766.325408][T12865] FAULT_INJECTION: forcing a failure. [ 766.325408][T12865] name failslab, interval 1, probability 0, space 0, times 0 [ 766.366731][T12865] CPU: 1 UID: 0 PID: 12865 Comm: syz.1.1843 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 766.377588][T12865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 766.387679][T12865] Call Trace: [ 766.390985][T12865] [ 766.393944][T12865] dump_stack_lvl+0x16c/0x1f0 [ 766.398664][T12865] should_fail_ex+0x497/0x5b0 [ 766.403377][T12865] ? fs_reclaim_acquire+0xae/0x150 [ 766.408529][T12865] should_failslab+0xc2/0x120 [ 766.413250][T12865] __kmalloc_node_noprof+0xd1/0x520 [ 766.418506][T12865] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 766.424027][T12865] __kvmalloc_node_noprof+0xad/0x1a0 [ 766.429367][T12865] io_uring_setup+0x551/0x3230 [ 766.434189][T12865] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 766.440233][T12865] ? __pfx_io_uring_setup+0x10/0x10 [ 766.445480][T12865] ? __fget_files+0x206/0x3a0 [ 766.450247][T12865] ? ksys_write+0x1ba/0x250 [ 766.454781][T12865] ? __pfx_ksys_write+0x10/0x10 [ 766.459679][T12865] __x64_sys_io_uring_setup+0x98/0x140 [ 766.465155][T12865] do_syscall_64+0xcd/0x250 [ 766.469674][T12865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.475577][T12865] RIP: 0033:0x7fc4ba585d29 [ 766.480011][T12865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 766.499646][T12865] RSP: 002b:00007fc4bb3db038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 766.508078][T12865] RAX: ffffffffffffffda RBX: 00007fc4ba775fa0 RCX: 00007fc4ba585d29 [ 766.516065][T12865] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000001 [ 766.524047][T12865] RBP: 00007fc4bb3db090 R08: 0000000000000000 R09: 0000000000000000 [ 766.532062][T12865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 766.540045][T12865] R13: 0000000000000000 R14: 00007fc4ba775fa0 R15: 00007ffd27f34c68 [ 766.548042][T12865] [ 768.586394][T12915] mkiss: ax0: crc mode is auto. [ 770.179109][T12973] mkiss: ax0: crc mode is auto. [ 771.169240][T12998] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1874'. [ 771.739851][T13014] mkiss: ax0: crc mode is auto. [ 771.903292][ T29] audit: type=1800 audit(8277292068.160:39): pid=13017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1879" name="lu_gp_id" dev="configfs" ino=39449 res=0 errno=0 [ 771.964712][ T29] audit: type=1804 audit(8277292068.190:40): pid=13018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1879" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=39449 res=1 errno=0 [ 772.046200][ T29] audit: type=1800 audit(8277292068.190:41): pid=13018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1879" name="lu_gp_id" dev="configfs" ino=39449 res=0 errno=0 [ 772.066819][ C1] vkms_vblank_simulate: vblank timer overrun [ 773.024504][T13048] program syz.1.1886 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 773.049244][T13048] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 773.585126][T13062] mkiss: ax0: crc mode is auto. [ 773.923817][T13067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1891'. [ 774.223318][T13079] vivid-014: ================= START STATUS ================= [ 774.280226][T13079] vivid-014: Generate PTS: true [ 774.293395][T13079] vivid-014: Generate SCR: true [ 774.298843][T13079] tpg source WxH: 640x360 (Y'CbCr) [ 774.314139][T13079] tpg field: 1 [ 774.321099][T13079] tpg crop: 640x360@0x0 [ 774.344182][T13079] tpg compose: 640x360@0x0 [ 774.353216][T13079] tpg colorspace: 8 [ 774.374426][T13079] tpg transfer function: 0/0 [ 774.384839][T13079] tpg Y'CbCr encoding: 0/0 [ 774.398687][T13079] tpg quantization: 0/0 [ 774.408810][T13079] tpg RGB range: 0/2 [ 774.412967][T13079] vivid-014: ================== END STATUS ================== [ 775.110020][T13090] ptrace attach of "./syz-executor exec"[5853] was attempted by "./syz-executor exec"[13090] [ 776.762752][T13150] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1904'. [ 777.376339][T13177] mkiss: ax0: crc mode is auto. [ 777.560556][T13184] FAULT_INJECTION: forcing a failure. [ 777.560556][T13184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 777.579172][T13184] CPU: 1 UID: 0 PID: 13184 Comm: syz.0.1916 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 777.590007][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 777.600099][T13184] Call Trace: [ 777.603480][T13184] [ 777.606445][T13184] dump_stack_lvl+0x16c/0x1f0 [ 777.611183][T13184] should_fail_ex+0x497/0x5b0 [ 777.615928][T13184] _copy_to_user+0x32/0xd0 [ 777.620688][T13184] tomoyo_flush+0x160/0x4b0 [ 777.625246][T13184] tomoyo_set_string+0xaf/0xe0 [ 777.630063][T13184] tomoyo_io_printf+0x26f/0x2f0 [ 777.634973][T13184] ? __pfx_tomoyo_io_printf+0x10/0x10 [ 777.640410][T13184] ? tomoyo_flush+0x3ad/0x4b0 [ 777.643074][T13157] delete_channel: no stack [ 777.645127][T13184] tomoyo_read_profile+0x8bd/0xd40 [ 777.654701][T13184] ? tomoyo_flush+0x3ad/0x4b0 [ 777.659423][T13184] ? lock_acquire+0x2f/0xb0 [ 777.663968][T13184] tomoyo_read_control+0x281/0x510 [ 777.669133][T13184] ? rw_verify_area+0xd0/0x700 [ 777.673936][T13184] ? __pfx_tomoyo_read+0x10/0x10 [ 777.678920][T13184] vfs_read+0x1df/0xbe0 [ 777.683116][T13184] ? __fget_files+0x1fc/0x3a0 [ 777.687827][T13184] ? __pfx___mutex_lock+0x10/0x10 [ 777.692895][T13184] ? __pfx_vfs_read+0x10/0x10 [ 777.697642][T13184] ? __fget_files+0x206/0x3a0 [ 777.702386][T13184] ksys_read+0x12b/0x250 [ 777.706680][T13184] ? __pfx_ksys_read+0x10/0x10 [ 777.711493][T13184] do_syscall_64+0xcd/0x250 [ 777.716042][T13184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.721989][T13184] RIP: 0033:0x7f1ae9f85d29 [ 777.726438][T13184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 777.746111][T13184] RSP: 002b:00007f1aeada3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 777.754576][T13184] RAX: ffffffffffffffda RBX: 00007f1aea175fa0 RCX: 00007f1ae9f85d29 [ 777.762589][T13184] RDX: 000000000000fd98 RSI: 0000000020000040 RDI: 0000000000000003 [ 777.770602][T13184] RBP: 00007f1aeada3090 R08: 0000000000000000 R09: 0000000000000000 [ 777.778612][T13184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 777.786632][T13184] R13: 0000000000000000 R14: 00007f1aea175fa0 R15: 00007ffe26947b98 [ 777.794662][T13184] [ 777.797730][ C1] vkms_vblank_simulate: vblank timer overrun [ 778.362317][T13205] mkiss: ax0: crc mode is auto. [ 778.468299][T13208] mtrr: base(0x40000000) is not aligned on a