last executing test programs: 17.316778633s ago: executing program 0 (id=2324): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r0, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993021400"}, 0x1c) 17.1549622s ago: executing program 0 (id=2327): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/ip_vs\x00', 0x121000, 0x0) mmap$auto(0x0, 0xe6692ee, 0x1, 0x100000eb1, r0, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x405, 0xffffffffffff0001, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r1, 0x81004517, r1) sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x77}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) ioctl$auto_UI_DEV_DESTROY(r2, 0x5502, 0x0) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x2000000000000000, 0x8, 0xd4, 0x7, 0x5, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10001}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0xa, 0xffffefffffff628e, 0xa747, 0x1, 0x1800}) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(r3, 0x0, 0x6a) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) open(0x0, 0xb22142, 0x30) socket(0x2b, 0x1, 0x1) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 16.178363859s ago: executing program 0 (id=2331): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x67, 0xffffffffffffff0f, 0x7eff, 0x5, 0x80000000007, 0x1, 0x80000001, 0xff, 0x4, 0x7, 0xfc000000, 0xffffffff, 0x7fb, 0x40000000007, 0x9}) 15.480133399s ago: executing program 0 (id=2337): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop2/queue/discard_max_hw_bytes\x00', 0x42200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r0) 15.062095588s ago: executing program 0 (id=2340): r0 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/cmdline\x00', 0x2000, 0x0) (async) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x4, 0x0, 0x1, 0x7) (async) io_uring_register$auto(0xffffffffffffffff, 0x4, &(0x7f00000001c0)="38807bd14b87b2ce5f7fc5d31cb5badc41a63b9fecd4d677fd12e3ec0ebb6367a40cf5c63823e9372c098c3c74237af684c16b78050fd5a44e24471ec870fab4eca3ba6842c943aed89a3605cadff436b220c8e2d47360faa8e05ee805b6142bc04a24137c2c623d288fe4ff72e6ccb8ab55f0ef01ee928617ab30fc153df7f585846fe8457645c428f2587f09fcab5a0c78f9b7a692e65cbcdcd3a9da49712dfe651dd29e06022127669005", 0xda77) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyw5\x00', 0x0, 0x0) (async) socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) madvise$auto(0x0, 0xf663, 0x15) (async) close_range$auto(0x2, 0x8000, 0x0) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) (async) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_enter$auto(r2, 0x9, 0x820e, 0x29, 0x0, 0x18) (async) socket(0x2a, 0x2, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) ioctl$auto(0x3, 0x800005411, 0x38) r3 = prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, &(0x7f0000000080)="57da95123249eea4806ca3dee56d3e5909f1f469f6b1ff7ddd9d695f30bb1d559906aa05901761aa659da9fac5e018f142495ca50373521822cf4132ad22d0a177cc2ba4c7e7bc12d1ffa6878aa61e7d37a8f0b5605f818484b09f47e2b68519c42c41fa86a44b162458e254eed93065f017a3adebf74ea74dd77b107bc79a7b6a130262c17049a493917029bca2b397d34b233a970ca7aa55741cbf64d8555c0dbddeba514bc5d7122c1f754e3a83974df3be5e3a1d8d2a7026d298141e603a48ad20217d8c074930b80d8de68396917f18b5893aae64") (async) setgroups$auto(0x7, &(0x7f0000000280)=0x5d3e) (async) ioctl$auto(0x3, 0x890b, 0x38) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000) (async) capget$auto(0x0, 0xfffffffffffffffe) (async) capset$auto(0x0, 0x0) (async) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(r3, 0x806c4120, &(0x7f0000000000)={0xa, 0x3b, 0x6, 0x0, 0xf3c6, 0x8, 0x1df, 0x7fffffff, 0x55, 0x5, 0x7, 0xa, 0x1, 0xb72, 0x0, 0x1b, 0x7, 0x7fff, "fd8b75fa659072a33ae6a662ac50a2bc20e2121eb21bfea9df0cd42ebb7f359a58ce8f19"}) ioctl$auto_TCSBRK2(r3, 0x5409, &(0x7f00000002c0)="ff559f0885d0a1626741da2bb4a3a6f3d39d73b0270c37494bd11690f5d48832e7b39bc58046aa6fefa4d99b7a86a19a97894c0bdce9f150499dfeda0e47262eb151516427fa83db77c782154d157e07f414f8e30bbc0d8d643082ef2bc9968c7112afefe9c5c6371667d48a2a210e7f845bf876da48a6950cba32d4385ed5a69555a5fd1dab24d28e8db5da151d61047b15843dcd72f46d34b13e8e092d2bdf1ac6f943302d042152b2fff580184f3cecb4552bc2f556e837cfe114ebb8c85de6f8338b2d2bcd4cd1d8a49d7e8d4ef92dbb825b348168ee65a755d333fe8886a6d706d8e812c8bc768afb34bd70d3305fd503bdcb812b916058847c603db562c162c84fd3ea5de0a52464cca6582b322391c5c9c428833936b36414c2c14a504948b933140061945609b0d1e140995f4513d31014baca42bce26337d69813cc0bbe5be420fa492b99f7be1f589a4e705f6a5fde4baa91145a8f7d0c4ffb791a4e3418cf8a57c4ae9ca611eada76eaa8d8582d3d300e07cccf8d54f3c338ed0db6612d735a42f4de16878b7e5bea2c35265b29c1b3d7876578c92ca2aeec945e175e0193f931da997a297777b1f36458e9a7036e67ab2488e3be2a050555bd9e6134d31e9bbdaa438bf13724de2e67a1f71cfdfe6a22627f6c99bb7910df88f7da8ba3881248ac283989bad2ff953bb1168ad778bfb5cb7312667afc224ff7ebdb8fd118fbc276b016d040caf2a601de551ae2d14b7e446a599fdb0a5e8db5e70ef73ba0123655829e5385031bc4e371b7d94e1676b7b2bf4e91407b59fb7c1580adf07b0b402b0b238b58a99e910c9f184a157fa784355a8e03dca701e52b4ec5ff73e4afed0df95534bb31b0f6ef4db7c2e43fdbc2a01080b33707be62a9d25c741dad83db7df770a829cf7965d38596036c095d4b933e7c14629ac58119de8678c050bc37b2fe2cfbde79b72df489730f420d4f06be3ec9fc19a340487fd66a9996ed342de23aefb848552614d541f95aaaae664152b6febec57082b4d5fcf79c1a1aa98ef4f10c2273d09772e4030c5ec871fb06b6e1da7718c4ff2b75557710ce07a6c3d61d26115cfa15728ce39f31bb940e52abad7ff8e42c82bb04e7d688a50ffd19ca1643fe3c5a97ac87e2a2915370217b24bb29f426b801a34b8a49bdb236283e7428494ac5feec2d2bdbeb836abcfc36d28c63a807b8e654f3ce01e099e86a0565db7ef2cf83ff2d184ee08bc8380c332643acba497df3fa47389671f6f9403d56f7193084184758c2efe52f8432684d1d3adad4dfff678c31de44f2e78c03a6772c353a34ba3513f27949e5570bfa4d4c0d8eaa082e75314742be8bdfcc6414b55be5dbe7f41a2bf0582f98d6c7fb3cf9b1c744ab0c8d14228ca227ce05f05b20693e8a3c215aafe9fc58205ecef130f36dba39c422bc2bd1fb620ef1c1a2d5a0310b51eecab864835efd7b7f35b2ca4cbadc50176250d311ed17734f5651b895369fb71cc25be95dfc03d3870f31609937affe774d391fa4616e451a65b9cea35d45e4c6264d3c546214203671ebf3b2868ec346e84ee418076bbd9b657f72e7e85ca372f95fe73248e8e3b2e567ae70be7a5afc2d11b51427461b2cdb6e61b5c59631bd6441d66cfe12e5876cb1f2fca4885aacde14c46e429cd6ab9072935841c5327d7e90742b49285a728f113901052f12e136a06062b878bcc906f80746a24149dbb824657fff05a2cbba8e0524360e1ce2a556c4fd4ccd4c4659a279336a59f0132471609ab98f0f302b5183999c7da12501a3748d707418711b05a42f206999b37c4fb0b5450ba41c40c861136a2e24f52f12373aedf79468b36295043b7225a53e7625150b47c221b597a46f94f465279f7630e654991eed309e2651a65a23ce0ec01e23b1bf37b6156c6faf7dd55da9c551c392cc73e328dc35c211d898ebbd5c5adac8b8382651aab82a2067e141d0f5b563cf09d18df3affe32c5b3bcb7b494da9997b6b8998b4d56921ddfb9bdeabe078d60b5bcc41cafaa251a46ef4d58990b409f59c50793a7c7451fbbe9cdeb64d384422d2ac143dc9476157ff8fe96e163b9af424341f4d6391e4bf25c8bc6cfb36b9d1570fb9b0bf7e5fc3d6692352afe18b3e37c517faea7c0b40d3e39f07bb0a33fdeac769b34d1c8afcfd7b25c5a1595eed655cb236b6851b1beca72c728ad97f373d0ea7181547ebcf84515190f5b02906986ce5b64ef5c46cc801d31335399b1b83215c71111b80dae1e3086814e602d3e75f7ecdf6191940cdf1e468b3a921985c0b1f859ea0ca1bacfc427612ad5218f47f218dba7817ded28b04d0d306cc8e02b887da2634d60bf1efd032bdf125fd2dc589d250f976975b23304eeb37efa06fcd2fe451cfaf062c480e438fb5cef75d6f23608a35daca90a3536a77d24470b16616d121aae2d7c5f5cc64a4c06cc2b11dca6aa8b043490d9f42ca89678e0f65e701c6238efe3e1241aef08a61f6ab0fbf7674cfdf48a8598137149ee6c5b4fba27e2f14200017a40bcb881efdced67391e05ac6ed2cedee1b9e9fdbb784d67921fd21c73aef4f307a62aec8d2c96f8169ba4ff8679b4ca1528bb70d4594f5db6cc28fede23c69fbd9442a394ed5240c762401895aa548b4f433229f6dcd0a157e612f28391b2fea5929a963cf0d72429dcf2c1bafe76cfdfc5f4399964c31923afa67b70acbdf012ceeec433457710a24c3e1547d3e25524459d7a5cc567f8f1ca893b4c613dc4998042c50cd62fba3db3e86bb4cb77c6bf6e4636fb8d286359fecf6ccbb4354494c892918146dc8031670b253d3a150fbd2f527cae1b0f9eb8058ca4dc50b8f1488d8806412e2e9990eabd72f555cf9d9f0fd9f79507d5267517a61272183b79d3f1ad7d898ec520574ecea93762bbeb472b218b05310a17297cfa9a238352c6dd789b4cb66bba91a887f60c3bbea1507ece76dd572b4206f4b2a69ce583b71b5d4a53b989873dcbaf367bcfbe923104d9ae0ff346d3ccfeb7629712e144792c3dac9e48bfe4b3266d7b527b44344f7d706dba482d2f64a70f9a5d473f76f7bce5f8d44f3c2ace49e87e1396d7b6783d0d4402425de4fda9266a5e4fcd54810186aac7ebdb8904dcf0ddaaebcde16d1ce3df0c7c57265cf06b360cd2775685478ae7d0700b1d1c6f5672d976ed48a15ef4e1d6c2fd4a260708af0a6e739ef9330dc15b318e0deeebf7562a9c3c46c56a244c7c3c853c342b6c8f2fd96ce6b7931d8347d553857dab18ab1f4a6f1ec145af09982aa1d199dc81c460e95765de1b470e766d91d25d1bf4d027859f57142bbb092031c496611801c4e92efb1ea0c66b6ed61cfdc1db3dfe5cffa4916f084f2ecf944226e4d7f7f39227bdcfbf0d71c1912ffecf343b051dbd0f05e5b0235be526a95ac00c4b46464097c62a382856239b594874c4287a42b49ae3c0f3410ce4a168a9a88c888516107cf1ba9d5636d250e7962fb025c40c6783f3f922dfd145b9d4bdc8ab2b5cc303cf2d7c7fe012ae7e75486d2e4b85cc5ef7c7d0ed25640c7e2069d5cf373f1ffced4923ab38b42ce3a60908755ac95446c4514255f31e78aa3cb7f7f506dfb6809177fd790a5eeb67118813b5f771de54fae3a5e4ac770263b943627ce8d6a9e817eafea463550d419a1a717e51cb438de99e236d749b4b9a8a2489a0701520807404d558485cb944106260f330f202bf36de83cabc40d545666c23d2e75055a56e71bccce8db40db4c1ed1eb042e45c23b5f1f8baa549de21c3430da4b648217573289387701d380735fc57b9ef4cd3c4cd284cc89a6259979b173b6ca1c2ce9507f66770e9f57385bf230e65838bb91e03b84eba22fe4e1432e69fcaedc27a37a6538734e1d7de30193a27bd299d7157e1362ccfc508069c6a278d1d55a2029a5373ec7a90b5de1cd5d94a4181fbe3293c5009be946f82f2503ee061e8033b39591a6c3567ac93f961741fcd2f6bd606c5e586a96ed3df8e469ae6fa562a8eb26713a2a2b365ed2d4c5607feb3e48825f0533a0035737e30498649785597a4efc5d3c1da0815da6cc1832778c676c4b1cb14a9bc26da93581959e951f9c813299a3c53b5edac31d1ab9f1a07d00fc74efde907d1197e5d806edef6ac786f3a6ab93c4fea7f2631450ad068df54034aa9cf7899d63320af4b238f62794a0b8b66b47f12592f415fbb676724ef3c9782b8de2ef6fc63d6eeb7b81d607de4bcae34eb0fa915d64c014e01362a502cb9936a95f155ccf3444263dc2a0eec118d96edca94c8b2320ecd9b23a66a04b170eba0d652a7fd48eacc68a76e91c292e303b244d6256d2bb96e0c555b313ca2be7b7a68fb386959b339dfd5ec36c5895fa8d8ee8de387d456bb3405197f9f571c19fb3f75e608f38b57f3ca99498bf0a3b35cc82b06b54303bddec0d0dbe60daa03ea03eb2303b192b995ec30e385643e8fdc21a2a55faaed4bbbe944b9507fef07b163e8771b2613d7d607c35d97627e8145fed82f3d31ed97ff2776c41360b13dc45cf00389af28ded38d94e77a316c1a9ae724fd2fa1d771b56132c26199760ef95ee12ad65683a7b68d9485a9f486ee79d49aed74b0719ba0a4c6cda36230d05426e3ca5e6fb47dc4811edae0984e3f16832988c5da3b4b886033e3fe28e5526416175d53148b9658a25f131bd78015f3a74dd391e2bc707b8ba5c4154e5c01176a9390585b79cda0e2f5162f0f2cf611cdf0302a4127f3531a0d995062fab78a1f1b5da89fdae3156b8226c54159b66d6f1bf086bec1983dcd04dadb87d3dcefbcc1d9ab24d5f60e1da132c3f948d36d0470209aa0459c1b09fc0e02f14a3545c1a84c04338a6b8246d04f0f8afea16ec5069b3a810341242c0fc2117bea94719938d864b0a01de17570ff19bb05a0f3a81eca0b9f79959066b51dbdf1062de5af90e1240a353f8b1f5a84cc29ac9f9925b29718729855435597ac65b9bbd5dc52dc7c06f30e020a8fab7346129cab998076ce397490f988a4f9ee3ee3e2e80e8f2cffcbf679767f17d2ad3df9b45c06e328608ca464470dbfd74e4fa36a38e4129e3a4778c1742888ec23b8d1ec90ec1713b976a46cb7ded71d4542e8a2878c1313bd236e839bcf8d18e9aaee09e8722ed7cd8fa75d7606cbd596d8462cfa8cc0171949717b3a4fac6ed77dce8b9621c5e22f055482d24b695eede57274b34c684cd97a5dda25620730c187529a1323d3a530205afebe709bb66f962b94e9d0e4bb0f8ec5d8f70bbd758bb2b52f476c9cafee2b686e8eeeb25156fcc3beffb4eecb227bae590f71c14a3a71ec80e24f8854f08c0155f118cfc8bb04ab216df381accdcd3c5a6e5d16a33f0ed44af1d4b48209adf48b0d298143bed4074060f88983f06d524374871d9c742fab0e7ddf238c5ca193683ee7a1da4446b408adbaf80e0ec7004c1ac492458132d691d40d7f0002eab9147218ff569f85f9a240c7cfd162193b122148edb1fded9117c91aa59be9876eba1c0bf361071290406dfe897c2ae20b4da62865dee16e585c2091ca93b90bf5e1f6b5f5707425d9cf9300b5663a8a7f2223c5407f7dfd027896714ca8671aa2413d3f6f909134820a14223f215dc00b4e141a02c28bb0efd20258fce541be505e16c41088410396921ef42e764b13015e6c9c9fe5155045a72c04250f65c2c13a74197dcf5d2bbc21d6a3f7d46924067cd837e90ed845f34c9022fa2ce75ed07d7e9a5cd8c4baf978cc9b0d9ce6ba5e027c82aa706d6") exit$auto(0xd5c4) (async) read$auto_proc_pid_cmdline_ops_base(r0, 0x0, 0x0) 10.2415804s ago: executing program 2 (id=2360): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x4000000) r1 = bpf$auto(0x4, &(0x7f00000001c0)=@bpf_attr_11={0xa, 0x10001, 0x2, 0x8, 0x8, 0x7, 0x82, r0}, 0x6f3) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x7ff) unshare$auto(0x40000080) semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r3, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r3, 0x7a4, 0x0) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/bConfigurationValue\x00', 0x101142, 0x0) write$auto(r4, &(0x7f0000000100)='-\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) r5 = ioctl$auto_TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000000)=0x80000001) mkdirat$auto(r5, &(0x7f0000000040)='./file0\x00', 0x400) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu0/cache/index0/id\x00', 0x181400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000040)=""/114, 0x72) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x10, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xe) 4.504413899s ago: executing program 2 (id=2378): mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) sendmsg$auto_NET_SHAPER_CMD_GET2(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fcdbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x60040010}, 0x10) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, r0, 0x7ff, 0x6, 0x3, 0x1000009, 0x5f, 0x1, 0x3}, 0x4) socket(0x2, 0x6, 0x0) 4.2636604s ago: executing program 2 (id=2380): r0 = socket$nl_generic(0x10, 0x3, 0x10) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4) setsockopt$auto_SO_MARK(r0, 0xd, 0x24, &(0x7f0000000100)=']}&##/\'.\x00', 0x6) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0) write$auto(r1, 0x0, 0xc70) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) socket(0x1, 0x2, 0x4) bpf$auto(0x11000000, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=r0, 0x4007, @old_prog_fd=0x13b}, 0xa3) 2.659368266s ago: executing program 2 (id=2384): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x100) socket(0x10, 0x3, 0x6) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyc7\x00', 0x189000, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket(0x2, 0x1, 0x0) socket(0x1d, 0x2, 0x2) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 2.451971071s ago: executing program 2 (id=2385): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x4000000) r1 = bpf$auto(0x4, &(0x7f00000001c0)=@bpf_attr_11={0xa, 0x10001, 0x2, 0x8, 0x8, 0x7, 0x82, r0}, 0x6f3) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x7ff) unshare$auto(0x40000080) semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r3, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r3, 0x7a4, 0x0) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/bConfigurationValue\x00', 0x101142, 0x0) write$auto(r4, &(0x7f0000000100)='-\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) r5 = ioctl$auto_TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000000)=0x80000001) mkdirat$auto(r5, &(0x7f0000000040)='./file0\x00', 0x400) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu0/cache/index0/id\x00', 0x181400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000040)=""/114, 0x72) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x10, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xe) 1.856946255s ago: executing program 3 (id=2390): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/ip_vs\x00', 0x121000, 0x0) mmap$auto(0x0, 0xe6692ee, 0x1, 0x100000eb1, r0, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x405, 0xffffffffffff0001, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r1, 0x81004517, r1) sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x77}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) ioctl$auto_UI_DEV_DESTROY(r2, 0x5502, 0x0) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x2000000000000000, 0x8, 0xd4, 0x7, 0x5, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10001}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0xa, 0xffffefffffff628e, 0xa747, 0x1, 0x1800}) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(r3, 0x0, 0x6a) write$auto(0xffffffffffffffff, &(0x7f0000000340)='\xa3o\a`\f\f4\xc6\xe7\x8a\x16h\x80\xb5\xed\xe4\xec\xfe\xe50\xb9\xbb1/#\xdc\xdd\xed\xa2\x85\xa1\xd5\xf5\xfeG\xdcI\xe3c\xb8BS\x04Y\xc9N\x98\xc6I_E \xc8^T\x84Mh\xf4Y\xcc\xe4\x9al\x88\x8fX\xcb\xad\x1d*\xec\x1dG@H/N\xaa\x1b\xce\x8b\xff\xcfe\xac\xda\xb0\xbe;-y\x12\x13\x93\x1d\xb5>\x1c\x02Tv\x92\xc0\x1c\xaa\x8a8\x0e_Fv\x00\xdc\nfd\x16\xa6d\xa3z\xdf\xc7o+1\xf4Q\xf7i\xd6.\t\x10\x99\xc4\x06\xa3\xbf*\xbb\xe0H\xc9u+\x17\x93!\x1c\xc3\xcd\xc1y\xaf\xf1\xd1B\xaa[\x9d\xb6\xad\xe2\xff\x9b[{\xd1z\x18\xba\x7f\xb5\x10\xdd1\xf2\x9c\xb0=\xf09\r\xc3\x1b9\xbe\xa8\xe76[/<,\xe1\x90\xb3G}\x85E\xc6\x8ak4\xc3+\xf0\x9f\xe0F\x1b\xdb\x84\x17\xc0\x99\xf1\xb5,\x1f\x8a\xe7\x0f\xd7\xc2{>\xb9q\xc3\xa7\xaaF|\\4\x03Z\xecH\x99\xber\xab\xe6+>\x95\x86\x83\xfb\x16o\x98\xe0\xe9d\xa1z^}\xc7\x12\xe6b\xa2\xb1X\x062\x12\xec\x12.\xbb\x10\x11\xdb_Xo\xfc\xcd\x8av\x80\xf0!n\x8d\xee)\rm\xc5\xee\xd6\xde\xc7\xf8\xdf\xc1?\x82\xca\xb6X\xe3\xfc\xf8\x1a\xe7U\xd6\f\x8e\x98+\x99\x1dqtV\xb4\x05\xa4ge', 0x110000a3d9) open(0x0, 0xb22142, 0x30) socket(0x2b, 0x1, 0x1) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 1.618405869s ago: executing program 1 (id=2391): fanotify_init$auto(0x5, 0x2) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) socket(0x11, 0x80003, 0x300) 1.308579679s ago: executing program 3 (id=2392): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x100) socket(0x10, 0x3, 0x6) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyc7\x00', 0x189000, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket(0x2, 0x1, 0x0) socket(0x1d, 0x2, 0x2) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 1.281813421s ago: executing program 1 (id=2393): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000440)="671d2647dd69b6440843b6e6688a1f5ad9df2669e6f9cd236532b20ed763ac8caf4bde4c30b530ac6ebbff950e1a647d6a08a1b55dde5a409b4a", 0x3a) 1.188015193s ago: executing program 3 (id=2394): mmap$auto(0x0, 0x40000b, 0x800000000000e1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) mbind$auto(0xf000, 0x1, 0x1, 0x0, 0x7fff, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) (async) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000600), 0x142, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/loop4\x00', 0xc040, 0x0) ioctl$auto(0x3, 0x1, 0x90000800000402) (async) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20040045) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) (async) unshare$auto(0x40000080) (async) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x2003f0, 0x15) (async) setsockopt$auto(0xffffffffffffffff, 0x1, 0x8010, 0x0, 0xba) epoll_create$auto(0x6) (async) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x801, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r0, 0x0, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x15, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) (async) write$auto(0x3, 0x0, 0x7fffffff) (async) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x80301, 0x0) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x120, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fb8000"}, 0x1c) (async) pwrite64$auto(0xc8, 0x0, 0x6, 0x7a) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) mlock$auto(0x1000, 0x6) (async) mlockall$auto(0x800000000000005) (async) pselect6$auto(0x8000, &(0x7f0000000080)={[0x800, 0xf, 0xb, 0xb9, 0x6, 0x7, 0x28, 0x80000001, 0x100, 0x8024, 0x3, 0xffffffffffff6ee4, 0x9, 0x47, 0x3, 0x40]}, &(0x7f0000000100)={[0xfffffffffffffffc, 0x8, 0x101, 0x4, 0x8, 0x0, 0x3f8b, 0xc, 0x2, 0x2, 0x5, 0x7b, 0x1, 0x800, 0x7fffffffffffffff, 0x6]}, &(0x7f0000000180)={[0x5d58, 0x7, 0xa5, 0x7f, 0xffffffffffffff60, 0x6, 0xfffffffffffffffa, 0x2001, 0x4, 0x7, 0x6, 0x8000, 0x200c, 0x101, 0x2, 0x9]}, 0x0, &(0x7f0000000240)) (async) mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f0000000040)='\a\x00\x00\x00\xa6\x89\xef\xf5\x90H\x9f\xe9?