last executing test programs: 4.90761428s ago: executing program 1 (id=6239): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (fail_nth: 9) 4.253959445s ago: executing program 1 (id=6241): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) r0 = timerfd_create$auto_CLOCK_TAI(0xb, 0x6) ioctl$auto_userfaultfd_dev_fops_userfaultfd(r0, 0x8, &(0x7f0000000240)="0748952de8bb7a2f7bd544c9c5047a625a16a28e820afdbb1af3f4822fef406b26098f92ef8db619387d9e4e16244551f2c38c3369b571278090a79db55aa4ec32fff462df7ec2fd71c718f006ab1fbc827da8599a571dce69b8b130161d7e1685fb1c60edaf60005fa8219fe61483b1ca2114a509acda6d486bf17e8f3f0005f62425a1315e19facd9b99f630265bb6fc0295e172d7f5a0956b3ff8a372db8e2a18ad6b9df4a538ef9e6fdae2d27d554f5d6a4678fea8c1d2d2e16d4d6b1dd2f79ccf7660") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x1142, 0x1ffe}, 0x4, 0x0, 0x0, 0x8) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) ioctl$auto_IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0) read$auto(r2, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x9}, 0x3) mremap$auto(0x200000001000, 0x4, 0x4, 0x3, 0x100000000) 3.31368213s ago: executing program 0 (id=6243): ioctl$auto(0xffffffffffffffff, 0x89f2, 0xffffffffffffffff) mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, &(0x7f00000000c0)={0x225c17d03}, 0x0, 0x5) futex$auto(0x0, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x4000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8008000) unshare$auto(0x8000000) semtimedop$auto(0x7, &(0x7f0000000200)={0x3, 0x6, 0x1000}, 0x3, 0x0) unshare$auto(0x8000000) read$auto_fault_around_bytes_fops_(r0, &(0x7f0000000100)=""/165, 0xa5) socket(0x2, 0x1, 0x0) socket(0x30, 0x4, 0x6) 3.249175121s ago: executing program 1 (id=6245): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x29, 0x5, 0x0) setsockopt$auto(0x3, 0x0, 0x21, 0x0, 0x28) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/status\x00', 0x90141, 0x0) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x1258, 0x1, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x5, 0x80003, 0x1, 0x1ffffffffffd, 0xb4, 0x10000003, 0x7, 0x10007, 0x80, 0x2a0, 0x0, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100000000]}, 0x1fe, 0x10) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000080), r0) r3 = semctl$auto_GETPID(0xffff0357, 0xe7, 0xb, 0x5ec) r4 = geteuid() setreuid$auto(r4, 0x0) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000580)={0x18e4, r2, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_ACTIONS={0x247, 0x2, 0x0, 0x1, [@typed={0xc, 0xc7, 0x0, 0x0, @u64=0x3}, @generic="96d4ededa3d7c264b7f5f071617579045e78b2beb9e5ed57c21377fc2257782b77db484d3922d0c05cbf95f4d5e6658f827fb0bce3645de8f009b55dd9b8fea2f51a81dc90e88ecacf61844f6410f55ada79846fcf6fb6ce4836bec4d023d7c8da840ecdbd92c32c7993ca", @typed={0x8, 0x8e, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x1a}}, @generic="17eaade57c20add3db94658ab36db0fd2bdaff31059d9a497ec8385cc291a08ce8a54d087a3b72545cb88984c7ca715d7c4d600f90ca58fc6e36518238d936b99d38897f2937443e5123e586dd032b26f977e7e952dd29fe66bdc64d35199bd8e3d8155d92ded4e2473d096a1c5fbe68c41fd4b2b8c9e8579e7175b0d39737da116407ce6991516de1be467b22756c69fbf99008c707e76d2959be7c74d25319de2f92e59e412143fd3abc92d1332df902b2011f72440bcdbebc9c4ba6a61e4b51b4d572ca4eb64457de3fac06c794b8cb4693f40b5848949c8fe0e9c48caa2068bce8cbeb37472eb21cafd83d3abc08d57d4a1330e0f2b6c5cc449640d253", @generic="8d212bb604882d69ddccbfd92806044b43089c74701fae9a0898934cee7688b59fa7883d411360a536502832607e771800cfa49b25b17d60ec28b95a53d1380e1258dac379c5559db4739a566156dac1014eaf4b1afb296dc643f59d4e2bbeb6d292b15aef2bc8d0977652e2d32e4fdaa8f64a4cb23accec72294c4ae4abdc1f376cb9c57013eb929b772be550f0afaabda1ecc55cd056e0bdcb58f4a657f1db4151b51cd493145ad3485f303b4d83b6aab804e6723bd1f8f7b831761bf4c90326f4785fbc"]}, @OVS_FLOW_ATTR_MASK={0xab, 0x7, 0x0, 0x1, [@generic="ded4be29d36f470310c9bb458e23be322a8cb83436cccdbdff898c00415f3e9108991b7ba2b0d98f09422918d130b66533e41dcb843601a04e765ac01a7da662d52d6d827186889ff491e2c6b784be7c1e208628d3f12a3f3f8133e96da989a7c8f00c256e173f0c89491e690773fffa3a0386e6bd6167c89f4447c4bfd0c1ecca48819d7603c3efabc171771a380256794087a77e6f5d1ef58f8ff87ab0a69b7905bee8d72f4c"]}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0xe5}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_MASK={0x148c, 0x7, 0x0, 0x1, [@nested={0x14, 0x77, 0x0, 0x1, [@nested={0x4, 0x74}, @nested={0x4, 0x12c}, @nested={0x4, 0x6f}, @nested={0x4, 0x3c}]}, @generic="da631418efdfdf149db5debe61b75a8d5169344d0bf9b843dc8d9364c0b4e5cf0f3767038f282e241dc1fb3eb43ae65848097514b3576f382c0019e3d11d8d43febcea055eb067e6e53c3dc841cf5f0b13a667c09bf1b48903df4cc03ccdf7d3d18fcd7e18764765b47b332c39bedbcf621dadf953aa0f85", @generic="a65e6ebea6f8f7a7412f08d0b84e9917", @generic="8d6c88de05922370a98fd6a3c82c074b1d149f3d37f360085bc5849043f2e07dcd9098278bc69f1c232fa4657015715f04122a51558b6772e7d4d46c87be586e1e70e07e2a94478fdf700b96098cb1d8177cfeb0ae2ab3b779ae2a87d931f42b2e1bba7e5d381dafd957a16b76ed1e09e20be751fbea352958face8f5f894a1395a6ea03af5efc9bbcff4c0a6fa32e75a2ec28c995199dfca963007e7959c0900bc58ddb905ca9e71909656e761712474e412b9069a54f00db26e2e40500560dee863bb7ed612053796b0cdab59d855eac186bc97a86677ac672b3d64e93c34d96b3185fb28bb04203ff99ea4800e9384868d0a37ceb8b5c432a007b89ea3667b0e8bfca275ea763eced83d2cf183ea394e82ca35babf5f99d1611482950ccfbdd00da56c1f56f7f29e1ed57816e3220fe007905d0156d680d3054137cb021fba8227c31c55586a1756dba91ceef86f8b265349f4eeb8111d7610d8199cd7b5c9a89f318e8b1802cf80156a9f63650e9bbbd13352f03d497b4973f789ac2918bfde3374058ef5af1fdf5ddf1c11b2a5907eb1725f76d065e94f92e144282660dbfdf01fc1af6b88b25e18de757aa5e6d85472d28aa14774ab6f2cdf99d55324d9729ea34f264ae6e26743a1f7bddc91085c8e94fcfdd4000681721eb981754e0ecfd82a017857f20bda300473a0f47a81da6ea806242b4de6620c19529fc3bd090907245b82f43fa956f2b1a5f5a07c3abaea4aacf860e0f4ad12ac19b11e79daea78e9463f69da982a0f65e08661ec3cfaf8fa7d4d96cb7e5dd5d2084ba2d0def601d27ff24bf7dede60865badb1edfa2a11a2473f45d565ac406d12f220d13643b443a32725c2ba1ae04d5aea01898713ac62a0c49b9dbf17c91999cd6b31d7954e59efccf20f7c659fdaf8e0c22959e27348ccbc06141c5d16165af198a48cae76941ba3efce5cfa08f38a0f35b7e89bd90b026ceae313a506966184bd58c8840c68a61c8c351a1575d43e7bb5e14587f7ae61e288e0768f50399a9c5f15fb770cc98aecc79fdffb422908fc78cf6cd15c718bab5812883be217aa1faa0536eaa817bdd0c29cee8cc8e37ad3b438a11bc21dbeb08301f217854301bb568f549e765910bf0d9887a56abe05e207093b61a71081aca71641c367745f1cbb4b477e70e4233851c6fb77fc8a5216ef37576c0049a138b8002a7ee61914ff143cec7616b42821a584944dd96d5ea6ec6a1fb91de9fe5276bfa42b3f62d267a9cf6984b9088207cc9e3bddfd41208cef7b21ef35ab6b469372d271b6d7a60af07cab81b59f9e15262d7ae80632f5435113dadfe87b82d3b50d447dc2229051c4ff5077dd57961a6faa73290f9609d6935914a9b75f58d355f78e8e0d0f80678475cf88fbfd3d5791a8cfc46e6c4b5d31ff84ace96c406b42a0df62dc86413f5d44bd6ce11e20f7240a60a11a57824ff68259a9bd32c8f5456dfc1b5c62c8cdf88dbb3fcf014409a7757935c97d00ee4c6eebe3236356f4cf041a09b4244f7b3005c9139bb888d9aeb2e071c7eb1543974d15a62687184e86483907814f1a25c3e8406e806bdc956851672d208c0ec56b4ef7d6b0b3bc8912aa21a6e9f32e7d10c75498a25429683d0ee9a3811ff94453e6ba528f365628c33aec01aff59cd35dce6133b1a5ada73e72513308028557e8fa96bd23fccee3ea9bc9bb552935261497678f139b92b8967f1834bb2d0ca1eb4c02fcea8e1c31b81ec24c42a96375186afe52f3a71c5ad2c26d2e6905e04280de6832d1c8b9336bae05d5dab95de401be9dfb4105002029afaae866669576e735e08677e37b0bda47af77478bec3fa8cf065602534f452a5f8371ff9ade8ebf4e15a2de20f3dcea1df4c97f54195ff437e5f8bcbe401e849f0f6c22cd10b83aacd715851753e0fc26fed28961facf48ce27cdcdd457eaeb64c501fb0c22ce5e6504027c4f1c5fa76a78ec7032376544cfed6e3fd172ca219a5f9c64ffe535764c290ba923f0c07e7ec25127e02cb48f9b553b46a26ea7ffcea2d88c021c8c0ab52a617d52de55b758e1375c2cf19994c570bd714c2e74688ed9a328a3c021903450757911fe09683a9a57979d84b66154d0cc056c85d8cfe3fcbf9d732642e03a4a23fe5eedbfcdb54413f60f00e0cf3c501dd27feddf60d6860c18dffcbf07dc9e8676c3e8b52d7e1d6d0b06c85a7647adbdee0e0ddab65d70bf1d41527f98bd68cda56b36a54cb8ed80817ff252f47ec701900b788575a9e25325cab14b5f78e4df54fd1992cf6401ebe273fc6dfce819c823b60e77eb6cd8092a0bb1f141a277e4f086c9ad58e7802164b3da1b5c09a4c313c048c3c510a03269711073c430a310c186c641de3b9403b0a46b154b3f5fb4b4320d9f836ee08a3c3d33c3f1a5417bc25ee0f4f028c634279627d0644b13aacd59f846b71e8611b36af26ce88c9c31712dd5311e9a25c3a64720d0e8e4ccf2c9927a2b0851ee2b6790d1e8ad2ba75ff25b855913bbe59ca52a468401517e0bd99c061c222ef85c268b66e9db65f9841a9153d86b2a81db355df611566f6bb212097c7f3445a2c88a07a8a3968944884bfa3fb5f978a9b35870c67aea87006c64b1b61977b9d7569661c283315cb198da594ed4337b8fbd1c83beb2f9ed7425d4551d43326a4c784287eae3a3ed7e81bb9eb1e8bf9ad42f85064b5ab057f87a484fcbe40cdc697fbc3332995961ac72e4079d32e1c9da1f9672d104bbba295fcf11955ad0dd97c6d0c15c95c22254e4dc0812f9c6723169fc36fc7c8229631f402a49dc69b53ab1404a648645785d9ff9e9a99fa12ffaf643fac0473cc5eacc12e3e7f6db6e269ab38b8c972d01e07626ba62f8a9caa3060b94456183f256edf261037517c69471aec1a651393bc2fb6eb7f1bd75035644792814fbbf5c136ac03915cc5744ddba8ef57f9645b6e4d4c40002e4b9ce9d4a661ece09f8775549f4d1d30f99e62837268ec3a6b524bb0ecb527183cecbcddd55975291bf916a8408b838afbac987a89d0942b69f9873eaf9bd1a4ac14fc7477f0ad2612b51ab5c9fb97968463049f170e775d4082915ade57ee518acfa5ceaffae96271810734c8e6c9d02ecc42cffda47be208d90897e5ce8a454bee2b98a3add3f598ddbea789ada800e56ae8b6b75ae284e1f0a1e639619c792c3e9d69f652a65c08fea4b615032bd7eb051526477547e9477dfd6bc52d935b6327f71d73f1ea0c7d68cc694b83459f6578a54ef433f584706c57e194ce36603adedfabc17c6a21aac5ce6904556fea8dc0b2519af6b84fd785b8d8488a57a24668d0873f1bfd6587b12b9ae774e3b0b4697ea04db37f76b25afd747a58a3ae6bb8f82dd517d02d4f8233084aac17e93a2b717f458cc812df7a91585256c90a3da4ca4bcf6931a9925fb4a85e4763c4e907418515f17be78fa6fe9e756df6f72d0efe3a2623752506b18858a5f9b886cc27440e35cc231d783c9a95d95dd30c07e6c813983890ab81df1b65dc37a3be6cf0b5afc0225b0e3370c6d96175cc33f993ace0061b108d896177456a361fdd46f2d5992d2a7b3bf323c6d3f78ed65af388a60e8d748592a4e913fa5dde8341693da3642a89bb462ea2b6192acdb2e106898f451164fbbea7069e4ce3386cfcfb8d89f4b068c5ce79309ecd089fef6afc8d70169047fb2c1c363179078709c45928d17bc0f8e47036a6b98e068ea36d4d5f9ade59920a97b6d8c9dc9b8a90f42ad4001219f07de3c00cb1e9f3c9c8ef3a6f90b911c7db8307a1b03e5ce3b28e7e8a7f733b2762960501ad00e95f75ae60d3dbe7e702d21a6e04fb9dec929df095909171a2135de0785162750ecc11f57289041a68aaf53e168fe5db215de7cfb99f6152e42c64f9a4081ecb01aedb4fd269652d9f6e496ec34d258fd5f90b5096fe32c3ee7e7950101bbb569c5987a9acecc08594168decbdfb588eb9c15f04273658a4b309578e6cac80f8c9e824ce2f94d54611fe7f5424ed4a3fc7d2cd984cee3f47a0f3e8ddae48ecd7ad80b2983a99f7804656c4cdcd1de7b4d03376da6f11b3b78cd73142a91aa1f7a79ae36cec5046456daa0462d8021004114c2d08e6f2ad8e114f167a040eba5dabd1ebcbd30a80c18f831128a88f75b53f63b355afecc02bb0ca16b308c079f9c9b386f8f74e12bf8e398cea47309b9474cc0f2a18de73299b677885756b7975f68f4109a98ebd66887240ad62ac59ac2125b64b20e3084aa631bcd5b8a8e73731ea67257383eb31bb16d6f75958b17d126472c55713ee7b1f1b55d815c1ec9afccbf0395e953859e664a47f019973614f55df53d1f1fbf551b7330529579032ec8dce67ebef49f0dd44b5d86d88125d2f6da691bfe54496696d0cb2c4eac7acb59406c72cf8cf4663b081723e268d570dcd5df88a103224aac292b7f193f0de43a78d6a631620412c116ad52bbd14ffd62adb4ca98fb571cf29f133048e1c3ad1c32d33917637bff30d0ebd80a25a9d9617cee6585cfe312954528b58475c7d552fceb0e320035173abf633ea3a398181d278df21c9cad2b773a9c39000bea22217395c89b3bdccbba5fe2f5e3e48140086846cdea9a1d757065601b914954d76ea14f0bbb19c191182b5c47669e7431be378e5b0f2f626581dacdbf806599adc8813d39832fbd57df136c3dc115fd82c9abc86caef06da6c44441dd0630e812e614a51dcd60b639f47f54a940e32b18fd45c87074c422d1c423e59e08c53130b0bbc78fa2412e404b2dccf00e9799ca5c0e49dc55ebcbec4dc00918df97d2ab095770ae44a96c63a37af4fb34a22aa9fa2abb4a0bbbad44a83a0d782acb6dee7fbf90be17fd6c76f4e7d15204fcee40d9f5c7922d0bdd7b3dceabd066d7a081e49af09804fdc4587ee221fa83ffb2db1cb0a3dc297d88f29a4eda04d8c32e11c643f6430670e377cbcd581c6a105d0ee4f20204f3742cf1cd21f033d189cf4e6eb5157765e6a305a692efe902ecad5b02940c4dd7cdd4de32836be85f063b1f7a1dc6f34c2b28460e508f40c949acd66ecb22cb20b5c973df577ab2f558655676ea3651487568f4dadf1a7c92a1030a7e4ad6b35e420b1955c1caef37c46649bf6f9d00af27efd44f23997b2910a65787ed1138ce89f32ff5a8af291ed84766895fa4332feb8a322685c022b015bcc7f90e849fcdf40e77d6e3dd8a6437c0e376d0996a4eaab9818ff5b0d5f950ae64b8d8cb8f0251640357b014100e8fb837813668872f2162088354e28e493c487d67c413a1ab374870719a514b2991e3fd43e366d54e2d804a1947a195d628b080bf8b1e9f4e5d9de606eefda10e2dcd6941c83b19686f735dc2a90a0a698b6320cb5d2aab3758f9385acf48746edac1f047eda23e5e0ce50f8da5b20f9be72e4837080fd38fe9469f809a898f5cb37bde5a0483cdf6fd8173c3b24d5e9786a87dcecda820eb55ead96a3afabbc5f77861abcd5681cd2fe32344a219317dbc0614714dba9c20119d61bf0cd329d0b2ce6ed8c51694688be1c24351d6603f1c6b110241cc43239d824e767852d663983892ecae2c51f0743e02e73b9d2e7d9f50be294f511e3e618c8da56593c9ab3a815f2080686dc03091bf2114b022b7a84a0445db02ce72fb0dbfd88c7dc2261be751c4e872685b079aebfb668595ed444bee180f3d7290fb62287416bfcc51440720305039269cbad482dde841029dfc7e976f096a682535eaa11c6e8960d20a1d47cbcbe52fa90bb1781a8cb9dc6421b", @nested={0x6d, 0x148, 0x0, 0x1, [@nested={0x4, 0x52}, @nested={0x4, 0x129}, @generic="c09773213f", @generic="3f62ee866d50722e4351e079e6b916c4a23fda863428b05b80b2e5fa1fe25b6a08a6837a8cb80324840f6b748679bb23e5dac638d993d2a0b80375a21ffb129be04dbc89472e1fb48a304c89c826d2d90f4f57766a2a6edb3518a940"]}, @nested={0x1c6, 0x10f, 0x0, 0x1, [@nested={0x4, 0xa6}, @generic="182193c31c936f7c3609757c03ddf0aff0ec363fa0e32a9fd2d344598bf2de7d2e3e0605978306c597f71dfc8f0f9cdae37b2beb1798c2d5a7cf22e34fcb91cffa8c008fbdf4b87f0be2c42e2084f8256340fcdc7909989974e6df60efcc2ad2a87751bef6d8056e18c23127bd7e37e481ef9c217c107f93c1108c6efed80b3733ac86faacc9973e26977f15a89c5116d12f4290b7561e6b561b207afde5faa4b9790645", @typed={0xec, 0x11, 0x0, 0x0, @binary="2d86a539a78a7f6592b34a17bcb78b0265f55e10288422bd0effde7e8363bcdaa5fdf5bf331bdc97734dba5c373771cac62610231af93698e6ab375ec98184cbaecffd85e6434452eaa872ed235ede38890e9085a5dd8527001d38ff4d88468b17fa8b06ade52c631b2d985a3e93e306ceb66001115204d31c03c4b93aca86f12c61075c08e8cab68a4aa5c66ad7ce77e991e6c51021fcfb7fda9d82257b20e97e3ae5ec9506169af8c29bfdf40f314bfe7dc5a89ead0861384974716fa73c112de848c5c5d8e47b887f1dd7799a801c537ba2637090f8a61f36b64952f76bc4ec4caa37b18a8c15"}, @nested={0x4, 0x9b}, @typed={0x8, 0x1f, 0x0, 0x0, @pid=r3}, @typed={0x8, 0xd7, 0x0, 0x0, @ipv4=@remote}, @nested={0x4, 0x12f}, @nested={0x4, 0x1}, @generic="cc644e236bc15f51e3f8aee067f52a4c0a8a"]}, @nested={0x2c, 0x11e, 0x0, 0x1, [@typed={0x4, 0x1e}, @typed={0x8, 0x11f, 0x0, 0x0, @uid=r4}, @nested={0x4, 0x126}, @typed={0x14, 0xd7, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4}]}, @nested={0x127, 0x12b, 0x0, 0x1, [@generic="ef3c57cad105f6193488c33f431d6202082aadb84b813bf5628c0200fc45186eec7c9e87072ce79b013731d688c228fbf68b70126407e5895684c2910a0a50e2352b187e178921e9f20ef34e89836f8f27df5ae620cc3f9e9a9da4c2b003ebb4b0787f5e86d24d7bb8f7343ac4171003916edfbdead0f4dbbf0d160cf5c72575ac464a8e78c8d0d37729f29ec0403f91f15cb03e130b57007a89f07d80ea94ea429b2b5b7089f501124fa6fa4b9250602aeb8efa248815abbb9efe3d19a0a69e63bcf4fed2c8a04936e3935a24bc080233bf38c6576a0233126a11f3de357aba337ed8a0a77a2a5d064343c64ceddebb34c7ebb7ee3aa8fed49cf902", @nested={0x4, 0x40}, @generic="01d98a05bef95b13e0e53d55f331246ccbde67e85ddc2bb027be0c5eb61d7a", @nested={0x4, 0xd6}]}, @typed={0x8, 0x51, 0x0, 0x0, @u32=0x5}, @nested={0x55, 0x79, 0x0, 0x1, [@generic="2c6b452709f0327313f5b65ee1c98fe01ef1693c0968905f8a791d327c97fc0ba9a271981a5747cd58bb1c5e5ade2d84ffc81ed618e26798e2c7754f83c718fcf034b4020627ed2f627c269e6b385de0d3"]}]}, @OVS_FLOW_ATTR_MASK={0x13f, 0x7, 0x0, 0x1, [@generic="b9a1950ec958d240c2a26ec988ff33d9e20036d65d0817bbe1882c09529d853628adecc40c84414e565e9c0777a0810df37821747a4e3cd178f1a4e8be28193074b6128a9aa39b7fb8c716aa3a9c3533cab181d601700ad175bd4959fe52fac649938a21a22984a785a7f83830e3acb5093ff8792bafb2c5710b1bbb437ff9c49dff", @generic="1ee89695cf76dd5b4783e68d99f22389d90a7d4199f8bdb879ada12fcaeec49d2aa9fef84db5a6aaa06f5eb4877026da", @generic="456bf23a9ec1ad01df1cbef16c20f1668221d67cdb2801245f6333fd43da79fa5a43523d58c9cd816640688309c15a29e069c59cc4fa468dd8a5b10b0be3823e8575b7140ebc63466aaad6f77e786f9454c751007b00f86454071d4d06fd939758d3a5003867bd1ea9d6dbf5e474150c8306fdd84f9d2cfefef88164eefe23028f96ef8d6327df9519"]}]}, 0x18e4}}, 0x10) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd03, &(0x7f00000001c0)) 2.885070807s ago: executing program 0 (id=6246): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) capget$auto(&(0x7f0000000000)={0x19980330}, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff003) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x18, 0x5, 0x1) connect$auto(r2, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x80047437, 0x0) r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f00000000c0), r2) sendmsg$auto_NET_SHAPER_CMD_GROUP(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x8c, r3, 0x400, 0x70bd2c, 0x0, {}, [@NET_SHAPER_A_HANDLE={0x1c, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x6}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x7}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x1}]}, @NET_SHAPER_A_LEAVES={0x50, 0xa, 0x0, 0x1, [@NET_SHAPER_A_HANDLE={0x1c, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x651}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x4}]}, @NET_SHAPER_A_PRIORITY={0x8, 0x6, 0xacb6}, @NET_SHAPER_A_PRIORITY={0x8, 0x6, 0xfff}, @NET_SHAPER_A_PRIORITY={0x8}, @NET_SHAPER_A_WEIGHT={0x8, 0x7, 0x3}, @NET_SHAPER_A_PRIORITY={0x8, 0x6, 0xfff}, @NET_SHAPER_A_WEIGHT={0x8, 0x7, 0x7}]}, @NET_SHAPER_A_BURST={0xc, 0x5, 0x7}]}, 0x8c}}, 0x4000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x3b, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) unshare$auto(0xfff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop2\x00', 0x82, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x20400, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c0a, 0x0) 2.761504635s ago: executing program 2 (id=6247): memfd_secret$auto(0x0) 2.642985525s ago: executing program 2 (id=6249): r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) read$auto_force_wakeup_fops_hci_vhci(r0, &(0x7f0000000080)=""/218, 0xda) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000080), 0x0) socket(0x10, 0x2, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mlockall$auto(0x7) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYRES64=r0, @ANYBLOB="cd88202caf56f419ee6ad9e97b778ef6f99947"], 0xbc}, 0x1, 0x0, 0x0, 0x8800}, 0x40404c8) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen\x00', 0x200000, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) write$auto(r2, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) unshare$auto(0xb) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0) sendfile$auto(r3, r3, 0x0, 0x1000010000001fd) socket(0x1e, 0x4, 0x0) epoll_create$auto(0x3f) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000240), r4) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(r4, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001cc0)={&(0x7f0000001c40)={0x1c, r5, 0xa2d601c1e7b11e31, 0x70bd27, 0x25dfdbfd, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800000001) 2.580204864s ago: executing program 3 (id=6250): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) socketpair$auto(0x1, 0x0, 0xc, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x14f642, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0x40, 0x9b72, 0xffffffffffffffff, 0x0) ioctl$auto(0x3, 0x4020aea5, 0x38) 2.361506627s ago: executing program 3 (id=6251): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/ifb0/queues/tx-0/byte_queue_limits/limit_max\x00', 0xb02, 0x0) madvise$auto_MADV_MERGEABLE(0x8, 0x5, 0xc) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) rt_sigaction$auto(0x0, 0xfffffffffffffffd, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0xa, 0x801, 0x84) sysfs$auto(0x2, 0x100000000000036, 0x0) sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x1c, r1, 0x1, 0x78bd2d, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, r2, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r3 = io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NFC_CMD_SE_IO(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x40, 0x0, 0x10, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x1ff}, @NFC_ATTR_LLC_SDP={0x19, 0x13, 0x0, 0x1, [@generic="cb346a0caa4f84987d5f21dbde98fce43a26e764b5"]}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x2c}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vivid.0/video4linux/video45/power/runtime_active_time\x00', 0x103303, 0x0) socket(0x2, 0x3, 0xa) sendto$auto(0x3, 0x0, 0xf, 0x10, &(0x7f0000000140)=@in={0x2, 0x0, @empty}, 0x19) pwritev$auto(r4, &(0x7f0000001000)={0x0, 0x8}, 0x0, 0x3, 0x9) read$auto(0x3, 0x0, 0xf34) read$auto(r3, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/a\xeb\xe0\xec\x0elaves_active\x00', 0x3) write$auto(0x3, 0x0, 0xffd8) 2.351132378s ago: executing program 2 (id=6252): statmount$auto(0x0, 0x0, 0x1fe, 0xd) mmap$auto(0x0, 0x20006, 0xe2, 0xeb1, 0x405, 0xffffeffffffffc59) unshare$auto(0x40000080) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xf6f6, 0x8000) r0 = socket(0xa, 0x801, 0x84) listen$auto(r0, 0x3) getsockopt$auto(r0, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto(0x3, 0x8010aebb, 0x38) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x5228c3, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) shmdt$auto(0x0) setresuid$auto(0x2, 0x7, 0x8080) ioprio_get$auto(0x3, 0x2) mmap$auto(0x0, 0x40009, 0x3, 0x38, 0xffffffffffffffff, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x1) socket(0x10, 0x2, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 2.307487699s ago: executing program 1 (id=6253): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x1d, 0x0, 0x10000, 0x0, 0x962, 0x9}, 0x2e6}, 0x9a, 0x69ac, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0xb8b42, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000280)=""/65, 0x41) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) madvise$auto(0x7, 0x80000000000001, 0x80000a) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x3, 0x0) access$auto(&(0x7f0000000000)='}[,&*}\x00', 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mmap$auto(0x1, 0x400048, 0xdf, 0x1000009b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100002000, 0x0, 0x6, 0x2) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x1c1080, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) syz_clone3(&(0x7f0000000300)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r2, 0x0, 0x39b8) 1.909238385s ago: executing program 0 (id=6254): r0 = openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim5/take_snapshot\x00', 0x10f043, 0x0) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mlockall$auto(0x7) r2 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) r3 = socket(0x2, 0x801, 0x106) getsockopt$auto(r3, 0x6, 0x3, &(0x7f0000000000)='!