last executing test programs: 4m57.724904277s ago: executing program 3 (id=4): socket(0xa, 0x2, 0x3a) close_range$auto(0x0, 0x1, 0x0) r0 = fanotify_init$auto(0x8000000000000000, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x0) io_uring_setup$auto(0xe, 0x0) fanotify_mark$auto(0x400000000000, 0x101, 0x9, 0x4, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4102, @multicast2}, 0x6b) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) socket(0x18, 0x5, 0x2) mmap$auto(0xff, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) ioctl$auto_PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000000)={0xb63e, 0x0}) close_range$auto(0x2, 0x8, 0x0) set_mempolicy$auto(0x4006, 0x0, 0x7) r2 = socket(0x2a, 0x6, 0x2084) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) unshare$auto(0x40000080) sendmsg$auto_NL80211_CMD_GET_REG(r2, 0x0, 0x24000040) memfd_create$auto(0x0, 0xe) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181002, 0x0) write$auto(r3, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) getpgid(0x0) 4m56.929507302s ago: executing program 3 (id=6): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/vhci_hcd.11/usb32/32-0:1.0/usb32-port1/power/autosuspend_delay_ms\x00', 0x41c5c0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/smbd_max_fragmented_recv_size\x00', 0xe0002, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) read$auto(0x3, 0x0, 0x80) write$auto(0x3, 0x0, 0xfffffdef) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/116, 0x74) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r2 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x80184947, 0x0) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), r1) r4 = socket(0x10, 0x80002, 0x0) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000004140), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_SET_VLAN(r6, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x24, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_DAT_CACHE_VID={0x6, 0x25, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40000) sendmsg$auto_WG_CMD_SET_DEVICE(r6, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000000)={0x30, r7, 0x21, 0x70bd26, 0x25dfdbfe, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x80) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r6, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000108}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x1c, r5, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_MAX_BE={0xfffffffffffffebd, 0x10, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000080}, 0x40) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r1, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x34, r5, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x7}, @NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0xfa}, @NL802154_ATTR_LBT_MODE={0x5, 0x13, 0x1}, @NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008014}, 0x1) r8 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x0, 0x0) r9 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd15/sched/write0_next_rq\x00', 0x300, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r9, &(0x7f0000000180)=""/209, 0xd1) ioctl$auto_USB_RAW_IOCTL_INIT(r8, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5dc79483a251405ce72a9af15390e93a8760df83859e16320e8d0b1161f13d13afae66b1d900a4958396aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89edac932b8859c767780d65e849700", "e600d778751f5f9e03e1f2b96e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184b8d300c13be6e57970685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08fb733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x5}) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000001180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001140)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r3, @ANYBLOB="00022dbd7000fddbdf250600000018020180060002002d0000000b0002005449504376320000ed00010097effca46aba75d05a5c6858284594a434b1ec888917543eb28ed07bbce202730c9ca7a286c3580a945571e46cd1b36454b0c50c72b14473163cf96a4a763929182bd1482453f3435cf5c3edb765b918efd5923e8198a98e22033c0d044b5224105dd1042b200596d975079426b65b82ae77d9161286713f0c9e9ecc9aac82f514d1544ac64b5c80dd9439ecab07fdc44f6de63e7577c5c2ef5215feb873f9924b4052f3a87298502aa5f42abeb42f466dbcff02fbbb842d72933207c721a768ee4762d7a8d1406f416cafe6582220220fc679d891b2fc66bbd05d5f31ae3ed1c1867692da6617472a0000000d0001007f6d121389a839649e000000070002007b5c00000b0002005449504376320000d4000100ec30bc5e6f93768d3b850f23703a28462bfea8fd494898fd87aa1329eb4a25e1ad0ebadf72fa40b3bb9cedb015378b4d64442d5354ca7e9114e5f644046c68a9fd62dce9891ed2aec8e0faf15330d260a13f78a6461b5e1308edaf8498635604a3163cb8be97f5ee7e4b6cb3108641fed934b0d9a4ce829378a1c3c027861af5c756a3935d51b0724260939e5c076cdfd43c74e95117b447a87f7216019f76728bd8b65989044c36bd590f9179f5ea2b0d7b6d033dfbf0f8da63d1241dc854d63715700ef121d46edd8184339a6332e84af07bef440b14837a4c0b00020054495043763200000b000200544950437632000086347927b164ac332c3f833cc6242051e89039faeef2f6d6a51f42ec9c47f4ca04c7718ad8c99c6ada698b0b59fe9454383d8647a959b1015d3e841a3c55e636ca2257951eff1b792c745917604f8e7aa067a3eb7464a4728cd9bcf315431d938fcc58f0d750acba9ca6d47439b4c4c7d987952a38c0ecd1629cfbfdd3b9af901acf0e57ed87aab9dc4be87c27ff03a5d4d76e8dd61f4dbbd76ae6ad3f609edff3aa500192e90d9087a2bcbbda87713cbb813e531b1025838ea7"], 0x22c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) r10 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001540), 0xffffffffffffffff) r11 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1) sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000700)={&(0x7f0000000000), 0xc, &(0x7f00000006c0)={&(0x7f0000000100)={0x1c, r11, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x20000001) sendmsg$auto_TIPC_NL_KEY_SET(r1, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000001f80)={&(0x7f0000000600)=ANY=[@ANYBLOB="e4ffffff6aca805e8b648fbf6025e5bc692248967c356eacdb7a80bdfabcedf95df47a6c2d32742060cae20025eba2daf86e6523b3a2b19a5735c031ad044b6fc1ef4840cd1fb7b50c243d46df597f92c007a2260a3568def7525122dee2f1684da9f7d8daa13caeea4149ea7d340a44a112d7ff57d4dc079b72854a3c9cc5232842d1711439ccc6", @ANYRES16=r10, @ANYBLOB="01002abd7000ffdbdf25170000000800068084a3a5cd"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40000) 4m56.441574788s ago: executing program 3 (id=10): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x9, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x2714, 0xfffffffffffffffc, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0xe, 0x8000) unshare$auto(0x40000080) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) r3 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/dbroot\x00', 0x303400, 0x0) open(&(0x7f0000000000)='./file0\x00', 0xaf44529eb48ad963, 0x17c) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) write$auto_configfs_file_operations_configfs_internal(r3, &(0x7f0000000000)="8e79ead6525bbb66", 0x8) sendmsg$auto_HWSIM_CMD_GET_RADIO(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES32=r2, @ANYBLOB="cf5768bd7000ffdbdf0506000000"], 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, 0x0}, 0x4048000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0xfffffffffffffffc, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mlockall$auto(0x7) clone3$auto(0x0, 0x40) getrandom$auto(0x0, 0x6000000, 0x3) r5 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000140), r4) sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r4, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="020027bd7000ffdbdf25060000000800040002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40080) socket$nl_generic(0x10, 0x3, 0x10) epoll_create$auto(0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0xffffffff80088a02, 0x1) socket(0x22, 0x6, 0x80bb2) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/clear_refs\x00', 0x105000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 4m54.59391304s ago: executing program 3 (id=16): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/platform/dummy_hcd.3/usb4/power/wakeup_last_time_ms\x00', 0x80800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002c00)=""/181, 0xb5) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000140)=ANY=[@ANYRES16, @ANYRESOCT=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x22048814) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) r1 = open(&(0x7f0000000000)='./file0\x00', 0xa01c2, 0x84) sendmsg$auto_NL802154_CMD_GET_INTERFACE(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7000fcdbdf25050000001400040000000000000000bdcf0000000000065187bb6c1edb71e70000bbaefa0e9e420977fdfedc52ca553d9eb81583691e250dc2df254f5a39a1b1cb15f12d80c59c068742c45ba331b4c6158d5e65a5ad15e1afecd329ceaab38f5a7e0e15de378c59d4b5025eb085c40cc0dfaf9aafcb05be21e4a33b12240a0e608e88f38a7a3348065e3c2dabb618ddb82de610ae0aa3ae05af48390c1b69fd734012fec53b55add140aa3a1eb8cc04d0d8bd08278da62b52"], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x0, 0x3, 0xd, 0x3, 0x81, 0xfffffffc, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0xb0, 0x9, 0x1, 0xffffffff, 0x5, 0x7, 0x0, 0x7, 0x0, 0xfffffffe, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x71a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, 0x9, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(r0, r0, 0x6) 4m53.765634405s ago: executing program 3 (id=21): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_KEY_SET(r0, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000001f80)={&(0x7f0000001b80)={0x18, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x40000) 4m53.620109976s ago: executing program 3 (id=22): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8d1}, 0x4000050) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)="3bedd92f26638cc0023a8686bd579dcf16f50e9bfa20abfa3a37", 0x1a) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop11\x00', 0x8001, 0x0) ioctl$auto_def_blk_fops_fs(r1, 0x1279, &(0x7f0000000000)) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11\x11\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x00\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) 4m38.545508015s ago: executing program 32 (id=22): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8d1}, 0x4000050) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)="3bedd92f26638cc0023a8686bd579dcf16f50e9bfa20abfa3a37", 0x1a) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop11\x00', 0x8001, 0x0) ioctl$auto_def_blk_fops_fs(r1, 0x1279, &(0x7f0000000000)) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11\x11\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x00\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) 1m59.508398659s ago: executing program 1 (id=1024): socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x21, 0x2, 0xa) openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x389401, 0x48, 0x2b}, 0x18) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) sendmmsg$auto(0x6, &(0x7f0000000400)={{0x0, 0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x1, &(0x7f0000000300), 0x10, 0x8000000}, 0xed7138c}, 0x6, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)=""/190, 0xbe) setsockopt$auto(r1, 0xffd, 0x8, &(0x7f0000000180)='\x88\xe2I\xee\x11\xd8\xd1CS\x89\xa1x\x193$\x1e\x99\xa1\x91vrx\xc3\xc4\xc1(N\x8c\x1f\x8fa1\r\rgf\xc2t\x03\xf0\x84E\xa4\xc1\x9f{\x13P\xdcd)c\v\xe4\xd7Ef\xd8\xedv\xef\xdb\xb7:\xc8~|\xafo~\xf8\xe9\xd1\xdd\x9a\xbfzx\xae\xf9?\x03\xaf\a\xd2\xbbE\xc3S\xf3\x94\x8a-\xd0\xc8\x8f>5Z\x95\xf3~\xd8\xfa\x90\n\xeb\x193\xe9]\x1a\x82\xb1\x9e2\"\xe23\xe7\xccc\x18\xc8e>\x9f\xe2\x94^\x84\x1b\x99\xc4\x12S<]\x06\xc7u:\xb3^x\xeb\x87u\xc5\xc2\x19\x84\x8f\xb3~\x80\xabV\xd8\aSE\x9a\xfd\x06\xa5', 0x6) 1m59.354974176s ago: executing program 1 (id=1025): r0 = gettid() process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x8}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0) move_pages$auto(r0, 0x4, &(0x7f0000000100)=&(0x7f0000000040), &(0x7f0000000140)=0x3, 0x0, 0x0) move_pages$auto(r0, 0x8001, &(0x7f0000000040)=&(0x7f0000000000)="c0ea1e7c11", &(0x7f0000000080)=0x4, &(0x7f00000000c0), 0xe) getpriority$auto(0x0, 0x0) 1m58.859130072s ago: executing program 1 (id=1028): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/platform/dummy_hcd.3/usb4/power/wakeup_last_time_ms\x00', 0x80800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002c00)=""/181, 0xb5) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000140)=ANY=[@ANYRES16, @ANYRESOCT=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x22048814) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf25050000001400040000000000000000bdcf0000000000065187bb6c1edb71e70000bbaefa0e9e420977fdfedc52ca553d9eb81583691e250dc2df254f5a39a1b1cb15f12d80c59c068742c45ba331b4c6158d5e65a5ad15e1afecd329ceaab38f5a7e0e15de378c59d4b5025eb085c40cc0dfaf9aafcb05be21e4a33b12240a0e608e88f38a7a3348065e3c2dabb618ddb82de610ae0aa3ae05af48390c1b69fd734012fec53b55add140aa3a1eb8cc04d0d8bd08278da62b52"], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x0, 0x3, 0xd, 0x3, 0x81, 0xfffffffc, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0xb0, 0x9, 0x1, 0xffffffff, 0x5, 0x7, 0x0, 0x7, 0x0, 0xfffffffe, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x71a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, 0x9, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(r0, r0, 0x6) 1m58.445400202s ago: executing program 1 (id=1030): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40, @local}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) mount_setattr$auto(0x5, 0x0, 0x0, &(0x7f0000000640)={0x10000c, 0x7f}, 0x283) r1 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000280), 0xc001, 0x0) io_uring_setup$auto(0x5, &(0x7f00000002c0)={0xa76, 0xc0, 0x10000, 0x0, 0x80000000, 0x0, r1, [0x84fb, 0x5, 0x8], {0x2, 0x6, 0x10001, 0x7, 0x5, 0x4, 0x4, 0x5, 0x9}, {0x7, 0x6, 0x2, 0x0, 0x4ddf, 0xfffffff8, 0xfff, 0x1000, 0xc}}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000001e00), 0x82180, 0x0) fanotify_init$auto(0x200, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip_mr_vif\x00', 0x100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x18, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x800) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) pipe$auto(0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) ioctl$auto_TIOCSTI2(r2, 0x5412, 0x0) 1m57.66660402s ago: executing program 1 (id=1038): setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioperm$auto(0x7, 0x6, 0x2) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC2\x00', 0x600, 0x0) r1 = set_tid_address$auto(&(0x7f0000000140)=0x1) r2 = syz_clone(0x80180000, &(0x7f0000000180)="e42c4fe560d40f235e294f0185876b7e092714adf1c83038cb038c28b8dc387f594e1d94689c44d3fd4c8162750e2a83a33911bcee8c6b0bb324616cf62f2170f4dd94736187675cf7beff95d87d20", 0x4f, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)="02c31fc1750727a7955526c23b17") ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000000300)={0x1, 0x3, 0x8, @raw=0xf4, &(0x7f00000002c0)={@inferred=r1, 0x0, 0xc, 0x4, "02e66c4f2cb5df16cb9360f49aea4958c034bc3e4934444b7f6a8e22d80de0a6093fabb5c502906ad9cf8a4a", @inferred=r2}, "72271bb03e6052336746c21045485b1614634a520c1a626bc69e593863402a698206d6481370f1c9d0f6badeef55f8c52304"}) rt_sigprocmask$auto(0xb1, 0x0, 0x0, 0x7) r3 = socket(0x1d, 0x3, 0x1) getsockname$auto(r3, 0x0, 0x0) tkill$auto(0x80000000000001, 0x7) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x88\xa8e\x1cJ\x99\x00\x11\x11\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x00\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) 1m55.296960676s ago: executing program 1 (id=1048): madvise$auto(0x0, 0x0, 0xa) set_mempolicy$auto(0x1000002, &(0x7f0000000080)=0x6, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) io_uring_setup$auto(0x6, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x7fff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x1020006, 0x7fffffff, 0x11, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) 1m54.969423243s ago: executing program 33 (id=1048): madvise$auto(0x0, 0x0, 0xa) set_mempolicy$auto(0x1000002, &(0x7f0000000080)=0x6, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) io_uring_setup$auto(0x6, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x7fff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x1020006, 0x7fffffff, 0x11, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) 11.398653977s ago: executing program 2 (id=1668): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x808000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x183800, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$auto(r0, 0x0, 0x45c) (fail_nth: 5) 10.672751036s ago: executing program 2 (id=1672): r0 = socket(0x1e, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) r3 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40802, 0x0) write$auto_evm_key_ops_evm_secfs(r3, 0x0, 0xa) r4 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_prog_fd=0x77, 0xa, @old_map_fd=r2}, 0x10) bpf$auto(0x86, &(0x7f00000001c0)=@raw_tracepoint={0x100000000005, r0, 0x0, 0x4}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x28, 0x0, 0x1, 0x70bd26, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x14, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x10, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST={0x5, 0x8, 0x5}]}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x894}, 0x4) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b", @ANYRES8], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r6, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYRES16=r1], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8080) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) r8 = mq_open$auto(&(0x7f0000000000)='wlan0\x00', 0x7f351fa6, 0x2, &(0x7f0000000140)={0x3, 0x5, 0xc, 0x100000001}) close_range$auto(r5, r4, 0xc00) close_range$auto(r0, r8, 0x2) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) 10.497906235s ago: executing program 2 (id=1674): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_GETPDP(r0, 0x0, 0x8014) 10.336866258s ago: executing program 2 (id=1676): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(0x0, 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), 0xffffffffffffffff) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x75, 0x0, &(0x7f0000000000)=0x9000c) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x45, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 9.179876044s ago: executing program 2 (id=1683): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="4cea6ed1dc1f91f3c388b5622a274610e10800ca08ba7aa1995d92e1d0ae2ef23f241bb2bfd9800e9b3b41", 0x2b) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01df2cbd7000fadbdf270300000005"], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x51b41aab316a9d76) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgsnd$auto(0x5, 0x0, 0x3, 0x8) mlock$auto(0x578681a1, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0xfbe8, 0x4) mlock$auto(0x8001, 0xb) mlock$auto(0x7c88, 0x7fff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001900), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_GET_TXSC(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002b00)={&(0x7f0000001940)={0x14, r3, 0x186f202170196f7b, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x8, 0x44}, 0x4) r4 = socket(0x11, 0x3, 0x6) sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) close_range$auto(0x2, 0x8, 0x3) 8.289852014s ago: executing program 2 (id=1689): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/security/tomoyo/profile\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r0, &(0x7f00000003c0)="0a1b9a3c670f8262f6c5cd8c38741e504b2b6cac0600000000000000ee9571545a3b4d882ac766622396ec49886d1fb24c8ea5c25706000000000000001cadb848770dc8f745b20000000012b9f679dabd36bb657e69fd8b6d676e8da35491d02a021ba04a10516201f197fe2536136d56ba1f4ab40a07208467d48824d50a2d23908f626e12f466c0b91bad7e83b326b06d20dcddae16bed844b15905f0934b438404d3bbb9792079fcecc0eef14adb72e9fcfa04000000228db355cf228dce6fe0114db724c98b93e5f8d6c8dc3837000000000000000000000243c58390c57b14262a2890952c581b9afa3afce3d5d9628639d4fcc15c7995cf84b2d74b3b14cafec65ff312bc5d3d16d61eee2994630e6a07c732a4f43f4d73b2905ab5bcea67b475e0ca44b842d294901b2b5e1236e0dc02a809bdf8c315bca1de85d3a7dd298d301716092ddc7c08b57ddebea6bffd28f137c6b06e1543b5c6934b3274a167bee1d41a4bd89a7262c7ff6ce5edc39f16dc7a5cff5ce0ecd37f397131d16eaa67254ad1925c917116b4db3e8f7305a50e1c5d5da8a7595639617becccbd3dd680d08d856a1de49e8a334c7576020441bc7331b06a1d917668ee39ccb4a53881b09502637706c74fe5fe313d65277f8979addf36106cc9d8fb197f364e538abaff8ee79123b10d5b06ec9cb5f1e45877dff636ce002faeaac6cdb2f2f4187f87c61d5f048ec02559bd566d42410fec5bf1cb2bd28fcc153885504d2acef3a305bc93f6029dd11d17c4ed373d90e02ca182db6397e2871f7b692c0d2e8bcc45c997da7030e300d7e4ae33663966e418e787a193babc16d1068d6a549727a63fe86ef4c2b4ccaf8e6a56325f229e324b88163c09aad60deb77074826811377d961c8957dd6a4941a45934bd704620cc9c557d1da3c03a5c76358bf85ea22edc17233c14167809512c9b283f82d72fa70744c73012d2350c054cb197d4fac067b4f16217cb9184a122917da1b7607b6b3b01cb7970531cfc9d5ed916dfde310e5de0a", 0x2e3) r1 = openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim4/psample/out_tc\x00', 0x200400, 0x0) read$auto_fops_u16_(r1, &(0x7f0000000080)=""/169, 0xa9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0) write$auto(0x3, 0x0, 0xfffffdef) write$auto_snd_pcm_oss_f_reg_pcm_oss(r2, &(0x7f0000000080)="c2", 0x1) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), r3) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/security/tomoyo/profile\x00', 0x2, 0x0) (async) write$auto_tomoyo_operations_securityfs_if(r0, &(0x7f00000003c0)="0a1b9a3c670f8262f6c5cd8c38741e504b2b6cac0600000000000000ee9571545a3b4d882ac766622396ec49886d1fb24c8ea5c25706000000000000001cadb848770dc8f745b20000000012b9f679dabd36bb657e69fd8b6d676e8da35491d02a021ba04a10516201f197fe2536136d56ba1f4ab40a07208467d48824d50a2d23908f626e12f466c0b91bad7e83b326b06d20dcddae16bed844b15905f0934b438404d3bbb9792079fcecc0eef14adb72e9fcfa04000000228db355cf228dce6fe0114db724c98b93e5f8d6c8dc3837000000000000000000000243c58390c57b14262a2890952c581b9afa3afce3d5d9628639d4fcc15c7995cf84b2d74b3b14cafec65ff312bc5d3d16d61eee2994630e6a07c732a4f43f4d73b2905ab5bcea67b475e0ca44b842d294901b2b5e1236e0dc02a809bdf8c315bca1de85d3a7dd298d301716092ddc7c08b57ddebea6bffd28f137c6b06e1543b5c6934b3274a167bee1d41a4bd89a7262c7ff6ce5edc39f16dc7a5cff5ce0ecd37f397131d16eaa67254ad1925c917116b4db3e8f7305a50e1c5d5da8a7595639617becccbd3dd680d08d856a1de49e8a334c7576020441bc7331b06a1d917668ee39ccb4a53881b09502637706c74fe5fe313d65277f8979addf36106cc9d8fb197f364e538abaff8ee79123b10d5b06ec9cb5f1e45877dff636ce002faeaac6cdb2f2f4187f87c61d5f048ec02559bd566d42410fec5bf1cb2bd28fcc153885504d2acef3a305bc93f6029dd11d17c4ed373d90e02ca182db6397e2871f7b692c0d2e8bcc45c997da7030e300d7e4ae33663966e418e787a193babc16d1068d6a549727a63fe86ef4c2b4ccaf8e6a56325f229e324b88163c09aad60deb77074826811377d961c8957dd6a4941a45934bd704620cc9c557d1da3c03a5c76358bf85ea22edc17233c14167809512c9b283f82d72fa70744c73012d2350c054cb197d4fac067b4f16217cb9184a122917da1b7607b6b3b01cb7970531cfc9d5ed916dfde310e5de0a", 0x2e3) (async) openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim4/psample/out_tc\x00', 0x200400, 0x0) (async) read$auto_fops_u16_(r1, &(0x7f0000000080)=""/169, 0xa9) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) (async) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0) (async) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) write$auto_snd_pcm_oss_f_reg_pcm_oss(r2, &(0x7f0000000080)="c2", 0x1) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), r3) (async) 4.992458632s ago: executing program 5 (id=1706): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xb, 0x7, 0x9, 0x3, 0x7, 0x0, 0x8, 0x3, 0x2000000000010006, 0x0, 0x7, 0x9, 0x2, 0x7, 0xae, 0x5, 0x2, 0x3, 0x105, 0x7, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, [0x1b16, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8000000000000, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x4, 0x0, 0xc06f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x8, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4, 0x101, 0x0, 0x0, 0x0, 0x107, 0x7, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0x80000000000, 0x2]}, 0x1fe, 0x81) socket(0x11, 0x3, 0x6) statmount$auto(0x0, 0x0, 0x1fe, 0x81) socket(0xa, 0x801, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x8004) connect$auto(0x3, &(0x7f0000000140), 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) socket(0x1e, 0x1, 0x140) keyctl$auto(0x8, 0x5, 0x6, 0x6, 0x7) writev$auto(0xcd, &(0x7f0000000080)={0x0, 0x3ff}, 0x4) unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') io_uring_setup$auto(0x10000006, 0x0) setns(r1, 0x0) umount2$auto(&(0x7f0000000080)='.\x00', 0x3) setns(r0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x801, 0x106) socket(0x26, 0x80805, 0x0) keyctl$auto(0x200, 0x1, 0x4, 0x7, 0xbbc) keyctl$auto(0x0, 0x8000000000000000, 0x6, 0x946c, 0x4) creat$auto(&(0x7f0000000040)='X))\x00', 0x5) write$auto(0x3, 0x0, 0x7ffffffff000) r2 = socket(0x2, 0x80805, 0x0) getsockopt$auto(r2, 0x0, 0x4, 0x0, 0x0) 4.375687783s ago: executing program 4 (id=1707): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xb, 0x7, 0x9, 0x3, 0x7, 0x0, 0x8, 0x3, 0x2000000000010006, 0x0, 0x7, 0x9, 0x2, 0x7, 0xae, 0x5, 0x2, 0x3, 0x105, 0x7, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, [0x1b16, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8000000000000, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x73, 0x0, 0x0, 0x0, 0x4, 0x0, 0xc06f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x8, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4, 0x101, 0x0, 0x0, 0x0, 0x107, 0x7, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0x80000000000, 0x2]}, 0x1fe, 0x81) socket(0x11, 0x3, 0x6) statmount$auto(0x0, 0x0, 0x1fe, 0x81) r0 = socket(0x2, 0x80805, 0x0) getsockopt$auto(r0, 0xffa4, 0x4, 0x0, 0x0) 4.196930007s ago: executing program 4 (id=1708): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), 0xffffffffffffffff) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x75, 0x0, 0x0) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x45, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 4.115644701s ago: executing program 0 (id=1709): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_thermal(0x0, 0xffffffffffffffff) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x75, 0x0, &(0x7f0000000000)=0x9000c) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x45, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3.925419434s ago: executing program 5 (id=1710): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) connect$auto(0x3, &(0x7f0000000000), 0x55) getrandom$auto(0x0, 0x6000000, 0x3) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x148}, 0x1, 0x0, 0x0, 0x80}, 0x80) 3.262958381s ago: executing program 4 (id=1711): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_GETPDP(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x8014) 3.02310449s ago: executing program 4 (id=1712): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="4cea6ed1dc1f91f3c388b5622a274610e10800ca08ba7aa1995d92e1d0ae2ef23f241bb2bfd9800e9b3b41", 0x2b) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01df2cbd7000fadbdf270300000005"], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x51b41aab316a9d76) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgsnd$auto(0x5, 0x0, 0x3, 0x8) mlock$auto(0x578681a1, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0xfbe8, 0x4) mlock$auto(0x8001, 0xb) mlock$auto(0x7c88, 0x7fff) socket$nl_generic(0x10, 0x3, 0x10) creat$auto(0x0, 0xffff) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x8, 0x44}, 0x4) r2 = socket(0x11, 0x3, 0x6) sendmmsg$auto(r2, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) close_range$auto(0x2, 0x8, 0x3) 2.306771722s ago: executing program 5 (id=1713): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="4cea6ed1dc1f91f3c388b5622a274610e10800ca08ba7aa1995d92e1d0ae2ef23f241bb2bfd9800e9b3b41", 0x2b) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01df2cbd7000fadbdf270300000005"], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x51b41aab316a9d76) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgsnd$auto(0x5, 0x0, 0x3, 0x8) mlock$auto(0x578681a1, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0xfbe8, 0x4) mlock$auto(0x8001, 0xb) creat$auto(0x0, 0xffff) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x8, 0x44}, 0x4) r2 = socket(0x11, 0x3, 0x6) sendmmsg$auto(r2, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) close_range$auto(0x2, 0x8, 0x3) 2.063721523s ago: executing program 0 (id=1714): mmap$auto(0x0, 0x20009, 0xda, 0xeb1, 0x405, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/netfilter/nf_log\x00', 0x101000, 0x0) pread64$auto(r0, 0x0, 0x4, 0x56) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) futex_requeue$auto(&(0x7f0000000040)={0xf, 0x6, 0x2}, 0xfffffffd, 0xf, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a07"], 0x1ac}}, 0x448d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x0, 0xfffffffffffff000, 0x2) memfd_create$auto(&(0x7f00000001c0)='IPVS\x00\x84\x94\xbf\x7f\xe0(\xc7^M\xbe\x92\x98?I\xa5ja\xe8\xa1o\xb5-Z\x9dc\x152\xaew`0M\x1b3\r\x8afQ\xc2\x82W?r$\xf0\xce\x7f\x15\xa1\x13\xb2\x84\x04\xad<\x91\x85\xb22G\xf6\x8b\xba<\xe9&\x17%\x1a\xa5c\xe8\x06\xd4ok\x8a\xb2\xbaz\xf1\v\xf4\xaa\xda\x91\xfb\xea\x17~C\xb3\xc4S\xce\x83\x13\xd9\xbd{d\xfdB]\xb0R\x05b\x1b\xa5\xb8\x85\xa9\xbc5-9\x94\xa4QG\x06Z3#\x1cK\xbe\x16\xebaE~\x00\x00\x00\x00\x00', 0x8) fchmod$auto(0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.882557502s ago: executing program 0 (id=1715): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto(0xf000, 0x5c5, 0x0, 0x4, &(0x7f00000000c0)={{0x4, 0x2}, {0x0, 0x7fffffff}, 0x6, 0x80000001, 0x4feb, 0xffffffffffff0001, 0x0, 0x3, 0x2, 0x0, 0x38, 0xba, 0x9, 0x3, 0x4, 0xffffffff7fffffff}) 1.678012751s ago: executing program 0 (id=1716): r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0) write$auto_event_inject_fops_trace(r0, 0x0, 0x1f00) inotify_add_watch$auto(r0, 0x0, 0x0) 1.512441156s ago: executing program 0 (id=1717): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x6, 0x40000000084, 0x70, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x3c, 0x3, 0x1ffde, 0x7, 0x3, 0x4, 0x9, 0x3, 0x6, 0x5, 0xb4, 0x9, 0x6, 0x10003, 0x80, 0x7, 0x0, 0x7, 0x20, 0x200, 0x0, 0x84, [0xfffffffffffffffd, 0x0, 0x0, 0x50100000000000, 0x3, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x24, 0x40000000000003, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000001, 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x0, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x1, 0x7, 0xffffffffffffffff, 0x890, 0x8000000000008, 0xc8, 0x1000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4000000000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="48e0b1f211002d", @ANYBLOB="332571d0f653786972e513d469478a5baef4949724a7a7cac1e1eb53e1927999f5c9551e79acfe1f0f6541fa4cad8549b012c08144424c5ea7c04371099dd95e9979591d75195ae64794c5986b8cc88fff673dc41fbdd07fb256c2c9428c4c3fa72706a8f6f213793574a1b0d625794b3d99d7b614753396850638bf6a2d"], 0x3c}, 0x1, 0x0, 0x0, 0x4048001}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000000), r0) setpriority$auto(0x0, 0x1, 0x0) 1.371994884s ago: executing program 0 (id=1718): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) connect$auto(0x3, &(0x7f0000000000), 0x55) getrandom$auto(0x0, 0x6000000, 0x3) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x148}, 0x1, 0x0, 0x0, 0x80}, 0x80) 522.334804ms ago: executing program 5 (id=1719): mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x2, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/blkio.bfq.time_recursive\x00', 0x80500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) 510.387933ms ago: executing program 4 (id=1720): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_GETPDP(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x8014) 342.366912ms ago: executing program 5 (id=1721): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/ip6gre0/queues/rx-0/rps_cpus\x00', 0x100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) read$auto(r0, 0x0, 0x14) 337.713614ms ago: executing program 4 (id=1722): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xb, 0x7, 0x9, 0x3, 0x7, 0x0, 0x8, 0x3, 0x2000000000010006, 0x0, 0x7, 0x9, 0x2, 0x7, 0xae, 0x5, 0x2, 0x3, 0x105, 0x7, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, [0x1b16, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8000000000000, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x4, 0x0, 0xc06f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x8, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4, 0x101, 0x0, 0x0, 0x0, 0x107, 0x7, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0x80000000000, 0x2]}, 0x1fe, 0x81) socket(0x11, 0x3, 0x6) statmount$auto(0x0, 0x0, 0x1fe, 0x81) socket(0xa, 0x801, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x8004) connect$auto(0x3, &(0x7f0000000140), 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) socket(0x1e, 0x1, 0x140) keyctl$auto(0x8, 0x5, 0x6, 0x6, 0x7) writev$auto(0xcd, &(0x7f0000000080)={0x0, 0x3ff}, 0x4) unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') io_uring_setup$auto(0x10000006, 0x0) setns(r1, 0x0) umount2$auto(&(0x7f0000000080)='.\x00', 0x3) setns(r0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x801, 0x106) socket(0x26, 0x80805, 0x0) keyctl$auto(0x200, 0x1, 0x4, 0x7, 0xbbc) keyctl$auto(0x0, 0x8000000000000000, 0x6, 0x946c, 0x4) creat$auto(&(0x7f0000000040)='X))\x00', 0x5) write$auto(0x3, 0x0, 0x7ffffffff000) r2 = socket(0x2, 0x80805, 0x0) getsockopt$auto(r2, 0x0, 0x4, 0x0, 0x0) 0s ago: executing program 5 (id=1723): openat$auto_show_traces_fops_trace(0xffffffffffffff9c, 0x0, 0x40000, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6b, 0x0, 0x7d, 0xfffffffffffffffd, 0xd4, 0x4, 0x4, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x8000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa744, 0x0, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x80, 0x0, 0x7ff) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) ioperm$auto(0x7, 0x6, 0x2) munmap$auto(0x1000000, 0x2000000c) fanotify_init$auto(0x5, 0x2) write$auto(0x3, 0x0, 0x81) mlockall$auto(0x3) kernel console output (not intermixed with test programs): _slave_0: entered promiscuous mode [ 262.083682][ T9554] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.140100][ T9554] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.164036][ T9554] bridge_slave_1: entered allmulticast mode [ 262.171730][ T9554] bridge_slave_1: entered promiscuous mode [ 262.178671][ T9679] FAULT_INJECTION: forcing a failure. [ 262.178671][ T9679] name failslab, interval 1, probability 0, space 0, times 0 [ 262.207122][ T9679] CPU: 1 UID: 0 PID: 9679 Comm: syz.0.1087 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 262.217867][ T9679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 262.227954][ T9679] Call Trace: [ 262.231257][ T9679] [ 262.234214][ T9679] dump_stack_lvl+0x16c/0x1f0 [ 262.238932][ T9679] should_fail_ex+0x497/0x5b0 [ 262.243652][ T9679] should_failslab+0xc2/0x120 [ 262.248379][ T9679] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 262.253799][ T9679] ? skb_clone+0x190/0x3f0 [ 262.258265][ T9679] skb_clone+0x190/0x3f0 [ 262.262585][ T9679] netlink_deliver_tap+0xafd/0xca0 [ 262.267747][ T9679] netlink_unicast+0x5e1/0x7f0 [ 262.272554][ T9679] ? __pfx_netlink_unicast+0x10/0x10 [ 262.277965][ T9679] ? __phys_addr_symbol+0x30/0x80 [ 262.283033][ T9679] ? __check_object_size+0x488/0x710 [ 262.288372][ T9679] netlink_sendmsg+0x8b8/0xd70 [ 262.293182][ T9679] ? __pfx_netlink_sendmsg+0x10/0x10 [ 262.298516][ T9679] ____sys_sendmsg+0x9ae/0xb40 [ 262.303321][ T9679] ? copy_msghdr_from_user+0x10b/0x160 [ 262.308832][ T9679] ? __pfx_____sys_sendmsg+0x10/0x10 [ 262.314171][ T9679] ___sys_sendmsg+0x135/0x1e0 [ 262.318901][ T9679] ? __pfx____sys_sendmsg+0x10/0x10 [ 262.324155][ T9679] ? __pfx_lock_release+0x10/0x10 [ 262.329215][ T9679] ? trace_lock_acquire+0x14e/0x1f0 [ 262.334471][ T9679] ? __fget_files+0x206/0x3a0 [ 262.339198][ T9679] __sys_sendmsg+0x16e/0x220 [ 262.343833][ T9679] ? __pfx___sys_sendmsg+0x10/0x10 [ 262.349014][ T9679] do_syscall_64+0xcd/0x250 [ 262.353561][ T9679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.359489][ T9679] RIP: 0033:0x7fc95ad85d29 [ 262.363928][ T9679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 262.383575][ T9679] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 262.392036][ T9679] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 262.400044][ T9679] RDX: 0000000000000000 RSI: 0000000020001d00 RDI: 0000000000000003 [ 262.408054][ T9679] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 262.416060][ T9679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 262.424059][ T9679] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 262.432080][ T9679] [ 262.528843][ T9554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.573013][ T9554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.787151][ T9554] team0: Port device team_slave_0 added [ 262.821222][ T9554] team0: Port device team_slave_1 added [ 262.849914][ T9682] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1088'. [ 262.980471][ T9554] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 263.020603][ T9554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.092450][ T9554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 263.124443][ T9554] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 263.153533][ T9554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.195107][ T9554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 263.396171][ T9554] hsr_slave_0: entered promiscuous mode [ 263.423741][ T9554] hsr_slave_1: entered promiscuous mode [ 263.448607][ T9554] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 263.456869][ T9554] Cannot create hsr debugfs directory [ 263.865700][ T53] Bluetooth: hci1: command tx timeout [ 263.895865][ T9554] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 263.942617][ T9554] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 263.957795][ T9554] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 263.991415][ T9554] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 264.207101][ T9554] 8021q: adding VLAN 0 to HW filter on device bond0 [ 264.283305][ T9554] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.316668][ T1154] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.323858][ T1154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.382395][ T9739] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.389629][ T9739] bridge0: port 2(bridge_slave_1) entered forwarding state [ 264.452846][ T9554] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 264.482250][ T9554] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 264.807939][ T9769] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1102'. [ 264.971665][ T9554] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.485511][ T9759] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1100'. [ 