last executing test programs: 8.249307663s ago: executing program 3 (id=864): mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip_tables_targets\x00', 0x22400, 0x0) r0 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) preadv$auto(r0, &(0x7f0000000100)={&(0x7f0000000040), 0x82}, 0x8, 0xe637, 0x6) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000005f80)=ANY=[@ANYBLOB="f0220000", @ANYRES16=r2, @ANYBLOB="1b0026bd7400fddbdf250300000004000800c0220380bc221780040001800c001b000400000000000000a722d480100001800400258008002900", @ANYRES32, @ANYBLOB="a4d00fcc37d29855ac31e1ad82061b364fc67d3c72c245b7d92215cc8c527a2c6225d797853501fadf8aa7d255acee707dfe29dfa72bf1da04164167ce990f2644e79b2a622ace73fde36d17cb9d7f5197078f8b35e7ffdf7cf489fef24e41782b1ee8c44bef0bca1d35fcfd2be47480bb2589f89b0646762402a3bb5b51d497c8ac855b43c7fc03e91954c43cf5b2feef415e29c36c279f5a632e606dd585bdace6cf50006f45a169d38a572c303bb3df929e9f5bbba52d93fefec2b88c6ecce31dfe6fda4823c0e4a8a745bcfaf1b0de56d1a06ed868a44f51738a43c475ccc46f46f833245ff56308a4a98c507fb7d68288af8bf1a90ed7127a6d65cb31b96b4fde91abbdc36e63bd4c978389e58c96846eb340d4d3fcd135fcb165ba1c05f85cd68698e60fd5821634656055c4024bd23eae7c6db9e7182f809d1003605b30c4701cd94b874101fd767665c0ab9b4042f07f6280352b8f3a08f7e5b6080fc5eacbfddecd2b58df1712be3b46a81f35521530f22df4aec337922956e62f4d0bcbcf33977533ad93e6400ffc53b111933fb6867eecda5cae8a52a19d0e1a34d910456d9bae2396a6ff169af0e067f63bd442988f95d3537d1ce4cb01f8b5df9da62bb2d3778720be75182507588a1b49f28d9f7cc70035cfb767b70b973fb4c45a9787646c5ae92ac5e31d6660a151bfa31a6e53155df80e5b7795be24da9805068b43e5649166c58ce0f850e597139d9259184be38b8a98b8226b147b3729a209b9ae84b03154679e69a902704ca79a3e9d8bb766cf935c06fa5fc2f2fb66b82c621e4915e6621139c432f0723c7ee14f42ba5d12b7599f841e6eb7a3554f6c4f0f2752fad5e25c71e78bfd00ed58d543263dbf2385047af4e39f11b6720a450ce99b65f427d4396a0ae8d64456ac4c34aa765f895037c4d54e0ea90c79f6f92f6a19b14d5fd7401ba11e3f1c60b13c699c7b559a8da08a2ffe09e83158931423998e879a60f0887a1a0fb075797105279ec7b81aeeab2261307477dbef52c7ce4ed16778caea4f237ca4adbd962ef622835bf38b0cb54c582550f2eb1d4d378ef31ade98b7c7cc99b3a4c6f9d8b92aa4a6e7fe8b912464c44f9884beb27b319c0234616ea36f323ffede65062c157f73aa2787ed5480a6db29ac6d773c1117e136d0af175b329c01af86b041aad2e940dbee10f324bd748ca62afd222ca7cec0e0ee7821801b16eb1ba1f89d30ebd3da0350fb26f7a71858234d461906e5b4acc9be24cff9071aaf5a43f5d5b8bddc84bb66081fdb4003b9081beb36a08771bd5083c2e6cb51353b4bb3ce54a7ba39e9aecd99e778ef12481287d4472b259b07667a4880f36cb79dee3a5090518de62a538bbb7c4923281ba371f6e0c3843cd45a363decc8819262712dc728ed82927e54cdbd41d57874a1c519b3c7f16f3f3b901f091722b2b463f215315ae259217a2683afb1eb34e3b065b49d7bd976605657795e85ab509a7de956f10fd9fb6ebf3b7efb62a472279af70976a4bbf07017fa0e94e1d67e458af88f0c0fc8fbb4315089e50c0f6a8d14966eab8adab0d87484c152a25ae94a5584f7109535ca3a27d92cd103ab19d33857301d30c6d2f58d8987002d7a5f46810225be92c1a12351378025f362550e150f1c36f13b71ea3fa3057cef82ed79c8ecf88e28b581d6b377ae96793f6bd654a9025724a4140a481101c76fc9d560fad40f87c19f0068c245259dcd856d619a3dfff0c29a969ad0c6b980e250838e33037ab54d8c0fb9e74abac08d248c56e0711a39401fe7b2fd98061a1d19159416c0043513792dd8dbb6e6ba96b8ade2b26ddb478aeef67cbb08ae1d0fa274affec0162a16ecde9dfe1e0f944c31ceb1caf16032e062a1c9bc90a2f7c54cf396a33ea4c60cd3b113f472ee9aa19623d76bdaeb7b2a5c008aa84b2e229cd4db0441b85c67834405547e5b824de4c7bfad99ed09b6c21067663d5b3a9b7472de59d117bd364a4646469fb5107554ad213b6f2d6f9cfaa4d8825a22e7988126ff56bd9bbf5ee0c324b2c52eb3f8a0adf77920f2ea1bbad08342b7a2f0cf16945656f2f6a29f870f78ee0e990d27bf17e22e83481a298ea753ac318169f596d5a01dbcde32d5a980771a5636ced85b23543d964eefb056d4fecd096a0da08cdf59c8a194406ee1fb58d060ca32ed920c2b5ea79d954b613915353f55ff66ad036f4bd1ecbe6b9818d421d046c42a6733cb8f536fb7f6ed9b28b2f8355bfc5ccdc33123f7b9891f63f5201e894de4cc3ec0945bbdf16cb87c13eca4137b06bc534b87ca800c465d837e7bb02bfbe00dd1b78c6af555d741f9a45cabf8ba08f834613c96efde198fbd7f27a2bb579c3fe79a7850db8d61f13bb65d41ad49f14bd3f3ab34ff3a7f64f65809d2e408f4a7ecb413ed2c474a39909b9936878156528af74cfe17027f50840bab1be373f37b2f688fae2214d2665a04057896993aa21e5d6330a806adea30cba5e4b2a65d58ece3b52cd91423101a6ab6bd5bb3be5b499c1c298fdc1765d8aab245b80186e0f7b5ae72a3eb6413f505a0e16191a1b7686d2633b72556eb62a1d77a65f3cdec1b650a88d0dd80062fb2a4e789c6a77beac1ff93cd250583fd540ffdb2f6e820e924a4a23d31faa80615f2b924a46bfde2d3d7555ff205e6e655eea38ace12be6936fef4a5c79634540039845f490b838180b64d801f6bc41f96a37abb8c0639c7e62b2ef722bf7b31863bb745b31de9337d3eb7f5a29a35a24eabd03047ea886eab5e861f7a64db658101550106a5c883f0f5cb4993ca8e3fe41af5b8d5651d1237913907cdc490b8eb4807567fe866598839a66b585e18aca0a4ba880beee7c35acd91a0450151c3b226c7cb4a27835743a151ec37f5e635cd30e47154546b52c2bd0f13aa97e7e81a62543587171b374da8a4144373738be41339ee8951b99996f16e4de0b3fe3f0fd359e35a8aa38d3821e9bba587017d4a09dbb66222cacf27574e827d7bd981ca5e7a0a5382c87ab1c538e2ac12f500d755384dc5377729417a74eaab543efb1b9444a3f16b162eb507ebb21060af0976d080488ab03e4f11d32504770d06ecd18ed9d5b7e8d4fdf80923e88042237052a5c50529805baac7d9fba9625a17488ff3be4c36043ed3f575de9265d8e85ae0322c51e2137680105bea2121d4c4339b9012afc1cd997e4ece8018205d820fdf8d035ef3bfcf01d2d91534cd4999cf0ae152047a56c2da6e8ecccb1faaf8a9cd850acfbff213376a30cd9837718582cf03b866c7a7de639ec1d51293fb1bf2943546c828034783c6fccab8e6a9cd78915ca9d3292b7017fdc69a74facbe3c9e4f386ff41b276874265fafddeb6a16c3407648f75bd6c67ec51e72a9ae25384330f167b9134797d2823692446c007fba1b9d84e8dc99fe54f7431994197b6e0d395f93770de967c383dd8c833179062ae5e5947ef059b004ea4a04b09fa0a5bfccf41cfbed8d2f9a19b4754e2284939620bca697026622f811c39eeae48416c37327d8c5ff56e75d2ea1ba6299a2ce8936491765d6595f7365ddc0a8ce5f45ad7154b9eb6fa9580aa7dc6a3d89c8f084b97d2b67bdcf24d3f8acfb7ce02ece87ada129aef02c46d38f4ae472ffa0f79aa238711748775042d367a6163c6b06a9cc4bc8dcbe4b916f4d8c8a3d724b3073a9b8bc5b08e5cd0bd6d672316ff556e1c4be4b4c110eecae48e66df754b8f96efacbed127c509ba29945232f3c5ec6e9d1979b9e3e10f2e24fc6591c282cb6ee687459e93ad6bc726cc38ac98ba4bec0edba8619f466335d6bdc2114d3fd6c5b32c7954c1146bcf9d21f87e503594da6b8a14bb6ab9d5c3579c271ec6e37cd5ba76d99451865283beda7ef467d72920b01ff7dca0e84fa4a9f507e543ed435d017bd66f087523237dbd9c2c07d8a4a2b814ac1b279bb4a6cb5c62531893d2c6e9b0eb03878af78e8acd6546e5fc0ce2ae119dfc36d786ba273b333112e54b7bdb3927489e2ed6b9e31786141f1854efabd7746925eb07866018579c3627f94bfbae737d5b656308e575f1e900593493953ef97f84808f2fa9d2a2346db0ce60506e505f0a83eb5c59b15985896ef55c1cfa7b7ec33bfd74ebf72d89a47948bb72557f4160c144adeffa0ef88cdd745fa32d4f6da1da3132c3f0841e566633dc48b8aed18c105d60fb7032bcdd3109bbb93a2cbb06389bae34981fd735f1a1c8e2d0198a78d621c2143ec7c1011a68afe5d0f16bc8ca047aa728fec5b46fd2cada886d84a540cd9f19da8f487cf9cd17f2fbb3464d9ff15c615686d043973a5200125b9c20c29b024b6ca76b4e23efce952a7fa9db5a839929d122486f2e356fed787a0e22990607d7602ae279535282ae59c6863e0ca3a9a3febeb0ae4b00e8543c4dd2cebae23ee33c22e4822a82d161474d2978f0e50d85ab18c9859062802b68f5755b77cecfb9798a70375998493b62093f62cff1245007f8898098e7a080a30bf005393f2aab6658904f54e4e47f2ee34a261ad73886b89de51d40e5affb2ff200fcfeaaee9f2a139b1eacd44f282d6d70e27bda42ee624fa8086cc8f967770b538010f3c44286cb139d22603fe15b89fc6b880546be79d08943cd884f372a6f851833912a46dfd5967fff5be1a582ea0dca0975a45cdcecdc8752bf81446c4f755bb86e8f7e5ad4d606d772a6dc15cec556f686f39f728a6e4fcaf8a9446fbfd02f2edd4273a7c6891f984fe58ee5551bf7723eb0fdde456dcfbdb053fe84c8cefb62302166402ac58952eeb9fc0158756d8361ae9a458f3b7854f06c814d4bd5b4707f6fdbebf2fdc692721091c9642c4de231f50aecaa9c5682d5748262aba76d3989d43cd71b17a1d5889277f50d31db0dc09f4202028fb749a0df93f3ac3fb08922bcae77a29e3f52d47aeef4ae77808c2d54c1415f804ced0c25be788c78f4ced734f347e8d816fdc9e5f4e3f5cf8f7d84debb6f0f6f8ce5ddd395609ceabdb036f440cd725c67b82d2c7c8798105f4966551acbfe2bfdb2dca3995454771e286970148e99ca0e910e78bb702755aef666a2289e310ac8a8a05476f59f469b77b89a3266338c88b77ade7a36da879b33a8856b726c7af8f263296efc69fb5cc511588b8c26c1669cd5a34eb2cb156dedbe9177ed116d5dc4a5eecb589d79380985ac1a41b1de5e6723859700f6262f3809a841fd33612cfb0160890cd787c654e9085535ce23efa90584cd48e8e9b411e22dd2fa88ca63a1beddcfc5c7dbebbe4ba3dc65e785b93a1a0226e01d24309597a867c641272ea1d200e2e46a0aee4f5ce7cd4bb296dae4364787c7b8ee47e5f3283becd06971fd9d4a88ffd3fb09cea72f4414005fc370c95d0278abc20494e8bcadddb3909d4c68285c6e88940f0a38067f2e671dd7d10204d006c437f2f96b57d36436a137d68a75f0c7c4a865a1bba929f3b1cf2c29e782affff20bcfa0bd761402ef77591106b108e9bbf2bb2d5def644109ec7a54d409ac580a3404d1696e347769ae14261d19109d2726cedc7d3deb4bc41745cf6a8204991ef36fbefc251fa5af01a8571067f456d125550d7b7d50078753fa7be19045de27cff90504e7e69ba29ee1a0fc03089617e44be432496efdc0111d515bbbde273a355f4d6de5e96ba05fd9aaa69b4f71b6d194af0572945ac407b9a1b263c94611b7ec204467d478e70918af59b8aa336f2527d0ba2fff5703713ef990153f9630af08c96ee93247a3b7a964505c514c265196334f7bf2e271c7571d0ae608213c5ffa47deafb30ae4f6c17d5d7eb805ca2d5e9fbb3c4d9f01bb7e59e6975325ea7f761939623eb40afc7ce34ce9afbb0595fe43875e572f863d8239a0fa1b3c218278ba636c069f56f712117f800400d4801d357fa5dc1d568cc0e523e078a4e0ba6b27592f8b523238b822358a9ecfde6c59fd92e7efbc8280465ea5508cafd983940b5d8f730d5c093ab6434bb6d4ac85d20a75a9367f6a1ed5c24026137ca0733ee4f988269b49fec6fc2f3d9c4598e6099e574770c7bcf003bb013c6fa1cdd80bd6289a9ca29bd7b21d332701921c233609fe8c2a87216713fdd660db07721c6e536d4a4e19cc5df1c366773d6ed2e7f1e3ceb95d7477aa94b471a93b8715d5587d242d46fa758a98402b7e89354bc69ef8f2684b6f24ae4a3d4b447e2de1a022cd1ac48b197e67fff48e0fed44a4c143dcf617fca398ae9af1c1350926742702a7218044d8a25bc8742138c221c8c415e1346f794ec9988fa14fe05877d8dea8988dec82b6a767d3e06aafaf5b299e6d317bca8b4abfd43e745ac19999b7ecf728f8a9fcd41a6751a997e3dd55fd799207ddbb712f58cf53e9defb7a614f4861f5fb97afed3f4445c0327010313b0a182dd69cf256d76424936d6beef3851ba74ef81bb66be44b471a9770c7dd10bd0f353e417d77af213cbd1877680768526c8aea993eb96eb8b587163cd169db3856b6ef78a507985fb5e9f43f6796f7566313217c304b46183bf04d3f01f69ce5f8a52d048d39f1f9d5b1f95a73975828f2bf4fe163a7db538bdaafddea6a91b64c0b2fd1418affdbb9adacea5b14963bf59257e9fa6d6befcca5d8ca5746856e6fe156d58a28cf63d825f3da3d8d4e2763d01e810f7a0948f27638a30543f74ff7e2fbcca18cb3234b20c9196bb5f027e1f590d3fa1288410dde6e76fdbb1b2fa75a95ff4853cc88c45279bf404a977b76604954fa94ce325a8bdcb418b0e0f4247f4b8757951120bce9a0ecdb378b6a956b5f0f54158b6103f371dac4eb866c0a64d17862151035d8f6f41b05d23b9f311c91487b33bbfbd711699d49737d1289ecf4086e01f995cc3128897ab663635ff100ee3fa237d5fbfb82da4905ee3ec62acf117feb4d8287dcbe254bd71e36819b4105b6ab6d18fa68ce1c917c95e55279e1b6f4607e3b2e924dcc4b3dd7dc0566d78cc305f07618278094dc3ee34f986a09027daedf142b53baae22d56ab3b46a56e06dcb544ded0d71b978367fb772d3f5cccb4cc64ec61f58d9c6d25dbcdb117a227b1ff4b218d92fb75e0f773403d80c8c7792c12233ce14779c72e21dd6c9dbd9d7eaae95fde58a3ce0090fad5daacfc3a3c42c5ed3a96c352cf18f898cb26bcd3efffde5002699504705d5f99c1136eb5913e9c9d55db50b737bd87d94030dcd4d7c7c62de6fdad170034ccda60ed70378d4030fe4b60de4ff98bbdf078483a4f6ae453e55fea138bbb6c07c91368df34416075b68696670cecf20968dbf46867d6436949d1f4d86025b952e6cc0dcbe7c66ccaad613df3624facf016f3d121f6f631834c344ce1e3527762e93f4df7d945b64a65f0d67e72bd3954663bae63a4dc4c71a057893bba4bfba6258e26ee31a5fc52affe668e451d05e7176c1b45874a79f512975fc42435889aac70ae2bcac7afaad60c5c48accf44b6cc75bc206fae2828dc70c996bbd22e152ff2d9e6502a64e86bbf1c0c8c92f30737e7c2bde3eac0c1ed40b4c71782340876b887e0c5af1224805ca400506382cb7ee2ce430fee255f7a843d4b3c68fab7fd829025620190540b5572f1b1c087ec32ef063d29746075d9ac06a2694e08cdf5e530cdb3a08cf0228f6ea7d70462156e8f146e208cf780a4fda432b5b543b2bfa5e37a89c8e990f8b913a52583efac64bfd0858f13861a4bc3fb029a9a20c59ee6446812069f8e566ebce49d4998bd61f94e31e20cb3060a1e1e7b1ec19125b7133cc66269a474ef7c39ede93c3f53cfd99e8258e8878bf93cd03f961e6b6b1eb5877a9b9f3e2cde4764148801b348f119f97a5c29df013d5e059a0c9af44e4d6d15d3fb5d9f6ade181babb4127d595bc550d0c3157f43b942cab38ff49e6a2477348f72b04fbd23e2ce41344d6df1b98e6aaf92c4fa43b2234829f157d6c3090fbb95bc2bf0489c6bdbb7025a9ad8149b303da40ceae02263f9410242cb5dc6dfeb30696c3a5da0607f6961723691992ca214bda37edd029c2463282463fbd671edda0f6f2994d6804e5b7a734d1d02e082c852518f0787e6563ab55a50ca1d52300802cf447455bc923b0c1658114de71083d3066a84ee3072489ff94161d0dad872734272699c90752b5800db0a01bb7ba49cb5c2fe56d4549a13928f161fcd958648b5b334ed3730427f431e825eefe77e70cd227a512b394776ff749c884f01d2b00264350203cc785745ef6a89ebd0bab047cf4fb26743d5e7afb892d782b38286cf682f322fc11fc095dbb5d63fbccbd9fcb5625483a6f286bce80a7267aa3577326fc0401e7bf4e9360e9338c5202b33d454ccc955f29789206fbacafe81906808e5569f3e6085e3f54a0335899ddf1b3a2e279e653786eba58aad5a210d67b3dfd80f29b6ac74d6aaffe2eea4c4edb824cea41913cb7ab4652b4aaf9315e4c9e2a59a5d0ad8080b3d4683a9138f598c73452e206c5efb8904e45e067ea4d4345ff69d044ce8595d021eafe0e539090f6ac3276730d33ae09bb38aafe526056d7656bba76a898a2df34ee3c5f05314a9ced00ef8e849caeca008ad6893580985005b78d91e0fc6911fbcd695c670f3df63087e53207eeb49e86ba67db6a2431464bcbebbfc452d021703787c76050c7b0e4b615c025f673e3bf0fa6b5dba585b081993b9b8a82ef439f5d9247bd1f65f4643ad2e45a8788fed844c004ea92b78d34f22d4d4f1b6aa0679cb801bcf44a5d75cae9969e1f07a726f7e7a7a19108f6af7520a6cb66bd459a7442bb4c0a02cae139a3271d09dccad6e08e29a3a8119a86d5b0fe4dacdc54f4d4fd5dfd0c9e1b4d2d80e564bda4ad69b1d638453f8b5b6c0e58e9fc5c07dcf968d7aa8836277a32cf92938b0007db0fde521cebf3868290fa9a7a58c4dae2db8b67b32bd7856fc8ddea1fda53ee47ebd6c45f60865e3ee3325bb9b1345e134c1469489272b0fff8539a95b66afcfd2718da17e48e43651dc951ed84bd6ec14f26d51f96b4ef8e7530393009658cf813d2346020c5dc23e4338988c54ceaa4cbe4fea52dc2b257d827abee3002f2e68c68e28264e81f8c38b55a0facdffce7f480e37e10959634813019a18aae9565299514e43ae56141df68ece6a79b286562835be3735e30d34cd4bd5b15f3d28bc6429abc5fa37e29c7e63a8ae66c9d3cb30a6ce12b56e556e7526b1027c53fe350a183e576038d2d70b62166edc2fdf94d9c096f1636f32e3ee6f5ac616b175f86cf0ae881037324fb256bfc5ad86ab7d93ec89e6bc775d36cd18cd732040b2d96858599117776afc86dad98a05a07c2b02668fd55f84e9290c53921a96ac4ac582c7b5495d5b7b068c997681a4c3a1de826262ea77485f098933d5f2032c72af9fa25287fec8c54fa30a7e1c8ab45c0e7503239926a62c924d3c10d257317eb2fa26e3325c513b70e66b98cea9914edb4f5c44991a2de50131de762fd617e82a25c5c4da241dce2ff6df0def45acf069db15d7435029645f8f52911dd1a7ee87509383688f80fb26c876f48de053672e9588957dcc498e3639acb95126f6b7581740e5673e3e41a4914a0bb2b9265a77f09a240dac16102f75a4cc086f56a23f13443aa011e2ca2a35f8dc0131fb0b2d4c98b56f384ce555e9e4c880636a2409768676c467c61fca91dd0d9840f59000294e383a5b093c3dd4853125545077073865fad3ce054bba1e9ae357db046be1430d7038abd50ea80fb5c236922274afc3a4312212ef715eb330d9624fb14a2b660ad5000045b5432e4508235b7f33096abaf93c0f1a846fc808d73428387630098ea00a5d6c50b0ba9fc6ff6e7973c058f0ca9d7d507fb19650a6c206c22cea9777bf20291d05213399ef9438053e2d8d1117d3a12267a78817dee5ec7bf49cd73ae66f93a50e8d91876a04bd0ecc3dacbdbed40fb51d098bea978750e565ff664f21fec0a17654b62b62b69c0f78f3d94eddd253c03416ae341f45baf5bcda64c17b60932f2797661bba2b4e5aa77f46e86eafa71ad963b982832f5a373564b044993c32cd3484f142df89fc4f2aaa1857a5a8632de047afeaf40d5523f550d7df675e3300e93a1969610a19510cc8d1e195807fde24b0febf8b7fbd3d90188c5d9aeda970164e7780a3f9a2f28ab283bfabec876b324c2e07df0dd3d79a457fea8058b0e83390b36a136dd0630df8f7bec80d55d862dd5a31217bb31057f622cbdb41e5dc69f8e56c42b9ee7961cc8cea0fade8ee6ca82bb1a67a488403a320b0ba4e79cdb4a4e3a8fa26175b3eeec3ba7d42b0cf25f4f93a460395fbda1b99f146d8f1e4b64ee8021a6d9f391f8bb52b29460c8ec17d23b40ab8539c795409a0822e0bb81fb3694f51e0fd997d0d6df83a0af18e45f01e6a999a7eb5894cf7ec662af92541130062d3aa26018f5ca595abd76a7471c5defd0588a056b71b344c6551be835d55ec7be3536407530895027f79410d2b2f22e57aa305247e49619750cdcd65340ea5b74feee9d14706af0311f2a3b93aa82b7528f4ef4302a400bbe9f6f5b3a916c15f3d235e5aded2ab6ace5e5e0c92523ba6c1fe723c54410677f763d2547072932c67b39e37b01baa53fdfe21672b2d39cede826b3894c7d751fa0fe3ae219afd23d501e98b9d7e5e29ecc9590e2d8cbdbadd126e9d8b386d73b4daaf018fd084b029b48d09bc330c648ec43971a65caf9ec4112fbc23a703644b426311b00507034842bd81ca067521843340736fa7db48253e6ce23644485457dda0001be787786f46994af325faa6b065d0063edd0d97ea249f8c00f59bc7847c88e0c927f141a3a198295a805a121eb911f2aa0b9a0bb1ae4920d1c7da107302a878a4913add10c90dbc93c531c03707d8a6c8ed8128e69a162f45f74b483f44cfe84e3bfafb0f153419ed1b0ba6545d24d5fb58f1c56c825743aba6a212b9015f4736bbcbacb0db4f8f0526329bf87741f7156f221e9c14e13e504c693531976e47a592adddc87184f5fb2887734e717b25ea4f92dc21b8d973c10d68ee72ada19caee0e6c128ad856c8682f735711aa311eeda01a63becc4d50fdefee7a66490937a9bc8e248a28a9188a09103123420dfc9dbb6bd8d90d6c134fab73f7ffdf105184350c57e4c999bc109feb5a718acd5f50511dd8c054273568d17418fb24a965526df1805896daf17c610b50d910b5a5dfcdbfbfa073e018d5420ec302a7131a6134afbecbf47b62e4fb0141b7490ee68b30bc4779f7e86f99ba197eb202d29c9c95054d30caba57beb9cf72f99b931ae2d390083af6beb25115760f812e0723be7c4e518c089ba5c40b9219c0a0e8a6669a1364fc5ffcdd866cd9359c5dc7605bb2671fd75f638450f4f7b27e550a8ffd117c6c2a7b487a9fbd4716a4435243cbb9ecfff8003b8567c78273cd0aa43eeda97a8bf9ae9d9bd9cfaeea9537f138472067969ca2484f0aa32fce5d7dbcbc0a45a9774b3eb2f695ff28b12f5e2426ac70f9bcf671c743f832493f8c90c1e91d5fe2de7dcda24d43e7db380462a2cb679c54b82091efea652e1a605b933f0e2f4b5a329353581462b3a6bf770b2bb5f6500244eb7990807f285b52f809dd0d9715b703a59918e0a769417e1cb74bcd5e03b7b1b00da61acf44251fdcb366bf6c7614a896298bc9b07a32173a88a72699f7eeca21bd8c66b8f23762a0a058a7dd5e3868361e16b8226513c343472b31b9146c20f4d7293830a36f49b327c956386e40d1c03953c3f90477ecff7cdaed4eacc26dbf6b191a2b59228de9f1a207d2e70fb5256d3af5f088f31288c27e10faa7758840f29ef0fe038f355eb4a8482b680928e4b0884c159df6484441f716e6e82130909b9d647e0c3410c8e1bcc920d93314498eaed819861a731aa55ab0f889716cb7d4960a7cb63eece23681906c82ff13856ee2edda54a981aa65cbe8cabe70e55b3c6be21e73e4c9018407c9716228db52578ce02bf21f5a31095b6242a42b001d002f7379732f646576696365732f7669727475616c2f6e65742f726f7365332f61646472657373000004001d800400e68000006600e3801800550045e5fadea222f9172e00481174ffc9cc22ec525c08000b006104000004003d80bb709b7b91117cc97671879297bcc0dfb5fd647e1e6b2fa169a4bcf015618321399cbec112ff0182a1b3b37168e5aa0e0c71e83ccf255cd8382b922615030000bc004480080056000a0101000400b980fae77ebfe3485973156b1b546f70da2aa0d323d46fc8b0d3189cb5cdbdec90092206fe6721d62d7336bc230d3201e24724142726aab4396b1e1e4d199a85127532aceaf3f378c12583eb6a6e8c990f5bcac814abb57f387334fc09f4c1a83e06a4b7b58394480487908ac097867dbbd17b421653a424d7f59ea208cf82558a0419af43e8c153cf938fc39d75922864f5a3c382581f8cba19280cf3be040054800500620000000000040069800012000100898771f1c19f17790485908286dd0000040002"], 0x22f0}, 0x1, 0x0, 0x0, 0x4004040}, 0xc000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0xe, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff) r3 = pipe$auto(&(0x7f00000000c0)) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/shrink_underused\x00', 0x1a1842, 0x0) write$auto(r4, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x8) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmdt$auto(&(0x7f0000000000)='(\x00') sendmsg$auto_SEG6_CMD_SETHMAC(r3, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002cbd7000fc0900000000000000000100fe8000000000000000000000000000aa0800030006000000"], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4c000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8004}, 0x41) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) socket(0xa, 0x2, 0x0) semctl$auto_SETVAL(0x5, 0x3, 0x10, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 6.961489517s ago: executing program 3 (id=868): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001900), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'dummy0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000004080)={&(0x7f00000001c0)={0x20, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20044804}, 0x4000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x23, 0xa, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x3f00) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r4 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fchdir$auto(r4) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x8, 0x0, 0xc, 0xe3, 0x4e, 0x3}, 0x6f4) bpf$auto(0x16, 0xffffffffffffffff, 0x0) bpf$auto(0x2, 0x0, 0x103) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) clone$auto(0x400000000000007, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) 6.472070496s ago: executing program 1 (id=869): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd0/queue/zone_write_granularity\x00', 0x101180, 0x0) r1 = socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x6, &(0x7f00000001c0)=@test={r1, 0x10004, 0x0, 0x1000, 0x106, 0x0, 0x0, 0xfff, 0x10000, 0x9, 0x0, 0x4, 0x7, 0x2, 0xfffeffff}, 0x1) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:02.0/irq\x00', 0x100, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) mount$auto(0x0, &(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x7fff, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) read$auto(r0, 0x0, 0x24) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x0, 0x0) ioctl$auto(r2, 0x4b49, 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/block/ram7/queue/chunk_sectors\x00', 0x80800, 0x0) r4 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r4, 0x29, 0x20, 0x0, 0x1f) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000180)=""/187, 0xbb) 6.17227426s ago: executing program 0 (id=871): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x400, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x3, 0x10000000000002a, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/timer_source\x00', 0x189001, 0x0) write$auto(r1, 0x0, 0xe) close_range$auto(0x2, 0x8, 0x0) r2 = prctl$auto_PR_SCHED_CORE_CREATE(0x800, 0x1, 0xffffffffffffffff, 0x7, 0x4) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000000)={0x4, 0x2, 0x2, 0x0, 0x0, "83e2cd10835cd0c263519e6e"}) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0xc0603d0f, 0x0) 5.896554282s ago: executing program 1 (id=873): ioctl$auto(0x3, 0x1, 0x90000800000402) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20040045) unshare$auto(0x40000080) madvise$auto(0x0, 0x2003f0, 0x15) epoll_create$auto(0x6) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x801, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0xc) sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'gretap0\x00'}) socket(0xa, 0x23af690fef30229, 0x9) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000001f80)={0x28, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@typed={0x10, 0x1, 0x0, 0x0, @str='q\x1b[:+)*\\.