-]*\x00', &(0x7f0000000040)=0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/ipsec\x00', 0xcc2040, 0x0) close_range$auto(0x2, 0xfffffffffffff000, 0x2) r5 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) flock$auto(r5, 0x1) r6 = open(&(0x7f00000000c0)='./file0\x00', 0x4081, 0x40) flock$auto(r6, 0x2) r7 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) write$auto_mousedev_fops_mousedev(r7, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0xf3c) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004) r8 = socketpair$auto(0x1e, 0x3ff, 0x8000000000000000, 0x0) ioctl$auto(r4, 0x4b72, r8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x101000, 0x0) recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) ioctl$auto(r1, 0x900064b0, 0x2000000000000c38) write$auto_nsim_dev_take_snapshot_fops_dev(r0, 0x0, 0x0) 1.474778336s ago: executing program 3 (id=6255): lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0x1002, 0x8, 0x80000000000000a, 0x40000402, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) socket(0x10, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0xf000, 0x9}, 0x7}, 0x3, 0x0) 1.395171825s ago: executing program 2 (id=6256): r0 = socket(0x11, 0x3, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f00000003c0), 0x5ea}, 0x5, 0x0, 0x8100, 0x1001}, 0x5}, 0x2, 0x100) 1.287663913s ago: executing program 2 (id=6257): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0x2, 0x2, 0x1) r1 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1b, r0, 0x10000}, 0x10) mmap$auto(0x80000000000, 0x9, 0x2000000e997, 0x8000000008011, r1, 0x8000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_congestion_control\x00', 0x121482, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty5\x00', 0x28400, 0x0) pwrite64$auto(r2, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_congestion_control\x00', 0xec, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.066163724s ago: executing program 2 (id=6258): unshare$auto(0x40000080) read$auto(0xffffffffffffffff, 0x0, 0x6) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/dummy0/stable_secret\x00', 0x100, 0x0) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xfffffffffffffc00, &(0x7f0000000100)="a2b36d0449473b7bcbcd6d7f6186e9de29e708c62b9db37658c96e1ed364c5d867daa7438de65e6d2aa369df7e32e2c897c4bd029f0845c6b5196ced8ef9b1a53b4011ed14a904f19072629f7cc6ed922acba72edc667e917861d1e7dc8a72ee61bc9cca5caba2a46a9b0656a4da3fcde38b") socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/platform/dummy_hcd.1/usbmon/usbmon2/power/autosuspend_delay_ms\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x0, 0x0) ppoll$auto(&(0x7f0000000040)={r1, 0x4, 0xa7}, 0x1c, 0x0, 0x0, 0x8) read$auto_drm_debugfs_entry_fops_drm_debugfs(r2, 0x0, 0x0) mq_open$auto(&(0x7f0000000200)='\\*)A\x00', 0x83, 0x9, 0x0) setresgid$auto(0x9, 0xffffffffffffffff, 0xffffffffffffffff) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = set_tid_address$auto(&(0x7f00000001c0)=0xffff) prctl$auto(0x45d7, 0xec, r4, 0x5, 0x1) r5 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bpf$auto(0x0, 0x0, 0x10) r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r6, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB]) read$auto_mISDN_fops_timerdev(r5, &(0x7f0000001a00)=""/4097, 0x1001) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen\x00', 0x200, 0x0) ioctl$auto_IMADDTIMER(r5, 0x80044940, 0x0) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) 1.065900498s ago: executing program 3 (id=6259): rt_sigqueueinfo$auto(0x0, 0x7e, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x41, 0x7e73, @_sigfault={0x0, @_perf={0xc, 0x40009, 0x9}}}}) r0 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r0, &(0x7f0000000080)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000200), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) (fail_nth: 9) 761.806287ms ago: executing program 1 (id=6260): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) socketpair$auto(0x1, 0x0, 0xc, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x14f642, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0x40, 0x9b72, 0xffffffffffffffff, 0x0) ioctl$auto(0x3, 0x4020aea5, 0x38) 761.663303ms ago: executing program 3 (id=6261): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) write$auto(r0, 0x0, 0x5) 676.106188ms ago: executing program 0 (id=6262): lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0x1002, 0x8, 0x80000000000000a, 0x40000402, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) socket(0x10, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (fail_nth: 9) 675.401821ms ago: executing program 3 (id=6263): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mq_notify$auto(0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) r0 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) socket(0x2, 0xa, 0x106) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.kmem.tcp.limit_in_bytes\x00', 0xc2481, 0x0) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) r3 = geteuid() sendmsg$auto_TIPC_NL_PEER_REMOVE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000001680)=ANY=[@ANYBLOB="1c130000", @ANYRES16=r2, @ANYBLOB="000225bd7000fbdbdf25140000006701018024fb4c597931342df01cbb3b4bc91de981e499a2b20ff891cdfe6957221c194304f8d3e2d1fad707f15610cf869378bf56926e2bb8d72aef8e1b27d439d7aa1c8379ba8e5e5074ddb8a9108c3395a480214e680db5337e738ebf797377d5c509b79366f7d7f3d7c97d3f5993104770c733329869ab27089e48ee40991f3e2bcd036c6bad2d1ee49a525b8cbd4960d3f7e335b0a1255404d53222de6fa07b39131b4901ca5295b3cd001b9f2dc64b202669bffa6a9912db2b4038a6dc34bc3ee7806aea80ba6ea7d43a94c368c79042e8d436539e61e9b702dde43414004600000000000000000000000000000000014f006c8014002f0020010000000000000000000000000002ddbfca269e1622980d1d0d62f891e0c7908024d912b057e92590c6639d78a1baf3472a386bb36d6ece5aca98f1fc1d59c8d09c26aee609eeaf409b57cfc0cbe825f0000022786e39ba205cf7ae3495159c2330269414001600fe800f15ce3de7c365fa0000000000ba69cb788c4ad4205f2fc691727724d354143b30288751e2012ec8c61a32a5e0ff7a278d6b32e2ef5773f0f833718438e4445121ab263875aef1b296e7cfb645ef64307bbc2b462e7c233c7866bc80632260dc0949ce680f68f52ef0d457350f59325374743a5c461982ba49e87dfb5154d03dfec4c400aa407f78f65a556f5b5146424ec7f3f4fae20f44613cd672f9b826e0040b7f132572e05ec53c3f743ec7db15be48321d7c9b91291ca8576493550e0fa53172ac9478aa1015af3499e388ca7a30e9a7eea02047de1905fd6819", @ANYRES32=r3, @ANYBLOB="009e1103804231165f4f7a54ca37982588e417e285e8bbc4e20b31f866e09b73678e87bbec5ae682b58fec0fdc1e8ce3440304fb5c06b4c8cd9492ebf01c7be8260c42ad5ba8b133205ab1a5a1f5ba3c12ea5ecee52260794f3aed5afba58dfc21e13bcb1a02337f02ad704e577977b89a1b2b25994305393356bce3a8f56545a4ef4b23f51cca69d4ef665210aecc3adcf23a5ce8dfd4d4991506f796950a3d671f24dd69b9607ac19758f6bf2f4d202d01d986798e7277033f82d1cf9085ae4f95596e83c90e4bc1bd2cd11b46fa552fa06b23f8db0654461f35e817dc780d8ce577d845ba2c1304d5e1d7432d1bca62f8e78ddc8631ad596832280463348a8b066a64c9c623a8834fb8d799cfe47f10abaaf15b7b1613e859278145214767ac1c5dd7381757e77cba352086810770ad3e38a33e661574e00604c9c7852e1816d9a8851cab6fc17e0013057aaf95ef60fcd24c65ef0ea90b14327a22e14f4d4d595a250218baca2577428ba2ea52ba1b057b8e27a7be7ddf99ca5383081a9d0c9ef05d4877b2a5b56c6ad72daac0b8616966243e954a90b4f515cf120b19654db71e7a948fbc0991d8fd86628115c5ac0ff45e712d21280a04802c2c12ceaf09e404b76baef9e932f65ac349353536b125526ca914fd076ae9b5c8e1efbd388de5f4dd503c84e58b7efdf5b33d7b8e3024f295e5a8b3bdf4cc6561fb1c40cc214b1d0c543f24a94f135b7a533dcfe7f8f9b5516db8766444da1e78a281f4d580592f1a63e08c388b5693e1a1a119f59c4231fafb693eeb2dea06c2e2f9291f4668f6c48893464c73dc1a4b4216c56b6591218a0f237baf81c4cce480a29d25800d53548f96066ef88568fdb2bb06d732653bdf0ebedc9dd5566fa86c3e5eb948a2c068e90d2a740dcba9a6720feb5ea0119a4c63fd407f3a47575af4a993e6c5a317c2ccf0c86aeb659ab7c5cc482b4fab86049cf5080c437f32f82cf07e37a7e8db0f61a5ac24d57b52d8a5a4cb68ca340a9efa71e72c40eeda03b9af7bda26fc484789737dd2f7d03bc677ae2a9a2ac741ddbc24111efa9176948abd7be2ae54025c4e462374554cc32591493d6dcefbd2979ac6b627e9d2e52b0ad9eb1e7d5168381b7c03382170ac3abf9cd72375eb7d27f56934d358c13faabe19afa5db141a77b4277d42c10ec249f0fec38c172ef5d34aba41a0b4a6041eae76a15172d0f6eb5132ccffff3a9b65b36522aed02afeafcfa5aaeec71f07ae1ef922b3f48f3c74f765a658570b76f62a74ae0bf88146ffcffe820b7a1195702ca02802384897b6f7d3bebe804e4dd10a8998f3e397f07cb1db99d37f1de0bd9914199585aad1881c57c02d83860bd5e37fab993c227702b720238cbe9fcfd6e0c041d807ba915316ad179d98aac607ae7967dc438c2087dcd30431c70c9f4ed2901477514842d66c792ea2f6f718d915a08227f2a2b37489706f2d78d678f03760f84652d3b23d4594b0e91d43962e603f0f9c43cfbe114c18846d21d7398d2a7dd564096ac8cd637a4fc05155b6f2e839a8e0c9cea9002067e5710f2670be6630cae5d7343a4a136e6491b31020585b7e5e994b272264a3c79610da1eb23ee7a83ba208ff45628f5cde35455b01a85037efbff5258937de3651d3435ece59ef5493f473ef45cf93154bf6e7955cd787f20b8d945ad3a7da738240834d32cd74a8af180136ec7f13b8499159e81b9278a0ec4cfac18adf46f9f59583f32f77134239f43bfd8b6010e1943158674641e6cc1fe2eaa107f550562d52e4f005bab041602c805a4eed77a53eef9762c4641a1abc6423d84ddecc7485722129f044c993d72a10cdb21419369444a8caae1e9403c9c27a5c71adaf2dc0f0d7f84750dedc1a35998b164884caeb7b3d5d9db03c5417002c4a4785f274994951c7e941b0631c5635cb2af84743db3abed24c0108a39e99e0aacbd510ca954d63983b2b31469cdbebb3603de0a700b881865972dbbeccb18e85273accc42f36f68506bfc200ddcbd30f9d3d5e5b7912e205a7be57b3e1aa2369c39089d5b6ff9cecb30b4d29437e5e8a4625daa672827a1fb2e5339657804200e6bc25bda611b16096398c9b53e0db36368245ed514da1fae95aecc24d317681fd5b5f93ec0f42edd872e10ece582b8158ffc80f15aea031c10f44493544c470d700c81079be0d77205d7934af410ef56069368ca108f82cfed3c3752c144c87d069353dc353e478a18edfd6dbd07d0cb0875ac6ca599a9efff5ca45b85dc2b913f31c89fbb387ddab704050cc69496e21b3fe20178f406aa0fee2338b0ef9e83fb468b671541037c2846200e9f06c93e71069c1b3b391fac79c6b40e3e0aaa9c5ad556415218fba1483efb022d51b56528bb51b85808cad78eef86be0a6997c10bda544cd883952c40def2298b9df5eb3d6feed66690fbc440e89acc28ea580eee9ed71b74ca02d5e9a8e6f395f808862761803f3eb6db309e7717c5a4806656e14b896c095ab6f53d9ae7fb7c121bc509170aa89d3a49fc46065ed9b62b2ff2832734b5098fbd3ff35b8f361367ab0efeab812a2d2a6280a98fd6580aa0399d4a7632c2225fb27a41115fc6a6812d8e8e04ac96e1bbb2ab9875afeb8c572850200dd8818ae499f58b0362b7238b810a68a995a7892154c42c68afdb4f041964ded28839239b830ae6a92ba5d9bdbabfd59ebfdfb1a1fbf5657872bc3644ddd40973e2ab18babd84aa67885767c6bc1f24a7740df537e2c6b50d806b04e2063db45004e64d64875ee285214c11572c4745701817e8b5b8554ccb18ebb7863aa33c4a0943bca024be875552687ae4206bdce91ed2938d3f99f39585a20c7e5a7c22e3b473aea707372cce74e472e58a3a3cd6f31a9a29b522eab8c902ada2be54cda6626aa25bf57ab1289a86bfaecf82403d9e6cdcab8aeb932cc0f73a436616c14a75e2454333d62973451455ce1391b1a94b579c31fe58190d4632ee0ea1033477437d9b109949d9a952956e447cb85cb10f336b8e00baf9df96c6f36a98f106f9a1219860a35aabcfa3a3fc3e5a2ff8379c98c8b66b70472e0beceaa22ab143297af50df92c04d352e63fb4171fd659b5d08844c29abcd14ec31e338367eb40ed372f367312a9daba0a470f9bd4117da6517dea540e974d05cdd22bafeb279dd0e72d58fc31d09b6cd9b7f280c4bbb9c855348ccc4cae753b63906325807b31333a60eb8f3e77d8fea7b2f3c1d38327849c0c8c697e9626b37c8f5e0ab686148113cb9e2f55f601dcd24490938dfbb4bc8cc90b9e2046635be4c37117bdbe2117490336ef8164847a2056ef42c98d884189a4a91073c25d3148f994bc14f4ed3b1554a243273be30108b25509c3ba1a4f2fd0b7d51cef40287308b09e370fef816608b318bdf4167905ba2eae79879c9823de5bfaf15cea7217be4425cba4a63af9bef87b20ac91a6f4a27e1830a8c5ffc05cb0c0a4b47a833e6296ec673fe432375b7cdec815c043f5e6a9b49dd094d694c0509b373f027a85594b1900a2f3f5df85197d5ef53078aba78fe65fb0c64da098cf44e197590e190ffcc054ce2f9c737def4a40e7060d92db672f34a522a5412fa8de55e3755969bca509ff97d33c7ad97103c8611b47ff8dd67a41fc062c990c81567492c11ac899dacb46ba45ce003969305ca7abc5b45fa7a1738aa74ff9dc80668984fa0a1c2cd549befc613cc5284bb0579080c215bbdf1ef641dbd055af8e677611e4bc03b655035e91507cb9d23cbd5fce07eabf22b78010773d7dfe42b44df45120d7604ffd94b53ad2128a79118fd11ad03f967d7c67c77d4de18295f0e6c349b9d7e9d2a11f1b7520096d5b7d4a0a8e5dcd18acb70394b3f0e36592e97d99c1e5570ae95132b5a4ca46082d2103f5e30eb61e8187a53908ea809ea83b74eda6134c559649baa7a2ea3142be91eb49c4ea3f3ddd171ca6be73f024b83089f72235c92bc65ecf1a758259d477a2bb8820ad8fa06958792b7d4e24ba552d8f9b1576e92a2b3dc1a1dfdced59f1f8b327000f9ad2bb1a9f7700829b028d05b5eed1e30f661775282ca4bdd1a0e56bbede5273a1bd1feea8cce680fd494181ca468e440d5163c685a51ad2efabf3cee45d87feb6f0a459d30f034ddd45c5705cf3c329ecae304a653e419e7671252235a288cb413e5f82c7123d8c5bc7238985422e4c19292b39815ca4b8534624e92812b65ac28a3edc74c925b45fea25308a294ab6d0d5c93aee03744556ec18aba771a03afb012987daca523cfe1454281260e065166462a74349df33d44f87136c218f5d07eed3ae8a637d92aa9df37f46afb44828a1c4b98e5c8ae0bb5ba19708afb7662bbfd58afc9faf5c271a3512e9fa8a9b32d8fb72591c1f632db9c3d28c74db8e2280ba119d82782d7d861936da5a800e289adf7b7f6da6acf618f1c7569cf4ef85dacd36b9dd4f5a0f0149c3b1a253bbdd5e5219ee409022fbd6ba555a2b61d6438b37ee1881ab477bfc3d4a33772ea2b740db6f909d44d14e16bf05cd049f98de4c55e1bdffd5818852f18babbaac82d76e039941b3837a518412e3e125d2f061d4f83a2fd338851e02d48c5f3a07626e78df423b0629a27e2226d28058312576038d595b6540e23399a056aff89287ab4b0ebe4d15ac64b76735d3f92d311ffb93d0ca7ec087c0b67a306de6b5eb5736ea8fe2c9ff838700061b4d79c50d7160c558d85e324d7e464e452f20ca851e61151108309169e554444b3918ccf930b9b45090bb51f6aff1c5e548c0229817e3b8ca64b9306ca9603c180480af34bf4c05b1ec222de1a6d1be497bce78c2ce0b5c399c512f5fa92e86a4054be24fd35c36a6cb355b8ec4dd40f439e06f924af07ec8f99ff85e98916de4e0714386b975626b7ae6a12fdfd3db1c64e49ef7af0ef5c17e0e52ada7326dbeb06a0e3e4e4ff75cbc56383480b39315dd3a6f79d041d59b8def4aa6283101c1b8e9e728be6302c2b2414e53f6f8439273c653722dd3a64de2879cf3b75358cbd60928c3d3c60addc5d08a92082beaf0bb2627795a3916cd62271388eb16eb535880ad00ade165c704bbefb3e36125369576c48bde4739f046ebc277a46a6ef9fc90d105802f9aacebd292de6809a87c6da9f9220fa51c6ba3ea9a85daef88d9417a4f7faff6b76754c836d3174763bb6ea434e75d6110bf3048ad0e9cf27345421b75defe7dd0d7262bf08b86c353998dffd67d72bc57b8ffe744ceac7e912380becbedc4cbaa80567c0815dc1eaa94cf3af151af5444eddad89d4e25f8c5926301d97e8d89cc3c7b4b5dacbcb88c316062cdba0b9ca2013b0cf65b30576de86008ac45cd6b79b3a40f8a8212146e4c05300889e00f4e72635f861f921da7496f8865fc506a2997fbd26d2e8c0a54e46790a5bb9b41c9a42f8953f4f38c4edee1e10917db2f3150fd355fa896fdeb67a292880f7f16c0b7f20ad59232158807c6fda7f9f1e1d4834bac2cb4ab4e0ac5a9f53358a0db2e58e9f17ef785cf3f8c758aeb091d9375e6da64626b4c452ff6c0075596b69a869a21445bbdd31d52a13533a1b64822c9f91d72862b54db47a2661ca09440039ee917c795e5dfcb0e9ca25ae91737370cf86451ddf4c06263e9e3b356e3c17d960f4986e8b1861836bf156e7fb09da506310ff8ba341fd4323150ebc49789d9b3588daaaaf6db335c817d42a2a11642337d46869bcb28715ba7d8cfaae7363c2473539c6e231370094ebd48b6b1ff427ab969047f65e37d3ec00350001450f9c9155e75cee40b929e860a57cdd4b886921c09516ae969b0babf3037db87d998bf945189cb467281e972f9305edc8a75a80bde1a7fc5dda82fc70ae8afe4180409e0ced2b9072ebbb8f4296493872370cffab29d0435323460d80deded5d7227a888776d07f3782c519b4610f84f2f0843f81809bf700d821300d4dffa3a85b3d53433471230b3eaa08acbaa95fdef88477c469b7cf8bc5392a0d30ed7b8e4494bb554233306ea78e4ead77059fff8f9c395535a55dd11be644679bd0747268319845cd6cac3156ab0e9848e2621ca3eccea7143c0255d6dfb33549b553839c9a4dc6694af5bb24a31ce14c889beaa660644304581f652a55ea90f9d1e077d0d8ec782b6f2f40b4cccdd2b29781c2fda70ad93c982f0b2fe3c267f0224a5972844e3646ececab9fd9c37d4c4c46a13ab55b0f45cd28f4ff0ea21bf17943406d03ff7302ba978073bfe6ce87181649e5448e85fd88d8d698703624fa1dbbbb4ef5473855e0d6d86845b5d9f4b1b0f7c871a38d453962ba32a54b7000ae5bff3b161d2056ebd0194a57880797f2976afb30be230000"], 0x131c}}, 0x4) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000640)={0x564, 0x0, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@THERMAL_GENL_ATTR_THRESHOLD_DIRECTION={0x8, 0x1a, 0x2}, @THERMAL_GENL_ATTR_TZ_TRIP={0x1cf, 0x4, 0x0, 0x1, [@generic="e4b09b18032ad4a6af0bea39a088af89e3eb725984a4579ce476e96e01bcce4a24d57db325e252af02a48638bbf97c9bb54239517e026582cc1ac0fef0cd07886d00192d3a693404f4d4f0d181c0088515f1595d9e44cff33dc407acd0a24c9cda04982caeaa1ddefcbb595d11bf7b8ac9f277b140050d60ae7c16eeb5924920672900f5d95509a82bcada0524f331530a6cee34d46fcd687b84e2207e127c8bef9da9", @typed={0x93, 0x5c, 0x0, 0x0, @binary="1f591bec02ca0ba9cbe84a7d3ad7c9f1c3dc674bfb6b420711f401abb9ffd6ce3eab40e534553fa6338db5cf61ab045f753c31cf03cf7d985fc2c56b2c3f977204d88c4d81e29eea14a73c2af95fb1cfe6f26fc81a16a595de0e3f62ea612d0a3920537101808afd187a50c9b1342414a44124562dcbf6605cccfc3931fb6774912621646a74ab65ff67f09b32936d"}, @typed={0xc, 0xa3, 0x0, 0x0, @u64=0x2}, @nested={0x7f, 0xe0, 0x0, 0x1, [@nested={0x4, 0x2e}, @nested={0x4, 0x7a}, @generic="cd56f0cf48770b5422301813d39d2be79e494f1eb6320cfcdbd282c0e74b489c6feb50c68999f7cda19914837d5b02da5f601950bb60323302a72fc8c81e27c95c9765b4b152bf5ca21d27223e88d49987d6e30fb48357c859a385c3b6709eccf4843c3b72cad5fb34d5f860b160b678bc9c1a"]}, @typed={0x5, 0xe1, 0x0, 0x0, @str='\x00'}, @generic]}, @THERMAL_GENL_ATTR_THRESHOLD={0x35d, 0x18, 0x0, 0x1, [@nested={0xe4, 0x65, 0x0, 0x1, [@generic="9c781308e84ed76e6dfb0b7baec29e192c0abe8e1f93d8c422870bc99c836de557e219aa39b4285f02dbc89eaf05c9322dea75b8df74e1e8eedf70fdc7b6e2bb0b0c634f65c970fd66131e938499e9f991a13970e50fd3f966c2942e9369924d61aeb07f13c6c01d5fd7516cc8404c757eb449004041bbf0817bd222f77aafdb5beb12906e536d21efc8518338ff26bcd9c24fc870b949b59d25bafb8e8dccbe731ad58b0271f334bdfe5d1faf9df73baf78d11564f82b62894510d1904e7ab6ff2ee79dc852c710", @nested={0x4, 0x9a}, @typed={0x8, 0x10e, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x13c, 0x0, 0x0, @pid}, @nested={0x4, 0x7e}]}, @typed={0x8, 0xf4, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x112, 0x0, 0x0, @uid=r3}, @generic="03ba3c20113db0a8199f7a5800b3f50a42ca909b106b7c8848d952a79ec9fe25a61821327c74189d423d3f3a2e4156e75462c2110d8e9042319522e7065c3164e3737cbb18af5fcdfb7ee387a17295a9cf8f8f065d6d507caed4b766120b6d773159eb78d7fa1a43f40b5b298a2203dc9d531fda0e181dd4", @generic="e302e56cc51c4d1d915e431e1e640f019d86fcf4d4684735ce09500747b87bd9347b2da93ee3a04a5b133fe997d2d71c0ed882442912ca60d79ab68f149266680c09873ee1346bceb778ff5c6f42a6deb0fa675c7fb92a2508e86218661541422a2327195505f2e9ecc84afa78dcbe464cc6e83c636bf2e40c4dc9a1aa2ce2dd9fdac02dc1f88a3a5566ce4314fd751d7bb950403c9942d803485689e155b57e3bb723420c8a101e7338cc048d87280c0c94b52164", @nested={0x135, 0x122, 0x0, 0x1, [@generic="9c4023e9093190e00ce088d53b9930fa7a2a754b995f11dffb15f7d0bdefc45ec41ba700c3fffd12a740ae46b8a58445e583201deb776e5dd1218bf598820303815b724444658d1d79ddb2256f04c4557db90e63cd152f14f3e8cea10c9c1fe7b0c6ce64b35ea97844c7d76340dce800970aeac0ace035e3191163c4aaaab5f299396ee224639a2bae18285ac66ebf8ac98d661cdc", @nested={0x4, 0x57}, @typed={0x14, 0x4e, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @local}}, @typed={0x83, 0x52, 0x0, 0x0, @binary="b879beea589ad3f4956e4050fe33c7fda8dbe169adeaaee5409e7218ea0ab58a06cfe8ea462b4e61ab9140c782537a611db0df86c505f310879578153df9639ce5b70bb07f99fabca4b70838bcfca1e9aab4d24ce83c888389909402ebcb9fcc344165f6b3be25ec06afa8f93a9de8de2240d3ddb8e93d03392c54fe2802a8"}, @generic]}]}, @THERMAL_GENL_ATTR_TZ_TEMP={0x8, 0x3, 0x50cf}, @THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x11, 0x8}, @THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x6, 0x80000001}]}, 0x564}}, 0x4000010) writev$auto(r1, &(0x7f0000000080)={0x0, 0x6}, 0x7) mmap$auto(0x0, 0x20009, 0x100000000df, 0xeb1, r1, 0x8000) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8002) rseq$auto(&(0x7f0000000340)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0x0, 0x8000006) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x110c234000, 0x1, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x7) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x80f02, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000100)="0001") sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="01002dbd7000fcdbdf25010000"], 0x24}, 0x1, 0x0, 0x0, 0x4c080}, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x17}, 0x187) msgsnd$auto(0x0, &(0x7f0000000600)={0x7fc, 0x7}, 0x400, 0x2) msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) 217.987195ms