last executing test programs: 4m7.934902666s ago: executing program 0 (id=1148): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1e, 0x805, 0x0) fsconfig$auto(r0, 0x3, &(0x7f0000000000)='4\x93f\x06\x04\x00\x00', &(0x7f0000000040), 0x7f) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2b, 0x1, 0x1) r2 = socket(0x10, 0x2, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/byte_queue_limits/hold_time\x00', 0x62400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000003f40)=""/156, 0x9c) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x59e, 0x0, 0x2, 0x9}, 0x207}, 0x40, 0x2102) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYRES8], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x5}, 0x5, 0x0, 0x2, 0x200}, 0x7ff}, 0x10a, 0x8, 0x0) setsockopt$auto(r1, 0x29, 0x20, 0x0, 0x23) sendmmsg$auto(r0, &(0x7f0000000280)={{&(0x7f0000000400)="d7ad4d56d3594f07d3739ab97a5df0c00ed0a6119d5dd3b6a32d65ba2029eff58fd128d27c970421ea39a51837d677bd9dc37b270062c910d38181a07d146daee3121ae0bbdb47c6731d27a4fe02d25cf11372edf58d6a113e61a692b1f3043302af859cb875278efae900"/116, 0x3, &(0x7f0000000180)={&(0x7f0000000100)="d84c1bfb743d968961d6b4671a51559686a95b0c12760393a98192fef330a1a8fee77dd0577613c29989938a20d33f89d137c9f10ffa50178d52f12e68113e9c4abdaa6d941bfc6126c4931906d3fb0d4a389ffabf54548bf8d04f89aa760aa77449cf9ef9ad9279139e8f", 0x3}, 0x6, &(0x7f00000001c0)="6fa099ab5e2cd9", 0x8000000003b00, 0xa}, 0x6}, 0x6, 0x5) socket(0x10, 0x2, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_setup$auto(0xfffff713, &(0x7f00000003c0)=0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto(0xc8, 0x800454dd, 0x5) 4m7.7573799s ago: executing program 0 (id=1149): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x28, r1, 0x82652360e804c8d3, 0x9, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0x4}, @OVS_METER_ATTR_ID={0x8, 0x1, 0xfffffff8}, @OVS_METER_ATTR_CLEAR={0x4}]}, 0x28}}, 0x8080) 4m7.561997202s ago: executing program 0 (id=1151): r0 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f0000001240)=0x2) bpf$auto(0x10, &(0x7f0000000180)=@info={0xffffffffffffffff, 0x5, 0x3}, 0x6) write$auto_console_fops_tty_io(r0, &(0x7f0000000040)="960f7fec1792bdf03b3fbf4d9f2b699d03fef154187f16e97f2966aabbeba41abcd91e4da9baf54736602b96f189593ea2ff41d03813bb4d906c8d0f7733c85382dba2c882bc0ac0c90c20c302d40721621490a7843950bd829a38c49d51af202218b67bf1e4fe48eafdb1ecb975c8ebd10c71a8f3eb7321b053a121dda93d59fc44df99ec0dd5df74be7cea8c6c7339387d202f0a1b49127be1dc09010e4039ceb53ba1b5ed44d39bb79c7a93140559a5123f40dbe95fd7dcc6f3a2f4f418d75155b84011f01be72fda59ef0418c3f2a38a341181b6e0959183ed114b59acdc992c9de38d00690ec5", 0xe9) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xfffffffffffffffe, 0x8, 0x7}, 0x40000000000009, 0xffffffff) landlock_restrict_self$auto(r2, 0x0) landlock_restrict_self$auto(r1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r4, 0x0, 0x4000) write$auto_force_suspend_fops_hci_vhci(r4, 0x0, 0x0) r5 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f00000011c0), 0x400000, 0x0) fsetxattr$auto(r5, &(0x7f0000000180)='.\x00', &(0x7f00000001c0)="3a56ec45d4ce16a3e6d42a8c8fe853c9d8e28e97f67d7ddb8930000301de0f3150baeac73339334b1a92518828810a7faa5a1fd1b336bcd18d58e87bd4a3077447b23d3c4d400153febd555084b3423b84ece75ce60afa47cd2c421426d80f80354e50ded1b593ad138d55674319ee7e7c700b15a05033a47a6b412745f05d2e26c47e086c1edc1286ce9c09f095f8ae7a728a76ba19de45e8dccb8e1af5a6b9617e302c904ee50fb9a7afca49c5032f1c12d9131f19b7e9a90edccd3bd3cc6d8f4a715b142e1bcfb7a21e00af7d6bf36f9dfa7282acaddaa8a23169552a67b1780e05b1fdad6f67e4a872c5799ec0dc17728b10f1046b20c1bb63d3f647944db7af21a9fc71a9dd2ae7432f250b35a4117bbbb03409bdb39631766fbe4b3449bfac739a0ffa8dec6973c70f83edf6a1ef41f52a8680d95eb4b796507a7d998a9693da49385df2a875a714c29a224dc26a8fe89e67e3318aac3c5f559255ec56f6d27c53eaf6812e0f21af1eb6ef5acc8af6175cff94b867b434f069f7eb9d27ce3af3a64e65ed85539b8e59ddc1e2422d6fae7cb959d752db71a0a97b9989e3219b22dd17dbf7878341d9106eb4e1b48e40f3eea87bda5182f2df2deb79d01f792f8dbbef281bc52ae2dd9209dc88bab162e529f88ec22fd51147303ff0595553477ac06525a0a1f380f38722963b57cd5f3de00bedb1872ad64cfcf98b1f76bcac040efe024fc4cd9e548f70d9d494b7c6747c4aad0b3239041d6b0b12d880b27b4924a3d1f21e289d0a74336e7272f355f4c6492c399d8034ef954f8e8c31068a96ae916bd5e7f5f8c9804168a4106758204ff13b542cdbd4f7ceff86b0871957d5bc6c7e86185fd6c9ef3ee51fc439846a72d168d20b5e1025b0fcc621ab8675be4a9632e0d2fa06bd19eb026b4782ee0ba6dd0a367add3c1762fde43529f46babfbbcbbadd50f30c1255cbdd50dcf09f809e71222c4b4c55500e87e351703de1ec4a33c29eddfd8592346d9f74c8f84442e0b22cd96316b0a2382670bae7e2f6b5247d4a148fe711a38c6379fd3c7ddbd34da446b887ebe0f0e7cc94f9dd6fd8bce2ef0fc6b2ed9a095c2fcbb3b8995bf2427b5ecf9d3aa6b8f633d4764de292188aa657cc3d45805cde87606481daceeccd150ab9bc059075f9f9a1fea80f906f273b9931d46f2f96933106aa3a3919b88b3fc8c96a258ccbfc7d5b55cbf89011dc19b187e131f031dd9342ac103d4080ac529311d49d546873a732ede70ad1f796d5f553b7e2620a89ef26810ec7c9f45cb6f91958a91563796858c01db5c374304cfb3ac22f2feb1854aa79fb9dc0913deee4559126f86537a4814cce04b5de300694131e564e30cef434ac00d1a3b1d585ca4dd21cf41510fe401c686822a9293f8a72131bfc5e7e564a9381d2cab24ab1f267cb99f1a95d2501ac16fe9bbd50fd1cceeca57ce7dc25e7ddeddc9eb344908427f5d0e078b0e921b346b1750af4d427b16dcb13c756cebf7f9c6c45219176c9552d41c8944be41cb5a8f976d54f172f29e1cb4e12af5dbf2ec4abdd912df2540bdf392eff3f552862750a79f9a8a02c05a34f7e83c999b6a6d2234054ccacccd5283318a0e2fb2b5dd3d4df9abdbb84859ba544a79f5ace52234657369a6a6fdd56f6ebb6f372a236e9b832a30b0a056868d5411979f3b96f45afbac287f58fb8f8019c0fd3835d2c0f78f9975926506a430db5fc538990d4e504abe2f4bd2749f410b14dfd310efd135cb65d150392f9ee4dee82d537a2b84b49229089dc973855d4922c2cc1a8e9da3c92868df58f536ad7bc47753a75deaca67f3a2e7329681b32057b7fbf87581bcfc8e8f7072f62157b7314d6506deabb9af455cd21ad8ac82e6d4bedc779a762831169aeeb9b594c3ef544f7c5e1592384dcc47985cfb705d2bc35ef34578c8ead68b0802dc906f979428b1f0b08e10bc10ccc75077fc9404a0864b7ae1ff499644bdafb14790a2aa88ff738536fad3892b19cbfc875409b3c2b4e9141497651c3b57e72239c444c869d8ee80a2cec700360bdd2c3d36f9df5a14d96d5597567d5c196dc497d60fae8436993263f7d695ff995f9fc482507a7662993867787efb70c32c8fa00df3c662b4b3d23b21dc4dd5103140e1ceb9303b167fb2e07c07e1ecd62dd7517696775cfba70d73ba487aaddd075625b207a634ce3fc068733e36284bf30b29647ce5972d47fa46b8839bf81ae7eb145017f19909413266cd652ee442d8547a3c0a6c47ceb92385afb8a2d456c1ba15366e34de8527a0971f847cf322dc18654bc6c82ba986bc71235692d60bd411455bee7e9f1f36430ce5f9270dbf190acb8dd8454015f23771dac60de95ed41c479a65be33cdbdb550918a6bf67f0b3eee2570bd95ecaac50701e223f54d370c63f7b8d6b75dcd4006c91e6fa0d196e0ed976bf0c796ae75d8c2ba8a82a8e43a91e959403892664ce74034238eaa7417e81d3da4c5f057461e8aace46fd969d28c767d6181d2ebddf6aabc5f7806c1d197685c0e42d3b5ba49d4d6028d145585d2e0f7af375a33dce033b1d714236f6c5ccae2e205f907d8ceb6c488f55797c580c8a687fa770058e918ee4e01c96a201ab335f6d9c75dbb5eea82f758ece0a2c8ff99538e0a9ad4b1235381cb3c361aaf4be3e9f856d9cffe81eaec70960a0eafe6fee720e3a47e32f3e05221657c470766b3a6b0ed843d22b79ea96d6a9133e2780fbf19fff16ad1e703f824834c8ed1dc5d551383491bcae3c9d7373e1868395f839c81f3e0ef3dd0ebb8aefe50139dd28f4cfe694d7dce17862e3b68210ddd819b0b7613108f752159fe48325a2bca3393e240ac179d46bbca603d5aa6fb6cf1d1ff58af056cde83a6e73c56fba397d03ee7396f528eacbdabf36a5633fe089047b6221b410b529f52321bfad8ec5ce18f7be6d18c96d4b6c8b07073c333eeac4559459f326f504cb2354c21e638d3738f083bad493c79c565c35f320a4befd4e3700c59793e3765cc6ece85c331185e76f64f35170e8ff99e005fd2925cccb7f218b8371642433cb8123763a133732bcc961467ddeb36b58ed86c085190971f574caff11feb0b87e682eb46be0b6fede4578dd32277198a8ad84fe53d61c440103cda3a23e03b4e60bdfa13577db30028af4507b052139462c1c48310956f8b502f6c35ac5962c83e94ed5472ed9ab5c6dc21694a82693c2f425c1c4fa1c52ff2c7affe61682ed126c1e049989521dcaf66eb02740c6ec0a79c3573635e9b4fa7f64406b05858ca2d4bc40037219574800e4dd19119ce0c29d4daff346ad6b622c80d4d1d74d609da575ae58bab512c500a4a9de550f9fd31210eb5f473ae50d410da278b3fe63525deca2004a2b34be32643c213c2130e675983230b96110f0eae508212f84241d0b224ce3eef26af99f711c010e4f807c4ad6acf2921fc19b2c70d15bfc703240490a2d7296c44cc1531130dad7dd68d7f3e6ecce8870a0940736128a8d49b6d0c56148500edada82a0992b4092162253ad05304220664b2e74892ea85e245f3e7832740cb17fc2231001cf073cf110171acff7f885466aa75e0db13d31c6a6d3453c6a9ab207e2385054af81a2b4bf7a95dfff9b1d2f4a4793059cbf2b2dc5979559a868700312b9ca65f92847f70dff968b3e60e14a23180f7225e60063b270b7106342bff9e6a98627425ea642fa16918b201e0f79c232ba9b94f09c3d49fe56d770a598b44ed380e7f2cb538fd91298f34fd1e0d33fa02064184cd6662654083535c106777a08bf480dd19e6af0bf14126e7022d9b6c09df96442f6131ab3d10ce5107fd958b22ed745751398c69e863c3ad221841283d228a8d4be5e2a2fc4dc332fd01e5810090a9793637cd396e6b28a7e2cca49fc0e341a8f64c5d1a387234f53795313048fbb06fd6bc98d4cc538c79d16237546fe1f23bdc7e57f7835df2be8af8414b0102b4fe8aeda6f5458339040a6f618f605f3f6dd95579acb5a371567665d21c54be37091e05463f1b3dd9ab1bf68c825a08dc0cece747af74e7bd26d3a9ca690da1616ce0ca426b69688e55d6f12e90314761d58d183655624a614a9602d44c8917ac2d5c78847b3c1be1da68f5dbebe47c152f850d022added906b1fb481b4094fd7d39e9b728b391a8388c6e61e9a6998419e51f0ef89624c26b1925359eb76537c7c94295e62cc4bc6c2c4b64e6a9bfc140096376eb248b284c84fd663244e80e59e505ef34afb7f70cfc80f11f3305012bb7178789eec923a6796097c3e96d2a3518def5422c7a2415d1734afe4f756116f36d9e09d646f2bb5e6152f4d8583ef9fb8b20cd636f229db45950282be622b5cd2255ab34b5a0939f1b7188b98f214498f3b7ab47c08a8935ddb17b965e6a9bdec63f92dc2437da4c21819bd8376f94fdbfde8b95b7366457a39533f4ae9b435894b3777bf2f113a765415b3957c407b01d910dfb36143131c8aa74d7ce3e39ee038d2fdd1d7a168db9a217791430f9aaef5edfc9290d39f7fc2e502ac2cad38d9d9c27efd404faf876451b6fdddbe2b03819159a2144e07a92f76859530a3863f68c944d04355204e08a386781b29ca3894c898427cb0a2d683d1652b9005b204b2c433ce4fdc813740b09ce7b02d2ca220846adf12793c943275851d2c16d3b2bf9a923296f3485bacbfd1d16cad62a9c343c801281c4dcd273d6d6f10103b849b550824fa2427dd2a16021267db6194a05fc91e7401eb069557d86ed99b0a96ec55b326b1fedf298e0c60b515557f798537c5814ebd4e07fa6c889f75b2d5ce32f56c174e31f03dbc855541fee73f2330417cfaf8331ba9d7e37513d5ea19d07b85c58325b8ba79eea7fb0cb4ed01a42678ed3baa82bd5f671c7b806e50fb82f6a461e34fb7a7484a2bf3a30d988e021c452ce68c9625a1b6f583fe5eb34c4339d7f3a4035fe4097d7b009c415efffec4e4055fb11ebe152af388038e4bafd83bbea585d2e8cf575837dbb50263a44e773efd4e51d8a36855da1935294f7f1c92aae7b705c40c90ee1eebd999a8abfc112166ddf859b8fea9165acee66d449918758b7b85f06c24314c8ced54af619977e5508894c9ed36ee1d475225234dda0d3e4b5b58db98f582d4edab122a29faeb0f1d55670e1513d97203b7c6858c595a229c34ac04a3643747f20b8f146a88db092b5f412976863f3f43b86c5bba657ee38cd6043225d3c1637c68271f79554b2f02ce2bb9159691a80de1b572da649d543a31b94e45d678259ff279bd2bf96aaf00d4499532e19b8975dc584322d93a93045cf7c60c7ab66a8a003fd9b42554198b55e8177c6fb1caf8e47fe03e38d0c2b5dc011afa5836a285cc1228faa4c5375036597168913c5ae307623a3c7d11f53c3d9e015f08b90bd8f6f3545200aeeb4cfc050d6d3c0774b31c7c20e814c555f2aa3319a7c0a22f8f76f7b1a6d862b0b8082c28c6eff596771cf307b4135eabb3a06416002de68b05f78052c56d5e781e5dd59570cb6a08f11ac2e5dde8947d41b449b06ac1d3aa447064282e509c2323c451fad1caa2a4b7031cca9905dde32d26846806a09c4252ab94cef05ac4470201d8f038bb2a9ad1550432b666abfe55b3cc0be2a4a2f15d223735eb5f9c63d589ee08563f4200c415a44f8c5eeed7c74e063ad3ef66f1cb74c49866531ab68efc8f1270e45d2c7e5fea58aa30ab199db00da2906b17add6acd1818464b0befd605ebe796175b222f31c0daaf049271aa0", 0x101, 0x2) ioctl$auto_NVRAM_INIT(r0, 0x7040, 0x0) ioctl$auto_BCH_IOCTL_DISK_REMOVE(0xffffffffffffffff, 0x4010bc05, &(0x7f0000001440)={0x8, 0x0, 0x7ff}) fcntl$auto_F_OFD_SETLK(r3, 0x25, 0x80) prctl$auto_PR_SCHED_CORE_SHARE_TO(0x8, 0x2, 0x0, 0x6, 0xfcc) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/i915/parameters/mitigations\x00', 0x80302, 0x0) pwrite64$auto(r6, &(0x7f0000000440)=',^\x00', 0x1, 0x2) setsockopt$auto_SO_RCVTIMEO_OLD(0xffffffffffffffff, 0x8, 0x14, &(0x7f0000001480)='\x00', 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001500), 0xffffffffffffffff) 4m7.375070799s ago: executing program 0 (id=1154): mmap$auto(0x8, 0xffffffffffffffc0, 0x4000000020df, 0x40eb2, 0x402, 0x300000000000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x808, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000240)='}[,&*}\x00', 0xd0080, 0x5b9) getdents$auto(0x0, 0x0, 0xd7) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)="b07f93d9219c6874624200a8c5fe590935f3ef079fe6be296227d58e8761e907874d3906f3bb00000000040000000000", 0x30) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x80800, 0x0) read$auto(r1, 0x0, 0x39b8) mmap$auto(0x0, 0x3ff, 0x81, 0x40ebf, r0, 0x300000000000) r2 = socket(0x5, 0xb, 0x0) getsockopt$auto(r2, 0x114, 0x2716, 0xfffffffffffffffc, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) keyctl$auto(0x2, 0x0, 0x0, 0x0, 0x42f) keyctl$auto(0x3, 0xffffffffffffffff, 0x2, 0x0, 0xff) clone$auto(0x8, 0xfffffffffffffff7, 0xffffffffffffffff, 0xfffffffffffffffc, 0x9) write$auto(0xca, &(0x7f0000000040)='\x04>2\x0f\x00\x00\x96\x18am\xea\xf4\x1b\xf8', 0x7e) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x420009, 0x7, 0xeb1, r1, 0x8000) sysfs$auto(0x8000, 0xfff, 0x80) sysfs$auto(0x1, 0x0, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ram12\x00', 0x8001, 0x0) gettid() ioctl$auto(0x3, 0x1277, 0x38) 4m7.128447002s ago: executing program 0 (id=1156): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2000a, 0x10000200000df, 0xeb2, 0x401, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x11, 0x80003, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip_vti0\x00', 0x0}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8002) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="68b1fb002000a694d4236b06c431eeaca27761dbbc506f36b26e89d96a49169ec7e4016a", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000006000600810000000600070000800000060006000e0000000a00050000000000000000000a00010000000000000000000a000500aaaaaaaaaa400000080003003d00000008000200", @ANYRES32=0x0, @ANYBLOB="0800040083000000"], 0x68}, 0x1, 0x0, 0x0, 0x20040084}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto(r3, 0x5419, 0xffffffffffffffff) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc7}, 0x1, 0x0, 0x0, 0x200009}, 0x7}, 0x3, 0x0) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, r2, 0x2f}, 0x22) r4 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x58) ioctl$auto_USB_RAW_IOCTL_EP0_READ(r4, 0xc0085504, &(0x7f00000000c0)={0x8000, 0x2, 0x1d, "e64609bbfe3caa3fdf1c71f6b5de1acd926c06a1e9c2513111e23de543696fda086bbe5ea2425b0fd6a2361fbc8c334773e3e0047164008fc76bc0545a25707fd7253c3a133728a93f40fe699d9d40dd5f69997f25e27315ef3b12ee280046aeb725169a9dfecd6d66e355ca48a61a64ce8057801b68e71b8786a1791989c873b15b1944d8034bd205ac6ccb47d6e3eb38e3e39564252abdf1d0281fc39d31d26598283abf05b96a1875f9daa294b7875fa7d140a3c1eb27cb834192e209e5f3"}) epoll_create$auto(0x4) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/downdelay\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000480)=""/119, 0x77) mmap$auto(0x0, 0xe039, 0x400df, 0x8000000000eb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyp8\x00', 0x800, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) 4m5.334638138s ago: executing program 0 (id=1164): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x4000000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x200000c4) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x3, 0x8, 0x400002, 0x1a, r1, 0xffffffffffffffff) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x8, 0x1, 0x3, 0x0, 0x1, 0x207, 0x2, {0x2100000004, 0x10000}, 0x8000000000005, 0x6, 0x3, 0x1008000, 0x0, 0x5, 0x84, 0xffffffffffff628e, 0x10, 0xdeb2, 0x800}) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x40, 0xb, 0x6, 0x18, 0xffffffffffffffff, 0x7) setgid$auto(0xee00) r3 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/stat\x00', 0x80c00, 0x0) read$auto_proc_single_file_operations_base(r3, &(0x7f00000051c0)=""/103, 0x67) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) connect$auto(0x3, 0x0, 0x55) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x8000, 0x0) 4m5.008829513s ago: executing program 32 (id=1164): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x4000000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x200000c4) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x3, 0x8, 0x400002, 0x1a, r1, 0xffffffffffffffff) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x8, 0x1, 0x3, 0x0, 0x1, 0x207, 0x2, {0x2100000004, 0x10000}, 0x8000000000005, 0x6, 0x3, 0x1008000, 0x0, 0x5, 0x84, 0xffffffffffff628e, 0x10, 0xdeb2, 0x800}) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x40, 0xb, 0x6, 0x18, 0xffffffffffffffff, 0x7) setgid$auto(0xee00) r3 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/stat\x00', 0x80c00, 0x0) read$auto_proc_single_file_operations_base(r3, &(0x7f00000051c0)=""/103, 0x67) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) connect$auto(0x3, 0x0, 0x55) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x8000, 0x0) 2m8.894428301s ago: executing program 4 (id=1660): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/serial8250/driver_override\x00', 0x22b42, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000440)='/dev/snd/controlC2\x00', 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/admmidi2\x00', 0x101000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x0) socket(0x2, 0x6, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) r0 = io_uring_setup$auto(0x4, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1c8340, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9a72, 0x5, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/7:15/max_ratio_fine\x00', 0x1e1842, 0x0) read$auto(0x3, 0x0, 0xfffffdef) 2m7.613779879s ago: executing program 4 (id=1665): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2b, 0x2, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/user/max_fanotify_groups\x00', 0x202, 0x0) r2 = getsockopt$auto(r1, 0x8, 0x1, &(0x7f0000000140)='/proc/self/maps\x00', &(0x7f0000000180)=0x3) ioctl$auto_USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f00000001c0)={0x5, 0x800}) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4044}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="0227"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB="5de1523353782950330a"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x4601, 0x0) r4 = socket(0x10, 0x2, 0x0) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r5, 0x6) r6 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) flock$auto(r6, 0x1) r7 = open(&(0x7f0000000040)='./file0\x00', 0x4642, 0x14d) flock$auto(r7, 0x2) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) 2m7.200160378s ago: executing program 4 (id=1666): r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4}, 0xa3) 2m7.05906547s ago: executing program 4 (id=1668): sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="050029bd7000fcdbdf2503"], 0x14}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYRES16], 0x1c}}, 0x40000) 2m6.946975961s ago: executing program 4 (id=1670): write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05cab20eabc25b6240b084785dac9ddeceedcf0c288633b6a40eb3c9a9a00a8140c1a5d3f4418e6820622dc5e8f300f88254e3b7a4052254f9c40b62b89841b28b", 0x7c) (async) r0 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, 0x0, 0x8, 0x80000000}, 0x5}, 0x3b8b, 0xa) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r1) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000002c00010004000000000000000c00010040000000000000000a00"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) (async) r3 = socket(0x10, 0x2, 0x6) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x68, r2, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x80000001}, @NETDEV_A_PAGE_POOL_ID={0xc}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x8}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x800}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xffffffffffffffff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x7fffffff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x100}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x800) (async) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x7, 0xa505}, 0x800}, 0x5, 0x400a) 2m6.602542404s ago: executing program 4 (id=1672): mmap$auto(0x7fff, 0x400008, 0xda, 0x9b72, 0x2, 0x480000000008001) mmap$auto(0x0, 0x7, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x4000000, 0x9, 0xff8, 0x800000000801d, 0xffffffffffffffff, 0xc62) mknod$auto(&(0x7f0000000080)='./file0\x00', 0xfff7, 0xc0) mmap$auto(0x99de, 0x8008, 0xdf, 0x87d, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004080}, 0x0) open(0x0, 0x161342, 0x100) rseq$auto(&(0x7f0000000180)={0x9, 0x400, 0x0, 0x0, 0xfffffffb, 0x2, "7ef2b6d9b12bcecc34e7f3ed0b1e8947bbfe3167f450ee8c5d5380f969a0c5d1cd56144ac9f04e01047470eec62fccef44409f17beda8026474abf6766d212388924ee8eb3"}, 0x7ffd, 0xfffffff6, 0x8) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x400000, 0x1cc) r0 = open(0x0, 0x161342, 0x104) write$auto(r0, &(0x7f0000000100)='\x00', 0x7) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) write$auto(r1, 0x0, 0x7fffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, 0x0) socket(0x11, 0x80003, 0x300) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', 0x0}) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, r4, 0x2f}, 0x22) getpid() 1m51.364441128s ago: executing program 33 (id=1672): mmap$auto(0x7fff, 0x400008, 0xda, 0x9b72, 0x2, 0x480000000008001) mmap$auto(0x0, 0x7, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x4000000, 0x9, 0xff8, 0x800000000801d, 0xffffffffffffffff, 0xc62) mknod$auto(&(0x7f0000000080)='./file0\x00', 0xfff7, 0xc0) mmap$auto(0x99de, 0x8008, 0xdf, 