last executing test programs: 4m28.159437661s ago: executing program 1 (id=701): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, &(0x7f0000000240)={r0, &(0x7f0000000040)="201f9cbbafc9c32a0b2a9691d4f6518076dd3a595a0295d2cf52fdbb88d8449fdce1735a9b5b98b64ad3d1b2c91ed801c3747df0904672d68ba3a58488bcdea39057ba18e68b549b605a086ad7cc63250c25b97a2bce7c712a71c3f0cd809624acae6f02e58b5de0", 0xfffffff8, &(0x7f00000000c0)="ba4d8df31ec5521e50437af7e0cdfb5953b1ad92d0b4afd89f394a9d8b93f5857f376dd8450e43132d87ea1cfc64993ac805161276ef40713a2aac7df5522603882369ada98dc7e24eedef9fe27c0120d3166bf720935643b868db4abaafb4dd419bd0deb88cf725", 0x7, &(0x7f0000000140)="b53b0465a961870c424e71c5e6a6ca147ba282b5404975258689b87e1b8dafefaa8eb72f2c5385401346d0e935eaaabde798d94ac1e2966755df8481b08142bb017e6d4824dddb2635404e0787109ae5288550b5a73c18517c0e139c5209dc3ca39ba71986b56e1dc2e183faf48a7ace08db979e88663dae681215cb9778782295d88b38984ea981106d6cf4c8655e0c18ba58ce02c7274d0b9ff792f825ad935be03812d1552a8afaef", &(0x7f0000000200)=0x6}) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, 0x0, 0x28202, 0x0) socket(0x11, 0xa, 0x300) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\b\x00\x00', @ANYRES16=r2, @ANYBLOB="00012bbd7000fddbdf252800000005003e000800000031004801a289c1c1f3026f75a4d3a66a76f9f65578159c8a96f55e156e69b5114d651d9ec494a3d7791ee432bb9c"], 0x60}, 0x1, 0x0, 0x0, 0x54}, 0x1) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/fib_multipath_hash_fields\x00', 0x80001, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0xc0603d06, 0x0) 4m27.230669859s ago: executing program 1 (id=706): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r0) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004100)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x8004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000000), 0x140, 0x0) ioctl$auto_IOCTL_GET_NUM_DEVICES(r2, 0x40046104, &(0x7f0000000040)=0x7fff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xeffff000) munmap$auto(0x0, 0xffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/net/rxrpc/calls\x00', 0x20080, 0x0) pread64$auto(r3, 0x0, 0x1fffdffe, 0x8) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r4, 0xc0105512, r4) io_uring_setup$auto(0x59, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0) 4m25.169734428s ago: executing program 1 (id=710): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(0x0, 0x8000, 0x0, 0x6) msync$auto(0x6, 0x180000000000000, 0x400000004) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="380000006f960a34c9", @ANYRES16=r1, @ANYBLOB="010026bd7000fcdbdf25010000001c0002800c00010006000000000000000c000200ff0000000000000008000100", @ANYRES32=0x0, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8003) write$auto(0x3, 0x0, 0x100082) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setns(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="ea12e528ded30ff1309c8b1613007984cb"], 0x14}}, 0x4000080) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x4, 0x2, 0x4, 0x0, 0xfffffffffffffffa, 0x1, 0x0, 0x9, 0x7, 0x5}) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) write$auto(r3, &(0x7f0000000000)='y\x8c', 0x2) quotactl_fd$auto(r2, 0x2, 0xee01, &(0x7f0000000380)="c7a34676508b060b6a2b6c7752") mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x402, 0x8000) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getpid() prctl$auto(0x23, 0xe, 0x1ff, 0x68, 0x0) 4m23.87432422s ago: executing program 1 (id=712): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/vm/nr_overcommit_hugepages\x00', 0x100, 0x0) clone$auto(0x1, 0x100, 0x0, 0x0, 0x800) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(r0, &(0x7f0000000000)=@phonet={0x23, 0x5, 0x4, 0x96}, 0x8) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, 0x55) sendmsg$auto_OVS_DP_CMD_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x31cd3c7c, 0xb1) shutdown$auto(0x200000003, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0xc01) openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[], 0xd000}, 0x1, 0x0, 0x0, 0x50}, 0x0) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mkdir$auto(&(0x7f0000001280)='./file0\x00', 0x0) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', 0x0, 0x8000, 0x0) mmap$auto(0x7, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x7ffd) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r4, 0x80104592, &(0x7f0000000000)={0x1, 0x60, 0x5}) 4m23.136837996s ago: executing program 1 (id=714): set_mempolicy$auto(0x1, 0x0, 0x5) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x28, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@HWSIM_ATTR_CIPHER_SUPPORT={0x13, 0x18, "c28634e6de69a1509e3e2906366733"}]}, 0x28}, 0x1, 0x0, 0x0, 0x44048058}, 0x4000800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r0 = clone$auto(0x3fff, 0xad3, 0x0, 0x0, 0x8000002) r1 = prctl$auto_PR_GET_TIMING(0xd, 0x6, r0, 0x5, 0x0) r2 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@THERMAL_GENL_ATTR_CDEV_ID={0x8, 0x10, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x24000000) 4m22.5069133s ago: executing program 1 (id=716): bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x0, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0xeca0, 0x13, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/pcm0c/sub3/sw_params\x00', 0x28102, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) socket(0x2, 0x1, 0x106) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x404, 0x8000) r0 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x40800, 0x0) read$auto_ptdump_fops_(r0, &(0x7f0000000140)=""/130, 0x82) getsockopt$auto(0x4, 0x6, 0x15, 0xfffffffffffffffc, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) madvise$auto(0x0, 0xdfffffffffff0004, 0x97) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/saved_cmdlines\x00', 0x10000, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = socket(0x10, 0xa, 0xb) statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x8, 0x7, 0x44, 0x4909b6f8, 0x201ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x5, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0xa, 0x7062cce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x636, 0x5, 0xffffffffffff7ffe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x4f6, 0x2000000000000000, 0x0, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x0, 0x0, 0x40000, 0x6, 0x1, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) madvise$auto(0x0, 0xffffffffffff0005, 0x19) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) 4m6.711366461s ago: executing program 32 (id=716): bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x0, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0xeca0, 0x13, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/pcm0c/sub3/sw_params\x00', 0x28102, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) socket(0x2, 0x1, 0x106) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x404, 0x8000) r0 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x40800, 0x0) read$auto_ptdump_fops_(r0, &(0x7f0000000140)=""/130, 0x82) getsockopt$auto(0x4, 0x6, 0x15, 0xfffffffffffffffc, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) madvise$auto(0x0, 0xdfffffffffff0004, 0x97) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/saved_cmdlines\x00', 0x10000, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = socket(0x10, 0xa, 0xb) statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x8, 0x7, 0x44, 0x4909b6f8, 0x201ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x5, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0xa, 0x7062cce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x636, 0x5, 0xffffffffffff7ffe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x4f6, 0x2000000000000000, 0x0, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x0, 0x0, 0x40000, 0x6, 0x1, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) madvise$auto(0x0, 0xffffffffffff0005, 0x19) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) 7.832832479s ago: executing program 0 (id=2294): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x62a6, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x73) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x2, 0x0) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) r0 = io_uring_setup$auto(0x4, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1c8340, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x482, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xa4e00, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r1) 7.657158878s ago: executing program 0 (id=2297): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x200000000eb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, 0x0, 0x7, 0x6, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x3a, 0x65f, 0x201ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x0, 0x2000, 0x203, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x1, 0x3, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000001, 0x0, 0xffffffffefffffff, 0x200000000000004, 0x0, 0x0, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x8000000000008, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000380), r0) 7.432131299s ago: executing program 0 (id=2302): setsockopt$auto_SO_ATTACH_FILTER(0xffffffffffffffff, 0x7, 0x1a, &(0x7f0000000080)='j\'\x00', 0xfff) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x80000, 0x0) mmap$auto(0x0, 0x7, 0x40004000000000df, 0x40eb2, 0x402, 0x300000000000) setrlimit$auto(0x1000000007, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000080)) 7.244957175s ago: executing program 0 (id=2305): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x62a6, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x73) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x2, 0x0) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) r0 = io_uring_setup$auto(0x4, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1c8340, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x482, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xa4e00, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r1) 7.099084326s ago: executing program 0 (id=2307): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2e, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x10, 0x1, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @str='@):^\\/\\\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x24040804) 6.942354217s ago: executing program 0 (id=2310): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2f212cbd7000fcdbdf2531000000080003", @ANYRES32=r2], 0x48}}, 0x4000000) 2.953436608s ago: executing program 3 (id=2342): r0 = openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80a40, 0x99) read$auto(r1, 0x0, 0x8004000000) write$auto(r0, 0x0, 0x6) 2.657989058s ago: executing program 3 (id=2343): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/traceSMB\x00', 0x40080, 0x0) 2.572771867s ago: executing program 2 (id=2344): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, 0x0, 0x4000080) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) fcntl$auto_F_SETFD(0xffffffffffffffff, 0x2, r0) ptrace$auto(0x10, r0, 0x4, 0x7ff) ptrace$auto_PTRACE_GETSIGINFO(0x4202, r0, 0x800, 0x0) 2.472417041s ago: executing program 3 (id=2345): open(&(0x7f0000000000)='X))\x00', 0x145042, 0x1d0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212cbd7000fcdbdf253100000008000300", @ANYRES32=r3], 0x48}}, 0x4000000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.431652297s ago: executing program 2 (id=2346): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) setreuid$auto(0x0, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) write$auto(r0, 0x0, 0x4) sendfile$auto(r0, r0, &(0x7f0000000040)=0x1, 0x4) 1.92295319s ago: executing program 4 (id=2348): socket(0x10, 0x2, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x62a6, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x73) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x2, 0x0) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) r0 = io_uring_setup$auto(0x4, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x9, 0x8, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r1) 1.760596756s ago: executing program 4 (id=2349): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bond_slave_1\x00', 0x0}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) read$auto(r1, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="08000300060000"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.455876246s ago: executing program 2 (id=2350): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89fb, 0x24) 1.000522935s ago: executing program 3 (id=2351): r0 = openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80a40, 0x99) read$auto(r1, 0x0, 0x8004000000) write$auto(r0, 0x0, 0x6) 990.056253ms ago: executing program 4 (id=2352): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x0) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) socket(0x2, 0x80002, 0x73) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r1, r0, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0) ioctl$auto(r2, 0xc0585611, r2) 812.31378ms ago: executing program 4 (id=2353): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/traceSMB\x00', 0x40080, 0x0) 665.472074ms ago: executing program 4 (id=2354): unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) syz_clone(0x98280000, 0x0, 0x0, 0x0, 0x0, 0x0) kill$auto(0x0, 0x11) 647.544212ms ago: executing program 3 (id=2355): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0x5) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 548.88424ms ago: executing program 2 (id=2356): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(r0, 0x10e, 0xa, 0x0, 0x0) 173.772313ms ago: executing program 2 (id=2357): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x100001000000032, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) 91.478234ms ago: executing program 4 (id=2358): open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/mnt\x00') mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket(0x29, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) eventfd$auto(0x0) pipe$auto(0x0) socket(0xa, 0x2, 0x88) socketpair$auto(0x1e, 0x1, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 69.266632ms ago: executing program 2 (id=2359): open(&(0x7f0000000000)='X))\x00', 0x145042, 0x1d0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212cbd7000fcdbdf253100000008000300", @ANYRES32=r3], 0x48}}, 0x4000000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 0s ago: executing program 3 (id=2360): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) read$auto(r1, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="08000300060000"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) kernel console output (not intermixed with test programs): snd_pcm_oss_make_ready+0xe6/0x1b0 [ 430.699900][T11583] snd_pcm_oss_sync+0x1d7/0x7f0 [ 430.699931][T11583] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 430.699958][T11583] snd_pcm_oss_release+0x28b/0x310 [ 430.699990][T11583] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 430.700015][T11583] __fput+0x3ff/0xb70 [ 430.700053][T11583] task_work_run+0x14e/0x250 [ 430.700085][T11583] ? __pfx_task_work_run+0x10/0x10 [ 430.700118][T11583] ? __pfx___do_sys_close_range+0x10/0x10 [ 430.700162][T11583] syscall_exit_to_user_mode+0x27b/0x2a0 [ 430.700191][T11583] do_syscall_64+0xda/0x250 [ 430.700222][T11583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.700262][T11583] RIP: 0033:0x7f495c18cde9 [ 430.700283][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 430.700306][T11583] RSP: 002b:00007f495cfdc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 430.700329][T11583] RAX: 0000000000000000 RBX: 00007f495c3a5fa0 RCX: 00007f495c18cde9 [ 430.700345][T11583] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 430.700359][T11583] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 430.700373][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 430.700388][T11583] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 430.700424][T11583] [ 431.683158][T11598] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1579'. [ 431.755571][T11598] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1579'. [ 431.776562][T11597] ima: policy update failed [ 431.783551][ T29] audit: type=1802 audit(4294967461.050:7): pid=11597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1579" res=0 errno=0 [ 432.730989][T11627] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1592'. [ 432.795918][T11630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1592'. [ 432.840211][T11626] ima: policy update failed [ 432.848892][ T29] audit: type=1802 audit(4294967462.110:8): pid=11626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1592" res=0 errno=0 [ 433.003214][T11636] svc: failed to register nfsdv3 RPC service (errno 111). [ 433.026706][T11636] svc: failed to register nfsaclv3 RPC service (errno 111). [ 433.789768][T11661] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1606'. [ 