last executing test programs: 12.39134565s ago: executing program 2 (id=3584): mmap$auto(0x0, 0xfffd, 0xffffffffffff6955, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/lacp_active\x00', 0x80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/17, 0x11) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000100), 0xc0241, 0x0) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) getpid() r2 = mq_open$auto(0x0, 0x7e, 0x9, 0x0) syz_clone3(&(0x7f00000003c0)={0x4000280, &(0x7f0000000040), 0x0, &(0x7f00000000c0), {0x36}, 0x0, 0x0, &(0x7f0000000180)=""/110, 0x0, 0x0, {r2}}, 0x58) madvise$auto(0x108000, 0x800034, 0x9) ioctl$auto(0xffffffffffffffff, 0x560a, 0xffffffffffffffff) ioctl$auto_RTC_PARAM_SET(0xffffffffffffffff, 0x40187014, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440)="11000000126584", 0x7) socket(0x2, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x71d) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) socket(0xa, 0x5, 0x20) 8.082219759s ago: executing program 2 (id=3595): openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r0 = fanotify_init$auto(0x200, 0x2010000000000) socket(0x18, 0x5, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x2, 0x0) read$auto(r1, &(0x7f0000000080)='(){\x00', 0x9) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) semctl$auto(0x1ff, 0x100000001, 0x13, 0x9) setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0xc) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)='\a', 0x1) bind$auto(0x3, &(0x7f0000002000), 0xf) fanotify_mark$auto(r0, 0x6, 0x9, r0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x3, 0x71) socket(0xa, 0x2, 0x88) setresuid$auto(0x0, 0x8, 0x8000) ioctl$auto(0x1, 0x890c, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r2, 0x0, 0x20000080) fchown$auto(0xffffffffffffffff, 0x0, 0x0) ioctl$auto(0x3, 0x6f2d, 0x10000000000402) 7.501836076s ago: executing program 2 (id=3597): mmap$auto(0x1, 0x400008, 0xdf, 0x11, 0x2, 0x400000000008002) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x8, 0x1, 0x0, 0xffffffffffffffff) read$auto_vhci_fops_hci_vhci(0xffffffffffffffff, &(0x7f0000000d40)=""/16, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r0 = gettid() process_vm_writev$auto(r0, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0xffffffffffffffff, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x101200, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffb8, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) shutdown$auto(0x200000003, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) madvise$auto(0x7, 0xfffffffffffefffe, 0x15) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2881, 0x0) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000540)='/dev/cpu/0/msr\x00', 0x0, 0x0) sysinfo$auto(0x0) close_range$auto(0x2, 0x8, 0x0) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_uring_register$auto(r1, 0x10000, &(0x7f0000000000)="8417c768565e250fc75eb222c3788fcfa24f26606a", 0x0) sendmmsg$auto(r1, &(0x7f0000000180)={{&(0x7f0000002a80)="44d8a817792e036094d62af14f253f1d083091c74f48aa2a6e6395838b2d0bd6281609f9b12754fdc5658703805d83551c413e833a4e4069a1a1df5b03fecc59a47355c9e6304e64aee44a5d7bab41c1d2025f4e346d8a2293d55c27fbe6e7b08bd89320c8521e2cf33cfcf91e7bdb2ad7b396e1985841a3f232e630ea51e28d499cd814073d29fd788a66294fd9f7044dcc3ad4a25cc4ab7b02efb3a909512a64d30d49ad3f7f393b5d74794f5d690209d542c18021e16939449d075e17dd706e4355a14f7c38caf6094ec3898bf2120c5247f43dccd634a0458faee4ed061f3719f09853ea63b67ed7f9ff719f03f195c8523c7ede283a7581050f5bb51028b389e22dd2e506f8f01504d2bad0fa6b28b183c179422feeb999a8edc61c429dde063bcbabbf3f350acad9d7265b009a9e451c11aa84e7ad8d9ae07da699c384aefed4c420e2cc2594109afd48615f7e9aca3a612ee7d22f14b947ea434b826558e8e545cf369607af016f865000b6d94cdbd7eef1f8834bf166159fc5273fcc57876e1371b2c865d25fe5fa210085e8d6e234315e7b10cd754fc2b8cd67881cade1acf83355f0591849c63beda47773a68a5de90437d675164efad895af4b21acc912d29725dff14b417ce500ee7cebfdfd0e93604098502fe8bb8041c3d217052eb0cebf445e8919c32b6632c1be496914b824313adaec504167358d2183463e7d33ed43601d24c0d7fe1d83484ad57bdde00714ff84c9068f83224325e41334429d5f14930057c43863fbcc80c1a7f3dfbd84dd752c56ec14c174897cd256ff28f6e6a5e2ab68710a1b5c15b7597d75e5cafb6f15e0b0d8ac89e75fff9ea45643e1b48f314867053eaa971082688b96e9af348e7961046b4484fbb45bd6dfef56d5881646f549b1786995fd487c5c0e960aa862b11b6907b1bbe9f9ee59295c2cab1a61addfbeb2bfad3d630f295b1f0d30e066bd78832e7570c221d455024b39aa253b2364c9b21247195371d922d443aaaa2bd8c9d22432716637e27bc688d61216d1893e10db96110b5a39c720e33f02522b83efda8c0977d47084eb221c765e6664b073154ac5bab792f6248c1b813eb30e25ca57685edf5d3560b9b918d17f30834dc97ad354530dae3538f0667b36db2beac7a09c53e748e8d39ff8c1e478106f402baa2ee51332148c6e681e526475c5cd1c21ea771a771125df0d0757129ce0750ed1c6dc7f44b85a6bc656da045bf6bf200100ae2c70b4521f4791d1b45bf3cdaf6bcf441caa56b4f675240b67800dfef383e392f6102ec1cd2a5ae35a2b8b2ed7b079a2ae044b596cf4f4968eda0134ddf478faaaf089e675814304520016fcc527859efcc1c2d8aea2de23289c1ebf6e552fc7b10d40933d31a943561b5cf33e9b320a2d9367bcca52a8bc077192e157b3609d4edf73e35575028f3836a71bdd082353456579e7f791ad7a60639d3a258a64449d4f67de18d1552d54d6d9ee161699e443df4bb14cb7b72764df711b9df8628ed494d0814c3d1f164af61f8a74e164c7ba1a09a61c080d7a08a94a492d7ceb961aa15497d3ade6523fa8d5e3f1ddf9e9959dc05cfa5beae75f279b643f14614affc2699c6e9f08f33918eef616e43a64a9f8f075fa13264f5592d01f249b8090b9a627290af69d1bf20d62b967658dfeee0bc7873e431024dec9416cdfaf5c03890e03e9fdc338d64b1e0c4a9be3332391bb72f1710c6bf338e07a7701306b0999b11d99b89df9b3ac3ee2130820ce995caf56bcef4cc7b4ecb9cd785d464cedf32681c1e6267f53d7691e72a009730ddbb2ef9c3e748233709ef41f9f0b7d9415673acfea43cb58a09b860203d89cab5df1c04101ed1400d87fafa2c03a480b4b7bc1c777d48dc93e3569af2c798e749a2fce98a1307d2169757a0e6400ebdb9c2a9ef4c9397f6ce06d59be5f7741a54dad977824ee2e25064dcda03b5a3bd847cafe7a16132c6a18e27465df1268b457adf8a18dd41a3fce6503b697b33821ac92cc906ebcf79e5fc5d2fcc9528193c3cd32959229480290b7db7eda51dca7760030a794469a23c0bf3e4f3da58cdb4741696eb0539d3d3141dd2c4b9c915f94450e913803dd1f4e2cae29e3d17487b4f065140fdda96133b93cd596ebb2c4aa8a7023e7492f21e077e8a428d7e8faf13f7fedb5dabd0d2ed99dfc6619041efe6498651d8179d433869bb94724a97a55d840e871c866f4f4be5bf557339f4eb99e84fe72ab306b1b3473ed3df245769eb2378c192091953ad017c1638c17dd540d12240ea4c0b55811915716885431401612968676b3dfd07ea77f48c3bbdff5b58cb04a7a1c83fbdf3ce4b7d43e7fb7937c4b31cd3b904a89fe125e42a13d49282e45deaceb6535eeef7798fb7bf33cb639e8997c360047aa0e0079b4e99c3418650643787b88aa669bcd5bd43b7245365c2b027f2dfa4a5c237d649fef8b9eb0ded70db946d7562038f41186003b5885bb08a45f5233b11f4bd3c563612e2edb19700aadf89b6e9672a33b24eaa0cf7112ae66f76d0dea21e3c75485da7208f5287cb0eeb0082b3a2338df993c95d970560a718974b1b5adfe9de9b22d422b7371f8866a7c1332d6d2631525ccfcfd0f5a734b39601c24e9add03489e0389c1f731db3997369fe5942b8cad79af28f44a9509990d730544c313063941c69987be5fdd952ce537b5680ab57e56f19d1b6f68d9d5e7af402aa81fc1f00df89fa795af31fbe967ac6b4382a8bedb73b6d17c1d0755cce55dbb0fd547883d6181edaaa022119e8166da1696d77ba5a374acc918af4729d81d67706d62797ac833c44b0733f2eea46dcbfc10390cd54473996526cac28f8153d59d7cfa84aa8adce241529c59cfeb2f8841c152646f725fc6071ab9a52af88534a144df518cc60a0ff19a7f4011a2ecc2871216de06122b47163d8cf4e2be24a09676fd470f9d1dbe8028f0d4fa8c3de64d6e26e5e3ae133918781d52fcbb0cc6fac694fc7e976876d3342bc7a5a40930c8ed6a71c84d2781b0c29f871a6a2429c55a9d1cff5985728aac7d212650ab7f00578550c0e7242d86356c54046c211d74bd8def73428b855b46838cdc996297598bfef64767e3c32057413b154d14add759cb7a2ca0b497f3ccf75361226666c0714dcccb5172e31703179d5f8b8951520b131339a4fecd67cdb0511f59961125bbeab66166316b88fe1407abf35cfdad12045320a9d7068dc3118988e2e042dd16fcb233de463070cafa5fb9d455c078495ca0fe22c3d6266b42415db5aeeef187021318a1297fd2b1b2722fb658bf0a6d5c05d6cffd3924971911625810282fd78f6d5ac515696f1a7ef5f835ae32a379c45d08c68bd4d01912ececb3a463f13e78d3a68b9e89a1c9a3a2a88446277d3e25b828f8dc7a098bd17a879d2dc66d434430e64cf09ae321b5047c41ab8b68eee2b834f3ae5b4d1e9c142537999e43a61fdabf4323813c9ffa298eaee80d646cc49d09d129daf50b90d871a522b8d95407352955950f3cfd5604c666773979d6ba8f9364e92132e4a834728740f16c07897a04d6b05e2631a398005f743e30f7abe8af011dc70acafa0d7f585e908055d0dfc6e77b53139518de7ed69de018149f3a13c5cbf0e0a2ec88e120be6c575fc5025462cf8ceec5b26c297b1d1f5c53f07ceb4c65647706a4a1269d8244df336a214a4a59625fff69a8a2c62dad952a6c29f827a756cc0b643ed117cdfff3f5de23df688c92ff89be4dd561f855b8d09ff5a9a09b80242119c5558556dd39841c2bda443fe2b79670b428bc4db43d6a9a53cdf40b70b3e3f6bf90aa27e8f98fc4d666583cb6d35a7198df220e9454d8a28e7227ba06c55857afcd97dfa0eadede9cda2152eaad9482ab42a5dee8037670f69ebed81fabba2e7c5571e57780ff278b76c7827f669f38bca0a3a4b5aee9f6fcbc905c1ba4b9ce803162e6ddca2fedf34092d43e2e5bf60f4a840635ea4bc00d708b7f7f101ae87a00e53d5e6155e15a8b96a8d303f8303c146a7200777a62feb74320375a9f16c1c5bf8c32db370a61e31ca7ee529b1e5094738b3f66d3968adb2150d7257188e28b8308fab491dca0083e682811c66b1e0326e8364940a6cc56933ea30e31db1bf37440e9dcbaf3a896c3106e31d693498bae44614a9589e2fbc77d6489d0a7e31c48e47d9bccc7f528d36d7a8b22d9eee54edccb52bdecdd9ce22d0ccfe6375e4c73960fc2cdbc490a00b15bc068fb002413bf5cef00970785a69b5c667f0f1a48606c3c3b57a757439f49bb3160be9abdf0fd4e5673a75c8f1512cf8df2a35df44a31e86bbec4a63fd01188abaed35d2f19705b3a8eccf7c47a6dc949bf2477a47d3cdf89f170f953158aac7c761fbee0781eb7352be584bf64c7dbb7ac3cb2b3655bde17f0e467d567a156790e37172139edbd2a871fb972f0e3b2a95c988da8f3040b8537a35d625684646c4e5ff7b91973111f53cbf065c43f48cafe4f4c3ec1933f860e52fb2f26202d78c0adf49700939d3ddd37def50c279774e677b9d70df31394a4c6d43d4539dd53e3795aa939f689a7f7f6b01cc02a3975ef61ab06a34ed0c130d1bc3619851c968e341cb034d94ee062c355f9a590d57cea3e50958af0e8d0fb3c614bc59952e2e73337d68614a996d5bb655b4f0ffdaf38205f44d5e9e6ce2b4a1da4bbcbf629ff8b828ff2de96c11e4d46ddf9d6d6e0f35ea0e50eca5b2a192b971917651b5ddc5a671d736540460af81fa83b3536569ae26520c5efafa65ca76c4c41d43e7ae058ed66681b0ac81eeda0f821734610378e788a1817b7ed187a604c473f120eaf5be301af28fe47553513d8e1c5a48f44b850ecf677e47700ae57970ea73340fb3a63b6b0c20aa9f90d0a4e5f5d8acc9f9263a413437ec4483f1afbacea8a2283371c3d524d59e72b3fa2058e1c5f4edcc5f4dda234ab1b74980efe74e84bffe10d74d1eee9881167fd385f74cc935e61aa3791011ea609d41b5a191a03d2bc1033b9fed9ec3b8e6aee2838c93a23239aca4f70baf3b0766ecad438c8c99b20791705ae11a14c94baf8e6ffd1b89bec615dd7f61602a1547d6757478f45a74fec0372c4945bb95bc120b14db463db8a6cf692d789bfa097fd623baee1f676a71525a0661e0446235db926716f1162312e4e4d27a85086c98cc52d8119ba1ef4e384ad81fa635236aa004eeaba1078c1332700604e8eb2efc84e9839638e321a9ef3a8c90badad005c856dbc6eda5edf8dbdedc9029ee9fb9e50d261efa5c68903a6b3ad91d06e05e401a20bef5f93d6cb00d00f316dc2918a88a20889f2889daed48f1e50c3540ee774fdd32dcdb34a4f2d3c36651e7f9674632c5e7f9235540c56314834ae5c7331b3005640a178b923da0ac7e1ed80e0553f1b7d62968e069ce5738967349ba86d2ee79462f23f8a92142db8ecf2627d76773ef084ee4f2a108e1e0cdf54e30417d350fce864c2917e3c990db58d2cb498226c76e70756b2cd94cd28fc3356764352bd8abeef95aec7746a865004d2717d6b5de24d553b61cca0ce40063f119506d3931767e0ab12439479ac5c559d6b624119564fc56e552b9a4483c58ed4bdd7d7f6c36e99e4dd0d04246eb8ab5409a7c8c1af909d454f386b1455e41d56f8e94f5903e535b60e077c30cbc549cd7680445df94af15e4332ae128f283fa517c6ae5183ce3e71dd55ffb18586353a54ad3f0c0c7a610eae74a2d3ed087fc868a37ea17bac0a6ec4f6700a5", 0xede, &(0x7f0000000000)={&(0x7f0000003a80)="40be040076d054bc4bc1ff7449999b1e56adc91c315ce125010406c2d6c8caef2109806e60ca27513da7aaec6a3cd284cb0c4481f1f2b755ec72f71fc7b00bb10e2c5283b62e9f11b8792c05b35a10a3af18d1d15782caca9c541179b86445a100ec5dd128c279ca99d6a546b3f9ad9319cbf94a6e452a7839f0c6e1b226d1f308715c6590e0805b15e8c139eddca1b5fdb4bce71ce436626c2101376d8c9d530f9f2bd7a4272fedeb1b2de3a30b0f2ce639d8592bca67ad6e3ce06c062ce042aa992b50e3b3f17807776cf3f1809b3c2816a430e510deb1f7d666ee7b502005910d10eb8bd33334596da0afb6ad6c9408c6c627be68be27b66c985e081217283627baa2d9c24e9b966b664588e0ce4b19f0cc04f48dac7dd5f34b1ffce9c125f843f6ba023d9121137854e3f5b2a3fe9314dd44d5b2b120b883d96fd4635f28c4916f59053cd87f8907a2fc83d1c897444bcdff02d406ad160c6ae3dbddc3f00d7e6f0a67cbcc85506e428bc0e7883e4a222e385ff7e9a1a1004a954f01dea03521acda1764935bbab625d5b03873fa0aec3bec41e9b24ba4970f88a75e520de2d6018e76df199ec7a24dd9e25c85f83f86e6d33ca4755604c2d10b08785fc548b046bd598fbc80fedb7512e385369167e4e0c615a80dc82e2b890157edd7818ee2bbec6d3efe2a8f7455d32465ee6dd5614f57d7168973ced5fabba9c082c1878f780b85ff3d2eb54b62289c5c6e7709adebc75e2e5f26039bb145d938f5b27e43d2f5f77788fefa40d9635ce0d0defb583f0f136591366ce66914ab9bc38ee6de411c145cae38abef6ef12a94094b772b9115a1c07302caadd28dd1917f0856484b44cf5691516e1580b47c77fc1a9ed69ba16649f0cd89573018548ad7aa47cb908e03864926484cedb4d12186aaac7aa39eccceb980cdb1d6ed86bcea81275d6ff11be0fa6bc4d09dc3e3b7010125b3a7591140a9b5f2d91c063d28fd86e49d570f96b56f0e2daa098405b60c799141fab4028407f571c4bd2839b4783f03c34a71a6960423b1ef6577ddf8a3d4354bc9d7d0a4a16b4c91acc35fc2b8fe0d0038f37e0703748ffcb99ec7b8ec69fa60e8a4d5ecacab6a96b769557d9f191034fdcf7b50a6669e6f8ea2c575741ec92274b706d5297fd5602e54b37de562ec0b44cbe2469aeaa40d9620c1172fcb54ac05ff84d38365a5434e770441bd3f7332cd6bd8ef5b096d30f35b6d9fdc98f9234c40d17cd46745ba357d9d3d9cf45d94919ddff76a0346dd3a25cbf7896abe240f6640b4a701a922bcc117314a4a3b1cd3a8daa44e428770ae5abf4e532ecdf55c71c6218d11772fb478a0a7a80e8095bd0f24ddc5fa243564dceec66647a813d6b7077f57100f773f5886e356419b3d1b121896e0c2ac969a6d60acaf832b3eb08b5a58e1a8bac1780cd52f0685ab36d93fb7ea42680d996a8f1fe5bbf884f4d47598f45d08376107c116267e3419401d4133916dab86e0a99bee8b0f06fdf0fa13778818d5922870e5909df60301840fe1f604ffb8f42b3453b9a2ebbbc33b621be16cba68bf9fc83fe044d9b65acdb78bffc10239b0076cebd373b8c6ed5efa2c9937165ea41f76cc9363525bdbcb1844b7597bcea81e1d925d6e1c984d9da3a503702ed6eab0f1e5c18e856f49004023c3efed52f11714e656217dc176cc3174694ea718f05afd80eb3e56a976193a2cc85873fc26f8e430ef9cc146e51c36235815aa4e51554db866c570ad1239a1d93d50a69f5dfc2c117a0c8e02bc3edce8e1d217ae74828420294a2dd6e09b30cb6c55c3a67958845cc4d6312b38538fea80609f3541299fa8b71d6b9f95dc046b2a07038bb240e60c77239f107614f520c53b87de6f4408e24f67cb12ca4861a0a97babcac4f79f4ede33712c4eca5ce085976f4b49a1ee931672a0f9bcfc2fe122e5e04a64783d8ff8cdadd41742718d78ac6d6dcf6870c168728cc9fbeb2d757c409db4cd32c13b4108811c7e50831e1ae0d9502fd773d10f43d008a3916886eb9d5ad3e480d0b3fdf05ada1b4f00c4f7465492953f8f19281461f0f344370964c4581549e3b66a1fc7d64fccc3590ca89cbfb9b65c75816e8c911fdb76b9151bc319f12c8c7a18b0f0302ed1229fe28ee5524fc219be4343c457c91f8fe7b78c2f159f1e22dd436e7d79fbcc3d0df6edfa663bd62dd025046de4b2c1f662b4c8455ac46aa6068d6e1d6413b36b930cea82181203f2996df0ce653a4e92270eb7a5fd337509b1698efeebf6517bd4bcf98b24668b3d04747de4b81d62280a13cac8007de5b4300e78d16b25ee9071c8d580ed17ab6c3a54b67701c7153584a41fe557f44d79035f4d77798ab9f5fea5fe951530dc3e1851d9380b82a18d3179221a98cd7c632b2c74fafe944405ac4af2a6061a72acc0b1f8d7a7b5a7d3daff85f9800599022a628ce1db4e4fee70d0407a23fd34bfb049cd7223b21be5071066236b67d7d4eed3f08b24debd7f1bbd85499904a11e713ca73660792f114562d27b374367d6001565c086cd9550045005344705f91ca2c881c527ef140669d54e61f78d33ba5ec0c2c5b3cacef71abbc97394ac19b85f6d53decb774d5545d15d9021760e2f04137a7ed121792a7a08e0ce5471b6f92adbb4bcd5cc9281464012bd329ebe109ac84aaf10f170f2138a746afd41a7855de82be3710101f2fb9ccfd90ca0589278b277558778dc0a554adfa6c4c638565b52c7188a43d21b96a821a960da277c8cf7854a64594dfd6db7119265e26e6af7419f14f3ba9174e7ce2fd3f06b93b03cb87ea5abbef8186052abf266506d0ac393d419aad63a7d63ed11de2ff130f5fbf1524f8ea1029e0321f03f749b3e4aa5fe16c094c8702506075be01c7d8572d16f2c01107cc82fd53ca9260ecd82f6f02929c6b17a11cd5968155d4990e9af87c2905715f3b26d1212720e1aadeaa93ccd4d54e58f40880d357ee264c03894d00f5d830d9c99ec37d3b6afe0e48fcd7347d8d147f0b161e10737f66d7294933c98582db7a2099f78343b79f809cc8f369e352f61d1e7d3a6dbcfcf2e68e8ad13cb0690f7256c95ffe61ee8eb0f92f1ff6980dc90d50a03190defddda3ad0e9bfe951b20fdcbea7d88f334610eb172bf00adb3e67c6825811387f110f4b979f796f130a39e24b033cbd4f1deb9bd7cd04f22f806dc0f37cbd7f3802e6b3c97069100b4da463cc38226183260f0c2f4847d4295dd2302f3318263b890df0ff697719f81455d8ce1c70f8ad61fa8f2a4524ca46d3b6b84fa32e5b352a2ca7cfad597c0a05150068829e9ae3385b7d4f99f95534b30930d8b97d7835de75f281d87c2d587233a20e5c45937f18e706deaad07845befd3caedf4f094eeef248bb90e2d9085e9fdd40b5b2e73b7ffc678e375cbe5e7f1ccba87375c69532062cc42a50f863e9f930c9018e704e647b4720471a66aad208457ab1675c77405efa3f960579e851fe0a00840bf9db434f9134fbc474a6277ea15d05e8ea4c66e4cffcb1f43ab9ec2fd8b995e285a27c53b6d1f488a453850b3bd4469f0b965bbd432d50807b48b6f849cb49c69c26fdc91f0a24c330289591777f63e1430be3003688bc40cc1e8eb7202e9cea29b8a16c7c5bf6ab172eeccfe64cb5eba0cc9dcd8d3f66fda26ff292aed0b0f6d94e9c7a99b192412e96b4dc4f7dcb6faf79132a8b734b8b4ba4c3540bcedcdb6db8aa79b43c27d693eeed3aa3c81564a1739c966c79b019fc79563ac66c841cf9305cbb753fabb90ca0bad8b1aa9a1ec745840fe51616f9ec157373cf38bb85e7d4b0e0f0d500f89e4d48783ab8d6370c53b324b3dcf15777eab86ea132b1851e0c5824eec7b3dedd4b2f42af6be18c43f049b6e32571931da15dc98841d6392364456fb05f324f296a1bbd17ab6070b255d1e43b63e5c08f354baa78d1d42dbef4816b50352dba0058d98c024de456b67a00379908c90e15e33871501e58f215891bcf186278c61b0a865539783fd5693bc8ed031bd566bf2168ce1ae988723abdb739a55b43592d23ddb2862b8e302fdc3550440a1ba34c7c3a18a888a02df3d5881f5ad3ba1fb5a977f4833fe60216f7c59b781eb440cfa743c609c0380d11026e2bc0b19d7a60d0300e8a699ae052235c048b239928c311b5ba403348350200a0025f7f106b2ea01fa34c89b634bac54aa262c9522e501080eb8797fe69b6243ab9025dac699d36e7f51d8181bbd40cffa0e07eaa8ce73beb0d82641dc8c8c2ecb0451a812ff19dbe2972fbb69ccf566a7133daaf2bb313634b86193ad1bf16d01904837d4c6a613d90242a3830a4ff527cabe73aa7a25256e38c8758de32fac9916c95cd3db43d61d9cf5506423f7b6eeacbca56b380083a5f0ece5bc577e68e7ebef8a479ba442da3a360899408957bfb67f6dbbfa1e31b267ecff12b562ca5545a68ce4ccce10db1970c6ae438d6d6bfa81613873d43609722202a10bbb86341f76ecacb6ebc772a12beabd9daafd0fc6a27ae40ea5263dedf3a5f742eee9ef6b61e64c7be78ed05380ca3f7af152b2b75aa0b5b0ff2f42b71286424ec653fffde899fe51c3e4b23b39cfb9fdd52bba632b377a9e2f470ad61a19d7bec31c875e08b38b62ca1149cb81d83e50d4cd2d2c75b146d4565108d622d809e717f375b4734d24e78fc8b9e035d514724723b84f5f6dbf53622d0dfc2d6af563cfc2440435ec517f2d294054f6e139cce7cb0acb6dd28ebdf1206e91aa58f2aa784eb1e49fe1a801d9bc5520a6e3f0e1b48cbcae2a3b834af05efa575788e48888a01cb3094b0dc187a701e736226a7a557643f5d2377e32f04535ecfeffe7f6e54a5ef2121dc2f92c498991062f5944b83a5675dccd589ecd78b91149b31e69791e97557ae81db63c705e9096d6b8e51643ee200d2c1b043f890968ed93a96cd383585ff2fc9c00587e7786a582b7a1bb100b71e93c96f8c5f0454e4ecaa0da24c7e7b57cf2dd87a1202fa17fc82ef9e4935549879b3fbc7e25c55d0005285e6ae4e3152d7c7420e64085d1619613b64bc2199249962235ff8e7133501c7076c5f2b3ee2a25f792b1e17ed60449283633b9d04beedebac53dddf176a6d36dc5ebb2cf6c7380c1a889d3c78e4d1425e8011f61ef9f929ce9381e64c6c4540fe25eb62d04d60f02395ec9614d0ada83247db06acb26a3b522f6e5efca5cc4059a26ee8d0d42b612b2090dd23b3d6323efadc3f71b978d45c38cc23a7686b286d7ad901645f01468fce1a7b2ff29d303a7c128d506b336e22bf7eee84b9fb98c1bbf6b8984bcf1e8d9251a928a2f8bd726da4f7de9b13b60704651e09989568e6327ef2f826e85e382b038a17138fc584bd7248e9a3060f182bddf1e2357670b0de3d3fec72fd407174b5e8956174f8019b11d9c4dc5d33d735028f79867a3d4da0a3bc0022c47e7e61aa1c9bb030a1a45a27065ef1594b426d9ccb798ffdbf7fb42cb07e8ff6a4184d677a9734ed524428308df352dba6517f992a9fa6646fb4deb86c3d53cc47a2ca1f1fe9aabd8c6470607057c62956264665cb59eb8004e52f6b1b4a0b78822e24c474ad6ab9680fd5531b9fadfd16413e277af8c94200d9c3e6fa896fd4f8f2f8fd1f2e16a77a43b646a3e4081835f595bec0f0a780e5b9c47dddbde51c0f869d2f9c62e6e0a33d18203616bcc2b24d91e6af7918a1772cc7129319ff784348cc9cff2e6c8e29b369d8e550c4fb724b10b7959eb344765c16a6e8a09724e272e030c7fb4f", 0x3}, 0x7, &(0x7f00000000c0)="69044c766e9c0bc639d097d8f3a61d385e1c7bfad2b1f558ffa15bda93ec330bde66ff00885a3e43f0d8a25e2e1f32c6547097e27511ed5ec8ea8049f742f26cfba9bc4b98877239f27761dfcb191eb4b588f641b8089fd471ff5190d6b5efa79bb23254eb71c4f8c49c9e53f925a282445e532b9d7d046821cd6fda38f624d50c04dbde", 0x5, 0x6b75}, 0x9}, 0xfffffff8, 0x4) 5.393083211s ago: executing program 3 (id=3605): socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x801, 0x84) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x800000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x9b5]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.7727261s ago: executing program 1 (id=3607): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xffd) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x848000000015, 0x805, 0x0) socket(0xa, 0x801, 0x84) mknod$auto(&(0x7f00000048c0)='./file0\x00', 0xc46e, 0x9) truncate$auto(&(0x7f0000000040)='./file0\x00', 0x6b71) socket$nl_generic(0x10, 0x3, 0x10) socket(0x3, 0x800, 0x84) getcwd$auto(0x0, 0xffffffffffffffff) r1 = getsockopt$auto(0x6, 0x84, 0x76, 0x0, 0x0) close_range$auto(r1, r0, 0xa) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYRESDEC=r2, @ANYRES32=r2, @ANYBLOB="12000100898771f1c19f1701808590822ad90000fbffffff"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x2) r4 = socket(0xa, 0x3, 0x100) socket(0x2b, 0x2, 0x4af1) socket(0xa, 0x801, 0x84) write$auto(r4, &(0x7f0000000140)='H\x12Y\xbat\xfe\xc8\x0f\x00\x00\x00\xfa\x86\x92\x1e]\x00@,\x18H\xcf\xf8?