last executing test programs: 41.925020803s ago: executing program 2 (id=630): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC0\x00', 0x22400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000140)={0x6, 0x0, "5ad2ff510de25bcebc068ad85a941dbe", "9873845bc0762403dd40355756baea57", "a14ed22f2b25b4c863e0a11d19a118d13b3414060d0467e3e9c6a164e9ed7dc7", "f84a0503d812d122e576c9f4ff299ec62e3f759d0d33d2740989fbc176247ccc20c5b5d6e06a64f6b18eda3002c685fb3ff7c8010ec570b049256add5128790fe45b903240a377e7a3d62a30735b196b", "dfa2ca7e65ed2c0af3d7b209b1cd3908", "fa812632c6f2b1b76b814e8f4ed8094fdba3bd7a2da5f29805704ebe0163b6e11e73a1b3fc18b4f788bed4eba11f34ef1f4e414f25781b355bd9beac14003f9bd900fad5dfcc27718286ef7366ea085f", "04732285abe17c71271983453e0d654d912f410254a99beb4935e1a9eb32abf3a91f12cbf8b4182d05dabb5c8cc0fd61356c28f16d7abde89fd631b6a6765daca4c29983826d0c017cefc5b00f99f847da2b666956555cc7a3be4928438520c39327f0b4cfac791fef52488ca785944df043074320ea3d7c8a90f3d93fecbbd6"}) 41.315671884s ago: executing program 2 (id=631): write$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffffff, &(0x7f0000000200)="706f3a82", 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='t\b\x00@', @ANYBLOB="010026bd703b683e02250300000018000180140002"], 0x34}, 0x1, 0x0, 0x0, 0x4000840}, 0x0) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x100, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x2, 0x1, 0x106) r1 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x3892c2, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r2, 0x5509, 0x0) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r3, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYRES8=r3, @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x8, 0x15f4da0a, 0x1, 0x10000000003, 0x300000000000000, 0x1f7, 0x7, 0x0, 0x9, 0x5]}, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x80, 0x202000d, 0x2, 0x10, 0xffffffffffffffff, 0x8000) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x1f40) socket(0x1f, 0x4, 0xa) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x2, 0x2, 0x8000000000000000, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000001080)=""/4076, 0xfec) accept$auto(r5, &(0x7f00000000c0)=@ethernet={0x306, @remote}, &(0x7f0000000180)=0x7586) setsockopt$auto(0x3, 0x0, 0x24, 0x0, 0x28) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 40.658663123s ago: executing program 2 (id=633): ioctl$auto(0xffffffffffffffff, 0xc040563e, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x23, 0x2, 0x88) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(r0, 0x8, 0x0) r2 = socket(0xa, 0x3, 0x6) prctl$auto(0x35, 0x1, 0x4, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/msg_next_id\x00', 0xc0082, 0x0) r3 = socket(0x10, 0x2, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004890}, 0x801) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/etherd/interfaces\x00', 0x103001, 0x0) r4 = prctl$auto_PR_SET_MM_ARG_START(0x4, 0x8, 0xffffffffffffffff, 0x4, 0x4) writev$auto(r4, &(0x7f0000000140)={0x0, 0xe4}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1b000000", @ANYRES64=r2, @ANYRESHEX=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) 40.373957229s ago: executing program 2 (id=634): mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000002d00)='/dev/media5\x00', 0x101000, 0x0) ioctl$auto_media_devnode_fops_mc_devnode(r0, 0xc1007c00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) seccomp$auto(0x1, 0x3, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/projid_map\x00', 0x100000, 0x0) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r1, 0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0xfffffffffffffffe, 0x6, 0xdf, 0x9b72, r1, 0x100) ioctl$auto(0x3, 0x402c542c, 0x38) select$auto(0xfffffffb, 0x0, &(0x7f0000000500)={[0x200000001, 0x101, 0x9, 0x4a, 0x0, 0x7, 0x3bf, 0x9, 0x3, 0x7, 0x51c7, 0x4, 0x8, 0x9, 0x1, 0x8000000000000001]}, &(0x7f0000000580)={[0x9, 0x8, 0x4, 0x3, 0xfffd, 0x9, 0x14, 0x7fffffff, 0x8, 0x7, 0x20000000069, 0x1, 0x9, 0x2, 0x5, 0xc7]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x18, 0x4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/midiC2D3\x00', 0x0, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0x9, 0x37, 0x948a, 0x101, 0x15f4da0b, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x8, 0x9, 0xfffffffffffffffc]}, 0x0) close_range$auto(0x2, 0x8, 0x0) move_pages$auto(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0xec, &(0x7f00000002c0), 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) 39.243763938s ago: executing program 2 (id=638): rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/mcfilter\x00', 0x2180, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0xc8, 0x800454d7, 0x5c8d) r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_RESUME(r1, 0x4147, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/statm\x00', 0x800, 0x0) read$auto_proc_single_file_operations_base(r2, &(0x7f0000000300)=""/248, 0xf8) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vbi16\x00', 0x20002, 0x0) poll$auto(&(0x7f0000000480)={r3, 0xffff, 0x29}, 0x6, 0x8) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='Q\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0101000000000000df2502"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r5 = openat$auto_mon_fops_stat_usb_mon(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/15s\x00', 0x20c800, 0x0) read$auto_mon_fops_stat_usb_mon(r5, &(0x7f00000000c0)=""/90, 0x5a) arch_prctl$auto_ARCH_SHSTK_UNLOCK(0x5004, 0x3) pread64$auto(r0, 0x0, 0x3ff, 0x8) 38.219779464s ago: executing program 2 (id=639): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = getpid() process_vm_readv$auto(r0, 0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x2, 0x6, 0x0) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) write$auto(r1, &(0x7f0000000000)='@\x00', 0xfe) 37.738800638s ago: executing program 32 (id=639): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = getpid() process_vm_readv$auto(r0, 0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x2, 0x6, 0x0) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) write$auto(r1, &(0x7f0000000000)='@\x00', 0xfe) 10.254316121s ago: executing program 0 (id=708): mmap$auto(0x0, 0x4, 0x4000000000e2, 0x40eb1, 0x401, 0x2ffffffffffd) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/netfilter/nf_log\x00', 0x101000, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/version\x00', 0x8080, 0x0) lseek$auto(r2, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1, 0x800, 0x0) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0) mmap$auto(0x4, 0x20009, 0xdf, 0xebf, 0x3fd, 0x8000) socket(0x2, 0x1, 0x100) sysfs$auto(0x2, 0x4, 0x0) getsockopt$auto(r0, 0x0, 0x81, 0x0, &(0x7f00000000c0)=0x1c) 8.723174707s ago: executing program 0 (id=718): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) (async) r0 = open(&(0x7f0000000100)='./cgroup\x00', 0x105040, 0x0) open_by_handle_at$auto(r0, &(0x7f0000000500)={0x8, 0xfe, "0100000000000000"}, 0xffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2003, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) ioctl$auto(0x3, 0x400454ca, 0x38) (async) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x7}, 0x6}, 0x5, 0x20000000) mmap$auto(0x2, 0xffffffffffffffff, 0x2, 0x9b72, 0xffffffffffffffff, 0x8000) (async) read$auto(0xffffffffffffffff, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r1, 0x0, 0x3) (async) close_range$auto(0x0, 0xffffffffffffffff, 0x1001) (async) mmap$auto(0x407, 0x400008, 0x200, 0x9b7f, 0x2, 0x1000008000) (async) syz_clone3(0x0, 0x0) (async) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4402472107244f73, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x80200, 0x0) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x201, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0x3, 0xdf, 0xc5a, 0x401, 0x6a8) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) epoll_create$auto(0x4) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0x5, 0x1, 0x9489, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x100000000000062, 0x80000001, 0x8, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) (async) mmap$auto(0x2, 0x400008, 0x2ce, 0x9b72, 0x2, 0x8000) (async) readv$auto(0x3, 0x0, 0x1) (async) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6, 0x9, 0x2, 0x6]}, 0x0) socket(0x2b, 0x1, 0x1) 7.032333335s ago: executing program 1 (id=721): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="24000400", @ANYRES16=0x0, @ANYBLOB="00022abd7000fbdbdf250200000008000300000000000800010005000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) recvmmsg$auto(r0, &(0x7f00000004c0)={{&(0x7f0000000300)="3300cced34a5bc762ee9f885cd94db0c8d51c301d321f718261788b4cff2054425be085ab9bb7581231f1f878e044c7334e301e65b90f76a1e742e47900972dd2f429c7be6da324760b8c9530270d8a118df49a867ca9b374980c7e1b4639102d29e", 0x1, &(0x7f00000003c0)={&(0x7f0000000380)="9cf76016e858a4d26af1"}, 0x8000000000000000, &(0x7f0000000480)="986b1212efda28ce388f2321dcaee6effb553dde00e0f6747b85622444895bbe573a4a616934148ae405f627a5e1e2c7eecaa2f0650e1ac9a82c30f57410", 0x5, 0x800008}, 0x400}, 0x0, 0x101, &(0x7f0000000500)={0x4, 0x6}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x8002, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001080)=""/4092, 0xffc) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.freeze\x00', 0x141602, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000100), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), r0) sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r3, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)={0x138, r4, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_IFNAME={0x14, 0x4, 'batadv0\x00'}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x7}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x108, 0x2b, 0x0, 0x1, [@generic="fd38ceb09c8664c28f398a297c220da207b7d30e528dff0756e67a760550c92e33fba68b", @generic="4fa4132e94600ccb8b83f2a7b93a6256f1d13c5adf3e219f10528ee5cf91b7714244b453e131f6faba2433195bfbba13c8237e281609ae3be11f6c59fc85dbea3770ce94f493e27b5cb2356f90c445cd6cf059380f024faec962b16db99a", @generic="9ce7431b3d391b16d349976cbdc0328c04ae73f4b282f71a3e7713f0e0d8096fcb8e8f5f3567d5cfd2e7a2b1296f067515705e4e7d134ed4b0da2eb9afa2ad44c663ac0389ba95b39272df1603e82b3fe2ff48252e1be50c41d42cda0f537c4cb425f73ca30badfed0d618e7e5973a1baae063fdfd2a12427c807330be6db6e4c68e"]}]}, 0x138}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000010) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r5 = socket(0x29, 0x2, 0x0) ioctl$auto(r5, 0x89e2, 0x38) close_range$auto(0x0, 0xfffffffffffff000, 0x0) fanotify_init$auto(0x5, 0x800) pipe2$auto(0x0, 0x80) ioctl$auto(0x1, 0x5761, 0x4) 6.717790463s ago: executing program 1 (id=723): bpf$auto(0x10, &(0x7f0000001700)=@test={0xffffffffffffffff, 0x200, 0x4, 0x8, 0x8000, 0x1002b2a, 0x1, 0x4, 0x24, 0xc07c, 0x8020, 0xfffffffffffffff8, 0x2, 0x1, 0x4}, 0x63a) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8001) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, r0, 0x1400000, 0x5}, 0x6f4) r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/irq/5/actions\x00', 0x22040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000180)=""/109, 0x6d) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88002, 0x0) readv$auto(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0x1}, 0x7) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/bus/usb/003/001\x00', 0x80801, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r4 = io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) getegid() close_range$auto(0x2, 0x8, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2) unshare$auto(0xfffffffffffffff8) unshare$auto(0x40000080) mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000) madvise$auto(0x80000001, 0x2, 0xffff) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), r1) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000884}, 0xc880) socket(0x10, 0x2, 0xc) ioctl$auto_SOUND_OLD_MIXER_INFO(r4, 0x80304d65, &(0x7f0000000200)) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) 5.603756309s ago: executing program 1 (id=728): mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000002d00)='/dev/media5\x00', 0x101000, 0x0) ioctl$auto_media_devnode_fops_mc_devnode(r0, 0xc1007c00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) seccomp$auto(0x1, 0x3, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/projid_map\x00', 0x100000, 0x0) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r1, 0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) ioctl$auto(0x3, 0x402c542c, 0x38) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0) select$auto(0xfffffffb, 0x0, &(0x7f0000000500)={[0x200000001, 0x101, 0x9, 0x4a, 0x0, 0x7, 0x3bf, 0x9, 0x3, 0x7, 0x51c7, 0x4, 0x8, 0x9, 0x1, 0x8000000000000001]}, &(0x7f0000000580)={[0x9, 0x8, 0x4, 0x3, 0xfffd, 0x9, 0x14, 0x7fffffff, 0x8, 0x7, 0x20000000069, 0x1, 0x9, 0x2, 0x5, 0xc7]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x18, 0x4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/midiC2D3\x00', 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0x9, 0x37, 0x948a, 0x101, 0x15f4da0b, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x8, 0x9, 0xfffffffffffffffc]}, 0x0) close_range$auto(0x2, 0x8, 0x0) move_pages$auto(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0xec, &(0x7f00000002c0), 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) 5.544280049s ago: executing program 0 (id=729): mmap$auto(0x0, 0x100, 0x4000000000df, 0x80000000eb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/swap/vma_ra_enabled\x00', 0xe3102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource0\x00', 0x103000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) read$auto_def_blk_fops_fs(r1, &(0x7f0000000140)=""/194, 0xc2) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0xb2, 0x14, 0xffb, 0x8000000008015, r2, 0x8000) write$auto(r2, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0x20499d, 0x9) read$auto(0x3, 0x0, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) r3 = socket(0x10, 0x2, 0x0) connect$auto(r3, &(0x7f0000000340)=@generic={0x2b, "6de2374c99b4f931a39cb1da5138"}, 0x8) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x408, 0x3, 0x10101, 0x6fb7, 0x8a, 0x4, r3, [0x100, 0x7, 0x7f], {0x2, 0x7, 0x3034, 0xc, 0x8f, 0x3, 0x5, 0xfffffff9, 0x6}, {0x4000, 0xffffffff, 0x0, 0xbffff000, 0x8, 0x20b85, 0x5, 0x837, 0x8}}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='_\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x5302, 0x9}, 0x7}, 0x3, 0x0) r4 = semctl$auto_IPC_INFO(0x924, 0x6, 0x3, 0x2) move_pages$auto(r4, 0x0, &(0x7f0000000180)=&(0x7f0000000100)="86403d59837bf9ccb7703adca0823d08ea78a9a1b9618ee38c28c496315f1fc628e5dd7b56d4c82ba34bafa9470d8b7560885c8f257dcaf0d9645c760edae558c61bca1df47e2be0652c58037191bb57b3ddf6328ff624fca1d51b75cfa89f2468784e25a9613b77b0121f2cce9a9837425f", &(0x7f00000001c0)=0xab, &(0x7f0000000280)=0x3, 0x3) 5.347477341s ago: executing program 0 (id=730): mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) clock_settime$auto(0xfbfffff8, 0x0) (fail_nth: 2) 4.412319161s ago: executing program 0 (id=732): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r0, 0x4000807c) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x5, 0x0, 0x8004) mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0) sendfile$auto(r2, r2, 0x0, 0x20000005) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0) ioctl$auto_SNDCTL_DSP_RESET(r0, 0x5000, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x8900, 0x0) write$auto(0x3, 0x0, 0x7ffffffa) write$auto(0x3, 0x0, 0x5c8) 4.270069264s ago: executing program 3 (id=734): mmap$auto(0x1000000000, 0x40009, 0xa, 0x9b72, 0x2, 0x8000028000) ioperm$auto(0x7, 0x6, 0x2) sysfs$auto(0x9, 0x3, 0xfffffffffffffffc) socket(0x29, 0x5, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/lockdep_stats\x00', 0x181100, 0x0) socket(0x2b, 0x1, 0x1) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000580)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x20000000000004, 0x80000001}, 0x4}, 0x3, 0x8, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) read$auto(0x3, 0x0, 0x7d) mmap$auto(0x8000, 0x6, 0x40000000080000df, 0xfffffffffffffffa, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/net/lapb3/carrier_up_count\x00', 0x80040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000640)=""/224, 0xe0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000100), 0x109800, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000180)=0xe0) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) read$auto_bridges_fops_(0xffffffffffffffff, &(0x7f0000000340)=""/113, 0x71) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x72b9dfe4}, 0x7}, 0x3, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0x181000, 0x0) 3.7840436s ago: executing program 4 (id=736): mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) clock_settime$auto(0xfbfffff8, 0x0) 3.646433865s ago: executing program 4 (id=737): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) io_uring_setup$auto(0x401, 0x0) read$auto_snd_seq_f_ops_seq_clientmgr(r0, &(0x7f0000000180)=""/4096, 0x1000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) 3.38865198s ago: executing program 4 (id=738): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x100000001, 0x3, 0xeb1, 0x401, 0x8000) r1 = io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x1840000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffeffb, 0x2, 0x8e0, 0x300, 0x50b301a, 0xe4, 0x2c, 0x1, 0x5}) read$auto(r0, 0x0, 0x6) ioctl$auto_TIOCNOTTY(r1, 0x5422, &(0x7f00000001c0)="f3dfd41b4ef210cc6d4528dc79ddb4650c59d77c6e") 2.688817927s ago: executing program 1 (id=739): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, &(0x7f0000000300)={r0, &(0x7f0000000040)="5c521ef5d9235438cb1253c686ba3cbc81f636e61ea2d99b47177337ac4dea2e9def6974041321632061e3586e0f212d35661a9701d2bbf8df25aec682ce99fefa84569c0d535e24427a0a09a077b9b5e5dc50ed3a6183afe80af8f82f85ee49e89408715dbba18103364505d9aebbfcbb36f21b2cace99be726ba47d38f5705211335229ecb08d891", 0x0, 0x0, 0x80, 0x0, 0x0}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, 0x0, 0x240000d4) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc6000, 0x0) mmap$auto(0x6, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000001) quotactl_fd$auto(r2, 0x1, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x3, 0x0, 0x1, 0x207, 0x2, {0x2100000004, 0x10000}, 0x8000000000005, 0x6, 0x3, 0x1008000, 0x0, 0x5, 0x84, 0x9, 0x10, 0xdeb2, 0x800}) socket(0x2c, 0x5, 0x0) r3 = socket(0x2, 0x5, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) prctl$auto(0x10, 0x1, 0x4, 0x1, 0x7) setgid$auto(0xee00) r5 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/irq/15/node\x00', 0x80c00, 0x0) read$auto_proc_single_file_operations_base(r5, &(0x7f00000051c0)=""/103, 0x67) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0xdeb23080aee7e233, 0x0) mmap$auto(0xfffffffffffffffd, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8a802, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x101800, 0x0) ioctl$auto(r6, 0x80045440, 0x1) ioctl$auto(0xffffffffffffffff, 0x8007, 0xffffffffffffffff) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card1/pcm1p/oss\x00', 0xea500, 0x0) pread64$auto(r7, 0x0, 0x1ff, 0x8800000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101800, 0x0) unshare$auto(0x40000080) waitid$auto_P_ALL(0x0, 0xffffffffffffffff, &(0x7f0000000380)={@siginfo_0_0={0x0, 0x101, 