ago: executing program 0 (id=6264): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/netfilter/nf_log/6\x00', 0xa0202, 0x0) sendfile$auto(r0, r0, 0x0, 0x3fffff) (fail_nth: 10) 202.937755ms ago: executing program 0 (id=6265): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x200000000000, 0x200007, 0x19) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) ioctl$auto_SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f0000000180)={{0x521, 0x7, 0x6, 0x9, 0xfffffffc}, 0x6, 0x3, "c5a22f1570cdb0fe850e4cfaaf82a9c429d59c884998450cc5a6b0e78c6fd6e0"}) 0s ago: executing program 1 (id=6266): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) (rerun: 32) write$auto_console_fops_tty_io(r0, &(0x7f0000000040)="e18d5f3331c28a0461e3c318bfd9800e9b4d", 0x12) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_last_time_ms\x00', 0x2240, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/119, 0x77) (async, rerun: 32) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/macvlan0/addr_gen_mode\x00', 0x2002, 0x0) (async, rerun: 32) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0) (async, rerun: 32) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) (async, rerun: 32) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'caif0\x00', 0x0}) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) (async) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) (async) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r5, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)={0x1c, r4, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) (async) sendfile$auto(r2, r3, 0x0, 0x1) (async) ioctl$auto(0xc8, 0x800454d2, 0x0) kernel console output (not intermixed with test programs): 0000000000 [ 1477.880223][T30120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.880238][T30120] R13: 0000000000000000 R14: 00007fb48e7b5fa0 R15: 00007ffcb6bfac38 [ 1477.880274][T30120] [ 1478.196065][T30122] program syz.0.5764 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1478.719382][ T30] audit: type=1326 audit(4294968425.066:36): auid=4294967295 uid=21 gid=0 ses=4294967295 subj=unconfined pid=30127 comm="syz.0.5766" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb48e58e969 code=0x0 [ 1479.583343][T27973] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1354 with max blocks 15 with error 117 [ 1479.608644][T27973] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1479.608644][T27973] [ 1479.907520][T25473] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1479.927552][T30166] FAULT_INJECTION: forcing a failure. [ 1479.927552][T30166] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1479.942342][T30166] CPU: 0 UID: 0 PID: 30166 Comm: syz.2.5775 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1479.942377][T30166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1479.942391][T30166] Call Trace: [ 1479.942400][T30166] [ 1479.942410][T30166] dump_stack_lvl+0x16c/0x1f0 [ 1479.942448][T30166] should_fail_ex+0x512/0x640 [ 1479.942486][T30166] _copy_to_user+0x32/0xd0 [ 1479.942525][T30166] simple_read_from_buffer+0xcb/0x170 [ 1479.942561][T30166] proc_fail_nth_read+0x197/0x270 [ 1479.942594][T30166] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1479.942627][T30166] ? rw_verify_area+0xcf/0x680 [ 1479.942665][T30166] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1479.942698][T30166] vfs_read+0x1de/0xc70 [ 1479.942717][T30166] ? __pfx___mutex_lock+0x10/0x10 [ 1479.942738][T30166] ? __pfx_vfs_read+0x10/0x10 [ 1479.942757][T30166] ? __fget_files+0x20e/0x3c0 [ 1479.942776][T30166] ksys_read+0x12a/0x240 [ 1479.942789][T30166] ? __pfx_ksys_read+0x10/0x10 [ 1479.942808][T30166] do_syscall_64+0xcd/0x230 [ 1479.942831][T30166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1479.942846][T30166] RIP: 0033:0x7fe6b518d37c [ 1479.942858][T30166] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1479.942872][T30166] RSP: 002b:00007fe6b6077030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1479.942886][T30166] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518d37c [ 1479.942896][T30166] RDX: 000000000000000f RSI: 00007fe6b60770a0 RDI: 0000000000000004 [ 1479.942904][T30166] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1479.942913][T30166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1479.942921][T30166] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1479.942939][T30166] [ 1483.054397][T30205] netlink: 'syz.0.5783': attribute type 11 has an invalid length. [ 1483.090394][T30205] random: crng reseeded on system resumption [ 1484.648605][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.655183][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1485.525425][T30221] ovs_: entered promiscuous mode [ 1485.729313][T30227] input input52: cannot allocate more than FF_MAX_EFFECTS effects [ 1485.830085][T30225] can: request_module (can-proto-3) failed. [ 1486.530514][T30241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5791'. [ 1486.566413][T30241] netlink: 25 bytes leftover after parsing attributes in process `syz.2.5791'. [ 1486.795529][T30245] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.5795' sets config #0 [ 1487.095353][ T5836] Bluetooth: hci1: ACL packet too small [ 1487.177608][T30257] FAULT_INJECTION: forcing a failure. [ 1487.177608][T30257] name failslab, interval 1, probability 0, space 0, times 0 [ 1487.199698][T30257] CPU: 0 UID: 0 PID: 30257 Comm: syz.3.5797 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1487.199737][T30257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1487.199753][T30257] Call Trace: [ 1487.199762][T30257] [ 1487.199774][T30257] dump_stack_lvl+0x16c/0x1f0 [ 1487.199818][T30257] should_fail_ex+0x512/0x640 [ 1487.199853][T30257] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1487.199888][T30257] should_failslab+0xc2/0x120 [ 1487.199919][T30257] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1487.199948][T30257] ? mas_alloc_nodes+0x18b/0x8b0 [ 1487.199987][T30257] mas_alloc_nodes+0x18b/0x8b0 [ 1487.200027][T30257] mas_node_count_gfp+0x105/0x130 [ 1487.200062][T30257] mas_preallocate+0x53e/0xcd0 [ 1487.200090][T30257] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 1487.200127][T30257] ? __pfx_mas_preallocate+0x10/0x10 [ 1487.200164][T30257] ? anon_vma_name+0x75/0x100 [ 1487.200204][T30257] __split_vma+0x33b/0x1030 [ 1487.200238][T30257] ? __pfx___split_vma+0x10/0x10 [ 1487.200284][T30257] vms_gather_munmap_vmas+0x392/0x1310 [ 1487.200321][T30257] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1487.200371][T30257] do_vmi_align_munmap+0x27c/0x7d0 [ 1487.200403][T30257] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1487.200481][T30257] do_vmi_munmap+0x208/0x3e0 [ 1487.200513][T30257] move_vma+0xb67/0x1740 [ 1487.200556][T30257] ? __pfx_move_vma+0x10/0x10 [ 1487.200591][T30257] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 1487.200653][T30257] ? vrm_set_new_addr+0x208/0x290 [ 1487.200688][T30257] __do_sys_mremap+0xe38/0x15d0 [ 1487.200724][T30257] ? __pfx___do_sys_mremap+0x10/0x10 [ 1487.200764][T30257] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1487.200815][T30257] ? __x64_sys_futex+0x1e0/0x4c0 [ 1487.200854][T30257] ? rcu_is_watching+0x12/0xc0 [ 1487.200890][T30257] do_syscall_64+0xcd/0x230 [ 1487.200929][T30257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1487.200955][T30257] RIP: 0033:0x7f480718e969 [ 1487.200975][T30257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1487.201000][T30257] RSP: 002b:00007f4808064038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1487.201027][T30257] RAX: ffffffffffffffda RBX: 00007f48073b6240 RCX: 00007f480718e969 [ 1487.201045][T30257] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 1487.201062][T30257] RBP: 00007f4807210ab1 R08: 0000000100000000 R09: 0000000000000000 [ 1487.201080][T30257] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1487.201096][T30257] R13: 0000000000000000 R14: 00007f48073b6240 R15: 00007ffe9ae987f8 [ 1487.201132][T30257] [ 1488.840445][T30281] can: request_module (can-proto-3) failed. [ 1488.910393][T30272] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5801'. [ 1489.902300][T30304] Invalid ELF header magic: != ELF [ 1490.966442][T30330] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5817'. [ 1491.649125][T30347] FAULT_INJECTION: forcing a failure. [ 1491.649125][T30347] name failslab, interval 1, probability 0, space 0, times 0 [ 1491.715039][T30347] CPU: 0 UID: 0 PID: 30347 Comm: syz.3.5822 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1491.715076][T30347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1491.715091][T30347] Call Trace: [ 1491.715100][T30347] [ 1491.715110][T30347] dump_stack_lvl+0x16c/0x1f0 [ 1491.715148][T30347] should_fail_ex+0x512/0x640 [ 1491.715181][T30347] should_failslab+0xc2/0x120 [ 1491.715210][T30347] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1491.715237][T30347] ? skb_clone+0x190/0x3f0 [ 1491.715271][T30347] skb_clone+0x190/0x3f0 [ 1491.715301][T30347] netlink_deliver_tap+0xabd/0xd30 [ 1491.715339][T30347] netlink_dump+0x638/0xd00 [ 1491.715372][T30347] ? __pfx_netlink_dump+0x10/0x10 [ 1491.715429][T30347] ? __inet_diag_dump_start+0x434/0x7f0 [ 1491.715468][T30347] __netlink_dump_start+0x6d6/0x990 [ 1491.715505][T30347] inet_diag_rcv_msg_compat+0x275/0x2d0 [ 1491.715579][T30347] ? __pfx_inet_diag_rcv_msg_compat+0x10/0x10 [ 1491.715607][T30347] ? __pfx_inet_diag_dump_start_compat+0x10/0x10 [ 1491.715635][T30347] ? __pfx_inet_diag_dump_compat+0x10/0x10 [ 1491.715663][T30347] ? __pfx_inet_diag_dump_done+0x10/0x10 [ 1491.715696][T30347] ? sock_diag_rcv_msg+0x33a/0x790 [ 1491.715728][T30347] sock_diag_rcv_msg+0x372/0x790 [ 1491.715758][T30347] netlink_rcv_skb+0x16d/0x440 [ 1491.715788][T30347] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 1491.715816][T30347] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1491.715868][T30347] ? netlink_deliver_tap+0x1ae/0xd30 [ 1491.715905][T30347] netlink_unicast+0x53a/0x7f0 [ 1491.715940][T30347] ? __pfx_netlink_unicast+0x10/0x10 [ 1491.715968][T30347] ? __lock_acquire+0xaa4/0x1ba0 [ 1491.716009][T30347] netlink_sendmsg+0x8d1/0xdd0 [ 1491.716046][T30347] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1491.716092][T30347] ____sys_sendmsg+0xa98/0xc70 [ 1491.716127][T30347] ? copy_msghdr_from_user+0x10a/0x160 [ 1491.716155][T30347] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1491.716207][T30347] ___sys_sendmsg+0x134/0x1d0 [ 1491.716239][T30347] ? __pfx____sys_sendmsg+0x10/0x10 [ 1491.716313][T30347] __sys_sendmsg+0x16d/0x220 [ 1491.716344][T30347] ? __pfx___sys_sendmsg+0x10/0x10 [ 1491.716384][T30347] ? rcu_is_watching+0x12/0xc0 [ 1491.716425][T30347] do_syscall_64+0xcd/0x230 [ 1491.716462][T30347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1491.716488][T30347] RIP: 0033:0x7f480718e969 [ 1491.716509][T30347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1491.716533][T30347] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1491.716556][T30347] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1491.716573][T30347] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000004 [ 1491.716588][T30347] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1491.716604][T30347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1491.716620][T30347] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1491.716655][T30347] [ 1492.058952][T30350] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.5823' sets config #0 [ 1492.403448][T30355] can: request_module (can-proto-3) failed. [ 1492.608998][T30363] FAULT_INJECTION: forcing a failure. [ 1492.608998][T30363] name failslab, interval 1, probability 0, space 0, times 0 [ 1492.664237][T30363] CPU: 0 UID: 0 PID: 30363 Comm: syz.3.5824 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1492.664276][T30363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1492.664293][T30363] Call Trace: [ 1492.664303][T30363] [ 1492.664314][T30363] dump_stack_lvl+0x16c/0x1f0 [ 1492.664357][T30363] should_fail_ex+0x512/0x640 [ 1492.664392][T30363] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1492.664426][T30363] should_failslab+0xc2/0x120 [ 1492.664457][T30363] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1492.664489][T30363] ? mas_alloc_nodes+0x18b/0x8b0 [ 1492.664528][T30363] mas_alloc_nodes+0x18b/0x8b0 [ 1492.664569][T30363] mas_node_count_gfp+0x105/0x130 [ 1492.664604][T30363] mas_preallocate+0x53e/0xcd0 [ 1492.664632][T30363] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 1492.664669][T30363] ? __pfx_mas_preallocate+0x10/0x10 [ 1492.664708][T30363] ? anon_vma_name+0x75/0x100 [ 1492.664747][T30363] __split_vma+0x33b/0x1030 [ 1492.664781][T30363] ? __pfx___split_vma+0x10/0x10 [ 1492.664827][T30363] vms_gather_munmap_vmas+0x392/0x1310 [ 1492.664863][T30363] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1492.664915][T30363] do_vmi_align_munmap+0x27c/0x7d0 [ 1492.664950][T30363] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1492.665057][T30363] do_vmi_munmap+0x208/0x3e0 [ 1492.665093][T30363] move_vma+0xb67/0x1740 [ 1492.665131][T30363] ? __pfx_move_vma+0x10/0x10 [ 1492.665165][T30363] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 1492.665217][T30363] ? vrm_set_new_addr+0x208/0x290 [ 1492.665250][T30363] __do_sys_mremap+0xe38/0x15d0 [ 1492.665289][T30363] ? __pfx___do_sys_mremap+0x10/0x10 [ 1492.665329][T30363] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1492.665380][T30363] ? __x64_sys_futex+0x1e0/0x4c0 [ 1492.665419][T30363] ? rcu_is_watching+0x12/0xc0 [ 1492.665455][T30363] do_syscall_64+0xcd/0x230 [ 1492.665494][T30363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1492.665521][T30363] RIP: 0033:0x7f480718e969 [ 1492.665542][T30363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1492.665569][T30363] RSP: 002b:00007f4808064038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1492.665595][T30363] RAX: ffffffffffffffda RBX: 00007f48073b6240 RCX: 00007f480718e969 [ 1492.665613][T30363] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 1492.665630][T30363] RBP: 00007f4807210ab1 R08: 0000000100000000 R09: 0000000000000000 [ 1492.665647][T30363] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1492.665664][T30363] R13: 0000000000000000 R14: 00007f48073b6240 R15: 00007ffe9ae987f8 [ 1492.665701][T30363] [ 1493.509063][T30379] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5830'. [ 1494.213734][T30395] FAULT_INJECTION: forcing a failure. [ 1494.213734][T30395] name failslab, interval 1, probability 0, space 0, times 0 [ 1494.240918][T30395] CPU: 1 UID: 0 PID: 30395 Comm: syz.0.5834 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1494.240951][T30395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1494.240964][T30395] Call Trace: [ 1494.240974][T30395] [ 1494.240984][T30395] dump_stack_lvl+0x16c/0x1f0 [ 1494.241019][T30395] should_fail_ex+0x512/0x640 [ 1494.241048][T30395] ? fs_reclaim_acquire+0xae/0x150 [ 1494.241082][T30395] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1494.241111][T30395] should_failslab+0xc2/0x120 [ 1494.241139][T30395] __kmalloc_noprof+0xd2/0x510 [ 1494.241171][T30395] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1494.241204][T30395] ? tomoyo_profile+0x47/0x60 [ 1494.241228][T30395] tomoyo_path_number_perm+0x245/0x580 [ 1494.241253][T30395] ? tomoyo_path_number_perm+0x237/0x580 [ 1494.241283][T30395] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1494.241309][T30395] ? find_held_lock+0x2b/0x80 [ 1494.241360][T30395] ? hook_file_ioctl_common+0x145/0x410 [ 1494.241400][T30395] security_file_ioctl+0x9b/0x240 [ 1494.241429][T30395] __x64_sys_ioctl+0xb7/0x200 [ 1494.241461][T30395] do_syscall_64+0xcd/0x230 [ 1494.241494][T30395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1494.241517][T30395] RIP: 0033:0x7fb48e58e969 [ 1494.241535][T30395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1494.241557][T30395] RSP: 002b:00007fb48f349038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1494.241579][T30395] RAX: ffffffffffffffda RBX: 00007fb48e7b5fa0 RCX: 00007fb48e58e969 [ 1494.241594][T30395] RDX: 0000200000000040 RSI: 0000000000002286 RDI: 0000000000000001 [ 1494.241609][T30395] RBP: 00007fb48f349090 R08: 0000000000000000 R09: 0000000000000000 [ 1494.241623][T30395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1494.241636][T30395] R13: 0000000000000000 R14: 00007fb48e7b5fa0 R15: 00007ffcb6bfac38 [ 1494.241666][T30395] [ 1494.241676][T30395] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1494.411720][T30389] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5832'. [ 1494.665192][T30406] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5837'. [ 1495.505979][T30433] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5848'. [ 1495.932694][T30443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5851'. [ 1497.477569][T30488] can: request_module (can-proto-3) failed. [ 1497.866668][T30493] can: request_module (can-proto-3) failed. [ 1498.255910][T30471] kexec: Could not allocate control_code_buffer [ 1498.492222][T30501] can: request_module (can-proto-3) failed. [ 1498.929203][T30508] FAULT_INJECTION: forcing a failure. [ 1498.929203][T30508] name failslab, interval 1, probability 0, space 0, times 0 [ 1498.963588][T30508] CPU: 0 UID: 0 PID: 30508 Comm: syz.1.5867 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1498.963629][T30508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1498.963652][T30508] Call Trace: [ 1498.963663][T30508] [ 1498.963674][T30508] dump_stack_lvl+0x16c/0x1f0 [ 1498.963718][T30508] should_fail_ex+0x512/0x640 [ 1498.963754][T30508] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1498.963790][T30508] should_failslab+0xc2/0x120 [ 1498.963823][T30508] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1498.963855][T30508] ? __kernfs_iattrs+0xbc/0x3f0 [ 1498.963898][T30508] __kernfs_iattrs+0xbc/0x3f0 [ 1498.963938][T30508] __kernfs_setattr+0x4d/0x3c0 [ 1498.963979][T30508] __kernfs_new_node+0x53e/0x8a0 [ 1498.964009][T30508] ? __pfx___kernfs_new_node+0x10/0x10 [ 1498.964051][T30508] ? kernfs_root+0xee/0x2a0 [ 1498.964085][T30508] kernfs_new_node+0x13c/0x1e0 [ 1498.964125][T30508] __kernfs_create_file+0x53/0x350 [ 1498.964164][T30508] cgroup_addrm_files+0x546/0xc20 [ 1498.964211][T30508] ? __lock_acquire+0x5ca/0x1ba0 [ 1498.964244][T30508] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 1498.964293][T30508] ? css_next_child+0xcf/0x2d0 [ 1498.964326][T30508] ? css_next_descendant_pre+0x58/0x1a0 [ 1498.964362][T30508] css_populate_dir+0x386/0x530 [ 1498.964393][T30508] cgroup_mkdir+0x37e/0x1160 [ 1498.964431][T30508] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1498.964468][T30508] kernfs_iop_mkdir+0x10b/0x190 [ 1498.964495][T30508] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1498.964533][T30508] vfs_mkdir+0x590/0x8c0 [ 1498.964574][T30508] do_mkdirat+0x304/0x3e0 [ 1498.964603][T30508] ? __pfx_do_mkdirat+0x10/0x10 [ 1498.964635][T30508] ? getname_flags.part.0+0x1c5/0x550 [ 1498.964684][T30508] __x64_sys_mkdir+0xef/0x140 [ 1498.964713][T30508] do_syscall_64+0xcd/0x230 [ 1498.964753][T30508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1498.964781][T30508] RIP: 0033:0x7fd6cc18e969 [ 1498.964803][T30508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1498.964829][T30508] RSP: 002b:00007fd6cd050038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1498.964855][T30508] RAX: ffffffffffffffda RBX: 00007fd6cc3b5fa0 RCX: 00007fd6cc18e969 [ 1498.964874][T30508] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000200000000480 [ 1498.964892][T30508] RBP: 00007fd6cc210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1498.964909][T30508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1498.964927][T30508] R13: 0000000000000000 R14: 00007fd6cc3b5fa0 R15: 00007ffd728f5078 [ 1498.964967][T30508] [ 1499.292230][T30508] cgroup: cgroup_addrm_files: failed to add cpu.stat, err=-12 [ 1500.480849][T30531] program syz.2.5874 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1500.929064][T30548] can: request_module (can-proto-3) failed. [ 1501.872969][T30575] ubi0: attaching mtd0 [ 1501.877616][T30575] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 1502.597518][T30597] FAULT_INJECTION: forcing a failure. [ 1502.597518][T30597] name failslab, interval 1, probability 0, space 0, times 0 [ 1502.619925][T30597] CPU: 0 UID: 0 PID: 30597 Comm: syz.2.5891 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1502.619969][T30597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1502.619985][T30597] Call Trace: [ 1502.619996][T30597] [ 1502.620007][T30597] dump_stack_lvl+0x16c/0x1f0 [ 1502.620050][T30597] should_fail_ex+0x512/0x640 [ 1502.620087][T30597] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1502.620122][T30597] should_failslab+0xc2/0x120 [ 1502.620155][T30597] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1502.620275][T30597] ? vm_area_dup+0x25/0x760 [ 1502.620312][T30597] vm_area_dup+0x25/0x760 [ 1502.620347][T30597] __split_vma+0x17f/0x1030 [ 1502.620383][T30597] ? mas_next_slot+0x12d3/0x21b0 [ 1502.620420][T30597] ? __pfx___split_vma+0x10/0x10 [ 1502.620476][T30597] vms_gather_munmap_vmas+0x392/0x1310 [ 1502.620513][T30597] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1502.620565][T30597] do_vmi_align_munmap+0x27c/0x7d0 [ 