last executing test programs: 19.783843696s ago: executing program 3 (id=1428): mmap$auto(0x0, 0x1, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x22, 0x2, 0x2) setsockopt$auto(r0, 0x3, 0x35, 0x0, 0x0) 19.634966354s ago: executing program 3 (id=1429): read$auto(0xca, 0x0, 0x0) r0 = socket(0x1d, 0x2, 0x6) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/nfsd.fh/flush\x00', 0x8a402, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x4, 0x2, 0x9, 0x5, 0xf, 0x7, 0xb2, 0x8, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x76, 0x0, 0x0, [0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x3, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg$auto(0x4, 0x0, 0xffffffff, 0x0, 0x0) getuid() read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)=""/6, 0x6) sendmsg$auto_NETDEV_CMD_NAPI_GET(0xffffffffffffffff, 0x0, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200040c4}, 0x20000040) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyw5\x00', 0x0, 0x0) mmap$auto(0x0, 0x500005, 0xfffffffffffffffe, 0x15, r0, 0x400000000008000) unshare$auto(0x40000080) io_uring_setup$auto(0x2, &(0x7f0000001380)={0x7ff, 0x6, 0x7fff, 0x2, 0xda2, 0x9, r1, [0xfff, 0x2, 0x12], {0xed, 0x3a, 0x0, 0x4, 0xe, 0x0, 0x9, 0xc51e, 0x2}, {0x7, 0x5, 0xfffffff2, 0x63ea, 0x606ccd47, 0x9, 0x400, 0x5, 0x100000001}}) readv$auto(r3, &(0x7f0000000080)={&(0x7f0000000380)="dfad09a2a6a98582c7d5e86d2dfd9840ecbd74193156e76c479e56f90217f5396ebe72a45518d121a7b9a8734f9a96c5196fa40027718cbba72a2efc65e6743b1c2653ee6ea4f9da7412c4cd5977304fb15f2daf5d1cb8153ef9b52b431fe6a2cb264ec704e42389cc76b4b3a12686b393491fa51a4bfc38a4cb54b7bd959f1738159749b0a4a15a1002525e1eb7cc703b58b287e775b8e5ca8aba7a8caceb393bef4cad3dfd3ed9deec7f1286a1d5f5905e9ace5a5730c3cd138b486f07efe81516b65dec649779382e65bef2c94169f9c09c5647c19a86b7ea5c5b0d09019f50060a56e24a218550a82c8055d396d5de9c323b41abb2ef1d9fe7a35f45bfe43c839badc1720c0a92d891eca4bcc38e433ff9688b96e4930b86b9992470570aa3ed948a5fa5b502167a8a448476435c7f001c6edbb19272d7fbd5c1eece8ad20d648b7e922680127be1afdad9cbacacf7e3497c31fa28430591ab94c09777df4d25dc8faf4f1e03554d572d05a389957e3293e05f948be0fe3d6b15fea3c3e43ff07fe8ccb0b8d1fcf976cfc5685fba16115990e974dc827ce782eff1918f9324eb1a6c4e16c1cb27f86f6b757de897fca8eb460fe90934df6033999c463959f9f07a40c74a2f06b263c64e6892d2b7372a67304ea352646fd451b463f4660f52dd5c37cfa485d69ce4744b47e900402522eaa5bb24dd8c5ca3450bf9ad0cf8b9ded2bf6eae9a9916d4dd4617f709d876572874bbdbf65f5b1b033ce62ef1a5d657f911514021da2a7b5ed73031c5074450fe86d80737bd883ab87c81101e71311d0405b52e127930291448fc1751388a32797c5bc6bd2b7ea4c22b20e48a8b590086ef26b67cef18eefed99159d8649dc13f0ee596bb66a1ab465a45fbdcf753f0d7e9f831b5329aa7b0bab09568dc54e3f0a659596b5ffb2bf6dbb63aa37ce06affc735e34e509540b5db6722e040f2519a7788062cffc5dc24b28a5c20b3bd4a6fef2a3273d5ab9313d4bf22f9cca31996958bc483d4d1061b84e307aa0bccce7417d5effd6266c1336f6b3065a167046543ad88894f61575e01f833233b3071d027a3f9fdbc79dcb6ccaccfa39c5654ad2c169e7268ada21d4c4e07df1fee2db415d952552f8dc1d9f5062897eb6673ae40d2ecc7d9c586d76ce032d0150e4fa7e0d1fa8c8766b5bb0e4f18e6fc0e645845b1681e2f1817cc748ebcfb8dbb26df3bef67d14f04109066e7e372cdca536912860b4a8875d1882349e9637b51324c9fb49b98d2e02befcbd088575cf8705fb39a8ba38d2e6f689e883a677641df6183cdda6be741ab05d0a762e69a5f2ae730c25d2654e241d47673de012e66cfe049c7a709824c1c0a2a5614f29ee6512acf84b512721316a91278820738bd2201634544957fcd48d6e0ed43c2c11c255f5d8cb272794ae9b12501fbc3898d8271b35a6e54b148d0c2d47ee0ca1fe31cb7df11ac2ddc1cac755212e5289c8dd195757746a525cb74f085df21be1649565e02b92bb7c404de753dea6d38e9c8c2aa7ee558c364bd3ad21e55e173f538f8f46205ae87e92bacc0b4bc5b109fdbe123c6f44c023404f65ee46b989471e4e49a9b16e5c72c6a074c7795d9894924c464bb53a8e67504d4a8b8540ef1a8cc4fb824a6eb58210c99a870dbeffa8979fc7514e1ac04d3b742b864b5da73f2a9bb5bbd4a8a06ea8b03d626b431ee409be61a0de73f4d3e43e11a66cf4b439ef0a6ddc6e0830daa2d93774f25330c458fbe3a23003ae8ac19c3d05aa7e05f5b1caec95bbcb0a391aac4238c1a90bfa22b1cec9440db0307baffc51847e13cb6db27f9f9ba876e198d6d834d319f948769520be1118582d870308134750cb2ccb524662039fb1a772be7f9d38d8a2c8ae4be6e33f2b68e1e85374ee16e4f0fa0ee2e0557066fa824bb1b3bca52781ca3670920985b026b00c6e1786c835ff867f4880e3a6566b4afd62243aceb4ab7839f99fa74ee6b1554ed44fd539f2cc4f0bcd30537a71a81abfbdb4089eb2524fff873308a1e3372bfd7c7a7f789c2ec08edd241277dffdc1deb83b64621b0672f1889f64b241bda0afa1c69be0a26feb89304f8a11932c8c210cb04644f33c794d03c4591617956eed61d5e48d87d9004b5ee71d5aea3c8161c826159940f57a03b7d3297362898e43cb094caef012b1fcd124daff26630e5498e7538f74910a285bc71c1a1c309bb369897da61233e7bd99422909724f795ef1a42f9b77d456fefb788ab65cf7ae8bf01c7e6174f4b49af441bfae56530d808375d4fdc32d89c225fe25fc65b20f1f57df0baab1c9700bf1ee8324489df87ac3b338b52acfc863889fd86810a8b8023c7a723cda96001d9fd9cb4a0a63019336382e7c0d7168db26751ea906a7e3ee5cefa956a5e1b5df8edd53539a61d9d6b977c64539962c7ea119836737f34e013496821deb5224b14b3240d31eb4845124793ff98946f237df8bf4c49ffa7cc97b984597240dc93e48961ec7cba9a62877e8e3a37d30609002b035381b3777f58d4e617340802005b973a7d213c1323e813d749fbdd41c606e72034ee3fa573c763f545833ae7004863825145ae6e364eade7bd0d6d68cd3913b822ca7fd11158c074ead916d9611eb913455c096025ade28ee276d7f276659cd85bd6e86dead8cd50a53118e8b4c41c599ce63474ae5e78ca21593fa30153cb00fab7c7624fb72d70a9970478b2ab9faa37819c81b7671c9b35adf93445bf47308e6b2ec5b6518244f036d07705bcb8bf585a388f3a5a21994c0e8701826619853137a4a6e37ee304ffc34c015650f84bfe9d282f0b0356f5536c9638c2e40f281379464036890f9b322b5c842bf682306766cbaba2a7d7426f7e9740d4071413801fee79712a2f7617fc23dcf4db425380535ed062030f1b07c89b371b8952e25f99fc470d4052d2e16ffa96d5caff883a66b602b53fcbc745784acfb83c8ef4e3cb9b9c4453acf5c03a9d711ebcabe866c69396ed93ba1a09f931b614df5050496df4ee9dd642ad7de4a2f7bf89b24ccbc206ceb6794e0547ee41bb6e7035ddfa60f0efaa46f6522c4498ba7d95755c981eaf5c516afa262726dc74686a334a0f06fc8441b92f02b285f843e48adb4216f39b07cdedafd120230f6c99649e1885b37a2984b74adb4468a687c1a14e4bc9ba172b521fb26e56acc0d239df4e7ecc0929a852d2ab79c3fdcd9811bf80c3c8b9a96074990cf75b0a42e93792486cc0d1e5099071a26dadcd99f438c1dd4a4c263c8ce409a693c9b05eeac6057478c600873fe4ab6b31f9bdebe64cceae5f134be1415955d3516a76df1d13cd8a4bd2390e83996ec3253a8655deb3419d7a719d66fe24c3e1e62c9341a7714abfff6a1a3e12efc27ad24e11fb3112ab19ce72858018d6b1ad8ba95b2568fda7a9e73a0a677995196e938882d64203d1f28723a9cf263e582eb36099ad66f4904e982717f0c0b512dee4003eff3e92217d78a718672232234712798a776fa881623618ff6086df9a3d5403380bc330b5bd3bffba272988fc826b35840ca7da8da14803901d67e380905c065a25727dd98985ff688be00f6f6de027bd32135859f00f2ef77e5fb2f6ddfd2e2c8147a6f051a0c7f9601f64b10aee7b35cf1c5a51460e82f0cc200bc80da65715b2b43bbe507315ef2f92423ba1bf9d90f5adcb5bf6c2d8598c17cb69f0067dc7fa0b1495fef1b19de4b02b70b132a3d1c629e5c7551d9a6016d8295339f9e2506f3683b49d4052c9eaa015fedd829be94916bb658d79676ecc8e5828838efba3f1fa33fc30e34df10c1cb961e1b30cd3518e7f92c5d552bf46147aea4deeeefe0bcc22a079b45fbaaede53702ce7dd31f5141de371c7e69b0604f874d0c5f61b8137f85acd2ef91fcd17002e9f854245f379336693b89cefaad26f7e4faeb0cd3e893d50e93967b2ed6ed1dda6b782e3ce8ddcb123988cfcedcc9a3f7220652000169d339b0603caff4c4d61c8fe203d981bac4409d7534123e4d7ae8d4e5622bd90bda99d0fc9991c1f3fbe37635217e8eb94893d1d7d3f978264edb564bc6b29076c4c1ebf7b82ba01b1d7604c10c0b1329d5c02bfc397a77522cddd5eff3dc6ffeac211a244d7ecfae1d0e603aa413b363bf82c6441d908cf4c812fd73f86d095e569c4a1c548af26e42b7aee04dac104c8be47021d5c74a58b7c861b3961b105d01c0d3773b8bd6ad75cd07a8230a57d17e19fe4cf9dcc9da1cd427bf8d96307bf37b1e34d67b3ddb5a5007a201c847edfa2410838609863306fc128081987f74a26edb6616b16e82a9e31b0485e33331a8be810515873a281afc2a7f6822161ae5a29cbb1f31e1ff0e251ebaadd8fa898006ab4056450dfe68ab5cc372c01c9d06a8008917b6babe1591ac2d263c9981d5ff2a0a0e600ff9fcf1a3dbe788966c51d0f3d85081fa7f1d2cedc21ef7e81605d5c4cb6fae16cf88fd58f7892075723effdc9b824b60b272cbb5994cf59215030d1939210f7f8c3ef763e195cf576f48c6b4253706b4a0aed40cd6834349cf0dc2b9dfa51607b8fd532f7b5ffe6d59ac7aff99f020d9f163cae2aed008a96cc263aa8978991e7be1155b3caf2662831b422f1adb93de29b7e50de6442ef1e6c4db1185119f50b063934fb1d1216b87a0f868ffa447d52c51223cefb5aa7068a10fc4075a87f90d2788d1fae542b56d3944048caff36c713ad969fd8eb963f451f210f66b8f71694c1a748072c158803652e63d3d37b510d8610f8112ba5352f63221cf83b4eda293108cb8f11ed07e8069859538e55d1dd46879d208d056618e8b69b3973d4bae663f333fc21051bb5fc635f17b5462ecec08df5cc11adb49c2cc7500bdc098dbab47b127b515f16caee409a2daf2f37b6fa53c95501488aff32a9e882ebf2d038bf52fd38913ca1e80f9ba71fb5521152f02142b7663283329c86739047782f6cf49bae67b4ff7559dec87e7f848472b7a414fff50528a1215e1963cab6898a63cb568f6435d7d58831ee76610140da37802739d6de16df76c212a4eb6eea08ce4c2e5d2fac5f782398486ff9331257eca3f30f4f53d1423872780fe5979cd89556298f793cf25676f6036e761995adbc943bc8648baaf42b456e66c46c37acc0ceae19119923f05b1d1a84880f2378795be2512ac3440793d117eab2c731d6819fed7d1f42efb3c041b3688f5892c59c384f9e118cca9e1b1fb069c368942db9848dc421ceda7d1e1c3558cc7687ebe7d5764e7545e97d75bc8fe1812dafcf06d1371241df680da70f6f2ff1a193e4a3069c74ecb7139dfe445c52a201224aa0277f9ad4bfbd56732f653f9747539f5b284d2f7dc1d550a52a725b8f777c48622ee22d5beb7c1d2d8ca16dd436009378a499bec499d1c8b1b4cfe9c7c17cd0af6978dc39bcb4b0a626bcb2a6f80e01457c761b5dba422c9f5e40dff98a1ad0684257bd02b67c02f75a6426c923793856e5348ed1695a5fa3270f55886c259be6f08f58da7b432504b1d468ab41befcbee39ca974b9a0ad01585d8f2c079ff6f1067b90a55519189bd419e1eae98e4484173fc668b58134d3e2511a20876e2786448056ca2615cd044a83843d3fb9a1b3ca7c9ef0c7030ae141392e941a51b11cefa1065f634dd1840e16e26fd6ff8d158e6e589f474680f65eaaa8a2c65b7a47963a9995f1d2c89962a47308e92ff00b2d1d4cab817359833a80701ba1d40d54d73ac980ddd8a03ee6c4a00abfae3342b5f8382fa3757b4f", 0x86}, 0x1) r4 = socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcc, 0x0, 0x567) fcntl$auto(0x3, 0x4, 0xa553) mq_open$auto(&(0x7f00000000c0)=',\x00', 0x60, 0x7, &(0x7f0000000100)={0x10001, 0x7, 0xfffffbfffffffff7, 0x8000}) connect$auto(0x3, 0x0, 0x54) setsockopt$auto_SO_BUSY_POLL(r4, 0x8000, 0x2e, &(0x7f0000000140)='+\x00', 0x5) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 19.091446106s ago: executing program 3 (id=1431): r0 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f0000000180)=0x80) mmap$auto(0xa, 0x20009, 0xdd, 0xeb1, r0, 0x8001) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x2000000000000000, 0x7, 0xf) r1 = open(0x0, 0x7ffd, 0x12) write$auto(0x3, 0x0, 0x100082) clone$auto(0x200800000007, 0x5, 0xfffffffffffffffc, 0x0, 0x1ff) r2 = io_uring_setup$auto(0x7, 0x0) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x9842, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x401, 0x0) ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) syz_genetlink_get_family_id$auto_vdpa(&(0x7f00000000c0), r2) sendmsg$auto_VDPA_CMD_MGMTDEV_GET(r2, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1012}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="f28b05f2566564a0a8d8ccc7f3fb9742a8b23c15c17a08111ab604c65ca11a12950d2b09c01b277100010000caecb86824b7a875747e877da4fbdc57e2d38a5ba3b4e4af044837e38a798abb7eceda083f581e9d991ee21e460934feeddb3d0583e3fbc40d472b9dfbb03567e3e365b25264ecbf7b967d24554a44a0d0002a10ac8b2a0c4bac441c6ed50f71e2524413438bc6d2a788b241c1c258659766231a845d76fe5bb64dac1cf4f43775af2ee76a84151346ef6543a44a3f88cfa4cb07101c906e5e45207e003761c52d130084d3dae6844d80", @ANYRES16=r1, @ANYRESDEC=r2], 0xcc}, 0x1, 0x0, 0x0, 0x40}, 0x4004080) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x509a81, 0x0) fchdir$auto(r1) read$auto(0x3, 0x0, 0x80) close_range$auto(r3, r4, 0x7d) mmap$auto(0x0, 0x400008, 0xdf, 0x17, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) clone$auto(0x1002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, 0x0, 0x22641, 0x0) socket(0x1f, 0x6, 0x1) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x4c0001, 0x0) socket(0x18, 0x800, 0x6) 16.586567765s ago: executing program 3 (id=1435): openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001500)='/proc/kpagecgroup\x00', 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) read$auto(0x3, 0x0, 0x7ffffffff000) 16.436126236s ago: executing program 3 (id=1436): mmap$auto(0x0, 0x1, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x101040, 0x0) close_range$auto(r1, r0, 0x1) socket(0x22, 0x2, 0x2) getsockopt$auto_SO_PEEK_OFF(r0, 0x5, 0x2a, &(0x7f0000000040)='-.],9#+[\x00', &(0x7f0000000080)=0x7) setsockopt$auto(r0, 0x3, 0x35, 0x0, 0x0) 16.376613837s ago: executing program 3 (id=1437): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x82003, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r0, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x8, 0x6, 0x62fc, 0x2, 0x8000) io_uring_setup$auto(0x1001, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r1 = socket(0x11, 0x80003, 0x40000300) r2 = openat$auto_bridges_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/encoder-0/bridges\x00', 0x8200, 0x0) read$auto_bridges_fops_(r2, &(0x7f0000000040)=""/5, 0x5) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x1, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rB\x1cJ\x99`:c\x14\xef=\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x280b, 0x40000000003) close_range$auto(0x2, 0xa, 0x0) 6.268304924s ago: executing program 1 (id=1472): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) timerfd_create$auto(0x9, 0x9) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) socket(0x23, 0x80805, 0x0) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0xffffffffffffffff, 0x80045113, 0x3) clone$auto(0x3fff, 0xad3, 0x0, 0x0, 0x8000002) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) madvise$auto_MADV_GUARD_REMOVE(0xb258, 0x1, 0x67) open(0x0, 0x22240, 0x155) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b7e, 0x7, 0x28000) connect$auto(0x3, 0x0, 0x55) recvmmsg$auto(0x3, 0x0, 0x10003, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) shutdown$auto(0x200000003, 0x2) socket(0x2, 0x80802, 0x0) socket(0x2b, 0x1, 0x0) 5.253755675s ago: executing program 1 (id=1475): ioperm$auto(0x3, 0xe, 0x2000000000000149) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000005540)='/dev/input/event2\x00', 0xa481, 0x0) ioctl$auto_EVIOCSKEYCODE_V2(r0, 0x40284504, 0x0) socket(0xa, 0x801, 0x84) set_mempolicy$auto(0x6, 0x0, 0x4) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = getpid() openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000040), 0x88080, 0x0) r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x68200, 0x0) read$auto(r2, 0x0, 0x0) unshare$auto(0x40000080) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) pipe$auto(0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x1, 0x5, 0x40, 0x1ffde, 0x9, 0x3, 0x9, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0x28a2, 0x3, 0xb, 0x10007, 0x80, 0x2a0, 0x0, 0xa, 0x22000, 0x200, 0x4, 0x84, [0x3, 0x2, 0x800200000000, 0x6, 0x0, 0x4, 0x0, 0x0, 0x70624ce7, 0x1, 0xffffffeffffffffd, 0x8, 0x8, 0x10, 0x6, 0x0, 0xfffffffffffbfffd, 0x5, 0x10000000000001, 0x10000000000, 0xe, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x5, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0xffffffffffffffff, 0xfffffffffffffffa, 0x8000000000008, 0xfffffffffffffffc, 0xa, 0xa38, 0x3, 0x3, 0xfffffffffffffffc, 0x9, 0x1, 0x7, 0xc567]}, 0x1fe, 0x9) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\r\xfb\xff\xf6OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5) ioctl$auto(r3, 0x4008af04, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getitimer$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) connect$auto(0x3, 0x0, 0x54) 4.596978296s ago: executing program 2 (id=1477): r0 = io_uring_setup$auto(0x85, 0x0) ioctl$auto_PPPIOCDISCONN(r0, 0x7439, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r1, 0x1, 0x70bd2f, 0x25dfdbfe}, 0x14}, 0x1, 0x68, 0x0, 0x4000841}, 0x4000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xfffffffffffffffd, 0x40000008000) r3 = socket(0xa, 0x801, 0x84) getsockopt$auto(r3, 0x84, 0x6d, 0x0, &(0x7f00000002c0)=0x5fffffff) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_READ(r4, 0xc0085504, &(0x7f00000001c0)={0x9, 0x1, 0x6}) r5 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), r2) sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_O_TEI={0x8, 0x9, 0xfffffffe}, @GTPA_MS_ADDR6={0x14, 0xc, @local}, @GTPA_VERSION={0x8, 0x2, 0x200}, @GTPA_FAMILY={0x5, 0xd, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x68182, 0x0) mmap$auto(0x0, 0x8, 0x6, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r1, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x101}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x804) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x9, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x8998d5f, 0x100, 0x200083, 0x101, 0x6, 0xa6}, {0x100, 0x1, 0x52, 0x5, 0x7fff, 0x3d, 0x3, 0x8, 0x100000000}}) r6 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r6, 0x0, 0x59, 0x7) r7 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/dri/vkms/vkms_config\x00', 0x204240, 0x0) mq_notify$auto(r7, &(0x7f0000000300)={@sival_int=0x1eb, @raw=0x6, 0x8001}) 3.470169974s ago: executing program 2 (id=1480): r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mq_notify$auto(r0, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x20) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x5e91a854c2dcc673, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x401, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) r2 = epoll_create$auto(0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20800, 0x0) epoll_create$auto(0x804) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socketpair$auto(0x8, 0x7, 0x1, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TCFLSH2(r3, 0x5411, 0x0) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x1f40) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r6) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="110b27bd7000fbdbdf250900000008000300", @ANYRES32=r8, @ANYBLOB="08000600", @ANYRESOCT], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x4009800) newfstatat$auto(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x7, 0x6, 0x2, 0x8, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, 0x7ff, 0x80000001, 0x8, 0x4, 0x4, 0xf8dc, 0x0, 0x4, 0x6}, 0x9b31) capset$auto(&(0x7f0000000180)={0xfffffff8}, &(0x7f00000001c0)={0xb, 0x5, 0x4}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xdc, 0x9b72, 0x2, 0xe26) 3.207348267s ago: executing program 0 (id=1481): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0) read$auto(r0, 0x0, 0x9e7) (async, rerun: 64) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000005540)='/dev/input/event2\x00', 0xa481, 0x0) (rerun: 64) ioctl$auto_EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000005580)={0x7f, 0x9, 0x4, 0x20000003, "23e071dc3a210f03582570c6f8365b8568847d57335495a7d6c848964e6327f1"}) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (rerun: 32) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x40246f4c, 0x38) 3.169379553s ago: executing program 2 (id=1482): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0) sendfile$auto(r0, r0, 0x0, 0xef0) r1 = wait4$auto(0x0, &(0x7f0000001400)=0x8001, 0x8, &(0x7f0000001440)={{0x3, 0x80000000}, {0x3, 0x91a8}, 0x2, 0x0, 0x2dd, 0xe, 0xffff, 0x7d1, 0x4, 0xbe, 0x5, 0x0, 0x0, 0x7, 0xfffffffffffffff3, 0xa00f}) shmctl$auto_SHM_INFO(0x6, 0xe, &(0x7f00000010c0)={{0x9, 0x0, 0x0, 0x7, 0xb, 0x10a, 0x8000}, 0x7, 0x4, 0x400000008, 0x2d2, @inferred=r1, @raw, 0x2, 