0xb30f, @_timer={0xffffffffffffffff, 0x9, @sival_ptr=&(0x7f0000000380), 0xfffffffc}}}, 0x4, &(0x7f0000000200)={{0xc, 0xcaf6}, {0x8, 0x8}, 0x787, 0x9, 0xb, 0x2cd8, 0xffffffffffffffff, 0x4, 0xfffffffffffffffd, 0x10, 0xb837, 0x5, 0x2, 0x1ff, 0x8000000000566c, 0x1}) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000002c0), r3) 2.552428299s ago: executing program 3 (id=740): r0 = fcntl$auto(0x0, 0x0, 0x8001) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r1, 0x0) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, 0x0, 0x3c8082, 0x0) getuid() socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x8900, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCSETD2(r3, 0x5423, &(0x7f0000000200)="d24bf5a556dcb1399c52749bbf9860dc989898c1d8a9ddb68b95e144707337d85b979bda0a798864a2fdeff77d5ccb3e8c013ec4cf159f7f28f14b5c121720a8cda732d6d4c4afd662d21d0bfd5ee6fffb9d7767c0e95be3407f8d592d53a0199dca1da96f8beb63b5fecb") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/ptp/ptp0/n_periodic_outputs\x00', 0x28442, 0x0) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/default/ioam6_id_wide\x00', 0x40100, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) socket(0x2, 0x80002, 0x73) getuid() socket(0xa, 0x1, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000640)='/dev/loop4\x00', 0x101000, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@rc={0x1f, @any, 0x9}, 0x2) write$auto(0x3, 0x0, 0xffd8) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000140), r2) sendmsg$auto_IPVS_CMD_SET_DEST(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[], 0x1190}, 0x1, 0x0, 0x0, 0x4081}, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x8101, 0x0, 0xd0, 0x3, 0x6, 0x0, 0x1, 0x3691, 0x0, {0x100000000, 0x90000}, 0x8000000000000001, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x2000000080000004, 0x4bbf, 0xffffffffffff628e, 0xa747, 0xdeae, 0x400804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x98102, 0x0) 2.4482857s ago: executing program 3 (id=741): mmap$auto(0x0, 0x2020009, 0x8000003, 0xf8, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400005, 0x355, 0x9b72, 0x2, 0x8000) socket(0x2, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r0) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000380)={0x260, r1, 0x4, 0x70bd2c, 0x25dfdc00, {}, [@TIPC_NLA_BEARER={0x24c, 0x1, 0x0, 0x1, [@nested={0xf3, 0x2b, 0x0, 0x1, [@generic="bd1125427358eaf9b227967cc6654deff71980cc711cf47a414dfa1efdfd60e6b1aa6e690fc82eb9cb3697e69d24c72d866d2bf959cded20a53181aaee13ed7c9ce6d863e908c205ee94f1cacaeaee74311f51347c36973f5997aaa112d85795f59fd9a23335d37c0f0c8208453dc6803267f2fb5f4eaee1cd7ee9ee3857ef95e3641d68378f319dc91cc7c7dd4ebbee20de1335b23ab7e744404f03c7e2b14ad2746c8e1ab745d3b180fa4474a9cbf89114aa1de3e8ad5844da5b82faaca5c9419e81fc2b9a018fc75d839a22", @generic="3643e4b0b9f2e3230babffbcd3e3ba014e4b7463fe4267a5f437", @typed={0x8, 0x5, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x29}}]}, @nested={0x153, 0x83, 0x0, 0x1, [@generic="a4f98135d8148b", @generic="fb5d83e59ffab70da435b870726e654ebc54917e012fe757cad08c23c9ab721f5811ffe4a2a2bdc32adea46625b5660ecb3687ddde05e214afbe9ffc542ebf71743c437f7a19f4945bb91b92cd092fca84629cd7931cfb1613318d87dccb5fc4668f3b5c3c3392bf511b40cad4fbd6f818a39ffb822db383a7984ca72bf16b572abc30e3ee6d38457e3904b07d0c24a91c2a76e0abfc9bfb246f209dce30f39e8bfef59370b9f111104812ab1017425fdae1fd9d2926d55d62969ee8789a907a33364fd56de69e2a74b33d8b7a6bfcb118ce03cdc8313daa14283aeb6f695ff2ea75ba2f11a701", @nested={0x4, 0x142}, @generic="b9c9ecafb60cb764b4bb005bc44b42f631b1c14e2ffa63f1048a4d98db9fae17f2a37bf52a1efee8335c9a8f8fd388912a76d68c6f7e87b7e379684cc787ce09d7e5f946462e3fdda447abce1b8cdef75b4c56810327deb560", @nested={0x4, 0x9f}]}]}]}, 0x260}, 0x1, 0x0, 0x0, 0x40810}, 0x2) r2 = open(&(0x7f0000000000)='./file0\x00', 0x800, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC0\x00', 0x800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000100)={{@inferred, 0x8, 0x8, 0x3, "ede1ff4cbaf3fdb34efbd0b7efbced8a0baa1ec91ccd551938cd893a3ab71b3acb675d079cb930141968973e"}, 0xe, 0x42, 0xc96, @raw=0x5, @integer64={0x2, 0x5, 0x5}, "dd63adca2cc65367e8faeced8b11ad3adf14def36a0498cac6fc70d422c7b895556276923b018188f182c277b7f112a6cfd3800544bc9e373c59fa6254743f9b"}) r4 = prctl$auto_PR_SCHED_CORE_SHARE_TO(0x6, 0x2, 0x0, 0x7fff, 0xffffffffffffffff) ioctl$auto_FIOQSIZE(r2, 0x5460, r4) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000080), 0x400800, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r5 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0x6, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r5, 0x403c6f2b, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(r5, 0x0, 0x1f40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r6, &(0x7f0000003900)='\t', 0x1) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/usb_storage/parameters/delay_use\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f00000000c0)=""/40, 0x28) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000140), r4) 2.335316921s ago: executing program 4 (id=742): mmap$auto(0x0, 0x4, 0x4000000000e2, 0x40eb1, 0x401, 0x2ffffffffffd) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/netfilter/nf_log\x00', 0x101000, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/version\x00', 0x8080, 0x0) lseek$auto(r2, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1, 0x800, 0x0) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0) mmap$auto(0x4, 0x20009, 0xdf, 0xebf, 0x3fd, 0x8000) socket(0x2, 0x1, 0x100) sysfs$auto(0x2, 0x4, 0x0) getsockopt$auto(r0, 0x0, 0x81, 0x0, &(0x7f00000000c0)=0x1c) 1.694232791s ago: executing program 3 (id=743): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x484040, 0x0) r1 = openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/Virtual-1/vrr_range\x00', 0x100802, 0x0) mmap$auto(0x2, 0x100000001, 0x3, 0xeb1, r1, 0x8000) r2 = io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x1840000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffeffb, 0x4555, 0x8e0, 0x300, 0x50b301a, 0xe4, 0x2c, 0x1, 0x5}) read$auto(r0, 0x0, 0x6) ioctl$auto_TIOCNOTTY(r2, 0x5422, &(0x7f00000001c0)="f3dfd41b4ef210cc6d4528dc79ddb4650c59d77c6e") 1.242045365s ago: executing program 4 (id=744): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x52, 0x9, 0x17, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x3, 0x80002, 0x75) socket(0xa, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x14}}, 0x54) setsockopt$auto(0x3, 0x29, 0x43, 0x0, 0x9) r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x121801, 0x0) mmap$auto(0x3, 0x2000d, 0x10000000000df, 0x100000eb1, r0, 0x8000) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x2}}, 0x0, 0x8) rt_sigaction$auto(0x5, &(0x7f0000000140)={&(0x7f0000000040)=0x0, 0x9, 0x0, {0x81}}, 0x0, 0x8) bind$auto(r1, &(0x7f0000000080)=@nfc={0x27, 0x0, 0x1, 0x5}, 0x6b) sendmsg$auto_TIPC_NL_NET_GET(r0, &(0x7f00000005c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYBLOB="10010000", @ANYRES16=0x0, @ANYBLOB="00062cbd7000fcdbdf800800950000fa655c59a9d9198d000000", @ANYRES32=0x0, @ANYBLOB="9d92b249d98dae3139d506df1ade0afab2f41c117b0bc72d2c2a3e73443040a2f82d346539f43ebff070feb330bebcffba1558f4f6cf32df36c2dab4f9e89ae291bc03c567c44ff1c3d27291690784268585af3c27d278ac7f4aeed2f9d0738acf94861e4ddbbf4f986766687dad8cb914e9b0fcdf92cfd926bd667e15dc0f59d3e5e612452f93cbac8bae57d93c32c877237cfc6b852eef7319b77aae838ef49d7b608e6b87049009cf64e50218f54577ca5e8ab6f969b4b233bde6cb360cd7ccd79a5cf5389db64f8d33cfdb30cc5d8459c6a70827dcc49c65fbe283c8520c0080000ab300000000000000"], 0x110}, 0x1, 0x0, 0x0, 0x14044091}, 0x0) rt_sigqueueinfo$auto(0x0, 0x1, 0x0) poll$auto(&(0x7f0000000180)={r2, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x0) ioctl$auto(r2, 0x5, r1) capset$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(0x3, 0x0, 0xf34) close_range$auto(0xffffffffffffffff, 0x8, 0x1f0001) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xc008ae67, 0x38) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x0, 0x0) ioctl$auto(r5, 0xc0285628, r5) ioctl$auto_VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, 0x0) mmap$auto(0x40, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.123442466s ago: executing program 0 (id=745): unshare$auto(0x40000080) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffe, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x4000000070624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x4000, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x4, 0x1, 0x10000000000, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400000000005b8, 0xffff, 0x6, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x1, 0x4]}, 0x1fe, 0xd) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NLBL_MGMT_C_VERSION(r0, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x50, r1, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_MGMT_A_DOMAIN={0x14, 0x1, '/dev/sequencer2\x00'}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x8}, @NLBL_MGMT_A_VERSION={0x8, 0x3, 0x1}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x7}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0xff}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x14) r2 = socket(0x2, 0x801, 0x106) r3 = getsockopt$auto(r2, 0x6, 0xd, 0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1000"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0xf7374674b920089e) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) getsockopt$auto(r4, 0x84, 0x81, 0x0, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x40, 0x0) fcntl$auto(0x3, 0x4, 0xa553) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) getpid() setsockopt$auto_SO_DOMAIN(r3, 0x8, 0x27, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB='r'], 0x1ac}, 0x1, 0x0, 0x0, 0x20000051}, 0x4004) r6 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x0, 0x3, 0x0, 0x80, 0x101) close_range$auto(r6, r3, 0x5) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/time\x00') setns(r7, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0xfdef) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 1.007396428s ago: executing program 3 (id=746): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0) write$auto(r0, 0x0, 0x2d00) shmctl$auto_SHM_INFO(0x3, 0xe, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getsid$auto(0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x20800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000ec0)=""/4096, 0x1000) read$auto(0x3, 0x0, 0x80) statmount$auto(0x0, 0x0, 0x1fa, 0xd) prlimit64$auto(0x0, 0x3, 0x0, 0x0) 756.700737ms ago: executing program 1 (id=747): socket(0x10, 0x2, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/debug_objects/stats\x00', 0x18100, 0x0) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xffffffffffffffff, @new_prog_fd=r0, 0x4}, 0xa3) io_uring_register$auto(0x2, 0x17, &(0x7f0000000000), 0x1) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) 678.136036ms ago: executing program 4 (id=748): mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000002d00)='/dev/media5\x00', 0x101000, 0x0) ioctl$auto_media_devnode_fops_mc_devnode(r0, 0xc1007c00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) seccomp$auto(0x1, 0x3, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/projid_map\x00', 0x100000, 0x0) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r1, 0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) mmap$auto(0xfffffffffffffffe, 0x6, 0xdf, 0x9b72, r1, 0x100) ioctl$auto(0x3, 0x402c542c, 0x38) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0) select$auto(0xfffffffb, 0x0, &(0x7f0000000500)={[0x200000001, 0x101, 0x9, 0x4a, 0x0, 0x7, 0x3bf, 0x9, 0x3, 0x7, 0x51c7, 0x4, 0x8, 0x9, 0x1, 0x8000000000000001]}, &(0x7f0000000580)={[0x9, 0x8, 0x4, 0x3, 0xfffd, 0x9, 0x14, 0x7fffffff, 0x8, 0x7, 0x20000000069, 0x1, 0x9, 0x2, 0x5, 0xc7]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x18, 0x4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/midiC2D3\x00', 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0x9, 0x37, 0x948a, 0x101, 0x15f4da0b, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x8, 0x9, 0xfffffffffffffffc]}, 0x0) close_range$auto(0x2, 0x8, 0x0) move_pages$auto(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0xec, &(0x7f00000002c0), 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) 109.128567ms ago: executing program 3 (id=749): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop12/queue/nr_requests\x00', 0x80302, 0x0) mmap$auto(0x0, 0x20007, 0xe6, 0xeb1, 0xffffffffffffffff, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) write$auto(0x3, 0x0, 0xfdef) 0s ago: executing program 1 (id=750): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) r0 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) (async) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x801, 0x84) r1 = socket(0x3e, 0x5, 0x4) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) getpeername$auto(0x3, 0x0, 0x0) kernel console output (not intermixed with test programs): 4648][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.365569][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.378500][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.407669][ T5843] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.423810][ T5843] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.432571][ T5843] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.441961][ T5843] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.464393][ T4035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.484336][ T4035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.570791][ T4035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.583562][ T4035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.605702][ T3824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.618369][ T3824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.654128][ T55] Bluetooth: hci0: command tx timeout [ 82.698125][ T3824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.728844][ T5920] FAULT_INJECTION: forcing a failure. [ 82.728844][ T5920] name failslab, interval 1, probability 0, space 0, times 1 [ 82.749484][ T3824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.796008][ T5920] CPU: 0 UID: 0 PID: 5920 Comm: syz.0.6 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 82.796043][ T5920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 82.796061][ T5920] Call Trace: [ 82.796070][ T5920] [ 82.796082][ T5920] dump_stack_lvl+0x16c/0x1f0 [ 82.796123][ T5920] should_fail_ex+0x512/0x640 [ 82.796149][ T5920] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 82.796190][ T5920] should_failslab+0xc2/0x120 [ 82.796214][ T5920] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 82.796255][ T5920] ? getname_flags.part.0+0x48/0x540 [ 82.796289][ T5920] getname_flags.part.0+0x48/0x540 [ 82.796321][ T5920] getname_flags+0x93/0xf0 [ 82.796353][ T5920] do_sys_openat2+0xb8/0x1d0 [ 82.796379][ T5920] ? __pfx_do_sys_openat2+0x10/0x10 [ 82.796418][ T5920] __x64_sys_openat+0x174/0x210 [ 82.796444][ T5920] ? __pfx___x64_sys_openat+0x10/0x10 [ 82.796472][ T5920] ? rcu_is_watching+0x12/0xc0 [ 82.796509][ T5920] do_syscall_64+0xcd/0x260 [ 82.796542][ T5920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.796566][ T5920] RIP: 0033:0x7f736e18d169 [ 82.796585][ T5920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.796612][ T5920] RSP: 002b:00007f736efab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 82.796634][ T5920] RAX: ffffffffffffffda RBX: 00007f736e3a5fa0 RCX: 00007f736e18d169 [ 82.796651][ T5920] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 82.796666][ T5920] RBP: 00007f736e20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 82.796680][ T5920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.796694][ T5920] R13: 0000000000000000 R14: 00007f736e3a5fa0 R15: 00007ffe6e57bec8 [ 82.796727][ T5920] [ 82.986720][ T55] Bluetooth: hci1: command tx timeout [ 82.992191][ T55] Bluetooth: hci2: command tx timeout [ 82.997688][ T55] Bluetooth: hci3: command tx timeout [ 83.036630][ T3824] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.066523][ T3824] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.082023][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.106165][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.742190][ T5844] Bluetooth: hci0: command tx timeout [ 85.059852][ T5844] Bluetooth: hci3: command tx timeout [ 85.059872][ T55] Bluetooth: hci2: command tx timeout [ 85.066025][ T5844] Bluetooth: hci1: command tx timeout [ 85.178201][ T5844] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 86.519112][ T5955] FAULT_INJECTION: forcing a failure. [ 86.519112][ T5955] name failslab, interval 1, probability 0, space 0, times 0 [ 86.624640][ T5955] CPU: 1 UID: 0 PID: 5955 Comm: syz.3.10 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 86.624679][ T5955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 86.624694][ T5955] Call Trace: [ 86.624702][ T5955] [ 86.624711][ T5955] dump_stack_lvl+0x16c/0x1f0 [ 86.624749][ T5955] should_fail_ex+0x512/0x640 [ 86.624776][ T5955] ? __kmalloc_noprof+0xbf/0x510 [ 86.624815][ T5955] ? ops_init+0x77/0x5f0 [ 86.624853][ T5955] should_failslab+0xc2/0x120 [ 86.624877][ T5955] __kmalloc_noprof+0xd2/0x510 [ 86.624921][ T5955] ops_init+0x77/0x5f0 [ 86.624956][ T5955] setup_net+0x21e/0x850 [ 86.624992][ T5955] ? __pfx_setup_net+0x10/0x10 [ 86.625020][ T5955] ? lockdep_init_map_type+0x5c/0x280 [ 86.625046][ T5955] ? __pfx_down_read_killable+0x10/0x10 [ 86.625084][ T5955] ? debug_mutex_init+0x37/0x70 [ 86.625118][ T5955] copy_net_ns+0x2a6/0x5f0 [ 86.625154][ T5955] create_new_namespaces+0x3ea/0xad0 [ 86.625196][ T5955] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 86.625233][ T5955] ksys_unshare+0x45b/0xa40 [ 86.625268][ T5955] ? __pfx_ksys_unshare+0x10/0x10 [ 86.625300][ T5955] ? xfd_validate_state+0x5d/0x180 [ 86.625329][ T5955] ? rcu_is_watching+0x12/0xc0 [ 86.625367][ T5955] __x64_sys_unshare+0x31/0x40 [ 86.625400][ T5955] do_syscall_64+0xcd/0x260 [ 86.625434][ T5955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.625459][ T5955] RIP: 0033:0x7f6dfe58d169 [ 86.625480][ T5955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.625502][ T5955] RSP: 002b:00007f6dff492038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 86.625526][ T5955] RAX: ffffffffffffffda RBX: 00007f6dfe7a6080 RCX: 00007f6dfe58d169 [ 86.625542][ T5955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 86.625557][ T5955] RBP: 00007f6dfe60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 86.625571][ T5955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.625586][ T5955] R13: 0000000000000000 R14: 00007f6dfe7a6080 R15: 00007ffce041a238 [ 86.625618][ T5955] [ 87.015243][ T975] cfg80211: failed to load regulatory.db [ 88.312388][ T5980] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 88.362661][ T5981] Zero length message leads to an empty skb [ 88.644431][ T5984] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18'. [ 88.719079][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 89.216556][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 89.406319][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.564103][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.574249][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.686523][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.417122][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.633228][ T5844] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 