last executing test programs: 4.332731081s ago: executing program 2 (id=1403): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty9\x00', 0x141482, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/irq/9/node\x00', 0x80000, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x20081, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x1cdd81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/net\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) 4.042532206s ago: executing program 3 (id=1407): renameat2$auto(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'vlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000080003000900000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaaaa00000a00010000000000000000000a000500aaaaaaaaaa3f000008000200", @ANYRES32=r1, @ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) ioperm$auto(0x7fb, 0x1, 0x4000007) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000280)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getcwd$auto(0x0, 0xffffffffffffffff) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), r3) gettid() r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) write$auto(0x3, 0x0, 0xfdef) bind$auto(0x3, 0xfffffffffffffffd, 0x0) prctl$auto(0x8000, 0x2d8d, 0xfdf2b4b, 0x6, 0x100000000) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) io_uring_setup$auto(0xfffffffb, &(0x7f0000000040)={0x1, 0x7, 0x4c, 0xa493, 0x8, 0x7ffd, r2, [0x29ce, 0xffff, 0xd3], {0xab, 0x8, 0xb, 0x17, 0x8, 0xf, 0x3, 0x0, 0x8001}, {0x9, 0x4, 0x8, 0x4, 0x0, 0x80000001, 0x8}}) sendto$auto(0x4, 0x0, 0xff, 0x6, 0x0, 0xe) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.660304387s ago: executing program 2 (id=1412): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r1, 0x23, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_RINGS_RX_PUSH={0x5}]}, 0x4d}, 0x1, 0x0, 0x0, 0x90}, 0x80000) (async) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) bpf$auto(0x9, &(0x7f0000000100)=@task_fd_query={0x0, 0xffffffffffffffff, 0x5, 0x1, 0x1, 0x6, 0xffffffffffffffff, 0x4, 0x8000000000000000}, 0x9) (async, rerun: 64) r5 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_FRAME_WAIT_CANCEL(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x28, r4, 0x21, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xffffffffffffe66d}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x400c854) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) (async, rerun: 32) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (async, rerun: 32) r8 = socket(0x2, 0x6, 0x0) getsockopt$auto(r8, 0x10d, 0xb, 0x0, &(0x7f0000000000)=0xb) (async, rerun: 64) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x408, 0x3, 0x10101, 0x6fb3, 0x8a, 0xffffd387, 0xffffffffffffffff, [0x100, 0x7, 0x7f], {0x2, 0x7, 0x3034, 0xc, 0x8f, 0x5, 0x5, 0xfffffff9, 0x6}, {0x4000, 0x2, 0x0, 0xfffff000, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) (async, rerun: 64) socket(0x28, 0x1, 0x0) (async) r9 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf9779d790fb28"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) (async, rerun: 64) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) (async, rerun: 64) sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r7, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_BANDWIDTH_DOWN={0x8, 0x1c, 0xc}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x669}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x8041) 3.332054923s ago: executing program 2 (id=1413): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80402, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1700", @ANYBLOB="7600279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3.322991008s ago: executing program 3 (id=1414): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'geneve0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="aed0a7e07e080000000000000048", @ANYRES16=0x0, @ANYBLOB="050f2dbd7000fcdbdf250500000008000300", @ANYRES32=r1, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x24044001}, 0x4008000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r2, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f00000015c0)=ANY=[@ANYBLOB='$\x00\"\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000fedbdf250a00000008000300000000000800010002000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x810) arch_prctl$auto(0x5005, 0x2000000000009) r4 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) r5 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) r6 = set_tid_address$auto(&(0x7f0000000080)=0xff) r7 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, [0x20000003, 0x3, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x4000, 0x0, 0x2, 0xfffffffffffffffd, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffeffff, 0x0, 0x292, 0x0, 0x400000000005b8, 0x9, 0x0, 0x200000000, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0x8000000000000000, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x1, 0x4]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r7, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) get_robust_list$auto(r6, &(0x7f00000002c0)=&(0x7f0000000280)={{&(0x7f0000000140)={&(0x7f00000000c0)}}, 0x8, &(0x7f0000000240)={&(0x7f0000000200)={&(0x7f00000001c0)}}}, &(0x7f0000000300)=0x8) sendmsg$auto_TCP_METRICS_CMD_GET(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="82250dde723fe5adde98baa613ef296e5bab9f1acda8759c00827991ea0445884b1efd86d109c1d97cd43c656d3528931d9c630a81197a642a19d30010b096614b6ee0e3d864e85e9ba023ef626ec6c8a932bc52ca6315deb767013de666a56dd6391779720ffb79ab4c235c93ac77fecd8b0de7e9e7c6878e4da53019e717b1168c32ed13a35fef5b1db8bd30c84200ff9eb0b81fb27c309b855cf33b138be9cccb189ff94d1dfcccaf5a2c0a89631bfb7b3cc0d6a02b5f4a1b4888a2037727b0aa8528598dfc8f150fbb5463547a111e5203b2"], 0x14}}, 0x0) r8 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r8, &(0x7f0000000180)={{&(0x7f0000000000), 0xb8, 0x0, 0x0, &(0x7f0000000140), 0x8, 0x80000000}, 0x5}, 0x1, 0xa) 3.11472942s ago: executing program 2 (id=1415): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x18, 0x5, 0x1) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x100, @rand_addr=0x64010102}, 0x3a) mmap$auto(0x6, 0x1, 0x6, 0xff, 0x400, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) migrate_pages$auto(0x0, 0x2, &(0x7f0000000000)=0x1, &(0x7f0000000040)=0x80000001) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) r1 = socket(0xa, 0x1, 0x0) listen$auto(0x3, 0x81) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01002abd7000fcdbdf250100000008000900", @ANYRES32=0x0, @ANYBLOB="ce2502f4a7f1e8c07875ae8302bd24671f32f31edabf6f24c12a442c5a8e48b16ef48f1155ce39c7f33759c2f90279634d0c4fd21986dae05002cc572232f1e5b413044197860e73d861e8acd6c837acfd38fcbfcc3bf65b78f9a1922cf616e5fb808c7e7e2c8cc57613b3d84bcc795a9f99ace1c080d94543c56a6dc7733c36e04b94cc5324972a6c47d6d674c1e570eea91dba8f2ac27411a4cb2523a2b474b1af4879a156acfdd28ab7cc44d8f2e28775eaccd95ff58e"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x80) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8044}, 0x4001010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="7201", @ANYBLOB='R', @ANYRES64=r0, @ANYRES8=r1, @ANYRESHEX=r0], 0x1ac}}, 0x40000) select$auto(0xfffffffd, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x23, 0x3, 0xd929, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) sendmmsg$auto(r1, 0x0, 0x1, 0x3663f3c3) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0xa, 0x3, 0x6) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r4 = socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x5, 0x1b, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x109, 0x5, 0x2, 0x8, 0xae, 0x9, 0x2, 0x7, 0x5, 0x7, 0x5, 0x0, 0x0, 0x200, 0x0, 0x0, [0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0x80000001, 0x0, 0x8, 0x9, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0xff, 0x400000, 0x0, 0x80000000000, 0x400000000000000, 0x0, 0x8000000000000000, 0x80000000000000, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffbfe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe, 0x80000000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x80000001]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.927924067s ago: executing program 2 (id=1416): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x4000, 0x1fffe00, 0x3fd6, 0x2, 0xfffff000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2b, 0x1, 0x1) socket(0xf, 0x3, 0x2) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f00000002c0)={0x20, r2, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @ipv4=@broadcast}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, 0x0, 0x4000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008810}, 0x20008000) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000300)=ANY=[@ANYBLOB="44060000", @ANYRES16, @ANYBLOB="08002bbd7000fddbdf2501000000fb05078005001b00000000000c004c00000800000000000097028d8008000500", @ANYRES32, @ANYBLOB="04000f0025912edf632612f84e4726e1987633f27fba041e23c8ec"], 0x644}, 0x1, 0x0, 0x0, 0x2000c064}, 0x4000000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYBLOB='v\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0xd, 0x0) ppoll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x9b2, 0x1}, 0x2, &(0x7f0000000040)={0x4, 0x4}, &(0x7f0000000080)={0xffffffff}, 0x8) close_range$auto(0x2, 0x8000, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) 2.739514438s ago: executing program 0 (id=1417): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x22, 0x2, 0x24) socket(0x22, 0x92573b89e81827d6, 0x4) close_range$auto(0x0, 0xfffffffffffff000, 0x0) socket(0xa, 0x5, 0x84) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "3d64e88be86d547a05c86100"}, 0x55) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) open(&(0x7f0000000100)='./file0\x00', 0x2201, 0x154) fcntl$auto(0x3, 0x400, 0x1) fcntl$auto(0x3, 0x401, 0x3) setns(r0, 0x0) 2.683854671s ago: executing program 1 (id=1418): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000140)={0xb, "6919a16ff7bfe91772bb011332250d7dc0718eb221356b443c6c74b118589aec"}) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x103, "6e546c3c3a265f11056b516535b1935cf3c6b75a2aeaf8af28111479136c52c5"}) r2 = socket(0x11, 0x80003, 0x300) mq_timedsend$auto(0x0, 0x0, 0x1, 0x81, &(0x7f0000000040)={0x60000000000, 0x8}) setsockopt$auto(r2, 0x107, 0x2, 0x0, 0x8004) r3 = socket(0x10, 0x3, 0x6) io_uring_setup$auto(0xe, &(0x7f0000000100)={0xffffffff, 0x1, 0x0, 0xa4c, 0x7, 0x10, r3, [0x0, 0x1, 0xa], {0xfffffff1, 0x6f4, 0x0, 0xff, 0xcfa1, 0x5, 0x130, 0x1ff, 0x3}, {0xd5, 0x0, 0xff, 0x3, 0x4f54, 0x6, 0x4, 0x6, 0x99a}}) vmsplice$auto(r3, &(0x7f0000000180)={&(0x7f0000000280)="aaacc616d00315c9a449182a799b859b2d45fa3246ecfa43f88d4d93768afd3c69dc4c4f84f6469a8761eaa3d94e4964ebef93394397140b36c06de028bf8bcd549ae22c8b6c30292c919871988e0284441452e87662f9bb54d3a30986baadde6b1a2bf87c7cade71afe6d04cf7752951f4a3206227de5cc1935fedb7f97cb39155c59bfa41168eb7f9eb2e3b3ce5ffd5b70748fb7df3aadfcdcfe1cbf607269a82d8b407161354de2d41b32d94f0b60dcb04b9170674e1e6a0c566a79d540e050531507050fdca7c8e5841119636c841d791bfa457f", 0x4}, 0x9, 0x7) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x10001, 0x8d7, &(0x7f00000000c0)='[\x88\x00', 0x5) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x10d441, 0x0) write$auto(r6, 0x0, 0xfffffffc) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4, @old_map_fd=r5}, 0xa3) mmap$auto(0x0, 0x5, 0xdc, 0x9b72, 0x7, 0x28000) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0x3, 0x0, 0x3}, 0x4) close_range$auto(0x2, 0x8, 0x0) 2.505922928s ago: executing program 0 (id=1419): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/030/001\x00', 0x20100, 0x0) readv$auto(0x3, &(0x7f0000000080)={0x0, 0x8}, 0x4) openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/printk_formats\x00', 0x109000, 0x0) r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xb0004708ad1009d5, 0x0) mmap$auto(0x1, 0x6, 0xb0eb, 0x411, r0, 0x8) 2.415452218s ago: executing program 0 (id=1420): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.0/usb1/authorized\x00', 0xe2400, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r0 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/pcmC1D1c\x00', 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, r1, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setresuid$auto(0x2, 0x7, 0x8080) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendfile$auto(r0, r0, 0x0, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), r4) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x501d00, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/mptcp/scheduler\x00', 0x40802, 0x0) mmap$auto(0xa, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x1) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(0x3, 0x0, 0x80) write$auto(0x3, 0x0, 0x100085) sendmsg$auto_HWSIM_CMD_FRAME(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="200026bd7000ef08df2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x24042040}, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/tracing_cpumask\x00', 0x8600, 0x0) r6 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000ac0), 0xffffffffffffffff) r7 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/status\x00', 0x80000, 0x0) read$auto_proc_single_file_operations_base(r7, &(0x7f00000051c0)=""/103, 0x67) r8 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), r3) sendmsg$auto_GTP_CMD_NEWPDP(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="000226bd7000708a77ff4a95585b0861f8f1ede07c0005000d000100000014000b00000000000000000000000000000000000c000300ff0f000000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20040800}, 0x0) sendmsg$auto_BATADV_CMD_GET_HARDIF(r2, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2aa6f7f66cf100b051455a3d2a0f203b271f9e480cc1f2270c6b6adb435b648fd3b6269f917f011ae3c2291a537026a45f447f9da35012f28853fb67c8981f791719edea3c3ee3efaed938a46f86fb41b2", @ANYRES16=r6, @ANYBLOB="050f2dbd7000fcdbdf250500000005000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4044010}, 0x4008000) 2.411364474s ago: executing program 1 (id=1421): socket(0x10, 0x2, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_SOCK_GET(r0, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000300)={0x14, r1, 0xe77c815741d6438d, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x42010}, 0x8cc) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x5) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) read$auto(0x4, 0x0, 0xfdef) r3 = socket(0x1e, 0x4, 0x0) read$auto_stat_fops_(0xffffffffffffffff, &(0x7f0000000000)=""/198, 0xc6) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) close_range$auto(0x2, 0x8, 0x0) 2.349240069s ago: executing program 3 (id=1422): renameat2$auto(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'vlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000080003000900000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaaaa00000a00010000000000000000000a000500aaaaaaaaaa3f000008000200", @ANYRES32=r1, @ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) ioperm$auto(0x7fb, 0x1, 0x4000007) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000280)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getcwd$auto(0x0, 0xffffffffffffffff) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), r3) gettid() r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) write$auto(0x3, 0x0, 0xfdef) bind$auto(0x3, 0xfffffffffffffffd, 0x0) prctl$auto(0x8000, 0x2d8d, 0xfdf2b4b, 0x6, 0x100000000) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) io_uring_setup$auto(0xfffffffb, &(0x7f0000000040)={0x1, 0x7, 0x4c, 0xa493, 0x8, 0x7ffd, r2, [0x29ce, 0xffff, 0xd3], {0xab, 0x8, 0xb, 0x17, 0x8, 0xf, 0x3, 0x0, 0x8001}, {0x9, 0x4, 0x8, 0x4, 0x0, 0x80000001, 0x8}}) sendto$auto(0x4, 0x0, 0xff, 0x6, 0x0, 0xe) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.237522962s ago: executing program 1 (id=1423): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8000, 0x0) (async) socket(0x21, 0x6, 0xff) open(&(0x7f0000000000)='./file0\x00', 0x123342, 0x100) (async) socket(0xa, 0x2, 0x88) (async) socket(0xa, 0x4, 0x3a) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) (async) sendfile$auto(0x1, 0x3, 0x0, 0xc01) (async) r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$auto_I2C_SLAVE_FORCE(r1, 0x706, 0x0) (async) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbdd907c0e9b3b57095000008000300", @ANYRES32=r4], 0x24}, 0x1, 0x0, 0x0, 0x803}, 0x80) (async) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_LBT_MODE(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x8040) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) write$auto(0x3, 0x0, 0xffd8) (async) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001640), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r7, &(0x7f0000001f00)={0x0, 0x0, &(0x7f0000001ec0)={&(0x7f0000001800)=ANY=[@ANYBLOB="d8000020", @ANYRES16=r6, @ANYBLOB="01002dbd7000ffdbdf256d0000008c002a003684a660bdccd1367bc48d95c45654a7d4ef122b5aaf580986f36c8305d02a0134617098711133f1352d29a8989d6853d2b62e6876842b9141c1f1baed01823c40a15b3a9b06aaa8c7fe2bcb43f0e02ab341b1480fd251e4695746cad00d4417d34c9d41ed33d62e634ac67f4a04ac804817cea529436086a5355b67030a24cc223223926569c0ee"], 0xa0}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000) mmap$auto(0x7fffffff, 0xe9, 0x4000000000df, 0x14, r3, 0x80000007ffc) (async) read$auto(0x4, 0x0, 0xfdef) (async) socket(0x2, 0x4, 0x200) 1.968923984s ago: executing program 0 (id=1424): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x18, 0x5, 0x1) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x100, @rand_addr=0x64010102}, 0x3a) mmap$auto(0x6, 0x1, 0x6, 0xff, 0x400, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) migrate_pages$auto(0x0, 0x2, &(0x7f0000000000)=0x1, &(0x7f0000000040)=0x80000001) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) r1 = socket(0xa, 0x1, 0x0) listen$auto(0x3, 0x81) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01002abd7000fcdbdf250100000008000900", @ANYRES32=0x0, @ANYBLOB="ce2502f4a7f1e8c07875ae8302bd24671f32f31edabf6f24c12a442c5a8e48b16ef48f1155ce39c7f33759c2f90279634d0c4fd21986dae05002cc572232f1e5b413044197860e73d861e8acd6c837acfd38fcbfcc3bf65b78f9a1922cf616e5fb808c7e7e2c8cc57613b3d84bcc795a9f99ace1c080d94543c56a6dc7733c36e04b94cc5324972a6c47d6d674c1e570eea91dba8f2ac27411a4cb2523a2b474b1af4879a156acfdd28ab7cc44d8f2e28775eaccd95ff58e"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x80) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8044}, 0x4001010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="7201", @ANYBLOB='R', @ANYRES64=r0, @ANYRES8=r1, @ANYRESHEX=r0], 0x1ac}}, 0x40000) select$auto(0xfffffffd, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x23, 0x3, 0xd929, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) sendmmsg$auto(r1, 0x0, 0x1, 0x3663f3c3) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0xa, 0x3, 0x6) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r4 = socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x5, 0x1b, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x109, 0x5, 0x2, 0x8, 0xae, 0x9, 0x2, 0x7, 0x5, 0x7, 0x5, 0x0, 0x0, 0x200, 0x0, 0x0, [0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0x80000001, 0x0, 0x8, 0x9, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0xff, 0x400000, 0x0, 0x80000000000, 0x400000000000000, 0x0, 0x8000000000000000, 0x80000000000000, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffbfe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe, 0x80000000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x80000001]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.923086931s ago: executing program 2 (id=1425): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) ioctl$auto(0x3, 0x5420, 0x38) r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x100, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/force_release\x00', 0x580, 0x0) read$auto(r1, &(0x7f0000000240)='/sys/devices/platfo*\x06\xbf\xf4\x19\x0e\x9b\xb1hcd.7/usb2\x13/23-0:q\x88\xf0\xb5u\x04\xe7x\x9e\x1eM\xee\xbb1\x8b\x1b/wp_81/interval\x00\xc9t\xadE\x8c*\xbcM\x1aY\xef\x00\x9d\x7f\x82_&\xa4\x1e\xe4.zv\xefF\xb2(\xd3}\"\x88\xa3\xf6N\x9b\xf9+\xd3,%^\x06f}\xee\xb1\xbf\t\xde(\xac\x1a\xa2:\x13\xdb\xa4^ \x89Gm\x85u\xa9\xfe\xe7\x85\xf2\xa7\xe6y\x1d\x1c/\xf2^m\x92\x98\xe6K\xfaxp\xa39g)\xe4R\xd7\x850o\x00\xd4\xa6\x00\x00\xa4)\x95\x88\xc1kDtU\xee)z\xb1(\xb1\x82^\xad\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x6) write$auto(0x1, 0x0, 0x80000000) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(0x4, 0x6, 0x1b, 0xfffffffffffffffc, 0x0) vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0x5}, 0x6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r2, 0x40186f40, &(0x7f0000000080)={0xffffffff, 0x0, 0xf7d, 0x4, 0x1}) ioctl$auto_UBI_IOCDET(r2, 0x40046f41, &(0x7f0000000000)=0x40) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptys0\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) r4 = open(&(0x7f0000000140)='./file0\x00', 0x10677d, 0x0) pwrite64$auto(r4, &(0x7f0000000040)='-{@:\x00', 0x7, 0x8) ioctl$auto_IOCTL_VMCI_CTX_SET_CPT_STATE(r4, 0x7b2, 0x0) write$auto_aoe_fops_aoechr(r0, &(0x7f0000000040), 0x0) 1.700949301s ago: executing program 32 (id=1425): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) ioctl$auto(0x3, 0x5420, 0x38) r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x100, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/force_release\x00', 0x580, 0x0) read$auto(r1, &(0x7f0000000240)='/sys/devices/platfo*\x06\xbf\xf4\x19\x0e\x9b\xb1hcd.7/usb2\x13/23-0:q\x88\xf0\xb5u\x04\xe7x\x9e\x1eM\xee\xbb1\x8b\x1b/wp_81/interval\x00\xc9t\xadE\x8c*\xbcM\x1aY\xef\x00\x9d\x7f\x82_&\xa4\x1e\xe4.zv\xefF\xb2(\xd3}\"\x88\xa3\xf6N\x9b\xf9+\xd3,%^\x06f}\xee\xb1\xbf\t\xde(\xac\x1a\xa2:\x13\xdb\xa4^ \x89Gm\x85u\xa9\xfe\xe7\x85\xf2\xa7\xe6y\x1d\x1c/\xf2^m\x92\x98\xe6K\xfaxp\xa39g)\xe4R\xd7\x850o\x00\xd4\xa6\x00\x00\xa4)\x95\x88\xc1kDtU\xee)z\xb1(\xb1\x82^\xad\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x6) write$auto(0x1, 0x0, 0x80000000) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(0x4, 0x6, 0x1b, 0xfffffffffffffffc, 