0x0, &(0x7f0000000040)="02f7b3cd2c9157ebdecc7ef55f2acb374ca4dcc8124fc2dc24271bc385f3c747ad35e8cd1091f01a1dceec6dff970da1e44ba6b611e5f0f0810cc6ec4794cc9ce9442c1fbcce62c560d76a35a974968c03c0ac48e7e028b2dfd22a864dcfe57e20dfaea53b952477cd16cf98186e802cc8e6795e4671c2c98f34b6829bac7bed1b0a6607329a113403c13a3f7214767e295ff0d23dd02e17ce27a0931589c177ece250f5ef2e8e13779a01913170da3c45f6dd2fc41f8fec6ef83981ede353780a08aa1e38dd39ed52b8a4eb9ed64c6ccd79442828647fb57d97574dab937f88a57aed79ddcdc5f4ea0f1198b6c1c58f2b8cd54f63690fe9f0c45169efd2bd9c877f523e41f9b77227e24d6305532a7c213236328a8719b51d9fbda129b15e10366ca69589ab0b56e4c6310b4d8dec06182d5db7346f9812eddcaee722f8a7e9d1218947530550cceca93777a979f55fcbff80303b159f839846a850668946829365ddbd6b6c6de3ee5aa4827290d29b3e3b10e75fa36315a4706340f0e539e3bc5b5282c218fb0f38e996ffa1657ae2a4d6796f3247a602f99e0d88ca4aa6624e6d56743335eaa14e64e2ae9f511b1a6c4a11a475695d420e875eddea2989f34a76ffbfb4fe078d50492d5c12265635fc9b8e92b52186b90d5dd0d047033a5597a9a78810a4fd115514ace8ede92ca35b7030251966a186ad4fdab1f489862ed1adc7325691ed6cb814de4f82f8757d4f46e6166bd5aaae07575b550ca51ff6e96d950fb77c949b7c02541a4ec0b15989078fe82422b1d6daac8ceef1f7ee522e197f515446e44914c8a7020bdb40f12f217bf3ab6ee78fcad29bf24950dff7567eccadc192007d4f163c077a32c192266f2def0d2d49920b091d2a7539d780d12609217950be80e390de62d7fe861e2f63126468b2097d1bfed5dd946e026427d0f6353d950c06da64d3b6fc61d6aa23fbb53d555ce7ca7479eb2f7d85cf3cfa1bef4c3999e02b58dd1f774c6a5651dac4d5463177c797c206cbc8088e14714062a3c12dc7558a7a479c43e4be8163b5877be5583ebccc38f6a8c272ae611986ab661f53a87a1921afe00b21cfc5cb24afdd8c51e57e5b64f195cb33d5717f85fa641ff3a5c3fd66ab43f92c5912ed702e95bd7336321133d44f00adce4956d376816cb6ea169be5eb4443afb68719de0468e2bb632fd40d653296d5c977c8708160bdec63e10f711836a04574cc002a8cb05734db481e1d0cb866b9d943f7ffcd05b79b18842e593c156bb7623ff0ae2ede3e901263ab5d9277015a7fe75840b9aa6569b87ef52653767f5789cecd63a800314bdc18a44d82b43a4042e36a0f00b921aac340d52419fb5ec050200e780a024ff09daf849cbb1e105c864e13ad2c46975e2d86ff8058056d2e8370b848b9d1d509d3c94e2887d0668d8b20d0d00bfcaf1a43e00b311aa548138ec9cd64974fdc89b1ea88a07f8ccb35abc21042246f918a5972cea5924ea7f2890b6d1a148d1a407a5fd05a377b8afc66afaa9617b7a66271478825e0bd3de9da71a4c7039b9bd35770c4eabf9c39cc36e458c7a636bf74a8cfe8e9ebb5b48f4a46c70e5798cc929712e866cc6e4246656ab66dc09c68d3c877c420722607266a32ccff8fb529d94cef5edae52a0663a5b46e092e7f3285745b7774049483dc9b70177abbac56d4514749c8c245bfcf3781244c2f55c2c34c5a67bb8a8a2e6d01d509d93df0c64ef3564bdf4243719798d1f234822b7ca0ae1e92157a1ef60fe3a47e76bf90ae4a67aaa1fe563699dc31e898893eef0f6a16d9a3b2fc3eccc7643543cb8649520b010d54841d4a23cde3cbc3e853e489756adc4266c0f7d9358cfd9cd4176ba00952f034d5715b573506fa4bcfbdd5bae29504d918f67a60487ec9643111fc10e41e3d7f7fcea22feb4af3f74f2e23ef434d709273cbcbbe0892020907a43388a4f30334da7fb7e88a00cacbc173768b7255947894aac59a9c5852dbe4037d0f9e05daaa997072d4d56fc1054280fc6b14f0e7d44a1f28dabceabf937272103a96b44969dda69b694c5363e199da7899bab561b862fe638b349c37abb1fd86899d0b6a787474f04307b0f8d4d6def58cdfd221af87f4adfad3d7897f2013c1bc8e035a7c248d7c7975f73be4372125fa67c95dd1f574d68e23aafe4b408a6f3aec83ba272666377f0fabce454484a7f3154bd6326d807b0b73eef144cdeaa3d42625ef78fe84d0535f84a0aac91aaec9ce9052718ddbde8adba6be4205a193df8dace42d61e85c08eb694e99702ec01653c4296f9a2416b5beb417588f9f0aaca12dd611120096016acba2442d7736bee117c2a9c62826a971956ee5df4e8eb705d126eeb00f34c2004b03e8f29ba9e080e68dff8a56ad5bae47148909de1ccfc285b4d294e759f510a143873aa93285e3669d3355925b2ab4921b723931a70a30cc9dc885d041a9f09e52a46b4d655a5215d08beb9b7b17ae3a7cf7648c08ced8ce31fc95b2fa10a0884593ada0454630e97ace80b9105814e60eb6a0e478f94caf1225933a34a6c5a4ce4a7b954d338647eb76b2b095a481e4b5a883354af6e76b96b575b1f112a445e026c6f966438345b704f31c7ae0370402176a59c9f831793250c8c375babbc33f4881f4b0fdf567509629a0b5246c20ad1920b980cc176119ae8ce447e399897800ab742880177e703cd109d9cc8d6767775b98174011d24c971a22805caf6ce13ea2b509704c0aaa3ee42b707d41c9b034faeeab8dfebe650dce2c8599a6a23f64b72cce5f1c3317289e60a6618712aa4a2c6e31d679e69a77b20c7be52b7e5edde5b0bd1960c44531724b6add02427a36a8e95c03602cbf69fc5d6f5087703fbf7860f71dbfc0a37b1bbd8cb7fb601bb806bedbdcfb7a5357751c235cac77c8a890187e32aead687524f6c56842fc507f47021fea3ff1bf5feaa2f39d547ab98b8778c12ac9081b1eaa22acc5ea2dc4013987b5f547ddc1dc916f95f0d773e93a388f5431c28e4a27c59f529865b90f80d2f02f9d81b08e76fd601fc4cf3b66f19ec7ad9517ee94872e07f0bbd28acd46eb4f484fa506f66ec1a25d39502d1230910a62e6d06344d972f8ac5b036eafe6df3695961c31370b2741335be68f632062bb05ff52282d0031e4e2444ebeface03c2d9708df24429293461102c2a56d8c1632c13ed3b8f619fd9b5ec7b99633e2c7467c3ea86b2f641a70d6b29052b6cd251cadde9ee2c4abfaab91d979bf9499d942fbaa27493376274b39d593ee856613844be4298ada8ead046d7eec7ea01da3722aeff4b75ed4565a0b50794a1bccdad5d71ff0f7dabfa65b9a1d7d0721e18904799f8fa04b0d1a4334c4d2fc071a17fcde6dfc1ac4296a1c8aad7e629891eb188a0e0d4b4dd61fa46173d33048a161f23b6e46c2640269204a0a984e3e926e9be9401aea40938201a9400b2b0943f5292cc945d0aea8a3c82953e53447c8a5b03945f02b30d9de8b3671f43b630db8f348afd6cc761acdc66a07c94a984d9e3871d606cd7b9e478c87bcdc6bea6422b42f0eefd2f16330300ee7894a1b271d9a33de63ad3aa83203665595cd706f435e4b4cd94c59721b1244f35d93a265b7edfc99b4ffbfa76454360bfd6ffb1756cf44ceeb99d319709d63aaf048814c4920ebda5dd0f5fb565b672564da5cfb298518373457ce738b043a3f881cb49a629b1bd9dbf79790869b64011178fea7e0fad065a9b76206d5e5c2ead69e7c62f7d5bc8613219225ebafd75229f8fbaa19de4364d4849d9d4276388148eb34c8c360a62a7a4cc11e31a2f591a63106b61e813879c1ccc4e2ce4e604c1c4b3ea1bf547d9aa563a9b5a202c5908278e7d0cde8cc523a92979adf08118202ec489210b2db53a8ce3f872cba135dbe385484b87789e0bf4f305c1d5339b069b0daaf58b7ae7f6e56bf0b8913c511c8bc533bcd4bf74a12b1446a22f7b39d30843b73c89cb01e505a0edd9550d0bdf99f99de1607e31f1c84f2cdf598a921eb9a502734fdc823f32e3c665f919036506dc4a77f1a6fcf9353eaf396b52310cba8bd1431a5b3b0a263bbe8f461b6ca924ee9e9b70069aacc9093923c2864ddc0b602d7faeca507aedd3d99521fbb56c95bf49fe733b9e610edb04f3a592ec3c0ca169f1c44be382c2368f3f75dc6b1db64a80f9e9a70a72244fc6779dbc06298c8128fca8810c81a1cc9ef35f31333482365569e9dc269b5798d03c22cb034031b1ad2f947e6d9ad7878b73f307be4c25b8daa945c1112161cd0957c76c4ababfccac31091b7a4cb0fe2b26dc69344db72f4cfc88580f4400cff62d3a267aa56108508fc0681f765438b12e56979b7d8a391f477013c96dad674cca3ff689a0881dd380687ddf9dc98234a5a8d55759dd5fe82eb53fcb7f6e4817c966e8929706b94e241b2f8c36ccdfc2cf6fd0ab8ee4c07f0628ce29d0d0bd5d6fb3955146e34a491d7a39a2eaa8c4807f67224624dbbdd69974fab809181e6be26b5babb9f5aa84db0d31e17b706e906aa917e839e2dc53014348be28feaa6e408218d5ede800f1aaaaa745caeb9e58302dddce1eb877ff38a9afdca8f7c13afc508edf9d1c4865d3c4b23d59b579f78a3a97eda3cfeb524a13cbccb6e4b15bb2d77b1c4dff714510b4a768b5ed72b024872087adcb2b2e944591b89619fe2a100ce02af801a14b42436203667f9c29175a942ea233df142e1c858bc8a0cee6a1af6eb7c941145a2a74254e5550722a186b75d16d26d1695af90689d391cf4409d943dbf366875474a99d36b0eb5f01a806b8051d5d3a7522e490d0b74b1382f24ba8a4b4d29bfd08d229b42f70bd96b27dbf74ea40802ba99bac2b6b3ad5a3da09f941ffcade302576f63aebedde8464fc6fc0b296402175810a2a16ba1fa7fbbcdb23a3c4b3206d5d7e52e563bd39b45cefc1f9db879b61b145530fd325c11ab77abad97ee6f7ae02f92ac97bd1575bf705fb745c6547d90f62134c34ba6c9c1d26d4fa4438dd1795f74d8eec73f0d08f4299d397806b2fb8be1a8d05b4e94de08e4a142ff427d71651125963b7f28a424014ad2e570a351e6afd5aff4fd84ce25ed46053e00ea8ad891f634f2c42d9a96ebadd811bbd9feb8547af225acaf284b52f9139d2027275735339d1bdf520730d919222b384ddcdb8e2367fe28c3bce815d6625adc9368b030725f0fc42d889e6252eedf1e26e1c9b976296bd87d6a8065ffd07130193277a4af5ee6f7a4baf61531e5fb20ce6654175a83305a8eb4d8e07c76be5653da50e40f7f57cef16cb686a086443ba483c864e22a2c12ced4aad36a44324a4169b5330fbd354a4293cfd9f9697557f6ba8ba0342e8e7b3c3b7a3bff11ee141540af0de83bac42416b40560b6d6983a205f541f4c395ab373e9652f81d3892a15d6fd88062c5de4162baeac038b2e2cd087f2f90a1b9db3421921dd30f5942acfe75cc3b3d3f6da12e4d001a34ca62b2273793f0314abdf1955c6bbba4ec72c7147543b3522d27e51120b63fbbc686747042e0a6c38fccd02009e0692336ef5c83fd01f61d3a9f9e6d0fd23914639dce5bb17cca7f4d69ef14641af6742471c57946af0e8d5c1d5f24b7a7385ce706efa9ab04edbc43279548f8b54b9a6b427b5839bf1610835adaea352ac6401e10849cd75c58b0a776e3abf6f1d3ca3614c8c72f1b5bfe03973a9adbe9776256fce3fc2c7bf6ad1772ead237dfd6974c77af661e2a5f1216d4baf32785556314057", &(0x7f0000001040)="350698a362bfe1f1d8a8246af706979fb23a8309730f0f62aa5e0a086febdc5b2a0c5c2bed779c91e5882be982dc2ecab1bc75dc73f9ab4814953a963d6d3932fba8f76d4093f839b8ca46dc2abec119c0082b"}) waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000001500)={@_si_pad}, 0xde, &(0x7f0000001580)={{0xfff, 0x7fffffff}, {0xffffffff00000000, 0x4}, 0x7f, 0x3, 0xf85, 0x0, 0x1ab, 0x80000000000, 0x83f0, 0x5, 0xb949, 0x6, 0x833, 0xfffffffffffffff8, 0x8000000000000000, 0x2}) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x0) setsockopt$auto(0x4, 0x88, 0xb, &(0x7f0000000000)='!/*:(*\'\x00', 0xe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0x1, 0x1) ioperm$auto(0x2, 0x8000, 0x2b325536) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/nr_hugepages\x00', 0x68001, 0x0) acct$auto(&(0x7f0000000040)='./cgroup.cpu/hugetlb.1GB.rsvd.failcnt\x00') ioctl$auto_SNDCTL_DSP_RESET(0xffffffffffffffff, 0x5000, &(0x7f0000000000)="10b1ab0c01e2eab37703c87b05de28e861e2d04b4579a46225") r2 = socket(0x10, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r3, 0x0, 0x80) personality$auto(0x40004010410ffc) mmap$auto(0x0, 0x7, 0xffb, 0x8000000008011, 0x3, 0x8000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop6\x00', 0x480, 0x0) fdatasync$auto(r4) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x8841}, 0x40000) openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/cec/cec20/status\x00', 0x80440, 0x0) read$auto(r2, 0x0, 0x10001) socket(0x2, 0x1, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x20002, 0x0) ioctl$auto_KVM_GET_SUPPORTED_HV_CPUID(r5, 0xc008aec1, &(0x7f0000000100)={0x7, 0x0, [{0x1ff, 0x3, 0x7, 0x0, 0x81, 0x3a42, 0xe805}, {0x5, 0x4, 0x6, 0x80, 0x75d6afa1, 0x1000, 0x6}, {0xffff, 0xd8a6, 0x4, 0x5, 0x80, 0xe2, 0x1}]}) write$auto(0x3, 0x0, 0xfdef) clock_getres$auto(0x63, 0x0) 2.987464397s ago: executing program 1 (id=1483): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x6, 0x0) getsockopt$auto(r0, 0x10d, 0xc, 0x0, 0x0) 2.920682807s ago: executing program 2 (id=1484): r0 = fcntl$auto_F_DUPFD(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x200, 0xeb5, r0, 0x8000) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="120087"], 0x1ac}}, 0x810) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x800}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) r2 = socket(0x2, 0x6, 0x0) setsockopt$auto(r2, 0x10d, 0x10, 0x0, 0x17) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/net/mcfilter\x00', 0x40000, 0x0) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x410000, 0x0) read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r3, &(0x7f0000000380)=""/118, 0x76) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyy9\x00', 0x204040, 0x0) ioctl$auto_TCFLSH2(r4, 0x5420, 0x0) r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x10403, 0x0) r6 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r6, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x22281, 0x11) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f0000000180)=""/250, 0xfa) ioctl$auto_ECCGETLAYOUT(r5, 0x81484d11, &(0x7f0000000080)={0x4, [0x12, 0x81, 0x8, 0x3, 0x0, 0x9, 0x8000, 0x2, 0x9b, 0x6, 0x8, 0x1, 0x3a1, 0x3, 0xeb, 0x9, 0x4, 0x8, 0x40, 0x2, 0x5, 0x3, 0xce, 0x80000001, 0x9, 0x3, 0x10004, 0xffff, 0x8, 0x53d35200, 0x34, 0x9, 0x9, 0x3, 0x8, 0x1, 0x6, 0x1, 0x0, 0x80000000, 0x1, 0x3, 0x3f, 0x7, 0xa4c9, 0x10001, 0x0, 0x5, 0x8, 0x5, 0x9, 0x1, 0xd4, 0xc1, 0x6, 0x5, 0x6, 0x8, 0x7f, 0x9, 0x321, 0x8, 0xd86, 0x4], 0xc0, [{0x6ba137bd, 0xb380}, {0xfffffff7, 0x4}, {0x2, 0xfffffff9}, {0x7ff, 0x3}, {0x2, 0x3}, {0xfffffff8, 0x6ad}, {0x8, 0x9}, {0xbc1b}]}) 2.708557936s ago: executing program 0 (id=1485): r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\b\x00\x00', @ANYRES16=r1, @ANYBLOB="00012bbd7000fddbdf252800000005003e000800000031004801a289c1c1f3026f75a4d3a66a76f9f65578159c8a96f55e156e69b5114d651d9ec494a3d7791ee432bb9c"], 0x60}, 0x1, 0x0, 0x0, 0x54}, 0x1) r2 = socket(0xa, 0x801, 0x84) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r3, &(0x7f0000000480)="f21a9a3c5c2d006e163bb154d7886d87a5c2574c58e9867ecec3371cadbc48770dc8f745d1c76eed1672bb713aca465c9bbc23b50000000000000004c635fcd1410f37152ad1f7fa09270ce98f867fefbe147095e2928c0a5c7b6842c879c1d95cb259d6f9d41f61ca07abf17751e78a05499207ce95baa061f1a04b2347ce07de09000000000000006e6dfd937bec82c2de33188e7e0a", 0x97) getsockopt$auto(r2, 0x84, 0x24, 0x0, &(0x7f00000000c0)=0x3) socket(0xa, 0x1, 0x84) ioperm$auto(0xfffffffffffffff8, 0x1, 0x74eb4278) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r0, &(0x7f0000001400)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000013c0)={&(0x7f0000001100)={0x2a8, r1, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_FTM_RESPONDER={0xac, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_LCI={0xa1, 0x2, "1b77dd8d829e8c9233773e8328809b70565b0f9e51f3eb0b8904c1f53af30de2f7861fdeb553e76f265837d5f235541d6450549f5ddd9de4970be4ddf9ee3b26f34d915a42bd0cde90009501785b341031b66b68c49bef3db1f88313821e9a4e68b9748eae041f225ee46003505377d90cb88f0c5668703fdd4c3c9997febc7a8b8a19e6f0589cc0dfa818697374c050e0b51f6ee28c9b3d88cc0ac78c"}]}, @NL80211_ATTR_VHT_CAPABILITY={0xd1, 0x9d, "7cad4ada44e0b44253ae15cb4500fc79c252c37046984d229136a637719e371234c18212b1a8b46791f49557020a07a923ca1ee0b1d120a1b4d6fe398c23afb15e6967553924fd2526c5706907605a90c3b1f26e75ca0a24fcce61dd4d28d64f0558bdf8c85a15bb56a4e71c2b250e8ef72ccd3ffbc63c75afd949d12a715842fd5f95428baa4d107cfbbded1ab3608a7928d3c572f67e6af7c314e3f149af80e2f5fe3ea62abaed1e5e01f5cd817916692f81ca9e359ffe3e460ca8ab0a76a67c5cf62cdd984346341799df38"}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x200}, @NL80211_ATTR_FRAME={0xfb, 0x33, "07472eaabd79af880495dddc20a59bd4209970178559cc0587fc64df9c726e942037bb475d79d6e34d7ed01f4180ab3574fee017ccf47196dd3e4573a240e82aeea4e06792c7a976249d671b66964f1db312ca89a42d6ef5b6aa8bf9d7478cc4c60ec23a293c87f555046dde7a31c8a6356507a786e1911f67d639a1d93d4f1ccece0a083e380df47d5e86f9ecd29e69be7e078a0aef1847b1e54936dd462192fd6eb13a164118410d3716198ab2db678f289389b7efae1fe07067010b72b4e32d679657ef222ed57ffdf2f158da828b015dcc8a39d5de82502006a89da7c04dc6b63b6f94a11c47fdfe62b10561b821178b51292b9eb8"}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0xd}]}, 0x2a8}, 0x1, 0x0, 0x0, 0x4}, 0x20044084) ioctl$auto_RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000040)={0x9, 0x48, 0x5, 0x10001, 0x3, 0x80000000, 0x3, 0x81, 0x10001}) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) getsockopt$auto(r0, 0x6, 0xc4c, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/4096, 0x1000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) execve$auto(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)=&(0x7f0000000240)='I+\x00', &(0x7f0000000300)=&(0x7f00000002c0)='*@}:{-}-[\x00') write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000040)) 2.514819747s ago: executing program 0 (id=1486): r0 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x165080, 0x0) fallocate$auto(r0, 0xffff, 0xdd2, 0x53e) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = clone$auto(0x4, 0x80000001, 0x0, 0x0, 0xfff) move_pages$auto(r1, 0xd0, 0x0, 0x0, 0x0, 0x2) madvise$auto(0x0, 0x200007, 0x19) 2.326078933s ago: executing program 0 (id=1487): r0 = socket(0x1d, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) connect$auto(0xffffffffffffffff, 0x0, 0x1ee) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/writes_starved\x00', 0x400840, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0xffffffffffffffff, 0x0) delete_module$auto(0x0, 0x5) socket(0x1e, 0x4, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200156f4e8e76096cf375c45ca71cd7901b13f57a8532a6f1b882359dbe8a6dc625419c9fd4cb5c4103f81c61d688f8fd51f8502c497d3f6d379f70f5280f22c44aa8"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) r3 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) write$auto(r0, 0x0, 0x4) 2.195355636s ago: executing program 1 (id=1488): r0 = socket(0x1d, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) connect$auto(0xffffffffffffffff, 0x0, 0x1ee) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/writes_starved\x00', 0x400840, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0xffffffffffffffff, 0x0) delete_module$auto(0x0, 0x5) socket(0x1e, 0x4, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200156f4e8e76096cf375c45ca71cd7901b13f57a8532a6f1b882359dbe8a6dc625419c9fd4cb5c4103f81c61d688f8fd51f8502c497d3f6d379f70f5280f22c44aa8"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) r3 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) write$auto(r0, 0x0, 0x4) (fail_nth: 1) 2.024577504s ago: executing program 0 (id=1489): r0 = io_uring_setup$auto(0x85, 0x0) r1 = socket(0xa, 0x800, 0x84) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r2, 0x1, 0x70bd2f, 0x25dfdbfe}, 0x14}, 0x1, 0x68, 0x0, 0x4000841}, 0x4000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xfffffffffffffffd, 0x40000008000) r4 = socket(0xa, 0x801, 0x84) getsockopt$auto(r4, 0x84, 0x6d, 0x0, &(0x7f00000002c0)=0x5fffffff) r5 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_READ(r5, 0xc0085504, &(0x7f00000001c0)={0x9, 0x1, 0x6}) r6 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), r3) sendmsg$auto_GTP_CMD_GETPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, r6, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_O_TEI={0x8, 0x9, 0xfffffffe}, @GTPA_MS_ADDR6={0x14, 0xc, @local}, @GTPA_VERSION={0x8, 0x2, 0x200}, @GTPA_FAMILY={0x5, 0xd, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x68182, 0x0) mmap$auto(0x0, 0x8, 0x6, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r2, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x101}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x804) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x9, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x8998d5f, 0x100, 0x200083, 0x101, 0x6, 0xa6}, {0x100, 0x1, 0x52, 0x5, 0x7fff, 0x3d, 0x3, 0x8, 0x100000000}}) r7 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r7, 0x0, 0x59, 0x7) r8 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/dri/vkms/vkms_config\x00', 0x204240, 0x0) mq_notify$auto(r8, &(0x7f0000000300)={@sival_int=0x1eb, @raw=0x6, 0x8001}) 1.960511245s ago: executing program 2 (id=1490): r0 = socket(0x1d, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x10028000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/i8042/serio1/bind_mode\x00', 0x90002, 0x0) read$auto(r1, 0x0, 0x20) connect$auto(0xffffffffffffffff, 0x0, 0x1ee) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/writes_starved\x00', 0x400840, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0xffffffffffffffff, 0x0) delete_module$auto(0x0, 0x5) socket(0x1e, 0x4, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2) sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200156f4e8e76096cf375c45ca71cd7901b13f57a8532a6f1b882359dbe8a6dc625419c9fd4cb5c4103f81c61d688f8fd51f8502c497d3f6d379f70f5280f22c44aa8"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) r4 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14) write$auto(r0, 0x0, 0x4) 1.798730155s ago: executing program 2 (id=1491): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r1, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x3, 0x100) (async) r2 = socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="01000000", @ANYRESHEX=r2], 0x1ac}}, 0x4004) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim7/health/break_health\x00', 0x90002, 0x0) sendto$auto(r3, &(0x7f0000000300)="2f688c16b5de10d957a72de64e52dd86eb40f74ebaa30a76fd9268646ab23b980fa6e6c41a883c5032dc6e03d0bff863ea99b19c3a26a135038ffbcf56adabf3b7d9ad7c19499efadcd790efbdcdbaee786a0ecd5e836354070a38883ba67321843475ed8dc4af87937b07bdc0c2645500cf6eee5d6adda72b762b814962be5349ab711c483be8470f5307d24ecab53394db0b21577b2a355ec8de6a2bdbacb0135a3b6e2bd4c6402def51d820485525c8990356", 0xa0, 0x1, &(0x7f0000000280)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x6) (async) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) (async) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) fgetxattr$auto(0xffffffffffffffff, 0x0, 0x0, 0x6) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.508693532s ago: executing program 1 (id=1492): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffff70001, 0x1) write$auto(0x3, 0x0, 0x100082) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x40000, 0x0) r3 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x400000, 0x0) readv$auto(r3, 0x0, 0x4000000000000000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x220401, 0x0) ioctl$auto_FBIOBLANK(r4, 0x4611, &(0x7f0000000180)="b8ac104f526607645d2a50cc812838a91db5d85ffbd8dfd992008bbe3294a96445d0e8299e0316505b64686f9867264339e8be8bd0ace4feaca2497fcc6eb5c28c9f7c1e025e46d8401a747d5b9a8e07f7d81789be5194e8ad15ddf480654a3ec7978042735bd645e973dc3f05c4d0d1a51378aaeab95ea9996e18ad8f9b381ddc51a9de2421cab31c8bd9d7f4037f3bc2066e468abaae0e07cb7114203076faa2f08b1ad994f72df24664fc684c3ad647e530eeb727f91ade398f40ccddc9105165d3ea626de045536fdfa2bc64fca9af") mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$auto(r1, 0x301, r0) 852.478647ms ago: executing program 32 (id=1437): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x82003, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r0, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x8, 0x6, 0x62fc, 0x2, 0x8000) io_uring_setup$auto(0x1001, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r1 = socket(0x11, 0x80003, 0x40000300) r2 = openat$auto_bridges_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/encoder-0/bridges\x00', 0x8200, 0x0) read$auto_bridges_fops_(r2, &(0x7f0000000040)=""/5, 0x5) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x1, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rB\x1cJ\x99`:c\x14\xef=\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x280b, 0x40000000003) close_range$auto(0x2, 0xa, 0x0) 31.464542ms ago: executing program 0 (id=1494): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) fchownat$auto(0x2, 0x0, 0x4, 0x8001, 0x1000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) adjtimex$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r0 = socket(0x15, 0x5, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/platform/dummy_hcd.0/usb1/interface_authorized_default\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) write$auto(0x3, 0x0, 0x2) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044800}, 0x50) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x48041, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r3 = socket(0x10, 0x2, 0x0) setsockopt$auto(r3, 0x104000000000010e, 0x4, 0x0, 0x16) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), r0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r4, 0x922, 0x70bd26, 0x25dfdbfc, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000040) writev$auto(r2, &(0x7f0000000200)={0x0, 0x5}, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) (async) fchownat$auto(0x2, 0x0, 0x4, 0x8001, 