last executing test programs: 7.284388116s ago: executing program 3 (id=1935): mmap$auto(0x0, 0x2020009, 0x3, 0x91, 0xfffffffffffffffa, 0x5d71) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x6, 0xa, 0x0, 0x0, 0x2) r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r0, 0x40084d0c, r0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x10009b72, 0x7, 0x28000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xff09, 0x0) process_mrelease$auto(0x4, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc2, 0x0) socketcall$auto_SYS_BIND(0x2, &(0x7f0000000040)=0xd545) sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x40844) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x44840) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) mkdir$auto(&(0x7f0000000000)='./file0/file1\x00', 0x2) read$auto_tomoyo_operations_securityfs_if(r1, &(0x7f0000000440)=""/4096, 0x1000) 6.364581794s ago: executing program 3 (id=1942): close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x8, 0x2000000000002) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x401c5820, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x400000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r1 = socket(0x2, 0x2, 0x73) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x48c81115}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0xd2}]}, 0x1c}}, 0x4080) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000}, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video61\x00', 0x8a240, 0x0) ioctl$auto(r4, 0x5646, r4) acct$auto(&(0x7f0000000000)='/dev/video61\x00') openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) shmget$auto(0x6, 0x5003, 0x9) socket(0x2b, 0x1, 0x1) socket(0x10, 0x2, 0x4) 5.124248025s ago: executing program 1 (id=1949): mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mount$auto(0x0, 0x0, 0x0, 0xaac, 0x0) setsockopt$auto(r0, 0x9, 0x9, &(0x7f00000010c0)='/dev/ppp\x00', 0xfff) ioctl$auto_PPPIOCSCOMPRESS(r1, 0x4010744d, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.2/usb3/power/wakeup_max_time_ms\x00', 0x2a000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8ffe) getrandom$auto(0x0, 0xe06, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) clock_gettime$auto(0xfffffffd, &(0x7f0000000180)={0x2, 0x1}) io_setup$auto(0x1, 0x0) ioctl$auto(0x1, 0x6, r0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/4096, 0x1000) getrandom$auto(&(0x7f0000001100)='/sys/devices/platform/dummy_hcd.2/usb3/power/wakeup_max_time_ms\x00', 0x9, 0x4) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400000000000400, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r3, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/nullb/features\x00', 0x40283, 0x0) bind$auto(r2, &(0x7f0000000000)=@ethernet={0x306, @local}, 0xffffffff) 4.862824769s ago: executing program 0 (id=1950): mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, 0x0, 0x400, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x81) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (fail_nth: 10) openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/tracing/README\x00', 0x20400, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys1\x00', 0x20400, 0x0) ioctl$auto_TIOCSWINSZ2(r0, 0x5414, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r1 = openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x149001, 0x91, 0x2f}, 0x18) mmap$auto(0x0, 0x4020009, 0xe1, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r2, 0x921064a6, 0x20000000020000a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x6f, 0xfffffffffffefffd, 0x17) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) fstatfs$auto(r1, &(0x7f0000000000)={0xda23, 0x3, 0xfffffffffffffffa, 0xa77, 0x10, 0x0, 0xfffffffffffffffc, {[0x7, 0x4]}, 0x1, 0x3, 0x80000008, [0x4000000002, 0xd3a1, 0x8, 0x8000000000000004]}) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x2, 0x3fd6, 0x0, 0x7fffffffb000) 4.853200498s ago: executing program 3 (id=1951): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/default/drop_gratuitous_arp\x00', 0x141241, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), r0) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x5c, 0x5, 0x6, 0x9, 0xfffffffffffffffe, 0x801, 0xc, 0x50b3018, 0x0, 0x0, 0x0, 0x1}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_bond\x00'}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) add_key$auto_KEY_SPEC_GROUP_KEYRING(&(0x7f0000001240)=',\x00', &(0x7f0000001280)='\x00', 0x0, 0x4, 0xfffffffffffffffa) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r2, 0x0, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/netdevsim/new_device\x00', 0x103a00, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/rdma_readwrite_threshold\x00', 0x48041, 0x0) write$auto(r3, 0x0, 0x6) 4.221370883s ago: executing program 1 (id=1952): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000200)='/dev/input/event2\x00', 0x49480, 0x0) ioctl$auto_EVIOCSREP(r0, 0x40084503, &(0x7f0000000240)=[0x966, 0x8]) r1 = openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000000), 0x30000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r2) io_submit$auto(0x1fffffffc0000000, 0x0, 0x0) r4 = getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00ff0f", @ANYRES16=r3, @ANYBLOB="010a2bbd7000fbdbdf250100000008000200", @ANYRES32=r4, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) fcntl$auto_F_GETOWN(r1, 0x9, r4) 4.039785396s ago: executing program 3 (id=1953): mmap$auto(0x0, 0x802020009, 0x3, 0x10, 0xfffffffffffffffa, 0x8000) sigaltstack$auto(&(0x7f0000000040)={0x0, 0x1, 0x10401}, 0x0) r0 = getpid() open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x100, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) socket(0x2, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rt_acct\x00', 0x8801, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) socketpair$auto(0x6, 0x1, 0x20000, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="13042bbd7000fbdbdf250b000020"], 0x14}, 0x1, 0x0, 0x0, 0x4804}, 0x80) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) r3 = gettid() openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/numa_maps\x00', 0x104002, 0x0) rt_tgsigqueueinfo$auto(r0, r3, 0x21, 0x0) 4.002087172s ago: executing program 1 (id=1954): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032ca47000fbdbdf250400000006000200ff071a000800090002000000ae000000050001000000800005000d0009000000050004000900000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket(0x11, 0x80003, 0x300) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/pcm1p/sub2/xrun_injection\x00', 0x4a040, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/mtd-0/min_bytes\x00', 0xc0002, 0x0) read$auto(0x3, 0x0, 0x80) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xb, 0x5, 0x1fffe, 0x3, 0x3, 0x2, 0x9, 0x5, 0x3, 0x4, 0xb0, 0x8b, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x2, 0x5, 0x0, 0x0, [0x7fff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x35cc, 0x0, 0x0, 0x0, 0x9, 0x7fffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x0, 0x2]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8) r3 = gettid() syz_clone3(&(0x7f0000000300)={0x8020000, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, &(0x7f0000000000)=[r3], 0x1}, 0x58) 3.55347132s ago: executing program 0 (id=1957): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) r1 = fcntl$auto(0x3, 0x4, 0xa553) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @dev={0xac, 0x14, 0x14, 0xd}}, 0x6a) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) socketpair$auto(0x1, 0x6, 0x8000000000000000, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x2, 0x2020009, 0x3, 0x100000000eb9, 0xffffffffffffffff, 0x6) semctl$auto(0x9, 0xc1b8, 0x4, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r2 = socket(0x29, 0x5, 0x0) syz_clone(0x40100100, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) creat$auto(&(0x7f0000000000)='./file0\x00', 0x3) dup2$auto(r2, r2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x2040001) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) pwrite64$auto(r3, 0x0, 0x1, 0x2) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0) sendfile$auto(r4, r1, 0x0, 0xffb) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0xc523, 0xb0c0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r5, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x880) 3.470258266s ago: executing program 3 (id=1958): sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c810}, 0x200448c0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000080)="3a007560110122d79192c6db910fb42782290a253e99", 0x16) kill$auto(0x0, 0x21) r0 = socket(0x15, 0x5, 0x0) r1 = getsockopt$auto(r0, 0x114, 0x2716, 0xfffffffffffffffc, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) msgctl$auto_IPC_STAT(0x10001, 0x2, &(0x7f00000001c0)={{0xffffffff, 0xffffffffffffffff, 0x0, 0x3, 0x10000, 0x1, 0xd}, &(0x7f00000000c0)=0x6, &(0x7f0000000140)=0x90, 0x6, 0x6, 0x4, 0x80000000, 0x416c, 0xdb59, 0x2, 0x3}) sendmsg$auto_IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)={0x15c, 0x0, 0x1, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xf61}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1049}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x100}, @IPVS_CMD_ATTR_DEST={0x50, 0x2, 0x0, 0x1, [@typed={0x30, 0x115, 0x0, 0x0, @binary="0cfc56af7702a967f52b53ab6842c347ef7bc3ad4165770c15f14c2dd02798aeb05fc7a08997c7c60852d923"}, @typed={0x14, 0x4f, 0x0, 0x0, @ipv6=@loopback}, @typed={0x8, 0x145, 0x0, 0x0, @uid=r3}]}, @IPVS_CMD_ATTR_SERVICE={0xcd, 0x1, 0x0, 0x1, [@generic="d2f6c3fd6519711e45948c961fac99dbc9b1d0bf0631446c1b9e6221baac55b894f18802b5e9b7fceaddf3538b5749671068e9052c52dfccb059540c53de6b96aa0c8ccc3917e57f1db4e3d4d1687987b331ca82b1a2488492b128f1f7100e7610522c6b3bab47ba2e833d19c7a618ccfda95b994975dde6c85b25d0172e8143ad065b147df1769e382a6e87957d20b7749d95cc643541b615f42e2ebaac7eda1307e495ef0731f191d6bd270c9fa8586112bdcf29f53e835d10a2e7e99aec8baff8849b32f0f9ddda"]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9b}]}, 0x15c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x4, &(0x7f0000000280)={0x1001, 0xd, 0x800f0, 0x6, 0x4000000, 0x6, 0xffffffffffffffff, [0x7, 0xc, 0xd], {0x100, 0x4, 0x0, 0x2, 0x80007, 0x2, 0xfefffffa, 0x400, 0x23}, {0x2, 0x7, 0xffffffff, 0x4, 0x1, 0x7ffffff8, 0xf, 0x8, 0xb}}) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) fcntl$auto(r5, 0x2, 0x0) prctl$auto(0x23, 0xe, 0x1ff, 0x68, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x42, 0x0, 0x0) r6 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x500, 0x0) ioctl$auto(r6, 0x901064af, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000100), 0xffffffffffffffff) r7 = socket(0xa, 0x2, 0x0) setsockopt$auto(r7, 0x29, 0x1b, 0x0, 0x56b) splice$auto(r7, &(0x7f0000000400)=0x6, r1, &(0x7f0000000440)=0x5, 0x401, 0x1ff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101d00, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) ioctl$auto(0xc8, 0x800454e0, 0xe) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) 3.184015431s ago: executing program 0 (id=1959): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec27\x00', 0x80200, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\xff\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a) ioctl$auto(0x3, 0x5386, 0x3b) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/loop4/rqos/wbt/unknown_cnt\x00', 0xa0b02, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r1, &(0x7f0000001cc0)=""/123, 0x7b) ioctl$auto_CEC_S_MODE(r0, 0x40046109, 0x0) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x3ff) unshare$auto(0x40000080) r2 = socket(0x2b, 0x1, 0x1) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS0\x00', 0x121000, 0x0) ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000000)) getsockopt$auto(r2, 0x1, 0x1a, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, 0x0, 0x20008000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x342, 0xffeb) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x0) bpf$auto(0xfffffff7, &(0x7f0000000040)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x5, 0x8, 0xffffffffffffffff, @relative_id=0x3, 0x41b5c1ff}, 0x9) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='d\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub0/info\x00', 0xa0b80, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) 2.999738701s ago: executing program 1 (id=1960): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/default/drop_gratuitous_arp\x00', 0x141241, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), r0) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x5c, 0x5, 0x6, 0x9, 0xfffffffffffffffe, 0x801, 0xc, 0x50b3018, 0x0, 0x0, 0x0, 0x1}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_bond\x00'}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) add_key$auto_KEY_SPEC_GROUP_KEYRING(&(0x7f0000001240)=',\x00', &(0x7f0000001280)='\x00', 0x0, 0x4, 0xfffffffffffffffa) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r2, 0x0, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/netdevsim/new_device\x00', 0x103a00, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/rdma_readwrite_threshold\x00', 0x48041, 0x0) write$auto(r3, 0x0, 0x6) 2.605178106s ago: executing program 0 (id=1962): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/default/drop_gratuitous_arp\x00', 0x141241, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), r0) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x5c, 0x5, 0x6, 0x9, 0xfffffffffffffffe, 0x801, 0xc, 0x50b3018, 0x0, 0x0, 0x0, 0x1}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_bond\x00'}) syz_genetlink_get_family_id$auto_ila(&(0x7f00000000c0), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) add_key$auto_KEY_SPEC_GROUP_KEYRING(&(0x7f0000001240)=',\x00', &(0x7f0000001280)='\x00', 0x0, 0x4, 0xfffffffffffffffa) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r2, 0x0, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/netdevsim/new_device\x00', 0x103a00, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/rdma_readwrite_threshold\x00', 0x48041, 0x0) write$auto(r3, 0x0, 0x6) 2.558816019s ago: executing program 1 (id=1963): read$auto_v4l2_fops_v4l2_dev(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0xffffffffffffffff, 0x3) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) futex$auto(0x0, 0xb, 0x1, 0x0, 0x0, 0xfffffffa) (async) futex$auto(&(0x7f0000000080)=0x2, 0xa, 0x0, 0x0, 0x0, 0x440a48d2) (async) write$auto(0x3, 0x0, 0xfffffdef) fcntl$auto(0x3, 0x4, 0xa553) r0 = socket(0x2, 0x6, 0x0) setsockopt$auto(r0, 0x10d, 0x1, 0x0, 0x17) (async) bind$auto(0x3, 0x0, 0x6b) (async) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async) r1 = socket(0x1d, 0x2, 0x7) r2 = socket(0x2, 0x1, 0x0) getpid() (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram2/queue/fua\x00', 0x40000, 0x0) (async) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3}, 0x6a) sendto$auto(r1, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, r4}, 0x36) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x48840, 0x0) (async) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8000, 0x0) (async) writev$auto(0x3, 0x0, 0x8) (async) shmctl$auto_IPC_SET(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000013c0), 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) 2.392904954s ago: executing program 3 (id=1964): close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x8, 0x2000000000002) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x401c5820, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x400000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r1 = socket(0x2, 0x2, 0x73) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x48c81115}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0xd2}]}, 0x1c}}, 0x4080) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000}, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video61\x00', 0x8a240, 0x0) ioctl$auto(r4, 0x5646, r4) acct$auto(&(0x7f0000000000)='/dev/video61\x00') openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) shmget$auto(0x6, 0x5003, 0x9) socket(0x2b, 0x1, 0x1) socket(0x10, 0x2, 0x4) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) 2.124708205s ago: executing program 0 (id=1965): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0) sendfile$auto(r0, r0, 0x0, 0x7) 1.956160925s ago: executing program 0 (id=1966): close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x8, 0x2000000000002) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x401c5820, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x400000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r1 = socket(0x2, 0x2, 0x73) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x48c81115}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0xd2}]}, 0x1c}}, 0x4080) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000}, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video61\x00', 0x8a240, 0x0) ioctl$auto(r4, 0x5646, r4) acct$auto(&(0x7f0000000000)='/dev/video61\x00') openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) shmget$auto(0x6, 0x5003, 0x9) socket(0x2b, 0x1, 0x1) socket(0x10, 0x2, 0x4) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) 1.857557449s ago: executing program 1 (id=1967): close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x8, 0x2000000000002) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x401c5820, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x400000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r1 = socket(0x2, 0x2, 0x73) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x48c81115}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0xd2}]}, 0x1c}}, 0x4080) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000}, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video61\x00', 0x8a240, 0x0) ioctl$auto(r4, 0x5646, r4) acct$auto(&(0x7f0000000000)='/dev/video61\x00') openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) shmget$auto(0x6, 0x5003, 0x9) socket(0x2b, 0x1, 0x1) socket(0x10, 0x2, 0x4) 1.854561679s ago: executing program 2 (id=1968): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x1010001, 0x100000003) 1.459691634s ago: executing program 2 (id=1969): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vhci_hcd.15/usb39/39-0:1.0/bInterfaceSubClass\x00', 0x0, 0x0) socket(0x29, 0x80000, 0x1) sendfile$auto(r0, r0, 0x0, 0x7) 1.31042513s ago: executing program 2 (id=1970): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec27\x00', 0x80200, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\xff\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a) ioctl$auto(0x3, 0x5386, 0x3b) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/loop4/rqos/wbt/unknown_cnt\x00', 0xa0b02, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r1, &(0x7f0000001cc0)=""/123, 0x7b) ioctl$auto_CEC_S_MODE(r0, 0x40046109, 0x0) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x3ff) unshare$auto(0x40000080) r2 = socket(0x2b, 