last executing test programs: 2m17.30401658s ago: executing program 0 (id=1296): syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) socket(0x15, 0x5, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/open_files\x00', 0x200, 0x0) socket(0x2, 0x802, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 2m16.640679452s ago: executing program 0 (id=1298): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x0, 0x5, 0x7f, 0x10}, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) write$auto(0x4, 0x0, 0x100082) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)='5', 0x1) pwrite64$auto(0xffffffffffffffff, &(0x7f00000001c0)='/p\b\xae\x03\xfdyP/sys6\x1a\x91eJ\t\x99\x85Th/forw\v\x92$ing\x10\x00\x00\x00\x00\x00\x00 \xdf\x02\x00\x00\x00\xce\xd6 \x12x]\x9a\a\x7f$i\xf26<\x12f\x964&\x7f\xddDM\x9b\xc7U7\xc3\x03\x8d\xb9V\x05p\xb1f\x9aw\x00io\x7f\xff\xafj{m\xbaZJ\xf7\x14\xe6\x18\x8d\x7f\xc9\xeb\xf6\x0f\xbdm\xef6\x88\x8a\xcd\xfd\xb6D\x03[\xa5\xdb\x81[\x91E\x89\xe8\x84\xf5W\xfc\x81\xa5\b7\'\xeei\xa7\x9d3\xfaAr\xce\x9a\xc7\xbeJ\x96\xa1\x1e\xcd\x91\x1e\x81\x0f\xf0\x10Yy-\x90\\\x15\xc0(\xf6\b?N\x14\a\xa7\xde\x9c\xf2 a*\xcf /\xa2X\xe4\xcd\xc3\xcc\xbaL\x00+\xe5\x9a\xf1r^SC{\xb1U\x98p\xd51\xebM\x0eo?\x84I9\f\x83\xba?g\x8dgU/\x169\xf7i\x8d\"\x14q\xc4\x98\xad4\x90\xc80r\xa3l\xf6m\xb5\xff# [\xe5z\x1aJ\xde\xe0H\x86)\xbdg\xa3p(\x1c\x91\xfeI\xe2\x02k\xfb5b\xfe\xe4\xbd\x17\xf3\x85u\xd1\xfe\ta\xaa\x9c\xa7\xdbd\x0f\xb6O}[d4\x9f\x96\xd7&\x90\xba\xad\x7f\x89\xfa\xc7r\xde\x19\xaeJ\xf9\xd4\xc7\x90CG\xbb\x9d\xa4O\xa8\xe1n\xe7h\x9f\x00\x00a$?\t9\xba\x02\x12\x10\xb7((\xb3|Z\x06\xb7$\xcb\xc6>@\x12(O\x15<\xfa\xcf\xad\x86>>H\x12\x0f\xc3\xf6D\xc0\f\xc7\xf5|\x01s:\xfb\xe7\xf0X\xcd\xa8\xb42\x9fi\xd7&D\xff\x1c\xcc%\xd8\xd1y\xf0,\f\x1b\xb2\x8e\a\xb5\x99\xc3\xf9;\x8d\ao3\xb3\xc9\x02O\x16\xec\x027\xee\x7ft\x97\xb0\xe5\xd5\x1d\xb0\x97\xf6L\xeb\x92\xaf\xdb\xfaD\xdc Zvn\x88\t\x96\v\x1a\xf2iaN\x8d]NU\x19\xc86\x93\b\x82\x18\xdc\x11\xfeVu\'\xad\xfd\x91\xaa1\xe8O\xb6s?\xc0k;\xcdr\xfa\xcd3\x8esP\xc2\xfb\xf6l\x02$g\xe6\xcb\x1f\tG\x80I\b\xea\"H', 0x6, 0x800) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0xb01, 0x0) lseek$auto(0xffffffffffffffff, 0x7fffffffffffffff, 0x3) io_uring_setup$auto(0x6, 0x0) fsopen$auto(0x0, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) 2m15.837147824s ago: executing program 0 (id=1303): r0 = socket(0x10, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b000000", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) mmap$auto(0x0, 0x40000b, 0x8, 0x12, 0x2, 0x7ffc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setgroups$auto(0xe32, 0x0) kexec_load$auto(0x8, 0x2, &(0x7f0000000000)={@kbuf=0x0, 0x2aa7, 0x26c0000c000, 0x8}, 0x5) keyctl$auto(0x12, 0xf, 0x40000000c6e9, 0x81, 0xa472) sendmsg$auto_NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) kill$auto(r2, 0x11) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000340)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fda24d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7a197166480ef899794cab4b61107cdae019c6139ce8761b3e", 0x5f) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r3 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/available_tracers\x00', 0x40000, 0x0) read$auto_show_traces_fops_trace(r3, &(0x7f0000000640)=""/188, 0xbc) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r4, 0x0, 0x800003, 0x800000000000e2a) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_NAPI_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0x20000004) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x80, r5, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xffff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xb}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xfffffffffffffffc}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xfffffffffffffffe}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x8}]}, 0x80}, 0x1, 0x0, 0x0, 0x4010}, 0x4000000) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) 2m14.440525556s ago: executing program 0 (id=1307): syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) socket(0x15, 0x5, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/open_files\x00', 0x200, 0x0) socket(0x2, 0x802, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 2m14.11283662s ago: executing program 0 (id=1316): r0 = socket(0x10, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b000000", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) mmap$auto(0x0, 0x40000b, 0x8, 0x12, 0x2, 0x7ffc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setgroups$auto(0xe32, 0x0) kexec_load$auto(0x8, 0x2, &(0x7f0000000000)={@kbuf=0x0, 0x2aa7, 0x26c0000c000, 0x8}, 0x5) keyctl$auto(0x12, 0xf, 0x40000000c6e9, 0x81, 0xa472) sendmsg$auto_NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) kill$auto(r2, 0x11) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000340)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fda24d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7a197166480ef899794cab4b61107cdae019c6139ce8761b3e", 0x5f) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r3 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/available_tracers\x00', 0x40000, 0x0) read$auto_show_traces_fops_trace(r3, &(0x7f0000000640)=""/188, 0xbc) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r4, 0x0, 0x800003, 0x800000000000e2a) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_NAPI_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0x20000004) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x80, r5, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xffff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xb}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xfffffffffffffffc}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xfffffffffffffffe}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x8}]}, 0x80}, 0x1, 0x0, 0x0, 0x4010}, 0x4000000) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) 2m12.730501396s ago: executing program 0 (id=1315): bpf$auto(0x10, &(0x7f0000001700)=@bpf_attr_5={@target_fd=0xffffffffffffffff, 0xffffffffffffffff, 0x5, 0x2, 0xffffffffffffffff, @relative_id=0x10, 0x5}, 0x63a) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x100200, 0x1001, 0x0, 0xf, r1, 0x1400000, 0x5}, 0x6f4) (async, rerun: 64) r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x0, 0x0) (async, rerun: 64) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/irq/5/actions\x00', 0x22040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000180)=""/109, 0x6d) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88002, 0x0) (async) readv$auto(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0x1}, 0x7) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/bus/usb/003/001\x00', 0x80801, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) r4 = io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200207, 0x19) (async) getegid() close_range$auto(r0, r3, 0x0) (async, rerun: 64) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) (rerun: 64) setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2) unshare$auto(0xfffffffffffffff8) (async) unshare$auto(0x40000080) (async) mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000) (async, rerun: 64) madvise$auto(0x80000001, 0x2, 0xffff) (async, rerun: 64) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000884}, 0xc880) socket(0x10, 0x2, 0xc) (async) ioctl$auto_SOUND_OLD_MIXER_INFO(r4, 0x80304d65, &(0x7f0000000200)) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) 1m57.138704244s ago: executing program 32 (id=1315): bpf$auto(0x10, &(0x7f0000001700)=@bpf_attr_5={@target_fd=0xffffffffffffffff, 0xffffffffffffffff, 0x5, 0x2, 0xffffffffffffffff, @relative_id=0x10, 0x5}, 0x63a) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x100200, 0x1001, 0x0, 0xf, r1, 0x1400000, 0x5}, 0x6f4) (async, rerun: 64) r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x0, 0x0) (async, rerun: 64) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/irq/5/actions\x00', 0x22040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000180)=""/109, 0x6d) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88002, 0x0) (async) readv$auto(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0x1}, 0x7) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/bus/usb/003/001\x00', 0x80801, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) r4 = io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200207, 0x19) (async) getegid() close_range$auto(r0, r3, 0x0) (async, rerun: 64) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) (rerun: 64) setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2) unshare$auto(0xfffffffffffffff8) (async) unshare$auto(0x40000080) (async) mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000) (async, rerun: 64) madvise$auto(0x80000001, 0x2, 0xffff) (async, rerun: 64) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000884}, 0xc880) socket(0x10, 0x2, 0xc) (async) ioctl$auto_SOUND_OLD_MIXER_INFO(r4, 0x80304d65, &(0x7f0000000200)) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) 8.498478872s ago: executing program 1 (id=1721): r0 = prctl$auto_PR_SET_ENDIAN(0x14, 0x5ac, 0x0, 0x5, 0x6) r1 = prctl$auto_PR_SET_MDWE(0x41, 0x5, 0x0, 0x4, 0x1) splice$auto(r0, &(0x7f0000000000)=0x8, r1, &(0x7f0000000040)=0x5, 0xc7, 0x9642) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/environ\x00', 0x2000, 0x0) read$auto_proc_environ_operations_base(r4, &(0x7f0000000240)=""/80, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) mq_open$auto(0x0, 0x5, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) socket(0x15, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) write$auto(r6, 0x0, 0x6) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000015c0)=ANY=[@ANYBLOB="ec0b0000", @ANYRES16=0x0, @ANYBLOB="080029bd7000fcdbdf252100000008000b0009000000050012001000000008000e000400000005000f000100000072022d80258dd7f2238c056603ee94543bc63837864147256de27b3100238c36858de01b2ed83ae7b0639e5e136d9b5569aab1c2cad0d4ea35866263dd0d261026c23a379d5b246831c904d856db24026d80ef599988a7ae03d6a38a5b964c79bca5592745957d315b40bb590d7c6031de0e50a924f89dbca02dfce550d8d03cea2ac5040c781e46b434bd372d328aecf14347ee032fa766841ff4c5967226e2c6eb1770c0b97395ee8285b8af8d1295d166fe887f204b0a287c8f406b8d25b91341f85973cf285cc88dffcea911fc49451218fbf1895b30cb313b62aa70c9df3cb92ee13d04a09e3c124dcdb987d50300aa323aeb9f73cad1ad35dce4c3b47cb8db0b8f60bc44d324cd2b6ec9b7e18ce319e55b1dc65a9f7a47380dfa271ddcca8f317ebca5cf23750ff77e70ee221543a4083e85a7a54fe10d0400b5804900cf00a8ce222ece9197f8c5c56a5e36021b2777acdb99471b897db7322c81d5a7bb12ec5f3e618202b2cbc2a73ce9fb99abd82d03782ee66991627e37df5995e94aec073837d739000000342228e8f22d26fbbd2111b70688e331c773d26611bda1011976dc151515fd75c3b6d9c935bb2c61805c5eab8ca55a8d05c475c244cb4425026db518ca7b10da0a1bfa8a75fb1708b1d8a0f011da53b5a26cc3d11a84102cadcabd566559761968316be886661f4c4cc6b4781e03452d9f07e61c0d7eb5cb8da7a89320808988809735a81fd27bfc65de46f3ec1844b377f28b5035110cff53960344040cc4b9139e4a373dc5deb566ca0fe5e742eace6162e4684db4bee1bd9c7982452ca56d522243e2066b36a615525a97fdfcb359bf9afc3a52adb8f40004006a800800c900ac1414aa08005b0014000000000018052f800a46315272df474585354ba0638d44007d6ab338964cdccd0c351b4db8d19adec1e5b837ff0c82510650ed2dcdaba121178bce982306680193bfc38d1d5461e1dccbc7467c2760e6af4e72251fb03f8d50108bfb71dae35bfad7230cb15d6b02b9045f266f2323906933b81607e78939277f92c646312b378b002139e71800628008003000000000000c00ce00080000000000000049022180c8013f8004006e800400d5009b81ed029534538a4b26b5a76f7bd74aaf36b5b5dcd7df71397e3bb070e021d799e9c47406923cf8ec89b7bf9a68f7908bbed4bbdc9697cce4225232c2ea43ae48148344f0ac475c6d5a8c1cc842c6f9565ffde7ed05b8cd0de0519db829c705d2bf5759ce6c7f3d808e4a4c6c97205b8ee88a9f407a383552b3b8e9b1af9c2266e85622f4cbaa5e04c871546bb530ea7eb0c2a71e7ae6c756692375c64eaf23696eada0f23165cb76ebe5552e2d400289dc123a1cbfd1bc0140c52160556910e2c928283e12637371daf45b2edd5962f265492bd7f818820e16f8485f45e969a8e4c15bf8d18c74f8a97fc71f41bbbe45264ed64abbaf90964cd926f60bb1cd597b262afeb69fd075a20ba366e2e5366de8597ee066bde0e20c9ca4b1f911f613d09ac8ae30e745c88c436c21d7a8285c4bb7b8af4a81ad85943cf4e4bf980d9b89a99f374099e701a4e3229580bace02feba12e09c81274906862689862380b03ded1440ca86dbeaf8652ae99b742e53153e58473fc33b963786bbd3852b33e1f169edccc3ed9374b09603b7cd238c644bffac1b3336aef510701c0d5fbd969f522dd5736a8f76741a3020703f1e49744566ae0e35a4b34c544fb0267fc0b5c7b45edae952c8c1287050fa4b88f947d09160924d77ffd55a44a9c201360a3232869057da69a63d87d0ec81ca841c1f4cb978fcf90f11702ac0a92895d1b5ecd7b40848cdcc5e365b4fdf9880bf57c31a8b8f0737529c4b5d1a75cd7cf6ecf1f31f645a518a05c78a5f117c3608002900", @ANYRES32, @ANYRES32=r3, @ANYRES32=r0, @ANYRESDEC=r2, @ANYRESOCT=r4, @ANYRESOCT=r4, @ANYRES32, @ANYBLOB="08009a00", @ANYRES32=r5, @ANYBLOB="040023807a061c8dc1fc9344ffec8eec994d8fa7c80c13a431d782fccdd6e0b0ec2ad14c80b976c4c579b82e330ad99d968b74bf9439ad0dbab702450e7a01f20400460008002a00ac1e000104002880b535904df87afecca12a6e639d16565d6b624d6c8dc111749e39a81c9fe85469c1faca019de8e1d224f5dc11898aeb5fa231e3c93360e5c94c7bfbbb3c775c6dd8c6d240f358c00fe9d55852823254a6ba3301cb8014001d002f6465762f73657175656e6365723200f2d87d53f252c7d023a25b10e13d5374f920f065085ebfa213b04a32cd3498da083a3cc2148045fb3fff678d23825ae360e5a5292052898cf70f42e0c76e07ddfdc0a0b99742bd556ef194f3a931b581e652040077f6c60e14433581eb133a236c41c01fceded8ca1cf9f2808e5b9d1dbf7d58b15a4d275c8757b5def14cf54aee9acdd9cadfcb58f426a07a934c329aceeeee4d06d5d2b3a682fb79cc889a2875664bae67c5ef52c0604c6891c4c61d040f8d664e21090fb2bf0a5082ed6025a4c011411097681eba39ef1e11f5fcd25879232967a44ac2c3cce628650d805397b1e0f1000000000000000000000096293df1af246f980e7b24bcd4dfec2a25d1b28faa530ff834d9ce56b2e59a5b514a1505000000000000000000f6e245f09e36048f85534398b4467d961e1c8ee12789c7d2c2b4b87f6802318e4b7516fa83d96cbe620bad0bcd3516a71161b664f73612d1c629aa63a3d861aac0f82bbe44d9295abfc2e868c99a8e2a93dbbfa5b2757e0a63faac1a77a48e14fba3a321167fa95bda78042e4a372f906d774b27a7152761fc1bd2759a5782740820270796ff0e0e4f583062be69e79ef39ab6035063c88323237847bc70ae8ab60a9ca475df163f58c5eac802f8c7eb9c6146723bbca88686409d6e83e04ca004f182d64e228dee24f378be0585d5fb9a736b10bfcd80118964e16754d8d9e5a9604be95d0b479db14fa53c371918ae2ad412ffa39d230000"], 0xbec}, 0x1, 0x0, 0x0, 0x20000005}, 0x8000800) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r7 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001580)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x204, 0x0) read$auto(r7, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) readlink$auto(0x0, 0x0, 0x99c) 7.126732642s ago: executing program 1 (id=1727): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x2000000}, 0x24004804) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) r2 = gettid() rt_sigsuspend$auto(0x0, 0x8) tkill$auto(r2, 0x7) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x5, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfdf3) futex$auto(0x0, 0x6, 0x49, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x86) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, 0x0, 0x103, 0x0) openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x20081, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x2000000000000016, 0x0, 0xfffffffe, 0x400040, 0xa8) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 4.981792963s ago: executing program 1 (id=1733): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x7, 0x0) r0 = open(0x0, 0xa240, 0x1de) mmap$auto(0x0, 0x7, 0xde, 0x11, r0, 0x28000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x0, 0x0, 0x0) (async) timer_create$auto(0x0, 0x0, 0x0) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0) (async) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0) timer_gettime$auto(0x0, 0x0) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) mount$auto(0x0, 0x0, &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\x83\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)\x17\xbby\xe5\xc4w\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0Z>\xe1=\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x00'/192, 0x104, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000000000600010000000a0005000000000000000000b3fc010000000000000000000a0001000000000000000000060006000500000008000200", @ANYRES32=0x0, @ANYBLOB="0800040003"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) socket(0x2, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x3, @broadcast}, 0x6b) listen$auto(0x3, 0x81) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r1) (async) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001a80)={'wg2\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r1, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)={0x2c, r2, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x10c, 0x0, 0x0, @pid}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) (async) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r1, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)={0x2c, r2, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x10c, 0x0, 0x0, @pid}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) 4.764949471s ago: executing program 2 (id=1734): bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) timer_settime$auto(0xa, 0xb742, &(0x7f0000000000)={{0x4d4, 0x1000}, {0xa, 0x4}}, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x48000, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC2(r0, 0x80044dff, &(0x7f00000001c0)) r1 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x29, 0x5, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, r2, 0x0) read$auto(0x3, 0x0, 0xf34) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) sendto$auto(r1, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "000000000000fe8000"}, 0x1f) 3.906199429s ago: executing program 4 (id=1739): socket(0x2c, 0x3, 0x0) timer_settime$auto(0x0, 0xb746, 0x0, 0x0) close_range$auto(0x2, 0xa, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim1/psample/out_tc\x00', 0x80240, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x682, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r0, 0x80044dfb, &(0x7f0000000040)) (fail_nth: 3) ioctl$auto(r0, 0xfffffffc, 0x38) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x1, 0x0, 0x80000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyse\x00', 0x600, 0x0) ioctl$auto_TIOCGICOUNT2(r1, 0x545d, 0x0) 3.900482563s ago: executing program 3 (id=1740): r0 = memfd_secret$auto(0x1) read$auto_fops_u32_ro_(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(0x0, 0x3) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55) openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000080), 0xdaea6d7da654cc89, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x75, 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) socket(0x10, 0x2, 0x0) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000200), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r3, &(0x7f0000003bc0)={0x0, 0x0, &(0x7f0000003b80)={&(0x7f0000003980)=ANY=[@ANYBLOB="2400a936", @ANYRES16=r2, @ANYBLOB="050026bd7000fddbdf25050000000d0011002f6465762f66623100000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0xc044) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x401, 0x1ff, 0x7, 0x48, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x8, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x800000, 0x7, 0x8, 0x200, 0xfffffffd, 0x7, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2004, 0x0, 0x4, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x400000040000000, 0xffffffffffffffff, 0x4, 0x4, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0xfffffffffffffffd, 0x0, 0x11af, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffe, 0x8, 0x4000000000, 0x7, 0x2, 0x3]}, 0x1fe, 0xd) r4 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x405040, 0x0) r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$auto_SO_REUSEADDR(r5, 0x9, 0x2, &(0x7f00000000c0)='/\x00', 0x1e) ioctl$auto(r5, 0x4008af10, r4) 3.648630669s ago: executing program 2 (id=1741): umount2$auto(&(0x7f0000000080)='.\x00', 0xa) 3.414656491s ago: executing program 1 (id=1742): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f00000019c0), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_RECONFIGURE(r0, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001a00)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NBD_ATTR_INDEX={0x8}]}, 0x1c}, 0x63, 0x0, 0x0, 0x4}, 0x40010) (fail_nth: 11) 3.269844952s ago: executing program 4 (id=1743): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x304ec2, 0x0) write$auto_sg_fops_sg(r0, &(0x7f00000001c0)="bf5b1a8c24000000dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d58309037c0ae2c7", 0x30) mmap$auto(0x6, 0x8000000000000000, 0x100000000, 0x458, r0, 0x8001) capget$auto(0x0, 0xfffffffffffffffe) mmap$auto(0xffffffffffffffff, 0x7, 0x6, 0x9b72, r0, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) mmap$auto(0x0, 0x9, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) adjtimex$auto(&(0x7f00000006c0)={0x7, 0x0, 0x0, 0x8, 0x3, 0xa, 0x9, 0x0, 0x10001, 0x1, 0x0, {0x7, 0x10000}, 0x1, 0xe, 0x0, 0x1008000, 0x0, 0x80000005, 0x100083, 0xffffffffffff628e, 0xa748, 0x1, 0x1800}) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40, 0x0) readv$auto(r2, &(0x7f0000000100)={&(0x7f0000000040), 0x3}, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0x0, 0x0) lseek$auto(0x3, 0x8, 0x1) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto_UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r4 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0xfffffffffffffffd, 0x2020009, 0xa45, 0x12, r4, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/devices/virtual/net/ip_vti0/power/autosuspend_delay_ms\x00', 0xa2500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000002c0)=""/106, 0x6a) msgsnd$auto(0x7, &(0x7f0000000140)={0x6, 0x9}, 0x8001, 0x7) adjtimex$auto(&(0x7f00000002c0)={0x80, 0x0, 0x5, 0x9, 0x8000000000000001, 0x9, 0x4, 0x0, 0x1ff, 0x7, 0x3, {0x6, 0x5}, 0x7, 0x0, 0x3, 0xc68, 0x0, 0x6, 0x4, 0x7fffffff, 0x80, 0x1, 0x10001}) mmap$auto(0x0, 0x20008, 0xffffffffffffffff, 0x100000eb1, 0x40000000000a1, 0x8000008000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, r1, 0x0) close_range$auto(r3, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyq9\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x38d041, 0x0) 3.269417339s ago: executing program 2 (id=1744): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/locals\x00', 0x40, 0x0) r0 = socket(0x10, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b00", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) mmap$auto(0x0, 0x40000b, 0x8, 0x12, 0x2, 0x7ffc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setgroups$auto(0xe32, 0x0) kexec_load$auto(0x8, 0x2, &(0x7f0000000000)={@kbuf=0x0, 0x2aa7, 0x26c0000c000, 0x8}, 0x5) keyctl$auto(0x12, 0xf, 0x40000000c6e9, 0x81, 0xa472) sendmsg$auto_NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) kill$auto(r2, 0x11) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000340)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fda24d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7a197166480ef899794cab4b61107cdae019c6139ce8761b3e", 0x5f) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r3 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/available_tracers\x00', 0x40000, 0x0) read$auto_show_traces_fops_trace(r3, &(0x7f0000000640)=""/188, 0xbc) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r4, 0x0, 0x800003, 0x800000000000e2a) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_NAPI_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0x20000004) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x80, r5, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xffff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xb}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xfffffffffffffffc}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0xfffffffffffffffe}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x8}]}, 0x80}, 0x1, 0x0, 0x0, 0x4010}, 0x4000000) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) 3.266376659s ago: executing program 3 (id=1745): r0 = openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/o2hb/quorum_regions\x00', 0x200, 0x0) statmount$auto(&(0x7f00000001c0)={0x8, @inferred=r0, 0xffffffffffffffff, 0x9, 0x1}, &(0x7f00000005c0)={0x6, 0xb2fe, 0x5, 0x6, 0x3, 0x0, 0x54f4, 0x1, 0x2, 0x0, 0x7, 0x0, 0x746c, 0x6, 0x400, 0xb2, 0x10000, 0xe58, 0x0, 0x8, 0x29a, 0x0, 0x9, 0x8, 0x1000, 0x8, [0x1, 0x8, 0x1, 0x39a7, 0xfff, 0x800, 0x2, 0x59, 0x2, 0x4, 0x400000000000, 0x7f, 0x552, 0x7, 0x1, 0x6, 0x6, 0x6, 0xffffffffffffff0b, 0x8, 0x1, 0x10000, 0x3, 0xcd204a4c00000, 0x2d8d4e1, 0xb36, 0xfff, 0x80000001, 0x10, 0x358f, 0x8e, 0x4, 0x9, 0x1, 0x6ce1, 0x6, 0x7f, 0x3b04a18a, 0x80000001, 0x0, 0x94, 0x7, 0x0, 0xa92, 0x24, 0x1], "7c2b8dafbdec4d5965d5f261fa6506431cacec58faaa326eebe54584586e4df9f100d5efd6ce97422009df43871823232aac9976a890f98dc4e68cf900c3f1b1ad71e6916a3e7c3508eab63666aa3028ec01a9a4964168c4219f6795b7a5b97beceffe73e3eefd8f8222bddecb4b971c3dcadb12a6071f940084554ac210c8daf6dff87e2d6d76e73bfc0dcda17c010c629353844585d4db31075813f9f5c30c383b66667191fa9afc8c"}, 0x9, 0xb) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) socket(0x2b, 0x1, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) sendfile$auto(r2, r3, 0x0, 0xfdef) socket(0x3, 0x5, 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mtd0ro\x00', 0xe0a01, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x18, r5, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_PMSR_RESULT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x1}, 0x40000) recvmmsg$auto(r6, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) connect$auto(0x3, 0x0, 0x55) write$auto(0x3, 0x0, 0xfdef) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) tgkill$auto(0x1, 0x1, 0x5) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x800) 2.241695788s ago: executing program 4 (id=1746): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xca, 0x0, 0x1) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xfffffffffffffffd, 0x40000008000) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/22t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x59, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2) r2 = prctl$auto_PR_SCHED_CORE_GET(0x7fffffff, 0x0, 0xffffffffffffffff, 0x5a, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={0x0}}, 0x81) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) r4 = socket(0x1f, 0x800, 0xffffff01) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400, 0xdf, 0x8000000000000eb1, r4, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x403, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) move_pages$auto(0x0, 0x102, 0x0, 0x0, 0x0, 0x2) sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="200025bd7000ffdbdf250200000008001700f77729bfc82bdc949ca0f20bbe7aa4dce97dd957305558435b7e156b9984d45fe8f894d8b34b9b3531a53272e09ca215126f0b3329858c7a46d8b66c7ae4fb8ca1555f1b247d9bc407edb75bdd69765184231f5e6795d2e667065db2deae69a7fa59b558d5a63cd23133b1b0a4e9a498ddf948722fbd8e5cf2d7f9169e246628dfeaa856e54648cca8890d931fc76bc530f54c37030d380903c3a55daec2c3aabf09ea8ecea3cdb90a5aea7480769324829f8b1b11", @ANYRES8=r5, @ANYRESDEC=r3], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x20000004) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2) io_uring_enter$auto(r0, 0x11, 0x2688, 0x5, 0x0, 0x7) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 2.229471368s ago: executing program 3 (id=1747): syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) socket(0x15, 0x5, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, 0x0, 0x7, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/open_files\x00', 0x200, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 2.185941421s ago: executing program 2 (id=1748): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) socket(0x10, 0x2, 0x0) mmap$auto(0xffffffffffffffbf, 0x20009, 0x4000000000df, 0x13, 0x401, 0x7ffa) mmap$auto(0x0, 0x20009, 0x120000000, 0x40000000000eb1, 0x401, 0x0) mmap$auto(0xe2d, 0x20006, 0xdf, 0xeb1, 0xffffffffffffffff, 0x7) io_uring_setup$auto(0x6, 0x0) timer_create$auto(0x3, 0x0, 0x0) exit$auto(0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0x100, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x48000, 0x301f}, 0x4) 2.100779425s ago: executing program 3 (id=1749): socket(0x2c, 0x3, 0x0) timer_settime$auto(0x0, 0xb746, 0x0, 0x0) close_range$auto(0x2, 0xa, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim1/psample/out_tc\x00', 0x80240, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x682, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r0, 0x80044dfb, &(0x7f0000000040)) ioctl$auto(r0, 0xfffffffc, 0x38) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x1, 0x0, 0x80000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyse\x00', 0x600, 0x0) ioctl$auto_TIOCGICOUNT2(r1, 0x545d, 0x0) 1.206179821s ago: executing program 2 (id=1750): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) execveat$auto(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=&(0x7f0000000040)='\x00', &(0x7f0000000100)=&(0x7f00000000c0)='/dev/dvb/adapter0/demux0\x00', 0xa) io_uring_setup$auto(0xc, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x403c6f2b, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) readv$auto(0x3, 0x0, 0x1) read$auto(r1, 0x0, 0x1f40) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) statx$auto(0xffffffffffffffff, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0) 840.570383ms ago: executing program 3 (id=1751): r0 = socket(0x2c, 0x3, 0x0) timer_settime$auto(0x0, 0xb746, 0x0, 0x0) r1 = prctl$auto_PR_SET_TAGGED_ADDR_CTRL(0x37, 0xffff, 0x0, 0xb, 0x0) close_range$auto(r0, r1, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim1/psample/out_tc\x00', 0x80240, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x682, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r2, 0x80044dfb, &(0x7f0000000040)) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_ADD(r3, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000002d80)={&(0x7f0000000280)={0x14, r4, 0x1, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x404c045}, 0x0) ioctl$auto(r2, 0xfffffffc, 0x38) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x1, 0x0, 0x80000000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyse\x00', 0x600, 0x0) ioctl$auto_TIOCGICOUNT2(r5, 0x545d, 0x0) 684.273231ms ago: executing program 1 (id=1752): umount2$auto(&(0x7f0000000080)='.\x00', 0xa) 580.137248ms ago: executing program 4 (id=1753): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="69b5b2dfdabb136c46000229"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x3800, 0x9}, 0x7}, 0x3, 0x0) 378.977727ms ago: executing program 3 (id=1754): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0) pread64$auto(r1, &(0x7f0000000040)='veth1\x00', 0x200000000006, 0x8) r2 = socket(0x10, 0x2, 0xc) r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x24, r3, 0x10, 0x70bd2c, 0x25dfdbfa, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_FAMILY_NAME={0x0, 0x2, '%/\x00\xe2\xa8\\A\xe7Z\x02q[-\x00\x00\x00\\\xdc\xdf(\xff\xfee\xc3\x17py\x9f\xda\xb88\xaa\xf6q*\x82\xe6(\xc9\xe6B\x9aJ82\v-i(c\x92{\xd7D\xb4\xf7\xb4\t\xb2\x98b\xd3%vu\xd4\xfd\t\xd7J\x83\x19)\xb1\x00[\xdd(\xef?\xc5\xae(\x84\xefjx\xfe\xdb\xeb\xbceaAw\x1eW\x12Bh\xc3y2\xc9\x0e\xc9\x99#\x92j\x97\xbbDOi\x03\xa4\x11\x02F 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.318827][ T9311] RSP: 002b:00007f5290fc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 394.318848][ T9311] RAX: ffffffffffffffda RBX: 00007f52903a5fa0 RCX: 00007f529018d169 [ 394.318864][ T9311] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007 [ 394.318878][ T9311] RBP: 00007f5290fc7090 R08: 0000000000000000 R09: 0000000000000000 [ 394.318892][ T9311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 394.318906][ T9311] R13: 0000000000000000 R14: 00007f52903a5fa0 R15: 00007ffcbda1bf68 [ 394.318935][ T9311] [ 395.505945][ T9317] netlink: 330 bytes leftover after parsing attributes in process `syz.2.876'. [ 395.992355][ T9322] FAULT_INJECTION: forcing a failure. [ 395.992355][ T9322] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 396.140661][ T9322] CPU: 0 UID: 0 PID: 9322 Comm: syz.3.877 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 396.140694][ T9322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 396.140715][ T9322] Call Trace: [ 396.140722][ T9322] [ 396.140730][ T9322] dump_stack_lvl+0x16c/0x1f0 [ 396.140767][ T9322] should_fail_ex+0x512/0x640 [ 396.140799][ T9322] _copy_from_iter+0x2a4/0x15b0 [ 396.140830][ T9322] ? __alloc_skb+0x200/0x380 [ 396.140860][ T9322] ? __pfx__copy_from_iter+0x10/0x10 [ 396.140891][ T9322] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 396.140934][ T9322] netlink_sendmsg+0x829/0xdd0 [ 396.140972][ T9322] ? __pfx_netlink_sendmsg+0x10/0x10 [ 396.141017][ T9322] sock_write_iter+0x4fc/0x5b0 [ 396.141055][ T9322] ? __pfx_sock_write_iter+0x10/0x10 [ 396.141103][ T9322] ? bpf_lsm_file_permission+0x9/0x10 [ 396.141133][ T9322] ? security_file_permission+0x71/0x210 [ 396.141165][ T9322] ? rw_verify_area+0xcf/0x680 [ 396.141196][ T9322] vfs_write+0x5ba/0x1180 [ 396.141228][ T9322] ? __pfx_sock_write_iter+0x10/0x10 [ 396.141269][ T9322] ? __pfx_vfs_write+0x10/0x10 [ 396.141299][ T9322] ? find_held_lock+0x2b/0x80 [ 396.141346][ T9322] ksys_write+0x205/0x240 [ 396.141381][ T9322] ? __pfx_ksys_write+0x10/0x10 [ 396.141411][ T9322] ? rcu_is_watching+0x12/0xc0 [ 396.141448][ T9322] do_syscall_64+0xcd/0x260 [ 396.141483][ T9322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.141507][ T9322] RIP: 0033:0x7f529018d169 [ 396.141525][ T9322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.141547][ T9322] RSP: 002b:00007f5290f85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 396.141568][ T9322] RAX: ffffffffffffffda RBX: 00007f52903a6160 RCX: 00007f529018d169 [ 396.141584][ T9322] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000008 [ 396.141598][ T9322] RBP: 00007f5290f85090 R08: 0000000000000000 R09: 0000000000000000 [ 396.141612][ T9322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 396.141626][ T9322] R13: 0000000000000000 R14: 00007f52903a6160 R15: 00007ffcbda1bf68 [ 396.141654][ T9322] [ 397.129775][ T9319] Process accounting paused [ 397.220726][ T9332] FAULT_INJECTION: forcing a failure. [ 397.220726][ T9332] name failslab, interval 1, probability 0, space 0, times 0 [ 397.315639][ T9332] CPU: 0 UID: 0 PID: 9332 Comm: syz.0.880 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 397.315670][ T9332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 397.315684][ T9332] Call Trace: [ 397.315691][ T9332] [ 397.315699][ T9332] dump_stack_lvl+0x16c/0x1f0 [ 397.315738][ T9332] should_fail_ex+0x512/0x640 [ 397.315764][ T9332] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 397.315804][ T9332] should_failslab+0xc2/0x120 [ 397.315826][ T9332] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 397.315862][ T9332] ? __alloc_skb+0x2b2/0x380 [ 397.315895][ T9332] __alloc_skb+0x2b2/0x380 [ 397.315923][ T9332] ? __pfx___alloc_skb+0x10/0x10 [ 397.315954][ T9332] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 397.315986][ T9332] ? __lock_acquire+0xaa4/0x1ba0 [ 397.316012][ T9332] netlink_alloc_large_skb+0x69/0x130 [ 397.316048][ T9332] netlink_sendmsg+0x6a1/0xdd0 [ 397.316086][ T9332] ? __pfx_netlink_sendmsg+0x10/0x10 [ 397.316131][ T9332] ____sys_sendmsg+0xa95/0xc70 [ 397.316170][ T9332] ? copy_msghdr_from_user+0x10a/0x160 [ 397.316200][ T9332] ? __pfx_____sys_sendmsg+0x10/0x10 [ 397.316251][ T9332] ___sys_sendmsg+0x134/0x1d0 [ 397.316282][ T9332] ? __pfx____sys_sendmsg+0x10/0x10 [ 397.316346][ T9332] __sys_sendmsg+0x16d/0x220 [ 397.316377][ T9332] ? __pfx___sys_sendmsg+0x10/0x10 [ 397.316415][ T9332] ? rcu_is_watching+0x12/0xc0 [ 397.316452][ T9332] do_syscall_64+0xcd/0x260 [ 397.316488][ T9332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.316512][ T9332] RIP: 0033:0x7f0a7958d169 [ 397.316529][ T9332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.316552][ T9332] RSP: 002b:00007f0a7a33b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 397.316574][ T9332] RAX: ffffffffffffffda RBX: 00007f0a797a5fa0 RCX: 00007f0a7958d169 [ 397.316594][ T9332] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 397.316608][ T9332] RBP: 00007f0a7a33b090 R08: 0000000000000000 R09: 0000000000000000 [ 397.316623][ T9332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 397.316636][ T9332] R13: 0000000000000000 R14: 00007f0a797a5fa0 R15: 00007ffc35d42b48 [ 397.316665][ T9332] [ 399.433267][ T9356] netlink: 330 bytes leftover after parsing attributes in process `syz.3.885'. [ 402.435033][ T9390] ICMPv6: process `syz.1.894' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 403.154854][ T9400] ip_vti0: entered allmulticast mode [ 404.915085][ T9422] Unable to find swap-space signature [ 408.728522][ T9464] Process accounting paused [ 412.087260][ T9500] Unable to find swap-space signature [ 414.219684][ T9526] FAULT_INJECTION: forcing a failure. [ 414.219684][ T9526] name failslab, interval 1, probability 0, space 0, times 0 [ 414.371610][ T9527] netlink: 342 bytes leftover after parsing attributes in process `syz.0.929'. [ 414.503797][ T9526] CPU: 0 UID: 0 PID: 9526 Comm: syz.0.929 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 414.503830][ T9526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 414.503844][ T9526] Call Trace: [ 414.503851][ T9526] [ 414.503860][ T9526] dump_stack_lvl+0x16c/0x1f0 [ 414.503897][ T9526] should_fail_ex+0x512/0x640 [ 414.503923][ T9526] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 414.503959][ T9526] should_failslab+0xc2/0x120 [ 414.503980][ T9526] __kmalloc_cache_noprof+0x6a/0x3e0 [ 414.504011][ T9526] ? __lock_acquire+0xaa4/0x1ba0 [ 414.504032][ T9526] ? snd_timer_instance_new+0x47/0x2e0 [ 414.504072][ T9526] snd_timer_instance_new+0x47/0x2e0 [ 414.504109][ T9526] snd_seq_timer_open+0x1cc/0x5e0 [ 414.504141][ T9526] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 414.504173][ T9526] ? find_held_lock+0x2b/0x80 [ 414.504206][ T9526] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 414.504237][ T9526] ? lockdep_hardirqs_on+0x7c/0x110 [ 414.504281][ T9526] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 414.504313][ T9526] queue_use+0xe3/0x250 [ 414.504335][ T9526] snd_seq_queue_alloc+0x2e5/0x550 [ 414.504363][ T9526] snd_seq_ioctl_create_queue+0xa9/0x380 [ 414.504397][ T9526] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 414.504435][ T9526] alloc_seq_queue+0xda/0x180 [ 414.504469][ T9526] ? __pfx_alloc_seq_queue+0x10/0x10 [ 414.504520][ T9526] ? mark_held_locks+0x49/0x80 [ 414.504554][ T9526] ? _raw_spin_unlock_irq+0x23/0x50 [ 414.504584][ T9526] snd_seq_oss_open+0x38c/0xa20 [ 414.504624][ T9526] odev_open+0x6f/0x90 [ 414.504654][ T9526] ? __pfx_odev_open+0x10/0x10 [ 414.504685][ T9526] soundcore_open+0x409/0x580 [ 414.504724][ T9526] ? __pfx_soundcore_open+0x10/0x10 [ 414.504754][ T9526] chrdev_open+0x231/0x6a0 [ 414.504788][ T9526] ? __pfx_apparmor_file_open+0x10/0x10 [ 414.504818][ T9526] ? __pfx_chrdev_open+0x10/0x10 [ 414.504855][ T9526] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 414.504892][ T9526] do_dentry_open+0x741/0x1c10 [ 414.504925][ T9526] ? __pfx_chrdev_open+0x10/0x10 [ 414.504966][ T9526] vfs_open+0x82/0x3f0 [ 414.504991][ T9526] path_openat+0x1e5e/0x2d40 [ 414.505035][ T9526] ? __pfx_path_openat+0x10/0x10 [ 414.505076][ T9526] do_filp_open+0x20b/0x470 [ 414.505109][ T9526] ? __pfx_do_filp_open+0x10/0x10 [ 414.505163][ T9526] ? alloc_fd+0x471/0x7d0 [ 414.505202][ T9526] do_sys_openat2+0x11b/0x1d0 [ 414.505225][ T9526] ? __pfx_do_sys_openat2+0x10/0x10 [ 414.505259][ T9526] __x64_sys_openat+0x174/0x210 [ 414.505284][ T9526] ? __pfx___x64_sys_openat+0x10/0x10 [ 414.505310][ T9526] ? rcu_is_watching+0x12/0xc0 [ 414.505345][ T9526] do_syscall_64+0xcd/0x260 [ 414.505380][ T9526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.505403][ T9526] RIP: 0033:0x7f0a7958d169 [ 414.505422][ T9526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.505444][ T9526] RSP: 002b:00007f0a7a33b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 414.505464][ T9526] RAX: ffffffffffffffda RBX: 00007f0a797a5fa0 RCX: 00007f0a7958d169 [ 414.505479][ T9526] RDX: 00000000001c8340 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 414.505493][ T9526] RBP: 00007f0a7960e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 414.505507][ T9526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 414.505521][ T9526] R13: 0000000000000000 R14: 00007f0a797a5fa0 R15: 00007ffc35d42b48 [ 414.505549][ T9526] [ 420.307344][ T9584] FAULT_INJECTION: forcing a failure. [ 420.307344][ T9584] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 420.497879][ T9584] CPU: 0 UID: 0 PID: 9584 Comm: syz.2.946 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 420.497913][ T9584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 420.497926][ T9584] Call Trace: [ 420.497934][ T9584] [ 420.497942][ T9584] dump_stack_lvl+0x16c/0x1f0 [ 420.497979][ T9584] should_fail_ex+0x512/0x640 [ 420.498011][ T9584] _copy_to_user+0x32/0xd0 [ 420.498042][ T9584] simple_read_from_buffer+0xcb/0x170 [ 420.498077][ T9584] proc_fail_nth_read+0x197/0x270 [ 420.498111][ T9584] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 420.498147][ T9584] ? rw_verify_area+0xcf/0x680 [ 420.498175][ T9584] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 420.498207][ T9584] vfs_read+0x1de/0xc70 [ 420.498242][ T9584] ? __pfx___mutex_lock+0x10/0x10 [ 420.498277][ T9584] ? __pfx_vfs_read+0x10/0x10 [ 420.498315][ T9584] ? __fget_files+0x20e/0x3c0 [ 420.498364][ T9584] ksys_read+0x12a/0x240 [ 420.498395][ T9584] ? __pfx_ksys_read+0x10/0x10 [ 420.498425][ T9584] ? rcu_is_watching+0x12/0xc0 [ 420.498463][ T9584] do_syscall_64+0xcd/0x260 [ 420.498499][ T9584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.498522][ T9584] RIP: 0033:0x7fd442b8bb7c [ 420.498540][ T9584] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 420.498562][ T9584] RSP: 002b:00007fd443a03030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 420.498583][ T9584] RAX: ffffffffffffffda RBX: 00007fd442da5fa0 RCX: 00007fd442b8bb7c [ 420.498599][ T9584] RDX: 000000000000000f RSI: 00007fd443a030a0 RDI: 0000000000000006 [ 420.498613][ T9584] RBP: 00007fd443a03090 R08: 0000000000000000 R09: 0000000000000000 [ 420.498627][ T9584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 420.498641][ T9584] R13: 0000000000000000 R14: 00007fd442da5fa0 R15: 00007ffe89c21f78 [ 420.498670][ T9584] [ 422.305751][ T9612] FAULT_INJECTION: forcing a failure. [ 422.305751][ T9612] name failslab, interval 1, probability 0, space 0, times 0 [ 422.616645][ T9612] CPU: 0 UID: 0 PID: 9612 Comm: syz.1.952 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 422.616677][ T9612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 422.616691][ T9612] Call Trace: [ 422.616698][ T9612] [ 422.616706][ T9612] dump_stack_lvl+0x16c/0x1f0 [ 422.616742][ T9612] should_fail_ex+0x512/0x640 [ 422.616768][ T9612] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 422.616805][ T9612] should_failslab+0xc2/0x120 [ 422.616826][ T9612] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 422.616861][ T9612] ? alloc_empty_file+0x55/0x1e0 [ 422.616889][ T9612] alloc_empty_file+0x55/0x1e0 [ 422.616913][ T9612] path_openat+0xe0/0x2d40 [ 422.616944][ T9612] ? __x64_sys_openat+0x174/0x210 [ 422.616967][ T9612] ? do_syscall_64+0xcd/0x260 [ 422.617000][ T9612] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.617032][ T9612] ? __pfx_path_openat+0x10/0x10 [ 422.617072][ T9612] do_filp_open+0x20b/0x470 [ 422.617105][ T9612] ? __pfx_do_filp_open+0x10/0x10 [ 422.617158][ T9612] ? alloc_fd+0x471/0x7d0 [ 422.617198][ T9612] do_sys_openat2+0x11b/0x1d0 [ 422.617225][ T9612] ? __pfx_do_sys_openat2+0x10/0x10 [ 422.617252][ T9612] ? __fget_files+0x20e/0x3c0 [ 422.617283][ T9612] ? rcu_watching_snap_stopped_since+0x40/0x110 [ 422.617319][ T9612] __x64_sys_openat+0x174/0x210 [ 422.617344][ T9612] ? __pfx___x64_sys_openat+0x10/0x10 [ 422.617368][ T9612] ? ksys_write+0x1b9/0x240 [ 422.617408][ T9612] do_syscall_64+0xcd/0x260 [ 422.617442][ T9612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.617464][ T9612] RIP: 0033:0x7f67e758d169 [ 422.617481][ T9612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.617502][ T9612] RSP: 002b:00007f67e83d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 422.617523][ T9612] RAX: ffffffffffffffda RBX: 00007f67e77a6320 RCX: 00007f67e758d169 [ 422.617538][ T9612] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 422.617552][ T9612] RBP: 00007f67e83d6090 R08: 0000000000000000 R09: 0000000000000000 [ 422.617566][ T9612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 422.617579][ T9612] R13: 0000000000000001 R14: 00007f67e77a6320 R15: 00007ffd379e8608 [ 422.617607][ T9612] [ 426.002236][ T9646] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 426.665657][ T9646] CIFS mount error: No usable UNC path provided in device string! [ 426.665657][ T9646] [ 426.805846][ T9646] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 429.272436][ T9669] netlink: 74 bytes leftover after parsing attributes in process `syz.1.967'. [ 429.321530][ T9671] netlink: 74 bytes leftover after parsing attributes in process `syz.1.967'. [ 432.311646][ T9683] netlink: 4 bytes leftover after parsing attributes in process `syz.3.970'. [ 435.378285][ T9711] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 435.515788][ T9711] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 435.575812][ T9711] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 435.692920][ T9711] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 437.435564][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 437.595624][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 437.602068][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 437.675582][ T9737] Bluetooth: hci3: command 0x0c1a tx timeout [ 439.258424][ T9745] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5) [ 441.162571][ T9752] Process accounting resumed [ 443.927913][ T9777] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 443.972310][ T9777] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 444.032470][ T9777] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 444.115995][ T9777] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 445.202641][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.215531][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.677830][ T9737] Bluetooth: hci0: command 0x0c1a tx timeout [ 445.997739][ T9737] Bluetooth: hci1: command 0x0c1a tx timeout [ 446.082009][ T9737] Bluetooth: hci2: command 0x0c1a tx timeout [ 446.155525][ T9737] Bluetooth: hci3: command 0x0c1a tx timeout [ 450.206477][ T9841] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 450.253295][ T9841] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 450.340622][ T9841] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 450.450359][ T9841] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 451.438252][ T9737] Bluetooth: hci0: command 0x0c1a tx timeout [ 452.323476][ T9737] Bluetooth: hci1: command 0x0c1a tx timeout [ 452.396053][ T9737] Bluetooth: hci2: command 0x0c1a tx timeout [ 452.479607][ T9737] Bluetooth: hci3: command 0x0c1a tx timeout [ 453.318637][ T9862] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 453.355351][ T9862] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 453.531057][ T9862] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 453.609315][ T9862] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 454.260063][ T9882] Unable to find swap-space signature [ 455.275626][ T9737] Bluetooth: hci0: command 0x0c1a tx timeout [ 455.336039][ T9891] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1020'. [ 455.358975][ T9737] Bluetooth: hci1: command 0x0c1a tx timeout [ 455.595676][ T9737] Bluetooth: hci2: command 0x0c1a tx timeout [ 455.675690][ T9737] Bluetooth: hci3: command 0x0c1a tx timeout [ 457.776628][ T9920] FAULT_INJECTION: forcing a failure. [ 457.776628][ T9920] name fail_futex, interval 1, probability 0, space 0, times 0 [ 457.920089][ T9920] CPU: 0 UID: 4 PID: 9920 Comm: syz.1.1026 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 457.920122][ T9920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 457.920138][ T9920] Call Trace: [ 457.920146][ T9920] [ 457.920155][ T9920] dump_stack_lvl+0x16c/0x1f0 [ 457.920195][ T9920] should_fail_ex+0x512/0x640 [ 457.920226][ T9920] get_futex_key+0x49e/0x1000 [ 457.920259][ T9920] ? kasan_save_stack+0x42/0x60 [ 457.920295][ T9920] ? kasan_save_free_info+0x3b/0x60 [ 457.920325][ T9920] ? __pfx_get_futex_key+0x10/0x10 [ 457.920355][ T9920] ? do_syscall_64+0xcd/0x260 [ 457.920409][ T9920] futex_wake+0xe7/0x4e0 [ 457.920434][ T9920] ? __pfx_futex_wake+0x10/0x10 [ 457.920469][ T9920] do_futex+0x1e3/0x350 [ 457.920503][ T9920] ? __pfx_do_futex+0x10/0x10 [ 457.920535][ T9920] ? kasan_quarantine_put+0x10a/0x240 [ 457.920569][ T9920] ? lockdep_hardirqs_on+0x7c/0x110 [ 457.920608][ T9920] __x64_sys_futex+0x1e0/0x4c0 [ 457.920647][ T9920] ? __pfx___x64_sys_futex+0x10/0x10 [ 457.920683][ T9920] ? __pfx___x64_sys_mount+0x10/0x10 [ 457.920705][ T9920] ? rcu_is_watching+0x12/0xc0 [ 457.920744][ T9920] do_syscall_64+0xcd/0x260 [ 457.920781][ T9920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.920806][ T9920] RIP: 0033:0x7f67e758d169 [ 457.920837][ T9920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.920860][ T9920] RSP: 002b:00007f67e845a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 457.920882][ T9920] RAX: ffffffffffffffda RBX: 00007f67e77a5fa8 RCX: 00007f67e758d169 [ 457.920898][ T9920] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f67e77a5fac [ 457.920913][ T9920] RBP: 00007f67e77a5fa0 R08: 00007f67e845b000 R09: 0000000000000000 [ 457.920928][ T9920] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f67e77a5fac [ 457.920943][ T9920] R13: 0000000000000000 R14: 00007ffd379e8520 R15: 00007ffd379e8608 [ 457.920971][ T9920] [ 458.120165][ C0] vkms_vblank_simulate: vblank timer overrun [ 463.699688][ T9956] netlink: 'syz.0.1035': attribute type 2 has an invalid length. [ 471.438997][ T9985] Process accounting paused [ 472.857825][T10026] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1051'. [ 474.896721][T10047] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1059'. [ 476.500844][T10075] Scaler: ================= START STATUS ================= [ 476.540492][T10075] Scaler: ================== END STATUS ================== [ 476.828863][T10077] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 476.865586][T10077] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 476.901605][T10079] FAULT_INJECTION: forcing a failure. [ 476.901605][T10079] name failslab, interval 1, probability 0, space 0, times 0 [ 477.120577][T10079] CPU: 0 UID: 0 PID: 10079 Comm: syz.0.1067 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 477.120609][T10079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 477.120623][T10079] Call Trace: [ 477.120631][T10079] [ 477.120639][T10079] dump_stack_lvl+0x16c/0x1f0 [ 477.120678][T10079] should_fail_ex+0x512/0x640 [ 477.120705][T10079] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 477.120743][T10079] should_failslab+0xc2/0x120 [ 477.120765][T10079] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 477.120799][T10079] ? __proc_create+0xc3/0x8c0 [ 477.120835][T10079] ? __proc_create+0x2ce/0x8c0 [ 477.120862][T10079] __proc_create+0x2ce/0x8c0 [ 477.120887][T10079] ? __pfx___proc_create+0x10/0x10 [ 477.120909][T10079] ? _raw_write_unlock+0x28/0x50 [ 477.120937][T10079] ? proc_register+0x314/0x5f0 [ 477.120970][T10079] _proc_mkdir+0xb9/0x200 [ 477.120994][T10079] ? __pfx__proc_mkdir+0x10/0x10 [ 477.121025][T10079] ? __pfx_netfilter_net_init+0x10/0x10 [ 477.121052][T10079] netfilter_net_init+0x37b/0x4b0 [ 477.121076][T10079] ? sysctl_net_init+0x27/0x30 [ 477.121110][T10079] ops_init+0x1df/0x5f0 [ 477.121144][T10079] setup_net+0x21e/0x850 [ 477.121177][T10079] ? __pfx_setup_net+0x10/0x10 [ 477.121206][T10079] ? lockdep_init_map_type+0x5c/0x280 [ 477.121229][T10079] ? __pfx_down_read_killable+0x10/0x10 [ 477.121269][T10079] ? debug_mutex_init+0x37/0x70 [ 477.121300][T10079] copy_net_ns+0x2a6/0x5f0 [ 477.121342][T10079] create_new_namespaces+0x3ea/0xad0 [ 477.121382][T10079] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 477.121417][T10079] ksys_unshare+0x45b/0xa40 [ 477.121452][T10079] ? __pfx_ksys_unshare+0x10/0x10 [ 477.121487][T10079] ? ksys_write+0x1b9/0x240 [ 477.121519][T10079] ? rcu_is_watching+0x12/0xc0 [ 477.121553][T10079] __x64_sys_unshare+0x31/0x40 [ 477.121587][T10079] do_syscall_64+0xcd/0x260 [ 477.121627][T10079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.121649][T10079] RIP: 0033:0x7f0a7958d169 [ 477.121666][T10079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 477.121687][T10079] RSP: 002b:00007f0a7a33b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 477.121710][T10079] RAX: ffffffffffffffda RBX: 00007f0a797a5fa0 RCX: 00007f0a7958d169 [ 477.121725][T10079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 477.121738][T10079] RBP: 00007f0a7a33b090 R08: 0000000000000000 R09: 0000000000000000 [ 477.121752][T10079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 477.121765][T10079] R13: 0000000000000000 R14: 00007f0a797a5fa0 R15: 00007ffc35d42b48 [ 477.121793][T10079] [ 477.669755][T10079] cannot create netfilter proc entry [ 477.795467][ T30] audit: type=1800 audit(6039008997.434:19): pid=10081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1069" name="members" dev="configfs" ino=27767 res=0 errno=0 [ 482.453609][T10138] FAULT_INJECTION: forcing a failure. [ 482.453609][T10138] name failslab, interval 1, probability 0, space 0, times 0 [ 482.652868][T10138] CPU: 0 UID: 0 PID: 10138 Comm: syz.0.1085 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 482.652903][T10138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 482.652917][T10138] Call Trace: [ 482.652924][T10138] [ 482.652933][T10138] dump_stack_lvl+0x16c/0x1f0 [ 482.652971][T10138] should_fail_ex+0x512/0x640 [ 482.653004][T10138] should_failslab+0xc2/0x120 [ 482.653026][T10138] __kmalloc_cache_noprof+0x6a/0x3e0 [ 482.653067][T10138] ? __pfx___might_resched+0x10/0x10 [ 482.653103][T10138] ? cfcnfg_create+0x5e/0x500 [ 482.653137][T10138] ? __pfx_caif_init_net+0x10/0x10 [ 482.653169][T10138] cfcnfg_create+0x5e/0x500 [ 482.653200][T10138] ? debug_mutex_init+0x37/0x70 [ 482.653230][T10138] ? __pfx_caif_init_net+0x10/0x10 [ 482.653259][T10138] caif_init_net+0x7d/0xe0 [ 482.653289][T10138] ops_init+0x1df/0x5f0 [ 482.653326][T10138] setup_net+0x21e/0x850 [ 482.653362][T10138] ? __pfx_setup_net+0x10/0x10 [ 482.653394][T10138] ? lockdep_init_map_type+0x5c/0x280 [ 482.653416][T10138] ? __pfx_down_read_killable+0x10/0x10 [ 482.653459][T10138] ? debug_mutex_init+0x37/0x70 [ 482.653492][T10138] copy_net_ns+0x2a6/0x5f0 [ 482.653531][T10138] create_new_namespaces+0x3ea/0xad0 [ 482.653572][T10138] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 482.653610][T10138] ksys_unshare+0x45b/0xa40 [ 482.653648][T10138] ? __pfx_ksys_unshare+0x10/0x10 [ 482.653683][T10138] ? xfd_validate_state+0x5d/0x180 [ 482.653712][T10138] ? rcu_is_watching+0x12/0xc0 [ 482.653748][T10138] __x64_sys_unshare+0x31/0x40 [ 482.653785][T10138] do_syscall_64+0xcd/0x260 [ 482.653822][T10138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.653846][T10138] RIP: 0033:0x7f0a7958d169 [ 482.653864][T10138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.653887][T10138] RSP: 002b:00007f0a7a33b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 482.653913][T10138] RAX: ffffffffffffffda RBX: 00007f0a797a5fa0 RCX: 00007f0a7958d169 [ 482.653929][T10138] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 482.653944][T10138] RBP: 00007f0a7960e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 482.653958][T10138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 482.653972][T10138] R13: 0000000000000000 R14: 00007f0a797a5fa0 R15: 00007ffc35d42b48 [ 482.654002][T10138] [ 483.336747][T10144] FAULT_INJECTION: forcing a failure. [ 483.336747][T10144] name failslab, interval 1, probability 0, space 0, times 0 [ 483.365612][ T9737] Bluetooth: hci3: unexpected event 0x1d length: 1 < 5 [ 483.396298][T10144] CPU: 0 UID: 0 PID: 10144 Comm: syz.1.1087 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 483.396331][T10144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 483.396345][T10144] Call Trace: [ 483.396352][T10144] [ 483.396360][T10144] dump_stack_lvl+0x16c/0x1f0 [ 483.396397][T10144] should_fail_ex+0x512/0x640 [ 483.396424][T10144] ? __kmalloc_noprof+0xbf/0x510 [ 483.396461][T10144] ? __register_sysctl_table+0xea2/0x1900 [ 483.396486][T10144] should_failslab+0xc2/0x120 [ 483.396507][T10144] __kmalloc_noprof+0xd2/0x510 [ 483.396540][T10144] ? __register_sysctl_table+0xe8e/0x1900 [ 483.396572][T10144] __register_sysctl_table+0xea2/0x1900 [ 483.396604][T10144] ? __pfx___register_sysctl_table+0x10/0x10 [ 483.396628][T10144] ? is_module_address+0x69/0xf0 [ 483.396649][T10144] ? register_net_sysctl_sz+0x228/0x3e0 [ 483.396687][T10144] ? __asan_memcpy+0x3c/0x60 [ 483.396717][T10144] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 483.396751][T10144] nf_lwtunnel_net_init+0x60/0xf0 [ 483.396783][T10144] ops_init+0x1df/0x5f0 [ 483.396819][T10144] setup_net+0x21e/0x850 [ 483.396853][T10144] ? __pfx_setup_net+0x10/0x10 [ 483.396884][T10144] ? lockdep_init_map_type+0x5c/0x280 [ 483.396906][T10144] ? __pfx_down_read_killable+0x10/0x10 [ 483.396948][T10144] ? debug_mutex_init+0x37/0x70 [ 483.396980][T10144] copy_net_ns+0x2a6/0x5f0 [ 483.397026][T10144] create_new_namespaces+0x3ea/0xad0 [ 483.397068][T10144] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 483.397104][T10144] ksys_unshare+0x45b/0xa40 [ 483.397141][T10144] ? __pfx_ksys_unshare+0x10/0x10 [ 483.397176][T10144] ? xfd_validate_state+0x5d/0x180 [ 483.397203][T10144] ? rcu_is_watching+0x12/0xc0 [ 483.397239][T10144] __x64_sys_unshare+0x31/0x40 [ 483.397274][T10144] do_syscall_64+0xcd/0x260 [ 483.397310][T10144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.397334][T10144] RIP: 0033:0x7f67e758d169 [ 483.397351][T10144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 483.397374][T10144] RSP: 002b:00007f67e8439038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 483.397395][T10144] RAX: ffffffffffffffda RBX: 00007f67e77a6080 RCX: 00007f67e758d169 [ 483.397410][T10144] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 483.397424][T10144] RBP: 00007f67e760e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 483.397438][T10144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 483.397452][T10144] R13: 0000000000000000 R14: 00007f67e77a6080 R15: 00007ffd379e8608 [ 483.397481][T10144] [ 483.397491][T10144] sysctl could not get directory: /net -12 [ 484.766122][T10153] FAULT_INJECTION: forcing a failure. [ 484.766122][T10153] name failslab, interval 1, probability 0, space 0, times 0 [ 484.968568][T10153] CPU: 0 UID: 0 PID: 10153 Comm: syz.2.1089 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 484.968600][T10153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 484.968614][T10153] Call Trace: [ 484.968621][T10153] [ 484.968630][T10153] dump_stack_lvl+0x16c/0x1f0 [ 484.968667][T10153] should_fail_ex+0x512/0x640 [ 484.968694][T10153] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 484.968733][T10153] should_failslab+0xc2/0x120 [ 484.968755][T10153] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 484.968789][T10153] ? __proc_create+0xc3/0x8c0 [ 484.968813][T10153] ? __proc_create+0x2ce/0x8c0 [ 484.968841][T10153] __proc_create+0x2ce/0x8c0 [ 484.968866][T10153] ? __pfx___proc_create+0x10/0x10 [ 484.968895][T10153] ? __pfx___netlink_kernel_create+0x10/0x10 [ 484.968945][T10153] proc_create_reg+0x7d/0x180 [ 484.968973][T10153] proc_create_seq_private+0x8e/0x1d0 [ 484.969001][T10153] ? __pfx_proc_create_seq_private+0x10/0x10 [ 484.969029][T10153] ? __pfx_nl_fib_input+0x10/0x10 [ 484.969066][T10153] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 484.969099][T10153] ip_rt_do_proc_init+0x57/0x1b0 [ 484.969133][T10153] ops_init+0x1df/0x5f0 [ 484.969167][T10153] setup_net+0x21e/0x850 [ 484.969200][T10153] ? __pfx_setup_net+0x10/0x10 [ 484.969229][T10153] ? lockdep_init_map_type+0x5c/0x280 [ 484.969252][T10153] ? __pfx_down_read_killable+0x10/0x10 [ 484.969291][T10153] ? debug_mutex_init+0x37/0x70 [ 484.969321][T10153] copy_net_ns+0x2a6/0x5f0 [ 484.969358][T10153] create_new_namespaces+0x3ea/0xad0 [ 484.969396][T10153] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 484.969431][T10153] ksys_unshare+0x45b/0xa40 [ 484.969466][T10153] ? __pfx_ksys_unshare+0x10/0x10 [ 484.969499][T10153] ? xfd_validate_state+0x5d/0x180 [ 484.969525][T10153] ? rcu_is_watching+0x12/0xc0 [ 484.969559][T10153] __x64_sys_unshare+0x31/0x40 [ 484.969593][T10153] do_syscall_64+0xcd/0x260 [ 484.969627][T10153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.969649][T10153] RIP: 0033:0x7fd442b8d169 [ 484.969667][T10153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.969690][T10153] RSP: 002b:00007fd443a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 484.969711][T10153] RAX: ffffffffffffffda RBX: 00007fd442da5fa0 RCX: 00007fd442b8d169 [ 484.969726][T10153] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 484.969740][T10153] RBP: 00007fd442c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 484.969754][T10153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.969768][T10153] R13: 0000000000000000 R14: 00007fd442da5fa0 R15: 00007ffe89c21f78 [ 484.969796][T10153] [ 485.237209][ C0] vkms_vblank_simulate: vblank timer overrun [ 487.612594][T10179] hub 2-0:1.0: USB hub found [ 487.716487][T10179] hub 2-0:1.0: 1 port detected [ 489.354824][T10199] snd_aloop snd_aloop.0: control 16781581:65535:6:é'x?F¢é‹i|`ËŽpCªáª:8 is already present [ 489.417552][T10200] HfR: entered promiscuous mode [ 489.459362][T10200] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1104'. [ 489.531922][T10200] HfR: left promiscuous mode [ 492.978795][T10228] hub 2-0:1.0: USB hub found [ 493.033692][T10228] hub 2-0:1.0: 1 port detected [ 493.760073][ T9737] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 493.760105][ T9737] Bluetooth: hci1: unexpected subevent 0x05 length: 725 > 12 [ 494.153003][T10244] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1114'. [ 495.837018][ T9737] Bluetooth: hci1: command 0x0c1a tx timeout [ 498.175680][T10304] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1127'. [ 498.385196][T10308] FAULT_INJECTION: forcing a failure. [ 498.385196][T10308] name failslab, interval 1, probability 0, space 0, times 0 [ 498.510861][T10308] CPU: 0 UID: 0 PID: 10308 Comm: syz.0.1130 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 498.510894][T10308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 498.510908][T10308] Call Trace: [ 498.510916][T10308] [ 498.510925][T10308] dump_stack_lvl+0x16c/0x1f0 [ 498.510961][T10308] should_fail_ex+0x512/0x640 [ 498.510988][T10308] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 498.511027][T10308] should_failslab+0xc2/0x120 [ 498.511049][T10308] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 498.511083][T10308] ? __pfx_namespace_unlock+0x10/0x10 [ 498.511116][T10308] ? alloc_empty_file+0x55/0x1e0 [ 498.511144][T10308] alloc_empty_file+0x55/0x1e0 [ 498.511169][T10308] dentry_open+0x46/0xd0 [ 498.511193][T10308] vfs_open_tree+0x732/0x910 [ 498.511238][T10308] ? __pfx_vfs_open_tree+0x10/0x10 [ 498.511273][T10308] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 498.511297][T10308] ? syscall_user_dispatch+0x78/0x140 [ 498.511326][T10308] __x64_sys_open_tree+0x84/0x130 [ 498.511348][T10308] do_syscall_64+0xcd/0x260 [ 498.511382][T10308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.511404][T10308] RIP: 0033:0x7f0a7958d169 [ 498.511421][T10308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 498.511444][T10308] RSP: 002b:00007f0a7a33b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac [ 498.511465][T10308] RAX: ffffffffffffffda RBX: 00007f0a797a5fa0 RCX: 00007f0a7958d169 [ 498.511481][T10308] RDX: 0000000000001001 RSI: 0000000000000000 RDI: 0000000000000003 [ 498.511495][T10308] RBP: 00007f0a7a33b090 R08: 0000000000000000 R09: 0000000000000000 [ 498.511509][T10308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 498.511523][T10308] R13: 0000000000000000 R14: 00007f0a797a5fa0 R15: 00007ffc35d42b48 [ 498.511551][T10308] [ 499.434964][T10330] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1131'. [ 499.915167][T10332] Invalid ELF header magic: != ELF [ 501.725824][T10362] FAULT_INJECTION: forcing a failure. [ 501.725824][T10362] name failslab, interval 1, probability 0, space 0, times 0 [ 501.853800][T10362] CPU: 0 UID: 0 PID: 10362 Comm: syz.1.1141 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 501.853832][T10362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 501.853846][T10362] Call Trace: [ 501.853853][T10362] [ 501.853861][T10362] dump_stack_lvl+0x16c/0x1f0 [ 501.853898][T10362] should_fail_ex+0x512/0x640 [ 501.853924][T10362] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 501.853959][T10362] should_failslab+0xc2/0x120 [ 501.853980][T10362] __kmalloc_cache_noprof+0x6a/0x3e0 [ 501.854010][T10362] ? __might_fault+0xe3/0x190 [ 501.854044][T10362] ? __might_fault+0x13b/0x190 [ 501.854079][T10362] ? alloc_bprm+0x86/0xdd0 [ 501.854118][T10362] alloc_bprm+0x86/0xdd0 [ 501.854147][T10362] ? strncpy_from_user+0x203/0x2e0 [ 501.854173][T10362] do_execveat_common.isra.0+0x1ce/0x610 [ 501.854212][T10362] __x64_sys_execve+0x8e/0xb0 [ 501.854245][T10362] do_syscall_64+0xcd/0x260 [ 501.854281][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.854304][T10362] RIP: 0033:0x7f67e758d169 [ 501.854322][T10362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 501.854345][T10362] RSP: 002b:00007f67e845a038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 501.854366][T10362] RAX: ffffffffffffffda RBX: 00007f67e77a5fa0 RCX: 00007f67e758d169 [ 501.854381][T10362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 501.854395][T10362] RBP: 00007f67e845a090 R08: 0000000000000000 R09: 0000000000000000 [ 501.854409][T10362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 501.854423][T10362] R13: 0000000000000000 R14: 00007f67e77a5fa0 R15: 00007ffd379e8608 [ 501.854451][T10362] [ 502.142248][T10349] Process accounting resumed [ 502.374710][ T9737] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 504.521441][T10400] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1149'. [ 504.569442][T10399] HfR: entered promiscuous mode [ 504.695717][T10400] HfR: left promiscuous mode [ 505.086829][T10409] FAULT_INJECTION: forcing a failure. [ 505.086829][T10409] name failslab, interval 1, probability 0, space 0, times 0 [ 505.156921][T10409] CPU: 0 UID: 0 PID: 10409 Comm: syz.2.1152 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 505.156953][T10409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 505.156968][T10409] Call Trace: [ 505.156975][T10409] [ 505.156984][T10409] dump_stack_lvl+0x16c/0x1f0 [ 505.157021][T10409] should_fail_ex+0x512/0x640 [ 505.157047][T10409] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 505.157082][T10409] should_failslab+0xc2/0x120 [ 505.157122][T10409] __kmalloc_cache_noprof+0x6a/0x3e0 [ 505.157155][T10409] ? append_filter_err+0x41f/0x5e0 [ 505.157186][T10409] ? apply_subsystem_event_filter+0x4c6/0x1450 [ 505.157227][T10409] apply_subsystem_event_filter+0x4c6/0x1450 [ 505.157272][T10409] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 505.157318][T10409] ? _copy_from_user+0x59/0xd0 [ 505.157351][T10409] subsystem_filter_write+0x95/0x120 [ 505.157390][T10409] vfs_write+0x25c/0x1180 [ 505.157420][T10409] ? __pfx_subsystem_filter_write+0x10/0x10 [ 505.157461][T10409] ? __pfx___mutex_lock+0x10/0x10 [ 505.157496][T10409] ? __pfx_vfs_write+0x10/0x10 [ 505.157537][T10409] ? __fget_files+0x20e/0x3c0 [ 505.157581][T10409] ksys_write+0x12a/0x240 [ 505.157613][T10409] ? __pfx_ksys_write+0x10/0x10 [ 505.157645][T10409] ? rcu_is_watching+0x12/0xc0 [ 505.157683][T10409] do_syscall_64+0xcd/0x260 [ 505.157720][T10409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.157744][T10409] RIP: 0033:0x7fd442b8d169 [ 505.157762][T10409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 505.157786][T10409] RSP: 002b:00007fd4439e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 505.157808][T10409] RAX: ffffffffffffffda RBX: 00007fd442da6080 RCX: 00007fd442b8d169 [ 505.157824][T10409] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 000000000000000b [ 505.157838][T10409] RBP: 00007fd442c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 505.157852][T10409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 505.157866][T10409] R13: 0000000000000000 R14: 00007fd442da6080 R15: 00007ffe89c21f78 [ 505.157897][T10409] [ 506.673089][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.679538][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.289720][T10416] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 510.793331][T10461] bridge0: port 3(bond0) entered blocking state [ 510.956571][T10461] bridge0: port 3(bond0) entered disabled state [ 510.994456][T10461] bond0: entered allmulticast mode [ 511.015577][T10461] bond_slave_0: entered allmulticast mode [ 511.040205][T10461] bond_slave_1: entered allmulticast mode [ 511.069987][T10461] bond0: entered promiscuous mode [ 511.106522][T10461] bond_slave_0: entered promiscuous mode [ 511.129471][T10461] bond_slave_1: entered promiscuous mode [ 511.165226][T10461] bridge0: port 3(bond0) entered blocking state [ 511.171645][T10461] bridge0: port 3(bond0) entered forwarding state [ 519.880631][T10564] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1187'. [ 519.978179][T10564] öª: renamed from hsr_slave_0 (while UP) [ 520.884334][T10577] HfR: entered promiscuous mode [ 521.002107][T10578] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1189'. [ 521.195193][T10578] HfR: left promiscuous mode [ 521.938662][T10592] kernel read not supported for file /\*)A (pid: 10592 comm: syz.2.1195) [ 522.056835][ T30] audit: type=1800 audit(6039009041.824:20): pid=10592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1195" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 523.480787][T10603] openvswitch: netlink: Flow key attribute not present in set flow. [ 523.596539][T10607] FAULT_INJECTION: forcing a failure. [ 523.596539][T10607] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 523.794112][T10607] CPU: 0 UID: 0 PID: 10607 Comm: syz.1.1199 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 523.794144][T10607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 523.794158][T10607] Call Trace: [ 523.794165][T10607] [ 523.794174][T10607] dump_stack_lvl+0x16c/0x1f0 [ 523.794212][T10607] should_fail_ex+0x512/0x640 [ 523.794243][T10607] _copy_to_user+0x32/0xd0 [ 523.794274][T10607] simple_read_from_buffer+0xcb/0x170 [ 523.794309][T10607] proc_fail_nth_read+0x197/0x270 [ 523.794342][T10607] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 523.794376][T10607] ? rw_verify_area+0xcf/0x680 [ 523.794404][T10607] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 523.794436][T10607] vfs_read+0x1de/0xc70 [ 523.794471][T10607] ? __pfx___mutex_lock+0x10/0x10 [ 523.794505][T10607] ? __pfx_vfs_read+0x10/0x10 [ 523.794544][T10607] ? __fget_files+0x20e/0x3c0 [ 523.794586][T10607] ksys_read+0x12a/0x240 [ 523.794617][T10607] ? __pfx_ksys_read+0x10/0x10 [ 523.794647][T10607] ? rcu_is_watching+0x12/0xc0 [ 523.794684][T10607] do_syscall_64+0xcd/0x260 [ 523.794721][T10607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.794744][T10607] RIP: 0033:0x7f67e758bb7c [ 523.794762][T10607] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 523.794785][T10607] RSP: 002b:00007f67e8418030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 523.794806][T10607] RAX: ffffffffffffffda RBX: 00007f67e77a6160 RCX: 00007f67e758bb7c [ 523.794821][T10607] RDX: 000000000000000f RSI: 00007f67e84180a0 RDI: 0000000000000004 [ 523.794848][T10607] RBP: 00007f67e8418090 R08: 0000000000000000 R09: 0000000000000000 [ 523.794866][T10607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 523.794879][T10607] R13: 0000000000000000 R14: 00007f67e77a6160 R15: 00007ffd379e8608 [ 523.794907][T10607] [ 526.585663][T10633] kernel read not supported for file /\*)A (pid: 10633 comm: syz.0.1208) [ 526.616056][ T30] audit: type=1800 audit(6039009046.354:21): pid=10633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1208" name="\*)A" dev="mqueue" ino=8583 res=0 errno=0 [ 528.021089][T10653] kernel read not supported for file /\*)A (pid: 10653 comm: syz.0.1221) [ 528.456497][ T30] audit: type=1800 audit(6039009048.224:22): pid=10653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1221" name="\*)A" dev="mqueue" ino=8583 res=0 errno=0 [ 529.816244][T10672] kernel read not supported for file /\*)A (pid: 10672 comm: syz.0.1226) [ 529.830087][ T30] audit: type=1800 audit(6039009049.584:23): pid=10672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1226" name="\*)A" dev="mqueue" ino=8583 res=0 errno=0 [ 530.782892][T10679] kernel read not supported for file /\*)A (pid: 10679 comm: syz.0.1229) [ 531.541248][ T30] audit: type=1800 audit(6039009051.304:24): pid=10679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1229" name="\*)A" dev="mqueue" ino=8583 res=0 errno=0 [ 532.567859][T10689] Process accounting paused [ 533.307899][T10712] kernel read not supported for file /\*)A (pid: 10712 comm: syz.2.1234) [ 533.511494][ T30] audit: type=1800 audit(6039009053.274:25): pid=10712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1234" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 535.788698][T10759] HfR: entered promiscuous mode [ 535.839471][T10759] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1244'. [ 535.884269][T10759] HfR: left promiscuous mode [ 536.416019][T10764] kernel read not supported for file /\*)A (pid: 10764 comm: syz.1.1245) [ 536.733889][ T30] audit: type=1800 audit(6039009056.494:26): pid=10764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1245" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 537.726465][T10783] device-mapper: ioctl: name not supplied when creating device [ 539.504789][T10815] kernel read not supported for file /\*)A (pid: 10815 comm: syz.2.1258) [ 539.745444][ T30] audit: type=1800 audit(6039009059.504:27): pid=10815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1258" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 541.526810][T10827] GUP no longer grows the stack in syz.0.1257 (10827): 14000-401000 (4000) [ 541.596982][T10827] CPU: 0 UID: 0 PID: 10827 Comm: syz.0.1257 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 541.597020][T10827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 541.597035][T10827] Call Trace: [ 541.597041][T10827] [ 541.597049][T10827] dump_stack_lvl+0x16c/0x1f0 [ 541.597087][T10827] gup_vma_lookup+0x1d2/0x220 [ 541.597116][T10827] __get_user_pages+0x234/0x36f0 [ 541.597152][T10827] ? __pfx___schedule+0x10/0x10 [ 541.597184][T10827] ? __pfx___get_user_pages+0x10/0x10 [ 541.597224][T10827] __gup_longterm_locked+0x20d/0x1850 [ 541.597263][T10827] ? __pfx___gup_longterm_locked+0x10/0x10 [ 541.597292][T10827] ? __pfx_rwsem_down_read_slowpath+0x10/0x10 [ 541.597345][T10827] pin_user_pages_remote+0xed/0x140 [ 541.597377][T10827] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 541.597407][T10827] ? mm_access+0x22d/0x2e0 [ 541.597449][T10827] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 541.597477][T10827] ? futex_wait_queue+0x14c/0x220 [ 541.597498][T10827] ? futex_unqueue+0xba/0x140 [ 541.597535][T10827] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 541.597561][T10827] ? iovec_from_user+0xbb/0x140 [ 541.597603][T10827] ? iovec_from_user+0xbb/0x140 [ 541.597655][T10827] process_vm_rw+0x2ff/0x360 [ 541.597679][T10827] ? __pfx_process_vm_rw+0x10/0x10 [ 541.597709][T10827] ? up_write+0x209/0x520 [ 541.597747][T10827] ? cap_task_prctl+0x2af/0xa80 [ 541.597780][T10827] ? xfd_validate_state+0x5d/0x180 [ 541.597813][T10827] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 541.597837][T10827] ? do_syscall_64+0x91/0x260 [ 541.597870][T10827] ? lockdep_hardirqs_on+0x7c/0x110 [ 541.597902][T10827] do_syscall_64+0xcd/0x260 [ 541.597939][T10827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.597962][T10827] RIP: 0033:0x7f0a7958d169 [ 541.597981][T10827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.598009][T10827] RSP: 002b:00007f0a773f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 541.598031][T10827] RAX: ffffffffffffffda RBX: 00007f0a797a6160 RCX: 00007f0a7958d169 [ 541.598047][T10827] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000449 [ 541.598062][T10827] RBP: 00007f0a7960e2a0 R08: 0000000000000003 R09: 0000000000000000 [ 541.598076][T10827] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 541.598091][T10827] R13: 0000000000000000 R14: 00007f0a797a6160 R15: 00007ffc35d42b48 [ 541.598120][T10827] [ 542.284018][T10844] mkiss: ax0: crc mode is auto. [ 544.502188][ T55] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 544.657537][ T30] audit: type=1800 audit(6039009072.417:28): pid=10883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1272" name="dbroot" dev="configfs" ino=30924 res=0 errno=0 [ 551.669888][T10954] netlink: 138 bytes leftover after parsing attributes in process `syz.1.1289'. [ 552.304094][ T55] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 557.845327][T11052] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1308'. [ 557.918814][T11052] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 557.932701][T11054] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1309'. [ 558.040916][T11052] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 559.136861][T11080] FAULT_INJECTION: forcing a failure. [ 559.136861][T11080] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 559.358997][T11080] CPU: 0 UID: 0 PID: 11080 Comm: syz.2.1313 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 559.359039][T11080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 559.359054][T11080] Call Trace: [ 559.359061][T11080] [ 559.359070][T11080] dump_stack_lvl+0x16c/0x1f0 [ 559.359109][T11080] should_fail_ex+0x512/0x640 [ 559.359141][T11080] should_fail_alloc_page+0xe7/0x130 [ 559.359167][T11080] prepare_alloc_pages+0x3c2/0x610 [ 559.359196][T11080] ? rcu_is_watching+0x12/0xc0 [ 559.359229][T11080] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 559.359267][T11080] ? __kernel_text_address+0xd/0x40 [ 559.359295][T11080] ? unwind_get_return_address+0x59/0xa0 [ 559.359330][T11080] ? arch_stack_walk+0xa6/0x100 [ 559.359371][T11080] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 559.359409][T11080] ? stack_trace_save+0x8e/0xc0 [ 559.359442][T11080] ? __pfx_stack_trace_save+0x10/0x10 [ 559.359474][T11080] ? stack_depot_save_flags+0x28/0xa50 [ 559.359502][T11080] ? find_held_lock+0x2b/0x80 [ 559.359536][T11080] ? kasan_save_stack+0x42/0x60 [ 559.359574][T11080] ? __lock_acquire+0xaa4/0x1ba0 [ 559.359593][T11080] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 559.359620][T11080] ? policy_nodemask+0xea/0x4e0 [ 559.359669][T11080] alloc_pages_mpol+0x1fb/0x550 [ 559.359694][T11080] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 559.359714][T11080] ? __page_table_check_ptes_set+0x1ae/0x420 [ 559.359753][T11080] ? find_held_lock+0x2b/0x80 [ 559.359788][T11080] alloc_pages_noprof+0x131/0x390 [ 559.359810][T11080] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 559.359843][T11080] get_free_pages_noprof+0xc/0x40 [ 559.359867][T11080] kasan_populate_vmalloc_pte+0x2d/0x160 [ 559.359901][T11080] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 559.359935][T11080] __apply_to_page_range+0x5f9/0xd30 [ 559.359967][T11080] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 559.360006][T11080] ? __pfx___apply_to_page_range+0x10/0x10 [ 559.360042][T11080] ? alloc_vmap_area+0x872/0x2970 [ 559.360075][T11080] alloc_vmap_area+0x919/0x2970 [ 559.360113][T11080] ? __pfx_alloc_vmap_area+0x10/0x10 [ 559.360149][T11080] __get_vm_area_node+0x1a7/0x300 [ 559.360184][T11080] __vmalloc_node_range_noprof+0x277/0x1540 [ 559.360216][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 559.360257][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 559.360296][T11080] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 559.360339][T11080] __kvmalloc_node_noprof+0x2ff/0x600 [ 559.360374][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 559.360407][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 559.360444][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 559.360474][T11080] __do_sys_listmount+0x1c2/0xed0 [ 559.360511][T11080] ? __x64_sys_futex+0x1e0/0x4c0 [ 559.360544][T11080] ? __x64_sys_futex+0x1e9/0x4c0 [ 559.360579][T11080] ? __pfx___do_sys_listmount+0x10/0x10 [ 559.360611][T11080] ? xfd_validate_state+0x5d/0x180 [ 559.360648][T11080] do_syscall_64+0xcd/0x260 [ 559.360686][T11080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.360709][T11080] RIP: 0033:0x7fd442b8d169 [ 559.360727][T11080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 559.360750][T11080] RSP: 002b:00007fd4439e2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 559.360772][T11080] RAX: ffffffffffffffda RBX: 00007fd442da6080 RCX: 00007fd442b8d169 [ 559.360788][T11080] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 559.360803][T11080] RBP: 00007fd442c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 559.360818][T11080] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 559.360832][T11080] R13: 0000000000000000 R14: 00007fd442da6080 R15: 00007ffe89c21f78 [ 559.360861][T11080] [ 559.361070][T11080] syz.2.1313: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 561.044128][T11080] CPU: 0 UID: 0 PID: 11080 Comm: syz.2.1313 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 561.044160][T11080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 561.044175][T11080] Call Trace: [ 561.044182][T11080] [ 561.044191][T11080] dump_stack_lvl+0x16c/0x1f0 [ 561.044229][T11080] warn_alloc+0x248/0x3a0 [ 561.044267][T11080] ? __pfx_warn_alloc+0x10/0x10 [ 561.044305][T11080] ? kfree+0x2b6/0x4d0 [ 561.044341][T11080] ? __get_vm_area_node+0x1e5/0x300 [ 561.044376][T11080] __vmalloc_node_range_noprof+0xd31/0x1540 [ 561.044418][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 561.044457][T11080] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 561.044501][T11080] __kvmalloc_node_noprof+0x2ff/0x600 [ 561.044536][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 561.044568][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 561.044605][T11080] ? __do_sys_listmount+0x1c2/0xed0 [ 561.044636][T11080] __do_sys_listmount+0x1c2/0xed0 [ 561.044673][T11080] ? __x64_sys_futex+0x1e0/0x4c0 [ 561.044708][T11080] ? __x64_sys_futex+0x1e9/0x4c0 [ 561.044742][T11080] ? __pfx___do_sys_listmount+0x10/0x10 [ 561.044775][T11080] ? xfd_validate_state+0x5d/0x180 [ 561.044813][T11080] do_syscall_64+0xcd/0x260 [ 561.044850][T11080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.044874][T11080] RIP: 0033:0x7fd442b8d169 [ 561.044892][T11080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 561.044916][T11080] RSP: 002b:00007fd4439e2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 561.044942][T11080] RAX: ffffffffffffffda RBX: 00007fd442da6080 RCX: 00007fd442b8d169 [ 561.044958][T11080] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 561.044986][T11080] RBP: 00007fd442c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 561.044999][T11080] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 561.045013][T11080] R13: 0000000000000000 R14: 00007fd442da6080 R15: 00007ffe89c21f78 [ 561.045041][T11080] [ 561.045048][T11080] Mem-Info: [ 562.118127][T11119] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1320'. [ 562.374472][T11119] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 562.550283][T11119] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 562.619091][T11080] active_anon:14236 inactive_anon:12 isolated_anon:0 [ 562.619091][T11080] active_file:15949 inactive_file:44406 isolated_file:0 [ 562.619091][T11080] unevictable:768 dirty:1040 writeback:0 [ 562.619091][T11080] slab_reclaimable:10861 slab_unreclaimable:97106 [ 562.619091][T11080] mapped:25559 shmem:4319 pagetables:870 [ 562.619091][T11080] sec_pagetables:0 bounce:0 [ 562.619091][T11080] kernel_misc_reclaimable:0 [ 562.619091][T11080] free:1322525 free_pcp:732 free_cma:0 [ 562.905484][T11080] Node 0 active_anon:59180kB inactive_anon:48kB active_file:63796kB inactive_file:177620kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102236kB dirty:4160kB writeback:0kB shmem:11092kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10320kB pagetables:3528kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 563.150510][T11080] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:6184kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 563.390552][T11080] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 563.510052][T11129] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1322'. [ 563.560818][T11080] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 563.595690][T11080] Node 0 DMA32 free:1371756kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:54772kB inactive_anon:4kB active_file:63808kB inactive_file:176044kB unevictable:1536kB writepending:4160kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:1520kB local_pcp:1520kB free_cma:0kB [ 563.802554][T11080] lowmem_reserve[]: 0 0 1 1 1 [ 563.834196][T11080] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1576kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 564.001801][T11080] lowmem_reserve[]: 0 0 0 0 0 [ 564.048025][T11080] Node 1 Normal free:3908284kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 564.189983][T11080] lowmem_reserve[]: 0 0 0 0 0 [ 564.210173][T11080] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 564.285260][T11080] Node 0 DMA32: 2801*4kB (ME) 4434*8kB (UME) 3382*16kB (UME) 2676*32kB (UME) 1754*64kB (UME) 1050*128kB (UME) 567*256kB (UME) 221*512kB (UME) 67*1024kB (UM) 18*2048kB (UME) 140*4096kB (UM) = 1370292kB [ 564.397231][T11080] Node 0 Normal: 2*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 564.457528][T11080] Node 1 Normal: 213*4kB (UM) 67*8kB (UME) 41*16kB (UME) 198*32kB (UME) 96*64kB (UME) 28*128kB (UME) 12*256kB (UM) 8*512kB (UME) 2*1024kB (ME) 1*2048kB (E) 947*4096kB (M) = 3908284kB [ 564.551913][T11080] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 564.620088][T11080] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 564.665696][T11080] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 564.702506][T11080] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 564.726789][T11080] 64680 total pagecache pages [ 564.742577][T11080] 8 pages in swap cache [ 564.760062][T11080] Free swap = 124628kB [ 564.782677][T11080] Total swap = 124996kB [ 564.800585][T11080] 2097051 pages RAM [ 564.812886][T11080] 0 pages HighMem/MovableOnly [ 564.821852][T11080] 429587 pages reserved [ 564.826723][T11080] 0 pages cma reserved [ 564.886272][T11080] Process accounting resumed [ 567.108161][T11187] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1334'. [ 567.689375][T11198] nfs: Unknown parameter ' ' [ 567.711554][T11195] block nbd0: not configured, cannot reconfigure [ 568.016295][T11204] FAULT_INJECTION: forcing a failure. [ 568.016295][T11204] name failslab, interval 1, probability 0, space 0, times 0 [ 568.072437][T11204] CPU: 0 UID: 0 PID: 11204 Comm: syz.2.1341 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 568.072471][T11204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 568.072485][T11204] Call Trace: [ 568.072493][T11204] [ 568.072502][T11204] dump_stack_lvl+0x16c/0x1f0 [ 568.072549][T11204] should_fail_ex+0x512/0x640 [ 568.072577][T11204] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 568.072617][T11204] should_failslab+0xc2/0x120 [ 568.072639][T11204] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 568.072675][T11204] ? vma_merge_new_range+0x3f8/0xc10 [ 568.072710][T11204] ? vm_area_alloc+0x1f/0x160 [ 568.072746][T11204] vm_area_alloc+0x1f/0x160 [ 568.072778][T11204] __mmap_region+0xfd0/0x27c0 [ 568.072814][T11204] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 568.072849][T11204] ? __pfx___mmap_region+0x10/0x10 [ 568.072886][T11204] ? kernel_text_address+0x8d/0x100 [ 568.072935][T11204] ? stack_depot_save_flags+0x28/0xa50 [ 568.072996][T11204] ? trace_cap_capable+0x18d/0x200 [ 568.073021][T11204] ? cap_capable+0xb3/0x250 [ 568.073047][T11204] mmap_region+0x1ab/0x3f0 [ 568.073091][T11204] do_mmap+0xd8e/0x11b0 [ 568.073126][T11204] ? __pfx_do_mmap+0x10/0x10 [ 568.073154][T11204] ? __pfx_down_write_killable+0x10/0x10 [ 568.073199][T11204] vm_mmap_pgoff+0x281/0x450 [ 568.073232][T11204] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 568.073257][T11204] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 568.073286][T11204] ? hugetlbfs_get_inode+0x31f/0x730 [ 568.073325][T11204] ksys_mmap_pgoff+0x1c8/0x5c0 [ 568.073352][T11204] ? rcu_is_watching+0x12/0xc0 [ 568.073386][T11204] __x64_sys_mmap+0x125/0x190 [ 568.073418][T11204] do_syscall_64+0xcd/0x260 [ 568.073455][T11204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.073479][T11204] RIP: 0033:0x7fd442b8d169 [ 568.073497][T11204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.073521][T11204] RSP: 002b:00007fd443a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 568.073548][T11204] RAX: ffffffffffffffda RBX: 00007fd442da5fa0 RCX: 00007fd442b8d169 [ 568.073564][T11204] RDX: 00004000000000e3 RSI: 0000000000200004 RDI: 0000000000000000 [ 568.073579][T11204] RBP: 00007fd442c0e2a0 R08: 000000000000000d R09: 0000300000002000 [ 568.073594][T11204] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 568.073609][T11204] R13: 0000000000000000 R14: 00007fd442da5fa0 R15: 00007ffe89c21f78 [ 568.073640][T11204] [ 568.377016][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.383451][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.113428][T11224] syz.2.1347 (11224): drop_caches: 0 [ 570.184805][T11238] kernel read not supported for file /\*)A (pid: 11238 comm: syz.1.1352) [ 570.508076][ T30] audit: type=1800 audit(6039009106.273:29): pid=11238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1352" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 574.056293][T11301] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1371'. [ 575.476664][T11311] kernel read not supported for file /\*)A (pid: 11311 comm: syz.3.1376) [ 575.519579][ T30] audit: type=1800 audit(6039009111.243:30): pid=11311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1376" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 576.218286][ T9737] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 576.227306][ T9737] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 576.237650][ T9737] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 576.246143][ T9737] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 576.254164][ T9737] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 576.646809][T11324] netlink: 'syz.2.1379': attribute type 27 has an invalid length. [ 576.705721][T11324] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1379'. [ 576.920713][T11075] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.097823][T11075] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.398140][T11075] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.635814][T11075] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.878581][T11346] kernel read not supported for file /\*)A (pid: 11346 comm: syz.3.1385) [ 577.940038][ T30] audit: type=1800 audit(6039009113.693:31): pid=11346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1385" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 578.269260][T11320] chnl_net:caif_netlink_parms(): no params data found [ 578.319656][ T55] Bluetooth: hci4: command tx timeout [ 578.715023][T11075] bond0: left allmulticast mode [ 578.747265][T11075] bond_slave_0: left allmulticast mode [ 578.753103][T11075] bond_slave_1: left allmulticast mode [ 578.801601][T11075] bond0: left promiscuous mode [ 578.835598][T11075] bond_slave_0: left promiscuous mode [ 578.880226][T11075] bond_slave_1: left promiscuous mode [ 578.916865][T11075] bridge0: port 3(bond0) entered disabled state [ 578.966362][T11075] bridge_slave_1: left allmulticast mode [ 578.972036][T11075] bridge_slave_1: left promiscuous mode [ 579.030341][T11075] bridge0: port 2(bridge_slave_1) entered disabled state [ 579.079693][T11075] bridge_slave_0: left allmulticast mode [ 579.110353][T11075] bridge_slave_0: left promiscuous mode [ 579.138909][T11075] bridge0: port 1(bridge_slave_0) entered disabled state [ 579.904794][T11379] kernel read not supported for file /\*)A (pid: 11379 comm: syz.3.1394) [ 579.955583][ T30] audit: type=1800 audit(6039009115.713:32): pid=11379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1394" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 580.396461][ T55] Bluetooth: hci4: command tx timeout [ 580.861123][T11075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 580.905130][T11075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 580.939609][T11075] bond0 (unregistering): Released all slaves [ 581.089702][T11367] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1390'. [ 581.539183][T11320] bridge0: port 1(bridge_slave_0) entered blocking state [ 581.588362][T11320] bridge0: port 1(bridge_slave_0) entered disabled state [ 581.616095][T11320] bridge_slave_0: entered allmulticast mode [ 581.656029][T11320] bridge_slave_0: entered promiscuous mode [ 581.791320][T11320] bridge0: port 2(bridge_slave_1) entered blocking state [ 581.829128][T11320] bridge0: port 2(bridge_slave_1) entered disabled state [ 581.878308][T11320] bridge_slave_1: entered allmulticast mode [ 581.932811][T11320] bridge_slave_1: entered promiscuous mode [ 582.169772][T11320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 582.334852][T11320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 582.476175][ T55] Bluetooth: hci4: command tx timeout [ 582.827445][T11320] team0: Port device team_slave_0 added [ 582.902125][T11320] team0: Port device team_slave_1 added [ 583.169754][T11320] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 583.192135][T11320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 583.291071][T11320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 583.857088][T11320] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 583.864066][T11320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 584.075689][T11320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 584.555718][ T55] Bluetooth: hci4: command tx timeout [ 585.042316][T11320] hsr_slave_0: entered promiscuous mode [ 585.103208][T11320] hsr_slave_1: entered promiscuous mode [ 585.150072][T11320] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 585.195602][T11320] Cannot create hsr debugfs directory [ 585.487971][T11441] kernel read not supported for file /\*)A (pid: 11441 comm: syz.3.1404) [ 585.565524][ T30] audit: type=1800 audit(6039009121.313:33): pid=11441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1404" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 585.855057][T11075] hsr_slave_0: left promiscuous mode [ 585.995605][T11075] hsr_slave_1: left promiscuous mode [ 586.016286][T11075] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 586.065479][T11075] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 586.363156][T11075] veth1_macvtap: left promiscuous mode [ 586.421926][T11075] veth0_macvtap: left promiscuous mode [ 586.449211][T11075] veth1_vlan: left promiscuous mode [ 586.454615][T11075] veth0_vlan: left promiscuous mode [ 587.591843][T11468] kernel read not supported for file /\*)A (pid: 11468 comm: syz.1.1413) [ 587.712229][ T30] audit: type=1800 audit(6039009123.473:34): pid=11468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1413" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 589.164452][T11075] team0 (unregistering): Port device team_slave_1 removed [ 590.973065][T11464] tc_dump_action: action bad kind [ 590.997995][T11488] tc_dump_action: action bad kind [ 591.899724][T11320] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 592.216993][T11320] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 592.385217][T11519] kernel read not supported for file /\*)A (pid: 11519 comm: syz.3.1422) [ 592.427447][T11320] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 592.456363][ T30] audit: type=1800 audit(6039009128.223:35): pid=11519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1422" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 592.511220][T11320] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 593.098690][T11534] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there [ 593.098690][T11534] [ 593.117623][T11320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 593.292843][T11320] 8021q: adding VLAN 0 to HW filter on device team0 [ 593.398965][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state [ 593.406182][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state [ 593.462032][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state [ 593.469249][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state [ 594.361431][T11320] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 595.054672][T11545] Process accounting paused [ 595.168359][T11320] veth0_vlan: entered promiscuous mode [ 595.210736][T11320] veth1_vlan: entered promiscuous mode [ 595.314114][T11320] veth0_macvtap: entered promiscuous mode [ 595.350039][T11320] veth1_macvtap: entered promiscuous mode [ 595.439876][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 595.473632][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 595.548087][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 595.600445][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 595.635398][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 595.672470][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 595.720852][T11320] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 595.776976][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 595.836691][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 595.872481][T11320] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 595.928821][T11320] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 595.967251][T11320] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 595.997635][T11320] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 596.045624][T11320] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 596.362497][ T1111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 596.405438][ T1111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 596.507858][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 596.532112][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 597.057041][T11597] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1438'. [ 597.150483][T11597] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.397279][T11605] kernel read not supported for file /\*)A (pid: 11605 comm: syz.3.1432) [ 597.443475][ T30] audit: type=1800 audit(6039009133.203:36): pid=11605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1432" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 597.539729][T11597] bridge_slave_1 (unregistering): left allmulticast mode [ 597.559870][T11597] bridge_slave_1 (unregistering): left promiscuous mode [ 597.611431][T11597] bridge0: port 2(bridge_slave_1) entered disabled state [ 599.665996][T11654] kernel read not supported for file /\*)A (pid: 11654 comm: syz.1.1445) [ 599.714435][ T30] audit: type=1800 audit(6039009135.473:37): pid=11654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1445" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 600.162121][T11666] FAULT_INJECTION: forcing a failure. [ 600.162121][T11666] name failslab, interval 1, probability 0, space 0, times 0 [ 600.379715][T11666] CPU: 0 UID: 0 PID: 11666 Comm: syz.2.1446 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 600.379748][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 600.379763][T11666] Call Trace: [ 600.379770][T11666] [ 600.379779][T11666] dump_stack_lvl+0x16c/0x1f0 [ 600.379817][T11666] should_fail_ex+0x512/0x640 [ 600.379844][T11666] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 600.379882][T11666] ? __pfx_regulator_summary_open+0x10/0x10 [ 600.379908][T11666] should_failslab+0xc2/0x120 [ 600.379937][T11666] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 600.379993][T11666] ? seq_open+0x55/0x170 [ 600.380021][T11666] ? __pfx_regulator_summary_open+0x10/0x10 [ 600.380046][T11666] ? __pfx_regulator_summary_show+0x10/0x10 [ 600.380076][T11666] seq_open+0x55/0x170 [ 600.380100][T11666] ? __pfx_regulator_summary_show+0x10/0x10 [ 600.380131][T11666] single_open+0xfc/0x1f0 [ 600.380159][T11666] full_proxy_open_regular+0x1b6/0x360 [ 600.380190][T11666] do_dentry_open+0x741/0x1c10 [ 600.380225][T11666] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 600.380258][T11666] vfs_open+0x82/0x3f0 [ 600.380286][T11666] path_openat+0x1e5e/0x2d40 [ 600.380332][T11666] ? __pfx_path_openat+0x10/0x10 [ 600.380375][T11666] do_filp_open+0x20b/0x470 [ 600.380411][T11666] ? __pfx_do_filp_open+0x10/0x10 [ 600.380467][T11666] ? alloc_fd+0x471/0x7d0 [ 600.380509][T11666] do_sys_openat2+0x11b/0x1d0 [ 600.380534][T11666] ? __pfx_do_sys_openat2+0x10/0x10 [ 600.380570][T11666] __x64_sys_openat+0x174/0x210 [ 600.380596][T11666] ? __pfx___x64_sys_openat+0x10/0x10 [ 600.380624][T11666] ? rcu_is_watching+0x12/0xc0 [ 600.380662][T11666] do_syscall_64+0xcd/0x260 [ 600.380699][T11666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.380722][T11666] RIP: 0033:0x7fd442b8d169 [ 600.380741][T11666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 600.380765][T11666] RSP: 002b:00007fd443a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 600.380786][T11666] RAX: ffffffffffffffda RBX: 00007fd442da5fa0 RCX: 00007fd442b8d169 [ 600.380802][T11666] RDX: 0000000000000a80 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 600.380818][T11666] RBP: 00007fd442c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 600.380832][T11666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 600.380846][T11666] R13: 0000000000000000 R14: 00007fd442da5fa0 R15: 00007ffe89c21f78 [ 600.380876][T11666] [ 600.742460][T11677] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1448'. [ 600.754198][T11677] bridge0: port 2(bridge_slave_1) entered disabled state [ 601.318406][T11677] bridge_slave_1 (unregistering): left allmulticast mode [ 601.376114][T11677] bridge_slave_1 (unregistering): left promiscuous mode [ 601.384036][T11677] bridge0: port 2(bridge_slave_1) entered disabled state [ 603.215739][T11718] netlink: 18 bytes leftover after parsing attributes in process `syz.3.1455'. [ 603.554521][T11726] kernel read not supported for file /\*)A (pid: 11726 comm: syz.1.1456) [ 603.721538][ T30] audit: type=1800 audit(6039009139.473:38): pid=11726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1456" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 607.124843][T11789] FAULT_INJECTION: forcing a failure. [ 607.124843][T11789] name failslab, interval 1, probability 0, space 0, times 0 [ 607.285423][T11789] CPU: 0 UID: 0 PID: 11789 Comm: syz.1.1469 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 607.285456][T11789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 607.285478][T11789] Call Trace: [ 607.285485][T11789] [ 607.285495][T11789] dump_stack_lvl+0x16c/0x1f0 [ 607.285533][T11789] should_fail_ex+0x512/0x640 [ 607.285561][T11789] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 607.285601][T11789] should_failslab+0xc2/0x120 [ 607.285624][T11789] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 607.285661][T11789] ? mas_alloc_nodes+0x18b/0x8b0 [ 607.285695][T11789] mas_alloc_nodes+0x18b/0x8b0 [ 607.285731][T11789] mas_node_count_gfp+0x105/0x130 [ 607.285764][T11789] mas_preallocate+0x53e/0xcd0 [ 607.285790][T11789] ? __pfx_mas_preallocate+0x10/0x10 [ 607.285823][T11789] ? __pfx___might_resched+0x10/0x10 [ 607.285861][T11789] vma_link+0x135/0x6a0 [ 607.285896][T11789] ? anon_vma_clone+0x3fe/0x5c0 [ 607.285932][T11789] ? __pfx_vma_link+0x10/0x10 [ 607.285987][T11789] ? anon_vma_clone+0x405/0x5c0 [ 607.286027][T11789] copy_vma+0x68a/0xa50 [ 607.286066][T11789] ? __pfx_copy_vma+0x10/0x10 [ 607.286099][T11789] ? finish_task_switch.isra.0+0x221/0xc10 [ 607.286129][T11789] ? lockdep_hardirqs_on+0x7c/0x110 [ 607.286166][T11789] ? register_lock_class+0x41/0x4c0 [ 607.286188][T11789] ? __schedule+0x1186/0x5de0 [ 607.286234][T11789] copy_vma_and_data+0x1cf/0x810 [ 607.286273][T11789] ? __pfx_copy_vma_and_data+0x10/0x10 [ 607.286316][T11789] ? __vma_enter_locked+0x163/0x3f0 [ 607.286355][T11789] ? find_held_lock+0x2b/0x80 [ 607.286385][T11789] ? move_vma+0x536/0x1740 [ 607.286418][T11789] ? __vm_enough_memory+0x184/0x3f0 [ 607.286451][T11789] move_vma+0x548/0x1740 [ 607.286500][T11789] ? __pfx_move_vma+0x10/0x10 [ 607.286539][T11789] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 607.286568][T11789] ? cap_mmap_addr+0x4b/0x120 [ 607.286589][T11789] ? bpf_lsm_mmap_addr+0x9/0x10 [ 607.286618][T11789] ? security_mmap_addr+0x6c/0x1e0 [ 607.286647][T11789] ? __get_unmapped_area+0x26a/0x440 [ 607.286678][T11789] ? vrm_set_new_addr+0x208/0x290 [ 607.286718][T11789] __do_sys_mremap+0xe38/0x15d0 [ 607.286778][T11789] ? __pfx___do_sys_mremap+0x10/0x10 [ 607.286831][T11789] ? __x64_sys_futex+0x1e0/0x4c0 [ 607.286875][T11789] ? syscall_user_dispatch+0x78/0x140 [ 607.286910][T11789] do_syscall_64+0xcd/0x260 [ 607.286947][T11789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.286971][T11789] RIP: 0033:0x7f67e758d169 [ 607.286989][T11789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 607.287013][T11789] RSP: 002b:00007f67e845a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 607.287035][T11789] RAX: ffffffffffffffda RBX: 00007f67e77a5fa0 RCX: 00007f67e758d169 [ 607.287051][T11789] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000000 [ 607.287064][T11789] RBP: 00007f67e760e2a0 R08: 0000000100000000 R09: 0000000000000000 [ 607.287079][T11789] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 607.287093][T11789] R13: 0000000000000000 R14: 00007f67e77a5fa0 R15: 00007ffd379e8608 [ 607.287124][T11789] [ 608.142644][T11793] kernel read not supported for file /\*)A (pid: 11793 comm: syz.2.1470) [ 608.254907][ T30] audit: type=1800 audit(6039016943.988:39): pid=11793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1470" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 614.125288][T11866] kernel read not supported for file /\*)A (pid: 11866 comm: syz.4.1481) [ 614.316011][ T30] audit: type=1800 audit(6039016950.068:40): pid=11866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1481" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 614.866264][T11883] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1485'. [ 615.641416][T11897] kernel read not supported for file /\*)A (pid: 11897 comm: syz.4.1494) [ 616.239668][ T30] audit: type=1800 audit(6039016951.998:41): pid=11897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1494" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 619.544509][T11956] bond0: option packets_per_slave: invalid value ( Xµn‘pæ) [ 619.665620][T11956] bond0: option packets_per_slave: allowed values 0 - 65535 [ 620.445883][T11970] kernel read not supported for file /\*)A (pid: 11970 comm: syz.2.1498) [ 620.454629][ T30] audit: type=1800 audit(6039016956.208:42): pid=11970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1498" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 621.071049][T11977] FAULT_INJECTION: forcing a failure. [ 621.071049][T11977] name failslab, interval 1, probability 0, space 0, times 0 [ 621.162484][T11977] CPU: 0 UID: 0 PID: 11977 Comm: syz.1.1503 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 621.162518][T11977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 621.162533][T11977] Call Trace: [ 621.162540][T11977] [ 621.162549][T11977] dump_stack_lvl+0x16c/0x1f0 [ 621.162588][T11977] should_fail_ex+0x512/0x640 [ 621.162615][T11977] ? fs_reclaim_acquire+0xae/0x150 [ 621.162646][T11977] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 621.162679][T11977] should_failslab+0xc2/0x120 [ 621.162701][T11977] __kmalloc_noprof+0xd2/0x510 [ 621.162752][T11977] tomoyo_realpath_from_path+0xc2/0x6e0 [ 621.162794][T11977] tomoyo_check_open_permission+0x2ab/0x3c0 [ 621.162824][T11977] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 621.162853][T11977] ? __lock_acquire+0xaa4/0x1ba0 [ 621.162903][T11977] ? find_held_lock+0x2b/0x80 [ 621.162940][T11977] tomoyo_file_open+0x6b/0x90 [ 621.162979][T11977] security_file_open+0x84/0x1e0 [ 621.163012][T11977] do_dentry_open+0x596/0x1c10 [ 621.163055][T11977] vfs_open+0x82/0x3f0 [ 621.163082][T11977] path_openat+0x1e5e/0x2d40 [ 621.163129][T11977] ? __pfx_path_openat+0x10/0x10 [ 621.163173][T11977] do_filp_open+0x20b/0x470 [ 621.163208][T11977] ? __pfx_do_filp_open+0x10/0x10 [ 621.163265][T11977] ? alloc_fd+0x471/0x7d0 [ 621.163307][T11977] do_sys_openat2+0x11b/0x1d0 [ 621.163332][T11977] ? __pfx_do_sys_openat2+0x10/0x10 [ 621.163368][T11977] __x64_sys_openat+0x174/0x210 [ 621.163394][T11977] ? __pfx___x64_sys_openat+0x10/0x10 [ 621.163421][T11977] ? rcu_is_watching+0x12/0xc0 [ 621.163458][T11977] do_syscall_64+0xcd/0x260 [ 621.163495][T11977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.163519][T11977] RIP: 0033:0x7f67e758d169 [ 621.163537][T11977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 621.163560][T11977] RSP: 002b:00007f67e845a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 621.163582][T11977] RAX: ffffffffffffffda RBX: 00007f67e77a5fa0 RCX: 00007f67e758d169 [ 621.163598][T11977] RDX: 00000000001a1842 RSI: 00002000000003c0 RDI: ffffffffffffff9c [ 621.163614][T11977] RBP: 00007f67e760e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 621.163628][T11977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 621.163642][T11977] R13: 0000000000000000 R14: 00007f67e77a5fa0 R15: 00007ffd379e8608 [ 621.163672][T11977] [ 621.163681][T11977] ERROR: Out of memory at tomoyo_realpath_from_path. [ 626.061687][T12051] kernel read not supported for file /\*)A (pid: 12051 comm: syz.1.1512) [ 626.107067][T12052] FAULT_INJECTION: forcing a failure. [ 626.107067][T12052] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 626.345437][ T30] audit: type=1800 audit(6039016962.078:43): pid=12051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1512" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 626.432206][T12052] CPU: 0 UID: 0 PID: 12052 Comm: syz.4.1514 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 626.432239][T12052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 626.432253][T12052] Call Trace: [ 626.432260][T12052] [ 626.432268][T12052] dump_stack_lvl+0x16c/0x1f0 [ 626.432307][T12052] should_fail_ex+0x512/0x640 [ 626.432338][T12052] _copy_from_iter+0x2a4/0x15b0 [ 626.432373][T12052] ? __pfx__copy_from_iter+0x10/0x10 [ 626.432415][T12052] skb_copy_datagram_from_iter+0x124/0x740 [ 626.432458][T12052] ? find_held_lock+0x2b/0x80 [ 626.432492][T12052] tun_get_user+0x17ac/0x3b10 [ 626.432539][T12052] ? __pfx_tun_get_user+0x10/0x10 [ 626.432570][T12052] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 626.432607][T12052] ? find_held_lock+0x2b/0x80 [ 626.432636][T12052] ? tun_get+0x191/0x370 [ 626.432673][T12052] tun_chr_write_iter+0xdc/0x210 [ 626.432708][T12052] vfs_write+0x5ba/0x1180 [ 626.432741][T12052] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 626.432776][T12052] ? __pfx_vfs_write+0x10/0x10 [ 626.432806][T12052] ? find_held_lock+0x2b/0x80 [ 626.432852][T12052] __x64_sys_pwrite64+0x1f4/0x250 [ 626.432887][T12052] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 626.432920][T12052] ? rcu_is_watching+0x12/0xc0 [ 626.432957][T12052] do_syscall_64+0xcd/0x260 [ 626.432992][T12052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.433016][T12052] RIP: 0033:0x7fe7aaf8d169 [ 626.433033][T12052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 626.433056][T12052] RSP: 002b:00007fe7abe19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 626.433077][T12052] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8d169 [ 626.433093][T12052] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8 [ 626.433107][T12052] RBP: 00007fe7abe19090 R08: 0000000000000000 R09: 0000000000000000 [ 626.433122][T12052] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 626.433135][T12052] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 626.433164][T12052] [ 627.034424][T12029] Process accounting resumed [ 629.526476][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.532879][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 632.143308][T12121] kernel read not supported for file /\*)A (pid: 12121 comm: syz.4.1524) [ 632.692680][ T30] audit: type=1800 audit(6039016968.448:44): pid=12121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1524" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 634.211186][T12136] kernel read not supported for file /\*)A (pid: 12136 comm: syz.4.1537) [ 634.505915][ T30] audit: type=1800 audit(6039016970.258:45): pid=12136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1537" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 635.551139][T12153] sctp: [Deprecated]: syz.4.1533 (pid 12153) Use of struct sctp_assoc_value in delayed_ack socket option. [ 635.551139][T12153] Use struct sctp_sack_info instead [ 636.199754][T12160] FAULT_INJECTION: forcing a failure. [ 636.199754][T12160] name failslab, interval 1, probability 0, space 0, times 0 [ 636.361757][T12160] CPU: 0 UID: 0 PID: 12160 Comm: syz.4.1534 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 636.361790][T12160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 636.361804][T12160] Call Trace: [ 636.361812][T12160] [ 636.361820][T12160] dump_stack_lvl+0x16c/0x1f0 [ 636.361858][T12160] should_fail_ex+0x512/0x640 [ 636.361885][T12160] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 636.361920][T12160] should_failslab+0xc2/0x120 [ 636.361942][T12160] __kmalloc_cache_noprof+0x6a/0x3e0 [ 636.361973][T12160] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 636.362020][T12160] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 636.362061][T12160] ? genl_start+0x1e8/0x980 [ 636.362101][T12160] genl_start+0x1e8/0x980 [ 636.362141][T12160] __netlink_dump_start+0x60b/0x990 [ 636.362179][T12160] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 636.362204][T12160] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 636.362227][T12160] ? genl_rcv_msg+0x577/0x800 [ 636.362253][T12160] ? __pfx_genl_get_cmd+0x10/0x10 [ 636.362287][T12160] ? __pfx_genl_start+0x10/0x10 [ 636.362321][T12160] ? __pfx_genl_dumpit+0x10/0x10 [ 636.362340][T12160] ? __pfx_genl_done+0x10/0x10 [ 636.362363][T12160] ? __local_bh_enable_ip+0xa4/0x120 [ 636.362394][T12160] ? __dev_queue_xmit+0x896/0x43e0 [ 636.362418][T12160] ? __radix_tree_lookup+0x21f/0x2c0 [ 636.362453][T12160] genl_rcv_msg+0x46e/0x800 [ 636.362478][T12160] ? __pfx_genl_rcv_msg+0x10/0x10 [ 636.362498][T12160] ? __pfx___dev_queue_xmit+0x10/0x10 [ 636.362523][T12160] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 636.362545][T12160] ? __pfx_ctrl_dumppolicy+0x10/0x10 [ 636.362565][T12160] ? __pfx_ctrl_dumppolicy_done+0x10/0x10 [ 636.362603][T12160] ? __lock_acquire+0xaa4/0x1ba0 [ 636.362630][T12160] netlink_rcv_skb+0x16a/0x440 [ 636.362664][T12160] ? __pfx_genl_rcv_msg+0x10/0x10 [ 636.362687][T12160] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 636.362736][T12160] ? __pfx_down_read+0x10/0x10 [ 636.362775][T12160] ? netlink_deliver_tap+0x1ae/0xd30 [ 636.362816][T12160] genl_rcv+0x28/0x40 [ 636.362850][T12160] netlink_unicast+0x53a/0x7f0 [ 636.362887][T12160] ? __pfx_netlink_unicast+0x10/0x10 [ 636.362935][T12160] ? __lock_acquire+0xaa4/0x1ba0 [ 636.362963][T12160] netlink_sendmsg+0x8d1/0xdd0 [ 636.363006][T12160] ? __pfx_netlink_sendmsg+0x10/0x10 [ 636.363052][T12160] ____sys_sendmsg+0xa95/0xc70 [ 636.363090][T12160] ? copy_msghdr_from_user+0x10a/0x160 [ 636.363121][T12160] ? __pfx_____sys_sendmsg+0x10/0x10 [ 636.363175][T12160] ___sys_sendmsg+0x134/0x1d0 [ 636.363206][T12160] ? __pfx____sys_sendmsg+0x10/0x10 [ 636.363274][T12160] __sys_sendmsg+0x16d/0x220 [ 636.363304][T12160] ? __pfx___sys_sendmsg+0x10/0x10 [ 636.363344][T12160] ? rcu_is_watching+0x12/0xc0 [ 636.363381][T12160] do_syscall_64+0xcd/0x260 [ 636.363417][T12160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.363441][T12160] RIP: 0033:0x7fe7aaf8d169 [ 636.363459][T12160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 636.363481][T12160] RSP: 002b:00007fe7abe19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 636.363502][T12160] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8d169 [ 636.363517][T12160] RDX: 0000000000044040 RSI: 0000200000000340 RDI: 0000000000000003 [ 636.363532][T12160] RBP: 00007fe7abe19090 R08: 0000000000000000 R09: 0000000000000000 [ 636.363546][T12160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 636.363559][T12160] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 636.363588][T12160] [ 637.615469][ T55] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 638.673423][T12181] could not allocate digest TFM handle binfmt_misc [ 640.920938][T12214] kernel read not supported for file /\*)A (pid: 12214 comm: syz.2.1544) [ 641.457179][ T30] audit: type=1800 audit(6039016977.218:46): pid=12214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1544" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 642.577423][T12233] FAULT_INJECTION: forcing a failure. [ 642.577423][T12233] name failslab, interval 1, probability 0, space 0, times 0 [ 642.666131][T12233] CPU: 0 UID: 0 PID: 12233 Comm: syz.2.1549 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 642.666165][T12233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 642.666179][T12233] Call Trace: [ 642.666188][T12233] [ 642.666197][T12233] dump_stack_lvl+0x16c/0x1f0 [ 642.666235][T12233] should_fail_ex+0x512/0x640 [ 642.666263][T12233] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 642.666307][T12233] should_failslab+0xc2/0x120 [ 642.666330][T12233] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 642.666371][T12233] ? kstrdup_const+0x63/0x80 [ 642.666399][T12233] kstrdup+0x53/0x100 [ 642.666422][T12233] kstrdup_const+0x63/0x80 [ 642.666444][T12233] alloc_vfsmnt+0xdf/0x6f0 [ 642.666471][T12233] clone_mnt+0x6d/0xff0 [ 642.666499][T12233] ? copy_tree+0x50d/0xa20 [ 642.666534][T12233] ? copy_mnt_ns+0x1ac/0xac0 [ 642.666561][T12233] copy_tree+0x38d/0xa20 [ 642.666607][T12233] copy_mnt_ns+0x1ac/0xac0 [ 642.666636][T12233] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 642.666672][T12233] ? trace_cap_capable+0x18d/0x200 [ 642.666695][T12233] ? create_new_namespaces+0x30/0xad0 [ 642.666735][T12233] create_new_namespaces+0xd3/0xad0 [ 642.666769][T12233] ? bpf_lsm_capable+0x9/0x10 [ 642.666803][T12233] ? security_capable+0x7e/0x260 [ 642.666829][T12233] copy_namespaces+0x468/0x560 [ 642.666865][T12233] copy_process+0x29ff/0x91a0 [ 642.666920][T12233] ? __pfx_copy_process+0x10/0x10 [ 642.666954][T12233] ? __pfx___futex_wait+0x10/0x10 [ 642.666993][T12233] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 642.667029][T12233] kernel_clone+0xfc/0x960 [ 642.667061][T12233] ? __blk_flush_plug+0x2f3/0x4b0 [ 642.667086][T12233] ? __pfx_kernel_clone+0x10/0x10 [ 642.667137][T12233] __do_sys_clone+0xce/0x120 [ 642.667176][T12233] ? __pfx___do_sys_clone+0x10/0x10 [ 642.667209][T12233] ? find_held_lock+0x2b/0x80 [ 642.667254][T12233] ? rcu_is_watching+0x12/0xc0 [ 642.667292][T12233] do_syscall_64+0xcd/0x260 [ 642.667330][T12233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.667354][T12233] RIP: 0033:0x7fd442b8d169 [ 642.667372][T12233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 642.667395][T12233] RSP: 002b:00007fd443a02fe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 642.667418][T12233] RAX: ffffffffffffffda RBX: 00007fd442da5fa0 RCX: 00007fd442b8d169 [ 642.667434][T12233] RDX: 0000000000000000 RSI: 0000000000000030 RDI: 00000001432a0091 [ 642.667449][T12233] RBP: 00007fd442c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 642.667464][T12233] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 642.667478][T12233] R13: 0000000000000000 R14: 00007fd442da5fa0 R15: 00007ffe89c21f78 [ 642.667508][T12233] [ 644.486092][T12260] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1556'. [ 644.619860][T12260] ipvlan1: entered allmulticast mode [ 644.701792][T12260] veth0_vlan: entered allmulticast mode [ 645.569166][T12269] kernel read not supported for file /\*)A (pid: 12269 comm: syz.3.1557) [ 645.740602][ T30] audit: type=1800 audit(6039016981.498:47): pid=12269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1557" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 648.257142][T12316] kernel read not supported for file /\*)A (pid: 12316 comm: syz.2.1571) [ 648.394496][ T30] audit: type=1800 audit(6039016984.148:48): pid=12316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1571" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 649.818524][T12336] kernel read not supported for file /\*)A (pid: 12336 comm: syz.4.1583) [ 649.911006][T12338] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1575'. [ 649.921237][ T30] audit: type=1800 audit(6039016985.628:49): pid=12336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1583" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 650.083968][T12338] ipvlan1: entered allmulticast mode [ 650.196018][T12338] veth0_vlan: entered allmulticast mode [ 651.171981][T12346] FAULT_INJECTION: forcing a failure. [ 651.171981][T12346] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 651.241913][T12346] CPU: 0 UID: 0 PID: 12346 Comm: syz.4.1578 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 651.241944][T12346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 651.241957][T12346] Call Trace: [ 651.241964][T12346] [ 651.241973][T12346] dump_stack_lvl+0x16c/0x1f0 [ 651.242010][T12346] should_fail_ex+0x512/0x640 [ 651.242041][T12346] _copy_from_user+0x2e/0xd0 [ 651.242071][T12346] copy_msghdr_from_user+0x98/0x160 [ 651.242102][T12346] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 651.242153][T12346] ? kfree+0x252/0x4d0 [ 651.242181][T12346] ? __pfx__kstrtoull+0x10/0x10 [ 651.242227][T12346] ___sys_sendmsg+0xfe/0x1d0 [ 651.242259][T12346] ? __pfx____sys_sendmsg+0x10/0x10 [ 651.242315][T12346] ? __pfx___might_resched+0x10/0x10 [ 651.242355][T12346] __sys_sendmmsg+0x200/0x420 [ 651.242389][T12346] ? __pfx___sys_sendmmsg+0x10/0x10 [ 651.242429][T12346] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 651.242476][T12346] ? fput+0x70/0xf0 [ 651.242498][T12346] ? ksys_write+0x1b9/0x240 [ 651.242529][T12346] ? __pfx_ksys_write+0x10/0x10 [ 651.242559][T12346] ? rcu_is_watching+0x12/0xc0 [ 651.242593][T12346] __x64_sys_sendmmsg+0x9c/0x100 [ 651.242623][T12346] ? lockdep_hardirqs_on+0x7c/0x110 [ 651.242655][T12346] do_syscall_64+0xcd/0x260 [ 651.242691][T12346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.242714][T12346] RIP: 0033:0x7fe7aaf8d169 [ 651.242731][T12346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.242754][T12346] RSP: 002b:00007fe7abe19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 651.242775][T12346] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8d169 [ 651.242791][T12346] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 651.242805][T12346] RBP: 00007fe7abe19090 R08: 0000000000000000 R09: 0000000000000000 [ 651.242820][T12346] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 651.242834][T12346] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 651.242862][T12346] [ 652.113833][T12359] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1581'. [ 653.689457][T12381] kernel read not supported for file /\*)A (pid: 12381 comm: syz.2.1588) [ 653.861176][ T30] audit: type=1800 audit(6039016989.618:50): pid=12381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1588" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 653.949614][T12378] zswap: compressor not available [ 654.361421][T12393] FAULT_INJECTION: forcing a failure. [ 654.361421][T12393] name failslab, interval 1, probability 0, space 0, times 0 [ 654.426551][T12393] CPU: 0 UID: 0 PID: 12393 Comm: syz.4.1590 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 654.426583][T12393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 654.426597][T12393] Call Trace: [ 654.426605][T12393] [ 654.426613][T12393] dump_stack_lvl+0x16c/0x1f0 [ 654.426652][T12393] should_fail_ex+0x512/0x640 [ 654.426678][T12393] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 654.426717][T12393] should_failslab+0xc2/0x120 [ 654.426740][T12393] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 654.426776][T12393] ? mas_alloc_nodes+0x18b/0x8b0 [ 654.426810][T12393] mas_alloc_nodes+0x18b/0x8b0 [ 654.426845][T12393] mas_node_count_gfp+0x105/0x130 [ 654.426877][T12393] mas_preallocate+0x53e/0xcd0 [ 654.426903][T12393] ? __pfx_mas_preallocate+0x10/0x10 [ 654.426932][T12393] ? vm_area_alloc+0x1f/0x160 [ 654.426965][T12393] ? lockdep_init_map_type+0x5c/0x280 [ 654.426991][T12393] __mmap_region+0x139b/0x27c0 [ 654.427038][T12393] ? __pfx___mmap_region+0x10/0x10 [ 654.427073][T12393] ? bpf_ksym_find+0x124/0x1c0 [ 654.427108][T12393] ? __kernel_text_address+0xd/0x40 [ 654.427135][T12393] ? unwind_get_return_address+0x59/0xa0 [ 654.427211][T12393] ? trace_cap_capable+0x18d/0x200 [ 654.427236][T12393] ? cap_capable+0xb3/0x250 [ 654.427262][T12393] mmap_region+0x32b/0x3f0 [ 654.427303][T12393] do_mmap+0xd8e/0x11b0 [ 654.427336][T12393] ? __pfx_do_mmap+0x10/0x10 [ 654.427363][T12393] ? __pfx_down_write_killable+0x10/0x10 [ 654.427408][T12393] vm_mmap_pgoff+0x281/0x450 [ 654.427440][T12393] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 654.427472][T12393] ? __fget_files+0x20e/0x3c0 [ 654.427511][T12393] ksys_mmap_pgoff+0x32c/0x5c0 [ 654.427537][T12393] ? __pfx_ksys_write+0x10/0x10 [ 654.427568][T12393] ? rcu_is_watching+0x12/0xc0 [ 654.427599][T12393] __x64_sys_mmap+0x125/0x190 [ 654.427630][T12393] do_syscall_64+0xcd/0x260 [ 654.427667][T12393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.427692][T12393] RIP: 0033:0x7fe7aaf8d169 [ 654.427709][T12393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 654.427732][T12393] RSP: 002b:00007fe7abe19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 654.427755][T12393] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8d169 [ 654.427770][T12393] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 654.427784][T12393] RBP: 00007fe7abe19090 R08: 0000000000000003 R09: 0000000000008000 [ 654.427799][T12393] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 654.427813][T12393] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 654.427842][T12393] [ 655.323214][T12397] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1593'. [ 655.453691][T12397] bridge0: port 3(team0) entered disabled state [ 656.208242][T12414] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1597'. [ 656.250374][T12414] ipvlan1: entered allmulticast mode [ 656.280418][T12414] veth0_vlan: entered allmulticast mode [ 656.674501][T12419] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1598'. [ 657.151417][T12428] kernel read not supported for file /\*)A (pid: 12428 comm: syz.3.1602) [ 657.184952][ T30] audit: type=1800 audit(6039016992.938:51): pid=12428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1602" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 657.402948][T12419] Process accounting paused [ 658.991242][T12460] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1612'. [ 659.108898][T12464] FAULT_INJECTION: forcing a failure. [ 659.108898][T12464] name failslab, interval 1, probability 0, space 0, times 0 [ 659.162385][T12464] CPU: 0 UID: 0 PID: 12464 Comm: syz.4.1614 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 659.162417][T12464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 659.162432][T12464] Call Trace: [ 659.162440][T12464] [ 659.162448][T12464] dump_stack_lvl+0x16c/0x1f0 [ 659.162486][T12464] should_fail_ex+0x512/0x640 [ 659.162522][T12464] should_failslab+0xc2/0x120 [ 659.162544][T12464] __kmalloc_cache_noprof+0x6a/0x3e0 [ 659.162576][T12464] ? __sctp_v6_cmp_addr+0x206/0x530 [ 659.162613][T12464] ? sctp_add_bind_addr+0xae/0x3f0 [ 659.162648][T12464] sctp_add_bind_addr+0xae/0x3f0 [ 659.162683][T12464] sctp_copy_local_addr_list+0x39d/0x5a0 [ 659.162724][T12464] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 659.162771][T12464] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 659.162815][T12464] ? sctp_bind_addr_copy+0xe0/0x530 [ 659.162846][T12464] sctp_bind_addr_copy+0xe0/0x530 [ 659.162884][T12464] sctp_connect_new_asoc+0x1d7/0x790 [ 659.162913][T12464] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 659.162946][T12464] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 659.162981][T12464] sctp_sendmsg+0x15f9/0x1ee0 [ 659.163015][T12464] ? __pfx_sctp_sendmsg+0x10/0x10 [ 659.163056][T12464] ? __might_fault+0xe3/0x190 [ 659.163093][T12464] ? __pfx_aa_sk_perm+0x10/0x10 [ 659.163124][T12464] ? __pfx_sctp_sendmsg+0x10/0x10 [ 659.163152][T12464] inet_sendmsg+0x119/0x140 [ 659.163176][T12464] __sys_sendto+0x431/0x510 [ 659.163204][T12464] ? __pfx___sys_sendto+0x10/0x10 [ 659.163256][T12464] ? ksys_write+0x1b9/0x240 [ 659.163289][T12464] ? __pfx_ksys_write+0x10/0x10 [ 659.163319][T12464] ? rcu_is_watching+0x12/0xc0 [ 659.163352][T12464] __x64_sys_sendto+0xe0/0x1c0 [ 659.163378][T12464] ? do_syscall_64+0x91/0x260 [ 659.163411][T12464] ? lockdep_hardirqs_on+0x7c/0x110 [ 659.163443][T12464] do_syscall_64+0xcd/0x260 [ 659.163479][T12464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.163502][T12464] RIP: 0033:0x7fe7aaf8d169 [ 659.163520][T12464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.163543][T12464] RSP: 002b:00007fe7abe19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 659.163565][T12464] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8d169 [ 659.163581][T12464] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000003 [ 659.163594][T12464] RBP: 00007fe7abe19090 R08: 0000200000000000 R09: 000000000000001f [ 659.163608][T12464] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000002 [ 659.163622][T12464] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 659.163651][T12464] [ 660.835556][T12483] kernel read not supported for file /\*)A (pid: 12483 comm: syz.2.1613) [ 661.103136][ T30] audit: type=1800 audit(6039016996.858:52): pid=12483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1613" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 663.160255][T12526] kernel read not supported for file /\*)A (pid: 12526 comm: syz.4.1632) [ 663.336632][ T30] audit: type=1800 audit(6039016999.098:53): pid=12526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1632" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 664.951679][T12545] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 665.025940][T12545] ep_00: uevent: failed to send synthetic uevent: -22 [ 665.661692][T12553] FAULT_INJECTION: forcing a failure. [ 665.661692][T12553] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 665.887058][T12553] CPU: 0 UID: 0 PID: 12553 Comm: syz.1.1640 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 665.887091][T12553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 665.887105][T12553] Call Trace: [ 665.887112][T12553] [ 665.887121][T12553] dump_stack_lvl+0x16c/0x1f0 [ 665.887158][T12553] should_fail_ex+0x512/0x640 [ 665.887188][T12553] _copy_to_user+0x32/0xd0 [ 665.887220][T12553] simple_read_from_buffer+0xcb/0x170 [ 665.887255][T12553] proc_fail_nth_read+0x197/0x270 [ 665.887288][T12553] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 665.887322][T12553] ? rw_verify_area+0xcf/0x680 [ 665.887350][T12553] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 665.887393][T12553] vfs_read+0x1de/0xc70 [ 665.887428][T12553] ? __pfx___mutex_lock+0x10/0x10 [ 665.887462][T12553] ? __pfx_vfs_read+0x10/0x10 [ 665.887501][T12553] ? __fget_files+0x20e/0x3c0 [ 665.887543][T12553] ksys_read+0x12a/0x240 [ 665.887575][T12553] ? __pfx_ksys_read+0x10/0x10 [ 665.887604][T12553] ? rcu_is_watching+0x12/0xc0 [ 665.887641][T12553] do_syscall_64+0xcd/0x260 [ 665.887677][T12553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.887701][T12553] RIP: 0033:0x7f67e758bb7c [ 665.887719][T12553] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 665.887743][T12553] RSP: 002b:00007f67e8439030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 665.887764][T12553] RAX: ffffffffffffffda RBX: 00007f67e77a6080 RCX: 00007f67e758bb7c [ 665.887780][T12553] RDX: 000000000000000f RSI: 00007f67e84390a0 RDI: 0000000000000003 [ 665.887794][T12553] RBP: 00007f67e8439090 R08: 0000000000000000 R09: 0000000000000000 [ 665.887808][T12553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.887822][T12553] R13: 0000000000000001 R14: 00007f67e77a6080 R15: 00007ffd379e8608 [ 665.887852][T12553] [ 666.288245][T12563] kernel read not supported for file /\*)A (pid: 12563 comm: syz.4.1643) [ 666.452757][ T30] audit: type=1800 audit(6039017002.138:54): pid=12563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1643" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 667.649798][T12586] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1651'. [ 667.759771][T12586] lo: entered allmulticast mode [ 667.785134][T12586] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1651'. [ 667.836385][T12586] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 668.051810][T12586] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 668.160845][T12586] lo: left allmulticast mode [ 668.547621][T12602] kernel read not supported for file /\*)A (pid: 12602 comm: syz.2.1655) [ 668.731139][ T30] audit: type=1800 audit(6039017004.488:55): pid=12602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1655" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 669.382229][T12608] Invalid ELF header magic: != ELF [ 670.163115][T12622] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1661'. [ 670.853339][T12634] netlink: 'syz.3.1664': attribute type 1 has an invalid length. [ 671.072199][ T30] audit: type=1804 audit(6039017006.828:56): pid=12608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1657" name="/newroot/sys/kernel/debug/tracing/dynamic_events" dev="tracefs" ino=1074 res=1 errno=0 [ 671.819299][T12649] kernel read not supported for file /\*)A (pid: 12649 comm: syz.3.1669) [ 671.866762][ T30] audit: type=1800 audit(6039017007.628:57): pid=12649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1669" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 672.981387][T12661] FAULT_INJECTION: forcing a failure. [ 672.981387][T12661] name failslab, interval 1, probability 0, space 0, times 0 [ 673.066975][T12661] CPU: 0 UID: 0 PID: 12661 Comm: syz.4.1674 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 673.067013][T12661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 673.067029][T12661] Call Trace: [ 673.067037][T12661] [ 673.067047][T12661] dump_stack_lvl+0x16c/0x1f0 [ 673.067092][T12661] should_fail_ex+0x512/0x640 [ 673.067117][T12661] ? fs_reclaim_acquire+0xae/0x150 [ 673.067148][T12661] ? tomoyo_encode2+0x100/0x3e0 [ 673.067178][T12661] should_failslab+0xc2/0x120 [ 673.067200][T12661] __kmalloc_noprof+0xd2/0x510 [ 673.067241][T12661] tomoyo_encode2+0x100/0x3e0 [ 673.067277][T12661] tomoyo_encode+0x29/0x50 [ 673.067307][T12661] tomoyo_realpath_from_path+0x18f/0x6e0 [ 673.067343][T12661] ? tomoyo_profile+0x47/0x60 [ 673.067382][T12661] tomoyo_path_number_perm+0x245/0x580 [ 673.067408][T12661] ? tomoyo_path_number_perm+0x237/0x580 [ 673.067438][T12661] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 673.067467][T12661] ? find_held_lock+0x2b/0x80 [ 673.067523][T12661] ? find_held_lock+0x2b/0x80 [ 673.067551][T12661] ? hook_file_ioctl_common+0x145/0x410 [ 673.067582][T12661] ? __fget_files+0x20e/0x3c0 [ 673.067621][T12661] security_file_ioctl+0x9b/0x240 [ 673.067651][T12661] __x64_sys_ioctl+0xb7/0x200 [ 673.067682][T12661] do_syscall_64+0xcd/0x260 [ 673.067718][T12661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.067741][T12661] RIP: 0033:0x7fe7aaf8d169 [ 673.067759][T12661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 673.067782][T12661] RSP: 002b:00007fe7abe19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 673.067803][T12661] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8d169 [ 673.067819][T12661] RDX: 0000000000000004 RSI: 00000000c048aec8 RDI: 0000000000000003 [ 673.067833][T12661] RBP: 00007fe7abe19090 R08: 0000000000000000 R09: 0000000000000000 [ 673.067847][T12661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 673.067861][T12661] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 673.067890][T12661] [ 673.067908][T12661] ERROR: Out of memory at tomoyo_realpath_from_path. [ 674.825265][T12686] kernel read not supported for file /\*)A (pid: 12686 comm: syz.1.1680) [ 674.931299][ T30] audit: type=1800 audit(6039017010.688:58): pid=12686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1680" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 677.103833][T12709] FAULT_INJECTION: forcing a failure. [ 677.103833][T12709] name failslab, interval 1, probability 0, space 0, times 0 [ 677.176178][T12709] CPU: 0 UID: 0 PID: 12709 Comm: syz.4.1688 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 677.176211][T12709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 677.176226][T12709] Call Trace: [ 677.176233][T12709] [ 677.176241][T12709] dump_stack_lvl+0x16c/0x1f0 [ 677.176281][T12709] should_fail_ex+0x512/0x640 [ 677.176308][T12709] ? __kmalloc_noprof+0xbf/0x510 [ 677.176346][T12709] ? net_alloc_generic+0x1e/0x70 [ 677.176379][T12709] should_failslab+0xc2/0x120 [ 677.176401][T12709] __kmalloc_noprof+0xd2/0x510 [ 677.176435][T12709] ? inc_ucount+0x240/0x2f0 [ 677.176477][T12709] net_alloc_generic+0x1e/0x70 [ 677.176510][T12709] copy_net_ns+0xc6/0x5f0 [ 677.176544][T12709] ? copy_cgroup_ns+0xa4/0x6f0 [ 677.176578][T12709] create_new_namespaces+0x3ea/0xad0 [ 677.176619][T12709] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 677.176657][T12709] ksys_unshare+0x45b/0xa40 [ 677.176694][T12709] ? __pfx_ksys_unshare+0x10/0x10 [ 677.176730][T12709] ? xfd_validate_state+0x5d/0x180 [ 677.176758][T12709] ? rcu_is_watching+0x12/0xc0 [ 677.176795][T12709] __x64_sys_unshare+0x31/0x40 [ 677.176832][T12709] do_syscall_64+0xcd/0x260 [ 677.176883][T12709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.176908][T12709] RIP: 0033:0x7fe7aaf8d169 [ 677.176926][T12709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 677.176950][T12709] RSP: 002b:00007fe7abe19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 677.176972][T12709] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8d169 [ 677.176988][T12709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 677.177003][T12709] RBP: 00007fe7ab00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 677.177017][T12709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.177032][T12709] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 677.177061][T12709] [ 677.994415][T12716] kernel read not supported for file /\*)A (pid: 12716 comm: syz.2.1690) [ 678.111499][ T30] audit: type=1800 audit(6039017013.788:59): pid=12716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1690" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 678.794660][T12731] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1694'. [ 679.597454][T12740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1696'. [ 680.015800][T12745] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1699'. [ 680.218927][T12750] kernel read not supported for file /\*)A (pid: 12750 comm: syz.1.1701) [ 680.264224][ T30] audit: type=1800 audit(6039017016.018:60): pid=12750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1701" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 680.299660][T12751] Invalid ELF header magic: != ELF [ 680.361022][ T9737] Bluetooth: hci4: unexpected subevent 0x01 length: 125 > 18 [ 680.368855][ T9737] Bluetooth: hci4: Invalid handle: 0x1e1a > 0x0eff [ 682.090592][T12786] kernel read not supported for file /\*)A (pid: 12786 comm: syz.2.1711) [ 682.122155][ T30] audit: type=1800 audit(6039017017.878:61): pid=12786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1711" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 683.462989][T12813] kernel read not supported for file /\*)A (pid: 12813 comm: syz.3.1720) [ 683.506015][ T30] audit: type=1800 audit(6039017019.258:62): pid=12813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1720" name="\*)A" dev="mqueue" ino=32569 res=0 errno=0 [ 686.306464][T12853] FAULT_INJECTION: forcing a failure. [ 686.306464][T12853] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 686.391583][T12853] CPU: 0 UID: 0 PID: 12853 Comm: syz.4.1730 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 686.391616][T12853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 686.391630][T12853] Call Trace: [ 686.391638][T12853] [ 686.391646][T12853] dump_stack_lvl+0x16c/0x1f0 [ 686.391684][T12853] should_fail_ex+0x512/0x640 [ 686.391716][T12853] _copy_to_user+0x32/0xd0 [ 686.391747][T12853] simple_read_from_buffer+0xcb/0x170 [ 686.391782][T12853] proc_fail_nth_read+0x197/0x270 [ 686.391816][T12853] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 686.391850][T12853] ? rw_verify_area+0xcf/0x680 [ 686.391878][T12853] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 686.391911][T12853] vfs_read+0x1de/0xc70 [ 686.391946][T12853] ? __pfx___mutex_lock+0x10/0x10 [ 686.391979][T12853] ? __pfx_vfs_read+0x10/0x10 [ 686.392019][T12853] ? __fget_files+0x20e/0x3c0 [ 686.392061][T12853] ksys_read+0x12a/0x240 [ 686.392092][T12853] ? __pfx_ksys_read+0x10/0x10 [ 686.392132][T12853] do_syscall_64+0xcd/0x260 [ 686.392169][T12853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 686.392193][T12853] RIP: 0033:0x7fe7aaf8bb7c [ 686.392210][T12853] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 686.392233][T12853] RSP: 002b:00007fe7abe19030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 686.392255][T12853] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8bb7c [ 686.392270][T12853] RDX: 000000000000000f RSI: 00007fe7abe190a0 RDI: 0000000000000004 [ 686.392285][T12853] RBP: 00007fe7abe19090 R08: 0000000000000000 R09: 0000000000000000 [ 686.392299][T12853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 686.392313][T12853] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 686.392342][T12853] [ 686.907525][T12857] kernel read not supported for file /\*)A (pid: 12857 comm: syz.2.1731) [ 686.986972][ T30] audit: type=1800 audit(6039017022.688:63): pid=12857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1731" name="\*)A" dev="mqueue" ino=11255 res=0 errno=0 [ 687.305685][T12867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1735'. [ 687.328977][T12867] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1735'. [ 687.804099][T12859] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1733'. [ 687.849955][T12860] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1733'. [ 688.111009][T12881] FAULT_INJECTION: forcing a failure. [ 688.111009][T12881] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 688.193371][T12881] CPU: 0 UID: 0 PID: 12881 Comm: syz.4.1739 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 688.193402][T12881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 688.193416][T12881] Call Trace: [ 688.193423][T12881] [ 688.193432][T12881] dump_stack_lvl+0x16c/0x1f0 [ 688.193470][T12881] should_fail_ex+0x512/0x640 [ 688.193500][T12881] _copy_to_user+0x32/0xd0 [ 688.193530][T12881] simple_read_from_buffer+0xcb/0x170 [ 688.193564][T12881] proc_fail_nth_read+0x197/0x270 [ 688.193596][T12881] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 688.193628][T12881] ? rw_verify_area+0xcf/0x680 [ 688.193655][T12881] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 688.193686][T12881] vfs_read+0x1de/0xc70 [ 688.193719][T12881] ? __pfx___mutex_lock+0x10/0x10 [ 688.193752][T12881] ? __pfx_vfs_read+0x10/0x10 [ 688.193789][T12881] ? __fget_files+0x20e/0x3c0 [ 688.193830][T12881] ksys_read+0x12a/0x240 [ 688.193859][T12881] ? __pfx_ksys_read+0x10/0x10 [ 688.193898][T12881] do_syscall_64+0xcd/0x260 [ 688.193932][T12881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.193956][T12881] RIP: 0033:0x7fe7aaf8bb7c [ 688.193973][T12881] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 688.193995][T12881] RSP: 002b:00007fe7abe19030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 688.194017][T12881] RAX: ffffffffffffffda RBX: 00007fe7ab1a5fa0 RCX: 00007fe7aaf8bb7c [ 688.194032][T12881] RDX: 000000000000000f RSI: 00007fe7abe190a0 RDI: 0000000000000005 [ 688.194047][T12881] RBP: 00007fe7abe19090 R08: 0000000000000000 R09: 0000000000000000 [ 688.194061][T12881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 688.194075][T12881] R13: 0000000000000000 R14: 00007fe7ab1a5fa0 R15: 00007ffd1d38fa68 [ 688.194104][T12881] [ 688.717006][T12897] kernel read not supported for file /\*)A (pid: 12897 comm: syz.4.1743) [ 688.771135][ T30] audit: type=1800 audit(6039017024.518:64): pid=12897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1743" name="\*)A" dev="mqueue" ino=35222 res=0 errno=0 [ 690.960261][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.967325][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.554159][T12928] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1754'. [ 691.858952][T12932] kernel read not supported for file /\*)A (pid: 12932 comm: syz.1.1755) [ 691.932539][T12938] [ 691.934906][T12938] ====================================================== [ 691.941925][T12938] WARNING: possible circular locking dependency detected [ 691.948943][T12938] 6.15.0-rc1-syzkaller #0 Not tainted [ 691.954323][T12938] ------------------------------------------------------ [ 691.961432][T12938] syz.2.1758/12938 is trying to acquire lock: [ 691.967493][T12938] ffffffff9012d9a8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 691.976749][T12938] [ 691.976749][T12938] but task is already holding lock: [ 691.984109][T12938] ffff88805ed18aa0 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 691.994242][T12938] [ 691.994242][T12938] which lock already depends on the new lock. [ 691.994242][T12938] [ 692.004902][T12938] [ 692.004902][T12938] the existing dependency chain (in reverse order) is: [ 692.013932][T12938] [ 692.013932][T12938] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 692.022546][T12938] __mutex_lock+0x199/0xb90 [ 692.027595][T12938] smc_switch_to_fallback+0x2d/0x9f0 [ 692.033409][T12938] smc_sendmsg+0x13d/0x520 [ 692.038352][T12938] ____sys_sendmsg+0xa95/0xc70 [ 692.043660][T12938] ___sys_sendmsg+0x134/0x1d0 [ 692.048872][T12938] __sys_sendmsg+0x16d/0x220 [ 692.054002][T12938] do_syscall_64+0xcd/0x260 [ 692.059053][T12938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.065496][T12938] [ 692.065496][T12938] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 692.073171][T12938] lock_sock_nested+0x41/0xf0 [ 692.078386][T12938] sockopt_lock_sock+0x54/0x70 [ 692.083684][T12938] do_ip_setsockopt+0xfe/0x3240 [ 692.089063][T12938] ip_setsockopt+0x59/0xf0 [ 692.094019][T12938] udp_setsockopt+0x7d/0xd0 [ 692.099059][T12938] do_sock_setsockopt+0x221/0x470 [ 692.104630][T12938] __sys_setsockopt+0x1a0/0x230 [ 692.110015][T12938] __x64_sys_setsockopt+0xbd/0x160 [ 692.115661][T12938] do_syscall_64+0xcd/0x260 [ 692.120704][T12938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.127127][T12938] [ 692.127127][T12938] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 692.134376][T12938] __lock_acquire+0x1173/0x1ba0 [ 692.139757][T12938] lock_acquire+0x179/0x350 [ 692.144789][T12938] __mutex_lock+0x199/0xb90 [ 692.149850][T12938] do_ipv6_setsockopt+0x2042/0x4420 [ 692.155587][T12938] ipv6_setsockopt+0xcb/0x170 [ 692.160801][T12938] tcp_setsockopt+0xa4/0x100 [ 692.166014][T12938] smc_setsockopt+0x1b3/0xa00 [ 692.171227][T12938] do_sock_setsockopt+0x221/0x470 [ 692.176810][T12938] __sys_setsockopt+0x1a0/0x230 [ 692.182194][T12938] __x64_sys_setsockopt+0xbd/0x160 [ 692.188125][T12938] do_syscall_64+0xcd/0x260 [ 692.193185][T12938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.199635][T12938] [ 692.199635][T12938] other info that might help us debug this: [ 692.199635][T12938] [ 692.209862][T12938] Chain exists of: [ 692.209862][T12938] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 692.209862][T12938] [ 692.223542][T12938] Possible unsafe locking scenario: [ 692.223542][T12938] [ 692.231007][T12938] CPU0 CPU1 [ 692.236371][T12938] ---- ---- [ 692.241760][T12938] lock(&smc->clcsock_release_lock); [ 692.247237][T12938] lock(sk_lock-AF_INET); [ 692.254200][T12938] lock(&smc->clcsock_release_lock); [ 692.262108][T12938] lock(rtnl_mutex); [ 692.266096][T12938] [ 692.266096][T12938] *** DEADLOCK *** [ 692.266096][T12938] [ 692.274239][T12938] 1 lock held by syz.2.1758/12938: [ 692.279348][T12938] #0: ffff88805ed18aa0 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00 [ 692.289901][T12938] [ 692.289901][T12938] stack backtrace: [ 692.295790][T12938] CPU: 0 UID: 0 PID: 12938 Comm: syz.2.1758 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 692.295819][T12938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 692.295834][T12938] Call Trace: [ 692.295842][T12938] [ 692.295852][T12938] dump_stack_lvl+0x116/0x1f0 [ 692.295886][T12938] print_circular_bug+0x275/0x350 [ 692.295925][T12938] check_noncircular+0x14c/0x170 [ 692.295965][T12938] __lock_acquire+0x1173/0x1ba0 [ 692.295991][T12938] lock_acquire+0x179/0x350 [ 692.296011][T12938] ? do_ipv6_setsockopt+0x2042/0x4420 [ 692.296046][T12938] ? __pfx___might_resched+0x10/0x10 [ 692.296083][T12938] __mutex_lock+0x199/0xb90 [ 692.296116][T12938] ? do_ipv6_setsockopt+0x2042/0x4420 [ 692.296149][T12938] ? lock_acquire+0x179/0x350 [ 692.296170][T12938] ? do_ipv6_setsockopt+0x2042/0x4420 [ 692.296204][T12938] ? __pfx___mutex_lock+0x10/0x10 [ 692.296242][T12938] ? finish_task_switch.isra.0+0x221/0xc10 [ 692.296276][T12938] ? rcu_is_watching+0x12/0xc0 [ 692.296305][T12938] ? trace_sched_exit_tp+0xde/0x130 [ 692.296343][T12938] ? do_ipv6_setsockopt+0x2042/0x4420 [ 692.296376][T12938] ? rtnl_lock+0x9/0x20 [ 692.296396][T12938] do_ipv6_setsockopt+0x2042/0x4420 [ 692.296432][T12938] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 692.296467][T12938] ? __lock_acquire+0xaa4/0x1ba0 [ 692.296492][T12938] ? __mutex_trylock_common+0xe9/0x250 [ 692.296515][T12938] ? __pfx___mutex_trylock_common+0x10/0x10 [ 692.296539][T12938] ? __pfx___might_resched+0x10/0x10 [ 692.296573][T12938] ? rcu_is_watching+0x12/0xc0 [ 692.296601][T12938] ? trace_contention_end+0xdd/0x130 [ 692.296624][T12938] ? __mutex_lock+0x1ca/0xb90 [ 692.296658][T12938] ? smc_setsockopt+0x100/0xa00 [ 692.296681][T12938] ? __pfx___mutex_lock+0x10/0x10 [ 692.296718][T12938] ? ipv6_setsockopt+0xcb/0x170 [ 692.296749][T12938] ipv6_setsockopt+0xcb/0x170 [ 692.296783][T12938] tcp_setsockopt+0xa4/0x100 [ 692.296811][T12938] smc_setsockopt+0x1b3/0xa00 [ 692.296833][T12938] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 692.296872][T12938] ? __pfx_smc_setsockopt+0x10/0x10 [ 692.296896][T12938] ? errseq_sample+0x53/0x70 [ 692.296927][T12938] ? __pfx_smc_setsockopt+0x10/0x10 [ 692.296950][T12938] do_sock_setsockopt+0x221/0x470 [ 692.296986][T12938] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 692.297029][T12938] __sys_setsockopt+0x1a0/0x230 [ 692.297059][T12938] __x64_sys_setsockopt+0xbd/0x160 [ 692.297087][T12938] ? do_syscall_64+0x91/0x260 [ 692.297121][T12938] ? lockdep_hardirqs_on+0x7c/0x110 [ 692.297152][T12938] do_syscall_64+0xcd/0x260 [ 692.297187][T12938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.297214][T12938] RIP: 0033:0x7fd442b8d169 [ 692.297233][T12938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 692.297256][T12938] RSP: 002b:00007fd443a03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 692.297278][T12938] RAX: ffffffffffffffda RBX: 00007fd442da5fa0 RCX: 00007fd442b8d169 [ 692.297294][T12938] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0400000000000003 [ 692.297309][T12938] RBP: 00007fd442c0e2a0 R08: 000000000000056b R09: 0000000000000000 [ 692.297323][T12938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 692.297337][T12938] R13: 0000000000000000 R14: 00007fd442da5fa0 R15: 00007ffe89c21f78 [ 692.297359][T12938] [ 692.911659][ T30] audit: type=1800 audit(6039017028.538:65): pid=12932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1755" name="\*)A" dev="mqueue" ino=8248 res=0 errno=0 [ 693.062120][T12938] netlink: ct family unspecified