last executing test programs: 10m52.736668814s ago: executing program 2 (id=261): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) lsm_list_modules$auto(0x0, 0x0, 0xa) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) madvise$auto(0x0, 0x2003ed, 0x19) 10m51.538943466s ago: executing program 2 (id=271): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000001000), 0x42001, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000000000), 0x0, 0x2) ppoll$auto(0x0, 0xc, 0x0, 0x0, 0x8) 10m50.621950837s ago: executing program 2 (id=281): r0 = socket(0xa, 0x3, 0x5) setsockopt$auto(0x3, 0x29, 0x46, 0x0, 0x808) sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f0000000040), 0xc8b, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) (fail_nth: 4) 10m50.436557002s ago: executing program 2 (id=284): mmap$auto(0x0, 0x20009, 0xe1, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x189002, 0x0) write$auto_configfs_file_operations_configfs_internal(r0, &(0x7f0000000140)="8e00", 0x2) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) keyctl$auto(0xa, 0x445, 0x69c8, 0x0, 0x6) open_tree$auto(r1, 0x0, 0x1001) futex$auto(&(0x7f0000000040)=0x9, 0x5, 0x0, 0x0, &(0x7f00000002c0)=0x5, 0xc0040000) close_range$auto(0x2, 0x8, 0x0) 10m50.179453437s ago: executing program 2 (id=287): rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffe, @_sigpoll={0x52, 0x7}}}) r0 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_score_adj\x00', 0x290781, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x9, 0x0, 0x7, 0x19, 0x1, 0x3) read$auto(0x3, 0x0, 0x80) write$auto_proc_oom_score_adj_operations_base(r0, 0x0, 0x2d) 10m49.298183532s ago: executing program 2 (id=297): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r0, &(0x7f0000008d40), 0x40) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000000), r1) close_range$auto(0x0, 0xffffeffe, 0x3) pipe$auto(0x0) pipe$auto(0x0) fcntl$auto(r1, 0x8, 0x400000000001) fcntl$auto(r1, 0x10, 0x2) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x6) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/midi2\x00', 0x100, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x8}, 0x400) 10m48.954913302s ago: executing program 32 (id=297): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r0, &(0x7f0000008d40), 0x40) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000000), r1) close_range$auto(0x0, 0xffffeffe, 0x3) pipe$auto(0x0) pipe$auto(0x0) fcntl$auto(r1, 0x8, 0x400000000001) fcntl$auto(r1, 0x10, 0x2) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x6) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/midi2\x00', 0x100, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x8}, 0x400) 10m30.723781562s ago: executing program 0 (id=408): r0 = socket(0xa, 0x3, 0x87) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) mount$auto(0x0, &(0x7f0000000000)='./cgroup\x00', 0x0, 0x100005, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mount$auto(&(0x7f0000000000)='pimreg\x00', &(0x7f0000000040)='\x00', 0x0, 0x10dfd057, 0x0) mount$auto(0x0, &(0x7f0000000040)='802_15_4_MAC\x00', 0x0, 0xaa9, 0x0) sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x48891}, 0x20) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) mq_notify$auto(0x3, &(0x7f00000006c0)={@sival_int=0x8002, 0xffffffff, 0x2, @_sigev_thread={&(0x7f0000000100)=&(0x7f00000000c0)=0xfa, &(0x7f0000000180)=[0x5, 0x4, 0x6, 0x8000000000002, 0x4]}}) socket(0xa, 0x801, 0x106) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) 10m29.398932431s ago: executing program 0 (id=416): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00042dbd7040fbdfdf25020000000800020001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20008010}, 0xc0) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x24000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x142e, 0x2, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000b80), r1) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r1, &(0x7f0000003e40)={0x0, 0x0, &(0x7f0000003e00)={&(0x7f00000002c0)={0x1d0, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x1b7, 0x1, 0x0, 0x1, [@generic, @typed={0x8, 0x31, 0x0, 0x0, @ipv4=@loopback}, @generic="32a1bf094615922f203592152b3c50247f4693527d7438cfb5096ad9b246a72fe89ac0c3ef59b3c609dba4ff96d9f18f4e8f84c3b6d07768f128ade87e8367009969bc382d9a99e5f5159f0f64e9f7bd81a08b225c0cc9830af4b2d44613eac0118a840af7245ecd2ba70502ce5d652918bec43c54d8b039ae34ec4ace558a51a217efeaf6997b40801233242b7305c8467576f43afe881aaacfa295d10ca24d201b69459ee2a3d8a5453bb772c4", @generic="b739297bd27033", @typed={0x8, 0x10d, 0x0, 0x0, @pid}, @generic="3dc2df7d156c448d298f4e980965485c56b70cfa995eda67a893d63de1453f8bf82ad6f53a0eac95dfd11b6813939bcfac500052c976d5fdf5f1f114a0713c9e247d94e0daad868527f5a18ae83276d6c5212bcb1069cb4b79865adf6fac9066d135220d84fed3a4a092ddf9813a1ed17aa1c1219608c136581ef543adee211c5c393721f224860f2e5929e8cdea338c2be704940efb18c466a4c688108c848c4910b0c432ceb31acd8037752a5ceee61a2d4b943bd3622bca38f7401a805a3155aac2547c91e7fe4bd02fc58c63bd7b020d6194865861666e84f238530880cf1710029766be", @typed={0x8, 0x56, 0x0, 0x0, @u32=0x48000000}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040080) io_uring_setup$auto(0x7fff, &(0x7f0000000380)={0x7f, 0x5, 0x4, 0x7, 0x40, 0x5, r0, [0x80c, 0x4, 0x6e91], {0x4, 0xffff5030, 0x401, 0x3, 0x7, 0x1ff, 0x80, 0x5, 0xc2a}, {0x4, 0x5, 0x200, 0x2, 0x5, 0x10001, 0x7, 0x6, 0xfffffffffffffff7}}) socket(0x22, 0x2, 0x10) fanotify_init$auto(0x200, 0x1) socket(0xa, 0x5, 0x84) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="010027bd7000fcdbdf2535493a2c040002"], 0x18}, 0x1, 0x0, 0x0, 0x801}, 0x4044) 10m28.308896807s ago: executing program 0 (id=426): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x4e24, @multicast1}, 0x55) 10m28.075512385s ago: executing program 0 (id=429): socket(0x18, 0x5, 0x2) mlockall$auto(0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) rt_sigaction$auto(0x36, &(0x7f0000000000)={0x0, 0x4, 0x0}, 0x0, 0x8) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00') ioctl$NS_GET_PARENT(r1, 0xb701, 0x0) socket(0x1d, 0x2, 0x7) bind$auto(0x3, &(0x7f0000000040), 0x69) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) socket(0x10, 0x3, 0x8) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0xbf14, 0x85, 0x0, 0x3a87) setsockopt$auto(0x3, 0x10000000084, 0x15, 0x0, 0x8) kill$auto(0xfffffffffffffe64, 0x24fd) write$auto(r0, &(0x7f0000008d40)='($}-)#@\x00', 0x40) 10m26.798742317s ago: executing program 0 (id=437): close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000800)='./file0\x00', 0x22040, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x2) setuid$auto(0x800000000008) mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000) write$auto(0xc8, 0x0, 0x40f6) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) tkill$auto(0x1, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) memfd_create$auto(0x0, 0x4) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008011, 0x4, 0x0) r0 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/smaps\x00', 0x8000, 0x0) read$auto_proc_pid_smaps_operations_internal(r0, &(0x7f0000000240)=""/109, 0x6d) 10m26.0797166s ago: executing program 0 (id=444): socket(0xa, 0x2, 0x88) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/tracing/free_buffer\x00', 0x101002, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 10m25.726925043s ago: executing program 33 (id=444): socket(0xa, 0x2, 0x88) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/tracing/free_buffer\x00', 0x101002, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 4.865521326s ago: executing program 1 (id=3745): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "6e373099034f17e405303c2eddfc16a54d"}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc004}, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r1, 0xfffeffff80004521, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r2, 0x0, 0x80000001) 4.859966621s ago: executing program 5 (id=3753): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) socket(0x1e, 0x6, 0xffff) io_uring_setup$auto(0x78e6, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000008c0), r0) inotify_add_watch$auto(0xe535, 0xfffffffffffffffc, 0xd9) r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x64200, 0x80) shutdown$auto(r1, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) pwrite64$auto(0xc8, &(0x7f0000001880)='S\x00', 0xe, 0x3) madvise$auto(0x1, 0x1000, 0x1) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010029bd7000fddbdf250200000008000300", @ANYRES32, @ANYBLOB="08003f000593"], 0x24}, 0x1, 0x14, 0x0, 0x20040010}, 0x20000084) r4 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x47, 0x4909b6fa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x0, 0x0, 0x3, 0x0, 0x200, 0x8, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x1, 0x0, 0xf, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffd, 0xdc2, 0x4, 0x34f27806, 0xffffffffffffffff, 0x4, 0x9, 0x0, 0x0, 0x0, 0x400000000005b8, 0x0, 0x0, 0x0, 0x4000000000, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8000000000008, 0xfffffffffffffffc, 0x3, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) io_uring_setup$auto(0x6, 0x0) nanosleep$auto(0x0, &(0x7f0000000140)={0x101, 0x20000000}) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) socket$nl_generic(0x10, 0x3, 0x10) 4.859422973s ago: executing program 3 (id=3754): write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mprotect$auto(0x7ff, 0x5, 0x0) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x2000, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x7, 0x81, 0x3ff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000c40)={0x1c, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x98e2e1eabf5003bc}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="20010000", @ANYRES16=r3, @ANYBLOB="080025bd7000fedbdf2547000000f4005b000f169629873df130d410b5265fe97531d6ecaf3229f264fa9ecf52692de5a54109549fc3ee59787087f972d52bf9f4ea51d2c909c47eec7020e107e9b149e3e8c7340ffe819576eb27f779ad7602a3dc04123333f308b36f82b0a262ba2674c697586b6d8ca3ca6057a6a686abb6d1bcb4ccf147122cde1cc116d13b6f07ec6b7c657673050bd61378d55cb9a8c0ee00116f4663a65df433c2389cb5342193f231f8a6953e02000000b6452399bfc636e2dff135d7a79c76f126f9331a8cf9faa03e48c97b30efdf5feb316424b27f6d64587293f8b3c14bc30279553743f29cc1179d93459d0bc839777a2325bd8caf0800cb000900000008009a0007000000080002002f2ff200"], 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x40) socket(0x10, 0x2, 0x0) getsockopt$auto(r1, 0x1, 0x84a9c, 0xfffffffffffffffc, 0x0) socket(0x21, 0x0, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$auto_RTC_PARAM_CORRECTION(0xffffffffffffffff, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) 3.94655494s ago: executing program 5 (id=3747): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r0, 0xfffeffff80004521, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r1, 0x0, 0x80000001) 3.94640535s ago: executing program 1 (id=3748): write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mprotect$auto(0x7ff, 0x5, 0x0) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x2000, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x7, 0x81, 0x3ff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000c40)={0x1c, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x98e2e1eabf5003bc}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="20010000", @ANYRES16=r3, @ANYBLOB="080025bd7000fedbdf2547000000f4005b000f169629873df130d410b5265fe97531d6ecaf3229f264fa9ecf52692de5a54109549fc3ee59787087f972d52bf9f4ea51d2c909c47eec7020e107e9b149e3e8c7340ffe819576eb27f779ad7602a3dc04123333f308b36f82b0a262ba2674c697586b6d8ca3ca6057a6a686abb6d1bcb4ccf147122cde1cc116d13b6f07ec6b7c657673050bd61378d55cb9a8c0ee00116f4663a65df433c2389cb5342193f231f8a6953e02000000b6452399bfc636e2dff135d7a79c76f126f9331a8cf9faa03e48c97b30efdf5feb316424b27f6d64587293f8b3c14bc30279553743f29cc1179d93459d0bc839777a2325bd8caf0800cb000900000008009a0007000000080002002f2ff200"], 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x40) socket(0x10, 0x2, 0x0) getsockopt$auto(r1, 0x1, 0x84a9c, 0xfffffffffffffffc, 0x0) socket(0x21, 0x0, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$auto_RTC_PARAM_CORRECTION(0xffffffffffffffff, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) 3.863836029s ago: executing program 3 (id=3749): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000080)={0x8, r0, r0, 0x7}) sendmsg$auto_NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x37c60ad6183ba5b}, 0x810) 3.546621984s ago: executing program 3 (id=3751): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x801, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003ed, 0x19) rseq$auto(0x0, 0x7ffe, 0x0, 0x6) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 3.306999191s ago: executing program 4 (id=3752): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r0, 0xfffeffff80004521, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r1, 0x0, 0x80000001) 2.874901671s ago: executing program 4 (id=3755): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "6e373099034f17e405303c2eddfc16a54d"}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc004}, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r1, 0xfffeffff80004521, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r2, 0x0, 0x80000001) 2.874684015s ago: executing program 3 (id=3756): write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mprotect$auto(0x7ff, 0x5, 0x0) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x2000, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x7, 0x81, 0x3ff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000c40)={0x1c, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x98e2e1eabf5003bc}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="20010000", @ANYRES16=r3, @ANYBLOB="080025bd7000fedbdf2547000000f4005b000f169629873df130d410b5265fe97531d6ecaf3229f264fa9ecf52692de5a54109549fc3ee59787087f972d52bf9f4ea51d2c909c47eec7020e107e9b149e3e8c7340ffe819576eb27f779ad7602a3dc04123333f308b36f82b0a262ba2674c697586b6d8ca3ca6057a6a686abb6d1bcb4ccf147122cde1cc116d13b6f07ec6b7c657673050bd61378d55cb9a8c0ee00116f4663a65df433c2389cb5342193f231f8a6953e02000000b6452399bfc636e2dff135d7a79c76f126f9331a8cf9faa03e48c97b30efdf5feb316424b27f6d64587293f8b3c14bc30279553743f29cc1179d93459d0bc839777a2325bd8caf0800cb000900000008009a0007000000080002002f2ff200"], 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x40) socket(0x10, 0x2, 0x0) getsockopt$auto(r1, 0x1, 0x84a9c, 0xfffffffffffffffc, 0x0) socket(0x21, 0x0, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$auto_RTC_PARAM_CORRECTION(0xffffffffffffffff, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) 2.874203379s ago: executing program 5 (id=3757): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "6e373099034f17e405303c2eddfc16a54d"}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc004}, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r1, 0xfffeffff80004521, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r2, 0x0, 0x80000001) 2.869994483s ago: executing program 1 (id=3765): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r0, 0xfffeffff80004521, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r1, 0x0, 0x80000001) 2.237819553s ago: executing program 5 (id=3758): write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mprotect$auto(0x7ff, 0x5, 0x0) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x2000, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x7, 0x81, 0x3ff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000c40)={0x1c, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x98e2e1eabf5003bc}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="20010000", @ANYRES16=r3, @ANYBLOB="080025bd7000fedbdf2547000000f4005b000f169629873df130d410b5265fe97531d6ecaf3229f264fa9ecf52692de5a54109549fc3ee59787087f972d52bf9f4ea51d2c909c47eec7020e107e9b149e3e8c7340ffe819576eb27f779ad7602a3dc04123333f308b36f82b0a262ba2674c697586b6d8ca3ca6057a6a686abb6d1bcb4ccf147122cde1cc116d13b6f07ec6b7c657673050bd61378d55cb9a8c0ee00116f4663a65df433c2389cb5342193f231f8a6953e02000000b6452399bfc636e2dff135d7a79c76f126f9331a8cf9faa03e48c97b30efdf5feb316424b27f6d64587293f8b3c14bc30279553743f29cc1179d93459d0bc839777a2325bd8caf0800cb000900000008009a0007000000080002002f2ff200"], 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x40) socket(0x10, 0x2, 0x0) getsockopt$auto(r1, 0x1, 0x84a9c, 0xfffffffffffffffc, 0x0) socket(0x21, 0x0, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$auto_RTC_PARAM_CORRECTION(0xffffffffffffffff, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) 2.237573176s ago: executing program 1 (id=3759): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) socket(0x1e, 0x6, 0xffff) io_uring_setup$auto(0x78e6, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000008c0), r0) inotify_add_watch$auto(0xe535, 0xfffffffffffffffc, 0xd9) r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x64200, 0x80) shutdown$auto(r1, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) pwrite64$auto(0xc8, &(0x7f0000001880)='S\x00', 0xe, 0x3) madvise$auto(0x1, 0x1000, 0x1) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010029bd7000fddbdf250200000008000300", @ANYRES32, @ANYBLOB="08003f000593"], 0x24}, 0x1, 0x14, 0x0, 0x20040010}, 0x20000084) r4 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x47, 0x4909b6fa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x0, 0x0, 0x3, 0x0, 0x200, 0x8, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x1, 0x0, 0xf, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffd, 0xdc2, 0x4, 0x34f27806, 0xffffffffffffffff, 0x4, 0x9, 0x0, 0x0, 0x0, 0x400000000005b8, 0x0, 0x0, 0x0, 0x4000000000, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8000000000008, 0xfffffffffffffffc, 0x3, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) io_uring_setup$auto(0x6, 0x0) nanosleep$auto(0x0, &(0x7f0000000140)={0x101, 0x20000000}) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) socket$nl_generic(0x10, 0x3, 0x10) 2.152461593s ago: executing program 4 (id=3760): write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mprotect$auto(0x7ff, 0x5, 0x0) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x2000, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x7, 0x81, 0x3ff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000c40)={0x1c, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x98e2e1eabf5003bc}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="20010000", @ANYRES16=r3, @ANYBLOB="080025bd7000fedbdf2547000000f4005b000f169629873df130d410b5265fe97531d6ecaf3229f264fa9ecf52692de5a54109549fc3ee59787087f972d52bf9f4ea51d2c909c47eec7020e107e9b149e3e8c7340ffe819576eb27f779ad7602a3dc04123333f308b36f82b0a262ba2674c697586b6d8ca3ca6057a6a686abb6d1bcb4ccf147122cde1cc116d13b6f07ec6b7c657673050bd61378d55cb9a8c0ee00116f4663a65df433c2389cb5342193f231f8a6953e02000000b6452399bfc636e2dff135d7a79c76f126f9331a8cf9faa03e48c97b30efdf5feb316424b27f6d64587293f8b3c14bc30279553743f29cc1179d93459d0bc839777a2325bd8caf0800cb000900000008009a0007000000080002002f2ff200"], 