last executing test programs: 1m16.764004761s ago: executing program 2 (id=1749): mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0xa, 0x0) clock_nanosleep$auto(0x8, 0xffc99a3b, 0x0, 0x0) 1m16.52325185s ago: executing program 2 (id=1750): socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(0x6, 0x11b, 0x1d05, 0xfffffffffffffffd, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x7f, 0x2, 0x9b72, 0x2, 0x7fff) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) sched_rr_get_interval$auto(0x0, 0x0) getrandom$auto(0x0, 0xe, 0x7) madvise$auto(0x81, 0x3, 0x9) madvise$auto(0x0, 0x2003f0, 0x13) mincore$auto(0x0, 0x10000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000003640)={r1, 0x7, 0x6}, 0x4, 0x100000) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r2 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a001}, 0x9, 0x0, 0x0, 0xb}, 0xfff}, 0x5, 0x311) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1) 1m16.089753371s ago: executing program 2 (id=1756): unshare$auto(0x40000080) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x48041, 0x0) write$auto(r0, 0x0, 0x7) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x280000, 0x100) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto_SO_PEERNAME(r1, 0x4, 0x1c, 0x0, &(0x7f0000000100)=0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x441, 0x0) unshare$auto(0x20000) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r2, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vbi26\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0) write$auto(r3, 0x0, 0xd4d0) timer_create$auto(0x0, 0x0, 0x0) r4 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x60500, 0x0) read$auto_vhci_fops_hci_vhci(r4, &(0x7f0000000d40)=""/16, 0x10) socket(0x15, 0x5, 0x0) write$auto(0x1, 0x0, 0x80000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x200400008, 0xdb, 0x9b75, 0x7, 0x800007fff) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0x40000b8, 0x10, 0x4, 0x800004, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0xa, 0x7, 0x6}, 0xf) pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00') ioctl$auto(0xc8, 0x400454d8, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) 1m14.859167688s ago: executing program 2 (id=1768): mmap$auto(0x0, 0x9, 0x1fe, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_register$auto(0xffffffffffffffff, 0x1f, 0x0, 0x1) socket(0x2b, 0x1, 0x1) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x2000, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) prctl$auto(0x35, 0x1, 0x8, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x5, 0x9]}, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/48, 0x30) close_range$auto(0x2, 0x8, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000004c0)="a26c1e99180fe5a29f13b2dd1370c36b418f7ddc1dfc5449a704c2beb748ec2c262d23b31c1279f70e94c517709568b538ba03947d700d52d194f37a09efdc81c0aa24fe80878f7c4b102b27be58db6a7c138f21499069b8c67c3205b8a7c26ad07201ce929767b785aafa8c59dca74d7c88146c96cdbebebc0900c44b23c5eefc031dc2e9b0dc8d99996e2a66e58cdc9012bbc34f49") r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80002, 0x0) sendfile$auto(r1, r1, 0x0, 0x400000000003) prctl$auto(0x40, 0x5d, 0x0, 0xfba3, 0x7) 1m14.32932591s ago: executing program 2 (id=1770): tkill$auto(0x1, 0x7) r0 = socket(0xa, 0x3, 0x2c) setsockopt$auto(r0, 0x1, 0x49, &(0x7f0000000180)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\xb9E\x81\xb6F\x96\xa6\xba\xf4\x98;n\xb2nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x00\x00\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81', 0xa95e) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = socket(0xa, 0x2, 0x0) getsockopt$auto_SO_BUF_LOCK(r2, 0x1, 0x48, &(0x7f0000003fc0)='\'}\xa3\x00', &(0x7f0000004000)=0xfc5) r3 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000001240)='4', 0x1) write$auto(r3, &(0x7f0000000280)='\t\x00\x00\x00\xd00\x9aFAW\xb5\x00c\xf6\xec\xc0\xe5\v\xf2\x0fI\xf8\xdb\x03\xb14\xcb\\\x0fy\x04\xc7U\xd0\xa2\xd7X\x96?\x0f\x9a\xa0r\xd5\x9dV\x92\x01\xd6\xa6\"\x81\x83E@g>\xd0p\x04\xee\x06\x9f\xfeA\\$P(\x05\x89\r\xfb\x1a\xa8r\xf9\xf8#\xbf\xc90fi?\x8c \xd7}\xbb\xd6\xb2\xe2\xc3\xb3\x14\xef\x875\xbfp\xc0\x89I\x83=\xa0\x9f\xaeL\f\xdbM\xda\xd3\xd8\x01\x81;\x12-\xda\xaa.\xdc\xa5\xc7\xb5\xa8V\xec\a$u\xef\xf4#\x85\x88\xef\x12R@!\xbe\xca\x19\x82\x85\xe4\xb8w\x82\x1a\xfdM0<\xc2w\xc9/\x9a\x1aV\xe0\xa9\x00\'m\xfb\xc2X\x8aOR)\xa4\xab\xc6\x92U\xfd\xa2\x14\x92\xb4\xd9\x8a\xa5\x19/\xb5\x826\x80\xef\x8e\x04\xa2t\x8bQ\xd1\x94\xc8\xf9\x84\xae\xc5\x8f\x94\x869\tw\xab\xc8\xfdp\xb2N\xe4\x8b\f\x89Q(\xd4\xd8\xb4\xa3c\x02P(\x82\xb1C\x853e6\n\xba*x\x1f\xd0\xbf\x9cZeww\xb4\xcf\xc9\x93E\xf5\vt\xd75y\t\x86\xdcgX\xc6$\xdb\xa7s\x1cdH\x15\xeb\xf4\xff3\xa8\xf4\xf7^h\x91\f$\x97\x03a\xf8\xd3\xb2]!z\x93h*J\x89(\xb0\x904\x13K\x13\x9a\xb3\xce\x15=\x19/\xf2\xe6\x80\xee\xdb\x01$e\xecTM\x13\xd4\xa2\x1d\v1\x84\x0ex\f\xbc\x92#4K\'\x1a\xcc$\x81e\xa0\xad\x04\x91yS\xf94\x06\xd2N\t9K3', 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='\a\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000fedbdf250a000000100003800c0001000200000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x24008040) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x108002, 0x0) epoll_create$auto(0x208) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x101, 0x0) write$auto_seq_oss_f_ops_seq_oss(r6, &(0x7f0000000080)="8be9985853636f16e6e0a4f0ade0354c0f5a9a46dced0ac8cf3f1e5d4b8a7cba55eac4fee0e224ca5fc7ca82db57b9c6791d9943d41ff50e4547ea47b53b52b7f37f3c673c3175b286476b2d9f5de71563074da41e1e67236a6c298123844c9f7459fcf322bbbeae8dc76334b47e214592d9b017e5d51dfb", 0x78) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_KSMBD_EVENT_SHARE_CONFIG_REQUEST(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, 0x0, 0x2, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x20040080) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyyb\x00', 0x76001, 0x0) socketpair$auto(0x9, 0x2, 0xb, 0x0) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty50\x00', 0x80, 0x0) ioctl$auto_TIOCSETD2(r7, 0x5423, 0x0) 1m12.787083006s ago: executing program 2 (id=1780): close_range$auto(0x2, 0x8, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x9, 0x9, 0x80000009, 0x7, 0x8, 0x5, 0xd, 0x7e, 0x2, 0x8, 0x5, 0xf, 0xffffffffffffffff, 0x9, 0x1, 0x5}, 0x800, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) prctl$auto_PR_GET_DUMPABLE(0x3, 0x4811, 0x0, 0x2, 0xffffffffffffffff) ioctl$auto_XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000001500)={r1, &(0x7f0000000380)="39aed5d5ff33174f45f2dd778272095b300cb544426efbd647ec8a37fa3cdd5afe357da969a4603ba8f1f2d829e3c97b2b8b47d6ec8131790016420d1b187ba245a4094a4e8e8286811361100e2290557455173794017d34c36973434bd8751f668d9a07d55b8bdd353adecb6142dbddd016f58bec462aa0292c252eb4dc27fbb084a354e36240b95def2fecde82d9938afcd0fa183be06be9051a64a1ac3b445c35f216fd9677aa0816614dbb0672d9b408ae2db0122b38e0877833efa707af630618eb886deafa66a948bd4d8824e12f53d96871968617a23f35a39f8cb143dc5d7b41ba6bce4bd75cbb888b0d2a8b924708", 0x9, &(0x7f0000000480), 0x8, 0x0, &(0x7f00000014c0)=0x101}) bind$auto(r2, &(0x7f0000000000)=@vsock={0x28, 0x0, 0xffffffff, @host}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x3, 0x8, 0x5, 0x2, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3bc}, 0x1fe, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x1d, 0x2, 0x7) r4 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5}, 0x6a) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) socket$nl_generic(0x10, 0x3, 0x10) 1m12.449416194s ago: executing program 32 (id=1780): close_range$auto(0x2, 0x8, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x9, 0x9, 0x80000009, 0x7, 0x8, 0x5, 0xd, 0x7e, 0x2, 0x8, 0x5, 0xf, 0xffffffffffffffff, 0x9, 0x1, 0x5}, 0x800, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) prctl$auto_PR_GET_DUMPABLE(0x3, 0x4811, 0x0, 0x2, 0xffffffffffffffff) ioctl$auto_XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000001500)={r1, &(0x7f0000000380)="39aed5d5ff33174f45f2dd778272095b300cb544426efbd647ec8a37fa3cdd5afe357da969a4603ba8f1f2d829e3c97b2b8b47d6ec8131790016420d1b187ba245a4094a4e8e8286811361100e2290557455173794017d34c36973434bd8751f668d9a07d55b8bdd353adecb6142dbddd016f58bec462aa0292c252eb4dc27fbb084a354e36240b95def2fecde82d9938afcd0fa183be06be9051a64a1ac3b445c35f216fd9677aa0816614dbb0672d9b408ae2db0122b38e0877833efa707af630618eb886deafa66a948bd4d8824e12f53d96871968617a23f35a39f8cb143dc5d7b41ba6bce4bd75cbb888b0d2a8b924708", 0x9, &(0x7f0000000480), 0x8, 0x0, &(0x7f00000014c0)=0x101}) bind$auto(r2, &(0x7f0000000000)=@vsock={0x28, 0x0, 0xffffffff, @host}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x3, 0x8, 0x5, 0x2, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3bc}, 0x1fe, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x1d, 0x2, 0x7) r4 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5}, 0x6a) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) socket$nl_generic(0x10, 0x3, 0x10) 3.298924517s ago: executing program 1 (id=2201): socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/nbd3/sched/write1_fifo_list\x00', 0x400, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) read$auto(0x3, 0x0, 0x10) write$auto(0x3, 0x0, 0xffd8) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x3}, 0x7, 0xe, 0x0) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x6, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f2, 0x24) 3.203239659s ago: executing program 4 (id=2203): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) fsconfig$auto_SHMEM_HUGE_FORCE(r0, 0x6, 0x0, &(0x7f0000000100)="50a54f6ba2eabf1c36410848849a4bf578fba2127b9325d59d8c3aad22be1e33e4de5d2c4e22eb382bc3f634218c4e5f95ff64be95e62a53cba3835dd55f3a95a25989676b15868798fe37dafbc8ed38ddd759ebade969b17849b48c37e4b9727376283c1e26676832a95de29b384fbe53b36b29809e619b2b572524e5d41869bb11380a96c23e69c469e8ca8b98ac31158f6f5cdbd952fff7ba26557f74602433ca4136f2f5b65d1d805be9ff081d981e023b2120d0c159178d368aebecd11b865cb3bf7c063637ca6be8ab142c870c02646a68da9e4ab9ccb4f4eb5481a459b891009db00a52ad47e55d0585c679bb8d1f64cdfa41e378578e7e83581aaff5ef58b5bf92db02b94200d2a97d9f32b227fdd7d73a2c89596a7cd8e5303ea8e4db14007a21a2639e57ccd839af541af35e30933978c11bcda5d616ee80dc7758a441d3c2a32c952f69026ec57bf9d67b68a9484a2d8f65063cd110be4822bc7688bfab5eaba8ee12b3bdf05677f076df8c3ba3f1d65ce7bd47619513ef9ed583152a551dd22efbcc3c630a5832186b177b485a1664a52360b575bf556f1a5f2b359b7e9639c35194776e3cf1230a56c62796552af68ff42e8e5a898cf5f040bef55d34d1a774d38593648bebb8ae8037be494e87fe7eebccce92453b348365aafc4c16759898769fd9e264434a417fdec90422e71f5dce5b30b7a58f92cb03ead5c10d6eea4689ad1c1341140d80aa456c6625fc350b7a02e9a037b4b79eedddb0dfa870989afb52968560e94960ed25f48c0526279b09572ada44698a3b7d77ac4101b26305e2908645f3cdd7a59ef0d46adea03491dda71aefb33ff74f212720b814ea34edac9c4844199559941834712bd126f1d17e8c9fed6a121495235abeea67f114c19512803d96b69f3dfe6b827ae9ea03fc82c76fbfc0e0b76dad0d7005afc62beb2cbc5fed4fbb1d5c533d038f872c7fa374cade2cfa73d6dc7dc93d50d273505df726d7eb3c25c545af94716087b4700910ffdcb88970c0d0183c48f654e54a3ce7b036b65dd1d3e1b47a3a6ba9f24feb976e5aff37e4b8aa65b3a80b3b15ddd5bbebdb8ca0a598af6322ec10e32e3faba0a13a539d2c01de9c31a21f25a1026b43456dd14c4ce03eaaf0411b48830fe254c8078b71b56aedb9a5b6f52ab6317a48503d88dfca2f03f70b96100ffcf3467e3a1e05c94ce8879a8e", 0xfffffffffffffffe) r1 = socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socket(0xf, 0x3, 0x2) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1080, 0x0) clone3$auto(&(0x7f0000000680)={0x8, 0xea, 0x2, 0x0, 0x5, 0x20f6, 0x9, 0x2, 0x5f1, 0xfffffffffffffff9, 0x100000001}, 0x1) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000001a40)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x22000}, 0xc, &(0x7f0000000600)={&(0x7f0000000700)={0x30, 0x0, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x49}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x111}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x4}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c001}, 0x40840) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0x11, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7, 0x800, 0x5, 0x2, 0x300]}, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x6a) bpf$auto(0xe, 0x0, 0x9) 2.846318709s ago: executing program 1 (id=2205): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x800c6f40, r0) r1 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x0, 0x0) ioctl$auto_BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f0000000740)={@inferred, 0x4, 0xa, @unused, @devid=0x7}) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) fsconfig$auto_SHMEM_HUGE_FORCE(r2, 0x6, 0x0, &(0x7f0000000100)="50a54f6ba2eabf1c36410848849a4bf578fba2127b9325d59d8c3aad22be1e33e4de5d2c4e22eb382bc3f634218c4e5f95ff64be95e62a53cba3835dd55f3a95a25989676b15868798fe37dafbc8ed38ddd759ebade969b17849b48c37e4b9727376283c1e26676832a95de29b384fbe53b36b29809e619b2b572524e5d41869bb11380a96c23e69c469e8ca8b98ac31158f6f5cdbd952fff7ba26557f74602433ca4136f2f5b65d1d805be9ff081d981e023b2120d0c159178d368aebecd11b865cb3bf7c063637ca6be8ab142c870c02646a68da9e4ab9ccb4f4eb5481a459b891009db00a52ad47e55d0585c679bb8d1f64cdfa41e378578e7e83581aaff5ef58b5bf92db02b94200d2a97d9f32b227fdd7d73a2c89596a7cd8e5303ea8e4db14007a21a2639e57ccd839af541af35e30933978c11bcda5d616ee80dc7758a441d3c2a32c952f69026ec57bf9d67b68a9484a2d8f65063cd110be4822bc7688bfab5eaba8ee12b3bdf05677f076df8c3ba3f1d65ce7bd47619513ef9ed583152a551dd22efbcc3c630a5832186b177b485a1664a52360b575bf556f1a5f2b359b7e9639c35194776e3cf1230a56c62796552af68ff42e8e5a898cf5f040bef55d34d1a774d38593648bebb8ae8037be494e87fe7eebccce92453b348365aafc4c16759898769fd9e264434a417fdec90422e71f5dce5b30b7a58f92cb03ead5c10d6eea4689ad1c1341140d80aa456c6625fc350b7a02e9a037b4b79eedddb0dfa870989afb52968560e94960ed25f48c0526279b09572ada44698a3b7d77ac4101b26305e2908645f3cdd7a59ef0d46adea03491dda71aefb33ff74f212720b814ea34edac9c4844199559941834712bd126f1d17e8c9fed6a121495235abeea67f114c19512803d96b69f3dfe6b827ae9ea03fc82c76fbfc0e0b76dad0d7005afc62beb2cbc5fed4fbb1d5c533d038f872c7fa374cade2cfa73d6dc7dc93d50d273505df726d7eb3c25c545af94716087b4700910ffdcb88970c0d0183c48f654e54a3ce7b036b65dd1d3e1b47a3a6ba9f24feb976e5aff37e4b8aa65b3a80b3b15ddd5bbebdb8ca0a598af6322ec10e32e3faba0a13a539d2c01de9c31a21f25a1026b43456dd14c4ce03eaaf0411b48830fe254c8078b71b56aedb9a5b6f52ab6317a48503d88dfca2f03f70b96100ffcf3467e3a1e05c94ce8879a8e", 0xfffffffffffffffe) r3 = socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socket(0xf, 0x3, 0x2) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1080, 0x0) clone3$auto(&(0x7f0000000680)={0x8, 0xea, 0x2, 0x0, 0x5, 0x20f6, 0x9, 0x2, 0x5f1, 0xfffffffffffffff7, 0x2}, 0x1) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r3, &(0x7f0000001a40)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x22000}, 0xc, &(0x7f0000000600)={&(0x7f0000000700)={0x30, 0x0, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x49}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x111}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x4}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c001}, 0x40840) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0x11, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7, 0x800, 0x5, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) ioctl$auto(r5, 0x40104d06, 0x7) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x1) 2.263361168s ago: executing program 4 (id=2207): r0 = io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc}, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x40000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_PUBL_GET(r2, &(0x7f0000003940)={0x0, 0x0, &(0x7f0000003900)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x40800}, 0x840) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000480)='/dev/video18\x00', 0x802, 0x0) write$auto_v4l2_fops_v4l2_dev(r4, &(0x7f00000000c0)="318de800aca3f21e", 0x8) close_range$auto(0x2, r4, 0x0) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, 0x0, 0x8044) pread64$auto(r1, 0x0, 0x8, 0xffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2b, 0x1, 0x1) mmap$auto(0xffffffffffffffff, 0x3, 0x407ffffffffffff, 0x1000000ebe, r4, 0x8) setreuid$auto(0x4, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000100)=ANY=[@ANYBLOB="38fd110e960000d89cc2c1951e5900", @ANYRES16=r6, @ANYBLOB="0100253d7000fddbdf2501000000180007800c000180080001800000000008002300", @ANYRES32=0x0, @ANYBLOB="0c0002000600000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 1.695481928s ago: executing program 3 (id=2208): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r0) sendmsg$auto_NFSD_CMD_VERSION_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fbdbdf25040000001400018008000200000000000800010002"], 0x28}, 0x1, 0x0, 0x0, 0x24000001}, 0x844) r2 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'vxcan1\x00'}) 1.691513657s ago: executing program 0 (id=2209): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000780)='/dev/tty60\x00', 0x800, 0x0) r1 = setfsuid$auto(0xee00) r2 = setfsuid$auto(0xee01) mkdir$auto(&(0x7f0000000000)='./file0\x00', 0x1ff) setresuid$auto(r1, r2, r1) ioctl$auto(r0, 0x560a, 0xffffffffffffffff) 1.635428921s ago: executing program 1 (id=2210): socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000040)="78298dc755c478bafeef555d67e22f5163c78924ea131f5039ee7a072b37", 0x1) socket(0x2b, 0x1, 0x1) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x2000, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x5, 0x9]}, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/48, 0x30) close_range$auto(0x2, 0x8, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000004c0)="a26c1e99180fe5a29f13b2dd1370c36b418f7ddc1dfc5449a704c2beb748ec2c262d23b31c1279f70e94c517709568b538ba03947d700d52d194f37a09efdc81c0aa24fe80878f7c4b102b27be58db6a7c138f21499069b8c67c3205b8a7c26ad07201ce929767b785aafa8c59dca74d7c88146c96cdbebebc0900c44b23c5eefc031dc2e9b0dc8d99996e2a66e58cdc9012bbc34f") r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80002, 0x0) sendfile$auto(r1, r1, 0x0, 0x400000000003) prctl$auto(0x40, 0x5d, 0x0, 0xfba3, 0x7) 1.603381241s ago: executing program 4 (id=2211): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x8000, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r0, 0xae03, 0xaf) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd0b, &(0x7f00000001c0)) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) 1.599001421s ago: executing program 3 (id=2212): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card1/pcm1p/sub4/xrun_injection\x00', 0x8104, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_ATTACH_REUSEPORT_CBPF(r1, 0x1, 0x33, &(0x7f0000000280)='o\x00\xfb\x00\x00\x00\xe4(\xe5\xb9Y\xacS\xbe\xcc4\xf9!\xd0\x92<\x9bf\x01j\x83\xb3\xd7a.\x92\xf5\xb0j\xd3\x01\xfe:\x93\xed\xe4\x16\a\xcemS\xeb\x93D\b\xdb\x0f\x9f\x903\xad?\x17\xddF2\x7f\x15~\x94\x1d\x1c\x83\x03\xb9K\x04\xd3\x99\xe6[\xf8\xddn`\xdb\x19\xa9R\xc2\x00\x8a\xc7>\xfbC\x9e\xcfY\xaa\xc9\x99_\x8d\xc14o\xd9\x97\xf9\xb6\x80\xc0Tf\xea\x82\x8f\x82^\xf7\x01\x894?\xf7\xb8\"\x9dd/\x15\xf5\x013\x84\xe8\xdev\x8eW\xfaym\x8a_\x0e\xc5\xde\x90\xc4$\xbb\xaa\x839]\x14m{R,i\x80\xecM.\xa9\'<\xd6\xc8\xd6\xc4\x1b\xd2\xd6\x193<\".\x85\xea\xb7\x9d\xa3r\xca\xeeP\xdeu4\xf2s\x9b\x03\xbex.\x17\xf2\xa4\xba\x9a$\x1f.e\v3.