\xc7~*O\xa7=\xe5\x04\xd91\xee\xc7WSd\xcc\xc5\xd4h\xc2\x91\x93}r\xab\x84\xe1\xd1\x02\x16\x12\xf9\x00\xe9\x8b\xef', 0x100000000000b6c) 1.04060834s ago: executing program 1 (id=2395): mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x1f40) sendmsg$auto_NET_SHAPER_CMD_GET2(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fcdbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x60040010}, 0x10) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0xffffffffffffffff, 0x7ff, 0x6, 0x3, 0x1000009, 0x5f, 0x1, 0x3}, 0x4) socket(0x2, 0x6, 0x0) 945.144598ms ago: executing program 1 (id=2396): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/net/rxrpc/calls\x00', 0x20080, 0x0) pread64$auto(r1, 0x0, 0x8, 0xffff) write$auto(r0, &(0x7f0000000000)='/proc/self/net/rxrpc/calls\x00', 0x5) write$auto(r0, 0x0, 0x81) 828.237096ms ago: executing program 1 (id=2397): r0 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_DEL(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x1c, r0, 0x901, 0x70bd29, 0x25dfdbfb, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @remote}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 716.54702ms ago: executing program 3 (id=2398): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x42, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x3, 0x1) socket(0x10, 0x2, 0xc) socket(0x10, 0x2, 0x14) mmap$auto(0x0, 0x5, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x3, 0x88) socket(0x2, 0x6, 0x0) ioctl$auto(0x1, 0x890c, 0x8) (fail_nth: 7) 302.386261ms ago: executing program 1 (id=2399): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/ip_vs\x00', 0x121000, 0x0) mmap$auto(0x0, 0xe6692ee, 0x1, 0x100000eb1, r0, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x405, 0xffffffffffff0001, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r1, 0x81004517, r1) sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x77}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) ioctl$auto_UI_DEV_DESTROY(r2, 0x5502, 0x0) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x2000000000000000, 0x8, 0xd4, 0x7, 0x5, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10001}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0xa, 0xffffefffffff628e, 0xa747, 0x1, 0x1800}) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(r3, 0x0, 0x6a) write$auto(0xffffffffffffffff, &(0x7f0000000340)='\xa3o\a`\f\f4\xc6\xe7\x8a\x16h\x80\xb5\xed\xe4\xec\xfe\xe50\xb9\xbb1/#\xdc\xdd\xed\xa2\x85\xa1\xd5\xf5\xfeG\xdcI\xe3c\xb8BS\x04Y\xc9N\x98\xc6I_E \xc8^T\x84Mh\xf4Y\xcc\xe4\x9al\x88\x8fX\xcb\xad\x1d*\xec\x1dG@H/N\xaa\x1b\xce\x8b\xff\xcfe\xac\xda\xb0\xbe;-y\x12\x13\x93\x1d\xb5>\x1c\x02Tv\x92\xc0\x1c\xaa\x8a8\x0e_Fv\x00\xdc\nfd\x16\xa6d\xa3z\xdf\xc7o+1\xf4Q\xf7i\xd6.\t\x10\x99\xc4\x06\xa3\xbf*\xbb\xe0H\xc9u+\x17\x93!\x1c\xc3\xcd\xc1y\xaf\xf1\xd1B\xaa[\x9d\xb6\xad\xe2\xff\x9b[{\xd1z\x18\xba\x7f\xb5\x10\xdd1\xf2\x9c\xb0=\xf09\r\xc3\x1b9\xbe\xa8\xe76[/<,\xe1\x90\xb3G}\x85E\xc6\x8ak4\xc3+\xf0\x9f\xe0F\x1b\xdb\x84\x17\xc0\x99\xf1\xb5,\x1f\x8a\xe7\x0f\xd7\xc2{>\xb9q\xc3\xa7\xaaF|\\4\x03Z\xecH\x99\xber\xab\xe6+>\x95\x86\x83\xfb\x16o\x98\xe0\xe9d\xa1z^}\xc7\x12\xe6b\xa2\xb1X\x062\x12\xec\x12.\xbb\x10\x11\xdb_Xo\xfc\xcd\x8av\x80\xf0!n\x8d\xee)\rm\xc5\xee\xd6\xde\xc7\xf8\xdf\xc1?\x82\xca\xb6X\xe3\xfc\xf8\x1a\xe7U\xd6\f\x8e\x98+\x99\x1dqtV\xb4\x05\xa4ge', 0x110000a3d9) open(0x0, 0xb22142, 0x30) socket(0x2b, 0x1, 0x1) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 254.001486ms ago: executing program 2 (id=2400): unshare$auto(0x40000080) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)) ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x4, 0xf8, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r3, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x6) r4 = open(0x0, 0x261c2, 0x84) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xc) r5 = openat$auto_tracing_total_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/buffer_total_size_kb\x00', 0x101000, 0x0) io_uring_setup$auto(0x7, &(0x7f0000000080)={0xfff, 0x0, 0x60000, 0x2, 0x0, 0x5, r5, [0xa, 0x80, 0x3], {0x8, 0x6, 0x2, 0xfffffffe, 0x0, 0xccbc, 0x40, 0x6, 0x8}, {0xfffffffc, 0x8, 0x9d, 0x6, 0xffffffff, 0x6895, 0x3, 0x3}}) r6 = socket(0x29, 0x2, 0x0) ioctl$auto(r6, 0x8bf0, 0x24) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0x2, 0x1, 0x106) recvfrom$auto(r4, 0x0, 0x8, 0x100, 0x0, 0xfffffffffffffffd) read$auto_nsim_dev_trap_fa_cookie_fops_dev(r1, &(0x7f0000000300)=""/240, 0xf0) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc) r7 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="10000000", @ANYRES64], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) 253.529329ms ago: executing program 3 (id=2401): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x100) socket(0x10, 0x3, 0x6) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyc7\x00', 0x189000, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket(0x2, 0x1, 0x0) socket(0x1d, 0x2, 0x2) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 133.919953ms ago: executing program 3 (id=2402): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x22, 0x80000, 0xd67d) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r0, 0x0, 0xe) 0s ago: executing program 0 (id=2342): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x31}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) syz_clone(0x5000400, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x2400c000}, 0x48000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004810}, 0x24040000) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/rds/tcp/rds_tcp_rcvbuf\x00', 0x800, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) write$auto(0xffffffffffffffff, 0x0, 0x800) getpeername$auto(0x3, 0x0, 0x0) socket(0x2a, 0x2, 0xb) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_none\x00', 0x183042, 0x0) pipe$auto(0x0) fcntl$auto(r3, 0x5, 0x6) r4 = socket(0x2, 0x6, 0x0) setsockopt$auto(r4, 0x0, 0x10, 0x0, 0x17) close_range$auto(0x2, 0x8000, 0x0) kernel console output (not intermixed with test programs): d 0x0406 tx timeout [ 677.957352][ T30] audit: type=1326 audit(6039405555.631:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15891 comm="syz.0.1673" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd627b8d169 code=0x0 [ 678.020538][T15650] Bluetooth: hci0: command 0x0406 tx timeout [ 678.027428][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 678.098641][T15650] Bluetooth: hci3: command 0x0406 tx timeout syzkaller syzkaller login: [ 679.486428][T15921] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 681.255282][T15967] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 681.483486][T15970] mtrr: base(0xfffff20000000100000) is not aligned on a size(0xfffff2ff000) boundary [ 682.394849][T15975] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 682.732440][T16110] syz.2.1695(16110): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 684.222162][T16240] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 685.088607][T16255] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 685.653074][T16262] sctp: [Deprecated]: syz.0.1710 (pid 16262) Use of int in maxseg socket option. [ 685.653074][T16262] Use struct sctp_assoc_value instead [ 687.135188][T16507] random: crng reseeded on system resumption [ 687.147833][T16507] FAULT_INJECTION: forcing a failure. [ 687.147833][T16507] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 687.184030][T16507] CPU: 0 UID: 0 PID: 16507 Comm: syz.1.1723 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 687.184075][T16507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 687.184094][T16507] Call Trace: [ 687.184104][T16507] [ 687.184116][T16507] dump_stack_lvl+0x16c/0x1f0 [ 687.184170][T16507] should_fail_ex+0x512/0x640 [ 687.184214][T16507] should_fail_alloc_page+0xe7/0x130 [ 687.184247][T16507] prepare_alloc_pages+0x3c2/0x610 [ 687.184295][T16507] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 687.184345][T16507] ? find_held_lock+0x2b/0x80 [ 687.184413][T16507] ? mark_held_locks+0x49/0x80 [ 687.184464][T16507] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 687.184516][T16507] ? lockdep_hardirqs_on+0x7c/0x110 [ 687.184560][T16507] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 687.184603][T16507] ? stack_depot_save_flags+0x3e6/0xa50 [ 687.184643][T16507] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 687.184700][T16507] ? kasan_save_stack+0x42/0x60 [ 687.184744][T16507] ? kasan_save_stack+0x33/0x60 [ 687.184788][T16507] ? kasan_save_track+0x14/0x30 [ 687.184836][T16507] ? chrdev_open+0x231/0x6a0 [ 687.184882][T16507] ? do_dentry_open+0x741/0x1c10 [ 687.184925][T16507] ? vfs_open+0x82/0x3f0 [ 687.184953][T16507] ? path_openat+0x1e5e/0x2d40 [ 687.184997][T16507] ? do_filp_open+0x20b/0x470 [ 687.185040][T16507] ? do_sys_openat2+0x11b/0x1d0 [ 687.185071][T16507] ? __x64_sys_openat+0x174/0x210 [ 687.185102][T16507] ? do_syscall_64+0xcd/0x260 [ 687.185145][T16507] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.185181][T16507] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 687.185218][T16507] ? policy_nodemask+0xea/0x4e0 [ 687.185274][T16507] alloc_pages_mpol+0x1fb/0x550 [ 687.185306][T16507] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 687.185349][T16507] alloc_pages_noprof+0x131/0x390 [ 687.185381][T16507] get_zeroed_page_noprof+0x14/0x50 [ 687.185416][T16507] get_image_page+0x18/0x190 [ 687.185457][T16507] chain_alloc+0x8c/0xd0 [ 687.185505][T16507] memory_bm_create+0x30f/0x810 [ 687.185565][T16507] create_basic_memory_bitmaps+0x10f/0x680 [ 687.185618][T16507] snapshot_open+0x235/0x2b0 [ 687.185664][T16507] ? __pfx_snapshot_open+0x10/0x10 [ 687.185712][T16507] misc_open+0x35a/0x420 [ 687.185753][T16507] ? __pfx_misc_open+0x10/0x10 [ 687.185791][T16507] chrdev_open+0x231/0x6a0 [ 687.185838][T16507] ? __pfx_apparmor_file_open+0x10/0x10 [ 687.185878][T16507] ? __pfx_chrdev_open+0x10/0x10 [ 687.185930][T16507] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 687.185983][T16507] do_dentry_open+0x741/0x1c10 [ 687.186030][T16507] ? __pfx_chrdev_open+0x10/0x10 [ 687.186087][T16507] vfs_open+0x82/0x3f0 [ 687.186126][T16507] path_openat+0x1e5e/0x2d40 [ 687.186189][T16507] ? __pfx_path_openat+0x10/0x10 [ 687.186249][T16507] do_filp_open+0x20b/0x470 [ 687.186297][T16507] ? __pfx_do_filp_open+0x10/0x10 [ 687.186376][T16507] ? alloc_fd+0x471/0x7d0 [ 687.186434][T16507] do_sys_openat2+0x11b/0x1d0 [ 687.186468][T16507] ? __pfx_do_sys_openat2+0x10/0x10 [ 687.186527][T16507] __x64_sys_openat+0x174/0x210 [ 687.186563][T16507] ? __pfx___x64_sys_openat+0x10/0x10 [ 687.186601][T16507] ? rcu_is_watching+0x12/0xc0 [ 687.186653][T16507] do_syscall_64+0xcd/0x260 [ 687.186704][T16507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.186736][T16507] RIP: 0033:0x7f02a4d8d169 [ 687.186761][T16507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.186793][T16507] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 687.186822][T16507] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 687.186842][T16507] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 687.186862][T16507] RBP: 00007f02a4e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 687.186879][T16507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 687.186897][T16507] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 687.186937][T16507] [ 687.633744][T16508] random: crng reseeded on system resumption [ 688.092445][T16522] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1726'. [ 688.139975][T16522] : renamed from veth0_vlan [ 688.323481][T16526] FAULT_INJECTION: forcing a failure. [ 688.323481][T16526] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 688.336729][T16526] CPU: 1 UID: 0 PID: 16526 Comm: syz.3.1729 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 688.336770][T16526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 688.336789][T16526] Call Trace: [ 688.336799][T16526] [ 688.336810][T16526] dump_stack_lvl+0x16c/0x1f0 [ 688.336860][T16526] should_fail_ex+0x512/0x640 [ 688.336901][T16526] _copy_from_user+0x2e/0xd0 [ 688.336942][T16526] copy_msghdr_from_user+0x98/0x160 [ 688.336985][T16526] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 688.337035][T16526] ? __pfx__kstrtoull+0x10/0x10 [ 688.337091][T16526] ___sys_sendmsg+0xfe/0x1d0 [ 688.337135][T16526] ? __pfx____sys_sendmsg+0x10/0x10 [ 688.337195][T16526] ? find_held_lock+0x2b/0x80 [ 688.337262][T16526] __sys_sendmmsg+0x200/0x420 [ 688.337310][T16526] ? __pfx___sys_sendmmsg+0x10/0x10 [ 688.337367][T16526] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 688.337433][T16526] ? fput+0x70/0xf0 [ 688.337463][T16526] ? ksys_write+0x1b9/0x240 [ 688.337506][T16526] ? __pfx_ksys_write+0x10/0x10 [ 688.337547][T16526] ? rcu_is_watching+0x12/0xc0 [ 688.337601][T16526] __x64_sys_sendmmsg+0x9c/0x100 [ 688.337643][T16526] ? lockdep_hardirqs_on+0x7c/0x110 [ 688.337688][T16526] do_syscall_64+0xcd/0x260 [ 688.337737][T16526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.337769][T16526] RIP: 0033:0x7fb1fbd8d169 [ 688.337794][T16526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.337825][T16526] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 688.337854][T16526] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 688.337875][T16526] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 688.337893][T16526] RBP: 00007fb1fcc87090 R08: 0000000000000000 R09: 0000000000000000 [ 688.337911][T16526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 688.337929][T16526] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 688.337968][T16526] [ 688.354538][T16528] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1730'. [ 688.360594][ C1] vkms_vblank_simulate: vblank timer overrun [ 689.914301][T16567] netlink: 'syz.1.1741': attribute type 1 has an invalid length. [ 691.159252][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.167893][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 693.380454][T16837] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1760'. [ 694.814598][T16869] FAULT_INJECTION: forcing a failure. [ 694.814598][T16869] name failslab, interval 1, probability 0, space 0, times 0 [ 694.829358][T16869] CPU: 0 UID: 0 PID: 16869 Comm: syz.3.1770 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 694.829401][T16869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 694.829420][T16869] Call Trace: [ 694.829430][T16869] [ 694.829442][T16869] dump_stack_lvl+0x16c/0x1f0 [ 694.829492][T16869] should_fail_ex+0x512/0x640 [ 694.829526][T16869] ? fs_reclaim_acquire+0xae/0x150 [ 694.829564][T16869] ? tomoyo_encode2+0x100/0x3e0 [ 694.829604][T16869] should_failslab+0xc2/0x120 [ 694.829634][T16869] __kmalloc_noprof+0xd2/0x510 [ 694.829681][T16869] ? d_absolute_path+0x136/0x1a0 [ 694.829722][T16869] tomoyo_encode2+0x100/0x3e0 [ 694.829784][T16869] tomoyo_encode+0x29/0x50 [ 694.829826][T16869] tomoyo_realpath_from_path+0x18f/0x6e0 [ 694.829879][T16869] tomoyo_path_number_perm+0x245/0x580 [ 694.829914][T16869] ? tomoyo_path_number_perm+0x237/0x580 [ 694.829955][T16869] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 694.829995][T16869] ? find_held_lock+0x2b/0x80 [ 694.830071][T16869] ? find_held_lock+0x2b/0x80 [ 694.830110][T16869] ? hook_file_ioctl_common+0x145/0x410 [ 694.830155][T16869] ? __fget_files+0x20e/0x3c0 [ 694.830207][T16869] security_file_ioctl+0x9b/0x240 [ 694.830248][T16869] __x64_sys_ioctl+0xb7/0x200 [ 694.830291][T16869] do_syscall_64+0xcd/0x260 [ 694.830338][T16869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.830364][T16869] RIP: 0033:0x7fb1fbd8d169 [ 694.830389][T16869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 694.830420][T16869] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 694.830448][T16869] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 694.830469][T16869] RDX: 0000000000000001 RSI: 0000000000004b3a RDI: 0000000000000003 [ 694.830486][T16869] RBP: 00007fb1fcc87090 R08: 0000000000000000 R09: 0000000000000000 [ 694.830505][T16869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 694.830520][T16869] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 694.830560][T16869] [ 694.830617][T16869] ERROR: Out of memory at tomoyo_realpath_from_path. [ 695.111774][T16873] FAULT_INJECTION: forcing a failure. [ 695.111774][T16873] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 695.131947][T16873] CPU: 0 UID: 0 PID: 16873 Comm: syz.1.1773 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 695.131993][T16873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 695.132012][T16873] Call Trace: [ 695.132022][T16873] [ 695.132034][T16873] dump_stack_lvl+0x16c/0x1f0 [ 695.132086][T16873] should_fail_ex+0x512/0x640 [ 695.132129][T16873] _copy_from_user+0x2e/0xd0 [ 695.132169][T16873] sctp_setsockopt+0x2045/0xb870 [ 695.132212][T16873] ? __pfx_sctp_setsockopt+0x10/0x10 [ 695.132243][T16873] ? __lock_acquire+0x5ca/0x1ba0 [ 695.132289][T16873] ? __pfx_aa_sk_perm+0x10/0x10 [ 695.132324][T16873] ? find_held_lock+0x2b/0x80 [ 695.132364][T16873] ? sock_common_setsockopt+0x2e/0xf0 [ 695.132414][T16873] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 695.132462][T16873] do_sock_setsockopt+0x221/0x470 [ 695.132507][T16873] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 695.132577][T16873] __sys_setsockopt+0x1a0/0x230 [ 695.132622][T16873] __x64_sys_setsockopt+0xbd/0x160 [ 695.132659][T16873] ? do_syscall_64+0x91/0x260 [ 695.132702][T16873] ? lockdep_hardirqs_on+0x7c/0x110 [ 695.132751][T16873] do_syscall_64+0xcd/0x260 [ 695.132799][T16873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.132830][T16873] RIP: 0033:0x7f02a4d8d169 [ 695.132853][T16873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 695.132882][T16873] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 695.132909][T16873] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 695.132929][T16873] RDX: 