last executing test programs: 17m13.901742136s ago: executing program 1 (id=90): mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x298000, 0x0) ioctl$auto_BTRFS_IOC_QUOTA_RESCAN_WAIT(r2, 0x942e, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10000, 0x0) r3 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x40047452, 0x0) mount$auto(0x0, &(0x7f0000000740)='}[,&*}\x00', 0x0, 0xfffe, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x20800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001ec0)=""/4100, 0x1004) 17m12.646982288s ago: executing program 1 (id=97): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010326b170ea0173a5f1bf46dcdfc615667baf1882ec89e652f8f63e2f8ed825b10bb5aa9682d0a9494bada73ca0591b7b19771c71b636b79105103f96819da07d4eb8fdd4d32f0c9860b29ccfc801ea91bd21325c1d852820752715c815702c2aa870ed61744fa8ab00d4dd0300000000000000bce1f7f572c12ce654cd048214a50cef1f66be735f1aaede0c68ef695e98f5"], 0x14}, 0x1, 0x0, 0x0, 0x8810}, 0x0) 17m11.35013205s ago: executing program 1 (id=101): socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) r0 = socket(0x2, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xb) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x31}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x80044943, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x2001, 0x0) close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0x2, 0x5, 0x200) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) close_range$auto(0x0, 0x5, 0x0) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0x2, @new_prog_fd=0x4, 0x7, @old_prog_fd=0x8000}, 0xa3) fanotify_init$auto(0x3, 0x5) inotify_init1$auto(0x3000000000000) socket(0x1, 0xa, 0xb) socket(0x15, 0x5, 0x0) getsockopt$auto(0x2, 0x114, 0x2713, 0xfffffffffffffffc, 0x0) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x0, 0x53, 0x0, &(0x7f0000000040)=0x3) 17m10.48121169s ago: executing program 1 (id=106): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x88) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/module/parameters/sig_enforce\x00', 0x2402, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000000), 0x82c00, 0x0) ioctl$auto_BINDER_CTL_ADD(r2, 0xc1086201, 0x0) read$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfdef) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKSTATE_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, r4, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_LINKSTATE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004001}, 0x8c00) mremap$auto(0x110c231000, 0x4, 0x4, 0x7, 0x100000000) munmap$auto(0x1000000, 0x2000000c) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mlockall$auto(0x3) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3) sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044010}, 0x0) r6 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x20000805}, 0x8000) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) mmap$auto(0x2, 0x5, 0x4, 0xebe, r5, 0x8000) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) r7 = pipe$auto(0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, r7, 0x0, 0x80000001, 0x9) 17m7.026931856s ago: executing program 1 (id=117): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xd8010098}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000b0002005c3d29d99b4326bd"], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) (async) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="c93dc0bb9b96ef3ce66169c1e67fbf5561665f58abd954826f4032a85386957ff09d9cdcb0dfe8b7b26eafaf6b1cd06a77504d0f", @ANYRES16=r3, @ANYBLOB="010005000000fbdbdf2504000000ff0011007765e4e2369b89576472977444bb13990f52b91a7dadc5ac53ac1351b4e94e66cbbc3d15ed91495b01ea70c20899c1ab8c6b3ba98406b24f11880bd3fefcf0fb53a8e225853a2c3778b84706e2706583be320ef1febc0f3d9c3b76d80e164dfa35004683ab300c5b87ff09e880832780fab7e8f2dd2040abd586301a7a430fe08a15e983a5ab7517f3bb71b1d3ccae4fe2941e5fe6b1b2a65c624f4638bbf2496c40c0aa9aa6507c7193092ca69fb868f2569b07aaf46e38482d31dfb79cc5531ffcb0166e68068f4cefefd003667cfee0022d2e512e60fbcae1e9255733b7ddcd02d7880770091fed8fb8d2eecbe62318802f49e634cadb0e3bc100", @ANYRESHEX=r3], 0x114}, 0x1, 0x0, 0x0, 0x44004811}, 0x40000c0) 17m3.895219283s ago: executing program 1 (id=131): mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x1) socket(0x22, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x402, 0x8000) capget$auto(0x0, 0x0) r0 = socket(0xa, 0x3, 0x3c) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x800, 0x0) ioctl$auto(r1, 0x5609, r0) 17m3.368061073s ago: executing program 32 (id=131): mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x1) socket(0x22, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x402, 0x8000) capget$auto(0x0, 0x0) r0 = socket(0xa, 0x3, 0x3c) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x800, 0x0) ioctl$auto(r1, 0x5609, r0) 16m59.93157703s ago: executing program 0 (id=141): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x800000002, 0x8000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x8000000000eb1, 0xfffffffffffffffa, 0x8000) (async) io_uring_setup$auto(0xffffffff, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/radio2\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x2, 0x6, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r2 = memfd_create$auto(0x0, 0xe) (async) r3 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x31}}, 0x6a) (async) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) fcntl$getown(r2, 0x9) (async, rerun: 32) sendmsg$auto_NL802154_CMD_NEW_SEC_KEY(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="880100", @ANYBLOB="000829bd7000fbdbdf25170000001d013080b091a8f4c470a9b98c9f04da082cb4c8d056ec4531c64aab82b9c40562db40841d184284ac6dbb26ca361a91b877dd26165843dd01dfa30285584e5ffaf516cb0812faaf424addab078c1b0e3f5a2660026fa460c3a2eaaa1f71212c1c5daabb3640d7c21fb7ca47f1ff775171e60f14e74ba1fa8c105661fc6bc7fc208c4f32bd2c0a5b57cc21fbc52792df270f58df490400dc000400b6807f002d00bafc0675deee06bcf53e12cfa17471a5f3f26f7ff0a83ab804bf0d66e88ebe33d62308ce9d31d1a7cdeaa972c883829272768638614f5606b82c0ed1475f2f5a9d8a792f57b13d2ffc", @ANYRES32=0x0, @ANYBLOB="0500020000000000140004006772657461703000000000000000000008000000000000003f81533b23769e5c3f49965ec99e95e4293047a3cb762ec442bd092d1a710135bdf8925100c977accfa44f0264684aa8ea1caa5759acecfef50c3b8bcabaf680b909e0046636ccf2a9d3aa12b24e4dec7f4397475cad0e1a12bba9614a436172d872f67c4121ab97b200c040b70a4fc6ea7edd64edfe471085bffd3b7b18328e0ad2c80898559f1b8fd567534e57d479"], 0x188}, 0x1, 0x0, 0x0, 0x4c8c1}, 0x4000040) (rerun: 32) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) (async) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) (async) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000100)=""/4096, 0x1000) close_range$auto(0x2, 0x8000, 0x0) (async, rerun: 64) socket(0xa, 0x2, 0x88) (async, rerun: 64) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) (async, rerun: 32) r4 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0403000000000000002502000000"], 0x14}}, 0x4) (async, rerun: 64) socketpair$auto(0x1e, 0x1, 0x4, 0x0) (async, rerun: 64) recvmmsg$auto(r4, &(0x7f0000000300)={{0x0, 0x6, &(0x7f0000000280)={0x0, 0x40009}, 0xc, &(0x7f00000002c0), 0x4, 0x8}, 0x5a55}, 0xd, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6tnl0/temp_valid_lft\x00', 0x200000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) 16m59.406949226s ago: executing program 0 (id=143): mmap$auto(0x0, 0x202000c, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x400000, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x22ac2, 0x5d745cb200ae4d7b) fchown$auto(r1, 0xe5a, 0x5) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) setresuid$auto(0x5f, 0x1000, 0x607) write$auto(0x3, 0x0, 0xfdef) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x40000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) read$auto(r0, 0x0, 0x9) socket(0x23, 0x80001, 0x1000006) io_uring_setup$auto(0x2, 0x0) 16m58.46926441s ago: executing program 0 (id=145): mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) (async, rerun: 32) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) (rerun: 32) read$auto(r0, 0x0, 0x20) (async, rerun: 32) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, 0x0, 0x10) (rerun: 32) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x4000884) bpf$auto(0x10, 0x0, 0x40) (async) r1 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000b80)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x2, 0x0) pread64$auto(r1, 0x0, 0x4, 0x200000000005) (async, rerun: 64) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (rerun: 64) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x7) (async) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSWINSZ2(r3, 0x5414, 0x0) (async) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) ioctl$auto(r0, 0x2f2ad3ba, r4) 16m57.814446678s ago: executing program 0 (id=147): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)={0xfffffffe, 0x1, 0x800000ff, 0xffffff71, 0x10000}) mmap$auto(0x0, 0x9, 0x800000000df, 0x9b72, 0xea8a, 0x8000) sysfs$auto(0x2, 0x9, 0x800002) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/user_power_level\x00', 0x1c1082, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xfffffffffffffffd, 0x40000008000) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyw5\x00', 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) pwrite64$auto(0xc8, 0x0, 0x4e, 0x3) recvfrom$auto(r2, 0x0, 0x101, 0x100, 0x0, 0xfffffffffffffffd) unshare$auto(0x40000080) socket(0xa, 0x3, 0x3a) socket(0xa, 0x801, 0x106) openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x200040, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xcc, 0x0, 0x567) r3 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ptrace$auto(0x4206, r3, 0x0, 0x200005) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0) fsopen$auto(0x0, 0x1) 16m57.025979513s ago: executing program 0 (id=151): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26f, 0x4}, {0x40, 0x400000083}}, 0x0) pwritev$auto(r1, &(0x7f00000000c0)={&(0x7f0000000040)="fa13ab846d43", 0x6}, 0x7, 0x6, 0x7) ioperm$auto(0x800, 0x5, 0xd) semctl$auto(0x0, 0xe3, 0x0, 0x5) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000140)={0x0, 0xf000, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fddbdf2500000000c6950a019b0e30d2cde58bec1adaa6d9bc4b396e55"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x804) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_BIND_RX(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010027bd7000fedbdf250d00000008000100", @ANYRES32=r7, @ANYBLOB="0c000fe2", @ANYRES32=r5, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) sendmsg$auto_ILA_CMD_FLUSH(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r4, 0x10, 0x6, 0x25dfdbfc, {}, [@ILA_ATTR_IFINDEX={0x8, 0x4, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4044000}, 0x0) lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6) clock_settime$auto(0xffffffe0, &(0x7f00000000c0)={0x6, 0x1}) mmap$auto(0x0, 0x2020007, 0x8000000000000003, 0x7fff, 0xfffffffffffffffa, 0x8002) read$auto(r0, 0x0, 0x20) setsockopt$auto(r1, 0xfffffc01, 0x1, &(0x7f0000000280)='/sys/kernel/security/tomoyo/manager\x00', 0x0) r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) r9 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r9, 0x0, 0x0) r10 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r10, &(0x7f0000000180)="0a1b9a5c4000006e163bb154d7886d8edeea371cadb848770dc8f745d1c76eedba12b9f694dabdbcf3401910000000000060000023b5d40a", 0x38) 16m55.998664744s ago: executing program 0 (id=156): statmount$auto(0x0, 0x0, 0x1fe, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfd, 0x8000) move_mount$auto(0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x77) setsockopt$auto(0x3, 0x0, 0x24, 0x0, 0x28) socket(0x6, 0x2, 0x0) madvise$auto(0x0, 0x23, 0x18) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) timer_create$auto(0x2, 0x0, 0x0) timer_settime$auto(0x10000009, 0xfffbf38f, &(0x7f00000000c0)={{0x1000000000100, 0x9947}, {0x8000, 0x9}}, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x4038ae7a, 0x38) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/net/bond0/duplex\x00', 0x20100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000003c0)=""/4096, 0x1000) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC1\x00', 0x400000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f00000000c0)={0x320286e4, 0x8, [0x2, 0x0, 0x32b, 0xa40f, 0x0, 0xfffffffa, 0x9c3, 0x4, 0x75, 0x7]}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) ioctl$auto_FUSE_DEV_IOC_BACKING_CLOSE(r3, 0x4004e502, &(0x7f0000000040)=0xca) pread64$auto(r3, 0x0, 0x7fffffff, 0x0) 16m40.593686202s ago: executing program 33 (id=156): statmount$auto(0x0, 0x0, 0x1fe, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfd, 0x8000) move_mount$auto(0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x77) setsockopt$auto(0x3, 0x0, 0x24, 0x0, 0x28) socket(0x6, 0x2, 0x0) madvise$auto(0x0, 0x23, 0x18) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) timer_create$auto(0x2, 0x0, 0x0) timer_settime$auto(0x10000009, 0xfffbf38f, &(0x7f00000000c0)={{0x1000000000100, 0x9947}, {0x8000, 0x9}}, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x4038ae7a, 0x38) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/net/bond0/duplex\x00', 0x20100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000003c0)=""/4096, 0x1000) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC1\x00', 0x400000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f00000000c0)={0x320286e4, 0x8, [0x2, 0x0, 0x32b, 0xa40f, 0x0, 0xfffffffa, 0x9c3, 0x4, 0x75, 0x7]}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) ioctl$auto_FUSE_DEV_IOC_BACKING_CLOSE(r3, 0x4004e502, &(0x7f0000000040)=0xca) pread64$auto(r3, 0x0, 0x7fffffff, 0x0) 11m21.740298886s ago: executing program 3 (id=1264): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb2, 0xbd1, 0x300000000000) capget$auto(0x0, 0x0) memfd_create$auto(0x0, 0x9) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(0x0, r0) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0) stat$auto(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) fallocate$auto(0x3, 0x0, 0xe, 0x8ec8) 11m21.088094477s ago: executing program 3 (id=1266): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyee\x00', 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x2, &(0x7f00000000c0), 0x1) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/ieee80211/phy8/aql_enable\x00', 0x80001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x81, 0x0, 0x80000000) setsockopt$auto(0x3, 0x84, 0x15, 0x0, 0x28) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff8, 0x2}, 0x0, 0xf4240, 0x1) 11m20.138528888s ago: executing program 3 (id=1271): clock_nanosleep$auto(0x9, 0x0, &(0x7f0000000000)={0x0, 0x200}, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x82002, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, r0, 0xb3c1) quotactl_fd$auto(0xffffffffffffffff, 0x4, 0x0, 0x0) socket(0x2, 0x3, 0xfffffff1) mmap$auto(0x9, 0x20009, 0x4000000000df, 0xebf, r0, 0x8001) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) unshare$auto(0x40000080) dup2$auto(r1, r0) mmap$auto(0x3, 0x3, 0x4000000000df, 0x1000000005a, r0, 0x7) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)=""/88, 0x58) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r3, 0x545c, 0x0) renameat2$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x4000) pread64$auto(r1, &(0x7f00000005c0)='}){\x8e\xa2\'-\xa5\xec\xfe\xf0S\xe5_\xe2_nZ\x93\x9d\x00Ny\xfd\x97\xa9\xe4,j\b^\'zm\x81\xcf\x86\xb0W\xac\x03\x00\x00\x00\xb6\v\xc7!\xd3\xbb;|C\xa9\x1b\x13\xdeU\xb8=\xb4i\xb2\xd4\xd3\xe3\xe1\xc8\x06\xa7\x19\x01\x05\x13a\xda\xda\x86\x9aV\xe8\xae>MtC\xe3\xccI\xf2\x85~\xe6\xe8)\x19Y\x8f\"|\f\xa0\xda,\xc5\xf8z\xf9\xf7\xc46\xbbU\xe2\xffp%\xfb\xe5ca&3@\x93\'\xc72\xc1\xe5>~\xf5M\xba\x0f\bO:\"\xdd\xf8\xff\xff\xff\xff\xff\xff\xff\xac@w\x00\a\x90m\xb0\xfd\v\x01\xb2\rg\xae\xd6\x10%\xf4\xc4l\xad\xa5fKWFYX[#\xe0\xc4g;\x93\xacs.\xded\x18j\xe8|&_~j\x94\x96\x03\x11\n\xe6$0\x18J\x88\xcbw\xe2jD\xe3%()]\x87%\xba*\xacC\xc3\x97.\xec\xea#\xe0\xe9G\xdf\x1d<\xec|Bk\x0e\x94\x11\xd5\xb5\x98\x12\xc1\xa3\x80wA\\d\xc6\xf0u\xe1\xa1\xb7:F\x87\xfe', 0x4, 0x0) socket(0xa, 0x800, 0x84) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x48050}, 0x40400c4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x4840) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) 11m19.209273915s ago: executing program 3 (id=1275): fallocate$auto(0x3, 0x0, 0xe, 0x8ec8) 11m19.074781532s ago: executing program 3 (id=1276): unshare$auto(0x40000080) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000fc", @ANYRES16=r0, @ANYBLOB="010028bd7000fedbdf251c00000018000180140002006e657464657673696d30"], 0x2c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000000) 11m18.642667408s ago: executing program 5 (id=1278): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x12700, 0x0) mmap$auto(0x0, 0x2020009, 0xffffffffffffffff, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCSBRK2(0xffffffffffffffff, 0x5409, &(0x7f00000000c0)="d00d7c880052e22db097a70a6a6efe0aa440eec00101ecf6e06ecc7359726ccd3d5e75a9a76e9d6bb962ab29a5e4b0bf5a9a3c16a389822dd30a0b44e4b5a6ee2e792900e6e75f4eb1d16b8a713213e91fc1837193bf97b5ea7b6734e75e36303a29d78fa3d8617b290285916dae16aaaa7782676713422a30776ff9697d495af19c5406ea1e99cd3a6087df989fcdc8846479e690aa1e8b2482b1a79b4c9432f9be6b237c7fb5a2dba78aa0e9c491dbddb190b2320117acb407dc2b498e255cf84a304aba310c090f135694553476cad27f40ef4797a7e0885537b663562042") r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000001100), r2) sendmsg$auto_CTRL_CMD_GETFAMILY(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000ffdbdf25030000000600010030"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000044) r4 = syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r2) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r2, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x8c, r4, 0x200, 0x70bd25, 0x25dfdbfb, {}, "3db7201705214238689bc53169f596594c42910aa6058de259434a1b661cdd82fbb7c7f6ae01806a69340fb261c3888147cd4bdd130d9fdeccef9b84115d6452010b5125c2005741888499a0e3b6034e153745446142a6b6b16fc7fc0deba9c1af078fae076e57c75f16d1a9cc667a39dd4caadfa84b21"}, 0x8c}, 0x1, 0x0, 0x0, 0x44050}, 0x24040815) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000480), 0x10000, 0x0) bpf$auto(0x8, &(0x7f0000000240)=@batch={0x7, 0x8001, 0x4a, 0xaa6f, 0x10001, r0, 0x49b, 0x9}, 0x5) socket(0xa, 0x5, 0x0) write$auto(0xca, &(0x7f0000000100)='\x04>\x01\n2\x7f\x88\x83\xa9\xcd,]\x01\x00\x00\x00\xef\xab\xe1ME:\xab \x87|\xe0Z\x1bsZ\xac\xff\x92+\xc9\x9fs\xbf\xd8\f\xf5\xa7jUA\x11\xf9\xb4U\xc5\x92\xf1', 0x80) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000004240), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), 0xffffffffffffffff) unshare$auto(0x6) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) 11m17.910328777s ago: executing program 3 (id=1280): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x1) setgroups$auto(0xe32, &(0x7f0000000040)=0x9) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r2, 0x1, 0x70bd25, 0x25dfdbff, {}, [@HWSIM_ATTR_PERM_ADDR={0xa, 0x16, '\x00\x00\x00\x00\x00\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000080)={0x14, r3, 0x1, 0x870bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x100000006, 0x0, 0xa, 0xfffffffffffffffe, 0x0) 11m17.846968676s ago: executing program 5 (id=1281): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x11, 0x2, 0x4) bpf$auto(0x0, &(0x7f0000000000)=@iter_create={r0, 0x8}, 0xa3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) setsockopt$auto(0x400000000000003, 0x29, 0xcc, 0x0, 0x567) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4606, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket(0x28, 0x1, 0x0) getpeername$auto(0x3, 0x0, 0x0) setreuid$auto(0x0, 0x20000000004) unshare$auto(0x20000) 11m17.210710741s ago: executing program 5 (id=1284): fallocate$auto(0x3, 0x0, 0xe, 0x8ec8) 11m17.022840567s ago: executing program 5 (id=1285): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyee\x00', 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x2, &(0x7f00000000c0), 0x1) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/ieee80211/phy8/aql_enable\x00', 0x80001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) io_uring_setup$auto(0x6, 0x0) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff8, 0x2}, 0x0, 0xf4240, 0x1) 11m16.437484773s ago: executing program 5 (id=1287): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x57) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100) sendmmsg$auto(0x3, &(0x7f0000000180)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x80802, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x40, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x20006, 0x3, 0xe72, 0x401, 0x8001) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS3\x00', 0x40, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp1\x00', 0xae0903, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptmx\x00', 0x109a42, 0x0) write$auto(r2, &(0x7f0000000080)='#-*,+\\}\x00', 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1e, 0x3, 0x0) r3 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) poll$auto(&(0x7f0000000240)={r2, 0x1ff, 0x3}, 0x8000, 0x4) r4 = socket(0x28, 0x5, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x7}, 0x3, 0x0) bind$auto(r4, &(0x7f0000000080)=@in={0x28, 0x0, @rand_addr=0xffffffff}, 0x68) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto(r5, 0x5425, r3) unshare$auto(0x40000080) 11m15.259669313s ago: executing program 5 (id=1291): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffeffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) dup$auto(r0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0x18, 0xa, 0x1) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x402, 0x0) ioctl$auto(r2, 0x5101, 0x3) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) r3 = getsockopt$auto_SO_PEERNAME(r1, 0x3, 0x1c, &(0x7f0000000000)='nfsd\x00', &(0x7f0000000040)=0x6ca) setsockopt$auto(r3, 0x4, 0x200, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x3}, 0x4000003, 0xfffffffc) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r4) sendmsg$auto_NFSD_CMD_VERSION_SET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c40)={0x30, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x18, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x2}, @NFSD_A_VERSION_MINOR={0x8, 0x2, 0x6}, @NFSD_A_VERSION_ENABLED={0x4}]}, @NFSD_A_SERVER_PROTO_VERSION={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) 11m2.13222011s ago: executing program 34 (id=1280): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x1) setgroups$auto(0xe32, &(0x7f0000000040)=0x9) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r2, 0x1, 0x70bd25, 0x25dfdbff, {}, [@HWSIM_ATTR_PERM_ADDR={0xa, 0x16, '\x00\x00\x00\x00\x00\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000080)={0x14, r3, 0x1, 0x870bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x100000006, 0x0, 0xa, 0xfffffffffffffffe, 0x0) 11m0.11446833s ago: executing program 35 (id=1291): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffeffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) dup$auto(r0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0x18, 0xa, 0x1) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x402, 0x0) ioctl$auto(r2, 0x5101, 0x3) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) r3 = getsockopt$auto_SO_PEERNAME(r1, 0x3, 0x1c, &(0x7f0000000000)='nfsd\x00', &(0x7f0000000040)=0x6ca) setsockopt$auto(r3, 0x4, 0x200, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x3}, 0x4000003, 