\xd1{}\x94\xd9\xc4\xf1\xa9\x9aK\xbc?0x\xa1G\xf5\xd3K\xf7\xa25=\x9f+\x1d\xe7\x00', 0x10) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000001080)=""/4092, 0xffc) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000e80)=""/215, 0xd7) 1.566949583s ago: executing program 0 (id=2213): waitid$auto_P_ALL(0x0, 0x4, 0x0, 0x7, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x24, r0, 0x13, 0x70bd2e, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894) (fail_nth: 8) 1.498093623s ago: executing program 4 (id=2214): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r0) sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x14, r1, 0xa01, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00', 0x0}) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), 0xffffffffffffffff) (async) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000040)={0x28, r4, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x34b}]}, 0x28}, 0x1, 0x100000000000000, 0x0, 0x9dfefc5e47f5c72f}, 0x4) sendmsg$auto_IPVS_CMD_ZERO(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x1224, 0x0, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10}, @IPVS_CMD_ATTR_DEST={0x13d, 0x2, 0x0, 0x1, [@generic="feba92b1006ca2ad5c1116d43f6b9dfc5796d530b8868ad327de8ba7e269105b710d5f9c045a2d515a988e0e09d338133c8c8ffc9cda2ac6a2ae8c3d", @generic="428c10a40ebe4c66942abc61e8d5500c89b9d74a4d2a5f28e689eab132355ec58f16b831ffb3bf8fc7696cafda74388c7f4be0529736ef90f9eb4cd14030c1912eb4a48e6e279d0b7f6feef47cd05613d9", @generic="a7a1cea2a1ecd13cd95e8013fa4b267cf289946ad410f0c5dd75abb1300ea63d6de2fb524e002035f9d51d2b94f0afbecee31b7f10fdf87bbe146529cb945aadc68e28be6d1620a256f75a75871877cc2a10ffd2bd6b158193d663d1707cf36aef1cc5e51dd15181bf89f79ef4e5bc859a42888aebc0c75f6661a0fc30dbc1d736fc0a4ba2879f596d7bcfabc8daabe739f9a44d920773b1dbb7bf2cbcf4712a6e26c31c3b5327060dbd0c2e"]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xe802}, @IPVS_CMD_ATTR_SERVICE={0x10ad, 0x1, 0x0, 0x1, [@typed={0x14, 0x112, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @nested={0x4, 0x6d}, @nested={0x106a, 0x14b, 0x0, 0x1, [@typed={0x4, 0x137}, @generic="0fb37a72088a", @typed={0x8, 0x41, 0x0, 0x0, @fd=r2}, @typed={0x1004, 0xa4, 0x0, 0x0, @binary="1e55dfbce075a88dbeb1e6840ca61ea1ab05872f2a4f8cedfebee440e899017533255ccc46826ea415cc8cc13047a839189407b1f20009055205c2657482f5d915254ba8bb91083a304ce701c5204b2426f1e1caf9819b7574ebc590e07a861a12ac94675d97cadbcfa4d49bfc6d4103a0d3213b117ff4975d0860394febdb878e26da825f14d8399f70c6db07280171202e31a6ccd05738912bbb58d199a72bc79d3261cb6b3d3da09338cbbdff4dc03add4c9f6e9a65c505d47952d0b2afbfdb5c6f2cd2144750ca5ad5989f111f763097d3891dd6fe6630ae8a689c4effb3eb57eb79d31c83e8eb9319e840285049869f965d0e584d4e84cb3aeba415abab2d39b79085c3464bf8b16d6fe18ca72007e07a9508e925323ecdbf8565b2a3c85971472e063816f5a6dbea82639b415609ae662fce5e0219a31529f89337adb79be5f948eec1794b06ba716d935fdeba48a68874ab48a1cf02109410f1b2406817253d3d7f4faced1dfc955a7bfa6e956b456703fa394110f6be2716df54a2ab8b4eff6b77a4957bfc9e8f09e3a17f3a0842d2c92aa2a526d62cb3475c7e09640db9f59cbaf35cdfbf20f1c2e425a4fff501f0fcc56dda3c43e931937658e233a5791cf80511c9e803199d71c5fea0d883289857ccdc449ce73ea6e47faf65cadb0933afc69c17c77ab851b6eea7aca72cf1de40540a67d86cdec94e19670dd6825a27dfd928873a393a1d55fe7e1ec61c90293a3be8519c36b3d5579355b478ba1b4fa5a853c4081b5c48d784213badd0e33685351f8b68afa41256128fb8ef610e68f1bb5fbd9a77c24635fbd146c85cbe93ac7ba8d1f316b6c2c5d13894fc10276269ea54d65f81e995a1b60f54ec6d9f54678c0c3dabab013c7ef47c6fa2bbc812ae8668de56dd827f585e888dbb3f93fff26c81a9e880bf03048bd97a955f54ea8e5a32ddd572be2d7968a8a33056ef83ee1e5668d1cb85b1d23d6b3fb7ac8a684e938f49aae018852e01b85c8307c6b42e78faa827f06453ed5da0852fff5daaf86ca515e40dad1aad0c802085f80cb000801ed5a9f23610235095d374455f52a9ac9147076ca4a9864d672847b3cef996793eee8c0fb38ded07ae3df9228cbdfc4f82381bf60b4b7469b3cbe40f8ea56d7ba7baf5b6a5c5e52584d42705bc5c09a1b90876fcc98d527e63d93e8ff86b764a09ae4166b2aeeb4ba67c7302144f186fc1f4c9a48426a35178599cdd8abd6b520f86142c416ffa535ad7ad5db5cd5aa0a301e48696849f1936d2795021f8e00d8981816c077b128f0b3f29a039dceeb4e5cdafa3f22c97646994c23be8c996d7fc02dfe607cf1e2ca810ba55942c033eca4485cd61e02ccdab00abfc148e6388d4a03f68082e6482a363e7d106322cd30e75a4c5806d378eddda8e71d227d59a11cbec10c0f4772b16e52d3eeea86af3ddfe94cae4f8f548f595c875365b171686ce8bf19d381fdf309bcdc0d0c7fea74327f1a6ac2452eba887c121bbe48ad8941e1f5a9defca24ce7da7ed433e6c09936e35ae085cb38cd22b0118e3fcb11309917454c517a7b98b395b98b6d7449fd143e77c8308ad6a696d98042b4f8a01c05d2a7d7adbb9f905f014b82c3066be1717a1717518f31c8f08a891943a027a2b0cb18898ed962fd2263387b913b340ca23f944b23d77e3d5d39ce834e5579685d9e36666b7fdcff966a4ea9d51b3eaad5b84c97ba9862e81957e5aaafbb90f7c75ef8709dfd4a93d4ebc730fc214cc662b7dc2e8608cec105fa27bd1f89eae7cf6f663c985f81008723ae25b60820877e63eab3e3a5c1fce463b1dc2ddc7c05baec91a7cb6356088ac4252de84efa76031afa376cb39d73bb3a29475ff3ff94f6a1756fa9982f271d7861eccb3502fee782bcc754afc4b445476b39d43be8adf3d606bbe2bac495f4771606a8ca8435a10fd19fe4c640fe1d3ed2a914d50838d5e539a0970105ba7638f24c1289f0c39dc5435c8ef446cc4ea00a25d9aab0d790ccd47375a3e77f0b60d64ee9ddcbc82a1087a16eb6cf90810b52cf32f5dbcee0c89abf39e881e6049d6b1374d55198a4f7e678d0a09762995432fa708a4c271c288c53876fde0062ff33327059c5d1160fc860ba9f90b7bb69ede6cefcf9d4de897843efbf0982c39ffdc57bfac847b2c9ae89060e962a4cbae22acf2387e0b57cc457a5d66052f899ccf49c51b9104e17b2afaa884e16133a956e0410cc447a09ab8d1db4edd3b2285a8c6a2d24e6ef43098c331285fcd00485846a24d61fadb89ebc0ec7612307293645c08379b8873084563b473a1de28bca7bb82a32f11e6029b511d2b94aaaf94bef190f594aa7e0500bf5c5cb8e368844b084b01332a5837f224931313e96cd843e0c9a43f7baebad5a4eae711a3f1cef1609fb1e54df7f6ce91bea4f73364a96c0437ce2f00d6890cb4a108f28bf94d0101c14e1677b4ccf84346030f673d4e705f0ec7bbd91333fede2b928ce9aec0876e2a80c769c2e99574a2d9cb31af3e57f11f2f9ac0472d4ac1b5dfc66bc92234c2ae55325e5f93019f8e30e3c948b64b745fdde5da8f2048ee008be79aaee346cb03d59807f468850acf51c12f1ea7b819f40d73efc56382185ec85e3cde9d56a165504f446558f91dbc4230d207e3a4b9c8aac5483887c8261d0b44596b8f554123c99249528e84fb9914fb4d217a9a2baa290461c18978678bf566484c430abd318944fec2d5ff99414fce90698751fe597aefac5525ac3c21df58675f2075879e54837ddc197901503347581451397d09e20cf54b11f41af6cd86cb218e3ab955bb5c8d5371937dc4fdb0551b1d0e29a0cd87f2cce995e787b3c8f967e0ab0a0b1c41c8a75a6a581ca38243f713af244ae60369723cff80e09ce2dce6db31874fdc1ea649f320e94ad33f0f417b598217c7e081dcc6200ba90459780d775d5418214ea7625458beece192168de20b4b6760e6f8047b742e03dacd78cefc13a7e8925b5b874aa17e09f6f5983cbaf5154eeacc7cdf4de959071fe6fc802a8f97f146b51c157e01258c223bcef53bd91b5db5cd74c57c892d7f7b762ff6775bdc386f71a4fb795b54b5683189cef50aac907ff8392f5a9831c2a11cced8c2cef34cbb74cb3641e698b2340fcbfac47c7ebe3addf785217d2d75f2126f15bc0dbb2139f4f2f8e76212458b773660e080cbaee966da935431efda7ce019da6626592ad3f8e02abe0e28fa9b9d34d1abc075ae4a97ef827dfe553f2e467412e8744ed52f34fa6040cebd25d8cf468552df69567fddf52f56a7c1f13d5f385c437d1bd02d3e944dd40a670eb86c97c77ed76c1cd4fb61db6033845079cb40d7155035cb2fcaa9e19af01608cf0c7cb626ee33d78352a289d10c575dcf62bfba707da36b80482b0fe0ed7789eae92fb2cc9fee74d720453c5d6d02b174bde9b23c07dcf1f5bdc2dd4a86587f41ab94d7af9150eaab5e36077e92b91d14a40f27249670fddfc45d9228785573f27324b17d7b969d1103ad52fe6703a4f78d7b5b5006a04751832f850a1d1742704034eab0e8b8e5259ab67b704fed08acd3c3796a9db254f3e828b093ee723ea80c4aa02b6480d41a7f4e06d6fa2f085302fd5447335fc932c77309fc7f4f8986865bc64b667d31e125800b555bc48baca4f1d4c00c3425b20d3166c2d46bbfa2937a566b6d1de958200b7ee2bc921ad7b2d3787388e2885d9ca3bc45b95027d3bcc25386399a1bce993ce5e11ad0b3eaabf258e8ae3e0ff6299c95a9ba562a9ddea43b14f2956b4b0124f230ec967ce363f6a71021b710c27e839a951c59e3448a4accbd876e3dd7eec13e51798a334cb97a90ea577ae34507e580a8fc9bb012ace0ca1c3ae45ac95ba4ab7b827f755aeff34e40146ddd532e192b5424f426dfc683b6346c635515c549ac0e379d93b8a037ac458c202756c9952fd6c504563935a1b983172e324d2d178348c5b0145a76e50c6e1fb13b49e6b590ec6ead63171efdc1d1c5f199a7294d958729f4429cf69c17d30787b726d41d686e67a04f02e204d1558bba1e8b8da08597b2aee79fbb6de17dc598f1e2394ac98d0bb72db70b847f39e8372c204d1f21bb9bf97e6e47ceaac7d50fca50c9f97db49f40a982303145385105bdedeb59f33c6bac938ad63be8b830c3c2aadf4ff9fc97fb4fe87b2a747e7c3d8c0c245ae4cd196cd2af84625f1cf2539e0780d05b2e68815a3fc970a17f1d2ffd35e890b78cff5a6a13d2675147c0a565a3f56b8598f30c695e89a1c0ed2f8844fd986b779956d668e3c978bfbd115d5913d7a3933367b7de3f4c77e63d9676cc868cd113c190e218fa495dc64ff3140df6aabf40fb9e39a2877e28628805bcc33ff639b4f8f013a5f192794dc7710c431dd6ae57b29f6c6582d0e04c008cecac51dc4f8eb75c704c23c65c6e6f07e0ad06b43d33730af057f4e95b9946fd99b371303f21c3bd130a2fb45fccb298b269f494571ba00a248005ca0e1a114507f1efd0d54ed8782aed4d7405f2516d76b8ca1e511cc7a72a4e26052da656d61a1ce3b55e31b58eb2d202bcf39dfd60059b28b0e0a09d1d41408f71d8e899b70e22374466b176ff1b6b0532225850bd2d2527d27d3a71e32af849b80d7c44dc2cf066c8e79b712f70f0cd5431b1e1a5404bc380320093f23a1af32e9535462c4e3548d416f40dbd9a0497b9dd623db779bcd36b0d7a105c40f5c5db137900344ede699b563bc27a1393927bcd6877f5e210f158228dd8ec16f26b7449adba2bc722096782bc8f4f322405b97c26d920b44276e70b2653bbb2aa82c57fe0869d392ddb1e3786f8231e4bced9f6cab8f738e29927c02c9071202a282d763191a43259934229df45944dc076a1e1e12198fc2dc50c3844b679c82dcf51455b7d0b8b02466aa3e9ce768fca0994e6aa6ceec8fc562e7eeb3d6cbb6ade863c2c86358c25e948d19c3b969baf875e1ca0bea9815eec31c21b51b6a89e9c37775baa567b1b1080c6baa61e77b5cf84a0c5ac079fd6d0b5c1e4336d7f596bf7c9af2e1e314c701d65ff1a00c5e99f558eb2289acb55b51830455d8f17dacd085b5d806cb5afa463239a7a6ac754c72c2c5b3aa699f1d3d420ee2fcfe4721d333bbb980039e0a95cd0bbe4af55f9bce43307bf1785daf9acfbb624462e71717ca0b9bd4fec3acf47facdb636d4adf3df8bcfd49aab30d89a5e332532c6a6caf63c7ed075ba77d9d3dcb81ca31612bda17a3ea29ee85030419adc7eb1f9cf9057ede26e0e454e0a159aefa126c6ecf32cc0b4625eb992b6849e17f4bfcd84b4652e2ca805a2392c954f42a85177eb1f3e52eec5399f81b9406371a75f17a17995782de6c59b702ec1809a937ba3f512a229c8c8210e4539629d8d62d16c9ebafc2bf69cc624838c2fe77772e53f81155e95c70f33ba5afc50bd021d5b40545b773e276936bd039a1ccaa64478fa1d0df060ab1aae92dc82229e947ea462100cd5a97037669700babb6f921e9fbfb1c74ee51c60d84bfc61dc5d63ae1fc94827511a7a340d4ccdaf10a10873bf4bc62b4edfde71360cc0a6ddc10a2af62c998807598c03227914cc2ed621ae39c55822975fb373b286acd0fc61b4a533958286064f356a6ac0f1b8b3fe292cb0d6ff890d7dc6022251bb35163beeab54d149b1730c46529c8c94b0ee0b973a120b9b5eaa30e624e1e83b61edc2dfb4c97b9f18956fe493f89332c3e31fa906f41f8d425b779ac6e2f3607d670636145ca9734658fda7d4"}, @generic="6c03f29b7633a1a798e564c27ab10b1b25e42e4f1e07518a1bfc9c59a3a2ceecf899b90bc8b37718fdd1ea95a9345c371b5dec179754844b0a0195c9a35d48dd44b3f65a3195ad9b5677d73c", @nested={0x4, 0xe5}]}, @typed={0x8, 0x3b, 0x0, 0x0, @fd=r0}, @generic="ff6302e6df55ff978b9919ce87ab5f4b26e6b023c9", @nested={0x8, 0x3a, 0x0, 0x1, [@nested={0x4, 0xb7}]}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}]}, 0x1224}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000090) 1.144004331s ago: executing program 4 (id=2215): r0 = memfd_secret$auto(0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) sysinfo$auto(0x0) getsockopt$auto(0xffffffffffffffff, 0x10d, 0x2, 0x0, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24004044}, 0x10000000) io_uring_register$auto(0x2, 0x22, &(0x7f0000000100), 0x1) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES8=r1, @ANYBLOB="07006b276dc6e34605a850188725f401ff8dd86de6cddfdee75c0ed2eba488ba06d44657c8de1bb296ba72fd1e97447edf3daa0dde89d8ddc51586df4638a9244ecc51cf0741e60c85c4e581227307ec5c89b277b40437e7b685f0da03778d390b80b60fe23b240a7dc08e39f91434de0f035225c1847cab9c0ee7d599614afb81ebad7010865968b9b59abc0e4670cc22859c1c8ea1d06bb0af6e21928ad243b2d7cd0914323053c38d2096f3a1987ecd469cd1af87c461bc0a69d5ed051e8afa4e300321430573fed286790478d627d6e319f032e3e9f9d2332ff2b60bf831807e03a3851a348a1566dded80bbed2d49d57d1120d8d8b6319a5bd75a75f5173a63f0d34d08100e8446186e3d1d54d5665dfb55b8b256f25371371441b6385e453f41f225", @ANYRES64=r0, @ANYRES16=0x0], 0x1ac}, 0x1, 0x0, 0x0, 0x24008850}, 0x40070) read$auto(r1, 0x0, 0x3) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20048805) 1.123452946s ago: executing program 3 (id=2216): r0 = openat$auto_ht40allow_map_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy2/ht40allow_map\x00', 0x20100, 0x0) read$auto_ht40allow_map_ops_debugfs(r0, 0x0, 0x0) 1.07442372s ago: executing program 0 (id=2217): ioperm$auto(0xe4, 0x82f0, 0x942) mbind$auto(0x1, 0x8, 0x0, 0x0, 0x6, 0xffffffff) r0 = openat$auto_ht40allow_map_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy2/ht40allow_map\x00', 0x20100, 0x0) close_range$auto(r0, r0, 0x8) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/stat\x00', 0x0, 0x0) socket(0xa, 0x3, 0x6) ioperm$auto(0x7, 0x7, 0x4) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x3}, 0x5) utimensat$auto(0x2, &(0x7f0000000100)='\x00', 0x0, 0x1000) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001100)=""/4106, 0x100a) read$auto_ht40allow_map_ops_debugfs(r0, 0x0, 0x0) 967.567555ms ago: executing program 3 (id=2218): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x80, 0x0) sync_file_range$auto(r0, 0x0, 0x8000000000000000, 0x2) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000b80), 0x23c00, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_GSTATUS(r2, 0xc0505405, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/010/001\x00', 0x14000, 0x0) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/6-0:1.0/usb6-port1/quirks\x00', 0x40, 0x0) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) io_uring_setup$auto(0x6, 0x0) r3 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) setresuid$auto(0x60, 0x1000, 0x607) ioctl$auto(r4, 0x5393, r3) write$auto(r1, &(0x7f0000000040)='/dev/bus/usb/010/001\x00', 0xe46) 833.52695ms ago: executing program 1 (id=2219): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/blkio.reset_stats\x00', 0xa001, 0x0) mknod$auto(&(0x7f0000000000)='./file1\x00', 0x5, 0x4) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0x90, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3866691c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816203df562367fe6596824588a2e3d84ba165f", 0x8}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, 0x0) r2 = io_uring_setup$auto(0x6c51, 0x0) mmap$auto(0x0, 0x10000, 0x5, 0x8000000008011, r2, 0x8008000) ioctl$auto_XFS_IOC_GETBMAPA(r2, 0xc020582c, &(0x7f00000000c0)={0x7, 0x100000000000000, 0x1, 0x2, 0x5}) write$auto(r0, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) 791.892565ms ago: executing program 0 (id=2220): r0 = io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc}, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x40000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_PUBL_GET(r2, &(0x7f0000003940)={0x0, 0x0, &(0x7f0000003900)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x40800}, 0x840) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000480)='/dev/video18\x00', 0x802, 0x0) write$auto_v4l2_fops_v4l2_dev(r4, &(0x7f00000000c0)="318de800aca3f21e", 0x8) close_range$auto(0x2, r4, 0x0) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, 0x0, 0x8044) pread64$auto(r1, 0x0, 0x8, 0xffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2b, 0x1, 0x1) mmap$auto(0xffffffffffffffff, 0x3, 0x407ffffffffffff, 0x1000000ebe, r4, 0x8) setreuid$auto(0x4, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000100)=ANY=[@ANYBLOB="38fd110e960000d89cc2c1951e5900", @ANYRES16=r6, @ANYBLOB="0100253d7000fddbdf2501000000180007800c000180080001800000000008002300", @ANYRES32=0x0, @ANYBLOB="0c0002000600000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 636.702325ms ago: executing program 1 (id=2221): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = memfd_create$auto(0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) finit_module$auto(r0, 0xfffffffffffffffe, 0x2bc) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)={0x24, r2, 0x14264b2b184ca509, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4) 548.037286ms ago: executing program 3 (id=2222): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) 482.691816ms ago: executing program 0 (id=2223): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtdblock0\x00', 0x60742, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$auto_PPPIOCSACTIVE(r1, 0x40107446, &(0x7f00000000c0)={0x8, &(0x7f0000000080)={0x7, 0x7, 0x0, @inferred=r0}}) ioctl$auto(0xffffffffffffffff, 0x80046f45, 0xffffffffffffffff) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x102, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth1_to_batadv/accept_ra_rt_info_min_plen\x00', 0x40100, 0x0) ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, &(0x7f0000000240)={0x50a87871, 0x0, r0}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0xc6, 0x3, 0x3, &(0x7f0000000000)=0x8001) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/binder/parameters/stop_on_user_error\x00', 0x2, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)='8', 0x1) r4 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x11, 0x80003, 0x300) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(r5, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r4, &(0x7f0000000400)={{&(0x7f0000000000), 0x987a, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x4, 0x1000}, 0x3}, 0x2, 0x100) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r6, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x5}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x4) 242.422719ms ago: executing program 4 (id=2224): mmap$auto(0x0, 0x9, 0x1fe, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000040)="78298dc755c478bafeef555d67e22f5163c78924ea131f5039ee7a072b37", 0x1) socket(0x2b, 0x1, 0x1) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x2000, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) prctl$auto(0x35, 0x1, 0x8, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x5, 0x9]}, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/48, 0x30) close_range$auto(0x2, 0x8, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000004c0)="a26c1e99180fe5a29f13b2dd1370c36b418f7ddc1dfc5449a704c2beb748ec2c262d23b31c1279f70e94c517709568b538ba03947d700d52d194f37a09efdc81c0aa24fe80878f7c4b102b27be58db6a7c138f21499069b8c67c3205b8a7c26ad07201ce929767b785aafa8c59dca74d7c88146c96cdbebebc0900c44b23c5eefc031dc2e9b0dc8d99996e2a66e58cdc9012bbc34f49") r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80002, 0x0) sendfile$auto(r1, r1, 0x0, 0x400000000003) prctl$auto(0x40, 0x5d, 0x0, 0xfba3, 0x7) 168.841034ms ago: executing program 3 (id=2225): mmap$auto(0x0, 0x8, 0xdf, 0x1d, 0x7, 0x28000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) clock_getres$auto(0x6, 0x0) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x102880, 0x1fd) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x54) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) setsockopt$auto_SO_WIFI_STATUS(r0, 0x0, 0x29, &(0x7f0000000080)='\xef', 0x8000) r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0xc, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x403c6f2b, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/029/001\x00', 0x80002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) 140.290255ms ago: executing program 0 (id=2226): r0 = socket$nl_generic(0x10, 0x3, 0x10) msgget$auto(0x0, 0xffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b4b, 0x8000000000000000, 0x0, 0x0, 0x1b0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0xae841, 0x1fb) socket(0x840000000002, 0x3, 0xff) connect$auto(0x3, &(0x7f0000000000), 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) socket(0x28, 0x80000, 0x0) write$auto(0x3, 0x0, 0x100082) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, 0x0) 0s ago: executing program 1 (id=2227): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) listen$auto(0x3, 0xfffffffa) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty30\x00', 0x62c00, 0x0) r0 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xdff1, 0xfffffffffffffffd, 0xd4, 0xffffffffffffffc0, 0x6, 0x0, 0x80009, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x8, 0x5, 0x29a, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = fcntl$getown(r0, 0x9) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x7ff) ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r2, 0x4, 0x8) setpgid$auto(r1, r2) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) memfd_secret$auto(0x0) ftruncate$auto(0x3, 0x700) get_mempolicy$auto(0xfffffffffffffffe, 0x0, 0x3, 0x1ff, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x3d00, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) kernel console output (not intermixed with test programs): r parsing attributes in process `syz.3.1168'. [ 412.877716][T26674] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1180'. [ 413.470279][T26992] FAULT_INJECTION: forcing a failure. [ 413.470279][T26992] name failslab, interval 