size(0x0000) boundary [ 778.705679][T13212] FAULT_INJECTION: forcing a failure. [ 778.705679][T13212] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 778.728747][T13212] CPU: 0 UID: 0 PID: 13212 Comm: syz.4.1927 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 778.739603][T13212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 778.749699][T13212] Call Trace: [ 778.753049][T13212] [ 778.756012][T13212] dump_stack_lvl+0x16c/0x1f0 [ 778.760745][T13212] should_fail_ex+0x497/0x5b0 [ 778.765467][T13212] ? fs_reclaim_acquire+0xae/0x150 [ 778.770971][T13212] should_fail_alloc_page+0xe7/0x130 [ 778.776301][T13212] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 778.782497][T13212] __alloc_pages_noprof+0x190/0x25b0 [ 778.787832][T13212] ? __pfx___lock_acquire+0x10/0x10 [ 778.793073][T13212] ? hlock_class+0x4e/0x130 [ 778.797618][T13212] ? mark_lock+0xb5/0xc60 [ 778.802100][T13212] ? __pfx_mark_lock+0x10/0x10 [ 778.806915][T13212] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 778.812692][T13212] ? is_bpf_text_address+0x8a/0x1a0 [ 778.817955][T13212] ? hlock_class+0x4e/0x130 [ 778.822502][T13212] ? is_bpf_text_address+0x30/0x1a0 [ 778.827757][T13212] ? hlock_class+0x4e/0x130 [ 778.832299][T13212] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 778.838227][T13212] ? policy_nodemask+0xea/0x4e0 [ 778.843128][T13212] alloc_pages_mpol_noprof+0x2c9/0x610 [ 778.848640][T13212] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 778.854674][T13212] ? __pfx___lock_acquire+0x10/0x10 [ 778.859931][T13212] pte_alloc_one+0x20/0x390 [ 778.864480][T13212] do_pte_missing+0x1ae7/0x3e00 [ 778.869391][T13212] __handle_mm_fault+0x103c/0x2a40 [ 778.874560][T13212] ? __pfx___handle_mm_fault+0x10/0x10 [ 778.880049][T13212] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 778.885710][T13212] ? find_vma+0xc0/0x140 [ 778.889961][T13212] ? __pfx_find_vma+0x10/0x10 [ 778.894649][T13212] handle_mm_fault+0x3fa/0xaa0 [ 778.899436][T13212] do_user_addr_fault+0x7a3/0x13f0 [ 778.904558][T13212] exc_page_fault+0x5c/0xc0 [ 778.909073][T13212] asm_exc_page_fault+0x26/0x30 [ 778.913936][T13212] RIP: 0010:__get_user_4+0x1a/0x30 [ 778.919057][T13212] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 [ 778.938764][T13212] RSP: 0018:ffffc9000583fd40 EFLAGS: 00050246 [ 778.944839][T13212] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffc9000583fca8 [ 778.952815][T13212] RDX: 0000000000000000 RSI: ffffffff876297b7 RDI: ffffffff8bb17040 [ 778.960792][T13212] RBP: 1ffff92000b07faf R08: 0000000000000000 R09: fffffbfff2039c9a [ 778.968774][T13212] R10: ffffffff901ce4d7 R11: 0000000000000001 R12: ffff88807a5ae000 [ 778.976753][T13212] R13: ffff888029ebb000 R14: 0000000040084503 R15: ffffc9000583fda8 [ 778.984748][T13212] ? evdev_do_ioctl+0x547/0x1ae0 [ 778.989735][T13212] evdev_do_ioctl+0x550/0x1ae0 [ 778.994518][T13212] ? __pfx_evdev_do_ioctl+0x10/0x10 [ 778.999818][T13212] ? trace_lock_acquire+0x14e/0x1f0 [ 779.005039][T13212] ? __pfx_evdev_ioctl+0x10/0x10 [ 779.009997][T13212] evdev_ioctl+0x16a/0x1a0 [ 779.014422][T13212] ? __pfx_evdev_ioctl+0x10/0x10 [ 779.019373][T13212] __x64_sys_ioctl+0x190/0x200 [ 779.024152][T13212] do_syscall_64+0xcd/0x250 [ 779.028676][T13212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.034589][T13212] RIP: 0033:0x7fae26985d29 [ 779.039011][T13212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 779.058634][T13212] RSP: 002b:00007fae277a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 779.067057][T13212] RAX: ffffffffffffffda RBX: 00007fae26b75fa0 RCX: 00007fae26985d29 [ 779.075041][T13212] RDX: 0000000000000000 RSI: 0000000040084503 RDI: 0000000000000003 [ 779.083024][T13212] RBP: 00007fae277a2090 R08: 0000000000000000 R09: 0000000000000000 [ 779.091001][T13212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 779.098991][T13212] R13: 0000000000000000 R14: 00007fae26b75fa0 R15: 00007ffc73f1f628 [ 779.106986][T13212] [ 779.640012][T13216] Process accounting resumed [ 779.644716][T13216] kstrtoul() returned -22 for lu_gp_id [ 780.537080][T13227] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1930'. [ 780.569775][T13227] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1930'. [ 780.699252][T13227] netlink: 290 bytes leftover after parsing attributes in process `syz.3.1930'. [ 781.032929][ T29] audit: type=1806 audit(8277292077.290:42): xattr=59A8 res=-22 [ 781.281211][T13242] mkiss: ax0: crc mode is auto. [ 781.399634][T13240] Process accounting resumed [ 783.855655][T13283] FAULT_INJECTION: forcing a failure. [ 783.855655][T13283] name failslab, interval 1, probability 0, space 0, times 0 [ 783.868594][T13283] CPU: 0 UID: 0 PID: 13283 Comm: syz.0.1946 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 783.879398][T13283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 783.889462][T13283] Call Trace: [ 783.892743][T13283] [ 783.895709][T13283] dump_stack_lvl+0x16c/0x1f0 [ 783.900406][T13283] should_fail_ex+0x497/0x5b0 [ 783.905355][T13283] ? fs_reclaim_acquire+0xae/0x150 [ 783.910478][T13283] should_failslab+0xc2/0x120 [ 783.915178][T13283] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 783.920563][T13283] ? vma_merge_new_range+0x3f0/0xb70 [ 783.925867][T13283] ? vm_area_alloc+0xe0/0x1c0 [ 783.930566][T13283] vm_area_alloc+0xe0/0x1c0 [ 783.935080][T13283] __mmap_region+0x1091/0x2760 [ 783.939860][T13283] ? __pfx___mmap_region+0x10/0x10 [ 783.944985][T13283] ? hlock_class+0x4e/0x130 [ 783.949496][T13283] ? mark_lock+0xb5/0xc60 [ 783.953896][T13283] ? cap_mmap_addr+0x53/0x320 [ 783.958590][T13283] mmap_region+0x270/0x320 [ 783.963023][T13283] do_mmap+0xc00/0xfc0 [ 783.967108][T13283] vm_mmap_pgoff+0x1ba/0x360 [ 783.971721][T13283] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 783.976850][T13283] ? __fget_files+0x206/0x3a0 [ 783.981548][T13283] ksys_mmap_pgoff+0x32c/0x5c0 [ 783.986327][T13283] ? __pfx_ksys_write+0x10/0x10 [ 783.991189][T13283] __x64_sys_mmap+0x125/0x190 [ 783.995875][T13283] do_syscall_64+0xcd/0x250 [ 784.000395][T13283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 784.006299][T13283] RIP: 0033:0x7f1ae9f85d29 [ 784.010720][T13283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 784.030339][T13283] RSP: 002b:00007f1aeada3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 784.038765][T13283] RAX: ffffffffffffffda RBX: 00007f1aea175fa0 RCX: 00007f1ae9f85d29 [ 784.046744][T13283] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 