0xfffffffc) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r4) sendmsg$auto_NFSD_CMD_VERSION_SET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c40)={0x30, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x18, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x2}, @NFSD_A_VERSION_MINOR={0x8, 0x2, 0x6}, @NFSD_A_VERSION_ENABLED={0x4}]}, @NFSD_A_SERVER_PROTO_VERSION={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) 5.110149981s ago: executing program 2 (id=3899): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty39\x00', 0x40001, 0x0) write$auto(r0, 0x0, 0xea05) ioctl$auto(0x3, 0x4b40, 0x38) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_BIND_RX(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r2, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r3}, @NETDEV_A_DMABUF_FD={0x8, 0x3, r1}, @NETDEV_A_DMABUF_QUEUES={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) mmap$auto(0x0, 0x2, 0xfffffffffffffffc, 0xeb2, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r4, &(0x7f0000000000)='/sys/ker\"el/debug/tracing/events/vmalloc/filter\x00', 0x1ff) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) r6 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000cc0)='/sys/kernel/debug/x86/tlb_single_page_flush_ceiling\x00', 0xa0480, 0x0) ioctl$auto_XFS_IOC_ALLOCSP64(r6, 0x40305824, &(0x7f0000000100)={0xde67, 0x8, 0x7ff, 0x248, 0x400}) ioctl$auto(r5, 0xc0184d03, r5) 4.948158738s ago: executing program 2 (id=3900): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x20499d, 0x9) socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fanotify_init$auto(0x1, 0x3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x400000000004, 0x7, 0x3, 0xeb1, 0x0, 0x8000) setuid$auto(0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0) sendfile$auto(r1, r0, 0x0, 0x48) madvise$auto(0x108000, 0x800034, 0x200000b) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/4096, 0x1000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x204180, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) unlink$auto(0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) ioctl$auto_SNDCTL_DSP_RESET(r2, 0x5000, 0x0) madvise$auto(0x5, 0x2, 0x0) socket(0x10, 0x2, 0x0) 3.383202133s ago: executing program 6 (id=3908): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5ac, 0x0, 0x5, &(0x7f0000000180), 0x5, 0x8001}, 0x5}, 0x8, 0x140) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) pselect6$auto(0x77, &(0x7f0000000000)={[0x4, 0x0, 0x8, 0x0, 0x18f, 0x2, 0xe0b6, 0xfffffffffffffff9, 0xdb06, 0x70000000000, 0x0, 0x4, 0x3, 0x1, 0x2, 0x6]}, &(0x7f00000000c0)={[0x8000000000000000, 0x1, 0x100000000, 0x7f, 0x1, 0x7ff, 0x3, 0x0, 0x8000000000000001, 0x9, 0x0, 0xffffffffffffff68, 0x2800000000, 0xf, 0x5, 0x1ab0]}, &(0x7f0000000280)={[0x7ff, 0x0, 0x6, 0x4, 0x7, 0x3, 0xffff, 0x0, 0x7440, 0x4, 0x9d3, 0x1, 0x101, 0xfd8, 0x0, 0xdb]}, &(0x7f0000000300)={0x2}, &(0x7f0000000340)="d45311ada92d00046e06c813d808bb88681e3f82c051dc706434e78ae9c856a31aba95a8d60ce752237090313abe8689d82de51ce19916fc05c7343355d1d55ded7dc427f13d23bdd14252c8b273a700b27e7f80fcf3f2c2ad551cd75198a259415d44a7a6e146d8fda01bf44c9b7b7fe551c01ebbf437f632f03915458476522b7b5f021c418447f4917b9b21cd2b6d3adf89479ee56fe4e652df16ce797b6877bdad23fd9b2f9c9a7c9440ec9469a2d7946f42b4360a1710199be603f5424d3975724346cc40c94d") ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000140)={{@inferred, 0x0, 0x1, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @raw=0xfffff001}, 0x3, 0x5, 0x4, @inferred, @integer={0x1, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0ada71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) 3.184354277s ago: executing program 6 (id=3910): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x24}, 0x1, 0x200000000000000, 0x0, 0x4}, 0x8880) 2.963195201s ago: executing program 6 (id=3912): socket(0x2, 0x5, 0x0) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@llc={0x1a, 0x310, 0x73, 0x1, 0x6, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x10001}, 0x3) r2 = socket(0xa, 0x3, 0x3a) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xc, 0x940, 0x1ffde, 0x3, 0x7, 0x3ff, 0x9, 0x5, 0x2, 0x4000000000000007, 0xb0, 0x9, 0x2, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x40, 0x80000000]}, 0x1fe, 0x881) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/stat/synproxy\x00', 0x680, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0x1, 0x1, 0x81, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x2, 0x5, 0x4, @inferred, @integer={0x7, 0x5, 0x7fff}, "7a9fc199a16a2311eacf2fc7ae1d8778dc618090334fdd73340238d212b6debe0eda71bdd709254592b67f9cb5adb17884a16f7ce8cbce0bb32791702b8d7c2d"}) rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) r4 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r4, 0x0, 0x8, 0x140) readv$auto(r3, &(0x7f00000001c0)={0x0, 0xc}, 0x8) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000140)={{@inferred, 0x0, 0x1, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @raw=0xfffff001}, 0x3, 0x5, 0x4, @inferred, @integer={0x1, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0ada71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f0000000b40)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000b00)={&(0x7f0000001900)=ANY=[@ANYBLOB='x\a\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002cbd7000fddbdf257900000005007400000000000600ab0005000000040016014b072a002e520e7fd4d3096036c7dc6dfef98ead685406d968693d4fad52c9c1c9a35d2d5db5c62d9e914b28a7e9f07cee77d3eb2830fd8363425e3a7fce24459205952c5fa68b0b33a8bcc91faceb3c09f973118259dd9ba63465c89425c0c72944927072c0dbdd31900075c0a6615c5e85f8d636beb359f00ec9da277fcb59c6be63e8dd78cccbd2ae37af62b7ff02136571c3b11884bd9210f6cb07dd4f7e1e36a79b47ae1c655f68b9b3d5b0ac5a3d0e73da7e0d2b940f616f386a567b7276a7036930ab86c0afdcef9f03b5cc0d6765fcad1190bc959e9993740f1b96e37a6008d8fd482fd6a9802e42e47d06f83836c4189cf2a48e0849c796f5f85869ba1f9ccac878540669d80804e50d532ad4091726f61fdd1cd7aeb5cd8aab1a1b734aab1d047bfb8f7ea2031ef5cc016d5534002e5aaf1e84662ce9c29847b4e81970789113bf20b0823a8e5975a6c4c58abd473d66bd8ddff62300728248d1bdb60c55871c878e14388a38beef041c0801b5fcfcf84a78907c05b1d416657ca714d28d78dc7bef1d0d3d64756902b39480a81115eeaca1e51a9653668cd97cfb5f142f08963b397df8be011a44ee0879d49dd7c83a8218b5f838a1fb0ce2f3a2777912ff038dbe31c3ae37628ac9bcac10f99160c294725220219a65801827cb3e411c4f96bde372a01c7b7b097ab1372f881eea44e822e2c276fc300e033fd49925faded0de0bf78210bbbd7e245542bd393cfda62c83a909be5608edda50d88c08f8167e56d236394cadf3eb24e32692dd6bf24735948e286971d34ba725ebbe41595c675a91e8c408f35fc24df62615ca2afed18f6cf7c24fd2ea5ed94c40568a3e768f743c62b2ff83363a5eb6d0b644babedb2261f67d76dae611b9c5e6ab5fe35ab2bf771722c82e59bd07e16a1ee7bdb6a8dafe535f6b77e3448d48459a15d471bc7ab7d48ed6607312781585f5d225b16173d6e0b25d87964004b632be670d4a8815604a45f9ae62a26d3f5127705049bdb6e6ae408d885fe15623826b74e16fd88f60640057d1fc1c801b3b30b005ce671a7a758296e7825859f8d06ed6236698604d824a7c29d2e0bb5d7de30d0079ecfc721b58f1482613fa97cbe9c0a26da82ced3385f95e59bebae7b73e89b50aa73aec71d0ccc0bc0f82075d869ab5693b760c3e0e57ab565152a05d228359f64f0be89932675de9581ab7b146b295f3772695d5d0ca53b7f7b203214a6db034956d91141167cd0ee1407a291a6262be3ad6b2df998194cfb212261b1aac8d3e0ad043de430b8bc6a071effadb9779d175c98a818deec5ed8a0853d202e2523a2f4a59aef88e49e2bce435cc924a594139f088b8e8ba63069401a6dc50f7cdc4c71e145324b4e92dc5add4f4eba402f26194eba32a7d8ad01b7a757adb54be5dd5987b7a5060b89b09a197733484b12c7061d2cd6d459e5ee8b11546bbec7836b5d45dd5f6f60c0306aa2d36c99054d2f0d0a7a8c47b2165011b7f0d551f5edf72e68525f85ad84bc78aac8c8d4b47caa30c80e99015f55d515e59cfb40a87ba5a90263a821c622ad45b026baaed24db0dad5c74ea82af3b20fbcf9f9427d34191488b902943842e8b68a3ca60be5ab832c47b0c068555aaf4ce64db490b54e077d8fee55c7408f4999bb9e3a5366b4d14979804c505964a60e1c14cd05fd924c6d749aa5d4159e2af6cac0bae7cc5834172b4ec114c0935649be7068544d12d306043b817cc1515c50c18c8a57e508acba988333be16a9207c4006388467faada85b8ffee464ad34f04503cc7d1d6eb1e714c75121a0ee08149d1bb1bf130269390347b8f277349fc5b3f694e1aa3f42685464740cabaed586dc351ef35281352121ca6ebf9f5625f7f65261c7b5f8d22b6d5fd28406642002f2274cea0232f91270d090b1e5a9fe0a34bde05dfdfb8876259d44c411e40dd6876b80d0a4783954f2646765a5df21337d6a47946358df057670d2e5598f38191fb79ffc919df4d2b6977d97497207b693a3a2101a7bcee9021000c7332f561a63217352169b66a58008235eb4a021fc467cb48deb65af90e70f6b792172417d0d6c9f893170d76ef4f4080be727b8aa7d8bb9bce4e730b430b177a81871a148440577c5e64a50a1fe609ea5bd43045f1fbbaa464cbb4b2e05b91458e222550124fd37ddc680b3a1e90a4824793991f83b50bb8b0bba6b74c0b97f0eb34ed33b64e3ddf7c4b9782242819264c520c2e1639b8484a392f7405778ee14312c64351ca14b67d90a67706736adc3bd42384f213db0872178e9932e1fdb635b3d3a13f01f5fdfe6dac68f4d06fe59b90c414923cd38d040154869cf9537d3febb1c504077e4d3ec256f2f272e71b8474f7d3f478819ef823f12a15b6150367c0dfebb22af47007a72cb640ee7bcfc17db9afbb365952b83dcce03eb302eddfd96ede2d71c44032616595190940954cb9ea65a918615921d79c3c0157f30ae17ccd34bd6b53c8a154a41eff1270f2c48cdcfa8c5c3e3cd9d26d9aa4ba9fed8f92407e598893bf696962ff13c11dde16edfc4916e9987dda1ec1eee98a3daf31c3581d60f669f8c9fcc5db1ce7f29d7530051b631691f6f64960ad473041e2cbcaa396000400b800000080aa917232829a3874f64c329057b74425dc8e7f0ee2bb1b7d11b24b10e0cf1e1ba05b2225734463993bd31b06852a5d4bd2eda6b4d2ea0b75c051bcfd2738952e403b7c6122182a720024c8a5783168a102f7"], 0x778}, 0x1, 0x0, 0x0, 0x20008001}, 0x20004094) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 2.806860186s ago: executing program 7 (id=3913): r0 = socket(0x2, 0x5, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.3/udc/dummy_udc.3/b_hnp_enable\x00', 0x400, 0x0) read$auto(r1, &(0x7f0000002440)='&\x00', 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x24, 0xb}, 0xfff}, 0x5, 0x311) 2.65812792s ago: executing program 7 (id=3914): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/erspan0/statistics/rx_over_errors\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/44, 0x2c) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mknod$auto(0x0, 0x1001, 0x4) ioperm$auto(0x3, 0xe, 0x2000000000000149) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r2 = socket(0x2, 0x3, 0xa) connect$auto(r2, &(0x7f00000000c0), 0x55) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x8906, 0xd) read$auto(0x3, 0x0, 0x80) open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x100) ppoll$auto(0x0, 0x6, 0x0, 0x0, 0x8) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7020f8dbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB="81a64693e802365e"], 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/rose1/statistics/collisions\x00', 0x800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000100)=""/16, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES64=r3, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/path_max\x00', 0x80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000000c0)=""/17, 0x11) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) write$auto(0x3, 0x0, 0xfffffdef) 2.601549729s ago: executing program 4 (id=3915): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r1 = socket(0xa, 0x3, 0x87) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) write$auto(0x3, 0x0, 0x5dc) r2 = fcntl$auto_F_SET_RW_HINT(r0, 0x40c, 0x0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r1) r4 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r3, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x9}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x8}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r4}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x4810}, 0x8040) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.1/usb2/idProduct\x00', 0x20100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000003c0)=""/4096, 0x1000) ioctl$auto(r0, 0x545c, 0xffffffffffffffff) ioctl$auto_TIOCMSET2(r0, 0x5418, &(0x7f00000001c0)="91f6") close_range$auto(0x0, 0x5, 0x0) r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = getpgid(0x0) kcmp$auto(r7, r6, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$auto(0x7, r6, 0x3, 0x2) pipe$auto(0x0) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) close_range$auto(0x0, 0xfffffffffffff000, 0x0) ioctl$auto(0xffffffffffffffff, 0xc0184d03, 0xffffffffffffffff) 2.400862338s ago: executing program 2 (id=3916): setsockopt$auto(0x4, 0x0, 0x480, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x9, 0x8, 0xc, 0x66b, 0x4, 0x7ff}, 0x6f4) mmap$auto(0x0, 0x20007, 0x80000000004000df, 0x10004000eb1, 0x8, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0x6, 0x0, 0xa0) select$auto(0xd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0xff, 0x2000000000000002, 0x9, 0xfffffffffffff761, 0x103, 0xa, 0x4, 0x7fff, 0x5, 0x4006]}, 0x0, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socketpair$auto(0x6, 0x1, 0x20000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES16=0x0, @ANYBLOB="00022abd7000dbdbdf25020000000800030000000000050004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='X'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0x4004743d, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x80001, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) 2.073492193s ago: executing program 4 (id=3917): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) socket(0x1a, 0x2, 0x0) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="46cc0700", @ANYRES16=0x0, @ANYBLOB="0021b237d2602ff9"], 0x24}, 0x1, 0x0, 0x0, 0x4008005}, 0x4040) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) pselect6$auto(0x9, &(0x7f0000000000)={[0x8, 0x4, 0x0, 0x6, 0x8001, 0x4000000000002bc8, 0xfff, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b05"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) (async) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00') setsockopt$auto_SO_NOFCS(0xffffffffffffffff, 0x4d6b, 0x2b, &(0x7f0000000180)='batadv\x00', 0xfffffffb) (async) ioctl$NS_GET_PARENT(r1, 0x8004b706, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.020243839s ago: executing program 7 (id=3918): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'dvmrp1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x104000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x38, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x2}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r4, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x83, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) futex$auto(0x0, 0x923d, 0x10, 0x0, 0x0, 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r7 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000000)={0x28, r7, 0x159198c6007aa95d, 0x70bd29, 0x25dfdbfc, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0x8, 0x4, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0xc0}, 0x40) 1.982839938s ago: executing program 6 (id=3919): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={"fdaf5684", 0xffff, 0x6, 0x3, 0x20009b0, 0x80, "c625aa3f222ce10400", '\x00', "0402eead", "05000200", ["0000003cac6a80e24f2c8d40", "f8ffffffffffffff00e10001", "b06f8ca10c66eebcbd6f17c8", "5f53589752d01e60b2239000"]}) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) futex_waitv$auto(&(0x7f0000000000)={0x3ff, 0x5dd8, 0x2, 0xfff}, 0x3, 0x0, 0x0, 0x623d) (async) futex_waitv$auto(&(0x7f0000000000)={0x3ff, 0x5dd8, 0x2, 0xfff}, 0x3, 0x0, 0x0, 0x623d) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_prog_fd=0x77, 0xa}, 0xa3) (async) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_prog_fd=0x77, 0xa}, 0xa3) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x1f, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(0x3, 0x0, 0xfffffdef) (async) write$auto(0x3, 0x0, 0xfffffdef) socket$nl_generic(0x10, 0x3, 0x10) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/4096, 0x1000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) unlink$auto(0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x5, 0x2, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x20, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_PUNCT_BITMAP={0x8, 0x142, 0x4}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x4000014) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}}, 0x801) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}}, 0x801) r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010029bd7000fedbdf2503000100040008000c000180080010000400"], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.734965221s ago: executing program 4 (id=3920): r0 = socket(0xa, 0x3, 0x7c) r1 = signalfd$auto(r0, &(0x7f0000000000)={0xffffffff}, 0xb) ioctl$auto_BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000140)={@raw=0x7ffffffffffffffd, 0x7, &(0x7f0000000040)=0x57bb, 0x8d, 0xa, 0x5, "447c94472ff65508bfc843f739aad86e01e20028f17f39e8acf8b580"}) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/console\x00', 0x48600, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x800, 0x0) ioctl$auto(r2, 0x5607, r0) 1.730940149s ago: executing program 2 (id=3921): memfd_create$auto(0x0, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1c9180, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0xa0900, 0x0) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(0xffffffffffffffff, 0x0, 0x45004) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) fcntl$auto(0x8000000000000001, 0x26, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) fcntl$auto(0x8000000000000001, 0x26, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fe8000"}, 0x55) ptrace$auto(0x4206, 0x1, 0x0, 0x200005) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xc4ea, 0x1, 0x20000001, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8301, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x7111}, 0x8) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS2\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) 1.520513127s ago: executing program 4 (id=3922): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x11, 0x80003, 0x300) r2 = socket(0x25, 0x5, 0x0) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000000), r2) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000004e, 0x2, 0x0, 0xfffffffffffffffd) getpid() r3 = socket(0x2a, 0x2, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x4, 0x28000) getsockopt$auto(r1, 0x81, 0x1000004e, 0xfffffffffffffffe, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) mq_open$auto(&(0x7f0000000080)='!\x00', 0x76d0, 0x101, &(0x7f0000000100)={0x7, 0x8, 0x7fffffffffffffff, 0x5b}) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r3, &(0x7f0000000240)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r4, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0x10}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x7}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_TDLS_SUPPORT={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40800}, 0x800) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r3) sendmsg$auto_NL80211_CMD_GET_STATION(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x100, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) 1.458377108s ago: executing program 7 (id=3923): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x82002, 0x0) socket(0x2, 0x3, 0xfffffff1) mmap$auto(0x9, 0x20009, 0x4000000000df, 0xebf, 0xffffffffffffffff, 0x8001) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r1, 0x545c, 0x0) socket(0xa, 0x800, 0x84) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) arch_prctl$auto(0x2001, 0x2) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) 1.145711911s ago: executing program 4 (id=3924): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r0, 0x6) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) linkat$auto(r1, &(0x7f0000000040)='\x00', 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) shmctl$auto_SHM_STAT_ANY(0x19, 0xf, &(0x7f00000011c0)={{0x2, 0xffffffffffffffff, 0xee00, 0xb, 0x0, 0x6, 0x1}, 0x6, 0x4, 0x7fff, 0x73a4, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x3, 0x0, &(0x7f00000000c0)="c94529bff2b7170b51020d9606777e8928b2e2c859b84675906e01c20415675d9eda4d4ab181fcff6203fed0bdc63bc74500f8e0efe7bfc00507e5ed7915935ce615a0b8d2b3c6fb5936871d43dcca3f4a3354dbfe269a8b177633fb6a4c8f4248731dd59a875ce0a2ac77f472fa1c00dec7e58137da3dfe31cb8ccf0b8156ea114e46f1790e342f9f09c260ca884e48ff65a2eb601d856e8f3786f708bcc01c19e4a88d6b6ce7ba2c385d63050ef8e6bf066af47c4a1fefd0a6f98f490e1b1fdc3b4d31edff6c54c0b404d65da6636c12c46519ab0fa2ccdae01ba7ad1f5d50067f9b226f3e8ab47a2400369cdda1a69f8e53b2d1a68c328b887ebed33addb812be2bfbf9bd461a3abf5bc532499df58e12d4e527df61162157c4dbcc26450b5c90a1fb5e4a45e8385aa4e1167156fda7e64177781921131604b992d8eac371d75ce024e38d78525a362743fc1f91c5282859476e00028c9e98c2805103363654776ef808e3de93568ef9f98175e33255c762e66cf75f63b30e57351122f3a0f9395e8dfc328fcb99699b4f508f531081c31cf722a7b763a04a0717e0c4b17deb30cf20bc13ddcaaaaa5710e30ec1117eebbf49dc91158151beadddeb36e8e9f65105dd956ff782f180d4feec04d261343c935588025c2da7b2e920ba967e4f1bdba0a0bbc6f40a4d8b4ee6749b0283f8a85908d2a928785c29df910abccf39aeddb4e4588cae3232cd149ab754e9aa1ed5bc2a7d84f2efbade3c92432b59cf176a617547d3009fbe26ec3fb9d7d59c25fb437a313e5259f6a1eafc3e990fc6a69a49013024f963a281eb9c73a62643c06eb8e173ede4d9283da02019b2655b0a51e84bfe860c548fab2fc9f8d08d5fe8373fc7b14e586f025751fe0fe8d3810ca311146768f7c167b1de15fc4dea38a0f11a4e74bbf294d37e561564e3ec3925217befabe8a2109a27674bf3ab03fbb0400bcd47579ef541dda5c15c73510a849cc159d03871b82ec8b31fd70836c7b1dbd33db7d36d294d7d4fe07f42efe4b07b2e0d63bd32fb366a12b4a908de7db4bdc601be41348342d48256a234b81b68a135c474b96355b1ba8ce59f03a38f4019d2302f777c7fd92c5c5ea8d274c6e66c06aa29e9d9b3a4bfb59a38a7986c937c840c84ea9fda80dacd9a5e1628dc1bc11eb2b9bcf3cd7ef6d787d9e040ae55fa4d1aa7bc5784eb213fbed6515f3902eb6ab19fba071e998302d36ab7a8f46ddf36102b609c2dab5387fcef3ddce9f08a329d12f63690caa638686f66e67a684d1b8a2d887c0ec52144b600bfbec1958016fddced0e4dcbfbc25334f5a814627f69eaf0ad7440a95ca8b94f2ae158731f3913b126eaf4843bd727373fa5a6d1e7822d512f9c24c685fec541cba82f011068cf6f469f0692e9cc9f70d35270a7cd7250b51a21d2463e81f3785a86caae83de83149b0bde2e99e466656345360727eb1156893bb4145e97771c88ed99e145f668a027f96dffae2b49627b34a8027ac18fad851681658edf6f30b7f6b347341d3fd278f4ed66cec04135609a218575c9f05ce23550f65e87e244a919ee8c09dea5a656ef895200bbf713c0fc7e0ebe15e73692aac2fdd61646ffc486c05ece547ee42bff5b54989340d4c5da01e5340564dc65502c31b5a377017e2d8d14b14f4bae26ec1e8fb1bdb85d26037f2f4d6289ebc0c7368a6c1cdb059951b3664aca6770fc0104ecd825a089dc8aca8fb3e7ea610995ed4cd539e7100ac1b24ae3fbe99548f104d6a59afa122b0348211b5fdd8b62db7285e9fe31835c0c789223bc1d38572abbf9ad89749e7c55370bb95125dab3914dbcd35b41d9b66dcad2c880bb4ac741697dc77d6f80524f9f74b483ad3b0d5047ea4f8eaa8b515fe4233088244cdf814dec784388780f35ab710e35db8006fc37c1e9246276ed7c02c3ba3a3ea9bf38e70b834426e6e7385a085e3a0d1c22d5c8b5ae5e64c98787e2ea15693fd10f454f81b2714fed9730193de3dbd968840680352133f157fca2f5c203e6be21d032cf23093c7d57412d828761cbf60805abd840cf709309bc5f056b99fe0244f2df61b98c3f8692ae8dbe939d5af5c80d2aad5773d415dd65c67a54c251f9e1989a6094853da94df78529ff656d28721156b6251b5b9abad1ec98c938183bcb99afa66d473c33272b716ff7fb0eadcbad98d318a166d89f80d4c95644cc024cc5a8158994fb93807f5d3fb155f5d2ebe7ec08ee7c8cbf3a288250afdd83f3f4da14e231b7efff7edec207b196813d3f6db2c78b6d6bbbe3fed9e32f4f914a778ce52ad1a54f89c6bc248329aecc90c8e4734c45a2fb60afd380199ffec6da35168fd477e0f7c0dffd30895caca416c5e791abdd6121a206e44b784e5a22ad515d716c4ef5636852f11d276b8cf342a15620292eaaeb80277130b98c6607724cf78ffdd8fbc68354053a6dc481803494eeb5dc38cfd23f4a186fec8de71b3e21c8687e46ebb4a9dbb866acae5a262e5f31c5cc1538fc3f277a849adb4fb11c4f5e30e668e2d3b8c1bd501ce62bc204fb93d039128a2342cd78dfd7b9c2637ea9cdb184ac3e42f0b5294a647c3d2e2e0ce2b2f5ebc27b0b9e4231a823ad3e8b1adcebc3ad89769fea3e70a36b0ebb0f55cf4d99cc2fe9725b8b57542a6eb4b9956929ab7515e209383935e49c80756cfd08daa2fe2