0x87d, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004080}, 0x0) open(0x0, 0x161342, 0x100) rseq$auto(&(0x7f0000000180)={0x9, 0x400, 0x0, 0x0, 0xfffffffb, 0x2, "7ef2b6d9b12bcecc34e7f3ed0b1e8947bbfe3167f450ee8c5d5380f969a0c5d1cd56144ac9f04e01047470eec62fccef44409f17beda8026474abf6766d212388924ee8eb3"}, 0x7ffd, 0xfffffff6, 0x8) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x400000, 0x1cc) r0 = open(0x0, 0x161342, 0x104) write$auto(r0, &(0x7f0000000100)='\x00', 0x7) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) write$auto(r1, 0x0, 0x7fffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, 0x0) socket(0x11, 0x80003, 0x300) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', 0x0}) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, r4, 0x2f}, 0x22) getpid() 5.278365336s ago: executing program 1 (id=2223): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x5400, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0) write$auto(r1, 0x0, 0x40000001) close_range$auto(0x2, 0x8, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x80800, 0x0) getsockname$auto(r0, &(0x7f0000000000)=@l2tp={0x2, 0x0, @private=0xa010102, 0x4}, &(0x7f0000000100)=0x8) 4.510460762s ago: executing program 2 (id=2224): mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x2) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x20d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x800, 0x0, 0x80000001, 0x7, 0x6d42, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) msgrcv$auto(0x71, &(0x7f0000000040)={0x4, 0x7}, 0x0, 0x7fffffffffffffff, 0x5) socket(0xa, 0x4, 0x6) msgctl$auto(0x8000, 0x6, &(0x7f0000000180)={{0x442, 0xffffffffffffffff, 0xee01, 0x0, 0x1, 0x7, 0x83}, &(0x7f0000000100)=0xf8, &(0x7f0000000140)=0x2, 0x4, 0xfffffffffffffffe, 0xc869be, 0x1, 0x12c, 0xa, 0x4, 0x3, @raw=0x313}) lseek$auto(0xffffffffffffffff, 0x39, 0x1) 4.187169221s ago: executing program 1 (id=2228): poll$auto(0x0, 0x6, 0x8) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) listen$auto(0xffffffffffffffff, 0x1004) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r0 = socket(0x2b, 0x4, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/8/actions\x00', 0x60000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/58, 0x3a) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) bind$auto(r0, 0x0, 0x804) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) write$auto_nvmf_dev_fops_fabrics(0xffffffffffffffff, 0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) init_module$auto(0x0, 0xffff9, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 3.421265755s ago: executing program 5 (id=2231): mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r0, 0x4018bc13, &(0x7f0000000100)={0x0, 0x9d, 0x1, [0x0]}) read$auto(0x3, 0x0, 0x18) 3.418898191s ago: executing program 2 (id=2232): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYBLOB="1200", @ANYBLOB="5de1523353"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x4601, 0x0) 3.167966491s ago: executing program 3 (id=2233): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) fanotify_init$auto(0x1000, 0x0) socket(0x2, 0x1, 0x0) mq_open$auto(0x0, 0x5, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) socket(0x15, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c) socket(0x2, 0x6, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) socket(0x2b, 0x1, 0x1) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 2.934183829s ago: executing program 5 (id=2234): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setreuid$auto(0xffffffffffffffff, 0x8) timer_create$auto(0x9, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) migrate_pages$auto(0xffffffffffffffff, 0x8, 0x0, 0x0) r0 = socket(0x2, 0x6, 0x0) setsockopt$auto(r0, 0x10d, 0xb, 0x0, 0x17) inotify_init1$auto(0x3000000000000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000b, 0x4000000000df, 0x10000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d082d228a9ffac001ba782fbd6700fcdbdf", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r3 = socket(0xa, 0x5, 0x84) sendto$auto(r3, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x5e1342, 0x100) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x0, 0x0) 2.932930349s ago: executing program 3 (id=2235): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) unshare$auto(0x40000080) io_uring_setup$auto(0x85, 0x0) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) clock_nanosleep$auto(0x0, 0x9, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(&(0x7f00000005c0)='\\*)A\x00\x12p\xaem\xd1K=\xec\xcc\xbeh\xc1\xbd\xf6\x1fJ)\xdc\x0f\x10\xbf \xb7\xb2\xd1R-U\xdfQ\xfb;\xf3 \xedk\xaa \xdb\x8dUa\xa2cR\xd3\x13\xcaA~\r=\xed\xbb>S\x81\f\xed\x12m\xd0\xe0w\xd3\x90\x020\x9a\xe3[{\vL\t\x9f\xb4k\xdek\x870\xc6Y\xa0(oc\x9b\xa5\x87KE\xf9\xc1\xd4\xa3rLR\xe2\x0f*\x86\x8b@\x16k\x1a\xd6\xdc^\x95\x90\b\xba\xbd\x93\xb8\x83&\xd5\xb1\xabX\xffYX\'`\xaa#\xfeCk\x1c\t\xed\x941\xd8\x7fwP\xda\xcc\xe6\xebo$\xa8\xb3\x9d}h\x90\xfa\xe2\xd9<\x7f\xc8],\xd4\xba}\xa4\x91\x1a\x0fHo\x1bU\xcc\xf8\x02\n\xb7\xa3\x98\xcb\x83\xd7hQ\xeeYn`\r+\xfd\xca\nq9n)\x1a\xa5n\xccw{\xb8\x1a\xa4E\x1d\x1d|\xaci\x7f\xf8\xbe:\xa8\'\xfb\x8f\xe5\xbb\xbc\xaa\xf3)\x90\x93x+\xa3\x86c\x9f\x93aq\xacA\xcf\xfe_\r\x81\xb0\x19\x80\x8c\xd4\x83X\x19u+\xe1=\x01\xf1\xfdL\x89\xf3S\x98p\xb9^p\x88qTk\xb8\xdc\x1f\xc1\xd8\xb5H\x98\xf8\xdbf2om\xad\x10\b\xc4\xe1xtAF\x98\xd5\xacO\xb8\a\'#\xc3\xc5\xa8\x9aR9[/|\x00\xe3\x1e4\x00$\xd3\x94v+vh\x1b\b\xfb\x96\xcd\xf1;mA\xe9y\xb4<\x93\x80\x9ae\xaf\xf6\xba\xf6\xbc\xd8\x9b\"\xab\xf8\xdc~E\xb6\x90', 0x7e, 0x9, 0x0) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) r2 = socket(0x2a, 0x2, 0x0) ioctl$auto(r2, 0x8912, 0x38) ioctl$auto_PPPIOCGIDLE64(r0, 0x8010743f, &(0x7f0000000080)={0x0, 0x57c0eb3a}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="34000050f64f49193cd40b378c00", @ANYRES16=0x0, @ANYBLOB="00012cbd7000fcdbdf25080000000500120037000000"], 0x1c}}, 0x8001) read$auto(r1, &(0x7f0000000000)='/dev/mtd0\x00', 0x70000000) mq_getsetattr$auto(0x3, &(0x7f00000000c0)={0x0, 0xe, 0x5, 0xce}, &(0x7f0000000100)={0x8, 0x8, 0x2, 0x1}) uname$auto(&(0x7f00000002c0)={"96ecdc27d2c742bde8deca1b8ddcb1962f05964565a89929c18e3a2860e358186fcd572999bda1a89890ee881a1277fd3c784521c3db2825e979fd7cf72d194a34", "5ca57002bb2f8ca16fc96a71e0ce5d18c2e6996c9f32f4194d87da02bc1b08925e9c50e70d2ea62214f0b884b013c5e639b819a490207047f7efe6881cb2bf6411", "9440f51e8855ad371a1ffa61383ca7051d38304677fbb144184f6f8b114181838979e3a02f4504b8d86bfc12c3a767dde555c55c11f4000b9e256b0723f9837454", "5456908424c530b4429b50918b3cac793a229ba9a421edd643adf9ce72ac0098442241f9a398cf862e135dd7856e2373e397275c0f67d38a1c24b0c205fa1a1e94", "61c84dbba2827134603066e42b01e43b07b9906cd4a7f18762927f91e378be45cb2db0b5e9ddd9935bed7412cef1745fb8c2413f4b1248190bd753b35696c38284", "874c885aa40d8dc8bc35477622d43f9d84f4bb1e2f5798dbe190b72d37bb21ff094a91ffa4ef11900f66631b1c50e965a6d9759483342253728a4f62b7facf3bcc"}) r3 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r3, 0x4018bc13, &(0x7f00000001c0)={0x5a34, 0x6be2, 0x1, [0x6]}) 2.712681778s ago: executing program 1 (id=2236): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x401, 0x1) open(&(0x7f0000000140)='./file0\x00', 0x1, 0x24) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x3e, 0x9, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x3, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x1fe, 0x200d) keyctl$auto(0xe, 0x2, 0x76f, 0x9, 0xf13) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x40000) r1 = socket(0x2, 0x1, 0x106) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x0, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x20000, 0x0) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r3, 0x0, 0x9) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) ioctl$auto_IOC_PR_RELEASE(r2, 0x401070ca, 0x0) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(r1, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da06, 0xffffffffffffffff, 0x3, 0x3, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 2.533108069s ago: executing program 3 (id=2237): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r0, 0x0) bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) socket(0x18, 0x5, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, 0x0) prctl$auto_PR_GET_NO_NEW_PRIVS(0x27, 0x1ff, 0x0, 0x3, 0xffffffffffff3ae6) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/ksm_stat\x00', 0x2, 0x0) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/228, 0xe4) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 2.32251309s ago: executing program 2 (id=2238): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) fanotify_init$auto(0x1000, 0x0) socket(0x2, 0x1, 0x0) mq_open$auto(0x0, 0x5, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x6, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r0, 0x1, 0x1c, 0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 2.090938373s ago: executing program 5 (id=2239): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbcadf25020000000800038000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) process_vm_readv$auto(0x0, &(0x7f0000000040)={0x0, 0x8}, 0x4, 0x0, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x200040c0}, 0x20004800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbcadf25020000000800038000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) (async) process_vm_readv$auto(0x0, &(0x7f0000000040)={0x0, 0x8}, 0x4, 0x0, 0x6, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x200040c0}, 0x20004800) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) 1.865583044s ago: executing program 1 (id=2240): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x8000009b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x3, 0x88) socket(0x2, 0x6, 0x0) ioctl$auto(0x1, 0x890b, 0x8) socket(0x1, 0x3, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/options/hash-ptr\x00', 0x10b000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r0) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x68, r2, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6}, @GTPA_I_TEI={0x8, 0x8, 0x6}, @GTPA_O_TEI={0x8, 0x9, 0x5}, @GTPA_PEER_ADDR6={0x14, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}}, @GTPA_PEER_ADDR6={0x14, 0xb, @private1={0xfc, 0x1, '\x00', 0x1}}, @GTPA_I_TEI={0x8, 0x8, 0x5}, @GTPA_TID={0xc, 0x3, 0x81}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x44045) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000200), 0xc02, 0x0) 1.611015568s ago: executing program 5 (id=2241): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/011/001\x00', 0x121002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x0, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c06, 0xfffffffffffffffd) r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000200)={0x38, r3, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x10, 0xa, 0x0, 0x1, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r4}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/current\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x8010000, 0xffb, 0x8000000008011, 0x3, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="01002cbd7000fbdbdf250f00000008000300", @ANYRES32=r6, @ANYBLOB="0500300000000000a227deb3b114eb834b524b919d98ba1b2af3f43d11086490dbef987a8a7305ff43b06eec7f9581c613693e835181ecb4911400d2c8078008b86e0d95ee561e9da76e8002871bff2d"], 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x140000e4) r7 = socket(0xa, 0x3, 0x87) setsockopt$auto(r7, 0x1, 0x21, 0x0, 0x9) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r7) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)={0x14, r8, 0x4, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000080) sendmsg$auto_NL80211_CMD_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r8, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x800}, @NL80211_ATTR_MLO_LINK_ID={0x5, 0x139, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x40) r9 = prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_ON(0x3, 0x1, 0x0, 0x1, 0x2ff5800) ioctl$auto_TIOCMGET2(r9, 0x5415, &(0x7f0000000000)="89754cdb790fb91877002975b2aae7a3f81b28d9a659c7eb0c0267517b828a5da731135be56249b179f8de333af291420932dcbc348ec63860ef42887fe0f6d6a64e227d3d72d38c29466f39") 1.606179022s ago: executing program 3 (id=2242): openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x440100, 0x0) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x142, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), r2) sendmsg$auto_OVS_VPORT_CMD_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x18, r3, 0x319, 0x70bd2c, 0x25dfdbf9, {}, [@OVS_VPORT_ATTR_OPTIONS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x44004}, 0x4000040) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) 1.291425552s ago: executing program 3 (id=2243): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) fanotify_init$auto(0x1000, 0x0) socket(0x2, 0x1, 0x0) mq_open$auto(0x0, 0x5, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) socket(0x15, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c) socket(0x2, 0x6, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) socket(0x2b, 0x1, 0x1) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 1.269844532s ago: executing program 5 (id=2244): r0 = prctl$auto(0x23, 0xd, 0x8, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nullb0/queue/io_timeout\x00', 0x208180, 0x0) madvise$auto(0x0, 0x200007, 0x19) madvise$auto(0x9, 0xc90, 0x3) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000040)={0x7, 0x6, 0x3, 0x72, 0xffff9d2d, 0xffffffffffffffff}) ioctl$auto_XFS_IOC_FSINUMBERS(r0, 0xc0205867, &(0x7f0000000180)={&(0x7f00000000c0)=0x7, 0x6bc4, &(0x7f0000000240)="381111499353f398c52fde1d930f3291046d78a3e61aa089f420e1ad4eee801d59f058ce813b1333277136fb6e1388d6cb201f09b07f2b1df6fee7004f286f353f2ac8703c8668529aab80fd660a39df62d0700344b69db3d11d8142f2b74f5c4f0417fafb250fb4cff2424e33f0127fa06e8ae9029e0706df57b6cda1381a91039661406a665cc1994e124b4f00279b37920decf398033912870ce76c4cb6d624b9a23dd384a8fad29e2d072d7bc498ca51333dd4a245ac5d", &(0x7f0000000100)=0x6}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000b80), r3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00', 0x0}) r6 = socket(0x2, 0x5, 0x0) readv$auto(r6, &(0x7f00000003c0)={&(0x7f0000000340)="62f424811645c2b3f828493a5d0b0bda0799760808118af1f9df016424bfeb7ede0696b12344559a88de342620af8a7865ece3ea0fd2e48cd7ff7a7908ea50b21bf0b5dc9887aeecf64a2c02e37f28ac00315f5df163c86e9b3f253348ea70a83daa", 0x6}, 0x8) sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r7 = ioctl$auto_TUNGETVNETHDRSZ2(r0, 0x800454d7, &(0x7f0000000300)=0x1) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000001f80)=ANY=[@ANYBLOB="c8120000", @ANYRES16=r4, @ANYBLOB="01002abd7000ffdbdf250a00000008000100", @ANYRES32=0x0, @ANYBLOB="080001000683d75f426d4f1c18ffb96791dd11b8728a1bacd652cae4519561bd09dd2eecd37bc9f99a5120e38b45692850c0880ddaba3b3ac24fbf34ce442d0e182e277f5f172e48c6e21133408344da6646a1f849d4953ea6c01a6e995961f0bf98a66e03dc97e353148737997ff1265c4d800835c4440b3d1a47", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB, @ANYRES32=r6, @ANYBLOB="dbb434a3357b0fa9559d973bb95424869c6f0dfdca09a7838cb3f1d97dc424d1aa9f3f94fda5978792724d8f6ba22a5beec32a8cb6d954ef2e40f3bea9319c7dc871222ded58e1b515cdf569a19d31398585e5a0d4ccfb9c2360aad9b625975735f416bb42ae1a10cd89ded778bd4fef0f6a1cf32e0a488a725acaae3684dd16b6cdee2a15465b884a671802803d0a6613f709542d50ffb2ee43ebc86aaf4cdf524245545012ead784612a0766d0f66e63665566cc15c0f4a304df0b33309ea81dbf880f8ac5be319669984d25e16006be333eedd70e07ff429a8c983adf3f1a0eb857ca8f0f8622f8f711840c5c274924c9eea976b762d9a4bd68a38659c7aa53b04bc0b4c3dc3d80b5bf6166a39b04ea5f2616410be27d6f554cb42f261b088947295dd92f7bfe2a91afc2131c66eb0ed979ea201c94a61d1e2bafb10cfe1fc6a84b3af37af697bf3ab3320f1f7cce4ef30d5fb88b036d005d5fea609d1b5416e787096b1e6113c80f3fb95028022396f9fb2ff70ca4518e7316d742aa89f84e7333b69b43007d8b0d33ac840f837fe771f722459d83573d47929cc572f6af8683497d58e9b1e22f249ed7f9fa1baf21e081ecf78f24daac1ed66f34537fcdab6d665854cc7fc8a324cb6a5554668f39da442b5d8472e40e7e83b0216a16d5efb7445806f14357700e69db4cf299b24754f8444ecf56102536952d294003d1978e85b07342ac6234b6b44f984ee63649662c1e2cda1a0f213b85ccf69d4e6fcf61ca1ce249510e08fb45c1e4582e0e23ced764f91c484fae684faecb55b7534f463e97a73da6b4a5f5558726fe33aa720d4ba04a229b8738942628b6b3535882829643dbc835580a9899183e8523b7c423e5521213a2edc6b9e8bc7e75f9acc3d68ef8d58f9436c3db02827a6c0677bc78ffea8fef332fbe7ecbdcde208c4bf0099ee57a2653982532b03339f6ac7b346b231d4a5385d443d9fd55fc905150a3389cc39b119ff1648bf54f2d83438e37c86194629c56f2226dd202ee336a1d5d27055a71b90cbd4b278104ee2bd029ccf90c72a806a4329a5cd7d38b99d2ebf58da9495738a7db71503efbfe20ae6738ecf551c533364f6714c1e78036f603f5d176b7e3eb0bb178b989aaae56a30ca20e4fa22ae94994a895947fa124723cc67a986673803e4046c0ec5c0bf29edc1d3eefb54f0a174b720d99dce1eea9865bbecdff6327601c3df7f58dcb52b83eb8a999d84fbd45a4ae564cc93f598dacffed81bf818d11cc7f767bfbd9e46007863cc0ae146935b155ef8ab48e798ccc2007b2f2648586f26a71b1dbfb5beeda3ffe6957717d9354f6851c10d0554bc263bc758f3cab674de482934d7dffb4e84a9f6794cf3f632d657a6337f9b77c91016b7efcd8631ae2ff551a561271b2528e55494af7f5114a04ddc34677e4db57ad1677645b5ae9d3563933d0cda648f3cc7679a0d97c1254f948bf724f7dee5ad49e45491d45fcda74337e173be6c630de3afcd43b56cf1a2ffc6aaa14c52b93c4e76756946e41baa21170e1723ad6ba91bfbfe736c9906477dced169c0ec4356ba2ee62f8fb6d4c01265d322ac724f2ec88dcfad97d378157c2c4eb2a1ac188a083c57b21a1cb4ea0f31831216e68b17bd6517bdbcaddbf34ce2547519038b04ec4d467ecbb1edaa7ab76b1b3c123fed96ba8fd15000dbe86909a678f4fb3715dd642441fa6d69eec909e5b96f40c0fe6490e87a2de992d06cc3e11c277ab77bed9973d236376260968fddda4ff2f390a01550eeb0b92d861cb32f9779ebda35c2d3ac4704b8e377cb411fd3d23600fc2d033c1b8e12e2cac548f30601ff7ec2c693915b2786e76dfee97ecf6930b26223633a8e674371e4746366d4aa6042458e3946e8d48131b42b10158d6e5eef88cd059105c38a0db1679e4fb7a4526cc473a09171fdea402b4b5d8ec364a75fd2260f3b3962f4bd460c20edd6821cb1ac4633fc0e5e52eaf3be16d7342ce276396f025f0656b3573e33473b95594ab2e2c143cc5fb1a0a2380202a3039ef6d55ee3e7a2372030690e8408757a05c487fbda76b0b25751c4bb67c1e65ba478e6c1bf7ae9102644b84f53959deb524a10cfd67089015b3aa18a482c818f5237f31b37f88aca75814cc15931c8b5631cc4f40bdf4ba9472fefd4a12a62e546679fca1c585ab42049f84bc99c5e25389e6c3cb3760706d202e13ae3fa20c2f1408428b94fd095515a6d3f1422690a373240d91a1320b0c00563674619d48dffdf89379a22d8c649e9217f806f8783cb13c9c0e0335b56a450bf7154a49b2a2c338f342c1dbe29332329e4b7428286925a54a9b68aa11f99309bf07ded94ac42f51a955c1377b16b5005eaca58c82386d62ec4bfe46b95ea625d8845316e6f42b4f3ceeecfb738e8c7e82006d36c73ffe25d8f7dda1721fdf4f08b74573b21fc44e34089aa145895cf6740d7a6749807bcf2fefe073d032cdb2eb780d6a7b4c1dd51de24ee2e45af273dfe7c9ca1aa92dd3cdf688e77468c533bc778c45cf4d7a30a6bbe9bb09baa131848de47a357e08d8d7d2e40aa45218a38b145bf45bd76098cc0cdabf024f064e35e0ed516483db8bc61b23d1206ccc3cb03cee20cb90d3ac2f0ee7af1d179ed9b802a65a15e79ca054c1b4669ed7f2d50fcb0904369c9dc1ff6d42c5ee969971b84ba47baad29aaf655c7cd68e5b01a8118ce2611fbb754cc780cf10908530b150063d4c24f0c953aa8dea2fc4c32ad04210adfe62672766eebda50ea3f2ff823b51694f902b1bf79677f7031a51338f3337d85a6d12b4fb4739ea9038a16ab4afcbc522dbd4eadf1398475a872ab80c31557beea918a8df661f15d0d93b68409620ebc7bf0ff74c01311f13defe6515f3ff12f903091683c20c71ac59786f561bfdffe3e52c95faed4d26f4e07ed7ece701ac4a347d0c74f3cf80750c099d9d98c56d39a980786c9534156bd4b5f91ff2b8a8054788020d3f45a3d0787981985244587a76fc5d22edec03a14390159b23caa9d5af7c6099421a4660a8a3777692a891ec57bf83608d37cdb3320fc5ac20f8edb1abbedadc3bf95a852ca302d59a54b3730592e082de68b2db1d91dc6726b2a3862b21e85ccc4cba7694635641c84809253b14a4c375f2f35a79e8fef698869b1cf254640e3a5753da974c84d1daa86000c392b7ff97afe3fb8acbaa2abc8ea40fe70b259435d4cfc2713c2a17b8d7e1fd26177a952a6465cf2f806040c5ea36d2bceb5e333aee2c92a26a7de7166135d938022eee7a9fade4cb38c8770d6070b203aa7bca0287ee6c7e3d744bfa6268f5caaf4d3b64d34251a8dabc8915a62fe885c655954ee417fac6c628d906bb82c2ae755bd004c72d18393eac3d10de8928c8f12c03ded6a70c5ce5c19a290744de53b754386b2624ebb2c146038bed9dedc3b7574f6d67f6cf02395dfb8c0d495235874aa1f75fcb7af2f8dfb21189747f04d83e0f91c518d0f2bb6a9469cc0db96dc7c13c1d80b3594e8639650dd24c3fc2d8d6a430b8b8e2f1125ab6423c0245ef8c03c96bb62ee13598f5965ebc097fbc38df7e8066c07481ba7dfb30fadac900b05ed0211f0494869b0d6d2765d544654e7e6952cf7308c12f039c912f3ac7fdd8e2f5ab32f147e4d6f9b11fefbba3ebedfd76286430e68636ed7842d3834c86ed8a8e624ae275963649a6a07650120d738eb35a79a41b8c101b52a9016eeef87c1357c66ef8f5f92bdc1cd818b586ccc5f81edc76748690a895c83b10c26e545eeb195004cb888a33d2a89bd651785c5f2c4807ec9c31f4505fdfc8f926466d3b23ed8483d3cb85fc584fb4351290da389489e79b3044f4739132f66a04eb7b61fa2bfb94675b6008578d5f12a1bc35ce60045764e05bfcc6fdcb0e9ebea4fe453863dcfe6beaf1b7bf7aae2feead04ca683fc3c53b5b84376e90ea12300e119cbbbde73341dd065e21a3add38006eae90c2b1cdc9698f7dddcd5b6308b10590a12f45b452aecf1bf259b232d4c2c1b61e61d4dfe0c889468a8d35980f07e36a2ed94260c60bab13160a906e7e36a57ac82bf62320d53b2c14e027d8273772a8808b818c048d49bec51e03ce0d32bda57b04d46f3019b5f7613f27d0ef1ee88fbb472bd8a5a40bf581fa329abc2c518d029eea13f7149c5ff7ecc0a04cc1c28a99b911c4a3d450bb1d97486f7e2ac0dc3d172d29b7d9991add55e0b37f8c1053609995114b36982a1b1a1107f92ccdca864d801a3a1c34022a28195a4f1f5748a06cc2b7b4f931d43c989b9ab8c815b5694a6cbd3cd6e244eb34c87f88223354e6b609f8e402d5364ea80195e9134e650ac4d820004349970f38a6fbb8dedcdac252aaccf35e51e3043eaa803704de82fae43ac13281cff4b7668d825733bb91f2b52d37bdf42218afe069062ffacb715216dfae780e2742e2c90a3e1b0e31bb67ca3df67c693eebf2f756753c7d8c5a9f15b888bc90a039e88e31077a8d004bd4d5b80373be571592833e138b1dddc8671dcd7ed70e176acd06276adf749b3a35e8c3884b507800fa61f425b17d990b65df60ac065c95626048376f5e6db28201b98e0ca9076c56ecaae77c0bec586fe54e60fc59a44111869ecb2d3eee72ac8c2b5ddcd2b2cf712ca3e58e71d4d54a1d20eb8c7ad44e37c239182dff2f9bd7f4418299e9e526a7c9e67819a895d5ccad753fccfd234a1e597e0ea1d490c95e07ba8e2e95b653cf1fe529d1178c2bb2eb17d8f8d2b31ab1cfc518967a76e9221928a4118fe19d3bec62598c6d37705225fee170fd6647a8f1ae919c070114873d209a03cc5864095d1da6423e79bcc28e1997f75ffbe71cb95e5a6f36320e2d79d4ca1b278bac9293aab105ca3c432ebda9a5a8dc0cf4e192d82b3d2b7e87fc91a98e838a72212d755d7495a184ff53562c1be45d767c9ce1123a2b6d24261986f75b6539501b6a70740634921c033d96e618be165f0edd96147bc68af47c03a7011706a065a9d31bb9397759807b753b663f44e16f12c76dfd542240445f7f032ee58f60cb8f6bdf1a989658b00bc8ef216b4a737300040dba99e7a5c8f9465632967af3855d55287a7607dea26b4fab97d4b83ad9c87df7394f68e06ec4cc2fbdcf8df20487574a5b5fd15e903c527c75d5e0e862368860b4d1d1aea08c57183fe7d573d2ac9640f3447aaf45761f5c15409a5715ff733204196f111b548f2528d68b55b1eeeb4b63ee817404c4f911a4a60c9ce7706409112d183985de45e3dae1539cfe15a4d20bee4b37e6ffda137157f691a1b503f67f9b9f93e330572d8422885d9c627f9447977698f98eb53f3f801805d98a03f8a17b80c1a257d8034ef98c7c7d749160c43806e458bcd321748ffe14b7c066e9332408fbe4baa16dfefe7aa569700d29522315afe94fc54e63dafbec062dffa40679f6f40b421d827d2e0441dfd9ecaee536a5c3fe28de94b73ee02f44a6d3f3f397a4e6415ef76af974a77afa4af511ecb7b13dc5b8e1ed0b3a3a52404c598062795f00ea6830940f1fbfc61f1a006ee8de8a67746d29dc47fce508cdf0f6044fa5191b68a38dd9da33e650aae50f586be530eb4cce4f96fe21a94e7063aea063fa59086d36de11c5b625fe2a236cc6529d9a4fb9e7f434c54bdec9e49717436397e55c4c7e3cfaad85144f05ab12219cc1da1950b5be60b58b727434a92bcdeeb6cda897170889f94aa793b27c1daea9a745bd04d10571a8e7c589616f07798c0153756c555e7caff8090020980a2002d0035bf11206512f638d8039c602d6bca9c9144bf7609e63ba4b1c030738d8f39b3b446340bd6ff12abbb19a4001dfefbbbdef45d917b29d2d7ae13561c68a6daa4e66168db1b8f2761f08059d34bc00d29aab05e1ac1b642908c21f1cb35751ff498332d62317baf8d0744360cac36c62c2e07a561329608a5773cb86b85f15be826ec02918dc48a7d4c5afa008fdfd568c13bdc5c7be0a003558e944bfa3500000800dc00", @ANYRES32=r1, @ANYBLOB="e373ac26bca424b47dc3a4e78ed164afbe2e57ddfeae74730d124632ff48fac702ad26d8038ad3005e79f1416852ecbc1e0cb9b4ab4d0530c84c3af16311357c7393a754678cfc4a689ac1539cbb55ffd6cb8ce3265a4f00230f853819aa8c6da1679c87b32163cc1cefdc5fb594fef3b0cbe6adf3c27ed27a7c1d7e21e318009e8014006d00fc01000000000000000000000000000015552831febde76a133d15011ee1ffcdd512a35c470039b631cb2d1fce19ea4727c3f5f7aab52f235113a171d083f3dc51a7e23489a55fd690b1e3ab90059129b5891f6093790ee63fa2f4820835f4633517543a273b77ccdb225017ce0229bc0a7f5ed481101a38da26c8f27bfa109afde5045947621a8771f4dd1490b7be72fb3bd76e908f07f419811d0588a058888094ba1fe63660401b280ecd7cc56019aa38f8f8a2c31c6696ab659a4ab3d2385a8a2311654e8f59f57276b68872a06bd6e7ca32b20728675a18f5f895f9472ad90c1053b60e4657179e39a02f734f8018f6050d51fb2b11920ef5b9a35808008000", @ANYRES32=r7, @ANYBLOB="54007e00a5cfa2304063a2dc10fc476dc207cb3fcb8a328e4744c2f0b388aa8cb5cd3d73487f9649f9ba4dbcd96f07c8b1ac400a0c8086eafc01492d893d2a6c00005836129556e52f6b8c742fc06fa42e0c9e00"], 