0000000000000010 RSI: 0000010000000084 RDI: 0000000000000003 [ 695.132947][T16873] RBP: 00007f02a5bfe090 R08: 0000000000000008 R09: 0000000000000000 [ 695.132965][T16873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 695.132982][T16873] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 695.133019][T16873] [ 695.262030][T16876] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1774'. [ 695.306993][T16878] sctp: [Deprecated]: syz.3.1775 (pid 16878) Use of struct sctp_assoc_value in delayed_ack socket option. [ 695.306993][T16878] Use struct sctp_sack_info instead [ 695.345118][T16876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1774'. [ 695.590483][T16880] pty pty215: ldisc open failed (-12), clearing slot 215 [ 695.807507][T16897] FAULT_INJECTION: forcing a failure. [ 695.807507][T16897] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 695.843016][T16897] CPU: 0 UID: 0 PID: 16897 Comm: syz.0.1782 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 695.843060][T16897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 695.843079][T16897] Call Trace: [ 695.843089][T16897] [ 695.843101][T16897] dump_stack_lvl+0x16c/0x1f0 [ 695.843153][T16897] should_fail_ex+0x512/0x640 [ 695.843195][T16897] _copy_to_user+0x32/0xd0 [ 695.843239][T16897] simple_read_from_buffer+0xcb/0x170 [ 695.843287][T16897] proc_fail_nth_read+0x197/0x270 [ 695.843332][T16897] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 695.843379][T16897] ? rw_verify_area+0xcf/0x680 [ 695.843417][T16897] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 695.843460][T16897] vfs_read+0x1de/0xc70 [ 695.843509][T16897] ? __pfx___mutex_lock+0x10/0x10 [ 695.843556][T16897] ? __pfx_vfs_read+0x10/0x10 [ 695.843610][T16897] ? __fget_files+0x20e/0x3c0 [ 695.843693][T16897] ksys_read+0x12a/0x240 [ 695.843735][T16897] ? __pfx_ksys_read+0x10/0x10 [ 695.843777][T16897] ? rcu_is_watching+0x12/0xc0 [ 695.843828][T16897] do_syscall_64+0xcd/0x260 [ 695.843879][T16897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.843913][T16897] RIP: 0033:0x7fd627b8bb7c [ 695.843937][T16897] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 695.843967][T16897] RSP: 002b:00007fd628ab3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 695.843996][T16897] RAX: ffffffffffffffda RBX: 00007fd627da5fa0 RCX: 00007fd627b8bb7c [ 695.844017][T16897] RDX: 000000000000000f RSI: 00007fd628ab30a0 RDI: 0000000000000004 [ 695.844036][T16897] RBP: 00007fd628ab3090 R08: 0000000000000000 R09: 0000000000000000 [ 695.844055][T16897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 695.844073][T16897] R13: 0000000000000000 R14: 00007fd627da5fa0 R15: 00007ffc844177d8 [ 695.844114][T16897] [ 696.034760][ C0] vkms_vblank_simulate: vblank timer overrun [ 696.617170][T16913] bond0: option all_slaves_active: invalid value () [ 696.626218][T16911] Invalid ELF header magic: != ELF [ 696.749714][T16911] Invalid ELF header magic: != ELF [ 696.762886][T16911] Invalid ELF header magic: != ELF [ 696.796728][T16911] Invalid ELF header magic: != ELF [ 697.307970][T16904] cgroup: fork rejected by pids controller in /syz1 [ 697.462855][T16911] Invalid ELF header magic: != ELF [ 697.661189][T15650] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 698.510250][T17175] FAULT_INJECTION: forcing a failure. [ 698.510250][T17175] name failslab, interval 1, probability 0, space 0, times 0 [ 698.547140][T17175] CPU: 0 UID: 0 PID: 17175 Comm: syz.1.1804 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 698.547185][T17175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 698.547203][T17175] Call Trace: [ 698.547214][T17175] [ 698.547225][T17175] dump_stack_lvl+0x16c/0x1f0 [ 698.547277][T17175] should_fail_ex+0x512/0x640 [ 698.547312][T17175] ? fs_reclaim_acquire+0xae/0x150 [ 698.547352][T17175] ? tomoyo_encode2+0x100/0x3e0 [ 698.547393][T17175] should_failslab+0xc2/0x120 [ 698.547423][T17175] __kmalloc_noprof+0xd2/0x510 [ 698.547478][T17175] ? d_absolute_path+0x136/0x1a0 [ 698.547520][T17175] tomoyo_encode2+0x100/0x3e0 [ 698.547569][T17175] tomoyo_encode+0x29/0x50 [ 698.547608][T17175] tomoyo_realpath_from_path+0x18f/0x6e0 [ 698.547663][T17175] tomoyo_path_number_perm+0x245/0x580 [ 698.547689][T17175] ? tomoyo_path_number_perm+0x237/0x580 [ 698.547720][T17175] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 698.547748][T17175] ? find_held_lock+0x2b/0x80 [ 698.547802][T17175] ? find_held_lock+0x2b/0x80 [ 698.547829][T17175] ? hook_file_ioctl_common+0x145/0x410 [ 698.547859][T17175] ? __fget_files+0x20e/0x3c0 [ 698.547896][T17175] security_file_ioctl+0x9b/0x240 [ 698.547925][T17175] __x64_sys_ioctl+0xb7/0x200 [ 698.547954][T17175] do_syscall_64+0xcd/0x260 [ 698.547990][T17175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.548013][T17175] RIP: 0033:0x7f02a4d8d169 [ 698.548031][T17175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 698.548053][T17175] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 698.548074][T17175] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 698.548089][T17175] RDX: 0000000000000007 RSI: 00000000c0045543 RDI: 0000000000000006 [ 698.548103][T17175] RBP: 00007f02a5bfe090 R08: 0000000000000000 R09: 0000000000000000 [ 698.548117][T17175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 698.548130][T17175] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 698.548159][T17175] [ 698.858767][T17175] ERROR: Out of memory at tomoyo_realpath_from_path. [ 702.028527][T17318] FAULT_INJECTION: forcing a failure. [ 702.028527][T17318] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 702.041906][T17318] CPU: 0 UID: 0 PID: 17318 Comm: syz.2.1816 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 702.041947][T17318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 702.041965][T17318] Call Trace: [ 702.041975][T17318] [ 702.041985][T17318] dump_stack_lvl+0x16c/0x1f0 [ 702.042032][T17318] should_fail_ex+0x512/0x640 [ 702.042070][T17318] core_sys_select+0x4b2/0xbe0 [ 702.042154][T17318] ? __pfx_core_sys_select+0x10/0x10 [ 702.042202][T17318] ? proc_fail_nth_write+0x9f/0x250 [ 702.042275][T17318] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 702.042332][T17318] kern_select+0x15d/0x1e0 [ 702.042372][T17318] ? __pfx_kern_select+0x10/0x10 [ 702.042417][T17318] ? __pfx_ksys_write+0x10/0x10 [ 702.042457][T17318] ? rcu_is_watching+0x12/0xc0 [ 702.042500][T17318] __x64_sys_select+0xbd/0x160 [ 702.042538][T17318] ? do_syscall_64+0x91/0x260 [ 702.042581][T17318] ? lockdep_hardirqs_on+0x7c/0x110 [ 702.042638][T17318] do_syscall_64+0xcd/0x260 [ 702.042687][T17318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.042728][T17318] RIP: 0033:0x7fcedc38d169 [ 702.042751][T17318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.042781][T17318] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 702.042809][T17318] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 702.042830][T17318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 702.042849][T17318] RBP: 00007fcedd1e4090 R08: 0000000000000000 R09: 0000000000000000 [ 702.042869][T17318] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 702.042888][T17318] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 702.042929][T17318] [ 702.829783][T17338] FAULT_INJECTION: forcing a failure. [ 702.829783][T17338] name failslab, interval 1, probability 0, space 0, times 0 [ 702.842674][T17338] CPU: 1 UID: 0 PID: 17338 Comm: syz.2.1822 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 702.842717][T17338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 702.842735][T17338] Call Trace: [ 702.842746][T17338] [ 702.842758][T17338] dump_stack_lvl+0x16c/0x1f0 [ 702.842810][T17338] should_fail_ex+0x512/0x640 [ 702.842845][T17338] ? fs_reclaim_acquire+0xae/0x150 [ 702.842886][T17338] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 702.842930][T17338] should_failslab+0xc2/0x120 [ 702.842961][T17338] __kmalloc_noprof+0xd2/0x510 [ 702.843036][T17338] tomoyo_realpath_from_path+0xc2/0x6e0 [ 702.843085][T17338] ? tomoyo_profile+0x47/0x60 [ 702.843138][T17338] tomoyo_path_number_perm+0x245/0x580 [ 702.843175][T17338] ? tomoyo_path_number_perm+0x237/0x580 [ 702.843216][T17338] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 702.843256][T17338] ? find_held_lock+0x2b/0x80 [ 702.843334][T17338] ? find_held_lock+0x2b/0x80 [ 702.843391][T17338] ? hook_file_ioctl_common+0x145/0x410 [ 702.843435][T17338] ? __fget_files+0x20e/0x3c0 [ 702.843488][T17338] security_file_ioctl+0x9b/0x240 [ 702.843531][T17338] __x64_sys_ioctl+0xb7/0x200 [ 702.843574][T17338] do_syscall_64+0xcd/0x260 [ 702.843625][T17338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.843657][T17338] RIP: 0033:0x7fcedc38d169 [ 702.843682][T17338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.843712][T17338] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 702.843740][T17338] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 702.843760][T17338] RDX: 0000000000000001 RSI: 0000000000004b52 RDI: 0000000000000003 [ 702.843778][T17338] RBP: 00007fcedd1e4090 R08: 0000000000000000 R09: 0000000000000000 [ 702.843796][T17338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 702.843814][T17338] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 702.843855][T17338] [ 702.843868][T17338] ERROR: Out of memory at tomoyo_realpath_from_path. [ 703.703217][T17460] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 704.710728][T17480] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 706.350867][T17556] bond0: option all_slaves_active: invalid value () [ 706.846651][T17556] bond0: option all_slaves_active: invalid value () [ 707.981897][T17637] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 708.467757][ T30] audit: type=1800 audit(6039405723.144:6): pid=17641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1853" name="lu_gp_id" dev="configfs" ino=45109 res=0 errno=0 [ 708.492097][T17641] kstrtoul() returned -22 for lu_gp_id [ 709.812976][T17782] FAULT_INJECTION: forcing a failure. [ 709.812976][T17782] name failslab, interval 1, probability 0, space 0, times 0 [ 709.856661][T17675] zswap: compressor not available [ 709.859935][T17782] CPU: 0 UID: 0 PID: 17782 Comm: syz.1.1861 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 709.859982][T17782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 709.860001][T17782] Call Trace: [ 709.860012][T17782] [ 709.860024][T17782] dump_stack_lvl+0x16c/0x1f0 [ 709.860078][T17782] should_fail_ex+0x512/0x640 [ 709.860115][T17782] ? fs_reclaim_acquire+0xae/0x150 [ 709.860159][T17782] ? tomoyo_encode2+0x100/0x3e0 [ 709.860202][T17782] should_failslab+0xc2/0x120 [ 709.860233][T17782] __kmalloc_noprof+0xd2/0x510 [ 709.860293][T17782] tomoyo_encode2+0x100/0x3e0 [ 709.860344][T17782] tomoyo_encode+0x29/0x50 [ 709.860387][T17782] tomoyo_realpath_from_path+0x18f/0x6e0 [ 709.860439][T17782] ? tomoyo_profile+0x47/0x60 [ 709.860502][T17782] tomoyo_path_number_perm+0x245/0x580 [ 709.860540][T17782] ? tomoyo_path_number_perm+0x237/0x580 [ 709.860584][T17782] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 709.860625][T17782] ? find_held_lock+0x2b/0x80 [ 709.860706][T17782] ? find_held_lock+0x2b/0x80 [ 709.860746][T17782] ? hook_file_ioctl_common+0x145/0x410 [ 709.860792][T17782] ? __fget_files+0x20e/0x3c0 [ 709.860847][T17782] security_file_ioctl+0x9b/0x240 [ 709.860891][T17782] __x64_sys_ioctl+0xb7/0x200 [ 709.860935][T17782] do_syscall_64+0xcd/0x260 [ 709.860993][T17782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.861026][T17782] RIP: 0033:0x7f02a4d8d169 [ 709.861053][T17782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.861085][T17782] RSP: 002b:00007f02a5bbc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 709.861118][T17782] RAX: ffffffffffffffda RBX: 00007f02a4fa6160 RCX: 00007f02a4d8d169 [ 709.861140][T17782] RDX: 0000000000000000 RSI: 000000000000541b RDI: 0000000000000003 [ 709.861159][T17782] RBP: 00007f02a5bbc090 R08: 0000000000000000 R09: 0000000000000000 [ 709.861179][T17782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 709.861198][T17782] R13: 0000000000000000 R14: 00007f02a4fa6160 R15: 00007ffe9421cb08 [ 709.861241][T17782] [ 709.861336][T17782] ERROR: Out of memory at tomoyo_realpath_from_path. [ 710.026560][T17665] ima: policy update failed [ 710.121598][ T30] audit: type=1802 audit(6039405724.794:7): pid=17665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1859" res=0 errno=0 [ 710.296227][T17797] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 711.532187][T17946] netlink: 'syz.3.1869': attribute type 2 has an invalid length. [ 711.672554][T17912] zswap: compressor not available [ 712.651877][T18052] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 713.120745][T18059] kstrtoul() returned -22 for lu_gp_id [ 713.138616][ T30] audit: type=1800 audit(6039405727.804:8): pid=18059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1884" name="lu_gp_id" dev="configfs" ino=45251 res=0 errno=0 [ 714.394036][T18148] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1898'. [ 714.425597][T18148] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1898'. [ 714.442147][T18155] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 714.466056][T18148] netlink: 290 bytes leftover after parsing attributes in process `syz.2.1898'. [ 714.493355][T18148] veth0_macvtap: left promiscuous mode [ 715.536352][T18221] ptrace attach of "./syz-executor exec"[5847] was attempted by ""[18221] [ 715.584993][T18219] kstrtoul() returned -22 for lu_gp_id [ 715.600235][ T30] audit: type=1800 audit(6039405730.264:9): pid=18219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1903" name="lu_gp_id" dev="configfs" ino=45028 res=0 errno=0 [ 715.934183][T15650] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 715.934241][T15650] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 715.950109][T15650] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 715.950214][T15650] Bluetooth: hci2: Malformed LE Event: 0x0d [ 716.809490][T18328] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 716.912729][T18245] kexec: Could not allocate control_code_buffer [ 717.541000][T18361] zswap: compressor not available [ 717.737862][T18474] Invalid ELF header magic: != ELF [ 717.988301][T18481] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1918'. [ 718.017594][T18485] Format for deleting device is "id" (uint). [ 718.052084][T18488] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1918'. [ 718.141667][T18481] netlink: 290 bytes leftover after parsing attributes in process `syz.0.1918'. [ 718.177603][T18481] veth0_macvtap: left promiscuous mode [ 719.294092][T18614] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 719.823723][T18728] netlink: 'syz.1.1926': attribute type 2 has an invalid length. [ 719.902653][T18620] zswap: compressor not available [ 721.264561][T18751] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1931'. [ 721.418104][T18751] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1931'. [ 721.486452][T18751] netlink: 290 bytes leftover after parsing attributes in process `syz.1.1931'. [ 721.544123][T18751] veth0_macvtap: left promiscuous mode [ 722.071934][T18864] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1934'. [ 722.254247][T18624] kexec: Could not allocate control_code_buffer [ 722.518139][T18874] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 723.398893][T18997] random: crng reseeded on system resumption [ 724.922481][T19048] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 726.121494][T19003] kexec: Could not allocate control_code_buffer [ 728.488642][T19476] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 728.849451][T19481] FAULT_INJECTION: forcing a failure. [ 728.849451][T19481] name failslab, interval 1, probability 0, space 0, times 0 [ 728.902064][T19481] CPU: 1 UID: 0 PID: 19481 Comm: syz.2.1974 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 728.902116][T19481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 728.902136][T19481] Call Trace: [ 728.902147][T19481] [ 728.902160][T19481] dump_stack_lvl+0x16c/0x1f0 [ 728.902219][T19481] should_fail_ex+0x512/0x640 [ 728.902258][T19481] ? fs_reclaim_acquire+0xae/0x150 [ 728.902303][T19481] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 728.902353][T19481] should_failslab+0xc2/0x120 [ 728.902385][T19481] __kmalloc_noprof+0xd2/0x510 [ 728.902447][T19481] tomoyo_realpath_from_path+0xc2/0x6e0 [ 728.902501][T19481] ? tomoyo_profile+0x47/0x60 [ 728.902558][T19481] tomoyo_path_perm+0x274/0x460 [ 728.902596][T19481] ? tomoyo_path_perm+0x260/0x460 [ 728.902637][T19481] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 728.902724][T19481] ? __pfx_ima_file_check+0x10/0x10 [ 728.902773][T19481] ? hook_file_truncate+0xc7/0x250 [ 728.902831][T19481] security_file_truncate+0x84/0x1e0 [ 728.902881][T19481] path_openat+0xc85/0x2d40 [ 728.902953][T19481] ? __pfx_path_openat+0x10/0x10 [ 728.903017][T19481] do_filp_open+0x20b/0x470 [ 728.903071][T19481] ? __pfx_do_filp_open+0x10/0x10 [ 728.903138][T19481] ? __pfx_kfree_link+0x10/0x10 [ 728.903192][T19481] ? alloc_fd+0x471/0x7d0 [ 728.903254][T19481] do_sys_openat2+0x11b/0x1d0 [ 728.903291][T19481] ? __pfx_do_sys_openat2+0x10/0x10 [ 728.903356][T19481] __x64_sys_openat+0x174/0x210 [ 728.903392][T19481] ? __pfx___x64_sys_openat+0x10/0x10 [ 728.903432][T19481] ? rcu_is_watching+0x12/0xc0 [ 728.903485][T19481] do_syscall_64+0xcd/0x260 [ 728.903536][T19481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.903571][T19481] RIP: 0033:0x7fcedc38d169 [ 728.903598][T19481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 728.903632][T19481] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 728.903665][T19481] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 728.903686][T19481] RDX: 0000000000040302 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 728.903706][T19481] RBP: 00007fcedc40e990 R08: 0000000000000000 R09: 0000000000000000 [ 728.903725][T19481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.903744][T19481] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 728.903785][T19481] [ 728.903935][T19481] ERROR: Out of memory at tomoyo_realpath_from_path. [ 729.442222][T19580] FAULT_INJECTION: forcing a failure. [ 729.442222][T19580] name failslab, interval 1, probability 0, space 0, times 0 [ 729.501173][T19580] CPU: 1 UID: 0 PID: 19580 Comm: syz.3.1975 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 729.501219][T19580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 729.501238][T19580] Call Trace: [ 729.501249][T19580] [ 729.501260][T19580] dump_stack_lvl+0x16c/0x1f0 [ 729.501311][T19580] should_fail_ex+0x512/0x640 [ 729.501347][T19580] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 729.501400][T19580] should_failslab+0xc2/0x120 [ 729.501430][T19580] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 729.501480][T19580] ? getname_flags.part.0+0x48/0x540 [ 729.501524][T19580] getname_flags.part.0+0x48/0x540 [ 729.501565][T19580] getname_flags+0x93/0xf0 [ 729.501608][T19580] do_sys_openat2+0xb8/0x1d0 [ 729.501642][T19580] ? __pfx_do_sys_openat2+0x10/0x10 [ 729.501680][T19580] ? __fget_files+0x20e/0x3c0 [ 729.501734][T19580] __x64_sys_openat+0x174/0x210 [ 729.501776][T19580] ? __pfx___x64_sys_openat+0x10/0x10 [ 729.501810][T19580] ? ksys_write+0x1b9/0x240 [ 729.501868][T19580] do_syscall_64+0xcd/0x260 [ 729.501918][T19580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.501950][T19580] RIP: 0033:0x7fb1fbd8d169 [ 729.501975][T19580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 729.502006][T19580] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 729.502036][T19580] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 729.502056][T19580] RDX: 0000000000040302 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 729.502075][T19580] RBP: 00007fb1fcc87090 R08: 0000000000000000 R09: 0000000000000000 [ 729.502093][T19580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 729.502111][T19580] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 729.502151][T19580] [ 731.230587][T19709] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 731.800632][T19710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1982'. [ 733.873802][T19953] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 736.039017][T19990] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2008'. [ 736.165140][T19987] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 736.171543][T19987] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 736.218568][T19987] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 736.224844][T19987] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 736.594911][T20101] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 736.951291][T20110] FAULT_INJECTION: forcing a failure. [ 736.951291][T20110] name failslab, interval 1, probability 0, space 0, times 0 [ 736.964492][T20110] CPU: 0 UID: 0 PID: 20110 Comm: syz.0.2014 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 736.964535][T20110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 736.964555][T20110] Call Trace: [ 736.964566][T20110] [ 736.964578][T20110] dump_stack_lvl+0x16c/0x1f0 [ 736.964631][T20110] should_fail_ex+0x512/0x640 [ 736.964667][T20110] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 736.964714][T20110] should_failslab+0xc2/0x120 [ 736.964743][T20110] __kmalloc_cache_noprof+0x6a/0x3e0 [ 736.964784][T20110] ? ccid_get_builtin_ccids+0x79/0x200 [ 736.964838][T20110] ccid_get_builtin_ccids+0x79/0x200 [ 736.964894][T20110] dccp_feat_init+0x361/0x800 [ 736.964933][T20110] ? __pfx_dccp_feat_init+0x10/0x10 [ 736.964968][T20110] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 736.965016][T20110] ? lockdep_init_map_type+0x5c/0x280 [ 736.965049][T20110] ? do_init_timer+0xc9/0x110 [ 736.965092][T20110] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 736.965147][T20110] ? __pfx_dccp_delack_timer+0x10/0x10 [ 736.965200][T20110] dccp_init_sock+0x327/0x420 [ 736.965239][T20110] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 736.965279][T20110] dccp_v4_init_sock+0x1f/0xa0 [ 736.965314][T20110] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 736.965352][T20110] inet_create+0x936/0x1090 [ 736.965384][T20110] ? inet_create+0x93/0x1090 [ 736.965422][T20110] __sock_create+0x335/0x8d0 [ 736.965462][T20110] __sys_socket+0x14d/0x260 [ 736.965496][T20110] ? __pfx___sys_socket+0x10/0x10 [ 736.965530][T20110] ? rcu_is_watching+0x12/0xc0 [ 736.965578][T20110] __x64_sys_socket+0x72/0xb0 [ 736.965609][T20110] ? lockdep_hardirqs_on+0x7c/0x110 [ 736.965656][T20110] do_syscall_64+0xcd/0x260 [ 736.965708][T20110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.965742][T20110] RIP: 0033:0x7fd627b8d169 [ 736.965768][T20110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 736.965800][T20110] RSP: 002b:00007fd628ab3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 736.965828][T20110] RAX: ffffffffffffffda RBX: 00007fd627da5fa0 RCX: 00007fd627b8d169 [ 736.965849][T20110] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 736.965868][T20110] RBP: 00007fd627c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 736.965888][T20110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 736.965906][T20110] R13: 0000000000000000 R14: 00007fd627da5fa0 R15: 00007ffc844177d8 [ 736.965947][T20110] [ 738.101775][T15650] Bluetooth: hci1: command 0x0406 tx timeout [ 738.139231][T20130] busy [ 738.182133][T15650] Bluetooth: hci0: command 0x0406 tx timeout [ 738.188224][T15650] Bluetooth: hci2: command 0x0406 tx timeout [ 738.258920][T15650] Bluetooth: hci3: command 0x0406 tx timeout [ 738.862804][T20243] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 739.537719][T20256] FAULT_INJECTION: forcing a failure. [ 739.537719][T20256] name failslab, interval 1, probability 0, space 0, times 0 [ 739.566874][T20256] CPU: 0 UID: 0 PID: 20256 Comm: syz.1.2028 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 739.566921][T20256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 739.566942][T20256] Call Trace: [ 739.566952][T20256] [ 739.566964][T20256] dump_stack_lvl+0x16c/0x1f0 [ 739.567018][T20256] should_fail_ex+0x512/0x640 [ 739.567056][T20256] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 739.567106][T20256] should_failslab+0xc2/0x120 [ 739.567137][T20256] __kmalloc_cache_noprof+0x6a/0x3e0 [ 739.567183][T20256] ? ccid_get_builtin_ccids+0x79/0x200 [ 739.567240][T20256] ccid_get_builtin_ccids+0x79/0x200 [ 739.567293][T20256] dccp_feat_init+0x361/0x800 [ 739.567332][T20256] ? __pfx_dccp_feat_init+0x10/0x10 [ 739.567366][T20256] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 739.567413][T20256] ? lockdep_init_map_type+0x5c/0x280 [ 739.567447][T20256] ? do_init_timer+0xc9/0x110 [ 739.567491][T20256] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 739.567536][T20256] ? __pfx_dccp_delack_timer+0x10/0x10 [ 739.567587][T20256] dccp_init_sock+0x327/0x420 [ 739.567626][T20256] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 739.567665][T20256] dccp_v4_init_sock+0x1f/0xa0 [ 739.567712][T20256] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 739.567748][T20256] inet_create+0x936/0x1090 [ 739.567780][T20256] ? inet_create+0x93/0x1090 [ 739.567816][T20256] __sock_create+0x335/0x8d0 [ 739.567863][T20256] __sys_socket+0x14d/0x260 [ 739.567895][T20256] ? __pfx___sys_socket+0x10/0x10 [ 739.567928][T20256] ? rcu_is_watching+0x12/0xc0 [ 739.567976][T20256] __x64_sys_socket+0x72/0xb0 [ 739.568006][T20256] ? lockdep_hardirqs_on+0x7c/0x110 [ 739.568051][T20256] do_syscall_64+0xcd/0x260 [ 739.568100][T20256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.568133][T20256] RIP: 0033:0x7f02a4d8d169 [ 739.568158][T20256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 739.568189][T20256] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 739.568220][T20256] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 739.568241][T20256] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 739.568260][T20256] RBP: 00007f02a4e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 739.568279][T20256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 739.568298][T20256] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 739.568338][T20256] [ 741.703427][T20287] FAULT_INJECTION: forcing a failure. [ 741.703427][T20287] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 741.736979][T20287] CPU: 0 UID: 0 PID: 20287 Comm: syz.1.2035 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 741.737025][T20287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 741.737043][T20287] Call Trace: [ 741.737054][T20287] [ 741.737065][T20287] dump_stack_lvl+0x16c/0x1f0 [ 741.737117][T20287] should_fail_ex+0x512/0x640 [ 741.737160][T20287] should_fail_alloc_page+0xe7/0x130 [ 741.737194][T20287] prepare_alloc_pages+0x3c2/0x610 [ 741.737240][T20287] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 741.737293][T20287] ? __lock_acquire+0x5ca/0x1ba0 [ 741.737360][T20287] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 741.737418][T20287] ? __lock_acquire+0x5ca/0x1ba0 [ 741.737483][T20287] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 741.737519][T20287] ? policy_nodemask+0xea/0x4e0 [ 741.737574][T20287] alloc_pages_mpol+0x1fb/0x550 [ 741.737607][T20287] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 741.737649][T20287] alloc_pages_noprof+0x131/0x390 [ 741.737681][T20287] __pmd_alloc+0x3f/0x870 [ 741.737717][T20287] ? find_held_lock+0x2b/0x80 [ 741.737760][T20287] __handle_mm_fault+0x948/0x2a40 [ 741.737817][T20287] ? __pfx___handle_mm_fault+0x10/0x10 [ 741.737886][T20287] ? find_vma+0xbf/0x140 [ 741.737920][T20287] ? __pfx_find_vma+0x10/0x10 [ 741.737967][T20287] handle_mm_fault+0x3fe/0xad0 [ 741.738024][T20287] do_user_addr_fault+0x7a6/0x1370 [ 741.738068][T20287] ? rcu_is_watching+0x12/0xc0 [ 741.738111][T20287] exc_page_fault+0x5c/0xc0 [ 741.738156][T20287] asm_exc_page_fault+0x26/0x30 [ 741.738187][T20287] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 741.738223][T20287] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 741.738254][T20287] RSP: 0018:ffffc90018fdf7d8 EFLAGS: 00050206 [ 741.738279][T20287] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 741.738297][T20287] RDX: ffffed1004ae9221 RSI: 0000000000000000 RDI: ffff888025749040 [ 741.738317][T20287] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1004ae9220 [ 741.738336][T20287] R10: ffff888025749103 R11: 0000000000000000 R12: 0000000000000000 [ 741.738354][T20287] R13: ffffc90018fdfd60 R14: 00000000000000c4 R15: ffff888025749040 [ 741.738392][T20287] _copy_from_iter+0x391/0x15b0 [ 741.738436][T20287] ? __alloc_skb+0x200/0x380 [ 741.738477][T20287] ? __pfx__copy_from_iter+0x10/0x10 [ 741.738520][T20287] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 741.738566][T20287] ? __lock_acquire+0xaa4/0x1ba0 [ 741.738627][T20287] netlink_sendmsg+0x829/0xdd0 [ 741.738683][T20287] ? __pfx_netlink_sendmsg+0x10/0x10 [ 741.738747][T20287] ____sys_sendmsg+0xa95/0xc70 [ 741.738779][T20287] ? copy_msghdr_from_user+0x10a/0x160 [ 741.738822][T20287] ? __pfx_____sys_sendmsg+0x10/0x10 [ 741.738859][T20287] ? __pfx__kstrtoull+0x10/0x10 [ 741.738916][T20287] ___sys_sendmsg+0x134/0x1d0 [ 741.738968][T20287] ? __pfx____sys_sendmsg+0x10/0x10 [ 741.739031][T20287] ? find_held_lock+0x2b/0x80 [ 741.739098][T20287] __sys_sendmmsg+0x200/0x420 [ 741.739145][T20287] ? __pfx___sys_sendmmsg+0x10/0x10 [ 741.739203][T20287] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 741.739269][T20287] ? fput+0x70/0xf0 [ 741.739300][T20287] ? ksys_write+0x1b9/0x240 [ 741.739343][T20287] ? __pfx_ksys_write+0x10/0x10 [ 741.739384][T20287] ? rcu_is_watching+0x12/0xc0 [ 741.739427][T20287] __x64_sys_sendmmsg+0x9c/0x100 [ 741.739468][T20287] ? lockdep_hardirqs_on+0x7c/0x110 [ 741.739508][T20287] do_syscall_64+0xcd/0x260 [ 741.739556][T20287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.739587][T20287] RIP: 0033:0x7f02a4d8d169 [ 741.739610][T20287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 741.739641][T20287] RSP: 002b:00007f02a5bdd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 741.739693][T20287] RAX: ffffffffffffffda RBX: 00007f02a4fa6080 RCX: 00007f02a4d8d169 [ 741.739714][T20287] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 741.739733][T20287] RBP: 00007f02a5bdd090 R08: 0000000000000000 R09: 0000000000000000 [ 741.739752][T20287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 741.739770][T20287] R13: 0000000000000000 R14: 00007f02a4fa6080 R15: 00007ffe9421cb08 [ 741.739811][T20287] [ 742.821742][T20391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078805000 pfn:0x78800 [ 742.908511][T20391] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 742.978657][T20391] memcg:ffff888027cf6501 [ 743.018496][T20391] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 743.027103][T20391] page_type: f5(slab) [ 743.087504][T20391] raw: 00fff00000000240 ffff88801b44b3c0 ffffea0001ee8c10 ffffea0000a21c10 [ 743.128498][T20391] raw: ffff888078805000 0000000000080006 00000000f5000000 ffff888027cf6501 [ 743.157765][T20391] head: 00fff00000000240 ffff88801b44b3c0 ffffea0001ee8c10 ffffea0000a21c10 [ 743.179656][T20391] head: ffff888078805000 0000000000080006 00000000f5000000 ffff888027cf6501 [ 743.194181][T20391] head: 00fff00000000003 ffffea0001e20001 00000000ffffffff 00000000ffffffff [ 743.213186][T20391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 743.231295][T20391] page dumped because: unmovable page [ 743.239732][T20391] page_owner tracks the page as allocated [ 743.293157][T20391] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 14845, tgid 14844 (syz.0.1497), ts 635574989839, free_ts 635481255106 [ 743.412991][T20391] post_alloc_hook+0x181/0x1b0 [ 743.417872][T20391] get_page_from_freelist+0x1193/0x39b0 [ 743.427441][T20391] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 743.435308][T20391] alloc_pages_mpol+0x1fb/0x550 [ 743.443711][T20391] new_slab+0x23c/0x330 [ 743.447962][T20391] ___slab_alloc+0xd9c/0x1940 [ 743.466318][T20391] __slab_alloc.constprop.0+0x56/0xb0 [ 743.475953][T20391] __kmalloc_noprof+0x2f2/0x510 [ 743.489871][T20391] __register_sysctl_table+0xb3/0x1900 [ 743.495545][T20391] __devinet_sysctl_register+0x1b9/0x360 [ 743.505298][T20391] devinet_sysctl_register+0x17b/0x200 [ 743.512227][T20391] inetdev_init+0x2b8/0x5a0 [ 743.517028][T20391] inetdev_event+0xc5f/0x18a0 [ 743.525440][T20391] notifier_call_chain+0xb9/0x410 [ 743.545790][T20391] call_netdevice_notifiers_info+0xbe/0x140 [ 743.562195][T20391] register_netdevice+0x182e/0x2270 [ 743.577818][T20391] page last free pid 14853 tgid 14852 stack trace: [ 743.598470][T20391] __free_frozen_pages+0x69d/0xff0 [ 743.607074][T20391] __put_partials+0x16d/0x1c0 [ 743.618795][T20391] qlist_free_all+0x4e/0x120 [ 743.623484][T20391] kasan_quarantine_reduce+0x195/0x1e0 [ 743.632284][T20391] __kasan_slab_alloc+0x69/0x90 [ 743.637231][T20391] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 743.642899][T20391] __kernfs_new_node+0xd2/0x8a0 [ 743.647848][T20391] kernfs_new_node+0x13c/0x1e0 [ 743.661931][T20391] __kernfs_create_file+0x53/0x350 [ 743.667244][T20391] sysfs_add_file_mode_ns+0x207/0x3c0 [ 743.672887][T20391] internal_create_group+0x578/0xf30 [ 743.678646][T20391] internal_create_groups+0x9d/0x150 [ 743.698499][T20391] netdev_queue_update_kobjects+0x115/0x720 [ 743.704577][T20391] netdev_register_kobject+0x28c/0x3a0 [ 743.716902][T20391] register_netdevice+0x13dc/0x2270 [ 743.742021][T20391] register_netdev+0x34/0x50 [ 744.191972][T20413] FAULT_INJECTION: forcing a failure. [ 744.191972][T20413] name failslab, interval 1, probability 0, space 0, times 0 [ 744.215204][T20413] CPU: 0 UID: 0 PID: 20413 Comm: syz.3.2043 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 744.215253][T20413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 744.215274][T20413] Call Trace: [ 744.215285][T20413] [ 744.215297][T20413] dump_stack_lvl+0x16c/0x1f0 [ 744.215352][T20413] should_fail_ex+0x512/0x640 [ 744.215389][T20413] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 744.215439][T20413] should_failslab+0xc2/0x120 [ 744.215470][T20413] __kmalloc_cache_noprof+0x6a/0x3e0 [ 744.215516][T20413] ? ccid_get_builtin_ccids+0x79/0x200 [ 744.215574][T20413] ccid_get_builtin_ccids+0x79/0x200 [ 744.215629][T20413] dccp_feat_init+0x361/0x800 [ 744.215668][T20413] ? __pfx_dccp_feat_init+0x10/0x10 [ 744.215702][T20413] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 744.215759][T20413] ? lockdep_init_map_type+0x5c/0x280 [ 744.215793][T20413] ? do_init_timer+0xc9/0x110 [ 744.215837][T20413] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 744.215881][T20413] ? __pfx_dccp_delack_timer+0x10/0x10 [ 744.215932][T20413] dccp_init_sock+0x327/0x420 [ 744.215973][T20413] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 744.216012][T20413] dccp_v4_init_sock+0x1f/0xa0 [ 744.216047][T20413] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 744.216085][T20413] inet_create+0x936/0x1090 [ 744.216117][T20413] ? inet_create+0x93/0x1090 [ 744.216155][T20413] __sock_create+0x335/0x8d0 [ 744.216194][T20413] __sys_socket+0x14d/0x260 [ 744.216228][T20413] ? __pfx___sys_socket+0x10/0x10 [ 744.216260][T20413] ? rcu_is_watching+0x12/0xc0 [ 744.216305][T20413] __x64_sys_socket+0x72/0xb0 [ 744.216334][T20413] ? lockdep_hardirqs_on+0x7c/0x110 [ 744.216379][T20413] do_syscall_64+0xcd/0x260 [ 744.216428][T20413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.216460][T20413] RIP: 0033:0x7fb1fbd8d169 [ 744.216484][T20413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 744.216517][T20413] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 744.216547][T20413] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 744.216568][T20413] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 744.216587][T20413] RBP: 00007fb1fbe0e990 R08: 0000000000000000 R09: 0000000000000000 [ 744.216607][T20413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 744.216624][T20413] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 744.216663][T20413] [ 748.641490][T20670] FAULT_INJECTION: forcing a failure. [ 748.641490][T20670] name failslab, interval 1, probability 0, space 0, times 0 [ 748.654376][T20670] CPU: 0 UID: 0 PID: 20670 Comm: syz.2.2056 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 748.654423][T20670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 748.654442][T20670] Call Trace: [ 748.654454][T20670] [ 748.654466][T20670] dump_stack_lvl+0x16c/0x1f0 [ 748.654520][T20670] should_fail_ex+0x512/0x640 [ 748.654557][T20670] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 748.654607][T20670] should_failslab+0xc2/0x120 [ 748.654638][T20670] __kmalloc_cache_noprof+0x6a/0x3e0 [ 748.654683][T20670] ? ccid_get_builtin_ccids+0x79/0x200 [ 748.654741][T20670] ccid_get_builtin_ccids+0x79/0x200 [ 748.654796][T20670] dccp_feat_init+0x361/0x800 [ 748.654834][T20670] ? __pfx_dccp_feat_init+0x10/0x10 [ 748.654869][T20670] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 748.654915][T20670] ? lockdep_init_map_type+0x5c/0x280 [ 748.654949][T20670] ? do_init_timer+0xc9/0x110 [ 748.654991][T20670] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 748.655035][T20670] ? __pfx_dccp_delack_timer+0x10/0x10 [ 748.655096][T20670] dccp_init_sock+0x327/0x420 [ 748.655136][T20670] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 748.655176][T20670] dccp_v4_init_sock+0x1f/0xa0 [ 748.655211][T20670] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 748.655248][T20670] inet_create+0x936/0x1090 [ 748.655282][T20670] ? inet_create+0x93/0x1090 [ 748.655320][T20670] __sock_create+0x335/0x8d0 [ 748.655361][T20670] __sys_socket+0x14d/0x260 [ 748.655393][T20670] ? __pfx___sys_socket+0x10/0x10 [ 748.655428][T20670] ? rcu_is_watching+0x12/0xc0 [ 748.655476][T20670] __x64_sys_socket+0x72/0xb0 [ 748.655507][T20670] ? lockdep_hardirqs_on+0x7c/0x110 [ 