last executing test programs: 5.512338859s ago: executing program 3 (id=2084): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) r1 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=r0, 0x4, @old_prog_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) socket(0x1d, 0x2, 0x2) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, r3, 0x201, 0x70bd2a, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0xa}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004054}, 0x480b0) 5.25968286s ago: executing program 3 (id=2086): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x10000000001ff, 0x7c9, 0x25, 0x4909b6f5, 0x1ffde, 0x5, 0x3, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0xffffff28, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffff3ff, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x2, 0xffff, 0x10, 0x0, 0x0, 0x10000, 0x0, 0xfffffffffffffffd, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x9) r0 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r0, @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40008004}, 0x8000) r1 = socket(0x10, 0x2, 0x0) setsockopt$auto_SO_RXQ_OVFL(r1, 0x1, 0x28, 0x0, 0x7) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) clone$auto(0x7e72, 0x200, 0x0, 0x0, 0xe8c) close_range$auto(0x2, r1, 0x800) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r4 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r4, 0x29, 0xd1, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x454, 0x9) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) r5 = ioctl$auto_KVM_CREATE_VM(r2, 0x4004ae99, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(r0, 0x8, 0x10000) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2) io_uring_enter$auto(0x3, 0x1, 0x82400001, 0x0, 0x0, 0x18) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000080), r5) unshare$auto(0x40000080) 5.208204287s ago: executing program 2 (id=2087): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x9, 0x0) fsopen$auto(0x0, 0x1) mmap$auto(0xfffffffffffffffb, 0x2, 0x100000021, 0x400009b75, 0xea8a, 0x8000) r0 = socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x20) r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, r2, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40010) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty26\x00', 0x40002, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x78741, 0x0) fsconfig$auto_SHMEM_HUGE_FORCE(r4, 0x6, 0x0, &(0x7f0000000840), 0xfffffffffffffffe) kexec_load$auto(0x9, 0x0, 0x0, 0x1003dfffe) ioctl$auto_TIOCVHANGUP2(r4, 0x5437, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socket(0xf, 0x3, 0x2) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xe, 0xb, &(0x7f0000000180)={0xffffffffffffffff, 0x10}) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000007c0)="dec8c1943b506aeb066db1944b039854d328881581f4f797d7e37732a7831453a165e15192a8a08f2797bf9a9c5b0ca9d9655174c3d8cce51a6fc31d8000afa8ba4f48494da9f9009a99") openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) 5.162026914s ago: executing program 1 (id=2088): unshare$auto(0x100) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), r0) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYRESOCT=r0, @ANYRESDEC, @ANYBLOB="050725bd7000fbdbdf251c000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000440), r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000200), r0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r3, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000e741e56ea322123936a01140a91ec6fc116a2cb7ab05c500eceff165c3abbf0b1e08a216dc785335e905ac42301ae34c8a835499e149cd22b52531ea15e7f702f57578b913bc20454d0c34632ee50b6282c14d1412d740285301a35657dff4c2bc10784a9ddba7f80d4202cbb604b90010d07303dc5bef249843df1ac7940513314c11b529b440cc0d7182e4d1111cd3b17d460d404d706d67a37d790b1213e82d8ab3a38e43331ca2429a6d1921ca2153b55db072fdea2c9332e7ffb6cd736b00fde046cc49408cac8c872bdb4dce431afd9e36205e943cd9b985abb2334b1824e294cf8d42b193a344a258f2e322f1311a8159c3685a62e09241b348067c9aaa", @ANYRES16=r4, @ANYBLOB="010028bd7000ffdbdf2506001000"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000) sendmsg$auto_NFSD_CMD_THREADS_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80088d5}, 0x24040020) write$auto(r0, 0x0, 0x5) mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_XFS_IOC_ERROR_INJECTION(0xffffffffffffffff, 0x40085874, &(0x7f0000000100)) splice$auto(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f0000000140)=0x9, 0x9, 0x1004f) sendfile$auto(0xffffffffffffffff, r5, 0x0, 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x4, 0x1000, 0xe1, 0x18, r2, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty28\x00', 0x32fd42, 0x0) write$auto(0x3, 0x0, 0x7ffffffa) r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_WRITE(r6, 0x40085507, &(0x7f0000000080)={0x1, 0x0, 0x9}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r7) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRESHEX=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4004884) 4.918085284s ago: executing program 0 (id=2089): r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) readv$auto(r0, &(0x7f0000000040)={0x0, 0x203}, 0xb) 4.68229935s ago: executing program 1 (id=2090): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x1, 0x106) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x2b, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) listen$auto(r0, 0x7) accept$auto(r0, 0x0, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) setfsuid$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) io_uring_register$auto(0xffffffffffffffff, 0xffff5594, 0x0, 0x1) r4 = socket(0x2, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) io_uring_setup$auto(0x9, 0x0) fanotify_init$auto(0x9, 0x9) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) close_range$auto(0x2, 0x8, 0x0) 4.57050828s ago: executing program 0 (id=2091): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = getpid() rt_tgsigqueueinfo$auto(r0, 0x0, 0x23, &(0x7f0000000400)={@_si_pad}) move_pages$auto(r0, 0x1, &(0x7f0000000080)=&(0x7f0000000180)="50e6798f89d3097c187e54ba4cfab41ec63c391f8d12263c802807f520ca6b7e60d5d20fdc825242e165ea4ab844db382b3cf31ef539ce26eb806908028d6459d1501c288851df5a6f7e98076c09172718caf14cd85d1abfef476c333ba7fd3cd1805a6375136f1716c1702792a25c7903ed2dcb37638711a1d1f1a984", &(0x7f0000000100)=0x81, &(0x7f0000000040)=0x7fff, 0x3) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0x100082) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x1c9002, 0x0) socket(0xa, 0x5, 0x0) fdatasync$auto(r1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) epoll_create$auto(0x3e) socket(0x1e, 0x4, 0x0) socketpair$auto(0x8, 0x7, 0x1, 0x0) mmap$auto(0x0, 0x20006, 0x10000000000df, 0xeb2, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x10d, 0xb, 0x0, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0x11, r1, 0x9) io_uring_setup$auto(0x9, 0x0) 4.432148578s ago: executing program 3 (id=2092): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/pn533_usb/version\x00', 0x210000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/234, 0xea) bpf$auto(0x0, &(0x7f00000003c0)=@bpf_attr_3={0x101, 0x0, 0x0, 0x96d3, 0x9, 0xa0f, 0x3eec, 0x1, 0x9, "b8e32d5408612f8d6dee86c572b764ba", 0x0, 0x4, r0, 0x8, 0xfffffffffffffffc, 0xfffffffd, 0x0, 0x2, 0xf8e, 0x4, @attach_btf_obj_fd=r1, 0x0, 0xb, 0x6, 0x33, 0x5, r0, r1}, 0x6f8) read$auto(0x3, 0x0, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r0, 0x0, 0x401) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x83) ioctl$auto_SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f0000004040)) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) mmap$auto(0x100000000005, 0x783, 0x3, 0x8000000008011, r3, 0x40) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/authorized\x00', 0x10b142, 0x0) sendfile$auto(r4, r5, 0x0, 0x1000200) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) r6 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) write$auto_null_fops_mem(r6, &(0x7f0000000480)="ed48b569bf8cf7f085078f892d2363db131971ecdd5dce67eb59faa3b3dd0859a44145280b2f4ce14b22c08efe22524008baaa7f17753e53e8ad7688a210b4858a1dbb3625", 0x45) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) r7 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r7, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0xf3, 0x0, 0x20, 0x3}, 0x5b3}, 0x200, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x1}, 0x7, 0x0, 0x40003, 0x1a}, 0xa}, 0x87, 0xbd91, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x1000000000009b72, 0x2, 0x8000) 4.135076318s ago: executing program 2 (id=2093): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ttyrc\x00', 0x40, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000e00), 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x1d, 0x0, 0x8004) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x5add80, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) mq_timedreceive$auto(0xffffffffffffffff, &(0x7f0000000100)='nl802154\x00', 0x4e, &(0x7f0000000140)=0x8, &(0x7f0000000180)={0x5, 0x9}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socketpair$auto(0x5, 0x5, 0x8, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC0D0p\x00', 0xa00, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_PPPIOCSACTIVE(r2, 0x40107446, &(0x7f0000000240)={0xffff, &(0x7f0000000200)={0x6, 0x4, 0xb, @raw=0x8}}) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1e, 0x4, 0x0) r4 = socket(0x1e, 0x4, 0x0) r5 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r5, 0x29, 0x9, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_SET(r7, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="01002dbd7000ffdbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x80000) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x4001) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) 3.640434193s ago: executing program 1 (id=2094): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/pn533_usb/version\x00', 0x210000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/234, 0xea) bpf$auto(0x0, &(0x7f00000003c0)=@bpf_attr_3={0x101, 0x0, 0x0, 0x96d3, 0x9, 0xa0f, 0x3eec, 0x1, 0x9, "b8e32d5408612f8d6dee86c572b764ba", 0x0, 0x4, r0, 0x8, 0xfffffffffffffffc, 0xfffffffd, 0x0, 0x2, 0xf8e, 0x4, @attach_btf_obj_fd=r1, 0x0, 0xb, 0x6, 0x33, 0x5, r0, r1}, 0x6f8) read$auto(0x3, 0x0, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r0, 0x0, 0x401) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x83) ioctl$auto_SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f0000004040)) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) mmap$auto(0x100000000005, 0x783, 0x3, 0x8000000008011, r3, 0x40) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/authorized\x00', 0x10b142, 0x0) sendfile$auto(r4, r5, 0x0, 0x1000200) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) r6 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) write$auto_null_fops_mem(r6, &(0x7f0000000480)="ed48b569bf8cf7f085078f892d2363db131971ecdd5dce67eb59faa3b3dd0859a44145280b2f4ce14b22c08efe22524008baaa7f17753e53e8ad7688a210b4858a1dbb3625", 0x45) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) r7 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r7, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0xf3, 0x0, 0x20, 0x3}, 0x5b3}, 0x200, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x1}, 0x7, 0x0, 0x40003, 0x1a}, 0xa}, 0x87, 0xbd91, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 3.639343998s ago: executing program 0 (id=2102): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = getpid() rt_tgsigqueueinfo$auto(r0, 0x0, 0x23, &(0x7f0000000400)={@_si_pad}) move_pages$auto(r0, 0x1, &(0x7f0000000080)=&(0x7f0000000180)="50e6798f89d3097c187e54ba4cfab41ec63c391f8d12263c802807f520ca6b7e60d5d20fdc825242e165ea4ab844db382b3cf31ef539ce26eb806908028d6459d1501c288851df5a6f7e98076c09172718caf14cd85d1abfef476c333ba7fd3cd1805a6375136f1716c1702792a25c7903ed2dcb37638711a1d1f1a984", &(0x7f0000000100)=0x81, &(0x7f0000000040)=0x7fff, 0x3) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0x100082) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x1c9002, 0x0) socket(0xa, 0x5, 0x0) fdatasync$auto(r1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) epoll_create$auto(0x3e) socket(0x1e, 0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) mmap$auto(0x0, 0x20006, 0x10000000000df, 0xeb2, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x10d, 0xb, 0x0, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0x11, r1, 0x9) io_uring_setup$auto(0x9, 0x0) 2.990532571s ago: executing program 2 (id=2095): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0xa, 0x3) socket(0x2c, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x4, 0x84) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socket(0xa, 0x2, 0x0) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x0, 0x2, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x8, @old_prog_fd=r1}, 0xa3) bpf$auto(0x1, &(0x7f0000000040)=@query={@target_ifindex, 0xff, 0xffffff01, 0x9, 0x6, @count=0xfffffff1, 0x0, 0x80000000, 0xb, 0x0, 0x7}, 0x9) 2.755628959s ago: executing program 0 (id=2096): write$auto(0x800000000000c8, 0x0, 0x1a) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) shutdown$auto(0x200000003, 0x2) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x200000007b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x2, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x0, 0x24, 0x0, 0x28) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000100), 0x20400, 0x0) ioctl$auto_TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000140)=0xbc) r2 = epoll_create$auto(0x3e) r3 = socket(0xa, 0x2, 0x3a) epoll_ctl$auto(r2, 0x1, r0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r4, 0x8, 0x1) fcntl$auto(r4, 0x10, 0x2) bind$auto(0x3, 0x0, 0x68) renameat2$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x4000) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PVERSION(r2, 0x80045700, &(0x7f0000000200)=0xfff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x800eb1, r3, 0x8000) r5 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f00000000c0), 0x555a01, 0x0) io_uring_setup$auto(0x7, &(0x7f0000000040)={0x5, 0x3ff, 0x5968, 0xfffffffd, 0x1, 0x8, r5, [0xf5, 0x1, 0xf76], {0x3, 0x8, 0x5, 0x9, 0xfffffffa, 0x5, 0x156c, 0x7, 0x83}, {0x7ff, 0x13, 0x3b, 0x8, 0x5, 0x553, 0x3, 0x9, 0x4}}) 2.219444248s ago: executing program 2 (id=2097): r0 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x11, 0x3, 0x9) mmap$auto(0x7, 0x7fffffffffffffff, 0xe4, 0xf6, r0, 0x81) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r1, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c06000002000000000000007f00000000000000071b06", 0x4b}, 0x2, 0x0, 0x5, 0x3ff}, 0x5}, 0x2, 0x100) r2 = io_uring_setup$auto(0x7fff, 0x0) write$auto(r2, &(0x7f0000000040)='/dev/virtual_nci\x00', 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x15, 0x5, 0x0) r4 = getsockopt$auto(r3, 0x114, 0x5, 0xfffffffffffffffc, 0x0) read$auto(0x3, 0x0, 0x80) socket(0x21, 0x1, 0x3) mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) r5 = pipe$auto(0x0) ioctl$auto_IOCTL_GET_NUM_DEVICES(r5, 0x40046104, &(0x7f0000000000)=0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x41, 0x1, 0x0, 0x9, 0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r6 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r6, 0x0, 0x8fb5) dup2$auto(0x0, 0x3) r7 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r7, 0x107, 0x5, 0x0, 0x8004) fcntl$auto(0x3, 0x4, 0xa553) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) read$auto_ecryptfs_dir_fops_ecryptfs_kernel(r4, &(0x7f0000000140)=""/242, 0xf2) 2.184194353s ago: executing program 0 (id=2098): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/pn533_usb/version\x00', 0x210000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/234, 0xea) bpf$auto(0x0, &(0x7f00000003c0)=@bpf_attr_3={0x101, 0x0, 0x0, 0x96d3, 0x9, 0xa0f, 0x3eec, 0x1, 0x9, "b8e32d5408612f8d6dee86c572b764ba", 0x0, 0x4, r0, 0x8, 0xfffffffffffffffc, 0xfffffffd, 0x0, 0x2, 0xf8e, 0x4, @attach_btf_obj_fd=r1, 0x0, 0xb, 0x6, 0x33, 0x5, r0, r1}, 0x6f8) read$auto(0x3, 0x0, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r0, 0x0, 0x401) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x83) ioctl$auto_SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f0000004040)) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) mmap$auto(0x100000000005, 0x783, 0x3, 0x8000000008011, r3, 0x40) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/authorized\x00', 0x10b142, 0x0) sendfile$auto(r4, r5, 0x0, 0x1000200) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) r6 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) write$auto_null_fops_mem(r6, &(0x7f0000000480)="ed48b569bf8cf7f085078f892d2363db131971ecdd5dce67eb59faa3b3dd0859a44145280b2f4ce14b22c08efe22524008baaa7f17753e53e8ad7688a210b4858a1dbb3625", 0x45) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) r7 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r7, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0xf3, 0x0, 0x20, 0x3}, 0x5b3}, 0x200, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x1}, 0x7, 0x0, 0x40003, 0x1a}, 0xa}, 0x87, 0xbd91, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x1000000000009b72, 0x2, 0x8000) 1.670891502s ago: executing program 3 (id=2099): r0 = gettid() mmap$auto(0x0, 0x9, 0x10000df, 0x9b72, 0x2, 0x8000) r1 = openat$auto_fops_u32_ro_(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/bpf_offloaded_id\x00', 0x20082, 0x0) writev$auto(r1, &(0x7f0000001680)={0x0, 0x9}, 0x7) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x5, 0x0) rt_sigtimedwait$auto(&(0x7f00000000c0)={0x86d}, 0x0, &(0x7f0000001ac0)={0x7fffffff, 0xb21}, 0x8) tkill$auto(r0, 0x7) 1.514492969s ago: executing program 1 (id=2100): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r0, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) (fail_nth: 5) 1.438985896s ago: executing program 3 (id=2101): openat$auto_generic(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci2/hci2:200/power/autosuspend_delay_ms\x00', 0x400081, 0x0) mmap$auto(0x0, 0x4020009, 0x100000001, 0x14, 0xffffffffffffffff, 0x80000001) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2c, 0xa, 