program: r0 = syz_io_uring_setup(0x426a, &(0x7f0000000400)={0x0, 0x208a09, 0x2, 0x800401, 0x1000c3}, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r2 = syz_mount_image$hfs(&(0x7f0000000240), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYRES8=r1], 0x1, 0x23a, &(0x7f0000000800)="$eJzs3cFqE18Ux/Hfvcm//2hLHduK4LJacCVt3YgbQfIQrkRtIhSHClpBXYlr8QHc+wo+hCvxBXTlygfIbuSeuU2mcSaTVpOx7fcDCdPOPTPn9M507gmUCsCZdbf77ePNH+HlpJZakm5LXlJHaku6pMudF3v7u/tpvzfpQC2LCC+nPNL9NmZnr18WGuIsIkrCV20tFb+H2ciyLPvedBJonN39Jbz0f7w7bX9n7pnNxpumE5i50ukccgMN9FLLc0sHAPBPis9/Hx8cS3H97r20ER/7p+r5P2g6gYYVnv/WZWUuzO8F2zXq96yFC/v9QZd4nHMtKL+yDq1IXF1Xabn4c4930/6Nnadpz+ut7kSFYWv23ssv3QM12a6X9KYTHL/2Ravhv1DDdkX+q3/3jPXcZ/fF3XeJPqg3XP+1MxemyWYqGZupPP/N6iNalUk+qqLKi3aSK/EMUU2Vneol7EI85qEPCJK6PC1qZSwqr26rJmq1NGq7JmptPGp0NVdHzpp77+65df3UJ3UL638fftobmubODGNsZLwyJtbTtpHJFIn5I5WBP/NOj3RLy89fvX7yME37z9hggw02hhtN/4LCPIwmvelM0JCw7nJ5/1foVzatRQpvyYR1elZ38MIRtyp6gxV7P3+kDm6xuoObtue6el26Nv0Zk5jnKeG6+qoHfP4PAAAAAAAAAAAAAAAAAABw0szjzwmarhEAAAAAAAAAAAAAAAAAAAAAgJOO//8LnF2/AgAA//9NFIIb") epoll_pwait(r2, 0x0, 0x0, 0xff, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x400c810}, 0xc000) set_mempolicy(0x2, &(0x7f0000000000)=0x1, 0x4) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000080)=@rose={'rose', 0x0}, 0x10) io_uring_setup(0x2810, &(0x7f0000000340)={0x0, 0xeec2, 0x2, 0x0, 0x247, 0x0, r0}) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0) r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0xb, 0x800) socket$inet_mptcp(0x2, 0x1, 0x106) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r4, 0x29, 0x11, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) setresuid(0x0, 0xee00, 0x0) r5 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x200005, &(0x7f00000001c0)={[], [{@fscontext={'fscontext', 0x3d, 'user_u'}}]}, 0x4, 0x58e, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvm2zSH6kmFUFrDwYKtqAmTVpRRLDFevPgj4InwZikpXTbhiaCrRVbqP+B/gGCNy/isYgU9eLVm+AfIMUiNRdvkdnMpNtmN8m2m07tfD4wybx5u3zf7PLdN/P2zWwAtTWW/8ki9kTEfIoYaatrRFE5tvK4f25dmlm6dWkmxfLye3+nSMW28vGp+D9cPHl7RPz2U4onBtbGXbhw8fR0szl3vihPLJ6Zn1i4cPHFU2emT86dnDs7Nfny5EuHD00dPtiX/czb8sv4scbVE2/s/W7mm92f//DttRRHYldR374f/TIWY6uvSbv8dX2l38EqMlDsT/tbnBoVNoielO/fYEQ8FSMxELffvJH44p1KGwdsqeUUsQzUVJL/UFPlcUB+/lsu1R6RAA/KzaMrAwDl2N7Sav43VsYGY3trbGDnUor2YZ0UEf0YmctjzD+XRvIltmgcDujs8pWIeLpT/59auTnaGjnP8z+7I/+ziHi7+J9vf/ce44/dVZb/8ODcT/5/2Jb/H91jfPkPAAAAAAAA/XP9aES80On7v2x1/k9ENO6e/zMcEUf6EH/j7/+yG30IA3Rw82jEaxGxtGb+X1Y+ZHSgKD3Wmg8wmE6cas4djIjHI+JADG7Ly5PrxBjb++tg17q2+X/5kscv5wIW7bjR2Hbnc2anF6fvZ5+BFTevRDzTyPM/xZ35n1b7/9Rh/m