0x1000) (async) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) adjtimex$auto(0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) socket(0x15, 0x5, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/platform/dummy_hcd.0/usb1/interface_authorized_default\x00', 0x0, 0x0) (async) read$auto(r1, 0x0, 0x20) (async) write$auto(0x3, 0x0, 0x2) (async) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044800}, 0x50) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x48041, 0x0) (async) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) (async) socket(0x10, 0x2, 0x0) (async) setsockopt$auto(r3, 0x104000000000010e, 0x4, 0x0, 0x16) (async) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), r0) (async) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r4, 0x922, 0x70bd26, 0x25dfdbfc, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000040) (async) writev$auto(r2, &(0x7f0000000200)={0x0, 0x5}, 0xa) (async) 0s ago: executing program 1 (id=1495): openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fanotify_init$auto(0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x5560eaaa, 0x6, 0x80000001, 0xffff, 0xffffffffffffffff, 0x4b) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0xc) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0x2, 0x3, 0x6) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}}, 0x4000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x3, 0x79, 0x0, 0x6) write$auto(0x3, 0x0, 0x19ffe) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): trace_lock_acquire+0x14e/0x1f0 [ 402.400284][T10388] ? __pfx__copy_from_iter+0x10/0x10 [ 402.400306][T10388] ? __virt_addr_valid+0x1a4/0x590 [ 402.400335][T10388] ? __virt_addr_valid+0x5e/0x590 [ 402.400359][T10388] ? __phys_addr_symbol+0x30/0x80 [ 402.400383][T10388] ? __check_object_size+0x488/0x710 [ 402.400411][T10388] file_tty_write.constprop.0+0x48d/0x9a0 [ 402.400452][T10388] redirected_tty_write+0xcc/0x140 [ 402.400481][T10388] vfs_write+0x5ae/0x1150 [ 402.400513][T10388] ? __pfx_redirected_tty_write+0x10/0x10 [ 402.400545][T10388] ? __pfx_vfs_write+0x10/0x10 [ 402.400579][T10388] ? __fget_files+0x40/0x3a0 [ 402.400628][T10388] ksys_write+0x12b/0x250 [ 402.400658][T10388] ? __pfx_ksys_write+0x10/0x10 [ 402.400698][T10388] do_syscall_64+0xcd/0x250 [ 402.400729][T10388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.400760][T10388] RIP: 0033:0x7f5c8638d169 [ 402.400779][T10388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.400819][T10388] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 402.400839][T10388] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 402.400859][T10388] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 402.400873][T10388] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 402.400887][T10388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 402.400901][T10388] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 402.400934][T10388] [ 406.677662][T10430] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1172'. [ 408.529086][T10443] zswap: compressor not available [ 408.916004][T10459] FAULT_INJECTION: forcing a failure. [ 408.916004][T10459] name failslab, interval 1, probability 0, space 0, times 0 [ 408.931764][T10459] CPU: 1 UID: 0 PID: 10459 Comm: syz.0.1180 Not tainted 6.14.0-rc4-syzkaller #0 [ 408.931795][T10459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 408.931809][T10459] Call Trace: [ 408.931817][T10459] [ 408.931827][T10459] dump_stack_lvl+0x16c/0x1f0 [ 408.931861][T10459] should_fail_ex+0x50a/0x650 [ 408.931894][T10459] ? fs_reclaim_acquire+0xae/0x150 [ 408.931927][T10459] should_failslab+0xc2/0x120 [ 408.931951][T10459] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 408.931986][T10459] ? __pmd_alloc+0xc3/0x870 [ 408.932021][T10459] __pmd_alloc+0xc3/0x870 [ 408.932054][T10459] __handle_mm_fault+0x9fb/0x2c60 [ 408.932094][T10459] ? __pfx___handle_mm_fault+0x10/0x10 [ 408.932123][T10459] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 408.932171][T10459] ? find_vma+0xc0/0x140 [ 408.932197][T10459] ? __pfx_find_vma+0x10/0x10 [ 408.932227][T10459] handle_mm_fault+0x3fa/0xaa0 [ 408.932263][T10459] do_user_addr_fault+0x7a3/0x13f0 [ 408.932302][T10459] exc_page_fault+0x5c/0xc0 [ 408.932330][T10459] asm_exc_page_fault+0x26/0x30 [ 408.932357][T10459] RIP: 0010:__put_user_8+0x11/0x20 [ 408.932384][T10459] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 [ 408.932407][T10459] RSP: 0018:ffffc90003c7fca8 EFLAGS: 00050246 [ 408.932427][T10459] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 408.932441][T10459] RDX: ffff88805eb93c00 RSI: ffffffff8258eee9 RDI: ffffffff8bd34600 [ 408.932455][T10459] RBP: 0000000001200000 R08: 0000000000000000 R09: fffffbfff20c4f02 [ 408.932468][T10459] R10: ffffffff90627817 R11: 0000000000000001 R12: 0000000000000000 [ 408.932482][T10459] R13: 0000000000000000 R14: ffffc90003c7feb0 R15: 0000000000000000 [ 408.932506][T10459] ? kpagecgroup_read+0x159/0x250 [ 408.932538][T10459] kpagecgroup_read+0x164/0x250 [ 408.932561][T10459] ? __pfx_kpagecgroup_read+0x10/0x10 [ 408.932589][T10459] proc_reg_read+0x11d/0x330 [ 408.932620][T10459] ? __pfx_proc_reg_read+0x10/0x10 [ 408.932651][T10459] vfs_read+0x1df/0xbf0 [ 408.932682][T10459] ? __fget_files+0x1fc/0x3a0 [ 408.932712][T10459] ? __pfx___mutex_lock+0x10/0x10 [ 408.932741][T10459] ? __pfx_vfs_read+0x10/0x10 [ 408.932781][T10459] ? __fget_files+0x206/0x3a0 [ 408.932821][T10459] ksys_read+0x12b/0x250 [ 408.932850][T10459] ? __pfx_ksys_read+0x10/0x10 [ 408.932890][T10459] do_syscall_64+0xcd/0x250 [ 408.932922][T10459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.932952][T10459] RIP: 0033:0x7ffbe058d169 [ 408.932971][T10459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.932992][T10459] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 408.933013][T10459] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 408.933029][T10459] RDX: 00007ffffffff000 RSI: 0000000000000000 RDI: 0000000000000003 [ 408.933044][T10459] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 408.933058][T10459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 408.933072][T10459] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 408.933105][T10459] [ 409.248767][ C1] vkms_vblank_simulate: vblank timer overrun [ 409.725077][T10472] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 409.753903][T10472] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 410.630056][T10478] ubi0: attaching mtd0 [ 410.683850][T10478] ubi0: scanning is finished [ 410.712154][T10478] ubi0: empty MTD device detected [ 410.714649][T10481] Invalid ELF header magic: != ELF [ 411.130695][T10478] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 411.790434][T10496] can: request_module (can-proto-0) failed. [ 412.536929][T10509] nvme_fabrics: missing parameter 'transport=%s' [ 412.545942][T10509] nvme_fabrics: missing parameter 'nqn=%s' [ 414.246836][T10525] netlink: 'syz.0.1192': attribute type 1 has an invalid length. [ 414.932334][T10541] FAULT_INJECTION: forcing a failure. [ 414.932334][T10541] name failslab, interval 1, probability 0, space 0, times 0 [ 414.982230][T10541] CPU: 0 UID: 0 PID: 10541 Comm: syz.2.1196 Not tainted 6.14.0-rc4-syzkaller #0 [ 414.982265][T10541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 414.982280][T10541] Call Trace: [ 414.982288][T10541] [ 414.982298][T10541] dump_stack_lvl+0x16c/0x1f0 [ 414.982332][T10541] should_fail_ex+0x50a/0x650 [ 414.982364][T10541] ? fs_reclaim_acquire+0xae/0x150 [ 414.982394][T10541] ? tomoyo_encode2+0x100/0x3e0 [ 414.982422][T10541] should_failslab+0xc2/0x120 [ 414.982447][T10541] __kmalloc_noprof+0xcb/0x510 [ 414.982479][T10541] ? d_absolute_path+0x137/0x1b0 [ 414.982504][T10541] ? rcu_is_watching+0x12/0xc0 [ 414.982534][T10541] tomoyo_encode2+0x100/0x3e0 [ 414.982569][T10541] tomoyo_encode+0x29/0x50 [ 414.982596][T10541] tomoyo_realpath_from_path+0x19d/0x720 [ 414.982637][T10541] tomoyo_path_number_perm+0x248/0x590 [ 414.982663][T10541] ? tomoyo_path_number_perm+0x235/0x590 [ 414.982694][T10541] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 414.982753][T10541] ? __pfx_lock_release+0x10/0x10 [ 414.982784][T10541] ? trace_lock_acquire+0x14e/0x1f0 [ 414.982814][T10541] ? lock_acquire+0x2f/0xb0 [ 414.982848][T10541] ? __fget_files+0x40/0x3a0 [ 414.982884][T10541] ? __fget_files+0x206/0x3a0 [ 414.982920][T10541] security_file_ioctl+0x9b/0x240 [ 414.982951][T10541] __x64_sys_ioctl+0xb7/0x200 [ 414.982981][T10541] do_syscall_64+0xcd/0x250 [ 414.983013][T10541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.983045][T10541] RIP: 0033:0x7f5c8638d169 [ 414.983064][T10541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.983087][T10541] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 414.983110][T10541] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 414.983127][T10541] RDX: 00004000000000c0 RSI: 0000000040247007 RDI: 0000000000000003 [ 414.983143][T10541] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 414.983158][T10541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 414.983172][T10541] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 414.983204][T10541] [ 414.983223][T10541] ERROR: Out of memory at tomoyo_realpath_from_path. [ 415.885306][T10565] RDS: rds_bind could not find a transport for ::ffff:100, load rds_tcp or rds_rdma? [ 416.115607][T10567] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [3]. [ 416.987809][T10575] nvme_fabrics: missing parameter 'transport=%s' [ 417.011052][T10575] nvme_fabrics: missing parameter 'nqn=%s' [ 417.804647][T10584] vivid-010: ================= START STATUS ================= [ 417.870720][T10584] vivid-010: Generate PTS: true [ 417.962265][T10584] vivid-010: Generate SCR: true [ 418.027553][T10584] tpg source WxH: 640x360 (Y'CbCr) [ 418.081262][T10584] tpg field: 1 [ 418.084792][T10584] tpg crop: 640x360@0x0 [ 418.088972][T10584] tpg compose: 640x360@0x0 [ 418.093586][T10584] tpg colorspace: 8 [ 418.097413][T10584] tpg transfer function: 0/0 [ 418.102674][T10584] tpg Y'CbCr encoding: 0/0 [ 418.107251][T10584] tpg quantization: 0/0 [ 418.113409][T10584] tpg RGB range: 0/2 [ 418.117338][T10584] vivid-010: ================== END STATUS ================== [ 419.358331][T10618] nvme_fabrics: missing parameter 'transport=%s' [ 419.370395][T10618] nvme_fabrics: missing parameter 'nqn=%s' [ 421.292471][T10648] block2mtd: error: cannot open device [ 421.546412][T10655] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 421.963814][T10671] FAULT_INJECTION: forcing a failure. [ 421.963814][T10671] name failslab, interval 1, probability 0, space 0, times 0 [ 422.026992][T10671] CPU: 1 UID: 0 PID: 10671 Comm: syz.1.1228 Not tainted 6.14.0-rc4-syzkaller #0 [ 422.027032][T10671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 422.027049][T10671] Call Trace: [ 422.027058][T10671] [ 422.027069][T10671] dump_stack_lvl+0x16c/0x1f0 [ 422.027108][T10671] should_fail_ex+0x50a/0x650 [ 422.027148][T10671] ? fs_reclaim_acquire+0xae/0x150 [ 422.027184][T10671] ? snd_hrtimer_open+0x43/0xf0 [ 422.027217][T10671] should_failslab+0xc2/0x120 [ 422.027242][T10671] __kmalloc_cache_noprof+0x68/0x410 [ 422.027284][T10671] ? __pfx_snd_hrtimer_open+0x10/0x10 [ 422.027317][T10671] snd_hrtimer_open+0x43/0xf0 [ 422.027349][T10671] snd_timer_open+0xb2c/0x1020 [ 422.027383][T10671] ? __pfx_snd_timer_open+0x10/0x10 [ 422.027416][T10671] ? kstrdup+0xb5/0x100 [ 422.027453][T10671] snd_seq_timer_open+0x281/0x5e0 [ 422.027492][T10671] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 422.027534][T10671] ? mark_held_locks+0x9f/0xe0 [ 422.027574][T10671] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 422.027604][T10671] ? lockdep_hardirqs_on+0x7c/0x110 [ 422.027636][T10671] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 422.027670][T10671] queue_use+0xe3/0x250 [ 422.027701][T10671] snd_seq_queue_alloc+0x2e5/0x550 [ 422.027739][T10671] snd_seq_ioctl_create_queue+0xa9/0x380 [ 422.027781][T10671] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 422.027826][T10671] alloc_seq_queue+0xda/0x180 [ 422.027864][T10671] ? __pfx_alloc_seq_queue+0x10/0x10 [ 422.027909][T10671] ? mark_held_locks+0x9f/0xe0 [ 422.027943][T10671] ? _raw_spin_unlock_irq+0x23/0x50 [ 422.027972][T10671] snd_seq_oss_open+0x38c/0xa20 [ 422.028003][T10671] odev_open+0x6f/0x90 [ 422.028021][T10671] ? __pfx_odev_open+0x10/0x10 [ 422.028042][T10671] soundcore_open+0x409/0x580 [ 422.028082][T10671] ? __pfx_soundcore_open+0x10/0x10 [ 422.028118][T10671] chrdev_open+0x237/0x6a0 [ 422.028154][T10671] ? __pfx_apparmor_file_open+0x10/0x10 [ 422.028188][T10671] ? __pfx_chrdev_open+0x10/0x10 [ 422.028229][T10671] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 422.028268][T10671] do_dentry_open+0x735/0x1c40 [ 422.028302][T10671] ? __pfx_chrdev_open+0x10/0x10 [ 422.028337][T10671] ? inode_permission+0xdd/0x5f0 [ 422.028366][T10671] vfs_open+0x82/0x3f0 [ 422.028389][T10671] ? may_open+0x1f2/0x400 [ 422.028422][T10671] path_openat+0x1e88/0x2d80 [ 422.028474][T10671] ? __pfx_path_openat+0x10/0x10 [ 422.028511][T10671] ? __pfx___lock_acquire+0x10/0x10 [ 422.028546][T10671] ? lock_acquire.part.0+0x11b/0x380 [ 422.028581][T10671] ? find_held_lock+0x2d/0x110 [ 422.028615][T10671] do_filp_open+0x20c/0x470 [ 422.028654][T10671] ? __pfx_do_filp_open+0x10/0x10 [ 422.028688][T10671] ? find_held_lock+0x2d/0x110 [ 422.028743][T10671] ? alloc_fd+0x41f/0x760 [ 422.028788][T10671] do_sys_openat2+0x17a/0x1e0 [ 422.028814][T10671] ? __pfx_do_sys_openat2+0x10/0x10 [ 422.028843][T10671] ? do_raw_spin_unlock+0x172/0x230 [ 422.028891][T10671] __x64_sys_openat+0x175/0x210 [ 422.028918][T10671] ? __pfx___x64_sys_openat+0x10/0x10 [ 422.028962][T10671] do_syscall_64+0xcd/0x250 [ 422.028997][T10671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.029032][T10671] RIP: 0033:0x7f7af6b8d169 [ 422.029055][T10671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.029079][T10671] RSP: 002b:00007f7af79f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 422.029101][T10671] RAX: ffffffffffffffda RBX: 00007f7af6da5fa0 RCX: 00007f7af6b8d169 [ 422.029117][T10671] RDX: 0000000000000080 RSI: 0000400000000500 RDI: ffffffffffffff9c [ 422.029130][T10671] RBP: 00007f7af6c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 422.029142][T10671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.029156][T10671] R13: 0000000000000000 R14: 00007f7af6da5fa0 R15: 00007ffec564e498 [ 422.029191][T10671] [ 422.039501][T10675] FAULT_INJECTION: forcing a failure. [ 422.039501][T10675] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 422.500355][T10675] CPU: 1 UID: 0 PID: 10675 Comm: syz.0.1230 Not tainted 6.14.0-rc4-syzkaller #0 [ 422.500389][T10675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 422.500404][T10675] Call Trace: [ 422.500411][T10675] [ 422.500421][T10675] dump_stack_lvl+0x16c/0x1f0 [ 422.500455][T10675] should_fail_ex+0x50a/0x650 [ 422.500495][T10675] strncpy_from_user+0x3b/0x2d0 [ 422.500531][T10675] getname_flags.part.0+0x8f/0x550 [ 422.500562][T10675] getname+0x8d/0xe0 [ 422.500590][T10675] do_sys_openat2+0x104/0x1e0 [ 422.500616][T10675] ? __pfx_do_sys_openat2+0x10/0x10 [ 422.500644][T10675] ? __fget_files+0x206/0x3a0 [ 422.500682][T10675] __x64_sys_openat+0x175/0x210 [ 422.500708][T10675] ? __pfx___x64_sys_openat+0x10/0x10 [ 422.500732][T10675] ? ksys_write+0x1ba/0x250 [ 422.500779][T10675] do_syscall_64+0xcd/0x250 [ 422.500811][T10675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.500842][T10675] RIP: 0033:0x7ffbe058d169 [ 422.500862][T10675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.500884][T10675] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 422.500907][T10675] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 422.500924][T10675] RDX: 0000000000000080 RSI: 0000400000000500 RDI: ffffffffffffff9c [ 422.500940][T10675] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 422.500955][T10675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 422.500969][T10675] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 422.500999][T10675] [ 422.833093][T10691] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 422.857588][T10691] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 423.433220][T10715] FAULT_INJECTION: forcing a failure. [ 423.433220][T10715] name failslab, interval 1, probability 0, space 0, times 0 [ 423.500387][T10715] CPU: 1 UID: 0 PID: 10715 Comm: syz.2.1236 Not tainted 6.14.0-rc4-syzkaller #0 [ 423.500420][T10715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 423.500434][T10715] Call Trace: [ 423.500442][T10715] [ 423.500451][T10715] dump_stack_lvl+0x16c/0x1f0 [ 423.500486][T10715] should_fail_ex+0x50a/0x650 [ 423.500519][T10715] ? fs_reclaim_acquire+0xae/0x150 [ 423.500551][T10715] ? tomoyo_encode2+0x100/0x3e0 [ 423.500579][T10715] should_failslab+0xc2/0x120 [ 423.500602][T10715] __kmalloc_noprof+0xcb/0x510 [ 423.500635][T10715] ? d_absolute_path+0x137/0x1b0 [ 423.500660][T10715] ? rcu_is_watching+0x12/0xc0 [ 423.500689][T10715] tomoyo_encode2+0x100/0x3e0 [ 423.500730][T10715] tomoyo_encode+0x29/0x50 [ 423.500757][T10715] tomoyo_realpath_from_path+0x19d/0x720 [ 423.500798][T10715] tomoyo_path_number_perm+0x248/0x590 [ 423.500823][T10715] ? tomoyo_path_number_perm+0x235/0x590 [ 423.500854][T10715] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 423.500913][T10715] ? __pfx_lock_release+0x10/0x10 [ 423.500943][T10715] ? trace_lock_acquire+0x14e/0x1f0 [ 423.500973][T10715] ? lock_acquire+0x2f/0xb0 [ 423.501001][T10715] ? __fget_files+0x40/0x3a0 [ 423.501037][T10715] ? __fget_files+0x206/0x3a0 [ 423.501072][T10715] security_file_ioctl+0x9b/0x240 [ 423.501102][T10715] __x64_sys_ioctl+0xb7/0x200 [ 423.501133][T10715] do_syscall_64+0xcd/0x250 [ 423.501165][T10715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.501196][T10715] RIP: 0033:0x7f5c8638d169 [ 423.501215][T10715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.501237][T10715] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 423.501259][T10715] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 423.501274][T10715] RDX: 0000400000000180 RSI: 0000000090009427 RDI: 0000000000000003 [ 423.501288][T10715] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 423.501302][T10715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 423.501315][T10715] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 423.501345][T10715] [ 423.501362][T10715] ERROR: Out of memory at tomoyo_realpath_from_path. [ 424.040533][T10732] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1239'. [ 424.179870][T10732] hsr_slave_1 (unregistering): left promiscuous mode [ 424.398886][T10740] FAULT_INJECTION: forcing a failure. [ 424.398886][T10740] name failslab, interval 1, probability 0, space 0, times 0 [ 424.490381][T10740] CPU: 1 UID: 0 PID: 10740 Comm: syz.0.1238 Not tainted 6.14.0-rc4-syzkaller #0 [ 424.490413][T10740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 424.490427][T10740] Call Trace: [ 424.490434][T10740] [ 424.490444][T10740] dump_stack_lvl+0x16c/0x1f0 [ 424.490479][T10740] should_fail_ex+0x50a/0x650 [ 424.490513][T10740] ? fs_reclaim_acquire+0xae/0x150 [ 424.490545][T10740] should_failslab+0xc2/0x120 [ 424.490568][T10740] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 424.490610][T10740] ? vma_merge_new_range+0x40a/0xbb0 [ 424.490641][T10740] ? vm_area_alloc+0x1f/0x230 [ 424.490679][T10740] vm_area_alloc+0x1f/0x230 [ 424.490709][T10740] __mmap_region+0x108d/0x2760 [ 424.490735][T10740] ? __pfx___mmap_region+0x10/0x10 [ 424.490782][T10740] ? __pfx_mark_lock+0x10/0x10 [ 424.490852][T10740] ? cap_capable+0xb3/0x250 [ 424.490883][T10740] mmap_region+0x1ab/0x3f0 [ 424.490911][T10740] do_mmap+0xd8d/0x11b0 [ 424.490945][T10740] ? __pfx_do_mmap+0x10/0x10 [ 424.490975][T10740] ? __pfx_down_write_killable+0x10/0x10 [ 424.491017][T10740] vm_mmap_pgoff+0x203/0x3a0 [ 424.491053][T10740] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 424.491083][T10740] ? __fget_files+0x206/0x3a0 [ 424.491123][T10740] ksys_mmap_pgoff+0x7d/0x5c0 [ 424.491151][T10740] ? __pfx_ksys_write+0x10/0x10 [ 424.491184][T10740] __x64_sys_mmap+0x125/0x190 [ 424.491219][T10740] do_syscall_64+0xcd/0x250 [ 424.491247][T10740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.491276][T10740] RIP: 0033:0x7ffbe058d169 [ 424.491295][T10740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 424.491316][T10740] RSP: 002b:00007ffbe1321038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 424.491339][T10740] RAX: ffffffffffffffda RBX: 00007ffbe07a6240 RCX: 00007ffbe058d169 [ 424.491354][T10740] RDX: 00000000000000e2 RSI: 0000000000020009 RDI: 0000000000000000 [ 424.491369][T10740] RBP: 00007ffbe1321090 R08: 0000000000000405 R09: 0000000000008000 [ 424.491384][T10740] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001 [ 424.491398][T10740] R13: 0000000000000001 R14: 00007ffbe07a6240 R15: 00007ffd1c6e7768 [ 424.491431][T10740] [ 425.458655][T10768] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 425.492773][T10768] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 427.391182][T10800] ======================================================= [ 427.391182][T10800] WARNING: The mand mount option has been deprecated and [ 427.391182][T10800] and is ignored by