\xca\xa3z\x1a\x01(\f\x05\x93\xd5\xf6\xd2\xdfK\x85\x8b^\xce\xf3\x06oW\x8c\xc8\xc9\xd4\xd4\xc4\x1b\xa7\x8ep\xd8Z\x89U\xfd\x94', 0x0) move_pages$auto(0x0, 0x233, 0x0, 0x0, 0x0, 0x8000000000000000) getsockopt$auto(0x6, 0x84, 0x80, 0x0, &(0x7f00000000c0)=0x67f) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/can/rcvlist_sff\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000000040)=""/87, 0x57) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x4b1c6d5132fdf9f5, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) 4.58603685s ago: executing program 2 (id=3608): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x2c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x133, 0x0, 0x1, [@typed={0xc, 0x135, 0x0, 0x0, @u64=0x38}]}]}]}, 0x2c}, 0x1, 0x0, 0x6000, 0x20000000}, 0x200400d0) 4.480064829s ago: executing program 3 (id=3609): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20082, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$auto(0x3, 0xc0305602, 0x38) ioctl$auto_KVM_CREATE_VM(r0, 0x4138ae84, 0x0) 4.288699628s ago: executing program 1 (id=3610): mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) mmap$auto(0x2, 0x400005, 0x200, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/bdi/43:96/min_bytes\x00', 0x5e5c2, 0x0) mmap$auto(0x10, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40043d14, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0xffff, 0xeb1, 0xfffffffffffffffa, 0x80000001) remap_file_pages$auto(0x7ff, 0x1000, 0x2800000, 0x6, 0x4) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000000)={0x5, 0x401, 0x6, 0x0, 0x7ff, "9ecb8f86c25567f67b9e2119"}) close_range$auto(0x2, 0xffffffffffffffff, 0xfffffffe) open(0x0, 0x22240, 0x155) mmap$auto(0xe6, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x311) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) setfsuid$auto(0x0) umount2$auto(&(0x7f0000000200)='.\x00', 0xd) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd13/sched/read1_fifo_list\x00', 0x109100, 0x0) setpriority$auto(0x2, 0x0, 0x4) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x89b0, &(0x7f0000000140)={'macvtap0\x00'}) 4.23595134s ago: executing program 2 (id=3611): r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x43, 0x0) r1 = socketpair$auto(0x8, 0x10000008, 0x8, 0x0) r2 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000080)={0x38d, r1, r2, 0x9d}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x1, 0x84) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000180), r1) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x1, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x200, 0x0) getdents$auto(r0, 0xfffffffffffffffd, 0x108) mmap$auto(0x0, 0x20000a, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x2, 0x8, 0x4000000000db, 0x44eb1, 0x4000000000000006, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) socket(0x10, 0x2, 0x76ad) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1d, 0x2, 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x80000, 0x2003f0, 0x15) madvise$auto(0x0, 0x7ffffffffff7fff6, 0x9) splice$auto(0x4, 0x0, r1, 0x0, 0x1000, 0xf) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) clock_adjtime$auto(0x3f, &(0x7f0000000000)={0x7, 0x8, 0x4, 0x8, 0x7fffffff, 0xffffffc0, 0x6, 0x5, 0x3, 0x0, 0xb9, {}, 0x1000, 0x7, 0xb, 0x5, 0x2000006, 0x101, 0x7fff, 0x3}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sr0\x00', 0xa40, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) 4.011518667s ago: executing program 3 (id=3612): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000340), r0) sendmsg$auto_IOAM6_CMD_DUMP_NAMESPACES(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x70b, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x4000000000000000, 0x4008041}, 0x20000000) 3.908363575s ago: executing program 1 (id=3613): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x7, 0x2000400000d, 0xfffffffffffffffc, 0x0, 0x3) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x200000000000000, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0xc00, 0x2c, 0x2c, 0x0, 0x2}) 3.768235383s ago: executing program 3 (id=3614): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) lsetxattr$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='/dev/ram7\x00', &(0x7f00000000c0)="50444a2f5782dcde3c5fa96fdad617f0b5d27195a2198a50fdb2694051b602133b4a0499873019ddb58acc36fc37a649e910da6d4d19f62738f733502b77299368337dc0a61dcff6136d2764d163877ad3295316efdbe0e06d7cd02c64", 0x5, 0x9) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) sysfs$auto(0x2, 0x100000000000038, 0x0) (async) r0 = fsopen$auto(0x0, 0x1) (async) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYRESOCT=r1, @ANYRESDEC=r0, @ANYBLOB="010029bd700000dcdf250200000004000800200001801c001080060009"], 0x38}, 0x1, 0x0, 0x0, 0x200088b0}, 0x4004080) (async) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x8041, 0x0) lseek$auto(r4, 0x8000, 0x1) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x7e, 0x0) socket(0x2, 0x1, 0x106) (async) fstatfs$auto(0x3, 0x0) (async) ioctl$auto(0x3, 0x8912, 0x46) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'team_slave_0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100cda4429629bd7100f9db5f250200000000000000", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 3.52719904s ago: executing program 0 (id=3615): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xf}, 0x6, 0x0) r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$auto_I2C_SMBUS(r1, 0x720, 0x4) 3.18775286s ago: executing program 0 (id=3616): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xf}, 0x6, 0x0) r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$auto_I2C_SMBUS(r1, 0x720, 0x4) (fail_nth: 1) 2.912093117s ago: executing program 0 (id=3617): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xf}, 0xfffffffffffffffb, 0x0) r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$auto_I2C_SMBUS(r1, 0x720, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r3, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x94) 2.733275228s ago: executing program 3 (id=3618): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x6}, 0x5) (async) open(0x0, 0x2a002, 0x32) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) (async) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) sendfile$auto(0x6, 0x3, 0x0, 0xc01) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvfrom$auto(0xffffffffffffffff, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) unshare$auto(0x40000080) (async) socket(0x22, 0x6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) unshare$auto(0x40000080) (async) newfstatat$auto(0xffffffffffffffff, &(0x7f0000000580), 0x0, 0x1000) (async) unshare$auto(0x3) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xfffffffd, 0x6, 0x93d, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x2138, 0x5, 0x8, 0x7, 0xb0, 0x400000000, 0x4, 0x3, 0x4, 0x5, 0x802, 0x10, 0x4, 0x9, 0x1fffffff, 0x1, [0x4, 0x1b9, 0x0, 0x7fff, 0x2, 0x9, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0xfffffffffffffffa, 0x0, 0x2, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffdff, 0x0, 0x4, 0x6, 0x10, 0x0, 0x80, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x1, 0x20, 0x1, 0x1]}, 0x1fe, 0x81) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40400c4) (async) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async, rerun: 32) r2 = socket(0x10, 0x2, 0x0) (rerun: 32) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x1f00}, 0x40000) 2.668514039s ago: executing program 1 (id=3619): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x0, 0x0) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) madvise$auto(0x0, 0x53, 0x9) r0 = openat$auto_generic(0xffffffffffffff9c, 0x0, 0x101000, 0x0) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) io_submit$auto(0x4, 0x7fff, &(0x7f0000000100)=&(0x7f00000000c0)={0x180000003, 0x7, 0x4, 0x1ff, 0xfe01, r0, 0x100000004, 0x3, 0x10, 0x0, 0x6976}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000040)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) r2 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$auto_I2C_SMBUS(r2, 0x720, 0x4) unlink$auto(&(0x7f0000000140)='./file0\x00') mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) fallocate$auto(0x3, 0x0, 0xe, 0x8ec8) mremap$auto(0x6, 0xad, 0x6, 0x7, 0x4) timer_create$auto(0x3, 0x0, 0x0) 2.610024733s ago: executing program 0 (id=3620): sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4000000) r0 = socket(0x2, 0x1, 0x106) r1 = socket(0x11, 0x3, 0x9) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x800, 0x2, 0x0) r2 = fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000280)=ANY=[@ANYBLOB="30893d6f0f80", @ANYRES16=r5, @ANYBLOB="01002abd7000fcdbdf25140000000c00018008000100", @ANYRES32=r6, @ANYBLOB="05000c0006000000"], 0x28}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'vxcan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'gretap0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth1_macvtap\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'netpci0\x00', 0x0}) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff) r13 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r11, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000012c0)=ANY=[@ANYBLOB="44010000", @ANYRES16=r12, @ANYBLOB="01002dbd7000fddbdf250a00000008000100", @ANYRES32=r14, @ANYBLOB="280109800c00ea006d61637365633000e7002e80ea546656278c93952f9101afd392a22ad5dee5c3d6fea5031c8d17ca812af7fe7b240d9f6a3469659743be1864c7db436e9e76d49111fd550a1ca8b35a7d9748c7374ce3c5ee0cb000d2af41cf3ff5ca2140a4345cd86d7fa409604cd47536c8c89ac53fcf904f2040e3fa588f7845d5a5a3c758d76a6ea3243d41523307b728c1eae2fae8f36da92dc889cdc79fd55c8d4d0ad53e9f9120101cf27eaf1d15ddb64f597c46cf34373303f61cfc19c15f173d7f0d2f6870beddf607a1ebd3b22caddd7f9fd609a1115beabcf4f867ddee569d307ebe1240f53b7999a06b1f915f882e7e0008004300", @ANYRES32, @ANYBLOB="0b0042006d6163736563000014002d00fc010000000000000000000000000001080001"], 0x144}, 0x1, 0x0, 0x0, 0x4040085}, 0x0) socket(0x2, 0xa, 0xe57a) ioctl$auto(0x3, 0x9, 0xfffffffffffff4e0) sendmsg$auto_ETHTOOL_MSG_MM_GET(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000440)={0x18c, r5, 0x900, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_MM_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xfffffffd}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @ETHTOOL_A_MM_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9f}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10000}]}, @ETHTOOL_A_MM_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10000}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xd}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xbfa}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}, @ETHTOOL_A_MM_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6396}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7fff}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @ETHTOOL_A_MM_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xfa}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_MM_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4890}, 0x45) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1f, 0x3, 0x300000000000001, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2, 0x300000000000000]}, 0x0) 1.486689761s ago: executing program 1 (id=3621): socket(0x2, 0x1, 0x106) openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0x20682, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/nbd1/queue/max_sectors_kb\x00', 0x88200, 0x0) socket(0x22, 0x3, 0x0) clone$auto(0x7fff, 0xff, 0x0, 0x0, 0x7) socket(0x2, 0x1, 0x0) socket(0x23, 0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r1, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001680)={0x2c, r2, 0x23, 0x70bd27, 0x25dfdbfc, {}, [@MACSEC_ATTR_SA_CONFIG={0xc, 0x3, 0x0, 0x1, [@nested={0x5, 0x1, 0x0, 0x1, [@generic="03"]}]}, @MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r3) 1.376514196s ago: executing program 0 (id=3622): pselect6$auto(0x401, 0x0, 0x0, 0x0, 0x0, &(0x7f00000067c0)="36369dc69f") socket(0x2, 0x1, 0x106) openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0x20682, 0x0) r0 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000040c0)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x100, 0x0) preadv$auto(r0, &(0x7f0000004480)={0x0, 0xc}, 0x4, 0xb72, 0xfffffffffffffff7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/nbd1/queue/max_sectors_kb\x00', 0x88200, 0x0) socket(0x2a, 0x4, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/tcp\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0xffe, 0x0) r2 = clone$auto(0x7fff, 0xff, 0x0, 0x0, 0x7) socket(0x2, 0x1, 0x0) socket(0x23, 0x2, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) timer_create$auto(0x4a68, &(0x7f0000000140)={@sival_ptr=&(0x7f0000000040)="b0bc09631ef7e74fd4d645d2d49c95603dc504f529f1e3b125519aa0671c693b86534eafafc430641867910a3f5e6c274f9d3b8b593e07e9fcef45493c649093effe0d0183f8c37f221f2ffb3944661f3926a82874c070b1a9f6561a98be0b71b10957ee0659d644914947d79263ce1d4adeb56d369be6ca3866537ff2ce930a267321d2f394956d3366bc1a6b2d10ab18ef54fa498c55905886da8263efe6cf9423b7c18b8e65d94554ad21261e4133321be37aa3a0b8ecddaa149e00a7a5f716cc3c5e5c7638e310fd8abda99cb93fd8e22e2bc84e2e124559c2d2a694cb118de0f4b37018739d5986d2d2fbf8ac", @inferred, 0x2, @_tid=r2}, &(0x7f0000000180)=0x1) ioctl$auto(r3, 0x541c, r4) 1.195971747s ago: executing program 2 (id=3623): r0 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy4/reset\x00', 0x121c01, 0x0) r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x80802, 0x0) read$auto_vcs_fops_vc_screen(r1, &(0x7f0000000040)=""/120, 0x78) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x541b, 0x38) map_shadow_stack$auto(0x0, 0x7, 0x9) socket(0xa, 0x801, 0x84) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0xd68) openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x20000, 0x0) write$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r0, 0x0, 0x63) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4b35, 0xffffffffffffffff) 345.748806ms ago: executing program 1 (id=3624): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x40}]}, 0x3c}, 0x1, 0x0, 0x100000000000000, 0x10}, 0x4040000) 228.838262ms ago: executing program 0 (id=3625): pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x0e\x80\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfded, 0x3) 0s ago: executing program 3 (id=3626): openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0x81) ioperm$auto(0x800, 0x5, 0xd) select$auto(0x2, &(0x7f0000000100)={[0x7, 0x5, 0x8, 0x7fffffffffffffff, 0x8001, 0xac7, 0x3, 0x8, 0x5, 0x27e2, 0x6, 0xfffffffffffffffc, 0x8, 0xffff, 0x2, 0x6]}, &(0x7f0000000180)={[0x100, 0x2ff9217, 0xb9, 0x100000001, 0x1, 0x80000002, 0xec, 0x81, 0x1, 0x3, 0x8542, 0x0, 0x1c00, 0x2, 0x2]}, &(0x7f0000000200)={[0x74a, 0x0, 0x8000000000000000, 0xfffffffffffffffd, 0x9, 0x1, 0x1, 0x8000000000000001, 0xe141, 0x4, 0x9ee6, 0x4, 0x5, 0x7, 0x6, 0x9]}, &(0x7f0000000080)={0x8, 0x27970000000000}) io_destroy$auto(0xffffffff7ffffff9) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0xa901, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027617c36720add70ab0343990f7d0bbc96dc0b"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r3}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x6}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) read$auto(r1, &(0x7f0000000040)='\x00', 0x10001) mmap$auto(0x9f, 0x1000008, 0xfff, 0xebb, r0, 0x100000) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x642, 0x0) read$auto_mon_fops_binary_mon_bin(r4, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): 521.653701][T13467] R13: 0000000000000000 R14: 00007f7738b75fa0 R15: 00007ffd8081de98 [ 521.661716][T13467] [ 521.869200][T13477] netlink: 246 bytes leftover after parsing attributes in process `syz.0.2001'. [ 524.539489][T13553] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2019'. [ 525.077870][T13560] vcan0: tx drop: invalid da for name 0x000000000000003f [ 525.469576][T13572] Line length is too long: Should be less than 4094 [ 528.135143][T13627] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2041'. [ 530.688318][T13689] openvswitch: : Dropping previously announced user features [ 531.672126][T13692] delete_channel: no stack [ 531.880641][T13711] vcan0: tx drop: invalid da for name 0x000000000000003f [ 532.146566][T13721] vcan0: tx drop: invalid da for name 0x000000000000003f [ 533.849883][T13756] vcan0: tx drop: invalid da for name 0x000000000000003f [ 534.626587][T13768] FAULT_INJECTION: forcing a failure. [ 534.626587][T13768] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 534.639854][T13768] CPU: 1 UID: 0 PID: 13768 Comm: syz.0.2080 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 534.650648][T13768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 534.660731][T13768] Call Trace: [ 534.664019][T13768] [ 534.666959][T13768] dump_stack_lvl+0x16c/0x1f0 [ 534.671657][T13768] should_fail_ex+0x497/0x5b0 [ 