last executing test programs: 5.855037721s ago: executing program 2 (id=1080): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x58b003, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = io_uring_setup$auto(0x2, &(0x7f0000000240)={0x8, 0x8, 0x60, 0x3, 0x4, 0x8, 0xffffffffffffffff, [0x6, 0xc4f, 0x401], {0x5711, 0x379645e4, 0x6, 0x10, 0xbd5, 0x6, 0x81, 0xffffff80, 0x2}, {0x9, 0x1, 0x9, 0xfffffffe, 0xabfb, 0x8, 0x3, 0x9, 0x1}}) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x800) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xe, 0x5, 0x1000000c) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x80) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x200, 0x0, 0x2000}, {0xfffffffa, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) open(0x0, 0x22240, 0x80) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) sendfile$auto(r0, 0xffffffffffffffff, &(0x7f0000000100)=0x6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x6f51, 0xffffffffffffffff) shmctl$auto(0x6, 0x3, &(0x7f0000000840)={{0x4, 0x0, 0xee01, 0x5, 0x45, 0x9}, 0x7, 0x9247, 0x401, 0x6, @inferred, @inferred, 0x101, 0x0, &(0x7f0000000780), &(0x7f0000000800)}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1f002288", @ANYRESHEX=r2, @ANYRES16=r1], 0x14}, 0x1, 0x0, 0x0, 0x48884}, 0x4) 5.326586167s ago: executing program 0 (id=1081): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_BSS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_HE_CAPABILITY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4800}, 0xd0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x4, 0x8000) r3 = socket(0x29, 0x2, 0x0) ioctl$auto(r3, 0x8910, 0x24) socket(0xa, 0x5, 0x0) r4 = openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, &(0x7f0000001340), 0x2, 0x0) read$auto_hsr_node_table_fops_(r4, &(0x7f0000001380)=""/30, 0x1e) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r2, 0x401c5820, 0x0) creat$auto(&(0x7f0000000300)='./file0\x00', 0x0) r5 = socket(0xa, 0x1, 0x100) setsockopt$auto_SO_MAX_PACING_RATE(r5, 0x1, 0x2f, &(0x7f0000000300)='\xba\xf13\xa4o\xd3\xd2\xe0v\x95\xe6mAk\x90\xa1\xfd\xb0\xe1\xa6W\x85py\x91Q\xe7\xc9\x05\xce\x17\xe6<0e\x12\xe8/\x16\xf0\xd2\xe5\x06[\vFb\xd6\xc0sTv*\xa6\x97\xb4\xcf\xc8d^\xb1\x7f\xeeH\xd2\xa8\xeb\xad\xdfw\xad\x1e\xcf\x13\xd2\xbbh\xb7\xb1\xa2\x14\xbe=Q\xf3\xd6\x85\x8as\x04\x93\x8c3\n\x9e\xcc\xbdP\x89\xee\xa8\x82\x03\x97\xe6^\x85#\x11T\x8dE\xba\nF\xc2\xe2\x06k\xf0~\xa3\x86h\xc2\xb8\xcfk\x1f', 0x4) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0) 5.008417351s ago: executing program 2 (id=1084): madvise$auto_MADV_MERGEABLE(0x6, 0x7, 0xc) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (rerun: 32) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec24\x00', 0x900, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) open(0x0, 0x22240, 0x154) mount$auto(0x0, 0x0, &(0x7f0000000180)='nfs\x00\x00', 0x200, 0x0) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x20000000eb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x440040, 0x0) (async) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x9, 0x8000) (async) ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000080)="0fa1d0db5c636de2709272f5627f32d87893c1864f6adf8a19ccb12ce062440bfec2647174309488c6f6b94c38835c615dd53d9d9770275d5a6be3d61f39281c1d446b100c3abee2dbe304ed160765454881e545934e2bf09083b859665fd1ac2d1a65d8d4837c07157609f3370c1d854d1e14449e1b07f7c3409c2bca2304389530f5b2a35744c5979623dea48350ea12dc7a5861e956a7eb0c422232bd516b115e949e54cedd7e0d49e8d272fd26dce8550e88516b75faa5a1bb35cf580a8be32957bee13b072b7f816a9add1c9ebb2b8552") (async) r4 = socket(0x23, 0x800, 0x0) getsockopt$auto(r4, 0x84, 0x1c, 0x0, 0x0) (async, rerun: 64) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nf_conntrack/parameters/hashsize\x00', 0xa102, 0x0) (rerun: 64) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim0/accept_source_route\x00', 0xc0202, 0x0) sendfile$auto(r5, r6, 0x0, 0x5b) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) 4.155524422s ago: executing program 3 (id=1086): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x9, 0x0) fsopen$auto(0x0, 0x1) mmap$auto(0xfffffffffffffffb, 0x2, 0x100000021, 0x400009b75, 0xea8a, 0x8000) r0 = socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x20) r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, r2, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40010) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty26\x00', 0x40002, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x78741, 0x0) fsconfig$auto_SHMEM_HUGE_FORCE(r4, 0x6, 0x0, &(0x7f0000000840)="50a54f6ba2eabf1c36410848849a4bf578fba2127b9325d59d8c3aad22be1e33e4de5da256870639611ce45c07d330882c4e22eb382bc3f634218c4e5f95ff64be95e62a53cba3835dd55f3a95a25989676b15868798fe37dafbc8ed38ddd759ebade969b17849b48c37e4b9727376283c1e26676832a95de29b384fbe53b36b29809e619b2b572524e5d41869bb11380a96c23e69c469e8ca8b98ac31158f6f5cdbd952fff7ba26557f74602433ca4136f2f5b65d1d805be9ff081d981e023b2120d0c159178d368aebecd11b865cb3bf7c063637ca6be8ab142c870c02646a68da9e4ab9ccb4f4eb5481a459b891009db00a52ad47e55d0585c679bb8d1f64cdfa41e378578e7e83581aaff5ef58b5bf92db02b94200d2a97d9f32b227fdd7d73a2c89596a7cd8e5303ea8e4db14007a2139af541af35e30933978c11bcda5d616ee80dc7758a441d3c2a32c952f69026ec57bf9d67b68a9484a2d8f65063cd110be4822bc7688bfab5eaba8ee12b3bdf05677f076df8c3ba3f1d65ce7bd47619513ef9ed583152a551dd22efbcc3c630a5832186b177b485a1664a52360b575bf556f1a5f2b359b7e9639c35194776e3cf1230a56c62796552af68ff42e8e5a898cf5f040bef55d34d1a774d38593648bebb8ae8037be494e87fe7eebccce92453b348365aafc4c16759898769fd9e264434a417fdec90422e71f5dce5b30b7a58f92cb03ead5c10d6eea4689ad1c1341140d80aa456c6625fc350b7a02e9a037b4b79eedddb0dfa870989afb52968560e94960ed25f48c0526279b09572ada44698a3b7d77ac4101b26305e2908645f3cdd7a59ef0d46adea03491dda71aefb33ff74f212720b814ea34edac9c4844199559941834712bd126f1d17e8c9fed6a121495235abeea67f114c19512803d96b69f3dfe6b827ae9ea03fc82c76fbfc0e0b76dad0d7005afc62beb2cbc5fed4fbb1d5c533d038f872c7fa374cade2cfa73d6dc7dc93d50d273505df726d7eb3c25c545af94716087b4700910ffdcb88970c0d0183c48f654e54a3ce7b036b65dd1d3e1b47a3a6ba9f24feb976e5aff37e4b8aa65b3a80b3b15ddd5bbebdb8ca0a598af6322ec10e32e3faba0a13a539d2c01de9c31a21f25a1026b43456dd14c4ce03eaaf0411b48830fe254c8078b71b56aedb9a5b6f52ab6317a48503d88dfca2f03f70b96100ffcf3467e3a1e05c94ce8879a8e49892a707b364b1fa8ed9830df29024924f88f4f16bd471619202a49d40178f34972a5f2c8556fd55877261a672f89828b5123e0b2308f3be9972b16931796a2ac563c8d16992cecc9dd853cda8de915b7b94fdd5591f2698d6fab98ded9d3", 0xfffffffffffffffe) kexec_load$auto(0x9, 0x0, 0x0, 0x1003dfffe) ioctl$auto_TIOCVHANGUP2(r4, 0x5437, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socket(0xf, 0x3, 0x2) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xe, 0xb, &(0x7f0000000180)={0xffffffffffffffff, 0x10}) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000007c0)="dec8c1943b506aeb066db1944b039854d328881581f4f797d7e37732a7831453a165e15192a8a08f2797bf9a9c5b0ca9d9655174c3d8cce51a6fc31d8000afa8ba4f48494da9f9009a99") openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) 3.673571803s ago: executing program 0 (id=1088): socket(0x2, 0x1, 0x106) r0 = accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) mmap$auto(0x401, 0x40009, 0x6, 0x9b72, r0, 0x28000) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x8000, 0xfffffffffffffffd, 0xd2, 0x1, 0xa, 0x0, 0x1, 0x368c, 0x2, {0x100000002, 0x80000000}, 0x5, 0x3, 0xfffffffffffffffe, 0x6, 0x0, 0x1, 0x81, 0x7, 0x7, 0xdeb1, 0x5}) socket(0x1d, 0x3, 0x9) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0xaa482, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x302100d, 0x3, 0x40040000000eb2, 0xfffffffffffffffb, 0x8000) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x212040, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd4, 0x0, 0x567) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r6) sendmsg$auto_NL80211_CMD_STOP_AP(r6, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="94040000", @ANYRES16=r7, @ANYBLOB="290100", @ANYRES32=r5, @ANYBLOB="05003901050000009f01258020fef86920d49a6912202a5ebab583036f58c3c0ffa11e2a63b0864f8ecf4cdf94d1832172f671fe36328c0821111d8f7e08ac4929fbde09d9c6f5c2155c4523aadf2267a3b22520875bbb209f9fa4f963588ab96db087b2f1e0433f29c33c15a488304af4a272349005d48847dd378072f97ba49397f02c3b944ffe022079374c25c0eb7e38ef2cf33221855fc79fcd0403242cc316fbc62f30608b5a0c0099800400aa80040004800b0020005b40242c2f5b00006a5b20ae2fb27895f14aab55af488fa40d72d1bab52324576ca054279034afd2a1840eb126f3632294d272cb0123675f00c2003e43b1f216356dbe111e63bc99797777b782b9533b013af908a3251bb797983630b29802aab29707d4ed37d633244b3362841e0478c5bf16a8c74e1eec8b7296470c4e36e2633d89b7f730f752f9818a391604d1eaa8b230b58c1bc8ac18c58c87887caccaeabc698acb45d7f697363436f65b7ef1d6bcd7dfa11b65b840b036e503ef3979756af28eb770a638a47225ec05eb224c1131dd645d8649b4e66e3d41d8f5bb7b3fc26449302fb4a219a15cd1ee2b00c80225800600a7002a000000b60004800400f00004001a800c002e000104000000000000e4d0e94b026c3ab491dd38426b89d3ac48a59e34d88220c3d70f13e3b2cac7c718d668a2bfca5c0aea9629a27d3b9ce8e4bc9287064970f62de1fdc62ca1999a597fbae7787da640f69ab66412f6e2045cb31aa7b647e0c9ce69cee888f35d9e242eecbea8d0ce29e21c069128f6f3e59a7363923a990bf47c57e1d57ee59589e1f767fdd78558e0552f485c7af2e625f1a58098b3e608000000", @ANYRES32=r3, @ANYBLOB="0000b39185c47fb2a53a1a931e13eb7875ae759dc58f857d47df3475f820d938ca8fbbd6ab37cb543136ab03cfcaf52753421fdf86ccd023d67b33621fcfd82c7ec75bd026c10725c0634d1b25ce690de58c009233dee4b2016967b035b40c9b5e3caac3455895c4af405d5ad7818bda27b44df826f71b42dd417206c28c78a314721dc71ff847cc3d2ec59fba4dfaeadcf01074f14259a7cd7ea753d461e8c0740c665aa321477840a77e3a4ca97b4764a044a5ab31a94685e963f8ee27617e7e3ede3070dce8d578eaad67eba2c53f6278c41f716a302dbd0f7396884b2d3a619d5a1b78617ed65cbb16e9d97010ee9d05c1344c8e16b92a48c52e04006180040034807a3bd017b7d07dca252d705aef333705c5640dd37b2255d1502149f30b9677e3cbf29ef154f35f871c1eae4d3441d78ba0b383873d8f1d4133898bb559682ab7bbea1e1601842b06433e20e957c624c81cd091ca5235df00a21e9ccbdd7de47451b99dc80d051d2799b8492e73573444ddee607dba7381c80cb24b30d79cf86917aab407bb603436974ae5dc89aec30e739ce1eec075b0cc272763449f6b104df189afd1bbe177e197a25de4297f5b9aba47487fb2c6ba54d094ff759c5943004180060088002d0000005f4a7c7a478b9fd2025644474d48820dc5ed27b82c48bd1d9026726850497d8d979818acabbc01f3a0e114490cc2d6c11fd613ebe9986d000800350101010000"], 0x494}, 0x1, 0x0, 0x0, 0x5a88314c8e109829}, 0x14) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) msgctl$auto_IPC_STAT(0x0, 0x2, &(0x7f0000000140)={{0x2, 0xee01, 0xffffffffffffffff, 0x5, 0x10000, 0x92de, 0x5}, 0x0, &(0x7f0000000100)=0x7, 0x100, 0x0, 0x1000, 0x0, 0x4, 0x3, 0x0, 0x5, @raw=0x472, @inferred=0xffffffffffffffff}) prctl$auto(0x7, 0x20000004, r8, 0x800, 0x0) 2.951004685s ago: executing program 2 (id=1089): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/ip_vs\x00', 0x880, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x6, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x4, 0x80000000368e, 0x4, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x4cef, 0x1, 0xfff7ffffffff6292, 0xe, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/swradio3\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) timerfd_create$auto(0x100, 0x150b) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x4, 0x3) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/pagemap\x00', 0x102, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_READI_FRAMES2(r1, 0x80184151, &(0x7f0000000040)={0x101, &(0x7f00000005c0)="a239beb9222a5de140d9ee7ec013b9509214cfcbc04ca3d3825e32a01e97f67973fa5696a4c0614591441253e1b0fa4141257e997323525fe9e01113035f441ec8b8df933c63dc3a044fdfac05bc9bee5365a22ba3501b36cbcc3b7f5ff3eb4d2e87033605c7d4231e33af9a2ec6d96d634e06b6b9a1a25c41f9208147fc7fff50b114d643fdd5f41a316bf8397ab0fd891429dda00675c302dfe5b5c182425c7167be26fd866236feac8dfad9f0c399cf95c014a4b33561013dde35979c9c240f99d87fb1aafb9662291b494bd4322e76748cebc27b9b89394e3cbd5d687f8d7b249dc1cfe56b6dd6e6d4d1f96504e65c0171", 0x8}) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd9/removable\x00', 0x700, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/142, 0x8e) openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x9, 0x1, 0x4) mprotect$auto(0x5, 0x8000000000000004, 0x5) madvise$auto(0x0, 0xffffffffffff0001, 0x15) msync$auto(0x0, 0x2000000005, 0x6) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x8, 0x8000000000000001, 0xa) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x5) 2.932058511s ago: executing program 0 (id=1090): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x80842, 0x91) rseq$auto(&(0x7f0000000340)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0x0, 0x8000006) init_module$auto(0x0, 0xffff9, 0x0) 2.663743405s ago: executing program 1 (id=1091): r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) setfsuid$auto(0x0) getgid() r1 = gettid() kill$auto(r1, 0x11) msgctl$auto_IPC_SET(0x6, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000006380), 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x29) 2.285039439s ago: executing program 1 (id=1092): r0 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) r1 = socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/sys/devices/virtual/mtd/mtd0/mtd0/type\x00', 0x101000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000300)={0x12a004000, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x1}, 0x58) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x7, &(0x7f0000000080), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) select$auto(0x85, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x6}) pread64$auto(r0, 0x0, 0x100000002, 0x100000001) 2.137409232s ago: executing program 2 (id=1093): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyyf\x00', 0x40, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x3) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci2/force_devcoredump\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) process_mrelease$auto(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) socket(0x1d, 0x2, 0x6) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0xa0900, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd6/trace/act_mask\x00', 0x187302, 0x0) close_range$auto(0x2, 0x8, 0x0) ptrace$auto(0x4206, 0x1, 0x0, 0x200012) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) 2.013950839s ago: executing program 1 (id=1094): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x80842, 0x91) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) fcntl$auto(0xffffffffffffffff, 0x7, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)={0x2c, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x11}, 0x24000802) r2 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/dri/vkms/vkms_config\x00', 0x80000, 0x0) mmap$auto(0x0, 0xc00007, 0xdf, 0x9b75, 0xffffffffffffffff, 0x9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) memfd_create$auto(0x0, 0xffff) ioctl$sock_SIOCGIFINDEX(r3, 0x401c5820, 0x0) mmap$auto(0x0, 0x100000001, 0xffb, 0x8000000008011, 0x3, 0x8000) lseek$auto(r2, 0x9, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r4, 0x40104d0e, 0xe) unshare$auto(0x8000000) r5 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) ioctl$auto_TUNSETQUEUE(r5, 0x400454d9, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0x15, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0x840000000002, 0x3, 0xff) 1.962838165s ago: executing program 3 (id=1095): mmap$auto(0x0, 0x2020009, 0x3, 0x16, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r0, 0x89a0, 0x8) 1.792986904s ago: executing program 3 (id=1096): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource0\x00', 0x103000, 0x0) mmap$auto(0x3ff, 0x40000a, 0x9, 0x7f, 0x2, 0x8000) bpf$auto(0x1e, &(0x7f00000000c0)=@raw_tracepoint={0x1009, 0xffffffffffffffff, 0x0, 0x4}, 0x5) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket(0x2b, 0xa, 0xf11) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, 0x55) sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0x700}, 0x55) sendmsg$auto_HWSIM_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x280800, 0x0) sched_setaffinity$auto(0x1, 0x1, 0x0) unshare$auto(0x8000000) semget$auto(0x0, 0x13c, 0x1ff) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x6, 0x7, 0x0, 0x0, 0x80000002) 1.742399592s ago: executing program 0 (id=1097): r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vkms/gem_names\x00', 0x2100, 0x0) lseek$auto(r0, 0x9, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/start_ro\x00', 0x80302, 0x0) sendfile$auto(r1, r1, 0x0, 0xfffffffffffff86a) 1.456508674s ago: executing program 3 (id=1098): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyp5\x00', 0x40, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x3) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x185082, 0x0) write$auto(0x3, 0x0, 0xffdc) unshare$auto(0x40000080) rseq$auto(&(0x7f0000000380)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2, "91c1a8c58e21757288120eaa11a018a668c6d765b15a490be4ce40e0e773fb09e3d76eedfad1a10f680f021208f08ed68a89ee07c185ef35427022e72e29da7eb755ccfb9f15283a0091e491ccac242553900cd4d345006972d3f20c5f85a0e261b40ee9145e1d9364a98f83c7394f37b3a5f7134cf470fc22f9e2739b43bae40cffcdf484b6d8010ec29b911f0451005ad5fa8206b6440806399a81138070b7692cbba52ea5c20dc8434a2f3d92882d79239806eb401cf931e900ce482d8ba95e6f67b1d4dc76415ef2f9a3c2d001119620bac42316ee5ba567809a3415d89d327cf92d93d9f7644c7855e2ba2dd922db64a9c0c0b98e58fe66374dfbf0ab2ed995d8e8f63bfa7816b2ee26dc7d3333b5ffc51f6e4075dcd0d248a6598bf6195bc4"}, 0x7fff, 0x0, 0x6) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) process_mrelease$auto(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) socket(0x1d, 0x2, 0x6) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0xa0900, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(r0, 0xc, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) symlink$auto(&(0x7f0000000300)='\\\':.\x00', &(0x7f0000000040)='\\\':.