0x1, 0x1) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS0\x00', 0x121000, 0x0) ioctl$auto_TIOCSTI2(r3, 0x5412, 0x0) getsockopt$auto(r2, 0x1, 0x1a, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x342, 0xffeb) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x0) bpf$auto(0xfffffff7, &(0x7f0000000040)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x5, 0x8, 0xffffffffffffffff, @relative_id=0x3, 0x41b5c1ff}, 0x9) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='d\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub0/info\x00', 0xa0b80, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) 553.779991ms ago: executing program 2 (id=1971): open(0x0, 0x22240, 0x155) prctl$auto(0x44, 0x0, 0x0, 0x4, 0x0) (async, rerun: 64) exit$auto(0x7) (async, rerun: 64) pipe$auto(0x0) (async) ioperm$auto(0xc5, 0x4, 0x2) (async) futex_waitv$auto(0x0, 0x200bf50, 0x0, 0x0, 0x62c0) (async) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) unshare$auto(0x40000080) (async, rerun: 32) socket(0x2, 0x3, 0xa) getsockopt$auto(0xffffffffffffffff, 0xfffffffc, 0x1f, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'dummy0\x00'}) (async) bpf$auto(0x0, &(0x7f00000000c0)=@test={r0, 0xc, 0x0, 0x9, 0xdc78, 0x7, 0x386, 0xfffffff8, 0x3, 0x5b6, 0x1, 0x90, 0x152, 0x4, 0xc}, 0xf) socket(0xa, 0x806, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async, rerun: 64) r2 = socket(0x10, 0x2, 0x0) (rerun: 64) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x17, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20008800}, 0x20004000) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x4000080) (async, rerun: 64) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1100"], 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x400c000) (async, rerun: 32) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) (async, rerun: 32) sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c004}, 0x40080c0) write$auto(0x3, 0x0, 0xfdef) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) (async) shutdown$auto(0x200000003, 0x2) sendmmsg$auto(r2, &(0x7f0000000040)={{&(0x7f00000002c0)="4747c2dffa8771759842eb50fb297caa42310bc92df41a330dadef021ea1feac62fe4ba05be6d06d7386ff1b8021f21ebf18ba0e5f31b57f3789a55712dbc938c3985a71158ce5e376eacb615a1fd9e8b000b963ce78674423f1aa1b5d0ee3f4871c0b5ce0a3a9a32662de2fe4cc2becc9ea3a0d52a3bb02c86f48cb0a5096fb14f9fe8230880549fbe7fa20135e21038b69f0df288d95cc0e656e725c9df0c149d5ef6d1f0d", 0xd, &(0x7f0000000000)={&(0x7f0000000380)="43c9b7755bc1cb5b671609fd408cfcb9806a9df3775af4af014864ed9ed0645214a9c42b43ec8ece2eb691939cee36f991b508aec493e7af06018f0a1123b03a494d8bcdd143505c580ce6ff5f4444d699db79da98dcbddf4c4f754ddbd8f24248d9df990bf99a91bcb5aa9e0bc2d00526a41208ec4c6a0117ec6196d785c03aa015ed5b85", 0x200}, 0x2, &(0x7f0000000440)="d8b1e5c504a903f5082fa5d43c823eb0c29b10ebfa551dcbf1a0a5dbdf98a34c2727dc29094373dcb6336a39e0a2d0a7584eb6598e48bdded4776aafe9bd5833e7e89fa9530f12d83d264a2345a13dcb59811bd1667ad3ab7408e8bd974c53ee57dc8a8fd1f2ab2a303e0daf2af818efc8c49d76ddf48d2ea3d7fecf4e8c04b9b64c668b794f1cd3e6d881fc81ed3fcb13f2b96ddcf94ecec5cd93", 0xf2d, 0x5}, 0x6}, 0x10001, 0x6) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card0/pcm0c/sub1/xrun_injection\x00', 0x181580, 0x0) 193.484947ms ago: executing program 2 (id=1972): syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_BLKIOOPT(0xffffffffffffffff, 0x1279, 0x0) socket(0x2, 0x3, 0xa) ppoll$auto(&(0x7f00000000c0)={r0, 0x1ff, 0x200}, 0x4, &(0x7f0000000100)={0x9, 0x1}, &(0x7f0000000140)={0x10}, 0x8) socket(0x15, 0x5, 0x0) pipe2$auto(0x0, 0x80) socket(0x2, 0x801, 0x106) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x8080, 0x0) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x1, 0x3) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x400c810}, 0x200448c0) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x10b040, 0x0) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={r2, 0x4, 0xfab2, 0x468, 0x9, 0x2, 0x4, 0x2, 0x4, 0x200, 0x1ff, 0xb6, 0x4, 0x6, 0x3}, 0xa3) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) 0s ago: executing program 2 (id=1973): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram14\x00', 0xe4242, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e23}, 0x67) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) rseq$auto(0x0, 0x8000, 0x0, 0x6) open(0x0, 0x62240, 0x154) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x2, 0x0) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) bpf$auto(0x0, 0x0, 0xfbf) shutdown$auto(0x200000003, 0x2) ioctl$auto(0x3, 0x541b, 0x38) kernel console output (not intermixed with test programs): tion: 0/0 [ 344.777016][T11172] tpg RGB range: 0/2 [ 344.812688][T11172] vivid-013: ================== END STATUS ================== [ 345.232257][T11182] vivid-013: ================= START STATUS ================= [ 345.318981][T11182] vivid-013: Generate PTS: true [ 345.344699][T11182] vivid-013: Generate SCR: true [ 345.370152][T11182] tpg source WxH: 640x360 (Y'CbCr) [ 345.400584][T11182] tpg field: 1 [ 345.408027][T11182] tpg crop: 640x360@0x0 [ 345.425977][T11182] tpg compose: 640x360@0x0 [ 345.437160][T11182] tpg colorspace: 8 [ 345.452722][T11182] tpg transfer function: 0/0 [ 345.462931][T11182] tpg Y'CbCr encoding: 0/0 [ 345.475077][T11182] tpg quantization: 0/0 [ 345.487510][T11182] tpg RGB range: 0/2 [ 345.505178][T11182] vivid-013: ================== END STATUS ================== [ 345.825029][T11197] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1395'. /[ 346.527704][T11209] Process accounting resumed [ 346.939889][T11224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1402'. [ 347.620209][T11235] vivid-013: ================= START STATUS ================= [ 347.662859][T11235] vivid-013: Generate PTS: true [ 347.667840][T11235] vivid-013: Generate SCR: true [ 347.684920][T11235] tpg source WxH: 640x360 (Y'CbCr) [ 347.690097][T11235] tpg field: 1 [ 347.703080][T11235] tpg crop: 640x360@0x0 [ 347.707308][T11235] tpg compose: 640x360@0x0 [ 347.723452][T11235] tpg colorspace: 8 [ 347.727324][T11235] tpg transfer function: 0/0 [ 347.731980][T11235] tpg Y'CbCr encoding: 0/0 [ 347.739722][T11235] tpg quantization: 0/0 [ 347.744344][T11235] tpg RGB range: 0/2 [ 347.748656][T11235] vivid-013: ================== END STATUS ================== [ 347.823990][T11238] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 347.842462][T11238] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 347.862998][T11238] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 347.892051][T11238] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 347.985659][T11247] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.1410'. /[ 348.612826][T11258] can0: slcan on ttyS2. [ 348.733984][T11258] can0 (unregistered): slcan off ttyS2. [ 349.246517][T11290] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1417'. [ 349.255894][T11281] vivid-013: ================= START STATUS ================= [ 349.343158][T11281] vivid-013: Generate PTS: true /[ 349.368988][T11281] vivid-013: Generate SCR: true [ 349.416001][T11281] tpg source WxH: 640x360 (Y'CbCr) [ 349.421167][T11281] tpg field: 1 [ 349.462253][T11281] tpg crop: 640x360@0x0 [ 349.514037][T11281] tpg compose: 640x360@0x0 [ 349.584224][T11281] tpg colorspace: 8 [ 349.634461][T11281] tpg transfer function: 0/0 [ 349.742785][T11281] tpg Y'CbCr encoding: 0/0 [ 349.753215][T11281] tpg quantization: 0/0 [ 349.785192][T11281] tpg RGB range: 0/2 [ 349.852503][T11281] vivid-013: ================== END STATUS ================== [ 349.865809][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 349.865817][ T5828] Bluetooth: hci0: command 0x0c1a tx timeout [ 349.912677][T11271] vivid-013: ================= START STATUS ================= [ 349.920384][T11271] vivid-013: Generate PTS: true [ 349.925484][T11271] vivid-013: Generate SCR: true [ 349.930401][T11271] tpg source WxH: 640x360 (Y'CbCr) [ 349.935654][T11271] tpg field: 1 [ 349.939046][T11271] tpg crop: 640x360@0x0 [ 349.944946][ T5828] Bluetooth: hci3: command 0x0c1a tx timeout [ 349.951608][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 349.951767][T11271] tpg compose: 640x360@0x0 [ 349.962854][T11271] tpg colorspace: 8 [ 349.966699][T11271] tpg transfer function: 0/0 [ 349.971364][T11271] tpg Y'CbCr encoding: 0/0 [ 349.976370][T11271] tpg quantization: 0/0 [ 349.980551][T11271] tpg RGB range: 0/2 [ 349.984944][T11271] vivid-013: ================== END STATUS ================== [ 350.304322][T11310] can0: slcan on ttyS2. [ 350.394241][T11310] can0 (unregistered): slcan off ttyS2. [ 350.687273][T11321] vivid-013: ================= START STATUS ================= [ 350.743267][T11321] vivid-013: Generate PTS: true [ 350.790629][T11321] vivid-013: Generate SCR: true [ 350.812704][T11321] tpg source WxH: 640x360 (Y'CbCr) [ 350.841279][T11321] tpg field: 1 [ 350.850943][T11321] tpg crop: 640x360@0x0 [ 350.865904][T11321] tpg compose: 640x360@0x0 [ 350.880601][T11321] tpg colorspace: 8 [ 350.895849][T11321] tpg transfer function: 0/0 [ 350.910328][T11321] tpg Y'CbCr encoding: 0/0 [ 350.950568][T11321] tpg quantization: 0/0 [ 350.962807][T11321] tpg RGB range: 0/2 [ 351.009113][T11321] vivid-013: ================== END STATUS ================== /[ 351.982881][T11335] MTRR 1 not used [ 352.035691][T11340] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 353.159698][T11355] vivid-013: ================= START STATUS ================= [ 353.173055][T11355] vivid-013: Generate PTS: true [ 353.183387][T11355] vivid-013: Generate SCR: true [ 353.198554][T11355] tpg source WxH: 640x360 (Y'CbCr) [ 353.208705][T11355] tpg field: 1 [ 353.229027][T11355] tpg crop: 640x360@0x0 [ 353.239133][T11355] tpg compose: 640x360@0x0 [ 353.253742][T11355] tpg colorspace: 8 [ 353.257607][T11355] tpg transfer function: 0/0 [ 353.317187][T11355] tpg Y'CbCr encoding: 0/0 [ 353.347366][T11355] tpg quantization: 0/0 [ 353.351594][T11355] tpg RGB range: 0/2 [ 353.378284][T11355] vivid-013: ================== END STATUS ================== [ 354.769015][T11375] can0: slcan on ttyS2. [ 354.826853][T11384] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1438'. [ 355.053851][T11375] can0 (unregistered): slcan off ttyS2. [ 355.141865][T11391] sp0: Synchronizing with TNC [ 355.722589][T11403] vivid-013: ================= START STATUS ================= [ 355.730419][T11403] vivid-013: Generate PTS: true [ 355.762767][T11403] vivid-013: Generate SCR: true [ 355.767770][T11403] tpg source WxH: 640x360 (Y'CbCr) [ 355.783198][T11403] tpg field: 1 [ 355.786629][T11403] tpg crop: 640x360@0x0 [ 355.790814][T11403] tpg compose: 640x360@0x0 [ 355.816624][T11403] tpg colorspace: 8 [ 355.824765][T11403] tpg transfer function: 0/0 [ 355.843609][T11403] tpg Y'CbCr encoding: 0/0 [ 355.854630][T11403] tpg quantization: 0/0 [ 355.863005][T11403] tpg RGB range: 0/2 [ 355.879560][T11403] vivid-013: ================== END STATUS ================== [ 356.485738][T11431] vivid-013: ================= START STATUS ================= [ 356.502797][T11431] vivid-013: Generate PTS: true [ 356.507955][T11431] vivid-013: Generate SCR: true [ 356.538009][T11431] tpg source WxH: 640x360 (Y'CbCr) [ 356.558272][T11431] tpg field: 1 [ 356.561705][T11431] tpg crop: 640x360@0x0 [ 356.621057][T11431] tpg compose: 640x360@0x0 [ 356.646172][T11431] tpg colorspace: 8 [ 356.650318][T11431] tpg transfer function: 0/0 [ 356.693690][T11431] tpg Y'CbCr encoding: 0/0 [ 356.718672][T11431] tpg quantization: 0/0 [ 356.744782][T11431] tpg RGB range: 0/2 [ 356.748738][T11431] vivid-013: ================== END STATUS ================== /[ 357.604124][T11458] vivid-003: ================= START STATUS ================= [ 357.611827][T11458] vivid-003: Radio HW Seek Mode: Bounded [ 357.652753][T11458] vivid-003: Radio Programmable HW Seek: false [ 357.683451][T11458] vivid-003: RDS Rx I/O Mode: Block I/O [ 357.689166][T11458] vivid-003: Generate RBDS Instead of RDS: false [ 357.732781][T11458] vivid-003: RDS Reception: true [ 357.752686][T11458] vivid-003: RDS Program Type: 0 inactive [ 357.769341][T11458] vivid-003: RDS PS Name: inactive [ 357.806165][T11458] vivid-003: RDS Radio Text: inactive [ 357.817439][T11458] vivid-003: RDS Traffic Announcement: false inactive [ 357.861700][T11458] vivid-003: RDS Traffic Program: false inactive [ 357.886588][T11458] vivid-003: RDS Music: false inactive [ 357.904854][T11458] vivid-003: ================== END STATUS ================== [ 357.936101][T11459] FAULT_INJECTION: forcing a failure. [ 357.936101][T11459] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 357.973407][T11459] CPU: 1 UID: 0 PID: 11459 Comm: syz.3.1450 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 357.973442][T11459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 357.973455][T11459] Call Trace: [ 357.973461][T11459] [ 357.973470][T11459] dump_stack_lvl+0x16c/0x1f0 [ 357.973506][T11459] should_fail_ex+0x497/0x5b0 [ 357.973534][T11459] _copy_to_user+0x32/0xd0 [ 357.973572][T11459] vivid_radio_rx_read+0x7c9/0xb90 [ 357.973606][T11459] ? __pfx_vivid_radio_rx_read+0x10/0x10 [ 357.973639][T11459] vivid_radio_read+0x86/0xc0 [ 357.973674][T11459] v4l2_read+0x226/0x360 [ 357.973706][T11459] ? __pfx_v4l2_read+0x10/0x10 [ 357.973738][T11459] vfs_read+0x1df/0xbf0 [ 357.973772][T11459] ? __fget_files+0x1fc/0x3a0 [ 357.973793][T11459] ? __pfx_lock_release+0x10/0x10 [ 357.973822][T11459] ? __pfx_vfs_read+0x10/0x10 [ 357.973855][T11459] ? lock_acquire+0x2f/0xb0 [ 357.973879][T11459] ? __fget_files+0x40/0x3a0 [ 357.973905][T11459] ? __fget_files+0x206/0x3a0 [ 357.973935][T11459] ksys_read+0x12b/0x250 [ 357.973967][T11459] ? __pfx_ksys_read+0x10/0x10 [ 357.974009][T11459] do_syscall_64+0xcd/0x250 [ 357.974042][T11459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.974072][T11459] RIP: 0033:0x7f885318cd29 [ 357.974090][T11459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.974112][T11459] RSP: 002b:00007f8852fd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 357.974133][T11459] RAX: ffffffffffffffda RBX: 00007f88533a6080 RCX: 00007f885318cd29 [ 357.974148][T11459] RDX: 000000000000001b RSI: 0000000020000080 RDI: 0000000000000003 [ 357.974161][T11459] RBP: 00007f8852fd8090 R08: 0000000000000000 R09: 0000000000000000 [ 357.974174][T11459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 357.974187][T11459] R13: 0000000000000001 R14: 00007f88533a6080 R15: 00007ffc9ef16648 [ 357.974219][T11459] [ 358.419472][T11462] vivid-013: ================= START STATUS ================= [ 358.455938][T11462] vivid-013: Generate PTS: true [ 358.460880][T11462] vivid-013: Generate SCR: true [ 358.536866][T11462] tpg source WxH: 640x360 (Y'CbCr) [ 358.542053][T11462] tpg field: 1 [ 358.634424][T11462] tpg crop: 640x360@0x0 [ 358.646934][T11462] tpg compose: 640x360@0x0 [ 358.672723][T11462] tpg colorspace: 8 [ 358.678924][T11462] tpg transfer function: 0/0 [ 358.690284][T11462] tpg Y'CbCr encoding: 0/0 [ 358.703676][T11462] tpg quantization: 0/0 [ 358.716786][T11462] tpg RGB range: 0/2 [ 358.729709][T11462] vivid-013: ================== END STATUS ================== [ 359.349038][T11477] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1454'. [ 359.383569][T11484] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1455'. [ 359.491903][T11484] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1455'. [ 359.775000][T11494] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1458'. [ 359.867914][T11490] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1458'. [ 360.335189][T11508] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1461'. [ 360.550220][T11505] vivid-013: ================= START STATUS ================= [ 360.575075][T11505] vivid-013: Generate PTS: true [ 360.580028][T11505] vivid-013: Generate SCR: true [ 360.681370][T11505] tpg source WxH: 640x360 (Y'CbCr) [ 360.762657][T11505] tpg field: 1 [ 360.767594][T11505] tpg crop: 640x360@0x0 [ 360.771805][T11505] tpg compose: 640x360@0x0 [ 360.849101][T11505] tpg colorspace: 8 [ 360.860377][T11505] tpg transfer function: 0/0 [ 360.897087][T11505] tpg Y'CbCr encoding: 0/0 [ 360.952872][T11505] tpg quantization: 0/0 [ 361.022668][T11505] tpg RGB range: 0/2 [ 361.026628][T11505] vivid-013: ================== END STATUS ================== [ 361.744271][T11532] openvswitch: netlink: Missing valid actions attribute. [ 362.189960][T11534] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1468'. [ 362.796713][T11542] vivid-013: ================= START STATUS ================= [ 362.804808][T11542] vivid-013: Generate PTS: true [ 362.809735][T11542] vivid-013: Generate SCR: true [ 362.814852][T11542] tpg source WxH: 640x360 (Y'CbCr) [ 362.820009][T11542] tpg field: 1 [ 362.826107][T11542] tpg crop: 640x360@0x0 [ 362.830312][T11542] tpg compose: 640x360@0x0 [ 362.842709][T11542] tpg colorspace: 8 [ 362.846576][T11542] tpg transfer function: 0/0 [ 362.851202][T11542] tpg Y'CbCr encoding: 0/0 [ 362.883157][T11542] tpg quantization: 0/0 [ 362.887402][T11542] tpg RGB range: 0/2 [ 362.891329][T11542] vivid-013: ================== END STATUS ================== [ 364.607876][T11552] ima: policy update failed [ 364.612675][ T29] audit: type=1802 audit(4294967404.504:16): pid=11552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1472" res=0 errno=0 /[ 366.299752][T11580] FAULT_INJECTION: forcing a failure. [ 366.299752][T11580] name failslab, interval 1, probability 0, space 0, times 0 [ 366.333096][T11580] CPU: 1 UID: 0 PID: 11580 Comm: syz.3.1477 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 366.333132][T11580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 366.333145][T11580] Call Trace: [ 366.333153][T11580] [ 366.333161][T11580] dump_stack_lvl+0x16c/0x1f0 [ 366.333196][T11580] should_fail_ex+0x497/0x5b0 [ 366.333218][T11580] ? fs_reclaim_acquire+0xae/0x150 [ 366.333255][T11580] should_failslab+0xc2/0x120 [ 366.333282][T11580] __kmalloc_node_noprof+0xd1/0x520 [ 366.333308][T11580] ? __pfx_aa_file_perm+0x10/0x10 [ 366.333329][T11580] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 366.333367][T11580] __kvmalloc_node_noprof+0xad/0x1a0 [ 366.333392][T11580] seq_read_iter+0x82a/0x12b0 [ 366.333426][T11580] ? __mutex_trylock_common+0xea/0x250 [ 366.333465][T11580] kernfs_fop_read_iter+0x414/0x580 [ 366.333491][T11580] ? rw_verify_area+0xcf/0x680 [ 366.333526][T11580] vfs_read+0x886/0xbf0 [ 366.333564][T11580] ? __pfx_vfs_read+0x10/0x10 [ 366.333617][T11580] ksys_read+0x12b/0x250 [ 366.333648][T11580] ? __pfx_ksys_read+0x10/0x10 [ 366.333690][T11580] do_syscall_64+0xcd/0x250 [ 366.333721][T11580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.333752][T11580] RIP: 0033:0x7f885318cd29 [ 366.333770][T11580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.333792][T11580] RSP: 002b:00007f8852ff9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 366.333813][T11580] RAX: ffffffffffffffda RBX: 00007f88533a5fa0 RCX: 