1, probability 0, space 0, times 0 [ 413.494723][T26992] CPU: 0 UID: 0 PID: 26992 Comm: syz.3.1176 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 413.494777][T26992] Tainted: [U]=USER [ 413.494787][T26992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 413.494805][T26992] Call Trace: [ 413.494814][T26992] [ 413.494826][T26992] dump_stack_lvl+0x16c/0x1f0 [ 413.494876][T26992] should_fail_ex+0x512/0x640 [ 413.494911][T26992] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 413.494959][T26992] should_failslab+0xc2/0x120 [ 413.494988][T26992] __kmalloc_cache_noprof+0x6a/0x3e0 [ 413.495033][T26992] ? bdev_disk_changed+0x472/0x1520 [ 413.495082][T26992] bdev_disk_changed+0x472/0x1520 [ 413.495141][T26992] ? __pfx_bdev_disk_changed+0x10/0x10 [ 413.495195][T26992] ? __pfx_ilookup+0x10/0x10 [ 413.495227][T26992] ? find_held_lock+0x2b/0x80 [ 413.495271][T26992] blkdev_get_whole+0x187/0x290 [ 413.495306][T26992] bdev_open+0x2c7/0xe40 [ 413.495347][T26992] blkdev_open+0x27b/0x3f0 [ 413.495389][T26992] do_dentry_open+0x741/0x1c10 [ 413.495434][T26992] ? __pfx_blkdev_open+0x10/0x10 [ 413.495481][T26992] vfs_open+0x82/0x3f0 [ 413.495519][T26992] path_openat+0x1e5e/0x2d40 [ 413.495582][T26992] ? __pfx_path_openat+0x10/0x10 [ 413.495640][T26992] do_filp_open+0x20b/0x470 [ 413.495688][T26992] ? __pfx_do_filp_open+0x10/0x10 [ 413.495766][T26992] ? alloc_fd+0x471/0x7d0 [ 413.495823][T26992] do_sys_openat2+0x11b/0x1d0 [ 413.495856][T26992] ? __pfx_do_sys_openat2+0x10/0x10 [ 413.495895][T26992] ? __fget_files+0x20e/0x3c0 [ 413.495948][T26992] __x64_sys_openat+0x174/0x210 [ 413.495983][T26992] ? __pfx___x64_sys_openat+0x10/0x10 [ 413.496016][T26992] ? ksys_write+0x1b9/0x240 [ 413.496059][T26992] ? rcu_is_watching+0x12/0xc0 [ 413.496110][T26992] do_syscall_64+0xcd/0x260 [ 413.496167][T26992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.496200][T26992] RIP: 0033:0x7f3ded18d169 [ 413.496224][T26992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.496254][T26992] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 413.496283][T26992] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 413.496304][T26992] RDX: 00000000000c0c00 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 413.496323][T26992] RBP: 00007f3dee045090 R08: 0000000000000000 R09: 0000000000000000 [ 413.496341][T26992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 413.496359][T26992] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 413.496399][T26992] [ 413.756351][ C0] vkms_vblank_simulate: vblank timer overrun [ 414.908619][T27412] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1184'. [ 415.006421][T27412] FAULT_INJECTION: forcing a failure. [ 415.006421][T27412] name failslab, interval 1, probability 0, space 0, times 0 [ 415.024765][T27412] CPU: 0 UID: 0 PID: 27412 Comm: syz.1.1184 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 415.024817][T27412] Tainted: [U]=USER [ 415.024827][T27412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 415.024846][T27412] Call Trace: [ 415.024856][T27412] [ 415.024867][T27412] dump_stack_lvl+0x16c/0x1f0 [ 415.024919][T27412] should_fail_ex+0x512/0x640 [ 415.024957][T27412] ? fs_reclaim_acquire+0xae/0x150 [ 415.024999][T27412] should_failslab+0xc2/0x120 [ 415.025029][T27412] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 415.025079][T27412] ? security_inode_alloc+0x3b/0x2b0 [ 415.025119][T27412] security_inode_alloc+0x3b/0x2b0 [ 415.025155][T27412] inode_init_always_gfp+0xce4/0x1030 [ 415.025208][T27412] alloc_inode+0x86/0x240 [ 415.025244][T27412] new_inode+0x22/0x1c0 [ 415.025286][T27412] proc_pid_make_inode+0x22/0x160 [ 415.025337][T27412] proc_pident_instantiate+0x85/0x320 [ 415.025393][T27412] proc_pident_lookup+0x21d/0x290 [ 415.025453][T27412] __lookup_slow+0x24e/0x460 [ 415.025491][T27412] ? __pfx___lookup_slow+0x10/0x10 [ 415.025553][T27412] ? lookup_fast+0x156/0x610 [ 415.025598][T27412] walk_component+0x353/0x5b0 [ 415.025642][T27412] link_path_walk.part.0.constprop.0+0x682/0xd60 [ 415.025729][T27412] path_openat+0x227/0x2d40 [ 415.025785][T27412] ? __x64_sys_openat+0x174/0x210 [ 415.025836][T27412] ? __pfx_path_openat+0x10/0x10 [ 415.025913][T27412] do_filp_open+0x20b/0x470 [ 415.025963][T27412] ? __pfx_do_filp_open+0x10/0x10 [ 415.026057][T27412] ? __pfx_kfree_link+0x10/0x10 [ 415.026107][T27412] ? alloc_fd+0x471/0x7d0 [ 415.026165][T27412] do_sys_openat2+0x11b/0x1d0 [ 415.026199][T27412] ? __pfx_do_sys_openat2+0x10/0x10 [ 415.026251][T27412] __x64_sys_openat+0x174/0x210 [ 415.026286][T27412] ? __pfx___x64_sys_openat+0x10/0x10 [ 415.026324][T27412] ? rcu_is_watching+0x12/0xc0 [ 415.026375][T27412] do_syscall_64+0xcd/0x260 [ 415.026426][T27412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 415.026459][T27412] RIP: 0033:0x7f10d338d169 [ 415.026483][T27412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 415.026524][T27412] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 415.026553][T27412] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 415.026573][T27412] RDX: 0000000000000641 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 415.026592][T27412] RBP: 00007f10d340e990 R08: 0000000000000000 R09: 0000000000000000 [ 415.026609][T27412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 415.026644][T27412] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 415.026694][T27412] [ 415.032579][T27415] blk_print_req_error: 24 callbacks suppressed [ 415.032602][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.379644][T27415] buffer_io_error: 23 callbacks suppressed [ 415.379677][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.423575][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.472277][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.480962][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.506590][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.553148][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.612393][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.626831][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.652965][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.681716][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.701275][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.718194][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.728301][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.739066][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.750532][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.759687][T27415] ldm_validate_partition_table(): Disk read failed. [ 415.770762][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.781610][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.793729][T27415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 415.824927][T27415] Buffer I/O error on dev nbd0, logical block 0, async page read [ 415.847534][T27415] Dev nbd0: unable to read RDB block 0 [ 415.860273][T27415] nbd0: unable to read partition table [ 416.236176][T27903] FAULT_INJECTION: forcing a failure. [ 416.236176][T27903] name failslab, interval 1, probability 0, space 0, times 0 [ 416.271768][T27903] CPU: 1 UID: 0 PID: 27903 Comm: syz.1.1193 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 416.271820][T27903] Tainted: [U]=USER [ 416.271829][T27903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 416.271845][T27903] Call Trace: [ 416.271854][T27903] [ 416.271865][T27903] dump_stack_lvl+0x16c/0x1f0 [ 416.271911][T27903] should_fail_ex+0x512/0x640 [ 416.271943][T27903] ? fs_reclaim_acquire+0xae/0x150 [ 416.271981][T27903] ? tomoyo_encode2+0x100/0x3e0 [ 416.272017][T27903] should_failslab+0xc2/0x120 [ 416.272045][T27903] __kmalloc_noprof+0xd2/0x510 [ 416.272087][T27903] ? d_absolute_path+0x136/0x1a0 [ 416.272125][T27903] tomoyo_encode2+0x100/0x3e0 [ 416.272170][T27903] tomoyo_encode+0x29/0x50 [ 416.272206][T27903] tomoyo_realpath_from_path+0x18f/0x6e0 [ 416.272259][T27903] tomoyo_check_open_permission+0x2ab/0x3c0 [ 416.272295][T27903] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 416.272369][T27903] ? do_raw_spin_lock+0x12c/0x2b0 [ 416.272414][T27903] tomoyo_file_open+0x6b/0x90 [ 416.272460][T27903] security_file_open+0x84/0x1e0 [ 416.272500][T27903] do_dentry_open+0x596/0x1c10 [ 416.272553][T27903] vfs_open+0x82/0x3f0 [ 416.272587][T27903] path_openat+0x1e5e/0x2d40 [ 416.272649][T27903] ? __pfx_path_openat+0x10/0x10 [ 416.272701][T27903] do_filp_open+0x20b/0x470 [ 416.272745][T27903] ? __pfx_do_filp_open+0x10/0x10 [ 416.272814][T27903] ? alloc_fd+0x471/0x7d0 [ 416.272863][T27903] do_sys_openat2+0x11b/0x1d0 [ 416.272893][T27903] ? __pfx_do_sys_openat2+0x10/0x10 [ 416.272927][T27903] ? __fget_files+0x20e/0x3c0 [ 416.272973][T27903] __x64_sys_openat+0x174/0x210 [ 416.273003][T27903] ? __pfx___x64_sys_openat+0x10/0x10 [ 416.273032][T27903] ? ksys_write+0x1b9/0x240 [ 416.273085][T27903] do_syscall_64+0xcd/0x260 [ 416.273130][T27903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.273160][T27903] RIP: 0033:0x7f10d338d169 [ 416.273182][T27903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 416.273209][T27903] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 416.273237][T27903] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 416.273255][T27903] RDX: 00000000000c0c00 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 416.273272][T27903] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 416.273306][T27903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 416.273324][T27903] R13: 0000000000000001 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 416.273363][T27903] [ 416.421653][T27914] netlink: 'syz.2.1194': attribute type 2 has an invalid length. [ 416.455822][T27903] ERROR: Out of memory at tomoyo_realpath_from_path. [ 416.561944][T27903] ldm_validate_partition_table(): Disk read failed. [ 416.572504][T27903] Dev nbd0: unable to read RDB block 0 [ 416.581263][T27903] nbd0: unable to read partition table [ 418.755968][T28883] FAULT_INJECTION: forcing a failure. [ 418.755968][T28883] name failslab, interval 1, probability 0, space 0, times 0 [ 418.770793][T28883] CPU: 0 UID: 0 PID: 28883 Comm: syz.1.1210 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 418.770841][T28883] Tainted: [U]=USER [ 418.770851][T28883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 418.770868][T28883] Call Trace: [ 418.770878][T28883] [ 418.770889][T28883] dump_stack_lvl+0x16c/0x1f0 [ 418.770937][T28883] should_fail_ex+0x512/0x640 [ 418.770970][T28883] ? fs_reclaim_acquire+0xae/0x150 [ 418.771008][T28883] ? tomoyo_encode2+0x100/0x3e0 [ 418.771046][T28883] should_failslab+0xc2/0x120 [ 418.771074][T28883] __kmalloc_noprof+0xd2/0x510 [ 418.771119][T28883] ? d_absolute_path+0x136/0x1a0 [ 418.771179][T28883] tomoyo_encode2+0x100/0x3e0 [ 418.771228][T28883] tomoyo_encode+0x29/0x50 [ 418.771270][T28883] tomoyo_realpath_from_path+0x18f/0x6e0 [ 418.771327][T28883] tomoyo_path_number_perm+0x245/0x580 [ 418.771364][T28883] ? tomoyo_path_number_perm+0x237/0x580 [ 418.771405][T28883] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 418.771445][T28883] ? find_held_lock+0x2b/0x80 [ 418.771523][T28883] ? find_held_lock+0x2b/0x80 [ 418.771571][T28883] ? hook_file_ioctl_common+0x145/0x410 [ 418.771614][T28883] ? __fget_files+0x20e/0x3c0 [ 418.771667][T28883] security_file_ioctl+0x9b/0x240 [ 418.771709][T28883] __x64_sys_ioctl+0xb7/0x200 [ 418.771750][T28883] do_syscall_64+0xcd/0x260 [ 418.771800][T28883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.771833][T28883] RIP: 0033:0x7f10d338d169 [ 418.771857][T28883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.771889][T28883] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 418.771918][T28883] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 418.771938][T28883] RDX: 0000000000000000 RSI: 0000000040104d14 RDI: 0000000000000003 [ 418.771957][T28883] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 418.771975][T28883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 418.771993][T28883] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 418.772033][T28883] [ 418.772058][T28883] ERROR: Out of memory at tomoyo_realpath_from_path. [ 419.259609][T29159] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1213'. [ 419.409879][T29159] FAULT_INJECTION: forcing a failure. [ 419.409879][T29159] name failslab, interval 1, probability 0, space 0, times 0 [ 419.494913][T29159] CPU: 0 UID: 0 PID: 29159 Comm: syz.0.1213 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 419.494970][T29159] Tainted: [U]=USER [ 419.494981][T29159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 419.494999][T29159] Call Trace: [ 419.495009][T29159] [ 419.495021][T29159] dump_stack_lvl+0x16c/0x1f0 [ 419.495074][T29159] should_fail_ex+0x512/0x640 [ 419.495108][T29159] ? fs_reclaim_acquire+0xae/0x150 [ 419.495151][T29159] should_failslab+0xc2/0x120 [ 419.495182][T29159] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 419.495232][T29159] ? security_inode_alloc+0x3b/0x2b0 [ 419.495271][T29159] security_inode_alloc+0x3b/0x2b0 [ 419.495308][T29159] inode_init_always_gfp+0xce4/0x1030 [ 419.495361][T29159] alloc_inode+0x86/0x240 [ 419.495415][T29159] new_inode+0x22/0x1c0 [ 419.495464][T29159] proc_pid_make_inode+0x22/0x160 [ 419.495521][T29159] proc_pident_instantiate+0x85/0x320 [ 419.495579][T29159] proc_pident_lookup+0x21d/0x290 [ 419.495642][T29159] __lookup_slow+0x24e/0x460 [ 419.495682][T29159] ? __pfx___lookup_slow+0x10/0x10 [ 419.495746][T29159] ? lookup_fast+0x156/0x610 [ 419.495793][T29159] walk_component+0x353/0x5b0 [ 419.495840][T29159] link_path_walk.part.0.constprop.0+0x682/0xd60 [ 419.495903][T29159] path_openat+0x227/0x2d40 [ 419.495947][T29159] ? __x64_sys_openat+0x174/0x210 [ 419.495995][T29159] ? __pfx_path_openat+0x10/0x10 [ 419.496055][T29159] do_filp_open+0x20b/0x470 [ 419.496103][T29159] ? __pfx_do_filp_open+0x10/0x10 [ 419.496166][T29159] ? __pfx_kfree_link+0x10/0x10 [ 419.496218][T29159] ? alloc_fd+0x471/0x7d0 [ 419.496276][T29159] do_sys_openat2+0x11b/0x1d0 [ 419.496311][T29159] ? __pfx_do_sys_openat2+0x10/0x10 [ 419.496363][T29159] __x64_sys_openat+0x174/0x210 [ 419.496400][T29159] ? __pfx___x64_sys_openat+0x10/0x10 [ 419.496438][T29159] ? rcu_is_watching+0x12/0xc0 [ 419.496499][T29159] do_syscall_64+0xcd/0x260 [ 419.496551][T29159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.496596][T29159] RIP: 0033:0x7fb9a7d8d169 [ 419.496621][T29159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 419.496673][T29159] RSP: 002b:00007fb9a8c5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 419.496704][T29159] RAX: ffffffffffffffda RBX: 00007fb9a7fa5fa0 RCX: 00007fb9a7d8d169 [ 419.496725][T29159] RDX: 0000000000000641 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 419.496745][T29159] RBP: 00007fb9a7e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 419.496764][T29159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 419.496782][T29159] R13: 0000000000000000 R14: 00007fb9a7fa5fa0 R15: 00007fff518da798 [ 419.496824][T29159] [ 421.433037][T29920] FAULT_INJECTION: forcing a failure. [ 421.433037][T29920] name failslab, interval 1, probability 0, space 0, times 0 [ 421.450557][T29920] CPU: 1 UID: 0 PID: 29920 Comm: syz.0.1226 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 421.450611][T29920] Tainted: [U]=USER [ 421.450622][T29920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 421.450640][T29920] Call Trace: [ 421.450650][T29920] [ 421.450662][T29920] dump_stack_lvl+0x16c/0x1f0 [ 421.450713][T29920] should_fail_ex+0x512/0x640 [ 421.450748][T29920] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 421.450801][T29920] should_failslab+0xc2/0x120 [ 421.450831][T29920] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 421.450880][T29920] ? proc_alloc_inode+0x25/0x200 [ 421.450914][T29920] ? __pfx_proc_alloc_inode+0x10/0x10 [ 421.450940][T29920] proc_alloc_inode+0x25/0x200 [ 421.450968][T29920] alloc_inode+0x61/0x240 [ 421.451003][T29920] new_inode+0x22/0x1c0 [ 421.451043][T29920] proc_sys_make_inode+0x47/0x5c0 [ 421.451078][T29920] proc_sys_lookup+0x282/0x410 [ 421.451110][T29920] ? __pfx_proc_sys_lookup+0x10/0x10 [ 421.451144][T29920] ? do_raw_spin_unlock+0x172/0x230 [ 421.451181][T29920] ? _raw_spin_unlock+0x28/0x50 [ 421.451219][T29920] ? proc_sys_permission+0x149/0x1a0 [ 421.451257][T29920] ? inode_permission+0xdd/0x5f0 [ 421.451295][T29920] ? __pfx_proc_sys_lookup+0x10/0x10 [ 421.451326][T29920] lookup_open.isra.0+0x4d7/0x1580 [ 421.451376][T29920] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 421.451438][T29920] ? __pfx_down_write+0x10/0x10 [ 421.451484][T29920] ? mnt_get_write_access+0x20c/0x300 [ 421.451528][T29920] path_openat+0x905/0x2d40 [ 421.451589][T29920] ? __pfx_path_openat+0x10/0x10 [ 421.451646][T29920] do_filp_open+0x20b/0x470 [ 421.451692][T29920] ? __pfx_do_filp_open+0x10/0x10 [ 421.451769][T29920] ? alloc_fd+0x471/0x7d0 [ 421.451824][T29920] do_sys_openat2+0x11b/0x1d0 [ 421.451856][T29920] ? __pfx_do_sys_openat2+0x10/0x10 [ 421.451906][T29920] __x64_sys_openat+0x174/0x210 [ 421.451939][T29920] ? __pfx___x64_sys_openat+0x10/0x10 [ 421.451976][T29920] ? rcu_is_watching+0x12/0xc0 [ 421.452027][T29920] do_syscall_64+0xcd/0x260 [ 421.452075][T29920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.452106][T29920] RIP: 0033:0x7fb9a7d8d169 [ 421.452131][T29920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.452162][T29920] RSP: 002b:00007fb9a8c5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 421.452192][T29920] RAX: ffffffffffffffda RBX: 00007fb9a7fa5fa0 RCX: 00007fb9a7d8d169 [ 421.452212][T29920] RDX: 0000000000040141 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 421.452232][T29920] RBP: 00007fb9a7e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 421.452256][T29920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.452275][T29920] R13: 0000000000000000 R14: 00007fb9a7fa5fa0 R15: 00007fff518da798 [ 421.452317][T29920] [ 422.010744][T30130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 422.011644][T30130] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 423.404235][T30565] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1246'. [ 423.467551][T30563] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 423.486619][T30563] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 423.965675][T30780] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1253'. [ 423.974804][T30780] nbd: must specify a size in bytes for the device [ 425.285185][T31208] vivid-003: ================= START STATUS ================= [ 425.294541][T31208] vivid-003: Radio HW Seek Mode: Bounded [ 425.300444][T31208] vivid-003: Radio Programmable HW Seek: false [ 425.310418][T31208] vivid-003: RDS Rx I/O Mode: Block I/O [ 425.316502][T31208] vivid-003: Generate RBDS Instead of RDS: false [ 425.323520][T31208] vivid-003: RDS Reception: true [ 425.328545][T31208] vivid-003: RDS Program Type: 0 inactive [ 425.336119][T31208] vivid-003: RDS PS Name: inactive [ 425.341415][T31208] vivid-003: RDS Radio Text: inactive [ 425.348924][T31208] vivid-003: RDS Traffic Announcement: false inactive [ 425.356838][T31208] vivid-003: RDS Traffic Program: false inactive [ 425.368716][T31208] vivid-003: RDS Music: false inactive [ 425.375164][T31208] vivid-003: ================== END STATUS ================== [ 427.755845][T32062] FAULT_INJECTION: forcing a failure. [ 427.755845][T32062] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 427.796397][T32062] CPU: 0 UID: 0 PID: 32062 Comm: syz.1.1283 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 427.796453][T32062] Tainted: [U]=USER [ 427.796463][T32062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 427.796481][T32062] Call Trace: [ 427.796491][T32062] [ 427.796503][T32062] dump_stack_lvl+0x16c/0x1f0 [ 427.796554][T32062] should_fail_ex+0x512/0x640 [ 427.796604][T32062] _copy_to_user+0x32/0xd0 [ 427.796646][T32062] simple_read_from_buffer+0xcb/0x170 [ 427.796694][T32062] proc_fail_nth_read+0x197/0x270 [ 427.796741][T32062] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 