433.870793][T11667] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1606'. [ 433.977815][T11660] ima: policy update failed [ 434.002413][ T29] audit: type=1802 audit(4294967463.270:9): pid=11660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1606" res=0 errno=0 [ 434.018874][T11673] FAULT_INJECTION: forcing a failure. [ 434.018874][T11673] name failslab, interval 1, probability 0, space 0, times 0 [ 434.064477][T11673] CPU: 1 UID: 0 PID: 11673 Comm: syz.3.1611 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 434.064514][T11673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 434.064529][T11673] Call Trace: [ 434.064538][T11673] [ 434.064548][T11673] dump_stack_lvl+0x16c/0x1f0 [ 434.064584][T11673] should_fail_ex+0x50a/0x650 [ 434.064620][T11673] ? fs_reclaim_acquire+0xae/0x150 [ 434.064653][T11673] ? v4l2_fh_open+0x4c/0xc0 [ 434.064681][T11673] should_failslab+0xc2/0x120 [ 434.064705][T11673] __kmalloc_cache_noprof+0x68/0x410 [ 434.064737][T11673] ? __pfx_lock_release+0x10/0x10 [ 434.064776][T11673] v4l2_fh_open+0x4c/0xc0 [ 434.064805][T11673] v4l2_open+0x222/0x490 [ 434.064830][T11673] ? __pfx_v4l2_open+0x10/0x10 [ 434.064853][T11673] chrdev_open+0x237/0x6a0 [ 434.064886][T11673] ? __pfx_apparmor_file_open+0x10/0x10 [ 434.064916][T11673] ? __pfx_chrdev_open+0x10/0x10 [ 434.064957][T11673] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 434.064994][T11673] do_dentry_open+0x735/0x1c40 [ 434.065028][T11673] ? __pfx_chrdev_open+0x10/0x10 [ 434.065065][T11673] ? inode_permission+0xdd/0x5f0 [ 434.065094][T11673] vfs_open+0x82/0x3f0 [ 434.065116][T11673] ? may_open+0x1f2/0x400 [ 434.065145][T11673] path_openat+0x1e88/0x2d80 [ 434.065198][T11673] ? __pfx_path_openat+0x10/0x10 [ 434.065233][T11673] ? __pfx___lock_acquire+0x10/0x10 [ 434.065265][T11673] ? lock_acquire.part.0+0x11b/0x380 [ 434.065297][T11673] ? find_held_lock+0x2d/0x110 [ 434.065326][T11673] do_filp_open+0x20c/0x470 [ 434.065360][T11673] ? __pfx_do_filp_open+0x10/0x10 [ 434.065390][T11673] ? find_held_lock+0x2d/0x110 [ 434.065437][T11673] ? alloc_fd+0x41f/0x760 [ 434.065479][T11673] do_sys_openat2+0x17a/0x1e0 [ 434.065505][T11673] ? __pfx_do_sys_openat2+0x10/0x10 [ 434.065543][T11673] __x64_sys_openat+0x175/0x210 [ 434.065570][T11673] ? __pfx___x64_sys_openat+0x10/0x10 [ 434.065609][T11673] do_syscall_64+0xcd/0x250 [ 434.065643][T11673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.065675][T11673] RIP: 0033:0x7f2aa5d8cde9 [ 434.065696][T11673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.065720][T11673] RSP: 002b:00007f2aa6cb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 434.065744][T11673] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa0 RCX: 00007f2aa5d8cde9 [ 434.065761][T11673] RDX: 0000000000000000 RSI: 0000400000000080 RDI: ffffffffffffff9c [ 434.065777][T11673] RBP: 00007f2aa5e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 434.065793][T11673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 434.065808][T11673] R13: 0000000000000000 R14: 00007f2aa5fa5fa0 R15: 00007ffc0abb6238 [ 434.065841][T11673] [ 434.537071][T11679] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[11679] [ 435.687180][T11717] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[11717] [ 435.904696][T11724] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 437.432781][ C1] vcan0: j1939_tp_rxtimer: 0xffff888032f11000: rx timeout, send abort [ 437.443407][ C1] vcan0: j1939_tp_rxtimer: 0xffff888032f12400: rx timeout, send abort [ 437.451903][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888032f11000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 437.468222][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888032f12400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 438.185356][T11797] FAULT_INJECTION: forcing a failure. [ 438.185356][T11797] name failslab, interval 1, probability 0, space 0, times 0 [ 438.205398][T11797] CPU: 1 UID: 0 PID: 11797 Comm: syz.3.1660 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 438.205435][T11797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 438.205450][T11797] Call Trace: [ 438.205458][T11797] [ 438.205467][T11797] dump_stack_lvl+0x16c/0x1f0 [ 438.205505][T11797] should_fail_ex+0x50a/0x650 [ 438.205542][T11797] ? fs_reclaim_acquire+0xae/0x150 [ 438.205576][T11797] ? lsm_blob_alloc+0x68/0x90 [ 438.205611][T11797] should_failslab+0xc2/0x120 [ 438.205636][T11797] __kmalloc_noprof+0xcb/0x510 [ 438.205681][T11797] lsm_blob_alloc+0x68/0x90 [ 438.205724][T11797] security_sk_alloc+0x30/0x270 [ 438.205753][T11797] sk_prot_alloc+0x1c7/0x2a0 [ 438.205781][T11797] sk_alloc+0x36/0xb90 [ 438.205815][T11797] tap_open+0x2e8/0x1150 [ 438.205843][T11797] ? __pfx_tap_open+0x10/0x10 [ 438.205868][T11797] chrdev_open+0x237/0x6a0 [ 438.205904][T11797] ? __pfx_apparmor_file_open+0x10/0x10 [ 438.205934][T11797] ? __pfx_chrdev_open+0x10/0x10 [ 438.205973][T11797] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 438.206011][T11797] do_dentry_open+0x735/0x1c40 [ 438.206046][T11797] ? __pfx_chrdev_open+0x10/0x10 [ 438.206083][T11797] ? inode_permission+0xdd/0x5f0 [ 438.206113][T11797] vfs_open+0x82/0x3f0 [ 438.206136][T11797] ? may_open+0x1f2/0x400 [ 438.206167][T11797] path_openat+0x1e88/0x2d80 [ 438.206215][T11797] ? __pfx_path_openat+0x10/0x10 [ 438.206249][T11797] ? __pfx___lock_acquire+0x10/0x10 [ 438.206281][T11797] ? lock_acquire.part.0+0x11b/0x380 [ 438.206314][T11797] ? find_held_lock+0x2d/0x110 [ 438.206344][T11797] do_filp_open+0x20c/0x470 [ 438.206378][T11797] ? __pfx_do_filp_open+0x10/0x10 [ 438.206414][T11797] ? find_held_lock+0x2d/0x110 [ 438.206459][T11797] ? alloc_fd+0x41f/0x760 [ 438.206501][T11797] do_sys_openat2+0x17a/0x1e0 [ 438.206527][T11797] ? __pfx_do_sys_openat2+0x10/0x10 [ 438.206555][T11797] ? __sys_sendmsg+0x19a/0x220 [ 438.206597][T11797] __x64_sys_openat+0x175/0x210 [ 438.206624][T11797] ? __pfx___x64_sys_openat+0x10/0x10 [ 438.206665][T11797] do_syscall_64+0xcd/0x250 [ 438.206708][T11797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.206744][T11797] RIP: 0033:0x7f2aa5d8cde9 [ 438.206765][T11797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 438.206789][T11797] RSP: 002b:00007f2aa6cb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 438.206814][T11797] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa0 RCX: 00007f2aa5d8cde9 [ 438.206831][T11797] RDX: 0000000000008000 RSI: 00004000000000c0 RDI: ffffffffffffff9c [ 438.206847][T11797] RBP: 00007f2aa5e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 438.206863][T11797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.206878][T11797] R13: 0000000000000000 R14: 00007f2aa5fa5fa0 R15: 00007ffc0abb6238 [ 438.206911][T11797] [ 438.507424][T11798] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 438.608644][T11800] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 439.283492][T11805] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 439.310042][T11807] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 439.395104][T11813] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 439.461513][T11814] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 439.533429][T11811] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1664'. [ 439.565479][T11816] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 439.590852][T11806] ima: policy update failed [ 439.598829][ T29] audit: type=1802 audit(4294967468.860:10): pid=11806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1664" res=0 errno=0 [ 439.740797][T11819] ptrace attach of "./syz-executor exec"[8667] was attempted by "./syz-executor exec"[11819] [ 440.272501][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.278978][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.924237][T11833] FAULT_INJECTION: forcing a failure. [ 440.924237][T11833] name failslab, interval 1, probability 0, space 0, times 0 [ 441.017612][T11833] CPU: 0 UID: 0 PID: 11833 Comm: syz.2.1672 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 441.017648][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 441.017663][T11833] Call Trace: [ 441.017670][T11833] [ 441.017680][T11833] dump_stack_lvl+0x16c/0x1f0 [ 441.017716][T11833] should_fail_ex+0x50a/0x650 [ 441.017753][T11833] ? fs_reclaim_acquire+0xae/0x150 [ 441.017786][T11833] should_failslab+0xc2/0x120 [ 441.017808][T11833] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 441.017843][T11833] ? getname_flags.part.0+0x4c/0x550 [ 441.017880][T11833] getname_flags.part.0+0x4c/0x550 [ 441.017912][T11833] getname+0x8d/0xe0 [ 441.017940][T11833] do_sys_openat2+0x104/0x1e0 [ 441.017964][T11833] ? __pfx_do_sys_openat2+0x10/0x10 [ 441.018002][T11833] __x64_sys_open+0x154/0x1e0 [ 441.018028][T11833] ? __pfx___x64_sys_open+0x10/0x10 [ 441.018064][T11833] do_syscall_64+0xcd/0x250 [ 441.018095][T11833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.018126][T11833] RIP: 0033:0x7feb7638cde9 [ 441.018146][T11833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 441.018170][T11833] RSP: 002b:00007feb741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 441.018195][T11833] RAX: ffffffffffffffda RBX: 00007feb765a5fa0 RCX: 00007feb7638cde9 [ 441.018211][T11833] RDX: 0000000000000054 RSI: 0000000000004000 RDI: 0000000000000000 [ 441.018226][T11833] RBP: 00007feb7640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 441.018241][T11833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 441.018255][T11833] R13: 0000000000000000 R14: 00007feb765a5fa0 R15: 00007ffe1a8d5708 [ 441.018286][T11833] [ 441.213571][T11847] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1678'. [ 441.236404][T11846] ima: policy update failed [ 441.295685][ T29] audit: type=1802 audit(4294967470.540:11): pid=11846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1678" res=0 errno=0 [ 442.737283][T11873] FAULT_INJECTION: forcing a failure. [ 442.737283][T11873] name fail_futex, interval 1, probability 0, space 0, times 0 [ 442.834300][T11873] CPU: 1 UID: 0 PID: 11873 Comm: syz.2.1689 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 442.834338][T11873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 442.834353][T11873] Call Trace: [ 442.834360][T11873] [ 442.834370][T11873] dump_stack_lvl+0x16c/0x1f0 [ 442.834406][T11873] should_fail_ex+0x50a/0x650 [ 442.834450][T11873] get_futex_key+0x4a3/0x1000 [ 442.834484][T11873] ? __pfx_get_futex_key+0x10/0x10 [ 442.834517][T11873] ? find_held_lock+0x2d/0x110 [ 442.834548][T11873] futex_wait_setup+0x78/0x290 [ 442.834591][T11873] __futex_wait+0x267/0x3c0 [ 442.834627][T11873] ? __pfx___futex_wait+0x10/0x10 [ 442.834662][T11873] ? try_to_wake_up+0x158/0x1490 [ 442.834699][T11873] ? __pfx_futex_wake_mark+0x10/0x10 [ 442.834751][T11873] futex_wait+0xe9/0x380 [ 442.834785][T11873] ? __pfx_futex_wait+0x10/0x10 [ 442.834825][T11873] ? kmem_cache_free+0x2e2/0x4d0 [ 442.834860][T11873] ? putname+0x13c/0x180 [ 442.834889][T11873] do_futex+0x22b/0x350 [ 442.834918][T11873] ? __pfx_do_futex+0x10/0x10 [ 442.834956][T11873] __x64_sys_futex+0x1e1/0x4c0 [ 442.834987][T11873] ? __x64_sys_openat+0x175/0x210 [ 442.835014][T11873] ? __pfx___x64_sys_futex+0x10/0x10 [ 442.835062][T11873] do_syscall_64+0xcd/0x250 [ 442.835096][T11873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.835130][T11873] RIP: 0033:0x7feb7638cde9 [ 442.835151][T11873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.835182][T11873] RSP: 002b:00007feb741f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 442.835207][T11873] RAX: ffffffffffffffda RBX: 00007feb765a5fa8 RCX: 00007feb7638cde9 [ 442.835224][T11873] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007feb765a5fa8 [ 442.835240][T11873] RBP: 00007feb765a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 442.835255][T11873] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feb765a5fac [ 442.835272][T11873] R13: 0000000000000000 R14: 00007ffe1a8d5620 R15: 00007ffe1a8d5708 [ 442.835303][T11873] [ 443.980358][T11894] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[11894] [ 446.550505][T11937] FAULT_INJECTION: forcing a failure. [ 446.550505][T11937] name fail_futex, interval 1, probability 0, space 0, times 0 [ 446.622824][T11937] CPU: 1 UID: 0 PID: 11937 Comm: syz.3.1715 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 446.622860][T11937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 446.622876][T11937] Call Trace: [ 446.622883][T11937] [ 446.622894][T11937] dump_stack_lvl+0x16c/0x1f0 [ 446.622931][T11937] should_fail_ex+0x50a/0x650 [ 446.622986][T11937] get_futex_key+0x4a3/0x1000 [ 446.623015][T11937] ? __pfx_lock_release+0x10/0x10 [ 446.623052][T11937] ? __pfx_get_futex_key+0x10/0x10 [ 446.623078][T11937] ? dl_scaled_delta_exec+0xdd/0x2e0 [ 446.623107][T11937] ? find_held_lock+0x2d/0x110 [ 446.623136][T11937] futex_wait_setup+0x78/0x290 [ 446.623175][T11937] __futex_wait+0x267/0x3c0 [ 446.623205][T11937] ? __pfx___futex_wait+0x10/0x10 [ 446.623234][T11937] ? try_to_wake_up+0x158/0x1490 [ 446.623264][T11937] ? __pfx_futex_wake_mark+0x10/0x10 [ 446.623303][T11937] futex_wait+0xe9/0x380 [ 446.623331][T11937] ? __pfx_futex_wait+0x10/0x10 [ 446.623373][T11937] do_futex+0x22b/0x350 [ 446.623398][T11937] ? __pfx_do_futex+0x10/0x10 [ 446.623421][T11937] ? __pfx_lock_release+0x10/0x10 [ 446.623447][T11937] ? trace_lock_acquire+0x14e/0x1f0 [ 446.623475][T11937] __x64_sys_futex+0x1e1/0x4c0 [ 446.623503][T11937] ? __pfx___x64_sys_futex+0x10/0x10 [ 446.623537][T11937] do_syscall_64+0xcd/0x250 [ 446.623565][T11937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.623593][T11937] RIP: 0033:0x7f2aa5d8cde9 [ 446.623610][T11937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.623630][T11937] RSP: 002b:00007f2aa6cb10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 446.623652][T11937] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa8 RCX: 00007f2aa5d8cde9 [ 446.623666][T11937] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2aa5fa5fa8 [ 446.623678][T11937] RBP: 00007f2aa5fa5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 446.623691][T11937] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2aa5fa5fac [ 446.623705][T11937] R13: 0000000000000000 R14: 00007ffc0abb6150 R15: 00007ffc0abb6238 [ 446.623737][T11937] [ 447.660606][T11967] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1728'. [ 447.690671][T11967] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1728'. [ 447.981702][T11974] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1732'. [ 448.039703][T11972] ima: policy update failed [ 448.044413][ T29] audit: type=1802 audit(4294967477.310:12): pid=11972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1732" res=0 errno=0 [ 448.653823][T11987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1737'. [ 448.695231][T11987] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1737'. [ 448.952572][T11989] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 449.008874][T11992] ptrace attach of "./syz-executor exec"[5842] was attempted by "./syz-executor exec"[11992] [ 449.479436][T11999] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1743'. [ 450.287171][T12014] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 450.762679][T12029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1755'. [ 450.773140][T12028] ima: policy update failed [ 450.814376][ T29] audit: type=1802 audit(4294967480.040:13): pid=12028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1755" res=0 errno=0 [ 451.232940][ T54] Bluetooth: hci2: unexpected event 0x0f length: 11 > 4 [ 451.233521][ T54] Bluetooth: hci2: unexpected event for opcode 0x0004 [ 451.480413][T12041] ptrace attach of "./syz-executor exec"[5848] was attempted by "./syz-executor exec"[12041] [ 453.100213][T12080] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 453.402541][T12083] FAULT_INJECTION: forcing a failure. [ 453.402541][T12083] name fail_futex, interval 1, probability 0, space 0, times 0 [ 453.518888][T12083] CPU: 0 UID: 0 PID: 12083 Comm: syz.3.1778 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 453.518925][T12083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 453.518942][T12083] Call Trace: [ 453.518949][T12083] [ 453.518961][T12083] dump_stack_lvl+0x16c/0x1f0 [ 453.518996][T12083] should_fail_ex+0x50a/0x650 [ 453.519032][T12083] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 453.519066][T12083] get_futex_key+0x4a3/0x1000 [ 453.519098][T12083] ? __kernel_text_address+0xd/0x40 [ 453.519134][T12083] ? unwind_get_return_address+0x59/0xa0 [ 453.519172][T12083] ? arch_stack_walk+0xa7/0x100 [ 453.519196][T12083] ? __pfx_get_futex_key+0x10/0x10 [ 453.519236][T12083] futex_wait_setup+0x78/0x290 [ 453.519278][T12083] __futex_wait+0x267/0x3c0 [ 453.519315][T12083] ? __pfx___futex_wait+0x10/0x10 [ 453.519359][T12083] ? __pfx_futex_wake_mark+0x10/0x10 [ 453.519407][T12083] futex_wait+0xe9/0x380 [ 453.519443][T12083] ? __pfx_futex_wait+0x10/0x10 [ 453.519488][T12083] ? kasan_quarantine_put+0x10a/0x240 [ 453.519521][T12083] ? lockdep_hardirqs_on+0x7c/0x110 [ 453.519554][T12083] do_futex+0x22b/0x350 [ 453.519585][T12083] ? __pfx_do_futex+0x10/0x10 [ 453.519623][T12083] __x64_sys_futex+0x1e1/0x4c0 [ 453.519657][T12083] ? __pfx___x64_sys_futex+0x10/0x10 [ 453.519688][T12083] ? getname_flags.part.0+0x1c5/0x550 [ 453.519731][T12083] do_syscall_64+0xcd/0x250 [ 453.519765][T12083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.519799][T12083] RIP: 0033:0x7f2aa5d8cde9 [ 453.519819][T12083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.519843][T12083] RSP: 002b:00007f2aa6cb10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 453.519868][T12083] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa8 RCX: 00007f2aa5d8cde9 [ 453.519886][T12083] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2aa5fa5fa8 [ 453.519901][T12083] RBP: 00007f2aa5fa5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 453.519917][T12083] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2aa5fa5fac [ 453.519932][T12083] R13: 0000000000000000 R14: 00007ffc0abb6150 R15: 00007ffc0abb6238 [ 453.519963][T12083] [ 454.525447][T12105] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1784'. [ 454.813287][T12111] ptrace attach of "./syz-executor exec"[8667] was attempted by "./syz-executor exec"[12111] [ 454.946354][ T54] Bluetooth: hci1: unexpected event 0x0f length: 11 > 4 [ 454.947686][ T54] Bluetooth: hci1: unexpected event for opcode 0x0004 [ 455.136162][T12120] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 455.319176][ T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 455.328827][ T54] Bluetooth: hci2: Injecting HCI hardware error event [ 455.339153][ T5852] Bluetooth: hci2: hardware error 0x00 [ 455.689294][T12131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1796'. [ 456.896390][T12165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1809'. [ 457.285052][T12174] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1813'. [ 457.308987][T12174] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1813'. [ 457.389126][ T5852] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 457.541324][T12181] FAULT_INJECTION: forcing a failure. [ 457.541324][T12181] name fail_futex, interval 1, probability 0, space 0, times 0 [ 457.608222][T12181] CPU: 1 UID: 0 PID: 12181 Comm: syz.3.1816 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 457.608258][T12181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 457.608271][T12181] Call Trace: [ 457.608277][T12181] [ 457.608287][T12181] dump_stack_lvl+0x16c/0x1f0 [ 457.608335][T12181] should_fail_ex+0x50a/0x650 [ 457.608376][T12181] get_futex_key+0x4a3/0x1000 [ 457.608408][T12181] ? __pfx_get_futex_key+0x10/0x10 [ 457.608435][T12181] ? stack_trace_save+0x95/0xd0 [ 457.608462][T12181] ? __pfx_stack_trace_save+0x10/0x10 [ 457.608488][T12181] ? mntput+0x6b/0x90 [ 457.608516][T12181] ? stack_depot_save_flags+0x28/0x9c0 [ 457.608560][T12181] futex_wait_setup+0x78/0x290 [ 457.608592][T12181] ? kasan_save_free_info+0x3b/0x60 [ 457.608624][T12181] ? __x64_sys_openat+0x175/0x210 [ 457.608654][T12181] __futex_wait+0x267/0x3c0 [ 457.608692][T12181] ? __pfx___futex_wait+0x10/0x10 [ 457.608728][T12181] ? __pfx_futex_wake_mark+0x10/0x10 [ 457.608771][T12181] futex_wait+0xe9/0x380 [ 457.608802][T12181] ? __pfx_futex_wait+0x10/0x10 [ 457.608840][T12181] ? kmem_cache_free+0x2e2/0x4d0 [ 457.608873][T12181] ? putname+0x13c/0x180 [ 457.608900][T12181] do_futex+0x22b/0x350 [ 457.608924][T12181] ? __pfx_do_futex+0x10/0x10 [ 457.608958][T12181] __x64_sys_futex+0x1e1/0x4c0 [ 457.608987][T12181] ? __x64_sys_openat+0x175/0x210 [ 457.609018][T12181] ? __pfx___x64_sys_futex+0x10/0x10 [ 457.609062][T12181] do_syscall_64+0xcd/0x250 [ 457.609094][T12181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.609126][T12181] RIP: 0033:0x7f2aa5d8cde9 [ 457.609145][T12181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.609168][T12181] RSP: 002b:00007f2aa6cb10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 457.609191][T12181] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa8 RCX: 00007f2aa5d8cde9 [ 457.609208][T12181] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2aa5fa5fa8 [ 457.609224][T12181] RBP: 00007f2aa5fa5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 457.609239][T12181] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2aa5fa5fac [ 457.609254][T12181] R13: 0000000000000000 R14: 00007ffc0abb6150 R15: 00007ffc0abb6238 [ 457.609319][T12181] [ 458.581450][T12195] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1823'. [ 458.620458][T12200] netlink: 'syz.2.1822': attribute type 10 has an invalid length. [ 458.628343][T12200] netlink: 230 bytes leftover after parsing attributes in process `syz.2.1822'. [ 458.773485][T12200] bond0: (slave bond_slave_1): Releasing backup interface [ 458.833735][T12200] syz.2.1822 (12200) used greatest stack depth: 21472 bytes left [ 458.967693][T12205] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[12205] [ 458.988893][ T5852] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 459.001240][ T5852] Bluetooth: hci1: Injecting HCI hardware error event [ 459.011458][ T5852] Bluetooth: hci1: hardware error 0x00 [ 459.533779][T12211] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 459.804678][ T29] audit: type=1800 audit(4294967489.070:14): pid=12222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=30303036303030300A name="features" dev="configfs" ino=45033 res=0 errno=0 [ 459.967873][T12226] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1836'. [ 459.978073][T12226] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1836'. [ 460.000026][T12225] ima: policy update failed [ 460.005049][ T29] audit: type=1802 audit(4294967489.270:15): pid=12225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1836" res=0 errno=0 [ 460.302325][T12241] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1840'. [ 460.710470][T12251] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 460.918962][T12261] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1849'. [ 460.939964][T12261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1849'. [ 460.960339][T12260] ima: policy update failed [ 460.965018][ T29] audit: type=1802 audit(4294967490.230:16): pid=12260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1849" res=0 errno=0 [ 460.993745][T12258] FAULT_INJECTION: forcing a failure. [ 460.993745][T12258] name failslab, interval 1, probability 0, space 0, times 0 [ 461.013807][T12258] CPU: 1 UID: 0 PID: 12258 Comm: syz.4.1848 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 461.013844][T12258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 461.013860][T12258] Call Trace: [ 461.013868][T12258] [ 461.013878][T12258] dump_stack_lvl+0x16c/0x1f0 [ 461.013915][T12258] should_fail_ex+0x50a/0x650 [ 461.013953][T12258] ? fs_reclaim_acquire+0xae/0x150 [ 461.013990][T12258] should_failslab+0xc2/0x120 [ 461.014015][T12258] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 461.014053][T12258] ? getname_flags.part.0+0x4c/0x550 [ 461.014085][T12258] getname_flags.part.0+0x4c/0x550 [ 461.014116][T12258] getname+0x8d/0xe0 [ 461.014145][T12258] do_sys_openat2+0x104/0x1e0 [ 461.014171][T12258] ? __pfx_do_sys_openat2+0x10/0x10 [ 461.014217][T12258] __x64_sys_open+0x154/0x1e0 [ 461.014243][T12258] ? __pfx___x64_sys_open+0x10/0x10 [ 461.014282][T12258] do_syscall_64+0xcd/0x250 [ 461.014313][T12258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.014346][T12258] RIP: 0033:0x7f495c18cde9 [ 461.014366][T12258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.014391][T12258] RSP: 002b:00007f495cfdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 461.014414][T12258] RAX: ffffffffffffffda RBX: 00007f495c3a5fa0 RCX: 00007f495c18cde9 [ 461.014431][T12258] RDX: 0000000000000054 RSI: 0000000000004000 RDI: 0000000000000000 [ 461.014446][T12258] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 461.014462][T12258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.014478][T12258] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 461.014510][T12258] [ 461.072061][ T5852] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 462.025385][T12295] FAULT_INJECTION: forcing a failure. [ 462.025385][T12295] name fail_futex, interval 1, probability 0, space 0, times 0 [ 462.068972][T12295] CPU: 0 UID: 0 PID: 12295 Comm: syz.3.1861 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 462.069012][T12295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 462.069026][T12295] Call Trace: [ 462.069034][T12295] [ 462.069044][T12295] dump_stack_lvl+0x16c/0x1f0 [ 462.069081][T12295] should_fail_ex+0x50a/0x650 [ 462.069124][T12295] get_futex_key+0x4a3/0x1000 [ 462.069157][T12295] ? __pfx_get_futex_key+0x10/0x10 [ 462.069195][T12295] futex_wake+0xe8/0x4e0 [ 462.069224][T12295] ? kasan_quarantine_put+0x10a/0x240 [ 462.069259][T12295] ? __pfx_futex_wake+0x10/0x10 [ 462.069293][T12295] ? kmem_cache_free+0x2e2/0x4d0 [ 462.069340][T12295] do_futex+0x1e5/0x350 [ 462.069368][T12295] ? __pfx_do_futex+0x10/0x10 [ 462.069396][T12295] ? __pfx_do_sys_openat2+0x10/0x10 [ 462.069429][T12295] __x64_sys_futex+0x1e1/0x4c0 [ 462.069463][T12295] ? __pfx___x64_sys_futex+0x10/0x10 [ 462.069493][T12295] ? rcu_is_watching+0x12/0xc0 [ 462.069525][T12295] do_syscall_64+0xcd/0x250 [ 462.069556][T12295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 462.069588][T12295] RIP: 0033:0x7f2aa5d8cde9 [ 462.069607][T12295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 462.069629][T12295] RSP: 002b:00007f2aa6cb10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 462.069654][T12295] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa8 RCX: 00007f2aa5d8cde9 [ 462.069670][T12295] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2aa5fa5fac [ 462.069684][T12295] RBP: 00007f2aa5fa5fa0 R08: 00007f2aa6cb2000 R09: 0000000000000000 [ 462.069698][T12295] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f2aa5fa5fac [ 462.069713][T12295] R13: 0000000000000000 R14: 00007ffc0abb6150 R15: 00007ffc0abb6238 [ 462.069743][T12295] [ 462.258767][ C0] vkms_vblank_simulate: vblank timer overrun [ 462.306955][T12305] program syz.0.1865 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 462.450205][T12313] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1867'. [ 463.435516][T12345] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 463.527047][T12341] FAULT_INJECTION: forcing a failure. [ 463.527047][T12341] name failslab, interval 1, probability 0, space 0, times 0 [ 463.545366][T12341] CPU: 0 UID: 0 PID: 12341 Comm: syz.3.1879 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 463.545402][T12341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 463.545417][T12341] Call Trace: [ 463.545425][T12341] [ 463.545436][T12341] dump_stack_lvl+0x16c/0x1f0 [ 463.545469][T12341] should_fail_ex+0x50a/0x650 [ 463.545504][T12341] ? fs_reclaim_acquire+0xae/0x150 [ 463.545535][T12341] should_failslab+0xc2/0x120 [ 463.545558][T12341] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 463.545595][T12341] ? security_file_alloc+0x34/0x2b0 [ 463.545631][T12341] security_file_alloc+0x34/0x2b0 [ 463.545679][T12341] init_file+0x93/0x4c0 [ 463.545704][T12341] alloc_empty_file+0x91/0x1e0 [ 463.545732][T12341] path_openat+0xe1/0x2d80 [ 463.545765][T12341] ? hlock_class+0x4e/0x130 [ 463.545790][T12341] ? __lock_acquire+0x15a9/0x3c40 [ 463.545833][T12341] ? __pfx_path_openat+0x10/0x10 [ 463.545868][T12341] ? __pfx___lock_acquire+0x10/0x10 [ 463.545897][T12341] ? lock_acquire.part.0+0x11b/0x380 [ 463.545929][T12341] ? find_held_lock+0x2d/0x110 [ 463.545958][T12341] do_filp_open+0x20c/0x470 [ 463.545991][T12341] ? __pfx_do_filp_open+0x10/0x10 [ 463.546020][T12341] ? find_held_lock+0x2d/0x110 [ 463.546062][T12341] ? _raw_spin_unlock+0x28/0x50 [ 463.546086][T12341] ? alloc_fd+0x41f/0x760 [ 463.546138][T12341] do_sys_openat2+0x17a/0x1e0 [ 463.546164][T12341] ? __pfx_do_sys_openat2+0x10/0x10 [ 463.546200][T12341] __x64_sys_open+0x154/0x1e0 [ 463.546226][T12341] ? __pfx___x64_sys_open+0x10/0x10 [ 463.546262][T12341] do_syscall_64+0xcd/0x250 [ 463.546291][T12341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.546321][T12341] RIP: 0033:0x7f2aa5d8cde9 [ 463.546339][T12341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.546360][T12341] RSP: 002b:00007f2aa6cb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 463.546382][T12341] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa0 RCX: 00007f2aa5d8cde9 [ 463.546401][T12341] RDX: e1d2b27bdc14abfd RSI: 0000000000004242 RDI: 0000400000000000 [ 463.546416][T12341] RBP: 00007f2aa5e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 463.546432][T12341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.546445][T12341] R13: 0000000000000000 R14: 00007f2aa5fa5fa0 R15: 00007ffc0abb6238 [ 463.546474][T12341] [ 463.782703][ C0] vkms_vblank_simulate: vblank timer overrun [ 465.290851][T12406] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1907'. [ 465.379045][T12404] bond0: option lp_interval: invalid value () [ 465.422582][T12404] bond0: option lp_interval: allowed values 1 - 2147483647 [ 465.695194][T12422] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1913'. [ 465.726064][T12422] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1913'. [ 465.792864][T12427] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1916'. [ 465.984499][T12426] FAULT_INJECTION: forcing a failure. [ 465.984499][T12426] name failslab, interval 1, probability 0, space 0, times 0 [ 466.013022][T12426] CPU: 0 UID: 0 PID: 12426 Comm: syz.2.1915 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 466.013061][T12426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 466.013077][T12426] Call Trace: [ 466.013084][T12426] [ 466.013095][T12426] dump_stack_lvl+0x16c/0x1f0 [ 466.013133][T12426] should_fail_ex+0x50a/0x650 [ 466.013169][T12426] ? fs_reclaim_acquire+0xae/0x150 [ 466.013203][T12426] ? tomoyo_supervisor+0x46c/0x1380 [ 466.013250][T12426] should_failslab+0xc2/0x120 [ 466.013274][T12426] __kmalloc_noprof+0xcb/0x510 [ 466.013309][T12426] ? tomoyo_profile+0x47/0x60 [ 466.013361][T12426] tomoyo_supervisor+0x46c/0x1380 [ 466.013404][T12426] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 466.013490][T12426] ? mark_held_locks+0x9f/0xe0 [ 466.013529][T12426] ? lockdep_hardirqs_on+0x7c/0x110 [ 466.013561][T12426] ? kfree+0x2c4/0x4d0 [ 466.013591][T12426] ? tomoyo_realpath_from_path+0x1ad/0x720 [ 466.013625][T12426] ? tomoyo_check_acl+0x1f7/0x410 [ 466.013656][T12426] tomoyo_path_permission+0x270/0x3b0 [ 466.013688][T12426] tomoyo_check_open_permission+0x37d/0x3c0 [ 466.013717][T12426] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 466.013782][T12426] ? __pfx_hook_file_open+0x10/0x10 [ 466.013812][T12426] ? lock_acquire+0x2f/0xb0 [ 466.013842][T12426] ? mnt_get_write_access+0x6a/0x300 [ 466.013873][T12426] tomoyo_file_open+0x6b/0x90 [ 466.013910][T12426] security_file_open+0x84/0x1e0 [ 466.013942][T12426] do_dentry_open+0x57c/0x1c40 [ 466.013981][T12426] ? inode_permission+0xdd/0x5f0 [ 466.014010][T12426] vfs_open+0x82/0x3f0 [ 466.014044][T12426] ? may_open+0x1f2/0x400 [ 466.014075][T12426] path_openat+0x1e88/0x2d80 [ 466.014124][T12426] ? __pfx_path_openat+0x10/0x10 [ 466.014160][T12426] ? __pfx___lock_acquire+0x10/0x10 [ 466.014193][T12426] ? lock_acquire.part.0+0x11b/0x380 [ 466.014227][T12426] ? find_held_lock+0x2d/0x110 [ 466.014257][T12426] do_filp_open+0x20c/0x470 [ 466.014290][T12426] ? __pfx_do_filp_open+0x10/0x10 [ 466.014322][T12426] ? find_held_lock+0x2d/0x110 [ 466.014376][T12426] ? _raw_spin_unlock+0x28/0x50 [ 466.014400][T12426] ? alloc_fd+0x41f/0x760 [ 466.014454][T12426] do_sys_openat2+0x17a/0x1e0 [ 466.014481][T12426] ? __pfx_do_sys_openat2+0x10/0x10 [ 466.014523][T12426] __x64_sys_open+0x154/0x1e0 [ 466.014551][T12426] ? __pfx___x64_sys_open+0x10/0x10 [ 466.014591][T12426] do_syscall_64+0xcd/0x250 [ 466.014624][T12426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.014657][T12426] RIP: 0033:0x7feb7638cde9 [ 466.014678][T12426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.014703][T12426] RSP: 002b:00007feb741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 466.014726][T12426] RAX: ffffffffffffffda RBX: 00007feb765a5fa0 RCX: 00007feb7638cde9 [ 466.014747][T12426] RDX: e1d2b27bdc14abfd RSI: 0000000000004242 RDI: 0000400000000000 [ 466.014763][T12426] RBP: 00007feb7640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 466.014778][T12426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.014792][T12426] R13: 0000000000000000 R14: 00007feb765a5fa0 R15: 00007ffe1a8d5708 [ 466.014829][T12426] [ 466.329536][ C0] vkms_vblank_simulate: vblank timer overrun [ 466.466424][T12420] ima: policy update failed [ 466.477920][ T29] audit: type=1802 audit(4294967495.750:17): pid=12420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1913" res=0 errno=0 [ 466.614685][T12438] program syz.4.1920 