de729403486f74baa6a1758094df114c3127bb2fe72f4ce23ac02e7855e7a24058b83123fe254bae4d1f1f547357d2321e999b13c90bc868336a3b44e9532567258d956cef3e0e1a5ca9d02da3d2bac72d1d26860cb3817c674249521c045ab375f900bdbe825822dc05144da3d368ea91ec0d77b32accf68c084c227489da079dc0ba57dad29af951948fe9201e8d552b5548054fd0cfba645b921fa3670b5d876dc7520c2bbb5e42d06f7dbf58ac65210b6f15b37727414b82c8cd47b09f8815420557ca39f26cd370fc6a642477a286bc902236c310d91d5b09d719311de09233071d7d73adb844987a90476bbe10863109ecdfa4f50381b7f672d3d424ddcee818a0c028c286983c131a61e6336f9c068a89e74384c417c55fe45123c6da1824da3354f22d25216a0dcfc688f3213050a62d44693eb3c22105ea70ec1eb8eddcc988b1fbf0c17cead2f9a7866d8a5fc1e957a521d8eae359282762783cea7d380a5e8796b37dea0a93a25f63726a3f73f8e3c6545d227438539d6851b97b04c25a522f38007f21612e23494969304e22ffdc2a419b5a3d8ba9e1ebb2f92c1d3dcc6b10e8973031992b1b1f70e6c7c5bcbe2b08e863d3619c2f4acb72e5a98925bcf6048c45a9052d9f4f453c1f4ad2a2fd8bc2852f94dfb96408b72587f7768934487bd4780beae250ecd58fbf4b1c2e4eec1f4bd659d88451b793e8945044a30897da4b311b4b7c54c19b2e9818fcca3aad4707eca57988fa3e49b0925b2045eaad94698e58acd9732ea08bfc6e4406d8b14d8ba308e616b6f2a9634bf1b856095b92971029ff6b77a885384d6ce981505ce70bc3f8183cbb6093c7693bfcf3d531c719ec7f8c58e9cd0673b47e023867f18dd488ee3e0882e999f1a3db1270a7e70902029a31839cc6f54a83c814afd6135df79043d95cb607766eb09ecde38fef1a386be7f41da95dc4968a264933b3c91e92650e727aeb471f6a345cc0c67a6cad511b4fd885e9c31e346d8785869d6010c182d1b1515013d92f33ad1b9cfad86e5d7e71295f928427348ab35cbe9e84194b9eec678cf1f453e0dd46b8e3705b07daaa293a37f20110304db55bb3c8bc0f019c8cae0449ac723ab6bd5af211f4e74974c02665e36e62c1532917b0781160b5429bb3b6a08c5fce7c8e914b245634eb43f7a150a70e6e5773c222c232e8f0979aa1e1f5de4b8cba160c44f2222085b9926c343b572d46d726f542777dcc754bde0434ec3d3ae0cd4dcca2ec6bbce3ab09aa484bd859628d22d42bb89dfc4047c5c4cb377e0db303f37194ee28981f4eb91d2ebc565d9dd3f91060b74b2500e3234f412c350bc60171075e43924b6fd2004f09062d4aba91c473d0b9ba30c0fa738f783c234214d7bf7249efd8cc982130a442ef84a96d426f71c01b692529f9b7bc0cd3418e47106097e12929af6cb07bc075829811753ab8a2f3770e79337bae0bc55982cd83f5d9d6db08a9cd3854baa1ba3d538ed891858950588dd47a06ee44899a7eaa83eab8c9a24c08f3f5e8b13d7e0493860c1f0988ace03733a21b452c7c03184af6f2a7c8752b5a1d2431a2e62e46c7796a24c302c68faf7928725f0be53e69a0dde922474b2d251225f3a48adda80aedb6dd3b81d38badb94886b3efb10f4e71bcbe7edb3a350430836061b52032e003460060dcf2e54b1f93e336d159ea1cfa24f71ff60435e9024efd62af982ae93b8f7a7f833fb645101ff8b04e579bffb74c5e6ce6e488a0b342c394b5030503188ca89fd412200326b438751a0108e6fb081dd12d655ffa735d85d1bbc9a6211614c136a9dba4f24841c1beee3b60d9b77ba99779797dd3bbda5ebb8691af2ca101e17d6f6d7878ba9ebb266c031a512cbe1c4e91165b20ec31f88807a42c2e95ef0e9e058830c0223f84c518ba7ff8f766e955c27c2d4b4f1e4c347f647e04287b44b8037c3de7592ec0be40ea67e349a420d22e04e88496c2ad328561d89cdc6221124a07b34e95c7789f68317e346aac236bccdcf7e1d2a48c8e6540680dacd92070919d7d1e04c82e0253bb0e7e6cbd5c0cb5df2505c0c9264f7b0cb10763c15bfc527d81f25e5e2cf1a79bd555da08cd47226fab6328cb1993088a3fe562346f3288af7274e10b08985ffc8112c62c801a24b24ab822757d45a3c6576674df012e31d4a0850b6670d522d80eb1e71795d884fd6de0521a4210c7f458bb8449401d783323bea4b65dde33c2b4e13178b153b75f463500ebdf6f795b87b3be6f1d9e1ebc8f704ad5e9b484eae5aa65b64fa68f3ea1e03cd2ab454aab52917e222f9c59398a968ebacc4809d8f74b881e551b931c15fb1fade972688e3de6cbdb29aa227692cd0e9da0f1cc1fd07320c72afab48610a7347e88a61d6cd4f44079a5bc18bd043b83ede9b8fa6858b2f49f70f8f5ccf79a42367b04209a7277e881806ed3358eae3e33283224a97651e55cf393378f9294285202a7cf4fa6b31ca7345f2aae0d64abbf8f095407c8b1a210b34a7ccdb3b308517ccdc892dc8468c69d6d1d1a0d5a5c05bc4e9f9de3518b7bfef72277cda2c408c9207d4dc13a31619719184b328e005ada906863f40ff7e2a626f200d3d6f1785b02e148c5dd7dea088575e7527ce93950e960723272bbcc304af36eb702cdd0b7a58e3b0c0bbf36ecf9723420ea21fe918970bb850a0d17c99905c71d3670dd7652e9a8f5984d799bb4790b84d099dad4557572ef5aa4d819cac08d977efef725b895e83e76622f653082f55632e6b943a1609d65cc6b39df782836084359c022692d787c812e3947846523a440c902f4cbfe888dbc1c0953ae73bbba1560eb75ad940d3642c4066f3daafade286ba0f16ae94d84015f4013013c228fe009383de449cc15658ac29144e7e9dbb87b2653c088c7014931b4d3433c422fce238255275b40a54712d7684164a47a1c00f0fa60bc52a39b330ea8b988b3ae5b5929edd32aa859564457153ec67475c4d20a00baff626b9c09fdf43d47c09f74e2668ef4bfc7e8b751ccfa721f93e3b2694ea5da8d8cfcf313550f71e6e0248304741f5", &(0x7f00000010c0)="96709434d3541dc2975b1fccebbba15ae9a3700fedd4303cf3095cc693a5da0fd269dc9b27638775ffde254e8bbba938b82942ca1d5e46f34d59315820e9e4cb32ed3fe8ac628a1b2dc870e26182c3214b3f49f8354da908b2ec3fea2856d4a2c7f599745b386150678b8a301dd31bd74705709ef0123c3bba212a6f4470ec7ce31c48b050c2bce405e03cde2f1384ca27f0a050bcb8701df741dfef63a746afb3ef9cab223a688bae06e014bb489c0c1a28aa4067aafd10748a27e0398c9b05305c042776dc35796185a1ad82331eae359fb76f79191fc7a277e164ed"}) getuid() socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) clone$auto(0x7fff, 0x200, 0x0, 0x0, 0xf) semctl$auto(0x80001ff, 0x804, 0x3, 0x4) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0x4048aecb, 0x0) 641.231353ms ago: executing program 2 (id=3925): r0 = prctl$auto_PR_GET_ENDIAN(0x13, 0xfff, 0x0, 0x8, 0x6) r1 = openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x400, 0x0) r2 = bpf$auto(0x7, &(0x7f0000000040)=@prog_bind_map={r0, r1, 0x8}, 0x7fffffff) writev$auto(r1, &(0x7f0000000140)={&(0x7f0000000100)="cd1331a6c2", 0x1}, 0x8) ioctl$auto_FS_IOC_GET_ENCRYPTION_POLICY_EX2(r4, 0xc0096616, &(0x7f0000000180)="429131c62b7fd97897") read$auto(r4, &(0x7f00000001c0)='/sys/kernel/tracing/saved_tgids\x00', 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000200)=""/41, 0x29) syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000240), r2) r5 = getsockopt$auto_SO_TIMESTAMPNS_NEW(r4, 0x0, 0x40, &(0x7f0000000280)='HSR\x00', &(0x7f00000002c0)=0x6) read$auto_ep0_operations_inode(r5, &(0x7f0000000300)=""/148, 0x94) ioctl$auto_SG_GET_KEEP_ORPHAN(r2, 0x2288, &(0x7f00000003c0)="9c93681c8bd27c8a302de777fc200f67cc1c920747cb53976b644fcfca31c1f39f8f39dec9ccd97acf2e6b13d72f007f7eec118415dfbda3da635a0242fbf1d30e63d2d0bc5b536813ffcf1ebbb648eca32f3fa0ab5a") r6 = getsockopt$auto_SO_MEMINFO(r1, 0x78, 0x37, &(0x7f0000000440)='-+*\\\x00', &(0x7f0000000480)=0x7) pwrite64$auto(r0, &(0x7f00000004c0)='}\x00', 0x0, 0xf7) r7 = fcntl$auto(r3, 0x0, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r7, 0x4018bc13, &(0x7f0000000500)={0x8, 0x0, 0x4, [0xd1400000000000, 0xf, 0x3ff, 0x8]}) adjtimex$auto(&(0x7f0000000540)={0x10001, 0x0, 0xffffffff, 0x6, 0x9f4, 0x4, 0x9200, 0x0, 0x6, 0x8001, 0x3, {0x1, 0x80}, 0x1, 0x30b, 0x6, 0x1498, 0x0, 0x9c, 0x489, 0x1, 0x8000, 0x8f, 0x4}) ioctl$auto_BLKSSZGET(r3, 0x1268, 0x0) rename$auto(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='./file0\x00') r8 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000700), r6) sendmsg$auto_NFC_CMD_SE_IO(r6, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x68, r8, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x7}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x9}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x3}, @NFC_ATTR_DEVICE_NAME={0x24, 0x2, '/sys/kernel/tracing/saved_tgids\x00'}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x7}, @NFC_ATTR_VENDOR_ID={0x8}]}, 0x68}, 0x1, 0x0, 0x0, 0x800}, 0x881) mprotect$auto(0x3e, 0x4, 0x1) sendfile$auto(r1, r4, &(0x7f0000000840)=0x200, 0x2) unlinkat$auto(r2, &(0x7f0000000880)='./file0\x00', 0x7) r9 = openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f00000008c0), 0x101001, 0x0) close_range$auto(r9, r2, 0xff) sendmsg$auto_NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f00000009c0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x38, 0x0, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xffff}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x2000000}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0xfffffffffffffffc}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x6e7}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x1) socket(0x34, 0x80000, 0xf37) ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r7, 0x40045506, &(0x7f0000000a00)=0x6) clock_adjtime$auto(0x0, &(0x7f0000000a40)={0x1, 0x0, 0x5c, 0x7, 0x4, 0xfffffffffffffff8, 0x6, 0x0, 0xa, 0xe70, 0x4, {0x2, 0x1}, 0x0, 0x7, 0x2, 0x40, 0x0, 0x4, 0x7, 0x0, 0x6, 0x2, 0x1b}) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000c40)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x3c, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_COLOR_CHANGE_ELEMS={0x10, 0x131, 0x0, 0x1, [@NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x6}]}, @NL80211_ATTR_STA_VLAN={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xfa9}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x404c041}, 0x1) 534.870577ms ago: executing program 6 (id=3926): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0xa) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x6, 0x0) clone$auto(0x20003b42, 0x8400, 0x0, 0x0, 0xfffffffffffffff9) epoll_create$auto(0x800004) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x9, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 308.301946ms ago: executing program 7 (id=3927): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/flags\x00', 0x101142, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) memfd_secret$auto(0x0) pipe2$auto(0x0, 0x80) sendfile$auto(0x6, 0x3, 0x0, 0xc01) 154.132604ms ago: executing program 2 (id=3928): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) lstat$auto(&(0x7f0000000080)='./bus\x00', &(0x7f0000000280)={0xe, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0xee00, 0x0, 0x9, 0x8, 0x0, 0x5, 0x8000000000000001, 0xffffffffffffffff, 0x9c, 0x401, 0x1000, 0x7ff}) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000340)={{0xe, 0xee00, 0xee01, 0xf6, 0xb9, 0x3775d90f, 0x9be5}, &(0x7f00000000c0)=0x1, &(0x7f0000000140), 0x85, 0x1, 0x8, 0x0, 0x4, 0x5, 0x6, 0x6, @raw=0x101, @inferred=0xffffffffffffffff}) keyctl$auto(0xfffffffa, 0x0, r3, r4, 0x6) gettimeofday$auto(&(0x7f00000001c0)={0x100000000, 0x8}, &(0x7f00000003c0)={0x65}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) read$auto(0x3, 0x0, 0xf34) r5 = socket(0x2, 0x3, 0x1) getsockopt$auto_SO_DEBUG(r5, 0xff, 0x1, 0x0, 0x0) r6 = fanotify_init$auto(0x5, 0x2000000000002) fanotify_mark$auto(r6, 0x451, 0x800000a, r2, 0x0) r7 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r7, 0xc0145401, &(0x7f0000000080)={0x3, 0x1, 0x0, 0xffffff71, 0x9}) ioctl$auto_HPET_IE_ON(r6, 0x6801, 0x0) ioctl$auto(r0, 0x89f0, 0x24) 131.521189ms ago: executing program 6 (id=3929): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_nsim_dev_hwstats_l3_disable_fops_hwstats(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/netdevsim/netdevsim2/hwstats/l3/fail_next_enable\x00', 0x841, 0x0) ioperm$auto(0x9, 0x1000001, 0x7) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0xc040810) r1 = fcntl$auto_F_SETOWN(r0, 0x8, 0xffffffffffffffff) write$auto(r1, 0x0, 0x3) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) getsockopt$auto_SO_PEERNAME(0xffffffffffffffff, 0x20003fb, 0x1c, 0x0, 0x0) setfsuid$auto(0x0) bpf$auto(0x0, &(0x7f0000000040)=@link_detach={r0}, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/orangefs/getattr_timeout_msecs\x00', 0x0, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r2, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) 113.386562ms ago: executing program 4 (id=3930): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) fallocate$auto(0x3, 0x0, 0xe, 0x8ec5) mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) read$auto(0x3, 0x0, 0x8080) clone$auto(0xffffffff00000000, 0x12, 0x0, 0x0, 0xfffffffffffffffd) mlock$auto(0xfbe8, 0x4) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/flags\x00', 0x101142, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) memfd_secret$auto(0x0) r2 = socket(0x10, 0x2, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000) pipe2$auto(0x0, 0x80) sendfile$auto(r0, r1, 0x0, 0xc04) 0s ago: executing program 7 (id=3931): close_range$auto(0x2, 0x8000, 0x0) socket(0x1, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae9a, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x14, 0x0, 0x4) r3 = openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/msft_opcode\x00', 0x0, 0x0) read$auto(r3, &(0x7f0000006740)='^%-[)>\'\xdf\x00', 0xffff) kernel console output (not intermixed with test programs): 015] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 927.298157][T18015] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 927.298197][T18015] [ 927.869547][T18009] kernel write not supported for file /675/oom_adj (pid: 18009 comm: syz.6.2832) [ 928.262577][T18026] kernel write not supported for file /675/oom_adj (pid: 18026 comm: syz.6.2837) [ 928.518932][T18030] kernel write not supported for file /675/oom_adj (pid: 18030 comm: syz.6.2839) [ 928.820009][T18038] ptrace attach of "./syz-executor exec"[16761] was attempted by "./syz-executor exec"[18038] [ 928.820395][T18041] kernel write not supported for file /675/oom_adj (pid: 18041 comm: syz.6.2841) [ 929.484371][T18045] kernel write not supported for file /675/oom_adj (pid: 18045 comm: syz.6.2844) [ 929.703199][T18053] kernel write not supported for file /675/oom_adj (pid: 18053 comm: syz.6.2846) [ 929.914432][T18057] kernel write not supported for file /675/oom_adj (pid: 18057 comm: syz.6.2848) [ 932.762977][ T29] audit: type=1800 audit(4294967297.602:6): pid=18110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2856" name=08 dev="tmpfs" ino=505 res=0 errno=0 [ 933.108359][T18060] kernel write not supported for file /675/oom_adj (pid: 18060 comm: syz.6.2849) [ 933.660644][T18116] kernel write not supported for file /675/oom_adj (pid: 18116 comm: syz.6.2863) [ 934.717421][T18133] ptrace attach of "./syz-executor exec"[16761] was attempted by "./syz-executor exec"[18133] [ 935.837745][T18130] kernel write not supported for file /675/oom_adj (pid: 18130 comm: syz.6.2865) [ 935.970091][T18147] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 936.256671][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 936.263296][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 936.658199][T18148] kernel write not supported for file /675/oom_adj (pid: 18148 comm: syz.6.2870) [ 937.084941][T18166] kernel write not supported for file /675/oom_adj (pid: 18166 comm: syz.6.2873) [ 937.826786][T18179] kernel write not supported for file /675/oom_adj (pid: 18179 comm: syz.6.2875) [ 938.232069][T18195] kernel write not supported for file /675/oom_adj (pid: 18195 comm: syz.6.2880) [ 938.359446][T18191] ptrace attach of "./syz-executor exec"[11769] was attempted by "./syz-executor exec"[18191] [ 941.773426][T18244] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 942.057072][T18215] kernel write not supported for file /675/oom_adj (pid: 18215 comm: syz.6.2882) [ 942.379620][T18255] FAULT_INJECTION: forcing a failure. [ 942.379620][T18255] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 942.394104][T18255] CPU: 0 UID: 0 PID: 18255 Comm: syz.6.2896 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 942.394135][T18255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 942.394148][T18255] Call Trace: [ 942.394155][T18255] [ 942.394164][T18255] dump_stack_lvl+0x16c/0x1f0 [ 942.394204][T18255] should_fail_ex+0x50a/0x650 [ 942.394237][T18255] _copy_to_user+0x32/0xd0 [ 942.394272][T18255] simple_read_from_buffer+0xd0/0x160 [ 942.394311][T18255] oom_score_adj_read+0x1c3/0x2b0 [ 942.394346][T18255] ? __pfx_oom_score_adj_read+0x10/0x10 [ 942.394382][T18255] ? rw_verify_area+0xcf/0x680 [ 942.394418][T18255] ? __pfx_oom_score_adj_read+0x10/0x10 [ 942.394451][T18255] vfs_readv+0x6c2/0x8a0 [ 942.394485][T18255] ? fdget_pos+0x267/0x390 [ 942.394517][T18255] ? __pfx_vfs_readv+0x10/0x10 [ 942.394551][T18255] ? __mutex_lock+0x1cc/0xb10 [ 942.394588][T18255] ? find_held_lock+0x2d/0x110 [ 942.394629][T18255] ? __pfx___mutex_lock+0x10/0x10 [ 942.394664][T18255] ? trace_lock_acquire+0x14e/0x1f0 [ 942.394696][T18255] ? __fget_files+0x206/0x3a0 [ 942.394728][T18255] ? do_readv+0x133/0x340 [ 942.394774][T18255] do_readv+0x133/0x340 [ 942.394831][T18255] ? __pfx_do_readv+0x10/0x10 [ 942.394886][T18255] do_syscall_64+0xcd/0x250 [ 942.394909][T18255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.394944][T18255] RIP: 0033:0x7fef8358cde9 [ 942.394962][T18255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 942.394985][T18255] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 942.395006][T18255] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 942.395021][T18255] RDX: 0000000000000002 RSI: 0000200000000a80 RDI: 0000000000000003 [ 942.395035][T18255] RBP: 00007fef8442a090 R08: 0000000000000000 R09: 0000000000000000 [ 942.395049][T18255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 942.395062][T18255] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 942.395089][T18255] [ 942.907842][T18255] kernel write not supported for file /675/oom_adj (pid: 18255 comm: syz.6.2896) [ 943.427176][T18263] FAULT_INJECTION: forcing a failure. [ 943.427176][T18263] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 943.503238][T18263] CPU: 0 UID: 0 PID: 18263 Comm: syz.6.2898 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 943.503283][T18263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 943.503303][T18263] Call Trace: [ 943.503314][T18263] [ 943.503323][T18263] dump_stack_lvl+0x16c/0x1f0 [ 943.503365][T18263] should_fail_ex+0x50a/0x650 [ 943.503393][T18263] ? __pfx___might_resched+0x10/0x10 [ 943.503428][T18263] should_fail_alloc_page+0xe7/0x130 [ 943.503461][T18263] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 943.503506][T18263] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 943.503551][T18263] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 943.503593][T18263] ? __pfx_try_to_migrate_one+0x10/0x10 [ 943.503619][T18263] ? find_held_lock+0x2d/0x110 [ 943.503659][T18263] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 943.503692][T18263] ? policy_nodemask+0xea/0x4e0 [ 943.503731][T18263] alloc_pages_mpol+0x1fc/0x540 [ 943.503762][T18263] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 943.503792][T18263] ? rmap_walk_file+0x57e/0x690 [ 943.503821][T18263] folio_alloc_mpol_noprof+0x36/0x2f0 [ 943.503857][T18263] alloc_migration_target_by_mpol+0x247/0x490 [ 943.503895][T18263] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 943.503931][T18263] ? __pfx_folio_lock_anon_vma_read+0x10/0x10 [ 943.503961][T18263] ? __pfx___might_resched+0x10/0x10 [ 943.503996][T18263] migrate_pages_batch+0x3c0/0x3150 [ 943.504035][T18263] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 943.504081][T18263] ? __pfx_migrate_pages_batch+0x10/0x10 [ 943.504118][T18263] ? lock_acquire+0x2f/0xb0 [ 943.504145][T18263] ? psi_task_change+0x1a2/0x2d0 [ 943.504172][T18263] migrate_pages_sync+0x109/0x8f0 [ 943.504207][T18263] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 943.504246][T18263] ? try_to_wake_up+0x949/0x1490 [ 943.504274][T18263] ? __pfx_lock_release+0x10/0x10 [ 943.504302][T18263] ? __pfx_migrate_pages_sync+0x10/0x10 [ 943.504354][T18263] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 943.504387][T18263] ? lockdep_hardirqs_on+0x7c/0x110 [ 943.504424][T18263] migrate_pages+0x1acf/0x2290 [ 943.504459][T18263] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 943.504501][T18263] ? wake_up_q+0x9e/0x140 [ 943.504526][T18263] ? __pfx_migrate_pages+0x10/0x10 [ 943.504558][T18263] ? rwsem_wake.isra.0+0xc6/0x120 [ 943.504589][T18263] ? __pfx_rwsem_wake.isra.0+0x10/0x10 [ 943.504627][T18263] ? up_write+0x1b2/0x520 [ 943.504659][T18263] do_mbind+0x6cb/0xec0 [ 943.504698][T18263] ? __pfx_do_mbind+0x10/0x10 [ 943.504738][T18263] ? __pfx_do_recvmmsg+0x10/0x10 [ 943.504774][T18263] ? __pfx_get_nodes+0x10/0x10 [ 943.504808][T18263] kernel_mbind+0x1e8/0x200 [ 943.504843][T18263] ? __pfx_kernel_mbind+0x10/0x10 [ 943.504884][T18263] do_syscall_64+0xcd/0x250 [ 943.504906][T18263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.504938][T18263] RIP: 0033:0x7fef8358cde9 [ 943.504956][T18263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 943.504978][T18263] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 943.504999][T18263] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 943.505014][T18263] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 943.505028][T18263] RBP: 00007fef8360e2a0 R08: 0000000000000006 R09: 0000000000000002 [ 943.505042][T18263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 943.505055][T18263] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 943.505081][T18263] [ 944.578719][T18262] kernel write not supported for file /675/oom_adj (pid: 18262 comm: syz.6.2898) [ 945.369161][T18296] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 945.376253][T18296] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 945.417048][T18296] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 945.452345][T18296] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 945.865306][T18296] Process accounting paused [ 947.395745][ T54] Bluetooth: hci5: command 0x0c1a tx timeout [ 947.401927][ T54] Bluetooth: hci0: command 0x0c1a tx timeout [ 947.474981][ T54] Bluetooth: hci2: command 0x0c1a tx timeout [ 947.475010][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 947.817757][T18348] bridge0: port 3(ipvlan1) entered blocking state [ 947.839519][T18348] bridge0: port 3(ipvlan1) entered disabled state [ 947.859589][T18348] ipvlan1: entered allmulticast mode [ 947.878800][T18348] veth0_vlan: entered allmulticast mode [ 947.914330][T18348] ipvlan1: left allmulticast mode [ 947.931819][T18348] veth0_vlan: left allmulticast mode [ 948.281253][T18355] ptrace attach of "./syz-executor exec"[17019] was attempted by "./syz-executor exec"[18355] [ 948.352865][ T5837] Bluetooth: hci1: unexpected subevent 0x0a length: 124 > 30 [ 949.605592][T18387] cgroup: fork rejected by pids controller in /syz4 [ 949.816608][T18413] netlink: 168 bytes leftover after parsing attributes in process `syz.7.2930'. [ 950.495881][T18475] ptrace attach of "./syz-executor exec"[16761] was attempted by "./syz-executor exec"[18475] [ 957.606557][T18554] openvswitch: netlink: Message has 1 unknown bytes. [ 957.622591][T18554] openvswitch: netlink: Message has 1 unknown bytes. [ 957.647166][T18554] openvswitch: netlink: Message has 1 unknown bytes. [ 957.657234][T18554] openvswitch: netlink: Message has 1 unknown bytes. [ 957.664253][T18554] openvswitch: netlink: Message has 1 unknown bytes. [ 958.530909][T18568] netlink: 326 bytes leftover after parsing attributes in process `syz.7.2959'. [ 961.055664][T18589] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 961.106620][T18589] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 961.190198][T18589] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 961.230872][T18589] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 963.086460][ T54] Bluetooth: hci0: command 0x0c1a tx timeout [ 963.161080][ T54] Bluetooth: hci5: command 0x0c1a tx timeout [ 963.243991][ T54] Bluetooth: hci2: command 0x0c1a tx timeout [ 963.244004][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 963.626317][T18626] FAULT_INJECTION: forcing a failure. [ 963.626317][T18626] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 963.662174][T18626] CPU: 1 UID: 0 PID: 18626 Comm: syz.6.2975 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 963.662217][T18626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 963.662237][T18626] Call Trace: [ 963.662246][T18626] [ 963.662259][T18626] dump_stack_lvl+0x16c/0x1f0 [ 963.662316][T18626] should_fail_ex+0x50a/0x650 [ 