/+eTC/yRjLx17/uVvdxvkPbJXlryP2d+z/b9+5Iq1/f46J1vHARHlUsNanH1z7vlt8+Q/Vyfv/nevn/2hqv1/PQu8xPvvrj/vI/87H/0PpeOuWM0PFtk+mFxfPT0YMpbfWbp/qvc3wKCrzocyXPP8P7Ot8/r/e8f+OiLi8yZjHf3zzarc6/T9UJ8//2Z76/95X9r3/1b/d4m+u/z/c6tMPFFuM/8H6NpugVbcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6PsojYFSkbX13PsvHxiOGIeDJ2Zs1zC4vPnzj38dnZvK71+/9Z+Uu/IyvlVP7+/2hbeequ8qGI2B0RXw7saJXHZ841Z6veeQAAAAAAAAAAAAAAAAAAAHhIDHe5/j/350DVrQO2XKPqBgCVkf9QX/If6qvH/B/cqnYAD57+H+pL/kN9yX+oL/kP9ZXn//aqGwFUQv8PAAAAAACPlN3PXv89RcTlV3e0ltxQUWeePzzasqobAFTGLX6gvkz9gfpyjg+kDeq7Xx6w0TMBAAAAAAAAAAAAgH7Zv8f1/1BXrv+H+nL9P9SX6/+hvpzjA67/BwAAAAAAAAAAAICH38KFi6enm82581WsbCsaUU10K1aqWomHoxnrrVT8wQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKz6LwAA//+5lfSV") mount$nfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1c0030, 0x0) quotactl_fd$Q_GETQUOTA(r5, 0xffffffff80000700, 0x0, &(0x7f0000000140)) r6 = timerfd_create(0x0, 0x0) r7 = socket$inet6_icmp(0xa, 0x2, 0x3a) bind(r7, &(0x7f0000000780)=@ll={0x11, 0x7, 0x0, 0x1, 0x5, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x80) ioctl$EVIOCGBITKEY(r3, 0x80404521, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0) ioctl$EVIOCGREP(r3, 0x80084503, 0x0) fcntl$dupfd(r3, 0x0, r3) [ 87.346568][ T48] Bluetooth: hci0: command tx timeout [ 87.358356][ T788] cfg80211: failed to load regulatory.db [ 88.970436][ T5106] loop0: detected capacity change from 0 to 64 [ 89.198954][ T5106] syz.0.0 invoked oom-killer: gfp_mask=0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), order=0, oom_score_adj=1000 [ 89.212685][ T5106] CPU: 0 UID: 0 PID: 5106 Comm: syz.0.0 Not tainted 6.11.0-rc3-syzkaller-00279-ge5fa841af679 #0 [ 89.216791][ T5106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.220938][ T5106] Call Trace: [ 89.222259][ T5106] [ 89.223432][ T5106] dump_stack_lvl+0x241/0x360 [ 89.225363][ T5106] ? __pfx_dump_stack_lvl+0x10/0x10 [ 89.227386][ T5106] ? __pfx__printk+0x10/0x10 [ 89.229230][ T5106] ? ___ratelimit+0x4c4/0x670 [ 89.231098][ T5106] ? __pfx____ratelimit+0x10/0x10 [ 89.233095][ T5106] dump_header+0xdb/0x6a0 [ 89.234809][ T5106] oom_kill_process+0x3b8/0x950 [ 89.236797][ T5106] out_of_memory+0xf34/0x12f0 [ 89.238649][ T5106] ? __pfx_out_of_memory+0x10/0x10 [ 89.240693][ T5106] __alloc_pages_slowpath+0x18a9/0x23d0 [ 89.242821][ T5106] ? __pfx___alloc_pages_slowpath+0x10/0x10 [ 89.245258][ T5106] __alloc_pages_noprof+0x43e/0x6c0 [ 89.247368][ T5106] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 89.249671][ T5106] ? cpuset_nodemask_valid_mems_allowed+0x6a/0x80 [ 89.252246][ T5106] alloc_pages_mpol_noprof+0x3e8/0x680 [ 89.254413][ T5106] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 89.256876][ T5106] ? do_raw_spin_unlock+0x58/0x8b0 [ 89.258848][ T5106] folio_alloc_mpol_noprof+0x36/0x50 [ 89.261035][ T5106] __read_swap_cache_async+0x249/0x8c0 [ 89.263217][ T5106] ? __pfx___read_swap_cache_async+0x10/0x10 [ 89.265634][ T5106] ? blk_start_plug+0x70/0x1b0 [ 89.267573][ T5106] swap_cluster_readahead+0x392/0x800 [ 89.269753][ T5106] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 89.272157][ T5106] ? xas_load+0x59b/0x5c0 [ 89.273901][ T5106] swapin_readahead+0x1bf/0xfd0 [ 89.275821][ T5106] ? filemap_get_entry+0x123/0x3b0 [ 89.277804][ T5106] ? __pfx_swapin_readahead+0x10/0x10 [ 89.279899][ T5106] ? __filemap_get_folio+0x984/0xc10 [ 89.281977][ T5106] ? swap_cache_get_folio+0xa6/0x570 [ 89.284043][ T5106] do_swap_page+0x798/0x5b40 [ 89.285850][ T5106] ? finish_task_switch+0x1e5/0x870 [ 89.287803][ T5106] ? rcu_is_watching+0x15/0xb0 [ 89.289689][ T5106] ? __pte_offset_map+0x2c4/0x380 [ 89.291673][ T5106] ? do_swap_page+0x151/0x5b40 [ 89.293539][ T5106] ? __pfx_do_swap_page+0x10/0x10 [ 89.295505][ T5106] ? pte_offset_map_nolock+0x137/0x1f0 [ 89.297666][ T5106] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 89.299942][ T5106] ? __pfx_validate_chain+0x10/0x10 [ 89.301962][ T5106] handle_pte_fault+0x61c/0x6eb0 [ 89.303920][ T5106] ? __pfx_validate_chain+0x10/0x10 [ 89.305936][ T5106] ? futex_wait_queue+0x27/0x1d0 [ 89.307879][ T5106] ? schedule+0x90/0x320 [ 89.309550][ T5106] ? schedule+0x90/0x320 [ 89.311215][ T5106] ? schedule+0x155/0x320 [ 89.312914][ T5106] ? mark_lock+0x9a/0x350 [ 89.314608][ T5106] ? __pfx_handle_pte_fault+0x10/0x10 [ 89.316708][ T5106] ? __lock_acquire+0x137a/0x2040 [ 89.318690][ T5106] ? reacquire_held_locks+0x3eb/0x690 [ 89.320808][ T5106] ? lock_vma_under_rcu+0x2f9/0x6e0 [ 89.322834][ T5106] ? __pfx_reacquire_held_locks+0x10/0x10 [ 89.325058][ T5106] handle_mm_fault+0x1029/0x1980 [ 89.327008][ T5106] ? __pfx_handle_mm_fault+0x10/0x10 [ 89.329054][ T5106] ? lock_vma_under_rcu+0x592/0x6e0 [ 89.331095][ T5106] ? exc_page_fault+0x113/0x8c0 [ 89.333029][ T5106] exc_page_fault+0x459/0x8c0 [ 89.334875][ T5106] asm_exc_page_fault+0x26/0x30 [ 89.336803][ T5106] RIP: 0033:0x7f6ac463adfe [ 89.338497][ T5106] Code: f6 31 c0 e8 a4 d4 13 00 48 81 c4 90 00 00 00 48 98 5b c3 66 0f 1f 84 00 00 00 00 00 41 54 55 53 48 89 fb 48 81 ec d0 00 00 00 <48> 89 74 24 28 48 89 54 24 30 48 89 4c 24 38 4c 89 44 24 40 4c 89 [ 89.345933][ T5106] RSP: 002b:00007f6ac5617f70 EFLAGS: 00010202 [ 89.348302][ T5106] RAX: 0000000000000000 RBX: 