#!\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040004) sendmsg$auto_TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000700)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0x88, 0x0, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x74, 0x1, 0x0, 0x1, [@generic="0cede618f96c4582071b089c7e8866988cf161d3e6b1aeac28c56bc1e6450bf763ce885c2cb14e8217f3ff910e7d1f2e497626dc861002919a48a567aee6f79f7bd34909d9f51e5a200abd303f1aea800aefa0a26d9ee091f9ad3782c23534d80988751dfad0a817", @typed={0x8, 0x150, 0x0, 0x0, @ipv4=@private=0xa010101}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) 5.758263359s ago: executing program 3 (id=874): pread64$auto(0xffffffffffffffff, 0x0, 0x200000000006, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x3, 0x0) getsockname$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd26, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) semctl$auto_SETALL(0x1, 0x6, 0x11, 0x200000000000066) r2 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000340), r0) sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="88f5bd1b1d9b2a792da5f1ed19ecee75fbcc86cc9d8943182c8314fda84de6531c25c4a1c7bbd26b8a5e39a392b3337941f8bffbf69dbf373bdbc4dcfff0322b0309b754f38729460aa24b60ca7235dbfba1478d781790250f7dca71aac56a", @ANYRES16=r2, @ANYBLOB="0b032abd7000ffdbdf2504000000080002000600000008000600060000000800090000040000080006000200000008000500040000000800050000000000"], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x4001) sendmsg$auto_NFC_CMD_GET_DEVICE(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x14000}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) fcntl$auto_F_DUPFD_QUERY(0xffffffffffffffff, 0x403, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040800) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040)="11ce06d2", 0x40000100000001}, 0x6, 0x0) setpgid$auto(0x0, 0x0) r3 = gettid() close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) sendfile$auto(0x3, r4, 0x0, 0x400000000006) kill$auto(r3, 0x11) 5.574187268s ago: executing program 0 (id=876): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x40000402, 0x0) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0) prctl$auto(0x16, 0x1, 0x6, 0xfffffffffffffffe, 0x4) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000140)=""/44, 0x2c) r2 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000001240)='4', 0x1) r3 = socket(0x10, 0x2, 0xc) r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="141212a4", @ANYRES16=r4, @ANYBLOB="000128bd7000fbdbdf250a000007"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000000) write$auto(r0, &(0x7f0000000080)='*\'\x00', 0x4) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x6, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 5.163749397s ago: executing program 2 (id=877): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x48401, 0x0) ioctl$auto(r0, 0x141b, 0xffffffffffffffff) 4.876032542s ago: executing program 2 (id=878): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/virtual/block/ram2/queue/minimum_io_size\x00', 0xa000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000) (fail_nth: 3) 4.698817928s ago: executing program 3 (id=879): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0xe, &(0x7f0000000700)=@bpf_attr_1={0xffffffffffffffff, 0x6, @next_key=0x6, 0x10000}, 0x24) madvise$auto(0x0, 0xffffffffffff0001, 0x15) bpf$auto(0x4, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_map_fd=r0}, 0xa3) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) mbind$auto(0x8, 0x100000008, 0xfffffffb, 0x0, 0x1000006, 0x2) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x80000b}, 0x5, 0x20000000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x3, 0xff) r1 = socket(0x2, 0x801, 0x100) sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x20000054) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', 0x0}) bpf$auto(0xffffffff, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r2, r1, 0x9c, 0x0, 0x1, @relative_fd, 0x5}, 0x96) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, &(0x7f00000000c0)={0xa, 0x81, 0x70}, 0x1f4, 0x0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0) semctl$auto(0x0, 0x9, 0x0, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mbind$auto(0x8, 0x0, 0x9, &(0x7f0000000200)=0x4, 0x4000000000, 0x81) r3 = seccomp$auto(0x81, 0xb9d, &(0x7f0000000180)="8c5e3b10741385847d4a86cbdcdbb2bf3046dcbce57a56f03fb9b5b2d75f8ac4073ba9ffea7ce9b4fce51c108847c4aaff63fbbdd4b0ddb85fd44b1d07a682fefbd25b289fdacddbb8cea7848e09a8f4768c563e3fa9849e1179f2ceabb6") syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r3) openat$auto_fops_u8_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/nfcsim/nfc1/dropframe\x00', 0x0, 0x0) rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff4, 0x8) 4.642025352s ago: executing program 2 (id=880): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0) sendfile$auto(r2, r2, 0x0, 0x7fffe000) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) setitimer$auto(0x1, &(0x7f0000000000)={{0x2, 0x4}, {0x5, 0x6}}, 0x0) r3 = socket(0x18, 0x800, 0x1) connect$auto(r3, &(0x7f0000000000)=@in={0x2, 0x100, @rand_addr=0x3f}, 0x3a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x6, &(0x7f0000000000)={0xfffffffa, 0x9, 0xb, 0x1, 0x7, 0x2, 0xffffffffffffffff, [0x3ff, 0x8, 0x6], {0x86, 0x9, 0x10000000, 0x9, 0xe0c5, 0x800, 0x0, 0x961, 0x6d651109}, {0x5, 0x3, 0x6, 0xa2, 0x6, 0x0, 0x7, 0x2cb2f581, 0x200}}) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x1, 0x8, 0xc, 0xe3, 0x4000000002, 0x3}, 0x6f7) bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0xf2, 0xffffffffffffffff, 0x0, 0x800}, 0x92) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) setfsuid$auto(0x0) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/options/test_nop_accept\x00', 0x2, 0x0) mmap$auto(0x0, 0x8, 0x4, 0x9b72, 0x2, 0x8000) kcmp$auto(0x1, 0x1, 0x7, 0x4, 0xe) r4 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r4, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) 4.380087764s ago: executing program 2 (id=881): mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x88, 0xac1, 0x2, 0x36242398, 0x7ff, 0x3bb, 0x8, 0xfffe, 0x1, 0x81, 0x68198}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010027bd7000fcdbdf250a"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/block/nbd0/hctx0/sched_tags\x00', 0x60100, 0x0) read$auto(r1, &(0x7f0000000040)='\x00', 0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.307675271s ago: executing program 1 (id=882): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ioperm$auto(0x7, 0x6, 0x2) sched_get_priority_min$auto(0x5) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0xa, 0x801, 0x84) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r2) connect$auto(0x3, &(0x7f0000000080)=@l2tp={0x2, 0x0, @remote, 0x1}, 0x54) (fail_nth: 5) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x1, 0x3f, 0x0, 0xb) openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) lseek$auto(0x3, 0x1, 0x1) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) read$auto(0x3, 0x0, 0xfdef) 4.097679924s ago: executing program 2 (id=883): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x28, 0x5, 0x0) socket(0xa, 0x801, 0x84) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) prlimit64$auto(0x1, 0x3, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r1) sendmsg$auto_IPVS_CMD_SET_SERVICE(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000580)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fcdbdf2502000000180001800800058004007d000c00018002"], 0x2c}, 0x1, 0x0, 0x0, 0x44050}, 0x4008000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 2.721908775s ago: executing program 2 (id=884): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram4\x00', 0x60742, 0x0) mmap$auto(0x1, 0x40009, 0xdf, 0x9b72, 0x7, 0x4) (async) mmap$auto(0x1, 0x40009, 0xdf, 0x9b72, 0x7, 0x4) write$auto(0x3, 0x0, 0x7fffffff) (async) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) (async) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x1, 0x100) (async) r0 = socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000003c0)="80e08ca631b90e5e9a4997a0a2f075172c2529fea5d2b4b06119e7cc493e3c68f5e114fe74f6ec1d4e94daec10b05cb281b0922bcba475cea32ccf0eda11471e9c15d15fbcc3bebe4bc005053b7459c5ecbae956634304a2b3c20d024a0df7b468626e493968743cc5ed35ab320b6ffd85d87720f947e83e96c03fca21e0c585095bf40d010cd4fba6c371232889fd43cb084df47b56ff93efb0f707d371175d4dcd1c13802f7a4550e4ef765842dadd3e2bc2df160655b78b5a9438f2f8be466e2b3782469b16c9310ff6307403770f5c225820d582ab93c7ca472e799fe10d61abbfc87e") (async) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000003c0)="80e08ca631b90e5e9a4997a0a2f075172c2529fea5d2b4b06119e7cc493e3c68f5e114fe74f6ec1d4e94daec10b05cb281b0922bcba475cea32ccf0eda11471e9c15d15fbcc3bebe4bc005053b7459c5ecbae956634304a2b3c20d024a0df7b468626e493968743cc5ed35ab320b6ffd85d87720f947e83e96c03fca21e0c585095bf40d010cd4fba6c371232889fd43cb084df47b56ff93efb0f707d371175d4dcd1c13802f7a4550e4ef765842dadd3e2bc2df160655b78b5a9438f2f8be466e2b3782469b16c9310ff6307403770f5c225820d582ab93c7ca472e799fe10d61abbfc87e") setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) syz_clone(0x80080000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002) setsockopt$auto_SO_MAX_PACING_RATE(r0, 0x3, 0x2f, 0x0, 0x4) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) (async) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = getpgid(0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x3, 0x6) socket(0x2, 0x5, 0x0) getsockopt$auto(r0, 0xa, 0x4, 0xfffffffffffffffc, 0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r1, 0x8, 0x0) 1.91216562s ago: executing program 1 (id=885): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) r1 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000140), 0x400300, 0x0) ioctl$auto_BCH_IOCTL_QUERY_ACCOUNTING(r1, 0x4020bc15, &(0x7f0000000180)={0x4, 0x4, 0x0, 0x7fffffff, 0x2, [{@k_i={{}, {0x2, 0x53, 0x0, 0x2, 0x0, {0xa000000000000000, 0x5}, 0x3, {0x4, 0x6, 0x1ff}}}}]}) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/194, 0xc2) select$auto(0x5, &(0x7f0000000080)={[0x400020000008, 0xfffffffffffffffc, 0x7, 0x6, 0xc, 0x3, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x202, 0xd3, 0x1]}, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x106) r3 = socket(0x2, 0x6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="475e25bd7000ffdbdf2508"], 0x1c}, 0x1, 0x0, 0x0, 0xd0}, 0x4000) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="2517083889a2df948cf333"], 0x14}, 0x1, 0x0, 0x0, 0x41000}, 0x64810) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth0\x00', 0x0}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000a1", @ANYRES16=r6], 0x2c}, 0x1, 0x0, 0x0, 0x20004994}, 0x4000884) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRESDEC=r2, @ANYBLOB="000425bd7000fbdbdf0503000023050002000300000004000180"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x41) 1.784462776s ago: executing program 0 (id=886): pread64$auto(0xffffffffffffffff, 0x0, 0x200000000006, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r1 = io_uring_setup$auto(0x3, 0x0) getsockname$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) r2 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd26, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) semctl$auto_SETALL(0x1, 0x6, 0x11, 0x200000000000066) ioctl$auto_VHOST_SET_LOG_FD2(r1, 0x4004af07, &(0x7f0000000200)=r0) sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(r3, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="88f5bd1b1d9b2a792da5f1ed19ecee75fbcc86cc9d8943182c8314fda84de6531c25c4a1c7bbd26b8a5e39a392b3337941f8bffbf69dbf373bdbc4dcfff0322b0309b754f38729460aa24b60ca7235dbfba1478d781790250f7dca71aac56a", @ANYRES16, @ANYBLOB="0b032abd7000ffdbdf2504000000080002000600000008000600060000000800090000040000080006000200000008000500040000000800050000000000"], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x4001) sendmsg$auto_NFC_CMD_GET_DEVICE(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x14000}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) fcntl$auto_F_DUPFD_QUERY(0xffffffffffffffff, 0x403, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040800) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040)="11ce06d2", 0x40000100000001}, 0x6, 0x0) setpgid$auto(0x0, 0x0) r4 = gettid() close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) sendfile$auto(0x3, r5, 0x0, 0x400000000006) kill$auto(r4, 0x11) 1.527689977s ago: executing program 3 (id=887): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) r1 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000140), 0x400300, 0x0) ioctl$auto_BCH_IOCTL_QUERY_ACCOUNTING(r1, 0x4020bc15, &(0x7f0000000180)={0x4, 0x4, 0x0, 0x7fffffff, 0x2, [{@k_i={{}, {0x2, 0x53, 0x0, 0x2, 0x0, {0xa000000000000000, 0x5}, 0x3, {0x4, 0x6, 0x1ff}}}}]}) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/194, 0xc2) select$auto(0x5, &(0x7f0000000080)={[0x400020000008, 0xfffffffffffffffc, 0x7, 0x6, 0xc, 0x3, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x202, 0xd3, 0x1]}, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x106) r3 = socket(0x2, 0x6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="475e25bd7000ffdbdf2508"], 0x1c}, 0x1, 0x0, 0x0, 0xd0}, 0x4000) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="2517083889a2df948cf333"], 0x14}, 0x1, 0x0, 0x0, 0x41000}, 0x64810) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth0\x00', 0x0}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000a6", @ANYRES16=r6], 0x2c}, 0x1, 0x0, 0x0, 0x20004994}, 0x4000884) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRESDEC=r2, @ANYBLOB="000425bd7000fbdbdf0503000023050002000300000004000180"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x41) 1.250665418s ago: executing program 0 (id=888): pread64$auto(0xffffffffffffffff, 0x0, 0x200000000006, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x3, 0x0) getsockname$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd26, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) semctl$auto_SETALL(0x1, 0x6, 0x11, 0x200000000000066) r2 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000340), r0) sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="88f5bd1b1d9b2a792da5f1ed19ecee75fbcc86cc9d8943182c8314fda84de6531c25c4a1c7bbd26b8a5e39a392b3337941f8bffbf69dbf373bdbc4dcfff0322b0309b754f38729460aa24b60ca7235dbfba1478d781790250f7dca71aac56a", @ANYRES16=r2, @ANYBLOB="0b032abd7000ffdbdf2504000000080002000600000008000600060000000800090000040000080006000200000008000500040000000800050000000000"], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x4001) sendmsg$auto_NFC_CMD_GET_DEVICE(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x14000}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) fcntl$auto_F_DUPFD_QUERY(0xffffffffffffffff, 0x403, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040800) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040)="11ce06d2", 0x40000100000001}, 0x6, 0x0) setpgid$auto(0x0, 0x0) r3 = gettid() close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) sendfile$auto(0x3, r4, 0x0, 0x400000000006) kill$auto(r3, 0x11) 1.010910081s ago: executing program 3 (id=889): ioctl$auto(0x3, 0x1, 0x90000800000402) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20040045) unshare$auto(0x40000080) madvise$auto(0x0, 0x2003f0, 0x15) epoll_create$auto(0x6) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x801, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0xc) sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'gretap0\x00'}) socket(0xa, 0x23af690fef30229, 0x9) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000001f80)={0x28, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@typed={0x10, 0x1, 0x0, 0x0, @str='q\x1b[:+)*\\.#!\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040004) sendmsg$auto_TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000700)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0x88, 0x0, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x74, 0x1, 0x0, 0x1, [@generic="0cede618f96c4582071b089c7e8866988cf161d3e6b1aeac28c56bc1e6450bf763ce885c2cb14e8217f3ff910e7d1f2e497626dc861002919a48a567aee6f79f7bd34909d9f51e5a200abd303f1aea800aefa0a26d9ee091f9ad3782c23534d80988751dfad0a817", @typed={0x8, 0x150, 0x0, 0x0, @ipv4=@private=0xa010101}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) 1.00970967s ago: executing program 1 (id=897): pread64$auto(0xffffffffffffffff, 0x0, 0x200000000006, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x3, 0x0) getsockname$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd26, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) semctl$auto_SETALL(0x1, 0x6, 0x11, 0x200000000000066) r2 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000340), r0) sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="88f5bd1b1d9b2a792da5f1ed19ecee75fbcc86cc9d8943182c8314fda84de6531c25c4a1c7bbd26b8a5e39a392b3337941f8bffbf69dbf373bdbc4dcfff0322b0309b754f38729460aa24b60ca7235dbfba1478d781790250f7dca71aac56a", @ANYRES16=r2, @ANYBLOB="0b032abd7000ffdbdf2504000000080002000600000008000600060000000800090000040000080006000200000008000500040000000800050000000000"], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x4001) sendmsg$auto_NFC_CMD_GET_DEVICE(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x14000}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) fcntl$auto_F_DUPFD_QUERY(0xffffffffffffffff, 0x403, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040800) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040)="11ce06d2", 0x40000100000001}, 0x6, 0x0) setpgid$auto(0x0, 0x0) r3 = gettid() close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) sendfile$auto(0x3, r4, 0x0, 0x400000000006) kill$auto(r3, 0x11) 630.939003ms ago: executing program 0 (id=890): pread64$auto(0xffffffffffffffff, 0x0, 0x200000000006, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x3, 0x0) getsockname$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd26, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) semctl$auto_SETALL(0x1, 0x6, 0x11, 0x200000000000066) r2 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000340), r0) sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="88f5bd1b1d9b2a792da5f1ed19ecee75fbcc86cc9d8943182c8314fda84de6531c25c4a1c7bbd26b8a5e39a392b3337941f8bffbf69dbf373bdbc4dcfff0322b0309b754f38729460aa24b60ca7235dbfba1478d781790250f7dca71aac56a", @ANYRES16=r2, @ANYBLOB="0b032abd7000ffdbdf2504000000080002000600000008000600060000000800090000040000080006000200000008000500040000000800050000000000"], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x4001) sendmsg$auto_NFC_CMD_GET_DEVICE(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x28, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x14000}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) fcntl$auto_F_DUPFD_QUERY(0xffffffffffffffff, 0x403, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040800) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040)="11ce06d2", 0x40000100000001}, 0x6, 0x0) setpgid$auto(0x0, 0x0) r3 = gettid() close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) sendfile$auto(0x3, r4, 0x0, 0x400000000006) kill$auto(r3, 0x11) 571.452µs ago: executing program 0 (id=891): ioctl$auto(0x3, 0x1, 0x90000800000402) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20040045) unshare$auto(0x40000080) madvise$auto(0x0, 0x2003f0, 0x15) epoll_create$auto(0x6) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x801, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0xc) sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'gretap0\x00'}) socket(0xa, 0x23af690fef30229, 0x9) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000001f80)={0x28, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@typed={0x10, 0x1, 0x0, 0x0, @str='q\x1b[:+)*\\.#!