784.054720][T13283] RBP: 00007f1aeada3090 R08: 0000000000000003 R09: 0000000000008000 [ 784.062697][T13283] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 784.070674][T13283] R13: 0000000000000000 R14: 00007f1aea175fa0 R15: 00007ffe26947b98 [ 784.078671][T13283] [ 784.137907][T13286] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1947'. [ 784.589417][T13286] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 788.575326][T13333] FAULT_INJECTION: forcing a failure. [ 788.575326][T13333] name failslab, interval 1, probability 0, space 0, times 0 [ 788.666251][T13333] CPU: 0 UID: 0 PID: 13333 Comm: syz.1.1958 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 788.677096][T13333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 788.687189][T13333] Call Trace: [ 788.690493][T13333] [ 788.693451][T13333] dump_stack_lvl+0x16c/0x1f0 [ 788.698168][T13333] should_fail_ex+0x497/0x5b0 [ 788.702896][T13333] ? fs_reclaim_acquire+0xae/0x150 [ 788.708063][T13333] should_failslab+0xc2/0x120 [ 788.712800][T13333] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 788.718655][T13333] ? __pfx___might_resched+0x10/0x10 [ 788.723974][T13333] ? alloc_vmap_area+0x636/0x2a70 [ 788.729025][T13333] alloc_vmap_area+0x636/0x2a70 [ 788.733911][T13333] ? __pfx_alloc_vmap_area+0x10/0x10 [ 788.739213][T13333] __get_vm_area_node+0x19e/0x2f0 [ 788.744257][T13333] __vmalloc_node_range_noprof+0x26a/0x1530 [ 788.750163][T13333] ? kvm_dev_ioctl+0x151/0x1aa0 [ 788.755023][T13333] ? vsnprintf+0x40f/0x1870 [ 788.759543][T13333] ? __pfx_vsnprintf+0x10/0x10 [ 788.764318][T13333] ? kvm_dev_ioctl+0x151/0x1aa0 [ 788.769185][T13333] ? do_raw_spin_lock+0x12d/0x2c0 [ 788.774223][T13333] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 788.780564][T13333] ? __pfx_snprintf+0x10/0x10 [ 788.785254][T13333] ? _raw_spin_unlock+0x28/0x50 [ 788.790121][T13333] ? alloc_fd+0x41f/0x760 [ 788.794465][T13333] ? kvm_dev_ioctl+0x151/0x1aa0 [ 788.799327][T13333] __vmalloc_noprof+0x6d/0x90 [ 788.804017][T13333] ? kvm_dev_ioctl+0x151/0x1aa0 [ 788.808883][T13333] kvm_dev_ioctl+0x151/0x1aa0 [ 788.813571][T13333] ? __pfx_lock_release+0x10/0x10 [ 788.818599][T13333] ? trace_lock_acquire+0x14e/0x1f0 [ 788.823814][T13333] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 788.828944][T13333] ? __fget_files+0x206/0x3a0 [ 788.833635][T13333] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 788.838767][T13333] __x64_sys_ioctl+0x190/0x200 [ 788.843548][T13333] do_syscall_64+0xcd/0x250 [ 788.848071][T13333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 788.853994][T13333] RIP: 0033:0x7fc4ba585d29 [ 788.858415][T13333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 788.878038][T13333] RSP: 002b:00007fc4bb3db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 788.886467][T13333] RAX: ffffffffffffffda RBX: 00007fc4ba775fa0 RCX: 00007fc4ba585d29 [ 788.894445][T13333] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 788.902424][T13333] RBP: 00007fc4bb3db090 R08: 0000000000000000 R09: 0000000000000000 [ 788.910400][T13333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 788.918376][T13333] R13: 0000000000000000 R14: 00007fc4ba775fa0 R15: 00007ffd27f34c68 [ 788.926454][T13333] [ 788.962398][T13333] syz.1.1958: vmalloc error: size 39424, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 789.040349][T13333] CPU: 0 UID: 0 PID: 13333 Comm: syz.1.1958 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 789.051186][T13333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 789.061258][T13333] Call Trace: [ 789.064538][T13333] [ 789.067470][T13333] dump_stack_lvl+0x16c/0x1f0 [ 789.072163][T13333] warn_alloc+0x24d/0x3a0 [ 789.076511][T13333] ? __pfx_warn_alloc+0x10/0x10 [ 789.081375][T13333] ? kfree+0x14f/0x4b0 [ 789.085457][T13333] ? __get_vm_area_node+0x1dc/0x2f0 [ 789.090666][T13333] __vmalloc_node_range_noprof+0xd27/0x1530 [ 789.096568][T13333] ? vsnprintf+0x40f/0x1870 [ 789.101088][T13333] ? __pfx_vsnprintf+0x10/0x10 [ 789.105864][T13333] ? kvm_dev_ioctl+0x151/0x1aa0 [ 789.110724][T13333] ? do_raw_spin_lock+0x12d/0x2c0 [ 789.115794][T13333] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 789.122132][T13333] ? __pfx_snprintf+0x10/0x10 [ 789.126819][T13333] ? _raw_spin_unlock+0x28/0x50 [ 789.131676][T13333] ? alloc_fd+0x41f/0x760 [ 789.136032][T13333] ? kvm_dev_ioctl+0x151/0x1aa0 [ 789.140900][T13333] __vmalloc_noprof+0x6d/0x90 [ 789.145589][T13333] ? kvm_dev_ioctl+0x151/0x1aa0 [ 789.150456][T13333] kvm_dev_ioctl+0x151/0x1aa0 [ 789.155148][T13333] ? __pfx_lock_release+0x10/0x10 [ 789.160177][T13333] ? trace_lock_acquire+0x14e/0x1f0 [ 789.165396][T13333] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 789.170530][T13333] ? __fget_files+0x206/0x3a0 [ 789.175223][T13333] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 789.180349][T13333] __x64_sys_ioctl+0x190/0x200 [ 789.185121][T13333] do_syscall_64+0xcd/0x250 [ 789.189636][T13333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.195538][T13333] RIP: 0033:0x7fc4ba585d29 [ 789.199959][T13333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 789.219578][T13333] RSP: 002b:00007fc4bb3db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 789.227999][T13333] RAX: ffffffffffffffda RBX: 00007fc4ba775fa0 RCX: 00007fc4ba585d29 [ 789.236065][T13333] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 789.244042][T13333] RBP: 00007fc4bb3db090 R08: 0000000000000000 R09: 0000000000000000 [ 789.252020][T13333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 789.260001][T13333] R13: 0000000000000000 R14: 00007fc4ba775fa0 R15: 00007ffd27f34c68 [ 789.267999][T13333] [ 789.336576][T13333] Mem-Info: [ 789.346726][T13333] active_anon:21428 inactive_anon:0 isolated_anon:0 [ 789.346726][T13333] active_file:1190 inactive_file:56399 isolated_file:0 [ 789.346726][T13333] unevictable:768 dirty:16 writeback:18 [ 789.346726][T13333] slab_reclaimable:12137 slab_unreclaimable:107997 [ 789.346726][T13333] mapped:24467 shmem:9296 pagetables:750 [ 789.346726][T13333] sec_pagetables:0 bounce:0 [ 789.346726][T13333] kernel_misc_reclaimable:0 [ 789.346726][T13333] free:1298996 free_pcp:9669 free_cma:0 [ 789.393797][T13333] Node 0 active_anon:86108kB inactive_anon:0kB active_file:4760kB inactive_file:225524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97964kB dirty:96kB writeback:72kB shmem:34992kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10336kB pagetables:3084kB sec_pagetables:0kB