00007f6ac47e89f5 RCX: 00007f6ac47f4a86 [ 89.351400][ T5106] RDX: 00000000000055f4 RSI: 0000000000000000 RDI: 00007f6ac47e89f5 [ 89.354454][ T5106] RBP: 00007f6ac47e78d8 R08: 0000000000a349df R09: 7fffffffffffffff [ 89.357545][ T5106] R10: 00007f6ac561a0b8 R11: 00007f6ac561a080 R12: 00007f6ac47e8a09 [ 89.360619][ T5106] R13: 0000000000000000 R14: 00007f6ac4915f80 R15: 00007ffe686c8618 [ 89.363813][ T5106] [ 89.446581][ T48] Bluetooth: hci0: command tx timeout [ 89.543967][ T5106] Mem-Info: [ 89.547305][ T5106] active_anon:1420 inactive_anon:2 isolated_anon:0 [ 89.547305][ T5106] active_file:1214 inactive_file:34605 isolated_file:0 [ 89.547305][ T5106] unevictable:1768 dirty:879 writeback:0 [ 89.547305][ T5106] slab_reclaimable:3327 slab_unreclaimable:31958 [ 89.547305][ T5106] mapped:5751 shmem:1877 pagetables:487 [ 89.547305][ T5106] sec_pagetables:294 bounce:0 [ 89.547305][ T5106] kernel_misc_reclaimable:0 [ 89.547305][ T5106] free:86026 free_pcp:39 free_cma:0 [ 89.590723][ T5106] Node 0 active_anon:0kB inactive_anon:8kB active_file:200kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:696kB dirty:200kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6468kB pagetables:956kB sec_pagetables:1156kB all_unreclaimable? no [ 89.617947][ T5106] Node 0 DMA free:700kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:0kB unevictable:0kB writepending:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:124kB local_pcp:124kB free_cma:0kB [ 89.642779][ T5106] lowmem_reserve[]: 0 183 0 0 0 [ 89.650358][ T5106] Node 0 DMA32 free:10948kB boost:0kB min:9320kB low:11648kB high:13976kB reserved_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:196kB unevictable:3536kB writepending:196kB present:770048kB managed:215872kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB [ 89.675296][ T5106] lowmem_reserve[]: 0 0 0 0 0 [ 89.679590][ T5106] Node 0 DMA: 1*4kB (U) 1*8kB (U) 9*16kB (U) 17*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 700kB [ 89.691932][ T5106] Node 0 DMA32: 127*4kB (UM) 109*8kB (UME) 94*16kB (UME) 78*32kB (UME) 37*64kB (UME) 13*128kB (UME) 4*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 10948kB [ 89.705973][ T5106] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.715434][ T5106] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.723888][ T5106] 37786 total pagecache pages [ 89.728472][ T5106] 79 pages in swap cache [ 89.732544][ T5106] Free swap = 119076kB [ 89.735247][ T5106] Total swap = 124996kB [ 89.739206][ T5106] 393083 pages RAM [ 89.743167][ T5106] 0 pages HighMem/MovableOnly [ 89.746243][ T5106] 163067 pages reserved [ 89.751449][ T5106] 0 pages cma reserved [ 89.753361][ T5105] SYZFAIL: invalid kcov comp type [ 89.755367][ T5105] type=ffffffff8100b397 [ 89.755443][ T5105] (errno 110: Connection timed out) [ 89.767281][ T5106] Tasks state (memory values in pages): [ 89.769499][ T5106] [ pid ] uid tgid total_vm rss rss_anon rss_file rss_shmem pgtables_bytes swapents oom_score_adj name [ 89.784346][ T5106] [ 4570] 0 4570 900 162 0 162 0 53248 32 0 syslogd [ 89.794438][ T5106] [ 4573] 0 4573 573 16 0 16 0 45056 32 0 acpid [ 89.804593][ T5106] [ 4577] 0 4577 900 201 0 201 0 45056 32 0 klogd [ 89.814742][ T5106] [ 4588] 0 4588 4476 596 309 287 0 57344 448 -1000 udevd [ 89.824894][ T5106] [ 4787] 100 4787 1037 165 37 128 0 45056 0 0 dbus-daemon [ 89.835688][ T5106] [ 4802] 101 4802 990 397 263 134 0 57344 128 0 dhcpcd [ 89.845246][ T5106] [ 4803] 0 4803 850 251 103 148 0 57344 0 0 dhcpcd [ 89.855389][ T5106] [ 4804] 101 4804 672 117 39 78 0 53248 0 0 dhcpcd [ 89.865533][ T5106] [ 4805] 101 4805 671 136 39 97 0 53248 0 0 dhcpcd [ 89.875777][ T5106] [ 4888] 0 4888 1800 446 92 354 0 61440 64 -1000 sshd [ 89.885915][ T5106] [ 4892] 0 4892 900 107 0 107 0 45056 32 0 getty [ 89.906277][ T5106] [ 4915] 101 4915 850 195 98 97 0 57344 0 0 dhcpcd [ 89.912459][ T5106] [ 4953] 101 4953 850 196 99 97 0 57344 0 0 dhcpcd [ 89.926579][ T5106] [ 4959] 101 4959 850 196 99 97 0 57344 0 0 dhcpcd [ 89.931868][ T5106] [ 4960] 101 4960 850 196 99 97 0 57344 0 0 dhcpcd [ 89.936244][ T5106] [ 4973] 101 4973 850 163 67 96 0 57344 32 0 dhcpcd [ 89.956977][ T5106] [ 4980] 101 4980 850 163 67 96 0 57344 32 0 dhcpcd [ 89.961321][ T5106] [ 4981] 101 4981 850 163 67 96 0 57344 32 0 dhcpcd [ 89.965712][ T5106] [ 4982] 101 4982 850 195 99 96 0 57344 0 0 dhcpcd [ 89.980439][ T5106] [ 4983] 101 4983 850 195 99 96 0 57344 0 0 dhcpcd [ 89.984902][ T5106] [ 5085] 0 5085 16034 4092 128 3964 0 139264 0 0 syz-executor [ 90.000733][ T5106] [ 5089] 0 5089 18083 4023 131 3892 0 147456 0 0 syz-executor [ 90.005293][ T5106] [ 5090] 0 5090 4440 711 304 407 0 65536 448 0 udevd [ 90.016885][ T5106] [ 5093] 0 5093 4440 388 305 83 0 53248 416 0 udevd [ 90.027513][ T5106] [ 5106] 0 5105 18950 4811 161 4650 0 163840 0 1000 syz.0.0 [ 90.043179][ T5106] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/,task=syz.0.0,pid=5105,uid=0 [ 90.052831][ T5106] Out of memory: Killed process 5106 (syz.0.0) total-vm:75800kB, anon-rss:644kB, file-rss:18600kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 90.107977][ T5089] SYZFAIL: child failed [ 90.109748][ T5089] (errno 0: Success)