0x0) vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0x5}, 0x6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r2, 0x40186f40, &(0x7f0000000080)={0xffffffff, 0x0, 0xf7d, 0x4, 0x1}) ioctl$auto_UBI_IOCDET(r2, 0x40046f41, &(0x7f0000000000)=0x40) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptys0\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) r4 = open(&(0x7f0000000140)='./file0\x00', 0x10677d, 0x0) pwrite64$auto(r4, &(0x7f0000000040)='-{@:\x00', 0x7, 0x8) ioctl$auto_IOCTL_VMCI_CTX_SET_CPT_STATE(r4, 0x7b2, 0x0) write$auto_aoe_fops_aoechr(r0, &(0x7f0000000040), 0x0) 1.692200426s ago: executing program 0 (id=1427): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, 0x0, 0x24000000) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x20400, 0x0) io_uring_setup$auto(0x3, &(0x7f0000000080)={0x5, 0x7, 0xfffffaa4, 0x7, 0x0, 0x7d, r0, [0x4, 0x7a04, 0x8], {0x2, 0x0, 0x2, 0x50d, 0x0, 0x1, 0x800, 0x21a663c6, 0x4}, {0x483a, 0x3, 0x0, 0x1, 0x3, 0x40000000, 0x6, 0x80000001}}) read$auto(0xffffffffffffffff, &(0x7f0000002840)='\x00', 0x10000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0xf369, 0x1, 0x4, 0x100000011, 0xe3d5, 0xf) socket(0xa, 0x3, 0xff) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x101000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd1/queue/scheduler\x00', 0x2400, 0x0) read$auto(r1, 0x0, 0x1ff) 1.67822165s ago: executing program 3 (id=1428): openat$auto_output_bpc_fops_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/Writeback-1/output_bpc\x00', 0x80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x106) socket(0x2, 0x6, 0x0) setsockopt$auto(0x3, 0x10d, 0x7, 0xffffffffffffffff, 0x3) listen$auto(0x3, 0x81) ioperm$auto(0xfb, 0x5, 0xe) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) socket(0x2b, 0x1, 0x1) setsockopt$auto(0x3, 0x11e, 0x1, 0x0, 0x9) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) sched_setaffinity$auto(0x1, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) shutdown$auto(0x200000003, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'ip6gretap0\x00'}) r1 = socket(0x2, 0x2, 0x1) setsockopt$auto(r1, 0x0, 0x40015, &(0x7f0000000040)='\xda\x00\xbf\xf4\xef\f(\xd9V\xb0\xd6/!', 0x41) 1.211990675s ago: executing program 1 (id=1429): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macvtap0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32=r1, @ANYBLOB="08000200"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000fbf689db309dfa189b59515cede5ff5cb5ab9a7f9d7b9b9c1c6b09dbe2100c3b392d257af4adf1aa4f4ea5720911c28a0b28b6873e65588108d492f6a8a6aee8b6571fa0d089a67a162c2e9b0cd072d180aa7378b70e7eba9be52eeb5f55da2012d4da5d93d67124cdc3cb84ab8b24ce32c9febc2b7612674617faebf1b7b7692b2a97069ce71ca264b706314897075002548811354a8d146027f65b6cb828dc54eda2a77672e0be", @ANYBLOB="13"], 0x1ac}}, 0x4004) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/dynamic_debug/control\x00', 0xea102, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 997.902462ms ago: executing program 1 (id=1430): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x8000089e1, 0x38) getrandom$auto(0x0, 0x5, 0x3) ioctl$auto(0xffffffffffffffff, 0x480454d9, 0x5c8d) 684.245266ms ago: executing program 3 (id=1431): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x6, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x20008000) fchmod$auto(0x0, 0x9b9a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setrlimit$auto(0x9, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x10, 0x2, 0x0) (async) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) (async) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) (async) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x3, 0x8}, 0x40000801}, 0xfffffff9, 0x10, 0x0) (async) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x3, 0x8}, 0x40000801}, 0xfffffff9, 0x10, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) (async) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto(r0, 0x4004af07, 0x0) r2 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_NVRAM_INIT(r2, 0x7040, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x3aa5, 0x0, 0xe, 0x0, 0x8b, 0x3}, 0x8}, 0x201, 0x6) setrlimit$auto(0x2, &(0x7f0000000080)={0x7f, 0x80}) (async) setrlimit$auto(0x2, &(0x7f0000000080)={0x7f, 0x80}) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x1, 0x1, 0x46, &(0x7f0000000000)='\x00', 0xbb) (async) setsockopt$auto(0x1, 0x1, 0x46, &(0x7f0000000000)='\x00', 0xbb) ioctl$auto_def_blk_fops_fs(r3, 0x1, &(0x7f0000000000)) socket(0x11, 0x80003, 0x300) (async) r4 = socket(0x11, 0x80003, 0x300) write$auto(r4, &(0x7f0000000000)='\x00', 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) 542.888856ms ago: executing program 1 (id=1432): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0xfffffffffffffffc, 0x200007, 0x8) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/kernel/mm/ksm/pages_skipped\x00', 0x40c00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x14044045) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000280), r1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="7201000080a6640c98e4c914f9241b1774648ff14cd7c7dd581705d91a57df3c1ffab8095d83cd21fe53b0eb178e624dc6ca8d0e9c0e7207e5589be362f2ff20a90c6602ae65d99ccf625f882e745e50ea787fca182ff98278", @ANYBLOB="1a00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000800}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20008841) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x21c03, &(0x7f0000000000)={0x0, 0x5}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x1, 0x0) pwritev2$auto(0x4, &(0x7f0000004500)={0x0, 0x7ff}, 0x9, 0x1, 0x100000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000800)={0x2820, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x18c, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_TRANSPORT_NAME={0x25, 0x2, '/sys/kernel/mm/ksm/pages_skipped\x00'}, @NFSD_A_SOCK_ADDR={0xdf, 0x1, "baa69a1f203480a3716f5c64e57bfc1b087f5a8fbe6206fb7d49ab1fcac24338c7a8e809fc01a87dc0d2c22297dfbd9c0f904d58a27a85805b2f4a6ab07aa1182586e19496dff15e5a633ed5799dd6cf1103d162128c99f08816ec90cf636f79ca01447792acf3fe2642de8fad4b221e81525254c242a28f549d3738baea350a5281a48f92c3ba35b72c4508d1c94a58e688db6196d9e4c74fd2d1af0582da18ffcb4886fb1616f0d8cd9f19903b72b4a8e3fc14aa58939d8c65aa1b5a8bee81ab70652b3a4487d87240324823f333a102c3d41c909e20c8a379f8"}, @NFSD_A_SOCK_ADDR={0x7e, 0x1, "1440cc133e2f60b4dcba08e1f67f9b1737e4c81bf93bbcb27d64637557c303e4b191c1a05a3d9533829d246c336d8fbe0a30582e46d68abcaeca4464de8a6f7aaeeeb8a2517f27a2168b2ec1442a70f7b40ab28508703c5dc409f0f71a2d51d2131f06229cfd218d45c5eb5fa17f69a9f4a750bf260cc41ee9ab"}]}, @NFSD_A_SERVER_SOCK_ADDR={0x1274, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_TRANSPORT_NAME={0x10, 0x2, '.++.$\xf4#-@(%\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x5, 0x2, '\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x13, 0x2, 'MAC80211_HWSIM\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x10, 0x2, '&:$\x19%,&O#\x0e.\x00'}, @NFSD_A_SOCK_ADDR={0xe7, 0x1, "1f68b315128de728acf4c2eddcf5db46d07d62abaa110bdd38eb05160f8b149014f92e76ec5837928cfc3cf851396ff48f24ffad10b2c6d680f3559c612e14fa822e1b496310440d4bc5dfb72e82d7d93fdaa63c9198a198e3121c9e94677eac3720e0aaa49dead67c19e97f8b5261001e9dffec3f00076827f91a5b73e3aea7d268fa4b43fda69d26ebe88cddc51d58278bd7b59ee4bdc08e31347c390f4413c78440c97e337b4e91a5fd209925eb6dc2036effe3b9204ed8a089d50c5def823d22de1eb5df986b617fb18acb902893843e97116ec48733242191645df056c80b30c0"}, @NFSD_A_SOCK_ADDR={0xb3, 0x1, "afabcb51011ed0d53587093d19c7a590423d81b26e40c72820c060125141f57f22b09142de9024a5620a426aafc520e3972acc405d996ad993379763d65713ae01355dfd97667527eedef6c5be29e6980fd655f81c82f5efa53af085dd52e066bb650944452a29a5dac1b9d6c9bb6068d6b461629ee8031484617eaed2caeabcd746bda1583c9b3cd540a94d1d9588c7f5919cf99f922d145ccd60a11cbb0f4a1d78b573abc777c2cca4b7fec1620a"}, @NFSD_A_SOCK_ADDR={0x92, 0x1, "57dff982c96ce82081e12dc19fc43b443f9d420d5bca862cfdbfb26f306d9a4714a410138295a2f9444e101ccafaccc167a10845931b7c79e989627cac025ddeb02fb6203cb99fb3897393c6a0fa0e5197a788313d8534d3761187b440515c3005bf37da9af77e6b27a6ea2d88f2882baf61fdc915cd365b1be2e96ddeb16c7ec0553636759f7f33236c0f2fcf94"}, @NFSD_A_SOCK_ADDR={0x1004, 0x1, "229e41140c68e8ab4133ab6b5a0f6440a2e1d1da7f08b49ff7435048b3f5c352924952ebaf296ed97df24814284a9158efd346bdf267552bc490573ee5b880762f0c90b9af02d6c1ee5549b6e950956b4b2d0185b0218403eee3d669942152140add1267f23b03a0badae388a649a5de1607c743ceadcff234dd6f486896b99fbf5b048ab965f44960342cb9f077bd23b8ff6871027ad99beebcbffb4832410f00c296aa626c472a783edd7b683a0a0291d71823170f744a088ac77a36d8ba8dd5da9d5c7417a5c842da0952655f2cc8fbbbb9af2107b784d4d977489ec7c3a5d97db09eba00477402955078aeec84dce8caadcfc77d619af8a94294114594ce48e3630766478da0932d85983cde1afba60c69299abc1893769234ca3b3045ec4adffb997f104af220aab1900fdc1584b2a59a94e02f4c1e6bc0d0d939ceac9b9b5a830bded6ff7ff804eef0a8be4cb70e92e2e7cd5e040b1febecaf2b113e736110ec2b6b48305b58e6ff585e84c78d0490bb644859f769aafe200eb14c236697ecd182a337848454977c574b7c1b1b1d6d2dcf74753c3a07018c68542c4dfecc061cfdf9ca706b38e85b52295d8f0f6fa1de52baad8ac0e0ebeaa5f22b07afb98f987a2d2a8d243779181e5a2f5b83f9befa1f3da1d8448c7e1e49efa86c879382e8b76fd376e7f16f218becaedb453b7c76f5edca1d126ecf56b719b63217f76444965829f90e9d5587f2c3c765d087e797ed7afa0d2e9ba17f1d3fc4105780dadfdf3b217058e4d3c2398a730adfe3c84b22406a3dd2e4a9d561f10da52b51e900b576c99d2acfd83e912e6f05213b1b8da677ed05ce143977c1dbe34f6f5550a7ef4fb509453fcb5747bf9051e15533ea6c3320e8289ea92eb24e21d659d6567b6b8eb633755bf213495942a5133addaac3eaf8634814abd5620fcbf34b27ad27dcd24b372a9050b876b9e998982cce8bcd1f7dcd5e4e0e51f0737c7199ec8209d08dbd4d449bc37491ee970a1db781d36628fd1dc202a6c281b514cf1adefe48b38531ea3978b8370ec1adcb2486fcf3eb31486f65a3b16a6abe2dbddb07d226d96235f495514c4abff224b8c3ee0f875ba6cc74029865d0becb7e553bab25430b051fc25008a5f3e47c6c8d0b133a8a00e7f3a645325b1b60014d19e45d9466062387de40673421834d76e98ef5ffb8c732d86496d3116d50d7c23e4d059f22f4ee058e98fb99d2b49ff5def57bbf7a42ab684880d773969377047c9bc150cc6a7d7e1209d2503a3e8f64a589fe70eb5c9bdad49e352ccc4c1805de406dbee98899e9785b4c029c7e215c8302de0a94f43ad75656167d00e387f85cfaa919faf71550d826454e66b0743a097529a8e751298526f843bcd225dd12fea10a8804779ead81715a7efe0dfed02fec880bcebd29c26cf23b05218c3b0eab982aa3faedb5a1b4a74eff0394c74e3c2d7de624e086ecf6d4813bf13deaf9d37253868ab48533f1ab7cb1842bee27014ef9a64480adde644ece27efe38de9f3218dfbf1f9d45ddb98b454e6070fdc935560d48954d0409a4d0fbdec3b3a7f8de0f23a9510f12ce701ec5b0431183c93c5349c8c9ceefb3329397ab61278af4d5fd05a9eb6631cc02c539aad200681e45f640d730cd4ba50f7b2a7b12c4b358ff772ff2662263905a47674befabc1d27195cfa6460769fb88c94c4c3776170cbd85385fae4a9431c96226dc4bf74d9d9b12d94852d17fd7977d07301b5d24b93e0cca51375075cfa82eb57052b688325387fb44cef7001f5951d30e10ed9f11c579aafe8a10860edfc42f37cda75d4a7d766b6701a6a830003b6a0ef771038e829af86b7b29ed3319198f5cddfd4f4178af326edb3b1a2f5f3523e32393fbd42e04c425acab29817dd070636b090580d7a1d81e7234243c37f491fbea535ccb89b2787adeb89c5d5eb995a7cdf60f3437cf079953bdd652f8067bd19d0af6d783feb78a891bcb04c3ccf2d5f337e06bb60995a5b85a90a61f3876ffbae6e206541f4ca139694b2fbb82cd42bffa234c384f62ac7593b8acfd9b6e4c595bdfa6b2cb97eef53650437b3266778636d40664698cec7a64df1c4f409b8003cc4f0759b02f9fe03ac2a074bc80ab2901978d49251b701af50dcfb30aeb7a31d3146c393f6683de6d8e85c4298baae026a5cf4fa622fa322785fb7037a42d704d2d2ce50f060ad866a43a945511d5064b11aad12d296d8e137c4cc754d6b1baaf2d3962113f79e8c6033144f72514c310a6faacaec1b00838c1e8a52e3289272be3bf1381e176e9dc5f7eb127e4db385f372fa36814b6733d87f9957278a9767d9336596027b2d1b6fce11ab31ebe807f8b1bc72e530f9566f21ff1b64be11ec1c7227485c8b532fe384a216476e760a8b0175c6157e1fe4d62e000a76190f657f3015b5bf8c3bb885228cbc34bb15ded251c0a0c9451bdd4f992e712edd79f112ba9f36a136842bc20d1d178eb7d907bda950d9a97506d2befc22b9f37a36fdc5a86f4691771a28e8558072a46cb2603b5860208e5bc9b3859175f1065c3210733635477f5c144c6694f5d9713e024bdeac84fbe5768ec584e4bb7ab952d223af45fa7ab7e60cdf3d3146b7cc5397832d180b16d65fe60e8d56c83180535f252226c64479d4bc08e3791bcc455f030746651357ef8e31d820c6faa1b26ec4c4bedb9ba9bd38fd05070a11324cf46a6b5cf0be59bdf02fdfbd65c164ea642527c53a9108b43ffaabee87fe07219a6ea1452aed45c943af9673a703ec350514abd7449c9c4dc269a9a9ac1a9964f3f86f58c2ac062e54c8181eb4a2f3794d8cc44b4a90ab1871d7d88d9bd6fe9f8d10f8f7cd1a3990fdbc2e352401a5868a66472823ea44a4bc0b9a85b9b54e8e1f7ad832882d667158d055b2b72e37566a026f5ba784199e7daf2fb8bc449b587fbf9f51d97dcd154602613d2a88ff91727ac73b534786f5e4793af08b2f84846be3eb9b83d84c31b9955dbb3961f56f7071c8c9f1ab027e1345bff6ea9861eb2f56ca82172029741cf734689a7c950f1c63d5da14b604b89c159c1cca0b4cbf03d376de6ced6d40951934cad37f5f9e679f5d3ef211d2515b7c8f12d2b533b536952f966f047d23b4c286ca79d9e130b30c2cdd36630b5c38e1758d5fb9823ae98b081dd17a1de7b5f6422943034124fb5ad1a3be59af825c6f37e63060d4de6155847507bc75db12c747f98db63abcb0792d6a1f1677c5e42da0b3d83a4814fd94f1499dea00c2c3a0e2c985c32b679d84f908483decf3ac1156773f7362f26b48d4c01b474d5fba5afec9e72e7278d270d15af10f1e049a71c56f5b4217b76a7a38708b2df0fbfcb73737124522feba69a8930bca69c34be17db23cac066221d0ac212a113a5e48c6cb506cdc9ebd1e40c900b85fa08588695dc85e74eed4116841815e109b7b46629980d844c59e912682bcd9e6a5534d745766118b4bb235eacd754a08e83238690ae6db033587155cb8565db47e52e0bda6ffe6461f4133bb5392f18e529a8e11023b87016cf1fead49e3b97a3756e4bbfd4c3a754f368f67b7c16217169fb13c2d9ca7944a3903891abe071071b4d6beb6cef894d8d52b51bf575864e0bb757aa147b7c4704e28a96b36e53937c32c6d498ee31f281f5f0dddbcb54e6c40bbc42f0b1a32edb07f2f931e50c760bf3792e8999fe5cd0089ca679f752ba01cc1c8a7e97000c9a11db2a25c5ad0d1ad07963cf0ec60d34178939b31c0723cc294a19435e174027064902b54a643b0b70d777f879507351e7cbd91a37d8675e788e9a688515d06604fd8a395c9e40580f4815225b05cc931827cc1069426175ee9aa3090c706fabb23feb4bf204d87fb77f860f57e3cef64dedfdfd07786289b491425417c7b553ca508956848f546efaf2b2dcc47d3c06fc4758cb5d127bbcc6f1985d0cc9913b7d6eca6aad33469711c414eff52db4a81cf332089c3853426775c882fa8dac48be2572ff5bb63c1189cea08000139fe59da30c63cb00321edb96f968c922544247a31b19c1564d1c9b0f3ab606bef114e0503a59bdbc6a373877e8c7550daa27d79b63587b6ecf18449617b7f24b915c7350efb3f465b92954ee960c2b418c871c6729ce36fac65e8d3ea19d3a944676eb83851479bf4a36a120c4166b60880078e4e1782b29c8a0f584d5901cb681471da88482fc2b9e001372cb8656ad35a849a2a10cdd1fee96340665d6d3cce681c8cd01fded15aacd0c14349ccd11dfa0da4a8e0972f180cb104a7dd84b56b5067a4e78af378e3708d5249ab06110c7251964731669b767b0841c77f975c184c49a2a361f1b3bb67a1db27272a03876360dd888a7e3d41d714e31e5c6e76c71bf74735ea20830dfe50299e268f016d2bfd07231480b7e85a06a8b6bbd002e25bd48b31f314b42b048305dd9053f4b62915d81fc2acac4c7b79313d4d840928afcdcf380e8deb96a766ffeaa9324394083d70a144e1797e1ebf02977843e2dd37287fa42e5232dbed20ad03f5330696f5e69d4c57a20efcb3dafdfaa5e04c830809d2f6ed8cae52b84bd80037c902950a31237de4a3ff9466e798741da5c63d15d318365bd03f0dc07d04d59c3ee13f3ecdacb724c6228112ba4841cbded4063b76cb354b5d1da4ff949baa302ee1bbcb9f40477c53d87e63650fa56e5c62db3df4ce584ec68cb3d564b27258479d56d46f475662823e3ab7de993b1ca666f2eb413fbd58020466dc2129095fd8eacb03c000dd9e3216cafdad7b576b6d63c1ddf07393d9e6a773b5c91f2d87886a169931c131dbc7491d9d21c454dce22e3f38f948f8a98531e172f2d6ba6df55fcdb49125ff2ec9f1adaf435107ebaa6c42ede26e37def5e59a6bd82e99240a682701b259314144b604a59d145963602318e5fae943e83368b26f3a598970f6baee0182c0077da4799fd702ad547f5b83175c40401fbc2bff9229b4d1f837d2be8eafdb45b41acb7da4f694671da9458348adf606fefec0bac6ec24c689a781e7550ec9c5e3b8fdfaa7b358e1f4acfb97f62ca62789773f0cb8809b92c70ad92fbd5fd81fde251fc4761716cb0fdf941506736040673534ddea0b7921e208eec3610090e91f54871a1117e0c8068d14443a33a8a78ad0171687584ff7275e7d7ad6137338a5fa755d237cf6919fc5e3a0b75f3bd523228e83b0be7848ec7edf69929f1681d376e7c709f656103229e3bd7ac5fbc70f20b2d6effdd9e27797ec189840f40683b796de3fa0138eea6a27ecc4fc8ce34d45f570bb87aa7aa4ac58174d2dbd1aabef947fe32ba078a70e791e6abcd1bbce95693a2005d6ed5687c3f08b55cce1850035a91e512c4c4a3c19aff6b62e8074074da76bc5a3985d51b0dc782e4b435ea00dbc6ea0e91f6c6af305f05fe1c0b3706650b3f38c5818beae90a22850230c2d76d3739f190fb06dd0174491770f7baf642c85f31bec684ec0d453d42017642d58b6f0a453baedc1ddf5ffd7ccc6347d712b19a5b38bf8356fd00fd973ef24dda99579ed67f46683c158b8cbe1cb866b862933872f68e9e6623a7426a69238a661c93a8f58b36493e5d255d3dfd3d9d57b4ea42a1f60700b13afc13bc5d96541367dd39c79314ee5fbaef588b388e0695f099309c0411672d43d86f5bdbebe148e120ddc4cff5786db984f4676b5c4312175f2d6025be69d6d47d3fbe1d1e9978616ea6457ded800f306de6ec403c07be5d015f67fc57155a441b0a8105fc1b8bd514c08"}]}, @NFSD_A_SERVER_SOCK_ADDR={0xbc, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x2f, 0x1, "9108bf2ca9fa738f6225e207721fe83d57e90527b5a0e0d77441c6ede2696fe0372c09fd28711246822c5f"}, @NFSD_A_SOCK_ADDR={0x4a, 0x1, "2c08231a5b3995add109814ada1e1624e81ea2146bdd616ea83203c99daf7e327719df7186a737f4cc66fdb601fc6763ea6116157f2ffe3fb27eb790ebbff0a630fd4049533f"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '%\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x5, 0x2, '\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x9, 0x2, '\',\\:\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x10, 0x2, '/dev/audio1\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x10, 0x2, '/dev/audio1\x00'}]}, @NFSD_A_SERVER_SOCK_ADDR={0xb0, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_TRANSPORT_NAME={0x8, 0x2, '&(\x12\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x5, 0x2, '\x00'}, @NFSD_A_SOCK_ADDR={0x87, 0x1, "7da954d5c2f67f8dc37ebf11ebebcd21a18109818f9ed92ded7ea692090bfea3f7679a64cd1bb9c3ef6f16e14a5b2975bb4e60322216f5a04a3377ed97cec6b2b88b458a4a37cd8e38be23e156be8c34d74755739891e489501fe5822b0d6bc99f66e6856e8e4dda0d29de375e013024309dcf56f70f2fa0666e54d2b6f15c35bb8d08"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x13, 0x2, 'MAC80211_HWSIM\x00'}]}, @NFSD_A_SERVER_SOCK_ADDR={0x184, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x4c, 0x1, "561e9facf27d998d09311810eb5b5e555f285659072c5312d1aa3c17fa245023179da23447c5097ef90ab5f38346693386b2435403874216d1ce293989cb630945411738a21fa7f9"}, @NFSD_A_SOCK_ADDR={0x44, 0x1, "977a1c23d1a82833281941128df595b371730e14fa5b54b11a60ed2d316a9bdc04d6c85efbfb4a7134c9355524f6db0484ec25096c3551f59f3504c1ed28083e"}, @NFSD_A_SOCK_ADDR={0xae, 0x1, "178404bd7c6e63dd7cf85aa0433be0bd846a55e6f641dbefe710f3a1e3cb26546202f1c83aa0a7c3ad76000e4cbd4f5bb9c9c7e20effb900c4396c387a0bb0cdc7a709ebaae0ae4ba114a7ac7251f8bdbb4455e7348672436ab3c92f1d17e65cc9ad9b5df6d04c96cb695f12d49b17eb02f0233ec5895c06ce0ca5cb4c1fbb4f2b24f5b26d7bb8c048df27c452162952c06b17b429e72a6c163ad6cfdba7896225edf507bf435df43b01"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '+\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x10, 0x2, '/dev/audio1\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x25, 0x2, '/sys/kernel/mm/ksm/pages_skipped\x00'}]}, @NFSD_A_SERVER_SOCK_ADDR={0xb4, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x94, 0x1, "e65d86062052a58be5ef65a62d846013433477d553deaa779ce677c7917195ee90738a29dcdd9808739bbb7a5d7412f4f2238ad1b561fdedc9a14da822acd299d75d234d729bb3f27ad140b531534111e7e716af2778dac479581fc6451f80525cdf205784fa192b6ba03124256c014cc304cb4a13d979dbb2cddb215a81cdbafbd754399e4c6d3912f7a884a5b23b78"}, @NFSD_A_SOCK_TRANSPORT_NAME={0xb, 0x2, '{.