all_unreclaimable? no [ 789.426985][T13333] Node 1 active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:4kB sec_pagetables:0kB all_unreclaimable? no [ 789.517092][T13333] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 789.577424][T13333] lowmem_reserve[]: 0 2465 2466 0 0 [ 789.587575][T13333] Node 0 DMA32 free:1301116kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:80868kB inactive_anon:0kB active_file:4760kB inactive_file:224704kB unevictable:1536kB writepending:68kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:14820kB local_pcp:9460kB free_cma:0kB [ 789.617954][ C1] vkms_vblank_simulate: vblank timer overrun [ 789.652926][T13331] ptrace attach of "./syz-executor exec"[11681] was attempted by "./syz-executor exec"[13331] [ 789.663778][T13333] lowmem_reserve[]: 0 0 0 0 0 [ 789.668592][T13333] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 789.728426][T13333] lowmem_reserve[]: 0 0 0 0 0 [ 789.738263][T13333] Node 1 Normal free:3874924kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:31476kB local_pcp:30724kB free_cma:0kB [ 789.767764][ C1] vkms_vblank_simulate: vblank timer overrun [ 789.780346][T13333] lowmem_reserve[]: 0 0 0 0 0 [ 789.785173][T13333] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 789.804755][T13333] Node 0 DMA32: 8329*4kB (UME) 1294*8kB (UME) 1080*16kB (UME) 311*32kB (UME) 257*64kB (UME) 321*128kB (UME) 157*256kB (UME) 66*512kB (UM) 34*1024kB (UME) 11*2048kB (UM) 258*4096kB (UM) = 1316532kB [ 789.865635][T13333] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 789.909234][T13333] Node 1 Normal: 61*4kB (UE) 59*8kB (UME) 28*16kB (U) 183*32kB (UM) 110*64kB (UME) 31*128kB (UME) 32*256kB (UM) 25*512kB (UME) 14*1024kB (UM) 6*2048kB (ME) 930*4096kB (M) = 3874924kB [ 789.953373][T13333] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 789.975336][T13333] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 789.987724][T13333] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 790.007099][T13333] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 790.017065][T13333] 67347 total pagecache pages [ 790.025494][T13333] 25 pages in swap cache [ 790.037353][T13333] Free swap = 120576kB [ 790.047491][T13333] Total swap = 124996kB [ 790.057765][T13333] 2097051 pages RAM [ 790.090234][T13333] 0 pages HighMem/MovableOnly [ 790.094974][T13333] 427367 pages reserved [ 790.124949][T13333] 0 pages cma reserved [ 790.886789][T13366] FAULT_INJECTION: forcing a failure. [ 790.886789][T13366] name failslab, interval 1, probability 0, space 0, times 0 [ 790.900224][T13366] CPU: 0 UID: 0 PID: 13366 Comm: syz.1.1968 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 790.911035][T13366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 790.921133][T13366] Call Trace: [ 790.924442][T13366] [ 790.927399][T13366] dump_stack_lvl+0x16c/0x1f0 [ 790.932115][T13366] should_fail_ex+0x497/0x5b0 [ 790.936835][T13366] should_failslab+0xc2/0x120 [ 790.941556][T13366] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 790.946985][T13366] ? skb_clone+0x190/0x3f0 [ 790.951461][T13366] skb_clone+0x190/0x3f0 [ 790.955752][T13366] netlink_deliver_tap+0xafd/0xca0 [ 790.960898][T13366] ? __pfx_rtnl_dump_ifinfo+0x10/0x10 [ 790.966315][T13366] netlink_dump+0x639/0xd00 [ 790.970862][T13366] ? __pfx_netlink_dump+0x10/0x10 [ 790.975946][T13366] ? kfree_skbmem+0x1a4/0x1f0 [ 790.980686][T13366] ? kfree_skbmem+0x1a4/0x1f0 [ 790.985424][T13366] netlink_recvmsg+0xa0d/0xf30 [ 790.990237][T13366] ? __pfx_netlink_recvmsg+0x10/0x10 [ 790.995562][T13366] ? aa_sk_perm+0x2f5/0xb20 [ 791.000126][T13366] ? __pfx_aa_sk_perm+0x10/0x10 [ 791.005030][T13366] ? find_held_lock+0x2d/0x110 [ 791.009850][T13366] sock_recvmsg+0x1f6/0x250 [ 791.014392][T13366] ____sys_recvmsg+0x219/0x6b0 [ 791.019209][T13366] ? __pfx_____sys_recvmsg+0x10/0x10 [ 791.021914][T13356] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 791.024535][T13366] ___sys_recvmsg+0x115/0x1a0 [ 791.024575][T13366] ? __pfx____sys_recvmsg+0x10/0x10 [ 791.041991][T13366] ? __pfx_lock_release+0x10/0x10 [ 791.047053][T13366] ? trace_lock_acquire+0x14e/0x1f0 [ 791.052323][T13366] do_recvmmsg+0x2f8/0x740 [ 791.056800][T13366] ? __pfx_do_recvmmsg+0x10/0x10 [ 791.061788][T13366] ? vfs_write+0x306/0x1150 [ 791.066352][T13366] ? __mutex_unlock_slowpath+0x164/0x690 [ 791.072047][T13366] ? __fget_files+0x206/0x3a0 [ 791.076789][T13366] __x64_sys_recvmmsg+0x239/0x290 [ 791.081868][T13366] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 791.087569][T13366] do_syscall_64+0xcd/0x250 [ 791.092132][T13366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.098072][T13366] RIP: 0033:0x7fc4ba585d29 [ 791.102526][T13366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 791.122185][T13366] RSP: 002b:00007fc4bb3db038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 791.130658][T13366] RAX: ffffffffffffffda RBX: 00007fc4ba775fa0 RCX: 00007fc4ba585d29 [ 791.138681][T13366] RDX: 000000000000010a RSI: 0000000020000140 RDI: 0000000000000003 [ 791.146697][T13366] RBP: 00007fc4bb3db090 R08: 0000000000000000 R09: 0000000000000000 [ 791.154719][T13366] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 791.162733][T13366] R13: 0000000000000000 R14: 00007fc4ba775fa0 R15: 00007ffd27f34c68 [ 791.170760][T13366] [ 791.802146][T13381] mkiss: ax0: crc mode is auto. [ 792.602965][T13396] scsi_dev_info_list_add_str: bad dev info string 'ÖÐ' '' '' [ 792.763598][ T29] audit: type=1800 audit(8277292089.020:43): pid=13397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1975" name="dbroot" dev="configfs" ino=41285 res=0 errno=0 [ 792.783860][ C1] vkms_vblank_simulate: vblank timer overrun [ 792.793372][T13397] db_root: cannot open: › [ 793.799254][T13416] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1981'. [ 793.856903][T13416] HfR: entered promiscuous mode [ 794.388796][T13423] mmap: syz.3.1984 (13423): VmData 37466112 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data. [ 794.474821][T13424] FAULT_INJECTION: forcing a failure. [ 794.474821][T13424] name failslab, interval 1, probability 0, space 0, times 0 [ 794.487665][T13424] CPU: 0 UID: 0 PID: 13424 Comm: syz.0.1982 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 794.498474][T13424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 794.508565][T13424] Call Trace: [ 794.511876][T13424] [ 794.514839][T13424] dump_stack_lvl+0x16c/0x1f0 [ 794.519563][T13424] should_fail_ex+0x497/0x5b0 [ 