last executing test programs: 6m22.408307424s ago: executing program 3 (id=839): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffbfffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0x1) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, 0x0, 0x109000, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x1, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x7, 0x6, 0xdd3, 0x10, 0x405, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) mlockall$auto(0x8000000000000001) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) 6m16.486978451s ago: executing program 3 (id=854): io_uring_setup$auto(0x8001, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x8a002, 0x0) mmap$auto(0x0, 0x80000000, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0xc0100, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x100082) prctl$auto(0x10000000024, 0x2, 0x2008, 0x4000000c, 0x80001) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) setns(0xffffffffffffffff, 0x0) unshare$auto(0x40000080) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001900)=ANY=[], 0x2b04}, 0x1, 0x0, 0x0, 0x1051}, 0x44844) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40802, 0x0) ioctl$auto_TIOCMSET2(0xffffffffffffffff, 0x5418, 0x0) 6m14.633904468s ago: executing program 3 (id=858): openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x4a002, 0x0) write$auto(0x3, 0x0, 0x100082) 6m14.17094061s ago: executing program 3 (id=860): io_uring_setup$auto(0x8001, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x8a002, 0x0) mmap$auto(0x0, 0x80000000, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0xc0100, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x100082) prctl$auto(0x10000000024, 0x2, 0x2008, 0x4000000c, 0x80001) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) setns(0xffffffffffffffff, 0x0) unshare$auto(0x40000080) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001900)=ANY=[], 0x2b04}, 0x1, 0x0, 0x0, 0x1051}, 0x44844) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40802, 0x0) ioctl$auto_TIOCMSET2(0xffffffffffffffff, 0x5418, 0x0) 6m9.709411881s ago: executing program 3 (id=869): r0 = socket(0xa, 0x1, 0x84) r1 = getsockopt$auto(r0, 0x84, 0x14, 0x0, &(0x7f0000000040)=0x3) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd2/sched/write0_fifo_list\x00', 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002e00)={&(0x7f00000000c0)={0x18, 0x0, 0x1, 0x70bd2e, 0x25dfdbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x42}, 0x4004094) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={&(0x7f0000000180), 0xfff}, 0x2, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x2, 0x0) process_madvise$auto_MADV_NOHUGEPAGE(r1, &(0x7f0000000080)={&(0x7f0000000300)="17ebcaf4b0a76755df1990d77a469343d87d01fcea10dd6f16aa50ea408e53702dc32298f0abda8fe2b1004349a84eddb9fc8af85b1ee685668afb10c9b2818e038e5fcf26da046e12340f64cd38289b067aa1978f3feda25e8fc2f4943eca59b890dc71747b3a0232423cd8", 0x7fffffff}, 0x7, 0xf, 0x0) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0) write$auto(r4, &(0x7f0000000040)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) 6m5.89655891s ago: executing program 3 (id=879): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000000300)="9e039c58614428839af1d7efa88a3e7074", 0x11) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x9f89, 0x1, 0x80000001, 0x800002e, 0x0, 0x8000000000000001}, 0x6f4) clone$auto(0x100000000, 0x1, 0x0, 0x0, 0x37) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0x80000) clone$auto(0x7, 0x352, 0x0, 0x0, 0x4) 5m50.156637265s ago: executing program 32 (id=879): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000000300)="9e039c58614428839af1d7efa88a3e7074", 0x11) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x9f89, 0x1, 0x80000001, 0x800002e, 0x0, 0x8000000000000001}, 0x6f4) clone$auto(0x100000000, 0x1, 0x0, 0x0, 0x37) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0x80000) clone$auto(0x7, 0x352, 0x0, 0x0, 0x4) 7.053610799s ago: executing program 2 (id=2372): r0 = openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001600)='/sys/kernel/tracing/set_event_pid\x00', 0x4a002, 0x0) r1 = getsockopt$auto_SO_MEMINFO(r0, 0x10, 0x37, &(0x7f0000000000)='/sys/kernel/tracing/set_event_pid\x00', &(0x7f0000000040)=0x4) r2 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, 0x0, 0x164, &(0x7f0000000340)={{0x5, 0x8baf}, {0x6, 0x1e}, 0x40000000008, 0x9, 0x3, 0x1, 0x5, 0x0, 0x1, 0x4, 0x3, 0xfffffffffffffffb, 0x1, 0x6, 0x2, 0x8}) prctl$auto_PR_SET_SHADOW_STACK_STATUS(0x4b, 0x6cd1, r2, 0x6, 0x80000001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) select$auto(0xffffffff, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x9, 0x4, 0x3, 0x4, 0x4, 0xf472, 0xe0b, 0x37, 0x0, 0x101, 0x200, 0xc6, 0x6]}, 0x0, 0x0) r3 = socket(0x15, 0x5, 0x0) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40040}, 0x4008010) memfd_create$auto(&(0x7f0000000200)='/sys/kernel/tracing/set_event_pid\x00', 0x1) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) listen$auto(0x3, 0x81) listen$auto(0x3, 0x0) r4 = fcntl$auto_F_GETOWNER_UIDS(r1, 0x11, r2) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x80, 0x3ff}, 0xed7138c}, 0x1, 0x0) r5 = fcntl$auto_F_DUPFD_CLOEXEC(0xffffffffffffffff, 0x406, r2) io_uring_setup$auto(0x80000000, &(0x7f0000000180)={0x6, 0x8, 0x2acc, 0xd, 0x3, 0x2, r5, [0x6, 0x7, 0x7], {0x0, 0x53dd, 0x4, 0x2, 0x4, 0x0, 0x16ca, 0x7, 0xffffffffffffffff}, {0x8, 0x8, 0x4, 0x2, 0x1, 0xc, 0x200, 0x7fff, 0x4}}) pidfd_open$auto(r2, 0x2) ioctl$auto_SNDRV_PCM_IOCTL_WRITEN_FRAMES2(r1, 0x40184152, &(0x7f0000000100)={0x80000001, &(0x7f00000000c0)=&(0x7f0000000140)="4a31df8f05a126c95d6732a5197bb8f8a91d13acc9", 0x7fffffff}) read$auto_ftrace_set_event_pid_fops_trace_events(r0, &(0x7f0000001640)=""/247, 0xf7) 6.773080628s ago: executing program 2 (id=2373): r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000001340), 0x101100, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x8500, 0x0) ioctl$auto_IOCTL_VMCI_GET_CONTEXT_ID(r1, 0x7b3, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0x8000000000000001, 0x0) 6.495005014s ago: executing program 2 (id=2374): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x801, 0x106) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10}, {0x80, 0x200000000}}, 0x0) setsockopt$auto(r0, 0x6, 0x1e, 0x0, 0xa1) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0xa4e00, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) brk$auto(0x7fffffffefff) r2 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r2, 0x1, 0x1c, 0x0, 0x0) mmap$auto(0xfffffffffffffffb, 0x7, 0x9, 0x7fe, 0x5, 0x80d) setsockopt$auto_SO_RXQ_OVFL(r1, 0x4, 0x28, &(0x7f0000000000)='&%\x00', 0x8a7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) socket(0x2a, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) mprotect$auto(0x4, 0x3ff, 0xff) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) socket$nl_generic(0x10, 0x3, 0x10) 6.003509252s ago: executing program 1 (id=2376): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/platform/dummy_hcd.3/usb4/power/wakeup_last_time_ms\x00', 0x80800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/196, 0xc4) pwritev$auto(r0, &(0x7f0000000180)={&(0x7f0000000000)="ebe70bc63c546c989104c2071f71474df84b2b7ca55a8c3a68628b12b5fcc6273c7515929d17c1c774b06aa698250a4ff6f33ad2f95ec1623eb24498df3ee3b589773a88d20aec6cf13bd1757e832bdf31e05a37d7bfd76a417fe540f9c23ee938fc6082f31341e704967b7b8b98", 0x230}, 0x80000000, 0x4, 0xd61) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x400, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/jbd2/sda1-8/info\x00', 0x40, 0x0) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) ioctl$auto_RTC_RD_TIME(r2, 0x80247009, 0x0) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x4601, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB='>\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7400fcdbdf25140000000c000180080001", @ANYRES32, @ANYBLOB="08001b0000000000"], 0x28}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r7 = fcntl$auto_F_SETFD(0xffffffffffffffff, 0x2, r1) ptrace$auto(0x10, r1, 0x4, 0x7ff) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS0\x00', 0x121000, 0x0) ioctl$auto_TIOCSTI2(r8, 0x5412, &(0x7f0000000000)) ptrace$auto(0xfffffffeffffffff, r1, 0x4, 0x100000006) newfstatat$auto(r7, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x6, 0x2, 0xa, 0xd, 0xffffffffffffffff, 0x0, 0x0, 0x7, 0x4, 0x7c49d628, 0x4f, 0xae, 0x9, 0x2, 0x9, 0x9, 0x9}, 0x1) setuid$auto(r9) 5.661466446s ago: executing program 1 (id=2377): set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) socket(0x15, 0x6, 0x0) uname$auto(0x0) ioctl$auto(0x3, 0x890b, 0x91) unshare$auto(0x40000080) writev$auto(0x1, 0x0, 0x1) madvise$auto(0x0, 0x20200, 0x15) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x40000000004, 0x400008, 0x80000df, 0x9b72, 0x2, 0x800009000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) epoll_create1$auto(0x0) mmap$auto(0x0, 0x80000000, 0xdb, 0x9b72, 0x5, 0x8000) recvmmsg$auto(r0, &(0x7f0000000300)={{0x0, 0x2, 0x0, 0xc, 0x0, 0x406, 0x8}, 0x5a57}, 0x80000, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fb\x00', 0x0, 0x0) pread64$auto(r2, 0x0, 0x100000001, 0x100) getsockopt$auto(r1, 0x1, 0x9, &(0x7f0000008c00)='[){\x00', &(0x7f0000008c40)=0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20800, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/console\x00', 0x48600, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) r5 = socket(0x11, 0xa, 0x1000) ioctl$auto(r5, 0x2, 0x2) ioctl$auto_KVM_CREATE_VM(r4, 0xc008ae09, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ppoll$auto(&(0x7f0000000080)={r3, 0x1, 0x400}, 0x5, 0x0, 0x0, 0x8) 5.226928812s ago: executing program 4 (id=2378): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x108881, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0) ioctl$auto_CEC_S_MODE(r0, 0x40046109, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0) socket(0x28, 0x800, 0x10000) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2438d4cb2de063a3e5dcd4c26ee78d80042d81c37dd38221d4b71dbf365dce3d05bb18cbce0434ca5e8e47625d78635aad429f562712ec3f3d7159eed41db4a183bcf6c4d2a7027f0516a3e65afde6bbe0d0a364f3de6308fdc4ee20eae92fbee719e8d22f2d406e2962d8f5c0d5101308c6e84c356c7a112d5d01b9d22b7b13880100000061cba05cda6a3138", @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r2, 0x0, 0x1) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x2, 0x1, 0x3, 0x300000000000000, 0x7ffffffe, 0x5, 0x6d3c, 0x5, 0x2, 0x1]}, 0x0) mlock2$auto(0x800, 0x6, 0x3) unshare$auto(0x40000080) open$auto(&(0x7f0000000200)='./file0\x00', 0x49193, 0xff90) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r4, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x2000, 0x0) socket(0x2, 0x1, 0x0) 4.654026662s ago: executing program 1 (id=2379): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="00000000000000000000fd"], 0x14}, 0x1, 0x0, 0x0, 0x4008014}, 0x10) newfstatat$auto(0xffffffffffffff9c, &(0x7f0000000140)='./file2\x00', &(0x7f00000001c0)={0xffffffff, 0xd, 0x9, 0x8000, 0xee01, 0xee00, 0x0, 0x401, 0x1, 0x8, 0x4, 0x5, 0x2, 0xe, 0x800, 0x7, 0x2}, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r1, &(0x7f0000000880)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000840)={&(0x7f0000000280)={0x5ac, r0, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_CABLE_TEST_TDR_CFG={0x33a, 0x2, 0x0, 0x1, [@nested={0x2b4, 0x86, 0x0, 0x1, [@typed={0x8, 0xb3, 0x0, 0x0, @fd=r1}, @nested={0x4, 0x79}, @nested={0x4, 0x123}, @generic="5a91023a8e6d51532f3fc3a873c5d6a61b1a56736ba5fbbb5fd1aac04294477ba196843faf5d6d1213a34fefd78f8f8a48c27f235293c8dbaeee2d7eea9c1dceb1d9dfe99ede15b3b2250550f9ba57a1b28d98f9c3366955df7a26fd6cc9e05d80731ed7803b673f0742b61d5c2aa0404f62ce8aba164cbf30b68bddbf07c9ad7c065e6e62466dc861ac064ecd64d35be611d912c885dfa0f5ea", @typed={0x14, 0x1b, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @generic="1cc12b0316da226f24b3305a8b4f61ea9284651090503c243fdfeaf54cc30b4c57c61889748dafde114308d873de14205f81f4b67fbadddb45058642f4f4e6ffd7dc1dccf5fbab143eff433d9cd32313f4a0cb566e49e04e9c4b964dec7277cfd6842c426f549599eda0579262e592e8e1da3497155ebb71ec5f86c87ebbf31e850e21c986d6a20db10fba7b44edab95c71eacf7b1a77aa376329de872c9cadc21250ee8de3bc3dc5008c9341b85d5976e6fe95d4f55136b7deabf5dd770ea83480a3e49e1753614e8ed2e6a1dda9621a86b4a8af5c217070301ac1b9ea859611086dd5176fb8f5ca3b0b2", @generic="3d7c523b2455d832d2d05b0ee3063012119d47eca7e260037c52af24e2a457b669fbea42446aa2cd01ff2d22d446438128f1b7845eb0206cee49fa0ed600353ae1b8b92b43d2cf6886e3e6d5d08ed011390d323a6456909158770b2dd8176acefc77e674a8b1acd26995f2ba1606377f0fffe1e6bffcb131ec66b798e7afabce0bfa105bd37b0038101ac0d20b5ee1079827e2abaf71d5db17f18b963c21eb744f7c505ea774fb74a905ef8fb3ce96f228ce9b39d4", @generic="9bd46d10ee5e82cc5acc17af92603b0e7b8685c4cd9fda369f2c0bda14e418ae26be2cbf7f07d978066fc2f767ab5cf5198603c07dbef5669c1545fbfe1266a4b14485ee9ec9ea4f82394aae64f304282095"]}, @generic="43d67616718eaab8acf8cec8d8c464b1862f74c7280f226745326f0c4e83e4a6193785a5599129d3848cdced2a9ef4bf88866019cacc788218f498c872a95b1b4cbbcb81b02272c453a4f49e560e63a6993ee8dc1d4dc5d600fbbd9f5ffd5f99b918391278bf8bce428d492315a255996aa18346f6504ced552b46a18e3472b71a62"]}, @ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x9}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0x2f, 0x2, 0x0, 0x1, [@generic="b3b65df712d93116d17326596e2b9d6fa788e70433cc50a1b9051d6e678f4320a0a0371f045ddad1fa9c30"]}, @ETHTOOL_A_CABLE_TEST_TDR_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10001}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x9}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0x1dd, 0x2, 0x0, 0x1, [@generic="2ca35e5997432ec805719d76d1868f021ab1455f73c1e3be232ae38e26af344e34ce39b3110a85597c2d209e766b5d7ac8c2a2d02f4e5441da888e8909c8464e20980d3d6b40c708dfbca54b52435e99989ff6f0d688554495afb3d8a487217444e12b8fbe7d504228af1f9f43b7b4c894a45b7e7d1a8d8dce70b01e6a58247e8a2125e2f717bc3b37503a1ca1c36f5470d48d04fbb4b19092fcf82e577c9076025b320e2cf1c0832ac28bcf2944ff13495a9b0220", @generic="3d7ba21b3904cfb1b9e7032d6341740c0758d007b309a9dcf5ad8c25bff23ac5ec683b333c38371d94012cb6b147055ac5abaa5ad473721249e8eb2558bd622b04f25a4a8cd1b4d46e979d08c9b10254b4b537658158dded824353f0b9d351aa4e8a366b16abbd2f2e258c5a448c6f0a7c4fea629600273bbef7c6a15e6dff9edf7fee9d5d6cd1fa8f0dbda1e295f2058660762c52f318c9876b4772307069e89d8b5910557fc6a26f0eb5687e8140013d64788b9c0838a7a4b9a8539ee0e5957598bc6d23285ecdff1949b410a6ee1219aa5ddabc5e17ac", @nested={0x1c, 0x14, 0x0, 0x1, [@typed={0x8, 0x10f, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x48, 0x0, 0x0, @uid=r2}, @typed={0x5, 0x1, 0x0, 0x0, @str='\x00'}]}, @typed={0x2d, 0x11d, 0x0, 0x0, @str='/sys/kernel/tracing/buffer_total_size_kb\x00'}]}]}, 0x5ac}, 0x1, 0x0, 0x0, 0x10}, 0x40040) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x3, &(0x7f0000000040)=0x9, 0xb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x4000008000) msync$auto(0x0, 0x4, 0x1) prctl$auto(0x41, 0x1, 0x3, 0x2000000003, 0x7) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) r3 = openat$auto_tracing_total_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_total_size_kb\x00', 0x2, 0x0) readv$auto(r3, &(0x7f00000000c0)={&(0x7f0000000040), 0x8}, 0x2) 4.104770804s ago: executing program 1 (id=2380): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd14/queue/nomerges\x00', 0x80000, 0x0) socket(0x2, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) setuid$auto(0x1f) capset$auto(0x0, 0xfffffffffffffffe) epoll_ctl$auto(0x5, 0x3, r0, 0x0) 3.938038439s ago: executing program 1 (id=2381): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) r1 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_prog_fd=r1}, 0xa3) bpf$auto(0x1, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) read$auto(0xffffffffffffffff, 0x0, 0x4a0e4415) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={0xfffffffffffffffe}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000080) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/user\x00') r2 = socket(0xa, 0x802, 0x3a) setsockopt$auto(r2, 0x29, 0x21, &(0x7f0000000880)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\xff\x1b\x01\x1e\xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\xf2Vw\xbe\x1c$\xddm\x8a\x9d\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5h\xae\xec%\xf9\x94>\xd6,\xf3\x98\'\xb0\t~~\xb4\x98\xbb3=A\x9c\x17\xaa\xce\fh-M\xdb-\x15VX\xfe\xca+\xb5\x95\xb3JL\x0fl\xe84\xbd\xa3nO\x9f\xfa\xb1\x06$\b$i3\x83\xd7\x06\xd6\x1e\xdbB\x9bb\x1cXC\x8c\x8b\xd9\xff\xf2Bf\x99!Z\x13\xff\xca\xf3e\x015\x9b\x86\xd6$\x1a\r3\x91\xb7\x942\xeb\xadVA\xfc\x1f\xbf1\xb7T\xc1\xbf\xc0\xc2\xfc\xe8w\xd33\xb2,\xb0\x9fA3\xc2\xa2\x1cM\x825\x94U\xbbNeb\xd2\xa9\x0f\xed\x8b\xea\xfa\x8a\x04.\xffMIw\x0f\xd6\xae^\xd2\xf1j\xcb\r\xa4\x1d0d\xca\x81\x9c\x80GL\x0e\xe6\x19\x8au\x1a7\xc5|\xf6\x1e\xe00\xc6\"\x83\x1c\xa2\x9e\a\x1c\xea\xa3\x9c\xe1BF\x05b\xf6\xdcf\x04\xd9B\xb9\x98\x9cq\xbd\xfb\xb5~\xf2\x8d\x9f`\xec\xd0\xafY\xcf\x84', 0x18000113) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "3d64dc8bff7fff7f610000000024"}, 0x55) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getpeername$auto(0x3, 0x0, 0x0) setsockopt$auto_SO_REUSEPORT(r0, 0x0, 0xf, &(0x7f0000000000)='ns/user\x00', 0xb) 3.378833891s ago: executing program 2 (id=2383): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/platform/dummy_hcd.3/usb4/power/wakeup_last_time_ms\x00', 0x80800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/196, 0xc4) pwritev$auto(r0, &(0x7f0000000180)={&(0x7f0000000000)="ebe70bc63c546c989104c2071f71474df84b2b7ca55a8c3a68628b12b5fcc6273c7515929d17c1c774b06aa698250a4ff6f33ad2f95ec1623eb24498df3ee3b589773a88d20aec6cf13bd1757e832bdf31e05a37d7bfd76a417fe540f9c23ee938fc6082f31341e704967b7b8b98", 0x230}, 0x80000000, 0x4, 0xd61) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x400, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/jbd2/sda1-8/info\x00', 0x40, 0x0) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) ioctl$auto_RTC_RD_TIME(r2, 0x80247009, 0x0) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x4601, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB='>\x00\x00\x00', @ANYBLOB="01002abd7400fcdbdf25140000000c00018008000100", @ANYRES32=r6, @ANYBLOB="08001b0000000000"], 0x28}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r7 = fcntl$auto_F_SETFD(0xffffffffffffffff, 0x2, r1) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS0\x00', 0x121000, 0x0) ioctl$auto_TIOCSTI2(r8, 0x5412, &(0x7f0000000000)) ptrace$auto(0xfffffffeffffffff, r1, 0x4, 0x100000006) newfstatat$auto(r7, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x6, 0x2, 0xa, 0xd, 0xffffffffffffffff, 0x0, 0x0, 0x7, 0x4, 0x7c49d628, 0x4f, 0xae, 0x9, 0x2, 0x9, 0x9, 0x9}, 0x1) setuid$auto(r9) prctl$auto_PR_SVE_SET_VL(0x32, 0x6, r1, 0xfff, 0x3) 3.133449534s ago: executing program 1 (id=2385): r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x60100, 0x0) read$auto_vhci_fops_hci_vhci(r0, &(0x7f0000000d40)=""/16, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = gettid() process_vm_writev$auto(r1, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, r0, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0xa, 0x5, 0x0) setsockopt$auto_SO_PREFER_BUSY_POLL(r0, 0x200, 0x45, &(0x7f00000000c0)='nfsd\x00', 0x80) socket(0xa, 0x801, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) shutdown$auto(0x200000003, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) madvise$auto(0x7, 0xfffffffffffefffe, 0x15) shmctl$auto_IPC_INFO(0x53e, 0x3, &(0x7f0000000340)={{0x84, 0xee01, 0xee00, 0x1, 0x0, 0x7, 0xb}, 0x0, 0x101, 0x9, 0x2, @inferred=r1, @inferred=r1, 0x4, 