\x00') readlink$auto(&(0x7f0000000b00)='\xfb\x00', 0x0, 0x800) setsockopt$auto(0x3, 0x0, 0x7, 0x0, 0x27) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/lockdep_chains\x00', 0x10b402, 0x0) pread64$auto(r1, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/bonding/bond0\x00', 0xc0000, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) 1.280622423s ago: executing program 2 (id=1099): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper\x00', 0x20681, 0x0) write$auto(r0, &(0x7f0000000040)='/dev/ram14\x00', 0x2) r1 = ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)=0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) lstat$auto(0x0, &(0x7f0000000180)={0x10, 0x2, 0x2, 0x63, 0x0, 0x0, 0x0, 0x1000000006, 0x7, 0x7fffffffffffffff, 0x5, 0x7fffffff, 0x5, 0x7, 0x7, 0x61, 0x40000104}) r2 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r2, &(0x7f0000000180)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, 0x0, 0x8, 0x80000000}, 0x5}, 0x3b8b, 0xa) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) ioctl$auto_FS_IOC_GETFSSYSFSPATH(r1, 0x80811501, 0x7) rseq$auto(&(0x7f0000000300)={0x6, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8006, 0x1, 0x6) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffffffffffd0b, &(0x7f00000001c0)) connect$auto(r1, &(0x7f0000000080)=@generic={0x10, "80b14667a694bcb2ae497f594b46"}, 0x8) fcntl$auto(0x8000000000000001, 0x5, 0x8) clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000003680)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd7000fddbdf254b000000080009000500000008000300", @ANYRES32=r6], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x890) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) pipe2$auto(0x0, 0x80) socket(0x10, 0x2, 0x4) socket(0x2, 0x6, 0x0) 1.206364043s ago: executing program 1 (id=1100): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) close_range$auto(0x2, 0x8000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_tracing_buffers_fops_trace(r0, 0x1, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x1ba8cc475d0d405c, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x200400, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/configuration\x00', 0x10b800, 0x0) r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto_RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000140)={0xbd, 0x2, {0x7, 0x6, 0x8, 0x5, 0x1, 0x101, 0x4d4b6a92, 0x1, 0x9}}) prctl$auto_PR_MCE_KILL_GET(0x22, 0x8, 0x0, 0xfff, 0x9) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x100, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, 0x0) socket(0xa, 0x2, 0x3a) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x0, 0x2, 0x20000000000000, 0x1, 0x8, 0x300000000000000, 0x80000001, 0x7, 0x4d40, 0x5, 0x2]}, 0x0) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0) setfsuid$auto(0x0) getgid() r4 = gettid() kill$auto(r4, 0x11) 1.013496738s ago: executing program 0 (id=1101): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource0\x00', 0x103000, 0x0) mmap$auto(0x3ff, 0x40000a, 0x9, 0x7f, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket(0x2b, 0xa, 0xf11) unshare$auto(0x8000000) semget$auto(0x0, 0x13c, 0x1ff) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x6, 0x7, 0x0, 0x0, 0x80000002) (fail_nth: 6) 765.32298ms ago: executing program 3 (id=1102): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000400)={{0x5, 0x23, 0xa6, 0x84}, "66ac010005000000000068d590eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eb624ad63110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) io_uring_setup$auto(0x401, 0x0) read$auto(0x3, 0x0, 0x18) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim3/fib/nexthop_bucket_activity\x00', 0x800, 0x0) getsockopt$auto_SO_PEERPIDFD(r1, 0x4, 0x4d, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=0x6) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/ip_forward_update_priority\x00', 0x202, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/mm/transparent_hugepage/hugepages-128kB/enabled\x00', 0x100580, 0x0) 700.450673ms ago: executing program 1 (id=1103): mmap$auto(0xffffffffffffffff, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) shmat$auto(0x59, &(0x7f0000000580)='(\x04', 0xfffffffd) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) (async) r0 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) ioctl$auto(r0, 0x6f2d, r0) (async) ioctl$auto(r0, 0x6f2d, r0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0x5, 0x5) (async) sendmmsg$auto(r0, 0x0, 0x5, 0x5) socket(0x2, 0x1, 0x0) (async) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) (async) epoll_create$auto(0x4) r1 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r1, 0x29, 0x1b, &(0x7f00000000c0)='\x00\x00\x80\xd49\x0fjm\x9c\x93d!\xb7\xe1\x98P\xdc+\xc2\xe5\xd3_\xcaL-\x1c\xc2z\xc0\x00\x00\x00\xab+\xf4\x9e\x19\x91\xbd\xa7\xb2\xdc\xc43\x89\xa0\xc3\x97X\'\n\xfa\x1c\x01\x00\x00\x00\x81\vg', 0x6) mq_open$auto(&(0x7f0000000000)='/dev/sequencer2\x00', 0x5, 0x3, &(0x7f0000000040)={0xe7a2, 0x0, 0x1, 0xa}) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x2, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da0a, 0x7, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sched_get_priority_min$auto(0x40) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x800006, 0x7) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mounts\x00', 0x40800, 0x0) mkdir$auto(0x0, 0xe34e) (async) mkdir$auto(0x0, 0xe34e) socket(0x1d, 0x6, 0x800) (async) socket(0x1d, 0x6, 0x800) chroot$auto(&(0x7f0000000200)='./file0\x00') (async) chroot$auto(&(0x7f0000000200)='./file0\x00') ioperm$auto(0x3, 0x38c, 0x9) openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x40, 0x10, 0xc}, 0x18) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) 192.98033ms ago: executing program 0 (id=1104): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x9, 0x0) fsopen$auto(0x0, 0x1) mmap$auto(0xfffffffffffffffb, 0x2, 0x100000021, 0x400009b75, 0xea8a, 0x8000) r0 = socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x20) r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, r2, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40010) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty26\x00', 0x40002, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x78741, 0x0) fsconfig$auto_SHMEM_HUGE_FORCE(r4, 0x6, 0x0, &(0x7f0000000840)="50a54f6ba2eabf1c36410848849a4bf578fba2127b9325d59d8c3aad22be1e33e4de5da256870639611ce45c07d330882c4e22eb382bc3f634218c4e5f95ff64be95e62a53cba3835dd55f3a95a25989676b15868798fe37dafbc8ed38ddd759ebade969b17849b48c37e4b9727376283c1e26676832a95de29b384fbe53b36b29809e619b2b572524e5d41869bb11380a96c23e69c469e8ca8b98ac31158f6f5cdbd952fff7ba26557f74602433ca4136f2f5b65d1d805be9ff081d981e023b2120d0c159178d368aebecd11b865cb3bf7c063637ca6be8ab142c870c02646a68da9e4ab9ccb4f4eb5481a459b891009db00a52ad47e55d0585c679bb8d1f64cdfa41e378578e7e83581aaff5ef58b5bf92db02b94200d2a97d9f32b227fdd7d73a2c89596a7cd8e5303ea8e4db14007a2139af541af35e30933978c11bcda5d616ee80dc7758a441d3c2a32c952f69026ec57bf9d67b68a9484a2d8f65063cd110be4822bc7688bfab5eaba8ee12b3bdf05677f076df8c3ba3f1d65ce7bd47619513ef9ed583152a551dd22efbcc3c630a5832186b177b485a1664a52360b575bf556f1a5f2b359b7e9639c35194776e3cf1230a56c62796552af68ff42e8e5a898cf5f040bef55d34d1a774d38593648bebb8ae8037be494e87fe7eebccce92453b348365aafc4c16759898769fd9e264434a417fdec90422e71f5dce5b30b7a58f92cb03ead5c10d6eea4689ad1c1341140d80aa456c6625fc350b7a02e9a037b4b79eedddb0dfa870989afb52968560e94960ed25f48c0526279b09572ada44698a3b7d77ac4101b26305e2908645f3cdd7a59ef0d46adea03491dda71aefb33ff74f212720b814ea34edac9c4844199559941834712bd126f1d17e8c9fed6a121495235abeea67f114c19512803d96b69f3dfe6b827ae9ea03fc82c76fbfc0e0b76dad0d7005afc62beb2cbc5fed4fbb1d5c533d038f872c7fa374cade2cfa73d6dc7dc93d50d273505df726d7eb3c25c545af94716087b4700910ffdcb88970c0d0183c48f654e54a3ce7b036b65dd1d3e1b47a3a6ba9f24feb976e5aff37e4b8aa65b3a80b3b15ddd5bbebdb8ca0a598af6322ec10e32e3faba0a13a539d2c01de9c31a21f25a1026b43456dd14c4ce03eaaf0411b48830fe254c8078b71b56aedb9a5b6f52ab6317a48503d88dfca2f03f70b96100ffcf3467e3a1e05c94ce8879a8e49892a707b364b1fa8ed9830df29024924f88f4f16bd471619202a49d40178f34972a5f2c8556fd55877261a672f89828b5123e0b2308f3be9972b16931796a2ac563c8d16992cecc9dd853cda8de915b7b94fdd5591f2698d6fab98ded9d3", 0xfffffffffffffffe) kexec_load$auto(0x9, 0x0, 0x0, 0x1003dfffe) ioctl$auto_TIOCVHANGUP2(r4, 0x5437, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socket(0xf, 0x3, 0x2) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xe, 0xb, &(0x7f0000000180)={0xffffffffffffffff, 0x10}) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000007c0)="dec8c1943b506aeb066db1944b039854d328881581f4f797d7e37732a7831453a165e15192a8a08f2797bf9a9c5b0ca9d9655174c3d8cce51a6fc31d8000afa8ba4f48494da9f9009a99") openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) 46.147321ms ago: executing program 3 (id=1105): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x5, 0x0) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x5, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyq1\x00', 0x501800, 0x0) mmap$auto(0xffffffffffffffff, 0x4, 0x2, 0xeb1, r0, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x244882, 0x0) getsockopt$auto_SO_SNDBUF(r0, 0x6, 0x7, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', &(0x7f0000000080)=0x6) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000003b00)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x1, 0x0) readv$auto(r1, &(0x7f0000003dc0)={0x0, 0x1}, 0x3) r2 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) writev$auto(r2, &(0x7f00000035c0)={0x0, 0x4}, 0x9) mmap$auto(0x0, 0x400008, 0x8000df, 0x10, 0xffffffffffffffff, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/snd/controlC0\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r3, 0x40405515, &(0x7f0000001700)={@inferred, 0xc, 0x3, 0x9, "9d4724b76f4d07faf46cb94d85033d940fdf05ecff75c12163ddeab942ed73d07dadd6f419694d591eca8162"}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x10200, 0x0) socket(0x2b, 0x800, 0x1) r4 = open(&(0x7f0000000000)='.\x00', 0x20000, 0x90) ioctl$auto_USBDEVFS_FORBID_SUSPEND(r4, 0x5521, 0x0) 4.043835ms ago: executing program 1 (id=1106): mmap$auto(0x0, 0x20009, 0xdf, 0x50, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x200, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) socket(0xa, 0x2, 0x0) get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) socket(0xa, 0x801, 0x84) r0 = socket(0x2, 0x801, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x14a402, 0x0) read$auto(0x3, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_clone3(&(0x7f0000000340)={0x8000, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, &(0x7f0000000180)=[0x0], 0x1}, 0x58) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio1\x00', 0x4101, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) sendfile$auto(r2, r2, 0x0, 0x7fffe000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1\x00', 0x0}) sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4080}, 0x40054) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r3, r0, 0x9f, 0x0, 0x1, @relative_fd, 0x5}, 0x96) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa1\x00', 0x80, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x59, 0x7) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0) 0s ago: executing program 2 (id=1107): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffe, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x20499d, 0x9) socket(0x2, 0x1, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8200, 0x1, 0x9, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "7829000000000000000200", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7) socket(0x1, 0x2, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x1000000101, 0x4000000000df, 0x16, 0xffffffffffffffff, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x240000, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/self/pagemap\x00', 0x100801, 0x0) read$auto(r3, 0x0, 0x3a8) ioctl$auto(r2, 0xc0045520, r1) write$auto_sg_fops_sg(r2, &(0x7f0000000080)="4012eaccf5f4b50d602906899d983ef348bcd547113189fabb49ada5f8872f992a0c", 0x22) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/power/runtime_suspended_time\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000080)=""/247, 0xe5) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_LLC_SDREQ(r5, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0xb4, r6, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x1}, @NFC_ATTR_SE_APDU={0x51, 0x19, "778d5c23e042c92e4056e868acd7b761c65cf790fa9c419eb1fafc9e7050dda4828cb606391af7d7e7a78a4584bbcf21c141042acc319d4fac857e3ef0d7c815bd6fd606d9b58a645b4a78f8eb"}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x1}, @NFC_ATTR_DEVICE_NAME={0x4}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x9}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x41}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x400}, @NFC_ATTR_DEVICE_NAME={0x15, 0x2, '&\x99)}$@{(!(^/)@{+{'}, @NFC_ATTR_RF_MODE={0x5, 0xb, 0x2}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000081}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='\"=\xe2;\x18\xa4\xb0\xb4\xd9\x82=\xe1P~\x17\xfb&L\xeb=j\a\xf1y\xb3\x1d\xda#\xca\x94\x1e\x06\x00O\x87@\x10P\x1b\f\xda\xe7\xa8\xdd\xd8\xfb6\xd4\x9f\x16\x18P\xd4\xe8K\xf4\xab\x04\xe3\x1d\xb6ldj\xe5I\x82F\xc3\x04\x00\x00\x00nwD!\x18\xab_8)\\\x91\x85d\x80\xacA\x9e\x01\x1d\xa8\xfcPX\x9aG@\f\xbd\x0eXE\xd6\xa4v*\xead^\xc1\xef\x04\xcf\x8f\x142\xa7\xb8b\xfeP\xcf\xda\xb5,\xed\xc0\x16\xae\r\xdd\xa9\x04\x9953\xfc}\x87o\x10\xa9Q\xa73\x8d\xed\x1emn-\xbb\xb0\x01$\xf9\xceI\xd2\xc7\x82\ag\xcd\x9d\x9ad\x8a\xfd\x88\x86\xa6\xc6\x02\xf9\x17dh*\x1a\xc7\xa2\x1da\xb9\xfck\xf8\xba\xd9\xc1\xc0\xf2\x05\x00\xe1\xcd\x83\x02\x9a%\xd7\xe2\"\xbf\x87\xc9\x13uQu\xf6\r3\xee\r\xb3S\xcc\xae\xd4c\xf3\xba\xde\xb9\x17X<\xdc\xf1V\xad5\xffz\x05y>H\x0e\x89\xaf/\xa9y.@\xb3l\xcc6yYwq\x12eB\xf7g@hH\xb3yPW\x136\xb3dC\x18\x01\xcc\xbe\xc6\x8d\x88\xb7\xe9\xf3[\xf8\x0e\x93{\xee\xff\xd1`8K]a\xb6*\xc2ua\xa6_\xd3\xbe\x93c_fs\xba\xdc\xf6\xa0\xae\xc0\xe4\x8b\xcc\t\xc2J\xf1>\xd8\x93\xee\xa9w#\x00\x00\x00\x00\xf6\x1b\x00l\x97u\x89\x80\xbc\xfb\xfc\x90\xf4\x0e\x82\vQ\x89\xfb\xaf\xc2\xf5\xcd\x1a\x95\xfe3_\xb7\xaf`\xf1\xe8{w\x1b\xfa\x92\xa0H\x82\xbfF\xaf2\xe5}3\xc1Iz\xceQ\x06r\xdf/\xe2[\n;\x90\xd7', 0x80000000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) r7 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg0\x00', 0x0, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x103042, 0x0) bpf$auto(0x40, &(0x7f00000000c0)=@bpf_attr_0={0x0, 0x7, 0x8, 0x4, 0x800, r0, 0x14, "f0f59673e700", 0x0, r7, 0xfffff588, 0x9, 0x0, 0x100000000000200}, 0x7f) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r7, 0x1, &(0x7f00000000c0)) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) kernel console output (not intermixed with test programs): f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.870724][ T8973] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 319.870752][ T8973] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 319.870771][ T8973] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 319.870789][ T8973] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 319.870807][ T8973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.870823][ T8973] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 319.870860][ T8973] [ 320.766652][ T8982] program syz.3.705 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 322.485742][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.495246][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.758716][ T9013] netlink: 'syz.0.714': attribute type 11 has an invalid length. [ 327.039259][ T9100] FAULT_INJECTION: forcing a failure. [ 327.039259][ T9100] name failslab, interval 1, probability 0, space 0, times 0 [ 327.080863][ T9100] CPU: 1 UID: 0 PID: 9100 Comm: syz.3.731 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 327.080901][ T9100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 327.080918][ T9100] Call Trace: [ 327.080927][ T9100] [ 327.080938][ T9100] dump_stack_lvl+0x16c/0x1f0 [ 327.080985][ T9100] should_fail_ex+0x512/0x640 [ 327.081016][ T9100] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 327.081068][ T9100] should_failslab+0xc2/0x120 [ 327.081095][ T9100] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 327.081142][ T9100] ? dccp_feat_clone_sp_val+0x96/0x130 [ 327.081194][ T9100] kmemdup_noprof+0x29/0x60 [ 327.081221][ T9100] dccp_feat_clone_sp_val+0x96/0x130 [ 327.081279][ T9100] __feat_register_sp+0x331/0x5a0 [ 327.081310][ T9100] ? __pfx___feat_register_sp+0x10/0x10 [ 327.081338][ T9100] ? __kasan_kmalloc+0xaa/0xb0 [ 327.081385][ T9100] dccp_feat_init+0x724/0x800 [ 327.081417][ T9100] ? __pfx_dccp_feat_init+0x10/0x10 [ 327.081445][ T9100] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 327.081486][ T9100] ? lockdep_init_map_type+0x5c/0x280 [ 327.081514][ T9100] ? do_init_timer+0xc9/0x110 [ 327.081570][ T9100] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 327.081614][ T9100] ? __pfx_dccp_delack_timer+0x10/0x10 [ 327.081661][ T9100] dccp_init_sock+0x327/0x420 [ 327.081701][ T9100] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 327.081740][ T9100] dccp_v4_init_sock+0x1f/0xa0 [ 327.081774][ T9100] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 327.081811][ T9100] inet_create+0x936/0x1090 [ 327.081844][ T9100] ? inet_create+0x93/0x1090 [ 327.081881][ T9100] __sock_create+0x335/0x8d0 [ 327.081921][ T9100] __sys_socket+0x14d/0x260 [ 327.081954][ T9100] ? __pfx___sys_socket+0x10/0x10 [ 327.081989][ T9100] ? rcu_is_watching+0x12/0xc0 [ 327.082037][ T9100] __x64_sys_socket+0x72/0xb0 [ 327.082067][ T9100] ? lockdep_hardirqs_on+0x7c/0x110 [ 327.082114][ T9100] do_syscall_64+0xcd/0x260 [ 327.082165][ T9100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.082197][ T9100] RIP: 0033:0x7fb66118e169 [ 327.082223][ T9100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.082263][ T9100] RSP: 002b:00007fb661f4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 327.082294][ T9100] RAX: ffffffffffffffda RBX: 00007fb6613b6080 RCX: 00007fb66118e169 [ 327.082316][ T9100] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 327.082336][ T9100] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 327.082356][ T9100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 327.082376][ T9100] R13: 0000000000000000 R14: 00007fb6613b6080 R15: 00007fff626452c8 [ 327.082418][ T9100] [ 328.454702][ T9121] FAULT_INJECTION: forcing a failure. [ 328.454702][ T9121] name failslab, interval 1, probability 0, space 0, times 0 [ 328.454746][ T9121] CPU: 0 UID: 0 PID: 9121 Comm: syz.1.738 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 328.454785][ T9121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 328.454803][ T9121] Call Trace: [ 328.454812][ T9121] [ 328.454824][ T9121] dump_stack_lvl+0x16c/0x1f0 [ 328.454874][ T9121] should_fail_ex+0x512/0x640 [ 328.454919][ T9121] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 328.454965][ T9121] should_failslab+0xc2/0x120 [ 328.454994][ T9121] __kmalloc_cache_noprof+0x6a/0x3e0 [ 328.455034][ T9121] ? device_create_groups_vargs+0x8a/0x270 [ 328.455076][ T9121] device_create_groups_vargs+0x8a/0x270 [ 328.455116][ T9121] device_create+0xed/0x130 [ 328.455152][ T9121] ? __pfx_device_create+0x10/0x10 [ 328.455192][ T9121] ? do_raw_spin_lock+0x12c/0x2b0 [ 328.455229][ T9121] ? is_console_locked+0x9/0x20 [ 328.455271][ T9121] ? con_is_visible+0x65/0x150 [ 328.455308][ T9121] ? csi_J+0x54a/0xad0 [ 328.455360][ T9121] vcs_make_sysfs+0x32/0x80 [ 328.455398][ T9121] vc_allocate+0x501/0x880 [ 328.455442][ T9121] ? __pfx_vc_allocate+0x10/0x10 [ 328.455498][ T9121] con_install+0xa1/0x600 [ 328.455546][ T9121] ? __pfx_con_install+0x10/0x10 [ 328.455597][ T9121] ? __pfx_con_install+0x10/0x10 [ 328.455661][ T9121] tty_init_dev.part.0+0x99/0x500 [ 328.455698][ T9121] tty_open+0xa50/0xf90 [ 328.455737][ T9121] ? __pfx_tty_open+0x10/0x10 [ 328.455769][ T9121] ? chrdev_open+0x10b/0x6a0 [ 328.455821][ T9121] ? __pfx_tty_open+0x10/0x10 [ 328.455852][ T9121] chrdev_open+0x231/0x6a0 [ 328.455898][ T9121] ? __pfx_apparmor_file_open+0x10/0x10 [ 328.455937][ T9121] ? __pfx_chrdev_open+0x10/0x10 [ 328.455986][ T9121] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 328.456056][ T9121] do_dentry_open+0x741/0x1c10 [ 328.456101][ T9121] ? __pfx_chrdev_open+0x10/0x10 [ 328.456159][ T9121] vfs_open+0x82/0x3f0 [ 328.456208][ T9121] path_openat+0x1e5e/0x2d40 [ 328.456269][ T9121] ? __pfx_path_openat+0x10/0x10 [ 328.456326][ T9121] do_filp_open+0x20b/0x470 [ 328.456375][ T9121] ? __pfx_do_filp_open+0x10/0x10 [ 328.456453][ T9121] ? alloc_fd+0x471/0x7d0 [ 328.456509][ T9121] do_sys_openat2+0x11b/0x1d0 [ 328.456542][ T9121] ? __pfx_do_sys_openat2+0x10/0x10 [ 