963.662359][T18626] _copy_to_user+0x32/0xd0 [ 963.662406][T18626] simple_read_from_buffer+0xd0/0x160 [ 963.662460][T18626] proc_fail_nth_read+0x198/0x270 [ 963.662508][T18626] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 963.662555][T18626] ? rw_verify_area+0xcf/0x680 [ 963.662603][T18626] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 963.662648][T18626] vfs_read+0x1df/0xbf0 [ 963.662679][T18626] ? __fget_files+0x1fc/0x3a0 [ 963.662712][T18626] ? __pfx___mutex_lock+0x10/0x10 [ 963.662762][T18626] ? __pfx_vfs_read+0x10/0x10 [ 963.662830][T18626] ? __fget_files+0x206/0x3a0 [ 963.662873][T18626] ksys_read+0x12b/0x250 [ 963.662902][T18626] ? __pfx_ksys_read+0x10/0x10 [ 963.662945][T18626] do_syscall_64+0xcd/0x250 [ 963.662977][T18626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 963.663020][T18626] RIP: 0033:0x7fef8358b7fc [ 963.663044][T18626] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 963.663073][T18626] RSP: 002b:00007fef8442a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 963.663100][T18626] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358b7fc [ 963.663120][T18626] RDX: 000000000000000f RSI: 00007fef8442a0a0 RDI: 0000000000000004 [ 963.663137][T18626] RBP: 00007fef8442a090 R08: 0000000000000000 R09: 0000000000000000 [ 963.663153][T18626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 963.663170][T18626] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 963.663206][T18626] [ 964.156094][T18629] i2c i2c-0: delete_device: Can't parse I2C address [ 964.780300][T18643] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 970.631124][T18763] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 974.416244][T18834] Invalid ELF header magic: != ELF [ 975.290683][T18873] MTRR 1 not used [ 975.946160][T18811] Process accounting resumed [ 975.950975][T18811] kernel write not supported for file /675/oom_adj (pid: 18811 comm: syz.6.3029) [ 976.756754][T18898] kernel write not supported for file /675/oom_adj (pid: 18898 comm: syz.6.3057) [ 976.924796][T18910] kernel write not supported for file /675/oom_adj (pid: 18910 comm: syz.6.3060) [ 977.421274][T18920] kernel write not supported for file /675/oom_adj (pid: 18920 comm: syz.6.3061) [ 977.744397][T18939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3065'. [ 977.753886][T18935] kernel write not supported for file /675/oom_adj (pid: 18935 comm: syz.6.3064) [ 978.228806][T18945] kernel write not supported for file /675/oom_adj (pid: 18945 comm: syz.6.3067) [ 978.667588][T18954] kernel write not supported for file /675/oom_adj (pid: 18954 comm: syz.6.3072) [ 978.932558][T18964] kernel write not supported for file /675/oom_adj (pid: 18964 comm: syz.6.3075) [ 979.215919][T18977] kernel write not supported for file /675/oom_adj (pid: 18977 comm: syz.6.3078) [ 979.500264][T18986] kernel write not supported for file /675/oom_adj (pid: 18986 comm: syz.6.3082) [ 979.534542][T18989] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3083'. [ 980.490787][T19018] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 980.937255][T19010] ptrace attach of "./syz-executor exec"[16761] was attempted by "./syz-executor exec"[19010] [ 981.612351][T19030] warn_unsupported: 2 callbacks suppressed [ 981.612376][T19030] kernel write not supported for file /675/oom_adj (pid: 19030 comm: syz.6.3094) [ 981.988803][T19042] kernel write not supported for file /675/oom_adj (pid: 19042 comm: syz.6.3100) [ 982.327737][T19047] ptrace attach of "./syz-executor exec"[16761] was attempted by "./syz-executor exec"[19047] [ 982.731225][T19062] zram: Added device: zram15 [ 983.670952][T19046] kernel write not supported for file /675/oom_adj (pid: 19046 comm: syz.6.3102) [ 983.873210][T19080] FAULT_INJECTION: forcing a failure. [ 983.873210][T19080] name fail_futex, interval 1, probability 0, space 0, times 0 [ 983.907806][T19080] CPU: 1 UID: 0 PID: 19080 Comm: syz.6.3111 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 983.907851][T19080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 983.907882][T19080] Call Trace: [ 983.907899][T19080] [ 983.907924][T19080] dump_stack_lvl+0x16c/0x1f0 [ 983.907988][T19080] should_fail_ex+0x50a/0x650 [ 983.908025][T19080] ? __pfx_stack_trace_save+0x10/0x10 [ 983.908057][T19080] get_futex_key+0x4a3/0x1000 [ 983.908111][T19080] ? __pfx_get_futex_key+0x10/0x10 [ 983.908157][T19080] ? kasan_save_track+0x14/0x30 [ 983.908191][T19080] ? hlock_class+0x4e/0x130 [ 983.908237][T19080] ? mark_lock+0xb5/0xc60 [ 983.908268][T19080] ? __sys_socketpair+0x34f/0x5a0 [ 983.908310][T19080] ? __x64_sys_socketpair+0x96/0x100 [ 983.908352][T19080] ? do_syscall_64+0xcd/0x250 [ 983.908378][T19080] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.908426][T19080] futex_wait_setup+0x78/0x290 [ 983.908472][T19080] __futex_wait+0x267/0x3c0 [ 983.908511][T19080] ? __pfx___futex_wait+0x10/0x10 [ 983.908557][T19080] ? __pfx_futex_wake_mark+0x10/0x10 [ 983.908608][T19080] futex_wait+0xe9/0x380 [ 983.908644][T19080] ? __pfx_futex_wait+0x10/0x10 [ 983.908692][T19080] ? fd_install+0x223/0x750 [ 983.908723][T19080] ? __pfx_lock_release+0x10/0x10 [ 983.908762][T19080] do_futex+0x22b/0x350 [ 983.908793][T19080] ? __pfx_do_futex+0x10/0x10 [ 983.908825][T19080] ? fd_install+0x242/0x750 [ 983.908859][T19080] __x64_sys_futex+0x1e1/0x4c0 [ 983.908903][T19080] ? __pfx___x64_sys_futex+0x10/0x10 [ 983.908936][T19080] ? rcu_is_watching+0x12/0xc0 [ 983.908992][T19080] do_syscall_64+0xcd/0x250 [ 983.909022][T19080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.909064][T19080] RIP: 0033:0x7fef8358cde9 [ 983.909092][T19080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 983.909123][T19080] RSP: 002b:00007fef8442a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 983.909151][T19080] RAX: ffffffffffffffda RBX: 00007fef837a5fa8 RCX: 00007fef8358cde9 [ 983.909171][T19080] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fef837a5fa8 [ 983.909191][T19080] RBP: 00007fef837a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 983.909209][T19080] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef837a5fac [ 983.909227][T19080] R13: 0000000000000000 R14: 00007ffc421ee7e0 R15: 00007ffc421ee8c8 [ 983.909264][T19080] [ 984.208012][T19080] kernel write not supported for file /675/oom_adj (pid: 19080 comm: syz.6.3111) [ 984.466997][T19083] netlink: 'syz.7.3114': attribute type 1 has an invalid length. [ 985.239425][T19098] kernel write not supported for file /675/oom_adj (pid: 19098 comm: syz.6.3113) [ 986.238246][T19134] FAULT_INJECTION: forcing a failure. [ 986.238246][T19134] name failslab, interval 1, probability 0, space 0, times 0 [ 986.259945][T19134] CPU: 1 UID: 0 PID: 19134 Comm: syz.7.3121 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 986.259986][T19134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 986.260005][T19134] Call Trace: [ 986.260015][T19134] [ 986.260027][T19134] dump_stack_lvl+0x16c/0x1f0 [ 986.260090][T19134] should_fail_ex+0x50a/0x650 [ 986.260125][T19134] ? fs_reclaim_acquire+0xae/0x150 [ 986.260176][T19134] should_failslab+0xc2/0x120 [ 986.260214][T19134] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 986.260248][T19134] ? rcu_is_watching+0x12/0xc0 [ 986.260294][T19134] ? seq_open+0x55/0x170 [ 986.260338][T19134] seq_open+0x55/0x170 [ 986.260378][T19134] __seq_open_private+0x3e/0xd0 [ 986.260440][T19134] seq_open_net+0x30a/0x4e0 [ 986.260479][T19134] ? __pfx_seq_open_net+0x10/0x10 [ 986.260514][T19134] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 986.260562][T19134] ? kmem_cache_alloc_noprof+0x21b/0x3b0 [ 986.260597][T19134] ? __pfx_apparmor_file_open+0x10/0x10 [ 986.260631][T19134] ? proc_reg_open+0x21d/0x610 [ 986.260682][T19134] ? __pfx_seq_open_net+0x10/0x10 [ 986.260721][T19134] proc_reg_open+0x286/0x610 [ 986.260754][T19134] do_dentry_open+0x735/0x1c40 [ 986.260785][T19134] ? __pfx_proc_reg_open+0x10/0x10 [ 986.260817][T19134] ? inode_permission+0xdd/0x5f0 [ 986.260862][T19134] vfs_open+0x82/0x3f0 [ 986.260898][T19134] ? may_open+0x1f2/0x400 [ 986.260943][T19134] path_openat+0x1e88/0x2d80 [ 986.260986][T19134] ? __pfx_path_openat+0x10/0x10 [ 986.261018][T19134] ? __pfx___lock_acquire+0x10/0x10 [ 986.261052][T19134] ? lock_acquire.part.0+0x11b/0x380 [ 986.261088][T19134] ? find_held_lock+0x2d/0x110 [ 986.261141][T19134] do_filp_open+0x20c/0x470 [ 986.261175][T19134] ? __pfx_do_filp_open+0x10/0x10 [ 986.261207][T19134] ? find_held_lock+0x2d/0x110 [ 986.261285][T19134] ? __pfx_kfree_link+0x10/0x10 [ 986.261341][T19134] ? alloc_fd+0x41f/0x760 [ 986.261384][T19134] do_sys_openat2+0x17a/0x1e0 [ 986.261427][T19134] ? __pfx_do_sys_openat2+0x10/0x10 [ 986.261487][T19134] __x64_sys_openat+0x175/0x210 [ 986.261531][T19134] ? __pfx___x64_sys_openat+0x10/0x10 [ 986.261602][T19134] do_syscall_64+0xcd/0x250 [ 986.261631][T19134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.261678][T19134] RIP: 0033:0x7f6f8c78cde9 [ 986.261701][T19134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.261732][T19134] RSP: 002b:00007f6f8d654038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 986.261760][T19134] RAX: ffffffffffffffda RBX: 00007f6f8c9a6080 RCX: 00007f6f8c78cde9 [ 986.261780][T19134] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 986.261799][T19134] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 986.261817][T19134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 986.261834][T19134] R13: 0000000000000000 R14: 00007f6f8c9a6080 R15: 00007ffc6d8d1b68 [ 986.261869][T19134] [ 987.856790][T19115] kernel write not supported for file /675/oom_adj (pid: 19115 comm: syz.6.3118) [ 988.674461][T19159] kernel write not supported for file /675/oom_adj (pid: 19159 comm: syz.6.3129) [ 988.993687][T19167] kernel write not supported for file /675/oom_adj (pid: 19167 comm: syz.6.3133) [ 989.269725][T19176] kernel write not supported for file /675/oom_adj (pid: 19176 comm: syz.6.3136) [ 989.709737][T19182] kernel write not supported for file /675/oom_adj (pid: 19182 comm: syz.6.3137) [ 990.036234][T19189] kernel write not supported for file /675/oom_adj (pid: 19189 comm: syz.6.3139) [ 991.124614][T19199] kernel write not supported for file /675/oom_adj (pid: 19199 comm: syz.6.3142) [ 991.358250][T19219] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3146'. [ 991.404399][T19217] kernel write not supported for file /675/oom_adj (pid: 19217 comm: syz.6.3145) [ 991.819025][T19220] kernel write not supported for file /675/oom_adj (pid: 19220 comm: syz.6.3148) [ 991.879832][T19231] FAULT_INJECTION: forcing a failure. [ 991.879832][T19231] name failslab, interval 1, probability 0, space 0, times 0 [ 991.893730][T19231] CPU: 1 UID: 0 PID: 19231 Comm: syz.7.3152 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 991.893769][T19231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 991.893787][T19231] Call Trace: [ 991.893796][T19231] [ 991.893808][T19231] dump_stack_lvl+0x16c/0x1f0 [ 991.893863][T19231] should_fail_ex+0x50a/0x650 [ 991.893903][T19231] ? fs_reclaim_acquire+0xae/0x150 [ 991.893958][T19231] should_failslab+0xc2/0x120 [ 991.893998][T19231] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 991.894037][T19231] ? dup_fd+0x50/0xca0 [ 991.894073][T19231] dup_fd+0x50/0xca0 [ 991.894104][T19231] ? lock_acquire+0x2f/0xb0 [ 991.894139][T19231] ? __fget_files+0x40/0x3a0 [ 991.894188][T19231] __do_sys_close_range+0x4b7/0x700 [ 991.894224][T19231] ? xfd_validate_state+0x5d/0x180 [ 991.894283][T19231] ? __pfx___do_sys_close_range+0x10/0x10 [ 991.894333][T19231] do_syscall_64+0xcd/0x250 [ 991.894367][T19231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.894414][T19231] RIP: 0033:0x7f6f8c78cde9 [ 991.894439][T19231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 991.894473][T19231] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 991.894503][T19231] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 991.894526][T19231] RDX: 0004000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 991.894548][T19231] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 991.894567][T19231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 991.894585][T19231] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 991.894624][T19231] [ 992.070254][ C1] vkms_vblank_simulate: vblank timer overrun [ 992.159700][T19233] FAULT_INJECTION: forcing a failure. [ 992.159700][T19233] name failslab, interval 1, probability 0, space 0, times 0 [ 992.200180][T19233] CPU: 0 UID: 0 PID: 19233 Comm: syz.6.3153 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 992.200226][T19233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 992.200242][T19233] Call Trace: [ 992.200251][T19233] [ 992.200261][T19233] dump_stack_lvl+0x16c/0x1f0 [ 992.200309][T19233] should_fail_ex+0x50a/0x650 [ 992.200342][T19233] ? fs_reclaim_acquire+0xae/0x150 [ 992.200389][T19233] should_failslab+0xc2/0x120 [ 992.200424][T19233] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 992.200458][T19233] ? getname_flags.part.0+0x4c/0x550 [ 992.200502][T19233] getname_flags.part.0+0x4c/0x550 [ 992.200563][T19233] getname+0x8d/0xe0 [ 992.200591][T19233] do_sys_openat2+0x104/0x1e0 [ 992.200631][T19233] ? __pfx_do_sys_openat2+0x10/0x10 [ 992.200685][T19233] __x64_sys_openat+0x175/0x210 [ 992.200726][T19233] ? __pfx___x64_sys_openat+0x10/0x10 [ 992.200781][T19233] do_syscall_64+0xcd/0x250 [ 992.200812][T19233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 992.200853][T19233] RIP: 0033:0x7fef8358b750 [ 992.200876][T19233] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 992.200903][T19233] RSP: 002b:00007fef84429fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 992.200929][T19233] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fef8358b750 [ 992.200947][T19233] RDX: 0000000000000002 RSI: 00007fef8360e585 RDI: 00000000ffffff9c [ 992.200964][T19233] RBP: 00007fef8360e585 R08: 0000000000000000 R09: 00007fef8442b000 [ 992.200982][T19233] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 992.200998][T19233] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 992.201031][T19233] [ 992.423365][T19235] Invalid ELF header magic: != ELF [ 992.579734][T19233] kernel write not supported for file /675/oom_adj (pid: 19233 comm: syz.6.3153) [ 992.986299][T19245] kernel write not supported for file /675/oom_adj (pid: 19245 comm: syz.6.3157) [ 993.361931][T19253] FAULT_INJECTION: forcing a failure. [ 993.361931][T19253] name failslab, interval 1, probability 0, space 0, times 0 [ 993.452151][T19253] CPU: 1 UID: 0 PID: 19253 Comm: syz.6.3159 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 993.452197][T19253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 993.452216][T19253] Call Trace: [ 993.452227][T19253] [ 993.452240][T19253] dump_stack_lvl+0x16c/0x1f0 [ 993.452299][T19253] should_fail_ex+0x50a/0x650 [ 993.452339][T19253] ? fs_reclaim_acquire+0xae/0x150 [ 993.452397][T19253] should_failslab+0xc2/0x120 [ 993.452440][T19253] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 993.452480][T19253] ? rcu_is_watching+0x12/0xc0 [ 993.452530][T19253] ? security_file_alloc+0x34/0x2b0 [ 993.452574][T19253] security_file_alloc+0x34/0x2b0 [ 993.452614][T19253] init_file+0x93/0x480 [ 993.452658][T19253] alloc_empty_file+0x91/0x1e0 [ 993.452705][T19253] alloc_file_pseudo+0x131/0x1e0 [ 993.452777][T19253] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 993.452822][T19253] ? bpf_lsm_socket_post_create+0x9/0x10 [ 993.452871][T19253] sock_alloc_file+0x50/0x1d0 [ 993.452912][T19253] __sys_socketpair+0x31d/0x5a0 [ 993.452967][T19253] ? __pfx___sys_socketpair+0x10/0x10 [ 993.453016][T19253] ? xfd_validate_state+0x5d/0x180 [ 993.453061][T19253] ? rcu_is_watching+0x12/0xc0 [ 993.453118][T19253] __x64_sys_socketpair+0x96/0x100 [ 993.453166][T19253] ? lockdep_hardirqs_on+0x7c/0x110 [ 993.453213][T19253] do_syscall_64+0xcd/0x250 [ 993.453246][T19253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 993.453294][T19253] RIP: 0033:0x7fef8358cde9 [ 993.453333][T19253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 993.453364][T19253] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 993.453394][T19253] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 993.453427][T19253] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 993.453446][T19253] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 993.453464][T19253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 993.453482][T19253] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 993.453518][T19253] [ 993.674122][ C1] vkms_vblank_simulate: vblank timer overrun [ 993.709745][T19253] kernel write not supported for file /675/oom_adj (pid: 19253 comm: syz.6.3159) [ 996.756452][T19261] kernel write not supported for file /675/oom_adj (pid: 19261 comm: syz.6.3160) [ 997.039082][T19260] kernel write not supported for file /675/oom_adj (pid: 19260 comm: syz.6.3160) [ 997.394494][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 997.394584][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 997.746348][T19320] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3180'. [ 998.769311][T19337] kernel write not supported for file /675/oom_adj (pid: 19337 comm: syz.6.3176) [ 998.956421][T19364] kernel write not supported for file /675/oom_adj (pid: 19364 comm: syz.6.3192) [ 999.250074][T19371] kernel write not supported for file /675/oom_adj (pid: 19371 comm: syz.6.3194) [ 999.576683][T19386] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1001.078605][T19382] kernel write not supported for file /675/oom_adj (pid: 19382 comm: syz.6.3198) [ 1001.367818][T19435] netlink: 1204 bytes leftover after parsing attributes in process `syz.6.3208'. [ 1001.655377][T19435] kernel write not supported for file /675/oom_adj (pid: 19435 comm: syz.6.3208) [ 1002.006482][T19454] kernel write not supported for file /675/oom_adj (pid: 19454 comm: syz.6.3214) [ 1002.295741][T19463] kernel write not supported for file /675/oom_adj (pid: 19463 comm: syz.6.3215) [ 1002.995950][T19473] kernel write not supported for file /675/oom_adj (pid: 19473 comm: syz.6.3217) [ 1003.327812][T19468] Invalid ELF header magic: != ELF [ 1003.389909][T19492] kernel write not supported for file /675/oom_adj (pid: 19492 comm: syz.6.3219) [ 1005.695521][T19531] FAULT_INJECTION: forcing a failure. [ 1005.695521][T19531] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1005.711089][T19531] CPU: 1 UID: 0 PID: 19531 Comm: syz.7.3229 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1005.711125][T19531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1005.711143][T19531] Call Trace: [ 1005.711151][T19531] [ 1005.711163][T19531] dump_stack_lvl+0x16c/0x1f0 [ 1005.711213][T19531] should_fail_ex+0x50a/0x650 [ 1005.711254][T19531] _copy_from_user+0x2e/0xd0 [ 1005.711297][T19531] kstrtoull_from_user+0xc4/0x1a0 [ 1005.711329][T19531] ? __pfx_kstrtoull_from_user+0x10/0x10 [ 1005.711403][T19531] tracing_entries_write+0xd0/0x220 [ 1005.711438][T19531] ? __pfx_tracing_entries_write+0x10/0x10 [ 1005.711484][T19531] ? __pfx_tracing_entries_write+0x10/0x10 [ 1005.711518][T19531] vfs_write+0x24c/0x1150 [ 1005.711551][T19531] ? __fget_files+0x1fc/0x3a0 [ 1005.711601][T19531] ? __pfx___mutex_lock+0x10/0x10 [ 1005.711661][T19531] ? __pfx_vfs_write+0x10/0x10 [ 1005.711704][T19531] ? __fget_files+0x206/0x3a0 [ 1005.711749][T19531] ksys_write+0x12b/0x250 [ 1005.711780][T19531] ? __pfx_ksys_write+0x10/0x10 [ 1005.711823][T19531] do_syscall_64+0xcd/0x250 [ 1005.711874][T19531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.711919][T19531] RIP: 0033:0x7f6f8c78cde9 [ 1005.711944][T19531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.711973][T19531] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1005.712002][T19531] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1005.712022][T19531] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1005.712040][T19531] RBP: 00007f6f8d675090 R08: 0000000000000000 R09: 0000000000000000 [ 1005.712059][T19531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1005.712077][T19531] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1005.712116][T19531] [ 1006.793487][T19499] Process accounting paused [ 1007.805294][T19561] Invalid ELF header magic: != ELF [ 1008.971335][T19593] capability: warning: `syz.4.3245' uses deprecated v2 capabilities in a way that may be insecure [ 1008.976421][T19592] FAULT_INJECTION: forcing a failure. [ 1008.976421][T19592] name failslab, interval 1, probability 0, space 0, times 0 [ 1009.007282][T19594] FAULT_INJECTION: forcing a failure. [ 1009.007282][T19594] name failslab, interval 1, probability 0, space 0, times 0 [ 1009.035094][T19594] CPU: 0 UID: 0 PID: 19594 Comm: syz.6.3244 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1009.035138][T19594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1009.035158][T19594] Call Trace: [ 1009.035168][T19594] [ 1009.035180][T19594] dump_stack_lvl+0x16c/0x1f0 [ 1009.035235][T19594] should_fail_ex+0x50a/0x650 [ 1009.035274][T19594] ? fs_reclaim_acquire+0xae/0x150 [ 1009.035330][T19594] should_failslab+0xc2/0x120 [ 1009.035371][T19594] __kmalloc_noprof+0xce/0x4f0 [ 1009.035408][T19594] ? __seq_open_private+0x22/0xd0 [ 1009.035459][T19594] __seq_open_private+0x22/0xd0 [ 1009.035507][T19594] seq_open_net+0x30a/0x4e0 [ 1009.035555][T19594] ? __pfx_seq_open_net+0x10/0x10 [ 1009.035590][T19594] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 1009.035639][T19594] ? kmem_cache_alloc_noprof+0x21b/0x3b0 [ 1009.035675][T19594] ? __pfx_apparmor_file_open+0x10/0x10 [ 1009.035711][T19594] ? proc_reg_open+0x21d/0x610 [ 1009.035744][T19594] ? __pfx_seq_open_net+0x10/0x10 [ 1009.035783][T19594] proc_reg_open+0x286/0x610 [ 1009.035819][T19594] do_dentry_open+0x735/0x1c40 [ 1009.035854][T19594] ? __pfx_proc_reg_open+0x10/0x10 [ 1009.035889][T19594] ? inode_permission+0xdd/0x5f0 [ 1009.035938][T19594] vfs_open+0x82/0x3f0 [ 1009.035977][T19594] ? may_open+0x1f2/0x400 [ 1009.036025][T19594] path_openat+0x1e88/0x2d80 [ 1009.036073][T19594] ? __pfx_path_openat+0x10/0x10 [ 1009.036109][T19594] ? __pfx___lock_acquire+0x10/0x10 [ 1009.036147][T19594] ? lock_acquire.part.0+0x11b/0x380 [ 1009.036185][T19594] ? find_held_lock+0x2d/0x110 [ 1009.036237][T19594] do_filp_open+0x20c/0x470 [ 1009.036272][T19594] ? __pfx_do_filp_open+0x10/0x10 [ 1009.036305][T19594] ? find_held_lock+0x2d/0x110 [ 1009.036366][T19594] ? __pfx_kfree_link+0x10/0x10 [ 1009.036421][T19594] ? alloc_fd+0x41f/0x760 [ 1009.036461][T19594] do_sys_openat2+0x17a/0x1e0 [ 1009.036505][T19594] ? __pfx_do_sys_openat2+0x10/0x10 [ 1009.036572][T19594] __x64_sys_openat+0x175/0x210 [ 1009.036618][T19594] ? __pfx___x64_sys_openat+0x10/0x10 [ 1009.036677][T19594] do_syscall_64+0xcd/0x250 [ 1009.036711][T19594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1009.036755][T19594] RIP: 0033:0x7fef8358cde9 [ 1009.036780][T19594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1009.036811][T19594] RSP: 002b:00007fef84409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1009.036841][T19594] RAX: ffffffffffffffda RBX: 00007fef837a6080 RCX: 00007fef8358cde9 [ 1009.036861][T19594] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1009.036880][T19594] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1009.036898][T19594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1009.036916][T19594] R13: 0000000000000000 R14: 00007fef837a6080 R15: 00007ffc421ee8c8 [ 1009.036953][T19594] [ 1009.055599][T19592] CPU: 1 UID: 0 PID: 19592 Comm: syz.7.3246 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1009.055645][T19592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1009.055667][T19592] Call Trace: [ 1009.055677][T19592] [ 