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x40) socket(0x10, 0x2, 0x0) getsockopt$auto(r1, 0x1, 0x84a9c, 0xfffffffffffffffc, 0x0) socket(0x21, 0x0, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$auto_RTC_PARAM_CORRECTION(0xffffffffffffffff, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) 1.841099486s ago: executing program 3 (id=3761): write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mprotect$auto(0x7ff, 0x5, 0x0) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) mprotect$auto(0x7, 0x81, 0x3ff) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_DEL_PMK(0xffffffffffffffff, 0x0, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) getsockopt$auto(r0, 0x1, 0x84a9c, 0xfffffffffffffffc, 0x0) socket(0x21, 0x0, 0x2) ioperm$auto(0x5, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$auto_RTC_PARAM_CORRECTION(0xffffffffffffffff, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) 1.298135099s ago: executing program 1 (id=3762): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) socket(0x1e, 0x6, 0xffff) io_uring_setup$auto(0x78e6, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000008c0), r0) inotify_add_watch$auto(0xe535, 0xfffffffffffffffc, 0xd9) r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x64200, 0x80) shutdown$auto(r1, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) pwrite64$auto(0xc8, &(0x7f0000001880)='S\x00', 0xe, 0x3) madvise$auto(0x1, 0x1000, 0x1) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010029bd7000fddbdf250200000008000300", @ANYRES32, @ANYBLOB="08003f000593"], 0x24}, 0x1, 0x14, 0x0, 0x20040010}, 0x20000084) r4 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x47, 0x4909b6fa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x0, 0x0, 0x3, 0x0, 0x200, 0x8, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x1, 0x0, 0xf, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffd, 0xdc2, 0x4, 0x34f27806, 0xffffffffffffffff, 0x4, 0x9, 0x0, 0x0, 0x0, 0x400000000005b8, 0x0, 0x0, 0x0, 0x4000000000, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8000000000008, 0xfffffffffffffffc, 0x3, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) io_uring_setup$auto(0x6, 0x0) nanosleep$auto(0x0, &(0x7f0000000140)={0x101, 0x20000000}) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) socket$nl_generic(0x10, 0x3, 0x10) 1.204002656s ago: executing program 4 (id=3763): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r0, 0xfffeffff80004521, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r1, 0x0, 0x80000001) 1.180419969s ago: executing program 5 (id=3764): write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mprotect$auto(0x7ff, 0x5, 0x0) r0 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x2000, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x7, 0x81, 0x3ff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r2, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000c40)={0x1c, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x98e2e1eabf5003bc}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="20010000", @ANYRES16=r3, @ANYBLOB="080025bd7000fedbdf2547000000f4005b000f169629873df130d410b5265fe97531d6ecaf3229f264fa9ecf52692de5a54109549fc3ee59787087f972d52bf9f4ea51d2c909c47eec7020e107e9b149e3e8c7340ffe819576eb27f779ad7602a3dc04123333f308b36f82b0a262ba2674c697586b6d8ca3ca6057a6a686abb6d1bcb4ccf147122cde1cc116d13b6f07ec6b7c657673050bd61378d55cb9a8c0ee00116f4663a65df433c2389cb5342193f231f8a6953e02000000b6452399bfc636e2dff135d7a79c76f126f9331a8cf9faa03e48c97b30efdf5feb316424b27f6d64587293f8b3c14bc30279553743f29cc1179d93459d0bc839777a2325bd8caf0800cb000900000008009a0007000000080002002f2ff200"], 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x40) socket(0x10, 0x2, 0x0) getsockopt$auto(r1, 0x1, 0x84a9c, 0xfffffffffffffffc, 0x0) socket(0x21, 0x0, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$auto_RTC_PARAM_CORRECTION(0xffffffffffffffff, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) 837.395387ms ago: executing program 3 (id=3766): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) socketpair$auto(0x1e, 0x1, 0xfffffffc, 0x0) (async) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) (async, rerun: 64) execve$auto(&(0x7f0000000000)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x0, 0x0) (rerun: 64) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00'}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="000000000900000000000000a1150b29ced3f713da38b5d3c7f4c1f843d8763670be75a3b16eeb899a0d7a270a3d262c722e633a8b3e625d44581663196c3861942cdaa4e89769cd82e131e2c03b067438b1ff95ac7b4a02d661aeb754bd916c3b90b5b228de7d1f2496912a0c5c5d32845845a78e5524633a17911febc9141b47dba458fdfd37032ce9862b0c2a98530f2f36d2faea7d3c33f77d9e9bc8eb88dae65e7364b293b0e57ccbad9f1c1d0e59d174f5f3975837a7f062e9d1984588bfcc03ae08798e84b65b9d08ec3467a26bdcc8dabd6500d5d8a1967d710777abfcdc4764ba64e6e79aec25f3f0cf5bea3770c467fb3a499861ad9f146672b172461a79b649875d86965b757973e95acc1a4ce2ddeedc62890d496e0fb8bbde0505dcc34133c66135b15e41209fac1613bd63358cfd0af3de4e79b677478b5de7c1236dd9e3c32f8611008d321bab786c4010a7d65bc142e6c00a0302ee7c4ef1bde93cd5c4e0e0b7d3d1181b16e6835d9c60482f82374fb699d24c8f2b5ce3ba48901623287a938c19a647a9b41a17079cbdfbed667158c1e57381cb0f5da0bd8b0727b5acd44cf1c62a27bfeda4477dc61241759663d715fa00000000000000b8c8dd9cfd00fe3c05639ffc3bb06a66cd32af48344dbaeb9ed3beac0ef7b30c4e3dcb1c39c6f7ab9dd4b5a9203b52bb1563d66830326e95f22cc05ba0e1f3251ecc819c651d2010c190566153116321f5a6cc1cf7503f5c9a684df1e6974b6fb024749c71db1023919d73d6ef8fc2a1165f55fb9bdb281b9945ffaf3c86734b2b2c2e40070468cf9f154b2b519f2c768286064a9ec0cec0dc8ab657ce121d831c558586bfeba2d7d383da15b1dbf34a30411ee899e8cda0bb29bc74d010fd009b651814", @ANYRES16=r0, @ANYRES16=r0], 0x2c}, 0x1, 0x0, 0x0, 0x4040000}, 0x40080c0) (async) r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) keyctl$auto(0x2000000000000016, 0x0, 0xfffffffe, 0x400040, 0xa8) (async) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/keys\x00', 0x8340, 0x0) keyctl$auto(0x3, 0xfffffffffffffffe, 0x1000100, 0x803, 0x387) (async) read$auto_proc_iter_file_ops_compat_inode(r3, &(0x7f0000001700)=""/4096, 0x1000) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async, rerun: 64) fanotify_init$auto(0x40, 0xff) (async, rerun: 64) fanotify_init$auto(0x5, 0x2000000000002) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x26, 0x80805, 0x0) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r4, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) (async, rerun: 32) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) (rerun: 32) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x8000000000007}, 0x9) (async, rerun: 32) socket(0x18, 0x4, 0x3) (rerun: 32) 668.07175ms ago: executing program 4 (id=3767): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r0, 0xfffeffff80004521, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xf, 0x80000, 0x401) read$auto(r1, 0x0, 0x80000001) 313.153112ms ago: executing program 1 (id=3768): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x801, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x1) mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003ed, 0x19) rseq$auto(0x0, 0x7ffe, 0x0, 0x6) seccomp$auto(0x9, 0x1, &(0x7f0000000140)=[0x6f4b, 0x418b, 0x7, 0xe1, 0x4, 0x3, 0x1, 0x2, 0x100000001, 0x800]) r1 = socket(0x9, 0x3, 0x5) fchdir$auto(r0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x1}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x800001}]}, 0x24}, 0x1, 0x0, 0x0, 0x850}, 0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 82.039277ms ago: executing program 4 (id=3769): r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa1\x00', 0x48080, 0x0) poll$auto(&(0x7f0000000b00)={r0, 0x6, 0x1}, 0x1, 0x4) read$auto(r0, 0x0, 0x2) r1 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000003b00), 0x103101, 0x0) r2 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x1d1000, 0x0) pwrite64$auto(r2, &(0x7f0000000080)='{&\x00', 0x6, 0x681) pipe$auto(&(0x7f0000000040)=r1) write$auto_safesetid_gid_file_fops_securityfs(r1, 0x0, 0xffffff7e) 0s ago: executing program 5 (id=3770): socket(0x18, 0x5, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) unshare$auto(0x40000080) (async, rerun: 32) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) memfd_create$auto(0x0, 0xe) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x100, 0x4}, 0x77, 0x0, 0x0, 0x62bd) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async) r0 = socket(0x15, 0x5, 0x0) setsockopt$auto(r0, 0x114, 0xa, 0x0, 0x4) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x4}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x7}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x8e}, @NL802154_ATTR_WPAN_PHY_NAME={0xa, 0x2, '.-(}*\x00'}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x3}, @NL802154_ATTR_SCAN_TYPE={0x5, 0x1f, 0x5}]}, 0x50}}, 0x8800) (async) mprotect$auto(0x1ffff000, 0x57f, 0x2) (async, rerun: 32) bpf$auto(0x0, &(0x7f0000000000)=@link_create={@map_fd=0x6, @target_fd=0x2, 0x7, 0x10005, @bpf_attr_link_create_4_1={0xd}}, 0xa3) (async, rerun: 32) bpf$auto(0x15, 0x0, 0x0) socket(0x2, 0x1, 0x106) (async) connect$auto(0x3, &(0x7f00000000c0), 0x55) kernel console output (not intermixed with test programs): mm="syz.1.2869" name="lu_gp_id" dev="configfs" ino=69854 res=0 errno=0 [ 581.931840][ T29] audit: type=1800 audit(4294967572.840:554): pid=17801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2874" name="lu_gp_id" dev="configfs" ino=69886 res=0 errno=0 [ 583.079812][T17809] __nla_validate_parse: 5 callbacks suppressed [ 583.079835][T17809] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2875'. [ 584.402872][T17845] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2884'. [ 584.435312][T17850] FAULT_INJECTION: forcing a failure. [ 584.435312][T17850] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 584.464705][T17850] CPU: 1 UID: 0 PID: 17850 Comm: syz.3.2885 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 584.475551][T17850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 584.485656][T17850] Call Trace: [ 584.488976][T17850] [ 584.491931][T17850] dump_stack_lvl+0x16c/0x1f0 [ 584.496650][T17850] should_fail_ex+0x497/0x5b0 [ 584.501376][T17850] _copy_from_user+0x2e/0xd0 [ 584.506016][T17850] copy_msghdr_from_user+0x99/0x160 [ 584.511272][T17850] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 584.517149][T17850] ? __lock_acquire+0xcc5/0x3c40 [ 584.522225][T17850] ? hlock_class+0x4e/0x130 [ 584.526767][T17850] ? __lock_acquire+0x15a9/0x3c40 [ 584.531832][T17850] ___sys_sendmsg+0xff/0x1e0 [ 584.536439][T17850] ? __pfx____sys_sendmsg+0x10/0x10 [ 584.541644][T17850] ? __pfx___lock_acquire+0x10/0x10 [ 584.546877][T17850] ? __pfx___might_resched+0x10/0x10 [ 584.552168][T17850] ? __might_fault+0xe3/0x190 [ 584.556862][T17850] __sys_sendmmsg+0x201/0x420 [ 584.561573][T17850] ? __pfx___sys_sendmmsg+0x10/0x10 [ 584.566794][T17850] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 584.572797][T17850] ? fput+0x67/0x440 [ 584.576734][T17850] ? ksys_write+0x1ba/0x250 [ 584.581373][T17850] ? __pfx_ksys_write+0x10/0x10 [ 584.586246][T17850] __x64_sys_sendmmsg+0x9c/0x100 [ 584.591203][T17850] ? lockdep_hardirqs_on+0x7c/0x110 [ 584.596418][T17850] do_syscall_64+0xcd/0x250 [ 584.600929][T17850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.606832][T17850] RIP: 0033:0x7f81fe985d19 [ 584.611251][T17850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.630869][T17850] RSP: 002b:00007f81ff6ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 584.639314][T17850] RAX: ffffffffffffffda RBX: 00007f81feb76160 RCX: 00007f81fe985d19 [ 584.647303][T17850] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000004 [ 584.655282][T17850] RBP: 00007f81ff6ce090 R08: 0000000000000000 R09: 0000000000000000 [ 584.663266][T17850] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 584.671339][T17850] R13: 0000000000000001 R14: 00007f81feb76160 R15: 00007ffd617da948 [ 584.679432][T17850] [ 585.173917][T17853] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2886'. [ 585.191828][ T29] audit: type=1800 audit(4294967576.100:555): pid=17860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2888" name="lu_gp_id" dev="configfs" ino=70710 res=0 errno=0 [ 585.448638][T17859] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2887'. [ 585.971549][T17865] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2890'. [ 587.263046][T17893] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2897'. [ 587.287904][T17905] ubi5: attaching mtd0 [ 587.315430][T17906] ubi5: attaching mtd0 [ 587.319568][T17895] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2898'. [ 587.790268][ T29] audit: type=1800 audit(4294967578.700:556): pid=17914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2902" name="lu_gp_id" dev="configfs" ino=70795 res=0 errno=0 [ 588.115024][T17912] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2900'. [ 589.121047][T17928] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2905'. [ 589.228299][T17925] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2904'. [ 589.626880][T17948] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2909'. [ 589.922658][T17955] FAULT_INJECTION: forcing a failure. [ 589.922658][T17955] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 589.949706][T17955] CPU: 0 UID: 0 PID: 17955 Comm: syz.3.2912 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 589.960594][T17955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 589.970944][T17955] Call Trace: [ 589.974265][T17955] [ 589.977230][T17955] dump_stack_lvl+0x16c/0x1f0 [ 589.981948][T17955] should_fail_ex+0x497/0x5b0 [ 589.986669][T17955] _copy_from_iter+0x29b/0x1400 [ 589.991570][T17955] ? trace_lock_acquire+0x14e/0x1f0 [ 589.996807][T17955] ? __alloc_skb+0x200/0x380 [ 590.001413][T17955] ? __pfx__copy_from_iter+0x10/0x10 [ 590.006713][T17955] ? __virt_addr_valid+0x1a4/0x590 [ 590.011838][T17955] ? __virt_addr_valid+0x5e/0x590 [ 590.016874][T17955] ? __phys_addr_symbol+0x30/0x80 [ 590.021935][T17955] ? __check_object_size+0x488/0x710 [ 590.027234][T17955] netlink_sendmsg+0x813/0xd70 [ 590.032013][T17955] ? __pfx_netlink_sendmsg+0x10/0x10 [ 590.037315][T17955] ____sys_sendmsg+0x9ae/0xb40 [ 590.042108][T17955] ? copy_msghdr_from_user+0x10b/0x160 [ 590.047596][T17955] ? __pfx_____sys_sendmsg+0x10/0x10 [ 590.052925][T17955] ? __lock_acquire+0xcc5/0x3c40 [ 590.057890][T17955] ___sys_sendmsg+0x135/0x1e0 [ 590.062585][T17955] ? __pfx____sys_sendmsg+0x10/0x10 [ 590.067814][T17955] ? trace_lock_acquire+0x14e/0x1f0 [ 590.073133][T17955] __sys_sendmmsg+0x201/0x420 [ 590.077825][T17955] ? __pfx___sys_sendmmsg+0x10/0x10 [ 590.083053][T17955] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 590.089062][T17955] ? fput+0x67/0x440 [ 590.092971][T17955] ? ksys_write+0x1ba/0x250 [ 590.097476][T17955] ? __pfx_ksys_write+0x10/0x10 [ 590.102336][T17955] __x64_sys_sendmmsg+0x9c/0x100 [ 590.107285][T17955] ? lockdep_hardirqs_on+0x7c/0x110 [ 590.112493][T17955] do_syscall_64+0xcd/0x250 [ 590.117010][T17955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.122915][T17955] RIP: 0033:0x7f81fe985d19 [ 590.127346][T17955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.146964][T17955] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 590.155825][T17955] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 590.163798][T17955] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 590.171775][T17955] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 590.179836][T17955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 590.187809][T17955] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 590.195803][T17955] [ 590.529281][ T29] audit: type=1800 audit(4294967581.440:557): pid=17969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2914" name="lu_gp_id" dev="configfs" ino=70150 res=0 errno=0 [ 591.037813][T17972] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2915'. [ 591.641362][T17990] FAULT_INJECTION: forcing a failure. [ 591.641362][T17990] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 591.684501][T17990] CPU: 1 UID: 0 PID: 17990 Comm: syz.5.2920 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 591.695335][T17990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 591.705421][T17990] Call Trace: [ 591.708729][T17990] [ 591.711686][T17990] dump_stack_lvl+0x16c/0x1f0 [ 591.716397][T17990] should_fail_ex+0x497/0x5b0 [ 591.721115][T17990] _copy_from_user+0x2e/0xd0 [ 591.725745][T17990] memdup_user+0x71/0xd0 [ 591.730027][T17990] btrfs_control_ioctl+0xa0/0x3c0 [ 591.735090][T17990] ? __pfx_btrfs_control_ioctl+0x10/0x10 [ 591.740775][T17990] ? __pfx_btrfs_control_ioctl+0x10/0x10 [ 591.746465][T17990] __x64_sys_ioctl+0x190/0x200 [ 591.751291][T17990] do_syscall_64+0xcd/0x250 [ 591.755855][T17990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.761801][T17990] RIP: 0033:0x7f6f77785d19 [ 591.766242][T17990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 591.785980][T17990] RSP: 002b:00007f6f784e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 591.794433][T17990] RAX: ffffffffffffffda RBX: 00007f6f77975fa0 RCX: 00007f6f77785d19 [ 591.802434][T17990] RDX: 0000000000000005 RSI: 0000000050009404 RDI: 0000000000000002 [ 591.810421][T17990] RBP: 00007f6f784e6090 R08: 0000000000000000 R09: 0000000000000000 [ 591.818482][T17990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 591.826482][T17990] R13: 0000000000000000 R14: 00007f6f77975fa0 R15: 00007ffd3bb91578 [ 591.834487][T17990] [ 591.979021][T17985] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2919'. [ 592.883954][T18006] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2931'. [ 593.277188][T18011] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2923'. [ 593.952830][ T29] audit: type=1800 audit(4294967584.860:558): pid=18022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2926" name="lu_gp_id" dev="configfs" ino=70947 res=0 errno=0 [ 595.052289][T18057] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2935'. [ 596.557705][T18066] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2938'. [ 596.726907][ T29] audit: type=1800 audit(4294967587.640:559): pid=18090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2943" name="lu_gp_id" dev="configfs" ino=70359 res=0 errno=0 [ 597.041958][T18093] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2944'. [ 598.638383][ T29] audit: type=1800 audit(4294967589.540:560): pid=18109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2947" name="lu_gp_id" dev="configfs" ino=71056 res=0 errno=0 [ 598.979513][T18116] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2949'. [ 599.836740][T18127] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2952'. [ 599.866228][ T29] audit: type=1800 audit(4294967590.780:561): pid=18130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2954" name="lu_gp_id" dev="configfs" ino=70420 