#@*@\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0xf, 0x2, '#]\'}}\\*%-\\\x00'}]}, @NFSD_A_SERVER_SOCK_ADDR={0x1068, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x1004, 0x1, "b5590b5b09e690cddf0b48efd17ac0acf81b79198244549310ae47e58d3c927f8014f11e618f2578c87dd7f193f99118657833320cf731ef0eb3df0e4da5b75d902c7ca151d4842ae1d7ac1c19e82871a79b6b4bd8dac97442b6df2c631faeda42c5f50429d81c39333bc373d409f78b1e2df8ff62444cb5fa2fcb75a5c3cd348c5e354ae5c4b41ffbe27204d8933bb1a7898a622123571abbda1ca2f52ee360c1c528ff29f1ee71cc70019c0879aedf74bb042999711e0f8657fe5022502bb6815a86009d0ddcbbb1a8ea995182b81ce11d4ee43f856cc9b76b671a348109d5d4d380307c221f406699fde21a7109df79b652816dba5cfb4a0dfe6fb378fc51006e25e56bcedbd7e74b5dac7bd286d8fc289c760ed315ade5c567119d6dd7b67c45b14483e256282e289a4ad5b17a5708dc1ac02b075b719884cc031588acfe931d387b1234bb84063806a07a645ae144bb9893db28a45fd26a39d1090ff0e8b40590a64c1baeaacf5c08fc9c6eaf9a5ec22aebe14c82f96532512377e33d56ad65de91dcf32aaa3b01501d1a31a9bc99338cbaaaf808e997d13651ae503021296f1bfcf70fb3caa5e5b6f93afea27e1c3b239d111de312fc9d266299f642502c1dddb0fc32487c32d3ca9a0415cbfcf7368cd941aef5c4d261d0637316fb103ca8626d6492e24be90fef61345fecaa07f8f8ed32c8e5230cb1acd75bf524d7bb9a10d34f28b6334f83ab4bdded8af4fa8414d821e443a403fc328a7da172c936f8572e41f4bf5abf9df7f75238a00372ff4ad356778ba0ca57784471a72b77a9c61067e4ab46b8a2408f3b14bca86cd8d8755faa77ca0e24f76f823f1dda0f3a4f16a1796cf6836a1a5a0b4bc9bbe8042e1e12eba0aebe59174195382eed2fae50e08c7b06c54a763d23e51d08fca2cfe098ea880de2395d1b109dc3d28e3ae816d5dd8f2e23eac143ed4f3ad7c2d7bd94baf3d6c084f68184121a19e8d8e44311404c752d57174dc011fb6b9081617d251d40f549e843abfe49705ed149585a2d80729df6cef0a74465a9f6aec7a39ac70b8491bcad9e2606b1e58f17c0ad6f2ff721df2039b2930d4db5500ad49992bfc4aa456e373c8b4ed3ce9c09a30c4e8085b2e6fea0f54ced96840c36be54e784dc96b4adbd77c627b72b795c0e75d6f32fc6f575b7f239c73993b67a87a42dfb477d2241a790c5a1b043b3100da9dbfdbde12d854eb25a82a3ea54c6f6d638d7c525758f19db49d22cf778237f382db573a2f541c9dce7f3611746b385f60cc8110c93d6775dce4340396ec9078fbf075cab1e4491e97163bc8b021db3d2f681a9b106338ef554fa15f65e2abf76dc4d3a070e856b54538981ae88c88337a66dfd2199f727bc499ee388dfa8e72fc65bb6f93320f32345fb1c64a1088ee38ce7e72b6ba6df65c2dd9514fa26d0f012b5c3029344865284dd00ebe43195dce993cd093ec2323650ba6fe7ab925b01b77070c1dc8deb6a1055e8d8e367059b42db59c661dbc372561d50099a0846fbfd4af2412897f9a786b688eb8a6606156ecfe1628eda98c3a4e69e9588da52423f3ecf97a6d874f71371ec8e303e05082eefd5dfc6712952af8c0c218cc78f2cce8f06071934e9d97940c97e301927f2377788c91981e293346038d2be712b2fbc1c30f6b8d98e1a9e5e7e54f51735df6735670623e952b6e0e0e6fca8dc2dee220c23231dfdb6f90faf0661c01a12c3a5fb6026a7bd43c46b951fbadc75f8318887f978285e429df96d840091db4bb6105f463e071659503f5599df372f4277fa61c5765a8e90a0a9af2dd0ebbcfd8d84cca99ac3183b08d796f71ad4bc16d9ee2ae0423796da7ff661b5db772df3d826d5b0650ac4d196685ac646aa2dbf60c8c34df7bc2fcc6ab7bbc747b861abe0c208ce83fdd53620ad389b18034a14764566f1c082c88c2cd1f19beea05c73e40204e81406dd140045e73f8897d44a5388b3a2bbde66667640451019584a1c76b1ab25bbb4d6abaf00306b42db3e8efee5673e7e3ed1731b5b6df3ee4d4516592a049a52375f6a54bb4fa1326503c011dc2516958c719cac3884cb3ac29fb365c6e83298b237d900cb3ba77e853f524079189d566871992bb8cdac656d626b04fa99948d4fa0bb10e13aa6f2c9986b0bbe6c0b648299ffcbb4fbe09cfceb0238f8a312cbaae883e59bbea68bfaab33dadbbfd3b71f2e6c8f9158447fe257f4bc46eb4c79395e52231edaea95845f5cba34dccee385fde8169284bf674e38114b47afeeb99e9c958e484dcfc16d8952be96860b62c88428bafdae237f4a9826fd09126f3083b4ffdde641d84781fb5d2a5472c5c5a2f14824562dbf23ef9d6f8d2fe27a0396a2d9bd94914faa229e4619c0a3ed4e53ae7d3266891cf5a9e154fccec7c9cd58d7951702f9037bc89f885598fa9b402bac567dc6a7ded1716a0bef01b105dd06b6c44b3945a6570251cb82f4cdef4bcc9c10524095bad797ac328ab802e1b6d74a04cd8bf0a06ad7999128212b8f4c67ddba5a6f5f8f9c09ff77d34025732e4dd54fe0ac9af7897929d924451bc72fc961e29394a22066a50d6fd8d53ce67b7463f3d824b01221f5db897c44406474d77bfc4c91a2da7b70d0156d1a7a1bd6fadf4e276b2c64f69791af0bad0c2648472e3d3e3d751dbb7d6b16d78b3f20cf7a038cff51f5c8f83c60721528e954a6c65d34f53e9c1d507475d3840005d7cf897388b17f1c746951affe37507dd93732620c91795bd8080cce7f09228e26ea238ace2b6a01a12040bd579a63bf874c96e50366099de8a3d83c848a59800ea11e3fad9b64053076a5bbbe94a3a36de4446d2d0591495ffea21ec87d2d1a88a321784c1183acd8951626ab18f2f68020874a665f3b7edfedb0edf2bc2cbc7ec7abd13276a91192f4a0ca1154f957ba00a0e982886478d5ba282c8fa00c77b37a66a361adcf3b20a5a6f84de8f173924eec0e8eaba6d116808461df8416d8cdb315938cdd873895a413dcdbd4d925de9e6ffaab03234cc961e199caa8afc0d8d031cb14d9fde4011767b145f2975ef740fee7931e589675ab50301db80174628e05188153cf2831a1afd1300861cfe95dcd71891b363e84c3a262fb45e73f3677d4c8f055de491c46915e8c168f2ef0ee6f4b45ccd98e81ecb967bb61acd2ef0b0195c2eaa7e2e4699f3667d9fc1f45b093676403c923291f131549ee761da603861e2ac196e1f4819de83888201a68dc529faab29ba0a181776b2379dfbcc4d9f71c6268593ffaa88d38438ab6c8fda973024ef81d87e3035facb91206ff34c1b76435bbce0bcfd80bf4ae836dfbc3801677f5a1438913b852d88206ebd2296998f1dc199c463ced1a168901afa6253491cfeefb3d16d49fa48bb01cf94d542c74bfda589e1bd5428bbbbe10c476f0a231145ea87b1d4ba725d6891b2f7dda6ca3f1bfb8cf6bb86b86daad62f965e93a0a016512f6aaa3a271c53e4a827ca5e33d1c99f4489a351b54526da8520e877ea612062ecafb049ab1a8361755b0fd6bf2fc4b96c1a187bd4c2b7ce34a0179b568358a0187c43259df73ba67ded4eecf231b18e3203e8d7acf114c996b5055d96692afa31c6fea004f1cf25b1747058b6620ca15b43cc0e23ece05863867085abffb836c0641e2d2e411c29d0bc56a1be8219eb3fe4efe89bf1d405db573e3792fe469c7052d0972f7d371dc9df59fe4f86389794d1b1f29dffdf175fd6cf2b1b4fe5017987b34ecdb0cd2b6bd2d6dd106c346970dcf0a7469b5dfa973b44df416f6473fd074d5fd6e1a5bcb8877f1564593c22de49cc2f19f72bf7a8ec1cbc67a319d6589e6eb3ccc665ec43ac619fece96dfec4a8b4fb77e4d991870611b14dde91fbd4011fb17b51ffa1c682bdeb949baeb0412cc136b4bf79bcd764cf0fc52861aa32c374cd7ee6ae37d57ad907ecde9885a2ab866e12a0f7b1b36c732bb41ad364e22a4012fdcca5734d8a1c829a157e78dec39b67b5fdc33818a083675d7aceda3a435287949fa30b259277209f082e52a4eebab82084ceabfbc5175fd834d2468d7276e119e080bb77a5c77699759a600a9f9afa65b2f5c92f705d2f283a3152419ef9d96950277d031c146eace1767aa569223c1251f97897ebad7e1d355bc641ff0d3692023c7e6a8a87605584cb2164a9f4ce1f21d9ec8c74bf808ce3b3505b7f75514ca2279ab4db82b64b8564b39acc5d4065256670e6a60fbaacebc921c021f2af3432f699265c48e8fd4b841bed8165386d2732fbe9358cd10cda86367215d733842d512ca4a50b994ed123eea0ee4a2d3b29cccdce341e89a8033fc7e04ce5bd8a7695afe98dcab70d8daa17ee857c056814a73aa4260206e3ba885b289f1d4682495f38831887329712242af452bf275a4c5dd7bb4d2dcda3f7b846dee80448af5c3b4c993ab2199199b3144a664a23d23eba27707d035ddfc46fdc37093faffc34d8b73dafc9139134eb9c961dad2dc659a89af37391c06e551836deb396508d3e8bca34ee8d6bf027208bab21e79928761807d598c21a5e9c213b744531243b463f93bbe6730f16b58b48321d6203412bb9876174069e062096ee3b4e0b2af12250c253cd831026e14549fec0d9494a922d8dd47b3b8a4851bf71132ae14c2a12e3fb73684af13a48fd64704e44f13ab014fa18c151733c58a78c7d0fa216f39116007a3fc3fb6315f1f470a5385da254081cb5fb3f18959f797e290e46e75757b66dbd6211a6a2927ac987e9d5d1f5fbf6369d52284c6af8cc66fe69203e1df884335294451aac4c7d5ae2555626f9a70dfeb91c56762464fea53e9a8947e077b1f7a18cff9d634e4d4eafc260f5adbf6ce157c107168e500f25dff8a541bd6954de2d7a9430d88cb7cd15897bb6e55bea779f5c3e5590d27dae0e2202f179a9318fbd9d0f6b8ff8fc3bcb1f3fa6d7310f6f0419159b394807cce73be6db537898cc9385d2a38f7cab3c576d8a2d8ceaaaf8bdf13b904572a78748fbf77b4b771088185bdb811f0383141b17f8f06e03ff706032e8c7e4ed9958e3e59f91a3624ac9d59b779cf8a10c4248da40074c6a11fca679fa70e73c47c22663447c8098ed3e78fed43c5419ab670f9e46b40e9a53afa34a432e8128c8fcef6f1d59ff47289adba8eb672d9ed76d4548865b57dab65267611dfd2ddc046d97c812d09d8f46e77c73c353f3de8ced3aaa9fe15c97a2562db393e357eba975edcd08e33f0cf7f009df039e38a27af3789f200f8e1b31001b5b48482880c386a529d22b13209873a24165dfef53e6b8144845d53023d0a20cb0faef2fffc523350acf3bdbafe84d0edd3ca6c024e4adea9459ad250c039c403556310897b379fffdbe075c08b4efd73b5d3bc7760e52b920951ff1637ee620ea762a2d404ef7595c3c3436ad97bb56d331ff8d6035cb6655f8d0cd6ce9bc4dec398dcd8f9f4790540541399d3c65ba398a11523c763682ffac9f0ebe16b1a9a4892c9e138ace81e0da60c6f285c707fe4b7d677e9d493b2450581a1441315c3d1c27cfc51b547cf75f89fc7deb30923b6c81032fd07502d025b52495abfcd2bb8c68f37d5cb5fb7181f74913056fb83f5a3685c2b5215fb39f0edf25339542221b6e96f509796ca8cd3df8124e93946075f484a5dbb5ec0b50cbc2111f419008c78a34edf915529d80265ce22b723f0c5e5e3d7d4e74f595f06ceb4891400e05f3baf6cf4ab4969fd6070679da3106e4662ecdb054d9036bb4a3634670543"}, @NFSD_A_SOCK_ADDR={0x56, 0x1, "40c74bc220ec922e32c8330460613297c1a1698f31365460cabc47c6e7b47953d1cf74d215c5956297d32208fb90a78cbf6a51a71823be485ea66f5c9df9409c3cf328a7af8061f463f1d8535a8201137a5d"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '%\x00'}]}]}, 0x2820}, 0x1, 0x0, 0x0, 0x30008800}, 0x40080) socket$nl_generic(0x10, 0x3, 0x10) 185.875934ms ago: executing program 0 (id=1433): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_ima_htable_violations_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) readv$auto(r0, &(0x7f00000001c0)={0x0, 0xfffffffffffffff7}, 0x7) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f00000110c0)={0x0, 0x0, &(0x7f0000011080)={&(0x7f0000000000)=ANY=[@ANYBLOB="080000d2fcb89200", @ANYRES16=r3, @ANYBLOB="010026bd7000fedbdf251400000004000780"], 0x18}, 0x1, 0x0, 0x0, 0x104}, 0x40) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) 0s ago: executing program 3 (id=1434): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty9\x00', 0x141482, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/irq/9/node\x00', 0x80000, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1cdd81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/net\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) kernel console output (not intermixed with test programs): 45][ T2962] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.217622][ T2962] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.317450][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.317622][ T3010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.325554][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.362892][ T3010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.466682][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.480198][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.507613][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.530027][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.289980][ T54] Bluetooth: hci3: command tx timeout [ 89.369984][ T54] Bluetooth: hci2: command tx timeout [ 89.376113][ T5841] Bluetooth: hci0: command tx timeout [ 89.376128][ T5837] Bluetooth: hci1: command tx timeout [ 89.581615][ T5919] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8'. [ 89.622936][ T5919] veth1_macvtap: left promiscuous mode [ 89.628513][ T5919] macsec0: entered allmulticast mode [ 89.904101][ T5923] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 89.929462][ T5923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9'. [ 90.110952][ T5926] Zero length message leads to an empty skb [ 91.196147][ T5931] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12'. [ 91.371418][ T54] Bluetooth: hci3: command tx timeout [ 91.466111][ T54] Bluetooth: hci2: command tx timeout [ 91.467907][ T5841] Bluetooth: hci1: command tx timeout [ 91.471821][ T54] Bluetooth: hci0: command tx timeout [ 91.819120][ T5950] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16'. [ 92.059269][ T5952] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 92.829849][ T5965] netlink: 8 bytes leftover after parsing attributes in process `syz.3.20'. [ 94.674871][ T5987] netlink: 28 bytes leftover after parsing attributes in process `syz.1.27'. [ 95.109506][ T5991] netlink: 12 bytes leftover after parsing attributes in process `syz.3.26'. [ 95.143326][ T5988] HfR: entered promiscuous mode [ 95.203294][ T5991] HfR: left promiscuous mode [ 98.861880][ T973] cfg80211: failed to load regulatory.db [ 101.724900][ T6066] program syz.3.45 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 103.240525][ T6083] lo: entered allmulticast mode [ 103.282720][ T6083] netlink: 28 bytes leftover after parsing attributes in process `syz.3.49'. [ 105.390564][ T6085] lo: left allmulticast mode [ 105.422866][ T6062] Process accounting resumed [ 105.488939][ T6098] netlink: 28 bytes leftover after parsing attributes in process `syz.0.52'. [ 107.589842][ T6114] capability: warning: `syz.1.57' uses 32-bit capabilities (legacy support in use) [ 107.753043][ T6122] netlink: 28 bytes leftover after parsing attributes in process `syz.2.60'. [ 107.953540][ T6124] Process accounting resumed [ 109.157568][ T6137] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 110.702505][ T6148] Process accounting resumed [ 112.364187][ T6173] netlink: 28 bytes leftover after parsing attributes in process `syz.3.72'. [ 113.303156][ T6182] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 115.857958][ T6212] bridge0: port 3(veth1_to_hsr) entered blocking state [ 115.900810][ T6212] bridge0: port 3(veth1_to_hsr) entered disabled state [ 115.925861][ T6212] veth1_to_hsr: entered allmulticast mode [ 115.967158][ T6212] veth1_to_hsr: entered promiscuous mode [ 116.020467][ T6212] bridge0: port 3(veth1_to_hsr) entered blocking state [ 116.027670][ T6212] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 121.281901][ T6276] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 123.090633][ T6323] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 124.103387][ T6335] netlink: 342 bytes leftover after parsing attributes in process `syz.3.115'. [ 125.193735][ T6353] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 126.634111][ T6368] program syz.2.124 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.681431][ T6387] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 131.700322][ T6414] Process accounting resumed [ 131.764623][ T6414] bridge0: port 3(team0) entered blocking state [ 131.779940][ T6414] bridge0: port 3(team0) entered disabled state [ 131.786398][ T6414] team0: entered allmulticast mode [ 131.833675][ T6414] team_slave_0: entered allmulticast mode [ 131.864784][ T6414] team_slave_1: entered allmulticast mode [ 131.894817][ T6414] team0: entered promiscuous mode [ 131.912998][ T6414] team_slave_0: entered promiscuous mode [ 131.914700][ T6424] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 132.002206][ T6414] team_slave_1: entered promiscuous mode [ 132.027043][ T6414] bridge0: port 3(team0) entered blocking state [ 132.033457][ T6414] bridge0: port 3(team0) entered forwarding state [ 132.458185][ T6437] netlink: 28 bytes leftover after parsing attributes in process `syz.3.146'. [ 133.881049][ T6461] bridge0: port 4(veth1_to_hsr) entered blocking state [ 133.881845][ T6460] netlink: 28 bytes leftover after parsing attributes in process `syz.3.153'. [ 133.947801][ T6461] bridge0: port 4(veth1_to_hsr) entered disabled state [ 134.019385][ T6461] veth1_to_hsr: entered allmulticast mode [ 134.137544][ T6466] FAULT_INJECTION: forcing a failure. [ 134.137544][ T6466] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 134.248330][ T6461] veth1_to_hsr: entered promiscuous mode [ 134.327143][ T6461] bridge0: port 4(veth1_to_hsr) entered blocking state [ 134.334237][ T6461] bridge0: port 4(veth1_to_hsr) entered forwarding state [ 134.389975][ T6466] CPU: 0 UID: 0 PID: 6466 Comm: syz.1.151 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 134.400642][ T6466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 134.410728][ T6466] Call Trace: [ 134.414031][ T6466] [ 134.416995][ T6466] dump_stack_lvl+0x16c/0x1f0 [ 134.421719][ T6466] should_fail_ex+0x497/0x5b0 [ 134.426438][ T6466] _copy_to_user+0x32/0xd0 [ 134.430900][ T6466] simple_read_from_buffer+0xd0/0x160 [ 134.436319][ T6466] proc_fail_nth_read+0x198/0x270 [ 134.441391][ T6466] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 134.446993][ T6466] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 134.452585][ T6466] vfs_read+0x1df/0xbe0 [ 134.456780][ T6466] ? __fget_files+0x1fc/0x3a0 [ 134.461492][ T6466] ? __pfx___mutex_lock+0x10/0x10 [ 134.466551][ T6466] ? __pfx_vfs_read+0x10/0x10 [ 134.471270][ T6466] ? __fget_files+0x206/0x3a0 [ 134.475991][ T6466] ksys_read+0x12b/0x250 [ 134.480275][ T6466] ? __pfx_ksys_read+0x10/0x10 [ 134.485255][ T6466] do_syscall_64+0xcd/0x250 [ 134.489799][ T6466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.495725][ T6466] RIP: 0033:0x7fda3818473c [ 134.500165][ T6466] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 134.519815][ T6466] RSP: 002b:00007fda39014030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 134.528274][ T6466] RAX: ffffffffffffffda RBX: 00007fda38375fa0 RCX: 00007fda3818473c [ 134.536286][ T6466] RDX: 000000000000000f RSI: 00007fda390140a0 RDI: 0000000000000004 [ 134.544297][ T6466] RBP: 00007fda39014090 R08: 0000000000000000 R09: 0000000000000000 [ 134.552304][ T6466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.560312][ T6466] R13: 0000000000000000 R14: 00007fda38375fa0 R15: 00007ffc6ab845d8 [ 134.568332][ T6466] [ 135.000065][ T6460] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.614529][ T6460] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.710174][ T6471] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 135.944701][ T6473] netlink: 28 bytes leftover after parsing attributes in process `syz.2.157'. [ 138.894185][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.904762][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.928807][ T6520] netlink: 28 bytes leftover after parsing attributes in process `syz.1.168'. [ 141.713622][ T6531] Process accounting resumed [ 143.773492][ T6551] netlink: 252 bytes leftover after parsing attributes in process `syz.2.177'. [ 143.813691][ T6551] netlink: 252 bytes leftover after parsing attributes in process `syz.2.177'. [ 144.501019][ T6561] netlink: 8 bytes leftover after parsing attributes in process `syz.2.179'. [ 146.796833][ T6590] netlink: 'syz.2.187': attribute type 1 has an invalid length. [ 146.821647][ T6590] netlink: 230 bytes leftover after parsing attributes in process `syz.2.187'. [ 147.453144][ T6595] netlink: 28 bytes leftover after parsing attributes in process `syz.2.189'. [ 148.019044][ T6604] netlink: 28 bytes leftover after parsing attributes in process `syz.0.198'. [ 148.138623][ T6575] syz.1.171 (6575) used greatest stack depth: 21248 bytes left [ 150.001827][ T6621] Process accounting resumed [ 150.343303][ T6638] netlink: 28 bytes leftover after parsing attributes in process `syz.2.203'. [ 150.569812][ T6645] FAULT_INJECTION: forcing a failure. [ 150.569812][ T6645] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 150.615515][ T6645] CPU: 0 UID: 0 PID: 6645 Comm: syz.2.206 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 150.626183][ T6645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 150.636275][ T6645] Call Trace: [ 150.639576][ T6645] [ 150.642531][ T6645] dump_stack_lvl+0x16c/0x1f0 [ 150.647249][ T6645] should_fail_ex+0x497/0x5b0 [ 150.651973][ T6645] _copy_to_user+0x32/0xd0 [ 150.656434][ T6645] simple_read_from_buffer+0xd0/0x160 [ 150.661867][ T6645] proc_fail_nth_read+0x198/0x270 [ 150.666933][ T6645] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 150.672524][ T6645] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 150.678112][ T6645] vfs_read+0x1df/0xbe0 [ 150.682301][ T6645] ? __fget_files+0x1fc/0x3a0 [ 150.687013][ T6645] ? __pfx___mutex_lock+0x10/0x10 [ 150.692068][ T6645] ? __pfx_vfs_read+0x10/0x10 [ 150.696788][ T6645] ? __fget_files+0x206/0x3a0 [ 150.701510][ T6645] ksys_read+0x12b/0x250 [ 150.705784][ T6645] ? __pfx_ksys_read+0x10/0x10 [ 150.710599][ T6645] do_syscall_64+0xcd/0x250 [ 150.715150][ T6645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.721100][ T6645] RIP: 0033:0x7f9b91d8473c [ 150.725542][ T6645] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 150.745193][ T6645] RSP: 002b:00007f9b92c36030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 150.753646][ T6645] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d8473c [ 150.761649][ T6645] RDX: 000000000000000f RSI: 00007f9b92c360a0 RDI: 0000000000000004 [ 150.769647][ T6645] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 150.777645][ T6645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.785643][ T6645] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 150.793654][ T6645] [ 150.919939][ T6643] bridge0: port 3(veth1_to_hsr) entered blocking state [ 150.989862][ T6643] bridge0: port 3(veth1_to_hsr) entered disabled state [ 151.120476][ T6643] veth1_to_hsr: entered allmulticast mode [ 151.150790][ T6643] veth1_to_hsr: entered promiscuous mode [ 151.190232][ T6643] bridge0: port 3(veth1_to_hsr) entered blocking state [ 151.197274][ T6643] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 154.180278][ T6673] netlink: 28 bytes leftover after parsing attributes in process `syz.2.214'. [ 154.569476][ T6680] ubi0: attaching mtd0 [ 154.579352][ T6680] ubi0: scanning is finished [ 154.598984][ T6680] ubi0: empty MTD device detected [ 154.629897][ T6680] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 154.852384][ T6680] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 155.676521][ T6701] ubi0: attaching mtd0 [ 155.677793][ T6701] ubi0: scanning is finished [ 155.677817][ T6701] ubi0: empty MTD device detected [ 155.677858][ T6701] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 155.906847][ T6701] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 156.744054][ T6683] syz.1.211 (6683) used greatest stack depth: 20256 bytes left [ 158.030757][ T6727] ubi0: attaching mtd0 [ 158.036181][ T6727] ubi0: scanning is finished [ 158.060327][ T6727] ubi0: empty MTD device detected [ 158.076583][ T6727] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 158.383032][ T6727] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 159.917092][ T6734] nvme_fabrics: missing parameter 'transport=%s' [ 159.951000][ T6734] nvme_fabrics: missing parameter 'nqn=%s' [ 160.626666][ T6409] syz.1.136 (6409) used greatest stack depth: 19576 bytes left [ 160.635002][ T6375] syz.1.126 (6375) used greatest stack depth: 19328 bytes left [ 161.090463][ T6730] netlink: 8 bytes leftover after parsing attributes in process `syz.1.223'. [ 162.359173][ T6773] ubi0: attaching mtd0 [ 162.391195][ T6773] ubi0: scanning is finished [ 162.415292][ T6773] ubi0: empty MTD device detected [ 162.537275][ T6773] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 162.834374][ T6773] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 163.020951][ T6786] random: crng reseeded on system resumption [ 164.919073][ T6811] ubi0: attaching mtd0 [ 164.924450][ T6811] ubi0: scanning is finished [ 164.940561][ T6811] ubi0: empty MTD device detected [ 164.945703][ T6811] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 165.180627][ T6811] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 165.223747][ T6321] syz.1.98 (6321) used greatest stack depth: 17472 bytes left [ 167.615643][ T6845] netlink: 28 bytes leftover after parsing attributes in process `syz.1.258'. [ 168.453957][ T6858] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 169.557329][ T6886] ======================================================= [ 169.557329][ T6886] WARNING: The mand mount option has been deprecated and [ 169.557329][ T6886] and is ignored by this kernel. Remove the mand [ 169.557329][ T6886] option from the mount to silence this warning. [ 169.557329][ T6886] ======================================================= [ 169.630518][ T6890] syz.3.269 uses obsolete (PF_INET,SOCK_PACKET) [ 171.682689][ T6918] netlink: 8 bytes leftover after parsing attributes in process `syz.3.277'. [ 172.202769][ T6928] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 172.769955][ T6937] FAULT_INJECTION: forcing a failure. [ 172.769955][ T6937] name failslab, interval 1, probability 0, space 0, times 1 [ 172.829672][ T6937] CPU: 0 UID: 0 PID: 6937 Comm: syz.0.282 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 172.840325][ T6937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 172.850381][ T6937] Call Trace: [ 172.853661][ T6937] [ 172.856591][ T6937] dump_stack_lvl+0x16c/0x1f0 [ 172.861282][ T6937] should_fail_ex+0x497/0x5b0 [ 172.865969][ T6937] ? fs_reclaim_acquire+0xae/0x150 [ 172.871088][ T6937] should_failslab+0xc2/0x120 [ 172.875776][ T6937] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 172.881160][ T6937] ? getname_flags.part.0+0x4c/0x550 [ 172.886459][ T6937] getname_flags.part.0+0x4c/0x550 [ 172.891587][ T6937] getname_flags+0x93/0xf0 [ 172.896013][ T6937] user_path_at+0x24/0x60 [ 172.900351][ T6937] __do_sys_pivot_root+0x175/0x1660 [ 172.905561][ T6937] ? __fget_files+0x206/0x3a0 [ 172.910253][ T6937] ? __pfx___do_sys_pivot_root+0x10/0x10 [ 172.915896][ T6937] ? fput+0x67/0x440 [ 172.919801][ T6937] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 172.925991][ T6937] do_syscall_64+0xcd/0x250 [ 172.930522][ T6937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.936427][ T6937] RIP: 0033:0x7ff3c9b85d29 [ 172.940846][ T6937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.960457][ T6937] RSP: 002b:00007ff3ca8d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b [ 172.968874][ T6937] RAX: ffffffffffffffda RBX: 00007ff3c9d75fa0 RCX: 00007ff3c9b85d29 [ 172.976847][ T6937] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 172.984819][ T6937] RBP: 00007ff3ca8d9090 R08: 0000000000000000 R09: 0000000000000000 [ 172.992791][ T6937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.000772][ T6937] R13: 0000000000000000 R14: 00007ff3c9d75fa0 R15: 00007ffc8cef56c8 [ 173.008757][ T6937] [ 174.920210][ T6957] netlink: 28 bytes leftover after parsing attributes in process `syz.3.287'. [ 176.824356][ T6982] FAULT_INJECTION: forcing a failure. [ 176.824356][ T6982] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 176.898271][ T6982] CPU: 1 UID: 0 PID: 6982 Comm: syz.2.295 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 176.908930][ T6982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 176.919016][ T6982] Call Trace: [ 176.922318][ T6982] [ 176.925257][ T6982] dump_stack_lvl+0x16c/0x1f0 [ 176.929946][ T6982] should_fail_ex+0x497/0x5b0 [ 176.934636][ T6982] strncpy_from_user+0x3b/0x2d0 [ 176.939495][ T6982] getname_flags.part.0+0x8f/0x550 [ 176.944621][ T6982] getname_flags+0x93/0xf0 [ 176.949041][ T6982] user_path_at+0x24/0x60 [ 176.953379][ T6982] __do_sys_pivot_root+0x175/0x1660 [ 176.958593][ T6982] ? __fget_files+0x206/0x3a0 [ 176.963280][ T6982] ? __pfx___do_sys_pivot_root+0x10/0x10 [ 176.968919][ T6982] ? fput+0x67/0x440 [ 176.972827][ T6982] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 176.979001][ T6982] do_syscall_64+0xcd/0x250 [ 176.983515][ T6982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.989418][ T6982] RIP: 0033:0x7f9b91d85d29 [ 176.993835][ T6982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.013444][ T6982] RSP: 002b:00007f9b92c36038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b [ 177.021889][ T6982] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d85d29 [ 177.029865][ T6982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 177.037835][ T6982] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 177.045807][ T6982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 177.053780][ T6982] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 177.061771][ T6982] [ 177.780370][ T6983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.293'. [ 178.137442][ T7005] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 178.936600][ T7016] netlink: 8 bytes leftover after parsing attributes in process `syz.3.304'. [ 179.153950][ T6994] [U] [ 179.156967][ T6994] [U] [ 179.159697][ T6994] [U] [ 179.162428][ T6994] [U] [ 179.212115][ T6996] [U] [ 179.353671][ T7029] FAULT_INJECTION: forcing a failure. [ 179.353671][ T7029] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 179.406901][ T7029] CPU: 1 UID: 0 PID: 7029 Comm: syz.2.307 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 179.417555][ T7029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 179.427639][ T7029] Call Trace: [ 179.430920][ T7029] [ 179.433854][ T7029] dump_stack_lvl+0x16c/0x1f0 [ 179.438559][ T7029] should_fail_ex+0x497/0x5b0 [ 179.443250][ T7029] _copy_to_user+0x32/0xd0 [ 179.447683][ T7029] simple_read_from_buffer+0xd0/0x160 [ 179.453076][ T7029] proc_fail_nth_read+0x198/0x270 [ 179.458119][ T7029] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 179.463683][ T7029] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 179.469239][ T7029] vfs_read+0x1df/0xbe0 [ 179.473404][ T7029] ? __fget_files+0x1fc/0x3a0 [ 179.478089][ T7029] ? __pfx___mutex_lock+0x10/0x10 [ 179.483133][ T7029] ? __pfx_vfs_read+0x10/0x10 [ 179.487827][ T7029] ? __fget_files+0x206/0x3a0 [ 179.492539][ T7029] ksys_read+0x12b/0x250 [ 179.496972][ T7029] ? __pfx_ksys_read+0x10/0x10 [ 179.501750][ T7029] ? syscall_user_dispatch+0x77/0x140 [ 179.507144][ T7029] do_syscall_64+0xcd/0x250 [ 179.511664][ T7029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.517573][ T7029] RIP: 0033:0x7f9b91d8473c [ 179.521999][ T7029] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 179.541619][ T7029] RSP: 002b:00007f9b92c36030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 179.550038][ T7029] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d8473c [ 179.558027][ T7029] RDX: 000000000000000f RSI: 00007f9b92c360a0 RDI: 0000000000000003 [ 179.566019][ T7029] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 179.573999][ T7029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 179.581988][ T7029] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 179.589987][ T7029] [ 180.334078][ T7037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.309'. [ 181.293785][ T7062] syz.0.315 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 181.712137][ T7067] netlink: 'syz.3.316': attribute type 1 has an invalid length. [ 182.129441][ T7077] ubi0: attaching mtd0 [ 182.183681][ T7077] ubi0: scanning is finished [ 182.198977][ T7077] ubi0: empty MTD device detected [ 182.213290][ T7077] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 182.253032][ T7074] netlink: 8 bytes leftover after parsing attributes in process `syz.0.321'. [ 182.432256][ T7077] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 182.769178][ T7085] ubi0: attaching mtd0 [ 182.791139][ T7085] ubi0: scanning is finished [ 182.812777][ T7085] ubi0: empty MTD device detected [ 182.822875][ T7085] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 182.846940][ T7087] mkiss: ax0: crc mode is auto. [ 183.043441][ T7085] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 184.481294][ T7117] Line length is too long: Should be less than 4094 [ 185.614224][ T7124] netlink: 28 bytes leftover after parsing attributes in process `syz.3.334'. [ 188.618996][ T7190] netlink: 28 bytes leftover after parsing attributes in process `syz.3.348'. [ 191.170126][ T7231] ubi0: attaching mtd0 [ 191.175415][ T7231] ubi0: scanning is finished [ 191.190816][ T7231] ubi0: empty MTD device detected [ 191.195929][ T7231] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 191.408646][ T7231] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 192.021738][ T7236] warning: `syz.2.359' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 192.509998][ T7238] process 'syz.0.360' launched ':,' with NULL argv: empty string added [ 193.825098][ T7258] netlink: 28 bytes leftover after parsing attributes in process `syz.0.361'. [ 194.325404][ T7279] netlink: 28 bytes leftover after parsing attributes in process `syz.3.369'. [ 195.205728][ T7301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.377'. [ 195.392231][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.1.379'. [ 195.667974][ T7314] netlink: 28 bytes leftover after parsing attributes in process `syz.1.381'. [ 196.109980][ T7323] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 197.040984][ T7344] netlink: 28 bytes leftover after parsing attributes in process `syz.1.391'. [ 197.358975][ T7344] team0: Port device team_slave_1 removed [ 197.437505][ T7346] netlink: 8 bytes leftover after parsing attributes in process `syz.0.390'. [ 197.858685][ T7368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.396'. [ 198.022872][ T7370] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 199.200049][ T7396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.406'. [ 199.350685][ T7401] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 199.670829][ T7394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.405'. [ 200.336842][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.343359][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.168937][ T7418] netlink: 28 bytes leftover after parsing attributes in process `syz.2.414'. [ 201.489462][ T7427] mmap: syz.1.416 (7427) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 201.778519][ T7433] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 202.474095][ T7435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.419'. [ 202.861833][ T7455] ptm ptm3: ldisc open failed (-12), clearing slot 3 [ 203.538399][ T7466] netlink: 28 bytes leftover after parsing attributes in process `syz.0.427'. [ 203.740495][ T7471] netlink: 28 bytes leftover after parsing attributes in process `syz.3.428'. [ 203.896268][ T7475] netlink: 28 bytes leftover after parsing attributes in process `syz.3.430'. [ 204.092148][ T7478] bond0: option arp_validate: invalid value () [ 207.381352][ T7510] netlink: 28 bytes leftover after parsing attributes in process `syz.1.438'. [ 207.440686][ T7514] ubi0: attaching mtd0 [ 207.536425][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 207.543528][ T5839] Bluetooth: hci1: command 0x0406 tx timeout [ 207.544540][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 207.550371][ T5839] Bluetooth: hci0: command 0x0406 tx timeout [ 207.571332][ T7514] ubi0: scanning is finished [ 207.576089][ T7514] ubi0: empty MTD device detected [ 207.589012][ T7514] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 207.769160][ T7521] netlink: 28 bytes leftover after parsing attributes in process `syz.2.440'. [ 207.831087][ T7514] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 208.017869][ T7525] ubi0: attaching mtd0 [ 208.032286][ T7525] ubi0: scanning is finished [ 208.037551][ T7525] ubi0: empty MTD device detected [ 208.047200][ T7525] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 208.155077][ T7525] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 209.019202][ T7553] netlink: 28 bytes leftover after parsing attributes in process `syz.1.450'. [ 210.009724][ T29] audit: type=1800 audit(1734798014.468:2): pid=7569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.452" name="features" dev="configfs" ino=13957 res=0 errno=0 [ 210.315023][ T7575] ubi0: attaching mtd0 [ 210.497933][ T7575] ubi0: scanning is finished [ 210.513539][ T7575] ubi0: empty MTD device detected [ 210.526055][ T7575] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 210.771675][ T7575] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 211.343431][ T7586] netlink: 28 bytes leftover after parsing attributes in process `syz.1.457'. [ 211.362319][ T7586] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 211.390454][ T7586] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 211.930394][ T7596] ceph: Failed to parse sending metrics switch value 'J' [ 212.290177][ T7598] netlink: 8 bytes leftover after parsing attributes in process `syz.1.460'. [ 213.961270][ T7622] ubi0: attaching mtd0 [ 213.989402][ T7622] ubi0: scanning is finished [ 214.014698][ T7622] ubi0: empty MTD device detected [ 214.020227][ T7622] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 214.264141][ T7622] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 215.270490][ T7638] netlink: 28 bytes leftover after parsing attributes in process `syz.1.469'. [ 215.659461][ T7644] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 215.862371][ T7635] Process accounting resumed [ 215.879772][ T7635] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 215.890787][ T7635] msr msr0: uevent: failed to send synthetic uevent: -22 [ 216.217994][ T7648] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 216.249869][ T7648] msr msr0: uevent: failed to send synthetic uevent: -22 [ 216.484708][ T7655] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 216.509938][ T7655] msr msr0: uevent: failed to send synthetic uevent: -22 [ 218.591474][ T7681] bridge0: port 3(veth1_to_hsr) entered blocking state [ 218.619416][ T7681] bridge0: port 3(veth1_to_hsr) entered disabled state [ 218.628472][ T7682] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 218.651122][ T7681] veth1_to_hsr: entered allmulticast mode [ 218.722087][ T7681] veth1_to_hsr: entered promiscuous mode [ 218.728227][ T7681] bridge0: port 3(veth1_to_hsr) entered blocking state [ 218.735277][ T7681] bridge0: port 3(veth1_to_hsr) entered forwarding state [ 219.175261][ T7685] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 220.320453][ T7704] netlink: 28 bytes leftover after parsing attributes in process `syz.0.487'. [ 220.356315][ T7704] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 220.380884][ T7704] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 220.523902][ T7706] netlink: 28 bytes leftover after parsing attributes in process `syz.1.488'. [ 220.791243][ T7712] ubi0: attaching mtd0 [ 220.826579][ T7712] ubi0: scanning is finished [ 220.853701][ T7712] ubi0: empty MTD device detected [ 220.858821][ T7712] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 221.214739][ T7712] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 221.472371][ T7727] netlink: 28 bytes leftover after parsing attributes in process `syz.0.494'. [ 222.429055][ T7740] netlink: 8 bytes leftover after parsing attributes in process `syz.0.499'. [ 222.461428][ T7730] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'. [ 222.708417][ T7747] FAULT_INJECTION: forcing a failure. [ 222.708417][ T7747] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 222.882318][ T7657] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 222.902069][ T7747] CPU: 1 UID: 0 PID: 7747 Comm: syz.1.498 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 222.905109][ T7657] msr msr0: uevent: failed to send synthetic uevent: -22 [ 222.912689][ T7747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 222.912714][ T7747] Call Trace: [ 222.912722][ T7747] [ 222.912732][ T7747] dump_stack_lvl+0x16c/0x1f0 [ 222.912766][ T7747] should_fail_ex+0x497/0x5b0 [ 222.912800][ T7747] _copy_to_user+0x32/0xd0 [ 222.912835][ T7747] simple_read_from_buffer+0xd0/0x160 [ 222.912878][ T7747] proc_fail_nth_read+0x198/0x270 [ 222.912916][ T7747] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 222.912957][ T7747] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 222.912994][ T7747] vfs_read+0x1df/0xbe0 [ 222.913023][ T7747] ? __fget_files+0x1fc/0x3a0 [ 222.913052][ T7747] ? __pfx___mutex_lock+0x10/0x10 [ 222.985467][ T7747] ? __pfx_vfs_read+0x10/0x10 [ 222.990163][ T7747] ? __fget_files+0x206/0x3a0 [ 222.994858][ T7747] ksys_read+0x12b/0x250 [ 222.999105][ T7747] ? __pfx_ksys_read+0x10/0x10 [ 223.003885][ T7747] do_syscall_64+0xcd/0x250 [ 223.008403][ T7747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.014306][ T7747] RIP: 0033:0x7fda3818473c [ 223.018726][ T7747] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 223.038340][ T7747] RSP: 002b:00007fda38fd2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 223.046758][ T7747] RAX: ffffffffffffffda RBX: 00007fda38376160 RCX: 00007fda3818473c [ 223.054737][ T7747] RDX: 000000000000000f RSI: 00007fda38fd20a0 RDI: 0000000000000004 [ 223.062713][ T7747] RBP: 00007fda38fd2090 R08: 0000000000000000 R09: 0000000000000000 [ 223.070688][ T7747] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 223.078673][ T7747] R13: 0000000000000000 R14: 00007fda38376160 R15: 00007ffc6ab845d8 [ 223.086668][ T7747] [ 223.459828][ T7746] netlink: 8 bytes leftover after parsing attributes in process `syz.0.500'. [ 223.469965][ T7752] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 223.486174][ T7752] msr msr0: uevent: failed to send synthetic uevent: -22 [ 223.736175][ T7761] ubi0: attaching mtd0 [ 223.757012][ T7761] ubi0: scanning is finished [ 223.840733][ T7761] ubi0: empty MTD device detected [ 223.845866][ T7761] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 224.120380][ T7761] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 224.464653][ T7776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.509'. [ 224.486708][ T7765] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 224.509854][ T7765] msr msr0: uevent: failed to send synthetic uevent: -22 [ 224.917057][ T7777] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 224.949786][ T7777] msr msr0: uevent: failed to send synthetic uevent: -22 [ 225.152179][ T7788] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 225.161022][ T7788] msr msr0: uevent: failed to send synthetic uevent: -22 [ 226.056297][ T7790] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 226.076927][ T7790] msr msr0: uevent: failed to send synthetic uevent: -22 [ 226.111389][ T7810] netlink: 28 bytes leftover after parsing attributes in process `syz.0.520'. [ 226.511687][ T7812] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 226.533899][ T7812] msr msr0: uevent: failed to send synthetic uevent: -22 [ 226.817230][ T7826] FAULT_INJECTION: forcing a failure. [ 226.817230][ T7826] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 226.871041][ T7826] CPU: 1 UID: 0 PID: 7826 Comm: syz.2.524 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 226.881705][ T7826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 226.891794][ T7826] Call Trace: [ 226.895108][ T7826] [ 226.895610][ T7817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.522'. [ 226.898046][ T7826] dump_stack_lvl+0x16c/0x1f0 [ 226.898083][ T7826] should_fail_ex+0x497/0x5b0 [ 226.898117][ T7826] _copy_to_user+0x32/0xd0 [ 226.912142][ T7829] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 226.916193][ T7826] simple_read_from_buffer+0xd0/0x160 [ 226.934358][ T7826] proc_fail_nth_read+0x198/0x270 [ 226.939441][ T7826] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 226.945044][ T7826] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 226.950636][ T7826] vfs_read+0x1df/0xbe0 [ 226.954830][ T7826] ? __pfx_vfs_read+0x10/0x10 [ 226.959555][ T7826] ksys_read+0x12b/0x250 [ 226.963826][ T7826] ? __pfx_ksys_read+0x10/0x10 [ 226.968634][ T7826] do_syscall_64+0xcd/0x250 [ 226.973183][ T7826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.979114][ T7826] RIP: 0033:0x7f9b91d8473c [ 226.983561][ T7826] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 227.003208][ T7826] RSP: 002b:00007f9b92c36030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 227.011662][ T7826] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d8473c [ 227.019663][ T7826] RDX: 000000000000000f RSI: 00007f9b92c360a0 RDI: 0000000000000004 [ 227.027669][ T7826] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 227.035670][ T7826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.043652][ T7826] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 227.051640][ T7826] [ 227.096704][ T7821] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 227.122842][ T7821] msr msr0: uevent: failed to send synthetic uevent: -22 [ 227.179260][ T7831] netlink: 28 bytes leftover after parsing attributes in process `syz.1.526'. [ 227.863066][ T7845] netlink: 28 bytes leftover after parsing attributes in process `syz.2.530'. [ 228.529530][ T7846] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 228.582887][ T7846] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 229.498422][ T7872] netlink: 28 bytes leftover after parsing attributes in process `syz.0.538'. [ 230.160106][ T7886] netlink: 28 bytes leftover after parsing attributes in process `syz.0.542'. [ 230.580817][ T7841] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 230.589293][ T7841] msr msr0: uevent: failed to send synthetic uevent: -22 [ 231.313839][ T7833] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 231.349692][ T7833] msr msr0: uevent: failed to send synthetic uevent: -22 [ 232.104660][ T7907] netlink: 28 bytes leftover after parsing attributes in process `syz.0.550'. [ 232.711197][ T7906] netlink: 8 bytes leftover after parsing attributes in process `syz.3.547'. [ 232.721096][ T7921] netlink: 28 bytes leftover after parsing attributes in process `syz.0.553'. [ 232.787819][ T7918] netlink: 8 bytes leftover after parsing attributes in process `syz.2.554'. [ 232.890257][ T7903] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 232.920007][ T7903] msr msr0: uevent: failed to send synthetic uevent: -22 [ 233.251554][ T7933] ubi0: attaching mtd0 [ 233.257100][ T7933] ubi0: scanning is finished [ 233.303781][ T7933] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 233.462578][ T7935] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 233.545649][ T7933] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 233.550073][ T7935] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 234.063268][ T7929] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 234.087074][ T7929] msr msr0: uevent: failed to send synthetic uevent: -22 [ 234.442843][ T7960] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 234.489746][ T7960] msr msr0: uevent: failed to send synthetic uevent: -22 [ 234.525979][ T7962] netlink: 28 bytes leftover after parsing attributes in process `syz.2.565'. [ 235.432482][ T7985] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 235.441029][ T7985] msr msr0: uevent: failed to send synthetic uevent: -22 [ 235.579478][ T7972] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 235.589672][ T7972] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 235.804429][ T29] audit: type=1800 audit(1734798040.268:3): pid=7990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.571" name="features" dev="configfs" ino=16708 res=0 errno=0 [ 235.836625][ T7972] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 235.861014][ T7972] msr msr0: uevent: failed to send synthetic uevent: -22 [ 236.344657][ T8004] ubi0: attaching mtd0 [ 236.385244][ T8004] ubi0: scanning is finished [ 236.469322][ T8004] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 236.500319][ T8002] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 236.518960][ T8002] msr msr0: uevent: failed to send synthetic uevent: -22 [ 236.785621][ T8004] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 237.796859][ T8025] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 238.190887][ T8031] FAULT_INJECTION: forcing a failure. [ 238.190887][ T8031] name failslab, interval 1, probability 0, space 0, times 0 [ 238.255362][ T8031] CPU: 1 UID: 0 PID: 8031 Comm: syz.2.581 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 238.266026][ T8031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 238.276114][ T8031] Call Trace: [ 238.279420][ T8031] [ 238.282372][ T8031] dump_stack_lvl+0x16c/0x1f0 [ 238.287087][ T8031] should_fail_ex+0x497/0x5b0 [ 238.291800][ T8031] ? fs_reclaim_acquire+0xae/0x150 [ 238.296947][ T8031] should_failslab+0xc2/0x120 [ 238.301659][ T8031] __kmalloc_cache_noprof+0x68/0x420 [ 238.306990][ T8031] mtdchar_ioctl+0xd7d/0x2050 [ 238.311703][ T8031] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 238.316848][ T8031] ? __mutex_trylock_common+0xea/0x250 [ 238.322340][ T8031] ? __pfx___mutex_trylock_common+0x10/0x10 [ 238.328260][ T8031] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 238.333670][ T8031] ? __mutex_lock+0x1cc/0xa60 [ 238.338380][ T8031] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 238.343784][ T8031] ? __pfx___mutex_lock+0x10/0x10 [ 238.348832][ T8031] ? __pfx_lock_release+0x10/0x10 [ 238.353881][ T8031] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 238.359085][ T8031] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 238.364991][ T8031] __x64_sys_ioctl+0x190/0x200 [ 238.369780][ T8031] do_syscall_64+0xcd/0x250 [ 238.374322][ T8031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.380239][ T8031] RIP: 0033:0x7f9b91d85d29 [ 238.384662][ T8031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.404281][ T8031] RSP: 002b:00007f9b92c36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 238.412701][ T8031] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d85d29 [ 238.420678][ T8031] RDX: 0000000000000008 RSI: 0000000040104d14 RDI: 0000000000000003 [ 238.428652][ T8031] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 238.436629][ T8031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 238.444602][ T8031] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 238.452595][ T8031] [ 239.233484][ T8036] netlink: 28 bytes leftover after parsing attributes in process `syz.1.583'. [ 240.198642][ T8042] netlink: 8 bytes leftover after parsing attributes in process `syz.1.584'. [ 240.466468][ T8013] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 240.499794][ T8013] msr msr0: uevent: failed to send synthetic uevent: -22 [ 242.058677][ T8054] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 242.073075][ T8054] msr msr0: uevent: failed to send synthetic uevent: -22 [ 242.359497][ T8070] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 242.408860][ T8070] msr msr0: uevent: failed to send synthetic uevent: -22 [ 243.040621][ T8087] netlink: 28 bytes leftover after parsing attributes in process `syz.0.596'. [ 243.101768][ T8087] veth0_macvtap: left promiscuous mode [ 243.108650][ T8087] macvtap0: entered allmulticast mode [ 243.198859][ T8076] netlink: 8 bytes leftover after parsing attributes in process `syz.3.592'. [ 243.390491][ T8091] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 243.414521][ T8076] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 243.424267][ T8076] msr msr0: uevent: failed to send synthetic uevent: -22 [ 244.336126][ T8096] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 244.364091][ T8096] msr msr0: uevent: failed to send synthetic uevent: -22 [ 244.377293][ T8108] netlink: 28 bytes leftover after parsing attributes in process `syz.2.601'. [ 244.559215][ T8113] netlink: 28 bytes leftover after parsing attributes in process `syz.0.602'. [ 244.751638][ T8112] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 244.779794][ T8112] msr msr0: uevent: failed to send synthetic uevent: -22 [ 245.085769][ T8119] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 245.129798][ T8119] msr msr0: uevent: failed to send synthetic uevent: -22 [ 245.336812][ T8125] netlink: 28 bytes leftover after parsing attributes in process `syz.3.609'. [ 245.456349][ T8125] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 245.491415][ T8125] msr msr0: uevent: failed to send synthetic uevent: -22 [ 245.654471][ T8128] netlink: 28 bytes leftover after parsing attributes in process `syz.1.607'. [ 245.934237][ T8136] FAULT_INJECTION: forcing a failure. [ 245.934237][ T8136] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 245.999815][ T8136] CPU: 1 UID: 0 PID: 8136 Comm: syz.2.611 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 246.010466][ T8136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 246.020546][ T8136] Call Trace: [ 246.023844][ T8136] [ 246.026798][ T8136] dump_stack_lvl+0x16c/0x1f0 [ 246.031513][ T8136] should_fail_ex+0x497/0x5b0 [ 246.036230][ T8136] _copy_to_user+0x32/0xd0 [ 246.040693][ T8136] simple_read_from_buffer+0xd0/0x160 [ 246.046118][ T8136] proc_fail_nth_read+0x198/0x270 [ 246.051185][ T8136] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 246.056779][ T8136] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 246.062363][ T8136] vfs_read+0x1df/0xbe0 [ 246.066548][ T8136] ? __fget_files+0x1fc/0x3a0 [ 246.071256][ T8136] ? __pfx___mutex_lock+0x10/0x10 [ 246.076312][ T8136] ? __pfx_vfs_read+0x10/0x10 [ 246.081027][ T8136] ? __fget_files+0x206/0x3a0 [ 246.085763][ T8136] ksys_read+0x12b/0x250 [ 246.090033][ T8136] ? __pfx_ksys_read+0x10/0x10 [ 246.094838][ T8136] do_syscall_64+0xcd/0x250 [ 246.099379][ T8136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.105305][ T8136] RIP: 0033:0x7f9b91d8473c [ 246.109743][ T8136] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 246.129383][ T8136] RSP: 002b:00007f9b92c36030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 246.137839][ T8136] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d8473c [ 246.145845][ T8136] RDX: 000000000000000f RSI: 00007f9b92c360a0 RDI: 0000000000000004 [ 246.153845][ T8136] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 246.161842][ T8136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 246.169840][ T8136] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 246.177858][ T8136] [ 246.191605][ T8130] Process accounting paused [ 247.222572][ T8153] netlink: 28 bytes leftover after parsing attributes in process `syz.3.616'. [ 247.557846][ T8156] netlink: 28 bytes leftover after parsing attributes in process `syz.1.617'. [ 248.746310][ T8182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.625'. [ 248.757100][ T8180] netlink: 28 bytes leftover after parsing attributes in process `syz.2.624'. [ 248.838987][ T8182] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 248.870328][ T8182] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 249.069824][ T8180] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode [ 249.157012][ T8180] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode [ 249.452733][ T8197] FAULT_INJECTION: forcing a failure. [ 249.452733][ T8197] name failslab, interval 1, probability 0, space 0, times 0 [ 249.495637][ T8197] CPU: 1 UID: 0 PID: 8197 Comm: syz.0.626 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 249.506300][ T8197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 249.516388][ T8197] Call Trace: [ 249.519692][ T8197] [ 249.522647][ T8197] dump_stack_lvl+0x16c/0x1f0 [ 249.527387][ T8197] should_fail_ex+0x497/0x5b0 [ 249.532102][ T8197] ? fs_reclaim_acquire+0xae/0x150 [ 249.537255][ T8197] should_failslab+0xc2/0x120 [ 249.541974][ T8197] __kmalloc_noprof+0xce/0x4f0 [ 249.546775][ T8197] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 249.552434][ T8197] ? tomoyo_realpath_from_path+0xbf/0x710 [ 249.558174][ T8197] tomoyo_realpath_from_path+0xbf/0x710 [ 249.563736][ T8197] ? tomoyo_path_number_perm+0x235/0x5b0 [ 249.569394][ T8197] tomoyo_path_number_perm+0x248/0x5b0 [ 249.574868][ T8197] ? tomoyo_path_number_perm+0x235/0x5b0 [ 249.580521][ T8197] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 249.586540][ T8197] ? __pfx_lock_release+0x10/0x10 [ 249.591570][ T8197] ? trace_lock_acquire+0x14e/0x1f0 [ 249.596787][ T8197] ? lock_acquire+0x2f/0xb0 [ 249.601296][ T8197] ? __fget_files+0x40/0x3a0 [ 249.605905][ T8197] ? __fget_files+0x206/0x3a0 [ 249.610594][ T8197] security_file_ioctl+0x9b/0x240 [ 249.615626][ T8197] __x64_sys_ioctl+0xb7/0x200 [ 249.620307][ T8197] do_syscall_64+0xcd/0x250 [ 249.624825][ T8197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.630736][ T8197] RIP: 0033:0x7ff3c9b85d29 [ 249.635159][ T8197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.654769][ T8197] RSP: 002b:00007ff3ca8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.663194][ T8197] RAX: ffffffffffffffda RBX: 00007ff3c9d75fa0 RCX: 00007ff3c9b85d29 [ 249.671167][ T8197] RDX: 00000000200001c0 RSI: ffffffffffeffd0f RDI: 0000000000000005 [ 249.679143][ T8197] RBP: 00007ff3ca8d9090 R08: 0000000000000000 R09: 0000000000000000 [ 249.687114][ T8197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 249.695085][ T8197] R13: 0000000000000000 R14: 00007ff3c9d75fa0 R15: 00007ffc8cef56c8 [ 249.703076][ T8197] [ 249.854025][ T8197] ERROR: Out of memory at tomoyo_realpath_from_path. [ 249.881714][ T8197] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(3036532188.4176638759.2875470168), cmd(15) [ 250.389986][ T8194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.627'. [ 250.925505][ T8201] [U]  [ 251.926314][ T8233] netlink: 28 bytes leftover after parsing attributes in process `syz.0.636'. [ 252.465251][ T8226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.634'. [ 253.373197][ T8252] netlink: 28 bytes leftover after parsing attributes in process `syz.2.639'. [ 253.385347][ T8256] netlink: 28 bytes leftover after parsing attributes in process `syz.0.641'. [ 253.756952][ T8264] ubi0: attaching mtd0 [ 253.785079][ T8264] ubi0: scanning is finished [ 253.815690][ T8264] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 253.823581][ T8254] netlink: 8 bytes leftover after parsing attributes in process `syz.1.640'. [ 254.077947][ T8264] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 254.783500][ T8284] netlink: 28 bytes leftover after parsing attributes in process `syz.0.648'. [ 254.991052][ T8291] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 255.257004][ T8296] netlink: 28 bytes leftover after parsing attributes in process `syz.2.652'. [ 255.523093][ T8298] netlink: 28 bytes leftover after parsing attributes in process `syz.2.654'. [ 256.058277][ T8313] netlink: 28 bytes leftover after parsing attributes in process `syz.2.656'. [ 257.074083][ T8328] netlink: 28 bytes leftover after parsing attributes in process `syz.2.661'. [ 258.012204][ T8343] netlink: 28 bytes leftover after parsing attributes in process `syz.0.665'. [ 258.320178][ T8346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.667'. [ 259.595484][ T8364] netlink: 28 bytes leftover after parsing attributes in process `syz.3.671'. [ 259.690764][ T8360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.678'. [ 260.724145][ T8384] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 261.182053][ T8374] kexec: Could not allocate control_code_buffer [ 261.585819][ T8402] ubi0: attaching mtd0 [ 261.592419][ T8402] ubi0: scanning is finished [ 261.600919][ T8402] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 261.772529][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.778863][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.796265][ T8402] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 262.378454][ T8396] netlink: 8 bytes leftover after parsing attributes in process `syz.0.680'. [ 262.849248][ T8427] ubi0: attaching mtd0 [ 262.866720][ T8427] ubi0: scanning is finished [ 262.882729][ T8427] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 263.100350][ T8427] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 263.840110][ T8441] netlink: 28 bytes leftover after parsing attributes in process `syz.3.690'. [ 264.168987][ T8447] netlink: 28 bytes leftover after parsing attributes in process `syz.3.692'. [ 265.390577][ T8472] netlink: 28 bytes leftover after parsing attributes in process `syz.3.700'. [ 265.515040][ T8474] ubi0: attaching mtd0 [ 265.521837][ T8464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.697'. [ 265.531446][ T8474] ubi0: scanning is finished [ 265.536110][ T8474] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 265.787879][ T8474] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 266.227371][ T8478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.701'. [ 266.868376][ T8490] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 266.947788][ T8490] netlink: 5 bytes leftover after parsing attributes in process `syz.3.705'. [ 267.312658][ T8504] netlink: 28 bytes leftover after parsing attributes in process `syz.0.709'. [ 267.670218][ T8511] netlink: 28 bytes leftover after parsing attributes in process `syz.0.713'. [ 268.297781][ T8535] netlink: 28 bytes leftover after parsing attributes in process `syz.0.717'. [ 268.657095][ T8543] ubi0: attaching mtd0 [ 268.731195][ T8542] netlink: 28 bytes leftover after parsing attributes in process `syz.2.721'. [ 268.743177][ T8543] ubi0: scanning is finished [ 268.747848][ T8543] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 269.021605][ T8543] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 269.563531][ T8560] netlink: 28 bytes leftover after parsing attributes in process `syz.2.726'. [ 269.885097][ T8564] netlink: 28 bytes leftover after parsing attributes in process `syz.2.728'. [ 270.969073][ T8588] ubi0: attaching mtd0 [ 270.997315][ T8588] ubi0: scanning is finished [ 271.016083][ T8588] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 272.211729][ T8588] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 272.230529][ T8601] netlink: 28 bytes leftover after parsing attributes in process `syz.3.739'. [ 272.250457][ T8585] ubi0: attaching mtd0 [ 272.255929][ T8585] ubi0: scanning is finished [ 272.341356][ T8585] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 272.500273][ T8585] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 272.631903][ T8608] netlink: 12 bytes leftover after parsing attributes in process `syz.2.742'. [ 273.125596][ T8617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.745'. [ 273.185315][ T8629] FAULT_INJECTION: forcing a failure. [ 273.185315][ T8629] name failslab, interval 1, probability 0, space 0, times 0 [ 273.209685][ T8629] CPU: 0 UID: 0 PID: 8629 Comm: syz.1.748 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 273.220343][ T8629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 273.230432][ T8629] Call Trace: [ 273.233742][ T8629] [ 273.236697][ T8629] dump_stack_lvl+0x16c/0x1f0 [ 273.241412][ T8629] should_fail_ex+0x497/0x5b0 [ 273.246126][ T8629] ? fs_reclaim_acquire+0xae/0x150 [ 273.251274][ T8629] should_failslab+0xc2/0x120 [ 273.255990][ T8629] __kmalloc_noprof+0xce/0x4f0 [ 273.260789][ T8629] ? d_absolute_path+0x137/0x1b0 [ 273.265773][ T8629] ? tomoyo_encode2+0x100/0x3e0 [ 273.270671][ T8629] tomoyo_encode2+0x100/0x3e0 [ 273.275386][ T8629] tomoyo_realpath_from_path+0x1a7/0x710 [ 273.281064][ T8629] tomoyo_path_number_perm+0x248/0x5b0 [ 273.286562][ T8629] ? tomoyo_path_number_perm+0x235/0x5b0 [ 273.292239][ T8629] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 273.298296][ T8629] ? __pfx_lock_release+0x10/0x10 [ 273.303350][ T8629] ? trace_lock_acquire+0x14e/0x1f0 [ 273.308590][ T8629] ? lock_acquire+0x2f/0xb0 [ 273.313120][ T8629] ? __fget_files+0x40/0x3a0 [ 273.317748][ T8629] ? __fget_files+0x206/0x3a0 [ 273.322472][ T8629] security_file_ioctl+0x9b/0x240 [ 273.327525][ T8629] __x64_sys_ioctl+0xb7/0x200 [ 273.332232][ T8629] do_syscall_64+0xcd/0x250 [ 273.336778][ T8629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.342709][ T8629] RIP: 0033:0x7fda38185d29 [ 273.347149][ T8629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.366791][ T8629] RSP: 002b:00007fda39014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.375257][ T8629] RAX: ffffffffffffffda RBX: 00007fda38375fa0 RCX: 00007fda38185d29 [ 273.383267][ T8629] RDX: 0000000000000008 RSI: 00000000c0104d04 RDI: 0000000000000003 [ 273.391275][ T8629] RBP: 00007fda39014090 R08: 0000000000000000 R09: 0000000000000000 [ 273.399277][ T8629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.407284][ T8629] R13: 0000000000000000 R14: 00007fda38375fa0 R15: 00007ffc6ab845d8 [ 273.415314][ T8629] [ 273.467309][ T8620] netlink: 8 bytes leftover after parsing attributes in process `syz.0.746'. [ 273.503269][ T8629] ERROR: Out of memory at tomoyo_realpath_from_path. [ 273.810961][ T8635] ubi0: attaching mtd0 [ 273.912945][ T8635] ubi0: scanning is finished [ 273.918951][ T8635] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 274.071625][ T8643] FAULT_INJECTION: forcing a failure. [ 274.071625][ T8643] name failslab, interval 1, probability 0, space 0, times 0 [ 274.089632][ T8643] CPU: 1 UID: 0 PID: 8643 Comm: syz.1.751 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 274.100301][ T8643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 274.110389][ T8643] Call Trace: [ 274.113698][ T8643] [ 274.116654][ T8643] dump_stack_lvl+0x16c/0x1f0 [ 274.121375][ T8643] should_fail_ex+0x497/0x5b0 [ 274.126095][ T8643] ? fs_reclaim_acquire+0xae/0x150 [ 274.131245][ T8643] should_failslab+0xc2/0x120 [ 274.135954][ T8643] __kmalloc_node_noprof+0xd1/0x520 [ 274.141170][ T8643] ? __pfx___mutex_lock+0x10/0x10 [ 274.146204][ T8643] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 274.151706][ T8643] __kvmalloc_node_noprof+0xad/0x1a0 [ 274.157003][ T8643] traverse.part.0.constprop.0+0x392/0x640 [ 274.162833][ T8643] ? __pfx_lock_release+0x10/0x10 [ 274.167867][ T8643] seq_read_iter+0x934/0x12b0 [ 274.172562][ T8643] seq_read+0x39f/0x4e0 [ 274.176724][ T8643] ? __pfx_seq_read+0x10/0x10 [ 274.181423][ T8643] ? __pfx_seq_read+0x10/0x10 [ 274.186107][ T8643] proc_reg_read+0x23d/0x330 [ 274.190704][ T8643] ? __pfx_proc_reg_read+0x10/0x10 [ 274.195825][ T8643] vfs_read+0x1df/0xbe0 [ 274.199993][ T8643] ? __fget_files+0x1fc/0x3a0 [ 274.204684][ T8643] ? __pfx_lock_release+0x10/0x10 [ 274.209714][ T8643] ? __pfx_vfs_read+0x10/0x10 [ 274.214401][ T8643] ? lock_acquire+0x2f/0xb0 [ 274.218903][ T8643] ? __fget_files+0x40/0x3a0 [ 274.223506][ T8643] ? __fget_files+0x206/0x3a0 [ 274.228202][ T8643] __x64_sys_pread64+0x1f6/0x250 [ 274.233149][ T8643] ? __pfx___x64_sys_pread64+0x10/0x10 [ 274.238622][ T8643] do_syscall_64+0xcd/0x250 [ 274.243137][ T8643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.249039][ T8643] RIP: 0033:0x7fda38185d29 [ 274.253457][ T8643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.273069][ T8643] RSP: 002b:00007fda39014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 274.281487][ T8643] RAX: ffffffffffffffda RBX: 00007fda38375fa0 RCX: 00007fda38185d29 [ 274.289459][ T8643] RDX: 0000000000000037 RSI: 0000000020003380 RDI: 0000000000000003 [ 274.297431][ T8643] RBP: 00007fda39014090 R08: 0000000000000000 R09: 0000000000000000 [ 274.305404][ T8643] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 274.313381][ T8643] R13: 0000000000000000 R14: 00007fda38375fa0 R15: 00007ffc6ab845d8 [ 274.321371][ T8643] [ 274.511245][ T8635] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 275.515209][ T8670] ubi0: attaching mtd0 [ 275.550508][ T8670] ubi0: scanning is finished [ 275.555204][ T8670] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 275.593387][ T8660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.760'. [ 275.730396][ T8670] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 275.928434][ T8677] netlink: 28 bytes leftover after parsing attributes in process `syz.2.766'. [ 276.032946][ T8679] netlink: 28 bytes leftover after parsing attributes in process `syz.0.767'. [ 276.182763][ T8681] FAULT_INJECTION: forcing a failure. [ 276.182763][ T8681] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 276.207463][ T8681] CPU: 0 UID: 0 PID: 8681 Comm: syz.0.768 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 276.218116][ T8681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 276.228200][ T8681] Call Trace: [ 276.231500][ T8681] [ 276.234458][ T8681] dump_stack_lvl+0x16c/0x1f0 [ 276.239190][ T8681] should_fail_ex+0x497/0x5b0 [ 276.243906][ T8681] _copy_to_iter+0x4a5/0x1400 [ 276.248719][ T8681] ? __pfx__copy_to_iter+0x10/0x10 [ 276.253865][ T8681] ? __virt_addr_valid+0x1a4/0x590 [ 276.259016][ T8681] ? __virt_addr_valid+0x5e/0x590 [ 276.264068][ T8681] ? __phys_addr_symbol+0x30/0x80 [ 276.269104][ T8681] ? __check_object_size+0x488/0x710 [ 276.274406][ T8681] seq_read_iter+0x725/0x12b0 [ 276.279101][ T8681] seq_read+0x39f/0x4e0 [ 276.283259][ T8681] ? __pfx_seq_read+0x10/0x10 [ 276.287956][ T8681] ? __pfx_seq_read+0x10/0x10 [ 276.292637][ T8681] proc_reg_read+0x23d/0x330 [ 276.297407][ T8681] ? __pfx_proc_reg_read+0x10/0x10 [ 276.302525][ T8681] vfs_read+0x1df/0xbe0 [ 276.306691][ T8681] ? __fget_files+0x1fc/0x3a0 [ 276.311380][ T8681] ? __pfx_lock_release+0x10/0x10 [ 276.316410][ T8681] ? __pfx_vfs_read+0x10/0x10 [ 276.321094][ T8681] ? lock_acquire+0x2f/0xb0 [ 276.325599][ T8681] ? __fget_files+0x40/0x3a0 [ 276.330206][ T8681] ? __fget_files+0x206/0x3a0 [ 276.334896][ T8681] __x64_sys_pread64+0x1f6/0x250 [ 276.339840][ T8681] ? __pfx___x64_sys_pread64+0x10/0x10 [ 276.345314][ T8681] do_syscall_64+0xcd/0x250 [ 276.349840][ T8681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.355753][ T8681] RIP: 0033:0x7ff3c9b85d29 [ 276.360179][ T8681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.379793][ T8681] RSP: 002b:00007ff3ca8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 276.388211][ T8681] RAX: ffffffffffffffda RBX: 00007ff3c9d75fa0 RCX: 00007ff3c9b85d29 [ 276.396185][ T8681] RDX: 0000000000000037 RSI: 0000000020003380 RDI: 0000000000000003 [ 276.404160][ T8681] RBP: 00007ff3ca8d9090 R08: 0000000000000000 R09: 0000000000000000 [ 276.412134][ T8681] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 276.420108][ T8681] R13: 0000000000000000 R14: 00007ff3c9d75fa0 R15: 00007ffc8cef56c8 [ 276.428092][ T8681] [ 276.732206][ T8685] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 276.765705][ T8687] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 276.827348][ T8627] Process accounting resumed [ 276.836648][ T8627] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 276.873008][ T8627] msr msr0: uevent: failed to send synthetic uevent: -22 [ 277.232088][ T29] audit: type=1800 audit(1734798081.698:4): pid=8693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.774" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 277.305928][ T8698] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 277.346063][ T8698] msr msr0: uevent: failed to send synthetic uevent: -22 [ 277.538805][ T8700] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 277.564350][ T8700] msr msr0: uevent: failed to send synthetic uevent: -22 [ 277.927142][ T8710] ubi0: attaching mtd0 [ 277.951471][ T8712] FAULT_INJECTION: forcing a failure. [ 277.951471][ T8712] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 277.970668][ T8710] ubi0: scanning is finished [ 277.975337][ T8710] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 278.004332][ T8712] CPU: 0 UID: 0 PID: 8712 Comm: syz.1.780 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 278.014992][ T8712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 278.025082][ T8712] Call Trace: [ 278.028383][ T8712] [ 278.031334][ T8712] dump_stack_lvl+0x16c/0x1f0 [ 278.036042][ T8712] should_fail_ex+0x497/0x5b0 [ 278.040765][ T8712] _copy_to_user+0x32/0xd0 [ 278.045225][ T8712] simple_read_from_buffer+0xd0/0x160 [ 278.050645][ T8712] proc_fail_nth_read+0x198/0x270 [ 278.052450][ T8709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 278.055692][ T8712] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 278.055737][ T8712] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 278.075344][ T8712] vfs_read+0x1df/0xbe0 [ 278.079535][ T8712] ? __fget_files+0x1fc/0x3a0 [ 278.084241][ T8712] ? __pfx___mutex_lock+0x10/0x10 [ 278.089303][ T8712] ? __pfx_vfs_read+0x10/0x10 [ 278.094030][ T8712] ? __fget_files+0x206/0x3a0 [ 278.098762][ T8712] ksys_read+0x12b/0x250 [ 278.103037][ T8712] ? __pfx_ksys_read+0x10/0x10 [ 278.107844][ T8712] do_syscall_64+0xcd/0x250 [ 278.112386][ T8712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.118299][ T8712] RIP: 0033:0x7fda3818473c [ 278.122725][ T8712] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 278.142356][ T8712] RSP: 002b:00007fda39014030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 278.150780][ T8712] RAX: ffffffffffffffda RBX: 00007fda38375fa0 RCX: 00007fda3818473c [ 278.158760][ T8712] RDX: 000000000000000f RSI: 00007fda390140a0 RDI: 0000000000000004 [ 278.166732][ T8712] RBP: 00007fda39014090 R08: 0000000000000000 R09: 0000000000000000 [ 278.174710][ T8712] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 278.182685][ T8712] R13: 0000000000000000 R14: 00007fda38375fa0 R15: 00007ffc6ab845d8 [ 278.190674][ T8712] [ 278.231054][ T8709] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 278.397006][ T8710] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 278.455740][ T8708] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 278.479187][ T8708] msr msr0: uevent: failed to send synthetic uevent: -22 [ 278.695779][ T8714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.781'. [ 279.100953][ T8732] netlink: 'syz.2.785': attribute type 2 has an invalid length. [ 279.170762][ T8732] netlink: 674 bytes leftover after parsing attributes in process `syz.2.785'. [ 279.193654][ T8727] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 279.281146][ T8727] msr msr0: uevent: failed to send synthetic uevent: -22 [ 279.739026][ T8738] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 279.839056][ T8738] msr msr0: uevent: failed to send synthetic uevent: -22 [ 279.927358][ T8618] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 279.951773][ T8618] msr msr0: uevent: failed to send synthetic uevent: -22 [ 280.306771][ T8745] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 280.352079][ T8745] msr msr0: uevent: failed to send synthetic uevent: -22 [ 280.450701][ T8754] netlink: 28 bytes leftover after parsing attributes in process `syz.2.791'. [ 280.560166][ T8754] veth1_macvtap: left promiscuous mode [ 280.565708][ T8754] macsec0: entered allmulticast mode [ 280.611809][ T8758] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000008001 [ 281.203113][ T8770] netlink: 4755 bytes leftover after parsing attributes in process `syz.0.796'. [ 281.223452][ T8763] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 281.256050][ T8763] msr msr0: uevent: failed to send synthetic uevent: -22 [ 281.523239][ T8756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.793'. [ 282.483883][ T8794] netlink: 28 bytes leftover after parsing attributes in process `syz.2.803'. [ 282.854187][ T8798] netlink: 28 bytes leftover after parsing attributes in process `syz.2.804'. [ 283.151302][ T8796] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 283.199006][ T8796] msr msr0: uevent: failed to send synthetic uevent: -22 [ 283.673746][ T8802] netlink: 28 bytes leftover after parsing attributes in process `syz.2.805'. [ 283.755505][ T8792] netlink: 8 bytes leftover after parsing attributes in process `syz.1.802'. [ 283.854544][ T8801] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 283.969598][ T8801] msr msr0: uevent: failed to send synthetic uevent: -22 [ 284.503069][ T8807] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 284.570323][ T8807] msr msr0: uevent: failed to send synthetic uevent: -22 [ 284.977989][ T8826] netlink: 28 bytes leftover after parsing attributes in process `syz.0.814'. [ 284.987324][ T8820] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 285.059985][ T8820] msr msr0: uevent: failed to send synthetic uevent: -22 [ 285.078004][ T8638] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 285.149668][ T8638] msr msr0: uevent: failed to send synthetic uevent: -22 [ 285.400496][ T8830] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 285.408925][ T8830] msr msr0: uevent: failed to send synthetic uevent: -22 [ 285.907206][ T8842] ubi0: attaching mtd0 [ 285.926205][ T8842] ubi0: scanning is finished [ 285.949628][ T8842] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 286.438949][ T8842] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 286.559638][ T8850] ubi0: attaching mtd0 [ 286.564871][ T8850] ubi0: scanning is finished [ 286.629742][ T8850] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 286.731645][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.0.818'. [ 286.915883][ T8838] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 286.972282][ T8838] msr msr0: uevent: failed to send synthetic uevent: -22 [ 287.070630][ T8850] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 287.498443][ T8858] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 287.533899][ T8858] msr msr0: uevent: failed to send synthetic uevent: -22 [ 287.609966][ T8859] netlink: 28 bytes leftover after parsing attributes in process `syz.1.824'. [ 287.748953][ T8867] netlink: 28 bytes leftover after parsing attributes in process `syz.3.828'. [ 287.866948][ T8867] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 287.896859][ T8867] msr msr0: uevent: failed to send synthetic uevent: -22 [ 288.165411][ T8869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.830'. [ 288.243062][ T8875] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 288.259712][ T8875] msr msr0: uevent: failed to send synthetic uevent: -22 [ 288.598408][ T8883] ubi0: attaching mtd0 [ 288.635569][ T8883] ubi0: scanning is finished [ 288.658665][ T8883] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 288.950722][ T8883] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 289.389422][ T8879] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 289.419453][ T8879] msr msr0: uevent: failed to send synthetic uevent: -22 [ 289.666760][ T8886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.835'. [ 289.705465][ T8910] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 289.726709][ T8910] msr msr0: uevent: failed to send synthetic uevent: -22 [ 289.958467][ T8915] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 290.001104][ T8915] msr msr0: uevent: failed to send synthetic uevent: -22 [ 290.227747][ T8923] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 290.236440][ T8923] msr msr0: uevent: failed to send synthetic uevent: -22 [ 290.472958][ T8934] ubi0: attaching mtd0 [ 290.479964][ T8934] ubi0: scanning is finished [ 290.504643][ T8934] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 290.717637][ T8934] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 291.356957][ T8930] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 291.435213][ T8930] msr msr0: uevent: failed to send synthetic uevent: -22 [ 291.865383][ T8957] ubi0: attaching mtd0 [ 291.874895][ T8957] ubi0: scanning is finished [ 291.902660][ T8957] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 292.170594][ T8957] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 292.310458][ T8953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.852'. [ 292.428153][ T8952] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 292.436777][ T8952] msr msr0: uevent: failed to send synthetic uevent: -22 [ 292.666687][ T8966] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 292.689688][ T8966] msr msr0: uevent: failed to send synthetic uevent: -22 [ 293.187489][ T8983] netlink: 28 bytes leftover after parsing attributes in process `syz.2.861'. [ 293.214266][ T8985] netlink: 28 bytes leftover after parsing attributes in process `syz.0.862'. [ 293.386346][ T8990] FAULT_INJECTION: forcing a failure. [ 293.386346][ T8990] name failslab, interval 1, probability 0, space 0, times 0 [ 293.428465][ T8990] CPU: 1 UID: 0 PID: 8990 Comm: syz.0.864 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 293.439121][ T8990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 293.449203][ T8990] Call Trace: [ 293.452505][ T8990] [ 293.455461][ T8990] dump_stack_lvl+0x16c/0x1f0 [ 293.460176][ T8990] should_fail_ex+0x497/0x5b0 [ 293.464884][ T8990] ? fs_reclaim_acquire+0xae/0x150 [ 293.470029][ T8990] should_failslab+0xc2/0x120 [ 293.474748][ T8990] __kmalloc_noprof+0xce/0x4f0 [ 293.479547][ T8990] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 293.485202][ T8990] ? tomoyo_realpath_from_path+0xbf/0x710 [ 293.490961][ T8990] tomoyo_realpath_from_path+0xbf/0x710 [ 293.496541][ T8990] ? tomoyo_path_number_perm+0x235/0x5b0 [ 293.502223][ T8990] tomoyo_path_number_perm+0x248/0x5b0 [ 293.507721][ T8990] ? tomoyo_path_number_perm+0x235/0x5b0 [ 293.513393][ T8990] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 293.519446][ T8990] ? __pfx_lock_release+0x10/0x10 [ 293.524492][ T8990] ? trace_lock_acquire+0x14e/0x1f0 [ 293.529728][ T8990] ? lock_acquire+0x2f/0xb0 [ 293.534263][ T8990] ? __fget_files+0x40/0x3a0 [ 293.538895][ T8990] ? __fget_files+0x206/0x3a0 [ 293.543613][ T8990] security_file_ioctl+0x9b/0x240 [ 293.548667][ T8990] __x64_sys_ioctl+0xb7/0x200 [ 293.553374][ T8990] do_syscall_64+0xcd/0x250 [ 293.557929][ T8990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.563860][ T8990] RIP: 0033:0x7ff3c9b85d29 [ 293.568300][ T8990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.587943][ T8990] RSP: 002b:00007ff3ca8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 293.596407][ T8990] RAX: ffffffffffffffda RBX: 00007ff3c9d75fa0 RCX: 00007ff3c9b85d29 [ 293.604420][ T8990] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 0000000000000003 [ 293.612422][ T8990] RBP: 00007ff3ca8d9090 R08: 0000000000000000 R09: 0000000000000000 [ 293.620427][ T8990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 293.628514][ T8990] R13: 0000000000000000 R14: 00007ff3c9d75fa0 R15: 00007ffc8cef56c8 [ 293.636538][ T8990] [ 293.679804][ T8990] ERROR: Out of memory at tomoyo_realpath_from_path. [ 293.941919][ T8967] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 293.950633][ T8967] msr msr0: uevent: failed to send synthetic uevent: -22 [ 294.072230][ T9007] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 294.089690][ T9007] msr msr0: uevent: failed to send synthetic uevent: -22 [ 294.158570][ T9010] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 294.167034][ T9010] msr msr0: uevent: failed to send synthetic uevent: -22 [ 294.238948][ T9013] netlink: 28 bytes leftover after parsing attributes in process `syz.3.872'. [ 294.330302][ T9015] netlink: 28 bytes leftover after parsing attributes in process `syz.0.871'. [ 294.361117][ T9012] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 294.371336][ T9012] msr msr0: uevent: failed to send synthetic uevent: -22 [ 294.692914][ T9026] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 294.784302][ T9021] netlink: 8 bytes leftover after parsing attributes in process `syz.0.874'. [ 295.071964][ T9027] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 295.106109][ T9027] msr msr0: uevent: failed to send synthetic uevent: -22 [ 295.371905][ T9040] FAULT_INJECTION: forcing a failure. [ 295.371905][ T9040] name failslab, interval 1, probability 0, space 0, times 0 [ 295.434613][ T9040] CPU: 1 UID: 0 PID: 9040 Comm: syz.0.880 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 295.440066][ T9042] netlink: 28 bytes leftover after parsing attributes in process `syz.2.882'. [ 295.445254][ T9040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 295.445287][ T9040] Call Trace: [ 295.445296][ T9040] [ 295.470458][ T9040] dump_stack_lvl+0x16c/0x1f0 [ 295.470496][ T9040] should_fail_ex+0x497/0x5b0 [ 295.470525][ T9040] ? fs_reclaim_acquire+0xae/0x150 [ 295.470556][ T9040] should_failslab+0xc2/0x120 [ 295.470590][ T9040] __kmalloc_noprof+0xce/0x4f0 [ 295.470620][ T9040] ? d_absolute_path+0x137/0x1b0 [ 295.470654][ T9040] ? tomoyo_encode2+0x100/0x3e0 [ 295.470688][ T9040] tomoyo_encode2+0x100/0x3e0 [ 295.470719][ T9040] tomoyo_realpath_from_path+0x1a7/0x710 [ 295.470757][ T9040] tomoyo_path_number_perm+0x248/0x5b0 [ 295.520188][ T9040] ? tomoyo_path_number_perm+0x235/0x5b0 [ 295.525892][ T9040] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 295.525968][ T9040] ? __pfx_lock_release+0x10/0x10 [ 295.525992][ T9040] ? trace_lock_acquire+0x14e/0x1f0 [ 295.526029][ T9040] ? lock_acquire+0x2f/0xb0 [ 295.526051][ T9040] ? __fget_files+0x40/0x3a0 [ 295.526084][ T9040] ? __fget_files+0x206/0x3a0 [ 295.526118][ T9040] security_file_ioctl+0x9b/0x240 [ 295.526147][ T9040] __x64_sys_ioctl+0xb7/0x200 [ 295.526176][ T9040] do_syscall_64+0xcd/0x250 [ 295.526209][ T9040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.526240][ T9040] RIP: 0033:0x7ff3c9b85d29 [ 295.526262][ T9040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.526285][ T9040] RSP: 002b:00007ff3ca8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 295.526318][ T9040] RAX: ffffffffffffffda RBX: 00007ff3c9d75fa0 RCX: 00007ff3c9b85d29 [ 295.526337][ T9040] RDX: 0000000000000008 RSI: 00000000c0304d18 RDI: 0000000000000003 [ 295.526354][ T9040] RBP: 00007ff3ca8d9090 R08: 0000000000000000 R09: 0000000000000000 [ 295.526371][ T9040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 295.526387][ T9040] R13: 0000000000000000 R14: 00007ff3c9d75fa0 R15: 00007ffc8cef56c8 [ 295.526422][ T9040] [ 295.556499][ T9040] ERROR: Out of memory at tomoyo_realpath_from_path. [ 295.828303][ T9051] netlink: 28 bytes leftover after parsing attributes in process `syz.2.885'. [ 296.051279][ T9036] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 296.059995][ T9036] msr msr0: uevent: failed to send synthetic uevent: -22 [ 296.195879][ T9058] netlink: 28 bytes leftover after parsing attributes in process `syz.3.887'. [ 296.313370][ T9058] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 296.360065][ T9058] msr msr0: uevent: failed to send synthetic uevent: -22 [ 296.398839][ T9056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.886'. [ 296.551618][ T9066] ubi0: attaching mtd0 [ 296.556828][ T9066] ubi0: scanning is finished [ 296.592190][ T9066] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 296.770953][ T9066] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 297.655858][ T9064] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 297.701431][ T9064] msr msr0: uevent: failed to send synthetic uevent: -22 [ 297.737582][ T9083] netlink: 28 bytes leftover after parsing attributes in process `syz.1.894'. [ 297.766550][ T9086] FAULT_INJECTION: forcing a failure. [ 297.766550][ T9086] name failslab, interval 1, probability 0, space 0, times 0 [ 297.818947][ T9086] CPU: 0 UID: 0 PID: 9086 Comm: syz.2.896 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 297.829609][ T9086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 297.839696][ T9086] Call Trace: [ 297.842993][ T9086] [ 297.845942][ T9086] dump_stack_lvl+0x16c/0x1f0 [ 297.850658][ T9086] should_fail_ex+0x497/0x5b0 [ 297.855372][ T9086] ? fs_reclaim_acquire+0xae/0x150 [ 297.857656][ T9087] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 297.860501][ T9086] should_failslab+0xc2/0x120 [ 297.860537][ T9086] __kmalloc_noprof+0xce/0x4f0 [ 297.860566][ T9086] ? d_absolute_path+0x137/0x1b0 [ 297.877559][ T9087] msr msr0: uevent: failed to send synthetic uevent: -22 [ 297.878288][ T9086] ? tomoyo_encode2+0x100/0x3e0 [ 297.895137][ T9086] tomoyo_encode2+0x100/0x3e0 [ 297.899857][ T9086] tomoyo_realpath_from_path+0x1a7/0x710 [ 297.905536][ T9086] tomoyo_path_number_perm+0x248/0x5b0 [ 297.911036][ T9086] ? tomoyo_path_number_perm+0x235/0x5b0 [ 297.916718][ T9086] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 297.922772][ T9086] ? __pfx_lock_release+0x10/0x10 [ 297.927827][ T9086] ? trace_lock_acquire+0x14e/0x1f0 [ 297.933057][ T9086] ? lock_acquire+0x2f/0xb0 [ 297.937587][ T9086] ? __fget_files+0x40/0x3a0 [ 297.942218][ T9086] ? __fget_files+0x206/0x3a0 [ 297.946937][ T9086] security_file_ioctl+0x9b/0x240 [ 297.951995][ T9086] __x64_sys_ioctl+0xb7/0x200 [ 297.956703][ T9086] do_syscall_64+0xcd/0x250 [ 297.961239][ T9086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.967171][ T9086] RIP: 0033:0x7f9b91d85d29 [ 297.971612][ T9086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.991258][ T9086] RSP: 002b:00007f9b92c36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 297.999711][ T9086] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d85d29 [ 298.007715][ T9086] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 0000000000000003 [ 298.015706][ T9086] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 298.023710][ T9086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 298.031706][ T9086] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 298.039724][ T9086] [ 298.065977][ T9086] ERROR: Out of memory at tomoyo_realpath_from_path. [ 298.358792][ T9102] ubi0: attaching mtd0 [ 298.393188][ T9102] ubi0: scanning is finished [ 298.420326][ T9102] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 298.620890][ T9102] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 298.997459][ T9103] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 299.042942][ T9103] msr msr0: uevent: failed to send synthetic uevent: -22 [ 299.211810][ T9114] netlink: 28 bytes leftover after parsing attributes in process `syz.1.902'. [ 299.473983][ T9116] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 299.499659][ T9116] msr msr0: uevent: failed to send synthetic uevent: -22 [ 299.835845][ T9130] ubi0: attaching mtd0 [ 299.858731][ T9130] ubi0: scanning is finished [ 299.888752][ T9130] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 300.187925][ T9130] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 300.349670][ T9137] ubi0: attaching mtd0 [ 300.400777][ T9137] ubi0: scanning is finished [ 300.420062][ T9137] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 300.591010][ T9137] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 300.780640][ T9142] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 301.118235][ T9150] FAULT_INJECTION: forcing a failure. [ 301.118235][ T9150] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 301.184109][ T9150] CPU: 0 UID: 0 PID: 9150 Comm: syz.0.911 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 301.194764][ T9150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 301.204838][ T9150] Call Trace: [ 301.208125][ T9150] [ 301.211059][ T9150] dump_stack_lvl+0x16c/0x1f0 [ 301.215749][ T9150] should_fail_ex+0x497/0x5b0 [ 301.220440][ T9150] _copy_from_user+0x2e/0xd0 [ 301.225040][ T9150] mtdchar_write_ioctl+0xd9/0x9c0 [ 301.230079][ T9150] ? __pfx_mtdchar_write_ioctl+0x10/0x10 [ 301.235724][ T9150] ? hlock_class+0x4e/0x130 [ 301.240245][ T9150] ? __lock_acquire+0x15a9/0x3c40 [ 301.245303][ T9150] mtdchar_ioctl+0x12d0/0x2050 [ 301.250075][ T9150] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 301.255193][ T9150] ? __mutex_trylock_common+0xea/0x250 [ 301.260656][ T9150] ? __pfx___mutex_trylock_common+0x10/0x10 [ 301.266549][ T9150] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 301.271932][ T9150] ? __mutex_lock+0x1cc/0xa60 [ 301.276620][ T9150] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 301.281996][ T9150] ? __pfx___mutex_lock+0x10/0x10 [ 301.287024][ T9150] ? __pfx_lock_release+0x10/0x10 [ 301.292065][ T9150] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 301.297268][ T9150] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 301.303165][ T9150] __x64_sys_ioctl+0x190/0x200 [ 301.307935][ T9150] do_syscall_64+0xcd/0x250 [ 301.312450][ T9150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.318347][ T9150] RIP: 0033:0x7ff3c9b85d29 [ 301.322761][ T9150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.342377][ T9150] RSP: 002b:00007ff3ca8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 301.350796][ T9150] RAX: ffffffffffffffda RBX: 00007ff3c9d75fa0 RCX: 00007ff3c9b85d29 [ 301.358767][ T9150] RDX: 0000000000000008 RSI: 00000000c0304d18 RDI: 0000000000000003 [ 301.366736][ T9150] RBP: 00007ff3ca8d9090 R08: 0000000000000000 R09: 0000000000000000 [ 301.374706][ T9150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.382673][ T9150] R13: 0000000000000000 R14: 00007ff3c9d75fa0 R15: 00007ffc8cef56c8 [ 301.390660][ T9150] [ 301.486570][ T9125] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 301.510367][ T9125] msr msr0: uevent: failed to send synthetic uevent: -22 [ 301.615245][ T9154] netlink: 28 bytes leftover after parsing attributes in process `syz.1.913'. [ 301.678828][ T9155] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 301.719743][ T9155] msr msr0: uevent: failed to send synthetic uevent: -22 [ 301.783528][ T9161] netlink: 28 bytes leftover after parsing attributes in process `syz.0.915'. [ 301.875306][ T9163] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 301.894131][ T9163] msr msr0: uevent: failed to send synthetic uevent: -22 [ 302.043411][ T9167] netlink: 28 bytes leftover after parsing attributes in process `syz.3.919'. [ 302.109411][ T9167] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 302.133703][ T9167] msr msr0: uevent: failed to send synthetic uevent: -22 [ 302.943085][ T9181] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 302.960008][ T9181] msr msr0: uevent: failed to send synthetic uevent: -22 [ 302.969129][ T9197] netlink: 28 bytes leftover after parsing attributes in process `syz.0.925'. [ 303.173607][ T9202] netlink: 28 bytes leftover after parsing attributes in process `syz.3.927'. [ 303.296548][ T9203] ubi0: attaching mtd0 [ 303.320911][ T9203] ubi0: scanning is finished [ 303.339731][ T9203] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 303.397574][ T9202] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 303.437306][ T9202] msr msr0: uevent: failed to send synthetic uevent: -22 [ 303.482889][ T9203] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 303.728849][ T9209] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 303.756872][ T9209] msr msr0: uevent: failed to send synthetic uevent: -22 [ 303.961507][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.0.928'. [ 304.309656][ T9213] netlink: 28 bytes leftover after parsing attributes in process `syz.2.931'. [ 304.332225][ T9216] netlink: 28 bytes leftover after parsing attributes in process `syz.1.930'. [ 304.379110][ T9214] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 304.408479][ T9214] msr msr0: uevent: failed to send synthetic uevent: -22 [ 304.593036][ T9223] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 304.684843][ T9223] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 304.709757][ T9223] msr msr0: uevent: failed to send synthetic uevent: -22 [ 304.954918][ T9231] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 305.025185][ T9231] msr msr0: uevent: failed to send synthetic uevent: -22 [ 305.340039][ T9237] netlink: 8 bytes leftover after parsing attributes in process `syz.2.940'. [ 305.493271][ T9248] ubi0: attaching mtd0 [ 305.541651][ T9248] ubi0: scanning is finished [ 305.598767][ T9248] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 305.666371][ T9250] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 305.704563][ T9250] msr msr0: uevent: failed to send synthetic uevent: -22 [ 305.969623][ T9258] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 305.993837][ T9258] msr msr0: uevent: failed to send synthetic uevent: -22 [ 306.014323][ T9248] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 306.265006][ T9266] synth uevent: /devices/virtual/msr/msr0: unknown uevent action string [ 306.303639][ T9266] msr msr0: uevent: failed to send synthetic uevent: -22 [ 307.184837][ T9270] netlink: 8 bytes leftover after parsing attributes in process `syz.3.949'. [ 307.313603][ T9273] Process accounting paused [ 307.620923][ T9289] ubi0: attaching mtd0 [ 307.627131][ T9289] ubi0: scanning is finished [ 307.669686][ T9289] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 308.079324][ T9289] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 308.859621][ T9314] netlink: 28 bytes leftover after parsing attributes in process `syz.0.961'. [ 309.114090][ T9319] netlink: 28 bytes leftover after parsing attributes in process `syz.2.962'. [ 309.122941][ T9322] netlink: 28 bytes leftover after parsing attributes in process `syz.0.964'. [ 309.924249][ T9335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'. [ 310.211238][ T9345] ubi0: attaching mtd0 [ 310.236299][ T9345] ubi0: scanning is finished [ 310.241171][ T9345] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 310.423318][ T9345] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 311.834413][ T9385] ubi0: attaching mtd0 [ 311.890855][ T9385] ubi0: scanning is finished [ 311.895549][ T9385] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 312.415832][ T9385] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 312.620789][ T9395] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 312.889811][ T9401] netlink: 28 bytes leftover after parsing attributes in process `syz.0.982'. [ 313.794996][ T9418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.989'. [ 314.551091][ T9435] ubi0: attaching mtd0 [ 314.556278][ T9435] ubi0: scanning is finished [ 314.597449][ T9435] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 314.721862][ T9431] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(15) [ 314.848542][ T9435] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 314.983221][ T9437] ubi0: attaching mtd0 [ 314.988401][ T9437] ubi0: scanning is finished [ 315.194618][ T9437] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 315.510362][ T9437] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 316.867319][ T9479] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1005'. [ 317.190375][ T9483] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1006'. [ 317.321576][ T9468] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1000'. [ 317.331562][ T9480] ima: policy update failed [ 317.356656][ T29] audit: type=1802 audit(1734798121.798:5): pid=9480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1003" res=0 errno=0 [ 317.545792][ T9491] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1007'. [ 318.036616][ T9503] ubi0: attaching mtd0 [ 318.065923][ T9503] ubi0: scanning is finished [ 318.098160][ T9503] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 318.321083][ T9509] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1014'. [ 318.545780][ T9503] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 319.074293][ T9524] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1017'. [ 319.135365][ T9527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1021'. [ 319.278139][ T9520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1019'. [ 319.633938][ T9546] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1025'. [ 319.945500][ T9551] ubi0: attaching mtd0 [ 319.962306][ T9551] ubi0: scanning is finished [ 320.025750][ T9557] lo: entered allmulticast mode [ 320.031793][ T9557] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1031'. [ 320.050273][ T9551] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 320.295624][ T9551] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 320.872339][ T9555] lo: left allmulticast mode [ 320.903100][ T9578] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1037'. [ 321.464597][ T9593] ubi0: attaching mtd0 [ 321.471246][ T9593] ubi0: scanning is finished [ 321.475914][ T9593] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 321.491060][ T9584] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1040'. [ 321.546000][ T9584] tc_dump_action: action bad kind [ 321.730497][ T9593] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 322.381725][ T9612] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1048'. [ 322.415890][ T29] audit: type=1326 audit(1734798126.878:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9606 comm="syz.2.1047" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9b91d85d29 code=0x0 [ 322.782763][ T9630] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1051'. [ 323.215341][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 323.223624][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.380826][ T9648] ubi0: attaching mtd0 [ 323.385982][ T9648] ubi0: scanning is finished [ 323.439747][ T9648] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 323.704577][ T9648] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 323.962244][ T9660] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1060'. [ 326.260582][ T9698] ubi0: attaching mtd0 [ 326.261791][ T9699] netlink: 'syz.3.1071': attribute type 2 has an invalid length. [ 326.265706][ T9698] ubi0: scanning is finished [ 326.351015][ T9699] netlink: 674 bytes leftover after parsing attributes in process `syz.3.1071'. [ 326.370369][ T9698] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 326.489001][ T9706] FAULT_INJECTION: forcing a failure. [ 326.489001][ T9706] name failslab, interval 1, probability 0, space 0, times 0 [ 326.520565][ T9706] CPU: 0 UID: 0 PID: 9706 Comm: syz.1.1075 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 326.531310][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 326.541394][ T9706] Call Trace: [ 326.544691][ T9706] [ 326.547646][ T9706] dump_stack_lvl+0x16c/0x1f0 [ 326.552363][ T9706] should_fail_ex+0x497/0x5b0 [ 326.557076][ T9706] ? fs_reclaim_acquire+0xae/0x150 [ 326.562215][ T9706] should_failslab+0xc2/0x120 [ 326.566926][ T9706] __kmalloc_noprof+0xce/0x4f0 [ 326.571720][ T9706] ? d_absolute_path+0x137/0x1b0 [ 326.576697][ T9706] ? tomoyo_encode2+0x100/0x3e0 [ 326.581592][ T9706] tomoyo_encode2+0x100/0x3e0 [ 326.586305][ T9706] tomoyo_realpath_from_path+0x1a7/0x710 [ 326.591984][ T9706] tomoyo_path_number_perm+0x248/0x5b0 [ 326.597486][ T9706] ? tomoyo_path_number_perm+0x235/0x5b0 [ 326.603163][ T9706] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 326.609222][ T9706] ? __pfx_lock_release+0x10/0x10 [ 326.614274][ T9706] ? trace_lock_acquire+0x14e/0x1f0 [ 326.619517][ T9706] ? lock_acquire+0x2f/0xb0 [ 326.624057][ T9706] ? __fget_files+0x40/0x3a0 [ 326.628688][ T9706] ? __fget_files+0x206/0x3a0 [ 326.633407][ T9706] security_file_ioctl+0x9b/0x240 [ 326.638459][ T9706] __x64_sys_ioctl+0xb7/0x200 [ 326.643171][ T9706] do_syscall_64+0xcd/0x250 [ 326.647712][ T9706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.653641][ T9706] RIP: 0033:0x7fda38185d29 [ 326.658083][ T9706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.677723][ T9706] RSP: 002b:00007fda39014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 326.686177][ T9706] RAX: ffffffffffffffda RBX: 00007fda38375fa0 RCX: 00007fda38185d29 [ 326.694174][ T9706] RDX: 0000000000000008 RSI: 00000000c0304d18 RDI: 0000000000000003 [ 326.702177][ T9706] RBP: 00007fda39014090 R08: 0000000000000000 R09: 0000000000000000 [ 326.710173][ T9706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 326.718165][ T9706] R13: 0000000000000000 R14: 00007fda38375fa0 R15: 00007ffc6ab845d8 [ 326.726178][ T9706] [ 326.740140][ T9706] ERROR: Out of memory at tomoyo_realpath_from_path. [ 326.808174][ T9698] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 327.326294][ T9719] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1077'. [ 327.636660][ T9725] mtrr: base(0x100000) is not aligned on a size(0x2e001800000) boundary [ 328.381020][ T9736] FAULT_INJECTION: forcing a failure. [ 328.381020][ T9736] name failslab, interval 1, probability 0, space 0, times 0 [ 328.466368][ T9736] CPU: 1 UID: 0 PID: 9736 Comm: syz.2.1085 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 328.477121][ T9736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 328.487208][ T9736] Call Trace: [ 328.490511][ T9736] [ 328.493458][ T9736] dump_stack_lvl+0x16c/0x1f0 [ 328.498174][ T9736] should_fail_ex+0x497/0x5b0 [ 328.502893][ T9736] ? fs_reclaim_acquire+0xae/0x150 [ 328.509783][ T9736] should_failslab+0xc2/0x120 [ 328.514502][ T9736] __kmalloc_noprof+0xce/0x4f0 [ 328.519301][ T9736] ? d_absolute_path+0x137/0x1b0 [ 328.524283][ T9736] ? tomoyo_encode2+0x100/0x3e0 [ 328.529177][ T9736] tomoyo_encode2+0x100/0x3e0 [ 328.533895][ T9736] tomoyo_realpath_from_path+0x1a7/0x710 [ 328.539585][ T9736] tomoyo_path_number_perm+0x248/0x5b0 [ 328.545220][ T9736] ? tomoyo_path_number_perm+0x235/0x5b0 [ 328.550898][ T9736] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 328.556926][ T9736] ? __pfx_lock_release+0x10/0x10 [ 328.561964][ T9736] ? trace_lock_acquire+0x14e/0x1f0 [ 328.567181][ T9736] ? lock_acquire+0x2f/0xb0 [ 328.571693][ T9736] ? __fget_files+0x40/0x3a0 [ 328.576300][ T9736] ? __fget_files+0x206/0x3a0 [ 328.580994][ T9736] security_file_ioctl+0x9b/0x240 [ 328.586027][ T9736] __x64_sys_ioctl+0xb7/0x200 [ 328.590713][ T9736] do_syscall_64+0xcd/0x250 [ 328.595227][ T9736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.601134][ T9736] RIP: 0033:0x7f9b91d85d29 [ 328.605548][ T9736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.625163][ T9736] RSP: 002b:00007f9b92c36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 328.633583][ T9736] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d85d29 [ 328.641558][ T9736] RDX: 0000000000000008 RSI: 00000000c0304d18 RDI: 0000000000000003 [ 328.649536][ T9736] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 328.657687][ T9736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 328.665657][ T9736] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 328.673646][ T9736] [ 328.676847][ C1] vkms_vblank_simulate: vblank timer overrun [ 328.739810][ T9736] ERROR: Out of memory at tomoyo_realpath_from_path. [ 329.053710][ T9732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1084'. [ 329.145611][ T9743] ubi0: attaching mtd0 [ 329.197695][ T9743] ubi0: scanning is finished [ 329.233151][ T9743] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 329.566752][ T9743] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 329.621878][ T9740] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(15) [ 329.670011][ T9750] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1089'. [ 330.430406][ T9769] Process accounting resumed [ 330.864325][ T9778] FAULT_INJECTION: forcing a failure. [ 330.864325][ T9778] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 330.954753][ T9778] CPU: 0 UID: 0 PID: 9778 Comm: syz.2.1097 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 330.965504][ T9778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 330.975584][ T9778] Call Trace: [ 330.978885][ T9778] [ 330.981836][ T9778] dump_stack_lvl+0x16c/0x1f0 [ 330.986550][ T9778] should_fail_ex+0x497/0x5b0 [ 330.991263][ T9778] ? fs_reclaim_acquire+0xae/0x150 [ 330.996406][ T9778] should_fail_alloc_page+0xe7/0x130 [ 331.001731][ T9778] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 331.007931][ T9778] __alloc_pages_noprof+0x190/0x25b0 [ 331.013256][ T9778] ? __pfx_mark_lock+0x10/0x10 [ 331.018060][ T9778] ? hlock_class+0x4e/0x130 [ 331.022596][ T9778] ? mark_lock+0xb5/0xc60 [ 331.026960][ T9778] ? hlock_class+0x4e/0x130 [ 331.031496][ T9778] ? mark_lock+0xb5/0xc60 [ 331.035871][ T9778] ? __pfx_mark_lock+0x10/0x10 [ 331.040677][ T9778] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 331.046448][ T9778] ? hlock_class+0x4e/0x130 [ 331.050991][ T9778] ? hlock_class+0x4e/0x130 [ 331.055529][ T9778] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 331.061456][ T9778] ? policy_nodemask+0xea/0x4e0 [ 331.066346][ T9778] alloc_pages_mpol_noprof+0x2c9/0x610 [ 331.071850][ T9778] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 331.077870][ T9778] ? __pfx___lock_acquire+0x10/0x10 [ 331.083098][ T9778] ? hlock_class+0x4e/0x130 [ 331.087626][ T9778] ? __lock_acquire+0xcc5/0x3c40 [ 331.092587][ T9778] pte_alloc_one+0x20/0x390 [ 331.097097][ T9778] do_pte_missing+0x1ae7/0x3e00 [ 331.101971][ T9778] __handle_mm_fault+0x103c/0x2a40 [ 331.107101][ T9778] ? __pfx___handle_mm_fault+0x10/0x10 [ 331.112568][ T9778] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 331.118217][ T9778] ? find_vma+0xc0/0x140 [ 331.122465][ T9778] ? __pfx_find_vma+0x10/0x10 [ 331.127155][ T9778] handle_mm_fault+0x3fa/0xaa0 [ 331.131934][ T9778] do_user_addr_fault+0x7a3/0x13f0 [ 331.137068][ T9778] exc_page_fault+0x5c/0xc0 [ 331.141617][ T9778] asm_exc_page_fault+0x26/0x30 [ 331.146475][ T9778] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 331.152295][ T9778] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 331.171909][ T9778] RSP: 0018:ffffc90004397a40 EFLAGS: 00050216 [ 331.177981][ T9778] RAX: 0000000000000001 RBX: 0000000000000008 RCX: 0000000000000030 [ 331.185954][ T9778] RDX: fffff52000872f72 RSI: 0000000000000008 RDI: ffffc90004397b60 [ 331.193926][ T9778] RBP: 0000000000000030 R08: 0000000000000001 R09: fffff52000872f71 [ 331.201899][ T9778] R10: ffffc90004397b8f R11: 0000000000000001 R12: 0000000000000000 [ 331.209870][ T9778] R13: ffffc90004397b60 R14: 0000000000000002 R15: 0000000000000000 [ 331.217857][ T9778] _copy_from_user+0x9a/0xd0 [ 331.222463][ T9778] mtdchar_write_ioctl+0xd9/0x9c0 [ 331.227502][ T9778] ? __pfx_mtdchar_write_ioctl+0x10/0x10 [ 331.233145][ T9778] ? hlock_class+0x4e/0x130 [ 331.237658][ T9778] ? __lock_acquire+0x15a9/0x3c40 [ 331.242716][ T9778] mtdchar_ioctl+0x12d0/0x2050 [ 331.247498][ T9778] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 331.252621][ T9778] ? __mutex_trylock_common+0xea/0x250 [ 331.258090][ T9778] ? __pfx___mutex_trylock_common+0x10/0x10 [ 331.263987][ T9778] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 331.269371][ T9778] ? __mutex_lock+0x1cc/0xa60 [ 331.274058][ T9778] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 331.279438][ T9778] ? __pfx___mutex_lock+0x10/0x10 [ 331.284469][ T9778] ? __pfx_lock_release+0x10/0x10 [ 331.289536][ T9778] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 331.294768][ T9778] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 331.300690][ T9778] __x64_sys_ioctl+0x190/0x200 [ 331.305468][ T9778] do_syscall_64+0xcd/0x250 [ 331.309988][ T9778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.315894][ T9778] RIP: 0033:0x7f9b91d85d29 [ 331.320320][ T9778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.339945][ T9778] RSP: 002b:00007f9b92c36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 331.348367][ T9778] RAX: ffffffffffffffda RBX: 00007f9b91f75fa0 RCX: 00007f9b91d85d29 [ 331.356355][ T9778] RDX: 0000000000000008 RSI: 00000000c0304d18 RDI: 0000000000000003 [ 331.364339][ T9778] RBP: 00007f9b92c36090 R08: 0000000000000000 R09: 0000000000000000 [ 331.372331][ T9778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 331.380308][ T9778] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 331.388303][ T9778] [ 331.780164][ T9785] ubi0: attaching mtd0 [ 331.785327][ T9785] ubi0: scanning is finished [ 331.865882][ T9785] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 332.150980][ T29] audit: type=1804 audit(1734798136.608:7): pid=9794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1100" name="#)-\&[}" dev="mqueue" ino=24593 res=1 errno=0 [ 332.176697][ T9794] kernel read not supported for file /#)-\&[} (pid: 9794 comm: syz.2.1100) [ 332.244223][ T9793] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1101'. [ 332.253570][ T29] audit: type=1800 audit(1734798136.688:8): pid=9794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1100" name="#)-\&[}" dev="mqueue" ino=24593 res=0 errno=0 [ 332.278315][ T9785] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 332.337878][ T29] audit: type=1804 audit(1734798136.778:9): pid=9794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1100" name="#)-\&[}" dev="mqueue" ino=24593 res=1 errno=0 [ 332.410098][ T29] audit: type=1804 audit(1734798136.778:10): pid=9794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1100" name="#)-\&[}" dev="mqueue" ino=24593 res=1 errno=0 [ 333.266871][ T9822] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1110'. [ 333.478537][ T9825] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1111'. [ 333.769854][ T9841] nbd: must specify an index to disconnect [ 333.961847][ T9846] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 334.127098][ T9840] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1116'. [ 335.081965][ T9877] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1124'. [ 335.750944][ T9890] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1128'. [ 335.961868][ T9887] mtrr: base(0x100000) is not aligned on a size(0x2e001800000) boundary [ 336.203235][ T9895] Process accounting resumed [ 336.924680][ T9915] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1134'. [ 337.002081][ T9902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1129'. [ 337.298686][ T9918] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1135'. [ 337.945126][ T9929] ubi0: attaching mtd0 [ 337.949698][ T9930] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1139'. [ 337.970430][ T9929] ubi0: scanning is finished [ 337.975123][ T9929] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 337.989836][ T9934] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1141'. [ 338.018603][ T9936] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1141'. [ 338.371256][ T9929] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 338.705945][ T9949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1144'. [ 339.612889][ T9966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1149'. [ 340.184802][ T9986] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1155'. [ 340.229787][ T9985] ubi0: attaching mtd0 [ 340.300837][ T9985] ubi0: scanning is finished [ 340.305538][ T9985] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 340.640385][ T9985] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 341.269267][T10004] nbd: must specify an index to disconnect [ 341.342739][T10008] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1163'. [ 341.781424][T10023] kernel read not supported for file /#)-\&[} (pid: 10023 comm: syz.0.1165) [ 341.789763][ T29] audit: type=1804 audit(1734798146.248:11): pid=10023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1165" name="#)-\&[}" dev="mqueue" ino=25049 res=1 errno=0 [ 341.810622][ C0] vkms_vblank_simulate: vblank timer overrun [ 341.835674][ T29] audit: type=1800 audit(1734798146.298:12): pid=10023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1165" name="#)-\&[}" dev="mqueue" ino=25049 res=0 errno=0 [ 341.926239][ T29] audit: type=1804 