427.796789][T32062] ? rw_verify_area+0xcf/0x680 [ 427.796826][T32062] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 427.796876][T32062] vfs_read+0x1de/0xc70 [ 427.796925][T32062] ? __pfx___mutex_lock+0x10/0x10 [ 427.796973][T32062] ? __pfx_vfs_read+0x10/0x10 [ 427.797028][T32062] ? __fget_files+0x20e/0x3c0 [ 427.797086][T32062] ksys_read+0x12a/0x240 [ 427.797129][T32062] ? __pfx_ksys_read+0x10/0x10 [ 427.797171][T32062] ? rcu_is_watching+0x12/0xc0 [ 427.797222][T32062] do_syscall_64+0xcd/0x260 [ 427.797273][T32062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.797306][T32062] RIP: 0033:0x7f10d338bb7c [ 427.797330][T32062] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 427.797361][T32062] RSP: 002b:00007f10d420b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 427.797390][T32062] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338bb7c [ 427.797411][T32062] RDX: 000000000000000f RSI: 00007f10d420b0a0 RDI: 0000000000000004 [ 427.797429][T32062] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 427.797448][T32062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 427.797465][T32062] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 427.797506][T32062] [ 429.436222][T32535] random: crng reseeded on system resumption [ 430.940326][ T427] kexec: Could not allocate control_code_buffer [ 431.415499][ T882] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1305'. [ 433.179354][ T1653] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1320'. [ 433.494874][ T30] audit: type=1800 audit(6039378302.204:14): pid=1677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1328" name="discovery_nqn" dev="configfs" ino=23287 res=0 errno=0 [ 434.771781][ T2113] FAULT_INJECTION: forcing a failure. [ 434.771781][ T2113] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 434.775942][ T2110] netlink: 'syz.2.1337': attribute type 1 has an invalid length. [ 434.785166][ T2113] CPU: 1 UID: 0 PID: 2113 Comm: syz.3.1338 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 434.785220][ T2113] Tainted: [U]=USER [ 434.785230][ T2113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 434.785251][ T2113] Call Trace: [ 434.785261][ T2113] [ 434.785274][ T2113] dump_stack_lvl+0x16c/0x1f0 [ 434.785327][ T2113] should_fail_ex+0x512/0x640 [ 434.785372][ T2113] _copy_from_user+0x2e/0xd0 [ 434.785415][ T2113] memdup_user+0x6b/0xe0 [ 434.785449][ T2113] strndup_user+0x78/0xe0 [ 434.785483][ T2113] __x64_sys_fsopen+0x9c/0x240 [ 434.785521][ T2113] do_syscall_64+0xcd/0x260 [ 434.785573][ T2113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.785606][ T2113] RIP: 0033:0x7f3ded18d169 [ 434.785632][ T2113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.785665][ T2113] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 434.785696][ T2113] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 434.785718][ T2113] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 434.785737][ T2113] RBP: 00007f3dee045090 R08: 0000000000000000 R09: 0000000000000000 [ 434.785757][ T2113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 434.785776][ T2113] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 434.785818][ T2113] [ 435.466694][ T2438] netlink: 'syz.0.1345': attribute type 1 has an invalid length. [ 435.508277][ T2442] usbip-vudc usbip-vudc.0: gadget not bound [ 436.922504][ T2960] ksmbd: Unknown IPC event: 14, ignore. [ 437.215823][ T3076] FAULT_INJECTION: forcing a failure. [ 437.215823][ T3076] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 437.229296][ T3076] CPU: 1 UID: 0 PID: 3076 Comm: syz.2.1360 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 437.229347][ T3076] Tainted: [U]=USER [ 437.229358][ T3076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 437.229377][ T3076] Call Trace: [ 437.229388][ T3076] [ 437.229400][ T3076] dump_stack_lvl+0x16c/0x1f0 [ 437.229452][ T3076] should_fail_ex+0x512/0x640 [ 437.229495][ T3076] _copy_from_iter+0x2a4/0x15b0 [ 437.229539][ T3076] ? __alloc_skb+0x200/0x380 [ 437.229579][ T3076] ? __pfx__copy_from_iter+0x10/0x10 [ 437.229630][ T3076] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 437.229690][ T3076] netlink_sendmsg+0x829/0xdd0 [ 437.229745][ T3076] ? __pfx_netlink_sendmsg+0x10/0x10 [ 437.229808][ T3076] __sys_sendto+0x495/0x510 [ 437.229858][ T3076] ? __pfx___sys_sendto+0x10/0x10 [ 437.229943][ T3076] ? fd_install+0x225/0x750 [ 437.230019][ T3076] ? __pfx___sys_socket+0x10/0x10 [ 437.230051][ T3076] ? rcu_is_watching+0x12/0xc0 [ 437.230094][ T3076] __x64_sys_sendto+0xe0/0x1c0 [ 437.230129][ T3076] ? do_syscall_64+0x91/0x260 [ 437.230173][ T3076] ? lockdep_hardirqs_on+0x7c/0x110 [ 437.230216][ T3076] do_syscall_64+0xcd/0x260 [ 437.230263][ T3076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.230300][ T3076] RIP: 0033:0x7f7ffb58effc [ 437.230324][ T3076] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 437.230355][ T3076] RSP: 002b:00007f7ffc43dec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 437.230384][ T3076] RAX: ffffffffffffffda RBX: 00007f7ffc43dfc0 RCX: 00007f7ffb58effc [ 437.230404][ T3076] RDX: 0000000000000020 RSI: 00007f7ffc43e010 RDI: 0000000000000009 [ 437.230423][ T3076] RBP: 0000000000000000 R08: 00007f7ffc43df14 R09: 000000000000000c [ 437.230441][ T3076] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009 [ 437.230459][ T3076] R13: 00007f7ffc43df68 R14: 00007f7ffc43e010 R15: 0000000000000000 [ 437.230498][ T3076] [ 437.430545][ C1] vkms_vblank_simulate: vblank timer overrun [ 437.493596][ T3076] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 437.504556][ T3076] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 437.871782][ T3275] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1363'. [ 438.180220][ T3399] usbip-vudc usbip-vudc.0: gadget not bound [ 440.094916][ T4240] usbip-vudc usbip-vudc.0: gadget not bound [ 443.421950][ T5617] FAULT_INJECTION: forcing a failure. [ 443.421950][ T5617] name failslab, interval 1, probability 0, space 0, times 0 [ 443.441497][ T5617] CPU: 0 UID: 0 PID: 5617 Comm: syz.3.1400 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 443.441550][ T5617] Tainted: [U]=USER [ 443.441560][ T5617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 443.441579][ T5617] Call Trace: [ 443.441589][ T5617] [ 443.441601][ T5617] dump_stack_lvl+0x16c/0x1f0 [ 443.441655][ T5617] should_fail_ex+0x512/0x640 [ 443.441690][ T5617] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 443.441744][ T5617] should_failslab+0xc2/0x120 [ 443.441774][ T5617] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 443.441821][ T5617] ? __proc_create+0xc3/0x8c0 [ 443.441853][ T5617] ? __proc_create+0x2ce/0x8c0 [ 443.441892][ T5617] __proc_create+0x2ce/0x8c0 [ 443.441927][ T5617] ? __pfx___proc_create+0x10/0x10 [ 443.441958][ T5617] ? proc_register+0x30f/0x5f0 [ 443.441997][ T5617] ? _raw_write_unlock+0x28/0x50 [ 443.442054][ T5617] proc_create_reg+0x7d/0x180 [ 443.442094][ T5617] proc_create_net_data+0x8e/0x1b0 [ 443.442132][ T5617] ? __pfx_proc_create_net_data+0x10/0x10 [ 443.442179][ T5617] ? __pfx_kcm_proc_init_net+0x10/0x10 [ 443.442227][ T5617] kcm_proc_init_net+0xa3/0x120 [ 443.442275][ T5617] ops_init+0x1df/0x5f0 [ 443.442322][ T5617] setup_net+0x21e/0x850 [ 443.442371][ T5617] ? __pfx_setup_net+0x10/0x10 [ 443.442411][ T5617] ? lockdep_init_map_type+0x5c/0x280 [ 443.442442][ T5617] ? __pfx_down_read_killable+0x10/0x10 [ 443.442476][ T5617] ? debug_mutex_init+0x37/0x70 [ 443.442521][ T5617] copy_net_ns+0x2a6/0x5f0 [ 443.442572][ T5617] create_new_namespaces+0x3ea/0xad0 [ 443.442631][ T5617] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 443.442678][ T5617] ksys_unshare+0x45b/0xa40 [ 443.442745][ T5617] ? __pfx_ksys_unshare+0x10/0x10 [ 443.442792][ T5617] ? xfd_validate_state+0x5d/0x180 [ 443.442831][ T5617] ? rcu_is_watching+0x12/0xc0 [ 443.442883][ T5617] __x64_sys_unshare+0x31/0x40 [ 443.442931][ T5617] do_syscall_64+0xcd/0x260 [ 443.442980][ T5617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 443.443022][ T5617] RIP: 0033:0x7f3ded18d169 [ 443.443048][ T5617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 443.443081][ T5617] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 443.443113][ T5617] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 443.443136][ T5617] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 443.443155][ T5617] RBP: 00007f3ded20e990 R08: 0000000000000000 R09: 0000000000000000 [ 443.443174][ T5617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 443.443193][ T5617] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 443.443235][ T5617] [ 444.309327][ T6089] Invalid ELF header magic: != ELF [ 444.926778][ T6303] ksmbd: Unknown IPC event: 14, ignore. [ 445.386267][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.395132][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.569636][ T6607] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1414'. [ 445.607170][ T6611] FAULT_INJECTION: forcing a failure. [ 445.607170][ T6611] name failslab, interval 1, probability 0, space 0, times 0 [ 445.662033][ T6611] CPU: 1 UID: 0 PID: 6611 Comm: syz.2.1416 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 445.662098][ T6611] Tainted: [U]=USER [ 445.662108][ T6611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 445.662126][ T6611] Call Trace: [ 445.662136][ T6611] [ 445.662147][ T6611] dump_stack_lvl+0x16c/0x1f0 [ 445.662196][ T6611] should_fail_ex+0x512/0x640 [ 445.662230][ T6611] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 445.662282][ T6611] should_failslab+0xc2/0x120 [ 445.662311][ T6611] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 445.662379][ T6611] ? __pmd_alloc+0xc3/0x870 [ 445.662422][ T6611] __pmd_alloc+0xc3/0x870 [ 445.662457][ T6611] ? find_held_lock+0x2b/0x80 [ 445.662501][ T6611] __handle_mm_fault+0x948/0x2a40 [ 445.662560][ T6611] ? __pfx___handle_mm_fault+0x10/0x10 [ 445.662632][ T6611] ? find_vma+0xbf/0x140 [ 445.662666][ T6611] ? __pfx_find_vma+0x10/0x10 [ 445.662697][ T6611] ? __pfx_number+0x10/0x10 [ 445.662740][ T6611] handle_mm_fault+0x3fe/0xad0 [ 445.662793][ T6611] do_user_addr_fault+0x7a6/0x1370 [ 445.662836][ T6611] ? rcu_is_watching+0x12/0xc0 [ 445.662880][ T6611] exc_page_fault+0x5c/0xc0 [ 445.662924][ T6611] asm_exc_page_fault+0x26/0x30 [ 445.662955][ T6611] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 445.662991][ T6611] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f [ 445.663022][ T6611] RSP: 0018:ffffc9000b077af8 EFLAGS: 00050202 [ 445.663046][ T6611] RAX: 0000000000000030 RBX: 0000000000000002 RCX: 0000000000000002 [ 445.663065][ T6611] RDX: ffffed100f1ad801 RSI: ffff888078d6c000 RDI: 0000000000000000 [ 445.663085][ T6611] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100f1ad800 [ 445.663103][ T6611] R10: ffff888078d6c001 R11: 0000000000000000 R12: 0000000000000000 [ 445.663122][ T6611] R13: ffffc9000b077da0 R14: 0000000000000002 R15: ffff888078d6c000 [ 445.663166][ T6611] _copy_to_iter+0x391/0x15a0 [ 445.663218][ T6611] ? __pfx__copy_to_iter+0x10/0x10 [ 445.663261][ T6611] ? kernfs_seq_stop+0xcd/0x120 [ 445.663307][ T6611] ? kernfs_put_active+0x86/0xe0 [ 445.663346][ T6611] seq_read_iter+0xcf8/0x12c0 [ 445.663407][ T6611] kernfs_fop_read_iter+0x40f/0x5a0 [ 445.663445][ T6611] ? rw_verify_area+0xcf/0x680 [ 445.663488][ T6611] vfs_read+0x8c8/0xc70 [ 445.663538][ T6611] ? __pfx___mutex_lock+0x10/0x10 [ 445.663585][ T6611] ? __pfx_vfs_read+0x10/0x10 [ 445.663658][ T6611] ksys_read+0x12a/0x240 [ 445.663699][ T6611] ? __pfx_ksys_read+0x10/0x10 [ 445.663748][ T6611] ? rcu_is_watching+0x12/0xc0 [ 445.663800][ T6611] do_syscall_64+0xcd/0x260 [ 445.663850][ T6611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.663881][ T6611] RIP: 0033:0x7f7ffb58d169 [ 445.663905][ T6611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.663935][ T6611] RSP: 002b:00007f7ffc43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 445.663963][ T6611] RAX: ffffffffffffffda RBX: 00007f7ffb7a5fa0 RCX: 00007f7ffb58d169 [ 445.663983][ T6611] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000003 [ 445.664000][ T6611] RBP: 00007f7ffc43f090 R08: 0000000000000000 R09: 0000000000000000 [ 445.664019][ T6611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.664037][ T6611] R13: 0000000000000000 R14: 00007f7ffb7a5fa0 R15: 00007fffbd35a268 [ 445.664079][ T6611] [ 446.675781][ T6936] IPVS: length: 24 != 25769803800 [ 447.495669][ T30] audit: type=1800 audit(6039378316.204:15): pid=7599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1430" name="discovery_nqn" dev="configfs" ino=26045 res=0 errno=0 [ 447.946619][ T7924] FAULT_INJECTION: forcing a failure. [ 447.946619][ T7924] name failslab, interval 1, probability 0, space 0, times 0 [ 448.025316][ T7924] CPU: 1 UID: 0 PID: 7924 Comm: syz.2.1433 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 448.025366][ T7924] Tainted: [U]=USER [ 448.025376][ T7924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 448.025394][ T7924] Call Trace: [ 448.025403][ T7924] [ 448.025418][ T7924] dump_stack_lvl+0x16c/0x1f0 [ 448.025469][ T7924] should_fail_ex+0x512/0x640 [ 448.025504][ T7924] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 448.025554][ T7924] should_failslab+0xc2/0x120 [ 448.025583][ T7924] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 448.025630][ T7924] ? __pmd_alloc+0xc3/0x870 [ 448.025671][ T7924] __pmd_alloc+0xc3/0x870 [ 448.025705][ T7924] ? find_held_lock+0x2b/0x80 [ 448.025755][ T7924] __handle_mm_fault+0x948/0x2a40 [ 448.025811][ T7924] ? __pfx___handle_mm_fault+0x10/0x10 [ 448.025879][ T7924] ? find_vma+0xbf/0x140 [ 448.025911][ T7924] ? __pfx_find_vma+0x10/0x10 [ 448.025949][ T7924] handle_mm_fault+0x3fe/0xad0 [ 448.026000][ T7924] do_user_addr_fault+0x7a6/0x1370 [ 448.026042][ T7924] ? rcu_is_watching+0x12/0xc0 [ 448.026083][ T7924] exc_page_fault+0x5c/0xc0 [ 448.026126][ T7924] asm_exc_page_fault+0x26/0x30 [ 448.026156][ T7924] RIP: 0010:__get_user_4+0x14/0x20 [ 448.026224][ T7924] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 [ 448.026254][ T7924] RSP: 0018:ffffc9000b95fe38 EFLAGS: 00050287 [ 448.026278][ T7924] RAX: 0000000000000000 RBX: 0000000040046f41 RCX: ffffc9000b95fddc [ 448.026298][ T7924] RDX: 00007ffffffff000 RSI: ffffffff865e50c8 RDI: ffffffff8bf44f40 [ 448.026319][ T7924] RBP: 1ffff9200172bfc8 R08: 6e3da4e5b782f7c8 R09: 0000000000000001 [ 448.026339][ T7924] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 448.026358][ T7924] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000003 [ 448.026390][ T7924] ? ctrl_cdev_ioctl+0x1b8/0x3d0 [ 448.026453][ T7924] ctrl_cdev_ioctl+0x1c0/0x3d0 [ 448.026501][ T7924] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 448.026550][ T7924] ? __fget_files+0x20e/0x3c0 [ 448.026602][ T7924] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 448.026652][ T7924] __x64_sys_ioctl+0x190/0x200 [ 448.026711][ T7924] do_syscall_64+0xcd/0x260 [ 448.026768][ T7924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.026799][ T7924] RIP: 0033:0x7f7ffb58d169 [ 448.026823][ T7924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.026853][ T7924] RSP: 002b:00007f7ffc43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 448.026880][ T7924] RAX: ffffffffffffffda RBX: 00007f7ffb7a5fa0 RCX: 00007f7ffb58d169 [ 448.026901][ T7924] RDX: 0000000000000000 RSI: 0000000040046f41 RDI: 0000000000000003 [ 448.026919][ T7924] RBP: 00007f7ffc43f090 R08: 0000000000000000 R09: 0000000000000000 [ 448.026938][ T7924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 448.026955][ T7924] R13: 0000000000000000 R14: 00007f7ffb7a5fa0 R15: 00007fffbd35a268 [ 448.026996][ T7924] [ 448.487315][ T7934] FAULT_INJECTION: forcing a failure. [ 448.487315][ T7934] name failslab, interval 1, probability 0, space 0, times 0 [ 448.528209][ T7934] CPU: 1 UID: 0 PID: 7934 Comm: syz.2.1436 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 448.528265][ T7934] Tainted: [U]=USER [ 448.528277][ T7934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 448.528295][ T7934] Call Trace: [ 448.528305][ T7934] [ 448.528318][ T7934] dump_stack_lvl+0x16c/0x1f0 [ 448.528370][ T7934] should_fail_ex+0x512/0x640 [ 448.528405][ T7934] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 448.528468][ T7934] should_failslab+0xc2/0x120 [ 448.528500][ T7934] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 448.528551][ T7934] ? alloc_unbound_pwq+0x3ff/0xe10 [ 448.528601][ T7934] alloc_unbound_pwq+0x3ff/0xe10 [ 448.528657][ T7934] apply_wqattrs_prepare+0x3af/0xbd0 [ 448.528719][ T7934] apply_workqueue_attrs_locked+0x64/0xe0 [ 448.528767][ T7934] __alloc_workqueue+0xf41/0x1810 [ 448.528833][ T7934] alloc_workqueue+0xd2/0x200 [ 448.528884][ T7934] ? __pfx_alloc_workqueue+0x10/0x10 [ 448.528937][ T7934] ? rcu_is_watching+0x12/0xc0 [ 448.528977][ T7934] ? trace_kmalloc+0x2b/0xd0 [ 448.529009][ T7934] ? do_raw_spin_lock+0x12c/0x2b0 [ 448.529044][ T7934] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 448.529085][ T7934] ieee80211_register_hw+0x1e18/0x4020 [ 448.529123][ T7934] ? _raw_spin_unlock_irqrestore+0x11/0x80 [ 448.529168][ T7934] ? __debug_object_init+0x211/0x3d0 [ 448.529219][ T7934] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 448.529257][ T7934] ? find_held_lock+0x2b/0x80 [ 448.529297][ T7934] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 448.529331][ T7934] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 448.529381][ T7934] ? __hrtimer_setup+0x176/0x280 [ 448.529420][ T7934] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 448.529504][ T7934] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 448.529560][ T7934] hwsim_new_radio_nl+0xb51/0x12c0 [ 448.529605][ T7934] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 448.529656][ T7934] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 448.529713][ T7934] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 448.529776][ T7934] genl_family_rcv_msg_doit+0x206/0x2f0 [ 448.529831][ T7934] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 448.529883][ T7934] ? trace_cap_capable+0x18d/0x200 [ 448.529924][ T7934] ? bpf_lsm_capable+0x9/0x10 [ 448.529971][ T7934] ? security_capable+0x7e/0x260 [ 448.530025][ T7934] ? ns_capable+0xd7/0x110 [ 448.530067][ T7934] genl_rcv_msg+0x55c/0x800 [ 448.530102][ T7934] ? __pfx_genl_rcv_msg+0x10/0x10 [ 448.530130][ T7934] ? __pfx___dev_queue_xmit+0x10/0x10 [ 448.530165][ T7934] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 448.530206][ T7934] ? __lock_acquire+0xaa4/0x1ba0 [ 448.530265][ T7934] netlink_rcv_skb+0x16a/0x440 [ 448.530310][ T7934] ? __pfx_genl_rcv_msg+0x10/0x10 [ 448.530344][ T7934] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 448.530413][ T7934] ? __pfx_down_read+0x10/0x10 [ 448.530442][ T7934] ? netlink_deliver_tap+0x1ae/0xd30 [ 448.530502][ T7934] genl_rcv+0x28/0x40 [ 448.530547][ T7934] netlink_unicast+0x53a/0x7f0 [ 448.530592][ T7934] ? __pfx_netlink_unicast+0x10/0x10 [ 448.530630][ T7934] ? __lock_acquire+0xaa4/0x1ba0 [ 448.530682][ T7934] netlink_sendmsg+0x8d1/0xdd0 [ 448.530728][ T7934] ? __pfx_netlink_sendmsg+0x10/0x10 [ 448.530780][ T7934] ____sys_sendmsg+0xa95/0xc70 [ 448.530824][ T7934] ? copy_msghdr_from_user+0x10a/0x160 [ 448.530859][ T7934] ? __pfx_____sys_sendmsg+0x10/0x10 [ 448.530909][ T7934] ? try_to_wake_up+0xa2f/0x1680 [ 448.530949][ T7934] ___sys_sendmsg+0x134/0x1d0 [ 448.530986][ T7934] ? __pfx____sys_sendmsg+0x10/0x10 [ 448.531063][ T7934] __sys_sendmsg+0x16d/0x220 [ 448.531098][ T7934] ? __pfx___sys_sendmsg+0x10/0x10 [ 448.531132][ T7934] ? __x64_sys_futex+0x1e0/0x4c0 [ 448.531179][ T7934] ? rcu_is_watching+0x12/0xc0 [ 448.531223][ T7934] do_syscall_64+0xcd/0x260 [ 448.531265][ T7934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.531291][ T7934] RIP: 0033:0x7f7ffb58d169 [ 448.531313][ T7934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.531339][ T7934] RSP: 002b:00007f7ffc43f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 448.531364][ T7934] RAX: ffffffffffffffda RBX: 