\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040004) sendmsg$auto_TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000700)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0x88, 0x0, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x74, 0x1, 0x0, 0x1, [@generic="0cede618f96c4582071b089c7e8866988cf161d3e6b1aeac28c56bc1e6450bf763ce885c2cb14e8217f3ff910e7d1f2e497626dc861002919a48a567aee6f79f7bd34909d9f51e5a200abd303f1aea800aefa0a26d9ee091f9ad3782c23534d80988751dfad0a817", @typed={0x8, 0x150, 0x0, 0x0, @ipv4=@private=0xa010101}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) 0s ago: executing program 1 (id=892): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRESDEC=r0, @ANYBLOB="110325"], 0x14}}, 0x10040) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = prctl$auto(0x10000000017, 0x28, 0x4, 0x8000000156, 0x0) ioctl$auto_SCSI_IOCTL_PROBE_HOST(0xffffffffffffffff, 0x5385, 0x0) write$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffffff, 0x0, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x14a402, 0x0) read$auto(0x3, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/ipc\x00') flistxattr$auto(0xffffffffffffffff, 0x0, 0x3) getrandom$auto(0x0, 0x6000000, 0x3) r5 = getsid$auto(0xffffffffffffffff) syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_HANDSHAKE_CMD_DONE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000000a8d4640e32f40845479f6254f51bd898bec73af", @ANYRES16=r1, @ANYRESDEC=r0, @ANYRES8=r2, @ANYBLOB="e5521a3fac208bc6f9663ac58e83955ac4461c5186e2a2d316112c86b9f1e4dba9eb88a2544fbeb1be3b7ef86c1ee06bd4a4139ddcf5a8eebc00dd2b72c83f53f7cff578bf6d578b36161b92f04810c59977e417361b3f183dc5dbe8701e5acbb19e677d998adf24b4a90426b859e583d3cd19621aad401c0330be33a85e29a9bb5efb7e44a0b0649ece05c7f98a93609af3ca539f94e9edc8e607d7607663dd0000000000000000000000000000008023faa388f41adb7c10e8df7d2781298220742969f135db411fe3326ccb89035b3e69e48f2f753123e75a2fdda4d5c00000000000000000000000000000133852d44451644a3ab36556d8f3d52117dfe89eef7f073ae7933410e1a672e7b486068a4552169ee99393d4afc580f46027966d49e518d20c615a94f44eebd62a2189e464c1cf9ace9be200830d02439ad897dd4b5e16297c45947d1df901557eb2ace0a13c8c0a4fe2a862ffce77ae1e50eca85a92d6791d7403bfbe429faa84a6ccc68c"], 0x1c}}, 0xd4) bpf$auto(0x8, &(0x7f0000000000)=@task_fd_query={r5, r0, 0x5a63, 0x0, 0x0, 0xffff, r4, 0x5cc2, 0xc9}, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x0, 0x802, 0x4bd4) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) r6 = socket(0x10, 0x2, 0x4) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="21022cbc7000ebdbdf2501"], 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x4000080) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c800) write$auto(r6, &(0x7f0000000240)='-\x00', 0x2f7) kernel console output (not intermixed with test programs): 30 [ 140.765602][ T6429] ? kasan_save_free_info+0x3b/0x60 [ 140.765638][ T6429] ? __kasan_slab_free+0x51/0x70 [ 140.765681][ T6429] ? kfree+0x2b6/0x4d0 [ 140.765715][ T6429] ? tomoyo_path_number_perm+0x470/0x580 [ 140.765749][ T6429] ? security_file_ioctl+0x9b/0x240 [ 140.765791][ T6429] ? __x64_sys_ioctl+0xb7/0x200 [ 140.765833][ T6429] ? __lock_acquire+0xaa4/0x1ba0 [ 140.765895][ T6429] ? __mutex_trylock_common+0xe9/0x250 [ 140.765926][ T6429] ? __pfx___mutex_trylock_common+0x10/0x10 [ 140.765958][ T6429] ? __pfx___might_resched+0x10/0x10 [ 140.766004][ T6429] ? rcu_is_watching+0x12/0xc0 [ 140.766042][ T6429] ? trace_contention_end+0xdd/0x130 [ 140.766072][ T6429] ? __mutex_lock+0x1ca/0xb90 [ 140.766120][ T6429] ? kvm_vcpu_ioctl+0x27e/0x1680 [ 140.766171][ T6429] ? __pfx___mutex_lock+0x10/0x10 [ 140.766233][ T6429] ? tomoyo_path_number_perm+0x18d/0x580 [ 140.766277][ T6429] ? kvm_vcpu_ioctl+0x1232/0x1680 [ 140.766322][ T6429] kvm_vcpu_ioctl+0x1232/0x1680 [ 140.766376][ T6429] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 140.766453][ T6429] ? find_held_lock+0x2b/0x80 [ 140.766492][ T6429] ? hook_file_ioctl_common+0x145/0x410 [ 140.766536][ T6429] ? __fget_files+0x20e/0x3c0 [ 140.766588][ T6429] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 140.766640][ T6429] __x64_sys_ioctl+0x190/0x200 [ 140.766681][ T6429] do_syscall_64+0xcd/0x260 [ 140.766730][ T6429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.766760][ T6429] RIP: 0033:0x7f14f2f8d169 [ 140.766783][ T6429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.766820][ T6429] RSP: 002b:00007f14f3d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 140.766849][ T6429] RAX: ffffffffffffffda RBX: 00007f14f31a5fa0 RCX: 00007f14f2f8d169 [ 140.766869][ T6429] RDX: 0000200000000040 RSI: 000000004008ae89 RDI: 0000000000000004 [ 140.766889][ T6429] RBP: 00007f14f3d07090 R08: 0000000000000000 R09: 0000000000000000 [ 140.766907][ T6429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 140.766925][ T6429] R13: 0000000000000000 R14: 00007f14f31a5fa0 R15: 00007fff789d4278 [ 140.766967][ T6429] [ 141.482925][ T6437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.135'. [ 142.871271][ T6461] FAULT_INJECTION: forcing a failure. [ 142.871271][ T6461] name failslab, interval 1, probability 0, space 0, times 0 [ 142.906506][ T6452] netlink: 'syz.3.138': attribute type 1 has an invalid length. [ 142.920238][ T6452] FAULT_INJECTION: forcing a failure. [ 142.920238][ T6452] name failslab, interval 1, probability 0, space 0, times 0 [ 142.981792][ T6461] CPU: 0 UID: 0 PID: 6461 Comm: syz.0.142 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 142.981835][ T6461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 142.981853][ T6461] Call Trace: [ 142.981863][ T6461] [ 142.981875][ T6461] dump_stack_lvl+0x16c/0x1f0 [ 142.981925][ T6461] should_fail_ex+0x512/0x640 [ 142.981960][ T6461] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 142.982007][ T6461] should_failslab+0xc2/0x120 [ 142.982037][ T6461] __kmalloc_cache_noprof+0x6a/0x3e0 [ 142.982079][ T6461] ? __lock_acquire+0xaa4/0x1ba0 [ 142.982128][ T6461] ? snd_timer_instance_new+0x47/0x2e0 [ 142.982183][ T6461] snd_timer_instance_new+0x47/0x2e0 [ 142.982232][ T6461] snd_seq_timer_open+0x1cc/0x5e0 [ 142.982283][ T6461] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 142.982328][ T6461] ? find_held_lock+0x2b/0x80 [ 142.982374][ T6461] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 142.982417][ T6461] ? lockdep_hardirqs_on+0x7c/0x110 [ 142.982462][ T6461] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 142.982509][ T6461] queue_use+0xe3/0x250 [ 142.982542][ T6461] snd_seq_queue_alloc+0x2e5/0x550 [ 142.982584][ T6461] snd_seq_ioctl_create_queue+0xa9/0x380 [ 142.982631][ T6461] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 142.982686][ T6461] alloc_seq_queue+0xda/0x180 [ 142.982736][ T6461] ? __pfx_alloc_seq_queue+0x10/0x10 [ 142.982810][ T6461] ? mark_held_locks+0x49/0x80 [ 142.982860][ T6461] ? _raw_spin_unlock_irq+0x23/0x50 [ 142.982905][ T6461] snd_seq_oss_open+0x38c/0xa20 [ 142.982962][ T6461] odev_open+0x6f/0x90 [ 142.983005][ T6461] ? __pfx_odev_open+0x10/0x10 [ 142.983049][ T6461] soundcore_open+0x409/0x580 [ 142.983096][ T6461] ? __pfx_soundcore_open+0x10/0x10 [ 142.983139][ T6461] chrdev_open+0x231/0x6a0 [ 142.983187][ T6461] ? __pfx_apparmor_file_open+0x10/0x10 [ 142.983228][ T6461] ? __pfx_chrdev_open+0x10/0x10 [ 142.983286][ T6461] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 142.983339][ T6461] do_dentry_open+0x741/0x1c10 [ 142.983385][ T6461] ? __pfx_chrdev_open+0x10/0x10 [ 142.983442][ T6461] vfs_open+0x82/0x3f0 [ 142.983480][ T6461] path_openat+0x1e5e/0x2d40 [ 142.983544][ T6461] ? __pfx_path_openat+0x10/0x10 [ 142.983603][ T6461] do_filp_open+0x20b/0x470 [ 142.983650][ T6461] ? __pfx_do_filp_open+0x10/0x10 [ 142.983729][ T6461] ? alloc_fd+0x471/0x7d0 [ 142.983787][ T6461] do_sys_openat2+0x11b/0x1d0 [ 142.983820][ T6461] ? __pfx_do_sys_openat2+0x10/0x10 [ 142.983859][ T6461] ? __fget_files+0x20e/0x3c0 [ 142.983913][ T6461] __x64_sys_openat+0x174/0x210 [ 142.983948][ T6461] ? __pfx___x64_sys_openat+0x10/0x10 [ 142.983981][ T6461] ? ksys_write+0x1b9/0x240 [ 142.984025][ T6461] ? rcu_is_watching+0x12/0xc0 [ 142.984077][ T6461] do_syscall_64+0xcd/0x260 [ 142.984127][ T6461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.984159][ T6461] RIP: 0033:0x7f14f2f8d169 [ 142.984183][ T6461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.984212][ T6461] RSP: 002b:00007f14f3d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 142.984241][ T6461] RAX: ffffffffffffffda RBX: 00007f14f31a5fa0 RCX: 00007f14f2f8d169 [ 142.984260][ T6461] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 142.984285][ T6461] RBP: 00007f14f3d07090 R08: 0000000000000000 R09: 0000000000000000 [ 142.984303][ T6461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 142.984321][ T6461] R13: 0000000000000000 R14: 00007f14f31a5fa0 R15: 00007fff789d4278 [ 142.984361][ T6461] [ 143.045629][ T6452] CPU: 1 UID: 0 PID: 6452 Comm: syz.3.138 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 143.045687][ T6452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 143.045704][ T6452] Call Trace: [ 143.045714][ T6452] [ 143.045725][ T6452] dump_stack_lvl+0x16c/0x1f0 [ 143.045779][ T6452] should_fail_ex+0x512/0x640 [ 143.045824][ T6452] should_failslab+0xc2/0x120 [ 143.045856][ T6452] __kmalloc_cache_noprof+0x6a/0x3e0 [ 143.045901][ T6452] ? sctp_add_bind_addr+0xae/0x3f0 [ 143.045951][ T6452] sctp_add_bind_addr+0xae/0x3f0 [ 143.046000][ T6452] sctp_copy_local_addr_list+0x39d/0x5a0 [ 143.046059][ T6452] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 143.046117][ T6452] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 143.046178][ T6452] ? sctp_bind_addr_copy+0xe0/0x530 [ 143.046222][ T6452] sctp_bind_addr_copy+0xe0/0x530 [ 143.046276][ T6452] sctp_connect_new_asoc+0x1d7/0x790 [ 143.046316][ T6452] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 143.046355][ T6452] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 143.046421][ T6452] __sctp_connect+0x3f3/0xc60 [ 143.046462][ T6452] ? do_raw_spin_lock+0x12c/0x2b0 [ 143.046500][ T6452] ? __pfx___sctp_connect+0x10/0x10 [ 143.046545][ T6452] ? __pfx_sctp_inet_connect+0x10/0x10 [ 143.046583][ T6452] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 143.046621][ T6452] ? __pfx_sctp_inet_connect+0x10/0x10 [ 143.046654][ T6452] sctp_inet_connect+0x15f/0x200 [ 143.046692][ T6452] __sys_connect_file+0x13e/0x1a0 [ 143.046734][ T6452] __sys_connect+0x14d/0x170 [ 143.046768][ T6452] ? __pfx___sys_connect+0x10/0x10 [ 143.046832][ T6452] __x64_sys_connect+0x72/0xb0 [ 143.046868][ T6452] do_syscall_64+0xcd/0x260 [ 143.046920][ T6452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.046952][ T6452] RIP: 0033:0x7f207e18d169 [ 143.046976][ T6452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.047007][ T6452] RSP: 002b:00007f207f03d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 143.047035][ T6452] RAX: ffffffffffffffda RBX: 00007f207e3a6080 RCX: 00007f207e18d169 [ 143.047056][ T6452] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 143.047074][ T6452] RBP: 00007f207f03d090 R08: 0000000000000000 R09: 0000000000000000 [ 143.047094][ T6452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 143.047112][ T6452] R13: 0000000000000000 R14: 00007f207e3a6080 R15: 00007fffc57b44e8 [ 143.047154][ T6452] [ 144.238249][ T6462] netlink: 32 bytes leftover after parsing attributes in process `syz.1.141'. [ 145.568778][ T6478] zero sized request [ 145.956422][ T6494] bridge0: port 3(ipvlan0) entered blocking state [ 145.983720][ T6494] bridge0: port 3(ipvlan0) entered disabled state [ 145.998354][ T6494] ipvlan0: entered allmulticast mode [ 146.008331][ T6494] veth0_vlan: entered allmulticast mode [ 146.057076][ T6494] ipvlan0: left allmulticast mode [ 146.088831][ T6494] veth0_vlan: left allmulticast mode [ 146.368009][ T6504] synth uevent: /bus/memstick: unknown uevent action string [ 146.596325][ T6506] Invalid ELF header magic: != ELF [ 147.316607][ T6545] netlink: 'syz.2.161': attribute type 1 has an invalid length. [ 147.375316][ T6528] MTRR 1 not used [ 147.407133][ T6545] FAULT_INJECTION: forcing a failure. [ 147.407133][ T6545] name failslab, interval 1, probability 0, space 0, times 0 [ 147.420098][ T6545] CPU: 0 UID: 0 PID: 6545 Comm: syz.2.161 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 147.420136][ T6545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 147.420153][ T6545] Call Trace: [ 147.420163][ T6545] [ 147.420173][ T6545] dump_stack_lvl+0x16c/0x1f0 [ 147.420220][ T6545] should_fail_ex+0x512/0x640 [ 147.420256][ T6545] should_failslab+0xc2/0x120 [ 147.420282][ T6545] __kmalloc_cache_noprof+0x6a/0x3e0 [ 147.420320][ T6545] ? sctp_add_bind_addr+0xae/0x3f0 [ 147.420362][ T6545] sctp_add_bind_addr+0xae/0x3f0 [ 147.420403][ T6545] sctp_copy_local_addr_list+0x39d/0x5a0 [ 147.420452][ T6545] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 147.420501][ T6545] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 147.420552][ T6545] ? sctp_bind_addr_copy+0xe0/0x530 [ 147.420589][ T6545] sctp_bind_addr_copy+0xe0/0x530 [ 147.420634][ T6545] sctp_connect_new_asoc+0x1d7/0x790 [ 147.420668][ T6545] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 147.420699][ T6545] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 147.420755][ T6545] __sctp_connect+0x3f3/0xc60 [ 147.420788][ T6545] ? do_raw_spin_lock+0x12c/0x2b0 [ 147.420820][ T6545] ? __pfx___sctp_connect+0x10/0x10 [ 147.420852][ T6545] ? __pfx_sctp_inet_connect+0x10/0x10 [ 147.420896][ T6545] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 147.420929][ T6545] ? __pfx_sctp_inet_connect+0x10/0x10 [ 147.420957][ T6545] sctp_inet_connect+0x15f/0x200 [ 147.420989][ T6545] __sys_connect_file+0x13e/0x1a0 [ 147.421024][ T6545] __sys_connect+0x14d/0x170 [ 147.421053][ T6545] ? __pfx___sys_connect+0x10/0x10 [ 147.421095][ T6545] ? __pfx_ksys_write+0x10/0x10 [ 147.421132][ T6545] ? rcu_is_watching+0x12/0xc0 [ 147.421173][ T6545] __x64_sys_connect+0x72/0xb0 [ 147.421201][ T6545] ? lockdep_hardirqs_on+0x7c/0x110 [ 147.421238][ T6545] do_syscall_64+0xcd/0x260 [ 147.421281][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.421308][ T6545] RIP: 0033:0x7f610a78d169 [ 147.421329][ T6545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.421355][ T6545] RSP: 002b:00007f61085f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 147.421380][ T6545] RAX: ffffffffffffffda RBX: 00007f610a9a6080 RCX: 00007f610a78d169 [ 147.421398][ T6545] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 147.421414][ T6545] RBP: 00007f61085f6090 R08: 0000000000000000 R09: 0000000000000000 [ 147.421430][ T6545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 147.421445][ T6545] R13: 0000000000000000 R14: 00007f610a9a6080 R15: 00007fff6eef1b68 [ 147.421480][ T6545] [ 148.800540][ T6556] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 149.354110][ T6542] netlink: 'syz.3.164': attribute type 1 has an invalid length. [ 151.896413][ T6612] netlink: 'syz.3.181': attribute type 1 has an invalid length. [ 151.926198][ T6612] FAULT_INJECTION: forcing a failure. [ 151.926198][ T6612] name failslab, interval 1, probability 0, space 0, times 0 [ 152.065105][ T6612] CPU: 0 UID: 0 PID: 6612 Comm: syz.3.181 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 152.065149][ T6612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 152.065167][ T6612] Call Trace: [ 152.065178][ T6612] [ 152.065189][ T6612] dump_stack_lvl+0x16c/0x1f0 [ 152.065242][ T6612] should_fail_ex+0x512/0x640 [ 152.065289][ T6612] should_failslab+0xc2/0x120 [ 152.065320][ T6612] __kmalloc_cache_noprof+0x6a/0x3e0 [ 152.065366][ T6612] ? sctp_add_bind_addr+0xae/0x3f0 [ 152.065415][ T6612] sctp_add_bind_addr+0xae/0x3f0 [ 152.065464][ T6612] sctp_copy_local_addr_list+0x39d/0x5a0 [ 152.065522][ T6612] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 152.065580][ T6612] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 152.065642][ T6612] ? sctp_bind_addr_copy+0xe0/0x530 [ 152.065685][ T6612] sctp_bind_addr_copy+0xe0/0x530 [ 152.065747][ T6612] sctp_connect_new_asoc+0x1d7/0x790 [ 152.065788][ T6612] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 152.065827][ T6612] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 152.065894][ T6612] __sctp_connect+0x3f3/0xc60 [ 152.065935][ T6612] ? do_raw_spin_lock+0x12c/0x2b0 [ 152.065973][ T6612] ? __pfx___sctp_connect+0x10/0x10 [ 152.066012][ T6612] ? __pfx_sctp_inet_connect+0x10/0x10 [ 152.066050][ T6612] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 152.066089][ T6612] ? __pfx_sctp_inet_connect+0x10/0x10 [ 152.066122][ T6612] sctp_inet_connect+0x15f/0x200 [ 152.066160][ T6612] __sys_connect_file+0x13e/0x1a0 [ 152.066202][ T6612] __sys_connect+0x14d/0x170 [ 152.066236][ T6612] ? __pfx___sys_connect+0x10/0x10 [ 152.066289][ T6612] ? __pfx_ksys_write+0x10/0x10 [ 152.066331][ T6612] ? rcu_is_watching+0x12/0xc0 [ 152.066379][ T6612] __x64_sys_connect+0x72/0xb0 [ 152.066412][ T6612] ? lockdep_hardirqs_on+0x7c/0x110 [ 152.066455][ T6612] do_syscall_64+0xcd/0x260 [ 152.066507][ T6612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.066539][ T6612] RIP: 0033:0x7f207e18d169 [ 152.066564][ T6612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.066594][ T6612] RSP: 002b:00007f207f03d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 152.066623][ T6612] RAX: ffffffffffffffda RBX: 00007f207e3a6080 RCX: 00007f207e18d169 [ 152.066644][ T6612] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 152.066664][ T6612] RBP: 00007f207f03d090 R08: 0000000000000000 R09: 0000000000000000 [ 152.066682][ T6612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 152.066701][ T6612] R13: 0000000000000000 R14: 00007f207e3a6080 R15: 00007fffc57b44e8 [ 152.066749][ T6612] [ 153.438722][ T6633] netlink: 93 bytes leftover after parsing attributes in process `syz.3.186'. [ 155.129446][ T6618] netlink: 'syz.2.182': attribute type 1 has an invalid length. [ 155.691199][ T6661] zswap: zpool not available [ 156.128566][ T6674] netlink: 'syz.1.191': attribute type 1 has an invalid length. [ 156.695298][ T6683] openvswitch: HfR: Dropping previously announced user features [ 158.281880][ T6719] FAULT_INJECTION: forcing a failure. [ 158.281880][ T6719] name failslab, interval 1, probability 0, space 0, times 0 [ 158.316853][ T6719] CPU: 1 UID: 0 PID: 6719 Comm: syz.2.203 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 158.316904][ T6719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 158.316922][ T6719] Call Trace: [ 158.316932][ T6719] [ 158.316943][ T6719] dump_stack_lvl+0x16c/0x1f0 [ 158.316995][ T6719] should_fail_ex+0x512/0x640 [ 158.317029][ T6719] ? __kmalloc_noprof+0xbf/0x510 [ 158.317078][ T6719] ? snd_seq_oss_readq_new+0x96/0x2c0 [ 158.317114][ T6719] should_failslab+0xc2/0x120 [ 158.317143][ T6719] __kmalloc_noprof+0xd2/0x510 [ 158.317199][ T6719] snd_seq_oss_readq_new+0x96/0x2c0 [ 158.317240][ T6719] snd_seq_oss_open+0x54b/0xa20 [ 158.317299][ T6719] odev_open+0x6f/0x90 [ 158.317338][ T6719] ? __pfx_odev_open+0x10/0x10 [ 158.317374][ T6719] soundcore_open+0x409/0x580 [ 158.317413][ T6719] ? __pfx_soundcore_open+0x10/0x10 [ 158.317449][ T6719] chrdev_open+0x231/0x6a0 [ 158.317489][ T6719] ? __pfx_apparmor_file_open+0x10/0x10 [ 158.317522][ T6719] ? __pfx_chrdev_open+0x10/0x10 [ 158.317565][ T6719] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 158.317609][ T6719] do_dentry_open+0x741/0x1c10 [ 158.317647][ T6719] ? __pfx_chrdev_open+0x10/0x10 [ 158.317694][ T6719] vfs_open+0x82/0x3f0 [ 158.317724][ T6719] path_openat+0x1e5e/0x2d40 [ 158.317775][ T6719] ? __pfx_path_openat+0x10/0x10 [ 158.317822][ T6719] do_filp_open+0x20b/0x470 [ 158.317861][ T6719] ? __pfx_do_filp_open+0x10/0x10 [ 158.317930][ T6719] ? alloc_fd+0x471/0x7d0 [ 158.317977][ T6719] do_sys_openat2+0x11b/0x1d0 [ 158.318004][ T6719] ? __pfx_do_sys_openat2+0x10/0x10 [ 158.318035][ T6719] ? __fget_files+0x20e/0x3c0 [ 158.318079][ T6719] __x64_sys_openat+0x174/0x210 [ 158.318107][ T6719] ? __pfx___x64_sys_openat+0x10/0x10 [ 158.318134][ T6719] ? ksys_write+0x1b9/0x240 [ 158.318172][ T6719] ? rcu_is_watching+0x12/0xc0 [ 158.318214][ T6719] do_syscall_64+0xcd/0x260 [ 158.318260][ T6719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.318286][ T6719] RIP: 0033:0x7f610a78d169 [ 158.318307][ T6719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.318331][ T6719] RSP: 002b:00007f610b502038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 158.318354][ T6719] RAX: ffffffffffffffda RBX: 00007f610a9a5fa0 RCX: 00007f610a78d169 [ 158.318371][ T6719] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 158.318387][ T6719] RBP: 00007f610b502090 R08: 0000000000000000 R09: 0000000000000000 [ 158.318402][ T6719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 158.318416][ T6719] R13: 0000000000000000 R14: 00007f610a9a5fa0 R15: 00007fff6eef1b68 [ 158.318448][ T6719] [ 158.937764][ T6729] openvswitch: HfR: Dropping previously announced user features [ 160.577271][ T6767] netlink: 'syz.0.213': attribute type 1 has an invalid length. [ 160.591523][ T6767] FAULT_INJECTION: forcing a failure. [ 160.591523][ T6767] name failslab, interval 1, probability 0, space 0, times 0 [ 160.613280][ T6767] CPU: 0 UID: 0 PID: 6767 Comm: syz.0.213 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 160.613324][ T6767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 160.613341][ T6767] Call Trace: [ 160.613352][ T6767] [ 160.613363][ T6767] dump_stack_lvl+0x16c/0x1f0 [ 160.613414][ T6767] should_fail_ex+0x512/0x640 [ 160.613457][ T6767] should_failslab+0xc2/0x120 [ 160.613487][ T6767] __kmalloc_cache_noprof+0x6a/0x3e0 [ 160.613532][ T6767] ? sctp_add_bind_addr+0xae/0x3f0 [ 160.613581][ T6767] sctp_add_bind_addr+0xae/0x3f0 [ 160.613630][ T6767] sctp_copy_local_addr_list+0x39d/0x5a0 [ 160.613688][ T6767] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 