1502.620601][T30597] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1502.620682][T30597] do_vmi_munmap+0x208/0x3e0 [ 1502.620719][T30597] move_vma+0xb67/0x1740 [ 1502.620756][T30597] ? __pfx_move_vma+0x10/0x10 [ 1502.620791][T30597] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 1502.620843][T30597] ? vrm_set_new_addr+0x208/0x290 [ 1502.620877][T30597] __do_sys_mremap+0xe38/0x15d0 [ 1502.620926][T30597] ? __pfx___do_sys_mremap+0x10/0x10 [ 1502.620966][T30597] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1502.621018][T30597] ? __x64_sys_futex+0x1e0/0x4c0 [ 1502.621063][T30597] ? rcu_is_watching+0x12/0xc0 [ 1502.621101][T30597] do_syscall_64+0xcd/0x230 [ 1502.621136][T30597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1502.621161][T30597] RIP: 0033:0x7fe6b518e969 [ 1502.621193][T30597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1502.621215][T30597] RSP: 002b:00007fe6b6014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1502.621240][T30597] RAX: ffffffffffffffda RBX: 00007fe6b53b6240 RCX: 00007fe6b518e969 [ 1502.621258][T30597] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 1502.621274][T30597] RBP: 00007fe6b5210ab1 R08: 0000000100000000 R09: 0000000000000000 [ 1502.621291][T30597] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1502.621316][T30597] R13: 0000000000000000 R14: 00007fe6b53b6240 R15: 00007ffee7b8b9e8 [ 1502.621349][T30597] [ 1503.460665][T30604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5893'. [ 1503.816460][T30606] can: request_module (can-proto-3) failed. [ 1504.038449][T30604] mac80211_hwsim hwsim30 wlan1: entered allmulticast mode [ 1504.905057][T30629] Invalid ELF header magic: != ELF [ 1505.538719][T30637] input: isc as /devices/virtual/input/input53 [ 1505.554349][T30637] FAULT_INJECTION: forcing a failure. [ 1505.554349][T30637] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.584970][T30637] CPU: 0 UID: 0 PID: 30637 Comm: syz.2.5902 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1505.585009][T30637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1505.585025][T30637] Call Trace: [ 1505.585035][T30637] [ 1505.585045][T30637] dump_stack_lvl+0x16c/0x1f0 [ 1505.585088][T30637] should_fail_ex+0x512/0x640 [ 1505.585122][T30637] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1505.585157][T30637] should_failslab+0xc2/0x120 [ 1505.585188][T30637] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1505.585218][T30637] ? __kernfs_new_node+0xd2/0x8a0 [ 1505.585248][T30637] __kernfs_new_node+0xd2/0x8a0 [ 1505.585273][T30637] ? kernfs_add_one+0x14e/0x840 [ 1505.585300][T30637] ? __pfx___kernfs_new_node+0x10/0x10 [ 1505.585336][T30637] ? find_held_lock+0x2b/0x80 [ 1505.585363][T30637] ? kernfs_root+0xee/0x2a0 [ 1505.585396][T30637] kernfs_new_node+0x13c/0x1e0 [ 1505.585430][T30637] kernfs_create_link+0xcc/0x240 [ 1505.585466][T30637] sysfs_do_create_link_sd+0x90/0x140 [ 1505.585507][T30637] sysfs_create_link+0x61/0xc0 [ 1505.585545][T30637] device_add+0x50a/0x1a70 [ 1505.585583][T30637] ? __pfx_device_add+0x10/0x10 [ 1505.585615][T30637] ? __pfx_exact_lock+0x10/0x10 [ 1505.585656][T30637] ? kobject_get+0xbb/0x150 [ 1505.585698][T30637] cdev_device_add+0xc2/0x1e0 [ 1505.585729][T30637] evdev_connect+0x3a4/0x4c0 [ 1505.585766][T30637] input_attach_handler.isra.0+0x184/0x260 [ 1505.585804][T30637] input_register_device+0xa84/0x1130 [ 1505.585842][T30637] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 1505.585886][T30637] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 1505.585950][T30637] ? xfd_validate_state+0x5d/0x180 [ 1505.585979][T30637] ? __pfx_uinput_ioctl+0x10/0x10 [ 1505.586018][T30637] __x64_sys_ioctl+0x193/0x200 [ 1505.586056][T30637] do_syscall_64+0xcd/0x230 [ 1505.586094][T30637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1505.586121][T30637] RIP: 0033:0x7fe6b518e969 [ 1505.586142][T30637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1505.586167][T30637] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1505.586193][T30637] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1505.586211][T30637] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000002 [ 1505.586228][T30637] RBP: 00007fe6b5210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1505.586245][T30637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1505.586262][T30637] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1505.586299][T30637] [ 1505.954260][T30637] input: failed to attach handler evdev to device input53, error: -12 [ 1507.581724][T30677] can: request_module (can-proto-3) failed. [ 1507.666301][T30676] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1507.818421][T30676] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1507.861012][T30676] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1507.876601][T30676] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1507.900174][T30676] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1507.993042][T30683] netlink: 'syz.1.5911': attribute type 2 has an invalid length. [ 1508.077547][T30685] Setting dangerous option i915.mitigations - tainting kernel [ 1508.420305][T30694] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input54 [ 1508.555380][T30696] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5916'. [ 1508.599831][T30696] mac80211_hwsim hwsim36 wlan1: entered allmulticast mode [ 1509.289725][T30708] FAULT_INJECTION: forcing a failure. [ 1509.289725][T30708] name failslab, interval 1, probability 0, space 0, times 0 [ 1509.303106][T30708] CPU: 1 UID: 0 PID: 30708 Comm: syz.3.5921 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1509.303149][T30708] Tainted: [U]=USER [ 1509.303158][T30708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1509.303179][T30708] Call Trace: [ 1509.303189][T30708] [ 1509.303200][T30708] dump_stack_lvl+0x16c/0x1f0 [ 1509.303241][T30708] should_fail_ex+0x512/0x640 [ 1509.303276][T30708] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1509.303311][T30708] should_failslab+0xc2/0x120 [ 1509.303343][T30708] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1509.303372][T30708] ? rcu_is_watching+0x12/0xc0 [ 1509.303396][T30708] ? seq_open+0x55/0x170 [ 1509.303433][T30708] seq_open+0x55/0x170 [ 1509.303464][T30708] __seq_open_private+0x3e/0xd0 [ 1509.303504][T30708] seq_open_private+0x24/0x40 [ 1509.303539][T30708] mounts_open_common+0x312/0x700 [ 1509.303574][T30708] ? __pfx_show_mountinfo+0x10/0x10 [ 1509.303610][T30708] ? __pfx_mounts_open_common+0x10/0x10 [ 1509.303648][T30708] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1509.303692][T30708] do_dentry_open+0x741/0x1c10 [ 1509.303720][T30708] ? __pfx_mountinfo_open+0x10/0x10 [ 1509.303759][T30708] vfs_open+0x82/0x3f0 [ 1509.303796][T30708] path_openat+0x1e5e/0x2d40 [ 1509.303836][T30708] ? __pfx_path_openat+0x10/0x10 [ 1509.303873][T30708] do_filp_open+0x20b/0x470 [ 1509.303901][T30708] ? __pfx_do_filp_open+0x10/0x10 [ 1509.303941][T30708] ? __pfx_kfree_link+0x10/0x10 [ 1509.303984][T30708] ? alloc_fd+0x471/0x7d0 [ 1509.304018][T30708] do_sys_openat2+0x11b/0x1d0 [ 1509.304052][T30708] ? __pfx_do_sys_openat2+0x10/0x10 [ 1509.304104][T30708] __x64_sys_openat+0x174/0x210 [ 1509.304136][T30708] ? __pfx___x64_sys_openat+0x10/0x10 [ 1509.304170][T30708] ? rcu_is_watching+0x12/0xc0 [ 1509.304204][T30708] do_syscall_64+0xcd/0x230 [ 1509.304244][T30708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1509.304271][T30708] RIP: 0033:0x7f480718e969 [ 1509.304291][T30708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1509.304316][T30708] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1509.304341][T30708] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1509.304359][T30708] RDX: 0000000000000800 RSI: 0000200000000440 RDI: ffffffffffffff9c [ 1509.304376][T30708] RBP: 00007f4807210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1509.304393][T30708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1509.304409][T30708] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1509.304445][T30708] [ 1509.341910][T30714] i2c i2c-0: delete_device: Can't find device in list [ 1509.400378][ T5836] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 1509.589817][ T30] audit: type=1800 audit(4294968463.865:37): pid=30718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5923" name="dbroot" dev="configfs" ino=122523 res=0 errno=0 [ 1509.684402][ T5836] Bluetooth: hci0: command 0x0406 tx timeout [ 1509.844233][ T5836] Bluetooth: hci4: command 0x0406 tx timeout [ 1509.934212][ T5836] Bluetooth: hci3: command 0x0c1a tx timeout [ 1509.934296][T25473] Bluetooth: hci1: command 0x0c1a tx timeout [ 1510.272404][T30735] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input55 [ 1510.599328][T30745] Setting dangerous option i915.mitigations - tainting kernel [ 1510.993040][T30756] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5935'. [ 1511.331946][T30768] FAULT_INJECTION: forcing a failure. [ 1511.331946][T30768] name failslab, interval 1, probability 0, space 0, times 0 [ 1511.405288][T30768] CPU: 0 UID: 0 PID: 30768 Comm: syz.3.5939 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1511.405331][T30768] Tainted: [U]=USER [ 1511.405339][T30768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1511.405354][T30768] Call Trace: [ 1511.405363][T30768] [ 1511.405373][T30768] dump_stack_lvl+0x16c/0x1f0 [ 1511.405411][T30768] should_fail_ex+0x512/0x640 [ 1511.405444][T30768] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1511.405475][T30768] should_failslab+0xc2/0x120 [ 1511.405505][T30768] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1511.405531][T30768] ? netlink_dump+0x9e7/0xd00 [ 1511.405557][T30768] ? __alloc_skb+0x2b2/0x380 [ 1511.405584][T30768] ? __pfx___mutex_lock+0x10/0x10 [ 1511.405620][T30768] __alloc_skb+0x2b2/0x380 [ 1511.405645][T30768] ? __pfx___alloc_skb+0x10/0x10 [ 1511.405671][T30768] ? _copy_to_iter+0x161/0x15a0 [ 1511.405703][T30768] netlink_dump+0x698/0xd00 [ 1511.405732][T30768] ? __skb_recv_datagram+0x1b2/0x220 [ 1511.405758][T30768] ? __pfx_netlink_dump+0x10/0x10 [ 1511.405784][T30768] ? __pfx___skb_recv_datagram+0x10/0x10 [ 1511.405823][T30768] ? skb_recv_datagram+0x88/0xc0 [ 1511.405858][T30768] netlink_recvmsg+0xa15/0xf20 [ 1511.405890][T30768] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1511.405919][T30768] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1511.405955][T30768] ? iovec_from_user+0xbb/0x140 [ 1511.405985][T30768] ____sys_recvmsg+0x5f9/0x6b0 [ 1511.406025][T30768] ? __pfx_____sys_recvmsg+0x10/0x10 [ 1511.406070][T30768] ? kfree+0x252/0x4d0 [ 1511.406090][T30768] ? __lock_acquire+0x5ca/0x1ba0 [ 1511.406126][T30768] ___sys_recvmsg+0x114/0x1a0 [ 1511.406155][T30768] ? __pfx____sys_recvmsg+0x10/0x10 [ 1511.406203][T30768] ? __pfx___might_resched+0x10/0x10 [ 1511.406244][T30768] do_recvmmsg+0x2fe/0x740 [ 1511.406277][T30768] ? __pfx_do_recvmmsg+0x10/0x10 [ 1511.406313][T30768] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1511.406355][T30768] ? __fget_files+0x20e/0x3c0 [ 1511.406385][T30768] __x64_sys_recvmmsg+0x22a/0x280 [ 1511.406416][T30768] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1511.406457][T30768] do_syscall_64+0xcd/0x230 [ 1511.406492][T30768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1511.406516][T30768] RIP: 0033:0x7f480718e969 [ 1511.406536][T30768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1511.406559][T30768] RSP: 002b:00007f48080a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1511.406582][T30768] RAX: ffffffffffffffda RBX: 00007f48073b6080 RCX: 00007f480718e969 [ 1511.406599][T30768] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000003 [ 1511.406614][T30768] RBP: 00007f48080a6090 R08: 0000000000000000 R09: 0000000000000000 [ 1511.406630][T30768] R10: 00000000000066a6 R11: 0000000000000246 R12: 0000000000000002 [ 1511.406645][T30768] R13: 0000000000000001 R14: 00007f48073b6080 R15: 00007ffe9ae987f8 [ 1511.406680][T30768] [ 1511.901706][T30775] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input56 [ 1512.004326][T25473] Bluetooth: hci1: command 0x0c1a tx timeout [ 1513.879670][T30806] FAULT_INJECTION: forcing a failure. [ 1513.879670][T30806] name failslab, interval 1, probability 0, space 0, times 0 [ 1513.976627][T30806] CPU: 1 UID: 0 PID: 30806 Comm: syz.0.5947 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1513.976670][T30806] Tainted: [U]=USER [ 1513.976678][T30806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1513.976693][T30806] Call Trace: [ 1513.976702][T30806] [ 1513.976712][T30806] dump_stack_lvl+0x16c/0x1f0 [ 1513.976751][T30806] should_fail_ex+0x512/0x640 [ 1513.976783][T30806] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1513.976816][T30806] should_failslab+0xc2/0x120 [ 1513.976847][T30806] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1513.976876][T30806] ? ptlock_alloc+0x1f/0x70 [ 1513.976906][T30806] ptlock_alloc+0x1f/0x70 [ 1513.976931][T30806] pte_alloc_one+0x6d/0x380 [ 1513.976959][T30806] do_pte_missing+0x1c0b/0x3fb0 [ 1513.976998][T30806] ? do_raw_spin_unlock+0x172/0x230 [ 1513.977035][T30806] ? __pmd_alloc+0x3c2/0x870 [ 1513.977066][T30806] ? find_held_lock+0x2b/0x80 [ 1513.977094][T30806] __handle_mm_fault+0x103d/0x2a40 [ 1513.977132][T30806] ? __pfx___handle_mm_fault+0x10/0x10 [ 1513.977181][T30806] ? find_vma+0xbf/0x140 [ 1513.977212][T30806] ? __pfx_find_vma+0x10/0x10 [ 1513.977248][T30806] handle_mm_fault+0x3fe/0xad0 [ 1513.977282][T30806] do_user_addr_fault+0x7a6/0x1370 [ 1513.977312][T30806] ? rcu_is_watching+0x12/0xc0 [ 1513.977339][T30806] exc_page_fault+0x5c/0xc0 [ 1513.977372][T30806] asm_exc_page_fault+0x26/0x30 [ 1513.977396][T30806] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 1513.977424][T30806] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 1513.977448][T30806] RSP: 0018:ffffc90004acfbb0 EFLAGS: 00050206 [ 1513.977469][T30806] RAX: 0000000000000001 RBX: 0000000000000005 RCX: 0000000000000005 [ 1513.977484][T30806] RDX: ffffed100667ffa4 RSI: 0000000000000000 RDI: ffff8880333ffd20 [ 1513.977501][T30806] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100667ffa4 [ 1513.977517][T30806] R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000000 [ 1513.977531][T30806] R13: ffffc90004acfda0 R14: 0000000000000005 R15: ffff8880333ffd20 [ 1513.977568][T30806] _copy_from_iter+0x391/0x15b0 [ 1513.977612][T30806] ? __pfx__copy_from_iter+0x10/0x10 [ 1513.977652][T30806] ? rcu_is_watching+0x12/0xc0 [ 1513.977676][T30806] ? trace_kmalloc+0x2b/0xd0 [ 1513.977705][T30806] ? __kmalloc_noprof+0x242/0x510 [ 1513.977741][T30806] kernfs_fop_write_iter+0x19a/0x510 [ 1513.977778][T30806] vfs_write+0x5bd/0x1180 [ 1513.977804][T30806] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1513.977837][T30806] ? __pfx___mutex_lock+0x10/0x10 [ 1513.977870][T30806] ? __pfx_vfs_write+0x10/0x10 [ 1513.977920][T30806] ksys_write+0x12a/0x240 [ 1513.977944][T30806] ? __pfx_ksys_write+0x10/0x10 [ 1513.977966][T30806] ? rcu_is_watching+0x12/0xc0 [ 1513.978004][T30806] do_syscall_64+0xcd/0x230 [ 1513.978038][T30806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1513.978062][T30806] RIP: 0033:0x7fb48e58e969 [ 1513.978082][T30806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1513.978105][T30806] RSP: 002b:00007fb48f349038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1513.978127][T30806] RAX: ffffffffffffffda RBX: 00007fb48e7b5fa0 RCX: 00007fb48e58e969 [ 1513.978145][T30806] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 1513.978159][T30806] RBP: 00007fb48f349090 R08: 0000000000000000 R09: 0000000000000000 [ 1513.978175][T30806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1513.978190][T30806] R13: 0000000000000000 R14: 00007fb48e7b5fa0 R15: 00007ffcb6bfac38 [ 1513.978226][T30806] [ 1514.668855][T30829] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input57 [ 1515.735523][T30859] FAULT_INJECTION: forcing a failure. [ 1515.735523][T30859] name failslab, interval 1, probability 0, space 0, times 0 [ 1515.765349][T30859] CPU: 0 UID: 0 PID: 30859 Comm: syz.2.5958 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1515.765391][T30859] Tainted: [U]=USER [ 1515.765401][T30859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1515.765415][T30859] Call Trace: [ 1515.765425][T30859] [ 1515.765435][T30859] dump_stack_lvl+0x16c/0x1f0 [ 1515.765474][T30859] should_fail_ex+0x512/0x640 [ 1515.765512][T30859] should_failslab+0xc2/0x120 [ 1515.765543][T30859] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1515.765571][T30859] ? sctp_add_bind_addr+0xae/0x3f0 [ 1515.765608][T30859] sctp_add_bind_addr+0xae/0x3f0 [ 1515.765645][T30859] sctp_copy_local_addr_list+0x39d/0x5a0 [ 1515.765697][T30859] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 1515.765739][T30859] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 1515.765777][T30859] ? sctp_bind_addr_copy+0xe0/0x530 [ 1515.765809][T30859] sctp_bind_addr_copy+0xe0/0x530 [ 1515.765850][T30859] sctp_connect_new_asoc+0x1d7/0x790 [ 1515.765882][T30859] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1515.765920][T30859] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 1515.765949][T30859] sctp_sendmsg+0x15f9/0x1ee0 [ 1515.765990][T30859] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1515.766035][T30859] ? __might_fault+0xe3/0x190 [ 1515.766065][T30859] ? __pfx_aa_sk_perm+0x10/0x10 [ 1515.766101][T30859] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1515.766130][T30859] inet_sendmsg+0x11c/0x140 [ 1515.766166][T30859] __sys_sendto+0x431/0x510 [ 1515.766194][T30859] ? __pfx___sys_sendto+0x10/0x10 [ 1515.766253][T30859] ? ksys_write+0x1b9/0x240 [ 1515.766277][T30859] ? __pfx_ksys_write+0x10/0x10 [ 1515.766300][T30859] ? rcu_is_watching+0x12/0xc0 [ 1515.766329][T30859] __x64_sys_sendto+0xe0/0x1c0 [ 1515.766353][T30859] ? do_syscall_64+0x91/0x230 [ 1515.766387][T30859] ? lockdep_hardirqs_on+0x7c/0x110 [ 1515.766419][T30859] do_syscall_64+0xcd/0x230 [ 1515.766455][T30859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1515.766481][T30859] RIP: 0033:0x7fe6b518e969 [ 1515.766499][T30859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1515.766521][T30859] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1515.766544][T30859] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1515.766559][T30859] RDX: 000000000002000f RSI: 0000000000000000 RDI: 0000000000000003 [ 1515.766574][T30859] RBP: 00007fe6b6077090 R08: 0000200000000000 R09: 000000000000001c [ 1515.766590][T30859] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000001 [ 1515.766604][T30859] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1515.766640][T30859] [ 1516.173201][T30869] FAULT_INJECTION: forcing a failure. [ 1516.173201][T30869] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1516.252437][T30869] CPU: 0 UID: 0 PID: 30869 Comm: syz.2.5959 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1516.252488][T30869] Tainted: [U]=USER [ 1516.252496][T30869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1516.252510][T30869] Call Trace: [ 1516.252519][T30869] [ 1516.252528][T30869] dump_stack_lvl+0x16c/0x1f0 [ 1516.252567][T30869] should_fail_ex+0x512/0x640 [ 1516.252605][T30869] _copy_to_user+0x32/0xd0 [ 1516.252643][T30869] simple_read_from_buffer+0xcb/0x170 [ 1516.252681][T30869] proc_fail_nth_read+0x197/0x270 [ 1516.252715][T30869] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1516.252751][T30869] ? rw_verify_area+0xcf/0x680 [ 1516.252784][T30869] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1516.252817][T30869] vfs_read+0x1de/0xc70 [ 1516.252846][T30869] ? __pfx___mutex_lock+0x10/0x10 [ 1516.252879][T30869] ? __pfx_vfs_read+0x10/0x10 [ 1516.252913][T30869] ? __fget_files+0x20e/0x3c0 [ 1516.252948][T30869] ksys_read+0x12a/0x240 [ 1516.252971][T30869] ? __pfx_ksys_read+0x10/0x10 [ 1516.253007][T30869] do_syscall_64+0xcd/0x230 [ 1516.253043][T30869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1516.253068][T30869] RIP: 0033:0x7fe6b518d37c [ 1516.253089][T30869] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1516.253112][T30869] RSP: 002b:00007fe6b6077030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1516.253136][T30869] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518d37c [ 1516.253153][T30869] RDX: 000000000000000f RSI: 00007fe6b60770a0 RDI: 0000000000000003 [ 1516.253169][T30869] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1516.253184][T30869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1516.253199][T30869] R13: 0000000000000001 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1516.253234][T30869] [ 1516.311854][T30861] can: request_module (can-proto-3) failed. [ 1517.025685][T30880] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input58 [ 1517.397342][T30884] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5966'. [ 1518.394864][T30898] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 1518.404052][T30898] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 1519.268789][T30917] FAULT_INJECTION: forcing a failure. [ 1519.268789][T30917] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.400330][T30919] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1519.431241][T30917] CPU: 0 UID: 0 PID: 30917 Comm: syz.1.5972 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1519.431283][T30917] Tainted: [U]=USER [ 1519.431292][T30917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1519.431306][T30917] Call Trace: [ 