265.502537][ T9554] veth0_vlan: entered promiscuous mode [ 265.538191][ T9554] veth1_vlan: entered promiscuous mode [ 265.626621][ T9554] veth0_macvtap: entered promiscuous mode [ 265.640812][ T9554] veth1_macvtap: entered promiscuous mode [ 265.727862][ T9554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.762436][ T9554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.792919][ T9554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.823617][ T9554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.863193][ T9554] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.909501][ T9554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.935159][ T53] Bluetooth: hci1: command tx timeout [ 265.941884][ T9554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.962409][ T9554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.978401][ T9554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.995038][ T9554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.014980][ T9554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.026055][ T9554] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 266.044936][ T9554] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.069757][ T9554] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.096069][ T9554] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.123880][ T9554] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.422240][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.488263][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.505537][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.513414][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.628508][ T9820] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1108'. [ 268.125858][ T9879] FAULT_INJECTION: forcing a failure. [ 268.125858][ T9879] name failslab, interval 1, probability 0, space 0, times 0 [ 268.183167][ T9879] CPU: 0 UID: 0 PID: 9879 Comm: syz.0.1118 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 268.193916][ T9879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 268.204005][ T9879] Call Trace: [ 268.207309][ T9879] [ 268.210271][ T9879] dump_stack_lvl+0x16c/0x1f0 [ 268.214992][ T9879] should_fail_ex+0x497/0x5b0 [ 268.219710][ T9879] ? fs_reclaim_acquire+0xae/0x150 [ 268.224862][ T9879] should_failslab+0xc2/0x120 [ 268.229592][ T9879] __kmalloc_noprof+0xce/0x4f0 [ 268.234396][ T9879] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 268.241697][ T9879] ? lockdep_hardirqs_on+0x7c/0x110 [ 268.246911][ T9879] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 268.254056][ T9879] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 268.259530][ T9879] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 268.265609][ T9879] ? genl_get_cmd+0x195/0x580 [ 268.270304][ T9879] ? bpf_lsm_capable+0x9/0x10 [ 268.274993][ T9879] ? security_capable+0x7e/0x260 [ 268.279944][ T9879] ? ns_capable+0xd7/0x110 [ 268.284372][ T9879] genl_rcv_msg+0x565/0x800 [ 268.288899][ T9879] ? __pfx_genl_rcv_msg+0x10/0x10 [ 268.293935][ T9879] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 268.299322][ T9879] ? __pfx_nl80211_set_wiphy+0x10/0x10 [ 268.304798][ T9879] ? __pfx_nl80211_post_doit+0x10/0x10 [ 268.310285][ T9879] netlink_rcv_skb+0x165/0x410 [ 268.315059][ T9879] ? __pfx_genl_rcv_msg+0x10/0x10 [ 268.320095][ T9879] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 268.325396][ T9879] ? down_read+0xc9/0x330 [ 268.329737][ T9879] ? __pfx_down_read+0x10/0x10 [ 268.334512][ T9879] ? netlink_deliver_tap+0x1ae/0xca0 [ 268.339812][ T9879] genl_rcv+0x28/0x40 [ 268.343815][ T9879] netlink_unicast+0x53c/0x7f0 [ 268.348595][ T9879] ? __pfx_netlink_unicast+0x10/0x10 [ 268.353888][ T9879] ? __phys_addr_symbol+0x30/0x80 [ 268.358924][ T9879] ? __check_object_size+0x488/0x710 [ 268.364226][ T9879] netlink_sendmsg+0x8b8/0xd70 [ 268.369033][ T9879] ? __pfx_netlink_sendmsg+0x10/0x10 [ 268.374332][ T9879] ____sys_sendmsg+0x9ae/0xb40 [ 268.379138][ T9879] ? copy_msghdr_from_user+0x10b/0x160 [ 268.384611][ T9879] ? __pfx_____sys_sendmsg+0x10/0x10 [ 268.389919][ T9879] ___sys_sendmsg+0x135/0x1e0 [ 268.394613][ T9879] ? __pfx____sys_sendmsg+0x10/0x10 [ 268.399836][ T9879] ? __pfx_lock_release+0x10/0x10 [ 268.404876][ T9879] ? trace_lock_acquire+0x14e/0x1f0 [ 268.410094][ T9879] ? __fget_files+0x206/0x3a0 [ 268.414791][ T9879] __sys_sendmsg+0x16e/0x220 [ 268.419500][ T9879] ? __pfx___sys_sendmsg+0x10/0x10 [ 268.424646][ T9879] do_syscall_64+0xcd/0x250 [ 268.429162][ T9879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.435067][ T9879] RIP: 0033:0x7fc95ad85d29 [ 268.439486][ T9879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.459102][ T9879] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 268.467527][ T9879] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 268.475502][ T9879] RDX: 0000000020000084 RSI: 0000000020000080 RDI: 0000000000000003 [ 268.483478][ T9879] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 268.491456][ T9879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 268.499435][ T9879] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 268.507428][ T9879] [ 271.058842][ T9976] FAULT_INJECTION: forcing a failure. [ 271.058842][ T9976] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 271.160878][ T9976] CPU: 0 UID: 0 PID: 9976 Comm: syz.4.1145 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 271.171641][ T9976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 271.181727][ T9976] Call Trace: [ 271.185038][ T9976] [ 271.188006][ T9976] dump_stack_lvl+0x16c/0x1f0 [ 271.192725][ T9976] should_fail_ex+0x497/0x5b0 [ 271.197446][ T9976] _copy_to_user+0x32/0xd0 [ 271.201905][ T9976] simple_read_from_buffer+0xd0/0x160 [ 271.207332][ T9976] proc_fail_nth_read+0x198/0x270 [ 271.212403][ T9976] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 271.218003][ T9976] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 271.223604][ T9976] vfs_read+0x1df/0xbe0 [ 271.227804][ T9976] ? __fget_files+0x1fc/0x3a0 [ 271.232516][ T9976] ? __pfx___mutex_lock+0x10/0x10 [ 271.237579][ T9976] ? __pfx_vfs_read+0x10/0x10 [ 271.242302][ T9976] ? __fget_files+0x206/0x3a0 [ 271.247028][ T9976] ksys_read+0x12b/0x250 [ 271.251304][ T9976] ? __pfx_ksys_read+0x10/0x10 [ 271.256128][ T9976] do_syscall_64+0xcd/0x250 [ 271.260728][ T9976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.266667][ T9976] RIP: 0033:0x7f6c80b8473c [ 271.271106][ T9976] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 271.290754][ T9976] RSP: 002b:00007f6c7e9f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 271.299213][ T9976] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b8473c [ 271.307222][ T9976] RDX: 000000000000000f RSI: 00007f6c7e9f60a0 RDI: 0000000000000003 [ 271.315231][ T9976] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 271.323230][ T9976] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 271.331256][ T9976] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 271.339276][ T9976] ? 0xffffffffff600000 [ 271.343478][ T9976] [ 271.763835][ T9997] MTRR 1 not used [ 271.965973][ T9963] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1140'. [ 273.732151][T10011] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1154'. [ 274.407097][T10058] MTRR 1 not used [ 276.015754][T10056] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1169'. [ 276.515942][T10083] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1179'. [ 277.923380][ T53] Bluetooth: hci2: unexpected event 0x01 length: 13 > 1 [ 278.527783][T10164] FAULT_INJECTION: forcing a failure. [ 278.527783][T10164] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 278.591362][T10164] CPU: 0 UID: 0 PID: 10164 Comm: syz.4.1203 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 278.602202][T10164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 278.612281][T10164] Call Trace: [ 278.615583][T10164] [ 278.618530][T10164] dump_stack_lvl+0x16c/0x1f0 [ 278.623223][T10164] should_fail_ex+0x497/0x5b0 [ 278.627915][T10164] _copy_from_user+0x2e/0xd0 [ 278.632521][T10164] ? __pfx_drm_mode_getplane+0x10/0x10 [ 278.637993][T10164] drm_ioctl+0x4fc/0xba0 [ 278.642250][T10164] ? __pfx_drm_ioctl+0x10/0x10 [ 278.647019][T10164] ? __pfx_lock_release+0x10/0x10 [ 278.652046][T10164] ? trace_lock_acquire+0x14e/0x1f0 [ 278.657268][T10164] ? __pfx_drm_ioctl+0x10/0x10 [ 278.662036][T10164] __x64_sys_ioctl+0x190/0x200 [ 278.666806][T10164] do_syscall_64+0xcd/0x250 [ 278.671320][T10164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.677225][T10164] RIP: 0033:0x7f6c80b85d29 [ 278.681641][T10164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.701255][T10164] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 278.709676][T10164] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 278.717655][T10164] RDX: 0000000000006162 RSI: 00000000900064b6 RDI: 0000000000000003 [ 278.725629][T10164] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 278.733604][T10164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 278.741579][T10164] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 278.749576][T10164] [ 279.121107][T10128] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1192'. [ 279.635921][T10168] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1204'. [ 279.702717][T10168] netdevsim netdevsim5 netdevsim2: entered allmulticast mode [ 280.696296][T10170] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1205'. [ 280.774157][T10201] FAULT_INJECTION: forcing a failure. [ 280.774157][T10201] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 280.817179][T10201] CPU: 0 UID: 0 PID: 10201 Comm: syz.5.1210 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 280.828021][T10201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 280.838109][T10201] Call Trace: [ 280.841394][T10201] [ 280.844328][T10201] dump_stack_lvl+0x16c/0x1f0 [ 280.849024][T10201] should_fail_ex+0x497/0x5b0 [ 280.853719][T10201] _copy_to_user+0x32/0xd0 [ 280.858154][T10201] simple_read_from_buffer+0xd0/0x160 [ 280.863545][T10201] proc_fail_nth_read+0x198/0x270 [ 280.868586][T10201] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 280.874168][T10201] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 280.879755][T10201] vfs_read+0x1df/0xbe0 [ 280.883935][T10201] ? __fget_files+0x1fc/0x3a0 [ 280.888632][T10201] ? __pfx___mutex_lock+0x10/0x10 [ 280.893670][T10201] ? __pfx_vfs_read+0x10/0x10 [ 280.898361][T10201] ? __fget_files+0x206/0x3a0 [ 280.903054][T10201] ksys_read+0x12b/0x250 [ 280.907303][T10201] ? __pfx_ksys_read+0x10/0x10 [ 280.912081][T10201] do_syscall_64+0xcd/0x250 [ 280.916595][T10201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.922495][T10201] RIP: 0033:0x7f0e7558473c [ 280.926911][T10201] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 280.946524][T10201] RSP: 002b:00007f0e7634c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 280.954947][T10201] RAX: ffffffffffffffda RBX: 00007f0e75775fa0 RCX: 00007f0e7558473c [ 280.962927][T10201] RDX: 000000000000000f RSI: 00007f0e7634c0a0 RDI: 0000000000000004 [ 280.970905][T10201] RBP: 00007f0e7634c090 R08: 0000000000000000 R09: 0000000000000000 [ 280.978883][T10201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 280.986859][T10201] R13: 0000000000000000 R14: 00007f0e75775fa0 R15: 00007fffd5d1c218 [ 280.994851][T10201] [ 281.520519][T10179] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1206'. [ 282.952363][T10242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1218'. [ 283.032030][T10283] FAULT_INJECTION: forcing a failure. [ 283.032030][T10283] name failslab, interval 1, probability 0, space 0, times 0 [ 283.073687][T10283] CPU: 0 UID: 0 PID: 10283 Comm: syz.4.1227 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 283.084535][T10283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 283.094647][T10283] Call Trace: [ 283.097955][T10283] [ 283.100920][T10283] dump_stack_lvl+0x16c/0x1f0 [ 283.105649][T10283] should_fail_ex+0x497/0x5b0 [ 283.110369][T10283] ? fs_reclaim_acquire+0xae/0x150 [ 283.115530][T10283] should_failslab+0xc2/0x120 [ 283.120260][T10283] __kmalloc_noprof+0xce/0x4f0 [ 283.125044][T10283] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 283.130701][T10283] ? tomoyo_realpath_from_path+0xbf/0x710 [ 283.136453][T10283] tomoyo_realpath_from_path+0xbf/0x710 [ 283.142015][T10283] ? tomoyo_path_number_perm+0x235/0x5b0 [ 283.147667][T10283] tomoyo_path_number_perm+0x248/0x5b0 [ 283.153156][T10283] ? tomoyo_path_number_perm+0x235/0x5b0 [ 283.158806][T10283] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 283.164828][T10283] ? __pfx_lock_release+0x10/0x10 [ 283.169865][T10283] ? trace_lock_acquire+0x14e/0x1f0 [ 283.175078][T10283] ? lock_acquire+0x2f/0xb0 [ 283.179581][T10283] ? __fget_files+0x40/0x3a0 [ 283.184181][T10283] ? __fget_files+0x206/0x3a0 [ 283.188869][T10283] security_file_ioctl+0x9b/0x240 [ 283.193900][T10283] __x64_sys_ioctl+0xb7/0x200 [ 283.198582][T10283] do_syscall_64+0xcd/0x250 [ 283.203100][T10283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.209006][T10283] RIP: 0033:0x7f6c80b85d29 [ 283.213427][T10283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.233046][T10283] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 283.241484][T10283] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 283.249462][T10283] RDX: 0000000000005c8d RSI: 00000000401054d5 RDI: 00000000000000c8 [ 283.257436][T10283] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 283.265407][T10283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 283.273380][T10283] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 283.281365][T10283] [ 283.531544][T10283] ERROR: Out of memory at tomoyo_realpath_from_path. [ 283.566654][T10295] warn_alloc: 1 callbacks suppressed [ 283.566673][T10295] syz.5.1230: vmalloc error: size 8192, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 283.610989][T10295] CPU: 0 UID: 0 PID: 10295 Comm: syz.5.1230 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 283.621824][T10295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 283.631922][T10295] Call Trace: [ 283.635227][T10295] [ 283.638247][T10295] dump_stack_lvl+0x16c/0x1f0 [ 283.643056][T10295] warn_alloc+0x24d/0x3a0 [ 283.647428][T10295] ? __pfx_warn_alloc+0x10/0x10 [ 283.652322][T10295] ? policy_nodemask+0xea/0x4e0 [ 283.657210][T10295] ? alloc_pages_mpol_noprof+0x315/0x610 [ 283.662888][T10295] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 283.668906][T10295] ? trace_kmalloc+0x2d/0xd0 [ 283.673526][T10295] ? __pfx___might_resched+0x10/0x10 [ 283.678852][T10295] __vmalloc_node_range_noprof+0x12c0/0x1530 [ 283.684882][T10295] ? kernel_clone+0xfd/0x960 [ 283.689515][T10295] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 283.695880][T10295] ? rcu_is_watching+0x12/0xc0 [ 283.700676][T10295] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 283.706081][T10295] ? kmem_cache_alloc_node_noprof+0x219/0x3b0 [ 283.712189][T10295] ? copy_process+0x49c/0x6f20 [ 283.716993][T10295] ? kernel_clone+0xfd/0x960 [ 283.721629][T10295] copy_process+0x29b3/0x6f20 [ 283.726350][T10295] ? kernel_clone+0xfd/0x960 [ 283.730993][T10295] ? get_pid_task+0xfc/0x250 [ 283.735625][T10295] ? __pfx_lock_release+0x10/0x10 [ 283.740680][T10295] ? trace_lock_acquire+0x14e/0x1f0 [ 283.745937][T10295] ? __pfx_copy_process+0x10/0x10 [ 283.751000][T10295] ? find_held_lock+0x2d/0x110 [ 283.755812][T10295] kernel_clone+0xfd/0x960 [ 283.760262][T10295] ? __pfx_kernel_clone+0x10/0x10 [ 283.765329][T10295] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 283.771345][T10295] ? 0xffffffff81000000 [ 283.775518][T10295] __do_sys_clone+0xba/0x100 [ 283.780141][T10295] ? __pfx___do_sys_clone+0x10/0x10 [ 283.785371][T10295] ? 0xffffffff81000000 [ 283.789565][T10295] do_syscall_64+0xcd/0x250 [ 283.794102][T10295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.800027][T10295] RIP: 0033:0x7f0e75585d29 [ 283.804468][T10295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.824112][T10295] RSP: 002b:00007f0e7634c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 283.832568][T10295] RAX: ffffffffffffffda RBX: 00007f0e75775fa0 RCX: 00007f0e75585d29 [ 283.840580][T10295] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 000000000000d65d [ 283.848585][T10295] RBP: 00007f0e7634c090 R08: 0000000000000009 R09: 0000000000000000 [ 283.856596][T10295] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000001 [ 283.864603][T10295] R13: 0000000000000000 R14: 00007f0e75775fa0 R15: 00007fffd5d1c218 [ 283.872610][T10295] ? 0xffffffff81000000 [ 283.876802][T10295] [ 283.887010][T10295] Mem-Info: [ 283.890217][T10295] active_anon:18558 inactive_anon:6 isolated_anon:0 [ 283.890217][T10295] active_file:5563 inactive_file:51650 isolated_file:0 [ 283.890217][T10295] unevictable:768 dirty:55 writeback:0 [ 283.890217][T10295] slab_reclaimable:10910 slab_unreclaimable:97388 [ 283.890217][T10295] mapped:25331 shmem:1463 pagetables:1018 [ 283.890217][T10295] sec_pagetables:0 bounce:0 [ 283.890217][T10295] kernel_misc_reclaimable:0 [ 283.890217][T10295] free:1278603 free_pcp:13585 free_cma:0 [ 283.935444][ C1] vkms_vblank_simulate: vblank timer overrun [ 284.024174][T10295] Node 0 active_anon:74332kB inactive_anon:24kB active_file:22224kB inactive_file:206492kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101312kB dirty:220kB writeback:0kB shmem:4316kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11240kB pagetables:4072kB sec_pagetables:0kB all_unreclaimable? no [ 284.056633][ C1] vkms_vblank_simulate: vblank timer overrun [ 284.126344][T10295] Node 1 active_anon:0kB inactive_anon:0kB active_file:28kB inactive_file:108kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:12kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 284.199486][T10295] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 284.253453][T10295] lowmem_reserve[]: 0 2465 2466 0 0 [ 284.264478][T10295] Node 0 DMA32 free:1371300kB boost:76944kB min:111144kB low:119692kB high:128240kB reserved_highatomic:0KB active_anon:74324kB inactive_anon:0kB active_file:22224kB inactive_file:205720kB unevictable:1536kB writepending:348kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:2764kB local_pcp:1056kB free_cma:0kB [ 284.324932][T10295] lowmem_reserve[]: 0 0 0 0 0 [ 284.334108][T10295] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:4kB free_cma:0kB [ 284.361035][ C1] vkms_vblank_simulate: vblank timer overrun [ 284.448551][T10295] lowmem_reserve[]: 0 0 0 0 0 [ 284.453383][T10295] Node 1 Normal free:3873268kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:28kB inactive_file:108kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:38672kB local_pcp:22448kB free_cma:0kB [ 284.537405][T10295] lowmem_reserve[]: 0 0 0 0 0 [ 284.575280][T10295] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (UM) = 15360kB [ 284.628590][T10295] Node 0 DMA32: 1543*4kB (UME) 1494*8kB (UME) 1088*16kB (UME) 1047*32kB (UME) 626*64kB (UME) 766*128kB (UM) 461*256kB (UM) 311*512kB (UM) 72*1024kB (UM) 32*2048kB (UM) 157*4096kB (UM) = 1266732kB [ 284.667286][T10295] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 284.705617][T10295] Node 1 Normal: 181*4kB (UM) 56*8kB (UME) 42*16kB (UME) 164*32kB (UME) 85*64kB (UME) 44*128kB (UME) 15*256kB (UME) 4*512kB (U) 3*1024kB (UE) 2*2048kB (UE) 938*4096kB (UM) = 3873268kB [ 284.746790][T10295] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 284.756519][T10295] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 284.779516][T10295] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 