0x12c8}, 0x1, 0x0, 0x0, 0x40480d0}, 0x8000) kill$auto(r2, 0x8b0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) r8 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r8, 0x0, 0x1f40) r9 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x20009, 0xd82b, 0xeb4, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) write$auto(0x3, 0x0, 0x7fffffff) writev$auto(r9, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r10, 0x4, 0x7ff) ptrace$auto(0xa, r10, 0x3, 0x100) getpid() write$auto(r1, 0x0, 0x2fb3) 1.083025173s ago: executing program 3 (id=2245): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000002440), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1, 0x2, 0x100009, 0x2, 0x8, 0xffffffffffffffff, [], {0x1, 0x6, 0x8c48, 0x8998d5f, 0x100, 0x83, 0x101, 0x8, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x3, 0x3d, 0x5, 0x8, 0x100000000}}) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x68a80, 0x0) mmap$auto(0x20000000000000, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) fcntl$auto(r0, 0x0, 0xa8) open(0x0, 0x4140, 0x0) syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone3(0x0, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1000, 0x400000, 0x4) io_uring_setup$auto(0x40000002c55, 0x0) write$auto(0x3, 0x0, 0x3f00) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2aa82, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x40000002c55, 0x0) recvmsg$auto(0x4, 0x0, 0x33c) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x14, 0x0, 0xb01, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000049}, 0x4000080) setfsuid$auto(0x0) pidfd_open$auto(0x0, 0x0) 1.063985245s ago: executing program 2 (id=2246): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2b, 0x2, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/user/max_fanotify_groups\x00', 0x202, 0x0) r2 = getsockopt$auto(r1, 0x8, 0x1, &(0x7f0000000140)='/proc/self/maps\x00', &(0x7f0000000180)=0x3) ioctl$auto_USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f00000001c0)={0x5, 0x800}) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4044}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="0227"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB="5de1523353782950330a"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x4601, 0x0) r4 = socket(0x10, 0x2, 0x0) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r5, 0x6) r6 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) flock$auto(r6, 0x1) r7 = open(&(0x7f0000000040)='./file0\x00', 0x4642, 0x14d) flock$auto(r7, 0x2) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) 756.738943ms ago: executing program 5 (id=2247): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYBLOB="1200", @ANYBLOB="5de1523353"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x4601, 0x0) 565.067522ms ago: executing program 1 (id=2248): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2b, 0x2, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/user/max_fanotify_groups\x00', 0x202, 0x0) r2 = getsockopt$auto(r1, 0x8, 0x1, &(0x7f0000000140)='/proc/self/maps\x00', &(0x7f0000000180)=0x3) ioctl$auto_USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f00000001c0)={0x5, 0x800}) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4044}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="0227"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB="5de1523353782950330a"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x4601, 0x0) r4 = socket(0x10, 0x2, 0x0) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r5, 0x6) r6 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) flock$auto(r6, 0x1) r7 = open(&(0x7f0000000040)='./file0\x00', 0x4642, 0x14d) flock$auto(r7, 0x2) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) 492.347345ms ago: executing program 2 (id=2249): unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/tty/ttywf/power/autosuspend_delay_ms\x00', 0x902a5b3bcfbdcd47, 0x0) write$auto(r0, &(0x7f00000003c0)='/dev/input/event2\x00', 0x100) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) r3 = io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) process_madvise$auto_MADV_GUARD_REMOVE(r3, &(0x7f0000000380)={&(0x7f00000002c0)="367669a37a8a2ea5f692381aea856bd29dbefbba6f8357b15da54f747331819fe1180843fa985a5bd002192224f7ee98c88f16b8af8b9dd70a4d7158f49d6622f207a6502b1eb5ff4f38bcaa12fda04a6a18250056cf717b5a1476da4474db813382185b31c2621943ae0e4b4e6b855cd8c4764ba20cc1d076379ab5d8c7051d3a6ba0", 0x2}, 0x7, 0x67, 0x2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r4, &(0x7f000000ca40)={0x0, 0x0, &(0x7f000000ca00)={&(0x7f000000c1c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="0400"/14], 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x4) r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r7 = getpid() shmctl$auto_SHM_INFO(0x8, 0xe, &(0x7f0000000080)={{0x2, 0xee01, 0xee00, 0x84, 0x6, 0x5, 0xa90}, 0x9, 0x8001, 0x3, 0xffffffffffffffff, @raw=0x3ef, @inferred=r7, 0x5d, 0x0, &(0x7f0000000140)="a7894117874eb9f60b78d8a712eb837c445b857759d80b0764585003fd7bf05afc78292ca4ec176ed8e07e3b2dfa8af1f3b1c43d4ce1dda30c3cd18f11386e86bc0aa32e0fead29b392a9023468b12800a85f0c8eaf2084506acf94ef2388ed632ffa5f73a3b6bb4fece6854d3d1bbe75e0007e530219aec1f285bddf732eac1262f624c934ce0abddeadcf0c8e67e89b1505584ca73c612308d0d52c7f96ea3acbee50ecf23c4e6d8974a", &(0x7f0000000200)="baab165830b4fda4d7e04d1a97594c032cf835d90c7cd0f10fefe32d419ceff9248d1b6e80371285d55734e7ae81a2b80f631c2d928e309b9fc12076eff429675f69ae82dfd65cc18203afbe27de222cc9a5ab6a7d2e712aa2a09bb6500484709e0464d8a88fa4c492b087c024a5f8d2c4daad7b0f7d84e40a0f3c07c502f4f177d4254e5f9f789628397415ab45adb8600b79043b848d5996ad6c6cb3aeac"}) process_vm_readv$auto(r7, 0x0, 0x1, 0x0, 0x400, 0x0) r8 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) ioctl$auto(r8, 0x400454d0, r8) ioctl$auto_EVIOCGREP(r6, 0x80084503, 0x0) write$auto(r0, &(0x7f0000000440)='+\x00\xf6\xf0\xef\xe4s\x95\xf2\x00\x97S\xb9O\xac\xbe\xd6\\J<\x02YK\xd6M\xe6\xe7\xa0\xb8\xc3[\x01\xc5\xe8|\xb0\xb0\x80\xbf\xa5?=i\x88UB\x1d\x8e\xd3\xc2\x949\xb6\xfb\x006\x02\x9c\x83\x14\x13\x99\xc7\xb4)M\xed\tN $\xd4\x90^?J\x92\x9a?\xf8b\x03\xd8\xdd\x84\xdf\x92\xf0\xcd\xd8\xbap\x15\x80\x9eo,\xc8\xf2\x82\xd2\x88\xbeL\xa0\x9b\x86_\xf0?\f<\xf3t7\xb6\x0f\x93\xc79@\xd8x\x9e\xef!\x006\b\xdbWB\x84\xdd\xac\xdau\x86g\x8f\x02@O7\x0f\xf8\x8d(\x9c\xf2NyD\x7f3\x14\x9eg\x86%)\xd6\b\xcd\x1f\x03\x00:\xa6\x83\'\xf4\xf2\x9dd\xf4z\x89\xc5D\xc4\x02\\\x81\xcf\x02Ep\xf6`\xde*\x1dV\x94R+\x94s\x84\xa4\xd4M\xa9\xea\\Vt\xde\xedS\xf8?\x91\xef\xb3 4^\xc9DO\x88Er\xb5\x82b\x8f\xfcd\xe3\x81\xf6\xe4\x16\xe1\x15\xaf\xf2q\xc41\xf5-\xcc\xcfj\x94\xce\xc2>\t=\xe5\"a\xde\x18\xd8\xe8', 0x4) r9 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r9, 0x8000451a, r9) socket(0xd, 0x3, 0x3b) 18.477747ms ago: executing program 1 (id=2250): bpf$auto(0xd, 0x0, 0x3) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x48a22, 0x0) mmap$auto(0x0, 0x20009, 0xe1, 0xeb1, 0x401, 0x8000) mmap$auto(0x8, 0x20009, 0xf, 0x800000000000ebf, 0xffffffffffffffff, 0x8000) (async) socketpair$auto(0x1, 0x10000002, 0x9, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x163340, 0x6a) socket(0x2, 0x80802, 0x0) (async) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) fanotify_init$auto(0x5, 0x2000000000002) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) (async) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xff06, 0x0) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@nl=@proc={0x10, 0x0, 0x25dfdc02, 0x800}, 0x51) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r0 = socket(0x2, 0x6, 0x0) setsockopt$auto_SO_MARK(r0, 0x0, 0x24, 0x0, 0x3) write$auto(0xca, &(0x7f00000002c0)='\x04=\x01\r\xfb\a\x00\x00\x00\x00\x00\x00\x00\xa2\x00\x00\xccb\xc9\x19AWL\x00\b2\xa7e\xbd\x97\x9c\x05z\xccs\xba\xa2,&\xe9\x11\xfe{ai\x8a\x86V \x8eb=OJC\xaf.D\x8f\x97\x03g*\x1c\x98~\x15\xc3\\\xcbed\xff\xb1\x92~\x89S\"\xdac\x99\xf7!\a\xfb\xf8Vf\x18\xc8\xbbu\xcd\xf6\x80\x92\xa9\xda(\xa2\x93p\n\xe5t\x1b$\x9f\xa3\x1a\x82\x06\x12\xa6\a\"\xba\x8a\x88t\xf2A\xb9g$H\xcc\xc7\x8eoi\xf5\x02\n\"\xdf9\xa5>\x91\xf2\xde\xa8\xd3\x9f\x9d\xba6\xc0\xcb!w\a\xdd\xbb\xf1kox\x04\xe8a\x93\xf3\x12eE]\f\a\xf7N\xb7\x85\a\xf1+\x05\xe7\xb5\xa9m-+(\xaf\xf9\xa4r\x0fX~\v\xa7\xf3\x9cD\t\x80\x8b\x9d6\x1f\xdc\xc4y\x1d\x9a\xff\x0e\xbb\x8c^\xb9\x06\xcd\xa1\xf9\xec\xc1\xc3\xd7\x0fr\x16Hf\xb5\x17\x10\xf9\x03H\x19\x1a\xa8\xd1\xad\xa2\xd3\xe7\xa7\x883Y\x7fS\x80|\x9e\x91O\xca@\xe45\x80\x95\xdf\xdbn\x01\xde\xfd\vH\xfc\xe6o\xf5\x1c\x034\xf5\xd8\xb1}JX{\xf0\x89\x1d\xb5P`j\x10I\xf2\x16PQ\x85\xa7\t\x98\x1c\xe2Y\xa1\x03\x9b\xdd4VQF\x8d\xc9\xa5\fm\xca\xfd\x92\n\\\xf8\xb5C\xce\xa9\xdc\xddg\x8e2x\xde\xdf\x14zd\x01s\xaa\xd7v\xfa\xe3\x99\v|2', 0x2d9) 0s ago: executing program 2 (id=2251): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r0, 0x0) bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) socket(0x18, 0x5, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, 0x0) prctl$auto_PR_GET_NO_NEW_PRIVS(0x27, 0x1ff, 0x0, 0x3, 0xffffffffffff3ae6) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/ksm_stat\x00', 0x2, 0x0) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/228, 0xe4) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) kernel console output (not intermixed with test programs): 500.513254][T12069] veth0_vlan: entered allmulticast mode [ 502.486492][T12090] Invalid ELF header magic: != ELF [ 503.090099][T12098] Invalid ELF header magic: != ELF [ 506.321115][T12147] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1649'. [ 506.340747][T12147] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1649'. [ 506.593664][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.600165][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.710101][T12150] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1658'. [ 506.724312][T12150] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1658'. [ 506.806598][T12152] Invalid ELF header magic: != ELF [ 508.112774][T12192] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1659'. [ 508.151472][T12192] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1659'. [ 509.283667][T12212] netlink: 4772 bytes leftover after parsing attributes in process `syz.2.1663'. [ 509.297925][T12212] FAULT_INJECTION: forcing a failure. [ 509.297925][T12212] name failslab, interval 1, probability 0, space 0, times 0 [ 509.311003][T12212] CPU: 0 UID: 0 PID: 12212 Comm: syz.2.1663 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 509.311049][T12212] Tainted: [U]=USER [ 509.311059][T12212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 509.311078][T12212] Call Trace: [ 509.311088][T12212] [ 509.311100][T12212] dump_stack_lvl+0x16c/0x1f0 [ 509.311147][T12212] should_fail_ex+0x512/0x640 [ 509.311181][T12212] ? __kmalloc_noprof+0xbf/0x510 [ 509.311228][T12212] ? lsm_blob_alloc+0x68/0x90 [ 509.311272][T12212] should_failslab+0xc2/0x120 [ 509.311300][T12212] __kmalloc_noprof+0xd2/0x510 [ 509.311354][T12212] lsm_blob_alloc+0x68/0x90 [ 509.311401][T12212] security_prepare_creds+0x30/0x270 [ 509.311446][T12212] prepare_creds+0x56f/0x7d0 [ 509.311482][T12212] copy_creds+0xa7/0xa50 [ 509.311519][T12212] copy_process+0x10b1/0x91a0 [ 509.311559][T12212] ? find_held_lock+0x2b/0x80 [ 509.311607][T12212] ? schedule+0x2d7/0x3a0 [ 509.311647][T12212] ? futex_wait_queue+0x24/0x220 [ 509.311675][T12212] ? schedule+0xf1/0x3a0 [ 509.311712][T12212] ? futex_wait_queue+0x14c/0x220 [ 509.311748][T12212] ? __pfx_copy_process+0x10/0x10 [ 509.311788][T12212] ? __pfx___futex_wait+0x10/0x10 [ 509.311825][T12212] ? __pfx_futex_wake_mark+0x10/0x10 [ 509.311875][T12212] kernel_clone+0xfc/0x960 [ 509.311919][T12212] ? __pfx_kernel_clone+0x10/0x10 [ 509.311984][T12212] __do_sys_clone+0xce/0x120 [ 509.312027][T12212] ? __pfx___do_sys_clone+0x10/0x10 [ 509.312090][T12212] ? rcu_is_watching+0x12/0xc0 [ 509.312138][T12212] do_syscall_64+0xcd/0x260 [ 509.312185][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.312216][T12212] RIP: 0033:0x7fd6d278d169 [ 509.312239][T12212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.312268][T12212] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 509.312296][T12212] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 509.312316][T12212] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 509.312332][T12212] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 509.312350][T12212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 509.312369][T12212] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 509.312406][T12212] [ 509.778374][T12210] netlink: 158 bytes leftover after parsing attributes in process `syz.3.1664'. [ 509.937357][T12228] FAULT_INJECTION: forcing a failure. [ 509.937357][T12228] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 509.953078][T12228] CPU: 1 UID: 0 PID: 12228 Comm: syz.2.1669 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 509.953127][T12228] Tainted: [U]=USER [ 509.953136][T12228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 509.953154][T12228] Call Trace: [ 509.953165][T12228] [ 509.953177][T12228] dump_stack_lvl+0x16c/0x1f0 [ 509.953225][T12228] should_fail_ex+0x512/0x640 [ 509.953266][T12228] _copy_from_user+0x2e/0xd0 [ 509.953307][T12228] copy_msghdr_from_user+0x98/0x160 [ 509.953349][T12228] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 509.953408][T12228] ___sys_sendmsg+0xfe/0x1d0 [ 509.953451][T12228] ? __pfx____sys_sendmsg+0x10/0x10 [ 509.953540][T12228] __sys_sendmsg+0x16d/0x220 [ 509.953588][T12228] ? __pfx___sys_sendmsg+0x10/0x10 [ 509.953642][T12228] ? rcu_is_watching+0x12/0xc0 [ 509.953692][T12228] do_syscall_64+0xcd/0x260 [ 509.953740][T12228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.953771][T12228] RIP: 0033:0x7fd6d278d169 [ 509.953795][T12228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.953825][T12228] RSP: 002b:00007fd6d35b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 509.953854][T12228] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 509.953873][T12228] RDX: 0000000000040000 RSI: 0000200000000140 RDI: 0000000000000003 [ 509.953891][T12228] RBP: 00007fd6d35b8090 R08: 0000000000000000 R09: 0000000000000000 [ 509.953908][T12228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 509.953925][T12228] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 509.953962][T12228] [ 510.541382][T12243] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.1675'. [ 511.562613][T12282] netlink: 4772 bytes leftover after parsing attributes in process `syz.2.1685'. [ 511.575526][T12282] FAULT_INJECTION: forcing a failure. [ 511.575526][T12282] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 511.588935][T12282] CPU: 1 UID: 0 PID: 12282 Comm: syz.2.1685 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 511.588982][T12282] Tainted: [U]=USER [ 511.588993][T12282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 511.589010][T12282] Call Trace: [ 511.589020][T12282] [ 511.589032][T12282] dump_stack_lvl+0x16c/0x1f0 [ 511.589079][T12282] should_fail_ex+0x512/0x640 [ 511.589119][T12282] should_fail_alloc_page+0xe7/0x130 [ 511.589152][T12282] prepare_alloc_pages+0x3c2/0x610 [ 511.589195][T12282] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 511.589248][T12282] ? __lock_acquire+0x5ca/0x1ba0 [ 511.589286][T12282] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 511.589338][T12282] ? find_held_lock+0x2b/0x80 [ 511.589378][T12282] ? bpf_ksym_find+0x124/0x1c0 [ 511.589418][T12282] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 511.589460][T12282] ? is_bpf_text_address+0x94/0x1a0 [ 511.589489][T12282] ? kernel_text_address+0x8d/0x100 [ 511.589523][T12282] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 511.589558][T12282] ? policy_nodemask+0xea/0x4e0 [ 511.589589][T12282] alloc_pages_mpol+0x1fb/0x550 [ 511.589635][T12282] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 511.589667][T12282] ? stack_trace_save+0x8e/0xc0 [ 511.589710][T12282] alloc_pages_noprof+0x131/0x390 [ 511.589738][T12282] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 511.589780][T12282] get_free_pages_noprof+0xc/0x40 [ 511.589809][T12282] kasan_populate_vmalloc_pte+0x2d/0x160 [ 511.589850][T12282] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 511.589891][T12282] __apply_to_page_range+0x5f9/0xd30 [ 511.589931][T12282] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 511.589980][T12282] ? __pfx___apply_to_page_range+0x10/0x10 [ 511.590020][T12282] ? alloc_vmap_area+0x872/0x2970 [ 511.590060][T12282] alloc_vmap_area+0x919/0x2970 [ 511.590109][T12282] ? __pfx_alloc_vmap_area+0x10/0x10 [ 511.590153][T12282] __get_vm_area_node+0x1a7/0x300 [ 511.590197][T12282] __vmalloc_node_range_noprof+0x277/0x1540 [ 511.590239][T12282] ? kernel_clone+0xfc/0x960 [ 511.590280][T12282] ? __mod_memcg_lruvec_state+0x533/0x760 [ 511.590319][T12282] ? find_held_lock+0x2b/0x80 [ 511.590360][T12282] ? rcu_is_watching+0x12/0xc0 [ 511.590397][T12282] ? kernel_clone+0xfc/0x960 [ 511.590448][T12282] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 511.590487][T12282] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 511.590525][T12282] ? rcu_is_watching+0x12/0xc0 [ 511.590563][T12282] ? kernel_clone+0xfc/0x960 [ 511.590606][T12282] __vmalloc_node_noprof+0x74/0xa0 [ 511.590658][T12282] ? kernel_clone+0xfc/0x960 [ 511.590704][T12282] copy_process+0x2ead/0x91a0 [ 511.590745][T12282] ? find_held_lock+0x2b/0x80 [ 511.590783][T12282] ? schedule+0x2d7/0x3a0 [ 511.590824][T12282] ? futex_wait_queue+0x24/0x220 [ 511.590854][T12282] ? schedule+0xf1/0x3a0 [ 511.590890][T12282] ? futex_wait_queue+0x14c/0x220 [ 511.590926][T12282] ? __pfx_copy_process+0x10/0x10 [ 511.590967][T12282] ? __pfx___futex_wait+0x10/0x10 [ 511.591004][T12282] ? __pfx_futex_wake_mark+0x10/0x10 [ 511.591054][T12282] kernel_clone+0xfc/0x960 [ 511.591101][T12282] ? __pfx_kernel_clone+0x10/0x10 [ 511.591166][T12282] __do_sys_clone+0xce/0x120 [ 511.591209][T12282] ? __pfx___do_sys_clone+0x10/0x10 [ 511.591267][T12282] ? rcu_is_watching+0x12/0xc0 [ 511.591315][T12282] do_syscall_64+0xcd/0x260 [ 511.591362][T12282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.591392][T12282] RIP: 0033:0x7fd6d278d169 [ 511.591417][T12282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 511.591447][T12282] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 511.591476][T12282] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 511.591497][T12282] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 511.591516][T12282] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 511.591535][T12282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 511.591552][T12282] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 