1519.431315][T30917] [ 1519.431325][T30917] dump_stack_lvl+0x16c/0x1f0 [ 1519.431372][T30917] should_fail_ex+0x512/0x640 [ 1519.431411][T30917] _copy_to_iter+0x477/0x15a0 [ 1519.431444][T30917] ? __pfx__copy_to_iter+0x10/0x10 [ 1519.431480][T30917] ? const_folio_flags+0x5b/0x100 [ 1519.431508][T30917] ? folio_mark_accessed+0xc1/0xc00 [ 1519.431540][T30917] ? __pfx_folio_mark_accessed+0x10/0x10 [ 1519.431581][T30917] copy_page_to_iter+0xf1/0x180 [ 1519.431608][T30917] filemap_read+0x6b1/0xe90 [ 1519.431659][T30917] ? __pfx_filemap_read+0x10/0x10 [ 1519.431720][T30917] ? __pfx_down_read+0x10/0x10 [ 1519.431754][T30917] blkdev_read_iter+0x1ac/0x500 [ 1519.431793][T30917] do_iter_readv_writev+0x735/0x950 [ 1519.431833][T30917] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1519.431875][T30917] ? bpf_lsm_file_permission+0x9/0x10 [ 1519.431898][T30917] ? security_file_permission+0x71/0x210 [ 1519.431931][T30917] ? rw_verify_area+0xcf/0x680 [ 1519.431968][T30917] vfs_readv+0x4c5/0x8a0 [ 1519.431988][T30917] ? get_pid_task+0x106/0x250 [ 1519.432031][T30917] ? __pfx_vfs_readv+0x10/0x10 [ 1519.432067][T30917] ? find_held_lock+0x2b/0x80 [ 1519.432119][T30917] ? __fget_files+0x20e/0x3c0 [ 1519.432152][T30917] ? do_preadv+0x1af/0x270 [ 1519.432172][T30917] do_preadv+0x1af/0x270 [ 1519.432196][T30917] ? __pfx_do_preadv+0x10/0x10 [ 1519.432216][T30917] ? rcu_is_watching+0x12/0xc0 [ 1519.432250][T30917] do_syscall_64+0xcd/0x230 [ 1519.432287][T30917] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1519.432311][T30917] RIP: 0033:0x7fd6cc18e969 [ 1519.432332][T30917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1519.432354][T30917] RSP: 002b:00007fd6ccfed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 1519.432377][T30917] RAX: ffffffffffffffda RBX: 00007fd6cc3b6240 RCX: 00007fd6cc18e969 [ 1519.432394][T30917] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003 [ 1519.432411][T30917] RBP: 00007fd6ccfed090 R08: 0000000000000005 R09: 0000000000000000 [ 1519.432426][T30917] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 1519.432442][T30917] R13: 0000000000000000 R14: 00007fd6cc3b6240 R15: 00007ffd728f5078 [ 1519.432477][T30917] [ 1520.308570][T30933] can: request_module (can-proto-3) failed. [ 1520.845756][T30941] netlink: 326 bytes leftover after parsing attributes in process `syz.0.5981'. [ 1520.932221][T30941] bridge0: port 2(bridge_slave_1) entered disabled state [ 1520.940017][T30941] bridge0: port 1(bridge_slave_0) entered disabled state [ 1521.346524][T30954] FAULT_INJECTION: forcing a failure. [ 1521.346524][T30954] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1521.414238][T30954] CPU: 1 UID: 0 PID: 30954 Comm: syz.2.5984 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1521.414280][T30954] Tainted: [U]=USER [ 1521.414288][T30954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1521.414303][T30954] Call Trace: [ 1521.414312][T30954] [ 1521.414321][T30954] dump_stack_lvl+0x16c/0x1f0 [ 1521.414359][T30954] should_fail_ex+0x512/0x640 [ 1521.414396][T30954] _copy_from_iter+0x2a4/0x15b0 [ 1521.414434][T30954] ? __alloc_skb+0x200/0x380 [ 1521.414462][T30954] ? __pfx__copy_from_iter+0x10/0x10 [ 1521.414500][T30954] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1521.414529][T30954] ? __lock_acquire+0xaa4/0x1ba0 [ 1521.414570][T30954] netlink_sendmsg+0x829/0xdd0 [ 1521.414607][T30954] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1521.414651][T30954] ____sys_sendmsg+0xa98/0xc70 [ 1521.414686][T30954] ? copy_msghdr_from_user+0x10a/0x160 [ 1521.414714][T30954] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1521.414753][T30954] ? __pfx__kstrtoull+0x10/0x10 [ 1521.414788][T30954] ___sys_sendmsg+0x134/0x1d0 [ 1521.414819][T30954] ? __pfx____sys_sendmsg+0x10/0x10 [ 1521.414864][T30954] ? find_held_lock+0x2b/0x80 [ 1521.414928][T30954] __sys_sendmmsg+0x200/0x420 [ 1521.414961][T30954] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1521.415001][T30954] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1521.415052][T30954] ? fput+0x70/0xf0 [ 1521.415079][T30954] ? ksys_write+0x1b9/0x240 [ 1521.415103][T30954] ? __pfx_ksys_write+0x10/0x10 [ 1521.415134][T30954] __x64_sys_sendmmsg+0x9c/0x100 [ 1521.415162][T30954] ? lockdep_hardirqs_on+0x7c/0x110 [ 1521.415199][T30954] do_syscall_64+0xcd/0x230 [ 1521.415235][T30954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1521.415260][T30954] RIP: 0033:0x7fe6b518e969 [ 1521.415279][T30954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1521.415303][T30954] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1521.415327][T30954] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1521.415345][T30954] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1521.415361][T30954] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1521.415376][T30954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1521.415391][T30954] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1521.415423][T30954] [ 1522.024058][T30959] netlink: 326 bytes leftover after parsing attributes in process `syz.2.5986'. [ 1522.055253][T30959] bridge0: port 2(bridge_slave_1) entered disabled state [ 1522.062704][T30959] bridge0: port 1(bridge_slave_0) entered disabled state [ 1523.293374][T30988] FAULT_INJECTION: forcing a failure. [ 1523.293374][T30988] name failslab, interval 1, probability 0, space 0, times 0 [ 1523.357361][T30988] CPU: 0 UID: 0 PID: 30988 Comm: syz.2.5995 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1523.357404][T30988] Tainted: [U]=USER [ 1523.357413][T30988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1523.357428][T30988] Call Trace: [ 1523.357437][T30988] [ 1523.357448][T30988] dump_stack_lvl+0x16c/0x1f0 [ 1523.357487][T30988] should_fail_ex+0x512/0x640 [ 1523.357519][T30988] ? __kmalloc_noprof+0xbf/0x510 [ 1523.357550][T30988] ? __trace_probe_log_err+0x149/0x400 [ 1523.357576][T30988] should_failslab+0xc2/0x120 [ 1523.357606][T30988] __kmalloc_noprof+0xd2/0x510 [ 1523.357631][T30988] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1523.357675][T30988] __trace_probe_log_err+0x149/0x400 [ 1523.357700][T30988] ? traceprobe_parse_event_name+0x2c3/0x6f0 [ 1523.357735][T30988] __trace_eprobe_create+0xb5c/0x18d0 [ 1523.357773][T30988] ? trace_parse_run_command+0x1a6/0x3e0 [ 1523.357802][T30988] ? vfs_write+0x25c/0x1180 [ 1523.357828][T30988] ? __pfx___trace_eprobe_create+0x10/0x10 [ 1523.357914][T30988] ? trace_kmalloc+0x2b/0xd0 [ 1523.357944][T30988] ? __kmalloc_noprof+0x242/0x510 [ 1523.357986][T30988] ? argv_split+0x36e/0x440 [ 1523.358017][T30988] ? __pfx___trace_eprobe_create+0x10/0x10 [ 1523.358051][T30988] trace_probe_create+0xef/0x100 [ 1523.358080][T30988] ? __pfx_trace_probe_create+0x10/0x10 [ 1523.358119][T30988] create_dyn_event+0xee/0x1c0 [ 1523.358145][T30988] trace_parse_run_command+0x1a6/0x3e0 [ 1523.358173][T30988] ? __pfx_create_dyn_event+0x10/0x10 [ 1523.358203][T30988] vfs_write+0x25c/0x1180 [ 1523.358225][T30988] ? __pfx_dyn_event_write+0x10/0x10 [ 1523.358265][T30988] ? __pfx___mutex_lock+0x10/0x10 [ 1523.358298][T30988] ? __pfx_vfs_write+0x10/0x10 [ 1523.358334][T30988] ? __fget_files+0x20e/0x3c0 [ 1523.358368][T30988] ksys_write+0x12a/0x240 [ 1523.358393][T30988] ? __pfx_ksys_write+0x10/0x10 [ 1523.358415][T30988] ? rcu_is_watching+0x12/0xc0 [ 1523.358451][T30988] do_syscall_64+0xcd/0x230 [ 1523.358487][T30988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1523.358513][T30988] RIP: 0033:0x7fe6b518e969 [ 1523.358533][T30988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1523.358557][T30988] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1523.358581][T30988] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1523.358600][T30988] RDX: 0000000000000032 RSI: 0000200000000080 RDI: 0000000000000003 [ 1523.358616][T30988] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1523.358632][T30988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1523.358646][T30988] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1523.358682][T30988] [ 1524.201654][T30992] FAULT_INJECTION: forcing a failure. [ 1524.201654][T30992] name failslab, interval 1, probability 0, space 0, times 0 [ 1524.238487][T30992] CPU: 0 UID: 0 PID: 30992 Comm: syz.2.5996 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1524.238533][T30992] Tainted: [U]=USER [ 1524.238543][T30992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1524.238559][T30992] Call Trace: [ 1524.238569][T30992] [ 1524.238580][T30992] dump_stack_lvl+0x16c/0x1f0 [ 1524.238631][T30992] should_fail_ex+0x512/0x640 [ 1524.238668][T30992] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1524.238702][T30992] should_failslab+0xc2/0x120 [ 1524.238733][T30992] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1524.238764][T30992] ? mas_alloc_nodes+0x18b/0x8b0 [ 1524.238803][T30992] mas_alloc_nodes+0x18b/0x8b0 [ 1524.238842][T30992] mas_node_count_gfp+0x105/0x130 [ 1524.238877][T30992] mas_preallocate+0x53e/0xcd0 [ 1524.238905][T30992] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 1524.238940][T30992] ? __pfx_mas_preallocate+0x10/0x10 [ 1524.238978][T30992] ? anon_vma_name+0x75/0x100 [ 1524.239016][T30992] __split_vma+0x33b/0x1030 [ 1524.239049][T30992] ? __pfx___split_vma+0x10/0x10 [ 1524.239094][T30992] vms_gather_munmap_vmas+0x392/0x1310 [ 1524.239130][T30992] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1524.239181][T30992] do_vmi_align_munmap+0x27c/0x7d0 [ 1524.239215][T30992] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1524.239295][T30992] do_vmi_munmap+0x208/0x3e0 [ 1524.239330][T30992] move_vma+0xb67/0x1740 [ 1524.239366][T30992] ? __pfx_move_vma+0x10/0x10 [ 1524.239399][T30992] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 1524.239450][T30992] ? vrm_set_new_addr+0x208/0x290 [ 1524.239483][T30992] __do_sys_mremap+0xe38/0x15d0 [ 1524.239517][T30992] ? __pfx___do_sys_mremap+0x10/0x10 [ 1524.239555][T30992] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1524.239602][T30992] ? __x64_sys_futex+0x1e0/0x4c0 [ 1524.239647][T30992] ? rcu_is_watching+0x12/0xc0 [ 1524.239682][T30992] do_syscall_64+0xcd/0x230 [ 1524.239720][T30992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1524.239746][T30992] RIP: 0033:0x7fe6b518e969 [ 1524.239768][T30992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1524.239793][T30992] RSP: 002b:00007fe6b6056038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1524.239818][T30992] RAX: ffffffffffffffda RBX: 00007fe6b53b6080 RCX: 00007fe6b518e969 [ 1524.239837][T30992] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 1524.239854][T30992] RBP: 00007fe6b5210ab1 R08: 0000000100000000 R09: 0000000000000000 [ 1524.239870][T30992] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1524.239885][T30992] R13: 0000000000000000 R14: 00007fe6b53b6080 R15: 00007ffee7b8b9e8 [ 1524.239922][T30992] [ 1524.613284][T30999] FAULT_INJECTION: forcing a failure. [ 1524.613284][T30999] name failslab, interval 1, probability 0, space 0, times 0 [ 1524.626380][T30999] CPU: 1 UID: 0 PID: 30999 Comm: syz.3.5997 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1524.626424][T30999] Tainted: [U]=USER [ 1524.626434][T30999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1524.626451][T30999] Call Trace: [ 1524.626460][T30999] [ 1524.626471][T30999] dump_stack_lvl+0x16c/0x1f0 [ 1524.626514][T30999] should_fail_ex+0x512/0x640 [ 1524.626558][T30999] ? fs_reclaim_acquire+0xae/0x150 [ 1524.626599][T30999] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1524.626635][T30999] should_failslab+0xc2/0x120 [ 1524.626666][T30999] __kmalloc_noprof+0xd2/0x510 [ 1524.626706][T30999] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1524.626753][T30999] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1524.626786][T30999] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1524.626862][T30999] ? do_raw_spin_lock+0x12c/0x2b0 [ 1524.626912][T30999] tomoyo_file_open+0x6b/0x90 [ 1524.626941][T30999] security_file_open+0x84/0x1e0 [ 1524.626978][T30999] do_dentry_open+0x596/0x1c10 [ 1524.627016][T30999] vfs_open+0x82/0x3f0 [ 1524.627054][T30999] path_openat+0x1e5e/0x2d40 [ 1524.627095][T30999] ? __pfx_path_openat+0x10/0x10 [ 1524.627132][T30999] do_filp_open+0x20b/0x470 [ 1524.627159][T30999] ? __pfx_do_filp_open+0x10/0x10 [ 1524.627213][T30999] ? alloc_fd+0x471/0x7d0 [ 1524.627252][T30999] do_sys_openat2+0x11b/0x1d0 [ 1524.627286][T30999] ? __pfx_do_sys_openat2+0x10/0x10 [ 1524.627336][T30999] __x64_sys_openat+0x174/0x210 [ 1524.627372][T30999] ? __pfx___x64_sys_openat+0x10/0x10 [ 1524.627409][T30999] ? rcu_is_watching+0x12/0xc0 [ 1524.627446][T30999] do_syscall_64+0xcd/0x230 [ 1524.627486][T30999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1524.627513][T30999] RIP: 0033:0x7f480718e969 [ 1524.627543][T30999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1524.627570][T30999] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1524.627596][T30999] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1524.627615][T30999] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1524.627633][T30999] RBP: 00007f4807210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1524.627650][T30999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1524.627667][T30999] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1524.627704][T30999] [ 1524.627789][T30999] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1525.329145][T31011] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6000'. [ 1526.437915][T31036] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6006'. [ 1526.688387][T31041] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input59 [ 1528.915198][T31080] FAULT_INJECTION: forcing a failure. [ 1528.915198][T31080] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1529.003097][T31080] CPU: 1 UID: 0 PID: 31080 Comm: syz.0.6019 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1529.003139][T31080] Tainted: [U]=USER [ 1529.003148][T31080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1529.003162][T31080] Call Trace: [ 1529.003170][T31080] [ 1529.003181][T31080] dump_stack_lvl+0x16c/0x1f0 [ 1529.003220][T31080] should_fail_ex+0x512/0x640 [ 1529.003259][T31080] _copy_from_iter+0x2a4/0x15b0 [ 1529.003298][T31080] ? __alloc_skb+0x200/0x380 [ 1529.003332][T31080] ? __pfx__copy_from_iter+0x10/0x10 [ 1529.003384][T31080] ? __lock_acquire+0xaa4/0x1ba0 [ 1529.003425][T31080] netlink_sendmsg+0x829/0xdd0 [ 1529.003463][T31080] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1529.003508][T31080] ____sys_sendmsg+0xa98/0xc70 [ 1529.003543][T31080] ? copy_msghdr_from_user+0x10a/0x160 [ 1529.003570][T31080] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1529.003609][T31080] ? kfree+0x252/0x4d0 [ 1529.003629][T31080] ? __pfx__kstrtoull+0x10/0x10 [ 1529.003665][T31080] ___sys_sendmsg+0x134/0x1d0 [ 1529.003695][T31080] ? __pfx____sys_sendmsg+0x10/0x10 [ 1529.003758][T31080] ? __pfx___might_resched+0x10/0x10 [ 1529.003793][T31080] __sys_sendmmsg+0x200/0x420 [ 1529.003826][T31080] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1529.003867][T31080] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1529.003915][T31080] ? fput+0x70/0xf0 [ 1529.003944][T31080] ? ksys_write+0x1b9/0x240 [ 1529.003967][T31080] ? __pfx_ksys_write+0x10/0x10 [ 1529.003989][T31080] ? rcu_is_watching+0x12/0xc0 [ 1529.004019][T31080] __x64_sys_sendmmsg+0x9c/0x100 [ 1529.004047][T31080] ? lockdep_hardirqs_on+0x7c/0x110 [ 1529.004080][T31080] do_syscall_64+0xcd/0x230 [ 1529.004119][T31080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1529.004142][T31080] RIP: 0033:0x7fb48e58e969 [ 1529.004161][T31080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1529.004183][T31080] RSP: 002b:00007fb48f349038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1529.004207][T31080] RAX: ffffffffffffffda RBX: 00007fb48e7b5fa0 RCX: 00007fb48e58e969 [ 1529.004224][T31080] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1529.004240][T31080] RBP: 00007fb48f349090 R08: 0000000000000000 R09: 0000000000000000 [ 1529.004255][T31080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1529.004269][T31080] R13: 0000000000000000 R14: 00007fb48e7b5fa0 R15: 00007ffcb6bfac38 [ 1529.004303][T31080] [ 1529.565775][T31087] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input60 [ 1530.148288][T31103] ima: policy update failed [ 1530.153024][ T30] audit: type=1802 audit(4294968484.495:38): pid=31103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.6028" res=0 errno=0 [ 1531.913893][T31125] can: request_module (can-proto-3) failed. [ 1533.192051][T31152] can: request_module (can-proto-3) failed. [ 1534.777398][T31185] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input61 [ 1536.152765][T31209] can: request_module (can-proto-3) failed. [ 1537.378760][T31239] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input62 [ 1537.468850][T31246] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6058'. [ 1537.925318][T31256] FAULT_INJECTION: forcing a failure. [ 1537.925318][T31256] name failslab, interval 1, probability 0, space 0, times 0 [ 1537.986399][T31256] CPU: 1 UID: 0 PID: 31256 Comm: syz.3.6059 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1537.986447][T31256] Tainted: [U]=USER [ 1537.986457][T31256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1537.986473][T31256] Call Trace: [ 1537.986483][T31256] [ 1537.986494][T31256] dump_stack_lvl+0x16c/0x1f0 [ 1537.986536][T31256] should_fail_ex+0x512/0x640 [ 1537.986572][T31256] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1537.986607][T31256] should_failslab+0xc2/0x120 [ 1537.986640][T31256] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1537.986671][T31256] ? vm_area_dup+0x25/0x760 [ 1537.986706][T31256] vm_area_dup+0x25/0x760 [ 1537.986738][T31256] __split_vma+0x17f/0x1030 [ 1537.986770][T31256] ? mas_next_slot+0x12d3/0x21b0 [ 1537.986807][T31256] ? __pfx___split_vma+0x10/0x10 [ 1537.986853][T31256] vms_gather_munmap_vmas+0x392/0x1310 [ 1537.986890][T31256] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1537.986942][T31256] do_vmi_align_munmap+0x27c/0x7d0 [ 1537.986977][T31256] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1537.987059][T31256] do_vmi_munmap+0x208/0x3e0 [ 1537.987096][T31256] move_vma+0xb67/0x1740 [ 1537.987133][T31256] ? __pfx_move_vma+0x10/0x10 [ 1537.987168][T31256] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 1537.987220][T31256] ? vrm_set_new_addr+0x208/0x290 [ 1537.987254][T31256] __do_sys_mremap+0xe38/0x15d0 [ 1537.987290][T31256] ? __pfx___do_sys_mremap+0x10/0x10 [ 1537.987328][T31256] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1537.987388][T31256] ? __x64_sys_futex+0x1e0/0x4c0 [ 1537.987429][T31256] ? rcu_is_watching+0x12/0xc0 [ 1537.987466][T31256] do_syscall_64+0xcd/0x230 [ 1537.987507][T31256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1537.987532][T31256] RIP: 0033:0x7f480718e969 [ 1537.987554][T31256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1537.987579][T31256] RSP: 002b:00007f4808064038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1537.987606][T31256] RAX: ffffffffffffffda RBX: 00007f48073b6240 RCX: 00007f480718e969 [ 1537.987625][T31256] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 1537.987642][T31256] RBP: 00007f4807210ab1 R08: 0000000100000000 R09: 0000000000000000 [ 1537.987660][T31256] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1537.987677][T31256] R13: 0000000000000000 R14: 00007f48073b6240 R15: 00007ffe9ae987f8 [ 1537.987714][T31256] [ 1538.249026][T31262] FAULT_INJECTION: forcing a failure. [ 1538.249026][T31262] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1538.301546][T31262] CPU: 0 UID: 0 PID: 31262 Comm: syz.2.6061 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1538.301589][T31262] Tainted: [U]=USER [ 1538.301598][T31262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1538.301613][T31262] Call Trace: [ 1538.301622][T31262] [ 1538.301632][T31262] dump_stack_lvl+0x16c/0x1f0 [ 1538.301671][T31262] should_fail_ex+0x512/0x640 [ 1538.301710][T31262] _copy_from_iter+0x2a4/0x15b0 [ 1538.301749][T31262] ? __alloc_skb+0x200/0x380 [ 1538.301777][T31262] ? __pfx__copy_from_iter+0x10/0x10 [ 1538.301815][T31262] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1538.301845][T31262] ? __lock_acquire+0xaa4/0x1ba0 [ 1538.301884][T31262] netlink_sendmsg+0x829/0xdd0 [ 1538.301919][T31262] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1538.301962][T31262] ____sys_sendmsg+0xa98/0xc70 [ 1538.301996][T31262] ? copy_msghdr_from_user+0x10a/0x160 [ 1538.302024][T31262] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1538.302063][T31262] ? 