this kernel. Remove the mand [ 427.391182][T10800] option from the mount to silence this warning. [ 427.391182][T10800] ======================================================= [ 427.426128][ C0] vkms_vblank_simulate: vblank timer overrun [ 427.467076][T10800] nfsd: Unknown parameter 'DJ' [ 427.793079][T10808] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 428.560763][T10819] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 428.592659][T10819] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 429.519899][T10838] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1261'. [ 429.535943][T10837] FAULT_INJECTION: forcing a failure. [ 429.535943][T10837] name failslab, interval 1, probability 0, space 0, times 0 [ 429.540548][T10838] FAULT_INJECTION: forcing a failure. [ 429.540548][T10838] name failslab, interval 1, probability 0, space 0, times 0 [ 429.552246][T10837] CPU: 0 UID: 0 PID: 10837 Comm: syz.2.1262 Not tainted 6.14.0-rc4-syzkaller #0 [ 429.552278][T10837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 429.552291][T10837] Call Trace: [ 429.552298][T10837] [ 429.552308][T10837] dump_stack_lvl+0x16c/0x1f0 [ 429.552342][T10837] should_fail_ex+0x50a/0x650 [ 429.552375][T10837] ? fs_reclaim_acquire+0xae/0x150 [ 429.552406][T10837] should_failslab+0xc2/0x120 [ 429.552429][T10837] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 429.552462][T10837] ? __alloc_skb+0x2b1/0x380 [ 429.552495][T10837] __alloc_skb+0x2b1/0x380 [ 429.552523][T10837] ? __pfx___alloc_skb+0x10/0x10 [ 429.552554][T10837] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 429.552588][T10837] netlink_alloc_large_skb+0x69/0x130 [ 429.552618][T10837] netlink_sendmsg+0x689/0xd70 [ 429.552652][T10837] ? __pfx_netlink_sendmsg+0x10/0x10 [ 429.552691][T10837] ____sys_sendmsg+0xaaf/0xc90 [ 429.552715][T10837] ? copy_msghdr_from_user+0x10b/0x160 [ 429.552745][T10837] ? __pfx_____sys_sendmsg+0x10/0x10 [ 429.552783][T10837] ___sys_sendmsg+0x135/0x1e0 [ 429.552814][T10837] ? __pfx____sys_sendmsg+0x10/0x10 [ 429.552856][T10837] ? __pfx_lock_release+0x10/0x10 [ 429.552885][T10837] ? trace_lock_acquire+0x14e/0x1f0 [ 429.552920][T10837] ? __fget_files+0x206/0x3a0 [ 429.552955][T10837] __sys_sendmsg+0x16e/0x220 [ 429.552986][T10837] ? __pfx___sys_sendmsg+0x10/0x10 [ 429.553035][T10837] do_syscall_64+0xcd/0x250 [ 429.553064][T10837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.553099][T10837] RIP: 0033:0x7f5c8638d169 [ 429.553118][T10837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 429.553140][T10837] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 429.553162][T10837] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 429.553178][T10837] RDX: 0000000000040000 RSI: 0000400000000240 RDI: 0000000000000007 [ 429.553192][T10837] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 429.553205][T10837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 429.553218][T10837] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 429.553247][T10837] [ 429.836814][T10838] CPU: 1 UID: 0 PID: 10838 Comm: syz.3.1261 Not tainted 6.14.0-rc4-syzkaller #0 [ 429.836848][T10838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 429.836864][T10838] Call Trace: [ 429.836872][T10838] [ 429.836882][T10838] dump_stack_lvl+0x16c/0x1f0 [ 429.836921][T10838] should_fail_ex+0x50a/0x650 [ 429.836957][T10838] ? fs_reclaim_acquire+0xae/0x150 [ 429.837001][T10838] should_failslab+0xc2/0x120 [ 429.837028][T10838] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 429.837062][T10838] ? __memcg_slab_post_alloc_hook+0x4fc/0x9b0 [ 429.837102][T10838] ? fib_insert_alias+0x43c/0xe30 [ 429.837135][T10838] fib_insert_alias+0x43c/0xe30 [ 429.837162][T10838] ? lockdep_rtnl_is_held+0x26/0x40 [ 429.837190][T10838] ? fib_find_node+0x22b/0x2b0 [ 429.837233][T10838] fib_trie_unmerge+0x2e5/0xc30 [ 429.837269][T10838] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 429.837311][T10838] fib_unmerge+0xf8/0x520 [ 429.837342][T10838] ? __pfx_fib_nl2rule.constprop.0.isra.0+0x10/0x10 [ 429.837379][T10838] fib4_rule_configure+0x253/0xe00 [ 429.837423][T10838] fib_nl_newrule+0x34e/0x1bd0 [ 429.837467][T10838] ? __pfx_fib_nl_newrule+0x10/0x10 [ 429.837500][T10838] ? rcu_watching_snap_stopped_since+0xc0/0x110 [ 429.837532][T10838] ? trace_contention_end+0xee/0x140 [ 429.837589][T10838] ? trace_lock_acquire+0x14e/0x1f0 [ 429.837627][T10838] ? __pfx_fib_nl_newrule+0x10/0x10 [ 429.837661][T10838] rtnetlink_rcv_msg+0x3c7/0xea0 [ 429.837699][T10838] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 429.837751][T10838] netlink_rcv_skb+0x16b/0x440 [ 429.837786][T10838] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 429.837824][T10838] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 429.837872][T10838] ? netlink_deliver_tap+0x1ae/0xd30 [ 429.837911][T10838] netlink_unicast+0x53c/0x7f0 [ 429.837949][T10838] ? __pfx_netlink_unicast+0x10/0x10 [ 429.838009][T10838] ? __phys_addr_symbol+0x30/0x80 [ 429.838037][T10838] ? __check_object_size+0x488/0x710 [ 429.838067][T10838] netlink_sendmsg+0x8b8/0xd70 [ 429.838106][T10838] ? __pfx_netlink_sendmsg+0x10/0x10 [ 429.838152][T10838] ____sys_sendmsg+0xaaf/0xc90 [ 429.838181][T10838] ? copy_msghdr_from_user+0x10b/0x160 [ 429.838217][T10838] ? __pfx_____sys_sendmsg+0x10/0x10 [ 429.838261][T10838] ___sys_sendmsg+0x135/0x1e0 [ 429.838298][T10838] ? __pfx____sys_sendmsg+0x10/0x10 [ 429.838348][T10838] ? __pfx_lock_release+0x10/0x10 [ 429.838383][T10838] ? trace_lock_acquire+0x14e/0x1f0 [ 429.838425][T10838] ? __fget_files+0x206/0x3a0 [ 429.838469][T10838] __sys_sendmsg+0x16e/0x220 [ 429.838506][T10838] ? __pfx___sys_sendmsg+0x10/0x10 [ 429.838542][T10838] ? __x64_sys_futex+0x1e1/0x4c0 [ 429.838591][T10838] do_syscall_64+0xcd/0x250 [ 429.838627][T10838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.838662][T10838] RIP: 0033:0x7f4b5eb8d169 [ 429.838685][T10838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 429.838710][T10838] RSP: 002b:00007f4b5f962038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 429.838735][T10838] RAX: ffffffffffffffda RBX: 00007f4b5eda5fa0 RCX: 00007f4b5eb8d169 [ 429.838754][T10838] RDX: 0000000000040000 RSI: 0000400000000240 RDI: 0000000000000007 [ 429.838772][T10838] RBP: 00007f4b5ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 429.838788][T10838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 429.838804][T10838] R13: 0000000000000000 R14: 00007f4b5eda5fa0 R15: 00007ffc29668f88 [ 429.838839][T10838] [ 430.347943][ T29] audit: type=1800 audit(4295026764.843:3): pid=10843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1264" name="dummy_udc" dev="gadgetfs" ino=6988 res=0 errno=0 [ 430.921338][T10855] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 431.036846][T10858] FAULT_INJECTION: forcing a failure. [ 431.036846][T10858] name failslab, interval 1, probability 0, space 0, times 0 [ 431.059989][T10858] CPU: 1 UID: 0 PID: 10858 Comm: syz.2.1270 Not tainted 6.14.0-rc4-syzkaller #0 [ 431.060029][T10858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 431.060046][T10858] Call Trace: [ 431.060055][T10858] [ 431.060066][T10858] dump_stack_lvl+0x16c/0x1f0 [ 431.060105][T10858] should_fail_ex+0x50a/0x650 [ 431.060149][T10858] ? fs_reclaim_acquire+0xae/0x150 [ 431.060186][T10858] should_failslab+0xc2/0x120 [ 431.060215][T10858] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 431.060256][T10858] ? __kernfs_new_node+0xd3/0x890 [ 431.060296][T10858] __kernfs_new_node+0xd3/0x890 [ 431.060336][T10858] ? __pfx___kernfs_new_node+0x10/0x10 [ 431.060371][T10858] ? __pfx_lock_release+0x10/0x10 [ 431.060407][T10858] ? kernfs_add_one+0x39d/0x520 [ 431.060458][T10858] ? up_write+0x1b2/0x520 [ 431.060503][T10858] kernfs_new_node+0x186/0x240 [ 431.060549][T10858] __kernfs_create_file+0x53/0x350 [ 431.060583][T10858] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 431.060626][T10858] internal_create_group+0x56c/0xf10 [ 431.060672][T10858] ? __pfx_internal_create_group+0x10/0x10 [ 431.060715][T10858] ? kernfs_create_link+0x1bd/0x240 [ 431.060751][T10858] internal_create_groups+0x9d/0x150 [ 431.060790][T10858] device_add+0xf33/0x1a70 [ 431.060831][T10858] ? __pfx_device_add+0x10/0x10 [ 431.060883][T10858] ? __init_waitqueue_head+0xca/0x150 [ 431.060925][T10858] netdev_register_kobject+0x183/0x3a0 [ 431.060969][T10858] register_netdevice+0x147b/0x1eb0 [ 431.061023][T10858] ? __pfx_register_netdevice+0x10/0x10 [ 431.061066][T10858] ? mark_held_locks+0x9f/0xe0 [ 431.061108][T10858] register_netdev+0x34/0x50 [ 431.061146][T10858] sixpack_open+0x6e5/0xa40 [ 431.061183][T10858] ? __pfx_sixpack_open+0x10/0x10 [ 431.061218][T10858] ? down_write+0x14e/0x200 [ 431.061254][T10858] ? __pfx_sixpack_open+0x10/0x10 [ 431.061291][T10858] tty_ldisc_open+0x9c/0x120 [ 431.061321][T10858] tty_set_ldisc+0x318/0x720 [ 431.061357][T10858] tty_ioctl+0xbd0/0x15d0 [ 431.061391][T10858] ? __pfx_tty_ioctl+0x10/0x10 [ 431.061436][T10858] ? do_raw_spin_unlock+0x172/0x230 [ 431.061475][T10858] ? xfd_validate_state+0x5d/0x180 [ 431.061516][T10858] ? __pfx_tty_ioctl+0x10/0x10 [ 431.061550][T10858] __x64_sys_ioctl+0x190/0x200 [ 431.061586][T10858] do_syscall_64+0xcd/0x250 [ 431.061623][T10858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.061660][T10858] RIP: 0033:0x7f5c8638d169 [ 431.061684][T10858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.061710][T10858] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 431.061737][T10858] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 431.061758][T10858] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000007 [ 431.061775][T10858] RBP: 00007f5c8640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 431.061791][T10858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.061807][T10858] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 431.061843][T10858] [ 432.793479][T10883] FAULT_INJECTION: forcing a failure. [ 432.793479][T10883] name failslab, interval 1, probability 0, space 0, times 0 [ 432.842168][T10883] CPU: 0 UID: 0 PID: 10883 Comm: syz.1.1275 Not tainted 6.14.0-rc4-syzkaller #0 [ 432.842201][T10883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 432.842215][T10883] Call Trace: [ 432.842221][T10883] [ 432.842232][T10883] dump_stack_lvl+0x16c/0x1f0 [ 432.842269][T10883] should_fail_ex+0x50a/0x650 [ 432.842306][T10883] ? fs_reclaim_acquire+0xae/0x150 [ 432.842334][T10883] should_failslab+0xc2/0x120 [ 432.842353][T10883] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 432.842383][T10883] ? arch_stack_walk+0xa7/0x100 [ 432.842402][T10883] ? getname_kernel+0x52/0x370 [ 432.842426][T10883] getname_kernel+0x52/0x370 [ 432.842447][T10883] do_file_open_root+0x19e/0x610 [ 432.842472][T10883] ? __lock_acquire+0x15a9/0x3c40 [ 432.842500][T10883] ? __pfx_do_file_open_root+0x10/0x10 [ 432.842526][T10883] ? __lock_acquire+0x15a9/0x3c40 [ 432.842571][T10883] ? lock_acquire.part.0+0x11b/0x380 [ 432.842597][T10883] ? find_held_lock+0x2d/0x110 [ 432.842617][T10883] ? find_held_lock+0x2d/0x110 [ 432.842640][T10883] file_open_root+0x2a8/0x450 [ 432.842668][T10883] ? __pfx_file_open_root+0x10/0x10 [ 432.842692][T10883] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 432.842711][T10883] ? lockref_get+0x15/0x50 [ 432.842745][T10883] kernel_read_file_from_path_initns+0x18a/0x260 [ 432.842774][T10883] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 432.842800][T10883] ? _request_firmware+0x500/0x1470 [ 432.842833][T10883] _request_firmware+0x746/0x1470 [ 432.842871][T10883] ? __pfx__request_firmware+0x10/0x10 [ 432.842900][T10883] ? __pfx___mutex_lock+0x10/0x10 [ 432.842933][T10883] request_firmware+0x35/0x50 [ 432.842962][T10883] reg_reload_regdb+0x8a/0x460 [ 432.842991][T10883] ? __pfx_reg_reload_regdb+0x10/0x10 [ 432.843019][T10883] ? nl80211_pre_doit+0x1b0/0xb10 [ 432.843044][T10883] genl_family_rcv_msg_doit+0x202/0x2f0 [ 432.843074][T10883] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 432.843102][T10883] ? trace_cap_capable+0x1a2/0x210 [ 432.843129][T10883] ? bpf_lsm_capable+0x9/0x10 [ 432.843148][T10883] ? security_capable+0x7e/0x260 [ 432.843182][T10883] genl_rcv_msg+0x565/0x800 [ 432.843212][T10883] ? __pfx_genl_rcv_msg+0x10/0x10 [ 432.843239][T10883] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 432.843259][T10883] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 432.843284][T10883] ? __pfx_nl80211_post_doit+0x10/0x10 [ 432.843319][T10883] netlink_rcv_skb+0x16b/0x440 [ 432.843343][T10883] ? __pfx_genl_rcv_msg+0x10/0x10 [ 432.843372][T10883] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 432.843407][T10883] ? down_read+0xc9/0x330 [ 432.843430][T10883] ? __pfx_down_read+0x10/0x10 [ 432.843456][T10883] ? netlink_deliver_tap+0x1ae/0xd30 [ 432.843483][T10883] genl_rcv+0x28/0x40 [ 432.843507][T10883] netlink_unicast+0x53c/0x7f0 [ 432.843535][T10883] ? __pfx_netlink_unicast+0x10/0x10 [ 432.843560][T10883] ? __phys_addr_symbol+0x30/0x80 [ 432.843581][T10883] ? __check_object_size+0x488/0x710 [ 432.843604][T10883] netlink_sendmsg+0x8b8/0xd70 [ 432.843633][T10883] ? __pfx_netlink_sendmsg+0x10/0x10 [ 432.843666][T10883] ____sys_sendmsg+0xaaf/0xc90 [ 432.843688][T10883] ? copy_msghdr_from_user+0x10b/0x160 [ 432.843713][T10883] ? __pfx_____sys_sendmsg+0x10/0x10 [ 432.843755][T10883] ___sys_sendmsg+0x135/0x1e0 [ 432.843785][T10883] ? __pfx____sys_sendmsg+0x10/0x10 [ 432.843825][T10883] ? __pfx_lock_release+0x10/0x10 [ 432.843851][T10883] ? trace_lock_acquire+0x14e/0x1f0 [ 432.843882][T10883] ? __fget_files+0x206/0x3a0 [ 432.843914][T10883] __sys_sendmsg+0x16e/0x220 [ 432.843941][T10883] ? __pfx___sys_sendmsg+0x10/0x10 [ 432.843967][T10883] ? __x64_sys_futex+0x1e1/0x4c0 [ 432.844006][T10883] do_syscall_64+0xcd/0x250 [ 432.844032][T10883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.844057][T10883] RIP: 0033:0x7f7af6b8d169 [ 432.844073][T10883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.844092][T10883] RSP: 002b:00007f7af79f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 432.844110][T10883] RAX: ffffffffffffffda RBX: 00007f7af6da5fa0 RCX: 00007f7af6b8d169 [ 432.844125][T10883] RDX: 0000000000000000 RSI: 0000400000000580 RDI: 0000000000000009 [ 432.844138][T10883] RBP: 00007f7af6c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 432.844152][T10883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.844165][T10883] R13: 0000000000000000 R14: 00007f7af6da5fa0 R15: 00007ffec564e498 [ 432.844190][T10883] [ 432.844216][T10883] platform regulatory.0: loading /lib/firmware/updates/6.14.0-rc4-syzkaller/regulatory.db failed with error -12 [ 433.004164][T10889] FAULT_INJECTION: forcing a failure. [ 433.004164][T10889] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 433.051757][T10883] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 433.376735][T10889] CPU: 0 UID: 0 PID: 10889 Comm: syz.3.1276 Not tainted 6.14.0-rc4-syzkaller #0 [ 433.376770][T10889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 433.376784][T10889] Call Trace: [ 433.376791][T10889] [ 433.376801][T10889] dump_stack_lvl+0x16c/0x1f0 [ 433.376835][T10889] should_fail_ex+0x50a/0x650 [ 433.376873][T10889] _copy_from_user+0x2e/0xd0 [ 433.376899][T10889] copy_msghdr_from_user+0x99/0x160 [ 433.376930][T10889] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 433.376969][T10889] ? __pfx___lock_acquire+0x10/0x10 [ 433.377005][T10889] ___sys_recvmsg+0xdc/0x1a0 [ 433.377036][T10889] ? __pfx____sys_recvmsg+0x10/0x10 [ 433.377066][T10889] ? find_held_lock+0x2d/0x110 [ 433.377107][T10889] ? __pfx___might_resched+0x10/0x10 [ 433.377140][T10889] ? __might_fault+0xe3/0x190 [ 433.377169][T10889] do_recvmmsg+0x2f8/0x740 [ 433.377205][T10889] ? __pfx_do_recvmmsg+0x10/0x10 [ 433.377234][T10889] ? vfs_write+0x306/0x1150 [ 433.377267][T10889] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 433.377301][T10889] ? __fget_files+0x206/0x3a0 [ 433.377335][T10889] __x64_sys_recvmmsg+0x239/0x290 [ 433.377364][T10889] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 433.377399][T10889] do_syscall_64+0xcd/0x250 [ 433.377425][T10889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.377451][T10889] RIP: 0033:0x7f4b5eb8d169 [ 433.377467][T10889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.377484][T10889] RSP: 002b:00007f4b5f962038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 433.377503][T10889] RAX: ffffffffffffffda RBX: 00007f4b5eda5fa0 RCX: 00007f4b5eb8d169 [ 433.377515][T10889] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 433.377526][T10889] RBP: 00007f4b5f962090 R08: 0000000000000000 R09: 0000000000000000 [ 433.377537][T10889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 433.377547][T10889] R13: 0000000000000000 R14: 00007f4b5eda5fa0 R15: 00007ffc29668f88 [ 433.377568][T10889] [ 433.583497][T10883] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 435.434288][T10941] FAULT_INJECTION: forcing a failure. [ 435.434288][T10941] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 435.533184][T10941] CPU: 0 UID: 0 PID: 10941 Comm: syz.0.1291 Not tainted 6.14.0-rc4-syzkaller #0 [ 435.533219][T10941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 435.533233][T10941] Call Trace: [ 435.533241][T10941] [ 435.533251][T10941] dump_stack_lvl+0x16c/0x1f0 [ 435.533285][T10941] should_fail_ex+0x50a/0x650 [ 435.533324][T10941] _copy_to_user+0x32/0xd0 [ 435.533352][T10941] simple_read_from_buffer+0xd0/0x160 [ 435.533385][T10941] proc_fail_nth_read+0x198/0x270 [ 435.533414][T10941] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 435.533444][T10941] ? rw_verify_area+0xcf/0x680 [ 435.533473][T10941] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 435.533501][T10941] vfs_read+0x1df/0xbf0 [ 435.533532][T10941] ? __fget_files+0x1fc/0x3a0 [ 435.533563][T10941] ? __pfx___mutex_lock+0x10/0x10 [ 435.533592][T10941] ? __pfx_vfs_read+0x10/0x10 [ 435.533631][T10941] ? __fget_files+0x206/0x3a0 [ 435.533677][T10941] ksys_read+0x12b/0x250 [ 435.533707][T10941] ? __pfx_ksys_read+0x10/0x10 [ 435.533746][T10941] do_syscall_64+0xcd/0x250 [ 435.533778][T10941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.533810][T10941] RIP: 0033:0x7ffbe058bb7c [ 435.533830][T10941] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 435.533852][T10941] RSP: 002b:00007ffbe1384030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 435.533875][T10941] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058bb7c [ 435.533892][T10941] RDX: 000000000000000f RSI: 00007ffbe13840a0 RDI: 0000000000000004 [ 435.533907][T10941] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 435.533922][T10941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 435.533936][T10941] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 435.533968][T10941] [ 436.371709][T10953] FAULT_INJECTION: forcing a failure. [ 436.371709][T10953] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 436.431530][T10953] CPU: 0 UID: 0 PID: 10953 Comm: syz.0.1295 Not tainted 6.14.0-rc4-syzkaller #0 [ 436.431562][T10953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 436.431576][T10953] Call Trace: [ 436.431583][T10953] [ 436.431599][T10953] dump_stack_lvl+0x16c/0x1f0 [ 436.431634][T10953] should_fail_ex+0x50a/0x650 [ 436.431666][T10953] ? __pfx___might_resched+0x10/0x10 [ 436.431702][T10953] should_fail_alloc_page+0xe7/0x130 [ 436.431726][T10953] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 436.431758][T10953] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 436.431802][T10953] ? kasan_save_track+0x14/0x30 [ 436.431832][T10953] ? __kmalloc_noprof+0x21c/0x510 [ 436.431864][T10953] ? __pfx___lock_acquire+0x10/0x10 [ 436.431895][T10953] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 436.431928][T10953] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.431973][T10953] ? aa_file_perm+0x4c6/0xfe0 [ 436.432003][T10953] ? __pfx_lock_release+0x10/0x10 [ 436.432032][T10953] ? trace_lock_acquire+0x14e/0x1f0 [ 436.432067][T10953] ? qrtr_tun_write_iter+0xbf/0x1a0 [ 436.432097][T10953] __alloc_pages_noprof+0xb/0x1b0 [ 436.432139][T10953] ___kmalloc_large_node+0x84/0x1b0 [ 436.432170][T10953] __kmalloc_large_node_noprof+0x1c/0x70 [ 436.432200][T10953] __kmalloc_noprof.cold+0xc/0x61 [ 436.432222][T10953] ? __pfx_aa_file_perm+0x10/0x10 [ 436.432249][T10953] ? trace_kmalloc+0x2d/0xd0 [ 436.432273][T10953] ? __kmalloc_noprof+0x23b/0x510 [ 436.432308][T10953] qrtr_tun_write_iter+0xbf/0x1a0 [ 436.432342][T10953] do_iter_readv_writev+0x655/0x950 [ 436.432374][T10953] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 436.432407][T10953] ? bpf_lsm_file_permission+0x9/0x10 [ 436.432440][T10953] ? security_file_permission+0x71/0x210 [ 436.432470][T10953] ? rw_verify_area+0xcf/0x680 [ 436.432499][T10953] vfs_writev+0x363/0xdd0 [ 436.432526][T10953] ? find_held_lock+0x2d/0x110 [ 436.432558][T10953] ? __pfx_vfs_writev+0x10/0x10 [ 436.432590][T10953] ? find_held_lock+0x2d/0x110 [ 436.432620][T10953] ? __pfx_lock_release+0x10/0x10 [ 436.432648][T10953] ? trace_lock_acquire+0x14e/0x1f0 [ 436.432684][T10953] ? __fget_files+0x206/0x3a0 [ 436.432722][T10953] ? do_writev+0x133/0x340 [ 436.432746][T10953] do_writev+0x133/0x340 [ 436.432774][T10953] ? __pfx_do_writev+0x10/0x10 [ 436.432811][T10953] do_syscall_64+0xcd/0x250 [ 