511.591591][T12282] [ 511.591646][T12282] warn_alloc: 1 callbacks suppressed [ 511.591662][T12282] syz.2.1685: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 512.120048][T12282] CPU: 0 UID: 0 PID: 12282 Comm: syz.2.1685 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 512.120098][T12282] Tainted: [U]=USER [ 512.120109][T12282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 512.120128][T12282] Call Trace: [ 512.120139][T12282] [ 512.120151][T12282] dump_stack_lvl+0x16c/0x1f0 [ 512.120201][T12282] warn_alloc+0x248/0x3a0 [ 512.120251][T12282] ? __pfx_warn_alloc+0x10/0x10 [ 512.120303][T12282] ? kfree+0x2b6/0x4d0 [ 512.120346][T12282] ? __get_vm_area_node+0x1e5/0x300 [ 512.120394][T12282] __vmalloc_node_range_noprof+0xd31/0x1540 [ 512.120437][T12282] ? __mod_memcg_lruvec_state+0x533/0x760 [ 512.120479][T12282] ? find_held_lock+0x2b/0x80 [ 512.120523][T12282] ? rcu_is_watching+0x12/0xc0 [ 512.120563][T12282] ? kernel_clone+0xfc/0x960 [ 512.120634][T12282] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 512.120674][T12282] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 512.120715][T12282] ? rcu_is_watching+0x12/0xc0 [ 512.120756][T12282] ? kernel_clone+0xfc/0x960 [ 512.120808][T12282] __vmalloc_node_noprof+0x74/0xa0 [ 512.120859][T12282] ? kernel_clone+0xfc/0x960 [ 512.120902][T12282] copy_process+0x2ead/0x91a0 [ 512.120943][T12282] ? find_held_lock+0x2b/0x80 [ 512.120981][T12282] ? schedule+0x2d7/0x3a0 [ 512.121021][T12282] ? futex_wait_queue+0x24/0x220 [ 512.121049][T12282] ? schedule+0xf1/0x3a0 [ 512.121084][T12282] ? futex_wait_queue+0x14c/0x220 [ 512.121119][T12282] ? __pfx_copy_process+0x10/0x10 [ 512.121160][T12282] ? __pfx___futex_wait+0x10/0x10 [ 512.121195][T12282] ? __pfx_futex_wake_mark+0x10/0x10 [ 512.121243][T12282] kernel_clone+0xfc/0x960 [ 512.121289][T12282] ? __pfx_kernel_clone+0x10/0x10 [ 512.121360][T12282] __do_sys_clone+0xce/0x120 [ 512.121408][T12282] ? __pfx___do_sys_clone+0x10/0x10 [ 512.121477][T12282] ? rcu_is_watching+0x12/0xc0 [ 512.121529][T12282] do_syscall_64+0xcd/0x260 [ 512.121587][T12282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.121621][T12282] RIP: 0033:0x7fd6d278d169 [ 512.121646][T12282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 512.121675][T12282] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 512.121702][T12282] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 512.121722][T12282] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 512.121739][T12282] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 512.121756][T12282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 512.121774][T12282] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 512.121810][T12282] [ 512.121887][T12282] Mem-Info: [ 512.411114][T12282] active_anon:13498 inactive_anon:0 isolated_anon:0 [ 512.411114][T12282] active_file:10050 inactive_file:46838 isolated_file:0 [ 512.411114][T12282] unevictable:768 dirty:550 writeback:0 [ 512.411114][T12282] slab_reclaimable:10658 slab_unreclaimable:99566 [ 512.411114][T12282] mapped:24225 shmem:2176 pagetables:1445 [ 512.411114][T12282] sec_pagetables:0 bounce:0 [ 512.411114][T12282] kernel_misc_reclaimable:0 [ 512.411114][T12282] free:1311151 free_pcp:10955 free_cma:0 [ 512.486078][T12282] Node 0 active_anon:54092kB inactive_anon:0kB active_file:32892kB inactive_file:187344kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96900kB dirty:2196kB writeback:0kB shmem:7168kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11772kB pagetables:5880kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 512.548238][T12282] Node 1 active_anon:0kB inactive_anon:0kB active_file:7308kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 512.663419][T12282] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 512.694420][T12282] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 512.722058][T12282] Node 0 DMA32 free:1371736kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:53840kB inactive_anon:0kB active_file:32892kB inactive_file:185788kB unevictable:1536kB writepending:2196kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:2888kB local_pcp:1680kB free_cma:0kB [ 512.762708][T12282] lowmem_reserve[]: 0 0 1 1 1 [ 512.767645][T12282] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:4kB free_cma:0kB [ 512.838186][T12282] lowmem_reserve[]: 0 0 0 0 0 [ 512.843011][T12282] Node 1 Normal free:3857784kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:7308kB inactive_file:8kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:41324kB local_pcp:12632kB free_cma:0kB [ 512.893809][T12282] lowmem_reserve[]: 0 0 0 0 0 [ 512.902381][T12282] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 512.956465][T12282] Node 0 DMA32: 28*4kB (UME) 901*8kB (ME) 1030*16kB (UME) 1149*32kB (UME) 720*64kB (UME) 449*128kB (UME) 382*256kB (UME) 251*512kB (UME) 137*1024kB (UM) 4*2048kB (UM) 203*4096kB (UM) = 1370392kB [ 513.022126][T12282] Node 0 Normal: 3*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 513.052191][T12282] Node 1 Normal: 761*4kB (UME) 77*8kB (UME) 68*16kB (UME) 225*32kB (UME) 116*64kB (UME) 48*128kB (UME) 34*256kB (UME) 12*512kB (UME) 12*1024kB (UM) 8*2048kB (UME) 925*4096kB (M) = 3857836kB [ 513.075916][T12282] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 513.109451][T12282] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 513.173586][T12282] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 513.221300][T12282] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 513.240640][T12282] 59064 total pagecache pages [ 513.244356][T12320] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1691'. [ 513.245416][T12282] 0 pages in swap cache [ 513.265273][T12282] Free swap = 124996kB [ 513.289409][T12322] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1691'. [ 513.290612][T12282] Total swap = 124996kB [ 513.304601][T12282] 2097051 pages RAM [ 513.345191][T12282] 0 pages HighMem/MovableOnly [ 513.382351][T12282] 429587 pages reserved [ 513.395518][T12282] 0 pages cma reserved [ 515.139856][T12361] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.1702'. [ 516.574193][ T5848] Bluetooth: hci0: unexpected event 0x01 length: 4 > 1 [ 516.922153][T12396] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1712'. [ 516.940558][T12396] veth0_macvtap: left promiscuous mode [ 516.947020][T12396] macvtap0: entered promiscuous mode [ 516.952501][T12396] macvtap0: entered allmulticast mode [ 519.295210][T12434] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1725'. [ 519.295845][T12434] veth0_macvtap: left promiscuous mode [ 519.296002][T12434] macvtap0: entered promiscuous mode [ 519.296026][T12434] macvtap0: entered allmulticast mode [ 519.527975][T12449] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1729'. [ 520.023832][T12460] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.1734'. [ 520.854746][T12479] Invalid ELF header magic: != ELF [ 521.266876][T12486] netlink: 4772 bytes leftover after parsing attributes in process `syz.1.1744'. [ 522.389565][T12518] netlink: 4772 bytes leftover after parsing attributes in process `syz.2.1755'. [ 522.411645][T12518] FAULT_INJECTION: forcing a failure. [ 522.411645][T12518] name failslab, interval 1, probability 0, space 0, times 0 [ 522.424509][T12518] CPU: 1 UID: 0 PID: 12518 Comm: syz.2.1755 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 522.424561][T12518] Tainted: [U]=USER [ 522.424573][T12518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 522.424593][T12518] Call Trace: [ 522.424604][T12518] [ 522.424617][T12518] dump_stack_lvl+0x16c/0x1f0 [ 522.424669][T12518] should_fail_ex+0x512/0x640 [ 522.424707][T12518] ? __kmalloc_noprof+0xbf/0x510 [ 522.424758][T12518] ? lsm_blob_alloc+0x68/0x90 [ 522.424806][T12518] should_failslab+0xc2/0x120 [ 522.424837][T12518] __kmalloc_noprof+0xd2/0x510 [ 522.424885][T12518] ? __pfx_perf_event_init_task+0x10/0x10 [ 522.424927][T12518] ? audit_alloc+0xa2/0x7b0 [ 522.424965][T12518] ? __pfx_audit_alloc+0x10/0x10 [ 522.425005][T12518] lsm_blob_alloc+0x68/0x90 [ 522.425053][T12518] security_task_alloc+0x2d/0x260 [ 522.425101][T12518] copy_process+0x24ba/0x91a0 [ 522.425146][T12518] ? find_held_lock+0x2b/0x80 [ 522.425176][T12518] ? schedule+0x2d7/0x3a0 [ 522.425223][T12518] ? __pfx_copy_process+0x10/0x10 [ 522.425256][T12518] ? __pfx___futex_wait+0x10/0x10 [ 522.425287][T12518] ? __pfx_futex_wake_mark+0x10/0x10 [ 522.425325][T12518] kernel_clone+0xfc/0x960 [ 522.425360][T12518] ? __pfx_kernel_clone+0x10/0x10 [ 522.425410][T12518] __do_sys_clone+0xce/0x120 [ 522.425458][T12518] ? __pfx___do_sys_clone+0x10/0x10 [ 522.425506][T12518] ? rcu_is_watching+0x12/0xc0 [ 522.425547][T12518] do_syscall_64+0xcd/0x260 [ 522.425583][T12518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.425607][T12518] RIP: 0033:0x7fd6d278d169 [ 522.425626][T12518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 522.425648][T12518] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 522.425670][T12518] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 522.425687][T12518] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 522.425702][T12518] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 522.425716][T12518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 522.425729][T12518] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 522.425758][T12518] [ 522.653390][ C1] vkms_vblank_simulate: vblank timer overrun [ 522.917152][T12524] Invalid ELF header magic: != ELF [ 524.573873][T12555] Invalid ELF header magic: != ELF [ 525.111247][T12560] Invalid ELF header magic: != ELF [ 525.548886][T12564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1770'. [ 525.592220][T12562] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 525.663865][T12562] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 525.745199][T12562] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 526.845137][T11747] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 526.934127][T11166] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 526.943306][T11166] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 526.954953][T11166] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 526.963754][T11166] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 526.975396][T11166] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 527.233397][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.304624][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.384064][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.467563][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.542914][T12585] chnl_net:caif_netlink_parms(): no params data found [ 527.874424][T12585] bridge0: port 1(bridge_slave_0) entered blocking state [ 527.885354][T12585] bridge0: port 1(bridge_slave_0) entered disabled state [ 527.893357][T12585] bridge_slave_0: entered allmulticast mode [ 527.901674][T12585] bridge_slave_0: entered promiscuous mode [ 527.934285][T12585] bridge0: port 2(bridge_slave_1) entered blocking state [ 527.958199][T12585] bridge0: port 2(bridge_slave_1) entered disabled state [ 527.965756][T12585] bridge_slave_1: entered allmulticast mode [ 527.978927][T12585] bridge_slave_1: entered promiscuous mode [ 528.089213][T12609] FAULT_INJECTION: forcing a failure. [ 528.089213][T12609] name failslab, interval 1, probability 0, space 0, times 0 [ 528.135268][T12609] CPU: 1 UID: 0 PID: 12609 Comm: syz.1.1779 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 528.135321][T12609] Tainted: [U]=USER [ 528.135332][T12609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 528.135350][T12609] Call Trace: [ 528.135361][T12609] [ 528.135372][T12609] dump_stack_lvl+0x16c/0x1f0 [ 528.135422][T12609] should_fail_ex+0x512/0x640 [ 528.135460][T12609] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 528.135515][T12609] should_failslab+0xc2/0x120 [ 528.135546][T12609] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 528.135595][T12609] ? __proc_create+0xc3/0x8c0 [ 528.135628][T12609] ? __proc_create+0x2ce/0x8c0 [ 528.135667][T12609] __proc_create+0x2ce/0x8c0 [ 528.135722][T12609] ? __pfx___proc_create+0x10/0x10 [ 528.135758][T12609] ? find_held_lock+0x2b/0x80 [ 528.135808][T12609] ? mark_held_locks+0x49/0x80 [ 528.135865][T12609] proc_create_reg+0x7d/0x180 [ 528.135908][T12609] proc_create_net_data+0x8e/0x1b0 [ 528.135948][T12609] ? __pfx_proc_create_net_data+0x10/0x10 [ 528.135986][T12609] ? __pfx___netlink_kernel_create+0x10/0x10 [ 528.136046][T12609] fib_proc_init+0x58/0x1b0 [ 528.136088][T12609] fib_net_init+0x2af/0x3f0 [ 528.136132][T12609] ? __pfx___register_sysctl_table+0x10/0x10 [ 528.136169][T12609] ? __pfx_fib_net_init+0x10/0x10 [ 528.136221][T12609] ? lockdep_init_map_type+0x5c/0x280 [ 528.136254][T12609] ? __pfx_nl_fib_input+0x10/0x10 [ 528.136305][T12609] ? devinet_init_net+0x5c2/0x910 [ 528.136358][T12609] ? __pfx_fib_net_init+0x10/0x10 [ 528.136401][T12609] ops_init+0x1df/0x5f0 [ 528.136451][T12609] setup_net+0x21e/0x850 [ 528.136500][T12609] ? __pfx_setup_net+0x10/0x10 [ 528.136543][T12609] ? lockdep_init_map_type+0x5c/0x280 [ 528.136575][T12609] ? __pfx_down_read_killable+0x10/0x10 [ 528.136610][T12609] ? debug_mutex_init+0x37/0x70 [ 528.136656][T12609] copy_net_ns+0x2a6/0x5f0 [ 528.136711][T12609] create_new_namespaces+0x3ea/0xad0 [ 528.136767][T12609] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 528.136819][T12609] ksys_unshare+0x45b/0xa40 [ 528.136871][T12609] ? __pfx_ksys_unshare+0x10/0x10 [ 528.136919][T12609] ? xfd_validate_state+0x5d/0x180 [ 528.136959][T12609] ? rcu_is_watching+0x12/0xc0 [ 528.137008][T12609] __x64_sys_unshare+0x31/0x40 [ 528.137058][T12609] do_syscall_64+0xcd/0x260 [ 528.137109][T12609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.137143][T12609] RIP: 0033:0x7fe0c938d169 [ 528.137170][T12609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.137214][T12609] RSP: 002b:00007fe0c71f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 528.137248][T12609] RAX: ffffffffffffffda RBX: 00007fe0c95a6080 RCX: 00007fe0c938d169 [ 528.137270][T12609] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 528.137290][T12609] RBP: 00007fe0c940e730 R08: 0000000000000000 R09: 0000000000000000 [ 528.137310][T12609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.137330][T12609] R13: 0000000000000000 R14: 00007fe0c95a6080 R15: 00007ffc579f3488 [ 528.137372][T12609] [ 528.563559][T12585] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 528.578622][T12585] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 528.686467][T12585] team0: Port device team_slave_0 added [ 528.695654][T12585] team0: Port device team_slave_1 added [ 528.745455][ T13] bridge_slave_0: left allmulticast mode [ 528.762084][ T13] bridge_slave_0: left promiscuous mode [ 528.769256][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 529.071279][T11166] Bluetooth: hci1: command tx timeout [ 529.264824][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 529.276423][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 529.289100][ T13] bond0 (unregistering): Released all slaves [ 529.307277][T12585] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 529.315492][T12585] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 529.343338][T12585] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 529.406456][T12585] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 529.415670][T12585] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 529.450129][T12585] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 529.701317][T12585] hsr_slave_0: entered promiscuous mode [ 529.710216][T12585] hsr_slave_1: entered promiscuous mode [ 529.716686][T12585] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 529.726117][T12585] Cannot create hsr debugfs directory [ 530.053691][ T13] hsr_slave_0: left promiscuous mode [ 530.075207][ T13] hsr_slave_1: left promiscuous mode [ 530.087254][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 530.105065][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 530.149550][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 530.178162][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 530.244096][ T13] veth0_macvtap: left promiscuous mode [ 530.258485][ T13] veth1_vlan: left promiscuous mode [ 530.264011][ T13] veth0_vlan: left promiscuous mode [ 531.148428][T11166] Bluetooth: hci1: command tx timeout [ 532.624139][ T13] team0 (unregistering): Port device team_slave_1 removed [ 532.735959][ T13] team0 (unregistering): Port device team_slave_0 removed [ 533.232219][T11166] Bluetooth: hci1: command tx timeout [ 533.322474][T12683] could not allocate digest TFM handle [ 534.337558][T12585] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 534.384746][T12585] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 534.417664][T12585] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 534.445718][T12585] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 535.072354][T12585] 8021q: adding VLAN 0 to HW filter on device bond0 [ 535.196401][T12585] 8021q: adding VLAN 0 to HW filter on device team0 [ 535.277551][T11236] bridge0: port 1(bridge_slave_0) entered blocking state [ 535.284851][T11236] bridge0: port 1(bridge_slave_0) entered forwarding state [ 535.309033][T11166] Bluetooth: hci1: command tx timeout [ 535.477652][T11236] bridge0: port 2(bridge_slave_1) entered blocking state [ 535.484874][T11236] bridge0: port 2(bridge_slave_1) entered forwarding state [ 535.601523][T12585] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 535.612052][T12585] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 535.774758][T12730] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1807'. [ 536.625573][T12585] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 536.825766][T12743] could not allocate digest TFM handle [ 537.784049][T12585] veth0_vlan: entered promiscuous mode [ 537.837779][T12585] veth1_vlan: entered promiscuous mode [ 537.994247][T12585] veth0_macvtap: entered promiscuous mode [ 538.041235][T12585] veth1_macvtap: entered promiscuous mode [ 538.055056][T12783] Invalid ELF header magic: != ELF [ 538.259707][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.292808][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.333310][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.378210][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.430800][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.461370][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.481521][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 538.511488][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.550276][T12585] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 538.587421][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.634339][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.668960][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.705004][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.740541][T12806] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.1818'. [ 538.748301][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.778094][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.796669][T12585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.827776][T12585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.849554][T12585] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 538.896204][T12585] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.929342][T12585] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.955895][T12585] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.965210][T12585] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 539.407223][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 539.432468][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 539.568515][T11235] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 539.576563][T11235] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 542.067581][T12852] Invalid ELF header magic: != ELF [ 543.415586][T11166] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 543.624765][T12937] bond0: Unable to set down delay as MII monitoring is disabled [ 543.825407][T12942] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.1844'. [ 543.840908][T12944] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.1845'. [ 545.494972][T13003] netlink: 4772 bytes leftover after parsing attributes in process `syz.2.1856'. [ 545.915359][T13022] FAULT_INJECTION: forcing a failure. [ 545.915359][T13022] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 546.013884][T13022] CPU: 0 UID: 0 PID: 13022 Comm: syz.5.1860 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 546.013946][T13022] Tainted: [U]=USER [ 546.013955][T13022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 546.013972][T13022] Call Trace: [ 546.013981][T13022] [ 546.013992][T13022] dump_stack_lvl+0x16c/0x1f0 [ 546.014038][T13022] should_fail_ex+0x512/0x640 [ 546.014076][T13022] _copy_from_user+0x2e/0xd0 [ 546.014115][T13022] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 546.014165][T13022] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 546.014216][T13022] ? bpf_lsm_capable+0x9/0x10 [ 546.014258][T13022] ? security_capable+0x7e/0x260 [ 546.014291][T13022] ip6_mroute_setsockopt+0x13de/0x20d0 [ 546.014330][T13022] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 546.014376][T13022] ? find_held_lock+0x2b/0x80 [ 546.014413][T13022] ? is_bpf_text_address+0x8a/0x1a0 [ 546.014449][T13022] ? kernel_text_address+0x8d/0x100 [ 546.014484][T13022] ? __kernel_text_address+0xd/0x40 [ 546.014518][T13022] ? unwind_get_return_address+0x59/0xa0 [ 