534.676347][T13768] _copy_from_user+0x2e/0xd0 [ 534.680954][T13768] ____sys_sendmsg+0x56e/0xb40 [ 534.685725][T13768] ? __pfx_____sys_sendmsg+0x10/0x10 [ 534.691012][T13768] ? __lock_acquire+0xcc5/0x3c40 [ 534.695970][T13768] ___sys_sendmsg+0x135/0x1e0 [ 534.700665][T13768] ? __pfx____sys_sendmsg+0x10/0x10 [ 534.705884][T13768] ? trace_lock_acquire+0x14e/0x1f0 [ 534.711107][T13768] __sys_sendmmsg+0x201/0x420 [ 534.715796][T13768] ? __pfx___sys_sendmmsg+0x10/0x10 [ 534.721010][T13768] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 534.727004][T13768] ? fput+0x67/0x440 [ 534.730911][T13768] ? ksys_write+0x1ba/0x250 [ 534.735418][T13768] ? __pfx_ksys_write+0x10/0x10 [ 534.740278][T13768] __x64_sys_sendmmsg+0x9c/0x100 [ 534.745226][T13768] ? lockdep_hardirqs_on+0x7c/0x110 [ 534.750430][T13768] do_syscall_64+0xcd/0x250 [ 534.754947][T13768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.760846][T13768] RIP: 0033:0x7f0810585d29 [ 534.765259][T13768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.784880][T13768] RSP: 002b:00007f0811459038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 534.793294][T13768] RAX: ffffffffffffffda RBX: 00007f0810775fa0 RCX: 00007f0810585d29 [ 534.801266][T13768] RDX: 0000000000000005 RSI: 0000000020000140 RDI: 0000000000000003 [ 534.809236][T13768] RBP: 00007f0811459090 R08: 0000000000000000 R09: 0000000000000000 [ 534.817207][T13768] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 534.825178][T13768] R13: 0000000000000000 R14: 00007f0810775fa0 R15: 00007ffe78ef2d08 [ 534.833162][T13768] [ 535.202502][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 536.200617][T13802] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2089'. [ 539.831680][T13883] sctp: [Deprecated]: syz.1.2109 (pid 13883) Use of int in maxseg socket option. [ 539.831680][T13883] Use struct sctp_assoc_value instead [ 539.988130][T13884] FAULT_INJECTION: forcing a failure. [ 539.988130][T13884] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 540.038804][T13884] CPU: 0 UID: 0 PID: 13884 Comm: syz.2.2108 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 540.049615][T13884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 540.059695][T13884] Call Trace: [ 540.062995][T13884] [ 540.065956][T13884] dump_stack_lvl+0x16c/0x1f0 [ 540.070684][T13884] should_fail_ex+0x497/0x5b0 [ 540.075400][T13884] _copy_from_user+0x2e/0xd0 [ 540.080039][T13884] do_sock_getsockopt+0x319/0x870 [ 540.085096][T13884] ? trace_lock_acquire+0x120/0x1f0 [ 540.090338][T13884] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 540.095920][T13884] ? lock_acquire+0x2f/0xb0 [ 540.100446][T13884] ? __fget_files+0x40/0x3a0 [ 540.105074][T13884] ? __fget_files+0x206/0x3a0 [ 540.109794][T13884] __sys_getsockopt+0x12f/0x260 [ 540.114688][T13884] __x64_sys_getsockopt+0xbd/0x160 [ 540.119837][T13884] ? do_syscall_64+0x91/0x250 [ 540.124549][T13884] ? lockdep_hardirqs_on+0x7c/0x110 [ 540.129784][T13884] do_syscall_64+0xcd/0x250 [ 540.134323][T13884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.140252][T13884] RIP: 0033:0x7f3f74785d29 [ 540.144692][T13884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 540.164336][T13884] RSP: 002b:00007f3f754ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 540.172790][T13884] RAX: ffffffffffffffda RBX: 00007f3f74975fa0 RCX: 00007f3f74785d29 [ 540.180788][T13884] RDX: 000000000000000d RSI: 0000000000000084 RDI: 0000000000000003 [ 540.188780][T13884] RBP: 00007f3f754ed090 R08: 0000000020000140 R09: 0000000000000000 [ 540.196773][T13884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 540.204759][T13884] R13: 0000000000000000 R14: 00007f3f74975fa0 R15: 00007ffeb06ad9b8 [ 540.212767][T13884] [ 540.233435][T13884] sctp: [Deprecated]: syz.2.2108 (pid 13884) Use of int in maxseg socket option. [ 540.233435][T13884] Use struct sctp_assoc_value instead [ 540.524907][T13898] vcan0: tx drop: invalid da for name 0x000000000000003f [ 541.251178][T13916] FAULT_INJECTION: forcing a failure. [ 541.251178][T13916] name failslab, interval 1, probability 0, space 0, times 0 [ 541.300460][T13916] CPU: 0 UID: 0 PID: 13916 Comm: syz.2.2119 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 541.311266][T13916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 541.321344][T13916] Call Trace: [ 541.324641][T13916] [ 541.327596][T13916] dump_stack_lvl+0x16c/0x1f0 [ 541.332316][T13916] should_fail_ex+0x497/0x5b0 [ 541.337032][T13916] ? fs_reclaim_acquire+0xae/0x150 [ 541.342180][T13916] should_failslab+0xc2/0x120 [ 541.346905][T13916] __kmalloc_noprof+0xce/0x4f0 [ 541.351711][T13916] ? tomoyo_encode2+0x100/0x3e0 [ 541.356599][T13916] tomoyo_encode2+0x100/0x3e0 [ 541.361315][T13916] tomoyo_realpath_from_path+0x1a7/0x710 [ 541.366986][T13916] ? tomoyo_path_number_perm+0x235/0x5b0 [ 541.372663][T13916] tomoyo_path_number_perm+0x248/0x5b0 [ 541.378160][T13916] ? tomoyo_path_number_perm+0x235/0x5b0 [ 541.383837][T13916] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 541.389855][T13916] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 541.395573][T13916] security_file_ioctl+0x9b/0x240 [ 541.400633][T13916] __x64_sys_ioctl+0xb7/0x200 [ 541.405346][T13916] do_syscall_64+0xcd/0x250 [ 541.409890][T13916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.415826][T13916] RIP: 0033:0x7f3f74785d29 [ 541.420265][T13916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.439898][T13916] RSP: 002b:00007f3f754ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 541.448335][T13916] RAX: ffffffffffffffda RBX: 00007f3f74975fa0 RCX: 00007f3f74785d29 [ 541.456327][T13916] RDX: 0000000000000008 RSI: 000000000000890c RDI: 0000000000000001 [ 541.464319][T13916] RBP: 00007f3f754ed090 R08: 0000000000000000 R09: 0000000000000000 [ 541.472314][T13916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 541.480310][T13916] R13: 0000000000000000 R14: 00007f3f74975fa0 R15: 00007ffeb06ad9b8 [ 541.488322][T13916] [ 541.509031][T13916] ERROR: Out of memory at tomoyo_realpath_from_path. [ 542.262665][T13946] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2128'. [ 542.764905][T13961] netlink: 452 bytes leftover after parsing attributes in process `syz.3.2132'. [ 543.022708][T13966] vcan0: tx drop: invalid da for name 0x000000000000003f [ 543.982950][T13996] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 561.075409][T14291] dump_stack_lvl+0x16c/0x1f0 [ 561.080128][T14291] should_fail_ex+0x497/0x5b0 [ 561.084846][T14291] _copy_to_user+0x32/0xd0 [ 561.089303][T14291] simple_read_from_buffer+0xd0/0x160 [ 561.094713][T14291] proc_fail_nth_read+0x198/0x270 [ 561.099786][T14291] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 561.105380][T14291] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 561.110968][T14291] vfs_read+0x1df/0xbe0 [ 561.115160][T14291] ? __fget_files+0x1fc/0x3a0 [ 561.119870][T14291] ? __pfx___mutex_lock+0x10/0x10 [ 561.124935][T14291] ? __pfx_vfs_read+0x10/0x10 [ 561.129660][T14291] ? __fget_files+0x206/0x3a0 [ 561.134378][T14291] ksys_read+0x12b/0x250 [ 561.138658][T14291] ? __pfx_ksys_read+0x10/0x10 [ 561.143465][T14291] do_syscall_64+0xcd/0x250 [ 561.148008][T14291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.153942][T14291] RIP: 0033:0x7f773898473c [ 561.158381][T14291] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 561.178012][T14291] RSP: 002b:00007f77396d2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 561.186451][T14291] RAX: ffffffffffffffda RBX: 00007f7738b75fa0 RCX: 00007f773898473c [ 561.194446][T14291] RDX: 000000000000000f RSI: 00007f77396d20a0 RDI: 0000000000000004 [ 561.202439][T14291] RBP: 00007f77396d2090 R08: 0000000000000000 R09: 0000000000000000 [ 561.210434][T14291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 561.218433][T14291] R13: 0000000000000000 R14: 00007f7738b75fa0 R15: 00007ffd8081de98 [ 561.226448][T14291] [ 562.459749][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 562.492193][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 562.500304][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 562.518001][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 562.535446][ T5840] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 562.544822][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 562.777002][T14316] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 563.232160][T14314] chnl_net:caif_netlink_parms(): no params data found [ 563.561152][T14336] vcan0: tx drop: invalid da for name 0x000000000000003f [ 563.705676][T14314] bridge0: port 1(bridge_slave_0) entered blocking state [ 563.713150][T14314] bridge0: port 1(bridge_slave_0) entered disabled state [ 563.739396][T14314] bridge_slave_0: entered allmulticast mode [ 563.746767][T14314] bridge_slave_0: entered promiscuous mode [ 563.802374][T14314] bridge0: port 2(bridge_slave_1) entered blocking state [ 563.822126][T14314] bridge0: port 2(bridge_slave_1) entered disabled state [ 563.839597][T14314] bridge_slave_1: entered allmulticast mode [ 563.846786][T14314] bridge_slave_1: entered promiscuous mode [ 564.140002][T14314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 564.152248][T14314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 564.277426][T14314] team0: Port device team_slave_0 added [ 564.295754][T14314] team0: Port device team_slave_1 added [ 564.461257][T14314] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 564.478481][T14314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.525156][T14314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 564.548383][T14314] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 564.557896][T14314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.594348][T14314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 564.639625][ T5842] Bluetooth: hci1: command tx timeout [ 564.753814][T14314] hsr_slave_0: entered promiscuous mode [ 564.840197][T14314] hsr_slave_1: entered promiscuous mode [ 564.889509][T14314] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 564.897101][T14314] Cannot create hsr debugfs directory [ 565.043962][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 565.050449][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.279661][T14364] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2239'. [ 565.766575][T14314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 565.822104][T14314] 8021q: adding VLAN 0 to HW filter on device team0 [ 565.850147][ T3434] bridge0: port 1(bridge_slave_0) entered blocking state [ 565.857277][ T3434] bridge0: port 1(bridge_slave_0) entered forwarding state [ 565.909205][ T3434] bridge0: port 2(bridge_slave_1) entered blocking state [ 565.916352][ T3434] bridge0: port 2(bridge_slave_1) entered forwarding state [ 566.392376][T14314] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 566.617186][T14382] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2247'. [ 566.670495][T14382] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2247'. [ 566.719564][ T5842] Bluetooth: hci1: command tx timeout [ 566.946175][T14314] veth0_vlan: entered promiscuous mode [ 566.975978][T14314] veth1_vlan: entered promiscuous mode [ 567.052864][T14314] veth0_macvtap: entered promiscuous mode [ 567.062679][T14395] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2246'. [ 567.092680][T14314] veth1_macvtap: entered promiscuous mode [ 567.131018][T14314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 567.159456][T14314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.179979][T14314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 567.211183][T14314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.236642][T14314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 567.257193][T14314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.278667][T14314] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 567.310333][T14314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 567.339733][T14314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.369282][T14314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 567.399329][T14314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.419292][T14314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 567.439559][T14314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.462544][T14314] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 567.783398][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.820798][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 567.920994][ T3434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.949812][ T3434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 568.268368][T14417] bridge0: port 3(syz_tun) entered blocking state [ 568.299590][T14417] bridge0: port 3(syz_tun) entered disabled state [ 568.306272][T14417] syz_tun: entered allmulticast mode [ 568.342669][T14417] syz_tun: entered promiscuous mode [ 568.348446][T14417] bridge0: port 3(syz_tun) entered blocking state [ 568.355036][T14417] bridge0: port 3(syz_tun) entered forwarding state [ 568.750590][T14425] FAULT_INJECTION: forcing a failure. [ 568.750590][T14425] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 568.799518][ T5842] Bluetooth: hci1: command tx timeout [ 568.890996][T14425] CPU: 0 UID: 0 PID: 14425 Comm: syz.1.2255 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 568.901805][T14425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 568.911882][T14425] Call Trace: [ 568.915183][T14425] [ 568.918138][T14425] dump_stack_lvl+0x16c/0x1f0 [ 568.922858][T14425] should_fail_ex+0x497/0x5b0 [ 568.927577][T14425] _copy_from_user+0x2e/0xd0 [ 568.932208][T14425] do_sock_getsockopt+0x319/0x870 [ 568.937270][T14425] ? trace_lock_acquire+0x120/0x1f0 [ 568.942513][T14425] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 568.948088][T14425] ? lock_acquire+0x2f/0xb0 [ 568.952604][T14425] ? __fget_files+0x40/0x3a0 [ 568.957215][T14425] ? __fget_files+0x206/0x3a0 [ 568.961901][T14425] __sys_getsockopt+0x12f/0x260 [ 568.966777][T14425] __x64_sys_getsockopt+0xbd/0x160 [ 568.971902][T14425] ? do_syscall_64+0x91/0x250 [ 568.976590][T14425] ? lockdep_hardirqs_on+0x7c/0x110 [ 568.981794][T14425] do_syscall_64+0xcd/0x250 [ 568.986304][T14425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.992210][T14425] RIP: 0033:0x7f3cfcd85d29 [ 568.996629][T14425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.016240][T14425] RSP: 002b:00007f3cfdc68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 569.024657][T14425] RAX: ffffffffffffffda RBX: 00007f3cfcf75fa0 RCX: 00007f3cfcd85d29 [ 569.032630][T14425] RDX: 000000000000000d RSI: 0000000000000084 RDI: 0000000000000003 [ 569.040600][T14425] RBP: 00007f3cfdc68090 R08: 0000000000000000 R09: 0000000000000000 [ 569.048569][T14425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 569.056539][T14425] R13: 0000000000000000 R14: 00007f3cfcf75fa0 R15: 00007ffc491303a8 [ 569.064521][T14425] [ 570.148502][T14443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2259'. [ 570.469487][T14448] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2261'. [ 570.880004][ T5842] Bluetooth: hci1: command tx timeout [ 571.295046][T14464] Invalid ELF header magic: != ELF [ 572.484572][T14473] can: request_module (can-proto-0) failed. [ 573.266936][T14501] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2275'. [ 573.920525][T14506] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(2878437429.746529018.3717483227), cmd(7) [ 575.087899][T14539] sock: sock_timestamping_bind_phc: sock not bind to device [ 575.129512][T14497] binder: 14496:14497 unknown command 0 [ 575.147573][T14497] binder: 14496:14497 ioctl c0306201 9 returned -22 [ 575.326835][T14524] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 575.359689][T14524] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 575.398892][T14524] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 575.432763][T14524] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 575.501541][T14524] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 575.904563][T14524] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 576.559435][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 577.029444][T14568] netlink: zone id is out of range [ 577.034629][T14568] netlink: get zone limit has 4 unknown bytes [ 577.340272][T14575] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2291'. [ 577.439387][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 577.445531][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 577.451793][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 578.407156][T14590] : Can't lookup blockdev [ 579.519800][T14579] Bluetooth: hci1: command 0x0c1a tx timeout [ 579.542563][T14605] ima: policy update failed [ 579.548889][ T29] audit: type=1802 audit(6032037161.903:15): pid=14605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2299" res=0 errno=0 [ 579.691448][T14597] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2298'. [ 580.540799][T14609] netlink: 146 bytes leftover after parsing attributes in process `syz.1.2301'. [ 580.564929][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 580.578780][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 580.587347][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 580.600102][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 580.608978][ T5847] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 580.616379][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 581.494764][T14625] FAULT_INJECTION: forcing a failure. [ 581.494764][T14625] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 581.586855][T14625] CPU: 0 UID: 0 PID: 14625 Comm: syz.1.2304 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 581.597688][T14625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 581.607773][T14625] Call Trace: [ 581.611077][T14625] [ 581.614028][T14625] dump_stack_lvl+0x16c/0x1f0 [ 581.618746][T14625] should_fail_ex+0x497/0x5b0 [ 581.623471][T14625] _copy_to_iter+0x29b/0x1400 [ 581.628206][T14625] ? trace_lock_acquire+0x14e/0x1f0 [ 581.628666][T14611] chnl_net:caif_netlink_parms(): no params data found [ 581.633425][T14625] ? __pfx_lock_release+0x10/0x10 [ 581.645252][T14625] ? __pfx__copy_to_iter+0x10/0x10 [ 581.650406][T14625] ? __virt_addr_valid+0x1a4/0x590 [ 581.655570][T14625] ? __virt_addr_valid+0x5e/0x590 [ 581.660637][T14625] ? __phys_addr_symbol+0x30/0x80 [ 581.665703][T14625] ? __check_object_size+0x488/0x710 [ 581.671032][T14625] seq_read_iter+0xd00/0x12b0 [ 581.675756][T14625] kernfs_fop_read_iter+0x414/0x580 [ 581.680994][T14625] ? rw_verify_area+0xd0/0x700 [ 581.685792][T14625] vfs_read+0x87f/0xbe0 [ 581.689997][T14625] ? __pfx_vfs_read+0x10/0x10 [ 581.694728][T14625] ksys_read+0x12b/0x250 [ 581.699000][T14625] ? __pfx_ksys_read+0x10/0x10 [ 581.703802][T14625] do_syscall_64+0xcd/0x250 [ 581.708349][T14625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.714285][T14625] RIP: 0033:0x7f3cfcd85d29 [ 581.718724][T14625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 