436.432841][T10953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.432871][T10953] RIP: 0033:0x7ffbe058d169 [ 436.432890][T10953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.432911][T10953] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 436.432934][T10953] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 436.432950][T10953] RDX: 000000000000000c RSI: 0000400000000100 RDI: 0000000000000003 [ 436.432965][T10953] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 436.432979][T10953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 436.432993][T10953] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 436.433022][T10953] [ 437.069781][T10964] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 437.117889][T10964] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 437.162250][T10966] sctp: [Deprecated]: syz.2.1300 (pid 10966) Use of int in max_burst socket option deprecated. [ 437.162250][T10966] Use struct sctp_assoc_value instead [ 437.232501][T10968] FAULT_INJECTION: forcing a failure. [ 437.232501][T10968] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 437.262175][T10968] CPU: 0 UID: 0 PID: 10968 Comm: syz.2.1300 Not tainted 6.14.0-rc4-syzkaller #0 [ 437.262206][T10968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 437.262220][T10968] Call Trace: [ 437.262228][T10968] [ 437.262237][T10968] dump_stack_lvl+0x16c/0x1f0 [ 437.262271][T10968] should_fail_ex+0x50a/0x650 [ 437.262316][T10968] _copy_from_user+0x2e/0xd0 [ 437.262342][T10968] move_addr_to_kernel+0x68/0x160 [ 437.262371][T10968] __sys_connect+0xb0/0x170 [ 437.262399][T10968] ? __pfx___sys_connect+0x10/0x10 [ 437.262438][T10968] ? __pfx_ksys_write+0x10/0x10 [ 437.262476][T10968] __x64_sys_connect+0x72/0xb0 [ 437.262502][T10968] ? lockdep_hardirqs_on+0x7c/0x110 [ 437.262530][T10968] do_syscall_64+0xcd/0x250 [ 437.262559][T10968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.262591][T10968] RIP: 0033:0x7f5c8638d169 [ 437.262610][T10968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 437.262638][T10968] RSP: 002b:00007f5c87130038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 437.262660][T10968] RAX: ffffffffffffffda RBX: 00007f5c865a6080 RCX: 00007f5c8638d169 [ 437.262677][T10968] RDX: 0000000000000054 RSI: 0000400000000080 RDI: 0000000000000003 [ 437.262692][T10968] RBP: 00007f5c87130090 R08: 0000000000000000 R09: 0000000000000000 [ 437.262707][T10968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 437.262721][T10968] R13: 0000000000000001 R14: 00007f5c865a6080 R15: 00007ffd31dc9568 [ 437.262752][T10968] [ 439.048980][T10999] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1310'. [ 439.230952][T11001] netlink: 'syz.0.1311': attribute type 1 has an invalid length. [ 439.437995][T11009] FAULT_INJECTION: forcing a failure. [ 439.437995][T11009] name failslab, interval 1, probability 0, space 0, times 0 [ 439.458091][T11009] CPU: 1 UID: 0 PID: 11009 Comm: syz.1.1314 Not tainted 6.14.0-rc4-syzkaller #0 [ 439.458123][T11009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 439.458137][T11009] Call Trace: [ 439.458145][T11009] [ 439.458154][T11009] dump_stack_lvl+0x16c/0x1f0 [ 439.458188][T11009] should_fail_ex+0x50a/0x650 [ 439.458222][T11009] ? fs_reclaim_acquire+0xae/0x150 [ 439.458254][T11009] should_failslab+0xc2/0x120 [ 439.458278][T11009] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 439.458319][T11009] ? __alloc_skb+0x2b1/0x380 [ 439.458353][T11009] __alloc_skb+0x2b1/0x380 [ 439.458382][T11009] ? __pfx___alloc_skb+0x10/0x10 [ 439.458421][T11009] netlink_alloc_large_skb+0x69/0x130 [ 439.458453][T11009] netlink_sendmsg+0x689/0xd70 [ 439.458488][T11009] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.458528][T11009] ____sys_sendmsg+0xaaf/0xc90 [ 439.458554][T11009] ? copy_msghdr_from_user+0x10b/0x160 [ 439.458585][T11009] ? __pfx_____sys_sendmsg+0x10/0x10 [ 439.458608][T11009] ? __lock_acquire+0xcc5/0x3c40 [ 439.458642][T11009] ? hlock_class+0x4e/0x130 [ 439.458666][T11009] ? __lock_acquire+0x15a9/0x3c40 [ 439.458703][T11009] ___sys_sendmsg+0x135/0x1e0 [ 439.458736][T11009] ? __pfx____sys_sendmsg+0x10/0x10 [ 439.458765][T11009] ? __pfx___lock_acquire+0x10/0x10 [ 439.458823][T11009] ? __pfx___might_resched+0x10/0x10 [ 439.458856][T11009] ? __might_fault+0xe3/0x190 [ 439.458884][T11009] __sys_sendmmsg+0x201/0x420 [ 439.458920][T11009] ? __pfx___sys_sendmmsg+0x10/0x10 [ 439.458961][T11009] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 439.459002][T11009] ? fput+0x67/0x440 [ 439.459025][T11009] ? ksys_write+0x1ba/0x250 [ 439.459054][T11009] ? __pfx_ksys_write+0x10/0x10 [ 439.459089][T11009] __x64_sys_sendmmsg+0x9c/0x100 [ 439.459120][T11009] ? lockdep_hardirqs_on+0x7c/0x110 [ 439.459148][T11009] do_syscall_64+0xcd/0x250 [ 439.459178][T11009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.459210][T11009] RIP: 0033:0x7f7af6b8d169 [ 439.459229][T11009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.459252][T11009] RSP: 002b:00007f7af79f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 439.459275][T11009] RAX: ffffffffffffffda RBX: 00007f7af6da5fa0 RCX: 00007f7af6b8d169 [ 439.459297][T11009] RDX: 0000000000000007 RSI: 0000400000000200 RDI: 0000000000000003 [ 439.459312][T11009] RBP: 00007f7af79f6090 R08: 0000000000000000 R09: 0000000000000000 [ 439.459327][T11009] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 439.459341][T11009] R13: 0000000000000000 R14: 00007f7af6da5fa0 R15: 00007ffec564e498 [ 439.459371][T11009] [ 440.085988][T11020] FAULT_INJECTION: forcing a failure. [ 440.085988][T11020] name failslab, interval 1, probability 0, space 0, times 0 [ 440.132147][T11020] CPU: 1 UID: 0 PID: 11020 Comm: syz.0.1317 Not tainted 6.14.0-rc4-syzkaller #0 [ 440.132179][T11020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 440.132193][T11020] Call Trace: [ 440.132201][T11020] [ 440.132211][T11020] dump_stack_lvl+0x16c/0x1f0 [ 440.132252][T11020] should_fail_ex+0x50a/0x650 [ 440.132285][T11020] ? fs_reclaim_acquire+0xae/0x150 [ 440.132317][T11020] should_failslab+0xc2/0x120 [ 440.132341][T11020] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 440.132375][T11020] ? __alloc_skb+0x2b1/0x380 [ 440.132409][T11020] __alloc_skb+0x2b1/0x380 [ 440.132439][T11020] ? __pfx___alloc_skb+0x10/0x10 [ 440.132472][T11020] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 440.132502][T11020] ? do_user_addr_fault+0x83d/0x13f0 [ 440.132538][T11020] netlink_alloc_large_skb+0x69/0x130 [ 440.132570][T11020] netlink_sendmsg+0x689/0xd70 [ 440.132605][T11020] ? __pfx_netlink_sendmsg+0x10/0x10 [ 440.132646][T11020] ____sys_sendmsg+0xaaf/0xc90 [ 440.132675][T11020] ? __pfx_____sys_sendmsg+0x10/0x10 [ 440.132699][T11020] ? __lock_acquire+0xcc5/0x3c40 [ 440.132744][T11020] ___sys_sendmsg+0x135/0x1e0 [ 440.132777][T11020] ? __pfx____sys_sendmsg+0x10/0x10 [ 440.132822][T11020] ? trace_lock_acquire+0x14e/0x1f0 [ 440.132870][T11020] __sys_sendmmsg+0x201/0x420 [ 440.132905][T11020] ? __pfx___sys_sendmmsg+0x10/0x10 [ 440.132947][T11020] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 440.132989][T11020] ? fput+0x67/0x440 [ 440.133012][T11020] ? ksys_write+0x1ba/0x250 [ 440.133042][T11020] ? __pfx_ksys_write+0x10/0x10 [ 440.133077][T11020] __x64_sys_sendmmsg+0x9c/0x100 [ 440.133107][T11020] ? lockdep_hardirqs_on+0x7c/0x110 [ 440.133134][T11020] do_syscall_64+0xcd/0x250 [ 440.133165][T11020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.133195][T11020] RIP: 0033:0x7ffbe058d169 [ 440.133218][T11020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.133241][T11020] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 440.133263][T11020] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 440.133280][T11020] RDX: 0000000000000003 RSI: 0000400000000080 RDI: 0000000000000003 [ 440.133295][T11020] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 440.133310][T11020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 440.133325][T11020] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 440.133355][T11020] [ 440.610759][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.622225][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.932955][T11023] netlink: 'syz.0.1318': attribute type 1 has an invalid length. [ 442.638012][T11070] bridge0: port 3(syz_tun) entered blocking state [ 442.655364][T11070] bridge0: port 3(syz_tun) entered disabled state [ 442.661994][T11070] syz_tun: entered allmulticast mode [ 442.678738][T11070] syz_tun: entered promiscuous mode [ 442.693543][T11070] bridge0: port 3(syz_tun) entered blocking state [ 442.700137][T11070] bridge0: port 3(syz_tun) entered forwarding state [ 443.243744][T11093] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1336'. [ 443.264930][T11093] netlink: zone id is out of range [ 443.270089][T11093] netlink: zone id is out of range [ 443.286986][T11093] netlink: zone id is out of range [ 443.292664][T11093] netlink: zone id is out of range [ 443.299318][T11095] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1336'. [ 443.352367][T11093] netlink: zone id is out of range [ 443.378510][T11093] netlink: zone id is out of range [ 443.393283][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1339'. [ 443.431119][T11093] netlink: zone id is out of range [ 443.452136][T11093] netlink: zone id is out of range [ 443.502352][T11093] netlink: zone id is out of range [ 443.507763][T11093] netlink: zone id is out of range [ 444.412460][T11118] [U]  [ 444.415302][T11118] [U] [ 444.418026][T11118] [U] [ 444.420747][T11118] [U] [ 444.474590][T11118] [U] [ 444.477335][T11118] [U] [ 444.480049][T11118] [U] [ 444.482769][T11118] [U] [ 444.558599][T11118] [U] [ 444.561372][T11118] [U] [ 444.564105][T11118] [U] [ 444.566833][T11118] [U] [ 444.620071][T11118] [U] [ 444.622823][T11118] [U] [ 444.625541][T11118] [U] [ 444.628272][T11118] [U] [ 444.646836][T11122] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 444.650017][T11118] [U] [ 444.661236][T11118] [U] [ 444.663962][T11118] [U] [ 444.666685][T11118] [U] [ 444.671379][T11118] [U] [ 444.674124][T11118] [U] [ 444.676846][T11118] [U] [ 444.679564][T11118] [U] [ 444.689779][T11118] [U] [ 444.692519][T11118] [U] [ 444.695244][T11118] [U] [ 444.697953][T11118] [U] [ 444.700976][T11118] [U] [ 444.703705][T11118] [U] [ 444.706432][T11118] [U] [ 444.709151][T11118] [U] [ 444.712298][T11118] [U] [ 444.715025][T11118] [U] [ 444.717756][T11118] [U] [ 444.720486][T11118] [U] [ 444.724362][T11118] [U] [ 444.727094][T11118] [U] [ 444.729818][T11118] [U] [ 444.732534][T11118] [U] [ 444.736846][T11118] [U] [ 444.739587][T11118] [U] [ 444.742308][T11118] [U] [ 444.745035][T11118] [U] [ 444.748070][T11118] [U] [ 444.750796][T11118] [U] [ 444.753517][T11118] [U] [ 444.756236][T11118] [U] [ 444.759643][T11118] [U] [ 444.762379][T11118] [U] [ 444.765082][T11118] [U] [ 444.767778][T11118] [U] [ 444.770792][T11118] [U] [ 444.773525][T11118] [U] [ 444.776248][T11118] [U] [ 444.778958][T11118] [U] [ 444.792867][T11118] [U] [ 444.795614][T11118] [U] [ 444.798329][T11118] [U] [ 444.801042][T11118] [U] [ 444.835432][T11118] [U] [ 444.838194][T11118] [U] [ 444.840976][T11118] [U] [ 444.843693][T11118] [U] [ 444.890454][T11118] [U] [ 444.893213][T11118] [U] [ 444.895935][T11118] [U] [ 444.898655][T11118] [U] [ 444.941495][T11118] [U] [ 444.944252][T11118] [U] [ 444.946975][T11118] [U] [ 444.949695][T11118] [U] [ 444.954222][T11118] [U] [ 444.956958][T11118] [U] [ 444.959675][T11118] [U] [ 444.962403][T11118] [U] [ 444.968394][T11118] [U] [ 444.971146][T11118] [U] [ 444.973870][T11118] [U] [ 444.976589][T11118] [U] [ 445.030695][T11118] [U] [ 445.033452][T11118] [U] [ 445.036180][T11118] [U] [ 445.038897][T11118] [U] [ 445.080298][T11118] [U] [ 445.083059][T11118] [U] [ 445.085783][T11118] [U] [ 445.088512][T11118] [U] [ 445.111103][T11118] [U] [ 445.113856][T11118] [U] [ 445.116578][T11118] [U] [ 445.119296][T11118] [U] [ 445.124603][T11131] FAULT_INJECTION: forcing a failure. [ 445.124603][T11131] name failslab, interval 1, probability 0, space 0, times 0 [ 445.138171][T11131] CPU: 1 UID: 0 PID: 11131 Comm: syz.0.1350 Not tainted 6.14.0-rc4-syzkaller #0 [ 445.138201][T11131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 445.138215][T11131] Call Trace: [ 445.138222][T11131] [ 445.138232][T11131] dump_stack_lvl+0x16c/0x1f0 [ 445.138266][T11131] should_fail_ex+0x50a/0x650 [ 445.138299][T11131] ? fs_reclaim_acquire+0xae/0x150 [ 445.138330][T11131] ? kernfs_fop_write_iter+0x223/0x500 [ 445.138353][T11131] should_failslab+0xc2/0x120 [ 445.138376][T11131] __kmalloc_noprof+0xcb/0x510 [ 445.138407][T11131] ? rcu_is_watching+0x12/0xc0 [ 445.138440][T11131] kernfs_fop_write_iter+0x223/0x500 [ 445.138477][T11131] vfs_write+0x5ae/0x1150 [ 445.138508][T11131] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 445.138536][T11131] ? __pfx___mutex_lock+0x10/0x10 [ 445.138565][T11131] ? __pfx_vfs_write+0x10/0x10 [ 445.138617][T11131] ksys_write+0x12b/0x250 [ 445.138646][T11131] ? __pfx_ksys_write+0x10/0x10 [ 445.138684][T11131] do_syscall_64+0xcd/0x250 [ 445.138715][T11131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.138746][T11131] RIP: 0033:0x7ffbe058d169 [ 445.138765][T11131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.138787][T11131] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 445.138809][T11131] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 445.138825][T11131] RDX: 0000000000000081 RSI: 0000400000000000 RDI: 0000000000000004 [ 445.138840][T11131] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 445.138855][T11131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.138869][T11131] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 445.138902][T11131] [ 445.210689][T11120] [U] [ 445.527313][T11141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1352'. [ 445.599067][T11147] Setting dangerous option i915.mitigations - tainting kernel [ 446.053739][T11157] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 446.063551][T11158] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1357'. [ 446.082119][T11157] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 446.090904][T11158] FAULT_INJECTION: forcing a failure. [ 446.090904][T11158] name failslab, interval 1, probability 0, space 0, times 0 [ 446.122616][T11158] CPU: 1 UID: 0 PID: 11158 Comm: syz.0.1357 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 446.122655][T11158] Tainted: [U]=USER [ 446.122663][T11158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 446.122677][T11158] Call Trace: [ 446.122685][T11158] [ 446.122695][T11158] dump_stack_lvl+0x16c/0x1f0 [ 446.122728][T11158] should_fail_ex+0x50a/0x650 [ 446.122760][T11158] ? fs_reclaim_acquire+0xae/0x150 [ 446.122791][T11158] should_failslab+0xc2/0x120 [ 446.122814][T11158] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 446.122846][T11158] ? lockdep_rtnl_is_held+0x26/0x40 [ 446.122871][T11158] ? fib_trie_unmerge+0x26d/0xc30 [ 446.122901][T11158] fib_trie_unmerge+0x26d/0xc30 [ 446.122929][T11158] ? rcu_is_watching+0x12/0xc0 [ 446.122956][T11158] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 446.122994][T11158] fib_unmerge+0xf8/0x520 [ 446.123021][T11158] ? __pfx_fib_nl2rule.constprop.0.isra.0+0x10/0x10 [ 446.123056][T11158] fib4_rule_configure+0x253/0xe00 [ 446.123094][T11158] fib_nl_newrule+0x34e/0x1bd0 [ 446.123125][T11158] ? __pfx_lock_release+0x10/0x10 [ 446.123162][T11158] ? __pfx_fib_nl_newrule+0x10/0x10 [ 446.123191][T11158] ? __pfx__raw_spin_unlock_irq+0x10/0x10 [ 446.123242][T11158] ? trace_lock_acquire+0x14e/0x1f0 [ 446.123276][T11158] ? __pfx_fib_nl_newrule+0x10/0x10 [ 446.123306][T11158] rtnetlink_rcv_msg+0x3c7/0xea0 [ 446.123341][T11158] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 446.123388][T11158] netlink_rcv_skb+0x16b/0x440 [ 446.123425][T11158] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 446.123457][T11158] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 446.123505][T11158] ? netlink_deliver_tap+0x1ae/0xd30 [ 446.123541][T11158] netlink_unicast+0x53c/0x7f0 [ 446.123574][T11158] ? __pfx_netlink_unicast+0x10/0x10 [ 446.123603][T11158] ? __phys_addr_symbol+0x30/0x80 [ 446.123627][T11158] ? __check_object_size+0x488/0x710 [ 446.123654][T11158] netlink_sendmsg+0x8b8/0xd70 [ 446.123688][T11158] ? __pfx_netlink_sendmsg+0x10/0x10 [ 446.123731][T11158] ____sys_sendmsg+0xaaf/0xc90 [ 446.123758][T11158] ? copy_msghdr_from_user+0x10b/0x160 [ 446.123788][T11158] ? __pfx_____sys_sendmsg+0x10/0x10 [ 446.123829][T11158] ___sys_sendmsg+0x135/0x1e0 [ 446.123862][T11158] ? __pfx____sys_sendmsg+0x10/0x10 [ 446.123908][T11158] ? __pfx_lock_release+0x10/0x10 [ 446.123937][T11158] ? trace_lock_acquire+0x14e/0x1f0 [ 446.123975][T11158] ? __fget_files+0x206/0x3a0 [ 446.124015][T11158] __sys_sendmsg+0x16e/0x220 [ 446.124047][T11158] ? __pfx___sys_sendmsg+0x10/0x10 [ 446.124097][T11158] do_syscall_64+0xcd/0x250 [ 446.124126][T11158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.124155][T11158] RIP: 0033:0x7ffbe058d169 [ 446.124174][T11158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.124194][T11158] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 446.124216][T11158] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 446.124231][T11158] RDX: 0000000000040000 RSI: 0000400000000240 RDI: 0000000000000007 [ 446.124246][T11158] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 446.124260][T11158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 446.124275][T11158] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 446.124306][T11158] [ 449.108065][T11216] FAULT_INJECTION: forcing a failure. [ 449.108065][T11216] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 449.143751][T11216] CPU: 0 UID: 0 PID: 11216 Comm: syz.0.1373 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 449.143787][T11216] Tainted: [U]=USER [ 449.143795][T11216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 449.143808][T11216] Call Trace: [ 449.143815][T11216] [ 449.143825][T11216] dump_stack_lvl+0x16c/0x1f0 [ 449.143857][T11216] should_fail_ex+0x50a/0x650 [ 449.143893][T11216] _copy_to_user+0x32/0xd0 [ 449.143920][T11216] simple_read_from_buffer+0xd0/0x160 [ 449.143952][T11216] proc_fail_nth_read+0x198/0x270 [ 449.143979][T11216] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 449.144006][T11216] ? rw_verify_area+0xcf/0x680 [ 449.144033][T11216] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 449.144058][T11216] vfs_read+0x1df/0xbf0 [ 449.144086][T11216] ? __fget_files+0x1fc/0x3a0 [ 449.144115][T11216] ? __pfx___mutex_lock+0x10/0x10 [ 449.144142][T11216] ? __pfx_vfs_read+0x10/0x10 [ 449.144178][T11216] ? __fget_files+0x206/0x3a0 [ 449.144218][T11216] ksys_read+0x12b/0x250 [ 449.144247][T11216] ? __pfx_ksys_read+0x10/0x10 [ 449.144285][T11216] do_syscall_64+0xcd/0x250 [ 449.144322][T11216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.144353][T11216] RIP: 0033:0x7ffbe058bb7c [ 449.144372][T11216] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 449.144394][T11216] RSP: 002b:00007ffbe1384030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 449.144416][T11216] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058bb7c [ 449.144432][T11216] RDX: 000000000000000f RSI: 00007ffbe13840a0 RDI: 0000000000000004 [ 449.144446][T11216] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 449.144461][T11216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 449.144475][T11216] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 449.144506][T11216] [ 449.205097][T11218] GUP no longer grows the stack in syz.1.1370 (11218): 14000-401000 (4000) [ 449.354859][T11218] CPU: 1 UID: 0 PID: 11218 Comm: syz.1.1370 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 449.354896][T11218] Tainted: [U]=USER [ 449.354905][T11218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 449.354919][T11218] Call Trace: [ 449.354928][T11218] [ 449.354937][T11218] dump_stack_lvl+0x16c/0x1f0 [ 449.354973][T11218] gup_vma_lookup+0x1d2/0x220 [ 449.355018][T11218] __get_user_pages+0x236/0x36f0 [ 449.355062][T11218] ? hlock_class+0x4e/0x130 [ 449.355088][T11218] ? __lock_acquire+0x15a9/0x3c40 [ 449.355119][T11218] ? __pfx___get_user_pages+0x10/0x10 [ 449.355162][T11218] __gup_longterm_locked+0x212/0x1870 [ 449.355196][T11218] ? __pfx___lock_acquire+0x10/0x10 [ 449.355233][T11218] ? __pfx___gup_longterm_locked+0x10/0x10 [ 449.355266][T11218] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 449.355300][T11218] ? rwsem_read_trylock+0x12d/0x250 [ 449.355336][T11218] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 449.355372][T11218] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 449.355403][T11218] pin_user_pages_remote+0xee/0x150 [ 449.355437][T11218] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 449.355468][T11218] ? down_read+0xc9/0x330 [ 449.355510][T11218] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 449.355544][T11218] ? futex_wait_queue+0x103/0x1f0 [ 449.355580][T11218] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 449.355630][T11218] process_vm_rw+0x301/0x360 [ 449.355655][T11218] ? __pfx_process_vm_rw+0x10/0x10 [ 449.355715][T11218] ? xfd_validate_state+0x5d/0x180 [ 449.355746][T11218] ? rcu_is_watching+0x12/0xc0 [ 449.355774][T11218] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 