0x0, &(0x7f0000002a80)="cdde1632bf601d73dda26ec0e41663e6dfa68f96c24702b9a06dd510230c5ceee1d76b798d49d0ecdb1ffd23841a043fdd41b95358e9519271e5ffdec08e376539b176020338f11243c242565bcbf78633f1b0605bc2e9b32b12099a664535e3a0462e938767bfdd128e04f9cd57192a0792ab59e95e65df158d2a8fb3b6e77f8ef4576cd2fb4705f7518d7b5095b2e1c0ef68956ac362dc7cab4cdd3f8746f3c75fbedbf27a7362836965a057ba104144cb8ae09c8cdebe7fd14f14312e36e360ac0bf91bbcf5a09c9793e4418027a972b9ae3c97ace16ea9aa77bc90c912c72dae3c4a3e3821f4bfbd9de7d67a7c29a87bf94d853aadd0b354a462d2d6f50310170d9a4c4003666e7804fb8b72e2ff4367508a0ecb34e5d3110b3566f909d730da19da181bb2bb50d3f6bf8edb1622ee32378c98038ca98051b5c94b6ac96cf38386046e52f31399e663732ed05f2463c3e413c8f1ec4c6738c6b268fa44cc432eb331e3bc47a1d245d92d8911d32d516f98f5b439683ba1429b087bb4bd418d1c155ef57b7ec938284b56fb9c704380ad05b38571a70ddd06996c6a6973d09afc88f21517627c4c576027e3e4a20633d34e9f0e974c7ebf1a84b7c934e64eb976c109eaf11f86cb881d38f887093fd6611c51e449cc892e952eb79fdd8bcd6a29d60a9a5232ad1564f2edfb8c4872a3777c41341b304998cce185d102908e422d1d65aff8bae45045e2db44f94250f1591d96b22cc8f573f966085e5b8065c669ced21328d9f1d3fce3b3626639280eebf5934f984d01673f4a50063d9d67db66ecf2670609b485b721614048a64981cf800606eb0f568d187f63fa16eb2d0279f6a473e565c9eed5f9aac9cbe12372d3c57679e575e70ea855fc39e6ffb505bce9253f8426435b9e651f2380f39b82466f6e48470df0ae38060be43202aaf5f7af09ec7683ebd01f5df43862f0a6c14b5de4b4feca8d8e55f1c76c18c7434c6167d606ce755f0cc313510ee35eede164cfaa6750d03513f618d1efe00697342dceef4d2c4fc3dbbb107f4c52be4bbcd3bf41cdfd2eae596142327541800fd162536ebba87eb3b2fd6c3940e243d55acc0db9f28eb739b5a05914097adda2fcfd533953a8cc658c06dea8898504f31e74a5667ff596829b4ab9737d752e67d64b3534cb718d0dbf042621cb836646e2d4b4722d15d6bd082a1af438354bb6608f69cc460a527dce91130ad6dc152f955203046fa7cb38daf90b5fa4d2a311fe8caedd912ba1c5bb0568e4d85009ede83c498129cb2da7951168b18aecece71e094adec03b5ba7d712ab34dc4457656ed90a78fad8c2eb2396d2c6ef7d2e33d5757c40a0fb9f9dd368837bd8404518b3e4561b106e0917a1a8cc8f05cb24ec09f7c3c526e619095d5f4c146e5f2487453ae15360f4392cca75287ae8bf22594845c5d458307a7b06b98925161848b3e32001610508263ecd36b4366d2631fd4b1bd6f8aa121482c2d2d8529b12bab303194f37821f32fafabbbe7e8514526f1df57e40b8b1a2abe78e38b400c6e7d2de528c6a50fbbb25d9a089f8235b12a873ff3a636ae7f92702eb055eed7a863d107e261cf80f00c677359a71665742db986325172c49989e35bdad6ec6defab1fcf420fd76df2d080506566f2176b8e554d42eb087327fb35fb772a8f930356eb69e0f51cad091e8bf5676a54bc87159df647d7d5e5fa1b1c11c419c92d0a0a1069aebf52515e3ae462865bd62d7f64bd59c0a95a036b265b507c7ef0ff966a73279650b0d34d7c841646b3147700a197ef543cdc9e4e0094c276961dcd966e4a4a52a79d323be09d1f780f53edd5b94144af708307b683302e188c319cc1413611ac63d497b472778dba3c733a2aaeee1d1089c63d1e30db60a3a0bd044600f43dc364c3de75ffb0d29c1aef680d6b93432c14813cfae6e2346dac9db67306c7581b92df12121afc75cff0ed9ca1c823a63b779c4c5748dcc56dd24f66b4a604f3ecaa40cc2cc34e9ef312be3f445d1fc3228ec6f03ecec0c2c2721f287bc9ab908475cc65ef088dd79abaadd44e796fd1f6b565c1c4d5f7ad3614c8260f706ace268ed2529987caacc7ce56e35e19e2eb4777d21c7db9eb4ae0c3d0d6bc5de871f1e3361cedd48761eb852dcfce085b07d58264668dbaedaec9847759ed678f3896d3ea58bcf03a01fed59de0a0c3b5921e6cb7473c192715473583684f60e796a6607763a920adcce708d8f3eb81d0a25e0ec246284a487c5ef1127572af028c22469909dfeae82df8523cbf39da85508b18f7db86265b5964fd8c63e33b9da3594c6513a0d7ca4d77c47f00c647c874b7a643f05a4e481a0ae9b21937e209c899a3a99f6c06f488bd4623949da6756ce7e8256ae6eb3c322a431f1cbc62324899c79e72a29c58d96244a7d0530309af46bb144c085f374e2d898246481f715233c63665ce2c5951544c7a3c43b906ad1f99536bec7ce3a583b42c469e7de924eb2ee5c4ecfe0a40a1e2eb3c6501ab3b5d0a666e1813cffe8c7b182126a9624c0cf22f6d8509b055192e30fe7f7b5dd7006cb9d473c9020e1bb80297fac12d645170be1582107bad611d6302ccfccab8400063e299f4711a4be8086f6e5eb977030ed20fb2bc508f2f636823271a9e66c8fee4d71a74bd5ec4061fc32d7424e808285b33cc1345d358c8db522d34703d13dc441b96e0f5e2d9b9613041fc5974e89c3e0862d1dbf2568e13dcc815ff1a525fd0c7d04767a8396a4a799591e448c1bbc6ab5aa7bdd84d09ab1c785fa55e5d2b04896984d0b6760ffb2ae71a5b154215dd3656f4d4f74f0b16341e6bc5acc9d0129dbeaaf1b72393b33ee258bce3476055802f2b1bd6b841f37093be410bb3a22f2483bdb0ccc2b10b570610a22fa12960456695fb6ab93a5f669a968b68f162b3f4438cb6e669d144407eea497465d2cf436c4e75d9cc72ab50a1ddac74dc238d3bcf6d5b6c7131f41f60b56ebc9b762d41c711566caf69b7d677b9569f0977755fba906b2a1396cd458aa643254aa35791d74476bc3461e6c096e3163344bf7f874ce3389d18ec211ac314db269d8b4fed3c34addcfba2ad5cc2229eb773aad26642bb4e2ae37903967bcaa22160eb69b0b2b8755ffa761974542af26f61c9874cd1b5f112d5c97d9e4805f30e9ac23ea55133d2488ae500c162af9f12cb86162784af1edfe0f1244e1618346f40736f7e94a323aefd572850e567b5a4cb7ccb4c6b6b6d3619d75eafe2c5f6dad34224c1c0ec8723117a916e5a0fbfe8eac56578949de418e44b8097861be8bf2f37c882109cde0b32e41d98097597691db94eabc04ff4098df8b939ce9b029793c1f87a29d9be0d4f6c7e59210be0cbb6f1d43555871fe2d7c78aee8fda05538138d4fa696af5744854954cc0d87d5391f487cb6ad952926436f9e181c44777a402c4f1a7b89099ba7beefe079dcd1b37017de9e1bd5ee9c504120bab7ba9a1b655aa9512a34a6d9e4b9c2aa11a216b2055c27425701749660a4946f87912fa97ccfd5350179959dba12b9ad2c84316eaeeedd5864716ac01fc2552bdcc1477aef98e88f95091755df4ddec54153286cf213b4fc60c4b6d1947d0cdf2c9a08750922825f42943aa4fc4e3c70f982453f5d7db9e5691a2fd231c957878b525020eb7fbcc7d69952323fa7faef34bb8b28f41c5772d1253f1aee612fff0b668eec963397dc6ec26ac4b81794ce80f96c649c2e68c27ea9680ce5ab37469d32b81e527474adb40f1c91d272e25850b42f6c6452d287710515f559c9514370a5cd3365147e419e0b32f050f97abcf3e39239b313e946f032511dbae9b4fa3664a68815443350b3819fe438cda99c5021aa3193bb565358ddd6e046b9126d0f43f6c1e77f799c89c2c5bab5cdad02a0ebc57aa07444a3688a4a2360ccbfebfadeee0a23acc2a1a3424025eaf48f7755c739812716fd134477b74ee619b59a70636a37238e1fdf84b6c35e332cc24f8e5391240e7def9ebf53c1973bd633bdcf296cf26347d2cd238da3de223de081807c7e08824ef806b9c497624483885b737bb0925fec05a2a50c15158c746f867a66b345b94bfa4e9241240839a315c12eeea6a186e84a768bf0db7fb5fb91d7429bc16474a9fdbe8bf69d604adbeb4316dca623e9ed74db5552b844363349e99ce636a9c74fd18340dea3127ce496636c1c5dce593bb686e2d00647e4a07bc5b8422016a6589a8cc1b1ae1c5de6b6a63da659bdbfe261ed02af225b2a9a8520f4e47c160964352732b3e8092a53e5c946176606a7ef8fc02c7225f2e24fac38c8cc915e21024bde7691df90670baf4732f0e39edcd1672848eb519c08a8c4c63d87156f934bd076e1f84c2402c79b4ae0bdfc0df4e3b3f11754f17caaf5835f4200981ae140a0373e8e4ec3a17769bc43c8f66ea16add8d0fd01a77af2249c9af9be7a3a613e866675cdda99299539b2083dbbc683caa3ce3cde5205676130e44742e041e40ceb391bbc20c490c831c2a92bcade43071d457de29dd0744cb20ffa2049b3f415f4501946ca7a56632554f2ad3cddc5f2c3f46aba35c2911b2175cd980f9fcc1fd34304adcecf21ce719f77061728a1a054f9bdd43818f403e075a6c12be10916ad3f218a47b257bddf5c5c217e12b88a5d43264a43902a40fd9add8511a1a90367ff27e90e0db974ae39d6f54a7a35452fe601676175e10a8ff68dc2176593324bf051ecb97551b15d30a3448fdef0de85a38a6b301f2b0c93b35a6389c8239871c7c6278524869e07e3e310abcc7a3e1437a7fb339b731efbe847c491e849e7e2205c71f009065bdba2d1ad30a31c5f36c1c2bba11d554e8e1eeb2a7ea3a57da698fa56521f78934e238b066914cf10ef241349ae54a298e0499a99b3efbdc362a99ee406d6090a03e9baf35648745e3055216aaf91b14ecadbb03708d18d6adbf816ab3ddff3ed3e105037a07e2473789250bc992e884f42ab5b9d5d51c88d99146393d8e5c7a8355e3018ffcab846dbf26aa5cdbaf6f647adcfb6cdf31fd0ce5b3d676201d98087cf50aa6aa55d0161850f9c57581575c0226bd85fbff3ee013b00f32d3fd15b7e5a5c29ae058bb20266f2779f631db3b0ab8864b526124341a0d21afdd55d8790f539cacdf8c11f9b48ea1545ba2f5a1a84ad0902cbe128158d559101b44677821ae671b26f0ecc7c60d566428a8552bfa41428a6755013bd465684fbdd8719ec89feabf9cceed49f1be81210f167be977e3d1cb47d2ec294d808ff73c5cb3e6d1cc90173da9d96946fab366f090aa5a50da8253db786fab4b6130c03c936eb00d3097bfd9c9c312908d678b0953124d175533089948b1fac944e717129e6ba11ebd7166ba068e5d306f6f1645d2279a83f8e89ccf3d0bca6e5492510142e1c4b4a5b0c8483e5d3c52905632a032d0af65557604a36b520546622ce5b8916970547387301016058d7cf0f490c1143c1c1152b880aa72c38f133e14a39f720fd100cdd06876da06f9667fb15bb18264b127e7a5b6c670c290eb321e822ff3ecd83e189f7734801011e26e4b706f2bed66e0fed0dd755914accce5d9eeb943be29352f8a3f79743d5b747b186a426da2add46ed88742d55509c55337d36a79f6fa27a8ee8d92ebb430a3cc34c8af6d4c726a4e16af9cdb27fb6f0d19b4f7554d64876aad8c84a16bdcc7761c4196917b509fc0d881f930a32da236f288839388f585c7bcc5548b56a33cfddecc613c2d6f3ac759", &(0x7f00000002c0)="963cb8f61fafdc76d5736535322d4c241421101c85fe8c6d162e8f80b7163de11fec1cbebd443331de05b2b569d07ee7eaa3db2a522cbfcd3c8594250e495d4d99ef97d3b52e82ec3c9792ff13e2b42b2fdf82b5be9bef520ed78aaefc39af9973"}) quotactl_fd$auto(r3, 0x6, r4, &(0x7f00000003c0)="f5d2784a8ae1a7328e4f0b9686dae0e5f79303874feffffc9d9b77726123c1f1a11f6e84e3d30ca299b136307a3b1cf45fcf1f957ec8e1bc7adca19e") openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2881, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000000)={0x1c, r6, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2c}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) r7 = getsockopt$auto_SO_PEERSEC(r2, 0x0, 0x1f, &(0x7f0000000100)='/\x00', &(0x7f0000000140)=0x3) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r3) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(r7, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r8, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000810) 2.318711249s ago: executing program 4 (id=2387): mmap$auto(0x0, 0x40000a, 0xdc, 0x9b72, 0x2, 0x1008000) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x3, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/bus/mdio_bus/drivers/RTL8221B-VM-CG 2.5Gbps PHY (C22)/bind\x00', 0xc2481, 0x0) write$auto(r0, &(0x7f0000000040)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) getsockopt$auto_SO_MAX_PACING_RATE(r0, 0x4, 0x2f, &(0x7f0000000040)='/sys/class/zram-control/hot_add\x00', &(0x7f00000000c0)=0x8) r1 = socket(0x2a, 0x2, 0xb) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(r1, 0xffffeffe, 0x42) pipe$auto(0x0) pipe$auto(0x0) fcntl$auto(r1, 0x5, 0x6) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x3, &(0x7f0000002a40)={0x0, 0x7}, 0x4, 0x0) madvise$auto(0x0, 0x2003ed, 0x19) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x0, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) r3 = socket(0x2, 0x6, 0x0) setsockopt$auto(r3, 0x0, 0x10, 0x0, 0x17) close_range$auto(r1, 0xfffffffffffff000, 0x1) io_uring_register$auto(0x2, 0xa, &(0x7f0000000040), 0x1) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_DEV_GET(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xfffffffffffffeb3, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x4040) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x20800, 0x0) 1.773374163s ago: executing program 4 (id=2388): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="00000000000000000000fd"], 0x14}, 0x1, 0x0, 0x0, 0x4008014}, 0x10) newfstatat$auto(0xffffffffffffff9c, &(0x7f0000000140)='./file2\x00', &(0x7f00000001c0)={0xffffffff, 0xd, 0x9, 0x8000, 0xee01, 0xee00, 0x0, 0x401, 0x1, 0x8, 0x4, 0x5, 0x2, 0xe, 0x800, 0x7, 0x2}, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r1, &(0x7f0000000880)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000840)={&(0x7f0000000280)={0x5ac, r0, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_CABLE_TEST_TDR_CFG={0x33a, 0x2, 0x0, 0x1, [@nested={0x2b4, 0x86, 0x0, 0x1, [@typed={0x8, 0xb3, 0x0, 0x0, @fd=r1}, @nested={0x4, 0x79}, @nested={0x4, 0x123}, @generic="5a91023a8e6d51532f3fc3a873c5d6a61b1a56736ba5fbbb5fd1aac04294477ba196843faf5d6d1213a34fefd78f8f8a48c27f235293c8dbaeee2d7eea9c1dceb1d9dfe99ede15b3b2250550f9ba57a1b28d98f9c3366955df7a26fd6cc9e05d80731ed7803b673f0742b61d5c2aa0404f62ce8aba164cbf30b68bddbf07c9ad7c065e6e62466dc861ac064ecd64d35be611d912c885dfa0f5ea", @typed={0x14, 0x1b, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @generic="1cc12b0316da226f24b3305a8b4f61ea9284651090503c243fdfeaf54cc30b4c57c61889748dafde114308d873de14205f81f4b67fbadddb45058642f4f4e6ffd7dc1dccf5fbab143eff433d9cd32313f4a0cb566e49e04e9c4b964dec7277cfd6842c426f549599eda0579262e592e8e1da3497155ebb71ec5f86c87ebbf31e850e21c986d6a20db10fba7b44edab95c71eacf7b1a77aa376329de872c9cadc21250ee8de3bc3dc5008c9341b85d5976e6fe95d4f55136b7deabf5dd770ea83480a3e49e1753614e8ed2e6a1dda9621a86b4a8af5c217070301ac1b9ea859611086dd5176fb8f5ca3b0b2", @generic="3d7c523b2455d832d2d05b0ee3063012119d47eca7e260037c52af24e2a457b669fbea42446aa2cd01ff2d22d446438128f1b7845eb0206cee49fa0ed600353ae1b8b92b43d2cf6886e3e6d5d08ed011390d323a6456909158770b2dd8176acefc77e674a8b1acd26995f2ba1606377f0fffe1e6bffcb131ec66b798e7afabce0bfa105bd37b0038101ac0d20b5ee1079827e2abaf71d5db17f18b963c21eb744f7c505ea774fb74a905ef8fb3ce96f228ce9b39d4", @generic="9bd46d10ee5e82cc5acc17af92603b0e7b8685c4cd9fda369f2c0bda14e418ae26be2cbf7f07d978066fc2f767ab5cf5198603c07dbef5669c1545fbfe1266a4b14485ee9ec9ea4f82394aae64f304282095"]}, @generic="43d67616718eaab8acf8cec8d8c464b1862f74c7280f226745326f0c4e83e4a6193785a5599129d3848cdced2a9ef4bf88866019cacc788218f498c872a95b1b4cbbcb81b02272c453a4f49e560e63a6993ee8dc1d4dc5d600fbbd9f5ffd5f99b918391278bf8bce428d492315a255996aa18346f6504ced552b46a18e3472b71a62"]}, @ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x9}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0x2f, 0x2, 0x0, 0x1, [@generic="b3b65df712d93116d17326596e2b9d6fa788e70433cc50a1b9051d6e678f4320a0a0371f045ddad1fa9c30"]}, @ETHTOOL_A_CABLE_TEST_TDR_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10001}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x9}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0x1dd, 0x2, 0x0, 0x1, [@generic="2ca35e5997432ec805719d76d1868f021ab1455f73c1e3be232ae38e26af344e34ce39b3110a85597c2d209e766b5d7ac8c2a2d02f4e5441da888e8909c8464e20980d3d6b40c708dfbca54b52435e99989ff6f0d688554495afb3d8a487217444e12b8fbe7d504228af1f9f43b7b4c894a45b7e7d1a8d8dce70b01e6a58247e8a2125e2f717bc3b37503a1ca1c36f5470d48d04fbb4b19092fcf82e577c9076025b320e2cf1c0832ac28bcf2944ff13495a9b0220", @generic="3d7ba21b3904cfb1b9e7032d6341740c0758d007b309a9dcf5ad8c25bff23ac5ec683b333c38371d94012cb6b147055ac5abaa5ad473721249e8eb2558bd622b04f25a4a8cd1b4d46e979d08c9b10254b4b537658158dded824353f0b9d351aa4e8a366b16abbd2f2e258c5a448c6f0a7c4fea629600273bbef7c6a15e6dff9edf7fee9d5d6cd1fa8f0dbda1e295f2058660762c52f318c9876b4772307069e89d8b5910557fc6a26f0eb5687e8140013d64788b9c0838a7a4b9a8539ee0e5957598bc6d23285ecdff1949b410a6ee1219aa5ddabc5e17ac", @nested={0x1c, 0x14, 0x0, 0x1, [@typed={0x8, 0x10f, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x48, 0x0, 0x0, @uid=r2}, @typed={0x5, 0x1, 0x0, 0x0, @str='\x00'}]}, @typed={0x2d, 0x11d, 0x0, 0x0, @str='/sys/kernel/tracing/buffer_total_size_kb\x00'}]}]}, 0x5ac}, 0x1, 0x0, 0x0, 0x10}, 0x40040) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x3, &(0x7f0000000040)=0x9, 0xb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x4000008000) msync$auto(0x0, 0x4, 0x1) prctl$auto(0x41, 0x1, 0x3, 0x2000000003, 0x7) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) r3 = openat$auto_tracing_total_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_total_size_kb\x00', 0x2, 0x0) readv$auto(r3, &(0x7f00000000c0)={&(0x7f0000000040), 0x8}, 0x2) 1.258822824s ago: executing program 4 (id=2390): r0 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x102000, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0x6, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030001000100060007000080000008000300000400000a0005001e16390f3abc00000a000500aaaaaaaaaabb00000a0005000000000000000000fcff0100", @ANYRES32=0x0, @ANYBLOB="060006"], 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r1, 0x0, 0xe) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/reserved_size\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/222, 0xde) mprotect$auto(0x1ffff000, 0x1010000000800, 0xd) setsockopt$auto(r0, 0xe, 0x6, &(0x7f0000000040)='(.&%-\x00', 0x10000) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x20601, 0x0) write$auto_sg_fops_sg(r3, &(0x7f0000000080)="06ad", 0x2) ioctl$auto(0x3, 0x402c542b, 0x38) 1.062221369s ago: executing program 0 (id=2392): io_uring_setup$auto(0x8001, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x8a002, 0x0) mmap$auto(0x0, 0x80000000, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_TIOCMSET2(0xffffffffffffffff, 0x5418, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) (fail_nth: 21) 995.334126ms ago: executing program 2 (id=2393): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4019}, 0x0) r1 = memfd_secret$auto(0x1) read$auto_fops_u32_ro_(r1, &(0x7f0000000000)=""/109, 0x6d) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x42080, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/lowmem_reserve_ratio\x00', 0x101202, 0x0) sendfile$auto(r2, r2, 0x0, 0x4) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r0) sendmsg$auto_MACSEC_CMD_UPD_TXSA(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002ec0)={0x24, r4, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_RXSC_CONFIG={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0xa3}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x400c8d4) 586.871275ms ago: executing program 0 (id=2394): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/platform/dummy_hcd.3/usb4/power/wakeup_last_time_ms\x00', 0x80800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/196, 0xc4) pwritev$auto(r0, &(0x7f0000000180)={&(0x7f0000000000)="ebe70bc63c546c989104c2071f71474df84b2b7ca55a8c3a68628b12b5fcc6273c7515929d17c1c774b06aa698250a4ff6f33ad2f95ec1623eb24498df3ee3b589773a88d20aec6cf13bd1757e832bdf31e05a37d7bfd76a417fe540f9c23ee938fc6082f31341e704967b7b8b98", 0x230}, 0x80000000, 0x4, 0xd61) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x400, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/jbd2/sda1-8/info\x00', 0x40, 0x0) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) ioctl$auto_RTC_RD_TIME(r2, 0x80247009, 0x0) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x4601, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB='>\x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7400fcdbdf25140000000c000180080001", @ANYRES32=r6, @ANYBLOB="08001b0000000000"], 0x28}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r7 = fcntl$auto_F_SETFD(0xffffffffffffffff, 0x2, r1) ptrace$auto(0x10, r1, 0x4, 0x7ff) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS0\x00', 0x121000, 0x0) ioctl$auto_TIOCSTI2(r8, 0x5412, &(0x7f0000000000)) ptrace$auto(0xfffffffeffffffff, r1, 0x4, 0x100000006) newfstatat$auto(r7, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x6, 0x2, 0xa, 0xd, 0xffffffffffffffff, 0x0, 0x0, 0x7, 0x4, 0x7c49d628, 0x4f, 0xae, 0x9, 0x2, 0x9, 0x9, 0x9}, 0x1) setuid$auto(r9) 497.395277ms ago: executing program 2 (id=2395): r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x2, 0x0) read$auto_aoe_fops_aoechr(r0, 0x0, 0x0) 421.275341ms ago: executing program 0 (id=2396): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x11, r0, 0x4000) (fail_nth: 4) 319.100241ms ago: executing program 0 (id=2397): r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim0/health/break_health\x00', 0x424043, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xffffffffffffffff, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x81000) mmap$auto(0x0, 0x20009, 0x1, 0xeb1, 0x40000000000a5, 0x8002) mincore$auto(0x1000, 0x8001, 0x0) pwrite64$auto(r0, &(0x7f0000000040)='\\\x00', 0x3f0, 0x7fffffffffffffff) io_uring_setup$auto(0x8, 0x0) open(0x0, 