92.950996][ T30] audit: type=1800 audit(6038679419.429:2): pid=6011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.24" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 94.381867][ T6049] netlink: 28 bytes leftover after parsing attributes in process `syz.0.32'. [ 99.232224][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.271455][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 99.373669][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 99.957239][ T6105] FAULT_INJECTION: forcing a failure. [ 99.957239][ T6105] name failslab, interval 1, probability 0, space 0, times 0 [ 100.393535][ T6105] CPU: 0 UID: 0 PID: 6105 Comm: syz.3.46 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 100.393573][ T6105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 100.393597][ T6105] Call Trace: [ 100.393606][ T6105] [ 100.393616][ T6105] dump_stack_lvl+0x16c/0x1f0 [ 100.393655][ T6105] should_fail_ex+0x512/0x640 [ 100.393683][ T6105] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 100.393724][ T6105] should_failslab+0xc2/0x120 [ 100.393749][ T6105] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 100.393783][ T6105] ? __proc_create+0xc3/0x8c0 [ 100.393808][ T6105] ? __proc_create+0x2ce/0x8c0 [ 100.393837][ T6105] __proc_create+0x2ce/0x8c0 [ 100.393864][ T6105] ? __pfx___proc_create+0x10/0x10 [ 100.393896][ T6105] ? _raw_write_unlock+0x28/0x50 [ 100.393924][ T6105] ? proc_register+0x314/0x5f0 [ 100.393953][ T6105] proc_create_reg+0x7d/0x180 [ 100.393980][ T6105] ? __pfx_can_rcvlist_proc_show+0x10/0x10 [ 100.394009][ T6105] proc_create_net_single+0x86/0x170 [ 100.394038][ T6105] ? __pfx_proc_create_net_single+0x10/0x10 [ 100.394076][ T6105] can_init_proc+0x24a/0x4d0 [ 100.394105][ T6105] can_pernet_init+0x1e4/0x370 [ 100.394131][ T6105] ? __pfx_can_pernet_init+0x10/0x10 [ 100.394155][ T6105] ops_init+0x1df/0x5f0 [ 100.394189][ T6105] setup_net+0x21e/0x850 [ 100.394222][ T6105] ? __pfx_setup_net+0x10/0x10 [ 100.394250][ T6105] ? lockdep_init_map_type+0x5c/0x280 [ 100.394275][ T6105] ? __pfx_down_read_killable+0x10/0x10 [ 100.394312][ T6105] ? debug_mutex_init+0x37/0x70 [ 100.394345][ T6105] copy_net_ns+0x2a6/0x5f0 [ 100.394381][ T6105] create_new_namespaces+0x3ea/0xad0 [ 100.394423][ T6105] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 100.394459][ T6105] ksys_unshare+0x45b/0xa40 [ 100.394494][ T6105] ? __pfx_ksys_unshare+0x10/0x10 [ 100.394527][ T6105] ? xfd_validate_state+0x5d/0x180 [ 100.394555][ T6105] ? rcu_is_watching+0x12/0xc0 [ 100.394598][ T6105] __x64_sys_unshare+0x31/0x40 [ 100.394632][ T6105] do_syscall_64+0xcd/0x260 [ 100.394668][ T6105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.394694][ T6105] RIP: 0033:0x7f6dfe58d169 [ 100.394715][ T6105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.394737][ T6105] RSP: 002b:00007f6dff492038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 100.394761][ T6105] RAX: ffffffffffffffda RBX: 00007f6dfe7a6080 RCX: 00007f6dfe58d169 [ 100.394778][ T6105] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 100.394794][ T6105] RBP: 00007f6dfe60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.394809][ T6105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 100.394823][ T6105] R13: 0000000000000000 R14: 00007f6dfe7a6080 R15: 00007ffce041a238 [ 100.394858][ T6105] [ 106.334242][ T6176] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 106.690735][ T6174] FAULT_INJECTION: forcing a failure. [ 106.690735][ T6174] name failslab, interval 1, probability 0, space 0, times 0 [ 106.709548][ T6174] CPU: 1 UID: 0 PID: 6174 Comm: syz.1.64 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 106.709583][ T6174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 106.709595][ T6174] Call Trace: [ 106.709603][ T6174] [ 106.709613][ T6174] dump_stack_lvl+0x16c/0x1f0 [ 106.709648][ T6174] should_fail_ex+0x512/0x640 [ 106.709673][ T6174] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 106.709704][ T6174] should_failslab+0xc2/0x120 [ 106.709719][ T6174] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 106.709738][ T6174] ? __proc_create+0xc3/0x8c0 [ 106.709751][ T6174] ? __proc_create+0x2ce/0x8c0 [ 106.709767][ T6174] __proc_create+0x2ce/0x8c0 [ 106.709781][ T6174] ? __pfx___proc_create+0x10/0x10 [ 106.709798][ T6174] ? _raw_write_unlock+0x28/0x50 [ 106.709814][ T6174] ? proc_register+0x314/0x5f0 [ 106.709830][ T6174] proc_create_reg+0x7d/0x180 [ 106.709846][ T6174] ? __pfx_can_rcvlist_eff_proc_show+0x10/0x10 [ 106.709863][ T6174] proc_create_net_single+0x86/0x170 [ 106.709886][ T6174] ? __pfx_proc_create_net_single+0x10/0x10 [ 106.709907][ T6174] can_init_proc+0x319/0x4d0 [ 106.709923][ T6174] can_pernet_init+0x1e4/0x370 [ 106.709939][ T6174] ? __pfx_can_pernet_init+0x10/0x10 [ 106.709953][ T6174] ops_init+0x1df/0x5f0 [ 106.709972][ T6174] setup_net+0x21e/0x850 [ 106.709990][ T6174] ? __pfx_setup_net+0x10/0x10 [ 106.710005][ T6174] ? lockdep_init_map_type+0x5c/0x280 [ 106.710018][ T6174] ? __pfx_down_read_killable+0x10/0x10 [ 106.710039][ T6174] ? debug_mutex_init+0x37/0x70 [ 106.710057][ T6174] copy_net_ns+0x2a6/0x5f0 [ 106.710077][ T6174] create_new_namespaces+0x3ea/0xad0 [ 106.710100][ T6174] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 106.710120][ T6174] ksys_unshare+0x45b/0xa40 [ 106.710139][ T6174] ? __pfx_ksys_unshare+0x10/0x10 [ 106.710157][ T6174] ? xfd_validate_state+0x5d/0x180 [ 106.710173][ T6174] ? rcu_is_watching+0x12/0xc0 [ 106.710193][ T6174] __x64_sys_unshare+0x31/0x40 [ 106.710211][ T6174] do_syscall_64+0xcd/0x260 [ 106.710230][ T6174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.710243][ T6174] RIP: 0033:0x7f89e318d169 [ 106.710256][ T6174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.710268][ T6174] RSP: 002b:00007f89e3f38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 106.710281][ T6174] RAX: ffffffffffffffda RBX: 00007f89e33a5fa0 RCX: 00007f89e318d169 [ 106.710290][ T6174] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 106.710298][ T6174] RBP: 00007f89e320e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 106.710307][ T6174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.710315][ T6174] R13: 0000000000000000 R14: 00007f89e33a5fa0 R15: 00007ffd8543d648 [ 106.710332][ T6174] [ 109.330608][ T30] audit: type=1800 audit(6038680458.812:3): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.72" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 110.378734][ T6225] netlink: 28 bytes leftover after parsing attributes in process `syz.2.79'. [ 111.193075][ T6231] FAULT_INJECTION: forcing a failure. [ 111.193075][ T6231] name failslab, interval 1, probability 0, space 0, times 0 [ 111.269900][ T6231] CPU: 1 UID: 0 PID: 6231 Comm: syz.2.81 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 111.269938][ T6231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 111.269952][ T6231] Call Trace: [ 111.269961][ T6231] [ 111.269970][ T6231] dump_stack_lvl+0x16c/0x1f0 [ 111.270008][ T6231] should_fail_ex+0x512/0x640 [ 111.270037][ T6231] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 111.270078][ T6231] should_failslab+0xc2/0x120 [ 111.270103][ T6231] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 111.270139][ T6231] ? __proc_create+0xc3/0x8c0 [ 111.270165][ T6231] ? __proc_create+0x2ce/0x8c0 [ 111.270212][ T6231] __proc_create+0x2ce/0x8c0 [ 111.270241][ T6231] ? __pfx___proc_create+0x10/0x10 [ 111.270274][ T6231] ? _raw_write_unlock+0x28/0x50 [ 111.270304][ T6231] ? proc_register+0x314/0x5f0 [ 111.270335][ T6231] proc_create_reg+0x7d/0x180 [ 111.270363][ T6231] ? __pfx_can_rcvlist_proc_show+0x10/0x10 [ 111.270392][ T6231] proc_create_net_single+0x86/0x170 [ 111.270421][ T6231] ? __pfx_proc_create_net_single+0x10/0x10 [ 111.270465][ T6231] can_init_proc+0x178/0x4d0 [ 111.270494][ T6231] can_pernet_init+0x1e4/0x370 [ 111.270521][ T6231] ? __pfx_can_pernet_init+0x10/0x10 [ 111.270544][ T6231] ops_init+0x1df/0x5f0 [ 111.270579][ T6231] setup_net+0x21e/0x850 [ 111.270612][ T6231] ? __pfx_setup_net+0x10/0x10 [ 111.270640][ T6231] ? lockdep_init_map_type+0x5c/0x280 [ 111.270665][ T6231] ? __pfx_down_read_killable+0x10/0x10 [ 111.270702][ T6231] ? debug_mutex_init+0x37/0x70 [ 111.270736][ T6231] copy_net_ns+0x2a6/0x5f0 [ 111.270772][ T6231] create_new_namespaces+0x3ea/0xad0 [ 111.270813][ T6231] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 111.270849][ T6231] ksys_unshare+0x45b/0xa40 [ 111.270884][ T6231] ? __pfx_ksys_unshare+0x10/0x10 [ 111.270917][ T6231] ? xfd_validate_state+0x5d/0x180 [ 111.270950][ T6231] ? rcu_is_watching+0x12/0xc0 [ 111.270987][ T6231] __x64_sys_unshare+0x31/0x40 [ 111.271021][ T6231] do_syscall_64+0xcd/0x260 [ 111.271057][ T6231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.271082][ T6231] RIP: 0033:0x7f2c6cf8d169 [ 111.271103][ T6231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.271127][ T6231] RSP: 002b:00007f2c6ddc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 111.271151][ T6231] RAX: ffffffffffffffda RBX: 00007f2c6d1a5fa0 RCX: 00007f2c6cf8d169 [ 111.271167][ T6231] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 111.271182][ T6231] RBP: 00007f2c6d00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 111.271196][ T6231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.271209][ T6231] R13: 0000000000000000 R14: 00007f2c6d1a5fa0 R15: 00007ffd7a8f5dd8 [ 111.271243][ T6231] [ 112.493143][ T6254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.89'. [ 112.513688][ T6254] netlink: 32 bytes leftover after parsing attributes in process `syz.2.89'. [ 112.548471][ T6254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.89'. [ 113.037890][ T6276] syz.2.95 uses obsolete (PF_INET,SOCK_PACKET) [ 113.066529][ T6276] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 113.395088][ T6290] process 'syz.1.99' launched ':,' with NULL argv: empty string added [ 113.501643][ T30] audit: type=1800 audit(6038680462.980:4): pid=6268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.93" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 114.707538][ T6340] input: jJǸ-¶š9ã%vø“û¨lÐQ  J"²Æ1‘ as /devices/virtual/input/input7 [ 115.308377][ T6357] FAULT_INJECTION: forcing a failure. [ 115.308377][ T6357] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 115.419470][ T6357] CPU: 0 UID: 0 PID: 6357 Comm: syz.2.116 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 115.419515][ T6357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 115.419532][ T6357] Call Trace: [ 115.419540][ T6357] [ 115.419553][ T6357] dump_stack_lvl+0x16c/0x1f0 [ 115.419587][ T6357] should_fail_ex+0x512/0x640 [ 115.419616][ T6357] _copy_from_user+0x2e/0xd0 [ 115.419643][ T6357] core_sys_select+0x314/0xbe0 [ 115.419681][ T6357] ? __pfx_core_sys_select+0x10/0x10 [ 115.419721][ T6357] ? proc_fail_nth_write+0x9f/0x250 [ 115.419780][ T6357] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 115.419817][ T6357] kern_select+0x15d/0x1e0 [ 115.419845][ T6357] ? __pfx_kern_select+0x10/0x10 [ 115.419888][ T6357] ? __pfx_ksys_write+0x10/0x10 [ 115.419915][ T6357] ? rcu_is_watching+0x12/0xc0 [ 115.419947][ T6357] __x64_sys_select+0xbd/0x160 [ 115.419975][ T6357] ? do_syscall_64+0x91/0x260 [ 115.420001][ T6357] ? lockdep_hardirqs_on+0x7c/0x110 [ 115.420028][ T6357] do_syscall_64+0xcd/0x260 [ 115.420057][ T6357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.420158][ T6357] RIP: 0033:0x7f2c6cf8d169 [ 115.420183][ T6357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.420204][ T6357] RSP: 002b:00007f2c6dda0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 115.420226][ T6357] RAX: ffffffffffffffda RBX: 00007f2c6d1a6080 RCX: 00007f2c6cf8d169 [ 115.420241][ T6357] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 000000000000000a [ 115.420255][ T6357] RBP: 00007f2c6dda0090 R08: 0000000000000000 R09: 0000000000000000 [ 115.420268][ T6357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 115.420281][ T6357] R13: 0000000000000001 R14: 00007f2c6d1a6080 R15: 00007ffd7a8f5dd8 [ 115.420313][ T6357] [ 116.507015][ T6374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.120'. [ 116.518170][ T6374] netlink: 32 bytes leftover after parsing attributes in process `syz.0.120'. [ 116.527980][ T6374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.120'. [ 117.663449][ T6402] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.122966][ T6467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78810 [ 120.133089][ T6467] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 120.146261][ T6467] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 120.153931][ T6467] page_type: f5(slab) [ 120.157936][ T6467] raw: 00fff00000000040 ffff88814768cb40 dead000000000122 0000000000000000 [ 120.179874][ T6467] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 120.189011][ T6467] head: 00fff00000000040 ffff88814768cb40 dead000000000122 0000000000000000 [ 120.203340][ T6467] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 120.234019][ T6467] head: 00fff00000000003 ffffea0001e20401 00000000ffffffff 00000000ffffffff [ 120.307224][ T6467] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 120.346470][ T6467] page dumped because: unmovable page [ 120.356648][ T6467] page_owner tracks the page as allocated [ 120.396815][ T6467] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5690, tgid 5690 (sshd), ts 61596426438, free_ts 26141695121 [ 120.482436][ T6467] post_alloc_hook+0x181/0x1b0 [ 120.491557][ T6467] get_page_from_freelist+0x1193/0x39b0 [ 120.547325][ T6467] __alloc_frozen_pages_noprof+0x263/0x2370 [ 120.565058][ T6467] alloc_pages_mpol+0x1fb/0x550 [ 120.595870][ T6467] new_slab+0x23c/0x330 [ 120.613964][ T6467] ___slab_alloc+0xd9c/0x1940 [ 120.635003][ T6467] __slab_alloc.constprop.0+0x56/0xb0 [ 120.640471][ T6467] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 120.698960][ T5844] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 120.776966][ T6467] ext4_alloc_inode+0x28/0x610 [ 120.840195][ T6467] alloc_inode+0x61/0x240 [ 120.939657][ T6467] iget_locked+0x2e4/0x830 [ 120.977294][ T6467] __ext4_iget+0x3ca/0x4490 [ 121.050199][ T6467] ext4_lookup+0x37c/0x730 [ 121.142967][ T6467] lookup_open.isra.0+0x4d7/0x1580 [ 121.148239][ T6467] path_openat+0x905/0x2d40 [ 121.152889][ T6467] do_filp_open+0x20b/0x470 [ 121.157447][ T6467] page last free pid 1 tgid 1 stack trace: [ 121.163340][ T6467] __free_frozen_pages+0x69d/0xff0 [ 121.168504][ T6467] free_contig_range+0x135/0x3f0 [ 121.173550][ T6467] destroy_args+0x66f/0x830 [ 121.178120][ T6467] debug_vm_pgtable+0x130e/0x2d50 [ 121.183244][ T6467] do_one_initcall+0x120/0x6e0 [ 121.188069][ T6467] kernel_init_freeable+0x5c2/0x900 [ 121.193396][ T6467] kernel_init+0x1c/0x2b0 [ 121.199253][ T6467] ret_from_fork+0x45/0x80 [ 121.206679][ T6467] ret_from_fork_asm+0x1a/0x30 [ 121.843303][ T6496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.155'. [ 122.720001][ T30] audit: type=1800 audit(6038680472.185:5): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.156" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 125.947099][ T6560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.175'. [ 126.004537][ T6560] netlink: 25 bytes leftover after parsing attributes in process `syz.2.175'. [ 127.422355][ T6591] netlink: 28 bytes leftover after parsing attributes in process `syz.3.183'. [ 128.920771][ T6615] vivid-007: ================= START STATUS ================= [ 128.975557][ T6615] vivid-007: Generate PTS: true [ 129.020763][ T6615] vivid-007: Generate SCR: true [ 129.038570][ T6615] tpg source WxH: 640x360 (Y'CbCr) [ 129.043764][ T6615] tpg field: 1 [ 129.089198][ T6615] tpg crop: (0,0)/640x360 [ 129.093605][ T6615] tpg compose: (0,0)/640x360 [ 129.135973][ T6615] tpg colorspace: 8 [ 129.139875][ T6615] tpg transfer function: 0/0 [ 129.175849][ T6615] tpg Y'CbCr encoding: 0/0 [ 129.180334][ T6615] tpg quantization: 0/0 [ 129.205945][ T6615] tpg RGB range: 0/2 [ 129.209913][ T6615] vivid-007: ================== END STATUS ================== [ 131.537918][ T6685] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 131.932201][ T6695] netlink: 28 bytes leftover after parsing attributes in process `syz.1.204'. [ 132.916979][ T6714] vivid-004: ================= START STATUS ================= [ 132.959706][ T6714] vivid-004: ================== END STATUS ================== [ 133.088581][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.095171][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.538195][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.2.217'. [ 135.114329][ T6748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.219'. [ 136.373866][ T6778] netlink: 338 bytes leftover after parsing attributes in process `syz.2.227'. [ 136.442270][ T6781] FAULT_INJECTION: forcing a failure. [ 136.442270][ T6781] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 136.459455][ T6781] CPU: 0 UID: 0 PID: 6781 Comm: syz.3.228 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 136.459487][ T6781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 136.459499][ T6781] Call Trace: [ 136.459506][ T6781] [ 136.459514][ T6781] dump_stack_lvl+0x16c/0x1f0 [ 136.459552][ T6781] should_fail_ex+0x512/0x640 [ 136.459580][ T6781] _copy_from_iter+0x2a4/0x15b0 [ 136.459606][ T6781] ? __alloc_skb+0x200/0x380 [ 136.459632][ T6781] ? __pfx__copy_from_iter+0x10/0x10 [ 136.459659][ T6781] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 136.459685][ T6781] ? __lock_acquire+0xaa4/0x1ba0 [ 136.459714][ T6781] netlink_sendmsg+0x829/0xdd0 [ 136.459755][ T6781] ? __pfx_netlink_sendmsg+0x10/0x10 [ 136.459796][ T6781] ____sys_sendmsg+0xa95/0xc70 [ 136.459828][ T6781] ? copy_msghdr_from_user+0x10a/0x160 [ 136.459854][ T6781] ? __pfx_____sys_sendmsg+0x10/0x10 [ 136.459901][ T6781] ___sys_sendmsg+0x134/0x1d0 [ 136.459929][ T6781] ? __pfx____sys_sendmsg+0x10/0x10 [ 136.459997][ T6781] __sys_sendmsg+0x16d/0x220 [ 136.460024][ T6781] ? __pfx___sys_sendmsg+0x10/0x10 [ 136.460060][ T6781] ? rcu_is_watching+0x12/0xc0 [ 136.460097][ T6781] do_syscall_64+0xcd/0x260 [ 136.460126][ T6781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.460149][ T6781] RIP: 0033:0x7f6dfe58d169 [ 136.460180][ T6781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.460201][ T6781] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 136.460222][ T6781] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 136.460237][ T6781] RDX: 0000000004008000 RSI: 0000200000000980 RDI: 0000000000000003 [ 136.460250][ T6781] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 136.460264][ T6781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.460276][ T6781] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 136.460307][ T6781] [ 137.788748][ T5844] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 139.146336][ T6822] netlink: 28 bytes leftover after parsing attributes in process `syz.3.239'. [ 139.505356][ T6829] mmap: syz.0.241 (6829) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 140.413437][ T5844] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 141.342382][ T6865] netlink: 21 bytes leftover after parsing attributes in process `syz.0.251'. [ 143.618190][ T6902] Invalid ELF header magic: != ELF [ 145.906504][ T6923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.262'. [ 147.615143][ T6958] netlink: 28 bytes leftover after parsing attributes in process `syz.1.273'. [ 149.466076][ T6983] FAULT_INJECTION: forcing a