res=0 errno=0 [ 600.397894][T18135] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2964'. [ 601.108652][ T54] Bluetooth: hci3: command 0x0406 tx timeout [ 601.157945][ T29] audit: type=1800 audit(4294967592.070:562): pid=18147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2959" name="lu_gp_id" dev="configfs" ino=70455 res=0 errno=0 [ 601.291289][T18151] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2958'. [ 601.798849][T18157] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2961'. [ 602.158216][ T29] audit: type=1800 audit(4294967593.070:563): pid=18161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2962" name="lu_gp_id" dev="configfs" ino=71132 res=0 errno=0 [ 603.335469][T18181] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2968'. [ 603.347763][T18183] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2969'. [ 603.448803][T18175] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2967'. [ 604.203900][ T29] audit: type=1800 audit(4294967595.110:564): pid=18191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2972" name="lu_gp_id" dev="configfs" ino=71200 res=0 errno=0 [ 604.344002][T18196] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2973'. [ 604.447982][T18193] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2980'. [ 605.165736][ T29] audit: type=1800 audit(4294967596.070:565): pid=18205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2985" name="lu_gp_id" dev="configfs" ino=71228 res=0 errno=0 [ 605.198557][T18206] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2974'. [ 605.357870][T18200] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2984'. [ 606.128507][ T29] audit: type=1800 audit(4294967597.040:566): pid=18218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2976" name="lu_gp_id" dev="configfs" ino=70586 res=0 errno=0 [ 607.370064][T18237] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2986'. [ 607.378615][T18240] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2982'. [ 607.505680][T18242] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2987'. [ 608.350976][T18253] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2989'. [ 609.657227][T18279] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2997'. [ 609.782609][T18285] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2999'. [ 610.565006][T18291] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3001'. [ 610.777009][T18293] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3000'. [ 610.988256][T18295] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3002'. [ 612.507275][T18326] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3010'. [ 613.021815][T18337] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3014'. [ 613.464840][T18343] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3015'. [ 613.639865][T18353] binder: 18352:18353 ioctl 40044900 800000000000003 returned -22 [ 613.830497][T18348] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3016'. [ 614.076386][T18358] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.3020'. [ 615.188618][T18377] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3025'. [ 615.863542][T18390] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3028'. [ 616.041803][T18389] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3029'. [ 616.081997][T18396] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.3030'. [ 616.473058][T16526] Bluetooth: hci4: command 0x0406 tx timeout [ 617.549555][T18417] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3033'. [ 617.584433][T18424] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3038'. [ 617.730701][T18428] netlink: 1204 bytes leftover after parsing attributes in process `syz.4.3040'. [ 617.785362][T18429] ubi0: attaching mtd0 [ 617.812206][T18429] ubi0: scanning is finished [ 617.831712][T18429] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 617.944964][T18429] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 618.093022][T18431] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3042'. [ 618.570212][T18439] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3045'. [ 619.318149][T18461] FAULT_INJECTION: forcing a failure. [ 619.318149][T18461] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 619.343364][T18461] CPU: 0 UID: 0 PID: 18461 Comm: syz.3.3049 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 619.354196][T18461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 619.364282][T18461] Call Trace: [ 619.367590][T18461] [ 619.370551][T18461] dump_stack_lvl+0x16c/0x1f0 [ 619.375262][T18461] should_fail_ex+0x497/0x5b0 [ 619.379978][T18461] _copy_to_user+0x32/0xd0 [ 619.384432][T18461] simple_read_from_buffer+0xd0/0x160 [ 619.389856][T18461] proc_fail_nth_read+0x198/0x270 [ 619.394926][T18461] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 619.400521][T18461] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 619.406104][T18461] vfs_read+0x1df/0xbe0 [ 619.410292][T18461] ? __fget_files+0x1fc/0x3a0 [ 619.414999][T18461] ? __pfx___mutex_lock+0x10/0x10 [ 619.420054][T18461] ? __pfx_vfs_read+0x10/0x10 [ 619.424768][T18461] ? __fget_files+0x206/0x3a0 [ 619.429501][T18461] ksys_read+0x12b/0x250 [ 619.433776][T18461] ? __pfx_ksys_read+0x10/0x10 [ 619.438585][T18461] do_syscall_64+0xcd/0x250 [ 619.443126][T18461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 619.449056][T18461] RIP: 0033:0x7f81fe98472c [ 619.453503][T18461] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 619.473145][T18461] RSP: 002b:00007f81ff710030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 619.481595][T18461] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe98472c [ 619.489592][T18461] RDX: 000000000000000f RSI: 00007f81ff7100a0 RDI: 0000000000000004 [ 619.497587][T18461] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 619.505591][T18461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 619.513588][T18461] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 619.521606][T18461] [ 619.617862][T18466] netlink: 1204 bytes leftover after parsing attributes in process `syz.5.3051'. [ 620.331045][T18481] __nla_validate_parse: 1 callbacks suppressed [ 620.331068][T18481] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3057'. [ 621.052847][T18501] FAULT_INJECTION: forcing a failure. [ 621.052847][T18501] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 621.102637][T18501] CPU: 0 UID: 0 PID: 18501 Comm: syz.5.3062 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 621.113467][T18501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 621.123557][T18501] Call Trace: [ 621.126861][T18501] [ 621.129817][T18501] dump_stack_lvl+0x16c/0x1f0 [ 621.134533][T18501] should_fail_ex+0x497/0x5b0 [ 621.139256][T18501] _copy_from_iter+0x29b/0x1400 [ 621.144158][T18501] ? trace_lock_acquire+0x14e/0x1f0 [ 621.149395][T18501] ? __alloc_skb+0x200/0x380 [ 621.154019][T18501] ? __pfx__copy_from_iter+0x10/0x10 [ 621.159333][T18501] ? __virt_addr_valid+0x1a4/0x590 [ 621.164460][T18501] ? __virt_addr_valid+0x5e/0x590 [ 621.169497][T18501] ? __phys_addr_symbol+0x30/0x80 [ 621.174530][T18501] ? __check_object_size+0x488/0x710 [ 621.179845][T18501] netlink_sendmsg+0x813/0xd70 [ 621.184617][T18501] ? __pfx_netlink_sendmsg+0x10/0x10 [ 621.189913][T18501] ____sys_sendmsg+0x9ae/0xb40 [ 621.194685][T18501] ? copy_msghdr_from_user+0x10b/0x160 [ 621.200153][T18501] ? __pfx_____sys_sendmsg+0x10/0x10 [ 621.205446][T18501] ? __lock_acquire+0xcc5/0x3c40 [ 621.210410][T18501] ___sys_sendmsg+0x135/0x1e0 [ 621.215099][T18501] ? __pfx____sys_sendmsg+0x10/0x10 [ 621.220324][T18501] ? trace_lock_acquire+0x14e/0x1f0 [ 621.225548][T18501] __sys_sendmmsg+0x201/0x420 [ 621.230238][T18501] ? __pfx___sys_sendmmsg+0x10/0x10 [ 621.235453][T18501] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 621.241448][T18501] ? fput+0x67/0x440 [ 621.245355][T18501] ? ksys_write+0x1ba/0x250 [ 621.249862][T18501] ? __pfx_ksys_write+0x10/0x10 [ 621.254722][T18501] __x64_sys_sendmmsg+0x9c/0x100 [ 621.259669][T18501] ? lockdep_hardirqs_on+0x7c/0x110 [ 621.264881][T18501] do_syscall_64+0xcd/0x250 [ 621.269402][T18501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.275302][T18501] RIP: 0033:0x7f6f77785d19 [ 621.279727][T18501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 621.299348][T18501] RSP: 002b:00007f6f784e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 621.307769][T18501] RAX: ffffffffffffffda RBX: 00007f6f77975fa0 RCX: 00007f6f77785d19 [ 621.315765][T18501] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 621.323739][T18501] RBP: 00007f6f784e6090 R08: 0000000000000000 R09: 0000000000000000 [ 621.331710][T18501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 621.339686][T18501] R13: 0000000000000000 R14: 00007f6f77975fa0 R15: 00007ffd3bb91578 [ 621.347671][T18501] [ 622.091273][T18520] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3068'. [ 622.729510][T18530] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3071'. [ 622.919074][T18533] FAULT_INJECTION: forcing a failure. [ 622.919074][T18533] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 622.958773][T18533] CPU: 0 UID: 0 PID: 18533 Comm: syz.5.3072 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 622.969614][T18533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 622.979793][T18533] Call Trace: [ 622.983072][T18533] [ 622.986011][T18533] dump_stack_lvl+0x16c/0x1f0 [ 622.990721][T18533] should_fail_ex+0x497/0x5b0 [ 622.995441][T18533] _copy_from_user+0x2e/0xd0 [ 623.000073][T18533] copy_msghdr_from_user+0x99/0x160 [ 623.005322][T18533] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 623.011207][T18533] ? __pfx___lock_acquire+0x10/0x10 [ 623.016546][T18533] ___sys_recvmsg+0xdc/0x1a0 [ 623.021171][T18533] ? __pfx____sys_recvmsg+0x10/0x10 [ 623.026409][T18533] ? find_held_lock+0x2d/0x110 [ 623.031229][T18533] ? __pfx___might_resched+0x10/0x10 [ 623.036555][T18533] ? __might_fault+0xe3/0x190 [ 623.041284][T18533] do_recvmmsg+0x2f8/0x740 [ 623.045752][T18533] ? __pfx_do_recvmmsg+0x10/0x10 [ 623.050716][T18533] ? vfs_write+0x306/0x1150 [ 623.055232][T18533] ? __mutex_unlock_slowpath+0x164/0x690 [ 623.060881][T18533] ? __fget_files+0x206/0x3a0 [ 623.065575][T18533] __x64_sys_recvmmsg+0x239/0x290 [ 623.070629][T18533] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 623.076199][T18533] do_syscall_64+0xcd/0x250 [ 623.080712][T18533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.086612][T18533] RIP: 0033:0x7f6f77785d19 [ 623.091039][T18533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 623.110830][T18533] RSP: 002b:00007f6f784e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 623.119257][T18533] RAX: ffffffffffffffda RBX: 00007f6f77975fa0 RCX: 00007f6f77785d19 [ 623.127759][T18533] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 623.135826][T18533] RBP: 00007f6f784e6090 R08: 0000000000000000 R09: 0000000000000000 [ 623.143889][T18533] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 623.151950][T18533] R13: 0000000000000000 R14: 00007f6f77975fa0 R15: 00007ffd3bb91578 [ 623.159939][T18533] [ 623.242531][T18549] FAULT_INJECTION: forcing a failure. [ 623.242531][T18549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 623.260843][T18549] CPU: 1 UID: 0 PID: 18549 Comm: syz.4.3075 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 623.271657][T18549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 623.281740][T18549] Call Trace: [ 623.285040][T18549] [ 623.287987][T18549] dump_stack_lvl+0x16c/0x1f0 [ 623.292700][T18549] should_fail_ex+0x497/0x5b0 [ 623.297414][T18549] _copy_to_user+0x32/0xd0 [ 623.301878][T18549] kvm_get_hv_cpuid+0x431/0xa80 [ 623.306785][T18549] ? __pfx_kvm_get_hv_cpuid+0x10/0x10 [ 623.312238][T18549] ? __might_fault+0xe3/0x190 [ 623.316971][T18549] kvm_ioctl_get_supported_hv_cpuid+0xa7/0x130 [ 623.323168][T18549] ? __pfx_kvm_ioctl_get_supported_hv_cpuid+0x10/0x10 [ 623.329977][T18549] ? tomoyo_path_number_perm+0x190/0x5b0 [ 623.335659][T18549] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 623.341587][T18549] kvm_arch_dev_ioctl+0x187/0x730 [ 623.346737][T18549] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 623.352326][T18549] ? do_vfs_ioctl+0x513/0x1950 [ 623.357293][T18549] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 623.362468][T18549] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 623.368442][T18549] kvm_dev_ioctl+0x781/0x1aa0 [ 623.373216][T18549] ? __pfx_lock_release+0x10/0x10 [ 623.378280][T18549] ? trace_lock_acquire+0x14e/0x1f0 [ 623.383521][T18549] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 623.388761][T18549] ? __fget_files+0x206/0x3a0 [ 623.393562][T18549] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 623.398720][T18549] __x64_sys_ioctl+0x190/0x200 [ 623.403534][T18549] do_syscall_64+0xcd/0x250 [ 623.408073][T18549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.414003][T18549] RIP: 0033:0x7f0639185d19 [ 623.418534][T18549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 623.438176][T18549] RSP: 002b:00007f0636ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 623.447176][T18549] RAX: ffffffffffffffda RBX: 00007f0639376080 RCX: 00007f0639185d19 [ 623.455174][T18549] RDX: 0000000000000088 RSI: 00000000c008aec1 RDI: 0000000000000004 [ 623.463178][T18549] RBP: 00007f0636ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 623.471179][T18549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 623.479177][T18549] R13: 0000000000000000 R14: 00007f0639376080 R15: 00007fff6a7e1fb8 [ 623.487281][T18549] [ 623.568278][T18551] FAULT_INJECTION: forcing a failure. [ 623.568278][T18551] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 623.604639][T18551] CPU: 1 UID: 0 PID: 18551 Comm: syz.3.3076 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 623.615512][T18551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 623.625616][T18551] Call Trace: [ 623.628962][T18551] [ 623.631917][T18551] dump_stack_lvl+0x16c/0x1f0 [ 623.636636][T18551] should_fail_ex+0x497/0x5b0 [ 623.641355][T18551] _copy_from_iter+0x4a5/0x1400 [ 623.646255][T18551] ? __alloc_skb+0x200/0x380 [ 623.650883][T18551] ? __pfx__copy_from_iter+0x10/0x10 [ 623.656208][T18551] ? __virt_addr_valid+0x1a4/0x590 [ 623.661366][T18551] ? __virt_addr_valid+0x5e/0x590 [ 623.666435][T18551] ? __phys_addr_symbol+0x30/0x80 [ 623.671493][T18551] ? __check_object_size+0x488/0x710 [ 623.676822][T18551] netlink_sendmsg+0x813/0xd70 [ 623.681629][T18551] ? __pfx_netlink_sendmsg+0x10/0x10 [ 623.686960][T18551] ____sys_sendmsg+0x9ae/0xb40 [ 623.691754][T18551] ? copy_msghdr_from_user+0x10b/0x160 [ 623.697250][T18551] ? __pfx_____sys_sendmsg+0x10/0x10 [ 623.702566][T18551] ? __lock_acquire+0xcc5/0x3c40 [ 623.707557][T18551] ___sys_sendmsg+0x135/0x1e0 [ 623.712276][T18551] ? __pfx____sys_sendmsg+0x10/0x10 [ 623.717523][T18551] ? trace_lock_acquire+0x14e/0x1f0 [ 623.722760][T18551] __sys_sendmmsg+0x201/0x420 [ 623.727454][T18551] ? __pfx___sys_sendmmsg+0x10/0x10 [ 623.732672][T18551] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 623.738715][T18551] ? fput+0x67/0x440 [ 623.742644][T18551] ? ksys_write+0x1ba/0x250 [ 623.747168][T18551] ? __pfx_ksys_write+0x10/0x10 [ 623.752035][T18551] __x64_sys_sendmmsg+0x9c/0x100 [ 623.756989][T18551] ? lockdep_hardirqs_on+0x7c/0x110 [ 623.762194][T18551] do_syscall_64+0xcd/0x250 [ 623.766708][T18551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.772611][T18551] RIP: 0033:0x7f81fe985d19 [ 623.777026][T18551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 623.796743][T18551] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 623.805186][T18551] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 623.813183][T18551] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 623.821169][T18551] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 623.829228][T18551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 623.837287][T18551] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 623.845275][T18551] [ 624.017451][T18556] FAULT_INJECTION: forcing a failure. [ 624.017451][T18556] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 624.034956][T18556] CPU: 0 UID: 0 PID: 18556 Comm: syz.3.3078 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 624.045771][T18556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 624.055936][T18556] Call Trace: [ 624.059239][T18556] [ 624.062180][T18556] dump_stack_lvl+0x16c/0x1f0 [ 624.066876][T18556] should_fail_ex+0x497/0x5b0 [ 624.071599][T18556] _copy_from_iter+0x29b/0x1400 [ 624.076550][T18556] ? trace_lock_acquire+0x14e/0x1f0 [ 624.081763][T18556] ? __alloc_skb+0x200/0x380 [ 624.086376][T18556] ? __pfx__copy_from_iter+0x10/0x10 [ 624.091682][T18556] ? __virt_addr_valid+0x1a4/0x590 [ 624.096809][T18556] ? __virt_addr_valid+0x5e/0x590 [ 624.101850][T18556] ? __phys_addr_symbol+0x30/0x80 [ 624.106887][T18556] ? __check_object_size+0x488/0x710 [ 624.112189][T18556] netlink_sendmsg+0x813/0xd70 [ 624.116980][T18556] ? __pfx_netlink_sendmsg+0x10/0x10 [ 624.122284][T18556] ____sys_sendmsg+0x9ae/0xb40 [ 624.127049][T18556] ? copy_msghdr_from_user+0x10b/0x160 [ 624.132516][T18556] ? __pfx_____sys_sendmsg+0x10/0x10 [ 624.137803][T18556] ? __lock_acquire+0xcc5/0x3c40 [ 624.142765][T18556] ___sys_sendmsg+0x135/0x1e0 [ 624.147458][T18556] ? __pfx____sys_sendmsg+0x10/0x10 [ 624.152685][T18556] ? trace_lock_acquire+0x14e/0x1f0 [ 624.157912][T18556] __sys_sendmmsg+0x201/0x420 [ 624.162775][T18556] ? __pfx___sys_sendmmsg+0x10/0x10 [ 624.167991][T18556] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 624.173990][T18556] ? fput+0x67/0x440 [ 624.177898][T18556] ? ksys_write+0x1ba/0x250 [ 624.182406][T18556] ? __pfx_ksys_write+0x10/0x10 [ 624.187272][T18556] __x64_sys_sendmmsg+0x9c/0x100 [ 624.192222][T18556] ? lockdep_hardirqs_on+0x7c/0x110 [ 624.197520][T18556] do_syscall_64+0xcd/0x250 [ 624.202554][T18556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.208462][T18556] RIP: 0033:0x7f81fe985d19 [ 624.212885][T18556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 624.232504][T18556] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 624.240924][T18556] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 624.249000][T18556] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 624.256980][T18556] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 624.264954][T18556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 624.272939][T18556] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 624.280942][T18556] [ 624.337107][T18558] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3077'. [ 624.629260][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.643118][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.149739][T18565] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3082'. [ 626.720340][T18587] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3086'. [ 627.151897][T18597] netlink: 322 bytes leftover after parsing attributes in process `syz.4.3090'. [ 