0x5) sendfile$auto(0x1, r0, 0x0, 0x8fb5) dup2$auto(0x0, 0x3) r1 = fcntl$auto(0x3, 0x4, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0x541b, r1) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x42006, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x9) ioctl$auto_CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000002c40)=0xd2) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x20ffffffff, 0x10000}, 0x6, 0x6, 0xffffffffffffffdd, 0x1008001, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) lseek$auto(r2, 0x7f, 0x2a21) sysfs$auto(0x2, 0x8000000000000001, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) socket(0x11, 0x80003, 0x304) 1.321072271s ago: executing program 1 (id=2103): mmap$auto(0x0, 0x4020009, 0x8000000000000000, 0xeb1, 0x401, 0x8000) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x10000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffc, 0x7, 0x80008) (async) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') setns(r0, 0x0) (async) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80002, 0x73) (async) socket(0xa, 0x1, 0x84) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @rand_addr=0x64010102}, 0xfffffffc) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) (async) clock_nanosleep$auto(0xfffffff2, 0x5, 0x0, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) ioctl$auto_BLKPG(r1, 0x1269, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x23, 0x2, 0x0) (async) socket(0x15, 0x5, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) pipe$auto(0x0) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r2, 0x0, 0xc3) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) setgroups$auto(0xe32, 0x0) (async) iopl$auto(0x3) 766.824793ms ago: executing program 2 (id=2104): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x1, 0x106) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x2b, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) listen$auto(r0, 0x7) accept$auto(r0, 0x0, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) setfsuid$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) io_uring_register$auto(0xffffffffffffffff, 0xffff5594, 0x0, 0x1) r4 = socket(0x2, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) io_uring_setup$auto(0x9, 0x0) fanotify_init$auto(0x9, 0x9) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) close_range$auto(0x2, 0x8, 0x0) 82.40852ms ago: executing program 1 (id=2105): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) rseq$auto(&(0x7f0000000000)={0xffffffff, 0xc000000, 0x68d5, 0x4, 0x9, 0x50ea3c53, "87d62d9ad8fa57abfbaae60b7d2d6560ea31f2d482997e64e38ff74e41bcbf6a61a94d64a0"}, 0xfffffffc, 0x40, 0x401) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) socket(0x15, 0x5, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) r1 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) read$auto_ep0_operations_inode(r1, &(0x7f0000001200)=""/4096, 0x1000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(0x3, 0x5521, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) epoll_create$auto(0x4) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) getsockopt$auto(0x2, 0x114, 0x271e, 0xfffffffffffffffc, 0x0) 61.352057ms ago: executing program 0 (id=2106): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x121342, 0x1c9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r1, 0x0, 0x1) write$auto(r0, 0x0, 0x1f) 51.701796ms ago: executing program 2 (id=2107): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) r0 = open(&(0x7f0000000100)='./file0\x00', 0x2240, 0x154) r1 = fcntl$auto(r0, 0x400, 0x0) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = socket(0xa, 0x2, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000440)="c818464ee269e76f8a82dedbad00a6f78f2262c97eb0626a048b8aff4f30e6b029f3a9f8f36d47f1df92475cd5370669cb2a38c2caaa8aee8a5027d9a70141e6e15f180603a745a4b71a3906356d250b4dcb8119c9cd524e7cfbe9d4c6c5e3bfb4eac5102dcfb866eacb9be3a3b182f01b9459fbb8aa4b220874e822965ec027aa1cdcd3fcceecb475bcce525ca2f0d93fc3a55b6db293542312e2087a52a296ff1095c429acc907662f760382be0338c0e82639ae88b600ab123a7f82093dc353160e05be21154673faaef24d680cd9cd3b5d99755492c402faa3b4566781fdafff07000000000000c6ae655d9b93961c13f971e57f10fe6d399cfe74c23eba04ef23ccaa1532acc9bb42dd831ef10110cdce4ffec8954ac6130ecef0f4712e71b2615ba72725f8c8522d669f65df3279f064aa2c5fa6a9072c1a6e0121f1f26efdf5631b675873c13972d33dd93e168bcb00409fad10578be1363203209f2a449f95358e40d701bbcd3a7ac29188540b88036f585cf744f9fbc29f704c7e27cabc8be24001a84db7aaa4f4b7fc19cb4502e54c71a5e1b2a97a3eec2795d790ca6ead6a8103e61341ba5416c0") unshare$auto(0x40000080) mmap$auto(0x0, 0x3f, 0x4000000000e7, 0xeb1, 0x0, 0x8003) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:12/power/runtime_suspended_time\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000140)=""/12, 0xc) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r4 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) r5 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dri/renderD128\x00', 0x80802, 0x0) ioctl$auto(r5, 0x800064d1, r5) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) mmap$auto(0x0, 0x4000a, 0x0, 0x9b72, r1, 0x28000) io_uring_setup$auto(0x3ff, 0x0) write$auto(0x3, 0x0, 0xffd8) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000200), r1) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r6, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24058844}, 0x2000c041) writev$auto(r4, &(0x7f00000035c0)={0x0, 0x4}, 0x9) fcntl$auto(r3, 0x400, 0x0) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 3 (id=2108): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = getpid() rt_tgsigqueueinfo$auto(r0, 0x0, 0x23, &(0x7f0000000400)={@_si_pad}) move_pages$auto(r0, 0x1, &(0x7f0000000080)=&(0x7f0000000180)="50e6798f89d3097c187e54ba4cfab41ec63c391f8d12263c802807f520ca6b7e60d5d20fdc825242e165ea4ab844db382b3cf31ef539ce26eb806908028d6459d1501c288851df5a6f7e98076c09172718caf14cd85d1abfef476c333ba7fd3cd1805a6375136f1716c1702792a25c7903ed2dcb37638711a1d1f1a984", &(0x7f0000000100)=0x81, &(0x7f0000000040)=0x7fff, 0x3) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0x100082) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x1c9002, 0x0) socket(0xa, 0x5, 0x0) fdatasync$auto(r1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) epoll_create$auto(0x3e) socket(0x1e, 0x4, 0x0) socketpair$auto(0x8, 0x7, 0x1, 0x0) mmap$auto(0x0, 0x20006, 0x10000000000df, 0xeb2, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x10d, 0xb, 0x0, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0x11, r1, 0x9) io_uring_setup$auto(0x9, 0x0) kernel console output (not intermixed with test programs): [ 599.843361][T22241] RIP: 0033:0x7f5777f8e169 [ 599.843391][T22241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.843425][T22241] RSP: 002b:00007f5778e5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 599.843458][T22241] RAX: ffffffffffffffda RBX: 00007f57781b5fa0 RCX: 00007f5777f8e169 [ 599.843481][T22241] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 599.843505][T22241] RBP: 00007f5778010a68 R08: 0000000000000000 R09: 0000000000000000 [ 599.843527][T22241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.843548][T22241] R13: 0000000000000000 R14: 00007f57781b5fa0 R15: 00007ffe496f0068 [ 599.843593][T22241] [ 602.035116][T22286] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(14) [ 604.866507][T22346] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 604.876673][T22346] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 604.918244][T22346] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 604.951602][T22346] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 604.972708][T22346] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 605.000282][T22346] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 605.654119][T22376] FAULT_INJECTION: forcing a failure. [ 605.654119][T22376] name failslab, interval 1, probability 0, space 0, times 0 [ 605.678497][T22376] CPU: 0 UID: 0 PID: 22376 Comm: syz.3.1621 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 605.678546][T22376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 605.678567][T22376] Call Trace: [ 605.678580][T22376] [ 605.678592][T22376] dump_stack_lvl+0x16c/0x1f0 [ 605.678651][T22376] should_fail_ex+0x512/0x640 [ 605.678700][T22376] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 605.678761][T22376] should_failslab+0xc2/0x120 [ 605.678795][T22376] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 605.678850][T22376] ? find_held_lock+0x2b/0x80 [ 605.678893][T22376] ? kstrdup_const+0x63/0x80 [ 605.678931][T22376] kstrdup+0x53/0x100 [ 605.678965][T22376] kstrdup_const+0x63/0x80 [ 605.678997][T22376] __kernfs_new_node+0x9b/0x8a0 [ 605.679055][T22376] ? __pfx___kernfs_new_node+0x10/0x10 [ 605.679119][T22376] ? find_held_lock+0x2b/0x80 [ 605.679162][T22376] ? kernfs_root+0xee/0x2a0 [ 605.679220][T22376] kernfs_new_node+0x13c/0x1e0 [ 605.679257][T22376] ? __mutex_trylock_common+0xe9/0x250 [ 605.679295][T22376] kernfs_create_dir_ns+0x4c/0x1a0 [ 605.679336][T22376] sysfs_create_dir_ns+0x13a/0x2b0 [ 605.679387][T22376] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 605.679437][T22376] ? find_held_lock+0x2b/0x80 [ 605.679486][T22376] ? class_dir_child_ns_type+0xd/0x60 [ 605.679524][T22376] kobject_add_internal+0x2c4/0x9b0 [ 605.679586][T22376] kobject_add+0x16e/0x240 [ 605.679618][T22376] ? __pfx_kobject_add+0x10/0x10 [ 605.679652][T22376] ? get_device_parent+0x1c5/0x4e0 [ 605.679715][T22376] ? kobject_put+0xab/0x5a0 [ 605.679779][T22376] device_add+0x288/0x1a70 [ 605.679816][T22376] ? __pfx___debug_object_init+0x10/0x10 [ 605.679862][T22376] ? alloc_workqueue+0x198/0x200 [ 605.679915][T22376] ? __pfx_device_add+0x10/0x10 [ 605.679967][T22376] nfc_register_device+0x41/0x3c0 [ 605.680024][T22376] nci_register_device+0x7f1/0xb80 [ 605.680069][T22376] ? __pfx_nci_register_device+0x10/0x10 [ 605.680119][T22376] ? lockdep_init_map_type+0x5c/0x280 [ 605.680161][T22376] virtual_ncidev_open+0x141/0x220 [ 605.680201][T22376] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 605.680240][T22376] misc_open+0x35a/0x420 [ 605.680284][T22376] ? __pfx_misc_open+0x10/0x10 [ 605.680327][T22376] chrdev_open+0x231/0x6a0 [ 605.680378][T22376] ? __pfx_apparmor_file_open+0x10/0x10 [ 605.680420][T22376] ? __pfx_chrdev_open+0x10/0x10 [ 605.680477][T22376] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 605.680534][T22376] do_dentry_open+0x741/0x1c10 [ 605.680584][T22376] ? __pfx_chrdev_open+0x10/0x10 [ 605.680645][T22376] vfs_open+0x82/0x3f0 [ 605.680696][T22376] path_openat+0x1e5e/0x2d40 [ 605.680763][T22376] ? __pfx_path_openat+0x10/0x10 [ 605.680825][T22376] do_filp_open+0x20b/0x470 [ 605.680876][T22376] ? __pfx_do_filp_open+0x10/0x10 [ 605.680957][T22376] ? alloc_fd+0x471/0x7d0 [ 605.681017][T22376] do_sys_openat2+0x11b/0x1d0 [ 605.681052][T22376] ? __pfx_do_sys_openat2+0x10/0x10 [ 605.681106][T22376] __x64_sys_openat+0x174/0x210 [ 605.681147][T22376] ? __pfx___x64_sys_openat+0x10/0x10 [ 605.681187][T22376] ? rcu_is_watching+0x12/0xc0 [ 605.681243][T22376] do_syscall_64+0xcd/0x260 [ 605.681297][T22376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.681333][T22376] RIP: 0033:0x7f8ad1f8e169 [ 605.681362][T22376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.681395][T22376] RSP: 002b:00007f8ad2de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 605.681427][T22376] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa0 RCX: 00007f8ad1f8e169 [ 605.681449][T22376] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 605.681471][T22376] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 605.681492][T22376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.681513][T22376] R13: 0000000000000000 R14: 00007f8ad21b5fa0 R15: 00007ffece796bc8 [ 605.681556][T22376] [ 605.685757][T22376] kobject: kobject_add_internal failed for nfc2 (error: -12 parent: nfc) [ 606.368208][T21924] Bluetooth: hci0: command 0x0406 tx timeout [ 606.928000][T21924] Bluetooth: hci1: command 0x0406 tx timeout [ 607.008394][T21924] Bluetooth: hci3: command 0x0406 tx timeout [ 607.009020][ T5852] Bluetooth: hci2: command 0x0406 tx timeout [ 607.869665][T22433] openvswitch: HfR: Dropping previously announced user features [ 608.457216][ T5852] Bluetooth: hci0: command 0x0406 tx timeout [ 609.087119][ T5852] Bluetooth: hci2: command 0x0406 tx timeout [ 609.320341][T22460] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1626'. [ 613.373724][T22601] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1642'. [ 617.879798][T22810] FAULT_INJECTION: forcing a failure. [ 617.879798][T22810] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 617.893753][T22810] CPU: 1 UID: 0 PID: 22810 Comm: syz.1.1654 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 617.893798][T22810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 617.893818][T22810] Call Trace: [ 617.893832][T22810] [ 617.893844][T22810] dump_stack_lvl+0x16c/0x1f0 [ 617.893899][T22810] should_fail_ex+0x512/0x640 [ 617.893945][T22810] should_fail_alloc_page+0xe7/0x130 [ 617.893981][T22810] prepare_alloc_pages+0x3c2/0x610 [ 617.894024][T22810] ? rcu_is_watching+0x12/0xc0 [ 617.894071][T22810] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 617.894126][T22810] ? __pfx___schedule+0x10/0x10 [ 617.894170][T22810] ? __lock_acquire+0xaa4/0x1ba0 [ 617.894224][T22810] ? cgroup_rstat_updated+0x2a/0xb20 [ 617.894277][T22810] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 617.894359][T22810] ? lru_gen_add_folio+0x1a4/0xef0 [ 617.894399][T22810] ? __lock_acquire+0x5ca/0x1ba0 [ 617.894456][T22810] ? __lock_acquire+0x5ca/0x1ba0 [ 617.894514][T22810] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 617.894553][T22810] ? policy_nodemask+0xea/0x4e0 [ 617.894611][T22810] alloc_pages_mpol+0x1fb/0x550 [ 617.894645][T22810] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 617.894679][T22810] ? __lock_acquire+0x5ca/0x1ba0 [ 617.894738][T22810] folio_alloc_mpol_noprof+0x36/0x2f0 [ 617.894780][T22810] vma_alloc_folio_noprof+0xed/0x1e0 [ 617.894818][T22810] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 617.894870][T22810] do_pte_missing+0x223d/0x3fb0 [ 617.894932][T22810] __handle_mm_fault+0x103d/0x2a40 [ 617.894991][T22810] ? __pfx___handle_mm_fault+0x10/0x10 [ 617.895035][T22810] ? __pte_offset_map_lock+0x155/0x2f0 [ 617.895074][T22810] ? find_held_lock+0x2b/0x80 [ 617.895113][T22810] ? find_held_lock+0x2b/0x80 [ 617.895182][T22810] handle_mm_fault+0x3fe/0xad0 [ 617.895235][T22810] __get_user_pages+0x771/0x36f0 [ 617.895289][T22810] ? __pfx_mt_find+0x10/0x10 [ 617.895341][T22810] ? __pfx___get_user_pages+0x10/0x10 [ 617.895400][T22810] populate_vma_page_range+0x278/0x3a0 [ 617.895447][T22810] ? __pfx_populate_vma_page_range+0x10/0x10 [ 617.895512][T22810] ? __pfx_find_vma_intersection+0x10/0x10 [ 617.895555][T22810] ? do_mmap+0x69c/0x11b0 [ 617.895599][T22810] __mm_populate+0x1d8/0x380 [ 617.895643][T22810] ? __pfx___mm_populate+0x10/0x10 [ 617.895692][T22810] ? up_write+0x1b2/0x520 [ 617.895732][T22810] vm_mmap_pgoff+0x362/0x450 [ 617.895775][T22810] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 617.895814][T22810] ? find_held_lock+0x2b/0x80 [ 617.895861][T22810] ? __x64_sys_futex+0x1e0/0x4c0 [ 617.895905][T22810] ? __x64_sys_futex+0x1e9/0x4c0 [ 617.895958][T22810] ksys_mmap_pgoff+0x7d/0x5c0 [ 617.895997][T22810] ? rcu_is_watching+0x12/0xc0 [ 617.896042][T22810] __x64_sys_mmap+0x125/0x190 [ 617.896087][T22810] do_syscall_64+0xcd/0x260 [ 617.896140][T22810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.896174][T22810] RIP: 0033:0x7f5777f8e169 [ 617.896201][T22810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 617.896234][T22810] RSP: 002b:00007f5778e5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 617.896266][T22810] RAX: ffffffffffffffda RBX: 00007f57781b5fa0 RCX: 00007f5777f8e169 [ 617.896290][T22810] RDX: 00000000000000df RSI: 0000000000440009 RDI: 0000000000000000 [ 617.896311][T22810] RBP: 00007f5778010a68 R08: 0000000000000007 R09: 0000000000028000 [ 617.896333][T22810] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 617.896353][T22810] R13: 0000000000000000 R14: 00007f57781b5fa0 R15: 00007ffe496f0068 [ 617.896398][T22810] [ 619.229451][T22852] usbip-vudc usbip-vudc.0: gadget not bound [ 619.309605][T22857] delete_channel: no stack [ 621.005660][T22957] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 621.015370][T22957] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 622.310264][T22998] Invalid ELF header magic: != ELF [ 622.405794][T23008] openvswitch: HfR: Dropping previously announced user features [ 624.960789][T23070] delete_channel: no stack [ 627.882808][T23256] FAULT_INJECTION: forcing a failure. [ 627.882808][T23256] name failslab, interval 1, probability 0, space 0, times 0 [ 627.918295][T23256] CPU: 0 UID: 0 PID: 23256 Comm: syz.3.1695 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 627.918343][T23256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 627.918365][T23256] Call Trace: [ 627.918377][T23256] [ 627.918390][T23256] dump_stack_lvl+0x16c/0x1f0 [ 627.918446][T23256] should_fail_ex+0x512/0x640 [ 627.918484][T23256] ? __kmalloc_node_noprof+0xc5/0x500 [ 627.918540][T23256] should_failslab+0xc2/0x120 [ 627.918572][T23256] __kmalloc_node_noprof+0xd8/0x500 [ 627.918623][T23256] ? __vmalloc_node_range_noprof+0x3eb/0x1540 [ 627.918666][T23256] __vmalloc_node_range_noprof+0x3eb/0x1540 [ 627.918715][T23256] ? n_tty_open+0x1a/0x170 [ 627.918775][T23256] ? __ldsem_down_write_nested+0x10e/0x850 [ 627.918811][T23256] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 627.918860][T23256] ? n_tty_open+0x1a/0x170 [ 627.918891][T23256] vzalloc_noprof+0x6b/0x90 [ 627.918927][T23256] ? n_tty_open+0x1a/0x170 [ 627.918956][T23256] ? __pfx_n_tty_open+0x10/0x10 [ 627.918984][T23256] n_tty_open+0x1a/0x170 [ 627.919013][T23256] ? __pfx_n_tty_open+0x10/0x10 [ 627.919041][T23256] tty_ldisc_open+0x9c/0x120 [ 627.919080][T23256] tty_ldisc_setup+0x40/0x100 [ 627.919121][T23256] tty_init_dev.part.0+0x1ec/0x500 [ 627.919151][T23256] tty_open+0xa50/0xf90 [ 627.919184][T23256] ? __pfx_tty_open+0x10/0x10 [ 627.919211][T23256] ? chrdev_open+0x10b/0x6a0 [ 627.919257][T23256] ? __pfx_tty_open+0x10/0x10 [ 627.919283][T23256] chrdev_open+0x231/0x6a0 [ 627.919324][T23256] ? __pfx_apparmor_file_open+0x10/0x10 [ 627.919358][T23256] ? __pfx_chrdev_open+0x10/0x10 [ 627.919404][T23256] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 627.919449][T23256] do_dentry_open+0x741/0x1c10 [ 627.919489][T23256] ? __pfx_chrdev_open+0x10/0x10 [ 627.919539][T23256] vfs_open+0x82/0x3f0 [ 627.919571][T23256] path_openat+0x1e5e/0x2d40 [ 627.919624][T23256] ? __pfx_path_openat+0x10/0x10 [ 627.919674][T23256] do_filp_open+0x20b/0x470 [ 627.919715][T23256] ? __pfx_do_filp_open+0x10/0x10 [ 627.919792][T23256] ? alloc_fd+0x471/0x7d0 [ 627.919841][T23256] do_sys_openat2+0x11b/0x1d0 [ 627.919871][T23256] ? __pfx_do_sys_openat2+0x10/0x10 [ 627.919914][T23256] __x64_sys_openat+0x174/0x210 [ 627.919945][T23256] ? __pfx___x64_sys_openat+0x10/0x10 [ 627.919978][T23256] ? rcu_is_watching+0x12/0xc0 [ 627.920022][T23256] do_syscall_64+0xcd/0x260 [ 627.920065][T23256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.920093][T23256] RIP: 0033:0x7f8ad1f8e169 [ 627.920116][T23256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 627.920142][T23256] RSP: 002b:00007f8ad2dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 627.920169][T23256] RAX: ffffffffffffffda RBX: 00007f8ad21b6080 RCX: 00007f8ad1f8e169 [ 627.920188][T23256] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 627.920207][T23256] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 627.920224][T23256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 627.920241][T23256] R13: 0000000000000000 R14: 00007f8ad21b6080 R15: 00007ffece796bc8 [ 627.920277][T23256] [ 627.920300][T23256] warn_alloc: 1 callbacks suppressed [ 627.920316][T23256] syz.3.1695: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 628.446578][T23256] CPU: 0 UID: 0 PID: 23256 Comm: syz.3.1695 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 628.446628][T23256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 628.446649][T23256] Call Trace: [ 628.446662][T23256] [ 628.446675][T23256] dump_stack_lvl+0x16c/0x1f0 [ 628.446730][T23256] warn_alloc+0x248/0x3a0 [ 628.446784][T23256] ? __pfx_warn_alloc+0x10/0x10 [ 628.446829][T23256] ? dump_stack_lvl+0x1a1/0x1f0 [ 628.446890][T23256] ? rcu_is_watching+0x12/0xc0 [ 628.446933][T23256] ? __kmalloc_node_noprof+0x23b/0x500 [ 628.446997][T23256] __vmalloc_node_range_noprof+0x1110/0x1540 [ 628.447058][T23256] ? n_tty_open+0x1a/0x170 [ 628.447099][T23256] ? __ldsem_down_write_nested+0x10e/0x850 [ 628.447141][T23256] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 628.447200][T23256] ? n_tty_open+0x1a/0x170 [ 628.447237][T23256] vzalloc_noprof+0x6b/0x90 [ 628.447280][T23256] ? n_tty_open+0x1a/0x170 [ 628.447314][T23256] ? __pfx_n_tty_open+0x10/0x10 [ 628.447348][T23256] n_tty_open+0x1a/0x170 [ 628.447383][T23256] ? __pfx_n_tty_open+0x10/0x10 [ 628.447418][T23256] tty_ldisc_open+0x9c/0x120 [ 628.447475][T23256] tty_ldisc_setup+0x40/0x100 [ 628.447525][T23256] tty_init_dev.part.0+0x1ec/0x500 [ 628.447563][T23256] tty_open+0xa50/0xf90 [ 628.447604][T23256] ? __pfx_tty_open+0x10/0x10 [ 628.447637][T23256] ? chrdev_open+0x10b/0x6a0 [ 628.447694][T23256] ? __pfx_tty_open+0x10/0x10 [ 628.447727][T23256] chrdev_open+0x231/0x6a0 [ 628.447776][T23256] ? __pfx_apparmor_file_open+0x10/0x10 [ 628.447819][T23256] ? __pfx_chrdev_open+0x10/0x10 [ 628.447874][T23256] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 628.447931][T23256] do_dentry_open+0x741/0x1c10 [ 628.447980][T23256] ? __pfx_chrdev_open+0x10/0x10 [ 628.448039][T23256] vfs_open+0x82/0x3f0 [ 628.448080][T23256] path_openat+0x1e5e/0x2d40 [ 628.448145][T23256] ? __pfx_path_openat+0x10/0x10 [ 628.448207][T23256] do_filp_open+0x20b/0x470 [ 628.448256][T23256] ? __pfx_do_filp_open+0x10/0x10 [ 628.448339][T23256] ? alloc_fd+0x471/0x7d0 [ 628.448399][T23256] do_sys_openat2+0x11b/0x1d0 [ 628.448434][T23256] ? __pfx_do_sys_openat2+0x10/0x10 [ 628.448496][T23256] __x64_sys_openat+0x174/0x210 [ 628.448533][T23256] ? __pfx___x64_sys_openat+0x10/0x10 [ 628.448572][T23256] ? rcu_is_watching+0x12/0xc0 [ 628.448624][T23256] do_syscall_64+0xcd/0x260 [ 628.448674][T23256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.448708][T23256] RIP: 0033:0x7f8ad1f8e169 [ 628.448733][T23256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 628.448765][T23256] RSP: 002b:00007f8ad2dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 628.448796][T23256] RAX: ffffffffffffffda RBX: 00007f8ad21b6080 RCX: 00007f8ad1f8e169 [ 628.448817][T23256] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 628.448840][T23256] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 628.448860][T23256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 628.448880][T23256] R13: 0000000000000000 R14: 00007f8ad21b6080 R15: 00007ffece796bc8 [ 628.449005][T23256] [ 628.827651][T23256] Mem-Info: [ 628.835654][T23256] active_anon:32790 inactive_anon:0 isolated_anon:0 [ 628.835654][T23256] active_file:22331 inactive_file:39437 isolated_file:0 [ 628.835654][T23256] unevictable:768 dirty:390 writeback:0 [ 628.835654][T23256] slab_reclaimable:10114 slab_unreclaimable:94086 [ 628.835654][T23256] mapped:32000 shmem:26416 pagetables:930 [ 628.835654][T23256] sec_pagetables:0 bounce:0 [ 628.835654][T23256] kernel_misc_reclaimable:0 [ 628.835654][T23256] free:1302315 free_pcp:3383 free_cma:0 [ 629.072356][T23256] Node 0 active_anon:143988kB inactive_anon:0kB active_file:89324kB inactive_file:157680kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:128988kB dirty:1600kB writeback:0kB shmem:115964kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10556kB pagetables:3708kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 629.186651][T23256] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 629.286717][T23256] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 629.462549][T23256] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 629.526559][T23256] Node 0 DMA32 free:1267300kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:136640kB inactive_anon:0kB active_file:89324kB inactive_file:156124kB unevictable:1536kB writepending:1600kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:27432kB local_pcp:24608kB free_cma:0kB [ 629.616915][T23256] lowmem_reserve[]: 0 0 1 1 1 [ 629.622339][T23256] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:4kB free_cma:0kB [ 629.665699][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.673590][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.709167][T23256] lowmem_reserve[]: 0 0 0 0 0 [ 629.714736][T23256] Node 1 Normal free:3899612kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:6480kB local_pcp:4804kB free_cma:0kB [ 629.839033][T23256] lowmem_reserve[]: 0 0 0 0 0 [ 629.856208][T23256] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 629.896538][T23256] Node 0 DMA32: 14*4kB (E) 18*8kB (E) 34*16kB (UE) 67*32kB (UME) 73*64kB (UME) 49*128kB (UE) 34*256kB (UME) 28*512kB (UME) 35*1024kB (UME) 17*2048kB (UM) 283*4096kB (UM) = 1266696kB [ 629.959392][T23256] Node 0 Normal: 2*4kB (M) 2*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 630.000639][T23256] Node 1 Normal: 131*4kB (UME) 12*8kB (UME) 31*16kB (UME) 172*32kB (UME) 92*64kB (UME) 32*128kB (UME) 16*256kB (UME) 8*512kB (UM) 8*1024kB (UE) 4*2048kB (UE) 942*4096kB (M) = 3899612kB [ 630.029074][T23256] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 630.066170][T23256] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 630.075554][T23256] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 630.106270][T23256] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 630.115652][T23256] 88172 total pagecache pages [ 630.136075][T23256] 0 pages in swap cache [ 630.140402][T23256] Free swap = 124996kB [ 630.179229][T23256] Total swap = 124996kB [ 630.183484][T23256] 2097051 pages RAM [ 630.188521][T23300] openvswitch: HfR: Dropping previously announced user features [ 630.209701][T23256] 0 pages HighMem/MovableOnly [ 630.214469][T23256] 429591 pages reserved [ 630.235303][T23256] 0 pages cma reserved [ 630.239633][T23256] tty tty26: ldisc open failed (-12), clearing slot 25 [ 632.568622][T23362] openvswitch: HfR: Dropping previously announced user features [ 633.575450][T23387] FAULT_INJECTION: forcing a failure. [ 633.575450][T23387] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 633.575503][T23387] CPU: 0 UID: 0 PID: 23387 Comm: syz.2.1702 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 633.575546][T23387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 633.575567][T23387] Call Trace: [ 633.575579][T23387] [ 633.575592][T23387] dump_stack_lvl+0x16c/0x1f0 [ 633.575648][T23387] should_fail_ex+0x512/0x640 [ 633.575693][T23387] should_fail_alloc_page+0xe7/0x130 [ 633.575730][T23387] prepare_alloc_pages+0x3c2/0x610 [ 633.575777][T23387] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 633.575836][T23387] ? stack_trace_save+0x8e/0xc0 [ 633.575892][T23387] ? __lock_acquire+0xaa4/0x1ba0 [ 633.575944][T23387] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 633.576010][T23387] ? fb_var_to_videomode+0x4c9/0x690 [ 633.576058][T23387] ? __pfx_fb_match_mode+0x10/0x10 [ 633.576103][T23387] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 633.576146][T23387] ? lockdep_hardirqs_on+0x7c/0x110 [ 633.576198][T23387] ? vc_allocate+0x489/0x880 [ 633.576246][T23387] __alloc_pages_noprof+0xb/0x1b0 [ 633.576296][T23387] ___kmalloc_large_node+0x82/0x1e0 [ 633.576334][T23387] ? con_is_visible+0x65/0x150 [ 633.576379][T23387] __kmalloc_large_node_noprof+0x1c/0x70 [ 633.576424][T23387] __kmalloc_noprof.cold+0xc/0x61 [ 633.576480][T23387] vc_allocate+0x489/0x880 [ 633.576531][T23387] ? __pfx_vc_allocate+0x10/0x10 [ 633.576596][T23387] con_install+0xa1/0x600 [ 633.576651][T23387] ? __pfx_con_install+0x10/0x10 [ 633.576711][T23387] ? __pfx_con_install+0x10/0x10 [ 633.576765][T23387] tty_init_dev.part.0+0x99/0x500 [ 633.576803][T23387] tty_open+0xa50/0xf90 [ 633.576844][T23387] ? __pfx_tty_open+0x10/0x10 [ 633.576878][T23387] ? chrdev_open+0x10b/0x6a0 [ 633.576934][T23387] ? __pfx_tty_open+0x10/0x10 [ 633.576966][T23387] chrdev_open+0x231/0x6a0 [ 633.577023][T23387] ? __pfx_apparmor_file_open+0x10/0x10 [ 633.577067][T23387] ? __pfx_chrdev_open+0x10/0x10 [ 633.577122][T23387] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 633.577179][T23387] do_dentry_open+0x741/0x1c10 [ 633.577227][T23387] ? __pfx_chrdev_open+0x10/0x10 [ 633.577289][T23387] vfs_open+0x82/0x3f0 [ 633.577328][T23387] path_openat+0x1e5e/0x2d40 [ 633.577394][T23387] ? __pfx_path_openat+0x10/0x10 [ 633.577456][T23387] do_filp_open+0x20b/0x470 [ 633.577505][T23387] ? __pfx_do_filp_open+0x10/0x10 [ 633.577587][T23387] ? alloc_fd+0x471/0x7d0 [ 633.577642][T23387] do_sys_openat2+0x11b/0x1d0 [ 633.577675][T23387] ? __pfx_do_sys_openat2+0x10/0x10 [ 633.577728][T23387] __x64_sys_openat+0x174/0x210 [ 633.577765][T23387] ? __pfx___x64_sys_openat+0x10/0x10 [ 633.577804][T23387] ? rcu_is_watching+0x12/0xc0 [ 633.577857][T23387] do_syscall_64+0xcd/0x260 [ 633.577910][T23387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.577945][T23387] RIP: 0033:0x7f304ed8e169 [ 633.577972][T23387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 633.578013][T23387] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 633.578046][T23387] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 633.578069][T23387] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 633.578091][T23387] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 633.578113][T23387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 633.578134][T23387] R13: 0000000000000000 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 633.578178][T23387] [ 634.998766][T23402] openvswitch: HfR: Dropping previously announced user features [ 635.377105][T23394] FAULT_INJECTION: forcing a failure. [ 635.377105][T23394] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 635.377160][T23394] CPU: 0 UID: 0 PID: 23394 Comm: syz.3.1704 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 635.377205][T23394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 635.377226][T23394] Call Trace: [ 635.377237][T23394] [ 635.377250][T23394] dump_stack_lvl+0x16c/0x1f0 [ 635.377305][T23394] should_fail_ex+0x512/0x640 [ 635.377349][T23394] should_fail_alloc_page+0xe7/0x130 [ 635.377385][T23394] prepare_alloc_pages+0x3c2/0x610 [ 635.377433][T23394] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 635.377488][T23394] ? stack_trace_save+0x8e/0xc0 [ 635.377544][T23394] ? __lock_acquire+0xaa4/0x1ba0 [ 635.377596][T23394] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 635.377652][T23394] ? fb_var_to_videomode+0x4c9/0x690 [ 635.377699][T23394] ? __pfx_fb_match_mode+0x10/0x10 [ 635.377744][T23394] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 635.377788][T23394] ? lockdep_hardirqs_on+0x7c/0x110 [ 635.377841][T23394] ? vc_allocate+0x489/0x880 [ 635.377889][T23394] __alloc_pages_noprof+0xb/0x1b0 [ 635.377939][T23394] ___kmalloc_large_node+0x82/0x1e0 [ 635.377977][T23394] ? con_is_visible+0x65/0x150 [ 635.378032][T23394] __kmalloc_large_node_noprof+0x1c/0x70 [ 635.378077][T23394] __kmalloc_noprof.cold+0xc/0x61 [ 635.378134][T23394] vc_allocate+0x489/0x880 [ 635.378186][T23394] ? __pfx_vc_allocate+0x10/0x10 [ 635.378250][T23394] con_install+0xa1/0x600 [ 635.378304][T23394] ? __pfx_con_install+0x10/0x10 [ 635.378364][T23394] ? __pfx_con_install+0x10/0x10 [ 635.378417][T23394] tty_init_dev.part.0+0x99/0x500 [ 635.378456][T23394] tty_open+0xa50/0xf90 [ 635.378497][T23394] ? __pfx_tty_open+0x10/0x10 [ 635.378530][T23394] ? chrdev_open+0x10b/0x6a0 [ 635.378586][T23394] ? __pfx_tty_open+0x10/0x10 [ 635.378618][T23394] chrdev_open+0x231/0x6a0 [ 635.378668][T23394] ? __pfx_apparmor_file_open+0x10/0x10 [ 635.378711][T23394] ? __pfx_chrdev_open+0x10/0x10 [ 635.378767][T23394] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 635.378822][T23394] do_dentry_open+0x741/0x1c10 [ 635.378871][T23394] ? __pfx_chrdev_open+0x10/0x10 [ 635.378932][T23394] vfs_open+0x82/0x3f0 [ 635.378971][T23394] path_openat+0x1e5e/0x2d40 [ 635.379044][T23394] ? __pfx_path_openat+0x10/0x10 [ 635.379115][T23394] do_filp_open+0x20b/0x470 [ 635.379166][T23394] ? __pfx_do_filp_open+0x10/0x10 [ 635.379249][T23394] ? alloc_fd+0x471/0x7d0 [ 635.379310][T23394] do_sys_openat2+0x11b/0x1d0 [ 635.379345][T23394] ? __pfx_do_sys_openat2+0x10/0x10 [ 635.379399][T23394] __x64_sys_openat+0x174/0x210 [ 635.379436][T23394] ? __pfx___x64_sys_openat+0x10/0x10 [ 635.379475][T23394] ? rcu_is_watching+0x12/0xc0 [ 635.379529][T23394] do_syscall_64+0xcd/0x260 [ 635.379583][T23394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.379618][T23394] RIP: 0033:0x7f8ad1f8e169 [ 635.379647][T23394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 635.379681][T23394] RSP: 002b:00007f8ad2de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 635.379712][T23394] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa0 RCX: 00007f8ad1f8e169 [ 635.379734][T23394] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 635.379762][T23394] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 635.379782][T23394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 635.379802][T23394] R13: 0000000000000000 R14: 00007f8ad21b5fa0 R15: 00007ffece796bc8 [ 635.379845][T23394] [ 637.715044][T23433] can: request_module (can-proto-0) failed. [ 639.221016][T23528] openvswitch: HfR: Dropping previously announced user features [ 640.309854][T23552] openvswitch: HfR: Dropping previously announced user features [ 643.230416][T23649] FAULT_INJECTION: forcing a failure. [ 643.230416][T23649] name failslab, interval 1, probability 0, space 0, times 0 [ 643.230468][T23649] CPU: 1 UID: 0 PID: 23649 Comm: syz.2.1733 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 643.230512][T23649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 643.230533][T23649] Call Trace: [ 643.230544][T23649] [ 643.230556][T23649] dump_stack_lvl+0x16c/0x1f0 [ 643.230611][T23649] should_fail_ex+0x512/0x640 [ 643.230648][T23649] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 643.230698][T23649] should_failslab+0xc2/0x120 [ 643.230730][T23649] __kmalloc_cache_noprof+0x6a/0x3e0 [ 643.230776][T23649] ? vc_allocate+0x16c/0x880 [ 643.230833][T23649] vc_allocate+0x16c/0x880 [ 643.230884][T23649] ? __pfx_vc_allocate+0x10/0x10 [ 643.230947][T23649] con_install+0xa1/0x600 [ 643.231001][T23649] ? __pfx_con_install+0x10/0x10 [ 643.231061][T23649] ? __pfx_con_install+0x10/0x10 [ 643.231115][T23649] tty_init_dev.part.0+0x99/0x500 [ 643.231152][T23649] tty_open+0xa50/0xf90 [ 643.231193][T23649] ? __pfx_tty_open+0x10/0x10 [ 643.231234][T23649] ? chrdev_open+0x10b/0x6a0 [ 643.231292][T23649] ? __pfx_tty_open+0x10/0x10 [ 643.231325][T23649] chrdev_open+0x231/0x6a0 [ 643.231374][T23649] ? __pfx_apparmor_file_open+0x10/0x10 [ 643.231416][T23649] ? __pfx_chrdev_open+0x10/0x10 [ 643.231470][T23649] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 643.231526][T23649] do_dentry_open+0x741/0x1c10 [ 643.231574][T23649] ? __pfx_chrdev_open+0x10/0x10 [ 643.231636][T23649] vfs_open+0x82/0x3f0 [ 643.231675][T23649] path_openat+0x1e5e/0x2d40 [ 643.231739][T23649] ? __pfx_path_openat+0x10/0x10 [ 643.231820][T23649] do_filp_open+0x20b/0x470 [ 643.231882][T23649] ? __pfx_do_filp_open+0x10/0x10 [ 643.231969][T23649] ? alloc_fd+0x471/0x7d0 [ 643.232032][T23649] do_sys_openat2+0x11b/0x1d0 [ 643.232068][T23649] ? __pfx_do_sys_openat2+0x10/0x10 [ 643.232131][T23649] __x64_sys_openat+0x174/0x210 [ 643.232178][T23649] ? __pfx___x64_sys_openat+0x10/0x10 [ 643.232225][T23649] ? rcu_is_watching+0x12/0xc0 [ 643.232281][T23649] do_syscall_64+0xcd/0x260 [ 643.232334][T23649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.232368][T23649] RIP: 0033:0x7f304ed8e169 [ 643.232397][T23649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 643.232430][T23649] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 643.232462][T23649] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 643.232485][T23649] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 643.232507][T23649] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 643.232528][T23649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 