328.456591][ T9121] __x64_sys_openat+0x174/0x210 [ 328.456626][ T9121] ? __pfx___x64_sys_openat+0x10/0x10 [ 328.456665][ T9121] ? rcu_is_watching+0x12/0xc0 [ 328.456715][ T9121] do_syscall_64+0xcd/0x260 [ 328.456766][ T9121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.456800][ T9121] RIP: 0033:0x7f279258e169 [ 328.456825][ T9121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.456858][ T9121] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 328.456888][ T9121] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 328.456909][ T9121] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 328.456931][ T9121] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 328.456950][ T9121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.456968][ T9121] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 328.457010][ T9121] [ 328.557034][ T9116] Invalid ELF header magic: != ELF [ 328.624104][ T9116] FAULT_INJECTION: forcing a failure. [ 328.624104][ T9116] name failslab, interval 1, probability 0, space 0, times 0 [ 328.624171][ T9116] CPU: 1 UID: 0 PID: 9116 Comm: syz.3.736 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 328.624213][ T9116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 328.624233][ T9116] Call Trace: [ 328.624243][ T9116] [ 328.624256][ T9116] dump_stack_lvl+0x16c/0x1f0 [ 328.624308][ T9116] should_fail_ex+0x512/0x640 [ 328.624346][ T9116] ? __kmalloc_noprof+0xbf/0x510 [ 328.624396][ T9116] ? rfkill_alloc+0xac/0x330 [ 328.624433][ T9116] should_failslab+0xc2/0x120 [ 328.624463][ T9116] __kmalloc_noprof+0xd2/0x510 [ 328.624522][ T9116] rfkill_alloc+0xac/0x330 [ 328.624560][ T9116] nfc_register_device+0xe8/0x3c0 [ 328.624613][ T9116] nci_register_device+0x7f1/0xb80 [ 328.624652][ T9116] ? __pfx_nci_register_device+0x10/0x10 [ 328.624694][ T9116] ? lockdep_init_map_type+0x5c/0x280 [ 328.624729][ T9116] virtual_ncidev_open+0x141/0x220 [ 328.624763][ T9116] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 328.624794][ T9116] misc_open+0x35a/0x420 [ 328.624830][ T9116] ? __pfx_misc_open+0x10/0x10 [ 328.624865][ T9116] chrdev_open+0x231/0x6a0 [ 328.624907][ T9116] ? __pfx_apparmor_file_open+0x10/0x10 [ 328.624943][ T9116] ? __pfx_chrdev_open+0x10/0x10 [ 328.624990][ T9116] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 328.625037][ T9116] do_dentry_open+0x741/0x1c10 [ 328.625078][ T9116] ? __pfx_chrdev_open+0x10/0x10 [ 328.625128][ T9116] vfs_open+0x82/0x3f0 [ 328.625161][ T9116] path_openat+0x1e5e/0x2d40 [ 328.625236][ T9116] ? __pfx_path_openat+0x10/0x10 [ 328.625285][ T9116] do_filp_open+0x20b/0x470 [ 328.625325][ T9116] ? __pfx_do_filp_open+0x10/0x10 [ 328.625391][ T9116] ? alloc_fd+0x471/0x7d0 [ 328.625447][ T9116] do_sys_openat2+0x11b/0x1d0 [ 328.625476][ T9116] ? __pfx_do_sys_openat2+0x10/0x10 [ 328.625508][ T9116] ? __rseq_handle_notify_resume+0x69a/0x10c0 [ 328.625550][ T9116] __x64_sys_openat+0x174/0x210 [ 328.625580][ T9116] ? __pfx___x64_sys_openat+0x10/0x10 [ 328.625613][ T9116] ? rcu_is_watching+0x12/0xc0 [ 328.625676][ T9116] do_syscall_64+0xcd/0x260 [ 328.625720][ T9116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.625748][ T9116] RIP: 0033:0x7fb66118e169 [ 328.625770][ T9116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.625797][ T9116] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 328.625823][ T9116] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 328.625842][ T9116] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 328.625859][ T9116] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 328.625876][ T9116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.625893][ T9116] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 328.625928][ T9116] [ 329.072895][ T9132] netlink: 'syz.0.740': attribute type 8 has an invalid length. [ 330.124141][ T9121] tty tty26: ldisc open failed (-12), clearing slot 25 [ 330.354977][ T9136] FAULT_INJECTION: forcing a failure. [ 330.354977][ T9136] name failslab, interval 1, probability 0, space 0, times 0 [ 330.368381][ T9136] CPU: 0 UID: 0 PID: 9136 Comm: syz.3.741 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 330.368426][ T9136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 330.368447][ T9136] Call Trace: [ 330.368458][ T9136] [ 330.368471][ T9136] dump_stack_lvl+0x16c/0x1f0 [ 330.368523][ T9136] should_fail_ex+0x512/0x640 [ 330.368560][ T9136] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 330.368616][ T9136] should_failslab+0xc2/0x120 [ 330.368647][ T9136] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 330.368697][ T9136] ? __pfx___might_resched+0x10/0x10 [ 330.368743][ T9136] ? alloc_vmap_area+0x613/0x2970 [ 330.368786][ T9136] alloc_vmap_area+0x613/0x2970 [ 330.368841][ T9136] ? __pfx_alloc_vmap_area+0x10/0x10 [ 330.368891][ T9136] __get_vm_area_node+0x1a7/0x300 [ 330.368940][ T9136] __vmalloc_node_range_noprof+0x277/0x1540 [ 330.368984][ T9136] ? n_tty_open+0x1a/0x170 [ 330.369033][ T9136] ? n_tty_open+0x1a/0x170 [ 330.369071][ T9136] ? __ldsem_down_write_nested+0x10e/0x850 [ 330.369113][ T9136] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 330.369170][ T9136] ? n_tty_open+0x1a/0x170 [ 330.369206][ T9136] vzalloc_noprof+0x6b/0x90 [ 330.369248][ T9136] ? n_tty_open+0x1a/0x170 [ 330.369281][ T9136] ? __pfx_n_tty_open+0x10/0x10 [ 330.369314][ T9136] n_tty_open+0x1a/0x170 [ 330.369354][ T9136] ? __pfx_n_tty_open+0x10/0x10 [ 330.369388][ T9136] tty_ldisc_open+0x9c/0x120 [ 330.369435][ T9136] tty_ldisc_setup+0x40/0x100 [ 330.369485][ T9136] tty_init_dev.part.0+0x1ec/0x500 [ 330.369522][ T9136] tty_open+0xa50/0xf90 [ 330.369560][ T9136] ? __pfx_tty_open+0x10/0x10 [ 330.369591][ T9136] ? chrdev_open+0x10b/0x6a0 [ 330.369646][ T9136] ? __pfx_tty_open+0x10/0x10 [ 330.369677][ T9136] chrdev_open+0x231/0x6a0 [ 330.369726][ T9136] ? __pfx_apparmor_file_open+0x10/0x10 [ 330.369768][ T9136] ? __pfx_chrdev_open+0x10/0x10 [ 330.369821][ T9136] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 330.369876][ T9136] do_dentry_open+0x741/0x1c10 [ 330.369922][ T9136] ? __pfx_chrdev_open+0x10/0x10 [ 330.369981][ T9136] vfs_open+0x82/0x3f0 [ 330.370019][ T9136] path_openat+0x1e5e/0x2d40 [ 330.370082][ T9136] ? __pfx_path_openat+0x10/0x10 [ 330.370141][ T9136] do_filp_open+0x20b/0x470 [ 330.370189][ T9136] ? __pfx_do_filp_open+0x10/0x10 [ 330.370268][ T9136] ? alloc_fd+0x471/0x7d0 [ 330.370333][ T9136] do_sys_openat2+0x11b/0x1d0 [ 330.370367][ T9136] ? __pfx_do_sys_openat2+0x10/0x10 [ 330.370419][ T9136] __x64_sys_openat+0x174/0x210 [ 330.370454][ T9136] ? __pfx___x64_sys_openat+0x10/0x10 [ 330.370492][ T9136] ? rcu_is_watching+0x12/0xc0 [ 330.370544][ T9136] do_syscall_64+0xcd/0x260 [ 330.370596][ T9136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.370628][ T9136] RIP: 0033:0x7fb66118e169 [ 330.370654][ T9136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.370686][ T9136] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 330.370715][ T9136] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 330.370735][ T9136] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 330.370755][ T9136] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 330.370773][ T9136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.370791][ T9136] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 330.370833][ T9136] [ 330.370875][ T9136] syz.3.741: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 330.849982][ T9144] FAULT_INJECTION: forcing a failure. [ 330.849982][ T9144] name failslab, interval 1, probability 0, space 0, times 0 [ 330.870722][ T9136] CPU: 1 UID: 0 PID: 9136 Comm: syz.3.741 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 330.870763][ T9136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 330.870781][ T9136] Call Trace: [ 330.870790][ T9136] [ 330.870801][ T9136] dump_stack_lvl+0x16c/0x1f0 [ 330.870851][ T9136] warn_alloc+0x248/0x3a0 [ 330.870898][ T9136] ? __pfx_warn_alloc+0x10/0x10 [ 330.870946][ T9136] ? kfree+0x2b6/0x4d0 [ 330.870993][ T9136] ? __get_vm_area_node+0x1e5/0x300 [ 330.871044][ T9136] __vmalloc_node_range_noprof+0xd31/0x1540 [ 330.871099][ T9136] ? n_tty_open+0x1a/0x170 [ 330.871137][ T9136] ? __ldsem_down_write_nested+0x10e/0x850 [ 330.871174][ T9136] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 330.871226][ T9136] ? n_tty_open+0x1a/0x170 [ 330.871259][ T9136] vzalloc_noprof+0x6b/0x90 [ 330.871297][ T9136] ? n_tty_open+0x1a/0x170 [ 330.871327][ T9136] ? __pfx_n_tty_open+0x10/0x10 [ 330.871357][ T9136] n_tty_open+0x1a/0x170 [ 330.871387][ T9136] ? __pfx_n_tty_open+0x10/0x10 [ 330.871418][ T9136] tty_ldisc_open+0x9c/0x120 [ 330.871461][ T9136] tty_ldisc_setup+0x40/0x100 [ 330.871510][ T9136] tty_init_dev.part.0+0x1ec/0x500 [ 330.871561][ T9136] tty_open+0xa50/0xf90 [ 330.871602][ T9136] ? __pfx_tty_open+0x10/0x10 [ 330.871634][ T9136] ? chrdev_open+0x10b/0x6a0 [ 330.871691][ T9136] ? __pfx_tty_open+0x10/0x10 [ 330.871722][ T9136] chrdev_open+0x231/0x6a0 [ 330.871776][ T9136] ? __pfx_apparmor_file_open+0x10/0x10 [ 330.871818][ T9136] ? __pfx_chrdev_open+0x10/0x10 [ 330.871874][ T9136] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 330.871929][ T9136] do_dentry_open+0x741/0x1c10 [ 330.871976][ T9136] ? __pfx_chrdev_open+0x10/0x10 [ 330.872042][ T9136] vfs_open+0x82/0x3f0 [ 330.872081][ T9136] path_openat+0x1e5e/0x2d40 [ 330.872145][ T9136] ? __pfx_path_openat+0x10/0x10 [ 330.872207][ T9136] do_filp_open+0x20b/0x470 [ 330.872256][ T9136] ? __pfx_do_filp_open+0x10/0x10 [ 330.872337][ T9136] ? alloc_fd+0x471/0x7d0 [ 330.872396][ T9136] do_sys_openat2+0x11b/0x1d0 [ 330.872431][ T9136] ? __pfx_do_sys_openat2+0x10/0x10 [ 330.872482][ T9136] __x64_sys_openat+0x174/0x210 [ 330.872518][ T9136] ? __pfx___x64_sys_openat+0x10/0x10 [ 330.872556][ T9136] ? rcu_is_watching+0x12/0xc0 [ 330.872607][ T9136] do_syscall_64+0xcd/0x260 [ 330.872659][ T9136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.872692][ T9136] RIP: 0033:0x7fb66118e169 [ 330.872717][ T9136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.872747][ T9136] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 330.872788][ T9136] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 330.872807][ T9136] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 330.872826][ T9136] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 330.872844][ T9136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.872861][ T9136] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 330.872900][ T9136] [ 330.903062][ T9144] CPU: 0 UID: 0 PID: 9144 Comm: syz.1.743 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 330.903109][ T9144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 330.903130][ T9144] Call Trace: [ 330.903141][ T9144] [ 330.903153][ T9144] dump_stack_lvl+0x16c/0x1f0 [ 330.903209][ T9144] should_fail_ex+0x512/0x640 [ 330.903246][ T9144] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 330.903317][ T9144] should_failslab+0xc2/0x120 [ 330.903349][ T9144] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 330.903405][ T9144] ? find_held_lock+0x2b/0x80 [ 330.903447][ T9144] ? kstrdup_const+0x63/0x80 [ 330.903485][ T9144] kstrdup+0x53/0x100 [ 330.903518][ T9144] kstrdup_const+0x63/0x80 [ 330.903549][ T9144] __kernfs_new_node+0x9b/0x8a0 [ 330.903606][ T9144] ? __pfx___kernfs_new_node+0x10/0x10 [ 330.903671][ T9144] ? find_held_lock+0x2b/0x80 [ 330.903714][ T9144] ? kernfs_root+0xee/0x2a0 [ 330.903774][ T9144] kernfs_new_node+0x13c/0x1e0 [ 330.903810][ T9144] ? __mutex_trylock_common+0xe9/0x250 [ 330.903847][ T9144] kernfs_create_dir_ns+0x4c/0x1a0 [ 330.903889][ T9144] sysfs_create_dir_ns+0x13a/0x2b0 [ 330.903940][ T9144] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 330.903989][ T9144] ? find_held_lock+0x2b/0x80 [ 330.904039][ T9144] ? class_dir_child_ns_type+0xd/0x60 [ 330.904077][ T9144] kobject_add_internal+0x2c4/0x9b0 [ 330.904146][ T9144] kobject_add+0x16e/0x240 [ 330.904176][ T9144] ? __pfx_kobject_add+0x10/0x10 [ 330.904208][ T9144] ? get_device_parent+0x1c5/0x4e0 [ 330.904263][ T9144] ? kobject_put+0xab/0x5a0 [ 330.904332][ T9144] device_add+0x288/0x1a70 [ 330.904367][ T9144] ? __pfx___debug_object_init+0x10/0x10 [ 330.904416][ T9144] ? alloc_workqueue+0x198/0x200 [ 330.904468][ T9144] ? __pfx_device_add+0x10/0x10 [ 330.904519][ T9144] nfc_register_device+0x41/0x3c0 [ 330.904575][ T9144] nci_register_device+0x7f1/0xb80 [ 330.904620][ T9144] ? __pfx_nci_register_device+0x10/0x10 [ 330.904670][ T9144] ? lockdep_init_map_type+0x5c/0x280 [ 330.904711][ T9144] virtual_ncidev_open+0x141/0x220 [ 330.904751][ T9144] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 330.904789][ T9144] misc_open+0x35a/0x420 [ 330.904832][ T9144] ? __pfx_misc_open+0x10/0x10 [ 330.904873][ T9144] chrdev_open+0x231/0x6a0 [ 330.904924][ T9144] ? __pfx_apparmor_file_open+0x10/0x10 [ 330.904967][ T9144] ? __pfx_chrdev_open+0x10/0x10 [ 330.905023][ T9144] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 330.905079][ T9144] do_dentry_open+0x741/0x1c10 [ 330.905127][ T9144] ? __pfx_chrdev_open+0x10/0x10 [ 330.905188][ T9144] vfs_open+0x82/0x3f0 [ 330.905226][ T9144] path_openat+0x1e5e/0x2d40 [ 330.905298][ T9144] ? __pfx_path_openat+0x10/0x10 [ 330.905360][ T9144] do_filp_open+0x20b/0x470 [ 330.905411][ T9144] ? __pfx_do_filp_open+0x10/0x10 [ 330.905492][ T9144] ? alloc_fd+0x471/0x7d0 [ 330.905552][ T9144] do_sys_openat2+0x11b/0x1d0 [ 330.905588][ T9144] ? __pfx_do_sys_openat2+0x10/0x10 [ 330.905641][ T9144] __x64_sys_openat+0x174/0x210 [ 330.905677][ T9144] ? __pfx___x64_sys_openat+0x10/0x10 [ 330.905717][ T9144] ? rcu_is_watching+0x12/0xc0 [ 330.905771][ T9144] do_syscall_64+0xcd/0x260 [ 330.905825][ T9144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.905858][ T9144] RIP: 0033:0x7f279258e169 [ 330.905884][ T9144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.905918][ T9144] RSP: 002b:00007f2793318038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 330.905952][ T9144] RAX: ffffffffffffffda RBX: 00007f27927b6080 RCX: 00007f279258e169 [ 330.905975][ T9144] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 330.905998][ T9144] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 330.906018][ T9144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.906038][ T9144] R13: 0000000000000000 R14: 00007f27927b6080 R15: 00007ffe7bcfccf8 [ 330.906081][ T9144] [ 330.910016][ T9144] kobject: kobject_add_internal failed for nfc2 (error: -12 parent: nfc) [ 330.963334][ T9136] Mem-Info: [ 331.589415][ T9136] active_anon:45195 inactive_anon:96 isolated_anon:0 [ 331.589415][ T9136] active_file:20440 inactive_file:41770 isolated_file:0 [ 331.589415][ T9136] unevictable:768 dirty:2742 writeback:512 [ 331.589415][ T9136] slab_reclaimable:10416 slab_unreclaimable:95004 [ 331.589415][ T9136] mapped:37683 shmem:32713 pagetables:955 [ 331.589415][ T9136] sec_pagetables:0 bounce:0 [ 331.589415][ T9136] kernel_misc_reclaimable:0 [ 331.589415][ T9136] free:1290956 free_pcp:1994 free_cma:0 [ 331.638466][ T9136] Node 0 active_anon:181280kB inactive_anon:384kB active_file:81760kB inactive_file:167004kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:151032kB dirty:10964kB writeback:2048kB shmem:130016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10792kB pagetables:3820kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 331.673796][ T9136] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 331.706604][ T9136] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 331.733786][ T9136] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 331.739636][ T9136] Node 0 DMA32 free:1245424kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:182036kB inactive_anon:384kB active_file:81760kB inactive_file:165432kB unevictable:1536kB writepending:13012kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:7104kB local_pcp:5916kB free_cma:0kB [ 331.783108][ T9136] lowmem_reserve[]: 0 0 1 1 1 [ 331.787935][ T9136] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1572kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 331.833100][ T9136] lowmem_reserve[]: 0 0 0 0 0 [ 331.841428][ T9136] Node 1 Normal free:3903152kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 331.894951][ T9136] lowmem_reserve[]: 0 0 0 0 0 [ 331.899867][ T9136] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 331.925315][ T9136] Node 0 DMA32: 1*4kB (E) 100*8kB (UE) 79*16kB (U) 61*32kB (UME) 92*64kB (UME) 99*128kB (UME) 124*256kB (UME) 49*512kB (UME) 31*1024kB (UM) 12*2048kB (UME) 269*4096kB (M) = 1237556kB [ 331.965710][ T9136] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 331.983262][ T9136] Node 1 Normal: 216*4kB (UM) 56*8kB (UME) 39*16kB (UME) 211*32kB (UME) 95*64kB (UME) 26*128kB (UME) 16*256kB (UME) 6*512kB (UM) 5*1024kB (UME) 3*2048kB (UE) 944*4096kB (M) = 3903152kB [ 332.024648][ T9136] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 332.045094][ T9136] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 332.063280][ T9136] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 332.083656][ T9136] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 332.098892][ T9136] 98347 total pagecache pages [ 332.113297][ T9136] 557 pages in swap cache [ 332.125181][ T9136] Free swap = 123540kB [ 332.133551][ T9136] Total swap = 124996kB [ 332.139611][ T9136] 2097051 pages RAM [ 332.154390][ T9136] 0 pages HighMem/MovableOnly [ 332.159099][ T9136] 429591 pages reserved [ 332.173343][ T9136] 0 pages cma reserved [ 332.183309][ T9136] tty tty26: ldisc open failed (-12), clearing slot 25 [ 332.202305][ T9142] pty pty166: ldisc open failed (-12), clearing slot 166 [ 332.812372][ T9175] FAULT_INJECTION: forcing a failure. [ 332.812372][ T9175] name failslab, interval 1, probability 0, space 0, times 0 [ 332.838577][ T9175] CPU: 1 UID: 0 PID: 9175 Comm: syz.1.751 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 332.838621][ T9175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 332.838640][ T9175] Call Trace: [ 332.838650][ T9175] [ 332.838662][ T9175] dump_stack_lvl+0x16c/0x1f0 [ 332.838715][ T9175] should_fail_ex+0x512/0x640 [ 332.838751][ T9175] ? __kmalloc_node_noprof+0xc5/0x500 [ 332.838806][ T9175] should_failslab+0xc2/0x120 [ 332.838847][ T9175] __kmalloc_node_noprof+0xd8/0x500 [ 332.838905][ T9175] ? __vmalloc_node_range_noprof+0x3eb/0x1540 [ 332.838956][ T9175] __vmalloc_node_range_noprof+0x3eb/0x1540 [ 332.839012][ T9175] ? n_tty_open+0x1a/0x170 [ 332.839053][ T9175] ? __ldsem_down_write_nested+0x10e/0x850 [ 332.839092][ T9175] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 332.839147][ T9175] ? n_tty_open+0x1a/0x170 [ 332.839183][ T9175] vzalloc_noprof+0x6b/0x90 [ 332.839223][ T9175] ? n_tty_open+0x1a/0x170 [ 332.839256][ T9175] ? __pfx_n_tty_open+0x10/0x10 [ 332.839289][ T9175] n_tty_open+0x1a/0x170 [ 332.839322][ T9175] ? __pfx_n_tty_open+0x10/0x10 [ 332.839356][ T9175] tty_ldisc_open+0x9c/0x120 [ 332.839401][ T9175] tty_ldisc_setup+0x40/0x100 [ 332.839448][ T9175] tty_init_dev.part.0+0x1ec/0x500 [ 332.839485][ T9175] tty_open+0xa50/0xf90 [ 332.839523][ T9175] ? __pfx_tty_open+0x10/0x10 [ 332.839560][ T9175] ? chrdev_open+0x10b/0x6a0 [ 332.839614][ T9175] ? __pfx_tty_open+0x10/0x10 [ 332.839644][ T9175] chrdev_open+0x231/0x6a0 [ 332.839692][ T9175] ? __pfx_apparmor_file_open+0x10/0x10 [ 332.839733][ T9175] ? __pfx_chrdev_open+0x10/0x10 [ 332.839786][ T9175] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 