160.613746][ T6767] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 160.613807][ T6767] ? sctp_bind_addr_copy+0xe0/0x530 [ 160.613851][ T6767] sctp_bind_addr_copy+0xe0/0x530 [ 160.613905][ T6767] sctp_connect_new_asoc+0x1d7/0x790 [ 160.613945][ T6767] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 160.613989][ T6767] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 160.614056][ T6767] __sctp_connect+0x3f3/0xc60 [ 160.614098][ T6767] ? preempt_schedule_thunk+0x16/0x30 [ 160.614133][ T6767] ? __pfx___sctp_connect+0x10/0x10 [ 160.614165][ T6767] ? preempt_schedule_common+0x44/0xc0 [ 160.614216][ T6767] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 160.614253][ T6767] ? __pfx_sctp_inet_connect+0x10/0x10 [ 160.614287][ T6767] sctp_inet_connect+0x15f/0x200 [ 160.614324][ T6767] __sys_connect_file+0x13e/0x1a0 [ 160.614365][ T6767] __sys_connect+0x14d/0x170 [ 160.614400][ T6767] ? __pfx___sys_connect+0x10/0x10 [ 160.614451][ T6767] ? __pfx_ksys_write+0x10/0x10 [ 160.614505][ T6767] __x64_sys_connect+0x72/0xb0 [ 160.614538][ T6767] ? lockdep_hardirqs_on+0x7c/0x110 [ 160.614582][ T6767] do_syscall_64+0xcd/0x260 [ 160.614632][ T6767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.614663][ T6767] RIP: 0033:0x7f14f2f8d169 [ 160.614687][ T6767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.614716][ T6767] RSP: 002b:00007f14f0df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 160.614746][ T6767] RAX: ffffffffffffffda RBX: 00007f14f31a6080 RCX: 00007f14f2f8d169 [ 160.614766][ T6767] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 160.614785][ T6767] RBP: 00007f14f0df6090 R08: 0000000000000000 R09: 0000000000000000 [ 160.614804][ T6767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 160.614823][ T6767] R13: 0000000000000000 R14: 00007f14f31a6080 R15: 00007fff789d4278 [ 160.614867][ T6767] [ 161.192398][ T6776] FAULT_INJECTION: forcing a failure. [ 161.192398][ T6776] name failslab, interval 1, probability 0, space 0, times 0 [ 161.313364][ T6776] CPU: 0 UID: 0 PID: 6776 Comm: syz.1.217 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 161.313410][ T6776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 161.313430][ T6776] Call Trace: [ 161.313441][ T6776] [ 161.313453][ T6776] dump_stack_lvl+0x16c/0x1f0 [ 161.313507][ T6776] should_fail_ex+0x512/0x640 [ 161.313544][ T6776] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 161.313600][ T6776] should_failslab+0xc2/0x120 [ 161.313630][ T6776] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 161.313683][ T6776] ? __d_alloc+0x31/0xaa0 [ 161.313719][ T6776] __d_alloc+0x31/0xaa0 [ 161.313754][ T6776] d_alloc_pseudo+0x1c/0xc0 [ 161.313794][ T6776] alloc_file_pseudo+0xcf/0x230 [ 161.313833][ T6776] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 161.313869][ T6776] ? alloc_fd+0x471/0x7d0 [ 161.313928][ T6776] sock_alloc_file+0x50/0x210 [ 161.313976][ T6776] __sys_socket+0x1c0/0x260 [ 161.314009][ T6776] ? __pfx___sys_socket+0x10/0x10 [ 161.314042][ T6776] ? rcu_is_watching+0x12/0xc0 [ 161.314091][ T6776] __x64_sys_socket+0x72/0xb0 [ 161.314121][ T6776] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.314166][ T6776] do_syscall_64+0xcd/0x260 [ 161.314218][ T6776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.314250][ T6776] RIP: 0033:0x7f445098d169 [ 161.314275][ T6776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.314306][ T6776] RSP: 002b:00007f445178c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 161.314337][ T6776] RAX: ffffffffffffffda RBX: 00007f4450ba5fa0 RCX: 00007f445098d169 [ 161.314359][ T6776] RDX: 0000000000000007 RSI: 0000000000000002 RDI: 000000000000001d [ 161.314377][ T6776] RBP: 00007f4450a0e990 R08: 0000000000000000 R09: 0000000000000000 [ 161.314397][ T6776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 161.314416][ T6776] R13: 0000000000000000 R14: 00007f4450ba5fa0 R15: 00007ffc87a14938 [ 161.314456][ T6776] [ 161.792863][ T6786] netlink: 'syz.1.220': attribute type 1 has an invalid length. [ 162.101207][ T6793] FAULT_INJECTION: forcing a failure. [ 162.101207][ T6793] name failslab, interval 1, probability 0, space 0, times 0 [ 162.132205][ T6793] CPU: 0 UID: 0 PID: 6793 Comm: syz.0.222 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 162.132249][ T6793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 162.132267][ T6793] Call Trace: [ 162.132278][ T6793] [ 162.132290][ T6793] dump_stack_lvl+0x16c/0x1f0 [ 162.132342][ T6793] should_fail_ex+0x512/0x640 [ 162.132377][ T6793] ? __kmalloc_noprof+0xbf/0x510 [ 162.132435][ T6793] ? snd_seq_oss_readq_new+0x96/0x2c0 [ 162.132472][ T6793] should_failslab+0xc2/0x120 [ 162.132501][ T6793] __kmalloc_noprof+0xd2/0x510 [ 162.132557][ T6793] snd_seq_oss_readq_new+0x96/0x2c0 [ 162.132599][ T6793] snd_seq_oss_open+0x54b/0xa20 [ 162.132656][ T6793] odev_open+0x6f/0x90 [ 162.132698][ T6793] ? __pfx_odev_open+0x10/0x10 [ 162.132742][ T6793] soundcore_open+0x409/0x580 [ 162.132789][ T6793] ? __pfx_soundcore_open+0x10/0x10 [ 162.132831][ T6793] chrdev_open+0x231/0x6a0 [ 162.132887][ T6793] ? __pfx_apparmor_file_open+0x10/0x10 [ 162.132926][ T6793] ? __pfx_chrdev_open+0x10/0x10 [ 162.132978][ T6793] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 162.133030][ T6793] do_dentry_open+0x741/0x1c10 [ 162.133075][ T6793] ? __pfx_chrdev_open+0x10/0x10 [ 162.133131][ T6793] vfs_open+0x82/0x3f0 [ 162.133168][ T6793] path_openat+0x1e5e/0x2d40 [ 162.133235][ T6793] ? __pfx_path_openat+0x10/0x10 [ 162.133292][ T6793] do_filp_open+0x20b/0x470 [ 162.133339][ T6793] ? __pfx_do_filp_open+0x10/0x10 [ 162.133415][ T6793] ? alloc_fd+0x471/0x7d0 [ 162.133471][ T6793] do_sys_openat2+0x11b/0x1d0 [ 162.133503][ T6793] ? __pfx_do_sys_openat2+0x10/0x10 [ 162.133541][ T6793] ? __fget_files+0x20e/0x3c0 [ 162.133593][ T6793] __x64_sys_openat+0x174/0x210 [ 162.133625][ T6793] ? __pfx___x64_sys_openat+0x10/0x10 [ 162.133658][ T6793] ? ksys_write+0x1b9/0x240 [ 162.133701][ T6793] ? rcu_is_watching+0x12/0xc0 [ 162.133752][ T6793] do_syscall_64+0xcd/0x260 [ 162.133801][ T6793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.133833][ T6793] RIP: 0033:0x7f14f2f8d169 [ 162.133864][ T6793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.133892][ T6793] RSP: 002b:00007f14f3d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 162.133919][ T6793] RAX: ffffffffffffffda RBX: 00007f14f31a5fa0 RCX: 00007f14f2f8d169 [ 162.133939][ T6793] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 162.133957][ T6793] RBP: 00007f14f3d07090 R08: 0000000000000000 R09: 0000000000000000 [ 162.133975][ T6793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 162.133992][ T6793] R13: 0000000000000000 R14: 00007f14f31a5fa0 R15: 00007fff789d4278 [ 162.134030][ T6793] [ 162.435139][ T6795] openvswitch: HfR: Dropping previously announced user features [ 164.293675][ T6817] netlink: 32 bytes leftover after parsing attributes in process `syz.0.227'. [ 164.639554][ T30] audit: type=1326 audit(6039426118.063:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.3.232" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f207e18d169 code=0x0 [ 165.371136][ T6837] openvswitch: HfR: Dropping previously announced user features [ 168.811567][ T6878] netlink: 330 bytes leftover after parsing attributes in process `syz.1.246'. [ 168.846234][ T6876] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 168.865053][ T6876] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 168.929261][ T6879] openvswitch: HfR: Dropping previously announced user features [ 169.008392][ T6878] syz.1.246 (6878) used greatest stack depth: 20408 bytes left [ 169.600538][ T6897] openvswitch: HfR: Dropping previously announced user features [ 171.010889][ T6916] openvswitch: HfR: Dropping previously announced user features [ 171.559867][ T6929] could not allocate digest TFM handle [ 171.695413][ T6938] openvswitch: HfR: Dropping previously announced user features [ 172.356225][ T6958] netlink: 186 bytes leftover after parsing attributes in process `syz.3.268'. [ 172.880337][ T6964] openvswitch: HfR: Dropping previously announced user features [ 172.970722][ T30] audit: type=1800 audit(6039426126.423:4): pid=6968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.271" name="lu_gp_id" dev="configfs" ino=12797 res=0 errno=0 [ 173.050699][ T6968] ALUA lu_gp_id: 262144 exceeds maximum: 0x0000ffff [ 173.359115][ T6971] netlink: 'syz.0.271': attribute type 1 has an invalid length. [ 174.146801][ T6986] netlink: 12 bytes leftover after parsing attributes in process `syz.2.276'. [ 174.185067][ T6986] HfR: left promiscuous mode [ 174.205261][ T6988] mmap: syz.3.277 (6988) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 175.160613][ T6996] FAULT_INJECTION: forcing a failure. [ 175.160613][ T6996] name failslab, interval 1, probability 0, space 0, times 0 [ 175.189103][ T6996] CPU: 1 UID: 0 PID: 6996 Comm: syz.2.280 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 175.189148][ T6996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 175.189166][ T6996] Call Trace: [ 175.189177][ T6996] [ 175.189188][ T6996] dump_stack_lvl+0x16c/0x1f0 [ 175.189240][ T6996] should_fail_ex+0x512/0x640 [ 175.189276][ T6996] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 175.189332][ T6996] should_failslab+0xc2/0x120 [ 175.189362][ T6996] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 175.189410][ T6996] ? lockdep_init_map_type+0x5c/0x280 [ 175.189440][ T6996] ? __d_alloc+0x31/0xaa0 [ 175.189476][ T6996] __d_alloc+0x31/0xaa0 [ 175.189512][ T6996] d_alloc_pseudo+0x1c/0xc0 [ 175.189551][ T6996] alloc_file_pseudo+0xcf/0x230 [ 175.189589][ T6996] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 175.189625][ T6996] ? alloc_fd+0x471/0x7d0 [ 175.189678][ T6996] sock_alloc_file+0x50/0x210 [ 175.189735][ T6996] __sys_socket+0x1c0/0x260 [ 175.189768][ T6996] ? __pfx___sys_socket+0x10/0x10 [ 175.189801][ T6996] ? rcu_is_watching+0x12/0xc0 [ 175.189848][ T6996] __x64_sys_socket+0x72/0xb0 [ 175.189878][ T6996] ? lockdep_hardirqs_on+0x7c/0x110 [ 175.189924][ T6996] do_syscall_64+0xcd/0x260 [ 175.189976][ T6996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.190008][ T6996] RIP: 0033:0x7f610a78d169 [ 175.190033][ T6996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.190062][ T6996] RSP: 002b:00007f610b502038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 175.190090][ T6996] RAX: ffffffffffffffda RBX: 00007f610a9a5fa0 RCX: 00007f610a78d169 [ 175.190110][ T6996] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 175.190128][ T6996] RBP: 00007f610a80e990 R08: 0000000000000000 R09: 0000000000000000 [ 175.190147][ T6996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 175.190164][ T6996] R13: 0000000000000000 R14: 00007f610a9a5fa0 R15: 00007fff6eef1b68 [ 175.190203][ T6996] [ 175.404970][ T7001] openvswitch: HfR: Dropping previously announced user features [ 175.689510][ T7003] openvswitch: HfR: Dropping previously announced user features [ 176.544570][ T7018] openvswitch: HfR: Dropping previously announced user features [ 176.839046][ T7029] openvswitch: HfR: Dropping previously announced user features [ 176.901370][ T30] audit: type=1800 audit(6039426130.343:5): pid=7037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.289" name="lu_gp_id" dev="configfs" ino=13044 res=0 errno=0 [ 176.942256][ T7037] ALUA lu_gp_id: 262144 exceeds maximum: 0x0000ffff [ 177.198202][ T7039] netlink: 'syz.1.289': attribute type 1 has an invalid length. [ 178.382991][ T7046] can0: slcan on pty233. [ 178.619954][ T7045] can0 (unregistered): slcan off pty233. [ 179.129092][ T7070] openvswitch: HfR: Dropping previously announced user features [ 179.270705][ T7075] HfR: entered promiscuous mode [ 180.238366][ T7096] openvswitch: HfR: Dropping previously announced user features [ 181.035003][ T30] audit: type=1800 audit(6039426134.473:6): pid=7113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.304" name="lu_gp_id" dev="configfs" ino=13279 res=0 errno=0 [ 181.144953][ T7113] ALUA lu_gp_id: 262144 exceeds maximum: 0x0000ffff [ 181.600879][ T7122] netlink: 'syz.2.304': attribute type 1 has an invalid length. [ 182.463104][ T7141] openvswitch: HfR: Dropping previously announced user features [ 185.202360][ T7179] openvswitch: HfR: Dropping previously announced user features [ 186.085377][ T7188] openvswitch: HfR: Dropping previously announced user features [ 187.057052][ T7199] openvswitch: HfR: Dropping previously announced user features [ 187.080131][ T7199] netlink: 12 bytes leftover after parsing attributes in process `syz.1.338'. [ 187.094394][ T7199] HfR: left promiscuous mode [ 190.026225][ T7235] MTRR 1 not used [ 190.631065][ T7246] netlink: 12 bytes leftover after parsing attributes in process `syz.2.345'. [ 190.662703][ T7246] HfR: left promiscuous mode [ 191.342749][ T7261] HfR: entered promiscuous mode [ 191.864611][ T7272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.352'. [ 191.896748][ T7272] FAULT_INJECTION: forcing a failure. [ 191.896748][ T7272] name failslab, interval 1, probability 0, space 0, times 0 [ 191.923380][ T7272] CPU: 1 UID: 0 PID: 7272 Comm: syz.3.352 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 191.923428][ T7272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 191.923448][ T7272] Call Trace: [ 191.923459][ T7272] [ 191.923475][ T7272] dump_stack_lvl+0x16c/0x1f0 [ 191.923529][ T7272] should_fail_ex+0x512/0x640 [ 191.923566][ T7272] ? __kmalloc_noprof+0xbf/0x510 [ 191.923619][ T7272] ? sk_prot_alloc+0x1a8/0x2a0 [ 191.923665][ T7272] should_failslab+0xc2/0x120 [ 191.923697][ T7272] __kmalloc_noprof+0xd2/0x510 [ 191.923755][ T7272] sk_prot_alloc+0x1a8/0x2a0 [ 191.923808][ T7272] sk_alloc+0x36/0xc20 [ 191.923849][ T7272] can_create+0x1e5/0x600 [ 191.923893][ T7272] __sock_create+0x335/0x8d0 [ 191.923932][ T7272] __sys_socket+0x14d/0x260 [ 191.923966][ T7272] ? __pfx___sys_socket+0x10/0x10 [ 191.924000][ T7272] ? rcu_is_watching+0x12/0xc0 [ 191.924048][ T7272] __x64_sys_socket+0x72/0xb0 [ 191.924078][ T7272] ? lockdep_hardirqs_on+0x7c/0x110 [ 191.924121][ T7272] do_syscall_64+0xcd/0x260 [ 191.924175][ T7272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.924206][ T7272] RIP: 0033:0x7f207e18d169 [ 191.924238][ T7272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.924267][ T7272] RSP: 002b:00007f207f05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 191.924295][ T7272] RAX: ffffffffffffffda RBX: 00007f207e3a5fa0 RCX: 00007f207e18d169 [ 191.924315][ T7272] RDX: 0000000000000007 RSI: 0000000000000002 RDI: 000000000000001d [ 191.924334][ T7272] RBP: 00007f207e20e990 R08: 0000000000000000 R09: 0000000000000000 [ 191.924353][ T7272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.924371][ T7272] R13: 0000000000000000 R14: 00007f207e3a5fa0 R15: 00007fffc57b44e8 [ 191.924407][ T7272] [ 193.421202][ T7292] openvswitch: HfR: Dropping previously announced user features [ 193.436700][ T7292] netlink: 12 bytes leftover after parsing attributes in process `syz.2.358'. [ 193.466135][ T7292] HfR: left promiscuous mode [ 194.253687][ T7306] netlink: 12 bytes leftover after parsing attributes in process `syz.0.359'. [ 194.355240][ T7303] openvswitch: HfR: Dropping previously announced user features [ 194.406658][ T7306] HfR: left promiscuous mode [ 194.651638][ T7315] openvswitch: HfR: Dropping previously announced user features [ 194.684429][ T7315] netlink: 12 bytes leftover after parsing attributes in process `syz.3.363'. [ 194.752656][ T7315] HfR: left promiscuous mode [ 197.131161][ T7352] HfR: entered promiscuous mode [ 197.177398][ T30] audit: type=1326 audit(6039426150.603:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7346 comm="syz.1.375" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f445098d169 code=0x0 [ 197.734984][ T7358] netlink: 'syz.1.375': attribute type 2 has an invalid length. [ 197.825163][ T7358] netlink: 12 bytes leftover after parsing attributes in process `syz.1.375'. [ 198.597460][ T7364] HfR: entered promiscuous mode [ 198.666711][ T7364] netlink: 12 bytes leftover after parsing attributes in process `syz.1.376'. [ 198.730771][ T7364] HfR: left promiscuous mode [ 199.326068][ T7383] openvswitch: HfR: Dropping previously announced user features [ 199.430421][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.437157][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.462879][ T7383] netlink: 12 bytes leftover after parsing attributes in process `syz.3.381'. [ 199.515249][ T7388] netlink: 12 bytes leftover after parsing attributes in process `syz.0.382'. [ 199.549242][ T7383] HfR: left promiscuous mode [ 199.764310][ T7397] HfR: entered promiscuous mode [ 199.839463][ T7397] netlink: 12 bytes leftover after parsing attributes in process `syz.1.383'. [ 199.857477][ T7397] HfR: left promiscuous mode [ 200.255000][ T30] audit: type=1326 audit(6039426153.683:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7408 comm="syz.0.387" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 200.438211][ T7420] FAULT_INJECTION: forcing a failure. [ 200.438211][ T7420] name failslab, interval 1, probability 0, space 0, times 0 [ 200.473397][ T7420] CPU: 0 UID: 0 PID: 7420 Comm: syz.1.392 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 200.473445][ T7420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 200.473474][ T7420] Call Trace: [ 200.473485][ T7420] [ 200.473498][ T7420] dump_stack_lvl+0x16c/0x1f0 [ 200.473552][ T7420] should_fail_ex+0x512/0x640 [ 200.473588][ T7420] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 200.473638][ T7420] should_failslab+0xc2/0x120 [ 200.473669][ T7420] __kmalloc_cache_noprof+0x6a/0x3e0 [ 200.473715][ T7420] ? snd_seq_port_connect+0x61/0x550 [ 200.473772][ T7420] snd_seq_port_connect+0x61/0x550 [ 200.473819][ T7420] ? _raw_read_unlock+0x28/0x50 [ 200.473861][ T7420] ? check_subscription_permission.isra.0+0xf5/0x240 [ 200.473920][ T7420] snd_seq_ioctl_subscribe_port+0x211/0x450 [ 200.473978][ T7420] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 200.474052][ T7420] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 200.474107][ T7420] snd_seq_oss_midi_open+0x442/0x660 [ 200.474148][ T7420] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 200.474198][ T7420] ? lockdep_hardirqs_on+0x7c/0x110 [ 200.474245][ T7420] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 200.474295][ T7420] snd_seq_oss_synth_setup_midi+0x131/0x580 [ 200.474344][ T7420] snd_seq_oss_open+0x893/0xa20 [ 200.474403][ T7420] odev_open+0x6f/0x90 [ 200.474446][ T7420] ? __pfx_odev_open+0x10/0x10 [ 200.474498][ T7420] soundcore_open+0x409/0x580 [ 200.474546][ T7420] ? __pfx_soundcore_open+0x10/0x10 [ 200.474590][ T7420] chrdev_open+0x231/0x6a0 [ 200.474638][ T7420] ? __pfx_apparmor_file_open+0x10/0x10 [ 200.474677][ T7420] ? __pfx_chrdev_open+0x10/0x10 [ 200.474729][ T7420] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 200.474784][ T7420] do_dentry_open+0x741/0x1c10 [ 200.474835][ T7420] ? __pfx_chrdev_open+0x10/0x10 [ 200.474893][ T7420] vfs_open+0x82/0x3f0 [ 200.474932][ T7420] path_openat+0x1e5e/0x2d40 [ 200.474998][ T7420] ? __pfx_path_openat+0x10/0x10 [ 200.475058][ T7420] do_filp_open+0x20b/0x470 [ 200.475108][ T7420] ? __pfx_do_filp_open+0x10/0x10 [ 200.475189][ T7420] ? alloc_fd+0x471/0x7d0 [ 200.475246][ T7420] do_sys_openat2+0x11b/0x1d0 [ 200.475279][ T7420] ? __pfx_do_sys_openat2+0x10/0x10 [ 200.475317][ T7420] ? __pfx___might_resched+0x10/0x10 [ 200.475376][ T7420] __x64_sys_openat+0x174/0x210 [ 200.475411][ T7420] ? __pfx___x64_sys_openat+0x10/0x10 [ 200.475449][ T7420] ? rcu_is_watching+0x12/0xc0 [ 200.475506][ T7420] do_syscall_64+0xcd/0x260 [ 200.475557][ T7420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.475588][ T7420] RIP: 0033:0x7f445098d169 [ 200.475612][ T7420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.475643][ T7420] RSP: 002b:00007f445178c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 200.475674][ T7420] RAX: ffffffffffffffda RBX: 00007f4450ba5fa0 RCX: 00007f445098d169 [ 200.475705][ T7420] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 200.475726][ T7420] RBP: 00007f4450a0e990 R08: 0000000000000000 R09: 0000000000000000 [ 200.475747][ T7420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.475767][ T7420] R13: 0000000000000000 R14: 00007f4450ba5fa0 R15: 00007ffc87a14938 [ 200.475809][ T7420] [ 200.972764][ T7423] netlink: 'syz.3.391': attribute type 1 has an invalid length. [ 201.482858][ T7435] netlink: 12 bytes leftover after parsing attributes in process `syz.1.394'. [ 201.522092][ T7434] HfR: entered promiscuous mode [ 201.594005][ T7435] HfR: left promiscuous mode [ 201.936218][ T7440] HfR: entered promiscuous mode [ 202.006925][ T7440] netlink: 12 bytes leftover after parsing attributes in process `syz.2.395'. [ 202.084347][ T7440] HfR: left promiscuous mode [ 202.480102][ T7453] netlink: 12 bytes leftover after parsing attributes in process `syz.1.398'. [ 202.610043][ T30] audit: type=1326 audit(6039426156.043:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.406" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 203.036307][ T7458] netlink: 'syz.0.406': attribute type 2 has an invalid length. [ 203.045439][ T7458] netlink: 12 bytes leftover after parsing attributes in process `syz.0.406'. [ 