643.232549][T23649] R13: 0000000000000000 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 643.232592][T23649] [ 645.366182][T23701] Invalid ELF header magic: != ELF [ 647.476663][T23799] FAULT_INJECTION: forcing a failure. [ 647.476663][T23799] name failslab, interval 1, probability 0, space 0, times 0 [ 647.476716][T23799] CPU: 1 UID: 0 PID: 23799 Comm: syz.2.1743 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 647.476758][T23799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 647.476779][T23799] Call Trace: [ 647.476791][T23799] [ 647.476804][T23799] dump_stack_lvl+0x16c/0x1f0 [ 647.476859][T23799] should_fail_ex+0x512/0x640 [ 647.476899][T23799] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 647.476950][T23799] should_failslab+0xc2/0x120 [ 647.476983][T23799] __kmalloc_cache_noprof+0x6a/0x3e0 [ 647.477030][T23799] ? device_create_groups_vargs+0x8a/0x270 [ 647.477077][T23799] device_create_groups_vargs+0x8a/0x270 [ 647.477123][T23799] device_create+0xed/0x130 [ 647.477161][T23799] ? __pfx_device_create+0x10/0x10 [ 647.477194][T23799] ? do_raw_spin_lock+0x12c/0x2b0 [ 647.477235][T23799] ? is_console_locked+0x9/0x20 [ 647.477282][T23799] ? con_is_visible+0x65/0x150 [ 647.477327][T23799] ? csi_J+0x54a/0xad0 [ 647.477383][T23799] vcs_make_sysfs+0x32/0x80 [ 647.477426][T23799] vc_allocate+0x501/0x880 [ 647.477479][T23799] ? __pfx_vc_allocate+0x10/0x10 [ 647.477542][T23799] con_install+0xa1/0x600 [ 647.477608][T23799] ? __pfx_con_install+0x10/0x10 [ 647.477667][T23799] ? __pfx_con_install+0x10/0x10 [ 647.477720][T23799] tty_init_dev.part.0+0x99/0x500 [ 647.477757][T23799] tty_open+0xa50/0xf90 [ 647.477798][T23799] ? __pfx_tty_open+0x10/0x10 [ 647.477832][T23799] ? chrdev_open+0x10b/0x6a0 [ 647.477889][T23799] ? __pfx_tty_open+0x10/0x10 [ 647.477921][T23799] chrdev_open+0x231/0x6a0 [ 647.477970][T23799] ? __pfx_apparmor_file_open+0x10/0x10 [ 647.478013][T23799] ? __pfx_chrdev_open+0x10/0x10 [ 647.478069][T23799] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 647.478124][T23799] do_dentry_open+0x741/0x1c10 [ 647.478170][T23799] ? __pfx_chrdev_open+0x10/0x10 [ 647.478231][T23799] vfs_open+0x82/0x3f0 [ 647.478271][T23799] path_openat+0x1e5e/0x2d40 [ 647.478338][T23799] ? __pfx_path_openat+0x10/0x10 [ 647.478398][T23799] do_filp_open+0x20b/0x470 [ 647.478449][T23799] ? __pfx_do_filp_open+0x10/0x10 [ 647.478533][T23799] ? alloc_fd+0x471/0x7d0 [ 647.478602][T23799] do_sys_openat2+0x11b/0x1d0 [ 647.478639][T23799] ? __pfx_do_sys_openat2+0x10/0x10 [ 647.478693][T23799] __x64_sys_openat+0x174/0x210 [ 647.478731][T23799] ? __pfx___x64_sys_openat+0x10/0x10 [ 647.478771][T23799] ? rcu_is_watching+0x12/0xc0 [ 647.478826][T23799] do_syscall_64+0xcd/0x260 [ 647.478880][T23799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.478914][T23799] RIP: 0033:0x7f304ed8e169 [ 647.478941][T23799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 647.478973][T23799] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 647.479005][T23799] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 647.479028][T23799] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 647.479051][T23799] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 647.479073][T23799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.479094][T23799] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 647.479138][T23799] [ 649.040305][T23799] tty tty26: ldisc open failed (-12), clearing slot 25 [ 653.116185][T23983] FAULT_INJECTION: forcing a failure. [ 653.116185][T23983] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 653.116257][T23983] CPU: 0 UID: 0 PID: 23983 Comm: syz.2.1760 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 653.116301][T23983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 653.116323][T23983] Call Trace: [ 653.116334][T23983] [ 653.116349][T23983] dump_stack_lvl+0x16c/0x1f0 [ 653.116404][T23983] should_fail_ex+0x512/0x640 [ 653.116450][T23983] should_fail_alloc_page+0xe7/0x130 [ 653.116487][T23983] prepare_alloc_pages+0x3c2/0x610 [ 653.116537][T23983] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 653.116595][T23983] ? stack_trace_save+0x8e/0xc0 [ 653.116653][T23983] ? __lock_acquire+0xaa4/0x1ba0 [ 653.116707][T23983] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 653.116762][T23983] ? fb_var_to_videomode+0x4c9/0x690 [ 653.116809][T23983] ? __pfx_fb_match_mode+0x10/0x10 [ 653.116854][T23983] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 653.116899][T23983] ? lockdep_hardirqs_on+0x7c/0x110 [ 653.116952][T23983] ? vc_allocate+0x489/0x880 [ 653.117000][T23983] __alloc_pages_noprof+0xb/0x1b0 [ 653.117051][T23983] ___kmalloc_large_node+0x82/0x1e0 [ 653.117089][T23983] ? con_is_visible+0x65/0x150 [ 653.117136][T23983] __kmalloc_large_node_noprof+0x1c/0x70 [ 653.117181][T23983] __kmalloc_noprof.cold+0xc/0x61 [ 653.117247][T23983] vc_allocate+0x489/0x880 [ 653.117300][T23983] ? __pfx_vc_allocate+0x10/0x10 [ 653.117365][T23983] con_install+0xa1/0x600 [ 653.117419][T23983] ? __pfx_con_install+0x10/0x10 [ 653.117479][T23983] ? __pfx_con_install+0x10/0x10 [ 653.117532][T23983] tty_init_dev.part.0+0x99/0x500 [ 653.117570][T23983] tty_open+0xa50/0xf90 [ 653.117612][T23983] ? __pfx_tty_open+0x10/0x10 [ 653.117645][T23983] ? chrdev_open+0x10b/0x6a0 [ 653.117702][T23983] ? __pfx_tty_open+0x10/0x10 [ 653.117735][T23983] chrdev_open+0x231/0x6a0 [ 653.117785][T23983] ? __pfx_apparmor_file_open+0x10/0x10 [ 653.117828][T23983] ? __pfx_chrdev_open+0x10/0x10 [ 653.117885][T23983] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 653.117940][T23983] do_dentry_open+0x741/0x1c10 [ 653.117990][T23983] ? __pfx_chrdev_open+0x10/0x10 [ 653.118051][T23983] vfs_open+0x82/0x3f0 [ 653.118092][T23983] path_openat+0x1e5e/0x2d40 [ 653.118159][T23983] ? __pfx_path_openat+0x10/0x10 [ 653.118221][T23983] do_filp_open+0x20b/0x470 [ 653.118280][T23983] ? __pfx_do_filp_open+0x10/0x10 [ 653.118363][T23983] ? alloc_fd+0x471/0x7d0 [ 653.118425][T23983] do_sys_openat2+0x11b/0x1d0 [ 653.118461][T23983] ? __pfx_do_sys_openat2+0x10/0x10 [ 653.118515][T23983] __x64_sys_openat+0x174/0x210 [ 653.118553][T23983] ? __pfx___x64_sys_openat+0x10/0x10 [ 653.118592][T23983] ? rcu_is_watching+0x12/0xc0 [ 653.118647][T23983] do_syscall_64+0xcd/0x260 [ 653.118701][T23983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.118736][T23983] RIP: 0033:0x7f304ed8e169 [ 653.118763][T23983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.118798][T23983] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 653.118831][T23983] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 653.118854][T23983] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 653.118877][T23983] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 653.118898][T23983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 653.118918][T23983] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 653.118963][T23983] [ 655.190238][T24010] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 655.202493][T24010] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1766'. [ 655.588019][T24019] FAULT_INJECTION: forcing a failure. [ 655.588019][T24019] name failslab, interval 1, probability 0, space 0, times 0 [ 655.617872][T24019] CPU: 0 UID: 0 PID: 24019 Comm: syz.2.1770 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 655.617919][T24019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 655.617940][T24019] Call Trace: [ 655.617951][T24019] [ 655.617963][T24019] dump_stack_lvl+0x16c/0x1f0 [ 655.618018][T24019] should_fail_ex+0x512/0x640 [ 655.618054][T24019] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 655.618104][T24019] should_failslab+0xc2/0x120 [ 655.618136][T24019] __kmalloc_cache_noprof+0x6a/0x3e0 [ 655.618175][T24019] ? snd_midi_event_new+0x6f/0x210 [ 655.618221][T24019] snd_midi_event_new+0x6f/0x210 [ 655.618261][T24019] snd_virmidi_input_open+0x107/0x4a0 [ 655.618311][T24019] open_substream+0x478/0x9b0 [ 655.618343][T24019] rawmidi_open_priv+0x513/0x6e0 [ 655.618379][T24019] snd_rawmidi_open+0x4cc/0xbf0 [ 655.618417][T24019] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 655.618451][T24019] ? __pfx_default_wake_function+0x10/0x10 [ 655.618491][T24019] ? kobject_get_unless_zero+0x156/0x1e0 [ 655.618538][T24019] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 655.618569][T24019] snd_open+0x1fe/0x450 [ 655.618609][T24019] ? __pfx_snd_open+0x10/0x10 [ 655.618647][T24019] chrdev_open+0x231/0x6a0 [ 655.618688][T24019] ? __pfx_apparmor_file_open+0x10/0x10 [ 655.618722][T24019] ? __pfx_chrdev_open+0x10/0x10 [ 655.618776][T24019] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 655.618823][T24019] do_dentry_open+0x741/0x1c10 [ 655.618863][T24019] ? __pfx_chrdev_open+0x10/0x10 [ 655.618912][T24019] vfs_open+0x82/0x3f0 [ 655.618944][T24019] path_openat+0x1e5e/0x2d40 [ 655.618997][T24019] ? __pfx_path_openat+0x10/0x10 [ 655.619045][T24019] do_filp_open+0x20b/0x470 [ 655.619086][T24019] ? __pfx_do_filp_open+0x10/0x10 [ 655.619149][T24019] ? alloc_fd+0x471/0x7d0 [ 655.619196][T24019] do_sys_openat2+0x11b/0x1d0 [ 655.619224][T24019] ? __pfx_do_sys_openat2+0x10/0x10 [ 655.619266][T24019] __x64_sys_openat+0x174/0x210 [ 655.619295][T24019] ? __pfx___x64_sys_openat+0x10/0x10 [ 655.619327][T24019] ? rcu_is_watching+0x12/0xc0 [ 655.619370][T24019] do_syscall_64+0xcd/0x260 [ 655.619412][T24019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.619440][T24019] RIP: 0033:0x7f304ed8e169 [ 655.619461][T24019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.619489][T24019] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 655.619514][T24019] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 655.619532][T24019] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 655.619550][T24019] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 655.619568][T24019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.619584][T24019] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 655.619618][T24019] [ 659.665727][T24097] FAULT_INJECTION: forcing a failure. [ 659.665727][T24097] name failslab, interval 1, probability 0, space 0, times 0 [ 659.665780][T24097] CPU: 1 UID: 0 PID: 24097 Comm: syz.3.1790 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 659.665825][T24097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 659.665845][T24097] Call Trace: [ 659.665856][T24097] [ 659.665869][T24097] dump_stack_lvl+0x16c/0x1f0 [ 659.665924][T24097] should_fail_ex+0x512/0x640 [ 659.665961][T24097] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 659.666011][T24097] should_failslab+0xc2/0x120 [ 659.666043][T24097] __kmalloc_cache_noprof+0x6a/0x3e0 [ 659.666093][T24097] ? device_create_groups_vargs+0x8a/0x270 [ 659.666139][T24097] device_create_groups_vargs+0x8a/0x270 [ 659.666182][T24097] device_create+0xed/0x130 [ 659.666220][T24097] ? __pfx_device_create+0x10/0x10 [ 659.666253][T24097] ? do_raw_spin_lock+0x12c/0x2b0 [ 659.666294][T24097] ? is_console_locked+0x9/0x20 [ 659.666350][T24097] ? con_is_visible+0x65/0x150 [ 659.666395][T24097] ? csi_J+0x54a/0xad0 [ 659.666457][T24097] vcs_make_sysfs+0x32/0x80 [ 659.666503][T24097] vc_allocate+0x501/0x880 [ 659.666558][T24097] ? __pfx_vc_allocate+0x10/0x10 [ 659.666622][T24097] con_install+0xa1/0x600 [ 659.666677][T24097] ? __pfx_con_install+0x10/0x10 [ 659.666738][T24097] ? __pfx_con_install+0x10/0x10 [ 659.666789][T24097] tty_init_dev.part.0+0x99/0x500 [ 659.666825][T24097] tty_open+0xa50/0xf90 [ 659.666865][T24097] ? __pfx_tty_open+0x10/0x10 [ 659.666898][T24097] ? chrdev_open+0x10b/0x6a0 [ 659.666955][T24097] ? __pfx_tty_open+0x10/0x10 [ 659.666987][T24097] chrdev_open+0x231/0x6a0 [ 659.667036][T24097] ? __pfx_apparmor_file_open+0x10/0x10 [ 659.667079][T24097] ? __pfx_chrdev_open+0x10/0x10 [ 659.667134][T24097] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 659.667191][T24097] do_dentry_open+0x741/0x1c10 [ 659.667239][T24097] ? __pfx_chrdev_open+0x10/0x10 [ 659.667299][T24097] vfs_open+0x82/0x3f0 [ 659.667339][T24097] path_openat+0x1e5e/0x2d40 [ 659.667413][T24097] ? __pfx_path_openat+0x10/0x10 [ 659.667480][T24097] do_filp_open+0x20b/0x470 [ 659.667532][T24097] ? __pfx_do_filp_open+0x10/0x10 [ 659.667619][T24097] ? alloc_fd+0x471/0x7d0 [ 659.667680][T24097] do_sys_openat2+0x11b/0x1d0 [ 659.667716][T24097] ? __pfx_do_sys_openat2+0x10/0x10 [ 659.667770][T24097] __x64_sys_openat+0x174/0x210 [ 659.667808][T24097] ? __pfx___x64_sys_openat+0x10/0x10 [ 659.667848][T24097] ? rcu_is_watching+0x12/0xc0 [ 659.667902][T24097] do_syscall_64+0xcd/0x260 [ 659.667956][T24097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.667991][T24097] RIP: 0033:0x7f8ad1f8e169 [ 659.668019][T24097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.668053][T24097] RSP: 002b:00007f8ad2de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 659.668087][T24097] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa0 RCX: 00007f8ad1f8e169 [ 659.668112][T24097] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 659.668136][T24097] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 659.668159][T24097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.668181][T24097] R13: 0000000000000000 R14: 00007f8ad21b5fa0 R15: 00007ffece796bc8 [ 659.668228][T24097] [ 660.782491][T24118] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1794'. [ 661.275172][T24097] tty tty26: ldisc open failed (-12), clearing slot 25 [ 662.530440][T24172] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 663.485062][T24184] FAULT_INJECTION: forcing a failure. [ 663.485062][T24184] name failslab, interval 1, probability 0, space 0, times 0 [ 663.531540][T24184] CPU: 1 UID: 0 PID: 24184 Comm: syz.3.1803 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 663.531588][T24184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 663.531609][T24184] Call Trace: [ 663.531620][T24184] [ 663.531633][T24184] dump_stack_lvl+0x16c/0x1f0 [ 663.531690][T24184] should_fail_ex+0x512/0x640 [ 663.531728][T24184] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 663.531779][T24184] should_failslab+0xc2/0x120 [ 663.531813][T24184] __kmalloc_cache_noprof+0x6a/0x3e0 [ 663.531861][T24184] ? cuse_channel_open+0x1de/0x7f0 [ 663.531913][T24184] cuse_channel_open+0x1de/0x7f0 [ 663.531952][T24184] ? __pfx_cuse_channel_open+0x10/0x10 [ 663.531992][T24184] misc_open+0x35a/0x420 [ 663.532037][T24184] ? __pfx_misc_open+0x10/0x10 [ 663.532079][T24184] chrdev_open+0x231/0x6a0 [ 663.532130][T24184] ? __pfx_apparmor_file_open+0x10/0x10 [ 663.532173][T24184] ? __pfx_chrdev_open+0x10/0x10 [ 663.532235][T24184] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 663.532292][T24184] do_dentry_open+0x741/0x1c10 [ 663.532341][T24184] ? __pfx_chrdev_open+0x10/0x10 [ 663.532400][T24184] vfs_open+0x82/0x3f0 [ 663.532440][T24184] path_openat+0x1e5e/0x2d40 [ 663.532506][T24184] ? __pfx_path_openat+0x10/0x10 [ 663.532567][T24184] do_filp_open+0x20b/0x470 [ 663.532618][T24184] ? __pfx_do_filp_open+0x10/0x10 [ 663.532696][T24184] ? alloc_fd+0x471/0x7d0 [ 663.532751][T24184] do_sys_openat2+0x11b/0x1d0 [ 663.532785][T24184] ? __pfx_do_sys_openat2+0x10/0x10 [ 663.532831][T24184] __x64_sys_openat+0x174/0x210 [ 663.532869][T24184] ? __pfx___x64_sys_openat+0x10/0x10 [ 663.532919][T24184] do_syscall_64+0xcd/0x260 [ 663.532969][T24184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.533003][T24184] RIP: 0033:0x7f8ad1f8e169 [ 663.533030][T24184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 663.533062][T24184] RSP: 002b:00007f8ad2da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 663.533094][T24184] RAX: ffffffffffffffda RBX: 00007f8ad21b6160 RCX: 00007f8ad1f8e169 [ 663.533116][T24184] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 663.533138][T24184] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 663.533159][T24184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 663.533179][T24184] R13: 0000000000000000 R14: 00007f8ad21b6160 R15: 00007ffece796bc8 [ 663.533231][T24184] [ 664.602113][T24215] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1810'. [ 664.689178][T24219] FAULT_INJECTION: forcing a failure. [ 664.689178][T24219] name failslab, interval 1, probability 0, space 0, times 0 [ 664.702345][T24219] CPU: 0 UID: 0 PID: 24219 Comm: syz.3.1808 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 664.702396][T24219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 664.702418][T24219] Call Trace: [ 664.702431][T24219] [ 664.702444][T24219] dump_stack_lvl+0x16c/0x1f0 [ 664.702502][T24219] should_fail_ex+0x512/0x640 [ 664.702547][T24219] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 664.702600][T24219] should_failslab+0xc2/0x120 [ 664.702634][T24219] __kmalloc_cache_noprof+0x6a/0x3e0 [ 664.702682][T24219] ? cuse_channel_open+0x1de/0x7f0 [ 664.702727][T24219] cuse_channel_open+0x1de/0x7f0 [ 664.702765][T24219] ? __pfx_cuse_channel_open+0x10/0x10 [ 664.702805][T24219] misc_open+0x35a/0x420 [ 664.702850][T24219] ? __pfx_misc_open+0x10/0x10 [ 664.702897][T24219] chrdev_open+0x231/0x6a0 [ 664.702961][T24219] ? __pfx_apparmor_file_open+0x10/0x10 [ 664.703017][T24219] ? __pfx_chrdev_open+0x10/0x10 [ 664.703084][T24219] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 664.703148][T24219] do_dentry_open+0x741/0x1c10 [ 664.703197][T24219] ? __pfx_chrdev_open+0x10/0x10 [ 664.703258][T24219] vfs_open+0x82/0x3f0 [ 664.703297][T24219] path_openat+0x1e5e/0x2d40 [ 664.703368][T24219] ? __pfx_path_openat+0x10/0x10 [ 664.703429][T24219] do_filp_open+0x20b/0x470 [ 664.703479][T24219] ? __pfx_do_filp_open+0x10/0x10 [ 664.703560][T24219] ? alloc_fd+0x471/0x7d0 [ 664.703620][T24219] do_sys_openat2+0x11b/0x1d0 [ 664.703656][T24219] ? __pfx_do_sys_openat2+0x10/0x10 [ 664.703710][T24219] __x64_sys_openat+0x174/0x210 [ 664.703752][T24219] ? __pfx___x64_sys_openat+0x10/0x10 [ 664.703790][T24219] ? rcu_is_watching+0x12/0xc0 [ 664.703845][T24219] do_syscall_64+0xcd/0x260 [ 664.703897][T24219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.703931][T24219] RIP: 0033:0x7f8ad1f8e169 [ 664.703959][T24219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 664.703992][T24219] RSP: 002b:00007f8ad2da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 664.704025][T24219] RAX: ffffffffffffffda RBX: 00007f8ad21b6160 RCX: 00007f8ad1f8e169 [ 664.704048][T24219] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 664.704080][T24219] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 664.704109][T24219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 664.704130][T24219] R13: 0000000000000000 R14: 00007f8ad21b6160 R15: 00007ffece796bc8 [ 664.704174][T24219] [ 664.996634][T24221] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 665.228342][T24226] FAULT_INJECTION: forcing a failure. [ 665.228342][T24226] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 665.314704][T24226] CPU: 0 UID: 0 PID: 24226 Comm: syz.2.1811 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 665.314751][T24226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 665.314771][T24226] Call Trace: [ 665.314782][T24226] [ 665.314794][T24226] dump_stack_lvl+0x16c/0x1f0 [ 665.314846][T24226] should_fail_ex+0x512/0x640 [ 665.314890][T24226] strncpy_from_user+0x3b/0x2e0 [ 665.314929][T24226] getname_flags.part.0+0x8f/0x550 [ 665.314973][T24226] __x64_sys_unlink+0xb0/0x110 [ 665.315024][T24226] do_syscall_64+0xcd/0x260 [ 665.315086][T24226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.315119][T24226] RIP: 0033:0x7f304ed8e169 [ 665.315145][T24226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 665.315176][T24226] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 665.315208][T24226] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 665.315230][T24226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000380 [ 665.315250][T24226] RBP: 00007f304cbf6090 R08: 0000000000000000 R09: 0000000000000000 [ 665.315268][T24226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.315288][T24226] R13: 0000000000000001 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 665.315329][T24226] [ 666.049678][T24239] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1817'. [ 667.511966][T24324] FAULT_INJECTION: forcing a failure. [ 667.511966][T24324] name failslab, interval 1, probability 0, space 0, times 0 [ 667.543594][T24324] CPU: 1 UID: 0 PID: 24324 Comm: syz.2.1820 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 667.543647][T24324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 667.543668][T24324] Call Trace: [ 667.543681][T24324] [ 667.543695][T24324] dump_stack_lvl+0x16c/0x1f0 [ 667.543751][T24324] should_fail_ex+0x512/0x640 [ 667.543789][T24324] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 667.543854][T24324] should_failslab+0xc2/0x120 [ 667.543887][T24324] __kmalloc_cache_node_noprof+0x6d/0x420 [ 667.543939][T24324] ? __get_vm_area_node+0x101/0x300 [ 667.543986][T24324] __get_vm_area_node+0x101/0x300 [ 667.544034][T24324] __vmalloc_node_range_noprof+0x277/0x1540 [ 667.544078][T24324] ? n_tty_open+0x1a/0x170 [ 667.544128][T24324] ? n_tty_open+0x1a/0x170 [ 667.544167][T24324] ? __ldsem_down_write_nested+0x10e/0x850 [ 667.544207][T24324] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 667.544263][T24324] ? n_tty_open+0x1a/0x170 [ 667.544300][T24324] vzalloc_noprof+0x6b/0x90 [ 667.544342][T24324] ? n_tty_open+0x1a/0x170 [ 667.544377][T24324] ? __pfx_n_tty_open+0x10/0x10 [ 667.544411][T24324] n_tty_open+0x1a/0x170 [ 667.544446][T24324] ? __pfx_n_tty_open+0x10/0x10 [ 667.544481][T24324] tty_ldisc_open+0x9c/0x120 [ 667.544529][T24324] tty_ldisc_setup+0x40/0x100 [ 667.544578][T24324] tty_init_dev.part.0+0x1ec/0x500 [ 667.544617][T24324] tty_open+0xa50/0xf90 [ 667.544657][T24324] ? __pfx_tty_open+0x10/0x10 [ 667.544690][T24324] ? chrdev_open+0x10b/0x6a0 [ 667.544746][T24324] ? __pfx_tty_open+0x10/0x10 [ 667.544778][T24324] chrdev_open+0x231/0x6a0 [ 667.544834][T24324] ? __pfx_apparmor_file_open+0x10/0x10 [ 667.544876][T24324] ? __pfx_chrdev_open+0x10/0x10 [ 667.544931][T24324] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 667.544988][T24324] do_dentry_open+0x741/0x1c10 [ 667.545038][T24324] ? __pfx_chrdev_open+0x10/0x10 [ 667.545099][T24324] vfs_open+0x82/0x3f0 [ 667.545139][T24324] path_openat+0x1e5e/0x2d40 [ 667.545260][T24324] ? __pfx_path_openat+0x10/0x10 [ 667.545347][T24324] do_filp_open+0x20b/0x470 [ 667.545401][T24324] ? __pfx_do_filp_open+0x10/0x10 [ 667.545485][T24324] ? alloc_fd+0x471/0x7d0 [ 667.545545][T24324] do_sys_openat2+0x11b/0x1d0 [ 667.545580][T24324] ? __pfx_do_sys_openat2+0x10/0x10 [ 667.545635][T24324] __x64_sys_openat+0x174/0x210 [ 667.545673][T24324] ? __pfx___x64_sys_openat+0x10/0x10 [ 667.545713][T24324] ? rcu_is_watching+0x12/0xc0 [ 667.545805][T24324] do_syscall_64+0xcd/0x260 [ 667.545860][T24324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.545894][T24324] RIP: 0033:0x7f304ed8e169 [ 667.545921][T24324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 667.545954][T24324] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 667.545986][T24324] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 667.546022][T24324] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 667.546045][T24324] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 667.546067][T24324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 667.546089][T24324] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 667.546135][T24324] [ 667.546154][T24324] syz.2.1820: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 667.907481][T24324] CPU: 1 UID: 0 PID: 24324 Comm: syz.2.1820 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 667.907545][T24324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 667.907566][T24324] Call Trace: [ 667.907578][T24324] [ 667.907591][T24324] dump_stack_lvl+0x16c/0x1f0 [ 667.907647][T24324] warn_alloc+0x248/0x3a0 [ 667.907701][T24324] ? __pfx_warn_alloc+0x10/0x10 [ 667.907755][T24324] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 667.907812][T24324] ? __kasan_kmalloc+0x8a/0xb0 [ 667.907863][T24324] ? __get_vm_area_node+0x1e5/0x300 [ 667.907915][T24324] __vmalloc_node_range_noprof+0xd31/0x1540 [ 667.907976][T24324] ? n_tty_open+0x1a/0x170 [ 667.908018][T24324] ? __ldsem_down_write_nested+0x10e/0x850 [ 667.908059][T24324] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 667.908118][T24324] ? n_tty_open+0x1a/0x170 [ 667.908155][T24324] vzalloc_noprof+0x6b/0x90 [ 667.908199][T24324] ? n_tty_open+0x1a/0x170 [ 667.908239][T24324] ? __pfx_n_tty_open+0x10/0x10 [ 667.908272][T24324] n_tty_open+0x1a/0x170 [ 667.908307][T24324] ? __pfx_n_tty_open+0x10/0x10 [ 667.908343][T24324] tty_ldisc_open+0x9c/0x120 [ 667.908391][T24324] tty_ldisc_setup+0x40/0x100 [ 667.908442][T24324] tty_init_dev.part.0+0x1ec/0x500 [ 667.908480][T24324] tty_open+0xa50/0xf90 [ 667.908522][T24324] ? __pfx_tty_open+0x10/0x10 [ 667.908561][T24324] ? chrdev_open+0x10b/0x6a0 [ 667.908617][T24324] ? __pfx_tty_open+0x10/0x10 [ 667.908649][T24324] chrdev_open+0x231/0x6a0 [ 667.908699][T24324] ? __pfx_apparmor_file_open+0x10/0x10 [ 667.908743][T24324] ? __pfx_chrdev_open+0x10/0x10 [ 667.908799][T24324] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 667.908857][T24324] do_dentry_open+0x741/0x1c10 [ 667.908906][T24324] ? __pfx_chrdev_open+0x10/0x10 [ 667.908966][T24324] vfs_open+0x82/0x3f0 [ 667.909007][T24324] path_openat+0x1e5e/0x2d40 [ 667.909073][T24324] ? __pfx_path_openat+0x10/0x10 [ 667.909134][T24324] do_filp_open+0x20b/0x470 [ 667.909184][T24324] ? __pfx_do_filp_open+0x10/0x10 [ 667.909267][T24324] ? alloc_fd+0x471/0x7d0 [ 667.909328][T24324] do_sys_openat2+0x11b/0x1d0 [ 667.909380][T24324] ? __pfx_do_sys_openat2+0x10/0x10 [ 667.909435][T24324] __x64_sys_openat+0x174/0x210 [ 667.909473][T24324] ? __pfx___x64_sys_openat+0x10/0x10 [ 667.909513][T24324] ? rcu_is_watching+0x12/0xc0 [ 667.909574][T24324] do_syscall_64+0xcd/0x260 [ 667.909628][T24324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.909662][T24324] RIP: 0033:0x7f304ed8e169 [ 667.909690][T24324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 667.909723][T24324] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 667.909755][T24324] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 667.909778][T24324] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 667.909799][T24324] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 667.909820][T24324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 667.909840][T24324] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 667.909885][T24324] [ 667.910251][T24324] Mem-Info: [ 668.246508][T24324] active_anon:9399 inactive_anon:0 isolated_anon:0 [ 668.246508][T24324] active_file:22161 inactive_file:39628 isolated_file:0 [ 668.246508][T24324] unevictable:768 dirty:635 writeback:0 [ 668.246508][T24324] slab_reclaimable:10469 slab_unreclaimable:94571 [ 668.246508][T24324] mapped:25148 shmem:1453 pagetables:805 [ 668.246508][T24324] sec_pagetables:0 bounce:0 [ 668.246508][T24324] kernel_misc_reclaimable:0 [ 668.246508][T24324] free:1324006 free_pcp:5042 free_cma:0 [ 668.309071][T24324] Node 0 active_anon:37596kB inactive_anon:0kB active_file:88644kB inactive_file:158444kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100592kB dirty:2536kB writeback:0kB shmem:3252kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10148kB pagetables:3220kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 668.371417][T24324] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 668.449666][T24324] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 668.489079][T24324] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 668.495077][T24324] Node 0 DMA32 free:1369612kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:41648kB inactive_anon:0kB active_file:88644kB inactive_file:156888kB unevictable:1536kB writepending:2536kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:20544kB local_pcp:19616kB free_cma:0kB [ 668.561411][T24324] lowmem_reserve[]: 0 0 1 1 1 [ 668.566291][T24324] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:12kB free_cma:0kB [ 668.635578][T24324] lowmem_reserve[]: 0 0 0 0 0 [ 668.651162][T24324] Node 1 Normal free:3906828kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:184kB local_pcp:124kB free_cma:0kB [ 668.724511][T24324] lowmem_reserve[]: 0 0 0 0 0 [ 668.761689][T24324] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 668.795533][T24324] Node 0 DMA32: 4107*4kB (UME) 1861*8kB (UME) 1441*16kB (UME) 1175*32kB (UM) 514*64kB (UME) 262*128kB (UME) 167*256kB (UME) 68*512kB (UM) 31*1024kB (UME) 13*2048kB (UM) 264*4096kB (UM) = 1375684kB [ 668.835822][T24324] Node 0 Normal: 2*4kB (M) 2*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 668.857924][T24324] Node 1 Normal: 211*4kB (UME) 54*8kB (UME) 39*16kB (UME) 191*32kB (UME) 95*64kB (UME) 32*128kB (UME) 18*256kB (UME) 10*512kB (UM) 10*1024kB (UME) 5*2048kB (UME) 942*4096kB (M) = 3906828kB [ 668.884792][T24324] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 668.895505][T24324] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 668.910135][T24324] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 668.920380][T24324] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 668.941057][T24324] 63245 total pagecache pages [ 668.949388][T24324] 0 pages in swap cache [ 668.953622][T24324] Free swap = 124996kB [ 668.960948][T24324] Total swap = 124996kB [ 668.965272][T24324] 2097051 pages RAM [ 668.970198][T24324] 0 pages HighMem/MovableOnly [ 668.975427][T24324] 429591 pages reserved [ 668.982455][T24324] 0 pages cma reserved [ 668.987876][T24324] tty tty26: ldisc open failed (-12), clearing slot 25 [ 669.314785][T24366] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 670.190267][T24382] openvswitch: HfR: Dropping previously announced user features [ 670.341170][T24386] FAULT_INJECTION: forcing a failure. [ 670.341170][T24386] name failslab, interval 1, probability 0, space 0, times 0 [ 670.366341][T24386] CPU: 0 UID: 0 PID: 24386 Comm: syz.3.1831 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 670.366391][T24386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 670.366413][T24386] Call Trace: [ 670.366425][T24386] [ 670.366439][T24386] dump_stack_lvl+0x16c/0x1f0 [ 670.366493][T24386] should_fail_ex+0x512/0x640 [ 670.366529][T24386] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 670.366585][T24386] should_failslab+0xc2/0x120 [ 670.366616][T24386] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 670.366667][T24386] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.366703][T24386] ? fuse_request_alloc+0x22/0x200 [ 670.366758][T24386] fuse_request_alloc+0x22/0x200 [ 670.366806][T24386] fuse_get_req+0x748/0xfd0 [ 670.366864][T24386] ? __pfx_fuse_get_req+0x10/0x10 [ 670.366934][T24386] fuse_simple_background+0x464/0x5f0 [ 670.366982][T24386] ? kasan_save_track+0x14/0x30 [ 670.367034][T24386] cuse_channel_open+0x561/0x7f0 [ 670.367072][T24386] ? __pfx_cuse_channel_open+0x10/0x10 [ 670.367112][T24386] misc_open+0x35a/0x420 [ 670.367155][T24386] ? __pfx_misc_open+0x10/0x10 [ 670.367215][T24386] chrdev_open+0x231/0x6a0 [ 670.367265][T24386] ? __pfx_apparmor_file_open+0x10/0x10 [ 670.367320][T24386] ? __pfx_chrdev_open+0x10/0x10 [ 670.367373][T24386] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 670.367427][T24386] do_dentry_open+0x741/0x1c10 [ 670.367476][T24386] ? __pfx_chrdev_open+0x10/0x10 [ 670.367536][T24386] vfs_open+0x82/0x3f0 [ 670.367576][T24386] path_openat+0x1e5e/0x2d40 [ 670.367643][T24386] ? __pfx_path_openat+0x10/0x10 [ 670.367704][T24386] do_filp_open+0x20b/0x470 [ 670.367756][T24386] ? __pfx_do_filp_open+0x10/0x10 [ 670.367838][T24386] ? alloc_fd+0x471/0x7d0 [ 670.367897][T24386] do_sys_openat2+0x11b/0x1d0 [ 670.367933][T24386] ? __pfx_do_sys_openat2+0x10/0x10 [ 670.367986][T24386] __x64_sys_openat+0x174/0x210 [ 670.368024][T24386] ? __pfx___x64_sys_openat+0x10/0x10 [ 670.368064][T24386] ? rcu_is_watching+0x12/0xc0 [ 670.368118][T24386] do_syscall_64+0xcd/0x260 [ 670.368172][T24386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.368208][T24386] RIP: 0033:0x7f8ad1f8e169 [ 670.368235][T24386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.368269][T24386] RSP: 002b:00007f8ad2da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 670.368308][T24386] RAX: ffffffffffffffda RBX: 00007f8ad21b6160 RCX: 00007f8ad1f8e169 [ 670.368330][T24386] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 670.368351][T24386] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 670.368371][T24386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 670.368391][T24386] R13: 0000000000000000 R14: 00007f8ad21b6160 R15: 00007ffece796bc8 [ 670.368433][T24386] [ 671.362085][T24440] openvswitch: HfR: Dropping previously announced user features [ 671.753023][T24468] FAULT_INJECTION: forcing a failure. [ 671.753023][T24468] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 671.753076][T24468] CPU: 0 UID: 0 PID: 24468 Comm: syz.2.1839 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 671.753120][T24468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 671.753141][T24468] Call Trace: [ 671.753167][T24468] [ 671.753181][T24468] dump_stack_lvl+0x16c/0x1f0 [ 671.753239][T24468] should_fail_ex+0x512/0x640 [ 671.753285][T24468] should_fail_alloc_page+0xe7/0x130 [ 671.753322][T24468] prepare_alloc_pages+0x3c2/0x610 [ 671.753373][T24468] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 671.753430][T24468] ? stack_trace_save+0x8e/0xc0 [ 671.753487][T24468] ? __lock_acquire+0xaa4/0x1ba0 [ 671.753541][T24468] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 671.753596][T24468] ? fb_var_to_videomode+0x4c9/0x690 [ 671.753641][T24468] ? __pfx_fb_match_mode+0x10/0x10 [ 671.753685][T24468] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 671.753730][T24468] ? lockdep_hardirqs_on+0x7c/0x110 [ 671.753781][T24468] ? vc_allocate+0x489/0x880 [ 671.753830][T24468] __alloc_pages_noprof+0xb/0x1b0 [ 671.753881][T24468] ___kmalloc_large_node+0x82/0x1e0 [ 671.753919][T24468] ? con_is_visible+0x65/0x150 [ 671.753965][T24468] __kmalloc_large_node_noprof+0x1c/0x70 [ 671.754010][T24468] __kmalloc_noprof.cold+0xc/0x61 [ 671.754067][T24468] vc_allocate+0x489/0x880 [ 671.754119][T24468] ? __pfx_vc_allocate+0x10/0x10 [ 671.754195][T24468] con_install+0xa1/0x600 [ 671.754252][T24468] ? __pfx_con_install+0x10/0x10 [ 671.754318][T24468] ? __pfx_con_install+0x10/0x10 [ 671.754372][T24468] tty_init_dev.part.0+0x99/0x500 [ 671.754413][T24468] tty_open+0xa50/0xf90 [ 671.754455][T24468] ? __pfx_tty_open+0x10/0x10 [ 671.754488][T24468] ? chrdev_open+0x10b/0x6a0 [ 671.754544][T24468] ? __pfx_tty_open+0x10/0x10 [ 671.754576][T24468] chrdev_open+0x231/0x6a0 [ 671.754625][T24468] ? __pfx_apparmor_file_open+0x10/0x10 [ 671.754667][T24468] ? __pfx_chrdev_open+0x10/0x10 [ 671.754722][T24468] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 671.754776][T24468] do_dentry_open+0x741/0x1c10 [ 671.754826][T24468] ? __pfx_chrdev_open+0x10/0x10 [ 671.754887][T24468] vfs_open+0x82/0x3f0 [ 671.754928][T24468] path_openat+0x1e5e/0x2d40 [ 671.754994][T24468] ? __pfx_path_openat+0x10/0x10 [ 671.755056][T24468] do_filp_open+0x20b/0x470 [ 671.755106][T24468] ? __pfx_do_filp_open+0x10/0x10 [ 671.755194][T24468] ? alloc_fd+0x471/0x7d0 [ 671.755254][T24468] do_sys_openat2+0x11b/0x1d0 [ 671.755288][T24468] ? __pfx_do_sys_openat2+0x10/0x10 [ 671.755337][T24468] __x64_sys_openat+0x174/0x210 [ 671.755373][T24468] ? __pfx___x64_sys_openat+0x10/0x10 [ 671.755412][T24468] ? rcu_is_watching+0x12/0xc0 [ 671.755467][T24468] do_syscall_64+0xcd/0x260 [ 671.755522][T24468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 671.755556][T24468] RIP: 0033:0x7f304ed8e169 [ 671.755583][T24468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 671.755616][T24468] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 671.755649][T24468] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 671.755672][T24468] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 671.755712][T24468] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 671.755733][T24468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 671.755754][T24468] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 671.755799][T24468] [ 674.200833][T24530] FAULT_INJECTION: forcing a failure. [ 674.200833][T24530] name failslab, interval 1, probability 0, space 0, times 0 [ 674.215806][T24530] CPU: 1 UID: 0 PID: 24530 Comm: syz.2.1845 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 