794.524286][T13424] ? fs_reclaim_acquire+0xae/0x150 [ 794.529461][T13424] should_failslab+0xc2/0x120 [ 794.534191][T13424] __kmalloc_noprof+0xce/0x4f0 [ 794.539011][T13424] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 794.544671][T13424] ? tomoyo_realpath_from_path+0xbf/0x710 [ 794.550411][T13424] tomoyo_realpath_from_path+0xbf/0x710 [ 794.555983][T13424] ? tomoyo_path_number_perm+0x235/0x5b0 [ 794.561643][T13424] tomoyo_path_number_perm+0x248/0x5b0 [ 794.567120][T13424] ? tomoyo_path_number_perm+0x235/0x5b0 [ 794.572774][T13424] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 794.578797][T13424] ? __pfx_lock_release+0x10/0x10 [ 794.583833][T13424] ? trace_lock_acquire+0x14e/0x1f0 [ 794.589059][T13424] ? lock_acquire+0x2f/0xb0 [ 794.593574][T13424] ? __fget_files+0x40/0x3a0 [ 794.598181][T13424] ? __fget_files+0x206/0x3a0 [ 794.602871][T13424] security_file_ioctl+0x9b/0x240 [ 794.607907][T13424] __x64_sys_ioctl+0xb7/0x200 [ 794.612595][T13424] do_syscall_64+0xcd/0x250 [ 794.617118][T13424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 794.623029][T13424] RIP: 0033:0x7f1ae9f85d29 [ 794.627463][T13424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 794.647090][T13424] RSP: 002b:00007f1aeada3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 794.655516][T13424] RAX: ffffffffffffffda RBX: 00007f1aea175fa0 RCX: 00007f1ae9f85d29 [ 794.663495][T13424] RDX: 0000000000000009 RSI: 0000000000004b48 RDI: 0000000000000003 [ 794.671475][T13424] RBP: 00007f1aeada3090 R08: 0000000000000000 R09: 0000000000000000 [ 794.679465][T13424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 794.687455][T13424] R13: 0000000000000000 R14: 00007f1aea175fa0 R15: 00007ffe26947b98 [ 794.695479][T13424] [ 794.707880][T13424] ERROR: Out of memory at tomoyo_realpath_from_path. [ 794.851380][T13429] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1987'. [ 795.755174][T13449] FAULT_INJECTION: forcing a failure. [ 795.755174][T13449] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 795.796880][T13449] CPU: 1 UID: 0 PID: 13449 Comm: syz.1.1992 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 795.807728][T13449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 795.817828][T13449] Call Trace: [ 795.821143][T13449] [ 795.824117][T13449] dump_stack_lvl+0x16c/0x1f0 [ 795.828843][T13449] should_fail_ex+0x497/0x5b0 [ 795.833551][T13449] _copy_from_user+0x2e/0xd0 [ 795.838160][T13449] force_devcd_write+0x102/0x350 [ 795.843114][T13449] ? __pfx_force_devcd_write+0x10/0x10 [ 795.848591][T13449] ? rcu_is_watching+0x12/0xc0 [ 795.853368][T13449] ? trace_lock_acquire+0x14e/0x1f0 [ 795.858585][T13449] full_proxy_write+0xfb/0x1b0 [ 795.863365][T13449] ? __pfx_full_proxy_write+0x10/0x10 [ 795.868747][T13449] vfs_write+0x24c/0x1150 [ 795.873087][T13449] ? __fget_files+0x1fc/0x3a0 [ 795.877788][T13449] ? __pfx___mutex_lock+0x10/0x10 [ 795.882825][T13449] ? __pfx_vfs_write+0x10/0x10 [ 795.887603][T13449] ? __fget_files+0x206/0x3a0 [ 795.892295][T13449] ksys_write+0x12b/0x250 [ 795.896635][T13449] ? __pfx_ksys_write+0x10/0x10 [ 795.901501][T13449] do_syscall_64+0xcd/0x250 [ 795.906109][T13449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 795.912021][T13449] RIP: 0033:0x7fc4ba585d29 [ 795.916465][T13449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 795.936093][T13449] RSP: 002b:00007fc4bb3db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 795.944517][T13449] RAX: ffffffffffffffda RBX: 00007fc4ba775fa0 RCX: 00007fc4ba585d29 [ 795.952493][T13449] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003 [ 795.960469][T13449] RBP: 00007fc4bb3db090 R08: 0000000000000000 R09: 0000000000000000 [ 795.968444][T13449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 795.976421][T13449] R13: 0000000000000000 R14: 00007fc4ba775fa0 R15: 00007ffd27f34c68 [ 795.984416][T13449] [ 795.987562][ C1] vkms_vblank_simulate: vblank timer overrun [ 796.015852][T13439] HfR: entered promiscuous mode [ 796.083221][T13439] openvswitch: HfR: Dropping previously announced user features [ 796.667259][T13469] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1996'. [ 796.698578][T13469] lo: entered promiscuous mode [ 796.720003][T13469] lo: entered allmulticast mode [ 799.450184][T13492] FAULT_INJECTION: forcing a failure. [ 799.450184][T13492] name failslab, interval 1, probability 0, space 0, times 0 [ 799.493659][T13492] CPU: 1 UID: 0 PID: 13492 Comm: syz.3.2004 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 799.504505][T13492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 799.514597][T13492] Call Trace: [ 799.517897][T13492] [ 799.520866][T13492] dump_stack_lvl+0x16c/0x1f0 [ 799.525595][T13492] should_fail_ex+0x497/0x5b0 [ 799.530324][T13492] ? fs_reclaim_acquire+0xae/0x150 [ 799.535480][T13492] should_failslab+0xc2/0x120 [ 799.540202][T13492] __kmalloc_noprof+0xce/0x4f0 [ 799.545008][T13492] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 799.552340][T13492] ? lockdep_hardirqs_on+0x7c/0x110 [ 799.557589][T13492] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 799.564756][T13492] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 799.570272][T13492] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 799.576381][T13492] ? genl_get_cmd+0x195/0x580 [ 799.581108][T13492] ? bpf_lsm_capable+0x9/0x10 [ 799.585822][T13492] ? security_capable+0x7e/0x260 [ 799.590812][T13492] ? ns_capable+0xd7/0x110 [ 799.595274][T13492] genl_rcv_msg+0x565/0x800 [ 799.599827][T13492] ? __pfx_genl_rcv_msg+0x10/0x10 [ 799.604897][T13492] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 799.610320][T13492] ? __pfx_nl80211_trigger_scan+0x10/0x10 [ 799.616082][T13492] ? __pfx_nl80211_post_doit+0x10/0x10 [ 799.621599][T13492] netlink_rcv_skb+0x165/0x410 [ 799.626403][T13492] ? __pfx_genl_rcv_msg+0x10/0x10 [ 799.631473][T13492] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 799.636814][T13492] ? down_read+0xc9/0x330 [ 799.641183][T13492] ? __pfx_down_read+0x10/0x10 [ 799.645981][T13492] ? netlink_deliver_tap+0x1ae/0xca0 [ 799.651292][T13492] genl_rcv+0x28/0x40 [ 799.655306][T13492] netlink_unicast+0x53c/0x7f0 [ 799.660089][T13492] ? __pfx_netlink_unicast+0x10/0x10 [ 799.665385][T13492] ? __phys_addr_symbol+0x30/0x80 [ 799.670424][T13492] ? __check_object_size+0x488/0x710 [ 799.675726][T13492] netlink_sendmsg+0x8b8/0xd70 [ 799.680534][T13492] ? __pfx_netlink_sendmsg+0x10/0x10 [ 799.685835][T13492] ____sys_sendmsg+0x9ae/0xb40 [ 