0xffffffff81000000 [ 1538.302099][T31262] ___sys_sendmsg+0x134/0x1d0 [ 1538.302129][T31262] ? __pfx____sys_sendmsg+0x10/0x10 [ 1538.302202][T31262] __sys_sendmsg+0x16d/0x220 [ 1538.302232][T31262] ? __pfx___sys_sendmsg+0x10/0x10 [ 1538.302271][T31262] ? rcu_is_watching+0x12/0xc0 [ 1538.302305][T31262] do_syscall_64+0xcd/0x230 [ 1538.302342][T31262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1538.302367][T31262] RIP: 0033:0x7fe6b518e969 [ 1538.302387][T31262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1538.302411][T31262] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1538.302435][T31262] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1538.302452][T31262] RDX: 0000000000004000 RSI: 0000200000006380 RDI: 0000000000000005 [ 1538.302468][T31262] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1538.302482][T31262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1538.302497][T31262] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1538.302535][T31262] [ 1538.512759][ C0] vkms_vblank_simulate: vblank timer overrun [ 1538.675404][T31268] FAULT_INJECTION: forcing a failure. [ 1538.675404][T31268] name failslab, interval 1, probability 0, space 0, times 0 [ 1538.736445][T31268] CPU: 0 UID: 0 PID: 31268 Comm: syz.2.6063 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1538.736485][T31268] Tainted: [U]=USER [ 1538.736494][T31268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1538.736508][T31268] Call Trace: [ 1538.736516][T31268] [ 1538.736525][T31268] dump_stack_lvl+0x16c/0x1f0 [ 1538.736564][T31268] should_fail_ex+0x512/0x640 [ 1538.736594][T31268] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1538.736626][T31268] should_failslab+0xc2/0x120 [ 1538.736656][T31268] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1538.736684][T31268] ? security_file_alloc+0x34/0x2b0 [ 1538.736722][T31268] security_file_alloc+0x34/0x2b0 [ 1538.736753][T31268] init_file+0x93/0x4c0 [ 1538.736783][T31268] alloc_empty_file+0x73/0x1e0 [ 1538.736814][T31268] path_openat+0xe0/0x2d40 [ 1538.736836][T31268] ? __x64_sys_open+0x153/0x1e0 [ 1538.736865][T31268] ? do_syscall_64+0xcd/0x230 [ 1538.736896][T31268] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1538.736933][T31268] ? __pfx_path_openat+0x10/0x10 [ 1538.736961][T31268] ? __lock_acquire+0xaa4/0x1ba0 [ 1538.736996][T31268] do_filp_open+0x20b/0x470 [ 1538.737022][T31268] ? __pfx_do_filp_open+0x10/0x10 [ 1538.737070][T31268] ? _raw_spin_unlock+0x28/0x50 [ 1538.737103][T31268] ? alloc_fd+0x471/0x7d0 [ 1538.737136][T31268] do_sys_openat2+0x11b/0x1d0 [ 1538.737167][T31268] ? __pfx_do_sys_openat2+0x10/0x10 [ 1538.737205][T31268] ? __fget_files+0x20e/0x3c0 [ 1538.737236][T31268] __x64_sys_open+0x153/0x1e0 [ 1538.737267][T31268] ? __pfx___x64_sys_open+0x10/0x10 [ 1538.737316][T31268] ? rcu_is_watching+0x12/0xc0 [ 1538.737343][T31268] do_syscall_64+0xcd/0x230 [ 1538.737379][T31268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1538.737403][T31268] RIP: 0033:0x7fe6b518e969 [ 1538.737422][T31268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1538.737446][T31268] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 1538.737470][T31268] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1538.737487][T31268] RDX: e1d2b27bdc14aab4 RSI: 0000000000000102 RDI: 0000200000000000 [ 1538.737504][T31268] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1538.737519][T31268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1538.737534][T31268] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1538.737569][T31268] [ 1539.638804][T27973] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 914 with max blocks 6 with error 117 [ 1539.716126][T27973] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1539.716126][T27973] [ 1540.567228][T31292] can: request_module (can-proto-3) failed. [ 1540.708937][T31298] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input63 [ 1540.754732][T31294] program syz.0.6068 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1541.253700][T31305] FAULT_INJECTION: forcing a failure. [ 1541.253700][T31305] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.307674][T31305] CPU: 0 UID: 0 PID: 31305 Comm: Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1541.307712][T31305] Tainted: [U]=USER [ 1541.307720][T31305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1541.307733][T31305] Call Trace: [ 1541.307741][T31305] [ 1541.307754][T31305] dump_stack_lvl+0x16c/0x1f0 [ 1541.307793][T31305] should_fail_ex+0x512/0x640 [ 1541.307830][T31305] should_failslab+0xc2/0x120 [ 1541.307856][T31305] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1541.307881][T31305] ? __lock_acquire+0x5ca/0x1ba0 [ 1541.307907][T31305] ? dst_alloc+0x99/0x1a0 [ 1541.307935][T31305] dst_alloc+0x99/0x1a0 [ 1541.307962][T31305] rt_dst_alloc+0x35/0x3a0 [ 1541.308001][T31305] ip_route_output_key_hash_rcu+0x87a/0x28f0 [ 1541.308047][T31305] ip_route_output_key_hash+0x137/0x2e0 [ 1541.308080][T31305] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 1541.308126][T31305] ? find_held_lock+0x2b/0x80 [ 1541.308154][T31305] ip_route_output_flow+0x27/0x150 [ 1541.308178][T31305] udp_sendmsg+0x1bc3/0x29e0 [ 1541.308211][T31305] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1541.308245][T31305] ? __pfx_udp_sendmsg+0x10/0x10 [ 1541.308269][T31305] ? __lock_acquire+0x5ca/0x1ba0 [ 1541.308300][T31305] ? __lock_acquire+0xaa4/0x1ba0 [ 1541.308328][T31305] ? __pfx___might_resched+0x10/0x10 [ 1541.308355][T31305] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1541.308393][T31305] ? aa_sk_perm+0x2f4/0xb10 [ 1541.308427][T31305] ? __import_iovec+0x1c8/0x660 [ 1541.308449][T31305] ? __might_fault+0xe3/0x190 [ 1541.308472][T31305] ? __might_fault+0x13b/0x190 [ 1541.308497][T31305] ? __pfx_udp_sendmsg+0x10/0x10 [ 1541.308524][T31305] inet_sendmsg+0x105/0x140 [ 1541.308557][T31305] ____sys_sendmsg+0x973/0xc70 [ 1541.308590][T31305] ? copy_msghdr_from_user+0x10a/0x160 [ 1541.308617][T31305] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1541.308656][T31305] ? __pfx__kstrtoull+0x10/0x10 [ 1541.308696][T31305] ___sys_sendmsg+0x134/0x1d0 [ 1541.308725][T31305] ? __pfx____sys_sendmsg+0x10/0x10 [ 1541.308771][T31305] ? find_held_lock+0x2b/0x80 [ 1541.308830][T31305] __sys_sendmmsg+0x200/0x420 [ 1541.308864][T31305] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1541.308917][T31305] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1541.308969][T31305] ? fput+0x70/0xf0 [ 1541.309002][T31305] ? ksys_write+0x1b9/0x240 [ 1541.309035][T31305] ? __pfx_ksys_write+0x10/0x10 [ 1541.309056][T31305] ? rcu_is_watching+0x12/0xc0 [ 1541.309087][T31305] __x64_sys_sendmmsg+0x9c/0x100 [ 1541.309114][T31305] ? lockdep_hardirqs_on+0x7c/0x110 [ 1541.309146][T31305] do_syscall_64+0xcd/0x230 [ 1541.309182][T31305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1541.309208][T31305] RIP: 0033:0x7f480718e969 [ 1541.309228][T31305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1541.309253][T31305] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1541.309277][T31305] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1541.309295][T31305] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1541.309310][T31305] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1541.309326][T31305] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000001 [ 1541.309342][T31305] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1541.309377][T31305] [ 1542.421459][T31325] FAULT_INJECTION: forcing a failure. [ 1542.421459][T31325] name failslab, interval 1, probability 0, space 0, times 0 [ 1542.530830][T31325] CPU: 1 UID: 0 PID: 31325 Comm: syz.2.6074 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1542.530876][T31325] Tainted: [U]=USER [ 1542.530886][T31325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1542.530902][T31325] Call Trace: [ 1542.530912][T31325] [ 1542.530923][T31325] dump_stack_lvl+0x16c/0x1f0 [ 1542.530967][T31325] should_fail_ex+0x512/0x640 [ 1542.531002][T31325] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1542.531038][T31325] should_failslab+0xc2/0x120 [ 1542.531071][T31325] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1542.531102][T31325] ? vm_area_dup+0x25/0x760 [ 1542.531142][T31325] vm_area_dup+0x25/0x760 [ 1542.531175][T31325] __split_vma+0x17f/0x1030 [ 1542.531205][T31325] ? mas_next_slot+0x12d3/0x21b0 [ 1542.531242][T31325] ? __pfx___split_vma+0x10/0x10 [ 1542.531288][T31325] vms_gather_munmap_vmas+0x392/0x1310 [ 1542.531326][T31325] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1542.531377][T31325] do_vmi_align_munmap+0x27c/0x7d0 [ 1542.531412][T31325] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1542.531494][T31325] do_vmi_munmap+0x208/0x3e0 [ 1542.531530][T31325] move_vma+0xb67/0x1740 [ 1542.531565][T31325] ? __pfx_move_vma+0x10/0x10 [ 1542.531599][T31325] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 1542.531655][T31325] ? vrm_set_new_addr+0x208/0x290 [ 1542.531690][T31325] __do_sys_mremap+0xe38/0x15d0 [ 1542.531727][T31325] ? __pfx___do_sys_mremap+0x10/0x10 [ 1542.531761][T31325] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1542.531809][T31325] ? __x64_sys_futex+0x1e0/0x4c0 [ 1542.531851][T31325] ? rcu_is_watching+0x12/0xc0 [ 1542.531888][T31325] do_syscall_64+0xcd/0x230 [ 1542.531928][T31325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1542.531955][T31325] RIP: 0033:0x7fe6b518e969 [ 1542.531978][T31325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1542.532003][T31325] RSP: 002b:00007fe6b6014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1542.532028][T31325] RAX: ffffffffffffffda RBX: 00007fe6b53b6240 RCX: 00007fe6b518e969 [ 1542.532046][T31325] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 1542.532063][T31325] RBP: 00007fe6b5210ab1 R08: 0000000100000000 R09: 0000000000000000 [ 1542.532080][T31325] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1542.532096][T31325] R13: 0000000000000000 R14: 00007fe6b53b6240 R15: 00007ffee7b8b9e8 [ 1542.532132][T31325] [ 1543.099145][T31336] nfs4: Unknown parameter 'nfsd' [ 1543.272387][T31331] can: request_module (can-proto-3) failed. [ 1543.950020][T31352] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input64 [ 1544.186881][T31334] FAULT_INJECTION: forcing a failure. [ 1544.186881][T31334] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1544.210337][T31334] CPU: 1 UID: 0 PID: 31334 Comm: syz.3.6077 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1544.210377][T31334] Tainted: [U]=USER [ 1544.210386][T31334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1544.210401][T31334] Call Trace: [ 1544.210409][T31334] [ 1544.210420][T31334] dump_stack_lvl+0x16c/0x1f0 [ 1544.210458][T31334] should_fail_ex+0x512/0x640 [ 1544.210497][T31334] _copy_to_iter+0x2a4/0x15a0 [ 1544.210529][T31334] ? __pfx__copy_to_iter+0x10/0x10 [ 1544.210564][T31334] ? rcu_is_watching+0x12/0xc0 [ 1544.210593][T31334] ? seq_read_iter+0x826/0x12c0 [ 1544.210634][T31334] seq_read_iter+0xcf8/0x12c0 [ 1544.210683][T31334] proc_reg_read_iter+0x220/0x310 [ 1544.210719][T31334] vfs_read+0x8cb/0xc70 [ 1544.210748][T31334] ? __pfx___mutex_lock+0x10/0x10 [ 1544.210782][T31334] ? __pfx_vfs_read+0x10/0x10 [ 1544.210831][T31334] ksys_read+0x12a/0x240 [ 1544.210855][T31334] ? __pfx_ksys_read+0x10/0x10 [ 1544.210877][T31334] ? rcu_is_watching+0x12/0xc0 [ 1544.210910][T31334] do_syscall_64+0xcd/0x230 [ 1544.210947][T31334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1544.210972][T31334] RIP: 0033:0x7f480718e969 [ 1544.210992][T31334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1544.211016][T31334] RSP: 002b:00007f4808085038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1544.211040][T31334] RAX: ffffffffffffffda RBX: 00007f48073b6160 RCX: 00007f480718e969 [ 1544.211057][T31334] RDX: 00000000000000b2 RSI: 0000200000000180 RDI: 0000000000000002 [ 1544.211072][T31334] RBP: 00007f4808085090 R08: 0000000000000000 R09: 0000000000000000 [ 1544.211088][T31334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1544.211103][T31334] R13: 0000000000000000 R14: 00007f48073b6160 R15: 00007ffe9ae987f8 [ 1544.211137][T31334] [ 1545.253216][T31381] FAULT_INJECTION: forcing a failure. [ 1545.253216][T31381] name failslab, interval 1, probability 0, space 0, times 0 [ 1545.356740][T31381] CPU: 1 UID: 0 PID: 31381 Comm: syz.1.6089 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1545.356777][T31381] Tainted: [U]=USER [ 1545.356782][T31381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1545.356790][T31381] Call Trace: [ 1545.356797][T31381] [ 1545.356803][T31381] dump_stack_lvl+0x16c/0x1f0 [ 1545.356828][T31381] should_fail_ex+0x512/0x640 [ 1545.356849][T31381] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1545.356869][T31381] should_failslab+0xc2/0x120 [ 1545.356887][T31381] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1545.356904][T31381] ? mas_alloc_nodes+0x18b/0x8b0 [ 1545.356925][T31381] mas_alloc_nodes+0x18b/0x8b0 [ 1545.356948][T31381] mas_node_count_gfp+0x105/0x130 [ 1545.356968][T31381] mas_preallocate+0x53e/0xcd0 [ 1545.356985][T31381] ? __pfx_mas_preallocate+0x10/0x10 [ 1545.357006][T31381] ? mt_find+0x757/0xa30 [ 1545.357020][T31381] vma_link+0x135/0x6a0 [ 1545.357039][T31381] ? __pfx_vma_link+0x10/0x10 [ 1545.357066][T31381] insert_vm_struct+0x196/0x3e0 [ 1545.357080][T31381] ? __pfx_insert_vm_struct+0x10/0x10 [ 1545.357095][T31381] ? lockdep_init_map_type+0x5c/0x280 [ 1545.357118][T31381] alloc_bprm+0x76d/0xdd0 [ 1545.357146][T31381] do_execveat_common.isra.0+0x1ce/0x610 [ 1545.357172][T31381] __x64_sys_execveat+0xda/0x120 [ 1545.357188][T31381] do_syscall_64+0xcd/0x230 [ 1545.357210][T31381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1545.357224][T31381] RIP: 0033:0x7fd6cc18e969 [ 1545.357236][T31381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1545.357249][T31381] RSP: 002b:00007fd6cd050038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 1545.357263][T31381] RAX: ffffffffffffffda RBX: 00007fd6cc3b5fa0 RCX: 00007fd6cc18e969 [ 1545.357273][T31381] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 1545.357282][T31381] RBP: 00007fd6cd050090 R08: 0000000000011000 R09: 0000000000000000 [ 1545.357290][T31381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1545.357299][T31381] R13: 0000000000000000 R14: 00007fd6cc3b5fa0 R15: 00007ffd728f5078 [ 1545.357317][T31381] [ 1546.088213][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1546.104452][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1546.675729][T31390] FAULT_INJECTION: forcing a failure. [ 1546.675729][T31390] name failslab, interval 1, probability 0, space 0, times 0 [ 1546.707177][T31390] CPU: 1 UID: 0 PID: 31390 Comm: syz.2.6091 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1546.707222][T31390] Tainted: [U]=USER [ 1546.707232][T31390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1546.707248][T31390] Call Trace: [ 1546.707257][T31390] [ 1546.707267][T31390] dump_stack_lvl+0x16c/0x1f0 [ 1546.707309][T31390] should_fail_ex+0x512/0x640 [ 1546.707342][T31390] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1546.707372][T31390] should_failslab+0xc2/0x120 [ 1546.707417][T31390] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1546.707444][T31390] ? vsnprintf+0x318/0x1160 [ 1546.707475][T31390] ? __alloc_workqueue+0xda2/0x1810 [ 1546.707513][T31390] __alloc_workqueue+0xda2/0x1810 [ 1546.707545][T31390] ? __pfx_vsnprintf+0x10/0x10 [ 1546.707576][T31390] ? lockdep_hardirqs_on+0x7c/0x110 [ 1546.707608][T31390] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1546.707643][T31390] alloc_workqueue+0xd2/0x200 [ 1546.707674][T31390] ? __pfx_alloc_workqueue+0x10/0x10 [ 1546.707717][T31390] ? __pfx___debug_object_init+0x10/0x10 [ 1546.707755][T31390] nci_register_device+0x21e/0xb80 [ 1546.707791][T31390] ? __pfx_nci_register_device+0x10/0x10 [ 1546.707829][T31390] ? lockdep_init_map_type+0x5c/0x280 [ 1546.707870][T31390] virtual_ncidev_open+0x141/0x220 [ 1546.707907][T31390] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1546.707942][T31390] misc_open+0x35d/0x420 [ 1546.707967][T31390] ? __pfx_misc_open+0x10/0x10 [ 1546.707990][T31390] chrdev_open+0x231/0x6a0 [ 1546.708018][T31390] ? __pfx_apparmor_file_open+0x10/0x10 [ 1546.708051][T31390] ? __pfx_chrdev_open+0x10/0x10 [ 1546.708083][T31390] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1546.708126][T31390] do_dentry_open+0x741/0x1c10 [ 1546.708153][T31390] ? __pfx_chrdev_open+0x10/0x10 [ 1546.708189][T31390] vfs_open+0x82/0x3f0 [ 1546.708226][T31390] path_openat+0x1e5e/0x2d40 [ 1546.708267][T31390] ? __pfx_path_openat+0x10/0x10 [ 1546.708304][T31390] do_filp_open+0x20b/0x470 [ 1546.708331][T31390] ? __pfx_do_filp_open+0x10/0x10 [ 1546.708392][T31390] ? alloc_fd+0x471/0x7d0 [ 1546.708429][T31390] do_sys_openat2+0x11b/0x1d0 [ 1546.708464][T31390] ? __pfx_do_sys_openat2+0x10/0x10 [ 1546.708515][T31390] __x64_sys_openat+0x174/0x210 [ 1546.708550][T31390] ? __pfx___x64_sys_openat+0x10/0x10 [ 1546.708587][T31390] ? rcu_is_watching+0x12/0xc0 [ 1546.708624][T31390] do_syscall_64+0xcd/0x230 [ 1546.708662][T31390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1546.708689][T31390] RIP: 0033:0x7fe6b518e969 [ 1546.708712][T31390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1546.708737][T31390] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1546.708763][T31390] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1546.708782][T31390] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1546.708800][T31390] RBP: 00007fe6b5210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1546.708817][T31390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1546.708833][T31390] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1546.708870][T31390] [ 1547.093356][T31397] FAULT_INJECTION: forcing a failure. [ 1547.093356][T31397] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1547.154250][T31397] CPU: 0 UID: 0 PID: 31397 Comm: syz.3.6093 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1547.154292][T31397] Tainted: [U]=USER [ 1547.154301][T31397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1547.154316][T31397] Call Trace: [ 1547.154325][T31397] [ 1547.154336][T31397] dump_stack_lvl+0x16c/0x1f0 [ 1547.154380][T31397] should_fail_ex+0x512/0x640 [ 1547.154417][T31397] _copy_from_iter+0x2a4/0x15b0 [ 1547.154456][T31397] ? __alloc_skb+0x200/0x380 [ 1547.154484][T31397] ? __pfx__copy_from_iter+0x10/0x10 [ 1547.154522][T31397] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1547.154550][T31397] ? __lock_acquire+0xaa4/0x1ba0 [ 1547.154590][T31397] netlink_sendmsg+0x829/0xdd0 [ 1547.154627][T31397] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1547.154671][T31397] ____sys_sendmsg+0xa98/0xc70 [ 1547.154706][T31397] ? copy_msghdr_from_user+0x10a/0x160 [ 1547.154734][T31397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1547.154785][T31397] ___sys_sendmsg+0x134/0x1d0 [ 1547.154816][T31397] ? __pfx____sys_sendmsg+0x10/0x10 [ 1547.154889][T31397] __sys_sendmsg+0x16d/0x220 [ 1547.154918][T31397] ? __pfx___sys_sendmsg+0x10/0x10 [ 1547.154957][T31397] ? rcu_is_watching+0x12/0xc0 [ 1547.154991][T31397] do_syscall_64+0xcd/0x230 [ 1547.155027][T31397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1547.155051][T31397] RIP: 0033:0x7f480718e969 [ 1547.155071][T31397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1547.155095][T31397] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1547.155119][T31397] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1547.155135][T31397] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000003 [ 1547.155151][T31397] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1547.155166][T31397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1547.155181][T31397] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1547.155214][T31397] [ 1547.600826][ T30] audit: type=1800 audit(4294969524.949:39): pid=31408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6099" name="dummy_udc" dev="gadgetfs" ino=5907 res=0 errno=0 [ 1547.663760][T31410] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input65 [ 1548.178915][T31422] FAULT_INJECTION: forcing a failure. [ 1548.178915][T31422] name failslab, interval 1, probability 0, space 0, times 0 [ 1548.213543][T31422] CPU: 0 UID: 0 PID: 31422 Comm: syz.2.6101 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1548.213578][T31422] Tainted: [U]=USER [ 1548.213584][T31422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1548.213593][T31422] Call Trace: [ 1548.213599][T31422] [ 1548.213606][T31422] dump_stack_lvl+0x16c/0x1f0 [ 1548.213632][T31422] should_fail_ex+0x512/0x640 [ 1548.213654][T31422] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1548.213674][T31422] should_failslab+0xc2/0x120 [ 1548.213692][T31422] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1548.213709][T31422] ? vm_area_dup+0x25/0x760 [ 1548.213729][T31422] vm_area_dup+0x25/0x760 [ 1548.213746][T31422] __split_vma+0x17f/0x1030 [ 1548.213764][T31422] ? mas_next_slot+0x12d3/0x21b0 [ 1548.213785][T31422] ? __pfx___split_vma+0x10/0x10 [ 1548.213810][T31422] vms_gather_munmap_vmas+0x392/0x1310 [ 1548.213829][T31422] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1548.213857][T31422] do_vmi_align_munmap+0x27c/0x7d0 [ 1548.213876][T31422] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1548.213917][T31422] do_vmi_munmap+0x208/0x3e0 [ 1548.213937][T31422] move_vma+0xb67/0x1740 [ 1548.213957][T31422] ? __pfx_move_vma+0x10/0x10 [ 1548.213976][T31422] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 1548.214007][T31422] ? vrm_set_new_addr+0x208/0x290 [ 1548.214026][T31422] __do_sys_mremap+0xe38/0x15d0 [ 1548.214045][T31422] ? __pfx___do_sys_mremap+0x10/0x10 [ 1548.214066][T31422] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1548.214098][T31422] ? __x64_sys_futex+0x1e0/0x4c0 [ 1548.214135][T31422] ? rcu_is_watching+0x12/0xc0 [ 1548.214168][T31422] do_syscall_64+0xcd/0x230 [ 1548.214205][T31422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1548.214231][T31422] RIP: 0033:0x7fe6b518e969 [ 1548.214260][T31422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1548.214287][T31422] RSP: 