674.215855][T24530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 674.215877][T24530] Call Trace: [ 674.215890][T24530] [ 674.215905][T24530] dump_stack_lvl+0x16c/0x1f0 [ 674.215962][T24530] should_fail_ex+0x512/0x640 [ 674.216000][T24530] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 674.216051][T24530] should_failslab+0xc2/0x120 [ 674.216083][T24530] __kmalloc_cache_noprof+0x6a/0x3e0 [ 674.216130][T24530] ? cuse_channel_open+0x1de/0x7f0 [ 674.216182][T24530] cuse_channel_open+0x1de/0x7f0 [ 674.216221][T24530] ? __pfx_cuse_channel_open+0x10/0x10 [ 674.216261][T24530] misc_open+0x35a/0x420 [ 674.216304][T24530] ? __pfx_misc_open+0x10/0x10 [ 674.216346][T24530] chrdev_open+0x231/0x6a0 [ 674.216397][T24530] ? __pfx_apparmor_file_open+0x10/0x10 [ 674.216441][T24530] ? __pfx_chrdev_open+0x10/0x10 [ 674.216494][T24530] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 674.216546][T24530] do_dentry_open+0x741/0x1c10 [ 674.216592][T24530] ? __pfx_chrdev_open+0x10/0x10 [ 674.216650][T24530] vfs_open+0x82/0x3f0 [ 674.216691][T24530] path_openat+0x1e5e/0x2d40 [ 674.216757][T24530] ? __pfx_path_openat+0x10/0x10 [ 674.216819][T24530] do_filp_open+0x20b/0x470 [ 674.216873][T24530] ? __pfx_do_filp_open+0x10/0x10 [ 674.216956][T24530] ? alloc_fd+0x471/0x7d0 [ 674.217017][T24530] do_sys_openat2+0x11b/0x1d0 [ 674.217053][T24530] ? __pfx_do_sys_openat2+0x10/0x10 [ 674.217106][T24530] __x64_sys_openat+0x174/0x210 [ 674.217144][T24530] ? __pfx___x64_sys_openat+0x10/0x10 [ 674.217193][T24530] ? rcu_is_watching+0x12/0xc0 [ 674.217248][T24530] do_syscall_64+0xcd/0x260 [ 674.217304][T24530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.217339][T24530] RIP: 0033:0x7f304ed8e169 [ 674.217366][T24530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.217400][T24530] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 674.217432][T24530] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 674.217455][T24530] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 674.217478][T24530] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 674.217500][T24530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.217520][T24530] R13: 0000000000000000 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 674.217563][T24530] [ 674.938571][T24546] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 675.210314][T24551] openvswitch: HfR: Dropping previously announced user features [ 675.354827][T24557] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1846'. [ 676.141009][T24588] Invalid ELF header magic: != ELF [ 677.590412][T24655] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1861'. [ 679.566765][ T30] audit: type=1800 audit(6039816881.141:6): pid=24734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1870" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 679.824625][T24743] FAULT_INJECTION: forcing a failure. [ 679.824625][T24743] name failslab, interval 1, probability 0, space 0, times 0 [ 679.849674][T24743] CPU: 0 UID: 0 PID: 24743 Comm: syz.2.1865 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 679.849719][T24743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 679.849739][T24743] Call Trace: [ 679.849750][T24743] [ 679.849762][T24743] dump_stack_lvl+0x16c/0x1f0 [ 679.849815][T24743] should_fail_ex+0x512/0x640 [ 679.849852][T24743] ? fs_reclaim_acquire+0xae/0x150 [ 679.849895][T24743] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 679.849939][T24743] should_failslab+0xc2/0x120 [ 679.849971][T24743] __kmalloc_noprof+0xd2/0x510 [ 679.850028][T24743] tomoyo_realpath_from_path+0xc2/0x6e0 [ 679.850077][T24743] ? tomoyo_profile+0x47/0x60 [ 679.850130][T24743] tomoyo_path_number_perm+0x245/0x580 [ 679.850167][T24743] ? tomoyo_path_number_perm+0x237/0x580 [ 679.850209][T24743] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 679.850249][T24743] ? find_held_lock+0x2b/0x80 [ 679.850327][T24743] ? find_held_lock+0x2b/0x80 [ 679.850367][T24743] ? hook_file_ioctl_common+0x145/0x410 [ 679.850422][T24743] ? __fget_files+0x20e/0x3c0 [ 679.850476][T24743] security_file_ioctl+0x9b/0x240 [ 679.850515][T24743] __x64_sys_ioctl+0xb7/0x200 [ 679.850563][T24743] do_syscall_64+0xcd/0x260 [ 679.850618][T24743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.850649][T24743] RIP: 0033:0x7f304ed8e169 [ 679.850675][T24743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 679.850705][T24743] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 679.850735][T24743] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 679.850757][T24743] RDX: 0000000000000038 RSI: 000000008208ae63 RDI: 0000000000000003 [ 679.850778][T24743] RBP: 00007f304fb16090 R08: 0000000000000000 R09: 0000000000000000 [ 679.850797][T24743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.850817][T24743] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 679.850859][T24743] [ 679.850873][T24743] ERROR: Out of memory at tomoyo_realpath_from_path. [ 680.205138][T24750] openvswitch: HfR: Dropping previously announced user features [ 682.292426][T24804] Invalid ELF header magic: != ELF [ 683.946577][T24850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1895'. [ 684.376599][T24884] FAULT_INJECTION: forcing a failure. [ 684.376599][T24884] name fail_futex, interval 1, probability 0, space 0, times 0 [ 684.422727][T24884] CPU: 0 UID: 0 PID: 24884 Comm: syz.3.1901 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 684.422777][T24884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 684.422796][T24884] Call Trace: [ 684.422806][T24884] [ 684.422818][T24884] dump_stack_lvl+0x16c/0x1f0 [ 684.422867][T24884] should_fail_ex+0x512/0x640 [ 684.422917][T24884] get_futex_key+0x1c2/0x1000 [ 684.422967][T24884] ? __pfx_get_futex_key+0x10/0x10 [ 684.423017][T24884] ? ktime_add_safe+0x60/0x70 [ 684.423056][T24884] futex_lock_pi+0x27c/0x7b0 [ 684.423108][T24884] ? preempt_schedule_common+0x44/0xc0 [ 684.423156][T24884] ? __pfx_futex_lock_pi+0x10/0x10 [ 684.423217][T24884] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 684.423280][T24884] ? __pfx_futex_wake_mark+0x10/0x10 [ 684.423328][T24884] do_futex+0x11a/0x350 [ 684.423373][T24884] ? __pfx_do_futex+0x10/0x10 [ 684.423429][T24884] __x64_sys_futex+0x1e0/0x4c0 [ 684.423480][T24884] ? __pfx___x64_sys_futex+0x10/0x10 [ 684.423529][T24884] ? rcu_is_watching+0x12/0xc0 [ 684.423579][T24884] do_syscall_64+0xcd/0x260 [ 684.423631][T24884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 684.423664][T24884] RIP: 0033:0x7f8ad1f8e169 [ 684.423690][T24884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 684.423722][T24884] RSP: 002b:00007f8ad2dc6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 684.423753][T24884] RAX: ffffffffffffffda RBX: 00007f8ad21b6080 RCX: 00007f8ad1f8e169 [ 684.423775][T24884] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 684.423793][T24884] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000006 [ 684.423812][T24884] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000000 [ 684.423830][T24884] R13: 0000000000000000 R14: 00007f8ad21b6080 R15: 00007ffece796bc8 [ 684.423870][T24884] [ 691.051083][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.057842][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.591372][T25098] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1920'. [ 693.032222][T25190] FAULT_INJECTION: forcing a failure. [ 693.032222][T25190] name failslab, interval 1, probability 0, space 0, times 0 [ 693.053189][T25190] CPU: 0 UID: 0 PID: 25190 Comm: syz.3.1923 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 693.053241][T25190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 693.053263][T25190] Call Trace: [ 693.053274][T25190] [ 693.053288][T25190] dump_stack_lvl+0x16c/0x1f0 [ 693.053355][T25190] should_fail_ex+0x512/0x640 [ 693.053393][T25190] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 693.053445][T25190] should_failslab+0xc2/0x120 [ 693.053477][T25190] __kmalloc_cache_noprof+0x6a/0x3e0 [ 693.053524][T25190] ? cuse_channel_open+0x1de/0x7f0 [ 693.053569][T25190] cuse_channel_open+0x1de/0x7f0 [ 693.053606][T25190] ? __pfx_cuse_channel_open+0x10/0x10 [ 693.053646][T25190] misc_open+0x35a/0x420 [ 693.053689][T25190] ? __pfx_misc_open+0x10/0x10 [ 693.053730][T25190] chrdev_open+0x231/0x6a0 [ 693.053780][T25190] ? __pfx_apparmor_file_open+0x10/0x10 [ 693.053823][T25190] ? __pfx_chrdev_open+0x10/0x10 [ 693.053877][T25190] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 693.053933][T25190] do_dentry_open+0x741/0x1c10 [ 693.053980][T25190] ? __pfx_chrdev_open+0x10/0x10 [ 693.054039][T25190] vfs_open+0x82/0x3f0 [ 693.054078][T25190] path_openat+0x1e5e/0x2d40 [ 693.054143][T25190] ? __pfx_path_openat+0x10/0x10 [ 693.054204][T25190] do_filp_open+0x20b/0x470 [ 693.054253][T25190] ? __pfx_do_filp_open+0x10/0x10 [ 693.054339][T25190] ? alloc_fd+0x471/0x7d0 [ 693.054430][T25190] do_sys_openat2+0x11b/0x1d0 [ 693.054466][T25190] ? __pfx_do_sys_openat2+0x10/0x10 [ 693.054523][T25190] __x64_sys_openat+0x174/0x210 [ 693.054558][T25190] ? __pfx___x64_sys_openat+0x10/0x10 [ 693.054595][T25190] ? rcu_is_watching+0x12/0xc0 [ 693.054644][T25190] do_syscall_64+0xcd/0x260 [ 693.054697][T25190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.054730][T25190] RIP: 0033:0x7f8ad1f8e169 [ 693.054758][T25190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.054790][T25190] RSP: 002b:00007f8ad2da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 693.054822][T25190] RAX: ffffffffffffffda RBX: 00007f8ad21b6160 RCX: 00007f8ad1f8e169 [ 693.054845][T25190] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 693.054867][T25190] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 693.054890][T25190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.054910][T25190] R13: 0000000000000000 R14: 00007f8ad21b6160 R15: 00007ffece796bc8 [ 693.054955][T25190] [ 693.685206][T25199] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1927'. [ 694.516765][T25216] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1932'. [ 697.186840][T25311] FAULT_INJECTION: forcing a failure. [ 697.186840][T25311] name failslab, interval 1, probability 0, space 0, times 0 [ 697.260458][T25311] CPU: 0 UID: 0 PID: 25311 Comm: syz.3.1940 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 697.260510][T25311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 697.260531][T25311] Call Trace: [ 697.260543][T25311] [ 697.260556][T25311] dump_stack_lvl+0x16c/0x1f0 [ 697.260622][T25311] should_fail_ex+0x512/0x640 [ 697.260661][T25311] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 697.260719][T25311] should_failslab+0xc2/0x120 [ 697.260752][T25311] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 697.260803][T25311] ? __pfx___might_resched+0x10/0x10 [ 697.260915][T25311] ? alloc_vmap_area+0x613/0x2970 [ 697.260973][T25311] alloc_vmap_area+0x613/0x2970 [ 697.261033][T25311] ? __pfx_alloc_vmap_area+0x10/0x10 [ 697.261086][T25311] __get_vm_area_node+0x1a7/0x300 [ 697.261134][T25311] __vmalloc_node_range_noprof+0x277/0x1540 [ 697.261183][T25311] ? n_tty_open+0x1a/0x170 [ 697.261225][T25311] ? n_tty_open+0x1a/0x170 [ 697.261255][T25311] ? __ldsem_down_write_nested+0x10e/0x850 [ 697.261286][T25311] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 697.261328][T25311] ? n_tty_open+0x1a/0x170 [ 697.261355][T25311] vzalloc_noprof+0x6b/0x90 [ 697.261386][T25311] ? n_tty_open+0x1a/0x170 [ 697.261410][T25311] ? __pfx_n_tty_open+0x10/0x10 [ 697.261434][T25311] n_tty_open+0x1a/0x170 [ 697.261458][T25311] ? __pfx_n_tty_open+0x10/0x10 [ 697.261484][T25311] tty_ldisc_open+0x9c/0x120 [ 697.261518][T25311] tty_ldisc_setup+0x40/0x100 [ 697.261571][T25311] tty_init_dev.part.0+0x1ec/0x500 [ 697.261600][T25311] tty_open+0xa50/0xf90 [ 697.261631][T25311] ? __pfx_tty_open+0x10/0x10 [ 697.261657][T25311] ? chrdev_open+0x10b/0x6a0 [ 697.261701][T25311] ? __pfx_tty_open+0x10/0x10 [ 697.261725][T25311] chrdev_open+0x231/0x6a0 [ 697.261762][T25311] ? __pfx_apparmor_file_open+0x10/0x10 [ 697.261797][T25311] ? __pfx_chrdev_open+0x10/0x10 [ 697.261840][T25311] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 697.261883][T25311] do_dentry_open+0x741/0x1c10 [ 697.261918][T25311] ? __pfx_chrdev_open+0x10/0x10 [ 697.261974][T25311] vfs_open+0x82/0x3f0 [ 697.262016][T25311] path_openat+0x1e5e/0x2d40 [ 697.262082][T25311] ? __pfx_path_openat+0x10/0x10 [ 697.262147][T25311] do_filp_open+0x20b/0x470 [ 697.262197][T25311] ? __pfx_do_filp_open+0x10/0x10 [ 697.262283][T25311] ? alloc_fd+0x471/0x7d0 [ 697.262346][T25311] do_sys_openat2+0x11b/0x1d0 [ 697.262384][T25311] ? __pfx_do_sys_openat2+0x10/0x10 [ 697.262439][T25311] __x64_sys_openat+0x174/0x210 [ 697.262479][T25311] ? __pfx___x64_sys_openat+0x10/0x10 [ 697.262520][T25311] ? rcu_is_watching+0x12/0xc0 [ 697.262683][T25311] do_syscall_64+0xcd/0x260 [ 697.262729][T25311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.262756][T25311] RIP: 0033:0x7f8ad1f8e169 [ 697.262779][T25311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.262803][T25311] RSP: 002b:00007f8ad2de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 697.262825][T25311] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa0 RCX: 00007f8ad1f8e169 [ 697.262841][T25311] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 697.262857][T25311] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 697.262872][T25311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.262889][T25311] R13: 0000000000000000 R14: 00007f8ad21b5fa0 R15: 00007ffece796bc8 [ 697.262923][T25311] [ 697.719361][T25311] syz.3.1940: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 697.735059][T25311] CPU: 1 UID: 0 PID: 25311 Comm: syz.3.1940 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 697.735106][T25311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 697.735127][T25311] Call Trace: [ 697.735139][T25311] [ 697.735152][T25311] dump_stack_lvl+0x16c/0x1f0 [ 697.735207][T25311] warn_alloc+0x248/0x3a0 [ 697.735262][T25311] ? __pfx_warn_alloc+0x10/0x10 [ 697.735323][T25311] ? kfree+0x2b6/0x4d0 [ 697.735378][T25311] ? __get_vm_area_node+0x1e5/0x300 [ 697.735431][T25311] __vmalloc_node_range_noprof+0xd31/0x1540 [ 697.735493][T25311] ? n_tty_open+0x1a/0x170 [ 697.735536][T25311] ? __ldsem_down_write_nested+0x10e/0x850 [ 697.735579][T25311] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 697.735634][T25311] ? n_tty_open+0x1a/0x170 [ 697.735672][T25311] vzalloc_noprof+0x6b/0x90 [ 697.735714][T25311] ? n_tty_open+0x1a/0x170 [ 697.735749][T25311] ? __pfx_n_tty_open+0x10/0x10 [ 697.735783][T25311] n_tty_open+0x1a/0x170 [ 697.735818][T25311] ? __pfx_n_tty_open+0x10/0x10 [ 697.735862][T25311] tty_ldisc_open+0x9c/0x120 [ 697.735916][T25311] tty_ldisc_setup+0x40/0x100 [ 697.735968][T25311] tty_init_dev.part.0+0x1ec/0x500 [ 697.736013][T25311] tty_open+0xa50/0xf90 [ 697.736055][T25311] ? __pfx_tty_open+0x10/0x10 [ 697.736088][T25311] ? chrdev_open+0x10b/0x6a0 [ 697.736145][T25311] ? __pfx_tty_open+0x10/0x10 [ 697.736178][T25311] chrdev_open+0x231/0x6a0 [ 697.736228][T25311] ? __pfx_apparmor_file_open+0x10/0x10 [ 697.736273][T25311] ? __pfx_chrdev_open+0x10/0x10 [ 697.736326][T25311] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 697.736382][T25311] do_dentry_open+0x741/0x1c10 [ 697.736429][T25311] ? __pfx_chrdev_open+0x10/0x10 [ 697.736489][T25311] vfs_open+0x82/0x3f0 [ 697.736529][T25311] path_openat+0x1e5e/0x2d40 [ 697.736595][T25311] ? __pfx_path_openat+0x10/0x10 [ 697.736656][T25311] do_filp_open+0x20b/0x470 [ 697.736706][T25311] ? __pfx_do_filp_open+0x10/0x10 [ 697.736788][T25311] ? alloc_fd+0x471/0x7d0 [ 697.736856][T25311] do_sys_openat2+0x11b/0x1d0 [ 697.736891][T25311] ? __pfx_do_sys_openat2+0x10/0x10 [ 697.736946][T25311] __x64_sys_openat+0x174/0x210 [ 697.736982][T25311] ? __pfx___x64_sys_openat+0x10/0x10 [ 697.737023][T25311] ? rcu_is_watching+0x12/0xc0 [ 697.737078][T25311] do_syscall_64+0xcd/0x260 [ 697.737140][T25311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.737175][T25311] RIP: 0033:0x7f8ad1f8e169 [ 697.737202][T25311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.737236][T25311] RSP: 002b:00007f8ad2de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 697.737268][T25311] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa0 RCX: 00007f8ad1f8e169 [ 697.737291][T25311] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 697.737313][T25311] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 697.737335][T25311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.737356][T25311] R13: 0000000000000000 R14: 00007f8ad21b5fa0 R15: 00007ffece796bc8 [ 697.737400][T25311] [ 697.737413][T25311] Mem-Info: [ 698.057467][T25311] active_anon:9835 inactive_anon:0 isolated_anon:0 [ 698.057467][T25311] active_file:22092 inactive_file:39714 isolated_file:0 [ 698.057467][T25311] unevictable:768 dirty:377 writeback:0 [ 698.057467][T25311] slab_reclaimable:10357 slab_unreclaimable:95341 [ 698.057467][T25311] mapped:27167 shmem:1439 pagetables:879 [ 698.057467][T25311] sec_pagetables:0 bounce:0 [ 698.057467][T25311] kernel_misc_reclaimable:0 [ 698.057467][T25311] free:1326562 free_pcp:583 free_cma:0 [ 698.193780][T25311] Node 0 active_anon:41740kB inactive_anon:0kB active_file:88368kB inactive_file:158788kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102468kB dirty:1204kB writeback:0kB shmem:3196kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10348kB pagetables:3516kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 698.237771][T25311] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 698.269682][T25311] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 698.297053][T25311] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 698.302979][T25311] Node 0 DMA32 free:1378300kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:43292kB inactive_anon:0kB active_file:88368kB inactive_file:157232kB unevictable:1536kB writepending:1204kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:4072kB local_pcp:1352kB free_cma:0kB [ 698.335102][T25311] lowmem_reserve[]: 0 0 1 1 1 [ 698.339930][T25311] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:12kB free_cma:0kB [ 698.446639][T25311] lowmem_reserve[]: 0 0 0 0 0 [ 698.451542][T25311] Node 1 Normal