581.738357][T14625] RSP: 002b:00007f3cfdc68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 581.746808][T14625] RAX: ffffffffffffffda RBX: 00007f3cfcf75fa0 RCX: 00007f3cfcd85d29 [ 581.754806][T14625] RDX: 00000000000000ff RSI: 00000000200000c0 RDI: 0000000000000003 [ 581.762804][T14625] RBP: 00007f3cfdc68090 R08: 0000000000000000 R09: 0000000000000000 [ 581.770801][T14625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 581.778799][T14625] R13: 0000000000000000 R14: 00007f3cfcf75fa0 R15: 00007ffc491303a8 [ 581.786810][T14625] [ 581.794172][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout [ 582.328375][T14611] bridge0: port 1(bridge_slave_0) entered blocking state [ 582.336021][T14611] bridge0: port 1(bridge_slave_0) entered disabled state [ 582.351791][T14611] bridge_slave_0: entered allmulticast mode [ 582.358867][T14611] bridge_slave_0: entered promiscuous mode [ 582.408111][T14611] bridge0: port 2(bridge_slave_1) entered blocking state [ 582.439321][T14611] bridge0: port 2(bridge_slave_1) entered disabled state [ 582.446511][T14611] bridge_slave_1: entered allmulticast mode [ 582.490396][T14611] bridge_slave_1: entered promiscuous mode [ 582.779452][ T5847] Bluetooth: hci4: command tx timeout [ 583.172935][T14611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 583.205517][T14611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 583.391678][T14611] team0: Port device team_slave_0 added [ 583.437700][T14611] team0: Port device team_slave_1 added [ 583.841004][T14611] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 583.848017][T14611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 583.906981][T14611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 583.931241][T14611] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 583.969337][T14611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 583.995404][T14611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 584.127334][T14611] hsr_slave_0: entered promiscuous mode [ 584.138448][T14611] hsr_slave_1: entered promiscuous mode [ 584.174638][T14611] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 584.196441][T14611] Cannot create hsr debugfs directory [ 584.574566][T14611] 8021q: adding VLAN 0 to HW filter on device bond0 [ 584.618580][T14611] 8021q: adding VLAN 0 to HW filter on device team0 [ 584.634496][ T8833] bridge0: port 1(bridge_slave_0) entered blocking state [ 584.641668][ T8833] bridge0: port 1(bridge_slave_0) entered forwarding state [ 584.677827][ T3434] bridge0: port 2(bridge_slave_1) entered blocking state [ 584.685017][ T3434] bridge0: port 2(bridge_slave_1) entered forwarding state [ 584.799673][ T5847] Bluetooth: hci4: command tx timeout [ 585.206330][T14611] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 585.559147][T14611] veth0_vlan: entered promiscuous mode [ 585.590534][T14611] veth1_vlan: entered promiscuous mode [ 585.651221][T14611] veth0_macvtap: entered promiscuous mode [ 585.660811][T14611] veth1_macvtap: entered promiscuous mode [ 585.675792][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.686614][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.696849][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.707636][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.717697][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.728217][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.738129][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.748643][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.760313][T14611] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 585.770146][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.780695][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.790795][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.801815][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.811813][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.822340][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.832211][T14611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.842761][T14611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.853588][T14611] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 586.361143][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 586.408235][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 586.476209][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 586.506112][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 586.879420][ T5847] Bluetooth: hci4: command tx timeout [ 587.486363][T14720] sctp: [Deprecated]: syz.1.2325 (pid 14720) Use of int in max_burst socket option. [ 587.486363][T14720] Use struct sctp_assoc_value instead [ 588.959499][ T5847] Bluetooth: hci4: command tx timeout [ 592.094461][T14808] FAULT_INJECTION: forcing a failure. [ 592.094461][T14808] name failslab, interval 1, probability 0, space 0, times 0 [ 592.129485][T14808] CPU: 0 UID: 0 PID: 14808 Comm: syz.3.2345 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 592.140294][T14808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 592.150366][T14808] Call Trace: [ 592.153644][T14808] [ 592.156574][T14808] dump_stack_lvl+0x16c/0x1f0 [ 592.161264][T14808] should_fail_ex+0x497/0x5b0 [ 592.165955][T14808] ? fs_reclaim_acquire+0xae/0x150 [ 592.171083][T14808] should_failslab+0xc2/0x120 [ 592.175773][T14808] __kmalloc_noprof+0xce/0x4f0 [ 592.180552][T14808] ? d_absolute_path+0x137/0x1b0 [ 592.185498][T14808] ? tomoyo_encode2+0x100/0x3e0 [ 592.190367][T14808] tomoyo_encode2+0x100/0x3e0 [ 592.195057][T14808] tomoyo_realpath_from_path+0x1a7/0x710 [ 592.200713][T14808] tomoyo_path_number_perm+0x248/0x5b0 [ 592.206199][T14808] ? tomoyo_path_number_perm+0x235/0x5b0 [ 592.211849][T14808] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 592.217868][T14808] ? __pfx_lock_release+0x10/0x10 [ 592.222898][T14808] ? trace_lock_acquire+0x14e/0x1f0 [ 592.228110][T14808] ? lock_acquire+0x2f/0xb0 [ 592.232612][T14808] ? __fget_files+0x40/0x3a0 [ 592.237215][T14808] ? __fget_files+0x206/0x3a0 [ 592.241906][T14808] security_file_ioctl+0x9b/0x240 [ 592.246954][T14808] __x64_sys_ioctl+0xb7/0x200 [ 592.251656][T14808] do_syscall_64+0xcd/0x250 [ 592.256190][T14808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.262095][T14808] RIP: 0033:0x7f7738985d29 [ 592.266511][T14808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 592.286120][T14808] RSP: 002b:00007f77367f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 592.294540][T14808] RAX: ffffffffffffffda RBX: 00007f7738b76080 RCX: 00007f7738985d29 [ 592.302511][T14808] RDX: 0000000020000000 RSI: 00000000c0045002 RDI: 0000000000000003 [ 592.310479][T14808] RBP: 00007f77367f6090 R08: 0000000000000000 R09: 0000000000000000 [ 592.318452][T14808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 592.326423][T14808] R13: 0000000000000001 R14: 00007f7738b76080 R15: 00007ffd8081de98 [ 592.334409][T14808] [ 592.337517][ C0] vkms_vblank_simulate: vblank timer overrun [ 592.460077][T14808] ERROR: Out of memory at tomoyo_realpath_from_path. [ 593.310368][T14817] sctp: [Deprecated]: syz.3.2348 (pid 14817) Use of int in max_burst socket option. [ 593.310368][T14817] Use struct sctp_assoc_value instead [ 595.830144][T14863] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 597.120926][T14880] openvswitch: netlink: Key type 163 is out of range max 32 [ 604.399383][ T5847] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 606.149607][T14967] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2380'. [ 609.737358][T15027] delete_channel: no stack [ 611.298703][ T3613] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.492342][ T3613] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.676619][ T3613] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.798096][ T3613] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.008246][ T3613] bridge_slave_1: left allmulticast mode [ 612.024185][ T3613] bridge_slave_1: left promiscuous mode [ 612.051267][ T3613] bridge0: port 2(bridge_slave_1) entered disabled state [ 612.072505][ T3613] bridge_slave_0: left allmulticast mode [ 612.078872][ T3613] bridge_slave_0: left promiscuous mode [ 612.085961][ T3613] bridge0: port 1(bridge_slave_0) entered disabled state [ 612.847920][T14579] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 612.858316][T14579] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 612.867750][T14579] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 612.876442][T14579] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 612.887314][T14579] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 612.895023][T14579] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 613.206676][ T3613] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 613.223240][ T3613] bond_slave_0: left allmulticast mode [ 613.241235][ T3613] bond0 (unregistering): Released all slaves [ 613.356784][ T3613] : left promiscuous mode [ 613.454024][ T3613] HSR: left promiscuous mode [ 613.684387][ T7511] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 613.707543][T15086] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2417'. [ 613.743328][T15087] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2417'. [ 614.989140][T15083] chnl_net:caif_netlink_parms(): no params data found [ 615.052962][T14579] Bluetooth: hci2: command tx timeout [ 615.295707][ T3613] hsr_slave_0: left promiscuous mode [ 615.305475][ T3613] hsr_slave_1: left promiscuous mode [ 615.315362][ T3613] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 615.329406][ T3613] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 615.700576][ T3613] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 615.719403][ T3613] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 615.915190][ T3613] veth1_macvtap: left promiscuous mode [ 615.923009][ T3613] veth0_macvtap: left promiscuous mode [ 615.928739][ T3613] veth1_vlan: left promiscuous mode [ 615.934358][ T3613] veth0_vlan: left promiscuous mode [ 617.122155][T14579] Bluetooth: hci2: command tx timeout [ 617.365951][T15152] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2426'. [ 617.929525][T15152] mac80211_hwsim hwsim46 wlan2: entered allmulticast mode [ 617.938700][T15156] FAULT_INJECTION: forcing a failure. [ 617.938700][T15156] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 618.057074][T15156] CPU: 0 UID: 0 PID: 15156 Comm: syz.2.2428 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 618.067903][T15156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 618.077982][T15156] Call Trace: [ 618.081282][T15156] [ 618.084231][T15156] dump_stack_lvl+0x16c/0x1f0 [ 618.088953][T15156] should_fail_ex+0x497/0x5b0 [ 618.093674][T15156] _copy_to_user+0x32/0xd0 [ 618.098135][T15156] simple_read_from_buffer+0xd0/0x160 [ 618.103546][T15156] proc_fail_nth_read+0x198/0x270 [ 618.108613][T15156] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 618.114208][T15156] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 618.119798][T15156] vfs_read+0x1df/0xbe0 [ 618.123991][T15156] ? __fget_files+0x1fc/0x3a0 [ 618.128699][T15156] ? __pfx___mutex_lock+0x10/0x10 [ 618.133757][T15156] ? __pfx_vfs_read+0x10/0x10 [ 618.138472][T15156] ? __fget_files+0x206/0x3a0 [ 618.143189][T15156] ksys_read+0x12b/0x250 [ 618.147458][T15156] ? __pfx_ksys_read+0x10/0x10 [ 618.152259][T15156] do_syscall_64+0xcd/0x250 [ 618.156800][T15156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.162727][T15156] RIP: 0033:0x7f3f7478473c [ 618.167164][T15156] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 618.186798][T15156] RSP: 002b:00007f3f754ed030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 618.195239][T15156] RAX: ffffffffffffffda RBX: 00007f3f74975fa0 RCX: 00007f3f7478473c [ 618.203236][T15156] RDX: 000000000000000f RSI: 00007f3f754ed0a0 RDI: 0000000000000005 [ 618.211232][T15156] RBP: 00007f3f754ed090 R08: 0000000000000000 R09: 0000000000000000 [ 618.219228][T15156] R10: 4000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 618.227225][T15156] R13: 0000000000000000 R14: 00007f3f74975fa0 R15: 00007ffeb06ad9b8 [ 618.235238][T15156] [ 618.346409][T15083] bridge0: port 1(bridge_slave_0) entered blocking state [ 618.362147][T15083] bridge0: port 1(bridge_slave_0) entered disabled state [ 618.379644][T15083] bridge_slave_0: entered allmulticast mode [ 618.391267][T15083] bridge_slave_0: entered promiscuous mode [ 618.430800][T15083] bridge0: port 2(bridge_slave_1) entered blocking state [ 618.448168][T15083] bridge0: port 2(bridge_slave_1) entered disabled state [ 618.459871][T15083] bridge_slave_1: entered allmulticast mode [ 618.477596][T15083] bridge_slave_1: entered promiscuous mode [ 618.607203][T15169] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2432'. [ 618.724605][T15083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 618.816471][T15083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 618.956832][T15083] team0: Port device team_slave_0 added [ 618.966096][T15083] team0: Port device team_slave_1 added [ 619.036016][T15083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 619.052109][T15083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 619.108225][T15083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 619.146869][T15083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 619.159727][T15083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 619.193858][T15083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 619.202632][T14579] Bluetooth: hci2: command tx timeout [ 619.341224][T15083] hsr_slave_0: entered promiscuous mode [ 619.359555][T15083] hsr_slave_1: entered promiscuous mode [ 619.379311][T15083] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 619.387021][T15083] Cannot create hsr debugfs directory [ 619.866090][T15083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 619.951863][T15083] 8021q: adding VLAN 0 to HW filter on device team0 [ 620.001723][ T3613] bridge0: port 1(bridge_slave_0) entered blocking state [ 620.008845][ T3613] bridge0: port 1(bridge_slave_0) entered forwarding state [ 620.057365][ T3613] bridge0: port 2(bridge_slave_1) entered blocking state [ 620.064522][ T3613] bridge0: port 2(bridge_slave_1) entered forwarding state [ 621.153047][T15083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 621.317827][T14579] Bluetooth: hci2: command tx timeout [ 621.847316][T15083] veth0_vlan: entered promiscuous mode [ 621.869086][T15083] veth1_vlan: entered promiscuous mode [ 621.871030][T15256] nvme_fabrics: missing parameter 'transport=%s' [ 621.924050][T15256] nvme_fabrics: missing parameter 'nqn=%s' [ 621.953992][T15083] veth0_macvtap: entered promiscuous mode [ 622.023554][T14579] Bluetooth: hci4: unexpected event 0x06 length: 4 > 3 [ 622.103190][T15083] veth1_macvtap: entered promiscuous mode [ 622.210642][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.221379][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.231445][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.242030][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.252008][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.262535][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.272688][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.283300][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.294677][T15083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 622.307966][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.318606][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.329034][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.339609][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.349533][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.360144][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.370056][T15083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.380610][T15083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.391480][T15083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 622.705953][ T8831] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.729594][ T8831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.812284][ T8831] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.886184][ T8831] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 626.491691][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 626.498047][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.323462][T15440] netlink: set zone limit has 4 unknown bytes [ 635.967923][T15521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2497'. [ 636.899395][T15527] lo: entered promiscuous mode [ 636.930374][T15527] lo: left promiscuous mode [ 637.769893][T15574] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2504'. [ 638.498891][T15574] bond0: (slave bond_slave_1): Releasing backup interface syzkaller syzkaller login: [ 644.436066][T15747] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2527'. [ 644.575385][T15747] ipvlan0: entered promiscuous mode [ 644.634690][T15747] ipvlan0: entered allmulticast mode [ 644.689476][T15747] veth0_vlan: entered allmulticast mode [ 645.709938][T15787] sctp: [Deprecated]: syz.2.2531 (pid 15787) Use of struct sctp_assoc_value in delayed_ack socket option. [ 645.709938][T15787] Use struct sctp_sack_info instead [ 648.480155][T15825] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2539'. [ 651.786204][T15879] Process accounting resumed [ 653.509603][T15903] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2560'. [ 654.579861][T15907] FAULT_INJECTION: forcing a failure. [ 654.579861][T15907] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 654.706724][T15907] CPU: 1 UID: 0 PID: 15907 Comm: syz.0.2562 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 654.717551][T15907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 654.727630][T15907] Call Trace: [ 654.730930][T15907] [ 654.733885][T15907] dump_stack_lvl+0x16c/0x1f0 [ 654.738620][T15907] should_fail_ex+0x497/0x5b0 [ 654.743343][T15907] _copy_to_user+0x32/0xd0 [ 654.747805][T15907] simple_read_from_buffer+0xd0/0x160 [ 654.753213][T15907] proc_fail_nth_read+0x198/0x270 [ 654.758283][T15907] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 654.763881][T15907] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 654.769467][T15907] vfs_read+0x1df/0xbe0 [ 654.773654][T15907] ? __fget_files+0x1fc/0x3a0 [ 654.778362][T15907] ? __pfx___mutex_lock+0x10/0x10 [ 654.783434][T15907] ? __pfx_vfs_read+0x10/0x10 [ 654.788152][T15907] ? __fget_files+0x206/0x3a0 [ 654.792874][T15907] ksys_read+0x12b/0x250 [ 654.797144][T15907] ? __pfx_ksys_read+0x10/0x10 [ 654.801927][T15907] do_syscall_64+0xcd/0x250 [ 654.806458][T15907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.812369][T15907] RIP: 0033:0x7f4d7ff8473c [ 654.816792][T15907] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 654.836399][T15907] RSP: 002b:00007f4d80cff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 654.844829][T15907] RAX: ffffffffffffffda RBX: 00007f4d80175fa0 RCX: 00007f4d7ff8473c [ 