627.164264][T18597] bond0: entered promiscuous mode [ 627.169452][T18597] bond_slave_0: entered promiscuous mode [ 627.175948][T18597] bond_slave_1: entered promiscuous mode [ 627.181777][T18597] bond0: entered allmulticast mode [ 627.187281][T18597] bond_slave_0: entered allmulticast mode [ 627.193050][T18597] bond_slave_1: entered allmulticast mode [ 627.445299][T18599] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3092'. [ 627.566684][T18607] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3095'. [ 629.469480][T18636] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3103'. [ 630.111071][T18649] FAULT_INJECTION: forcing a failure. [ 630.111071][T18649] name failslab, interval 1, probability 0, space 0, times 0 [ 630.127676][T18649] CPU: 1 UID: 0 PID: 18649 Comm: syz.4.3106 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 630.138590][T18649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 630.148655][T18649] Call Trace: [ 630.151946][T18649] [ 630.154892][T18649] dump_stack_lvl+0x16c/0x1f0 [ 630.159598][T18649] should_fail_ex+0x497/0x5b0 [ 630.164309][T18649] ? fs_reclaim_acquire+0xae/0x150 [ 630.169465][T18649] should_failslab+0xc2/0x120 [ 630.174189][T18649] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 630.179694][T18649] ? security_file_alloc+0x34/0x2b0 [ 630.184939][T18649] security_file_alloc+0x34/0x2b0 [ 630.190005][T18649] init_file+0x93/0x480 [ 630.194205][T18649] alloc_empty_file+0x91/0x1e0 [ 630.199010][T18649] path_openat+0xe1/0x2d60 [ 630.203471][T18649] ? hlock_class+0x4e/0x130 [ 630.208016][T18649] ? __lock_acquire+0x15a9/0x3c40 [ 630.213103][T18649] ? __pfx_path_openat+0x10/0x10 [ 630.218184][T18649] ? __pfx___lock_acquire+0x10/0x10 [ 630.223426][T18649] ? lock_acquire.part.0+0x11b/0x380 [ 630.228780][T18649] ? find_held_lock+0x2d/0x110 [ 630.233585][T18649] do_filp_open+0x20c/0x470 [ 630.238126][T18649] ? __pfx_do_filp_open+0x10/0x10 [ 630.243171][T18649] ? find_held_lock+0x2d/0x110 [ 630.247969][T18649] ? alloc_fd+0x41f/0x760 [ 630.252318][T18649] do_sys_openat2+0x17a/0x1e0 [ 630.257009][T18649] ? __pfx_do_sys_openat2+0x10/0x10 [ 630.262224][T18649] ? __fget_files+0x206/0x3a0 [ 630.266928][T18649] __x64_sys_openat+0x175/0x210 [ 630.271793][T18649] ? __pfx___x64_sys_openat+0x10/0x10 [ 630.277173][T18649] ? ksys_write+0x1ba/0x250 [ 630.281688][T18649] do_syscall_64+0xcd/0x250 [ 630.286209][T18649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.292117][T18649] RIP: 0033:0x7f0639185d19 [ 630.296539][T18649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 630.316239][T18649] RSP: 002b:00007f0639ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 630.324663][T18649] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f0639185d19 [ 630.332634][T18649] RDX: 0000000000000802 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 630.340614][T18649] RBP: 00007f0639ed7090 R08: 0000000000000000 R09: 0000000000000000 [ 630.348592][T18649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 630.356655][T18649] R13: 0000000000000001 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 630.364641][T18649] [ 630.565293][T18654] FAULT_INJECTION: forcing a failure. [ 630.565293][T18654] name failslab, interval 1, probability 0, space 0, times 0 [ 630.617506][T18654] CPU: 0 UID: 0 PID: 18654 Comm: syz.3.3108 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 630.628333][T18654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 630.638420][T18654] Call Trace: [ 630.641811][T18654] [ 630.644771][T18654] dump_stack_lvl+0x16c/0x1f0 [ 630.649514][T18654] should_fail_ex+0x497/0x5b0 [ 630.654232][T18654] ? fs_reclaim_acquire+0xae/0x150 [ 630.659383][T18654] should_failslab+0xc2/0x120 [ 630.664101][T18654] __kmalloc_noprof+0xce/0x4f0 [ 630.668918][T18654] ? kobject_get_path+0xcb/0x230 [ 630.673901][T18654] kobject_get_path+0xcb/0x230 [ 630.678709][T18654] kobject_uevent_env+0x289/0x1670 [ 630.683891][T18654] ? __pfx_dev_uevent_name+0x10/0x10 [ 630.689223][T18654] ? bus_to_subsys+0x12d/0x160 [ 630.694031][T18654] device_del+0x623/0x9f0 [ 630.698529][T18654] ? __pfx_device_del+0x10/0x10 [ 630.703440][T18654] ? __timer_delete_sync+0x108/0x1b0 [ 630.708792][T18654] device_unregister+0x1d/0xc0 [ 630.713605][T18654] wakeup_source_unregister.part.0+0x4f/0x150 [ 630.719729][T18654] wakeup_source_unregister+0x1f/0x30 [ 630.725145][T18654] do_epoll_ctl+0x1be8/0x35d0 [ 630.729871][T18654] ? do_user_addr_fault+0x83d/0x13f0 [ 630.735226][T18654] ? __pfx_do_epoll_ctl+0x10/0x10 [ 630.740295][T18654] ? rep_movs_alternative+0x30/0x70 [ 630.745561][T18654] ? __x64_sys_epoll_ctl+0x15d/0x1e0 [ 630.750873][T18654] __x64_sys_epoll_ctl+0x15d/0x1e0 [ 630.756018][T18654] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 630.761677][T18654] do_syscall_64+0xcd/0x250 [ 630.766196][T18654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.772100][T18654] RIP: 0033:0x7f81fe985d19 [ 630.776516][T18654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 630.796146][T18654] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 630.804577][T18654] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 630.812665][T18654] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000005 [ 630.820641][T18654] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 630.828621][T18654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 630.836597][T18654] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 630.844763][T18654] [ 631.012632][T18660] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3109'. [ 631.581355][T18665] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3113'. [ 632.706955][T18682] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3126'. [ 632.849677][T18681] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3118'. [ 634.239432][T18707] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3127'. [ 635.687967][T18721] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3132'. [ 635.724944][T18728] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3133'. [ 636.130852][T18733] FAULT_INJECTION: forcing a failure. [ 636.130852][T18733] name failslab, interval 1, probability 0, space 0, times 0 [ 636.154732][T18733] CPU: 0 UID: 0 PID: 18733 Comm: syz.5.3135 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 636.165654][T18733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 636.175737][T18733] Call Trace: [ 636.179022][T18733] [ 636.181957][T18733] dump_stack_lvl+0x16c/0x1f0 [ 636.186644][T18733] should_fail_ex+0x497/0x5b0 [ 636.191332][T18733] ? fs_reclaim_acquire+0xae/0x150 [ 636.196457][T18733] should_failslab+0xc2/0x120 [ 636.201148][T18733] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 636.206534][T18733] ? security_file_alloc+0x34/0x2b0 [ 636.211740][T18733] security_file_alloc+0x34/0x2b0 [ 636.216781][T18733] init_file+0x93/0x480 [ 636.220952][T18733] alloc_empty_file+0x91/0x1e0 [ 636.225727][T18733] path_openat+0xe1/0x2d60 [ 636.230150][T18733] ? hlock_class+0x4e/0x130 [ 636.234663][T18733] ? __lock_acquire+0x15a9/0x3c40 [ 636.239707][T18733] ? __pfx_path_openat+0x10/0x10 [ 636.244662][T18733] ? __pfx___lock_acquire+0x10/0x10 [ 636.249873][T18733] ? lock_acquire.part.0+0x11b/0x380 [ 636.255162][T18733] ? find_held_lock+0x2d/0x110 [ 636.259935][T18733] do_filp_open+0x20c/0x470 [ 636.264462][T18733] ? __pfx_do_filp_open+0x10/0x10 [ 636.269488][T18733] ? find_held_lock+0x2d/0x110 [ 636.274323][T18733] ? alloc_fd+0x41f/0x760 [ 636.278666][T18733] do_sys_openat2+0x17a/0x1e0 [ 636.283355][T18733] ? __pfx_do_sys_openat2+0x10/0x10 [ 636.288569][T18733] ? __fget_files+0x206/0x3a0 [ 636.293267][T18733] __x64_sys_openat+0x175/0x210 [ 636.298135][T18733] ? __pfx___x64_sys_openat+0x10/0x10 [ 636.303521][T18733] ? ksys_write+0x1ba/0x250 [ 636.308034][T18733] do_syscall_64+0xcd/0x250 [ 636.312546][T18733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.318452][T18733] RIP: 0033:0x7f6f77785d19 [ 636.322870][T18733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 636.342490][T18733] RSP: 002b:00007f6f784e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 636.350929][T18733] RAX: ffffffffffffffda RBX: 00007f6f77975fa0 RCX: 00007f6f77785d19 [ 636.358914][T18733] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 636.366887][T18733] RBP: 00007f6f784e6090 R08: 0000000000000000 R09: 0000000000000000 [ 636.374860][T18733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 636.382835][T18733] R13: 0000000000000001 R14: 00007f6f77975fa0 R15: 00007ffd3bb91578 [ 636.390819][T18733] [ 636.944634][T16526] Bluetooth: hci1: command 0x0406 tx timeout [ 637.913382][T18753] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3140'. [ 638.337023][T18762] netlink: 'syz.4.3144': attribute type 21 has an invalid length. [ 638.346393][T18762] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3144'. [ 638.950177][T18780] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3148'. [ 640.792125][T18800] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3162'. [ 640.888370][T18810] netlink: 'syz.1.3158': attribute type 21 has an invalid length. [ 640.904665][T18810] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3158'. [ 643.247435][T18849] netlink: 'syz.3.3169': attribute type 21 has an invalid length. [ 643.295658][T18849] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3169'. [ 643.796674][T18856] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3170'. [ 645.158509][T18881] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3179'. [ 645.467314][T18888] netlink: 'syz.5.3182': attribute type 21 has an invalid length. [ 645.520732][T18888] netlink: 326 bytes leftover after parsing attributes in process `syz.5.3182'. [ 645.724692][T18890] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3181'. [ 646.733403][T18906] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3186'. [ 647.139423][T18914] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3188'. [ 647.174493][T18914] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 647.198954][T18914] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 647.235171][T18914] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 647.268981][T18914] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 647.706333][T18923] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3191'. [ 647.737365][T18925] FAULT_INJECTION: forcing a failure. [ 647.737365][T18925] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 647.781121][T18925] CPU: 1 UID: 0 PID: 18925 Comm: syz.3.3193 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 647.791945][T18925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 647.802032][T18925] Call Trace: [ 647.805340][T18925] [ 647.808652][T18925] dump_stack_lvl+0x16c/0x1f0 [ 647.813372][T18925] should_fail_ex+0x497/0x5b0 [ 647.818094][T18925] _copy_from_iter+0x29b/0x1400 [ 647.822989][T18925] ? trace_lock_acquire+0x14e/0x1f0 [ 647.828226][T18925] ? __alloc_skb+0x200/0x380 [ 647.832854][T18925] ? __pfx__copy_from_iter+0x10/0x10 [ 647.838170][T18925] ? __virt_addr_valid+0x1a4/0x590 [ 647.843305][T18925] ? __virt_addr_valid+0x5e/0x590 [ 647.848341][T18925] ? __phys_addr_symbol+0x30/0x80 [ 647.853372][T18925] ? __check_object_size+0x488/0x710 [ 647.858672][T18925] netlink_sendmsg+0x813/0xd70 [ 647.863446][T18925] ? __pfx_netlink_sendmsg+0x10/0x10 [ 647.868748][T18925] ____sys_sendmsg+0x9ae/0xb40 [ 647.873514][T18925] ? copy_msghdr_from_user+0x10b/0x160 [ 647.879006][T18925] ? __pfx_____sys_sendmsg+0x10/0x10 [ 647.884483][T18925] ___sys_sendmsg+0x135/0x1e0 [ 647.889186][T18925] ? __pfx____sys_sendmsg+0x10/0x10 [ 647.894405][T18925] ? __pfx_lock_release+0x10/0x10 [ 647.899441][T18925] ? trace_lock_acquire+0x14e/0x1f0 [ 647.904654][T18925] ? __fget_files+0x206/0x3a0 [ 647.909400][T18925] __sys_sendmsg+0x16e/0x220 [ 647.914007][T18925] ? __pfx___sys_sendmsg+0x10/0x10 [ 647.919148][T18925] do_syscall_64+0xcd/0x250 [ 647.923662][T18925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.929562][T18925] RIP: 0033:0x7f81fe985d19 [ 647.933976][T18925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 647.953589][T18925] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 647.962010][T18925] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 647.969997][T18925] RDX: 0000000000040000 RSI: 0000000020000240 RDI: 0000000000000004 [ 647.977971][T18925] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 647.985973][T18925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 647.993947][T18925] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 648.001932][T18925] [ 649.723295][T18953] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3200'. [ 650.037398][T18959] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3201'. [ 650.057415][T18959] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 650.074160][T18959] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 650.089911][T18959] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 650.099372][T18959] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 650.642834][T18971] FAULT_INJECTION: forcing a failure. [ 650.642834][T18971] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 650.699857][T18971] CPU: 0 UID: 0 PID: 18971 Comm: syz.1.3207 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 650.710678][T18971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 650.720853][T18971] Call Trace: [ 650.724158][T18971] [ 650.727121][T18971] dump_stack_lvl+0x16c/0x1f0 [ 650.731836][T18971] should_fail_ex+0x497/0x5b0 [ 650.736549][T18971] ? fs_reclaim_acquire+0xae/0x150 [ 650.741697][T18971] should_fail_alloc_page+0xe7/0x130 [ 650.747031][T18971] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 650.753318][T18971] __alloc_pages_noprof+0x190/0x25b0 [ 650.758646][T18971] ? hlock_class+0x4e/0x130 [ 650.763194][T18971] ? mark_lock+0xb5/0xc60 [ 650.767567][T18971] ? hlock_class+0x4e/0x130 [ 650.772123][T18971] ? __lock_acquire+0xcc5/0x3c40 [ 650.777126][T18971] ? __pfx_mark_lock+0x10/0x10 [ 650.781952][T18971] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 650.787738][T18971] ? hlock_class+0x4e/0x130 [ 650.792284][T18971] ? hlock_class+0x4e/0x130 [ 650.796843][T18971] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 650.802776][T18971] ? policy_nodemask+0xea/0x4e0 [ 650.807672][T18971] alloc_pages_mpol_noprof+0x2c9/0x610 [ 650.813176][T18971] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 650.819289][T18971] ? __pfx___lock_acquire+0x10/0x10 [ 650.824528][T18971] ? lock_acquire+0x2f/0xb0 [ 650.829054][T18971] ? is_bpf_text_address+0x30/0x1a0 [ 650.834291][T18971] ? bpf_ksym_find+0x124/0x1c0 [ 650.839097][T18971] pte_alloc_one+0x20/0x390 [ 650.840023][T18975] FAULT_INJECTION: forcing a failure. [ 650.840023][T18975] name failslab, interval 1, probability 0, space 0, times 0 [ 650.843788][T18971] do_pte_missing+0x1ae7/0x3e00 [ 650.861366][T18971] __handle_mm_fault+0x103c/0x2a40 [ 650.866535][T18971] ? __pfx___handle_mm_fault+0x10/0x10 [ 650.872029][T18971] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 650.877991][T18971] ? find_vma+0xc0/0x140 [ 650.882273][T18971] ? __pfx_find_vma+0x10/0x10 [ 650.886979][T18971] handle_mm_fault+0x3fa/0xaa0 [ 650.891792][T18971] do_user_addr_fault+0x7a3/0x13f0 [ 650.896960][T18971] exc_page_fault+0x5c/0xc0 [ 650.901500][T18971] asm_exc_page_fault+0x26/0x30 [ 650.906380][T18971] RIP: 0010:rep_movs_alternative+0x13/0x70 [ 650.912221][T18971] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f [ 650.931860][T18971] RSP: 0018:ffffc9000c9b7c50 EFLAGS: 00050202 [ 650.937952][T18971] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 650.945947][T18971] RDX: fffff52001936f98 RSI: 0000000000000000 RDI: ffffc9000c9b7cb8 [ 650.953941][T18971] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52001936f97 [ 650.961916][T18971] R10: ffffc9000c9b7cbb R11: 0000000000000001 R12: 0000000000000000 [ 650.969890][T18971] R13: ffffc9000c9b7cb8 R14: 0000000040084504 R15: ffffc9000c9b7da8 [ 650.977887][T18971] _copy_from_user+0x9a/0xd0 [ 650.982497][T18971] evdev_handle_set_keycode+0xb8/0x170 [ 650.987970][T18971] ? __pfx_evdev_handle_set_keycode+0x10/0x10 [ 650.994052][T18971] ? __mutex_trylock_common+0xea/0x250 [ 650.999954][T18971] ? evdev_ioctl+0x80/0x1a0 [ 651.004466][T18971] ? rcu_is_watching+0x12/0xc0 [ 651.009238][T18971] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 651.015140][T18971] evdev_do_ioctl+0xba6/0x1ae0 [ 651.019917][T18971] ? __pfx_evdev_do_ioctl+0x10/0x10 [ 651.025131][T18971] ? trace_lock_acquire+0x14e/0x1f0 [ 651.030352][T18971] ? __pfx_evdev_ioctl+0x10/0x10 [ 651.035308][T18971] evdev_ioctl+0x16a/0x1a0 [ 651.039732][T18971] ? __pfx_evdev_ioctl+0x10/0x10 [ 651.044701][T18971] __x64_sys_ioctl+0x190/0x200 [ 651.049500][T18971] do_syscall_64+0xcd/0x250 [ 651.054023][T18971] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.059946][T18971] RIP: 0033:0x7f3e38b85d19 [ 651.064986][T18971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.084601][T18971] RSP: 002b:00007f3e39a3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 651.093030][T18971] RAX: ffffffffffffffda RBX: 00007f3e38d75fa0 RCX: 00007f3e38b85d19 [ 651.101006][T18971] RDX: 0000000000000000 RSI: 0000000040084504 RDI: 0000000000000003 [ 651.108978][T18971] RBP: 00007f3e39a3e090 R08: 0000000000000000 R09: 0000000000000000 [ 651.116954][T18971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 651.124928][T18971] R13: 0000000000000000 R14: 00007f3e38d75fa0 R15: 00007ffd99678fb8 [ 651.132916][T18971] [ 651.136159][T18975] CPU: 1 UID: 0 PID: 18975 Comm: syz.4.3208 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 651.146971][T18975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 651.157059][T18975] Call Trace: [ 651.160364][T18975] [ 651.163319][T18975] dump_stack_lvl+0x16c/0x1f0 [ 651.168033][T18975] should_fail_ex+0x497/0x5b0 [ 651.172753][T18975] ? fs_reclaim_acquire+0xae/0x150 [ 651.178012][T18975] should_failslab+0xc2/0x120 [ 651.182740][T18975] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 651.188177][T18975] ? alloc_empty_file+0x73/0x1e0 [ 651.193257][T18975] alloc_empty_file+0x73/0x1e0 [ 651.198071][T18975] path_openat+0xe1/0x2d60 [ 651.202526][T18975] ? hlock_class+0x4e/0x130 [ 651.207587][T18975] ? __lock_acquire+0x15a9/0x3c40 [ 651.212671][T18975] ? __pfx_path_openat+0x10/0x10 [ 651.217649][T18975] ? __pfx___lock_acquire+0x10/0x10 [ 651.222891][T18975] ? lock_acquire.part.0+0x11b/0x380 [ 651.228216][T18975] ? find_held_lock+0x2d/0x110 [ 651.233023][T18975] do_filp_open+0x20c/0x470 [ 651.237561][T18975] ? __pfx_do_filp_open+0x10/0x10 [ 651.242610][T18975] ? find_held_lock+0x2d/0x110 [ 651.247431][T18975] ? alloc_fd+0x41f/0x760 [ 651.251812][T18975] do_sys_openat2+0x17a/0x1e0 [ 651.256539][T18975] ? __pfx_do_sys_openat2+0x10/0x10 [ 651.261793][T18975] ? __fget_files+0x206/0x3a0 [ 651.266614][T18975] __x64_sys_openat+0x175/0x210 [ 651.271518][T18975] ? __pfx___x64_sys_openat+0x10/0x10 [ 651.276941][T18975] ? ksys_write+0x1ba/0x250 [ 651.281495][T18975] do_syscall_64+0xcd/0x250 [ 651.286039][T18975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.291972][T18975] RIP: 0033:0x7f0639185d19 [ 651.296421][T18975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.316069][T18975] RSP: 002b:00007f0639ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 651.324571][T18975] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f0639185d19 [ 651.332564][T18975] RDX: 0000000000020000 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 651.340540][T18975] RBP: 00007f0639ed7090 R08: 0000000000000000 R09: 0000000000000000 [ 651.348518][T18975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 651.356503][T18975] R13: 0000000000000001 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 651.364618][T18975] [ 652.688161][T19003] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3216'. [ 652.708967][T19000] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3215'. [ 652.728592][T19003] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 652.755003][T19003] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 652.793094][T19003] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 652.803239][T19003] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 653.919691][T19014] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3218'. [ 654.758995][T19036] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3227'. [ 654.797679][T19036] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 654.827841][T19036] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 654.859250][T19036] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 654.886616][T19036] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 655.452122][T19041] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3228'. [ 656.236561][T19052] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3233'. [ 657.016231][T19069] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3238'. [ 658.874298][T19088] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3245'. [ 660.631879][T19093] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3255'. [ 660.643663][T19093] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3255'. [ 660.872911][T19103] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3246'. [ 662.457561][T19134] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3260'. [ 662.479021][T19134] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3260'. [ 662.751361][T19140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3262'. [ 663.546009][T19157] FAULT_INJECTION: forcing a failure. [ 663.546009][T19157] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 663.575221][T19157] CPU: 0 UID: 0 PID: 19157 Comm: syz.3.3269 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 663.586059][T19157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 663.596241][T19157] Call Trace: [ 663.599574][T19157] [ 663.602609][T19157] dump_stack_lvl+0x16c/0x1f0 [ 663.607308][T19157] should_fail_ex+0x497/0x5b0 [ 663.612140][T19157] _copy_to_user+0x32/0xd0 [ 663.617221][T19157] simple_read_from_buffer+0xd0/0x160 [ 663.622676][T19157] proc_fail_nth_read+0x198/0x270 [ 663.627757][T19157] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 663.633373][T19157] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 663.638981][T19157] vfs_read+0x1df/0xbe0 [ 663.643185][T19157] ? __fget_files+0x1fc/0x3a0 [ 663.647914][T19157] ? __pfx___mutex_lock+0x10/0x10 [ 663.652985][T19157] ? __pfx_vfs_read+0x10/0x10 [ 663.657717][T19157] ? __fget_files+0x206/0x3a0 [ 663.662441][T19157] ksys_read+0x12b/0x250 [ 663.666725][T19157] ? __pfx_ksys_read+0x10/0x10 [ 663.671537][T19157] do_syscall_64+0xcd/0x250 [ 663.676085][T19157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.682014][T19157] RIP: 0033:0x7f81fe98472c [ 663.686464][T19157] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 663.706120][T19157] RSP: 002b:00007f81ff710030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 663.714574][T19157] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe98472c [ 663.722585][T19157] RDX: 000000000000000f RSI: 00007f81ff7100a0 RDI: 0000000000000004 [ 663.730593][T19157] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 663.738625][T19157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 663.746665][T19157] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 663.754694][T19157] [ 664.931384][T19175] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3274'. [ 664.965812][T19175] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3274'. [ 665.232256][T19190] FAULT_INJECTION: forcing a failure. [ 665.232256][T19190] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 665.247619][T19190] CPU: 1 UID: 0 PID: 19190 Comm: syz.4.3280 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 665.258450][T19190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 665.268542][T19190] Call Trace: [ 665.271852][T19190] [ 665.274819][T19190] dump_stack_lvl+0x16c/0x1f0 [ 665.279892][T19190] should_fail_ex+0x497/0x5b0 [ 665.284638][T19190] _copy_from_user+0x2e/0xd0 [ 665.289280][T19190] memdup_user+0x71/0xd0 [ 665.293739][T19190] btrfs_control_ioctl+0xa0/0x3c0 [ 665.298829][T19190] ? __pfx_btrfs_control_ioctl+0x10/0x10 [ 665.304513][T19190] ? __fget_files+0x206/0x3a0 [ 665.309237][T19190] ? __pfx_btrfs_control_ioctl+0x10/0x10 [ 665.314917][T19190] __x64_sys_ioctl+0x190/0x200 [ 665.319741][T19190] do_syscall_64+0xcd/0x250 [ 665.324295][T19190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.330236][T19190] RIP: 0033:0x7f0639185d19 [ 665.334698][T19190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 665.354343][T19190] RSP: 002b:00007f0639ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 665.362980][T19190] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f0639185d19 [ 665.370995][T19190] RDX: 0000000000000000 RSI: 0000000080489439 RDI: 0000000000000003 [ 665.379008][T19190] RBP: 00007f0639ed7090 R08: 0000000000000000 R09: 0000000000000000 [ 665.387025][T19190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.395043][T19190] R13: 0000000000000000 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 665.403065][T19190] [ 665.491476][T19197] FAULT_INJECTION: forcing a failure. [ 665.491476][T19197] name failslab, interval 1, probability 0, space 0, times 0 [ 665.519425][T19197] CPU: 0 UID: 0 PID: 19197 Comm: syz.5.3282 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 665.530421][T19197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 665.530441][T19197] Call Trace: [ 665.530450][T19197] [ 665.530460][T19197] dump_stack_lvl+0x16c/0x1f0 [ 665.551604][T19197] should_fail_ex+0x497/0x5b0 [ 665.556317][T19197] ? fs_reclaim_acquire+0xae/0x150 [ 665.561493][T19197] should_failslab+0xc2/0x120 [ 665.566213][T19197] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 665.571623][T19197] ? security_file_alloc+0x34/0x2b0 [ 665.576856][T19197] security_file_alloc+0x34/0x2b0 [ 665.581919][T19197] init_file+0x93/0x480 [ 665.586117][T19197] alloc_empty_file+0x91/0x1e0 [ 665.590933][T19197] path_openat+0xe1/0x2d60 [ 665.595383][T19197] ? hlock_class+0x4e/0x130 [ 665.599897][T19197] ? __lock_acquire+0x15a9/0x3c40 [ 665.604956][T19197] ? __pfx_path_openat+0x10/0x10 [ 665.609906][T19197] ? __pfx___lock_acquire+0x10/0x10 [ 665.615128][T19197] ? lock_acquire.part.0+0x11b/0x380 [ 665.620457][T19197] ? find_held_lock+0x2d/0x110 [ 665.625276][T19197] do_filp_open+0x20c/0x470 [ 665.629799][T19197] ? __pfx_do_filp_open+0x10/0x10 [ 665.634823][T19197] ? find_held_lock+0x2d/0x110 [ 665.639607][T19197] ? alloc_fd+0x41f/0x760 [ 665.643984][T19197] do_sys_openat2+0x17a/0x1e0 [ 665.648667][T19197] ? __pfx_do_sys_openat2+0x10/0x10 [ 665.653876][T19197] ? __fget_files+0x206/0x3a0 [ 665.658554][T19197] __x64_sys_openat+0x175/0x210 [ 665.663408][T19197] ? __pfx___x64_sys_openat+0x10/0x10 [ 665.668818][T19197] ? ksys_write+0x1ba/0x250 [ 665.673364][T19197] do_syscall_64+0xcd/0x250 [ 665.677867][T19197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.683765][T19197] RIP: 0033:0x7f6f77785d19 [ 665.688173][T19197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 665.707867][T19197] RSP: 002b:00007f6f784e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 665.716299][T19197] RAX: ffffffffffffffda RBX: 00007f6f77975fa0 RCX: 00007f6f77785d19 [ 665.724309][T19197] RDX: 0000000000189000 RSI: 0000000020000840 RDI: ffffffffffffff9c [ 665.732327][T19197] RBP: 00007f6f784e6090 R08: 0000000000000000 R09: 0000000000000000 [ 665.740342][T19197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.748355][T19197] R13: 0000000000000001 R14: 00007f6f77975fa0 R15: 00007ffd3bb91578 [ 665.756394][T19197] [ 666.957559][T19225] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3292'. [ 667.322019][T19229] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3293'. [ 667.346389][T19229] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3293'. [ 667.439291][T19231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3294'. [ 667.451847][T19231] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3294'. [ 668.816915][T19256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3303'. [ 668.825999][T19258] FAULT_INJECTION: forcing a failure. [ 668.825999][T19258] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 668.849245][T19258] CPU: 1 UID: 0 PID: 19258 Comm: syz.3.3304 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 668.860079][T19258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 668.870265][T19258] Call Trace: [ 668.873565][T19258] [ 668.876529][T19258] dump_stack_lvl+0x16c/0x1f0 [ 668.881307][T19258] should_fail_ex+0x497/0x5b0 [ 668.886035][T19258] _copy_from_iter+0x29b/0x1400 [ 668.890929][T19258] ? trace_lock_acquire+0x14e/0x1f0 [ 668.896194][T19258] ? __alloc_skb+0x200/0x380 [ 668.900828][T19258] ? __pfx__copy_from_iter+0x10/0x10 [ 668.906154][T19258] ? __virt_addr_valid+0x1a4/0x590 [ 668.911321][T19258] ? __virt_addr_valid+0x5e/0x590 [ 668.916393][T19258] ? __phys_addr_symbol+0x30/0x80 [ 668.921462][T19258] ? __check_object_size+0x488/0x710 [ 668.926794][T19258] netlink_sendmsg+0x813/0xd70 [ 668.931611][T19258] ? __pfx_netlink_sendmsg+0x10/0x10 [ 668.936956][T19258] ____sys_sendmsg+0x9ae/0xb40 [ 668.941761][T19258] ? copy_msghdr_from_user+0x10b/0x160 [ 668.947314][T19258] ? __pfx_____sys_sendmsg+0x10/0x10 [ 668.952647][T19258] ? __lock_acquire+0xcc5/0x3c40 [ 668.957657][T19258] ___sys_sendmsg+0x135/0x1e0 [ 668.962480][T19258] ? __pfx____sys_sendmsg+0x10/0x10 [ 668.967749][T19258] ? trace_lock_acquire+0x14e/0x1f0 [ 668.973024][T19258] __sys_sendmmsg+0x201/0x420 [ 668.977766][T19258] ? __pfx___sys_sendmmsg+0x10/0x10 [ 668.983121][T19258] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 668.989151][T19258] ? fput+0x67/0x440 [ 668.993101][T19258] ? ksys_write+0x1ba/0x250 [ 668.997681][T19258] ? __pfx_ksys_write+0x10/0x10 [ 669.002574][T19258] __x64_sys_sendmmsg+0x9c/0x100 [ 669.007553][T19258] ? lockdep_hardirqs_on+0x7c/0x110 [ 669.012798][T19258] do_syscall_64+0xcd/0x250 [ 669.017345][T19258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.023279][T19258] RIP: 0033:0x7f81fe985d19 [ 669.027728][T19258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 669.047377][T19258] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 669.055834][T19258] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 669.063841][T19258] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 669.071847][T19258] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 669.079853][T19258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 669.087859][T19258] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 669.095892][T19258] [ 669.178503][T19264] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3305'. [ 669.268706][T19263] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3306'. [ 669.299306][T19263] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3306'. [ 670.636896][T19280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3310'. [ 672.373100][T19318] __nla_validate_parse: 8 callbacks suppressed [ 672.373123][T19318] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3325'. [ 672.434886][T19315] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3324'. [ 672.483032][T19315] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3324'. [ 672.784676][T16526] Bluetooth: hci0: command 0x0406 tx timeout [ 672.875547][T19325] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3328'. [ 672.892052][T19328] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3329'. [ 672.896810][T19325] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3328'. [ 672.904363][T19328] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3329'. [ 673.164489][T19333] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3330'. [ 673.479744][T19335] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3331'. [ 674.115953][T19348] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3334'. [ 677.490273][T19402] __nla_validate_parse: 10 callbacks suppressed [ 677.490297][T19402] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3353'. [ 678.021110][T19405] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3354'. [ 678.033185][T19405] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3354'. [ 678.603368][T19410] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3356'. [ 679.324195][T19424] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3359'. [ 679.678064][T19427] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3362'. [ 679.696845][T19427] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3362'. [ 679.840708][T19431] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3364'. [ 679.855542][T19434] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3363'. [ 681.207306][T19448] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3368'. [ 683.121903][T19478] __nla_validate_parse: 5 callbacks suppressed [ 683.121926][T19478] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3378'. [ 683.788246][T19487] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3381'. [ 683.884671][T19493] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3382'. [ 684.969659][T19510] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3390'. [ 685.228133][T19506] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3387'. [ 686.072126][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.078925][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.185801][T19520] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3395'. [ 686.524516][T19532] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3397'. [ 686.668421][T19536] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3398'. [ 687.486389][T19547] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3401'. [ 688.289530][T19556] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3403'. [ 688.480099][T19562] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3408'. [ 688.491148][T19562] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3408'. [ 689.338856][T19581] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3412'. [ 689.416104][T19580] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3421'. [ 689.429167][T19580] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3421'. [ 689.640601][T19576] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3420'. [ 690.545421][T19592] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3424'. [ 690.573595][T19592] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3424'. [ 690.687698][T19590] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3425'. [ 693.453292][T19637] __nla_validate_parse: 2 callbacks suppressed [ 693.453316][T19637] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3431'. [ 693.635119][T19641] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3432'. [ 693.785692][T19656] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3436'. [ 694.778896][T19667] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3446'. [ 694.855654][T19659] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3447'. [ 695.298703][T19674] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3440'. [ 695.813065][T19685] FAULT_INJECTION: forcing a failure. [ 695.813065][T19685] name failslab, interval 1, probability 0, space 0, times 0 [ 695.861390][T19685] CPU: 0 UID: 0 PID: 19685 Comm: syz.3.3443 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 695.872234][T19685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 695.882330][T19685] Call Trace: [ 695.885638][T19685] [ 695.888599][T19685] dump_stack_lvl+0x16c/0x1f0 [ 695.893324][T19685] should_fail_ex+0x497/0x5b0 [ 695.898060][T19685] ? fs_reclaim_acquire+0xae/0x150 [ 695.903225][T19685] should_failslab+0xc2/0x120 [ 695.907964][T19685] __kmalloc_cache_noprof+0x68/0x420 [ 695.913303][T19685] ? kasan_save_track+0x14/0x30 [ 695.918226][T19685] snd_pcm_oss_change_params_locked+0x20c/0x3a50 [ 695.924693][T19685] ? rcu_is_watching+0x12/0xc0 [ 695.929560][T19685] ? __mutex_lock+0x1cc/0xa60 [ 695.934286][T19685] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 695.941171][T19685] ? __mutex_lock+0x1cc/0xa60 [ 695.945871][T19685] ? __pfx___mutex_lock+0x10/0x10 [ 695.950909][T19685] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 695.956904][T19685] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 695.963161][T19685] snd_pcm_oss_ioctl+0x21d5/0x3780 [ 695.968289][T19685] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 695.973940][T19685] ? __fget_files+0x206/0x3a0 [ 695.978638][T19685] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 695.984112][T19685] __x64_sys_ioctl+0x190/0x200 [ 695.988907][T19685] do_syscall_64+0xcd/0x250 [ 695.993429][T19685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.999339][T19685] RIP: 0033:0x7f81fe985d19 [ 696.003759][T19685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 696.023462][T19685] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 696.031976][T19685] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 696.039957][T19685] RDX: 0000000020000040 RSI: 00000000c0045002 RDI: 0000000000000003 [ 696.047935][T19685] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 696.055917][T19685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 696.063892][T19685] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 696.071885][T19685] [ 697.250609][T19712] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3452'. [ 697.680913][T19714] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3453'. [ 697.968152][T19724] FAULT_INJECTION: forcing a failure. [ 697.968152][T19724] name failslab, interval 1, probability 0, space 0, times 0 [ 697.981235][T19724] CPU: 1 UID: 0 PID: 19724 Comm: syz.4.3456 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 697.992036][T19724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 698.002128][T19724] Call Trace: [ 698.005514][T19724] [ 698.008460][T19724] dump_stack_lvl+0x16c/0x1f0 [ 698.013171][T19724] should_fail_ex+0x497/0x5b0 [ 698.017892][T19724] should_failslab+0xc2/0x120 [ 