546.014558][T13022] ? arch_stack_walk+0xa6/0x100 [ 546.014603][T13022] ? do_ipv6_setsockopt+0x7b1/0x4420 [ 546.014642][T13022] do_ipv6_setsockopt+0x7b1/0x4420 [ 546.014697][T13022] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 546.014736][T13022] ? _kstrtoull+0x145/0x200 [ 546.014781][T13022] ? aa_label_sk_perm+0x19b/0x5a0 [ 546.014816][T13022] ? find_held_lock+0x2b/0x80 [ 546.014849][T13022] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 546.014881][T13022] ? __lock_acquire+0x5ca/0x1ba0 [ 546.014936][T13022] ? __pfx___might_resched+0x10/0x10 [ 546.014984][T13022] ? ipv6_setsockopt+0xcb/0x170 [ 546.015019][T13022] ipv6_setsockopt+0xcb/0x170 [ 546.015061][T13022] rawv6_setsockopt+0xc2/0x510 [ 546.015099][T13022] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 546.015136][T13022] ? sock_common_setsockopt+0x2e/0xf0 [ 546.015180][T13022] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 546.015223][T13022] do_sock_setsockopt+0x221/0x470 [ 546.015268][T13022] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 546.015335][T13022] __sys_setsockopt+0x1a0/0x230 [ 546.015388][T13022] __x64_sys_setsockopt+0xbd/0x160 [ 546.015438][T13022] ? do_syscall_64+0x91/0x260 [ 546.015481][T13022] ? lockdep_hardirqs_on+0x7c/0x110 [ 546.015520][T13022] do_syscall_64+0xcd/0x260 [ 546.015565][T13022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.015594][T13022] RIP: 0033:0x7f91d698d169 [ 546.015617][T13022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 546.015646][T13022] RSP: 002b:00007f91d78c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 546.015673][T13022] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 546.015699][T13022] RDX: 00000000000000d0 RSI: 0000000000000029 RDI: 0400000000000003 [ 546.015717][T13022] RBP: 00007f91d78c4090 R08: 0000000000000004 R09: 0000000000000000 [ 546.015735][T13022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 546.015752][T13022] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 546.015788][T13022] [ 546.857762][T13044] FAULT_INJECTION: forcing a failure. [ 546.857762][T13044] name failslab, interval 1, probability 0, space 0, times 0 [ 546.923976][T13044] CPU: 1 UID: 0 PID: 13044 Comm: syz.2.1867 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 546.924019][T13044] Tainted: [U]=USER [ 546.924028][T13044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 546.924059][T13044] Call Trace: [ 546.924069][T13044] [ 546.924080][T13044] dump_stack_lvl+0x16c/0x1f0 [ 546.924125][T13044] should_fail_ex+0x512/0x640 [ 546.924158][T13044] ? fs_reclaim_acquire+0xae/0x150 [ 546.924196][T13044] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 546.924236][T13044] should_failslab+0xc2/0x120 [ 546.924263][T13044] __kmalloc_noprof+0xd2/0x510 [ 546.924315][T13044] tomoyo_realpath_from_path+0xc2/0x6e0 [ 546.924359][T13044] ? tomoyo_profile+0x47/0x60 [ 546.924407][T13044] tomoyo_path_number_perm+0x245/0x580 [ 546.924441][T13044] ? tomoyo_path_number_perm+0x237/0x580 [ 546.924480][T13044] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 546.924517][T13044] ? find_held_lock+0x2b/0x80 [ 546.924597][T13044] ? find_held_lock+0x2b/0x80 [ 546.924633][T13044] ? hook_file_ioctl_common+0x145/0x410 [ 546.924674][T13044] ? __fget_files+0x20e/0x3c0 [ 546.924722][T13044] security_file_ioctl+0x9b/0x240 [ 546.924761][T13044] __x64_sys_ioctl+0xb7/0x200 [ 546.924799][T13044] do_syscall_64+0xcd/0x260 [ 546.924844][T13044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.924881][T13044] RIP: 0033:0x7fd6d278d169 [ 546.924903][T13044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 546.924932][T13044] RSP: 002b:00007fd6d35b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 546.924958][T13044] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 546.924978][T13044] RDX: 0000000000000003 RSI: 00000000c0189436 RDI: 0000000000000002 [ 546.924995][T13044] RBP: 00007fd6d35b8090 R08: 0000000000000000 R09: 0000000000000000 [ 546.925012][T13044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 546.925029][T13044] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 546.925065][T13044] [ 546.925676][T13044] ERROR: Out of memory at tomoyo_realpath_from_path. [ 547.182109][T13040] netlink: 'syz.5.1866': attribute type 11 has an invalid length. [ 547.196615][T13040] netlink: 'syz.5.1866': attribute type 11 has an invalid length. [ 547.369126][T13051] bond0: Unable to set down delay as MII monitoring is disabled [ 547.635988][T13057] netlink: 4772 bytes leftover after parsing attributes in process `syz.1.1869'. [ 547.650562][T13057] FAULT_INJECTION: forcing a failure. [ 547.650562][T13057] name failslab, interval 1, probability 0, space 0, times 0 [ 547.663306][T13057] CPU: 1 UID: 0 PID: 13057 Comm: syz.1.1869 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 547.663358][T13057] Tainted: [U]=USER [ 547.663370][T13057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 547.663389][T13057] Call Trace: [ 547.663402][T13057] [ 547.663414][T13057] dump_stack_lvl+0x16c/0x1f0 [ 547.663466][T13057] should_fail_ex+0x512/0x640 [ 547.663512][T13057] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 547.663569][T13057] should_failslab+0xc2/0x120 [ 547.663602][T13057] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 547.663654][T13057] ? dup_fd+0x4e/0xb90 [ 547.663708][T13057] dup_fd+0x4e/0xb90 [ 547.663756][T13057] ? __pfx_audit_alloc+0x10/0x10 [ 547.663799][T13057] ? apparmor_task_alloc+0x2c2/0x3b0 [ 547.663838][T13057] copy_process+0x25c1/0x91a0 [ 547.663916][T13057] ? __pfx_copy_process+0x10/0x10 [ 547.663969][T13057] ? try_to_wake_up+0xa2f/0x1680 [ 547.664014][T13057] ? __pfx_try_to_wake_up+0x10/0x10 [ 547.664056][T13057] ? plist_check_head+0xa3/0x150 [ 547.664091][T13057] ? find_held_lock+0x2b/0x80 [ 547.664139][T13057] ? wake_up_q+0xb0/0x160 [ 547.664177][T13057] ? do_raw_spin_unlock+0x172/0x230 [ 547.664222][T13057] kernel_clone+0xfc/0x960 [ 547.664271][T13057] ? __pfx_futex_wake+0x10/0x10 [ 547.664302][T13057] ? __pfx_kernel_clone+0x10/0x10 [ 547.664374][T13057] __do_sys_clone+0xce/0x120 [ 547.664423][T13057] ? __pfx___do_sys_clone+0x10/0x10 [ 547.664500][T13057] ? rcu_is_watching+0x12/0xc0 [ 547.664552][T13057] do_syscall_64+0xcd/0x260 [ 547.664604][T13057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.664638][T13057] RIP: 0033:0x7fe0c938d169 [ 547.664665][T13057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.664698][T13057] RSP: 002b:00007fe0ca11bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 547.664729][T13057] RAX: ffffffffffffffda RBX: 00007fe0c95a5fa0 RCX: 00007fe0c938d169 [ 547.664750][T13057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 547.664769][T13057] RBP: 00007fe0c940e730 R08: 0000000000000000 R09: 0000000000000000 [ 547.664788][T13057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 547.664808][T13057] R13: 0000000000000000 R14: 00007fe0c95a5fa0 R15: 00007ffc579f3488 [ 547.664848][T13057] [ 547.724179][T13056] Invalid ELF header magic: != ELF [ 547.726894][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.909724][ C1] vkms_vblank_simulate: vblank timer overrun [ 548.755190][T13086] blktrace: Concurrent blktraces are not allowed on sg0 [ 549.226367][T13095] Invalid ELF header magic: != ELF [ 551.961684][T13138] Invalid ELF header magic: != ELF [ 552.053843][T13142] Invalid ELF header magic: != ELF [ 555.136636][T13188] Invalid ELF header magic: != ELF [ 557.729999][T13242] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.1906'. [ 557.769865][T13242] FAULT_INJECTION: forcing a failure. [ 557.769865][T13242] name failslab, interval 1, probability 0, space 0, times 0 [ 557.788780][T13242] CPU: 1 UID: 0 PID: 13242 Comm: syz.5.1906 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 557.788834][T13242] Tainted: [U]=USER [ 557.788845][T13242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 557.788865][T13242] Call Trace: [ 557.788876][T13242] [ 557.788888][T13242] dump_stack_lvl+0x16c/0x1f0 [ 557.788951][T13242] should_fail_ex+0x512/0x640 [ 557.788987][T13242] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 557.789041][T13242] should_failslab+0xc2/0x120 [ 557.789072][T13242] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 557.789122][T13242] ? dup_fd+0x4e/0xb90 [ 557.789174][T13242] dup_fd+0x4e/0xb90 [ 557.789219][T13242] ? __pfx_audit_alloc+0x10/0x10 [ 557.789261][T13242] ? apparmor_task_alloc+0x2c2/0x3b0 [ 557.789299][T13242] copy_process+0x25c1/0x91a0 [ 557.789373][T13242] ? __pfx_copy_process+0x10/0x10 [ 557.789424][T13242] ? try_to_wake_up+0xa2f/0x1680 [ 557.789468][T13242] ? __pfx_try_to_wake_up+0x10/0x10 [ 557.789509][T13242] ? plist_check_head+0xa3/0x150 [ 557.789542][T13242] ? find_held_lock+0x2b/0x80 [ 557.789589][T13242] ? wake_up_q+0xb0/0x160 [ 557.789635][T13242] ? do_raw_spin_unlock+0x172/0x230 [ 557.789680][T13242] kernel_clone+0xfc/0x960 [ 557.789726][T13242] ? __pfx_futex_wake+0x10/0x10 [ 557.789754][T13242] ? __pfx_kernel_clone+0x10/0x10 [ 557.789824][T13242] __do_sys_clone+0xce/0x120 [ 557.789872][T13242] ? __pfx___do_sys_clone+0x10/0x10 [ 557.789933][T13242] ? rcu_is_watching+0x12/0xc0 [ 557.789980][T13242] do_syscall_64+0xcd/0x260 [ 557.790026][T13242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.790059][T13242] RIP: 0033:0x7f91d698d169 [ 557.790085][T13242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.790116][T13242] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 557.790146][T13242] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 557.790168][T13242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 557.790187][T13242] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 557.790206][T13242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.790225][T13242] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 557.790264][T13242] [ 558.587323][T13253] Invalid ELF header magic: != ELF [ 558.850335][T13254] FAULT_INJECTION: forcing a failure. [ 558.850335][T13254] name failslab, interval 1, probability 0, space 0, times 0 [ 558.902406][T13254] CPU: 0 UID: 0 PID: 13254 Comm: syz.5.1908 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 558.902461][T13254] Tainted: [U]=USER [ 558.902472][T13254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 558.902493][T13254] Call Trace: [ 558.902504][T13254] [ 558.902518][T13254] dump_stack_lvl+0x16c/0x1f0 [ 558.902580][T13254] should_fail_ex+0x512/0x640 [ 558.902617][T13254] ? __kmalloc_noprof+0xbf/0x510 [ 558.902670][T13254] ? sk_prot_alloc+0x1a8/0x2a0 [ 558.902729][T13254] should_failslab+0xc2/0x120 [ 558.902757][T13254] __kmalloc_noprof+0xd2/0x510 [ 558.902803][T13254] ? evm_inode_alloc_security+0x49/0xc0 [ 558.902862][T13254] sk_prot_alloc+0x1a8/0x2a0 [ 558.902913][T13254] sk_alloc+0x36/0xc20 [ 558.902955][T13254] __netlink_create+0x5e/0x2c0 [ 558.902997][T13254] __netlink_kernel_create+0xed/0x750 [ 558.903048][T13254] ? __pfx___netlink_kernel_create+0x10/0x10 [ 558.903108][T13254] fib_net_init+0x26d/0x3f0 [ 558.903150][T13254] ? __pfx___register_sysctl_table+0x10/0x10 [ 558.903187][T13254] ? __pfx_fib_net_init+0x10/0x10 [ 558.903229][T13254] ? lockdep_init_map_type+0x5c/0x280 [ 558.903261][T13254] ? __pfx_nl_fib_input+0x10/0x10 [ 558.903311][T13254] ? devinet_init_net+0x5c2/0x910 [ 558.903362][T13254] ? __pfx_fib_net_init+0x10/0x10 [ 558.903404][T13254] ops_init+0x1df/0x5f0 [ 558.903453][T13254] setup_net+0x21e/0x850 [ 558.903500][T13254] ? __pfx_setup_net+0x10/0x10 [ 558.903550][T13254] ? lockdep_init_map_type+0x5c/0x280 [ 558.903580][T13254] ? __pfx_down_read_killable+0x10/0x10 [ 558.903616][T13254] ? debug_mutex_init+0x37/0x70 [ 558.903660][T13254] copy_net_ns+0x2a6/0x5f0 [ 558.903712][T13254] create_new_namespaces+0x3ea/0xad0 [ 558.903771][T13254] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 558.903821][T13254] ksys_unshare+0x45b/0xa40 [ 558.903872][T13254] ? __pfx_ksys_unshare+0x10/0x10 [ 558.903928][T13254] ? rcu_is_watching+0x12/0xc0 [ 558.903979][T13254] __x64_sys_unshare+0x31/0x40 [ 558.904027][T13254] do_syscall_64+0xcd/0x260 [ 558.904078][T13254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.904112][T13254] RIP: 0033:0x7f91d698d169 [ 558.904139][T13254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.904171][T13254] RSP: 002b:00007f91d78a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 558.904202][T13254] RAX: ffffffffffffffda RBX: 00007f91d6ba6080 RCX: 00007f91d698d169 [ 558.904223][T13254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 558.904242][T13254] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 558.904261][T13254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 558.904280][T13254] R13: 0000000000000000 R14: 00007f91d6ba6080 R15: 00007ffff495e128 [ 558.904320][T13254] [ 561.708100][T13310] Invalid ELF header magic: != ELF [ 564.434477][T13382] netlink: 4772 bytes leftover after parsing attributes in process `syz.2.1934'. [ 564.474887][T13382] FAULT_INJECTION: forcing a failure. [ 564.474887][T13382] name failslab, interval 1, probability 0, space 0, times 0 [ 564.512201][T13382] CPU: 0 UID: 0 PID: 13382 Comm: syz.2.1934 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 564.512257][T13382] Tainted: [U]=USER [ 564.512268][T13382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 564.512288][T13382] Call Trace: [ 564.512299][T13382] [ 564.512312][T13382] dump_stack_lvl+0x16c/0x1f0 [ 564.512363][T13382] should_fail_ex+0x512/0x640 [ 564.512400][T13382] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 564.512455][T13382] should_failslab+0xc2/0x120 [ 564.512486][T13382] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 564.512533][T13382] ? __pfx___might_resched+0x10/0x10 [ 564.512578][T13382] ? alloc_vmap_area+0x613/0x2970 [ 564.512619][T13382] alloc_vmap_area+0x613/0x2970 [ 564.512672][T13382] ? __pfx_alloc_vmap_area+0x10/0x10 [ 564.512719][T13382] __get_vm_area_node+0x1a7/0x300 [ 564.512766][T13382] __vmalloc_node_range_noprof+0x277/0x1540 [ 564.512808][T13382] ? kernel_clone+0xfc/0x960 [ 564.512874][T13382] ? __mod_memcg_lruvec_state+0x533/0x760 [ 564.512918][T13382] ? find_held_lock+0x2b/0x80 [ 564.512964][T13382] ? rcu_is_watching+0x12/0xc0 [ 564.513004][T13382] ? kernel_clone+0xfc/0x960 [ 564.513058][T13382] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 564.513099][T13382] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 564.513141][T13382] ? rcu_is_watching+0x12/0xc0 [ 564.513183][T13382] ? kernel_clone+0xfc/0x960 [ 564.513227][T13382] __vmalloc_node_noprof+0x74/0xa0 [ 564.513270][T13382] ? kernel_clone+0xfc/0x960 [ 564.513318][T13382] copy_process+0x2ead/0x91a0 [ 564.513363][T13382] ? find_held_lock+0x2b/0x80 [ 564.513404][T13382] ? schedule+0x2d7/0x3a0 [ 564.513446][T13382] ? futex_wait_queue+0x24/0x220 [ 564.513477][T13382] ? schedule+0xf1/0x3a0 [ 564.513516][T13382] ? futex_wait_queue+0x14c/0x220 [ 564.513554][T13382] ? __pfx_copy_process+0x10/0x10 [ 564.513598][T13382] ? __pfx___futex_wait+0x10/0x10 [ 564.513638][T13382] ? __pfx_futex_wake_mark+0x10/0x10 [ 564.513691][T13382] kernel_clone+0xfc/0x960 [ 564.513741][T13382] ? __pfx_kernel_clone+0x10/0x10 [ 564.513809][T13382] __do_sys_clone+0xce/0x120 [ 564.513880][T13382] ? __pfx___do_sys_clone+0x10/0x10 [ 564.513950][T13382] ? rcu_is_watching+0x12/0xc0 [ 564.514003][T13382] do_syscall_64+0xcd/0x260 [ 564.514054][T13382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.514086][T13382] RIP: 0033:0x7fd6d278d169 [ 564.514112][T13382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 564.514145][T13382] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 564.514175][T13382] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 564.514197][T13382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 564.514216][T13382] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 564.514236][T13382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 564.514255][T13382] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 564.514296][T13382] [ 564.514326][T13382] syz.2.1934: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 564.908608][T13382] CPU: 0 UID: 0 PID: 13382 Comm: syz.2.1934 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 564.908660][T13382] Tainted: [U]=USER [ 564.908672][T13382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 564.908693][T13382] Call Trace: [ 564.908703][T13382] [ 564.908716][T13382] dump_stack_lvl+0x16c/0x1f0 [ 564.908770][T13382] warn_alloc+0x248/0x3a0 [ 564.908822][T13382] ? __pfx_warn_alloc+0x10/0x10 [ 564.908876][T13382] ? kfree+0x2b6/0x4d0 [ 564.908928][T13382] ? __get_vm_area_node+0x1e5/0x300 [ 564.908979][T13382] __vmalloc_node_range_noprof+0xd31/0x1540 [ 564.909023][T13382] ? __mod_memcg_lruvec_state+0x533/0x760 [ 564.909075][T13382] ? find_held_lock+0x2b/0x80 [ 564.909120][T13382] ? rcu_is_watching+0x12/0xc0 [ 564.909160][T13382] ? kernel_clone+0xfc/0x960 [ 564.909216][T13382] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 564.909260][T13382] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 564.909304][T13382] ? rcu_is_watching+0x12/0xc0 [ 564.909348][T13382] ? kernel_clone+0xfc/0x960 [ 564.909392][T13382] __vmalloc_node_noprof+0x74/0xa0 [ 564.909436][T13382] ? kernel_clone+0xfc/0x960 [ 564.909487][T13382] copy_process+0x2ead/0x91a0 [ 564.909532][T13382] ? find_held_lock+0x2b/0x80 [ 564.909573][T13382] ? schedule+0x2d7/0x3a0 [ 564.909614][T13382] ? futex_wait_queue+0x24/0x220 [ 564.909645][T13382] ? schedule+0xf1/0x3a0 [ 564.909683][T13382] ? futex_wait_queue+0x14c/0x220 [ 564.909723][T13382] ? __pfx_copy_process+0x10/0x10 [ 564.909768][T13382] ? __pfx___futex_wait+0x10/0x10 [ 564.909809][T13382] ? __pfx_futex_wake_mark+0x10/0x10 [ 564.909863][T13382] kernel_clone+0xfc/0x960 [ 564.909914][T13382] ? __pfx_kernel_clone+0x10/0x10 [ 564.909985][T13382] __do_sys_clone+0xce/0x120 [ 564.910034][T13382] ? __pfx___do_sys_clone+0x10/0x10 [ 564.910110][T13382] ? rcu_is_watching+0x12/0xc0 [ 564.910163][T13382] do_syscall_64+0xcd/0x260 [ 564.910213][T13382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.910247][T13382] RIP: 0033:0x7fd6d278d169 [ 564.910274][T13382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 564.910308][T13382] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 564.910339][T13382] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 564.910360][T13382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 564.910379][T13382] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 564.910399][T13382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 564.910419][T13382] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 564.910459][T13382] [ 564.910471][T13382] Mem-Info: [ 565.228061][T13382] active_anon:23823 inactive_anon:0 isolated_anon:0 [ 565.228061][T13382] active_file:9867 inactive_file:47074 isolated_file:0 [ 565.228061][T13382] unevictable:768 dirty:503 writeback:0 [ 565.228061][T13382] slab_reclaimable:10591 slab_unreclaimable:103666 [ 565.228061][T13382] mapped:24336 shmem:11436 pagetables:1680 [ 565.228061][T13382] sec_pagetables:0 bounce:0 [ 565.228061][T13382] kernel_misc_reclaimable:0 [ 565.228061][T13382] free:1294543 free_pcp:11760 free_cma:0 [ 565.273681][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.348093][T13382] Node 0 active_anon:91792kB inactive_anon:0kB active_file:32432kB inactive_file:188060kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97032kB dirty:2004kB writeback:0kB shmem:40908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12272kB pagetables:6520kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 565.381619][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.438158][T13382] Node 1 active_anon:0kB inactive_anon:0kB active_file:7036kB inactive_file:236kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:312kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 565.469895][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.521259][T13382] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 565.599287][T13382] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 565.605160][T13382] Node 0 DMA32 free:1314516kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:81340kB inactive_anon:0kB active_file:32432kB inactive_file:186504kB unevictable:1536kB writepending:1804kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:10936kB local_pcp:224kB free_cma:0kB [ 565.644288][T13382] lowmem_reserve[]: 0 0 1 1 1 [ 565.652039][T13382] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:12kB free_cma:0kB [ 565.726813][T13382] lowmem_reserve[]: 0 0 0 0 0 [ 565.736932][T13382] Node 1 Normal free:3864084kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:7036kB inactive_file:236kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:35076kB local_pcp:25464kB free_cma:0kB [ 565.823929][T13382] lowmem_reserve[]: 0 0 0 0 0 [ 565.840380][T13382] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 565.878167][T13382] Node 0 DMA32: 98*4kB (ME) 730*8kB (ME) 796*16kB (UME) 771*32kB (ME) 598*64kB (UME) 397*128kB (UME) 377*256kB (UME) 259*512kB (UME) 143*1024kB (UM) 1*2048kB (U) 198*4096kB (UM) = 1321336kB [ 565.948367][T13382] Node 0 Normal: 3*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 566.005190][T13382] Node 1 Normal: 253*4kB (UME) 78*8kB (UME) 70*16kB (UME) 226*32kB (UME) 117*64kB (UME) 48*128kB (UME) 33*256kB (UME) 15*512kB (UME) 11*1024kB (UM) 8*2048kB (UME) 927*4096kB (M) = 3864388kB [ 566.046211][T13382] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 566.086758][T13382] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 566.113210][T13382] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 566.146847][T13382] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 566.193788][T13382] 