failure. [ 149.466076][ T6983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 149.532657][ T6983] CPU: 0 UID: 0 PID: 6983 Comm: syz.3.281 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 149.532691][ T6983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 149.532703][ T6983] Call Trace: [ 149.532711][ T6983] [ 149.532720][ T6983] dump_stack_lvl+0x16c/0x1f0 [ 149.532754][ T6983] should_fail_ex+0x512/0x640 [ 149.532783][ T6983] _copy_from_user+0x2e/0xd0 [ 149.532811][ T6983] copy_msghdr_from_user+0x98/0x160 [ 149.532840][ T6983] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 149.532883][ T6983] ___sys_sendmsg+0xfe/0x1d0 [ 149.532911][ T6983] ? __pfx____sys_sendmsg+0x10/0x10 [ 149.532980][ T6983] __sys_sendmsg+0x16d/0x220 [ 149.533007][ T6983] ? __pfx___sys_sendmsg+0x10/0x10 [ 149.533044][ T6983] ? rcu_is_watching+0x12/0xc0 [ 149.533080][ T6983] do_syscall_64+0xcd/0x260 [ 149.533111][ T6983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.533133][ T6983] RIP: 0033:0x7f6dfe58d169 [ 149.533151][ T6983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.533171][ T6983] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 149.533193][ T6983] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 149.533208][ T6983] RDX: 000000000400c8d4 RSI: 0000200000000280 RDI: 0000000000000003 [ 149.533221][ T6983] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 149.533234][ T6983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 149.533247][ T6983] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 149.533278][ T6983] [ 151.666370][ T7026] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 151.882846][ T7031] netlink: 186 bytes leftover after parsing attributes in process `syz.2.293'. [ 151.919946][ T7034] netlink: 28 bytes leftover after parsing attributes in process `syz.0.295'. [ 152.080139][ T7028] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 152.364281][ T7045] FAULT_INJECTION: forcing a failure. [ 152.364281][ T7045] name failslab, interval 1, probability 0, space 0, times 0 [ 152.400270][ T7045] CPU: 1 UID: 0 PID: 7045 Comm: syz.2.298 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 152.400304][ T7045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 152.400317][ T7045] Call Trace: [ 152.400324][ T7045] [ 152.400333][ T7045] dump_stack_lvl+0x16c/0x1f0 [ 152.400369][ T7045] should_fail_ex+0x512/0x640 [ 152.400395][ T7045] ? fs_reclaim_acquire+0xae/0x150 [ 152.400424][ T7045] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 152.400452][ T7045] should_failslab+0xc2/0x120 [ 152.400475][ T7045] __kmalloc_noprof+0xd2/0x510 [ 152.400530][ T7045] tomoyo_realpath_from_path+0xc2/0x6e0 [ 152.400562][ T7045] ? tomoyo_profile+0x47/0x60 [ 152.400596][ T7045] tomoyo_path_number_perm+0x245/0x580 [ 152.400620][ T7045] ? tomoyo_path_number_perm+0x237/0x580 [ 152.400648][ T7045] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 152.400675][ T7045] ? find_held_lock+0x2b/0x80 [ 152.400733][ T7045] ? find_held_lock+0x2b/0x80 [ 152.400759][ T7045] ? hook_file_ioctl_common+0x145/0x410 [ 152.400790][ T7045] ? __fget_files+0x20e/0x3c0 [ 152.400826][ T7045] security_file_ioctl+0x9b/0x240 [ 152.400854][ T7045] __x64_sys_ioctl+0xb7/0x200 [ 152.400885][ T7045] do_syscall_64+0xcd/0x260 [ 152.400915][ T7045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.400939][ T7045] RIP: 0033:0x7f2c6cf8d169 [ 152.400957][ T7045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.400978][ T7045] RSP: 002b:00007f2c6ddc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.401000][ T7045] RAX: ffffffffffffffda RBX: 00007f2c6d1a5fa0 RCX: 00007f2c6cf8d169 [ 152.401014][ T7045] RDX: 0000000000000046 RSI: 0000000000008912 RDI: 0000000000000003 [ 152.401028][ T7045] RBP: 00007f2c6ddc1090 R08: 0000000000000000 R09: 0000000000000000 [ 152.401041][ T7045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 152.401055][ T7045] R13: 0000000000000000 R14: 00007f2c6d1a5fa0 R15: 00007ffd7a8f5dd8 [ 152.401085][ T7045] [ 152.401095][ T7045] ERROR: Out of memory at tomoyo_realpath_from_path. [ 152.738878][ T7032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.294'. [ 152.761719][ T7032] veth0_macvtap: left promiscuous mode [ 152.781205][ T7032] macvtap0: entered promiscuous mode [ 152.795477][ T7032] macvtap0: entered allmulticast mode [ 154.001866][ T7077] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 154.088962][ T7075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.303'. [ 154.204656][ T7082] FAULT_INJECTION: forcing a failure. [ 154.204656][ T7082] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 154.256907][ T7082] CPU: 1 UID: 0 PID: 7082 Comm: syz.2.305 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 154.256941][ T7082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 154.256953][ T7082] Call Trace: [ 154.256961][ T7082] [ 154.256969][ T7082] dump_stack_lvl+0x16c/0x1f0 [ 154.257011][ T7082] should_fail_ex+0x512/0x640 [ 154.257040][ T7082] should_fail_alloc_page+0xe7/0x130 [ 154.257065][ T7082] prepare_alloc_pages+0x3c2/0x610 [ 154.257098][ T7082] __alloc_frozen_pages_noprof+0x18d/0x2370 [ 154.257138][ T7082] ? lock_acquire+0x179/0x350 [ 154.257161][ T7082] ? find_held_lock+0x2b/0x80 [ 154.257189][ T7082] ? is_bpf_text_address+0x8a/0x1a0 [ 154.257209][ T7082] ? bpf_ksym_find+0x124/0x1c0 [ 154.257235][ T7082] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 154.257268][ T7082] ? is_bpf_text_address+0x94/0x1a0 [ 154.257290][ T7082] ? kernel_text_address+0x8d/0x100 [ 154.257315][ T7082] ? __kernel_text_address+0xd/0x40 [ 154.257353][ T7082] ? __lock_acquire+0x5ca/0x1ba0 [ 154.257371][ T7082] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 154.257397][ T7082] ? policy_nodemask+0xea/0x4e0 [ 154.257422][ T7082] alloc_pages_mpol+0x1fb/0x550 [ 154.257445][ T7082] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 154.257477][ T7082] folio_alloc_mpol_noprof+0x36/0x2f0 [ 154.257504][ T7082] shmem_alloc_folio+0x135/0x160 [ 154.257535][ T7082] shmem_alloc_and_add_folio+0x499/0xc20 [ 154.257573][ T7082] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 154.257609][ T7082] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 154.257648][ T7082] shmem_get_folio_gfp+0x687/0x1530 [ 154.257688][ T7082] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 154.257723][ T7082] ? filemap_map_pages+0xf6c/0x1680 [ 154.257749][ T7082] shmem_fault+0x1fe/0xa30 [ 154.257784][ T7082] ? __pfx_shmem_fault+0x10/0x10 [ 154.257822][ T7082] ? __pfx_filemap_map_pages+0x10/0x10 [ 154.257854][ T7082] __do_fault+0x10a/0x490 [ 154.257879][ T7082] do_pte_missing+0x1031/0x3fb0 [ 154.257912][ T7082] ? __handle_mm_fault+0x1010/0x2a40 [ 154.257946][ T7082] __handle_mm_fault+0x103d/0x2a40 [ 154.257995][ T7082] ? __pfx___handle_mm_fault+0x10/0x10 [ 154.258040][ T7082] ? find_vma+0xbf/0x140 [ 154.258060][ T7082] ? __pfx_find_vma+0x10/0x10 [ 154.258080][ T7082] handle_mm_fault+0x3fe/0xad0 [ 154.258105][ T7082] do_user_addr_fault+0x7a6/0x1370 [ 154.258128][ T7082] ? rcu_is_watching+0x12/0xc0 [ 154.258150][ T7082] exc_page_fault+0x5c/0xc0 [ 154.258170][ T7082] asm_exc_page_fault+0x26/0x30 [ 154.258187][ T7082] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 154.258205][ T7082] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 154.258220][ T7082] RSP: 0018:ffffc9001a9af7d8 EFLAGS: 00050206 [ 154.258234][ T7082] RAX: 0000000000000001 RBX: 000000000000ee46 RCX: 000000000000de46 [ 154.258244][ T7082] RDX: ffffed100b439dc9 RSI: 0000000000001000 RDI: ffff88805a1c1000 [ 154.258254][ T7082] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100b439dc8 [ 154.258268][ T7082] R10: ffff88805a1cee45 R11: 0000000000000000 R12: 0000000000000000 [ 154.258277][ T7082] R13: ffffc9001a9afd60 R14: 000000000000ee46 R15: ffff88805a1c0000 [ 154.258303][ T7082] _copy_from_iter+0x391/0x15b0 [ 154.258329][ T7082] ? rcu_is_watching+0x12/0xc0 [ 154.258350][ T7082] ? __pfx__copy_from_iter+0x10/0x10 [ 154.258369][ T7082] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 154.258395][ T7082] ? __asan_memset+0x23/0x50 [ 154.258416][ T7082] ? __build_skb_around+0x278/0x3b0 [ 154.258435][ T7082] ? __build_skb+0x6e/0x90 [ 154.258454][ T7082] ? is_vmalloc_addr+0x30/0x40 [ 154.258481][ T7082] netlink_sendmsg+0x829/0xdd0 [ 154.258512][ T7082] ? __pfx_netlink_sendmsg+0x10/0x10 [ 154.258548][ T7082] ____sys_sendmsg+0xa95/0xc70 [ 154.258577][ T7082] ? copy_msghdr_from_user+0x10a/0x160 [ 154.258600][ T7082] ? __pfx_____sys_sendmsg+0x10/0x10 [ 154.258632][ T7082] ? __pfx__kstrtoull+0x10/0x10 [ 154.258669][ T7082] ___sys_sendmsg+0x134/0x1d0 [ 154.258698][ T7082] ? __pfx____sys_sendmsg+0x10/0x10 [ 154.258741][ T7082] ? find_held_lock+0x2b/0x80 [ 154.258791][ T7082] __sys_sendmmsg+0x200/0x420 [ 154.258821][ T7082] ? __pfx___sys_sendmmsg+0x10/0x10 [ 154.258859][ T7082] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 154.258901][ T7082] ? fput+0x70/0xf0 [ 154.258922][ T7082] ? ksys_write+0x1b9/0x240 [ 154.258950][ T7082] ? __pfx_ksys_write+0x10/0x10 [ 154.258976][ T7082] ? rcu_is_watching+0x12/0xc0 [ 154.259014][ T7082] __x64_sys_sendmmsg+0x9c/0x100 [ 154.259039][ T7082] ? lockdep_hardirqs_on+0x7c/0x110 [ 154.259066][ T7082] do_syscall_64+0xcd/0x260 [ 154.259096][ T7082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.259118][ T7082] RIP: 0033:0x7f2c6cf8d169 [ 154.259137][ T7082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.259158][ T7082] RSP: 002b:00007f2c6dd7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 154.259177][ T7082] RAX: ffffffffffffffda RBX: 00007f2c6d1a6160 RCX: 00007f2c6cf8d169 [ 154.259192][ T7082] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 154.259205][ T7082] RBP: 00007f2c6dd7f090 R08: 0000000000000000 R09: 0000000000000000 [ 154.259218][ T7082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.259231][ T7082] R13: 0000000000000000 R14: 00007f2c6d1a6160 R15: 00007ffd7a8f5dd8 [ 154.259261][ T7082] [ 154.941815][ T7079] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 157.587475][ T7120] FAULT_INJECTION: forcing a failure. [ 157.587475][ T7120] name failslab, interval 1, probability 0, space 0, times 0 [ 157.610782][ T7120] CPU: 0 UID: 0 PID: 7120 Comm: syz.3.316 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 157.610816][ T7120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 157.610828][ T7120] Call Trace: [ 157.610835][ T7120] [ 157.610843][ T7120] dump_stack_lvl+0x16c/0x1f0 [ 157.610875][ T7120] should_fail_ex+0x512/0x640 [ 157.610898][ T7120] ? fs_reclaim_acquire+0xae/0x150 [ 157.610926][ T7120] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 157.610953][ T7120] should_failslab+0xc2/0x120 [ 157.610972][ T7120] __kmalloc_noprof+0xd2/0x510 [ 157.611023][ T7120] tomoyo_realpath_from_path+0xc2/0x6e0 [ 157.611050][ T7120] ? tomoyo_profile+0x47/0x60 [ 157.611078][ T7120] tomoyo_path_number_perm+0x245/0x580 [ 157.611098][ T7120] ? tomoyo_path_number_perm+0x237/0x580 [ 157.611121][ T7120] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 157.611144][ T7120] ? find_held_lock+0x2b/0x80 [ 157.611192][ T7120] ? find_held_lock+0x2b/0x80 [ 157.611213][ T7120] ? hook_file_ioctl_common+0x145/0x410 [ 157.611240][ T7120] ? __fget_files+0x20e/0x3c0 [ 157.611270][ T7120] security_file_ioctl+0x9b/0x240 [ 157.611294][ T7120] __x64_sys_ioctl+0xb7/0x200 [ 157.611319][ T7120] do_syscall_64+0xcd/0x260 [ 157.611345][ T7120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.611365][ T7120] RIP: 0033:0x7f6dfe58d169 [ 157.611380][ T7120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.611397][ T7120] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 157.611415][ T7120] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 157.611428][ T7120] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000003 [ 157.611439][ T7120] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 157.611451][ T7120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.611462][ T7120] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 157.611488][ T7120] [ 157.611501][ T7120] ERROR: Out of memory at tomoyo_realpath_from_path. [ 158.679949][ T7142] netlink: 28 bytes leftover after parsing attributes in process `syz.3.323'. [ 159.133385][ T7129] bridge0: port 3(team0) entered blocking state [ 159.214838][ T7129] bridge0: port 3(team0) entered disabled state [ 159.243426][ T7129] team0: entered allmulticast mode [ 159.248613][ T7129] team_slave_0: entered allmulticast mode [ 159.255895][ T7147] FAULT_INJECTION: forcing a failure. [ 159.255895][ T7147] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.292549][ T7129] team_slave_1: entered allmulticast mode [ 159.300426][ T7129] team0: entered promiscuous mode [ 159.311439][ T7147] CPU: 1 UID: 0 PID: 7147 Comm: syz.3.324 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 159.311469][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 159.311482][ T7147] Call Trace: [ 159.311489][ T7147] [ 159.311498][ T7147] dump_stack_lvl+0x16c/0x1f0 [ 159.311531][ T7147] should_fail_ex+0x512/0x640 [ 159.311561][ T7147] _copy_from_user+0x2e/0xd0 [ 159.311589][ T7147] copy_msghdr_from_user+0x98/0x160 [ 159.311617][ T7147] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 159.311659][ T7147] ___sys_sendmsg+0xfe/0x1d0 [ 159.311688][ T7147] ? __pfx____sys_sendmsg+0x10/0x10 [ 159.311760][ T7147] __sys_sendmsg+0x16d/0x220 [ 159.311786][ T7147] ? __pfx___sys_sendmsg+0x10/0x10 [ 159.311820][ T7147] ? rcu_is_watching+0x12/0xc0 [ 159.311856][ T7147] do_syscall_64+0xcd/0x260 [ 159.311885][ T7147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.311909][ T7147] RIP: 0033:0x7f6dfe58d169 [ 159.311927][ T7147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.311947][ T7147] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 159.311968][ T7147] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 159.311983][ T7147] RDX: 0000000000000010 RSI: 00002000000015c0 RDI: 0000000000000003 [ 159.311996][ T7147] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 159.312009][ T7147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.312022][ T7147] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 159.312052][ T7147] [ 159.551299][ T7129] team_slave_0: entered promiscuous mode [ 159.557253][ T7129] team_slave_1: entered promiscuous mode [ 159.572527][ T7129] bridge0: port 3(team0) entered blocking state [ 159.579351][ T7129] bridge0: port 3(team0) entered forwarding state [ 163.922930][ T7204] FAULT_INJECTION: forcing a failure. [ 163.922930][ T7204] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 163.959206][ T7204] CPU: 1 UID: 0 PID: 7204 Comm: syz.2.339 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 163.959240][ T7204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 163.959250][ T7204] Call Trace: [ 163.959257][ T7204] [ 163.959265][ T7204] dump_stack_lvl+0x16c/0x1f0 [ 163.959294][ T7204] should_fail_ex+0x512/0x640 [ 163.959320][ T7204] _copy_from_user+0x2e/0xd0 [ 163.959344][ T7204] clear_refs_write+0xea/0xb70 [ 163.959384][ T7204] ? __pfx_clear_refs_write+0x10/0x10 [ 163.959410][ T7204] ? __lock_acquire+0xaa4/0x1ba0 [ 163.959432][ T7204] ? get_pid_task+0xfc/0x250 [ 163.959471][ T7204] vfs_write+0x25c/0x1180 [ 163.959494][ T7204] ? __pfx_clear_refs_write+0x10/0x10 [ 163.959525][ T7204] ? __pfx___mutex_lock+0x10/0x10 [ 163.959549][ T7204] ? __pfx_vfs_write+0x10/0x10 [ 163.959581][ T7204] ? __fget_files+0x20e/0x3c0 [ 163.959615][ T7204] ksys_write+0x12a/0x240 [ 163.959639][ T7204] ? __pfx_ksys_write+0x10/0x10 [ 163.959662][ T7204] ? rcu_is_watching+0x12/0xc0 [ 163.959693][ T7204] do_syscall_64+0xcd/0x260 [ 163.959720][ T7204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.959739][ T7204] RIP: 0033:0x7f2c6cf8d169 [ 163.959755][ T7204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.959772][ T7204] RSP: 002b:00007f2c6ddc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 163.959790][ T7204] RAX: ffffffffffffffda RBX: 00007f2c6d1a5fa0 RCX: 00007f2c6cf8d169 [ 163.959802][ T7204] RDX: 00000000ffffff4b RSI: 0000000000000000 RDI: 0000000000000003 [ 163.959813][ T7204] RBP: 00007f2c6ddc1090 R08: 0000000000000000 R09: 0000000000000000 [ 163.959825][ T7204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 163.959836][ T7204] R13: 0000000000000000 R14: 00007f2c6d1a5fa0 R15: 00007ffd7a8f5dd8 [ 163.959862][ T7204] [ 164.365186][ T7207] svc: failed to register nfsdv3 RPC service (errno 111). [ 164.417626][ T7207] svc: failed to register nfsaclv3 RPC service (errno 111). [ 166.357661][ T7230] FAULT_INJECTION: forcing a failure. [ 166.357661][ T7230] name failslab, interval 1, probability 0, space 0, times 0 [ 166.464801][ T7235] syz.3.348 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 166.505548][ T7230] CPU: 0 UID: 0 PID: 7230 Comm: syz.2.349 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 166.505581][ T7230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 166.505593][ T7230] Call Trace: [ 166.505600][ T7230] [ 166.505609][ T7230] dump_stack_lvl+0x16c/0x1f0 [ 166.505643][ T7230] should_fail_ex+0x512/0x640 [ 166.505667][ T7230] ? __kvmalloc_node_noprof+0x122/0x600 [ 166.505702][ T7230] should_failslab+0xc2/0x120 [ 166.505724][ T7230] __kvmalloc_node_noprof+0x135/0x600 [ 166.505756][ T7230] ? seq_read_iter+0x826/0x12c0 [ 166.505791][ T7230] ? seq_read_iter+0x826/0x12c0 [ 166.505816][ T7230] seq_read_iter+0x826/0x12c0 [ 166.505847][ T7230] ? aa_file_perm+0x4d6/0xfb0 [ 166.505885][ T7230] seq_read+0x39e/0x4e0 [ 166.505913][ T7230] ? __pfx_seq_read+0x10/0x10 [ 166.505946][ T7230] ? get_pid_task+0xfc/0x250 [ 166.505984][ T7230] ? __pfx_seq_read+0x10/0x10 [ 166.506011][ T7230] proc_reg_read+0x23d/0x330 [ 166.506033][ T7230] ? __pfx_proc_reg_read+0x10/0x10 [ 166.506063][ T7230] vfs_read+0x1de/0xc70 [ 166.506092][ T7230] ? __pfx___mutex_lock+0x10/0x10 [ 166.506119][ T7230] ? __pfx_vfs_read+0x10/0x10 [ 166.506156][ T7230] ? __fget_files+0x20e/0x3c0 [ 166.506196][ T7230] ksys_read+0x12a/0x240 [ 166.506224][ T7230] ? __pfx_ksys_read+0x10/0x10 [ 166.506249][ T7230] ? rcu_is_watching+0x12/0xc0 [ 166.506284][ T7230] do_syscall_64+0xcd/0x260 [ 166.506315][ T7230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.506338][ T7230] RIP: 0033:0x7f2c6cf8d169 [ 166.506356][ T7230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.506376][ T7230] RSP: 002b:00007f2c6ddc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 166.506398][ T7230] RAX: ffffffffffffffda RBX: 00007f2c6d1a5fa0 RCX: 00007f2c6cf8d169 [ 166.506413][ T7230] RDX: 0000000000805644 RSI: 0000200000000300 RDI: 0000000000000003 [ 166.506427][ T7230] RBP: 00007f2c6ddc1090 R08: 0000000000000000 R09: 0000000000000000 [ 166.506440][ T7230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.506453][ T7230] R13: 0000000000000000 R14: 00007f2c6d1a5fa0 R15: 00007ffd7a8f5dd8 [ 166.506484][ T7230] [ 168.666596][ T7255] netlink: 28 bytes leftover after parsing attributes in process `syz.2.355'. [ 169.536743][ T7255] mac80211_hwsim hwsim6 wlan1: entered allmulticast mode [ 176.242093][ T7334] FAULT_INJECTION: forcing a failure. [ 176.242093][ T7334] name failslab, interval 1, probability 0, space 0, times 0 [ 176.359449][ T7334] CPU: 1 UID: 0 PID: 7334 Comm: syz.1.371 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 176.359487][ T7334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 176.359503][ T7334] Call Trace: [ 176.359510][ T7334] [ 176.359519][ T7334] dump_stack_lvl+0x16c/0x1f0 [ 176.359557][ T7334] should_fail_ex+0x512/0x640 [ 176.359582][ T7334] ? fs_reclaim_acquire+0xae/0x150 [ 176.359615][ T7334] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 176.359643][ T7334] should_failslab+0xc2/0x120 [ 176.359669][ T7334] __kmalloc_noprof+0xd2/0x510 [ 176.359708][ T7334] tomoyo_realpath_from_path+0xc2/0x6e0 [ 176.359745][ T7334] ? tomoyo_profile+0x47/0x60 [ 176.359779][ T7334] tomoyo_path_number_perm+0x245/0x580 [ 176.359803][ T7334] ? tomoyo_path_number_perm+0x237/0x580 [ 176.359842][ T7334] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 176.359869][ T7334] ? find_held_lock+0x2b/0x80 [ 176.359931][ T7334] ? find_held_lock+0x2b/0x80 [ 176.359956][ T7334] ? hook_file_ioctl_common+0x145/0x410 [ 176.359992][ T7334] ? __fget_files+0x20e/0x3c0 [ 176.360028][ T7334] security_file_ioctl+0x9b/0x240 [ 176.360056][ T7334] __x64_sys_ioctl+0xb7/0x200 [ 176.360085][ T7334] do_syscall_64+0xcd/0x260 [ 176.360116][ T7334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.360143][ T7334] RIP: 0033:0x7f89e318d169 [ 176.360162][ T7334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.360181][ T7334] RSP: 002b:00007f89e3f38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 176.360206][ T7334] RAX: ffffffffffffffda RBX: 00007f89e33a5fa0 RCX: 00007f89e318d169 [ 176.360221][ T7334] RDX: 0000200000000140 RSI: 00000000000089b0 RDI: 0000000000000003 [ 176.360235][ T7334] RBP: 00007f89e3f38090 R08: 0000000000000000 R09: 0000000000000000 [ 176.360248][ T7334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 176.360261][ T7334] R13: 0000000000000000 R14: 00007f89e33a5fa0 R15: 00007ffd8543d648 [ 176.360296][ T7334] [ 176.360345][ T7334] ERROR: Out of memory at tomoyo_realpath_from_path. [ 176.774819][ T7338] netlink: 342 bytes leftover after parsing attributes in process `syz.3.373'. [ 177.742634][ T7353] netlink: 28 bytes leftover after parsing attributes in process `syz.0.376'. /[ 185.028851][ T7436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.396'. [ 185.078704][ T7432] netlink: 13 bytes leftover after parsing attributes in process `syz.0.396'. [ 188.636278][ T7472] bcache: register_bcache() error : failed to open device [ 194.553303][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.586941][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.252147][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.3.415'. [ 195.261114][ T7536] netlink: 32 bytes leftover after parsing attributes in process `syz.3.415'. [ 195.275397][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.3.415'. [ 197.929388][ T7568] Invalid ELF header magic: != ELF [ 198.163994][ T7571] netlink: 28 bytes leftover after parsing attributes in process `syz.3.423'. [ 199.400187][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.424'. [ 199.409347][ T7576] netlink: 32 bytes leftover after parsing attributes in process `syz.3.424'. [ 199.419102][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.424'. [ 199.499069][ T7578] netlink: 'syz.3.425': attribute type 1 has an invalid length. [ 199.507065][ T7578] netlink: 32 bytes leftover after parsing attributes in process `syz.3.425'. [ 199.516675][ T7578] netlink: 'syz.3.425': attribute type 1 has an invalid length. [ 199.524827][ T7578] FAULT_INJECTION: forcing a failure. [ 199.524827][ T7578] name failslab, interval 1, probability 0, space 0, times 0 [ 199.538375][ T7578] CPU: 1 UID: 0 PID: 7578 Comm: syz.3.425 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 199.538403][ T7578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 199.538416][ T7578] Call Trace: [ 199.538424][ T7578] [ 199.538433][ T7578] dump_stack_lvl+0x16c/0x1f0 [ 199.538466][ T7578] should_fail_ex+0x512/0x640 [ 199.538489][ T7578] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 199.538526][ T7578] should_failslab+0xc2/0x120 [ 199.538548][ T7578] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 199.538580][ T7578] ? __alloc_skb+0x2b2/0x380 [ 199.538610][ T7578] __alloc_skb+0x2b2/0x380 [ 199.538643][ T7578] ? __pfx___alloc_skb+0x10/0x10 [ 199.538668][ T7578] ? genl_rcv_msg+0x4bb/0x800 [ 199.538708][ T7578] netlink_ack+0x15d/0xb80 [ 199.538738][ T7578] ? __lock_acquire+0xaa4/0x1ba0 [ 199.538766][ T7578] netlink_rcv_skb+0x347/0x440 [ 199.538794][ T7578] ? __pfx_genl_rcv_msg+0x10/0x10 [ 199.538826][ T7578] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 199.538870][ T7578] ? __pfx_down_read+0x10/0x10 [ 199.538901][ T7578] ? netlink_deliver_tap+0x1ae/0xd30 [ 199.538933][ T7578] genl_rcv+0x28/0x40 [ 199.538960][ T7578] netlink_unicast+0x53a/0x7f0 [ 199.538990][ T7578] ? __pfx_netlink_unicast+0x10/0x10 [ 199.539024][ T7578] netlink_sendmsg+0x8d1/0xdd0 [ 199.539058][ T7578] ? __pfx_netlink_sendmsg+0x10/0x10 [ 199.539099][ T7578] sock_write_iter+0x4fc/0x5b0 [ 199.539133][ T7578] ? __pfx_sock_write_iter+0x10/0x10 [ 199.539175][ T7578] ? bpf_lsm_file_permission+0x9/0x10 [ 199.539201][ T7578] ? security_file_permission+0x71/0x210 [ 199.539230][ T7578] ? rw_verify_area+0xcf/0x680 [ 199.539258][ T7578] vfs_write+0x5ba/0x1180 [ 199.539287][ T7578] ? __pfx_sock_write_iter+0x10/0x10 [ 199.539322][ T7578] ? __pfx_vfs_write+0x10/0x10 [ 199.539348][ T7578] ? find_held_lock+0x2b/0x80 [ 199.539398][ T7578] ksys_write+0x205/0x240 [ 199.539427][ T7578] ? __pfx_ksys_write+0x10/0x10 [ 199.539453][ T7578] ? rcu_is_watching+0x12/0xc0 [ 199.539491][ T7578] do_syscall_64+0xcd/0x260 [ 199.539522][ T7578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.539545][ T7578] RIP: 0033:0x7f6dfe58d169 [ 199.539564][ T7578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.539583][ T7578] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 199.539605][ T7578] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 199.539631][ T7578] RDX: 00000000000000fe RSI: 0000200000000000 RDI: 0000000000000003 [ 199.539644][ T7578] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 199.539657][ T7578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.539670][ T7578] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 199.539702][ T7578] [ 200.331458][ T5844] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 201.922278][ T55] Bluetooth: hci0: command 0x0406 tx timeout [ 201.929779][ T55] Bluetooth: hci1: command 0x0406 tx timeout [ 201.935924][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 201.941978][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 202.923803][ T7610] netlink: 8 bytes leftover after parsing attributes in process `syz.3.432'. [ 202.953048][ T7610] netlink: 32 bytes leftover after parsing attributes in process `syz.3.432'. [ 202.965278][ T7610] netlink: 8 bytes leftover after parsing attributes in process `syz.3.432'. [ 203.090262][ T7618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.434'. [ 203.122879][ T7618] netlink: 32 bytes leftover after parsing attributes in process `syz.0.434'. [ 203.131797][ T7618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.434'. [ 206.654892][ T7652] usb usb15: usbfs: process 7652 (syz.3.442) did not claim interface 0 before use [ 207.736193][ T7661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.444'. [ 207.795555][ T7661] netlink: 32 bytes leftover after parsing attributes in process `syz.3.444'. [ 207.811733][ T7661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.444'. [ 210.956971][ T7710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.458'. [ 210.996844][ T7710] netlink: 32 bytes leftover after parsing attributes in process `syz.0.458'. [ 211.013112][ T7710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.458'. [ 212.185166][ T7731] FAULT_INJECTION: forcing a failure. [ 212.185166][ T7731] name failslab, interval 1, probability 0, space 0, times 0 [ 212.223442][ T7731] CPU: 1 UID: 0 PID: 7731 Comm: syz.3.463 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 212.223476][ T7731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 212.223488][ T7731] Call Trace: [ 212.223496][ T7731] [ 212.223505][ T7731] dump_stack_lvl+0x16c/0x1f0 [ 212.223539][ T7731] should_fail_ex+0x512/0x640 [ 212.223563][ T7731] ? fs_reclaim_acquire+0xae/0x150 [ 212.223592][ T7731] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 212.223620][ T7731] should_failslab+0xc2/0x120 [ 212.223642][ T7731] __kmalloc_noprof+0xd2/0x510 [ 212.223681][ T7731] tomoyo_realpath_from_path+0xc2/0x6e0 [ 212.223713][ T7731] ? tomoyo_profile+0x47/0x60 [ 212.223747][ T7731] tomoyo_path_number_perm+0x245/0x580 [ 212.223771][ T7731] ? tomoyo_path_number_perm+0x237/0x580 [ 212.223799][ T7731] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 212.223826][ T7731] ? find_held_lock+0x2b/0x80 [ 212.223883][ T7731] ? fd_install+0x244/0x750 [ 212.223912][ T7731] ? hook_file_ioctl_common+0x145/0x410 [ 212.223951][ T7731] security_file_ioctl+0x9b/0x240 [ 212.223979][ T7731] __x64_sys_ioctl+0xb7/0x200 [ 212.224008][ T7731] do_syscall_64+0xcd/0x260 [ 212.224040][ T7731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.224063][ T7731] RIP: 0033:0x7f6dfe58d169 [ 212.224081][ T7731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.224101][ T7731] RSP: 002b:00007f6dff492038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.224123][ T7731] RAX: ffffffffffffffda RBX: 00007f6dfe7a6080 RCX: 00007f6dfe58d169 [ 212.224137][ T7731] RDX: 0000000000000000 RSI: 0000000000004b72 RDI: 0000000000000000 [ 212.224150][ T7731] RBP: 00007f6dff492090 R08: 0000000000000000 R09: 0000000000000000 [ 212.224163][ T7731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.224175][ T7731] R13: 0000000000000000 R14: 00007f6dfe7a6080 R15: 00007ffce041a238 [ 212.224206][ T7731] [ 212.224216][ T7731] ERROR: Out of memory at tomoyo_realpath_from_path. [ 213.684985][ T7752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.468'. [ 213.739386][ T7752] netlink: 32 bytes leftover after parsing attributes in process `syz.1.468'. [ 213.785689][ T7752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.468'. [ 214.810462][ T7773] openvswitch: netlink: IP tunnel TTL not specified. [ 214.863927][ T5857] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 214.863964][ T5857] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 214.881658][ T5857] Bluetooth: hci3: Dropping invalid advertising data [ 214.888816][ T5857] Bluetooth: hci3: Dropping invalid advertising data [ 214.895568][ T5857] Bluetooth: hci3: Dropping invalid advertising data [ 214.902514][ T5857] Bluetooth: hci3: Malformed LE Event: 0x02 [ 215.449380][ T7787] netlink: 338 bytes leftover after parsing attributes in process `syz.0.477'. [ 215.989985][ T7795] FAULT_INJECTION: forcing a failure. [ 215.989985][ T7795] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 216.123259][ T7795] CPU: 0 UID: 0 PID: 7795 Comm: syz.1.479 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 216.123291][ T7795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 216.123303][ T7795] Call Trace: [ 216.123311][ T7795] [ 216.123320][ T7795] dump_stack_lvl+0x16c/0x1f0 [ 216.123354][ T7795] should_fail_ex+0x512/0x640 [ 216.123384][ T7795] strncpy_from_user+0x3b/0x2e0 [ 216.123412][ T7795] getname_flags.part.0+0x8b/0x540 [ 216.123442][ T7795] getname_flags+0x93/0xf0 [ 216.123471][ T7795] do_sys_openat2+0xb8/0x1d0 [ 216.123495][ T7795] ? __pfx_do_sys_openat2+0x10/0x10 [ 216.123522][ T7795] ? __fget_files+0x20e/0x3c0 [ 216.123559][ T7795] __x64_sys_openat+0x174/0x210 [ 216.123583][ T7795] ? __pfx___x64_sys_openat+0x10/0x10 [ 216.123606][ T7795] ? ksys_write+0x1b9/0x240 [ 216.123646][ T7795] do_syscall_64+0xcd/0x260 [ 216.123677][ T7795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.123700][ T7795] RIP: 0033:0x7f89e318d169 [ 216.123718][ T7795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.123738][ T7795] RSP: 002b:00007f89e3f38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 216.123759][ T7795] RAX: ffffffffffffffda RBX: 00007f89e33a5fa0 RCX: 00007f89e318d169 [ 216.123774][ T7795] RDX: 0000000000080800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 216.123788][ T7795] RBP: 00007f89e3f38090 R08: 0000000000000000 R09: 0000000000000000 [ 216.123801][ T7795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 216.123813][ T7795] R13: 0000000000000001 R14: 00007f89e33a5fa0 R15: 00007ffd8543d648 [ 216.123842][ T7795] [ 218.630684][ T7839] FAULT_INJECTION: forcing a failure. [ 218.630684][ T7839] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 218.718338][ T7839] CPU: 0 UID: 0 PID: 7839 Comm: syz.2.492 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 218.718376][ T7839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 218.718391][ T7839] Call Trace: [ 218.718399][ T7839] [ 218.718409][ T7839] dump_stack_lvl+0x16c/0x1f0 [ 218.718447][ T7839] should_fail_ex+0x512/0x640 [ 218.718479][ T7839] _copy_to_user+0x32/0xd0 [ 218.718509][ T7839] poll_select_finish+0x33a/0x6b0 [ 218.718543][ T7839] ? __pfx_poll_select_finish+0x10/0x10 [ 218.718575][ T7839] ? read_tsc+0x9/0x20 [ 218.718601][ T7839] ? ktime_get_ts64+0x256/0x400 [ 218.718640][ T7839] kern_select+0x16e/0x1e0 [ 218.718686][ T7839] ? __pfx_kern_select+0x10/0x10 [ 218.718733][ T7839] __x64_sys_select+0xbd/0x160 [ 218.718761][ T7839] ? do_syscall_64+0x91/0x260 [ 218.718789][ T7839] ? lockdep_hardirqs_on+0x7c/0x110 [ 218.718816][ T7839] do_syscall_64+0xcd/0x260 [ 218.718848][ T7839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.718873][ T7839] RIP: 0033:0x7f2c6cf8d169 [ 218.718892][ T7839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.718915][ T7839] RSP: 002b:00007f2c6ddc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 218.718939][ T7839] RAX: ffffffffffffffda RBX: 00007f2c6d1a5fa0 RCX: 00007f2c6cf8d169 [ 218.718956][ T7839] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000009 [ 218.718971][ T7839] RBP: 00007f2c6d00e2a0 R08: 0000200000000600 R09: 0000000000000000 [ 218.718987][ T7839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 218.719002][ T7839] R13: 0000000000000000 R14: 00007f2c6d1a5fa0 R15: 00007ffd7a8f5dd8 [ 218.719035][ T7839] [ 218.906473][ T7832] random: crng reseeded on system resumption [ 220.667850][ T7871] netlink: 544 bytes leftover after parsing attributes in process `syz.2.498'. [ 221.685380][ T7885] netlink: 28 bytes leftover after parsing attributes in process `syz.2.501'. [ 221.967107][ T7870] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.486654][ T7896] netlink: 93 bytes leftover after parsing attributes in process `syz.1.502'. [ 222.580062][ T7894] Invalid ELF header magic: != ELF [ 222.665488][ T7896] netlink: 93 bytes leftover after parsing attributes in process `syz.1.502'. [ 222.688351][ T7901] netlink: 28 bytes leftover after parsing attributes in process `syz.0.503'. [ 222.819177][ T7896] netlink: 93 bytes leftover after parsing attributes in process `syz.1.502'. [ 223.148214][ T7896] netlink: 93 bytes leftover after parsing attributes in process `syz.1.502'. [ 223.171948][ T7906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.504'. [ 224.412852][ T7934] netlink: 110 bytes leftover after parsing attributes in process `syz.2.509'. [ 226.846951][ T7953] svc: failed to register nfsdv3 RPC service (errno 111). [ 226.944951][ T7953] svc: failed to register nfsaclv3 RPC service (errno 512). [ 227.625378][ T7976] netlink: 342 bytes leftover after parsing attributes in process `syz.0.523'. [ 228.128822][ T7993] vivid-003: ================= START STATUS ================= [ 228.251231][ T7993] vivid-003: Radio HW Seek Mode: Bounded [ 228.475656][ T7993] vivid-003: Radio Programmable HW Seek: false [ 228.627831][ T7993] vivid-003: RDS Rx I/O Mode: Block I/O [ 228.725934][ T7993] vivid-003: Generate RBDS Instead of RDS: false [ 228.732350][ T7993] vivid-003: RDS Reception: true [ 228.800336][ T7993] vivid-003: RDS Program Type: 0 inactive [ 228.848466][ T7993] vivid-003: RDS PS Name: inactive [ 228.889811][ T7993] vivid-003: RDS Radio Text: inactive [ 228.895382][ T7993] vivid-003: RDS Traffic Announcement: false inactive [ 229.018765][ T7993] vivid-003: RDS Traffic Program: false inactive [ 229.025214][ T7993] vivid-003: RDS Music: false inactive [ 229.102846][ T7993] vivid-003: ================== END STATUS ================== [ 229.982457][ T8019] FAULT_INJECTION: forcing a failure. [ 229.982457][ T8019] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 229.995943][ T8019] CPU: 0 UID: 0 PID: 8019 Comm: syz.0.531 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 229.995974][ T8019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 229.995986][ T8019] Call Trace: [ 229.995994][ T8019] [ 229.996003][ T8019] dump_stack_lvl+0x16c/0x1f0 [ 229.996037][ T8019] should_fail_ex+0x512/0x640 [ 229.996067][ T8019] should_fail_alloc_page+0xe7/0x130 [ 229.996091][ T8019] prepare_alloc_pages+0x3c2/0x610 [ 229.996119][ T8019] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 229.996147][ T8019] __alloc_frozen_pages_noprof+0x18d/0x2370 [ 229.996178][ T8019] ? __lock_acquire+0xaa4/0x1ba0 [ 229.996209][ T8019] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 229.996238][ T8019] ? do_raw_spin_lock+0x12c/0x2b0 [ 229.996262][ T8019] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 229.996284][ T8019] ? cgroup_rstat_updated+0x2a/0xb20 [ 229.996311][ T8019] ? find_held_lock+0x2b/0x80 [ 229.996347][ T8019] ? __lock_acquire+0xaa4/0x1ba0 [ 229.996368][ T8019] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 229.996394][ T8019] ? policy_nodemask+0xea/0x4e0 [ 229.996418][ T8019] alloc_pages_mpol+0x1fb/0x550 [ 229.996442][ T8019] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 229.996473][ T8019] folio_alloc_mpol_noprof+0x36/0x2f0 [ 229.996500][ T8019] shmem_alloc_folio+0x135/0x160 [ 229.996531][ T8019] shmem_alloc_and_add_folio+0x499/0xc20 [ 229.996580][ T8019] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 229.996616][ T8019] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 229.996654][ T8019] shmem_get_folio_gfp+0x687/0x1530 [ 229.996694][ T8019] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 229.996730][ T8019] ? filemap_map_pages+0xf6c/0x1680 [ 229.996756][ T8019] shmem_fault+0x1fe/0xa30 [ 229.996790][ T8019] ? __pfx_shmem_fault+0x10/0x10 [ 229.996829][ T8019] ? __pfx_filemap_map_pages+0x10/0x10 [ 229.996860][ T8019] __do_fault+0x10a/0x490 [ 229.996885][ T8019] do_pte_missing+0x1031/0x3fb0 [ 229.996919][ T8019] ? __handle_mm_fault+0x1010/0x2a40 [ 229.996953][ T8019] __handle_mm_fault+0x103d/0x2a40 [ 229.996992][ T8019] ? __pfx___handle_mm_fault+0x10/0x10 [ 229.997041][ T8019] ? find_vma+0xbf/0x140 [ 229.997064][ T8019] ? __pfx_find_vma+0x10/0x10 [ 229.997092][ T8019] handle_mm_fault+0x3fe/0xad0 [ 229.997128][ T8019] do_user_addr_fault+0x7a6/0x1370 [ 229.997158][ T8019] ? rcu_is_watching+0x12/0xc0 [ 229.997187][ T8019] exc_page_fault+0x5c/0xc0 [ 229.997216][ T8019] asm_exc_page_fault+0x26/0x30 [ 229.997238][ T8019] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 229.997262][ T8019] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 229.997282][ T8019] RSP: 0018:ffffc900049377d8 EFLAGS: 00050206 [ 229.997301][ T8019] RAX: 0000000000000001 RBX: 000000000000ee46 RCX: 000000000000ce46 [ 229.997314][ T8019] RDX: ffffed100b427dc9 RSI: 0000000000002000 RDI: ffff88805a132000 [ 229.997328][ T8019] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100b427dc8 [ 229.997341][ T8019] R10: ffff88805a13ee45 R11: 0000000000000000 R12: 0000000000000000 [ 229.997355][ T8019] R13: ffffc90004937d60 R14: 000000000000ee46 R15: ffff88805a130000 [ 229.997388][ T8019] _copy_from_iter+0x391/0x15b0 [ 229.997421][ T8019] ? rcu_is_watching+0x12/0xc0 [ 229.997446][ T8019] ? __pfx__copy_from_iter+0x10/0x10 [ 229.997469][ T8019] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 229.997502][ T8019] ? __asan_memset+0x23/0x50 [ 229.997531][ T8019] ? __build_skb_around+0x278/0x3b0 [ 229.997562][ T8019] ? __build_skb+0x6e/0x90 [ 229.997584][ T8019] ? is_vmalloc_addr+0x30/0x40 [ 229.997618][ T8019] netlink_sendmsg+0x829/0xdd0 [ 229.997654][ T8019] ? __pfx_netlink_sendmsg+0x10/0x10 [ 229.997696][ T8019] ____sys_sendmsg+0xa95/0xc70 [ 229.997730][ T8019] ? copy_msghdr_from_user+0x10a/0x160 [ 229.997756][ T8019] ? __pfx_____sys_sendmsg+0x10/0x10 [ 229.997792][ T8019] ? __pfx__kstrtoull+0x10/0x10 [ 229.997831][ T8019] ___sys_sendmsg+0x134/0x1d0 [ 229.997860][ T8019] ? __pfx____sys_sendmsg+0x10/0x10 [ 229.997903][ T8019] ? find_held_lock+0x2b/0x80 [ 229.997952][ T8019] __sys_sendmmsg+0x200/0x420 [ 229.997983][ T8019] ? __pfx___sys_sendmmsg+0x10/0x10 [ 229.998018][ T8019] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 229.998060][ T8019] ? fput+0x70/0xf0 [ 229.998082][ T8019] ? ksys_write+0x1b9/0x240 [ 229.998110][ T8019] ? __pfx_ksys_write+0x10/0x10 [ 229.998137][ T8019] ? rcu_is_watching+0x12/0xc0 [ 229.998168][ T8019] __x64_sys_sendmmsg+0x9c/0x100 [ 229.998212][ T8019] ? lockdep_hardirqs_on+0x7c/0x110 [ 229.998238][ T8019] do_syscall_64+0xcd/0x260 [ 229.998268][ T8019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.998289][ T8019] RIP: 0033:0x7f736e18d169 [ 229.998309][ T8019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.998328][ T8019] RSP: 002b:00007f736efab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 229.998348][ T8019] RAX: ffffffffffffffda RBX: 00007f736e3a5fa0 RCX: 00007f736e18d169 [ 229.998362][ T8019] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 229.998375][ T8019] RBP: 00007f736efab090 R08: 0000000000000000 R09: 0000000000000000 [ 229.998388][ T8019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 229.998401][ T8019] R13: 0000000000000000 R14: 00007f736e3a5fa0 R15: 00007ffe6e57bec8 [ 229.998431][ T8019] [ 231.107035][ T8004] aoe: can't write to that file. [ 232.110056][ T8043] netlink: 11 bytes leftover after parsing attributes in process `syz.3.538'. [ 232.148980][ T8043] netlink: 11 bytes leftover after parsing attributes in process `syz.3.538'. [ 232.218764][ T8049] netlink: 11 bytes leftover after parsing attributes in process `syz.3.538'. [ 232.932479][ T8057] can: request_module (can-proto-4) failed. [ 233.145892][ T5857] Bluetooth: hci1: unexpected event 0x03 length: 17 > 11 [ 233.257843][ T8060] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 233.282360][ T8060] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 233.399283][ T8060] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 233.408239][ T8060] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 233.582698][ T8060] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 233.589947][ T8060] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 233.743841][ T8060] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 233.753048][ T8060] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 234.427119][ T8081] netlink: 20 bytes leftover after parsing attributes in process `syz.0.548'. [ 234.790343][ T8089] netlink: 'syz.2.551': attribute type 1 has an invalid length. [ 235.143648][ T8099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 235.228299][ T8099] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 235.289383][ T5857] Bluetooth: hci0: command 0x0406 tx timeout [ 235.363212][ T8097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.554'. [ 235.458712][ T5857] Bluetooth: hci2: command 0x0406 tx timeout [ 235.609132][ T5857] Bluetooth: hci1: command 0x0406 tx timeout [ 235.778914][ T5857] Bluetooth: hci3: command 0x0406 tx timeout [ 237.379952][ T5857] Bluetooth: hci0: command 0x0406 tx timeout [ 237.530150][ T5857] Bluetooth: hci2: command 0x0406 tx timeout [ 237.690628][ T5857] Bluetooth: hci1: command 0x0406 tx timeout [ 237.850359][ T5857] Bluetooth: hci3: command 0x0406 tx timeout [ 238.236465][ T8135] netlink: 'syz.3.558': attribute type 1 has an invalid length. [ 238.244375][ T8135] netlink: 33 bytes leftover after parsing attributes in process `syz.3.558'. [ 240.121278][ T8171] netlink: 334 bytes leftover after parsing attributes in process `syz.2.569'. [ 240.279480][ T8175] sp0: Synchronizing with TNC [ 245.527000][ T8263] netlink: 62 bytes leftover after parsing attributes in process `syz.1.592'. [ 245.998662][ T8275] FAULT_INJECTION: forcing a failure. [ 245.998662][ T8275] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 246.067552][ T8275] CPU: 1 UID: 0 PID: 8275 Comm: syz.3.596 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 246.067585][ T8275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.067598][ T8275] Call Trace: [ 246.067605][ T8275] [ 246.067614][ T8275] dump_stack_lvl+0x16c/0x1f0 [ 246.067648][ T8275] should_fail_ex+0x512/0x640 [ 246.067678][ T8275] should_fail_alloc_page+0xe7/0x130 [ 246.067704][ T8275] prepare_alloc_pages+0x3c2/0x610 [ 246.067737][ T8275] __alloc_frozen_pages_noprof+0x18d/0x2370 [ 246.067772][ T8275] ? is_bpf_text_address+0x8a/0x1a0 [ 246.067793][ T8275] ? bpf_ksym_find+0x124/0x1c0 [ 246.067821][ T8275] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 246.067850][ T8275] ? is_bpf_text_address+0x94/0x1a0 [ 246.067871][ T8275] ? kernel_text_address+0x8d/0x100 [ 246.067898][ T8275] ? __kernel_text_address+0xd/0x40 [ 246.067922][ T8275] ? unwind_get_return_address+0x59/0xa0 [ 246.067951][ T8275] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 246.068007][ T8275] ? __lock_acquire+0x5ca/0x1ba0 [ 246.068027][ T8275] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 246.068053][ T8275] ? policy_nodemask+0xea/0x4e0 [ 246.068079][ T8275] alloc_pages_mpol+0x1fb/0x550 [ 246.068103][ T8275] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 246.068135][ T8275] alloc_pages_noprof+0x131/0x390 [ 246.068159][ T8275] __pmd_alloc+0x3f/0x870 [ 246.068184][ T8275] ? find_held_lock+0x2b/0x80 [ 246.068213][ T8275] __handle_mm_fault+0x948/0x2a40 [ 246.068254][ T8275] ? __pfx___handle_mm_fault+0x10/0x10 [ 246.068309][ T8275] ? find_vma+0xbf/0x140 [ 246.068333][ T8275] ? __pfx_find_vma+0x10/0x10 [ 246.068360][ T8275] handle_mm_fault+0x3fe/0xad0 [ 246.068396][ T8275] do_user_addr_fault+0x7a6/0x1370 [ 246.068426][ T8275] ? rcu_is_watching+0x12/0xc0 [ 246.068456][ T8275] exc_page_fault+0x5c/0xc0 [ 246.068483][ T8275] asm_exc_page_fault+0x26/0x30 [ 246.068505][ T8275] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 246.068528][ T8275] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 246.068548][ T8275] RSP: 0018:ffffc900034179b8 EFLAGS: 00050202 [ 246.068567][ T8275] RAX: 0000000000000001 RBX: 0000000000000053 RCX: 0000000000000053 [ 246.068584][ T8275] RDX: ffffed100436380c RSI: ffff888021b1c006 RDI: 0000000000000000 [ 246.068598][ T8275] RBP: 0000000000000053 R08: 0000000000000000 R09: ffffed100436380b [ 246.068611][ T8275] R10: ffff888021b1c058 R11: 0000000000000000 R12: ffffc90003417bc8 [ 246.068626][ T8275] R13: 0000000000000000 R14: ffffc90003417bd0 R15: ffff888021b1c006 [ 246.068659][ T8275] _copy_to_iter+0x50c/0x15a0 [ 246.068695][ T8275] ? __pfx__copy_to_iter+0x10/0x10 [ 246.068725][ T8275] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 246.068767][ T8275] seq_read_iter+0x719/0x12c0 [ 246.068799][ T8275] ? aa_file_perm+0x4d6/0xfb0 [ 246.068838][ T8275] seq_read+0x39e/0x4e0 [ 246.068866][ T8275] ? __pfx_seq_read+0x10/0x10 [ 246.068903][ T8275] ? get_pid_task+0xfc/0x250 [ 246.068937][ T8275] ? __pfx_seq_read+0x10/0x10 [ 246.068964][ T8275] proc_reg_read+0x23d/0x330 [ 246.068986][ T8275] ? __pfx_proc_reg_read+0x10/0x10 [ 246.069011][ T8275] vfs_read+0x1de/0xc70 [ 246.069047][ T8275] ? __pfx_vfs_read+0x10/0x10 [ 246.069072][ T8275] ? find_held_lock+0x2b/0x80 [ 246.069100][ T8275] ? __fget_files+0x204/0x3c0 [ 246.069134][ T8275] ? __fget_files+0x20e/0x3c0 [ 246.069161][ T8275] ? __fget_files+0x140/0x3c0 [ 246.069199][ T8275] __x64_sys_pread64+0x1f4/0x250 [ 246.069230][ T8275] ? __pfx___x64_sys_pread64+0x10/0x10 [ 246.069258][ T8275] ? rcu_is_watching+0x12/0xc0 [ 246.069298][ T8275] do_syscall_64+0xcd/0x260 [ 246.069329][ T8275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.069350][ T8275] RIP: 0033:0x7f6dfe58d169 [ 246.069368][ T8275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.069387][ T8275] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 246.069407][ T8275] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 246.069422][ T8275] RDX: 0000000000000566 RSI: 0000000000000000 RDI: 0000000000000003 [ 246.069435][ T8275] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 246.069448][ T8275] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 246.069461][ T8275] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 246.069494][ T8275] [ 248.245932][ T8302] FAULT_INJECTION: forcing a failure. [ 248.245932][ T8302] name failslab, interval 1, probability 0, space 0, times 0 [ 248.304675][ T8302] CPU: 1 UID: 0 PID: 8302 Comm: syz.0.604 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 248.304709][ T8302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 248.304721][ T8302] Call Trace: [ 248.304728][ T8302] [ 248.304737][ T8302] dump_stack_lvl+0x16c/0x1f0 [ 248.304768][ T8302] should_fail_ex+0x512/0x640 [ 248.304792][ T8302] ? __kvmalloc_node_noprof+0x122/0x600 [ 248.304825][ T8302] should_failslab+0xc2/0x120 [ 248.304845][ T8302] __kvmalloc_node_noprof+0x135/0x600 [ 248.304872][ T8302] ? sk_alloc+0x566/0xc20 [ 248.304896][ T8302] ? tap_open+0x385/0x1170 [ 248.304930][ T8302] ? tap_open+0x385/0x1170 [ 248.304956][ T8302] tap_open+0x385/0x1170 [ 248.304987][ T8302] ? __pfx_tap_open+0x10/0x10 [ 248.305020][ T8302] chrdev_open+0x231/0x6a0 [ 248.305049][ T8302] ? __pfx_apparmor_file_open+0x10/0x10 [ 248.305076][ T8302] ? __pfx_chrdev_open+0x10/0x10 [ 248.305108][ T8302] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 248.305143][ T8302] do_dentry_open+0x741/0x1c10 [ 248.305172][ T8302] ? __pfx_chrdev_open+0x10/0x10 [ 248.305209][ T8302] vfs_open+0x82/0x3f0 [ 248.305235][ T8302] path_openat+0x1e5e/0x2d40 [ 248.305277][ T8302] ? __pfx_path_openat+0x10/0x10 [ 248.305307][ T8302] ? stack_trace_save+0x8e/0xc0 [ 248.305332][ T8302] ? __pfx_stack_trace_save+0x10/0x10 [ 248.305363][ T8302] do_filp_open+0x20b/0x470 [ 248.305392][ T8302] ? __pfx_do_filp_open+0x10/0x10 [ 248.305420][ T8302] ? kasan_save_stack+0x42/0x60 [ 248.305446][ T8302] ? kasan_save_stack+0x33/0x60 [ 248.305510][ T8302] file_open_name+0x2a3/0x450 [ 248.305534][ T8302] ? __pfx_file_open_name+0x10/0x10 [ 248.305570][ T8302] acct_on+0x77/0x870 [ 248.305593][ T8302] __x64_sys_acct+0xaf/0x230 [ 248.305611][ T8302] ? lockdep_hardirqs_on+0x7c/0x110 [ 248.305637][ T8302] do_syscall_64+0xcd/0x260 [ 248.305666][ T8302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.305688][ T8302] RIP: 0033:0x7f736e18d169 [ 248.305706][ T8302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.305725][ T8302] RSP: 002b:00007f736ef69038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 248.305746][ T8302] RAX: ffffffffffffffda RBX: 00007f736e3a6160 RCX: 00007f736e18d169 [ 248.305760][ T8302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040 [ 248.305773][ T8302] RBP: 00007f736ef69090 R08: 0000000000000000 R09: 0000000000000000 [ 248.305786][ T8302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 248.305798][ T8302] R13: 0000000000000000 R14: 00007f736e3a6160 R15: 00007ffe6e57bec8 [ 248.305828][ T8302] [ 249.050710][ T8307] serio: Serial port ptm0 [ 249.347703][ T8311] Setting dangerous option i915.mitigations - tainting kernel [ 250.007610][ T8319] serio: Serial port ptm0 [ 253.504468][ T8378] netlink: 330 bytes leftover after parsing attributes in process `syz.3.625'. [ 253.831223][ T8384] FAULT_INJECTION: forcing a failure. [ 253.831223][ T8384] name failslab, interval 1, probability 0, space 0, times 0 [ 253.948337][ T8384] CPU: 0 UID: 0 PID: 8384 Comm: syz.1.626 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 253.948374][ T8384] Tainted: [U]=USER [ 253.948381][ T8384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 253.948393][ T8384] Call Trace: [ 253.948401][ T8384] [ 253.948411][ T8384] dump_stack_lvl+0x16c/0x1f0 [ 253.948444][ T8384] should_fail_ex+0x512/0x640 [ 253.948473][ T8384] ? __kmalloc_noprof+0xbf/0x510 [ 253.948518][ T8384] ? rfkill_alloc+0xac/0x330 [ 253.948548][ T8384] should_failslab+0xc2/0x120 [ 253.948570][ T8384] __kmalloc_noprof+0xd2/0x510 [ 253.948618][ T8384] rfkill_alloc+0xac/0x330 [ 253.948653][ T8384] wiphy_new_nm+0x136a/0x2160 [ 253.948687][ T8384] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 253.948721][ T8384] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 253.948753][ T8384] ieee80211_alloc_hw_nm+0x1b7a/0x2260 [ 253.948784][ T8384] ? __local_bh_enable_ip+0xa4/0x120 [ 253.948817][ T8384] mac80211_hwsim_new_radio+0x1d4/0x54d0 [ 253.948859][ T8384] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 253.948888][ T8384] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 253.948924][ T8384] hwsim_new_radio_nl+0xb51/0x12c0 [ 253.948950][ T8384] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 253.948982][ T8384] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 253.949013][ T8384] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 253.949053][ T8384] genl_family_rcv_msg_doit+0x206/0x2f0 [ 253.949089][ T8384] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 253.949121][ T8384] ? trace_cap_capable+0x18d/0x200 [ 253.949157][ T8384] ? bpf_lsm_capable+0x9/0x10 [ 253.949187][ T8384] ? security_capable+0x7e/0x260 [ 253.949221][ T8384] ? ns_capable+0xd7/0x110 [ 253.949250][ T8384] genl_rcv_msg+0x55c/0x800 [ 253.949286][ T8384] ? __pfx_genl_rcv_msg+0x10/0x10 [ 253.949315][ T8384] ? __pfx___dev_queue_xmit+0x10/0x10 [ 253.949340][ T8384] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 253.949368][ T8384] ? __lock_acquire+0xaa4/0x1ba0 [ 253.949396][ T8384] netlink_rcv_skb+0x16a/0x440 [ 253.949424][ T8384] ? __pfx_genl_rcv_msg+0x10/0x10 [ 253.949455][ T8384] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 253.949509][ T8384] ? __pfx_down_read+0x10/0x10 [ 253.949540][ T8384] ? netlink_deliver_tap+0x1ae/0xd30 [ 253.949573][ T8384] genl_rcv+0x28/0x40 [ 253.949602][ T8384] netlink_unicast+0x53a/0x7f0 [ 253.949636][ T8384] ? __pfx_netlink_unicast+0x10/0x10 [ 253.949662][ T8384] ? __lock_acquire+0xaa4/0x1ba0 [ 253.949693][ T8384] netlink_sendmsg+0x8d1/0xdd0 [ 253.949726][ T8384] ? __pfx_netlink_sendmsg+0x10/0x10 [ 253.949769][ T8384] ____sys_sendmsg+0xa95/0xc70 [ 253.949803][ T8384] ? copy_msghdr_from_user+0x10a/0x160 [ 253.949830][ T8384] ? __pfx_____sys_sendmsg+0x10/0x10 [ 253.949879][ T8384] ___sys_sendmsg+0x134/0x1d0 [ 253.949907][ T8384] ? __pfx____sys_sendmsg+0x10/0x10 [ 253.949979][ T8384] __sys_sendmsg+0x16d/0x220 [ 253.950006][ T8384] ? __pfx___sys_sendmsg+0x10/0x10 [ 253.950055][ T8384] do_syscall_64+0xcd/0x260 [ 253.950083][ T8384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.950103][ T8384] RIP: 0033:0x7f89e318d169 [ 253.950121][ T8384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.950139][ T8384] RSP: 002b:00007f89e3f17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 253.950157][ T8384] RAX: ffffffffffffffda RBX: 00007f89e33a6080 RCX: 00007f89e318d169 [ 253.950171][ T8384] RDX: 0000000004044820 RSI: 00002000000002c0 RDI: 0000000000000006 [ 253.950183][ T8384] RBP: 00007f89e3f17090 R08: 0000000000000000 R09: 0000000000000000 [ 253.950194][ T8384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 253.950206][ T8384] R13: 0000000000000001 R14: 00007f89e33a6080 R15: 00007ffd8543d648 [ 253.950236][ T8384] [ 256.029852][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.036265][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 syzkaller syzkaller login: [ 257.161045][ T8425] FAULT_INJECTION: forcing a failure. [ 257.161045][ T8425] name failslab, interval 1, probability 0, space 0, times 0 [ 257.229050][ T8425] CPU: 0 UID: 0 PID: 8425 Comm: syz.0.636 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 257.229090][ T8425] Tainted: [U]=USER [ 257.229097][ T8425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 257.229109][ T8425] Call Trace: [ 257.229116][ T8425] [ 257.229125][ T8425] dump_stack_lvl+0x16c/0x1f0 [ 257.229159][ T8425] should_fail_ex+0x512/0x640 [ 257.229182][ T8425] ? fs_reclaim_acquire+0xae/0x150 [ 257.229211][ T8425] ? tomoyo_encode2+0x100/0x3e0 [ 257.229238][ T8425] should_failslab+0xc2/0x120 [ 257.229260][ T8425] __kmalloc_noprof+0xd2/0x510 [ 257.229291][ T8425] ? d_absolute_path+0x136/0x1a0 [ 257.229322][ T8425] tomoyo_encode2+0x100/0x3e0 [ 257.229355][ T8425] tomoyo_encode+0x29/0x50 [ 257.229382][ T8425] tomoyo_realpath_from_path+0x18f/0x6e0 [ 257.229420][ T8425] tomoyo_path_number_perm+0x245/0x580 [ 257.229444][ T8425] ? tomoyo_path_number_perm+0x237/0x580 [ 257.229472][ T8425] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 257.229498][ T8425] ? find_held_lock+0x2b/0x80 [ 257.229555][ T8425] ? find_held_lock+0x2b/0x80 [ 257.229580][ T8425] ? hook_file_ioctl_common+0x145/0x410 [ 257.229611][ T8425] ? __fget_files+0x20e/0x3c0 [ 257.229647][ T8425] security_file_ioctl+0x9b/0x240 [ 257.229675][ T8425] __x64_sys_ioctl+0xb7/0x200 [ 257.229704][ T8425] do_syscall_64+0xcd/0x260 [ 257.229736][ T8425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.229760][ T8425] RIP: 0033:0x7f736e18d169 [ 257.229776][ T8425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.229793][ T8425] RSP: 002b:00007f736efab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.229813][ T8425] RAX: ffffffffffffffda RBX: 00007f736e3a5fa0 RCX: 00007f736e18d169 [ 257.229825][ T8425] RDX: 0000200000000140 RSI: 0000000081785501 RDI: 0000000000000003 [ 257.229836][ T8425] RBP: 00007f736efab090 R08: 0000000000000000 R09: 0000000000000000 [ 257.229848][ T8425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 257.229860][ T8425] R13: 0000000000000000 R14: 00007f736e3a5fa0 R15: 00007ffe6e57bec8 [ 257.229890][ T8425] [ 257.650245][ T8425] ERROR: Out of memory at tomoyo_realpath_from_path. [ 259.793154][ T5858] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 259.805674][ T5858] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 259.816236][ T5858] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 259.825918][ T5858] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 259.833790][ T5858] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 260.375145][ T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.947882][ T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.304876][ T8440] chnl_net:caif_netlink_parms(): no params data found [ 261.537157][ T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.952214][ T5857] Bluetooth: hci1: command tx timeout [ 261.965501][ T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.489279][ T8440] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.506843][ T8440] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.532990][ T8440] bridge_slave_0: entered allmulticast mode [ 262.544356][ T8440] bridge_slave_0: entered promiscuous mode [ 262.707959][ T8440] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.732713][ T8440] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.771144][ T8440] bridge_slave_1: entered allmulticast mode [ 262.785220][ T8440] bridge_slave_1: entered promiscuous mode [ 263.206196][ T8440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 263.240810][ T8440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.279656][ T36] team0: left allmulticast mode [ 263.286592][ T36] team_slave_0: left allmulticast mode [ 263.292427][ T36] team_slave_1: left allmulticast mode [ 263.320097][ T36] team0: left promiscuous mode [ 263.330239][ T36] team_slave_0: left promiscuous mode [ 263.369179][ T36] team_slave_1: left promiscuous mode [ 263.376234][ T36] bridge0: port 3(team0) entered disabled state [ 263.504920][ T36] bridge_slave_1: left allmulticast mode [ 263.510674][ T36] bridge_slave_1: left promiscuous mode [ 263.533374][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.567202][ T36] bridge_slave_0: left allmulticast mode [ 263.580662][ T36] bridge_slave_0: left promiscuous mode [ 263.604985][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.023600][ T5857] Bluetooth: hci1: command tx timeout [ 264.297239][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 264.311414][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 264.322964][ T36] bond0 (unregistering): Released all slaves [ 264.457775][ T8440] team0: Port device team_slave_0 added [ 264.678330][ T8440] team0: Port device team_slave_1 added [ 264.893079][ T8440] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 264.914274][ T8440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 264.955422][ T8440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 264.978468][ T8440] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 264.993689][ T8440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.024995][ T8440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 265.302204][ T36] hsr_slave_0: left promiscuous mode [ 265.311193][ T36] hsr_slave_1: left promiscuous mode [ 265.319038][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 265.327640][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 265.337506][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 265.349585][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 265.373107][ T36] veth1_macvtap: left promiscuous mode [ 265.395627][ T36] veth0_macvtap: left promiscuous mode [ 265.401393][ T36] veth1_vlan: left promiscuous mode [ 265.407433][ T36] veth0_vlan: left promiscuous mode [ 265.487348][ T8504] FAULT_INJECTION: forcing a failure. [ 265.487348][ T8504] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 265.504046][ T8504] CPU: 1 UID: 0 PID: 8504 Comm: syz.3.652 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 265.504083][ T8504] Tainted: [U]=USER [ 265.504090][ T8504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 265.504101][ T8504] Call Trace: [ 265.504109][ T8504] [ 265.504125][ T8504] dump_stack_lvl+0x16c/0x1f0 [ 265.504157][ T8504] should_fail_ex+0x512/0x640 [ 265.504184][ T8504] should_fail_alloc_page+0xe7/0x130 [ 265.504205][ T8504] prepare_alloc_pages+0x3c2/0x610 [ 265.504231][ T8504] ? rcu_is_watching+0x12/0xc0 [ 265.504262][ T8504] __alloc_frozen_pages_noprof+0x18d/0x2370 [ 265.504297][ T8504] ? __lock_acquire+0xaa4/0x1ba0 [ 265.504333][ T8504] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 265.504364][ T8504] ? do_raw_spin_lock+0x12c/0x2b0 [ 265.504387][ T8504] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 265.504410][ T8504] ? cgroup_rstat_updated+0x2a/0xb20 [ 265.504436][ T8504] ? find_held_lock+0x2b/0x80 [ 265.504473][ T8504] ? __lock_acquire+0xaa4/0x1ba0 [ 265.504494][ T8504] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 265.504520][ T8504] ? policy_nodemask+0xea/0x4e0 [ 265.504545][ T8504] alloc_pages_mpol+0x1fb/0x550 [ 265.504568][ T8504] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 265.504600][ T8504] folio_alloc_mpol_noprof+0x36/0x2f0 [ 265.504628][ T8504] shmem_alloc_folio+0x135/0x160 [ 265.504659][ T8504] shmem_alloc_and_add_folio+0x499/0xc20 [ 265.504699][ T8504] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 265.504735][ T8504] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 265.504774][ T8504] shmem_get_folio_gfp+0x687/0x1530 [ 265.504814][ T8504] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 265.504850][ T8504] ? filemap_map_pages+0xf6c/0x1680 [ 265.504876][ T8504] shmem_fault+0x1fe/0xa30 [ 265.504910][ T8504] ? __pfx_shmem_fault+0x10/0x10 [ 265.504947][ T8504] ? __pfx_filemap_map_pages+0x10/0x10 [ 265.504979][ T8504] __do_fault+0x10a/0x490 [ 265.505005][ T8504] do_pte_missing+0x1031/0x3fb0 [ 265.505038][ T8504] ? __handle_mm_fault+0x1010/0x2a40 [ 265.505073][ T8504] __handle_mm_fault+0x103d/0x2a40 [ 265.505112][ T8504] ? __pfx___handle_mm_fault+0x10/0x10 [ 265.505167][ T8504] ? find_vma+0xbf/0x140 [ 265.505189][ T8504] ? __pfx_find_vma+0x10/0x10 [ 265.505217][ T8504] handle_mm_fault+0x3fe/0xad0 [ 265.505253][ T8504] do_user_addr_fault+0x7a6/0x1370 [ 265.505283][ T8504] ? rcu_is_watching+0x12/0xc0 [ 265.505312][ T8504] exc_page_fault+0x5c/0xc0 [ 265.505339][ T8504] asm_exc_page_fault+0x26/0x30 [ 265.505361][ T8504] RIP: 0010:fault_in_readable+0x160/0x200 [ 265.505386][ T8504] Code: 42 e8 45 31 f6 e8 b0 26 b8 ff 48 39 eb 75 13 eb 2e e8 a4 26 b8 ff 48 81 c3 00 10 00 00 48 39 eb 74 1d e8 93 26 b8 ff 45 89 f7 <8a> 03 31 ff 44 89 fe 88 44 24 28 e8 c0 21 b8 ff 45 85 ff 74 d2 e8 [ 265.505406][ T8504] RSP: 0018:ffffc900030d79b8 EFLAGS: 00050293 [ 265.505425][ T8504] RAX: 0000000000000000 RBX: 0000000000009000 RCX: ffffffff820319a0 [ 265.505439][ T8504] RDX: ffff888032cdbc00 RSI: ffffffff8203198d RDI: 0000000000000005 [ 265.505453][ T8504] RBP: 0000000000020000 R08: 0000000000000005 R09: 0000000000000000 [ 265.505466][ T8504] R10: 0000000000000000 R11: ffffffff821f8073 R12: 000000000001f000 [ 265.505480][ T8504] R13: 0000000000001000 R14: 0000000000000000 R15: 0000000000000000 [ 265.505498][ T8504] ? kasan_save_stack+0x33/0x60 [ 265.505530][ T8504] ? fault_in_readable+0x170/0x200 [ 265.505552][ T8504] ? fault_in_readable+0x15d/0x200 [ 265.505580][ T8504] ? fault_in_readable+0x15d/0x200 [ 265.505605][ T8504] ? __pfx_fault_in_readable+0x10/0x10 [ 265.505627][ T8504] ? rcu_is_watching+0x12/0xc0 [ 265.505652][ T8504] ? I_BDEV+0xd/0x20 [ 265.505680][ T8504] ? inode_to_bdi+0x9e/0x160 [ 265.505705][ T8504] fault_in_iov_iter_readable+0x101/0x2c0 [ 265.505735][ T8504] iomap_file_buffered_write+0x404/0xcb0 [ 265.505777][ T8504] ? __pfx_iomap_file_buffered_write+0x10/0x10 [ 265.505802][ T8504] ? iov_iter_npages+0xf0/0x5a0 [ 265.505828][ T8504] ? blkdev_direct_IO+0x12b/0x1cc0 [ 265.505878][ T8504] ? filemap_check_errors+0xa9/0x160 [ 265.505908][ T8504] ? iov_iter_revert+0x27/0x5a0 [ 265.505938][ T8504] blkdev_write_iter+0x54e/0xdf0 [ 265.505971][ T8504] vfs_write+0x5ba/0x1180 [ 265.506001][ T8504] ? __pfx_blkdev_write_iter+0x10/0x10 [ 265.506030][ T8504] ? __pfx_vfs_write+0x10/0x10 [ 265.506056][ T8504] ? find_held_lock+0x2b/0x80 [ 265.506105][ T8504] ksys_write+0x12a/0x240 [ 265.506138][ T8504] ? __pfx_ksys_write+0x10/0x10 [ 265.506168][ T8504] ? rcu_is_watching+0x12/0xc0 [ 265.506203][ T8504] do_syscall_64+0xcd/0x260 [ 265.506234][ T8504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.506256][ T8504] RIP: 0033:0x7f6dfe58d169 [ 265.506274][ T8504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.506292][ T8504] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 265.506309][ T8504] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 265.506321][ T8504] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 265.506332][ T8504] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 265.506344][ T8504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 265.506355][ T8504] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 265.506381][ T8504] [ 266.120821][ T5857] Bluetooth: hci1: command tx timeout [ 266.571562][ T36] team0 (unregistering): Port device team_slave_1 removed [ 266.623732][ T36] team0 (unregistering): Port device team_slave_0 removed [ 267.261479][ T8440] hsr_slave_0: entered promiscuous mode [ 267.285899][ T8440] hsr_slave_1: entered promiscuous mode [ 267.293714][ T8440] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 267.302552][ T8440] Cannot create hsr debugfs directory [ 267.974056][ T8524] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 268.153258][ T8440] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 268.185709][ T5857] Bluetooth: hci1: command tx timeout [ 268.283575][ T8440] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 268.308041][ T8440] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 268.395414][ T8440] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 269.204841][ T8440] 8021q: adding VLAN 0 to HW filter on device bond0 [ 269.343735][ T8440] 8021q: adding VLAN 0 to HW filter on device team0 [ 269.411579][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.418820][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.587304][ T68] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.594537][ T68] bridge0: port 2(bridge_slave_1) entered forwarding state [ 270.404425][ T8568] Invalid ELF header magic: != ELF [ 271.056025][ T8440] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 271.904215][ T8440] veth0_vlan: entered promiscuous mode [ 272.042595][ T8440] veth1_vlan: entered promiscuous mode [ 272.280364][ T8440] veth0_macvtap: entered promiscuous mode [ 272.311008][ T8440] veth1_macvtap: entered promiscuous mode [ 272.619852][ T8440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 272.646058][ T8440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.675717][ T8440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 272.695737][ T8440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.705789][ T8440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 272.730163][ T8440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 272.798143][ T8440] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 273.046194][ T8440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.105784][ T8440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.115907][ T8440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.135660][ T8440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.145512][ T8440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.165675][ T8440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.180309][ T8440] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 273.224756][ T8440] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.247508][ T8440] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.273960][ T8440] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.317752][ T8440] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.618046][ T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 273.638131][ T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 273.833800][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 273.844793][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.396787][ T8655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 275.412579][ T8655] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 275.940625][ T8693] nbd: socks must be embedded in a SOCK_ITEM attr [ 275.979715][ T8693] block nbd0: shutting down sockets [ 276.087158][ T8690] zswap: compressor not available [ 277.116315][ T8728] FAULT_INJECTION: forcing a failure. [ 277.116315][ T8728] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 277.170141][ T8728] CPU: 1 UID: 0 PID: 8728 Comm: syz.3.678 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 277.170178][ T8728] Tainted: [U]=USER [ 277.170185][ T8728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 277.170197][ T8728] Call Trace: [ 277.170205][ T8728] [ 277.170213][ T8728] dump_stack_lvl+0x16c/0x1f0 [ 277.170256][ T8728] should_fail_ex+0x512/0x640 [ 277.170285][ T8728] _copy_from_user+0x2e/0xd0 [ 277.170310][ T8728] memdup_user+0x6b/0xe0 [ 277.170332][ T8728] proc_pid_attr_write+0x22e/0x790 [ 277.170365][ T8728] vfs_write+0x25c/0x1180 [ 277.170392][ T8728] ? __pfx_proc_pid_attr_write+0x10/0x10 [ 277.170427][ T8728] ? __pfx___mutex_lock+0x10/0x10 [ 277.170453][ T8728] ? __pfx_vfs_write+0x10/0x10 [ 277.170491][ T8728] ? __fget_files+0x20e/0x3c0 [ 277.170536][ T8728] ksys_write+0x12a/0x240 [ 277.170564][ T8728] ? __pfx_ksys_write+0x10/0x10 [ 277.170589][ T8728] ? rcu_is_watching+0x12/0xc0 [ 277.170624][ T8728] do_syscall_64+0xcd/0x260 [ 277.170654][ T8728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.170675][ T8728] RIP: 0033:0x7f6dfe58d169 [ 277.170692][ T8728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.170710][ T8728] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 277.170729][ T8728] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 277.170744][ T8728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 277.170755][ T8728] RBP: 00007f6dff4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 277.170765][ T8728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 277.170777][ T8728] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 277.170806][ T8728] [ 281.069947][ T8802] HfR: entered promiscuous mode [ 282.544219][ T8829] FAULT_INJECTION: forcing a failure. [ 282.544219][ T8829] name failslab, interval 1, probability 0, space 0, times 0 [ 282.609123][ T8829] CPU: 0 UID: 0 PID: 8829 Comm: syz.0.695 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 282.609161][ T8829] Tainted: [U]=USER [ 282.609168][ T8829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 282.609181][ T8829] Call Trace: [ 282.609188][ T8829] [ 282.609197][ T8829] dump_stack_lvl+0x16c/0x1f0 [ 282.609230][ T8829] should_fail_ex+0x512/0x640 [ 282.609255][ T8829] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 282.609286][ T8829] should_failslab+0xc2/0x120 [ 282.609308][ T8829] __kmalloc_cache_noprof+0x6a/0x3e0 [ 282.609337][ T8829] ? alloc_pipe_info+0x10e/0x590 [ 282.609362][ T8829] alloc_pipe_info+0x10e/0x590 [ 282.609385][ T8829] splice_direct_to_actor+0x77d/0xa30 [ 282.609417][ T8829] ? __pfx_direct_splice_actor+0x10/0x10 [ 282.609450][ T8829] ? __pfx_aa_file_perm+0x10/0x10 [ 282.609479][ T8829] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 282.609506][ T8829] ? get_pid_task+0xfc/0x250 [ 282.609537][ T8829] do_splice_direct+0x174/0x240 [ 282.609566][ T8829] ? __pfx_do_splice_direct+0x10/0x10 [ 282.609596][ T8829] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 282.609637][ T8829] ? rw_verify_area+0xcf/0x680 [ 282.609667][ T8829] do_sendfile+0xafd/0xe50 [ 282.609700][ T8829] ? __pfx_do_sendfile+0x10/0x10 [ 282.609729][ T8829] ? __fget_files+0x20e/0x3c0 [ 282.609767][ T8829] __x64_sys_sendfile64+0x1d8/0x220 [ 282.609789][ T8829] ? ksys_write+0x1b9/0x240 [ 282.609817][ T8829] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 282.609837][ T8829] ? rcu_is_watching+0x12/0xc0 [ 282.609874][ T8829] do_syscall_64+0xcd/0x260 [ 282.609905][ T8829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.609929][ T8829] RIP: 0033:0x7f736e18d169 [ 282.609947][ T8829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.609968][ T8829] RSP: 002b:00007f736efab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 282.609990][ T8829] RAX: ffffffffffffffda RBX: 00007f736e3a5fa0 RCX: 00007f736e18d169 [ 282.610005][ T8829] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 282.610018][ T8829] RBP: 00007f736efab090 R08: 0000000000000000 R09: 0000000000000000 [ 282.610032][ T8829] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000001 [ 282.610046][ T8829] R13: 0000000000000000 R14: 00007f736e3a5fa0 R15: 00007ffe6e57bec8 [ 282.610077][ T8829] [ 283.737753][ T8839] openvswitch: HfR: Dropping previously announced user features [ 284.978149][ T8855] FAULT_INJECTION: forcing a failure. [ 284.978149][ T8855] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 284.995901][ T8855] CPU: 0 UID: 0 PID: 8855 Comm: syz.1.703 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 284.995937][ T8855] Tainted: [U]=USER [ 284.995943][ T8855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 284.995955][ T8855] Call Trace: [ 284.995963][ T8855] [ 284.995971][ T8855] dump_stack_lvl+0x16c/0x1f0 [ 284.996005][ T8855] should_fail_ex+0x512/0x640 [ 284.996034][ T8855] _copy_from_user+0x2e/0xd0 [ 284.996061][ T8855] copy_from_sockptr_offset+0x15c/0x1b0 [ 284.996094][ T8855] ? __pfx_copy_from_sockptr_offset+0x10/0x10 [ 284.996134][ T8855] do_tcp_setsockopt+0x13e/0x2640 [ 284.996164][ T8855] ? __pfx_do_tcp_setsockopt+0x10/0x10 [ 284.996190][ T8855] ? __pfx___might_resched+0x10/0x10 [ 284.996227][ T8855] ? aa_sk_perm+0x2f4/0xb10 [ 284.996252][ T8855] ? __lock_acquire+0x5ca/0x1ba0 [ 284.996272][ T8855] ? __pfx_aa_sk_perm+0x10/0x10 [ 284.996305][ T8855] ? find_held_lock+0x2b/0x80 [ 284.996333][ T8855] tcp_setsockopt+0xe2/0x100 [ 284.996355][ T8855] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 284.996385][ T8855] do_sock_setsockopt+0x221/0x470 [ 284.996415][ T8855] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 284.996462][ T8855] __sys_setsockopt+0x1a0/0x230 [ 284.996499][ T8855] __x64_sys_setsockopt+0xbd/0x160 [ 284.996524][ T8855] ? do_syscall_64+0x91/0x260 [ 284.996550][ T8855] ? lockdep_hardirqs_on+0x7c/0x110 [ 284.996577][ T8855] do_syscall_64+0xcd/0x260 [ 284.996606][ T8855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.996637][ T8855] RIP: 0033:0x7f89e318d169 [ 284.996655][ T8855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.996673][ T8855] RSP: 002b:00007f89e3f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 284.996691][ T8855] RAX: ffffffffffffffda RBX: 00007f89e33a6080 RCX: 00007f89e318d169 [ 284.996705][ T8855] RDX: 0000000000000017 RSI: 0000000000000006 RDI: 0000000000000003 [ 284.996716][ T8855] RBP: 00007f89e3f17090 R08: 0000000000000fb3 R09: 0000000000000000 [ 284.996728][ T8855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 284.996739][ T8855] R13: 0000000000000000 R14: 00007f89e33a6080 R15: 00007ffd8543d648 [ 284.996766][ T8855] [ 286.722447][ T8887] FAULT_INJECTION: forcing a failure. [ 286.722447][ T8887] name failslab, interval 1, probability 0, space 0, times 0 [ 286.768890][ T8887] CPU: 0 UID: 0 PID: 8887 Comm: syz.1.707 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 286.768929][ T8887] Tainted: [U]=USER [ 286.768937][ T8887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.768950][ T8887] Call Trace: [ 286.768958][ T8887] [ 286.768966][ T8887] dump_stack_lvl+0x16c/0x1f0 [ 286.769009][ T8887] should_fail_ex+0x512/0x640 [ 286.769033][ T8887] ? fs_reclaim_acquire+0xae/0x150 [ 286.769062][ T8887] ? tomoyo_encode2+0x100/0x3e0 [ 286.769087][ T8887] should_failslab+0xc2/0x120 [ 286.769109][ T8887] __kmalloc_noprof+0xd2/0x510 [ 286.769139][ T8887] ? d_absolute_path+0x136/0x1a0 [ 286.769170][ T8887] tomoyo_encode2+0x100/0x3e0 [ 286.769203][ T8887] tomoyo_encode+0x29/0x50 [ 286.769229][ T8887] tomoyo_realpath_from_path+0x18f/0x6e0 [ 286.769267][ T8887] tomoyo_path_number_perm+0x245/0x580 [ 286.769291][ T8887] ? tomoyo_path_number_perm+0x237/0x580 [ 286.769318][ T8887] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 286.769344][ T8887] ? find_held_lock+0x2b/0x80 [ 286.769402][ T8887] ? find_held_lock+0x2b/0x80 [ 286.769427][ T8887] ? hook_file_ioctl_common+0x145/0x410 [ 286.769456][ T8887] ? __fget_files+0x20e/0x3c0 [ 286.769491][ T8887] security_file_ioctl+0x9b/0x240 [ 286.769519][ T8887] __x64_sys_ioctl+0xb7/0x200 [ 286.769549][ T8887] do_syscall_64+0xcd/0x260 [ 286.769579][ T8887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.769601][ T8887] RIP: 0033:0x7f89e318d169 [ 286.769620][ T8887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.769640][ T8887] RSP: 002b:00007f89e3f38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.769661][ T8887] RAX: ffffffffffffffda RBX: 00007f89e33a5fa0 RCX: 00007f89e318d169 [ 286.769676][ T8887] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000f [ 286.769689][ T8887] RBP: 00007f89e3f38090 R08: 0000000000000000 R09: 0000000000000000 [ 286.769700][ T8887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.769712][ T8887] R13: 0000000000000000 R14: 00007f89e33a5fa0 R15: 00007ffd8543d648 [ 286.769744][ T8887] [ 286.769765][ T8887] ERROR: Out of memory at tomoyo_realpath_from_path. [ 289.440432][ T8953] FAULT_INJECTION: forcing a failure. [ 289.440432][ T8953] name failslab, interval 1, probability 0, space 0, times 0 [ 289.503078][ T8953] CPU: 1 UID: 0 PID: 8953 Comm: syz.1.719 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 289.503115][ T8953] Tainted: [U]=USER [ 289.503122][ T8953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 289.503133][ T8953] Call Trace: [ 289.503140][ T8953] [ 289.503149][ T8953] dump_stack_lvl+0x16c/0x1f0 [ 289.503180][ T8953] should_fail_ex+0x512/0x640 [ 289.503203][ T8953] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 289.503238][ T8953] should_failslab+0xc2/0x120 [ 289.503260][ T8953] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 289.503292][ T8953] ? __alloc_skb+0x2b2/0x380 [ 289.503323][ T8953] __alloc_skb+0x2b2/0x380 [ 289.503347][ T8953] ? __pfx___alloc_skb+0x10/0x10 [ 289.503375][ T8953] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 289.503404][ T8953] ? __lock_acquire+0xaa4/0x1ba0 [ 289.503430][ T8953] netlink_alloc_large_skb+0x69/0x130 [ 289.503461][ T8953] netlink_sendmsg+0x6a1/0xdd0 [ 289.503495][ T8953] ? __pfx_netlink_sendmsg+0x10/0x10 [ 289.503536][ T8953] ____sys_sendmsg+0xa95/0xc70 [ 289.503568][ T8953] ? copy_msghdr_from_user+0x10a/0x160 [ 289.503594][ T8953] ? __pfx_____sys_sendmsg+0x10/0x10 [ 289.503641][ T8953] ___sys_sendmsg+0x134/0x1d0 [ 289.503667][ T8953] ? __pfx____sys_sendmsg+0x10/0x10 [ 289.503731][ T8953] __sys_sendmsg+0x16d/0x220 [ 289.503757][ T8953] ? __pfx___sys_sendmsg+0x10/0x10 [ 289.503792][ T8953] ? rcu_is_watching+0x12/0xc0 [ 289.503828][ T8953] do_syscall_64+0xcd/0x260 [ 289.503858][ T8953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.503881][ T8953] RIP: 0033:0x7f89e318d169 [ 289.503900][ T8953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.503921][ T8953] RSP: 002b:00007f89e3f38038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 289.503942][ T8953] RAX: ffffffffffffffda RBX: 00007f89e33a5fa0 RCX: 00007f89e318d169 [ 289.503957][ T8953] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000003 [ 289.503972][ T8953] RBP: 00007f89e3f38090 R08: 0000000000000000 R09: 0000000000000000 [ 289.503985][ T8953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 289.503998][ T8953] R13: 0000000000000000 R14: 00007f89e33a5fa0 R15: 00007ffd8543d648 [ 289.504036][ T8953] [ 290.060647][ T8958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.721'. [ 290.616648][ T8943] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 290.634651][ T8943] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 290.645286][ T8943] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 290.655360][ T8943] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 290.707144][ T8943] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 290.827773][ T8943] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 291.121786][ T8972] netlink: 186 bytes leftover after parsing attributes in process `syz.3.724'. [ 291.794154][ T8999] FAULT_INJECTION: forcing a failure. [ 291.794154][ T8999] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 291.854011][ T8999] CPU: 1 UID: 0 PID: 8999 Comm: syz.0.730 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 291.854050][ T8999] Tainted: [U]=USER [ 291.854057][ T8999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 291.854070][ T8999] Call Trace: [ 291.854078][ T8999] [ 291.854087][ T8999] dump_stack_lvl+0x16c/0x1f0 [ 291.854122][ T8999] should_fail_ex+0x512/0x640 [ 291.854152][ T8999] _copy_to_user+0x32/0xd0 [ 291.854182][ T8999] simple_read_from_buffer+0xcb/0x170 [ 291.854215][ T8999] proc_fail_nth_read+0x197/0x270 [ 291.854246][ T8999] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 291.854279][ T8999] ? rw_verify_area+0xcf/0x680 [ 291.854304][ T8999] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 291.854333][ T8999] vfs_read+0x1de/0xc70 [ 291.854367][ T8999] ? __pfx___mutex_lock+0x10/0x10 [ 291.854394][ T8999] ? __pfx_vfs_read+0x10/0x10 [ 291.854432][ T8999] ? __fget_files+0x20e/0x3c0 [ 291.854472][ T8999] ksys_read+0x12a/0x240 [ 291.854499][ T8999] ? __pfx_ksys_read+0x10/0x10 [ 291.854524][ T8999] ? rcu_is_watching+0x12/0xc0 [ 291.854561][ T8999] do_syscall_64+0xcd/0x260 [ 291.854600][ T8999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.854623][ T8999] RIP: 0033:0x7f736e18bb7c [ 291.854642][ T8999] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 291.854662][ T8999] RSP: 002b:00007f736efab030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 291.854683][ T8999] RAX: ffffffffffffffda RBX: 00007f736e3a5fa0 RCX: 00007f736e18bb7c [ 291.854698][ T8999] RDX: 000000000000000f RSI: 00007f736efab0a0 RDI: 0000000000000003 [ 291.854711][ T8999] RBP: 00007f736efab090 R08: 0000000000000000 R09: 0000000000000000 [ 291.854724][ T8999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 291.854736][ T8999] R13: 0000000000000000 R14: 00007f736e3a5fa0 R15: 00007ffe6e57bec8 [ 291.854768][ T8999] [ 292.168359][ T9001] FAULT_INJECTION: forcing a failure. [ 292.168359][ T9001] name failslab, interval 1, probability 0, space 0, times 0 [ 292.183324][ T9001] CPU: 0 UID: 0 PID: 9001 Comm: syz.3.731 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 292.183363][ T9001] Tainted: [U]=USER [ 292.183370][ T9001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 292.183383][ T9001] Call Trace: [ 292.183391][ T9001] [ 292.183400][ T9001] dump_stack_lvl+0x16c/0x1f0 [ 292.183434][ T9001] should_fail_ex+0x512/0x640 [ 292.183457][ T9001] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 292.183491][ T9001] should_failslab+0xc2/0x120 [ 292.183513][ T9001] __kmalloc_cache_noprof+0x6a/0x3e0 [ 292.183540][ T9001] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 292.183567][ T9001] ? lockdep_hardirqs_on+0x7c/0x110 [ 292.183592][ T9001] ? __request_module+0x2ad/0x690 [ 292.183621][ T9001] __request_module+0x2ad/0x690 [ 292.183645][ T9001] ? __pfx___request_module+0x10/0x10 [ 292.183667][ T9001] ? aa_get_newest_label+0x375/0x680 [ 292.183692][ T9001] ? __pfx_aa_get_newest_label+0x10/0x10 [ 292.183732][ T9001] ? find_held_lock+0x2b/0x80 [ 292.183764][ T9001] ? tcp_set_ulp+0x4a8/0x7f0 [ 292.183796][ T9001] tcp_set_ulp+0x4c9/0x7f0 [ 292.183827][ T9001] do_tcp_setsockopt+0x4ab/0x2640 [ 292.183862][ T9001] ? __pfx_do_tcp_setsockopt+0x10/0x10 [ 292.183889][ T9001] ? __pfx___might_resched+0x10/0x10 [ 292.183931][ T9001] ? __lock_acquire+0x5ca/0x1ba0 [ 292.183952][ T9001] ? __pfx_aa_sk_perm+0x10/0x10 [ 292.183977][ T9001] ? find_held_lock+0x2b/0x80 [ 292.184006][ T9001] tcp_setsockopt+0xe2/0x100 [ 292.184030][ T9001] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 292.184063][ T9001] do_sock_setsockopt+0x221/0x470 [ 292.184094][ T9001] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 292.184145][ T9001] __sys_setsockopt+0x1a0/0x230 [ 292.184177][ T9001] __x64_sys_setsockopt+0xbd/0x160 [ 292.184201][ T9001] ? do_syscall_64+0x91/0x260 [ 292.184228][ T9001] ? lockdep_hardirqs_on+0x7c/0x110 [ 292.184255][ T9001] do_syscall_64+0xcd/0x260 [ 292.184285][ T9001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.184308][ T9001] RIP: 0033:0x7f6dfe58d169 [ 292.184327][ T9001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.184348][ T9001] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 292.184371][ T9001] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 292.184387][ T9001] RDX: 000000000000001f RSI: 0000000000000006 RDI: 0000000000000003 [ 292.184400][ T9001] RBP: 00007f6dff4b3090 R08: 000000000000003d R09: 0000000000000000 [ 292.184414][ T9001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 292.184428][ T9001] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 292.184458][ T9001] [ 292.467059][ T5857] Bluetooth: hci0: command 0x0406 tx timeout [ 292.734440][ T5857] Bluetooth: hci1: command 0x0c1a tx timeout [ 292.740904][ T5857] Bluetooth: hci3: command 0x0406 tx timeout [ 292.747537][ T5857] Bluetooth: hci2: command 0x0406 tx timeout [ 293.108962][ T9020] netlink: 330 bytes leftover after parsing attributes in process `syz.4.735'. [ 293.164855][ T9020] aoe: invalid device specification v Ém ¡wà [ 294.826128][ T5858] Bluetooth: hci1: command 0x0c1a tx timeout [ 295.170941][ T9066] zswap: compressor not available [ 296.404707][ T9108] FAULT_INJECTION: forcing a failure. [ 296.404707][ T9108] name failslab, interval 1, probability 0, space 0, times 0 [ 296.441023][ T9108] CPU: 1 UID: 0 PID: 9108 Comm: syz.3.746 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 296.441067][ T9108] Tainted: [U]=USER [ 296.441074][ T9108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 296.441088][ T9108] Call Trace: [ 296.441096][ T9108] [ 296.441106][ T9108] dump_stack_lvl+0x16c/0x1f0 [ 296.441143][ T9108] should_fail_ex+0x512/0x640 [ 296.441167][ T9108] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 296.441206][ T9108] should_failslab+0xc2/0x120 [ 296.441231][ T9108] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 296.441265][ T9108] ? __kernfs_new_node+0xd2/0x8a0 [ 296.441301][ T9108] __kernfs_new_node+0xd2/0x8a0 [ 296.441346][ T9108] ? __pfx___kernfs_new_node+0x10/0x10 [ 296.441393][ T9108] ? find_held_lock+0x2b/0x80 [ 296.441422][ T9108] ? kernfs_root+0xee/0x2a0 [ 296.441463][ T9108] kernfs_new_node+0x13c/0x1e0 [ 296.441513][ T9108] __kernfs_create_file+0x53/0x350 [ 296.441545][ T9108] sysfs_add_file_mode_ns+0x207/0x3c0 [ 296.441584][ T9108] sysfs_merge_group+0x1aa/0x340 [ 296.441608][ T9108] ? __pfx_sysfs_merge_group+0x10/0x10 [ 296.441634][ T9108] ? __pfx_dev_add_physical_location+0x10/0x10 [ 296.441667][ T9108] ? bus_to_subsys+0x12d/0x160 [ 296.441696][ T9108] dpm_sysfs_add+0x237/0x280 [ 296.441718][ T9108] device_add+0x9a6/0x1a70 [ 296.441746][ T9108] ? __pfx_device_add+0x10/0x10 [ 296.441776][ T9108] ? do_raw_spin_lock+0x12c/0x2b0 [ 296.441807][ T9108] add_disk_fwnode+0x468/0x13a0 [ 296.441840][ T9108] zram_add+0x494/0x6c0 [ 296.441864][ T9108] ? __pfx_zram_add+0x10/0x10 [ 296.441916][ T9108] ? find_held_lock+0x2b/0x80 [ 296.441951][ T9108] ? __pfx_hot_add_show+0x10/0x10 [ 296.441974][ T9108] ? __pfx_class_attr_show+0x10/0x10 [ 296.441996][ T9108] hot_add_show+0x21/0x80 [ 296.442019][ T9108] class_attr_show+0x6f/0xa0 [ 296.442043][ T9108] sysfs_kf_seq_show+0x213/0x3e0 [ 296.442080][ T9108] seq_read_iter+0x506/0x12c0 [ 296.442126][ T9108] kernfs_fop_read_iter+0x40f/0x5a0 [ 296.442152][ T9108] ? rw_verify_area+0xcf/0x680 [ 296.442183][ T9108] vfs_read+0x8c8/0xc70 [ 296.442217][ T9108] ? __pfx___mutex_lock+0x10/0x10 [ 296.442251][ T9108] ? __pfx_vfs_read+0x10/0x10 [ 296.442304][ T9108] ksys_read+0x12a/0x240 [ 296.442343][ T9108] ? __pfx_ksys_read+0x10/0x10 [ 296.442374][ T9108] ? rcu_is_watching+0x12/0xc0 [ 296.442412][ T9108] do_syscall_64+0xcd/0x260 [ 296.442445][ T9108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.442469][ T9108] RIP: 0033:0x7f6dfe58d169 [ 296.442490][ T9108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.442513][ T9108] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 296.442535][ T9108] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 [ 296.442551][ T9108] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 296.442563][ T9108] RBP: 00007f6dfe60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 296.442577][ T9108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.442589][ T9108] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 296.442619][ T9108] [ 296.918423][ T5858] Bluetooth: hci1: command 0x0c1a tx timeout [ 297.004675][ T9123] [ 297.007065][ T9123] ====================================================== [ 297.014100][ T9123] WARNING: possible circular locking dependency detected [ 297.021231][ T9123] 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 Tainted: G U [ 297.029557][ T9123] ------------------------------------------------------ [ 297.036571][ T9123] syz.3.749/9123 is trying to acquire lock: [ 297.042474][ T9123] ffff8881433f1958 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 297.052332][ T9123] [ 297.052332][ T9123] but task is already holding lock: [ 297.059746][ T9123] ffff8881433f1428 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 297.070993][ T9123] [ 297.070993][ T9123] which lock already depends on the new lock. [ 297.070993][ T9123] [ 297.081410][ T9123] [ 297.081410][ T9123] the existing dependency chain (in reverse order) is: [ 297.090432][ T9123] [ 297.090432][ T9123] -> #2 (&q->q_usage_counter(io)#29){++++}-{0:0}: [ 297.099062][ T9123] blk_alloc_queue+0x619/0x760 [ 297.104372][ T9123] blk_mq_alloc_queue+0x179/0x290 [ 297.109922][ T9123] __blk_mq_alloc_disk+0x29/0x120 [ 297.115473][ T9123] loop_add+0x496/0xb70 [ 297.120151][ T9123] loop_init+0x164/0x270 [ 297.124913][ T9123] do_one_initcall+0x120/0x6e0 [ 297.130203][ T9123] kernel_init_freeable+0x5c2/0x900 [ 297.135924][ T9123] kernel_init+0x1c/0x2b0 [ 297.140771][ T9123] ret_from_fork+0x45/0x80 [ 297.145705][ T9123] ret_from_fork_asm+0x1a/0x30 [ 297.150998][ T9123] [ 297.150998][ T9123] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 297.158213][ T9123] fs_reclaim_acquire+0x102/0x150 [ 297.163768][ T9123] blk_mq_alloc_and_init_hctx+0x503/0x11c0 [ 297.170129][ T9123] blk_mq_realloc_hw_ctxs+0x8f6/0xc00 [ 297.176028][ T9123] blk_mq_init_allocated_queue+0x3af/0x1230 [ 297.182445][ T9123] blk_mq_alloc_queue+0x1c2/0x290 [ 297.187990][ T9123] __blk_mq_alloc_disk+0x29/0x120 [ 297.193536][ T9123] loop_add+0x496/0xb70 [ 297.198212][ T9123] loop_init+0x164/0x270 [ 297.202979][ T9123] do_one_initcall+0x120/0x6e0 [ 297.208273][ T9123] kernel_init_freeable+0x5c2/0x900 [ 297.213993][ T9123] kernel_init+0x1c/0x2b0 [ 297.218843][ T9123] ret_from_fork+0x45/0x80 [ 297.223778][ T9123] ret_from_fork_asm+0x1a/0x30 [ 297.229068][ T9123] [ 297.229068][ T9123] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 297.236891][ T9123] __lock_acquire+0x1173/0x1ba0 [ 297.242268][ T9123] lock_acquire+0x179/0x350 [ 297.247288][ T9123] __mutex_lock+0x199/0xb90 [ 297.252314][ T9123] queue_requests_store+0x1c7/0x310 [ 297.258041][ T9123] queue_attr_store+0x270/0x310 [ 297.263414][ T9123] sysfs_kf_write+0xef/0x150 [ 297.268530][ T9123] kernfs_fop_write_iter+0x351/0x510 [ 297.274335][ T9123] vfs_write+0x5ba/0x1180 [ 297.279189][ T9123] ksys_write+0x12a/0x240 [ 297.284041][ T9123] do_syscall_64+0xcd/0x260 [ 297.289070][ T9123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.295487][ T9123] [ 297.295487][ T9123] other info that might help us debug this: [ 297.295487][ T9123] [ 297.305711][ T9123] Chain exists of: [ 297.305711][ T9123] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#29 [ 297.305711][ T9123] [ 297.319459][ T9123] Possible unsafe locking scenario: [ 297.319459][ T9123] [ 297.326899][ T9123] CPU0 CPU1 [ 297.332258][ T9123] ---- ---- [ 297.337615][ T9123] lock(&q->q_usage_counter(io)#29); [ 297.342996][ T9123] lock(fs_reclaim); [ 297.349504][ T9123] lock(&q->q_usage_counter(io)#29); [ 297.357404][ T9123] lock(&q->elevator_lock); [ 297.361997][ T9123] [ 297.361997][ T9123] *** DEADLOCK *** [ 297.361997][ T9123] [ 297.370132][ T9123] 6 locks held by syz.3.749/9123: [ 297.375149][ T9123] #0: ffff88802fbdd5f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 297.384230][ T9123] #1: ffff88803695c420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240 [ 297.393226][ T9123] #2: ffff88803346d088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 297.402994][ T9123] #3: ffff888025a861e8 (kn->active#122){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 297.413113][ T9123] #4: ffff8881433f1428 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 297.424795][ T9123] #5: ffff8881433f1460 (&q->q_usage_counter(queue)#21){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 297.436732][ T9123] [ 297.436732][ T9123] stack backtrace: [ 297.442615][ T9123] CPU: 0 UID: 0 PID: 9123 Comm: syz.3.749 Tainted: G U 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) [ 297.442644][ T9123] Tainted: [U]=USER [ 297.442651][ T9123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 297.442663][ T9123] Call Trace: [ 297.442670][ T9123] [ 297.442678][ T9123] dump_stack_lvl+0x116/0x1f0 [ 297.442704][ T9123] print_circular_bug+0x275/0x350 [ 297.442735][ T9123] check_noncircular+0x14c/0x170 [ 297.442766][ T9123] __lock_acquire+0x1173/0x1ba0 [ 297.442790][ T9123] lock_acquire+0x179/0x350 [ 297.442806][ T9123] ? queue_requests_store+0x1c7/0x310 [ 297.442833][ T9123] ? __pfx___might_resched+0x10/0x10 [ 297.442859][ T9123] ? do_raw_spin_lock+0x12c/0x2b0 [ 297.442881][ T9123] __mutex_lock+0x199/0xb90 [ 297.442905][ T9123] ? queue_requests_store+0x1c7/0x310 [ 297.442930][ T9123] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 297.442952][ T9123] ? queue_requests_store+0x1c7/0x310 [ 297.442976][ T9123] ? lockdep_hardirqs_on+0x7c/0x110 [ 297.443001][ T9123] ? __pfx___mutex_lock+0x10/0x10 [ 297.443028][ T9123] ? __pfx_autoremove_wake_function+0x10/0x10 [ 297.443059][ T9123] ? queue_requests_store+0x1c7/0x310 [ 297.443083][ T9123] queue_requests_store+0x1c7/0x310 [ 297.443108][ T9123] ? __pfx_queue_requests_store+0x10/0x10 [ 297.443134][ T9123] ? __mutex_trylock_common+0xe9/0x250 [ 297.443153][ T9123] ? __pfx_queue_requests_store+0x10/0x10 [ 297.443178][ T9123] queue_attr_store+0x270/0x310 [ 297.443202][ T9123] ? __pfx_queue_attr_store+0x10/0x10 [ 297.443236][ T9123] ? find_held_lock+0x2b/0x80 [ 297.443258][ T9123] ? sysfs_file_kobj+0xe4/0x290 [ 297.443285][ T9123] ? __pfx_queue_attr_store+0x10/0x10 [ 297.443307][ T9123] sysfs_kf_write+0xef/0x150 [ 297.443333][ T9123] kernfs_fop_write_iter+0x351/0x510 [ 297.443356][ T9123] ? __pfx_sysfs_kf_write+0x10/0x10 [ 297.443382][ T9123] vfs_write+0x5ba/0x1180 [ 297.443407][ T9123] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 297.443431][ T9123] ? __pfx___mutex_lock+0x10/0x10 [ 297.443454][ T9123] ? __pfx_vfs_write+0x10/0x10 [ 297.443487][ T9123] ksys_write+0x12a/0x240 [ 297.443511][ T9123] ? __pfx_ksys_write+0x10/0x10 [ 297.443535][ T9123] ? rcu_is_watching+0x12/0xc0 [ 297.443562][ T9123] do_syscall_64+0xcd/0x260 [ 297.443587][ T9123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.443608][ T9123] RIP: 0033:0x7f6dfe58d169 [ 297.443624][ T9123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.443643][ T9123] RSP: 002b:00007f6dff4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 297.443661][ T9123] RAX: ffffffffffffffda RBX: 00007f6dfe7a5fa0 RCX: 00007f6dfe58d169 SYZFAIL: failed to send rpc fd=3 want=48 sent=0 n=-1 (errno 32: Broken pipe) [ 297.443675][ T9123] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 297.443687][ T9123] RBP: 00007f6dfe60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 297.443699][ T9123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.443711][ T9123] R13: 0000000000000000 R14: 00007f6dfe7a5fa0 R15: 00007ffce041a238 [ 297.443730][ T9123]