449.355799][T11218] ? do_syscall_64+0x91/0x250 [ 449.355827][T11218] ? lockdep_hardirqs_on+0x7c/0x110 [ 449.355855][T11218] do_syscall_64+0xcd/0x250 [ 449.355887][T11218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.355919][T11218] RIP: 0033:0x7f7af6b8d169 [ 449.355939][T11218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.355963][T11218] RSP: 002b:00007f7af79b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 449.356012][T11218] RAX: ffffffffffffffda RBX: 00007f7af6da6160 RCX: 00007f7af6b8d169 [ 449.356029][T11218] RDX: 0000000000000004 RSI: 0000400000000040 RDI: 00000000000004ab [ 449.356044][T11218] RBP: 00007f7af6c0e2a0 R08: 0000000000000003 R09: 0000000000000000 [ 449.356058][T11218] R10: 00004000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 449.356073][T11218] R13: 0000000000000000 R14: 00007f7af6da6160 R15: 00007ffec564e498 [ 449.356105][T11218] [ 450.609942][T11229] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1376'. [ 450.679248][T11229] FAULT_INJECTION: forcing a failure. [ 450.679248][T11229] name failslab, interval 1, probability 0, space 0, times 0 [ 450.729873][T11229] CPU: 0 UID: 0 PID: 11229 Comm: syz.3.1376 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 450.729921][T11229] Tainted: [U]=USER [ 450.729930][T11229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 450.729945][T11229] Call Trace: [ 450.729954][T11229] [ 450.729964][T11229] dump_stack_lvl+0x16c/0x1f0 [ 450.730000][T11229] should_fail_ex+0x50a/0x650 [ 450.730038][T11229] ? fs_reclaim_acquire+0xae/0x150 [ 450.730073][T11229] ? tnode_new+0x25a/0x340 [ 450.730108][T11229] should_failslab+0xc2/0x120 [ 450.730133][T11229] __kmalloc_noprof+0xcb/0x510 [ 450.730171][T11229] ? mod_objcg_state+0x4c4/0x8d0 [ 450.730207][T11229] tnode_new+0x25a/0x340 [ 450.730246][T11229] resize+0xa2b/0x2250 [ 450.730289][T11229] fib_insert_alias+0x9c0/0xe30 [ 450.730324][T11229] fib_trie_unmerge+0x2e5/0xc30 [ 450.730357][T11229] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 450.730399][T11229] fib_unmerge+0xf8/0x520 [ 450.730428][T11229] ? __pfx_fib_nl2rule.constprop.0.isra.0+0x10/0x10 [ 450.730467][T11229] fib4_rule_configure+0x253/0xe00 [ 450.730508][T11229] fib_nl_newrule+0x34e/0x1bd0 [ 450.730541][T11229] ? __pfx_lock_release+0x10/0x10 [ 450.730579][T11229] ? __pfx_fib_nl_newrule+0x10/0x10 [ 450.730608][T11229] ? __pfx__raw_spin_unlock_irq+0x10/0x10 [ 450.730655][T11229] ? trace_lock_acquire+0x14e/0x1f0 [ 450.730690][T11229] ? __pfx_fib_nl_newrule+0x10/0x10 [ 450.730720][T11229] rtnetlink_rcv_msg+0x3c7/0xea0 [ 450.730757][T11229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 450.730806][T11229] netlink_rcv_skb+0x16b/0x440 [ 450.730839][T11229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 450.730874][T11229] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 450.730939][T11229] ? netlink_deliver_tap+0x1ae/0xd30 [ 450.730979][T11229] netlink_unicast+0x53c/0x7f0 [ 450.731017][T11229] ? __pfx_netlink_unicast+0x10/0x10 [ 450.731050][T11229] ? __phys_addr_symbol+0x30/0x80 [ 450.731075][T11229] ? __check_object_size+0x488/0x710 [ 450.731104][T11229] netlink_sendmsg+0x8b8/0xd70 [ 450.731140][T11229] ? __pfx_netlink_sendmsg+0x10/0x10 [ 450.731185][T11229] ____sys_sendmsg+0xaaf/0xc90 [ 450.731213][T11229] ? copy_msghdr_from_user+0x10b/0x160 [ 450.731246][T11229] ? __pfx_____sys_sendmsg+0x10/0x10 [ 450.731289][T11229] ___sys_sendmsg+0x135/0x1e0 [ 450.731325][T11229] ? __pfx____sys_sendmsg+0x10/0x10 [ 450.731370][T11229] ? __pfx_lock_release+0x10/0x10 [ 450.731401][T11229] ? trace_lock_acquire+0x14e/0x1f0 [ 450.731442][T11229] ? __fget_files+0x206/0x3a0 [ 450.731487][T11229] __sys_sendmsg+0x16e/0x220 [ 450.731523][T11229] ? __pfx___sys_sendmsg+0x10/0x10 [ 450.731557][T11229] ? __x64_sys_futex+0x1e1/0x4c0 [ 450.731608][T11229] do_syscall_64+0xcd/0x250 [ 450.731642][T11229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.731675][T11229] RIP: 0033:0x7f4b5eb8d169 [ 450.731695][T11229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.731719][T11229] RSP: 002b:00007f4b5f962038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 450.731743][T11229] RAX: ffffffffffffffda RBX: 00007f4b5eda5fa0 RCX: 00007f4b5eb8d169 [ 450.731760][T11229] RDX: 0000000000040000 RSI: 0000400000000240 RDI: 0000000000000007 [ 450.731775][T11229] RBP: 00007f4b5ec0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 450.731791][T11229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 450.731808][T11229] R13: 0000000000000000 R14: 00007f4b5eda5fa0 R15: 00007ffc29668f88 [ 450.731843][T11229] [ 452.457040][T11243] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 452.482432][T11243] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 452.502426][T11243] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 452.522160][T11243] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 452.840097][T11262] FAULT_INJECTION: forcing a failure. [ 452.840097][T11262] name failslab, interval 1, probability 0, space 0, times 0 [ 452.902161][T11262] CPU: 1 UID: 0 PID: 11262 Comm: syz.2.1383 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 452.902193][T11262] Tainted: [U]=USER [ 452.902200][T11262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 452.902211][T11262] Call Trace: [ 452.902217][T11262] [ 452.902227][T11262] dump_stack_lvl+0x16c/0x1f0 [ 452.902259][T11262] should_fail_ex+0x50a/0x650 [ 452.902289][T11262] ? fs_reclaim_acquire+0xae/0x150 [ 452.902320][T11262] should_failslab+0xc2/0x120 [ 452.902341][T11262] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 452.902372][T11262] ? __pmd_alloc+0xc3/0x870 [ 452.902402][T11262] __pmd_alloc+0xc3/0x870 [ 452.902432][T11262] __handle_mm_fault+0x9fb/0x2c60 [ 452.902473][T11262] ? __pfx___handle_mm_fault+0x10/0x10 [ 452.902503][T11262] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 452.902552][T11262] ? find_vma+0xc0/0x140 [ 452.902577][T11262] ? __pfx_find_vma+0x10/0x10 [ 452.902607][T11262] handle_mm_fault+0x3fa/0xaa0 [ 452.902652][T11262] do_user_addr_fault+0x7a3/0x13f0 [ 452.902691][T11262] exc_page_fault+0x5c/0xc0 [ 452.902717][T11262] asm_exc_page_fault+0x26/0x30 [ 452.902744][T11262] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 452.902780][T11262] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 452.902803][T11262] RSP: 0018:ffffc9000b8efc28 EFLAGS: 00050202 [ 452.902823][T11262] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000005c [ 452.902837][T11262] RDX: fffff5200171df9b RSI: 0000000000000000 RDI: ffffc9000b8efc80 [ 452.902852][T11262] RBP: 000000000000005c R08: 0000000000000001 R09: fffff5200171df9b [ 452.902866][T11262] R10: 0000000000000003 R11: ffffffff96264200 R12: 0000000000000000 [ 452.902880][T11262] R13: ffffc9000b8efc80 R14: ffffc9000b8efc80 R15: 0000000000000000 [ 452.902913][T11262] _copy_from_user+0x98/0xd0 [ 452.902940][T11262] uinput_dev_setup+0xe0/0x2f0 [ 452.902962][T11262] ? dev_set_name+0xc8/0x100 [ 452.902989][T11262] ? __pfx_uinput_dev_setup+0x10/0x10 [ 452.903020][T11262] ? input_allocate_device+0x271/0x350 [ 452.903044][T11262] uinput_ioctl_handler.isra.0+0x1466/0x1d70 [ 452.903072][T11262] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 452.903100][T11262] ? __pfx_lock_release+0x10/0x10 [ 452.903123][T11262] ? trace_lock_acquire+0x14e/0x1f0 [ 452.903154][T11262] ? __fget_files+0x206/0x3a0 [ 452.903183][T11262] ? __pfx_uinput_ioctl+0x10/0x10 [ 452.903207][T11262] __x64_sys_ioctl+0x190/0x200 [ 452.903231][T11262] do_syscall_64+0xcd/0x250 [ 452.903257][T11262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.903281][T11262] RIP: 0033:0x7f5c8638d169 [ 452.903296][T11262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.903314][T11262] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 452.903331][T11262] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 452.903344][T11262] RDX: 0000000000000000 RSI: 00000000405c5503 RDI: 0000000000000003 [ 452.903355][T11262] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 452.903366][T11262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 452.903377][T11262] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 452.903403][T11262] [ 454.072506][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 454.552696][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 454.558969][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 454.566994][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 454.753392][T11296] FAULT_INJECTION: forcing a failure. [ 454.753392][T11296] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 454.802266][T11296] CPU: 1 UID: 0 PID: 11296 Comm: syz.3.1392 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 454.802304][T11296] Tainted: [U]=USER [ 454.802313][T11296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 454.802326][T11296] Call Trace: [ 454.802334][T11296] [ 454.802344][T11296] dump_stack_lvl+0x16c/0x1f0 [ 454.802379][T11296] should_fail_ex+0x50a/0x650 [ 454.802418][T11296] _copy_to_user+0x32/0xd0 [ 454.802445][T11296] blkdev_ioctl+0x5bd/0x6d0 [ 454.802470][T11296] ? __pfx_blkdev_ioctl+0x10/0x10 [ 454.802490][T11296] ? __fget_files+0x206/0x3a0 [ 454.802526][T11296] ? __pfx_blkdev_ioctl+0x10/0x10 [ 454.802551][T11296] __x64_sys_ioctl+0x190/0x200 [ 454.802582][T11296] do_syscall_64+0xcd/0x250 [ 454.802614][T11296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.802646][T11296] RIP: 0033:0x7f4b5eb8d169 [ 454.802669][T11296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.802691][T11296] RSP: 002b:00007f4b5f962038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 454.802714][T11296] RAX: ffffffffffffffda RBX: 00007f4b5eda5fa0 RCX: 00007f4b5eb8d169 [ 454.802731][T11296] RDX: ffffffffffffffff RSI: 0000000000000301 RDI: 0000000000000003 [ 454.802753][T11296] RBP: 00007f4b5f962090 R08: 0000000000000000 R09: 0000000000000000 [ 454.802767][T11296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 454.802781][T11296] R13: 0000000000000000 R14: 00007f4b5eda5fa0 R15: 00007ffc29668f88 [ 454.802812][T11296] [ 455.243060][T11302] capability: warning: `syz.0.1393' uses 32-bit capabilities (legacy support in use) [ 456.500392][T11306] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1394'. [ 457.747313][T11339] FAULT_INJECTION: forcing a failure. [ 457.747313][T11339] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 457.791064][T11339] CPU: 0 UID: 0 PID: 11339 Comm: syz.2.1404 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 457.791101][T11339] Tainted: [U]=USER [ 457.791110][T11339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 457.791121][T11339] Call Trace: [ 457.791127][T11339] [ 457.791136][T11339] dump_stack_lvl+0x16c/0x1f0 [ 457.791170][T11339] should_fail_ex+0x50a/0x650 [ 457.791208][T11339] _copy_from_user+0x2e/0xd0 [ 457.791234][T11339] ppp_ioctl+0x1eb/0x2590 [ 457.791260][T11339] ? __pfx_lock_release+0x10/0x10 [ 457.791291][T11339] ? trace_lock_acquire+0x14e/0x1f0 [ 457.791319][T11339] ? __pfx_ppp_ioctl+0x10/0x10 [ 457.791354][T11339] ? __fget_files+0x206/0x3a0 [ 457.791397][T11339] ? __pfx_ppp_ioctl+0x10/0x10 [ 457.791425][T11339] __x64_sys_ioctl+0x190/0x200 [ 457.791457][T11339] do_syscall_64+0xcd/0x250 [ 457.791489][T11339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.791521][T11339] RIP: 0033:0x7f5c8638d169 [ 457.791540][T11339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.791563][T11339] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 457.791586][T11339] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 457.791603][T11339] RDX: 00004000000000c0 RSI: 0000000040107447 RDI: 0000000000000005 [ 457.791618][T11339] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 457.791633][T11339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 457.791647][T11339] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 457.791678][T11339] [ 458.469137][T11346] net_ratelimit: 40 callbacks suppressed [ 458.469159][T11346] netlink: zone id is out of range [ 458.490555][T11346] netlink: zone id is out of range [ 458.506039][T11346] netlink: zone id is out of range [ 458.511789][T11346] netlink: zone id is out of range [ 458.523527][T11346] netlink: zone id is out of range [ 458.528768][T11346] netlink: zone id is out of range [ 458.569099][T11346] netlink: zone id is out of range [ 458.578751][T11346] netlink: zone id is out of range [ 458.651887][T11346] netlink: zone id is out of range [ 458.666269][T11346] netlink: zone id is out of range [ 460.075839][T11364] zram: Added device: zram1 [ 460.500701][ T29] audit: type=1807 audit(4295026794.983:4): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 460.543188][ T29] audit: type=1802 audit(4295026794.993:5): pid=11375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.1413" res=0 errno=0 [ 462.349046][T11375] ima: policy update failed [ 462.382651][ T29] audit: type=1802 audit(4295026796.882:6): pid=11375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1413" res=0 errno=0 [ 466.581099][T11466] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1434'. [ 466.642193][T11448] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 466.720537][T11448] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 466.730969][T11468] FAULT_INJECTION: forcing a failure. [ 466.730969][T11468] name failslab, interval 1, probability 0, space 0, times 0 [ 466.773436][T11448] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 466.844984][T11448] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 466.884470][T11468] CPU: 0 UID: 0 PID: 11468 Comm: syz.0.1434 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 466.884509][T11468] Tainted: [U]=USER [ 466.884522][T11468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 466.884540][T11468] Call Trace: [ 466.884548][T11468] [ 466.884558][T11468] dump_stack_lvl+0x16c/0x1f0 [ 466.884593][T11468] should_fail_ex+0x50a/0x650 [ 466.884627][T11468] ? fs_reclaim_acquire+0xae/0x150 [ 466.884660][T11468] should_failslab+0xc2/0x120 [ 466.884684][T11468] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 466.884719][T11468] ? ptlock_alloc+0x1f/0x70 [ 466.884756][T11468] ptlock_alloc+0x1f/0x70 [ 466.884788][T11468] pte_alloc_one+0x74/0x390 [ 466.884822][T11468] do_pte_missing+0x1aff/0x3e10 [ 466.884855][T11468] ? do_raw_spin_unlock+0x172/0x230 [ 466.884882][T11468] ? __pmd_alloc+0x3c2/0x870 [ 466.884915][T11468] __handle_mm_fault+0x1166/0x2c60 [ 466.884958][T11468] ? __pfx___handle_mm_fault+0x10/0x10 [ 466.884989][T11468] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 466.885041][T11468] ? find_vma+0xc0/0x140 [ 466.885067][T11468] ? __pfx_find_vma+0x10/0x10 [ 466.885099][T11468] handle_mm_fault+0x3fa/0xaa0 [ 466.885143][T11468] do_user_addr_fault+0x7a3/0x13f0 [ 466.885183][T11468] exc_page_fault+0x5c/0xc0 [ 466.885216][T11468] asm_exc_page_fault+0x26/0x30 [ 466.885247][T11468] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 466.885282][T11468] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 466.885305][T11468] RSP: 0018:ffffc9000c1477e0 EFLAGS: 00050206 [ 466.885325][T11468] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 466.885340][T11468] RDX: ffffed100cafeb59 RSI: 0000000000000000 RDI: ffff8880657f5a00 [ 466.885357][T11468] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100cafeb58 [ 466.885372][T11468] R10: ffff8880657f5ac3 R11: 0000000000000000 R12: ffffc9000c147d60 [ 466.885388][T11468] R13: 00000000000000c4 R14: ffff8880657f5a00 R15: 00007ffffffff000 [ 466.885421][T11468] _copy_from_iter+0x385/0x1560 [ 466.885447][T11468] ? trace_lock_acquire+0x14e/0x1f0 [ 466.885474][T11468] ? __alloc_skb+0x1fe/0x380 [ 466.885508][T11468] ? __pfx__copy_from_iter+0x10/0x10 [ 466.885535][T11468] ? __virt_addr_valid+0x1a4/0x590 [ 466.885564][T11468] ? __virt_addr_valid+0x5e/0x590 [ 466.885589][T11468] ? __phys_addr_symbol+0x30/0x80 [ 466.885612][T11468] ? __check_object_size+0x488/0x710 [ 466.885641][T11468] netlink_sendmsg+0x813/0xd70 [ 466.885678][T11468] ? __pfx_netlink_sendmsg+0x10/0x10 [ 466.885722][T11468] ____sys_sendmsg+0xaaf/0xc90 [ 466.885748][T11468] ? copy_msghdr_from_user+0x10b/0x160 [ 466.885780][T11468] ? __pfx_____sys_sendmsg+0x10/0x10 [ 466.885804][T11468] ? __lock_acquire+0xcc5/0x3c40 [ 466.885850][T11468] ___sys_sendmsg+0x135/0x1e0 [ 466.885884][T11468] ? __pfx____sys_sendmsg+0x10/0x10 [ 466.885932][T11468] ? trace_lock_acquire+0x14e/0x1f0 [ 466.885983][T11468] __sys_sendmmsg+0x201/0x420 [ 466.886019][T11468] ? __pfx___sys_sendmmsg+0x10/0x10 [ 466.886063][T11468] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 466.886106][T11468] ? fput+0x67/0x440 [ 466.886131][T11468] ? ksys_write+0x1ba/0x250 [ 466.886161][T11468] ? __pfx_ksys_write+0x10/0x10 [ 466.886197][T11468] __x64_sys_sendmmsg+0x9c/0x100 [ 466.886228][T11468] ? lockdep_hardirqs_on+0x7c/0x110 [ 466.886255][T11468] do_syscall_64+0xcd/0x250 [ 466.886287][T11468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.886318][T11468] RIP: 0033:0x7ffbe058d169 [ 466.886337][T11468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.886359][T11468] RSP: 002b:00007ffbe1363038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 466.886381][T11468] RAX: ffffffffffffffda RBX: 00007ffbe07a6080 RCX: 00007ffbe058d169 [ 466.886397][T11468] RDX: 0000000000000003 RSI: 0000400000000080 RDI: 0000000000000003 [ 466.886412][T11468] RBP: 00007ffbe1363090 R08: 0000000000000000 R09: 0000000000000000 [ 466.886427][T11468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 466.886442][T11468] R13: 0000000000000000 R14: 00007ffbe07a6080 R15: 00007ffd1c6e7768 [ 466.886475][T11468] [ 467.888947][T11478] FAULT_INJECTION: forcing a failure. [ 467.888947][T11478] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 467.915197][T11478] CPU: 1 UID: 0 PID: 11478 Comm: syz.0.1438 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 467.915233][T11478] Tainted: [U]=USER [ 467.915241][T11478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 467.915254][T11478] Call Trace: [ 467.915261][T11478] [ 467.915270][T11478] dump_stack_lvl+0x16c/0x1f0 [ 467.915302][T11478] should_fail_ex+0x50a/0x650 [ 467.915332][T11478] ? __pfx___might_resched+0x10/0x10 [ 467.915370][T11478] should_fail_alloc_page+0xe7/0x130 [ 467.915395][T11478] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 467.915433][T11478] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 467.915468][T11478] ? mark_lock+0xb5/0xc60 [ 467.915498][T11478] ? __pfx_mark_lock+0x10/0x10 [ 467.915529][T11478] ? __pfx_mark_lock+0x10/0x10 [ 467.915557][T11478] ? __pfx_stack_trace_save+0x10/0x10 [ 467.915584][T11478] ? stack_depot_save_flags+0x28/0x9c0 [ 467.915619][T11478] ? rcu_is_watching+0x12/0xc0 [ 467.915643][T11478] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 467.915680][T11478] ? kasan_save_stack+0x42/0x60 [ 467.915710][T11478] ? kasan_save_stack+0x33/0x60 [ 467.915739][T11478] ? kasan_save_track+0x14/0x30 [ 467.915776][T11478] ? hlock_class+0x4e/0x130 [ 467.915800][T11478] ? __lock_acquire+0x15a9/0x3c40 [ 467.915834][T11478] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 467.915871][T11478] ? policy_nodemask+0xea/0x4e0 [ 467.915909][T11478] alloc_pages_mpol+0x1fc/0x540 [ 467.915934][T11478] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 467.915961][T11478] ? lock_acquire.part.0+0x11b/0x380 [ 467.915995][T11478] ? __pfx_filemap_map_pages+0x10/0x10 [ 467.916022][T11478] alloc_pages_noprof+0x131/0x390 [ 467.916046][T11478] pte_alloc_one+0x20/0x390 [ 467.916080][T11478] __do_fault+0x320/0x490 [ 467.916116][T11478] ? __pfx_filemap_map_pages+0x10/0x10 [ 467.916143][T11478] do_pte_missing+0x1a8/0x3e10 [ 467.916176][T11478] ? do_raw_spin_unlock+0x172/0x230 [ 467.916202][T11478] ? __pmd_alloc+0x3c2/0x870 [ 467.916235][T11478] __handle_mm_fault+0x1166/0x2c60 [ 467.916277][T11478] ? __pfx___handle_mm_fault+0x10/0x10 [ 467.916307][T11478] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 467.916358][T11478] ? find_vma+0xc0/0x140 [ 467.916384][T11478] ? __pfx_find_vma+0x10/0x10 [ 467.916416][T11478] handle_mm_fault+0x3fa/0xaa0 [ 467.916455][T11478] do_user_addr_fault+0x7a3/0x13f0 [ 467.916494][T11478] exc_page_fault+0x5c/0xc0 [ 467.916523][T11478] asm_exc_page_fault+0x26/0x30 [ 467.916552][T11478] RIP: 0010:__put_user_8+0x11/0x20 [ 467.916580][T11478] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 [ 467.916603][T11478] RSP: 0018:ffffc90004a7fca8 EFLAGS: 00050246 [ 467.916623][T11478] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 467.916637][T11478] RDX: ffff888025969e00 RSI: ffffffff8258eee9 RDI: ffffffff8bd34600 [ 467.916653][T11478] RBP: 0000000001200000 R08: 0000000000000000 R09: fffffbfff20c4f02 [ 467.916669][T11478] R10: ffffffff90627817 R11: 0000000000000001 R12: 0000000000000000 [ 467.916684][T11478] R13: 0000000000000000 R14: ffffc90004a7feb0 R15: 0000000000000000 [ 467.916710][T11478] ? kpagecgroup_read+0x159/0x250 [ 467.916742][T11478] kpagecgroup_read+0x164/0x250 [ 467.916768][T11478] ? __pfx_kpagecgroup_read+0x10/0x10 [ 467.916798][T11478] proc_reg_read+0x11d/0x330 [ 467.916830][T11478] ? __pfx_proc_reg_read+0x10/0x10 [ 467.916865][T11478] vfs_read+0x1df/0xbf0 [ 467.916896][T11478] ? __fget_files+0x1fc/0x3a0 [ 467.916928][T11478] ? __pfx___mutex_lock+0x10/0x10 [ 467.916957][T11478] ? __pfx_vfs_read+0x10/0x10 [ 467.916996][T11478] ? __fget_files+0x206/0x3a0 [ 