59262 total pagecache pages [ 566.223101][T13382] 39 pages in swap cache [ 566.234723][T13382] Free swap = 124868kB [ 566.257946][T13382] Total swap = 124996kB [ 566.262829][T13382] 2097051 pages RAM [ 566.266673][T13382] 0 pages HighMem/MovableOnly [ 566.301597][T13382] 429587 pages reserved [ 566.328150][T13382] 0 pages cma reserved [ 566.613824][T13422] Invalid ELF header magic: != ELF [ 568.073947][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.118798][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.453616][T13504] Invalid ELF header magic: != ELF [ 572.425556][T13579] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1970'. [ 572.623626][T13582] Invalid ELF header magic: != ELF [ 573.596921][T13614] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.1982'. [ 575.153498][T13653] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.1993'. [ 575.198924][T13653] FAULT_INJECTION: forcing a failure. [ 575.198924][T13653] name failslab, interval 1, probability 0, space 0, times 0 [ 575.240167][T13653] CPU: 0 UID: 0 PID: 13653 Comm: syz.5.1993 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 575.240253][T13653] Tainted: [U]=USER [ 575.240265][T13653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 575.240283][T13653] Call Trace: [ 575.240293][T13653] [ 575.240305][T13653] dump_stack_lvl+0x16c/0x1f0 [ 575.240354][T13653] should_fail_ex+0x512/0x640 [ 575.240391][T13653] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 575.240446][T13653] should_failslab+0xc2/0x120 [ 575.240476][T13653] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 575.240525][T13653] ? __pfx___might_resched+0x10/0x10 [ 575.240569][T13653] ? alloc_vmap_area+0x613/0x2970 [ 575.240611][T13653] alloc_vmap_area+0x613/0x2970 [ 575.240663][T13653] ? __pfx_alloc_vmap_area+0x10/0x10 [ 575.240712][T13653] __get_vm_area_node+0x1a7/0x300 [ 575.240759][T13653] __vmalloc_node_range_noprof+0x277/0x1540 [ 575.240802][T13653] ? kernel_clone+0xfc/0x960 [ 575.240846][T13653] ? __mod_memcg_lruvec_state+0x533/0x760 [ 575.240888][T13653] ? find_held_lock+0x2b/0x80 [ 575.240931][T13653] ? rcu_is_watching+0x12/0xc0 [ 575.240970][T13653] ? kernel_clone+0xfc/0x960 [ 575.241023][T13653] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 575.241064][T13653] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 575.241105][T13653] ? rcu_is_watching+0x12/0xc0 [ 575.241154][T13653] ? kernel_clone+0xfc/0x960 [ 575.241197][T13653] __vmalloc_node_noprof+0x74/0xa0 [ 575.241241][T13653] ? kernel_clone+0xfc/0x960 [ 575.241289][T13653] copy_process+0x2ead/0x91a0 [ 575.241333][T13653] ? find_held_lock+0x2b/0x80 [ 575.241374][T13653] ? schedule+0x2d7/0x3a0 [ 575.241417][T13653] ? futex_wait_queue+0x24/0x220 [ 575.241447][T13653] ? schedule+0xf1/0x3a0 [ 575.241486][T13653] ? futex_wait_queue+0x14c/0x220 [ 575.241524][T13653] ? __pfx_copy_process+0x10/0x10 [ 575.241568][T13653] ? __pfx___futex_wait+0x10/0x10 [ 575.241607][T13653] ? __pfx_futex_wake_mark+0x10/0x10 [ 575.241659][T13653] kernel_clone+0xfc/0x960 [ 575.241708][T13653] ? __pfx_kernel_clone+0x10/0x10 [ 575.241775][T13653] __do_sys_clone+0xce/0x120 [ 575.241826][T13653] ? __pfx___do_sys_clone+0x10/0x10 [ 575.241894][T13653] ? rcu_is_watching+0x12/0xc0 [ 575.241945][T13653] do_syscall_64+0xcd/0x260 [ 575.241993][T13653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.242026][T13653] RIP: 0033:0x7f91d698d169 [ 575.242051][T13653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 575.242084][T13653] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 575.242118][T13653] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 575.242140][T13653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 575.242159][T13653] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 575.242178][T13653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.242197][T13653] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 575.242247][T13653] [ 575.242349][T13653] syz.5.1993: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 575.642892][T13653] CPU: 0 UID: 0 PID: 13653 Comm: syz.5.1993 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 575.642946][T13653] Tainted: [U]=USER [ 575.642957][T13653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 575.642977][T13653] Call Trace: [ 575.642987][T13653] [ 575.643000][T13653] dump_stack_lvl+0x16c/0x1f0 [ 575.643051][T13653] warn_alloc+0x248/0x3a0 [ 575.643104][T13653] ? __pfx_warn_alloc+0x10/0x10 [ 575.643158][T13653] ? kfree+0x2b6/0x4d0 [ 575.643208][T13653] ? __get_vm_area_node+0x1e5/0x300 [ 575.643264][T13653] __vmalloc_node_range_noprof+0xd31/0x1540 [ 575.643309][T13653] ? __mod_memcg_lruvec_state+0x533/0x760 [ 575.643352][T13653] ? find_held_lock+0x2b/0x80 [ 575.643398][T13653] ? rcu_is_watching+0x12/0xc0 [ 575.643440][T13653] ? kernel_clone+0xfc/0x960 [ 575.643495][T13653] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 575.643537][T13653] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 575.643580][T13653] ? rcu_is_watching+0x12/0xc0 [ 575.643623][T13653] ? kernel_clone+0xfc/0x960 [ 575.643668][T13653] __vmalloc_node_noprof+0x74/0xa0 [ 575.643712][T13653] ? kernel_clone+0xfc/0x960 [ 575.643761][T13653] copy_process+0x2ead/0x91a0 [ 575.643805][T13653] ? find_held_lock+0x2b/0x80 [ 575.643857][T13653] ? schedule+0x2d7/0x3a0 [ 575.643902][T13653] ? futex_wait_queue+0x24/0x220 [ 575.643933][T13653] ? schedule+0xf1/0x3a0 [ 575.643972][T13653] ? futex_wait_queue+0x14c/0x220 [ 575.644011][T13653] ? __pfx_copy_process+0x10/0x10 [ 575.644056][T13653] ? __pfx___futex_wait+0x10/0x10 [ 575.644096][T13653] ? __pfx_futex_wake_mark+0x10/0x10 [ 575.644150][T13653] kernel_clone+0xfc/0x960 [ 575.644200][T13653] ? __pfx_kernel_clone+0x10/0x10 [ 575.644270][T13653] __do_sys_clone+0xce/0x120 [ 575.644317][T13653] ? __pfx___do_sys_clone+0x10/0x10 [ 575.644385][T13653] ? rcu_is_watching+0x12/0xc0 [ 575.644437][T13653] do_syscall_64+0xcd/0x260 [ 575.644487][T13653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.644521][T13653] RIP: 0033:0x7f91d698d169 [ 575.644547][T13653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 575.644580][T13653] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 575.644610][T13653] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 575.644633][T13653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 575.644652][T13653] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 575.644671][T13653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.644689][T13653] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 575.644731][T13653] [ 575.644749][T13653] Mem-Info: [ 575.956557][T13653] active_anon:14104 inactive_anon:0 isolated_anon:543 [ 575.956557][T13653] active_file:9861 inactive_file:48092 isolated_file:0 [ 575.956557][T13653] unevictable:768 dirty:336 writeback:0 [ 575.956557][T13653] slab_reclaimable:10600 slab_unreclaimable:104241 [ 575.956557][T13653] mapped:29604 shmem:2239 pagetables:1700 [ 575.956557][T13653] sec_pagetables:0 bounce:0 [ 575.956557][T13653] kernel_misc_reclaimable:0 [ 575.956557][T13653] free:1296435 free_pcp:10672 free_cma:0 [ 576.006013][T13653] Node 0 active_anon:56416kB inactive_anon:0kB active_file:32408kB inactive_file:192132kB unevictable:1536kB isolated(anon):2172kB isolated(file):0kB mapped:118040kB dirty:1340kB writeback:0kB shmem:7420kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12608kB pagetables:6700kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 576.039848][T13653] Node 1 active_anon:0kB inactive_anon:0kB active_file:7036kB inactive_file:236kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:376kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 576.073316][T13653] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 576.100478][T13653] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 576.108495][T13653] Node 0 DMA32 free:1304408kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:56764kB inactive_anon:0kB active_file:32408kB inactive_file:190576kB unevictable:1536kB writepending:1340kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:8908kB local_pcp:6712kB free_cma:0kB [ 576.184686][T13653] lowmem_reserve[]: 0 0 1 1 1 [ 576.198384][T13653] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:4kB free_cma:0kB [ 576.248768][T13653] lowmem_reserve[]: 0 0 0 0 0 [ 576.253646][T13653] Node 1 Normal free:3865396kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:7036kB inactive_file:236kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:33816kB local_pcp:9108kB free_cma:0kB [ 576.290747][T13653] lowmem_reserve[]: 0 0 0 0 0 [ 576.295565][T13653] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 576.310821][T13653] Node 0 DMA32: 526*4kB (ME) 820*8kB (UME) 1054*16kB (ME) 1032*32kB (UME) 629*64kB (UME) 419*128kB (UME) 276*256kB (ME) 245*512kB (UME) 145*1024kB (UM) 3*2048kB (UM) 197*4096kB (UM) = 1310072kB [ 576.408319][T13653] Node 0 Normal: 3*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 576.433322][T13653] Node 1 Normal: 253*4kB (UME) 76*8kB (UME) 70*16kB (UME) 226*32kB (UME) 117*64kB (UME) 48*128kB (UME) 33*256kB (UME) 15*512kB (UME) 12*1024kB (UM) 8*2048kB (UME) 927*4096kB (M) = 3865396kB [ 576.461022][T13653] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 576.483409][T13653] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 576.495014][T13653] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 576.512798][T13653] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 576.524857][T13653] 59392 total pagecache pages [ 576.530310][T13653] 0 pages in swap cache [ 576.537979][T13653] Free swap = 124996kB [ 576.543619][T13653] Total swap = 124996kB [ 576.551475][T13653] 2097051 pages RAM [ 576.558151][T13653] 0 pages HighMem/MovableOnly [ 576.562941][T13653] 429587 pages reserved [ 576.567194][T13653] 0 pages cma reserved [ 576.877385][T13679] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2001'. [ 578.775007][T13705] netlink: 4772 bytes leftover after parsing attributes in process `syz.1.2007'. [ 580.554901][T13737] Invalid ELF header magic: != ELF [ 580.848866][T13747] netlink: 4772 bytes leftover after parsing attributes in process `syz.1.2019'. [ 580.862019][T13747] FAULT_INJECTION: forcing a failure. [ 580.862019][T13747] name failslab, interval 1, probability 0, space 0, times 0 [ 580.874829][T13747] CPU: 0 UID: 0 PID: 13747 Comm: syz.1.2019 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 580.874877][T13747] Tainted: [U]=USER [ 580.874888][T13747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 580.874906][T13747] Call Trace: [ 580.874916][T13747] [ 580.874928][T13747] dump_stack_lvl+0x16c/0x1f0 [ 580.874976][T13747] should_fail_ex+0x512/0x640 [ 580.875012][T13747] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 580.875065][T13747] should_failslab+0xc2/0x120 [ 580.875095][T13747] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 580.875144][T13747] ? dup_fd+0x4e/0xb90 [ 580.875199][T13747] dup_fd+0x4e/0xb90 [ 580.875246][T13747] ? __pfx_audit_alloc+0x10/0x10 [ 580.875288][T13747] ? apparmor_task_alloc+0x2c2/0x3b0 [ 580.875325][T13747] copy_process+0x25c1/0x91a0 [ 580.875395][T13747] ? __pfx_copy_process+0x10/0x10 [ 580.875442][T13747] ? try_to_wake_up+0xa2f/0x1680 [ 580.875494][T13747] ? __pfx_try_to_wake_up+0x10/0x10 [ 580.875530][T13747] ? plist_check_head+0xa3/0x150 [ 580.875562][T13747] ? find_held_lock+0x2b/0x80 [ 580.875605][T13747] ? wake_up_q+0xb0/0x160 [ 580.875639][T13747] ? do_raw_spin_unlock+0x172/0x230 [ 580.875690][T13747] kernel_clone+0xfc/0x960 [ 580.875735][T13747] ? __pfx_futex_wake+0x10/0x10 [ 580.875764][T13747] ? __pfx_kernel_clone+0x10/0x10 [ 580.875833][T13747] __do_sys_clone+0xce/0x120 [ 580.875879][T13747] ? __pfx___do_sys_clone+0x10/0x10 [ 580.875963][T13747] ? rcu_is_watching+0x12/0xc0 [ 580.876019][T13747] do_syscall_64+0xcd/0x260 [ 580.876070][T13747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.876104][T13747] RIP: 0033:0x7fe0c938d169 [ 580.876131][T13747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.876164][T13747] RSP: 002b:00007fe0ca11bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 580.876196][T13747] RAX: ffffffffffffffda RBX: 00007fe0c95a5fa0 RCX: 00007fe0c938d169 [ 580.876218][T13747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 580.876238][T13747] RBP: 00007fe0c940e730 R08: 0000000000000000 R09: 0000000000000000 [ 580.876258][T13747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 580.876277][T13747] R13: 0000000000000000 R14: 00007fe0c95a5fa0 R15: 00007ffc579f3488 [ 580.876319][T13747] [ 582.400121][T13775] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2028'. [ 582.942017][T13786] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.2031'. [ 582.975870][T13786] FAULT_INJECTION: forcing a failure. [ 582.975870][T13786] name failslab, interval 1, probability 0, space 0, times 0 [ 583.042073][T13786] CPU: 1 UID: 0 PID: 13786 Comm: syz.5.2031 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 583.042129][T13786] Tainted: [U]=USER [ 583.042141][T13786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 583.042173][T13786] Call Trace: [ 583.042189][T13786] [ 583.042201][T13786] dump_stack_lvl+0x16c/0x1f0 [ 583.042249][T13786] should_fail_ex+0x512/0x640 [ 583.042284][T13786] ? __kmalloc_noprof+0xbf/0x510 [ 583.042331][T13786] ? lsm_blob_alloc+0x68/0x90 [ 583.042374][T13786] should_failslab+0xc2/0x120 [ 583.042421][T13786] __kmalloc_noprof+0xd2/0x510 [ 583.042479][T13786] lsm_blob_alloc+0x68/0x90 [ 583.042529][T13786] security_prepare_creds+0x30/0x270 [ 583.042578][T13786] prepare_creds+0x56f/0x7d0 [ 583.042617][T13786] copy_creds+0xa7/0xa50 [ 583.042656][T13786] copy_process+0x10b1/0x91a0 [ 583.042701][T13786] ? find_held_lock+0x2b/0x80 [ 583.042742][T13786] ? schedule+0x2d7/0x3a0 [ 583.042785][T13786] ? futex_wait_queue+0x24/0x220 [ 583.042816][T13786] ? schedule+0xf1/0x3a0 [ 583.042856][T13786] ? futex_wait_queue+0x14c/0x220 [ 583.042894][T13786] ? __pfx_copy_process+0x10/0x10 [ 583.042948][T13786] ? __pfx___futex_wait+0x10/0x10 [ 583.042986][T13786] ? __pfx_futex_wake_mark+0x10/0x10 [ 583.043036][T13786] kernel_clone+0xfc/0x960 [ 583.043082][T13786] ? __pfx_kernel_clone+0x10/0x10 [ 583.043162][T13786] __do_sys_clone+0xce/0x120 [ 583.043220][T13786] ? __pfx___do_sys_clone+0x10/0x10 [ 583.043289][T13786] ? rcu_is_watching+0x12/0xc0 [ 583.043341][T13786] do_syscall_64+0xcd/0x260 [ 583.043390][T13786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.043423][T13786] RIP: 0033:0x7f91d698d169 [ 583.043449][T13786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.043481][T13786] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 583.043513][T13786] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 583.043534][T13786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 583.043554][T13786] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 583.043573][T13786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.043592][T13786] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 583.043632][T13786] [ 583.308943][T13791] Invalid ELF header magic: != ELF [ 584.281586][T13809] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2038'. [ 584.708913][T13817] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.2042'. [ 585.670276][T13848] Invalid ELF header magic: != ELF [ 586.461576][T13866] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.2056'. [ 586.535202][T13866] FAULT_INJECTION: forcing a failure. [ 586.535202][T13866] name failslab, interval 1, probability 0, space 0, times 0 [ 586.548392][T13866] CPU: 1 UID: 0 PID: 13866 Comm: syz.5.2056 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 586.548445][T13866] Tainted: [U]=USER [ 586.548458][T13866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 586.548479][T13866] Call Trace: [ 586.548489][T13866] [ 586.548502][T13866] dump_stack_lvl+0x16c/0x1f0 [ 586.548555][T13866] should_fail_ex+0x512/0x640 [ 586.548592][T13866] ? __kmalloc_noprof+0xbf/0x510 [ 586.548644][T13866] ? lsm_blob_alloc+0x68/0x90 [ 586.548691][T13866] should_failslab+0xc2/0x120 [ 586.548722][T13866] __kmalloc_noprof+0xd2/0x510 [ 586.548781][T13866] lsm_blob_alloc+0x68/0x90 [ 586.548831][T13866] security_prepare_creds+0x30/0x270 [ 586.548891][T13866] prepare_creds+0x56f/0x7d0 [ 586.548932][T13866] copy_creds+0xa7/0xa50 [ 586.548972][T13866] copy_process+0x10b1/0x91a0 [ 586.549019][T13866] ? find_held_lock+0x2b/0x80 [ 586.549063][T13866] ? schedule+0x2d7/0x3a0 [ 586.549106][T13866] ? futex_wait_queue+0x24/0x220 [ 586.549136][T13866] ? schedule+0xf1/0x3a0 [ 586.549178][T13866] ? futex_wait_queue+0x14c/0x220 [ 586.549218][T13866] ? __pfx_copy_process+0x10/0x10 [ 586.549264][T13866] ? __pfx___futex_wait+0x10/0x10 [ 586.549306][T13866] ? __pfx_futex_wake_mark+0x10/0x10 [ 586.549361][T13866] kernel_clone+0xfc/0x960 [ 586.549412][T13866] ? __pfx_kernel_clone+0x10/0x10 [ 586.549484][T13866] __do_sys_clone+0xce/0x120 [ 586.549532][T13866] ? __pfx___do_sys_clone+0x10/0x10 [ 586.549613][T13866] ? rcu_is_watching+0x12/0xc0 [ 586.549664][T13866] do_syscall_64+0xcd/0x260 [ 586.549713][T13866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.549745][T13866] RIP: 0033:0x7f91d698d169 [ 586.549771][T13866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.549804][T13866] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 586.549835][T13866] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 586.549857][T13866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 586.549884][T13866] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 586.549905][T13866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 586.549924][T13866] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 586.549966][T13866] [ 586.791937][ C1] vkms_vblank_simulate: vblank timer overrun [ 589.606197][T13917] netlink: zone id is out of range [ 589.612064][T13917] netlink: zone id is out of range [ 589.627012][T13917] netlink: zone id is out of range [ 589.637809][T13918] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2072'. [ 589.650834][T13920] netlink: 4772 bytes leftover after parsing attributes in process `syz.1.2074'. [ 589.666190][T13917] netlink: zone id is out of range [ 589.677518][T13917] netlink: zone id is out of range [ 589.708209][T13917] netlink: zone id is out of range [ 589.734265][T13917] netlink: zone id is out of range [ 589.787219][T13917] netlink: zone id is out of range [ 589.825998][T13917] netlink: zone id is out of range [ 589.837776][T13917] netlink: zone id is out of range [ 590.240880][T13939] lo: entered promiscuous mode [ 590.246029][T13942] sp0: Synchronizing with TNC [ 590.316015][T13938] lo: left promiscuous mode [ 591.546592][T13972] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2088'. [ 591.610061][T13973] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2088'. [ 592.238922][T13990] FAULT_INJECTION: forcing a failure. [ 592.238922][T13990] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 592.403836][T13990] CPU: 1 UID: 0 PID: 13990 Comm: syz.2.2092 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 592.403883][T13990] Tainted: [U]=USER [ 592.403892][T13990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 592.403910][T13990] Call Trace: [ 592.403919][T13990] [ 592.403930][T13990] dump_stack_lvl+0x16c/0x1f0 [ 592.403976][T13990] should_fail_ex+0x512/0x640 [ 592.404034][T13990] _copy_from_user+0x2e/0xd0 [ 592.404076][T13990] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 592.404120][T13990] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 592.404175][T13990] rds_setsockopt+0x65a/0xba0 [ 592.404217][T13990] ? __pfx_rds_setsockopt+0x10/0x10 [ 592.404260][T13990] ? __pfx_aa_sk_perm+0x10/0x10 [ 592.404297][T13990] ? find_held_lock+0x2b/0x80 [ 592.404344][T13990] ? __pfx_rds_setsockopt+0x10/0x10 [ 592.404383][T13990] do_sock_setsockopt+0x221/0x470 [ 592.404431][T13990] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 592.404501][T13990] __sys_setsockopt+0x1a0/0x230 [ 592.404546][T13990] __x64_sys_setsockopt+0xbd/0x160 [ 592.404583][T13990] ? do_syscall_64+0x91/0x260 [ 592.404627][T13990] ? lockdep_hardirqs_on+0x7c/0x110 [ 592.404675][T13990] do_syscall_64+0xcd/0x260 [ 592.404723][T13990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.404754][T13990] RIP: 0033:0x7fd6d278d169 [ 592.404778][T13990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 592.404810][T13990] RSP: 002b:00007fd6d35b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 592.404840][T13990] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 592.404866][T13990] RDX: 000000000000000a RSI: 0000000000000114 RDI: 0000000000000006 [ 592.404885][T13990] RBP: 00007fd6d35b8090 R08: 0000000000000004 R09: 0000000000000000 [ 592.404905][T13990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 592.404924][T13990] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 592.404964][T13990] [ 593.322010][T14011] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2098'. [ 593.336883][T14011] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2098'. [ 593.567672][T14015] FAULT_INJECTION: forcing a failure. [ 593.567672][T14015] name failslab, interval 1, probability 0, space 0, times 0 [ 593.650423][T14015] CPU: 1 UID: 0 PID: 14015 Comm: syz.5.2099 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 593.650474][T14015] Tainted: [U]=USER [ 593.650484][T14015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 593.650509][T14015] Call Trace: [ 593.650531][T14015] [ 593.650543][T14015] dump_stack_lvl+0x16c/0x1f0 [ 593.650588][T14015] should_fail_ex+0x512/0x640 [ 593.650622][T14015] ? __kmalloc_noprof+0xbf/0x510 [ 593.650668][T14015] ? copy_splice_read+0x1a8/0xba0 [ 593.650704][T14015] should_failslab+0xc2/0x120 [ 593.650732][T14015] __kmalloc_noprof+0xd2/0x510 [ 593.650784][T14015] copy_splice_read+0x1a8/0xba0 [ 593.650833][T14015] ? __pfx_copy_splice_read+0x10/0x10 [ 593.650875][T14015] ? look_up_lock_class+0x6b/0x150 [ 593.650922][T14015] ? lockdep_init_map_type+0x5c/0x280 [ 593.650952][T14015] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 593.650997][T14015] ? __pfx_copy_splice_read+0x10/0x10 [ 593.651036][T14015] do_splice_read+0x282/0x370 [ 593.651078][T14015] splice_direct_to_actor+0x2a1/0xa30 [ 593.651121][T14015] ? __pfx_direct_splice_actor+0x10/0x10 [ 593.651170][T14015] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 593.651208][T14015] ? get_pid_task+0xfc/0x250 [ 593.651247][T14015] do_splice_direct+0x174/0x240 [ 593.651288][T14015] ? __pfx_do_splice_direct+0x10/0x10 [ 593.651330][T14015] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 593.651376][T14015] ? rw_verify_area+0xcf/0x680 [ 593.651416][T14015] do_sendfile+0xafd/0xe50 [ 593.651465][T14015] ? __pfx_do_sendfile+0x10/0x10 [ 593.651512][T14015] ? __fget_files+0x20e/0x3c0 [ 593.651564][T14015] __x64_sys_sendfile64+0x1d8/0x220 [ 593.651590][T14015] ? ksys_write+0x1b9/0x240 [ 593.651619][T14015] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 593.651639][T14015] ? rcu_is_watching+0x12/0xc0 [ 593.651672][T14015] do_syscall_64+0xcd/0x260 [ 593.651704][T14015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.651727][T14015] RIP: 0033:0x7f91d698d169 [ 593.651743][T14015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.651764][T14015] RSP: 002b:00007f91d78c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 593.651784][T14015] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 593.651799][T14015] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 593.651811][T14015] RBP: 00007f91d78c4090 R08: 0000000000000000 R09: 0000000000000000 [ 593.651823][T14015] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000001 [ 593.651836][T14015] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 593.651862][T14015] [ 594.606432][T14024] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.2103'. [ 594.677807][T14024] FAULT_INJECTION: forcing a failure. [ 594.677807][T14024] name failslab, interval 1, probability 0, space 0, times 0 [ 594.724760][T14024] CPU: 0 UID: 0 PID: 14024 Comm: syz.5.2103 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 594.724811][T14024] Tainted: [U]=USER [ 594.724822][T14024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 594.724841][T14024] Call Trace: [ 594.724862][T14024] [ 594.724873][T14024] dump_stack_lvl+0x16c/0x1f0 [ 594.724920][T14024] should_fail_ex+0x512/0x640 [ 594.724954][T14024] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 594.725002][T14024] should_failslab+0xc2/0x120 [ 594.725030][T14024] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 594.725075][T14024] ? dup_fd+0x4e/0xb90 [ 594.725120][T14024] dup_fd+0x4e/0xb90 [ 594.725162][T14024] ? __pfx_audit_alloc+0x10/0x10 [ 594.725209][T14024] ? apparmor_task_alloc+0x2c2/0x3b0 [ 594.725243][T14024] copy_process+0x25c1/0x91a0 [ 594.725311][T14024] ? __pfx_copy_process+0x10/0x10 [ 594.725356][T14024] ? try_to_wake_up+0xa2f/0x1680 [ 594.725396][T14024] ? __pfx_try_to_wake_up+0x10/0x10 [ 594.725434][T14024] ? plist_check_head+0xa3/0x150 [ 594.725464][T14024] ? find_held_lock+0x2b/0x80 [ 594.725506][T14024] ? wake_up_q+0xb0/0x160 [ 594.725538][T14024] ? do_raw_spin_unlock+0x172/0x230 [ 594.725577][T14024] kernel_clone+0xfc/0x960 [ 594.725618][T14024] ? __pfx_futex_wake+0x10/0x10 [ 594.725645][T14024] ? __pfx_kernel_clone+0x10/0x10 [ 594.725709][T14024] __do_sys_clone+0xce/0x120 [ 594.725752][T14024] ? __pfx___do_sys_clone+0x10/0x10 [ 594.725814][T14024] ? rcu_is_watching+0x12/0xc0 [ 594.725879][T14024] do_syscall_64+0xcd/0x260 [ 594.725930][T14024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.725963][T14024] RIP: 0033:0x7f91d698d169 [ 594.725990][T14024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 594.726022][T14024] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 594.726053][T14024] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 594.726074][T14024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 594.726093][T14024] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 594.726113][T14024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 594.726132][T14024] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 594.726172][T14024] [ 595.064455][T14027] can: request_module (can-proto-0) failed. [ 597.824860][T14078] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.2115'. [ 599.998582][T14123] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.2125'. [ 604.365846][T14198] netlink: 4772 bytes leftover after parsing attributes in process `syz.3.2143'. [ 605.562418][T14211] Invalid ELF header magic: != ELF [ 609.158678][T14266] Invalid ELF header magic: != ELF [ 609.661538][T14272] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2161'. [ 609.663437][T14272] FAULT_INJECTION: forcing a failure. [ 609.663437][T14272] name failslab, interval 1, probability 0, space 0, times 0 [ 609.663488][T14272] CPU: 0 UID: 0 PID: 14272 Comm: syz.2.2161 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 609.663539][T14272] Tainted: [U]=USER [ 609.663550][T14272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 609.663569][T14272] Call Trace: [ 609.663581][T14272] [ 609.663593][T14272] dump_stack_lvl+0x16c/0x1f0 [ 609.663646][T14272] should_fail_ex+0x512/0x640 [ 609.663685][T14272] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 609.663740][T14272] should_failslab+0xc2/0x120 [ 609.663771][T14272] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 609.663820][T14272] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 609.663857][T14272] ? fib_insert_alias+0x444/0xe30 [ 609.663902][T14272] fib_insert_alias+0x444/0xe30 [ 609.663943][T14272] ? lockdep_rtnl_is_held+0x26/0x40 [ 609.663976][T14272] ? fib_find_node+0x22b/0x2b0 [ 609.664016][T14272] fib_trie_unmerge+0x2f9/0xcb0 [ 609.664068][T14272] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 609.664109][T14272] ? fib_newrule+0x1113/0x1e60 [ 609.664165][T14272] ? __pfx___mutex_lock+0x10/0x10 [ 609.664225][T14272] fib_unmerge+0xf8/0x520 [ 609.664271][T14272] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 609.664321][T14272] fib4_rule_configure+0x383/0x10c0 [ 609.664362][T14272] fib_newrule+0x34c/0x1e60 [ 609.664422][T14272] ? __pfx_fib_newrule+0x10/0x10 [ 609.664470][T14272] ? kmem_cache_free+0x2d4/0x4d0 [ 609.664551][T14272] ? find_held_lock+0x2b/0x80 [ 609.664592][T14272] ? __pfx_fib_nl_newrule+0x10/0x10 [ 609.664636][T14272] ? __pfx_fib_nl_newrule+0x10/0x10 [ 609.664677][T14272] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 609.664725][T14272] ? __pfx_fib_nl_newrule+0x10/0x10 [ 609.664770][T14272] rtnetlink_rcv_msg+0x95b/0xe90 [ 609.664821][T14272] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 609.664888][T14272] netlink_rcv_skb+0x16a/0x440 [ 609.664937][T14272] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 609.664986][T14272] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 609.665057][T14272] ? netlink_deliver_tap+0x1ae/0xd30 [ 609.665111][T14272] netlink_unicast+0x53a/0x7f0 [ 609.665178][T14272] ? __pfx_netlink_unicast+0x10/0x10 [ 609.665227][T14272] ? __lock_acquire+0xaa4/0x1ba0 [ 609.665270][T14272] netlink_sendmsg+0x8d1/0xdd0 [ 609.665328][T14272] ? __pfx_netlink_sendmsg+0x10/0x10 [ 609.665396][T14272] ____sys_sendmsg+0xa95/0xc70 [ 609.665453][T14272] ? copy_msghdr_from_user+0x10a/0x160 [ 609.665498][T14272] ? __pfx_____sys_sendmsg+0x10/0x10 [ 609.665562][T14272] ? try_to_wake_up+0xa2f/0x1680 [ 609.665611][T14272] ___sys_sendmsg+0x134/0x1d0 [ 609.665658][T14272] ? __pfx____sys_sendmsg+0x10/0x10 [ 609.665754][T14272] __sys_sendmsg+0x16d/0x220 [ 609.665799][T14272] ? __pfx___sys_sendmsg+0x10/0x10 [ 609.665848][T14272] ? native_tss_update_io_bitmap+0x3ca/0x720 [ 609.665901][T14272] ? rcu_is_watching+0x12/0xc0 [ 609.665956][T14272] do_syscall_64+0xcd/0x260 [ 609.666009][T14272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 609.666042][T14272] RIP: 0033:0x7fd6d278d169 [ 609.666069][T14272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 609.666101][T14272] RSP: 002b:00007fd6d35b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 609.666140][T14272] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 609.666161][T14272] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000005 [ 609.666181][T14272] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 609.666200][T14272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 609.666220][T14272] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 609.666262][T14272] [ 610.309193][T14279] netlink: 4772 bytes leftover after parsing attributes in process `syz.2.2163'. [ 610.342347][T14279] FAULT_INJECTION: forcing a failure. [ 610.342347][T14279] name failslab, interval 1, probability 0, space 0, times 0 [ 610.342396][T14279] CPU: 1 UID: 0 PID: 14279 Comm: syz.2.2163 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 610.342442][T14279] Tainted: [U]=USER [ 610.342452][T14279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 610.342470][T14279] Call Trace: [ 610.342480][T14279] [ 610.342491][T14279] dump_stack_lvl+0x16c/0x1f0 [ 610.342557][T14279] should_fail_ex+0x512/0x640 [ 610.342594][T14279] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 610.342647][T14279] should_failslab+0xc2/0x120 [ 610.342678][T14279] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 610.342727][T14279] ? alloc_vmap_area+0x56c/0x2970 [ 610.342761][T14279] ? alloc_vmap_area+0x613/0x2970 [ 610.342802][T14279] alloc_vmap_area+0x613/0x2970 [ 610.342866][T14279] ? __pfx_alloc_vmap_area+0x10/0x10 [ 610.342914][T14279] __get_vm_area_node+0x1a7/0x300 [ 610.342962][T14279] __vmalloc_node_range_noprof+0x277/0x1540 [ 610.343006][T14279] ? kernel_clone+0xfc/0x960 [ 610.343051][T14279] ? __mod_memcg_lruvec_state+0x533/0x760 [ 610.343093][T14279] ? find_held_lock+0x2b/0x80 [ 610.343138][T14279] ? rcu_is_watching+0x12/0xc0 [ 610.343178][T14279] ? kernel_clone+0xfc/0x960 [ 610.343233][T14279] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 610.343275][T14279] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 610.343316][T14279] ? rcu_is_watching+0x12/0xc0 [ 610.343356][T14279] ? kernel_clone+0xfc/0x960 [ 610.343400][T14279] __vmalloc_node_noprof+0x74/0xa0 [ 610.343442][T14279] ? kernel_clone+0xfc/0x960 [ 610.343490][T14279] copy_process+0x2ead/0x91a0 [ 610.343534][T14279] ? find_held_lock+0x2b/0x80 [ 610.343574][T14279] ? schedule+0x2d7/0x3a0 [ 610.343616][T14279] ? futex_wait_queue+0x24/0x220 [ 610.343647][T14279] ? schedule+0xf1/0x3a0 [ 610.343688][T14279] ? futex_wait_queue+0x14c/0x220 [ 610.343726][T14279] ? __pfx_copy_process+0x10/0x10 [ 610.343771][T14279] ? __pfx___futex_wait+0x10/0x10 [ 610.343802][T14279] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 610.343861][T14279] ? __pfx_futex_wake_mark+0x10/0x10 [ 610.343915][T14279] kernel_clone+0xfc/0x960 [ 610.343966][T14279] ? __pfx_kernel_clone+0x10/0x10 [ 610.344035][T14279] __do_sys_clone+0xce/0x120 [ 610.344084][T14279] ? __pfx___do_sys_clone+0x10/0x10 [ 610.344151][T14279] ? rcu_is_watching+0x12/0xc0 [ 610.344202][T14279] do_syscall_64+0xcd/0x260 [ 610.344252][T14279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 610.344285][T14279] RIP: 0033:0x7fd6d278d169 [ 610.344311][T14279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 610.344344][T14279] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 610.344374][T14279] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 610.344395][T14279] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 610.344413][T14279] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 610.344432][T14279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 610.344450][T14279] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 610.344488][T14279] [ 610.344519][T14279] syz.2.2163: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 610.344643][T14279] CPU: 1 UID: 0 PID: 14279 Comm: syz.2.2163 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 610.344691][T14279] Tainted: [U]=USER [ 610.344701][T14279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 610.344720][T14279] Call Trace: [ 610.344730][T14279] [ 610.344742][T14279] dump_stack_lvl+0x16c/0x1f0 [ 610.344787][T14279] warn_alloc+0x248/0x3a0 [ 610.344846][T14279] ? __pfx_warn_alloc+0x10/0x10 [ 610.344898][T14279] ? kfree+0x2b6/0x4d0 [ 610.344947][T14279] ? __get_vm_area_node+0x1e5/0x300 [ 610.344994][T14279] __vmalloc_node_range_noprof+0xd31/0x1540 [ 610.345038][T14279] ? __mod_memcg_lruvec_state+0x533/0x760 [ 610.345080][T14279] ? find_held_lock+0x2b/0x80 [ 610.345124][T14279] ? rcu_is_watching+0x12/0xc0 [ 610.345164][T14279] ? kernel_clone+0xfc/0x960 [ 610.345219][T14279] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 610.345260][T14279] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 610.345303][T14279] ? rcu_is_watching+0x12/0xc0 [ 610.345346][T14279] ? kernel_clone+0xfc/0x960 [ 610.345389][T14279] __vmalloc_node_noprof+0x74/0xa0 [ 610.345432][T14279] ? kernel_clone+0xfc/0x960 [ 610.345480][T14279] copy_process+0x2ead/0x91a0 [ 610.345525][T14279] ? find_held_lock+0x2b/0x80 [ 610.345566][T14279] ? schedule+0x2d7/0x3a0 [ 610.345609][T14279] ? futex_wait_queue+0x24/0x220 [ 610.345639][T14279] ? schedule+0xf1/0x3a0 [ 610.345679][T14279] ? futex_wait_queue+0x14c/0x220 [ 610.345718][T14279] ? __pfx_copy_process+0x10/0x10 [ 610.345763][T14279] ? __pfx___futex_wait+0x10/0x10 [ 610.345794][T14279] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 610.345856][T14279] ? __pfx_futex_wake_mark+0x10/0x10 [ 610.345926][T14279] kernel_clone+0xfc/0x960 [ 610.345979][T14279] ? __pfx_kernel_clone+0x10/0x10 [ 610.346052][T14279] __do_sys_clone+0xce/0x120 [ 610.346100][T14279] ? __pfx___do_sys_clone+0x10/0x10 [ 610.346169][T14279] ? rcu_is_watching+0x12/0xc0 [ 610.346222][T14279] do_syscall_64+0xcd/0x260 [ 610.346272][T14279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 610.346305][T14279] RIP: 0033:0x7fd6d278d169 [ 610.346331][T14279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 610.346363][T14279] RSP: 002b:00007fd6d35b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 610.346392][T14279] RAX: ffffffffffffffda RBX: 00007fd6d29a5fa0 RCX: 00007fd6d278d169 [ 610.346414][T14279] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 610.346433][T14279] RBP: 00007fd6d280e730 R08: 0000000000000000 R09: 0000000000000000 [ 610.346453][T14279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 610.346472][T14279] R13: 0000000000000000 R14: 00007fd6d29a5fa0 R15: 00007fff33a171d8 [ 610.346512][T14279] [ 610.346525][T14279] Mem-Info: [ 610.346540][T14279] active_anon:49278 inactive_anon:7 isolated_anon:1023 [ 610.346540][T14279] active_file:10079 inactive_file:46549 isolated_file:0 [ 610.346540][T14279] unevictable:3343 dirty:882 writeback:0 [ 610.346540][T14279] slab_reclaimable:10837 slab_unreclaimable:107846 [ 610.346540][T14279] mapped:42963 shmem:35866 pagetables:2059 [ 610.346540][T14279] sec_pagetables:0 bounce:0 [ 610.346540][T14279] kernel_misc_reclaimable:0 [ 610.346540][T14279] free:1263519 free_pcp:9491 free_cma:0 [ 610.346629][T14279] Node 0 active_anon:197112kB inactive_anon:28kB active_file:33380kB inactive_file:186160kB unevictable:11536kB isolated(anon):4092kB isolated(file):0kB mapped:171412kB dirty:3488kB writeback:0kB shmem:141928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12868kB pagetables:8236kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 610.346720][T14279] Node 1 active_anon:0kB inactive_anon:0kB active_file:6936kB inactive_file:36kB unevictable:1836kB isolated(anon):0kB isolated(file):0kB mapped:440kB dirty:40kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 610.346816][T14279] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 610.346909][T14279] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 610.346973][T14279] Node 0 DMA32 free:1173852kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:197060kB inactive_anon:28kB active_file:33380kB inactive_file:184604kB unevictable:11536kB writepending:3488kB present:3129332kB managed:2541688kB mlocked:10000kB bounce:0kB free_pcp:4068kB local_pcp:1676kB free_cma:0kB [ 610.347089][T14279] lowmem_reserve[]: 0 0 1 1 1 [ 610.347144][T14279] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:12kB free_cma:0kB [ 610.347225][T14279] lowmem_reserve[]: 0 0 0 0 0 [ 610.347280][T14279] Node 1 Normal free:3864844kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:6936kB inactive_file:36kB unevictable:1836kB writepending:40kB present:4194300kB managed:4111164kB mlocked:300kB bounce:0kB free_pcp:33852kB local_pcp:23332kB free_cma:0kB [ 610.347364][T14279] lowmem_reserve[]: 0 0 0 0 0 [ 610.347418][T14279] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 610.347600][T14279] Node 0 DMA32: 8*4kB (UME) 266*8kB (UME) 76*16kB (U) 8*32kB (UME) 1*64kB (M) 65*128kB (UM) 320*256kB (UME) 247*512kB (UME) 147*1024kB (UM) 2*2048kB (UM) 195*4096kB (UME) = 1173744kB [ 610.347901][T14279] Node 0 Normal: 3*4kB (M) 1*8kB (M) 0*16kB [ 610.377956][T14263] tty tty61: ldisc open failed (-12), clearing slot 60 [ 610.429208][T14279] 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 611.550144][T14279] Node 1 Normal: 230*4kB (UME) 75*8kB (UME) 53*16kB (UME) 210*32kB (UME) 117*64kB (UME) 49*128kB (UME) 32*256kB (UME) 12*512kB (UME) 12*1024kB (UM) 9*2048kB (UME) 927*4096kB (M) = 3864896kB [ 611.550419][T14279] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 611.550448][T14279] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 611.550475][T14279] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 611.550503][T14279] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 611.550530][T14279] 98421 total pagecache pages [ 611.550543][T14279] 29 pages in swap cache [ 611.550556][T14279] Free swap = 124892kB [ 611.550568][T14279] Total swap = 124996kB [ 611.550582][T14279] 2097051 pages RAM [ 611.550594][T14279] 0 pages HighMem/MovableOnly [ 611.550605][T14279] 429587 pages reserved [ 611.550617][T14279] 0 pages cma reserved [ 612.002551][T14297] Invalid ELF header magic: != ELF [ 613.931319][T14318] Invalid ELF header magic: != ELF [ 614.528251][T14323] sctp: [Deprecated]: syz.3.2173 (pid 14323) Use of struct sctp_assoc_value in delayed_ack socket option. [ 614.528251][T14323] Use struct sctp_sack_info instead [ 615.818955][T14350] netlink: 'syz.2.2182': attribute type 33 has an invalid length. [ 615.891939][T14350] netlink: 322 bytes leftover after parsing attributes in process `syz.2.2182'. [ 616.382553][T14333] kexec: Could not allocate control_code_buffer [ 616.684460][T14365] Invalid ELF header magic: != ELF [ 617.569423][ T5848] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 617.581375][ T5848] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 617.590456][ T5848] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 617.601979][ T5848] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 617.610058][ T5848] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 618.088489][T14389] netlink: 4772 bytes leftover after parsing attributes in process `syz.1.2191'. [ 618.105761][T14389] FAULT_INJECTION: forcing a failure. [ 618.105761][T14389] name failslab, interval 1, probability 0, space 0, times 0 [ 618.127263][T14389] CPU: 1 UID: 0 PID: 14389 Comm: syz.1.2191 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 618.127315][T14389] Tainted: [U]=USER [ 618.127327][T14389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 618.127346][T14389] Call Trace: [ 618.127357][T14389] [ 618.127370][T14389] dump_stack_lvl+0x16c/0x1f0 [ 618.127431][T14389] should_fail_ex+0x512/0x640 [ 618.127468][T14389] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 618.127523][T14389] should_failslab+0xc2/0x120 [ 618.127555][T14389] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 618.127605][T14389] ? dup_fd+0x4e/0xb90 [ 618.127657][T14389] dup_fd+0x4e/0xb90 [ 618.127703][T14389] ? __pfx_audit_alloc+0x10/0x10 [ 618.127744][T14389] ? apparmor_task_alloc+0x2c2/0x3b0 [ 618.127782][T14389] copy_process+0x25c1/0x91a0 [ 618.127856][T14389] ? __pfx_copy_process+0x10/0x10 [ 618.127908][T14389] ? try_to_wake_up+0xa2f/0x1680 [ 618.127952][T14389] ? __pfx_try_to_wake_up+0x10/0x10 [ 618.127997][T14389] ? plist_check_head+0xa3/0x150 [ 618.128031][T14389] ? find_held_lock+0x2b/0x80 [ 618.128076][T14389] ? wake_up_q+0xb0/0x160 [ 618.128112][T14389] ? do_raw_spin_unlock+0x172/0x230 [ 618.128152][T14389] kernel_clone+0xfc/0x960 [ 618.128195][T14389] ? __pfx_futex_wake+0x10/0x10 [ 618.128223][T14389] ? __pfx_kernel_clone+0x10/0x10 [ 618.128289][T14389] __do_sys_clone+0xce/0x120 [ 618.128332][T14389] ? __pfx___do_sys_clone+0x10/0x10 [ 618.128404][T14389] ? rcu_is_watching+0x12/0xc0 [ 618.128456][T14389] do_syscall_64+0xcd/0x260 [ 618.128505][T14389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.128538][T14389] RIP: 0033:0x7fe0c938d169 [ 618.128564][T14389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 618.128594][T14389] RSP: 002b:00007fe0ca11bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 618.128626][T14389] RAX: ffffffffffffffda RBX: 00007fe0c95a5fa0 RCX: 00007fe0c938d169 [ 618.128647][T14389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 618.128664][T14389] RBP: 00007fe0c940e730 R08: 0000000000000000 R09: 0000000000000000 [ 618.128683][T14389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 618.128701][T14389] R13: 