002b:00007fe6b6056038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1548.214312][T31422] RAX: ffffffffffffffda RBX: 00007fe6b53b6080 RCX: 00007fe6b518e969 [ 1548.214331][T31422] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 1548.214348][T31422] RBP: 00007fe6b5210ab1 R08: 0000000100000000 R09: 0000000000000000 [ 1548.214366][T31422] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1548.214383][T31422] R13: 0000000000000000 R14: 00007fe6b53b6080 R15: 00007ffee7b8b9e8 [ 1548.214418][T31422] [ 1548.617500][T31434] can: request_module (can-proto-3) failed. [ 1549.540966][T31452] can: request_module (can-proto-3) failed. [ 1550.010212][T31459] FAULT_INJECTION: forcing a failure. [ 1550.010212][T31459] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1550.064841][T31459] CPU: 1 UID: 0 PID: 31459 Comm: syz.1.6109 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1550.064884][T31459] Tainted: [U]=USER [ 1550.064893][T31459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1550.064908][T31459] Call Trace: [ 1550.064917][T31459] [ 1550.064927][T31459] dump_stack_lvl+0x16c/0x1f0 [ 1550.064966][T31459] should_fail_ex+0x512/0x640 [ 1550.065005][T31459] should_fail_alloc_page+0xe7/0x130 [ 1550.065037][T31459] prepare_alloc_pages+0x3c2/0x610 [ 1550.065072][T31459] ? rcu_is_watching+0x12/0xc0 [ 1550.065100][T31459] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1550.065132][T31459] ? unwind_get_return_address+0x59/0xa0 [ 1550.065161][T31459] ? arch_stack_walk+0xa6/0x100 [ 1550.065201][T31459] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1550.065233][T31459] ? __pfx_stack_trace_save+0x10/0x10 [ 1550.065259][T31459] ? stack_depot_save_flags+0x28/0xa50 [ 1550.065302][T31459] ? kasan_save_stack+0x42/0x60 [ 1550.065332][T31459] ? __lock_acquire+0xaa4/0x1ba0 [ 1550.065360][T31459] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1550.065395][T31459] ? policy_nodemask+0xea/0x4e0 [ 1550.065428][T31459] alloc_pages_mpol+0x1fb/0x550 [ 1550.065460][T31459] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1550.065487][T31459] ? __page_table_check_ptes_set+0x1ae/0x420 [ 1550.065518][T31459] ? find_held_lock+0x2b/0x80 [ 1550.065548][T31459] alloc_pages_noprof+0x131/0x390 [ 1550.065577][T31459] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 1550.065602][T31459] get_free_pages_noprof+0xc/0x40 [ 1550.065631][T31459] kasan_populate_vmalloc_pte+0x2d/0x160 [ 1550.065659][T31459] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 1550.065684][T31459] __apply_to_page_range+0x617/0xd60 [ 1550.065724][T31459] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 1550.065756][T31459] ? __pfx___apply_to_page_range+0x10/0x10 [ 1550.065798][T31459] ? alloc_vmap_area+0x872/0x2970 [ 1550.065838][T31459] alloc_vmap_area+0x919/0x2970 [ 1550.065887][T31459] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1550.065931][T31459] __get_vm_area_node+0x1ca/0x330 [ 1550.065973][T31459] __vmalloc_node_range_noprof+0x277/0x1540 [ 1550.065998][T31459] ? __do_sys_init_module+0x158/0x250 [ 1550.066029][T31459] ? get_pid_task+0xfc/0x250 [ 1550.066068][T31459] ? __do_sys_init_module+0x158/0x250 [ 1550.066097][T31459] ? aa_get_newest_label+0x375/0x680 [ 1550.066127][T31459] ? __pfx_aa_get_newest_label+0x10/0x10 [ 1550.066155][T31459] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1550.066193][T31459] ? trace_cap_capable+0x18d/0x200 [ 1550.066222][T31459] ? apparmor_capable+0x114/0x1d0 [ 1550.066246][T31459] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1550.066279][T31459] ? __do_sys_init_module+0x158/0x250 [ 1550.066310][T31459] __vmalloc_noprof+0x6d/0x90 [ 1550.066333][T31459] ? __do_sys_init_module+0x158/0x250 [ 1550.066364][T31459] __do_sys_init_module+0x158/0x250 [ 1550.066396][T31459] ? __pfx___do_sys_init_module+0x10/0x10 [ 1550.066443][T31459] ? ksys_write+0x1b9/0x240 [ 1550.066468][T31459] ? __pfx_ksys_write+0x10/0x10 [ 1550.066490][T31459] ? rcu_is_watching+0x12/0xc0 [ 1550.066524][T31459] do_syscall_64+0xcd/0x230 [ 1550.066560][T31459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1550.066584][T31459] RIP: 0033:0x7fd6cc18e969 [ 1550.066604][T31459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1550.066628][T31459] RSP: 002b:00007fd6cd02f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000af [ 1550.066652][T31459] RAX: ffffffffffffffda RBX: 00007fd6cc3b6080 RCX: 00007fd6cc18e969 [ 1550.066669][T31459] RDX: 0000000000000000 RSI: 00000000000ffff9 RDI: 0000000000000000 [ 1550.066684][T31459] RBP: 00007fd6cd02f090 R08: 0000000000000000 R09: 0000000000000000 [ 1550.066700][T31459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1550.066721][T31459] R13: 0000000000000000 R14: 00007fd6cc3b6080 R15: 00007ffd728f5078 [ 1550.066756][T31459] [ 1551.700409][T31489] can: request_module (can-proto-3) failed. [ 1553.778261][T31528] tipc: Started in network mode [ 1553.801285][T31528] tipc: Node identity 8e4e6f15, cluster identity 4711 [ 1553.844252][T31528] tipc: Node number set to 2387504917 [ 1554.053294][T31541] FAULT_INJECTION: forcing a failure. [ 1554.053294][T31541] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1554.093107][T31541] CPU: 1 UID: 0 PID: 31541 Comm: syz.3.6131 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1554.093150][T31541] Tainted: [U]=USER [ 1554.093158][T31541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1554.093172][T31541] Call Trace: [ 1554.093181][T31541] [ 1554.093191][T31541] dump_stack_lvl+0x16c/0x1f0 [ 1554.093228][T31541] should_fail_ex+0x512/0x640 [ 1554.093266][T31541] _copy_from_user+0x2e/0xd0 [ 1554.093302][T31541] kstrtouint_from_user+0xd6/0x1d0 [ 1554.093328][T31541] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1554.093353][T31541] ? __lock_acquire+0xaa4/0x1ba0 [ 1554.093407][T31541] proc_fail_nth_write+0x83/0x250 [ 1554.093441][T31541] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1554.093485][T31541] vfs_write+0x25c/0x1180 [ 1554.093507][T31541] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1554.093546][T31541] ? __pfx___mutex_lock+0x10/0x10 [ 1554.093580][T31541] ? __pfx_vfs_write+0x10/0x10 [ 1554.093614][T31541] ? __fget_files+0x20e/0x3c0 [ 1554.093649][T31541] ksys_write+0x12a/0x240 [ 1554.093671][T31541] ? __pfx_ksys_write+0x10/0x10 [ 1554.093693][T31541] ? rcu_is_watching+0x12/0xc0 [ 1554.093726][T31541] do_syscall_64+0xcd/0x230 [ 1554.093761][T31541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1554.093785][T31541] RIP: 0033:0x7f480718d41f [ 1554.093805][T31541] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 1554.093828][T31541] RSP: 002b:00007f48080c7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1554.093852][T31541] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f480718d41f [ 1554.093869][T31541] RDX: 0000000000000001 RSI: 00007f48080c70a0 RDI: 0000000000000005 [ 1554.093884][T31541] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1554.093900][T31541] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1554.093916][T31541] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1554.093950][T31541] [ 1554.175298][T31547] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input66 [ 1555.172379][T31563] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6137'. [ 1555.286550][T31568] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 1556.638725][T31594] can: request_module (can-proto-3) failed. [ 1557.523261][T31612] FAULT_INJECTION: forcing a failure. [ 1557.523261][T31612] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1557.550497][T31612] CPU: 1 UID: 0 PID: 31612 Comm: syz.2.6149 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1557.550537][T31612] Tainted: [U]=USER [ 1557.550545][T31612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1557.550558][T31612] Call Trace: [ 1557.550566][T31612] [ 1557.550577][T31612] dump_stack_lvl+0x16c/0x1f0 [ 1557.550616][T31612] should_fail_ex+0x512/0x640 [ 1557.550654][T31612] _copy_from_user+0x2e/0xd0 [ 1557.550690][T31612] copy_msghdr_from_user+0x98/0x160 [ 1557.550720][T31612] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1557.550754][T31612] ? kfree+0x252/0x4d0 [ 1557.550778][T31612] ? __pfx__kstrtoull+0x10/0x10 [ 1557.550814][T31612] ___sys_sendmsg+0xfe/0x1d0 [ 1557.550844][T31612] ? __pfx____sys_sendmsg+0x10/0x10 [ 1557.550902][T31612] ? __pfx___might_resched+0x10/0x10 [ 1557.550938][T31612] __sys_sendmmsg+0x200/0x420 [ 1557.550988][T31612] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1557.551028][T31612] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1557.551078][T31612] ? fput+0x70/0xf0 [ 1557.551106][T31612] ? ksys_write+0x1b9/0x240 [ 1557.551130][T31612] ? __pfx_ksys_write+0x10/0x10 [ 1557.551160][T31612] __x64_sys_sendmmsg+0x9c/0x100 [ 1557.551188][T31612] ? lockdep_hardirqs_on+0x7c/0x110 [ 1557.551219][T31612] do_syscall_64+0xcd/0x230 [ 1557.551261][T31612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1557.551287][T31612] RIP: 0033:0x7fe6b518e969 [ 1557.551307][T31612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1557.551332][T31612] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1557.551355][T31612] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1557.551372][T31612] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1557.551387][T31612] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1557.551403][T31612] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 1557.551419][T31612] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1557.551453][T31612] [ 1559.535105][T31657] netlink: 122 bytes leftover after parsing attributes in process `syz.2.6162'. [ 1559.650712][T31660] FAULT_INJECTION: forcing a failure. [ 1559.650712][T31660] name failslab, interval 1, probability 0, space 0, times 0 [ 1559.681252][T31660] CPU: 0 UID: 0 PID: 31660 Comm: syz.3.6164 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1559.681299][T31660] Tainted: [U]=USER [ 1559.681308][T31660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1559.681323][T31660] Call Trace: [ 1559.681332][T31660] [ 1559.681342][T31660] dump_stack_lvl+0x16c/0x1f0 [ 1559.681381][T31660] should_fail_ex+0x512/0x640 [ 1559.681415][T31660] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1559.681447][T31660] ? __pfx_filemap_map_pages+0x10/0x10 [ 1559.681476][T31660] should_failslab+0xc2/0x120 [ 1559.681507][T31660] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1559.681536][T31660] ? ptlock_alloc+0x1f/0x70 [ 1559.681564][T31660] ? __pfx_filemap_map_pages+0x10/0x10 [ 1559.681594][T31660] ptlock_alloc+0x1f/0x70 [ 1559.681618][T31660] pte_alloc_one+0x6d/0x380 [ 1559.681647][T31660] __do_fault+0x320/0x490 [ 1559.681680][T31660] ? __pfx_filemap_map_pages+0x10/0x10 [ 1559.681708][T31660] do_pte_missing+0x1a6/0x3fb0 [ 1559.681733][T31660] ? do_raw_spin_unlock+0x172/0x230 [ 1559.681769][T31660] ? __pmd_alloc+0x3c2/0x870 [ 1559.681800][T31660] ? find_held_lock+0x2b/0x80 [ 1559.681828][T31660] __handle_mm_fault+0x103d/0x2a40 [ 1559.681866][T31660] ? __pfx___handle_mm_fault+0x10/0x10 [ 1559.681915][T31660] ? find_vma+0xbf/0x140 [ 1559.681946][T31660] ? __pfx_find_vma+0x10/0x10 [ 1559.681988][T31660] handle_mm_fault+0x3fe/0xad0 [ 1559.682022][T31660] do_user_addr_fault+0x7a6/0x1370 [ 1559.682052][T31660] ? rcu_is_watching+0x12/0xc0 [ 1559.682080][T31660] exc_page_fault+0x5c/0xc0 [ 1559.682113][T31660] asm_exc_page_fault+0x26/0x30 [ 1559.682137][T31660] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 1559.682165][T31660] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 1559.682189][T31660] RSP: 0018:ffffc90003bafba8 EFLAGS: 00050216 [ 1559.682209][T31660] RAX: 0000000000000000 RBX: 0000000000000020 RCX: 0000000000000020 [ 1559.682225][T31660] RDX: fffff52000775f8f RSI: ffffc90003bafc58 RDI: 0000000000000000 [ 1559.682242][T31660] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff52000775f8e [ 1559.682256][T31660] R10: ffffc90003bafc77 R11: 0000000000000000 R12: ffffc90003bafc58 [ 1559.682270][T31660] R13: 0000000000000020 R14: 00007ffffffff000 R15: 0000000000000000 [ 1559.682303][T31660] _copy_to_user+0xbb/0xd0 [ 1559.682337][T31660] uart_ioctl+0x1805/0x2d40 [ 1559.682373][T31660] ? __pfx_uart_ioctl+0x10/0x10 [ 1559.682399][T31660] ? tomoyo_path_number_perm+0x18d/0x580 [ 1559.682431][T31660] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1559.682459][T31660] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1559.682493][T31660] ? do_vfs_ioctl+0x512/0x1990 [ 1559.682521][T31660] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1559.682554][T31660] ? __pfx_uart_ioctl+0x10/0x10 [ 1559.682585][T31660] tty_ioctl+0x65a/0x1610 [ 1559.682615][T31660] ? __pfx_tty_ioctl+0x10/0x10 [ 1559.682653][T31660] ? find_held_lock+0x2b/0x80 [ 1559.682674][T31660] ? hook_file_ioctl_common+0x145/0x410 [ 1559.682707][T31660] ? __fget_files+0x20e/0x3c0 [ 1559.682734][T31660] ? __pfx_tty_ioctl+0x10/0x10 [ 1559.682763][T31660] __x64_sys_ioctl+0x193/0x200 [ 1559.682799][T31660] do_syscall_64+0xcd/0x230 [ 1559.682836][T31660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1559.682860][T31660] RIP: 0033:0x7f480718e969 [ 1559.682881][T31660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1559.682905][T31660] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1559.682928][T31660] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1559.682945][T31660] RDX: 0000000000000000 RSI: 000000000000542e RDI: 0000000000000003 [ 1559.682961][T31660] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1559.682985][T31660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1559.683000][T31660] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1559.683034][T31660] [ 1560.339268][T31671] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input67 [ 1562.823694][T31726] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input68 [ 1564.470459][T31757] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6189'. [ 1564.918599][T31767] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input69 [ 1565.258109][T31778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1565.269049][T31778] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1566.019726][T31797] FAULT_INJECTION: forcing a failure. [ 1566.019726][T31797] name failslab, interval 1, probability 0, space 0, times 0 [ 1566.077528][T31797] CPU: 0 UID: 0 PID: 31797 Comm: syz.2.6203 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1566.077571][T31797] Tainted: [U]=USER [ 1566.077580][T31797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1566.077594][T31797] Call Trace: [ 1566.077603][T31797] [ 1566.077613][T31797] dump_stack_lvl+0x16c/0x1f0 [ 1566.077651][T31797] should_fail_ex+0x512/0x640 [ 1566.077683][T31797] ? __kmalloc_node_noprof+0xc5/0x500 [ 1566.077715][T31797] should_failslab+0xc2/0x120 [ 1566.077745][T31797] __kmalloc_node_noprof+0xd8/0x500 [ 1566.077773][T31797] ? lockdep_init_map_type+0x5c/0x280 [ 1566.077803][T31797] ? mempool_init_node+0x13c/0x760 [ 1566.077827][T31797] ? __init_waitqueue_head+0xca/0x150 [ 1566.077851][T31797] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 1566.077888][T31797] mempool_init_node+0x13c/0x760 [ 1566.077910][T31797] ? __pfx_xa_load+0x10/0x10 [ 1566.077939][T31797] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 1566.077972][T31797] ? __pfx_mempool_free_slab+0x10/0x10 [ 1566.078006][T31797] mempool_init_noprof+0x3a/0x50 [ 1566.078033][T31797] bioset_init+0x37a/0x880 [ 1566.078062][T31797] ? __pfx_bioset_init+0x10/0x10 [ 1566.078101][T31797] __alloc_disk_node+0x83/0x610 [ 1566.078132][T31797] ? blk_alloc_queue+0x1a3/0x760 [ 1566.078165][T31797] __blk_alloc_disk+0xd7/0x170 [ 1566.078198][T31797] ? __pfx___blk_alloc_disk+0x10/0x10 [ 1566.078231][T31797] ? __pfx___debug_object_init+0x10/0x10 [ 1566.078278][T31797] ? lockdep_init_map_type+0x5c/0x280 [ 1566.078310][T31797] ? lockdep_init_map_type+0x5c/0x280 [ 1566.078352][T31797] dm_create+0x4bf/0x1160 [ 1566.078390][T31797] dev_create+0x121/0x290 [ 1566.078414][T31797] ? __pfx_dev_create+0x10/0x10 [ 1566.078448][T31797] ctl_ioctl+0x6ea/0xd70 [ 1566.078482][T31797] ? __pfx_dev_create+0x10/0x10 [ 1566.078506][T31797] ? __pfx_ctl_ioctl+0x10/0x10 [ 1566.078581][T31797] ? __fget_files+0x20e/0x3c0 [ 1566.078612][T31797] dm_ctl_ioctl+0x22/0x30 [ 1566.078644][T31797] ? __pfx_dm_ctl_ioctl+0x10/0x10 [ 1566.078678][T31797] __x64_sys_ioctl+0x193/0x200 [ 1566.078714][T31797] do_syscall_64+0xcd/0x230 [ 1566.078750][T31797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1566.078775][T31797] RIP: 0033:0x7fe6b518e969 [ 1566.078795][T31797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1566.078819][T31797] RSP: 002b:00007fe6b6077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1566.078842][T31797] RAX: ffffffffffffffda RBX: 00007fe6b53b5fa0 RCX: 00007fe6b518e969 [ 1566.078860][T31797] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000003 [ 1566.078876][T31797] RBP: 00007fe6b6077090 R08: 0000000000000000 R09: 0000000000000000 [ 1566.078892][T31797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1566.078907][T31797] R13: 0000000000000000 R14: 00007fe6b53b5fa0 R15: 00007ffee7b8b9e8 [ 1566.078942][T31797] [ 1566.366204][ C0] vkms_vblank_simulate: vblank timer overrun [ 1567.478135][ T30] audit: type=1326 audit(4294969546.831:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31829 comm="syz.2.6209" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6b518e969 code=0x0 [ 1569.095969][T31844] can: request_module (can-proto-3) failed. [ 1570.079954][T31854] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input70 [ 1570.135374][T31855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6215'. [ 1570.210168][T31858] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input71 [ 1570.274500][T31861] openvswitch: netlink: IP tunnel dst address not specified [ 1571.554997][T31881] FAULT_INJECTION: forcing a failure. [ 1571.554997][T31881] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1571.568164][T31881] CPU: 1 UID: 0 PID: 31881 Comm: syz.3.6222 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1571.568187][T31881] Tainted: [U]=USER [ 1571.568192][T31881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1571.568200][T31881] Call Trace: [ 1571.568206][T31881] [ 1571.568211][T31881] dump_stack_lvl+0x16c/0x1f0 [ 1571.568236][T31881] should_fail_ex+0x512/0x640 [ 1571.568260][T31881] _copy_from_user+0x2e/0xd0 [ 1571.568282][T31881] copy_msghdr_from_user+0x98/0x160 [ 1571.568300][T31881] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1571.568320][T31881] ? kfree+0x252/0x4d0 [ 1571.568333][T31881] ? __lock_acquire+0x5ca/0x1ba0 [ 1571.568355][T31881] ___sys_recvmsg+0xdb/0x1a0 [ 1571.568371][T31881] ? __pfx____sys_recvmsg+0x10/0x10 [ 1571.568398][T31881] ? __pfx___might_resched+0x10/0x10 [ 1571.568418][T31881] do_recvmmsg+0x2fe/0x740 [ 1571.568437][T31881] ? __pfx_do_recvmmsg+0x10/0x10 [ 1571.568457][T31881] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1571.568490][T31881] ? __fget_files+0x20e/0x3c0 [ 1571.568508][T31881] __x64_sys_recvmmsg+0x22a/0x280 [ 1571.568526][T31881] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1571.568543][T31881] ? rcu_is_watching+0x12/0xc0 [ 1571.568561][T31881] do_syscall_64+0xcd/0x230 [ 1571.568584][T31881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1571.568598][T31881] RIP: 0033:0x7f480718e969 [ 1571.568610][T31881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1571.568624][T31881] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1571.568637][T31881] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1571.568647][T31881] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1571.568655][T31881] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1571.568663][T31881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1571.568672][T31881] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1571.568690][T31881] [ 1572.069253][T31882] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1572.107123][T31882] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1572.115067][T31882] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1572.122168][T31882] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1572.482600][T31906] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input72 [ 1573.339950][T31924] FAULT_INJECTION: forcing a failure. [ 1573.339950][T31924] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1573.414353][T31924] CPU: 0 UID: 0 PID: 31924 Comm: syz.3.6233 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1573.414397][T31924] Tainted: [U]=USER [ 1573.414406][T31924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1573.414421][T31924] Call Trace: [ 1573.414430][T31924] [ 1573.414440][T31924] dump_stack_lvl+0x16c/0x1f0 [ 1573.414479][T31924] should_fail_ex+0x512/0x640 [ 1573.414518][T31924] _copy_to_user+0x32/0xd0 [ 1573.414557][T31924] simple_read_from_buffer+0xcb/0x170 [ 1573.414596][T31924] proc_fail_nth_read+0x197/0x270 [ 1573.414630][T31924] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1573.414667][T31924] ? rw_verify_area+0xcf/0x680 [ 1573.414700][T31924] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1573.414735][T31924] vfs_read+0x1de/0xc70 [ 1573.414764][T31924] ? __pfx___mutex_lock+0x10/0x10 [ 1573.414798][T31924] ? __pfx_vfs_read+0x10/0x10 [ 1573.414833][T31924] ? __fget_files+0x20e/0x3c0 [ 1573.414868][T31924] ksys_read+0x12a/0x240 [ 