1009.055691][T19592] dump_stack_lvl+0x16c/0x1f0 [ 1009.055752][T19592] should_fail_ex+0x50a/0x650 [ 1009.055796][T19592] ? fs_reclaim_acquire+0xae/0x150 [ 1009.055858][T19592] should_failslab+0xc2/0x120 [ 1009.055903][T19592] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1009.055946][T19592] ? alloc_empty_file+0x73/0x1e0 [ 1009.055999][T19592] alloc_empty_file+0x73/0x1e0 [ 1009.056047][T19592] alloc_file_pseudo+0x131/0x1e0 [ 1009.056097][T19592] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1009.056143][T19592] ? bpf_lsm_socket_post_create+0x9/0x10 [ 1009.056191][T19592] sock_alloc_file+0x50/0x1d0 [ 1009.056233][T19592] __sys_socketpair+0x31d/0x5a0 [ 1009.056294][T19592] ? __pfx___sys_socketpair+0x10/0x10 [ 1009.056346][T19592] ? xfd_validate_state+0x5d/0x180 [ 1009.056394][T19592] ? rcu_is_watching+0x12/0xc0 [ 1009.056454][T19592] __x64_sys_socketpair+0x96/0x100 [ 1009.056504][T19592] ? lockdep_hardirqs_on+0x7c/0x110 [ 1009.056555][T19592] do_syscall_64+0xcd/0x250 [ 1009.056588][T19592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1009.056636][T19592] RIP: 0033:0x7f6f8c78cde9 [ 1009.056662][T19592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1009.056704][T19592] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1009.056735][T19592] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1009.056757][T19592] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1009.056778][T19592] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1009.056799][T19592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1009.056818][T19592] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1009.056860][T19592] [ 1009.152621][T19598] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3245'. [ 1010.585485][T19619] FAULT_INJECTION: forcing a failure. [ 1010.585485][T19619] name failslab, interval 1, probability 0, space 0, times 0 [ 1010.610880][T19619] CPU: 1 UID: 0 PID: 19619 Comm: syz.7.3253 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1010.610922][T19619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1010.610941][T19619] Call Trace: [ 1010.610949][T19619] [ 1010.610961][T19619] dump_stack_lvl+0x16c/0x1f0 [ 1010.611014][T19619] should_fail_ex+0x50a/0x650 [ 1010.611072][T19619] should_failslab+0xc2/0x120 [ 1010.611133][T19619] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 1010.611174][T19619] ? __alloc_skb+0x2b3/0x380 [ 1010.611220][T19619] __alloc_skb+0x2b3/0x380 [ 1010.611251][T19619] ? __pfx___alloc_skb+0x10/0x10 [ 1010.611279][T19619] ? sctp_assoc_rwnd_decrease+0x296/0x500 [ 1010.611327][T19619] ? sctp_ulpevent_receive_data+0x47a/0x700 [ 1010.611365][T19619] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1010.611412][T19619] _sctp_make_chunk+0x51/0x270 [ 1010.611475][T19619] sctp_make_control+0x2f/0x2d0 [ 1010.611526][T19619] sctp_make_sack+0x19a/0x510 [ 1010.611557][T19619] ? __pfx_sctp_make_sack+0x10/0x10 [ 1010.611597][T19619] ? sctp_sf_eat_data_6_2+0x56f/0xbb0 [ 1010.611644][T19619] sctp_do_sm+0x421b/0x5c90 [ 1010.611702][T19619] ? __pfx_sctp_do_sm+0x10/0x10 [ 1010.611750][T19619] ? hlock_class+0x4e/0x130 [ 1010.611832][T19619] ? mark_held_locks+0x9f/0xe0 [ 1010.611872][T19619] ? ktime_get+0x200/0x310 [ 1010.611903][T19619] ? lockdep_hardirqs_on+0x7c/0x110 [ 1010.611958][T19619] sctp_assoc_bh_rcv+0x392/0x6f0 [ 1010.612011][T19619] sctp_inq_push+0x1d8/0x270 [ 1010.612055][T19619] sctp_backlog_rcv+0x169/0x590 [ 1010.612107][T19619] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 1010.612157][T19619] __release_sock+0x35f/0x400 [ 1010.612192][T19619] ? release_sock+0x21/0x220 [ 1010.612231][T19619] release_sock+0x5a/0x220 [ 1010.612265][T19619] sctp_wait_for_connect+0x1c6/0x5c0 [ 1010.612308][T19619] ? __pfx_sctp_wait_for_connect+0x10/0x10 [ 1010.612345][T19619] ? skb_set_owner_w+0x320/0x710 [ 1010.612394][T19619] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1010.612433][T19619] ? sctp_datamsg_put+0x58/0x5f0 [ 1010.612492][T19619] ? sctp_primitive_SEND+0x9f/0xd0 [ 1010.612544][T19619] sctp_sendmsg_to_asoc+0x1765/0x1ad0 [ 1010.612590][T19619] ? sctp_assoc_add_peer+0x254/0x14b0 [ 1010.612641][T19619] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 1010.612683][T19619] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1010.612737][T19619] ? lock_acquire+0x2f/0xb0 [ 1010.612770][T19619] ? sctp_endpoint_lookup_assoc+0xac/0x2a0 [ 1010.612816][T19619] sctp_sendmsg+0x129c/0x1f10 [ 1010.612867][T19619] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1010.612908][T19619] ? __pfx___might_resched+0x10/0x10 [ 1010.612962][T19619] ? __pfx_aa_sk_perm+0x10/0x10 [ 1010.612990][T19619] ? __might_fault+0xe3/0x190 [ 1010.613030][T19619] ? __might_fault+0xe3/0x190 [ 1010.613070][T19619] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1010.613110][T19619] inet_sendmsg+0x119/0x140 [ 1010.613155][T19619] ____sys_sendmsg+0x907/0xb40 [ 1010.613197][T19619] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1010.613235][T19619] ? __lock_acquire+0xcc5/0x3c40 [ 1010.613284][T19619] ___sys_sendmsg+0x135/0x1e0 [ 1010.613318][T19619] ? __pfx____sys_sendmsg+0x10/0x10 [ 1010.613365][T19619] ? trace_lock_acquire+0x14e/0x1f0 [ 1010.613418][T19619] __sys_sendmmsg+0x201/0x420 [ 1010.613461][T19619] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1010.613505][T19619] ? __pfx_do_futex+0x10/0x10 [ 1010.613533][T19619] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1010.613622][T19619] ? xfd_validate_state+0x5d/0x180 [ 1010.613665][T19619] ? rcu_is_watching+0x12/0xc0 [ 1010.613720][T19619] __x64_sys_sendmmsg+0x9c/0x100 [ 1010.613754][T19619] ? lockdep_hardirqs_on+0x7c/0x110 [ 1010.613801][T19619] do_syscall_64+0xcd/0x250 [ 1010.613832][T19619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.613876][T19619] RIP: 0033:0x7f6f8c78cde9 [ 1010.613902][T19619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1010.613932][T19619] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1010.613963][T19619] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1010.613983][T19619] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003 [ 1010.614001][T19619] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1010.614020][T19619] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 1010.614038][T19619] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1010.614076][T19619] [ 1013.794369][T19691] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3272'. [ 1013.826681][T19691] mac80211_hwsim hwsim23 wlan1: entered promiscuous mode [ 1015.550861][T19713] HfR: entered promiscuous mode [ 1015.621827][T19708] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3276'. [ 1015.662500][T19708] HfR: left promiscuous mode [ 1017.340814][T19752] Invalid ELF header magic: != ELF [ 1018.933670][T19796] FAULT_INJECTION: forcing a failure. [ 1018.933670][T19796] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.991192][T19796] CPU: 1 UID: 0 PID: 19796 Comm: syz.6.3301 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1018.991239][T19796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1018.991277][T19796] Call Trace: [ 1018.991288][T19796] [ 1018.991301][T19796] dump_stack_lvl+0x16c/0x1f0 [ 1018.991373][T19796] should_fail_ex+0x50a/0x650 [ 1018.991416][T19796] ? fs_reclaim_acquire+0xae/0x150 [ 1018.991475][T19796] should_failslab+0xc2/0x120 [ 1018.991520][T19796] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1018.991575][T19796] ? dup_fd+0x50/0xca0 [ 1018.991613][T19796] dup_fd+0x50/0xca0 [ 1018.991647][T19796] ? lock_acquire+0x2f/0xb0 [ 1018.991684][T19796] ? __fget_files+0x40/0x3a0 [ 1018.991727][T19796] __do_sys_close_range+0x4b7/0x700 [ 1018.991768][T19796] ? xfd_validate_state+0x5d/0x180 [ 1018.991812][T19796] ? __pfx___do_sys_close_range+0x10/0x10 [ 1018.991863][T19796] do_syscall_64+0xcd/0x250 [ 1018.991897][T19796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.991944][T19796] RIP: 0033:0x7fef8358cde9 [ 1018.991969][T19796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1018.992016][T19796] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1018.992045][T19796] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 1018.992065][T19796] RDX: 0004000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 1018.992084][T19796] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1018.992102][T19796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1018.992120][T19796] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 1018.992156][T19796] [ 1019.169424][ C1] vkms_vblank_simulate: vblank timer overrun [ 1020.098452][T19800] zswap: compressor not available [ 1020.393111][T19830] FAULT_INJECTION: forcing a failure. [ 1020.393111][T19830] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1020.437714][T19830] CPU: 1 UID: 0 PID: 19830 Comm: syz.6.3311 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1020.437758][T19830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1020.437778][T19830] Call Trace: [ 1020.437787][T19830] [ 1020.437801][T19830] dump_stack_lvl+0x16c/0x1f0 [ 1020.437857][T19830] should_fail_ex+0x50a/0x650 [ 1020.437896][T19830] ? __pfx___might_resched+0x10/0x10 [ 1020.437943][T19830] should_fail_alloc_page+0xe7/0x130 [ 1020.437989][T19830] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 1020.438043][T19830] ? hlock_class+0x4e/0x130 [ 1020.438095][T19830] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 1020.438139][T19830] ? hlock_class+0x4e/0x130 [ 1020.438187][T19830] ? mark_lock+0xb5/0xc60 [ 1020.438223][T19830] ? __pfx_mark_lock+0x10/0x10 [ 1020.438264][T19830] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1020.438308][T19830] ? hlock_class+0x4e/0x130 [ 1020.438356][T19830] ? mark_lock+0xb5/0xc60 [ 1020.438393][T19830] ? hlock_class+0x4e/0x130 [ 1020.438458][T19830] ? hlock_class+0x4e/0x130 [ 1020.438506][T19830] ? __lock_acquire+0xcc5/0x3c40 [ 1020.438547][T19830] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1020.438594][T19830] ? policy_nodemask+0xea/0x4e0 [ 1020.438638][T19830] alloc_pages_mpol+0x1fc/0x540 [ 1020.438686][T19830] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1020.438728][T19830] ? __lock_acquire+0x15a9/0x3c40 [ 1020.438774][T19830] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1020.438825][T19830] vma_alloc_folio_noprof+0xee/0x1b0 [ 1020.438872][T19830] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1020.438919][T19830] ? find_held_lock+0x2d/0x110 [ 1020.438978][T19830] do_pte_missing+0x202f/0x3e10 [ 1020.439030][T19830] __handle_mm_fault+0x1166/0x2c60 [ 1020.439078][T19830] ? __pfx___handle_mm_fault+0x10/0x10 [ 1020.439114][T19830] ? follow_page_pte+0x3ac/0x1490 [ 1020.439147][T19830] ? __pfx_lock_release+0x10/0x10 [ 1020.439214][T19830] handle_mm_fault+0x3fa/0xaa0 [ 1020.439259][T19830] __get_user_pages+0x773/0x36f0 [ 1020.439304][T19830] ? __pfx_mt_find+0x10/0x10 [ 1020.439352][T19830] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1020.439393][T19830] ? __pfx___get_user_pages+0x10/0x10 [ 1020.439433][T19830] ? __mm_populate+0x21d/0x380 [ 1020.439486][T19830] populate_vma_page_range+0x27f/0x3a0 [ 1020.439528][T19830] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1020.439565][T19830] ? __pfx_find_vma_intersection+0x10/0x10 [ 1020.439639][T19830] ? vm_mmap_pgoff+0x29b/0x3a0 [ 1020.439681][T19830] __mm_populate+0x1d6/0x380 [ 1020.439722][T19830] ? __pfx___mm_populate+0x10/0x10 [ 1020.439765][T19830] ? up_write+0x1b2/0x520 [ 1020.439813][T19830] vm_mmap_pgoff+0x2d3/0x3a0 [ 1020.439854][T19830] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1020.439895][T19830] ? __x64_sys_futex+0x1e1/0x4c0 [ 1020.439928][T19830] ? __x64_sys_futex+0x1ea/0x4c0 [ 1020.439968][T19830] ksys_mmap_pgoff+0x7d/0x5c0 [ 1020.439999][T19830] ? rcu_is_watching+0x12/0xc0 [ 1020.440054][T19830] __x64_sys_mmap+0x125/0x190 [ 1020.440106][T19830] do_syscall_64+0xcd/0x250 [ 1020.440139][T19830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.440184][T19830] RIP: 0033:0x7fef8358cde9 [ 1020.440212][T19830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1020.440245][T19830] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1020.440276][T19830] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 1020.440299][T19830] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1020.440318][T19830] RBP: 00007fef8360e2a0 R08: 0000000000000047 R09: 0000000000008000 [ 1020.440339][T19830] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1020.440359][T19830] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 1020.440399][T19830] [ 1020.844008][T19828] can: request_module (can-proto-0) failed. [ 1021.471788][T19849] FAULT_INJECTION: forcing a failure. [ 1021.471788][T19849] name failslab, interval 1, probability 0, space 0, times 0 [ 1021.488590][T19849] CPU: 1 UID: 0 PID: 19849 Comm: syz.6.3316 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1021.488632][T19849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1021.488652][T19849] Call Trace: [ 1021.488661][T19849] [ 1021.488673][T19849] dump_stack_lvl+0x16c/0x1f0 [ 1021.488728][T19849] should_fail_ex+0x50a/0x650 [ 1021.488766][T19849] ? fs_reclaim_acquire+0xae/0x150 [ 1021.488821][T19849] should_failslab+0xc2/0x120 [ 1021.488863][T19849] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1021.488899][T19849] ? lockdep_init_map_type+0x16d/0x7d0 [ 1021.488940][T19849] ? security_inode_alloc+0x3b/0x2b0 [ 1021.488978][T19849] security_inode_alloc+0x3b/0x2b0 [ 1021.489011][T19849] inode_init_always_gfp+0xce4/0x1030 [ 1021.489061][T19849] alloc_inode+0x82/0x230 [ 1021.489109][T19849] new_inode+0x22/0x210 [ 1021.489154][T19849] proc_get_inode+0x1d/0x7d0 [ 1021.489191][T19849] proc_lookup_de+0x13e/0x220 [ 1021.489227][T19849] ? __pfx_proc_tgid_net_lookup+0x10/0x10 [ 1021.489270][T19849] ? __pfx_proc_tgid_net_lookup+0x10/0x10 [ 1021.489310][T19849] proc_tgid_net_lookup+0x75/0x120 [ 1021.489352][T19849] lookup_open.isra.0+0x4d9/0x1580 [ 1021.489412][T19849] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1021.489471][T19849] ? path_openat+0x88a/0x2d80 [ 1021.489517][T19849] ? lookup_fast+0x153/0x5f0 [ 1021.489574][T19849] path_openat+0x904/0x2d80 [ 1021.489622][T19849] ? __pfx_path_openat+0x10/0x10 [ 1021.489656][T19849] ? __pfx___lock_acquire+0x10/0x10 [ 1021.489692][T19849] ? lock_acquire.part.0+0x11b/0x380 [ 1021.489731][T19849] ? find_held_lock+0x2d/0x110 [ 1021.489786][T19849] do_filp_open+0x20c/0x470 [ 1021.489822][T19849] ? __pfx_do_filp_open+0x10/0x10 [ 1021.489855][T19849] ? find_held_lock+0x2d/0x110 [ 1021.489917][T19849] ? __pfx_kfree_link+0x10/0x10 [ 1021.489974][T19849] ? alloc_fd+0x41f/0x760 [ 1021.490018][T19849] do_sys_openat2+0x17a/0x1e0 [ 1021.490062][T19849] ? __pfx_do_sys_openat2+0x10/0x10 [ 1021.490180][T19849] __x64_sys_openat+0x175/0x210 [ 1021.490226][T19849] ? __pfx___x64_sys_openat+0x10/0x10 [ 1021.490288][T19849] do_syscall_64+0xcd/0x250 [ 1021.490320][T19849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.490365][T19849] RIP: 0033:0x7fef8358cde9 [ 1021.490390][T19849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1021.490422][T19849] RSP: 002b:00007fef84409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1021.490451][T19849] RAX: ffffffffffffffda RBX: 00007fef837a6080 RCX: 00007fef8358cde9 [ 1021.490471][T19849] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1021.490491][T19849] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1021.490509][T19849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1021.490527][T19849] R13: 0000000000000000 R14: 00007fef837a6080 R15: 00007ffc421ee8c8 [ 1021.490566][T19849] [ 1021.781465][T19840] Invalid ELF header magic: != ELF [ 1024.421321][T19922] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1024.565100][T19926] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1025.669791][T19953] queue_state_write: unsupported operation '' [ 1025.760533][T19953] queue_state_write: use 'run', 'start' or 'kick' [ 1027.885865][T19987] FAULT_INJECTION: forcing a failure. [ 1027.885865][T19987] name failslab, interval 1, probability 0, space 0, times 0 [ 1028.039823][T19987] CPU: 1 UID: 0 PID: 19987 Comm: syz.7.3351 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1028.039867][T19987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1028.039887][T19987] Call Trace: [ 1028.039898][T19987] [ 1028.039911][T19987] dump_stack_lvl+0x16c/0x1f0 [ 1028.039969][T19987] should_fail_ex+0x50a/0x650 [ 1028.040009][T19987] ? fs_reclaim_acquire+0xae/0x150 [ 1028.040066][T19987] should_failslab+0xc2/0x120 [ 1028.040110][T19987] __kmalloc_noprof+0xce/0x4f0 [ 1028.040149][T19987] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1028.040190][T19987] ? tomoyo_realpath_from_path+0xbf/0x710 [ 1028.040233][T19987] ? rcu_is_watching+0x12/0xc0 [ 1028.040288][T19987] tomoyo_realpath_from_path+0xbf/0x710 [ 1028.040341][T19987] tomoyo_check_open_permission+0x2ad/0x3c0 [ 1028.040379][T19987] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1028.040454][T19987] ? __pfx_hook_file_open+0x10/0x10 [ 1028.040500][T19987] ? lock_acquire+0x2f/0xb0 [ 1028.040544][T19987] tomoyo_file_open+0x6b/0x90 [ 1028.040594][T19987] security_file_open+0x84/0x1e0 [ 1028.040634][T19987] do_dentry_open+0x57c/0x1c40 [ 1028.040675][T19987] ? inode_permission+0xdd/0x5f0 [ 1028.040724][T19987] vfs_open+0x82/0x3f0 [ 1028.040776][T19987] ? may_open+0x1f2/0x400 [ 1028.040828][T19987] path_openat+0x1e88/0x2d80 [ 1028.040877][T19987] ? __pfx_path_openat+0x10/0x10 [ 1028.040912][T19987] ? __pfx___lock_acquire+0x10/0x10 [ 1028.040948][T19987] ? lock_acquire.part.0+0x11b/0x380 [ 1028.040986][T19987] ? find_held_lock+0x2d/0x110 [ 1028.041058][T19987] do_filp_open+0x20c/0x470 [ 1028.041094][T19987] ? __pfx_do_filp_open+0x10/0x10 [ 1028.041128][T19987] ? find_held_lock+0x2d/0x110 [ 1028.041190][T19987] ? __pfx_kfree_link+0x10/0x10 [ 1028.041249][T19987] ? alloc_fd+0x41f/0x760 [ 1028.041294][T19987] do_sys_openat2+0x17a/0x1e0 [ 1028.041340][T19987] ? __pfx_do_sys_openat2+0x10/0x10 [ 1028.041401][T19987] __x64_sys_openat+0x175/0x210 [ 1028.041448][T19987] ? __pfx___x64_sys_openat+0x10/0x10 [ 1028.041517][T19987] do_syscall_64+0xcd/0x250 [ 1028.041551][T19987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1028.041598][T19987] RIP: 0033:0x7f6f8c78cde9 [ 1028.041624][T19987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1028.041657][T19987] RSP: 002b:00007f6f8d654038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1028.041687][T19987] RAX: ffffffffffffffda RBX: 00007f6f8c9a6080 RCX: 00007f6f8c78cde9 [ 1028.041709][T19987] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1028.041730][T19987] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1028.041750][T19987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1028.041770][T19987] R13: 0000000000000000 R14: 00007f6f8c9a6080 R15: 00007ffc6d8d1b68 [ 1028.041811][T19987] [ 1028.669928][T19987] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1029.454482][T20009] FAULT_INJECTION: forcing a failure. [ 1029.454482][T20009] name failslab, interval 1, probability 0, space 0, times 0 [ 1029.499087][T20009] CPU: 0 UID: 0 PID: 20009 Comm: syz.6.3360 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1029.499135][T20009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1029.499155][T20009] Call Trace: [ 1029.499165][T20009] [ 1029.499178][T20009] dump_stack_lvl+0x16c/0x1f0 [ 1029.499235][T20009] should_fail_ex+0x50a/0x650 [ 1029.499274][T20009] ? fs_reclaim_acquire+0xae/0x150 [ 1029.499328][T20009] should_failslab+0xc2/0x120 [ 1029.499369][T20009] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1029.499409][T20009] ? alloc_empty_file+0x73/0x1e0 [ 1029.499457][T20009] alloc_empty_file+0x73/0x1e0 [ 1029.499502][T20009] alloc_file_pseudo+0x131/0x1e0 [ 1029.499548][T20009] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1029.499591][T20009] ? bpf_lsm_socket_post_create+0x9/0x10 [ 1029.499643][T20009] sock_alloc_file+0x50/0x1d0 [ 1029.499683][T20009] __sys_socketpair+0x34f/0x5a0 [ 1029.499732][T20009] ? __pfx___sys_socketpair+0x10/0x10 [ 1029.499779][T20009] ? xfd_validate_state+0x5d/0x180 [ 1029.499822][T20009] ? rcu_is_watching+0x12/0xc0 [ 1029.499876][T20009] __x64_sys_socketpair+0x96/0x100 [ 1029.499920][T20009] ? lockdep_hardirqs_on+0x7c/0x110 [ 1029.499969][T20009] do_syscall_64+0xcd/0x250 [ 1029.500000][T20009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1029.500044][T20009] RIP: 0033:0x7fef8358cde9 [ 1029.500068][T20009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1029.500099][T20009] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1029.500129][T20009] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 1029.500150][T20009] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1029.500169][T20009] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1029.500187][T20009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1029.500206][T20009] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 1029.500243][T20009] [ 1030.211857][T20018] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3361'. [ 1030.354469][T20018] hsr_slave_0: left promiscuous mode [ 1031.225099][T20035] netlink: 306 bytes leftover after parsing attributes in process `syz.7.3368'. [ 1031.245124][T20041] netlink: 306 bytes leftover after parsing attributes in process `syz.7.3368'. [ 1032.801773][T20061] HSR: entered promiscuous mode [ 1035.136137][T20106] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3391'. [ 1035.563537][T20120] FAULT_INJECTION: forcing a failure. [ 1035.563537][T20120] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.588613][T20117] Invalid ELF header magic: != ELF [ 1035.613490][T20120] CPU: 0 UID: 0 PID: 20120 Comm: syz.7.3395 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1035.613529][T20120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1035.613546][T20120] Call Trace: [ 1035.613555][T20120] [ 1035.613566][T20120] dump_stack_lvl+0x16c/0x1f0 [ 1035.613617][T20120] should_fail_ex+0x50a/0x650 [ 1035.613652][T20120] ? fs_reclaim_acquire+0xae/0x150 [ 1035.613703][T20120] should_failslab+0xc2/0x120 [ 1035.613741][T20120] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 1035.613777][T20120] ? unix_create1+0x4d8/0x6c0 [ 1035.613811][T20120] ? __d_alloc+0x35/0x8c0 [ 1035.613852][T20120] __d_alloc+0x35/0x8c0 [ 1035.613891][T20120] d_alloc_pseudo+0x1c/0xc0 [ 1035.613935][T20120] alloc_file_pseudo+0xc6/0x1e0 [ 1035.613977][T20120] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1035.614015][T20120] ? bpf_lsm_socket_post_create+0x9/0x10 [ 1035.614065][T20120] sock_alloc_file+0x50/0x1d0 [ 1035.614102][T20120] __sys_socketpair+0x31d/0x5a0 [ 1035.614148][T20120] ? __pfx___sys_socketpair+0x10/0x10 [ 1035.614192][T20120] ? xfd_validate_state+0x5d/0x180 [ 1035.614233][T20120] ? rcu_is_watching+0x12/0xc0 [ 1035.614284][T20120] __x64_sys_socketpair+0x96/0x100 [ 1035.614326][T20120] ? lockdep_hardirqs_on+0x7c/0x110 [ 1035.614392][T20120] do_syscall_64+0xcd/0x250 [ 1035.614423][T20120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1035.614467][T20120] RIP: 0033:0x7f6f8c78cde9 [ 1035.614492][T20120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1035.614524][T20120] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1035.614553][T20120] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1035.614574][T20120] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1035.614594][T20120] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1035.614612][T20120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1035.614630][T20120] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1035.614668][T20120] [ 1036.280344][ T5837] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260 [ 1036.280391][ T5837] Bluetooth: hci5: unexpected