00007f885318cd29 [ 366.333828][T11580] RDX: 000000000000100f RSI: 0000000020001c00 RDI: 0000000000000003 [ 366.333842][T11580] RBP: 00007f8852ff9090 R08: 0000000000000000 R09: 0000000000000000 [ 366.333855][T11580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 366.333868][T11580] R13: 0000000000000000 R14: 00007f88533a5fa0 R15: 00007ffc9ef16648 [ 366.333901][T11580] [ 366.915185][T11585] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1478'. [ 368.164058][T11605] FAULT_INJECTION: forcing a failure. [ 368.164058][T11605] name failslab, interval 1, probability 0, space 0, times 0 [ 368.225279][T11605] CPU: 1 UID: 0 PID: 11605 Comm: syz.3.1484 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 368.225317][T11605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 368.225339][T11605] Call Trace: [ 368.225347][T11605] [ 368.225357][T11605] dump_stack_lvl+0x16c/0x1f0 [ 368.225399][T11605] should_fail_ex+0x497/0x5b0 [ 368.225423][T11605] ? fs_reclaim_acquire+0xae/0x150 [ 368.225465][T11605] should_failslab+0xc2/0x120 [ 368.225493][T11605] __kmalloc_node_noprof+0xd1/0x520 [ 368.225522][T11605] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 368.225551][T11605] __kvmalloc_node_noprof+0xad/0x1a0 [ 368.225577][T11605] io_uring_setup+0x927/0x3370 [ 368.225606][T11605] ? __fget_files+0x40/0x3a0 [ 368.225633][T11605] ? __pfx_io_uring_setup+0x10/0x10 [ 368.225661][T11605] ? do_futex+0x123/0x350 [ 368.225687][T11605] ? __pfx_do_futex+0x10/0x10 [ 368.225709][T11605] ? __pfx_do_sys_openat2+0x10/0x10 [ 368.225737][T11605] ? fdget+0x187/0x210 [ 368.225758][T11605] ? __sys_sendmsg+0x19a/0x220 [ 368.225803][T11605] ? rcu_is_watching+0x12/0xc0 [ 368.225844][T11605] __x64_sys_io_uring_setup+0x98/0x140 [ 368.225875][T11605] do_syscall_64+0xcd/0x250 [ 368.225908][T11605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.225940][T11605] RIP: 0033:0x7f885318cd29 [ 368.225960][T11605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.225984][T11605] RSP: 002b:00007f8852ff9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 368.226007][T11605] RAX: ffffffffffffffda RBX: 00007f88533a5fa0 RCX: 00007f885318cd29 [ 368.226024][T11605] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 368.226038][T11605] RBP: 00007f885320e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 368.226053][T11605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 368.226067][T11605] R13: 0000000000000000 R14: 00007f88533a5fa0 R15: 00007ffc9ef16648 [ 368.226094][T11605] [ 369.757551][T11614] can0: slcan on ttyS2. [ 370.012747][T11614] can0 (unregistered): slcan off ttyS2. [ 370.740280][T11645] FAULT_INJECTION: forcing a failure. [ 370.740280][T11645] name failslab, interval 1, probability 0, space 0, times 0 [ 370.808645][T11645] CPU: 1 UID: 0 PID: 11645 Comm: syz.2.1491 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 370.808679][T11645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 370.808692][T11645] Call Trace: [ 370.808699][T11645] [ 370.808708][T11645] dump_stack_lvl+0x16c/0x1f0 [ 370.808740][T11645] should_fail_ex+0x497/0x5b0 [ 370.808762][T11645] ? fs_reclaim_acquire+0xae/0x150 [ 370.808793][T11645] should_failslab+0xc2/0x120 [ 370.808870][T11645] __kmalloc_noprof+0xce/0x4f0 [ 370.808895][T11645] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 370.808922][T11645] ? tomoyo_realpath_from_path+0xbf/0x710 [ 370.808947][T11645] ? rcu_is_watching+0x12/0xc0 [ 370.808981][T11645] tomoyo_realpath_from_path+0xbf/0x710 [ 370.809013][T11645] tomoyo_check_open_permission+0x2ad/0x3c0 [ 370.809046][T11645] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 370.809111][T11645] ? __pfx_hook_file_open+0x10/0x10 [ 370.809144][T11645] ? lock_acquire+0x2f/0xb0 [ 370.809166][T11645] ? mnt_get_write_access+0x6a/0x300 [ 370.809197][T11645] tomoyo_file_open+0x6b/0x90 [ 370.809223][T11645] security_file_open+0x84/0x1e0 [ 370.809244][T11645] do_dentry_open+0x57c/0x1c40 [ 370.809287][T11645] vfs_open+0x82/0x3f0 [ 370.809312][T11645] ? may_open+0x1f2/0x400 [ 370.809343][T11645] path_openat+0x1e88/0x2d80 [ 370.809379][T11645] ? __pfx_path_openat+0x10/0x10 [ 370.809402][T11645] ? __pfx___lock_acquire+0x10/0x10 [ 370.809425][T11645] ? lock_acquire.part.0+0x11b/0x380 [ 370.809451][T11645] ? find_held_lock+0x2d/0x110 [ 370.809487][T11645] do_filp_open+0x20c/0x470 [ 370.809509][T11645] ? __pfx_do_filp_open+0x10/0x10 [ 370.809530][T11645] ? find_held_lock+0x2d/0x110 [ 370.809586][T11645] ? _raw_spin_unlock+0x28/0x50 [ 370.809609][T11645] ? alloc_fd+0x41f/0x760 [ 370.809650][T11645] do_sys_openat2+0x17a/0x1e0 [ 370.809676][T11645] ? __pfx_do_sys_openat2+0x10/0x10 [ 370.809707][T11645] ? __fget_files+0x206/0x3a0 [ 370.809735][T11645] __x64_sys_open+0x154/0x1e0 [ 370.809763][T11645] ? __pfx___x64_sys_open+0x10/0x10 [ 370.809803][T11645] do_syscall_64+0xcd/0x250 [ 370.809842][T11645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.809873][T11645] RIP: 0033:0x7f35f218cd29 [ 370.809892][T11645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 370.809914][T11645] RSP: 002b:00007f35f2fa5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 370.809935][T11645] RAX: ffffffffffffffda RBX: 00007f35f23a5fa0 RCX: 00007f35f218cd29 [ 370.809951][T11645] RDX: 00000000000001ac RSI: 0000000000161342 RDI: 0000000020000000 [ 370.809965][T11645] RBP: 00007f35f2fa5090 R08: 0000000000000000 R09: 0000000000000000 [ 370.809978][T11645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 370.809991][T11645] R13: 0000000000000000 R14: 00007f35f23a5fa0 R15: 00007ffce2a423c8 [ 370.810021][T11645] [ 370.810031][T11645] ERROR: Out of memory at tomoyo_realpath_from_path. /[ 373.674922][T11689] FAULT_INJECTION: forcing a failure. [ 373.674922][T11689] name failslab, interval 1, probability 0, space 0, times 0 [ 373.712704][T11689] CPU: 1 UID: 0 PID: 11689 Comm: syz.0.1497 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 373.712737][T11689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 373.712752][T11689] Call Trace: [ 373.712759][T11689] [ 373.712768][T11689] dump_stack_lvl+0x16c/0x1f0 [ 373.712804][T11689] should_fail_ex+0x497/0x5b0 [ 373.712826][T11689] ? fs_reclaim_acquire+0xae/0x150 [ 373.712862][T11689] should_failslab+0xc2/0x120 [ 373.712889][T11689] __kmalloc_node_noprof+0xd1/0x520 [ 373.712916][T11689] ? trace_kmalloc+0x2d/0xd0 [ 373.712945][T11689] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 373.712975][T11689] __kvmalloc_node_noprof+0xad/0x1a0 [ 373.713000][T11689] io_futex_cache_init+0x26/0x130 [ 373.713026][T11689] io_uring_setup+0xa02/0x3370 [ 373.713058][T11689] ? __pfx_io_uring_setup+0x10/0x10 [ 373.713085][T11689] ? do_futex+0x123/0x350 [ 373.713111][T11689] ? __pfx_do_futex+0x10/0x10 [ 373.713133][T11689] ? __pfx_do_sys_openat2+0x10/0x10 [ 373.713158][T11689] ? fdget+0x187/0x210 [ 373.713180][T11689] ? __sys_sendmsg+0x19a/0x220 [ 373.713224][T11689] ? rcu_is_watching+0x12/0xc0 [ 373.713266][T11689] __x64_sys_io_uring_setup+0x98/0x140 [ 373.713295][T11689] do_syscall_64+0xcd/0x250 [ 373.713324][T11689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.713354][T11689] RIP: 0033:0x7fe01d98cd29 [ 373.713372][T11689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.713392][T11689] RSP: 002b:00007fe01e876038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 373.713414][T11689] RAX: ffffffffffffffda RBX: 00007fe01dba5fa0 RCX: 00007fe01d98cd29 [ 373.713428][T11689] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 373.713441][T11689] RBP: 00007fe01da0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 373.713454][T11689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 373.713466][T11689] R13: 0000000000000000 R14: 00007fe01dba5fa0 R15: 00007ffd17398578 [ 373.713494][T11689] /[ 374.623819][T11703] vivid-013: ================= START STATUS ================= [ 374.647080][T11703] vivid-013: Generate PTS: true [ 374.695626][T11703] vivid-013: Generate SCR: true [ 374.742856][T11703] tpg source WxH: 640x360 (Y'CbCr) [ 374.758292][T11703] tpg field: 1 [ 374.761733][T11703] tpg crop: 640x360@0x0 [ 374.840958][T11703] tpg compose: 640x360@0x0 [ 374.870344][T11703] tpg colorspace: 8 [ 374.909139][T11703] tpg transfer function: 0/0 [ 374.958411][T11706] can0: slcan on ttyS2. [ 374.976837][T11703] tpg Y'CbCr encoding: 0/0 [ 375.025359][T11703] tpg quantization: 0/0 [ 375.063203][T11703] tpg RGB range: 0/2 [ 375.077481][T11703] vivid-013: ================== END STATUS ================== [ 375.163256][T11709] can0 (unregistered): slcan off ttyS2. [ 375.503438][T11721] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.1504'. [ 375.615448][T11717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1504'. [ 376.424458][T11749] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 376.721593][T11762] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1509'. [ 377.035718][T11775] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.1510'. [ 377.143274][T11770] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'. [ 377.231229][T11731] Invalid ELF header magic: != ELF [ 377.678975][T11790] vivid-013: ================= START STATUS ================= [ 377.687198][T11790] vivid-013: Generate PTS: true [ 377.692204][T11790] vivid-013: Generate SCR: true [ 377.697276][T11790] tpg source WxH: 640x360 (Y'CbCr) [ 377.703747][T11790] tpg field: 1 [ 377.707166][T11790] tpg crop: 640x360@0x0 [ 377.711348][T11790] tpg compose: 640x360@0x0 [ 377.732195][T11790] tpg colorspace: 8 [ 377.742994][T11790] tpg transfer function: 0/0 [ 377.753328][T11790] tpg Y'CbCr encoding: 0/0 [ 377.757803][T11790] tpg quantization: 0/0 [ 377.761987][T11790] tpg RGB range: 0/2 [ 377.787429][T11790] vivid-013: ================== END STATUS ================== [ 378.017886][T11804] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1517'. [ 378.357590][T11810] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1516'. [ 378.474064][T11817] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1521'. [ 378.622152][T11817] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1521'. /[ 379.066655][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.073091][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.143655][T11829] FAULT_INJECTION: forcing a failure. [ 379.143655][T11829] name failslab, interval 1, probability 0, space 0, times 0 [ 379.200076][T11829] CPU: 1 UID: 0 PID: 11829 Comm: syz.3.1524 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 379.200117][T11829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 379.200131][T11829] Call Trace: [ 379.200138][T11829] [ 379.200147][T11829] dump_stack_lvl+0x16c/0x1f0 [ 379.200183][T11829] should_fail_ex+0x497/0x5b0 [ 379.200205][T11829] ? fs_reclaim_acquire+0xae/0x150 [ 379.200241][T11829] should_failslab+0xc2/0x120 [ 379.200268][T11829] __kmalloc_cache_noprof+0x68/0x420 [ 379.200310][T11829] resv_map_alloc+0x7e/0x400 [ 379.200341][T11829] hugetlbfs_get_inode+0x343/0x740 [ 379.200364][T11829] ? __fget_files+0x206/0x3a0 [ 379.200389][T11829] hugetlb_file_setup+0x15b/0x620 [ 379.200418][T11829] ksys_mmap_pgoff+0x189/0x5c0 [ 379.200457][T11829] __x64_sys_mmap+0x125/0x190 [ 379.200492][T11829] do_syscall_64+0xcd/0x250 [ 379.200523][T11829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.200554][T11829] RIP: 0033:0x7f885318cd29 [ 379.200573][T11829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 379.200595][T11829] RSP: 002b:00007f8852ff9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 379.200617][T11829] RAX: ffffffffffffffda RBX: 00007f88533a5fa0 RCX: 00007f885318cd29 [ 379.200633][T11829] RDX: 00004000000000df RSI: 000000000000000c RDI: 0000000000000000 [ 379.200646][T11829] RBP: 00007f8852ff9090 R08: 0000000000010006 R09: 0000300000000000 [ 379.200661][T11829] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000001 [ 379.200674][T11829] R13: 0000000000000000 R14: 00007f88533a5fa0 R15: 00007ffc9ef16648 [ 379.200704][T11829] [ 380.083399][T11854] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.1528'. /[ 382.612908][T11909] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.1540'. [ 382.687954][T11911] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1541'. [ 383.208246][T11915] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1538'. [ 383.576361][T11923] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1543'. [ 384.221841][T11925] Invalid ELF header magic: != ELF [ 384.283772][T11932] vivid-013: ================= START STATUS ================= [ 384.291521][T11932] vivid-013: Generate PTS: true [ 384.392706][T11932] vivid-013: Generate SCR: true [ 384.397642][T11932] tpg source WxH: 640x360 (Y'CbCr) [ 384.475246][T11932] tpg field: 1 [ 384.478678][T11932] tpg crop: 640x360@0x0 [ 384.539160][T11932] tpg compose: 640x360@0x0 [ 384.566628][T11932] tpg colorspace: 8 [ 384.570497][T11932] tpg transfer function: 0/0 [ 384.625091][T11932] tpg Y'CbCr encoding: 0/0 [ 384.629577][T11932] tpg quantization: 0/0 [ 384.675805][T11932] tpg RGB range: 0/2 [ 384.679761][T11932] vivid-013: ================== END STATUS ================== [ 384.852810][T11934] vivid-013: ================= START STATUS ================= [ 384.901528][T11934] vivid-013: Generate PTS: true [ 384.937241][T11934] vivid-013: Generate SCR: true [ 384.962508][T11934] tpg source WxH: 640x360 (Y'CbCr) [ 385.013682][T11934] tpg field: 1 [ 385.017826][T11934] tpg crop: 640x360@0x0 [ 385.031914][T11934] tpg compose: 640x360@0x0 [ 385.067962][T11934] tpg colorspace: 8 [ 385.092847][T11934] tpg transfer function: 0/0 [ 385.097616][T11934] tpg Y'CbCr encoding: 0/0 [ 385.152906][T11934] tpg quantization: 0/0 [ 385.157166][T11934] tpg RGB range: 0/2 [ 385.161093][T11934] vivid-013: ================== END STATUS ================== [ 385.433457][T11942] vivid-013: ================= START STATUS ================= [ 385.441168][T11942] vivid-013: Generate PTS: true [ 385.462738][T11942] vivid-013: Generate SCR: true [ 385.468035][T11942] tpg source WxH: 640x360 (Y'CbCr) [ 385.475840][T11942] tpg field: 1 [ 385.492818][T11942] tpg crop: 640x360@0x0 [ 385.497057][T11942] tpg compose: 640x360@0x0 [ 385.501503][T11942] tpg colorspace: 8 [ 385.580788][T11942] tpg transfer function: 0/0 [ 385.602734][T11942] tpg Y'CbCr encoding: 0/0 [ 385.610044][T11942] tpg quantization: 0/0 /[ 385.624444][T11942] tpg RGB range: 0/2 [ 385.633149][T11942] vivid-013: ================== END STATUS ================== [ 386.033114][T11974] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.1553'. [ 387.362810][T11986] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1556'. [ 387.709302][T12000] FAULT_INJECTION: forcing a failure. [ 387.709302][T12000] name failslab, interval 1, probability 0, space 0, times 0 [ 387.772772][T12000] CPU: 0 UID: 0 PID: 12000 Comm: syz.2.1564 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 387.772806][T12000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 387.772820][T12000] Call Trace: [ 387.772826][T12000] [ 387.772835][T12000] dump_stack_lvl+0x16c/0x1f0 [ 387.772869][T12000] should_fail_ex+0x497/0x5b0 [ 387.772899][T12000] ? fs_reclaim_acquire+0xae/0x150 [ 387.772933][T12000] should_failslab+0xc2/0x120 [ 387.772958][T12000] __kmalloc_noprof+0xce/0x4f0 [ 387.772981][T12000] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 387.773006][T12000] ? tomoyo_realpath_from_path+0xbf/0x710 [ 387.773032][T12000] tomoyo_realpath_from_path+0xbf/0x710 [ 387.773057][T12000] ? tomoyo_path_number_perm+0x235/0x5b0 [ 387.773089][T12000] tomoyo_path_number_perm+0x248/0x5b0 [ 387.773117][T12000] ? tomoyo_path_number_perm+0x235/0x5b0 [ 387.773149][T12000] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 387.773208][T12000] ? __pfx_lock_release+0x10/0x10 [ 387.773232][T12000] ? trace_lock_acquire+0x14e/0x1f0 [ 387.773255][T12000] ? lock_acquire+0x2f/0xb0 [ 387.773278][T12000] ? __fget_files+0x40/0x3a0 [ 387.773303][T12000] ? __fget_files+0x206/0x3a0 [ 387.773328][T12000] security_file_ioctl+0x9b/0x240 [ 387.773361][T12000] __x64_sys_ioctl+0xb7/0x200 [ 387.773393][T12000] do_syscall_64+0xcd/0x250 [ 387.773423][T12000] entry_SYSCALL_64_after_hwframe+0x77/0x7f /[ 387.773452][T12000] RIP: 0033:0x7f35f218cd29 [ 387.773471][T12000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.773491][T12000] RSP: 002b:00007f35f2fa5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 387.773511][T12000] RAX: ffffffffffffffda RBX: 00007f35f23a5fa0 RCX: 00007f35f218cd29 [ 387.773526][T12000] RDX: 0000000020000040 RSI: 0000000080284504 RDI: 0000000000000003 [ 387.773539][T12000] RBP: 00007f35f2fa5090 R08: 0000000000000000 R09: 0000000000000000 [ 387.773552][T12000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 387.773566][T12000] R13: 0000000000000000 R14: 00007f35f23a5fa0 R15: 00007ffce2a423c8 [ 387.773595][T12000] [ 387.773604][T12000] ERROR: Out of memory at tomoyo_realpath_from_path. [ 388.223241][T12014] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1566'. [ 388.238176][T12015] device-mapper: ioctl: Unable to rename non-existent device, to º$­‡x6~tí󉤈äP¿&OL 4fl-n¾»•ý+ȲLÖŵ*4 [ 388.789184][T12025] vivid-013: ================= START STATUS ================= [ 388.798991][T12025] vivid-013: Generate PTS: true [ 388.806403][T12025] vivid-013: Generate SCR: true [ 388.818063][T12025] tpg source WxH: 640x360 (Y'CbCr) [ 388.838676][T12025] tpg field: 1 [ 388.842113][T12025] tpg crop: 640x360@0x0 [ 388.894020][T12025] tpg compose: 640x360@0x0 [ 388.898759][T12025] tpg colorspace: 8 [ 388.902950][T12025] tpg transfer function: 0/0 [ 388.907647][T12025] tpg Y'CbCr encoding: 0/0 [ 388.912363][T12025] tpg quantization: 0/0 [ 388.919891][T12025] tpg RGB range: 0/2 [ 388.924414][T12025] vivid-013: ================== END STATUS ================== [ 388.952748][T12026] vivid-013: ================= START STATUS ================= [ 388.992334][T12026] vivid-013: Generate PTS: true [ 389.009686][T12026] vivid-013: Generate SCR: true [ 389.041347][T12026] tpg source WxH: 640x360 (Y'CbCr) [ 389.064587][T12028] FAULT_INJECTION: forcing a failure. [ 389.064587][T12028] name fail_futex, interval 1, probability 0, space 0, times 1 [ 389.102752][T12026] tpg field: 1 [ 389.116085][T12026] tpg crop: 640x360@0x0 [ 389.122763][T12028] CPU: 1 UID: 0 PID: 12028 Comm: syz.2.1572 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 389.122799][T12028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 389.122814][T12028] Call Trace: [ 389.122829][T12028] [ 389.122838][T12028] dump_stack_lvl+0x16c/0x1f0 [ 389.122873][T12028] should_fail_ex+0x497/0x5b0 [ 389.122900][T12028] get_futex_key+0x4a3/0x1000 [ 389.122940][T12028] ? __pfx_get_futex_key+0x10/0x10 [ 389.122976][T12028] ? __lock_acquire+0x15a9/0x3c40 [ 389.123014][T12028] futex_wake+0xe8/0x4e0 [ 389.123045][T12028] ? __pfx_futex_wake+0x10/0x10 [ 389.123072][T12028] ? trace_lock_acquire+0x14e/0x1f0 [ 389.123107][T12028] do_futex+0x1e5/0x350 [ 389.123132][T12028] ? __pfx_do_futex+0x10/0x10 [ 389.123156][T12028] ? __pfx_task_mm_cid_work+0x10/0x10 [ 389.123183][T12028] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 389.123216][T12028] ? __pfx___might_resched+0x10/0x10 [ 389.123249][T12028] __x64_sys_futex+0x1e1/0x4c0 [ 389.123277][T12028] ? __pfx___x64_sys_futex+0x10/0x10 [ 389.123302][T12028] ? rcu_is_watching+0x12/0xc0 [ 389.123346][T12028] do_syscall_64+0xcd/0x250 [ 389.123379][T12028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.123411][T12028] RIP: 0033:0x7f35f218cd29 [ 389.123430][T12028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.123453][T12028] RSP: 002b:00007f35f2fa50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 389.123475][T12028] RAX: ffffffffffffffda RBX: 00007f35f23a5fa8 RCX: 00007f35f218cd29 [ 389.123493][T12028] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f35f23a5fac [ 389.123509][T12028] RBP: 00007f35f23a5fa0 R08: 00007f35f2fa6000 R09: 0000000000000000 [ 389.123524][T12028] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35f23a5fac [ 389.123539][T12028] R13: 0000000000000000 R14: 00007ffce2a422e0 R15: 00007ffce2a423c8 [ 389.123570][T12028] [ 389.135450][T12026] tpg compose: 640x360@0x0 [ 389.447992][T12026] tpg colorspace: 8 [ 389.451869][T12026] tpg transfer function: 0/0 [ 389.490241][T12026] tpg Y'CbCr encoding: 0/0 [ 389.500359][T12026] tpg quantization: 0/0 [ 389.532694][T12026] tpg RGB range: 0/2 [ 389.536698][T12026] vivid-013: ================== END STATUS ================== [ 390.453261][T12058] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.1579'. [ 391.506728][T12070] vivid-013: ================= START STATUS ================= [ 391.514803][T12070] vivid-013: Generate PTS: true [ 391.520862][T12070] vivid-013: Generate SCR: true [ 391.537461][T12070] tpg source WxH: 640x360 (Y'CbCr) [ 391.573696][T12070] tpg field: 1 [ 391.602814][T12070] tpg crop: 640x360@0x0 [ 391.607075][T12070] tpg compose: 640x360@0x0 [ 391.686137][T12070] tpg colorspace: 8 [ 391.690007][T12070] tpg transfer function: 0/0 [ 391.730444][T12070] tpg Y'CbCr encoding: 0/0 [ 391.759818][T12070] tpg quantization: 0/0 [ 391.785318][T12070] tpg RGB range: 0/2 [ 391.810385][T12070] vivid-013: ================== END STATUS ================== [ 391.855343][T12076] vivid-013: ================= START STATUS ================= [ 391.865104][T12076] vivid-013: Generate PTS: true [ 391.874977][T12076] vivid-013: Generate SCR: true [ 391.903824][T12076] tpg source WxH: 640x360 (Y'CbCr) [ 391.926152][T12076] tpg field: 1 [ 391.952840][T12076] tpg crop: 640x360@0x0 [ 391.964129][T12076] tpg compose: 640x360@0x0 [ 391.993092][T12076] tpg colorspace: 8 [ 392.020532][T12076] tpg transfer function: 0/0 [ 392.079611][T12076] tpg Y'CbCr encoding: 0/0 [ 392.097720][T12076] tpg quantization: 0/0 [ 392.106457][T12076] tpg RGB range: 0/2 [ 392.116268][T12076] vivid-013: ================== END STATUS ================== [ 392.163536][T12085] FAULT_INJECTION: forcing a failure. [ 392.163536][T12085] name failslab, interval 1, probability 0, space 0, times 0 [ 392.214716][T12085] CPU: 1 UID: 0 PID: 12085 Comm: syz.3.1585 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 392.214749][T12085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 392.214762][T12085] Call Trace: [ 392.214768][T12085] [ 392.214777][T12085] dump_stack_lvl+0x16c/0x1f0 [ 392.214810][T12085] should_fail_ex+0x497/0x5b0 [ 392.214837][T12085] should_failslab+0xc2/0x120 [ 392.214863][T12085] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 392.214888][T12085] ? dst_alloc+0x99/0x1a0 [ 392.214916][T12085] dst_alloc+0x99/0x1a0 [ 392.214941][T12085] rt_dst_alloc+0x35/0x3a0 [ 392.214965][T12085] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 392.215002][T12085] ip_route_output_key_hash+0x138/0x2e0 [ 392.215029][T12085] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 392.215053][T12085] ? __pfx_stack_trace_save+0x10/0x10 [ 392.215098][T12085] tcp_v4_connect+0x7df/0x1b80 [ 392.215132][T12085] ? __pfx_tcp_v4_connect+0x10/0x10 [ 392.215166][T12085] __inet_stream_connect+0x3c7/0x1020 [ 392.215200][T12085] ? __pfx___inet_stream_connect+0x10/0x10 [ 392.215239][T12085] tcp_sendmsg_fastopen+0x3d7/0x700 [ 392.215272][T12085] tcp_sendmsg_locked+0x2075/0x37c0 [ 392.215302][T12085] ? hlock_class+0x4e/0x130 [ 392.215333][T12085] ? mark_lock+0xb5/0xc60 [ 392.215354][T12085] ? smc_switch_to_fallback+0x5a6/0xa00 [ 392.215387][T12085] ? __pfx_lock_release+0x10/0x10 [ 392.215412][T12085] ? __pfx_mark_lock+0x10/0x10 [ 392.215436][T12085] ? lock_acquire.part.0+0x11b/0x380 [ 392.215473][T12085] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 392.215502][T12085] ? tcp_sendmsg+0x20/0x50 [ 392.215532][T12085] ? mark_held_locks+0x9f/0xe0 [ 392.215555][T12085] ? __local_bh_enable_ip+0xa4/0x120 [ 392.215585][T12085] tcp_sendmsg+0x2e/0x50 [ 392.215605][T12085] ? __pfx_tcp_sendmsg+0x10/0x10 [ 392.215627][T12085] inet_sendmsg+0xb9/0x140 [ 392.215651][T12085] smc_sendmsg+0x221/0x520 [ 392.215681][T12085] ____sys_sendmsg+0x9ae/0xb40 [ 392.215707][T12085] ? __pfx_____sys_sendmsg+0x10/0x10 [ 392.215726][T12085] ? __lock_acquire+0xcc5/0x3c40 [ 392.215771][T12085] ___sys_sendmsg+0x135/0x1e0 [ 392.215800][T12085] ? __pfx____sys_sendmsg+0x10/0x10 [ 392.215839][T12085] ? trace_lock_acquire+0x14e/0x1f0 [ 392.215877][T12085] __sys_sendmmsg+0x201/0x420 [ 392.215904][T12085] ? __pfx___sys_sendmmsg+0x10/0x10 [ 392.215939][T12085] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 392.215980][T12085] ? fput+0x67/0x440 [ 392.216003][T12085] ? ksys_write+0x1ba/0x250 [ 392.216031][T12085] ? __pfx_ksys_write+0x10/0x10 [ 392.216065][T12085] __x64_sys_sendmmsg+0x9c/0x100 [ 392.216090][T12085] ? lockdep_hardirqs_on+0x7c/0x110 [ 392.216115][T12085] do_syscall_64+0xcd/0x250 [ 392.216146][T12085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.216171][T12085] RIP: 0033:0x7f885318cd29 [ 392.216190][T12085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.216209][T12085] RSP: 002b:00007f8852fd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 392.216229][T12085] RAX: ffffffffffffffda RBX: 00007f88533a6080 RCX: 00007f885318cd29 [ 392.216243][T12085] RDX: 0000000000000001 RSI: 0000000020000140 RDI: 0000000000000004 [ 392.216256][T12085] RBP: 00007f8852fd8090 R08: 0000000000000000 R09: 0000000000000000 [ 392.216269][T12085] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.216283][T12085] R13: 0000000000000001 R14: 00007f88533a6080 R15: 00007ffc9ef16648 [ 392.216311][T12085] [ 394.352336][T12104] Process accounting resumed //[ 395.831136][T12111] synth uevent: /devices/virtual/tty/ttyve: unknown uevent action string [ 395.852952][T12111] tty ttyve: uevent: failed to send synthetic uevent: -22 [ 395.898362][T12132] FAULT_INJECTION: forcing a failure. [ 395.898362][T12132] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 395.943725][T12132] CPU: 1 UID: 0 PID: 12132 Comm: syz.3.1599 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 395.943761][T12132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 395.943772][T12132] Call Trace: [ 395.943778][T12132] [ 395.943786][T12132] dump_stack_lvl+0x16c/0x1f0 [ 395.943814][T12132] should_fail_ex+0x497/0x5b0 [ 395.943855][T12132] _copy_from_user+0x2e/0xd0 [ 395.943878][T12132] scsi_cdrom_send_packet+0x18b/0x660 [ 395.943902][T12132] ? __pfx_scsi_cdrom_send_packet+0x10/0x10 [ 395.943930][T12132] ? find_held_lock+0x2d/0x110 [ 395.943961][T12132] ? tomoyo_path_number_perm+0x298/0x5b0 [ 395.943999][T12132] ? __pfx_lock_release+0x10/0x10 [ 395.944032][T12132] scsi_ioctl+0x146/0x1840 [ 395.944054][T12132] ? __pfx___might_resched+0x10/0x10 [ 395.944078][T12132] ? __pfx_scsi_ioctl+0x10/0x10 [ 395.944101][T12132] ? scsi_block_when_processing_errors+0x2c1/0x380 [ 395.944125][T12132] ? __pfx_scsi_block_when_processing_errors+0x10/0x10 [ 395.944163][T12132] sd_ioctl+0x1b1/0x2c0 [ 395.944182][T12132] ? __pfx_sd_ioctl+0x10/0x10 [ 395.944200][T12132] blkdev_ioctl+0x273/0x670 [ 395.944223][T12132] ? __pfx_blkdev_ioctl+0x10/0x10 [ 395.944242][T12132] ? __fget_files+0x206/0x3a0 [ 395.944263][T12132] ? __pfx_blkdev_ioctl+0x10/0x10 [ 395.944285][T12132] __x64_sys_ioctl+0x190/0x200 [ 395.944313][T12132] do_syscall_64+0xcd/0x250 [ 395.944338][T12132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.944365][T12132] RIP: 0033:0x7f885318cd29 [ 395.944380][T12132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.944397][T12132] RSP: 002b:00007f8852ff9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 395.944414][T12132] RAX: ffffffffffffffda RBX: 00007f88533a5fa0 RCX: 00007f885318cd29 [ 395.944426][T12132] RDX: 0000000000000000 RSI: 0000000000005393 RDI: 0000000000000005 [ 395.944437][T12132] RBP: 00007f8852ff9090 R08: 0000000000000000 R09: 0000000000000000 [ 395.944447][T12132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.944458][T12132] R13: 0000000000000000 R14: 00007f88533a5fa0 R15: 00007ffc9ef16648 [ 395.944480][T12132] [ 396.845680][T12139] FAULT_INJECTION: forcing a failure. [ 396.845680][T12139] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 396.872715][T12139] CPU: 0 UID: 0 PID: 12139 Comm: syz.1.1601 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 396.872744][T12139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 396.872755][T12139] Call Trace: [ 396.872761][T12139] [ 396.872769][T12139] dump_stack_lvl+0x16c/0x1f0 [ 396.872801][T12139] should_fail_ex+0x497/0x5b0 [ 396.872827][T12139] _copy_to_user+0x32/0xd0 [ 396.872855][T12139] simple_read_from_buffer+0xd0/0x160 [ 396.872893][T12139] proc_fail_nth_read+0x198/0x270 [ 396.872920][T12139] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 396.872948][T12139] ? rw_verify_area+0xcf/0x680 [ 396.872974][T12139] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 396.872998][T12139] vfs_read+0x1df/0xbf0 [ 396.873026][T12139] ? __fget_files+0x1fc/0x3a0 [ 396.873048][T12139] ? __pfx___mutex_lock+0x10/0x10 [ 396.873077][T12139] ? __pfx_vfs_read+0x10/0x10 [ 396.873115][T12139] ? __fget_files+0x206/0x3a0 [ 396.873143][T12139] ksys_read+0x12b/0x250 [ 396.873172][T12139] ? __pfx_ksys_read+0x10/0x10 [ 396.873210][T12139] do_syscall_64+0xcd/0x250 [ 396.873242][T12139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.873271][T12139] RIP: 0033:0x7f3495d8b73c [ 396.873289][T12139] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 396.873309][T12139] RSP: 002b:00007f3496c7b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 396.873330][T12139] RAX: ffffffffffffffda RBX: 00007f3495fa5fa0 RCX: 00007f3495d8b73c [ 396.873345][T12139] RDX: 000000000000000f RSI: 00007f3496c7b0a0 RDI: 0000000000000004 [ 396.873358][T12139] RBP: 00007f3496c7b090 R08: 0000000000000000 R09: 0000000000000000 [ 396.873372][T12139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 396.873385][T12139] R13: 0000000000000000 R14: 00007f3495fa5fa0 R15: 00007ffca1566448 [ 396.873415][T12139] [ 397.136735][T12143] FAULT_INJECTION: forcing a failure. [ 397.136735][T12143] name failslab, interval 1, probability 0, space 0, times 0 [ 397.150181][T12143] CPU: 0 UID: 0 PID: 12143 Comm: syz.0.1603 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 397.150211][T12143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 397.150223][T12143] Call Trace: [ 397.150230][T12143] [ 397.150238][T12143] dump_stack_lvl+0x16c/0x1f0 [ 397.150273][T12143] should_fail_ex+0x497/0x5b0 [ 397.150296][T12143] ? fs_reclaim_acquire+0xae/0x150 [ 397.150332][T12143] should_failslab+0xc2/0x120 [ 397.150359][T12143] __kmalloc_noprof+0xce/0x4f0 [ 397.150384][T12143] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 397.150410][T12143] ? tomoyo_realpath_from_path+0xbf/0x710 [ 397.150439][T12143] tomoyo_realpath_from_path+0xbf/0x710 [ 397.150465][T12143] ? tomoyo_path_number_perm+0x235/0x5b0 [ 397.150501][T12143] tomoyo_path_number_perm+0x248/0x5b0 [ 397.150531][T12143] ? tomoyo_path_number_perm+0x235/0x5b0 [ 397.150565][T12143] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 397.150628][T12143] ? __pfx_lock_release+0x10/0x10 [ 397.150654][T12143] ? trace_lock_acquire+0x14e/0x1f0 [ 397.150680][T12143] ? lock_acquire+0x2f/0xb0 [ 397.150703][T12143] ? __fget_files+0x40/0x3a0 [ 397.150729][T12143] ? __fget_files+0x206/0x3a0 [ 397.150755][T12143] security_file_ioctl+0x9b/0x240 [ 397.150789][T12143] __x64_sys_ioctl+0xb7/0x200 [ 397.150822][T12143] do_syscall_64+0xcd/0x250 [ 397.150861][T12143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.150891][T12143] RIP: 0033:0x7fe01d98cd29 [ 397.150910][T12143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.150931][T12143] RSP: 002b:00007fe01e876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 397.150951][T12143] RAX: ffffffffffffffda RBX: 00007fe01dba5fa0 RCX: 00007fe01d98cd29 [ 397.150966][T12143] RDX: 0000000000000001 RSI: 000000004008550c RDI: 0000000000000003 [ 397.150980][T12143] RBP: 00007fe01e876090 R08: 0000000000000000 R09: 0000000000000000 [ 397.150994][T12143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 397.151007][T12143] R13: 0000000000000000 R14: 00007fe01dba5fa0 R15: 00007ffd17398578 [ 397.151037][T12143] [ 397.151047][T12143] ERROR: Out of memory at tomoyo_realpath_from_path. [ 397.577985][T12161] device-mapper: ioctl: Unable to rename non-existent device, to º$­‡x6~tí󉤈äP¿&OL 4fl-n¾»•ý+ȲLÖŵ*4Tý [ 397.577985][T12161] ¦AÊp€˜_ÍlçÁÒn²îFJr·$ymn‰‚~¾<¬áJQŸ‰DûEô@a?BÁ¡L¸ŸÊˆ=óFåvþTÞIe>É6” ´i [ 398.014526][T12178] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.1618'. /[ 398.588304][T12196] can0: slcan on ttyS2. [ 398.669794][T12196] can0 (unregistered): slcan off ttyS2. [ 398.884703][T12201] vivid-013: ================= START STATUS ================= [ 398.892540][T12201] vivid-013: Generate PTS: true [ 398.900792][T12201] vivid-013: Generate SCR: true [ 398.907343][T12201] tpg source WxH: 640x360 (Y'CbCr) [ 398.912553][T12201] tpg field: 1 [ 398.916596][T12201] tpg crop: 640x360@0x0 [ 398.920889][T12201] tpg compose: 640x360@0x0 [ 398.931021][T12201] tpg colorspace: 8 [ 398.935010][T12201] tpg transfer function: 0/0 [ 398.946332][T12201] tpg Y'CbCr encoding: 0/0 [ 398.954034][T12201] tpg quantization: 0/0 [ 398.961081][T12201] tpg RGB range: 0/2 [ 398.965714][T12201] vivid-013: ================== END STATUS ================== [ 399.087651][T12172] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 399.108276][T12172] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 399.127863][T12172] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 399.147949][T12172] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 399.590702][T12205] can0: slcan on ttyS2. [ 399.771963][T12207] can0 (unregistered): slcan off ttyS2. [ 400.080745][T12231] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1622'. [ 400.262681][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 400.405341][T12238] vivid-013: ================= START STATUS ================= [ 400.422819][T12238] vivid-013: Generate PTS: true [ 400.427760][T12238] vivid-013: Generate SCR: true [ 400.443220][T12238] tpg source WxH: 640x360 (Y'CbCr) [ 400.448387][T12238] tpg field: 1 [ 400.451782][T12238] tpg crop: 640x360@0x0 [ 400.472696][T12238] tpg compose: 640x360@0x0 [ 400.477629][T12238] tpg colorspace: 8 [ 400.481574][T12238] tpg transfer function: 0/0 [ 400.493108][T12238] tpg Y'CbCr encoding: 0/0 [ 400.520715][T12238] tpg quantization: 0/0 [ 400.525188][T12238] tpg RGB range: 0/2 [ 400.543122][T12238] vivid-013: ================== END STATUS ================== [ 401.086036][T12271] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1629'. [ 401.143206][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 401.143537][ T5828] Bluetooth: hci1: command 0x0c1a tx timeout [ 401.223496][ T5828] Bluetooth: hci3: command 0x0c1a tx timeout [ 401.361746][T12283] Process accounting resumed [ 401.378188][T12286] FAULT_INJECTION: forcing a failure. [ 401.378188][T12286] name failslab, interval 1, probability 0, space 0, times 0 [ 401.413358][T12286] CPU: 1 UID: 0 PID: 12286 Comm: syz.0.1632 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 401.413402][T12286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 401.413414][T12286] Call Trace: [ 401.413420][T12286] [ 401.413428][T12286] dump_stack_lvl+0x16c/0x1f0 [ 401.413461][T12286] should_fail_ex+0x497/0x5b0 [ 401.413483][T12286] ? fs_reclaim_acquire+0xae/0x150 [ 401.413517][T12286] should_failslab+0xc2/0x120 [ 401.413543][T12286] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 401.413567][T12286] ? alloc_empty_file+0x73/0x1e0 [ 401.413595][T12286] alloc_empty_file+0x73/0x1e0 [ 401.413622][T12286] path_openat+0xe1/0x2d80 [ 401.413641][T12286] ? hlock_class+0x4e/0x130 [ 401.413672][T12286] ? __lock_acquire+0x15a9/0x3c40 [ 401.413708][T12286] ? __pfx_path_openat+0x10/0x10 [ 401.413730][T12286] ? __pfx___lock_acquire+0x10/0x10 [ 401.413754][T12286] ? lock_acquire.part.0+0x11b/0x380 [ 401.413780][T12286] ? find_held_lock+0x2d/0x110 [ 401.413813][T12286] do_filp_open+0x20c/0x470 [ 401.413833][T12286] ? __pfx_do_filp_open+0x10/0x10 [ 401.413852][T12286] ? find_held_lock+0x2d/0x110 [ 401.413902][T12286] ? alloc_fd+0x41f/0x760 [ 401.413943][T12286] do_sys_openat2+0x17a/0x1e0 [ 401.413970][T12286] ? __pfx_do_sys_openat2+0x10/0x10 [ 401.414001][T12286] ? __fget_files+0x206/0x3a0 [ 401.414028][T12286] __x64_sys_openat+0x175/0x210 [ 401.414054][T12286] ? __pfx___x64_sys_openat+0x10/0x10 [ 401.414080][T12286] ? ksys_write+0x1ba/0x250 [ 401.414122][T12286] do_syscall_64+0xcd/0x250 [ 401.414154][T12286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.414184][T12286] RIP: 0033:0x7fe01d98cd29 [ 401.414202][T12286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 401.414222][T12286] RSP: 002b:00007fe01e876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 401.414242][T12286] RAX: ffffffffffffffda RBX: 00007fe01dba5fa0 RCX: 00007fe01d98cd29 [ 401.414257][T12286] RDX: 00000000000a0001 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 401.414271][T12286] RBP: 00007fe01e876090 R08: 0000000000000000 R09: 0000000000000000 [ 401.414283][T12286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 401.414296][T12286] R13: 0000000000000000 R14: 00007fe01dba5fa0 R15: 00007ffd17398578 [ 401.414325][T12286] [ 401.918105][T12299] binder: 12298:12299 ioctl c0046209 9 returned -22 [ 401.926190][T12299] random: crng reseeded on system resumption [ 402.000962][T12302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1635'. [ 402.157787][T12306] vivid-013: ================= START STATUS ================= [ 402.167532][T12306] vivid-013: Generate PTS: true [ 402.172544][T12306] vivid-013: Generate SCR: true [ 402.178728][T12306] tpg source WxH: 640x360 (Y'CbCr) [ 402.187405][T12306] tpg field: 1 [ 402.193135][T12306] tpg crop: 640x360@0x0 [ 402.200698][T12306] tpg compose: 640x360@0x0 [ 402.211975][T12306] tpg colorspace: 8 [ 402.223840][T12306] tpg transfer function: 0/0 [ 402.236369][T12306] tpg Y'CbCr encoding: 0/0 [ 402.252258][T12306] tpg quantization: 0/0 [ 402.267298][T12306] tpg RGB