audit(1734798146.388:13): pid=10023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1165" name="#)-\&[}" dev="mqueue" ino=25049 res=1 errno=0 [ 341.946304][ C0] vkms_vblank_simulate: vblank timer overrun [ 341.959733][ T29] audit: type=1804 audit(1734798146.388:14): pid=10023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1165" name="#)-\&[}" dev="mqueue" ino=25049 res=1 errno=0 [ 342.081643][T10028] ubi0: attaching mtd0 [ 342.110628][T10028] ubi0: scanning is finished [ 342.115451][T10028] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 342.251213][T10028] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 343.597337][T10038] Invalid ELF header magic: != ELF [ 343.939870][T10045] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1174'. [ 344.071500][T10054] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1177'. [ 344.127191][T10056] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1178'. [ 344.149397][T10058] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1179'. [ 344.811701][T10079] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1187'. [ 345.370697][T10095] QAT: Stopping all acceleration devices. [ 345.385383][T10095] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1192'. [ 345.625898][T10093] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1191'. [ 345.909041][T10108] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1197'. [ 347.443912][T10156] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1211'. [ 347.689736][T10165] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1213'. [ 347.727189][T10146] ptrace attach of "./syz-executor exec"[5832] was attempted by "./syz-executor exec"[10146] [ 348.517056][T10181] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1220'. [ 348.600080][T10181] veth1_to_hsr: left allmulticast mode [ 348.606435][T10181] veth1_to_hsr: left promiscuous mode [ 348.632266][T10181] bridge0: port 3(veth1_to_hsr) entered disabled state [ 348.718149][T10181] bridge_slave_1: left allmulticast mode [ 348.734357][T10181] bridge_slave_1: left promiscuous mode [ 348.747107][T10181] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.775722][T10181] bridge_slave_0: left allmulticast mode [ 348.795025][T10181] bridge_slave_0: left promiscuous mode [ 348.822737][T10197] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1222'. [ 348.824906][T10181] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.343421][T10212] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1225'. [ 350.143379][T10236] ubi0: attaching mtd0 [ 350.148544][T10236] ubi0: scanning is finished [ 350.190947][T10236] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 350.502012][T10236] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 350.872247][T10259] ubi0: attaching mtd0 [ 350.880683][T10259] ubi0: scanning is finished [ 350.914187][T10259] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 351.053567][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1239'. [ 351.160437][T10259] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 352.388571][T10292] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1248'. [ 353.325217][T10321] FAULT_INJECTION: forcing a failure. [ 353.325217][T10321] name failslab, interval 1, probability 0, space 0, times 0 [ 353.359766][T10321] CPU: 1 UID: 0 PID: 10321 Comm: syz.3.1258 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 353.370602][T10321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 353.380690][T10321] Call Trace: [ 353.383987][T10321] [ 353.386937][T10321] dump_stack_lvl+0x16c/0x1f0 [ 353.391654][T10321] should_fail_ex+0x497/0x5b0 [ 353.396375][T10321] ? fs_reclaim_acquire+0xae/0x150 [ 353.401525][T10321] should_failslab+0xc2/0x120 [ 353.406243][T10321] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 353.411658][T10321] ? getname_flags.part.0+0x4c/0x550 [ 353.416989][T10321] getname_flags.part.0+0x4c/0x550 [ 353.422149][T10321] getname_flags+0x93/0xf0 [ 353.426595][T10321] user_path_at+0x24/0x60 [ 353.430958][T10321] __x64_sys_truncate+0xf7/0x1e0 [ 353.435931][T10321] ? __pfx___x64_sys_truncate+0x10/0x10 [ 353.441514][T10321] do_syscall_64+0xcd/0x250 [ 353.446054][T10321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.451983][T10321] RIP: 0033:0x7f0c0f985d29 [ 353.456421][T10321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.476063][T10321] RSP: 002b:00007f0c10818038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 353.484512][T10321] RAX: ffffffffffffffda RBX: 00007f0c0fb75fa0 RCX: 00007f0c0f985d29 [ 353.492490][T10321] RDX: 0000000000000000 RSI: 000000007fffffff RDI: 0000000020000000 [ 353.500466][T10321] RBP: 00007f0c10818090 R08: 0000000000000000 R09: 0000000000000000 [ 353.508438][T10321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 353.516413][T10321] R13: 0000000000000000 R14: 00007f0c0fb75fa0 R15: 00007ffff1484f38 [ 353.524405][T10321] [ 353.654566][T10327] ubi0: attaching mtd0 [ 353.660184][T10328] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1268'. [ 353.687634][T10327] ubi0: scanning is finished [ 353.694227][T10327] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 353.729422][T10334] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list td0, error -22 [ 355.614619][T10382] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1274'. [ 355.715774][T10374] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1272'. [ 355.979718][ T29] audit: type=1800 audit(1734798160.438:15): pid=10388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1277" name="features" dev="configfs" ino=26073 res=0 errno=0 [ 356.292782][T10395] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1279'. [ 356.394165][T10398] ubi0: attaching mtd0 [ 356.399422][T10398] ubi0: scanning is finished [ 356.443781][T10398] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 356.701040][T10398] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 syzkaller syzkaller login: [ 357.306907][T10412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1284'. [ 357.430373][T10371] kexec: Could not allocate control_code_buffer [ 357.768044][T10425] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1285'. [ 358.205789][T10438] tipc: Started in network mode [ 358.224470][T10438] tipc: Node identity ee00, cluster identity 4711 [ 358.234590][T10438] tipc: Node number set to 60928 [ 358.263167][T10440] mkiss: ax0: crc mode is auto. [ 358.327918][T10435] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1289'. [ 358.353005][T10435] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 358.476910][T10435] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 359.418329][T10456] bond0: option updelay: invalid value (/sys/devices/virtual/block/loop5/queue/discard_max_hw_bytes) [ 359.450791][T10456] bond0: option updelay: allowed values 0 - 2147483647 [ 359.498995][T10456] bond0: Unable to set up delay as MII monitoring is disabled [ 359.729202][T10464] ubi0: attaching mtd0 [ 359.734678][T10464] ubi0: scanning is finished [ 359.745786][T10464] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 359.877313][T10458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1294'. [ 359.970533][T10464] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 360.326645][T10475] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1297'. [ 361.457276][T10496] ubi0: attaching mtd0 [ 361.463716][T10496] ubi0: scanning is finished [ 361.468836][T10496] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 361.519871][T10487] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1301'. [ 361.656011][T10495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1306'. [ 361.673073][T10496] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 362.031054][T10504] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1308'. [ 362.057318][T10505] ubi0: attaching mtd0 [ 362.069248][T10505] ubi0: scanning is finished [ 362.075178][T10505] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 362.286173][T10505] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 362.875930][T10532] netlink: get zone limit has 8 unknown bytes [ 363.381577][T10552] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1319'. [ 363.564465][T10555] ubi0: attaching mtd0 [ 363.595435][T10555] ubi0: scanning is finished [ 363.629829][T10555] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 363.814072][T10555] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 365.463054][T10597] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1330'. [ 365.873642][T10605] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1333'. [ 366.883320][T10617] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1336'. [ 367.531087][T10648] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1341'. [ 369.520272][T10688] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1351'. [ 370.585830][T10728] ubi0: attaching mtd0 [ 370.611641][T10728] ubi0: scanning is finished [ 370.651508][T10728] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 370.910771][T10728] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 371.170013][T10739] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1364'. [ 371.824269][T10735] sctp: [Deprecated]: syz.3.1363 (pid 10735) Use of struct sctp_assoc_value in delayed_ack socket option. [ 371.824269][T10735] Use struct sctp_sack_info instead [ 372.168737][T10760] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1371'. [ 372.530207][T10775] ubi0: attaching mtd0 [ 372.535413][T10775] ubi0: scanning is finished [ 372.619675][T10775] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 372.745784][T10778] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1374'. [ 372.832874][T10775] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 373.930273][T10804] synth uevent: /bus/memstick: unknown uevent action string [ 374.015498][T10797] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1380'. [ 374.759940][T10823] ubi0: attaching mtd0 [ 374.765129][T10823] ubi0: scanning is finished [ 374.829763][T10823] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 375.254567][T10823] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 375.345748][T10830] Invalid ELF header magic: != ELF [ 375.757628][T10842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1394'. [ 375.784012][T10846] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1395'. [ 376.150100][T10856] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1397'. [ 376.999297][T10871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1401'. [ 377.213153][T10881] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1404'. [ 378.394043][T10926] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1415'. [ 378.803497][T10934] delete_channel: no stack [ 379.564807][T10964] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1424'. [ 379.701879][T10966] ubi0: attaching mtd0 [ 379.707422][T10966] ubi0: scanning is finished [ 379.717704][T10966] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 379.895973][T10966] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 379.985131][ T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 380.000756][ T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 380.008589][ T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 380.016704][ T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 380.024487][ T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 380.031877][ T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 380.355886][T10974] chnl_net:caif_netlink_parms(): no params data found [ 380.528861][T10974] bridge0: port 1(bridge_slave_0) entered blocking state [ 380.546729][T10974] bridge0: port 1(bridge_slave_0) entered disabled state [ 380.574686][T10974] bridge_slave_0: entered allmulticast mode [ 380.598748][T10974] bridge_slave_0: entered promiscuous mode [ 380.645777][T10974] bridge0: port 2(bridge_slave_1) entered blocking state [ 380.658382][T10974] bridge0: port 2(bridge_slave_1) entered disabled state [ 380.676174][T10974] bridge_slave_1: entered allmulticast mode [ 380.683569][T10974] bridge_slave_1: entered promiscuous mode [ 380.906483][T10974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 380.986117][T10974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 381.297640][T10974] team0: Port device team_slave_0 added [ 381.316701][T10974] team0: Port device team_slave_1 added [ 381.348374][T10966] ------------[ cut here ]------------ [ 381.354199][T10966] ODEBUG: free active (active state 0) object: ffff8880355f9248 object type: timer_list hint: hci_devcd_timeout+0x0/0x2f0 [ 381.390074][T10966] WARNING: CPU: 0 PID: 10966 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 381.399830][T10966] Modules linked in: [ 381.403767][T10966] CPU: 0 UID: 0 PID: 10966 Comm: syz.2.1425 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 381.414892][T10966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 381.425323][T10966] RIP: 0010:debug_print_object+0x1a2/0x2b0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 381.431266][T10966] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd a0 7f b1 8b 41 56 4c 89 e6 48 c7 c7 20 74 b1 8b e8 4f 59 bc fc 90 <0f> 0b 90 90 58 83 05 b6 5a 7f 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 381.451198][T10966] RSP: 0000:ffffc90003417768 EFLAGS: 00010286 [ 381.457305][T10966] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff815a16c9 [ 381.465389][T10966] RDX: ffff88802661da00 RSI: ffffffff815a16d6 RDI: 0000000000000001 [ 381.473465][T10966] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 381.481563][T10966] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8bb17ac0 [ 381.489642][T10966] R13: ffffffff8b4f8020 R14: ffffffff8a2ad340 R15: ffffc90003417878 [ 381.497645][T10966] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 381.506697][T10966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 381.513362][T10966] CR2: 0000001b2ff08ff8 CR3: 000000006c248000 CR4: 00000000003526f0 [ 381.521640][T10966] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 381.530067][T10966] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 381.538087][T10966] Call Trace: [ 381.541443][T10966] [ 381.544410][T10966] ? __warn+0xea/0x3c0 [ 381.548522][T10966] ? preempt_schedule_notrace+0x62/0xe0 [ 381.554239][T10966] ? debug_print_object+0x1a2/0x2b0 [ 381.559530][T10966] ? report_bug+0x3c0/0x580 [ 381.564072][T10966] ? handle_bug+0x54/0xa0 [ 381.568451][T10966] ? exc_invalid_op+0x17/0x50 [ 381.573269][T10966] ? asm_exc_invalid_op+0x1a/0x20 [ 381.578356][T10966] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 381.578401][T10966] ? __warn_printk+0x199/0x350 [ 381.588717][T10966] ? __warn_printk+0x1a6/0x350 [ 381.593617][T10966] ? debug_print_object+0x1a2/0x2b0 [ 381.598862][T10966] ? debug_print_object+0x1a1/0x2b0 [ 381.604166][T10966] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 381.604204][T10966] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 381.615533][T10966] debug_check_no_obj_freed+0x4b7/0x600 [ 381.621534][T10966] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 381.627669][T10966] ? kmem_cache_free+0x152/0x4c0 [ 381.633001][T10966] ? kfree_skbmem+0x1a4/0x1f0 [ 381.637727][T10966] kfree+0x2b3/0x4b0 [ 381.641743][T10966] ? hci_release_dev+0x4d9/0x600 [ 381.646713][T10966] hci_release_dev+0x4d9/0x600 [ 381.651564][T10966] ? __pfx_hci_release_dev+0x10/0x10 [ 381.656877][T10966] ? rcu_is_watching+0x12/0xc0 [ 381.661746][T10966] ? kfree+0x274/0x4b0 [ 381.661779][T10966] bt_host_release+0x6a/0xb0 [ 381.661808][T10966] ? __pfx_bt_host_release+0x10/0x10 [ 381.661837][T10966] device_release+0xa1/0x240 [ 381.661863][T10966] kobject_put+0x1e4/0x5a0 [ 381.661894][T10966] ? __pfx_vhci_release+0x10/0x10 [ 381.661919][T10966] put_device+0x1f/0x30 [ 381.661944][T10966] vhci_release+0x81/0xf0 [ 381.661970][T10966] __fput+0x3f8/0xb60 [ 381.662012][T10966] task_work_run+0x14e/0x250 [ 381.662052][T10966] ? __pfx_task_work_run+0x10/0x10 [ 381.662098][T10966] do_exit+0xad8/0x2d70 [ 381.662145][T10966] ? get_signal+0x8f7/0x2610 [ 381.662174][T10966] ? __pfx_do_exit+0x10/0x10 [ 381.662208][T10966] ? do_raw_spin_lock+0x12d/0x2c0 [ 381.662239][T10966] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 381.662273][T10966] do_group_exit+0xd3/0x2a0 [ 381.662308][T10966] get_signal+0x2576/0x2610 [ 381.662341][T10966] ? __mutex_unlock_slowpath+0x164/0x690 [ 381.662378][T10966] ? __pfx_get_signal+0x10/0x10 [ 381.662410][T10966] ? __pfx_ubi_attach_mtd_dev+0x10/0x10 [ 381.662442][T10966] arch_do_signal_or_restart+0x90/0x7e0 [ 381.662478][T10966] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 381.662530][T10966] syscall_exit_to_user_mode+0x150/0x2a0 [ 381.662564][T10966] do_syscall_64+0xda/0x250 [ 381.662598][T10966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.662631][T10966] RIP: 0033:0x7f9b91d85d29 [ 381.662652][T10966] Code: Unable to access opcode bytes at 0x7f9b91d85cff. [ 381.662665][T10966] RSP: 002b:00007f9b92c36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.662692][T10966] RAX: ffffffffffffffea RBX: 00007f9b91f75fa0 RCX: 00007f9b91d85d29 [ 381.662711][T10966] RDX: 0000000020000080 RSI: 0000000040186f40 RDI: 0000000000000002 [ 381.662728][T10966] RBP: 00007f9b91e01aa8 R08: 0000000000000000 R09: 0000000000000000 [ 381.662746][T10966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.662763][T10966] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 381.662795][T10966] [ 381.662809][T10966] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 381.662822][T10966] CPU: 0 UID: 0 PID: 10966 Comm: syz.2.1425 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 [ 381.662852][T10966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 381.662867][T10966] Call Trace: [ 381.662874][T10966] [ 381.662883][T10966] dump_stack_lvl+0x3d/0x1f0 [ 381.662914][T10966] panic+0x71d/0x800 [ 381.662947][T10966] ? __pfx_panic+0x10/0x10 [ 381.662980][T10966] ? show_trace_log_lvl+0x29d/0x3d0 [ 381.663015][T10966] ? check_panic_on_warn+0x1f/0xb0 [ 381.663051][T10966] ? debug_print_object+0x1a2/0x2b0 [ 381.663086][T10966] check_panic_on_warn+0xab/0xb0 [ 381.663128][T10966] __warn+0xf6/0x3c0 [ 381.663159][T10966] ? preempt_schedule_notrace+0x62/0xe0 [ 381.663187][T10966] ? debug_print_object+0x1a2/0x2b0 [ 381.663222][T10966] report_bug+0x3c0/0x580 [ 381.663253][T10966] handle_bug+0x54/0xa0 [ 381.663283][T10966] exc_invalid_op+0x17/0x50 [ 381.663315][T10966] asm_exc_invalid_op+0x1a/0x20 [ 381.663344][T10966] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 381.663380][T10966] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd a0 7f b1 8b 41 56 4c 89 e6 48 c7 c7 20 74 b1 8b e8 4f 59 bc fc 90 <0f> 0b 90 90 58 83 05 b6 5a 7f 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 381.663403][T10966] RSP: 0000:ffffc90003417768 EFLAGS: 00010286 [ 381.663424][T10966] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff815a16c9 [ 381.663440][T10966] RDX: ffff88802661da00 RSI: ffffffff815a16d6 RDI: 0000000000000001 [ 381.663457][T10966] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 381.663472][T10966] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8bb17ac0 [ 381.663488][T10966] R13: ffffffff8b4f8020 R14: ffffffff8a2ad340 R15: ffffc90003417878 [ 381.663507][T10966] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 381.663547][T10966] ? __warn_printk+0x199/0x350 [ 381.663579][T10966] ? __warn_printk+0x1a6/0x350 [ 381.663613][T10966] ? debug_print_object+0x1a1/0x2b0 [ 381.663646][T10966] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 381.663680][T10966] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 381.663711][T10966] debug_check_no_obj_freed+0x4b7/0x600 [ 381.663758][T10966] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 381.663804][T10966] ? kmem_cache_free+0x152/0x4c0 [ 381.663834][T10966] ? kfree_skbmem+0x1a4/0x1f0 [ 381.663866][T10966] kfree+0x2b3/0x4b0 [ 381.663892][T10966] ? hci_release_dev+0x4d9/0x600 [ 381.663921][T10966] hci_release_dev+0x4d9/0x600 [ 381.663946][T10966] ? __pfx_hci_release_dev+0x10/0x10 [ 381.663969][T10966] ? rcu_is_watching+0x12/0xc0 [ 381.663999][T10966] ? kfree+0x274/0x4b0 [ 381.664029][T10966] bt_host_release+0x6a/0xb0 [ 381.664056][T10966] ? __pfx_bt_host_release+0x10/0x10 [ 381.664085][T10966] device_release+0xa1/0x240 [ 381.664117][T10966] kobject_put+0x1e4/0x5a0 [ 381.664147][T10966] ? __pfx_vhci_release+0x10/0x10 [ 381.664172][T10966] put_device+0x1f/0x30 [ 381.664197][T10966] vhci_release+0x81/0xf0 [ 381.664224][T10966] __fput+0x3f8/0xb60 [ 381.664264][T10966] task_work_run+0x14e/0x250 [ 381.664302][T10966] ? __pfx_task_work_run+0x10/0x10 [ 381.664348][T10966] do_exit+0xad8/0x2d70 [ 381.664382][T10966] ? get_signal+0x8f7/0x2610 [ 381.664408][T10966] ? __pfx_do_exit+0x10/0x10 [ 381.664439][T10966] ? do_raw_spin_lock+0x12d/0x2c0 [ 381.664467][T10966] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 381.664498][T10966] do_group_exit+0xd3/0x2a0 [ 381.664533][T10966] get_signal+0x2576/0x2610 [ 381.664565][T10966] ? __mutex_unlock_slowpath+0x164/0x690 [ 381.664599][T10966] ? __pfx_get_signal+0x10/0x10 [ 381.664627][T10966] ? __pfx_ubi_attach_mtd_dev+0x10/0x10 [ 381.664658][T10966] arch_do_signal_or_restart+0x90/0x7e0 [ 381.664693][T10966] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 381.664745][T10966] syscall_exit_to_user_mode+0x150/0x2a0 [ 381.664776][T10966] do_syscall_64+0xda/0x250 [ 381.664809][T10966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.664839][T10966] RIP: 0033:0x7f9b91d85d29 [ 381.664859][T10966] Code: Unable to access opcode bytes at 0x7f9b91d85cff. [ 381.664870][T10966] RSP: 002b:00007f9b92c36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.664895][T10966] RAX: ffffffffffffffea RBX: 00007f9b91f75fa0 RCX: 00007f9b91d85d29 [ 381.664914][T10966] RDX: 0000000020000080 RSI: 0000000040186f40 RDI: 0000000000000002 [ 381.664931][T10966] RBP: 00007f9b91e01aa8 R08: 0000000000000000 R09: 0000000000000000 [ 381.664947][T10966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.664963][T10966] R13: 0000000000000000 R14: 00007f9b91f75fa0 R15: 00007ffd4eed2358 [ 381.664996][T10966] [ 381.665255][T10966] Kernel Offset: disabled