subevent 0x0c length: 725 > 5 [ 1036.862231][T19973] Process accounting resumed [ 1036.890437][T19973] kernel write not supported for file /675/oom_adj (pid: 19973 comm: syz.6.3349) [ 1037.751279][T20176] FAULT_INJECTION: forcing a failure. [ 1037.751279][T20176] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.783103][T20176] CPU: 1 UID: 0 PID: 20176 Comm: syz.7.3407 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1037.783148][T20176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1037.783167][T20176] Call Trace: [ 1037.783178][T20176] [ 1037.783190][T20176] dump_stack_lvl+0x16c/0x1f0 [ 1037.783247][T20176] should_fail_ex+0x50a/0x650 [ 1037.783284][T20176] ? fs_reclaim_acquire+0xae/0x150 [ 1037.783338][T20176] should_failslab+0xc2/0x120 [ 1037.783378][T20176] __kmalloc_noprof+0xce/0x4f0 [ 1037.783415][T20176] ? rcu_is_watching+0x12/0xc0 [ 1037.783471][T20176] ? tomoyo_encode2+0x100/0x3e0 [ 1037.783510][T20176] tomoyo_encode2+0x100/0x3e0 [ 1037.783559][T20176] tomoyo_realpath_from_path+0x1a7/0x710 [ 1037.783608][T20176] tomoyo_check_open_permission+0x2ad/0x3c0 [ 1037.783641][T20176] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1037.783711][T20176] ? __pfx_hook_file_open+0x10/0x10 [ 1037.783743][T20176] ? lock_acquire+0x2f/0xb0 [ 1037.783782][T20176] tomoyo_file_open+0x6b/0x90 [ 1037.783826][T20176] security_file_open+0x84/0x1e0 [ 1037.783864][T20176] do_dentry_open+0x57c/0x1c40 [ 1037.783900][T20176] ? inode_permission+0xdd/0x5f0 [ 1037.783945][T20176] vfs_open+0x82/0x3f0 [ 1037.783981][T20176] ? may_open+0x1f2/0x400 [ 1037.784025][T20176] path_openat+0x1e88/0x2d80 [ 1037.784071][T20176] ? __pfx_path_openat+0x10/0x10 [ 1037.784103][T20176] ? __pfx___lock_acquire+0x10/0x10 [ 1037.784136][T20176] ? lock_acquire.part.0+0x11b/0x380 [ 1037.784172][T20176] ? find_held_lock+0x2d/0x110 [ 1037.784222][T20176] do_filp_open+0x20c/0x470 [ 1037.784255][T20176] ? __pfx_do_filp_open+0x10/0x10 [ 1037.784302][T20176] ? find_held_lock+0x2d/0x110 [ 1037.784370][T20176] ? __pfx_kfree_link+0x10/0x10 [ 1037.784427][T20176] ? alloc_fd+0x41f/0x760 [ 1037.784471][T20176] do_sys_openat2+0x17a/0x1e0 [ 1037.784515][T20176] ? __pfx_do_sys_openat2+0x10/0x10 [ 1037.784582][T20176] __x64_sys_openat+0x175/0x210 [ 1037.784628][T20176] ? __pfx___x64_sys_openat+0x10/0x10 [ 1037.784689][T20176] do_syscall_64+0xcd/0x250 [ 1037.784722][T20176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1037.784767][T20176] RIP: 0033:0x7f6f8c78cde9 [ 1037.784792][T20176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1037.784823][T20176] RSP: 002b:00007f6f8d654038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1037.784852][T20176] RAX: ffffffffffffffda RBX: 00007f6f8c9a6080 RCX: 00007f6f8c78cde9 [ 1037.784872][T20176] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1037.784892][T20176] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1037.784911][T20176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1037.784930][T20176] R13: 0000000000000000 R14: 00007f6f8c9a6080 R15: 00007ffc6d8d1b68 [ 1037.784968][T20176] [ 1037.787914][T20176] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1038.075161][T20134] kernel write not supported for file /675/oom_adj (pid: 20134 comm: syz.6.3401) [ 1038.564285][T20192] kernel write not supported for file /675/oom_adj (pid: 20192 comm: syz.6.3410) [ 1038.714692][T20191] ptrace attach of "./syz-executor exec"[17019] was attempted by "./syz-executor exec"[20191] [ 1038.885033][T20209] kernel write not supported for file /675/oom_adj (pid: 20209 comm: syz.6.3415) [ 1039.155387][T20217] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3418'. [ 1039.436682][T20215] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3417'. [ 1039.964897][T20216] kernel write not supported for file /675/oom_adj (pid: 20216 comm: syz.6.3418) [ 1040.041253][T20229] FAULT_INJECTION: forcing a failure. [ 1040.041253][T20229] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.076438][T20229] CPU: 1 UID: 0 PID: 20229 Comm: syz.7.3420 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1040.076496][T20229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1040.076516][T20229] Call Trace: [ 1040.076525][T20229] [ 1040.076537][T20229] dump_stack_lvl+0x16c/0x1f0 [ 1040.076600][T20229] should_fail_ex+0x50a/0x650 [ 1040.076639][T20229] ? fs_reclaim_acquire+0xae/0x150 [ 1040.076694][T20229] should_failslab+0xc2/0x120 [ 1040.076735][T20229] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1040.076774][T20229] ? rcu_is_watching+0x12/0xc0 [ 1040.076823][T20229] ? security_file_alloc+0x34/0x2b0 [ 1040.076866][T20229] security_file_alloc+0x34/0x2b0 [ 1040.076904][T20229] init_file+0x93/0x480 [ 1040.076946][T20229] alloc_empty_file+0x91/0x1e0 [ 1040.076993][T20229] alloc_file_pseudo+0x131/0x1e0 [ 1040.077040][T20229] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1040.077087][T20229] ? do_raw_spin_unlock+0x172/0x230 [ 1040.077141][T20229] __anon_inode_getfile+0xf8/0x370 [ 1040.077178][T20229] do_eventfd+0x199/0x2f0 [ 1040.077218][T20229] __x64_sys_eventfd+0x32/0x50 [ 1040.077257][T20229] do_syscall_64+0xcd/0x250 [ 1040.077289][T20229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.077333][T20229] RIP: 0033:0x7f6f8c78cde9 [ 1040.077357][T20229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1040.077388][T20229] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 1040.077436][T20229] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1040.077457][T20229] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1040.077476][T20229] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1040.077495][T20229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1040.077514][T20229] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1040.077552][T20229] [ 1040.103503][T20230] kernel write not supported for file /675/oom_adj (pid: 20230 comm: syz.6.3421) [ 1040.220274][T20234] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1040.647237][T20242] kernel write not supported for file /675/oom_adj (pid: 20242 comm: syz.6.3423) [ 1040.814080][T20248] kernel write not supported for file /675/oom_adj (pid: 20248 comm: syz.6.3428) [ 1042.882438][T20261] kernel write not supported for file /675/oom_adj (pid: 20261 comm: syz.6.3431) [ 1043.264628][T20287] kernel write not supported for file /675/oom_adj (pid: 20287 comm: syz.6.3439) [ 1043.866049][T20294] kernel write not supported for file /675/oom_adj (pid: 20294 comm: syz.6.3442) [ 1044.414172][T20317] kernel write not supported for file /675/oom_adj (pid: 20317 comm: syz.6.3447) [ 1044.646521][T20331] kernel write not supported for file /675/oom_adj (pid: 20331 comm: syz.6.3450) [ 1044.931997][T20337] FAULT_INJECTION: forcing a failure. [ 1044.931997][T20337] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1044.973992][T20337] CPU: 0 UID: 0 PID: 20337 Comm: syz.6.3451 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1044.974036][T20337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1044.974055][T20337] Call Trace: [ 1044.974065][T20337] [ 1044.974078][T20337] dump_stack_lvl+0x16c/0x1f0 [ 1044.974152][T20337] should_fail_ex+0x50a/0x650 [ 1044.974191][T20337] ? __pfx___futex_wait+0x10/0x10 [ 1044.974237][T20337] get_futex_key+0x4a3/0x1000 [ 1044.974287][T20337] ? hlock_class+0x4e/0x130 [ 1044.974340][T20337] ? __pfx_get_futex_key+0x10/0x10 [ 1044.974403][T20337] futex_wake+0xe8/0x4e0 [ 1044.974444][T20337] ? __pfx_futex_wake+0x10/0x10 [ 1044.974494][T20337] ? __fget_files+0x1fc/0x3a0 [ 1044.974531][T20337] do_futex+0x1e5/0x350 [ 1044.974563][T20337] ? __pfx_do_futex+0x10/0x10 [ 1044.974593][T20337] ? __fget_files+0x40/0x3a0 [ 1044.974635][T20337] __x64_sys_futex+0x1e1/0x4c0 [ 1044.974670][T20337] ? fdget+0x187/0x210 [ 1044.974702][T20337] ? __pfx___x64_sys_futex+0x10/0x10 [ 1044.974736][T20337] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1044.974783][T20337] do_syscall_64+0xcd/0x250 [ 1044.974814][T20337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1044.974859][T20337] RIP: 0033:0x7fef8358cde9 [ 1044.974883][T20337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1044.974914][T20337] RSP: 002b:00007fef844090e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1044.974943][T20337] RAX: ffffffffffffffda RBX: 00007fef837a6088 RCX: 00007fef8358cde9 [ 1044.974964][T20337] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fef837a608c [ 1044.974983][T20337] RBP: 00007fef837a6080 R08: 00007fef8442b000 R09: 0000000000000000 [ 1044.975003][T20337] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fef837a608c [ 1044.975023][T20337] R13: 0000000000000000 R14: 00007ffc421ee7e0 R15: 00007ffc421ee8c8 [ 1044.975061][T20337] [ 1045.302621][T20337] kernel write not supported for file /675/oom_adj (pid: 20337 comm: syz.6.3451) [ 1045.765647][T20342] kernel write not supported for file /675/oom_adj (pid: 20342 comm: syz.6.3453) [ 1045.915677][T20359] kernel write not supported for file /675/oom_adj (pid: 20359 comm: syz.6.3458) [ 1045.930691][T20359] Process accounting resumed [ 1047.405148][T20387] FAULT_INJECTION: forcing a failure. [ 1047.405148][T20387] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.418981][T20387] CPU: 1 UID: 0 PID: 20387 Comm: syz.6.3465 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1047.419021][T20387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1047.419041][T20387] Call Trace: [ 1047.419051][T20387] [ 1047.419064][T20387] dump_stack_lvl+0x16c/0x1f0 [ 1047.419120][T20387] should_fail_ex+0x50a/0x650 [ 1047.419160][T20387] ? fs_reclaim_acquire+0xae/0x150 [ 1047.419220][T20387] should_failslab+0xc2/0x120 [ 1047.419262][T20387] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1047.419299][T20387] ? __pfx_apparmor_file_open+0x10/0x10 [ 1047.419335][T20387] ? proc_reg_open+0x21d/0x610 [ 1047.419373][T20387] proc_reg_open+0x21d/0x610 [ 1047.419408][T20387] do_dentry_open+0x735/0x1c40 [ 1047.419444][T20387] ? __pfx_proc_reg_open+0x10/0x10 [ 1047.419479][T20387] ? inode_permission+0xdd/0x5f0 [ 1047.419527][T20387] vfs_open+0x82/0x3f0 [ 1047.419566][T20387] ? may_open+0x1f2/0x400 [ 1047.419615][T20387] path_openat+0x1e88/0x2d80 [ 1047.419671][T20387] ? __pfx_path_openat+0x10/0x10 [ 1047.419707][T20387] ? __pfx___lock_acquire+0x10/0x10 [ 1047.419744][T20387] ? lock_acquire.part.0+0x11b/0x380 [ 1047.419784][T20387] ? find_held_lock+0x2d/0x110 [ 1047.419838][T20387] do_filp_open+0x20c/0x470 [ 1047.419874][T20387] ? __pfx_do_filp_open+0x10/0x10 [ 1047.419907][T20387] ? find_held_lock+0x2d/0x110 [ 1047.419973][T20387] ? __pfx_kfree_link+0x10/0x10 [ 1047.420030][T20387] ? alloc_fd+0x41f/0x760 [ 1047.420074][T20387] do_sys_openat2+0x17a/0x1e0 [ 1047.420117][T20387] ? __pfx_do_sys_openat2+0x10/0x10 [ 1047.420175][T20387] __x64_sys_openat+0x175/0x210 [ 1047.420220][T20387] ? __pfx___x64_sys_openat+0x10/0x10 [ 1047.420280][T20387] do_syscall_64+0xcd/0x250 [ 1047.420313][T20387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1047.420358][T20387] RIP: 0033:0x7fef8358cde9 [ 1047.420383][T20387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1047.420414][T20387] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1047.420443][T20387] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 1047.420464][T20387] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1047.420484][T20387] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1047.420504][T20387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1047.420522][T20387] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 1047.420561][T20387] [ 1047.665198][ C1] vkms_vblank_simulate: vblank timer overrun [ 1048.518024][T20405] Invalid ELF header magic: != ELF [ 1049.209036][T20428] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1052.055187][T20498] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1052.749029][T20521] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 1053.373251][T20538] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 1055.422278][T20573] FAULT_INJECTION: forcing a failure. [ 1055.422278][T20573] name failslab, interval 1, probability 0, space 0, times 0 [ 1055.450443][T20573] CPU: 0 UID: 0 PID: 20573 Comm: syz.7.3508 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1055.450488][T20573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1055.450509][T20573] Call Trace: [ 1055.450519][T20573] [ 1055.450531][T20573] dump_stack_lvl+0x16c/0x1f0 [ 1055.450597][T20573] should_fail_ex+0x50a/0x650 [ 1055.450635][T20573] ? fs_reclaim_acquire+0xae/0x150 [ 1055.450689][T20573] should_failslab+0xc2/0x120 [ 1055.450730][T20573] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1055.450768][T20573] ? rcu_is_watching+0x12/0xc0 [ 1055.450817][T20573] ? security_file_alloc+0x34/0x2b0 [ 1055.450859][T20573] security_file_alloc+0x34/0x2b0 [ 1055.450903][T20573] init_file+0x93/0x480 [ 1055.450945][T20573] alloc_empty_file+0x91/0x1e0 [ 1055.450989][T20573] alloc_file_pseudo+0x131/0x1e0 [ 1055.451035][T20573] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1055.451078][T20573] ? bpf_lsm_socket_post_create+0x9/0x10 [ 1055.451122][T20573] sock_alloc_file+0x50/0x1d0 [ 1055.451159][T20573] __sys_socketpair+0x31d/0x5a0 [ 1055.451208][T20573] ? __pfx___sys_socketpair+0x10/0x10 [ 1055.451255][T20573] ? xfd_validate_state+0x5d/0x180 [ 1055.451297][T20573] ? rcu_is_watching+0x12/0xc0 [ 1055.451351][T20573] __x64_sys_socketpair+0x96/0x100 [ 1055.451396][T20573] ? lockdep_hardirqs_on+0x7c/0x110 [ 1055.451443][T20573] do_syscall_64+0xcd/0x250 [ 1055.451474][T20573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1055.451518][T20573] RIP: 0033:0x7f6f8c78cde9 [ 1055.451543][T20573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1055.451574][T20573] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1055.451604][T20573] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1055.451625][T20573] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1055.451645][T20573] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1055.451664][T20573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1055.451682][T20573] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1055.451720][T20573] [ 1055.948089][T20579] MTRR 0 not used [ 1056.787510][T20599] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1058.430921][T20619] FAULT_INJECTION: forcing a failure. [ 1058.430921][T20619] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.463845][T20619] CPU: 1 UID: 0 PID: 20619 Comm: syz.7.3520 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1058.463893][T20619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1058.463913][T20619] Call Trace: [ 1058.463924][T20619] [ 1058.463937][T20619] dump_stack_lvl+0x16c/0x1f0 [ 1058.463993][T20619] should_fail_ex+0x50a/0x650 [ 1058.464037][T20619] ? fs_reclaim_acquire+0xae/0x150 [ 1058.464092][T20619] should_failslab+0xc2/0x120 [ 1058.464135][T20619] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1058.464174][T20619] ? dup_fd+0x50/0xca0 [ 1058.464212][T20619] dup_fd+0x50/0xca0 [ 1058.464244][T20619] ? lock_acquire+0x2f/0xb0 [ 1058.464281][T20619] ? __fget_files+0x40/0x3a0 [ 1058.464324][T20619] __do_sys_close_range+0x4b7/0x700 [ 1058.464362][T20619] ? xfd_validate_state+0x5d/0x180 [ 1058.464405][T20619] ? __pfx___do_sys_close_range+0x10/0x10 [ 1058.464455][T20619] do_syscall_64+0xcd/0x250 [ 1058.464487][T20619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1058.464532][T20619] RIP: 0033:0x7f6f8c78cde9 [ 1058.464558][T20619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1058.464589][T20619] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1058.464628][T20619] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1058.464649][T20619] RDX: 0004000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 1058.464668][T20619] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1058.464687][T20619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1058.464705][T20619] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1058.464744][T20619] [ 1058.810026][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1058.822043][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1060.239074][T20653] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1063.456191][T20699] raw_sendmsg: syz.7.3544 forgot to set AF_INET. Fix it! [ 1063.927867][T20712] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1064.414111][T20724] ptrace attach of "./syz-executor exec"[17019] was attempted by "./syz-executor exec"[20724] [ 1066.716050][T20767] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3564'. [ 1069.882401][T20836] FAULT_INJECTION: forcing a failure. [ 1069.882401][T20836] name failslab, interval 1, probability 0, space 0, times 0 [ 1069.904614][T20836] CPU: 1 UID: 0 PID: 20836 Comm: syz.7.3578 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1069.904657][T20836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1069.904676][T20836] Call Trace: [ 1069.904685][T20836] [ 1069.904697][T20836] dump_stack_lvl+0x16c/0x1f0 [ 1069.904756][T20836] should_fail_ex+0x50a/0x650 [ 1069.904793][T20836] ? fs_reclaim_acquire+0xae/0x150 [ 1069.904857][T20836] should_failslab+0xc2/0x120 [ 1069.904898][T20836] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 1069.904941][T20836] ? sock_alloc_inode+0x25/0x1c0 [ 1069.904986][T20836] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1069.905034][T20836] sock_alloc_inode+0x25/0x1c0 [ 1069.905074][T20836] alloc_inode+0x5d/0x230 [ 1069.905109][T20836] sock_alloc+0x40/0x280 [ 1069.905143][T20836] __sock_create+0xc1/0x8d0 [ 1069.905191][T20836] __sys_socketpair+0x1d9/0x5a0 [ 1069.905236][T20836] ? __pfx___sys_socketpair+0x10/0x10 [ 1069.905276][T20836] ? fput+0x67/0x440 [ 1069.905318][T20836] ? __pfx_ksys_write+0x10/0x10 [ 1069.905353][T20836] __x64_sys_socketpair+0x96/0x100 [ 1069.905399][T20836] ? lockdep_hardirqs_on+0x7c/0x110 [ 1069.905444][T20836] do_syscall_64+0xcd/0x250 [ 1069.905473][T20836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1069.905532][T20836] RIP: 0033:0x7f6f8c78cde9 [ 1069.905554][T20836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1069.905582][T20836] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1069.905612][T20836] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1069.905631][T20836] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1069.905648][T20836] RBP: 00007f6f8d675090 R08: 0000000000000000 R09: 0000000000000000 [ 1069.905664][T20836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1069.905684][T20836] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1069.905718][T20836] [ 1069.905730][T20836] socket: no more sockets [ 1076.318987][T20949] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1077.984863][T20971] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3619'. [ 1078.033993][T20971] netlink: 354 bytes leftover after parsing attributes in process `syz.6.3619'. [ 1080.828876][T21013] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 1081.216076][T21021] FAULT_INJECTION: forcing a failure. [ 1081.216076][T21021] name failslab, interval 1, probability 0, space 0, times 0 [ 1081.251830][T21021] CPU: 1 UID: 0 PID: 21021 Comm: syz.6.3630 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1081.251874][T21021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1081.251893][T21021] Call Trace: [ 1081.251902][T21021] [ 1081.251915][T21021] dump_stack_lvl+0x16c/0x1f0 [ 1081.251971][T21021] should_fail_ex+0x50a/0x650 [ 1081.252009][T21021] ? fs_reclaim_acquire+0xae/0x150 [ 1081.252065][T21021] should_failslab+0xc2/0x120 [ 1081.252105][T21021] __kmalloc_noprof+0xce/0x4f0 [ 1081.252144][T21021] ? __seq_open_private+0x22/0xd0 [ 1081.252197][T21021] __seq_open_private+0x22/0xd0 [ 1081.252246][T21021] seq_open_net+0x30a/0x4e0 [ 1081.252287][T21021] ? __pfx_seq_open_net+0x10/0x10 [ 1081.252323][T21021] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 1081.252372][T21021] ? kmem_cache_alloc_noprof+0x21b/0x3b0 [ 1081.252408][T21021] ? __pfx_apparmor_file_open+0x10/0x10 [ 1081.252444][T21021] ? proc_reg_open+0x21d/0x610 [ 1081.252477][T21021] ? __pfx_seq_open_net+0x10/0x10 [ 1081.252517][T21021] proc_reg_open+0x286/0x610 [ 1081.252552][T21021] do_dentry_open+0x735/0x1c40 [ 1081.252585][T21021] ? __pfx_proc_reg_open+0x10/0x10 [ 1081.252619][T21021] ? inode_permission+0xdd/0x5f0 [ 1081.252672][T21021] vfs_open+0x82/0x3f0 [ 1081.252711][T21021] ? may_open+0x1f2/0x400 [ 1081.252760][T21021] path_openat+0x1e88/0x2d80 [ 1081.252813][T21021] ? __pfx_path_openat+0x10/0x10 [ 1081.252849][T21021] ? __pfx___lock_acquire+0x10/0x10 [ 1081.252886][T21021] ? lock_acquire.part.0+0x11b/0x380 [ 1081.252926][T21021] ? find_held_lock+0x2d/0x110 [ 1081.252979][T21021] do_filp_open+0x20c/0x470 [ 1081.253014][T21021] ? __pfx_do_filp_open+0x10/0x10 [ 1081.253047][T21021] ? find_held_lock+0x2d/0x110 [ 1081.253109][T21021] ? __pfx_kfree_link+0x10/0x10 [ 1081.253165][T21021] ? alloc_fd+0x41f/0x760 [ 1081.253207][T21021] do_sys_openat2+0x17a/0x1e0 [ 1081.253250][T21021] ? __pfx_do_sys_openat2+0x10/0x10 [ 1081.253308][T21021] __x64_sys_openat+0x175/0x210 [ 1081.253353][T21021] ? __pfx___x64_sys_openat+0x10/0x10 [ 1081.253412][T21021] do_syscall_64+0xcd/0x250 [ 1081.253443][T21021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1081.253488][T21021] RIP: 0033:0x7fef8358cde9 [ 1081.253512][T21021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1081.253543][T21021] RSP: 002b:00007fef84409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1081.253573][T21021] RAX: ffffffffffffffda RBX: 00007fef837a6080 RCX: 00007fef8358cde9 [ 1081.253593][T21021] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1081.253613][T21021] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1081.253633][T21021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1081.253651][T21021] R13: 0000000000000000 R14: 00007fef837a6080 R15: 00007ffc421ee8c8 [ 1081.253689][T21021] [ 1084.847268][T21064] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3641'. [ 1085.636779][T21074] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1086.075865][T21092] netlink: 252 bytes leftover after parsing attributes in process `syz.6.3649'. [ 1086.823216][T21109] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1088.313766][T21153] can0: slcan on pty233. [ 1088.407055][T21153] zero sized request [ 1088.548557][T21152] can0 (unregistered): slcan off pty233. [ 1089.945135][T21203] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1090.379391][T21213] FAULT_INJECTION: forcing a failure. [ 1090.379391][T21213] name failslab, interval 1, probability 0, space 0, times 0 [ 1090.461876][T21213] CPU: 1 UID: 0 PID: 21213 Comm: syz.6.3675 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1090.461922][T21213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1090.461942][T21213] Call Trace: [ 1090.461953][T21213] [ 1090.461966][T21213] dump_stack_lvl+0x16c/0x1f0 [ 1090.462025][T21213] should_fail_ex+0x50a/0x650 [ 1090.462065][T21213] ? fs_reclaim_acquire+0xae/0x150 [ 1090.462124][T21213] should_failslab+0xc2/0x120 [ 1090.462165][T21213] __kmalloc_noprof+0xce/0x4f0 [ 1090.462204][T21213] ? rcu_is_watching+0x12/0xc0 [ 1090.462251][T21213] ? tomoyo_encode2+0x100/0x3e0 [ 1090.462298][T21213] tomoyo_encode2+0x100/0x3e0 [ 1090.462343][T21213] tomoyo_realpath_from_path+0x1a7/0x710 [ 1090.462396][T21213] tomoyo_check_open_permission+0x2ad/0x3c0 [ 1090.462434][T21213] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1090.462509][T21213] ? __pfx_hook_file_open+0x10/0x10 [ 1090.462556][T21213] ? lock_acquire+0x2f/0xb0 [ 1090.462607][T21213] tomoyo_file_open+0x6b/0x90 [ 1090.462656][T21213] security_file_open+0x84/0x1e0 [ 1090.462695][T21213] do_dentry_open+0x57c/0x1c40 [ 1090.462735][T21213] ? inode_permission+0xdd/0x5f0 [ 1090.462784][T21213] vfs_open+0x82/0x3f0 [ 1090.462823][T21213] ? may_open+0x1f2/0x400 [ 1090.462873][T21213] path_openat+0x1e88/0x2d80 [ 1090.462934][T21213] ? __pfx_path_openat+0x10/0x10 [ 1090.462967][T21213] ? __pfx___lock_acquire+0x10/0x10 [ 1090.463001][T21213] ? lock_acquire.part.0+0x11b/0x380 [ 1090.463057][T21213] ? find_held_lock+0x2d/0x110 [ 1090.463112][T21213] do_filp_open+0x20c/0x470 [ 1090.463148][T21213] ? __pfx_do_filp_open+0x10/0x10 [ 1090.463181][T21213] ? find_held_lock+0x2d/0x110 [ 1090.463251][T21213] ? __pfx_kfree_link+0x10/0x10 [ 1090.463310][T21213] ? alloc_fd+0x41f/0x760 [ 1090.463355][T21213] do_sys_openat2+0x17a/0x1e0 [ 1090.463399][T21213] ? __pfx_do_sys_openat2+0x10/0x10 [ 1090.463458][T21213] __x64_sys_openat+0x175/0x210 [ 1090.463504][T21213] ? __pfx___x64_sys_openat+0x10/0x10 [ 1090.463565][T21213] do_syscall_64+0xcd/0x250 [ 1090.463620][T21213] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1090.463665][T21213] RIP: 0033:0x7fef8358cde9 [ 1090.463691][T21213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1090.463723][T21213] RSP: 002b:00007fef84409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1090.463753][T21213] RAX: ffffffffffffffda RBX: 00007fef837a6080 RCX: 00007fef8358cde9 [ 1090.463774][T21213] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1090.463794][T21213] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1090.463813][T21213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1090.463832][T21213] R13: 0000000000000000 R14: 00007fef837a6080 R15: 00007ffc421ee8c8 [ 1090.463872][T21213] [ 1090.463897][T21213] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1091.011700][T21224] can: request_module (can-proto-5) failed. [ 1092.166825][T21259] FAULT_INJECTION: forcing a failure. [ 1092.166825][T21259] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.180078][T21259] CPU: 1 UID: 0 PID: 21259 Comm: syz.6.3687 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1092.180121][T21259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1092.180141][T21259] Call Trace: [ 1092.180150][T21259] [ 1092.180162][T21259] dump_stack_lvl+0x16c/0x1f0 [ 1092.180221][T21259] should_fail_ex+0x50a/0x650 [ 1092.180260][T21259] ? fs_reclaim_acquire+0xae/0x150 [ 1092.180317][T21259] should_failslab+0xc2/0x120 [ 1092.180379][T21259] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1092.180433][T21259] ? rcu_is_watching+0x12/0xc0 [ 1092.180486][T21259] ? security_file_alloc+0x34/0x2b0 [ 1092.180533][T21259] security_file_alloc+0x34/0x2b0 [ 1092.180575][T21259] init_file+0x93/0x480 [ 1092.180619][T21259] alloc_empty_file+0x91/0x1e0 [ 1092.180667][T21259] alloc_file_pseudo+0x131/0x1e0 [ 1092.180717][T21259] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1092.180763][T21259] ? bpf_lsm_socket_post_create+0x9/0x10 [ 1092.180812][T21259] sock_alloc_file+0x50/0x1d0 [ 1092.180853][T21259] __sys_socketpair+0x31d/0x5a0 [ 1092.180905][T21259] ? __pfx___sys_socketpair+0x10/0x10 [ 1092.180956][T21259] ? xfd_validate_state+0x5d/0x180 [ 1092.181003][T21259] ? rcu_is_watching+0x12/0xc0 [ 1092.181061][T21259] __x64_sys_socketpair+0x96/0x100 [ 1092.181109][T21259] ? lockdep_hardirqs_on+0x7c/0x110 [ 1092.181160][T21259] do_syscall_64+0xcd/0x250 [ 1092.181194][T21259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1092.181240][T21259] RIP: 0033:0x7fef8358cde9 [ 1092.181266][T21259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1092.181300][T21259] RSP: 002b:00007fef8442a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1092.181332][T21259] RAX: ffffffffffffffda RBX: 00007fef837a5fa0 RCX: 00007fef8358cde9 [ 1092.181366][T21259] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1092.181388][T21259] RBP: 00007fef8360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1092.181409][T21259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1092.181438][T21259] R13: 0000000000000000 R14: 00007fef837a5fa0 R15: 00007ffc421ee8c8 [ 1092.181481][T21259] [ 1092.822242][T21273] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1095.070336][T21309] netlink: 252 bytes leftover after parsing attributes in process `syz.2.3698'. [ 1095.217442][T21310] FAULT_INJECTION: forcing a failure. [ 1095.217442][T21310] name failslab, interval 1, probability 0, space 0, times 0 [ 1095.293378][T21310] CPU: 1 UID: 0 PID: 21310 Comm: syz.7.3697 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1095.293423][T21310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1095.293443][T21310] Call Trace: [ 1095.293452][T21310] [ 1095.293465][T21310] dump_stack_lvl+0x16c/0x1f0 [ 1095.293521][T21310] should_fail_ex+0x50a/0x650 [ 1095.293560][T21310] ? fs_reclaim_acquire+0xae/0x150 [ 1095.293614][T21310] should_failslab+0xc2/0x120 [ 1095.293653][T21310] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1095.293689][T21310] ? lockdep_init_map_type+0x16d/0x7d0 [ 1095.293728][T21310] ? security_inode_alloc+0x3b/0x2b0 [ 1095.293764][T21310] security_inode_alloc+0x3b/0x2b0 [ 1095.293804][T21310] inode_init_always_gfp+0xce4/0x1030 [ 1095.293847][T21310] alloc_inode+0x82/0x230 [ 1095.293884][T21310] new_inode+0x22/0x210 [ 1095.293926][T21310] proc_get_inode+0x1d/0x7d0 [ 1095.293961][T21310] proc_lookup_de+0x13e/0x220 [ 1095.293994][T21310] ? __pfx_proc_tgid_net_lookup+0x10/0x10 [ 1095.294037][T21310] ? __pfx_proc_tgid_net_lookup+0x10/0x10 [ 1095.294076][T21310] proc_tgid_net_lookup+0x75/0x120 [ 1095.294118][T21310] lookup_open.isra.0+0x4d9/0x1580 [ 1095.294187][T21310] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1095.294246][T21310] ? path_openat+0x88a/0x2d80 [ 1095.294291][T21310] ? lookup_fast+0x153/0x5f0 [ 1095.294360][T21310] path_openat+0x904/0x2d80 [ 1095.294409][T21310] ? __pfx_path_openat+0x10/0x10 [ 1095.294444][T21310] ? __pfx___lock_acquire+0x10/0x10 [ 1095.294480][T21310] ? lock_acquire.part.0+0x11b/0x380 [ 1095.294517][T21310] ? find_held_lock+0x2d/0x110 [ 1095.294580][T21310] do_filp_open+0x20c/0x470 [ 1095.294616][T21310] ? __pfx_do_filp_open+0x10/0x10 [ 1095.294648][T21310] ? find_held_lock+0x2d/0x110 [ 1095.294708][T21310] ? __pfx_kfree_link+0x10/0x10 [ 1095.294761][T21310] ? alloc_fd+0x41f/0x760 [ 1095.294803][T21310] do_sys_openat2+0x17a/0x1e0 [ 1095.294845][T21310] ? __pfx_do_sys_openat2+0x10/0x10 [ 1095.294903][T21310] __x64_sys_openat+0x175/0x210 [ 1095.294946][T21310] ? __pfx___x64_sys_openat+0x10/0x10 [ 1095.295006][T21310] do_syscall_64+0xcd/0x250 [ 1095.295038][T21310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1095.295083][T21310] RIP: 0033:0x7f6f8c78cde9 [ 1095.295108][T21310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1095.295147][T21310] RSP: 002b:00007f6f8d654038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1095.295177][T21310] RAX: ffffffffffffffda RBX: 00007f6f8c9a6080 RCX: 00007f6f8c78cde9 [ 1095.295198][T21310] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1095.295217][T21310] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1095.295236][T21310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1095.295254][T21310] R13: 0000000000000000 R14: 00007f6f8c9a6080 R15: 00007ffc6d8d1b68 [ 1095.295293][T21310] [ 1096.229444][T21325] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1097.157293][T21344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 1097.166248][T21344] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1097.182576][T21344] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1097.197546][T21344] page_type: f5(slab) [ 1097.212488][T21344] raw: 00fff00000000040 ffff88801c283a00 dead000000000122 0000000000000000 [ 1097.221144][T21344] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 1097.241126][T21344] head: 00fff00000000040 ffff88801c283a00 dead000000000122 0000000000000000 [ 1097.250459][T21344] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 1097.269449][T21344] head: 00fff00000000002 ffffea0001e00001 ffffffffffffffff 0000000000000000 [ 1097.282031][T21344] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 1097.321810][T21344] page dumped because: unmovable page [ 1097.328202][T21344] page_owner tracks the page as allocated [ 1097.370310][T21344] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 5822, tgid 5822 (syz-executor), ts 82306192685, free_ts 31702941385 [ 1097.421295][T21344] post_alloc_hook+0x181/0x1b0 [ 1097.436363][T21344] get_page_from_freelist+0xfce/0x2f80 [ 1097.446476][T21344] __alloc_frozen_pages_noprof+0x221/0x2470 [ 1097.472800][T21344] alloc_pages_mpol+0x1fc/0x540 [ 1097.477735][T21344] new_slab+0x23d/0x330 [ 1097.506151][T21344] ___slab_alloc+0xbfa/0x1600 [ 1097.514102][T21344] __slab_alloc.constprop.0+0x56/0xb0 [ 1097.519553][T21344] kmem_cache_alloc_lru_noprof+0xf0/0x3b0 [ 1097.555856][T21344] alloc_inode+0xbf/0x230 [ 1097.560288][T21344] iget_locked+0x2ee/0x8a0 [ 1097.570478][T21344] kernfs_get_inode+0x48/0x460 [ 1097.589758][T21344] kernfs_iop_lookup+0x1ec/0x330 [ 1097.597222][T21344] __lookup_slow+0x24f/0x470 [ 1097.621706][T21344] walk_component+0x350/0x5b0 [ 1097.626460][T21344] path_lookupat+0x17f/0x770 [ 1097.645519][T21344] filename_lookup+0x221/0x5f0 [ 1097.659466][T21344] page last free pid 1 tgid 1 stack trace: [ 1097.673076][T21344] free_frozen_pages+0x6db/0xfb0 [ 1097.686640][T21344] free_contig_range+0x133/0x3f0 [ 1097.702004][T21344] destroy_args+0x66f/0x830 [ 1097.706580][T21344] debug_vm_pgtable+0x149c/0x2f20 [ 1097.725254][T21344] do_one_initcall+0x128/0x630 [ 1097.734859][T21344] kernel_init_freeable+0x58f/0x8b0 [ 1097.767293][T21344] kernel_init+0x1c/0x2b0 [ 1097.799346][T21344] ret_from_fork+0x45/0x80 [ 1097.799400][T21344] ret_from_fork_asm+0x1a/0x30 [ 1098.109298][T21366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3715'. [ 1098.501551][T21372] can: request_module (can-proto-5) failed. [ 1099.331586][T21387] ptrace attach of "./syz-executor exec"[17019] was attempted by "./syz-executor exec"[21387] [ 1099.590257][T21397] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1100.685984][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1100.701464][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1100.721175][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1100.733867][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1100.744273][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1100.754176][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1101.257869][T21409] chnl_net:caif_netlink_parms(): no params data found [ 1101.534036][T21406] Invalid ELF header magic: != ELF [ 1101.747781][T15575] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1101.943043][T21432] netlink: 252 bytes leftover after parsing attributes in process `syz.7.3731'. [ 1102.077467][T15575] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1102.118178][T21409] bridge0: port 1(bridge_slave_0) entered blocking state [ 1102.135673][T21409] bridge0: port 1(bridge_slave_0) entered disabled state [ 1102.153310][T21409] bridge_slave_0: entered allmulticast mode [ 1102.168467][T21409] bridge_slave_0: entered promiscuous mode [ 1102.185948][T21409] bridge0: port 2(bridge_slave_1) entered blocking state [ 1102.202573][T21409] bridge0: port 2(bridge_slave_1) entered disabled state [ 1102.228838][T21409] bridge_slave_1: entered allmulticast mode [ 1102.247679][T21409] bridge_slave_1: entered promiscuous mode [ 1102.329382][T15575] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1102.440717][T15575] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1102.561864][T21409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1102.597217][T21409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1102.695239][T21409] team0: Port device team_slave_0 added [ 1102.716338][T21409] team0: Port device team_slave_1 added [ 1102.843286][ T54] Bluetooth: hci3: command tx timeout [ 1103.023128][T21409] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1103.030138][T21409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1103.107137][T21409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1103.123562][T21409] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1103.130553][T21409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1103.157516][T21409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1103.310929][T15575] bridge_slave_1: left allmulticast mode [ 1103.320524][T15575] bridge_slave_1: left promiscuous mode [ 1103.328526][T15575] bridge0: port 2(bridge_slave_1) entered disabled state [ 1103.416381][T15575] bridge_slave_0: left allmulticast mode [ 1103.422151][T15575] bridge_slave_0: left promiscuous mode [ 1103.427912][T15575] bridge0: port 1(bridge_slave_0) entered disabled state [ 1104.647469][T15575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1104.671712][T15575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1104.746973][T15575] bond0 (unregistering): Released all slaves [ 1104.805961][T21409] hsr_slave_0: entered promiscuous mode [ 1104.866241][T21409] hsr_slave_1: entered promiscuous mode [ 1104.879181][T21409] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1104.889651][T21409] Cannot create hsr debugfs directory [ 1104.912329][ T54] Bluetooth: hci3: command tx timeout [ 1106.981499][ T54] Bluetooth: hci3: command tx timeout [ 1107.303944][T15575] hsr_slave_0: left promiscuous mode [ 1107.314450][T15575] hsr_slave_1: left promiscuous mode [ 1107.323649][T15575] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1107.343068][T15575] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1107.370389][T15575] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1107.398423][T15575] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1107.444223][T15575] veth1_macvtap: left promiscuous mode [ 1107.464119][T15575] veth0_macvtap: left promiscuous mode [ 1107.479218][T15575] veth1_vlan: left promiscuous mode [ 1107.484567][T15575] veth0_vlan: left promiscuous mode [ 1108.292390][T15575] team0 (unregistering): Port device team_slave_1 removed [ 1108.338963][T15575] team0 (unregistering): Port device team_slave_0 removed [ 1109.020004][T21537] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 1109.043890][T21409] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1109.065147][ T54] Bluetooth: hci3: command tx timeout [ 1109.099263][T21409] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1109.155809][T21409] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1109.239937][T21409] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1109.744457][T21409] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1109.896108][T21409] 8021q: adding VLAN 0 to HW filter on device team0 [ 1109.939111][T18590] bridge0: port 1(bridge_slave_0) entered blocking state [ 1109.946290][T18590] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1110.100484][T18590] bridge0: port 2(bridge_slave_1) entered blocking state [ 1110.107677][T18590] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1110.611466][T21409] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1110.896738][T21591] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1111.526953][T21409] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1112.461957][T21409] veth0_vlan: entered promiscuous mode [ 1112.624218][T21409] veth1_vlan: entered promiscuous mode [ 1112.772979][T21409] veth0_macvtap: entered promiscuous mode [ 1112.850412][T21409] veth1_macvtap: entered promiscuous mode [ 1112.945864][T21409] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1112.947352][T21658] FAULT_INJECTION: forcing a failure. [ 1112.947352][T21658] name failslab, interval 1, probability 0, space 0, times 0 [ 1112.983334][T21409] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1112.990329][T21658] CPU: 0 UID: 0 PID: 21658 Comm: syz.7.3774 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1112.990375][T21658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1112.990397][T21658] Call Trace: [ 1112.990406][T21658] [ 1112.990420][T21658] dump_stack_lvl+0x16c/0x1f0 [ 1112.990511][T21658] should_fail_ex+0x50a/0x650 [ 1112.990554][T21658] ? fs_reclaim_acquire+0xae/0x150 [ 1112.990616][T21658] should_failslab+0xc2/0x120 [ 1112.990661][T21658] __kmalloc_noprof+0xce/0x4f0 [ 1112.990697][T21658] ? lsm_blob_alloc+0x68/0x90 [ 1112.990751][T21658] lsm_blob_alloc+0x68/0x90 [ 1112.990796][T21658] security_sk_alloc+0x30/0x270 [ 1112.990851][T21658] sk_prot_alloc+0xfb/0x2a0 [ 1112.990899][T21658] sk_alloc+0x36/0xb90 [ 1112.990954][T21658] unix_create1+0xa6/0x6c0 [ 1112.990999][T21658] unix_create+0x10e/0x1d0 [ 1112.991042][T21658] __sock_create+0x335/0x8d0 [ 1112.991096][T21658] __sys_socketpair+0x25d/0x5a0 [ 1112.991149][T21658] ? __pfx___sys_socketpair+0x10/0x10 [ 1112.991200][T21658] ? xfd_validate_state+0x5d/0x180 [ 1112.991247][T21658] ? rcu_is_watching+0x12/0xc0 [ 1112.991307][T21658] __x64_sys_socketpair+0x96/0x100 [ 1112.991357][T21658] ? lockdep_hardirqs_on+0x7c/0x110 [ 1112.991409][T21658] do_syscall_64+0xcd/0x250 [ 1112.991444][T21658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1112.991497][T21658] RIP: 0033:0x7f6f8c78cde9 [ 1112.991524][T21658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1112.991556][T21658] RSP: 002b:00007f6f8d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1112.991587][T21658] RAX: ffffffffffffffda RBX: 00007f6f8c9a5fa0 RCX: 00007f6f8c78cde9 [ 1112.991609][T21658] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1112.991631][T21658] RBP: 00007f6f8c80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1112.991651][T21658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1112.991672][T21658] R13: 0000000000000000 R14: 00007f6f8c9a5fa0 R15: 00007ffc6d8d1b68 [ 1112.991712][T21658] [ 1113.278407][T21668] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1113.347187][T21409] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1113.368290][T21409] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1113.385775][T21409] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1113.398518][T21409] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1113.460453][T21409] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1113.512201][T21409] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1113.538785][T21409] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1113.582632][T21409] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1113.602746][T21409] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1113.624233][T21409] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1113.654076][T21409] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1113.673914][T21409] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1113.763592][T21409] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1113.776057][T21409] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1113.805313][T21409] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1113.834531][T21409] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1114.365397][T15587] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1114.378343][T15587] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1114.513997][T15577] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1114.522144][T15577] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1115.584189][T21706] FAULT_INJECTION: forcing a failure. [ 1115.584189][T21706] name failslab, interval 1, probability 0, space 0, times 0 [ 1115.628731][T21706] CPU: 0 UID: 0 PID: 21706 Comm: syz.6.3778 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1115.628778][T21706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1115.628799][T21706] Call Trace: [ 1115.628810][T21706] [ 1115.628823][T21706] dump_stack_lvl+0x16c/0x1f0 [ 1115.628881][T21706] should_fail_ex+0x50a/0x650 [ 1115.628921][T21706] ? fs_reclaim_acquire+0xae/0x150 [ 1115.628992][T21706] should_failslab+0xc2/0x120 [ 1115.629034][T21706] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1115.629075][T21706] ? rcu_is_watching+0x12/0xc0 [ 1115.629124][T21706] ? security_file_alloc+0x34/0x2b0 [ 1115.629169][T21706] security_file_alloc+0x34/0x2b0 [ 1115.629208][T21706] init_file+0x93/0x480 [ 1115.629251][T21706] alloc_empty_file+0x91/0x1e0 [ 1115.629298][T21706] alloc_file_pseudo+0x131/0x1e0 [ 1115.629344][T21706] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1115.629387][T21706] ? bpf_lsm_socket_post_create+0x9/0x10 [ 1115.629433][T21706] sock_alloc_file+0x50/0x1d0 [ 1115.629473][T21706] __sys_socketpair+0x34f/0x5a0 [ 1115.629541][T21706] ? __pfx___sys_socketpair+0x10/0x10 [ 1115.629588][T21706] ? xfd_validate_state+0x5d/0x180 [ 1115.629631][T21706] ? rcu_is_watching+0x12/0xc0 [ 1115.629685][T21706] __x64_sys_socketpair+0x96/0x100 [ 1115.629731][T21706] ? lockdep_hardirqs_on+0x7c/0x110 [ 1115.629779][T21706] do_syscall_64+0xcd/0x250 [ 1115.629810][T21706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1115.629854][T21706] RIP: 0033:0x7f18a778cde9 [ 1115.629879][T21706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1115.629910][T21706] RSP: 002b:00007f18a8541038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1115.629940][T21706] RAX: ffffffffffffffda RBX: 00007f18a79a5fa0 RCX: 00007f18a778cde9 [ 1115.629960][T21706] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1115.629979][T21706] RBP: 00007f18a780e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1115.629998][T21706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1115.630016][T21706] R13: 0000000000000000 R14: 00007f18a79a5fa0 R15: 00007ffff741c688 [ 1115.630053][T21706] [ 1116.006099][ T5837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1116.016859][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1116.029584][ T5837] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1116.038873][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1116.047958][ T5837] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1116.057426][ T5837] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1116.427812][T21710] chnl_net:caif_netlink_parms(): no params data found [ 1116.724974][T21710] bridge0: port 1(bridge_slave_0) entered blocking state [ 1116.764405][T21710] bridge0: port 1(bridge_slave_0) entered disabled state [ 1116.790807][T21710] bridge_slave_0: entered allmulticast mode [ 1116.811419][T21710] bridge_slave_0: entered promiscuous mode [ 1116.880405][T21710] bridge0: port 2(bridge_slave_1) entered blocking state [ 1116.902707][T21710] bridge0: port 2(bridge_slave_1) entered disabled state [ 1116.921856][T21710] bridge_slave_1: entered allmulticast mode [ 1116.931070][T21710] bridge_slave_1: entered promiscuous mode [ 1116.985586][T21710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1117.008582][T21710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1117.147197][T21710] team0: Port device team_slave_0 added [ 1117.179981][T21710] team0: Port device team_slave_1 added [ 1117.288422][T21710] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1117.305298][T21710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1117.332653][T21710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1117.360382][T21710] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1117.374757][T21710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1117.424192][T21710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1117.591703][T21710] hsr_slave_0: entered promiscuous mode [ 1117.613582][T21710] hsr_slave_1: entered promiscuous mode [ 1118.091052][T21710] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1118.123726][ T5837] Bluetooth: hci4: command tx timeout [ 1118.267019][T21710] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1118.766387][T21710] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1119.034950][T21710] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1119.069067][T21784] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3802'. [ 