654.852812][T15907] RDX: 000000000000000f RSI: 00007f4d80cff0a0 RDI: 0000000000000004 [ 654.860782][T15907] RBP: 00007f4d80cff090 R08: 0000000000000000 R09: 0000000000000000 [ 654.868755][T15907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 654.876735][T15907] R13: 0000000000000000 R14: 00007f4d80175fa0 R15: 00007ffcc4e0ca28 [ 654.884719][T15907] [ 657.166386][T15957] svc: failed to register nfsdv3 RPC service (errno 111). [ 657.212778][T15957] svc: failed to register nfsaclv3 RPC service (errno 111). [ 657.662943][T15965] openvswitch: netlink: IP tunnel dst address not specified [ 657.822873][T15967] vcan0: tx drop: invalid da for name 0x000000000000003f [ 659.909963][T15993] vcan0: tx drop: invalid da for name 0x000000000000003f [ 662.593607][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 662.604968][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 662.614776][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 662.623449][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 662.659639][ T5847] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 662.668717][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 662.859537][T16040] netlink: 'syz.0.2602': attribute type 2 has an invalid length. [ 663.464978][T16037] chnl_net:caif_netlink_parms(): no params data found [ 663.973373][T16037] bridge0: port 1(bridge_slave_0) entered blocking state [ 663.989366][ T29] audit: type=1107 audit(4294967297.230:16): pid=16050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 663.999330][T16037] bridge0: port 1(bridge_slave_0) entered disabled state [ 664.016992][T16037] bridge_slave_0: entered allmulticast mode [ 664.038181][T16037] bridge_slave_0: entered promiscuous mode [ 664.060084][T16037] bridge0: port 2(bridge_slave_1) entered blocking state [ 664.079582][T16037] bridge0: port 2(bridge_slave_1) entered disabled state [ 664.086791][T16037] bridge_slave_1: entered allmulticast mode [ 664.110512][T16037] bridge_slave_1: entered promiscuous mode [ 664.218701][T16037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 664.251675][T16037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 664.366395][T16037] team0: Port device team_slave_0 added [ 664.395845][T16037] team0: Port device team_slave_1 added [ 664.590985][T16037] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 664.597979][T16037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 664.644814][T16037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 664.660883][T16037] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 664.667853][T16037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 664.722789][T14579] Bluetooth: hci3: command tx timeout [ 664.732819][T16037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 664.785270][T16037] hsr_slave_0: entered promiscuous mode [ 664.794627][T16037] hsr_slave_1: entered promiscuous mode [ 664.837943][T16037] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 664.856958][T16037] Cannot create hsr debugfs directory [ 665.362875][T16037] 8021q: adding VLAN 0 to HW filter on device bond0 [ 665.442739][T16037] 8021q: adding VLAN 0 to HW filter on device team0 [ 665.481134][ T3613] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.488245][ T3613] bridge0: port 1(bridge_slave_0) entered forwarding state [ 665.563410][ T3613] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.570603][ T3613] bridge0: port 2(bridge_slave_1) entered forwarding state [ 665.674430][T16037] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 665.717493][T16037] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 666.093082][T16037] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 666.665290][T16037] veth0_vlan: entered promiscuous mode [ 666.701099][T16037] veth1_vlan: entered promiscuous mode [ 666.774724][T16037] veth0_macvtap: entered promiscuous mode [ 666.797459][T16037] veth1_macvtap: entered promiscuous mode [ 666.809327][ T5847] Bluetooth: hci3: command tx timeout [ 666.889408][T16115] FAULT_INJECTION: forcing a failure. [ 666.889408][T16115] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 666.892304][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 666.902710][T16115] CPU: 0 UID: 0 PID: 16115 Comm: syz.0.2623 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 666.923809][T16115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 666.933886][T16115] Call Trace: [ 666.937182][T16115] [ 666.940131][T16115] dump_stack_lvl+0x16c/0x1f0 [ 666.944850][T16115] should_fail_ex+0x497/0x5b0 [ 666.949211][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.949543][T16115] _copy_to_user+0x32/0xd0 [ 666.963769][T16115] simple_read_from_buffer+0xd0/0x160 [ 666.969175][T16115] proc_fail_nth_read+0x198/0x270 [ 666.974245][T16115] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 666.979212][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 666.979814][T16115] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 666.995772][T16115] vfs_read+0x1df/0xbe0 [ 666.999216][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.999944][T16115] ? __fget_files+0x1fc/0x3a0 [ 667.014511][T16115] ? __pfx___mutex_lock+0x10/0x10 [ 667.019570][T16115] ? __pfx_vfs_read+0x10/0x10 [ 667.024291][T16115] ? __fget_files+0x206/0x3a0 [ 667.029011][T16115] ksys_read+0x12b/0x250 [ 667.033277][T16115] ? __pfx_ksys_read+0x10/0x10 [ 667.036205][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.038059][T16115] do_syscall_64+0xcd/0x250 [ 667.052964][T16115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.058890][T16115] RIP: 0033:0x7f4d7ff8473c [ 667.063325][T16115] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 667.078466][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.082937][T16115] RSP: 002b:00007f4d80cff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 667.082967][T16115] RAX: ffffffffffffffda RBX: 00007f4d80175fa0 RCX: 00007f4d7ff8473c [ 667.082985][T16115] RDX: 000000000000000f RSI: 00007f4d80cff0a0 RDI: 0000000000000004 [ 667.083001][T16115] RBP: 00007f4d80cff090 R08: 0000000000000000 R09: 0000000000000000 [ 667.093570][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.101162][T16115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.101181][T16115] R13: 0000000000000000 R14: 00007f4d80175fa0 R15: 00007ffcc4e0ca28 [ 667.101214][T16115] [ 667.170075][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.186954][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.197530][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.215752][T16037] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 667.255489][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 667.286905][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.317175][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 667.344143][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.364285][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 667.385757][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.405995][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 667.429290][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.447785][T16037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 667.475848][T16037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.487256][T16037] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 667.751472][ T3533] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 667.770648][ T3533] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 667.834193][ T3613] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 667.856084][ T3613] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 668.050799][T16128] vcan0: tx drop: invalid da for name 0x000000000000003f [ 668.549622][T16130] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2600'. [ 668.885373][ T5840] Bluetooth: hci3: command tx timeout [ 669.077437][T16143] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2627'. [ 670.607345][T16167] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 670.671827][T16167] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 670.969023][T16182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2642'. [ 670.987950][ T5840] Bluetooth: hci3: command tx timeout [ 671.396194][T16191] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2644'. [ 671.691744][T16199] Invalid ELF header magic: != ELF [ 672.496230][T16198] ima: policy update failed [ 672.569392][ T29] audit: type=1802 audit(4294967305.790:17): pid=16198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2647" res=0 errno=0 [ 675.770459][T16257] block nbd0: must specify backend [ 675.781493][T16241] kexec: Could not allocate control_code_buffer [ 678.116417][T16302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2672'. [ 678.289916][T16305] FAULT_INJECTION: forcing a failure. [ 678.289916][T16305] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 678.320258][T16305] CPU: 1 UID: 0 PID: 16305 Comm: syz.0.2673 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 678.331069][T16305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 678.341156][T16305] Call Trace: [ 678.344452][T16305] [ 678.347401][T16305] dump_stack_lvl+0x16c/0x1f0 [ 678.352131][T16305] should_fail_ex+0x497/0x5b0 [ 678.356864][T16305] _copy_to_user+0x32/0xd0 [ 678.361321][T16305] simple_read_from_buffer+0xd0/0x160 [ 678.366728][T16305] proc_fail_nth_read+0x198/0x270 [ 678.371801][T16305] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 678.377396][T16305] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 678.382985][T16305] vfs_read+0x1df/0xbe0 [ 678.387171][T16305] ? __fget_files+0x1fc/0x3a0 [ 678.391882][T16305] ? __pfx___mutex_lock+0x10/0x10 [ 678.396942][T16305] ? __pfx_vfs_read+0x10/0x10 [ 678.401663][T16305] ? __fget_files+0x206/0x3a0 [ 678.406385][T16305] ksys_read+0x12b/0x250 [ 678.410659][T16305] ? __pfx_ksys_read+0x10/0x10 [ 678.415468][T16305] do_syscall_64+0xcd/0x250 [ 678.420015][T16305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.425957][T16305] RIP: 0033:0x7f4d7ff8473c [ 678.430394][T16305] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 678.450028][T16305] RSP: 002b:00007f4d80cde030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 678.458478][T16305] RAX: ffffffffffffffda RBX: 00007f4d80176080 RCX: 00007f4d7ff8473c [ 678.466477][T16305] RDX: 000000000000000f RSI: 00007f4d80cde0a0 RDI: 0000000000000004 [ 678.474472][T16305] RBP: 00007f4d80cde090 R08: 0000000000000000 R09: 0000000000000000 [ 678.482465][T16305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 678.490458][T16305] R13: 0000000000000001 R14: 00007f4d80176080 R15: 00007ffcc4e0ca28 [ 678.498475][T16305] [ 678.710308][T16311] netlink: 'syz.0.2676': attribute type 2 has an invalid length. [ 685.750610][T16388] : entered promiscuous mode [ 686.519407][T16410] ubi0: attaching mtd0 [ 686.572278][T16410] ubi0: scanning is finished [ 686.577425][T16410] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 687.267519][T16410] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 687.922339][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 687.933308][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 689.732440][T16465] vcan0: tx drop: invalid da for name 0x000000000000003f [ 690.782562][T16490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2726'. [ 690.856186][T16492] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2726'. [ 691.096846][T16497] sctp: [Deprecated]: syz.1.2728 (pid 16497) Use of int in maxseg socket option. [ 691.096846][T16497] Use struct sctp_assoc_value instead [ 691.380926][T16492] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 691.404508][T16505] sctp: [Deprecated]: syz.1.2730 (pid 16505) Use of int in maxseg socket option. [ 691.404508][T16505] Use struct sctp_assoc_value instead [ 691.419415][T16492] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 691.658120][T16492] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 691.727229][T16492] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 693.538366][T16522] sctp: [Deprecated]: syz.3.2735 (pid 16522) Use of int in maxseg socket option. [ 693.538366][T16522] Use struct sctp_assoc_value instead [ 693.587849][T16522] FAULT_INJECTION: forcing a failure. [ 693.587849][T16522] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 693.641681][T16522] CPU: 1 UID: 0 PID: 16522 Comm: syz.3.2735 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 693.652489][T16522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 693.662564][T16522] Call Trace: [ 693.665859][T16522] [ 693.668803][T16522] dump_stack_lvl+0x16c/0x1f0 [ 693.673520][T16522] should_fail_ex+0x497/0x5b0 [ 693.678232][T16522] _copy_to_user+0x32/0xd0 [ 693.682685][T16522] simple_read_from_buffer+0xd0/0x160 [ 693.688094][T16522] proc_fail_nth_read+0x198/0x270 [ 693.693151][T16522] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 693.698726][T16522] ? rw_verify_area+0x12b/0x700 [ 693.703603][T16522] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 693.709185][T16522] vfs_read+0x1df/0xbe0 [ 693.713368][T16522] ? __fget_files+0x1fc/0x3a0 [ 693.718070][T16522] ? __pfx___mutex_lock+0x10/0x10 [ 693.723128][T16522] ? __pfx_vfs_read+0x10/0x10 [ 693.727850][T16522] ? __fget_files+0x206/0x3a0 [ 693.732567][T16522] ksys_read+0x12b/0x250 [ 693.736841][T16522] ? __pfx_ksys_read+0x10/0x10 [ 693.741639][T16522] do_syscall_64+0xcd/0x250 [ 693.746174][T16522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.752098][T16522] RIP: 0033:0x7fb85d58473c [ 693.756534][T16522] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 693.776163][T16522] RSP: 002b:00007fb85e399030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 693.784607][T16522] RAX: ffffffffffffffda RBX: 00007fb85d775fa0 RCX: 00007fb85d58473c [ 693.792593][T16522] RDX: 000000000000000f RSI: 00007fb85e3990a0 RDI: 0000000000000004 [ 693.800580][T16522] RBP: 00007fb85e399090 R08: 0000000000000000 R09: 0000000000000000 [ 693.808568][T16522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 693.816554][T16522] R13: 0000000000000000 R14: 00007fb85d775fa0 R15: 00007fffb071c4f8 [ 693.824564][T16522] [ 693.827631][ C1] vkms_vblank_simulate: vblank timer overrun [ 694.008706][T16541] vcan0: tx drop: invalid da for name 0x000000000000003f [ 695.111120][T16571] vcan0: tx drop: invalid da for name 0x000000000000003f [ 696.627268][T16598] could not allocate digest TFM handle [ 696.996377][T16612] vcan0: tx drop: invalid da for name 0x000000000000003f [ 697.054343][ T5840] Bluetooth: hci4: unexpected event 0x06 length: 4 > 3 [ 697.088960][T16610] HfR: entered promiscuous mode [ 697.135111][T16610] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2758'. [ 697.155959][T16610] HfR: left promiscuous mode [ 699.022504][ T29] audit: type=1804 audit(4294967303.040:18): pid=16654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2769" name="/newroot/sys/kernel/tracing/trace_marker_raw" dev="tracefs" ino=53 res=1 errno=0 [ 701.229712][T16669] vcan0: tx drop: invalid da for name 0x000000000000003f [ 702.911012][ T5840] Bluetooth: hci0: Opcode 0x0c03 failed: -110 syzkaller syzkaller login: [ 705.363144][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 707.686111][T16764] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2790'. [ 707.839657][T16768] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2790'. [ 707.994181][T16764] netlink: 98 bytes leftover after parsing attributes in process `syz.1.2790'. [ 708.029282][T16764] veth0_macvtap: left promiscuous mode [ 708.638020][T16771] mkiss: ax0: crc mode is auto. [ 709.467243][T16779] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.2794'. [ 709.476933][T16779] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 714.453914][T16851] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(14) [ 715.087948][T16862] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2813'. syzkaller syzkaller login: [ 717.122296][T16907] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2824'. [ 717.149438][T16907] bridge_slave_1: left allmulticast mode [ 717.155155][T16907] bridge_slave_1: left promiscuous mode [ 717.232296][T16907] bridge0: port 2(bridge_slave_1) entered disabled state [ 717.311618][T16907] bridge_slave_0: left allmulticast mode [ 717.328433][T16907] bridge_slave_0: left promiscuous mode [ 717.349962][T16907] bridge0: port 1(bridge_slave_0) entered disabled state [ 717.857697][T16923] netlink: 'syz.1.2831': attribute type 2 has an invalid length. [ 717.880372][T16923] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2831'. [ 717.915990][T16926] random: crng reseeded on system resumption [ 720.800467][T16959] sg_write: data in/out 2059/169 bytes for SCSI command 0x57-- guessing data in; [ 720.800467][T16959] program syz.2.2839 not setting count and/or reply_len properly [ 721.284391][T16982] vcan0: tx drop: invalid da for name 0x000000000000003f [ 721.544858][T16992] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2842'. [ 722.535019][T17003] [U]  [ 722.537875][T17003] [U] [ 722.540619][T17003] [U] [ 722.543356][T17003] [U] [ 722.737053][T17003] [U] [ 722.739823][T17003] [U] [ 722.742555][T17003] [U] [ 722.745288][T17003] [U] [ 723.233369][T17003] [U] [ 723.236150][T17003] [U] [ 723.238895][T17003] [U] [ 723.241626][T17003] [U] [ 723.299583][T17003] [U] [ 723.302336][T17003] [U] [ 723.305061][T17003] [U] [ 723.307789][T17003] [U] [ 723.349891][T17003] [U] [ 723.352641][T17003] [U] [ 723.355367][T17003] [U] [ 725.248396][T17003] [U] [ 726.664916][T17069] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2858'. [ 726.694467][T17075] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2858'. [ 726.730371][T17068] netlink: 210 bytes leftover after parsing attributes in process `syz.1.2858'. [ 727.427131][T17099] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2861'. [ 727.481035][T17099] ip_vti0: entered promiscuous mode [ 730.986930][T17150] ima: policy update failed [ 731.024293][ T29] audit: type=1802 audit(4294967335.039:19): pid=17150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2874" res=0 errno=0 [ 731.294369][T17155] mkiss: ax0: crc mode is auto. [ 731.436914][T17155] mkiss: ax0: crc mode is auto. [ 731.709602][T17173] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2881'. [ 733.350134][T17207] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2890'. [ 733.819347][T17220] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2892'. [ 733.828830][T17220] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 736.079374][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 738.971965][T17306] vcan0: tx drop: invalid da for name 0x000000000000003f [ 739.965723][T17331] FAULT_INJECTION: forcing a failure. [ 739.965723][T17331] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 739.985476][T17331] CPU: 1 UID: 0 PID: 17331 Comm: syz.3.2915 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 739.996286][T17331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 740.006365][T17331] Call Trace: [ 740.009669][T17331] [ 