748.655552][T20670] do_syscall_64+0xcd/0x260 [ 748.655603][T20670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.655636][T20670] RIP: 0033:0x7fcedc38d169 [ 748.655662][T20670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.655695][T20670] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 748.655725][T20670] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 748.655746][T20670] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 748.655764][T20670] RBP: 00007fcedc40e990 R08: 0000000000000000 R09: 0000000000000000 [ 748.655783][T20670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.655801][T20670] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 748.655841][T20670] [ 749.142249][T20672] FAULT_INJECTION: forcing a failure. [ 749.142249][T20672] name failslab, interval 1, probability 0, space 0, times 0 [ 749.575188][T20672] CPU: 0 UID: 0 PID: 20672 Comm: syz.1.2064 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 749.575235][T20672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 749.575254][T20672] Call Trace: [ 749.575265][T20672] [ 749.575276][T20672] dump_stack_lvl+0x16c/0x1f0 [ 749.575328][T20672] should_fail_ex+0x512/0x640 [ 749.575364][T20672] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 749.575417][T20672] should_failslab+0xc2/0x120 [ 749.575448][T20672] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 749.575498][T20672] ? __pmd_alloc+0xc3/0x870 [ 749.575541][T20672] __pmd_alloc+0xc3/0x870 [ 749.575575][T20672] ? find_held_lock+0x2b/0x80 [ 749.575620][T20672] __handle_mm_fault+0x948/0x2a40 [ 749.575676][T20672] ? __pfx___handle_mm_fault+0x10/0x10 [ 749.575745][T20672] ? find_vma+0xbf/0x140 [ 749.575779][T20672] ? __pfx_find_vma+0x10/0x10 [ 749.575819][T20672] handle_mm_fault+0x3fe/0xad0 [ 749.575872][T20672] do_user_addr_fault+0x7a6/0x1370 [ 749.575915][T20672] ? rcu_is_watching+0x12/0xc0 [ 749.575958][T20672] exc_page_fault+0x5c/0xc0 [ 749.576005][T20672] asm_exc_page_fault+0x26/0x30 [ 749.576034][T20672] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 749.576079][T20672] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 749.576110][T20672] RSP: 0018:ffffc9000c02f7d8 EFLAGS: 00050206 [ 749.576135][T20672] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 749.576155][T20672] RDX: ffffed1008b89561 RSI: 0000000000000000 RDI: ffff888045c4aa40 [ 749.576181][T20672] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1008b89560 [ 749.576200][T20672] R10: ffff888045c4ab03 R11: 0000000000000000 R12: 0000000000000000 [ 749.576220][T20672] R13: ffffc9000c02fd60 R14: 00000000000000c4 R15: ffff888045c4aa40 [ 749.576264][T20672] _copy_from_iter+0x391/0x15b0 [ 749.576307][T20672] ? __alloc_skb+0x200/0x380 [ 749.576349][T20672] ? __pfx__copy_from_iter+0x10/0x10 [ 749.576393][T20672] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 749.576438][T20672] ? __lock_acquire+0xaa4/0x1ba0 [ 749.576499][T20672] netlink_sendmsg+0x829/0xdd0 [ 749.576555][T20672] ? __pfx_netlink_sendmsg+0x10/0x10 [ 749.576620][T20672] ____sys_sendmsg+0xa95/0xc70 [ 749.576652][T20672] ? copy_msghdr_from_user+0x10a/0x160 [ 749.576695][T20672] ? __pfx_____sys_sendmsg+0x10/0x10 [ 749.576732][T20672] ? __pfx__kstrtoull+0x10/0x10 [ 749.576791][T20672] ___sys_sendmsg+0x134/0x1d0 [ 749.576835][T20672] ? __pfx____sys_sendmsg+0x10/0x10 [ 749.576899][T20672] ? find_held_lock+0x2b/0x80 [ 749.576966][T20672] __sys_sendmmsg+0x200/0x420 [ 749.577014][T20672] ? __pfx___sys_sendmmsg+0x10/0x10 [ 749.577080][T20672] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 749.577147][T20672] ? fput+0x70/0xf0 [ 749.577178][T20672] ? ksys_write+0x1b9/0x240 [ 749.577220][T20672] ? __pfx_ksys_write+0x10/0x10 [ 749.577262][T20672] ? rcu_is_watching+0x12/0xc0 [ 749.577309][T20672] __x64_sys_sendmmsg+0x9c/0x100 [ 749.577351][T20672] ? lockdep_hardirqs_on+0x7c/0x110 [ 749.577396][T20672] do_syscall_64+0xcd/0x260 [ 749.577446][T20672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.577477][T20672] RIP: 0033:0x7f02a4d8d169 [ 749.577500][T20672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 749.577530][T20672] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 749.577558][T20672] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 749.577579][T20672] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 749.577599][T20672] RBP: 00007f02a5bfe090 R08: 0000000000000000 R09: 0000000000000000 [ 749.577619][T20672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 749.577639][T20672] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 749.577680][T20672] [ 750.889486][T20789] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 752.583322][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.589815][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 754.299577][T20941] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 754.828030][T21054] FAULT_INJECTION: forcing a failure. [ 754.828030][T21054] name failslab, interval 1, probability 0, space 0, times 0 [ 754.848821][T21054] CPU: 0 UID: 0 PID: 21054 Comm: syz.2.2080 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 754.848868][T21054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 754.848887][T21054] Call Trace: [ 754.848896][T21054] [ 754.848908][T21054] dump_stack_lvl+0x16c/0x1f0 [ 754.848962][T21054] should_fail_ex+0x512/0x640 [ 754.848998][T21054] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 754.849046][T21054] should_failslab+0xc2/0x120 [ 754.849076][T21054] __kmalloc_cache_noprof+0x6a/0x3e0 [ 754.849122][T21054] ? ccid_get_builtin_ccids+0x79/0x200 [ 754.849179][T21054] ccid_get_builtin_ccids+0x79/0x200 [ 754.849247][T21054] dccp_feat_init+0x361/0x800 [ 754.849283][T21054] ? __pfx_dccp_feat_init+0x10/0x10 [ 754.849317][T21054] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 754.849362][T21054] ? lockdep_init_map_type+0x5c/0x280 [ 754.849395][T21054] ? do_init_timer+0xc9/0x110 [ 754.849437][T21054] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 754.849480][T21054] ? __pfx_dccp_delack_timer+0x10/0x10 [ 754.849529][T21054] dccp_init_sock+0x327/0x420 [ 754.849566][T21054] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 754.849611][T21054] dccp_v4_init_sock+0x1f/0xa0 [ 754.849645][T21054] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 754.849682][T21054] inet_create+0x936/0x1090 [ 754.849712][T21054] ? inet_create+0x93/0x1090 [ 754.849748][T21054] __sock_create+0x335/0x8d0 [ 754.849786][T21054] __sys_socket+0x14d/0x260 [ 754.849817][T21054] ? __pfx___sys_socket+0x10/0x10 [ 754.849850][T21054] ? rcu_is_watching+0x12/0xc0 [ 754.849896][T21054] __x64_sys_socket+0x72/0xb0 [ 754.849925][T21054] ? lockdep_hardirqs_on+0x7c/0x110 [ 754.849969][T21054] do_syscall_64+0xcd/0x260 [ 754.850017][T21054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.850050][T21054] RIP: 0033:0x7fcedc38d169 [ 754.850074][T21054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.850105][T21054] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 754.850135][T21054] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 754.850157][T21054] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 754.850176][T21054] RBP: 00007fcedc40e990 R08: 0000000000000000 R09: 0000000000000000 [ 754.850195][T21054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.850211][T21054] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 754.850238][T21054] [ 755.116701][T21058] FAULT_INJECTION: forcing a failure. [ 755.116701][T21058] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 755.130057][T21058] CPU: 0 UID: 0 PID: 21058 Comm: syz.1.2079 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 755.130096][T21058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 755.130115][T21058] Call Trace: [ 755.130125][T21058] [ 755.130136][T21058] dump_stack_lvl+0x16c/0x1f0 [ 755.130186][T21058] should_fail_ex+0x512/0x640 [ 755.130226][T21058] _copy_from_user+0x2e/0xd0 [ 755.130266][T21058] core_sys_select+0x35a/0xbe0 [ 755.130319][T21058] ? __pfx_core_sys_select+0x10/0x10 [ 755.130372][T21058] ? proc_fail_nth_write+0x9f/0x250 [ 755.130447][T21058] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 755.130504][T21058] kern_select+0x15d/0x1e0 [ 755.130549][T21058] ? __pfx_kern_select+0x10/0x10 [ 755.130583][T21058] ? __pfx_ksys_write+0x10/0x10 [ 755.130611][T21058] ? rcu_is_watching+0x12/0xc0 [ 755.130642][T21058] __x64_sys_select+0xbd/0x160 [ 755.130673][T21058] ? do_syscall_64+0x91/0x260 [ 755.130717][T21058] ? lockdep_hardirqs_on+0x7c/0x110 [ 755.130759][T21058] do_syscall_64+0xcd/0x260 [ 755.130799][T21058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.130821][T21058] RIP: 0033:0x7f02a4d8d169 [ 755.130838][T21058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.130859][T21058] RSP: 002b:00007f02a5b9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 755.130880][T21058] RAX: ffffffffffffffda RBX: 00007f02a4fa6240 RCX: 00007f02a4d8d169 [ 755.130894][T21058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 755.130907][T21058] RBP: 00007f02a5b9b090 R08: 0000000000000000 R09: 0000000000000000 [ 755.130921][T21058] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 755.130934][T21058] R13: 0000000000000001 R14: 00007f02a4fa6240 R15: 00007ffe9421cb08 [ 755.130982][T21058] [ 757.583538][T21297] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 757.745451][T21307] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2093'. [ 759.880812][T21483] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 760.365784][T21560] can0: slcan on pty215. [ 760.489556][T21559] can0 (unregistered): slcan off pty215. [ 761.039220][T21583] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 762.385606][T21804] can0: slcan on pty215. [ 762.571686][T21803] can0 (unregistered): slcan off pty215. [ 762.879328][T21819] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 764.844364][T21956] FAULT_INJECTION: forcing a failure. [ 764.844364][T21956] name failslab, interval 1, probability 0, space 0, times 0 [ 764.857446][T21956] CPU: 1 UID: 0 PID: 21956 Comm: syz.3.2134 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 764.857489][T21956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 764.857507][T21956] Call Trace: [ 764.857517][T21956] [ 764.857529][T21956] dump_stack_lvl+0x16c/0x1f0 [ 764.857578][T21956] should_fail_ex+0x512/0x640 [ 764.857610][T21956] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 764.857698][T21956] should_failslab+0xc2/0x120 [ 764.857727][T21956] __kmalloc_cache_noprof+0x6a/0x3e0 [ 764.857770][T21956] ? dccp_feat_clone_sp_val+0x96/0x130 [ 764.857822][T21956] ? dccp_feat_entry_new+0x1a2/0x380 [ 764.857881][T21956] dccp_feat_entry_new+0x1a2/0x380 [ 764.857947][T21956] __feat_register_sp+0x372/0x5a0 [ 764.857985][T21956] ? __pfx___feat_register_sp+0x10/0x10 [ 764.858017][T21956] ? __kasan_kmalloc+0xaa/0xb0 [ 764.858070][T21956] dccp_feat_init+0x724/0x800 [ 764.858107][T21956] ? __pfx_dccp_feat_init+0x10/0x10 [ 764.858141][T21956] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 764.858187][T21956] ? lockdep_init_map_type+0x5c/0x280 [ 764.858220][T21956] ? do_init_timer+0xc9/0x110 [ 764.858261][T21956] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 764.858306][T21956] ? __pfx_dccp_delack_timer+0x10/0x10 [ 764.858358][T21956] dccp_init_sock+0x327/0x420 [ 764.858396][T21956] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 764.858432][T21956] dccp_v4_init_sock+0x1f/0xa0 [ 764.858465][T21956] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 764.858501][T21956] inet_create+0x936/0x1090 [ 764.858533][T21956] ? inet_create+0x93/0x1090 [ 764.858576][T21956] __sock_create+0x335/0x8d0 [ 764.858617][T21956] __sys_socket+0x14d/0x260 [ 764.858650][T21956] ? __pfx___sys_socket+0x10/0x10 [ 764.858683][T21956] ? rcu_is_watching+0x12/0xc0 [ 764.858729][T21956] __x64_sys_socket+0x72/0xb0 [ 764.858757][T21956] ? lockdep_hardirqs_on+0x7c/0x110 [ 764.858800][T21956] do_syscall_64+0xcd/0x260 [ 764.858868][T21956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.858908][T21956] RIP: 0033:0x7fb1fbd8d169 [ 764.858933][T21956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 764.858965][T21956] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 764.858994][T21956] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 764.859032][T21956] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 764.859051][T21956] RBP: 00007fb1fbe0e990 R08: 0000000000000000 R09: 0000000000000000 [ 764.859068][T21956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 764.859085][T21956] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 764.859122][T21956] [ 765.504302][T21963] can0: slcan on pty215. [ 765.663656][T21962] can0 (unregistered): slcan off pty215. [ 765.830318][T21980] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 766.611064][T21999] FAULT_INJECTION: forcing a failure. [ 766.611064][T21999] name failslab, interval 1, probability 0, space 0, times 0 [ 766.658123][T21999] CPU: 0 UID: 0 PID: 21999 Comm: syz.0.2145 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 766.658175][T21999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 766.658194][T21999] Call Trace: [ 766.658206][T21999] [ 766.658218][T21999] dump_stack_lvl+0x16c/0x1f0 [ 766.658271][T21999] should_fail_ex+0x512/0x640 [ 766.658308][T21999] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 766.658354][T21999] should_failslab+0xc2/0x120 [ 766.658383][T21999] __kmalloc_cache_noprof+0x6a/0x3e0 [ 766.658422][T21999] ? dccp_feat_clone_sp_val+0x96/0x130 [ 766.658474][T21999] ? dccp_feat_entry_new+0x1a2/0x380 [ 766.658540][T21999] dccp_feat_entry_new+0x1a2/0x380 [ 766.658599][T21999] __feat_register_sp+0x372/0x5a0 [ 766.658635][T21999] ? __pfx___feat_register_sp+0x10/0x10 [ 766.658667][T21999] ? __kasan_kmalloc+0xaa/0xb0 [ 766.658721][T21999] dccp_feat_init+0x724/0x800 [ 766.658758][T21999] ? __pfx_dccp_feat_init+0x10/0x10 [ 766.658792][T21999] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 766.658837][T21999] ? lockdep_init_map_type+0x5c/0x280 [ 766.658870][T21999] ? do_init_timer+0xc9/0x110 [ 766.658911][T21999] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 766.658954][T21999] ? __pfx_dccp_delack_timer+0x10/0x10 [ 766.659004][T21999] dccp_init_sock+0x327/0x420 [ 766.659041][T21999] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 766.659079][T21999] dccp_v4_init_sock+0x1f/0xa0 [ 766.659112][T21999] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 766.659149][T21999] inet_create+0x936/0x1090 [ 766.659181][T21999] ? inet_create+0x93/0x1090 [ 766.659217][T21999] __sock_create+0x335/0x8d0 [ 766.659256][T21999] __sys_socket+0x14d/0x260 [ 766.659288][T21999] ? __pfx___sys_socket+0x10/0x10 [ 766.659321][T21999] ? rcu_is_watching+0x12/0xc0 [ 766.659366][T21999] __x64_sys_socket+0x72/0xb0 [ 766.659396][T21999] ? lockdep_hardirqs_on+0x7c/0x110 [ 766.659440][T21999] do_syscall_64+0xcd/0x260 [ 766.659490][T21999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.659522][T21999] RIP: 0033:0x7fd627b8d169 [ 766.659555][T21999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 766.659587][T21999] RSP: 002b:00007fd628ab3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 766.659617][T21999] RAX: ffffffffffffffda RBX: 00007fd627da5fa0 RCX: 00007fd627b8d169 [ 766.659638][T21999] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 766.659657][T21999] RBP: 00007fd627c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 766.659676][T21999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 766.659694][T21999] R13: 0000000000000000 R14: 00007fd627da5fa0 R15: 00007ffc844177d8 [ 766.659734][T21999] [ 767.677988][T22130] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 767.888202][T22026] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 767.963852][T22138] FAULT_INJECTION: forcing a failure. [ 767.963852][T22138] name failslab, interval 1, probability 0, space 0, times 0 [ 767.983236][T22138] CPU: 0 UID: 0 PID: 22138 Comm: syz.2.2157 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 767.983283][T22138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 767.983303][T22138] Call Trace: [ 767.983314][T22138] [ 767.983326][T22138] dump_stack_lvl+0x16c/0x1f0 [ 767.983379][T22138] should_fail_ex+0x512/0x640 [ 767.983421][T22138] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 767.983470][T22138] should_failslab+0xc2/0x120 [ 767.983500][T22138] __kmalloc_cache_noprof+0x6a/0x3e0 [ 767.983542][T22138] ? dccp_feat_clone_sp_val+0x96/0x130 [ 767.983611][T22138] ? dccp_feat_entry_new+0x1a2/0x380 [ 767.983669][T22138] dccp_feat_entry_new+0x1a2/0x380 [ 767.983728][T22138] __feat_register_sp+0x372/0x5a0 [ 767.983766][T22138] ? __pfx___feat_register_sp+0x10/0x10 [ 767.983798][T22138] ? __kasan_kmalloc+0xaa/0xb0 [ 767.983853][T22138] dccp_feat_init+0x724/0x800 [ 767.983891][T22138] ? __pfx_dccp_feat_init+0x10/0x10 [ 767.983924][T22138] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 767.983969][T22138] ? lockdep_init_map_type+0x5c/0x280 [ 767.984002][T22138] ? do_init_timer+0xc9/0x110 [ 767.984044][T22138] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 767.984084][T22138] ? __pfx_dccp_delack_timer+0x10/0x10 [ 767.984125][T22138] dccp_init_sock+0x327/0x420 [ 767.984157][T22138] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 767.984189][T22138] dccp_v4_init_sock+0x1f/0xa0 [ 767.984220][T22138] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 767.984250][T22138] inet_create+0x936/0x1090 [ 767.984277][T22138] ? inet_create+0x93/0x1090 [ 767.984306][T22138] __sock_create+0x335/0x8d0 [ 767.984338][T22138] __sys_socket+0x14d/0x260 [ 767.984364][T22138] ? __pfx___sys_socket+0x10/0x10 [ 767.984393][T22138] ? rcu_is_watching+0x12/0xc0 [ 767.984439][T22138] __x64_sys_socket+0x72/0xb0 [ 767.984464][T22138] ? lockdep_hardirqs_on+0x7c/0x110 [ 767.984502][T22138] do_syscall_64+0xcd/0x260 [ 767.984545][T22138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.984572][T22138] RIP: 0033:0x7fcedc38d169 [ 767.984593][T22138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 767.984624][T22138] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 767.984651][T22138] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 767.984670][T22138] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 767.984686][T22138] RBP: 00007fcedc40e990 R08: 0000000000000000 R09: 0000000000000000 [ 767.984702][T22138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 767.984717][T22138] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 767.984750][T22138] [ 770.633004][T22158] kexec: Could not allocate control_code_buffer [ 772.206580][T22306] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(0) [ 772.386654][T22312] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2177'. [ 775.250057][T22474] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 775.280427][T22467] FAULT_INJECTION: forcing a failure. [ 775.280427][T22467] name failslab, interval 1, probability 0, space 0, times 0 [ 775.293777][T22467] CPU: 1 UID: 