799.690624][T13492] ? copy_msghdr_from_user+0x10b/0x160 [ 799.696117][T13492] ? __pfx_____sys_sendmsg+0x10/0x10 [ 799.701439][T13492] ___sys_sendmsg+0x135/0x1e0 [ 799.706136][T13492] ? __pfx____sys_sendmsg+0x10/0x10 [ 799.711363][T13492] ? __pfx_lock_release+0x10/0x10 [ 799.716392][T13492] ? trace_lock_acquire+0x14e/0x1f0 [ 799.721630][T13492] ? __fget_files+0x206/0x3a0 [ 799.726335][T13492] __sys_sendmsg+0x16e/0x220 [ 799.730952][T13492] ? __pfx___sys_sendmsg+0x10/0x10 [ 799.736097][T13492] do_syscall_64+0xcd/0x250 [ 799.740618][T13492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 799.746522][T13492] RIP: 0033:0x7f8d6f585d29 [ 799.750941][T13492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 799.770557][T13492] RSP: 002b:00007f8d70340038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 799.778982][T13492] RAX: ffffffffffffffda RBX: 00007f8d6f775fa0 RCX: 00007f8d6f585d29 [ 799.786962][T13492] RDX: 0000000004000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 799.795025][T13492] RBP: 00007f8d70340090 R08: 0000000000000000 R09: 0000000000000000 [ 799.803007][T13492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 799.810987][T13492] R13: 0000000000000000 R14: 00007f8d6f775fa0 R15: 00007fff55e12a98 [ 799.818986][T13492] [ 799.822024][ C1] vkms_vblank_simulate: vblank timer overrun [ 800.421617][ T5860] Bluetooth: hci4: Malformed Event: 0x2f [ 801.070676][T13517] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2011'. [ 802.131047][T13541] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 802.152526][T13541] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 802.177169][T13541] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 802.199077][T13541] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 802.223294][T13541] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 802.306103][T13541] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 802.626933][T13539] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2018'. [ 802.920815][T13552] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2022'. [ 802.941800][T13552] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 802.959753][T13552] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 803.705463][T13569] vivid-003: ================= START STATUS ================= [ 803.755589][T13569] vivid-003: Radio HW Seek Mode: Bounded [ 803.770204][T13569] vivid-003: Radio Programmable HW Seek: false [ 803.776647][T13569] vivid-003: RDS Rx I/O Mode: Block I/O [ 803.785205][T13569] vivid-003: Generate RBDS Instead of RDS: false [ 803.794601][T13569] vivid-003: RDS Reception: true [ 803.802610][T13569] vivid-003: RDS Program Type: 0 inactive [ 803.808555][T13569] vivid-003: RDS PS Name: inactive [ 803.815790][T13569] vivid-003: RDS Radio Text: inactive [ 803.825103][T13569] vivid-003: RDS Traffic Announcement: false inactive [ 803.833811][T13569] vivid-003: RDS Traffic Program: false inactive [ 803.843166][T13569] vivid-003: RDS Music: false inactive [ 803.893494][T13569] vivid-003: ================== END STATUS ================== [ 803.919113][T13572] FAULT_INJECTION: forcing a failure. [ 803.919113][T13572] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 803.954467][T13572] CPU: 1 UID: 0 PID: 13572 Comm: syz.4.2025 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 803.965306][T13572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 803.975409][T13572] Call Trace: [ 803.978715][T13572] [ 803.981677][T13572] dump_stack_lvl+0x16c/0x1f0 [ 803.986412][T13572] should_fail_ex+0x497/0x5b0 [ 803.991147][T13572] _copy_to_user+0x32/0xd0 [ 803.995619][T13572] vivid_radio_rx_read+0x7c9/0xb90 [ 804.000796][T13572] ? __pfx_vivid_radio_rx_read+0x10/0x10 [ 804.006491][T13572] vivid_radio_read+0x86/0xc0 [ 804.011218][T13572] v4l2_read+0x226/0x360 [ 804.015507][T13572] ? __pfx_v4l2_read+0x10/0x10 [ 804.020323][T13572] vfs_read+0x1df/0xbe0 [ 804.024537][T13572] ? __fget_files+0x1fc/0x3a0 [ 804.029266][T13572] ? __pfx_lock_release+0x10/0x10 [ 804.034336][T13572] ? __pfx_vfs_read+0x10/0x10 [ 804.039065][T13572] ? lock_acquire+0x2f/0xb0 [ 804.043611][T13572] ? __fget_files+0x40/0x3a0 [ 804.048259][T13572] ? __fget_files+0x206/0x3a0 [ 804.052965][T13572] ksys_read+0x12b/0x250 [ 804.057257][T13572] ? __pfx_ksys_read+0x10/0x10 [ 804.062071][T13572] do_syscall_64+0xcd/0x250 [ 804.066857][T13572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 804.072761][T13572] RIP: 0033:0x7fae26985d29 [ 804.077181][T13572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 804.096801][T13572] RSP: 002b:00007fae27781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 804.105235][T13572] RAX: ffffffffffffffda RBX: 00007fae26b76080 RCX: 00007fae26985d29 [ 804.113235][T13572] RDX: 000000000000001b RSI: 0000000020000080 RDI: 0000000000000003 [ 804.121220][T13572] RBP: 00007fae27781090 R08: 0000000000000000 R09: 0000000000000000 [ 804.129195][T13572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 804.137175][T13572] R13: 0000000000000001 R14: 00007fae26b76080 R15: 00007ffc73f1f628 [ 804.145168][T13572] [ 804.148313][ C1] vkms_vblank_simulate: vblank timer overrun [ 804.159015][ T5860] Bluetooth: hci1: command 0x0406 tx timeout [ 804.165099][ T5860] Bluetooth: hci0: command 0x0406 tx timeout [ 804.239021][T13578] Bluetooth: hci4: command 0x0c1a tx timeout [ 804.239043][ T5145] Bluetooth: hci2: command 0x0406 tx timeout [ 805.653027][T13615] snd_aloop snd_aloop.0: control 5:-2147483647:1:IAªƒ>/Æ[k<÷ÎÇmgx¶U(!5ºœ+-Cî°ÜY¶:0 is already present [ 806.288682][T13634] FAULT_INJECTION: forcing a failure. [ 806.288682][T13634] name failslab, interval 1, probability 0, space 0, times 0 [ 806.328991][ T5145] Bluetooth: hci4: command 0x0c1a tx timeout [ 806.340476][T13634] CPU: 1 UID: 0 PID: 13634 Comm: syz.4.2042 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 806.351308][T13634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 806.361407][T13634] Call Trace: [ 806.366712][T13634] [ 806.369666][T13634] dump_stack_lvl+0x16c/0x1f0 [ 806.374391][T13634] should_fail_ex+0x497/0x5b0 [ 806.379108][T13634] ? fs_reclaim_acquire+0xae/0x150 [ 806.384260][T13634] should_failslab+0xc2/0x120 [ 806.388978][T13634] __kmalloc_noprof+0xce/0x4f0 [ 806.393785][T13634] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 806.401111][T13634] ? lockdep_hardirqs_on+0x7c/0x110 [ 806.406364][T13634] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 