00007f7ffb7a5fa0 RCX: 00007f7ffb58d169 [ 448.531381][ T7934] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000005 [ 448.531398][ T7934] RBP: 00007f7ffb60e990 R08: 0000000000000000 R09: 0000000000000000 [ 448.531413][ T7934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.531428][ T7934] R13: 0000000000000000 R14: 00007f7ffb7a5fa0 R15: 00007fffbd35a268 [ 448.531468][ T7934] [ 449.794804][ T8386] Invalid ELF header magic: != ELF [ 451.740579][ T8971] cgroup: fork rejected by pids controller in /syz3 [ 453.838067][ T9253] Invalid ELF header magic: != ELF [ 455.450666][T10464] i2c i2c-0: new_device: Can't parse I2C address [ 456.239234][T10875] FAULT_INJECTION: forcing a failure. [ 456.239234][T10875] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 456.303896][T10875] CPU: 1 UID: 0 PID: 10875 Comm: syz.1.1482 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 456.303947][T10875] Tainted: [U]=USER [ 456.303957][T10875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 456.303975][T10875] Call Trace: [ 456.303985][T10875] [ 456.303996][T10875] dump_stack_lvl+0x16c/0x1f0 [ 456.304046][T10875] should_fail_ex+0x512/0x640 [ 456.304089][T10875] _copy_from_user+0x2e/0xd0 [ 456.304128][T10875] copy_msghdr_from_user+0x98/0x160 [ 456.304172][T10875] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 456.304234][T10875] ___sys_sendmsg+0xfe/0x1d0 [ 456.304277][T10875] ? __pfx____sys_sendmsg+0x10/0x10 [ 456.304367][T10875] __sys_sendmsg+0x16d/0x220 [ 456.304410][T10875] ? __pfx___sys_sendmsg+0x10/0x10 [ 456.304462][T10875] ? rcu_is_watching+0x12/0xc0 [ 456.304513][T10875] do_syscall_64+0xcd/0x260 [ 456.304563][T10875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 456.304601][T10875] RIP: 0033:0x7f10d338d169 [ 456.304630][T10875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 456.304662][T10875] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 456.304690][T10875] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 456.304710][T10875] RDX: 0000000020008800 RSI: 0000200000001c40 RDI: 0000000000000003 [ 456.304730][T10875] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 456.304747][T10875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 456.304765][T10875] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 456.304804][T10875] [ 456.481230][ C1] vkms_vblank_simulate: vblank timer overrun [ 456.541737][T10956] capability: warning: `syz.2.1483' uses 32-bit capabilities (legacy support in use) [ 459.068599][T12014] Invalid ELF header magic: != ELF [ 460.371098][T12843] syz.2.1512 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 463.165215][T14202] Setting dangerous option i915.mitigations - tainting kernel [ 463.597640][T14253] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1535'. [ 463.831717][T14528] Invalid ELF header magic: != ELF [ 465.025674][T14747] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1543'. [ 465.119765][T14747] HSR: entered promiscuous mode [ 470.117497][T15510] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1565'. syzkaller syzkaller login: [ 473.446695][T16773] svc: failed to register nfsdv3 RPC service (errno 111). [ 473.505656][T16773] svc: failed to register nfsaclv3 RPC service (errno 111). [ 476.467869][T17927] openvswitch: netlink: Missing valid actions attribute. [ 478.294206][T18249] FAULT_INJECTION: forcing a failure. [ 478.294206][T18249] name failslab, interval 1, probability 0, space 0, times 0 [ 478.376125][T18249] CPU: 0 UID: 0 PID: 18249 Comm: syz.1.1605 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 478.376177][T18249] Tainted: [U]=USER [ 478.376187][T18249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 478.376205][T18249] Call Trace: [ 478.376216][T18249] [ 478.376227][T18249] dump_stack_lvl+0x16c/0x1f0 [ 478.376279][T18249] should_fail_ex+0x512/0x640 [ 478.376323][T18249] ? fs_reclaim_acquire+0xae/0x150 [ 478.376364][T18249] ? tomoyo_encode2+0x100/0x3e0 [ 478.376406][T18249] should_failslab+0xc2/0x120 [ 478.376435][T18249] __kmalloc_noprof+0xd2/0x510 [ 478.376483][T18249] ? d_absolute_path+0x136/0x1a0 [ 478.376526][T18249] tomoyo_encode2+0x100/0x3e0 [ 478.376575][T18249] tomoyo_encode+0x29/0x50 [ 478.376615][T18249] tomoyo_realpath_from_path+0x18f/0x6e0 [ 478.376673][T18249] tomoyo_path_number_perm+0x245/0x580 [ 478.376709][T18249] ? tomoyo_path_number_perm+0x237/0x580 [ 478.376751][T18249] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 478.376791][T18249] ? find_held_lock+0x2b/0x80 [ 478.376901][T18249] ? find_held_lock+0x2b/0x80 [ 478.376941][T18249] ? hook_file_ioctl_common+0x145/0x410 [ 478.376985][T18249] ? __fget_files+0x20e/0x3c0 [ 478.377036][T18249] security_file_ioctl+0x9b/0x240 [ 478.377078][T18249] __x64_sys_ioctl+0xb7/0x200 [ 478.377119][T18249] do_syscall_64+0xcd/0x260 [ 478.377169][T18249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.377202][T18249] RIP: 0033:0x7f10d338d169 [ 478.377226][T18249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 478.377258][T18249] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 478.377287][T18249] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 478.377313][T18249] RDX: 0000000000000000 RSI: 0000000000001276 RDI: 0000000000000003 [ 478.377332][T18249] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 478.377352][T18249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 478.377371][T18249] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 478.377414][T18249] [ 478.377441][T18249] ERROR: Out of memory at tomoyo_realpath_from_path. [ 480.036910][T18764] FAULT_INJECTION: forcing a failure. [ 480.036910][T18764] name failslab, interval 1, probability 0, space 0, times 0 [ 480.096149][T18764] CPU: 1 UID: 0 PID: 18764 Comm: syz.3.1611 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 480.096201][T18764] Tainted: [U]=USER [ 480.096212][T18764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 480.096230][T18764] Call Trace: [ 480.096240][T18764] [ 480.096252][T18764] dump_stack_lvl+0x16c/0x1f0 [ 480.096302][T18764] should_fail_ex+0x512/0x640 [ 480.096337][T18764] ? __kmalloc_noprof+0xbf/0x510 [ 480.096388][T18764] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 480.096444][T18764] should_failslab+0xc2/0x120 [ 480.096474][T18764] __kmalloc_noprof+0xd2/0x510 [ 480.096522][T18764] ? kasan_quarantine_put+0x10a/0x240 [ 480.096575][T18764] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 480.096634][T18764] ? kfree_skbmem+0x1a4/0x1f0 [ 480.096669][T18764] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 480.096724][T18764] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 480.096778][T18764] ? genl_get_cmd+0x194/0x580 [ 480.096849][T18764] ? __local_bh_enable_ip+0xa4/0x120 [ 480.096896][T18764] ? __dev_queue_xmit+0x896/0x43e0 [ 480.096927][T18764] ? __radix_tree_lookup+0x21f/0x2c0 [ 480.096977][T18764] genl_rcv_msg+0x55c/0x800 [ 480.097012][T18764] ? __pfx_genl_rcv_msg+0x10/0x10 [ 480.097042][T18764] ? __pfx___dev_queue_xmit+0x10/0x10 [ 480.097077][T18764] ? __pfx_tcp_metrics_nl_cmd_get+0x10/0x10 [ 480.097124][T18764] ? __lock_acquire+0xaa4/0x1ba0 [ 480.097183][T18764] netlink_rcv_skb+0x16a/0x440 [ 480.097230][T18764] ? __pfx_genl_rcv_msg+0x10/0x10 [ 480.097261][T18764] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 480.097329][T18764] ? __pfx_down_read+0x10/0x10 [ 480.097359][T18764] ? netlink_deliver_tap+0x1ae/0xd30 [ 480.097408][T18764] genl_rcv+0x28/0x40 [ 480.097454][T18764] netlink_unicast+0x53a/0x7f0 [ 480.097506][T18764] ? __pfx_netlink_unicast+0x10/0x10 [ 480.097550][T18764] ? __lock_acquire+0xaa4/0x1ba0 [ 480.097611][T18764] netlink_sendmsg+0x8d1/0xdd0 [ 480.097664][T18764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 480.097728][T18764] ____sys_sendmsg+0xa95/0xc70 [ 480.097781][T18764] ? copy_msghdr_from_user+0x10a/0x160 [ 480.097822][T18764] ? __pfx_____sys_sendmsg+0x10/0x10 [ 480.097912][T18764] ___sys_sendmsg+0x134/0x1d0 [ 480.097955][T18764] ? __pfx____sys_sendmsg+0x10/0x10 [ 480.098047][T18764] __sys_sendmsg+0x16d/0x220 [ 480.098088][T18764] ? __pfx___sys_sendmsg+0x10/0x10 [ 480.098141][T18764] ? rcu_is_watching+0x12/0xc0 [ 480.098191][T18764] do_syscall_64+0xcd/0x260 [ 480.098239][T18764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 480.098271][T18764] RIP: 0033:0x7f3ded18d169 [ 480.098295][T18764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 480.098325][T18764] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 480.098353][T18764] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 480.098373][T18764] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003 [ 480.098390][T18764] RBP: 00007f3dee045090 R08: 0000000000000000 R09: 0000000000000000 [ 480.098408][T18764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 480.098425][T18764] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 480.098465][T18764] [ 481.954258][T19597] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1623'. [ 481.998661][T19597] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1623'. [ 482.213992][T19610] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(7) [ 482.938245][T19927] Invalid ELF header magic: != ELF [ 483.449421][T20247] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(7) [ 484.879709][T20956] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(7) [ 486.763171][ T5845] Bluetooth: hci0: unexpected event 0x30 length: 47 > 3 [ 487.055055][ T5845] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 488.486579][T23266] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1674'. [ 490.840878][T24557] FAULT_INJECTION: forcing a failure. [ 490.840878][T24557] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 490.864038][T24557] CPU: 1 UID: 0 PID: 24557 Comm: syz.1.1696 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 490.864091][T24557] Tainted: [U]=USER [ 490.864101][T24557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 490.864118][T24557] Call Trace: [ 490.864128][T24557] [ 490.864139][T24557] dump_stack_lvl+0x16c/0x1f0 [ 490.864214][T24557] should_fail_ex+0x512/0x640 [ 490.864254][T24557] _copy_to_user+0x32/0xd0 [ 490.864296][T24557] simple_read_from_buffer+0xcb/0x170 [ 490.864342][T24557] proc_fail_nth_read+0x197/0x270 [ 490.864386][T24557] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 490.864430][T24557] ? rw_verify_area+0xcf/0x680 [ 490.864467][T24557] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 490.864508][T24557] vfs_read+0x1de/0xc70 [ 490.864555][T24557] ? __pfx___mutex_lock+0x10/0x10 [ 490.864600][T24557] ? __pfx_vfs_read+0x10/0x10 [ 490.864653][T24557] ? __fget_files+0x20e/0x3c0 [ 490.864708][T24557] ksys_read+0x12a/0x240 [ 490.864756][T24557] ? __pfx_ksys_read+0x10/0x10 [ 490.864795][T24557] ? rcu_is_watching+0x12/0xc0 [ 490.864844][T24557] do_syscall_64+0xcd/0x260 [ 490.864893][T24557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 490.864923][T24557] RIP: 0033:0x7f10d338bb7c [ 490.864946][T24557] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 490.864977][T24557] RSP: 002b:00007f10d420b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 490.865005][T24557] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338bb7c [ 490.865024][T24557] RDX: 000000000000000f RSI: 00007f10d420b0a0 RDI: 000000000000000b [ 490.865041][T24557] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 490.865059][T24557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 490.865077][T24557] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 490.865116][T24557] [ 493.689991][T26425] FAULT_INJECTION: forcing a failure. [ 493.689991][T26425] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 493.732825][T26425] CPU: 0 UID: 0 PID: 26425 Comm: syz.1.1722 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 493.732899][T26425] Tainted: [U]=USER [ 493.732913][T26425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 493.732941][T26425] Call Trace: [ 493.732955][T26425] [ 493.732973][T26425] dump_stack_lvl+0x16c/0x1f0 [ 493.733044][T26425] should_fail_ex+0x512/0x640 [ 493.733107][T26425] should_fail_alloc_page+0xe7/0x130 [ 493.733156][T26425] prepare_alloc_pages+0x3c2/0x610 [ 493.733226][T26425] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 493.733306][T26425] ? copy_splice_read+0x1a8/0xba0 [ 493.733365][T26425] ? stack_trace_save+0x8e/0xc0 [ 493.733425][T26425] ? __pfx_stack_trace_save+0x10/0x10 [ 493.733467][T26425] ? stack_depot_save_flags+0x28/0xa50 [ 493.733514][T26425] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 493.733561][T26425] ? kasan_save_stack+0x33/0x60 [ 493.733605][T26425] ? __kasan_kmalloc+0xaa/0xb0 [ 493.733648][T26425] ? copy_splice_read+0x1a8/0xba0 [ 493.733688][T26425] ? do_splice_read+0x282/0x370 [ 493.733727][T26425] ? splice_direct_to_actor+0x2a1/0xa30 [ 493.733768][T26425] ? do_splice_direct+0x174/0x240 [ 493.733808][T26425] ? do_sendfile+0xafd/0xe50 [ 493.733846][T26425] ? __x64_sys_sendfile64+0x154/0x220 [ 493.733874][T26425] ? do_syscall_64+0xcd/0x260 [ 493.733948][T26425] alloc_pages_bulk_noprof+0x703/0x13b0 [ 493.734010][T26425] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 493.734068][T26425] ? trace_kmalloc+0x2b/0xd0 [ 493.734099][T26425] ? __kmalloc_noprof+0x242/0x510 [ 493.734155][T26425] copy_splice_read+0x1e1/0xba0 [ 493.734208][T26425] ? __pfx_copy_splice_read+0x10/0x10 [ 493.734256][T26425] ? look_up_lock_class+0x6b/0x150 [ 493.734306][T26425] ? lockdep_init_map_type+0x5c/0x280 [ 493.734339][T26425] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 493.734389][T26425] ? __pfx_copy_splice_read+0x10/0x10 [ 493.734438][T26425] do_splice_read+0x282/0x370 [ 493.734484][T26425] splice_direct_to_actor+0x2a1/0xa30 [ 493.734531][T26425] ? __pfx_direct_splice_actor+0x10/0x10 [ 493.734583][T26425] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 493.734625][T26425] ? get_pid_task+0xfc/0x250 [ 493.734667][T26425] do_splice_direct+0x174/0x240 [ 493.734711][T26425] ? __pfx_do_splice_direct+0x10/0x10 [ 493.734755][T26425] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 493.734805][T26425] ? rw_verify_area+0xcf/0x680 [ 493.734846][T26425] do_sendfile+0xafd/0xe50 [ 493.734904][T26425] ? __pfx_do_sendfile+0x10/0x10 [ 493.734959][T26425] __x64_sys_sendfile64+0x154/0x220 [ 493.734991][T26425] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 493.735034][T26425] do_syscall_64+0xcd/0x260 [ 493.735101][T26425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.735133][T26425] RIP: 0033:0x7f10d338d169 [ 493.735158][T26425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 493.735189][T26425] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 493.735219][T26425] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 493.735239][T26425] RDX: 0000200000000040 RSI: 0000000000000003 RDI: 0000000000000003 [ 493.735257][T26425] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 493.735276][T26425] R10: 000000000000788b R11: 0000000000000246 R12: 0000000000000001 [ 493.735294][T26425] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 493.735334][T26425] [ 495.226855][T27160] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1733'. [ 497.825926][T28525] [U]  [ 497.829171][T28525] [U] [ 497.831930][T28525] [U] [ 497.834684][T28525] [U] [ 497.859764][T28525] [U] [ 497.862571][T28525] [U] [ 497.865328][T28525] [U] [ 497.868083][T28525] [U] [ 497.889174][T28525] [U] [ 497.891977][T28525] [U] [ 497.894729][T28525] [U] [ 497.897482][T28525] [U] [ 497.930928][T28525] [U] [ 497.933725][T28525] [U] [ 497.936472][T28525] [U] [ 497.939225][T28525] [U] [ 497.970958][T28525] [U] [ 497.973884][T28525] [U] [ 497.976656][T28525] [U] [ 497.979412][T28525] [U] [ 497.988743][T28525] [U] [ 497.991527][T28525] [U] [ 497.994277][T28525] [U] [ 497.997040][T28525] [U] [ 498.054609][T28525] [U] [ 498.057407][T28525] [U] [ 498.060176][T28525] [U] [ 498.062928][T28525] [U] [ 498.129014][T28525] [U] [ 501.595669][ T1100] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.819666][ T1100] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.969557][ T1100] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.111972][ T1100] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.523192][ T1100] bridge_slave_1: left allmulticast mode [ 502.529240][ T1100] bridge_slave_1: left promiscuous mode [ 502.563407][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 502.644231][ T1100] bridge_slave_0: left allmulticast mode [ 502.649974][ T1100] bridge_slave_0: left promiscuous mode [ 502.684496][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.848626][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 502.862281][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 502.870917][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 502.881464][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 502.890575][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 503.408956][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 503.423945][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 503.435074][ T1100] bond0 (unregistering): Released all slaves [ 504.410725][ T1100] hsr_slave_0: left promiscuous mode [ 504.451768][ T1100] hsr_slave_1: left promiscuous mode [ 504.473035][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 504.480535][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 504.546635][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 504.583624][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 504.686997][ T1100] veth1_macvtap: left promiscuous mode [ 504.706752][ T1100] veth0_macvtap: left promiscuous mode [ 504.720078][ T1100] veth1_vlan: left promiscuous mode [ 504.727667][ T1100] veth0_vlan: left promiscuous mode [ 504.965923][ T5845] Bluetooth: hci2: command tx timeout [ 505.328461][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 505.367807][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 505.857400][T31246] chnl_net:caif_netlink_parms(): no params data found [ 506.052335][T32029] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1799'. [ 506.221211][T31246] bridge0: port 1(bridge_slave_0) entered blocking state [ 506.229807][T31246] bridge0: port 1(bridge_slave_0) entered disabled state [ 506.237209][T31246] bridge_slave_0: entered allmulticast mode [ 506.249486][T31246] bridge_slave_0: entered promiscuous mode [ 506.283040][T31246] bridge0: port 2(bridge_slave_1) entered blocking state [ 506.304331][T31246] bridge0: port 2(bridge_slave_1) entered disabled state [ 506.311592][T31246] bridge_slave_1: entered allmulticast mode [ 506.328959][T31246] bridge_slave_1: entered promiscuous mode [ 506.505732][T31246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 506.566236][T31246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 506.809356][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.815807][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.819849][T31246] team0: Port device team_slave_0 added [ 506.867056][T31246] team0: Port device team_slave_1 added [ 507.043486][ T5845] Bluetooth: hci2: command tx timeout [ 507.072198][T31246] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 507.086589][T31246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 507.132690][T31246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 507.149126][T31246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 507.167438][T31246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 507.243552][T31246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 507.439436][T31246] hsr_slave_0: entered promiscuous mode [ 507.448679][T31246] hsr_slave_1: entered promiscuous mode [ 508.685746][T31246] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 508.741438][T31246] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 508.828039][T31246] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 508.851871][T31246] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 509.125825][ T5845] Bluetooth: hci2: command tx timeout [ 509.272467][T31246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 509.330545][T31246] 8021q: adding VLAN 0 to HW filter on device team0 [ 