1119.596121][T21710] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1119.675868][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1119.682331][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1119.683352][T21710] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1119.761150][T21710] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1119.817020][T21710] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1120.202923][ T5837] Bluetooth: hci4: command tx timeout [ 1120.350785][T21710] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1120.496102][T21710] 8021q: adding VLAN 0 to HW filter on device team0 [ 1120.547798][T15575] bridge0: port 1(bridge_slave_0) entered blocking state [ 1120.554989][T15575] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1120.589594][T15575] bridge0: port 2(bridge_slave_1) entered blocking state [ 1120.596788][T15575] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1121.058509][T21710] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1121.183080][T21829] FAULT_INJECTION: forcing a failure. [ 1121.183080][T21829] name failslab, interval 1, probability 0, space 0, times 0 [ 1121.234484][T21829] CPU: 1 UID: 0 PID: 21829 Comm: syz.6.3811 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1121.234527][T21829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1121.234563][T21829] Call Trace: [ 1121.234572][T21829] [ 1121.234585][T21829] dump_stack_lvl+0x16c/0x1f0 [ 1121.234642][T21829] should_fail_ex+0x50a/0x650 [ 1121.234694][T21829] ? fs_reclaim_acquire+0xae/0x150 [ 1121.234749][T21829] should_failslab+0xc2/0x120 [ 1121.234791][T21829] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1121.234829][T21829] ? rcu_is_watching+0x12/0xc0 [ 1121.234876][T21829] ? security_file_alloc+0x34/0x2b0 [ 1121.234973][T21829] security_file_alloc+0x34/0x2b0 [ 1121.235016][T21829] init_file+0x93/0x480 [ 1121.235064][T21829] alloc_empty_file+0x91/0x1e0 [ 1121.235109][T21829] alloc_file_pseudo+0x131/0x1e0 [ 1121.235157][T21829] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1121.235203][T21829] ? do_raw_spin_unlock+0x172/0x230 [ 1121.235256][T21829] __anon_inode_getfile+0xf8/0x370 [ 1121.235295][T21829] do_eventfd+0x199/0x2f0 [ 1121.235334][T21829] __x64_sys_eventfd+0x32/0x50 [ 1121.235372][T21829] do_syscall_64+0xcd/0x250 [ 1121.235404][T21829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1121.235450][T21829] RIP: 0033:0x7f18a778cde9 [ 1121.235475][T21829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1121.235505][T21829] RSP: 002b:00007f18a8541038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 1121.235534][T21829] RAX: ffffffffffffffda RBX: 00007f18a79a5fa0 RCX: 00007f18a778cde9 [ 1121.235555][T21829] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1121.235573][T21829] RBP: 00007f18a780e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1121.235591][T21829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1121.235609][T21829] R13: 0000000000000000 R14: 00007f18a79a5fa0 R15: 00007ffff741c688 [ 1121.235646][T21829] [ 1121.553632][T21836] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1121.963030][T21710] veth0_vlan: entered promiscuous mode [ 1122.007969][T21710] veth1_vlan: entered promiscuous mode [ 1122.058035][T21710] veth0_macvtap: entered promiscuous mode [ 1122.082700][T21710] veth1_macvtap: entered promiscuous mode [ 1122.132148][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1122.152719][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.174706][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1122.232924][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.262206][ T54] Bluetooth: hci4: command tx timeout [ 1122.273866][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1122.318630][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.364062][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1122.411281][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.433688][T21710] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1122.488755][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1122.539511][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.549737][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1122.560760][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.571053][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1122.600433][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.614741][T21710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1122.636866][T21710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.659510][T21710] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1122.750992][T21710] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.786740][T21710] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.818119][T21710] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.858992][T21710] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1123.123888][T21185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1123.145287][T21185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1123.236802][T15575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1123.259797][T15575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1124.152927][T21884] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1124.334243][ T54] Bluetooth: hci4: command tx timeout [ 1126.122789][T21914] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1126.849803][T21918] netlink: 1204 bytes leftover after parsing attributes in process `syz.4.3827'. [ 1128.692483][T21958] HfR: entered promiscuous mode [ 1128.704524][T21958] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3838'. [ 1128.723965][T21958] HfR: left promiscuous mode [ 1129.356188][T21966] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1131.056578][T21986] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1132.660074][T22011] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3850'. [ 1132.739292][T22008] HfR: entered promiscuous mode [ 1132.767737][T22011] HfR: left promiscuous mode [ 1134.584148][T22029] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1136.459862][T22046] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1137.326057][T22054] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1142.259463][T22125] FAULT_INJECTION: forcing a failure. [ 1142.259463][T22125] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.357715][T22125] CPU: 1 UID: 0 PID: 22125 Comm: syz.7.3876 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1142.357761][T22125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1142.357782][T22125] Call Trace: [ 1142.357792][T22125] [ 1142.357805][T22125] dump_stack_lvl+0x16c/0x1f0 [ 1142.357864][T22125] should_fail_ex+0x50a/0x650 [ 1142.357905][T22125] ? fs_reclaim_acquire+0xae/0x150 [ 1142.357974][T22125] should_failslab+0xc2/0x120 [ 1142.358016][T22125] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1142.358064][T22125] ? rcu_is_watching+0x12/0xc0 [ 1142.358110][T22125] ? seq_open+0x55/0x170 [ 1142.358155][T22125] seq_open+0x55/0x170 [ 1142.358197][T22125] __seq_open_private+0x3e/0xd0 [ 1142.358241][T22125] seq_open_net+0x30a/0x4e0 [ 1142.358279][T22125] ? __pfx_seq_open_net+0x10/0x10 [ 1142.358314][T22125] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 1142.358367][T22125] ? kmem_cache_alloc_noprof+0x21b/0x3b0 [ 1142.358402][T22125] ? __pfx_apparmor_file_open+0x10/0x10 [ 1142.358435][T22125] ? proc_reg_open+0x21d/0x610 [ 1142.358466][T22125] ? __pfx_seq_open_net+0x10/0x10 [ 1142.358505][T22125] proc_reg_open+0x286/0x610 [ 1142.358539][T22125] do_dentry_open+0x735/0x1c40 [ 1142.358572][T22125] ? __pfx_proc_reg_open+0x10/0x10 [ 1142.358605][T22125] ? inode_permission+0xdd/0x5f0 [ 1142.358650][T22125] vfs_open+0x82/0x3f0 [ 1142.358699][T22125] ? may_open+0x1f2/0x400 [ 1142.358768][T22125] path_openat+0x1e88/0x2d80 [ 1142.358817][T22125] ? __pfx_path_openat+0x10/0x10 [ 1142.358853][T22125] ? __pfx___lock_acquire+0x10/0x10 [ 1142.358890][T22125] ? lock_acquire.part.0+0x11b/0x380 [ 1142.358929][T22125] ? find_held_lock+0x2d/0x110 [ 1142.358984][T22125] do_filp_open+0x20c/0x470 [ 1142.359029][T22125] ? __pfx_do_filp_open+0x10/0x10 [ 1142.359060][T22125] ? find_held_lock+0x2d/0x110 [ 1142.359118][T22125] ? __pfx_kfree_link+0x10/0x10 [ 1142.359170][T22125] ? alloc_fd+0x41f/0x760 [ 1142.359209][T22125] do_sys_openat2+0x17a/0x1e0 [ 1142.359250][T22125] ? __pfx_do_sys_openat2+0x10/0x10 [ 1142.359305][T22125] __x64_sys_openat+0x175/0x210 [ 1142.359347][T22125] ? __pfx___x64_sys_openat+0x10/0x10 [ 1142.359404][T22125] do_syscall_64+0xcd/0x250 [ 1142.359435][T22125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1142.359479][T22125] RIP: 0033:0x7f35ae58cde9 [ 1142.359503][T22125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1142.359533][T22125] RSP: 002b:00007f35af4ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1142.359561][T22125] RAX: ffffffffffffffda RBX: 00007f35ae7a6080 RCX: 00007f35ae58cde9 [ 1142.359581][T22125] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1142.359600][T22125] RBP: 00007f35ae60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1142.359618][T22125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1142.359635][T22125] R13: 0000000000000000 R14: 00007f35ae7a6080 R15: 00007ffcc46b4438 [ 1142.359671][T22125] [ 1143.717213][T22131] netlink: 342 bytes leftover after parsing attributes in process `syz.6.3879'. [ 1145.275473][T22156] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1145.486685][T22158] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1148.642379][T22194] bridge0: port 3(team0) entered blocking state [ 1148.662537][T22194] bridge0: port 3(team0) entered disabled state [ 1148.674982][T22194] team0: entered allmulticast mode [ 1148.692096][T22194] team_slave_0: entered allmulticast mode [ 1148.720715][T22194] team_slave_1: entered allmulticast mode [ 1148.776619][T22194] team0: entered promiscuous mode [ 1148.814744][T22203] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3894'. [ 1148.837117][T22194] team_slave_0: entered promiscuous mode [ 1148.863955][T22194] team_slave_1: entered promiscuous mode [ 1148.891464][T22194] bridge0: port 3(team0) entered blocking state [ 1148.898031][T22194] bridge0: port 3(team0) entered forwarding state [ 1149.081382][T22201] HfR: entered promiscuous mode [ 1149.128048][T22203] HfR: left promiscuous mode [ 1151.508046][T22254] HfR: entered promiscuous mode [ 1151.582990][T22254] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3905'. [ 1151.609577][T22254] HfR: left promiscuous mode [ 1151.710866][T22261] snd_aloop snd_aloop.0: control 0:1:8:1Յ:-4095 is already present [ 1153.230624][T22299] HfR: entered promiscuous mode [ 1153.279678][T22291] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3918'. [ 1153.292926][T22291] HfR: left promiscuous mode [ 1153.364287][T22300] openvswitch: netlink: Tunnel attr 1024 out of range max 16 [ 1153.559523][T22308] ptrace attach of "./syz-executor exec"[16761] was attempted by "./syz-executor exec"[22308] [ 1155.141526][T22342] ================================================================== [ 1155.149648][T22342] BUG: KASAN: slab-use-after-free in msft_opcode_get+0x6d/0x80 [ 1155.157238][T22342] Read of size 2 at addr ffff88807d8aba32 by task syz.7.3931/22342 [ 1155.165160][T22342] [ 1155.167528][T22342] CPU: 0 UID: 0 PID: 22342 Comm: syz.7.3931 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1155.167582][T22342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1155.167602][T22342] Call Trace: [ 1155.167613][T22342] [ 1155.167625][T22342] dump_stack_lvl+0x116/0x1f0 [ 1155.167698][T22342] print_report+0xc3/0x620 [ 1155.167755][T22342] ? __virt_addr_valid+0x5e/0x590 [ 1155.167787][T22342] ? __phys_addr+0xc6/0x150 [ 1155.167818][T22342] kasan_report+0xd9/0x110 [ 1155.167858][T22342] ? msft_opcode_get+0x6d/0x80 [ 1155.167894][T22342] ? msft_opcode_get+0x6d/0x80 [ 1155.167935][T22342] msft_opcode_get+0x6d/0x80 [ 1155.167970][T22342] ? __pfx_msft_opcode_get+0x10/0x10 [ 1155.168018][T22342] simple_attr_read+0x169/0x300 [ 1155.168066][T22342] ? __debugfs_file_get+0x1ff/0x850 [ 1155.168117][T22342] ? __pfx_simple_attr_read+0x10/0x10 [ 1155.168165][T22342] ? __debugfs_file_get+0x1ff/0x850 [ 1155.168216][T22342] ? __pfx___debugfs_file_get+0x10/0x10 [ 1155.168270][T22342] debugfs_attr_read+0x76/0xa0 [ 1155.168301][T22342] full_proxy_read+0x13c/0x200 [ 1155.168330][T22342] ? __pfx_full_proxy_read+0x10/0x10 [ 1155.168361][T22342] vfs_read+0x1df/0xbf0 [ 1155.168391][T22342] ? __fget_files+0x1fc/0x3a0 [ 1155.168424][T22342] ? __pfx___mutex_lock+0x10/0x10 [ 1155.168475][T22342] ? __pfx_vfs_read+0x10/0x10 [ 1155.168509][T22342] ? __fget_files+0x206/0x3a0 [ 1155.168547][T22342] ksys_read+0x12b/0x250 [ 1155.168577][T22342] ? __pfx_ksys_read+0x10/0x10 [ 1155.168613][T22342] do_syscall_64+0xcd/0x250 [ 1155.168643][T22342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1155.168690][T22342] RIP: 0033:0x7f35ae58cde9 [ 1155.168715][T22342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1155.168753][T22342] RSP: 002b:00007f35af4cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1155.168784][T22342] RAX: ffffffffffffffda RBX: 00007f35ae7a5fa0 RCX: 00007f35ae58cde9 [ 1155.168805][T22342] RDX: 000000000000ffff RSI: 0000200000006740 RDI: 0000000000000006 [ 1155.168825][T22342] RBP: 00007f35ae60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1155.168845][T22342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1155.168863][T22342] R13: 0000000000000000 R14: 00007f35ae7a5fa0 R15: 00007ffcc46b4438 [ 1155.168891][T22342] [ 1155.168903][T22342] [ 1155.399473][T22342] Allocated by task 22224: [ 1155.403901][T22342] kasan_save_stack+0x33/0x60 [ 1155.408595][T22342] kasan_save_track+0x14/0x30 [ 1155.413286][T22342] __kasan_kmalloc+0xaa/0xb0 [ 1155.417896][T22342] __kmalloc_noprof+0x21a/0x4f0 [ 1155.422765][T22342] ieee802_11_parse_elems_full+0xe6/0x1860 [ 1155.428604][T22342] ieee80211_inform_bss+0xf1/0x10f0 [ 1155.433828][T22342] cfg80211_inform_single_bss_data+0x8b1/0x1e40 [ 1155.440079][T22342] cfg80211_inform_bss_data+0x254/0x3e50 [ 1155.445727][T22342] cfg80211_inform_bss_frame_data+0x252/0x8a0 [ 1155.451819][T22342] ieee80211_bss_info_update+0x311/0xab0 [ 1155.457484][T22342] ieee80211_scan_rx+0x474/0xac0 [ 1155.462449][T22342] ieee80211_rx_list+0x1bac/0x2990 [ 1155.467595][T22342] ieee80211_rx_napi+0xdd/0x400 [ 1155.472473][T22342] ieee80211_handle_queued_frames+0xd5/0x130 [ 1155.478496][T22342] tasklet_action_common+0x251/0x3f0 [ 1155.483830][T22342] handle_softirqs+0x213/0x8f0 [ 1155.488617][T22342] do_softirq+0xb2/0xf0 [ 1155.492788][T22342] __local_bh_enable_ip+0x100/0x120 [ 1155.498008][T22342] __dev_queue_xmit+0x8b0/0x43e0 [ 1155.502967][T22342] ip6_finish_output2+0xed5/0x2090 [ 1155.508091][T22342] ip6_finish_output+0x3f9/0x1360 [ 1155.513125][T22342] ip6_output+0x1f8/0x540 [ 1155.517472][T22342] ip6_local_out+0xcd/0x4a0 [ 1155.521989][T22342] ip6_send_skb+0x112/0x460 [ 1155.526502][T22342] udp_v6_send_skb+0x8ff/0x1810 [ 1155.531373][T22342] udpv6_sendmsg+0x25aa/0x3090 [ 1155.536161][T22342] inet6_sendmsg+0x105/0x140 [ 1155.540775][T22342] ____sys_sendmsg+0x649/0xb40 [ 1155.545555][T22342] ___sys_sendmsg+0x135/0x1e0 [ 1155.550239][T22342] __sys_sendmmsg+0x201/0x420 [ 1155.554922][T22342] __x64_sys_sendmmsg+0x9c/0x100 [ 1155.559869][T22342] do_syscall_64+0xcd/0x250 [ 1155.564384][T22342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1155.570304][T22342] [ 1155.572637][T22342] Freed by task 22224: [ 1155.576707][T22342] kasan_save_stack+0x33/0x60 [ 1155.581403][T22342] kasan_save_track+0x14/0x30 [ 1155.586095][T22342] kasan_save_free_info+0x3b/0x60 [ 1155.591143][T22342] __kasan_slab_free+0x51/0x70 [ 1155.595924][T22342] kfree+0x2c4/0x4d0 [ 1155.599832][T22342] ieee80211_inform_bss+0xa36/0x10f0 [ 1155.605136][T22342] cfg80211_inform_single_bss_data+0x8b1/0x1e40 [ 1155.611386][T22342] cfg80211_inform_bss_data+0x254/0x3e50 [ 1155.617026][T22342] cfg80211_inform_bss_frame_data+0x252/0x8a0 [ 1155.623102][T22342] ieee80211_bss_info_update+0x311/0xab0 [ 1155.628754][T22342] ieee80211_scan_rx+0x474/0xac0 [ 1155.633716][T22342] ieee80211_rx_list+0x1bac/0x2990 [ 1155.638870][T22342] ieee80211_rx_napi+0xdd/0x400 [ 1155.643826][T22342] ieee80211_handle_queued_frames+0xd5/0x130 [ 1155.649823][T22342] tasklet_action_common+0x251/0x3f0 [ 1155.655141][T22342] handle_softirqs+0x213/0x8f0 [ 1155.659926][T22342] do_softirq+0xb2/0xf0 [ 1155.664094][T22342] __local_bh_enable_ip+0x100/0x120 [ 1155.669310][T22342] __dev_queue_xmit+0x8b0/0x43e0 [ 1155.674284][T22342] ip6_finish_output2+0xed5/0x2090 [ 1155.679413][T22342] ip6_finish_output+0x3f9/0x1360 [ 1155.684451][T22342] ip6_output+0x1f8/0x540 [ 1155.688814][T22342] ip6_local_out+0xcd/0x4a0 [ 1155.693336][T22342] ip6_send_skb+0x112/0x460 [ 1155.697860][T22342] udp_v6_send_skb+0x8ff/0x1810 [ 1155.702750][T22342] udpv6_sendmsg+0x25aa/0x3090 [ 1155.707558][T22342] inet6_sendmsg+0x105/0x140 [ 1155.712268][T22342] ____sys_sendmsg+0x649/0xb40 [ 1155.717051][T22342] ___sys_sendmsg+0x135/0x1e0 [ 1155.721743][T22342] __sys_sendmmsg+0x201/0x420 [ 1155.726440][T22342] __x64_sys_sendmmsg+0x9c/0x100 [ 1155.731394][T22342] do_syscall_64+0xcd/0x250 [ 1155.736082][T22342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1155.742019][T22342] [ 1155.744358][T22342] The buggy address belongs to the object at ffff88807d8ab800 [ 1155.744358][T22342] which belongs to the cache kmalloc-1k of size 1024 [ 1155.758419][T22342] The buggy address is located 562 bytes inside of [ 1155.758419][T22342] freed 1024-byte region [ffff88807d8ab800, ffff88807d8abc00) [ 1155.772312][T22342] [ 1155.774637][T22342] The buggy address belongs to the physical page: [ 1155.781044][T22342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d8a8 [ 1155.789809][T22342] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1155.798311][T22342] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1155.805888][T22342] page_type: f5(slab) [ 1155.809887][T22342] raw: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122 [ 1155.818662][T22342] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1155.827261][T22342] head: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122 [ 1155.835958][T22342] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1155.844658][T22342] head: 00fff00000000003 ffffea0001f62a01 ffffffffffffffff 0000000000000000 [ 1155.853343][T22342] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 1155.862017][T22342] page dumped because: kasan: bad access detected [ 1155.868428][T22342] page_owner tracks the page as allocated [ 1155.874145][T22342] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5832, tgid 5832 (syz-executor), ts 89525318859, free_ts 89445387509 [ 1155.894923][T22342] post_alloc_hook+0x181/0x1b0 [ 1155.899712][T22342] get_page_from_freelist+0xfce/0x2f80 [ 1155.905197][T22342] __alloc_frozen_pages_noprof+0x221/0x2470 [ 1155.911111][T22342] alloc_pages_mpol+0x1fc/0x540 [ 1155.916027][T22342] new_slab+0x23d/0x330 [ 1155.920194][T22342] ___slab_alloc+0xbfa/0x1600 [ 1155.924877][T22342] __slab_alloc.constprop.0+0x56/0xb0 [ 1155.930261][T22342] __kmalloc_node_track_caller_noprof+0x2ee/0x520 [ 1155.936699][T22342] kmalloc_reserve+0xef/0x2c0 [ 1155.941418][T22342] __alloc_skb+0x164/0x380 [ 1155.945844][T22342] inet6_rt_notify+0xc7/0x260 [ 1155.950543][T22342] fib6_add+0x251d/0x4b20 [ 1155.954898][T22342] ip6_ins_rt+0xb6/0x110 [ 1155.959150][T22342] __ipv6_ifa_notify+0x9d8/0xc30 [ 1155.964142][T22342] add_addr+0x245/0x350 [ 1155.968326][T22342] add_v4_addrs+0x71a/0xa00 [ 1155.972854][T22342] page last free pid 5878 tgid 5878 stack trace: [ 1155.979182][T22342] free_frozen_pages+0x6db/0xfb0 [ 1155.984150][T22342] __put_partials+0x14c/0x170 [ 1155.988841][T22342] qlist_free_all+0x4e/0x120 [ 1155.993455][T22342] kasan_quarantine_reduce+0x195/0x1e0 [ 1155.998926][T22342] __kasan_slab_alloc+0x69/0x90 [ 1156.003798][T22342] kmem_cache_alloc_noprof+0x1c8/0x3b0 [ 1156.009281][T22342] getname_flags.part.0+0x4c/0x550 [ 1156.014445][T22342] getname+0x8d/0xe0 [ 1156.018352][T22342] vfs_fstatat+0xdf/0xf0 [ 1156.022610][T22342] __do_sys_newfstatat+0xa2/0x130 [ 1156.027658][T22342] do_syscall_64+0xcd/0x250 [ 1156.032172][T22342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.038091][T22342] [ 1156.040419][T22342] Memory state around the buggy address: [ 1156.046060][T22342] ffff88807d8ab900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1156.054131][T22342] ffff88807d8ab980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1156.062201][T22342] >ffff88807d8aba00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1156.070352][T22342] ^ [ 1156.075992][T22342] ffff88807d8aba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1156.084066][T22342] ffff88807d8abb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1156.092134][T22342] ================================================================== [ 1156.209546][T22342] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1156.216796][T22342] CPU: 1 UID: 0 PID: 22342 Comm: syz.7.3931 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 1156.227696][T22342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1156.237794][T22342] Call Trace: [ 1156.241195][T22342] [ 1156.244160][T22342] dump_stack_lvl+0x3d/0x1f0 [ 1156.248832][T22342] panic+0x71d/0x800 [ 1156.252773][T22342] ? __pfx_panic+0x10/0x10 [ 1156.257239][T22342] ? preempt_schedule_thunk+0x1a/0x30 [ 1156.262694][T22342] ? preempt_schedule_common+0x44/0xc0 [ 1156.268212][T22342] check_panic_on_warn+0xab/0xb0 [ 1156.273199][T22342] end_report+0x117/0x180 [ 1156.277586][T22342] kasan_report+0xe9/0x110 [ 1156.282058][T22342] ? msft_opcode_get+0x6d/0x80 [ 1156.286869][T22342] ? msft_opcode_get+0x6d/0x80 [ 1156.291686][T22342] msft_opcode_get+0x6d/0x80 [ 1156.296322][T22342] ? __pfx_msft_opcode_get+0x10/0x10 [ 1156.301656][T22342] simple_attr_read+0x169/0x300 [ 1156.306570][T22342] ? __debugfs_file_get+0x1ff/0x850 [ 1156.311831][T22342] ? __pfx_simple_attr_read+0x10/0x10 [ 1156.317265][T22342] ? __debugfs_file_get+0x1ff/0x850 [ 1156.322519][T22342] ? __pfx___debugfs_file_get+0x10/0x10 [ 1156.328113][T22342] debugfs_attr_read+0x76/0xa0 [ 1156.332890][T22342] full_proxy_read+0x13c/0x200 [ 1156.337668][T22342] ? __pfx_full_proxy_read+0x10/0x10 [ 1156.342970][T22342] vfs_read+0x1df/0xbf0 [ 1156.347146][T22342] ? __fget_files+0x1fc/0x3a0 [ 1156.351841][T22342] ? __pfx___mutex_lock+0x10/0x10 [ 1156.356896][T22342] ? __pfx_vfs_read+0x10/0x10 [ 1156.361590][T22342] ? __fget_files+0x206/0x3a0 [ 1156.366292][T22342] ksys_read+0x12b/0x250 [ 1156.370564][T22342] ? __pfx_ksys_read+0x10/0x10 [ 1156.375352][T22342] do_syscall_64+0xcd/0x250 [ 1156.379872][T22342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.385793][T22342] RIP: 0033:0x7f35ae58cde9 [ 1156.390222][T22342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1156.409852][T22342] RSP: 002b:00007f35af4cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1156.418302][T22342] RAX: ffffffffffffffda RBX: 00007f35ae7a5fa0 RCX: 00007f35ae58cde9 [ 1156.426288][T22342] RDX: 000000000000ffff RSI: 0000200000006740 RDI: 0000000000000006 [ 1156.434268][T22342] RBP: 00007f35ae60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1156.442243][T22342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1156.450224][T22342] R13: 0000000000000000 R14: 00007f35ae7a5fa0 R15: 00007ffcc46b4438 [ 1156.458218][T22342] [ 1156.461574][T22342] Kernel Offset: disabled [ 1156.465903][T22342] Rebooting in 86400 seconds..