806.413530][T13634] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 806.419038][T13634] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 806.425150][T13634] ? genl_get_cmd+0x195/0x580 [ 806.429872][T13634] ? bpf_lsm_capable+0x9/0x10 [ 806.434583][T13634] ? security_capable+0x7e/0x260 [ 806.439566][T13634] ? ns_capable+0xd7/0x110 [ 806.444036][T13634] genl_rcv_msg+0x565/0x800 [ 806.448584][T13634] ? __pfx_genl_rcv_msg+0x10/0x10 [ 806.453643][T13634] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 806.459035][T13634] ? __pfx_nl80211_trigger_scan+0x10/0x10 [ 806.464762][T13634] ? __pfx_nl80211_post_doit+0x10/0x10 [ 806.470245][T13634] netlink_rcv_skb+0x165/0x410 [ 806.475022][T13634] ? __pfx_genl_rcv_msg+0x10/0x10 [ 806.480056][T13634] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 806.485362][T13634] ? down_read+0xc9/0x330 [ 806.489701][T13634] ? __pfx_down_read+0x10/0x10 [ 806.494497][T13634] ? netlink_deliver_tap+0x1ae/0xca0 [ 806.499821][T13634] genl_rcv+0x28/0x40 [ 806.503822][T13634] netlink_unicast+0x53c/0x7f0 [ 806.508601][T13634] ? __pfx_netlink_unicast+0x10/0x10 [ 806.513895][T13634] ? __phys_addr_symbol+0x30/0x80 [ 806.518931][T13634] ? __check_object_size+0x488/0x710 [ 806.524234][T13634] netlink_sendmsg+0x8b8/0xd70 [ 806.529013][T13634] ? __pfx_netlink_sendmsg+0x10/0x10 [ 806.534313][T13634] ____sys_sendmsg+0x9ae/0xb40 [ 806.539090][T13634] ? copy_msghdr_from_user+0x10b/0x160 [ 806.544559][T13634] ? __pfx_____sys_sendmsg+0x10/0x10 [ 806.549862][T13634] ___sys_sendmsg+0x135/0x1e0 [ 806.554558][T13634] ? __pfx____sys_sendmsg+0x10/0x10 [ 806.559792][T13634] ? __pfx_lock_release+0x10/0x10 [ 806.564824][T13634] ? trace_lock_acquire+0x14e/0x1f0 [ 806.570042][T13634] ? __fget_files+0x206/0x3a0 [ 806.574743][T13634] __sys_sendmsg+0x16e/0x220 [ 806.579349][T13634] ? __pfx___sys_sendmsg+0x10/0x10 [ 806.584918][T13634] do_syscall_64+0xcd/0x250 [ 806.589446][T13634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 806.595373][T13634] RIP: 0033:0x7fae26985d29 [ 806.599799][T13634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 806.619414][T13634] RSP: 002b:00007fae277a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 806.627834][T13634] RAX: ffffffffffffffda RBX: 00007fae26b75fa0 RCX: 00007fae26985d29 [ 806.635895][T13634] RDX: 0000000004000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 806.643871][T13634] RBP: 00007fae277a2090 R08: 0000000000000000 R09: 0000000000000000 [ 806.651848][T13634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 806.659839][T13634] R13: 0000000000000000 R14: 00007fae26b75fa0 R15: 00007ffc73f1f628 [ 806.667830][T13634] [ 806.670864][ C1] vkms_vblank_simulate: vblank timer overrun [ 806.836381][T13615] delete_channel: no stack [ 807.848992][T13644] delete_channel: no stack [ 808.411947][ T5145] Bluetooth: hci4: command 0x0c1a tx timeout unting resumed [ 808.770941][T13667] [ 808.773326][T13667] ====================================================== [ 808.780368][T13667] WARNING: possible circular locking dependency detected [ 808.787415][T13667] 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 Not tainted [ 808.794542][T13667] ------------------------------------------------------ [ 808.801571][T13667] syz.0.2050/13667 is trying to acquire lock: [ 808.807653][T13667] ffff888143b82330 (&q->sysfs_lock){+.+.}-{4:4}, at: queue_attr_store+0xe2/0x170 [ 808.816840][T13667] [ 808.816840][T13667] but task is already holding lock: [ 808.824227][T13667] ffff888143b81e00 (&q->q_usage_counter(io)#4){++++}-{0:0}, at: queue_attr_store+0xd8/0x170 [ 808.834357][T13667] [ 808.834357][T13667] which lock already depends on the new lock. [ 808.834357][T13667] [ 808.844768][T13667] [ 808.844768][T13667] the existing dependency chain (in reverse order) is: [ 808.853780][T13667] [ 808.853780][T13667] -> #4 (&q->q_usage_counter(io)#4){++++}-{0:0}: [ 808.862319][T13667] __submit_bio+0x49c/0x540 [ 808.867365][T13667] submit_bio_noacct_nocheck+0x892/0xd70 [ 808.873528][T13667] submit_bio_noacct+0x93a/0x1e20 [ 808.879087][T13667] mpage_readahead+0x41d/0x590 [ 808.884384][T13667] read_pages+0x1a8/0xdc0 [ 808.889236][T13667] page_cache_ra_unbounded+0x3dc/0x750 [ 808.895218][T13667] page_cache_ra_order+0x8f2/0xc80 [ 808.900947][T13667] page_cache_sync_ra+0x4b4/0x9c0 [ 808.906498][T13667] filemap_get_pages+0xd7b/0x1be0 [ 808.912050][T13667] filemap_read+0x3ca/0xd70 [ 808.917087][T13667] blkdev_read_iter+0x187/0x480 [ 808.922470][T13667] vfs_read+0x87f/0xbe0 [ 808.927176][T13667] ksys_read+0x12b/0x250 [ 808.931967][T13667] do_syscall_64+0xcd/0x250 [ 808.937007][T13667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 808.943432][T13667] [ 808.943432][T13667] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}: [ 808.951964][T13667] down_read+0x9a/0x330 [ 808.956675][T13667] filemap_fault+0x2e0/0x2820 [ 808.961895][T13667] __do_fault+0x10a/0x490 [ 808.966752][T13667] do_pte_missing+0xebd/0x3e00 [ 808.972049][T13667] __handle_mm_fault+0x103c/0x2a40 [ 808.977689][T13667] handle_mm_fault+0x3fa/0xaa0 [ 808.982985][T13667] __get_user_pages+0x8d9/0x3b50 [ 808.988455][T13667] populate_vma_page_range+0x27f/0x3a0 [ 808.994441][T13667] __mm_populate+0x1d6/0x380 [ 808.999558][T13667] vm_mmap_pgoff+0x293/0x360 [ 809.004676][T13667] ksys_mmap_pgoff+0x32c/0x5c0 [ 809.010013][T13667] __x64_sys_mmap+0x125/0x190 [ 809.015216][T13667] do_syscall_64+0xcd/0x250 [ 809.020249][T13667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.026671][T13667] [ 809.026671][T13667] -> #2 (&mm->mmap_lock){++++}-{4:4}: [ 809.034232][T13667] __might_fault+0x11b/0x190 [ 809.039355][T13667] _copy_from_user+0x29/0xd0 [ 809.044473][T13667] __blk_trace_setup+0xa8/0x180 [ 809.049850][T13667] blk_trace_setup+0x47/0x70 [ 809.055051][T13667] sg_ioctl+0x7a3/0x26b0 [ 809.059823][T13667] __x64_sys_ioctl+0x190/0x200 [ 809.065107][T13667] do_syscall_64+0xcd/0x250 [ 809.070142][T13667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.076564][T13667] [ 809.076564][T13667] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}: [ 809.084387][T13667] __mutex_lock+0x19b/0xa60 [ 809.089415][T13667] blk_register_queue+0x13c/0x4f0 [ 809.094967][T13667] add_disk_fwnode+0x785/0x1300 [ 809.100358][T13667] brd_alloc.isra.0+0x50a/0x7c0 [ 809.105739][T13667] brd_init+0x12b/0x1d0 [ 809.110418][T13667] do_one_initcall+0x128/0x630 [ 809.115730][T13667] kernel_init_freeable+0x58f/0x8b0 [ 809.121473][T13667] kernel_init+0x1c/0x2b0 [ 809.126340][T13667] ret_from_fork+0x45/0x80 [ 809.131280][T13667] ret_from_fork_asm+0x1a/0x30 [ 809.136575][T13667] [ 809.136575][T13667] -> #0 (&q->sysfs_lock){+.