0 PID: 22467 Comm: syz.1.2190 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 775.293815][T22467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 775.293844][T22467] Call Trace: [ 775.293854][T22467] [ 775.293865][T22467] dump_stack_lvl+0x16c/0x1f0 [ 775.293928][T22467] should_fail_ex+0x512/0x640 [ 775.293953][T22467] ? fs_reclaim_acquire+0xae/0x150 [ 775.293983][T22467] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 775.294027][T22467] should_failslab+0xc2/0x120 [ 775.294047][T22467] __kmalloc_noprof+0xd2/0x510 [ 775.294087][T22467] tomoyo_realpath_from_path+0xc2/0x6e0 [ 775.294121][T22467] ? tomoyo_profile+0x47/0x60 [ 775.294156][T22467] tomoyo_path_number_perm+0x245/0x580 [ 775.294179][T22467] ? tomoyo_path_number_perm+0x237/0x580 [ 775.294207][T22467] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 775.294233][T22467] ? find_held_lock+0x2b/0x80 [ 775.294286][T22467] ? find_held_lock+0x2b/0x80 [ 775.294312][T22467] ? hook_file_ioctl_common+0x145/0x410 [ 775.294361][T22467] ? __fget_files+0x20e/0x3c0 [ 775.294399][T22467] security_file_ioctl+0x9b/0x240 [ 775.294428][T22467] __x64_sys_ioctl+0xb7/0x200 [ 775.294457][T22467] do_syscall_64+0xcd/0x260 [ 775.294506][T22467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 775.294528][T22467] RIP: 0033:0x7f02a4d8d169 [ 775.294545][T22467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 775.294567][T22467] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 775.294587][T22467] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 775.294606][T22467] RDX: 00002000000001c0 RSI: fffffff7effffd05 RDI: 0000000000000003 [ 775.294638][T22467] RBP: 00007f02a5bfe090 R08: 0000000000000000 R09: 0000000000000000 [ 775.294652][T22467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 775.294665][T22467] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 775.294694][T22467] [ 775.294703][T22467] ERROR: Out of memory at tomoyo_realpath_from_path. [ 775.516332][T22467] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 777.219215][T22613] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 778.437386][T22640] FAULT_INJECTION: forcing a failure. [ 778.437386][T22640] name failslab, interval 1, probability 0, space 0, times 0 [ 778.468432][T22640] CPU: 1 UID: 0 PID: 22640 Comm: syz.1.2212 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 778.468466][T22640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 778.468487][T22640] Call Trace: [ 778.468495][T22640] [ 778.468504][T22640] dump_stack_lvl+0x16c/0x1f0 [ 778.468543][T22640] should_fail_ex+0x512/0x640 [ 778.468569][T22640] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 778.468603][T22640] ? __pfx_mon_text_open+0x10/0x10 [ 778.468630][T22640] should_failslab+0xc2/0x120 [ 778.468652][T22640] __kmalloc_cache_noprof+0x6a/0x3e0 [ 778.468683][T22640] ? lockdep_init_map_type+0x5c/0x280 [ 778.468704][T22640] ? mon_text_open+0xd5/0x4f0 [ 778.468741][T22640] ? __pfx_mon_text_open+0x10/0x10 [ 778.468768][T22640] mon_text_open+0xd5/0x4f0 [ 778.468796][T22640] ? __pfx_mon_text_open+0x10/0x10 [ 778.468822][T22640] ? __debugfs_file_get+0x1fe/0x840 [ 778.468845][T22640] ? __pfx___debugfs_file_get+0x10/0x10 [ 778.468869][T22640] ? __pfx_apparmor_file_open+0x10/0x10 [ 778.468897][T22640] ? lockdown_is_locked_down+0x3f/0x130 [ 778.468929][T22640] ? bpf_lsm_locked_down+0x9/0x10 [ 778.468965][T22640] ? __pfx_mon_text_open+0x10/0x10 [ 778.468991][T22640] full_proxy_open_regular+0x1b6/0x360 [ 778.469020][T22640] do_dentry_open+0x741/0x1c10 [ 778.469054][T22640] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 778.469087][T22640] vfs_open+0x82/0x3f0 [ 778.469113][T22640] path_openat+0x1e5e/0x2d40 [ 778.469158][T22640] ? __pfx_path_openat+0x10/0x10 [ 778.469199][T22640] do_filp_open+0x20b/0x470 [ 778.469233][T22640] ? __pfx_do_filp_open+0x10/0x10 [ 778.469288][T22640] ? alloc_fd+0x471/0x7d0 [ 778.469328][T22640] do_sys_openat2+0x11b/0x1d0 [ 778.469364][T22640] ? __pfx_do_sys_openat2+0x10/0x10 [ 778.469398][T22640] __x64_sys_openat+0x174/0x210 [ 778.469423][T22640] ? __pfx___x64_sys_openat+0x10/0x10 [ 778.469448][T22640] ? rcu_is_watching+0x12/0xc0 [ 778.469501][T22640] do_syscall_64+0xcd/0x260 [ 778.469538][T22640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 778.469560][T22640] RIP: 0033:0x7f02a4d8d169 [ 778.469578][T22640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 778.469600][T22640] RSP: 002b:00007f02a5bdd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 778.469621][T22640] RAX: ffffffffffffffda RBX: 00007f02a4fa6080 RCX: 00007f02a4d8d169 [ 778.469636][T22640] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 778.469650][T22640] RBP: 00007f02a4e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 778.469663][T22640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 778.469676][T22640] R13: 0000000000000000 R14: 00007f02a4fa6080 R15: 00007ffe9421cb08 [ 778.469704][T22640] [ 781.832626][T22994] FAULT_INJECTION: forcing a failure. [ 781.832626][T22994] name failslab, interval 1, probability 0, space 0, times 0 [ 782.016059][T22994] CPU: 0 UID: 0 PID: 22994 Comm: syz.3.2226 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 782.016111][T22994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 782.016130][T22994] Call Trace: [ 782.016141][T22994] [ 782.016153][T22994] dump_stack_lvl+0x16c/0x1f0 [ 782.016234][T22994] should_fail_ex+0x512/0x640 [ 782.016270][T22994] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 782.016318][T22994] ? __pfx_mon_text_open+0x10/0x10 [ 782.016357][T22994] should_failslab+0xc2/0x120 [ 782.016388][T22994] __kmalloc_cache_noprof+0x6a/0x3e0 [ 782.016451][T22994] ? mon_text_open+0x1cb/0x4f0 [ 782.016502][T22994] ? __pfx_mon_text_open+0x10/0x10 [ 782.016542][T22994] mon_text_open+0x1cb/0x4f0 [ 782.016582][T22994] ? __pfx_mon_text_open+0x10/0x10 [ 782.016621][T22994] ? __debugfs_file_get+0x1fe/0x840 [ 782.016655][T22994] ? __pfx___debugfs_file_get+0x10/0x10 [ 782.016691][T22994] ? __pfx_apparmor_file_open+0x10/0x10 [ 782.016730][T22994] ? lockdown_is_locked_down+0x3f/0x130 [ 782.016777][T22994] ? bpf_lsm_locked_down+0x9/0x10 [ 782.016828][T22994] ? __pfx_mon_text_open+0x10/0x10 [ 782.016866][T22994] full_proxy_open_regular+0x1b6/0x360 [ 782.016909][T22994] do_dentry_open+0x741/0x1c10 [ 782.016957][T22994] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 782.017006][T22994] vfs_open+0x82/0x3f0 [ 782.017045][T22994] path_openat+0x1e5e/0x2d40 [ 782.017110][T22994] ? __pfx_path_openat+0x10/0x10 [ 782.017170][T22994] do_filp_open+0x20b/0x470 [ 782.017219][T22994] ? __pfx_do_filp_open+0x10/0x10 [ 782.017300][T22994] ? alloc_fd+0x471/0x7d0 [ 782.017360][T22994] do_sys_openat2+0x11b/0x1d0 [ 782.017394][T22994] ? __pfx_do_sys_openat2+0x10/0x10 [ 782.017446][T22994] __x64_sys_openat+0x174/0x210 [ 782.017486][T22994] ? __pfx___x64_sys_openat+0x10/0x10 [ 782.017526][T22994] ? rcu_is_watching+0x12/0xc0 [ 782.017581][T22994] do_syscall_64+0xcd/0x260 [ 782.017632][T22994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.017665][T22994] RIP: 0033:0x7fb1fbd8d169 [ 782.017691][T22994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.017723][T22994] RSP: 002b:00007fb1fcc66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 782.017755][T22994] RAX: ffffffffffffffda RBX: 00007fb1fbfa6080 RCX: 00007fb1fbd8d169 [ 782.017776][T22994] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 782.017795][T22994] RBP: 00007fb1fbe0e990 R08: 0000000000000000 R09: 0000000000000000 [ 782.017814][T22994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 782.017833][T22994] R13: 0000000000000000 R14: 00007fb1fbfa6080 R15: 00007fff8087c928 [ 782.017875][T22994] [ 782.885681][T23211] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2229'. [ 782.920769][T23211] bridge0: port 2(bridge_slave_1) entered disabled state [ 782.991160][T23211] bridge_slave_1 (unregistering): left allmulticast mode [ 783.012022][T23211] bridge_slave_1 (unregistering): left promiscuous mode [ 783.029437][T23211] bridge0: port 2(bridge_slave_1) entered disabled state [ 784.676439][T23240] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 785.025310][T23245] FAULT_INJECTION: forcing a failure. [ 785.025310][T23245] name failslab, interval 1, probability 0, space 0, times 0 [ 785.078860][T23245] CPU: 1 UID: 0 PID: 23245 Comm: syz.2.2240 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 785.078909][T23245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 785.078929][T23245] Call Trace: [ 785.078939][T23245] [ 785.078951][T23245] dump_stack_lvl+0x16c/0x1f0 [ 785.079010][T23245] should_fail_ex+0x512/0x640 [ 785.079046][T23245] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 785.079093][T23245] should_failslab+0xc2/0x120 [ 785.079123][T23245] __kmalloc_cache_noprof+0x6a/0x3e0 [ 785.079167][T23245] ? ccid_get_builtin_ccids+0x79/0x200 [ 785.079222][T23245] ccid_get_builtin_ccids+0x79/0x200 [ 785.079274][T23245] dccp_feat_init+0x394/0x800 [ 785.079311][T23245] ? __pfx_dccp_feat_init+0x10/0x10 [ 785.079344][T23245] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 785.079388][T23245] ? lockdep_init_map_type+0x5c/0x280 [ 785.079420][T23245] ? do_init_timer+0xc9/0x110 [ 785.079460][T23245] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 785.079504][T23245] ? __pfx_dccp_delack_timer+0x10/0x10 [ 785.079552][T23245] dccp_init_sock+0x327/0x420 [ 785.079590][T23245] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 785.079626][T23245] dccp_v4_init_sock+0x1f/0xa0 [ 785.079660][T23245] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 785.079696][T23245] inet_create+0x936/0x1090 [ 785.079727][T23245] ? inet_create+0x93/0x1090 [ 785.079764][T23245] __sock_create+0x335/0x8d0 [ 785.079802][T23245] __sys_socket+0x14d/0x260 [ 785.079834][T23245] ? __pfx___sys_socket+0x10/0x10 [ 785.079867][T23245] ? rcu_is_watching+0x12/0xc0 [ 785.079913][T23245] __x64_sys_socket+0x72/0xb0 [ 785.079943][T23245] ? lockdep_hardirqs_on+0x7c/0x110 [ 785.079986][T23245] do_syscall_64+0xcd/0x260 [ 785.080042][T23245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.080074][T23245] RIP: 0033:0x7fcedc38d169 [ 785.080100][T23245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.080131][T23245] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 785.080160][T23245] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 785.080179][T23245] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 785.080197][T23245] RBP: 00007fcedc40e990 R08: 0000000000000000 R09: 0000000000000000 [ 785.080216][T23245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 785.080233][T23245] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 785.080272][T23245] [ 787.020080][T23402] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 787.706719][T23483] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 788.536841][T23513] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 789.969643][T23734] FAULT_INJECTION: forcing a failure. [ 789.969643][T23734] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 789.983252][T23734] CPU: 1 UID: 0 PID: 23734 Comm: syz.0.2268 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 789.983292][T23734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 789.983309][T23734] Call Trace: [ 789.983319][T23734] [ 789.983329][T23734] dump_stack_lvl+0x16c/0x1f0 [ 789.983379][T23734] should_fail_ex+0x512/0x640 [ 789.983418][T23734] strncpy_from_user+0x3b/0x2e0 [ 789.983454][T23734] getname_flags.part.0+0x8b/0x540 [ 789.983532][T23734] getname_flags+0x93/0xf0 [ 789.983575][T23734] do_sys_openat2+0xb8/0x1d0 [ 789.983609][T23734] ? __pfx_do_sys_openat2+0x10/0x10 [ 789.983645][T23734] ? __fget_files+0x20e/0x3c0 [ 789.983717][T23734] __x64_sys_openat+0x174/0x210 [ 789.983752][T23734] ? __pfx___x64_sys_openat+0x10/0x10 [ 789.983784][T23734] ? ksys_write+0x1b9/0x240 [ 789.983842][T23734] do_syscall_64+0xcd/0x260 [ 789.983894][T23734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.983927][T23734] RIP: 0033:0x7fd627b8d169 [ 789.983952][T23734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 789.983982][T23734] RSP: 002b:00007fd628ab3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 789.984012][T23734] RAX: ffffffffffffffda RBX: 00007fd627da5fa0 RCX: 00007fd627b8d169 [ 789.984032][T23734] RDX: 0000000000000080 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 789.984051][T23734] RBP: 00007fd628ab3090 R08: 0000000000000000 R09: 0000000000000000 [ 789.984069][T23734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 789.984088][T23734] R13: 0000000000000001 R14: 00007fd627da5fa0 R15: 00007ffc844177d8 [ 789.984127][T23734] [ 790.971836][T23753] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78808 [ 790.982659][T23753] memcg:ffff888034436982 [ 790.987232][T23753] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 790.996166][T23753] page_type: f2(table) [ 791.000517][T23753] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 791.009232][T23753] raw: ffff888000000000 ffff88803417b480 00000001f2000000 ffff888034436982 [ 791.017860][T23753] page dumped because: unmovable page [ 791.023358][T23753] page_owner tracks the page as allocated [ 791.029453][T23753] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 16888, tgid 16886 (syz.3.1780), ts 695781141398, free_ts 694181159945 [ 791.088754][T23753] post_alloc_hook+0x181/0x1b0 [ 791.097609][T23753] get_page_from_freelist+0x1193/0x39b0 [ 791.113254][T23753] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 791.119326][T23753] alloc_pages_mpol+0x1fb/0x550 [ 791.124312][T23753] alloc_pages_noprof+0x131/0x390 [ 791.129456][T23753] pte_alloc_one+0x19/0x380 [ 791.134017][T23753] __pte_alloc+0x6d/0x3c0 [ 791.165323][T23753] copy_page_range+0x39a7/0x5ec0 [ 791.323283][T23753] copy_process+0x862b/0x91a0 [ 791.328067][T23753] kernel_clone+0xfc/0x960 [ 791.333518][T23753] __do_sys_clone+0xce/0x120 [ 791.338195][T23753] do_syscall_64+0xcd/0x260 [ 791.342774][T23860] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2275'. [ 791.357277][T23753] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.363721][T23753] page last free pid 851 tgid 851 stack trace: [ 791.370282][T23753] __free_frozen_pages+0x69d/0xff0 [ 791.375567][T23753] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 791.381826][T23753] __apply_to_page_range+0x5f9/0xd30 [ 791.387198][T23753] kasan_release_vmalloc+0xd1/0xe0 [ 791.393044][T23753] purge_vmap_node+0x1cb/0xa70 [ 791.397895][T23753] __purge_vmap_area_lazy+0x9d1/0xc90 [ 791.405114][T23753] drain_vmap_area_work+0x27/0x40 [ 791.410634][T23753] process_one_work+0x9cc/0x1b70 [ 791.415637][T23753] worker_thread+0x6c8/0xf10 [ 791.420420][T23753] kthread+0x3c2/0x780 [ 791.424531][T23753] ret_from_fork+0x45/0x80 [ 791.429100][T23753] ret_from_fork_asm+0x1a/0x30 [ 792.162106][T23981] cougar: G6 mapped to space [ 792.515151][T24092] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78808 [ 792.648714][T24092] memcg:ffff888034436982 [ 792.664870][T24092] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 792.672872][T24092] page_type: f2(table) [ 792.677276][T24092] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 792.734735][T24092] raw: ffff888000000000 ffff88803417b480 00000001f2000000 ffff888034436982 [ 792.846414][T24092] page dumped because: unmovable page [ 792.923047][T24092] page_owner tracks the page as allocated [ 793.021870][T24092] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 16888, tgid 16886 (syz.3.1780), ts 695781141398, free_ts 694181159945 [ 793.176588][T24092] post_alloc_hook+0x181/0x1b0 [ 793.237807][T24092] get_page_from_freelist+0x1193/0x39b0 [ 793.308178][T24092] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 793.323496][T24092] alloc_pages_mpol+0x1fb/0x550 [ 793.330360][T24092] alloc_pages_noprof+0x131/0x390 [ 793.335614][T24092] pte_alloc_one+0x19/0x380 [ 793.344031][T24092] __pte_alloc+0x6d/0x3c0 [ 793.351578][T24092] copy_page_range+0x39a7/0x5ec0 [ 793.356883][T24092] copy_process+0x862b/0x91a0 [ 793.388402][T24092] kernel_clone+0xfc/0x960 [ 793.392929][T24092] __do_sys_clone+0xce/0x120 [ 793.438570][T24092] do_syscall_64+0xcd/0x260 [ 793.443277][T24092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.452616][T24092] page last free pid 851 tgid 851 stack trace: [ 793.459187][T24092] __free_frozen_pages+0x69d/0xff0 [ 793.464523][T24092] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 793.470892][T24092] __apply_to_page_range+0x5f9/0xd30 [ 793.476390][T24092] kasan_release_vmalloc+0xd1/0xe0 [ 793.482086][T24092] purge_vmap_node+0x1cb/0xa70 [ 793.487295][T24092] __purge_vmap_area_lazy+0x9d1/0xc90 [ 793.493207][T24092] drain_vmap_area_work+0x27/0x40 [ 793.530526][T24092] process_one_work+0x9cc/0x1b70 [ 793.535612][T24092] worker_thread+0x6c8/0xf10 [ 793.559023][T24092] kthread+0x3c2/0x780 [ 793.563198][T24092] ret_from_fork+0x45/0x80 [ 793.587840][T24092] ret_from_fork_asm+0x1a/0x30 [ 802.411331][T24133] FAULT_INJECTION: forcing a failure. [ 802.411331][T24133] name failslab, interval 1, probability 0, space 0, times 0 [ 802.424226][T24133] CPU: 1 UID: 0 PID: 24133 Comm: syz.0.2302 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 802.424268][T24133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 802.424288][T24133] Call Trace: [ 802.424299][T24133] [ 802.424310][T24133] dump_stack_lvl+0x16c/0x1f0 [ 802.424362][T24133] should_fail_ex+0x512/0x640 [ 802.424398][T24133] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 802.424444][T24133] should_failslab+0xc2/0x120 [ 802.424475][T24133] __kmalloc_cache_noprof+0x6a/0x3e0 [ 802.424533][T24133] ? ccid_get_builtin_ccids+0x79/0x200 [ 802.424589][T24133] ccid_get_builtin_ccids+0x79/0x200 [ 802.424648][T24133] dccp_feat_init+0x361/0x800 [ 802.424703][T24133] ? __pfx_dccp_feat_init+0x10/0x10 [ 802.424738][T24133] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 802.424786][T24133] ? lockdep_init_map_type+0x5c/0x280 [ 802.424819][T24133] ? do_init_timer+0xc9/0x110 [ 802.424863][T24133] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 802.424908][T24133] ? __pfx_dccp_delack_timer+0x10/0x10 [ 802.424958][T24133] dccp_init_sock+0x327/0x420 [ 802.424997][T24133] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 802.425036][T24133] dccp_v4_init_sock+0x1f/0xa0 [ 802.425070][T24133] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 802.425108][T24133] inet_create+0x936/0x1090 [ 802.425138][T24133] ? inet_create+0x93/0x1090 [ 802.425176][T24133] __sock_create+0x335/0x8d0 [ 802.425215][T24133] __sys_socket+0x14d/0x260 [ 802.425247][T24133] ? __pfx___sys_socket+0x10/0x10 [ 802.425276][T24133] ? rcu_is_watching+0x12/0xc0 [ 802.425316][T24133] __x64_sys_socket+0x72/0xb0 [ 802.425341][T24133] ? lockdep_hardirqs_on+0x7c/0x110 [ 802.425379][T24133] do_syscall_64+0xcd/0x260 [ 802.425421][T24133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.425448][T24133] RIP: 0033:0x7fd627b8d169 [ 802.425469][T24133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 