range: 0/2 [ 402.280864][T12306] vivid-013: ================== END STATUS ================== [ 403.142044][T12355] binder: 12354:12355 ioctl c0046209 9 returned -22 [ 403.154256][T12355] random: crng reseeded on system resumption [ 403.161694][T12345] can0: slcan on ttyS2. [ 403.235609][T12345] can0 (unregistered): slcan off ttyS2. [ 403.479056][T12364] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1650'. [ 403.509784][T12364] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1650'. [ 403.804540][T12371] blktrace: Concurrent blktraces are not allowed on sg0 [ 405.086342][T12415] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1659'. [ 406.153426][T12432] FAULT_INJECTION: forcing a failure. [ 406.153426][T12432] name failslab, interval 1, probability 0, space 0, times 0 [ 406.200976][T12432] CPU: 1 UID: 0 PID: 12432 Comm: syz.3.1663 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 406.201009][T12432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 406.201022][T12432] Call Trace: [ 406.201028][T12432] [ 406.201037][T12432] dump_stack_lvl+0x16c/0x1f0 [ 406.201076][T12432] should_fail_ex+0x497/0x5b0 [ 406.201098][T12432] ? fs_reclaim_acquire+0xae/0x150 [ 406.201134][T12432] should_failslab+0xc2/0x120 [ 406.201161][T12432] __kmalloc_noprof+0xce/0x4f0 [ 406.201186][T12432] ? do_handle_open+0x587/0xb60 [ 406.201221][T12432] do_handle_open+0x587/0xb60 [ 406.201249][T12432] ? __fget_files+0x206/0x3a0 [ 406.201272][T12432] ? __pfx_do_handle_open+0x10/0x10 [ 406.201307][T12432] ? ksys_write+0x1ba/0x250 [ 406.201350][T12432] ? do_syscall_64+0xcd/0x250 [ 406.201376][T12432] do_syscall_64+0xcd/0x250 [ 406.201406][T12432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.201436][T12432] RIP: 0033:0x7f885318cd29 [ 406.201454][T12432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 406.201476][T12432] RSP: 002b:00007f8852ff9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 406.201497][T12432] RAX: ffffffffffffffda RBX: 00007f88533a5fa0 RCX: 00007f885318cd29 [ 406.201512][T12432] RDX: 0000000000000005 RSI: 0000000020000080 RDI: 0000000000000003 [ 406.201525][T12432] RBP: 00007f8852ff9090 R08: 0000000000000000 R09: 0000000000000000 [ 406.201539][T12432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 406.201551][T12432] R13: 0000000000000000 R14: 00007f88533a5fa0 R15: 00007ffc9ef16648 [ 406.201581][T12432] [ 406.741557][T12439] device-mapper: ioctl: Unable to rename non-existent device, to ­‡x6~tí󉤈äP¿&OL 4fl-n¾»•ý+ȲLÖŵ*4Tý [ 406.741557][T12439] ¦AÊp€˜_ÍlçÁÒn²îFJr·$ymn‰‚~¾<¬áJQŸ‰DûEô@a?BÁ¡L¸ŸÊˆ=óFåvþTÞIe>É6” ´iA“­Ú]·Ëö [ 408.247245][T12472] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1675'. [ 408.615813][T12476] [ 408.769565][T12487] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1678'. [ 408.936094][T12480] vivid-013: ================= START STATUS ================= [ 408.952690][T12480] vivid-013: Generate PTS: true [ 408.986515][T12480] vivid-013: Generate SCR: true [ 408.992282][T12480] tpg source WxH: 640x360 (Y'CbCr) [ 409.062699][T12480] tpg field: 1 [ 409.066300][T12480] tpg crop: 640x360@0x0 [ 409.070477][T12480] tpg compose: 640x360@0x0 [ 409.146691][T12480] tpg colorspace: 8 [ 409.150596][T12480] tpg transfer function: 0/0 [ 409.223596][T12480] tpg Y'CbCr encoding: 0/0 [ 409.242975][T12480] tpg quantization: 0/0 [ 409.322705][T12480] tpg RGB range: 0/2 [ 409.326670][T12480] vivid-013: ================== END STATUS ================== [ 409.838550][T12501] Process accounting resumed [ 410.843773][T12513] netdevsim netdevsim106921 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 411.210605][T12530] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1687'. /[ 411.597604][T12532] vivid-013: ================= START STATUS ================= [ 411.612713][T12532] vivid-013: Generate PTS: true [ 411.627852][T12532] vivid-013: Generate SCR: true [ 411.662728][T12532] tpg source WxH: 640x360 (Y'CbCr) [ 411.682766][T12532] tpg field: 1 [ 411.722668][T12532] tpg crop: 640x360@0x0 [ 411.726884][T12532] tpg compose: 640x360@0x0 [ 411.777861][T12532] tpg colorspace: 8 [ 411.781722][T12532] tpg transfer function: 0/0 [ 411.828244][T12532] tpg Y'CbCr encoding: 0/0 [ 411.853327][T12532] tpg quantization: 0/0 [ 411.874710][T12532] tpg RGB range: 0/2 [ 411.889912][T12532] vivid-013: ================== END STATUS ================== [ 412.193012][T12542] vivid-013: ================= START STATUS ================= [ 412.200728][T12542] vivid-013: Generate PTS: true [ 412.282701][T12542] vivid-013: Generate SCR: true [ 412.293539][T12542] tpg source WxH: 640x360 (Y'CbCr) [ 412.298721][T12542] tpg field: 1 [ 412.302112][T12542] tpg crop: 640x360@0x0 [ 412.377208][T12542] tpg compose: 640x360@0x0 [ 412.422798][T12542] tpg colorspace: 8 [ 412.444884][T12542] tpg transfer function: 0/0 [ 412.475371][T12542] tpg Y'CbCr encoding: 0/0 [ 412.497401][T12542] tpg quantization: 0/0 [ 412.522682][T12542] tpg RGB range: 0/2 [ 412.531153][T12542] vivid-013: ================== END STATUS ================== [ 412.914340][T12556] vivid-013: ================= START STATUS ================= [ 412.936731][T12556] vivid-013: Generate PTS: true [ 412.958586][T12556] vivid-013: Generate SCR: true [ 412.977900][T12556] tpg source WxH: 640x360 (Y'CbCr) [ 412.997960][T12556] tpg field: 1 [ 413.012484][T12556] tpg crop: 640x360@0x0 [ 413.031502][T12556] tpg compose: 640x360@0x0 [ 413.051713][T12556] tpg colorspace: 8 [ 413.068961][T12556] tpg transfer function: 0/0 [ 413.089003][T12556] tpg Y'CbCr encoding: 0/0 [ 413.109959][T12556] tpg quantization: 0/0 [ 413.131091][T12556] tpg RGB range: 0/2 [ 413.149721][T12556] vivid-013: ================== END STATUS ================== [ 413.975759][T12571] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1696'. [ 414.374067][T12576] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1698'. /[ 415.020047][T12587] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1701'. /[ 416.145436][T12602] vivid-013: ================= START STATUS ================= [ 416.176574][T12602] vivid-013: Generate PTS: true [ 416.193945][T12602] vivid-013: Generate SCR: true [ 416.219671][T12602] tpg source WxH: 640x360 (Y'CbCr) [ 416.232330][T12619] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1708'. [ 416.241573][T12602] tpg field: 1 [ 416.275035][T12602] tpg crop: 640x360@0x0 [ 416.283848][T12602] tpg compose: 640x360@0x0 [ 416.293129][T12602] tpg colorspace: 8 [ 416.301444][T12602] tpg transfer function: 0/0 [ 416.312075][T12602] tpg Y'CbCr encoding: 0/0 [ 416.321065][T12602] tpg quantization: 0/0 [ 416.329908][T12602] tpg RGB range: 0/2 [ 416.338347][T12602] vivid-013: ================== END STATUS ================== //[ 416.657197][T12633] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1710'. [ 416.921364][ T29] audit: type=1326 audit(4294967456.814:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12636 comm="syz.2.1713" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f35f218cd29 code=0x0 [ 416.983216][T12644] Process accounting resumed [ 417.369502][T12653] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 417.429341][T12654] vivid-013: ================= START STATUS ================= [ 417.446022][T12654] vivid-013: Generate PTS: true [ 417.456580][T12654] vivid-013: Generate SCR: true [ 417.475118][T12654] tpg source WxH: 640x360 (Y'CbCr) [ 417.502256][T12654] tpg field: 1 [ 417.525298][T12654] tpg crop: 640x360@0x0 [ 417.543760][T12654] tpg compose: 640x360@0x0 [ 417.552545][T12654] tpg colorspace: 8 [ 417.557021][T12654] tpg transfer function: 0/0 [ 417.568160][T12654] tpg Y'CbCr encoding: 0/0 [ 417.577821][T12654] tpg quantization: 0/0 [ 417.587776][T12654] tpg RGB range: 0/2 [ 417.605871][T12654] vivid-013: ================== END STATUS ================== /[ 418.788539][T12678] FAULT_INJECTION: forcing a failure. [ 418.788539][T12678] name failslab, interval 1, probability 0, space 0, times 0 [ 418.838686][T12678] CPU: 1 UID: 0 PID: 12678 Comm: syz.3.1722 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 418.838719][T12678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 418.838731][T12678] Call Trace: [ 418.838738][T12678] [ 418.838747][T12678] dump_stack_lvl+0x16c/0x1f0 [ 418.838780][T12678] should_fail_ex+0x497/0x5b0 [ 418.838803][T12678] ? fs_reclaim_acquire+0xae/0x150 [ 418.838838][T12678] should_failslab+0xc2/0x120 [ 418.838864][T12678] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 418.838890][T12678] ? security_file_alloc+0x34/0x2b0 [ 418.838929][T12678] security_file_alloc+0x34/0x2b0 [ 418.838963][T12678] init_file+0x93/0x480 [ 418.838989][T12678] alloc_empty_file+0x91/0x1e0 [ 418.839017][T12678] path_openat+0xe1/0x2d80 [ 418.839037][T12678] ? hlock_class+0x4e/0x130 [ 418.839069][T12678] ? __lock_acquire+0x15a9/0x3c40 [ 418.839106][T12678] ? __pfx_path_openat+0x10/0x10 [ 418.839128][T12678] ? __pfx___lock_acquire+0x10/0x10 [ 418.839152][T12678] ? lock_acquire.part.0+0x11b/0x380 [ 418.839178][T12678] ? find_held_lock+0x2d/0x110 [ 418.839215][T12678] do_filp_open+0x20c/0x470 [ 418.839237][T12678] ? __pfx_do_filp_open+0x10/0x10 [ 418.839257][T12678] ? find_held_lock+0x2d/0x110 [ 418.839311][T12678] ? alloc_fd+0x41f/0x760 [ 418.839353][T12678] do_sys_openat2+0x17a/0x1e0 [ 418.839381][T12678] ? __pfx_do_sys_openat2+0x10/0x10 [ 418.839411][T12678] ? __fget_files+0x206/0x3a0 [ 418.839438][T12678] __x64_sys_openat+0x175/0x210 [ 418.839466][T12678] ? __pfx___x64_sys_openat+0x10/0x10 [ 418.839492][T12678] ? ksys_write+0x1ba/0x250 [ 418.839535][T12678] do_syscall_64+0xcd/0x250 [ 418.839567][T12678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.839597][T12678] RIP: 0033:0x7f885318cd29 [ 418.839616][T12678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.839637][T12678] RSP: 002b:00007f8852ff9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 418.839664][T12678] RAX: ffffffffffffffda RBX: 00007f88533a5fa0 RCX: 00007f885318cd29 [ 418.839679][T12678] RDX: 0000000000004201 RSI: 00000000200000c0 RDI: ffffffffffffff9c [ 418.839693][T12678] RBP: 00007f8852ff9090 R08: 0000000000000000 R09: 0000000000000000 [ 418.839707][T12678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 418.839720][T12678] R13: 0000000000000001 R14: 00007f88533a5fa0 R15: 00007ffc9ef16648 [ 418.839750][T12678] [ 418.907155][T12683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1725'. [ 418.908220][ C1] vkms_vblank_simulate: vblank timer overrun [ 418.998218][T12677] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1721'. [ 418.999554][ C1] vkms_vblank_simulate: vblank timer overrun [ 419.110817][ C1] hrtimer: interrupt took 268244339 ns [ 419.193374][T12688] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1727'. [ 419.210838][ C1] vkms_vblank_simulate: vblank timer overrun [ 419.410762][T12689] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1724'. [ 419.453782][T12700] random: crng reseeded on system resumption [ 420.746275][T12720] FAULT_INJECTION: forcing a failure. [ 420.746275][T12720] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 420.776824][T12720] CPU: 0 UID: 0 PID: 12720 Comm: syz.1.1735 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 420.776855][T12720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 420.776868][T12720] Call Trace: [ 420.776875][T12720] [ 420.776883][T12720] dump_stack_lvl+0x16c/0x1f0 [ 420.776917][T12720] should_fail_ex+0x497/0x5b0 [ 420.776941][T12720] ? fs_reclaim_acquire+0xae/0x150 [ 420.776977][T12720] should_fail_alloc_page+0xe7/0x130 [ 420.777007][T12720] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 420.777047][T12720] __alloc_pages_noprof+0x18e/0x2470 [ 420.777080][T12720] ? hlock_class+0x4e/0x130 [ 420.777112][T12720] ? mark_lock+0xb5/0xc60 [ 420.777137][T12720] ? __pfx___lock_acquire+0x10/0x10 [ 420.777166][T12720] ? hlock_class+0x4e/0x130 [ 420.777197][T12720] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 420.777234][T12720] ? __pfx_lock_release+0x10/0x10 [ 420.777260][T12720] ? __pfx___lock_acquire+0x10/0x10 [ 420.777292][T12720] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 420.777323][T12720] ? policy_nodemask+0xea/0x4e0 [ 420.777353][T12720] alloc_pages_mpol_noprof+0x2c8/0x620 [ 420.777386][T12720] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 420.777429][T12720] ? xas_load+0x49/0x5b0 [ 420.777455][T12720] ? filemap_get_entry+0xd0/0x3c0 [ 420.777483][T12720] folio_alloc_noprof+0x1e/0xc0 [ 420.777511][T12720] filemap_alloc_folio_noprof+0x39b/0x470 [ 420.777544][T12720] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 420.777575][T12720] ? alloc_file_pseudo+0x173/0x200 [ 420.777608][T12720] __filemap_get_folio+0x539/0xaf0 [ 420.777639][T12720] ioctx_alloc+0x763/0x1fb0 [ 420.777676][T12720] ? __might_fault+0x13b/0x190 [ 420.777712][T12720] ? __pfx_ioctx_alloc+0x10/0x10 [ 420.777741][T12720] ? lock_acquire+0x2f/0xb0 [ 420.777768][T12720] ? __might_fault+0xe3/0x190 [ 420.777802][T12720] __x64_sys_io_setup+0xc9/0x210 [ 420.777834][T12720] do_syscall_64+0xcd/0x250 [ 420.777866][T12720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.777898][T12720] RIP: 0033:0x7f3495d8cd29 [ 420.777917][T12720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.777938][T12720] RSP: 002b:00007f3496c5a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 420.777960][T12720] RAX: ffffffffffffffda RBX: 00007f3495fa6080 RCX: 00007f3495d8cd29 [ 420.777975][T12720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000007f [ 420.777988][T12720] RBP: 00007f3496c5a090 R08: 0000000000000000 R09: 0000000000000000 [ 420.778001][T12720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 420.778014][T12720] R13: 0000000000000000 R14: 00007f3495fa6080 R15: 00007ffca1566448 [ 420.778045][T12720] [ 420.842113][T12722] vivid-013: ================= START STATUS ================= [ 421.077039][T12722] vivid-013: Generate PTS: true [ 421.081967][T12722] vivid-013: Generate SCR: true [ 421.089141][T12722] tpg source WxH: 640x360 (Y'CbCr) [ 421.100450][T12722] tpg field: 1 [ 421.105878][T12722] tpg crop: 640x360@0x0 [ 421.140602][T12722] tpg compose: 640x360@0x0 [ 421.151054][T12722] tpg colorspace: 8 [ 421.168457][T12722] tpg transfer function: 0/0 [ 421.182790][T12722] tpg Y'CbCr encoding: 0/0 [ 421.187306][T12722] tpg quantization: 0/0 [ 421.193222][T12722] tpg RGB range: 0/2 [ 421.197145][T12722] vivid-013: ================== END STATUS ================== [ 421.210188][T12721] vivid-013: ================= START STATUS ================= [ 421.218917][T12721] vivid-013: Generate PTS: true [ 421.231902][T12721] vivid-013: Generate SCR: true [ 421.242012][T12721] tpg source WxH: 640x360 (Y'CbCr) [ 421.250796][T12721] tpg field: 1 [ 421.255827][T12721] tpg crop: 640x360@0x0 [ 421.262296][T12721] tpg compose: 640x360@0x0 [ 421.270545][T12721] tpg colorspace: 8 [ 421.277133][T12721] tpg transfer function: 0/0 /[ 421.284169][T12721] tpg Y'CbCr encoding: 0/0 [ 421.290902][T12721] tpg quantization: 0/0 [ 421.297407][T12721] tpg RGB range: 0/2 [ 421.306110][T12721] vivid-013: ================== END STATUS ================== [ 421.581373][T12735] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1740'. [ 421.621206][T12737] netdevsim netdevsim110194 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 421.772162][T12739] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1742'. /[ 422.297691][T12757] FAULT_INJECTION: forcing a failure. [ 422.297691][T12757] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 422.311462][T12757] CPU: 0 UID: 0 PID: 12757 Comm: syz.2.1748 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 422.311492][T12757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 422.311504][T12757] Call Trace: [ 422.311511][T12757] [ 422.311520][T12757] dump_stack_lvl+0x16c/0x1f0 [ 422.311553][T12757] should_fail_ex+0x497/0x5b0 [ 422.311581][T12757] _copy_to_user+0x32/0xd0 [ 422.311611][T12757] simple_read_from_buffer+0xd0/0x160 [ 422.311645][T12757] proc_fail_nth_read+0x198/0x270 [ 422.311675][T12757] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 422.311707][T12757] ? rw_verify_area+0xcf/0x680 [ 422.311737][T12757] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 422.311766][T12757] vfs_read+0x1df/0xbf0 [ 422.311798][T12757] ? __fget_files+0x1fc/0x3a0 [ 422.311820][T12757] ? __pfx___mutex_lock+0x10/0x10 [ 422.311848][T12757] ? __pfx_vfs_read+0x10/0x10 [ 422.311887][T12757] ? __fget_files+0x206/0x3a0 [ 422.311918][T12757] ksys_read+0x12b/0x250 [ 422.311949][T12757] ? __pfx_ksys_read+0x10/0x10 [ 422.311998][T12757] do_syscall_64+0xcd/0x250 [ 422.312029][T12757] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.312060][T12757] RIP: 0033:0x7f35f218b73c [ 422.312079][T12757] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 422.312100][T12757] RSP: 002b:00007f35f2fa5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 422.312120][T12757] RAX: ffffffffffffffda RBX: 00007f35f23a5fa0 RCX: 00007f35f218b73c [ 422.312135][T12757] RDX: 000000000000000f RSI: 00007f35f2fa50a0 RDI: 0000000000000004 [ 422.312149][T12757] RBP: 00007f35f2fa5090 R08: 0000000000000000 R09: 0000000000000000 [ 422.312162][T12757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 422.312175][T12757] R13: 0000000000000000 R14: 00007f35f23a5fa0 R15: 00007ffce2a423c8 [ 422.312206][T12757] [ 423.246233][T12771] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1752'. [ 423.463801][T12772] vivid-013: ================= START STATUS ================= [ 423.471498][T12772] vivid-013: Generate PTS: true [ 423.509279][T12772] vivid-013: Generate SCR: true [ 423.528245][T12772] tpg source WxH: 640x360 (Y'CbCr) [ 423.546244][T12772] tpg field: 1 [ 423.549664][T12772] tpg crop: 640x360@0x0 [ 423.562659][T12772] tpg compose: 640x360@0x0 [ 423.572809][T12772] tpg colorspace: 8 [ 423.576653][T12772] tpg transfer function: 0/0 [ 423.601746][T12772] tpg Y'CbCr encoding: 0/0 [ 423.608803][T12772] tpg quantization: 0/0 [ 423.615439][T12772] tpg RGB range: 0/2 [ 423.623355][T12772] vivid-013: ================== END STATUS ================== [ 424.049451][T12786] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1755'. [ 424.269026][T12791] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1765'. [ 425.101051][T12810] vivid-013: ================= START STATUS ================= [ 425.151704][T12810] vivid-013: Generate PTS: true [ 425.174732][T12810] vivid-013: Generate SCR: true [ 425.179662][T12810] tpg source WxH: 640x360 (Y'CbCr) [ 425.225383][T12810] tpg field: 1 [ 425.240208][T12810] tpg crop: 640x360@0x0 [ 425.245092][T12810] tpg compose: 640x360@0x0 [ 425.252210][T12810] tpg colorspace: 8 [ 425.257348][T12810] tpg transfer function: 0/0 [ 425.265335][T12810] tpg Y'CbCr encoding: 0/0 [ 425.270267][T12810] tpg quantization: 0/0 [ 425.290324][T12810] tpg RGB range: 0/2 [ 425.306470][T12810] vivid-013: ================== END STATUS ================== [ 425.340580][T12812] vivid-013: ================= START STATUS ================= [ 