+.}-{4:4}: [ 809.144157][T13667] __lock_acquire+0x249e/0x3c40 [ 809.149538][T13667] lock_acquire.part.0+0x11b/0x380 [ 809.155174][T13667] __mutex_lock+0x19b/0xa60 [ 809.160206][T13667] queue_attr_store+0xe2/0x170 [ 809.165504][T13667] sysfs_kf_write+0x117/0x170 [ 809.170718][T13667] kernfs_fop_write_iter+0x33d/0x500 [ 809.176534][T13667] iter_file_splice_write+0x90f/0x10b0 [ 809.182521][T13667] direct_splice_actor+0x18f/0x6c0 [ 809.188158][T13667] splice_direct_to_actor+0x346/0xa40 [ 809.194056][T13667] do_splice_direct+0x178/0x250 [ 809.199427][T13667] do_sendfile+0xaed/0xe30 [ 809.204370][T13667] __x64_sys_sendfile64+0x1da/0x220 [ 809.210096][T13667] do_syscall_64+0xcd/0x250 [ 809.215135][T13667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.221561][T13667] [ 809.221561][T13667] other info that might help us debug this: [ 809.221561][T13667] [ 809.231786][T13667] Chain exists of: [ 809.231786][T13667] &q->sysfs_lock --> mapping.invalidate_lock#2 --> &q->q_usage_counter(io)#4 [ 809.231786][T13667] [ 809.246499][T13667] Possible unsafe locking scenario: [ 809.246499][T13667] [ 809.253943][T13667] CPU0 CPU1 [ 809.259301][T13667] ---- ---- [ 809.264657][T13667] lock(&q->q_usage_counter(io)#4); [ 809.269950][T13667] lock(mapping.invalidate_lock#2); [ 809.277763][T13667] lock(&q->q_usage_counter(io)#4); [ 809.285574][T13667] lock(&q->sysfs_lock); [ 809.289904][T13667] [ 809.289904][T13667] *** DEADLOCK *** [ 809.289904][T13667] [ 809.298044][T13667] 5 locks held by syz.0.2050/13667: [ 809.303234][T13667] #0: ffff88802419e420 (sb_writers#8){.+.+}-{0:0}, at: splice_direct_to_actor+0x346/0xa40 [ 809.313261][T13667] #1: ffff888024b6dc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500 [ 809.323023][T13667] #2: ffff8880207b1698 (kn->active#167){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500 [ 809.333144][T13667] #3: ffff888143b81e00 (&q->q_usage_counter(io)#4){++++}-{0:0}, at: queue_attr_store+0xd8/0x170 [ 809.343695][T13667] #4: ffff888143b81e38 (&q->q_usage_counter(queue)#54){+.+.}-{0:0}, at: queue_attr_store+0xd8/0x170 [ 809.354601][T13667] [ 809.354601][T13667] stack backtrace: [ 809.360583][T13667] CPU: 0 UID: 0 PID: 13667 Comm: syz.0.2050 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 809.371389][T13667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 809.381464][T13667] Call Trace: [ 809.384748][T13667] [ 809.387682][T13667] dump_stack_lvl+0x116/0x1f0 [ 809.392372][T13667] print_circular_bug+0x41c/0x610 [ 809.397411][T13667] check_noncircular+0x31a/0x400 [ 809.402366][T13667] ? __pfx_check_noncircular+0x10/0x10 [ 809.407838][T13667] ? save_trace+0x290/0xa10 [ 809.412351][T13667] ? add_lock_to_list+0x17d/0x390 [ 809.417493][T13667] __lock_acquire+0x249e/0x3c40 [ 809.422364][T13667] ? __pfx___lock_acquire+0x10/0x10 [ 809.427566][T13667] ? __pfx___lock_acquire+0x10/0x10 [ 809.432766][T13667] lock_acquire.part.0+0x11b/0x380 [ 809.437880][T13667] ? queue_attr_store+0xe2/0x170 [ 809.442822][T13667] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 809.448465][T13667] ? rcu_is_watching+0x12/0xc0 [ 809.453235][T13667] ? trace_lock_acquire+0x14e/0x1f0 [ 809.458456][T13667] ? find_held_lock+0x2d/0x110 [ 809.463221][T13667] ? queue_attr_store+0xe2/0x170 [ 809.468159][T13667] ? lock_acquire+0x2f/0xb0 [ 809.472661][T13667] ? queue_attr_store+0xe2/0x170 [ 809.477625][T13667] __mutex_lock+0x19b/0xa60 [ 809.482137][T13667] ? queue_attr_store+0xe2/0x170 [ 809.487076][T13667] ? mark_held_locks+0x9f/0xe0 [ 809.491857][T13667] ? queue_attr_store+0xe2/0x170 [ 809.496795][T13667] ? __pfx___mutex_lock+0x10/0x10 [ 809.501845][T13667] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 809.507655][T13667] ? blk_mq_freeze_queue_wait+0xaf/0x190 [ 809.513291][T13667] ? __pfx_autoremove_wake_function+0x10/0x10 [ 809.519368][T13667] ? queue_attr_store+0xd8/0x170 [ 809.524312][T13667] ? queue_attr_store+0xe2/0x170 [ 809.529251][T13667] queue_attr_store+0xe2/0x170 [ 809.534016][T13667] ? __pfx_queue_attr_store+0x10/0x10 [ 809.539392][T13667] sysfs_kf_write+0x117/0x170 [ 809.544079][T13667] kernfs_fop_write_iter+0x33d/0x500 [ 809.549371][T13667] ? __pfx_sysfs_kf_write+0x10/0x10 [ 809.554593][T13667] iter_file_splice_write+0x90f/0x10b0 [ 809.560061][T13667] ? __pfx_iter_file_splice_write+0x10/0x10 [ 809.565958][T13667] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 809.571593][T13667] ? splice_direct_to_actor+0x346/0xa40 [ 809.577157][T13667] ? __pfx_iter_file_splice_write+0x10/0x10 [ 809.583051][T13667] direct_splice_actor+0x18f/0x6c0 [ 809.588163][T13667] splice_direct_to_actor+0x346/0xa40 [ 809.593538][T13667] ? __pfx_direct_splice_actor+0x10/0x10 [ 809.599176][T13667] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 809.605074][T13667] ? __fget_files+0x1fc/0x3a0 [ 809.609783][T13667] do_splice_direct+0x178/0x250 [ 809.614641][T13667] ? __pfx_do_splice_direct+0x10/0x10 [ 809.620020][T13667] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 809.625918][T13667] do_sendfile+0xaed/0xe30 [ 809.630344][T13667] ? __pfx_do_sendfile+0x10/0x10 [ 809.635306][T13667] ? __x64_sys_futex+0x1e1/0x4c0 [ 809.640252][T13667] ? __x64_sys_futex+0x1ea/0x4c0 [ 809.645201][T13667] __x64_sys_sendfile64+0x1da/0x220 [ 809.650408][T13667] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 809.656146][T13667] do_syscall_64+0xcd/0x250 [ 809.660656][T13667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.666559][T13667] RIP: 0033:0x7f1ae9f85d29 [ 809.670971][T13667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 809.690585][T13667] RSP: 002b:00007f1aead82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 809.699018][T13667] RAX: ffffffffffffffda RBX: 00007f1aea176080 RCX: 00007f1ae9f85d29 [ 809.706997][T13667] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000c [ 809.714968][T13667] RBP: 00007f1aea001b08 R08: 0000000000000000 R09: 0000000000000000 [ 809.722943][T13667] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 809.730922][T13667] R13: 0000000000000000 R14: 00007f1aea176080 R15: 00007ffe26947b98 [ 809.738912][T13667] [ 809.764217][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.770723][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.859684][T13665] caif:caif_disconnect_client(): nothing to disconnect [ 809.900993][T13663] aoe: can't write to that file.