203.594984][ T30] audit: type=1326 audit(6039426157.033:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7468 comm="syz.2.402" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f610a78d169 code=0x0 [ 204.118856][ T7481] netlink: 12 bytes leftover after parsing attributes in process `syz.0.403'. [ 204.138349][ T7479] HfR: entered promiscuous mode [ 204.146943][ T7481] HfR: left promiscuous mode [ 204.636865][ T7491] HfR: entered promiscuous mode [ 204.739561][ T7491] netlink: 12 bytes leftover after parsing attributes in process `syz.3.407'. [ 204.761350][ T7491] HfR: left promiscuous mode [ 205.182082][ T7507] FAULT_INJECTION: forcing a failure. [ 205.182082][ T7507] name failslab, interval 1, probability 0, space 0, times 0 [ 205.241531][ T7507] CPU: 1 UID: 0 PID: 7507 Comm: syz.3.414 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 205.241579][ T7507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 205.241598][ T7507] Call Trace: [ 205.241610][ T7507] [ 205.241622][ T7507] dump_stack_lvl+0x16c/0x1f0 [ 205.241676][ T7507] should_fail_ex+0x512/0x640 [ 205.241712][ T7507] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 205.241759][ T7507] should_failslab+0xc2/0x120 [ 205.241796][ T7507] __kmalloc_cache_noprof+0x6a/0x3e0 [ 205.241842][ T7507] ? __asan_memcpy+0x3c/0x60 [ 205.241881][ T7507] ? sctp_auth_init_hmacs+0xf2/0x440 [ 205.241941][ T7507] sctp_auth_init_hmacs+0xf2/0x440 [ 205.241995][ T7507] ? sctp_bind_addr_dup+0xe8/0x130 [ 205.242043][ T7507] sctp_sock_migrate+0x51a/0x12c0 [ 205.242101][ T7507] ? sctp_v6_create_accept_sk+0x4fd/0x730 [ 205.242143][ T7507] sctp_accept+0x692/0x7f0 [ 205.242202][ T7507] ? __pfx_sctp_accept+0x10/0x10 [ 205.242253][ T7507] ? aa_sk_perm+0x2f4/0xb10 [ 205.242290][ T7507] ? __pfx_autoremove_wake_function+0x10/0x10 [ 205.242342][ T7507] ? __pfx_aa_sk_perm+0x10/0x10 [ 205.242389][ T7507] inet_accept+0xc4/0x180 [ 205.242427][ T7507] do_accept+0x33b/0x530 [ 205.242467][ T7507] ? __pfx_do_accept+0x10/0x10 [ 205.242531][ T7507] __sys_accept4+0x100/0x1b0 [ 205.242566][ T7507] ? __pfx___sys_accept4+0x10/0x10 [ 205.242603][ T7507] ? rcu_is_watching+0x12/0xc0 [ 205.242651][ T7507] __x64_sys_accept+0x74/0xb0 [ 205.242684][ T7507] ? lockdep_hardirqs_on+0x7c/0x110 [ 205.242726][ T7507] do_syscall_64+0xcd/0x260 [ 205.242777][ T7507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.242816][ T7507] RIP: 0033:0x7f207e18d169 [ 205.242841][ T7507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.242873][ T7507] RSP: 002b:00007f207f05e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 205.242905][ T7507] RAX: ffffffffffffffda RBX: 00007f207e3a5fa0 RCX: 00007f207e18d169 [ 205.242926][ T7507] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 205.242945][ T7507] RBP: 00007f207e20e990 R08: 0000000000000000 R09: 0000000000000000 [ 205.242964][ T7507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.242983][ T7507] R13: 0000000000000000 R14: 00007f207e3a5fa0 R15: 00007fffc57b44e8 [ 205.243024][ T7507] [ 205.477793][ C1] vkms_vblank_simulate: vblank timer overrun [ 205.623032][ T30] audit: type=1326 audit(6039426159.063:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7516 comm="syz.3.417" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f207e18d169 code=0x0 [ 206.191026][ T7528] netlink: 'syz.2.418': attribute type 1 has an invalid length. [ 207.152060][ T7541] HfR: entered promiscuous mode [ 207.173562][ T7542] netlink: 12 bytes leftover after parsing attributes in process `syz.3.423'. [ 207.231160][ T7542] HfR: left promiscuous mode [ 207.573146][ T7548] HfR: entered promiscuous mode [ 207.597097][ T7549] netlink: 12 bytes leftover after parsing attributes in process `syz.0.425'. [ 207.619060][ T7549] HfR: left promiscuous mode [ 208.500095][ T7564] netlink: 'syz.0.428': attribute type 1 has an invalid length. [ 208.509943][ T7564] FAULT_INJECTION: forcing a failure. [ 208.509943][ T7564] name failslab, interval 1, probability 0, space 0, times 0 [ 208.525643][ T7564] CPU: 1 UID: 0 PID: 7564 Comm: syz.0.428 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 208.525697][ T7564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 208.525717][ T7564] Call Trace: [ 208.525727][ T7564] [ 208.525739][ T7564] dump_stack_lvl+0x16c/0x1f0 [ 208.525791][ T7564] should_fail_ex+0x512/0x640 [ 208.525846][ T7564] should_failslab+0xc2/0x120 [ 208.525881][ T7564] __kmalloc_cache_noprof+0x6a/0x3e0 [ 208.525930][ T7564] ? sctp_add_bind_addr+0xae/0x3f0 [ 208.525979][ T7564] sctp_add_bind_addr+0xae/0x3f0 [ 208.526036][ T7564] sctp_copy_local_addr_list+0x39d/0x5a0 [ 208.526110][ T7564] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 208.526173][ T7564] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 208.526241][ T7564] ? sctp_bind_addr_copy+0xe0/0x530 [ 208.526296][ T7564] sctp_bind_addr_copy+0xe0/0x530 [ 208.526354][ T7564] sctp_connect_new_asoc+0x1d7/0x790 [ 208.526395][ T7564] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 208.526449][ T7564] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 208.526532][ T7564] __sctp_connect+0x3f3/0xc60 [ 208.526580][ T7564] ? do_raw_spin_lock+0x12c/0x2b0 [ 208.526626][ T7564] ? __pfx___sctp_connect+0x10/0x10 [ 208.526670][ T7564] ? __pfx_sctp_inet_connect+0x10/0x10 [ 208.526707][ T7564] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 208.526764][ T7564] ? __pfx_sctp_inet_connect+0x10/0x10 [ 208.526797][ T7564] sctp_inet_connect+0x15f/0x200 [ 208.526847][ T7564] __sys_connect_file+0x13e/0x1a0 [ 208.526892][ T7564] __sys_connect+0x14d/0x170 [ 208.526931][ T7564] ? __pfx___sys_connect+0x10/0x10 [ 208.526992][ T7564] ? __pfx_ksys_write+0x10/0x10 [ 208.527034][ T7564] ? rcu_is_watching+0x12/0xc0 [ 208.527093][ T7564] __x64_sys_connect+0x72/0xb0 [ 208.527127][ T7564] ? lockdep_hardirqs_on+0x7c/0x110 [ 208.527176][ T7564] do_syscall_64+0xcd/0x260 [ 208.527238][ T7564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.527270][ T7564] RIP: 0033:0x7f14f2f8d169 [ 208.527294][ T7564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.527334][ T7564] RSP: 002b:00007f14f0df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 208.527363][ T7564] RAX: ffffffffffffffda RBX: 00007f14f31a6080 RCX: 00007f14f2f8d169 [ 208.527389][ T7564] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 208.527413][ T7564] RBP: 00007f14f0df6090 R08: 0000000000000000 R09: 0000000000000000 [ 208.527431][ T7564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 208.527449][ T7564] R13: 0000000000000000 R14: 00007f14f31a6080 R15: 00007fff789d4278 [ 208.527511][ T7564] [ 208.533001][ T30] audit: type=1326 audit(6039426161.973:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.3.429" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f207e18d169 code=0x0 [ 210.472106][ T7585] netlink: 'syz.0.434': attribute type 1 has an invalid length. [ 211.286811][ T7596] netlink: 'syz.2.437': attribute type 1 has an invalid length. [ 211.759841][ T7605] netlink: 12 bytes leftover after parsing attributes in process `syz.3.440'. [ 211.781405][ T7604] HfR: entered promiscuous mode [ 211.883762][ T7605] HfR: left promiscuous mode [ 212.502516][ T7612] HfR: entered promiscuous mode [ 212.536238][ T7612] netlink: 12 bytes leftover after parsing attributes in process `syz.3.441'. [ 212.598173][ T7612] HfR: left promiscuous mode [ 213.002091][ T7620] netlink: 'syz.0.443': attribute type 1 has an invalid length. [ 213.842182][ T7631] HfR: entered promiscuous mode [ 213.896652][ T7631] netlink: 12 bytes leftover after parsing attributes in process `syz.1.447'. [ 213.935186][ T7631] HfR: left promiscuous mode [ 213.956002][ T30] audit: type=1326 audit(6039426167.393:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.446" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f207e18d169 code=0x0 [ 214.757955][ T7651] HfR: entered promiscuous mode [ 214.837060][ T7651] netlink: 12 bytes leftover after parsing attributes in process `syz.2.450'. [ 214.981581][ T7651] HfR: left promiscuous mode [ 215.104163][ T7654] netlink: 'syz.1.451': attribute type 1 has an invalid length. [ 215.739785][ T7667] process 'syz.3.453' launched ':,' with NULL argv: empty string added [ 217.308811][ T7678] netlink: 'syz.1.455': attribute type 1 has an invalid length. [ 217.943924][ T7682] netlink: 12 bytes leftover after parsing attributes in process `syz.2.459'. [ 218.064525][ T7691] HfR: entered promiscuous mode [ 218.103379][ T7691] netlink: 12 bytes leftover after parsing attributes in process `syz.0.461'. [ 218.269976][ T7691] HfR: left promiscuous mode [ 218.744561][ T7702] HfR: entered promiscuous mode [ 218.755174][ T7702] netlink: 12 bytes leftover after parsing attributes in process `syz.0.463'. [ 218.780044][ T7702] HfR: left promiscuous mode [ 219.939516][ T30] audit: type=1326 audit(6039426173.383:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7721 comm="syz.0.470" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 220.537829][ T7741] HfR: entered promiscuous mode [ 220.551259][ T7741] netlink: 12 bytes leftover after parsing attributes in process `syz.1.474'. [ 220.583341][ T7741] HfR: left promiscuous mode [ 221.148079][ T7750] HfR: entered promiscuous mode [ 221.209441][ T7750] netlink: 12 bytes leftover after parsing attributes in process `syz.1.484'. [ 221.233554][ T7750] HfR: left promiscuous mode [ 222.478963][ T7774] netlink: 'syz.0.481': attribute type 1 has an invalid length. [ 223.314345][ T7786] netlink: 'syz.3.488': attribute type 1 has an invalid length. [ 223.439334][ T7789] HfR: entered promiscuous mode [ 223.542245][ T7789] netlink: 12 bytes leftover after parsing attributes in process `syz.1.489'. [ 223.688979][ T7789] HfR: left promiscuous mode [ 224.577115][ T7797] netlink: 'syz.1.490': attribute type 1 has an invalid length. [ 225.603431][ T7813] netlink: 'syz.2.495': attribute type 1 has an invalid length. [ 225.651222][ T7813] FAULT_INJECTION: forcing a failure. [ 225.651222][ T7813] name failslab, interval 1, probability 0, space 0, times 0 [ 225.708349][ T7813] CPU: 1 UID: 0 PID: 7813 Comm: syz.2.495 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 225.708394][ T7813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 225.708413][ T7813] Call Trace: [ 225.708423][ T7813] [ 225.708435][ T7813] dump_stack_lvl+0x16c/0x1f0 [ 225.708488][ T7813] should_fail_ex+0x512/0x640 [ 225.708531][ T7813] should_failslab+0xc2/0x120 [ 225.708561][ T7813] __kmalloc_cache_noprof+0x6a/0x3e0 [ 225.708606][ T7813] ? sctp_add_bind_addr+0xae/0x3f0 [ 225.708656][ T7813] sctp_add_bind_addr+0xae/0x3f0 [ 225.708705][ T7813] sctp_copy_local_addr_list+0x39d/0x5a0 [ 225.708763][ T7813] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 225.708821][ T7813] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 225.708882][ T7813] ? sctp_bind_addr_copy+0xe0/0x530 [ 225.708926][ T7813] sctp_bind_addr_copy+0xe0/0x530 [ 225.708980][ T7813] sctp_connect_new_asoc+0x1d7/0x790 [ 225.709022][ T7813] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 225.709069][ T7813] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 225.709137][ T7813] __sctp_connect+0x3f3/0xc60 [ 225.709177][ T7813] ? do_raw_spin_lock+0x12c/0x2b0 [ 225.709215][ T7813] ? __pfx___sctp_connect+0x10/0x10 [ 225.709262][ T7813] ? __pfx_sctp_inet_connect+0x10/0x10 [ 225.709300][ T7813] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 225.709339][ T7813] ? __pfx_sctp_inet_connect+0x10/0x10 [ 225.709372][ T7813] sctp_inet_connect+0x15f/0x200 [ 225.709411][ T7813] __sys_connect_file+0x13e/0x1a0 [ 225.709454][ T7813] __sys_connect+0x14d/0x170 [ 225.709489][ T7813] ? __pfx___sys_connect+0x10/0x10 [ 225.709541][ T7813] ? __pfx_ksys_write+0x10/0x10 [ 225.709583][ T7813] ? rcu_is_watching+0x12/0xc0 [ 225.709631][ T7813] __x64_sys_connect+0x72/0xb0 [ 225.709665][ T7813] ? lockdep_hardirqs_on+0x7c/0x110 [ 225.709710][ T7813] do_syscall_64+0xcd/0x260 [ 225.709760][ T7813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.709792][ T7813] RIP: 0033:0x7f610a78d169 [ 225.709816][ T7813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.709847][ T7813] RSP: 002b:00007f61085f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 225.709877][ T7813] RAX: ffffffffffffffda RBX: 00007f610a9a6080 RCX: 00007f610a78d169 [ 225.709899][ T7813] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 225.709919][ T7813] RBP: 00007f61085f6090 R08: 0000000000000000 R09: 0000000000000000 [ 225.709939][ T7813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 225.709958][ T7813] R13: 0000000000000000 R14: 00007f610a9a6080 R15: 00007fff6eef1b68 [ 225.710000][ T7813] [ 226.979465][ T7830] HfR: entered promiscuous mode [ 226.991082][ T7833] netlink: 12 bytes leftover after parsing attributes in process `syz.3.500'. [ 227.036576][ T7833] HfR: left promiscuous mode [ 227.130606][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 227.137195][ T5849] Bluetooth: hci0: command 0x0406 tx timeout [ 227.143273][ T5849] Bluetooth: hci2: command 0x0406 tx timeout [ 227.150013][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 228.159401][ T7847] netlink: 'syz.1.503': attribute type 1 has an invalid length. [ 228.585502][ T7862] netlink: 12 bytes leftover after parsing attributes in process `syz.0.506'. [ 228.811381][ T7859] HfR: entered promiscuous mode [ 228.829441][ T7862] HfR: left promiscuous mode [ 228.985238][ T7853] netlink: 'syz.2.505': attribute type 1 has an invalid length. [ 229.741795][ T7868] netlink: 'syz.3.508': attribute type 1 has an invalid length. [ 230.978804][ T7880] netlink: 'syz.0.520': attribute type 1 has an invalid length. [ 231.319691][ T30] audit: type=1326 audit(6039426184.763:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.1.513" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f445098d169 code=0x0 [ 231.467364][ T7884] HfR: entered promiscuous mode [ 231.525043][ T7884] netlink: 12 bytes leftover after parsing attributes in process `syz.2.514'. [ 231.601644][ T7884] HfR: left promiscuous mode [ 231.999165][ T7896] HfR: entered promiscuous mode [ 232.085611][ T7896] netlink: 12 bytes leftover after parsing attributes in process `syz.2.515'. [ 232.196631][ T7896] HfR: left promiscuous mode [ 232.463679][ T7905] HfR: entered promiscuous mode [ 232.483148][ T7905] netlink: 12 bytes leftover after parsing attributes in process `syz.3.518'. [ 232.494561][ T7905] HfR: left promiscuous mode [ 233.248948][ T7915] HfR: entered promiscuous mode [ 233.326807][ T7915] netlink: 12 bytes leftover after parsing attributes in process `syz.2.519'. [ 233.366295][ T7915] HfR: left promiscuous mode [ 233.452937][ T7921] netlink: 'syz.0.521': attribute type 1 has an invalid length. [ 233.595158][ T7922] netlink: 'syz.1.522': attribute type 1 has an invalid length. [ 233.916388][ T7923] netlink: 'syz.3.523': attribute type 1 has an invalid length. [ 234.810418][ T7932] netlink: 'syz.2.524': attribute type 1 has an invalid length. [ 235.416206][ T7936] FAULT_INJECTION: forcing a failure. [ 235.416206][ T7936] name failslab, interval 1, probability 0, space 0, times 0 [ 235.483425][ T7936] CPU: 0 UID: 0 PID: 7936 Comm: syz.3.525 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 235.483474][ T7936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 235.483495][ T7936] Call Trace: [ 235.483507][ T7936] [ 235.483519][ T7936] dump_stack_lvl+0x16c/0x1f0 [ 235.483574][ T7936] should_fail_ex+0x512/0x640 [ 235.483612][ T7936] ? __kmalloc_node_noprof+0xc5/0x500 [ 235.483670][ T7936] should_failslab+0xc2/0x120 [ 235.483701][ T7936] __kmalloc_node_noprof+0xd8/0x500 [ 235.483755][ T7936] ? crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 235.483796][ T7936] ? __pfx_crypto_alg_extsize+0x10/0x10 [ 235.483843][ T7936] crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 235.483882][ T7936] crypto_create_tfm_node+0x83/0x320 [ 235.483925][ T7936] crypto_alloc_tfm_node+0x102/0x260 [ 235.483962][ T7936] ? kasan_save_track+0x14/0x30 [ 235.484013][ T7936] sctp_auth_init_hmacs+0x1e1/0x440 [ 235.484067][ T7936] ? sctp_bind_addr_dup+0xe8/0x130 [ 235.484115][ T7936] sctp_sock_migrate+0x51a/0x12c0 [ 235.484173][ T7936] ? sctp_v6_create_accept_sk+0x4fd/0x730 [ 235.484216][ T7936] sctp_accept+0x692/0x7f0 [ 235.484283][ T7936] ? __pfx_sctp_accept+0x10/0x10 [ 235.484334][ T7936] ? aa_sk_perm+0x2f4/0xb10 [ 235.484371][ T7936] ? __pfx_autoremove_wake_function+0x10/0x10 [ 235.484429][ T7936] ? __pfx_aa_sk_perm+0x10/0x10 [ 235.484475][ T7936] inet_accept+0xc4/0x180 [ 235.484513][ T7936] do_accept+0x33b/0x530 [ 235.484553][ T7936] ? __pfx_do_accept+0x10/0x10 [ 235.484616][ T7936] __sys_accept4+0x100/0x1b0 [ 235.484652][ T7936] ? __pfx___sys_accept4+0x10/0x10 [ 235.484691][ T7936] ? rcu_is_watching+0x12/0xc0 [ 235.484739][ T7936] __x64_sys_accept+0x74/0xb0 [ 235.484773][ T7936] ? lockdep_hardirqs_on+0x7c/0x110 [ 235.484822][ T7936] do_syscall_64+0xcd/0x260 [ 235.484871][ T7936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.484903][ T7936] RIP: 0033:0x7f207e18d169 [ 235.484927][ T7936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.484958][ T7936] RSP: 002b:00007f207f05e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 235.484987][ T7936] RAX: ffffffffffffffda RBX: 00007f207e3a5fa0 RCX: 00007f207e18d169 [ 235.485008][ T7936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 235.485026][ T7936] RBP: 00007f207e20e990 R08: 0000000000000000 R09: 0000000000000000 [ 235.485045][ T7936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.485064][ T7936] R13: 0000000000000000 R14: 00007f207e3a5fa0 R15: 00007fffc57b44e8 [ 235.485104][ T7936] [ 236.336117][ T7939] netlink: 'syz.3.526': attribute type 1 has an invalid length. [ 237.100575][ T30] audit: type=1326 audit(6039426190.543:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.2.529" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f610a78d169 code=0x0 [ 237.266947][ T7956] FAULT_INJECTION: forcing a failure. [ 237.266947][ T7956] name failslab, interval 1, probability 0, space 0, times 0 [ 237.286689][ T7956] CPU: 1 UID: 0 PID: 7956 Comm: syz.1.532 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 237.286734][ T7956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 237.286754][ T7956] Call Trace: [ 237.286764][ T7956] [ 237.286777][ T7956] dump_stack_lvl+0x16c/0x1f0 [ 237.286828][ T7956] should_fail_ex+0x512/0x640 [ 237.286864][ T7956] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 237.286914][ T7956] should_failslab+0xc2/0x120 [ 237.286945][ T7956] __kmalloc_cache_noprof+0x6a/0x3e0 [ 237.286999][ T7956] ? snd_seq_port_connect+0x61/0x550 [ 237.287054][ T7956] snd_seq_port_connect+0x61/0x550 [ 237.287100][ T7956] ? _raw_read_unlock+0x28/0x50 [ 237.287140][ T7956] ? check_subscription_permission.isra.0+0xf5/0x240 [ 237.287197][ T7956] snd_seq_ioctl_subscribe_port+0x211/0x450 [ 237.287254][ T7956] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 237.287324][ T7956] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 237.287379][ T7956] snd_seq_oss_midi_open+0x442/0x660 [ 237.287419][ T7956] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 237.287482][ T7956] snd_seq_oss_synth_setup_midi+0x131/0x580 [ 237.287529][ T7956] snd_seq_oss_open+0x893/0xa20 [ 237.287588][ T7956] odev_open+0x6f/0x90 [ 237.287632][ T7956] ? __pfx_odev_open+0x10/0x10 [ 237.287677][ T7956] soundcore_open+0x409/0x580 [ 237.287723][ T7956] ? __pfx_soundcore_open+0x10/0x10 [ 237.287768][ T7956] chrdev_open+0x231/0x6a0 [ 237.287816][ T7956] ? __pfx_apparmor_file_open+0x10/0x10 [ 237.287856][ T7956] ? __pfx_chrdev_open+0x10/0x10 [ 237.287910][ T7956] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 237.287973][ T7956] do_dentry_open+0x741/0x1c10 [ 237.288020][ T7956] ? __pfx_chrdev_open+0x10/0x10 [ 237.288079][ T7956] vfs_open+0x82/0x3f0 [ 237.288117][ T7956] path_openat+0x1e5e/0x2d40 [ 237.288180][ T7956] ? __pfx_path_openat+0x10/0x10 [ 237.288240][ T7956] do_filp_open+0x20b/0x470 [ 237.288290][ T7956] ? __pfx_do_filp_open+0x10/0x10 [ 237.288369][ T7956] ? alloc_fd+0x471/0x7d0 [ 237.288429][ T7956] do_sys_openat2+0x11b/0x1d0 [ 237.288464][ T7956] ? __pfx_do_sys_openat2+0x10/0x10 [ 237.288502][ T7956] ? __pfx___might_resched+0x10/0x10 [ 237.288559][ T7956] __x64_sys_openat+0x174/0x210 [ 237.288596][ T7956] ? __pfx___x64_sys_openat+0x10/0x10 [ 237.288635][ T7956] ? rcu_is_watching+0x12/0xc0 [ 237.288689][ T7956] do_syscall_64+0xcd/0x260 [ 237.288740][ T7956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.288773][ T7956] RIP: 0033:0x7f445098d169 [ 237.288799][ T7956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.288831][ T7956] RSP: 002b:00007f445178c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 237.288861][ T7956] RAX: ffffffffffffffda RBX: 00007f4450ba5fa0 RCX: 00007f445098d169 [ 237.288881][ T7956] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 237.288900][ T7956] RBP: 00007f4450a0e990 R08: 0000000000000000 R09: 0000000000000000 [ 237.288918][ T7956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.288936][ T7956] R13: 0000000000000000 R14: 00007f4450ba5fa0 R15: 00007ffc87a14938 [ 237.288985][ T7956] [ 237.299895][ T7959] HfR: entered promiscuous mode [ 237.657423][ T7961] netlink: 12 bytes leftover after parsing attributes in process `syz.0.531'. [ 237.783624][ T7959] netlink: 12 bytes leftover after parsing attributes