0x2a4c0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB='=}O\x00', @ANYRES16=0x0, @ANYBLOB="00032bbd7000fddbdf25530000000600ed00040000003d030f00b0ae2d3cfb0ee7076185038b672e3732c1f9d7edd59371e4b332941f2c5c4a587ff86abc1fd4f94eb825e61bd321983d48a6b2cca5064eb77e33be72f966f465a8f5e113c101bd459b15b308f7f07eec5eff1ce7ecade6df7eb02c2dcd311000d317fb644a03431e061ed275d9021f881a2dd45c72fccdc08b43a32d1fef7e414e2ea972e877b499ed5f19e0d37f1079ddca710c3626dab53a698441d5866ca10a39fd41d890b87bdb4ed556ef6eaad8842ba22b54ae4cf49e5aadb9d180c4fbe374ad8f316b96ed014eb0dbafae1f6b50b90d44e94501a4b3920d1c7d788e3e9331513cfffedeb7646fa3d0e260674dd978c4567bba3c841769c72cfc1982bb9460fd71c4ef6a86f008797a97a322bbed3916ef29a1c3dab9c3b2f14e7def071cdb4e108dd59650a18b8c190f0d4d66cf6d71d4406448521346e7440657d724b6cf8683b967bdf441540c7e07f79826da2d82aa5f35bdd197ee2b2a2589cc0ffe16df70b4293005ea7987c905ae26be7d08bb59252c2e0730cd30ef536929ce3e3ca737c43397001b95c671d9b4059ac6d7b71d9ffd84386cd6457a1037d2ca52fb78a174e8960647340e4c1c9ec14d9a822b65a4d9c5e01c10de8015ca73e2f88c711816d8905eaa870b862a573ae20141dfffbe8a2d9f83ce7269eb0b30d702c6d5fa1e89e3fdc58f543fb3458b654878f21b37b55bd64333f661a686ed0c077aa6237f4616a9ecb8d35a3e3392aabbfe0f35ce78d048f0ade0534d2d36dd7cb78550e5116f09adb86e96b8880495401d616f3596e4988b9fd5d6687da124e2383e1d0fa195074ac99cb453133b8325b9fc27f5c0fd21046d17f278f41848d4076a7db8463c1e569a7a92585cbb8d08d503b404250ee3387f99b4264f07a5b6e8c4da2d1f7ae72d16e80411eca67175f0084c3d12ea1633d908c0d7cd1aad8fa8ea781f5c43204d1fdf3c6a8f2431c96ee3654e5ac714b77461db7e2d9f956596e77569e7f7ccfeef86b88335538d0fcce8e415e4991ca24eb42b76a8988911aab3c77672231aff9cae46e9fc850ea174d30c20f93f1e674ad02ac520e6959e45bacaabef3037241889e6cf505e7138aaa5fad2cb3bb5039a72a4da032f761e688d40a06566d196a08990016d99879789fb6f96e6b5229b000000bb04a6809259616e144e49072f70b737cfca7a9ca78fb9d84c26ac7111f599ced6cecfe4222ac1175f47ed2a7de8af969bb00582ebf7941e7b21f6e1098cc9104864d76957e6908a9a76af6fc498a9c274b5d61328bc053f76718d2d155bef5be9105d41fb74c1b4fb062c6a40580fb76ff4f4db12524aaddc2eda0e784904c6379e2247a9df978e7f5fb28e3f3d6689a4eb1d9e21ef0da198ef28992edfda21ac0392c9b604ac17ace4b4b268bf8de07b435e60c8c852c5fbaa90f04516bf7dbcc7d70a1a1547f4b7001400b300fe8000000000000000000000000000aa1c0094800400ac800400688004000b800400690008008000", @ANYRES32=r0, @ANYBLOB="47010f80f357f939e7a7379b0bd036dccc782cbc073cdda68e85cfaf50a0445215dda5f5cbc71c276f33024f459b01266398980f5146cca6d47ebc57cac9af02966d35163e236982b11c0b998133d003cfb8c9fc46900a90eafb8575890ba26181c5a7f84b5de3bd9d63983127f363b5904aa20562fc1d2c1b7f1c3e8133f0c6c81e7982d10342be02c3178eba28975bfa28d3064b41e8af081bf7afd081814ea1ed9045ed7f64a1bccbb7fbb350151a681dd417ff3f14469b3dce3ccebb1cd404d04223e68ed8a06d7fcb34f13a97459504003a800b002e002c3ac0212f8100000400008004002f80a0b93dd8249bd2a4765310b6b877d2c45cb1208a853caf8b18ada4374f2d353076b83b31c0fcd2d0f1de353f9e0b1e19cd80efcd4d649785d066515841ff3ac8c99f47888230c96cb4d53ab4f3daae86b2e1dc8e01521beac6592fffdfdc0061004800cac2683b939ea9ad319a708ed9d7255f75f693b73dc52e2e58e6c9df0750ef04e55996efc5dde32a70f9d447b9edc4353924850ee3016e59f6381adab90586bbf5070ce0ac35c3d6fd1ba8ddc9d8969af92792a58584213234f47f1b130000008bda687dd8499c0fccb038f74b0026676e5c13bfebc05c6fe34819994914ff2928ca5194491344a696a29af294be3f5710000422e109cf73e55c1e2c8f9e5aa7fec563895947e3993605e812a17d3ad3704ca8d76310850f6d4a3727be5ee5e044ff1b08353ac2d73af6adc4d3770aad0c0d0ee0e5343a8130f806593345b03a39226f013a5259b80d96e5e19242f0d1813d0b81902d2e46a431c86b4ffac7fb0457b2369c18f7cbf719700376af108f0f10115a0077fa497225460c3ce100128004002f80c06259b37b9b36c97e95bc80970842ac469aa081ea9cd06b04a78b1ef12439fc2b510258300c6fa5e852196cfc6951a8489cb0ec5c8cda153c5bfa4a018c6c93f6602da8ca1d5d6e9dc93d39808a092a28cbbb9f1171894b66edb14853146fc3071fd117ce607b9a73dd157a4c18f77e7fd057d24366b87bfa1507fa643965ecac670ea996d60a5746ce23c1f7dfe6a9e4f49ce52a46b9867b827c88e23e618b012bb33b1e213fd68cc1406db5a78748b1088ebd1e81b92cd0a74b8f79a799d9dbadda5eed2c5c83eaf5974ab9c395ddee2c0b1669ded1bdde0000007400868004005c804ddb92cf438b98657d9dd328e008a1594ae055248184facddf2424ead9bb9df05a069786fc23ae943f008c002f7379732f6b65726e656c2f64656275672f6e657464657673696d2f6e657464657673696d312f6865616c74682f627265616b5f6865616c7468000004002a800008009f009b0d00000600ab008f0000000600b30003000000"], 0x830}}, 0x1) mkdir$auto(&(0x7f00000001c0)='}[,&*}\x00', 0xc001) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x4018, 0x7, 0x0, 0x8000000000000001, 0xcd) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', 0x0, 0x44020, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x3) select$auto(0xf, 0x0, &(0x7f0000002400)={[0x1, 0x400, 0x0, 0x8, 0x80000001, 0xe0d3, 0x4, 0x17c750d60, 0xfffffffffffffac5, 0x6, 0x8000, 0x3, 0x7, 0x5, 0x2, 0x24f]}, &(0x7f0000002480)={[0x3, 0x5, 0x8, 0x98d, 0x6, 0x4ef, 0x10000, 0x45f6c183, 0x81, 0x3, 0x3, 0x8, 0x400000000008000, 0x2, 0x8000000000000001, 0xfffffffffffffffc]}, 0x0) r3 = socket(0x10, 0x2, 0xc) r4 = getegid() setregid$auto(r4, 0x0) chown$auto(&(0x7f00000000c0)='./file0\x00', 0x0, r4) lchown$auto(&(0x7f0000000200)='}[,&*}\x00', 0x0, r4) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1, @ANYRES32], 0x18}, 0x1, 0x0, 0x0, 0x8800}, 0x80) write$auto(r0, 0x0, 0x40) 289.859506ms ago: executing program 4 (id=2398): r0 = openat$auto_tracing_total_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_total_size_kb\x00', 0x2, 0x0) readv$auto(r0, &(0x7f00000000c0)={&(0x7f0000000040), 0x8}, 0x2) 213.657967ms ago: executing program 0 (id=2399): openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, 0x0, 0x20801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd14/queue/nomerges\x00', 0x80000, 0x0) socket(0x2, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) setuid$auto(0x1f) capset$auto(0x0, 0xfffffffffffffffe) epoll_ctl$auto(0x5, 0x3, r0, 0x0) 193.22974ms ago: executing program 4 (id=2400): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) socket(0x1f, 0x800, 0xffffff01) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) madvise$auto(0x108000, 0x800034, 0xa) unshare$auto(0x40000080) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400fe00e4e819d1eba5df4b92b50cc7c1119b183cb8c20711833e16fef33721c375387424ae26cfad96b2ad946a", @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="b3ac3fb4a05156f5206c000000", @ANYRES16=r2, @ANYBLOB="000225bd7000fedbdf250400000014001f00fc01000000000000000000000000000114002000fc000000000000000000000000000000060003001e0b000006001a004e2100000500140000000000050014000800000006001a004e20000008000a00a6000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x5) open$auto(&(0x7f0000000200)='./file0\x00', 0x49193, 0xff90) r3 = prctl$auto_PR_SET_TSC(0x1a, 0x3, 0xffffffffffffffff, 0xc, 0xfffffffffffff459) setsockopt$auto(r3, 0x7, 0x6, &(0x7f0000000100)='#%\x00', 0x7) r4 = openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto_COMEDI_LOCK(r4, 0x6405, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r5, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 0s ago: executing program 0 (id=2401): socket(0x29, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) socket(0xa, 0x2, 0x3a) socket(0xa, 0x2, 0x0) unshare$auto(0x40000080) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) socket(0x2, 0x3, 0xfffffff1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb3, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6b, 0x0, 0x7d, 0xfffffffffffffffd, 0xd4, 0x4, 0x4, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0x0, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, 0x0, 0xa0100, 0x0) socket(0x2, 0x1, 0x0) r1 = epoll_create$auto(0x4) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) epoll_ctl$auto(r1, 0x1, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x40047459, 0x0) sendmsg$auto_SEG6_CMD_SETHMAC(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c40)=ANY=[@ANYBLOB=',\x00\a\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf2501000000050005000000000008000300060000000500060002000000"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x40000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000840) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/bdi/43:320/uevent\x00', 0x0, 0x0) socket(0x11, 0x80003, 0x300) socket(0xa, 0x801, 0x106) kernel console output (not intermixed with test programs): +0x497/0x5b0 [ 623.488036][T12582] _copy_to_user+0x32/0xd0 [ 623.488083][T12582] simple_read_from_buffer+0xd0/0x160 [ 623.488136][T12582] proc_fail_nth_read+0x198/0x270 [ 623.488181][T12582] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 623.488229][T12582] ? rw_verify_area+0xcf/0x680 [ 623.488275][T12582] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 623.488319][T12582] vfs_read+0x1df/0xbf0 [ 623.488375][T12582] ? __pfx_poll_select_finish+0x10/0x10 [ 623.488426][T12582] ? __pfx_vfs_read+0x10/0x10 [ 623.488479][T12582] ? do_sys_openat2+0xb1/0x1e0 [ 623.488520][T12582] ? __pfx_do_sys_openat2+0x10/0x10 [ 623.488564][T12582] ? fd_install+0x223/0x750 [ 623.488622][T12582] ? kern_select+0x176/0x1e0 [ 623.488678][T12582] ksys_read+0x12b/0x250 [ 623.488725][T12582] ? __pfx_ksys_read+0x10/0x10 [ 623.488784][T12582] do_syscall_64+0xcd/0x250 [ 623.488828][T12582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.488871][T12582] RIP: 0033:0x7fa141b8b73c [ 623.488895][T12582] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 623.488927][T12582] RSP: 002b:00007fa13f9f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 623.488957][T12582] RAX: ffffffffffffffda RBX: 00007fa141da5fa0 RCX: 00007fa141b8b73c [ 623.488978][T12582] RDX: 000000000000000f RSI: 00007fa13f9f60a0 RDI: 0000000000000004 [ 623.488997][T12582] RBP: 00007fa13f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 623.489024][T12582] R10: 0000000020002480 R11: 0000000000000246 R12: 0000000000000001 [ 623.489044][T12582] R13: 0000000000000000 R14: 00007fa141da5fa0 R15: 00007ffd45d6b298 [ 623.489081][T12582] [ 623.815615][T12590] Invalid ELF header magic: != ELF [ 624.232348][T12604] FAULT_INJECTION: forcing a failure. [ 624.232348][T12604] name failslab, interval 1, probability 0, space 0, times 0 [ 624.245982][T12604] CPU: 1 UID: 0 PID: 12604 Comm: syz.1.1804 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 624.246024][T12604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 624.246044][T12604] Call Trace: [ 624.246054][T12604] [ 624.246066][T12604] dump_stack_lvl+0x16c/0x1f0 [ 624.246117][T12604] should_fail_ex+0x497/0x5b0 [ 624.246153][T12604] ? fs_reclaim_acquire+0xae/0x150 [ 624.246219][T12604] should_failslab+0xc2/0x120 [ 624.246260][T12604] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 624.246299][T12604] ? getname_flags.part.0+0x4c/0x550 [ 624.246355][T12604] getname_flags.part.0+0x4c/0x550 [ 624.246402][T12604] getname+0x8d/0xe0 [ 624.246452][T12604] do_sys_openat2+0x104/0x1e0 [ 624.246494][T12604] ? __pfx_do_sys_openat2+0x10/0x10 [ 624.246540][T12604] ? __fget_files+0x206/0x3a0 [ 624.246579][T12604] __x64_sys_openat+0x175/0x210 [ 624.246620][T12604] ? __pfx___x64_sys_openat+0x10/0x10 [ 624.246678][T12604] do_syscall_64+0xcd/0x250 [ 624.246727][T12604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.246773][T12604] RIP: 0033:0x7f2526f8b690 [ 624.246798][T12604] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 624.246830][T12604] RSP: 002b:00007f2527d49f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 624.246870][T12604] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2526f8b690 [ 624.246891][T12604] RDX: 0000000000000000 RSI: 00007f2527d49fa0 RDI: 00000000ffffff9c [ 624.246913][T12604] RBP: 00007f2527d49fa0 R08: 0000000000000000 R09: 0000000000000000 [ 624.246933][T12604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 624.246953][T12604] R13: 0000000000000000 R14: 00007f25271a5fa0 R15: 00007ffcb357fce8 [ 624.246993][T12604] [ 625.717217][T12641] bond0: option arp_interval: invalid value () [ 625.725021][T12641] bond0: option arp_interval: allowed values 0 - 2147483647 [ 626.049856][T12655] process 'syz.1.1820' launched ':,' with NULL argv: empty string added [ 626.864608][ T9249] Bluetooth: hci2: Malformed HCI Event [ 628.950002][T12712] FAULT_INJECTION: forcing a failure. [ 628.950002][T12712] name failslab, interval 1, probability 0, space 0, times 0 [ 628.982777][T12712] CPU: 0 UID: 0 PID: 12712 Comm: syz.1.1834 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 628.982827][T12712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 628.982848][T12712] Call Trace: [ 628.982858][T12712] [ 628.982872][T12712] dump_stack_lvl+0x16c/0x1f0 [ 628.982925][T12712] should_fail_ex+0x497/0x5b0 [ 628.982963][T12712] ? fs_reclaim_acquire+0xae/0x150 [ 628.983023][T12712] should_failslab+0xc2/0x120 [ 628.983065][T12712] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 628.983108][T12712] ? __d_alloc+0x35/0x8c0 [ 628.983153][T12712] __d_alloc+0x35/0x8c0 [ 628.983195][T12712] d_alloc+0x4a/0x1e0 [ 628.983236][T12712] d_alloc_parallel+0xe7/0x12b0 [ 628.983289][T12712] ? __d_lookup+0x25c/0x4a0 [ 628.983338][T12712] ? trace_lock_acquire+0x14e/0x1f0 [ 628.983372][T12712] ? lookup_open.isra.0+0x233/0x1580 [ 628.983425][T12712] ? __pfx_d_alloc_parallel+0x10/0x10 [ 628.983481][T12712] ? __d_lookup+0x266/0x4a0 [ 628.983540][T12712] lookup_open.isra.0+0x65d/0x1580 [ 628.983611][T12712] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 628.983671][T12712] ? path_openat+0x88a/0x2d80 [ 628.983713][T12712] ? mnt_get_write_access+0x20c/0x300 [ 628.983769][T12712] path_openat+0x904/0x2d80 [ 628.983818][T12712] ? __pfx_path_openat+0x10/0x10 [ 628.983852][T12712] ? __pfx___lock_acquire+0x10/0x10 [ 628.983892][T12712] ? lock_acquire.part.0+0x11b/0x380 [ 628.983934][T12712] ? find_held_lock+0x2d/0x110 [ 628.983993][T12712] do_filp_open+0x20c/0x470 [ 628.984029][T12712] ? __pfx_do_filp_open+0x10/0x10 [ 628.984060][T12712] ? find_held_lock+0x2d/0x110 [ 628.984141][T12712] ? alloc_fd+0x41f/0x760 [ 628.984184][T12712] do_sys_openat2+0x17a/0x1e0 [ 628.984228][T12712] ? __pfx_do_sys_openat2+0x10/0x10 [ 628.984287][T12712] __x64_sys_openat+0x175/0x210 [ 628.984332][T12712] ? __pfx___x64_sys_openat+0x10/0x10 [ 628.984394][T12712] do_syscall_64+0xcd/0x250 [ 628.984445][T12712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.984493][T12712] RIP: 0033:0x7f2526f8cd29 [ 628.984521][T12712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 628.984555][T12712] RSP: 002b:00007f2527d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 628.984597][T12712] RAX: ffffffffffffffda RBX: 00007f25271a5fa0 RCX: 00007f2526f8cd29 [ 628.984621][T12712] RDX: 0000000000040802 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 628.984642][T12712] RBP: 00007f252700e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 628.984663][T12712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 628.984683][T12712] R13: 0000000000000000 R14: 00007f25271a5fa0 R15: 00007ffcb357fce8 [ 628.984726][T12712] [ 629.911491][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.918234][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 >[ 631.372251][T12732] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1842'. [ 632.225525][T12742] FAULT_INJECTION: forcing a failure. [ 632.225525][T12742] name failslab, interval 1, probability 0, space 0, times 0 [ 632.245296][T12742] CPU: 0 UID: 0 PID: 12742 Comm: syz.0.1845 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 632.245344][T12742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 632.245365][T12742] Call Trace: [ 632.245375][T12742] [ 632.245389][T12742] dump_stack_lvl+0x16c/0x1f0 [ 632.245448][T12742] should_fail_ex+0x497/0x5b0 [ 632.245494][T12742] should_failslab+0xc2/0x120 [ 632.245536][T12742] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 632.245577][T12742] ? skb_clone+0x190/0x3f0 [ 632.245634][T12742] skb_clone+0x190/0x3f0 [ 632.245687][T12742] netlink_deliver_tap+0xafd/0xca0 [ 632.245736][T12742] netlink_unicast+0x6b4/0x7f0 [ 632.245782][T12742] ? __pfx_netlink_unicast+0x10/0x10 [ 632.245837][T12742] ctrl_getfamily+0x40b/0x540 [ 632.245888][T12742] ? __pfx_ctrl_getfamily+0x10/0x10 [ 632.245940][T12742] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 632.245991][T12742] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 632.246051][T12742] genl_family_rcv_msg_doit+0x202/0x2f0 [ 632.246103][T12742] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 632.246150][T12742] ? __pfx___mutex_lock+0x10/0x10 [ 632.246195][T12742] ? genl_get_cmd+0x195/0x580 [ 632.246252][T12742] ? __radix_tree_lookup+0x21f/0x2c0 [ 632.246303][T12742] genl_rcv_msg+0x565/0x800 [ 632.246356][T12742] ? __pfx_genl_rcv_msg+0x10/0x10 [ 632.246415][T12742] ? __pfx_ctrl_getfamily+0x10/0x10 [ 632.246486][T12742] netlink_rcv_skb+0x165/0x410 [ 632.246528][T12742] ? __pfx_genl_rcv_msg+0x10/0x10 [ 632.246580][T12742] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 632.246641][T12742] ? down_read+0xc9/0x330 [ 632.246691][T12742] ? __pfx_down_read+0x10/0x10 [ 632.246744][T12742] ? netlink_deliver_tap+0x1ae/0xca0 [ 632.246791][T12742] genl_rcv+0x28/0x40 [ 632.246832][T12742] netlink_unicast+0x53c/0x7f0 [ 632.246878][T12742] ? __pfx_netlink_unicast+0x10/0x10 [ 632.246922][T12742] ? __phys_addr_symbol+0x30/0x80 [ 632.246977][T12742] ? __check_object_size+0x488/0x710 [ 632.247025][T12742] netlink_sendmsg+0x8b8/0xd70 [ 632.247074][T12742] ? __pfx_netlink_sendmsg+0x10/0x10 [ 632.247132][T12742] __sys_sendto+0x488/0x4f0 [ 632.247180][T12742] ? __pfx___sys_sendto+0x10/0x10 [ 632.247223][T12742] ? reacquire_held_locks+0x20b/0x4c0 [ 632.247266][T12742] ? do_user_addr_fault+0xdc7/0x13f0 [ 632.247358][T12742] __x64_sys_sendto+0xe0/0x1c0 [ 632.247404][T12742] ? do_syscall_64+0x91/0x250 [ 632.247463][T12742] ? lockdep_hardirqs_on+0x7c/0x110 [ 632.247508][T12742] do_syscall_64+0xcd/0x250 [ 632.247558][T12742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.247608][T12742] RIP: 0033:0x7fa141b8ebbc [ 632.247635][T12742] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 632.247668][T12742] RSP: 002b:00007fa13f9f4ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 632.247700][T12742] RAX: ffffffffffffffda RBX: 00007fa13f9f4fc0 RCX: 00007fa141b8ebbc [ 632.247723][T12742] RDX: 0000000000000024 RSI: 00007fa13f9f5010 RDI: 0000000000000005 [ 632.247744][T12742] RBP: 0000000000000000 R08: 00007fa13f9f4f14 R09: 000000000000000c [ 632.247764][T12742] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 632.247784][T12742] R13: 00007fa13f9f4f68 R14: 00007fa13f9f5010 R15: 0000000000000000 [ 632.247828][T12742] [ 632.860153][T12755] FAULT_INJECTION: forcing a failure. [ 632.860153][T12755] name failslab, interval 1, probability 0, space 0, times 0 [ 632.882388][T12755] CPU: 0 UID: 0 PID: 12755 Comm: syz.0.1848 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 632.882432][T12755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 632.882452][T12755] Call Trace: [ 632.882462][T12755] [ 632.882475][T12755] dump_stack_lvl+0x16c/0x1f0 [ 632.882526][T12755] should_fail_ex+0x497/0x5b0 [ 632.882562][T12755] ? fs_reclaim_acquire+0xae/0x150 [ 632.882618][T12755] should_failslab+0xc2/0x120 [ 632.882659][T12755] __kmalloc_cache_noprof+0x68/0x420 [ 632.882697][T12755] ? __xdp_rxq_info_reg+0x14f/0x260 [ 632.882750][T12755] alloc_netdev_mqs+0xdfe/0x13e0 [ 632.882808][T12755] ldisc_open+0x153/0x980 [ 632.882845][T12755] ? tty_set_ldisc+0x2a5/0x720 [ 632.882887][T12755] ? __pfx_ldisc_open+0x10/0x10 [ 632.882933][T12755] ? down_write+0x14e/0x200 [ 632.882989][T12755] ? __pfx_ldisc_open+0x10/0x10 [ 632.883024][T12755] tty_ldisc_open+0x9c/0x120 [ 632.883063][T12755] tty_set_ldisc+0x318/0x720 [ 632.883110][T12755] tty_ioctl+0xc22/0x1640 [ 632.883167][T12755] ? __pfx_tty_ioctl+0x10/0x10 [ 632.883223][T12755] ? __pfx_lock_release+0x10/0x10 [ 632.883264][T12755] ? trace_lock_acquire+0x14e/0x1f0 [ 632.883312][T12755] ? __fget_files+0x206/0x3a0 [ 632.883350][T12755] ? __pfx_tty_ioctl+0x10/0x10 [ 632.883398][T12755] __x64_sys_ioctl+0x190/0x200 [ 632.883449][T12755] do_syscall_64+0xcd/0x250 [ 632.883500][T12755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.883548][T12755] RIP: 0033:0x7fa141b8cd29 [ 632.883574][T12755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 632.883607][T12755] RSP: 002b:00007fa13f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 632.883638][T12755] RAX: ffffffffffffffda RBX: 00007fa141da5fa0 RCX: 00007fa141b8cd29 [ 632.883660][T12755] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000014 [ 632.883680][T12755] RBP: 00007fa13f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 632.883700][T12755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 632.883720][T12755] R13: 0000000000000000 R14: 00007fa141da5fa0 R15: 00007ffd45d6b298 [ 632.883762][T12755] [ 634.111916][T12747] can: request_module (can-proto-0) failed. [ 634.538213][ T9249] Bluetooth: hci1: Malformed HCI Event [ 634.814949][T12757] kexec: Could not allocate control_code_buffer [ 636.383112][T12803] mkiss: ax0: crc mode is auto. [ 636.677369][ T29] audit: type=1326 audit(1083.655:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12807 comm="syz.4.1858" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f42c0b8cd29 code=0x0 [ 637.377687][T12814] can: request_module (can-proto-0) failed. [ 637.670748][ T9249] Bluetooth: hci5: Malformed HCI Event [ 637.757640][T12825] FAULT_INJECTION: forcing a failure. [ 637.757640][T12825] name failslab, interval 1, probability 0, space 0, times 0 [ 637.784817][T12825] CPU: 0 UID: 0 PID: 12825 Comm: syz.2.1862 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 637.784868][T12825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 637.784890][T12825] Call Trace: [ 637.784901][T12825] [ 637.784914][T12825] dump_stack_lvl+0x16c/0x1f0 [ 637.784971][T12825] should_fail_ex+0x497/0x5b0 [ 637.785012][T12825] ? fs_reclaim_acquire+0xae/0x150 [ 637.785074][T12825] should_failslab+0xc2/0x120 [ 637.785117][T12825] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 637.785154][T12825] ? lockdep_init_map_type+0x16d/0x7d0 [ 637.785200][T12825] ? security_inode_alloc+0x3b/0x2b0 [ 637.785257][T12825] security_inode_alloc+0x3b/0x2b0 [ 637.785309][T12825] inode_init_always_gfp+0xce4/0x1030 [ 637.785351][T12825] alloc_inode+0x82/0x230 [ 637.785390][T12825] new_inode+0x22/0x210 [ 637.785434][T12825] shmem_get_inode+0x194/0xf00 [ 637.785478][T12825] ? __vm_enough_memory+0x184/0x3f0 [ 637.785522][T12825] __shmem_file_setup+0x16f/0x300 [ 637.785574][T12825] shmem_zero_setup+0x93/0x1b0 [ 637.785633][T12825] __mmap_region+0x2025/0x2760 [ 