509.364651][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state [ 509.372080][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 509.419411][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state [ 509.426922][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 510.296655][T31246] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 510.554602][ T1763] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1825'. [ 510.971984][ T1988] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[1988] [ 511.082449][T31246] veth0_vlan: entered promiscuous mode [ 511.151022][T31246] veth1_vlan: entered promiscuous mode [ 511.205098][ T5845] Bluetooth: hci2: command tx timeout [ 511.285138][T31246] veth0_macvtap: entered promiscuous mode [ 511.342048][T31246] veth1_macvtap: entered promiscuous mode [ 511.377640][T31246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 511.394314][T31246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.410453][T31246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 511.426029][T31246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.439249][T31246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 511.455623][T31246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.489404][T31246] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 511.538960][T31246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 511.571566][T31246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.592242][T31246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 511.616966][T31246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.629173][T31246] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 511.650155][T31246] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 511.693123][T31246] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 511.702352][T31246] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 511.725717][T31246] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 511.926700][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 511.967171][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 512.119007][ T1159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 512.163110][ T1159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 517.051385][ T4260] ERROR: Out of memory at tomoyo_memory_ok. [ 521.301309][ T6540] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(7) [ 522.600830][ T7064] blk_print_req_error: 22 callbacks suppressed [ 522.600857][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.648580][ T7064] buffer_io_error: 22 callbacks suppressed [ 522.648602][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.720981][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.762411][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.810801][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.852734][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.860755][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.960586][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 523.035703][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 523.074117][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 523.121002][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 523.211445][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 523.282283][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 523.329080][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 523.337796][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 523.346997][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 523.354935][ T7064] ldm_validate_partition_table(): Disk read failed. [ 523.361682][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 523.376946][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 523.385039][ T7064] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 523.394756][ T7064] Buffer I/O error on dev nbd0, logical block 0, async page read [ 523.403008][ T7064] Dev nbd0: unable to read RDB block 0 [ 523.409265][ T7064] nbd0: unable to read partition table [ 523.499542][ T7451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1910'. [ 523.519910][ T7451] netlink: 214 bytes leftover after parsing attributes in process `syz.0.1910'. [ 523.530415][ T7451] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1910'. [ 526.738613][ T8949] Invalid ELF header magic: != ELF [ 526.904893][ T9189] ldm_validate_partition_table(): Disk read failed. [ 526.913282][ T9189] Dev nbd0: unable to read RDB block 0 [ 526.920023][ T9189] nbd0: unable to read partition table [ 527.819300][ T9807] FAULT_INJECTION: forcing a failure. [ 527.819300][ T9807] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 527.838008][ T9807] CPU: 0 UID: 0 PID: 9807 Comm: syz.1.1943 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 527.838061][ T9807] Tainted: [U]=USER [ 527.838072][ T9807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 527.838090][ T9807] Call Trace: [ 527.838100][ T9807] [ 527.838112][ T9807] dump_stack_lvl+0x16c/0x1f0 [ 527.838162][ T9807] should_fail_ex+0x512/0x640 [ 527.838204][ T9807] _copy_to_user+0x32/0xd0 [ 527.838246][ T9807] simple_read_from_buffer+0xcb/0x170 [ 527.838293][ T9807] proc_fail_nth_read+0x197/0x270 [ 527.838338][ T9807] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 527.838384][ T9807] ? rw_verify_area+0xcf/0x680 [ 527.838421][ T9807] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 527.838465][ T9807] vfs_read+0x1de/0xc70 [ 527.838512][ T9807] ? __pfx___mutex_lock+0x10/0x10 [ 527.838559][ T9807] ? __pfx_vfs_read+0x10/0x10 [ 527.838613][ T9807] ? __fget_files+0x20e/0x3c0 [ 527.838669][ T9807] ksys_read+0x12a/0x240 [ 527.838711][ T9807] ? __pfx_ksys_read+0x10/0x10 [ 527.838767][ T9807] do_syscall_64+0xcd/0x260 [ 527.838825][ T9807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.838858][ T9807] RIP: 0033:0x7f10d338bb7c [ 527.838882][ T9807] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 527.838913][ T9807] RSP: 002b:00007f10d420b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 527.838943][ T9807] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338bb7c [ 527.838963][ T9807] RDX: 000000000000000f RSI: 00007f10d420b0a0 RDI: 0000000000000004 [ 527.838981][ T9807] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 527.838999][ T9807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 527.839017][ T9807] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 527.839058][ T9807] [ 528.221430][ T9931] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1945'. [ 531.966024][T12005] vivid-003: ================= START STATUS ================= [ 532.002270][T12005] vivid-003: Radio HW Seek Mode: Bounded [ 532.043538][T12005] vivid-003: Radio Programmable HW Seek: false [ 532.067404][T12005] vivid-003: RDS Rx I/O Mode: Block I/O [ 532.085373][T12005] vivid-003: Generate RBDS Instead of RDS: false [ 532.111771][T12005] vivid-003: RDS Reception: true [ 532.122992][T12005] vivid-003: RDS Program Type: 0 inactive [ 532.147738][T12005] vivid-003: RDS PS Name: inactive [ 532.168000][T12005] vivid-003: RDS Radio Text: inactive [ 532.191704][T12005] vivid-003: RDS Traffic Announcement: false inactive [ 532.221080][T12005] vivid-003: RDS Traffic Program: false inactive [ 532.243204][T12005] vivid-003: RDS Music: false inactive [ 532.248769][T12005] vivid-003: ================== END STATUS ================== [ 533.899203][T12883] bond0: mtu greater than device maximum [ 533.994236][T12887] program syz.0.1990 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 534.798728][T13211] FAULT_INJECTION: forcing a failure. [ 534.798728][T13211] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 534.852972][T13211] CPU: 1 UID: 0 PID: 13211 Comm: syz.0.1996 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 534.853025][T13211] Tainted: [U]=USER [ 534.853035][T13211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 534.853052][T13211] Call Trace: [ 534.853062][T13211] [ 534.853073][T13211] dump_stack_lvl+0x16c/0x1f0 [ 534.853122][T13211] should_fail_ex+0x512/0x640 [ 534.853162][T13211] should_fail_alloc_page+0xe7/0x130 [ 534.853194][T13211] prepare_alloc_pages+0x3c2/0x610 [ 534.853237][T13211] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 534.853290][T13211] ? __lock_acquire+0xaa4/0x1ba0 [ 534.853356][T13211] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 534.853417][T13211] ? find_held_lock+0x2b/0x80 [ 534.853457][T13211] ? process_measurement+0x51f/0x2360 [ 534.853501][T13211] ? down_write+0x14d/0x200 [ 534.853551][T13211] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 534.853587][T13211] ? policy_nodemask+0xea/0x4e0 [ 534.853656][T13211] alloc_pages_mpol+0x1fb/0x550 [ 534.853688][T13211] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 534.853720][T13211] ? __lock_acquire+0x5ca/0x1ba0 [ 534.853778][T13211] folio_alloc_mpol_noprof+0x36/0x2f0 [ 534.853817][T13211] vma_alloc_folio_noprof+0xed/0x1e0 [ 534.853852][T13211] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 534.853898][T13211] do_pte_missing+0x223d/0x3fb0 [ 534.853961][T13211] __handle_mm_fault+0x103d/0x2a40 [ 534.854016][T13211] ? __pfx___handle_mm_fault+0x10/0x10 [ 534.854084][T13211] ? find_vma+0xbf/0x140 [ 534.854117][T13211] ? __pfx_find_vma+0x10/0x10 [ 534.854153][T13211] handle_mm_fault+0x3fe/0xad0 [ 534.854204][T13211] do_user_addr_fault+0x7a6/0x1370 [ 534.854245][T13211] ? rcu_is_watching+0x12/0xc0 [ 534.854287][T13211] exc_page_fault+0x5c/0xc0 [ 534.854329][T13211] asm_exc_page_fault+0x26/0x30 [ 534.854363][T13211] RIP: 0010:rep_stos_alternative+0x40/0x80 [ 534.854391][T13211] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47 [ 534.854416][T13211] RSP: 0018:ffffc900038b7cc8 EFLAGS: 00050206 [ 534.854437][T13211] RAX: 0000000000000000 RBX: 000000007fffe000 RCX: 0000000000001000 [ 534.854466][T13211] RDX: ffff88805c439e00 RSI: ffffffff854fa6b6 RDI: 0000200000001000 [ 534.854485][T13211] RBP: 0000000000001000 R08: 6e3da4e5b782f7c8 R09: 0000000000000001 [ 534.854502][T13211] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88805c439e00 [ 534.854518][T13211] R13: 00007ffffffff000 R14: ffffed100b8873c0 R15: 0000200000001000 [ 534.854549][T13211] ? read_zero+0xc6/0x250 [ 534.854582][T13211] read_zero+0xd6/0x250 [ 534.854611][T13211] ? __pfx_read_zero+0x10/0x10 [ 534.854642][T13211] vfs_read+0x1de/0xc70 [ 534.854690][T13211] ? __pfx_vfs_read+0x10/0x10 [ 534.854726][T13211] ? find_held_lock+0x2b/0x80 [ 534.854764][T13211] ? __fget_files+0x204/0x3c0 [ 534.854812][T13211] ? __fget_files+0x20e/0x3c0 [ 534.854851][T13211] ? __fget_files+0x120/0x3c0 [ 534.854903][T13211] __x64_sys_pread64+0x1f4/0x250 [ 534.854949][T13211] ? __pfx___x64_sys_pread64+0x10/0x10 [ 534.854991][T13211] ? rcu_is_watching+0x12/0xc0 [ 534.855040][T13211] do_syscall_64+0xcd/0x260 [ 534.855087][T13211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.855117][T13211] RIP: 0033:0x7fb9a7d8d169 [ 534.855140][T13211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.855168][T13211] RSP: 002b:00007fb9a8c5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 534.855196][T13211] RAX: ffffffffffffffda RBX: 00007fb9a7fa5fa0 RCX: 00007fb9a7d8d169 [ 534.855215][T13211] RDX: 0000000100000002 RSI: 0000200000000000 RDI: 0000000000000003 [ 534.855233][T13211] RBP: 00007fb9a8c5e090 R08: 0000000000000000 R09: 0000000000000000 [ 534.855250][T13211] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 534.855267][T13211] R13: 0000000000000000 R14: 00007fb9a7fa5fa0 R15: 00007fff518da798 [ 534.855306][T13211] [ 537.213800][T13963] FAULT_INJECTION: forcing a failure. [ 537.213800][T13963] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 537.259395][T13963] CPU: 1 UID: 0 PID: 13963 Comm: syz.0.2007 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 537.259445][T13963] Tainted: [U]=USER [ 537.259455][T13963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 537.259473][T13963] Call Trace: [ 537.259482][T13963] [ 537.259494][T13963] dump_stack_lvl+0x16c/0x1f0 [ 537.259541][T13963] should_fail_ex+0x512/0x640 [ 537.259582][T13963] _copy_from_user+0x2e/0xd0 [ 537.259621][T13963] memdup_user+0x6b/0xe0 [ 537.259652][T13963] sctp_getsockopt+0x2a0b/0x6b90 [ 537.259689][T13963] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 537.259730][T13963] ? __pfx_sctp_getsockopt+0x10/0x10 [ 537.259791][T13963] ? __pfx___might_resched+0x10/0x10 [ 537.259854][T13963] ? find_held_lock+0x2b/0x80 [ 537.259891][T13963] ? __might_fault+0xe3/0x190 [ 537.259935][T13963] ? __might_fault+0xe3/0x190 [ 537.259978][T13963] ? __might_fault+0x13b/0x190 [ 537.260033][T13963] ? sock_common_getsockopt+0x21/0xb0 [ 537.260077][T13963] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 537.260127][T13963] do_sock_getsockopt+0x3fc/0x800 [ 537.260188][T13963] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 537.260231][T13963] ? __fget_files+0x204/0x3c0 [ 537.260291][T13963] __sys_getsockopt+0x12f/0x260 [ 537.260334][T13963] __x64_sys_getsockopt+0xbd/0x160 [ 537.260366][T13963] ? do_syscall_64+0x91/0x260 [ 537.260406][T13963] ? lockdep_hardirqs_on+0x7c/0x110 [ 537.260445][T13963] do_syscall_64+0xcd/0x260 [ 537.260487][T13963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.260516][T13963] RIP: 0033:0x7fb9a7d8d169 [ 537.260537][T13963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 537.260564][T13963] RSP: 002b:00007fb9a8c3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 537.260589][T13963] RAX: ffffffffffffffda RBX: 00007fb9a7fa6080 RCX: 00007fb9a7d8d169 [ 537.260607][T13963] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000005 [ 537.260623][T13963] RBP: 00007fb9a8c3d090 R08: 0000200000000000 R09: 0000000000000000 [ 537.260639][T13963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 537.260655][T13963] R13: 0000000000000000 R14: 00007fb9a7fa6080 R15: 00007fff518da798 [ 537.260692][T13963] [ 537.485912][ C1] vkms_vblank_simulate: vblank timer overrun [ 539.134826][T14610] FAULT_INJECTION: forcing a failure. [ 539.134826][T14610] name failslab, interval 1, probability 0, space 0, times 0 [ 539.256343][T14610] CPU: 0 UID: 0 PID: 14610 Comm: syz.1.2016 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 539.256398][T14610] Tainted: [U]=USER [ 539.256413][T14610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 539.256431][T14610] Call Trace: [ 539.256442][T14610] [ 539.256455][T14610] dump_stack_lvl+0x16c/0x1f0 [ 539.256506][T14610] should_fail_ex+0x512/0x640 [ 539.256542][T14610] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 539.256614][T14610] should_failslab+0xc2/0x120 [ 539.256646][T14610] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 539.256721][T14610] ? proc_alloc_inode+0x25/0x200 [ 539.256758][T14610] ? __pfx_proc_alloc_inode+0x10/0x10 [ 539.256786][T14610] proc_alloc_inode+0x25/0x200 [ 539.256815][T14610] alloc_inode+0x61/0x240 [ 539.256852][T14610] new_inode+0x22/0x1c0 [ 539.256885][T14610] ? proc_lookup_de+0x217/0x320 [ 539.256925][T14610] proc_get_inode+0x1d/0x780 [ 539.256960][T14610] proc_lookup_de+0x253/0x320 [ 539.257000][T14610] ? __pfx_proc_lookup+0x10/0x10 [ 539.257035][T14610] proc_lookup+0xcf/0x110 [ 539.257071][T14610] lookup_open.isra.0+0x4d7/0x1580 [ 539.257125][T14610] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 539.257191][T14610] ? __pfx_down_write+0x10/0x10 [ 539.257239][T14610] ? mnt_get_write_access+0x20c/0x300 [ 539.257286][T14610] path_openat+0x905/0x2d40 [ 539.257350][T14610] ? __pfx_path_openat+0x10/0x10 [ 539.257411][T14610] do_filp_open+0x20b/0x470 [ 539.257461][T14610] ? __pfx_do_filp_open+0x10/0x10 [ 539.257540][T14610] ? alloc_fd+0x471/0x7d0 [ 539.257599][T14610] do_sys_openat2+0x11b/0x1d0 [ 539.257633][T14610] ? __pfx_do_sys_openat2+0x10/0x10 [ 539.257675][T14610] ? __asan_memcpy+0x3c/0x60 [ 539.257731][T14610] __x64_sys_openat+0x174/0x210 [ 539.257767][T14610] ? __pfx___x64_sys_openat+0x10/0x10 [ 539.257806][T14610] ? rcu_is_watching+0x12/0xc0 [ 539.257858][T14610] do_syscall_64+0xcd/0x260 [ 539.257907][T14610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.257940][T14610] RIP: 0033:0x7f10d338d169 [ 539.257966][T14610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 539.257999][T14610] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 539.258030][T14610] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 539.258051][T14610] RDX: 0000000000000641 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 539.258071][T14610] RBP: 00007f10d340e990 R08: 0000000000000000 R09: 0000000000000000 [ 539.258091][T14610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 539.258110][T14610] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 539.258152][T14610] [ 539.926171][T14828] FAULT_INJECTION: forcing a failure. [ 539.926171][T14828] name failslab, interval 1, probability 0, space 0, times 0 [ 539.992660][T14828] CPU: 0 UID: 0 PID: 14828 Comm: syz.1.2020 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 539.992711][T14828] Tainted: [U]=USER [ 539.992721][T14828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 539.992739][T14828] Call Trace: [ 539.992749][T14828] [ 539.992760][T14828] dump_stack_lvl+0x16c/0x1f0 [ 539.992811][T14828] should_fail_ex+0x512/0x640 [ 539.992852][T14828] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 539.992905][T14828] should_failslab+0xc2/0x120 [ 539.992937][T14828] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 539.992984][T14828] ? d_instantiate+0x77/0x90 [ 539.993013][T14828] ? alloc_empty_file+0x55/0x1e0 [ 539.993051][T14828] alloc_empty_file+0x55/0x1e0 [ 539.993087][T14828] alloc_file_pseudo+0x13a/0x230 [ 539.993122][T14828] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 539.993155][T14828] ? alloc_fd+0x471/0x7d0 [ 539.993206][T14828] sock_alloc_file+0x50/0x210 [ 539.993250][T14828] __sys_socket+0x1c0/0x260 [ 539.993281][T14828] ? __pfx___sys_socket+0x10/0x10 [ 539.993313][T14828] ? rcu_is_watching+0x12/0xc0 [ 539.993359][T14828] __x64_sys_socket+0x72/0xb0 [ 539.993388][T14828] ? lockdep_hardirqs_on+0x7c/0x110 [ 539.993431][T14828] do_syscall_64+0xcd/0x260 [ 539.993477][T14828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.993508][T14828] RIP: 0033:0x7f10d338d169 [ 539.993533][T14828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 539.993563][T14828] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 539.993592][T14828] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 539.993614][T14828] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 539.993631][T14828] RBP: 00007f10d340e990 R08: 0000000000000000 R09: 0000000000000000 [ 539.993649][T14828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 539.993666][T14828] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 539.993704][T14828] [ 540.001102][T14831] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2021'. [ 541.236294][T15209] bond0: Unable to set down delay as MII monitoring is disabled [ 546.188449][T17652] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2058'. [ 546.630721][T17721] kexec: Could not allocate control_code_buffer [ 547.471277][T18277] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[18277] [ 547.558408][T18277] FAULT_INJECTION: forcing a failure. [ 547.558408][T18277] name failslab, interval 1, probability 0, space 0, times 0 [ 547.589879][T18277] CPU: 0 UID: 0 PID: 18277 Comm: syz.3.2068 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 547.589933][T18277] Tainted: [U]=USER [ 547.589943][T18277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 547.589961][T18277] Call Trace: [ 547.589982][T18277] [ 547.589994][T18277] dump_stack_lvl+0x16c/0x1f0 [ 547.590046][T18277] should_fail_ex+0x512/0x640 [ 547.590081][T18277] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 547.590130][T18277] should_failslab+0xc2/0x120 [ 547.590161][T18277] __kmalloc_cache_noprof+0x6a/0x3e0 [ 547.590207][T18277] ? kernfs_fop_open+0x244/0xda0 [ 547.590254][T18277] kernfs_fop_open+0x244/0xda0 [ 547.590296][T18277] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 547.590351][T18277] do_dentry_open+0x741/0x1c10 [ 547.590397][T18277] ? __pfx_kernfs_fop_open+0x10/0x10 [ 547.590447][T18277] vfs_open+0x82/0x3f0 [ 547.590485][T18277] path_openat+0x1e5e/0x2d40 [ 547.590548][T18277] ? __pfx_path_openat+0x10/0x10 [ 547.590608][T18277] do_filp_open+0x20b/0x470 [ 547.590656][T18277] ? __pfx_do_filp_open+0x10/0x10 [ 547.590735][T18277] ? alloc_fd+0x471/0x7d0 [ 547.590794][T18277] do_sys_openat2+0x11b/0x1d0 [ 547.590827][T18277] ? __pfx_do_sys_openat2+0x10/0x10 [ 547.590879][T18277] __x64_sys_openat+0x174/0x210 [ 547.590915][T18277] ? __pfx___x64_sys_openat+0x10/0x10 [ 547.590953][T18277] ? rcu_is_watching+0x12/0xc0 [ 547.591012][T18277] do_syscall_64+0xcd/0x260 [ 547.591062][T18277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.591096][T18277] RIP: 0033:0x7f3ded18d169 [ 547.591122][T18277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.591153][T18277] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 547.591184][T18277] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 547.591206][T18277] RDX: 00000000001a1842 RSI: 00002000000003c0 RDI: ffffffffffffff9c [ 547.591226][T18277] RBP: 00007f3ded20e990 R08: 0000000000000000 R09: 0000000000000000 [ 547.591244][T18277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 547.591263][T18277] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 547.591305][T18277] [ 548.659368][T18392] usbip-vudc usbip-vudc.0: gadget not bound [ 550.558915][T19117] FAULT_INJECTION: forcing a failure. [ 550.558915][T19117] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 550.620293][T19117] CPU: 0 UID: 0 PID: 19117 Comm: syz.3.2082 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 550.620345][T19117] Tainted: [U]=USER [ 550.620355][T19117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 550.620373][T19117] Call Trace: [ 550.620382][T19117] [ 550.620394][T19117] dump_stack_lvl+0x16c/0x1f0 [ 550.620444][T19117] should_fail_ex+0x512/0x640 [ 550.620485][T19117] should_fail_alloc_page+0xe7/0x130 [ 550.620517][T19117] prepare_alloc_pages+0x3c2/0x610 [ 550.620562][T19117] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 550.620613][T19117] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 550.620656][T19117] ? is_bpf_text_address+0x94/0x1a0 [ 550.620691][T19117] ? kernel_text_address+0x8d/0x100 [ 550.620728][T19117] ? __kernel_text_address+0xd/0x40 [ 550.620763][T19117] ? unwind_get_return_address+0x59/0xa0 [ 550.620805][T19117] ? arch_stack_walk+0xa6/0x100 [ 550.620860][T19117] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 550.620914][T19117] ? __lock_acquire+0x5ca/0x1ba0 [ 550.620980][T19117] ? __pfx_stack_trace_save+0x10/0x10 [ 550.621016][T19117] ? stack_depot_save_flags+0x28/0xa50 [ 550.621052][T19117] ? look_up_lock_class+0x6b/0x150 [ 550.621092][T19117] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 550.621124][T19117] ? policy_nodemask+0xea/0x4e0 [ 550.621192][T19117] alloc_pages_mpol+0x1fb/0x550 [ 550.621223][T19117] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 550.621262][T19117] alloc_pages_noprof+0x131/0x390 [ 550.621292][T19117] __pmd_alloc+0x3f/0x870 [ 550.621326][T19117] ? find_held_lock+0x2b/0x80 [ 550.621366][T19117] __handle_mm_fault+0x948/0x2a40 [ 550.621421][T19117] ? __pfx___handle_mm_fault+0x10/0x10 [ 550.621487][T19117] ? find_vma+0xbf/0x140 [ 550.621518][T19117] ? __pfx_find_vma+0x10/0x10 [ 550.621556][T19117] handle_mm_fault+0x3fe/0xad0 [ 550.621605][T19117] do_user_addr_fault+0x7a6/0x1370 [ 550.621645][T19117] ? rcu_is_watching+0x12/0xc0 [ 550.621692][T19117] exc_page_fault+0x5c/0xc0 [ 550.621734][T19117] asm_exc_page_fault+0x26/0x30 [ 550.621762][T19117] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 550.621796][T19117] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 550.621826][T19117] RSP: 0018:ffffc9000307f9d0 EFLAGS: 00050202 [ 550.621850][T19117] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007 [ 550.621867][T19117] RDX: fffff5200060ff4c RSI: 0000000000000000 RDI: ffffc9000307fa58 [ 550.621886][T19117] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff5200060ff4b [ 550.621904][T19117] R10: ffffc9000307fa5e R11: 0000000000000000 R12: 0000000000000000 [ 550.621921][T19117] R13: ffffc9000307fa58 R14: 1ffff9200060ff45 R15: ffffc9000307fd8c [ 550.621967][T19117] _copy_from_user+0x98/0xd0 [ 550.622006][T19117] ____sys_sendmsg+0x607/0xc70 [ 550.622061][T19117] ? __pfx_____sys_sendmsg+0x10/0x10 [ 550.622117][T19117] ? __pfx__kstrtoull+0x10/0x10 [ 550.622171][T19117] ___sys_sendmsg+0x134/0x1d0 [ 550.622214][T19117] ? __pfx____sys_sendmsg+0x10/0x10 [ 550.622274][T19117] ? find_held_lock+0x2b/0x80 [ 550.622338][T19117] __sys_sendmmsg+0x200/0x420 [ 550.622383][T19117] ? __pfx___sys_sendmmsg+0x10/0x10 [ 550.622436][T19117] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 550.622499][T19117] ? fput+0x70/0xf0 [ 550.622528][T19117] ? ksys_write+0x1b9/0x240 [ 550.622568][T19117] ? __pfx_ksys_write+0x10/0x10 [ 550.622608][T19117] ? rcu_is_watching+0x12/0xc0 [ 550.622651][T19117] __x64_sys_sendmmsg+0x9c/0x100 [ 550.622697][T19117] ? lockdep_hardirqs_on+0x7c/0x110 [ 550.622739][T19117] do_syscall_64+0xcd/0x260 [ 550.622787][T19117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.622815][T19117] RIP: 0033:0x7f3ded18d169 [ 550.622836][T19117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 550.622865][T19117] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 550.622892][T19117] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 550.622912][T19117] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 550.622929][T19117] RBP: 00007f3dee045090 R08: 0000000000000000 R09: 0000000000000000 [ 550.622946][T19117] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 550.622963][T19117] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 550.623001][T19117] [ 551.636063][T19382] FAULT_INJECTION: forcing a failure. [ 551.636063][T19382] name failslab, interval 1, probability 0, space 0, times 0 [ 551.684460][T19382] CPU: 0 UID: 0 PID: 19382 Comm: syz.3.2085 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 551.684511][T19382] Tainted: [U]=USER [ 551.684521][T19382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 551.684539][T19382] Call Trace: [ 551.684550][T19382] [ 551.684561][T19382] dump_stack_lvl+0x16c/0x1f0 [ 551.684612][T19382] should_fail_ex+0x512/0x640 [ 551.684647][T19382] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 551.684702][T19382] should_failslab+0xc2/0x120 [ 551.684732][T19382] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 551.684778][T19382] ? acpi_evaluate_integer+0xdd/0x200 [ 551.684816][T19382] ? status_show+0xa0/0x120 [ 551.684861][T19382] ? dev_attr_show+0x53/0xe0 [ 551.684889][T19382] ? acpi_ps_alloc_op+0x25f/0x310 [ 551.684924][T19382] acpi_ps_alloc_op+0x25f/0x310 [ 551.684950][T19382] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 551.684987][T19382] acpi_ps_create_op+0x3dc/0xc20 [ 551.685039][T19382] ? __pfx_acpi_ps_create_op+0x10/0x10 [ 551.685103][T19382] acpi_ps_parse_loop+0xdd8/0x1d00 [ 551.685161][T19382] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 551.685214][T19382] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 551.685263][T19382] ? acpi_ut_create_thread_state+0x63/0x170 [ 551.685318][T19382] acpi_ps_parse_aml+0x3c1/0xcb0 [ 551.685381][T19382] acpi_ps_execute_method+0x55a/0xb30 [ 551.685419][T19382] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 551.685459][T19382] acpi_ns_evaluate+0x76c/0xca0 [ 551.685493][T19382] ? kasan_save_track+0x14/0x30 [ 551.685541][T19382] acpi_evaluate_object+0x1fa/0xa90 [ 551.685587][T19382] ? do_syscall_64+0xcd/0x260 [ 551.685629][T19382] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.685660][T19382] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 551.685707][T19382] ? __mutex_trylock_common+0xe9/0x250 [ 551.685742][T19382] acpi_evaluate_integer+0xdd/0x200 [ 551.685781][T19382] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 551.685838][T19382] ? __pfx_status_show+0x10/0x10 [ 551.685883][T19382] status_show+0xa0/0x120 [ 551.685928][T19382] ? __pfx_status_show+0x10/0x10 [ 551.685984][T19382] dev_attr_show+0x53/0xe0 [ 551.686015][T19382] ? __pfx_dev_attr_show+0x10/0x10 [ 551.686042][T19382] sysfs_kf_seq_show+0x213/0x3e0 [ 551.686090][T19382] seq_read_iter+0x506/0x12c0 [ 551.686146][T19382] kernfs_fop_read_iter+0x40f/0x5a0 [ 551.686181][T19382] ? rw_verify_area+0xcf/0x680 [ 551.686220][T19382] vfs_read+0x8c8/0xc70 [ 551.686265][T19382] ? __pfx___mutex_lock+0x10/0x10 [ 551.686307][T19382] ? __pfx_vfs_read+0x10/0x10 [ 551.686374][T19382] ksys_read+0x12a/0x240 [ 551.686420][T19382] ? __pfx_ksys_read+0x10/0x10 [ 551.686458][T19382] ? rcu_is_watching+0x12/0xc0 [ 551.686506][T19382] do_syscall_64+0xcd/0x260 [ 551.686550][T19382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.686580][T19382] RIP: 0033:0x7f3ded18d169 [ 551.686603][T19382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 551.686631][T19382] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 551.686658][T19382] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 551.686678][T19382] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 551.686694][T19382] RBP: 00007f3ded20e990 R08: 0000000000000000 R09: 0000000000000000 [ 551.686711][T19382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 551.686727][T19382] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 551.686765][T19382] [ 551.687797][T19382] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20240827/psparse-529) [ 555.733401][T21289] FAULT_INJECTION: forcing a failure. [ 555.733401][T21289] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 555.752226][T21289] CPU: 0 UID: 0 PID: 21289 Comm: syz.0.2110 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 555.752275][T21289] Tainted: [U]=USER [ 555.752285][T21289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 555.752302][T21289] Call Trace: [ 555.752313][T21289] [ 555.752324][T21289] dump_stack_lvl+0x16c/0x1f0 [ 555.752373][T21289] should_fail_ex+0x512/0x640 [ 555.752414][T21289] should_fail_alloc_page+0xe7/0x130 [ 555.752446][T21289] prepare_alloc_pages+0x3c2/0x610 [ 555.752491][T21289] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 555.752545][T21289] ? stack_trace_save+0x8e/0xc0 [ 555.752586][T21289] ? __pfx_stack_trace_save+0x10/0x10 [ 555.752626][T21289] ? stack_depot_save_flags+0x28/0xa50 [ 555.752673][T21289] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 555.752717][T21289] ? __kasan_slab_alloc+0x89/0x90 [ 555.752761][T21289] ? __pmd_alloc+0xc3/0x870 [ 555.752794][T21289] ? handle_mm_fault+0x3fe/0xad0 [ 555.752833][T21289] ? do_user_addr_fault+0x7a6/0x1370 [ 555.752866][T21289] ? exc_page_fault+0x5c/0xc0 [ 555.752901][T21289] ? asm_exc_page_fault+0x26/0x30 [ 555.752935][T21289] ? __get_user_4+0x14/0x20 [ 555.752965][T21289] ? ctrl_cdev_ioctl+0x1c0/0x3d0 [ 555.753008][T21289] ? __x64_sys_ioctl+0x190/0x200 [ 555.753058][T21289] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 555.753095][T21289] ? policy_nodemask+0xea/0x4e0 [ 555.753148][T21289] alloc_pages_mpol+0x1fb/0x550 [ 555.753179][T21289] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 555.753210][T21289] ? cgroup_rstat_updated+0x2a/0xb20 [ 555.753257][T21289] alloc_pages_noprof+0x131/0x390 [ 555.753287][T21289] pte_alloc_one+0x19/0x380 [ 555.753326][T21289] do_pte_missing+0x1c0b/0x3fb0 [ 555.753369][T21289] ? do_raw_spin_unlock+0x172/0x230 [ 555.753407][T21289] ? __pmd_alloc+0x3c2/0x870 [ 555.753440][T21289] ? find_held_lock+0x2b/0x80 [ 555.753481][T21289] __handle_mm_fault+0x103d/0x2a40 [ 555.753536][T21289] ? __pfx___handle_mm_fault+0x10/0x10 [ 555.753601][T21289] ? find_vma+0xbf/0x140 [ 555.753633][T21289] ? __pfx_find_vma+0x10/0x10 [ 555.753670][T21289] handle_mm_fault+0x3fe/0xad0 [ 555.753720][T21289] do_user_addr_fault+0x7a6/0x1370 [ 555.753759][T21289] ? rcu_is_watching+0x12/0xc0 [ 555.753801][T21289] exc_page_fault+0x5c/0xc0 [ 555.753843][T21289] asm_exc_page_fault+0x26/0x30 [ 555.753872][T21289] RIP: 0010:__get_user_4+0x14/0x20 [ 555.753912][T21289] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 [ 555.753942][T21289] RSP: 0018:ffffc9000bacfe38 EFLAGS: 00050287 [ 555.753966][T21289] RAX: 0000000000000000 RBX: 0000000040046f41 RCX: ffffc9000bacfddc [ 555.753985][T21289] RDX: 00007ffffffff000 RSI: ffffffff865e50c8 RDI: ffffffff8bf44f40 [ 555.754005][T21289] RBP: 1ffff92001759fc8 R08: 6e3da4e5b782f7c8 R09: 0000000000000001 [ 555.754023][T21289] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 555.754039][T21289] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000003 [ 555.754069][T21289] ? ctrl_cdev_ioctl+0x1b8/0x3d0 [ 555.754122][T21289] ctrl_cdev_ioctl+0x1c0/0x3d0 [ 555.754170][T21289] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 555.754218][T21289] ? __fget_files+0x20e/0x3c0 [ 555.754269][T21289] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 555.754318][T21289] __x64_sys_ioctl+0x190/0x200 [ 555.754359][T21289] do_syscall_64+0xcd/0x260 [ 555.754406][T21289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.754436][T21289] RIP: 0033:0x7fb9a7d8d169 [ 555.754460][T21289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 555.754489][T21289] RSP: 002b:00007fb9a8c5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 555.754516][T21289] RAX: ffffffffffffffda RBX: 00007fb9a7fa5fa0 RCX: 00007fb9a7d8d169 [ 555.754536][T21289] RDX: 0000000000000000 RSI: 0000000040046f41 RDI: 0000000000000003 [ 555.754553][T21289] RBP: 00007fb9a8c5e090 R08: 0000000000000000 R09: 0000000000000000 [ 555.754571][T21289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 555.754588][T21289] R13: 0000000000000000 R14: 00007fb9a7fa5fa0 R15: 00007fff518da798 [ 555.754627][T21289] [ 556.858154][T21293] FAULT_INJECTION: forcing a failure. [ 556.858154][T21293] name failslab, interval 1, probability 0, space 0, times 0 [ 556.891391][T21293] CPU: 1 UID: 0 PID: 21293 Comm: syz.0.2113 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 556.891440][T21293] Tainted: [U]=USER [ 556.891449][T21293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 556.891465][T21293] Call Trace: [ 556.891474][T21293] [ 556.891485][T21293] dump_stack_lvl+0x16c/0x1f0 [ 556.891532][T21293] should_fail_ex+0x512/0x640 [ 556.891564][T21293] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 556.891615][T21293] should_failslab+0xc2/0x120 [ 556.891644][T21293] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 556.891691][T21293] ? __alloc_skb+0x2b2/0x380 [ 556.891732][T21293] __alloc_skb+0x2b2/0x380 [ 556.891767][T21293] ? __pfx___alloc_skb+0x10/0x10 [ 556.891804][T21293] ? bpf_ksym_find+0x124/0x1c0 [ 556.891842][T21293] ? aa_label_sk_perm+0x19b/0x5a0 [ 556.891875][T21293] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 556.891925][T21293] tcp_stream_alloc_skb+0x34/0x570 [ 556.891958][T21293] tcp_sendmsg_locked+0xec1/0x3930 [ 556.892023][T21293] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 556.892058][T21293] ? do_raw_spin_lock+0x12c/0x2b0 [ 556.892094][T21293] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 556.892139][T21293] ? __local_bh_enable_ip+0xa4/0x120 [ 556.892186][T21293] tcp_sendmsg+0x2e/0x50 [ 556.892212][T21293] ? __pfx_tcp_sendmsg+0x10/0x10 [ 556.892240][T21293] inet_sendmsg+0xb9/0x140 [ 556.892270][T21293] sock_write_iter+0x4aa/0x5b0 [ 556.892323][T21293] ? __pfx_sock_write_iter+0x10/0x10 [ 556.892387][T21293] ? bpf_lsm_file_permission+0x9/0x10 [ 556.892426][T21293] ? security_file_permission+0x71/0x210 [ 556.892468][T21293] ? rw_verify_area+0xcf/0x680 [ 556.892508][T21293] vfs_write+0x5ba/0x1180 [ 556.892555][T21293] ? __pfx_sock_write_iter+0x10/0x10 [ 556.892626][T21293] ? __pfx_vfs_write+0x10/0x10 [ 556.892667][T21293] ? find_held_lock+0x2b/0x80 [ 556.892735][T21293] ksys_write+0x205/0x240 [ 556.892779][T21293] ? __pfx_ksys_write+0x10/0x10 [ 556.892821][T21293] ? rcu_is_watching+0x12/0xc0 [ 556.892873][T21293] do_syscall_64+0xcd/0x260 [ 556.892921][T21293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 556.892953][T21293] RIP: 0033:0x7fb9a7d8d169 [ 556.892978][T21293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 556.893017][T21293] RSP: 002b:00007fb9a8c5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 556.893047][T21293] RAX: ffffffffffffffda RBX: 00007fb9a7fa5fa0 RCX: 00007fb9a7d8d169 [ 556.893069][T21293] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 556.893088][T21293] RBP: 00007fb9a8c5e090 R08: 0000000000000000 R09: 0000000000000000 [ 556.893107][T21293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 556.893127][T21293] R13: 0000000000000000 R14: 00007fb9a7fa5fa0 R15: 00007fff518da798 [ 556.893169][T21293] [ 557.567840][T21297] FAULT_INJECTION: forcing a failure. [ 557.567840][T21297] name failslab, interval 1, probability 0, space 0, times 0 [ 557.712690][T21297] CPU: 1 UID: 0 PID: 21297 Comm: syz.4.2112 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 557.712758][T21297] Tainted: [U]=USER [ 557.712770][T21297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 557.712789][T21297] Call Trace: [ 557.712799][T21297] [ 557.712811][T21297] dump_stack_lvl+0x16c/0x1f0 [ 557.712866][T21297] should_fail_ex+0x512/0x640 [ 557.712903][T21297] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 557.712955][T21297] should_failslab+0xc2/0x120 [ 557.712992][T21297] __kmalloc_cache_node_noprof+0x6d/0x420 [ 557.713041][T21297] ? lockdep_init_map_type+0x5c/0x280 [ 557.713072][T21297] ? __alloc_workqueue+0x694/0x1810 [ 557.713133][T21297] __alloc_workqueue+0x694/0x1810 [ 557.713198][T21297] alloc_workqueue+0xd2/0x200 [ 557.713248][T21297] ? __pfx_alloc_workqueue+0x10/0x10 [ 557.713307][T21297] ? rcu_is_watching+0x12/0xc0 [ 557.713346][T21297] ? trace_kmalloc+0x2b/0xd0 [ 557.713379][T21297] ? do_raw_spin_lock+0x12c/0x2b0 [ 557.713414][T21297] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 557.713457][T21297] ieee80211_register_hw+0x1e18/0x4020 [ 557.713494][T21297] ? _raw_spin_unlock_irqrestore+0x11/0x80 [ 557.713537][T21297] ? __debug_object_init+0x211/0x3d0 [ 557.713588][T21297] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 557.713628][T21297] ? find_held_lock+0x2b/0x80 [ 557.713669][T21297] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 557.713706][T21297] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 557.713754][T21297] ? __hrtimer_setup+0x176/0x280 [ 557.713793][T21297] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 557.713858][T21297] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 557.713899][T21297] ? lockdep_hardirqs_on+0x7c/0x110 [ 557.713953][T21297] hwsim_new_radio_nl+0xb51/0x12c0 [ 557.714002][T21297] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 557.714056][T21297] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 557.714114][T21297] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 557.714181][T21297] genl_family_rcv_msg_doit+0x206/0x2f0 [ 557.714238][T21297] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 557.714293][T21297] ? trace_cap_capable+0x18d/0x200 [ 557.714333][T21297] ? bpf_lsm_capable+0x9/0x10 [ 557.714379][T21297] ? security_capable+0x7e/0x260 [ 557.714432][T21297] ? ns_capable+0xd7/0x110 [ 557.714476][T21297] genl_rcv_msg+0x55c/0x800 [ 557.714513][T21297] ? __pfx_genl_rcv_msg+0x10/0x10 [ 557.714542][T21297] ? __pfx___dev_queue_xmit+0x10/0x10 [ 557.714578][T21297] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 557.714619][T21297] ? __lock_acquire+0xaa4/0x1ba0 [ 557.714700][T21297] netlink_rcv_skb+0x16a/0x440 [ 557.714749][T21297] ? __pfx_genl_rcv_msg+0x10/0x10 [ 557.714782][T21297] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 557.714851][T21297] ? __pfx_down_read+0x10/0x10 [ 557.714882][T21297] ? netlink_deliver_tap+0x1ae/0xd30 [ 557.714933][T21297] genl_rcv+0x28/0x40 [ 557.714987][T21297] netlink_unicast+0x53a/0x7f0 [ 557.715040][T21297] ? __pfx_netlink_unicast+0x10/0x10 [ 557.715083][T21297] ? __lock_acquire+0xaa4/0x1ba0 [ 557.715145][T21297] netlink_sendmsg+0x8d1/0xdd0 [ 557.715199][T21297] ? __pfx_netlink_sendmsg+0x10/0x10 [ 557.715263][T21297] ____sys_sendmsg+0xa95/0xc70 [ 