free:3907064kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 698.548334][T25311] lowmem_reserve[]: 0 0 0 0 0 [ 698.556932][T25311] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 698.570241][T25311] Node 0 DMA32: 3138*4kB (UME) 1471*8kB (UME) 1284*16kB (UME) 1111*32kB (UME) 407*64kB (UME) 231*128kB (UME) 148*256kB (UME) 81*512kB (UME) 40*1024kB (UME) 20*2048kB (UME) 266*4096kB (UM) = 1386848kB [ 698.593986][T25311] Node 0 Normal: 2*4kB (M) 2*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 698.608715][T25311] Node 1 Normal: 238*4kB (UME) 54*8kB (UME) 39*16kB (UME) 195*32kB (UME) 95*64kB (UME) 32*128kB (UME) 18*256kB (UME) 10*512kB (UM) 10*1024kB (UME) 5*2048kB (UME) 942*4096kB (M) = 3907064kB [ 698.629175][T25311] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 698.639405][T25311] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 698.656177][T25311] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 698.670355][T25311] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 698.688504][T25311] 63249 total pagecache pages [ 698.693732][T25311] 2 pages in swap cache [ 698.698019][T25311] Free swap = 124964kB [ 698.702561][T25324] openvswitch: HfR: Dropping previously announced user features [ 698.712978][T25311] Total swap = 124996kB [ 698.801186][T25311] 2097051 pages RAM [ 698.809535][T25311] 0 pages HighMem/MovableOnly [ 698.826101][T25311] 429591 pages reserved [ 698.836222][T25311] 0 pages cma reserved [ 698.840375][T25311] tty tty26: ldisc open failed (-12), clearing slot 25 [ 700.555990][T25369] openvswitch: HfR: Dropping previously announced user features [ 703.348223][T25429] FAULT_INJECTION: forcing a failure. [ 703.348223][T25429] name fail_futex, interval 1, probability 0, space 0, times 0 [ 703.373304][T25429] CPU: 0 UID: 0 PID: 25429 Comm: syz.3.1956 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 703.373354][T25429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 703.373375][T25429] Call Trace: [ 703.373387][T25429] [ 703.373401][T25429] dump_stack_lvl+0x16c/0x1f0 [ 703.373449][T25429] should_fail_ex+0x512/0x640 [ 703.373488][T25429] get_futex_key+0x49e/0x1000 [ 703.373530][T25429] ? __pfx_try_to_wake_up+0x10/0x10 [ 703.373564][T25429] ? __pfx_get_futex_key+0x10/0x10 [ 703.373600][T25429] ? plist_check_head+0xa3/0x150 [ 703.373630][T25429] ? find_held_lock+0x2b/0x80 [ 703.373677][T25429] futex_wake+0xe7/0x4e0 [ 703.373707][T25429] ? __pfx_futex_wake+0x10/0x10 [ 703.373739][T25429] ? __lock_acquire+0x5ca/0x1ba0 [ 703.373791][T25429] do_futex+0x1e3/0x350 [ 703.373833][T25429] ? __pfx_do_futex+0x10/0x10 [ 703.373875][T25429] ? find_held_lock+0x2b/0x80 [ 703.373914][T25429] __x64_sys_futex+0x1e0/0x4c0 [ 703.373957][T25429] ? __fget_files+0x20e/0x3c0 [ 703.373998][T25429] ? __pfx___x64_sys_futex+0x10/0x10 [ 703.374067][T25429] do_syscall_64+0xcd/0x260 [ 703.374119][T25429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.374151][T25429] RIP: 0033:0x7f8ad1f8e169 [ 703.374174][T25429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.374208][T25429] RSP: 002b:00007f8ad2de70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 703.374238][T25429] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa8 RCX: 00007f8ad1f8e169 [ 703.374260][T25429] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8ad21b5fac [ 703.374280][T25429] RBP: 00007f8ad21b5fa0 R08: 00007f8ad2de8000 R09: 0000000000000000 [ 703.374299][T25429] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f8ad21b5fac [ 703.374317][T25429] R13: 0000000000000000 R14: 00007ffece796ae0 R15: 00007ffece796bc8 [ 703.374352][T25429] [ 704.784329][T25452] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1964'. [ 704.853406][T25452] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 706.129835][T25562] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1972'. [ 708.545222][T25710] FAULT_INJECTION: forcing a failure. [ 708.545222][T25710] name fail_futex, interval 1, probability 0, space 0, times 0 [ 708.587108][T25710] CPU: 0 UID: 0 PID: 25710 Comm: syz.3.1985 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 708.587155][T25710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 708.587176][T25710] Call Trace: [ 708.587187][T25710] [ 708.587201][T25710] dump_stack_lvl+0x16c/0x1f0 [ 708.587256][T25710] should_fail_ex+0x512/0x640 [ 708.587301][T25710] get_futex_key+0x49e/0x1000 [ 708.587354][T25710] ? __pfx_get_futex_key+0x10/0x10 [ 708.587415][T25710] futex_wake+0xe7/0x4e0 [ 708.587451][T25710] ? __pfx_futex_wake+0x10/0x10 [ 708.587498][T25710] ? kmem_cache_free+0x2d4/0x4d0 [ 708.587548][T25710] ? fd_install+0x225/0x750 [ 708.587594][T25710] ? putname+0x154/0x1a0 [ 708.587633][T25710] do_futex+0x1e3/0x350 [ 708.587682][T25710] ? __pfx_do_futex+0x10/0x10 [ 708.587740][T25710] __x64_sys_futex+0x1e0/0x4c0 [ 708.587793][T25710] ? __x64_sys_openat+0x174/0x210 [ 708.587829][T25710] ? __pfx___x64_sys_futex+0x10/0x10 [ 708.587879][T25710] ? rcu_is_watching+0x12/0xc0 [ 708.587933][T25710] do_syscall_64+0xcd/0x260 [ 708.587987][T25710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.588022][T25710] RIP: 0033:0x7f8ad1f8e169 [ 708.588048][T25710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 708.588082][T25710] RSP: 002b:00007f8ad2da50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 708.588114][T25710] RAX: ffffffffffffffda RBX: 00007f8ad21b6168 RCX: 00007f8ad1f8e169 [ 708.588137][T25710] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8ad21b616c [ 708.588237][T25710] RBP: 00007f8ad21b6160 R08: 00007f8ad2de8000 R09: 0000000000000000 [ 708.588267][T25710] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f8ad21b616c [ 708.588291][T25710] R13: 0000000000000000 R14: 00007ffece796ae0 R15: 00007ffece796bc8 [ 708.588336][T25710] [ 708.784004][ C0] vkms_vblank_simulate: vblank timer overrun [ 711.747928][T25825] FAULT_INJECTION: forcing a failure. [ 711.747928][T25825] name failslab, interval 1, probability 0, space 0, times 0 [ 711.762589][T25825] CPU: 0 UID: 0 PID: 25825 Comm: syz.3.1997 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 711.762633][T25825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 711.762652][T25825] Call Trace: [ 711.762663][T25825] [ 711.762677][T25825] dump_stack_lvl+0x16c/0x1f0 [ 711.762729][T25825] should_fail_ex+0x512/0x640 [ 711.762766][T25825] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 711.762833][T25825] should_failslab+0xc2/0x120 [ 711.762863][T25825] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 711.762915][T25825] ? create_filter_start.constprop.0+0x16a/0x300 [ 711.762969][T25825] kstrdup+0x53/0x100 [ 711.763001][T25825] create_filter_start.constprop.0+0x16a/0x300 [ 711.763054][T25825] apply_subsystem_event_filter+0x185/0x1450 [ 711.763114][T25825] ? __might_fault+0xe3/0x190 [ 711.763163][T25825] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 711.763222][T25825] ? _copy_from_user+0x59/0xd0 [ 711.763266][T25825] subsystem_filter_write+0x95/0x120 [ 711.763315][T25825] vfs_write+0x25c/0x1180 [ 711.763364][T25825] ? __pfx_subsystem_filter_write+0x10/0x10 [ 711.763425][T25825] ? __pfx___mutex_lock+0x10/0x10 [ 711.763478][T25825] ? __pfx_vfs_write+0x10/0x10 [ 711.763532][T25825] ? __fget_files+0x20e/0x3c0 [ 711.763591][T25825] ksys_write+0x12a/0x240 [ 711.763647][T25825] ? __pfx_ksys_write+0x10/0x10 [ 711.763696][T25825] ? rcu_is_watching+0x12/0xc0 [ 711.763748][T25825] do_syscall_64+0xcd/0x260 [ 711.763800][T25825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.763839][T25825] RIP: 0033:0x7f8ad1f8e169 [ 711.763866][T25825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 711.763898][T25825] RSP: 002b:00007f8ad2de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 711.763927][T25825] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa0 RCX: 00007f8ad1f8e169 [ 711.763948][T25825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 711.763969][T25825] RBP: 00007f8ad2de7090 R08: 0000000000000000 R09: 0000000000000000 [ 711.763989][T25825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 711.764009][T25825] R13: 0000000000000000 R14: 00007f8ad21b5fa0 R15: 00007ffece796bc8 [ 711.764052][T25825] [ 711.991556][ C0] vkms_vblank_simulate: vblank timer overrun [ 712.979192][T25842] FAULT_INJECTION: forcing a failure. [ 712.979192][T25842] name failslab, interval 1, probability 0, space 0, times 0 [ 713.016184][T25842] CPU: 0 UID: 0 PID: 25842 Comm: syz.3.2002 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 713.016231][T25842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 713.016252][T25842] Call Trace: [ 713.016264][T25842] [ 713.016277][T25842] dump_stack_lvl+0x16c/0x1f0 [ 713.016341][T25842] should_fail_ex+0x512/0x640 [ 713.016379][T25842] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 713.016430][T25842] should_failslab+0xc2/0x120 [ 713.016463][T25842] __kmalloc_cache_noprof+0x6a/0x3e0 [ 713.016511][T25842] ? cuse_channel_open+0x1de/0x7f0 [ 713.016556][T25842] cuse_channel_open+0x1de/0x7f0 [ 713.016593][T25842] ? __pfx_cuse_channel_open+0x10/0x10 [ 713.016633][T25842] misc_open+0x35a/0x420 [ 713.016676][T25842] ? __pfx_misc_open+0x10/0x10 [ 713.016717][T25842] chrdev_open+0x231/0x6a0 [ 713.016766][T25842] ? __pfx_apparmor_file_open+0x10/0x10 [ 713.016809][T25842] ? __pfx_chrdev_open+0x10/0x10 [ 713.016863][T25842] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 713.016918][T25842] do_dentry_open+0x741/0x1c10 [ 713.016966][T25842] ? __pfx_chrdev_open+0x10/0x10 [ 713.017027][T25842] vfs_open+0x82/0x3f0 [ 713.017066][T25842] path_openat+0x1e5e/0x2d40 [ 713.017132][T25842] ? __pfx_path_openat+0x10/0x10 [ 713.017192][T25842] do_filp_open+0x20b/0x470 [ 713.017242][T25842] ? __pfx_do_filp_open+0x10/0x10 [ 713.017321][T25842] ? alloc_fd+0x471/0x7d0 [ 713.017387][T25842] do_sys_openat2+0x11b/0x1d0 [ 713.017421][T25842] ? __pfx_do_sys_openat2+0x10/0x10 [ 713.017474][T25842] __x64_sys_openat+0x174/0x210 [ 713.017510][T25842] ? __pfx___x64_sys_openat+0x10/0x10 [ 713.017550][T25842] ? rcu_is_watching+0x12/0xc0 [ 713.017604][T25842] do_syscall_64+0xcd/0x260 [ 713.017656][T25842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.017690][T25842] RIP: 0033:0x7f8ad1f8e169 [ 713.017717][T25842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.017751][T25842] RSP: 002b:00007f8ad2da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 713.017783][T25842] RAX: ffffffffffffffda RBX: 00007f8ad21b6160 RCX: 00007f8ad1f8e169 [ 713.017807][T25842] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 713.017830][T25842] RBP: 00007f8ad2010a68 R08: 0000000000000000 R09: 0000000000000000 [ 713.017850][T25842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 713.017871][T25842] R13: 0000000000000000 R14: 00007f8ad21b6160 R15: 00007ffece796bc8 [ 713.017916][T25842] [ 713.621777][T25848] FAULT_INJECTION: forcing a failure. [ 713.621777][T25848] name failslab, interval 1, probability 0, space 0, times 0 [ 713.657647][T25848] CPU: 0 UID: 0 PID: 25848 Comm: syz.2.2005 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 713.657695][T25848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 713.657715][T25848] Call Trace: [ 713.657727][T25848] [ 713.657740][T25848] dump_stack_lvl+0x16c/0x1f0 [ 713.657795][T25848] should_fail_ex+0x512/0x640 [ 713.657833][T25848] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 713.657884][T25848] should_failslab+0xc2/0x120 [ 713.657915][T25848] __kmalloc_cache_noprof+0x6a/0x3e0 [ 713.657963][T25848] ? cuse_channel_open+0x1de/0x7f0 [ 713.658008][T25848] cuse_channel_open+0x1de/0x7f0 [ 713.658057][T25848] ? __pfx_cuse_channel_open+0x10/0x10 [ 713.658098][T25848] misc_open+0x35a/0x420 [ 713.658143][T25848] ? __pfx_misc_open+0x10/0x10 [ 713.658185][T25848] chrdev_open+0x231/0x6a0 [ 713.658234][T25848] ? __pfx_apparmor_file_open+0x10/0x10 [ 713.658276][T25848] ? __pfx_chrdev_open+0x10/0x10 [ 713.658332][T25848] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 713.658387][T25848] do_dentry_open+0x741/0x1c10 [ 713.658436][T25848] ? __pfx_chrdev_open+0x10/0x10 [ 713.658496][T25848] vfs_open+0x82/0x3f0 [ 713.658537][T25848] path_openat+0x1e5e/0x2d40 [ 713.658602][T25848] ? __pfx_path_openat+0x10/0x10 [ 713.658663][T25848] do_filp_open+0x20b/0x470 [ 713.658714][T25848] ? __pfx_do_filp_open+0x10/0x10 [ 713.658795][T25848] ? alloc_fd+0x471/0x7d0 [ 713.658855][T25848] do_sys_openat2+0x11b/0x1d0 [ 713.658892][T25848] ? __pfx_do_sys_openat2+0x10/0x10 [ 713.658945][T25848] __x64_sys_openat+0x174/0x210 [ 713.658983][T25848] ? __pfx___x64_sys_openat+0x10/0x10 [ 713.659039][T25848] ? rcu_is_watching+0x12/0xc0 [ 713.659095][T25848] do_syscall_64+0xcd/0x260 [ 713.659149][T25848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.659183][T25848] RIP: 0033:0x7f304ed8e169 [ 713.659211][T25848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.659245][T25848] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 713.659276][T25848] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 713.659300][T25848] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 713.659322][T25848] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 713.659344][T25848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 713.659365][T25848] R13: 0000000000000000 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 713.659407][T25848] [ 717.419400][T25961] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2022'. [ 718.261623][ T5852] Bluetooth: hci1: Malformed LE Event: 0x1d [ 719.788338][ T5852] Bluetooth: hci1: unexpected event 0x36 length: 123 > 7 [ 723.592163][T26157] netlink: zone id is out of range [ 723.634947][T26157] netlink: zone id is out of range [ 723.659469][T26157] netlink: zone id is out of range [ 723.688432][T26157] netlink: zone id is out of range [ 723.710769][T26157] netlink: zone id is out of range [ 723.731716][T26157] netlink: zone id is out of range [ 723.769509][T26157] netlink: zone id is out of range [ 723.775242][T26157] netlink: zone id is out of range [ 723.819451][T26157] netlink: zone id is out of range [ 723.825103][T26157] netlink: zone id is out of range [ 724.201368][T26195] FAULT_INJECTION: forcing a failure. [ 724.201368][T26195] name failslab, interval 1, probability 0, space 0, times 0 [ 724.228131][T26195] CPU: 0 UID: 0 PID: 26195 Comm: syz.3.2066 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 724.228175][T26195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 724.228194][T26195] Call Trace: [ 724.228203][T26195] [ 724.228215][T26195] dump_stack_lvl+0x16c/0x1f0 [ 724.228268][T26195] should_fail_ex+0x512/0x640 [ 724.228305][T26195] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 724.228361][T26195] should_failslab+0xc2/0x120 [ 724.228393][T26195] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 724.228444][T26195] ? __alloc_skb+0x2b2/0x380 [ 724.228491][T26195] __alloc_skb+0x2b2/0x380 [ 724.228532][T26195] ? __pfx___alloc_skb+0x10/0x10 [ 724.228589][T26195] batadv_netlink_tp_meter_start+0x165/0x4b0 [ 724.228629][T26195] ? dev_get_by_index+0x17c/0x380 [ 724.228670][T26195] ? __pfx_batadv_netlink_tp_meter_start+0x10/0x10 [ 724.228714][T26195] ? dev_get_by_index+0x186/0x380 [ 724.228756][T26195] ? batadv_meshif_is_valid+0xd/0x70 [ 724.228787][T26195] ? batadv_pre_doit+0x119/0x6a0 [ 724.228828][T26195] genl_family_rcv_msg_doit+0x206/0x2f0 [ 724.228866][T26195] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 724.228901][T26195] ? trace_cap_capable+0x18d/0x200 [ 724.228945][T26195] ? bpf_lsm_capable+0x9/0x10 [ 724.228994][T26195] ? security_capable+0x7e/0x260 [ 724.229027][T26195] ? ns_capable+0xd7/0x110 [ 724.229072][T26195] genl_rcv_msg+0x55c/0x800 [ 724.229111][T26195] ? __pfx_genl_rcv_msg+0x10/0x10 [ 724.229144][T26195] ? __pfx_batadv_pre_doit+0x10/0x10 [ 724.229178][T26195] ? __pfx_batadv_netlink_tp_meter_start+0x10/0x10 [ 724.229216][T26195] ? __pfx_batadv_post_doit+0x10/0x10 [ 724.229256][T26195] ? __lock_acquire+0xaa4/0x1ba0 [ 724.229316][T26195] netlink_rcv_skb+0x16a/0x440 [ 724.229364][T26195] ? __pfx_genl_rcv_msg+0x10/0x10 [ 724.229399][T26195] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 724.229468][T26195] ? __pfx_down_read+0x10/0x10 [ 724.229501][T26195] ? netlink_deliver_tap+0x1ae/0xd30 [ 724.229555][T26195] genl_rcv+0x28/0x40 [ 724.229604][T26195] netlink_unicast+0x53a/0x7f0 [ 724.229658][T26195] ? __pfx_netlink_unicast+0x10/0x10 [ 724.229703][T26195] ? __lock_acquire+0xaa4/0x1ba0 [ 724.229766][T26195] netlink_sendmsg+0x8d1/0xdd0 [ 724.229823][T26195] ? __pfx_netlink_sendmsg+0x10/0x10 [ 724.229889][T26195] ____sys_sendmsg+0xa95/0xc70 [ 724.229923][T26195] ? copy_msghdr_from_user+0x10a/0x160 [ 724.229967][T26195] ? __pfx_____sys_sendmsg+0x10/0x10 [ 724.230027][T26195] ___sys_sendmsg+0x134/0x1d0 [ 724.230073][T26195] ? __pfx____sys_sendmsg+0x10/0x10 [ 724.230170][T26195] __sys_sendmsg+0x16d/0x220 [ 724.230216][T26195] ? __pfx___sys_sendmsg+0x10/0x10 [ 724.230273][T26195] ? rcu_is_watching+0x12/0xc0 [ 724.230326][T26195] do_syscall_64+0xcd/0x260 [ 724.230378][T26195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.230412][T26195] RIP: 0033:0x7f8ad1f8e169 [ 724.230438][T26195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.230470][T26195] RSP: 002b:00007f8ad2de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 724.230501][T26195] RAX: ffffffffffffffda RBX: 00007f8ad21b5fa0 RCX: 00007f8ad1f8e169 [ 724.230524][T26195] RDX: 0000000000008080 RSI: 0000200000000140 RDI: 0000000000000003 [ 724.230545][T26195] RBP: 00007f8ad2de7090 R08: 0000000000000000 R09: 0000000000000000 [ 724.230565][T26195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 724.230585][T26195] R13: 0000000000000000 R14: 00007f8ad21b5fa0 R15: 00007ffece796bc8 [ 724.230628][T26195] [ 725.789594][T26219] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2070'. [ 725.799169][T26220] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2070'. [ 726.249819][T26231] FAULT_INJECTION: forcing a failure. [ 726.249819][T26231] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 726.249871][T26231] CPU: 0 UID: 0 PID: 26231 Comm: syz.2.2075 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 726.249914][T26231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 726.249934][T26231] Call Trace: [ 