802.425504][T24133] RSP: 002b:00007fd628ab3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 802.425529][T24133] RAX: ffffffffffffffda RBX: 00007fd627da5fa0 RCX: 00007fd627b8d169 [ 802.425548][T24133] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 802.425564][T24133] RBP: 00007fd627c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 802.425580][T24133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 802.425597][T24133] R13: 0000000000000000 R14: 00007fd627da5fa0 R15: 00007ffc844177d8 [ 802.425630][T24133] [ 803.704749][T24154] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2301'. [ 804.248626][T24270] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 805.190304][T24392] FAULT_INJECTION: forcing a failure. [ 805.190304][T24392] name failslab, interval 1, probability 0, space 0, times 0 [ 805.285605][T24392] CPU: 1 UID: 0 PID: 24392 Comm: syz.0.2313 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 805.285654][T24392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 805.285674][T24392] Call Trace: [ 805.285684][T24392] [ 805.285697][T24392] dump_stack_lvl+0x16c/0x1f0 [ 805.285751][T24392] should_fail_ex+0x512/0x640 [ 805.285790][T24392] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 805.285839][T24392] should_failslab+0xc2/0x120 [ 805.285871][T24392] __kmalloc_cache_noprof+0x6a/0x3e0 [ 805.285918][T24392] ? ccid_get_builtin_ccids+0x79/0x200 [ 805.285975][T24392] ccid_get_builtin_ccids+0x79/0x200 [ 805.286031][T24392] dccp_feat_init+0x361/0x800 [ 805.286069][T24392] ? __pfx_dccp_feat_init+0x10/0x10 [ 805.286105][T24392] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 805.286152][T24392] ? lockdep_init_map_type+0x5c/0x280 [ 805.286187][T24392] ? do_init_timer+0xc9/0x110 [ 805.286231][T24392] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 805.286279][T24392] ? __pfx_dccp_delack_timer+0x10/0x10 [ 805.286331][T24392] dccp_init_sock+0x327/0x420 [ 805.286370][T24392] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 805.286409][T24392] dccp_v4_init_sock+0x1f/0xa0 [ 805.286451][T24392] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 805.286488][T24392] inet_create+0x936/0x1090 [ 805.286522][T24392] ? inet_create+0x93/0x1090 [ 805.286559][T24392] __sock_create+0x335/0x8d0 [ 805.286600][T24392] __sys_socket+0x14d/0x260 [ 805.286633][T24392] ? __pfx___sys_socket+0x10/0x10 [ 805.286666][T24392] ? rcu_is_watching+0x12/0xc0 [ 805.286715][T24392] __x64_sys_socket+0x72/0xb0 [ 805.286746][T24392] ? lockdep_hardirqs_on+0x7c/0x110 [ 805.286792][T24392] do_syscall_64+0xcd/0x260 [ 805.286845][T24392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 805.286879][T24392] RIP: 0033:0x7fd627b8d169 [ 805.286904][T24392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 805.286934][T24392] RSP: 002b:00007fd628ab3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 805.286965][T24392] RAX: ffffffffffffffda RBX: 00007fd627da5fa0 RCX: 00007fd627b8d169 [ 805.286987][T24392] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 805.287006][T24392] RBP: 00007fd627c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 805.287025][T24392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 805.287044][T24392] R13: 0000000000000000 R14: 00007fd627da5fa0 R15: 00007ffc844177d8 [ 805.287085][T24392] [ 805.999310][T24401] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 807.006974][T24430] FAULT_INJECTION: forcing a failure. [ 807.006974][T24430] name failslab, interval 1, probability 0, space 0, times 0 [ 807.019816][T24430] CPU: 0 UID: 0 PID: 24430 Comm: syz.2.2325 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 807.019858][T24430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 807.019876][T24430] Call Trace: [ 807.019886][T24430] [ 807.019897][T24430] dump_stack_lvl+0x16c/0x1f0 [ 807.019947][T24430] should_fail_ex+0x512/0x640 [ 807.019982][T24430] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 807.020038][T24430] should_failslab+0xc2/0x120 [ 807.020068][T24430] __kmalloc_cache_noprof+0x6a/0x3e0 [ 807.020110][T24430] ? ccid_get_builtin_ccids+0x79/0x200 [ 807.020165][T24430] ccid_get_builtin_ccids+0x79/0x200 [ 807.020219][T24430] dccp_feat_init+0x361/0x800 [ 807.020273][T24430] ? __pfx_dccp_feat_init+0x10/0x10 [ 807.020307][T24430] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 807.020354][T24430] ? lockdep_init_map_type+0x5c/0x280 [ 807.020388][T24430] ? do_init_timer+0xc9/0x110 [ 807.020432][T24430] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 807.020476][T24430] ? __pfx_dccp_delack_timer+0x10/0x10 [ 807.020526][T24430] dccp_init_sock+0x327/0x420 [ 807.020565][T24430] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 807.020604][T24430] dccp_v4_init_sock+0x1f/0xa0 [ 807.020638][T24430] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 807.020675][T24430] inet_create+0x936/0x1090 [ 807.020708][T24430] ? inet_create+0x93/0x1090 [ 807.020746][T24430] __sock_create+0x335/0x8d0 [ 807.020786][T24430] __sys_socket+0x14d/0x260 [ 807.020819][T24430] ? __pfx___sys_socket+0x10/0x10 [ 807.020852][T24430] ? rcu_is_watching+0x12/0xc0 [ 807.020900][T24430] __x64_sys_socket+0x72/0xb0 [ 807.020930][T24430] ? lockdep_hardirqs_on+0x7c/0x110 [ 807.020985][T24430] do_syscall_64+0xcd/0x260 [ 807.021044][T24430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.021077][T24430] RIP: 0033:0x7fcedc38d169 [ 807.021102][T24430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 807.021134][T24430] RSP: 002b:00007fcedd1e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 807.021164][T24430] RAX: ffffffffffffffda RBX: 00007fcedc5a5fa0 RCX: 00007fcedc38d169 [ 807.021185][T24430] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 807.021204][T24430] RBP: 00007fcedc40e990 R08: 0000000000000000 R09: 0000000000000000 [ 807.021224][T24430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 807.021243][T24430] R13: 0000000000000000 R14: 00007fcedc5a5fa0 R15: 00007ffecca310e8 [ 807.021285][T24430] [ 808.617967][T24562] FAULT_INJECTION: forcing a failure. [ 808.617967][T24562] name failslab, interval 1, probability 0, space 0, times 0 [ 808.639630][T24562] CPU: 1 UID: 0 PID: 24562 Comm: syz.1.2336 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 808.639673][T24562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 808.639689][T24562] Call Trace: [ 808.639699][T24562] [ 808.639713][T24562] dump_stack_lvl+0x16c/0x1f0 [ 808.639763][T24562] should_fail_ex+0x512/0x640 [ 808.639799][T24562] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 808.639845][T24562] should_failslab+0xc2/0x120 [ 808.639875][T24562] __kmalloc_cache_noprof+0x6a/0x3e0 [ 808.639918][T24562] ? ccid_get_builtin_ccids+0x79/0x200 [ 808.639974][T24562] ccid_get_builtin_ccids+0x79/0x200 [ 808.640027][T24562] dccp_feat_init+0x394/0x800 [ 808.640063][T24562] ? __pfx_dccp_feat_init+0x10/0x10 [ 808.640097][T24562] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 808.640148][T24562] ? lockdep_init_map_type+0x5c/0x280 [ 808.640182][T24562] ? do_init_timer+0xc9/0x110 [ 808.640224][T24562] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 808.640268][T24562] ? __pfx_dccp_delack_timer+0x10/0x10 [ 808.640318][T24562] dccp_init_sock+0x327/0x420 [ 808.640355][T24562] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 808.640392][T24562] dccp_v4_init_sock+0x1f/0xa0 [ 808.640425][T24562] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 808.640461][T24562] inet_create+0x936/0x1090 [ 808.640493][T24562] ? inet_create+0x93/0x1090 [ 808.640530][T24562] __sock_create+0x335/0x8d0 [ 808.640569][T24562] __sys_socket+0x14d/0x260 [ 808.640600][T24562] ? __pfx___sys_socket+0x10/0x10 [ 808.640634][T24562] ? rcu_is_watching+0x12/0xc0 [ 808.640680][T24562] __x64_sys_socket+0x72/0xb0 [ 808.640710][T24562] ? lockdep_hardirqs_on+0x7c/0x110 [ 808.640753][T24562] do_syscall_64+0xcd/0x260 [ 808.640804][T24562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 808.640836][T24562] RIP: 0033:0x7f02a4d8d169 [ 808.640861][T24562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 808.640892][T24562] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 808.640921][T24562] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 808.640959][T24562] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 808.640978][T24562] RBP: 00007f02a4e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 808.640997][T24562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 808.641017][T24562] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 808.641065][T24562] [ 810.234188][ T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 810.246651][ T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 810.254930][ T55] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 810.267665][ T55] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 810.275643][ T55] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 811.275130][T24689] chnl_net:caif_netlink_parms(): no params data found [ 811.444504][T24706] FAULT_INJECTION: forcing a failure. [ 811.444504][T24706] name failslab, interval 1, probability 0, space 0, times 0 [ 811.484316][T24706] CPU: 1 UID: 0 PID: 24706 Comm: syz.1.2347 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 811.484362][T24706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 811.484381][T24706] Call Trace: [ 811.484391][T24706] [ 811.484403][T24706] dump_stack_lvl+0x16c/0x1f0 [ 811.484456][T24706] should_fail_ex+0x512/0x640 [ 811.484492][T24706] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 811.484539][T24706] should_failslab+0xc2/0x120 [ 811.484569][T24706] __kmalloc_cache_noprof+0x6a/0x3e0 [ 811.484613][T24706] ? ccid_get_builtin_ccids+0x79/0x200 [ 811.484698][T24706] ccid_get_builtin_ccids+0x79/0x200 [ 811.484754][T24706] dccp_feat_init+0x394/0x800 [ 811.484792][T24706] ? __pfx_dccp_feat_init+0x10/0x10 [ 811.484826][T24706] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 811.484873][T24706] ? lockdep_init_map_type+0x5c/0x280 [ 811.484913][T24706] ? do_init_timer+0xc9/0x110 [ 811.484957][T24706] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 811.485002][T24706] ? __pfx_dccp_delack_timer+0x10/0x10 [ 811.485052][T24706] dccp_init_sock+0x327/0x420 [ 811.485092][T24706] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 811.485130][T24706] dccp_v4_init_sock+0x1f/0xa0 [ 811.485165][T24706] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 811.485202][T24706] inet_create+0x936/0x1090 [ 811.485235][T24706] ? inet_create+0x93/0x1090 [ 811.485273][T24706] __sock_create+0x335/0x8d0 [ 811.485312][T24706] __sys_socket+0x14d/0x260 [ 811.485345][T24706] ? __pfx___sys_socket+0x10/0x10 [ 811.485380][T24706] ? rcu_is_watching+0x12/0xc0 [ 811.485428][T24706] __x64_sys_socket+0x72/0xb0 [ 811.485459][T24706] ? lockdep_hardirqs_on+0x7c/0x110 [ 811.485504][T24706] do_syscall_64+0xcd/0x260 [ 811.485557][T24706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.485590][T24706] RIP: 0033:0x7f02a4d8d169 [ 811.485615][T24706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 811.485660][T24706] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 811.485698][T24706] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 811.485720][T24706] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 811.485740][T24706] RBP: 00007f02a4e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 811.485760][T24706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 811.485779][T24706] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 811.485821][T24706] [ 812.338769][T15650] Bluetooth: hci4: command tx timeout [ 812.531893][T24689] bridge0: port 1(bridge_slave_0) entered blocking state [ 812.568510][T24689] bridge0: port 1(bridge_slave_0) entered disabled state [ 812.593211][T24689] bridge_slave_0: entered allmulticast mode [ 812.602631][T24689] bridge_slave_0: entered promiscuous mode [ 812.706483][T24689] bridge0: port 2(bridge_slave_1) entered blocking state [ 812.719118][T24689] bridge0: port 2(bridge_slave_1) entered disabled state [ 812.726549][T24689] bridge_slave_1: entered allmulticast mode [ 812.746358][T24689] bridge_slave_1: entered promiscuous mode [ 812.848250][T24689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 812.867768][T24689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 812.944544][T24689] team0: Port device team_slave_0 added [ 812.956895][T24689] team0: Port device team_slave_1 added [ 813.025571][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 813.102615][T24689] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 813.114710][T24689] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 813.152316][T24689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 813.182180][T24689] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 813.190237][T24689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 813.216182][ C0] vkms_vblank_simulate: vblank timer overrun [ 813.228487][T24689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 813.260804][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 813.497662][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 813.520919][T24689] hsr_slave_0: entered promiscuous mode [ 813.533576][T24689] hsr_slave_1: entered promiscuous mode [ 813.547511][T24689] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 813.561179][T24689] Cannot create hsr debugfs directory [ 813.597277][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 813.853932][T24845] FAULT_INJECTION: forcing a failure. [ 813.853932][T24845] name failslab, interval 1, probability 0, space 0, times 0 [ 813.886655][T24845] CPU: 1 UID: 0 PID: 24845 Comm: syz.1.2358 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 813.886699][T24845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 813.886719][T24845] Call Trace: [ 813.886730][T24845] [ 813.886741][T24845] dump_stack_lvl+0x16c/0x1f0 [ 813.886793][T24845] should_fail_ex+0x512/0x640 [ 813.886828][T24845] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 813.886874][T24845] should_failslab+0xc2/0x120 [ 813.886904][T24845] __kmalloc_cache_noprof+0x6a/0x3e0 [ 813.886947][T24845] ? ccid_get_builtin_ccids+0x79/0x200 [ 813.887001][T24845] ccid_get_builtin_ccids+0x79/0x200 [ 813.887055][T24845] dccp_feat_init+0x394/0x800 [ 813.887092][T24845] ? __pfx_dccp_feat_init+0x10/0x10 [ 813.887126][T24845] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 813.887172][T24845] ? lockdep_init_map_type+0x5c/0x280 [ 813.887205][T24845] ? do_init_timer+0xc9/0x110 [ 813.887246][T24845] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 813.887288][T24845] ? __pfx_dccp_delack_timer+0x10/0x10 [ 813.887334][T24845] dccp_init_sock+0x327/0x420 [ 813.887372][T24845] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 813.887409][T24845] dccp_v4_init_sock+0x1f/0xa0 [ 813.887443][T24845] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 813.887494][T24845] inet_create+0x936/0x1090 [ 813.887525][T24845] ? inet_create+0x93/0x1090 [ 813.887561][T24845] __sock_create+0x335/0x8d0 [ 813.887601][T24845] __sys_socket+0x14d/0x260 [ 813.887632][T24845] ? __pfx___sys_socket+0x10/0x10 [ 813.887665][T24845] ? rcu_is_watching+0x12/0xc0 [ 813.887711][T24845] __x64_sys_socket+0x72/0xb0 [ 813.887741][T24845] ? lockdep_hardirqs_on+0x7c/0x110 [ 813.887785][T24845] do_syscall_64+0xcd/0x260 [ 813.887834][T24845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.887867][T24845] RIP: 0033:0x7f02a4d8d169 [ 813.887892][T24845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 813.887923][T24845] RSP: 002b:00007f02a5bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 813.887954][T24845] RAX: ffffffffffffffda RBX: 00007f02a4fa5fa0 RCX: 00007f02a4d8d169 [ 813.887975][T24845] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 813.887993][T24845] RBP: 00007f02a4e0e990 R08: 0000000000000000 R09: 0000000000000000 [ 813.888011][T24845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 813.888029][T24845] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 813.888068][T24845] [ 814.194809][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.201249][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.422981][T15650] Bluetooth: hci4: command tx timeout [ 814.599334][ T12] bridge_slave_0: left allmulticast mode [ 814.608735][ T12] bridge_slave_0: left promiscuous mode [ 814.625104][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 816.192806][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 816.220137][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 816.235552][ T12] bond0 (unregistering): Released all slaves [ 816.498441][T15650] Bluetooth: hci4: command tx timeout [ 816.973332][ T12] hsr_slave_0: left promiscuous mode [ 816.981566][ T12] hsr_slave_1: left promiscuous mode [ 816.987853][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 817.003622][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 817.029354][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 817.042525][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 817.117880][ T12] veth1_macvtap: left promiscuous mode [ 817.133641][ T12] veth1_vlan: left promiscuous mode [ 817.143902][ T12] veth0_vlan: left promiscuous mode [ 817.824153][T25101] FAULT_INJECTION: forcing a failure. [ 817.824153][T25101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 817.888248][T25101] CPU: 0 UID: 0 PID: 25101 Comm: syz.1.2373 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 817.888293][T25101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 817.888312][T25101] Call Trace: [ 817.888325][T25101] [ 817.888337][T25101] dump_stack_lvl+0x16c/0x1f0 [ 817.888386][T25101] should_fail_ex+0x512/0x640 [ 817.888429][T25101] _copy_from_user+0x2e/0xd0 [ 817.888470][T25101] kstrtouint_from_user+0xd6/0x1d0 [ 817.888518][T25101] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 817.888565][T25101] ? __lock_acquire+0xaa4/0x1ba0 [ 817.888634][T25101] proc_fail_nth_write+0x83/0x250 [ 817.888679][T25101] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 817.888735][T25101] vfs_write+0x25c/0x1180 [ 817.888776][T25101] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 817.888825][T25101] ? __pfx___mutex_lock+0x10/0x10 [ 817.888871][T25101] ? __pfx_vfs_write+0x10/0x10 [ 817.888925][T25101] ? __fget_files+0x20e/0x3c0 [ 817.888982][T25101] ksys_write+0x12a/0x240 [ 817.889024][T25101] ? __pfx_ksys_write+0x10/0x10 [ 817.889063][T25101] ? rcu_is_watching+0x12/0xc0 [ 817.889122][T25101] do_syscall_64+0xcd/0x260 [ 817.889171][T25101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.889202][T25101] RIP: 0033:0x7f02a4d8bc1f [ 817.889225][T25101] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 817.889255][T25101] RSP: 002b:00007f02a5bfe030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 817.889283][T25101] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f02a4d8bc1f [ 817.889301][T25101] RDX: 0000000000000001 RSI: 00007f02a5bfe0a0 RDI: 0000000000000004 [ 817.889319][T25101] RBP: 00007f02a5bfe090 R08: 0000000000000000 R09: 