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 467.084308][T12457] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1929'. [ 467.111304][T12454] FAULT_INJECTION: forcing a failure. [ 467.111304][T12454] name failslab, interval 1, probability 0, space 0, times 0 [ 467.149645][T12454] CPU: 0 UID: 0 PID: 12454 Comm: syz.0.1927 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 467.149682][T12454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 467.149696][T12454] Call Trace: [ 467.149704][T12454] [ 467.149714][T12454] dump_stack_lvl+0x16c/0x1f0 [ 467.149750][T12454] should_fail_ex+0x50a/0x650 [ 467.149788][T12454] ? fs_reclaim_acquire+0xae/0x150 [ 467.149825][T12454] should_failslab+0xc2/0x120 [ 467.149849][T12454] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 467.149884][T12454] ? down_write+0x14e/0x200 [ 467.149915][T12454] ? vm_area_dup+0x53/0x2f0 [ 467.149957][T12454] vm_area_dup+0x53/0x2f0 [ 467.149991][T12454] copy_process+0x776f/0x8c50 [ 467.150043][T12454] ? __pfx_copy_process+0x10/0x10 [ 467.150066][T12454] ? __might_fault+0x13b/0x190 [ 467.150091][T12454] ? __pfx_lock_release+0x10/0x10 [ 467.150131][T12454] ? __might_fault+0xe3/0x190 [ 467.150155][T12454] ? __might_fault+0xe3/0x190 [ 467.150186][T12454] ? _copy_from_user+0x59/0xd0 [ 467.150216][T12454] kernel_clone+0xfd/0x960 [ 467.150242][T12454] ? __pfx_kernel_clone+0x10/0x10 [ 467.150271][T12454] ? __pfx_futex_wait+0x10/0x10 [ 467.150316][T12454] __do_sys_clone3+0x214/0x290 [ 467.150340][T12454] ? __pfx___do_sys_clone3+0x10/0x10 [ 467.150380][T12454] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 467.150446][T12454] do_syscall_64+0xcd/0x250 [ 467.150478][T12454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.150509][T12454] RIP: 0033:0x7f1321f8cde9 [ 467.150537][T12454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.150562][T12454] RSP: 002b:00007f1322d6ff08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 467.150586][T12454] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f1321f8cde9 [ 467.150602][T12454] RDX: 00007f1322d6ff20 RSI: 0000000000000058 RDI: 00007f1322d6ff20 [ 467.150618][T12454] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000058 [ 467.150634][T12454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 467.150649][T12454] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 467.150684][T12454] [ 467.866162][T12476] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 467.955138][T12485] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1939'. [ 468.346013][T12491] FAULT_INJECTION: forcing a failure. [ 468.346013][T12491] name failslab, interval 1, probability 0, space 0, times 0 [ 468.361234][T12491] CPU: 1 UID: 0 PID: 12491 Comm: syz.4.1942 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 468.361269][T12491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 468.361284][T12491] Call Trace: [ 468.361291][T12491] [ 468.361300][T12491] dump_stack_lvl+0x16c/0x1f0 [ 468.361338][T12491] should_fail_ex+0x50a/0x650 [ 468.361374][T12491] ? fs_reclaim_acquire+0xae/0x150 [ 468.361418][T12491] should_failslab+0xc2/0x120 [ 468.361442][T12491] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 468.361481][T12491] ? getname_flags.part.0+0x4c/0x550 [ 468.361516][T12491] getname_flags.part.0+0x4c/0x550 [ 468.361548][T12491] getname+0x8d/0xe0 [ 468.361578][T12491] do_sys_openat2+0x104/0x1e0 [ 468.361603][T12491] ? __pfx_do_sys_openat2+0x10/0x10 [ 468.361641][T12491] __x64_sys_open+0x154/0x1e0 [ 468.361666][T12491] ? __pfx___x64_sys_open+0x10/0x10 [ 468.361704][T12491] do_syscall_64+0xcd/0x250 [ 468.361737][T12491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.361769][T12491] RIP: 0033:0x7f495c18cde9 [ 468.361788][T12491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.361811][T12491] RSP: 002b:00007f495cfdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 468.361834][T12491] RAX: ffffffffffffffda RBX: 00007f495c3a5fa0 RCX: 00007f495c18cde9 [ 468.361850][T12491] RDX: e1d2b27bdc14abfd RSI: 0000000000004242 RDI: 0000400000000000 [ 468.361867][T12491] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 468.361882][T12491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 468.361896][T12491] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 468.361929][T12491] [ 469.371495][T12538] misc userio: No port type given on /dev/userio [ 469.462303][T12543] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1962'. [ 469.531055][T12547] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1964'. [ 470.473750][T12596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1987'. [ 470.541472][T12600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1987'. [ 470.934893][T12621] FAULT_INJECTION: forcing a failure. [ 470.934893][T12621] name failslab, interval 1, probability 0, space 0, times 0 [ 470.948656][T12621] CPU: 0 UID: 0 PID: 12621 Comm: syz.0.1998 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 470.948692][T12621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 470.948706][T12621] Call Trace: [ 470.948713][T12621] [ 470.948723][T12621] dump_stack_lvl+0x16c/0x1f0 [ 470.948759][T12621] should_fail_ex+0x50a/0x650 [ 470.948795][T12621] ? fs_reclaim_acquire+0xae/0x150 [ 470.948828][T12621] ? ima_alloc_init_template+0xb8/0x720 [ 470.948864][T12621] should_failslab+0xc2/0x120 [ 470.948886][T12621] __kmalloc_noprof+0xcb/0x510 [ 470.948928][T12621] ima_alloc_init_template+0xb8/0x720 [ 470.948963][T12621] ? d_absolute_path+0x137/0x1b0 [ 470.948986][T12621] ? __pfx_d_absolute_path+0x10/0x10 [ 470.949012][T12621] ima_store_measurement+0x1ea/0x5c0 [ 470.949054][T12621] ? __pfx_ima_store_measurement+0x10/0x10 [ 470.949098][T12621] ? ima_d_path+0x12c/0x2a0 [ 470.949141][T12621] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 470.949183][T12621] process_measurement+0x1bcb/0x2370 [ 470.949228][T12621] ? __pfx_process_measurement+0x10/0x10 [ 470.949272][T12621] ? mark_held_locks+0x9f/0xe0 [ 470.949307][T12621] ? kasan_quarantine_put+0x10a/0x240 [ 470.949362][T12621] ? find_held_lock+0x2d/0x110 [ 470.949392][T12621] ? tomoyo_bprm_check_security+0x168/0x1d0 [ 470.949428][T12621] ima_bprm_check+0xe8/0x210 [ 470.949458][T12621] ? __pfx_ima_bprm_check+0x10/0x10 [ 470.949493][T12621] security_bprm_check+0xa5/0x1e0 [ 470.949514][T12621] bprm_execve+0x832/0x16d0 [ 470.949547][T12621] ? __pfx_bprm_execve+0x10/0x10 [ 470.949576][T12621] ? copy_string_kernel+0x210/0x250 [ 470.949607][T12621] do_execveat_common.isra.0+0x4a2/0x610 [ 470.949640][T12621] __x64_sys_execve+0x8c/0xb0 [ 470.949669][T12621] do_syscall_64+0xcd/0x250 [ 470.949696][T12621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.949725][T12621] RIP: 0033:0x7f1321f8cde9 [ 470.949742][T12621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 470.949762][T12621] RSP: 002b:00007f1322d70038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 470.949783][T12621] RAX: ffffffffffffffda RBX: 00007f13221a5fa0 RCX: 00007f1321f8cde9 [ 470.949796][T12621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000000 [ 470.949808][T12621] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 470.949821][T12621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 470.949833][T12621] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 470.949860][T12621] [ 471.225430][ T29] audit: type=1804 audit(4294967500.490:18): pid=12621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.1998" name="/newroot/514/:," dev="tmpfs" ino=2755 res=0 errno=0 [ 471.247305][T12593] ima: policy update failed [ 471.308823][ T29] audit: type=1802 audit(4294967500.520:19): pid=12593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1987" res=0 errno=0 [ 471.312076][T12625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1999'. [ 471.404694][T12627] openvswitch: netlink: Tunnel attr 262 out of range max 16 [ 471.903474][T12650] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2010'. [ 471.977774][T12655] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2011'. [ 472.003414][T12655] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2011'. [ 472.667610][T12682] program syz.3.2025 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 472.731639][T12684] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2026'. [ 472.749231][T12651] ima: policy update failed [ 472.772311][ T29] audit: type=1802 audit(4294967502.030:20): pid=12651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2011" res=0 errno=0 [ 472.810409][T12689] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2026'. [ 472.900813][T12694] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2029'. [ 473.389085][T12716] FAULT_INJECTION: forcing a failure. [ 473.389085][T12716] name failslab, interval 1, probability 0, space 0, times 0 [ 473.409610][T12716] CPU: 0 UID: 0 PID: 12716 Comm: syz.3.2039 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 473.409647][T12716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 473.409663][T12716] Call Trace: [ 473.409671][T12716] [ 473.409682][T12716] dump_stack_lvl+0x16c/0x1f0 [ 473.409720][T12716] should_fail_ex+0x50a/0x650 [ 473.409757][T12716] ? fs_reclaim_acquire+0xae/0x150 [ 473.409791][T12716] ? apply_wqattrs_prepare+0x130/0xbd0 [ 473.409827][T12716] should_failslab+0xc2/0x120 [ 473.409851][T12716] __kmalloc_cache_noprof+0x68/0x410 [ 473.409905][T12716] apply_wqattrs_prepare+0x130/0xbd0 [ 473.409943][T12716] ? __alloc_workqueue+0x87c/0x1810 [ 473.409982][T12716] apply_workqueue_attrs_locked+0x64/0xe0 [ 473.410020][T12716] __alloc_workqueue+0xf34/0x1810 [ 473.410053][T12716] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 473.410083][T12716] alloc_workqueue+0xd3/0x200 [ 473.410109][T12716] ? __pfx_alloc_workqueue+0x10/0x10 [ 473.410145][T12716] ? __pfx___debug_object_init+0x10/0x10 [ 473.410183][T12716] nci_register_device+0x514/0xb80 [ 473.410222][T12716] ? __pfx_nci_register_device+0x10/0x10 [ 473.410272][T12716] virtual_ncidev_open+0x141/0x220 [ 473.410308][T12716] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 473.410341][T12716] misc_open+0x35a/0x420 [ 473.410365][T12716] ? __pfx_misc_open+0x10/0x10 [ 473.410387][T12716] chrdev_open+0x237/0x6a0 [ 473.410422][T12716] ? __pfx_apparmor_file_open+0x10/0x10 [ 473.410451][T12716] ? __pfx_chrdev_open+0x10/0x10 [ 473.410490][T12716] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 473.410528][T12716] do_dentry_open+0x735/0x1c40 [ 473.410561][T12716] ? __pfx_chrdev_open+0x10/0x10 [ 473.410598][T12716] ? inode_permission+0xdd/0x5f0 [ 473.410627][T12716] vfs_open+0x82/0x3f0 [ 473.410650][T12716] ? may_open+0x1f2/0x400 [ 473.410679][T12716] path_openat+0x1e88/0x2d80 [ 473.410724][T12716] ? __pfx_path_openat+0x10/0x10 [ 473.410757][T12716] ? __pfx___lock_acquire+0x10/0x10 [ 473.410788][T12716] ? lock_acquire.part.0+0x11b/0x380 [ 473.410821][T12716] ? find_held_lock+0x2d/0x110 [ 473.410851][T12716] do_filp_open+0x20c/0x470 [ 473.410891][T12716] ? __pfx_do_filp_open+0x10/0x10 [ 473.410924][T12716] ? find_held_lock+0x2d/0x110 [ 473.410977][T12716] ? alloc_fd+0x41f/0x760 [ 473.411020][T12716] do_sys_openat2+0x17a/0x1e0 [ 473.411045][T12716] ? __pfx_do_sys_openat2+0x10/0x10 [ 473.411085][T12716] __x64_sys_openat+0x175/0x210 [ 473.411112][T12716] ? __pfx___x64_sys_openat+0x10/0x10 [ 473.411154][T12716] do_syscall_64+0xcd/0x250 [ 473.411186][T12716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.411220][T12716] RIP: 0033:0x7f2aa5d8cde9 [ 473.411241][T12716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 473.411265][T12716] RSP: 002b:00007f2aa6cb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 473.411289][T12716] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa0 RCX: 00007f2aa5d8cde9 [ 473.411306][T12716] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 473.411322][T12716] RBP: 00007f2aa5e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 473.411338][T12716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 473.411353][T12716] R13: 0000000000000000 R14: 00007f2aa5fa5fa0 R15: 00007ffc0abb6238 [ 473.411388][T12716] [ 473.824877][T12728] program syz.2.2043 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 473.827462][ T5852] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 473.834629][ T5852] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 473.850287][ T5852] Bluetooth: hci0: adv larger than maximum supported [ 473.850316][ T5852] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 473.857943][ T5852] Bluetooth: hci0: Unknown advertising packet type: 0x39 [ 473.865976][ T5852] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 473.873486][ T5852] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 473.881199][ T5852] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 473.888270][ T5852] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 473.965133][T12732] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2044'. [ 474.148897][T12739] sp0: Synchronizing with TNC [ 474.803989][T12767] netlink: 'syz.0.2060': attribute type 10 has an invalid length. [ 474.886382][T12763] FAULT_INJECTION: forcing a failure. [ 474.886382][T12763] name failslab, interval 1, probability 0, space 0, times 0 [ 474.905147][T12763] CPU: 1 UID: 0 PID: 12763 Comm: syz.2.2058 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 474.905183][T12763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 474.905198][T12763] Call Trace: [ 474.905205][T12763] [ 474.905215][T12763] dump_stack_lvl+0x16c/0x1f0 [ 474.905249][T12763] should_fail_ex+0x50a/0x650 [ 474.905283][T12763] ? fs_reclaim_acquire+0xae/0x150 [ 474.905316][T12763] ? tomoyo_realpath_from_path+0xb9/0x720 [ 474.905345][T12763] should_failslab+0xc2/0x120 [ 474.905367][T12763] __kmalloc_noprof+0xcb/0x510 [ 474.905402][T12763] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 474.905437][T12763] ? rcu_is_watching+0x12/0xc0 [ 474.905477][T12763] tomoyo_realpath_from_path+0xb9/0x720 [ 474.905519][T12763] tomoyo_check_open_permission+0x2ad/0x3c0 [ 474.905549][T12763] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 474.905588][T12763] ? __pfx___lock_acquire+0x10/0x10 [ 474.905634][T12763] ? __pfx_hook_file_open+0x10/0x10 [ 474.905660][T12763] ? lock_acquire+0x2f/0xb0 [ 474.905695][T12763] ? mnt_get_write_access+0x6a/0x300 [ 474.905725][T12763] tomoyo_file_open+0x6b/0x90 [ 474.905759][T12763] security_file_open+0x84/0x1e0 [ 474.905788][T12763] do_dentry_open+0x57c/0x1c40 [ 474.905823][T12763] ? inode_permission+0xdd/0x5f0 [ 474.905851][T12763] vfs_open+0x82/0x3f0 [ 474.905871][T12763] ? may_open+0x1f2/0x400 [ 474.905900][T12763] path_openat+0x1e88/0x2d80 [ 474.905946][T12763] ? __pfx_path_openat+0x10/0x10 [ 474.905979][T12763] ? __pfx___lock_acquire+0x10/0x10 [ 474.906007][T12763] ? lock_acquire.part.0+0x11b/0x380 [ 474.906038][T12763] ? find_held_lock+0x2d/0x110 [ 474.906068][T12763] do_filp_open+0x20c/0x470 [ 474.906098][T12763] ? __pfx_do_filp_open+0x10/0x10 [ 474.906133][T12763] ? find_held_lock+0x2d/0x110 [ 474.906183][T12763] ? alloc_fd+0x41f/0x760 [ 474.906227][T12763] do_sys_openat2+0x17a/0x1e0 [ 474.906253][T12763] ? __pfx_do_sys_openat2+0x10/0x10 [ 474.906293][T12763] __x64_sys_openat+0x175/0x210 [ 474.906319][T12763] ? __pfx___x64_sys_openat+0x10/0x10 [ 474.906360][T12763] do_syscall_64+0xcd/0x250 [ 474.906393][T12763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.906425][T12763] RIP: 0033:0x7feb7638cde9 [ 474.906445][T12763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 474.906480][T12763] RSP: 002b:00007feb741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 474.906504][T12763] RAX: ffffffffffffffda RBX: 00007feb765a5fa0 RCX: 00007feb7638cde9 [ 474.906522][T12763] RDX: 0000000000101201 RSI: 0000400000000040 RDI: ffffffffffffff9c [ 474.906538][T12763] RBP: 00007feb7640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 474.906553][T12763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.906567][T12763] R13: 0000000000000000 R14: 00007feb765a5fa0 R15: 00007ffe1a8d5708 [ 474.906600][T12763] [ 474.918864][T12763] ERROR: Out of memory at tomoyo_realpath_from_path. [ 475.245317][T12779] FAULT_INJECTION: forcing a failure. [ 475.245317][T12779] name failslab, interval 1, probability 0, space 0, times 0 [ 475.277293][T12779] CPU: 1 UID: 0 PID: 12779 Comm: syz.0.2065 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 475.277328][T12779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 475.277342][T12779] Call Trace: [ 475.277349][T12779] [ 475.277358][T12779] dump_stack_lvl+0x16c/0x1f0 [ 475.277394][T12779] should_fail_ex+0x50a/0x650 [ 475.277429][T12779] ? fs_reclaim_acquire+0xae/0x150 [ 475.277463][T12779] should_failslab+0xc2/0x120 [ 475.277486][T12779] kmem_cache_alloc_lru_noprof+0x73/0x3d0 [ 475.277521][T12779] ? find_held_lock+0x2d/0x110 [ 475.277546][T12779] ? __d_alloc+0x31/0xaa0 [ 475.277573][T12779] __d_alloc+0x31/0xaa0 [ 475.277598][T12779] d_alloc_pseudo+0x1c/0xc0 [ 475.277626][T12779] alloc_file_pseudo+0xd0/0x230 [ 475.277655][T12779] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 