726.249946][T26231] [ 726.249958][T26231] dump_stack_lvl+0x16c/0x1f0 [ 726.250014][T26231] should_fail_ex+0x512/0x640 [ 726.250061][T26231] should_fail_alloc_page+0xe7/0x130 [ 726.250100][T26231] prepare_alloc_pages+0x3c2/0x610 [ 726.250149][T26231] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 726.250208][T26231] ? stack_trace_save+0x8e/0xc0 [ 726.250266][T26231] ? __lock_acquire+0xaa4/0x1ba0 [ 726.250318][T26231] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 726.250376][T26231] ? fb_var_to_videomode+0x4c9/0x690 [ 726.250424][T26231] ? __pfx_fb_match_mode+0x10/0x10 [ 726.250470][T26231] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 726.250515][T26231] ? lockdep_hardirqs_on+0x7c/0x110 [ 726.250566][T26231] ? vc_allocate+0x489/0x880 [ 726.250614][T26231] __alloc_pages_noprof+0xb/0x1b0 [ 726.250665][T26231] ___kmalloc_large_node+0x82/0x1e0 [ 726.250704][T26231] ? con_is_visible+0x65/0x150 [ 726.250750][T26231] __kmalloc_large_node_noprof+0x1c/0x70 [ 726.250803][T26231] __kmalloc_noprof.cold+0xc/0x61 [ 726.250861][T26231] vc_allocate+0x489/0x880 [ 726.250914][T26231] ? __pfx_vc_allocate+0x10/0x10 [ 726.250980][T26231] con_install+0xa1/0x600 [ 726.251035][T26231] ? __pfx_con_install+0x10/0x10 [ 726.251095][T26231] ? __pfx_con_install+0x10/0x10 [ 726.251150][T26231] tty_init_dev.part.0+0x99/0x500 [ 726.251187][T26231] tty_open+0xa50/0xf90 [ 726.251228][T26231] ? __pfx_tty_open+0x10/0x10 [ 726.251259][T26231] ? chrdev_open+0x10b/0x6a0 [ 726.251314][T26231] ? __pfx_tty_open+0x10/0x10 [ 726.251346][T26231] chrdev_open+0x231/0x6a0 [ 726.251394][T26231] ? __pfx_apparmor_file_open+0x10/0x10 [ 726.251438][T26231] ? __pfx_chrdev_open+0x10/0x10 [ 726.251492][T26231] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 726.251545][T26231] do_dentry_open+0x741/0x1c10 [ 726.251593][T26231] ? __pfx_chrdev_open+0x10/0x10 [ 726.251654][T26231] vfs_open+0x82/0x3f0 [ 726.251696][T26231] path_openat+0x1e5e/0x2d40 [ 726.251761][T26231] ? __pfx_path_openat+0x10/0x10 [ 726.251832][T26231] do_filp_open+0x20b/0x470 [ 726.251883][T26231] ? __pfx_do_filp_open+0x10/0x10 [ 726.251964][T26231] ? alloc_fd+0x471/0x7d0 [ 726.252025][T26231] do_sys_openat2+0x11b/0x1d0 [ 726.252061][T26231] ? __pfx_do_sys_openat2+0x10/0x10 [ 726.252115][T26231] __x64_sys_openat+0x174/0x210 [ 726.252152][T26231] ? __pfx___x64_sys_openat+0x10/0x10 [ 726.252191][T26231] ? rcu_is_watching+0x12/0xc0 [ 726.252247][T26231] do_syscall_64+0xcd/0x260 [ 726.252302][T26231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.252336][T26231] RIP: 0033:0x7f304ed8e169 [ 726.252363][T26231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.252395][T26231] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 726.252426][T26231] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 726.252449][T26231] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 726.252471][T26231] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 726.252493][T26231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 726.252513][T26231] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 726.252556][T26231] [ 727.682483][T26248] FAULT_INJECTION: forcing a failure. [ 727.682483][T26248] name failslab, interval 1, probability 0, space 0, times 0 [ 727.712319][T26248] CPU: 0 UID: 0 PID: 26248 Comm: syz.2.2079 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 727.712366][T26248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 727.712387][T26248] Call Trace: [ 727.712398][T26248] [ 727.712410][T26248] dump_stack_lvl+0x16c/0x1f0 [ 727.712464][T26248] should_fail_ex+0x512/0x640 [ 727.712502][T26248] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 727.712563][T26248] should_failslab+0xc2/0x120 [ 727.712594][T26248] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 727.712662][T26248] ? dccp_feat_clone_sp_val+0x96/0x130 [ 727.712724][T26248] kmemdup_noprof+0x29/0x60 [ 727.712755][T26248] dccp_feat_clone_sp_val+0x96/0x130 [ 727.712812][T26248] __feat_register_sp+0x331/0x5a0 [ 727.712849][T26248] ? __pfx___feat_register_sp+0x10/0x10 [ 727.712882][T26248] ? __kasan_kmalloc+0xaa/0xb0 [ 727.712935][T26248] dccp_feat_init+0x724/0x800 [ 727.712974][T26248] ? __pfx_dccp_feat_init+0x10/0x10 [ 727.713007][T26248] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 727.713055][T26248] ? lockdep_init_map_type+0x5c/0x280 [ 727.713089][T26248] ? do_init_timer+0xc9/0x110 [ 727.713133][T26248] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 727.713180][T26248] ? __pfx_dccp_delack_timer+0x10/0x10 [ 727.713231][T26248] dccp_init_sock+0x327/0x420 [ 727.713272][T26248] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 727.713311][T26248] dccp_v4_init_sock+0x1f/0xa0 [ 727.713347][T26248] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 727.713386][T26248] inet_create+0x936/0x1090 [ 727.713419][T26248] ? inet_create+0x93/0x1090 [ 727.713456][T26248] __sock_create+0x335/0x8d0 [ 727.713497][T26248] __sys_socket+0x14d/0x260 [ 727.713531][T26248] ? __pfx___sys_socket+0x10/0x10 [ 727.713567][T26248] ? rcu_is_watching+0x12/0xc0 [ 727.713616][T26248] __x64_sys_socket+0x72/0xb0 [ 727.713658][T26248] ? lockdep_hardirqs_on+0x7c/0x110 [ 727.713703][T26248] do_syscall_64+0xcd/0x260 [ 727.713753][T26248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.713785][T26248] RIP: 0033:0x7f304ed8e169 [ 727.713813][T26248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.713846][T26248] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 727.713877][T26248] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 727.713899][T26248] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 727.713919][T26248] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 727.713940][T26248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.713962][T26248] R13: 0000000000000000 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 727.714004][T26248] [ 728.756804][T26258] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2082'. [ 729.279129][T26271] Invalid ELF header magic: != ELF [ 729.427334][T26279] FAULT_INJECTION: forcing a failure. [ 729.427334][T26279] name failslab, interval 1, probability 0, space 0, times 0 [ 729.427383][T26279] CPU: 1 UID: 0 PID: 26279 Comm: syz.2.2087 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 729.427427][T26279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 729.427446][T26279] Call Trace: [ 729.427458][T26279] [ 729.427480][T26279] dump_stack_lvl+0x16c/0x1f0 [ 729.427533][T26279] should_fail_ex+0x512/0x640 [ 729.427570][T26279] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 729.427620][T26279] should_failslab+0xc2/0x120 [ 729.427654][T26279] __kmalloc_cache_noprof+0x6a/0x3e0 [ 729.427700][T26279] ? device_create_groups_vargs+0x8a/0x270 [ 729.427740][T26279] device_create_groups_vargs+0x8a/0x270 [ 729.427777][T26279] device_create+0xed/0x130 [ 729.427809][T26279] ? __pfx_device_create+0x10/0x10 [ 729.427845][T26279] ? is_console_locked+0x9/0x20 [ 729.427885][T26279] ? con_is_visible+0x65/0x150 [ 729.427919][T26279] ? csi_J+0x54a/0xad0 [ 729.427965][T26279] vcs_make_sysfs+0x32/0x80 [ 729.428002][T26279] vc_allocate+0x501/0x880 [ 729.428044][T26279] ? __pfx_vc_allocate+0x10/0x10 [ 729.428096][T26279] con_install+0xa1/0x600 [ 729.428140][T26279] ? __pfx_con_install+0x10/0x10 [ 729.428189][T26279] ? __pfx_con_install+0x10/0x10 [ 729.428232][T26279] tty_init_dev.part.0+0x99/0x500 [ 729.428263][T26279] tty_open+0xa50/0xf90 [ 729.428295][T26279] ? __pfx_tty_open+0x10/0x10 [ 729.428322][T26279] ? chrdev_open+0x10b/0x6a0 [ 729.428368][T26279] ? __pfx_tty_open+0x10/0x10 [ 729.428395][T26279] chrdev_open+0x231/0x6a0 [ 729.428435][T26279] ? __pfx_apparmor_file_open+0x10/0x10 [ 729.428477][T26279] ? __pfx_chrdev_open+0x10/0x10 [ 729.428524][T26279] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 729.428571][T26279] do_dentry_open+0x741/0x1c10 [ 729.428613][T26279] ? __pfx_chrdev_open+0x10/0x10 [ 729.428663][T26279] vfs_open+0x82/0x3f0 [ 729.428695][T26279] path_openat+0x1e5e/0x2d40 [ 729.428751][T26279] ? __pfx_path_openat+0x10/0x10 [ 729.428801][T26279] do_filp_open+0x20b/0x470 [ 729.428842][T26279] ? __pfx_do_filp_open+0x10/0x10 [ 729.428908][T26279] ? alloc_fd+0x471/0x7d0 [ 729.428956][T26279] do_sys_openat2+0x11b/0x1d0 [ 729.428985][T26279] ? __pfx_do_sys_openat2+0x10/0x10 [ 729.429027][T26279] __x64_sys_openat+0x174/0x210 [ 729.429058][T26279] ? __pfx___x64_sys_openat+0x10/0x10 [ 729.429090][T26279] ? rcu_is_watching+0x12/0xc0 [ 729.429134][T26279] do_syscall_64+0xcd/0x260 [ 729.429178][T26279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.429206][T26279] RIP: 0033:0x7f304ed8e169 [ 729.429229][T26279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 729.429258][T26279] RSP: 002b:00007f304fb16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 729.429284][T26279] RAX: ffffffffffffffda RBX: 00007f304efb5fa0 RCX: 00007f304ed8e169 [ 729.429303][T26279] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 729.429327][T26279] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 729.429346][T26279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 729.429366][T26279] R13: 0000000000000000 R14: 00007f304efb5fa0 R15: 00007fffef99eff8 [ 729.429406][T26279] [ 734.006379][T26385] FAULT_INJECTION: forcing a failure. [ 734.006379][T26385] name failslab, interval 1, probability 0, space 0, times 0 [ 734.091055][T26385] CPU: 1 UID: 0 PID: 26385 Comm: syz.2.2104 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 734.091105][T26385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 734.091127][T26385] Call Trace: [ 734.091139][T26385] [ 734.091152][T26385] dump_stack_lvl+0x16c/0x1f0 [ 734.091208][T26385] should_fail_ex+0x512/0x640 [ 734.091246][T26385] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 734.091316][T26385] should_failslab+0xc2/0x120 [ 734.091349][T26385] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 734.091404][T26385] ? dccp_feat_clone_sp_val+0x96/0x130 [ 734.091466][T26385] kmemdup_noprof+0x29/0x60 [ 734.091500][T26385] dccp_feat_clone_sp_val+0x96/0x130 [ 734.091558][T26385] __feat_register_sp+0x331/0x5a0 [ 734.091597][T26385] ? __pfx___feat_register_sp+0x10/0x10 [ 734.091630][T26385] ? __kasan_kmalloc+0xaa/0xb0 [ 734.091686][T26385] dccp_feat_init+0x724/0x800 [ 734.091725][T26385] ? __pfx_dccp_feat_init+0x10/0x10 [ 734.091760][T26385] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 734.091808][T26385] ? lockdep_init_map_type+0x5c/0x280 [ 734.091841][T26385] ? do_init_timer+0xc9/0x110 [ 734.091886][T26385] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 734.091931][T26385] ? __pfx_dccp_delack_timer+0x10/0x10 [ 734.091983][T26385] dccp_init_sock+0x327/0x420 [ 734.092020][T26385] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 734.092053][T26385] dccp_v4_init_sock+0x1f/0xa0 [ 734.092083][T26385] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 734.092119][T26385] inet_create+0x936/0x1090 [ 734.092149][T26385] ? inet_create+0x93/0x1090 [ 734.092183][T26385] __sock_create+0x335/0x8d0 [ 734.092222][T26385] __sys_socket+0x14d/0x260 [ 734.092264][T26385] ? __pfx___sys_socket+0x10/0x10 [ 734.092298][T26385] ? rcu_is_watching+0x12/0xc0 [ 734.092343][T26385] __x64_sys_socket+0x72/0xb0 [ 734.092374][T26385] ? lockdep_hardirqs_on+0x7c/0x110 [ 734.092420][T26385] do_syscall_64+0xcd/0x260 [ 734.092472][T26385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.092508][T26385] RIP: 0033:0x7f304ed8e169 [ 734.092536][T26385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.092570][T26385] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 734.092602][T26385] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 734.092624][T26385] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 734.092643][T26385] RBP: 00007f304ee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 734.092662][T26385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 734.092682][T26385] R13: 0000000000000000 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 734.092723][T26385] [ 734.726408][T26400] [ 734.728805][T26400] ====================================================== [ 734.735999][T26400] WARNING: possible circular locking dependency detected [ 734.743247][T26400] 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 Not tainted [ 734.750423][T26400] ------------------------------------------------------ [ 734.757672][T26400] syz.2.2107/26400 is trying to acquire lock: [ 734.763859][T26400] ffff88802aa72cd8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 734.773479][T26400] [ 734.773479][T26400] but task is already holding lock: [ 734.780857][T26400] ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 734.790127][T26400] [ 734.790127][T26400] which lock already depends on the new lock. [ 734.790127][T26400] [ 734.800986][T26400] [ 734.800986][T26400] the existing dependency chain (in reverse order) is: [ 734.810140][T26400] [ 734.810140][T26400] -> #2 (rtnl_mutex){+.+.}-{4:4}: [ 734.817387][T26400] __mutex_lock+0x199/0xb90 [ 734.822443][T26400] do_ipv6_setsockopt+0x2042/0x4420 [ 734.828202][T26400] ipv6_setsockopt+0xcb/0x170 [ 734.833710][T26400] tcp_setsockopt+0xa4/0x100 [ 734.839170][T26400] smc_setsockopt+0x1b3/0xa00 [ 734.844414][T26400] do_sock_setsockopt+0x221/0x470 [ 734.850178][T26400] __sys_setsockopt+0x1a0/0x230 [ 734.855673][T26400] __x64_sys_setsockopt+0xbd/0x160 [ 734.861329][T26400] do_syscall_64+0xcd/0x260 [ 734.866381][T26400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.872983][T26400] [ 734.872983][T26400] -> #1 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 734.881694][T26400] __mutex_lock+0x199/0xb90 [ 734.886852][T26400] smc_switch_to_fallback+0x2d/0x9f0 [ 734.892778][T26400] smc_sendmsg+0x13d/0x520 [ 734.897748][T26400] ____sys_sendmsg+0xa95/0xc70 [ 734.903042][T26400] ___sys_sendmsg+0x134/0x1d0 [ 734.908282][T26400] __sys_sendmsg+0x16d/0x220 [ 734.913412][T26400] do_syscall_64+0xcd/0x260 [ 734.918478][T26400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.924907][T26400] [ 734.924907][T26400] -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 734.932769][T26400] __lock_acquire+0x1173/0x1ba0 [ 734.938176][T26400] lock_acquire+0x179/0x350 [ 734.943208][T26400] lock_sock_nested+0x41/0xf0 [ 734.948429][T26400] sockopt_lock_sock+0x54/0x70 [ 734.953731][T26400] do_ipv6_setsockopt+0x204a/0x4420 [ 734.959945][T26400] ipv6_setsockopt+0xcb/0x170 [ 734.965221][T26400] udpv6_setsockopt+0x7d/0xd0 [ 734.970539][T26400] do_sock_setsockopt+0x221/0x470 [ 734.976219][T26400] __sys_setsockopt+0x1a0/0x230 [ 734.981740][T26400] __x64_sys_setsockopt+0xbd/0x160 [ 734.987412][T26400] do_syscall_64+0xcd/0x260 [ 734.992556][T26400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.999099][T26400] [ 734.999099][T26400] other info that might help us debug this: [ 734.999099][T26400] [ 735.009893][T26400] Chain exists of: [ 735.009893][T26400] sk_lock-AF_INET6 --> &smc->clcsock_release_lock --> rtnl_mutex [ 735.009893][T26400] [ 735.024203][T26400] Possible unsafe locking scenario: [ 735.024203][T26400] [ 735.031763][T26400] CPU0 CPU1 [ 735.037160][T26400] ---- ---- [ 735.042572][T26400] lock(rtnl_mutex); [ 735.047014][T26400] lock(&smc->clcsock_release_lock); [ 735.055207][T26400] lock(rtnl_mutex); [ 735.062263][T26400] lock(sk_lock-AF_INET6); [ 735.067150][T26400] [ 735.067150][T26400] *** DEADLOCK *** [ 735.067150][T26400] [ 735.075316][T26400] 1 lock held by syz.2.2107/26400: [ 735.080455][T26400] #0: ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 735.090614][T26400] [ 735.090614][T26400] stack backtrace: [ 735.096538][T26400] CPU: 1 UID: 0 PID: 26400 Comm: syz.2.2107 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 735.096570][T26400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 735.096594][T26400] Call Trace: [ 735.096605][T26400] [ 735.096615][T26400] dump_stack_lvl+0x116/0x1f0 [ 735.096653][T26400] print_circular_bug+0x275/0x350 [ 735.096692][T26400] check_noncircular+0x14c/0x170 [ 735.096731][T26400] __lock_acquire+0x1173/0x1ba0 [ 735.096771][T26400] ? do_ipv6_setsockopt+0x2042/0x4420 [ 735.096807][T26400] lock_acquire+0x179/0x350 [ 735.096827][T26400] ? sockopt_lock_sock+0x54/0x70 [ 735.096877][T26400] lock_sock_nested+0x41/0xf0 [ 735.096907][T26400] ? sockopt_lock_sock+0x54/0x70 [ 735.096936][T26400] sockopt_lock_sock+0x54/0x70 [ 735.096965][T26400] do_ipv6_setsockopt+0x204a/0x4420 [ 735.097002][T26400] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 735.097036][T26400] ? futex_wait_queue+0x24/0x220 [ 735.097059][T26400] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 735.097085][T26400] ? futex_unqueue+0xba/0x140 [ 735.097117][T26400] ? __futex_wait+0x323/0x3c0 [ 735.097139][T26400] ? __pfx___futex_wait+0x10/0x10 [ 735.097160][T26400] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 735.097198][T26400] ? __pfx___might_resched+0x10/0x10 [ 735.097235][T26400] ? aa_sk_perm+0x2f4/0xb10 [ 735.097261][T26400] ? ipv6_setsockopt+0xcb/0x170 [ 735.097293][T26400] ipv6_setsockopt+0xcb/0x170 [ 735.097326][T26400] udpv6_setsockopt+0x7d/0xd0 [ 735.097350][T26400] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 735.097387][T26400] do_sock_setsockopt+0x221/0x470 [ 735.097422][T26400] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 735.097466][T26400] __sys_setsockopt+0x1a0/0x230 [ 735.097497][T26400] __x64_sys_setsockopt+0xbd/0x160 [ 735.097525][T26400] ? do_syscall_64+0x91/0x260 [ 735.097570][T26400] ? lockdep_hardirqs_on+0x7c/0x110 [ 735.097602][T26400] do_syscall_64+0xcd/0x260 [ 735.097636][T26400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.097661][T26400] RIP: 0033:0x7f304ed8e169 [ 735.097681][T26400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 735.097705][T26400] RSP: 002b:00007f304cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 735.097727][T26400] RAX: ffffffffffffffda RBX: 00007f304efb6080 RCX: 00007f304ed8e169 [ 735.097743][T26400] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0400000000000003 [ 735.097758][T26400] RBP: 00007f304ee10a68 R08: 000000000000056b R09: 0000000000000000 [ 735.097773][T26400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 735.097787][T26400] R13: 0000000000000000 R14: 00007f304efb6080 R15: 00007fffef99eff8 [ 735.097809][T26400]