0000000000000000 [ 817.889337][T25101] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 817.889354][T25101] R13: 0000000000000000 R14: 00007f02a4fa5fa0 R15: 00007ffe9421cb08 [ 817.889394][T25101] [ 818.578532][T15650] Bluetooth: hci4: command tx timeout [ 818.921605][ T12] team0 (unregistering): Port device team_slave_1 removed [ 818.972166][ T12] team0 (unregistering): Port device team_slave_0 removed [ 819.490183][T24689] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 819.566244][T24689] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 819.616531][T24689] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 819.651443][T24689] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 820.065541][T24689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 820.405953][T24689] 8021q: adding VLAN 0 to HW filter on device team0 [ 820.787224][T17794] bridge0: port 1(bridge_slave_0) entered blocking state [ 820.794437][T17794] bridge0: port 1(bridge_slave_0) entered forwarding state [ 820.835667][T17794] bridge0: port 2(bridge_slave_1) entered blocking state [ 820.843839][T17794] bridge0: port 2(bridge_slave_1) entered forwarding state [ 821.562477][T24689] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 821.740513][T24689] veth0_vlan: entered promiscuous mode [ 821.801343][T24689] veth1_vlan: entered promiscuous mode [ 821.897893][T24689] veth0_macvtap: entered promiscuous mode [ 821.969261][T24689] veth1_macvtap: entered promiscuous mode [ 822.014369][T24689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 822.046395][T24689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 822.077215][T24689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 822.098143][T24689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 822.138807][T24689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 822.159681][T24689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 822.189928][T24689] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 822.214767][T24689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 822.253170][T24689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 822.272052][T25277] FAULT_INJECTION: forcing a failure. [ 822.272052][T25277] name failslab, interval 1, probability 0, space 0, times 0 [ 822.279376][T24689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 822.308454][T25277] CPU: 1 UID: 0 PID: 25277 Comm: syz.1.2389 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 822.308501][T25277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 822.308521][T25277] Call Trace: [ 822.308532][T25277] [ 822.308543][T25277] dump_stack_lvl+0x16c/0x1f0 [ 822.308593][T25277] should_fail_ex+0x512/0x640 [ 822.308629][T25277] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 822.308681][T25277] should_failslab+0xc2/0x120 [ 822.308721][T25277] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 822.308771][T25277] ? ptlock_alloc+0x1f/0x70 [ 822.308819][T25277] ptlock_alloc+0x1f/0x70 [ 822.308860][T25277] pte_alloc_one+0x6d/0x380 [ 822.308903][T25277] __pte_alloc+0x6d/0x3c0 [ 822.308935][T25277] ? __pfx___pte_alloc+0x10/0x10 [ 822.308979][T25277] do_pte_missing+0x2925/0x3fb0 [ 822.309021][T25277] ? mtree_range_walk+0x718/0xc00 [ 822.309065][T25277] ? find_held_lock+0x2b/0x80 [ 822.309109][T25277] __handle_mm_fault+0x103d/0x2a40 [ 822.309165][T25277] ? __pfx___handle_mm_fault+0x10/0x10 [ 822.309244][T25277] handle_mm_fault+0x3fe/0xad0 [ 822.309296][T25277] __get_user_pages+0x771/0x36f0 [ 822.309347][T25277] ? __pfx_mt_find+0x10/0x10 [ 822.309397][T25277] ? __pfx___get_user_pages+0x10/0x10 [ 822.309454][T25277] populate_vma_page_range+0x278/0x3a0 [ 822.309499][T25277] ? __pfx_populate_vma_page_range+0x10/0x10 [ 822.309541][T25277] ? __pfx_find_vma_intersection+0x10/0x10 [ 822.309581][T25277] ? do_mmap+0x69c/0x11b0 [ 822.309622][T25277] __mm_populate+0x1d8/0x380 [ 822.309666][T25277] ? __pfx___mm_populate+0x10/0x10 [ 822.309718][T25277] ? up_write+0x1b2/0x520 [ 822.309756][T25277] vm_mmap_pgoff+0x362/0x450 [ 822.309798][T25277] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 822.309835][T25277] ? find_held_lock+0x2b/0x80 [ 822.309881][T25277] ? __x64_sys_futex+0x1e0/0x4c0 [ 822.309924][T25277] ? __x64_sys_futex+0x1e9/0x4c0 [ 822.309976][T25277] ksys_mmap_pgoff+0x7d/0x5c0 [ 822.310012][T25277] ? rcu_is_watching+0x12/0xc0 [ 822.310055][T25277] __x64_sys_mmap+0x125/0x190 [ 822.310096][T25277] do_syscall_64+0xcd/0x260 [ 822.310145][T25277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 822.310177][T25277] RIP: 0033:0x7f02a4d8d169 [ 822.310202][T25277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 822.310232][T25277] RSP: 002b:00007f02a5bdd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 822.310260][T25277] RAX: ffffffffffffffda RBX: 00007f02a4fa6080 RCX: 00007f02a4d8d169 [ 822.310280][T25277] RDX: 00000000000000b3 RSI: 0000000000040008 RDI: 0000000009000000 [ 822.310298][T25277] RBP: 00007f02a4e0e990 R08: 0000000000000005 R09: 0000000000028000 [ 822.310317][T25277] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 822.310335][T25277] R13: 0000000000000000 R14: 00007f02a4fa6080 R15: 00007ffe9421cb08 [ 822.310375][T25277] [ 822.320467][T24689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 822.665088][T24689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 822.675814][T24689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 822.739682][T24689] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 822.853691][T24689] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 822.885005][T24689] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 822.907373][T24689] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 822.920564][T24689] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 823.240884][ T6826] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 823.259869][ T6826] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 823.352744][ T6826] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 823.365597][ T6826] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 823.397038][T25302] FAULT_INJECTION: forcing a failure. [ 823.397038][T25302] name failslab, interval 1, probability 0, space 0, times 0 [ 823.417524][T25302] CPU: 1 UID: 0 PID: 25302 Comm: syz.3.2398 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 823.417569][T25302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 823.417588][T25302] Call Trace: [ 823.417598][T25302] [ 823.417610][T25302] dump_stack_lvl+0x16c/0x1f0 [ 823.417659][T25302] should_fail_ex+0x512/0x640 [ 823.417702][T25302] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 823.417756][T25302] should_failslab+0xc2/0x120 [ 823.417787][T25302] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 823.417836][T25302] ? ptlock_alloc+0x1f/0x70 [ 823.417884][T25302] ptlock_alloc+0x1f/0x70 [ 823.417926][T25302] pte_alloc_one+0x6d/0x380 [ 823.417968][T25302] do_pte_missing+0x1c0b/0x3fb0 [ 823.418013][T25302] ? do_raw_spin_unlock+0x172/0x230 [ 823.418053][T25302] ? __pmd_alloc+0x3c2/0x870 [ 823.418098][T25302] ? find_held_lock+0x2b/0x80 [ 823.418139][T25302] __handle_mm_fault+0x103d/0x2a40 [ 823.418193][T25302] ? __pfx___handle_mm_fault+0x10/0x10 [ 823.418259][T25302] ? find_vma+0xbf/0x140 [ 823.418290][T25302] ? __pfx_find_vma+0x10/0x10 [ 823.418334][T25302] handle_mm_fault+0x3fe/0xad0 [ 823.418381][T25302] do_user_addr_fault+0x7a6/0x1370 [ 823.418417][T25302] ? do_syscall_64+0xcd/0x260 [ 823.418463][T25302] ? rcu_is_watching+0x12/0xc0 [ 823.418504][T25302] exc_page_fault+0x5c/0xc0 [ 823.418547][T25302] asm_exc_page_fault+0x26/0x30 [ 823.418577][T25302] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 823.418613][T25302] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 823.418641][T25302] RSP: 0018:ffffc9000507fb00 EFLAGS: 00050202 [ 823.418664][T25302] RAX: 0000000000000001 RBX: 0000000000000008 RCX: 0000000000000078 [ 823.418690][T25302] RDX: fffff52000a0ff89 RSI: 0000000000000008 RDI: ffffc9000507fbd0 [ 823.418709][T25302] RBP: 0000000000000078 R08: 0000000000000001 R09: fffff52000a0ff88 [ 823.418728][T25302] R10: ffffc9000507fc47 R11: 0000000000000000 R12: 0000000000000000 [ 823.418748][T25302] R13: ffffc9000507fbd0 R14: 00000000ffffffea R15: ffff888028aa7380 [ 823.418789][T25302] _copy_from_user+0x98/0xd0 [ 823.418828][T25302] inet_ioctl+0x31c/0x3f0 [ 823.418879][T25302] ? __pfx_inet_ioctl+0x10/0x10 [ 823.418948][T25302] ? tomoyo_path_number_perm+0x18d/0x580 [ 823.418990][T25302] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 823.419026][T25302] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 823.419063][T25302] sock_do_ioctl+0x115/0x280 [ 823.419113][T25302] ? __pfx_sock_do_ioctl+0x10/0x10 [ 823.419184][T25302] sock_ioctl+0x227/0x6b0 [ 823.419214][T25302] ? __pfx_sock_ioctl+0x10/0x10 [ 823.419241][T25302] ? hook_file_ioctl_common+0x145/0x410 [ 823.419294][T25302] ? __pfx_sock_ioctl+0x10/0x10 [ 823.419327][T25302] __x64_sys_ioctl+0x190/0x200 [ 823.419369][T25302] do_syscall_64+0xcd/0x260 [ 823.419417][T25302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.419446][T25302] RIP: 0033:0x7fb1fbd8d169 [ 823.419469][T25302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 823.419497][T25302] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 823.419524][T25302] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 823.419544][T25302] RDX: 0000000000000008 RSI: 000000000000890c RDI: 0000000000000001 [ 823.419560][T25302] RBP: 00007fb1fcc87090 R08: 0000000000000000 R09: 0000000000000000 [ 823.419577][T25302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 823.419595][T25302] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 823.419632][T25302] [ 824.189113][T25317] ================================================================== [ 824.197253][T25317] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340 [ 824.205241][T25317] Read of size 8 at addr ffff888035e81000 by task syz.3.2402/25317 [ 824.213187][T25317] [ 824.215558][T25317] CPU: 1 UID: 0 PID: 25317 Comm: syz.3.2402 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 824.215602][T25317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 824.215623][T25317] Call Trace: [ 824.215634][T25317] [ 824.215646][T25317] dump_stack_lvl+0x116/0x1f0 [ 824.215700][T25317] print_report+0xc3/0x670 [ 824.215752][T25317] ? __virt_addr_valid+0x5e/0x590 [ 824.215802][T25317] ? __phys_addr+0xc6/0x150 [ 824.215861][T25317] ? force_devcd_write+0x312/0x340 [ 824.215892][T25317] kasan_report+0xe0/0x110 [ 824.215921][T25317] ? force_devcd_write+0x312/0x340 [ 824.215954][T25317] force_devcd_write+0x312/0x340 [ 824.215986][T25317] ? __pfx_force_devcd_write+0x10/0x10 [ 824.216017][T25317] ? __debugfs_file_get+0x1fe/0x840 [ 824.216050][T25317] ? __pfx___debugfs_file_get+0x10/0x10 [ 824.216089][T25317] full_proxy_write+0x13c/0x200 [ 824.216124][T25317] vfs_write+0x25c/0x1180 [ 824.216166][T25317] ? __pfx_full_proxy_write+0x10/0x10 [ 824.216202][T25317] ? __pfx___mutex_lock+0x10/0x10 [ 824.216251][T25317] ? __pfx_vfs_write+0x10/0x10 [ 824.216299][T25317] ? __fget_files+0x20e/0x3c0 [ 824.216350][T25317] ksys_write+0x12a/0x240 [ 824.216394][T25317] ? __pfx_ksys_write+0x10/0x10 [ 824.216436][T25317] ? rcu_is_watching+0x12/0xc0 [ 824.216482][T25317] do_syscall_64+0xcd/0x260 [ 824.216541][T25317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 824.216574][T25317] RIP: 0033:0x7fb1fbd8d169 [ 824.216599][T25317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 824.216630][T25317] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 824.216659][T25317] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 824.216680][T25317] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 824.216697][T25317] RBP: 00007fb1fbe0e990 R08: 0000000000000000 R09: 0000000000000000 [ 824.216716][T25317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 824.216735][T25317] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 824.216764][T25317] [ 824.216775][T25317] [ 824.431164][T25317] Allocated by task 5838: [ 824.435529][T25317] kasan_save_stack+0x33/0x60 [ 824.440274][T25317] kasan_save_track+0x14/0x30 [ 824.445017][T25317] __kasan_kmalloc+0xaa/0xb0 [ 824.449691][T25317] vhci_open+0x4c/0x430 [ 824.453886][T25317] misc_open+0x35a/0x420 [ 824.458181][T25317] chrdev_open+0x231/0x6a0 [ 824.462668][T25317] do_dentry_open+0x741/0x1c10 [ 824.467487][T25317] vfs_open+0x82/0x3f0 [ 824.471606][T25317] path_openat+0x1e5e/0x2d40 [ 824.476251][T25317] do_filp_open+0x20b/0x470 [ 824.480818][T25317] do_sys_openat2+0x11b/0x1d0 [ 824.485552][T25317] __x64_sys_openat+0x174/0x210 [ 824.490457][T25317] do_syscall_64+0xcd/0x260 [ 824.495025][T25317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 824.500962][T25317] [ 824.503311][T25317] Freed by task 13848: [ 824.507406][T25317] kasan_save_stack+0x33/0x60 [ 824.512143][T25317] kasan_save_track+0x14/0x30 [ 824.516892][T25317] kasan_save_free_info+0x3b/0x60 [ 824.521976][T25317] __kasan_slab_free+0x51/0x70 [ 824.526799][T25317] kfree+0x2b6/0x4d0 [ 824.530747][T25317] vhci_release+0xbb/0xf0 [ 824.535158][T25317] __fput+0x3ff/0xb70 [ 824.539186][T25317] task_work_run+0x14d/0x240 [ 824.543828][T25317] do_exit+0xafb/0x2c30 [ 824.548046][T25317] do_group_exit+0xd3/0x2a0 [ 824.552613][T25317] get_signal+0x2673/0x26d0 [ 824.557168][T25317] arch_do_signal_or_restart+0x8f/0x7d0 [ 824.562775][T25317] syscall_exit_to_user_mode+0x150/0x2a0 [ 824.568466][T25317] do_syscall_64+0xda/0x260 [ 824.573080][T25317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 824.579016][T25317] [ 824.581384][T25317] The buggy address belongs to the object at ffff888035e81000 [ 824.581384][T25317] which belongs to the cache kmalloc-1k of size 1024 [ 824.595484][T25317] The buggy address is located 0 bytes inside of [ 824.595484][T25317] freed 1024-byte region [ffff888035e81000, ffff888035e81400) [ 824.609256][T25317] [ 824.611610][T25317] The buggy address belongs to the physical page: [ 824.618053][T25317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x35e80 [ 824.626894][T25317] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 824.635439][T25317] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 824.643033][T25317] page_type: f5(slab) [ 824.647066][T25317] raw: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122 [ 824.655697][T25317] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 824.664337][T25317] head: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122 [ 824.673151][T25317] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 824.681873][T25317] head: 00fff00000000003 ffffea0000d7a001 00000000ffffffff 00000000ffffffff [ 824.690595][T25317] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 824.699301][T25317] page dumped because: kasan: bad access detected [ 824.705753][T25317] page_owner tracks the page as allocated [ 824.711512][T25317] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 36181305714, free_ts 0 [ 824.731321][T25317] post_alloc_hook+0x181/0x1b0 [ 824.736169][T25317] get_page_from_freelist+0x1193/0x39b0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 824.741781][T25317] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 824.747740][T25317] alloc_pages_mpol+0x1fb/0x550 [ 824.752641][T25317] new_slab+0x23c/0x330 [ 824.756856][T25317] ___slab_alloc+0xd9c/0x1940 [ 824.761590][T25317] __slab_alloc.constprop.0+0x56/0xb0 [ 824.767024][T25317] __kmalloc_noprof+0x2f2/0x510 [ 824.771933][T25317] __alloc_workqueue+0xd5c/0x1810 [ 824.777015][T25317] alloc_workqueue+0xd2/0x200 [ 824.781745][T25317] fscrypt_init+0x62/0x150 [ 824.786189][T25317] do_one_initcall+0x120/0x6e0 [ 824.790980][T25317] kernel_init_freeable+0x5c2/0x900 [ 824.796218][T25317] kernel_init+0x1c/0x2b0 [ 824.800566][T25317] ret_from_fork+0x45/0x80 [ 824.805001][T25317] ret_from_fork_asm+0x1a/0x30 [ 824.809796][T25317] page_owner free stack trace missing [ 824.815175][T25317] [ 824.817513][T25317] Memory state around the buggy address: [ 824.823152][T25317] ffff888035e80f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 824.831225][T25317] ffff888035e80f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 824.839297][T25317] >ffff888035e81000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 824.847366][T25317] ^ [ 824.851456][T25317] ffff888035e81080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 824.859552][T25317] ffff888035e81100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 824.867625][T25317] ================================================================== [ 824.963177][T25317] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 824.970452][T25317] CPU: 0 UID: 0 PID: 25317 Comm: syz.3.2402 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 824.982566][T25317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 824.992655][T25317] Call Trace: [ 824.995949][T25317] [ 824.998895][T25317] dump_stack_lvl+0x3d/0x1f0 [ 825.003521][T25317] panic+0x71c/0x800 [ 825.007433][T25317] ? __pfx_panic+0x10/0x10 [ 825.011864][T25317] ? mark_held_locks+0x49/0x80 [ 825.016663][T25317] ? preempt_schedule_thunk+0x16/0x30 [ 825.022055][T25317] ? force_devcd_write+0x312/0x340 [ 825.027189][T25317] ? preempt_schedule_common+0x44/0xc0 [ 825.032677][T25317] ? force_devcd_write+0x312/0x340 [ 825.037805][T25317] check_panic_on_warn+0xab/0xb0 [ 825.042793][T25317] end_report+0x107/0x170 [ 825.047156][T25317] kasan_report+0xee/0x110 [ 825.051596][T25317] ? force_devcd_write+0x312/0x340 [ 825.056731][T25317] force_devcd_write+0x312/0x340 [ 825.061692][T25317] ? __pfx_force_devcd_write+0x10/0x10 [ 825.067193][T25317] ? __debugfs_file_get+0x1fe/0x840 [ 825.072414][T25317] ? __pfx___debugfs_file_get+0x10/0x10 [ 825.078009][T25317] full_proxy_write+0x13c/0x200 [ 825.082883][T25317] vfs_write+0x25c/0x1180 [ 825.087241][T25317] ? __pfx_full_proxy_write+0x10/0x10 [ 825.092644][T25317] ? __pfx___mutex_lock+0x10/0x10 [ 825.097714][T25317] ? __pfx_vfs_write+0x10/0x10 [ 825.102513][T25317] ? __fget_files+0x20e/0x3c0 [ 825.107224][T25317] ksys_write+0x12a/0x240 [ 825.111586][T25317] ? __pfx_ksys_write+0x10/0x10 [ 825.116504][T25317] ? rcu_is_watching+0x12/0xc0 [ 825.121300][T25317] do_syscall_64+0xcd/0x260 [ 825.125836][T25317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 825.131759][T25317] RIP: 0033:0x7fb1fbd8d169 [ 825.136190][T25317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 825.155821][T25317] RSP: 002b:00007fb1fcc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 825.164272][T25317] RAX: ffffffffffffffda RBX: 00007fb1fbfa5fa0 RCX: 00007fb1fbd8d169 [ 825.172278][T25317] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 825.180276][T25317] RBP: 00007fb1fbe0e990 R08: 0000000000000000 R09: 0000000000000000 [ 825.188267][T25317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 825.196251][T25317] R13: 0000000000000000 R14: 00007fb1fbfa5fa0 R15: 00007fff8087c928 [ 825.204269][T25317] [ 825.207714][T25317] Kernel Offset: disabled [ 825.212050][T25317] Rebooting in 86400 seconds..