425.360460][T12812] vivid-013: Generate PTS: true [ 425.372036][T12812] vivid-013: Generate SCR: true [ 425.393262][T12812] tpg source WxH: 640x360 (Y'CbCr) [ 425.398552][T12812] tpg field: 1 [ 425.409652][T12812] tpg crop: 640x360@0x0 [ 425.416226][T12812] tpg compose: 640x360@0x0 [ 425.423787][T12812] tpg colorspace: 8 [ 425.431077][T12812] tpg transfer function: 0/0 [ 425.438212][T12812] tpg Y'CbCr encoding: 0/0 [ 425.447473][T12812] tpg quantization: 0/0 [ 425.457319][T12812] tpg RGB range: 0/2 [ 425.470445][T12812] vivid-013: ================== END STATUS ================== [ 425.724441][T12829] FAULT_INJECTION: forcing a failure. [ 425.724441][T12829] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 425.774171][T12829] CPU: 1 UID: 0 PID: 12829 Comm: syz.3.1767 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 425.774204][T12829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 425.774217][T12829] Call Trace: [ 425.774224][T12829] [ 425.774233][T12829] dump_stack_lvl+0x16c/0x1f0 [ 425.774267][T12829] should_fail_ex+0x497/0x5b0 [ 425.774296][T12829] _copy_to_user+0x32/0xd0 [ 425.774325][T12829] simple_read_from_buffer+0xd0/0x160 [ 425.774360][T12829] proc_fail_nth_read+0x198/0x270 [ 425.774391][T12829] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 425.774424][T12829] ? rw_verify_area+0xcf/0x680 [ 425.774454][T12829] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 425.774483][T12829] vfs_read+0x1df/0xbf0 [ 425.774515][T12829] ? __fget_files+0x1fc/0x3a0 [ 425.774537][T12829] ? __pfx___mutex_lock+0x10/0x10 [ 425.774566][T12829] ? __pfx_vfs_read+0x10/0x10 [ 425.774606][T12829] ? __fget_files+0x206/0x3a0 [ 425.774637][T12829] ksys_read+0x12b/0x250 [ 425.774668][T12829] ? __pfx_ksys_read+0x10/0x10 [ 425.774710][T12829] do_syscall_64+0xcd/0x250 [ 425.774742][T12829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.774774][T12829] RIP: 0033:0x7f885318b73c [ 425.774792][T12829] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 425.774813][T12829] RSP: 002b:00007f8852ff9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 425.774835][T12829] RAX: ffffffffffffffda RBX: 00007f88533a5fa0 RCX: 00007f885318b73c [ 425.774857][T12829] RDX: 000000000000000f RSI: 00007f8852ff90a0 RDI: 0000000000000004 [ 425.774871][T12829] RBP: 00007f8852ff9090 R08: 0000000000000000 R09: 0000000000000000 [ 425.774884][T12829] R10: 000000000000fffd R11: 0000000000000246 R12: 0000000000000001 [ 425.774898][T12829] R13: 0000000000000000 R14: 00007f88533a5fa0 R15: 00007ffc9ef16648 [ 425.774930][T12829] [ 425.966935][ C1] vkms_vblank_simulate: vblank timer overrun [ 426.313260][T12837] vivid-013: ================= START STATUS ================= [ 426.320988][T12837] vivid-013: Generate PTS: true [ 426.332721][T12837] vivid-013: Generate SCR: true [ 426.337677][T12837] tpg source WxH: 640x360 (Y'CbCr) [ 426.352699][T12837] tpg field: 1 [ 426.356137][T12837] tpg crop: 640x360@0x0 [ 426.360313][T12837] tpg compose: 640x360@0x0 [ 426.364929][T12837] tpg colorspace: 8 [ 426.368757][T12837] tpg transfer function: 0/0 [ 426.373603][T12837] tpg Y'CbCr encoding: 0/0 [ 426.382783][T12837] tpg quantization: 0/0 [ 426.392724][T12837] tpg RGB range: 0/2 [ 426.396746][T12837] vivid-013: ================== END STATUS ================== [ 427.277780][T12859] vivid-013: ================= START STATUS ================= [ 427.285606][T12859] vivid-013: Generate PTS: true [ 427.290638][T12859] vivid-013: Generate SCR: true [ 427.295650][T12859] tpg source WxH: 640x360 (Y'CbCr) [ 427.300786][T12859] tpg field: 1 [ 427.305240][T12859] tpg crop: 640x360@0x0 [ 427.309662][T12859] tpg compose: 640x360@0x0 [ 427.314186][T12859] tpg colorspace: 8 [ 427.318011][T12859] tpg transfer function: 0/0 [ 427.332651][T12859] tpg Y'CbCr encoding: 0/0 [ 427.338048][T12859] tpg quantization: 0/0 [ 427.342231][T12859] tpg RGB range: 0/2 [ 427.360898][T12859] vivid-013: ================== END STATUS ================== [ 427.690310][T12876] vivid-013: ================= START STATUS ================= [ 427.712810][T12876] vivid-013: Generate PTS: true [ 427.717741][T12876] vivid-013: Generate SCR: true [ 427.723255][T12876] tpg source WxH: 640x360 (Y'CbCr) [ 427.728395][T12876] tpg field: 1 [ 427.731791][T12876] tpg crop: 640x360@0x0 [ 427.756551][T12876] tpg compose: 640x360@0x0 [ 427.761167][T12876] tpg colorspace: 8 [ 427.772679][T12876] tpg transfer function: 0/0 [ 427.777805][T12876] tpg Y'CbCr encoding: 0/0 [ 427.802686][T12876] tpg quantization: 0/0 [ 427.806881][T12876] tpg RGB range: 0/2 [ 427.810790][T12876] vivid-013: ================== END STATUS ================== [ 427.956520][T12888] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1784'. [ 429.423525][T12922] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1791'. [ 429.536865][T12922] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.770035][T12922] bridge_slave_1 (unregistering): left allmulticast mode [ 429.784004][T12922] bridge_slave_1 (unregistering): left promiscuous mode [ 429.804112][T12922] bridge0: port 2(bridge_slave_1) entered disabled state [ 431.031901][T12951] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 431.041708][T12951] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 431.154820][T12926] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1794'. [ 431.383538][T12963] FAULT_INJECTION: forcing a failure. [ 431.383538][T12963] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 431.429039][T12963] CPU: 0 UID: 0 PID: 12963 Comm: syz.2.1803 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 431.429073][T12963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 431.429087][T12963] Call Trace: [ 431.429094][T12963] [ 431.429103][T12963] dump_stack_lvl+0x16c/0x1f0 [ 431.429137][T12963] should_fail_ex+0x497/0x5b0 [ 431.429166][T12963] _copy_to_user+0x32/0xd0 [ 431.429196][T12963] simple_read_from_buffer+0xd0/0x160 [ 431.429238][T12963] proc_fail_nth_read+0x198/0x270 [ 431.429269][T12963] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 431.429301][T12963] ? rw_verify_area+0xcf/0x680 [ 431.429331][T12963] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 431.429361][T12963] vfs_read+0x1df/0xbf0 [ 431.429393][T12963] ? __fget_files+0x1fc/0x3a0 [ 431.429416][T12963] ? __pfx___mutex_lock+0x10/0x10 [ 431.429446][T12963] ? __pfx_vfs_read+0x10/0x10 [ 431.429487][T12963] ? __fget_files+0x206/0x3a0 [ 431.429519][T12963] ksys_read+0x12b/0x250 [ 431.429551][T12963] ? __pfx_ksys_read+0x10/0x10 [ 431.429594][T12963] do_syscall_64+0xcd/0x250 [ 431.429626][T12963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.429656][T12963] RIP: 0033:0x7f35f218b73c [ 431.429675][T12963] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 431.429697][T12963] RSP: 002b:00007f35f2fa5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 431.429719][T12963] RAX: ffffffffffffffda RBX: 00007f35f23a5fa0 RCX: 00007f35f218b73c [ 431.429734][T12963] RDX: 000000000000000f RSI: 00007f35f2fa50a0 RDI: 0000000000000004 [ 431.429748][T12963] RBP: 00007f35f2fa5090 R08: 0000000000000000 R09: 0000000000000000 [ 431.429762][T12963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 431.429776][T12963] R13: 0000000000000000 R14: 00007f35f23a5fa0 R15: 00007ffce2a423c8 [ 431.429808][T12963] /[ 432.259393][T12988] vivid-013: ================= START STATUS ================= [ 432.295623][T12988] vivid-013: Generate PTS: true [ 432.314887][T12988] vivid-013: Generate SCR: true [ 432.334815][T12988] tpg source WxH: 640x360 (Y'CbCr) [ 432.350312][T12988] tpg field: 1 [ 432.359459][T12988] tpg crop: 640x360@0x0 [ 432.368949][T12988] tpg compose: 640x360@0x0 [ 432.377740][T12988] tpg colorspace: 8 [ 432.421595][T12988] tpg transfer function: 0/0 [ 432.450285][T12988] tpg Y'CbCr encoding: 0/0 [ 432.481658][T12988] tpg quantization: 0/0 [ 432.497265][T12988] tpg RGB range: 0/2 [ 432.516497][T12988] vivid-013: ================== END STATUS ================== [ 432.716862][T12977] delete_channel: no stack [ 433.077516][T12999] Process accounting resumed [ 433.239577][T13009] FAULT_INJECTION: forcing a failure. [ 433.239577][T13009] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 433.261602][T13009] CPU: 1 UID: 0 PID: 13009 Comm: syz.1.1814 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 433.261634][T13009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 433.261649][T13009] Call Trace: [ 433.261656][T13009] [ 433.261664][T13009] dump_stack_lvl+0x16c/0x1f0 [ 433.261701][T13009] should_fail_ex+0x497/0x5b0 [ 433.261723][T13009] ? fs_reclaim_acquire+0xae/0x150 [ 433.261762][T13009] should_fail_alloc_page+0xe7/0x130 [ 433.261791][T13009] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 433.261822][T13009] ? __pfx_mark_lock+0x10/0x10 [ 433.261846][T13009] ? hlock_class+0x4e/0x130 [ 433.261882][T13009] __alloc_pages_noprof+0x18e/0x2470 [ 433.261908][T13009] ? __lock_acquire+0xcc5/0x3c40 [ 433.261934][T13009] ? hlock_class+0x4e/0x130 [ 433.261967][T13009] ? mark_lock+0xb5/0xc60 [ 433.261997][T13009] ? __pfx_mark_lock+0x10/0x10 [ 433.262025][T13009] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 433.262058][T13009] ? hlock_class+0x4e/0x130 [ 433.262092][T13009] ? hlock_class+0x4e/0x130 [ 433.262135][T13009] ? mark_lock+0xb5/0xc60 [ 433.262162][T13009] ? __pfx_mark_lock+0x10/0x10 [ 433.262189][T13009] ? hlock_class+0x4e/0x130 [ 433.262220][T13009] ? __lock_acquire+0xcc5/0x3c40 [ 433.262243][T13009] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 433.262274][T13009] ? policy_nodemask+0xea/0x4e0 [ 433.262302][T13009] alloc_pages_mpol_noprof+0x2c8/0x620 [ 433.262332][T13009] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 433.262363][T13009] ? hlock_class+0x4e/0x130 [ 433.262396][T13009] ? hlock_class+0x4e/0x130 [ 433.262431][T13009] folio_alloc_mpol_noprof+0x36/0xd0 [ 433.262461][T13009] vma_alloc_folio_noprof+0xee/0x1b0 [ 433.262490][T13009] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 433.262520][T13009] ? find_held_lock+0x2d/0x110 [ 433.262563][T13009] do_pte_missing+0x2017/0x3e00 [ 433.262601][T13009] __handle_mm_fault+0x1166/0x2c60 [ 433.262631][T13009] ? __pfx___handle_mm_fault+0x10/0x10 [ 433.262655][T13009] ? follow_page_pte+0x3c3/0x1b20 [ 433.262679][T13009] ? __pfx_lock_release+0x10/0x10 [ 433.262719][T13009] ? follow_page_pte+0x3f7/0x1b20 [ 433.262750][T13009] handle_mm_fault+0x3fa/0xaa0 [ 433.262782][T13009] __get_user_pages+0x8d9/0x3b50 [ 433.262815][T13009] ? __pfx_mt_find+0x10/0x10 [ 433.262846][T13009] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 433.262875][T13009] ? __pfx___get_user_pages+0x10/0x10 [ 433.262903][T13009] ? __mm_populate+0x21d/0x380 [ 433.262935][T13009] populate_vma_page_range+0x27f/0x3a0 [ 433.262964][T13009] ? __pfx_populate_vma_page_range+0x10/0x10 [ 433.262990][T13009] ? __pfx_find_vma_intersection+0x10/0x10 [ 433.263027][T13009] ? vm_mmap_pgoff+0x29b/0x3a0 [ 433.263057][T13009] __mm_populate+0x1d6/0x380 [ 433.263085][T13009] ? __pfx___mm_populate+0x10/0x10 [ 433.263121][T13009] ? up_write+0x1b2/0x520 [ 433.263156][T13009] vm_mmap_pgoff+0x2d3/0x3a0 [ 433.263186][T13009] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 433.263217][T13009] ? __x64_sys_futex+0x1e1/0x4c0 [ 433.263241][T13009] ? __x64_sys_futex+0x1ea/0x4c0 [ 433.263271][T13009] ksys_mmap_pgoff+0x7d/0x5c0 [ 433.263306][T13009] ? rcu_is_watching+0x12/0xc0 [ 433.263344][T13009] __x64_sys_mmap+0x125/0x190 [ 433.263380][T13009] do_syscall_64+0xcd/0x250 [ 433.263413][T13009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.263445][T13009] RIP: 0033:0x7f3495d8cd29 [ 433.263465][T13009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.263489][T13009] RSP: 002b:00007f3496c7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 433.263511][T13009] RAX: ffffffffffffffda RBX: 00007f3495fa5fa0 RCX: 00007f3495d8cd29 [ 433.263527][T13009] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 433.263541][T13009] RBP: 00007f3495e0e2a0 R08: 0000000000000007 R09: 0000000000028000 [ 433.263556][T13009] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 433.263570][T13009] R13: 0000000000000000 R14: 00007f3495fa5fa0 R15: 00007ffca1566448 [ 433.263603][T13009] /[ 434.375321][T13020] FAULT_INJECTION: forcing a failure. [ 434.375321][T13020] name fail_futex, interval 1, probability 0, space 0, times 0 [ 434.461633][T13020] CPU: 0 UID: 0 PID: 13020 Comm: syz.2.1816 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 434.461677][T13020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 434.461692][T13020] Call Trace: [ 434.461700][T13020] [ 434.461710][T13020] dump_stack_lvl+0x16c/0x1f0 [ 434.461747][T13020] should_fail_ex+0x497/0x5b0 [ 434.461776][T13020] get_futex_key+0x4a3/0x1000 [ 434.461814][T13020] ? kasan_save_stack+0x42/0x60 [ 434.461841][T13020] ? kasan_save_free_info+0x3b/0x60 [ 434.461875][T13020] ? __pfx_get_futex_key+0x10/0x10 [ 434.461917][T13020] ? do_syscall_64+0xcd/0x250 [ 434.461962][T13020] futex_wake+0xe8/0x4e0 [ 434.461993][T13020] ? __pfx_futex_wake+0x10/0x10 [ 434.462036][T13020] do_futex+0x1e5/0x350 [ 434.462060][T13020] ? __pfx_do_futex+0x10/0x10 [ 434.462082][T13020] ? kasan_quarantine_put+0x10a/0x240 [ 434.462106][T13020] ? lockdep_hardirqs_on+0x7c/0x110 [ 434.462142][T13020] __x64_sys_futex+0x1e1/0x4c0 [ 434.462170][T13020] ? __pfx___x64_sys_futex+0x10/0x10 [ 434.462195][T13020] ? __pfx___x64_sys_mount+0x10/0x10 [ 434.462230][T13020] do_syscall_64+0xcd/0x250 [ 434.462260][T13020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.462292][T13020] RIP: 0033:0x7f35f218cd29 [ 434.462312][T13020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.462337][T13020] RSP: 002b:00007f35f2fa50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 434.462360][T13020] RAX: ffffffffffffffda RBX: 00007f35f23a5fa8 RCX: 00007f35f218cd29 [ 434.462376][T13020] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f35f23a5fac [ 434.462391][T13020] RBP: 00007f35f23a5fa0 R08: 00007f35f2fa6000 R09: 0000000000000000 [ 434.462404][T13020] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35f23a5fac [ 434.462418][T13020] R13: 0000000000000000 R14: 00007ffce2a422e0 R15: 00007ffce2a423c8 [ 434.462446][T13020] [ 434.983235][T13037] can: request_module (can-proto-5) failed. [ 435.603564][T13066] vivid-013: ================= START STATUS ================= [ 435.652172][T13066] vivid-013: Generate PTS: true [ 435.661895][T13066] vivid-013: Generate SCR: true [ 435.682003][T13066] tpg source WxH: 640x360 (Y'CbCr) [ 435.706395][T13066] tpg field: 1 [ 435.721036][T13066] tpg crop: 640x360@0x0 [ 435.786182][T13066] tpg compose: 640x360@0x0 [ 435.790664][T13066] tpg colorspace: 8 [ 435.817629][T13066] tpg transfer function: 0/0 [ 435.842677][T13066] tpg Y'CbCr encoding: 0/0 [ 435.859728][T13066] tpg quantization: 0/0 [ 435.882199][T13066] tpg RGB range: 0/2 [ 435.898762][T13066] vivid-013: ================== END STATUS ================== [ 435.902946][ T29] audit: type=1800 audit(4294967475.794:18): pid=13061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1827" name="features" dev="configfs" ino=39898 res=0 errno=0 [ 436.022051][T13089] vivid-013: ================= START STATUS ================= [ 436.063788][T13089] vivid-013: Generate PTS: true [ 436.096251][T13089] vivid-013: Generate SCR: true [ 436.133312][T13089] tpg source WxH: 640x360 (Y'CbCr) [ 436.138479][T13089] tpg field: 1 [ 436.141871][T13089] tpg crop: 640x360@0x0 [ 436.197942][T13089] tpg compose: 640x360@0x0 [ 436.229774][T13089] tpg colorspace: 8 [ 436.240485][T13089] tpg transfer function: 0/0 [ 436.266025][T13089] tpg Y'CbCr encoding: 0/0 [ 436.288182][T13089] tpg quantization: 0/0 [ 436.311614][T13089] tpg RGB range: 0/2 [ 436.318971][T13089] vivid-013: ================== END STATUS ================== /[ 437.156207][T13104] vivid-013: ================= START STATUS ================= [ 437.164008][T13104] vivid-013: Generate PTS: true [ 437.168972][T13104] vivid-013: Generate SCR: true [ 437.173961][T13104] tpg source WxH: 640x360 (Y'CbCr) [ 437.179159][T13104] tpg field: 1 [ 437.182637][T13104] tpg crop: 640x360@0x0 [ 437.186815][T13104] tpg compose: 640x360@0x0 [ 437.211628][T13104] tpg colorspace: 8 [ 437.215527][T13104] tpg transfer function: 0/0 [ 437.220142][T13104] tpg Y'CbCr encoding: 0/0 [ 437.242794][T13104] tpg quantization: 0/0 [ 437.246996][T13104] tpg RGB range: 0/2 [ 437.250900][T13104] vivid-013: ================== END STATUS ================== [ 438.033047][T13118] zswap: compressor not available [ 438.038951][T13125] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ /[ 438.784561][T13141] netlink: 'syz.2.1841': attribute type 21 has an invalid length. [ 438.810778][T13141] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1841'. [ 438.832991][T13148] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 438.903418][T13146] vivid-013: ================= START STATUS ================= [ 438.923009][T13146] vivid-013: Generate PTS: true [ 438.927940][T13146] vivid-013: Generate SCR: true [ 438.948554][T13146] tpg source WxH: 640x360 (Y'CbCr) [ 438.953927][T13146] tpg field: 1 [ 438.957341][T13146] tpg crop: 640x360@0x0 [ 438.981811][T13146] tpg compose: 640x360@0x0 [ 438.991939][T13146] tpg colorspace: 8 [ 439.012731][T13146] tpg transfer function: 0/0 [ 439.017367][T13146] tpg Y'CbCr encoding: 0/0 [ 439.043438][T13146] tpg quantization: 0/0 [ 439.047847][T13146] tpg RGB range: 0/2 [ 439.052014][T13146] vivid-013: ================== END STATUS ================== [ 439.084312][T13143] Process accounting resumed /[ 439.425318][T13167] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1848'. [ 439.490446][T13167] FAULT_INJECTION: forcing a failure. [ 439.490446][T13167] name failslab, interval 1, probability 0, space 0, times 0 [ 439.506862][T13167] CPU: 0 UID: 0 PID: 13167 Comm: syz.1.1848 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 439.506893][T13167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 439.506906][T13167] Call Trace: [ 439.506913][T13167] [ 439.506922][T13167] dump_stack_lvl+0x16c/0x1f0 [ 439.506955][T13167] should_fail_ex+0x497/0x5b0 [ 439.506977][T13167] ? fs_reclaim_acquire+0xae/0x150 [ 439.507012][T13167] should_failslab+0xc2/0x120 [ 439.507040][T13167] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 439.507065][T13167] ? mark_held_locks+0x9f/0xe0 [ 439.507099][T13167] ? __alloc_skb+0x2b3/0x380 [ 439.507133][T13167] __alloc_skb+0x2b3/0x380 [ 439.507161][T13167] ? __pfx___alloc_skb+0x10/0x10 [ 439.507193][T13167] ? arp_mc_map+0x22d/0xa60 [ 439.507218][T13167] ? __igmp_group_dropped+0x337/0xff0 [ 439.507253][T13167] inet_ifmcaddr_notify+0xb6/0x640 [ 439.507281][T13167] ? __pfx___igmp_group_dropped+0x10/0x10 [ 439.507312][T13167] ? __pfx_inet_ifmcaddr_notify+0x10/0x10 [ 439.507353][T13167] __ip_mc_dec_group+0x442/0x5b0 [ 439.507387][T13167] inetdev_event+0x3dd/0x16b0 [ 439.507412][T13167] ? __pfx_inetdev_event+0x10/0x10 [ 439.507432][T13167] ? __pfx_ib_netdevice_event+0x10/0x10 [ 439.507458][T13167] ? cfg802154_netdev_notifier_call+0x391/0xa00 [ 439.507487][T13167] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 439.507521][T13167] notifier_call_chain+0xb7/0x410 [ 439.507555][T13167] ? __pfx_inetdev_event+0x10/0x10 [ 439.507581][T13167] call_netdevice_notifiers_info+0xbe/0x140 [ 439.507618][T13167] __dev_notify_flags+0x1f9/0x2e0 [ 439.507651][T13167] ? __pfx___dev_notify_flags+0x10/0x10 [ 439.507677][T13167] ? __dev_change_flags+0x3d9/0x720 [ 439.507708][T13167] ? __pfx___dev_change_flags+0x10/0x10 [ 439.507738][T13167] ? __lock_acquire+0x15a9/0x3c40 [ 439.507768][T13167] dev_change_flags+0x10c/0x160 [ 439.507800][T13167] do_setlink.constprop.0+0x17b9/0x3f20 [ 439.507834][T13167] ? __pfx_vprintk_emit+0x10/0x10 [ 439.507865][T13167] ? __pfx_lock_release+0x10/0x10 [ 439.507893][T13167] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 439.507922][T13167] ? lock_acquire.part.0+0x11b/0x380 [ 439.507956][T13167] ? __mutex_trylock_common+0xea/0x250 [ 439.507985][T13167] ? __pfx___mutex_trylock_common+0x10/0x10 [ 439.508014][T13167] ? rtnl_newlink+0x5e4/0x1d70 [ 439.508043][T13167] ? rcu_is_watching+0x12/0xc0 [ 439.508082][T13167] ? trace_contention_end+0xee/0x140 [ 439.508112][T13167] ? __mutex_lock+0x1cc/0xb10 [ 439.508141][T13167] ? rcu_is_watching+0x12/0xc0 [ 439.508173][T13167] ? rtnl_newlink+0x5e4/0x1d70 [ 439.508201][T13167] ? __pfx___mutex_lock+0x10/0x10 [ 439.508229][T13167] ? apparmor_capable+0x114/0x1d0 [ 439.508268][T13167] ? netlink_ns_capable+0xfa/0x130 [ 439.508296][T13167] rtnl_newlink+0x131c/0x1d70 [ 439.508331][T13167] ? __pfx_rtnl_newlink+0x10/0x10 [ 439.508367][T13167] ? __pfx___lock_acquire+0x10/0x10 [ 439.508391][T13167] ? kmem_cache_free+0x152/0x4c0 [ 439.508415][T13167] ? aa_get_newest_label+0x376/0x680 [ 439.508441][T13167] ? find_held_lock+0x2d/0x110 [ 439.508478][T13167] ? find_held_lock+0x2d/0x110 [ 439.508515][T13167] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 439.508542][T13167] ? __pfx_lock_release+0x10/0x10 [ 439.508567][T13167] ? trace_lock_acquire+0x14e/0x1f0 [ 439.508596][T13167] ? __pfx_rtnl_newlink+0x10/0x10 [ 439.508625][T13167] rtnetlink_rcv_msg+0x95b/0xea0 [ 439.508657][T13167] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 439.508684][T13167] ? __pfx___dev_queue_xmit+0x10/0x10 [ 439.508723][T13167] netlink_rcv_skb+0x165/0x410 [ 439.508750][T13167] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 439.508782][T13167] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 439.508825][T13167] ? netlink_deliver_tap+0x1ae/0xca0 [ 439.508856][T13167] netlink_unicast+0x53c/0x7f0 [ 439.508885][T13167] ? __pfx_netlink_unicast+0x10/0x10 [ 439.508912][T13167] ? __phys_addr_symbol+0x30/0x80 [ 439.508945][T13167] ? __check_object_size+0x488/0x710 [ 439.508976][T13167] netlink_sendmsg+0x8b8/0xd70 [ 439.509007][T13167] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.509046][T13167] ____sys_sendmsg+0x9ae/0xb40 [ 439.509070][T13167] ? copy_msghdr_from_user+0x10b/0x160 [ 439.509106][T13167] ? __pfx_____sys_sendmsg+0x10/0x10 [ 439.509146][T13167] ___sys_sendmsg+0x135/0x1e0 [ 439.509179][T13167] ? __pfx____sys_sendmsg+0x10/0x10 [ 439.509223][T13167] ? __pfx_lock_release+0x10/0x10 [ 439.509248][T13167] ? trace_lock_acquire+0x14e/0x1f0 [ 439.509281][T13167] ? __fget_files+0x206/0x3a0 [ 439.509311][T13167] __sys_sendmsg+0x16e/0x220 [ 439.509342][T13167] ? __pfx___sys_sendmsg+0x10/0x10 [ 439.509394][T13167] do_syscall_64+0xcd/0x250 [ 439.509425][T13167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.509456][T13167] RIP: 0033:0x7f3495d8cd29 [ 439.509475][T13167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.509496][T13167] RSP: 002b:00007f3496c7b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 439.509517][T13167] RAX: ffffffffffffffda RBX: 00007f3495fa5fa0 RCX: 00007f3495d8cd29 [ 439.509532][T13167] RDX: 0000000004004010 RSI: 0000000020000140 RDI: 0000000000000006 [ 439.509546][T13167] RBP: 00007f3496c7b090 R08: 0000000000000000 R09: 0000000000000000 [ 439.509559][T13167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 439.509572][T13167] R13: 0000000000000000 R14: 00007f3495fa5fa0 R15: 00007ffca1566448 [ 439.509602][T13167] [ 440.506341][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.512732][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.104043][T13199] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 441.478349][T13208] netlink: 'syz.3.1859': attribute type 21 has an invalid length. [ 441.506667][T13208] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1859'. [ 442.014061][ T29] audit: type=1800 audit(4294967481.914:19): pid=13217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1863" name="features" dev="configfs" ino=40480 res=0 errno=0 [ 442.235071][T13223] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1864'. [ 442.892734][T13240] HfR: entered promiscuous mode [ 442.900638][T13241] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1868'. [ 442.910268][T13241] HfR: left promiscuous mode [ 442.944110][T13243] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 443.522764][T13263] vivid-013: ================= START STATUS ================= [ 443.537809][T13264] FAULT_INJECTION: forcing a failure. [ 443.537809][T13264] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 443.554203][T13263] vivid-013: Generate PTS: true [ 443.559201][T13263] vivid-013: Generate SCR: true [ 443.564556][T13264] CPU: 0 UID: 0 PID: 13264 Comm: syz.0.1873 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 443.564585][T13264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 443.564599][T13264] Call Trace: [ 443.564606][T13264] [ 443.564614][T13264] dump_stack_lvl+0x16c/0x1f0 [ 443.564653][T13264] should_fail_ex+0x497/0x5b0 [ 443.564682][T13264] _copy_from_iter+0x29b/0x1400 [ 443.564710][T13264] ? trace_lock_acquire+0x14e/0x1f0 [ 443.564733][T13264] ? __alloc_skb+0x200/0x380 [ 443.564762][T13264] ? __pfx__copy_from_iter+0x10/0x10 [ 443.564787][T13264] ? __virt_addr_valid+0x1a4/0x590 [ 443.564825][T13264] ? __virt_addr_valid+0x5e/0x590 [ 443.564857][T13264] ? __phys_addr_symbol+0x30/0x80 [ 443.564889][T13264] ? __check_object_size+0x488/0x710 [ 443.564919][T13264] netlink_sendmsg+0x813/0xd70 [ 443.564951][T13264] ? __pfx_netlink_sendmsg+0x10/0x10 [ 443.564988][T13264] ____sys_sendmsg+0x9ae/0xb40 [ 443.565011][T13264] ? copy_msghdr_from_user+0x10b/0x160 [ 443.565041][T13264] ? __pfx_____sys_sendmsg+0x10/0x10 [ 443.565062][T13264] ? __lock_acquire+0xcc5/0x3c40 [ 443.565092][T13264] ? hlock_class+0x4e/0x130 [ 443.565123][T13264] ? __lock_acquire+0x15a9/0x3c40 [ 443.565156][T13264] ___sys_sendmsg+0x135/0x1e0 [ 443.565188][T13264] ? __pfx____sys_sendmsg+0x10/0x10 [ 443.565216][T13264] ? __pfx___lock_acquire+0x10/0x10 [ 443.565271][T13264] ? __pfx___might_resched+0x10/0x10 [ 443.565299][T13264] ? __might_fault+0xe3/0x190 [ 443.565337][T13264] __sys_sendmmsg+0x201/0x420 [ 443.565371][T13264] ? __pfx___sys_sendmmsg+0x10/0x10 [ 443.565412][T13264] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 443.565453][T13264] ? fput+0x67/0x440 [ 443.565479][T13264] ? ksys_write+0x1ba/0x250 [ 443.565510][T13264] ? __pfx_ksys_write+0x10/0x10 [ 443.565548][T13264] __x64_sys_sendmmsg+0x9c/0x100 [ 443.565577][T13264] ? lockdep_hardirqs_on+0x7c/0x110 [ 443.565604][T13264] do_syscall_64+0xcd/0x250 [ 443.565634][T13264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 443.565671][T13264] RIP: 0033:0x7fe01d98cd29 [ 443.565689][T13264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 443.565711][T13264] RSP: 002b:00007fe01e876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 443.565731][T13264] RAX: ffffffffffffffda RBX: 00007fe01dba5fa0 RCX: 00007fe01d98cd29 [ 443.565746][T13264] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 443.565760][T13264] RBP: 00007fe01e876090 R08: 0000000000000000 R09: 0000000000000000 [ 443.565773][T13264] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 443.565787][T13264] R13: 0000000000000000 R14: 00007fe01dba5fa0 R15: 00007ffd17398578 [ 443.565817][T13264] [ 443.848801][T13263] tpg source WxH: 640x360 (Y'CbCr) [ 443.854043][T13263] tpg field: 1 [ 443.857461][T13263] tpg crop: 640x360@0x0 [ 443.861645][T13263] tpg compose: 640x360@0x0 [ 443.866112][T13263] tpg colorspace: 8 [ 443.869924][T13263] tpg transfer function: 0/0 [ 443.874558][T13263] tpg Y'CbCr encoding: 0/0 [ 443.878990][T13263] tpg quantization: 0/0 [ 443.883188][T13263] tpg RGB range: 0/2 [ 443.887098][T13263] vivid-013: ================== END STATUS ================== [ 445.073844][T13299] Process accounting resumed [ 445.375551][T13301] vivid-013: ================= START STATUS ================= [ 445.402672][T13301] vivid-013: Generate PTS: true [ 445.422720][T13301] vivid-013: Generate SCR: true [ 445.427661][T13301] tpg source WxH: 640x360 (Y'CbCr) [ 445.472678][T13301] tpg field: 1 [ 445.476098][T13301] tpg crop: 640x360@0x0 [ 445.480272][T13301] tpg compose: 640x360@0x0 [ 445.514407][T13301] tpg colorspace: 8 [ 445.518285][T13301] tpg transfer function: 0/0 [ 445.535306][T13301] tpg Y'CbCr encoding: 0/0 [ 445.557263][T13301] tpg quantization: 0/0 [ 445.573768][T13301] tpg RGB range: 0/2 [ 445.587995][T13301] vivid-013: ================== END STATUS ================== [ 445.614967][T13305] vivid-013: ================= START STATUS ================= [ 445.641582][T13305] vivid-013: Generate PTS: true [ 445.696908][T13312] FAULT_INJECTION: forcing a failure. [ 445.696908][T13312] name failslab, interval 1, probability 0, space 0, times 0 [ 445.705111][T13305] vivid-013: Generate SCR: true [ 445.732839][T13312] CPU: 0 UID: 0 PID: 13312 Comm: syz.1.1890 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 445.732870][T13312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 445.732883][T13312] Call Trace: [ 445.732889][T13312] [ 445.732898][T13312] dump_stack_lvl+0x16c/0x1f0 [ 445.732933][T13312] should_fail_ex+0x497/0x5b0 [ 445.732955][T13312] ? fs_reclaim_acquire+0xae/0x150 [ 445.732990][T13312] should_failslab+0xc2/0x120 [ 445.733018][T13312] __kmalloc_cache_noprof+0x68/0x420 [ 445.733060][T13312] pty_common_install+0x10e/0xb30 [ 445.733091][T13312] ? __pfx_pty_install+0x10/0x10 [ 445.733116][T13312] tty_init_dev.part.0+0x99/0x660 [ 445.733149][T13312] tty_open+0xac1/0xf80 [ 445.733177][T13312] ? chrdev_open+0x10e/0x6a0 [ 445.733205][T13312] ? __pfx_tty_open+0x10/0x10 [ 445.733232][T13312] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 445.733264][T13312] ? lock_acquire+0x2f/0xb0 [ 445.733287][T13312] ? chrdev_open+0x80/0x6a0 [ 445.733313][T13312] ? __pfx_tty_open+0x10/0x10 [ 445.733342][T13312] chrdev_open+0x237/0x6a0 [ 445.733364][T13312] ? __pfx_apparmor_file_open+0x10/0x10 [ 445.733397][T13312] ? __pfx_chrdev_open+0x10/0x10 [ 445.733423][T13312] ? file_set_fsnotify_mode+0x163/0x5d0 [ 445.733457][T13312] do_dentry_open+0x735/0x1c40 [ 445.733489][T13312] ? __pfx_chrdev_open+0x10/0x10 [ 445.733511][T13312] ? inode_permission+0xdd/0x5f0 [ 445.733538][T13312] vfs_open+0x82/0x3f0 [ 445.733561][T13312] ? may_open+0x1f2/0x400 [ 445.733590][T13312] path_openat+0x1e88/0x2d80 [ 445.733624][T13312] ? __pfx_path_openat+0x10/0x10 [ 445.733642][T13312] ? __pfx___lock_acquire+0x10/0x10 [ 445.733664][T13312] ? lock_acquire.part.0+0x11b/0x380 [ 445.733689][T13312] ? find_held_lock+0x2d/0x110 [ 445.733733][T13312] do_filp_open+0x20c/0x470 [ 445.733754][T13312] ? __pfx_do_filp_open+0x10/0x10 [ 445.733765][T13305] tpg source WxH: 640x360 (Y'CbCr) [ 445.733771][T13312] ? find_held_lock+0x2d/0x110 [ 445.733819][T13312] ? alloc_fd+0x41f/0x760 [ 445.733861][T13312] do_sys_openat2+0x17a/0x1e0 [ 445.733886][T13312] ? __pfx_do_sys_openat2+0x10/0x10 [ 445.733916][T13312] ? __fget_files+0x206/0x3a0 [ 445.733942][T13312] __x64_sys_openat+0x175/0x210 [ 445.733969][T13312] ? __pfx___x64_sys_openat+0x10/0x10 [ 445.733994][T13312] ? ksys_write+0x1ba/0x250 [ 445.734037][T13312] do_syscall_64+0xcd/0x250 [ 445.734067][T13312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.734096][T13312] RIP: 0033:0x7f3495d8cd29 [ 445.734116][T13312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.734137][T13312] RSP: 002b:00007f3496c7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 445.734157][T13312] RAX: ffffffffffffffda RBX: 00007f3495fa5fa0 RCX: 00007f3495d8cd29 [ 445.734172][T13312] RDX: 0000000000020400 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 445.734186][T13312] RBP: 00007f3496c7b090 R08: 0000000000000000 R09: 0000000000000000 [ 445.734199][T13312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 445.734211][T13312] R13: 0000000000000001 R14: 00007f3495fa5fa0 R15: 00007ffca1566448 [ 445.734242][T13312] [ 446.077479][T13305] tpg field: 1 [ 446.151987][T13305] tpg crop: 640x360@0x0 [ 446.172617][T13305] tpg compose: 640x360@0x0 [ 446.197369][T13305] tpg colorspace: 8 [ 446.201219][T13305] tpg transfer function: 0/0 [ 446.267914][T13305] tpg Y'CbCr encoding: 0/0 [ 446.272389][T13305] tpg quantization: 0/0 [ 446.302679][T13305] tpg RGB range: 0/2 [ 446.322704][T13305] vivid-013: ================== END STATUS ================== [ 446.844490][T13327] FAULT_INJECTION: forcing a failure. [ 446.844490][T13327] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 446.887907][T13327] CPU: 1 UID: 0 PID: 13327 Comm: syz.3.1893 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 446.887939][T13327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 446.887953][T13327] Call Trace: [ 446.887960][T13327] [ 446.887968][T13327] dump_stack_lvl+0x16c/0x1f0 [ 446.888001][T13327] should_fail_ex+0x497/0x5b0 [ 446.888029][T13327] _copy_from_iter+0x29b/0x1400 [ 446.888057][T13327] ? trace_lock_acquire+0x14e/0x1f0 [ 446.888080][T13327] ? __alloc_skb+0x200/0x380 [ 446.888109][T13327] ? __pfx__copy_from_iter+0x10/0x10 [ 446.888134][T13327] ? __virt_addr_valid+0x1a4/0x590 [ 446.888172][T13327] ? __virt_addr_valid+0x5e/0x590 [ 446.888202][T13327] ? __phys_addr_symbol+0x30/0x80 [ 446.888242][T13327] ? __check_object_size+0x488/0x710 [ 446.888272][T13327] netlink_sendmsg+0x813/0xd70 [ 446.888304][T13327] ? __pfx_netlink_sendmsg+0x10/0x10 [ 446.888341][T13327] ____sys_sendmsg+0x9ae/0xb40 [ 446.888365][T13327] ? copy_msghdr_from_user+0x10b/0x160 [ 446.888395][T13327] ? __pfx_____sys_sendmsg+0x10/0x10 [ 446.888416][T13327] ? __lock_acquire+0xcc5/0x3c40 [ 446.888446][T13327] ? hlock_class+0x4e/0x130 [ 446.888476][T13327] ? __lock_acquire+0x15a9/0x3c40 [ 446.888509][T13327] ___sys_sendmsg+0x135/0x1e0 [ 446.888541][T13327] ? __pfx____sys_sendmsg+0x10/0x10 [ 446.888568][T13327] ? __pfx___lock_acquire+0x10/0x10 [ 446.888623][T13327] ? __pfx___might_resched+0x10/0x10 [ 446.888651][T13327] ? __might_fault+0xe3/0x190 [ 446.888685][T13327] __sys_sendmmsg+0x201/0x420 [ 446.888719][T13327] ? __pfx___sys_sendmmsg+0x10/0x10 [ 446.888760][T13327] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 446.888801][T13327] ? fput+0x67/0x440 [ 446.888827][T13327] ? ksys_write+0x1ba/0x250 [ 446.888859][T13327] ? __pfx_ksys_write+0x10/0x10 [ 446.888896][T13327] __x64_sys_sendmmsg+0x9c/0x100 [ 446.888926][T13327] ? lockdep_hardirqs_on+0x7c/0x110 [ 446.888952][T13327] do_syscall_64+0xcd/0x250 [ 446.888982][T13327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.889013][T13327] RIP: 0033:0x7f885318cd29 [ 446.889031][T13327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.889054][T13327] RSP: 002b:00007f8852fd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 446.889076][T13327] RAX: ffffffffffffffda RBX: 00007f88533a6080 RCX: 00007f885318cd29 [ 446.889091][T13327] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 446.889104][T13327] RBP: 00007f8852fd8090 R08: 0000000000000000 R09: 0000000000000000 [ 446.889118][T13327] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002 [ 446.889131][T13327] R13: 0000000000000000 R14: 00007f88533a6080 R15: 00007ffc9ef16648 [ 446.889161][T13327] [ 446.904488][T13326] netdevsim netdevsim106894 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.238371][T13331] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1896'. [ 447.506566][T13331] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 447.530747][T13331] bond0 (unregistering): Released all slaves [ 447.639290][T13336] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1898'. [ 448.712821][T13357] netdevsim netdevsim108127 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.765217][T13358] vivid-013: ================= START STATUS ================= [ 448.860588][T13358] vivid-013: Generate PTS: true [ 449.518079][T13363] synth uevent: /module/qat_c62x: unknown uevent action string [ 449.676573][T13358] vivid-013: Generate SCR: true [ 449.701943][T13358] tpg source WxH: 640x360 (Y'CbCr) [ 449.712044][T13358] tpg field: 1 [ 449.717829][T13358] tpg crop: 640x360@0x0 [ 449.730935][T13358] tpg compose: 640x360@0x0 [ 449.745918][T13358] tpg colorspace: 8 [ 449.757500][T13358] tpg transfer function: 0/0 [ 449.775002][T13358] tpg Y'CbCr encoding: 0/0 [ 449.786756][T13358] tpg quantization: 0/0 [ 449.799801][T13358] tpg RGB range: 0/2 [ 449.826208][T13358] vivid-013: ================== END STATUS ================== [ 450.276211][T13374] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1907'. [ 451.617305][T13392] vivid-013: ================= START STATUS ================= [ 451.632646][T13392] vivid-013: Generate PTS: true [ 451.637597][T13392] vivid-013: Generate SCR: true [ 451.642506][T13392] tpg source WxH: 640x360 (Y'CbCr) [ 451.662701][T13392] tpg field: 1 [ 451.666124][T13392] tpg crop: 640x360@0x0 [ 451.670302][T13392] tpg compose: 640x360@0x0 [ 451.702723][T13392] tpg colorspace: 8 [ 451.706586][T13392] tpg transfer function: 0/0 [ 451.711196][T13392] tpg Y'CbCr encoding: 0/0 [ 451.752616][T13392] tpg quantization: 0/0 [ 451.761353][T13392] tpg RGB range: 0/2 [ 451.767800][T13392] vivid-013: ================== END STATUS ================== [ 453.051334][T13418] FAULT_INJECTION: forcing a failure. [ 453.051334][T13418] name failslab, interval 1, probability 0, space 0, times 0 [ 453.082652][T13418] CPU: 0 UID: 0 PID: 13418 Comm: syz.1.1918 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 453.082686][T13418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 453.082699][T13418] Call Trace: [ 453.082704][T13418] [ 453.082712][T13418] dump_stack_lvl+0x16c/0x1f0 [ 453.082747][T13418] should_fail_ex+0x497/0x5b0 [ 453.082769][T13418] ? fs_reclaim_acquire+0xae/0x150 [ 453.082807][T13418] should_failslab+0xc2/0x120 [ 453.082832][T13418] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 453.082854][T13418] ? jbd2__journal_start+0x193/0x6a0 [ 453.082902][T13418] ? __pfx___might_resched+0x10/0x10 [ 453.082936][T13418] jbd2__journal_start+0x193/0x6a0 [ 453.082976][T13418] __ext4_journal_start_sb+0x19f/0x660 [ 453.083006][T13418] ? ext4_do_writepages+0xc04/0x32d0 [ 453.083042][T13418] ext4_do_writepages+0xc04/0x32d0 [ 453.083081][T13418] ? __pfx___lock_acquire+0x10/0x10 [ 453.083125][T13418] ? __pfx_ext4_do_writepages+0x10/0x10 [ 453.083164][T13418] ? do_writepages+0x1b3/0x820 [ 453.083200][T13418] ? ext4_writepages+0x303/0x730 [ 453.083229][T13418] ext4_writepages+0x303/0x730 [ 453.083258][T13418] ? __lock_acquire+0x15a9/0x3c40 [ 453.083284][T13418] ? __pfx_ext4_writepages+0x10/0x10 [ 453.083326][T13418] ? __pfx___lock_acquire+0x10/0x10 [ 453.083353][T13418] ? mark_lock+0xb5/0xc60 [ 453.083378][T13418] ? hlock_class+0x4e/0x130 [ 453.083411][T13418] ? __pfx_ext4_writepages+0x10/0x10 [ 453.083442][T13418] do_writepages+0x1b3/0x820 [ 453.083476][T13418] ? __pfx_do_writepages+0x10/0x10 [ 453.083504][T13418] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 453.083533][T13418] ? __pfx_lock_release+0x10/0x10 [ 453.083559][T13418] ? do_raw_spin_lock+0x12d/0x2c0 [ 453.083591][T13418] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 453.083620][T13418] ? lock_acquire+0x2f/0xb0 [ 453.083645][T13418] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 453.083672][T13418] ? do_raw_spin_unlock+0x172/0x230 [ 453.083709][T13418] filemap_fdatawrite_wbc+0x104/0x160 [ 453.083740][T13418] __filemap_fdatawrite_range+0xb3/0xf0 [ 453.083776][T13418] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 453.083849][T13418] ? find_held_lock+0x2d/0x110 [ 453.083896][T13418] ? ext4_fallocate+0x139/0x3950 [ 453.083934][T13418] filemap_write_and_wait_range+0xa3/0x130 [ 453.083961][T13418] ext4_punch_hole+0x194/0x10d0 [ 453.084005][T13418] ext4_fallocate+0x9b7/0x3950 [ 453.084039][T13418] ? rcu_is_watching+0x12/0xc0 [ 453.084072][T13418] ? trace_lock_acquire+0x14e/0x1f0 [ 453.084095][T13418] ? madvise_vma_behavior+0x1b6d/0x1da0 [ 453.084129][T13418] ? __pfx_ext4_fallocate+0x10/0x10 [ 453.084164][T13418] vfs_fallocate+0x60d/0x10d0 [ 453.084202][T13418] ? __pfx_vfs_fallocate+0x10/0x10 [ 453.084238][T13418] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 453.084273][T13418] madvise_vma_behavior+0x1b6d/0x1da0 [ 453.084308][T13418] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 453.084335][T13418] ? find_vma_prev+0xdb/0x160 [ 453.084370][T13418] ? __pfx_find_vma_prev+0x10/0x10 [ 453.084413][T13418] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 453.084442][T13418] ? __pfx_futex_wait+0x10/0x10 [ 453.084470][T13418] ? do_madvise+0x2b3/0x7c0 [ 453.084503][T13418] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 453.084531][T13418] madvise_walk_vmas+0x1cf/0x2c0 [ 453.084562][T13418] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 453.084600][T13418] do_madvise+0x366/0x7c0 [ 453.084632][T13418] ? __pfx_do_madvise+0x10/0x10 [ 453.084662][T13418] ? __x64_sys_futex+0x1e1/0x4c0 [ 453.084693][T13418] ? rcu_is_watching+0x12/0xc0 [ 453.084732][T13418] __x64_sys_madvise+0xa9/0x110 [ 453.084761][T13418] ? lockdep_hardirqs_on+0x7c/0x110 [ 453.084790][T13418] do_syscall_64+0xcd/0x250 [ 453.084821][T13418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.084853][T13418] RIP: 0033:0x7f3495d8cd29 [ 453.084889][T13418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.084913][T13418] RSP: 002b:00007f3496c7b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 453.084936][T13418] RAX: ffffffffffffffda RBX: 00007f3495fa5fa0 RCX: 00007f3495d8cd29 [ 453.084952][T13418] RDX: 0000000000000009 RSI: 00000000000031ca RDI: 000000110c230000 [ 453.084967][T13418] RBP: 00007f3495e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 453.084981][T13418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 453.084995][T13418] R13: 0000000000000000 R14: 00007f3495fa5fa0 R15: 00007ffca1566448 [ 453.085026][T13418] [ 453.085038][T13418] EXT4-fs (sda1): ext4_do_writepages: jbd2_start: 9223372036854775807 pages, ino 1924; err -12 [ 454.153664][T13443] netlink: 8568 bytes leftover after parsing attributes in process `syz.3.1925'. [ 454.232944][T13444] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1924'. [ 456.040972][T13508] Invalid ELF header magic: != ELF [ 456.205417][T13511] vivid-013: ================= START STATUS ================= [ 456.222712][T13511] vivid-013: Generate PTS: true [ 456.227641][T13511] vivid-013: Generate SCR: true [ 456.273145][T13511] tpg source WxH: 640x360 (Y'CbCr) [ 456.278573][T13511] tpg field: 1 [ 456.281968][T13511] tpg crop: 640x360@0x0 [ 456.332631][T13511] tpg compose: 640x360@0x0 [ 456.337113][T13511] tpg colorspace: 8 [ 456.340949][T13511] tpg transfer function: 0/0 [ 456.437322][T13511] tpg Y'CbCr encoding: 0/0 [ 456.471050][T13511] tpg quantization: 0/0 [ 456.504910][T13511] tpg RGB range: 0/2 [ 456.512223][T13511] vivid-013: ================== END STATUS ================== [ 456.539005][T13510] vivid-013: ================= START STATUS ================= [ 456.562664][T13510] vivid-013: Generate PTS: true [ 456.598156][T13510] vivid-013: Generate SCR: true [ 456.673796][T13510] tpg source WxH: 640x360 (Y'CbCr) [ 456.726219][T13510] tpg field: 1 [ 456.776580][T13510] tpg crop: 640x360@0x0 [ 456.816812][T13510] tpg compose: 640x360@0x0 [ 456.861172][T13510] tpg colorspace: 8 [ 456.904982][T13510] tpg transfer function: 0/0 [ 456.958069][T13510] tpg Y'CbCr encoding: 0/0 [ 456.982770][T13510] tpg quantization: 0/0 [ 456.986981][T13510] tpg RGB range: 0/2 [ 456.990902][T13510] vivid-013: ================== END STATUS ================== [ 457.681753][T13537] FAULT_INJECTION: forcing a failure. [ 457.681753][T13537] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 457.729542][T13537] CPU: 0 UID: 0 PID: 13537 Comm: syz.0.1950 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 457.729578][T13537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 457.729590][T13537] Call Trace: [ 457.729596][T13537] [ 457.729604][T13537] dump_stack_lvl+0x16c/0x1f0 [ 457.729635][T13537] should_fail_ex+0x497/0x5b0 [ 457.729660][T13537] _copy_from_user+0x2e/0xd0 [ 457.729684][T13537] copy_msghdr_from_user+0x99/0x160 [ 457.729713][T13537] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 457.729748][T13537] ? __pfx___lock_acquire+0x10/0x10 [ 457.729777][T13537] ___sys_recvmsg+0xdc/0x1a0 [ 457.729804][T13537] ? __pfx____sys_recvmsg+0x10/0x10 [ 457.729830][T13537] ? find_held_lock+0x2d/0x110 [ 457.729874][T13537] ? __pfx___might_resched+0x10/0x10 [ 457.729899][T13537] ? __might_fault+0xe3/0x190 [ 457.729930][T13537] do_recvmmsg+0x2f8/0x740 [ 457.729961][T13537] ? __pfx_do_recvmmsg+0x10/0x10 [ 457.729985][T13537] ? vfs_write+0x306/0x1150 [ 457.730029][T13537] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 457.730067][T13537] ? __fget_files+0x206/0x3a0 [ 457.730093][T13537] __x64_sys_recvmmsg+0x239/0x290 [ 457.730123][T13537] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 457.730160][T13537] do_syscall_64+0xcd/0x250 [ 457.730188][T13537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.730216][T13537] RIP: 0033:0x7fe01d98cd29 [ 457.730233][T13537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.730253][T13537] RSP: 002b:00007fe01e876038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 457.730273][T13537] RAX: ffffffffffffffda RBX: 00007fe01dba5fa0 RCX: 00007fe01d98cd29 [ 457.730286][T13537] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 457.730298][T13537] RBP: 00007fe01e876090 R08: 0000000000000000 R09: 0000000000000000 [ 457.730310][T13537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 457.730322][T13537] R13: 0000000000000000 R14: 00007fe01dba5fa0 R15: 00007ffd17398578 [ 457.730349][T13537] [ 457.963089][T13541] netdevsim netdevsim107412 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.500769][T13555] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1954'. /[ 459.485729][T13574] netdevsim netdevsim107740 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.926859][T13581] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 459.966722][T13583] netdevsim netdevsim107261 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.576422][T13594] vivid-013: ================= START STATUS ================= [ 460.613306][T13594] vivid-013: Generate PTS: true [ 460.692853][T13594] vivid-013: Generate SCR: true [ 460.698200][T13594] tpg source WxH: 640x360 (Y'CbCr) [ 460.716852][T13594] tpg field: 1 [ 460.720266][T13594] tpg crop: 640x360@0x0 [ 460.802723][T13594] tpg compose: 640x360@0x0 [ 460.822739][T13594] tpg colorspace: 8 [ 460.851075][T13594] tpg transfer function: 0/0 [ 460.880164][T13594] tpg Y'CbCr encoding: 0/0 [ 460.920852][T13594] tpg quantization: 0/0 [ 460.953437][T13594] tpg RGB range: 0/2 [ 461.005696][T13594] vivid-013: ================== END STATUS ================== [ 461.059586][T13602] vivid-013: ================= START STATUS ================= [ 461.079669][T13602] vivid-013: Generate PTS: true [ 461.090058][T13602] vivid-013: Generate SCR: true [ 461.162645][T13602] tpg source WxH: 640x360 (Y'CbCr) [ 461.167866][T13602] tpg field: 1 [ 461.192790][T13602] tpg crop: 640x360@0x0 [ 461.197170][T13602] tpg compose: 640x360@0x0 [ 461.332819][T13602] tpg colorspace: 8 [ 461.382309][T13602] tpg transfer function: 0/0 [ 461.444445][T13602] tpg Y'CbCr encoding: 0/0 [ 461.448916][T13602] tpg quantization: 0/0 [ 461.465920][T13602] tpg RGB range: 0/2 [ 461.469862][T13602] vivid-013: ================== END STATUS ================== [ 461.512738][T13606] vivid-013: ================= START STATUS ================= [ 461.520432][T13606] vivid-013: Generate PTS: true [ 461.621199][T13606] vivid-013: Generate SCR: true [ 461.626646][T13606] tpg source WxH: 640x360 (Y'CbCr) [ 461.678790][T13606] tpg field: 1 [ 461.682221][T13606] tpg crop: 640x360@0x0 [ 461.723235][T13606] tpg compose: 640x360@0x0 [ 461.741873][T13606] tpg colorspace: 8 [ 461.751768][T13606] tpg transfer function: 0/0 [ 461.782407][T13606] tpg Y'CbCr encoding: 0/0 [ 461.792591][T13606] tpg quantization: 0/0 [ 461.809202][T13606] tpg RGB range: 0/2 [ 461.852648][T13606] vivid-013: ================== END STATUS ================== [ 462.263085][T13600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x43a00 [ 462.303863][T13600] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 462.315633][T13600] raw: 00fff00000000000 ffff8880b8644e70 ffff8880b8644e70 0000000000000000 [ 462.341203][T13600] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 462.360212][T13600] page dumped because: VM_WARN_ON_FOLIO(!folio_test_large(folio)) [ 462.378492][T13600] page_owner tracks the page as freed [ 462.392694][T13600] page last allocated via order 9, migratetype Movable, gfp_mask 0x3d20ca(GFP_TRANSHUGE_LIGHT|__GFP_NORETRY|__GFP_THISNODE), pid 13625, tgid 13624 (syz.2.1972), ts 462134416548, free_ts 462244610533 [ 462.442701][T13600] post_alloc_hook+0x2d1/0x350 [ 462.452623][T13600] get_page_from_freelist+0xfce/0x2f80 [ 462.468325][T13600] __alloc_pages_noprof+0x221/0x2470 [ 462.482697][T13600] alloc_pages_mpol_noprof+0x282/0x620 [ 462.488253][T13600] folio_alloc_mpol_noprof+0x36/0xd0 [ 462.502793][T13600] shmem_alloc_folio+0x135/0x160 [ 462.517934][T13600] shmem_alloc_and_add_folio+0x402/0xc00 [ 462.533810][T13600] shmem_get_folio_gfp+0x878/0x1530 [ 462.544263][T13600] shmem_fault+0x200/0xae0 [ 462.548732][T13600] __do_fault+0x10a/0x490 [ 462.572896][T13600] do_pte_missing+0x1a8/0x3e00 [ 462.577779][T13600] __handle_mm_fault+0x1166/0x2c60 [ 462.593400][T13600] handle_mm_fault+0x3fa/0xaa0 [ 462.598226][T13600] do_user_addr_fault+0x7a3/0x13f0 [ 462.614634][T13600] exc_page_fault+0x5c/0xc0 [ 462.619194][T13600] asm_exc_page_fault+0x26/0x30 [ 462.643922][T13600] page last free pid 13624 tgid 13624 stack trace: [ 462.660625][T13600] free_unref_folios+0xa7b/0x14f0 [ 462.673775][T13600] folios_put_refs+0x587/0x7b0 [ 462.683258][T13600] shmem_undo_range+0x586/0x1170 [ 462.688245][T13600] shmem_evict_inode+0x3a3/0xba0 [ 462.712653][T13600] evict+0x409/0x960 [ 462.716604][T13600] iput+0x52a/0x890 [ 462.720434][T13600] dentry_unlink_inode+0x29c/0x480 [ 462.735841][T13600] __dentry_kill+0x1d0/0x600 [ 462.740710][T13600] dput.part.0+0x4b1/0x9b0 [ 462.762599][T13600] dput+0x1f/0x30 [ 462.766324][T13600] __fput+0x51c/0xb70 [ 462.770333][T13600] task_work_run+0x14e/0x250 [ 462.792893][T13600] do_exit+0xad8/0x2d70 [ 462.797139][T13600] do_group_exit+0xd3/0x2a0 [ 462.801672][T13600] __x64_sys_exit_group+0x3e/0x50 [ 462.822671][T13600] x64_sys_call+0x151f/0x1720 [ 462.841733][T13600] ------------[ cut here ]------------ [ 462.847561][T13600] WARNING: CPU: 1 PID: 13600 at ./include/linux/mm.h:1228 stable_page_flags+0xab5/0xbc0 [ 462.857417][T13600] Modules linked in: [ 462.861340][T13600] CPU: 1 UID: 0 PID: 13600 Comm: syz.1.1967 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 462.872269][T13600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 462.882659][T13600] RIP: 0010:stable_page_flags+0xab5/0xbc0 [ 462.888431][T13600] Code: f7 ff ff e8 cd bd 60 ff 4c 8b 3c 24 49 83 ef 01 e9 c9 fc ff ff e8 bb bd 60 ff 48 c7 c6 60 17 82 8b 4c 89 ef e8 7c d9 a7 ff 90 <0f> 0b 90 e9 69 ff ff ff 4c 89 f7 e8 0b 8d c3 ff e9 21 fd ff ff 4c [ 462.908654][T13600] RSP: 0018:ffffc90005a07c60 EFLAGS: 00010246 [ 462.915095][T13600] RAX: 0000000000080000 RBX: 00fff80000020078 RCX: ffffc90004e42000 [ 462.923367][T13600] RDX: 0000000000080000 RSI: ffffffff825824e4 RDI: ffff8880251c4044 [ 462.931377][T13600] RBP: ffffea00010e89c0 R08: 0000000000000001 R09: 0000000000000001 [ 462.939619][T13600] R10: ffffffff905fe017 R11: 0000000000000003 R12: ffffea00010e8000 [ 462.948183][T13600] R13: ffffea00010e8000 R14: 0000000000000000 R15: 0000000000000000 [ 462.956437][T13600] FS: 00007f3496c7b6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 462.965722][T13600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 462.972336][T13600] CR2: 00007f35f2ed56c0 CR3: 0000000050576000 CR4: 00000000003526f0 [ 462.980611][T13600] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 462.988919][T13600] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 462.997187][T13600] Call Trace: [ 463.000490][T13600] [ 463.003694][T13600] ? __warn+0xea/0x3c0 [ 463.007798][T13600] ? stable_page_flags+0xab5/0xbc0 [ 463.013004][T13600] ? report_bug+0x3c0/0x580 [ 463.017551][T13600] ? handle_bug+0x54/0xa0 [ 463.021919][T13600] ? exc_invalid_op+0x17/0x50 [ 463.026728][T13600] ? asm_exc_invalid_op+0x1a/0x20 [ 463.031815][T13600] ? stable_page_flags+0xab4/0xbc0 [ 463.037142][T13600] ? stable_page_flags+0xab5/0xbc0 [ 463.042316][T13600] kpageflags_read+0x145/0x230 [ 463.047409][T13600] ? __pfx_kpageflags_read+0x10/0x10 [ 463.052803][T13600] proc_reg_read+0x11d/0x330 [ 463.057426][T13600] ? __pfx_proc_reg_read+0x10/0x10 [ 463.062644][T13600] vfs_read+0x1df/0xbf0 [ 463.066841][T13600] ? __pfx_vfs_read+0x10/0x10 [ 463.071558][T13600] ? do_futex+0x123/0x350 [ 463.075974][T13600] ? __pfx_do_futex+0x10/0x10 [ 463.080676][T13600] ? __pfx_do_sys_openat2+0x10/0x10 [ 463.085999][T13600] ? __x64_sys_futex+0x1e1/0x4c0 [ 463.090971][T13600] ? __x64_sys_futex+0x1ea/0x4c0 [ 463.096013][T13600] ksys_read+0x12b/0x250 [ 463.100301][T13600] ? __pfx_ksys_read+0x10/0x10 [ 463.105210][T13600] do_syscall_64+0xcd/0x250 [ 463.109754][T13600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.115760][T13600] RIP: 0033:0x7f3495d8cd29 [ 463.120199][T13600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.139922][T13600] RSP: 002b:00007f3496c7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 463.148460][T13600] RAX: ffffffffffffffda RBX: 00007f3495fa5fa0 RCX: 00007f3495d8cd29 [ 463.156762][T13600] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 463.164810][T13600] RBP: 00007f3495e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 463.172891][T13600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.180885][T13600] R13: 0000000000000000 R14: 00007f3495fa5fa0 R15: 00007ffca1566448 [ 463.188959][T13600] [ 463.192003][T13600] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 463.199311][T13600] CPU: 1 UID: 0 PID: 13600 Comm: syz.1.1967 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 463.209742][T13600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 463.219814][T13600] Call Trace: [ 463.223117][T13600] [ 463.226075][T13600] dump_stack_lvl+0x3d/0x1f0 [ 463.230709][T13600] panic+0x71d/0x800 [ 463.234628][T13600] ? __pfx_panic+0x10/0x10 [ 463.239084][T13600] ? show_trace_log_lvl+0x29d/0x3d0 [ 463.244326][T13600] ? stable_page_flags+0xab5/0xbc0 [ 463.249456][T13600] check_panic_on_warn+0xab/0xb0 [ 463.254401][T13600] __warn+0xf6/0x3c0 [ 463.258302][T13600] ? stable_page_flags+0xab5/0xbc0 [ 463.263423][T13600] report_bug+0x3c0/0x580 [ 463.267767][T13600] handle_bug+0x54/0xa0 [ 463.271939][T13600] exc_invalid_op+0x17/0x50 [ 463.276454][T13600] asm_exc_invalid_op+0x1a/0x20 [ 463.281319][T13600] RIP: 0010:stable_page_flags+0xab5/0xbc0 [ 463.287048][T13600] Code: f7 ff ff e8 cd bd 60 ff 4c 8b 3c 24 49 83 ef 01 e9 c9 fc ff ff e8 bb bd 60 ff 48 c7 c6 60 17 82 8b 4c 89 ef e8 7c d9 a7 ff 90 <0f> 0b 90 e9 69 ff ff ff 4c 89 f7 e8 0b 8d c3 ff e9 21 fd ff ff 4c [ 463.306668][T13600] RSP: 0018:ffffc90005a07c60 EFLAGS: 00010246 [ 463.312739][T13600] RAX: 0000000000080000 RBX: 00fff80000020078 RCX: ffffc90004e42000 [ 463.320707][T13600] RDX: 0000000000080000 RSI: ffffffff825824e4 RDI: ffff8880251c4044 [ 463.328677][T13600] RBP: ffffea00010e89c0 R08: 0000000000000001 R09: 0000000000000001 [ 463.336652][T13600] R10: ffffffff905fe017 R11: 0000000000000003 R12: ffffea00010e8000 [ 463.344621][T13600] R13: ffffea00010e8000 R14: 0000000000000000 R15: 0000000000000000 [ 463.352607][T13600] ? stable_page_flags+0xab4/0xbc0 [ 463.357746][T13600] kpageflags_read+0x145/0x230 [ 463.362522][T13600] ? __pfx_kpageflags_read+0x10/0x10 [ 463.367818][T13600] proc_reg_read+0x11d/0x330 [ 463.372430][T13600] ? __pfx_proc_reg_read+0x10/0x10 [ 463.377555][T13600] vfs_read+0x1df/0xbf0 [ 463.381742][T13600] ? __pfx_vfs_read+0x10/0x10 [ 463.386434][T13600] ? do_futex+0x123/0x350 [ 463.390773][T13600] ? __pfx_do_futex+0x10/0x10 [ 463.395466][T13600] ? __pfx_do_sys_openat2+0x10/0x10 [ 463.400685][T13600] ? __x64_sys_futex+0x1e1/0x4c0 [ 463.405643][T13600] ? __x64_sys_futex+0x1ea/0x4c0 [ 463.410607][T13600] ksys_read+0x12b/0x250 [ 463.414887][T13600] ? __pfx_ksys_read+0x10/0x10 [ 463.419682][T13600] do_syscall_64+0xcd/0x250 [ 463.424204][T13600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.430111][T13600] RIP: 0033:0x7f3495d8cd29 [ 463.434531][T13600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.454145][T13600] RSP: 002b:00007f3496c7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 463.462583][T13600] RAX: ffffffffffffffda RBX: 00007f3495fa5fa0 RCX: 00007f3495d8cd29 [ 463.470565][T13600] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003 [ 463.478538][T13600] RBP: 00007f3495e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 463.486514][T13600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.494490][T13600] R13: 0000000000000000 R14: 00007f3495fa5fa0 R15: 00007ffca1566448 [ 463.502478][T13600] [ 463.505754][T13600] Kernel Offset: disabled [ 463.510074][T13600] Rebooting in 86400 seconds..