698.023128][T19724] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 698.028537][T19724] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 698.034195][T19724] ? dst_alloc+0x99/0x1a0 [ 698.038595][T19724] ? __pfx_ip6_dst_gc+0x10/0x10 [ 698.043572][T19724] dst_alloc+0x99/0x1a0 [ 698.047764][T19724] ip6_dst_alloc+0x2c/0xa0 [ 698.052239][T19724] ip6_pol_route+0x956/0x1120 [ 698.056968][T19724] ? __pfx_ip6_pol_route+0x10/0x10 [ 698.062229][T19724] ? __pfx___lock_acquire+0x10/0x10 [ 698.067480][T19724] ? hlock_class+0x4e/0x130 [ 698.072139][T19724] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 698.078003][T19724] fib6_rule_lookup+0x386/0x720 [ 698.082911][T19724] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 698.088333][T19724] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 698.094008][T19724] ? rcu_is_watching+0x12/0xc0 [ 698.098839][T19724] ip6_route_output_flags+0x1d0/0x640 [ 698.104260][T19724] ip6_dst_lookup_tail.constprop.0+0xa51/0x2150 [ 698.110651][T19724] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 698.117469][T19724] ? hlock_class+0x4e/0x130 [ 698.122036][T19724] ? find_held_lock+0x2d/0x110 [ 698.126866][T19724] ip6_dst_lookup_flow+0x99/0x1d0 [ 698.131951][T19724] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 698.137636][T19724] rawv6_sendmsg+0xd37/0x4450 [ 698.142368][T19724] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 698.147532][T19724] ? __pfx_tomoyo_check_inet_address+0x10/0x10 [ 698.153743][T19724] ? __pfx___might_resched+0x10/0x10 [ 698.159143][T19724] ? __pfx_aa_sk_perm+0x10/0x10 [ 698.164044][T19724] ? __might_fault+0xe3/0x190 [ 698.168801][T19724] ? __might_fault+0xe3/0x190 [ 698.173543][T19724] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 698.178708][T19724] ? inet_sendmsg+0x119/0x140 [ 698.183440][T19724] inet_sendmsg+0x119/0x140 [ 698.188003][T19724] ____sys_sendmsg+0x907/0xb40 [ 698.192818][T19724] ? __pfx_____sys_sendmsg+0x10/0x10 [ 698.198135][T19724] ? __lock_acquire+0xcc5/0x3c40 [ 698.203135][T19724] ___sys_sendmsg+0x135/0x1e0 [ 698.207856][T19724] ? __pfx____sys_sendmsg+0x10/0x10 [ 698.213118][T19724] ? trace_lock_acquire+0x14e/0x1f0 [ 698.218384][T19724] __sys_sendmmsg+0x201/0x420 [ 698.223105][T19724] ? __pfx___sys_sendmmsg+0x10/0x10 [ 698.228380][T19724] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 698.234418][T19724] ? fput+0x67/0x440 [ 698.238364][T19724] ? ksys_write+0x1ba/0x250 [ 698.242913][T19724] ? __pfx_ksys_write+0x10/0x10 [ 698.247909][T19724] __x64_sys_sendmmsg+0x9c/0x100 [ 698.252903][T19724] ? lockdep_hardirqs_on+0x7c/0x110 [ 698.258143][T19724] do_syscall_64+0xcd/0x250 [ 698.262696][T19724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.268628][T19724] RIP: 0033:0x7f0639185d19 [ 698.273077][T19724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 698.292821][T19724] RSP: 002b:00007f0639ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 698.301300][T19724] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f0639185d19 [ 698.309308][T19724] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003 [ 698.317327][T19724] RBP: 00007f0639ed7090 R08: 0000000000000000 R09: 0000000000000000 [ 698.325339][T19724] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000001 [ 698.333349][T19724] R13: 0000000000000000 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 698.341384][T19724] [ 698.585518][T19733] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3457'. [ 700.005770][T19758] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3466'. [ 700.208878][T19761] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3467'. [ 703.087422][T19799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3476'. [ 703.878618][T19808] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3478'. [ 704.371919][T19812] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3479'. [ 705.066678][T19823] FAULT_INJECTION: forcing a failure. [ 705.066678][T19823] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 705.154735][T19823] CPU: 0 UID: 0 PID: 19823 Comm: syz.1.3484 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 705.165663][T19823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 705.175727][T19823] Call Trace: [ 705.179013][T19823] [ 705.181979][T19823] dump_stack_lvl+0x16c/0x1f0 [ 705.186669][T19823] should_fail_ex+0x497/0x5b0 [ 705.191361][T19823] _copy_to_user+0x32/0xd0 [ 705.195811][T19823] simple_read_from_buffer+0xd0/0x160 [ 705.201225][T19823] proc_fail_nth_read+0x198/0x270 [ 705.206263][T19823] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 705.211920][T19823] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 705.217486][T19823] vfs_read+0x1df/0xbe0 [ 705.221667][T19823] ? __fget_files+0x1fc/0x3a0 [ 705.226353][T19823] ? __pfx___mutex_lock+0x10/0x10 [ 705.231389][T19823] ? __pfx_vfs_read+0x10/0x10 [ 705.236258][T19823] ? __fget_files+0x206/0x3a0 [ 705.240966][T19823] ksys_read+0x12b/0x250 [ 705.245306][T19823] ? __pfx_ksys_read+0x10/0x10 [ 705.250088][T19823] do_syscall_64+0xcd/0x250 [ 705.254614][T19823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.260521][T19823] RIP: 0033:0x7f3e38b8472c [ 705.265119][T19823] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 705.284768][T19823] RSP: 002b:00007f3e39a3e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 705.293192][T19823] RAX: ffffffffffffffda RBX: 00007f3e38d75fa0 RCX: 00007f3e38b8472c [ 705.301253][T19823] RDX: 000000000000000f RSI: 00007f3e39a3e0a0 RDI: 0000000000000004 [ 705.309231][T19823] RBP: 00007f3e39a3e090 R08: 0000000000000000 R09: 0000000000000000 [ 705.317385][T19823] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000001 [ 705.325449][T19823] R13: 0000000000000000 R14: 00007f3e38d75fa0 R15: 00007ffd99678fb8 [ 705.333440][T19823] [ 707.415362][T19850] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3492'. [ 707.656440][T19854] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3493'. [ 708.051301][T19858] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3494'. [ 708.214037][T19862] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3495'. [ 708.765668][T19869] FAULT_INJECTION: forcing a failure. [ 708.765668][T19869] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 708.846604][T19869] CPU: 1 UID: 0 PID: 19869 Comm: syz.3.3498 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 708.857442][T19869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 708.867545][T19869] Call Trace: [ 708.870853][T19869] [ 708.873810][T19869] dump_stack_lvl+0x16c/0x1f0 [ 708.878533][T19869] should_fail_ex+0x497/0x5b0 [ 708.883250][T19869] ? fs_reclaim_acquire+0xae/0x150 [ 708.888412][T19869] should_fail_alloc_page+0xe7/0x130 [ 708.893756][T19869] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 708.899966][T19869] __alloc_pages_noprof+0x190/0x25b0 [ 708.905303][T19869] ? hlock_class+0x4e/0x130 [ 708.909855][T19869] ? hlock_class+0x4e/0x130 [ 708.914406][T19869] ? mark_lock+0xb5/0xc60 [ 708.918784][T19869] ? __pfx_mark_lock+0x10/0x10 [ 708.923607][T19869] ? __pfx_mark_lock+0x10/0x10 [ 708.928424][T19869] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 708.934211][T19869] ? __pfx_register_lock_class+0x10/0x10 [ 708.939916][T19869] ? hlock_class+0x4e/0x130 [ 708.944472][T19869] ? hlock_class+0x4e/0x130 [ 708.949022][T19869] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 708.955050][T19869] ? policy_nodemask+0xea/0x4e0 [ 708.959958][T19869] alloc_pages_mpol_noprof+0x2c9/0x610 [ 708.965464][T19869] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 708.971517][T19869] ? __pfx___lock_acquire+0x10/0x10 [ 708.976789][T19869] pte_alloc_one+0x20/0x390 [ 708.981329][T19869] do_pte_missing+0x1ae7/0x3e00 [ 708.986236][T19869] __handle_mm_fault+0x103c/0x2a40 [ 708.991413][T19869] ? __pfx___handle_mm_fault+0x10/0x10 [ 708.996920][T19869] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 709.002625][T19869] ? find_vma+0xc0/0x140 [ 709.006904][T19869] ? __pfx_find_vma+0x10/0x10 [ 709.011619][T19869] handle_mm_fault+0x3fa/0xaa0 [ 709.016518][T19869] do_user_addr_fault+0x7a3/0x13f0 [ 709.021701][T19869] exc_page_fault+0x5c/0xc0 [ 709.026247][T19869] asm_exc_page_fault+0x26/0x30 [ 709.031137][T19869] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 709.037032][T19869] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 709.056688][T19869] RSP: 0018:ffffc9000da3f9e0 EFLAGS: 00050246 [ 709.062806][T19869] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 709.070817][T19869] RDX: fffff52001b47f4c RSI: 0000000000000000 RDI: ffffc9000da3fa58 [ 709.078826][T19869] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff52001b47f4b [ 709.086919][T19869] R10: ffffc9000da3fa5f R11: 0000000000000000 R12: 0000000000000000 [ 709.094933][T19869] R13: ffffc9000da3fa58 R14: 1ffff92001b47f45 R15: ffffc9000da3fd80 [ 709.102958][T19869] _copy_from_user+0x9a/0xd0 [ 709.107618][T19869] ____sys_sendmsg+0x56e/0xb40 [ 709.112437][T19869] ? __pfx_____sys_sendmsg+0x10/0x10 [ 709.117847][T19869] ? __lock_acquire+0xcc5/0x3c40 [ 709.122900][T19869] ___sys_sendmsg+0x135/0x1e0 [ 709.127713][T19869] ? __pfx____sys_sendmsg+0x10/0x10 [ 709.132969][T19869] ? trace_lock_acquire+0x14e/0x1f0 [ 709.138241][T19869] __sys_sendmmsg+0x201/0x420 [ 709.142968][T19869] ? __pfx___sys_sendmmsg+0x10/0x10 [ 709.148226][T19869] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 709.154257][T19869] ? fput+0x67/0x440 [ 709.158200][T19869] ? ksys_write+0x1ba/0x250 [ 709.162743][T19869] ? __pfx_ksys_write+0x10/0x10 [ 709.167640][T19869] __x64_sys_sendmmsg+0x9c/0x100 [ 709.172619][T19869] ? lockdep_hardirqs_on+0x7c/0x110 [ 709.177857][T19869] do_syscall_64+0xcd/0x250 [ 709.182662][T19869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.188601][T19869] RIP: 0033:0x7f81fe985d19 [ 709.193045][T19869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.212716][T19869] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 709.221174][T19869] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 709.229365][T19869] RDX: 0000000000000005 RSI: 0000000020000140 RDI: 0000000000000003 [ 709.237373][T19869] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 709.245378][T19869] R10: 000000007fffffff R11: 0000000000000246 R12: 0000000000000001 [ 709.253391][T19869] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 709.261511][T19869] [ 711.469967][T19898] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3505'. [ 712.086999][T19914] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3508'. [ 712.151092][T19916] FAULT_INJECTION: forcing a failure. [ 712.151092][T19916] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 712.234626][T19916] CPU: 1 UID: 0 PID: 19916 Comm: syz.5.3510 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 712.245463][T19916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 712.255556][T19916] Call Trace: [ 712.258866][T19916] [ 712.261825][T19916] dump_stack_lvl+0x16c/0x1f0 [ 712.266550][T19916] should_fail_ex+0x497/0x5b0 [ 712.271277][T19916] _copy_from_iter+0x29b/0x1400 [ 712.276200][T19916] ? trace_lock_acquire+0x14e/0x1f0 [ 712.281558][T19916] ? __alloc_skb+0x200/0x380 [ 712.286195][T19916] ? __pfx__copy_from_iter+0x10/0x10 [ 712.291525][T19916] ? __virt_addr_valid+0x1a4/0x590 [ 712.296693][T19916] ? __virt_addr_valid+0x5e/0x590 [ 712.301761][T19916] ? __phys_addr_symbol+0x30/0x80 [ 712.306814][T19916] ? __check_object_size+0x488/0x710 [ 712.312129][T19916] netlink_sendmsg+0x813/0xd70 [ 712.316912][T19916] ? __pfx_netlink_sendmsg+0x10/0x10 [ 712.322209][T19916] ____sys_sendmsg+0x9ae/0xb40 [ 712.326981][T19916] ? copy_msghdr_from_user+0x10b/0x160 [ 712.332452][T19916] ? __pfx_____sys_sendmsg+0x10/0x10 [ 712.337753][T19916] ___sys_sendmsg+0x135/0x1e0 [ 712.342445][T19916] ? __pfx____sys_sendmsg+0x10/0x10 [ 712.347668][T19916] ? __pfx_lock_release+0x10/0x10 [ 712.352721][T19916] ? trace_lock_acquire+0x14e/0x1f0 [ 712.357937][T19916] ? __fget_files+0x206/0x3a0 [ 712.362629][T19916] __sys_sendmsg+0x16e/0x220 [ 712.367235][T19916] ? __pfx___sys_sendmsg+0x10/0x10 [ 712.372377][T19916] do_syscall_64+0xcd/0x250 [ 712.376891][T19916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.382789][T19916] RIP: 0033:0x7f6f77785d19 [ 712.387205][T19916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 712.406815][T19916] RSP: 002b:00007f6f784e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 712.415234][T19916] RAX: ffffffffffffffda RBX: 00007f6f77975fa0 RCX: 00007f6f77785d19 [ 712.423209][T19916] RDX: 0000000000000000 RSI: 0000000020006d40 RDI: 0000000000000003 [ 712.431185][T19916] RBP: 00007f6f784e6090 R08: 0000000000000000 R09: 0000000000000000 [ 712.439161][T19916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 712.447136][T19916] R13: 0000000000000000 R14: 00007f6f77975fa0 R15: 00007ffd3bb91578 [ 712.455124][T19916] [ 713.155190][T19927] FAULT_INJECTION: forcing a failure. [ 713.155190][T19927] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 713.204725][T19927] CPU: 1 UID: 0 PID: 19927 Comm: syz.3.3514 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 713.215650][T19927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 713.225739][T19927] Call Trace: [ 713.229037][T19927] [ 713.231989][T19927] dump_stack_lvl+0x16c/0x1f0 [ 713.236874][T19927] should_fail_ex+0x497/0x5b0 [ 713.241591][T19927] _copy_from_iter+0x29b/0x1400 [ 713.246487][T19927] ? trace_lock_acquire+0x14e/0x1f0 [ 713.251728][T19927] ? __alloc_skb+0x200/0x380 [ 713.256354][T19927] ? __pfx__copy_from_iter+0x10/0x10 [ 713.261712][T19927] ? __virt_addr_valid+0x1a4/0x590 [ 713.266910][T19927] ? __virt_addr_valid+0x5e/0x590 [ 713.271963][T19927] ? __phys_addr_symbol+0x30/0x80 [ 713.276998][T19927] ? __check_object_size+0x488/0x710 [ 713.282305][T19927] netlink_sendmsg+0x813/0xd70 [ 713.287092][T19927] ? __pfx_netlink_sendmsg+0x10/0x10 [ 713.292388][T19927] ____sys_sendmsg+0x9ae/0xb40 [ 713.297243][T19927] ? copy_msghdr_from_user+0x10b/0x160 [ 713.302722][T19927] ? __pfx_____sys_sendmsg+0x10/0x10 [ 713.308023][T19927] ___sys_sendmsg+0x135/0x1e0 [ 713.312710][T19927] ? __pfx____sys_sendmsg+0x10/0x10 [ 713.317926][T19927] ? __pfx_lock_release+0x10/0x10 [ 713.322992][T19927] ? trace_lock_acquire+0x14e/0x1f0 [ 713.328214][T19927] ? __fget_files+0x206/0x3a0 [ 713.332900][T19927] __sys_sendmsg+0x16e/0x220 [ 713.337510][T19927] ? __pfx___sys_sendmsg+0x10/0x10 [ 713.342645][T19927] do_syscall_64+0xcd/0x250 [ 713.347159][T19927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.353064][T19927] RIP: 0033:0x7f81fe985d19 [ 713.357483][T19927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.377097][T19927] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 713.385607][T19927] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 713.393663][T19927] RDX: 0000000000000004 RSI: 0000000020000140 RDI: 0000000000000003 [ 713.401633][T19927] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 713.409627][T19927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 713.417600][T19927] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 713.425585][T19927] [ 714.926953][T19947] program syz.3.3520 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 715.195774][T19956] program syz.3.3523 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 715.225738][T19945] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3519'. [ 715.239405][T19956] FAULT_INJECTION: forcing a failure. [ 715.239405][T19956] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 715.285588][T19956] CPU: 0 UID: 0 PID: 19956 Comm: syz.3.3523 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 715.296418][T19956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 715.306502][T19956] Call Trace: [ 715.309798][T19956] [ 715.312754][T19956] dump_stack_lvl+0x16c/0x1f0 [ 715.317474][T19956] should_fail_ex+0x497/0x5b0 [ 715.322195][T19956] _copy_from_user+0x2e/0xd0 [ 715.326830][T19956] scsi_ioctl+0x7d4/0x1840 [ 715.331294][T19956] ? __pfx_scsi_ioctl+0x10/0x10 [ 715.336196][T19956] ? scsi_block_when_processing_errors+0x2c1/0x380 [ 715.342746][T19956] ? __pfx_scsi_block_when_processing_errors+0x10/0x10 [ 715.349668][T19956] sd_ioctl+0x1b1/0x2c0 [ 715.353867][T19956] ? __pfx_sd_ioctl+0x10/0x10 [ 715.358585][T19956] blkdev_ioctl+0x273/0x670 [ 715.363131][T19956] ? __pfx_blkdev_ioctl+0x10/0x10 [ 715.368193][T19956] ? __fget_files+0x206/0x3a0 [ 715.372915][T19956] ? __pfx_blkdev_ioctl+0x10/0x10 [ 715.377997][T19956] __x64_sys_ioctl+0x190/0x200 [ 715.382820][T19956] do_syscall_64+0xcd/0x250 [ 715.387368][T19956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.393307][T19956] RIP: 0033:0x7f81fe985d19 [ 715.397754][T19956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.417397][T19956] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 715.425850][T19956] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 715.433857][T19956] RDX: 0000000020000000 RSI: 0000000000000001 RDI: 0000000000000003 [ 715.441865][T19956] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 715.449873][T19956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 715.457877][T19956] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 715.465900][T19956] [ 716.055421][T19972] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3524'. [ 716.414486][T19974] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3532'. [ 718.006168][T20004] FAULT_INJECTION: forcing a failure. [ 718.006168][T20004] name failslab, interval 1, probability 0, space 0, times 0 [ 718.019500][T20004] CPU: 0 UID: 0 PID: 20004 Comm: syz.3.3536 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 718.030403][T20004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 718.040503][T20004] Call Trace: [ 718.043811][T20004] [ 718.046779][T20004] dump_stack_lvl+0x16c/0x1f0 [ 718.051502][T20004] should_fail_ex+0x497/0x5b0 [ 718.056226][T20004] should_failslab+0xc2/0x120 [ 718.060928][T20004] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 718.066323][T20004] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 718.071964][T20004] ? dst_alloc+0x99/0x1a0 [ 718.076306][T20004] ? __pfx_ip6_dst_gc+0x10/0x10 [ 718.081166][T20004] dst_alloc+0x99/0x1a0 [ 718.085329][T20004] ip6_dst_alloc+0x2c/0xa0 [ 718.089932][T20004] ip6_pol_route+0x956/0x1120 [ 718.094625][T20004] ? __pfx_ip6_pol_route+0x10/0x10 [ 718.099760][T20004] ? __pfx___lock_acquire+0x10/0x10 [ 718.104985][T20004] ? hlock_class+0x4e/0x130 [ 718.109497][T20004] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 718.115224][T20004] fib6_rule_lookup+0x386/0x720 [ 718.120088][T20004] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 718.125469][T20004] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 718.131110][T20004] ? rcu_is_watching+0x12/0xc0 [ 718.135895][T20004] ip6_route_output_flags+0x1d0/0x640 [ 718.141276][T20004] ip6_dst_lookup_tail.constprop.0+0xa51/0x2150 [ 718.147537][T20004] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 718.154224][T20004] ? hlock_class+0x4e/0x130 [ 718.158754][T20004] ? find_held_lock+0x2d/0x110 [ 718.163532][T20004] ip6_dst_lookup_flow+0x99/0x1d0 [ 718.168574][T20004] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 718.174223][T20004] rawv6_sendmsg+0xd37/0x4450 [ 718.178969][T20004] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 718.184113][T20004] ? __pfx_tomoyo_check_inet_address+0x10/0x10 [ 718.190304][T20004] ? __pfx___might_resched+0x10/0x10 [ 718.195615][T20004] ? __pfx_aa_sk_perm+0x10/0x10 [ 718.200484][T20004] ? __might_fault+0xe3/0x190 [ 718.205183][T20004] ? __might_fault+0xe3/0x190 [ 718.209880][T20004] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 718.215001][T20004] ? inet_sendmsg+0x119/0x140 [ 718.219700][T20004] inet_sendmsg+0x119/0x140 [ 718.224236][T20004] ____sys_sendmsg+0x907/0xb40 [ 718.229010][T20004] ? __pfx_____sys_sendmsg+0x10/0x10 [ 718.234315][T20004] ? __lock_acquire+0xcc5/0x3c40 [ 718.239295][T20004] ___sys_sendmsg+0x135/0x1e0 [ 718.243998][T20004] ? __pfx____sys_sendmsg+0x10/0x10 [ 718.249223][T20004] ? trace_lock_acquire+0x14e/0x1f0 [ 718.254450][T20004] __sys_sendmmsg+0x201/0x420 [ 718.259142][T20004] ? __pfx___sys_sendmmsg+0x10/0x10 [ 718.264454][T20004] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 718.270460][T20004] ? fput+0x67/0x440 [ 718.274372][T20004] ? ksys_write+0x1ba/0x250 [ 718.278895][T20004] ? __pfx_ksys_write+0x10/0x10 [ 718.283756][T20004] __x64_sys_sendmmsg+0x9c/0x100 [ 718.288704][T20004] ? lockdep_hardirqs_on+0x7c/0x110 [ 718.293916][T20004] do_syscall_64+0xcd/0x250 [ 718.298432][T20004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.304332][T20004] RIP: 0033:0x7f81fe985d19 [ 718.308752][T20004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 718.328365][T20004] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 718.336804][T20004] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 718.344777][T20004] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003 [ 718.352792][T20004] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 718.360856][T20004] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000001 [ 718.368831][T20004] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 718.376916][T20004] [ 718.767599][T20010] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3538'. [ 719.205472][T20019] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3540'. [ 719.256692][T20012] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3540'. [ 720.137932][T20028] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3552'. [ 720.184990][T20028] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3552'. [ 720.981551][T20043] program syz.5.3547 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 721.066032][T20045] FAULT_INJECTION: forcing a failure. [ 721.066032][T20045] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 721.094889][T20045] CPU: 0 UID: 0 PID: 20045 Comm: syz.3.3549 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 721.105715][T20045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 721.115802][T20045] Call Trace: [ 721.119099][T20045] [ 721.122058][T20045] dump_stack_lvl+0x16c/0x1f0 [ 721.126766][T20045] should_fail_ex+0x497/0x5b0 [ 721.131480][T20045] _copy_from_iter+0x29b/0x1400 [ 721.136374][T20045] ? trace_lock_acquire+0x14e/0x1f0 [ 721.141607][T20045] ? __alloc_skb+0x200/0x380 [ 721.146238][T20045] ? __pfx__copy_from_iter+0x10/0x10 [ 721.151561][T20045] ? __virt_addr_valid+0x1a4/0x590 [ 721.156709][T20045] ? __virt_addr_valid+0x5e/0x590 [ 721.161766][T20045] ? __phys_addr_symbol+0x30/0x80 [ 721.166821][T20045] ? __check_object_size+0x488/0x710 [ 721.172148][T20045] netlink_sendmsg+0x813/0xd70 [ 721.176947][T20045] ? __pfx_netlink_sendmsg+0x10/0x10 [ 721.182360][T20045] ____sys_sendmsg+0x9ae/0xb40 [ 721.187156][T20045] ? copy_msghdr_from_user+0x10b/0x160 [ 721.192661][T20045] ? __pfx_____sys_sendmsg+0x10/0x10 [ 721.198173][T20045] ___sys_sendmsg+0x135/0x1e0 [ 721.202894][T20045] ? __pfx____sys_sendmsg+0x10/0x10 [ 721.208148][T20045] ? __pfx_lock_release+0x10/0x10 [ 721.213215][T20045] ? trace_lock_acquire+0x14e/0x1f0 [ 721.218473][T20045] ? __fget_files+0x206/0x3a0 [ 721.223203][T20045] __sys_sendmsg+0x16e/0x220 [ 721.227833][T20045] ? __pfx___sys_sendmsg+0x10/0x10 [ 721.233002][T20045] do_syscall_64+0xcd/0x250 [ 721.237642][T20045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.243573][T20045] RIP: 0033:0x7f81fe985d19 [ 721.248015][T20045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 721.267833][T20045] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 721.276293][T20045] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 721.284309][T20045] RDX: 0000000020040000 RSI: 00000000200017c0 RDI: 0000000000000003 [ 721.292310][T20045] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 721.300312][T20045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 721.308313][T20045] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 721.316333][T20045] [ 721.965839][T20051] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3550'. [ 722.416023][T20069] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3556'. [ 722.451091][T20063] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3556'. [ 724.395448][T20103] FAULT_INJECTION: forcing a failure. [ 724.395448][T20103] name failslab, interval 1, probability 0, space 0, times 0 [ 724.449544][T20103] CPU: 0 UID: 0 PID: 20103 Comm: syz.5.3565 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 724.460378][T20103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 724.470470][T20103] Call Trace: [ 724.473781][T20103] [ 724.476745][T20103] dump_stack_lvl+0x16c/0x1f0 [ 724.481473][T20103] should_fail_ex+0x497/0x5b0 [ 724.486302][T20103] ? fs_reclaim_acquire+0xae/0x150 [ 724.491560][T20103] should_failslab+0xc2/0x120 [ 724.496298][T20103] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 724.501723][T20103] ? security_file_alloc+0x34/0x2b0 [ 724.507056][T20103] security_file_alloc+0x34/0x2b0 [ 724.512127][T20103] init_file+0x93/0x480 [ 724.516346][T20103] alloc_empty_file+0x91/0x1e0 [ 724.521154][T20103] path_openat+0xe1/0x2d60 [ 724.525605][T20103] ? hlock_class+0x4e/0x130 [ 724.530151][T20103] ? __lock_acquire+0x15a9/0x3c40 [ 724.535233][T20103] ? __pfx_path_openat+0x10/0x10 [ 724.540215][T20103] ? __pfx___lock_acquire+0x10/0x10 [ 724.545469][T20103] ? lock_acquire.part.0+0x11b/0x380 [ 724.550804][T20103] ? find_held_lock+0x2d/0x110 [ 724.555617][T20103] do_filp_open+0x20c/0x470 [ 724.560162][T20103] ? __pfx_do_filp_open+0x10/0x10 [ 724.565233][T20103] ? find_held_lock+0x2d/0x110 [ 724.570070][T20103] ? alloc_fd+0x41f/0x760 [ 724.574450][T20103] do_sys_openat2+0x17a/0x1e0 [ 724.579182][T20103] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.584441][T20103] ? __fget_files+0x206/0x3a0 [ 724.589170][T20103] __x64_sys_openat+0x175/0x210 [ 724.594088][T20103] ? __pfx___x64_sys_openat+0x10/0x10 [ 724.599513][T20103] ? ksys_write+0x1ba/0x250 [ 724.604087][T20103] do_syscall_64+0xcd/0x250 [ 724.608647][T20103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.611277][T20098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3563'. [ 724.614563][T20103] RIP: 0033:0x7f6f77785d19 [ 724.614593][T20103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.614615][T20103] RSP: 002b:00007f6f784e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 724.614640][T20103] RAX: ffffffffffffffda RBX: 00007f6f77975fa0 RCX: 00007f6f77785d19 [ 724.614657][T20103] RDX: 0000000000040400 RSI: 0000000020005280 RDI: ffffffffffffff9c [ 724.614674][T20103] RBP: 00007f6f784e6090 R08: 0000000000000000 R09: 0000000000000000 [ 724.614691][T20103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 724.614706][T20103] R13: 0000000000000001 R14: 00007f6f77975fa0 R15: 00007ffd3bb91578 [ 724.614736][T20103] [ 725.060287][T20113] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3568'. [ 725.070957][T20113] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3568'. [ 725.705159][T20123] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3572'. [ 725.730628][T20123] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3572'. [ 728.338682][T20146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3578'. [ 729.381557][T20162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3583'. [ 729.401499][T20162] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3583'. [ 730.574273][T20179] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3585'. [ 730.601020][T20179] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3585'. [ 731.165761][T20186] FAULT_INJECTION: forcing a failure. [ 731.165761][T20186] name failslab, interval 1, probability 0, space 0, times 0 [ 731.205240][T20186] CPU: 1 UID: 0 PID: 20186 Comm: syz.3.3590 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 731.216089][T20186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 731.226183][T20186] Call Trace: [ 731.229489][T20186] [ 731.232450][T20186] dump_stack_lvl+0x16c/0x1f0 [ 731.237173][T20186] should_fail_ex+0x497/0x5b0 [ 731.241906][T20186] ? fs_reclaim_acquire+0xae/0x150 [ 731.247071][T20186] should_failslab+0xc2/0x120 [ 731.251806][T20186] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 731.258183][T20186] ? handle_policy_update+0x1b9/0x11e0 [ 731.263688][T20186] kstrdup+0x42/0xb0 [ 731.267624][T20186] handle_policy_update+0x1b9/0x11e0 [ 731.272953][T20186] ? __pfx_handle_policy_update+0x10/0x10 [ 731.278712][T20186] ? apparmor_capable+0x114/0x1d0 [ 731.283778][T20186] ? bpf_lsm_capable+0x9/0x10 [ 731.288491][T20186] ? security_capable+0x7e/0x260 [ 731.293471][T20186] safesetid_gid_file_write+0x87/0xc0 [ 731.298890][T20186] ? __pfx_safesetid_gid_file_write+0x10/0x10 [ 731.304996][T20186] vfs_write+0x24c/0x1150 [ 731.309364][T20186] ? __fget_files+0x1fc/0x3a0 [ 731.314078][T20186] ? __pfx___mutex_lock+0x10/0x10 [ 731.319228][T20186] ? __pfx_vfs_write+0x10/0x10 [ 731.324041][T20186] ? __fget_files+0x206/0x3a0 [ 731.328761][T20186] ksys_write+0x12b/0x250 [ 731.333108][T20186] ? __pfx_ksys_write+0x10/0x10 [ 731.338070][T20186] do_syscall_64+0xcd/0x250 [ 731.342588][T20186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.348503][T20186] RIP: 0033:0x7f81fe985d19 [ 731.352936][T20186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.372553][T20186] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 731.380978][T20186] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 731.388956][T20186] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 731.396930][T20186] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 731.404906][T20186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 731.412879][T20186] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 731.420884][T20186] [ 732.628526][T20201] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3593'. [ 732.729265][T20212] FAULT_INJECTION: forcing a failure. [ 732.729265][T20212] name failslab, interval 1, probability 0, space 0, times 0 [ 732.743988][T20212] CPU: 0 UID: 0 PID: 20212 Comm: syz.1.3597 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 732.754802][T20212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 732.764864][T20212] Call Trace: [ 732.768153][T20212] [ 732.771087][T20212] dump_stack_lvl+0x16c/0x1f0 [ 732.775863][T20212] should_fail_ex+0x497/0x5b0 [ 732.780555][T20212] ? fs_reclaim_acquire+0xae/0x150 [ 732.785722][T20212] should_failslab+0xc2/0x120 [ 732.790527][T20212] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 732.796971][T20212] ? handle_policy_update+0x1b9/0x11e0 [ 732.802459][T20212] kstrdup+0x42/0xb0 [ 732.806366][T20212] handle_policy_update+0x1b9/0x11e0 [ 732.811692][T20212] ? __pfx_handle_policy_update+0x10/0x10 [ 732.817420][T20212] ? apparmor_capable+0x114/0x1d0 [ 732.822471][T20212] ? bpf_lsm_capable+0x9/0x10 [ 732.827235][T20212] ? security_capable+0x7e/0x260 [ 732.832190][T20212] safesetid_gid_file_write+0x87/0xc0 [ 732.837570][T20212] ? __pfx_safesetid_gid_file_write+0x10/0x10 [ 732.843650][T20212] vfs_write+0x24c/0x1150 [ 732.847994][T20212] ? __fget_files+0x1fc/0x3a0 [ 732.852680][T20212] ? __pfx___mutex_lock+0x10/0x10 [ 732.857714][T20212] ? __pfx_vfs_write+0x10/0x10 [ 732.862499][T20212] ? __fget_files+0x206/0x3a0 [ 732.867199][T20212] ksys_write+0x12b/0x250 [ 732.871542][T20212] ? __pfx_ksys_write+0x10/0x10 [ 732.876412][T20212] do_syscall_64+0xcd/0x250 [ 732.881014][T20212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.886917][T20212] RIP: 0033:0x7f3e38b85d19 [ 732.891335][T20212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 732.910947][T20212] RSP: 002b:00007f3e39a3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 732.919367][T20212] RAX: ffffffffffffffda RBX: 00007f3e38d75fa0 RCX: 00007f3e38b85d19 [ 732.927342][T20212] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 732.935324][T20212] RBP: 00007f3e39a3e090 R08: 0000000000000000 R09: 0000000000000000 [ 732.943297][T20212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 732.951275][T20212] R13: 0000000000000000 R14: 00007f3e38d75fa0 R15: 00007ffd99678fb8 [ 732.959266][T20212] [ 733.262866][T20214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3598'. [ 733.286627][T20214] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3598'. [ 733.589198][T20222] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3602'. [ 733.603329][T20222] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3602'. [ 734.419212][T20235] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3614'. [ 734.445133][T20235] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3614'. [ 734.669165][T20243] FAULT_INJECTION: forcing a failure. [ 734.669165][T20243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 734.704653][T20243] CPU: 1 UID: 0 PID: 20243 Comm: syz.4.3608 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 734.715492][T20243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 734.725585][T20243] Call Trace: [ 734.728887][T20243] [ 734.731841][T20243] dump_stack_lvl+0x16c/0x1f0 [ 734.736563][T20243] should_fail_ex+0x497/0x5b0 [ 734.741290][T20243] _copy_to_user+0x32/0xd0 [ 734.745768][T20243] simple_read_from_buffer+0xd0/0x160 [ 734.751202][T20243] proc_fail_nth_read+0x198/0x270 [ 734.756283][T20243] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 734.761882][T20243] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 734.767476][T20243] vfs_read+0x1df/0xbe0 [ 734.771675][T20243] ? __fget_files+0x1fc/0x3a0 [ 734.776399][T20243] ? __pfx___mutex_lock+0x10/0x10 [ 734.781463][T20243] ? __pfx_vfs_read+0x10/0x10 [ 734.786192][T20243] ? __fget_files+0x206/0x3a0 [ 734.790924][T20243] ksys_read+0x12b/0x250 [ 734.795207][T20243] ? __pfx_ksys_read+0x10/0x10 [ 734.800024][T20243] do_syscall_64+0xcd/0x250 [ 734.804563][T20243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.810491][T20243] RIP: 0033:0x7f063918472c [ 734.814934][T20243] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 734.834579][T20243] RSP: 002b:00007f0639ed7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 734.843034][T20243] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f063918472c [ 734.851035][T20243] RDX: 000000000000000f RSI: 00007f0639ed70a0 RDI: 0000000000000004 [ 734.859038][T20243] RBP: 00007f0639ed7090 R08: 0000000000000000 R09: 0000000000000000 [ 734.867042][T20243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 734.875041][T20243] R13: 0000000000000000 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 734.883064][T20243] [ 735.740574][T20263] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3616'. [ 735.753727][T20263] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3616'. [ 737.109182][T20287] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3622'. [ 737.120537][T20287] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3622'. [ 737.136163][T20293] netlink: 322 bytes leftover after parsing attributes in process `syz.5.3624'. [ 737.137071][T20290] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3623'. [ 737.151643][T20293] vcan0: entered promiscuous mode [ 737.283005][T20289] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3623'. [ 739.203731][T20334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3638'. [ 739.214061][T20334] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3638'. [ 739.427806][T20340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3640'. [ 740.754454][T20367] __nla_validate_parse: 3 callbacks suppressed [ 740.754478][T20367] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3654'. [ 742.675732][T20387] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3652'. [ 743.371712][T20404] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3658'. [ 743.662187][T20400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3656'. [ 743.677826][T20400] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3656'. [ 743.998514][T20408] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3659'. [ 744.010578][T20408] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3659'. [ 744.586230][T20421] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3665'. [ 745.467662][T20438] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3668'. [ 745.632597][T20446] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3670'. [ 746.132505][T20457] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3674'. [ 746.145704][T20457] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3674'. [ 746.837217][T20472] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3683'. [ 747.069712][T20464] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3675'. [ 747.087418][T20464] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3675'. [ 747.252973][T20479] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3677'. [ 747.508155][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.514518][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.810666][T20484] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3678'. [ 748.794872][T20508] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3686'. [ 749.759697][T20515] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3689'. [ 749.759727][T20516] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3689'. [ 751.221061][T20541] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3695'. [ 751.401824][T20538] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3693'. [ 751.894726][T20557] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3700'. [ 751.955943][T20560] FAULT_INJECTION: forcing a failure. [ 751.955943][T20560] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 752.000677][T20560] CPU: 1 UID: 0 PID: 20560 Comm: syz.3.3701 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 752.011512][T20560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 752.021603][T20560] Call Trace: [ 752.024910][T20560] [ 752.027870][T20560] dump_stack_lvl+0x16c/0x1f0 [ 752.032592][T20560] should_fail_ex+0x497/0x5b0 [ 752.037314][T20560] ? fs_reclaim_acquire+0xae/0x150 [ 752.042465][T20560] should_fail_alloc_page+0xe7/0x130 [ 752.047801][T20560] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 752.054022][T20560] __alloc_pages_noprof+0x190/0x25b0 [ 752.059362][T20560] ? hlock_class+0x4e/0x130 [ 752.063920][T20560] ? mark_lock+0xb5/0xc60 [ 752.068493][T20560] ? __lock_acquire+0xcc5/0x3c40 [ 752.073503][T20560] ? __pfx_mark_lock+0x10/0x10 [ 752.078316][T20560] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 752.084091][T20560] ? __pfx___lock_acquire+0x10/0x10 [ 752.089341][T20560] ? hlock_class+0x4e/0x130 [ 752.093887][T20560] ? hlock_class+0x4e/0x130 [ 752.098434][T20560] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 752.104365][T20560] ? policy_nodemask+0xea/0x4e0 [ 752.109281][T20560] alloc_pages_mpol_noprof+0x2c9/0x610 [ 752.114866][T20560] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 752.120888][T20560] ? __pfx___lock_acquire+0x10/0x10 [ 752.126131][T20560] ? bpf_ksym_find+0x124/0x1c0 [ 752.130936][T20560] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 752.137143][T20560] pte_alloc_one+0x20/0x390 [ 752.141687][T20560] do_pte_missing+0x1ae7/0x3e00 [ 752.146601][T20560] __handle_mm_fault+0x103c/0x2a40 [ 752.151767][T20560] ? __pfx___handle_mm_fault+0x10/0x10 [ 752.157272][T20560] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 752.162956][T20560] ? find_vma+0xc0/0x140 [ 752.167251][T20560] ? __pfx_find_vma+0x10/0x10 [ 752.171973][T20560] handle_mm_fault+0x3fa/0xaa0 [ 752.176782][T20560] do_user_addr_fault+0x7a3/0x13f0 [ 752.181965][T20560] exc_page_fault+0x5c/0xc0 [ 752.186510][T20560] asm_exc_page_fault+0x26/0x30 [ 752.191397][T20560] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 752.197249][T20560] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 752.216895][T20560] RSP: 0018:ffffc90002ed7c68 EFLAGS: 00050246 [ 752.223000][T20560] RAX: 0000000000000001 RBX: 0000000000000088 RCX: 0000000000000008 [ 752.231002][T20560] RDX: fffff520005dafa8 RSI: 0000000000000088 RDI: ffffc90002ed7d38 [ 752.239008][T20560] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff520005dafa7 [ 752.247022][T20560] R10: ffffc90002ed7d3f R11: 0000000000000000 R12: 0000000000000000 [ 752.255025][T20560] R13: ffffc90002ed7d38 R14: ffff8880324f2540 R15: 0000000000000088 [ 752.263070][T20560] _copy_from_user+0x9a/0xd0 [ 752.267728][T20560] kvm_arch_dev_ioctl+0x3df/0x730 [ 752.272806][T20560] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 752.278396][T20560] ? do_vfs_ioctl+0x513/0x1950 [ 752.283208][T20560] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 752.288287][T20560] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 752.294214][T20560] kvm_dev_ioctl+0x781/0x1aa0 [ 752.298939][T20560] ? __pfx_lock_release+0x10/0x10 [ 752.304041][T20560] ? trace_lock_acquire+0x14e/0x1f0 [ 752.309338][T20560] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 752.314501][T20560] ? __fget_files+0x206/0x3a0 [ 752.319215][T20560] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 752.324366][T20560] __x64_sys_ioctl+0x190/0x200 [ 752.329278][T20560] do_syscall_64+0xcd/0x250 [ 752.333825][T20560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.339762][T20560] RIP: 0033:0x7f81fe985d19 [ 752.344232][T20560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.363973][T20560] RSP: 002b:00007f81ff710038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 752.372431][T20560] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe985d19 [ 752.380448][T20560] RDX: 0000000000000088 RSI: 00000000c008ae05 RDI: 0000000000000003 [ 752.388456][T20560] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 752.396461][T20560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 752.404457][T20560] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 752.412485][T20560] [ 754.351950][T20590] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3710'. [ 754.768133][T20601] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3713'. [ 754.781046][T20595] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3711'. [ 756.943789][T20639] FAULT_INJECTION: forcing a failure. [ 756.943789][T20639] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 756.957251][T20639] CPU: 0 UID: 0 PID: 20639 Comm: syz.1.3722 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 756.968145][T20639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 756.978235][T20639] Call Trace: [ 756.981540][T20639] [ 756.984492][T20639] dump_stack_lvl+0x16c/0x1f0 [ 756.989208][T20639] should_fail_ex+0x497/0x5b0 [ 756.993932][T20639] _copy_to_user+0x32/0xd0 [ 756.998397][T20639] simple_read_from_buffer+0xd0/0x160 [ 757.003825][T20639] proc_fail_nth_read+0x198/0x270 [ 757.008899][T20639] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 757.014493][T20639] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 757.020084][T20639] vfs_read+0x1df/0xbe0 [ 757.024280][T20639] ? __fget_files+0x1fc/0x3a0 [ 757.028997][T20639] ? __pfx___mutex_lock+0x10/0x10 [ 757.034062][T20639] ? __pfx_vfs_read+0x10/0x10 [ 757.038790][T20639] ? __fget_files+0x206/0x3a0 [ 757.043523][T20639] ksys_read+0x12b/0x250 [ 757.047812][T20639] ? __pfx_ksys_read+0x10/0x10 [ 757.052626][T20639] do_syscall_64+0xcd/0x250 [ 757.057176][T20639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.063111][T20639] RIP: 0033:0x7f3e38b8472c [ 757.067654][T20639] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 757.087388][T20639] RSP: 002b:00007f3e39a3e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 757.095853][T20639] RAX: ffffffffffffffda RBX: 00007f3e38d75fa0 RCX: 00007f3e38b8472c [ 757.103862][T20639] RDX: 000000000000000f RSI: 00007f3e39a3e0a0 RDI: 0000000000000005 [ 757.111955][T20639] RBP: 00007f3e39a3e090 R08: 0000000000000000 R09: 0000000000000000 [ 757.119962][T20639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 757.127964][T20639] R13: 0000000000000000 R14: 00007f3e38d75fa0 R15: 00007ffd99678fb8 [ 757.136019][T20639] [ 757.394356][T20643] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3723'. [ 757.507136][T20647] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3725'. [ 759.441486][T20699] FAULT_INJECTION: forcing a failure. [ 759.441486][T20699] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 759.457232][T20699] CPU: 0 UID: 0 PID: 20699 Comm: syz.3.3742 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 759.468057][T20699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 759.478245][T20699] Call Trace: [ 759.481612][T20699] [ 759.484566][T20699] dump_stack_lvl+0x16c/0x1f0 [ 759.489281][T20699] should_fail_ex+0x497/0x5b0 [ 759.493999][T20699] _copy_to_user+0x32/0xd0 [ 759.498468][T20699] simple_read_from_buffer+0xd0/0x160 [ 759.503891][T20699] proc_fail_nth_read+0x198/0x270 [ 759.509048][T20699] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 759.514661][T20699] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 759.520256][T20699] vfs_read+0x1df/0xbe0 [ 759.524798][T20699] ? __fget_files+0x1fc/0x3a0 [ 759.529554][T20699] ? __pfx___mutex_lock+0x10/0x10 [ 759.534619][T20699] ? __pfx_vfs_read+0x10/0x10 [ 759.539341][T20699] ? __fget_files+0x206/0x3a0 [ 759.544063][T20699] ksys_read+0x12b/0x250 [ 759.548350][T20699] ? __pfx_ksys_read+0x10/0x10 [ 759.553160][T20699] do_syscall_64+0xcd/0x250 [ 759.557708][T20699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 759.563639][T20699] RIP: 0033:0x7f81fe98472c [ 759.568091][T20699] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 759.587744][T20699] RSP: 002b:00007f81ff710030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 759.596184][T20699] RAX: ffffffffffffffda RBX: 00007f81feb75fa0 RCX: 00007f81fe98472c [ 759.604177][T20699] RDX: 000000000000000f RSI: 00007f81ff7100a0 RDI: 0000000000000004 [ 759.612152][T20699] RBP: 00007f81ff710090 R08: 0000000000000000 R09: 0000000000000000 [ 759.620131][T20699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 759.628195][T20699] R13: 0000000000000000 R14: 00007f81feb75fa0 R15: 00007ffd617da948 [ 759.636276][T20699] [ 759.684507][T20704] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3740'. [ 761.290156][T20718] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3753'. [ 762.079151][T20742] FAULT_INJECTION: forcing a failure. [ 762.079151][T20742] name failslab, interval 1, probability 0, space 0, times 0 [ 762.104503][T20742] CPU: 0 UID: 0 PID: 20742 Comm: syz.4.3750 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 762.115426][T20742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 762.125518][T20742] Call Trace: [ 762.128825][T20742] [ 762.131782][T20742] dump_stack_lvl+0x16c/0x1f0 [ 762.136504][T20742] should_fail_ex+0x497/0x5b0 [ 762.141234][T20742] ? fs_reclaim_acquire+0xae/0x150 [ 762.146399][T20742] should_failslab+0xc2/0x120 [ 762.151131][T20742] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 762.157512][T20742] ? handle_policy_update+0x1b9/0x11e0 [ 762.163031][T20742] kstrdup+0x42/0xb0 [ 762.166982][T20742] handle_policy_update+0x1b9/0x11e0 [ 762.172320][T20742] ? __pfx_handle_policy_update+0x10/0x10 [ 762.178099][T20742] ? apparmor_capable+0x114/0x1d0 [ 762.183190][T20742] ? bpf_lsm_capable+0x9/0x10 [ 762.187921][T20742] ? security_capable+0x7e/0x260 [ 762.192921][T20742] safesetid_gid_file_write+0x87/0xc0 [ 762.198354][T20742] ? __pfx_safesetid_gid_file_write+0x10/0x10 [ 762.204484][T20742] vfs_write+0x24c/0x1150 [ 762.208863][T20742] ? __fget_files+0x1fc/0x3a0 [ 762.213612][T20742] ? __pfx___mutex_lock+0x10/0x10 [ 762.218678][T20742] ? __pfx_vfs_write+0x10/0x10 [ 762.223483][T20742] ? __fget_files+0x206/0x3a0 [ 762.228288][T20742] ksys_write+0x12b/0x250 [ 762.232666][T20742] ? __pfx_ksys_write+0x10/0x10 [ 762.237663][T20742] do_syscall_64+0xcd/0x250 [ 762.242303][T20742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 762.248245][T20742] RIP: 0033:0x7f0639185d19 [ 762.252707][T20742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 762.272446][T20742] RSP: 002b:00007f0639ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 762.281093][T20742] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f0639185d19 [ 762.289189][T20742] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 762.297206][T20742] RBP: 00007f0639ed7090 R08: 0000000000000000 R09: 0000000000000000 [ 762.305217][T20742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 762.313313][T20742] R13: 0000000000000000 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 762.321341][T20742] [ 763.888874][T20774] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3759'. [ 764.986605][T20792] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3762'. [ 765.872564][T20829] ------------[ cut here ]------------ [ 765.878387][T20829] WARNING: CPU: 0 PID: 20829 at mm/page_alloc.c:4727 __alloc_pages_noprof+0xeff/0x25b0 [ 765.888512][T20829] Modules linked in: [ 765.892505][T20829] CPU: 0 UID: 0 PID: 20829 Comm: syz.4.3769 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 765.903528][T20829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 765.913833][T20829] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 765.920216][T20829] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 21 45 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a2 0c 00 8b 14 24 e9 [ 765.940136][T20829] RSP: 0018:ffffc9000d3c78e8 EFLAGS: 00010246 [ 765.946519][T20829] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 765.954663][T20829] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 765.962686][T20829] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000100 [ 765.970844][T20829] R10: 0000000000000100 R11: 0000000000000002 R12: 0000000000000013 [ 765.978905][T20829] R13: 0000000000040cc0 R14: 1ffff92001a78f31 R15: 00000000ffffffff [ 765.987149][T20829] FS: 00007f0639ed76c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 765.996426][T20829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 766.003056][T20829] CR2: 0000001b2c818ff8 CR3: 00000000289c6000 CR4: 00000000003526f0 [ 766.011326][T20829] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 766.019460][T20829] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 766.027551][T20829] Call Trace: [ 766.030878][T20829] [ 766.033844][T20829] ? __warn+0xea/0x3c0 [ 766.038038][T20829] ? __alloc_pages_noprof+0xeff/0x25b0 [ 766.043556][T20829] ? report_bug+0x3c0/0x580 [ 766.048218][T20829] ? handle_bug+0x54/0xa0 [ 766.052627][T20829] ? exc_invalid_op+0x17/0x50 [ 766.057445][T20829] ? asm_exc_invalid_op+0x1a/0x20 [ 766.062536][T20829] ? __alloc_pages_noprof+0xeff/0x25b0 [ 766.068161][T20829] ? stack_trace_save+0x95/0xd0 [ 766.073064][T20829] ? __pfx_stack_trace_save+0x10/0x10 [ 766.078553][T20829] ? stack_depot_save_flags+0x28/0x9e0 [ 766.084238][T20829] ? find_held_lock+0x2d/0x110 [ 766.089150][T20829] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 766.094997][T20829] ? kasan_save_stack+0x33/0x60 [ 766.099923][T20829] ? __kasan_kmalloc+0xaa/0xb0 [ 766.104848][T20829] ? safesetid_gid_file_write+0x87/0xc0 [ 766.110444][T20829] ? vfs_write+0x24c/0x1150 [ 766.115062][T20829] ? ksys_write+0x12b/0x250 [ 766.119615][T20829] ? do_syscall_64+0xcd/0x250 [ 766.124345][T20829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.130589][T20829] ___kmalloc_large_node+0x84/0x1b0 [ 766.135879][T20829] __kmalloc_large_node_noprof+0x1c/0x70 [ 766.141579][T20829] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 766.148353][T20829] ? handle_policy_update+0x188/0x11e0 [ 766.153873][T20829] memdup_user_nul+0x2b/0x110 [ 766.158681][T20829] handle_policy_update+0x188/0x11e0 [ 766.164020][T20829] ? __pfx_handle_policy_update+0x10/0x10 [ 766.169963][T20829] ? apparmor_capable+0x114/0x1d0 [ 766.175112][T20829] ? bpf_lsm_capable+0x9/0x10 [ 766.179841][T20829] ? security_capable+0x7e/0x260 [ 766.184956][T20829] safesetid_gid_file_write+0x87/0xc0 [ 766.190587][T20829] ? __pfx_safesetid_gid_file_write+0x10/0x10 [ 766.196877][T20829] vfs_write+0x24c/0x1150 [ 766.201260][T20829] ? __fget_files+0x1fc/0x3a0 [ 766.206066][T20829] ? __pfx___mutex_lock+0x10/0x10 [ 766.211235][T20829] ? __pfx_vfs_write+0x10/0x10 [ 766.216126][T20829] ? __fget_files+0x206/0x3a0 [ 766.220859][T20829] ksys_write+0x12b/0x250 [ 766.225407][T20829] ? __pfx_ksys_write+0x10/0x10 [ 766.230318][T20829] do_syscall_64+0xcd/0x250 [ 766.234950][T20829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.240895][T20829] RIP: 0033:0x7f0639185d19 [ 766.245454][T20829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 766.265180][T20829] RSP: 002b:00007f0639ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 766.273648][T20829] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f0639185d19 [ 766.281752][T20829] RDX: 00000000ffffff7e RSI: 0000000000000000 RDI: 0000000000000004 [ 766.289996][T20829] RBP: 00007f0639201a20 R08: 0000000000000000 R09: 0000000000000000 [ 766.298080][T20829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 766.306207][T20829] R13: 0000000000000000 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 766.314244][T20829] [ 766.317349][T20829] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 766.324660][T20829] CPU: 0 UID: 0 PID: 20829 Comm: syz.4.3769 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0 [ 766.335460][T20829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 766.345640][T20829] Call Trace: [ 766.348946][T20829] [ 766.351915][T20829] dump_stack_lvl+0x3d/0x1f0 [ 766.356551][T20829] panic+0x71d/0x800 [ 766.360491][T20829] ? __pfx_panic+0x10/0x10 [ 766.364956][T20829] ? show_trace_log_lvl+0x29d/0x3d0 [ 766.370207][T20829] ? __alloc_pages_noprof+0xeff/0x25b0 [ 766.375720][T20829] check_panic_on_warn+0xab/0xb0 [ 766.380698][T20829] __warn+0xf6/0x3c0 [ 766.384618][T20829] ? __alloc_pages_noprof+0xeff/0x25b0 [ 766.390092][T20829] report_bug+0x3c0/0x580 [ 766.394434][T20829] handle_bug+0x54/0xa0 [ 766.398608][T20829] exc_invalid_op+0x17/0x50 [ 766.403118][T20829] asm_exc_invalid_op+0x1a/0x20 [ 766.407979][T20829] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 766.414059][T20829] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 21 45 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a2 0c 00 8b 14 24 e9 [ 766.433676][T20829] RSP: 0018:ffffc9000d3c78e8 EFLAGS: 00010246 [ 766.439752][T20829] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 766.447738][T20829] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 766.455720][T20829] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000100 [ 766.463705][T20829] R10: 0000000000000100 R11: 0000000000000002 R12: 0000000000000013 [ 766.471680][T20829] R13: 0000000000040cc0 R14: 1ffff92001a78f31 R15: 00000000ffffffff [ 766.479672][T20829] ? stack_trace_save+0x95/0xd0 [ 766.484546][T20829] ? __pfx_stack_trace_save+0x10/0x10 [ 766.489933][T20829] ? stack_depot_save_flags+0x28/0x9e0 [ 766.495407][T20829] ? find_held_lock+0x2d/0x110 [ 766.500193][T20829] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 766.505924][T20829] ? kasan_save_stack+0x33/0x60 [ 766.510789][T20829] ? __kasan_kmalloc+0xaa/0xb0 [ 766.515563][T20829] ? safesetid_gid_file_write+0x87/0xc0 [ 766.521116][T20829] ? vfs_write+0x24c/0x1150 [ 766.525716][T20829] ? ksys_write+0x12b/0x250 [ 766.530225][T20829] ? do_syscall_64+0xcd/0x250 [ 766.534915][T20829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.541018][T20829] ___kmalloc_large_node+0x84/0x1b0 [ 766.546255][T20829] __kmalloc_large_node_noprof+0x1c/0x70 [ 766.551896][T20829] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 766.558503][T20829] ? handle_policy_update+0x188/0x11e0 [ 766.563976][T20829] memdup_user_nul+0x2b/0x110 [ 766.568664][T20829] handle_policy_update+0x188/0x11e0 [ 766.574047][T20829] ? __pfx_handle_policy_update+0x10/0x10 [ 766.579795][T20829] ? apparmor_capable+0x114/0x1d0 [ 766.584862][T20829] ? bpf_lsm_capable+0x9/0x10 [ 766.589552][T20829] ? security_capable+0x7e/0x260 [ 766.594596][T20829] safesetid_gid_file_write+0x87/0xc0 [ 766.599978][T20829] ? __pfx_safesetid_gid_file_write+0x10/0x10 [ 766.606050][T20829] vfs_write+0x24c/0x1150 [ 766.610396][T20829] ? __fget_files+0x1fc/0x3a0 [ 766.615086][T20829] ? __pfx___mutex_lock+0x10/0x10 [ 766.620117][T20829] ? __pfx_vfs_write+0x10/0x10 [ 766.624898][T20829] ? __fget_files+0x206/0x3a0 [ 766.629607][T20829] ksys_write+0x12b/0x250 [ 766.633947][T20829] ? __pfx_ksys_write+0x10/0x10 [ 766.638987][T20829] do_syscall_64+0xcd/0x250 [ 766.643510][T20829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.649416][T20829] RIP: 0033:0x7f0639185d19 [ 766.653838][T20829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 766.673455][T20829] RSP: 002b:00007f0639ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 766.681879][T20829] RAX: ffffffffffffffda RBX: 00007f0639375fa0 RCX: 00007f0639185d19 [ 766.689862][T20829] RDX: 00000000ffffff7e RSI: 0000000000000000 RDI: 0000000000000004 [ 766.697924][T20829] RBP: 00007f0639201a20 R08: 0000000000000000 R09: 0000000000000000 [ 766.705902][T20829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 766.713965][T20829] R13: 0000000000000000 R14: 00007f0639375fa0 R15: 00007fff6a7e1fb8 [ 766.721967][T20829] [ 766.725131][T20829] Kernel Offset: disabled [ 766.729503][T20829] Rebooting in 86400 seconds..