637.785695][T12825] ? __pfx___mmap_region+0x10/0x10 [ 637.785742][T12825] ? hlock_class+0x4e/0x130 [ 637.785798][T12825] ? mark_lock+0xb5/0xc60 [ 637.785849][T12825] ? __pfx___schedule+0x10/0x10 [ 637.785906][T12825] ? lock_acquire+0x2f/0xb0 [ 637.785948][T12825] ? schedule+0x1fd/0x350 [ 637.786038][T12825] ? cap_capable+0xb3/0x250 [ 637.786095][T12825] mmap_region+0x127/0x320 [ 637.786136][T12825] do_mmap+0xa09/0x1050 [ 637.786180][T12825] vm_mmap_pgoff+0x203/0x3a0 [ 637.786225][T12825] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 637.786268][T12825] ? __x64_sys_futex+0x1e1/0x4c0 [ 637.786304][T12825] ? __x64_sys_futex+0x1ea/0x4c0 [ 637.786346][T12825] ksys_mmap_pgoff+0x7d/0x5c0 [ 637.786403][T12825] ? rcu_is_watching+0x12/0xc0 [ 637.786458][T12825] __x64_sys_mmap+0x125/0x190 [ 637.786512][T12825] do_syscall_64+0xcd/0x250 [ 637.786567][T12825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.786619][T12825] RIP: 0033:0x7f101d78cd29 [ 637.786647][T12825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.786693][T12825] RSP: 002b:00007f101e625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 637.786726][T12825] RAX: ffffffffffffffda RBX: 00007f101d9a5fa0 RCX: 00007f101d78cd29 [ 637.786749][T12825] RDX: 00004000000000df RSI: 0000000000000001 RDI: 0000000000000000 [ 637.786770][T12825] RBP: 00007f101d80e2a0 R08: 0000000000000401 R09: 0000000000008000 [ 637.786792][T12825] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 637.786813][T12825] R13: 0000000000000000 R14: 00007f101d9a5fa0 R15: 00007ffc456e4428 [ 637.786854][T12825] [ 638.199026][T12830] warning: `syz.0.1865' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 >[ 639.998802][ T9249] Bluetooth: hci0: Malformed HCI Event [ 641.429987][ T9249] Bluetooth: hci5: Malformed HCI Event [ 642.262558][T12912] FAULT_INJECTION: forcing a failure. [ 642.262558][T12912] name failslab, interval 1, probability 0, space 0, times 0 [ 642.355833][T12912] CPU: 0 UID: 0 PID: 12912 Comm: syz.1.1885 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 642.355884][T12912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 642.355905][T12912] Call Trace: [ 642.355915][T12912] [ 642.355929][T12912] dump_stack_lvl+0x16c/0x1f0 [ 642.355983][T12912] should_fail_ex+0x497/0x5b0 [ 642.356022][T12912] ? fs_reclaim_acquire+0xae/0x150 [ 642.356080][T12912] should_failslab+0xc2/0x120 [ 642.356123][T12912] __kmalloc_cache_noprof+0x68/0x420 [ 642.356167][T12912] ? __pfx_snd_info_seq_show+0x10/0x10 [ 642.356207][T12912] single_open+0x4d/0x1f0 [ 642.356253][T12912] snd_info_text_entry_open+0x176/0x2b0 [ 642.356304][T12912] ? rcu_is_watching+0x12/0xc0 [ 642.356358][T12912] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 642.356405][T12912] ? __pfx_apparmor_file_open+0x10/0x10 [ 642.356460][T12912] ? proc_reg_open+0x21d/0x610 [ 642.356517][T12912] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 642.356563][T12912] proc_reg_open+0x286/0x610 [ 642.356622][T12912] do_dentry_open+0x735/0x1c40 [ 642.356656][T12912] ? __pfx_proc_reg_open+0x10/0x10 [ 642.356713][T12912] ? inode_permission+0xdd/0x5f0 [ 642.356763][T12912] vfs_open+0x82/0x3f0 [ 642.356802][T12912] ? may_open+0x1f2/0x400 [ 642.356852][T12912] path_openat+0x1e88/0x2d80 [ 642.356906][T12912] ? __pfx_path_openat+0x10/0x10 [ 642.356940][T12912] ? __pfx___lock_acquire+0x10/0x10 [ 642.356981][T12912] ? lock_acquire.part.0+0x11b/0x380 [ 642.357023][T12912] ? find_held_lock+0x2d/0x110 [ 642.357083][T12912] do_filp_open+0x20c/0x470 [ 642.357117][T12912] ? __pfx_do_filp_open+0x10/0x10 [ 642.357149][T12912] ? find_held_lock+0x2d/0x110 [ 642.357231][T12912] ? alloc_fd+0x41f/0x760 [ 642.357275][T12912] do_sys_openat2+0x17a/0x1e0 [ 642.357324][T12912] ? __pfx_do_sys_openat2+0x10/0x10 [ 642.357366][T12912] ? __pfx_lock_release+0x10/0x10 [ 642.357410][T12912] ? __pfx___might_resched+0x10/0x10 [ 642.357467][T12912] __x64_sys_openat+0x175/0x210 [ 642.357513][T12912] ? __pfx___x64_sys_openat+0x10/0x10 [ 642.357575][T12912] do_syscall_64+0xcd/0x250 [ 642.357627][T12912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.357676][T12912] RIP: 0033:0x7f2526f8cd29 [ 642.357703][T12912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 642.357736][T12912] RSP: 002b:00007f2527d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 642.357769][T12912] RAX: ffffffffffffffda RBX: 00007f25271a5fa0 RCX: 00007f2526f8cd29 [ 642.357792][T12912] RDX: 0000000000000c00 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 642.357815][T12912] RBP: 00007f252700e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 642.357836][T12912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 642.357857][T12912] R13: 0000000000000000 R14: 00007f25271a5fa0 R15: 00007ffcb357fce8 [ 642.357899][T12912] [ 642.848981][T12910] kexec: Could not allocate control_code_buffer [ 642.987450][T12911] raw_sendmsg: syz.0.1884 forgot to set AF_INET. Fix it! [ 643.227934][T12922] bond0: option all_slaves_active: invalid value () [ 644.073185][T12940] FAULT_INJECTION: forcing a failure. [ 644.073185][T12940] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 644.143030][T12940] CPU: 0 UID: 0 PID: 12940 Comm: syz.1.1891 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 644.143071][T12940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 644.143089][T12940] Call Trace: [ 644.143098][T12940] [ 644.143110][T12940] dump_stack_lvl+0x16c/0x1f0 [ 644.143157][T12940] should_fail_ex+0x497/0x5b0 [ 644.143198][T12940] _copy_from_user+0x2e/0xd0 [ 644.143242][T12940] ____sys_sendmsg+0x56e/0xb40 [ 644.143280][T12940] ? __pfx_____sys_sendmsg+0x10/0x10 [ 644.143313][T12940] ? __lock_acquire+0xcc5/0x3c40 [ 644.143377][T12940] ___sys_sendmsg+0x135/0x1e0 [ 644.143426][T12940] ? __pfx____sys_sendmsg+0x10/0x10 [ 644.143486][T12940] ? trace_lock_acquire+0x14e/0x1f0 [ 644.143543][T12940] __sys_sendmmsg+0x201/0x420 [ 644.143595][T12940] ? __pfx___sys_sendmmsg+0x10/0x10 [ 644.143656][T12940] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 644.143716][T12940] ? fput+0x67/0x440 [ 644.143754][T12940] ? ksys_write+0x1ba/0x250 [ 644.143804][T12940] ? __pfx_ksys_write+0x10/0x10 [ 644.143862][T12940] __x64_sys_sendmmsg+0x9c/0x100 [ 644.143909][T12940] ? lockdep_hardirqs_on+0x7c/0x110 [ 644.143949][T12940] do_syscall_64+0xcd/0x250 [ 644.143997][T12940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.144043][T12940] RIP: 0033:0x7f2526f8cd29 [ 644.144068][T12940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 644.144099][T12940] RSP: 002b:00007f2527d08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 644.144130][T12940] RAX: ffffffffffffffda RBX: 00007f25271a6160 RCX: 00007f2526f8cd29 [ 644.144151][T12940] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 644.144170][T12940] RBP: 00007f2527d08090 R08: 0000000000000000 R09: 0000000000000000 [ 644.144190][T12940] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 644.144209][T12940] R13: 0000000000000000 R14: 00007f25271a6160 R15: 00007ffcb357fce8 [ 644.144248][T12940] [ 645.514149][T12955] FAULT_INJECTION: forcing a failure. [ 645.514149][T12955] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 645.564612][T12955] CPU: 1 UID: 0 PID: 12955 Comm: syz.2.1895 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 645.564655][T12955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 645.564676][T12955] Call Trace: [ 645.564686][T12955] [ 645.564699][T12955] dump_stack_lvl+0x16c/0x1f0 [ 645.564748][T12955] should_fail_ex+0x497/0x5b0 [ 645.564790][T12955] _copy_to_user+0x32/0xd0 [ 645.564837][T12955] simple_read_from_buffer+0xd0/0x160 [ 645.564889][T12955] proc_fail_nth_read+0x198/0x270 [ 645.564935][T12955] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 645.564983][T12955] ? rw_verify_area+0xcf/0x680 [ 645.565038][T12955] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 645.565083][T12955] vfs_read+0x1df/0xbf0 [ 645.565134][T12955] ? __fget_files+0x1fc/0x3a0 [ 645.565167][T12955] ? __pfx___mutex_lock+0x10/0x10 [ 645.565213][T12955] ? __pfx_vfs_read+0x10/0x10 [ 645.565275][T12955] ? __fget_files+0x206/0x3a0 [ 645.565317][T12955] ksys_read+0x12b/0x250 [ 645.565367][T12955] ? __pfx_ksys_read+0x10/0x10 [ 645.565429][T12955] do_syscall_64+0xcd/0x250 [ 645.565478][T12955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.565524][T12955] RIP: 0033:0x7f101d78b73c [ 645.565550][T12955] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 645.565582][T12955] RSP: 002b:00007f101e625030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 645.565611][T12955] RAX: ffffffffffffffda RBX: 00007f101d9a5fa0 RCX: 00007f101d78b73c [ 645.565631][T12955] RDX: 000000000000000f RSI: 00007f101e6250a0 RDI: 0000000000000004 [ 645.565651][T12955] RBP: 00007f101e625090 R08: 0000000000000000 R09: 0000000000000000 [ 645.565670][T12955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 645.565690][T12955] R13: 0000000000000000 R14: 00007f101d9a5fa0 R15: 00007ffc456e4428 [ 645.565730][T12955] [ 646.611583][T12975] netlink: 'syz.4.1903': attribute type 21 has an invalid length. [ 646.642548][T12975] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1903'. [ 647.577799][T12992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1907'. [ 647.949352][T13005] FAULT_INJECTION: forcing a failure. [ 647.949352][T13005] name failslab, interval 1, probability 0, space 0, times 0 [ 648.015034][T13005] CPU: 0 UID: 0 PID: 13005 Comm: syz.2.1909 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 648.015081][T13005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 648.015100][T13005] Call Trace: [ 648.015110][T13005] [ 648.015122][T13005] dump_stack_lvl+0x16c/0x1f0 [ 648.015173][T13005] should_fail_ex+0x497/0x5b0 [ 648.015209][T13005] ? fs_reclaim_acquire+0xae/0x150 [ 648.015264][T13005] should_failslab+0xc2/0x120 [ 648.015304][T13005] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 648.015342][T13005] ? get_random_u64+0x57e/0x7d0 [ 648.015374][T13005] ? prepare_creds+0x2e/0x750 [ 648.015419][T13005] prepare_creds+0x2e/0x750 [ 648.015450][T13005] ? __pfx_get_random_u64+0x10/0x10 [ 648.015486][T13005] copy_creds+0xa7/0xa50 [ 648.015526][T13005] copy_process+0xeff/0x6f20 [ 648.015576][T13005] ? get_pid_task+0xfc/0x250 [ 648.015608][T13005] ? __pfx_lock_release+0x10/0x10 [ 648.015656][T13005] ? __pfx_copy_process+0x10/0x10 [ 648.015717][T13005] ? find_held_lock+0x2d/0x110 [ 648.015776][T13005] kernel_clone+0xfd/0x960 [ 648.015824][T13005] ? __pfx_kernel_clone+0x10/0x10 [ 648.015890][T13005] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 648.015945][T13005] __do_sys_clone+0xba/0x100 [ 648.015994][T13005] ? __pfx___do_sys_clone+0x10/0x10 [ 648.016071][T13005] do_syscall_64+0xcd/0x250 [ 648.016121][T13005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.016168][T13005] RIP: 0033:0x7f101d78cd29 [ 648.016194][T13005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.016227][T13005] RSP: 002b:00007f101e604038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 648.016258][T13005] RAX: ffffffffffffffda RBX: 00007f101d9a6080 RCX: 00007f101d78cd29 [ 648.016281][T13005] RDX: 0000000000000000 RSI: 0000000000000352 RDI: 0000000000000007 [ 648.016301][T13005] RBP: 00007f101e604090 R08: 0000000000000004 R09: 0000000000000000 [ 648.016321][T13005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 648.016342][T13005] R13: 0000000000000000 R14: 00007f101d9a6080 R15: 00007ffc456e4428 [ 648.016383][T13005] [ 648.475162][ C1] vkms_vblank_simulate: vblank timer overrun [ 648.725648][T13025] FAULT_INJECTION: forcing a failure. [ 648.725648][T13025] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 648.842729][T13025] CPU: 1 UID: 0 PID: 13025 Comm: syz.4.1913 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 648.842774][T13025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 648.842794][T13025] Call Trace: [ 648.842817][T13025] [ 648.842829][T13025] dump_stack_lvl+0x16c/0x1f0 [ 648.842878][T13025] should_fail_ex+0x497/0x5b0 [ 648.842919][T13025] _copy_from_user+0x2e/0xd0 [ 648.842964][T13025] force_devcd_write+0x102/0x350 [ 648.842997][T13025] ? __pfx_force_devcd_write+0x10/0x10 [ 648.843048][T13025] ? __debugfs_file_get+0x43d/0x5d0 [ 648.843100][T13025] ? rcu_is_watching+0x12/0xc0 [ 648.843151][T13025] ? trace_lock_acquire+0x14e/0x1f0 [ 648.843191][T13025] full_proxy_write+0xfd/0x1b0 [ 648.843241][T13025] ? __pfx_full_proxy_write+0x10/0x10 [ 648.843287][T13025] vfs_write+0x24c/0x1150 [ 648.843342][T13025] ? __fget_files+0x1fc/0x3a0 [ 648.843374][T13025] ? __pfx___mutex_lock+0x10/0x10 [ 648.843420][T13025] ? __pfx_vfs_write+0x10/0x10 [ 648.843484][T13025] ? __fget_files+0x206/0x3a0 [ 648.843528][T13025] ksys_write+0x12b/0x250 [ 648.843580][T13025] ? __pfx_ksys_write+0x10/0x10 [ 648.843653][T13025] do_syscall_64+0xcd/0x250 [ 648.843704][T13025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.843751][T13025] RIP: 0033:0x7f42c0b8cd29 [ 648.843777][T13025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.843809][T13025] RSP: 002b:00007f42c1a9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 648.843838][T13025] RAX: ffffffffffffffda RBX: 00007f42c0da6080 RCX: 00007f42c0b8cd29 [ 648.843858][T13025] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 648.843876][T13025] RBP: 00007f42c1a9d090 R08: 0000000000000000 R09: 0000000000000000 [ 648.843895][T13025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 648.843912][T13025] R13: 0000000000000000 R14: 00007f42c0da6080 R15: 00007ffdadea4fb8 [ 648.843952][T13025] [ 649.040360][ C1] vkms_vblank_simulate: vblank timer overrun >[ 650.230155][T13046] can: request_module (can-proto-0) failed. [ 651.801042][T13076] bond0: option all_slaves_active: invalid value () [ 652.595584][T13081] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1928'. [ 652.649685][T13081] ovs_: entered promiscuous mode >[ 654.421904][T13109] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1938'. [ 654.457332][T13109] macvlan1: entered promiscuous mode [ 658.326434][T13144] svc: failed to register nfsdv3 RPC service (errno 111). [ 658.430417][T13144] svc: failed to register nfsaclv3 RPC service (errno 512). [ 658.700891][T13174] ptrace attach of "./syz-executor exec"[9257] was attempted by "./syz-executor exec"[13174] [ 659.124975][T13180] bond0: option all_slaves_active: invalid value () [ 659.170067][ T9550] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 659.537125][T13187] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1958'. [ 659.591247][T13187] ovs_: entered promiscuous mode [ 660.562337][T13205] [U]  [ 660.565699][T13205] [U] [ 660.568465][T13205] [U] [ 660.571222][T13205] [U] [ 660.579615][T13205] [U] [ 660.582427][T13205] [U] [ 660.585277][T13205] [U] [ 660.588039][T13205] [U] [ 660.639738][T13205] [U] [ 660.642558][T13205] [U] [ 660.645325][T13205] [U] [ 660.648063][T13205] [U] [ 660.689653][T13205] [U] [ 660.692474][T13205] [U] [ 660.695243][T13205] [U] [ 660.698007][T13205] [U] [ 660.734137][T13205] [U] [ 660.736945][T13205] [U] [ 660.739712][T13205] [U] [ 660.790267][T13201] [U] [ 662.817190][T13220] FAULT_INJECTION: forcing a failure. [ 662.817190][T13220] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 662.831209][T13220] CPU: 1 UID: 0 PID: 13220 Comm: syz.0.1966 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 662.831250][T13220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 662.831269][T13220] Call Trace: [ 662.831279][T13220] [ 662.831292][T13220] dump_stack_lvl+0x16c/0x1f0 [ 662.831340][T13220] should_fail_ex+0x497/0x5b0 [ 662.831378][T13220] ? fs_reclaim_acquire+0xae/0x150 [ 662.831432][T13220] should_fail_alloc_page+0xe7/0x130 [ 662.831476][T13220] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 662.831530][T13220] ? __pfx_mark_lock+0x10/0x10 [ 662.831568][T13220] ? hlock_class+0x4e/0x130 [ 662.831634][T13220] __alloc_pages_noprof+0x18e/0x2470 [ 662.831675][T13220] ? __lock_acquire+0xcc5/0x3c40 [ 662.831716][T13220] ? hlock_class+0x4e/0x130 [ 662.831766][T13220] ? mark_lock+0xb5/0xc60 [ 662.831810][T13220] ? __pfx_mark_lock+0x10/0x10 [ 662.831849][T13220] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 662.831896][T13220] ? hlock_class+0x4e/0x130 [ 662.831951][T13220] ? hlock_class+0x4e/0x130 [ 662.832002][T13220] ? mark_lock+0xb5/0xc60 [ 662.832040][T13220] ? __pfx_mark_lock+0x10/0x10 [ 662.832081][T13220] ? hlock_class+0x4e/0x130 [ 662.832132][T13220] ? __lock_acquire+0xcc5/0x3c40 [ 662.832169][T13220] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 662.832217][T13220] ? policy_nodemask+0xea/0x4e0 [ 662.832262][T13220] alloc_pages_mpol_noprof+0x2c8/0x620 [ 662.832311][T13220] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 662.832358][T13220] ? hlock_class+0x4e/0x130 [ 662.832411][T13220] ? hlock_class+0x4e/0x130 [ 662.832470][T13220] folio_alloc_mpol_noprof+0x36/0xd0 [ 662.832528][T13220] vma_alloc_folio_noprof+0xee/0x1b0 [ 662.832582][T13220] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 662.832631][T13220] ? find_held_lock+0x2d/0x110 [ 662.832692][T13220] do_pte_missing+0x2017/0x3e00 [ 662.832745][T13220] __handle_mm_fault+0x1166/0x2c60 [ 662.832796][T13220] ? __pfx___handle_mm_fault+0x10/0x10 [ 662.832834][T13220] ? follow_page_pte+0x3c3/0x1b20 [ 662.832869][T13220] ? __pfx_lock_release+0x10/0x10 [ 662.832925][T13220] ? follow_page_pte+0x3f7/0x1b20 [ 662.832970][T13220] handle_mm_fault+0x3fa/0xaa0 [ 662.833016][T13220] __get_user_pages+0x8d9/0x3b50 [ 662.833061][T13220] ? __pfx_mt_find+0x10/0x10 [ 662.833110][T13220] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 662.833153][T13220] ? __pfx___get_user_pages+0x10/0x10 [ 662.833193][T13220] ? __mm_populate+0x21d/0x380 [ 662.833238][T13220] populate_vma_page_range+0x27f/0x3a0 [ 662.833280][T13220] ? __pfx_populate_vma_page_range+0x10/0x10 [ 662.833317][T13220] ? __pfx_find_vma_intersection+0x10/0x10 [ 662.833374][T13220] ? vm_mmap_pgoff+0x29b/0x3a0 [ 662.833415][T13220] __mm_populate+0x1d6/0x380 [ 662.833454][T13220] ? __pfx___mm_populate+0x10/0x10 [ 662.833496][T13220] ? up_write+0x1b2/0x520 [ 662.833545][T13220] vm_mmap_pgoff+0x2d3/0x3a0 [ 662.833590][T13220] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 662.833633][T13220] ? __x64_sys_futex+0x1e1/0x4c0 [ 662.833666][T13220] ? __x64_sys_futex+0x1ea/0x4c0 [ 662.833706][T13220] ksys_mmap_pgoff+0x7d/0x5c0 [ 662.833758][T13220] ? rcu_is_watching+0x12/0xc0 [ 662.833814][T13220] __x64_sys_mmap+0x125/0x190 [ 662.833865][T13220] do_syscall_64+0xcd/0x250 [ 662.833915][T13220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.833963][T13220] RIP: 0033:0x7fa141b8cd29 [ 662.833990][T13220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.834024][T13220] RSP: 002b:00007fa13f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 662.834054][T13220] RAX: ffffffffffffffda RBX: 00007fa141da5fa0 RCX: 00007fa141b8cd29 [ 662.834077][T13220] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 662.834097][T13220] RBP: 00007fa141c0e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 662.834117][T13220] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 662.834137][T13220] R13: 0000000000000000 R14: 00007fa141da5fa0 R15: 00007ffd45d6b298 [ 662.834178][T13220] [ 663.621531][T13224] ima: policy update failed [ 663.636717][ T29] audit: type=1802 audit(1110.618:6): pid=13224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1968" res=0 errno=0 [ 664.524722][T13219] ima: policy update failed [ 664.557412][ T29] audit: type=1802 audit(1111.529:7): pid=13219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1966" res=0 errno=0 [ 667.469385][T13287] FAULT_INJECTION: forcing a failure. [ 667.469385][T13287] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 667.525767][T13287] CPU: 1 UID: 0 PID: 13287 Comm: syz.2.1983 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 667.525809][T13287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 667.525828][T13287] Call Trace: [ 667.525837][T13287] [ 667.525849][T13287] dump_stack_lvl+0x16c/0x1f0 [ 667.525915][T13287] should_fail_ex+0x497/0x5b0 [ 667.525959][T13287] _copy_to_user+0x32/0xd0 [ 667.526004][T13287] simple_read_from_buffer+0xd0/0x160 [ 667.526055][T13287] proc_fail_nth_read+0x198/0x270 [ 667.526101][T13287] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 667.526148][T13287] ? rw_verify_area+0xcf/0x680 [ 667.526194][T13287] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 667.526238][T13287] vfs_read+0x1df/0xbf0 [ 667.526289][T13287] ? __fget_files+0x1fc/0x3a0 [ 667.526320][T13287] ? __pfx___mutex_lock+0x10/0x10 [ 667.526365][T13287] ? __pfx_vfs_read+0x10/0x10 [ 667.526427][T13287] ? __fget_files+0x206/0x3a0 [ 667.526469][T13287] ksys_read+0x12b/0x250 [ 667.526523][T13287] ? __pfx_ksys_read+0x10/0x10 [ 667.526585][T13287] do_syscall_64+0xcd/0x250 [ 667.526632][T13287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.526678][T13287] RIP: 0033:0x7f101d78b73c [ 667.526703][T13287] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 667.526734][T13287] RSP: 002b:00007f101e604030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 667.526763][T13287] RAX: ffffffffffffffda RBX: 00007f101d9a6080 RCX: 00007f101d78b73c [ 667.526783][T13287] RDX: 000000000000000f RSI: 00007f101e6040a0 RDI: 0000000000000004 [ 667.526802][T13287] RBP: 00007f101e604090 R08: 0000000000000000 R09: 0000000000000000 [ 667.526822][T13287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.526840][T13287] R13: 0000000000000001 R14: 00007f101d9a6080 R15: 00007ffc456e4428 [ 667.526880][T13287] [ 667.694103][T13275] svc: failed to register nfsdv3 RPC service (errno 111). [ 667.787024][T13275] svc: failed to register nfsaclv3 RPC service (errno 111). [ 668.092750][T13292] ICMPv6: process `syz.2.1984' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0.base_reachable_time - use net.ipv6.neigh.veth0.base_reachable_time_ms instead [ 668.094660][T13278] svc: failed to register nfsdv3 RPC service (errno 512). [ 668.131786][ T29] audit: type=1800 audit(1115.120:8): pid=13292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1984" name="features" dev="configfs" ino=39385 res=0 errno=0 [ 668.135867][T13278] svc: failed to register nfsaclv3 RPC service (errno 512). >[ 669.325077][ T9550] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 669.404879][T11040] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 669.754722][T13314] bond0: option all_slaves_active: invalid value () [ 669.802236][T13308] delete_channel: no stack [ 670.026893][T13322] FAULT_INJECTION: forcing a failure. [ 670.026893][T13322] name failslab, interval 1, probability 0, space 0, times 0 [ 670.044534][T13322] CPU: 0 UID: 0 PID: 13322 Comm: syz.0.1993 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 670.044575][T13322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 670.044595][T13322] Call Trace: [ 670.044604][T13322] [ 670.044617][T13322] dump_stack_lvl+0x16c/0x1f0 [ 670.044666][T13322] should_fail_ex+0x497/0x5b0 [ 670.044702][T13322] ? fs_reclaim_acquire+0xae/0x150 [ 670.044756][T13322] should_failslab+0xc2/0x120 [ 670.044795][T13322] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 670.044832][T13322] ? mas_alloc_nodes+0x18b/0x880 [ 670.044878][T13322] mas_alloc_nodes+0x18b/0x880 [ 670.044926][T13322] mas_node_count_gfp+0x105/0x130 [ 670.044977][T13322] mas_preallocate+0x53f/0xce0 [ 670.045031][T13322] ? __pfx_mas_preallocate+0x10/0x10 [ 670.045100][T13322] ? anon_vma_name+0x75/0x100 [ 670.045148][T13322] __split_vma+0x474/0x1210 [ 670.045192][T13322] ? __pfx___split_vma+0x10/0x10 [ 670.045238][T13322] ? hlock_class+0x4e/0x130 [ 670.045297][T13322] vms_gather_munmap_vmas+0x1c3/0x1730 [ 670.045348][T13322] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 670.045392][T13322] ? mas_walk+0x6a6/0x910 [ 670.045447][T13322] __mmap_region+0x32c/0x2760 [ 670.045494][T13322] ? __pfx___mmap_region+0x10/0x10 [ 670.045534][T13322] ? hlock_class+0x4e/0x130 [ 670.045584][T13322] ? mark_lock+0xb5/0xc60 [ 670.045635][T13322] ? hlock_class+0x4e/0x130 [ 670.045685][T13322] ? __pfx___lock_acquire+0x10/0x10 [ 670.045796][T13322] mmap_region+0x127/0x320 [ 670.045835][T13322] do_mmap+0xa09/0x1050 [ 670.045874][T13322] vm_mmap_pgoff+0x203/0x3a0 [ 670.045917][T13322] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 670.045963][T13322] ? __fget_files+0x206/0x3a0 [ 670.046001][T13322] ksys_mmap_pgoff+0x32c/0x5c0 [ 670.046055][T13322] ? __pfx_ksys_write+0x10/0x10 [ 670.046112][T13322] __x64_sys_mmap+0x125/0x190 [ 670.046164][T13322] do_syscall_64+0xcd/0x250 [ 670.046212][T13322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.046258][T13322] RIP: 0033:0x7fa141b8cd29 [ 670.046284][T13322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.046317][T13322] RSP: 002b:00007fa13f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 670.046347][T13322] RAX: ffffffffffffffda RBX: 00007fa141da5fa0 RCX: 00007fa141b8cd29 [ 670.046368][T13322] RDX: 0000000000000009 RSI: 0000000000001000 RDI: 0000000020ffe000 [ 670.046389][T13322] RBP: 00007fa13f9f6090 R08: 0000000000000003 R09: 0000000000004000 [ 670.046409][T13322] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 670.046428][T13322] R13: 0000000000000000 R14: 00007fa141da5fa0 R15: 00007ffd45d6b298 [ 670.046468][T13322] [ 670.425365][T13326] FAULT_INJECTION: forcing a failure. [ 670.425365][T13326] name failslab, interval 1, probability 0, space 0, times 0 [ 670.453902][T13326] CPU: 0 UID: 0 PID: 13326 Comm: syz.4.1995 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 670.453945][T13326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 670.453963][T13326] Call Trace: [ 670.453972][T13326] [ 670.453985][T13326] dump_stack_lvl+0x16c/0x1f0 [ 670.454032][T13326] should_fail_ex+0x497/0x5b0 [ 670.454065][T13326] ? fs_reclaim_acquire+0xae/0x150 [ 670.454118][T13326] should_failslab+0xc2/0x120 [ 670.454159][T13326] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 670.454200][T13326] ? getname_flags.part.0+0x4c/0x550 [ 670.454245][T13326] getname_flags.part.0+0x4c/0x550 [ 670.454289][T13326] getname_flags+0x93/0xf0 [ 670.454339][T13326] user_path_at+0x24/0x60 [ 670.454369][T13326] do_fchownat+0xfa/0x200 [ 670.454408][T13326] ? __pfx_do_fchownat+0x10/0x10 [ 670.454444][T13326] ? ksys_write+0x1ba/0x250 [ 670.454494][T13326] ? __pfx_ksys_write+0x10/0x10 [ 670.454554][T13326] __x64_sys_lchown+0x7e/0xc0 [ 670.454591][T13326] ? lockdep_hardirqs_on+0x7c/0x110 [ 670.454632][T13326] do_syscall_64+0xcd/0x250 [ 670.454678][T13326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.454724][T13326] RIP: 0033:0x7f42c0b8cd29 [ 670.454749][T13326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.454781][T13326] RSP: 002b:00007f42c1abe038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e [ 670.454810][T13326] RAX: ffffffffffffffda RBX: 00007f42c0da5fa0 RCX: 00007f42c0b8cd29 [ 670.454832][T13326] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000200 [ 670.454851][T13326] RBP: 00007f42c1abe090 R08: 0000000000000000 R09: 0000000000000000 [ 670.454870][T13326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 670.454889][T13326] R13: 0000000000000000 R14: 00007f42c0da5fa0 R15: 00007ffdadea4fb8 [ 670.454939][T13326] [ 670.664557][T13323] bond0: option all_slaves_active: invalid value () [ 670.841300][T13329] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1996'. [ 671.009472][T13334] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1997'. [ 671.815897][T13342] svc: failed to register nfsdv3 RPC service (errno 101). [ 671.856256][T13351] bond0: option all_slaves_active: invalid value () [ 671.858864][T13342] svc: failed to register nfsaclv3 RPC service (errno 101). [ 671.875324][T13362] bond0: option all_slaves_active: invalid value () [ 673.466754][T13396] bond0: option all_slaves_active: invalid value () [ 673.870919][T13406] bond0: option all_slaves_active: invalid value () [ 674.991866][T13420] svc: failed to register nfsdv3 RPC service (errno 101). [ 675.049627][T13420] svc: failed to register nfsaclv3 RPC service (errno 101). [ 675.559398][T13443] Process accounting resumed syzkaller syzkaller login: [ 677.081095][T11040] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 677.219968][ T29] audit: type=1807 audit(1124.215:9): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 677.231153][T13476] ima: policy update failed [ 677.270902][ T29] audit: type=1802 audit(1124.225:10): pid=13479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.2038" res=0 errno=0 [ 677.342208][ T29] audit: type=1802 audit(1124.235:11): pid=13476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2038" res=0 errno=0 syzkaller syzkaller login: [ 677.899213][T13495] FAULT_INJECTION: forcing a failure. [ 677.899213][T13495] name failslab, interval 1, probability 0, space 0, times 0 [ 677.924498][T13495] CPU: 0 UID: 0 PID: 13495 Comm: syz.0.2044 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 677.924549][T13495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 677.924571][T13495] Call Trace: [ 677.924582][T13495] [ 677.924596][T13495] dump_stack_lvl+0x16c/0x1f0 [ 677.924649][T13495] should_fail_ex+0x497/0x5b0 [ 677.924687][T13495] ? fs_reclaim_acquire+0xae/0x150 [ 677.924744][T13495] should_failslab+0xc2/0x120 [ 677.924785][T13495] __kmalloc_noprof+0xce/0x4f0 [ 677.924821][T13495] ? __pfx_genl_release+0x10/0x10 [ 677.924866][T13495] ? __pfx_netlink_tap_init_net+0x10/0x10 [ 677.924901][T13495] ? ops_init+0x77/0x5f0 [ 677.924958][T13495] ops_init+0x77/0x5f0 [ 677.925012][T13495] setup_net+0x21f/0x860 [ 677.925081][T13495] ? __pfx_setup_net+0x10/0x10 [ 677.925130][T13495] ? down_read_killable+0xcc/0x380 [ 677.925182][T13495] ? __pfx_down_read_killable+0x10/0x10 [ 677.925238][T13495] ? debug_mutex_init+0x37/0x70 [ 677.925296][T13495] copy_net_ns+0x2b4/0x6c0 [ 677.925334][T13495] create_new_namespaces+0x3ea/0xad0 [ 677.925397][T13495] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 677.925451][T13495] ksys_unshare+0x45d/0xa40 [ 677.925506][T13495] ? __pfx_ksys_unshare+0x10/0x10 [ 677.925557][T13495] ? xfd_validate_state+0x5d/0x180 [ 677.925616][T13495] __x64_sys_unshare+0x31/0x40 [ 677.925668][T13495] do_syscall_64+0xcd/0x250 [ 677.925717][T13495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.925765][T13495] RIP: 0033:0x7fa141b8cd29 [ 677.925791][T13495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 677.925824][T13495] RSP: 002b:00007fa13f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 677.925857][T13495] RAX: ffffffffffffffda RBX: 00007fa141da5fa0 RCX: 00007fa141b8cd29 [ 677.925880][T13495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 677.925900][T13495] RBP: 00007fa141c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 677.925922][T13495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.925941][T13495] R13: 0000000000000000 R14: 00007fa141da5fa0 R15: 00007ffd45d6b298 [ 677.925983][T13495] [ 678.894632][T13514] FAULT_INJECTION: forcing a failure. [ 678.894632][T13514] name failslab, interval 1, probability 0, space 0, times 0 [ 678.935220][T13514] CPU: 1 UID: 0 PID: 13514 Comm: syz.4.2048 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 678.935267][T13514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 678.935288][T13514] Call Trace: [ 678.935297][T13514] [ 678.935310][T13514] dump_stack_lvl+0x16c/0x1f0 [ 678.935362][T13514] should_fail_ex+0x497/0x5b0 [ 678.935398][T13514] ? fs_reclaim_acquire+0xae/0x150 [ 678.935454][T13514] should_failslab+0xc2/0x120 [ 678.935496][T13514] __kmalloc_noprof+0xce/0x4f0 [ 678.935530][T13514] ? d_absolute_path+0x137/0x1b0 [ 678.935571][T13514] ? tomoyo_encode2+0x100/0x3e0 [ 678.935610][T13514] tomoyo_encode2+0x100/0x3e0 [ 678.935649][T13514] tomoyo_realpath_from_path+0x1a7/0x710 [ 678.935696][T13514] tomoyo_path_number_perm+0x248/0x5b0 [ 678.935745][T13514] ? tomoyo_path_number_perm+0x235/0x5b0 [ 678.935799][T13514] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 678.935886][T13514] ? __pfx_lock_release+0x10/0x10 [ 678.935933][T13514] ? trace_lock_acquire+0x14e/0x1f0 [ 678.935970][T13514] ? lock_acquire+0x2f/0xb0 [ 678.936008][T13514] ? __fget_files+0x40/0x3a0 [ 678.936045][T13514] ? __fget_files+0x206/0x3a0 [ 678.936082][T13514] security_file_ioctl+0x9b/0x240 [ 678.936137][T13514] __x64_sys_ioctl+0xb7/0x200 [ 678.936187][T13514] do_syscall_64+0xcd/0x250 [ 678.936237][T13514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.936284][T13514] RIP: 0033:0x7f42c0b8cd29 [ 678.936309][T13514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 678.936342][T13514] RSP: 002b:00007f42c1a9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 678.936372][T13514] RAX: ffffffffffffffda RBX: 00007f42c0da6080 RCX: 00007f42c0b8cd29 [ 678.936394][T13514] RDX: 0000000000000000 RSI: 00000000c02063a0 RDI: 0000000000000004 [ 678.936414][T13514] RBP: 00007f42c1a9d090 R08: 0000000000000000 R09: 0000000000000000 [ 678.936434][T13514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 678.936453][T13514] R13: 0000000000000000 R14: 00007f42c0da6080 R15: 00007ffdadea4fb8 [ 678.936494][T13514] [ 678.936516][T13514] ERROR: Out of memory at tomoyo_realpath_from_path. syzkaller syzkaller login: [ 679.785863][T13518] svc: failed to register nfsdv3 RPC service (errno 111). [ 679.795409][T13518] svc: failed to register nfsaclv3 RPC service (errno 111). [ 679.898516][T13529] FAULT_INJECTION: forcing a failure. [ 679.898516][T13529] name failslab, interval 1, probability 0, space 0, times 0 [ 679.979632][T13529] CPU: 1 UID: 0 PID: 13529 Comm: syz.0.2053 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 679.979682][T13529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 679.979703][T13529] Call Trace: [ 679.979714][T13529] [ 679.979736][T13529] dump_stack_lvl+0x16c/0x1f0 [ 679.979792][T13529] should_fail_ex+0x497/0x5b0 [ 679.979831][T13529] ? fs_reclaim_acquire+0xae/0x150 [ 679.979892][T13529] should_failslab+0xc2/0x120 [ 679.979937][T13529] __kmalloc_cache_noprof+0x68/0x420 [ 679.979977][T13529] ? __pfx_nexthop_net_init+0x10/0x10 [ 679.980027][T13529] nexthop_net_init+0x73/0x140 [ 679.980072][T13529] ? tcf_net_init+0x55/0x150 [ 679.980107][T13529] ops_init+0x1df/0x5f0 [ 679.980166][T13529] setup_net+0x21f/0x860 [ 679.980223][T13529] ? __pfx_setup_net+0x10/0x10 [ 679.980276][T13529] ? down_read_killable+0xcc/0x380 [ 679.980337][T13529] ? __pfx_down_read_killable+0x10/0x10 [ 679.980394][T13529] ? debug_mutex_init+0x37/0x70 [ 679.980453][T13529] copy_net_ns+0x2b4/0x6c0 [ 679.980491][T13529] create_new_namespaces+0x3ea/0xad0 [ 679.980552][T13529] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 679.980607][T13529] ksys_unshare+0x45d/0xa40 [ 679.980662][T13529] ? __pfx_ksys_unshare+0x10/0x10 [ 679.980714][T13529] ? xfd_validate_state+0x5d/0x180 [ 679.980786][T13529] __x64_sys_unshare+0x31/0x40 [ 679.980841][T13529] do_syscall_64+0xcd/0x250 [ 679.980893][T13529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.980944][T13529] RIP: 0033:0x7fa141b8cd29 [ 679.980973][T13529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 679.981008][T13529] RSP: 002b:00007fa13f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 679.981042][T13529] RAX: ffffffffffffffda RBX: 00007fa141da5fa0 RCX: 00007fa141b8cd29 [ 679.981066][T13529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 679.981087][T13529] RBP: 00007fa141c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 679.981109][T13529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 679.981130][T13529] R13: 0000000000000000 R14: 00007fa141da5fa0 R15: 00007ffd45d6b298 [ 679.981174][T13529] [ 681.863226][T13557] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2062'. syzkaller syzkaller login: [ 682.279004][T11040] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 682.992998][T13557] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 683.050737][T13557] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 683.088284][T13557] bond0 (unregistering): Released all slaves syzkaller syzkaller login: [ 684.368055][T13589] FAULT_INJECTION: forcing a failure. [ 684.368055][T13589] name failslab, interval 1, probability 0, space 0, times 0 [ 684.431977][T13589] CPU: 1 UID: 0 PID: 13589 Comm: syz.0.2069 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 684.432023][T13589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 684.432044][T13589] Call Trace: [ 684.432054][T13589] [ 684.432067][T13589] dump_stack_lvl+0x16c/0x1f0 [ 684.432116][T13589] should_fail_ex+0x497/0x5b0 [ 684.432156][T13589] ? fs_reclaim_acquire+0xae/0x150 [ 684.432211][T13589] should_failslab+0xc2/0x120 [ 684.432253][T13589] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 684.432292][T13589] ? vm_area_dup+0x53/0x300 [ 684.432352][T13589] vm_area_dup+0x53/0x300 [ 684.432396][T13589] __split_vma+0x181/0x1210 [ 684.432433][T13589] ? vma_merge_existing_range+0x931/0x1fa0 [ 684.432476][T13589] ? __pfx___split_vma+0x10/0x10 [ 684.432523][T13589] ? ima_file_mprotect+0x1c5/0x6a0 [ 684.432559][T13589] vma_modify.constprop.0+0x2ed/0x3b0 [ 684.432602][T13589] vma_modify_flags+0x209/0x2a0 [ 684.432643][T13589] ? __pfx_vma_modify_flags+0x10/0x10 [ 684.432703][T13589] ? may_expand_vm+0xe8/0x430 [ 684.432740][T13589] mprotect_fixup+0x2c2/0xbe0 [ 684.432785][T13589] ? __pfx_mprotect_fixup+0x10/0x10 [ 684.432837][T13589] do_mprotect_pkey+0x9b8/0xd30 [ 684.432889][T13589] ? __pfx_do_mprotect_pkey+0x10/0x10 [ 684.432946][T13589] ? __fget_files+0x206/0x3a0 [ 684.432994][T13589] ? __pfx_ksys_write+0x10/0x10 [ 684.433055][T13589] __x64_sys_mprotect+0x78/0xc0 [ 684.433094][T13589] ? lockdep_hardirqs_on+0x7c/0x110 [ 684.433138][T13589] do_syscall_64+0xcd/0x250 [ 684.433186][T13589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 684.433232][T13589] RIP: 0033:0x7fa141b8cd29 [ 684.433257][T13589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 684.433290][T13589] RSP: 002b:00007fa13f9b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a [ 684.433328][T13589] RAX: ffffffffffffffda RBX: 00007fa141da6160 RCX: 00007fa141b8cd29 [ 684.433347][T13589] RDX: 0000000000000006 RSI: 0000000000810002 RDI: 000000001ffff000 [ 684.433366][T13589] RBP: 00007fa13f9b4090 R08: 0000000000000000 R09: 0000000000000000 [ 684.433386][T13589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 684.433404][T13589] R13: 0000000000000001 R14: 00007fa141da6160 R15: 00007ffd45d6b298 [ 684.433443][T13589] [ 685.543659][ T29] audit: type=1800 audit(1132.549:12): pid=13607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2076" name="version" dev="configfs" ino=41320 res=0 errno=0 [ 685.560840][T13607] FAULT_INJECTION: forcing a failure. [ 685.560840][T13607] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 685.643175][T13607] CPU: 0 UID: 0 PID: 13607 Comm: syz.2.2076 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 685.643236][T13607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 685.643258][T13607] Call Trace: [ 685.643270][T13607] [ 685.643283][T13607] dump_stack_lvl+0x16c/0x1f0 [ 685.643337][T13607] should_fail_ex+0x497/0x5b0 [ 685.643377][T13607] ? fs_reclaim_acquire+0xae/0x150 [ 685.643434][T13607] should_fail_alloc_page+0xe7/0x130 [ 685.643480][T13607] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 685.643537][T13607] ? __pfx_mark_lock+0x10/0x10 [ 685.643576][T13607] ? hlock_class+0x4e/0x130 [ 685.643632][T13607] __alloc_pages_noprof+0x18e/0x2470 [ 685.643675][T13607] ? __lock_acquire+0xcc5/0x3c40 [ 685.643717][T13607] ? hlock_class+0x4e/0x130 [ 685.643770][T13607] ? mark_lock+0xb5/0xc60 [ 685.643814][T13607] ? __pfx_mark_lock+0x10/0x10 [ 685.643856][T13607] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 685.643904][T13607] ? hlock_class+0x4e/0x130 [ 685.643960][T13607] ? hlock_class+0x4e/0x130 [ 685.644013][T13607] ? mark_lock+0xb5/0xc60 [ 685.644051][T13607] ? __pfx_mark_lock+0x10/0x10 [ 685.644091][T13607] ? hlock_class+0x4e/0x130 [ 685.644144][T13607] ? __lock_acquire+0xcc5/0x3c40 [ 685.644182][T13607] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 685.644241][T13607] ? policy_nodemask+0xea/0x4e0 [ 685.644286][T13607] alloc_pages_mpol_noprof+0x2c8/0x620 [ 685.644337][T13607] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 685.644383][T13607] ? hlock_class+0x4e/0x130 [ 685.644438][T13607] ? hlock_class+0x4e/0x130 [ 685.644498][T13607] folio_alloc_mpol_noprof+0x36/0xd0 [ 685.644548][T13607] vma_alloc_folio_noprof+0xee/0x1b0 [ 685.644596][T13607] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 685.644645][T13607] ? find_held_lock+0x2d/0x110 [ 685.644706][T13607] do_pte_missing+0x2017/0x3e00 [ 685.644758][T13607] __handle_mm_fault+0x1166/0x2c60 [ 685.644807][T13607] ? __pfx___handle_mm_fault+0x10/0x10 [ 685.644846][T13607] ? follow_page_pte+0x3c3/0x1b20 [ 685.644879][T13607] ? __pfx_lock_release+0x10/0x10 [ 685.644937][T13607] ? follow_page_pte+0x3f7/0x1b20 [ 685.644980][T13607] handle_mm_fault+0x3fa/0xaa0 [ 685.645025][T13607] __get_user_pages+0x8d9/0x3b50 [ 685.645078][T13607] ? __pfx_mt_find+0x10/0x10 [ 685.645130][T13607] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 