0000000000000000 R14: 00007fe0c95a5fa0 R15: 00007ffc579f3488 [ 618.128741][T14389] [ 619.180274][T14384] chnl_net:caif_netlink_parms(): no params data found [ 619.699429][T14191] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 619.708630][ T5848] Bluetooth: hci4: command tx timeout [ 619.744496][T14384] bridge0: port 1(bridge_slave_0) entered blocking state [ 619.764471][T14384] bridge0: port 1(bridge_slave_0) entered disabled state [ 619.804990][T14384] bridge_slave_0: entered allmulticast mode [ 619.840352][T14384] bridge_slave_0: entered promiscuous mode [ 619.889409][T14384] bridge0: port 2(bridge_slave_1) entered blocking state [ 619.906857][T14384] bridge0: port 2(bridge_slave_1) entered disabled state [ 619.967500][T14384] bridge_slave_1: entered allmulticast mode [ 620.014439][T14384] bridge_slave_1: entered promiscuous mode [ 620.208344][T14384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 620.363954][T14384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 620.607237][T14384] team0: Port device team_slave_0 added [ 620.626496][T14413] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2195'. [ 620.651499][T14384] team0: Port device team_slave_1 added [ 620.667371][T14414] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2195'. [ 620.880908][T14416] FAULT_INJECTION: forcing a failure. [ 620.880908][T14416] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 620.881372][T14384] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 620.923218][T14416] CPU: 1 UID: 0 PID: 14416 Comm: syz.5.2196 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 620.923267][T14416] Tainted: [U]=USER [ 620.923278][T14416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 620.923296][T14416] Call Trace: [ 620.923306][T14416] [ 620.923318][T14416] dump_stack_lvl+0x16c/0x1f0 [ 620.923367][T14416] should_fail_ex+0x512/0x640 [ 620.923408][T14416] should_fail_alloc_page+0xe7/0x130 [ 620.923441][T14416] prepare_alloc_pages+0x3c2/0x610 [ 620.923479][T14416] ? rcu_is_watching+0x12/0xc0 [ 620.923520][T14416] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 620.923570][T14416] ? kasan_save_stack+0x33/0x60 [ 620.923619][T14416] ? cgroup_rstat_updated+0x2a/0xb20 [ 620.923687][T14416] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 620.923746][T14416] ? lru_gen_add_folio+0x1a4/0xef0 [ 620.923784][T14416] ? __lock_acquire+0x5ca/0x1ba0 [ 620.923817][T14416] ? __lock_acquire+0x5ca/0x1ba0 [ 620.923846][T14416] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 620.923884][T14416] ? policy_nodemask+0xea/0x4e0 [ 620.923918][T14416] alloc_pages_mpol+0x1fb/0x550 [ 620.923962][T14416] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 620.923995][T14416] ? __lock_acquire+0x5ca/0x1ba0 [ 620.924033][T14416] folio_alloc_mpol_noprof+0x36/0x2f0 [ 620.924073][T14416] vma_alloc_folio_noprof+0xed/0x1e0 [ 620.924110][T14416] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 620.924160][T14416] do_pte_missing+0x223d/0x3fb0 [ 620.924220][T14416] __handle_mm_fault+0x103d/0x2a40 [ 620.924279][T14416] ? __pfx___handle_mm_fault+0x10/0x10 [ 620.924323][T14416] ? __pte_offset_map_lock+0x155/0x2f0 [ 620.924360][T14416] ? find_held_lock+0x2b/0x80 [ 620.924400][T14416] ? find_held_lock+0x2b/0x80 [ 620.924467][T14416] handle_mm_fault+0x3fe/0xad0 [ 620.924520][T14416] __get_user_pages+0x771/0x36f0 [ 620.924572][T14416] ? __pfx_mt_find+0x10/0x10 [ 620.924621][T14416] ? __pfx___get_user_pages+0x10/0x10 [ 620.924677][T14416] populate_vma_page_range+0x278/0x3a0 [ 620.924725][T14416] ? __pfx_populate_vma_page_range+0x10/0x10 [ 620.924766][T14416] ? __pfx_find_vma_intersection+0x10/0x10 [ 620.924825][T14416] ? do_mmap+0x69c/0x11b0 [ 620.924883][T14416] __mm_populate+0x1d8/0x380 [ 620.924929][T14416] ? __pfx___mm_populate+0x10/0x10 [ 620.925001][T14416] ? up_write+0x1b2/0x520 [ 620.925042][T14416] vm_mmap_pgoff+0x362/0x450 [ 620.925099][T14416] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 620.925146][T14416] ? __x64_sys_futex+0x1e0/0x4c0 [ 620.925191][T14416] ? __x64_sys_futex+0x1e9/0x4c0 [ 620.925242][T14416] ksys_mmap_pgoff+0x7d/0x5c0 [ 620.925280][T14416] ? rcu_is_watching+0x12/0xc0 [ 620.925323][T14416] __x64_sys_mmap+0x125/0x190 [ 620.925366][T14416] do_syscall_64+0xcd/0x260 [ 620.925417][T14416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.925450][T14416] RIP: 0033:0x7f91d698d169 [ 620.925476][T14416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 620.925508][T14416] RSP: 002b:00007f91d78c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 620.925538][T14416] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 620.925560][T14416] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 620.925579][T14416] RBP: 00007f91d6a0e730 R08: 0000000000000007 R09: 0000000000028000 [ 620.925599][T14416] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 620.925619][T14416] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 620.925659][T14416] [ 620.958011][T14384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 621.309657][ C0] vkms_vblank_simulate: vblank timer overrun [ 621.330037][T14384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 621.404360][T14384] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 621.448303][T14384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 621.474253][ C0] vkms_vblank_simulate: vblank timer overrun [ 621.530476][T14384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 621.550332][T14418] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.2198'. [ 621.589687][T14418] FAULT_INJECTION: forcing a failure. [ 621.589687][T14418] name failslab, interval 1, probability 0, space 0, times 0 [ 621.602530][T14418] CPU: 1 UID: 0 PID: 14418 Comm: syz.5.2198 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 621.602579][T14418] Tainted: [U]=USER [ 621.602589][T14418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 621.602626][T14418] Call Trace: [ 621.602636][T14418] [ 621.602648][T14418] dump_stack_lvl+0x16c/0x1f0 [ 621.602701][T14418] should_fail_ex+0x512/0x640 [ 621.602737][T14418] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 621.602797][T14418] should_failslab+0xc2/0x120 [ 621.602836][T14418] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 621.602885][T14418] ? dup_fd+0x4e/0xb90 [ 621.602938][T14418] dup_fd+0x4e/0xb90 [ 621.602983][T14418] ? __pfx_audit_alloc+0x10/0x10 [ 621.603025][T14418] ? apparmor_task_alloc+0x2c2/0x3b0 [ 621.603075][T14418] copy_process+0x25c1/0x91a0 [ 621.603144][T14418] ? __pfx_copy_process+0x10/0x10 [ 621.603192][T14418] ? try_to_wake_up+0xa2f/0x1680 [ 621.603231][T14418] ? __pfx_try_to_wake_up+0x10/0x10 [ 621.603270][T14418] ? plist_check_head+0xa3/0x150 [ 621.603302][T14418] ? find_held_lock+0x2b/0x80 [ 621.603344][T14418] ? wake_up_q+0xb0/0x160 [ 621.603378][T14418] ? do_raw_spin_unlock+0x172/0x230 [ 621.603418][T14418] kernel_clone+0xfc/0x960 [ 621.603461][T14418] ? __pfx_futex_wake+0x10/0x10 [ 621.603488][T14418] ? __pfx_kernel_clone+0x10/0x10 [ 621.603571][T14418] __do_sys_clone+0xce/0x120 [ 621.603615][T14418] ? __pfx___do_sys_clone+0x10/0x10 [ 621.603682][T14418] ? rcu_is_watching+0x12/0xc0 [ 621.603732][T14418] do_syscall_64+0xcd/0x260 [ 621.603781][T14418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.603824][T14418] RIP: 0033:0x7f91d698d169 [ 621.603861][T14418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 621.603891][T14418] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 621.603919][T14418] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 621.603939][T14418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 621.603956][T14418] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 621.603974][T14418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 621.603991][T14418] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 621.604028][T14418] [ 622.081311][ T5848] Bluetooth: hci4: command tx timeout [ 622.240276][T14384] hsr_slave_0: entered promiscuous mode [ 622.248322][T14384] hsr_slave_1: entered promiscuous mode [ 622.254720][T14384] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 622.288082][T14384] Cannot create hsr debugfs directory [ 623.427204][T14433] netlink: 4772 bytes leftover after parsing attributes in process `syz.1.2201'. [ 623.461347][T14384] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 623.691816][T14384] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 623.966002][T14384] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.123792][ T5848] Bluetooth: hci4: command tx timeout [ 624.241456][T14384] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.958917][T14384] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 625.005977][T14384] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 625.094087][T14384] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 625.147654][T14384] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 625.233147][T14455] Invalid ELF header magic: != ELF [ 625.404713][T14384] 8021q: adding VLAN 0 to HW filter on device bond0 [ 625.472717][T14384] 8021q: adding VLAN 0 to HW filter on device team0 [ 625.517845][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 625.525075][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 625.657184][T11229] bridge0: port 2(bridge_slave_1) entered blocking state [ 625.664429][T11229] bridge0: port 2(bridge_slave_1) entered forwarding state [ 625.781022][T14460] Invalid ELF header magic: != ELF [ 626.213443][ T5848] Bluetooth: hci4: command tx timeout [ 626.359475][T14384] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 626.495891][T14384] veth0_vlan: entered promiscuous mode [ 626.522391][T14384] veth1_vlan: entered promiscuous mode [ 626.866758][T14384] veth0_macvtap: entered promiscuous mode [ 627.305154][T14384] veth1_macvtap: entered promiscuous mode [ 627.596194][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.626859][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.648448][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.668002][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.688083][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.708637][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.730235][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.749829][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.767656][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.792893][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.817912][T14384] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 627.864830][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.918070][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.936031][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.958850][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.993140][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.024122][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.040744][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.062156][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.081982][T14384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.094436][T14384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.111037][T14384] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 628.189017][T14384] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.225574][T14384] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.258156][T14384] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.357562][T14384] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.254495][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 629.283142][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 629.414596][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 629.434670][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 629.483961][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.490432][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.988482][T14494] Invalid ELF header magic: != ELF [ 632.130140][T14517] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 632.142989][T14517] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 632.155613][T14517] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 632.172203][T14517] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 632.187461][T14517] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 632.207103][T14517] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 632.249212][T14517] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 632.352914][T14517] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 633.628171][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 634.188186][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 634.188609][T11166] Bluetooth: hci3: command 0x0c1a tx timeout [ 634.271454][T11166] Bluetooth: hci4: command 0x0c1a tx timeout [ 634.443744][T14588] Invalid ELF header magic: != ELF [ 635.626644][T14612] netlink: 4772 bytes leftover after parsing attributes in process `syz.5.2244'. [ 635.655164][T14612] FAULT_INJECTION: forcing a failure. [ 635.655164][T14612] name failslab, interval 1, probability 0, space 0, times 0 [ 635.699433][T14612] CPU: 1 UID: 0 PID: 14612 Comm: syz.5.2244 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 635.699484][T14612] Tainted: [U]=USER [ 635.699495][T14612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 635.699515][T14612] Call Trace: [ 635.699525][T14612] [ 635.699538][T14612] dump_stack_lvl+0x16c/0x1f0 [ 635.699590][T14612] should_fail_ex+0x512/0x640 [ 635.699639][T14612] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 635.699689][T14612] should_failslab+0xc2/0x120 [ 635.699719][T14612] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 635.699767][T14612] ? dup_fd+0x4e/0xb90 [ 635.699817][T14612] dup_fd+0x4e/0xb90 [ 635.699861][T14612] ? __pfx_audit_alloc+0x10/0x10 [ 635.699903][T14612] ? apparmor_task_alloc+0x2c2/0x3b0 [ 635.699941][T14612] copy_process+0x25c1/0x91a0 [ 635.700015][T14612] ? __pfx_copy_process+0x10/0x10 [ 635.700064][T14612] ? try_to_wake_up+0xa2f/0x1680 [ 635.700108][T14612] ? __pfx_try_to_wake_up+0x10/0x10 [ 635.700148][T14612] ? plist_check_head+0xa3/0x150 [ 635.700180][T14612] ? find_held_lock+0x2b/0x80 [ 635.700213][T14612] ? wake_up_q+0xb0/0x160 [ 635.700238][T14612] ? do_raw_spin_unlock+0x172/0x230 [ 635.700269][T14612] kernel_clone+0xfc/0x960 [ 635.700301][T14612] ? __pfx_futex_wake+0x10/0x10 [ 635.700322][T14612] ? __pfx_kernel_clone+0x10/0x10 [ 635.700370][T14612] __do_sys_clone+0xce/0x120 [ 635.700402][T14612] ? __pfx___do_sys_clone+0x10/0x10 [ 635.700449][T14612] ? rcu_is_watching+0x12/0xc0 [ 635.700484][T14612] do_syscall_64+0xcd/0x260 [ 635.700519][T14612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.700542][T14612] RIP: 0033:0x7f91d698d169 [ 635.700560][T14612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 635.700582][T14612] RSP: 002b:00007f91d78c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 635.700603][T14612] RAX: ffffffffffffffda RBX: 00007f91d6ba5fa0 RCX: 00007f91d698d169 [ 635.700626][T14612] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 635.700640][T14612] RBP: 00007f91d6a0e730 R08: 0000000000000000 R09: 0000000000000000 [ 635.700654][T14612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 635.700668][T14612] R13: 0000000000000000 R14: 00007f91d6ba5fa0 R15: 00007ffff495e128 [ 635.700695][T14612] [ 636.268202][T11166] Bluetooth: hci1: command 0x0c1a tx timeout [ 636.350191][T11166] Bluetooth: hci4: command 0x0c1a tx timeout [ 636.875888][T14639] [ 636.878279][T14639] ====================================================== [ 636.885322][T14639] WARNING: possible circular locking dependency detected [ 636.892374][T14639] 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 Tainted: G U [ 636.893603][T14641] Invalid ELF header magic: != ELF [ 636.901055][T14639] ------------------------------------------------------ [ 636.901070][T14639] syz.1.2250/14639 is trying to acquire lock: [ 636.901088][T14639] ffff8880318d36d8 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 636.901170][T14639] [ 636.901170][T14639] but task is already holding lock: [ 636.901181][T14639] ffffffff9012d9e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240 [ 636.901246][T14639] [ 636.901246][T14639] which lock already depends on the new lock. [ 636.901246][T14639] [ 636.955372][T14639] [ 636.955372][T14639] the existing dependency chain (in reverse order) is: [ 636.964410][T14639] [ 636.964410][T14639] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 636.971651][T14639] __mutex_lock+0x199/0xb90 [ 636.976711][T14639] smc_vlan_by_tcpsk+0x251/0x620 [ 636.982231][T14639] __smc_connect+0x44b/0x4880 [ 636.987455][T14639] smc_connect_work+0x54c/0xae0 [ 636.992852][T14639] process_one_work+0x9cc/0x1b70 [ 636.998341][T14639] worker_thread+0x6c8/0xf10 [ 637.003474][T14639] kthread+0x3c2/0x780 [ 637.008087][T14639] ret_from_fork+0x45/0x80 [ 637.013054][T14639] ret_from_fork_asm+0x1a/0x30 [ 637.018373][T14639] [ 637.018373][T14639] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}: [ 637.026054][T14639] __lock_acquire+0x1173/0x1ba0 [ 637.031445][T14639] lock_acquire+0x179/0x350 [ 637.036484][T14639] lock_sock_nested+0x41/0xf0 [ 637.041799][T14639] sockopt_lock_sock+0x54/0x70 [ 637.047106][T14639] do_ip_setsockopt+0xfe/0x3240 [ 637.052495][T14639] ip_setsockopt+0x59/0xf0 [ 637.057452][T14639] dccp_setsockopt+0xfa/0x970 [ 637.062677][T14639] do_sock_setsockopt+0x221/0x470 [ 637.068257][T14639] __sys_setsockopt+0x1a0/0x230 [ 637.073649][T14639] __x64_sys_setsockopt+0xbd/0x160 [ 637.079304][T14639] do_syscall_64+0xcd/0x260 [ 637.084359][T14639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.090792][T14639] [ 637.090792][T14639] other info that might help us debug this: [ 637.090792][T14639] [ 637.101046][T14639] Possible unsafe locking scenario: [ 637.101046][T14639] [ 637.108506][T14639] CPU0 CPU1 [ 637.113889][T14639] ---- ---- [ 637.119275][T14639] lock(rtnl_mutex); [ 637.123276][T14639] lock(sk_lock-AF_INET); [ 637.130231][T14639] lock(rtnl_mutex); [ 637.136754][T14639] lock(sk_lock-AF_INET); [ 637.141278][T14639] [ 637.141278][T14639] *** DEADLOCK *** [ 637.141278][T14639] [ 637.149433][T14639] 1 lock held by syz.1.2250/14639: [ 637.154563][T14639] #0: ffffffff9012d9e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240 [ 637.163917][T14639] [ 637.163917][T14639] stack backtrace: [ 637.169855][T14639] CPU: 0 UID: 0 PID: 14639 Comm: syz.1.2250 Tainted: G U 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 637.169896][T14639] Tainted: [U]=USER [ 637.169905][T14639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 637.169921][T14639] Call Trace: [ 637.169930][T14639] [ 637.169941][T14639] dump_stack_lvl+0x116/0x1f0 [ 637.169979][T14639] print_circular_bug+0x275/0x350 [ 637.170021][T14639] check_noncircular+0x14c/0x170 [ 637.170065][T14639] __lock_acquire+0x1173/0x1ba0 [ 637.170094][T14639] lock_acquire+0x179/0x350 [ 637.170116][T14639] ? sockopt_lock_sock+0x54/0x70 [ 637.170154][T14639] lock_sock_nested+0x41/0xf0 [ 637.170185][T14639] ? sockopt_lock_sock+0x54/0x70 [ 637.170218][T14639] sockopt_lock_sock+0x54/0x70 [ 637.170250][T14639] do_ip_setsockopt+0xfe/0x3240 [ 637.170275][T14639] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 637.170304][T14639] ? __pfx___might_resched+0x10/0x10 [ 637.170343][T14639] ip_setsockopt+0x59/0xf0 [ 637.170368][T14639] dccp_setsockopt+0xfa/0x970 [ 637.170402][T14639] ? __pfx_dccp_setsockopt+0x10/0x10 [ 637.170435][T14639] ? errseq_sample+0x53/0x70 [ 637.170467][T14639] ? sock_common_setsockopt+0x2e/0xf0 [ 637.170513][T14639] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 637.170553][T14639] do_sock_setsockopt+0x221/0x470 [ 637.170591][T14639] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 637.170638][T14639] __sys_setsockopt+0x1a0/0x230 [ 637.170672][T14639] __x64_sys_setsockopt+0xbd/0x160 [ 637.170702][T14639] ? do_syscall_64+0x91/0x260 [ 637.170739][T14639] ? lockdep_hardirqs_on+0x7c/0x110 [ 637.170773][T14639] do_syscall_64+0xcd/0x260 [ 637.170811][T14639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.170837][T14639] RIP: 0033:0x7fe0c938d169 [ 637.170857][T14639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.170890][T14639] RSP: 002b:00007fe0ca11c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 637.170913][T14639] RAX: ffffffffffffffda RBX: 00007fe0c95a5fa0 RCX: 00007fe0c938d169 [ 637.170930][T14639] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000007 [ 637.170946][T14639] RBP: 00007fe0c940e730 R08: 0000000000000003 R09: 0000000000000000 [ 637.170962][T14639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 637.170977][T14639] R13: 0000000000000000 R14: 00007fe0c95a5fa0 R15: 00007ffc579f3488 [ 637.171001][T14639] [ 637.410098][ C0] vkms_vblank_simulate: vblank timer overrun SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 637.538842][T11166] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 638.095541][T14372] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.173854][T14372] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.581752][T14645] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 638.621870][T14526] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.715321][T14526] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.767497][T11381] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.806269][T14645] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.869796][T11381] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.883858][T14526] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 638.891188][T14645] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem