last executing test programs: 22.44016777s ago: executing program 3 (id=2166): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb701, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioperm$auto(0x90d5, 0xc, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/wg0/ucast_solicit\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000080)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0x4}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x44000}, 0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_PEER_REMOVE(r4, &(0x7f00000110c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000000e000)={0x18, r5, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x104}, 0x40) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) madvise$auto(0x0, 0xf88, 0x1b) socket(0x2, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x51) 22.110302701s ago: executing program 3 (id=2167): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/personality\x00', 0x40, 0x0) pread64$auto(r1, &(0x7f0000001800)='#\\h,\x00', 0x3, 0x8) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05cab20eabc25b6240b084785dac9ddeceedcf0c288633b6a40eb3c9a9a00a8140c1a5d3f4418e6820622dc5e8f300f88254e3b7a4052254f9c40b62b89841b2", 0x7b) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000002c00010004000000000000000c00010040000000000000000a00"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) r3 = socket(0x10, 0x2, 0x6) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x7, 0xa505}, 0x800}, 0x5, 0x400a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) writev$auto(0xca, 0x0, 0x7e) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x22080, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r4 = fcntl$auto_F_SETFL(r0, 0x4, 0xffffffffffffffff) fadvise64$auto_POSIX_FADV_RANDOM(r4, 0xfffffffffffffffe, 0x6, 0x1) 20.720941066s ago: executing program 3 (id=2171): close_range$auto(0x0, 0xfffffffffffff000, 0x2) pipe2$auto(&(0x7f0000000040)=0xffffffffffffffff, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x7, 0xeb1, 0x400, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) r2 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r3, 0x5393, r2) ioctl$auto(r1, 0x540a, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r4, 0x540a, r0) 20.133732336s ago: executing program 3 (id=2172): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) r0 = timerfd_create$auto(0x9, 0x0) semctl$auto(0x1ff, 0x3, 0x13, 0x4) read$auto(r0, 0x0, 0x80) ioctl$auto(0x3, 0x40085400, 0x5) timer_create$auto(0x0, 0x0, 0x0) timer_create$auto(0x3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x103200, 0x0) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x102, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) timer_create$auto(0xfffffffd, 0x0, 0x0) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0x10080c, 0x18007}, {0x8}}, 0x0) timer_gettime$auto(0x0, 0x0) io_uring_setup$auto(0x3ff, 0x0) write$auto(0x3, 0x0, 0x5c8) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x20243, 0x0) 19.259211284s ago: executing program 3 (id=2176): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x40, 0x0) ioperm$auto(0x7ff, 0x1, 0x4000005) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) pselect6$auto(0x4, 0x0, &(0x7f0000000180)={[0x2, 0x9, 0x2da0000, 0xc, 0x101, 0x1c00000, 0xa1, 0x4, 0xfffffffffffffffe, 0x8, 0x1, 0x9, 0x1, 0x0, 0xe, 0x80000001]}, 0x0, 0x0, 0x0) mbind$auto(0xfffffffffffffff6, 0x1, 0x8000000008000000, 0x0, 0x2, 0x298d) pread64$auto(r0, 0x0, 0x400, 0x9871) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x0, 0x5, 0xa) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r2 = syz_open_procfs$namespace(0x0, 0x0) fstat$auto(r2, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x580f, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) ioperm$auto(0x2, 0x31c, 0x4) sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000426bd7000fbdbdf25570000000400ff0010001d800c000080050007003e00000008001001090000000600ab000500000004004100"], 0x3c}, 0x1, 0x0, 0x0, 0x81}, 0x40) rt_sigqueueinfo$auto(0x0, 0xe6, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@buf=0x0, 0x2, 0x48000, 0x3000}, 0x4) 17.714589554s ago: executing program 3 (id=2180): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r1 = open(0x0, 0xeee00, 0x31) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x400000003, 0xeb1, r0, 0xb) (async) write$auto(0x3, 0x0, 0x100082) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) setns(0xffffffffffffffff, 0x0) (async) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) (async) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) (async) ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, &(0x7f0000000080)={0x8, r1, 0x9, "f74e6a58c5ea7623d1497d0439102af8"}) (async) r2 = socket(0xa, 0x2, 0x73) (async) write$auto_msr_fops_msr(r1, 0x0, 0x0) getsockname$auto(r2, &(0x7f0000000240), &(0x7f0000000280)=0xaea) setsockopt$auto(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)='\'-+\x00\x10\xa4#\x92`\xdb\xafL\x0f\xfbUV\xa6KH]Cv\xbf\xf2a\v', 0xeb66) (async) bind$auto(0x3, &(0x7f0000000140), 0x6c) fcntl$auto(0x0, 0x407, 0x100000) (async) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) shmctl$auto(0x9, 0xe, 0x0) (async) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async) memfd_create$auto(&(0x7f0000000000)='A\x00\x00\x00\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\f\x00\x00\v\x00E\xdb\x81\xd9\xd8\xe640\xc6\xa4Sr\x82\xcc\"K\xe1IIT\x00\x00\x00', 0xe) (async) rseq$auto(0x0, 0x8000, 0x0, 0x6) (async) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) (async) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) (async) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/clear_refs\x00', 0x404241, 0x0) 17.157516618s ago: executing program 32 (id=2180): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r1 = open(0x0, 0xeee00, 0x31) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x400000003, 0xeb1, r0, 0xb) (async) write$auto(0x3, 0x0, 0x100082) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) setns(0xffffffffffffffff, 0x0) (async) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) (async) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) (async) ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, &(0x7f0000000080)={0x8, r1, 0x9, "f74e6a58c5ea7623d1497d0439102af8"}) (async) r2 = socket(0xa, 0x2, 0x73) (async) write$auto_msr_fops_msr(r1, 0x0, 0x0) getsockname$auto(r2, &(0x7f0000000240), &(0x7f0000000280)=0xaea) setsockopt$auto(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)='\'-+\x00\x10\xa4#\x92`\xdb\xafL\x0f\xfbUV\xa6KH]Cv\xbf\xf2a\v', 0xeb66) (async) bind$auto(0x3, &(0x7f0000000140), 0x6c) fcntl$auto(0x0, 0x407, 0x100000) (async) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) shmctl$auto(0x9, 0xe, 0x0) (async) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async) memfd_create$auto(&(0x7f0000000000)='A\x00\x00\x00\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\f\x00\x00\v\x00E\xdb\x81\xd9\xd8\xe640\xc6\xa4Sr\x82\xcc\"K\xe1IIT\x00\x00\x00', 0xe) (async) rseq$auto(0x0, 0x8000, 0x0, 0x6) (async) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) (async) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) (async) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/clear_refs\x00', 0x404241, 0x0) 6.181987786s ago: executing program 1 (id=2207): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1000001e, 0xb, 0x8, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000200), r0) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'hsr0\x00', 0x0}) sendmsg$auto_NCSI_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r2, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x5}, @NCSI_ATTR_IFINDEX={0x8, 0x1, r4}, @NCSI_ATTR_IFINDEX={0x8, 0x1, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20000810) r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000003c0), r1) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x24, r6, 0x20, 0x70bd29, 0x25dfdbfc, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x22998fe5}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000040}, 0x4004801) semctl$auto_SETALL(0x8, 0xea, 0x11, 0x4) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_nfc(0x0, r8) sendmsg$auto_NFC_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r9, 0x829, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4810}, 0x8080) sendmsg$auto_NFC_CMD_START_POLL(r7, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, r9, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NFC_ATTR_COMM_MODE={0x5}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x7}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x7}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x6}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x3aa}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x7}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x1000}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x8001}]}, 0x54}}, 0x881) 5.793501664s ago: executing program 1 (id=2208): r0 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000fe00f7240400000004e931800f0003006e65746465766a4800080000"], 0x28}, 0x1, 0x0, 0x0, 0x8080}, 0x40) 5.647904336s ago: executing program 1 (id=2209): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0xf000, &(0x7f0000000040)={&(0x7f0000000240)={0x24, r0, 0x13, 0x70bd26, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x600}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x20040894) 5.486103905s ago: executing program 2 (id=2210): open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x20000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x103841, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) ioctl$auto(r1, 0x5, r0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) open_by_handle_at$auto(r3, &(0x7f0000000000)={0x8, 0x2, "8b00000000000000"}, 0x36c) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r2, 0x5412, 0x0) 4.525107494s ago: executing program 2 (id=2213): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x1, 0x5, 0x0) io_uring_setup$auto(0x78e6, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) madvise$auto(0x0, 0xc, 0x15) socket(0x25, 0xa, 0x1) mmap$auto(0x0, 0x400028, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdd, 0x38, 0x1, 0x8000000000000000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="20002cbd7000fcdbdf25150000001a052a0095c90add439e3ea7d1f19d005c44e2bbf0106346718dff1e062baf2be6d7fdf4947df7db8873ad444f1b91948920b6e657feba50c957106df4ab0b9bdece1e84ddec341baa538f198279d17dde300776a0504b16e204e6c15be3ac594adf9b4a0f27e284036ef69b59b0458df614f81495a524bcaa4ee474f3b52bcd3634ab02fd3f2a48c8cf441a5735487ec329e3b64d9989f3b3eac9feadce245c5b8d73970e78d60d37cc78e42fe6e427c24c0b46a6d5893327afd62ad3652420e73f6fe388e5941e673902b110c1d8bb48f75804543f8c2a1f6fdb0fe89e71bfc0e939131f2b08fc03be34d0151e69c3ed27a8ce3e6fc1e865db6725ad035e62213bd3180b1331ed8da42ef328dc5884bdf1cf55f69a0d4cc45083d1144037d80d4493d563dac51fa146cefe9ce251e28b7442679d6fa4ac51bdcf4a3d4a2994e570679604da6fdd567effc4f22489f7fac420f4205e49a1c216f4a433c35c6071e818af5ab73eb78b12673b5be54e49c70bfcd27e3d25e91de6b1d834530194f0973b462a61b0a6fe2511d80545e231a0cf93dc022617f14226b3c9b7ee178c2744d81c11a56ec1a06a7caee6923a778b758ba427d47d73cc692bde5e4ca0d3e295d531ad813a252a9b4f4903d933c0f8380bf40719dcb7ef81d7e42df5eecc87724fde7ad36d06e202e4a5d7574a01eb7ee73bf984570e610539f5619ab5efbb1f229c2bc96ed70a1c5a63ee7cc0692b64ec8f71b799787c79be636a183e837dbcd84e66572e2959957cc81bee5d26eb9fd429f6bfb34788a477c89462212ca246aac3f15bf6d2a0be630b98d3b9b2adec07377f902bf579e86c7c956d2fcc130352b5bd2a3b8c4000bec695d1c3b8a553a408bfbefdaf458b306d670a103421c5ff91507619ad5dcb2b00f4c6e88bb4a67d9345e4b279fe0f93058410e0c100bf5370c93741c144d1403542896bf6bd2fba786d5cbb50c5872bd89193eb845727c09acc0a5980e1c205858fa3d997e8daa96bd7d23ee5740f0f43fe2fa769f5a33b09333261a586339b2f1a7673b1f56b299d7703c620f1ab019173fcb3a68f5e15f5b4cf928fdadaea68db46c2783cc665c871b5fd9587e0472dc9129da8a89a47757505d501b27e2bce2543d4867bd6c02c8ef2814e9834a464668dae1d0f24b3f454febbb605bd758ce6fe260e534a15e933b3445bae07e3100ff635dbed8105124bb07db99aa8db9558eef2edbde359484fcb76ffdcc3d1d207cdaad1fd392907e385dd9ff61489cc50b9ed9ba9632c9c00f5226a6b2c15684b1d5acdfb1c3d826db4c208f8fed3862a0d08da8520b473cf12d803d83a7673f99ee9ddded5df152fab1447632dc286bddfdd"], 0x530}, 0x1, 0x0, 0x0, 0x4000000}, 0x90) mmap$auto(0x3, 0x401, 0x7, 0x16, 0x2, 0x5) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0) write$auto(r1, 0x0, 0x81) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f0000000780)='/sys/kernel/debug/tracing/README\x00', 0x20400, 0x0) bpf$auto(0x0, 0x0, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x141a40, 0x0) mmap$auto(0x0, 0x2020009, 0x951, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) 4.319125749s ago: executing program 0 (id=2214): socket(0x2, 0x2, 0x88) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) connect$auto(r0, &(0x7f0000000140)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x2020009, 0xfffffffffffffff3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0xfffffe13) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x38100, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$auto(r2, 0x0, 0x20) write$auto(r1, 0x0, 0x8ed) 4.159363419s ago: executing program 0 (id=2215): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/personality\x00', 0x40, 0x0) pread64$auto(r1, &(0x7f0000001800)='#\\h,\x00', 0x3, 0x8) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05cab20eabc25b6240b084785dac9ddeceedcf0c288633b6a40eb3c9a9a00a8140c1a5d3f4418e6820622dc5e8f300f88254e3b7a4052254f9c40b62b89841b2", 0x7b) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000002c00010004000000000000000c00010040000000000000000a00"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) r3 = socket(0x10, 0x2, 0x6) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x7, 0xa505}, 0x800}, 0x5, 0x400a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) writev$auto(0xca, 0x0, 0x7e) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x22080, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r4 = fcntl$auto_F_SETFL(r0, 0x4, 0xffffffffffffffff) fadvise64$auto_POSIX_FADV_RANDOM(r4, 0xfffffffffffffffe, 0x6, 0x1) 3.3596558s ago: executing program 2 (id=2216): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r0, 0x40046207, 0x9) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x52204b}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x880) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x2, 0xa, 0x9f, 0x1000000eb1, 0x401, 0x8000) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x8, 0xb, 0x0, 0x9, 0xfffffffffffffffc, 0x83, 0x6, 0x2, 0x9, 0xffff, 0x4000000000080002, 0xd, 0x3, 0xfffffffffffffffe, 0x7, 0x1000000006]}, 0x0, 0x0) syslog$auto(0x2, &(0x7f0000000000)='-#:\x00[\xda\xe2\xc3L\xd30{Q\xecvP\x93\x87\x1e\xdd\x95\x1b\x19qI\vv\xacO*X0V\x93\x85\xff\xb2\xdd\xd8\xd5Kh\xfa\xa3\xc7\x9b}\xec\x1e\xdc\x80\x1fR\xc30\x9a\xae\\\'\x14\x98\x98\xc3iDv\x97\xdfTMt\xe5?\xd0\xcc\xb8\xfa\a\x7f\x7f\x00\x00\x00\x00\x00\x00\x00n_\xb1\x1c\x7f\xb0y\xec\xe2\xcc\x1a/\xfa{d\xe4BN\x9c\xb9\x87.\xfe\xe7&1j\xe6]\xc3\x9anE6\x81\xe4\xec\xfa\xefE\xf7\x17h\xf4pumR\xd55Dd(\x0f(b\x1aD\xf4\x03\xc3\\\xdf\x8f\xa8\x82\xab\x102\xd1\xaf\xcaT\x86\x171\x11Q4\x94\x9d\xf5\x9c\xe3\xaa\xf3\xd26i\xf9\xb2\xd9T\xc9\xfd\xba\x91^\x19\x95\xde\xbc \xa8\x98\xc3\xed\xe9,{\xd4\xa1\xe4p\xcf\b\f\xb4\xbe_\xf2\xbe\xef\v\xf1d\xdd\x0e\xfc\xc3\xeaqt\x94\xe7\xce\xf1\xc5\x94~\xf6Cx\x0e\x98\xc7gE>*\x9c%\xa0\\\x14\t\tv.\x1c\x1a\xf1\xba\xc0>\xf4Hc\xc3\xfa\x033\x8f\xb9(\n/\xcdo\xc2', 0xcf) close_range$auto(0x2, 0x8, 0x0) shmget$auto(0x400, 0x10563, 0x568c12f2) shmat$auto(0x40000008, &(0x7f0000000240)='(\x00', 0xfffffffa) r2 = syz_clone(0x5a124800, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0) shmdt$auto(&(0x7f0000000300)='()h!/-^@(\']\x00\x01:\x1c\x00\x80\x00\x00b\xbfyv}\xa0X\x16UN\xc9\x93\a0\x81\xb4\xd7Y\x9e\xe7`\xa5q*\xa1\x12\xef&\xd4\x9c\x8a\x12\xea}d\xe6rRG=h\xe0(\x17\xb3w/\xe4\xb9\x8d\xf6\x14;\x10\xd2\x9c\xb9+\xbbw\xbd\xde\x89\xe5*\x92\x8c6\xa4\xfc\xe0\x93\x00\x00\x00\x00\x00l_\xa1U\a\"\xfe8\x90\x92\xbc\x8eR\x98\xfe\xe4\x87\xcb\xf4\x1e<\x83>\xf9s\x84\xb0\x0ec\x805\xe2\xd7\xf8\xcfwbF\xa4\xc8_\x00'/148) clone$auto(0x1000001002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) mmap$auto(0x0, 0xfffffffffffffff9, 0x4000000000dd, 0x10000000044eb0, r0, 0x2) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto_F_GETFL(r1, 0x3, r2) r4 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="110026bd7000ffdbdf250300000014008100ff010000000000000000000000000001c3c2da7ab71efdbb3014b0147edba3fb0773deaef9fffbd7d5b18502609f760be31b79f436902a20c68c8e74df91a7e51e8bfd8f0000005ebcd18454371e501587a05294d44cc590cd8101e835a2f8bdf206fb739d6da8544f6bd6a6230dd393f19499b72a3ca6f786f0a220a9c46e6dfb597eca325e0bf2dd9b29bb5a2c31ca71a19657b69a6d15286b1d4e0b8058d20000000000"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x44892) sendmsg$auto_NL80211_CMD_GET_POWER_SAVE(r1, 0x0, 0x200408c1) r5 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0x2, 0x80000, 0x2) setsockopt$auto(r5, 0x1, 0x12, &(0x7f0000000400)='\'\ak\xb6\xc8\vFx\xed\xd6\xf8\xa6-+\x00\x10\xa4#\x92`\xdb\xafL\x0f\xfbUV\xa6KH]Cv\xbf\xf2a\v', 0xeb66) 2.571424158s ago: executing program 0 (id=2217): r0 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000fe00f7240400000004e931800f0003006e65746465766a4800080000"], 0x28}, 0x1, 0x0, 0x0, 0x8080}, 0x40) 2.417423006s ago: executing program 1 (id=2218): r0 = timerfd_create$auto(0x9, 0x0) read$auto(r0, 0x0, 0x80) 2.263604116s ago: executing program 2 (id=2219): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) 2.235657878s ago: executing program 0 (id=2220): r0 = bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) pipe2$auto(&(0x7f0000000080)=r0, 0x3fb) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) r1 = socket(0x10, 0x2, 0xc) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @local}, @HSR_A_NODE_ADDR={0xa, 0x1, @broadcast}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40080}, 0x40) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4cb245184f86db27df250a00000a"], 0xf8}}, 0x10004010) clock_getres$auto(0xfffffffd, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)={0x1c, r4, 0xb81, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, 0x0, 0xc) mmap$auto(0x0, 0x400008, 0x2000000e, 0x17, r5, 0x9) r6 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) ioctl$auto_I2C_SMBUS(r6, 0x720, 0x0) socket$nl_generic(0x10, 0x3, 0x10) waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000200)={@siginfo_0_0={0x6, 0x4, 0x3, @_kill={0xffffffffffffffff, 0xffffffffffffffff}}}, 0x648, &(0x7f0000000280)={{0x7, 0xfffffffffffffe00}, {0xd031, 0x4}, 0x8, 0x9, 0x9, 0x6, 0x1, 0xb, 0x0, 0x8000, 0x1, 0x4, 0x7, 0x10, 0xd, 0x2}) 1.343829066s ago: executing program 1 (id=2221): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r0 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r0, 0x0, 0x400) clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r1, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(r1, 0x1, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b70, 0x7, 0x28000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r4 = fanotify_init$auto(0x5, 0x2000000000002) shutdown$auto(r4, 0xea7b) r5 = getsockopt$auto_SO_NETNS_COOKIE(r2, 0x1ff, 0x47, &(0x7f0000001180)='/dev/snd/pcmC1D1c\x00', &(0x7f00000011c0)=0x96e) inotify_add_watch$auto(r5, &(0x7f0000001200)='./file0\x00', 0x5) r6 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) read$auto(r6, &(0x7f0000000080)='\xbb\x00', 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x1, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r3, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x8000000000007}, 0x9) r7 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1c\x00', 0x94100, 0x0) sendto$auto(r7, &(0x7f0000001080)="7804aad6670cd1998cd5078fd8ab55ab12af52cc67f351d1950487269ae6231902ca6a87a3589a992035526e78c60ece0771c6f936ad920ac1a7f0cfbb1fc9065bd577458b0610a78cc97d68fcd553be270b62647ec6344e0ff539f9a313f0a3f4af269a5631fc97cd7eccd4d184cac2d790b80cab09d2ba6bf1763c2d5c27068a1e5b515826063e1ba1094c97ee2846bad513", 0x5, 0x4, &(0x7f0000001140)=@nfc={0x27, 0x0, 0x1, 0x4}, 0xa) getdents64$auto(r7, &(0x7f0000000040)={0x2, 0x100000000, 0x6a, 0x5, "d71d2e383d8861907c2abeb79cd35e4c8a3bb9a85066acbf90e7ce24c6f8e13127d3fd217af5c14e10f376c7ce55f30a1de13e00d028e704f2b936663f00756d7e07a14bf915ee5b4067cf0a4847277b915ffd264431f6b9d26e5ded406b799c9d4b1086104e158226745f79168eb9ca53331e88445e0a1f6fe88b95096eb13503dac2742eec2704bf29ff4d413baed2fd4c03251f731801b45a11023cd0f868336df947c624fbd2da0e81fcca5e110d4c1832967a3fe182301cb7011394fd9445a7578e79694b2f8e67af9eee33d8acdd407073fecae0e46cbd24d403e69964112b23a298a44959893ab2193f6ee9899472603e7f5af613199c70b5cafa302ba15c2195cfb5ff2ff87d1d55367cbea688163c8449781a32c55970285d497f903f2208a5bd7ec755caf13d8c5e97f779da9c699a9351364e04d146f93256638c62bc240d9b1b9f28dbd9cfb2b3133e95cf8d204689ef6314f64d7cf4eb6b98332f97cc64b672afd02d158de54d55e7ecad5211341707dfa900a8ae44e23a6dfb034cdc259a677c0bd12d31e4697771f6549ececa29c7c0d40d98efc19addde6d511b3e62f5f17caa13b384399761c42b193f103921fd825374c1922c663b46f5869908a4ffc791059e15458fb7d6610fcfcdec8d9191a9b3dfa09663d69805ada4e5b943fd102aeb8ef7c760e06a678122d8fc7e9cdf255bd4efc1438221ac4e9d9e92ba1b4c2e636381fe693e791a56f47c4542d7ed63c89c37299afa0b054e99deaac4a5ad12bf0909018daafcd2db9fe7b6ca01baef0de6d570d0e7434fb95a78bffbea245fd3236e7697b24db9ed7e8ad19730e81a69a1c8ec6adbdf8016b3fec55dceeb80df3fb40518c849b7226ee83f1ccb63313fb8fc3a53dd2f870fc0ab748c2ad955f09c766f7c9ad5458bdd424cad4e826b6ec4079371e4dfe5effef6eac8df1822003cdda33709c1596fcc4e428393ecaa4e1870a1c5a410fe62772ac521873680a8c8d43ba9ba1f059928a5214d0309e700ed2aab4efd680c64ea92411b7ab89668dddfedd89f856a03f9a80ad9b61511df469ff90330d8d39aee1b20c3a297b1006956ec8ba2942ff966cf340df9fcce5f7f1b8312fd3b0e5ffd4b0bbeac221df2304cd618cdd2b8e38f0952a88f85917e7d2ede05734361e306c2894f6e4a13784899eeb03ed1cce32bbbb63e56e038787093244192e3795b4aa01fa14d2f1812e6be1e23e79a85082cef820ed6e81e4538b0dd636147daf745778efd9b93b8fb30f58898ebd5a861ac294507dd60275ac1e26fa1d3fd61a748014fe7c8eeaa464894ba47842374b57d1e3c74b8422d194db8d18ea2a1f5890798b3f8f543bcd864a656ef1a8cfdabb4885edd2867e0805177181de3281a09e505cabcb47f14b82d1f0e14c66f5e6103b95c6be23a8da301cca088b67df2bc1e380a00ca32c02593cad89164f403ecd9ff5541c125eb26c2fc8252c7e889b5926f7433d48a016d75c5aa3ae95e4bdd2dead89c5055d6fc92c7afadb0d37f5dc8494c4fb9ba711f76448ebe70dac483bc0241262e94a6e76809dc71d1eb1f6a82bd75d18b85439cfa6ffc62baac396dd88fe2f78fb1f8b44a1059182eede91fe7d6b327bbe8a8284e3a3d875f332279defc418fb78ba09fd1a1c66fdc3a8e03d96b25302c3c344bc9387a22ef8cebe0321a997fd0e2574b0e34ff9626043927b3437c0b6038226ccd53d199d85ac4647246b57f5b278374d49efa341ea29cbd56281588b77e577cf6c1f4b3f229b3f74b32b2183e20eed9c0c190f3f3ac5f5d57ee823b84053aca80a404a94a0fedbf0a60bb9eec7581d996348f7da263567a169f20dd7841ceb3fafda53c72cd81b15ab4bd773dbb8bef972113a8a2f5c3356f6e055254e6bdb3db80a04f321bd67905d3230264ca99b8bf7047bf974375b39fdcc5e4bde095103d54947e0500e48639b6ca6ece5ae5c3b77d81fa9ec80c37b8e34e8e19aca32900202827ebe7d07828397f43ad4d6625572c3fb0cbc016293c684cb0dacb04e838c0520441a81eb9be90aa7b1065b5a4deee790c0568e7358152bbe6afe8f53e0a2c57e730ac0d6517365152f37e7e5a1cabb632e1b3520adb004451121423b46a5c36e509c70348e79c2ff3e9dfd9195f6663c7b054d1fbf99a1a7a07e866366e7a0814176861dc7b94623a7eb11e87825232a74a3f98f458be59b1e1a84de67fec23aa0a9f0e0a03757d494558c11f2a131a89658cd667b6247072f75174b90fa636da170157c7efccdae88ce28abe807c0956cc25d7f5b10fd3ed3525ef2c829701acb49b2f4eb2f51e870aa807570cc0a75c678fb576f6aeea9ff9d0c75b8862b86a59e9a63921907f9fe4efa936f0b0ced9fa6b4499c2758938fd1f6cdd69e6ebaf8b9044d32c7e8e7a4580b36cf2153223ef6012a077336235015401b014db5034b83fd5c0c563494a97a79c3f4e634586d419cbf43ccb5e0d3a9ca7cc955a321566032c30061c8ffcdcb3b3f55630cc121f98caddb30ccc5c301e2aa252d98852539b350315921aea5d5e34756b6d112e195090151ff89fc273a11eecdb54ec0b010fa30a3b0e3db4d8641d21847920424ca65d653319fe34c79cd5b7e01ec60db21884219a693dae92e62a347aa09a2a86775eaeb571085eedc6ac0b6384255365bae5e2566daebf63b7fe86611215a30f0b1646eed3d396c8d85c0155b1fd1929e840102bb325275b84c05f7c9c0a5a601d1f16a827e3d485a1a384b791ff01f5d1e4496de578ed0397d72b4db1a583f30043e4aff2624c5bda90f1c187943724d4e74c5642a1318fe717b92e95d5eefdc5768da314f263f73bd09d60768a306da492f42ebb0e0c5aa1c1fef9d40bfed67d2c699953cc6ac7e19cecb5a8340dbb3d51896e5d88ddc1e5c20990cbe58eba3bd1b656d179c9d3539c3fa2c35541db26b6a74b714a9341f1fc3b979186cdbe53197e0a7f5f4fc9fc18877ebb5f2a0a50ee4401630ce713a1b6341e43e5776283147ebcb4e34497f91d99af83b5b293e754da4318ab86100b4e2f5d962c7092feaf3da0af1e8f68b09d7e7284bd1f431e161abc6b1c18ef89f88715703a62a6ff50f7359b261d78cf3dd006b376225cb7e40ee2830f6fb60f602301c0e7cc26ccc6965940d3ae13f3c35ac34f5d5a1e224ff6dace796df562329db168e3fcc6da4bddfa40e19a025742a01be6002fd8a4ff981e22b3d753a071c14d2e50859cb23e5569b7f40c2bc77e2be4e484968e1b5058e728cd12ea7b4e8e02e7cc246eceddc9bcd0928931c296d7e4e1009ece90fc971aa01b10707092eaa3e749295ba71bf273aa7f852fe8be9195caa7edd1eb84209b9a7c3c027df16eb84acd7ec2d42da250cebf3c063e43080ea796391298872a10d69f41a3cc6f8807c0b1ce0323fc73d3e2db1e282ef7298349a12d7f3608ea4bdd63f7f485d221f893c70ac5a0834933baa0e4b5c441d8a6db7eec7b2a21ea60734ab903a303b870a1ddfc9abb669a7febe1fd36631ac4a726134d860caf1d03080036651279246cd9f36d6535693ec9ad6541455164874eae820ce407ea769120673c1fc2b7bf3c2640604cf7baa8bf01f73979f62528524c2f455780fcab3be2a5f7a303f3ccdc8a687797d2ff004a4a7429ec7b6c0f15971ff0f8551b340b5e012270497bc46cbad0fd63441d9fac0d03134b410df2612d18b7cded9b49ae82b6da27f1e6b766a1c87e6afd541e736804431e9f69a617ed5789bc145d9bffd8ab8022c847d4d4f4355175e44eddfb89a072943f0b114b5c018df4b9cb48e51e761c1024698fbb0a17608198b4136aab2d2cf30d0c50dc57bed15ab4e585ac40a2b4856bf95f1c8c52e07090a9dd9f44b8e2b2203cb23b255370e4ee96aab22b72f1088492785ad397a64b354a4fcc219768e70390eca92af8368b7b4f25aae6c554ca3dd979f88910280b35ff2011b73ee00c5d92bd72b3489d1830059d2bcf70ae48d91926e8391956121d1756eb0e90b8ea675db71b3ae4869ae7c8dacec3b76a8c1e191d78f893e5ca43331575ecf90479b3e997aa6de9a8a162dd3cc260e456b3bd025b21b1b3b56a0c430500a28ee2a1a61ccb9cea385799bb563c46417aefbe6c2d6c8ee311c6589add1a6c9262dd43b8a02cb5d49203e1717c697d179a10e32729aef995855d340fac3ff364a3a504ceb5ff5a62f8e84b06b94faee6e830a9e57cc59baad680a6885635546b7ca8f2c9740806b2c56578f7bab9b43e865bae22a94373edf35694e162698c8d4a9a2000ae16c2fc0116dc5420962d2f198cedb925897f7134bed60fc482e04aca7a190c167f5576768c532c1f60935b7142830f15035f50b0e3587fcb85880dcca711629ec04cfc879f62c13a1a5eeb45f5ca648bca900fa749bb042591873404fdbbf0a668ccfa0478edb5b9c536dd2918c6307326bdebce359f5c0b9c3db9995d4cd8e655a850f60a3566b77ee7a59932e59572f9550462cf2999bba186ba6a666b2b7b4203add30a1c73cee8786eb4d326bf7d0ce686d2f648ff112877802ae652f01a8bdc124d534bd0595ac1a93ecb97eb851ba022e062e69f242cb7b22a06cf138c93b2f33493950424550effec9f713a9d48fc3c043b4ac7d5b64354b11b9aba33f59f757ae8105f2a478703aa5abe8a8f6921d95c83af90678b415b5c0d99fa0a02e13d438f73bc9571c282ff4fe6136b330ba857e61cfc0abfa54b3d2463c0c25128b2c095d1ee297db0faffd52ba4dbf894e4a2d2d5ac11073cf5542cf95b5035f4894533c40b2acf784c88cf3a956a9ef1dc2210adecd5cb7d74bd357659eee6da0688e666a5fa366cae67e13765fecf8ec1a608284dbca28c775e8499424c8e33398bfdb6f2738a653e24f6858448f33a96939e4e508944d571722e861056277ad02e7459263bd4885cd7dea3544c3b3c8fc7b75f8ed55afc4f8be071b3b62206d87a791e3ddb6a6d31a2e972fc7f1a76c3b98c2d721f91e871dc2f581166531d8e40e5adc63152cddd659543c4692d8b25d2aff8bc9e1dac2ba8af29738ae9cb19c2a78a68e015722a8c06f215bfa5adb7beea18c9f1e9dd3f2bf2195a1b72e6d10ecfded7b5befe2ba6ec460c04353e1b0955763358b60bfa951fd5daba9df596fb7e26f6433f37568241e61ee4d0a629481c43898d0a1a42c7a2db5114c0156869753dcd4d6827eeb641458b5c4d368be9e166312a834338557944d6264bcb156009ca63671a8ed26d29e9250ddc9dda824701dc84fabe6a3be0e72bec14ed3f0e81540815bf21ff8a395ef93713134806ced164c3788d22ba23b68aaaf48c3399fd1d160cbdff96817175e4ac0b2769a8a413d9de6225d7980e14ee3f83c84aced5fffc5b97ff9c4403efd51e4cd9f08589e4bfefa8d3f8c3b7855d4f453fd8781d7f51165fc6ebf6409aae8f2b0cac7ca947ae9598c89d315b1a7fa97199e14a53ee3d1f00e9c9de9c2cb6a318afea0d5897b38df812b04741a67901a4aab90419b4a17bdfb9b55553aa6543dc765119aa0f8d82849a93631b3cf120c60deab8bbd8d8fa508d1a92aeb6478420686c4f8571478cf2b46512190108dd8500f720bad08fafda7e420d811d1fceba2f6ee836b6db6aa410e2fe6684395a0166e30e47522cabfc474739767651cadef11050bc6d2ad39234de3500934cdf11199c2f6d73cb9a2f27f503f189b45938b5333cc24adab999355e1b1bb4c173e045b2665f96866443a14ace1d935de17a1a5ce91c"}, 0x4) 1.113505073s ago: executing program 2 (id=2222): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_fragmentation_threshold_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy14/fragmentation_threshold\x00', 0x404240, 0x0) write$auto(0x800000000000c8, 0x0, 0x1a) mmap$auto(0x0, 0x9, 0x40, 0x32d4, 0x10000, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r1, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 992.902196ms ago: executing program 1 (id=2223): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x40, 0x0) ioperm$auto(0x7ff, 0x1, 0x4000005) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) pselect6$auto(0x4, 0x0, &(0x7f0000000180)={[0x2, 0x9, 0x2da0000, 0xc, 0x101, 0x1c00000, 0xa1, 0x4, 0xfffffffffffffffe, 0x8, 0x1, 0x9, 0x1, 0x0, 0xe, 0x80000001]}, 0x0, 0x0, 0x0) mbind$auto(0xfffffffffffffff6, 0x1, 0x8000000008000000, 0x0, 0x2, 0x298d) pread64$auto(r0, 0x0, 0x400, 0x9871) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x0, 0x5, 0xa) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r2 = syz_open_procfs$namespace(0x0, 0x0) fstat$auto(r2, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x580f, 0xffb, 0x8000000008011, 0x3, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0x40001, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) ioperm$auto(0x2, 0x31c, 0x4) sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000426bd7000fbdbdf25570000000400ff0010001d800c000080050007003e00000008001001090000000600ab000500000004004100"], 0x3c}, 0x1, 0x0, 0x0, 0x81}, 0x40) rt_sigqueueinfo$auto(0x0, 0xe6, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@buf=0x0, 0x2, 0x48000, 0x3000}, 0x4) 829.201077ms ago: executing program 2 (id=2224): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop9\x00', 0x22040, 0x0) read$auto(0x3, 0x0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r0, 0x0, 0x401) close_range$auto(0x2, 0xa, 0x0) connect$auto(0x3, 0x0, 0x55) ftruncate$auto(r1, 0x80) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x125900, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = semctl$auto_SETVAL(0x81, 0x7ff, 0x10, 0x7740) sendmsg$auto_NL80211_CMD_VENDOR(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x1154, 0x0, 0x200, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x2}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x37, 0x25, 0x0, 0x1, [@nested={0x10, 0x1e, 0x0, 0x1, [@typed={0x8, 0xc3, 0x0, 0x0, @pid=r3}, @typed={0x4, 0xea}]}, @generic="4dc9dd", @nested={0x20, 0x4c, 0x0, 0x1, [@nested={0x4, 0x38}, @typed={0xf, 0x80, 0x0, 0x0, @str='/dev/loop9\x00'}, @nested={0x4, 0x41}, @nested={0x4, 0x52}]}]}, @NL80211_ATTR_NAN_FUNC={0xf8, 0xf0, 0x0, 0x1, [@generic="9805ade7809739d2667f624248b7ebbe20de68bf976e87a26eadf842d107a02ab132771e9f3de682442bdaf38c5132d0c3cf7ec13804b6426d65baf755887a99edbc23c8c0a4b2ba1ae05837c7dc991c3ae5aa092ccaa43d48cf9183765827f7a73306c93d6387ac22dbb01e2c48c5b723cd88a3b9103371ae4612a368cb8d4033fb0246df4006432f8bf9eced7a0781093e438b38f4a1a645104246320912fa6c75b98b1daf8f123e5f96559056c8aa9b934e48", @typed={0x3f, 0xb4, 0x0, 0x0, @binary="9d52831c4dc98b70fb640d3f5473b53dc3c3799821a3285fa9ab8b3c5f0b291299a9cbf71ffea608e949e5c225b308ddd1a6791ff942a81c0d9e86"}]}, @NL80211_ATTR_S1G_CAPABILITY={0x1004, 0x128, "378041dd2b6181f8042ef6d6b6ec6b3a4229d09f890a8f64d621c09c41dbdc52692dda16927389090cb2889e35e090c96b55d926343f47c82cddab1425d25bc04817a1e46168106788eee195fdeaf6e46cf6813cf40dcf09ed2c4f658d0463da5d9c1336aa768195b5a985327b51beb7569030a1d0b1dfa1220987f36e557550d381e39d7258d19dfec2beaeb44c4e41aa30a2974ae031265a574014bfb9299b28121dbbcff8d6f63469c4879e59bdcfed4314f68d09db85f0cc98494ec79ebfa7def4b227ef97737077d9323d30fafa9241737a7eb1e0d948059bb8e0cc04364deb469bf72ef9c2518c5bf2e318c22a46cc5c1ef950053cc059bec5212c0dff8ac2fd9086abe395675fa3f7a4a53179a9f1ea60e0792a5ea61f67fe42627caeef4dd656a63afb928d93878062a704328e7f34feea31aa34aeadf8a0edc1964bef7e6b1c4898dccf05dd76ac36642321daa87b2f82d6876105fc6f952e0398de64043054a274701152a5180d856b6d2372cc24b6a4576ec367bd4aafe3aec8dd579476b2e6fb8bd32e743c58b73dd43788d738260ad713c9f2863c579c716f16024fe25cb12a3868ee36f05d4fa56332c8f3b65b049e895a6c8d90bc2fd25f870c50cbc11969b9f9b13891506c1b4f4279b81165606d023adb3c041a66393340d9d348b6aa0aabccc6c30d1dc11e0f906f418dece0087040f55b9f565f59d14d48f55c6e5d58e65bcd17216861b47b5579fcecafb19e34c007a09a414a27c17e433461e5c4eeb97ed25b5d2bc2bcfb9e5118ad7f0232765b9db6a5212a2d9e233135871e48d0f4cfe8b78ac94667e0908e989b78bacec025e294d5fc383ea65ba11c85a69004cf8b8ffcd226829a3eda0735a3ba5e32d84733124159e861bed6504ce3b62a2e617b75f05b7f8f7378343231bbabf22dc4b8b0da88622a12fe1c4e29bc998e1b3f9bb8d31c3a429255db0d848bd76a803425953d9b7e61b280c1cfdb2960d185343e04f2bf0b0dee89b6173cf29c72f90bdc03392cffa6e16b22c45d5584be320a00fd9aebb867b47ade717c6a9296dc31052307d8cdd7eaba37a38cfd5ce4b7fea5a9b9e33eaf1c28bf915decea7738ddd72765606f2fff7423346dae139f4811a538e1d3d772452254c0b6afe097a5c701846e133df7c7f3488a98b3a4adfcf4c7e7f9a98939ec58e5f08d54806e4d0cb429a67cacf653666b538c2822249e642884858c7aa169b74f4c8c7c651fbb6275aaf7fa1588ff482d28dd8c4af459c566dabb93a400ed944d56844bcee7d46310296d90494126bf67b39e4d0344cefdc9962686bfc64e34d8c4c9583f6f157c449828694b3ddb70b9e03dd82e4bda9287caad4b21eaced5f28df391ceb83f489cfb4ea1a2bad6cbe14b8eefd897fecc39503f91e33d7a18f3fafc835f5cd1fbfd873af28729d6cb7d2d53d81cbdce441f3c146427723a1d822a59e801fb6d126b32397612100fa434105c1e065331328f0fb8b6cc8a7f41eedb45d30f81a183ede13cfc3a11a586fc27086c5aeb43718ec5928bd55c06576289178594ac1e3ce923874f08e30b39a0db4dfcb1d855a9d9cc4a0fdd6172a9e067403bd9c0595f6bc81fc7d6a162e8fb84ae724154d83934d00822bdd2839d9a45d55d8e7c6ab4631d80ddbdd19f11c583dda2939edba44cc7b437d7b121b74dff4e1708d104f4df5d6c23befd6da9d6f54a70e8433ea10b416b4eebe57cb578ef84f837612422c59a0c073483a9a5253f71aabbfd1abbbe8d57ce3016320bfd12063ae1055cb77c13d9a1bcf63b96671db695127b9b6db3d0a374341a7eb2d801b92b429cf2f4da5dd792c5d9f2fced5e54bab98630ac165df145840199c6bc7002f890ff5e0d35c83bb85caef6a2054b30ca91418ca28088ccf563ee8c83f778929b03361c4994959d5f62c0163efbef8674694babc3e5a306c5ff250bcbcbfdc73773eab62cd03f2cba3fddd695dd4d1554db21d2fe974c9cf7391cc4b7a8b1348e09e61bdabea2e4451a84c5cb2832f97a0b8a71329c5cc60a17a92a840253d75e11e1aa90cdf244612d2a188d0ada28703ba6352d7965e9e6c428b5bcf66271af90a4a5b44c033c80d6eb2daade567bceec90268afc812db0082217f7fbaa8b3f9290602be52b1da10f57d599be9b60097eaf02254da39a99680a2b145b3175f50528f7df06db3aeeb20f8b389316dae7771d2f79be87a8f97d94afe58ae1ef2273f9cfcda864fe94ff5acc7b114a60db908ecb985e755a1ff5d6c7ea9c02cf9026633c8a29ba7a541f39b909b04a51ae59d27b3b85a9f9c4d29dde986854d78770d75d16f61f1a19d50fc93fdb271bcd8aa51c463c89f5f945be1fc470232124d57da4c0e0d449d608dea2c1deb01d8e794c57a99f502ebaa121dc28543fb78d2729c75b5623accfed22e3ca5f504f8837668a845c180222c29fd4f8f54a1601319406a1f6982cc0882710b041a4d4b30369deda845426f9525a88c8f0b4b40a4a56458aa77d5eea82a733dd7ad84c1edd6d34adf39962f453310e23990db269db83a3e282bac65896d5b40109a5a15e3844c90320712a25d32ec50428170e11499b3ff513cb8edc7c2639d525fb8bab1f8db48d5a00332faa3166c98d188541e0ec4548ac38171616306d2e075297e10bc1d0f05bcd2faf6e9eec920b6a76944a4bc655985d3cbf9ec499cbf7bd0f910ea1847373e7649e1a6fd585b0de20accde9b3520e774152a83c602510a0edb266621f2548acc9acc49462993a704c20c49696ec3f3db0907ab75fd718dbb421d8d2edacfe5ce9abf4f8eeaec82787c372ed935bc489d341009934b2460a9ef12304939dee928f65dc4cdeb8617533de991f439c7d6999407d1826b0fae92ebf94bc89e2e66e877594ac2c363051375e0088fe02a037fa901f6bbe18fdc17eee1010b01d476ca08b814c92ab647b553202def815065cf1011001d9a45aa3e5faa270253c76407b97fe931d347fb03b1d3b80b89ab977a142867fcb2465ee2103f1e31193eb46d17f214145c95f7c489d0902a1d7cc95bbe2befad77fa8e551edb17ac485dd4156b9534daa23ace6df828add6e2cd8727c64f9e6eae7d010b9b13a988111c7699736296f26fc27df301415a3ec49e0c301e9e67e9e12e48b1ea5f240d11b953801822d5950c82cef6225f936e9e4cb1876bebabd38c9d6e3f512688f34cfe4b98319ff1f5da5d5672f746ec7c47371376897447f0ebd697f03ad2bf1c9e3edac233a6159417af0b27655e95b17df05933d759878768c867fd96ec48b0d5b1aa25abd2ff463b36313c2af8316b2a6b5742d28b291fcd34f382e599be0b97d6a2c56445b99c9c9580eae3051e7facdbad42bfd3f3271970dccce198b702dac331c6cf47494a264311857fc8694c6944db29f6754d5424e6e01db81e1d306c248f6ba8f1184feff97b6f79b88f16fd7506c1dd3df8c23cf1f3892ff103f6bc82c0ba126965fb078ff55529a9e80e02e49de7fad67979e2d4fbfc13bd5e69347160f727087d311aa7c5a1f69f0b9956a79d1f7a047c72447853b8071c67eaa5ccc30b7912d9043e9a8f78fc2fb1be14346250c2c5560446e45c31a96d78eed0d1f3be32d2ca618482db5a0c843c1de08209d3c9ef2c1305956a5d44f28d708153cee3f316e86273eb40e434c5c57e6d1e5ede35b5664a6a9be0205e5b416b4a03944d90a75914a5e498317c879df7d37e6036dd35d814ac4b286ce43ecdbc9e13b424abfa96c69a1e8442acfa18a72cee32eac8b6032ad9f25b006670d37b10e00ed3d20b3e780a6cac433dd5fdae90c1f39f7cb91ea2859a37db1990bae2ee518cc031c67fdc1a27f5a56cd80c9d92440ce4e28a6628316662059437eb013cc741b5ea0efac60feaa975ccb3e77bd5fdcd2f1316a5f52b98fce48d1e3b43e72abcf8b4beef1ead12e65bd0b4f34aa83cf4895b078177713f961a9ca5b7d2da8acde5c359b7b5c6b4e76d72f39c4d7cdd12025caaccbb8fdd44c5a930814dd734122206af742895c49b8cace8611bbd42eb3adfaefa650fe22a920abdb9027ca8b6806e37ab40a7c11ee7774ad798926d7a1dc1d89834eb4de4c3042ba42c36ae30a3ece2d9efc3b7729dcb79f03bacf7478b7e23820f8ef21c2b2ef5aafe58c703eecdc80c3e610b3e85f897dbfde67822e16f0b2b0bad0dff91dcebe19575339757e53655bb3806851ad0281057ce8ba43c9424fd894cf6e4e73e23eae750d40acc3c2bc49c6b52ebe1de0d84444617e1382b27631fbcfff85183e9e44390556976103b5695eea70876ad1c3538c8fdec9a36ad811c0090ac064ce4abafdd78f706f2c10299077694bfb474a3bab77872b8cc4cc3aa8ac2b0fb1ad16cc0beedd4390ad9dbd753558f4b64a4c9e7f564539c267311c8a0e98c92a904c316e8705e644db8a328ff8f5b26b1cc7bcd36df097945c43be224f3f2b844e029a87a861bbcf08c3a2cc7c697f157304984be40820a830905ef752e14c79058ea719f7beb3aa25695f5eacfe640f0e474081ca7a54994341266da413b8ce14a0315f17ab5b388b81fd0f0353f6c197ae3b513e56a648dbd5b01f660736949add4ae6b72a040373aeb8797d13991d156cb07c593ced3823f56ae9ec6535252a178952454fbc343699f7d8c593336378188851583f4d63f3eddec2026721207580f138a55be2e60a6799b34063608ee59723df3da6dd98158e933ff697c28e79f85e082092e5cc7b702c38534487dbf024d42ce8c0cf74fb0cf0770404a0c69aff8b102b26d084b1591beeb87456d579c5f7b43dcf9a96bdf20246895a9f7cc69af5657f4c4dcd30d7a02a71c5175bbe12da6858c987857cd37c9fa0c9c4121d88e10c8d06288aa07319bb400bab1aff164a7c48aa6cad99ccba5d81561e10ea9f6e0b0c33813714f84ba27e938a2c7b8d295737b98779c10ecfb1ee5083397cd971a534489475757ad1eb9790e4ee349e981a5b30e2e73b93a7a89a40c68877c4513dec9728c9b8e6db7a9cd5c5bfa3eaf6f1d47365ace7e754c8b8bfb10121926fdb8acdbea0c94ea15f2a541423a17bfcd9f3e9242435e2fc68228ed642cc930c3120ea69a0555e55496db5b5a266be3dbf8734159843ac6cfc37d85cc67a345dda828022d22a646bdae78b6e7289ed8c1aeff5c93b5cc21a25f879d8241f34c2cf43ad3ec6a6e68379b0d556e7c702456dedabd811996b804d558177c5718b1ec8469c5a34233948b2f7957f0f5fbc083752c6c990bbbcfd28530a353c663185d1812eef4738cc5cb35333c23bd8a772dcfca4c8dd7bd31b9be1aa17d92f1614d2b9f389903c63da4c1a6d65f73d142555ae55f1c505d47224cde309e97cdbb88fd90fda08509af254a6ff4fd5d0b8451cb740316b0adf54808e55a3d95fd54a0d9c30abf02de4f7581baf8148b05ce3ae3131169975796e086661e9af01ec62b404f7ed98d3ee5c797cbbacecaf7c0f666d0e238c95bf4742afa2dbdfbaf010820e43684c323a8532906b3cd5de0285b619d0e415c008276d4108ace4f27a263175d2dbd3a3f6765a895907bebc43140075214654543a257a117264cfdf260b6600d2785382c6a3d391dd5c67e945b707881510564013b14db6985b1a0eeacd335d234b7ae9d7aab69ca9e0af025ee5c2a01bc4ac3a3b13e50df2b089d5cd0df2284971f9b51cfd8c60f905d5ec097f6c9c41780563b9037b15df7f83801f21b25cd6df91381f8fb23078fd0900c757003a45bc74d40bf873abc5"}]}, 0x1154}, 0x1, 0x0, 0x0, 0x8080}, 0x24040081) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x41555856, 0xf, 0x2008, 0x0, 0x0) r4 = accept$auto(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_FTM_RESPONDER_STATS(r4, 0x0, 0x8001) 805.791962ms ago: executing program 0 (id=2225): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) close_range$auto(0xffffffffffffffff, 0x8000, 0x0) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r0, @ANYRES32], 0x18}}, 0x4000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4040202}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)={0x254, 0x0, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x8}, @NL80211_ATTR_MLO_LINK_DISABLED={0x4}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_IE_RIC={0x230, 0xb2, "b453f1977e84cf359df741a19778aaf1a036ac2b145087479b47d93a63fc145e68fe91c62acd8b3a026e356def522e402ca1040c86df951ed8daa7fd3abdadfa4f36257eec7bdade78e1589222a1fbfc12cc631df7f014e300f352151a4463d7422e7a6a66f15bdf6c5bd55435173287fee35fbd2d7857bb225129872823746f7c78f5eca2f782ad53d284f39716b5e5e24093b980b13688f8f7eb464c4a5f17bedd77a37f2bcb56c9f5a324a2649ac80956e6049dbd259d81d4550798a2675dfc53a067a68dba79ec2657e006d5dabc00da013d2e258b83d56898225ac815cb13c10346431e1adb721f5889643e012bf3fba9c6932a3ad0a2275482e57b05388e466332de0ea510b5cae54d4e038b6c09e603b88e2313ff90a278af041083dd33c5e8f804678cdbc2758d7338f0d7fe5fd64f70a3660643a5d9f707ddbd29448cd6fb8664f4e7bf1182abb45f563c25b9732bf8243888148e441ffd8f6d8ca46eb0df7cb127b59b1e5481a89af04c2de58fb38c52ed2d642fc4294cb3d4056be9ec86b29d999e87a6071b33350e0e110741820c33ffdc6771eb6c1b5f4cfd0a17663727b93e0d86b532b52fcc4b1cbbb266e201a87bc99f14c669c3654504d1b7c891fc6af24fddff3986c57fb9a1e6d48d42de3026517e5021072c944f25210fc1292ed2529a7faef2c8af6774685c0d54ed5a37469a4d1e5a1ae40511ac354133933eaa717327a006cc293be216884291b2d0d402d3e38005db00489db7ac0da17c77840a8a7cbb53ab38"}]}, 0x254}, 0x1, 0x0, 0x0, 0x4000804}, 0x4000) 483.603455ms ago: executing program 4 (id=2183): r0 = pipe$auto(0x0) getsockopt$auto_SO_NOFCS(r0, 0x9, 0x2b, &(0x7f0000000240)='\'{()\xa6(\x00', &(0x7f0000000280)) (async, rerun: 64) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) (rerun: 64) mmap$auto(0x0, 0x400005, 0x200001, 0x9b72, 0x2, 0x8000) (async) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) (async, rerun: 32) ioctl$auto_PPPIOCSCOMPRESS(r1, 0x4010744d, &(0x7f0000000180)={&(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x8, 0x3}) (async, rerun: 32) ioctl$auto_BLKROSET(r0, 0x125d, 0x0) r2 = socket(0x1, 0x1, 0x1) bind$auto(r2, &(0x7f0000000140), 0xd) (async) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) connect$auto(0x3, &(0x7f0000000140), 0x55) (async) acct$auto(&(0x7f0000000080)='\xc8\x90?|\xcd\x10{\xe2\xf3\x8e\xb5\xba(\xf9\xe6\xc9\xfc\xad\xf6\xe1Z\x80\x06\xd1\x0e\x16]\xe1\xbf\xa7\x130xffffffffffffffff, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto_USBDEVFS_REAPURBNDELAY(r1, 0x4008550d, &(0x7f0000000380)=&(0x7f00000002c0)="95fac444c43857d99f6d3fdb5e484712750e5f1593c780c5dfd986ed159686f42128f5a70ff3e7a9abd3565fdd6aa275127c2e88c8eaa2b25acbb51df338183f0c1d7182fa1143c7c164ff0366b374facf8220169c5c3a9ca3a9c52d8d79bc1cf0340c6ef7949a3ca2d567f60058a2d3f79032661b37b23c80ecf9a6329926542f01a1f6afcb9dc8f7277fa0eb87533c86cd6b4f6036349b828e675a2de50695b843a2a85b") ioctl$auto(r2, 0x540a, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) r4 = socket(0x2, 0x6, 0x0) r5 = getsockopt$auto(r4, 0x10d, 0x14, 0x0, &(0x7f0000000000)=0xd) ioctl$auto(r3, 0x540a, r1) r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000180), r5) sendmsg$auto_NFC_CMD_DISABLE_SE(r5, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x7c, r6, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x7}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x2}, @NFC_ATTR_SE_APDU={0x29, 0x19, "f150f5243588d2bf457e407374ca27e58d8cfda80211a886a79c336fb3af65f298a5550988"}, @NFC_ATTR_DEVICE_NAME={0x4}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x2}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x4}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x4}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20008840}, 0x20004000) 0s ago: executing program 4 (id=2227): r0 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000fe00f7240400000004e931800f0003006e65746465766a4800080000"], 0x28}, 0x1, 0x0, 0x0, 0x8080}, 0x40) kernel console output (not intermixed with test programs): BIOS Google 12/27/2024 [ 439.961260][T11374] Call Trace: [ 439.961266][T11374] [ 439.961274][T11374] dump_stack_lvl+0x16c/0x1f0 [ 439.961307][T11374] should_fail_ex+0x50a/0x650 [ 439.961343][T11374] _copy_from_user+0x2e/0xd0 [ 439.961367][T11374] copy_msghdr_from_user+0x99/0x160 [ 439.961400][T11374] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 439.961440][T11374] ? __pfx___lock_acquire+0x10/0x10 [ 439.961475][T11374] ___sys_recvmsg+0xdc/0x1a0 [ 439.961507][T11374] ? __pfx____sys_recvmsg+0x10/0x10 [ 439.961537][T11374] ? find_held_lock+0x2d/0x110 [ 439.961577][T11374] ? __pfx___might_resched+0x10/0x10 [ 439.961611][T11374] ? __might_fault+0xe3/0x190 [ 439.961639][T11374] do_recvmmsg+0x2f8/0x740 [ 439.961675][T11374] ? __pfx_do_recvmmsg+0x10/0x10 [ 439.961723][T11374] ? vfs_write+0x306/0x1150 [ 439.961758][T11374] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 439.961798][T11374] ? __fget_files+0x206/0x3a0 [ 439.961837][T11374] __x64_sys_recvmmsg+0x239/0x290 [ 439.961877][T11374] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 439.961919][T11374] do_syscall_64+0xcd/0x250 [ 439.961950][T11374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.961980][T11374] RIP: 0033:0x7ff35b58d0a9 [ 439.961999][T11374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.962021][T11374] RSP: 002b:00007ff3593f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 439.962043][T11374] RAX: ffffffffffffffda RBX: 00007ff35b7a5fa0 RCX: 00007ff35b58d0a9 [ 439.962058][T11374] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 439.962072][T11374] RBP: 00007ff3593f6090 R08: 0000000000000000 R09: 0000000000000000 [ 439.962086][T11374] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002 [ 439.962100][T11374] R13: 0000000000000000 R14: 00007ff35b7a5fa0 R15: 00007ffeb7f829c8 [ 439.962130][T11374] [ 439.971281][T11367] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1438'. [ 440.477751][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.484526][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.203084][T11423] netlink: zone id is out of range [ 443.212536][T11423] netlink: zone id is out of range [ 443.222719][T11423] netlink: zone id is out of range [ 443.232924][T11423] netlink: zone id is out of range [ 443.247373][T11423] netlink: zone id is out of range [ 443.252792][T11423] netlink: zone id is out of range [ 443.288236][T11423] netlink: zone id is out of range [ 443.314160][T11423] netlink: zone id is out of range [ 443.329495][T11423] netlink: zone id is out of range [ 446.116714][T11461] FAULT_INJECTION: forcing a failure. [ 446.116714][T11461] name failslab, interval 1, probability 0, space 0, times 0 [ 446.161826][T11461] CPU: 0 UID: 0 PID: 11461 Comm: syz.3.1463 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 446.161868][T11461] Tainted: [U]=USER [ 446.161876][T11461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 446.161890][T11461] Call Trace: [ 446.161899][T11461] [ 446.161909][T11461] dump_stack_lvl+0x16c/0x1f0 [ 446.161946][T11461] should_fail_ex+0x50a/0x650 [ 446.161981][T11461] ? fs_reclaim_acquire+0xae/0x150 [ 446.162015][T11461] should_failslab+0xc2/0x120 [ 446.162038][T11461] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 446.162083][T11461] ? down_write+0x14e/0x200 [ 446.162116][T11461] ? vm_area_dup+0x53/0x2f0 [ 446.162154][T11461] vm_area_dup+0x53/0x2f0 [ 446.162187][T11461] copy_process+0x776f/0x8c50 [ 446.162235][T11461] ? __pfx_copy_process+0x10/0x10 [ 446.162257][T11461] ? __pfx___futex_wait+0x10/0x10 [ 446.162310][T11461] ? fd_install+0x223/0x750 [ 446.162348][T11461] kernel_clone+0xfd/0x960 [ 446.162373][T11461] ? __pfx_kernel_clone+0x10/0x10 [ 446.162419][T11461] __do_sys_clone+0xcf/0x120 [ 446.162442][T11461] ? __pfx___do_sys_clone+0x10/0x10 [ 446.162465][T11461] ? __pfx___might_resched+0x10/0x10 [ 446.162516][T11461] ? rcu_is_watching+0x12/0xc0 [ 446.162551][T11461] do_syscall_64+0xcd/0x250 [ 446.162591][T11461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.162624][T11461] RIP: 0033:0x7f6a7578d0a9 [ 446.162644][T11461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.162665][T11461] RSP: 002b:00007f6a76635fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 446.162688][T11461] RAX: ffffffffffffffda RBX: 00007f6a759a5fa0 RCX: 00007f6a7578d0a9 [ 446.162705][T11461] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 446.162719][T11461] RBP: 00007f6a7580e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 446.162733][T11461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.162746][T11461] R13: 0000000000000000 R14: 00007f6a759a5fa0 R15: 00007ffdce226638 [ 446.162778][T11461] [ 446.324103][T11472] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1464'. [ 447.174985][T11479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1467'. [ 447.434990][T11485] FAULT_INJECTION: forcing a failure. [ 447.434990][T11485] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 447.621134][T11485] CPU: 0 UID: 0 PID: 11485 Comm: syz.1.1470 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 447.621171][T11485] Tainted: [U]=USER [ 447.621179][T11485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 447.621191][T11485] Call Trace: [ 447.621198][T11485] [ 447.621208][T11485] dump_stack_lvl+0x16c/0x1f0 [ 447.621244][T11485] should_fail_ex+0x50a/0x650 [ 447.621283][T11485] _copy_from_user+0x2e/0xd0 [ 447.621309][T11485] copy_msghdr_from_user+0x99/0x160 [ 447.621341][T11485] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 447.621369][T11485] ? lockdep_hardirqs_on+0x7c/0x110 [ 447.621399][T11485] ? hlock_class+0x4e/0x130 [ 447.621431][T11485] ? __lock_acquire+0x15a9/0x3c40 [ 447.621469][T11485] ___sys_sendmsg+0xff/0x1e0 [ 447.621500][T11485] ? __pfx____sys_sendmsg+0x10/0x10 [ 447.621529][T11485] ? __pfx___lock_acquire+0x10/0x10 [ 447.621585][T11485] ? __pfx___might_resched+0x10/0x10 [ 447.621619][T11485] ? __might_fault+0xe3/0x190 [ 447.621647][T11485] __sys_sendmmsg+0x201/0x420 [ 447.621682][T11485] ? __pfx___sys_sendmmsg+0x10/0x10 [ 447.621721][T11485] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 447.621762][T11485] ? fput+0x67/0x440 [ 447.621785][T11485] ? ksys_write+0x1ba/0x250 [ 447.621813][T11485] ? __pfx_ksys_write+0x10/0x10 [ 447.621849][T11485] __x64_sys_sendmmsg+0x9c/0x100 [ 447.621880][T11485] ? lockdep_hardirqs_on+0x7c/0x110 [ 447.621906][T11485] do_syscall_64+0xcd/0x250 [ 447.621936][T11485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 447.621967][T11485] RIP: 0033:0x7feda4d8d0a9 [ 447.621984][T11485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 447.622006][T11485] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 447.622029][T11485] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 447.622044][T11485] RDX: 00000000000009a6 RSI: 0000400000000000 RDI: 0000000000000003 [ 447.622059][T11485] RBP: 00007feda2bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 447.622073][T11485] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000002 [ 447.622087][T11485] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 447.622117][T11485] [ 448.497294][T11497] erspan0: entered allmulticast mode [ 450.698563][T11526] net_ratelimit: 1 callbacks suppressed [ 450.698586][T11526] netlink: zone id is out of range [ 450.785107][T11526] netlink: zone id is out of range [ 450.852033][T11526] netlink: zone id is out of range [ 450.923880][T11526] netlink: zone id is out of range [ 451.045380][T11526] netlink: zone id is out of range [ 451.109703][T11526] netlink: zone id is out of range [ 451.114883][T11526] netlink: zone id is out of range [ 451.156069][T11526] netlink: zone id is out of range [ 451.161239][T11526] netlink: zone id is out of range [ 451.236047][T11526] netlink: zone id is out of range [ 451.243555][T11533] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1482'. [ 452.923247][T11567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1487'. [ 453.980917][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1492'. [ 454.658135][T11601] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 457.604039][T11651] net_ratelimit: 11 callbacks suppressed [ 457.604062][T11651] netlink: zone id is out of range [ 457.689822][T11651] netlink: zone id is out of range [ 457.694996][T11651] netlink: zone id is out of range [ 457.824768][T11651] netlink: zone id is out of range [ 457.956211][T11651] netlink: zone id is out of range [ 457.995880][T11651] netlink: zone id is out of range [ 458.061705][T11651] netlink: zone id is out of range [ 458.218350][T11651] netlink: zone id is out of range [ 458.223539][T11651] netlink: zone id is out of range [ 458.345988][T11651] netlink: zone id is out of range [ 460.705957][T11692] Invalid ELF header magic: != ELF [ 461.577797][T11708] FAULT_INJECTION: forcing a failure. [ 461.577797][T11708] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 461.690374][T11708] CPU: 0 UID: 0 PID: 11708 Comm: syz.3.1520 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 461.690415][T11708] Tainted: [U]=USER [ 461.690423][T11708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 461.690435][T11708] Call Trace: [ 461.690443][T11708] [ 461.690452][T11708] dump_stack_lvl+0x16c/0x1f0 [ 461.690486][T11708] should_fail_ex+0x50a/0x650 [ 461.690525][T11708] _copy_from_iter+0x465/0x1560 [ 461.690558][T11708] ? __pfx__copy_from_iter+0x10/0x10 [ 461.690579][T11708] ? __virt_addr_valid+0x1a4/0x590 [ 461.690609][T11708] ? __virt_addr_valid+0x5e/0x590 [ 461.690632][T11708] ? __phys_addr_symbol+0x30/0x80 [ 461.690655][T11708] ? __check_object_size+0x488/0x710 [ 461.690683][T11708] netlink_sendmsg+0x813/0xd70 [ 461.690718][T11708] ? __pfx_netlink_sendmsg+0x10/0x10 [ 461.690746][T11708] ? __might_fault+0xe3/0x190 [ 461.690781][T11708] ____sys_sendmsg+0xaaf/0xc90 [ 461.690808][T11708] ? __pfx_____sys_sendmsg+0x10/0x10 [ 461.690830][T11708] ? __lock_acquire+0xcc5/0x3c40 [ 461.690883][T11708] ___sys_sendmsg+0x135/0x1e0 [ 461.690917][T11708] ? __pfx____sys_sendmsg+0x10/0x10 [ 461.690962][T11708] ? trace_lock_acquire+0x14e/0x1f0 [ 461.691008][T11708] __sys_sendmmsg+0x201/0x420 [ 461.691043][T11708] ? __pfx___sys_sendmmsg+0x10/0x10 [ 461.691085][T11708] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 461.691126][T11708] ? fput+0x67/0x440 [ 461.691149][T11708] ? ksys_write+0x1ba/0x250 [ 461.691178][T11708] ? __pfx_ksys_write+0x10/0x10 [ 461.691214][T11708] __x64_sys_sendmmsg+0x9c/0x100 [ 461.691245][T11708] ? lockdep_hardirqs_on+0x7c/0x110 [ 461.691271][T11708] do_syscall_64+0xcd/0x250 [ 461.691302][T11708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.691332][T11708] RIP: 0033:0x7f6a7578d0a9 [ 461.691351][T11708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.691373][T11708] RSP: 002b:00007f6a76615038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 461.691398][T11708] RAX: ffffffffffffffda RBX: 00007f6a759a6080 RCX: 00007f6a7578d0a9 [ 461.691414][T11708] RDX: 0000000000000007 RSI: 0000400000000200 RDI: 0000000000000002 [ 461.691429][T11708] RBP: 00007f6a76615090 R08: 0000000000000000 R09: 0000000000000000 [ 461.691442][T11708] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 461.691456][T11708] R13: 0000000000000000 R14: 00007f6a759a6080 R15: 00007ffdce226638 [ 461.691486][T11708] [ 461.770381][T11693] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1516'. [ 462.297055][T11707] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1519'. [ 462.345425][T11693] netdevsim netdevsim2 netdevsim1: entered allmulticast mode [ 463.160265][T11705] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1521'. [ 463.195922][T11705] veth1_macvtap: entered allmulticast mode [ 465.389262][T11738] FAULT_INJECTION: forcing a failure. [ 465.389262][T11738] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 465.413247][T11738] CPU: 0 UID: 0 PID: 11738 Comm: syz.2.1529 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 465.413286][T11738] Tainted: [U]=USER [ 465.413293][T11738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 465.413306][T11738] Call Trace: [ 465.413313][T11738] [ 465.413322][T11738] dump_stack_lvl+0x16c/0x1f0 [ 465.413356][T11738] should_fail_ex+0x50a/0x650 [ 465.413395][T11738] _copy_to_user+0x32/0xd0 [ 465.413421][T11738] simple_read_from_buffer+0xd0/0x160 [ 465.413462][T11738] proc_fail_nth_read+0x198/0x270 [ 465.413491][T11738] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 465.413521][T11738] ? rw_verify_area+0xcf/0x680 [ 465.413548][T11738] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 465.413576][T11738] vfs_read+0x1df/0xbf0 [ 465.413606][T11738] ? __fget_files+0x1fc/0x3a0 [ 465.413638][T11738] ? __pfx___mutex_lock+0x10/0x10 [ 465.413666][T11738] ? __pfx_vfs_read+0x10/0x10 [ 465.413705][T11738] ? __fget_files+0x206/0x3a0 [ 465.413744][T11738] ksys_read+0x12b/0x250 [ 465.413771][T11738] ? __pfx_ksys_read+0x10/0x10 [ 465.413808][T11738] do_syscall_64+0xcd/0x250 [ 465.413838][T11738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.413869][T11738] RIP: 0033:0x7f7512b8babc [ 465.413888][T11738] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 465.413910][T11738] RSP: 002b:00007f7513ab0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 465.413932][T11738] RAX: ffffffffffffffda RBX: 00007f7512da5fa0 RCX: 00007f7512b8babc [ 465.413947][T11738] RDX: 000000000000000f RSI: 00007f7513ab00a0 RDI: 0000000000000005 [ 465.413961][T11738] RBP: 00007f7513ab0090 R08: 0000000000000000 R09: 0000000000000000 [ 465.413974][T11738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 465.413988][T11738] R13: 0000000000000000 R14: 00007f7512da5fa0 R15: 00007ffe641d34f8 [ 465.414019][T11738] [ 466.195999][T11752] netlink: zone id is out of range [ 466.245261][T11752] netlink: zone id is out of range [ 466.300817][T11752] netlink: zone id is out of range [ 466.301725][T11749] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1530'. [ 466.328120][T11752] netlink: zone id is out of range [ 466.333475][T11743] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1530'. [ 466.366406][T11752] netlink: zone id is out of range [ 466.381873][T11752] netlink: zone id is out of range [ 466.401431][T11752] netlink: zone id is out of range [ 466.434723][T11752] netlink: zone id is out of range [ 466.462151][T11752] netlink: zone id is out of range [ 466.490099][T11752] netlink: del zone limit has 8 unknown bytes [ 466.737574][T11763] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1536'. [ 467.150112][T11767] can0: slcan on pty238. [ 467.326938][T11764] can0 (unregistered): slcan off pty238. [ 468.200130][T11802] netlink: 182 bytes leftover after parsing attributes in process `syz.3.1543'. [ 468.319673][T11803] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1544'. [ 469.103732][T11829] FAULT_INJECTION: forcing a failure. [ 469.103732][T11829] name failslab, interval 1, probability 0, space 0, times 0 [ 469.199541][T11829] CPU: 1 UID: 0 PID: 11829 Comm: syz.0.1548 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 469.199579][T11829] Tainted: [U]=USER [ 469.199586][T11829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 469.199599][T11829] Call Trace: [ 469.199607][T11829] [ 469.199616][T11829] dump_stack_lvl+0x16c/0x1f0 [ 469.199651][T11829] should_fail_ex+0x50a/0x650 [ 469.199684][T11829] ? fs_reclaim_acquire+0xae/0x150 [ 469.199715][T11829] ? tomoyo_realpath_from_path+0xb9/0x720 [ 469.199745][T11829] should_failslab+0xc2/0x120 [ 469.199768][T11829] __kmalloc_noprof+0xcb/0x510 [ 469.199800][T11829] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 469.199838][T11829] tomoyo_realpath_from_path+0xb9/0x720 [ 469.199869][T11829] ? tomoyo_path_number_perm+0x235/0x590 [ 469.199896][T11829] ? tomoyo_path_number_perm+0x235/0x590 [ 469.199927][T11829] tomoyo_path_number_perm+0x248/0x590 [ 469.199952][T11829] ? tomoyo_path_number_perm+0x235/0x590 [ 469.199981][T11829] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 469.200040][T11829] ? __pfx_lock_release+0x10/0x10 [ 469.200069][T11829] ? trace_lock_acquire+0x14e/0x1f0 [ 469.200099][T11829] ? lock_acquire+0x2f/0xb0 [ 469.200127][T11829] ? __fget_files+0x40/0x3a0 [ 469.200163][T11829] ? __fget_files+0x206/0x3a0 [ 469.200199][T11829] security_file_ioctl+0x9b/0x240 [ 469.200228][T11829] __x64_sys_ioctl+0xb7/0x200 [ 469.200258][T11829] do_syscall_64+0xcd/0x250 [ 469.200286][T11829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.200315][T11829] RIP: 0033:0x7ff35b58d0a9 [ 469.200339][T11829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 469.200361][T11829] RSP: 002b:00007ff3593f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 469.200383][T11829] RAX: ffffffffffffffda RBX: 00007ff35b7a5fa0 RCX: 00007ff35b58d0a9 [ 469.200398][T11829] RDX: ffffffffffffffff RSI: 0000000000005459 RDI: 0000000000000003 [ 469.200411][T11829] RBP: 00007ff3593f6090 R08: 0000000000000000 R09: 0000000000000000 [ 469.200424][T11829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 469.200438][T11829] R13: 0000000000000000 R14: 00007ff35b7a5fa0 R15: 00007ffeb7f829c8 [ 469.200469][T11829] [ 469.200537][T11829] ERROR: Out of memory at tomoyo_realpath_from_path. [ 469.372100][ C1] vkms_vblank_simulate: vblank timer overrun [ 470.055154][T11844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1552'. [ 472.187247][T11890] openvswitch: HfR: Dropping previously announced user features [ 472.237544][T11890] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1561'. [ 472.365703][T11890] HfR: left promiscuous mode [ 472.440121][T11897] FAULT_INJECTION: forcing a failure. [ 472.440121][T11897] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 472.482178][T11897] CPU: 1 UID: 0 PID: 11897 Comm: syz.0.1566 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 472.482216][T11897] Tainted: [U]=USER [ 472.482224][T11897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 472.482237][T11897] Call Trace: [ 472.482245][T11897] [ 472.482254][T11897] dump_stack_lvl+0x16c/0x1f0 [ 472.482289][T11897] should_fail_ex+0x50a/0x650 [ 472.482322][T11897] ? __pfx___might_resched+0x10/0x10 [ 472.482361][T11897] should_fail_alloc_page+0xe7/0x130 [ 472.482385][T11897] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 472.482422][T11897] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 472.482457][T11897] ? __pfx___lock_acquire+0x10/0x10 [ 472.482488][T11897] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 472.482529][T11897] ? lock_acquire.part.0+0x11b/0x380 [ 472.482562][T11897] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 472.482599][T11897] ? find_next_iomem_res+0x1c6/0x4f0 [ 472.482622][T11897] ? __pfx_lock_release+0x10/0x10 [ 472.482657][T11897] ? lock_acquire+0x2f/0xb0 [ 472.482685][T11897] ? find_next_iomem_res+0x54/0x4f0 [ 472.482709][T11897] ? do_raw_read_unlock+0x44/0xe0 [ 472.482731][T11897] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 472.482768][T11897] ? policy_nodemask+0xea/0x4e0 [ 472.482805][T11897] alloc_pages_mpol+0x1fc/0x540 [ 472.482837][T11897] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 472.482880][T11897] alloc_pages_noprof+0x131/0x390 [ 472.482904][T11897] get_zeroed_page_noprof+0x14/0x50 [ 472.482929][T11897] machine_kexec_prepare+0xb5f/0xf70 [ 472.482964][T11897] ? __pfx_machine_kexec_prepare+0x10/0x10 [ 472.482994][T11897] ? __pfx_alloc_pgt_page+0x10/0x10 [ 472.483034][T11897] do_kexec_load+0x65b/0x8c0 [ 472.483059][T11897] ? __pfx_do_kexec_load+0x10/0x10 [ 472.483084][T11897] ? _copy_from_user+0x59/0xd0 [ 472.483112][T11897] __x64_sys_kexec_load+0x1bf/0x230 [ 472.483142][T11897] do_syscall_64+0xcd/0x250 [ 472.483173][T11897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.483204][T11897] RIP: 0033:0x7ff35b58d0a9 [ 472.483222][T11897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.483244][T11897] RSP: 002b:00007ff3593f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 472.483267][T11897] RAX: ffffffffffffffda RBX: 00007ff35b7a5fa0 RCX: 00007ff35b58d0a9 [ 472.483282][T11897] RDX: 0000400000000080 RSI: 0000000000000002 RDI: 00000000000000ff [ 472.483296][T11897] RBP: 00007ff3593f6090 R08: 0000000000000000 R09: 0000000000000000 [ 472.483311][T11897] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 472.483324][T11897] R13: 0000000000000000 R14: 00007ff35b7a5fa0 R15: 00007ffeb7f829c8 [ 472.483353][T11897] [ 472.750188][ C1] vkms_vblank_simulate: vblank timer overrun [ 474.563310][T11924] net_ratelimit: 20 callbacks suppressed [ 474.563333][T11924] netlink: zone id is out of range [ 474.575940][T11924] netlink: zone id is out of range [ 474.584819][T11924] netlink: zone id is out of range [ 474.594735][T11924] netlink: zone id is out of range [ 474.645361][T11924] netlink: zone id is out of range [ 474.679104][T11924] netlink: zone id is out of range [ 474.684281][T11924] netlink: zone id is out of range [ 474.736080][T11924] netlink: zone id is out of range [ 474.741268][T11924] netlink: zone id is out of range [ 474.776115][T11924] netlink: del zone limit has 8 unknown bytes [ 476.157970][T11953] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 477.780473][T11986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1597'. [ 478.938827][T12001] sctp: [Deprecated]: syz.1.1602 (pid 12001) Use of int in maxseg socket option. [ 478.938827][T12001] Use struct sctp_assoc_value instead [ 479.073041][T12000] FAULT_INJECTION: forcing a failure. [ 479.073041][T12000] name failslab, interval 1, probability 0, space 0, times 0 [ 479.113310][T12000] CPU: 1 UID: 0 PID: 12000 Comm: syz.1.1602 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 479.113356][T12000] Tainted: [U]=USER [ 479.113364][T12000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 479.113379][T12000] Call Trace: [ 479.113388][T12000] [ 479.113399][T12000] dump_stack_lvl+0x16c/0x1f0 [ 479.113443][T12000] should_fail_ex+0x50a/0x650 [ 479.113480][T12000] ? fs_reclaim_acquire+0xae/0x150 [ 479.113512][T12000] should_failslab+0xc2/0x120 [ 479.113536][T12000] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 479.113574][T12000] ? mas_alloc_nodes+0x18b/0x8b0 [ 479.113606][T12000] mas_alloc_nodes+0x18b/0x8b0 [ 479.113638][T12000] mas_node_count_gfp+0x105/0x130 [ 479.113667][T12000] mas_preallocate+0x53f/0xce0 [ 479.113706][T12000] ? __pfx_mas_preallocate+0x10/0x10 [ 479.113749][T12000] ? __raw_spin_lock_init+0x3a/0x110 [ 479.113795][T12000] __mmap_region+0x1738/0x2760 [ 479.113821][T12000] ? __pfx___mmap_region+0x10/0x10 [ 479.113867][T12000] ? hlock_class+0x4e/0x130 [ 479.113891][T12000] ? mark_lock+0xb5/0xc60 [ 479.113933][T12000] ? schedule+0x298/0x350 [ 479.114002][T12000] ? cap_capable+0xb3/0x250 [ 479.114034][T12000] mmap_region+0x1ab/0x3f0 [ 479.114064][T12000] do_mmap+0xd8d/0x11b0 [ 479.114102][T12000] ? __pfx_do_mmap+0x10/0x10 [ 479.114134][T12000] ? __pfx_down_write_killable+0x10/0x10 [ 479.114174][T12000] vm_mmap_pgoff+0x203/0x3a0 [ 479.114215][T12000] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 479.114253][T12000] ? __x64_sys_futex+0x1e1/0x4c0 [ 479.114281][T12000] ? __x64_sys_futex+0x1ea/0x4c0 [ 479.114313][T12000] ksys_mmap_pgoff+0x7d/0x5c0 [ 479.114343][T12000] ? rcu_is_watching+0x12/0xc0 [ 479.114373][T12000] __x64_sys_mmap+0x125/0x190 [ 479.114418][T12000] do_syscall_64+0xcd/0x250 [ 479.114453][T12000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.114486][T12000] RIP: 0033:0x7feda4d8d0a9 [ 479.114507][T12000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.114530][T12000] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 479.114554][T12000] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 479.114568][T12000] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 479.114582][T12000] RBP: 00007feda4e0e2a0 R08: fffffffffffffffa R09: 0000000000008000 [ 479.114596][T12000] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 479.114608][T12000] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 479.114637][T12000] [ 479.882073][T12016] FAULT_INJECTION: forcing a failure. [ 479.882073][T12016] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 479.904639][T12016] CPU: 0 UID: 0 PID: 12016 Comm: syz.0.1606 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 479.904677][T12016] Tainted: [U]=USER [ 479.904684][T12016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 479.904697][T12016] Call Trace: [ 479.904705][T12016] [ 479.904714][T12016] dump_stack_lvl+0x16c/0x1f0 [ 479.904747][T12016] should_fail_ex+0x50a/0x650 [ 479.904785][T12016] _copy_from_user+0x2e/0xd0 [ 479.904806][T12016] copy_msghdr_from_user+0x99/0x160 [ 479.904835][T12016] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 479.904863][T12016] ? __lock_acquire+0xcc5/0x3c40 [ 479.904894][T12016] ? hlock_class+0x4e/0x130 [ 479.904915][T12016] ? __lock_acquire+0x15a9/0x3c40 [ 479.904952][T12016] ___sys_sendmsg+0xff/0x1e0 [ 479.904983][T12016] ? __pfx____sys_sendmsg+0x10/0x10 [ 479.905010][T12016] ? __pfx___lock_acquire+0x10/0x10 [ 479.905060][T12016] ? __pfx___might_resched+0x10/0x10 [ 479.905087][T12016] ? __might_fault+0xe3/0x190 [ 479.905109][T12016] __sys_sendmmsg+0x201/0x420 [ 479.905137][T12016] ? __pfx___sys_sendmmsg+0x10/0x10 [ 479.905171][T12016] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 479.905205][T12016] ? fput+0x67/0x440 [ 479.905223][T12016] ? ksys_write+0x1ba/0x250 [ 479.905247][T12016] ? __pfx_ksys_write+0x10/0x10 [ 479.905275][T12016] __x64_sys_sendmmsg+0x9c/0x100 [ 479.905299][T12016] ? lockdep_hardirqs_on+0x7c/0x110 [ 479.905320][T12016] do_syscall_64+0xcd/0x250 [ 479.905345][T12016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.905372][T12016] RIP: 0033:0x7ff35b58d0a9 [ 479.905388][T12016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.905406][T12016] RSP: 002b:00007ff3593f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 479.905436][T12016] RAX: ffffffffffffffda RBX: 00007ff35b7a5fa0 RCX: 00007ff35b58d0a9 [ 479.905450][T12016] RDX: 0000000031cd3c7c RSI: 0000400000000080 RDI: 0000000000000003 [ 479.905463][T12016] RBP: 00007ff3593f6090 R08: 0000000000000000 R09: 0000000000000000 [ 479.905476][T12016] R10: 00000000000000b1 R11: 0000000000000246 R12: 0000000000000002 [ 479.905490][T12016] R13: 0000000000000000 R14: 00007ff35b7a5fa0 R15: 00007ffeb7f829c8 [ 479.905518][T12016] [ 480.127584][ C0] vkms_vblank_simulate: vblank timer overrun [ 485.059452][T12122] FAULT_INJECTION: forcing a failure. [ 485.059452][T12122] name failslab, interval 1, probability 0, space 0, times 0 [ 485.122253][T12122] CPU: 1 UID: 0 PID: 12122 Comm: syz.1.1639 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 485.122293][T12122] Tainted: [U]=USER [ 485.122300][T12122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 485.122314][T12122] Call Trace: [ 485.122321][T12122] [ 485.122330][T12122] dump_stack_lvl+0x16c/0x1f0 [ 485.122365][T12122] should_fail_ex+0x50a/0x650 [ 485.122406][T12122] should_failslab+0xc2/0x120 [ 485.122429][T12122] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 485.122465][T12122] ? skb_clone+0x190/0x3f0 [ 485.122502][T12122] skb_clone+0x190/0x3f0 [ 485.122536][T12122] netlink_deliver_tap+0xabd/0xd30 [ 485.122574][T12122] netlink_unicast+0x6b4/0x7f0 [ 485.122608][T12122] ? __pfx_netlink_unicast+0x10/0x10 [ 485.122636][T12122] ? genl_rcv_msg+0x4bd/0x800 [ 485.122677][T12122] netlink_ack+0x6ac/0xb80 [ 485.122717][T12122] netlink_rcv_skb+0x348/0x440 [ 485.122747][T12122] ? __pfx_genl_rcv_msg+0x10/0x10 [ 485.122782][T12122] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 485.122828][T12122] ? down_read+0xc9/0x330 [ 485.122857][T12122] ? __pfx_down_read+0x10/0x10 [ 485.122889][T12122] ? netlink_deliver_tap+0x1ae/0xd30 [ 485.122928][T12122] genl_rcv+0x28/0x40 [ 485.122957][T12122] netlink_unicast+0x53c/0x7f0 [ 485.122989][T12122] ? __pfx_netlink_unicast+0x10/0x10 [ 485.123021][T12122] ? __phys_addr_symbol+0x30/0x80 [ 485.123045][T12122] ? __check_object_size+0x488/0x710 [ 485.123074][T12122] netlink_sendmsg+0x8b8/0xd70 [ 485.123111][T12122] ? __pfx_netlink_sendmsg+0x10/0x10 [ 485.123154][T12122] ____sys_sendmsg+0xaaf/0xc90 [ 485.123180][T12122] ? copy_msghdr_from_user+0x10b/0x160 [ 485.123212][T12122] ? __pfx_____sys_sendmsg+0x10/0x10 [ 485.123254][T12122] ___sys_sendmsg+0x135/0x1e0 [ 485.123292][T12122] ? __pfx____sys_sendmsg+0x10/0x10 [ 485.123339][T12122] ? __pfx_lock_release+0x10/0x10 [ 485.123370][T12122] ? trace_lock_acquire+0x14e/0x1f0 [ 485.123408][T12122] ? __fget_files+0x206/0x3a0 [ 485.123451][T12122] __sys_sendmsg+0x16e/0x220 [ 485.123483][T12122] ? __pfx___sys_sendmsg+0x10/0x10 [ 485.123539][T12122] do_syscall_64+0xcd/0x250 [ 485.123570][T12122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.123601][T12122] RIP: 0033:0x7feda4d8d0a9 [ 485.123621][T12122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.123643][T12122] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 485.123664][T12122] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 485.123680][T12122] RDX: 000000000400c8d4 RSI: 0000400000000280 RDI: 0000000000000003 [ 485.123694][T12122] RBP: 00007feda2bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 485.123708][T12122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 485.123722][T12122] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 485.123755][T12122] [ 485.618845][T12125] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1640'. [ 485.738634][T12131] i2c i2c-0: new_device: Missing parameters [ 486.084582][T12142] net_ratelimit: 41 callbacks suppressed [ 486.084604][T12142] openvswitch: netlink: IP tunnel attribute has 235 unknown bytes. [ 486.680734][T12159] FAULT_INJECTION: forcing a failure. [ 486.680734][T12159] name failslab, interval 1, probability 0, space 0, times 0 [ 486.716299][T12159] CPU: 0 UID: 0 PID: 12159 Comm: syz.0.1652 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 486.716338][T12159] Tainted: [U]=USER [ 486.716346][T12159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 486.716359][T12159] Call Trace: [ 486.716365][T12159] [ 486.716375][T12159] dump_stack_lvl+0x16c/0x1f0 [ 486.716409][T12159] should_fail_ex+0x50a/0x650 [ 486.716443][T12159] ? fs_reclaim_acquire+0xae/0x150 [ 486.716474][T12159] ? kernfs_fop_write_iter+0x223/0x500 [ 486.716506][T12159] should_failslab+0xc2/0x120 [ 486.716528][T12159] __kmalloc_noprof+0xcb/0x510 [ 486.716560][T12159] ? rcu_is_watching+0x12/0xc0 [ 486.716592][T12159] kernfs_fop_write_iter+0x223/0x500 [ 486.716621][T12159] vfs_write+0x5ae/0x1150 [ 486.716652][T12159] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 486.716679][T12159] ? __pfx___mutex_lock+0x10/0x10 [ 486.716708][T12159] ? __pfx_vfs_write+0x10/0x10 [ 486.716760][T12159] ksys_write+0x12b/0x250 [ 486.716788][T12159] ? __pfx_ksys_write+0x10/0x10 [ 486.716828][T12159] do_syscall_64+0xcd/0x250 [ 486.716859][T12159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.716890][T12159] RIP: 0033:0x7ff35b58d0a9 [ 486.716908][T12159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.716930][T12159] RSP: 002b:00007ff3593f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 486.716951][T12159] RAX: ffffffffffffffda RBX: 00007ff35b7a5fa0 RCX: 00007ff35b58d0a9 [ 486.716967][T12159] RDX: 0000000000000009 RSI: 0000400000000200 RDI: 0000000000000003 [ 486.716981][T12159] RBP: 00007ff3593f6090 R08: 0000000000000000 R09: 0000000000000000 [ 486.716994][T12159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 486.717008][T12159] R13: 0000000000000000 R14: 00007ff35b7a5fa0 R15: 00007ffeb7f829c8 [ 486.717040][T12159] [ 487.026489][T12157] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1653'. [ 487.773369][T12184] FAULT_INJECTION: forcing a failure. [ 487.773369][T12184] name failslab, interval 1, probability 0, space 0, times 0 [ 487.820575][T12184] CPU: 0 UID: 0 PID: 12184 Comm: syz.3.1661 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 487.820614][T12184] Tainted: [U]=USER [ 487.820622][T12184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 487.820635][T12184] Call Trace: [ 487.820641][T12184] [ 487.820650][T12184] dump_stack_lvl+0x16c/0x1f0 [ 487.820684][T12184] should_fail_ex+0x50a/0x650 [ 487.820718][T12184] ? fs_reclaim_acquire+0xae/0x150 [ 487.820750][T12184] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 487.820786][T12184] should_failslab+0xc2/0x120 [ 487.820808][T12184] __kmalloc_noprof+0xcb/0x510 [ 487.820840][T12184] ? __pfx___mutex_trylock_common+0x10/0x10 [ 487.820873][T12184] ? genl_rcv_msg+0x580/0x800 [ 487.820907][T12184] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 487.820947][T12184] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 487.820984][T12184] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 487.821017][T12184] ? __pfx___mutex_lock+0x10/0x10 [ 487.821044][T12184] ? genl_get_cmd+0x195/0x580 [ 487.821086][T12184] ? __radix_tree_lookup+0x21f/0x2c0 [ 487.821118][T12184] genl_rcv_msg+0x565/0x800 [ 487.821156][T12184] ? __pfx_genl_rcv_msg+0x10/0x10 [ 487.821189][T12184] ? __pfx_ctrl_getfamily+0x10/0x10 [ 487.821236][T12184] netlink_rcv_skb+0x16b/0x440 [ 487.821266][T12184] ? __pfx_genl_rcv_msg+0x10/0x10 [ 487.821301][T12184] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 487.821345][T12184] ? down_read+0xc9/0x330 [ 487.821375][T12184] ? __pfx_down_read+0x10/0x10 [ 487.821405][T12184] ? netlink_deliver_tap+0x1ae/0xd30 [ 487.821440][T12184] genl_rcv+0x28/0x40 [ 487.821468][T12184] netlink_unicast+0x53c/0x7f0 [ 487.821502][T12184] ? __pfx_netlink_unicast+0x10/0x10 [ 487.821533][T12184] ? __phys_addr_symbol+0x30/0x80 [ 487.821557][T12184] ? __check_object_size+0x488/0x710 [ 487.821592][T12184] netlink_sendmsg+0x8b8/0xd70 [ 487.821628][T12184] ? __pfx_netlink_sendmsg+0x10/0x10 [ 487.821671][T12184] __sys_sendto+0x488/0x4f0 [ 487.821703][T12184] ? __pfx___sys_sendto+0x10/0x10 [ 487.821729][T12184] ? reacquire_held_locks+0x20b/0x4c0 [ 487.821760][T12184] ? do_user_addr_fault+0xdc7/0x13f0 [ 487.821829][T12184] __x64_sys_sendto+0xe0/0x1c0 [ 487.821858][T12184] ? do_syscall_64+0x91/0x250 [ 487.821886][T12184] ? lockdep_hardirqs_on+0x7c/0x110 [ 487.821913][T12184] do_syscall_64+0xcd/0x250 [ 487.821943][T12184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 487.821973][T12184] RIP: 0033:0x7f6a7578ef3c [ 487.821992][T12184] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 487.822014][T12184] RSP: 002b:00007f6a76634ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 487.822036][T12184] RAX: ffffffffffffffda RBX: 00007f6a76634fc0 RCX: 00007f6a7578ef3c [ 487.822051][T12184] RDX: 0000000000000024 RSI: 00007f6a76635010 RDI: 0000000000000004 [ 487.822065][T12184] RBP: 0000000000000000 R08: 00007f6a76634f14 R09: 000000000000000c [ 487.822080][T12184] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 487.822094][T12184] R13: 00007f6a76634f68 R14: 00007f6a76635010 R15: 0000000000000000 [ 487.822127][T12184] [ 489.865830][ T29] audit: type=1800 audit(4294967368.190:22): pid=12219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1668" name="lu_gp_id" dev="configfs" ino=38927 res=0 errno=0 [ 490.108257][T12223] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1672'. [ 490.307019][T12226] FAULT_INJECTION: forcing a failure. [ 490.307019][T12226] name failslab, interval 1, probability 0, space 0, times 0 [ 490.706350][T12226] CPU: 0 UID: 0 PID: 12226 Comm: syz.0.1671 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 490.706400][T12226] Tainted: [U]=USER [ 490.706407][T12226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 490.706420][T12226] Call Trace: [ 490.706426][T12226] [ 490.706435][T12226] dump_stack_lvl+0x16c/0x1f0 [ 490.706470][T12226] should_fail_ex+0x50a/0x650 [ 490.706504][T12226] ? fs_reclaim_acquire+0xae/0x150 [ 490.706535][T12226] should_failslab+0xc2/0x120 [ 490.706558][T12226] kmem_cache_alloc_lru_noprof+0x73/0x3d0 [ 490.706592][T12226] ? sock_alloc_inode+0x25/0x1c0 [ 490.706620][T12226] ? __pfx_sock_alloc_inode+0x10/0x10 [ 490.706641][T12226] sock_alloc_inode+0x25/0x1c0 [ 490.706662][T12226] alloc_inode+0x5d/0x230 [ 490.706685][T12226] sock_alloc+0x40/0x280 [ 490.706718][T12226] __sock_create+0xc1/0x8d0 [ 490.706749][T12226] __sys_socket+0x14f/0x260 [ 490.706773][T12226] ? __pfx___sys_socket+0x10/0x10 [ 490.706797][T12226] ? ksys_write+0x1ba/0x250 [ 490.706826][T12226] ? __pfx_ksys_write+0x10/0x10 [ 490.706863][T12226] __x64_sys_socket+0x72/0xb0 [ 490.706886][T12226] ? lockdep_hardirqs_on+0x7c/0x110 [ 490.706914][T12226] do_syscall_64+0xcd/0x250 [ 490.706943][T12226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 490.706975][T12226] RIP: 0033:0x7ff35b58d0a9 [ 490.706993][T12226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 490.707015][T12226] RSP: 002b:00007ff3593d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 490.707037][T12226] RAX: ffffffffffffffda RBX: 00007ff35b7a6080 RCX: 00007ff35b58d0a9 [ 490.707053][T12226] RDX: 0000000000000084 RSI: 0000000000000005 RDI: 000000000000000a [ 490.707066][T12226] RBP: 00007ff3593d5090 R08: 0000000000000000 R09: 0000000000000000 [ 490.707080][T12226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 490.707094][T12226] R13: 0000000000000000 R14: 00007ff35b7a6080 R15: 00007ffeb7f829c8 [ 490.707123][T12226] [ 490.707135][T12226] socket: no more sockets [ 491.311240][T12237] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1676'. [ 492.283319][T12262] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1682'. [ 493.388201][T12271] netlink: zone id is out of range [ 493.393387][T12271] netlink: zone id is out of range [ 493.459005][T12271] netlink: zone id is out of range [ 493.512867][T12271] netlink: zone id is out of range [ 493.579019][T12271] netlink: zone id is out of range [ 493.584202][T12271] netlink: zone id is out of range [ 493.590795][T12271] netlink: zone id is out of range [ 493.601804][T12271] netlink: zone id is out of range [ 493.607065][T12271] netlink: zone id is out of range [ 493.612209][T12271] netlink: zone id is out of range [ 494.368230][T12295] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1691'. [ 495.253291][T12304] udc dummy_udc.0: soft-connect without a gadget driver [ 496.894439][T12323] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1700'. [ 497.150372][T12326] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1700'. [ 497.227411][T12325] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1700'. [ 499.009996][T12354] cougar: G6 mapped to space [ 499.301703][ T5836] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 500.052753][T12362] FAULT_INJECTION: forcing a failure. [ 500.052753][T12362] name fail_futex, interval 1, probability 0, space 0, times 0 [ 500.072266][T12362] CPU: 1 UID: 0 PID: 12362 Comm: syz.1.1718 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 500.072306][T12362] Tainted: [U]=USER [ 500.072315][T12362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 500.072329][T12362] Call Trace: [ 500.072336][T12362] [ 500.072346][T12362] dump_stack_lvl+0x16c/0x1f0 [ 500.072381][T12362] should_fail_ex+0x50a/0x650 [ 500.072423][T12362] get_futex_key+0x4a3/0x1000 [ 500.072459][T12362] ? put_pid+0x1f/0x30 [ 500.072487][T12362] ? __pfx_get_futex_key+0x10/0x10 [ 500.072515][T12362] ? __pfx_netlink_sendmsg+0x10/0x10 [ 500.072553][T12362] futex_wait_setup+0x78/0x290 [ 500.072589][T12362] ? ____sys_sendmsg+0x4cd/0xc90 [ 500.072615][T12362] __futex_wait+0x267/0x3c0 [ 500.072651][T12362] ? __pfx___futex_wait+0x10/0x10 [ 500.072689][T12362] ? __pfx_futex_wake_mark+0x10/0x10 [ 500.072725][T12362] ? __pfx____sys_sendmsg+0x10/0x10 [ 500.072760][T12362] futex_wait+0xe9/0x380 [ 500.072792][T12362] ? __pfx_futex_wait+0x10/0x10 [ 500.072843][T12362] do_futex+0x22b/0x350 [ 500.072872][T12362] ? __pfx_do_futex+0x10/0x10 [ 500.072897][T12362] ? fput+0x67/0x440 [ 500.072922][T12362] ? __sys_sendmsg+0x19a/0x220 [ 500.072954][T12362] __x64_sys_futex+0x1e1/0x4c0 [ 500.072984][T12362] ? __pfx___x64_sys_futex+0x10/0x10 [ 500.073024][T12362] do_syscall_64+0xcd/0x250 [ 500.073056][T12362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 500.073089][T12362] RIP: 0033:0x7feda4d8d0a9 [ 500.073108][T12362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 500.073131][T12362] RSP: 002b:00007feda2bf60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 500.073154][T12362] RAX: ffffffffffffffda RBX: 00007feda4fa5fa8 RCX: 00007feda4d8d0a9 [ 500.073171][T12362] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007feda4fa5fa8 [ 500.073184][T12362] RBP: 00007feda4fa5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 500.073198][T12362] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feda4fa5fac [ 500.073213][T12362] R13: 0000000000000000 R14: 00007ffd5def5480 R15: 00007ffd5def5568 [ 500.073244][T12362] [ 500.406283][T12367] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1711'. [ 501.909949][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.925815][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 503.296969][T12456] FAULT_INJECTION: forcing a failure. [ 503.296969][T12456] name failslab, interval 1, probability 0, space 0, times 0 [ 503.352446][T12456] CPU: 0 UID: 0 PID: 12456 Comm: syz.1.1725 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 503.352488][T12456] Tainted: [U]=USER [ 503.352496][T12456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 503.352511][T12456] Call Trace: [ 503.352518][T12456] [ 503.352530][T12456] dump_stack_lvl+0x16c/0x1f0 [ 503.352567][T12456] should_fail_ex+0x50a/0x650 [ 503.352604][T12456] ? fs_reclaim_acquire+0xae/0x150 [ 503.352635][T12456] should_failslab+0xc2/0x120 [ 503.352659][T12456] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 503.352692][T12456] ? rcu_is_watching+0x12/0xc0 [ 503.352715][T12456] ? security_file_alloc+0x34/0x2b0 [ 503.352749][T12456] security_file_alloc+0x34/0x2b0 [ 503.352779][T12456] init_file+0x93/0x4c0 [ 503.352801][T12456] alloc_empty_file+0x91/0x1e0 [ 503.352825][T12456] alloc_file_pseudo+0x13b/0x230 [ 503.352850][T12456] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 503.352877][T12456] ? hugetlbfs_get_inode+0x323/0x740 [ 503.352918][T12456] hugetlb_file_setup+0x4cd/0x620 [ 503.352947][T12456] ksys_mmap_pgoff+0x189/0x5c0 [ 503.352985][T12456] __x64_sys_mmap+0x125/0x190 [ 503.353023][T12456] do_syscall_64+0xcd/0x250 [ 503.353052][T12456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.353083][T12456] RIP: 0033:0x7feda4d8d0a9 [ 503.353102][T12456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.353124][T12456] RSP: 002b:00007feda2bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 503.353147][T12456] RAX: ffffffffffffffda RBX: 00007feda4fa6160 RCX: 00007feda4d8d0a9 [ 503.353162][T12456] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 503.353175][T12456] RBP: 00007feda4e0e2a0 R08: 0000000000000401 R09: 0000300000000000 [ 503.353189][T12456] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 503.353202][T12456] R13: 0000000000000000 R14: 00007feda4fa6160 R15: 00007ffd5def5568 [ 503.353231][T12456] [ 503.552435][ C0] vkms_vblank_simulate: vblank timer overrun [ 504.341534][T12472] FAULT_INJECTION: forcing a failure. [ 504.341534][T12472] name failslab, interval 1, probability 0, space 0, times 0 [ 504.380326][T12472] CPU: 0 UID: 0 PID: 12472 Comm: syz.1.1728 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 504.380368][T12472] Tainted: [U]=USER [ 504.380376][T12472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 504.380390][T12472] Call Trace: [ 504.380397][T12472] [ 504.380407][T12472] dump_stack_lvl+0x16c/0x1f0 [ 504.380443][T12472] should_fail_ex+0x50a/0x650 [ 504.380478][T12472] ? fs_reclaim_acquire+0xae/0x150 [ 504.380510][T12472] should_failslab+0xc2/0x120 [ 504.380533][T12472] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 504.380566][T12472] ? percpu_counter_add_batch+0xb5/0x1e0 [ 504.380597][T12472] ? vm_area_dup+0x53/0x2f0 [ 504.380635][T12472] vm_area_dup+0x53/0x2f0 [ 504.380668][T12472] copy_process+0x776f/0x8c50 [ 504.380715][T12472] ? __pfx_copy_process+0x10/0x10 [ 504.380741][T12472] ? try_to_wake_up+0x953/0x1490 [ 504.380778][T12472] ? plist_check_head+0xa3/0x150 [ 504.380807][T12472] ? wake_up_q+0xb0/0x160 [ 504.380835][T12472] ? do_raw_spin_unlock+0x172/0x230 [ 504.380862][T12472] kernel_clone+0xfd/0x960 [ 504.380885][T12472] ? __pfx_futex_wake+0x10/0x10 [ 504.380915][T12472] ? __pfx_kernel_clone+0x10/0x10 [ 504.380957][T12472] __do_sys_clone+0xcf/0x120 [ 504.380979][T12472] ? __pfx___do_sys_clone+0x10/0x10 [ 504.381002][T12472] ? __pfx___might_resched+0x10/0x10 [ 504.381051][T12472] ? rcu_is_watching+0x12/0xc0 [ 504.381095][T12472] do_syscall_64+0xcd/0x250 [ 504.381129][T12472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.381162][T12472] RIP: 0033:0x7feda4d8d0a9 [ 504.381181][T12472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 504.381205][T12472] RSP: 002b:00007feda2bf5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 504.381228][T12472] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 504.381244][T12472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000 [ 504.381258][T12472] RBP: 00007feda4e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 504.381273][T12472] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 504.381288][T12472] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 504.381322][T12472] [ 504.605674][ C0] vkms_vblank_simulate: vblank timer overrun [ 507.145523][T12516] Invalid ELF header magic: != ELF [ 507.460153][T12516] netlink: 'syz.3.1740': attribute type 1 has an invalid length. [ 507.476660][T12516] netlink: 'syz.3.1740': attribute type 1 has an invalid length. [ 507.504823][T12516] netlink: 33 bytes leftover after parsing attributes in process `syz.3.1740'. [ 507.913150][T12508] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1736'. [ 507.986206][T12508] veth1_macvtap: entered allmulticast mode [ 508.296634][ T29] audit: type=1800 audit(4294967386.510:23): pid=12537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1746" name="discovery_nqn" dev="configfs" ino=39652 res=0 errno=0 [ 509.086886][T12550] FAULT_INJECTION: forcing a failure. [ 509.086886][T12550] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 509.142322][T12550] CPU: 1 UID: 0 PID: 12550 Comm: syz.3.1749 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 509.142371][T12550] Tainted: [U]=USER [ 509.142380][T12550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 509.142394][T12550] Call Trace: [ 509.142402][T12550] [ 509.142412][T12550] dump_stack_lvl+0x16c/0x1f0 [ 509.142450][T12550] should_fail_ex+0x50a/0x650 [ 509.142494][T12550] strncpy_from_user+0x3b/0x2d0 [ 509.142532][T12550] getname_flags.part.0+0x8f/0x550 [ 509.142566][T12550] getname+0x8d/0xe0 [ 509.142596][T12550] do_sys_openat2+0x104/0x1e0 [ 509.142622][T12550] ? __pfx_do_sys_openat2+0x10/0x10 [ 509.142661][T12550] __x64_sys_openat+0x175/0x210 [ 509.142687][T12550] ? __pfx___x64_sys_openat+0x10/0x10 [ 509.142727][T12550] do_syscall_64+0xcd/0x250 [ 509.142760][T12550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.142793][T12550] RIP: 0033:0x7f6a7578d0a9 [ 509.142813][T12550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.142836][T12550] RSP: 002b:00007f6a76636038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 509.142859][T12550] RAX: ffffffffffffffda RBX: 00007f6a759a5fa0 RCX: 00007f6a7578d0a9 [ 509.142876][T12550] RDX: 0000000000000200 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 509.142892][T12550] RBP: 00007f6a7580e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 509.142907][T12550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 509.142921][T12550] R13: 0000000000000000 R14: 00007f6a759a5fa0 R15: 00007ffdce226638 [ 509.142952][T12550] [ 509.699423][T12559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1752'. [ 509.711192][T12559] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1752'. [ 510.071082][T12559] zswap: compressor not available [ 510.853130][T12592] net_ratelimit: 1 callbacks suppressed [ 510.853159][T12592] netlink: zone id is out of range [ 510.866597][T12592] netlink: zone id is out of range [ 510.871808][T12592] netlink: zone id is out of range [ 510.874028][T12597] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1763'. [ 510.885860][T12592] netlink: del zone limit has 8 unknown bytes [ 512.442809][T12623] FAULT_INJECTION: forcing a failure. [ 512.442809][T12623] name failslab, interval 1, probability 0, space 0, times 0 [ 512.481532][T12623] CPU: 0 UID: 0 PID: 12623 Comm: syz.1.1771 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 512.481571][T12623] Tainted: [U]=USER [ 512.481579][T12623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 512.481592][T12623] Call Trace: [ 512.481599][T12623] [ 512.481608][T12623] dump_stack_lvl+0x16c/0x1f0 [ 512.481642][T12623] should_fail_ex+0x50a/0x650 [ 512.481677][T12623] ? fs_reclaim_acquire+0xae/0x150 [ 512.481708][T12623] should_failslab+0xc2/0x120 [ 512.481731][T12623] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 512.481763][T12623] ? __pfx_acct_collect+0x10/0x10 [ 512.481796][T12623] ? taskstats_exit+0x656/0xbe0 [ 512.481829][T12623] ? acct_update_integrals+0x3e7/0x4b0 [ 512.481864][T12623] taskstats_exit+0x656/0xbe0 [ 512.481897][T12623] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 512.481920][T12623] ? __pfx_taskstats_exit+0x10/0x10 [ 512.481953][T12623] ? _raw_spin_unlock_irq+0x23/0x50 [ 512.481978][T12623] ? __seccomp_filter_orphan+0x18/0x110 [ 512.482002][T12623] ? __put_seccomp_filter+0x16/0xf0 [ 512.482040][T12623] do_exit+0x845/0x2d70 [ 512.482064][T12623] ? do_group_exit+0x1c3/0x2a0 [ 512.482087][T12623] ? __pfx_lock_release+0x10/0x10 [ 512.482120][T12623] ? __pfx_do_exit+0x10/0x10 [ 512.482153][T12623] do_group_exit+0xd3/0x2a0 [ 512.482179][T12623] __x64_sys_exit_group+0x3e/0x50 [ 512.482204][T12623] x64_sys_call+0x151f/0x1720 [ 512.482229][T12623] do_syscall_64+0xcd/0x250 [ 512.482259][T12623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.482290][T12623] RIP: 0033:0x7feda4d8d0a9 [ 512.482310][T12623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 512.482331][T12623] RSP: 002b:00007feda2bf5f48 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 512.482353][T12623] RAX: ffffffffffffffda RBX: 00007feda4decbd8 RCX: 00007feda4d8d0a9 [ 512.482368][T12623] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 512.482382][T12623] RBP: 0000000000000009 R08: 00007feda2bf3ce7 R09: 0000000000000001 [ 512.482395][T12623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 512.482409][T12623] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 512.482439][T12623] [ 512.619620][T12630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1773'. [ 512.845216][T12633] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1775'. [ 515.056588][T12675] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1785'. [ 515.333368][T12686] netlink: del zone limit has 4 unknown bytes [ 516.985184][T12706] cougar: G6 mapped to space [ 517.073431][T12358] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 518.814971][T12727] Invalid ELF header magic: != ELF [ 518.944993][T12734] netlink: del zone limit has 4 unknown bytes [ 519.337875][T12727] netlink: 'syz.3.1799': attribute type 1 has an invalid length. [ 519.347930][T12727] netlink: 'syz.3.1799': attribute type 1 has an invalid length. [ 519.357639][T12727] netlink: 33 bytes leftover after parsing attributes in process `syz.3.1799'. [ 519.462781][T12739] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1801'. [ 519.852689][T12748] HfR: entered promiscuous mode [ 520.148840][T12755] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1802'. [ 520.276181][T12762] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1806'. syzkaller [ 521.249462][T12780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1811'. syzkaller login: [ 521.286306][T12767] FAULT_INJECTION: forcing a failure. [ 521.286306][T12767] name failslab, interval 1, probability 0, space 0, times 0 [ 521.393501][T12767] CPU: 1 UID: 0 PID: 12767 Comm: syz.1.1808 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 521.393544][T12767] Tainted: [U]=USER [ 521.393553][T12767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 521.393568][T12767] Call Trace: [ 521.393575][T12767] [ 521.393585][T12767] dump_stack_lvl+0x16c/0x1f0 [ 521.393622][T12767] should_fail_ex+0x50a/0x650 [ 521.393659][T12767] ? fs_reclaim_acquire+0xae/0x150 [ 521.393694][T12767] ? tomoyo_realpath_from_path+0xb9/0x720 [ 521.393727][T12767] should_failslab+0xc2/0x120 [ 521.393751][T12767] __kmalloc_noprof+0xcb/0x510 [ 521.393788][T12767] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 521.393829][T12767] tomoyo_realpath_from_path+0xb9/0x720 [ 521.393861][T12767] ? tomoyo_path_number_perm+0x235/0x590 [ 521.393891][T12767] ? tomoyo_path_number_perm+0x235/0x590 [ 521.393924][T12767] tomoyo_path_number_perm+0x248/0x590 [ 521.393951][T12767] ? tomoyo_path_number_perm+0x235/0x590 [ 521.393979][T12767] ? __lock_acquire+0x1/0x3c40 [ 521.394012][T12767] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 521.394110][T12767] ? do_raw_spin_unlock+0x172/0x230 [ 521.394136][T12767] ? _raw_spin_unlock+0x28/0x50 [ 521.394163][T12767] ? d_add+0x43c/0x730 [ 521.394186][T12767] ? do_raw_spin_unlock+0x172/0x230 [ 521.394214][T12767] ? simple_lookup+0x12c/0x180 [ 521.394244][T12767] ? get_current_fs_domain+0x184/0x1f0 [ 521.394277][T12767] tomoyo_path_mkdir+0x9c/0xe0 [ 521.394313][T12767] ? __pfx_tomoyo_path_mkdir+0x10/0x10 [ 521.394360][T12767] security_path_mkdir+0x154/0x2f0 [ 521.394391][T12767] do_mkdirat+0x176/0x3a0 [ 521.394427][T12767] ? __pfx_do_mkdirat+0x10/0x10 [ 521.394465][T12767] ? getname_flags.part.0+0x1c5/0x550 [ 521.394503][T12767] __x64_sys_mkdir+0xef/0x140 [ 521.394541][T12767] do_syscall_64+0xcd/0x250 [ 521.394576][T12767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 521.394610][T12767] RIP: 0033:0x7feda4d8d0a9 [ 521.394631][T12767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 521.394655][T12767] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 521.394679][T12767] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 521.394696][T12767] RDX: 0000000000000000 RSI: 0000000000008001 RDI: 0000000000000000 [ 521.394712][T12767] RBP: 00007feda4e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 521.394727][T12767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 521.394742][T12767] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 521.394777][T12767] [ 521.394789][T12767] ERROR: Out of memory at tomoyo_realpath_from_path. [ 522.169247][T12792] : Can't lookup blockdev [ 522.680362][T12790] netlink: zone id is out of range [ 522.685539][T12790] netlink: zone id is out of range [ 522.765894][T12790] netlink: zone id is out of range [ 522.771084][T12790] netlink: zone id is out of range [ 522.820301][T12790] netlink: zone id is out of range [ 522.825480][T12790] netlink: zone id is out of range [ 522.934860][T12790] netlink: del zone limit has 4 unknown bytes [ 524.235000][T12830] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1823'. [ 524.652639][T12837] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1825'. [ 526.459214][T12856] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1831'. [ 526.846429][T12875] netlink: zone id is out of range [ 526.911178][T12875] netlink: zone id is out of range [ 526.917272][T12875] netlink: zone id is out of range [ 526.922423][T12875] netlink: zone id is out of range [ 526.928168][T12875] netlink: zone id is out of range [ 526.933315][T12875] netlink: zone id is out of range [ 526.943874][T12875] netlink: zone id is out of range [ 526.949400][T12875] netlink: zone id is out of range [ 526.954562][T12875] netlink: zone id is out of range [ 526.960273][T12875] netlink: del zone limit has 4 unknown bytes [ 528.545121][T12903] FAULT_INJECTION: forcing a failure. [ 528.545121][T12903] name failslab, interval 1, probability 0, space 0, times 0 [ 528.638205][T12903] CPU: 0 UID: 0 PID: 12903 Comm: syz.2.1840 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 528.638245][T12903] Tainted: [U]=USER [ 528.638252][T12903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 528.638266][T12903] Call Trace: [ 528.638272][T12903] [ 528.638282][T12903] dump_stack_lvl+0x16c/0x1f0 [ 528.638317][T12903] should_fail_ex+0x50a/0x650 [ 528.638352][T12903] ? fs_reclaim_acquire+0xae/0x150 [ 528.638384][T12903] ? snd_seq_port_connect+0x61/0x550 [ 528.638417][T12903] should_failslab+0xc2/0x120 [ 528.638440][T12903] __kmalloc_cache_noprof+0x68/0x410 [ 528.638475][T12903] ? snd_seq_port_use_ptr+0x3c/0x1a0 [ 528.638512][T12903] snd_seq_port_connect+0x61/0x550 [ 528.638545][T12903] ? _raw_read_unlock+0x28/0x50 [ 528.638570][T12903] ? check_subscription_permission.isra.0+0xf5/0x240 [ 528.638611][T12903] snd_seq_ioctl_subscribe_port+0x1fe/0x430 [ 528.638639][T12903] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 528.638670][T12903] ? mark_held_locks+0x9f/0xe0 [ 528.638707][T12903] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 528.638745][T12903] snd_seq_oss_midi_open+0x4c2/0x6d0 [ 528.638776][T12903] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 528.638822][T12903] ? rcu_is_watching+0x12/0xc0 [ 528.638847][T12903] ? trace_contention_end+0xee/0x140 [ 528.638886][T12903] snd_seq_oss_synth_reset+0x3e3/0x770 [ 528.638918][T12903] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 528.638948][T12903] ? __pfx___fsnotify_parent+0x10/0x10 [ 528.638987][T12903] snd_seq_oss_reset+0x73/0x290 [ 528.639011][T12903] ? __pfx_odev_release+0x10/0x10 [ 528.639044][T12903] snd_seq_oss_release+0x7c/0x180 [ 528.639069][T12903] odev_release+0x4c/0x70 [ 528.639101][T12903] __fput+0x3ff/0xb70 [ 528.639133][T12903] task_work_run+0x14e/0x250 [ 528.639165][T12903] ? __pfx_task_work_run+0x10/0x10 [ 528.639195][T12903] ? __pfx_ksys_write+0x10/0x10 [ 528.639237][T12903] syscall_exit_to_user_mode+0x27b/0x2a0 [ 528.639267][T12903] do_syscall_64+0xda/0x250 [ 528.639298][T12903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.639329][T12903] RIP: 0033:0x7f7512b8d0a9 [ 528.639348][T12903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.639369][T12903] RSP: 002b:00007f7513a6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 528.639392][T12903] RAX: 0000000000000007 RBX: 00007f7512da6160 RCX: 00007f7512b8d0a9 [ 528.639407][T12903] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 528.639420][T12903] RBP: 00007f7513a6e090 R08: 0000000000000000 R09: 0000000000000000 [ 528.639434][T12903] R10: 00004000000002c0 R11: 0000000000000246 R12: 0000000000000002 [ 528.639448][T12903] R13: 0000000000000001 R14: 00007f7512da6160 R15: 00007ffe641d34f8 [ 528.639481][T12903] [ 529.881898][T12921] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1847'. [ 530.726575][T12942] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1850'. [ 531.878660][T12950] net_ratelimit: 16 callbacks suppressed [ 531.878682][T12950] netlink: zone id is out of range [ 531.908359][T12950] netlink: zone id is out of range [ 531.913540][T12950] netlink: zone id is out of range [ 531.934954][T12950] netlink: zone id is out of range [ 531.960512][T12950] netlink: zone id is out of range [ 531.988564][T12950] netlink: zone id is out of range [ 532.005135][T12950] netlink: zone id is out of range [ 532.033725][T12950] netlink: zone id is out of range [ 532.729749][T12971] netlink: zone id is out of range [ 532.734933][T12971] netlink: zone id is out of range [ 534.661608][T13003] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1866'. [ 535.676376][T13008] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1868'. [ 535.925009][T12358] Bluetooth: hci0: Malformed LE Event: 0x1d [ 536.032350][T13005] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 536.133245][T13012] Invalid ELF header magic: != ELF [ 537.850559][T13036] net_ratelimit: 8 callbacks suppressed [ 537.850583][T13036] netlink: zone id is out of range [ 537.945962][T13036] netlink: zone id is out of range [ 537.951136][T13036] netlink: zone id is out of range [ 538.073334][T13036] netlink: zone id is out of range [ 538.156137][T13036] netlink: zone id is out of range [ 538.171531][T13036] netlink: zone id is out of range [ 538.193529][T13036] netlink: zone id is out of range [ 538.219401][T13036] netlink: zone id is out of range [ 538.224589][T13036] netlink: zone id is out of range [ 538.295790][T13036] netlink: zone id is out of range [ 538.519558][T13023] kexec: Could not allocate control_code_buffer [ 540.181917][T13072] FAULT_INJECTION: forcing a failure. [ 540.181917][T13072] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 540.231389][T13072] CPU: 1 UID: 0 PID: 13072 Comm: syz.3.1884 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 540.231429][T13072] Tainted: [U]=USER [ 540.231437][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 540.231452][T13072] Call Trace: [ 540.231459][T13072] [ 540.231470][T13072] dump_stack_lvl+0x16c/0x1f0 [ 540.231508][T13072] should_fail_ex+0x50a/0x650 [ 540.231552][T13072] _copy_from_user+0x2e/0xd0 [ 540.231581][T13072] get_user_ifreq+0xf1/0x250 [ 540.231621][T13072] sock_ioctl+0x58c/0x6c0 [ 540.231650][T13072] ? __pfx_sock_ioctl+0x10/0x10 [ 540.231694][T13072] ? __fget_files+0x206/0x3a0 [ 540.231734][T13072] ? __pfx_sock_ioctl+0x10/0x10 [ 540.231765][T13072] __x64_sys_ioctl+0x190/0x200 [ 540.231796][T13072] do_syscall_64+0xcd/0x250 [ 540.231830][T13072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.231864][T13072] RIP: 0033:0x7f6a7578d0a9 [ 540.231888][T13072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 540.231912][T13072] RSP: 002b:00007f6a76636038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 540.231938][T13072] RAX: ffffffffffffffda RBX: 00007f6a759a5fa0 RCX: 00007f6a7578d0a9 [ 540.231955][T13072] RDX: 0000400000000040 RSI: 00000000000089fc RDI: 0000000000000005 [ 540.231970][T13072] RBP: 00007f6a7580e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 540.231985][T13072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.231999][T13072] R13: 0000000000000000 R14: 00007f6a759a5fa0 R15: 00007ffdce226638 [ 540.232030][T13072] [ 544.058250][T13090] kexec: Could not allocate control_code_buffer [ 546.827792][T13150] net_ratelimit: 8 callbacks suppressed [ 546.827814][T13150] netlink: zone id is out of range [ 546.870866][T13150] netlink: zone id is out of range [ 546.887911][T13150] netlink: zone id is out of range [ 546.893134][T13150] netlink: zone id is out of range [ 546.901452][T13150] netlink: zone id is out of range [ 546.930198][T13119] delete_channel: no stack [ 546.938325][T13150] netlink: zone id is out of range [ 546.943494][T13150] netlink: zone id is out of range [ 547.045934][T13150] netlink: zone id is out of range [ 547.051112][T13150] netlink: zone id is out of range [ 547.056410][T13150] netlink: zone id is out of range [ 547.501402][T13158] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1903'. [ 547.702398][T13165] FAULT_INJECTION: forcing a failure. [ 547.702398][T13165] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 547.738002][T13165] CPU: 0 UID: 0 PID: 13165 Comm: syz.2.1906 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 547.738041][T13165] Tainted: [U]=USER [ 547.738049][T13165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 547.738062][T13165] Call Trace: [ 547.738068][T13165] [ 547.738078][T13165] dump_stack_lvl+0x16c/0x1f0 [ 547.738111][T13165] should_fail_ex+0x50a/0x650 [ 547.738151][T13165] _copy_from_user+0x2e/0xd0 [ 547.738177][T13165] copy_msghdr_from_user+0x99/0x160 [ 547.738210][T13165] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 547.738240][T13165] ? lockdep_hardirqs_on+0x7c/0x110 [ 547.738271][T13165] ? hlock_class+0x4e/0x130 [ 547.738296][T13165] ? __lock_acquire+0x15a9/0x3c40 [ 547.738333][T13165] ___sys_sendmsg+0xff/0x1e0 [ 547.738367][T13165] ? __pfx____sys_sendmsg+0x10/0x10 [ 547.738396][T13165] ? __pfx___lock_acquire+0x10/0x10 [ 547.738455][T13165] ? __pfx___might_resched+0x10/0x10 [ 547.738489][T13165] ? __might_fault+0xe3/0x190 [ 547.738517][T13165] __sys_sendmmsg+0x201/0x420 [ 547.738553][T13165] ? __pfx___sys_sendmmsg+0x10/0x10 [ 547.738595][T13165] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 547.738636][T13165] ? fput+0x67/0x440 [ 547.738660][T13165] ? ksys_write+0x1ba/0x250 [ 547.738689][T13165] ? __pfx_ksys_write+0x10/0x10 [ 547.738725][T13165] __x64_sys_sendmmsg+0x9c/0x100 [ 547.738756][T13165] ? lockdep_hardirqs_on+0x7c/0x110 [ 547.738782][T13165] do_syscall_64+0xcd/0x250 [ 547.738812][T13165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.738843][T13165] RIP: 0033:0x7f7512b8d0a9 [ 547.738862][T13165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.738883][T13165] RSP: 002b:00007f7513ab0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 547.738905][T13165] RAX: ffffffffffffffda RBX: 00007f7512da5fa0 RCX: 00007f7512b8d0a9 [ 547.738921][T13165] RDX: 00000000000009a6 RSI: 0000400000000000 RDI: 0000000000000003 [ 547.738935][T13165] RBP: 00007f7513ab0090 R08: 0000000000000000 R09: 0000000000000000 [ 547.738956][T13165] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000002 [ 547.738970][T13165] R13: 0000000000000000 R14: 00007f7512da5fa0 R15: 00007ffe641d34f8 [ 547.739000][T13165] [ 551.600112][T13198] delete_channel: no stack [ 552.749885][T13247] net_ratelimit: 10 callbacks suppressed [ 552.749907][T13247] netlink: zone id is out of range [ 552.806129][T13247] netlink: zone id is out of range [ 552.830416][T13247] netlink: zone id is out of range [ 552.895928][T13247] netlink: zone id is out of range [ 552.901114][T13247] netlink: zone id is out of range [ 552.992599][T13247] netlink: zone id is out of range [ 553.067359][T13247] netlink: zone id is out of range [ 553.072535][T13247] netlink: zone id is out of range [ 553.175069][T13247] netlink: zone id is out of range [ 553.205530][T13247] netlink: del zone limit has 4 unknown bytes [ 554.089973][T13261] FAULT_INJECTION: forcing a failure. [ 554.089973][T13261] name failslab, interval 1, probability 0, space 0, times 0 [ 554.190561][T13261] CPU: 0 UID: 0 PID: 13261 Comm: syz.3.1925 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 554.190600][T13261] Tainted: [U]=USER [ 554.190607][T13261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 554.190621][T13261] Call Trace: [ 554.190628][T13261] [ 554.190638][T13261] dump_stack_lvl+0x16c/0x1f0 [ 554.190672][T13261] should_fail_ex+0x50a/0x650 [ 554.190705][T13261] ? fs_reclaim_acquire+0xae/0x150 [ 554.190736][T13261] ? ctrl_dumppolicy_start+0x68e/0xaa0 [ 554.190769][T13261] should_failslab+0xc2/0x120 [ 554.190792][T13261] __kmalloc_cache_noprof+0x68/0x410 [ 554.190821][T13261] ? __radix_tree_lookup+0x21f/0x2c0 [ 554.190855][T13261] ctrl_dumppolicy_start+0x68e/0xaa0 [ 554.190887][T13261] ? genl_start+0x6a6/0x960 [ 554.190918][T13261] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 554.190971][T13261] ? rcu_is_watching+0x12/0xc0 [ 554.190996][T13261] ? trace_contention_end+0xee/0x140 [ 554.191031][T13261] ? __mutex_lock+0x1cc/0xb10 [ 554.191062][T13261] ? genl_start+0x6a6/0x960 [ 554.191102][T13261] ? __pfx___mutex_lock+0x10/0x10 [ 554.191152][T13261] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 554.191186][T13261] genl_start+0x5fa/0x960 [ 554.191222][T13261] __netlink_dump_start+0x607/0x970 [ 554.191257][T13261] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 554.191294][T13261] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 554.191336][T13261] ? __pfx_genl_get_cmd+0x10/0x10 [ 554.191365][T13261] ? __pfx_genl_start+0x10/0x10 [ 554.191393][T13261] ? __pfx_genl_dumpit+0x10/0x10 [ 554.191422][T13261] ? __pfx_genl_done+0x10/0x10 [ 554.191458][T13261] ? __radix_tree_lookup+0x21f/0x2c0 [ 554.191490][T13261] genl_rcv_msg+0x470/0x800 [ 554.191527][T13261] ? __pfx_genl_rcv_msg+0x10/0x10 [ 554.191559][T13261] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 554.191592][T13261] ? __pfx_ctrl_dumppolicy+0x10/0x10 [ 554.191622][T13261] ? __pfx_ctrl_dumppolicy_done+0x10/0x10 [ 554.191666][T13261] netlink_rcv_skb+0x16b/0x440 [ 554.191695][T13261] ? __pfx_genl_rcv_msg+0x10/0x10 [ 554.191730][T13261] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 554.191774][T13261] ? down_read+0xc9/0x330 [ 554.191803][T13261] ? __pfx_down_read+0x10/0x10 [ 554.191833][T13261] ? netlink_deliver_tap+0x1ae/0xd30 [ 554.191867][T13261] genl_rcv+0x28/0x40 [ 554.191896][T13261] netlink_unicast+0x53c/0x7f0 [ 554.191928][T13261] ? __pfx_netlink_unicast+0x10/0x10 [ 554.191956][T13261] ? __phys_addr_symbol+0x30/0x80 [ 554.191978][T13261] ? __check_object_size+0x488/0x710 [ 554.192001][T13261] netlink_sendmsg+0x8b8/0xd70 [ 554.192034][T13261] ? __pfx_netlink_sendmsg+0x10/0x10 [ 554.192079][T13261] ____sys_sendmsg+0xaaf/0xc90 [ 554.192113][T13261] ? copy_msghdr_from_user+0x10b/0x160 [ 554.192145][T13261] ? __pfx_____sys_sendmsg+0x10/0x10 [ 554.192186][T13261] ___sys_sendmsg+0x135/0x1e0 [ 554.192217][T13261] ? __pfx____sys_sendmsg+0x10/0x10 [ 554.192258][T13261] ? __pfx_lock_release+0x10/0x10 [ 554.192285][T13261] ? trace_lock_acquire+0x14e/0x1f0 [ 554.192322][T13261] ? __fget_files+0x206/0x3a0 [ 554.192361][T13261] __sys_sendmsg+0x16e/0x220 [ 554.192392][T13261] ? __pfx___sys_sendmsg+0x10/0x10 [ 554.192446][T13261] do_syscall_64+0xcd/0x250 [ 554.192478][T13261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.192507][T13261] RIP: 0033:0x7f6a7578d0a9 [ 554.192524][T13261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 554.192544][T13261] RSP: 002b:00007f6a76636038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 554.192563][T13261] RAX: ffffffffffffffda RBX: 00007f6a759a5fa0 RCX: 00007f6a7578d0a9 [ 554.192577][T13261] RDX: 0000000000000000 RSI: 0000400000000240 RDI: 0000000000000006 [ 554.192589][T13261] RBP: 00007f6a76636090 R08: 0000000000000000 R09: 0000000000000000 [ 554.192601][T13261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 554.192614][T13261] R13: 0000000000000000 R14: 00007f6a759a5fa0 R15: 00007ffdce226638 [ 554.192647][T13261] [ 555.506481][T13284] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1928'. [ 556.104474][T13279] delete_channel: no stack [ 556.286948][T13299] can: request_module (can-proto-0) failed. [ 556.477203][T13309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1933'. [ 559.549171][T13365] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1949'. [ 561.340028][ T29] audit: type=1800 audit(4294967439.670:24): pid=13384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1953" name="discovery_nqn" dev="configfs" ino=44689 res=0 errno=0 [ 562.400533][T13397] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1956'. [ 562.493273][T13399] FAULT_INJECTION: forcing a failure. [ 562.493273][T13399] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 562.525948][T13399] CPU: 1 UID: 0 PID: 13399 Comm: syz.1.1957 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 562.525989][T13399] Tainted: [U]=USER [ 562.525998][T13399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 562.526011][T13399] Call Trace: [ 562.526018][T13399] [ 562.526028][T13399] dump_stack_lvl+0x16c/0x1f0 [ 562.526067][T13399] should_fail_ex+0x50a/0x650 [ 562.526104][T13399] ? __pfx___might_resched+0x10/0x10 [ 562.526148][T13399] should_fail_alloc_page+0xe7/0x130 [ 562.526176][T13399] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 562.526214][T13399] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 562.526253][T13399] ? hlock_class+0x4e/0x130 [ 562.526278][T13399] ? __lock_acquire+0x15a9/0x3c40 [ 562.526333][T13399] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 562.526380][T13399] ? __mutex_trylock_common+0xea/0x250 [ 562.526421][T13399] ? lock_acquire.part.0+0x11b/0x380 [ 562.526454][T13399] ? find_held_lock+0x2d/0x110 [ 562.526484][T13399] ? get_task_mm+0xc2/0xf0 [ 562.526516][T13399] ? __pfx_lock_release+0x10/0x10 [ 562.526553][T13399] __alloc_pages_noprof+0xb/0x1b0 [ 562.526587][T13399] ___kmalloc_large_node+0x84/0x1b0 [ 562.526621][T13399] __kmalloc_large_noprof+0x1c/0x70 [ 562.526648][T13399] ? get_task_mm+0xc7/0xf0 [ 562.526680][T13399] vhost_dev_set_owner+0x31a/0xa70 [ 562.526716][T13399] vhost_net_ioctl+0x690/0x16e0 [ 562.526756][T13399] ? __pfx_lock_release+0x10/0x10 [ 562.526789][T13399] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 562.526824][T13399] ? __pfx___might_resched+0x10/0x10 [ 562.526868][T13399] ? __fget_files+0x206/0x3a0 [ 562.526907][T13399] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 562.526945][T13399] __x64_sys_ioctl+0x190/0x200 [ 562.526977][T13399] do_syscall_64+0xcd/0x250 [ 562.527010][T13399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.527044][T13399] RIP: 0033:0x7feda4d8d0a9 [ 562.527066][T13399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 562.527089][T13399] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 562.527114][T13399] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 562.527131][T13399] RDX: 0000000000000005 RSI: 000000000000af01 RDI: 0000000000000006 [ 562.527146][T13399] RBP: 00007feda4e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 562.527160][T13399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 562.527174][T13399] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 562.527207][T13399] [ 563.353664][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.360149][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.202238][T13416] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 564.880264][T13429] FAULT_INJECTION: forcing a failure. [ 564.880264][T13429] name failslab, interval 1, probability 0, space 0, times 0 [ 564.988423][T13429] CPU: 1 UID: 0 PID: 13429 Comm: syz.3.1966 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 564.988461][T13429] Tainted: [U]=USER [ 564.988468][T13429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 564.988481][T13429] Call Trace: [ 564.988488][T13429] [ 564.988497][T13429] dump_stack_lvl+0x16c/0x1f0 [ 564.988530][T13429] should_fail_ex+0x50a/0x650 [ 564.988564][T13429] ? fs_reclaim_acquire+0xae/0x150 [ 564.988595][T13429] ? tomoyo_realpath_from_path+0xb9/0x720 [ 564.988626][T13429] should_failslab+0xc2/0x120 [ 564.988648][T13429] __kmalloc_noprof+0xcb/0x510 [ 564.988681][T13429] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 564.988719][T13429] tomoyo_realpath_from_path+0xb9/0x720 [ 564.988748][T13429] ? tomoyo_path_number_perm+0x235/0x590 [ 564.988777][T13429] ? tomoyo_path_number_perm+0x235/0x590 [ 564.988806][T13429] tomoyo_path_number_perm+0x248/0x590 [ 564.988831][T13429] ? tomoyo_path_number_perm+0x235/0x590 [ 564.988860][T13429] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 564.988920][T13429] ? __pfx_lock_release+0x10/0x10 [ 564.988949][T13429] ? trace_lock_acquire+0x14e/0x1f0 [ 564.988978][T13429] ? lock_acquire+0x2f/0xb0 [ 564.989005][T13429] ? __fget_files+0x40/0x3a0 [ 564.989041][T13429] ? __fget_files+0x206/0x3a0 [ 564.989077][T13429] security_file_ioctl+0x9b/0x240 [ 564.989112][T13429] __x64_sys_ioctl+0xb7/0x200 [ 564.989142][T13429] do_syscall_64+0xcd/0x250 [ 564.989173][T13429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.989203][T13429] RIP: 0033:0x7f6a7578d0a9 [ 564.989222][T13429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 564.989243][T13429] RSP: 002b:00007f6a76636038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 564.989264][T13429] RAX: ffffffffffffffda RBX: 00007f6a759a5fa0 RCX: 00007f6a7578d0a9 [ 564.989280][T13429] RDX: 0000400000000040 RSI: 0000000000005412 RDI: 0000000000000006 [ 564.989294][T13429] RBP: 00007f6a76636090 R08: 0000000000000000 R09: 0000000000000000 [ 564.989308][T13429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 564.989321][T13429] R13: 0000000000000000 R14: 00007f6a759a5fa0 R15: 00007ffdce226638 [ 564.989352][T13429] [ 564.989362][T13429] ERROR: Out of memory at tomoyo_realpath_from_path. [ 565.583210][T13395] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 565.944086][T13435] netlink: zone id is out of range [ 565.979362][T13435] netlink: zone id is out of range [ 565.984539][T13435] netlink: zone id is out of range [ 566.048793][T13435] netlink: zone id is out of range [ 566.053976][T13435] netlink: zone id is out of range [ 566.082830][T13435] netlink: zone id is out of range [ 566.115942][T13435] netlink: zone id is out of range [ 566.121120][T13435] netlink: zone id is out of range [ 566.152284][T13435] netlink: zone id is out of range [ 566.158642][T13435] netlink: zone id is out of range [ 567.584664][T13458] FAULT_INJECTION: forcing a failure. [ 567.584664][T13458] name failslab, interval 1, probability 0, space 0, times 0 [ 567.632382][T13458] CPU: 0 UID: 0 PID: 13458 Comm: syz.2.1975 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 567.632410][T13458] Tainted: [U]=USER [ 567.632415][T13458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 567.632423][T13458] Call Trace: [ 567.632427][T13458] [ 567.632433][T13458] dump_stack_lvl+0x16c/0x1f0 [ 567.632455][T13458] should_fail_ex+0x50a/0x650 [ 567.632477][T13458] ? fs_reclaim_acquire+0xae/0x150 [ 567.632497][T13458] ? tomoyo_encode2+0x100/0x3e0 [ 567.632514][T13458] should_failslab+0xc2/0x120 [ 567.632527][T13458] __kmalloc_noprof+0xcb/0x510 [ 567.632547][T13458] ? d_absolute_path+0x137/0x1b0 [ 567.632561][T13458] ? rcu_is_watching+0x12/0xc0 [ 567.632578][T13458] tomoyo_encode2+0x100/0x3e0 [ 567.632598][T13458] tomoyo_encode+0x29/0x50 [ 567.632615][T13458] tomoyo_realpath_from_path+0x19d/0x720 [ 567.632638][T13458] tomoyo_path_number_perm+0x248/0x590 [ 567.632653][T13458] ? tomoyo_path_number_perm+0x235/0x590 [ 567.632669][T13458] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 567.632701][T13458] ? __pfx_lock_release+0x10/0x10 [ 567.632719][T13458] ? trace_lock_acquire+0x14e/0x1f0 [ 567.632737][T13458] ? lock_acquire+0x2f/0xb0 [ 567.632753][T13458] ? __fget_files+0x40/0x3a0 [ 567.632775][T13458] ? __fget_files+0x206/0x3a0 [ 567.632796][T13458] security_file_ioctl+0x9b/0x240 [ 567.632814][T13458] __x64_sys_ioctl+0xb7/0x200 [ 567.632831][T13458] do_syscall_64+0xcd/0x250 [ 567.632850][T13458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.632877][T13458] RIP: 0033:0x7f7512b8d0a9 [ 567.632888][T13458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.632902][T13458] RSP: 002b:00007f7513ab0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 567.632916][T13458] RAX: ffffffffffffffda RBX: 00007f7512da5fa0 RCX: 00007f7512b8d0a9 [ 567.632924][T13458] RDX: ffffffffffffffff RSI: 0000000000005459 RDI: 0000000000000003 [ 567.632933][T13458] RBP: 00007f7513ab0090 R08: 0000000000000000 R09: 0000000000000000 [ 567.632941][T13458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 567.632948][T13458] R13: 0000000000000000 R14: 00007f7512da5fa0 R15: 00007ffe641d34f8 [ 567.632965][T13458] [ 567.632977][T13458] ERROR: Out of memory at tomoyo_realpath_from_path. [ 568.636722][T13462] kexec: Could not allocate control_code_buffer [ 570.062075][T13482] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1979'. [ 571.584395][T13526] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[13526] [ 572.603509][T13533] kexec: Could not allocate control_code_buffer [ 573.164604][T13542] FAULT_INJECTION: forcing a failure. [ 573.164604][T13542] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 573.350929][T13542] CPU: 1 UID: 0 PID: 13542 Comm: syz.1.1994 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 573.350965][T13542] Tainted: [U]=USER [ 573.350972][T13542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 573.350984][T13542] Call Trace: [ 573.350991][T13542] [ 573.350999][T13542] dump_stack_lvl+0x16c/0x1f0 [ 573.351033][T13542] should_fail_ex+0x50a/0x650 [ 573.351063][T13542] ? __pfx___might_resched+0x10/0x10 [ 573.351099][T13542] should_fail_alloc_page+0xe7/0x130 [ 573.351121][T13542] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 573.351156][T13542] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 573.351191][T13542] ? __pfx___lock_acquire+0x10/0x10 [ 573.351221][T13542] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 573.351261][T13542] ? lock_acquire.part.0+0x11b/0x380 [ 573.351290][T13542] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 573.351323][T13542] ? find_next_iomem_res+0x1c6/0x4f0 [ 573.351355][T13542] ? __pfx_lock_release+0x10/0x10 [ 573.351388][T13542] ? lock_acquire+0x2f/0xb0 [ 573.351416][T13542] ? find_next_iomem_res+0x54/0x4f0 [ 573.351440][T13542] ? do_raw_read_unlock+0x44/0xe0 [ 573.351463][T13542] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 573.351499][T13542] ? policy_nodemask+0xea/0x4e0 [ 573.351536][T13542] alloc_pages_mpol+0x1fc/0x540 [ 573.351560][T13542] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 573.351595][T13542] ? __pti_set_user_pgtbl+0xf2/0x1a0 [ 573.351623][T13542] ? __pfx___pti_set_user_pgtbl+0x10/0x10 [ 573.351654][T13542] alloc_pages_noprof+0x131/0x390 [ 573.351677][T13542] get_zeroed_page_noprof+0x14/0x50 [ 573.351701][T13542] machine_kexec_prepare+0x9ff/0xf70 [ 573.351732][T13542] ? __pfx_machine_kexec_prepare+0x10/0x10 [ 573.351763][T13542] ? __pfx_alloc_pgt_page+0x10/0x10 [ 573.351823][T13542] do_kexec_load+0x65b/0x8c0 [ 573.351863][T13542] ? __pfx_do_kexec_load+0x10/0x10 [ 573.351888][T13542] ? _copy_from_user+0x59/0xd0 [ 573.351916][T13542] __x64_sys_kexec_load+0x1bf/0x230 [ 573.351941][T13542] do_syscall_64+0xcd/0x250 [ 573.351972][T13542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.352004][T13542] RIP: 0033:0x7feda4d8d0a9 [ 573.352022][T13542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.352044][T13542] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 573.352066][T13542] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 573.352081][T13542] RDX: 0000400000000080 RSI: 0000000000000002 RDI: 00000000000000ff [ 573.352095][T13542] RBP: 00007feda2bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 573.352109][T13542] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000002 [ 573.352123][T13542] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 573.352152][T13542] [ 574.088090][T13546] net_ratelimit: 12 callbacks suppressed [ 574.088113][T13546] netlink: zone id is out of range [ 574.135919][T13546] netlink: zone id is out of range [ 574.175968][T13546] netlink: zone id is out of range [ 574.181161][T13546] netlink: zone id is out of range [ 574.282597][T13546] netlink: zone id is out of range [ 574.324930][T13546] netlink: zone id is out of range [ 574.336093][T13546] netlink: zone id is out of range [ 574.341516][T13546] netlink: zone id is out of range [ 574.358805][T13546] netlink: zone id is out of range [ 574.368394][T13546] netlink: zone id is out of range [ 576.395895][T13576] kexec: Could not allocate control_code_buffer [ 576.697653][T13607] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2010'. [ 577.296267][T13607] sd 0:0:1:0: PR command failed: 1026 [ 577.301743][T13607] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 577.325895][T13607] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 577.433677][T13613] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2012'. [ 577.614577][T13626] FAULT_INJECTION: forcing a failure. [ 577.614577][T13626] name failslab, interval 1, probability 0, space 0, times 0 [ 577.671476][T13626] CPU: 1 UID: 0 PID: 13626 Comm: syz.1.2015 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 577.671520][T13626] Tainted: [U]=USER [ 577.671528][T13626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 577.671542][T13626] Call Trace: [ 577.671549][T13626] [ 577.671560][T13626] dump_stack_lvl+0x16c/0x1f0 [ 577.671596][T13626] should_fail_ex+0x50a/0x650 [ 577.671633][T13626] ? fs_reclaim_acquire+0xae/0x150 [ 577.671668][T13626] should_failslab+0xc2/0x120 [ 577.671691][T13626] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 577.671726][T13626] ? __xlate_proc_name+0x173/0x210 [ 577.671761][T13626] ? __proc_create+0x2c0/0x8b0 [ 577.671799][T13626] __proc_create+0x2c0/0x8b0 [ 577.671835][T13626] ? __pfx___proc_create+0x10/0x10 [ 577.671871][T13626] ? find_held_lock+0x2d/0x110 [ 577.671903][T13626] proc_mkdir+0x82/0x170 [ 577.671925][T13626] ? __pfx_proc_mkdir+0x10/0x10 [ 577.671955][T13626] cache_register_net+0x18f/0x5e0 [ 577.671982][T13626] unix_gid_cache_create+0x8b/0x130 [ 577.672017][T13626] ? __pfx_sunrpc_init_net+0x10/0x10 [ 577.672047][T13626] sunrpc_init_net+0x71/0x190 [ 577.672078][T13626] ops_init+0x1df/0x5f0 [ 577.672115][T13626] setup_net+0x21f/0x860 [ 577.672157][T13626] ? __pfx_setup_net+0x10/0x10 [ 577.672190][T13626] ? down_read_killable+0xcc/0x380 [ 577.672225][T13626] ? __pfx_down_read_killable+0x10/0x10 [ 577.672257][T13626] ? __raw_spin_lock_init+0x3a/0x110 [ 577.672296][T13626] ? debug_mutex_init+0x37/0x70 [ 577.672324][T13626] copy_net_ns+0x2a6/0x5f0 [ 577.672350][T13626] create_new_namespaces+0x3ea/0xad0 [ 577.672394][T13626] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 577.672433][T13626] ksys_unshare+0x45d/0xa40 [ 577.672458][T13626] ? __pfx_ksys_unshare+0x10/0x10 [ 577.672480][T13626] ? xfd_validate_state+0x5d/0x180 [ 577.672528][T13626] __x64_sys_unshare+0x31/0x40 [ 577.672551][T13626] do_syscall_64+0xcd/0x250 [ 577.672582][T13626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.672615][T13626] RIP: 0033:0x7feda4d8d0a9 [ 577.672634][T13626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.672657][T13626] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 577.672680][T13626] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 577.672696][T13626] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 577.672711][T13626] RBP: 00007feda4e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 577.672726][T13626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 577.672741][T13626] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 577.672773][T13626] [ 578.564388][T13643] FAULT_INJECTION: forcing a failure. [ 578.564388][T13643] name failslab, interval 1, probability 0, space 0, times 0 [ 578.618594][T13643] CPU: 0 UID: 0 PID: 13643 Comm: syz.1.2020 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 578.618633][T13643] Tainted: [U]=USER [ 578.618640][T13643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 578.618653][T13643] Call Trace: [ 578.618660][T13643] [ 578.618669][T13643] dump_stack_lvl+0x16c/0x1f0 [ 578.618703][T13643] should_fail_ex+0x50a/0x650 [ 578.618736][T13643] ? fs_reclaim_acquire+0xae/0x150 [ 578.618777][T13643] should_failslab+0xc2/0x120 [ 578.618800][T13643] __kmalloc_node_noprof+0xd1/0x510 [ 578.618834][T13643] ? __pfx_aa_file_perm+0x10/0x10 [ 578.618862][T13643] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 578.618897][T13643] __kvmalloc_node_noprof+0xad/0x1a0 [ 578.618928][T13643] seq_read_iter+0x82a/0x12b0 [ 578.618959][T13643] ? __mutex_trylock_common+0xea/0x250 [ 578.618999][T13643] kernfs_fop_read_iter+0x414/0x580 [ 578.619023][T13643] ? rw_verify_area+0xcf/0x680 [ 578.619052][T13643] vfs_read+0x886/0xbf0 [ 578.619087][T13643] ? __pfx_vfs_read+0x10/0x10 [ 578.619135][T13643] ksys_read+0x12b/0x250 [ 578.619164][T13643] ? __pfx_ksys_read+0x10/0x10 [ 578.619202][T13643] do_syscall_64+0xcd/0x250 [ 578.619233][T13643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.619262][T13643] RIP: 0033:0x7feda4d8d0a9 [ 578.619281][T13643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.619303][T13643] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 578.619324][T13643] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 578.619339][T13643] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 578.619352][T13643] RBP: 00007feda2bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 578.619365][T13643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 578.619378][T13643] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 578.619409][T13643] [ 580.578840][T13668] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2026'. [ 580.591596][T13664] Invalid ELF header magic: != ELF [ 580.630374][T13668] geneve1: entered allmulticast mode [ 581.680912][ T29] audit: type=1800 audit(4294967460.010:25): pid=13678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2029" name="dbroot" dev="configfs" ino=46298 res=0 errno=0 [ 581.735784][ T29] audit: type=1804 audit(4294967460.020:26): pid=13678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2029" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=46298 res=1 errno=0 [ 582.093700][T13689] net_ratelimit: 34 callbacks suppressed [ 582.093721][T13689] netlink: zone id is out of range [ 582.104997][T13689] netlink: zone id is out of range [ 582.110419][T13689] netlink: zone id is out of range [ 582.115808][T13689] netlink: del zone limit has 8 unknown bytes [ 582.172167][T13688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2033'. [ 582.450592][T13694] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2034'. [ 582.912572][T13692] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2035'. [ 582.969450][T13692] veth1_macvtap: entered allmulticast mode [ 584.283654][T13711] kexec: Could not allocate control_code_buffer [ 585.646163][T13748] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2048'. [ 587.528201][T13777] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2057'. [ 587.667759][T13783] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2058'. [ 587.680657][T13774] kexec: Could not allocate control_code_buffer [ 587.808580][T13784] sd 0:0:1:0: PR command failed: 1026 [ 587.814055][T13784] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 587.840753][T13784] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 592.455902][T13859] could not allocate digest TFM handle [ 594.317108][T13886] netlink: zone id is out of range [ 594.322297][T13886] netlink: zone id is out of range [ 594.475984][T13886] netlink: zone id is out of range [ 594.481163][T13886] netlink: del zone limit has 8 unknown bytes [ 594.954693][T13878] kexec: Could not allocate control_code_buffer [ 595.633674][T13898] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 597.290933][T13913] can: request_module (can-proto-5) failed. [ 598.368876][T13950] netlink: zone id is out of range [ 598.445797][T13950] netlink: zone id is out of range [ 598.450970][T13950] netlink: zone id is out of range [ 598.535867][T13950] netlink: del zone limit has 8 unknown bytes [ 598.741422][T13952] netlink: zone id is out of range [ 598.761726][T13952] netlink: zone id is out of range [ 598.891353][T13942] kexec: Could not allocate control_code_buffer [ 599.312610][T13959] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2104'. [ 600.064996][T13963] FAULT_INJECTION: forcing a failure. [ 600.064996][T13963] name failslab, interval 1, probability 0, space 0, times 0 [ 600.177052][T13963] CPU: 1 UID: 0 PID: 13963 Comm: syz.3.2105 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 600.177094][T13963] Tainted: [U]=USER [ 600.177102][T13963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 600.177116][T13963] Call Trace: [ 600.177123][T13963] [ 600.177133][T13963] dump_stack_lvl+0x16c/0x1f0 [ 600.177169][T13963] should_fail_ex+0x50a/0x650 [ 600.177206][T13963] ? fs_reclaim_acquire+0xae/0x150 [ 600.177238][T13963] should_failslab+0xc2/0x120 [ 600.177260][T13963] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 600.177292][T13963] ? lockdep_init_map_type+0x16d/0x7d0 [ 600.177326][T13963] ? security_inode_alloc+0x3b/0x2b0 [ 600.177356][T13963] security_inode_alloc+0x3b/0x2b0 [ 600.177383][T13963] inode_init_always_gfp+0xce4/0x1030 [ 600.177422][T13963] alloc_inode+0x82/0x230 [ 600.177446][T13963] new_inode+0x22/0x210 [ 600.177472][T13963] simple_fill_super+0x306/0x720 [ 600.177505][T13963] ? __pfx_nfsd_fill_super+0x10/0x10 [ 600.177535][T13963] nfsd_fill_super+0x90/0x530 [ 600.177563][T13963] ? __pfx_set_anon_super_fc+0x10/0x10 [ 600.177592][T13963] ? __pfx_nfsd_fill_super+0x10/0x10 [ 600.177622][T13963] get_tree_keyed+0x10b/0x1d0 [ 600.177656][T13963] vfs_get_tree+0x8b/0x340 [ 600.177684][T13963] path_mount+0x14e6/0x1f10 [ 600.177721][T13963] ? kmem_cache_free+0x2e2/0x4d0 [ 600.177754][T13963] ? __pfx_path_mount+0x10/0x10 [ 600.177806][T13963] ? putname+0x13c/0x180 [ 600.177835][T13963] __x64_sys_mount+0x28f/0x310 [ 600.177874][T13963] ? __pfx___x64_sys_mount+0x10/0x10 [ 600.177926][T13963] do_syscall_64+0xcd/0x250 [ 600.177961][T13963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.177994][T13963] RIP: 0033:0x7f6a7578d0a9 [ 600.178015][T13963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 600.178039][T13963] RSP: 002b:00007f6a76636038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 600.178062][T13963] RAX: ffffffffffffffda RBX: 00007f6a759a5fa0 RCX: 00007f6a7578d0a9 [ 600.178082][T13963] RDX: 0000400000000140 RSI: 00004000000000c0 RDI: 0000000000000000 [ 600.178098][T13963] RBP: 00007f6a7580e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 600.178112][T13963] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000000000 [ 600.178127][T13963] R13: 0000000000000000 R14: 00007f6a759a5fa0 R15: 00007ffdce226638 [ 600.178159][T13963] [ 600.456220][T13974] net_ratelimit: 8 callbacks suppressed [ 600.456240][T13974] netlink: zone id is out of range [ 600.467196][T13974] netlink: zone id is out of range [ 600.472336][T13974] netlink: zone id is out of range [ 600.477576][T13974] netlink: zone id is out of range [ 600.482717][T13974] netlink: zone id is out of range [ 600.487922][T13974] netlink: zone id is out of range [ 600.493056][T13974] netlink: zone id is out of range [ 600.498244][T13974] netlink: zone id is out of range [ 600.503376][T13974] netlink: zone id is out of range [ 600.516063][T13974] netlink: zone id is out of range [ 601.261410][T13988] Invalid ELF header magic: != ELF [ 602.374405][T14006] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2115'. [ 604.180202][T14025] FAULT_INJECTION: forcing a failure. [ 604.180202][T14025] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 604.183669][T14023] FAULT_INJECTION: forcing a failure. [ 604.183669][T14023] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 604.218638][T14023] CPU: 1 UID: 0 PID: 14023 Comm: syz.1.2120 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 604.218682][T14023] Tainted: [U]=USER [ 604.218691][T14023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 604.218706][T14023] Call Trace: [ 604.218714][T14023] [ 604.218723][T14023] dump_stack_lvl+0x16c/0x1f0 [ 604.218760][T14023] should_fail_ex+0x50a/0x650 [ 604.218804][T14023] _copy_from_user+0x2e/0xd0 [ 604.218832][T14023] copy_msghdr_from_user+0x99/0x160 [ 604.218867][T14023] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 604.218918][T14023] ___sys_sendmsg+0xff/0x1e0 [ 604.218953][T14023] ? __pfx____sys_sendmsg+0x10/0x10 [ 604.218999][T14023] ? __pfx_lock_release+0x10/0x10 [ 604.219032][T14023] ? trace_lock_acquire+0x14e/0x1f0 [ 604.219070][T14023] ? __fget_files+0x206/0x3a0 [ 604.219112][T14023] __sys_sendmsg+0x16e/0x220 [ 604.219146][T14023] ? __pfx___sys_sendmsg+0x10/0x10 [ 604.219178][T14023] ? __x64_sys_futex+0x1e1/0x4c0 [ 604.219226][T14023] do_syscall_64+0xcd/0x250 [ 604.219258][T14023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.219290][T14023] RIP: 0033:0x7feda4d8d0a9 [ 604.219310][T14023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.219334][T14023] RSP: 002b:00007feda2bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 604.219358][T14023] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 604.219374][T14023] RDX: 0000000000040000 RSI: 0000400000000240 RDI: 0000000000000007 [ 604.219390][T14023] RBP: 00007feda4e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 604.219405][T14023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.219419][T14023] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 604.219451][T14023] [ 604.235799][T14025] CPU: 0 UID: 0 PID: 14025 Comm: syz.2.2121 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 604.235837][T14025] Tainted: [U]=USER [ 604.235844][T14025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 604.235857][T14025] Call Trace: [ 604.235864][T14025] [ 604.235873][T14025] dump_stack_lvl+0x16c/0x1f0 [ 604.235906][T14025] should_fail_ex+0x50a/0x650 [ 604.235939][T14025] ? __pfx___might_resched+0x10/0x10 [ 604.235980][T14025] should_fail_alloc_page+0xe7/0x130 [ 604.236004][T14025] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 604.236040][T14025] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 604.236076][T14025] ? __pfx_mark_lock+0x10/0x10 [ 604.236112][T14025] ? __pfx___lock_acquire+0x10/0x10 [ 604.236143][T14025] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 604.236178][T14025] ? hlock_class+0x4e/0x130 [ 604.236218][T14025] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 604.236255][T14025] ? policy_nodemask+0xea/0x4e0 [ 604.236292][T14025] alloc_pages_mpol+0x1fc/0x540 [ 604.236315][T14025] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 604.236349][T14025] ? find_held_lock+0x2d/0x110 [ 604.236386][T14025] alloc_pages_noprof+0x131/0x390 [ 604.236409][T14025] __pmd_alloc+0x3f/0x870 [ 604.236441][T14025] __handle_mm_fault+0x9fb/0x2c60 [ 604.236481][T14025] ? __pfx___handle_mm_fault+0x10/0x10 [ 604.236511][T14025] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 604.236559][T14025] ? find_vma+0xc0/0x140 [ 604.236584][T14025] ? __pfx_find_vma+0x10/0x10 [ 604.236614][T14025] handle_mm_fault+0x3fa/0xaa0 [ 604.236651][T14025] do_user_addr_fault+0x7a3/0x13f0 [ 604.236689][T14025] exc_page_fault+0x5c/0xc0 [ 604.236715][T14025] asm_exc_page_fault+0x26/0x30 [ 604.236744][T14025] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 604.236778][T14025] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 604.236799][T14025] RSP: 0018:ffffc9000415fc68 EFLAGS: 00050246 [ 604.236818][T14025] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 604.236831][T14025] RDX: fffff5200082bfa8 RSI: 0000000000000000 RDI: ffffc9000415fd38 [ 604.236846][T14025] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff5200082bfa7 [ 604.236860][T14025] R10: ffffc9000415fd3f R11: 0000000000000000 R12: 0000000000000000 [ 604.236874][T14025] R13: ffffc9000415fd38 R14: ffff888066ae6c40 R15: 0000000000000000 [ 604.236904][T14025] _copy_from_user+0x98/0xd0 [ 604.236930][T14025] kvm_arch_dev_ioctl+0x3df/0x730 [ 604.236954][T14025] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 604.236976][T14025] ? do_vfs_ioctl+0x513/0x1990 [ 604.237003][T14025] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 604.237038][T14025] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 604.237073][T14025] kvm_dev_ioctl+0x781/0x1a90 [ 604.237109][T14025] ? __pfx_lock_release+0x10/0x10 [ 604.237138][T14025] ? trace_lock_acquire+0x14e/0x1f0 [ 604.237167][T14025] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 604.237204][T14025] ? __fget_files+0x206/0x3a0 [ 604.237238][T14025] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 604.237274][T14025] __x64_sys_ioctl+0x190/0x200 [ 604.237303][T14025] do_syscall_64+0xcd/0x250 [ 604.237333][T14025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.237368][T14025] RIP: 0033:0x7f7512b8d0a9 [ 604.237385][T14025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.237405][T14025] RSP: 002b:00007f7513ab0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 604.237425][T14025] RAX: ffffffffffffffda RBX: 00007f7512da5fa0 RCX: 00007f7512b8d0a9 [ 604.237440][T14025] RDX: 0000000000000000 RSI: 00000000c008ae09 RDI: 0000000000000003 [ 604.237453][T14025] RBP: 00007f7513ab0090 R08: 0000000000000000 R09: 0000000000000000 [ 604.237466][T14025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 604.237479][T14025] R13: 0000000000000000 R14: 00007f7512da5fa0 R15: 00007ffe641d34f8 [ 604.237508][T14025] [ 604.794593][ C1] vkms_vblank_simulate: vblank timer overrun [ 606.213502][T14037] kexec: Could not allocate control_code_buffer [ 606.464252][T14060] netlink: zone id is out of range [ 606.496290][T14060] netlink: zone id is out of range [ 606.501507][T14060] netlink: zone id is out of range [ 606.586561][T14060] netlink: zone id is out of range [ 606.596911][T14060] netlink: zone id is out of range [ 606.602110][T14060] netlink: zone id is out of range [ 606.715816][T14060] netlink: del zone limit has 4 unknown bytes [ 607.075913][T14070] netlink: zone id is out of range [ 607.148417][T14070] netlink: zone id is out of range [ 607.245830][T14070] netlink: zone id is out of range [ 607.617814][T14061] kexec: Could not allocate control_code_buffer [ 609.483614][T14100] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2139'. [ 609.941772][T14105] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 610.173732][T14110] FAULT_INJECTION: forcing a failure. [ 610.173732][T14110] name failslab, interval 1, probability 0, space 0, times 0 [ 610.215962][T14110] CPU: 1 UID: 0 PID: 14110 Comm: syz.1.2141 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 610.216005][T14110] Tainted: [U]=USER [ 610.216013][T14110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 610.216028][T14110] Call Trace: [ 610.216035][T14110] [ 610.216054][T14110] dump_stack_lvl+0x16c/0x1f0 [ 610.216093][T14110] should_fail_ex+0x50a/0x650 [ 610.216130][T14110] ? fs_reclaim_acquire+0xae/0x150 [ 610.216165][T14110] should_failslab+0xc2/0x120 [ 610.216190][T14110] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 610.216224][T14110] ? down_write+0x14e/0x200 [ 610.216256][T14110] ? vm_area_dup+0x21/0x2f0 [ 610.216297][T14110] vm_area_dup+0x21/0x2f0 [ 610.216332][T14110] copy_process+0x776f/0x8c50 [ 610.216384][T14110] ? __pfx_copy_process+0x10/0x10 [ 610.216405][T14110] ? __pfx___futex_wait+0x10/0x10 [ 610.216461][T14110] ? fd_install+0x223/0x750 [ 610.216502][T14110] kernel_clone+0xfd/0x960 [ 610.216529][T14110] ? __pfx_kernel_clone+0x10/0x10 [ 610.216574][T14110] __do_sys_clone+0xcf/0x120 [ 610.216598][T14110] ? __pfx___do_sys_clone+0x10/0x10 [ 610.216623][T14110] ? __pfx___might_resched+0x10/0x10 [ 610.216674][T14110] ? rcu_is_watching+0x12/0xc0 [ 610.216712][T14110] do_syscall_64+0xcd/0x250 [ 610.216745][T14110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 610.216778][T14110] RIP: 0033:0x7feda4d8d0a9 [ 610.216797][T14110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 610.216822][T14110] RSP: 002b:00007feda2bf5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 610.216847][T14110] RAX: ffffffffffffffda RBX: 00007feda4fa5fa0 RCX: 00007feda4d8d0a9 [ 610.216864][T14110] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000f400 [ 610.216879][T14110] RBP: 00007feda4e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 610.216894][T14110] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 610.216906][T14110] R13: 0000000000000000 R14: 00007feda4fa5fa0 R15: 00007ffd5def5568 [ 610.216941][T14110] [ 611.914763][ T29] audit: type=1800 audit(4294967490.240:27): pid=14128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2146" name="discovery_nqn" dev="configfs" ino=47545 res=0 errno=0 [ 613.037649][T14119] kexec: Could not allocate control_code_buffer [ 615.605220][T14137] kexec: Could not allocate control_code_buffer [ 616.688576][T14172] net_ratelimit: 11 callbacks suppressed [ 616.688600][T14172] netlink: zone id is out of range [ 616.791165][T14172] netlink: zone id is out of range [ 616.925761][T14172] netlink: zone id is out of range [ 617.076541][T14163] kexec: Could not allocate control_code_buffer [ 617.156109][T14172] netlink: zone id is out of range [ 617.161280][T14172] netlink: zone id is out of range [ 617.385743][T14172] netlink: zone id is out of range [ 617.390916][T14172] netlink: zone id is out of range [ 617.565825][T14172] netlink: zone id is out of range [ 617.655824][T14172] netlink: zone id is out of range [ 617.660999][T14172] netlink: zone id is out of range [ 619.261746][T14203] kexec: Could not allocate control_code_buffer [ 619.666723][T14219] Invalid ELF header magic: != ELF [ 620.035927][T14219] netlink: 'syz.1.2165': attribute type 1 has an invalid length. [ 620.075872][T14219] netlink: 'syz.1.2165': attribute type 1 has an invalid length. [ 620.083725][T14219] netlink: 33 bytes leftover after parsing attributes in process `syz.1.2165'. [ 622.311110][T14241] sg_write: data in/out 16027157/1 bytes for SCSI command 0x7b-- guessing data in; [ 622.311110][T14241] program syz.2.2169 not setting count and/or reply_len properly [ 623.123331][T14272] netlink: 'syz.2.2177': attribute type 2 has an invalid length. [ 624.199191][T14274] kexec: Could not allocate control_code_buffer [ 624.317307][T14275] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2186'. [ 624.816283][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.822669][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.100797][T14297] net_ratelimit: 10 callbacks suppressed [ 625.100819][T14297] netlink: zone id is out of range [ 625.111230][T14295] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2181'. [ 625.126771][T14297] netlink: zone id is out of range [ 625.132077][T14297] netlink: zone id is out of range [ 625.221306][T14297] netlink: zone id is out of range [ 625.245780][T14297] netlink: zone id is out of range [ 625.250939][T14297] netlink: zone id is out of range [ 625.295877][T14297] netlink: zone id is out of range [ 625.305846][T14297] netlink: zone id is out of range [ 625.310999][T14297] netlink: zone id is out of range [ 625.369942][T14297] netlink: zone id is out of range [ 625.609592][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 625.645898][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 625.655966][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 625.664746][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 625.676235][ T5835] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 625.683557][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 626.114397][T14308] chnl_net:caif_netlink_parms(): no params data found [ 626.477533][T14308] bridge0: port 1(bridge_slave_0) entered blocking state [ 626.484744][T14308] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.501189][T14308] bridge_slave_0: entered allmulticast mode [ 626.526894][T14308] bridge_slave_0: entered promiscuous mode [ 626.540896][T14308] bridge0: port 2(bridge_slave_1) entered blocking state [ 626.558772][T14308] bridge0: port 2(bridge_slave_1) entered disabled state [ 626.574654][T14308] bridge_slave_1: entered allmulticast mode [ 626.587138][T14308] bridge_slave_1: entered promiscuous mode [ 626.665130][T14308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 626.704442][T14308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 626.841810][T14308] team0: Port device team_slave_0 added [ 626.949549][T14308] team0: Port device team_slave_1 added [ 627.059213][ T8364] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.541450][ T8364] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.672565][T14308] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 627.736598][T14308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 627.775363][ T5835] Bluetooth: hci4: command tx timeout [ 627.876737][T14323] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2187'. [ 627.886206][T14308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 627.977780][ T8364] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 628.061817][T14308] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 628.078347][T14308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 628.123234][T14308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 628.188447][ T8364] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 628.236782][T14331] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2189'. [ 628.422654][T14332] zswap: compressor not available [ 628.654557][T14308] hsr_slave_0: entered promiscuous mode [ 628.683927][T14308] hsr_slave_1: entered promiscuous mode [ 628.726025][ T8364] bridge_slave_1: left allmulticast mode [ 628.732067][ T8364] bridge_slave_1: left promiscuous mode [ 628.764775][ T8364] bridge0: port 2(bridge_slave_1) entered disabled state [ 628.832004][ T8364] bridge_slave_0: left allmulticast mode [ 628.871751][ T8364] bridge_slave_0: left promiscuous mode [ 628.902212][ T8364] bridge0: port 1(bridge_slave_0) entered disabled state [ 629.825821][ T5835] Bluetooth: hci4: command tx timeout [ 630.966320][ T8364] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 631.004079][ T8364] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 631.025176][ T8364] bond0 (unregistering): Released all slaves [ 631.250442][ T8364] HfR: left promiscuous mode [ 631.916281][ T5835] Bluetooth: hci4: command tx timeout [ 632.100742][T14308] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 632.178722][T14308] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 632.240758][T14308] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 632.281616][T14308] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 632.754987][T14308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 632.888752][T14308] 8021q: adding VLAN 0 to HW filter on device team0 [ 632.939444][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 632.946680][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 632.967305][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 632.974513][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 633.773187][T14382] Invalid ELF header magic: != ELF [ 633.986116][ T5835] Bluetooth: hci4: command tx timeout [ 634.260597][T14308] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 634.282660][T14308] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 634.618243][T14430] net_ratelimit: 8 callbacks suppressed [ 634.618265][T14430] netlink: zone id is out of range [ 634.663963][T14430] netlink: zone id is out of range [ 634.677659][T14430] netlink: zone id is out of range [ 634.682865][T14430] netlink: zone id is out of range [ 634.728104][T14430] netlink: zone id is out of range [ 634.733305][T14430] netlink: zone id is out of range [ 634.750289][T14308] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 634.796034][T14430] netlink: zone id is out of range [ 634.823856][T14430] netlink: zone id is out of range [ 635.880619][T14308] veth0_vlan: entered promiscuous mode [ 636.238883][ T8364] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 636.281073][ T8364] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 636.328281][ T8364] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 636.351192][ T8364] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 636.489649][ T8364] veth1_macvtap: left promiscuous mode [ 636.515986][ T8364] veth0_macvtap: left promiscuous mode [ 636.530497][ T8364] veth1_vlan: left promiscuous mode [ 636.538976][ T8364] veth0_vlan: left promiscuous mode [ 637.501947][T14478] Falling back ldisc for ptm0. [ 637.816898][ T8364] team0 (unregistering): Port device team_slave_1 removed [ 637.957361][ T8364] team0 (unregistering): Port device team_slave_0 removed [ 638.093044][T14490] Invalid ELF header magic: != ELF [ 639.607971][T14308] veth1_vlan: entered promiscuous mode [ 639.698932][T14308] veth0_macvtap: entered promiscuous mode [ 639.728812][T14308] veth1_macvtap: entered promiscuous mode [ 639.756909][T14308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 639.768989][T14308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 639.785011][T14308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 639.809518][T14308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 639.829757][T14308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 639.860854][T14308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 639.904400][T14308] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 639.935314][T14308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 639.950200][T14308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 639.962045][T14308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 639.973029][T14308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 639.995795][T14308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 640.006845][T14308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 640.040489][T14308] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 640.055097][T14308] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 640.071135][T14308] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 640.105930][T14308] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 640.125169][T14308] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 640.171162][T14520] FAULT_INJECTION: forcing a failure. [ 640.171162][T14520] name failslab, interval 1, probability 0, space 0, times 0 [ 640.194287][T14520] CPU: 0 UID: 0 PID: 14520 Comm: syz.2.2219 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 640.194326][T14520] Tainted: [U]=USER [ 640.194334][T14520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 640.194348][T14520] Call Trace: [ 640.194354][T14520] [ 640.194363][T14520] dump_stack_lvl+0x16c/0x1f0 [ 640.194399][T14520] should_fail_ex+0x50a/0x650 [ 640.194432][T14520] ? fs_reclaim_acquire+0xae/0x150 [ 640.194466][T14520] should_failslab+0xc2/0x120 [ 640.194490][T14520] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 640.194523][T14520] ? lockdep_init_map_type+0x16d/0x7d0 [ 640.194557][T14520] ? security_inode_alloc+0x3b/0x2b0 [ 640.194590][T14520] security_inode_alloc+0x3b/0x2b0 [ 640.194617][T14520] inode_init_always_gfp+0xce4/0x1030 [ 640.194657][T14520] alloc_inode+0x82/0x230 [ 640.194680][T14520] new_inode+0x22/0x210 [ 640.194706][T14520] simple_fill_super+0x306/0x720 [ 640.194744][T14520] ? __pfx_nfsd_fill_super+0x10/0x10 [ 640.194778][T14520] nfsd_fill_super+0x90/0x530 [ 640.194808][T14520] ? __pfx_set_anon_super_fc+0x10/0x10 [ 640.194839][T14520] ? __pfx_nfsd_fill_super+0x10/0x10 [ 640.194870][T14520] get_tree_keyed+0x10b/0x1d0 [ 640.194904][T14520] vfs_get_tree+0x8b/0x340 [ 640.194931][T14520] path_mount+0x14e6/0x1f10 [ 640.194969][T14520] ? kmem_cache_free+0x2e2/0x4d0 [ 640.195002][T14520] ? __pfx_path_mount+0x10/0x10 [ 640.195043][T14520] ? putname+0x13c/0x180 [ 640.195078][T14520] __x64_sys_mount+0x28f/0x310 [ 640.195117][T14520] ? __pfx___x64_sys_mount+0x10/0x10 [ 640.195161][T14520] do_syscall_64+0xcd/0x250 [ 640.195195][T14520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.195229][T14520] RIP: 0033:0x7f7512b8d0a9 [ 640.195249][T14520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 640.195270][T14520] RSP: 002b:00007f7513ab0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 640.195292][T14520] RAX: ffffffffffffffda RBX: 00007f7512da5fa0 RCX: 00007f7512b8d0a9 [ 640.195306][T14520] RDX: 0000400000000140 RSI: 00004000000000c0 RDI: 0000000000000000 [ 640.195320][T14520] RBP: 00007f7512c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 640.195334][T14520] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000000000 [ 640.195347][T14520] R13: 0000000000000000 R14: 00007f7512da5fa0 R15: 00007ffe641d34f8 [ 640.195380][T14520] [ 640.430637][ C0] vkms_vblank_simulate: vblank timer overrun [ 640.561992][T14522] Invalid ELF header magic: != ELF [ 640.731618][T14522] netlink: 'syz.0.2220': attribute type 1 has an invalid length. [ 640.786366][T14522] netlink: 'syz.0.2220': attribute type 1 has an invalid length. [ 640.794162][T14522] netlink: 33 bytes leftover after parsing attributes in process `syz.0.2220'. [ 640.957394][ T8611] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 640.965280][ T8611] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 641.067528][T11610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 641.090781][T11610] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 641.717735][ T8364] ref_tracker: net notrefcnt@ffff8880354001e0 has 1/2 users at [ 641.717735][ T8364] sk_alloc+0xa93/0xb90 [ 641.717735][ T8364] inet6_create+0x380/0x1320 [ 641.717735][ T8364] __sock_create+0x335/0x8d0 [ 641.717735][ T8364] udp_sock_create6+0xc8/0x6a0 [ 641.717735][ T8364] sctp_udp_sock_start+0x280/0x4b0 [ 641.717735][ T8364] proc_sctp_do_udp_port+0x380/0x450 [ 641.717735][ T8364] proc_sys_call_handler+0x3c6/0x5a0 [ 641.717735][ T8364] iter_file_splice_write+0x90f/0x10b0 [ 641.717735][ T8364] direct_splice_actor+0x18f/0x6c0 [ 641.717735][ T8364] splice_direct_to_actor+0x346/0xa40 [ 641.717735][ T8364] do_splice_direct+0x178/0x250 [ 641.717735][ T8364] do_sendfile+0xafb/0xe40 [ 641.717735][ T8364] __x64_sys_sendfile64+0x1da/0x220 [ 641.717735][ T8364] do_syscall_64+0xcd/0x250 [ 641.717735][ T8364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.717735][ T8364] [ 641.805563][ T8364] ref_tracker: net notrefcnt@ffff8880354001e0 has 1/2 users at [ 641.805563][ T8364] sk_alloc+0xa93/0xb90 [ 641.805563][ T8364] inet_create+0x3a1/0x10a0 [ 641.805563][ T8364] __sock_create+0x335/0x8d0 [ 641.805563][ T8364] udp_sock_create4+0xa7/0x450 [ 641.805563][ T8364] sctp_udp_sock_start+0x10b/0x4b0 [ 641.805563][ T8364] proc_sctp_do_udp_port+0x380/0x450 [ 641.805563][ T8364] proc_sys_call_handler+0x3c6/0x5a0 [ 641.805563][ T8364] iter_file_splice_write+0x90f/0x10b0 [ 641.805563][ T8364] direct_splice_actor+0x18f/0x6c0 [ 641.805563][ T8364] splice_direct_to_actor+0x346/0xa40 [ 641.805563][ T8364] do_splice_direct+0x178/0x250 [ 641.805563][ T8364] do_sendfile+0xafb/0xe40 [ 641.805563][ T8364] __x64_sys_sendfile64+0x1da/0x220 [ 641.805563][ T8364] do_syscall_64+0xcd/0x250 [ 641.805563][ T8364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.805563][ T8364] [ 642.206711][ T8364] ------------[ cut here ]------------ [ 642.213004][ T8364] WARNING: CPU: 1 PID: 8364 at lib/ref_tracker.c:179 ref_tracker_dir_exit+0x3e3/0x680 [ 642.223151][ T8364] Modules linked in: [ 642.227300][ T8364] CPU: 1 UID: 0 PID: 8364 Comm: kworker/u8:14 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 642.239837][ T8364] Tainted: [U]=USER [ 642.243666][ T8364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 642.253828][ T8364] Workqueue: netns cleanup_net [ 642.258739][ T8364] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 642.264771][ T8364] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 1b 14 c8 fc 48 8b 74 24 18 48 89 ef e8 2e db 65 06 90 <0f> 0b 90 e8 05 14 c8 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 c4 [ 642.284961][ T8364] RSP: 0018:ffffc90005127ab0 EFLAGS: 00010246 [ 642.291152][ T8364] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 642.299242][ T8364] RDX: 0000000000000001 RSI: ffffffff8b6ceca0 RDI: 0000000000000001 [ 642.307375][ T8364] RBP: ffff8880354001e0 R08: 0000000000000001 R09: fffffbfff2dd79ba [ 642.315938][ T8364] R10: ffffffff96ebcdd7 R11: 0000000000002ba2 R12: ffff888035400230 [ 642.323959][ T8364] R13: ffff888035400230 R14: ffff888035400230 R15: ffff888035400230 [ 642.332528][ T8364] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 642.341599][ T8364] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 642.348276][ T8364] CR2: 00007fff6db08ff8 CR3: 000000003141c000 CR4: 00000000003526f0 [ 642.356381][ T8364] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 642.364391][ T8364] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 642.372450][ T8364] Call Trace: [ 642.375817][ T8364] [ 642.378770][ T8364] ? __warn+0xea/0x3c0 [ 642.382872][ T8364] ? ref_tracker_dir_exit+0x3e3/0x680 [ 642.388349][ T8364] ? report_bug+0x3c0/0x580 [ 642.392902][ T8364] ? handle_bug+0x54/0xa0 [ 642.397355][ T8364] ? exc_invalid_op+0x17/0x50 [ 642.402078][ T8364] ? asm_exc_invalid_op+0x1a/0x20 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 642.407240][ T8364] ? ref_tracker_dir_exit+0x3e3/0x680 [ 642.412935][ T8364] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 642.418661][T14543] kexec: Could not allocate control_code_buffer [ 642.419050][ T8364] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 642.430859][ T8364] ? net_passive_dec+0x7d/0xd0 [ 642.435706][ T8364] net_passive_dec+0x89/0xd0 [ 642.440485][ T8364] cleanup_net+0x8ac/0xb30 [ 642.444946][ T8364] ? __pfx_cleanup_net+0x10/0x10 [ 642.450000][ T8364] ? lock_acquire+0x2f/0xb0 [ 642.454549][ T8364] ? process_one_work+0x921/0x1ba0 [ 642.459801][ T8364] process_one_work+0x9c5/0x1ba0 [ 642.464790][ T8364] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 642.470507][ T8364] ? __pfx_process_one_work+0x10/0x10 [ 642.475976][ T8364] ? assign_work+0x1a0/0x250 [ 642.480610][ T8364] worker_thread+0x6c8/0xf00 [ 642.485252][ T8364] ? __pfx_worker_thread+0x10/0x10 [ 642.490525][ T8364] kthread+0x3af/0x750 [ 642.494632][ T8364] ? __pfx_kthread+0x10/0x10 [ 642.499330][ T8364] ? lock_acquire+0x2f/0xb0 [ 642.503879][ T8364] ? __pfx_kthread+0x10/0x10 [ 642.508592][ T8364] ret_from_fork+0x45/0x80 [ 642.513046][ T8364] ? __pfx_kthread+0x10/0x10 [ 642.517971][ T8364] ret_from_fork_asm+0x1a/0x30 [ 642.523134][ T8364] [ 642.526268][ T8364] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 642.533572][ T8364] CPU: 1 UID: 0 PID: 8364 Comm: kworker/u8:14 Tainted: G U 6.14.0-rc3-syzkaller-00166-g334426094588 #0 [ 642.546018][ T8364] Tainted: [U]=USER [ 642.549823][ T8364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 642.559879][ T8364] Workqueue: netns cleanup_net [ 642.564652][ T8364] Call Trace: [ 642.567928][ T8364] [ 642.570859][ T8364] dump_stack_lvl+0x3d/0x1f0 [ 642.575458][ T8364] panic+0x71d/0x800 [ 642.579360][ T8364] ? __pfx_panic+0x10/0x10 [ 642.583781][ T8364] ? show_trace_log_lvl+0x29d/0x3d0 [ 642.588998][ T8364] ? check_panic_on_warn+0x1f/0xb0 [ 642.594124][ T8364] ? ref_tracker_dir_exit+0x3e3/0x680 [ 642.599508][ T8364] check_panic_on_warn+0xab/0xb0 [ 642.604451][ T8364] __warn+0xf6/0x3c0 [ 642.608349][ T8364] ? ref_tracker_dir_exit+0x3e3/0x680 [ 642.613735][ T8364] report_bug+0x3c0/0x580 [ 642.618074][ T8364] handle_bug+0x54/0xa0 [ 642.622240][ T8364] exc_invalid_op+0x17/0x50 [ 642.626754][ T8364] asm_exc_invalid_op+0x1a/0x20 [ 642.631611][ T8364] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 642.637608][ T8364] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 1b 14 c8 fc 48 8b 74 24 18 48 89 ef e8 2e db 65 06 90 <0f> 0b 90 e8 05 14 c8 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 c4 [ 642.657219][ T8364] RSP: 0018:ffffc90005127ab0 EFLAGS: 00010246 [ 642.663293][ T8364] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 642.671263][ T8364] RDX: 0000000000000001 RSI: ffffffff8b6ceca0 RDI: 0000000000000001 [ 642.679231][ T8364] RBP: ffff8880354001e0 R08: 0000000000000001 R09: fffffbfff2dd79ba [ 642.687201][ T8364] R10: ffffffff96ebcdd7 R11: 0000000000002ba2 R12: ffff888035400230 [ 642.695172][ T8364] R13: ffff888035400230 R14: ffff888035400230 R15: ffff888035400230 [ 642.703165][ T8364] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 642.708902][ T8364] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 642.714714][ T8364] ? net_passive_dec+0x7d/0xd0 [ 642.719484][ T8364] net_passive_dec+0x89/0xd0 [ 642.724079][ T8364] cleanup_net+0x8ac/0xb30 [ 642.728522][ T8364] ? __pfx_cleanup_net+0x10/0x10 [ 642.733492][ T8364] ? lock_acquire+0x2f/0xb0 [ 642.738021][ T8364] ? process_one_work+0x921/0x1ba0 [ 642.743151][ T8364] process_one_work+0x9c5/0x1ba0 [ 642.748108][ T8364] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 642.753751][ T8364] ? __pfx_process_one_work+0x10/0x10 [ 642.759140][ T8364] ? assign_work+0x1a0/0x250 [ 642.763740][ T8364] worker_thread+0x6c8/0xf00 [ 642.768350][ T8364] ? __pfx_worker_thread+0x10/0x10 [ 642.773467][ T8364] kthread+0x3af/0x750 [ 642.777547][ T8364] ? __pfx_kthread+0x10/0x10 [ 642.782141][ T8364] ? lock_acquire+0x2f/0xb0 [ 642.786659][ T8364] ? __pfx_kthread+0x10/0x10 [ 642.791257][ T8364] ret_from_fork+0x45/0x80 [ 642.795686][ T8364] ? __pfx_kthread+0x10/0x10 [ 642.800291][ T8364] ret_from_fork_asm+0x1a/0x30 [ 642.805072][ T8364] [ 642.808338][ T8364] Kernel Offset: disabled [ 642.812717][ T8364] Rebooting in 86400 seconds..