685.645173][T13607] ? __pfx___get_user_pages+0x10/0x10 [ 685.645222][T13607] ? __mm_populate+0x21d/0x380 [ 685.645267][T13607] populate_vma_page_range+0x27f/0x3a0 [ 685.645306][T13607] ? __pfx_populate_vma_page_range+0x10/0x10 [ 685.645344][T13607] ? __pfx_find_vma_intersection+0x10/0x10 [ 685.645401][T13607] ? vm_mmap_pgoff+0x29b/0x3a0 [ 685.645443][T13607] __mm_populate+0x1d6/0x380 [ 685.645480][T13607] ? __pfx___mm_populate+0x10/0x10 [ 685.645521][T13607] ? up_write+0x1b2/0x520 [ 685.645570][T13607] vm_mmap_pgoff+0x2d3/0x3a0 [ 685.645610][T13607] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 685.645653][T13607] ? __x64_sys_futex+0x1e1/0x4c0 [ 685.645686][T13607] ? __x64_sys_futex+0x1ea/0x4c0 [ 685.645726][T13607] ksys_mmap_pgoff+0x7d/0x5c0 [ 685.645780][T13607] ? rcu_is_watching+0x12/0xc0 [ 685.645836][T13607] __x64_sys_mmap+0x125/0x190 [ 685.645887][T13607] do_syscall_64+0xcd/0x250 [ 685.645936][T13607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.645984][T13607] RIP: 0033:0x7f101d78cd29 [ 685.646010][T13607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.646043][T13607] RSP: 002b:00007f101e625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 685.646075][T13607] RAX: ffffffffffffffda RBX: 00007f101d9a5fa0 RCX: 00007f101d78cd29 [ 685.646098][T13607] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 685.646119][T13607] RBP: 00007f101d80e2a0 R08: 0000000000000007 R09: 0000000000028000 [ 685.646140][T13607] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 685.646161][T13607] R13: 0000000000000000 R14: 00007f101d9a5fa0 R15: 00007ffc456e4428 [ 685.646214][T13607] [ 686.447363][T13596] svc: failed to register nfsdv3 RPC service (errno 101). [ 686.554647][T13596] svc: failed to register nfsaclv3 RPC service (errno 512). >[ 687.146409][T13628] FAULT_INJECTION: forcing a failure. [ 687.146409][T13628] name failslab, interval 1, probability 0, space 0, times 0 [ 687.223798][T13628] CPU: 0 UID: 0 PID: 13628 Comm: syz.2.2082 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 687.223843][T13628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 687.223862][T13628] Call Trace: [ 687.223871][T13628] [ 687.223884][T13628] dump_stack_lvl+0x16c/0x1f0 [ 687.223934][T13628] should_fail_ex+0x497/0x5b0 [ 687.223970][T13628] ? fs_reclaim_acquire+0xae/0x150 [ 687.224024][T13628] should_failslab+0xc2/0x120 [ 687.224072][T13628] __kmalloc_noprof+0xce/0x4f0 [ 687.224109][T13628] ? tomoyo_encode2+0x100/0x3e0 [ 687.224149][T13628] tomoyo_encode2+0x100/0x3e0 [ 687.224187][T13628] tomoyo_realpath_from_path+0x1a7/0x710 [ 687.224226][T13628] ? tomoyo_path_number_perm+0x235/0x5b0 [ 687.224281][T13628] tomoyo_path_number_perm+0x248/0x5b0 [ 687.224330][T13628] ? tomoyo_path_number_perm+0x235/0x5b0 [ 687.224383][T13628] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 687.224470][T13628] ? __pfx_lock_release+0x10/0x10 [ 687.224510][T13628] ? trace_lock_acquire+0x14e/0x1f0 [ 687.224548][T13628] ? lock_acquire+0x2f/0xb0 [ 687.224585][T13628] ? __fget_files+0x40/0x3a0 [ 687.224621][T13628] ? __fget_files+0x206/0x3a0 [ 687.224658][T13628] security_file_ioctl+0x9b/0x240 [ 687.224712][T13628] __x64_sys_ioctl+0xb7/0x200 [ 687.224762][T13628] do_syscall_64+0xcd/0x250 [ 687.224810][T13628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.224856][T13628] RIP: 0033:0x7f101d78cd29 [ 687.224882][T13628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.224914][T13628] RSP: 002b:00007f101e625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 687.224943][T13628] RAX: ffffffffffffffda RBX: 00007f101d9a5fa0 RCX: 00007f101d78cd29 [ 687.224964][T13628] RDX: 000000002000c380 RSI: 00000000c0606610 RDI: 0000000000000003 [ 687.224984][T13628] RBP: 00007f101e625090 R08: 0000000000000000 R09: 0000000000000000 [ 687.225004][T13628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 687.225023][T13628] R13: 0000000000000000 R14: 00007f101d9a5fa0 R15: 00007ffc456e4428 [ 687.225070][T13628] [ 687.225092][T13628] ERROR: Out of memory at tomoyo_realpath_from_path. [ 687.613902][T13634] netlink: 'syz.2.2084': attribute type 1 has an invalid length. [ 688.135480][T11040] Bluetooth: hci3: Opcode 0x0c03 failed: -110 >[ 688.479764][T11040] Bluetooth: hci0: SCO packet too small [ 688.724565][T13656] bond0: option all_slaves_active: invalid value () [ 689.126555][T13661] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2092'. [ 689.165473][T13661] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2092'. > syzkaller syzkaller login: >[ 690.482886][T13696] FAULT_INJECTION: forcing a failure. [ 690.482886][T13696] name failslab, interval 1, probability 0, space 0, times 0 [ 690.504121][T13696] CPU: 0 UID: 0 PID: 13696 Comm: syz.4.2100 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 690.504168][T13696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 690.504186][T13696] Call Trace: [ 690.504195][T13696] [ 690.504208][T13696] dump_stack_lvl+0x16c/0x1f0 [ 690.504257][T13696] should_fail_ex+0x497/0x5b0 [ 690.504293][T13696] ? fs_reclaim_acquire+0xae/0x150 [ 690.504344][T13696] should_failslab+0xc2/0x120 [ 690.504385][T13696] __kmalloc_noprof+0xce/0x4f0 [ 690.504421][T13696] ? tomoyo_encode2+0x100/0x3e0 [ 690.504460][T13696] tomoyo_encode2+0x100/0x3e0 [ 690.504497][T13696] tomoyo_realpath_from_path+0x1a7/0x710 [ 690.504535][T13696] ? tomoyo_path_number_perm+0x235/0x5b0 [ 690.504588][T13696] tomoyo_path_number_perm+0x248/0x5b0 [ 690.504634][T13696] ? tomoyo_path_number_perm+0x235/0x5b0 [ 690.504687][T13696] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 690.504789][T13696] ? __pfx_lock_release+0x10/0x10 [ 690.504828][T13696] ? trace_lock_acquire+0x14e/0x1f0 [ 690.504865][T13696] ? lock_acquire+0x2f/0xb0 [ 690.504901][T13696] ? __fget_files+0x40/0x3a0 [ 690.504938][T13696] ? __fget_files+0x206/0x3a0 [ 690.504974][T13696] security_file_ioctl+0x9b/0x240 [ 690.505027][T13696] __x64_sys_ioctl+0xb7/0x200 [ 690.505077][T13696] do_syscall_64+0xcd/0x250 [ 690.505125][T13696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.505171][T13696] RIP: 0033:0x7f42c0b8cd29 [ 690.505195][T13696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.505227][T13696] RSP: 002b:00007f42c1abe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 690.505259][T13696] RAX: ffffffffffffffda RBX: 00007f42c0da5fa0 RCX: 00007f42c0b8cd29 [ 690.505281][T13696] RDX: 0000000000000000 RSI: 00000000c0606610 RDI: 0000000000000003 [ 690.505301][T13696] RBP: 00007f42c1abe090 R08: 0000000000000000 R09: 0000000000000000 [ 690.505322][T13696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 690.505342][T13696] R13: 0000000000000000 R14: 00007f42c0da5fa0 R15: 00007ffdadea4fb8 [ 690.505383][T13696] [ 690.741523][T13696] ERROR: Out of memory at tomoyo_realpath_from_path. [ 690.751206][T13684] svc: failed to register nfsdv3 RPC service (errno 101). [ 690.759396][T13684] svc: failed to register nfsaclv3 RPC service (errno 101). [ 691.326123][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.332504][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 >[ 692.399660][T13728] FAULT_INJECTION: forcing a failure. [ 692.399660][T13728] name failslab, interval 1, probability 0, space 0, times 0 [ 692.402461][T13731] netlink: 1204 bytes leftover after parsing attributes in process `syz.4.2110'. [ 692.412417][T13728] CPU: 1 UID: 0 PID: 13728 Comm: syz.1.2109 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 692.412458][T13728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 692.412478][T13728] Call Trace: [ 692.412488][T13728] [ 692.412503][T13728] dump_stack_lvl+0x16c/0x1f0 [ 692.412556][T13728] should_fail_ex+0x497/0x5b0 [ 692.412594][T13728] ? fs_reclaim_acquire+0xae/0x150 [ 692.412654][T13728] should_failslab+0xc2/0x120 [ 692.412697][T13728] __kmalloc_noprof+0xce/0x4f0 [ 692.412736][T13728] ? __netlink_kernel_create+0x180/0x750 [ 692.412778][T13728] ? __netlink_create+0x208/0x2c0 [ 692.412846][T13728] __netlink_kernel_create+0x180/0x750 [ 692.412891][T13728] ? __pfx___netlink_kernel_create+0x10/0x10 [ 692.412947][T13728] uevent_net_init+0xf9/0x360 [ 692.413004][T13728] ? __pfx_uevent_net_init+0x10/0x10 [ 692.413062][T13728] ? __pfx_uevent_net_rcv+0x10/0x10 [ 692.413131][T13728] ? __pfx_uevent_net_init+0x10/0x10 [ 692.413184][T13728] ops_init+0x1df/0x5f0 [ 692.413248][T13728] setup_net+0x21f/0x860 [ 692.413303][T13728] ? __pfx_setup_net+0x10/0x10 [ 692.413355][T13728] ? down_read_killable+0xcc/0x380 [ 692.413408][T13728] ? __pfx_down_read_killable+0x10/0x10 [ 692.413465][T13728] ? debug_mutex_init+0x37/0x70 [ 692.413524][T13728] copy_net_ns+0x2b4/0x6c0 [ 692.413561][T13728] create_new_namespaces+0x3ea/0xad0 [ 692.413622][T13728] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 692.413677][T13728] ksys_unshare+0x45d/0xa40 [ 692.413733][T13728] ? __pfx_ksys_unshare+0x10/0x10 [ 692.413786][T13728] ? xfd_validate_state+0x5d/0x180 [ 692.413854][T13728] __x64_sys_unshare+0x31/0x40 [ 692.413908][T13728] do_syscall_64+0xcd/0x250 [ 692.413961][T13728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.414012][T13728] RIP: 0033:0x7f2526f8cd29 [ 692.414041][T13728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 692.414076][T13728] RSP: 002b:00007f2527d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 692.414108][T13728] RAX: ffffffffffffffda RBX: 00007f25271a5fa0 RCX: 00007f2526f8cd29 [ 692.414131][T13728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 692.414153][T13728] RBP: 00007f252700e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 692.414174][T13728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 692.414195][T13728] R13: 0000000000000000 R14: 00007f25271a5fa0 R15: 00007ffcb357fce8 [ 692.414239][T13728] [ 692.414475][T13728] kobject_uevent: unable to create netlink socket! [ 692.459595][T13732] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2110'. [ 692.556027][T13733] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2110'. [ 693.428914][T13740] svc: failed to register nfsdv3 RPC service (errno 101). [ 693.438612][T13740] svc: failed to register nfsaclv3 RPC service (errno 101). >[ 694.457430][T13770] FAULT_INJECTION: forcing a failure. [ 694.457430][T13770] name failslab, interval 1, probability 0, space 0, times 0 [ 694.506601][T13770] CPU: 0 UID: 0 PID: 13770 Comm: syz.4.2120 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 694.506650][T13770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 694.506669][T13770] Call Trace: [ 694.506679][T13770] [ 694.506691][T13770] dump_stack_lvl+0x16c/0x1f0 [ 694.506741][T13770] should_fail_ex+0x497/0x5b0 [ 694.506777][T13770] ? fs_reclaim_acquire+0xae/0x150 [ 694.506830][T13770] should_failslab+0xc2/0x120 [ 694.506870][T13770] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 694.506908][T13770] ? getname_flags.part.0+0x4c/0x550 [ 694.506956][T13770] getname_flags.part.0+0x4c/0x550 [ 694.507003][T13770] getname+0x8d/0xe0 [ 694.507051][T13770] do_sys_openat2+0x104/0x1e0 [ 694.507093][T13770] ? __pfx_do_sys_openat2+0x10/0x10 [ 694.507138][T13770] ? __fget_files+0x206/0x3a0 [ 694.507176][T13770] __x64_sys_openat+0x175/0x210 [ 694.507218][T13770] ? __pfx___x64_sys_openat+0x10/0x10 [ 694.507259][T13770] ? ksys_write+0x1ba/0x250 [ 694.507323][T13770] do_syscall_64+0xcd/0x250 [ 694.507371][T13770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.507427][T13770] RIP: 0033:0x7f42c0b8b690 [ 694.507452][T13770] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 694.507482][T13770] RSP: 002b:00007f42c1abdf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 694.507513][T13770] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f42c0b8b690 [ 694.507534][T13770] RDX: 0000000000000000 RSI: 00007f42c1abdfa0 RDI: 00000000ffffff9c [ 694.507554][T13770] RBP: 00007f42c1abdfa0 R08: 0000000000000000 R09: 0000000000000000 [ 694.507573][T13770] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 694.507591][T13770] R13: 0000000000000000 R14: 00007f42c0da5fa0 R15: 00007ffdadea4fb8 [ 694.507630][T13770] [ 694.745179][T13754] Invalid ELF header magic: != ELF [ 694.955936][T13776] Invalid ELF header magic: != ELF [ 695.262539][T13788] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 696.679434][T13787] svc: failed to register nfsdv3 RPC service (errno 111). [ 696.717573][T13787] svc: failed to register nfsaclv3 RPC service (errno 111). >[ 698.350544][T11040] Bluetooth: hci3: Opcode 0x0c03 failed: -110 >>[ 699.885777][ T29] audit: type=1800 audit(1146.896:13): pid=13898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2154" name="dbroot" dev="configfs" ino=41945 res=0 errno=0 [ 699.893341][T13898] db_root: cannot open: [ 699.913918][T13884] svc: failed to register nfsdv3 RPC service (errno 111). [ 699.934031][T13884] svc: failed to register nfsaclv3 RPC service (errno 111). [ 700.028741][T13900] db_root: cannot open: [ 700.051049][T13898] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 700.817387][T13924] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2162'. [ 700.846370][T13926] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2162'. [ 700.922892][T13924] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2162'. >[ 702.367431][T13943] FAULT_INJECTION: forcing a failure. [ 702.367431][T13943] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 702.426564][T13943] CPU: 1 UID: 0 PID: 13943 Comm: syz.0.2165 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 702.426609][T13943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 702.426628][T13943] Call Trace: [ 702.426646][T13943] [ 702.426659][T13943] dump_stack_lvl+0x16c/0x1f0 [ 702.426708][T13943] should_fail_ex+0x497/0x5b0 [ 702.426751][T13943] _copy_from_user+0x2e/0xd0 [ 702.426799][T13943] clear_refs_write+0xeb/0xc10 [ 702.426847][T13943] ? __pfx___lock_acquire+0x10/0x10 [ 702.426888][T13943] ? __pfx___lock_acquire+0x10/0x10 [ 702.426926][T13943] ? __pfx_aa_file_perm+0x10/0x10 [ 702.426961][T13943] ? __pfx_clear_refs_write+0x10/0x10 [ 702.427025][T13943] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 702.427068][T13943] ? rcu_is_watching+0x12/0xc0 [ 702.427130][T13943] ? trace_lock_acquire+0x14e/0x1f0 [ 702.427172][T13943] ? __pfx_clear_refs_write+0x10/0x10 [ 702.427217][T13943] vfs_write+0x24c/0x1150 [ 702.427269][T13943] ? __fget_files+0x1fc/0x3a0 [ 702.427299][T13943] ? __pfx___mutex_lock+0x10/0x10 [ 702.427343][T13943] ? __pfx_vfs_write+0x10/0x10 [ 702.427403][T13943] ? __fget_files+0x206/0x3a0 [ 702.427446][T13943] ksys_write+0x12b/0x250 [ 702.427495][T13943] ? __pfx_ksys_write+0x10/0x10 [ 702.427558][T13943] do_syscall_64+0xcd/0x250 [ 702.427606][T13943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.427656][T13943] RIP: 0033:0x7fa141b8cd29 [ 702.427681][T13943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.427712][T13943] RSP: 002b:00007fa13f9b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 702.427740][T13943] RAX: ffffffffffffffda RBX: 00007fa141da6160 RCX: 00007fa141b8cd29 [ 702.427760][T13943] RDX: 00000000ffffff4b RSI: 0000000000000000 RDI: 0000000000000002 [ 702.427778][T13943] RBP: 00007fa13f9b4090 R08: 0000000000000000 R09: 0000000000000000 [ 702.427795][T13943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 702.427812][T13943] R13: 0000000000000001 R14: 00007fa141da6160 R15: 00007ffd45d6b298 [ 702.427850][T13943] [ 703.637045][T13948] svc: failed to register nfsdv3 RPC service (errno 101). [ 703.657774][T13948] svc: failed to register nfsaclv3 RPC service (errno 101). [ 704.555685][T13962] Invalid ELF header magic: != ELF [ 704.739873][T13967] FAULT_INJECTION: forcing a failure. [ 704.739873][T13967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 704.763550][T13967] CPU: 0 UID: 0 PID: 13967 Comm: syz.4.2172 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 704.763592][T13967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 704.763611][T13967] Call Trace: [ 704.763621][T13967] [ 704.763634][T13967] dump_stack_lvl+0x16c/0x1f0 [ 704.763691][T13967] should_fail_ex+0x497/0x5b0 [ 704.763734][T13967] _copy_to_user+0x32/0xd0 [ 704.763781][T13967] tomoyo_flush+0x160/0x4b0 [ 704.763823][T13967] tomoyo_set_string+0xaf/0xe0 [ 704.763859][T13967] tomoyo_io_printf+0x26f/0x2f0 [ 704.763898][T13967] ? __pfx_tomoyo_io_printf+0x10/0x10 [ 704.763940][T13967] ? tomoyo_flush+0x3ad/0x4b0 [ 704.763978][T13967] ? tomoyo_flush+0x2e0/0x4b0 [ 704.764018][T13967] tomoyo_read_domain+0x604/0x9c0 [ 704.764054][T13967] ? tomoyo_read_control+0x115/0x510 [ 704.764095][T13967] ? lock_acquire+0x2f/0xb0 [ 704.764132][T13967] ? tomoyo_read_control+0x115/0x510 [ 704.764178][T13967] tomoyo_read_control+0x281/0x510 [ 704.764224][T13967] ? __pfx_tomoyo_read+0x10/0x10 [ 704.764259][T13967] vfs_readv+0x6c2/0x8a0 [ 704.764305][T13967] ? fdget_pos+0x267/0x390 [ 704.764348][T13967] ? __pfx_vfs_readv+0x10/0x10 [ 704.764393][T13967] ? __mutex_lock+0x1cc/0xb10 [ 704.764434][T13967] ? find_held_lock+0x2d/0x110 [ 704.764500][T13967] ? __pfx___mutex_lock+0x10/0x10 [ 704.764544][T13967] ? trace_lock_acquire+0x14e/0x1f0 [ 704.764591][T13967] ? __fget_files+0x206/0x3a0 [ 704.764633][T13967] ? do_readv+0x133/0x340 [ 704.764683][T13967] do_readv+0x133/0x340 [ 704.764731][T13967] ? __pfx_do_readv+0x10/0x10 [ 704.764791][T13967] do_syscall_64+0xcd/0x250 [ 704.764839][T13967] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.764886][T13967] RIP: 0033:0x7f42c0b8cd29 [ 704.764910][T13967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 704.764942][T13967] RSP: 002b:00007f42c1abe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 704.764972][T13967] RAX: ffffffffffffffda RBX: 00007f42c0da5fa0 RCX: 00007f42c0b8cd29 [ 704.764992][T13967] RDX: 0000000000000001 RSI: 0000000020000a80 RDI: 0000000000000003 [ 704.765012][T13967] RBP: 00007f42c1abe090 R08: 0000000000000000 R09: 0000000000000000 [ 704.765032][T13967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 704.765050][T13967] R13: 0000000000000000 R14: 00007f42c0da5fa0 R15: 00007ffdadea4fb8 [ 704.765097][T13967] >[ 705.256372][T13973] FAULT_INJECTION: forcing a failure. [ 705.256372][T13973] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 705.277287][T13973] CPU: 1 UID: 0 PID: 13973 Comm: syz.2.2174 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 705.277331][T13973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 705.277352][T13973] Call Trace: [ 705.277362][T13973] [ 705.277375][T13973] dump_stack_lvl+0x16c/0x1f0 [ 705.277433][T13973] should_fail_ex+0x497/0x5b0 [ 705.277470][T13973] ? fs_reclaim_acquire+0xae/0x150 [ 705.277525][T13973] should_fail_alloc_page+0xe7/0x130 [ 705.277568][T13973] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 705.277620][T13973] ? __pfx___up_read+0x10/0x10 [ 705.277671][T13973] __alloc_pages_noprof+0x18e/0x2470 [ 705.277719][T13973] ? mark_held_locks+0x9f/0xe0 [ 705.277762][T13973] ? irqentry_exit+0x3b/0x90 [ 705.277805][T13973] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 705.277859][T13973] ? rep_movs_alternative+0x4a/0x70 [ 705.277897][T13973] ? _copy_from_iter+0x159/0x1400 [ 705.277946][T13973] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 705.277993][T13973] ? policy_nodemask+0xea/0x4e0 [ 705.278036][T13973] alloc_pages_mpol_noprof+0x2c8/0x620 [ 705.278086][T13973] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 705.278141][T13973] ? copy_page_from_iter+0x108/0x120 [ 705.278189][T13973] pipe_write+0xe38/0x1b30 [ 705.278240][T13973] ? __pfx_pipe_write+0x10/0x10 [ 705.278275][T13973] ? __pfx_aa_file_perm+0x10/0x10 [ 705.278322][T13973] do_iter_readv_writev+0x655/0x950 [ 705.278374][T13973] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 705.278439][T13973] ? rw_verify_area+0xcf/0x680 [ 705.278490][T13973] vfs_writev+0x363/0xdd0 [ 705.278536][T13973] ? find_held_lock+0x2d/0x110 [ 705.278597][T13973] ? __pfx_vfs_writev+0x10/0x10 [ 705.278644][T13973] ? find_held_lock+0x2d/0x110 [ 705.278704][T13973] ? __pfx_lock_release+0x10/0x10 [ 705.278742][T13973] ? trace_lock_acquire+0x14e/0x1f0 [ 705.278788][T13973] ? __fget_files+0x206/0x3a0 [ 705.278830][T13973] ? do_writev+0x297/0x340 [ 705.278875][T13973] do_writev+0x297/0x340 [ 705.278923][T13973] ? __pfx_do_writev+0x10/0x10 [ 705.278984][T13973] do_syscall_64+0xcd/0x250 [ 705.279033][T13973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.279080][T13973] RIP: 0033:0x7f101d78cd29 [ 705.279105][T13973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 705.279138][T13973] RSP: 002b:00007f101e625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 705.279168][T13973] RAX: ffffffffffffffda