in process `syz.3.533'. [ 237.948505][ T7959] HfR: left promiscuous mode [ 238.965748][ T7979] netlink: 15 bytes leftover after parsing attributes in process `syz.1.536'. [ 239.255066][ T7989] FAULT_INJECTION: forcing a failure. [ 239.255066][ T7989] name failslab, interval 1, probability 0, space 0, times 0 [ 239.273662][ T7989] CPU: 1 UID: 0 PID: 7989 Comm: syz.2.538 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 239.273709][ T7989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 239.273729][ T7989] Call Trace: [ 239.273739][ T7989] [ 239.273751][ T7989] dump_stack_lvl+0x16c/0x1f0 [ 239.273800][ T7989] should_fail_ex+0x512/0x640 [ 239.273837][ T7989] ? fs_reclaim_acquire+0xae/0x150 [ 239.273875][ T7989] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 239.273915][ T7989] should_failslab+0xc2/0x120 [ 239.273940][ T7989] __kmalloc_noprof+0xd2/0x510 [ 239.273991][ T7989] tomoyo_realpath_from_path+0xc2/0x6e0 [ 239.274040][ T7989] ? tomoyo_profile+0x47/0x60 [ 239.274087][ T7989] tomoyo_path_number_perm+0x245/0x580 [ 239.274118][ T7989] ? tomoyo_path_number_perm+0x237/0x580 [ 239.274155][ T7989] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 239.274225][ T7989] ? find_held_lock+0x2b/0x80 [ 239.274259][ T7989] ? hook_file_ioctl_common+0x145/0x410 [ 239.274297][ T7989] ? __fget_files+0x20e/0x3c0 [ 239.274343][ T7989] security_file_ioctl+0x9b/0x240 [ 239.274379][ T7989] __x64_sys_ioctl+0xb7/0x200 [ 239.274415][ T7989] do_syscall_64+0xcd/0x260 [ 239.274459][ T7989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.274488][ T7989] RIP: 0033:0x7f610a78d169 [ 239.274510][ T7989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.274538][ T7989] RSP: 002b:00007f610b502038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 239.274565][ T7989] RAX: ffffffffffffffda RBX: 00007f610a9a5fa0 RCX: 00007f610a78d169 [ 239.274584][ T7989] RDX: 0000000000000000 RSI: 00000000c0603d0f RDI: 0000000000000004 [ 239.274601][ T7989] RBP: 00007f610a80e990 R08: 0000000000000000 R09: 0000000000000000 [ 239.274617][ T7989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.274633][ T7989] R13: 0000000000000000 R14: 00007f610a9a5fa0 R15: 00007fff6eef1b68 [ 239.274669][ T7989] [ 239.274781][ T7989] ERROR: Out of memory at tomoyo_realpath_from_path. [ 239.481915][ T7982] ubi: mtd0 is already attached to ubi4 [ 239.547678][ T7988] netlink: 'syz.0.535': attribute type 1 has an invalid length. [ 240.908841][ T8008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.544'. [ 241.060725][ T8006] netlink: 'syz.1.542': attribute type 1 has an invalid length. [ 241.133363][ T8007] HfR: entered promiscuous mode [ 241.197660][ T8008] HfR: left promiscuous mode [ 241.384159][ T8003] netlink: 'syz.2.540': attribute type 1 has an invalid length. [ 242.248886][ T8021] netlink: 12 bytes leftover after parsing attributes in process `syz.3.545'. [ 243.170584][ T8038] netlink: 15 bytes leftover after parsing attributes in process `syz.0.547'. [ 244.896219][ T8060] netlink: 'syz.1.563': attribute type 1 has an invalid length. [ 245.266258][ T8063] netlink: 'syz.2.554': attribute type 1 has an invalid length. [ 245.698890][ T8067] netlink: 'syz.0.565': attribute type 1 has an invalid length. [ 245.829162][ T8066] netlink: 'syz.3.556': attribute type 1 has an invalid length. [ 246.552568][ T8075] FAULT_INJECTION: forcing a failure. [ 246.552568][ T8075] name fail_futex, interval 1, probability 0, space 0, times 1 [ 246.664732][ T8075] CPU: 1 UID: 0 PID: 8075 Comm: syz.2.557 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 246.664803][ T8075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.664822][ T8075] Call Trace: [ 246.664831][ T8075] [ 246.664843][ T8075] dump_stack_lvl+0x16c/0x1f0 [ 246.664895][ T8075] should_fail_ex+0x512/0x640 [ 246.664938][ T8075] get_futex_key+0x49e/0x1000 [ 246.664996][ T8075] ? __local_bh_enable_ip+0xa4/0x120 [ 246.665045][ T8075] ? __pfx_get_futex_key+0x10/0x10 [ 246.665092][ T8075] ? do_raw_spin_lock+0x12c/0x2b0 [ 246.665147][ T8075] futex_wake+0xe7/0x4e0 [ 246.665177][ T8075] ? rcu_is_watching+0x12/0xc0 [ 246.665221][ T8075] ? __pfx_futex_wake+0x10/0x10 [ 246.665259][ T8075] ? do_accept+0x3e1/0x530 [ 246.665304][ T8075] do_futex+0x1e3/0x350 [ 246.665351][ T8075] ? __pfx_do_futex+0x10/0x10 [ 246.665398][ T8075] ? fd_install+0x225/0x750 [ 246.665452][ T8075] __x64_sys_futex+0x1e0/0x4c0 [ 246.665501][ T8075] ? __sys_accept4+0x154/0x1b0 [ 246.665537][ T8075] ? __pfx___x64_sys_futex+0x10/0x10 [ 246.665587][ T8075] ? rcu_is_watching+0x12/0xc0 [ 246.665638][ T8075] do_syscall_64+0xcd/0x260 [ 246.665690][ T8075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.665724][ T8075] RIP: 0033:0x7f610a78d169 [ 246.665750][ T8075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.665782][ T8075] RSP: 002b:00007f610b5020e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 246.665813][ T8075] RAX: ffffffffffffffda RBX: 00007f610a9a5fa8 RCX: 00007f610a78d169 [ 246.665836][ T8075] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f610a9a5fac [ 246.665857][ T8075] RBP: 00007f610a9a5fa0 R08: 00007f610b503000 R09: 0000000000000000 [ 246.665878][ T8075] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f610a9a5fac [ 246.665898][ T8075] R13: 0000000000000000 R14: 00007fff6eef1a80 R15: 00007fff6eef1b68 [ 246.665940][ T8075] [ 246.937914][ T30] audit: type=1326 audit(6039426200.383:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8077 comm="syz.1.558" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f445098d169 code=0x0 [ 248.360956][ T8095] FAULT_INJECTION: forcing a failure. [ 248.360956][ T8095] name failslab, interval 1, probability 0, space 0, times 0 [ 248.428425][ T8095] CPU: 0 UID: 0 PID: 8095 Comm: syz.2.564 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 248.428474][ T8095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 248.428495][ T8095] Call Trace: [ 248.428506][ T8095] [ 248.428519][ T8095] dump_stack_lvl+0x16c/0x1f0 [ 248.428575][ T8095] should_fail_ex+0x512/0x640 [ 248.428612][ T8095] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 248.428661][ T8095] should_failslab+0xc2/0x120 [ 248.428692][ T8095] __kmalloc_cache_noprof+0x6a/0x3e0 [ 248.428737][ T8095] ? sctp_auth_shkey_create+0x9e/0x210 [ 248.428796][ T8095] sctp_auth_shkey_create+0x9e/0x210 [ 248.428852][ T8095] sctp_endpoint_new+0x562/0xcd0 [ 248.428912][ T8095] sctp_init_sock+0xe2d/0x1330 [ 248.428964][ T8095] sctp_v6_init_sock+0x16/0x70 [ 248.429013][ T8095] sctp_v6_create_accept_sk+0x4e0/0x730 [ 248.429064][ T8095] ? __pfx_sctp_v6_create_accept_sk+0x10/0x10 [ 248.429099][ T8095] sctp_accept+0x66f/0x7f0 [ 248.429159][ T8095] ? __pfx_sctp_accept+0x10/0x10 [ 248.429209][ T8095] ? aa_sk_perm+0x2f4/0xb10 [ 248.429246][ T8095] ? __pfx_autoremove_wake_function+0x10/0x10 [ 248.429300][ T8095] ? __pfx_aa_sk_perm+0x10/0x10 [ 248.429346][ T8095] inet_accept+0xc4/0x180 [ 248.429383][ T8095] do_accept+0x33b/0x530 [ 248.429422][ T8095] ? __pfx_do_accept+0x10/0x10 [ 248.429486][ T8095] __sys_accept4+0x100/0x1b0 [ 248.429522][ T8095] ? __pfx___sys_accept4+0x10/0x10 [ 248.429559][ T8095] ? rcu_is_watching+0x12/0xc0 [ 248.429606][ T8095] __x64_sys_accept+0x74/0xb0 [ 248.429640][ T8095] ? lockdep_hardirqs_on+0x7c/0x110 [ 248.429686][ T8095] do_syscall_64+0xcd/0x260 [ 248.429738][ T8095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.429772][ T8095] RIP: 0033:0x7f610a78d169 [ 248.429798][ T8095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.429831][ T8095] RSP: 002b:00007f610b502038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 248.429862][ T8095] RAX: ffffffffffffffda RBX: 00007f610a9a5fa0 RCX: 00007f610a78d169 [ 248.429884][ T8095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 248.429904][ T8095] RBP: 00007f610a80e990 R08: 0000000000000000 R09: 0000000000000000 [ 248.429925][ T8095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.429945][ T8095] R13: 0000000000000000 R14: 00007f610a9a5fa0 R15: 00007fff6eef1b68 [ 248.429989][ T8095] [ 249.642203][ T8102] netlink: 'syz.2.567': attribute type 1 has an invalid length. [ 250.250370][ T8106] netlink: 'syz.0.568': attribute type 1 has an invalid length. [ 251.348417][ T8125] netlink: 'syz.2.575': attribute type 1 has an invalid length. [ 252.243715][ T8135] HfR: entered promiscuous mode [ 252.274304][ T8135] netlink: 12 bytes leftover after parsing attributes in process `syz.3.579'. [ 252.307912][ T8135] HfR: left promiscuous mode [ 252.627698][ T30] audit: type=1326 audit(6039426206.073:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8138 comm="syz.2.581" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f610a78d169 code=0x0 [ 254.360051][ T8172] HfR: entered promiscuous mode [ 254.386701][ T8176] netlink: 12 bytes leftover after parsing attributes in process `syz.0.591'. [ 254.432001][ T8176] HfR: left promiscuous mode [ 255.053575][ T8194] netlink: 'syz.3.596': attribute type 1 has an invalid length. [ 255.256838][ T30] audit: type=1326 audit(6039426208.703:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.2.599" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f610a78d169 code=0x0 [ 256.306017][ T8211] netlink: 12 bytes leftover after parsing attributes in process `syz.1.601'. [ 256.327434][ T8210] HfR: entered promiscuous mode [ 256.435325][ T8211] openvswitch: HfR: Dropping previously announced user features [ 256.850276][ T8221] HfR: entered promiscuous mode [ 256.903743][ T8221] netlink: 12 bytes leftover after parsing attributes in process `syz.2.605'. [ 257.076012][ T8221] HfR: left promiscuous mode [ 257.750004][ T30] audit: type=1326 audit(6039426211.193:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8236 comm="syz.0.611" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 258.016264][ T8238] netlink: 'syz.2.609': attribute type 1 has an invalid length. [ 259.252663][ T8267] HfR: entered promiscuous mode [ 259.304442][ T8270] netlink: 12 bytes leftover after parsing attributes in process `syz.0.618'. [ 259.496197][ T8271] netlink: 'syz.2.619': attribute type 1 has an invalid length. [ 259.582631][ T8270] HfR: left promiscuous mode [ 260.547737][ T8279] netlink: 'syz.3.620': attribute type 1 has an invalid length. [ 260.869201][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.875675][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.835284][ T30] audit: type=1326 audit(6039426215.273:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8293 comm="syz.0.626" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 263.680340][ T8317] netlink: 'syz.3.633': attribute type 1 has an invalid length. [ 264.745423][ T30] audit: type=1326 audit(6039426218.193:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8333 comm="syz.0.639" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 266.887557][ T8360] HfR: entered promiscuous mode [ 266.928786][ T8360] netlink: 12 bytes leftover after parsing attributes in process `syz.3.646'. [ 266.958913][ T30] audit: type=1326 audit(6039426220.403:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8361 comm="syz.1.647" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f445098d169 code=0x0 [ 266.983690][ T8360] HfR: left promiscuous mode [ 268.977287][ T975] smpboot: CPU 1 is now offline [ 269.332911][ T8399] netlink: 'syz.0.661': attribute type 1 has an invalid length. [ 270.940337][ T8417] HfR: entered promiscuous mode [ 271.198456][ T8422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.659'. [ 271.311182][ T8422] HfR: left promiscuous mode [ 271.860491][ T30] audit: type=1326 audit(6039426225.303:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz.3.664" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f207e18d169 code=0x0 [ 274.079601][ T8453] netlink: 'syz.0.669': attribute type 1 has an invalid length. [ 274.797257][ T8459] FAULT_INJECTION: forcing a failure. [ 274.797257][ T8459] name failslab, interval 1, probability 0, space 0, times 0 [ 274.896578][ T8459] CPU: 0 UID: 0 PID: 8459 Comm: syz.2.673 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 274.896613][ T8459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 274.896631][ T8459] Call Trace: [ 274.896639][ T8459] [ 274.896648][ T8459] dump_stack_lvl+0x16c/0x1f0 [ 274.896687][ T8459] should_fail_ex+0x512/0x640 [ 274.896714][ T8459] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 274.896754][ T8459] should_failslab+0xc2/0x120 [ 274.896775][ T8459] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 274.896812][ T8459] ? __d_alloc+0x31/0xaa0 [ 274.896837][ T8459] __d_alloc+0x31/0xaa0 [ 274.896862][ T8459] d_alloc_pseudo+0x1c/0xc0 [ 274.896890][ T8459] alloc_file_pseudo+0xcf/0x230 [ 274.896917][ T8459] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 274.896943][ T8459] ? alloc_fd+0x471/0x7d0 [ 274.896980][ T8459] sock_alloc_file+0x50/0x210 [ 274.897014][ T8459] __sys_socket+0x1c0/0x260 [ 274.897037][ T8459] ? __pfx___sys_socket+0x10/0x10 [ 274.897061][ T8459] ? rcu_is_watching+0x12/0xc0 [ 274.897095][ T8459] __x64_sys_socket+0x72/0xb0 [ 274.897116][ T8459] ? lockdep_hardirqs_on+0x7c/0x110 [ 274.897149][ T8459] do_syscall_64+0xcd/0x260 [ 274.897185][ T8459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.897208][ T8459] RIP: 0033:0x7f610a78d169 [ 274.897225][ T8459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.897248][ T8459] RSP: 002b:00007f610b502038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 274.897269][ T8459] RAX: ffffffffffffffda RBX: 00007f610a9a5fa0 RCX: 00007f610a78d169 [ 274.897284][ T8459] RDX: 0000000000000007 RSI: 0000000000000002 RDI: 000000000000001d [ 274.897298][ T8459] RBP: 00007f610a80e990 R08: 0000000000000000 R09: 0000000000000000 [ 274.897312][ T8459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.897325][ T8459] R13: 0000000000000000 R14: 00007f610a9a5fa0 R15: 00007fff6eef1b68 [ 274.897354][ T8459] [ 275.611096][ T8467] openvswitch: HfR: Dropping previously announced user features [ 275.695902][ T8469] netlink: 12 bytes leftover after parsing attributes in process `syz.1.675'. [ 275.893382][ T8469] HfR: left promiscuous mode [ 278.087322][ T8499] netlink: 'syz.0.684': attribute type 1 has an invalid length. [ 279.054267][ T8509] HfR: entered promiscuous mode [ 279.091376][ T8510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.689'. [ 279.170651][ T8510] HfR: left promiscuous mode [ 279.674272][ T30] audit: type=1326 audit(6039426233.113:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.691" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f207e18d169 code=0x0 [ 280.939880][ T8537] netlink: 'syz.2.696': attribute type 1 has an invalid length. [ 281.101835][ T30] audit: type=1800 audit(6039426234.543:26): pid=8518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.692" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 282.400038][ T8543] netlink: 'syz.1.698': attribute type 1 has an invalid length. [ 282.678360][ T8546] bridge0: port 3(ipvlan0) entered blocking state [ 282.719749][ T8546] bridge0: port 3(ipvlan0) entered disabled state [ 283.094770][ T8546] ipvlan0: entered allmulticast mode [ 283.138432][ T8546] veth0_vlan: entered allmulticast mode [ 283.191327][ T8546] ipvlan0: left allmulticast mode [ 283.225196][ T8546] veth0_vlan: left allmulticast mode [ 283.668233][ T8553] netlink: 'syz.0.700': attribute type 1 has an invalid length. [ 284.887153][ T8562] netlink: 'syz.1.703': attribute type 1 has an invalid length. [ 286.276672][ T8573] ptrace attach of "./syz-executor exec"[5841] was attempted by "./syz-executor exec"[8573] [ 286.385427][ T8573] FAULT_INJECTION: forcing a failure. [ 286.385427][ T8573] name failslab, interval 1, probability 0, space 0, times 0 [ 286.453567][ T8573] CPU: 0 UID: 0 PID: 8573 Comm: syz.3.708 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 286.453601][ T8573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.453615][ T8573] Call Trace: [ 286.453623][ T8573] [ 286.453638][ T8573] dump_stack_lvl+0x16c/0x1f0 [ 286.453676][ T8573] should_fail_ex+0x512/0x640 [ 286.453702][ T8573] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 286.453742][ T8573] should_failslab+0xc2/0x120 [ 286.453764][ T8573] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 286.453800][ T8573] ? __d_alloc+0x31/0xaa0 [ 286.453825][ T8573] __d_alloc+0x31/0xaa0 [ 286.453849][ T8573] d_alloc+0x4a/0x1e0 [ 286.453872][ T8573] d_alloc_parallel+0xe3/0x12e0 [ 286.453913][ T8573] ? __pfx_d_alloc_parallel+0x10/0x10 [ 286.453941][ T8573] ? __lock_acquire+0xaa4/0x1ba0 [ 286.453981][ T8573] ? lockdep_init_map_type+0x5c/0x280 [ 286.454004][ T8573] ? lockdep_init_map_type+0x5c/0x280 [ 286.454032][ T8573] __lookup_slow+0x193/0x460 [ 286.454059][ T8573] ? __pfx___lookup_slow+0x10/0x10 [ 286.454103][ T8573] ? lookup_fast+0x156/0x610 [ 286.454131][ T8573] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 286.454171][ T8573] walk_component+0x353/0x5b0 [ 286.454204][ T8573] link_path_walk.part.0.constprop.0+0x682/0xd60 [ 286.454247][ T8573] path_openat+0x227/0x2d40 [ 286.454279][ T8573] ? __x64_sys_openat+0x174/0x210 [ 286.454314][ T8573] ? __pfx_path_openat+0x10/0x10 [ 286.454357][ T8573] do_filp_open+0x20b/0x470 [ 286.454391][ T8573] ? __pfx_do_filp_open+0x10/0x10 [ 286.454446][ T8573] ? alloc_fd+0x471/0x7d0 [ 286.454487][ T8573] do_sys_openat2+0x11b/0x1d0 [ 286.454511][ T8573] ? __pfx_do_sys_openat2+0x10/0x10 [ 286.454547][ T8573] __x64_sys_openat+0x174/0x210 [ 286.454572][ T8573] ? __pfx___x64_sys_openat+0x10/0x10 [ 286.454598][ T8573] ? rcu_is_watching+0x12/0xc0 [ 286.454640][ T8573] do_syscall_64+0xcd/0x260 [ 286.454676][ T8573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.454700][ T8573] RIP: 0033:0x7f207e18d169 [ 286.454718][ T8573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.454741][ T8573] RSP: 002b:00007f207f05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 286.454763][ T8573] RAX: ffffffffffffffda RBX: 00007f207e3a5fa0 RCX: 00007f207e18d169 [ 286.454783][ T8573] RDX: 00000000001a1842 RSI: 00002000000003c0 RDI: ffffffffffffff9c [ 286.454798][ T8573] RBP: 00007f207e20e990 R08: 0000000000000000 R09: 0000000000000000 [ 286.454811][ T8573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.454825][ T8573] R13: 0000000000000000 R14: 00007f207e3a5fa0 R15: 00007fffc57b44e8 [ 286.454854][ T8573] [ 287.020575][ T30] audit: type=1800 audit(6039426240.433:27): pid=8571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.707" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 287.076257][ T8588] netlink: 12 bytes leftover after parsing attributes in process `syz.1.710'. [ 287.156500][ T8585] HfR: entered promiscuous mode [ 287.431143][ T8588] HfR: left promiscuous mode [ 287.560972][ T8596] HfR: entered promiscuous mode [ 287.614680][ T8599] netlink: 12 bytes leftover after parsing attributes in process `syz.2.714'. [ 287.720930][ T8599] HfR: left promiscuous mode [ 288.021014][ T8601] netlink: 'syz.0.715': attribute type 1 has an invalid length. [ 289.124724][ T8621] netlink: 'syz.2.719': attribute type 1 has an invalid length. [ 290.013173][ T8629] bridge0: port 3(ipvlan0) entered blocking state [ 290.058909][ T8629] bridge0: port 3(ipvlan0) entered disabled state [ 290.077549][ T30] audit: type=1800 audit(6039426243.523:28): pid=8625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.720" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 290.159211][ T8629] ipvlan0: entered allmulticast mode [ 290.207144][ T8629] veth0_vlan: entered allmulticast mode [ 290.265578][ T8629] ipvlan0: left allmulticast mode [ 290.307495][ T8629] veth0_vlan: left allmulticast mode [ 291.643912][ T8643] HfR: entered promiscuous mode [ 291.736053][ T8643] netlink: 12 bytes leftover after parsing attributes in process `syz.1.724'. [ 291.838202][ T8643] HfR: left promiscuous mode [ 292.214566][ T8648] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[8648] [ 292.320362][ T8648] FAULT_INJECTION: forcing a failure. [ 292.320362][ T8648] name failslab, interval 1, probability 0, space 0, times 0 [ 292.403300][ T8648] CPU: 0 UID: 0 PID: 8648 Comm: syz.0.726 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 292.403333][ T8648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 292.403347][ T8648] Call Trace: [ 292.403360][ T8648] [ 292.403368][ T8648] dump_stack_lvl+0x16c/0x1f0 [ 292.403406][ T8648] should_fail_ex+0x512/0x640 [ 292.403433][ T8648] ? fs_reclaim_acquire+0xae/0x150 [ 292.403464][ T8648] should_failslab+0xc2/0x120 [ 292.403486][ T8648] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 292.403522][ T8648] ? security_inode_alloc+0x3b/0x2b0 [ 292.403552][ T8648] security_inode_alloc+0x3b/0x2b0 [ 292.403578][ T8648] inode_init_always_gfp+0xce4/0x1030 [ 292.403618][ T8648] alloc_inode+0x86/0x240 [ 292.403644][ T8648] iget_locked+0x2e4/0x830 [ 292.403673][ T8648] ? __pfx_iget_locked+0x10/0x10 [ 292.403702][ T8648] ? find_held_lock+0x2b/0x80 [ 292.403732][ T8648] ? kernfs_root+0xee/0x2a0 [ 292.403774][ T8648] kernfs_get_inode+0x48/0x460 [ 292.403811][ T8648] kernfs_iop_lookup+0x1a7/0x2d0 [ 292.403835][ T8648] __lookup_slow+0x24e/0x460 [ 292.403862][ T8648] ? __pfx___lookup_slow+0x10/0x10 [ 292.403907][ T8648] ? lookup_fast+0x156/0x610 [ 292.403935][ T8648] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 292.403974][ T8648] walk_component+0x353/0x5b0 [ 292.404007][ T8648] link_path_walk.part.0.constprop.0+0x682/0xd60 [ 292.404052][ T8648] path_openat+0x227/0x2d40 [ 292.404083][ T8648] ? __x64_sys_openat+0x174/0x210 [ 292.404119][ T8648] ? __pfx_path_openat+0x10/0x10 [ 292.404162][ T8648] do_filp_open+0x20b/0x470 [ 292.404196][ T8648] ? __pfx_do_filp_open+0x10/0x10 [ 292.404252][ T8648] ? alloc_fd+0x471/0x7d0 [ 292.404298][ T8648] do_sys_openat2+0x11b/0x1d0 [ 292.404322][ T8648] ? __pfx_do_sys_openat2+0x10/0x10 [ 292.404363][ T8648] __x64_sys_openat+0x174/0x210 [ 292.404389][ T8648] ? __pfx___x64_sys_openat+0x10/0x10 [ 292.404416][ T8648] ? rcu_is_watching+0x12/0xc0 [ 292.404453][ T8648] do_syscall_64+0xcd/0x260 [ 292.404490][ T8648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.404513][ T8648] RIP: 0033:0x7f14f2f8d169 [ 292.404531][ T8648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.404553][ T8648] RSP: 002b:00007f14f3d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 292.404575][ T8648] RAX: ffffffffffffffda RBX: 00007f14f31a5fa0 RCX: 00007f14f2f8d169 [ 292.404591][ T8648] RDX: 00000000001a1842 RSI: 00002000000003c0 RDI: ffffffffffffff9c [ 292.404605][ T8648] RBP: 00007f14f300e990 R08: 0000000000000000 R09: 0000000000000000 [ 292.404619][ T8648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 292.404633][ T8648] R13: 0000000000000000 R14: 00007f14f31a5fa0 R15: 00007fff789d4278 [ 292.404662][ T8648] [ 292.781512][ T8657] netlink: 'syz.1.728': attribute type 1 has an invalid length. [ 293.433251][ T8665] netlink: 'syz.3.731': attribute type 1 has an invalid length. [ 294.031279][ T8673] netlink: 'syz.0.733': attribute type 1 has an invalid length. [ 294.605684][ T8679] bcache: register_bcache() error : failed to open device [ 294.656689][ T8680] bcache: register_bcache() error : failed to open device [ 295.098704][ T8688] HfR: entered promiscuous mode [ 295.167587][ T8688] netlink: 12 bytes leftover after parsing attributes in process `syz.2.738'. [ 295.294374][ T8688] HfR: left promiscuous mode [ 295.360747][ T8695] MTRR 1 not used [ 295.531514][ T8690] ptrace attach of "./syz-executor exec"[5844] was attempted by "./syz-executor exec"[8690] [ 296.516054][ T8704] netlink: 'syz.2.741': attribute type 1 has an invalid length. [ 297.093016][ T8707] FAULT_INJECTION: forcing a failure. [ 297.093016][ T8707] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 297.222271][ T8707] CPU: 0 UID: 0 PID: 8707 Comm: syz.1.743 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 297.222303][ T8707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 297.222317][ T8707] Call Trace: [ 297.222324][ T8707] [ 297.222332][ T8707] dump_stack_lvl+0x16c/0x1f0 [ 297.222369][ T8707] should_fail_ex+0x512/0x640 [ 297.222399][ T8707] _copy_from_user+0x2e/0xd0 [ 297.222428][ T8707] move_addr_to_kernel+0x65/0x170 [ 297.222453][ T8707] __sys_connect+0xaf/0x170 [ 297.222477][ T8707] ? __pfx___sys_connect+0x10/0x10 [ 297.222512][ T8707] ? __pfx_ksys_write+0x10/0x10 [ 297.222543][ T8707] ? rcu_is_watching+0x12/0xc0 [ 297.222575][ T8707] __x64_sys_connect+0x72/0xb0 [ 297.222599][ T8707] ? lockdep_hardirqs_on+0x7c/0x110 [ 297.222630][ T8707] do_syscall_64+0xcd/0x260 [ 297.222665][ T8707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.222687][ T8707] RIP: 0033:0x7f445098d169 [ 297.222705][ T8707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.222727][ T8707] RSP: 002b:00007f445176b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 297.222749][ T8707] RAX: ffffffffffffffda RBX: 00007f4450ba6080 RCX: 00007f445098d169 [ 297.222764][ T8707] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 297.222777][ T8707] RBP: 00007f445176b090 R08: 0000000000000000 R09: 0000000000000000 [ 297.222791][ T8707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 297.222805][ T8707] R13: 0000000000000000 R14: 00007f4450ba6080 R15: 00007ffc87a14938 [ 297.222832][ T8707] [ 297.387253][ C0] vkms_vblank_simulate: vblank timer overrun [ 297.652213][ T8716] FAULT_INJECTION: forcing a failure. [ 297.652213][ T8716] name failslab, interval 1, probability 0, space 0, times 0 [ 297.683898][ T8716] CPU: 0 UID: 0 PID: 8716 Comm: syz.3.747 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 297.683933][ T8716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 297.683946][ T8716] Call Trace: [ 297.683954][ T8716] [ 297.683962][ T8716] dump_stack_lvl+0x16c/0x1f0 [ 297.684000][ T8716] should_fail_ex+0x512/0x640 [ 297.684026][ T8716] ? __kvmalloc_node_noprof+0x122/0x600 [ 297.684069][ T8716] should_failslab+0xc2/0x120 [ 297.684091][ T8716] __kvmalloc_node_noprof+0x135/0x600 [ 297.684125][ T8716] ? seq_read_iter+0x826/0x12c0 [ 297.684160][ T8716] ? seq_read_iter+0x826/0x12c0 [ 297.684188][ T8716] seq_read_iter+0x826/0x12c0 [ 297.684219][ T8716] ? __mutex_trylock_common+0xe9/0x250 [ 297.684251][ T8716] kernfs_fop_read_iter+0x40f/0x5a0 [ 297.684279][ T8716] ? rw_verify_area+0xcf/0x680 [ 297.684309][ T8716] vfs_read+0x8c8/0xc70 [ 297.684343][ T8716] ? __pfx___mutex_lock+0x10/0x10 [ 297.684377][ T8716] ? __pfx_vfs_read+0x10/0x10 [ 297.684427][ T8716] ksys_read+0x12a/0x240 [ 297.684457][ T8716] ? __pfx_ksys_read+0x10/0x10 [ 297.684486][ T8716] ? rcu_is_watching+0x12/0xc0 [ 297.684523][ T8716] do_syscall_64+0xcd/0x260 [ 297.684559][ T8716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.684582][ T8716] RIP: 0033:0x7f207e18d169 [ 297.684600][ T8716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.684622][ T8716] RSP: 002b:00007f207f05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 297.684643][ T8716] RAX: ffffffffffffffda RBX: 00007f207e3a5fa0 RCX: 00007f207e18d169 [ 297.684658][ T8716] RDX: 00000000000000bb RSI: 0000200000000180 RDI: 0000000000000003 [ 297.684672][ T8716] RBP: 00007f207f05e090 R08: 0000000000000000 R09: 0000000000000000 [ 297.684686][ T8716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 297.684699][ T8716] R13: 0000000000000000 R14: 00007f207e3a5fa0 R15: 00007fffc57b44e8 [ 297.684728][ T8716] [ 297.881184][ C0] vkms_vblank_simulate: vblank timer overrun [ 298.216268][ T8726] HfR: entered promiscuous mode [ 298.287549][ T8726] netlink: 12 bytes leftover after parsing attributes in process `syz.1.750'. [ 298.460264][ T8726] HfR: left promiscuous mode [ 298.667822][ T8735] netlink: 338 bytes leftover after parsing attributes in process `syz.3.752'. [ 298.792626][ T8737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.752'. [ 299.108324][ T8740] netlink: 13 bytes leftover after parsing attributes in process `syz.3.752'. [ 299.125484][ T8739] netlink: 'syz.2.753': attribute type 1 has an invalid length. [ 299.569546][ T8744] FAULT_INJECTION: forcing a failure. [ 299.569546][ T8744] name fail_futex, interval 1, probability 0, space 0, times 0 [ 299.617584][ T8744] CPU: 0 UID: 0 PID: 8744 Comm: syz.1.755 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 299.617617][ T8744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 299.617632][ T8744] Call Trace: [ 299.617639][ T8744] [ 299.617648][ T8744] dump_stack_lvl+0x16c/0x1f0 [ 299.617687][ T8744] should_fail_ex+0x512/0x640 [ 299.617717][ T8744] get_futex_key+0x49e/0x1000 [ 299.617751][ T8744] ? kstrtoint+0xda/0x130 [ 299.617770][ T8744] ? __pfx_get_futex_key+0x10/0x10 [ 299.617811][ T8744] futex_wake+0xe7/0x4e0 [ 299.617835][ T8744] ? __pfx_futex_wake+0x10/0x10 [ 299.617861][ T8744] ? vfs_write+0x316/0x1180 [ 299.617891][ T8744] ? __pfx_oom_score_adj_write+0x10/0x10 [ 299.617932][ T8744] do_futex+0x1e3/0x350 [ 299.617964][ T8744] ? __pfx_do_futex+0x10/0x10 [ 299.618005][ T8744] __x64_sys_futex+0x1e0/0x4c0 [ 299.618042][ T8744] ? __pfx___x64_sys_futex+0x10/0x10 [ 299.618074][ T8744] ? ksys_write+0x1b9/0x240 [ 299.618105][ T8744] ? __pfx_ksys_write+0x10/0x10 [ 299.618135][ T8744] ? rcu_is_watching+0x12/0xc0 [ 299.618172][ T8744] do_syscall_64+0xcd/0x260 [ 299.618208][ T8744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.618231][ T8744] RIP: 0033:0x7f445098d169 [ 299.618249][ T8744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.618272][ T8744] RSP: 002b:00007f445178c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 299.618294][ T8744] RAX: ffffffffffffffda RBX: 00007f4450ba5fa8 RCX: 00007f445098d169 [ 299.618310][ T8744] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4450ba5fac [ 299.618324][ T8744] RBP: 00007f4450ba5fa0 R08: 00007f445178d000 R09: 0000000000000000 [ 299.618339][ T8744] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f4450ba5fac [ 299.618353][ T8744] R13: 0000000000000000 R14: 00007ffc87a14850 R15: 00007ffc87a14938 [ 299.618381][ T8744] [ 299.814467][ C0] vkms_vblank_simulate: vblank timer overrun [ 300.794718][ T8759] netlink: 'syz.1.760': attribute type 1 has an invalid length. [ 300.796602][ T8760] FAULT_INJECTION: forcing a failure. [ 300.796602][ T8760] name failslab, interval 1, probability 0, space 0, times 0 [ 300.962575][ T8760] CPU: 0 UID: 0 PID: 8760 Comm: syz.1.760 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 300.962608][ T8760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 300.962622][ T8760] Call Trace: [ 300.962629][ T8760] [ 300.962637][ T8760] dump_stack_lvl+0x16c/0x1f0 [ 300.962675][ T8760] should_fail_ex+0x512/0x640 [ 300.962706][ T8760] should_failslab+0xc2/0x120 [ 300.962728][ T8760] __kmalloc_cache_noprof+0x6a/0x3e0 [ 300.962761][ T8760] ? sctp_add_bind_addr+0xae/0x3f0 [ 300.962795][ T8760] sctp_add_bind_addr+0xae/0x3f0 [ 300.962829][ T8760] sctp_copy_local_addr_list+0x39d/0x5a0 [ 300.962869][ T8760] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 300.962910][ T8760] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 300.962952][ T8760] ? sctp_bind_addr_copy+0xe0/0x530 [ 300.962983][ T8760] sctp_bind_addr_copy+0xe0/0x530 [ 300.963020][ T8760] sctp_connect_new_asoc+0x1d7/0x790 [ 300.963048][ T8760] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 300.963075][ T8760] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 300.963120][ T8760] __sctp_connect+0x3f3/0xc60 [ 300.963148][ T8760] ? do_raw_spin_lock+0x12c/0x2b0 [ 300.963175][ T8760] ? __pfx___sctp_connect+0x10/0x10 [ 300.963202][ T8760] ? __pfx_sctp_inet_connect+0x10/0x10 [ 300.963228][ T8760] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 300.963254][ T8760] ? __pfx_sctp_inet_connect+0x10/0x10 [ 300.963277][ T8760] sctp_inet_connect+0x15f/0x200 [ 300.963304][ T8760] __sys_connect_file+0x13e/0x1a0 [ 300.963333][ T8760] __sys_connect+0x14d/0x170 [ 300.963365][ T8760] ? __pfx___sys_connect+0x10/0x10 [ 300.963401][ T8760] ? __pfx_ksys_write+0x10/0x10 [ 300.963439][ T8760] __x64_sys_connect+0x72/0xb0 [ 300.963462][ T8760] ? lockdep_hardirqs_on+0x7c/0x110 [ 300.963493][ T8760] do_syscall_64+0xcd/0x260 [ 300.963528][ T8760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.963550][ T8760] RIP: 0033:0x7f445098d169 [ 300.963568][ T8760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.963590][ T8760] RSP: 002b:00007f445174a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 300.963612][ T8760] RAX: ffffffffffffffda RBX: 00007f4450ba6160 RCX: 00007f445098d169 [ 300.963627][ T8760] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 300.963641][ T8760] RBP: 00007f445174a090 R08: 0000000000000000 R09: 0000000000000000 [ 300.963655][ T8760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 300.963668][ T8760] R13: 0000000000000001 R14: 00007f4450ba6160 R15: 00007ffc87a14938 [ 300.963698][ T8760] [ 301.498988][ T8758] netlink: 'syz.0.761': attribute type 1 has an invalid length. [ 301.530332][ T30] audit: type=1326 audit(6039426254.963:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8763 comm="syz.1.763" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f445098d169 code=0x0 [ 302.566126][ T8793] netlink: 12 bytes leftover after parsing attributes in process `syz.2.770'. [ 302.728877][ T8791] HfR: entered promiscuous mode [ 302.758954][ T8793] HfR: left promiscuous mode [ 303.516643][ T8801] netlink: 'syz.3.772': attribute type 1 has an invalid length. [ 304.291837][ T8809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.774'. [ 304.393507][ T8811] netlink: 4 bytes leftover after parsing attributes in process `syz.2.774'. [ 304.827522][ T8816] netlink: 'syz.1.775': attribute type 1 has an invalid length. [ 305.376909][ T8828] netlink: 338 bytes leftover after parsing attributes in process `syz.0.779'. [ 305.461387][ T8828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.779'. [ 305.517364][ T8830] netlink: 13 bytes leftover after parsing attributes in process `syz.0.779'. [ 305.900606][ T8834] FAULT_INJECTION: forcing a failure. [ 305.900606][ T8834] name failslab, interval 1, probability 0, space 0, times 0 [ 305.959360][ T8834] CPU: 0 UID: 0 PID: 8834 Comm: syz.2.782 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 305.959395][ T8834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 305.959409][ T8834] Call Trace: [ 305.959416][ T8834] [ 305.959425][ T8834] dump_stack_lvl+0x16c/0x1f0 [ 305.959462][ T8834] should_fail_ex+0x512/0x640 [ 305.959488][ T8834] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 305.959521][ T8834] should_failslab+0xc2/0x120 [ 305.959542][ T8834] __kmalloc_cache_noprof+0x6a/0x3e0 [ 305.959573][ T8834] ? trace_cap_capable+0x18d/0x200 [ 305.959592][ T8834] ? sctp_association_new+0xbb/0x2a00 [ 305.959622][ T8834] sctp_association_new+0xbb/0x2a00 [ 305.959647][ T8834] ? sctp_v4_scope+0x183/0x1a0 [ 305.959679][ T8834] sctp_connect_new_asoc+0x1b6/0x790 [ 305.959707][ T8834] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 305.959734][ T8834] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 305.959797][ T8834] __sctp_connect+0x3f3/0xc60 [ 305.959826][ T8834] ? __pfx_sctp_inet_connect+0x10/0x10 [ 305.959852][ T8834] ? __pfx___sctp_connect+0x10/0x10 [ 305.959881][ T8834] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 305.959913][ T8834] ? __pfx_sctp_inet_connect+0x10/0x10 [ 305.959938][ T8834] sctp_inet_connect+0x15f/0x200 [ 305.959968][ T8834] __sys_connect_file+0x13e/0x1a0 [ 305.959999][ T8834] __sys_connect+0x14d/0x170 [ 305.960024][ T8834] ? __pfx___sys_connect+0x10/0x10 [ 305.960059][ T8834] ? __pfx_ksys_write+0x10/0x10 [ 305.960089][ T8834] ? rcu_is_watching+0x12/0xc0 [ 305.960122][ T8834] __x64_sys_connect+0x72/0xb0 [ 305.960145][ T8834] ? lockdep_hardirqs_on+0x7c/0x110 [ 305.960181][ T8834] do_syscall_64+0xcd/0x260 [ 305.960217][ T8834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.960240][ T8834] RIP: 0033:0x7f610a78d169 [ 305.960257][ T8834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.960279][ T8834] RSP: 002b:00007f61085f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 305.960301][ T8834] RAX: ffffffffffffffda RBX: 00007f610a9a6080 RCX: 00007f610a78d169 [ 305.960316][ T8834] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 305.960330][ T8834] RBP: 00007f61085f6090 R08: 0000000000000000 R09: 0000000000000000 [ 305.960344][ T8834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 305.960357][ T8834] R13: 0000000000000000 R14: 00007f610a9a6080 R15: 00007fff6eef1b68 [ 305.960386][ T8834] [ 306.207821][ C0] vkms_vblank_simulate: vblank timer overrun [ 307.276062][ T8859] netlink: 'syz.3.791': attribute type 1 has an invalid length. [ 307.842484][ T8867] netlink: 338 bytes leftover after parsing attributes in process `syz.2.794'. [ 307.927034][ T8867] netlink: 4 bytes leftover after parsing attributes in process `syz.2.794'. [ 307.979144][ T8867] netlink: 13 bytes leftover after parsing attributes in process `syz.2.794'. [ 308.594750][ T8877] netlink: 'syz.3.796': attribute type 1 has an invalid length. [ 310.698457][ T8905] FAULT_INJECTION: forcing a failure. [ 310.698457][ T8905] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 310.793385][ T8905] CPU: 0 UID: 0 PID: 8905 Comm: syz.2.802 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 310.793418][ T8905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 310.793431][ T8905] Call Trace: [ 310.793438][ T8905] [ 310.793446][ T8905] dump_stack_lvl+0x16c/0x1f0 [ 310.793490][ T8905] should_fail_ex+0x512/0x640 [ 310.793520][ T8905] _copy_from_iter+0x2a4/0x15b0 [ 310.793555][ T8905] ? __pfx__copy_from_iter+0x10/0x10 [ 310.793585][ T8905] ? rcu_is_watching+0x12/0xc0 [ 310.793613][ T8905] ? trace_kmalloc+0x2b/0xd0 [ 310.793636][ T8905] ? __kmalloc_noprof+0x242/0x510 [ 310.793677][ T8905] kernfs_fop_write_iter+0x19a/0x510 [ 310.793711][ T8905] vfs_write+0x5ba/0x1180 [ 310.793743][ T8905] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 310.793773][ T8905] ? __pfx___mutex_lock+0x10/0x10 [ 310.793807][ T8905] ? __pfx_vfs_write+0x10/0x10 [ 310.793857][ T8905] ksys_write+0x12a/0x240 [ 310.793888][ T8905] ? __pfx_ksys_write+0x10/0x10 [ 310.793918][ T8905] ? rcu_is_watching+0x12/0xc0 [ 310.793953][ T8905] do_syscall_64+0xcd/0x260 [ 310.793990][ T8905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.794012][ T8905] RIP: 0033:0x7f610a78d169 [ 310.794030][ T8905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.794052][ T8905] RSP: 002b:00007f610b502038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 310.794073][ T8905] RAX: ffffffffffffffda RBX: 00007f610a9a5fa0 RCX: 00007f610a78d169 [ 310.794088][ T8905] RDX: 0000000000000081 RSI: 0000200000000140 RDI: 0000000000000003 [ 310.794102][ T8905] RBP: 00007f610b502090 R08: 0000000000000000 R09: 0000000000000000 [ 310.794115][ T8905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 310.794128][ T8905] R13: 0000000000000000 R14: 00007f610a9a5fa0 R15: 00007fff6eef1b68 [ 310.794157][ T8905] [ 310.981738][ C0] vkms_vblank_simulate: vblank timer overrun [ 312.105598][ T8922] FAULT_INJECTION: forcing a failure. [ 312.105598][ T8922] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 312.166437][ T8922] CPU: 0 UID: 0 PID: 8922 Comm: syz.3.807 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 312.166470][ T8922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 312.166484][ T8922] Call Trace: [ 312.166491][ T8922] [ 312.166500][ T8922] dump_stack_lvl+0x16c/0x1f0 [ 312.166537][ T8922] should_fail_ex+0x512/0x640 [ 312.166568][ T8922] _copy_to_iter+0x2a4/0x15a0 [ 312.166598][ T8922] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 312.166651][ T8922] ? __pfx__copy_to_iter+0x10/0x10 [ 312.166680][ T8922] ? kernfs_seq_stop+0xcd/0x120 [ 312.166713][ T8922] ? kernfs_put_active+0x86/0xe0 [ 312.166739][ T8922] seq_read_iter+0xcf8/0x12c0 [ 312.166784][ T8922] kernfs_fop_read_iter+0x40f/0x5a0 [ 312.166811][ T8922] ? rw_verify_area+0xcf/0x680 [ 312.166842][ T8922] vfs_read+0x8c8/0xc70 [ 312.166877][ T8922] ? __pfx___mutex_lock+0x10/0x10 [ 312.166910][ T8922] ? __pfx_vfs_read+0x10/0x10 [ 312.166960][ T8922] ksys_read+0x12a/0x240 [ 312.166990][ T8922] ? __pfx_ksys_read+0x10/0x10 [ 312.167019][ T8922] ? rcu_is_watching+0x12/0xc0 [ 312.167056][ T8922] do_syscall_64+0xcd/0x260 [ 312.167092][ T8922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.167115][ T8922] RIP: 0033:0x7f207e18d169 [ 312.167132][ T8922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 312.167155][ T8922] RSP: 002b:00007f207f05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 312.167176][ T8922] RAX: ffffffffffffffda RBX: 00007f207e3a5fa0 RCX: 00007f207e18d169 [ 312.167191][ T8922] RDX: 00000000000000bb RSI: 0000200000000180 RDI: 0000000000000003 [ 312.167205][ T8922] RBP: 00007f207f05e090 R08: 0000000000000000 R09: 0000000000000000 [ 312.167219][ T8922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 312.167232][ T8922] R13: 0000000000000000 R14: 00007f207e3a5fa0 R15: 00007fffc57b44e8 [ 312.167261][ T8922] [ 312.366160][ C0] vkms_vblank_simulate: vblank timer overrun [ 314.033387][ T8934] netlink: 'syz.1.809': attribute type 1 has an invalid length. [ 314.559060][ T30] audit: type=1326 audit(6039426268.003:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.2.811" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f610a78d169 code=0x0 [ 315.946323][ T8957] netlink: 'syz.0.820': attribute type 1 has an invalid length. [ 317.891135][ T8971] netlink: 'syz.2.814': attribute type 1 has an invalid length. [ 318.669500][ T8978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.818'. [ 318.721398][ T8978] netlink: 13 bytes leftover after parsing attributes in process `syz.3.818'. [ 318.983177][ T8981] netlink: 'syz.1.817': attribute type 1 has an invalid length. [ 320.791421][ T30] audit: type=1326 audit(6039426274.233:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8994 comm="syz.1.824" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f445098d169 code=0x0 [ 320.886210][ T30] audit: type=1326 audit(6039426274.273:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.3.825" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f207e18d169 code=0x0 [ 322.313721][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.320309][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.736778][ T30] audit: type=1326 audit(6039426276.173:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.0.835" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 322.873400][ T30] audit: type=1804 audit(6039426276.223:34): pid=9021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.835" name="/newroot/sys/kernel/debug/tracing/set_event_notrace_pid" dev="tracefs" ino=10 res=1 errno=0 [ 323.199714][ T9031] HfR: entered promiscuous mode [ 323.243006][ T9031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.830'. [ 