284.793480][T10295] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 284.805620][T10295] 59622 total pagecache pages [ 284.810338][T10295] 0 pages in swap cache [ 284.814513][T10295] Free swap = 122124kB [ 284.824873][T10295] Total swap = 124996kB [ 284.829091][T10295] 2097051 pages RAM [ 284.832920][T10295] 0 pages HighMem/MovableOnly [ 284.843817][T10295] 427367 pages reserved [ 284.854878][T10295] 0 pages cma reserved [ 285.243326][T10351] FAULT_INJECTION: forcing a failure. [ 285.243326][T10351] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 285.333834][T10351] CPU: 0 UID: 0 PID: 10351 Comm: syz.0.1240 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 285.344670][T10351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 285.354759][T10351] Call Trace: [ 285.358063][T10351] [ 285.361031][T10351] dump_stack_lvl+0x16c/0x1f0 [ 285.365755][T10351] should_fail_ex+0x497/0x5b0 [ 285.370481][T10351] _copy_to_user+0x32/0xd0 [ 285.374949][T10351] simple_read_from_buffer+0xd0/0x160 [ 285.380404][T10351] proc_fail_nth_read+0x198/0x270 [ 285.385476][T10351] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 285.391076][T10351] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 285.396666][T10351] vfs_read+0x1df/0xbe0 [ 285.400852][T10351] ? __fget_files+0x1fc/0x3a0 [ 285.405562][T10351] ? __pfx___mutex_lock+0x10/0x10 [ 285.410623][T10351] ? __pfx_vfs_read+0x10/0x10 [ 285.415343][T10351] ? __fget_files+0x206/0x3a0 [ 285.420073][T10351] ksys_read+0x12b/0x250 [ 285.424356][T10351] ? __pfx_ksys_read+0x10/0x10 [ 285.429167][T10351] do_syscall_64+0xcd/0x250 [ 285.433709][T10351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.439646][T10351] RIP: 0033:0x7fc95ad8473c [ 285.444090][T10351] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 285.463740][T10351] RSP: 002b:00007fc95bb91030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 285.472199][T10351] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad8473c [ 285.480211][T10351] RDX: 000000000000000f RSI: 00007fc95bb910a0 RDI: 0000000000000004 [ 285.488224][T10351] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 285.496230][T10351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 285.504236][T10351] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 285.512265][T10351] [ 286.280221][T10306] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1231'. [ 286.808854][T10396] FAULT_INJECTION: forcing a failure. [ 286.808854][T10396] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 286.863380][T10374] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1242'. [ 286.865820][T10396] CPU: 0 UID: 0 PID: 10396 Comm: syz.0.1246 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 286.883140][T10396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 286.893227][T10396] Call Trace: [ 286.896539][T10396] [ 286.899491][T10396] dump_stack_lvl+0x16c/0x1f0 [ 286.904214][T10396] should_fail_ex+0x497/0x5b0 [ 286.908926][T10396] ? fs_reclaim_acquire+0xae/0x150 [ 286.914073][T10396] should_fail_alloc_page+0xe7/0x130 [ 286.919407][T10396] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 286.925603][T10396] __alloc_pages_noprof+0x190/0x25b0 [ 286.930934][T10396] ? __pfx_register_lock_class+0x10/0x10 [ 286.936604][T10396] ? hlock_class+0x4e/0x130 [ 286.941140][T10396] ? hlock_class+0x4e/0x130 [ 286.945675][T10396] ? mark_lock+0xb5/0xc60 [ 286.950043][T10396] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 286.955812][T10396] ? __pfx_mark_lock+0x10/0x10 [ 286.960621][T10396] ? __pfx_mark_lock+0x10/0x10 [ 286.965437][T10396] ? kasan_save_stack+0x33/0x60 [ 286.970332][T10396] ? __pfx___lock_acquire+0x10/0x10 [ 286.975582][T10396] ? hlock_class+0x4e/0x130 [ 286.980127][T10396] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 286.986067][T10396] ? policy_nodemask+0xea/0x4e0 [ 286.990960][T10396] alloc_pages_mpol_noprof+0x2c9/0x610 [ 286.996468][T10396] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 287.002509][T10396] ? __pfx___lock_acquire+0x10/0x10 [ 287.007755][T10396] ? __pfx___lock_acquire+0x10/0x10 [ 287.013004][T10396] ? __pfx_filemap_map_pages+0x10/0x10 [ 287.018504][T10396] pte_alloc_one+0x20/0x390 [ 287.023041][T10396] __do_fault+0x320/0x490 [ 287.027408][T10396] ? __pfx_filemap_map_pages+0x10/0x10 [ 287.032901][T10396] do_pte_missing+0x1a8/0x3e00 [ 287.037726][T10396] __handle_mm_fault+0x103c/0x2a40 [ 287.042891][T10396] ? __pfx___handle_mm_fault+0x10/0x10 [ 287.048385][T10396] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 287.054069][T10396] ? find_vma+0xc0/0x140 [ 287.058351][T10396] ? __pfx_find_vma+0x10/0x10 [ 287.063068][T10396] handle_mm_fault+0x3fa/0xaa0 [ 287.067878][T10396] do_user_addr_fault+0x7a3/0x13f0 [ 287.073036][T10396] exc_page_fault+0x5c/0xc0 [ 287.077584][T10396] asm_exc_page_fault+0x26/0x30 [ 287.082477][T10396] RIP: 0010:rep_movs_alternative+0x15/0x70 [ 287.088341][T10396] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 [ 287.107986][T10396] RSP: 0018:ffffc9000c957af8 EFLAGS: 00050202 [ 287.114093][T10396] RAX: 0000000000000033 RBX: 0000000000000000 RCX: 0000000000000002 [ 287.122104][T10396] RDX: ffffed10045e9801 RSI: ffff888022f4c000 RDI: 0000000000000000 [ 287.130196][T10396] RBP: ffffc9000c957da0 R08: 0000000000000000 R09: ffffed10045e9800 [ 287.138205][T10396] R10: ffff888022f4c001 R11: 0000000000000002 R12: 0000000000000002 [ 287.146212][T10396] R13: 00007ffffffff000 R14: ffff888022f4c000 R15: 0000000000000002 [ 287.154251][T10396] _copy_to_iter+0x384/0x1400 [ 287.158981][T10396] ? trace_lock_acquire+0x14e/0x1f0 [ 287.164220][T10396] ? __pfx_lock_release+0x10/0x10 [ 287.169290][T10396] ? __pfx__copy_to_iter+0x10/0x10 [ 287.174445][T10396] ? __virt_addr_valid+0x1a4/0x590 [ 287.179605][T10396] ? __virt_addr_valid+0x5e/0x590 [ 287.184669][T10396] ? __phys_addr_symbol+0x30/0x80 [ 287.189734][T10396] ? __check_object_size+0x488/0x710 [ 287.195074][T10396] seq_read_iter+0xd00/0x12b0 [ 287.199807][T10396] kernfs_fop_read_iter+0x414/0x580 [ 287.205059][T10396] ? rw_verify_area+0xd0/0x700 [ 287.209862][T10396] vfs_read+0x87f/0xbe0 [ 287.214064][T10396] ? __pfx_vfs_read+0x10/0x10 [ 287.218803][T10396] ksys_read+0x12b/0x250 [ 287.223086][T10396] ? __pfx_ksys_read+0x10/0x10 [ 287.227896][T10396] do_syscall_64+0xcd/0x250 [ 287.232443][T10396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.238377][T10396] RIP: 0033:0x7fc95ad85d29 [ 287.242824][T10396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.262469][T10396] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 287.270922][T10396] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 287.278928][T10396] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 287.286938][T10396] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 287.294955][T10396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.302970][T10396] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 287.310997][T10396] [ 287.912516][T10416] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1247'. [ 288.083650][T10432] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1249'. [ 288.155011][T10432] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1249'. [ 290.132684][T10475] FAULT_INJECTION: forcing a failure. [ 290.132684][T10475] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 290.183470][T10475] CPU: 0 UID: 0 PID: 10475 Comm: syz.4.1260 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 290.194307][T10475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 290.204400][T10475] Call Trace: [ 290.207713][T10475] [ 290.210671][T10475] dump_stack_lvl+0x16c/0x1f0 [ 290.215391][T10475] should_fail_ex+0x497/0x5b0 [ 290.220105][T10475] _copy_from_user+0x2e/0xd0 [ 290.224744][T10475] sctp_getsockopt+0x3891/0x7ae0 [ 290.229731][T10475] ? aa_label_sk_perm+0x19d/0x5a0 [ 290.234816][T10475] ? __pfx_sctp_getsockopt+0x10/0x10 [ 290.240138][T10475] ? __lock_acquire+0x15a9/0x3c40 [ 290.245214][T10475] ? __pfx___lock_acquire+0x10/0x10 [ 290.250447][T10475] ? find_held_lock+0x2d/0x110 [ 290.255235][T10475] ? __might_fault+0x13b/0x190 [ 290.260021][T10475] ? __pfx_lock_release+0x10/0x10 [ 290.265056][T10475] ? trace_lock_acquire+0x14e/0x1f0 [ 290.270276][T10475] ? lock_acquire+0x2f/0xb0 [ 290.274782][T10475] ? __might_fault+0xe3/0x190 [ 290.279483][T10475] ? __might_fault+0xe3/0x190 [ 290.284175][T10475] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 290.290080][T10475] ? do_sock_getsockopt+0x3fe/0x870 [ 290.295284][T10475] do_sock_getsockopt+0x3fe/0x870 [ 290.300320][T10475] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 290.305872][T10475] ? __pfx_do_sys_openat2+0x10/0x10 [ 290.311098][T10475] __sys_getsockopt+0x12f/0x260 [ 290.315968][T10475] __x64_sys_getsockopt+0xbd/0x160 [ 290.321108][T10475] ? do_syscall_64+0x91/0x250 [ 290.325793][T10475] ? lockdep_hardirqs_on+0x7c/0x110 [ 290.330999][T10475] do_syscall_64+0xcd/0x250 [ 290.335514][T10475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.341419][T10475] RIP: 0033:0x7f6c80b85d29 [ 290.345841][T10475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.365454][T10475] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 290.373877][T10475] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 290.381854][T10475] RDX: 0000000000000080 RSI: 0000000000000084 RDI: 0000000000000006 [ 290.389826][T10475] RBP: 00007f6c7e9f6090 R08: 0000000020000000 R09: 0000000000000000 [ 290.397801][T10475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 290.405782][T10475] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 290.413790][T10475] [ 290.918583][T10497] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1265'. [ 290.962551][T10497] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 291.156484][T10497] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.063989][T10481] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1258'. [ 295.317992][T10572] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1276'. [ 295.369387][ T29] audit: type=1800 audit(4294967361.760:7): pid=10623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1284" name="lu_gp_id" dev="configfs" ino=28197 res=0 errno=0 [ 295.883478][T10616] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1283'. [ 297.411428][T10652] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1292'. [ 297.865166][T10659] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1295'. [ 299.369225][T10686] Process accounting resumed [ 299.811978][T10673] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1302'. [ 299.888815][T10691] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 299.905894][T10691] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 299.990036][T10691] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 300.004957][T10691] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 300.046863][T10691] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 300.055726][T10691] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 300.112474][T10691] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 300.119520][T10691] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 300.202115][T10691] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 301.290725][T10714] FAULT_INJECTION: forcing a failure. [ 301.290725][T10714] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 301.306095][T10714] CPU: 1 UID: 0 PID: 10714 Comm: syz.2.1311 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 301.316916][T10714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 301.327011][T10714] Call Trace: [ 301.330322][T10714] [ 301.333358][T10714] dump_stack_lvl+0x16c/0x1f0 [ 301.338090][T10714] should_fail_ex+0x497/0x5b0 [ 301.342820][T10714] _copy_to_user+0x32/0xd0 [ 301.347296][T10714] simple_read_from_buffer+0xd0/0x160 [ 301.352728][T10714] proc_fail_nth_read+0x198/0x270 [ 301.357827][T10714] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 301.363423][T10714] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 301.369015][T10714] vfs_read+0x1df/0xbe0 [ 301.373213][T10714] ? __fget_files+0x1fc/0x3a0 [ 301.377934][T10714] ? __pfx___mutex_lock+0x10/0x10 [ 301.382998][T10714] ? __pfx_vfs_read+0x10/0x10 [ 301.387721][T10714] ? __fget_files+0x206/0x3a0 [ 301.392443][T10714] ksys_read+0x12b/0x250 [ 301.396720][T10714] ? __pfx_ksys_read+0x10/0x10 [ 301.401528][T10714] do_syscall_64+0xcd/0x250 [ 301.406080][T10714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.412016][T10714] RIP: 0033:0x7f528218473c [ 301.416463][T10714] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 301.436105][T10714] RSP: 002b:00007f527fff6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 301.444531][T10714] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f528218473c [ 301.452510][T10714] RDX: 000000000000000f RSI: 00007f527fff60a0 RDI: 0000000000000004 [ 301.460484][T10714] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 301.468463][T10714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.476436][T10714] R13: 0000000000000000 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 301.484426][T10714] [ 301.934981][ T5836] Bluetooth: hci0: command 0x0406 tx timeout [ 302.020239][ T5836] Bluetooth: hci2: command 0x0406 tx timeout [ 302.102782][ T5836] Bluetooth: hci4: command 0x0406 tx timeout [ 302.175943][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 304.014885][ T5836] Bluetooth: hci0: command 0x0406 tx timeout [ 304.104866][ T5836] Bluetooth: hci2: command 0x0406 tx timeout [ 304.183233][ T5836] Bluetooth: hci4: command 0x0406 tx timeout [ 304.255279][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 304.495868][T10780] FAULT_INJECTION: forcing a failure. [ 304.495868][T10780] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 304.529782][T10780] CPU: 0 UID: 0 PID: 10780 Comm: syz.0.1335 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 304.540621][T10780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 304.550722][T10780] Call Trace: [ 304.554021][T10780] [ 304.556974][T10780] dump_stack_lvl+0x16c/0x1f0 [ 304.561696][T10780] should_fail_ex+0x497/0x5b0 [ 304.566411][T10780] _copy_to_user+0x32/0xd0 [ 304.570894][T10780] drm_ioctl+0x5a6/0xba0 [ 304.575184][T10780] ? __pfx_drm_ioctl+0x10/0x10 [ 304.579969][T10780] ? __pfx_lock_release+0x10/0x10 [ 304.584997][T10780] ? trace_lock_acquire+0x14e/0x1f0 [ 304.590226][T10780] ? __pfx_drm_ioctl+0x10/0x10 [ 304.594996][T10780] __x64_sys_ioctl+0x190/0x200 [ 304.599767][T10780] do_syscall_64+0xcd/0x250 [ 304.604289][T10780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.610199][T10780] RIP: 0033:0x7fc95ad85d29 [ 304.614620][T10780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.634236][T10780] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 304.642660][T10780] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 304.650641][T10780] RDX: 0000000000006162 RSI: 00000000900064b6 RDI: 0000000000000003 [ 304.658620][T10780] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 304.666595][T10780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 304.674567][T10780] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 304.682576][T10780] [ 304.685615][ C0] vkms_vblank_simulate: vblank timer overrun [ 306.334997][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 306.591665][T10781] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1333'. [ 306.650498][T10812] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1344'. [ 306.688781][T10793] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1339'. [ 307.521982][T10834] FAULT_INJECTION: forcing a failure. [ 307.521982][T10834] name failslab, interval 1, probability 0, space 0, times 0 [ 307.544907][T10834] CPU: 1 UID: 0 PID: 10834 Comm: syz.0.1349 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 307.555748][T10834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 307.565848][T10834] Call Trace: [ 307.569148][T10834] [ 307.572105][T10834] dump_stack_lvl+0x16c/0x1f0 [ 307.576831][T10834] should_fail_ex+0x497/0x5b0 [ 307.581561][T10834] ? fs_reclaim_acquire+0xae/0x150 [ 307.586726][T10834] should_failslab+0xc2/0x120 [ 307.591452][T10834] __kmalloc_node_noprof+0xd1/0x520 [ 307.596688][T10834] ? trace_contention_end+0xee/0x140 [ 307.602005][T10834] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 307.607497][T10834] ? find_held_lock+0x2d/0x110 [ 307.612284][T10834] __kvmalloc_node_noprof+0xad/0x1a0 [ 307.617582][T10834] traverse.part.0.constprop.0+0x392/0x640 [ 307.623394][T10834] ? trace_lock_acquire+0x14e/0x1f0 [ 307.628625][T10834] seq_lseek+0x2b4/0x440 [ 307.632880][T10834] proc_reg_llseek+0x205/0x2f0 [ 307.637653][T10834] ksys_lseek+0xf0/0x1b0 [ 307.641903][T10834] do_syscall_64+0xcd/0x250 [ 307.646417][T10834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.652324][T10834] RIP: 0033:0x7fc95ad85d29 [ 307.656747][T10834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.676364][T10834] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 [ 307.684801][T10834] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 307.692780][T10834] RDX: 0000000000000001 RSI: 7fffffffffffffff RDI: 0000000000000003 [ 307.700759][T10834] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 307.708737][T10834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 307.716717][T10834] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 307.724718][T10834] [ 307.961627][T10830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1347'. [ 308.216939][T10830] team0: Port device team_slave_0 removed [ 308.842879][T10863] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1357'. [ 309.156004][T10849] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1353'. [ 309.906911][T10904] FAULT_INJECTION: forcing a failure. [ 309.906911][T10904] name failslab, interval 1, probability 0, space 0, times 0 [ 309.955070][T10904] CPU: 1 UID: 0 PID: 10904 Comm: syz.0.1372 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 309.965903][T10904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 309.975992][T10904] Call Trace: [ 309.979298][T10904] [ 309.982262][T10904] dump_stack_lvl+0x16c/0x1f0 [ 309.986985][T10904] should_fail_ex+0x497/0x5b0 [ 309.991745][T10904] ? fs_reclaim_acquire+0xae/0x150 [ 309.996902][T10904] should_failslab+0xc2/0x120 [ 310.001620][T10904] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 310.007031][T10904] ? ptlock_alloc+0x1f/0x70 [ 310.011571][T10904] ? __pfx_filemap_map_pages+0x10/0x10 [ 310.017066][T10904] ptlock_alloc+0x1f/0x70 [ 310.021436][T10904] pte_alloc_one+0x74/0x390 [ 310.025971][T10904] __do_fault+0x320/0x490 [ 310.030333][T10904] ? __pfx_filemap_map_pages+0x10/0x10 [ 310.035826][T10904] do_pte_missing+0x1a8/0x3e00 [ 310.040649][T10904] __handle_mm_fault+0x103c/0x2a40 [ 310.045814][T10904] ? __pfx___handle_mm_fault+0x10/0x10 [ 310.051307][T10904] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 310.056994][T10904] ? find_vma+0xc0/0x140 [ 310.061264][T10904] ? __pfx_find_vma+0x10/0x10 [ 310.065969][T10904] handle_mm_fault+0x3fa/0xaa0 [ 310.070752][T10904] do_user_addr_fault+0x7a3/0x13f0 [ 310.075879][T10904] exc_page_fault+0x5c/0xc0 [ 310.080393][T10904] asm_exc_page_fault+0x26/0x30 [ 310.085252][T10904] RIP: 0010:rep_movs_alternative+0x15/0x70 [ 310.091073][T10904] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 [ 310.110685][T10904] RSP: 0018:ffffc90005b07af8 EFLAGS: 00050202 [ 310.116758][T10904] RAX: 0000000000000033 RBX: 0000000000000000 RCX: 0000000000000002 [ 310.124760][T10904] RDX: ffffed1006a13401 RSI: ffff88803509a000 RDI: 0000000000000000 [ 310.132746][T10904] RBP: ffffc90005b07da0 R08: 0000000000000000 R09: ffffed1006a13400 [ 310.140816][T10904] R10: ffff88803509a001 R11: 0000000000000002 R12: 0000000000000002 [ 310.148795][T10904] R13: 00007ffffffff000 R14: ffff88803509a000 R15: 0000000000000002 [ 310.156789][T10904] _copy_to_iter+0x384/0x1400 [ 310.161487][T10904] ? trace_lock_acquire+0x14e/0x1f0 [ 310.166701][T10904] ? __pfx_lock_release+0x10/0x10 [ 310.171730][T10904] ? __pfx__copy_to_iter+0x10/0x10 [ 310.176850][T10904] ? __virt_addr_valid+0x1a4/0x590 [ 310.181981][T10904] ? __virt_addr_valid+0x5e/0x590 [ 310.187018][T10904] ? __phys_addr_symbol+0x30/0x80 [ 310.192059][T10904] ? __check_object_size+0x488/0x710 [ 310.197363][T10904] seq_read_iter+0xd00/0x12b0 [ 310.202059][T10904] kernfs_fop_read_iter+0x414/0x580 [ 310.207276][T10904] ? rw_verify_area+0xd0/0x700 [ 310.212053][T10904] vfs_read+0x87f/0xbe0 [ 310.216221][T10904] ? __pfx_vfs_read+0x10/0x10 [ 310.220922][T10904] ksys_read+0x12b/0x250 [ 310.225170][T10904] ? __pfx_ksys_read+0x10/0x10 [ 310.229955][T10904] do_syscall_64+0xcd/0x250 [ 310.234471][T10904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.240377][T10904] RIP: 0033:0x7fc95ad85d29 [ 310.244805][T10904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.264432][T10904] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 310.272857][T10904] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 310.280832][T10904] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 310.288805][T10904] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 310.296788][T10904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 310.304766][T10904] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 310.312760][T10904] [ 310.578216][T10912] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1377'. [ 310.792979][T10910] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1373'. [ 311.376556][T10948] FAULT_INJECTION: forcing a failure. [ 311.376556][T10948] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 311.393305][T10945] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1384'. [ 311.403231][T10948] CPU: 1 UID: 0 PID: 10948 Comm: syz.4.1387 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 311.414045][T10948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 311.424137][T10948] Call Trace: [ 311.427443][T10948] [ 311.430396][T10948] dump_stack_lvl+0x16c/0x1f0 [ 311.435110][T10948] should_fail_ex+0x497/0x5b0 [ 311.439836][T10948] _copy_to_user+0x32/0xd0 [ 311.440783][T10943] FAULT_INJECTION: forcing a failure. [ 311.440783][T10943] name failslab, interval 1, probability 0, space 0, times 0 [ 311.444274][T10948] simple_read_from_buffer+0xd0/0x160 [ 311.462437][T10948] proc_fail_nth_read+0x198/0x270 [ 311.467490][T10948] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 311.473061][T10948] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 311.478629][T10948] vfs_read+0x1df/0xbe0 [ 311.482806][T10948] ? __pfx_vfs_read+0x10/0x10 [ 311.487500][T10948] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 311.493062][T10948] ? __pfx_do_sys_openat2+0x10/0x10 [ 311.498296][T10948] ksys_read+0x12b/0x250 [ 311.502553][T10948] ? __pfx_ksys_read+0x10/0x10 [ 311.507339][T10948] do_syscall_64+0xcd/0x250 [ 311.511865][T10948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.517777][T10948] RIP: 0033:0x7f6c80b8473c [ 311.522203][T10948] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 311.541825][T10948] RSP: 002b:00007f6c7e9f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 311.550261][T10948] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b8473c [ 311.558243][T10948] RDX: 000000000000000f RSI: 00007f6c7e9f60a0 RDI: 0000000000000007 [ 311.566225][T10948] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 311.574203][T10948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 311.582188][T10948] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 311.590191][T10948] [ 311.593225][T10943] CPU: 0 UID: 0 PID: 10943 Comm: syz.0.1386 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 311.604025][T10943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 311.614109][T10943] Call Trace: [ 311.617422][T10943] [ 311.620373][T10943] dump_stack_lvl+0x16c/0x1f0 [ 311.625069][T10943] should_fail_ex+0x497/0x5b0 [ 311.629760][T10943] should_failslab+0xc2/0x120 [ 311.634451][T10943] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 311.639832][T10943] ? trace_lock_acquire+0x14e/0x1f0 [ 311.645042][T10943] ? skb_clone+0x190/0x3f0 [ 311.649479][T10943] skb_clone+0x190/0x3f0 [ 311.653738][T10943] dev_queue_xmit_nit+0x38f/0xbc0 [ 311.658783][T10943] dev_hard_start_xmit+0x283/0x7b0 [ 311.663905][T10943] __dev_queue_xmit+0x7f0/0x43e0 [ 311.668861][T10943] ? __pfx___dev_queue_xmit+0x10/0x10 [ 311.674267][T10943] ? rcu_is_watching+0x12/0xc0 [ 311.679045][T10943] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 311.684433][T10943] ? __copy_skb_header+0x2e8/0x5b0 [ 311.689558][T10943] ? __skb_clone+0x570/0x760 [ 311.694166][T10943] netlink_deliver_tap+0xa61/0xca0 [ 311.699291][T10943] netlink_unicast+0x5e1/0x7f0 [ 311.704071][T10943] ? __pfx_netlink_unicast+0x10/0x10 [ 311.709376][T10943] ? __phys_addr_symbol+0x30/0x80 [ 311.714412][T10943] ? __check_object_size+0x488/0x710 [ 311.719718][T10943] netlink_sendmsg+0x8b8/0xd70 [ 311.724581][T10943] ? __pfx_netlink_sendmsg+0x10/0x10 [ 311.729881][T10943] ____sys_sendmsg+0x9ae/0xb40 [ 311.734653][T10943] ? copy_msghdr_from_user+0x10b/0x160 [ 311.740124][T10943] ? __pfx_____sys_sendmsg+0x10/0x10 [ 311.745427][T10943] ___sys_sendmsg+0x135/0x1e0 [ 311.750118][T10943] ? __pfx____sys_sendmsg+0x10/0x10 [ 311.755345][T10943] ? __pfx_lock_release+0x10/0x10 [ 311.760376][T10943] ? trace_lock_acquire+0x14e/0x1f0 [ 311.765593][T10943] ? __fget_files+0x206/0x3a0 [ 311.770287][T10943] __sys_sendmsg+0x16e/0x220 [ 311.774901][T10943] ? __pfx___sys_sendmsg+0x10/0x10 [ 311.780044][T10943] do_syscall_64+0xcd/0x250 [ 311.784562][T10943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.790465][T10943] RIP: 0033:0x7fc95ad85d29 [ 311.794887][T10943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.814525][T10943] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 311.822963][T10943] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 311.830942][T10943] RDX: 0000000000000000 RSI: 0000000020001d00 RDI: 0000000000000004 [ 311.838920][T10943] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 311.846896][T10943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 311.854869][T10943] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 311.862858][T10943] [ 311.865922][ C0] vkms_vblank_simulate: vblank timer overrun [ 312.075960][T10945] team0: Port device team_slave_0 removed [ 312.385188][T10968] FAULT_INJECTION: forcing a failure. [ 312.385188][T10968] name failslab, interval 1, probability 0, space 0, times 0 [ 312.428861][T10968] CPU: 0 UID: 0 PID: 10968 Comm: syz.2.1394 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 312.439699][T10968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 312.449798][T10968] Call Trace: [ 312.453113][T10968] [ 312.456073][T10968] dump_stack_lvl+0x16c/0x1f0 [ 312.460805][T10968] should_fail_ex+0x497/0x5b0 [ 312.465521][T10968] ? fs_reclaim_acquire+0xae/0x150 [ 312.470681][T10968] should_failslab+0xc2/0x120 [ 312.475411][T10968] __kmalloc_noprof+0xce/0x4f0 [ 312.480220][T10968] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 312.485890][T10968] ? tomoyo_realpath_from_path+0xbf/0x710 [ 312.491627][T10968] ? rcu_is_watching+0x12/0xc0 [ 312.496408][T10968] tomoyo_realpath_from_path+0xbf/0x710 [ 312.501970][T10968] tomoyo_check_open_permission+0x2ad/0x3c0 [ 312.507882][T10968] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 312.514340][T10968] ? __pfx_hook_file_open+0x10/0x10 [ 312.519560][T10968] ? lock_acquire+0x2f/0xb0 [ 312.524078][T10968] ? mnt_get_write_access+0x6a/0x300 [ 312.529386][T10968] tomoyo_file_open+0x6b/0x90 [ 312.534078][T10968] security_file_open+0x84/0x1e0 [ 312.539025][T10968] do_dentry_open+0x57e/0x1ea0 [ 312.543800][T10968] ? inode_permission+0xdd/0x5f0 [ 312.548756][T10968] vfs_open+0x82/0x3f0 [ 312.552837][T10968] ? may_open+0x1f2/0x400 [ 312.557183][T10968] path_openat+0x1e6a/0x2d60 [ 312.561824][T10968] ? __pfx_path_openat+0x10/0x10 [ 312.566769][T10968] ? __pfx___lock_acquire+0x10/0x10 [ 312.571985][T10968] ? lock_acquire.part.0+0x11b/0x380 [ 312.577276][T10968] ? find_held_lock+0x2d/0x110 [ 312.582054][T10968] do_filp_open+0x20c/0x470 [ 312.586567][T10968] ? __pfx_do_filp_open+0x10/0x10 [ 312.591598][T10968] ? find_held_lock+0x2d/0x110 [ 312.596391][T10968] ? __pfx_kfree_link+0x10/0x10 [ 312.601268][T10968] ? alloc_fd+0x41f/0x760 [ 312.605615][T10968] do_sys_openat2+0x17a/0x1e0 [ 312.610311][T10968] ? __pfx_do_sys_openat2+0x10/0x10 [ 312.615526][T10968] ? __fget_files+0x206/0x3a0 [ 312.620214][T10968] __x64_sys_openat+0x175/0x210 [ 312.625095][T10968] ? __pfx___x64_sys_openat+0x10/0x10 [ 312.630495][T10968] ? ksys_write+0x1ba/0x250 [ 312.635014][T10968] do_syscall_64+0xcd/0x250 [ 312.639532][T10968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.645435][T10968] RIP: 0033:0x7f5282185d29 [ 312.649853][T10968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 312.669477][T10968] RSP: 002b:00007f527fff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 312.677901][T10968] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f5282185d29 [ 312.685879][T10968] RDX: 0000000000000002 RSI: 0000000020002180 RDI: ffffffffffffff9c [ 312.693866][T10968] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 312.701845][T10968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 312.709826][T10968] R13: 0000000000000001 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 312.717821][T10968] [ 312.720862][ C0] vkms_vblank_simulate: vblank timer overrun [ 312.743897][T10968] ERROR: Out of memory at tomoyo_realpath_from_path. [ 312.808783][T10966] erspan0: entered allmulticast mode [ 313.114222][T10979] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd31 [ 314.170399][T10977] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1397'. [ 314.195938][T11010] FAULT_INJECTION: forcing a failure. [ 314.195938][T11010] name failslab, interval 1, probability 0, space 0, times 0 [ 314.213723][T11010] CPU: 1 UID: 0 PID: 11010 Comm: syz.4.1407 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 314.224548][T11010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 314.234641][T11010] Call Trace: [ 314.237949][T11010] [ 314.240899][T11010] dump_stack_lvl+0x16c/0x1f0 [ 314.245614][T11010] should_fail_ex+0x497/0x5b0 [ 314.250337][T11010] ? fs_reclaim_acquire+0xae/0x150 [ 314.255487][T11010] should_failslab+0xc2/0x120 [ 314.260205][T11010] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 314.265616][T11010] ? alloc_empty_file+0x73/0x1e0 [ 314.270597][T11010] alloc_empty_file+0x73/0x1e0 [ 314.275403][T11010] path_openat+0xe1/0x2d60 [ 314.279854][T11010] ? hlock_class+0x4e/0x130 [ 314.284395][T11010] ? __lock_acquire+0x15a9/0x3c40 [ 314.289479][T11010] ? __pfx_path_openat+0x10/0x10 [ 314.294456][T11010] ? __pfx___lock_acquire+0x10/0x10 [ 314.299715][T11010] ? lock_acquire.part.0+0x11b/0x380 [ 314.305032][T11010] ? find_held_lock+0x2d/0x110 [ 314.309849][T11010] do_filp_open+0x20c/0x470 [ 314.314390][T11010] ? __pfx_do_filp_open+0x10/0x10 [ 314.319451][T11010] ? find_held_lock+0x2d/0x110 [ 314.324276][T11010] ? alloc_fd+0x41f/0x760 [ 314.328650][T11010] do_sys_openat2+0x17a/0x1e0 [ 314.333367][T11010] ? __pfx_do_sys_openat2+0x10/0x10 [ 314.338611][T11010] ? __fget_files+0x206/0x3a0 [ 314.343330][T11010] __x64_sys_openat+0x175/0x210 [ 314.348239][T11010] ? __pfx___x64_sys_openat+0x10/0x10 [ 314.353654][T11010] ? ksys_write+0x1ba/0x250 [ 314.358205][T11010] do_syscall_64+0xcd/0x250 [ 314.362752][T11010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.368704][T11010] RIP: 0033:0x7f6c80b85d29 [ 314.373158][T11010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.392806][T11010] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 314.401265][T11010] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 314.409276][T11010] RDX: 0000000000002183 RSI: 0000000020000280 RDI: ffffffffffffff9c [ 314.417286][T11010] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 314.425294][T11010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 314.433302][T11010] R13: 0000000000000001 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 314.441325][T11010] [ 314.619330][T11016] FAULT_INJECTION: forcing a failure. [ 314.619330][T11016] name failslab, interval 1, probability 0, space 0, times 0 [ 314.632790][T11016] CPU: 0 UID: 0 PID: 11016 Comm: syz.2.1411 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 314.643607][T11016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 314.653699][T11016] Call Trace: [ 314.656999][T11016] [ 314.659950][T11016] dump_stack_lvl+0x16c/0x1f0 [ 314.664676][T11016] should_fail_ex+0x497/0x5b0 [ 314.669403][T11016] should_failslab+0xc2/0x120 [ 314.674127][T11016] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 314.679540][T11016] ? skb_clone+0x190/0x3f0 [ 314.684008][T11016] skb_clone+0x190/0x3f0 [ 314.688295][T11016] netlink_deliver_tap+0xafd/0xca0 [ 314.693445][T11016] netlink_unicast+0x6b4/0x7f0 [ 314.698242][T11016] ? __pfx_netlink_unicast+0x10/0x10 [ 314.703559][T11016] ? genl_rcv_msg+0x4bd/0x800 [ 314.708365][T11016] netlink_ack+0x6a5/0xb20 [ 314.712837][T11016] netlink_rcv_skb+0x327/0x410 [ 314.717642][T11016] ? __pfx_genl_rcv_msg+0x10/0x10 [ 314.722710][T11016] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 314.728046][T11016] ? down_read+0xc9/0x330 [ 314.732422][T11016] ? __pfx_down_read+0x10/0x10 [ 314.737236][T11016] ? netlink_deliver_tap+0x1ae/0xca0 [ 314.742562][T11016] genl_rcv+0x28/0x40 [ 314.746581][T11016] netlink_unicast+0x53c/0x7f0 [ 314.751387][T11016] ? __pfx_netlink_unicast+0x10/0x10 [ 314.756710][T11016] ? __phys_addr_symbol+0x30/0x80 [ 314.761773][T11016] ? __check_object_size+0x488/0x710 [ 314.767119][T11016] netlink_sendmsg+0x8b8/0xd70 [ 314.771928][T11016] ? __pfx_netlink_sendmsg+0x10/0x10 [ 314.777260][T11016] ____sys_sendmsg+0x9ae/0xb40 [ 314.782044][T11016] ? copy_msghdr_from_user+0x10b/0x160 [ 314.787528][T11016] ? __pfx_____sys_sendmsg+0x10/0x10 [ 314.792838][T11016] ___sys_sendmsg+0x135/0x1e0 [ 314.797533][T11016] ? __pfx____sys_sendmsg+0x10/0x10 [ 314.802756][T11016] ? __pfx_lock_release+0x10/0x10 [ 314.807811][T11016] ? trace_lock_acquire+0x14e/0x1f0 [ 314.813030][T11016] ? __fget_files+0x206/0x3a0 [ 314.817825][T11016] __sys_sendmsg+0x16e/0x220 [ 314.822428][T11016] ? __pfx___sys_sendmsg+0x10/0x10 [ 314.827574][T11016] do_syscall_64+0xcd/0x250 [ 314.832097][T11016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.838000][T11016] RIP: 0033:0x7f5282185d29 [ 314.842418][T11016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.862126][T11016] RSP: 002b:00007f527fff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 314.870548][T11016] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f5282185d29 [ 314.878523][T11016] RDX: 0000000000000080 RSI: 0000000020001d00 RDI: 0000000000000003 [ 314.886501][T11016] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 314.894911][T11016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 314.902891][T11016] R13: 0000000000000000 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 314.910883][T11016] [ 314.914015][ C0] vkms_vblank_simulate: vblank timer overrun [ 314.921697][ T29] audit: type=1800 audit(4294967390.084:8): pid=11013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1409" name="lu_gp_id" dev="configfs" ino=29758 res=0 errno=0 [ 315.723285][T11046] Process accounting resumed [ 315.899994][T11025] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1413'. [ 316.457035][T11059] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1421'. [ 316.842546][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1419'. [ 316.956062][T11052] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1427'. [ 318.215899][T11092] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1431'. [ 318.895216][T11134] FAULT_INJECTION: forcing a failure. [ 318.895216][T11134] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 318.908623][T11134] CPU: 1 UID: 0 PID: 11134 Comm: syz.5.1446 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 318.919434][T11134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 318.929524][T11134] Call Trace: [ 318.932830][T11134] [ 318.935786][T11134] dump_stack_lvl+0x16c/0x1f0 [ 318.940504][T11134] should_fail_ex+0x497/0x5b0 [ 318.945224][T11134] _copy_from_iter+0x29b/0x1400 [ 318.950137][T11134] ? _copy_from_iter+0x159/0x1400 [ 318.955206][T11134] ? __pfx__copy_from_iter+0x10/0x10 [ 318.960537][T11134] ? __pfx__copy_from_iter+0x10/0x10 [ 318.965861][T11134] ? __virt_addr_valid+0x1a4/0x590 [ 318.971021][T11134] copy_page_from_iter+0xa5/0x120 [ 318.976087][T11134] skb_copy_datagram_from_iter+0x29b/0x710 [ 318.981936][T11134] tun_get_user+0x197f/0x3e30 [ 318.986667][T11134] ? __pfx_tun_get_user+0x10/0x10 [ 318.991733][T11134] ? find_held_lock+0x2d/0x110 [ 318.996534][T11134] ? __pfx_lock_release+0x10/0x10 [ 319.001599][T11134] tun_chr_write_iter+0xdc/0x210 [ 319.006573][T11134] vfs_write+0x5ae/0x1150 [ 319.010937][T11134] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 319.016514][T11134] ? __pfx_lock_release+0x10/0x10 [ 319.021563][T11134] ? __pfx_vfs_write+0x10/0x10 [ 319.026349][T11134] ? lock_acquire+0x2f/0xb0 [ 319.030866][T11134] ? __fget_files+0x40/0x3a0 [ 319.035483][T11134] __x64_sys_pwrite64+0x1f6/0x250 [ 319.040522][T11134] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 319.046083][T11134] do_syscall_64+0xcd/0x250 [ 319.050599][T11134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.056504][T11134] RIP: 0033:0x7f0e75585d29 [ 319.060925][T11134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.080539][T11134] RSP: 002b:00007f0e7634c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 319.088961][T11134] RAX: ffffffffffffffda RBX: 00007f0e75775fa0 RCX: 00007f0e75585d29 [ 319.096936][T11134] RDX: 000000000000fdef RSI: 0000000020000000 RDI: 00000000000000c8 [ 319.104911][T11134] RBP: 00007f0e7634c090 R08: 0000000000000000 R09: 0000000000000000 [ 319.112886][T11134] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002 [ 319.120863][T11134] R13: 0000000000000001 R14: 00007f0e75775fa0 R15: 00007fffd5d1c218 [ 319.128850][T11134] [ 319.445902][T11136] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1447'. [ 319.491484][T11120] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1441'. [ 319.762730][T11146] FAULT_INJECTION: forcing a failure. [ 319.762730][T11146] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 319.778710][T11146] CPU: 1 UID: 0 PID: 11146 Comm: syz.0.1450 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 319.789525][T11146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 319.799586][T11146] Call Trace: [ 319.802876][T11146] [ 319.805811][T11146] dump_stack_lvl+0x16c/0x1f0 [ 319.810505][T11146] should_fail_ex+0x497/0x5b0 [ 319.815196][T11146] _copy_from_user+0x2e/0xd0 [ 319.819803][T11146] copy_msghdr_from_user+0x99/0x160 [ 319.825013][T11146] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 319.830831][T11146] ? __lock_acquire+0xcc5/0x3c40 [ 319.835795][T11146] ___sys_sendmsg+0xff/0x1e0 [ 319.840407][T11146] ? __pfx____sys_sendmsg+0x10/0x10 [ 319.845634][T11146] ? trace_lock_acquire+0x14e/0x1f0 [ 319.850859][T11146] __sys_sendmmsg+0x201/0x420 [ 319.855550][T11146] ? __pfx___sys_sendmmsg+0x10/0x10 [ 319.860772][T11146] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 