740.012623][T17331] dump_stack_lvl+0x16c/0x1f0 [ 740.017345][T17331] should_fail_ex+0x497/0x5b0 [ 740.022073][T17331] _copy_from_iter+0x29b/0x1400 [ 740.026969][T17331] ? trace_lock_acquire+0x14e/0x1f0 [ 740.032216][T17331] ? __pfx__copy_from_iter+0x10/0x10 [ 740.037542][T17331] ? __virt_addr_valid+0x1a4/0x590 [ 740.042699][T17331] ? __virt_addr_valid+0x5e/0x590 [ 740.047775][T17331] ? __phys_addr_symbol+0x30/0x80 [ 740.052838][T17331] ? __check_object_size+0x488/0x710 [ 740.058173][T17331] file_tty_write.constprop.0+0x48d/0x9a0 [ 740.063946][T17331] redirected_tty_write+0xcc/0x140 [ 740.069106][T17331] vfs_write+0x5ae/0x1150 [ 740.073477][T17331] ? __pfx_redirected_tty_write+0x10/0x10 [ 740.079240][T17331] ? __pfx_vfs_write+0x10/0x10 [ 740.084044][T17331] ? __fget_files+0x40/0x3a0 [ 740.088692][T17331] ksys_write+0x12b/0x250 [ 740.093067][T17331] ? __pfx_ksys_write+0x10/0x10 [ 740.097966][T17331] do_syscall_64+0xcd/0x250 [ 740.102528][T17331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.108465][T17331] RIP: 0033:0x7fb85d585d29 [ 740.112909][T17331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 740.132545][T17331] RSP: 002b:00007fb85e399038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 740.140990][T17331] RAX: ffffffffffffffda RBX: 00007fb85d775fa0 RCX: 00007fb85d585d29 [ 740.148986][T17331] RDX: 000000000000001f RSI: 0000000020000080 RDI: 0000000000000003 [ 740.156984][T17331] RBP: 00007fb85e399090 R08: 0000000000000000 R09: 0000000000000000 [ 740.164980][T17331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 740.172973][T17331] R13: 0000000000000000 R14: 00007fb85d775fa0 R15: 00007fffb071c4f8 [ 740.180988][T17331] [ 742.340404][T17360] sg_write: data in/out 2059/169 bytes for SCSI command 0x57-- guessing data in; [ 742.340404][T17360] program syz.3.2921 not setting count and/or reply_len properly [ 742.420891][T17367] netlink: zone id is out of range [ 742.426058][T17367] netlink: zone id is out of range [ 742.478019][T17367] netlink: zone id is out of range [ 742.511451][T17367] netlink: get zone limit has 8 unknown bytes [ 742.655729][T17379] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2927'. [ 743.280748][T17390] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2931'. [ 743.473625][T17395] FAULT_INJECTION: forcing a failure. [ 743.473625][T17395] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 743.547267][T17395] CPU: 1 UID: 0 PID: 17395 Comm: syz.2.2933 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 743.558085][T17395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 743.568171][T17395] Call Trace: [ 743.571477][T17395] [ 743.574441][T17395] dump_stack_lvl+0x16c/0x1f0 [ 743.579160][T17395] should_fail_ex+0x497/0x5b0 [ 743.583878][T17395] _copy_to_user+0x32/0xd0 [ 743.588346][T17395] simple_read_from_buffer+0xd0/0x160 [ 743.593753][T17395] proc_fail_nth_read+0x198/0x270 [ 743.598824][T17395] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 743.604416][T17395] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 743.610007][T17395] vfs_read+0x1df/0xbe0 [ 743.614197][T17395] ? __fget_files+0x1fc/0x3a0 [ 743.618909][T17395] ? __pfx___mutex_lock+0x10/0x10 [ 743.623975][T17395] ? __pfx_vfs_read+0x10/0x10 [ 743.628696][T17395] ? __fget_files+0x206/0x3a0 [ 743.633418][T17395] ksys_read+0x12b/0x250 [ 743.637694][T17395] ? __pfx_ksys_read+0x10/0x10 [ 743.642502][T17395] do_syscall_64+0xcd/0x250 [ 743.647047][T17395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.652980][T17395] RIP: 0033:0x7f44fe98473c [ 743.657421][T17395] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 743.677056][T17395] RSP: 002b:00007f44ff7ae030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 743.685506][T17395] RAX: ffffffffffffffda RBX: 00007f44feb75fa0 RCX: 00007f44fe98473c [ 743.693510][T17395] RDX: 000000000000000f RSI: 00007f44ff7ae0a0 RDI: 0000000000000004 [ 743.701514][T17395] RBP: 00007f44ff7ae090 R08: 0000000000000000 R09: 0000000000000000 [ 743.709516][T17395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 743.717521][T17395] R13: 0000000000000000 R14: 00007f44feb75fa0 R15: 00007ffd90c8f708 [ 743.725540][T17395] [ 745.107020][T17410] mkiss: ax0: crc mode is auto. [ 745.251296][T17423] : entered promiscuous mode [ 745.743030][T17405] mkiss: ax0: crc mode is auto. [ 745.766286][T17430] vcan0: tx drop: invalid da for name 0x000000000000003f [ 747.920295][T17443] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [65496]. [ 749.028263][T17469] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2952'. [ 749.038007][T17469] ip_vti0: entered promiscuous mode [ 749.376088][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 749.389325][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.404950][T17486] random: crng reseeded on system resumption [ 751.945516][T17522] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2965'. [ 751.960894][T17522] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 751.972807][T17522] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 751.984566][T17522] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 751.992477][T17522] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 755.479275][T17598] lo: entered allmulticast mode [ 755.713929][T17598] lo: left allmulticast mode [ 757.818788][ T29] audit: type=1804 audit(4294967373.836:20): pid=17646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3001" name="/newroot/sys/kernel/tracing/trace_marker_raw" dev="tracefs" ino=53 res=1 errno=0 [ 760.480913][T17631] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 760.487042][T17631] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 760.540027][T17631] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 760.622821][T17631] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 760.628861][T17631] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 760.728716][T17631] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 760.820675][T17631] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 760.893420][T17631] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 762.079346][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 762.559447][ T5840] Bluetooth: hci4: command 0x0406 tx timeout [ 762.639265][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 762.799456][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 764.639359][ T5840] Bluetooth: hci4: command 0x0406 tx timeout [ 764.686296][T17770] FAULT_INJECTION: forcing a failure. [ 764.686296][T17770] name failslab, interval 1, probability 0, space 0, times 0 [ 764.720431][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 764.752919][T17770] CPU: 0 UID: 0 PID: 17770 Comm: syz.0.3041 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 764.763722][T17770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 764.773801][T17770] Call Trace: [ 764.777096][T17770] [ 764.780047][T17770] dump_stack_lvl+0x16c/0x1f0 [ 764.784791][T17770] should_fail_ex+0x497/0x5b0 [ 764.789506][T17770] ? fs_reclaim_acquire+0xae/0x150 [ 764.794653][T17770] should_failslab+0xc2/0x120 [ 764.799368][T17770] __kmalloc_noprof+0xce/0x4f0 [ 764.804169][T17770] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 764.809835][T17770] ? tomoyo_realpath_from_path+0xbf/0x710 [ 764.815593][T17770] tomoyo_realpath_from_path+0xbf/0x710 [ 764.821170][T17770] ? tomoyo_path_number_perm+0x235/0x5b0 [ 764.826847][T17770] tomoyo_path_number_perm+0x248/0x5b0 [ 764.832350][T17770] ? tomoyo_path_number_perm+0x235/0x5b0 [ 764.838033][T17770] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 764.844096][T17770] ? __pfx_lock_release+0x10/0x10 [ 764.849140][T17770] ? trace_lock_acquire+0x14e/0x1f0 [ 764.854379][T17770] ? lock_acquire+0x2f/0xb0 [ 764.858907][T17770] ? __fget_files+0x40/0x3a0 [ 764.863536][T17770] ? __fget_files+0x206/0x3a0 [ 764.868249][T17770] security_file_ioctl+0x9b/0x240 [ 764.873307][T17770] __x64_sys_ioctl+0xb7/0x200 [ 764.878024][T17770] do_syscall_64+0xcd/0x250 [ 764.882566][T17770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.888495][T17770] RIP: 0033:0x7f4d7ff85d29 [ 764.892935][T17770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 764.909955][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 764.912549][T17770] RSP: 002b:00007f4d80cff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 764.926958][T17770] RAX: ffffffffffffffda RBX: 00007f4d80175fa0 RCX: 00007f4d7ff85d29 [ 764.934957][T17770] RDX: 0000000000000003 RSI: 0000000000004b67 RDI: 0000000000000004 [ 764.942951][T17770] RBP: 00007f4d80cff090 R08: 0000000000000000 R09: 0000000000000000 [ 764.950941][T17770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 764.958932][T17770] R13: 0000000000000000 R14: 00007f4d80175fa0 R15: 00007ffcc4e0ca28 [ 764.966942][T17770] [ 765.008119][T17768] can: request_module (can-proto-5) failed. [ 765.116653][T17770] ERROR: Out of memory at tomoyo_realpath_from_path. [ 767.119116][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 767.813781][T17804] vcan0: tx drop: invalid da for name 0x000000000000003f [ 768.257439][T17811] FAULT_INJECTION: forcing a failure. [ 768.257439][T17811] name failslab, interval 1, probability 0, space 0, times 0 [ 768.321256][T17811] CPU: 1 UID: 0 PID: 17811 Comm: syz.2.3052 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 768.332082][T17811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 768.342169][T17811] Call Trace: [ 768.345473][T17811] [ 768.348424][T17811] dump_stack_lvl+0x16c/0x1f0 [ 768.353159][T17811] should_fail_ex+0x497/0x5b0 [ 768.357886][T17811] ? fs_reclaim_acquire+0xae/0x150 [ 768.363041][T17811] should_failslab+0xc2/0x120 [ 768.367763][T17811] __kmalloc_noprof+0xce/0x4f0 [ 768.372563][T17811] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 768.378225][T17811] ? tomoyo_realpath_from_path+0xbf/0x710 [ 768.383999][T17811] tomoyo_realpath_from_path+0xbf/0x710 [ 768.389584][T17811] ? tomoyo_path_number_perm+0x235/0x5b0 [ 768.395265][T17811] tomoyo_path_number_perm+0x248/0x5b0 [ 768.400779][T17811] ? tomoyo_path_number_perm+0x235/0x5b0 [ 768.406456][T17811] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 768.412519][T17811] ? __pfx_lock_release+0x10/0x10 [ 768.417567][T17811] ? trace_lock_acquire+0x14e/0x1f0 [ 768.422802][T17811] ? lock_acquire+0x2f/0xb0 [ 768.427330][T17811] ? __fget_files+0x40/0x3a0 [ 768.431956][T17811] ? __fget_files+0x206/0x3a0 [ 768.436665][T17811] security_file_ioctl+0x9b/0x240 [ 768.441720][T17811] __x64_sys_ioctl+0xb7/0x200 [ 768.446426][T17811] do_syscall_64+0xcd/0x250 [ 768.450969][T17811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.456897][T17811] RIP: 0033:0x7f44fe985d29 [ 768.461333][T17811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.480966][T17811] RSP: 002b:00007f44ff7ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 768.489406][T17811] RAX: ffffffffffffffda RBX: 00007f44feb75fa0 RCX: 00007f44fe985d29 [ 768.497399][T17811] RDX: 0000000020000040 RSI: 0000000040107447 RDI: 0000000000000004 [ 768.505391][T17811] RBP: 00007f44ff7ae090 R08: 0000000000000000 R09: 0000000000000000 [ 768.513383][T17811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 768.521377][T17811] R13: 0000000000000000 R14: 00007f44feb75fa0 R15: 00007ffd90c8f708 [ 768.529390][T17811] [ 768.717601][T17811] ERROR: Out of memory at tomoyo_realpath_from_path. [ 768.745720][T17805] usb usb37: usbfs: process 17805 (syz.1.3049) did not claim interface 1 before use [ 769.594774][T17825] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3054'. [ 769.742385][T17839] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3056'. [ 774.393025][T17903] random: crng reseeded on system resumption [ 776.760508][T17923] kexec: Could not allocate control_code_buffer [ 778.399540][T17948] [U] [ 778.402314][T17948] [U] [ 778.405041][T17948] [U] [ 778.407768][T17948] [U] [ 778.439403][T17948] [U] [ 778.442160][T17948] [U] [ 778.444892][T17948] [U] [ 778.447624][T17948] [U] [ 778.485540][T17948] [U] [ 778.488290][T17948] [U] [ 778.491020][T17948] [U] [ 778.493745][T17948] [U] [ 778.534210][T17948] [U] [ 778.536952][T17948] [U] )zaۋRº.XjKrB [ 778.599299][T17948] [U] ~kNapfߙͿ* sg+Lߴ?z '#33 J #q3N${-\a1z¢)\ Æ꬟['3=z IBJR1#TѮ_̗NHK={k+wu1JߓCMKќh [ 779.330544][T17948] [U] Ρ#{N͝2: 49!(7\Zր6ċ>1q_&A +#E\,˸[ڌXAGCճ=xn9;Q [ 779.502048][T17948] [U] yIybKrMBMjҠzY>BYmG{7]\w4-+G)35}`3٠Hd99'|uOkزLeu~=xC_ q~aQ"l [dgCfGUƽ2մ ΘyH{"^.r`6d;Sol)z/ގ_P;"3,-*2\ [ 779.599890][T17948] [U] tW$ /}>.5,zX"> bCyU?Wm3wjQ_tĸÔ-%N\pr@xA:) [ 788.191474][T18131] dump_stack_lvl+0x16c/0x1f0 [ 788.196186][T18131] should_fail_ex+0x497/0x5b0 [ 788.200896][T18131] ? fs_reclaim_acquire+0xae/0x150 [ 788.206040][T18131] should_failslab+0xc2/0x120 [ 788.210758][T18131] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 788.216172][T18131] ? prepare_creds+0x2e/0x750 [ 788.220893][T18131] prepare_creds+0x2e/0x750 [ 788.225430][T18131] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 788.231352][T18131] lookup_user_key+0x394/0x12f0 [ 788.236234][T18131] ? __pfx_lookup_user_key+0x10/0x10 [ 788.241552][T18131] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 788.247576][T18131] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 788.253772][T18131] ? fput+0x67/0x440 [ 788.257715][T18131] ? ksys_write+0x1ba/0x250 [ 788.262259][T18131] keyctl_keyring_link+0x22/0xe0 [ 788.267234][T18131] __do_sys_keyctl+0x2c5/0x590 [ 788.272038][T18131] do_syscall_64+0xcd/0x250 [ 788.276583][T18131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 788.282515][T18131] RIP: 0033:0x7f4d7ff85d29 [ 788.286950][T18131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 788.306586][T18131] RSP: 002b:00007f4d80cff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 788.315032][T18131] RAX: ffffffffffffffda RBX: 00007f4d80175fa0 RCX: 00007f4d7ff85d29 [ 788.323030][T18131] RDX: ffffffffffffffff RSI: fffffffffffffffd RDI: 0000000000000008 [ 788.331031][T18131] RBP: 00007f4d80cff090 R08: 0000000000000002 R09: 0000000000000000 [ 788.339029][T18131] R10: 0000000000005092 R11: 0000000000000246 R12: 0000000000000001 [ 788.347023][T18131] R13: 0000000000000001 R14: 00007f4d80175fa0 R15: 00007ffcc4e0ca28 [ 788.355034][T18131] [ 788.358162][ C1] vkms_vblank_simulate: vblank timer overrun [ 788.702317][T18143] netlink: 'syz.0.3135': attribute type 39 has an invalid length. [ 788.753517][T18143] netlink: 6 bytes leftover after parsing attributes in process `syz.0.3135'. [ 790.245591][T18170] erspan0: entered allmulticast mode [ 790.718915][T18174] ima: policy update failed [ 790.727880][ T29] audit: type=1802 audit(4294967406.746:21): pid=18174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3143" res=0 errno=0 [ 791.204132][T18190] random: crng reseeded on system resumption [ 797.222231][T18287] random: crng reseeded on system resumption [ 798.216301][T18307] ovs_: entered promiscuous mode [ 798.628594][ T29] audit: type=1804 audit(4294967414.646:22): pid=18316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3178" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=47 res=1 errno=0 [ 798.708628][ T29] audit: type=1804 audit(4294967414.676:23): pid=18316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.3178" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=47 res=1 errno=0 [ 798.850824][ T29] audit: type=1804 audit(4294967414.876:24): pid=18316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3178" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=47 res=1 errno=0 [ 799.724192][T18343] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3184'. [ 799.736695][T18343] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3184'. [ 799.767183][T18343] netlink: 98 bytes leftover after parsing attributes in process `syz.1.3184'. [ 800.650526][T18357] random: crng reseeded on system resumption [ 802.335941][T18381] mkiss: ax0: crc mode is auto. [ 803.959589][T18424] ovs_: entered promiscuous mode [ 805.139782][ T29] audit: type=1804 audit(4294967421.166:25): pid=18442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3210" name="/newroot/sys/kernel/tracing/trace_marker_raw" dev="tracefs" ino=53 res=1 errno=0 [ 805.231086][T18444] random: crng reseeded on system resumption [ 806.657615][T18460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3216'. [ 806.678509][T18460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3216'. [ 806.861523][T18466] mkiss: ax0: crc mode is auto. [ 810.802997][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 810.815498][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 811.747412][T18572] FAULT_INJECTION: forcing a failure. [ 811.747412][T18572] name failslab, interval 1, probability 0, space 0, times 0 [ 811.772372][T18572] CPU: 0 UID: 0 PID: 18572 Comm: syz.0.3247 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 811.783184][T18572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 811.793276][T18572] Call Trace: [ 811.796579][T18572] [ 811.799532][T18572] dump_stack_lvl+0x16c/0x1f0 [ 811.804257][T18572] should_fail_ex+0x497/0x5b0 [ 811.808969][T18572] ? fs_reclaim_acquire+0xae/0x150 [ 811.814120][T18572] should_failslab+0xc2/0x120 [ 811.818836][T18572] __kmalloc_noprof+0xce/0x4f0 [ 811.823650][T18572] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 811.829314][T18572] ? tomoyo_realpath_from_path+0xbf/0x710 [ 811.835071][T18572] tomoyo_realpath_from_path+0xbf/0x710 [ 811.840656][T18572] ? tomoyo_path_number_perm+0x235/0x5b0 [ 811.846336][T18572] tomoyo_path_number_perm+0x248/0x5b0 [ 811.851833][T18572] ? tomoyo_path_number_perm+0x235/0x5b0 [ 811.857506][T18572] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 811.863558][T18572] ? __pfx_lock_release+0x10/0x10 [ 811.868611][T18572] ? trace_lock_acquire+0x14e/0x1f0 [ 811.873850][T18572] ? lock_acquire+0x2f/0xb0 [ 811.878379][T18572] ? __fget_files+0x40/0x3a0 [ 811.883006][T18572] ? __fget_files+0x206/0x3a0 [ 811.887719][T18572] security_file_ioctl+0x9b/0x240 [ 811.892772][T18572] __x64_sys_ioctl+0xb7/0x200 [ 811.897480][T18572] do_syscall_64+0xcd/0x250 [ 811.902024][T18572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.907953][T18572] RIP: 0033:0x7f4d7ff85d29 [ 811.912389][T18572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 811.932019][T18572] RSP: 002b:00007f4d80cde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 811.940441][T18572] RAX: ffffffffffffffda RBX: 00007f4d80176080 RCX: 00007f4d7ff85d29 [ 811.948413][T18572] RDX: 0000000000000046 RSI: 0000000000008912 RDI: 0000000000000003 [ 811.956388][T18572] RBP: 00007f4d80cde090 R08: 0000000000000000 R09: 0000000000000000 [ 811.964360][T18572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 811.972333][T18572] R13: 0000000000000000 R14: 00007f4d80176080 R15: 00007ffcc4e0ca28 [ 811.980319][T18572] [ 812.044207][T18572] ERROR: Out of memory at tomoyo_realpath_from_path. [ 812.458345][T18584] netlink: get zone limit has 8 unknown bytes [ 813.341654][T18598] : entered promiscuous mode [ 813.418349][T18591] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3253'. [ 