332.839839][ T9175] do_dentry_open+0x741/0x1c10 [ 332.839886][ T9175] ? __pfx_chrdev_open+0x10/0x10 [ 332.839950][ T9175] vfs_open+0x82/0x3f0 [ 332.839988][ T9175] path_openat+0x1e5e/0x2d40 [ 332.840053][ T9175] ? __pfx_path_openat+0x10/0x10 [ 332.840111][ T9175] do_filp_open+0x20b/0x470 [ 332.840159][ T9175] ? __pfx_do_filp_open+0x10/0x10 [ 332.840239][ T9175] ? alloc_fd+0x471/0x7d0 [ 332.840297][ T9175] do_sys_openat2+0x11b/0x1d0 [ 332.840331][ T9175] ? __pfx_do_sys_openat2+0x10/0x10 [ 332.840382][ T9175] __x64_sys_openat+0x174/0x210 [ 332.840418][ T9175] ? __pfx___x64_sys_openat+0x10/0x10 [ 332.840454][ T9175] ? rcu_is_watching+0x12/0xc0 [ 332.840506][ T9175] do_syscall_64+0xcd/0x260 [ 332.840557][ T9175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.840590][ T9175] RIP: 0033:0x7f279258e169 [ 332.840615][ T9175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.840645][ T9175] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 332.840674][ T9175] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 332.840695][ T9175] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 332.840716][ T9175] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 332.840736][ T9175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.840755][ T9175] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 332.840797][ T9175] [ 332.843113][ T9175] tty tty26: ldisc open failed (-12), clearing slot 25 [ 334.050414][ T9193] FAULT_INJECTION: forcing a failure. [ 334.050414][ T9193] name failslab, interval 1, probability 0, space 0, times 0 [ 334.115199][ T9193] CPU: 0 UID: 0 PID: 9193 Comm: syz.1.757 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 334.115241][ T9193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 334.115258][ T9193] Call Trace: [ 334.115268][ T9193] [ 334.115278][ T9193] dump_stack_lvl+0x16c/0x1f0 [ 334.115327][ T9193] should_fail_ex+0x512/0x640 [ 334.115360][ T9193] ? __kmalloc_node_noprof+0xc5/0x500 [ 334.115411][ T9193] should_failslab+0xc2/0x120 [ 334.115440][ T9193] __kmalloc_node_noprof+0xd8/0x500 [ 334.115488][ T9193] ? __vmalloc_node_range_noprof+0x3eb/0x1540 [ 334.115534][ T9193] __vmalloc_node_range_noprof+0x3eb/0x1540 [ 334.115588][ T9193] ? n_tty_open+0x1a/0x170 [ 334.115625][ T9193] ? __ldsem_down_write_nested+0x10e/0x850 [ 334.115661][ T9193] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 334.115713][ T9193] ? n_tty_open+0x1a/0x170 [ 334.115745][ T9193] vzalloc_noprof+0x6b/0x90 [ 334.115782][ T9193] ? n_tty_open+0x1a/0x170 [ 334.115812][ T9193] ? __pfx_n_tty_open+0x10/0x10 [ 334.115843][ T9193] n_tty_open+0x1a/0x170 [ 334.115874][ T9193] ? __pfx_n_tty_open+0x10/0x10 [ 334.115904][ T9193] tty_ldisc_open+0x9c/0x120 [ 334.115947][ T9193] tty_ldisc_setup+0x40/0x100 [ 334.115992][ T9193] tty_init_dev.part.0+0x1ec/0x500 [ 334.116025][ T9193] tty_open+0xa50/0xf90 [ 334.116085][ T9193] ? __pfx_tty_open+0x10/0x10 [ 334.116118][ T9193] ? chrdev_open+0x10b/0x6a0 [ 334.116174][ T9193] ? __pfx_tty_open+0x10/0x10 [ 334.116204][ T9193] chrdev_open+0x231/0x6a0 [ 334.116252][ T9193] ? __pfx_apparmor_file_open+0x10/0x10 [ 334.116293][ T9193] ? __pfx_chrdev_open+0x10/0x10 [ 334.116346][ T9193] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 334.116400][ T9193] do_dentry_open+0x741/0x1c10 [ 334.116446][ T9193] ? __pfx_chrdev_open+0x10/0x10 [ 334.116503][ T9193] vfs_open+0x82/0x3f0 [ 334.116540][ T9193] path_openat+0x1e5e/0x2d40 [ 334.116602][ T9193] ? __pfx_path_openat+0x10/0x10 [ 334.116660][ T9193] do_filp_open+0x20b/0x470 [ 334.116707][ T9193] ? __pfx_do_filp_open+0x10/0x10 [ 334.116785][ T9193] ? alloc_fd+0x471/0x7d0 [ 334.116842][ T9193] do_sys_openat2+0x11b/0x1d0 [ 334.116875][ T9193] ? __pfx_do_sys_openat2+0x10/0x10 [ 334.116938][ T9193] __x64_sys_openat+0x174/0x210 [ 334.116971][ T9193] ? __pfx___x64_sys_openat+0x10/0x10 [ 334.117006][ T9193] ? rcu_is_watching+0x12/0xc0 [ 334.117054][ T9193] do_syscall_64+0xcd/0x260 [ 334.117108][ T9193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.117139][ T9193] RIP: 0033:0x7f279258e169 [ 334.117162][ T9193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.117190][ T9193] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 334.117218][ T9193] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 334.117237][ T9193] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 334.117257][ T9193] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 334.117274][ T9193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.117292][ T9193] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 334.117341][ T9193] [ 334.437006][ T9193] tty tty26: ldisc open failed (-12), clearing slot 25 [ 336.767595][ T9230] netlink: 20 bytes leftover after parsing attributes in process `syz.1.766'. [ 340.484487][ T9284] delete_channel: no stack [ 341.471468][ T9309] netlink: 110 bytes leftover after parsing attributes in process `syz.2.787'. [ 341.869974][ T9329] bond0: option all_slaves_active: invalid value () [ 342.329720][ T9342] FAULT_INJECTION: forcing a failure. [ 342.329720][ T9342] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.389513][ T9342] CPU: 0 UID: 0 PID: 9342 Comm: syz.2.793 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 342.389559][ T9342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 342.389587][ T9342] Call Trace: [ 342.389596][ T9342] [ 342.389606][ T9342] dump_stack_lvl+0x16c/0x1f0 [ 342.389649][ T9342] should_fail_ex+0x512/0x640 [ 342.389685][ T9342] _copy_from_user+0x2e/0xd0 [ 342.389721][ T9342] copy_msghdr_from_user+0x98/0x160 [ 342.389778][ T9342] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 342.389823][ T9342] ? __pfx__kstrtoull+0x10/0x10 [ 342.389874][ T9342] ___sys_sendmsg+0xfe/0x1d0 [ 342.389913][ T9342] ? __pfx____sys_sendmsg+0x10/0x10 [ 342.389970][ T9342] ? find_held_lock+0x2b/0x80 [ 342.390030][ T9342] __sys_sendmmsg+0x200/0x420 [ 342.390072][ T9342] ? __pfx___sys_sendmmsg+0x10/0x10 [ 342.390123][ T9342] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 342.390183][ T9342] ? fput+0x70/0xf0 [ 342.390211][ T9342] ? ksys_write+0x1b9/0x240 [ 342.390251][ T9342] ? __pfx_ksys_write+0x10/0x10 [ 342.390288][ T9342] ? rcu_is_watching+0x12/0xc0 [ 342.390331][ T9342] __x64_sys_sendmmsg+0x9c/0x100 [ 342.390369][ T9342] ? lockdep_hardirqs_on+0x7c/0x110 [ 342.390418][ T9342] do_syscall_64+0xcd/0x260 [ 342.390480][ T9342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.390510][ T9342] RIP: 0033:0x7fc10318e169 [ 342.390537][ T9342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.390565][ T9342] RSP: 002b:00007fc103f74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 342.390592][ T9342] RAX: ffffffffffffffda RBX: 00007fc1033b6080 RCX: 00007fc10318e169 [ 342.390611][ T9342] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 342.390628][ T9342] RBP: 00007fc103f74090 R08: 0000000000000000 R09: 0000000000000000 [ 342.390646][ T9342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.390663][ T9342] R13: 0000000000000000 R14: 00007fc1033b6080 R15: 00007ffc2012eb48 [ 342.390699][ T9342] [ 344.404552][ T9386] FAULT_INJECTION: forcing a failure. [ 344.404552][ T9386] name failslab, interval 1, probability 0, space 0, times 0 [ 344.450885][ T9386] CPU: 1 UID: 0 PID: 9386 Comm: syz.1.801 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 344.450927][ T9386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 344.450944][ T9386] Call Trace: [ 344.450953][ T9386] [ 344.450964][ T9386] dump_stack_lvl+0x16c/0x1f0 [ 344.451012][ T9386] should_fail_ex+0x512/0x640 [ 344.451044][ T9386] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 344.451094][ T9386] should_failslab+0xc2/0x120 [ 344.451120][ T9386] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 344.451168][ T9386] ? dccp_feat_clone_sp_val+0x96/0x130 [ 344.451220][ T9386] kmemdup_noprof+0x29/0x60 [ 344.451249][ T9386] dccp_feat_clone_sp_val+0x96/0x130 [ 344.451297][ T9386] __feat_register_sp+0x331/0x5a0 [ 344.451329][ T9386] ? __pfx___feat_register_sp+0x10/0x10 [ 344.451357][ T9386] ? __kasan_kmalloc+0xaa/0xb0 [ 344.451412][ T9386] dccp_feat_init+0x724/0x800 [ 344.451446][ T9386] ? __pfx_dccp_feat_init+0x10/0x10 [ 344.451476][ T9386] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 344.451518][ T9386] ? lockdep_init_map_type+0x5c/0x280 [ 344.451546][ T9386] ? do_init_timer+0xc9/0x110 [ 344.451604][ T9386] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 344.451649][ T9386] ? __pfx_dccp_delack_timer+0x10/0x10 [ 344.451700][ T9386] dccp_init_sock+0x327/0x420 [ 344.451741][ T9386] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 344.451780][ T9386] dccp_v4_init_sock+0x1f/0xa0 [ 344.451815][ T9386] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 344.451854][ T9386] inet_create+0x936/0x1090 [ 344.451887][ T9386] ? inet_create+0x93/0x1090 [ 344.451925][ T9386] __sock_create+0x335/0x8d0 [ 344.451965][ T9386] __sys_socket+0x14d/0x260 [ 344.451999][ T9386] ? __pfx___sys_socket+0x10/0x10 [ 344.452033][ T9386] ? rcu_is_watching+0x12/0xc0 [ 344.452082][ T9386] __x64_sys_socket+0x72/0xb0 [ 344.452113][ T9386] ? lockdep_hardirqs_on+0x7c/0x110 [ 344.452181][ T9386] do_syscall_64+0xcd/0x260 [ 344.452234][ T9386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.452267][ T9386] RIP: 0033:0x7f279258e169 [ 344.452293][ T9386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.452327][ T9386] RSP: 002b:00007f2793318038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 344.452360][ T9386] RAX: ffffffffffffffda RBX: 00007f27927b6080 RCX: 00007f279258e169 [ 344.452382][ T9386] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 344.452408][ T9386] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 344.452429][ T9386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 344.452449][ T9386] R13: 0000000000000000 R14: 00007f27927b6080 R15: 00007ffe7bcfccf8 [ 344.452491][ T9386] [ 344.770564][ T9389] netlink: 342 bytes leftover after parsing attributes in process `syz.3.802'. [ 344.781343][ T9389] netlink: 342 bytes leftover after parsing attributes in process `syz.3.802'. [ 344.912856][ T9389] netlink: 'syz.3.802': attribute type 13 has an invalid length. [ 348.160418][ T9456] FAULT_INJECTION: forcing a failure. [ 348.160418][ T9456] name failslab, interval 1, probability 0, space 0, times 0 [ 348.183735][ T9456] CPU: 1 UID: 0 PID: 9456 Comm: syz.1.814 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 348.183773][ T9456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 348.183789][ T9456] Call Trace: [ 348.183799][ T9456] [ 348.183809][ T9456] dump_stack_lvl+0x16c/0x1f0 [ 348.183853][ T9456] should_fail_ex+0x512/0x640 [ 348.183885][ T9456] ? __kmalloc_node_noprof+0xc5/0x500 [ 348.183934][ T9456] should_failslab+0xc2/0x120 [ 348.183959][ T9456] __kmalloc_node_noprof+0xd8/0x500 [ 348.184003][ T9456] ? __vmalloc_node_range_noprof+0x3eb/0x1540 [ 348.184045][ T9456] __vmalloc_node_range_noprof+0x3eb/0x1540 [ 348.184094][ T9456] ? n_tty_open+0x1a/0x170 [ 348.184129][ T9456] ? __ldsem_down_write_nested+0x10e/0x850 [ 348.184164][ T9456] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 348.184220][ T9456] ? n_tty_open+0x1a/0x170 [ 348.184251][ T9456] vzalloc_noprof+0x6b/0x90 [ 348.184287][ T9456] ? n_tty_open+0x1a/0x170 [ 348.184315][ T9456] ? __pfx_n_tty_open+0x10/0x10 [ 348.184342][ T9456] n_tty_open+0x1a/0x170 [ 348.184369][ T9456] ? __pfx_n_tty_open+0x10/0x10 [ 348.184398][ T9456] tty_ldisc_open+0x9c/0x120 [ 348.184436][ T9456] tty_ldisc_setup+0x40/0x100 [ 348.184478][ T9456] tty_init_dev.part.0+0x1ec/0x500 [ 348.184507][ T9456] tty_open+0xa50/0xf90 [ 348.184556][ T9456] ? __pfx_tty_open+0x10/0x10 [ 348.184585][ T9456] ? chrdev_open+0x10b/0x6a0 [ 348.184632][ T9456] ? __pfx_tty_open+0x10/0x10 [ 348.184658][ T9456] chrdev_open+0x231/0x6a0 [ 348.184701][ T9456] ? __pfx_apparmor_file_open+0x10/0x10 [ 348.184738][ T9456] ? __pfx_chrdev_open+0x10/0x10 [ 348.184796][ T9456] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 348.184851][ T9456] do_dentry_open+0x741/0x1c10 [ 348.184894][ T9456] ? __pfx_chrdev_open+0x10/0x10 [ 348.184955][ T9456] vfs_open+0x82/0x3f0 [ 348.184989][ T9456] path_openat+0x1e5e/0x2d40 [ 348.185045][ T9456] ? __pfx_path_openat+0x10/0x10 [ 348.185098][ T9456] do_filp_open+0x20b/0x470 [ 348.185141][ T9456] ? __pfx_do_filp_open+0x10/0x10 [ 348.185217][ T9456] ? alloc_fd+0x471/0x7d0 [ 348.185268][ T9456] do_sys_openat2+0x11b/0x1d0 [ 348.185299][ T9456] ? __pfx_do_sys_openat2+0x10/0x10 [ 348.185345][ T9456] __x64_sys_openat+0x174/0x210 [ 348.185377][ T9456] ? __pfx___x64_sys_openat+0x10/0x10 [ 348.185411][ T9456] ? rcu_is_watching+0x12/0xc0 [ 348.185459][ T9456] do_syscall_64+0xcd/0x260 [ 348.185505][ T9456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.185534][ T9456] RIP: 0033:0x7f279258e169 [ 348.185558][ T9456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.185587][ T9456] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 348.185614][ T9456] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 348.185633][ T9456] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 348.185651][ T9456] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 348.185668][ T9456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.185685][ T9456] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 348.185719][ T9456] [ 348.508385][ T9456] warn_alloc: 2 callbacks suppressed [ 348.508405][ T9456] syz.1.814: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 348.530923][ T9456] CPU: 1 UID: 0 PID: 9456 Comm: syz.1.814 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 348.530963][ T9456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 348.530981][ T9456] Call Trace: [ 348.530990][ T9456] [ 348.531002][ T9456] dump_stack_lvl+0x16c/0x1f0 [ 348.531051][ T9456] warn_alloc+0x248/0x3a0 [ 348.531098][ T9456] ? __pfx_warn_alloc+0x10/0x10 [ 348.531139][ T9456] ? dump_stack_lvl+0x1a1/0x1f0 [ 348.531200][ T9456] ? rcu_is_watching+0x12/0xc0 [ 348.531239][ T9456] ? __kmalloc_node_noprof+0x23b/0x500 [ 348.531296][ T9456] __vmalloc_node_range_noprof+0x1110/0x1540 [ 348.531350][ T9456] ? n_tty_open+0x1a/0x170 [ 348.531393][ T9456] ? __ldsem_down_write_nested+0x10e/0x850 [ 348.531428][ T9456] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 348.531477][ T9456] ? n_tty_open+0x1a/0x170 [ 348.531528][ T9456] vzalloc_noprof+0x6b/0x90 [ 348.531567][ T9456] ? n_tty_open+0x1a/0x170 [ 348.531598][ T9456] ? __pfx_n_tty_open+0x10/0x10 [ 348.531648][ T9456] n_tty_open+0x1a/0x170 [ 348.531681][ T9456] ? __pfx_n_tty_open+0x10/0x10 [ 348.531715][ T9456] tty_ldisc_open+0x9c/0x120 [ 348.531761][ T9456] tty_ldisc_setup+0x40/0x100 [ 348.531808][ T9456] tty_init_dev.part.0+0x1ec/0x500 [ 348.531845][ T9456] tty_open+0xa50/0xf90 [ 348.531906][ T9456] ? __pfx_tty_open+0x10/0x10 [ 348.531938][ T9456] ? chrdev_open+0x10b/0x6a0 [ 348.531995][ T9456] ? __pfx_tty_open+0x10/0x10 [ 348.532027][ T9456] chrdev_open+0x231/0x6a0 [ 348.532075][ T9456] ? __pfx_apparmor_file_open+0x10/0x10 [ 348.532116][ T9456] ? __pfx_chrdev_open+0x10/0x10 [ 348.532174][ T9456] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 348.532231][ T9456] do_dentry_open+0x741/0x1c10 [ 348.532279][ T9456] ? __pfx_chrdev_open+0x10/0x10 [ 348.532335][ T9456] vfs_open+0x82/0x3f0 [ 348.532370][ T9456] path_openat+0x1e5e/0x2d40 [ 348.532435][ T9456] ? __pfx_path_openat+0x10/0x10 [ 348.532494][ T9456] do_filp_open+0x20b/0x470 [ 348.532544][ T9456] ? __pfx_do_filp_open+0x10/0x10 [ 348.532624][ T9456] ? alloc_fd+0x471/0x7d0 [ 348.532684][ T9456] do_sys_openat2+0x11b/0x1d0 [ 348.532718][ T9456] ? __pfx_do_sys_openat2+0x10/0x10 [ 348.532771][ T9456] __x64_sys_openat+0x174/0x210 [ 348.532806][ T9456] ? __pfx___x64_sys_openat+0x10/0x10 [ 348.532845][ T9456] ? rcu_is_watching+0x12/0xc0 [ 348.532899][ T9456] do_syscall_64+0xcd/0x260 [ 348.532953][ T9456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.532988][ T9456] RIP: 0033:0x7f279258e169 [ 348.533013][ T9456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.533046][ T9456] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 348.533085][ T9456] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 348.533104][ T9456] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 348.533123][ T9456] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 348.533140][ T9456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.533158][ T9456] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 348.533212][ T9456] [ 348.842264][ T9456] Mem-Info: [ 348.845424][ T9456] active_anon:34819 inactive_anon:0 isolated_anon:0 [ 348.845424][ T9456] active_file:20402 inactive_file:39248 isolated_file:0 [ 348.845424][ T9456] unevictable:768 dirty:638 writeback:1 [ 348.845424][ T9456] slab_reclaimable:10254 slab_unreclaimable:94828 [ 348.845424][ T9456] mapped:29503 shmem:22740 pagetables:913 [ 348.845424][ T9456] sec_pagetables:0 bounce:0 [ 348.845424][ T9456] kernel_misc_reclaimable:0 [ 348.845424][ T9456] free:1302926 free_pcp:1511 free_cma:0 [ 348.892557][ T9456] Node 0 active_anon:135972kB inactive_anon:0kB active_file:81608kB inactive_file:156916kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118212kB dirty:2552kB writeback:4kB shmem:90224kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10824kB pagetables:3636kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 348.926992][ T9456] Node 1 active_anon:4104kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:16kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 348.958600][ T9456] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 348.986028][ T9456] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 348.993337][ T9456] Node 0 DMA32 free:1298004kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:137428kB inactive_anon:0kB active_file:81608kB inactive_file:155344kB unevictable:1536kB writepending:2656kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:2568kB local_pcp:1504kB free_cma:0kB [ 349.024045][ T9456] lowmem_reserve[]: 0 0 1 1 1 [ 349.028818][ T9456] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1572kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 349.056610][ T9456] lowmem_reserve[]: 0 0 0 0 0 [ 349.061419][ T9456] Node 1 Normal free:3895116kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:4104kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:3884kB local_pcp:1256kB free_cma:0kB [ 349.091215][ T9456] lowmem_reserve[]: 0 0 0 0 0 [ 349.097224][ T9456] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 349.110116][ T9456] Node 0 DMA32: 31*4kB (ME) 22*8kB (ME) 38*16kB (UE) 134*32kB (UME) 141*64kB (UME) 283*128kB (UME) 175*256kB (UME) 73*512kB (UME) 37*1024kB (UME) 12*2048kB (UME) 269*4096kB (UM) = 1296908kB [ 349.129313][ T9456] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 349.141854][ T9456] Node 1 Normal: 3*4kB (UM) 6*8kB (UE) 37*16kB (UE) 204*32kB (UME) 93*64kB (UE) 26*128kB (UME) 15*256kB (UME) 4*512kB (U) 4*1024kB (UE) 3*2048kB (UE) 943*4096kB (M) = 3895116kB [ 349.159805][ T9456] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 349.171120][ T9456] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 349.180907][ T9456] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 349.190559][ T9456] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 349.200891][ T9456] 83576 total pagecache pages [ 349.205735][ T9456] 25 pages in swap cache [ 349.210001][ T9456] Free swap = 124992kB [ 349.214196][ T9456] Total swap = 124996kB [ 349.214212][ T9456] 2097051 pages RAM [ 349.214222][ T9456] 0 pages HighMem/MovableOnly [ 349.214233][ T9456] 429591 pages reserved [ 349.214243][ T9456] 0 pages cma reserved [ 349.214294][ T9456] tty tty26: ldisc open failed (-12), clearing slot 25 [ 350.648570][ T5853] Bluetooth: hci0: unexpected event 0x04 length: 459 > 10 [ 352.753729][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout syzkaller syzkaller login: [ 353.681824][ T9553] warning: `syz.3.834' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 353.942876][ T9550] Invalid ELF header magic: != ELF [ 355.147038][ T9587] netlink: 16 bytes leftover after parsing attributes in process `syz.1.840'. [ 357.322544][ T9616] openvswitch: HfR: Dropping previously announced user features [ 358.225831][ T9623] delete_channel: no stack [ 359.964760][ T9658] synth uevent: /bus/memstick: unknown uevent action string [ 360.928957][ T9673] netlink: 4 bytes leftover after parsing attributes in process `syz.1.864'. [ 360.950875][ T9673] netlink: 25 bytes leftover after parsing attributes in process `syz.1.864'. [ 361.053356][ T9677] netlink: 338 bytes leftover after parsing attributes in process `syz.2.865'. [ 361.072015][ T9677] netlink: 338 bytes leftover after parsing attributes in process `syz.2.865'. [ 361.152855][ T9677] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 361.165089][ T9677] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 361.669915][ T5853] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 362.305560][ T9703] openvswitch: HfR: Dropping previously announced user features [ 362.436443][ T9706] openvswitch: HfR: Dropping previously announced user features [ 365.471260][ T9761] FAULT_INJECTION: forcing a failure. [ 365.471260][ T9761] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 365.471311][ T9761] CPU: 0 UID: 0 PID: 9761 Comm: syz.3.886 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 365.471352][ T9761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 365.471372][ T9761] Call Trace: [ 365.471382][ T9761] [ 365.471394][ T9761] dump_stack_lvl+0x16c/0x1f0 [ 365.471446][ T9761] should_fail_ex+0x512/0x640 [ 365.471490][ T9761] should_fail_alloc_page+0xe7/0x130 [ 365.471525][ T9761] prepare_alloc_pages+0x3c2/0x610 [ 365.471573][ T9761] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 365.471628][ T9761] ? stack_trace_save+0x8e/0xc0 [ 365.471683][ T9761] ? __lock_acquire+0xaa4/0x1ba0 [ 365.471734][ T9761] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 365.471791][ T9761] ? fb_var_to_videomode+0x4c9/0x690 [ 365.471837][ T9761] ? __pfx_fb_match_mode+0x10/0x10 [ 365.471881][ T9761] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 365.471924][ T9761] ? lockdep_hardirqs_on+0x7c/0x110 [ 365.471975][ T9761] ? vc_allocate+0x489/0x880 [ 365.472022][ T9761] __alloc_pages_noprof+0xb/0x1b0 [ 365.472078][ T9761] ___kmalloc_large_node+0x82/0x1e0 [ 365.472117][ T9761] ? con_is_visible+0x65/0x150 [ 365.472161][ T9761] __kmalloc_large_node_noprof+0x1c/0x70 [ 365.472206][ T9761] __kmalloc_noprof.cold+0xc/0x61 [ 365.472261][ T9761] vc_allocate+0x489/0x880 [ 365.472312][ T9761] ? __pfx_vc_allocate+0x10/0x10 [ 365.472374][ T9761] con_install+0xa1/0x600 [ 365.472428][ T9761] ? __pfx_con_install+0x10/0x10 [ 365.472486][ T9761] ? __pfx_con_install+0x10/0x10 [ 365.472539][ T9761] tty_init_dev.part.0+0x99/0x500 [ 365.472576][ T9761] tty_open+0xa50/0xf90 [ 365.472615][ T9761] ? __pfx_tty_open+0x10/0x10 [ 365.472648][ T9761] ? chrdev_open+0x10b/0x6a0 [ 365.472721][ T9761] ? __pfx_tty_open+0x10/0x10 [ 365.472750][ T9761] chrdev_open+0x231/0x6a0 [ 365.472796][ T9761] ? __pfx_apparmor_file_open+0x10/0x10 [ 365.472837][ T9761] ? __pfx_chrdev_open+0x10/0x10 [ 365.472890][ T9761] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 365.472945][ T9761] do_dentry_open+0x741/0x1c10 [ 365.472990][ T9761] ? __pfx_chrdev_open+0x10/0x10 [ 365.473048][ T9761] vfs_open+0x82/0x3f0 [ 365.473091][ T9761] path_openat+0x1e5e/0x2d40 [ 365.473155][ T9761] ? __pfx_path_openat+0x10/0x10 [ 365.473212][ T9761] do_filp_open+0x20b/0x470 [ 365.473261][ T9761] ? __pfx_do_filp_open+0x10/0x10 [ 365.473339][ T9761] ? alloc_fd+0x471/0x7d0 [ 365.473395][ T9761] do_sys_openat2+0x11b/0x1d0 [ 365.473440][ T9761] ? __pfx_do_sys_openat2+0x10/0x10 [ 365.473487][ T9761] __x64_sys_openat+0x174/0x210 [ 365.473520][ T9761] ? __pfx___x64_sys_openat+0x10/0x10 [ 365.473555][ T9761] ? rcu_is_watching+0x12/0xc0 [ 365.473602][ T9761] do_syscall_64+0xcd/0x260 [ 365.473668][ T9761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.473700][ T9761] RIP: 0033:0x7fb66118e169 [ 365.473725][ T9761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 365.473756][ T9761] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 365.473788][ T9761] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 365.473809][ T9761] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 365.473829][ T9761] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 365.473849][ T9761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 365.473867][ T9761] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 365.473909][ T9761] [ 366.773418][ T30] audit: type=1800 audit(4294969361.895:5): pid=9794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.896" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 367.454930][ T9812] FAULT_INJECTION: forcing a failure. [ 367.454930][ T9812] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 367.454980][ T9812] CPU: 1 UID: 0 PID: 9812 Comm: syz.2.902 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 367.455017][ T9812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 367.455035][ T9812] Call Trace: [ 367.455044][ T9812] [ 367.455055][ T9812] dump_stack_lvl+0x16c/0x1f0 [ 367.455102][ T9812] should_fail_ex+0x512/0x640 [ 367.455141][ T9812] should_fail_alloc_page+0xe7/0x130 [ 367.455172][ T9812] prepare_alloc_pages+0x3c2/0x610 [ 367.455216][ T9812] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 367.455277][ T9812] ? stack_trace_save+0x8e/0xc0 [ 367.455324][ T9812] ? __lock_acquire+0xaa4/0x1ba0 [ 367.455368][ T9812] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 367.455415][ T9812] ? fb_var_to_videomode+0x4c9/0x690 [ 367.455453][ T9812] ? __pfx_fb_match_mode+0x10/0x10 [ 367.455490][ T9812] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 367.455527][ T9812] ? lockdep_hardirqs_on+0x7c/0x110 [ 367.455571][ T9812] ? vc_allocate+0x489/0x880 [ 367.455612][ T9812] __alloc_pages_noprof+0xb/0x1b0 [ 367.455653][ T9812] ___kmalloc_large_node+0x82/0x1e0 [ 367.455685][ T9812] ? con_is_visible+0x65/0x150 [ 367.455723][ T9812] __kmalloc_large_node_noprof+0x1c/0x70 [ 367.455759][ T9812] __kmalloc_noprof.cold+0xc/0x61 [ 367.455805][ T9812] vc_allocate+0x489/0x880 [ 367.455849][ T9812] ? __pfx_vc_allocate+0x10/0x10 [ 367.455901][ T9812] con_install+0xa1/0x600 [ 367.455946][ T9812] ? __pfx_con_install+0x10/0x10 [ 367.456003][ T9812] ? __pfx_con_install+0x10/0x10 [ 367.456049][ T9812] tty_init_dev.part.0+0x99/0x500 [ 367.456081][ T9812] tty_open+0xa50/0xf90 [ 367.456115][ T9812] ? __pfx_tty_open+0x10/0x10 [ 367.456142][ T9812] ? chrdev_open+0x10b/0x6a0 [ 367.456189][ T9812] ? __pfx_tty_open+0x10/0x10 [ 367.456216][ T9812] chrdev_open+0x231/0x6a0 [ 367.456258][ T9812] ? __pfx_apparmor_file_open+0x10/0x10 [ 367.456293][ T9812] ? __pfx_chrdev_open+0x10/0x10 [ 367.456339][ T9812] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 367.456386][ T9812] do_dentry_open+0x741/0x1c10 [ 367.456426][ T9812] ? __pfx_chrdev_open+0x10/0x10 [ 367.456477][ T9812] vfs_open+0x82/0x3f0 [ 367.456509][ T9812] path_openat+0x1e5e/0x2d40 [ 367.456563][ T9812] ? __pfx_path_openat+0x10/0x10 [ 367.456614][ T9812] do_filp_open+0x20b/0x470 [ 367.456656][ T9812] ? __pfx_do_filp_open+0x10/0x10 [ 367.456724][ T9812] ? alloc_fd+0x471/0x7d0 [ 367.456774][ T9812] do_sys_openat2+0x11b/0x1d0 [ 367.456803][ T9812] ? __pfx_do_sys_openat2+0x10/0x10 [ 367.456848][ T9812] __x64_sys_openat+0x174/0x210 [ 367.456878][ T9812] ? __pfx___x64_sys_openat+0x10/0x10 [ 367.456911][ T9812] ? rcu_is_watching+0x12/0xc0 [ 367.456964][ T9812] do_syscall_64+0xcd/0x260 [ 367.457010][ T9812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.457039][ T9812] RIP: 0033:0x7fc10318e169 [ 367.457061][ T9812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.457088][ T9812] RSP: 002b:00007fc103f95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 367.457114][ T9812] RAX: ffffffffffffffda RBX: 00007fc1033b5fa0 RCX: 00007fc10318e169 [ 367.457131][ T9812] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 367.457148][ T9812] RBP: 00007fc103210a68 R08: 0000000000000000 R09: 0000000000000000 [ 367.457164][ T9812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.457179][ T9812] R13: 0000000000000000 R14: 00007fc1033b5fa0 R15: 00007ffc2012eb48 [ 367.457215][ T9812] [ 367.976264][ T9816] sctp: failed to load transform for md5: -2 [ 368.805847][ T9837] netlink: 20 bytes leftover after parsing attributes in process `syz.2.910'. [ 369.052067][ T9838] FAULT_INJECTION: forcing a failure. [ 369.052067][ T9838] name failslab, interval 1, probability 0, space 0, times 0 [ 369.085372][ T9838] CPU: 1 UID: 0 PID: 9838 Comm: syz.1.911 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 369.085409][ T9838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 369.085424][ T9838] Call Trace: [ 369.085451][ T9838] [ 369.085461][ T9838] dump_stack_lvl+0x16c/0x1f0 [ 369.085509][ T9838] should_fail_ex+0x512/0x640 [ 369.085541][ T9838] ? fs_reclaim_acquire+0xae/0x150 [ 369.085588][ T9838] should_failslab+0xc2/0x120 [ 369.085617][ T9838] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 369.085662][ T9838] ? jbd2__journal_start+0x193/0x6a0 [ 369.085695][ T9838] ? __pfx___might_resched+0x10/0x10 [ 369.085741][ T9838] jbd2__journal_start+0x193/0x6a0 [ 369.085778][ T9838] __ext4_journal_start_sb+0x195/0x690 [ 369.085821][ T9838] ? ext4_dirty_inode+0xa1/0x130 [ 369.085850][ T9838] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 369.085877][ T9838] ext4_dirty_inode+0xa1/0x130 [ 369.085903][ T9838] ? rcu_is_watching+0x12/0xc0 [ 369.085939][ T9838] __mark_inode_dirty+0x1eb/0xe50 [ 369.085976][ T9838] generic_update_time+0xcf/0xf0 [ 369.086008][ T9838] file_update_time+0x17d/0x1c0 [ 369.086038][ T9838] ext4_page_mkwrite+0x35e/0x1750 [ 369.086076][ T9838] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 369.086115][ T9838] do_page_mkwrite+0x171/0x380 [ 369.086145][ T9838] do_pte_missing+0x29c/0x3fb0 [ 369.086188][ T9838] ? __handle_mm_fault+0x1010/0x2a40 [ 369.086233][ T9838] __handle_mm_fault+0x103d/0x2a40 [ 369.086284][ T9838] ? __pfx___handle_mm_fault+0x10/0x10 [ 369.086320][ T9838] ? lock_vma_under_rcu+0x47d/0x970 [ 369.086351][ T9838] ? lock_vma_under_rcu+0x47d/0x970 [ 369.086415][ T9838] handle_mm_fault+0x3fe/0xad0 [ 369.086460][ T9838] do_user_addr_fault+0x60c/0x1370 [ 369.086505][ T9838] exc_page_fault+0x5c/0xc0 [ 369.086546][ T9838] asm_exc_page_fault+0x26/0x30 [ 369.086574][ T9838] RIP: 0033:0x7f279246e2fa [ 369.086604][ T9838] Code: 01 4c 89 44 24 10 4c 89 54 24 08 e8 e0 a0 fe ff 48 8b 43 38 4c 8b 44 24 10 83 43 28 08 4c 8b 54 24 08 48 8d 48 f8 48 89 4b 38 <48> 89 68 f8 45 3b 78 04 0f 82 5e fe ff ff e9 ed fe ff ff 0f 1f 00 [ 369.086633][ T9838] RSP: 002b:00007ffe7bcfcd30 EFLAGS: 00010202 [ 369.086655][ T9838] RAX: 0000001b30af5000 RBX: 00007f27932e5720 RCX: 0000001b30af4ff8 [ 369.086673][ T9838] RDX: 0000001b30720220 RSI: 0000000000000008 RDI: 00007f27932e5720 [ 369.086691][ T9838] RBP: ffffffff8b6dacf0 R08: 00007f27927b6038 R09: 00007f27927a2000 [ 369.086709][ T9838] R10: 00007f2791bff008 R11: 0000000000000015 R12: 0000000000000015 [ 369.086736][ T9838] R13: 0000000000000188 R14: ffffffff8b6da2e8 R15: 000000000000070b [ 369.086754][ T9838] ? vsnprintf+0x318/0x1160 [ 369.086790][ T9838] ? vsnprintf+0xd20/0x1160 [ 369.086835][ T9838] [ 369.347392][ C1] vkms_vblank_simulate: vblank timer overrun [ 369.482634][ T9840] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 369.495830][ T9840] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 369.503974][ T9840] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 369.516356][ T9840] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 369.522868][ T9840] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 369.535352][ T9840] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 369.751391][ T9860] FAULT_INJECTION: forcing a failure. [ 369.751391][ T9860] name failslab, interval 1, probability 0, space 0, times 0 [ 369.751425][ T9860] CPU: 1 UID: 0 PID: 9860 Comm: syz.1.919 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 369.751453][ T9860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 369.751468][ T9860] Call Trace: [ 369.751474][ T9860] [ 369.751483][ T9860] dump_stack_lvl+0x16c/0x1f0 [ 369.751522][ T9860] should_fail_ex+0x512/0x640 [ 369.751548][ T9860] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 369.751582][ T9860] should_failslab+0xc2/0x120 [ 369.751604][ T9860] __kmalloc_cache_noprof+0x6a/0x3e0 [ 369.751643][ T9860] ? device_create_groups_vargs+0x8a/0x270 [ 369.751676][ T9860] device_create_groups_vargs+0x8a/0x270 [ 369.751707][ T9860] device_create+0xed/0x130 [ 369.751732][ T9860] ? __pfx_device_create+0x10/0x10 [ 369.751755][ T9860] ? do_raw_spin_lock+0x12c/0x2b0 [ 369.751784][ T9860] ? is_console_locked+0x9/0x20 [ 369.751816][ T9860] ? con_is_visible+0x65/0x150 [ 369.751846][ T9860] ? csi_J+0x54a/0xad0 [ 369.751885][ T9860] vcs_make_sysfs+0x32/0x80 [ 369.751915][ T9860] vc_allocate+0x501/0x880 [ 369.751950][ T9860] ? __pfx_vc_allocate+0x10/0x10 [ 369.752013][ T9860] con_install+0xa1/0x600 [ 369.752066][ T9860] ? __pfx_con_install+0x10/0x10 [ 369.752116][ T9860] ? __pfx_con_install+0x10/0x10 [ 369.752153][ T9860] tty_init_dev.part.0+0x99/0x500 [ 369.752179][ T9860] tty_open+0xa50/0xf90 [ 369.752207][ T9860] ? __pfx_tty_open+0x10/0x10 [ 369.752229][ T9860] ? chrdev_open+0x10b/0x6a0 [ 369.752268][ T9860] ? __pfx_tty_open+0x10/0x10 [ 369.752289][ T9860] chrdev_open+0x231/0x6a0 [ 369.752323][ T9860] ? __pfx_apparmor_file_open+0x10/0x10 [ 369.752353][ T9860] ? __pfx_chrdev_open+0x10/0x10 [ 369.752391][ T9860] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 369.752429][ T9860] do_dentry_open+0x741/0x1c10 [ 369.752462][ T9860] ? __pfx_chrdev_open+0x10/0x10 [ 369.752504][ T9860] vfs_open+0x82/0x3f0 [ 369.752530][ T9860] path_openat+0x1e5e/0x2d40 [ 369.752575][ T9860] ? __pfx_path_openat+0x10/0x10 [ 369.752623][ T9860] do_filp_open+0x20b/0x470 [ 369.752659][ T9860] ? __pfx_do_filp_open+0x10/0x10 [ 369.752724][ T9860] ? alloc_fd+0x471/0x7d0 [ 369.752761][ T9860] do_sys_openat2+0x11b/0x1d0 [ 369.752781][ T9860] ? __pfx_do_sys_openat2+0x10/0x10 [ 369.752812][ T9860] __x64_sys_openat+0x174/0x210 [ 369.752833][ T9860] ? __pfx___x64_sys_openat+0x10/0x10 [ 369.752856][ T9860] ? rcu_is_watching+0x12/0xc0 [ 369.752887][ T9860] do_syscall_64+0xcd/0x260 [ 369.752919][ T9860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.752939][ T9860] RIP: 0033:0x7f279258e169 [ 369.752954][ T9860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.752974][ T9860] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 369.752992][ T9860] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 369.753006][ T9860] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 369.753018][ T9860] RBP: 00007f2792610a68 R08: 0000000000000000 R09: 0000000000000000 [ 369.753030][ T9860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 369.753042][ T9860] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 369.753067][ T9860] [ 369.806472][ T9861] FAULT_INJECTION: forcing a failure. [ 369.806472][ T9861] name fail_futex, interval 1, probability 0, space 0, times 0 [ 369.806591][ T9861] CPU: 1 UID: 0 PID: 9861 Comm: syz.3.918 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 369.806642][ T9861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 369.806659][ T9861] Call Trace: [ 369.806680][ T9861] [ 369.806690][ T9861] dump_stack_lvl+0x16c/0x1f0 [ 369.806737][ T9861] should_fail_ex+0x512/0x640 [ 369.806776][ T9861] get_futex_key+0x49e/0x1000 [ 369.806821][ T9861] ? __pfx_get_futex_key+0x10/0x10 [ 369.806874][ T9861] futex_wake+0xe7/0x4e0 [ 369.806907][ T9861] ? __pfx_futex_wake+0x10/0x10 [ 369.806937][ T9861] ? kmem_cache_free+0x2d4/0x4d0 [ 369.806979][ T9861] ? fd_install+0x225/0x750 [ 369.807021][ T9861] ? putname+0x154/0x1a0 [ 369.807055][ T9861] do_futex+0x1e3/0x350 [ 369.807096][ T9861] ? __pfx_do_futex+0x10/0x10 [ 369.807158][ T9861] __x64_sys_futex+0x1e0/0x4c0 [ 369.807217][ T9861] ? __x64_sys_openat+0x174/0x210 [ 369.807249][ T9861] ? __pfx___x64_sys_futex+0x10/0x10 [ 369.807305][ T9861] ? rcu_is_watching+0x12/0xc0 [ 369.807346][ T9861] do_syscall_64+0xcd/0x260 [ 369.807390][ T9861] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.807416][ T9861] RIP: 0033:0x7fb66118e169 [ 369.807438][ T9861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.807466][ T9861] RSP: 002b:00007fb661f4f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 369.807491][ T9861] RAX: ffffffffffffffda RBX: 00007fb6613b6088 RCX: 00007fb66118e169 [ 369.807510][ T9861] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb6613b608c [ 369.807525][ T9861] RBP: 00007fb6613b6080 R08: 00007fb661f71000 R09: 0000000000000000 [ 369.807542][ T9861] R10: 0000000000000008 R11: 0000000000000246 R12: 00007fb6613b608c [ 369.807560][ T9861] R13: 0000000000000000 R14: 00007fff626451e0 R15: 00007fff626452c8 [ 369.807599][ T9861] [ 370.172231][ T9866] FAULT_INJECTION: forcing a failure. [ 370.172231][ T9866] name failslab, interval 1, probability 0, space 0, times 0 [ 370.172279][ T9866] CPU: 1 UID: 0 PID: 9866 Comm: syz.3.921 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 370.172320][ T9866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 370.172339][ T9866] Call Trace: [ 370.172349][ T9866] [ 370.172362][ T9866] dump_stack_lvl+0x16c/0x1f0 [ 370.172418][ T9866] should_fail_ex+0x512/0x640 [ 370.172456][ T9866] ? fs_reclaim_acquire+0xae/0x150 [ 370.172502][ T9866] should_failslab+0xc2/0x120 [ 370.172534][ T9866] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 370.172601][ T9866] ? security_inode_alloc+0x3b/0x2b0 [ 370.172645][ T9866] security_inode_alloc+0x3b/0x2b0 [ 370.172685][ T9866] inode_init_always_gfp+0xce4/0x1030 [ 370.172742][ T9866] alloc_inode+0x86/0x240 [ 370.172781][ T9866] new_inode+0x22/0x1c0 [ 370.172822][ T9866] hugetlbfs_get_inode+0x354/0x730 [ 370.172868][ T9866] hugetlb_file_setup+0x15b/0x620 [ 370.172915][ T9866] ksys_mmap_pgoff+0x189/0x5c0 [ 370.172955][ T9866] ? rcu_is_watching+0x12/0xc0 [ 370.173001][ T9866] __x64_sys_mmap+0x125/0x190 [ 370.173046][ T9866] do_syscall_64+0xcd/0x260 [ 370.173111][ T9866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.173145][ T9866] RIP: 0033:0x7fb66118e169 [ 370.173170][ T9866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 370.173203][ T9866] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 370.173234][ T9866] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 370.173256][ T9866] RDX: 00004000000000e3 RSI: 0000000000200004 RDI: 0000000000000000 [ 370.173277][ T9866] RBP: 00007fb661210a68 R08: 000000000000000d R09: 0000300000000000 [ 370.173299][ T9866] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 370.173319][ T9866] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 370.173361][ T9866] [ 370.651289][ T9876] Invalid ELF header magic: != ELF [ 370.880792][ T9860] tty tty26: ldisc open failed (-12), clearing slot 25 [ 371.047291][ T9879] FAULT_INJECTION: forcing a failure. [ 371.047291][ T9879] name failslab, interval 1, probability 0, space 0, times 0 [ 371.076036][ T9879] CPU: 1 UID: 0 PID: 9879 Comm: syz.2.924 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 371.076064][ T9879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 371.076075][ T9879] Call Trace: [ 371.076082][ T9879] [ 371.076088][ T9879] dump_stack_lvl+0x16c/0x1f0 [ 371.076121][ T9879] should_fail_ex+0x512/0x640 [ 371.076143][ T9879] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 371.076175][ T9879] should_failslab+0xc2/0x120 [ 371.076194][ T9879] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 371.076234][ T9879] ? security_file_alloc+0x34/0x2b0 [ 371.076274][ T9879] security_file_alloc+0x34/0x2b0 [ 371.076309][ T9879] init_file+0x93/0x4c0 [ 371.076329][ T9879] alloc_empty_file+0x73/0x1e0 [ 371.076350][ T9879] path_openat+0xe0/0x2d40 [ 371.076375][ T9879] ? __x64_sys_openat+0x174/0x210 [ 371.076395][ T9879] ? do_syscall_64+0xcd/0x260 [ 371.076422][ T9879] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.076449][ T9879] ? __pfx_path_openat+0x10/0x10 [ 371.076483][ T9879] do_filp_open+0x20b/0x470 [ 371.076511][ T9879] ? __pfx_do_filp_open+0x10/0x10 [ 371.076555][ T9879] ? alloc_fd+0x471/0x7d0 [ 371.076589][ T9879] do_sys_openat2+0x11b/0x1d0 [ 371.076608][ T9879] ? __pfx_do_sys_openat2+0x10/0x10 [ 371.076637][ T9879] __x64_sys_openat+0x174/0x210 [ 371.076658][ T9879] ? __pfx___x64_sys_openat+0x10/0x10 [ 371.076680][ T9879] ? rcu_is_watching+0x12/0xc0 [ 371.076710][ T9879] do_syscall_64+0xcd/0x260 [ 371.076747][ T9879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.076766][ T9879] RIP: 0033:0x7fc10318cad0 [ 371.076781][ T9879] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 371.076801][ T9879] RSP: 002b:00007fc103f94fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 371.076819][ T9879] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc10318cad0 [ 371.076850][ T9879] RDX: 0000000000000002 RSI: 00007fc103210d4d RDI: 00000000ffffff9c [ 371.076862][ T9879] RBP: 00007fc103210d4d R08: 0000000000000000 R09: 00007fc103f96000 [ 371.076875][ T9879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 371.076888][ T9879] R13: 0000000000000000 R14: 00007fc1033b5fa0 R15: 00007ffc2012eb48 [ 371.076913][ T9879] [ 371.534045][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout [ 371.540217][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout [ 371.546895][ T5849] Bluetooth: hci0: command 0x0c1a tx timeout [ 371.621910][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout [ 373.624042][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout [ 373.625394][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 374.721947][ T9962] syz.1.943 uses obsolete (PF_INET,SOCK_PACKET) [ 375.820967][ T9985] FAULT_INJECTION: forcing a failure. [ 375.820967][ T9985] name failslab, interval 1, probability 0, space 0, times 0 [ 375.854644][ T9985] CPU: 0 UID: 0 PID: 9985 Comm: syz.1.952 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 375.854682][ T9985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 375.854698][ T9985] Call Trace: [ 375.854707][ T9985] [ 375.854717][ T9985] dump_stack_lvl+0x16c/0x1f0 [ 375.854761][ T9985] should_fail_ex+0x512/0x640 [ 375.854791][ T9985] ? fs_reclaim_acquire+0xae/0x150 [ 375.854825][ T9985] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 375.854858][ T9985] should_failslab+0xc2/0x120 [ 375.854881][ T9985] __kmalloc_noprof+0xd2/0x510 [ 375.854928][ T9985] tomoyo_realpath_from_path+0xc2/0x6e0 [ 375.854964][ T9985] ? tomoyo_profile+0x47/0x60 [ 375.855003][ T9985] tomoyo_path_number_perm+0x245/0x580 [ 375.855031][ T9985] ? tomoyo_path_number_perm+0x237/0x580 [ 375.855064][ T9985] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 375.855096][ T9985] ? find_held_lock+0x2b/0x80 [ 375.855156][ T9985] ? find_held_lock+0x2b/0x80 [ 375.855186][ T9985] ? hook_file_ioctl_common+0x145/0x410 [ 375.855219][ T9985] ? __fget_files+0x20e/0x3c0 [ 375.855264][ T9985] security_file_ioctl+0x9b/0x240 [ 375.855299][ T9985] __x64_sys_ioctl+0xb7/0x200 [ 375.855332][ T9985] do_syscall_64+0xcd/0x260 [ 375.855374][ T9985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 375.855401][ T9985] RIP: 0033:0x7f279258e169 [ 375.855422][ T9985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.855448][ T9985] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 375.855482][ T9985] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 375.855499][ T9985] RDX: 0000000000000000 RSI: 0000000000005411 RDI: 000000000000000e [ 375.855516][ T9985] RBP: 00007f2793339090 R08: 0000000000000000 R09: 0000000000000000 [ 375.855532][ T9985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 375.855548][ T9985] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 375.855583][ T9985] [ 376.135276][ T9985] ERROR: Out of memory at tomoyo_realpath_from_path. [ 377.439015][T10019] FAULT_INJECTION: forcing a failure. [ 377.439015][T10019] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 377.453100][T10019] CPU: 1 UID: 0 PID: 10019 Comm: syz.1.961 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 377.453142][T10019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 377.453160][T10019] Call Trace: [ 377.453170][T10019] [ 377.453181][T10019] dump_stack_lvl+0x16c/0x1f0 [ 377.453233][T10019] should_fail_ex+0x512/0x640 [ 377.453274][T10019] _copy_to_user+0x32/0xd0 [ 377.453325][T10019] simple_read_from_buffer+0xcb/0x170 [ 377.453372][T10019] proc_fail_nth_read+0x197/0x270 [ 377.453417][T10019] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 377.453465][T10019] ? rw_verify_area+0xcf/0x680 [ 377.453502][T10019] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 377.453546][T10019] vfs_read+0x1de/0xc70 [ 377.453594][T10019] ? __pfx___mutex_lock+0x10/0x10 [ 377.453643][T10019] ? __pfx_vfs_read+0x10/0x10 [ 377.453697][T10019] ? __fget_files+0x20e/0x3c0 [ 377.453740][T10019] ? key_validate+0xc0/0x100 [ 377.453796][T10019] ksys_read+0x12a/0x240 [ 377.453836][T10019] ? __pfx_ksys_read+0x10/0x10 [ 377.453889][T10019] do_syscall_64+0xcd/0x260 [ 377.453937][T10019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.453968][T10019] RIP: 0033:0x7f279258cb7c [ 377.453992][T10019] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 377.454023][T10019] RSP: 002b:00007f2793339030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 377.454062][T10019] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258cb7c [ 377.454082][T10019] RDX: 000000000000000f RSI: 00007f27933390a0 RDI: 0000000000000003 [ 377.454100][T10019] RBP: 00007f2793339090 R08: 0000000000000000 R09: 0000000000000000 [ 377.454118][T10019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 377.454135][T10019] R13: 0000000000000001 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 377.454171][T10019] [ 380.622332][T10077] FAULT_INJECTION: forcing a failure. [ 380.622332][T10077] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 380.752359][T10077] CPU: 0 UID: 0 PID: 10077 Comm: syz.2.975 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 380.752403][T10077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 380.752422][T10077] Call Trace: [ 380.752432][T10077] [ 380.752444][T10077] dump_stack_lvl+0x16c/0x1f0 [ 380.752496][T10077] should_fail_ex+0x512/0x640 [ 380.752539][T10077] _copy_to_user+0x32/0xd0 [ 380.752583][T10077] simple_read_from_buffer+0xcb/0x170 [ 380.752630][T10077] proc_fail_nth_read+0x197/0x270 [ 380.752677][T10077] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 380.752724][T10077] ? rw_verify_area+0xcf/0x680 [ 380.752761][T10077] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 380.752827][T10077] vfs_read+0x1de/0xc70 [ 380.752878][T10077] ? __pfx___mutex_lock+0x10/0x10 [ 380.752921][T10077] ? __pfx_vfs_read+0x10/0x10 [ 380.752970][T10077] ? __fget_files+0x20e/0x3c0 [ 380.753023][T10077] ksys_read+0x12a/0x240 [ 380.753061][T10077] ? __pfx_ksys_read+0x10/0x10 [ 380.753099][T10077] ? madvise_unlock+0xf6/0x190 [ 380.753138][T10077] do_syscall_64+0xcd/0x260 [ 380.753185][T10077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.753215][T10077] RIP: 0033:0x7fc10318cb7c [ 380.753238][T10077] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 380.753267][T10077] RSP: 002b:00007fc103f95030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 380.753293][T10077] RAX: ffffffffffffffda RBX: 00007fc1033b5fa0 RCX: 00007fc10318cb7c [ 380.753312][T10077] RDX: 000000000000000f RSI: 00007fc103f950a0 RDI: 0000000000000003 [ 380.753328][T10077] RBP: 00007fc103f95090 R08: 0000000000000000 R09: 0000000000000000 [ 380.753345][T10077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 380.753360][T10077] R13: 0000000000000000 R14: 00007fc1033b5fa0 R15: 00007ffc2012eb48 [ 380.753400][T10077] [ 381.973818][T10101] FAULT_INJECTION: forcing a failure. [ 381.973818][T10101] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 381.973860][T10101] CPU: 1 UID: 0 PID: 10101 Comm: syz.2.982 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 381.973898][T10101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 381.973916][T10101] Call Trace: [ 381.973924][T10101] [ 381.973935][T10101] dump_stack_lvl+0x16c/0x1f0 [ 381.973982][T10101] should_fail_ex+0x512/0x640 [ 381.974028][T10101] should_fail_alloc_page+0xe7/0x130 [ 381.974059][T10101] prepare_alloc_pages+0x3c2/0x610 [ 381.974103][T10101] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 381.974165][T10101] ? stack_trace_save+0x8e/0xc0 [ 381.974213][T10101] ? __lock_acquire+0xaa4/0x1ba0 [ 381.974255][T10101] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 381.974302][T10101] ? fb_var_to_videomode+0x4c9/0x690 [ 381.974341][T10101] ? __pfx_fb_match_mode+0x10/0x10 [ 381.974378][T10101] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 381.974416][T10101] ? lockdep_hardirqs_on+0x7c/0x110 [ 381.974478][T10101] ? vc_allocate+0x489/0x880 [ 381.974522][T10101] __alloc_pages_noprof+0xb/0x1b0 [ 381.974566][T10101] ___kmalloc_large_node+0x82/0x1e0 [ 381.974599][T10101] ? con_is_visible+0x65/0x150 [ 381.974639][T10101] __kmalloc_large_node_noprof+0x1c/0x70 [ 381.974678][T10101] __kmalloc_noprof.cold+0xc/0x61 [ 381.974725][T10101] vc_allocate+0x489/0x880 [ 381.974771][T10101] ? __pfx_vc_allocate+0x10/0x10 [ 381.974829][T10101] con_install+0xa1/0x600 [ 381.974877][T10101] ? __pfx_con_install+0x10/0x10 [ 381.974930][T10101] ? __pfx_con_install+0x10/0x10 [ 381.974977][T10101] tty_init_dev.part.0+0x99/0x500 [ 381.975010][T10101] tty_open+0xa50/0xf90 [ 381.975053][T10101] ? __pfx_tty_open+0x10/0x10 [ 381.975082][T10101] ? chrdev_open+0x10b/0x6a0 [ 381.975131][T10101] ? __pfx_tty_open+0x10/0x10 [ 381.975158][T10101] chrdev_open+0x231/0x6a0 [ 381.975201][T10101] ? __pfx_apparmor_file_open+0x10/0x10 [ 381.975238][T10101] ? __pfx_chrdev_open+0x10/0x10 [ 381.975287][T10101] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 381.975336][T10101] do_dentry_open+0x741/0x1c10 [ 381.975378][T10101] ? __pfx_chrdev_open+0x10/0x10 [ 381.975431][T10101] vfs_open+0x82/0x3f0 [ 381.975466][T10101] path_openat+0x1e5e/0x2d40 [ 381.975526][T10101] ? __pfx_path_openat+0x10/0x10 [ 381.975582][T10101] do_filp_open+0x20b/0x470 [ 381.975625][T10101] ? __pfx_do_filp_open+0x10/0x10 [ 381.975699][T10101] ? alloc_fd+0x471/0x7d0 [ 381.975751][T10101] do_sys_openat2+0x11b/0x1d0 [ 381.975781][T10101] ? __pfx_do_sys_openat2+0x10/0x10 [ 381.975829][T10101] __x64_sys_openat+0x174/0x210 [ 381.975864][T10101] ? __pfx___x64_sys_openat+0x10/0x10 [ 381.975900][T10101] ? rcu_is_watching+0x12/0xc0 [ 381.975949][T10101] do_syscall_64+0xcd/0x260 [ 381.975997][T10101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.976035][T10101] RIP: 0033:0x7fc10318e169 [ 381.976059][T10101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 381.976089][T10101] RSP: 002b:00007fc103f95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 381.976116][T10101] RAX: ffffffffffffffda RBX: 00007fc1033b5fa0 RCX: 00007fc10318e169 [ 381.976136][T10101] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 381.976155][T10101] RBP: 00007fc103210a68 R08: 0000000000000000 R09: 0000000000000000 [ 381.976173][T10101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.976190][T10101] R13: 0000000000000000 R14: 00007fc1033b5fa0 R15: 00007ffc2012eb48 [ 381.976229][T10101] [ 383.574485][T10118] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 383.961547][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.967985][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.007405][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 384.017482][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 384.034397][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 384.055924][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 384.069415][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 384.105154][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 384.121689][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 385.019932][T10129] netlink: 21 bytes leftover after parsing attributes in process `syz.0.990'. [ 385.112282][T10129] netlink: 21 bytes leftover after parsing attributes in process `syz.0.990'. [ 385.198920][T10129] netlink: 21 bytes leftover after parsing attributes in process `syz.0.990'. [ 385.221137][T10161] FAULT_INJECTION: forcing a failure. [ 385.221137][T10161] name failslab, interval 1, probability 0, space 0, times 0 [ 385.310207][T10161] CPU: 1 UID: 0 PID: 10161 Comm: syz.3.995 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 385.310253][T10161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 385.310272][T10161] Call Trace: [ 385.310282][T10161] [ 385.310294][T10161] dump_stack_lvl+0x16c/0x1f0 [ 385.310347][T10161] should_fail_ex+0x512/0x640 [ 385.310385][T10161] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 385.310434][T10161] should_failslab+0xc2/0x120 [ 385.310465][T10161] __kmalloc_cache_noprof+0x6a/0x3e0 [ 385.310509][T10161] ? cuse_channel_open+0x1de/0x7f0 [ 385.310552][T10161] cuse_channel_open+0x1de/0x7f0 [ 385.310601][T10161] ? __pfx_cuse_channel_open+0x10/0x10 [ 385.310640][T10161] misc_open+0x35a/0x420 [ 385.310683][T10161] ? __pfx_misc_open+0x10/0x10 [ 385.310723][T10161] chrdev_open+0x231/0x6a0 [ 385.310781][T10161] ? __pfx_apparmor_file_open+0x10/0x10 [ 385.310821][T10161] ? __pfx_chrdev_open+0x10/0x10 [ 385.310870][T10161] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 385.310921][T10161] do_dentry_open+0x741/0x1c10 [ 385.310964][T10161] ? __pfx_chrdev_open+0x10/0x10 [ 385.311019][T10161] vfs_open+0x82/0x3f0 [ 385.311054][T10161] path_openat+0x1e5e/0x2d40 [ 385.311111][T10161] ? __pfx_path_openat+0x10/0x10 [ 385.311166][T10161] do_filp_open+0x20b/0x470 [ 385.311229][T10161] ? __pfx_do_filp_open+0x10/0x10 [ 385.311307][T10161] ? alloc_fd+0x471/0x7d0 [ 385.311365][T10161] do_sys_openat2+0x11b/0x1d0 [ 385.311399][T10161] ? __pfx_do_sys_openat2+0x10/0x10 [ 385.311449][T10161] __x64_sys_openat+0x174/0x210 [ 385.311484][T10161] ? __pfx___x64_sys_openat+0x10/0x10 [ 385.311522][T10161] ? rcu_is_watching+0x12/0xc0 [ 385.311580][T10161] do_syscall_64+0xcd/0x260 [ 385.311651][T10161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.311684][T10161] RIP: 0033:0x7fb66118e169 [ 385.311710][T10161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 385.311742][T10161] RSP: 002b:00007fb661f4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 385.311772][T10161] RAX: ffffffffffffffda RBX: 00007fb6613b6080 RCX: 00007fb66118e169 [ 385.311794][T10161] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 385.311815][T10161] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 385.311834][T10161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 385.311853][T10161] R13: 0000000000000000 R14: 00007fb6613b6080 R15: 00007fff626452c8 [ 385.311894][T10161] [ 388.317061][T10220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 388.326302][T10220] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 388.336494][T10220] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 388.366547][T10220] page_type: f5(slab) [ 388.377752][T10220] raw: 00fff00000000040 ffff8881416a0280 dead000000000122 0000000000000000 [ 388.400281][T10220] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 388.443524][T10220] head: 00fff00000000040 ffff8881416a0280 dead000000000122 0000000000000000 [ 388.501642][T10220] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 388.517294][T10220] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 388.538757][T10220] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 388.548772][T10220] page dumped because: unmovable page [ 388.554592][T10220] page_owner tracks the page as allocated [ 388.560696][T10220] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5668, tgid 5668 (dhcpcd-run-hook), ts 72450194117, free_ts 34984014616 [ 388.589749][T10220] post_alloc_hook+0x181/0x1b0 [ 388.596092][T10220] get_page_from_freelist+0x1193/0x39b0 [ 388.602094][T10220] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 388.608237][T10220] alloc_pages_mpol+0x1fb/0x550 [ 388.613787][T10220] new_slab+0x23c/0x330 [ 388.618060][T10220] ___slab_alloc+0xd9c/0x1940 [ 388.623249][T10220] __slab_alloc.constprop.0+0x56/0xb0 [ 388.628704][T10220] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 388.634720][T10220] ext4_alloc_inode+0x28/0x610 [ 388.640261][T10220] alloc_inode+0x61/0x240 [ 388.644717][T10220] iget_locked+0x2e4/0x830 [ 388.649295][T10220] __ext4_iget+0x3ca/0x44e0 [ 388.654120][T10220] ext4_lookup+0x37c/0x730 [ 388.658653][T10220] __lookup_slow+0x24e/0x460 [ 388.663326][T10220] walk_component+0x353/0x5b0 [ 388.668052][T10220] path_lookupat+0x17e/0x780 [ 388.672941][T10220] page last free pid 1 tgid 1 stack trace: [ 388.678793][T10220] __free_frozen_pages+0x69d/0xff0 [ 388.684018][T10220] free_contig_range+0x135/0x3f0 [ 388.689002][T10220] destroy_args+0x66f/0x830 [ 388.694096][T10220] debug_vm_pgtable+0x130e/0x2d50 [ 388.699156][T10220] do_one_initcall+0x120/0x6e0 [ 388.704005][T10220] kernel_init_freeable+0x5c2/0x900 [ 388.709273][T10220] kernel_init+0x1c/0x2b0 [ 388.713825][T10220] ret_from_fork+0x45/0x80 [ 388.718387][T10220] ret_from_fork_asm+0x1a/0x30 [ 388.762040][T10234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 388.770897][T10234] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 388.791530][T10234] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 388.809014][T10234] page_type: f5(slab) [ 388.841679][T10234] raw: 00fff00000000040 ffff8881416a0280 dead000000000122 0000000000000000 [ 388.868626][T10234] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 388.902829][T10234] head: 00fff00000000040 ffff8881416a0280 dead000000000122 0000000000000000 [ 388.926390][T10234] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 388.982706][T10234] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 389.075471][T10234] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 389.111383][T10234] page dumped because: unmovable page [ 389.123867][T10234] page_owner tracks the page as allocated [ 389.130058][T10234] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5668, tgid 