319.866771][T11146] ? fput+0x67/0x440 [ 319.870678][T11146] ? ksys_write+0x1ba/0x250 [ 319.875189][T11146] ? __pfx_ksys_write+0x10/0x10 [ 319.880058][T11146] __x64_sys_sendmmsg+0x9c/0x100 [ 319.885009][T11146] ? lockdep_hardirqs_on+0x7c/0x110 [ 319.890215][T11146] do_syscall_64+0xcd/0x250 [ 319.894729][T11146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.900637][T11146] RIP: 0033:0x7fc95ad85d29 [ 319.905055][T11146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.924696][T11146] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 319.933118][T11146] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 319.941093][T11146] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 319.949065][T11146] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 319.957038][T11146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 319.965010][T11146] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 319.972999][T11146] [ 320.599384][T11144] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1449'. [ 321.000227][T11151] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1452'. [ 321.377210][T11170] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 321.383350][T11170] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 321.863203][T11170] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 321.869433][T11170] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 323.105694][T11195] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1463'. [ 323.183291][T11197] Process accounting resumed [ 323.213161][T11197] FAULT_INJECTION: forcing a failure. [ 323.213161][T11197] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 323.308452][T11197] CPU: 0 UID: 0 PID: 11197 Comm: syz.2.1462 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 323.319296][T11197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 323.329389][T11197] Call Trace: [ 323.332688][T11197] [ 323.335641][T11197] dump_stack_lvl+0x16c/0x1f0 [ 323.340361][T11197] should_fail_ex+0x497/0x5b0 [ 323.345079][T11197] _copy_to_user+0x32/0xd0 [ 323.349537][T11197] simple_read_from_buffer+0xd0/0x160 [ 323.354958][T11197] proc_fail_nth_read+0x198/0x270 [ 323.360020][T11197] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 323.365608][T11197] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 323.371196][T11197] vfs_read+0x1df/0xbe0 [ 323.375476][T11197] ? __fget_files+0x1fc/0x3a0 [ 323.380188][T11197] ? __pfx___mutex_lock+0x10/0x10 [ 323.385259][T11197] ? __pfx_vfs_read+0x10/0x10 [ 323.389981][T11197] ? __fget_files+0x206/0x3a0 [ 323.394697][T11197] ksys_read+0x12b/0x250 [ 323.398973][T11197] ? __pfx_ksys_read+0x10/0x10 [ 323.403791][T11197] do_syscall_64+0xcd/0x250 [ 323.408341][T11197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.414255][T11197] RIP: 0033:0x7f528218473c [ 323.418681][T11197] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 323.438303][T11197] RSP: 002b:00007f527fff6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 323.446726][T11197] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f528218473c [ 323.454705][T11197] RDX: 000000000000000f RSI: 00007f527fff60a0 RDI: 0000000000000003 [ 323.462683][T11197] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 323.470660][T11197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 323.478636][T11197] R13: 0000000000000000 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 323.486629][T11197] [ 323.496565][ T53] Bluetooth: hci2: command 0x0406 tx timeout [ 323.502633][ T53] Bluetooth: hci0: command 0x0406 tx timeout [ 323.945137][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 323.951328][ T53] Bluetooth: hci4: command 0x0406 tx timeout [ 324.180526][T11199] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1464'. [ 324.372473][T11222] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1470'. [ 324.391617][T11222] netlink: 214 bytes leftover after parsing attributes in process `syz.5.1470'. [ 324.407325][T11222] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 324.414947][T11222] IPv6: NLM_F_CREATE should be set when creating new route [ 324.422315][T11222] IPv6: NLM_F_CREATE should be set when creating new route [ 324.429687][T11222] IPv6: NLM_F_CREATE should be set when creating new route [ 324.496278][T11221] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 324.518253][T11221] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 324.560273][T11221] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 324.639035][T11221] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 324.914724][T11230] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1472'. [ 325.461839][T11244] FAULT_INJECTION: forcing a failure. [ 325.461839][T11244] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 325.475079][T11244] CPU: 1 UID: 0 PID: 11244 Comm: syz.2.1476 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 325.485879][T11244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 325.495948][T11244] Call Trace: [ 325.499229][T11244] [ 325.502170][T11244] dump_stack_lvl+0x16c/0x1f0 [ 325.506869][T11244] should_fail_ex+0x497/0x5b0 [ 325.511571][T11244] _copy_from_user+0x2e/0xd0 [ 325.516180][T11244] copy_msghdr_from_user+0x99/0x160 [ 325.521393][T11244] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 325.527222][T11244] ___sys_sendmsg+0xff/0x1e0 [ 325.531830][T11244] ? __pfx____sys_sendmsg+0x10/0x10 [ 325.537054][T11244] ? __pfx_lock_release+0x10/0x10 [ 325.542084][T11244] ? trace_lock_acquire+0x14e/0x1f0 [ 325.547302][T11244] ? __fget_files+0x206/0x3a0 [ 325.551999][T11244] __sys_sendmsg+0x16e/0x220 [ 325.556608][T11244] ? __pfx___sys_sendmsg+0x10/0x10 [ 325.561751][T11244] do_syscall_64+0xcd/0x250 [ 325.566286][T11244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.572194][T11244] RIP: 0033:0x7f5282185d29 [ 325.576616][T11244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.596325][T11244] RSP: 002b:00007f527fff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 325.604752][T11244] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f5282185d29 [ 325.612737][T11244] RDX: 0000000020040894 RSI: 0000000020000080 RDI: 0000000000000003 [ 325.620728][T11244] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 325.628705][T11244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 325.636682][T11244] R13: 0000000000000000 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 325.644681][T11244] [ 326.060914][T11233] delete_channel: no stack [ 326.575249][ T5836] Bluetooth: hci4: command 0x0406 tx timeout [ 326.581640][ T5836] Bluetooth: hci2: command 0x0406 tx timeout [ 326.588727][ T53] Bluetooth: hci0: command 0x0406 tx timeout [ 326.655109][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 327.036304][T11266] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1483'. [ 328.182623][T11275] delete_channel: no stack [ 328.711282][T11301] FAULT_INJECTION: forcing a failure. [ 328.711282][T11301] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 328.749845][T11301] CPU: 0 UID: 0 PID: 11301 Comm: syz.0.1493 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 328.760680][T11301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 328.770778][T11301] Call Trace: [ 328.774084][T11301] [ 328.777039][T11301] dump_stack_lvl+0x16c/0x1f0 [ 328.781770][T11301] should_fail_ex+0x497/0x5b0 [ 328.786487][T11301] ? fs_reclaim_acquire+0xae/0x150 [ 328.791655][T11301] should_fail_alloc_page+0xe7/0x130 [ 328.796990][T11301] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 328.803192][T11301] __alloc_pages_noprof+0x190/0x25b0 [ 328.808535][T11301] ? __pfx_mark_lock+0x10/0x10 [ 328.813354][T11301] ? __pfx___lock_acquire+0x10/0x10 [ 328.818609][T11301] ? __pfx_mark_lock+0x10/0x10 [ 328.823422][T11301] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 328.829185][T11301] ? find_held_lock+0x2d/0x110 [ 328.833994][T11301] ? hlock_class+0x4e/0x130 [ 328.838532][T11301] ? __lock_acquire+0xcc5/0x3c40 [ 328.843528][T11301] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 328.849464][T11301] ? policy_nodemask+0xea/0x4e0 [ 328.854362][T11301] alloc_pages_mpol_noprof+0x2c9/0x610 [ 328.859860][T11301] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 328.865866][T11301] ? find_held_lock+0x2d/0x110 [ 328.870648][T11301] folio_alloc_mpol_noprof+0x36/0xd0 [ 328.875954][T11301] shmem_alloc_folio+0x135/0x160 [ 328.880910][T11301] shmem_alloc_and_add_folio+0x48b/0xc00 [ 328.886550][T11301] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 328.892457][T11301] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 328.898621][T11301] ? shmem_huge_global_enabled+0x176/0x250 [ 328.904529][T11301] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 328.910436][T11301] shmem_get_folio_gfp+0x689/0x1530 [ 328.915647][T11301] ? mark_lock+0xb5/0xc60 [ 328.919993][T11301] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 328.925636][T11301] ? __pfx_mark_lock+0x10/0x10 [ 328.930418][T11301] shmem_fault+0x200/0xae0 [ 328.934861][T11301] ? __pfx_shmem_fault+0x10/0x10 [ 328.939832][T11301] ? __pfx_lock_release+0x10/0x10 [ 328.944872][T11301] ? __mod_memcg_lruvec_state+0x53c/0x750 [ 328.950691][T11301] ? __pfx_filemap_map_pages+0x10/0x10 [ 328.956160][T11301] ? mark_held_locks+0x9f/0xe0 [ 328.960940][T11301] ? pte_alloc_one+0x2a3/0x390 [ 328.965723][T11301] ? __pfx_filemap_map_pages+0x10/0x10 [ 328.971190][T11301] __do_fault+0x10a/0x490 [ 328.975528][T11301] ? __pfx_filemap_map_pages+0x10/0x10 [ 328.981027][T11301] do_pte_missing+0x1a8/0x3e00 [ 328.985832][T11301] __handle_mm_fault+0x103c/0x2a40 [ 328.990979][T11301] ? __pfx___handle_mm_fault+0x10/0x10 [ 328.996454][T11301] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 329.002112][T11301] ? find_vma+0xc0/0x140 [ 329.006378][T11301] ? __pfx_find_vma+0x10/0x10 [ 329.011069][T11301] handle_mm_fault+0x3fa/0xaa0 [ 329.015854][T11301] do_user_addr_fault+0x7a3/0x13f0 [ 329.020982][T11301] exc_page_fault+0x5c/0xc0 [ 329.025496][T11301] asm_exc_page_fault+0x26/0x30 [ 329.030354][T11301] RIP: 0010:rep_movs_alternative+0x15/0x70 [ 329.036177][T11301] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 [ 329.055792][T11301] RSP: 0018:ffffc900032b7af8 EFLAGS: 00050202 [ 329.061874][T11301] RAX: 0000000000000033 RBX: 0000000000000000 RCX: 0000000000000002 [ 329.069852][T11301] RDX: ffffed10069f7c01 RSI: ffff888034fbe000 RDI: 0000000000000000 [ 329.077834][T11301] RBP: ffffc900032b7da0 R08: 0000000000000000 R09: ffffed10069f7c00 [ 329.085817][T11301] R10: ffff888034fbe001 R11: 0000000000000002 R12: 0000000000000002 [ 329.093793][T11301] R13: 00007ffffffff000 R14: ffff888034fbe000 R15: 0000000000000002 [ 329.101789][T11301] _copy_to_iter+0x384/0x1400 [ 329.106496][T11301] ? trace_lock_acquire+0x14e/0x1f0 [ 329.111707][T11301] ? __pfx_lock_release+0x10/0x10 [ 329.116739][T11301] ? __pfx__copy_to_iter+0x10/0x10 [ 329.121862][T11301] ? __virt_addr_valid+0x1a4/0x590 [ 329.127007][T11301] ? __virt_addr_valid+0x5e/0x590 [ 329.132060][T11301] ? __phys_addr_symbol+0x30/0x80 [ 329.137100][T11301] ? __check_object_size+0x488/0x710 [ 329.142409][T11301] seq_read_iter+0xd00/0x12b0 [ 329.147108][T11301] kernfs_fop_read_iter+0x414/0x580 [ 329.152319][T11301] ? rw_verify_area+0xd0/0x700 [ 329.157090][T11301] vfs_read+0x87f/0xbe0 [ 329.161257][T11301] ? __pfx_vfs_read+0x10/0x10 [ 329.165958][T11301] ksys_read+0x12b/0x250 [ 329.170208][T11301] ? __pfx_ksys_read+0x10/0x10 [ 329.174987][T11301] do_syscall_64+0xcd/0x250 [ 329.179503][T11301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.185410][T11301] RIP: 0033:0x7fc95ad85d29 [ 329.189837][T11301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.209456][T11301] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 329.217883][T11301] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 329.225865][T11301] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 329.233845][T11301] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 329.241822][T11301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.249798][T11301] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 329.257791][T11301] [ 329.260836][ C0] vkms_vblank_simulate: vblank timer overrun [ 330.590447][T11304] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1502'. [ 331.026270][T11327] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 331.613220][T11319] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1498'. [ 331.679106][T11345] FAULT_INJECTION: forcing a failure. [ 331.679106][T11345] name failslab, interval 1, probability 0, space 0, times 0 [ 331.724880][T11345] CPU: 0 UID: 0 PID: 11345 Comm: syz.4.1504 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 331.735714][T11345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 331.745794][T11345] Call Trace: [ 331.749076][T11345] [ 331.752006][T11345] dump_stack_lvl+0x16c/0x1f0 [ 331.756698][T11345] should_fail_ex+0x497/0x5b0 [ 331.761385][T11345] ? fs_reclaim_acquire+0xae/0x150 [ 331.766504][T11345] should_failslab+0xc2/0x120 [ 331.771194][T11345] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 331.777014][T11345] ? __alloc_skb+0x2b3/0x380 [ 331.781632][T11345] __alloc_skb+0x2b3/0x380 [ 331.786060][T11345] ? __pfx___alloc_skb+0x10/0x10 [ 331.791007][T11345] ? genl_rcv_msg+0x470/0x800 [ 331.795694][T11345] ? genl_rcv_msg+0x4bd/0x800 [ 331.800389][T11345] netlink_ack+0x164/0xb20 [ 331.804821][T11345] netlink_rcv_skb+0x327/0x410 [ 331.809596][T11345] ? __pfx_genl_rcv_msg+0x10/0x10 [ 331.814631][T11345] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 331.819933][T11345] ? down_read+0xc9/0x330 [ 331.824281][T11345] ? __pfx_down_read+0x10/0x10 [ 331.829144][T11345] ? netlink_deliver_tap+0x1ae/0xca0 [ 331.834437][T11345] genl_rcv+0x28/0x40 [ 331.838427][T11345] netlink_unicast+0x53c/0x7f0 [ 331.843205][T11345] ? __pfx_netlink_unicast+0x10/0x10 [ 331.848500][T11345] ? __phys_addr_symbol+0x30/0x80 [ 331.853535][T11345] ? __check_object_size+0x488/0x710 [ 331.858839][T11345] netlink_sendmsg+0x8b8/0xd70 [ 331.863612][T11345] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.868913][T11345] ____sys_sendmsg+0x9ae/0xb40 [ 331.873683][T11345] ? copy_msghdr_from_user+0x10b/0x160 [ 331.879158][T11345] ? __pfx_____sys_sendmsg+0x10/0x10 [ 331.884551][T11345] ___sys_sendmsg+0x135/0x1e0 [ 331.889251][T11345] ? __pfx____sys_sendmsg+0x10/0x10 [ 331.894559][T11345] ? __pfx_lock_release+0x10/0x10 [ 331.899598][T11345] ? trace_lock_acquire+0x14e/0x1f0 [ 331.904818][T11345] ? __fget_files+0x206/0x3a0 [ 331.909510][T11345] __sys_sendmsg+0x16e/0x220 [ 331.914110][T11345] ? __pfx___sys_sendmsg+0x10/0x10 [ 331.919248][T11345] do_syscall_64+0xcd/0x250 [ 331.923769][T11345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.929671][T11345] RIP: 0033:0x7f6c80b85d29 [ 331.934089][T11345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.953723][T11345] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 331.962153][T11345] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 331.970141][T11345] RDX: 0000000000000000 RSI: 0000000020001d00 RDI: 0000000000000004 [ 331.978123][T11345] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 331.986098][T11345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 331.994076][T11345] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 332.002063][T11345] [ 332.005141][ C0] vkms_vblank_simulate: vblank timer overrun [ 332.036693][T11333] delete_channel: no stack [ 332.699225][T11357] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1509'. [ 333.112661][T11373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 334.199070][T11391] delete_channel: no stack [ 335.180415][ T29] audit: type=1800 audit(4294967410.624:9): pid=11418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1526" name="lu_gp_id" dev="configfs" ino=31119 res=0 errno=0 [ 335.410649][T11428] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1527'. [ 336.045108][T11440] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1531'. [ 336.229163][ T29] audit: type=1800 audit(4294967411.674:10): pid=11443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1532" name="lu_gp_id" dev="configfs" ino=31153 res=0 errno=0 [ 336.325216][T11414] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1524'. [ 337.585525][T11470] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1537'. [ 338.954795][T11484] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1539'. [ 338.995345][T11487] FAULT_INJECTION: forcing a failure. [ 338.995345][T11487] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 339.009349][T11487] CPU: 1 UID: 0 PID: 11487 Comm: syz.0.1540 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 339.020158][T11487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 339.030251][T11487] Call Trace: [ 339.033562][T11487] [ 339.036526][T11487] dump_stack_lvl+0x16c/0x1f0 [ 339.041250][T11487] should_fail_ex+0x497/0x5b0 [ 339.045974][T11487] _copy_to_user+0x32/0xd0 [ 339.050436][T11487] snd_ctl_elem_info_user+0x1ab/0x200 [ 339.055849][T11487] ? __pfx_snd_ctl_elem_info_user+0x10/0x10 [ 339.061817][T11487] snd_ctl_ioctl+0x379/0x1080 [ 339.066530][T11487] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 339.071762][T11487] ? __pfx_lock_release+0x10/0x10 [ 339.076818][T11487] ? trace_lock_acquire+0x14e/0x1f0 [ 339.082067][T11487] ? __fget_files+0x206/0x3a0 [ 339.086786][T11487] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 339.091932][T11487] __x64_sys_ioctl+0x190/0x200 [ 339.096730][T11487] do_syscall_64+0xcd/0x250 [ 339.101269][T11487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.107202][T11487] RIP: 0033:0x7fc95ad85d29 [ 339.111646][T11487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.131286][T11487] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.139715][T11487] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 339.147691][T11487] RDX: 0000000000000000 RSI: 00000000c1105511 RDI: 0000000000000003 [ 339.155667][T11487] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 339.163643][T11487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.171619][T11487] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 339.179606][T11487] [ 339.207228][T11450] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1535'. [ 339.725194][T11500] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1544'. [ 343.520438][T11572] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1565'. [ 344.550026][T11597] FAULT_INJECTION: forcing a failure. [ 344.550026][T11597] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 344.571497][T11597] CPU: 1 UID: 0 PID: 11597 Comm: syz.5.1573 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 344.582321][T11597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 344.592385][T11597] Call Trace: [ 344.595665][T11597] [ 344.598598][T11597] dump_stack_lvl+0x16c/0x1f0 [ 344.603288][T11597] should_fail_ex+0x497/0x5b0 [ 344.607976][T11597] _copy_from_iter+0x29b/0x1400 [ 344.612839][T11597] ? trace_lock_acquire+0x14e/0x1f0 [ 344.618050][T11597] ? __alloc_skb+0x200/0x380 [ 344.622656][T11597] ? __pfx__copy_from_iter+0x10/0x10 [ 344.627954][T11597] ? __virt_addr_valid+0x1a4/0x590 [ 344.633078][T11597] ? __virt_addr_valid+0x5e/0x590 [ 344.638110][T11597] ? __phys_addr_symbol+0x30/0x80 [ 344.643143][T11597] ? __check_object_size+0x488/0x710 [ 344.648458][T11597] netlink_sendmsg+0x813/0xd70 [ 344.653241][T11597] ? __pfx_netlink_sendmsg+0x10/0x10 [ 344.658548][T11597] ____sys_sendmsg+0x9ae/0xb40 [ 344.663323][T11597] ? copy_msghdr_from_user+0x10b/0x160 [ 344.668795][T11597] ? __pfx_____sys_sendmsg+0x10/0x10 [ 344.674088][T11597] ? __lock_acquire+0xcc5/0x3c40 [ 344.679043][T11597] ? hlock_class+0x4e/0x130 [ 344.683554][T11597] ? __lock_acquire+0x15a9/0x3c40 [ 344.688596][T11597] ___sys_sendmsg+0x135/0x1e0 [ 344.693291][T11597] ? __pfx____sys_sendmsg+0x10/0x10 [ 344.698585][T11597] ? __pfx___lock_acquire+0x10/0x10 [ 344.703826][T11597] ? __pfx___might_resched+0x10/0x10 [ 344.709118][T11597] ? __might_fault+0xe3/0x190 [ 344.713813][T11597] __sys_sendmmsg+0x201/0x420 [ 344.718504][T11597] ? __pfx___sys_sendmmsg+0x10/0x10 [ 344.723723][T11597] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 344.729721][T11597] ? fput+0x67/0x440 [ 344.733630][T11597] ? ksys_write+0x1ba/0x250 [ 344.738139][T11597] ? __pfx_ksys_write+0x10/0x10 [ 344.743002][T11597] __x64_sys_sendmmsg+0x9c/0x100 [ 344.747951][T11597] ? lockdep_hardirqs_on+0x7c/0x110 [ 344.753156][T11597] do_syscall_64+0xcd/0x250 [ 344.757672][T11597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.763574][T11597] RIP: 0033:0x7f0e75585d29 [ 344.768021][T11597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.787642][T11597] RSP: 002b:00007f0e7634c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 344.796066][T11597] RAX: ffffffffffffffda RBX: 00007f0e75775fa0 RCX: 00007f0e75585d29 [ 344.804044][T11597] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 344.812019][T11597] RBP: 00007f0e7634c090 R08: 0000000000000000 R09: 0000000000000000 [ 344.819992][T11597] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002 [ 344.827968][T11597] R13: 0000000000000000 R14: 00007f0e75775fa0 R15: 00007fffd5d1c218 [ 344.835958][T11597] [ 345.846426][T11630] FAULT_INJECTION: forcing a failure. [ 345.846426][T11630] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 345.856095][T11600] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1574'. [ 345.915571][T11600] Process accounting paused [ 345.923202][T11630] CPU: 1 UID: 0 PID: 11630 Comm: syz.2.1585 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 345.934019][T11630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 345.944093][T11630] Call Trace: [ 345.947397][T11630] [ 345.950350][T11630] dump_stack_lvl+0x16c/0x1f0 [ 345.955064][T11630] should_fail_ex+0x497/0x5b0 [ 345.959785][T11630] _copy_from_iter+0x29b/0x1400 [ 345.964682][T11630] ? _copy_from_iter+0x159/0x1400 [ 345.969750][T11630] ? __pfx__copy_from_iter+0x10/0x10 [ 345.975076][T11630] ? __pfx__copy_from_iter+0x10/0x10 [ 345.980401][T11630] ? __virt_addr_valid+0x1a4/0x590 [ 345.985567][T11630] copy_page_from_iter+0xa5/0x120 [ 345.990638][T11630] skb_copy_datagram_from_iter+0x29b/0x710 [ 345.996488][T11630] tun_get_user+0x197f/0x3e30 [ 346.001213][T11630] ? __pfx_tun_get_user+0x10/0x10 [ 346.006273][T11630] ? find_held_lock+0x2d/0x110 [ 346.011085][T11630] ? __pfx_lock_release+0x10/0x10 [ 346.016159][T11630] tun_chr_write_iter+0xdc/0x210 [ 346.021141][T11630] vfs_write+0x5ae/0x1150 [ 346.025511][T11630] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 346.031100][T11630] ? __pfx_lock_release+0x10/0x10 [ 346.036158][T11630] ? __pfx_vfs_write+0x10/0x10 [ 346.040960][T11630] ? lock_acquire+0x2f/0xb0 [ 346.045491][T11630] ? __fget_files+0x40/0x3a0 [ 346.050133][T11630] __x64_sys_pwrite64+0x1f6/0x250 [ 346.055197][T11630] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 346.060798][T11630] do_syscall_64+0xcd/0x250 [ 346.065347][T11630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.071284][T11630] RIP: 0033:0x7f5282185d29 [ 346.075730][T11630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.095363][T11630] RSP: 002b:00007f527fff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 346.103791][T11630] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f5282185d29 [ 346.111781][T11630] RDX: 000000000000fdef RSI: 0000000020000000 RDI: 00000000000000c8 [ 346.119785][T11630] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 346.127788][T11630] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002 [ 346.135795][T11630] R13: 0000000000000001 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 346.143823][T11630] [ 346.210337][T11634] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1587'. [ 346.239428][T11620] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1580'. [ 346.641587][T11660] FAULT_INJECTION: forcing a failure. [ 346.641587][T11660] name failslab, interval 1, probability 0, space 0, times 0 [ 346.660821][T11660] CPU: 1 UID: 0 PID: 11660 Comm: syz.0.1596 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 346.671664][T11660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 346.681739][T11660] Call Trace: [ 346.685023][T11660] [ 346.687954][T11660] dump_stack_lvl+0x16c/0x1f0 [ 346.692649][T11660] should_fail_ex+0x497/0x5b0 [ 346.697337][T11660] ? fs_reclaim_acquire+0xae/0x150 [ 346.702460][T11660] should_failslab+0xc2/0x120 [ 346.707163][T11660] __kmalloc_node_noprof+0xd1/0x520 [ 346.712379][T11660] ? __pfx___mutex_lock+0x10/0x10 [ 346.717413][T11660] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 346.722885][T11660] __kvmalloc_node_noprof+0xad/0x1a0 [ 346.728190][T11660] traverse.part.0.constprop.0+0x392/0x640 [ 346.734003][T11660] ? __pfx_lock_release+0x10/0x10 [ 346.739038][T11660] seq_read_iter+0x934/0x12b0 [ 346.743730][T11660] seq_read+0x39f/0x4e0 [ 346.747889][T11660] ? __pfx_seq_read+0x10/0x10 [ 346.752586][T11660] ? __pfx_seq_read+0x10/0x10 [ 346.757273][T11660] proc_reg_read+0x23d/0x330 [ 346.761872][T11660] ? __pfx_proc_reg_read+0x10/0x10 [ 346.766992][T11660] vfs_read+0x1df/0xbe0 [ 346.771253][T11660] ? __fget_files+0x1fc/0x3a0 [ 346.775938][T11660] ? __pfx_lock_release+0x10/0x10 [ 346.780964][T11660] ? __pfx_vfs_read+0x10/0x10 [ 346.785649][T11660] ? lock_acquire+0x2f/0xb0 [ 346.790151][T11660] ? __fget_files+0x40/0x3a0 [ 346.794756][T11660] ? __fget_files+0x206/0x3a0 [ 346.799446][T11660] __x64_sys_pread64+0x1f6/0x250 [ 346.804399][T11660] ? __pfx___x64_sys_pread64+0x10/0x10 [ 346.809880][T11660] do_syscall_64+0xcd/0x250 [ 346.814398][T11660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.820301][T11660] RIP: 0033:0x7fc95ad85d29 [ 346.824720][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.844345][T11660] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 346.852765][T11660] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 346.860742][T11660] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000003 [ 346.868715][T11660] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 346.876689][T11660] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 346.884661][T11660] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 346.892648][T11660] [ 346.969355][ T29] audit: type=1800 audit(4294967422.414:11): pid=11667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1599" name="discovery_nqn" dev="configfs" ino=31878 res=0 errno=0 [ 347.281125][T11676] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1601'. [ 348.022602][T11691] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1605'. [ 348.810635][T11709] FAULT_INJECTION: forcing a failure. [ 348.810635][T11709] name failslab, interval 1, probability 0, space 0, times 0 [ 348.854952][T11709] CPU: 1 UID: 0 PID: 11709 Comm: syz.0.1609 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 348.865768][T11709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 348.875831][T11709] Call Trace: [ 348.879134][T11709] [ 348.882092][T11709] dump_stack_lvl+0x16c/0x1f0 [ 348.886804][T11709] should_fail_ex+0x497/0x5b0 [ 348.891515][T11709] ? fs_reclaim_acquire+0xae/0x150 [ 348.896665][T11709] should_failslab+0xc2/0x120 [ 348.901385][T11709] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 348.907231][T11709] ? __alloc_skb+0x2b3/0x380 [ 348.911871][T11709] __alloc_skb+0x2b3/0x380 [ 348.916334][T11709] ? __pfx___alloc_skb+0x10/0x10 [ 348.921316][T11709] ? lock_acquire+0x2f/0xb0 [ 348.925858][T11709] netlink_alloc_large_skb+0x69/0x130 [ 348.931267][T11709] netlink_sendmsg+0x689/0xd70 [ 348.936071][T11709] ? __pfx_netlink_sendmsg+0x10/0x10 [ 348.941409][T11709] ____sys_sendmsg+0x9ae/0xb40 [ 348.946216][T11709] ? copy_msghdr_from_user+0x10b/0x160 [ 348.951719][T11709] ? __pfx_____sys_sendmsg+0x10/0x10 [ 348.957040][T11709] ? __lock_acquire+0xcc5/0x3c40 [ 348.962018][T11709] ___sys_sendmsg+0x135/0x1e0 [ 348.966735][T11709] ? __pfx____sys_sendmsg+0x10/0x10 [ 348.971997][T11709] ? trace_lock_acquire+0x14e/0x1f0 [ 348.977233][T11709] __sys_sendmmsg+0x201/0x420 [ 348.981941][T11709] ? __pfx___sys_sendmmsg+0x10/0x10 [ 348.987163][T11709] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 348.993161][T11709] ? fput+0x67/0x440 [ 348.997077][T11709] ? ksys_write+0x1ba/0x250 [ 349.001592][T11709] ? __pfx_ksys_write+0x10/0x10 [ 349.006455][T11709] __x64_sys_sendmmsg+0x9c/0x100 [ 349.011406][T11709] ? lockdep_hardirqs_on+0x7c/0x110 [ 349.016615][T11709] do_syscall_64+0xcd/0x250 [ 349.021131][T11709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.027035][T11709] RIP: 0033:0x7fc95ad85d29 [ 349.031456][T11709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.051072][T11709] RSP: 002b:00007fc95bb70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 349.059510][T11709] RAX: ffffffffffffffda RBX: 00007fc95af76080 RCX: 00007fc95ad85d29 [ 349.067491][T11709] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 349.075467][T11709] RBP: 00007fc95bb70090 R08: 0000000000000000 R09: 0000000000000000 [ 349.083440][T11709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.091415][T11709] R13: 0000000000000000 R14: 00007fc95af76080 R15: 00007ffeb3fa8b78 [ 349.099404][T11709] [ 349.315274][T11723] FAULT_INJECTION: forcing a failure. [ 349.315274][T11723] name failslab, interval 1, probability 0, space 0, times 0 [ 349.335036][T11723] CPU: 0 UID: 0 PID: 11723 Comm: syz.0.1613 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 349.345869][T11723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 349.355953][T11723] Call Trace: [ 349.359253][T11723] [ 349.362200][T11723] dump_stack_lvl+0x16c/0x1f0 [ 349.366919][T11723] should_fail_ex+0x497/0x5b0 [ 349.371635][T11723] ? fs_reclaim_acquire+0xae/0x150 [ 349.376788][T11723] should_failslab+0xc2/0x120 [ 349.381499][T11723] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 349.387312][T11723] ? __alloc_skb+0x2b3/0x380 [ 349.391920][T11723] ? genl_start+0x1e7/0x960 [ 349.396458][T11723] __alloc_skb+0x2b3/0x380 [ 349.400912][T11723] ? __pfx___alloc_skb+0x10/0x10 [ 349.405886][T11723] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.412016][T11723] netlink_dump+0x699/0xd00 [ 349.416565][T11723] ? __pfx_netlink_dump+0x10/0x10 [ 349.421640][T11723] ? kasan_save_track+0x14/0x30 [ 349.426532][T11723] ? __kasan_kmalloc+0xaa/0xb0 [ 349.431348][T11723] ? genl_start+0x67d/0x960 [ 349.435907][T11723] __netlink_dump_start+0x6d9/0x980 [ 349.441178][T11723] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 349.446942][T11723] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 349.453231][T11723] ? genl_op_from_small+0x25/0x440 [ 349.458399][T11723] ? __pfx_genl_get_cmd+0x10/0x10 [ 349.463477][T11723] ? __pfx_genl_start+0x10/0x10 [ 349.468368][T11723] ? __pfx_genl_dumpit+0x10/0x10 [ 349.473348][T11723] ? __pfx_genl_done+0x10/0x10 [ 349.478154][T11723] ? __radix_tree_lookup+0x21f/0x2c0 [ 349.483482][T11723] genl_rcv_msg+0x470/0x800 [ 349.488028][T11723] ? __pfx_genl_rcv_msg+0x10/0x10 [ 349.493097][T11723] ? __pfx_nl80211_get_reg_dump+0x10/0x10 [ 349.498959][T11723] netlink_rcv_skb+0x165/0x410 [ 349.503755][T11723] ? __pfx_genl_rcv_msg+0x10/0x10 [ 349.508824][T11723] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 349.514156][T11723] ? down_read+0xc9/0x330 [ 349.518523][T11723] ? __pfx_down_read+0x10/0x10 [ 349.523329][T11723] ? netlink_deliver_tap+0x1ae/0xca0 [ 349.528741][T11723] genl_rcv+0x28/0x40 [ 349.532757][T11723] netlink_unicast+0x53c/0x7f0 [ 349.537558][T11723] ? __pfx_netlink_unicast+0x10/0x10 [ 349.542876][T11723] ? __phys_addr_symbol+0x30/0x80 [ 349.547937][T11723] ? __check_object_size+0x488/0x710 [ 349.553270][T11723] netlink_sendmsg+0x8b8/0xd70 [ 349.558076][T11723] ? __pfx_netlink_sendmsg+0x10/0x10 [ 349.563406][T11723] ____sys_sendmsg+0x9ae/0xb40 [ 349.568202][T11723] ? copy_msghdr_from_user+0x10b/0x160 [ 349.573706][T11723] ? __pfx_____sys_sendmsg+0x10/0x10 [ 349.579048][T11723] ___sys_sendmsg+0x135/0x1e0 [ 349.583767][T11723] ? __pfx____sys_sendmsg+0x10/0x10 [ 349.589029][T11723] ? __pfx_lock_release+0x10/0x10 [ 349.594086][T11723] ? trace_lock_acquire+0x14e/0x1f0 [ 349.599340][T11723] ? __fget_files+0x206/0x3a0 [ 349.604061][T11723] __sys_sendmsg+0x16e/0x220 [ 349.608699][T11723] ? __pfx___sys_sendmsg+0x10/0x10 [ 349.613874][T11723] do_syscall_64+0xcd/0x250 [ 349.618421][T11723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.624347][T11723] RIP: 0033:0x7fc95ad85d29 [ 349.628791][T11723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.648443][T11723] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 349.656903][T11723] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 349.664913][T11723] RDX: 0000000000004000 RSI: 0000000020000100 RDI: 0000000000000004 [ 349.672925][T11723] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 349.680947][T11723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.688963][T11723] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 349.696996][T11723] [ 351.312461][T11768] FAULT_INJECTION: forcing a failure. [ 351.312461][T11768] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 351.358979][T11768] CPU: 0 UID: 0 PID: 11768 Comm: syz.4.1629 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 351.369826][T11768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 351.379926][T11768] Call Trace: [ 351.383224][T11768] [ 351.386180][T11768] dump_stack_lvl+0x16c/0x1f0 [ 351.390911][T11768] should_fail_ex+0x497/0x5b0 [ 351.395631][T11768] ? fs_reclaim_acquire+0xae/0x150 [ 351.400788][T11768] should_fail_alloc_page+0xe7/0x130 [ 351.406133][T11768] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 351.412336][T11768] __alloc_pages_noprof+0x190/0x25b0 [ 351.417674][T11768] ? __pfx_mark_lock+0x10/0x10 [ 351.422491][T11768] ? find_held_lock+0x2d/0x110 [ 351.427303][T11768] ? is_bpf_text_address+0x8a/0x1a0 [ 351.432553][T11768] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 351.438322][T11768] ? trace_lock_acquire+0x14e/0x1f0 [ 351.443572][T11768] ? hlock_class+0x4e/0x130 [ 351.448140][T11768] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 351.454083][T11768] ? policy_nodemask+0xea/0x4e0 [ 351.458989][T11768] alloc_pages_mpol_noprof+0x2c9/0x610 [ 351.464511][T11768] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 351.470552][T11768] ? find_held_lock+0x2d/0x110 [ 351.475369][T11768] ? __thp_vma_allowable_orders+0x1ca/0xb30 [ 351.481328][T11768] __pmd_alloc+0x3f/0x860 [ 351.485721][T11768] __handle_mm_fault+0x94a/0x2a40 [ 351.490817][T11768] ? __pfx___handle_mm_fault+0x10/0x10 [ 351.496328][T11768] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 351.502018][T11768] ? find_vma+0xc0/0x140 [ 351.506302][T11768] ? __pfx_find_vma+0x10/0x10 [ 351.511022][T11768] handle_mm_fault+0x3fa/0xaa0 [ 351.515838][T11768] do_user_addr_fault+0x7a3/0x13f0 [ 351.521000][T11768] exc_page_fault+0x5c/0xc0 [ 351.525542][T11768] asm_exc_page_fault+0x26/0x30 [ 351.530427][T11768] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 351.536281][T11768] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 351.555934][T11768] RSP: 0018:ffffc9000c887d30 EFLAGS: 00050212 [ 351.562041][T11768] RAX: 0000000000000001 RBX: 0000000000005c8d RCX: 0000000000000010 [ 351.570045][T11768] RDX: ffffed100a2982bf RSI: 0000000000005c8d RDI: ffff8880514c15e8 [ 351.578055][T11768] RBP: 0000000000000010 R08: 0000000000000001 R09: ffffed100a2982be [ 351.586059][T11768] R10: ffff8880514c15f7 R11: 0000000000000001 R12: 0000000000000000 [ 351.594074][T11768] R13: ffff8880514c15e8 R14: ffff88807fb32000 R15: ffff8880514c1590 [ 351.602105][T11768] _copy_from_user+0x9a/0xd0 [ 351.606083][T11773] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1626'. [ 351.606754][T11768] __tun_chr_ioctl+0xf3a/0x4960 [ 351.620605][T11768] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 351.625953][T11768] ? __fget_files+0x206/0x3a0 [ 351.630683][T11768] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 351.635849][T11768] __x64_sys_ioctl+0x190/0x200 [ 351.640651][T11768] do_syscall_64+0xcd/0x250 [ 351.645199][T11768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.651130][T11768] RIP: 0033:0x7f6c80b85d29 [ 351.655577][T11768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.675314][T11768] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.683772][T11768] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 351.691784][T11768] RDX: 0000000000005c8d RSI: 00000000401054d5 RDI: 00000000000000c8 [ 351.699792][T11768] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 351.707801][T11768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 351.715814][T11768] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 351.723846][T11768] [ 351.998129][T11781] FAULT_INJECTION: forcing a failure. [ 351.998129][T11781] name failslab, interval 1, probability 0, space 0, times 0 [ 352.015016][T11781] CPU: 0 UID: 0 PID: 11781 Comm: syz.4.1635 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 352.025845][T11781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 352.035934][T11781] Call Trace: [ 352.039243][T11781] [ 352.042195][T11781] dump_stack_lvl+0x16c/0x1f0 [ 352.046918][T11781] should_fail_ex+0x497/0x5b0 [ 352.051639][T11781] ? fs_reclaim_acquire+0xae/0x150 [ 352.056794][T11781] should_failslab+0xc2/0x120 [ 352.061517][T11781] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 352.066935][T11781] ? vma_merge_new_range+0x3f0/0xb70 [ 352.072256][T11781] ? vm_area_alloc+0xe0/0x1c0 [ 352.076949][T11781] vm_area_alloc+0xe0/0x1c0 [ 352.081460][T11781] __mmap_region+0x101b/0x2670 [ 352.086242][T11781] ? __pfx___mmap_region+0x10/0x10 [ 352.091367][T11781] ? hlock_class+0x4e/0x130 [ 352.095880][T11781] ? mark_lock+0xb5/0xc60 [ 352.100275][T11781] ? cap_mmap_addr+0x53/0x320 [ 352.104967][T11781] mmap_region+0x270/0x320 [ 352.109395][T11781] do_mmap+0xc00/0xfc0 [ 352.113478][T11781] vm_mmap_pgoff+0x1ba/0x360 [ 352.118086][T11781] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 352.123217][T11781] ? __fget_files+0x206/0x3a0 [ 352.127908][T11781] ksys_mmap_pgoff+0x32c/0x5c0 [ 352.132683][T11781] ? __pfx_ksys_write+0x10/0x10 [ 352.137554][T11781] __x64_sys_mmap+0x125/0x190 [ 352.142241][T11781] do_syscall_64+0xcd/0x250 [ 352.146755][T11781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.152667][T11781] RIP: 0033:0x7f6c80b85d29 [ 352.157091][T11781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.176716][T11781] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 352.185158][T11781] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 352.193139][T11781] RDX: 0000000000000ffb RSI: 0000000000000009 RDI: 0000000000000000 [ 352.201112][T11781] RBP: 00007f6c7e9f6090 R08: 0000000000000003 R09: 0000000000008000 [ 352.209087][T11781] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 352.217064][T11781] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 352.225055][T11781] [ 352.370489][T11779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1632'. [ 352.897036][T11801] FAULT_INJECTION: forcing a failure. [ 352.897036][T11801] name failslab, interval 1, probability 0, space 0, times 0 [ 352.910153][T11801] CPU: 1 UID: 0 PID: 11801 Comm: syz.4.1640 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 