475.277687][T12779] ? alloc_fd+0x41f/0x760 [ 475.277722][T12779] sock_alloc_file+0x50/0x210 [ 475.277754][T12779] __sys_socket+0x1c2/0x260 [ 475.277777][T12779] ? __pfx___sys_socket+0x10/0x10 [ 475.277801][T12779] ? rcu_is_watching+0x12/0xc0 [ 475.277834][T12779] __x64_sys_socket+0x72/0xb0 [ 475.277859][T12779] ? lockdep_hardirqs_on+0x7c/0x110 [ 475.277887][T12779] do_syscall_64+0xcd/0x250 [ 475.277916][T12779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 475.277947][T12779] RIP: 0033:0x7f1321f8cde9 [ 475.277965][T12779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 475.277987][T12779] RSP: 002b:00007f1322d70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 475.278011][T12779] RAX: ffffffffffffffda RBX: 00007f13221a5fa0 RCX: 00007f1321f8cde9 [ 475.278026][T12779] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 475.278039][T12779] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 475.278052][T12779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 475.278066][T12779] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 475.278092][T12779] [ 476.311443][T12817] sp0: Synchronizing with TNC [ 476.406655][T12824] program syz.2.2085 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 476.663440][T12840] __nla_validate_parse: 4 callbacks suppressed [ 476.663459][T12840] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2089'. [ 476.994921][T12857] program syz.2.2097 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 477.101762][T12858] FAULT_INJECTION: forcing a failure. [ 477.101762][T12858] name failslab, interval 1, probability 0, space 0, times 0 [ 477.118034][T12858] CPU: 0 UID: 0 PID: 12858 Comm: syz.0.2100 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 477.118070][T12858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 477.118085][T12858] Call Trace: [ 477.118092][T12858] [ 477.118102][T12858] dump_stack_lvl+0x16c/0x1f0 [ 477.118139][T12858] should_fail_ex+0x50a/0x650 [ 477.118174][T12858] ? fs_reclaim_acquire+0xae/0x150 [ 477.118209][T12858] should_failslab+0xc2/0x120 [ 477.118245][T12858] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 477.118283][T12858] ? down_write+0x14e/0x200 [ 477.118314][T12858] ? vm_area_dup+0x53/0x2f0 [ 477.118354][T12858] vm_area_dup+0x53/0x2f0 [ 477.118389][T12858] copy_process+0x776f/0x8c50 [ 477.118439][T12858] ? __pfx_copy_process+0x10/0x10 [ 477.118463][T12858] ? __might_fault+0x13b/0x190 [ 477.118488][T12858] ? __pfx_lock_release+0x10/0x10 [ 477.118529][T12858] ? __might_fault+0xe3/0x190 [ 477.118558][T12858] ? __might_fault+0xe3/0x190 [ 477.118590][T12858] ? _copy_from_user+0x59/0xd0 [ 477.118622][T12858] kernel_clone+0xfd/0x960 [ 477.118646][T12858] ? process_vm_rw+0x182/0x360 [ 477.118681][T12858] ? __pfx_kernel_clone+0x10/0x10 [ 477.118711][T12858] ? __pfx_futex_wait+0x10/0x10 [ 477.118753][T12858] __do_sys_clone3+0x214/0x290 [ 477.118776][T12858] ? __pfx___do_sys_clone3+0x10/0x10 [ 477.118813][T12858] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 477.118872][T12858] do_syscall_64+0xcd/0x250 [ 477.118903][T12858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.118934][T12858] RIP: 0033:0x7f1321f8cde9 [ 477.118954][T12858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 477.118979][T12858] RSP: 002b:00007f1322d6ff08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 477.119004][T12858] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f1321f8cde9 [ 477.119019][T12858] RDX: 00007f1322d6ff20 RSI: 0000000000000058 RDI: 00007f1322d6ff20 [ 477.119034][T12858] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000058 [ 477.119048][T12858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.119062][T12858] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 477.119097][T12858] [ 477.430982][T12863] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 477.649916][T12871] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2104'. [ 478.580375][T12927] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2125'. [ 478.592587][T12925] ima: policy update failed [ 478.609023][ T29] audit: type=1802 audit(4294967507.870:21): pid=12925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2125" res=0 errno=0 [ 478.638980][T12926] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2124'. [ 478.810458][T12938] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2130'. [ 479.031631][T12954] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2133'. [ 479.245370][T12963] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2138'. [ 479.264442][T12964] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2137'. [ 479.292674][T12961] ima: policy update failed [ 479.297347][ T29] audit: type=1802 audit(4294967508.560:22): pid=12961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2137" res=0 errno=0 [ 479.319136][T12968] program syz.3.2140 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 479.454145][T12974] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2142'. [ 479.491459][T12976] FAULT_INJECTION: forcing a failure. [ 479.491459][T12976] name failslab, interval 1, probability 0, space 0, times 0 [ 479.523695][T12976] CPU: 1 UID: 0 PID: 12976 Comm: syz.4.2144 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 479.523738][T12976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 479.523753][T12976] Call Trace: [ 479.523762][T12976] [ 479.523773][T12976] dump_stack_lvl+0x16c/0x1f0 [ 479.523809][T12976] should_fail_ex+0x50a/0x650 [ 479.523846][T12976] ? fs_reclaim_acquire+0xae/0x150 [ 479.523881][T12976] should_failslab+0xc2/0x120 [ 479.523906][T12976] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 479.523946][T12976] ? __pfx_try_to_wake_up+0x10/0x10 [ 479.523978][T12976] ? kasprintf+0xc8/0x100 [ 479.524010][T12976] kvasprintf+0xbd/0x160 [ 479.524035][T12976] ? __pfx_kvasprintf+0x10/0x10 [ 479.524062][T12976] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 479.524104][T12976] kasprintf+0xc8/0x100 [ 479.524129][T12976] ? __pfx_kasprintf+0x10/0x10 [ 479.524158][T12976] ? __pfx_lockdep_lock+0x10/0x10 [ 479.524198][T12976] ? lockdep_unlock+0x11a/0x290 [ 479.524231][T12976] alloc_workqueue+0x115/0x200 [ 479.524260][T12976] ? __pfx_alloc_workqueue+0x10/0x10 [ 479.524297][T12976] ? __pfx___debug_object_init+0x10/0x10 [ 479.524338][T12976] nci_register_device+0x514/0xb80 [ 479.524376][T12976] ? __pfx_nci_register_device+0x10/0x10 [ 479.524426][T12976] virtual_ncidev_open+0x141/0x220 [ 479.524463][T12976] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 479.524496][T12976] misc_open+0x35a/0x420 [ 479.524521][T12976] ? __pfx_misc_open+0x10/0x10 [ 479.524544][T12976] chrdev_open+0x237/0x6a0 [ 479.524579][T12976] ? __pfx_apparmor_file_open+0x10/0x10 [ 479.524611][T12976] ? __pfx_chrdev_open+0x10/0x10 [ 479.524650][T12976] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 479.524686][T12976] do_dentry_open+0x735/0x1c40 [ 479.524719][T12976] ? __pfx_chrdev_open+0x10/0x10 [ 479.524755][T12976] ? inode_permission+0xdd/0x5f0 [ 479.524786][T12976] vfs_open+0x82/0x3f0 [ 479.524810][T12976] ? may_open+0x1f2/0x400 [ 479.524841][T12976] path_openat+0x1e88/0x2d80 [ 479.524889][T12976] ? __pfx_path_openat+0x10/0x10 [ 479.524923][T12976] ? __pfx___lock_acquire+0x10/0x10 [ 479.524954][T12976] ? lock_acquire.part.0+0x11b/0x380 [ 479.524988][T12976] ? find_held_lock+0x2d/0x110 [ 479.525019][T12976] do_filp_open+0x20c/0x470 [ 479.525055][T12976] ? __pfx_do_filp_open+0x10/0x10 [ 479.525087][T12976] ? find_held_lock+0x2d/0x110 [ 479.525139][T12976] ? alloc_fd+0x41f/0x760 [ 479.525206][T12976] do_sys_openat2+0x17a/0x1e0 [ 479.525234][T12976] ? __pfx_do_sys_openat2+0x10/0x10 [ 479.525277][T12976] __x64_sys_openat+0x175/0x210 [ 479.525307][T12976] ? __pfx___x64_sys_openat+0x10/0x10 [ 479.525350][T12976] do_syscall_64+0xcd/0x250 [ 479.525384][T12976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.525418][T12976] RIP: 0033:0x7f495c18cde9 [ 479.525440][T12976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.525465][T12976] RSP: 002b:00007f495cfdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 479.525490][T12976] RAX: ffffffffffffffda RBX: 00007f495c3a5fa0 RCX: 00007f495c18cde9 [ 479.525507][T12976] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 479.525524][T12976] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 479.525540][T12976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 479.525556][T12976] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 479.525592][T12976] [ 480.161335][T12998] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2150'. [ 480.233150][T13000] ima: policy update failed [ 480.241009][ T29] audit: type=1802 audit(4294967509.510:23): pid=13000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2151" res=0 errno=0 [ 480.456591][T13005] FAULT_INJECTION: forcing a failure. [ 480.456591][T13005] name failslab, interval 1, probability 0, space 0, times 0 [ 480.474279][T13005] CPU: 0 UID: 0 PID: 13005 Comm: syz.4.2153 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 480.474317][T13005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 480.474333][T13005] Call Trace: [ 480.474342][T13005] [ 480.474353][T13005] dump_stack_lvl+0x16c/0x1f0 [ 480.474390][T13005] should_fail_ex+0x50a/0x650 [ 480.474427][T13005] ? fs_reclaim_acquire+0xae/0x150 [ 480.474462][T13005] should_failslab+0xc2/0x120 [ 480.474487][T13005] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 480.474525][T13005] ? copy_signal+0x50/0x870 [ 480.474562][T13005] copy_signal+0x50/0x870 [ 480.474596][T13005] copy_process+0x2751/0x8c50 [ 480.474625][T13005] ? __pfx___lock_acquire+0x10/0x10 [ 480.474674][T13005] ? __pfx_copy_process+0x10/0x10 [ 480.474697][T13005] ? __might_fault+0x13b/0x190 [ 480.474722][T13005] ? __pfx_lock_release+0x10/0x10 [ 480.474754][T13005] ? trace_lock_acquire+0x14e/0x1f0 [ 480.474786][T13005] ? lock_acquire+0x2f/0xb0 [ 480.474816][T13005] ? __might_fault+0xe3/0x190 [ 480.474853][T13005] ? __might_fault+0xe3/0x190 [ 480.474884][T13005] ? _copy_from_user+0x59/0xd0 [ 480.474916][T13005] kernel_clone+0xfd/0x960 [ 480.474943][T13005] ? __pfx_kernel_clone+0x10/0x10 [ 480.474978][T13005] ? __pfx_futex_wake+0x10/0x10 [ 480.475018][T13005] __do_sys_clone3+0x214/0x290 [ 480.475042][T13005] ? __pfx___do_sys_clone3+0x10/0x10 [ 480.475108][T13005] do_syscall_64+0xcd/0x250 [ 480.475146][T13005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 480.475181][T13005] RIP: 0033:0x7f495c18cde9 [ 480.475202][T13005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 480.475225][T13005] RSP: 002b:00007f495cfdbf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 480.475249][T13005] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f495c18cde9 [ 480.475267][T13005] RDX: 00007f495cfdbf20 RSI: 0000000000000058 RDI: 00007f495cfdbf20 [ 480.475283][T13005] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000058 [ 480.475298][T13005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 480.475312][T13005] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 480.475342][T13005] [ 481.699467][T13043] FAULT_INJECTION: forcing a failure. [ 481.699467][T13043] name failslab, interval 1, probability 0, space 0, times 0 [ 481.737839][T13043] CPU: 1 UID: 0 PID: 13043 Comm: syz.4.2168 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 481.737875][T13043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 481.737890][T13043] Call Trace: [ 481.737898][T13043] [ 481.737909][T13043] dump_stack_lvl+0x16c/0x1f0 [ 481.737943][T13043] should_fail_ex+0x50a/0x650 [ 481.737977][T13043] ? fs_reclaim_acquire+0xae/0x150 [ 481.738013][T13043] should_failslab+0xc2/0x120 [ 481.738036][T13043] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 481.738076][T13043] ? __kthread_create_on_node+0x189/0x400 [ 481.738108][T13043] kvasprintf+0xbd/0x160 [ 481.738134][T13043] ? __pfx_kvasprintf+0x10/0x10 [ 481.738172][T13043] ? __pfx_rescuer_thread+0x10/0x10 [ 481.738201][T13043] __kthread_create_on_node+0x189/0x400 [ 481.738229][T13043] ? __pfx___kthread_create_on_node+0x10/0x10 [ 481.738262][T13043] ? smc_ib_ready_link+0x190/0x220 [ 481.738288][T13043] ? __pfx_vsnprintf+0x10/0x10 [ 481.738321][T13043] ? __pfx_rescuer_thread+0x10/0x10 [ 481.738352][T13043] kthread_create_on_node+0xc8/0x110 [ 481.738378][T13043] ? __pfx_kthread_create_on_node+0x10/0x10 [ 481.738403][T13043] ? __pfx_scnprintf+0x10/0x10 [ 481.738447][T13043] init_rescuer+0x322/0x640 [ 481.738477][T13043] ? __pfx_init_rescuer+0x10/0x10 [ 481.738515][T13043] ? wq_adjust_max_active+0x39d/0x4a0 [ 481.738546][T13043] __alloc_workqueue+0xc27/0x1810 [ 481.738576][T13043] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 481.738604][T13043] alloc_workqueue+0xd3/0x200 [ 481.738631][T13043] ? __pfx_alloc_workqueue+0x10/0x10 [ 481.738665][T13043] ? __pfx___debug_object_init+0x10/0x10 [ 481.738705][T13043] nci_register_device+0x514/0xb80 [ 481.738751][T13043] ? __pfx_nci_register_device+0x10/0x10 [ 481.738804][T13043] virtual_ncidev_open+0x141/0x220 [ 481.738841][T13043] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 481.738876][T13043] misc_open+0x35a/0x420 [ 481.738902][T13043] ? __pfx_misc_open+0x10/0x10 [ 481.738924][T13043] chrdev_open+0x237/0x6a0 [ 481.738958][T13043] ? __pfx_apparmor_file_open+0x10/0x10 [ 481.738988][T13043] ? __pfx_chrdev_open+0x10/0x10 [ 481.739027][T13043] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 481.739067][T13043] do_dentry_open+0x735/0x1c40 [ 481.739103][T13043] ? __pfx_chrdev_open+0x10/0x10 [ 481.739139][T13043] ? inode_permission+0xdd/0x5f0 [ 481.739168][T13043] vfs_open+0x82/0x3f0 [ 481.739190][T13043] ? may_open+0x1f2/0x400 [ 481.739220][T13043] path_openat+0x1e88/0x2d80 [ 481.739266][T13043] ? __pfx_path_openat+0x10/0x10 [ 481.739300][T13043] ? __pfx___lock_acquire+0x10/0x10 [ 481.739331][T13043] ? lock_acquire.part.0+0x11b/0x380 [ 481.739362][T13043] ? find_held_lock+0x2d/0x110 [ 481.739392][T13043] do_filp_open+0x20c/0x470 [ 481.739426][T13043] ? __pfx_do_filp_open+0x10/0x10 [ 481.739457][T13043] ? find_held_lock+0x2d/0x110 [ 481.739507][T13043] ? alloc_fd+0x41f/0x760 [ 481.739550][T13043] do_sys_openat2+0x17a/0x1e0 [ 481.739575][T13043] ? __pfx_do_sys_openat2+0x10/0x10 [ 481.739614][T13043] __x64_sys_openat+0x175/0x210 [ 481.739640][T13043] ? __pfx___x64_sys_openat+0x10/0x10 [ 481.739680][T13043] do_syscall_64+0xcd/0x250 [ 481.739712][T13043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 481.739754][T13043] RIP: 0033:0x7f495c18cde9 [ 481.739775][T13043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 481.739799][T13043] RSP: 002b:00007f495cfdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 481.739823][T13043] RAX: ffffffffffffffda RBX: 00007f495c3a5fa0 RCX: 00007f495c18cde9 [ 481.739840][T13043] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 481.739856][T13043] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 481.739871][T13043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 481.739885][T13043] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 481.739918][T13043] [ 482.142588][T13043] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -ENOMEM [ 482.178493][T13041] FAULT_INJECTION: forcing a failure. [ 482.178493][T13041] name failslab, interval 1, probability 0, space 0, times 0 [ 482.200462][T13041] CPU: 1 UID: 0 PID: 13041 Comm: syz.2.2166 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 482.200496][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 482.200512][T13041] Call Trace: [ 482.200520][T13041] [ 482.200530][T13041] dump_stack_lvl+0x16c/0x1f0 [ 482.200566][T13041] should_fail_ex+0x50a/0x650 [ 482.200602][T13041] ? fs_reclaim_acquire+0xae/0x150 [ 482.200638][T13041] should_failslab+0xc2/0x120 [ 482.200663][T13041] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 482.200700][T13041] ? down_write+0x14e/0x200 [ 482.200731][T13041] ? vm_area_dup+0x53/0x2f0 [ 482.200771][T13041] vm_area_dup+0x53/0x2f0 [ 482.200809][T13041] copy_process+0x776f/0x8c50 [ 482.200860][T13041] ? __pfx_copy_process+0x10/0x10 [ 482.200890][T13041] ? __might_fault+0x13b/0x190 [ 482.200918][T13041] ? __pfx_lock_release+0x10/0x10 [ 482.200961][T13041] ? __might_fault+0xe3/0x190 [ 482.200987][T13041] ? __might_fault+0xe3/0x190 [ 482.201017][T13041] ? _copy_from_user+0x59/0xd0 [ 482.201049][T13041] kernel_clone+0xfd/0x960 [ 482.201077][T13041] ? __pfx_kernel_clone+0x10/0x10 [ 482.201110][T13041] ? __pfx_futex_wait+0x10/0x10 [ 482.201155][T13041] __do_sys_clone3+0x214/0x290 [ 482.201180][T13041] ? __pfx___do_sys_clone3+0x10/0x10 [ 482.201223][T13041] ? __pfx___might_resched+0x10/0x10 [ 482.201291][T13041] do_syscall_64+0xcd/0x250 [ 482.201324][T13041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.201358][T13041] RIP: 0033:0x7feb7638cde9 [ 482.201379][T13041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.201402][T13041] RSP: 002b:00007feb741f5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 482.201425][T13041] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007feb7638cde9 [ 482.201443][T13041] RDX: 00007feb741f5f20 RSI: 0000000000000058 RDI: 00007feb741f5f20 [ 482.201459][T13041] RBP: 00007feb7640e2a0 R08: 0000000000000000 R09: 0000000000000058 [ 482.201476][T13041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 482.201490][T13041] R13: 0000000000000000 R14: 00007feb765a5fa0 R15: 00007ffe1a8d5708 [ 482.201526][T13041] [ 482.426958][T13048] __nla_validate_parse: 3 callbacks suppressed [ 482.426979][T13048] netlink: 85 bytes leftover after parsing attributes in process `syz.0.2169'. [ 482.536539][T13051] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2170'. [ 483.068782][T13070] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2178'. [ 483.181864][T13077] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2179'. [ 483.462730][T13079] FAULT_INJECTION: forcing a failure. [ 483.462730][T13079] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 483.482513][T13079] CPU: 0 UID: 0 PID: 13079 Comm: syz.0.2180 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 483.482547][T13079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 483.482562][T13079] Call Trace: [ 483.482570][T13079] [ 483.482580][T13079] dump_stack_lvl+0x16c/0x1f0 [ 483.482616][T13079] should_fail_ex+0x50a/0x650 [ 483.482652][T13079] ? __pfx___might_resched+0x10/0x10 [ 483.482693][T13079] should_fail_alloc_page+0xe7/0x130 [ 483.482721][T13079] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 483.482757][T13079] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 483.482810][T13079] ? find_held_lock+0x2d/0x110 [ 483.482841][T13079] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 483.482880][T13079] ? __lock_acquire+0x15a9/0x3c40 [ 483.482923][T13079] ? is_bpf_text_address+0x94/0x1a0 [ 483.482958][T13079] ? __pfx___lock_acquire+0x10/0x10 [ 483.482986][T13079] ? hlock_class+0x4e/0x130 [ 483.483009][T13079] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 483.483047][T13079] ? policy_nodemask+0xea/0x4e0 [ 483.483090][T13079] alloc_pages_mpol+0x1fc/0x540 [ 483.483116][T13079] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 483.483153][T13079] ? copy_page_range+0x26c9/0x5690 [ 483.483184][T13079] ? __pfx_lock_release+0x10/0x10 [ 483.483221][T13079] alloc_pages_noprof+0x131/0x390 [ 483.483247][T13079] __pud_alloc+0x39/0x690 [ 483.483280][T13079] copy_page_range+0x3843/0x5690 [ 483.483339][T13079] ? mas_wr_store_entry+0xa0c/0x24b0 [ 483.483375][T13079] ? mas_destroy+0x5ba/0x9e0 [ 483.483414][T13079] ? __pfx_copy_page_range+0x10/0x10 [ 483.483453][T13079] ? mas_store+0x941/0x10d0 [ 483.483497][T13079] ? __pfx_mas_store+0x10/0x10 [ 483.483530][T13079] ? lock_acquire+0x2f/0xb0 [ 483.483561][T13079] ? copy_process+0x79c4/0x8c50 [ 483.483599][T13079] ? up_write+0x1b2/0x520 [ 483.483638][T13079] copy_process+0x7ccb/0x8c50 [ 483.483686][T13079] ? __pfx_copy_process+0x10/0x10 [ 483.483710][T13079] ? __might_fault+0x13b/0x190 [ 483.483736][T13079] ? __pfx_lock_release+0x10/0x10 [ 483.483776][T13079] ? __might_fault+0xe3/0x190 [ 483.483810][T13079] ? __might_fault+0xe3/0x190 [ 483.483843][T13079] ? _copy_from_user+0x59/0xd0 [ 483.483876][T13079] kernel_clone+0xfd/0x960 [ 483.483905][T13079] ? __pfx_kernel_clone+0x10/0x10 [ 483.483941][T13079] ? __pfx_futex_wake+0x10/0x10 [ 483.483981][T13079] __do_sys_clone3+0x214/0x290 [ 483.484005][T13079] ? __pfx___do_sys_clone3+0x10/0x10 [ 483.484079][T13079] do_syscall_64+0xcd/0x250 [ 483.484113][T13079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.484147][T13079] RIP: 0033:0x7f1321f8cde9 [ 483.484169][T13079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 483.484191][T13079] RSP: 002b:00007f1322d6ff08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 483.484216][T13079] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f1321f8cde9 [ 483.484233][T13079] RDX: 00007f1322d6ff20 RSI: 0000000000000058 RDI: 00007f1322d6ff20 [ 483.484250][T13079] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000058 [ 483.484265][T13079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 483.484281][T13079] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 483.484317][T13079] [ 483.490638][T13081] netlink: 85 bytes leftover after parsing attributes in process `syz.2.2181'. [ 483.906347][T13083] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2182'. [ 483.987735][T13087] FAULT_INJECTION: forcing a failure. [ 483.987735][T13087] name failslab, interval 1, probability 0, space 0, times 0 [ 484.002967][T13087] CPU: 0 UID: 0 PID: 13087 Comm: syz.0.2184 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 484.003002][T13087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 484.003018][T13087] Call Trace: [ 484.003026][T13087] [ 484.003036][T13087] dump_stack_lvl+0x16c/0x1f0 [ 484.003074][T13087] should_fail_ex+0x50a/0x650 [ 484.003112][T13087] ? fs_reclaim_acquire+0xae/0x150 [ 484.003145][T13087] ? lsm_blob_alloc+0x68/0x90 [ 484.003180][T13087] should_failslab+0xc2/0x120 [ 484.003205][T13087] __kmalloc_noprof+0xcb/0x510 [ 484.003248][T13087] lsm_blob_alloc+0x68/0x90 [ 484.003285][T13087] security_sk_alloc+0x30/0x270 [ 484.003313][T13087] sk_prot_alloc+0x1c7/0x2a0 [ 484.003340][T13087] sk_alloc+0x36/0xb90 [ 484.003373][T13087] pppol2tp_create+0x32/0x250 [ 484.003418][T13087] pppox_create+0x159/0x2c0 [ 484.003472][T13087] __sock_create+0x335/0x8d0 [ 484.003511][T13087] __sys_socket+0x14f/0x260 [ 484.003544][T13087] ? __pfx___sys_socket+0x10/0x10 [ 484.003584][T13087] ? rcu_is_watching+0x12/0xc0 [ 484.003626][T13087] __x64_sys_socket+0x72/0xb0 [ 484.003658][T13087] ? lockdep_hardirqs_on+0x7c/0x110 [ 484.003704][T13087] do_syscall_64+0xcd/0x250 [ 484.003743][T13087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.003800][T13087] RIP: 0033:0x7f1321f8cde9 [ 484.003821][T13087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.003846][T13087] RSP: 002b:00007f1322d70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 484.003871][T13087] RAX: ffffffffffffffda RBX: 00007f13221a5fa0 RCX: 00007f1321f8cde9 [ 484.003896][T13087] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 484.003917][T13087] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 484.003933][T13087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.003948][T13087] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 484.003981][T13087] [ 484.265326][T13091] FAULT_INJECTION: forcing a failure. [ 484.265326][T13091] name failslab, interval 1, probability 0, space 0, times 0 [ 484.296376][T13091] CPU: 1 UID: 0 PID: 13091 Comm: syz.4.2186 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 484.296419][T13091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 484.296433][T13091] Call Trace: [ 484.296441][T13091] [ 484.296453][T13091] dump_stack_lvl+0x16c/0x1f0 [ 484.296492][T13091] should_fail_ex+0x50a/0x650 [ 484.296529][T13091] ? fs_reclaim_acquire+0xae/0x150 [ 484.296563][T13091] should_failslab+0xc2/0x120 [ 484.296587][T13091] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 484.296624][T13091] ? security_inode_alloc+0x3b/0x2b0 [ 484.296656][T13091] security_inode_alloc+0x3b/0x2b0 [ 484.296693][T13091] inode_init_always_gfp+0xce4/0x1030 [ 484.296736][T13091] alloc_inode+0x82/0x230 [ 484.296760][T13091] iget_locked+0x2ee/0x8a0 [ 484.296786][T13091] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 484.296828][T13091] ? __pfx_iget_locked+0x10/0x10 [ 484.296853][T13091] ? kernfs_iop_lookup+0xa3/0x330 [ 484.296905][T13091] kernfs_get_inode+0x48/0x460 [ 484.296938][T13091] kernfs_iop_lookup+0x1ec/0x330 [ 484.296973][T13091] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 484.297006][T13091] lookup_open.isra.0+0x4d9/0x1580 [ 484.297045][T13091] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 484.297083][T13091] ? path_openat+0x88a/0x2d80 [ 484.297126][T13091] ? mnt_get_write_access+0x20c/0x300 [ 484.297162][T13091] path_openat+0x904/0x2d80 [ 484.297209][T13091] ? __pfx_path_openat+0x10/0x10 [ 484.297242][T13091] ? __pfx___lock_acquire+0x10/0x10 [ 484.297272][T13091] ? lock_acquire.part.0+0x11b/0x380 [ 484.297304][T13091] ? find_held_lock+0x2d/0x110 [ 484.297335][T13091] do_filp_open+0x20c/0x470 [ 484.297369][T13091] ? __pfx_do_filp_open+0x10/0x10 [ 484.297408][T13091] ? find_held_lock+0x2d/0x110 [ 484.297464][T13091] ? alloc_fd+0x41f/0x760 [ 484.297509][T13091] do_sys_openat2+0x17a/0x1e0 [ 484.297535][T13091] ? __pfx_do_sys_openat2+0x10/0x10 [ 484.297562][T13091] ? _raw_read_unlock+0x28/0x50 [ 484.297599][T13091] __x64_sys_openat+0x175/0x210 [ 484.297625][T13091] ? __pfx___x64_sys_openat+0x10/0x10 [ 484.297666][T13091] do_syscall_64+0xcd/0x250 [ 484.297723][T13091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.297758][T13091] RIP: 0033:0x7f495c18cde9 [ 484.297779][T13091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.297802][T13091] RSP: 002b:00007f495cfdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 484.297825][T13091] RAX: ffffffffffffffda RBX: 00007f495c3a5fa0 RCX: 00007f495c18cde9 [ 484.297842][T13091] RDX: 0000000000001801 RSI: 0000400000000100 RDI: ffffffffffffff9c [ 484.297857][T13091] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 484.297873][T13091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.297888][T13091] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 484.297923][T13091] [ 484.758296][T13101] FAULT_INJECTION: forcing a failure. [ 484.758296][T13101] name failslab, interval 1, probability 0, space 0, times 0 [ 484.771250][T13101] CPU: 0 UID: 0 PID: 13101 Comm: syz.0.2190 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 484.771284][T13101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 484.771299][T13101] Call Trace: [ 484.771307][T13101] [ 484.771316][T13101] dump_stack_lvl+0x16c/0x1f0 [ 484.771353][T13101] should_fail_ex+0x50a/0x650 [ 484.771391][T13101] ? fs_reclaim_acquire+0xae/0x150 [ 484.771426][T13101] should_failslab+0xc2/0x120 [ 484.771450][T13101] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 484.771487][T13101] ? anon_vma_fork+0x200/0x620 [ 484.771527][T13101] anon_vma_fork+0x200/0x620 [ 484.771567][T13101] copy_process+0x82c8/0x8c50 [ 484.771627][T13101] ? __pfx_copy_process+0x10/0x10 [ 484.771652][T13101] ? __might_fault+0x13b/0x190 [ 484.771678][T13101] ? __pfx_lock_release+0x10/0x10 [ 484.771718][T13101] ? __might_fault+0xe3/0x190 [ 484.771743][T13101] ? __might_fault+0xe3/0x190 [ 484.771772][T13101] ? _copy_from_user+0x59/0xd0 [ 484.771803][T13101] kernel_clone+0xfd/0x960 [ 484.771830][T13101] ? __pfx_kernel_clone+0x10/0x10 [ 484.771863][T13101] ? __pfx_futex_wait+0x10/0x10 [ 484.771908][T13101] __do_sys_clone3+0x214/0x290 [ 484.771932][T13101] ? __pfx___do_sys_clone3+0x10/0x10 [ 484.772007][T13101] do_syscall_64+0xcd/0x250 [ 484.772040][T13101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.772074][T13101] RIP: 0033:0x7f1321f8cde9 [ 484.772096][T13101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.772120][T13101] RSP: 002b:00007f1322d6ff08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 484.772144][T13101] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f1321f8cde9 [ 484.772161][T13101] RDX: 00007f1322d6ff20 RSI: 0000000000000058 RDI: 00007f1322d6ff20 [ 484.772177][T13101] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000058 [ 484.772193][T13101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.772209][T13101] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 484.772244][T13101] [ 485.043371][T13105] FAULT_INJECTION: forcing a failure. [ 485.043371][T13105] name failslab, interval 1, probability 0, space 0, times 0 [ 485.057140][T13105] CPU: 0 UID: 0 PID: 13105 Comm: syz.2.2191 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 485.057176][T13105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 485.057193][T13105] Call Trace: [ 485.057200][T13105] [ 485.057210][T13105] dump_stack_lvl+0x16c/0x1f0 [ 485.057247][T13105] should_fail_ex+0x50a/0x650 [ 485.057285][T13105] ? fs_reclaim_acquire+0xae/0x150 [ 485.057320][T13105] should_failslab+0xc2/0x120 [ 485.057346][T13105] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 485.057385][T13105] ? __kernfs_new_node+0xd3/0x890 [ 485.057424][T13105] __kernfs_new_node+0xd3/0x890 [ 485.057460][T13105] ? __pfx___kernfs_new_node+0x10/0x10 [ 485.057490][T13105] ? __pfx_lock_release+0x10/0x10 [ 485.057522][T13105] ? kernfs_add_one+0x39d/0x520 [ 485.057574][T13105] ? up_write+0x1b2/0x520 [ 485.057616][T13105] kernfs_new_node+0x186/0x240 [ 485.057658][T13105] __kernfs_create_file+0x53/0x350 [ 485.057691][T13105] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 485.057727][T13105] internal_create_group+0x56c/0xf10 [ 485.057770][T13105] ? __pfx_internal_create_group+0x10/0x10 [ 485.057810][T13105] ? kernfs_create_link+0x1bd/0x240 [ 485.057842][T13105] internal_create_groups+0x9d/0x150 [ 485.057874][T13105] device_add+0x6d3/0x1a70 [ 485.057910][T13105] ? __pfx_device_add+0x10/0x10 [ 485.057948][T13105] ? __init_waitqueue_head+0xca/0x150 [ 485.057984][T13105] rfkill_register+0x1ad/0xb40 [ 485.058020][T13105] nfc_register_device+0x11f/0x3c0 [ 485.058053][T13105] nci_register_device+0x7f4/0xb80 [ 485.058093][T13105] ? __pfx_nci_register_device+0x10/0x10 [ 485.058144][T13105] virtual_ncidev_open+0x141/0x220 [ 485.058181][T13105] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 485.058216][T13105] misc_open+0x35a/0x420 [ 485.058241][T13105] ? __pfx_misc_open+0x10/0x10 [ 485.058264][T13105] chrdev_open+0x237/0x6a0 [ 485.058310][T13105] ? __pfx_apparmor_file_open+0x10/0x10 [ 485.058343][T13105] ? __pfx_chrdev_open+0x10/0x10 [ 485.058382][T13105] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 485.058421][T13105] do_dentry_open+0x735/0x1c40 [ 485.058456][T13105] ? __pfx_chrdev_open+0x10/0x10 [ 485.058493][T13105] ? inode_permission+0xdd/0x5f0 [ 485.058522][T13105] vfs_open+0x82/0x3f0 [ 485.058546][T13105] ? may_open+0x1f2/0x400 [ 485.058587][T13105] path_openat+0x1e88/0x2d80 [ 485.058635][T13105] ? __pfx_path_openat+0x10/0x10 [ 485.058672][T13105] ? __pfx___lock_acquire+0x10/0x10 [ 485.058702][T13105] ? lock_acquire.part.0+0x11b/0x380 [ 485.058732][T13105] ? find_held_lock+0x2d/0x110 [ 485.058763][T13105] do_filp_open+0x20c/0x470 [ 485.058798][T13105] ? __pfx_do_filp_open+0x10/0x10 [ 485.058830][T13105] ? find_held_lock+0x2d/0x110 [ 485.058883][T13105] ? alloc_fd+0x41f/0x760 [ 485.058924][T13105] do_sys_openat2+0x17a/0x1e0 [ 485.058949][T13105] ? __pfx_do_sys_openat2+0x10/0x10 [ 485.058989][T13105] __x64_sys_openat+0x175/0x210 [ 485.059015][T13105] ? __pfx___x64_sys_openat+0x10/0x10 [ 485.059058][T13105] do_syscall_64+0xcd/0x250 [ 485.059091][T13105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.059125][T13105] RIP: 0033:0x7feb7638cde9 [ 485.059146][T13105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.059170][T13105] RSP: 002b:00007feb741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 485.059195][T13105] RAX: ffffffffffffffda RBX: 00007feb765a5fa0 RCX: 00007feb7638cde9 [ 485.059212][T13105] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 485.059234][T13105] RBP: 00007feb7640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 485.059249][T13105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 485.059265][T13105] R13: 0000000000000000 R14: 00007feb765a5fa0 R15: 00007ffe1a8d5708 [ 485.059300][T13105] [ 485.636746][T13119] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2194'. [ 485.751803][T13120] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2196'. [ 486.223997][T13138] FAULT_INJECTION: forcing a failure. [ 486.223997][T13138] name failslab, interval 1, probability 0, space 0, times 0 [ 486.238853][T13138] CPU: 1 UID: 0 PID: 13138 Comm: syz.0.2203 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 486.238888][T13138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 486.238904][T13138] Call Trace: [ 486.238912][T13138] [ 486.238923][T13138] dump_stack_lvl+0x16c/0x1f0 [ 486.238960][T13138] should_fail_ex+0x50a/0x650 [ 486.238997][T13138] ? fs_reclaim_acquire+0xae/0x150 [ 486.239029][T13138] should_failslab+0xc2/0x120 [ 486.239052][T13138] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 486.239085][T13138] ? __lock_acquire+0x15a9/0x3c40 [ 486.239119][T13138] ? __kernfs_new_node+0xd3/0x890 [ 486.239154][T13138] __kernfs_new_node+0xd3/0x890 [ 486.239192][T13138] ? __pfx___kernfs_new_node+0x10/0x10 [ 486.239227][T13138] ? __pfx___lock_acquire+0x10/0x10 [ 486.239270][T13138] kernfs_new_node+0x186/0x240 [ 486.239303][T13138] ? find_held_lock+0x2d/0x110 [ 486.239329][T13138] __kernfs_create_file+0x53/0x350 [ 486.239357][T13138] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 486.239390][T13138] internal_create_group+0x56c/0xf10 [ 486.239425][T13138] ? __pfx_internal_create_group+0x10/0x10 [ 486.239459][T13138] ? kernfs_create_link+0x1bd/0x240 [ 486.239486][T13138] internal_create_groups+0x9d/0x150 [ 486.239517][T13138] device_add+0x6d3/0x1a70 [ 486.239548][T13138] ? __pfx_device_add+0x10/0x10 [ 