323.320277][ T9031] HfR: left promiscuous mode [ 323.512942][ T9036] FAULT_INJECTION: forcing a failure. [ 323.512942][ T9036] name failslab, interval 1, probability 0, space 0, times 0 [ 323.578457][ T9036] CPU: 0 UID: 0 PID: 9036 Comm: syz.3.831 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 323.578491][ T9036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 323.578505][ T9036] Call Trace: [ 323.578512][ T9036] [ 323.578520][ T9036] dump_stack_lvl+0x16c/0x1f0 [ 323.578557][ T9036] should_fail_ex+0x512/0x640 [ 323.578584][ T9036] ? fs_reclaim_acquire+0xae/0x150 [ 323.578613][ T9036] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 323.578645][ T9036] should_failslab+0xc2/0x120 [ 323.578666][ T9036] __kmalloc_noprof+0xd2/0x510 [ 323.578706][ T9036] tomoyo_realpath_from_path+0xc2/0x6e0 [ 323.578741][ T9036] ? tomoyo_profile+0x47/0x60 [ 323.578778][ T9036] tomoyo_path_number_perm+0x245/0x580 [ 323.578804][ T9036] ? tomoyo_path_number_perm+0x237/0x580 [ 323.578833][ T9036] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 323.578861][ T9036] ? find_held_lock+0x2b/0x80 [ 323.578916][ T9036] ? find_held_lock+0x2b/0x80 [ 323.578943][ T9036] ? hook_file_ioctl_common+0x145/0x410 [ 323.578974][ T9036] ? __fget_files+0x20e/0x3c0 [ 323.579011][ T9036] security_file_ioctl+0x9b/0x240 [ 323.579041][ T9036] __x64_sys_ioctl+0xb7/0x200 [ 323.579070][ T9036] do_syscall_64+0xcd/0x260 [ 323.579107][ T9036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.579130][ T9036] RIP: 0033:0x7f207e18d169 [ 323.579147][ T9036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.579173][ T9036] RSP: 002b:00007f207f05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.579194][ T9036] RAX: ffffffffffffffda RBX: 00007f207e3a5fa0 RCX: 00007f207e18d169 [ 323.579209][ T9036] RDX: 0000000000000000 RSI: 00000000c0603d0f RDI: 0000000000000003 [ 323.579222][ T9036] RBP: 00007f207f05e090 R08: 0000000000000000 R09: 0000000000000000 [ 323.579236][ T9036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 323.579249][ T9036] R13: 0000000000000000 R14: 00007f207e3a5fa0 R15: 00007fffc57b44e8 [ 323.579277][ T9036] [ 323.579947][ T9036] ERROR: Out of memory at tomoyo_realpath_from_path. [ 325.059389][ T9041] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 325.608360][ T9061] FAULT_INJECTION: forcing a failure. [ 325.608360][ T9061] name failslab, interval 1, probability 0, space 0, times 0 [ 325.659886][ T9061] CPU: 0 UID: 0 PID: 9061 Comm: syz.0.839 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 325.659921][ T9061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 325.659935][ T9061] Call Trace: [ 325.659943][ T9061] [ 325.659952][ T9061] dump_stack_lvl+0x16c/0x1f0 [ 325.659990][ T9061] should_fail_ex+0x512/0x640 [ 325.660017][ T9061] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 325.660056][ T9061] should_failslab+0xc2/0x120 [ 325.660078][ T9061] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 325.660116][ T9061] ? __d_alloc+0x31/0xaa0 [ 325.660141][ T9061] __d_alloc+0x31/0xaa0 [ 325.660165][ T9061] d_alloc_pseudo+0x1c/0xc0 [ 325.660192][ T9061] alloc_file_pseudo+0xcf/0x230 [ 325.660219][ T9061] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 325.660252][ T9061] ? alloc_fd+0x471/0x7d0 [ 325.660289][ T9061] sock_alloc_file+0x50/0x210 [ 325.660325][ T9061] __sys_socket+0x1c0/0x260 [ 325.660347][ T9061] ? __pfx___sys_socket+0x10/0x10 [ 325.660371][ T9061] ? rcu_is_watching+0x12/0xc0 [ 325.660405][ T9061] __x64_sys_socket+0x72/0xb0 [ 325.660426][ T9061] ? lockdep_hardirqs_on+0x7c/0x110 [ 325.660459][ T9061] do_syscall_64+0xcd/0x260 [ 325.660496][ T9061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.660519][ T9061] RIP: 0033:0x7f14f2f8d169 [ 325.660537][ T9061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.660560][ T9061] RSP: 002b:00007f14f3d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 325.660581][ T9061] RAX: ffffffffffffffda RBX: 00007f14f31a5fa0 RCX: 00007f14f2f8d169 [ 325.660596][ T9061] RDX: 0000000000000007 RSI: 0000000000000002 RDI: 000000000000001d [ 325.660609][ T9061] RBP: 00007f14f300e990 R08: 0000000000000000 R09: 0000000000000000 [ 325.660623][ T9061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.660637][ T9061] R13: 0000000000000000 R14: 00007f14f31a5fa0 R15: 00007fff789d4278 [ 325.660666][ T9061] [ 325.860410][ C0] vkms_vblank_simulate: vblank timer overrun [ 326.409397][ T9069] netlink: 'syz.2.840': attribute type 1 has an invalid length. [ 326.449139][ T9075] netlink: 12 bytes leftover after parsing attributes in process `syz.1.842'. [ 326.814610][ T9074] HfR: entered promiscuous mode [ 326.844097][ T9075] HfR: left promiscuous mode [ 326.857135][ T9078] FAULT_INJECTION: forcing a failure. [ 326.857135][ T9078] name failslab, interval 1, probability 0, space 0, times 0 [ 326.857186][ T9078] CPU: 0 UID: 0 PID: 9078 Comm: syz.0.843 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 326.857215][ T9078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 326.857228][ T9078] Call Trace: [ 326.857235][ T9078] [ 326.857243][ T9078] dump_stack_lvl+0x16c/0x1f0 [ 326.857280][ T9078] should_fail_ex+0x512/0x640 [ 326.857305][ T9078] ? __kvmalloc_node_noprof+0x122/0x600 [ 326.857343][ T9078] should_failslab+0xc2/0x120 [ 326.857364][ T9078] __kvmalloc_node_noprof+0x135/0x600 [ 326.857398][ T9078] ? seq_read_iter+0x826/0x12c0 [ 326.857446][ T9078] ? seq_read_iter+0x826/0x12c0 [ 326.857473][ T9078] seq_read_iter+0x826/0x12c0 [ 326.857503][ T9078] ? __mutex_trylock_common+0xe9/0x250 [ 326.857533][ T9078] kernfs_fop_read_iter+0x40f/0x5a0 [ 326.857560][ T9078] ? rw_verify_area+0xcf/0x680 [ 326.857589][ T9078] vfs_read+0x8c8/0xc70 [ 326.857621][ T9078] ? __pfx___mutex_lock+0x10/0x10 [ 326.857653][ T9078] ? __pfx_vfs_read+0x10/0x10 [ 326.857700][ T9078] ksys_read+0x12a/0x240 [ 326.857729][ T9078] ? __pfx_ksys_read+0x10/0x10 [ 326.857756][ T9078] ? rcu_is_watching+0x12/0xc0 [ 326.857791][ T9078] do_syscall_64+0xcd/0x260 [ 326.857826][ T9078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.857848][ T9078] RIP: 0033:0x7f14f2f8d169 [ 326.857868][ T9078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.857889][ T9078] RSP: 002b:00007f14f3d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 326.857921][ T9078] RAX: ffffffffffffffda RBX: 00007f14f31a5fa0 RCX: 00007f14f2f8d169 [ 326.857936][ T9078] RDX: 0000000000001000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 326.857967][ T9078] RBP: 00007f14f3d07090 R08: 0000000000000000 R09: 0000000000000000 [ 326.857981][ T9078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 326.857994][ T9078] R13: 0000000000000000 R14: 00007f14f31a5fa0 R15: 00007fff789d4278 [ 326.858023][ T9078] [ 327.537939][ T30] audit: type=1326 audit(6039426280.983:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9085 comm="syz.0.846" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 327.925660][ T9094] FAULT_INJECTION: forcing a failure. [ 327.925660][ T9094] name failslab, interval 1, probability 0, space 0, times 0 [ 327.925718][ T9094] CPU: 0 UID: 0 PID: 9094 Comm: syz.1.848 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 327.925745][ T9094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 327.925758][ T9094] Call Trace: [ 327.925765][ T9094] [ 327.925773][ T9094] dump_stack_lvl+0x16c/0x1f0 [ 327.925808][ T9094] should_fail_ex+0x512/0x640 [ 327.925836][ T9094] should_failslab+0xc2/0x120 [ 327.925857][ T9094] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 327.925891][ T9094] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 327.925924][ T9094] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 327.925971][ T9094] idr_get_free+0x528/0xa30 [ 327.926010][ T9094] idr_alloc_u32+0x190/0x2f0 [ 327.926041][ T9094] ? __pfx_idr_alloc_u32+0x10/0x10 [ 327.926068][ T9094] ? do_raw_spin_lock+0x12c/0x2b0 [ 327.926094][ T9094] ? net_generic+0xea/0x2a0 [ 327.926121][ T9094] l2tp_tunnel_register+0xf8/0xbe0 [ 327.926151][ T9094] ? __pfx___debug_object_init+0x10/0x10 [ 327.926181][ T9094] ? sprintf+0xcc/0x100 [ 327.926209][ T9094] ? __pfx_l2tp_tunnel_register+0x10/0x10 [ 327.926243][ T9094] ? lockdep_init_map_type+0x5c/0x280 [ 327.926265][ T9094] ? lockdep_init_map_type+0x5c/0x280 [ 327.926286][ T9094] ? l2tp_tunnel_create+0x2cf/0x460 [ 327.926308][ T9094] ? l2tp_tunnel_create+0x37d/0x460 [ 327.926334][ T9094] pppol2tp_tunnel_get.constprop.0+0x3f0/0x540 [ 327.926367][ T9094] ? __pfx_pppol2tp_tunnel_get.constprop.0+0x10/0x10 [ 327.926415][ T9094] pppol2tp_connect+0xb1b/0x1ce0 [ 327.926442][ T9094] ? __pfx___might_resched+0x10/0x10 [ 327.926473][ T9094] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 327.926498][ T9094] ? __pfx_pppol2tp_connect+0x10/0x10 [ 327.926527][ T9094] ? aa_sk_perm+0x260/0xb10 [ 327.926554][ T9094] ? __pfx_aa_sk_perm+0x10/0x10 [ 327.926588][ T9094] ? __pfx_pppol2tp_connect+0x10/0x10 [ 327.926616][ T9094] __sys_connect_file+0x13e/0x1a0 [ 327.926643][ T9094] __sys_connect+0x14d/0x170 [ 327.926666][ T9094] ? __pfx___sys_connect+0x10/0x10 [ 327.926700][ T9094] ? __pfx_ksys_write+0x10/0x10 [ 327.926729][ T9094] ? rcu_is_watching+0x12/0xc0 [ 327.926760][ T9094] __x64_sys_connect+0x72/0xb0 [ 327.926783][ T9094] ? lockdep_hardirqs_on+0x7c/0x110 [ 327.926812][ T9094] do_syscall_64+0xcd/0x260 [ 327.926846][ T9094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.926867][ T9094] RIP: 0033:0x7f445098d169 [ 327.926884][ T9094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.926906][ T9094] RSP: 002b:00007f445178c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 327.926926][ T9094] RAX: ffffffffffffffda RBX: 00007f4450ba5fa0 RCX: 00007f445098d169 [ 327.926940][ T9094] RDX: 000000000000003a RSI: 0000200000000000 RDI: 0000000000000001 [ 327.926957][ T9094] RBP: 00007f445178c090 R08: 0000000000000000 R09: 0000000000000000 [ 327.926970][ T9094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 327.926983][ T9094] R13: 0000000000000000 R14: 00007f4450ba5fa0 R15: 00007ffc87a14938 [ 327.927010][ T9094] [ 329.268820][ T9104] netlink: 'syz.2.851': attribute type 1 has an invalid length. [ 331.218408][ T9123] netlink: 'syz.3.857': attribute type 1 has an invalid length. [ 332.258707][ T30] audit: type=1326 audit(6039426285.703:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9137 comm="syz.0.861" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 334.331040][ T9156] netlink: 'syz.1.865': attribute type 3 has an invalid length. [ 334.561800][ T9156] cifs: Unknown parameter '' [ 334.618867][ T9157] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 335.080735][ T9163] netlink: 8 bytes leftover after parsing attributes in process `syz.0.866'. [ 335.971285][ T9179] netlink: 342 bytes leftover after parsing attributes in process `syz.2.872'. [ 336.420634][ T9188] HfR: entered promiscuous mode [ 336.460906][ T30] audit: type=1326 audit(6039426289.903:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9191 comm="syz.0.876" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f14f2f8d169 code=0x0 [ 336.498144][ T9194] netlink: 12 bytes leftover after parsing attributes in process `syz.1.873'. [ 336.676595][ T9194] HfR: left promiscuous mode [ 338.337149][ T9216] netlink: 'syz.2.883': attribute type 1 has an invalid length. [ 338.725447][ T9220] FAULT_INJECTION: forcing a failure. [ 338.725447][ T9220] name failslab, interval 1, probability 0, space 0, times 0 [ 339.225175][ T9220] CPU: 0 UID: 0 PID: 9220 Comm: syz.1.882 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 339.225208][ T9220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 339.225222][ T9220] Call Trace: [ 339.225230][ T9220] [ 339.225238][ T9220] dump_stack_lvl+0x16c/0x1f0 [ 339.225275][ T9220] should_fail_ex+0x512/0x640 [ 339.225306][ T9220] should_failslab+0xc2/0x120 [ 339.225328][ T9220] __kmalloc_cache_noprof+0x6a/0x3e0 [ 339.225359][ T9220] ? sctp_add_bind_addr+0xae/0x3f0 [ 339.225393][ T9220] sctp_add_bind_addr+0xae/0x3f0 [ 339.225428][ T9220] sctp_copy_local_addr_list+0x39d/0x5a0 [ 339.225468][ T9220] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 339.225508][ T9220] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 339.225551][ T9220] ? sctp_bind_addr_copy+0xe0/0x530 [ 339.225581][ T9220] sctp_bind_addr_copy+0xe0/0x530 [ 339.225618][ T9220] sctp_connect_new_asoc+0x1d7/0x790 [ 339.225646][ T9220] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 339.225673][ T9220] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 339.225718][ T9220] __sctp_connect+0x3f3/0xc60 [ 339.225746][ T9220] ? do_raw_spin_lock+0x12c/0x2b0 [ 339.225773][ T9220] ? __pfx___sctp_connect+0x10/0x10 [ 339.225800][ T9220] ? __pfx_sctp_inet_connect+0x10/0x10 [ 339.225825][ T9220] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 339.225852][ T9220] ? __pfx_sctp_inet_connect+0x10/0x10 [ 339.225875][ T9220] sctp_inet_connect+0x15f/0x200 [ 339.225902][ T9220] __sys_connect_file+0x13e/0x1a0 [ 339.225931][ T9220] __sys_connect+0x14d/0x170 [ 339.225955][ T9220] ? __pfx___sys_connect+0x10/0x10 [ 339.225996][ T9220] ? __pfx_ksys_write+0x10/0x10 [ 339.226027][ T9220] ? rcu_is_watching+0x12/0xc0 [ 339.226061][ T9220] __x64_sys_connect+0x72/0xb0 [ 339.226084][ T9220] ? lockdep_hardirqs_on+0x7c/0x110 [ 339.226116][ T9220] do_syscall_64+0xcd/0x260 [ 339.226151][ T9220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.226174][ T9220] RIP: 0033:0x7f445098d169 [ 339.226191][ T9220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.226213][ T9220] RSP: 002b:00007f445174a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 339.226234][ T9220] RAX: ffffffffffffffda RBX: 00007f4450ba6160 RCX: 00007f445098d169 [ 339.226248][ T9220] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 339.226262][ T9220] RBP: 00007f445174a090 R08: 0000000000000000 R09: 0000000000000000 [ 339.226276][ T9220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.226289][ T9220] R13: 0000000000000000 R14: 00007f4450ba6160 R15: 00007ffc87a14938 [ 339.226317][ T9220] [ 339.493928][ C0] vkms_vblank_simulate: vblank timer overrun [ 341.448859][ T9255] netlink: 12 bytes leftover after parsing attributes in process `syz.3.889'. [ 341.556426][ T9251] HfR: entered promiscuous mode [ 341.642282][ T9255] HfR: left promiscuous mode [ 342.176108][ T9265] netlink: 12 bytes leftover after parsing attributes in process `syz.0.891'. [ 342.242667][ T9264] HfR: entered promiscuous mode [ 342.328082][ T9265] HfR: left promiscuous mode [ 342.861550][ T9243] [ 342.863920][ T9243] ====================================================== [ 342.871022][ T9243] WARNING: possible circular locking dependency detected [ 342.878034][ T9243] 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 Not tainted [ 342.885139][ T9243] ------------------------------------------------------ [ 342.892167][ T9243] syz.2.884/9243 is trying to acquire lock: [ 342.898077][ T9243] ffffffff9012d9e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 342.907333][ T9243] [ 342.907333][ T9243] but task is already holding lock: [ 342.914700][ T9243] ffff88807e7896a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 342.924807][ T9243] [ 342.924807][ T9243] which lock already depends on the new lock. [ 342.924807][ T9243] [ 342.935202][ T9243] [ 342.935202][ T9243] the existing dependency chain (in reverse order) is: [ 342.944209][ T9243] [ 342.944209][ T9243] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 342.952840][ T9243] __mutex_lock+0x199/0xb90 [ 342.957890][ T9243] smc_switch_to_fallback+0x2d/0x9f0 [ 342.963702][ T9243] smc_sendmsg+0x13d/0x520 [ 342.968667][ T9243] ____sys_sendmsg+0xa95/0xc70 [ 342.973955][ T9243] ___sys_sendmsg+0x134/0x1d0 [ 342.979162][ T9243] __sys_sendmsg+0x16d/0x220 [ 342.984297][ T9243] do_syscall_64+0xcd/0x260 [ 342.989368][ T9243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.995795][ T9243] [ 342.995795][ T9243] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 343.003466][ T9243] lock_sock_nested+0x41/0xf0 [ 343.008693][ T9243] sockopt_lock_sock+0x54/0x70 [ 343.014044][ T9243] do_ip_setsockopt+0xfe/0x3240 [ 343.019426][ T9243] ip_setsockopt+0x59/0xf0 [ 343.024381][ T9243] raw_setsockopt+0xb7/0x2a0 [ 343.029514][ T9243] do_sock_setsockopt+0x221/0x470 [ 343.035088][ T9243] __sys_setsockopt+0x1a0/0x230 [ 343.040481][ T9243] __x64_sys_setsockopt+0xbd/0x160 [ 343.046123][ T9243] do_syscall_64+0xcd/0x260 [ 343.051165][ T9243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.057582][ T9243] [ 343.057582][ T9243] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 343.064802][ T9243] __lock_acquire+0x1173/0x1ba0 [ 343.070204][ T9243] lock_acquire+0x179/0x350 [ 343.075226][ T9243] __mutex_lock+0x199/0xb90 [ 343.080277][ T9243] do_ipv6_setsockopt+0x2042/0x4420 [ 343.086011][ T9243] ipv6_setsockopt+0xcb/0x170 [ 343.091306][ T9243] tcp_setsockopt+0xa4/0x100 [ 343.096423][ T9243] smc_setsockopt+0x1b3/0xa00 [ 343.101623][ T9243] do_sock_setsockopt+0x221/0x470 [ 343.107187][ T9243] __sys_setsockopt+0x1a0/0x230 [ 343.112565][ T9243] __x64_sys_setsockopt+0xbd/0x160 [ 343.118206][ T9243] do_syscall_64+0xcd/0x260 [ 343.123245][ T9243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.129658][ T9243] [ 343.129658][ T9243] other info that might help us debug this: [ 343.129658][ T9243] [ 343.139884][ T9243] Chain exists of: [ 343.139884][ T9243] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 343.139884][ T9243] [ 343.153454][ T9243] Possible unsafe locking scenario: [ 343.153454][ T9243] [ 343.160897][ T9243] CPU0 CPU1 [ 343.166258][ T9243] ---- ---- [ 343.171617][ T9243] lock(&smc->clcsock_release_lock); [ 343.176993][ T9243] lock(sk_lock-AF_INET); [ 343.183931][ T9243] lock(&smc->clcsock_release_lock); [ 343.191825][ T9243] lock(rtnl_mutex); [ 343.195828][ T9243] [ 343.195828][ T9243] *** DEADLOCK *** [ 343.195828][ T9243] [ 343.203966][ T9243] 1 lock held by syz.2.884/9243: [ 343.208896][ T9243] #0: ffff88807e7896a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 343.219457][ T9243] [ 343.219457][ T9243] stack backtrace: [ 343.225341][ T9243] CPU: 0 UID: 0 PID: 9243 Comm: syz.2.884 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 343.225370][ T9243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 343.225383][ T9243] Call Trace: [ 343.225393][ T9243] [ 343.225402][ T9243] dump_stack_lvl+0x116/0x1f0 [ 343.225435][ T9243] print_circular_bug+0x275/0x350 [ 343.225470][ T9243] check_noncircular+0x14c/0x170 [ 343.225508][ T9243] __lock_acquire+0x1173/0x1ba0 [ 343.225549][ T9243] lock_acquire+0x179/0x350 [ 343.225568][ T9243] ? do_ipv6_setsockopt+0x2042/0x4420 [ 343.225601][ T9243] ? __pfx___might_resched+0x10/0x10 [ 343.225635][ T9243] __mutex_lock+0x199/0xb90 [ 343.225671][ T9243] ? do_ipv6_setsockopt+0x2042/0x4420 [ 343.225704][ T9243] ? lock_acquire+0x179/0x350 [ 343.225722][ T9243] ? do_ipv6_setsockopt+0x2042/0x4420 [ 343.225754][ T9243] ? __pfx___mutex_lock+0x10/0x10 [ 343.225787][ T9243] ? finish_task_switch.isra.0+0x221/0xc10 [ 343.225819][ T9243] ? rcu_is_watching+0x12/0xc0 [ 343.225846][ T9243] ? trace_sched_exit_tp+0xde/0x130 [ 343.225881][ T9243] ? do_ipv6_setsockopt+0x2042/0x4420 [ 343.225912][ T9243] ? rtnl_lock+0x9/0x20 [ 343.225931][ T9243] do_ipv6_setsockopt+0x2042/0x4420 [ 343.225966][ T9243] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 343.225999][ T9243] ? __lock_acquire+0xaa4/0x1ba0 [ 343.226039][ T9243] ? __mutex_trylock_common+0xe9/0x250 [ 343.226061][ T9243] ? __pfx___mutex_trylock_common+0x10/0x10 [ 343.226082][ T9243] ? __pfx___might_resched+0x10/0x10 [ 343.226114][ T9243] ? rcu_is_watching+0x12/0xc0 [ 343.226140][ T9243] ? trace_contention_end+0xdd/0x130 [ 343.226161][ T9243] ? __mutex_lock+0x1ca/0xb90 [ 343.226193][ T9243] ? smc_setsockopt+0x100/0xa00 [ 343.226216][ T9243] ? __pfx___mutex_lock+0x10/0x10 [ 343.226251][ T9243] ? ipv6_setsockopt+0xcb/0x170 [ 343.226281][ T9243] ipv6_setsockopt+0xcb/0x170 [ 343.226313][ T9243] tcp_setsockopt+0xa4/0x100 [ 343.226339][ T9243] smc_setsockopt+0x1b3/0xa00 [ 343.226361][ T9243] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 343.226398][ T9243] ? __pfx_smc_setsockopt+0x10/0x10 [ 343.226421][ T9243] ? errseq_sample+0x53/0x70 [ 343.226451][ T9243] ? __pfx_smc_setsockopt+0x10/0x10 [ 343.226473][ T9243] do_sock_setsockopt+0x221/0x470 [ 343.226507][ T9243] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 343.226548][ T9243] __sys_setsockopt+0x1a0/0x230 [ 343.226577][ T9243] __x64_sys_setsockopt+0xbd/0x160 [ 343.226603][ T9243] ? do_syscall_64+0x91/0x260 [ 343.226634][ T9243] ? lockdep_hardirqs_on+0x7c/0x110 [ 343.226669][ T9243] do_syscall_64+0xcd/0x260 [ 343.226702][ T9243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.226725][ T9243] RIP: 0033:0x7f610a78d169 [ 343.226742][ T9243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.226765][ T9243] RSP: 002b:00007f610b502038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 343.226785][ T9243] RAX: ffffffffffffffda RBX: 00007f610a9a5fa0 RCX: 00007f610a78d169 [ 343.226799][ T9243] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0400000000000003 [ 343.226813][ T9243] RBP: 00007f610a80e990 R08: 000000000000056b R09: 0000000000000000 [ 343.226827][ T9243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 343.226840][ T9243] R13: 0000000000000000 R14: 00007f610a9a5fa0 R15: 00007fff6eef1b68 [ 343.226861][ T9243]