557.715315][T21297] ? copy_msghdr_from_user+0x10a/0x160 [ 557.715356][T21297] ? __pfx_____sys_sendmsg+0x10/0x10 [ 557.715413][T21297] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 557.715467][T21297] ___sys_sendmsg+0x134/0x1d0 [ 557.715512][T21297] ? __pfx____sys_sendmsg+0x10/0x10 [ 557.715609][T21297] __sys_sendmsg+0x16d/0x220 [ 557.715651][T21297] ? __pfx___sys_sendmsg+0x10/0x10 [ 557.715691][T21297] ? __x64_sys_futex+0x1e0/0x4c0 [ 557.715747][T21297] ? rcu_is_watching+0x12/0xc0 [ 557.715800][T21297] do_syscall_64+0xcd/0x260 [ 557.715850][T21297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.715881][T21297] RIP: 0033:0x7fca17b8d169 [ 557.715908][T21297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.715939][T21297] RSP: 002b:00007fca159f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 557.715970][T21297] RAX: ffffffffffffffda RBX: 00007fca17da5fa0 RCX: 00007fca17b8d169 [ 557.715997][T21297] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006 [ 557.716017][T21297] RBP: 00007fca17c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 557.716036][T21297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.716055][T21297] R13: 0000000000000000 R14: 00007fca17da5fa0 R15: 00007ffd7f2c6d18 [ 557.716097][T21297] [ 561.023129][T15970] syz.4.2026 (15970) used greatest stack depth: 19368 bytes left [ 561.778058][T22606] random: crng reseeded on system resumption [ 562.258533][T22771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2134'. [ 562.776433][T22873] capability: warning: `syz.1.2136' uses deprecated v2 capabilities in a way that may be insecure [ 563.601560][T14625] syz.4.2013 (14625) used greatest stack depth: 19320 bytes left [ 563.777383][T23191] FAULT_INJECTION: forcing a failure. [ 563.777383][T23191] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 563.835462][T23191] CPU: 1 UID: 0 PID: 23191 Comm: syz.0.2142 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 563.835510][T23191] Tainted: [U]=USER [ 563.835519][T23191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 563.835537][T23191] Call Trace: [ 563.835547][T23191] [ 563.835558][T23191] dump_stack_lvl+0x16c/0x1f0 [ 563.835608][T23191] should_fail_ex+0x512/0x640 [ 563.835650][T23191] _copy_from_user+0x2e/0xd0 [ 563.835698][T23191] memdup_user_nul+0x6c/0x120 [ 563.835733][T23191] subsystem_filter_write+0x6a/0x120 [ 563.835784][T23191] vfs_write+0x25c/0x1180 [ 563.835825][T23191] ? __pfx_subsystem_filter_write+0x10/0x10 [ 563.835878][T23191] ? __pfx___mutex_lock+0x10/0x10 [ 563.835922][T23191] ? __pfx_vfs_write+0x10/0x10 [ 563.835977][T23191] ? __fget_files+0x20e/0x3c0 [ 563.836043][T23191] ksys_write+0x12a/0x240 [ 563.836084][T23191] ? __pfx_ksys_write+0x10/0x10 [ 563.836125][T23191] ? rcu_is_watching+0x12/0xc0 [ 563.836175][T23191] do_syscall_64+0xcd/0x260 [ 563.836223][T23191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.836254][T23191] RIP: 0033:0x7fb9a7d8d169 [ 563.836283][T23191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 563.836312][T23191] RSP: 002b:00007fb9a8c5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 563.836339][T23191] RAX: ffffffffffffffda RBX: 00007fb9a7fa5fa0 RCX: 00007fb9a7d8d169 [ 563.836359][T23191] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000003 [ 563.836375][T23191] RBP: 00007fb9a8c5e090 R08: 0000000000000000 R09: 0000000000000000 [ 563.836393][T23191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 563.836410][T23191] R13: 0000000000000000 R14: 00007fb9a7fa5fa0 R15: 00007fff518da798 [ 563.836449][T23191] [ 567.393490][T24757] FAULT_INJECTION: forcing a failure. [ 567.393490][T24757] name failslab, interval 1, probability 0, space 0, times 0 [ 567.414458][T24757] CPU: 0 UID: 0 PID: 24757 Comm: syz.1.2168 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 567.414508][T24757] Tainted: [U]=USER [ 567.414519][T24757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 567.414536][T24757] Call Trace: [ 567.414547][T24757] [ 567.414558][T24757] dump_stack_lvl+0x16c/0x1f0 [ 567.414608][T24757] should_fail_ex+0x512/0x640 [ 567.414644][T24757] ? fs_reclaim_acquire+0xae/0x150 [ 567.414695][T24757] ? tomoyo_encode2+0x100/0x3e0 [ 567.414736][T24757] should_failslab+0xc2/0x120 [ 567.414766][T24757] __kmalloc_noprof+0xd2/0x510 [ 567.414812][T24757] ? d_absolute_path+0x136/0x1a0 [ 567.414854][T24757] tomoyo_encode2+0x100/0x3e0 [ 567.414903][T24757] tomoyo_encode+0x29/0x50 [ 567.414944][T24757] tomoyo_realpath_from_path+0x18f/0x6e0 [ 567.415000][T24757] tomoyo_path_number_perm+0x245/0x580 [ 567.415037][T24757] ? tomoyo_path_number_perm+0x237/0x580 [ 567.415078][T24757] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 567.415119][T24757] ? find_held_lock+0x2b/0x80 [ 567.415207][T24757] ? find_held_lock+0x2b/0x80 [ 567.415245][T24757] ? hook_file_ioctl_common+0x145/0x410 [ 567.415287][T24757] ? __fget_files+0x20e/0x3c0 [ 567.415358][T24757] security_file_ioctl+0x9b/0x240 [ 567.415398][T24757] __x64_sys_ioctl+0xb7/0x200 [ 567.415440][T24757] do_syscall_64+0xcd/0x260 [ 567.415489][T24757] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.415520][T24757] RIP: 0033:0x7f10d338d169 [ 567.415544][T24757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.415575][T24757] RSP: 002b:00007f10d420b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 567.415604][T24757] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338d169 [ 567.415626][T24757] RDX: 0000000000000000 RSI: 000000000000540a RDI: 0000000000000003 [ 567.415643][T24757] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 567.415668][T24757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 567.415686][T24757] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 567.415727][T24757] [ 567.415753][T24757] ERROR: Out of memory at tomoyo_realpath_from_path. [ 567.750146][T24759] Invalid ELF header magic: != ELF [ 568.251619][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.258036][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.151947][T25684] FAULT_INJECTION: forcing a failure. [ 569.151947][T25684] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 569.165603][T25684] CPU: 1 UID: 0 PID: 25684 Comm: syz.4.2185 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 569.165650][T25684] Tainted: [U]=USER [ 569.165660][T25684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 569.165677][T25684] Call Trace: [ 569.165686][T25684] [ 569.165698][T25684] dump_stack_lvl+0x16c/0x1f0 [ 569.165745][T25684] should_fail_ex+0x512/0x640 [ 569.165786][T25684] should_fail_alloc_page+0xe7/0x130 [ 569.165818][T25684] prepare_alloc_pages+0x3c2/0x610 [ 569.165856][T25684] ? rcu_is_watching+0x12/0xc0 [ 569.165897][T25684] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 569.165967][T25684] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 569.166017][T25684] ? do_raw_spin_lock+0x12c/0x2b0 [ 569.166052][T25684] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 569.166086][T25684] ? cgroup_rstat_updated+0x2a/0xb20 [ 569.166124][T25684] ? look_up_lock_class+0x59/0x150 [ 569.166172][T25684] ? find_held_lock+0x2b/0x80 [ 569.166220][T25684] ? __lock_acquire+0xaa4/0x1ba0 [ 569.166265][T25684] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 569.166298][T25684] ? policy_nodemask+0xea/0x4e0 [ 569.166349][T25684] alloc_pages_mpol+0x1fb/0x550 [ 569.166378][T25684] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 569.166417][T25684] folio_alloc_mpol_noprof+0x36/0x2f0 [ 569.166453][T25684] shmem_alloc_folio+0x135/0x160 [ 569.166521][T25684] shmem_alloc_and_add_folio+0x499/0xc20 [ 569.166578][T25684] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 569.166633][T25684] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 569.166687][T25684] shmem_get_folio_gfp+0x687/0x1530 [ 569.166745][T25684] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 569.166804][T25684] shmem_fault+0x1fe/0xa30 [ 569.166856][T25684] ? __pfx_shmem_fault+0x10/0x10 [ 569.166908][T25684] ? filemap_get_entry+0x1b1/0x3b0 [ 569.166941][T25684] ? __pfx_filemap_get_entry+0x10/0x10 [ 569.166986][T25684] ? __pfx_filemap_map_pages+0x10/0x10 [ 569.167014][T25684] __do_fault+0x10a/0x490 [ 569.167045][T25684] ? __pfx_filemap_map_pages+0x10/0x10 [ 569.167073][T25684] do_pte_missing+0x1a6/0x3fb0 [ 569.167120][T25684] ? __handle_mm_fault+0x1010/0x2a40 [ 569.167168][T25684] __handle_mm_fault+0x103d/0x2a40 [ 569.167223][T25684] ? __pfx___handle_mm_fault+0x10/0x10 [ 569.167289][T25684] ? find_vma+0xbf/0x140 [ 569.167321][T25684] ? __pfx_find_vma+0x10/0x10 [ 569.167358][T25684] handle_mm_fault+0x3fe/0xad0 [ 569.167407][T25684] do_user_addr_fault+0x7a6/0x1370 [ 569.167446][T25684] ? rcu_is_watching+0x12/0xc0 [ 569.167495][T25684] exc_page_fault+0x5c/0xc0 [ 569.167538][T25684] asm_exc_page_fault+0x26/0x30 [ 569.167567][T25684] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 569.167603][T25684] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 569.167632][T25684] RSP: 0018:ffffc9000be5fe80 EFLAGS: 00050206 [ 569.167655][T25684] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 569.167673][T25684] RDX: 0000000000000000 RSI: ffff888078886000 RDI: 0000000000001000 [ 569.167692][T25684] RBP: 0000000000001000 R08: 0000000000000000 R09: ffffed100f110dff [ 569.167711][T25684] R10: ffff888078886fff R11: 0000000000000000 R12: ffff888078886000 [ 569.167730][T25684] R13: 0000000000002000 R14: 00007ffffffff000 R15: 0000000000000000 [ 569.167788][T25684] _copy_to_user+0xbb/0xd0 [ 569.167830][T25684] __do_sys_mincore+0x2a8/0x620 [ 569.167886][T25684] do_syscall_64+0xcd/0x260 [ 569.167936][T25684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.167966][T25684] RIP: 0033:0x7fca17b8d169 [ 569.167990][T25684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.168020][T25684] RSP: 002b:00007fca159f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b [ 569.168048][T25684] RAX: ffffffffffffffda RBX: 00007fca17da5fa0 RCX: 00007fca17b8d169 [ 569.168068][T25684] RDX: 0000000000000000 RSI: 0000000004000000 RDI: 0000000000001000 [ 569.168087][T25684] RBP: 00007fca159f6090 R08: 0000000000000000 R09: 0000000000000000 [ 569.168106][T25684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 569.168124][T25684] R13: 0000000000000000 R14: 00007fca17da5fa0 R15: 00007ffd7f2c6d18 [ 569.168163][T25684] [ 569.843815][T25851] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 570.432889][T26130] Setting dangerous option i915.mitigations - tainting kernel [ 570.467172][T26131] Setting dangerous option i915.mitigations - tainting kernel [ 570.475098][T26130] FAULT_INJECTION: forcing a failure. [ 570.475098][T26130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 570.506358][T26130] CPU: 1 UID: 0 PID: 26130 Comm: syz.1.2198 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 570.506407][T26130] Tainted: [U]=USER [ 570.506417][T26130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 570.506435][T26130] Call Trace: [ 570.506445][T26130] [ 570.506456][T26130] dump_stack_lvl+0x16c/0x1f0 [ 570.506506][T26130] should_fail_ex+0x512/0x640 [ 570.506547][T26130] _copy_to_user+0x32/0xd0 [ 570.506590][T26130] simple_read_from_buffer+0xcb/0x170 [ 570.506646][T26130] proc_fail_nth_read+0x197/0x270 [ 570.506691][T26130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 570.506742][T26130] ? rw_verify_area+0xcf/0x680 [ 570.506791][T26130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 570.506834][T26130] vfs_read+0x1de/0xc70 [ 570.506881][T26130] ? __pfx___mutex_lock+0x10/0x10 [ 570.506925][T26130] ? __pfx_vfs_read+0x10/0x10 [ 570.506977][T26130] ? __fget_files+0x20e/0x3c0 [ 570.507033][T26130] ksys_read+0x12a/0x240 [ 570.507075][T26130] ? __pfx_ksys_read+0x10/0x10 [ 570.507114][T26130] ? rcu_is_watching+0x12/0xc0 [ 570.507163][T26130] do_syscall_64+0xcd/0x260 [ 570.507212][T26130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.507244][T26130] RIP: 0033:0x7f10d338bb7c [ 570.507268][T26130] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 570.507298][T26130] RSP: 002b:00007f10d420b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 570.507325][T26130] RAX: ffffffffffffffda RBX: 00007f10d35a5fa0 RCX: 00007f10d338bb7c [ 570.507345][T26130] RDX: 000000000000000f RSI: 00007f10d420b0a0 RDI: 0000000000000004 [ 570.507363][T26130] RBP: 00007f10d420b090 R08: 0000000000000000 R09: 0000000000000000 [ 570.507381][T26130] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000002 [ 570.507401][T26130] R13: 0000000000000000 R14: 00007f10d35a5fa0 R15: 00007ffce205eaa8 [ 570.507441][T26130] [ 572.687494][T26765] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(1986356271.1836477231.4294967040), cmd(11) [ 572.748053][T26768] FAULT_INJECTION: forcing a failure. [ 572.748053][T26768] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 572.775360][T26768] CPU: 1 UID: 0 PID: 26768 Comm: syz.0.2213 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 572.775411][T26768] Tainted: [U]=USER [ 572.775422][T26768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 572.775441][T26768] Call Trace: [ 572.775452][T26768] [ 572.775463][T26768] dump_stack_lvl+0x16c/0x1f0 [ 572.775514][T26768] should_fail_ex+0x512/0x640 [ 572.775557][T26768] _copy_from_user+0x2e/0xd0 [ 572.775599][T26768] kstrtouint_from_user+0xd6/0x1d0 [ 572.775649][T26768] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 572.775697][T26768] ? __lock_acquire+0xaa4/0x1ba0 [ 572.775768][T26768] proc_fail_nth_write+0x83/0x250 [ 572.775813][T26768] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 572.775869][T26768] vfs_write+0x25c/0x1180 [ 572.775911][T26768] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 572.775961][T26768] ? __pfx___mutex_lock+0x10/0x10 [ 572.776007][T26768] ? __pfx_vfs_write+0x10/0x10 [ 572.776064][T26768] ? __fget_files+0x20e/0x3c0 [ 572.776123][T26768] ksys_write+0x12a/0x240 [ 572.776166][T26768] ? __pfx_ksys_write+0x10/0x10 [ 572.776208][T26768] ? rcu_is_watching+0x12/0xc0 [ 572.776259][T26768] do_syscall_64+0xcd/0x260 [ 572.776309][T26768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.776348][T26768] RIP: 0033:0x7fb9a7d8bc1f [ 572.776373][T26768] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 572.776402][T26768] RSP: 002b:00007fb9a8c5e030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 572.776430][T26768] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb9a7d8bc1f [ 572.776450][T26768] RDX: 0000000000000001 RSI: 00007fb9a8c5e0a0 RDI: 0000000000000006 [ 572.776468][T26768] RBP: 00007fb9a8c5e090 R08: 0000000000000000 R09: 0000000000000000 [ 572.776487][T26768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 572.776505][T26768] R13: 0000000000000000 R14: 00007fb9a7fa5fa0 R15: 00007fff518da798 [ 572.776547][T26768] [ 573.472780][T26887] input: jJǸ-9%vlQ J8fi as /devices/virtual/input/input73 [ 573.485352][T26887] blkio.reset_stats is deprecated [ 573.854082][T27096] Invalid ELF header magic: != ELF [ 574.261839][T27406] [ 574.264206][T27406] ====================================================== [ 574.271239][T27406] WARNING: possible circular locking dependency detected [ 574.278280][T27406] 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 Tainted: G U [ 574.286969][T27406] ------------------------------------------------------ [ 574.293994][T27406] syz.3.2225/27406 is trying to acquire lock: [ 574.300070][T27406] ffff88805dcd2418 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 574.309336][T27406] [ 574.309336][T27406] but task is already holding lock: [ 574.316703][T27406] ffffffff9012d9e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240 [ 574.325618][T27406] [ 574.325618][T27406] which lock already depends on the new lock. [ 574.325618][T27406] [ 574.336030][T27406] [ 574.336030][T27406] the existing dependency chain (in reverse order) is: [ 574.345052][T27406] [ 574.345052][T27406] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 574.352289][T27406] __mutex_lock+0x199/0xb90 [ 574.357341][T27406] smc_vlan_by_tcpsk+0x251/0x620 [ 574.362821][T27406] __smc_connect+0x44b/0x4880 [ 574.368035][T27406] smc_connect_work+0x54c/0xae0 [ 574.373422][T27406] process_one_work+0x9cc/0x1b70 [ 574.378903][T27406] worker_thread+0x6c8/0xf10 [ 574.384033][T27406] kthread+0x3c2/0x780 [ 574.388640][T27406] ret_from_fork+0x45/0x80 [ 574.393595][T27406] ret_from_fork_asm+0x1a/0x30 [ 574.398912][T27406] [ 574.398912][T27406] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}: [ 574.406591][T27406] __lock_acquire+0x1173/0x1ba0 [ 574.411986][T27406] lock_acquire+0x179/0x350 [ 574.417019][T27406] lock_sock_nested+0x41/0xf0 [ 574.422237][T27406] sockopt_lock_sock+0x54/0x70 [ 574.427541][T27406] do_ip_setsockopt+0xfe/0x3240 [ 574.432934][T27406] ip_setsockopt+0x59/0xf0 [ 574.437907][T27406] do_sock_setsockopt+0x221/0x470 [ 574.443485][T27406] __sys_setsockopt+0x1a0/0x230 [ 574.448875][T27406] __x64_sys_setsockopt+0xbd/0x160 [ 574.454536][T27406] do_syscall_64+0xcd/0x260 [ 574.459591][T27406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.466022][T27406] [ 574.466022][T27406] other info that might help us debug this: [ 574.466022][T27406] [ 574.476255][T27406] Possible unsafe locking scenario: [ 574.476255][T27406] [ 574.483707][T27406] CPU0 CPU1 [ 574.489075][T27406] ---- ---- [ 574.494445][T27406] lock(rtnl_mutex); [ 574.498442][T27406] lock(sk_lock-AF_INET); [ 574.505382][T27406] lock(rtnl_mutex); [ 574.511891][T27406] lock(sk_lock-AF_INET); [ 574.516328][T27406] [ 574.516328][T27406] *** DEADLOCK *** [ 574.516328][T27406] [ 574.524476][T27406] 1 lock held by syz.3.2225/27406: [ 574.529590][T27406] #0: ffffffff9012d9e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240 [ 574.538948][T27406] [ 574.538948][T27406] stack backtrace: [ 574.544846][T27406] CPU: 0 UID: 0 PID: 27406 Comm: syz.3.2225 Tainted: G U 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) [ 574.544886][T27406] Tainted: [U]=USER [ 574.544894][T27406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 574.544909][T27406] Call Trace: [ 574.544923][T27406] [ 574.544932][T27406] dump_stack_lvl+0x116/0x1f0 [ 574.544971][T27406] print_circular_bug+0x275/0x350 [ 574.545017][T27406] check_noncircular+0x14c/0x170 [ 574.545067][T27406] __lock_acquire+0x1173/0x1ba0 [ 574.545116][T27406] ? do_ip_setsockopt+0xf6/0x3240 [ 574.545155][T27406] lock_acquire+0x179/0x350 [ 574.545178][T27406] ? sockopt_lock_sock+0x54/0x70 [ 574.545220][T27406] lock_sock_nested+0x41/0xf0 [ 574.545252][T27406] ? sockopt_lock_sock+0x54/0x70 [ 574.545283][T27406] sockopt_lock_sock+0x54/0x70 [ 574.545312][T27406] do_ip_setsockopt+0xfe/0x3240 [ 574.545337][T27406] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 574.545360][T27406] ? aa_sk_perm+0x2f4/0xb10 [ 574.545386][T27406] ? __lock_acquire+0x5ca/0x1ba0 [ 574.545423][T27406] ? __pfx_aa_sk_perm+0x10/0x10 [ 574.545449][T27406] ? percpu_counter_add_batch+0xb8/0x1f0 [ 574.545474][T27406] ip_setsockopt+0x59/0xf0 [ 574.545496][T27406] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 574.545533][T27406] do_sock_setsockopt+0x221/0x470 [ 574.545568][T27406] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 574.545640][T27406] __sys_setsockopt+0x1a0/0x230 [ 574.545686][T27406] __x64_sys_setsockopt+0xbd/0x160 [ 574.545714][T27406] ? do_syscall_64+0x91/0x260 [ 574.545748][T27406] ? lockdep_hardirqs_on+0x7c/0x110 [ 574.545779][T27406] do_syscall_64+0xcd/0x260 [ 574.545815][T27406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.545838][T27406] RIP: 0033:0x7f3ded18d169 [ 574.545857][T27406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.545881][T27406] RSP: 002b:00007f3dee045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 574.545903][T27406] RAX: ffffffffffffffda RBX: 00007f3ded3a5fa0 RCX: 00007f3ded18d169 [ 574.545925][T27406] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003 [ 574.545940][T27406] RBP: 00007f3ded20e990 R08: 0000000000008000 R09: 0000000000000000 [ 574.545955][T27406] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000 [ 574.545969][T27406] R13: 0000000000000000 R14: 00007f3ded3a5fa0 R15: 00007ffd282ce1a8 [ 574.545992][T27406]