486.239578][T13138] ? __init_waitqueue_head+0xca/0x150 [ 486.239608][T13138] rfkill_register+0x1ad/0xb40 [ 486.239640][T13138] nfc_register_device+0x11f/0x3c0 [ 486.239666][T13138] nci_register_device+0x7f4/0xb80 [ 486.239698][T13138] ? __pfx_nci_register_device+0x10/0x10 [ 486.239741][T13138] virtual_ncidev_open+0x141/0x220 [ 486.239771][T13138] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 486.239800][T13138] misc_open+0x35a/0x420 [ 486.239821][T13138] ? __pfx_misc_open+0x10/0x10 [ 486.239841][T13138] chrdev_open+0x237/0x6a0 [ 486.239870][T13138] ? __pfx_apparmor_file_open+0x10/0x10 [ 486.239897][T13138] ? __pfx_chrdev_open+0x10/0x10 [ 486.239929][T13138] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 486.239962][T13138] do_dentry_open+0x735/0x1c40 [ 486.239993][T13138] ? __pfx_chrdev_open+0x10/0x10 [ 486.240025][T13138] ? inode_permission+0xdd/0x5f0 [ 486.240051][T13138] vfs_open+0x82/0x3f0 [ 486.240070][T13138] ? may_open+0x1f2/0x400 [ 486.240096][T13138] path_openat+0x1e88/0x2d80 [ 486.240136][T13138] ? __pfx_path_openat+0x10/0x10 [ 486.240165][T13138] ? __pfx___lock_acquire+0x10/0x10 [ 486.240198][T13138] ? lock_acquire.part.0+0x11b/0x380 [ 486.240229][T13138] ? find_held_lock+0x2d/0x110 [ 486.240257][T13138] do_filp_open+0x20c/0x470 [ 486.240288][T13138] ? __pfx_do_filp_open+0x10/0x10 [ 486.240316][T13138] ? find_held_lock+0x2d/0x110 [ 486.240361][T13138] ? alloc_fd+0x41f/0x760 [ 486.240402][T13138] do_sys_openat2+0x17a/0x1e0 [ 486.240425][T13138] ? __pfx_do_sys_openat2+0x10/0x10 [ 486.240459][T13138] __x64_sys_openat+0x175/0x210 [ 486.240482][T13138] ? __pfx___x64_sys_openat+0x10/0x10 [ 486.240517][T13138] do_syscall_64+0xcd/0x250 [ 486.240545][T13138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.240574][T13138] RIP: 0033:0x7f1321f8cde9 [ 486.240591][T13138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.240611][T13138] RSP: 002b:00007f1322d70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 486.240632][T13138] RAX: ffffffffffffffda RBX: 00007f13221a5fa0 RCX: 00007f1321f8cde9 [ 486.240648][T13138] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 486.240662][T13138] RBP: 00007f132200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 486.240675][T13138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.240688][T13138] R13: 0000000000000000 R14: 00007f13221a5fa0 R15: 00007fff16972438 [ 486.240718][T13138] [ 486.869925][T13146] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2205'. [ 487.250035][T13160] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2210'. [ 487.334102][ T29] audit: type=1800 audit(4294967516.600:24): pid=13162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2212" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 487.432695][T13168] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2216'. [ 488.546683][T13188] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2222'. [ 488.758433][T13200] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2226'. [ 488.826368][T13197] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2227'. [ 489.022345][T13213] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2229'. [ 489.032998][T13213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2229'. [ 489.129812][T13215] can0: slcan on ttyS2. [ 489.180533][T13218] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 489.196285][T13215] can0 (unregistered): slcan off ttyS2. [ 489.205337][T13219] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 489.237760][T13222] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 489.325286][T13225] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2234'. [ 489.470943][T13231] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2237'. [ 489.749492][T13240] FAULT_INJECTION: forcing a failure. [ 489.749492][T13240] name failslab, interval 1, probability 0, space 0, times 0 [ 489.769166][T13206] ima: policy update failed [ 489.778843][ T29] audit: type=1802 audit(4294967519.040:25): pid=13206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2229" res=0 errno=0 [ 489.811662][T13240] CPU: 1 UID: 0 PID: 13240 Comm: syz.2.2241 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 489.811702][T13240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 489.811717][T13240] Call Trace: [ 489.811724][T13240] [ 489.811735][T13240] dump_stack_lvl+0x16c/0x1f0 [ 489.811776][T13240] should_fail_ex+0x50a/0x650 [ 489.811815][T13240] ? fs_reclaim_acquire+0xae/0x150 [ 489.811848][T13240] should_failslab+0xc2/0x120 [ 489.811871][T13240] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 489.811906][T13240] ? __kernfs_new_node+0xd3/0x890 [ 489.811937][T13240] ? __pfx_lock_release+0x10/0x10 [ 489.811973][T13240] __kernfs_new_node+0xd3/0x890 [ 489.812008][T13240] ? __pfx___kernfs_new_node+0x10/0x10 [ 489.812040][T13240] ? up_write+0x1b2/0x520 [ 489.812076][T13240] ? kernfs_add_one+0x182/0x520 [ 489.812131][T13240] kernfs_new_node+0x186/0x240 [ 489.812165][T13240] kernfs_create_dir_ns+0x4c/0x150 [ 489.812196][T13240] internal_create_group+0x34e/0xf10 [ 489.812223][T13240] ? __pfx_internal_create_group+0x10/0x10 [ 489.812242][T13240] ? __pfx_internal_create_group+0x10/0x10 [ 489.812263][T13240] ? __pfx_dev_add_physical_location+0x10/0x10 [ 489.812280][T13240] ? bus_to_subsys+0x12d/0x160 [ 489.812303][T13240] dpm_sysfs_add+0x80/0x280 [ 489.812320][T13240] device_add+0x9a8/0x1a70 [ 489.812340][T13240] ? __pfx_device_add+0x10/0x10 [ 489.812359][T13240] ? __init_waitqueue_head+0xca/0x150 [ 489.812379][T13240] rfkill_register+0x1ad/0xb40 [ 489.812401][T13240] nfc_register_device+0x11f/0x3c0 [ 489.812418][T13240] nci_register_device+0x7f4/0xb80 [ 489.812439][T13240] ? __pfx_nci_register_device+0x10/0x10 [ 489.812468][T13240] virtual_ncidev_open+0x141/0x220 [ 489.812488][T13240] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 489.812506][T13240] misc_open+0x35a/0x420 [ 489.812521][T13240] ? __pfx_misc_open+0x10/0x10 [ 489.812534][T13240] chrdev_open+0x237/0x6a0 [ 489.812553][T13240] ? __pfx_apparmor_file_open+0x10/0x10 [ 489.812571][T13240] ? __pfx_chrdev_open+0x10/0x10 [ 489.812592][T13240] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 489.812613][T13240] do_dentry_open+0x735/0x1c40 [ 489.812633][T13240] ? __pfx_chrdev_open+0x10/0x10 [ 489.812654][T13240] ? inode_permission+0xdd/0x5f0 [ 489.812671][T13240] vfs_open+0x82/0x3f0 [ 489.812683][T13240] ? may_open+0x1f2/0x400 [ 489.812700][T13240] path_openat+0x1e88/0x2d80 [ 489.812734][T13240] ? __pfx_path_openat+0x10/0x10 [ 489.812767][T13240] ? __pfx___lock_acquire+0x10/0x10 [ 489.812797][T13240] ? lock_acquire.part.0+0x11b/0x380 [ 489.812828][T13240] ? find_held_lock+0x2d/0x110 [ 489.812856][T13240] do_filp_open+0x20c/0x470 [ 489.812877][T13240] ? __pfx_do_filp_open+0x10/0x10 [ 489.812894][T13240] ? find_held_lock+0x2d/0x110 [ 489.812922][T13240] ? alloc_fd+0x41f/0x760 [ 489.812946][T13240] do_sys_openat2+0x17a/0x1e0 [ 489.812961][T13240] ? __pfx_do_sys_openat2+0x10/0x10 [ 489.812983][T13240] __x64_sys_openat+0x175/0x210 [ 489.812998][T13240] ? __pfx___x64_sys_openat+0x10/0x10 [ 489.813020][T13240] do_syscall_64+0xcd/0x250 [ 489.813039][T13240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 489.813058][T13240] RIP: 0033:0x7feb7638cde9 [ 489.813070][T13240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 489.813084][T13240] RSP: 002b:00007feb741f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 489.813098][T13240] RAX: ffffffffffffffda RBX: 00007feb765a5fa0 RCX: 00007feb7638cde9 [ 489.813115][T13240] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 489.813124][T13240] RBP: 00007feb7640e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 489.813132][T13240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 489.813141][T13240] R13: 0000000000000000 R14: 00007feb765a5fa0 R15: 00007ffe1a8d5708 [ 489.813160][T13240] [ 490.402116][T13256] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2247'. [ 490.811595][T13279] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2252'. [ 490.858615][T13275] ima: policy update failed [ 490.879722][ T29] audit: type=1802 audit(4294967520.150:26): pid=13275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2253" res=0 errno=0 [ 491.518349][T13313] FAULT_INJECTION: forcing a failure. [ 491.518349][T13313] name failslab, interval 1, probability 0, space 0, times 0 [ 491.540930][T13313] CPU: 1 UID: 0 PID: 13313 Comm: syz.3.2266 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 491.540967][T13313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 491.540983][T13313] Call Trace: [ 491.540991][T13313] [ 491.541002][T13313] dump_stack_lvl+0x16c/0x1f0 [ 491.541039][T13313] should_fail_ex+0x50a/0x650 [ 491.541075][T13313] ? fs_reclaim_acquire+0xae/0x150 [ 491.541108][T13313] ? ima_alloc_init_template+0xb8/0x720 [ 491.541145][T13313] should_failslab+0xc2/0x120 [ 491.541169][T13313] __kmalloc_noprof+0xcb/0x510 [ 491.541212][T13313] ima_alloc_init_template+0xb8/0x720 [ 491.541249][T13313] ? d_absolute_path+0x137/0x1b0 [ 491.541275][T13313] ? __pfx_d_absolute_path+0x10/0x10 [ 491.541304][T13313] ima_store_measurement+0x1ea/0x5c0 [ 491.541343][T13313] ? __pfx_ima_store_measurement+0x10/0x10 [ 491.541381][T13313] ? ima_d_path+0x12c/0x2a0 [ 491.541422][T13313] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 491.541458][T13313] process_measurement+0x1bcb/0x2370 [ 491.541505][T13313] ? __pfx_process_measurement+0x10/0x10 [ 491.541553][T13313] ? mark_held_locks+0x9f/0xe0 [ 491.541592][T13313] ? kasan_quarantine_put+0x10a/0x240 [ 491.541656][T13313] ? find_held_lock+0x2d/0x110 [ 491.541688][T13313] ? tomoyo_bprm_check_security+0x168/0x1d0 [ 491.541734][T13313] ima_bprm_check+0xe8/0x210 [ 491.541769][T13313] ? __pfx_ima_bprm_check+0x10/0x10 [ 491.541812][T13313] security_bprm_check+0xa5/0x1e0 [ 491.541838][T13313] bprm_execve+0x832/0x16d0 [ 491.541878][T13313] ? __pfx_bprm_execve+0x10/0x10 [ 491.541912][T13313] ? copy_string_kernel+0x210/0x250 [ 491.541951][T13313] do_execveat_common.isra.0+0x4a2/0x610 [ 491.541992][T13313] __x64_sys_execve+0x8c/0xb0 [ 491.542026][T13313] do_syscall_64+0xcd/0x250 [ 491.542059][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.542092][T13313] RIP: 0033:0x7f2aa5d8cde9 [ 491.542114][T13313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 491.542137][T13313] RSP: 002b:00007f2aa6cb1038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 491.542160][T13313] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa0 RCX: 00007f2aa5d8cde9 [ 491.542177][T13313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000000 [ 491.542192][T13313] RBP: 00007f2aa5e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 491.542208][T13313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 491.542224][T13313] R13: 0000000000000000 R14: 00007f2aa5fa5fa0 R15: 00007ffc0abb6238 [ 491.542260][T13313] [ 491.547073][ T29] audit: type=1804 audit(4294967520.810:27): pid=13313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.2266" name="/newroot/577/:," dev="tmpfs" ino=3096 res=0 errno=0 [ 491.865286][T13309] FAULT_INJECTION: forcing a failure. [ 491.865286][T13309] name failslab, interval 1, probability 0, space 0, times 0 [ 491.880567][T13309] CPU: 0 UID: 0 PID: 13309 Comm: syz.4.2263 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 491.880601][T13309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 491.880617][T13309] Call Trace: [ 491.880625][T13309] [ 491.880635][T13309] dump_stack_lvl+0x16c/0x1f0 [ 491.880672][T13309] should_fail_ex+0x50a/0x650 [ 491.880706][T13309] ? fs_reclaim_acquire+0xae/0x150 [ 491.880738][T13309] ? tomoyo_realpath_from_path+0xb9/0x720 [ 491.880769][T13309] should_failslab+0xc2/0x120 [ 491.880791][T13309] __kmalloc_noprof+0xcb/0x510 [ 491.880831][T13309] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 491.880871][T13309] tomoyo_realpath_from_path+0xb9/0x720 [ 491.880899][T13309] ? tomoyo_path_perm+0x262/0x460 [ 491.880926][T13309] ? tomoyo_path_perm+0x262/0x460 [ 491.880956][T13309] tomoyo_path_perm+0x276/0x460 [ 491.880981][T13309] ? tomoyo_path_perm+0x262/0x460 [ 491.881010][T13309] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 491.881072][T13309] ? __pfx_ima_file_check+0x10/0x10 [ 491.881113][T13309] security_file_truncate+0x84/0x1e0 [ 491.881144][T13309] path_openat+0xc8c/0x2d80 [ 491.881188][T13309] ? __pfx_path_openat+0x10/0x10 [ 491.881221][T13309] ? __pfx___lock_acquire+0x10/0x10 [ 491.881249][T13309] ? lock_acquire.part.0+0x11b/0x380 [ 491.881278][T13309] ? find_held_lock+0x2d/0x110 [ 491.881306][T13309] do_filp_open+0x20c/0x470 [ 491.881338][T13309] ? __pfx_do_filp_open+0x10/0x10 [ 491.881369][T13309] ? find_held_lock+0x2d/0x110 [ 491.881412][T13309] ? _raw_spin_unlock+0x28/0x50 [ 491.881436][T13309] ? alloc_fd+0x41f/0x760 [ 491.881479][T13309] do_sys_openat2+0x17a/0x1e0 [ 491.881504][T13309] ? __pfx_do_sys_openat2+0x10/0x10 [ 491.881544][T13309] __x64_sys_open+0x154/0x1e0 [ 491.881571][T13309] ? __pfx___x64_sys_open+0x10/0x10 [ 491.881609][T13309] do_syscall_64+0xcd/0x250 [ 491.881641][T13309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.881674][T13309] RIP: 0033:0x7f495c18cde9 [ 491.881695][T13309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 491.881719][T13309] RSP: 002b:00007f495cfdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 491.881742][T13309] RAX: ffffffffffffffda RBX: 00007f495c3a5fa0 RCX: 00007f495c18cde9 [ 491.881760][T13309] RDX: e1d2b27bdc14abfd RSI: 0000000000004242 RDI: 0000400000000000 [ 491.881777][T13309] RBP: 00007f495c20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 491.881791][T13309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 491.881806][T13309] R13: 0000000000000000 R14: 00007f495c3a5fa0 R15: 00007ffc7173fce8 [ 491.881847][T13309] [ 491.881859][T13309] ERROR: Out of memory at tomoyo_realpath_from_path. [ 492.645153][T13354] __nla_validate_parse: 5 callbacks suppressed [ 492.645176][T13354] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2277'. [ 492.736611][T13365] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2278'. [ 492.755312][T13365] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2278'. [ 493.024734][T13380] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2283'. [ 493.355511][T13389] random: crng reseeded on system resumption [ 493.501002][T13360] ima: policy update failed [ 493.506774][ T29] audit: type=1802 audit(4294967522.770:28): pid=13360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2278" res=0 errno=0 [ 493.926082][T13405] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2293'. [ 494.197484][T13419] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2298'. [ 494.248955][T13423] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2297'. [ 494.259657][T13423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2297'. [ 494.284342][T13416] ima: policy update failed [ 494.294651][ T29] audit: type=1802 audit(4294967523.560:29): pid=13416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2297" res=0 errno=0 [ 494.385994][T13427] sp0: Synchronizing with TNC [ 494.453327][T13432] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2303'. [ 494.754330][T13447] netlink: 'syz.4.2308': attribute type 10 has an invalid length. [ 494.757914][T13445] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 494.762419][T13447] netlink: 230 bytes leftover after parsing attributes in process `syz.4.2308'. [ 495.075197][T13454] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 495.189457][T13454] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 495.260873][T13454] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 495.419506][T13469] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum [ 495.547105][T13473] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 2: bad block bitmap checksum [ 495.668170][T13477] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 3: bad block bitmap checksum [ 495.741821][ T66] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.808549][ T66] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.886675][ T66] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.970397][ T66] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 496.096438][ T66] bridge_slave_1: left allmulticast mode [ 496.102940][ T66] bridge_slave_1: left promiscuous mode [ 496.108947][ T66] bridge0: port 2(bridge_slave_1) entered disabled state [ 496.122447][ T66] bridge_slave_0: left allmulticast mode [ 496.128192][ T66] bridge_slave_0: left promiscuous mode [ 496.144286][ T66] bridge0: port 1(bridge_slave_0) entered disabled state [ 496.622016][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 496.624038][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 496.627410][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 496.631509][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 496.633372][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 496.642426][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 496.844196][ T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 496.854731][ T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 496.865552][ T66] bond0 (unregistering): Released all slaves [ 496.883854][T13501] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 496.924543][T13503] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 497.233945][T13513] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 497.265427][T13509] FAULT_INJECTION: forcing a failure. [ 497.265427][T13509] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 497.282896][T13509] CPU: 1 UID: 0 PID: 13509 Comm: syz.2.2327 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 497.282933][T13509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 497.282949][T13509] Call Trace: [ 497.282957][T13509] [ 497.282968][T13509] dump_stack_lvl+0x16c/0x1f0 [ 497.283004][T13509] should_fail_ex+0x50a/0x650 [ 497.283041][T13509] ? __pfx___might_resched+0x10/0x10 [ 497.283129][T13509] should_fail_alloc_page+0xe7/0x130 [ 497.283157][T13509] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 497.283197][T13509] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 497.283248][T13509] ? __pfx___lock_acquire+0x10/0x10 [ 497.283281][T13509] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 497.283330][T13509] ? find_held_lock+0x2d/0x110 [ 497.283360][T13509] ? local_lock_release+0x99/0x140 [ 497.283385][T13509] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 497.283425][T13509] ? policy_nodemask+0xea/0x4e0 [ 497.283465][T13509] alloc_pages_mpol+0x1fc/0x540 [ 497.283490][T13509] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 497.283537][T13509] alloc_pages_noprof+0x131/0x390 [ 497.283562][T13509] pgd_alloc+0x3b/0x4e0 [ 497.283600][T13509] mm_init+0x6c5/0x1170 [ 497.283640][T13509] copy_process+0x64bf/0x8c50 [ 497.283668][T13509] ? __pfx___lock_acquire+0x10/0x10 [ 497.283716][T13509] ? __pfx_copy_process+0x10/0x10 [ 497.283740][T13509] ? __might_fault+0x13b/0x190 [ 497.283765][T13509] ? __pfx_lock_release+0x10/0x10 [ 497.283797][T13509] ? trace_lock_acquire+0x14e/0x1f0 [ 497.283828][T13509] ? lock_acquire+0x2f/0xb0 [ 497.283858][T13509] ? __might_fault+0xe3/0x190 [ 497.283883][T13509] ? __might_fault+0xe3/0x190 [ 497.283912][T13509] ? _copy_from_user+0x59/0xd0 [ 497.283944][T13509] kernel_clone+0xfd/0x960 [ 497.283970][T13509] ? __pfx_kernel_clone+0x10/0x10 [ 497.284001][T13509] ? __pfx_futex_wait+0x10/0x10 [ 497.284045][T13509] __do_sys_clone3+0x214/0x290 [ 497.284079][T13509] ? __pfx___do_sys_clone3+0x10/0x10 [ 497.284148][T13509] do_syscall_64+0xcd/0x250 [ 497.284183][T13509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.284215][T13509] RIP: 0033:0x7feb7638cde9 [ 497.284233][T13509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 497.284259][T13509] RSP: 002b:00007feb741f5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 497.284285][T13509] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007feb7638cde9 [ 497.284300][T13509] RDX: 00007feb741f5f20 RSI: 0000000000000058 RDI: 00007feb741f5f20 [ 497.284316][T13509] RBP: 00007feb7640e2a0 R08: 0000000000000000 R09: 0000000000000058 [ 497.284333][T13509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 497.284348][T13509] R13: 0000000000000000 R14: 00007feb765a5fa0 R15: 00007ffe1a8d5708 [ 497.284380][T13509] [ 497.578587][T13495] chnl_net:caif_netlink_parms(): no params data found [ 497.630659][T13514] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 497.912528][T13495] bridge0: port 1(bridge_slave_0) entered blocking state [ 497.956940][T13495] bridge0: port 1(bridge_slave_0) entered disabled state [ 497.969705][T13495] bridge_slave_0: entered allmulticast mode [ 497.976806][T13495] bridge_slave_0: entered promiscuous mode [ 498.019873][T13495] bridge0: port 2(bridge_slave_1) entered blocking state [ 498.058122][T13495] bridge0: port 2(bridge_slave_1) entered disabled state [ 498.078377][T13495] bridge_slave_1: entered allmulticast mode [ 498.099978][T13495] bridge_slave_1: entered promiscuous mode [ 498.117693][T13539] __nla_validate_parse: 6 callbacks suppressed [ 498.117714][T13539] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2331'. [ 498.163356][T13541] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2334'. [ 498.271737][T13495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 498.358541][T13495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 498.447181][T13549] FAULT_INJECTION: forcing a failure. [ 498.447181][T13549] name failslab, interval 1, probability 0, space 0, times 0 [ 498.451599][T13551] netlink: 'syz.2.2338': attribute type 10 has an invalid length. [ 498.467887][T13551] netlink: 230 bytes leftover after parsing attributes in process `syz.2.2338'. [ 498.487257][T13549] CPU: 0 UID: 0 PID: 13549 Comm: syz.3.2337 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 498.487293][T13549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 498.487309][T13549] Call Trace: [ 498.487317][T13549] [ 498.487329][T13549] dump_stack_lvl+0x16c/0x1f0 [ 498.487364][T13549] should_fail_ex+0x50a/0x650 [ 498.487401][T13549] ? fs_reclaim_acquire+0xae/0x150 [ 498.487435][T13549] ? sk_prot_alloc+0x1a8/0x2a0 [ 498.487457][T13549] should_failslab+0xc2/0x120 [ 498.487482][T13549] __kmalloc_noprof+0xcb/0x510 [ 498.487515][T13549] ? trace_cap_capable+0x1a2/0x210 [ 498.487548][T13549] sk_prot_alloc+0x1a8/0x2a0 [ 498.487575][T13549] sk_alloc+0x36/0xb90 [ 498.487607][T13549] pfkey_create+0x105/0x600 [ 498.487635][T13549] __sock_create+0x335/0x8d0 [ 498.487668][T13549] __sys_socket+0x14f/0x260 [ 498.487695][T13549] ? __pfx___sys_socket+0x10/0x10 [ 498.487723][T13549] ? rcu_is_watching+0x12/0xc0 [ 498.487756][T13549] __x64_sys_socket+0x72/0xb0 [ 498.487782][T13549] ? lockdep_hardirqs_on+0x7c/0x110 [ 498.487810][T13549] do_syscall_64+0xcd/0x250 [ 498.487841][T13549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.487875][T13549] RIP: 0033:0x7f2aa5d8cde9 [ 498.487904][T13549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 498.487930][T13549] RSP: 002b:00007f2aa6cb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 498.487955][T13549] RAX: ffffffffffffffda RBX: 00007f2aa5fa5fa0 RCX: 00007f2aa5d8cde9 [ 498.487972][T13549] RDX: 0000000000000002 RSI: 0000000000000003 RDI: 000000000000000f [ 498.487986][T13549] RBP: 00007f2aa5e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 498.488002][T13549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 498.488020][T13549] R13: 0000000000000000 R14: 00007f2aa5fa5fa0 R15: 00007ffc0abb6238 [ 498.488053][T13549] [ 498.678173][ C0] vkms_vblank_simulate: vblank timer overrun [ 498.695989][ T5852] Bluetooth: hci1: command tx timeout [ 498.836137][ T66] hsr_slave_0: left promiscuous mode [ 498.847468][ T66] hsr_slave_1: left promiscuous mode [ 498.856677][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 498.864551][ T66] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 498.879475][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 498.894917][ T66] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 498.928383][ T66] veth1_macvtap: left allmulticast mode [ 498.945508][ T66] veth1_macvtap: left promiscuous mode [ 498.951196][ T66] veth0_macvtap: left promiscuous mode [ 498.956776][ T66] veth1_vlan: left promiscuous mode [ 498.986159][ T66] veth0_vlan: left promiscuous mode [ 499.393628][T13575] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2345'. [ 500.075525][ T66] team0 (unregistering): Port device team_slave_1 removed [ 500.121268][T13585] netlink: 'syz.4.2349': attribute type 10 has an invalid length. [ 500.145958][ T66] team0 (unregistering): Port device team_slave_0 removed [ 500.163530][T13585] netlink: 230 bytes leftover after parsing attributes in process `syz.4.2349'. [ 500.679588][T13495] team0: Port device team_slave_0 added [ 500.733220][T13495] team0: Port device team_slave_1 added [ 500.748789][ T5852] Bluetooth: hci1: command tx timeout [ 500.820102][T13495] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 500.834119][T13495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 500.861740][T13495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 500.877821][T13495] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 500.903884][T13495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 500.944652][T13495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 501.105451][T13495] hsr_slave_0: entered promiscuous mode [ 501.136264][T13495] hsr_slave_1: entered promiscuous mode [ 501.150642][T13495] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 501.158257][T13495] Cannot create hsr debugfs directory [ 501.250573][T13609] EXT4-fs error: 4 callbacks suppressed [ 501.250594][T13609] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 501.277614][T13610] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 501.360029][T13615] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2355'. [ 501.411306][ T66] ref_tracker: net notrefcnt@ffff888012053e60 has 1/2 users at [ 501.411306][ T66] sk_alloc+0xa93/0xb90 [ 501.411306][ T66] inet6_create+0x380/0x1320 [ 501.411306][ T66] __sock_create+0x335/0x8d0 [ 501.411306][ T66] udp_sock_create6+0xc8/0x6a0 [ 501.411306][ T66] sctp_udp_sock_start+0x280/0x4b0 [ 501.411306][ T66] proc_sctp_do_udp_port+0x380/0x450 [ 501.411306][ T66] proc_sys_call_handler+0x3c6/0x5a0 [ 501.411306][ T66] iter_file_splice_write+0x90f/0x10b0 [ 501.411306][ T66] direct_splice_actor+0x18f/0x6c0 [ 501.411306][ T66] splice_direct_to_actor+0x346/0xa40 [ 501.411306][ T66] do_splice_direct+0x178/0x250 [ 501.411306][ T66] do_sendfile+0xafb/0xe40 [ 501.411306][ T66] __x64_sys_sendfile64+0x1da/0x220 [ 501.411306][ T66] do_syscall_64+0xcd/0x250 [ 501.411306][ T66] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.411306][ T66] [ 501.499331][ T66] ref_tracker: net notrefcnt@ffff888012053e60 has 1/2 users at [ 501.499331][ T66] sk_alloc+0xa93/0xb90 [ 501.499331][ T66] inet_create+0x3a1/0x10a0 [ 501.499331][ T66] __sock_create+0x335/0x8d0 [ 501.499331][ T66] udp_sock_create4+0xa7/0x450 [ 501.499331][ T66] sctp_udp_sock_start+0x10b/0x4b0 [ 501.499331][ T66] proc_sctp_do_udp_port+0x380/0x450 [ 501.499331][ T66] proc_sys_call_handler+0x3c6/0x5a0 [ 501.499331][ T66] iter_file_splice_write+0x90f/0x10b0 [ 501.499331][ T66] direct_splice_actor+0x18f/0x6c0 [ 501.499331][ T66] splice_direct_to_actor+0x346/0xa40 [ 501.499331][ T66] do_splice_direct+0x178/0x250 [ 501.499331][ T66] do_sendfile+0xafb/0xe40 [ 501.499331][ T66] __x64_sys_sendfile64+0x1da/0x220 [ 501.499331][ T66] do_syscall_64+0xcd/0x250 [ 501.499331][ T66] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.499331][ T66] [ 501.586930][ C0] vkms_vblank_simulate: vblank timer overrun [ 501.621590][T13618] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 501.702860][T13621] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 501.726721][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.734856][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.787856][T13622] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr [ 501.797932][ T66] ------------[ cut here ]------------ [ 501.808728][ T66] WARNING: CPU: 1 PID: 66 at lib/ref_tracker.c:179 ref_tracker_dir_exit+0x3e3/0x680 [ 501.818171][ T66] Modules linked in: [ 501.822182][ T66] CPU: 1 UID: 0 PID: 66 Comm: kworker/u8:4 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 501.833188][ T66] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 501.843968][ T66] Workqueue: netns cleanup_net [ 501.850120][ T66] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 501.856648][ T66] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 5b 16 c8 fc 48 8b 74 24 18 48 89 ef e8 6e bd 65 06 90 <0f> 0b 90 e8 45 16 c8 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 c4 [ 501.876798][ T66] RSP: 0018:ffffc9000216fac8 EFLAGS: 00010246 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 501.883275][ T66] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 501.891713][ T66] RDX: 0000000000000001 RSI: ffffffff8b6ceca0 RDI: 0000000000000001 [ 501.900391][ T66] RBP: ffff888012053e60 R08: 0000000000000001 R09: fffffbfff2dd79b9 [ 501.908406][ T66] R10: ffffffff96ebcdcf R11: 0000000000002ba2 R12: ffff888012053eb0 [ 501.916505][ T66] R13: ffff888012053eb0 R14: ffff888012053eb0 R15: ffff888012053eb0 [ 501.924670][ T66] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 501.934968][ T66] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 501.941943][ T66] CR2: 00007fb4af255ff8 CR3: 000000007e304000 CR4: 00000000003526f0 [ 501.950075][ T66] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 501.958086][ T66] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 501.966166][ T66] Call Trace: [ 501.969538][ T66] [ 501.972495][ T66] ? __warn+0xea/0x3c0 [ 501.976639][ T66] ? ref_tracker_dir_exit+0x3e3/0x680 [ 501.982094][ T66] ? report_bug+0x3c0/0x580 [ 501.986870][ T66] ? handle_bug+0x54/0xa0 [ 501.991715][ T66] ? exc_invalid_op+0x17/0x50 [ 501.996545][ T66] ? asm_exc_invalid_op+0x1a/0x20 [ 502.001697][ T66] ? ref_tracker_dir_exit+0x3e3/0x680 [ 502.007124][ T66] ? ref_tracker_dir_exit+0x3e2/0x680 [ 502.012592][ T66] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 502.018365][ T66] ? lockdep_hardirqs_on+0x7c/0x110 [ 502.023788][ T66] ? cleanup_net+0x993/0xbf0 [ 502.028436][ T66] cleanup_net+0x99f/0xbf0 [ 502.033050][ T66] ? __pfx_cleanup_net+0x10/0x10 [ 502.038273][ T66] ? lock_acquire+0x2f/0xb0 [ 502.043204][ T66] ? process_one_work+0x921/0x1ba0 [ 502.048369][ T66] process_one_work+0x9c5/0x1ba0 [ 502.053413][ T66] ? __pfx_batadv_nc_worker+0x10/0x10 [ 502.058860][ T66] ? __pfx_process_one_work+0x10/0x10 [ 502.064288][ T66] ? assign_work+0x1a0/0x250 [ 502.068997][ T66] worker_thread+0x6c8/0xf00 [ 502.073656][ T66] ? __pfx_worker_thread+0x10/0x10 [ 502.078870][ T66] kthread+0x3af/0x750 [ 502.082987][ T66] ? __pfx_kthread+0x10/0x10 [ 502.087875][ T66] ? lock_acquire+0x2f/0xb0 [ 502.092822][ T66] ? __pfx_kthread+0x10/0x10 [ 502.097493][ T66] ret_from_fork+0x45/0x80 [ 502.101989][ T66] ? __pfx_kthread+0x10/0x10 [ 502.106620][ T66] ret_from_fork_asm+0x1a/0x30 [ 502.111592][ T66] [ 502.114647][ T66] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 502.121934][ T66] CPU: 1 UID: 0 PID: 66 Comm: kworker/u8:4 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0 [ 502.132617][ T66] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 502.142687][ T66] Workqueue: netns cleanup_net [ 502.147478][ T66] Call Trace: [ 502.150769][ T66] [ 502.153706][ T66] dump_stack_lvl+0x3d/0x1f0 [ 502.158320][ T66] panic+0x71d/0x800 [ 502.162225][ T66] ? __pfx_panic+0x10/0x10 [ 502.166650][ T66] ? show_trace_log_lvl+0x29d/0x3d0 [ 502.171871][ T66] ? check_panic_on_warn+0x1f/0xb0 [ 502.176998][ T66] ? ref_tracker_dir_exit+0x3e3/0x680 [ 502.182384][ T66] check_panic_on_warn+0xab/0xb0 [ 502.187330][ T66] __warn+0xf6/0x3c0 [ 502.191234][ T66] ? ref_tracker_dir_exit+0x3e3/0x680 [ 502.196624][ T66] report_bug+0x3c0/0x580 [ 502.200976][ T66] handle_bug+0x54/0xa0 [ 502.205158][ T66] exc_invalid_op+0x17/0x50 [ 502.209685][ T66] asm_exc_invalid_op+0x1a/0x20 [ 502.214722][ T66] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 502.220742][ T66] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 5b 16 c8 fc 48 8b 74 24 18 48 89 ef e8 6e bd 65 06 90 <0f> 0b 90 e8 45 16 c8 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 c4 [ 502.240377][ T66] RSP: 0018:ffffc9000216fac8 EFLAGS: 00010246 [ 502.246455][ T66] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 502.254431][ T66] RDX: 0000000000000001 RSI: ffffffff8b6ceca0 RDI: 0000000000000001 [ 502.262405][ T66] RBP: ffff888012053e60 R08: 0000000000000001 R09: fffffbfff2dd79b9 [ 502.270379][ T66] R10: ffffffff96ebcdcf R11: 0000000000002ba2 R12: ffff888012053eb0 [ 502.278353][ T66] R13: ffff888012053eb0 R14: ffff888012053eb0 R15: ffff888012053eb0 [ 502.286432][ T66] ? ref_tracker_dir_exit+0x3e2/0x680 [ 502.291832][ T66] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 502.297568][ T66] ? lockdep_hardirqs_on+0x7c/0x110 [ 502.302776][ T66] ? cleanup_net+0x993/0xbf0 [ 502.307387][ T66] cleanup_net+0x99f/0xbf0 [ 502.311822][ T66] ? __pfx_cleanup_net+0x10/0x10 [ 502.316779][ T66] ? lock_acquire+0x2f/0xb0 [ 502.321291][ T66] ? process_one_work+0x921/0x1ba0 [ 502.326443][ T66] process_one_work+0x9c5/0x1ba0 [ 502.331420][ T66] ? __pfx_batadv_nc_worker+0x10/0x10 [ 502.336880][ T66] ? __pfx_process_one_work+0x10/0x10 [ 502.342291][ T66] ? assign_work+0x1a0/0x250 [ 502.346903][ T66] worker_thread+0x6c8/0xf00 [ 502.351533][ T66] ? __pfx_worker_thread+0x10/0x10 [ 502.356663][ T66] kthread+0x3af/0x750 [ 502.360750][ T66] ? __pfx_kthread+0x10/0x10 [ 502.365349][ T66] ? lock_acquire+0x2f/0xb0 [ 502.369868][ T66] ? __pfx_kthread+0x10/0x10 [ 502.374470][ T66] ret_from_fork+0x45/0x80 [ 502.378909][ T66] ? __pfx_kthread+0x10/0x10 [ 502.383521][ T66] ret_from_fork_asm+0x1a/0x30 [ 502.388311][ T66] [ 502.391591][ T66] Kernel Offset: disabled [ 502.395977][ T66] Rebooting in 86400 seconds..