5668 (dhcpcd-run-hook), ts 72450194117, free_ts 34984014616 [ 389.156851][T10234] post_alloc_hook+0x181/0x1b0 [ 389.170398][T10234] get_page_from_freelist+0x1193/0x39b0 [ 389.176254][T10234] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 389.182382][T10234] alloc_pages_mpol+0x1fb/0x550 [ 389.187280][T10234] new_slab+0x23c/0x330 [ 389.191476][T10234] ___slab_alloc+0xd9c/0x1940 [ 389.196335][T10234] __slab_alloc.constprop.0+0x56/0xb0 [ 389.201808][T10234] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 389.207662][T10234] ext4_alloc_inode+0x28/0x610 [ 389.212679][T10234] alloc_inode+0x61/0x240 [ 389.217059][T10234] iget_locked+0x2e4/0x830 [ 389.221660][T10234] __ext4_iget+0x3ca/0x44e0 [ 389.226487][T10234] ext4_lookup+0x37c/0x730 [ 389.231957][T10234] __lookup_slow+0x24e/0x460 [ 389.236678][T10234] walk_component+0x353/0x5b0 [ 389.260004][T10234] path_lookupat+0x17e/0x780 [ 389.270137][T10234] page last free pid 1 tgid 1 stack trace: [ 389.276109][T10234] __free_frozen_pages+0x69d/0xff0 [ 389.281459][T10234] free_contig_range+0x135/0x3f0 [ 389.286754][T10234] destroy_args+0x66f/0x830 [ 389.291302][T10234] debug_vm_pgtable+0x130e/0x2d50 [ 389.296842][T10234] do_one_initcall+0x120/0x6e0 [ 389.302036][T10234] kernel_init_freeable+0x5c2/0x900 [ 389.307378][T10234] kernel_init+0x1c/0x2b0 [ 389.313015][T10234] ret_from_fork+0x45/0x80 [ 389.317565][T10234] ret_from_fork_asm+0x1a/0x30 [ 391.198032][T10292] FAULT_INJECTION: forcing a failure. [ 391.198032][T10292] name failslab, interval 1, probability 0, space 0, times 0 [ 391.249762][T10292] CPU: 1 UID: 0 PID: 10292 Comm: syz.3.1028 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 391.249813][T10292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 391.249833][T10292] Call Trace: [ 391.249845][T10292] [ 391.249858][T10292] dump_stack_lvl+0x16c/0x1f0 [ 391.249911][T10292] should_fail_ex+0x512/0x640 [ 391.249950][T10292] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 391.249999][T10292] should_failslab+0xc2/0x120 [ 391.250029][T10292] __kmalloc_cache_noprof+0x6a/0x3e0 [ 391.250075][T10292] ? snd_midi_event_new+0x6f/0x210 [ 391.250131][T10292] snd_midi_event_new+0x6f/0x210 [ 391.250183][T10292] snd_virmidi_input_open+0x107/0x4a0 [ 391.250243][T10292] open_substream+0x478/0x9b0 [ 391.250281][T10292] rawmidi_open_priv+0x513/0x6e0 [ 391.250337][T10292] snd_rawmidi_open+0x4cc/0xbf0 [ 391.250393][T10292] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 391.250429][T10292] ? __pfx_default_wake_function+0x10/0x10 [ 391.250482][T10292] ? kobject_get_unless_zero+0x156/0x1e0 [ 391.250536][T10292] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 391.250570][T10292] snd_open+0x1fe/0x450 [ 391.250613][T10292] ? __pfx_snd_open+0x10/0x10 [ 391.250654][T10292] chrdev_open+0x231/0x6a0 [ 391.250697][T10292] ? __pfx_apparmor_file_open+0x10/0x10 [ 391.250734][T10292] ? __pfx_chrdev_open+0x10/0x10 [ 391.250782][T10292] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 391.250852][T10292] do_dentry_open+0x741/0x1c10 [ 391.250895][T10292] ? __pfx_chrdev_open+0x10/0x10 [ 391.250951][T10292] vfs_open+0x82/0x3f0 [ 391.250987][T10292] path_openat+0x1e5e/0x2d40 [ 391.251047][T10292] ? __pfx_path_openat+0x10/0x10 [ 391.251104][T10292] do_filp_open+0x20b/0x470 [ 391.251149][T10292] ? __pfx_do_filp_open+0x10/0x10 [ 391.251223][T10292] ? alloc_fd+0x471/0x7d0 [ 391.251278][T10292] do_sys_openat2+0x11b/0x1d0 [ 391.251311][T10292] ? __pfx_do_sys_openat2+0x10/0x10 [ 391.251359][T10292] __x64_sys_openat+0x174/0x210 [ 391.251394][T10292] ? __pfx___x64_sys_openat+0x10/0x10 [ 391.251429][T10292] ? rcu_is_watching+0x12/0xc0 [ 391.251493][T10292] do_syscall_64+0xcd/0x260 [ 391.251544][T10292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.251594][T10292] RIP: 0033:0x7fb66118e169 [ 391.251618][T10292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.251668][T10292] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 391.251699][T10292] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 391.251719][T10292] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 391.251740][T10292] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 391.251759][T10292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 391.251778][T10292] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 391.251819][T10292] [ 391.885767][T10299] __nla_validate_parse: 4 callbacks suppressed [ 391.885789][T10299] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1031'. [ 392.135201][T10305] input: f¬ as /devices/virtual/input/input15 [ 392.595100][T10311] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1035'. [ 392.679424][T10311] bond0: (slave bond_slave_1): Releasing backup interface [ 392.986768][T10317] openvswitch: netlink: IP tunnel dst address not specified [ 393.280577][T10325] FAULT_INJECTION: forcing a failure. [ 393.280577][T10325] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 393.280624][T10325] CPU: 1 UID: 0 PID: 10325 Comm: syz.3.1040 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 393.280664][T10325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 393.280682][T10325] Call Trace: [ 393.280693][T10325] [ 393.280705][T10325] dump_stack_lvl+0x16c/0x1f0 [ 393.280757][T10325] should_fail_ex+0x512/0x640 [ 393.280800][T10325] should_fail_alloc_page+0xe7/0x130 [ 393.280834][T10325] prepare_alloc_pages+0x3c2/0x610 [ 393.280881][T10325] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 393.280937][T10325] ? stack_trace_save+0x8e/0xc0 [ 393.280992][T10325] ? __lock_acquire+0xaa4/0x1ba0 [ 393.281052][T10325] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 393.281104][T10325] ? fb_var_to_videomode+0x4c9/0x690 [ 393.281145][T10325] ? __pfx_fb_match_mode+0x10/0x10 [ 393.281186][T10325] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 393.281225][T10325] ? lockdep_hardirqs_on+0x7c/0x110 [ 393.281271][T10325] ? vc_allocate+0x489/0x880 [ 393.281323][T10325] __alloc_pages_noprof+0xb/0x1b0 [ 393.281367][T10325] ___kmalloc_large_node+0x82/0x1e0 [ 393.281402][T10325] ? con_is_visible+0x65/0x150 [ 393.281443][T10325] __kmalloc_large_node_noprof+0x1c/0x70 [ 393.281483][T10325] __kmalloc_noprof.cold+0xc/0x61 [ 393.281533][T10325] vc_allocate+0x489/0x880 [ 393.281580][T10325] ? __pfx_vc_allocate+0x10/0x10 [ 393.281661][T10325] con_install+0xa1/0x600 [ 393.281716][T10325] ? __pfx_con_install+0x10/0x10 [ 393.281775][T10325] ? __pfx_con_install+0x10/0x10 [ 393.281828][T10325] tty_init_dev.part.0+0x99/0x500 [ 393.281867][T10325] tty_open+0xa50/0xf90 [ 393.281908][T10325] ? __pfx_tty_open+0x10/0x10 [ 393.281941][T10325] ? chrdev_open+0x10b/0x6a0 [ 393.281997][T10325] ? __pfx_tty_open+0x10/0x10 [ 393.282028][T10325] chrdev_open+0x231/0x6a0 [ 393.282077][T10325] ? __pfx_apparmor_file_open+0x10/0x10 [ 393.282119][T10325] ? __pfx_chrdev_open+0x10/0x10 [ 393.282172][T10325] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 393.282229][T10325] do_dentry_open+0x741/0x1c10 [ 393.282276][T10325] ? __pfx_chrdev_open+0x10/0x10 [ 393.282343][T10325] vfs_open+0x82/0x3f0 [ 393.282381][T10325] path_openat+0x1e5e/0x2d40 [ 393.282447][T10325] ? __pfx_path_openat+0x10/0x10 [ 393.282508][T10325] do_filp_open+0x20b/0x470 [ 393.282558][T10325] ? __pfx_do_filp_open+0x10/0x10 [ 393.282640][T10325] ? alloc_fd+0x471/0x7d0 [ 393.282699][T10325] do_sys_openat2+0x11b/0x1d0 [ 393.282734][T10325] ? __pfx_do_sys_openat2+0x10/0x10 [ 393.282798][T10325] __x64_sys_openat+0x174/0x210 [ 393.282843][T10325] ? __pfx___x64_sys_openat+0x10/0x10 [ 393.282876][T10325] ? rcu_is_watching+0x12/0xc0 [ 393.282921][T10325] do_syscall_64+0xcd/0x260 [ 393.282965][T10325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.282994][T10325] RIP: 0033:0x7fb66118e169 [ 393.283016][T10325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.283043][T10325] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 393.283070][T10325] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 393.283088][T10325] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 393.283107][T10325] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 393.283123][T10325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.283140][T10325] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 393.283177][T10325] [ 394.295554][T10347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1045'. [ 394.344867][T10330] tty tty12: ldisc open failed (-12), clearing slot 11 [ 394.520439][T10351] FAULT_INJECTION: forcing a failure. [ 394.520439][T10351] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 394.724877][T10351] CPU: 1 UID: 0 PID: 10351 Comm: syz.2.1048 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 394.724923][T10351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 394.724941][T10351] Call Trace: [ 394.724951][T10351] [ 394.724969][T10351] dump_stack_lvl+0x16c/0x1f0 [ 394.725032][T10351] should_fail_ex+0x512/0x640 [ 394.725073][T10351] _copy_from_user+0x2e/0xd0 [ 394.725113][T10351] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 394.725172][T10351] snd_rawmidi_write+0x26e/0xc10 [ 394.725219][T10351] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 394.725254][T10351] ? apparmor_file_permission+0x251/0x400 [ 394.725288][T10351] ? bpf_lsm_file_permission+0x9/0x10 [ 394.725324][T10351] ? security_file_permission+0x71/0x210 [ 394.725362][T10351] ? rw_verify_area+0xcf/0x680 [ 394.725401][T10351] vfs_write+0x25c/0x1180 [ 394.725438][T10351] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 394.725477][T10351] ? __pfx_vfs_write+0x10/0x10 [ 394.725512][T10351] ? find_held_lock+0x2b/0x80 [ 394.725549][T10351] ? __fget_files+0x204/0x3c0 [ 394.725598][T10351] ? __fget_files+0x20e/0x3c0 [ 394.725648][T10351] ksys_write+0x205/0x240 [ 394.725688][T10351] ? __pfx_ksys_write+0x10/0x10 [ 394.725725][T10351] ? rcu_is_watching+0x12/0xc0 [ 394.725771][T10351] do_syscall_64+0xcd/0x260 [ 394.725817][T10351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.725845][T10351] RIP: 0033:0x7fc10318e169 [ 394.725867][T10351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.725895][T10351] RSP: 002b:00007fc103f95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 394.725922][T10351] RAX: ffffffffffffffda RBX: 00007fc1033b5fa0 RCX: 00007fc10318e169 [ 394.725940][T10351] RDX: 000000000000a3d9 RSI: 0000200000000400 RDI: 0000000000000006 [ 394.725957][T10351] RBP: 00007fc103f95090 R08: 0000000000000000 R09: 0000000000000000 [ 394.725975][T10351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 394.725992][T10351] R13: 0000000000000000 R14: 00007fc1033b5fa0 R15: 00007ffc2012eb48 [ 394.726028][T10351] [ 396.326282][T10388] FAULT_INJECTION: forcing a failure. [ 396.326282][T10388] name failslab, interval 1, probability 0, space 0, times 0 [ 396.338972][T10388] CPU: 1 UID: 0 PID: 10388 Comm: syz.1.1052 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 396.339007][T10388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 396.339022][T10388] Call Trace: [ 396.339031][T10388] [ 396.339041][T10388] dump_stack_lvl+0x16c/0x1f0 [ 396.339085][T10388] should_fail_ex+0x512/0x640 [ 396.339115][T10388] ? fs_reclaim_acquire+0xae/0x150 [ 396.339151][T10388] ? tomoyo_encode2+0x100/0x3e0 [ 396.339185][T10388] should_failslab+0xc2/0x120 [ 396.339211][T10388] __kmalloc_noprof+0xd2/0x510 [ 396.339260][T10388] tomoyo_encode2+0x100/0x3e0 [ 396.339302][T10388] tomoyo_encode+0x29/0x50 [ 396.339336][T10388] tomoyo_realpath_from_path+0x18f/0x6e0 [ 396.339378][T10388] ? tomoyo_profile+0x47/0x60 [ 396.339423][T10388] tomoyo_path_number_perm+0x245/0x580 [ 396.339454][T10388] ? tomoyo_path_number_perm+0x237/0x580 [ 396.339488][T10388] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 396.339522][T10388] ? find_held_lock+0x2b/0x80 [ 396.339587][T10388] ? find_held_lock+0x2b/0x80 [ 396.339620][T10388] ? hook_file_ioctl_common+0x145/0x410 [ 396.339657][T10388] ? __fget_files+0x20e/0x3c0 [ 396.339739][T10388] security_file_ioctl+0x9b/0x240 [ 396.339781][T10388] __x64_sys_ioctl+0xb7/0x200 [ 396.339823][T10388] do_syscall_64+0xcd/0x260 [ 396.339880][T10388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.339912][T10388] RIP: 0033:0x7f279258e169 [ 396.339935][T10388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.339967][T10388] RSP: 002b:00007f2793339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 396.339996][T10388] RAX: ffffffffffffffda RBX: 00007f27927b5fa0 RCX: 00007f279258e169 [ 396.340017][T10388] RDX: 0000000000000038 RSI: 000000008208ae63 RDI: 0000000000000003 [ 396.340036][T10388] RBP: 00007f2793339090 R08: 0000000000000000 R09: 0000000000000000 [ 396.340055][T10388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 396.340074][T10388] R13: 0000000000000000 R14: 00007f27927b5fa0 R15: 00007ffe7bcfccf8 [ 396.340116][T10388] [ 396.340142][T10388] ERROR: Out of memory at tomoyo_realpath_from_path. [ 396.726973][T10394] FAULT_INJECTION: forcing a failure. [ 396.726973][T10394] name failslab, interval 1, probability 0, space 0, times 0 [ 396.727013][T10394] CPU: 1 UID: 0 PID: 10394 Comm: syz.3.1055 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 396.727048][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 396.727063][T10394] Call Trace: [ 396.727071][T10394] [ 396.727082][T10394] dump_stack_lvl+0x16c/0x1f0 [ 396.727128][T10394] should_fail_ex+0x512/0x640 [ 396.727161][T10394] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 396.727204][T10394] should_failslab+0xc2/0x120 [ 396.727230][T10394] __kmalloc_cache_noprof+0x6a/0x3e0 [ 396.727270][T10394] ? device_create_groups_vargs+0x8a/0x270 [ 396.727315][T10394] device_create_groups_vargs+0x8a/0x270 [ 396.727353][T10394] device_create+0xed/0x130 [ 396.727386][T10394] ? __pfx_device_create+0x10/0x10 [ 396.727414][T10394] ? do_raw_spin_lock+0x12c/0x2b0 [ 396.727449][T10394] ? is_console_locked+0x9/0x20 [ 396.727488][T10394] ? con_is_visible+0x65/0x150 [ 396.727522][T10394] ? csi_J+0x54a/0xad0 [ 396.727570][T10394] vcs_make_sysfs+0x32/0x80 [ 396.727608][T10394] vc_allocate+0x501/0x880 [ 396.727669][T10394] ? __pfx_vc_allocate+0x10/0x10 [ 396.727731][T10394] con_install+0xa1/0x600 [ 396.727782][T10394] ? __pfx_con_install+0x10/0x10 [ 396.727839][T10394] ? __pfx_con_install+0x10/0x10 [ 396.727909][T10394] tty_init_dev.part.0+0x99/0x500 [ 396.727945][T10394] tty_open+0xa50/0xf90 [ 396.727984][T10394] ? __pfx_tty_open+0x10/0x10 [ 396.728016][T10394] ? chrdev_open+0x10b/0x6a0 [ 396.728068][T10394] ? __pfx_tty_open+0x10/0x10 [ 396.728098][T10394] chrdev_open+0x231/0x6a0 [ 396.728147][T10394] ? __pfx_apparmor_file_open+0x10/0x10 [ 396.728188][T10394] ? __pfx_chrdev_open+0x10/0x10 [ 396.728240][T10394] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 396.728294][T10394] do_dentry_open+0x741/0x1c10 [ 396.728340][T10394] ? __pfx_chrdev_open+0x10/0x10 [ 396.728397][T10394] vfs_open+0x82/0x3f0 [ 396.728435][T10394] path_openat+0x1e5e/0x2d40 [ 396.728499][T10394] ? __pfx_path_openat+0x10/0x10 [ 396.728557][T10394] do_filp_open+0x20b/0x470 [ 396.728603][T10394] ? __pfx_do_filp_open+0x10/0x10 [ 396.728682][T10394] ? alloc_fd+0x471/0x7d0 [ 396.728738][T10394] do_sys_openat2+0x11b/0x1d0 [ 396.728772][T10394] ? __pfx_do_sys_openat2+0x10/0x10 [ 396.728870][T10394] __x64_sys_openat+0x174/0x210 [ 396.728908][T10394] ? __pfx___x64_sys_openat+0x10/0x10 [ 396.728948][T10394] ? rcu_is_watching+0x12/0xc0 [ 396.729003][T10394] do_syscall_64+0xcd/0x260 [ 396.729054][T10394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.729088][T10394] RIP: 0033:0x7fb66118e169 [ 396.729115][T10394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.729148][T10394] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 396.729180][T10394] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 396.729203][T10394] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 396.729225][T10394] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 396.729247][T10394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 396.729268][T10394] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 396.729312][T10394] [ 397.107732][T10404] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1057'. [ 397.564745][T10414] FAULT_INJECTION: forcing a failure. [ 397.564745][T10414] name fail_futex, interval 1, probability 0, space 0, times 0 [ 397.564794][T10414] CPU: 0 UID: 0 PID: 10414 Comm: syz.1.1059 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 397.564835][T10414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 397.564856][T10414] Call Trace: [ 397.564867][T10414] [ 397.564880][T10414] dump_stack_lvl+0x16c/0x1f0 [ 397.564932][T10414] should_fail_ex+0x512/0x640 [ 397.564976][T10414] get_futex_key+0x49e/0x1000 [ 397.565025][T10414] ? __pfx_get_futex_key+0x10/0x10 [ 397.565093][T10414] futex_wake+0xe7/0x4e0 [ 397.565128][T10414] ? __pfx_futex_wake+0x10/0x10 [ 397.565163][T10414] ? kmem_cache_free+0x2d4/0x4d0 [ 397.565208][T10414] ? fd_install+0x225/0x750 [ 397.565251][T10414] ? putname+0x154/0x1a0 [ 397.565290][T10414] do_futex+0x1e3/0x350 [ 397.565336][T10414] ? __pfx_do_futex+0x10/0x10 [ 397.565395][T10414] __x64_sys_futex+0x1e0/0x4c0 [ 397.565444][T10414] ? __x64_sys_openat+0x174/0x210 [ 397.565479][T10414] ? __pfx___x64_sys_futex+0x10/0x10 [ 397.565528][T10414] ? rcu_is_watching+0x12/0xc0 [ 397.565580][T10414] do_syscall_64+0xcd/0x260 [ 397.565632][T10414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.565665][T10414] RIP: 0033:0x7f279258e169 [ 397.565692][T10414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.565724][T10414] RSP: 002b:00007f27933180e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 397.565755][T10414] RAX: ffffffffffffffda RBX: 00007f27927b6088 RCX: 00007f279258e169 [ 397.565777][T10414] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f27927b608c [ 397.565798][T10414] RBP: 00007f27927b6080 R08: 00007f279333a000 R09: 0000000000000000 [ 397.565819][T10414] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f27927b608c [ 397.565840][T10414] R13: 0000000000000000 R14: 00007ffe7bcfcc10 R15: 00007ffe7bcfccf8 [ 397.565884][T10414] [ 398.342621][T10394] tty tty26: ldisc open failed (-12), clearing slot 25 [ 399.295723][T10448] Invalid ELF header magic: != ELF [ 399.649880][T10458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1069'. [ 399.773438][T10463] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1071'. [ 399.930123][ T30] audit: type=1400 audit(4294969395.029:6): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=10462 comm="syz.2.1071" [ 402.008845][T10513] openvswitch: HfR: Dropping previously announced user features [ 402.350374][T10518] FAULT_INJECTION: forcing a failure. [ 402.350374][T10518] name failslab, interval 1, probability 0, space 0, times 0 [ 402.463590][T10518] CPU: 1 UID: 0 PID: 10518 Comm: syz.2.1084 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 402.463634][T10518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 402.463652][T10518] Call Trace: [ 402.463663][T10518] [ 402.463675][T10518] dump_stack_lvl+0x16c/0x1f0 [ 402.463728][T10518] should_fail_ex+0x512/0x640 [ 402.463763][T10518] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 402.463816][T10518] should_failslab+0xc2/0x120 [ 402.463847][T10518] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 402.463893][T10518] ? __proc_create+0xc3/0x8c0 [ 402.463926][T10518] ? __proc_create+0x2ce/0x8c0 [ 402.463976][T10518] __proc_create+0x2ce/0x8c0 [ 402.464010][T10518] ? __pfx___proc_create+0x10/0x10 [ 402.464047][T10518] ? _raw_write_unlock+0x28/0x50 [ 402.464085][T10518] ? proc_register+0x314/0x5f0 [ 402.464122][T10518] proc_create_reg+0x7d/0x180 [ 402.464159][T10518] proc_create_net_data+0x8e/0x1b0 [ 402.464194][T10518] ? __pfx_proc_create_net_data+0x10/0x10 [ 402.464236][T10518] ? __pfx_vlan_init_net+0x10/0x10 [ 402.464268][T10518] vlan_proc_init+0xe3/0x180 [ 402.464313][T10518] ops_init+0x1df/0x5f0 [ 402.464358][T10518] setup_net+0x21e/0x850 [ 402.464404][T10518] ? __pfx_setup_net+0x10/0x10 [ 402.464443][T10518] ? lockdep_init_map_type+0x5c/0x280 [ 402.464482][T10518] ? __pfx_down_read_killable+0x10/0x10 [ 402.464516][T10518] ? debug_mutex_init+0x37/0x70 [ 402.464557][T10518] copy_net_ns+0x2a6/0x5f0 [ 402.464606][T10518] create_new_namespaces+0x3ea/0xad0 [ 402.464658][T10518] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 402.464706][T10518] ksys_unshare+0x45b/0xa40 [ 402.464752][T10518] ? __pfx_ksys_unshare+0x10/0x10 [ 402.464796][T10518] ? xfd_validate_state+0x5d/0x180 [ 402.464831][T10518] ? rcu_is_watching+0x12/0xc0 [ 402.464876][T10518] __x64_sys_unshare+0x31/0x40 [ 402.464920][T10518] do_syscall_64+0xcd/0x260 [ 402.464966][T10518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.464996][T10518] RIP: 0033:0x7fc10318e169 [ 402.465021][T10518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.465049][T10518] RSP: 002b:00007fc103f95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 402.465077][T10518] RAX: ffffffffffffffda RBX: 00007fc1033b5fa0 RCX: 00007fc10318e169 [ 402.465097][T10518] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 402.465116][T10518] RBP: 00007fc103210a68 R08: 0000000000000000 R09: 0000000000000000 [ 402.465134][T10518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 402.465152][T10518] R13: 0000000000000000 R14: 00007fc1033b5fa0 R15: 00007ffc2012eb48 [ 402.465190][T10518] [ 402.465202][T10518] 8021q: can't create entry in proc filesystem! [ 402.659421][T10524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1085'. [ 402.938074][T10528] FAULT_INJECTION: forcing a failure. [ 402.938074][T10528] name failslab, interval 1, probability 0, space 0, times 0 [ 402.964761][T10528] CPU: 0 UID: 0 PID: 10528 Comm: syz.3.1086 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 402.964816][T10528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 402.964835][T10528] Call Trace: [ 402.964844][T10528] [ 402.964856][T10528] dump_stack_lvl+0x16c/0x1f0 [ 402.964904][T10528] should_fail_ex+0x512/0x640 [ 402.964937][T10528] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 402.964985][T10528] should_failslab+0xc2/0x120 [ 402.965012][T10528] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 402.965073][T10528] ? __pfx___might_resched+0x10/0x10 [ 402.965114][T10528] ? alloc_vmap_area+0x613/0x2970 [ 402.965155][T10528] alloc_vmap_area+0x613/0x2970 [ 402.965205][T10528] ? __pfx_alloc_vmap_area+0x10/0x10 [ 402.965250][T10528] __get_vm_area_node+0x1a7/0x300 [ 402.965295][T10528] __vmalloc_node_range_noprof+0x277/0x1540 [ 402.965355][T10528] ? n_tty_open+0x1a/0x170 [ 402.965404][T10528] ? n_tty_open+0x1a/0x170 [ 402.965443][T10528] ? __ldsem_down_write_nested+0x10e/0x850 [ 402.965483][T10528] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 402.965539][T10528] ? n_tty_open+0x1a/0x170 [ 402.965575][T10528] vzalloc_noprof+0x6b/0x90 [ 402.965616][T10528] ? n_tty_open+0x1a/0x170 [ 402.965649][T10528] ? __pfx_n_tty_open+0x10/0x10 [ 402.965689][T10528] n_tty_open+0x1a/0x170 [ 402.965723][T10528] ? __pfx_n_tty_open+0x10/0x10 [ 402.965780][T10528] tty_ldisc_open+0x9c/0x120 [ 402.965828][T10528] tty_ldisc_setup+0x40/0x100 [ 402.965879][T10528] tty_init_dev.part.0+0x1ec/0x500 [ 402.965917][T10528] tty_open+0xa50/0xf90 [ 402.965970][T10528] ? __pfx_tty_open+0x10/0x10 [ 402.966002][T10528] ? chrdev_open+0x10b/0x6a0 [ 402.966055][T10528] ? __pfx_tty_open+0x10/0x10 [ 402.966086][T10528] chrdev_open+0x231/0x6a0 [ 402.966134][T10528] ? __pfx_apparmor_file_open+0x10/0x10 [ 402.966194][T10528] ? __pfx_chrdev_open+0x10/0x10 [ 402.966249][T10528] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 402.966305][T10528] do_dentry_open+0x741/0x1c10 [ 402.966353][T10528] ? __pfx_chrdev_open+0x10/0x10 [ 402.966413][T10528] vfs_open+0x82/0x3f0 [ 402.966464][T10528] path_openat+0x1e5e/0x2d40 [ 402.966528][T10528] ? __pfx_path_openat+0x10/0x10 [ 402.966587][T10528] do_filp_open+0x20b/0x470 [ 402.966634][T10528] ? __pfx_do_filp_open+0x10/0x10 [ 402.966718][T10528] ? alloc_fd+0x471/0x7d0 [ 402.966777][T10528] do_sys_openat2+0x11b/0x1d0 [ 402.966812][T10528] ? __pfx_do_sys_openat2+0x10/0x10 [ 402.966864][T10528] __x64_sys_openat+0x174/0x210 [ 402.966901][T10528] ? __pfx___x64_sys_openat+0x10/0x10 [ 402.966951][T10528] ? rcu_is_watching+0x12/0xc0 [ 402.967001][T10528] do_syscall_64+0xcd/0x260 [ 402.967049][T10528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.967080][T10528] RIP: 0033:0x7fb66118e169 [ 402.967104][T10528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.967134][T10528] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 402.967163][T10528] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 402.967184][T10528] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 402.967204][T10528] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 402.967223][T10528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 402.967241][T10528] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 402.967302][T10528] [ 402.967342][T10528] syz.3.1086: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 403.383331][T10528] CPU: 1 UID: 0 PID: 10528 Comm: syz.3.1086 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 403.383372][T10528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 403.383392][T10528] Call Trace: [ 403.383403][T10528] [ 403.383415][T10528] dump_stack_lvl+0x16c/0x1f0 [ 403.383468][T10528] warn_alloc+0x248/0x3a0 [ 403.383520][T10528] ? __pfx_warn_alloc+0x10/0x10 [ 403.383570][T10528] ? kfree+0x2b6/0x4d0 [ 403.383620][T10528] ? __get_vm_area_node+0x1e5/0x300 [ 403.383682][T10528] __vmalloc_node_range_noprof+0xd31/0x1540 [ 403.383740][T10528] ? n_tty_open+0x1a/0x170 [ 403.383781][T10528] ? __ldsem_down_write_nested+0x10e/0x850 [ 403.383821][T10528] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 403.383877][T10528] ? n_tty_open+0x1a/0x170 [ 403.383912][T10528] vzalloc_noprof+0x6b/0x90 [ 403.383953][T10528] ? n_tty_open+0x1a/0x170 [ 403.383987][T10528] ? __pfx_n_tty_open+0x10/0x10 [ 403.384019][T10528] n_tty_open+0x1a/0x170 [ 403.384052][T10528] ? __pfx_n_tty_open+0x10/0x10 [ 403.384085][T10528] tty_ldisc_open+0x9c/0x120 [ 403.384131][T10528] tty_ldisc_setup+0x40/0x100 [ 403.384178][T10528] tty_init_dev.part.0+0x1ec/0x500 [ 403.384214][T10528] tty_open+0xa50/0xf90 [ 403.384254][T10528] ? __pfx_tty_open+0x10/0x10 [ 403.384286][T10528] ? chrdev_open+0x10b/0x6a0 [ 403.384340][T10528] ? __pfx_tty_open+0x10/0x10 [ 403.384370][T10528] chrdev_open+0x231/0x6a0 [ 403.384428][T10528] ? __pfx_apparmor_file_open+0x10/0x10 [ 403.384466][T10528] ? __pfx_chrdev_open+0x10/0x10 [ 403.384526][T10528] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 403.384574][T10528] do_dentry_open+0x741/0x1c10 [ 403.384616][T10528] ? __pfx_chrdev_open+0x10/0x10 [ 403.384674][T10528] vfs_open+0x82/0x3f0 [ 403.384709][T10528] path_openat+0x1e5e/0x2d40 [ 403.384765][T10528] ? __pfx_path_openat+0x10/0x10 [ 403.384816][T10528] do_filp_open+0x20b/0x470 [ 403.384859][T10528] ? __pfx_do_filp_open+0x10/0x10 [ 403.384928][T10528] ? alloc_fd+0x471/0x7d0 [ 403.384978][T10528] do_sys_openat2+0x11b/0x1d0 [ 403.385008][T10528] ? __pfx_do_sys_openat2+0x10/0x10 [ 403.385053][T10528] __x64_sys_openat+0x174/0x210 [ 403.385084][T10528] ? __pfx___x64_sys_openat+0x10/0x10 [ 403.385118][T10528] ? rcu_is_watching+0x12/0xc0 [ 403.385164][T10528] do_syscall_64+0xcd/0x260 [ 403.385210][T10528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 403.385238][T10528] RIP: 0033:0x7fb66118e169 [ 403.385261][T10528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 403.385289][T10528] RSP: 002b:00007fb661f70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 403.385314][T10528] RAX: ffffffffffffffda RBX: 00007fb6613b5fa0 RCX: 00007fb66118e169 [ 403.385333][T10528] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 403.385351][T10528] RBP: 00007fb661210a68 R08: 0000000000000000 R09: 0000000000000000 [ 403.385368][T10528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 403.385384][T10528] R13: 0000000000000000 R14: 00007fb6613b5fa0 R15: 00007fff626452c8 [ 403.385420][T10528] [ 403.385431][T10528] Mem-Info: [ 403.787858][T10528] active_anon:64623 inactive_anon:0 isolated_anon:0 [ 403.787858][T10528] active_file:20672 inactive_file:39011 isolated_file:0 [ 403.787858][T10528] unevictable:768 dirty:1318 writeback:0 [ 403.787858][T10528] slab_reclaimable:10477 slab_unreclaimable:94644 [ 403.787858][T10528] mapped:45773 shmem:51776 pagetables:1002 [ 403.787858][T10528] sec_pagetables:0 bounce:0 [ 403.787858][T10528] kernel_misc_reclaimable:0 [ 403.787858][T10528] free:1274729 free_pcp:1868 free_cma:0 [ 403.838660][T10528] Node 0 active_anon:258592kB inactive_anon:0kB active_file:82688kB inactive_file:156032kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:183392kB dirty:5268kB writeback:0kB shmem:206968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10380kB pagetables:4008kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 403.899098][T10528] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:12kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 403.938203][T10538] netlink: 1152 bytes leftover after parsing attributes in process `syz.0.1088'. [ 404.036897][T10528] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 404.099206][T10528] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 404.105920][T10528] Node 0 DMA32 free:1185124kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:255124kB inactive_anon:0kB active_file:82672kB inactive_file:154468kB unevictable:1536kB writepending:5268kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:7340kB local_pcp:1348kB free_cma:0kB [ 404.220371][T10528] lowmem_reserve[]: 0 0 1 1 1 [ 404.242186][T10528] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:16kB inactive_file:1564kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB [ 404.363384][T10528] lowmem_reserve[]: 0 0 0 0 0 [ 404.389637][T10528] Node 1 Normal free:3903136kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:12kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 404.521079][T10528] lowmem_reserve[]: 0 0 0 0 0 [ 404.543292][T10528] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 404.599487][T10528] Node 0 DMA32: 176*4kB (UME) 58*8kB (UE) 86*16kB (UME) 61*32kB (UME) 146*64kB (UE) 45*128kB (UM) 28*256kB (UME) 14*512kB (UME) 23*1024kB (UME) 11*2048kB (UME) 269*4096kB (UM) = 1181840kB [ 404.659936][T10528] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 404.688010][T10547] Invalid ELF header magic: != ELF [ 404.709702][T10528] Node 1 Normal: 222*4kB (UM) 61*8kB (UME) 38*16kB (UME) 209*32kB (UME) 95*64kB (UME) 26*128kB (UME) 16*256kB (UME) 6*512kB (UM) 5*1024kB (UME) 3*2048kB (UE) 944*4096kB (M) = 3903136kB [ 404.770549][T10528] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 404.789651][T10528] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 404.799002][T10528] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 404.859596][T10528] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 404.872509][T10528] 108795 total pagecache pages [ 404.877334][T10528] 0 pages in swap cache [ 404.890104][T10528] Free swap = 124996kB [ 404.894341][T10528] Total swap = 124996kB [ 404.898528][T10528] 2097051 pages RAM [ 404.926729][T10528] 0 pages HighMem/MovableOnly [ 404.941658][T10528] 429591 pages reserved [ 404.945880][T10528] 0 pages cma reserved [ 404.970382][T10528] tty tty26: ldisc open failed (-12), clearing slot 25 [ 405.599725][T10555] ptrace attach of "./syz-executor exec"[5842] was attempted by "./syz-executor exec"[10555] [ 406.414329][T10629] input: f¬ as /devices/virtual/input/input16 [ 406.481222][T10610] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 407.130011][T10649] [ 407.132421][T10649] ====================================================== [ 407.139466][T10649] WARNING: possible circular locking dependency detected [ 407.146495][T10649] 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 Not tainted [ 407.153627][T10649] ------------------------------------------------------ [ 407.160742][T10649] syz.3.1105/10649 is trying to acquire lock: [ 407.166817][T10649] ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 407.176081][T10649] [ 407.176081][T10649] but task is already holding lock: [ 407.183463][T10649] ffff8880310921a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 407.193606][T10649] [ 407.193606][T10649] which lock already depends on the new lock. [ 407.193606][T10649] [ 407.204017][T10649] [ 407.204017][T10649] the existing dependency chain (in reverse order) is: [ 407.213039][T10649] [ 407.213039][T10649] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 407.221669][T10649] __mutex_lock+0x199/0xb90 [ 407.226724][T10649] smc_switch_to_fallback+0x2d/0x9f0 [ 407.232545][T10649] smc_sendmsg+0x13d/0x520 [ 407.237500][T10649] ____sys_sendmsg+0xa95/0xc70 [ 407.242836][T10649] ___sys_sendmsg+0x134/0x1d0 [ 407.248052][T10649] __sys_sendmsg+0x16d/0x220 [ 407.253180][T10649] do_syscall_64+0xcd/0x260 [ 407.258222][T10649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.264668][T10649] [ 407.264668][T10649] -> #1 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 407.272424][T10649] lock_sock_nested+0x41/0xf0 [ 407.277647][T10649] sockopt_lock_sock+0x54/0x70 [ 407.282952][T10649] do_ip_setsockopt+0xfe/0x3240 [ 407.288347][T10649] ip_setsockopt+0x59/0xf0 [ 407.293308][T10649] ipv6_setsockopt+0x155/0x170 [ 407.298617][T10649] udpv6_setsockopt+0x7d/0xd0 [ 407.303823][T10649] do_sock_setsockopt+0x221/0x470 [ 407.309393][T10649] __sys_setsockopt+0x1a0/0x230 [ 407.314781][T10649] __x64_sys_setsockopt+0xbd/0x160 [ 407.320431][T10649] do_syscall_64+0xcd/0x260 [ 407.325477][T10649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.331904][T10649] [ 407.331904][T10649] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 407.339142][T10649] __lock_acquire+0x1173/0x1ba0 [ 407.344549][T10649] lock_acquire+0x179/0x350 [ 407.349573][T10649] __mutex_lock+0x199/0xb90 [ 407.354615][T10649] do_ipv6_setsockopt+0x2042/0x4420 [ 407.360353][T10649] ipv6_setsockopt+0xcb/0x170 [ 407.365587][T10649] tcp_setsockopt+0xa4/0x100 [ 407.370714][T10649] smc_setsockopt+0x1b3/0xa00 [ 407.375924][T10649] do_sock_setsockopt+0x221/0x470 [ 407.381504][T10649] __sys_setsockopt+0x1a0/0x230 [ 407.386902][T10649] __x64_sys_setsockopt+0xbd/0x160 [ 407.392590][T10649] do_syscall_64+0xcd/0x260 [ 407.397649][T10649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.404078][T10649] [ 407.404078][T10649] other info that might help us debug this: [ 407.404078][T10649] [ 407.414313][T10649] Chain exists of: [ 407.414313][T10649] rtnl_mutex --> sk_lock-AF_INET6 --> &smc->clcsock_release_lock [ 407.414313][T10649] [ 407.427990][T10649] Possible unsafe locking scenario: [ 407.427990][T10649] [ 407.435443][T10649] CPU0 CPU1 [ 407.440813][T10649] ---- ---- [ 407.446182][T10649] lock(&smc->clcsock_release_lock); [ 407.451569][T10649] lock(sk_lock-AF_INET6); [ 407.458612][T10649] lock(&smc->clcsock_release_lock); [ 407.466514][T10649] lock(rtnl_mutex); [ 407.470516][T10649] [ 407.470516][T10649] *** DEADLOCK *** [ 407.470516][T10649] [ 407.478769][T10649] 1 lock held by syz.3.1105/10649: [ 407.483884][T10649] #0: ffff8880310921a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 407.494454][T10649] [ 407.494454][T10649] stack backtrace: [ 407.500348][T10649] CPU: 0 UID: 0 PID: 10649 Comm: syz.3.1105 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 407.500380][T10649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 407.500396][T10649] Call Trace: [ 407.500405][T10649] [ 407.500414][T10649] dump_stack_lvl+0x116/0x1f0 [ 407.500452][T10649] print_circular_bug+0x275/0x350 [ 407.500490][T10649] check_noncircular+0x14c/0x170 [ 407.500531][T10649] __lock_acquire+0x1173/0x1ba0 [ 407.500575][T10649] lock_acquire+0x179/0x350 [ 407.500596][T10649] ? do_ipv6_setsockopt+0x2042/0x4420 [ 407.500633][T10649] ? __pfx___might_resched+0x10/0x10 [ 407.500667][T10649] ? find_held_lock+0x2b/0x80 [ 407.500697][T10649] __mutex_lock+0x199/0xb90 [ 407.500732][T10649] ? do_ipv6_setsockopt+0x2042/0x4420 [ 407.500767][T10649] ? lock_acquire+0x179/0x350 [ 407.500787][T10649] ? do_ipv6_setsockopt+0x2042/0x4420 [ 407.500824][T10649] ? __pfx___mutex_lock+0x10/0x10 [ 407.500863][T10649] ? finish_task_switch.isra.0+0x221/0xc10 [ 407.500897][T10649] ? rcu_is_watching+0x12/0xc0 [ 407.500927][T10649] ? trace_sched_exit_tp+0xde/0x130 [ 407.500966][T10649] ? do_ipv6_setsockopt+0x2042/0x4420 [ 407.500999][T10649] ? rtnl_lock+0x9/0x20 [ 407.501020][T10649] do_ipv6_setsockopt+0x2042/0x4420 [ 407.501059][T10649] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 407.501095][T10649] ? __lock_acquire+0xaa4/0x1ba0 [ 407.501137][T10649] ? __mutex_trylock_common+0xe9/0x250 [ 407.501166][T10649] ? __pfx___mutex_trylock_common+0x10/0x10 [ 407.501190][T10649] ? __pfx___might_resched+0x10/0x10 [ 407.501224][T10649] ? rcu_is_watching+0x12/0xc0 [ 407.501253][T10649] ? trace_contention_end+0xdd/0x130 [ 407.501276][T10649] ? __mutex_lock+0x1ca/0xb90 [ 407.501312][T10649] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 407.501343][T10649] ? smc_setsockopt+0x100/0xa00 [ 407.501368][T10649] ? __pfx___mutex_lock+0x10/0x10 [ 407.501407][T10649] ? ipv6_setsockopt+0xcb/0x170 [ 407.501440][T10649] ipv6_setsockopt+0xcb/0x170 [ 407.501475][T10649] tcp_setsockopt+0xa4/0x100 [ 407.501505][T10649] smc_setsockopt+0x1b3/0xa00 [ 407.501529][T10649] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 407.501569][T10649] ? __pfx_smc_setsockopt+0x10/0x10 [ 407.501616][T10649] ? __pfx_smc_setsockopt+0x10/0x10 [ 407.501644][T10649] do_sock_setsockopt+0x221/0x470 [ 407.501684][T10649] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 407.501734][T10649] __sys_setsockopt+0x1a0/0x230 [ 407.501769][T10649] __x64_sys_setsockopt+0xbd/0x160 [ 407.501801][T10649] ? do_syscall_64+0x91/0x260 [ 407.501840][T10649] ? lockdep_hardirqs_on+0x7c/0x110 [ 407.501877][T10649] do_syscall_64+0xcd/0x260 [ 407.501917][T10649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.501945][T10649] RIP: 0033:0x7fb66118e169 [ 407.501966][T10649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 407.501992][T10649] RSP: 002b:00007fb661f4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 407.502016][T10649] RAX: ffffffffffffffda RBX: 00007fb6613b6080 RCX: 00007fb66118e169 [ 407.502034][T10649] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0400000000000003 [ 407.502051][T10649] RBP: 00007fb661210a68 R08: 000000000000056b R09: 0000000000000000 [ 407.502068][T10649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 407.502084][T10649] R13: 0000000000000000 R14: 00007fb6613b6080 R15: 00007fff626452c8 [ 407.502109][T10649] [ 408.493658][T10661] program syz.2.1107 is using a deprecated SCSI ioctl, please convert it to SG_IO