352.920962][T11801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 352.931139][T11801] Call Trace: [ 352.934447][T11801] [ 352.937403][T11801] dump_stack_lvl+0x16c/0x1f0 [ 352.942120][T11801] should_fail_ex+0x497/0x5b0 [ 352.946849][T11801] ? fs_reclaim_acquire+0xae/0x150 [ 352.952023][T11801] should_failslab+0xc2/0x120 [ 352.956760][T11801] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 352.962612][T11801] ? __alloc_skb+0x2b3/0x380 [ 352.967248][T11801] __alloc_skb+0x2b3/0x380 [ 352.971720][T11801] ? __pfx___alloc_skb+0x10/0x10 [ 352.976753][T11801] ? lock_acquire+0x2f/0xb0 [ 352.981294][T11801] netlink_alloc_large_skb+0x69/0x130 [ 352.986708][T11801] netlink_sendmsg+0x689/0xd70 [ 352.991521][T11801] ? __pfx_netlink_sendmsg+0x10/0x10 [ 352.996858][T11801] ____sys_sendmsg+0x9ae/0xb40 [ 353.001660][T11801] ? copy_msghdr_from_user+0x10b/0x160 [ 353.007166][T11801] ? __pfx_____sys_sendmsg+0x10/0x10 [ 353.012514][T11801] ___sys_sendmsg+0x135/0x1e0 [ 353.017231][T11801] ? __pfx____sys_sendmsg+0x10/0x10 [ 353.022458][T11801] ? __pfx_lock_release+0x10/0x10 [ 353.027487][T11801] ? trace_lock_acquire+0x14e/0x1f0 [ 353.032707][T11801] ? __fget_files+0x206/0x3a0 [ 353.037406][T11801] __sys_sendmsg+0x16e/0x220 [ 353.042013][T11801] ? __pfx___sys_sendmsg+0x10/0x10 [ 353.047152][T11801] do_syscall_64+0xcd/0x250 [ 353.051678][T11801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.057596][T11801] RIP: 0033:0x7f6c80b85d29 [ 353.062017][T11801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.081637][T11801] RSP: 002b:00007f6c7e9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 353.090061][T11801] RAX: ffffffffffffffda RBX: 00007f6c80d75fa0 RCX: 00007f6c80b85d29 [ 353.098038][T11801] RDX: 0000000020040894 RSI: 0000000020000080 RDI: 0000000000000003 [ 353.106011][T11801] RBP: 00007f6c7e9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 353.113982][T11801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 353.121977][T11801] R13: 0000000000000000 R14: 00007f6c80d75fa0 R15: 00007fff80d74ab8 [ 353.130086][T11801] [ 353.417266][T11810] FAULT_INJECTION: forcing a failure. [ 353.417266][T11810] name failslab, interval 1, probability 0, space 0, times 0 [ 353.449301][T11810] CPU: 1 UID: 0 PID: 11810 Comm: syz.2.1649 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 353.460138][T11810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 353.470225][T11810] Call Trace: [ 353.473538][T11810] [ 353.476494][T11810] dump_stack_lvl+0x16c/0x1f0 [ 353.481211][T11810] should_fail_ex+0x497/0x5b0 [ 353.485932][T11810] ? fs_reclaim_acquire+0xae/0x150 [ 353.491078][T11810] should_failslab+0xc2/0x120 [ 353.495796][T11810] __kmalloc_noprof+0xce/0x4f0 [ 353.500593][T11810] ? d_absolute_path+0x137/0x1b0 [ 353.505574][T11810] ? tomoyo_encode2+0x100/0x3e0 [ 353.510464][T11810] tomoyo_encode2+0x100/0x3e0 [ 353.515180][T11810] tomoyo_realpath_from_path+0x1a7/0x710 [ 353.520852][T11810] tomoyo_path_number_perm+0x248/0x5b0 [ 353.526357][T11810] ? tomoyo_path_number_perm+0x235/0x5b0 [ 353.532047][T11810] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 353.538107][T11810] ? __pfx_lock_release+0x10/0x10 [ 353.543162][T11810] ? trace_lock_acquire+0x14e/0x1f0 [ 353.548412][T11810] ? lock_acquire+0x2f/0xb0 [ 353.552945][T11810] ? __fget_files+0x40/0x3a0 [ 353.557573][T11810] ? __fget_files+0x206/0x3a0 [ 353.562297][T11810] security_file_ioctl+0x9b/0x240 [ 353.567358][T11810] __x64_sys_ioctl+0xb7/0x200 [ 353.572072][T11810] do_syscall_64+0xcd/0x250 [ 353.576617][T11810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.582553][T11810] RIP: 0033:0x7f5282185d29 [ 353.586994][T11810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.606652][T11810] RSP: 002b:00007f527fff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 353.615110][T11810] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f5282185d29 [ 353.623118][T11810] RDX: 0000000000000000 RSI: 0000000000005412 RDI: 0000000000000019 [ 353.631125][T11810] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 353.639141][T11810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 353.647148][T11810] R13: 0000000000000000 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 353.655177][T11810] [ 353.658340][ C1] vkms_vblank_simulate: vblank timer overrun [ 353.870886][T11810] ERROR: Out of memory at tomoyo_realpath_from_path. [ 355.483299][T11830] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1647'. [ 356.315117][T11848] random: crng reseeded on system resumption [ 357.126288][T11839] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1651'. [ 358.137087][T11865] FAULT_INJECTION: forcing a failure. [ 358.137087][T11865] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 358.179852][T11865] CPU: 1 UID: 0 PID: 11865 Comm: syz.5.1658 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 358.190689][T11865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 358.200781][T11865] Call Trace: [ 358.204088][T11865] [ 358.207042][T11865] dump_stack_lvl+0x16c/0x1f0 [ 358.211762][T11865] should_fail_ex+0x497/0x5b0 [ 358.216481][T11865] _copy_to_user+0x32/0xd0 [ 358.220949][T11865] simple_read_from_buffer+0xd0/0x160 [ 358.226376][T11865] proc_fail_nth_read+0x198/0x270 [ 358.231448][T11865] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 358.237050][T11865] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 358.242652][T11865] vfs_read+0x1df/0xbe0 [ 358.246847][T11865] ? __fget_files+0x1fc/0x3a0 [ 358.251569][T11865] ? __pfx___mutex_lock+0x10/0x10 [ 358.256633][T11865] ? __pfx_vfs_read+0x10/0x10 [ 358.261366][T11865] ? __fget_files+0x206/0x3a0 [ 358.266101][T11865] ksys_read+0x12b/0x250 [ 358.270379][T11865] ? __pfx_ksys_read+0x10/0x10 [ 358.275194][T11865] do_syscall_64+0xcd/0x250 [ 358.279740][T11865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.285670][T11865] RIP: 0033:0x7f0e7558473c [ 358.290115][T11865] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 358.309765][T11865] RSP: 002b:00007f0e7634c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 358.318221][T11865] RAX: ffffffffffffffda RBX: 00007f0e75775fa0 RCX: 00007f0e7558473c [ 358.326231][T11865] RDX: 000000000000000f RSI: 00007f0e7634c0a0 RDI: 0000000000000004 [ 358.334240][T11865] RBP: 00007f0e7634c090 R08: 0000000000000000 R09: 0000000000000000 [ 358.342248][T11865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 358.350256][T11865] R13: 0000000000000000 R14: 00007f0e75775fa0 R15: 00007fffd5d1c218 [ 358.358278][T11865] [ 358.361447][ C1] vkms_vblank_simulate: vblank timer overrun [ 358.575468][T11869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1659'. [ 359.511038][T11887] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1665'. [ 359.606644][T11887] hsr_slave_0: left promiscuous mode [ 359.656702][T11887] hsr_slave_1: left promiscuous mode [ 360.135123][T11875] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1670'. [ 360.625093][T11902] FAULT_INJECTION: forcing a failure. [ 360.625093][T11902] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 360.669554][T11902] CPU: 1 UID: 0 PID: 11902 Comm: syz.2.1668 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 360.680382][T11902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 360.690470][T11902] Call Trace: [ 360.693776][T11902] [ 360.696731][T11902] dump_stack_lvl+0x16c/0x1f0 [ 360.701445][T11902] should_fail_ex+0x497/0x5b0 [ 360.706156][T11902] ? __pfx_uinput_write+0x10/0x10 [ 360.711220][T11902] ? __pfx_uinput_write+0x10/0x10 [ 360.716282][T11902] _copy_from_user+0x2e/0xd0 [ 360.720919][T11902] memdup_user+0x71/0xd0 [ 360.725203][T11902] uinput_write+0x1f0/0x12b0 [ 360.729843][T11902] ? __pfx_uinput_write+0x10/0x10 [ 360.734910][T11902] ? apparmor_file_permission+0x251/0x400 [ 360.740669][T11902] ? bpf_lsm_file_permission+0x9/0x10 [ 360.746076][T11902] ? security_file_permission+0x71/0x210 [ 360.751755][T11902] ? __pfx_uinput_write+0x10/0x10 [ 360.756827][T11902] vfs_write+0x24c/0x1150 [ 360.761193][T11902] ? __fget_files+0x1fc/0x3a0 [ 360.765901][T11902] ? __pfx_lock_release+0x10/0x10 [ 360.770959][T11902] ? __pfx_vfs_write+0x10/0x10 [ 360.775770][T11902] ? lock_acquire+0x2f/0xb0 [ 360.780304][T11902] ? __fget_files+0x40/0x3a0 [ 360.784926][T11902] ? __fget_files+0x206/0x3a0 [ 360.789642][T11902] ksys_write+0x207/0x250 [ 360.794000][T11902] ? __pfx_ksys_write+0x10/0x10 [ 360.798892][T11902] do_syscall_64+0xcd/0x250 [ 360.803437][T11902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.809374][T11902] RIP: 0033:0x7f5282185d29 [ 360.813827][T11902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.833473][T11902] RSP: 002b:00007f527fff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 360.841930][T11902] RAX: ffffffffffffffda RBX: 00007f5282375fa0 RCX: 00007f5282185d29 [ 360.849938][T11902] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000006 [ 360.857946][T11902] RBP: 00007f527fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 360.865948][T11902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 360.873976][T11902] R13: 0000000000000000 R14: 00007f5282375fa0 R15: 00007ffd655e73c8 [ 360.882087][T11902] [ 360.885292][ C1] vkms_vblank_simulate: vblank timer overrun [ 361.411236][T11914] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1673'. [ 362.426139][T11919] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1676'. [ 362.585078][T11921] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1677'. [ 362.919446][T11944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1683'. [ 362.953940][T11929] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1679'. [ 363.266156][T11958] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1687'. [ 363.287379][T11958] hsr_slave_0: left promiscuous mode [ 363.294241][T11958] hsr_slave_1: left promiscuous mode [ 363.397556][T11960] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1688'. [ 364.347348][T11979] FAULT_INJECTION: forcing a failure. [ 364.347348][T11979] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 364.401364][T11979] CPU: 0 UID: 0 PID: 11979 Comm: syz.0.1692 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 364.412204][T11979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 364.422300][T11979] Call Trace: [ 364.425606][T11979] [ 364.428558][T11979] dump_stack_lvl+0x16c/0x1f0 [ 364.433273][T11979] should_fail_ex+0x497/0x5b0 [ 364.437991][T11979] strncpy_from_user+0x3b/0x2d0 [ 364.442881][T11979] getname_flags.part.0+0x8f/0x550 [ 364.448044][T11979] getname_flags+0x93/0xf0 [ 364.452495][T11979] user_path_at+0x24/0x60 [ 364.456864][T11979] __x64_sys_mount+0x1fc/0x320 [ 364.461669][T11979] ? __pfx___x64_sys_mount+0x10/0x10 [ 364.467003][T11979] do_syscall_64+0xcd/0x250 [ 364.471546][T11979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.477477][T11979] RIP: 0033:0x7fc95ad85d29 [ 364.481907][T11979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.501526][T11979] RSP: 002b:00007fc95bb91038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 364.509951][T11979] RAX: ffffffffffffffda RBX: 00007fc95af75fa0 RCX: 00007fc95ad85d29 [ 364.517929][T11979] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000 [ 364.525908][T11979] RBP: 00007fc95bb91090 R08: 0000000000000000 R09: 0000000000000000 [ 364.533886][T11979] R10: 0000000000000aaa R11: 0000000000000246 R12: 0000000000000001 [ 364.541863][T11979] R13: 0000000000000000 R14: 00007fc95af75fa0 R15: 00007ffeb3fa8b78 [ 364.549855][T11979] [ 365.700584][T11998] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1699'. [ 365.971752][T11984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1693'. [ 366.293785][T12002] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1701'. [ 367.284317][T12010] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1702'. [ 368.090103][T12028] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1708'. [ 369.148080][T12042] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1712'. [ 369.551824][T12031] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1709'. [ 371.869369][T11970] ------------[ cut here ]------------ [ 371.875261][T11970] WARNING: CPU: 0 PID: 11970 at mm/page_alloc.c:4727 __alloc_pages_noprof+0xeff/0x25b0 [ 371.885028][T11970] Modules linked in: [ 371.888976][T11970] CPU: 0 UID: 0 PID: 11970 Comm: syz.2.1689 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 371.900275][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 371.910850][T11970] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 371.917028][T11970] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e3 70 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a3 0c 00 8b 14 24 e9 [ 371.936879][T11970] RSP: 0018:ffffc9000bc9f918 EFLAGS: 00010246 [ 371.943010][T11970] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 371.951296][T11970] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000040d40 [ 371.959390][T11970] RBP: 0000000000000000 R08: 0000000000000006 R09: 00000000003fffff [ 371.967459][T11970] R10: 00000000003fffff R11: 0000000000000004 R12: 000000000000000b [ 371.975530][T11970] R13: 0000000000040d40 R14: 1ffff92001793f37 R15: 00000000003fffff [ 371.983544][T11970] FS: 00007f527ff726c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 371.992573][T11970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 371.999795][T11970] CR2: 00000000003ff000 CR3: 0000000033826000 CR4: 00000000003526f0 [ 372.008438][T11970] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 372.016502][T11970] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 372.024512][T11970] Call Trace: [ 372.027867][T11970] [ 372.030833][T11970] ? __warn+0xea/0x3c0 [ 372.035021][T11970] ? __alloc_pages_noprof+0xeff/0x25b0 [ 372.040541][T11970] ? report_bug+0x3c0/0x580 [ 372.045145][T11970] ? handle_bug+0x54/0xa0 [ 372.049524][T11970] ? exc_invalid_op+0x17/0x50 [ 372.054251][T11970] ? asm_exc_invalid_op+0x1a/0x20 [ 372.059434][T11970] ? __alloc_pages_noprof+0xeff/0x25b0 [ 372.064985][T11970] ? find_held_lock+0x2d/0x110 [ 372.069804][T11970] ? hlock_class+0x4e/0x130 [ 372.074352][T11970] ? __lock_acquire+0x15a9/0x3c40 [ 372.079489][T11970] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 372.085337][T11970] ? handle_mm_fault+0x497/0xaa0 [ 372.090341][T11970] ? find_held_lock+0x2d/0x110 [ 372.095218][T11970] ___kmalloc_large_node+0x84/0x1b0 [ 372.100828][T11970] __kmalloc_large_node_noprof+0x1c/0x70 [ 372.106942][T11970] __kmalloc_noprof.cold+0xc/0x63 [ 372.112028][T11970] ? __might_fault+0xe3/0x190 [ 372.116829][T11970] ? tomoyo_write_control+0x267/0x13d0 [ 372.122343][T11970] tomoyo_write_control+0x267/0x13d0 [ 372.127760][T11970] ? rcu_is_watching+0x12/0xc0 [ 372.132578][T11970] ? __pfx_tomoyo_write_control+0x10/0x10 [ 372.138425][T11970] ? ksys_write+0x12b/0x250 [ 372.143013][T11970] ? __pfx_tomoyo_write+0x10/0x10 [ 372.148174][T11970] vfs_write+0x24c/0x1150 [ 372.152552][T11970] ? __fget_files+0x1fc/0x3a0 [ 372.157334][T11970] ? __pfx___mutex_lock+0x10/0x10 [ 372.162401][T11970] ? __pfx_vfs_write+0x10/0x10 [ 372.167314][T11970] ? __fget_files+0x206/0x3a0 [ 372.172053][T11970] ksys_write+0x12b/0x250 [ 372.176455][T11970] ? __pfx_ksys_write+0x10/0x10 [ 372.181355][T11970] do_syscall_64+0xcd/0x250 [ 372.185938][T11970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.191868][T11970] RIP: 0033:0x7f5282185d29 [ 372.196354][T11970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.216420][T11970] RSP: 002b:00007f527ff72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 372.225358][T11970] RAX: ffffffffffffffda RBX: 00007f5282376320 RCX: 00007f5282185d29 [ 372.233384][T11970] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 372.241440][T11970] RBP: 00007f5282201aa8 R08: 0000000000000000 R09: 0000000000000000 [ 372.249491][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.257825][T11970] R13: 0000000000000000 R14: 00007f5282376320 R15: 00007ffd655e73c8 [ 372.265912][T11970] [ 372.268970][T11970] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 372.276282][T11970] CPU: 0 UID: 0 PID: 11970 Comm: syz.2.1689 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 [ 372.287085][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 372.297176][T11970] Call Trace: [ 372.300483][T11970] [ 372.303439][T11970] dump_stack_lvl+0x3d/0x1f0 [ 372.308062][T11970] panic+0x71d/0x800 [ 372.311973][T11970] ? __pfx_panic+0x10/0x10 [ 372.316404][T11970] ? show_trace_log_lvl+0x29d/0x3d0 [ 372.321627][T11970] ? check_panic_on_warn+0x1f/0xb0 [ 372.326769][T11970] ? __alloc_pages_noprof+0xeff/0x25b0 [ 372.332259][T11970] check_panic_on_warn+0xab/0xb0 [ 372.337216][T11970] __warn+0xf6/0x3c0 [ 372.341128][T11970] ? __alloc_pages_noprof+0xeff/0x25b0 [ 372.346601][T11970] report_bug+0x3c0/0x580 [ 372.350944][T11970] handle_bug+0x54/0xa0 [ 372.355107][T11970] exc_invalid_op+0x17/0x50 [ 372.359621][T11970] asm_exc_invalid_op+0x1a/0x20 [ 372.364477][T11970] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 372.370555][T11970] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e3 70 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a3 0c 00 8b 14 24 e9 [ 372.390172][T11970] RSP: 0018:ffffc9000bc9f918 EFLAGS: 00010246 [ 372.396250][T11970] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 372.404225][T11970] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000040d40 [ 372.412201][T11970] RBP: 0000000000000000 R08: 0000000000000006 R09: 00000000003fffff [ 372.420175][T11970] R10: 00000000003fffff R11: 0000000000000004 R12: 000000000000000b [ 372.428148][T11970] R13: 0000000000040d40 R14: 1ffff92001793f37 R15: 00000000003fffff [ 372.436143][T11970] ? find_held_lock+0x2d/0x110 [ 372.440923][T11970] ? hlock_class+0x4e/0x130 [ 372.445435][T11970] ? __lock_acquire+0x15a9/0x3c40 [ 372.450474][T11970] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 372.456213][T11970] ? handle_mm_fault+0x497/0xaa0 [ 372.461171][T11970] ? find_held_lock+0x2d/0x110 [ 372.465945][T11970] ___kmalloc_large_node+0x84/0x1b0 [ 372.471153][T11970] __kmalloc_large_node_noprof+0x1c/0x70 [ 372.476792][T11970] __kmalloc_noprof.cold+0xc/0x63 [ 372.481831][T11970] ? __might_fault+0xe3/0x190 [ 372.486517][T11970] ? tomoyo_write_control+0x267/0x13d0 [ 372.491986][T11970] tomoyo_write_control+0x267/0x13d0 [ 372.497289][T11970] ? rcu_is_watching+0x12/0xc0 [ 372.502064][T11970] ? __pfx_tomoyo_write_control+0x10/0x10 [ 372.507793][T11970] ? ksys_write+0x12b/0x250 [ 372.512314][T11970] ? __pfx_tomoyo_write+0x10/0x10 [ 372.517345][T11970] vfs_write+0x24c/0x1150 [ 372.521681][T11970] ? __fget_files+0x1fc/0x3a0 [ 372.526368][T11970] ? __pfx___mutex_lock+0x10/0x10 [ 372.531404][T11970] ? __pfx_vfs_write+0x10/0x10 [ 372.536181][T11970] ? __fget_files+0x206/0x3a0 [ 372.540873][T11970] ksys_write+0x12b/0x250 [ 372.545210][T11970] ? __pfx_ksys_write+0x10/0x10 [ 372.550075][T11970] do_syscall_64+0xcd/0x250 [ 372.554592][T11970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.560495][T11970] RIP: 0033:0x7f5282185d29 [ 372.564913][T11970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.584527][T11970] RSP: 002b:00007f527ff72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 372.592951][T11970] RAX: ffffffffffffffda RBX: 00007f5282376320 RCX: 00007f5282185d29 [ 372.600927][T11970] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 372.608911][T11970] RBP: 00007f5282201aa8 R08: 0000000000000000 R09: 0000000000000000 [ 372.616891][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.624863][T11970] R13: 0000000000000000 R14: 00007f5282376320 R15: 00007ffd655e73c8 [ 372.632851][T11970] [ 372.636123][T11970] Kernel Offset: disabled [ 372.640488][T11970] Rebooting in 86400 seconds..