467.917038][T11478] ksys_read+0x12b/0x250 [ 467.917067][T11478] ? __pfx_ksys_read+0x10/0x10 [ 467.917113][T11478] do_syscall_64+0xcd/0x250 [ 467.917144][T11478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.917175][T11478] RIP: 0033:0x7ffbe058d169 [ 467.917194][T11478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.917216][T11478] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 467.917237][T11478] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 467.917252][T11478] RDX: 00007ffffffff000 RSI: 0000000000000000 RDI: 0000000000000003 [ 467.917267][T11478] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 467.917281][T11478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 467.917295][T11478] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 467.917327][T11478] [ 468.502272][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 468.737394][T11482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1440'. [ 468.774576][T11482] FAULT_INJECTION: forcing a failure. [ 468.774576][T11482] name failslab, interval 1, probability 0, space 0, times 0 [ 468.807264][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 468.813384][T11293] Bluetooth: hci2: command 0x0c1a tx timeout [ 468.872475][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 468.960479][T11482] CPU: 1 UID: 0 PID: 11482 Comm: syz.2.1440 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 468.960516][T11482] Tainted: [U]=USER [ 468.960524][T11482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 468.960537][T11482] Call Trace: [ 468.960545][T11482] [ 468.960555][T11482] dump_stack_lvl+0x16c/0x1f0 [ 468.960588][T11482] should_fail_ex+0x50a/0x650 [ 468.960621][T11482] ? fs_reclaim_acquire+0xae/0x150 [ 468.960654][T11482] should_failslab+0xc2/0x120 [ 468.960678][T11482] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 468.960713][T11482] ? ptlock_alloc+0x1f/0x70 [ 468.960750][T11482] ptlock_alloc+0x1f/0x70 [ 468.960781][T11482] pte_alloc_one+0x74/0x390 [ 468.960816][T11482] do_pte_missing+0x1aff/0x3e10 [ 468.960849][T11482] ? do_raw_spin_unlock+0x172/0x230 [ 468.960876][T11482] ? __pmd_alloc+0x3c2/0x870 [ 468.960909][T11482] __handle_mm_fault+0x1166/0x2c60 [ 468.960951][T11482] ? __pfx___handle_mm_fault+0x10/0x10 [ 468.960988][T11482] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 468.961039][T11482] ? find_vma+0xc0/0x140 [ 468.961066][T11482] ? __pfx_find_vma+0x10/0x10 [ 468.961097][T11482] handle_mm_fault+0x3fa/0xaa0 [ 468.961135][T11482] do_user_addr_fault+0x7a3/0x13f0 [ 468.961173][T11482] exc_page_fault+0x5c/0xc0 [ 468.961201][T11482] asm_exc_page_fault+0x26/0x30 [ 468.961230][T11482] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 468.961265][T11482] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 468.961288][T11482] RSP: 0018:ffffc9000c1577e0 EFLAGS: 00050206 [ 468.961309][T11482] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 468.961324][T11482] RDX: ffffed1009a26769 RSI: 0000000000000000 RDI: ffff88804d133a80 [ 468.961340][T11482] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1009a26768 [ 468.961355][T11482] R10: ffff88804d133b43 R11: 0000000000000000 R12: ffffc9000c157d60 [ 468.961371][T11482] R13: 00000000000000c4 R14: ffff88804d133a80 R15: 00007ffffffff000 [ 468.961403][T11482] _copy_from_iter+0x385/0x1560 [ 468.961429][T11482] ? trace_lock_acquire+0x14e/0x1f0 [ 468.961456][T11482] ? __alloc_skb+0x1fe/0x380 [ 468.961488][T11482] ? __pfx__copy_from_iter+0x10/0x10 [ 468.961510][T11482] ? __virt_addr_valid+0x1a4/0x590 [ 468.961538][T11482] ? __virt_addr_valid+0x5e/0x590 [ 468.961561][T11482] ? __phys_addr_symbol+0x30/0x80 [ 468.961584][T11482] ? __check_object_size+0x488/0x710 [ 468.961612][T11482] netlink_sendmsg+0x813/0xd70 [ 468.961647][T11482] ? __pfx_netlink_sendmsg+0x10/0x10 [ 468.961690][T11482] ____sys_sendmsg+0xaaf/0xc90 [ 468.961716][T11482] ? copy_msghdr_from_user+0x10b/0x160 [ 468.961746][T11482] ? __pfx_____sys_sendmsg+0x10/0x10 [ 468.961769][T11482] ? __lock_acquire+0xcc5/0x3c40 [ 468.961814][T11482] ___sys_sendmsg+0x135/0x1e0 [ 468.961847][T11482] ? __pfx____sys_sendmsg+0x10/0x10 [ 468.961894][T11482] ? trace_lock_acquire+0x14e/0x1f0 [ 468.961944][T11482] __sys_sendmmsg+0x201/0x420 [ 468.961987][T11482] ? __pfx___sys_sendmmsg+0x10/0x10 [ 468.962031][T11482] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 468.962072][T11482] ? fput+0x67/0x440 [ 468.962094][T11482] ? ksys_write+0x1ba/0x250 [ 468.962122][T11482] ? __pfx_ksys_write+0x10/0x10 [ 468.962155][T11482] __x64_sys_sendmmsg+0x9c/0x100 [ 468.962185][T11482] ? lockdep_hardirqs_on+0x7c/0x110 [ 468.962212][T11482] do_syscall_64+0xcd/0x250 [ 468.962242][T11482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.962273][T11482] RIP: 0033:0x7f5c8638d169 [ 468.962292][T11482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.962313][T11482] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 468.962335][T11482] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 468.962351][T11482] RDX: 0000000000000003 RSI: 0000400000000080 RDI: 0000000000000003 [ 468.962366][T11482] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 468.962381][T11482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 468.962395][T11482] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 468.962427][T11482] [ 469.573258][T11487] FAULT_INJECTION: forcing a failure. [ 469.573258][T11487] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 469.751487][T11487] CPU: 0 UID: 0 PID: 11487 Comm: syz.0.1442 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 469.751526][T11487] Tainted: [U]=USER [ 469.751535][T11487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 469.751548][T11487] Call Trace: [ 469.751556][T11487] [ 469.751566][T11487] dump_stack_lvl+0x16c/0x1f0 [ 469.751602][T11487] should_fail_ex+0x50a/0x650 [ 469.751641][T11487] _copy_to_user+0x32/0xd0 [ 469.751669][T11487] simple_read_from_buffer+0xd0/0x160 [ 469.751701][T11487] proc_fail_nth_read+0x198/0x270 [ 469.751730][T11487] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 469.751760][T11487] ? rw_verify_area+0xcf/0x680 [ 469.751788][T11487] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 469.751816][T11487] vfs_read+0x1df/0xbf0 [ 469.751846][T11487] ? __fget_files+0x1fc/0x3a0 [ 469.751883][T11487] ? __pfx___mutex_lock+0x10/0x10 [ 469.751912][T11487] ? __pfx_vfs_read+0x10/0x10 [ 469.751950][T11487] ? __fget_files+0x206/0x3a0 [ 469.751991][T11487] ksys_read+0x12b/0x250 [ 469.752019][T11487] ? __pfx_ksys_read+0x10/0x10 [ 469.752058][T11487] do_syscall_64+0xcd/0x250 [ 469.752085][T11487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.752123][T11487] RIP: 0033:0x7ffbe058bb7c [ 469.752142][T11487] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 469.752171][T11487] RSP: 002b:00007ffbe1384030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 469.752194][T11487] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058bb7c [ 469.752210][T11487] RDX: 000000000000000f RSI: 00007ffbe13840a0 RDI: 0000000000000004 [ 469.752225][T11487] RBP: 00007ffbe1384090 R08: 0000000000000000 R09: 0000000000000000 [ 469.752239][T11487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 469.752254][T11487] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 469.752286][T11487] [ 470.474426][T11499] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1444'. [ 470.542565][T11494] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 470.550615][T11494] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 470.557137][T11494] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 470.563852][T11494] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 471.888689][ T29] audit: type=1800 audit(4295026814.391:7): pid=11512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1448" name="dbroot" dev="configfs" ino=34440 res=0 errno=0 [ 471.911896][ T5873] Process accounting resumed [ 471.923477][T11514] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1449'. [ 472.554480][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 472.560661][T11293] Bluetooth: hci1: command 0x0c1a tx timeout [ 472.632388][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 472.638595][T11293] Bluetooth: hci0: command 0x0c1a tx timeout [ 473.428927][T11530] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 473.438148][T11530] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 473.462273][T11530] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 473.468506][T11530] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 473.522308][T11541] FAULT_INJECTION: forcing a failure. [ 473.522308][T11541] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 473.562382][T11541] CPU: 1 UID: 0 PID: 11541 Comm: syz.2.1455 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 473.562421][T11541] Tainted: [U]=USER [ 473.562429][T11541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 473.562443][T11541] Call Trace: [ 473.562451][T11541] [ 473.562462][T11541] dump_stack_lvl+0x16c/0x1f0 [ 473.562498][T11541] should_fail_ex+0x50a/0x650 [ 473.562537][T11541] _copy_from_user+0x2e/0xd0 [ 473.562563][T11541] move_addr_to_kernel+0x68/0x160 [ 473.562593][T11541] __sys_bind+0x11c/0x260 [ 473.562621][T11541] ? __pfx___sys_bind+0x10/0x10 [ 473.562646][T11541] ? __fget_files+0x206/0x3a0 [ 473.562690][T11541] ? __pfx_ksys_write+0x10/0x10 [ 473.562728][T11541] __x64_sys_bind+0x72/0xb0 [ 473.562753][T11541] ? lockdep_hardirqs_on+0x7c/0x110 [ 473.562788][T11541] do_syscall_64+0xcd/0x250 [ 473.562819][T11541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.562851][T11541] RIP: 0033:0x7f5c8638d169 [ 473.562871][T11541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 473.562895][T11541] RSP: 002b:00007f5c87130038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 473.562918][T11541] RAX: ffffffffffffffda RBX: 00007f5c865a6080 RCX: 00007f5c8638d169 [ 473.562935][T11541] RDX: 000000000000006a RSI: 0000000000000000 RDI: 0000000000000008 [ 473.562950][T11541] RBP: 00007f5c87130090 R08: 0000000000000000 R09: 0000000000000000 [ 473.562965][T11541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 473.562979][T11541] R13: 0000000000000000 R14: 00007f5c865a6080 R15: 00007ffd31dc9568 [ 473.563009][T11541] [ 475.432216][T11293] Bluetooth: hci1: command 0x0c1a tx timeout [ 475.512300][T11293] Bluetooth: hci3: command 0x0c1a tx timeout [ 475.518426][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 475.524562][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 475.817826][T11563] kAFS: No cell specified [ 476.046365][T11572] FAULT_INJECTION: forcing a failure. [ 476.046365][T11572] name failslab, interval 1, probability 0, space 0, times 0 [ 476.073473][T11572] CPU: 0 UID: 0 PID: 11572 Comm: syz.2.1464 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 476.073511][T11572] Tainted: [U]=USER [ 476.073526][T11572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 476.073539][T11572] Call Trace: [ 476.073547][T11572] [ 476.073556][T11572] dump_stack_lvl+0x16c/0x1f0 [ 476.073591][T11572] should_fail_ex+0x50a/0x650 [ 476.073625][T11572] ? fs_reclaim_acquire+0xae/0x150 [ 476.073657][T11572] ? constrain_params_by_rules+0x176/0xca0 [ 476.073683][T11572] should_failslab+0xc2/0x120 [ 476.073707][T11572] __kmalloc_noprof+0xcb/0x510 [ 476.073739][T11572] ? unwind_get_return_address+0x59/0xa0 [ 476.073773][T11572] ? arch_stack_walk+0xa7/0x100 [ 476.073800][T11572] constrain_params_by_rules+0x176/0xca0 [ 476.073836][T11572] ? stack_trace_save+0x95/0xd0 [ 476.073864][T11572] ? stack_depot_save_flags+0x28/0x9c0 [ 476.073898][T11572] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 476.073930][T11572] ? __kasan_kmalloc+0xaa/0xb0 [ 476.073958][T11572] ? snd_pcm_oss_change_params_locked+0x6d9/0x3a60 [ 476.073983][T11572] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 476.074008][T11572] ? snd_pcm_oss_get_formats+0x7f/0x350 [ 476.074045][T11572] ? snd_interval_refine+0x2fa/0x580 [ 476.074081][T11572] snd_pcm_hw_refine+0x7e8/0xad0 [ 476.074114][T11572] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 476.074157][T11572] ? snd_interval_refine+0x2fa/0x580 [ 476.074192][T11572] snd_pcm_oss_change_params_locked+0x211e/0x3a60 [ 476.074234][T11572] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 476.074263][T11572] ? __pfx___mutex_lock+0x10/0x10 [ 476.074311][T11572] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 476.074342][T11572] snd_pcm_oss_get_formats+0x7f/0x350 [ 476.074369][T11572] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 476.074393][T11572] ? lock_acquire+0x2f/0xb0 [ 476.074423][T11572] ? __might_fault+0xe3/0x190 [ 476.074451][T11572] snd_pcm_oss_ioctl+0x2ee1/0x3780 [ 476.074475][T11572] ? trace_lock_acquire+0x14e/0x1f0 [ 476.074506][T11572] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 476.074547][T11572] ? __fget_files+0x206/0x3a0 [ 476.074583][T11572] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 476.074612][T11572] __x64_sys_ioctl+0x190/0x200 [ 476.074643][T11572] do_syscall_64+0xcd/0x250 [ 476.074674][T11572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 476.074706][T11572] RIP: 0033:0x7f5c8638d169 [ 476.074725][T11572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 476.074748][T11572] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 476.074771][T11572] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 476.074788][T11572] RDX: 0000400000000040 RSI: 00000000c0045005 RDI: 0000000000000006 [ 476.074802][T11572] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 476.074817][T11572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 476.074832][T11572] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 476.074865][T11572] [ 476.949711][T11583] block2mtd: error: cannot open device [ 478.459621][T11602] FAULT_INJECTION: forcing a failure. [ 478.459621][T11602] name failslab, interval 1, probability 0, space 0, times 0 [ 478.501207][T11602] CPU: 1 UID: 0 PID: 11602 Comm: syz.2.1474 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 478.501248][T11602] Tainted: [U]=USER [ 478.501255][T11602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 478.501270][T11602] Call Trace: [ 478.501277][T11602] [ 478.501286][T11602] dump_stack_lvl+0x16c/0x1f0 [ 478.501321][T11602] should_fail_ex+0x50a/0x650 [ 478.501355][T11602] ? fs_reclaim_acquire+0xae/0x150 [ 478.501387][T11602] ? block2mtd_setup2+0x2f5/0xe10 [ 478.501410][T11602] should_failslab+0xc2/0x120 [ 478.501433][T11602] __kmalloc_cache_noprof+0x68/0x410 [ 478.501474][T11602] block2mtd_setup2+0x2f5/0xe10 [ 478.501501][T11602] ? __pfx_block2mtd_setup2+0x10/0x10 [ 478.501524][T11602] ? __pfx___mutex_trylock_common+0x10/0x10 [ 478.501558][T11602] ? param_attr_store+0xe6/0x300 [ 478.501598][T11602] ? trace_contention_end+0xee/0x140 [ 478.501667][T11602] block2mtd_setup+0xbd/0x110 [ 478.501692][T11602] param_attr_store+0x18f/0x300 [ 478.501730][T11602] ? __pfx_param_attr_store+0x10/0x10 [ 478.501763][T11602] module_attr_store+0x55/0x80 [ 478.501794][T11602] ? __pfx_module_attr_store+0x10/0x10 [ 478.501824][T11602] sysfs_kf_write+0x117/0x170 [ 478.501852][T11602] kernfs_fop_write_iter+0x33d/0x500 [ 478.501876][T11602] ? __pfx_sysfs_kf_write+0x10/0x10 [ 478.501906][T11602] vfs_write+0x5ae/0x1150 [ 478.501938][T11602] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 478.501966][T11602] ? __pfx___mutex_lock+0x10/0x10 [ 478.501996][T11602] ? __pfx_vfs_write+0x10/0x10 [ 478.502057][T11602] ksys_write+0x12b/0x250 [ 478.502085][T11602] ? __pfx_ksys_write+0x10/0x10 [ 478.502124][T11602] do_syscall_64+0xcd/0x250 [ 478.502156][T11602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.502185][T11602] RIP: 0033:0x7f5c8638d169 [ 478.502204][T11602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 478.502224][T11602] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 478.502244][T11602] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 478.502260][T11602] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 478.502273][T11602] RBP: 00007f5c87151090 R08: 0000000000000000 R09: 0000000000000000 [ 478.502287][T11602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 478.502300][T11602] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 478.502332][T11602] [ 479.062320][T11604] FAULT_INJECTION: forcing a failure. [ 479.062320][T11604] name failslab, interval 1, probability 0, space 0, times 0 [ 479.075112][T11604] CPU: 1 UID: 0 PID: 11604 Comm: syz.2.1476 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 479.075148][T11604] Tainted: [U]=USER [ 479.075157][T11604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 479.075172][T11604] Call Trace: [ 479.075181][T11604] [ 479.075191][T11604] dump_stack_lvl+0x16c/0x1f0 [ 479.075227][T11604] should_fail_ex+0x50a/0x650 [ 479.075263][T11604] ? fs_reclaim_acquire+0xae/0x150 [ 479.075296][T11604] ? snd_seq_oss_readq_new+0x99/0x2c0 [ 479.075327][T11604] should_failslab+0xc2/0x120 [ 479.075351][T11604] __kmalloc_noprof+0xcb/0x510 [ 479.075395][T11604] snd_seq_oss_readq_new+0x99/0x2c0 [ 479.075430][T11604] snd_seq_oss_open+0x54b/0xa20 [ 479.075462][T11604] odev_open+0x6f/0x90 [ 479.075482][T11604] ? __pfx_odev_open+0x10/0x10 [ 479.075503][T11604] soundcore_open+0x409/0x580 [ 479.075543][T11604] ? __pfx_soundcore_open+0x10/0x10 [ 479.075579][T11604] chrdev_open+0x237/0x6a0 [ 479.075613][T11604] ? __pfx_apparmor_file_open+0x10/0x10 [ 479.075644][T11604] ? __pfx_chrdev_open+0x10/0x10 [ 479.075682][T11604] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 479.075718][T11604] do_dentry_open+0x735/0x1c40 [ 479.075752][T11604] ? __pfx_chrdev_open+0x10/0x10 [ 479.075784][T11604] ? inode_permission+0xdd/0x5f0 [ 479.075813][T11604] vfs_open+0x82/0x3f0 [ 479.075834][T11604] ? may_open+0x1f2/0x400 [ 479.075861][T11604] path_openat+0x1e88/0x2d80 [ 479.075908][T11604] ? __pfx_path_openat+0x10/0x10 [ 479.075942][T11604] ? __pfx___lock_acquire+0x10/0x10 [ 479.075975][T11604] ? lock_acquire.part.0+0x11b/0x380 [ 479.076015][T11604] ? find_held_lock+0x2d/0x110 [ 479.076048][T11604] do_filp_open+0x20c/0x470 [ 479.076084][T11604] ? __pfx_do_filp_open+0x10/0x10 [ 479.076118][T11604] ? find_held_lock+0x2d/0x110 [ 479.076171][T11604] ? alloc_fd+0x41f/0x760 [ 479.076215][T11604] do_sys_openat2+0x17a/0x1e0 [ 479.076242][T11604] ? __pfx_do_sys_openat2+0x10/0x10 [ 479.076271][T11604] ? do_raw_spin_unlock+0x172/0x230 [ 479.076305][T11604] __x64_sys_openat+0x175/0x210 [ 479.076332][T11604] ? __pfx___x64_sys_openat+0x10/0x10 [ 479.076373][T11604] do_syscall_64+0xcd/0x250 [ 479.076406][T11604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.076439][T11604] RIP: 0033:0x7f5c8638d169 [ 479.076460][T11604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.076484][T11604] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 479.076508][T11604] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 479.076526][T11604] RDX: 0000000000000080 RSI: 0000400000000500 RDI: ffffffffffffff9c [ 479.076543][T11604] RBP: 00007f5c8640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 479.076560][T11604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 479.076576][T11604] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 479.076610][T11604] [ 479.659787][T11608] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 479.726890][T11608] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 480.182548][T11293] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 480.182590][T11293] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 480.198992][T11293] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 480.199088][T11293] Bluetooth: hci1: Malformed LE Event: 0x0d [ 480.846524][T11606] syz.1.1475 (11606) used greatest stack depth: 20304 bytes left [ 481.032743][T11632] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 481.108180][T11626] Process accounting resumed [ 482.367551][T11657] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 482.383338][T11659] FAULT_INJECTION: forcing a failure. [ 482.383338][T11659] name failslab, interval 1, probability 0, space 0, times 0 [ 482.404407][T11660] FAULT_INJECTION: forcing a failure. [ 482.404407][T11660] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 482.420918][T11657] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 482.434193][T11659] CPU: 0 UID: 0 PID: 11659 Comm: syz.1.1488 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 482.434229][T11659] Tainted: [U]=USER [ 482.434238][T11659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 482.434250][T11659] Call Trace: [ 482.434257][T11659] [ 482.434267][T11659] dump_stack_lvl+0x16c/0x1f0 [ 482.434301][T11659] should_fail_ex+0x50a/0x650 [ 482.434334][T11659] ? fs_reclaim_acquire+0xae/0x150 [ 482.434364][T11659] should_failslab+0xc2/0x120 [ 482.434387][T11659] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 482.434422][T11659] ? __alloc_skb+0x2b1/0x380 [ 482.434457][T11659] __alloc_skb+0x2b1/0x380 [ 482.434487][T11659] ? __pfx___alloc_skb+0x10/0x10 [ 482.434515][T11659] ? __pfx___lock_acquire+0x10/0x10 [ 482.434552][T11659] ? __pfx_mark_lock+0x10/0x10 [ 482.434579][T11659] ? mark_lock+0xb5/0xc60 [ 482.434614][T11659] tipc_buf_acquire+0x26/0xe0 [ 482.434652][T11659] tipc_msg_build+0x10c/0x1120 [ 482.434688][T11659] ? net_generic+0xea/0x2a0 [ 482.434716][T11659] ? __pfx_lock_release+0x10/0x10 [ 482.434745][T11659] ? __pfx_tipc_msg_build+0x10/0x10 [ 482.434794][T11659] tipc_send_group_bcast+0x7ce/0xa60 [ 482.434833][T11659] ? __pfx_tipc_send_group_bcast+0x10/0x10 [ 482.434859][T11659] ? __pfx_mark_lock+0x10/0x10 [ 482.434889][T11659] ? __pfx_mark_lock+0x10/0x10 [ 482.434918][T11659] ? __pfx_woken_wake_function+0x10/0x10 [ 482.434960][T11659] ? hlock_class+0x4e/0x130 [ 482.434985][T11659] ? __lock_acquire+0x15a9/0x3c40 [ 482.435020][T11659] __tipc_sendmsg+0x4a5/0x1990 [ 482.435061][T11659] ? __pfx___tipc_sendmsg+0x10/0x10 [ 482.435093][T11659] ? __pfx_mark_lock+0x10/0x10 [ 482.435122][T11659] ? lock_acquire.part.0+0x11b/0x380 [ 482.435157][T11659] ? find_held_lock+0x2d/0x110 [ 482.435194][T11659] ? mark_held_locks+0x9f/0xe0 [ 482.435230][T11659] ? __local_bh_enable_ip+0xa4/0x120 [ 482.435267][T11659] tipc_sendmsg+0x4f/0x70 [ 482.435298][T11659] sock_write_iter+0x4fe/0x5b0 [ 482.435324][T11659] ? __pfx_sock_write_iter+0x10/0x10 [ 482.435362][T11659] ? bpf_lsm_file_permission+0x9/0x10 [ 482.435395][T11659] ? security_file_permission+0x71/0x210 [ 482.435425][T11659] ? rw_verify_area+0xcf/0x680 [ 482.435457][T11659] vfs_write+0x5ae/0x1150 [ 482.435488][T11659] ? __pfx_sock_write_iter+0x10/0x10 [ 482.435516][T11659] ? __pfx_vfs_write+0x10/0x10 [ 482.435549][T11659] ? __fget_files+0x40/0x3a0 [ 482.435596][T11659] ksys_write+0x207/0x250 [ 482.435626][T11659] ? __pfx_ksys_write+0x10/0x10 [ 482.435672][T11659] do_syscall_64+0xcd/0x250 [ 482.435703][T11659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.435735][T11659] RIP: 0033:0x7f7af6b8d169 [ 482.435754][T11659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.435778][T11659] RSP: 002b:00007f7af79d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 482.435800][T11659] RAX: ffffffffffffffda RBX: 00007f7af6da6080 RCX: 00007f7af6b8d169 [ 482.435816][T11659] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 482.435830][T11659] RBP: 00007f7af79d5090 R08: 0000000000000000 R09: 0000000000000000 [ 482.435845][T11659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 482.435858][T11659] R13: 0000000000000000 R14: 00007f7af6da6080 R15: 00007ffec564e498 [ 482.435890][T11659] [ 482.454777][T11660] CPU: 1 UID: 0 PID: 11660 Comm: syz.2.1491 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 482.454813][T11660] Tainted: [U]=USER [ 482.454820][T11660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 482.454833][T11660] Call Trace: [ 482.454841][T11660] [ 482.454849][T11660] dump_stack_lvl+0x16c/0x1f0 [ 482.454889][T11660] should_fail_ex+0x50a/0x650 [ 482.454921][T11660] ? __pfx___might_resched+0x10/0x10 [ 482.454958][T11660] should_fail_alloc_page+0xe7/0x130 [ 482.454982][T11660] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 482.455017][T11660] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 482.455053][T11660] ? stack_depot_save_flags+0x38f/0x9c0 [ 482.455085][T11660] ? __pfx_lock_release+0x10/0x10 [ 482.455120][T11660] ? hlock_class+0x4e/0x130 [ 482.455143][T11660] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 482.455188][T11660] ? __pfx___lock_acquire+0x10/0x10 [ 482.455215][T11660] ? kasan_save_stack+0x42/0x60 [ 482.455244][T11660] ? kasan_save_stack+0x33/0x60 [ 482.455271][T11660] ? kasan_save_track+0x14/0x30 [ 482.455300][T11660] ? __kasan_slab_alloc+0x89/0x90 [ 482.455329][T11660] ? kmem_cache_alloc_node_noprof+0x223/0x3c0 [ 482.455360][T11660] ? alloc_vmap_area+0x636/0x2a60 [ 482.455384][T11660] ? __get_vm_area_node+0x19e/0x2f0 [ 482.455410][T11660] ? __vmalloc_node_range_noprof+0x26a/0x1530 [ 482.455439][T11660] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 482.455474][T11660] ? policy_nodemask+0xea/0x4e0 [ 482.455510][T11660] alloc_pages_mpol+0x1fc/0x540 [ 482.455533][T11660] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 482.455553][T11660] ? __page_table_check_ptes_set+0x16b/0x3e0 [ 482.455586][T11660] ? do_raw_spin_lock+0x12d/0x2c0 [ 482.455608][T11660] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 482.455634][T11660] alloc_pages_noprof+0x131/0x390 [ 482.455655][T11660] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 482.455685][T11660] get_free_pages_noprof+0xc/0x40 [ 482.455709][T11660] kasan_populate_vmalloc_pte+0x2d/0x160 [ 482.455738][T11660] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 482.455769][T11660] __apply_to_page_range+0x5fd/0xd30 [ 482.455805][T11660] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 482.455840][T11660] ? __pfx___apply_to_page_range+0x10/0x10 [ 482.455870][T11660] ? insert_vmap_area+0x2ef/0x4d0 [ 482.455904][T11660] alloc_vmap_area+0x93e/0x2a60 [ 482.455940][T11660] ? __pfx_alloc_vmap_area+0x10/0x10 [ 482.455974][T11660] __get_vm_area_node+0x19e/0x2f0 [ 482.456007][T11660] __vmalloc_node_range_noprof+0x26a/0x1530 [ 482.456037][T11660] ? __do_sys_listmount+0x1bf/0xeb0 [ 482.456069][T11660] ? find_held_lock+0x2d/0x110 [ 482.456095][T11660] ? __do_sys_listmount+0x1bf/0xeb0 [ 482.456129][T11660] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 482.456160][T11660] ? rcu_is_watching+0x12/0xc0 [ 482.456184][T11660] ? trace_kmalloc+0x2d/0xd0 [ 482.456207][T11660] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 482.456233][T11660] ? __do_sys_listmount+0x1bf/0xeb0 [ 482.456261][T11660] __kvmalloc_node_noprof+0x14f/0x1a0 [ 482.456292][T11660] ? __do_sys_listmount+0x1bf/0xeb0 [ 482.456320][T11660] __do_sys_listmount+0x1bf/0xeb0 [ 482.456351][T11660] ? __x64_sys_futex+0x1e1/0x4c0 [ 482.456377][T11660] ? __x64_sys_futex+0x1ea/0x4c0 [ 482.456403][T11660] ? __pfx___do_sys_listmount+0x10/0x10 [ 482.456431][T11660] ? xfd_validate_state+0x5d/0x180 [ 482.456473][T11660] do_syscall_64+0xcd/0x250 [ 482.456502][T11660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.456532][T11660] RIP: 0033:0x7f5c8638d169 [ 482.456550][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.456569][T11660] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 482.456590][T11660] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 482.456605][T11660] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000400000000100 [ 482.456620][T11660] RBP: 00007f5c8640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 482.456634][T11660] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 482.456647][T11660] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 482.456676][T11660] [ 482.456779][T11660] syz.2.1491: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 483.302192][T11660] CPU: 1 UID: 0 PID: 11660 Comm: syz.2.1491 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 483.302228][T11660] Tainted: [U]=USER [ 483.302236][T11660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 483.302250][T11660] Call Trace: [ 483.302258][T11660] [ 483.302268][T11660] dump_stack_lvl+0x16c/0x1f0 [ 483.302302][T11660] warn_alloc+0x24d/0x3a0 [ 483.302337][T11660] ? __pfx_warn_alloc+0x10/0x10 [ 483.302373][T11660] ? kfree+0x2c4/0x4d0 [ 483.302409][T11660] ? __get_vm_area_node+0x1dc/0x2f0 [ 483.302445][T11660] __vmalloc_node_range_noprof+0xd24/0x1530 [ 483.302481][T11660] ? find_held_lock+0x2d/0x110 [ 483.302511][T11660] ? __do_sys_listmount+0x1bf/0xeb0 [ 483.302547][T11660] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 483.302588][T11660] ? rcu_is_watching+0x12/0xc0 [ 483.302613][T11660] ? trace_kmalloc+0x2d/0xd0 [ 483.302637][T11660] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 483.302665][T11660] ? __do_sys_listmount+0x1bf/0xeb0 [ 483.302696][T11660] __kvmalloc_node_noprof+0x14f/0x1a0 [ 483.302727][T11660] ? __do_sys_listmount+0x1bf/0xeb0 [ 483.302758][T11660] __do_sys_listmount+0x1bf/0xeb0 [ 483.302793][T11660] ? __x64_sys_futex+0x1e1/0x4c0 [ 483.302819][T11660] ? __x64_sys_futex+0x1ea/0x4c0 [ 483.302847][T11660] ? __pfx___do_sys_listmount+0x10/0x10 [ 483.302875][T11660] ? xfd_validate_state+0x5d/0x180 [ 483.302919][T11660] do_syscall_64+0xcd/0x250 [ 483.302950][T11660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.302981][T11660] RIP: 0033:0x7f5c8638d169 [ 483.303000][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 483.303021][T11660] RSP: 002b:00007f5c87151038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 483.303044][T11660] RAX: ffffffffffffffda RBX: 00007f5c865a5fa0 RCX: 00007f5c8638d169 [ 483.303060][T11660] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000400000000100 [ 483.303074][T11660] RBP: 00007f5c8640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 483.303088][T11660] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 483.303103][T11660] R13: 0000000000000000 R14: 00007f5c865a5fa0 R15: 00007ffd31dc9568 [ 483.303134][T11660] [ 483.303144][T11660] Mem-Info: [ 483.824498][T11660] active_anon:61587 inactive_anon:0 isolated_anon:0 [ 483.824498][T11660] active_file:5890 inactive_file:54334 isolated_file:0 [ 483.824498][T11660] unevictable:768 dirty:490 writeback:0 [ 483.824498][T11660] slab_reclaimable:10798 slab_unreclaimable:96178 [ 483.824498][T11660] mapped:42080 shmem:51026 pagetables:2017 [ 483.824498][T11660] sec_pagetables:0 bounce:0 [ 483.824498][T11660] kernel_misc_reclaimable:0 [ 483.824498][T11660] free:1258611 free_pcp:2597 free_cma:0 [ 483.917522][T11660] Node 0 active_anon:245548kB inactive_anon:0kB active_file:23560kB inactive_file:217260kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:175720kB dirty:1960kB writeback:0kB shmem:202068kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11464kB pagetables:8168kB sec_pagetables:0kB all_unreclaimable? no [ 483.981410][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 483.990987][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 484.001004][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 484.009641][T11660] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 484.057144][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 484.084742][T11660] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 484.116171][ T5841] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 484.126649][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 484.153223][T11660] lowmem_reserve[]: 0 2487 2487 0 0 [ 484.179636][T11660] Node 0 DMA32 free:1128480kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:245964kB inactive_anon:0kB active_file:23560kB inactive_file:217164kB unevictable:1536kB writepending:1968kB present:3129332kB managed:2547540kB mlocked:0kB bounce:0kB free_pcp:1144kB local_pcp:136kB free_cma:0kB [ 484.210550][T11660] lowmem_reserve[]: 0 0 0 0 0 [ 484.216081][T11660] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:100kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 484.272867][T11660] lowmem_reserve[]: 0 0 0 0 0 [ 484.277652][T11660] Node 1 Normal free:3901544kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 484.311672][T11676] Console: switching to colour VGA+ 80x25 [ 484.401297][T11660] lowmem_reserve[]: 0 0 0 0 0 [ 484.401354][T11660] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 484.401520][T11660] Node 0 DMA32: 445*4kB (UME) 40*8kB (UME) 55*16kB (UME) 33*32kB (UME) 16*64kB (ME) 9*128kB (ME) 61*256kB (ME) 38*512kB (ME) 23*1024kB (UM) 20*2048kB (UME) 249*4096kB (M) = 1125700kB [ 484.401727][T11660] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 484.401858][T11660] Node 1 Normal: 204*4kB (UE) 59*8kB (UME) 42*16kB (UME) 194*32kB (UME) 92*64kB (UME) 31*128kB (UME) 16*256kB (UME) 11*512kB (UME) 3*1024kB (UM) 4*2048kB (UE) 943*4096kB (M) = 3901544kB [ 484.402440][T11660] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 484.402469][T11660] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 484.402490][T11660] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 484.402508][T11660] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 484.402528][T11660] 111426 total pagecache pages [ 484.402539][T11660] 0 pages in swap cache [ 484.402548][T11660] Free swap = 124716kB [ 484.402557][T11660] Total swap = 124996kB [ 484.402568][T11660] 2097051 pages RAM [ 484.402576][T11660] 0 pages HighMem/MovableOnly [ 484.402585][T11660] 428508 pages reserved [ 484.402594][T11660] 0 pages cma reserved [ 484.414292][T11676] ================================================================== [ 484.414310][T11676] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa15/0xc80 [ 484.414345][T11676] Read of size 14 at addr ffff8880345f663e by task syz.0.1494/11676 [ 484.414365][T11676] [ 484.414377][T11676] CPU: 1 UID: 0 PID: 11676 Comm: syz.0.1494 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 484.414408][T11676] Tainted: [U]=USER [ 484.414417][T11676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 484.414431][T11676] Call Trace: [ 484.414439][T11676] [ 484.414458][T11676] dump_stack_lvl+0x116/0x1f0 [ 484.414487][T11676] print_report+0xc3/0x670 [ 484.414520][T11676] ? __virt_addr_valid+0x5e/0x590 [ 484.414548][T11676] ? __phys_addr+0xc6/0x150 [ 484.414572][T11676] kasan_report+0xd9/0x110 [ 484.414592][T11676] ? fbcon_prepare_logo+0xa15/0xc80 [ 484.414621][T11676] ? fbcon_prepare_logo+0xa15/0xc80 [ 484.414652][T11676] kasan_check_range+0xef/0x1a0 [ 484.414678][T11676] __asan_memcpy+0x23/0x60 [ 484.414706][T11676] fbcon_prepare_logo+0xa15/0xc80 [ 484.414740][T11676] fbcon_init+0xd41/0x1890 [ 484.414767][T11676] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 484.414794][T11676] visual_init+0x31d/0x620 [ 484.414818][T11676] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 484.414849][T11676] store_bind+0x61d/0x760 [ 484.414878][T11676] ? __pfx_store_bind+0x10/0x10 [ 484.414903][T11676] dev_attr_store+0x55/0x80 [ 484.414930][T11676] ? __pfx_dev_attr_store+0x10/0x10 [ 484.414958][T11676] sysfs_kf_write+0x117/0x170 [ 484.414984][T11676] kernfs_fop_write_iter+0x33d/0x500 [ 484.415007][T11676] ? __pfx_sysfs_kf_write+0x10/0x10 [ 484.415034][T11676] vfs_write+0x5ae/0x1150 [ 484.415064][T11676] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 484.415090][T11676] ? __pfx___mutex_lock+0x10/0x10 [ 484.415118][T11676] ? __pfx_vfs_write+0x10/0x10 [ 484.415155][T11676] ksys_write+0x12b/0x250 [ 484.415184][T11676] ? __pfx_ksys_write+0x10/0x10 [ 484.415216][T11676] do_syscall_64+0xcd/0x250 [ 484.415245][T11676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.415276][T11676] RIP: 0033:0x7ffbe058d169 [ 484.415294][T11676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.415317][T11676] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 484.415339][T11676] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 484.415356][T11676] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003 [ 484.415370][T11676] RBP: 00007ffbe060e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 484.415385][T11676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.415398][T11676] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 484.415420][T11676] [ 484.415429][T11676] [ 484.415435][T11676] Allocated by task 6433: [ 484.415452][T11676] kasan_save_stack+0x33/0x60 [ 484.415482][T11676] kasan_save_track+0x14/0x30 [ 484.415510][T11676] __kasan_kmalloc+0xaa/0xb0 [ 484.415538][T11676] __kmalloc_noprof+0x21c/0x510 [ 484.415568][T11676] ima_alloc_init_template+0xb8/0x720 [ 484.415601][T11676] ima_store_measurement+0x1ea/0x5c0 [ 484.415632][T11676] process_measurement+0x1bcb/0x2370 [ 484.415660][T11676] ima_bprm_check+0xe8/0x210 [ 484.415688][T11676] security_bprm_check+0xa5/0x1e0 [ 484.415709][T11676] bprm_execve+0x832/0x16d0 [ 484.415735][T11676] do_execveat_common.isra.0+0x4a2/0x610 [ 484.415763][T11676] __x64_sys_execve+0x8c/0xb0 [ 484.415791][T11676] do_syscall_64+0xcd/0x250 [ 484.415816][T11676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.415845][T11676] [ 484.415851][T11676] The buggy address belongs to the object at ffff8880345f6600 [ 484.415851][T11676] which belongs to the cache kmalloc-64 of size 64 [ 484.415870][T11676] The buggy address is located 62 bytes inside of [ 484.415870][T11676] allocated 64-byte region [ffff8880345f6600, ffff8880345f6640) [ 484.415894][T11676] [ 484.415900][T11676] The buggy address belongs to the physical page: [ 484.415916][T11676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x345f6 [ 484.415937][T11676] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 484.415961][T11676] page_type: f5(slab) [ 484.415986][T11676] raw: 00fff00000000000 ffff88801b0418c0 ffffea0000c94840 dead000000000004 [ 484.416008][T11676] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 484.416021][T11676] page dumped because: kasan: bad access detected [ 484.416036][T11676] page_owner tracks the page as allocated [ 484.416044][T11676] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 20094292644, free_ts 20085651238 [ 484.416081][T11676] post_alloc_hook+0x181/0x1b0 [ 484.416111][T11676] get_page_from_freelist+0xfce/0x2f80 [ 484.416141][T11676] __alloc_frozen_pages_noprof+0x221/0x2470 [ 484.416173][T11676] alloc_pages_mpol+0x1fc/0x540 [ 484.416193][T11676] new_slab+0x23d/0x330 [ 484.416218][T11676] ___slab_alloc+0xc5d/0x1720 [ 484.416244][T11676] __slab_alloc.constprop.0+0x56/0xb0 [ 484.416271][T11676] __kmalloc_node_noprof+0x2f0/0x510 [ 484.416301][T11676] __vmalloc_node_range_noprof+0x3d8/0x1530 [ 484.416329][T11676] vzalloc_noprof+0x6b/0x90 [ 484.416356][T11676] bpf_check+0x1c2/0xb330 [ 484.416379][T11676] bpf_prog_load+0xe3c/0x2480 [ 484.416408][T11676] __sys_bpf+0x4043/0x49c0 [ 484.416437][T11676] kern_sys_bpf+0x13e/0x660 [ 484.416472][T11676] bpf_load_and_run.constprop.0+0x28c/0x5e0 [ 484.416499][T11676] load+0x147/0x5d0 [ 484.416523][T11676] page last free pid 25 tgid 25 stack trace: [ 484.416535][T11676] free_frozen_pages+0x6db/0xfb0 [ 484.416564][T11676] vfree+0x174/0x950 [ 484.416588][T11676] delayed_vfree_work+0x56/0x70 [ 484.416614][T11676] process_one_work+0x9c5/0x1ba0 [ 484.416642][T11676] worker_thread+0x6c8/0xf00 [ 484.416668][T11676] kthread+0x3af/0x750 [ 484.416691][T11676] ret_from_fork+0x45/0x80 [ 484.416718][T11676] ret_from_fork_asm+0x1a/0x30 [ 484.416741][T11676] [ 484.416747][T11676] Memory state around the buggy address: [ 484.416759][T11676] ffff8880345f6500: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 484.416776][T11676] ffff8880345f6580: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 484.416793][T11676] >ffff8880345f6600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 484.416806][T11676] ^ [ 484.416820][T11676] ffff8880345f6680: 00 00 00 00 00 00 05 fc fc fc fc fc fc fc fc fc [ 484.416836][T11676] ffff8880345f6700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 484.416849][T11676] ================================================================== [ 484.416863][T11676] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 484.416878][T11676] CPU: 1 UID: 0 PID: 11676 Comm: syz.0.1494 Tainted: G U 6.14.0-rc4-syzkaller #0 [ 484.416908][T11676] Tainted: [U]=USER [ 484.416918][T11676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 484.416931][T11676] Call Trace: [ 484.416939][T11676] [ 484.416948][T11676] dump_stack_lvl+0x3d/0x1f0 [ 484.416976][T11676] panic+0x71d/0x800 [ 484.417001][T11676] ? __pfx_panic+0x10/0x10 [ 484.417026][T11676] ? rcu_is_watching+0x12/0xc0 [ 484.417052][T11676] ? __pfx_lock_release+0x10/0x10 [ 484.417084][T11676] ? check_panic_on_warn+0x1f/0xb0 [ 484.417111][T11676] check_panic_on_warn+0xab/0xb0 [ 484.417137][T11676] end_report+0x117/0x180 [ 484.417170][T11676] kasan_report+0xe9/0x110 [ 484.417191][T11676] ? fbcon_prepare_logo+0xa15/0xc80 [ 484.417220][T11676] ? fbcon_prepare_logo+0xa15/0xc80 [ 484.417250][T11676] kasan_check_range+0xef/0x1a0 [ 484.417276][T11676] __asan_memcpy+0x23/0x60 [ 484.417305][T11676] fbcon_prepare_logo+0xa15/0xc80 [ 484.417340][T11676] fbcon_init+0xd41/0x1890 [ 484.417367][T11676] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 484.417394][T11676] visual_init+0x31d/0x620 [ 484.417418][T11676] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 484.417456][T11676] store_bind+0x61d/0x760 [ 484.417485][T11676] ? __pfx_store_bind+0x10/0x10 [ 484.417510][T11676] dev_attr_store+0x55/0x80 [ 484.417538][T11676] ? __pfx_dev_attr_store+0x10/0x10 [ 484.417566][T11676] sysfs_kf_write+0x117/0x170 [ 484.417592][T11676] kernfs_fop_write_iter+0x33d/0x500 [ 484.417616][T11676] ? __pfx_sysfs_kf_write+0x10/0x10 [ 484.417642][T11676] vfs_write+0x5ae/0x1150 [ 484.417671][T11676] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 484.417696][T11676] ? __pfx___mutex_lock+0x10/0x10 [ 484.417724][T11676] ? __pfx_vfs_write+0x10/0x10 [ 484.417762][T11676] ksys_write+0x12b/0x250 [ 484.417791][T11676] ? __pfx_ksys_write+0x10/0x10 [ 484.417824][T11676] do_syscall_64+0xcd/0x250 [ 484.417853][T11676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.417883][T11676] RIP: 0033:0x7ffbe058d169 [ 484.417900][T11676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.417923][T11676] RSP: 002b:00007ffbe1384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 484.417946][T11676] RAX: ffffffffffffffda RBX: 00007ffbe07a5fa0 RCX: 00007ffbe058d169 [ 484.417962][T11676] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003 [ 484.417977][T11676] RBP: 00007ffbe060e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 484.417992][T11676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.418007][T11676] R13: 0000000000000000 R14: 00007ffbe07a5fa0 R15: 00007ffd1c6e7768 [ 484.418030][T11676] [ 484.418264][T11676] Kernel Offset: disabled