1573.414892][T31924] ? __pfx_ksys_read+0x10/0x10 [ 1573.414927][T31924] do_syscall_64+0xcd/0x230 [ 1573.414964][T31924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1573.414989][T31924] RIP: 0033:0x7f480718d37c [ 1573.415009][T31924] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1573.415032][T31924] RSP: 002b:00007f48080c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1573.415056][T31924] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718d37c [ 1573.415073][T31924] RDX: 000000000000000f RSI: 00007f48080c70a0 RDI: 0000000000000004 [ 1573.415089][T31924] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1573.415104][T31924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1573.415120][T31924] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1573.415155][T31924] [ 1573.656297][T31925] FAULT_INJECTION: forcing a failure. [ 1573.656297][T31925] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.668975][T31925] CPU: 0 UID: 0 PID: 31925 Comm: syz.1.6232 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1573.668998][T31925] Tainted: [U]=USER [ 1573.669003][T31925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1573.669011][T31925] Call Trace: [ 1573.669017][T31925] [ 1573.669024][T31925] dump_stack_lvl+0x16c/0x1f0 [ 1573.669048][T31925] should_fail_ex+0x512/0x640 [ 1573.669069][T31925] ? fs_reclaim_acquire+0xae/0x150 [ 1573.669093][T31925] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1573.669113][T31925] should_failslab+0xc2/0x120 [ 1573.669131][T31925] __kmalloc_noprof+0xd2/0x510 [ 1573.669153][T31925] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1573.669178][T31925] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1573.669198][T31925] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1573.669252][T31925] ? find_held_lock+0x2b/0x80 [ 1573.669271][T31925] tomoyo_file_open+0x6b/0x90 [ 1573.669286][T31925] security_file_open+0x84/0x1e0 [ 1573.669306][T31925] do_dentry_open+0x596/0x1c10 [ 1573.669328][T31925] vfs_open+0x82/0x3f0 [ 1573.669349][T31925] path_openat+0x1e5e/0x2d40 [ 1573.669371][T31925] ? __pfx_path_openat+0x10/0x10 [ 1573.669390][T31925] do_filp_open+0x20b/0x470 [ 1573.669405][T31925] ? __pfx_do_filp_open+0x10/0x10 [ 1573.669426][T31925] ? __pfx_kfree_link+0x10/0x10 [ 1573.669451][T31925] ? alloc_fd+0x471/0x7d0 [ 1573.669470][T31925] do_sys_openat2+0x11b/0x1d0 [ 1573.669489][T31925] ? __pfx_do_sys_openat2+0x10/0x10 [ 1573.669515][T31925] __x64_sys_openat+0x174/0x210 [ 1573.669535][T31925] ? __pfx___x64_sys_openat+0x10/0x10 [ 1573.669555][T31925] ? rcu_is_watching+0x12/0xc0 [ 1573.669575][T31925] do_syscall_64+0xcd/0x230 [ 1573.669597][T31925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1573.669612][T31925] RIP: 0033:0x7fd6cc18d2d0 [ 1573.669625][T31925] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 1573.669639][T31925] RSP: 002b:00007fd6cd02efe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1573.669652][T31925] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd6cc18d2d0 [ 1573.669661][T31925] RDX: 0000000000000002 RSI: 00007fd6cc210d96 RDI: 00000000ffffff9c [ 1573.669670][T31925] RBP: 00007fd6cc210d96 R08: 0000000000000000 R09: 00007fd6cd051000 [ 1573.669678][T31925] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 1573.669687][T31925] R13: 0000000000000000 R14: 00007fd6cc3b6080 R15: 00007ffd728f5078 [ 1573.669705][T31925] [ 1573.669712][T31925] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1574.028791][T31925] FAULT_INJECTION: forcing a failure. [ 1574.028791][T31925] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1574.094576][T25473] Bluetooth: hci0: command 0x0406 tx timeout [ 1574.100812][T31925] CPU: 0 UID: 0 PID: 31925 Comm: syz.1.6232 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1574.100847][T31925] Tainted: [U]=USER [ 1574.100854][T31925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1574.100867][T31925] Call Trace: [ 1574.100876][T31925] [ 1574.100884][T31925] dump_stack_lvl+0x16c/0x1f0 [ 1574.100922][T31925] should_fail_ex+0x512/0x640 [ 1574.100960][T31925] _copy_to_user+0x32/0xd0 [ 1574.100997][T31925] simple_read_from_buffer+0xcb/0x170 [ 1574.101033][T31925] proc_fail_nth_read+0x197/0x270 [ 1574.101065][T31925] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1574.101100][T31925] ? rw_verify_area+0xcf/0x680 [ 1574.101130][T31925] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1574.101162][T31925] vfs_read+0x1de/0xc70 [ 1574.101205][T31925] ? __pfx___mutex_lock+0x10/0x10 [ 1574.101237][T31925] ? __pfx_vfs_read+0x10/0x10 [ 1574.101270][T31925] ? __fget_files+0x20e/0x3c0 [ 1574.101301][T31925] ksys_read+0x12a/0x240 [ 1574.101324][T31925] ? __pfx_ksys_read+0x10/0x10 [ 1574.101344][T31925] ? rcu_is_watching+0x12/0xc0 [ 1574.101375][T31925] do_syscall_64+0xcd/0x230 [ 1574.101411][T31925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1574.101434][T31925] RIP: 0033:0x7fd6cc18d37c [ 1574.101453][T31925] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1574.101478][T31925] RSP: 002b:00007fd6cd02f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1574.101502][T31925] RAX: ffffffffffffffda RBX: 00007fd6cc3b6080 RCX: 00007fd6cc18d37c [ 1574.101520][T31925] RDX: 000000000000000f RSI: 00007fd6cd02f0a0 RDI: 0000000000000009 [ 1574.101535][T31925] RBP: 00007fd6cd02f090 R08: 0000000000000000 R09: 0000000000000000 [ 1574.101550][T31925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1574.101565][T31925] R13: 0000000000000000 R14: 00007fd6cc3b6080 R15: 00007ffd728f5078 [ 1574.101599][T31925] [ 1574.300607][T25473] Bluetooth: hci3: command 0x0c1a tx timeout [ 1574.306718][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 1574.312751][ T5836] Bluetooth: hci4: command 0x0406 tx timeout [ 1574.617076][T31937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6234'. [ 1575.315458][T31944] netlink: 'syz.1.6244': attribute type 16 has an invalid length. [ 1575.324180][T31944] netlink: 326 bytes leftover after parsing attributes in process `syz.1.6244'. [ 1575.380665][T31944] veth1_macvtap: left promiscuous mode [ 1575.869371][T31959] FAULT_INJECTION: forcing a failure. [ 1575.869371][T31959] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1575.882897][T31959] CPU: 1 UID: 0 PID: 31959 Comm: syz.1.6239 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1575.882935][T31959] Tainted: [U]=USER [ 1575.882943][T31959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1575.882958][T31959] Call Trace: [ 1575.882966][T31959] [ 1575.882975][T31959] dump_stack_lvl+0x16c/0x1f0 [ 1575.883013][T31959] should_fail_ex+0x512/0x640 [ 1575.883050][T31959] _copy_from_iter+0x2a4/0x15b0 [ 1575.883094][T31959] ? __alloc_skb+0x200/0x380 [ 1575.883120][T31959] ? __pfx__copy_from_iter+0x10/0x10 [ 1575.883156][T31959] ? __lock_acquire+0xaa4/0x1ba0 [ 1575.883194][T31959] netlink_sendmsg+0x829/0xdd0 [ 1575.883230][T31959] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1575.883272][T31959] ____sys_sendmsg+0xa98/0xc70 [ 1575.883305][T31959] ? copy_msghdr_from_user+0x10a/0x160 [ 1575.883331][T31959] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1575.883367][T31959] ? kfree+0x252/0x4d0 [ 1575.883387][T31959] ? __pfx__kstrtoull+0x10/0x10 [ 1575.883421][T31959] ___sys_sendmsg+0x134/0x1d0 [ 1575.883449][T31959] ? __pfx____sys_sendmsg+0x10/0x10 [ 1575.883510][T31959] ? __pfx___might_resched+0x10/0x10 [ 1575.883544][T31959] __sys_sendmmsg+0x200/0x420 [ 1575.883575][T31959] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1575.883612][T31959] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1575.883660][T31959] ? fput+0x70/0xf0 [ 1575.883687][T31959] ? ksys_write+0x1b9/0x240 [ 1575.883709][T31959] ? __pfx_ksys_write+0x10/0x10 [ 1575.883729][T31959] ? rcu_is_watching+0x12/0xc0 [ 1575.883757][T31959] __x64_sys_sendmmsg+0x9c/0x100 [ 1575.883782][T31959] ? lockdep_hardirqs_on+0x7c/0x110 [ 1575.883812][T31959] do_syscall_64+0xcd/0x230 [ 1575.883844][T31959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1575.883868][T31959] RIP: 0033:0x7fd6cc18e969 [ 1575.883887][T31959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1575.883909][T31959] RSP: 002b:00007fd6cd050038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1575.883932][T31959] RAX: ffffffffffffffda RBX: 00007fd6cc3b5fa0 RCX: 00007fd6cc18e969 [ 1575.883948][T31959] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1575.883962][T31959] RBP: 00007fd6cd050090 R08: 0000000000000000 R09: 0000000000000000 [ 1575.883978][T31959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1575.883992][T31959] R13: 0000000000000000 R14: 00007fd6cc3b5fa0 R15: 00007ffd728f5078 [ 1575.884024][T31959] [ 1576.865913][T31960] can: request_module (can-proto-3) failed. [ 1577.617816][T31980] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(3) [ 1578.432552][T31998] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6251'. [ 1579.170402][T32013] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6254'. [ 1579.718073][T32025] FAULT_INJECTION: forcing a failure. [ 1579.718073][T32025] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1579.746904][T32025] CPU: 1 UID: 0 PID: 32025 Comm: syz.3.6259 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1579.746945][T32025] Tainted: [U]=USER [ 1579.746954][T32025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1579.746968][T32025] Call Trace: [ 1579.746977][T32025] [ 1579.746987][T32025] dump_stack_lvl+0x16c/0x1f0 [ 1579.747027][T32025] should_fail_ex+0x512/0x640 [ 1579.747062][T32025] _copy_from_user+0x2e/0xd0 [ 1579.747098][T32025] copy_msghdr_from_user+0x98/0x160 [ 1579.747126][T32025] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1579.747160][T32025] ? kfree+0x252/0x4d0 [ 1579.747180][T32025] ? __pfx__kstrtoull+0x10/0x10 [ 1579.747213][T32025] ___sys_sendmsg+0xfe/0x1d0 [ 1579.747243][T32025] ? __pfx____sys_sendmsg+0x10/0x10 [ 1579.747304][T32025] ? __pfx___might_resched+0x10/0x10 [ 1579.747340][T32025] __sys_sendmmsg+0x200/0x420 [ 1579.747371][T32025] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1579.747411][T32025] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1579.747459][T32025] ? fput+0x70/0xf0 [ 1579.747486][T32025] ? ksys_write+0x1b9/0x240 [ 1579.747510][T32025] ? __pfx_ksys_write+0x10/0x10 [ 1579.747532][T32025] ? rcu_is_watching+0x12/0xc0 [ 1579.747561][T32025] __x64_sys_sendmmsg+0x9c/0x100 [ 1579.747588][T32025] ? lockdep_hardirqs_on+0x7c/0x110 [ 1579.747627][T32025] do_syscall_64+0xcd/0x230 [ 1579.747663][T32025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1579.747688][T32025] RIP: 0033:0x7f480718e969 [ 1579.747708][T32025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1579.747732][T32025] RSP: 002b:00007f48080c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1579.747756][T32025] RAX: ffffffffffffffda RBX: 00007f48073b5fa0 RCX: 00007f480718e969 [ 1579.747773][T32025] RDX: 0000000000000002 RSI: 0000200000000080 RDI: 0000000000000003 [ 1579.747788][T32025] RBP: 00007f48080c7090 R08: 0000000000000000 R09: 0000000000000000 [ 1579.747804][T32025] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 1579.747819][T32025] R13: 0000000000000000 R14: 00007f48073b5fa0 R15: 00007ffe9ae987f8 [ 1579.747854][T32025] [ 1580.128561][T32032] FAULT_INJECTION: forcing a failure. [ 1580.128561][T32032] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1580.141707][T32032] CPU: 1 UID: 0 PID: 32032 Comm: syz.0.6262 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1580.141746][T32032] Tainted: [U]=USER [ 1580.141755][T32032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1580.141768][T32032] Call Trace: [ 1580.141777][T32032] [ 1580.141788][T32032] dump_stack_lvl+0x16c/0x1f0 [ 1580.141824][T32032] should_fail_ex+0x512/0x640 [ 1580.141861][T32032] _copy_from_iter+0x2a4/0x15b0 [ 1580.141904][T32032] ? __alloc_skb+0x200/0x380 [ 1580.141930][T32032] ? __pfx__copy_from_iter+0x10/0x10 [ 1580.141966][T32032] ? __lock_acquire+0xaa4/0x1ba0 [ 1580.142006][T32032] netlink_sendmsg+0x829/0xdd0 [ 1580.142044][T32032] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1580.142087][T32032] ____sys_sendmsg+0xa98/0xc70 [ 1580.142122][T32032] ? copy_msghdr_from_user+0x10a/0x160 [ 1580.142150][T32032] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1580.142186][T32032] ? kfree+0x252/0x4d0 [ 1580.142206][T32032] ? __pfx__kstrtoull+0x10/0x10 [ 1580.142240][T32032] ___sys_sendmsg+0x134/0x1d0 [ 1580.142271][T32032] ? __pfx____sys_sendmsg+0x10/0x10 [ 1580.142327][T32032] ? __pfx___might_resched+0x10/0x10 [ 1580.142361][T32032] __sys_sendmmsg+0x200/0x420 [ 1580.142391][T32032] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1580.142429][T32032] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1580.142478][T32032] ? fput+0x70/0xf0 [ 1580.142504][T32032] ? ksys_write+0x1b9/0x240 [ 1580.142528][T32032] ? __pfx_ksys_write+0x10/0x10 [ 1580.142549][T32032] ? rcu_is_watching+0x12/0xc0 [ 1580.142586][T32032] __x64_sys_sendmmsg+0x9c/0x100 [ 1580.142613][T32032] ? lockdep_hardirqs_on+0x7c/0x110 [ 1580.142644][T32032] do_syscall_64+0xcd/0x230 [ 1580.142680][T32032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1580.142704][T32032] RIP: 0033:0x7fb48e58e969 [ 1580.142724][T32032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1580.142747][T32032] RSP: 002b:00007fb48f349038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1580.142770][T32032] RAX: ffffffffffffffda RBX: 00007fb48e7b5fa0 RCX: 00007fb48e58e969 [ 1580.142787][T32032] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1580.142803][T32032] RBP: 00007fb48f349090 R08: 0000000000000000 R09: 0000000000000000 [ 1580.142818][T32032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1580.142830][T32032] R13: 0000000000000000 R14: 00007fb48e7b5fa0 R15: 00007ffcb6bfac38 [ 1580.142863][T32032] [ 1580.845699][T32049] ================================================================== [ 1580.845717][T32049] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0 [ 1580.845748][T32049] Write of size 8 at addr ffffc900037e9000 by task syz.1.6266/32049 [ 1580.845770][T32049] [ 1580.845784][T32049] CPU: 1 UID: 0 PID: 32049 Comm: syz.1.6266 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1580.845822][T32049] Tainted: [U]=USER [ 1580.845831][T32049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1580.845847][T32049] Call Trace: [ 1580.845856][T32049] [ 1580.845866][T32049] dump_stack_lvl+0x116/0x1f0 [ 1580.845900][T32049] print_report+0xc3/0x670 [ 1580.845927][T32049] ? __virt_addr_valid+0x5e/0x590 [ 1580.845960][T32049] ? sys_fillrect+0x15d4/0x17b0 [ 1580.845981][T32049] kasan_report+0xe0/0x110 [ 1580.846009][T32049] ? sys_fillrect+0x15d4/0x17b0 [ 1580.846036][T32049] sys_fillrect+0x15d4/0x17b0 [ 1580.846062][T32049] ? __pfx_sys_fillrect+0x10/0x10 [ 1580.846087][T32049] ? __pfx_bit_putcs+0x10/0x10 [ 1580.846116][T32049] ? bit_cursor+0xeca/0x17e0 [ 1580.846147][T32049] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 1580.846183][T32049] bit_clear+0x17a/0x220 [ 1580.846212][T32049] ? __pfx_bit_clear+0x10/0x10 [ 1580.846241][T32049] ? __pfx___might_resched+0x10/0x10 [ 1580.846268][T32049] ? fb_get_color_depth+0x120/0x250 [ 1580.846296][T32049] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1580.846331][T32049] ? __pfx_bit_clear+0x10/0x10 [ 1580.846359][T32049] __fbcon_clear+0x600/0x780 [ 1580.846391][T32049] fbcon_scroll+0x48b/0x690 [ 1580.846420][T32049] con_scroll+0x45c/0x690 [ 1580.846451][T32049] do_con_write+0x6869/0x7c90 [ 1580.846495][T32049] ? __pfx_do_con_write+0x10/0x10 [ 1580.846533][T32049] con_write+0x23/0xb0 [ 1580.846559][T32049] n_tty_write+0x40f/0x1160 [ 1580.846599][T32049] ? __pfx_n_tty_write+0x10/0x10 [ 1580.846631][T32049] ? rcu_is_watching+0x12/0xc0 [ 1580.846654][T32049] ? __pfx_woken_wake_function+0x10/0x10 [ 1580.846679][T32049] ? kfree+0x252/0x4d0 [ 1580.846699][T32049] ? file_tty_write.constprop.0+0x6ed/0x9b0 [ 1580.846729][T32049] ? __pfx_n_tty_write+0x10/0x10 [ 1580.846762][T32049] file_tty_write.constprop.0+0x502/0x9b0 [ 1580.846796][T32049] redirected_tty_write+0xd4/0x150 [ 1580.846824][T32049] vfs_write+0x5bd/0x1180 [ 1580.846848][T32049] ? __pfx_redirected_tty_write+0x10/0x10 [ 1580.846879][T32049] ? __pfx_vfs_write+0x10/0x10 [ 1580.846900][T32049] ? find_held_lock+0x2b/0x80 [ 1580.846934][T32049] ksys_write+0x12a/0x240 [ 1580.846957][T32049] ? __pfx_ksys_write+0x10/0x10 [ 1580.846980][T32049] ? rcu_is_watching+0x12/0xc0 [ 1580.847007][T32049] do_syscall_64+0xcd/0x230 [ 1580.847041][T32049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1580.847066][T32049] RIP: 0033:0x7fd6cc18e969 [ 1580.847085][T32049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1580.847110][T32049] RSP: 002b:00007fd6cd02f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1580.847134][T32049] RAX: ffffffffffffffda RBX: 00007fd6cc3b6080 RCX: 00007fd6cc18e969 [ 1580.847151][T32049] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000003 [ 1580.847164][T32049] RBP: 00007fd6cc210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1580.847179][T32049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1580.847194][T32049] R13: 0000000000000000 R14: 00007fd6cc3b6080 R15: 00007ffd728f5078 [ 1580.847218][T32049] [ 1580.847227][T32049] [ 1580.847237][T32049] The buggy address ffffc900037e9000 belongs to a vmalloc virtual mapping [ 1580.847250][T32049] Memory state around the buggy address: [ 1580.847263][T32049] ffffc900037e8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1580.847279][T32049] ffffc900037e8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1580.847296][T32049] >ffffc900037e9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1580.847309][T32049] ^ [ 1580.847322][T32049] ffffc900037e9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1580.847339][T32049] ffffc900037e9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1580.847352][T32049] ================================================================== [ 1580.847365][T32049] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1580.847382][T32049] CPU: 1 UID: 0 PID: 32049 Comm: syz.1.6266 Tainted: G U 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) [ 1580.847418][T32049] Tainted: [U]=USER [ 1580.847426][T32049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1580.847441][T32049] Call Trace: [ 1580.847449][T32049] [ 1580.847458][T32049] dump_stack_lvl+0x3d/0x1f0 [ 1580.847494][T32049] panic+0x71c/0x800 [ 1580.847525][T32049] ? __pfx_panic+0x10/0x10 [ 1580.847558][T32049] ? __pfx__printk+0x10/0x10 [ 1580.847585][T32049] ? rcu_is_watching+0x12/0xc0 [ 1580.847610][T32049] ? check_panic_on_warn+0x1f/0xb0 [ 1580.847644][T32049] ? sys_fillrect+0x15d4/0x17b0 [ 1580.847663][T32049] check_panic_on_warn+0xab/0xb0 [ 1580.847695][T32049] end_report+0x107/0x170 [ 1580.847718][T32049] kasan_report+0xee/0x110 [ 1580.847744][T32049] ? sys_fillrect+0x15d4/0x17b0 [ 1580.847765][T32049] sys_fillrect+0x15d4/0x17b0 [ 1580.847787][T32049] ? __pfx_sys_fillrect+0x10/0x10 [ 1580.847809][T32049] ? __pfx_bit_putcs+0x10/0x10 [ 1580.847834][T32049] ? bit_cursor+0xeca/0x17e0 [ 1580.847861][T32049] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 1580.847892][T32049] bit_clear+0x17a/0x220 [ 1580.847918][T32049] ? __pfx_bit_clear+0x10/0x10 [ 1580.847944][T32049] ? __pfx___might_resched+0x10/0x10 [ 1580.847967][T32049] ? fb_get_color_depth+0x120/0x250 [ 1580.847991][T32049] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1580.848020][T32049] ? __pfx_bit_clear+0x10/0x10 [ 1580.848045][T32049] __fbcon_clear+0x600/0x780 [ 1580.848071][T32049] fbcon_scroll+0x48b/0x690 [ 1580.848098][T32049] con_scroll+0x45c/0x690 [ 1580.848126][T32049] do_con_write+0x6869/0x7c90 [ 1580.848159][T32049] ? __pfx_do_con_write+0x10/0x10 [ 1580.848189][T32049] con_write+0x23/0xb0 [ 1580.848215][T32049] n_tty_write+0x40f/0x1160 [ 1580.848254][T32049] ? __pfx_n_tty_write+0x10/0x10 [ 1580.848286][T32049] ? rcu_is_watching+0x12/0xc0 [ 1580.848310][T32049] ? __pfx_woken_wake_function+0x10/0x10 [ 1580.848334][T32049] ? kfree+0x252/0x4d0 [ 1580.848355][T32049] ? file_tty_write.constprop.0+0x6ed/0x9b0 [ 1580.848383][T32049] ? __pfx_n_tty_write+0x10/0x10 [ 1580.848414][T32049] file_tty_write.constprop.0+0x502/0x9b0 [ 1580.848462][T32049] redirected_tty_write+0xd4/0x150 [ 1580.848494][T32049] vfs_write+0x5bd/0x1180 [ 1580.848514][T32049] ? __pfx_redirected_tty_write+0x10/0x10 [ 1580.848541][T32049] ? __pfx_vfs_write+0x10/0x10 [ 1580.848559][T32049] ? find_held_lock+0x2b/0x80 [ 1580.848587][T32049] ksys_write+0x12a/0x240 [ 1580.848607][T32049] ? __pfx_ksys_write+0x10/0x10 [ 1580.848626][T32049] ? rcu_is_watching+0x12/0xc0 [ 1580.848649][T32049] do_syscall_64+0xcd/0x230 [ 1580.848678][T32049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1580.848700][T32049] RIP: 0033:0x7fd6cc18e969 [ 1580.848715][T32049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1580.848736][T32049] RSP: 002b:00007fd6cd02f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1580.848756][T32049] RAX: ffffffffffffffda RBX: 00007fd6cc3b6080 RCX: 00007fd6cc18e969 [ 1580.848771][T32049] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000003 [ 1580.848785][T32049] RBP: 00007fd6cc210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1580.848798][T32049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1580.848811][T32049] R13: 0000000000000000 R14: 00007fd6cc3b6080 R15: 00007ffd728f5078 [ 1580.848832][T32049] [ 1580.849062][T32049] Kernel Offset: disabled