813.554202][T18600] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3256'. [ 813.561735][T18595] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3254'. [ 813.581147][T18603] ptrace attach of "./syz-executor exec"[16037] was attempted by "./syz-executor exec"[18603] [ 813.631856][ T5840] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 813.644898][T18595] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3254'. [ 813.815918][T18611] random: crng reseeded on system resumption [ 813.935724][T18615] FAULT_INJECTION: forcing a failure. [ 813.935724][T18615] name failslab, interval 1, probability 0, space 0, times 0 [ 813.968104][T18615] CPU: 0 UID: 0 PID: 18615 Comm: syz.1.3261 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 813.978905][T18615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 813.988976][T18615] Call Trace: [ 813.992268][T18615] [ 813.995215][T18615] dump_stack_lvl+0x16c/0x1f0 [ 813.999937][T18615] should_fail_ex+0x497/0x5b0 [ 814.004643][T18615] ? fs_reclaim_acquire+0xae/0x150 [ 814.009791][T18615] should_failslab+0xc2/0x120 [ 814.014508][T18615] __kmalloc_node_noprof+0xd1/0x520 [ 814.019745][T18615] ? aa_file_perm+0x4c6/0xfe0 [ 814.024627][T18615] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 814.030125][T18615] __kvmalloc_node_noprof+0xad/0x1a0 [ 814.035424][T18615] seq_read_iter+0x82a/0x12b0 [ 814.040117][T18615] seq_read+0x39f/0x4e0 [ 814.044279][T18615] ? __pfx_seq_read+0x10/0x10 [ 814.048975][T18615] ? __pfx_seq_read+0x10/0x10 [ 814.053653][T18615] proc_reg_read+0x23d/0x330 [ 814.058253][T18615] ? __pfx_proc_reg_read+0x10/0x10 [ 814.063373][T18615] vfs_read+0x1df/0xbe0 [ 814.067537][T18615] ? __fget_files+0x1fc/0x3a0 [ 814.072224][T18615] ? __pfx_lock_release+0x10/0x10 [ 814.077255][T18615] ? __pfx_vfs_read+0x10/0x10 [ 814.081941][T18615] ? lock_acquire+0x2f/0xb0 [ 814.086442][T18615] ? __fget_files+0x40/0x3a0 [ 814.091042][T18615] ? __fget_files+0x206/0x3a0 [ 814.095731][T18615] __x64_sys_pread64+0x1f6/0x250 [ 814.100678][T18615] ? __pfx___x64_sys_pread64+0x10/0x10 [ 814.106149][T18615] do_syscall_64+0xcd/0x250 [ 814.110666][T18615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 814.116570][T18615] RIP: 0033:0x7f3cfcd85d29 [ 814.120987][T18615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 814.140684][T18615] RSP: 002b:00007f3cfdc68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 814.149103][T18615] RAX: ffffffffffffffda RBX: 00007f3cfcf75fa0 RCX: 00007f3cfcd85d29 [ 814.157082][T18615] RDX: 0000000000000ffe RSI: 0000000000000000 RDI: 0000000000000006 [ 814.165057][T18615] RBP: 00007f3cfdc68090 R08: 0000000000000000 R09: 0000000000000000 [ 814.173033][T18615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 814.181005][T18615] R13: 0000000000000000 R14: 00007f3cfcf75fa0 R15: 00007ffc491303a8 [ 814.188988][T18615] [ 814.775661][T18627] FAULT_INJECTION: forcing a failure. [ 814.775661][T18627] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 814.789045][T18627] CPU: 0 UID: 0 PID: 18627 Comm: syz.3.3264 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 814.799848][T18627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 814.809926][T18627] Call Trace: [ 814.813225][T18627] [ 814.816172][T18627] dump_stack_lvl+0x16c/0x1f0 [ 814.820892][T18627] should_fail_ex+0x497/0x5b0 [ 814.825610][T18627] _copy_from_user+0x2e/0xd0 [ 814.830327][T18627] memdup_user_nul+0x72/0x110 [ 814.835045][T18627] event_trigger_write+0x61/0x2a0 [ 814.840124][T18627] ? __pfx_event_trigger_write+0x10/0x10 [ 814.845807][T18627] vfs_write+0x24c/0x1150 [ 814.849897][T18619] ovs_: entered promiscuous mode [ 814.850164][T18627] ? __fget_files+0x1fc/0x3a0 [ 814.859787][T18627] ? __pfx___mutex_lock+0x10/0x10 [ 814.864847][T18627] ? __pfx_vfs_write+0x10/0x10 [ 814.869662][T18627] ? __fget_files+0x206/0x3a0 [ 814.874384][T18627] ksys_write+0x12b/0x250 [ 814.878754][T18627] ? __pfx_ksys_write+0x10/0x10 [ 814.883655][T18627] do_syscall_64+0xcd/0x250 [ 814.888201][T18627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 814.894132][T18627] RIP: 0033:0x7fb85d585d29 [ 814.898569][T18627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 814.918203][T18627] RSP: 002b:00007fb85e399038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 814.926646][T18627] RAX: ffffffffffffffda RBX: 00007fb85d775fa0 RCX: 00007fb85d585d29 [ 814.934641][T18627] RDX: 000000000000001f RSI: 0000000020000100 RDI: 0000000000000003 [ 814.942637][T18627] RBP: 00007fb85e399090 R08: 0000000000000000 R09: 0000000000000000 [ 814.950633][T18627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 814.958622][T18627] R13: 0000000000000000 R14: 00007fb85d775fa0 R15: 00007fffb071c4f8 [ 814.966634][T18627] [ 815.571474][T18646] HfR: entered promiscuous mode [ 815.628539][T18646] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3269'. [ 815.659883][T18646] HfR: left promiscuous mode [ 815.734212][T18658] random: crng reseeded on system resumption [ 817.067419][T18696] ovs_: entered promiscuous mode [ 818.469608][T18740] lo: entered promiscuous mode [ 818.548957][T18733] lo: left promiscuous mode [ 819.337217][T18763] openvswitch: ovs_: Dropping previously announced user features [ 821.278613][T18805] random: crng reseeded on system resumption syzkaller syzkaller login: [ 821.931646][T18826] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3309'. [ 822.298428][T18828] openvswitch: netlink: Key type 16131 is out of range max 32 [ 822.350048][T18828] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3310'. [ 823.385753][T18873] vcan0: tx drop: invalid da for name 0x000000000000003f [ 823.756383][T18887] vcan0: tx drop: invalid da for name 0x000000000000003f [ 823.762834][T18883] FAULT_INJECTION: forcing a failure. [ 823.762834][T18883] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 823.817225][T18883] CPU: 1 UID: 0 PID: 18883 Comm: syz.2.3327 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 823.828044][T18883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 823.838122][T18883] Call Trace: [ 823.841427][T18883] [ 823.844386][T18883] dump_stack_lvl+0x16c/0x1f0 [ 823.849196][T18883] should_fail_ex+0x497/0x5b0 [ 823.853920][T18883] _copy_from_user+0x2e/0xd0 [ 823.858557][T18883] move_addr_to_kernel+0x68/0x160 [ 823.863625][T18883] __sys_sendto+0x1ba/0x4f0 [ 823.868171][T18883] ? __pfx___sys_sendto+0x10/0x10 [ 823.873257][T18883] ? ksys_write+0x1ba/0x250 [ 823.877795][T18883] ? __pfx_ksys_write+0x10/0x10 [ 823.882697][T18883] __x64_sys_sendto+0xe0/0x1c0 [ 823.887477][T18883] ? do_syscall_64+0x91/0x250 [ 823.887516][T18883] ? lockdep_hardirqs_on+0x7c/0x110 [ 823.897398][T18883] do_syscall_64+0xcd/0x250 [ 823.901944][T18883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.907872][T18883] RIP: 0033:0x7f44fe985d29 [ 823.912305][T18883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 823.931936][T18883] RSP: 002b:00007f44ff7ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 823.940381][T18883] RAX: ffffffffffffffda RBX: 00007f44feb75fa0 RCX: 00007f44fe985d29 [ 823.948377][T18883] RDX: 0000000006fffff9 RSI: 0000000000000000 RDI: 0000000000000003 [ 823.956357][T18883] RBP: 00007f44ff7ae090 R08: 0000000020000440 R09: 0000000000000036 [ 823.964335][T18883] R10: 00000000fffffff8 R11: 0000000000000246 R12: 0000000000000001 [ 823.972309][T18883] R13: 0000000000000000 R14: 00007f44feb75fa0 R15: 00007ffd90c8f708 [ 823.980294][T18883] [ 826.065042][T18955] : Can't lookup blockdev [ 828.123369][T19002] FAULT_INJECTION: forcing a failure. [ 828.123369][T19002] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 828.259283][T19002] CPU: 0 UID: 0 PID: 19002 Comm: syz.2.3348 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 828.270106][T19002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 828.280190][T19002] Call Trace: [ 828.283483][T19002] [ 828.286429][T19002] dump_stack_lvl+0x16c/0x1f0 [ 828.291150][T19002] should_fail_ex+0x497/0x5b0 [ 828.295869][T19002] ? fs_reclaim_acquire+0xae/0x150 [ 828.301018][T19002] should_fail_alloc_page+0xe7/0x130 [ 828.306342][T19002] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 828.312523][T19002] ? __pfx_mark_lock+0x10/0x10 [ 828.317329][T19002] __alloc_pages_noprof+0x190/0x25b0 [ 828.322656][T19002] ? mark_lock+0xb5/0xc60 [ 828.327037][T19002] ? __pfx_mark_lock+0x10/0x10 [ 828.331847][T19002] ? lock_acquire.part.0+0x11b/0x380 [ 828.337174][T19002] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 828.342950][T19002] ? hlock_class+0x4e/0x130 [ 828.347507][T19002] ? hlock_class+0x4e/0x130 [ 828.352077][T19002] ? hlock_class+0x4e/0x130 [ 828.356632][T19002] ? __lock_acquire+0xcc5/0x3c40 [ 828.361612][T19002] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 828.367545][T19002] ? policy_nodemask+0xea/0x4e0 [ 828.372448][T19002] alloc_pages_mpol_noprof+0x2c8/0x620 [ 828.377950][T19002] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 828.383978][T19002] ? find_held_lock+0x2d/0x110 [ 828.388793][T19002] folio_alloc_mpol_noprof+0x36/0xd0 [ 828.394117][T19002] shmem_alloc_folio+0x135/0x160 [ 828.399117][T19002] shmem_alloc_and_add_folio+0x48b/0xc00 [ 828.404805][T19002] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 828.411009][T19002] ? shmem_allowable_huge_orders+0xd0/0x410 [ 828.416956][T19002] shmem_get_folio_gfp+0x689/0x1530 [ 828.422210][T19002] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 828.427889][T19002] ? find_held_lock+0x2d/0x110 [ 828.432714][T19002] shmem_write_begin+0x161/0x300 [ 828.437698][T19002] ? __pfx_shmem_write_begin+0x10/0x10 [ 828.443194][T19002] ? timestamp_truncate+0x21f/0x2e0 [ 828.448440][T19002] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 828.455346][T19002] generic_perform_write+0x2ba/0x920 [ 828.460678][T19002] ? __pfx_generic_perform_write+0x10/0x10 [ 828.466522][T19002] ? inode_needs_update_time.part.0+0x191/0x270 [ 828.472812][T19002] shmem_file_write_iter+0x10e/0x140 [ 828.478146][T19002] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 828.483995][T19002] __kernel_write_iter+0x318/0xa80 [ 828.489156][T19002] ? __pfx___kernel_write_iter+0x10/0x10 [ 828.494826][T19002] ? get_dump_page+0x15b/0x230 [ 828.499630][T19002] ? __pfx___might_resched+0x10/0x10 [ 828.504961][T19002] dump_user_range+0x389/0x8c0 [ 828.509781][T19002] ? __pfx_dump_user_range+0x10/0x10 [ 828.515109][T19002] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 828.521314][T19002] ? __pfx_writenote+0x10/0x10 [ 828.526129][T19002] elf_core_dump+0x2787/0x3880 [ 828.530945][T19002] ? __pfx_elf_core_dump+0x10/0x10 [ 828.536086][T19002] ? kasan_save_stack+0x33/0x60 [ 828.540983][T19002] ? kasan_save_track+0x14/0x30 [ 828.545872][T19002] ? __kasan_kmalloc+0xaa/0xb0 [ 828.550671][T19002] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 828.556163][T19002] ? do_coredump+0x1665/0x43e0 [ 828.560970][T19002] ? get_signal+0x23f3/0x2610 [ 828.565690][T19002] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.571851][T19002] ? rcu_is_watching+0x12/0xc0 [ 828.576652][T19002] ? trace_lock_acquire+0x14e/0x1f0 [ 828.581889][T19002] ? __pfx_sort+0x10/0x10 [ 828.586260][T19002] ? get_signal+0x23f3/0x2610 [ 828.590980][T19002] ? do_coredump+0x2dd5/0x43e0 [ 828.595787][T19002] do_coredump+0x2dd5/0x43e0 [ 828.600438][T19002] ? __pfx_do_coredump+0x10/0x10 [ 828.605412][T19002] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 828.611327][T19002] get_signal+0x23f3/0x2610 [ 828.615875][T19002] ? lockdep_hardirqs_on+0x7c/0x110 [ 828.621118][T19002] ? __pfx_get_signal+0x10/0x10 [ 828.626001][T19002] ? force_sig_info_to_task+0x3a0/0x660 [ 828.631589][T19002] arch_do_signal_or_restart+0x90/0x7e0 [ 828.637170][T19002] ? __pfx_force_exit_sig+0x10/0x10 [ 828.642400][T19002] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 828.648615][T19002] syscall_exit_to_user_mode+0x150/0x2a0 [ 828.654285][T19002] do_syscall_64+0xda/0x250 [ 828.658830][T19002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.664766][T19002] RIP: 0033:0x7f44fe985d29 [ 828.669211][T19002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 828.688846][T19002] RSP: 002b:00007f44ff7ae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 828.697293][T19002] RAX: ffffffffffffffda RBX: 00007f44feb75fa8 RCX: 00007f44fe985d29 [ 828.705294][T19002] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f44feb75fac [ 828.713291][T19002] RBP: 00007f44feb75fa0 R08: 00007f44ff7af000 R09: 0000000000000000 [ 828.721290][T19002] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f44feb75fac [ 828.729287][T19002] R13: 0000000000000000 R14: 00007ffd90c8f620 R15: 00007ffd90c8f708 [ 828.737305][T19002] [ 829.913045][T19036] random: crng reseeded on system resumption [ 830.142946][T19041] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3355'. [ 831.536281][T19068] QAT: Device 2 not found [ 831.994275][T19077] FAULT_INJECTION: forcing a failure. [ 831.994275][T19077] name failslab, interval 1, probability 0, space 0, times 0 [ 832.034765][T19077] CPU: 1 UID: 0 PID: 19077 Comm: syz.3.3369 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 832.045589][T19077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 832.055683][T19077] Call Trace: [ 832.058988][T19077] [ 832.061947][T19077] dump_stack_lvl+0x16c/0x1f0 [ 832.066679][T19077] should_fail_ex+0x497/0x5b0 [ 832.071406][T19077] ? fs_reclaim_acquire+0xae/0x150 [ 832.076579][T19077] should_failslab+0xc2/0x120 [ 832.081316][T19077] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 832.086738][T19077] ? alloc_empty_file+0x73/0x1e0 [ 832.091737][T19077] alloc_empty_file+0x73/0x1e0 [ 832.096558][T19077] path_openat+0xe1/0x2d60 [ 832.101028][T19077] ? hlock_class+0x4e/0x130 [ 832.105582][T19077] ? __lock_acquire+0x15a9/0x3c40 [ 832.110668][T19077] ? __pfx_path_openat+0x10/0x10 [ 832.115656][T19077] ? __pfx___lock_acquire+0x10/0x10 [ 832.120902][T19077] ? lock_acquire.part.0+0x11b/0x380 [ 832.126240][T19077] ? find_held_lock+0x2d/0x110 [ 832.131058][T19077] do_filp_open+0x20c/0x470 [ 832.135604][T19077] ? __pfx_do_filp_open+0x10/0x10 [ 832.140676][T19077] ? find_held_lock+0x2d/0x110 [ 832.145508][T19077] ? alloc_fd+0x41f/0x760 [ 832.149889][T19077] do_sys_openat2+0x17a/0x1e0 [ 832.154633][T19077] ? __pfx_do_sys_openat2+0x10/0x10 [ 832.159898][T19077] __x64_sys_openat+0x175/0x210 [ 832.164808][T19077] ? __pfx___x64_sys_openat+0x10/0x10 [ 832.170246][T19077] do_syscall_64+0xcd/0x250 [ 832.174801][T19077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 832.180746][T19077] RIP: 0033:0x7fb85d585d29 [ 832.185191][T19077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 832.204920][T19077] RSP: 002b:00007fb85e399038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 832.213371][T19077] RAX: ffffffffffffffda RBX: 00007fb85d775fa0 RCX: 00007fb85d585d29 [ 832.221376][T19077] RDX: 0000000000000040 RSI: 0000000020000100 RDI: ffffffffffffff9c [ 832.229380][T19077] RBP: 00007fb85d601b08 R08: 0000000000000000 R09: 0000000000000000 [ 832.237377][T19077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 832.245378][T19077] R13: 0000000000000000 R14: 00007fb85d775fa0 R15: 00007fffb071c4f8 [ 832.253401][T19077] [ 832.652689][T19089] openvswitch: ovs_: Dropping previously announced user features [ 834.698414][T19110] can: request_module (can-proto-3) failed. [ 834.751738][T19114] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3379'. [ 834.789539][T19114] ipvlan0: entered promiscuous mode [ 834.805037][T19114] ipvlan0: entered allmulticast mode [ 834.826929][T19114] veth0_vlan: entered allmulticast mode [ 834.877716][T19118] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3378'. [ 835.514178][T19130] openvswitch: ovs_: Dropping previously announced user features [ 836.250181][T19141] random: crng reseeded on system resumption [ 837.471868][T19163] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3390'. [ 838.073417][T19167] RDS: rds_bind could not find a transport for fe80::672f:6b66:656e:6365, load rds_tcp or rds_rdma? [ 838.774578][T19175] ovs_: entered promiscuous mode [ 843.453943][T19269] can0: slcan on ptm0. [ 843.768434][T19268] can0 (unregistered): slcan off ptm0. [ 844.173301][T19287] random: crng reseeded on system resumption [ 844.906688][T19286] mkiss: ax0: crc mode is auto. [ 844.971693][T19301] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3420'. [ 846.799353][T19336] FAULT_INJECTION: forcing a failure. [ 846.799353][T19336] name failslab, interval 1, probability 0, space 0, times 0 [ 846.909206][T19336] CPU: 1 UID: 0 PID: 19336 Comm: syz.3.3427 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 846.920015][T19336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 846.930101][T19336] Call Trace: [ 846.933397][T19336] [ 846.936348][T19336] dump_stack_lvl+0x16c/0x1f0 [ 846.941065][T19336] should_fail_ex+0x497/0x5b0 [ 846.945778][T19336] ? fs_reclaim_acquire+0xae/0x150 [ 846.950923][T19336] should_failslab+0xc2/0x120 [ 846.955639][T19336] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 846.961047][T19336] ? ptlock_alloc+0x1f/0x70 [ 846.965593][T19336] ptlock_alloc+0x1f/0x70 [ 846.969956][T19336] pte_alloc_one+0x74/0x390 [ 846.974491][T19336] do_pte_missing+0x1ae7/0x3e00 [ 846.979406][T19336] __handle_mm_fault+0x103c/0x2a40 [ 846.984565][T19336] ? __pfx___handle_mm_fault+0x10/0x10 [ 846.990059][T19336] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 846.995755][T19336] ? find_vma+0xc0/0x140 [ 847.000030][T19336] ? __pfx_find_vma+0x10/0x10 [ 847.004748][T19336] handle_mm_fault+0x3fa/0xaa0 [ 847.009557][T19336] do_user_addr_fault+0x7a3/0x13f0 [ 847.014713][T19336] exc_page_fault+0x5c/0xc0 [ 847.019263][T19336] asm_exc_page_fault+0x26/0x30 [ 847.024150][T19336] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 847.029985][T19336] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 847.049624][T19336] RSP: 0018:ffffc900042c7c28 EFLAGS: 00050202 [ 847.055717][T19336] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000000018 [ 847.063715][T19336] RDX: fffff52000858fb0 RSI: 0000000000000003 RDI: ffffc900042c7d68 [ 847.071717][T19336] RBP: 0000000000000018 R08: 0000000000000001 R09: fffff52000858faf [ 847.079719][T19336] R10: ffffc900042c7d7f R11: 0000000000000001 R12: 0000000000000000 [ 847.087718][T19336] R13: ffffc900042c7d68 R14: ffff8880288f35c0 R15: ffff888028abe128 [ 847.095753][T19336] _copy_from_user+0x9a/0xd0 [ 847.100743][T19336] usbdev_ioctl+0x85e/0x3f90 [ 847.105379][T19336] ? __pfx_usbdev_ioctl+0x10/0x10 [ 847.110440][T19336] ? do_vfs_ioctl+0x513/0x1950 [ 847.115238][T19336] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 847.120315][T19336] ? __pfx_lock_release+0x10/0x10 [ 847.125368][T19336] ? trace_lock_acquire+0x14e/0x1f0 [ 847.130614][T19336] ? __fget_files+0x206/0x3a0 [ 847.135329][T19336] ? __pfx_usbdev_ioctl+0x10/0x10 [ 847.140385][T19336] __x64_sys_ioctl+0x190/0x200 [ 847.145183][T19336] do_syscall_64+0xcd/0x250 [ 847.149736][T19336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.155670][T19336] RIP: 0033:0x7fb85d585d29 [ 847.160118][T19336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 847.179772][T19336] RSP: 002b:00007fb85e399038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 847.188217][T19336] RAX: ffffffffffffffda RBX: 00007fb85d775fa0 RCX: 00007fb85d585d29 [ 847.196213][T19336] RDX: 0000000000000003 RSI: 00000000c0185502 RDI: 0000000000000003 [ 847.204209][T19336] RBP: 00007fb85e399090 R08: 0000000000000000 R09: 0000000000000000 [ 847.212203][T19336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 847.220194][T19336] R13: 0000000000000000 R14: 00007fb85d775fa0 R15: 00007fffb071c4f8 [ 847.228212][T19336] [ 848.482934][T19342] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 848.531023][T19342] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 849.219826][T19388] openvswitch: ovs_: Dropping previously announced user features [ 850.220443][T19401] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3442'. [ 851.669357][T19433] openvswitch: ovs_: Dropping previously announced user features [ 852.875561][T19452] sctp: [Deprecated]: syz.2.3457 (pid 19452) Use of int in maxseg socket option. [ 852.875561][T19452] Use struct sctp_assoc_value instead [ 853.191878][T19460] block nbd0: must specify backend [ 853.334925][T19463] sd 0:0:1:0: PR command failed: 1026 [ 853.359371][T19463] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 853.374000][T19463] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 854.955905][T19491] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3469'. [ 855.043951][T19491] hsr_slave_1 (unregistering): left promiscuous mode [ 856.108954][T19509] netlink: 146 bytes leftover after parsing attributes in process `syz.2.3476'. [ 856.246257][T19518] misc userio: Invalid payload size [ 857.761040][T19571] random: crng reseeded on system resumption [ 858.118462][ T29] audit: type=1800 audit(4294967338.520:26): pid=19588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3491" name="discovery_nqn" dev="configfs" ino=66828 res=0 errno=0 [ 859.543950][ T29] audit: type=1804 audit(4294967339.950:27): pid=19616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3497" name="/newroot/sys/kernel/tracing/trace_marker_raw" dev="tracefs" ino=53 res=1 errno=0 [ 860.279059][T19634] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3502'. [ 861.252514][T19641] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 861.280937][T19641] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 861.297803][T19641] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 861.313247][T19641] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 862.659302][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 863.369248][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 863.375576][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 863.381768][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 865.747736][T19745] FAULT_INJECTION: forcing a failure. [ 865.747736][T19745] name failslab, interval 1, probability 0, space 0, times 0 [ 865.771765][T19745] CPU: 0 UID: 0 PID: 19745 Comm: syz.2.3530 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 865.782578][T19745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 865.792666][T19745] Call Trace: [ 865.795967][T19745] [ 865.798931][T19745] dump_stack_lvl+0x16c/0x1f0 [ 865.803658][T19745] should_fail_ex+0x497/0x5b0 [ 865.808377][T19745] ? fs_reclaim_acquire+0xae/0x150 [ 865.813520][T19745] should_failslab+0xc2/0x120 [ 865.818233][T19745] __kmalloc_noprof+0xce/0x4f0 [ 865.823043][T19745] ? tomoyo_encode2+0x100/0x3e0 [ 865.827937][T19745] tomoyo_encode2+0x100/0x3e0 [ 865.832658][T19745] tomoyo_realpath_from_path+0x1a7/0x710 [ 865.838327][T19745] ? tomoyo_path_number_perm+0x235/0x5b0 [ 865.844006][T19745] tomoyo_path_number_perm+0x248/0x5b0 [ 865.849504][T19745] ? tomoyo_path_number_perm+0x235/0x5b0 [ 865.855180][T19745] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 865.861231][T19745] ? __pfx_lock_release+0x10/0x10 [ 865.866286][T19745] ? trace_lock_acquire+0x14e/0x1f0 [ 865.871526][T19745] ? lock_acquire+0x2f/0xb0 [ 865.876054][T19745] ? __fget_files+0x40/0x3a0 [ 865.880684][T19745] ? __fget_files+0x206/0x3a0 [ 865.885399][T19745] security_file_ioctl+0x9b/0x240 [ 865.890459][T19745] __x64_sys_ioctl+0xb7/0x200 [ 865.895167][T19745] do_syscall_64+0xcd/0x250 [ 865.899708][T19745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 865.905642][T19745] RIP: 0033:0x7f44fe985d29 [ 865.910083][T19745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 865.929718][T19745] RSP: 002b:00007f44ff78d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 865.938162][T19745] RAX: ffffffffffffffda RBX: 00007f44feb76080 RCX: 00007f44fe985d29 [ 865.946158][T19745] RDX: 0000000000000046 RSI: 0000000000008912 RDI: 0000000000000003 [ 865.954154][T19745] RBP: 00007f44ff78d090 R08: 0000000000000000 R09: 0000000000000000 [ 865.962147][T19745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 865.970139][T19745] R13: 0000000000000000 R14: 00007f44feb76080 R15: 00007ffd90c8f708 [ 865.978151][T19745] [ 866.001628][T19745] ERROR: Out of memory at tomoyo_realpath_from_path. [ 866.147954][T19751] random: crng reseeded on system resumption [ 867.907434][T19773] openvswitch: ovs_: Dropping previously announced user features [ 867.922151][T19780] FAULT_INJECTION: forcing a failure. [ 867.922151][T19780] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 867.969222][T19780] CPU: 1 UID: 0 PID: 19780 Comm: syz.2.3541 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 867.980037][T19780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 867.990114][T19780] Call Trace: [ 867.993414][T19780] [ 867.996370][T19780] dump_stack_lvl+0x16c/0x1f0 [ 868.001089][T19780] should_fail_ex+0x497/0x5b0 [ 868.005826][T19780] _copy_to_iter+0x4a5/0x1400 [ 868.010554][T19780] ? __pfx__copy_to_iter+0x10/0x10 [ 868.015699][T19780] ? __virt_addr_valid+0x1a4/0x590 [ 868.020859][T19780] ? __virt_addr_valid+0x5e/0x590 [ 868.025920][T19780] ? __phys_addr_symbol+0x30/0x80 [ 868.030982][T19780] ? __check_object_size+0x488/0x710 [ 868.036315][T19780] seq_read_iter+0xd00/0x12b0 [ 868.041040][T19780] seq_read+0x39f/0x4e0 [ 868.045229][T19780] ? __pfx_seq_read+0x10/0x10 [ 868.049965][T19780] ? __pfx_seq_read+0x10/0x10 [ 868.054672][T19780] proc_reg_read+0x23d/0x330 [ 868.059295][T19780] ? __pfx_proc_reg_read+0x10/0x10 [ 868.064438][T19780] vfs_read+0x1df/0xbe0 [ 868.068630][T19780] ? __fget_files+0x1fc/0x3a0 [ 868.073344][T19780] ? __pfx_lock_release+0x10/0x10 [ 868.078400][T19780] ? __pfx_vfs_read+0x10/0x10 [ 868.083113][T19780] ? lock_acquire+0x2f/0xb0 [ 868.087640][T19780] ? __fget_files+0x40/0x3a0 [ 868.092275][T19780] ? __fget_files+0x206/0x3a0 [ 868.096987][T19780] __x64_sys_pread64+0x1f6/0x250 [ 868.101961][T19780] ? __pfx___x64_sys_pread64+0x10/0x10 [ 868.107471][T19780] do_syscall_64+0xcd/0x250 [ 868.112021][T19780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.117951][T19780] RIP: 0033:0x7f44fe985d29 [ 868.122389][T19780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 868.142022][T19780] RSP: 002b:00007f44ff7ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 868.150465][T19780] RAX: ffffffffffffffda RBX: 00007f44feb75fa0 RCX: 00007f44fe985d29 [ 868.158460][T19780] RDX: 0000000000000ffe RSI: 0000000000000000 RDI: 0000000000000006 [ 868.166454][T19780] RBP: 00007f44ff7ae090 R08: 0000000000000000 R09: 0000000000000000 [ 868.174445][T19780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 868.182436][T19780] R13: 0000000000000000 R14: 00007f44feb75fa0 R15: 00007ffd90c8f708 [ 868.190446][T19780] [ 868.979294][T19794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3544'. [ 869.048491][T19796] netlink: get zone limit has 8 unknown bytes [ 869.174052][T19797] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3544'. [ 870.766905][T19823] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3551'. [ 872.243321][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 872.249923][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 872.449917][T19850] FAULT_INJECTION: forcing a failure. [ 872.449917][T19850] name failslab, interval 1, probability 0, space 0, times 0 [ 872.499343][T19856] random: crng reseeded on system resumption [ 872.581127][T19850] CPU: 0 UID: 0 PID: 19850 Comm: syz.3.3559 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 872.591958][T19850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 872.602062][T19850] Call Trace: [ 872.605367][T19850] [ 872.608325][T19850] dump_stack_lvl+0x16c/0x1f0 [ 872.613071][T19850] should_fail_ex+0x497/0x5b0 [ 872.617801][T19850] ? fs_reclaim_acquire+0xae/0x150 [ 872.622963][T19850] should_failslab+0xc2/0x120 [ 872.627693][T19850] __kmalloc_noprof+0xce/0x4f0 [ 872.632503][T19850] ? __register_sysctl_table+0xeac/0x18c0 [ 872.638283][T19850] __register_sysctl_table+0xeac/0x18c0 [ 872.643889][T19850] ? __pfx___register_sysctl_table+0x10/0x10 [ 872.649910][T19850] ? is_module_address+0x2a/0x50 [ 872.654895][T19850] ? register_net_sysctl_sz+0x228/0x3e0 [ 872.660503][T19850] __devinet_sysctl_register+0x1b5/0x360 [ 872.666207][T19850] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 872.672415][T19850] ? trace_kmalloc+0x2d/0xd0 [ 872.677029][T19850] ? devinet_init_net+0xeb/0x8f0 [ 872.682324][T19850] ? __pfx_devinet_init_net+0x10/0x10 [ 872.687757][T19850] ? __pfx_devinet_init_net+0x10/0x10 [ 872.693192][T19850] devinet_init_net+0x30d/0x8f0 [ 872.698098][T19850] ? __pfx_devinet_init_net+0x10/0x10 [ 872.703524][T19850] ops_init+0x1df/0x5f0 [ 872.707748][T19850] setup_net+0x21f/0x860 [ 872.712047][T19850] ? __pfx_setup_net+0x10/0x10 [ 872.716864][T19850] ? down_read_killable+0xcc/0x380 [ 872.722031][T19850] ? __pfx_down_read_killable+0x10/0x10 [ 872.727636][T19850] ? debug_mutex_init+0x37/0x70 [ 872.732540][T19850] copy_net_ns+0x2b4/0x6c0 [ 872.736993][T19850] create_new_namespaces+0x3ea/0xad0 [ 872.742312][T19850] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 872.747966][T19850] ksys_unshare+0x45d/0xa40 [ 872.752487][T19850] ? __pfx_ksys_unshare+0x10/0x10 [ 872.757529][T19850] ? xfd_validate_state+0x5d/0x180 [ 872.762656][T19850] __x64_sys_unshare+0x31/0x40 [ 872.767430][T19850] do_syscall_64+0xcd/0x250 [ 872.771958][T19850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 872.777867][T19850] RIP: 0033:0x7fb85d585d29 [ 872.782286][T19850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 872.801992][T19850] RSP: 002b:00007fb85e399038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 872.810413][T19850] RAX: ffffffffffffffda RBX: 00007fb85d775fa0 RCX: 00007fb85d585d29 [ 872.818384][T19850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 872.826355][T19850] RBP: 00007fb85d601b08 R08: 0000000000000000 R09: 0000000000000000 [ 872.834325][T19850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 872.842309][T19850] R13: 0000000000000000 R14: 00007fb85d775fa0 R15: 00007fffb071c4f8 [ 872.850297][T19850] [ 873.013955][T19850] sysctl could not get directory: /net/ipv4/conf -12 [ 873.569442][T19868] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3564'. [ 875.364001][T19903] tipc: Started in network mode [ 875.368927][T19903] tipc: Node identity ee00, cluster identity 4711 [ 875.400667][T19903] tipc: Node number set to 60928 [ 876.465499][T19917] IPVS: length: 11322 != 24 [ 876.499300][ T29] audit: type=1326 audit(4294967356.900:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19914 comm="syz.2.3579" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44fe985d29 code=0x0 [ 879.530511][T19955] vcan0: tx drop: invalid da for name 0x000000000000003f [ 880.313525][T19963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3589'. [ 881.916855][T19981] random: crng reseeded on system resumption [ 882.809501][T19990] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3598'. [ 883.240129][T19990] geneve1: entered allmulticast mode [ 885.861452][T20047] random: crng reseeded on system resumption [ 887.489371][T20081] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3618'. [ 887.529323][T20077] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3618'. [ 887.717431][T20086] validate_nla: 8 callbacks suppressed [ 887.717451][T20086] netlink: 'syz.0.3620': attribute type 1 has an invalid length. [ 887.828907][T20077] ip_vti0: entered promiscuous mode [ 887.872487][T20081] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3618'. [ 888.006932][T20081] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3618'. [ 888.124174][T20081] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3618'. [ 889.976873][T20103] ------------[ cut here ]------------ [ 889.982866][T20103] WARNING: CPU: 1 PID: 20103 at net/mac80211/pm.c:171 __ieee80211_suspend+0x1059/0x1300 [ 889.993002][T20103] Modules linked in: [ 889.996947][T20103] CPU: 1 UID: 0 PID: 20103 Comm: syz.2.3623 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 890.008047][T20103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 890.018214][T20103] RIP: 0010:__ieee80211_suspend+0x1059/0x1300 [ 890.024544][T20103] Code: 47 f7 f0 41 80 a4 24 81 01 00 00 fe 4c 89 e0 48 c1 e8 03 42 80 3c 30 00 74 c4 4c 89 e7 e8 1f 28 47 f7 eb ba e8 38 b7 e4 f6 90 <0f> 0b 90 e9 4c f8 ff ff e8 2a b7 e4 f6 90 0f 0b 90 e9 2d f6 ff ff [ 890.044562][T20103] RSP: 0018:ffffc90011487c50 EFLAGS: 00010283 [ 890.051078][T20103] RAX: 0000000000005a98 RBX: ffff888079a60e40 RCX: ffffc9000d0aa000 [ 890.059148][T20103] RDX: 0000000000080000 RSI: ffffffff8ab49708 RDI: 0000000000000001 [ 890.067158][T20103] RBP: ffff888079a62ac0 R08: 0000000000000001 R09: 0000000000000000 [ 890.077814][T20103] R10: 0000000000000001 R11: 0000000000000006 R12: dffffc0000000000 [ 890.077871][T20103] R13: ffffed100f34c1d0 R14: ffff888079a628c8 R15: 0000000000000001 [ 890.077895][T20103] FS: 00007f44ff7ae6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 890.077926][T20103] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 890.077965][T20103] CR2: 00007fb85e398f98 CR3: 0000000032456000 CR4: 00000000003526f0 [ 890.077987][T20103] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 890.078007][T20103] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 890.078028][T20103] Call Trace: [ 890.078040][T20103] [ 890.078054][T20103] ? __warn+0xea/0x3c0 [ 890.078102][T20103] ? __ieee80211_suspend+0x1059/0x1300 [ 890.078144][T20103] ? report_bug+0x3c0/0x580 [ 890.078185][T20103] ? handle_bug+0x54/0xa0 [ 890.078224][T20103] ? exc_invalid_op+0x17/0x50 [ 890.078262][T20103] ? asm_exc_invalid_op+0x1a/0x20 [ 890.078311][T20103] ? __ieee80211_suspend+0x1058/0x1300 [ 890.078349][T20103] ? __ieee80211_suspend+0x1059/0x1300 [ 890.078399][T20103] reset_write+0x7a/0x2a0 [ 890.078442][T20103] full_proxy_write+0xfd/0x1b0 [ 890.078486][T20103] ? __pfx_full_proxy_write+0x10/0x10 [ 890.078525][T20103] vfs_write+0x24c/0x1150 [ 890.078562][T20103] ? __fget_files+0x1fc/0x3a0 [ 890.078596][T20103] ? __pfx___mutex_lock+0x10/0x10 [ 890.078636][T20103] ? __pfx_vfs_write+0x10/0x10 [ 890.078678][T20103] ? __fget_files+0x206/0x3a0 [ 890.078722][T20103] ksys_write+0x12b/0x250 [ 890.078754][T20103] ? __pfx_ksys_write+0x10/0x10 [ 890.078810][T20103] do_syscall_64+0xcd/0x250 [ 890.078851][T20103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 890.078891][T20103] RIP: 0033:0x7f44fe985d29 [ 890.078917][T20103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 890.078946][T20103] RSP: 002b:00007f44ff7ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 890.078977][T20103] RAX: ffffffffffffffda RBX: 00007f44feb75fa0 RCX: 00007f44fe985d29 [ 890.078999][T20103] RDX: 0000000000000063 RSI: 0000000000000000 RDI: 0000000000000003 [ 890.079015][T20103] RBP: 00007f44fea01b08 R08: 0000000000000000 R09: 0000000000000000 [ 890.079031][T20103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 890.079047][T20103] R13: 0000000000000000 R14: 00007f44feb75fa0 R15: 00007ffd90c8f708 [ 890.079370][T20103] [ 890.079389][T20103] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 890.079404][T20103] CPU: 1 UID: 0 PID: 20103 Comm: syz.2.3623 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 890.079438][T20103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 890.079455][T20103] Call Trace: [ 890.079462][T20103] [ 890.079472][T20103] dump_stack_lvl+0x3d/0x1f0 [ 890.079514][T20103] panic+0x71d/0x800 [ 890.079555][T20103] ? __pfx_panic+0x10/0x10 [ 890.079586][T20103] ? show_trace_log_lvl+0x29d/0x3d0 [ 890.079627][T20103] ? __ieee80211_suspend+0x1059/0x1300 [ 890.079665][T20103] check_panic_on_warn+0xab/0xb0 [ 890.079702][T20103] __warn+0xf6/0x3c0 [ 890.079736][T20103] ? __ieee80211_suspend+0x1059/0x1300 [ 890.079795][T20103] report_bug+0x3c0/0x580 [ 890.079838][T20103] handle_bug+0x54/0xa0 [ 890.079877][T20103] exc_invalid_op+0x17/0x50 [ 890.079916][T20103] asm_exc_invalid_op+0x1a/0x20 [ 890.079948][T20103] RIP: 0010:__ieee80211_suspend+0x1059/0x1300 [ 890.079983][T20103] Code: 47 f7 f0 41 80 a4 24 81 01 00 00 fe 4c 89 e0 48 c1 e8 03 42 80 3c 30 00 74 c4 4c 89 e7 e8 1f 28 47 f7 eb ba e8 38 b7 e4 f6 90 <0f> 0b 90 e9 4c f8 ff ff e8 2a b7 e4 f6 90 0f 0b 90 e9 2d f6 ff ff [ 890.080007][T20103] RSP: 0018:ffffc90011487c50 EFLAGS: 00010283 [ 890.080028][T20103] RAX: 0000000000005a98 RBX: ffff888079a60e40 RCX: ffffc9000d0aa000 [ 890.080046][T20103] RDX: 0000000000080000 RSI: ffffffff8ab49708 RDI: 0000000000000001 [ 890.080063][T20103] RBP: ffff888079a62ac0 R08: 0000000000000001 R09: 0000000000000000 [ 890.080079][T20103] R10: 0000000000000001 R11: 0000000000000006 R12: dffffc0000000000 [ 890.080096][T20103] R13: ffffed100f34c1d0 R14: ffff888079a628c8 R15: 0000000000000001 [ 890.080123][T20103] ? __ieee80211_suspend+0x1058/0x1300 [ 890.080171][T20103] reset_write+0x7a/0x2a0 [ 890.080214][T20103] full_proxy_write+0xfd/0x1b0 [ 890.080252][T20103] ? __pfx_full_proxy_write+0x10/0x10 [ 890.080286][T20103] vfs_write+0x24c/0x1150 [ 890.080319][T20103] ? __fget_files+0x1fc/0x3a0 [ 890.080353][T20103] ? __pfx___mutex_lock+0x10/0x10 [ 890.080387][T20103] ? __pfx_vfs_write+0x10/0x10 [ 890.080426][T20103] ? __fget_files+0x206/0x3a0 [ 890.080466][T20103] ksys_write+0x12b/0x250 [ 890.080495][T20103] ? __pfx_ksys_write+0x10/0x10 [ 890.080536][T20103] do_syscall_64+0xcd/0x250 [ 890.080572][T20103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 890.080605][T20103] RIP: 0033:0x7f44fe985d29 [ 890.080626][T20103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 890.080650][T20103] RSP: 002b:00007f44ff7ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 890.080679][T20103] RAX: ffffffffffffffda RBX: 00007f44feb75fa0 RCX: 00007f44fe985d29 [ 890.080697][T20103] RDX: 0000000000000063 RSI: 0000000000000000 RDI: 0000000000000003 [ 890.080712][T20103] RBP: 00007f44fea01b08 R08: 0000000000000000 R09: 0000000000000000 [ 890.080728][T20103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 890.080742][T20103] R13: 0000000000000000 R14: 00007f44feb75fa0 R15: 00007ffd90c8f708 [ 890.080785][T20103] [ 890.081094][T20103] Kernel Offset: disabled