RBX: 00007f101d9a5fa0 RCX: 00007f101d78cd29 [ 705.279190][T13973] RDX: 0000000000000001 RSI: 0000000020000100 RDI: 0000000000000001 [ 705.279209][T13973] RBP: 00007f101e625090 R08: 0000000000000000 R09: 0000000000000000 [ 705.279229][T13973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 705.279249][T13973] R13: 0000000000000000 R14: 00007f101d9a5fa0 R15: 00007ffc456e4428 [ 705.279289][T13973] [ 705.631755][T11040] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 705.839523][T13988] kernel read not supported for file /8SpExYXgh|lH敿9.KgPn֤L]XF (pid: 13988 comm: syz.2.2180) [ 705.858310][ T29] audit: type=1800 audit(1152.879:14): pid=13988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2180" name=11F9BC9A3897C953FE7016B04578951E595883AE6714BB68CF7C6C489B01FCFA14C2EC06E695BF392E1B4B6702A0A9EFFE500EE66ED6A44C8F9A1EEF5D58DB46A6D0 dev="mqueue" ino=43150 res=0 errno=0 syzkaller syzkaller login: [ 708.331988][T14024] svc: failed to register nfsdv3 RPC service (errno 22). [ 708.343287][T14024] svc: failed to register nfsaclv3 RPC service (errno 22). [ 708.737184][T14065] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2195'. [ 709.950372][T14092] cgroup: fork rejected by pids controller in /syz0 [ 710.264586][T11107] Bluetooth: hci3: Opcode 0x0c03 failed: -110 syzkaller syzkaller login: [ 711.789406][T14266] FAULT_INJECTION: forcing a failure. [ 711.789406][T14266] name failslab, interval 1, probability 0, space 0, times 0 [ 711.883027][T14266] CPU: 0 UID: 0 PID: 14266 Comm: syz.4.2211 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 711.883069][T14266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 711.883089][T14266] Call Trace: [ 711.883098][T14266] [ 711.883110][T14266] dump_stack_lvl+0x16c/0x1f0 [ 711.883161][T14266] should_fail_ex+0x497/0x5b0 [ 711.883196][T14266] ? fs_reclaim_acquire+0xae/0x150 [ 711.883251][T14266] should_failslab+0xc2/0x120 [ 711.883294][T14266] __kmalloc_cache_noprof+0x68/0x420 [ 711.883330][T14266] ? kasan_save_track+0x14/0x30 [ 711.883372][T14266] alloc_netdev_mqs+0xe66/0x13e0 [ 711.883434][T14266] ldisc_open+0x153/0x980 [ 711.883474][T14266] ? tty_set_ldisc+0x2a5/0x720 [ 711.883513][T14266] ? __pfx_ldisc_open+0x10/0x10 [ 711.883557][T14266] ? down_write+0x14e/0x200 [ 711.883606][T14266] ? __pfx_ldisc_open+0x10/0x10 [ 711.883643][T14266] tty_ldisc_open+0x9c/0x120 [ 711.883682][T14266] tty_set_ldisc+0x318/0x720 [ 711.883729][T14266] tty_ioctl+0xc22/0x1640 [ 711.883786][T14266] ? __pfx_tty_ioctl+0x10/0x10 [ 711.883841][T14266] ? __pfx_lock_release+0x10/0x10 [ 711.883880][T14266] ? trace_lock_acquire+0x14e/0x1f0 [ 711.883924][T14266] ? __fget_files+0x206/0x3a0 [ 711.883959][T14266] ? __pfx_tty_ioctl+0x10/0x10 [ 711.884006][T14266] __x64_sys_ioctl+0x190/0x200 [ 711.884056][T14266] do_syscall_64+0xcd/0x250 [ 711.884104][T14266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.884150][T14266] RIP: 0033:0x7f42c0b8cd29 [ 711.884175][T14266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 711.884206][T14266] RSP: 002b:00007f42c1abe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 711.884235][T14266] RAX: ffffffffffffffda RBX: 00007f42c0da5fa0 RCX: 00007f42c0b8cd29 [ 711.884257][T14266] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000014 [ 711.884276][T14266] RBP: 00007f42c1abe090 R08: 0000000000000000 R09: 0000000000000000 [ 711.884295][T14266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 711.884314][T14266] R13: 0000000000000000 R14: 00007f42c0da5fa0 R15: 00007ffdadea4fb8 [ 711.884354][T14266] [ 712.650769][T14272] FAULT_INJECTION: forcing a failure. [ 712.650769][T14272] name failslab, interval 1, probability 0, space 0, times 0 [ 712.673696][T14272] CPU: 0 UID: 0 PID: 14272 Comm: syz.4.2213 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 712.673736][T14272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 712.673753][T14272] Call Trace: [ 712.673761][T14272] [ 712.673772][T14272] dump_stack_lvl+0x16c/0x1f0 [ 712.673815][T14272] should_fail_ex+0x497/0x5b0 [ 712.673845][T14272] ? fs_reclaim_acquire+0xae/0x150 [ 712.673891][T14272] should_failslab+0xc2/0x120 [ 712.673935][T14272] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 712.673971][T14272] ? find_held_lock+0x2d/0x110 [ 712.674022][T14272] ? proc_alloc_inode+0x25/0x200 [ 712.674083][T14272] ? __pfx_proc_alloc_inode+0x10/0x10 [ 712.674133][T14272] proc_alloc_inode+0x25/0x200 [ 712.674189][T14272] alloc_inode+0x5d/0x230 [ 712.674229][T14272] new_inode+0x22/0x210 [ 712.674272][T14272] proc_sys_make_inode+0x47/0x5c0 [ 712.674331][T14272] proc_sys_lookup+0x283/0x410 [ 712.674366][T14272] ? __pfx_proc_sys_lookup+0x10/0x10 [ 712.674405][T14272] ? __d_lookup+0x266/0x4a0 [ 712.674465][T14272] ? __pfx_proc_sys_lookup+0x10/0x10 [ 712.674497][T14272] lookup_open.isra.0+0x4d9/0x1580 [ 712.674558][T14272] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 712.674621][T14272] ? path_openat+0x88a/0x2d80 [ 712.674663][T14272] ? mnt_get_write_access+0x20c/0x300 [ 712.674720][T14272] path_openat+0x904/0x2d80 [ 712.674768][T14272] ? __pfx_path_openat+0x10/0x10 [ 712.674804][T14272] ? __pfx___lock_acquire+0x10/0x10 [ 712.674842][T14272] ? lock_acquire.part.0+0x11b/0x380 [ 712.674887][T14272] ? find_held_lock+0x2d/0x110 [ 712.674950][T14272] do_filp_open+0x20c/0x470 [ 712.674987][T14272] ? __pfx_do_filp_open+0x10/0x10 [ 712.675018][T14272] ? find_held_lock+0x2d/0x110 [ 712.675103][T14272] ? alloc_fd+0x41f/0x760 [ 712.675145][T14272] do_sys_openat2+0x17a/0x1e0 [ 712.675192][T14272] ? __pfx_do_sys_openat2+0x10/0x10 [ 712.675238][T14272] ? __fget_files+0x206/0x3a0 [ 712.675281][T14272] __x64_sys_openat+0x175/0x210 [ 712.675324][T14272] ? __pfx___x64_sys_openat+0x10/0x10 [ 712.675365][T14272] ? ksys_write+0x1ba/0x250 [ 712.675435][T14272] do_syscall_64+0xcd/0x250 [ 712.675489][T14272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.675536][T14272] RIP: 0033:0x7f42c0b8cd29 [ 712.675562][T14272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 712.675599][T14272] RSP: 002b:00007f42c1abe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 712.675629][T14272] RAX: ffffffffffffffda RBX: 00007f42c0da5fa0 RCX: 00007f42c0b8cd29 [ 712.675651][T14272] RDX: 0000000000040802 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 712.675671][T14272] RBP: 00007f42c1abe090 R08: 0000000000000000 R09: 0000000000000000 [ 712.675691][T14272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 712.675716][T14272] R13: 0000000000000000 R14: 00007f42c0da5fa0 R15: 00007ffdadea4fb8 [ 712.675757][T14272] [ 713.489991][T14258] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 713.515968][T14285] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2216'. >[ 714.360105][T14303] binder: 14302:14303 ioctl c0306201 7 returned -14 [ 714.383426][T14304] FAULT_INJECTION: forcing a failure. [ 714.383426][T14304] name failslab, interval 1, probability 0, space 0, times 0 [ 714.432102][T14304] CPU: 0 UID: 0 PID: 14304 Comm: syz.1.2221 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 714.432145][T14304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 714.432166][T14304] Call Trace: [ 714.432175][T14304] [ 714.432190][T14304] dump_stack_lvl+0x16c/0x1f0 [ 714.432238][T14304] should_fail_ex+0x497/0x5b0 [ 714.432273][T14304] ? fs_reclaim_acquire+0xae/0x150 [ 714.432327][T14304] should_failslab+0xc2/0x120 [ 714.432367][T14304] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 714.432406][T14304] ? __d_alloc+0x35/0x8c0 [ 714.432449][T14304] __d_alloc+0x35/0x8c0 [ 714.432489][T14304] d_alloc+0x4a/0x1e0 [ 714.432538][T14304] d_alloc_parallel+0xe7/0x12b0 [ 714.432604][T14304] ? __pfx_d_alloc_parallel+0x10/0x10 [ 714.432658][T14304] ? lockdep_init_map_type+0x16d/0x7d0 [ 714.432705][T14304] ? lock_acquire.part.0+0x11b/0x380 [ 714.432747][T14304] ? lockdep_init_map_type+0x16d/0x7d0 [ 714.432804][T14304] __lookup_slow+0x194/0x460 [ 714.432850][T14304] ? __pfx___lookup_slow+0x10/0x10 [ 714.432906][T14304] ? walk_component+0x342/0x5b0 [ 714.432976][T14304] ? lookup_fast+0x155/0x540 [ 714.433029][T14304] walk_component+0x350/0x5b0 [ 714.433085][T14304] link_path_walk.part.0.constprop.0+0x669/0xd40 [ 714.433156][T14304] path_openat+0x228/0x2d80 [ 714.433185][T14304] ? hlock_class+0x4e/0x130 [ 714.433251][T14304] ? __pfx_path_openat+0x10/0x10 [ 714.433288][T14304] ? __pfx___lock_acquire+0x10/0x10 [ 714.433326][T14304] ? lock_acquire.part.0+0x11b/0x380 [ 714.433395][T14304] ? find_held_lock+0x2d/0x110 [ 714.433452][T14304] do_filp_open+0x20c/0x470 [ 714.433490][T14304] ? __pfx_do_filp_open+0x10/0x10 [ 714.433527][T14304] ? find_held_lock+0x2d/0x110 [ 714.433597][T14304] ? __pfx_kfree_link+0x10/0x10 [ 714.433652][T14304] ? alloc_fd+0x41f/0x760 [ 714.433698][T14304] do_sys_openat2+0x17a/0x1e0 [ 714.433739][T14304] ? __pfx_do_sys_openat2+0x10/0x10 [ 714.433789][T14304] ? __fget_files+0x206/0x3a0 [ 714.433830][T14304] __x64_sys_openat+0x175/0x210 [ 714.433872][T14304] ? __pfx___x64_sys_openat+0x10/0x10 [ 714.433918][T14304] ? ksys_write+0x1ba/0x250 [ 714.433984][T14304] do_syscall_64+0xcd/0x250 [ 714.434037][T14304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.434083][T14304] RIP: 0033:0x7f2526f8b690 [ 714.434110][T14304] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 714.434143][T14304] RSP: 002b:00007f2527d49f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 714.434174][T14304] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2526f8b690 [ 714.434199][T14304] RDX: 0000000000000002 RSI: 00007f2527d49fa0 RDI: 00000000ffffff9c [ 714.434219][T14304] RBP: 00007f2527d49fa0 R08: 0000000000000000 R09: 0000000000000000 [ 714.434238][T14304] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 714.434258][T14304] R13: 0000000000000000 R14: 00007f25271a5fa0 R15: 00007ffcb357fce8 [ 714.434301][T14304] [ 717.420115][T14328] FAULT_INJECTION: forcing a failure. [ 717.420115][T14328] name fail_futex, interval 1, probability 0, space 0, times 0 [ 717.501831][T14328] CPU: 1 UID: 0 PID: 14328 Comm: syz.2.2232 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 717.501876][T14328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 717.501896][T14328] Call Trace: [ 717.501905][T14328] [ 717.501918][T14328] dump_stack_lvl+0x16c/0x1f0 [ 717.501967][T14328] should_fail_ex+0x497/0x5b0 [ 717.502002][T14328] ? __lock_acquire+0x15a9/0x3c40 [ 717.502046][T14328] get_futex_key+0xac1/0x1000 [ 717.502104][T14328] ? __pfx_get_futex_key+0x10/0x10 [ 717.502171][T14328] futex_wake+0xe8/0x4e0 [ 717.502213][T14328] ? __pfx_futex_wake+0x10/0x10 [ 717.502257][T14328] ? find_held_lock+0x2d/0x110 [ 717.502319][T14328] do_futex+0x1e5/0x350 [ 717.502352][T14328] ? __pfx_do_futex+0x10/0x10 [ 717.502385][T14328] ? __might_fault+0xe3/0x190 [ 717.502428][T14328] ? __might_fault+0xe3/0x190 [ 717.502475][T14328] mm_release+0x24e/0x300 [ 717.502527][T14328] do_exit+0x886/0x2d70 [ 717.502561][T14328] ? get_signal+0x8f7/0x2610 [ 717.502605][T14328] ? __pfx_do_exit+0x10/0x10 [ 717.502634][T14328] ? do_raw_spin_lock+0x12d/0x2c0 [ 717.502681][T14328] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 717.502734][T14328] do_group_exit+0xd3/0x2a0 [ 717.502768][T14328] get_signal+0x2576/0x2610 [ 717.502817][T14328] ? __pfx_down_write_killable+0x10/0x10 [ 717.502876][T14328] ? __pfx_get_signal+0x10/0x10 [ 717.502922][T14328] ? vm_mmap_pgoff+0xf2/0x3a0 [ 717.502963][T14328] arch_do_signal_or_restart+0x90/0x7e0 [ 717.503000][T14328] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 717.503046][T14328] ? ksys_mmap_pgoff+0x85/0x5c0 [ 717.503098][T14328] ? __pfx_ksys_write+0x10/0x10 [ 717.503158][T14328] syscall_exit_to_user_mode+0x150/0x2a0 [ 717.503205][T14328] do_syscall_64+0xda/0x250 [ 717.503253][T14328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.503300][T14328] RIP: 0033:0x7f101d78cd29 [ 717.503325][T14328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.503356][T14328] RSP: 002b:00007f101e625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 717.503385][T14328] RAX: fffffffffffffffc RBX: 00007f101d9a5fa0 RCX: 00007f101d78cd29 [ 717.503405][T14328] RDX: 0000000000000002 RSI: 0000000000000009 RDI: 0000000000002000 [ 717.503424][T14328] RBP: 00007f101e625090 R08: 0000000000000004 R09: 0000000000000000 [ 717.503444][T14328] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 717.503463][T14328] R13: 0000000000000000 R14: 00007f101d9a5fa0 R15: 00007ffc456e4428 [ 717.503502][T14328] syzkaller syzkaller login: >[ 718.657366][T14358] FAULT_INJECTION: forcing a failure. [ 718.657366][T14358] name failslab, interval 1, probability 0, space 0, times 0 [ 718.693798][T14336] svc: failed to register nfsdv3 RPC service (errno 101). [ 718.701671][T14358] CPU: 1 UID: 0 PID: 14358 Comm: syz.2.2240 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 718.701715][T14358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 718.701736][T14358] Call Trace: [ 718.701746][T14358] [ 718.701759][T14358] dump_stack_lvl+0x16c/0x1f0 [ 718.701814][T14358] should_fail_ex+0x497/0x5b0 [ 718.701853][T14358] ? fs_reclaim_acquire+0xae/0x150 [ 718.701913][T14358] should_failslab+0xc2/0x120 [ 718.701957][T14358] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 718.702000][T14358] ? shmem_alloc_inode+0x25/0x50 [ 718.702044][T14358] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 718.702081][T14358] shmem_alloc_inode+0x25/0x50 [ 718.702117][T14358] alloc_inode+0x5d/0x230 [ 718.702157][T14358] new_inode+0x22/0x210 [ 718.702201][T14358] shmem_get_inode+0x194/0xf00 [ 718.702245][T14358] ? __vm_enough_memory+0x184/0x3f0 [ 718.702288][T14358] __shmem_file_setup+0x16f/0x300 [ 718.702340][T14358] shmem_zero_setup+0x93/0x1b0 [ 718.702399][T14358] __mmap_region+0x2025/0x2760 [ 718.702458][T14358] ? __pfx___mmap_region+0x10/0x10 [ 718.702504][T14358] ? hlock_class+0x4e/0x130 [ 718.702558][T14358] ? mark_lock+0xb5/0xc60 [ 718.702608][T14358] ? __pfx___schedule+0x10/0x10 [ 718.702671][T14358] ? lock_acquire+0x2f/0xb0 [ 718.702712][T14358] ? schedule+0x1fd/0x350 [ 718.702804][T14358] ? cap_capable+0xb3/0x250 [ 718.702858][T14358] mmap_region+0x127/0x320 [ 718.702899][T14358] do_mmap+0xa09/0x1050 [ 718.702939][T14358] vm_mmap_pgoff+0x203/0x3a0 [ 718.702985][T14358] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 718.703027][T14358] ? __x64_sys_futex+0x1e1/0x4c0 [ 718.703061][T14358] ? __x64_sys_futex+0x1ea/0x4c0 [ 718.703103][T14358] ksys_mmap_pgoff+0x7d/0x5c0 [ 718.703158][T14358] ? rcu_is_watching+0x12/0xc0 [ 718.703216][T14358] __x64_sys_mmap+0x125/0x190 [ 718.703270][T14358] do_syscall_64+0xcd/0x250 [ 718.703323][T14358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.703372][T14358] RIP: 0033:0x7f101d78cd29 [ 718.703400][T14358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 718.703434][T14358] RSP: 002b:00007f101e625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 718.703476][T14358] RAX: ffffffffffffffda RBX: 00007f101d9a5fa0 RCX: 00007f101d78cd29 [ 718.703500][T14358] RDX: 00004000000000df RSI: 0000000000000001 RDI: 0000000000000000 [ 718.703523][T14358] RBP: 00007f101d80e2a0 R08: 0000000000000401 R09: 0000000000008000 [ 718.703546][T14358] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 718.703567][T14358] R13: 0000000000000000 R14: 00007f101d9a5fa0 R15: 00007ffc456e4428 [ 718.703610][T14358] [ 718.972487][T14336] svc: failed to register nfsaclv3 RPC service (errno 512). >>[ 720.429376][T11107] Bluetooth: hci3: Opcode 0x0c03 failed: -110 >[ 721.158505][T14407] bond0: option all_slaves_active: invalid value () syzkaller syzkaller login: >[ 722.769610][T14422] svc: failed to register nfsdv3 RPC service (errno 111). [ 722.785368][T14422] svc: failed to register nfsaclv3 RPC service (errno 111). >[ 723.122641][T14451] syz.2.2268 (14451) used obsolete PPPIOCDETACH ioctl syzkaller syzkaller login: >>[ 726.082472][T14514] Invalid ELF header magic: != ELF syzkaller syzkaller login: [ 726.667041][T14514] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2287'. [ 726.743653][T14489] svc: failed to register nfsdv3 RPC service (errno 111). [ 726.755424][T14514] geneve1: entered allmulticast mode [ 726.771922][T14489] svc: failed to register nfsaclv3 RPC service (errno 111). >[ 728.023830][T11107] Bluetooth: hci3: Opcode 0x0c03 failed: -110 >[ 728.952984][T14567] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2303'. [ 729.015177][T14567] hsr_slave_0: left promiscuous mode [ 729.059322][T14567] hsr_slave_1: left promiscuous mode [ 729.417686][T14576] FAULT_INJECTION: forcing a failure. [ 729.417686][T14576] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 729.451571][T14576] CPU: 1 UID: 0 PID: 14576 Comm: syz.0.2306 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 729.451612][T14576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 729.451630][T14576] Call Trace: [ 729.451639][T14576] [ 729.451651][T14576] dump_stack_lvl+0x16c/0x1f0 [ 729.451698][T14576] should_fail_ex+0x497/0x5b0 [ 729.451737][T14576] _copy_from_user+0x2e/0xd0 [ 729.451776][T14576] copy_msghdr_from_user+0x99/0x160 [ 729.451822][T14576] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 729.451864][T14576] ? __lock_acquire+0xcc5/0x3c40 [ 729.451904][T14576] ? hlock_class+0x4e/0x130 [ 729.451949][T14576] ? __lock_acquire+0x15a9/0x3c40 [ 729.452020][T14576] ___sys_sendmsg+0xff/0x1e0 [ 729.452066][T14576] ? __pfx____sys_sendmsg+0x10/0x10 [ 729.452116][T14576] ? __pfx___lock_acquire+0x10/0x10 [ 729.452182][T14576] ? __pfx___might_resched+0x10/0x10 [ 729.452221][T14576] ? __might_fault+0xe3/0x190 [ 729.452265][T14576] __sys_sendmmsg+0x201/0x420 [ 729.452313][T14576] ? __pfx___sys_sendmmsg+0x10/0x10 [ 729.452369][T14576] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 729.452426][T14576] ? fput+0x67/0x440 [ 729.452461][T14576] ? ksys_write+0x1ba/0x250 [ 729.452507][T14576] ? __pfx_ksys_write+0x10/0x10 [ 729.452559][T14576] __x64_sys_sendmmsg+0x9c/0x100 [ 729.452603][T14576] ? lockdep_hardirqs_on+0x7c/0x110 [ 729.452642][T14576] do_syscall_64+0xcd/0x250 [ 729.452686][T14576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.452727][T14576] RIP: 0033:0x7fa141b8cd29 [ 729.452752][T14576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 729.452782][T14576] RSP: 002b:00007fa13f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 729.452809][T14576] RAX: ffffffffffffffda RBX: 00007fa141da5fa0 RCX: 00007fa141b8cd29 [ 729.452829][T14576] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 729.452847][T14576] RBP: 00007fa13f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 729.452865][T14576] R10: 0000000000000a00 R11: 0000000000000246 R12: 0000000000000002 [ 729.452883][T14576] R13: 0000000000000000 R14: 00007fa141da5fa0 R15: 00007ffd45d6b298 [ 729.452918][T14576] >>[ 731.205314][T14583] svc: failed to register nfsdv3 RPC service (errno 111). [ 731.213572][T14583] svc: failed to register nfsaclv3 RPC service (errno 111). [ 731.436897][T14606] FAULT_INJECTION: forcing a failure. [ 731.436897][T14606] name failslab, interval 1, probability 0, space 0, times 0 [ 731.473765][T14606] CPU: 1 UID: 0 PID: 14606 Comm: syz.4.2318 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 731.473810][T14606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 731.473830][T14606] Call Trace: [ 731.473839][T14606] [ 731.473851][T14606] dump_stack_lvl+0x16c/0x1f0 [ 731.473906][T14606] should_fail_ex+0x497/0x5b0 [ 731.473943][T14606] ? fs_reclaim_acquire+0xae/0x150 [ 731.473997][T14606] should_failslab+0xc2/0x120 [ 731.474038][T14606] __kmalloc_noprof+0xce/0x4f0 [ 731.474075][T14606] ? lsm_blob_alloc+0x68/0x90 [ 731.474119][T14606] lsm_blob_alloc+0x68/0x90 [ 731.474159][T14606] security_prepare_creds+0x30/0x270 [ 731.474197][T14606] prepare_creds+0x53e/0x750 [ 731.474232][T14606] ? __pfx_get_random_u64+0x10/0x10 [ 731.474269][T14606] copy_creds+0xa7/0xa50 [ 731.474310][T14606] copy_process+0xeff/0x6f20 [ 731.474360][T14606] ? get_pid_task+0xfc/0x250 [ 731.474392][T14606] ? __pfx_lock_release+0x10/0x10 [ 731.474442][T14606] ? __pfx_copy_process+0x10/0x10 [ 731.474494][T14606] ? find_held_lock+0x2d/0x110 [ 731.474555][T14606] kernel_clone+0xfd/0x960 [ 731.474607][T14606] ? __pfx_kernel_clone+0x10/0x10 [ 731.474669][T14606] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 731.474721][T14606] __do_sys_clone+0xba/0x100 [ 731.474770][T14606] ? __pfx___do_sys_clone+0x10/0x10 [ 731.474845][T14606] do_syscall_64+0xcd/0x250 [ 731.474893][T14606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.474946][T14606] RIP: 0033:0x7f42c0b8cd29 [ 731.474971][T14606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.475003][T14606] RSP: 002b:00007f42c1abe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 731.475033][T14606] RAX: ffffffffffffffda RBX: 00007f42c0da5fa0 RCX: 00007f42c0b8cd29 [ 731.475054][T14606] RDX: 0000000000000000 RSI: 0000000000000352 RDI: 0000000000000007 [ 731.475074][T14606] RBP: 00007f42c1abe090 R08: 0000000000000004 R09: 0000000000000000 [ 731.475098][T14606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 731.475117][T14606] R13: 0000000000000000 R14: 00007f42c0da5fa0 R15: 00007ffdadea4fb8 [ 731.475156][T14606] [ 731.948252][ T9550] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 731.963584][ T9550] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 731.980968][ T9550] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 731.991429][ T9550] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 732.000616][ T9550] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 732.009357][ T9550] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 >[ 732.669879][T14608] chnl_net:caif_netlink_parms(): no params data found [ 733.079330][T14608] bridge0: port 1(bridge_slave_0) entered blocking state [ 733.086766][T14608] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.123316][T14608] bridge_slave_0: entered allmulticast mode [ 733.151399][T14608] bridge_slave_0: entered promiscuous mode [ 733.360565][T14608] bridge0: port 2(bridge_slave_1) entered blocking state [ 733.373354][T14608] bridge0: port 2(bridge_slave_1) entered disabled state [ 733.394444][T14608] bridge_slave_1: entered allmulticast mode [ 733.401699][T14608] bridge_slave_1: entered promiscuous mode [ 733.596641][T14608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 733.654405][T14608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 733.835509][T14608] team0: Port device team_slave_0 added [ 733.854007][T14608] team0: Port device team_slave_1 added [ 734.102666][T11040] Bluetooth: hci3: command tx timeout [ 734.156890][T14608] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 734.262395][T14608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 734.340090][T14608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 734.372149][T14608] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 734.407873][T14608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 734.462975][T14608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 735.055924][T14608] hsr_slave_0: entered promiscuous mode [ 735.081657][T14608] hsr_slave_1: entered promiscuous mode [ 735.088312][T14608] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 735.121965][T14608] Cannot create hsr debugfs directory [ 735.232377][T14651] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2330'. [ 735.836012][T14608] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.159424][T14608] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.185492][T11040] Bluetooth: hci3: command tx timeout [ 736.478847][T14608] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.887862][T14608] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 737.065342][T14675] can: request_module (can-proto-0) failed. [ 737.329624][T14608] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 737.455156][T14608] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 737.541814][T14608] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 737.563580][T14608] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 737.699141][T14659] svc: failed to register nfsdv3 RPC service (errno 22). [ 737.766536][T14659] svc: failed to register nfsaclv3 RPC service (errno 22). [ 737.813274][T14608] 8021q: adding VLAN 0 to HW filter on device bond0 [ 737.849661][T14608] 8021q: adding VLAN 0 to HW filter on device team0 [ 737.914853][ T9103] bridge0: port 1(bridge_slave_0) entered blocking state [ 737.922084][ T9103] bridge0: port 1(bridge_slave_0) entered forwarding state [ 738.002254][ T3020] bridge0: port 2(bridge_slave_1) entered blocking state [ 738.009485][ T3020] bridge0: port 2(bridge_slave_1) entered forwarding state [ 738.082503][T14608] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 738.138295][T14608] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 738.250744][ T9550] Bluetooth: hci3: command tx timeout [ 738.596345][T14608] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 738.658283][T11040] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 738.719582][T14608] veth0_vlan: entered promiscuous mode [ 738.804535][T14608] veth1_vlan: entered promiscuous mode [ 738.898697][T14608] veth0_macvtap: entered promiscuous mode [ 738.915654][T14608] veth1_macvtap: entered promiscuous mode [ 738.988344][T14683] svc: failed to register nfsdv3 RPC service (errno 111). [ 738.999240][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 739.014506][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.015316][T14683] svc: failed to register nfsaclv3 RPC service (errno 111). [ 739.034013][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 739.060184][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.071071][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 739.082061][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.092482][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 739.105021][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.116690][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 739.127689][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.144646][T14608] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 739.182514][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 739.200580][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.224362][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 739.237338][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.247706][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 739.258967][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.273173][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 739.294003][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.347132][T14608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 739.369967][T14608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 739.384749][T14608] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 739.417996][T14608] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.436069][T14608] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.477190][T14608] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.489997][T14608] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 739.724155][ T9103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 739.753480][ T9103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 739.806683][ T9103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 739.824423][ T9103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 740.329437][T11040] Bluetooth: hci3: command tx timeout [ 740.330268][ T9202] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 740.748302][ T29] audit: type=1800 audit(1187.777:15): pid=14728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2344" name="trace_pipe" dev="tracefs" ino=1163 res=0 errno=0 [ 740.933285][T14734] netlink: 'syz.4.2344': attribute type 1 has an invalid length. [ 741.500738][T11040] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 741.539068][T11040] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 741.566659][T11040] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 741.581166][T11040] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 741.610394][T11040] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 741.638919][T11040] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 742.095442][T14741] chnl_net:caif_netlink_parms(): no params data found [ 742.683703][T14732] svc: failed to register nfsdv3 RPC service (errno 111). [ 742.739369][T14732] svc: failed to register nfsaclv3 RPC service (errno 111). [ 742.884345][ T29] audit: type=1800 audit(1189.918:16): pid=14772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2350" name="dbroot" dev="configfs" ino=45640 res=0 errno=0 [ 742.915354][T14772] Process accounting resumed [ 743.000870][ T29] audit: type=1804 audit(1189.948:17): pid=14772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2350" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=45640 res=1 errno=0 [ 743.212216][T14741] bridge0: port 1(bridge_slave_0) entered blocking state [ 743.220080][T14741] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.227383][T14741] bridge_slave_0: entered allmulticast mode [ 743.259246][T14741] bridge_slave_0: entered promiscuous mode [ 743.285679][T14741] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.295760][T14741] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.316432][T14741] bridge_slave_1: entered allmulticast mode [ 743.346047][T14741] bridge_slave_1: entered promiscuous mode [ 743.454147][T14741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 743.495658][T14741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 743.688075][ T9202] Bluetooth: hci1: command tx timeout [ 743.731933][T14741] team0: Port device team_slave_0 added [ 743.760336][T14741] team0: Port device team_slave_1 added [ 743.848273][T11040] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 744.029694][T14741] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 744.067660][T14741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 744.113432][T14741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 744.155047][ T29] audit: type=1800 audit(1191.188:18): pid=14791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2355" name="trace_pipe" dev="tracefs" ino=1163 res=0 errno=0 [ 744.257857][T14741] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 744.264881][T14741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 744.326332][T14741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 744.399880][T14791] netlink: 'syz.2.2355': attribute type 1 has an invalid length. [ 744.421781][T14741] hsr_slave_0: entered promiscuous mode [ 744.430250][T14741] hsr_slave_1: entered promiscuous mode [ 744.452259][T14741] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 744.462274][T14741] Cannot create hsr debugfs directory [ 744.468623][T14786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2353'. >>[ 745.404024][T14805] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(1.2.0), cmd(14) [ 745.488278][T14741] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.536807][T14809] FAULT_INJECTION: forcing a failure. [ 745.536807][T14809] name failslab, interval 1, probability 0, space 0, times 0 [ 745.600498][T14809] CPU: 0 UID: 0 PID: 14809 Comm: syz.1.2360 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 745.600544][T14809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 745.600564][T14809] Call Trace: [ 745.600574][T14809] [ 745.600587][T14809] dump_stack_lvl+0x16c/0x1f0 [ 745.600636][T14809] should_fail_ex+0x497/0x5b0 [ 745.600673][T14809] ? fs_reclaim_acquire+0xae/0x150 [ 745.600728][T14809] should_failslab+0xc2/0x120 [ 745.600768][T14809] __kmalloc_node_noprof+0xd1/0x520 [ 745.600807][T14809] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 745.600847][T14809] __kvmalloc_node_noprof+0xad/0x1a0 [ 745.600883][T14809] io_uring_setup+0x649/0x3370 [ 745.600941][T14809] ? __pfx_io_uring_setup+0x10/0x10 [ 745.600983][T14809] ? do_futex+0x123/0x350 [ 745.601017][T14809] ? __pfx_do_futex+0x10/0x10 [ 745.601052][T14809] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 745.601104][T14809] ? rcu_is_watching+0x12/0xc0 [ 745.601162][T14809] __x64_sys_io_uring_setup+0x98/0x140 [ 745.601207][T14809] do_syscall_64+0xcd/0x250 [ 745.601255][T14809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.601325][T14809] RIP: 0033:0x7fd4b7b8cd29 [ 745.601361][T14809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.601413][T14809] RSP: 002b:00007fd4b8acc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 745.601445][T14809] RAX: ffffffffffffffda RBX: 00007fd4b7da5fa0 RCX: 00007fd4b7b8cd29 [ 745.601468][T14809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 745.601487][T14809] RBP: 00007fd4b7c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 745.601508][T14809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.601528][T14809] R13: 0000000000000000 R14: 00007fd4b7da5fa0 R15: 00007ffcf7192da8 [ 745.601571][T14809] [ 745.858718][T14741] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.897090][T11040] Bluetooth: hci1: command tx timeout [ 746.083643][T14741] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 746.118678][T14814] netlink: 266 bytes leftover after parsing attributes in process `syz.2.2361'. [ 746.128258][T14814] IPv6: NLM_F_CREATE should be specified when creating new route [ 746.252608][T14741] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 >[ 746.948531][T14741] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 747.018324][T14741] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 747.064540][T14741] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 747.159091][T14741] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 747.445148][T14741] 8021q: adding VLAN 0 to HW filter on device bond0 [ 747.489945][T14813] svc: failed to register nfsdv3 RPC service (errno 22). [ 747.581528][T14813] svc: failed to register nfsaclv3 RPC service (errno 512). [ 747.615340][T14741] 8021q: adding VLAN 0 to HW filter on device team0 [ 747.649678][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 747.658214][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 747.715471][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 747.722703][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 747.925781][ T9202] Bluetooth: hci1: command tx timeout [ 748.245228][T14741] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 748.357651][T14741] veth0_vlan: entered promiscuous mode [ 748.382862][T14741] veth1_vlan: entered promiscuous mode [ 748.452557][T14741] veth0_macvtap: entered promiscuous mode [ 748.494658][T14741] veth1_macvtap: entered promiscuous mode [ 748.538947][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 748.555422][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.575298][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 748.585927][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.596362][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 748.635571][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.674948][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 748.686126][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.705561][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 748.735722][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.755573][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 748.785248][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.807906][T14741] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 748.838393][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 748.859465][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.889032][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 748.933237][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! >[ 748.947667][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 748.967298][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 748.987149][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 749.015137][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 749.045158][T11040] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 749.046155][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 749.129366][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 749.165165][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 749.187687][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 749.208906][T14741] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 749.256623][T14741] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.295972][T14741] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.314802][T14741] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.351489][T14741] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.682104][T11865] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 749.694721][T11865] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 749.756014][T14061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 749.794646][T14061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 750.004697][T11040] Bluetooth: hci1: command tx timeout [ 751.016192][ T29] audit: type=1800 audit(1198.052:19): pid=14891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2382" name="dbroot" dev="configfs" ino=47546 res=0 errno=0 [ 751.048659][T14891] Process accounting resumed [ 751.135674][ T29] audit: type=1804 audit(1198.082:20): pid=14891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2382" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=47546 res=1 errno=0 >[ 752.649928][T14907] ptrace attach of "./syz-executor exec"[9257] was attempted by ""[14907] [ 752.738918][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.745608][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.881267][T14896] svc: failed to register nfsdv3 RPC service (errno 111). [ 752.898431][T14896] svc: failed to register nfsaclv3 RPC service (errno 111). >[ 753.688012][T14927] FAULT_INJECTION: forcing a failure. [ 753.688012][T14927] name failslab, interval 1, probability 0, space 0, times 0 [ 753.721314][T14927] CPU: 0 UID: 0 PID: 14927 Comm: syz.0.2392 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 753.721358][T14927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 753.721378][T14927] Call Trace: [ 753.721388][T14927] [ 753.721399][T14927] dump_stack_lvl+0x16c/0x1f0 [ 753.721449][T14927] should_fail_ex+0x497/0x5b0 [ 753.721487][T14927] ? fs_reclaim_acquire+0xae/0x150 [ 753.721541][T14927] should_failslab+0xc2/0x120 [ 753.721581][T14927] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 753.721618][T14927] ? __d_alloc+0x35/0x8c0 [ 753.721657][T14927] __d_alloc+0x35/0x8c0 [ 753.721696][T14927] d_alloc_pseudo+0x1c/0xc0 [ 753.721740][T14927] alloc_file_pseudo+0xd2/0x200 [ 753.721781][T14927] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 753.721836][T14927] __anon_inode_getfile+0x136/0x3c0 [ 753.721890][T14927] ? __pfx___anon_inode_getfile+0x10/0x10 [ 753.721945][T14927] io_uring_setup+0x1952/0x3370 [ 753.721992][T14927] ? __pfx_io_uring_setup+0x10/0x10 [ 753.722042][T14927] ? __fget_files+0x206/0x3a0 [ 753.722080][T14927] ? ksys_write+0x1ba/0x250 [ 753.722126][T14927] ? __pfx_ksys_write+0x10/0x10 [ 753.722187][T14927] __x64_sys_io_uring_setup+0x98/0x140 [ 753.722227][T14927] do_syscall_64+0xcd/0x250 [ 753.722272][T14927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.722321][T14927] RIP: 0033:0x7f596f58cd29 [ 753.722347][T14927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 753.722379][T14927] RSP: 002b:00007f597030c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 753.722409][T14927] RAX: ffffffffffffffda RBX: 00007f596f7a5fa0 RCX: 00007f596f58cd29 [ 753.722429][T14927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 753.722447][T14927] RBP: 00007f597030c090 R08: 0000000000000000 R09: 0000000000000000 [ 753.722466][T14927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 753.722485][T14927] R13: 0000000000000000 R14: 00007f596f7a5fa0 R15: 00007ffd42bcfab8 [ 753.722527][T14927] >[ 754.341743][T14939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2397'. [ 754.812920][T11040] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 754.840345][T14899] ------------[ cut here ]------------ [ 754.846031][T14899] ODEBUG: free active (active state 0) object: ffff88806b815248 object type: timer_list hint: hci_devcd_timeout+0x0/0x2f0 [ 755.043033][T14899] WARNING: CPU: 1 PID: 14899 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 755.052800][T14899] Modules linked in: [ 755.056743][T14899] CPU: 1 UID: 0 PID: 14899 Comm: syz.1.2385 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 755.067278][T14899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 755.078269][T14899] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 755.084988][T14899] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd 60 7e d2 8b 41 56 4c 89 e6 48 c7 c7 e0 72 d2 8b e8 4f fd b7 fc 90 <0f> 0b 90 90 58 83 05 56 3d 9e 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 755.104797][T14899] RSP: 0018:ffffc90004c3fa88 EFLAGS: 00010286 [ 755.110939][T14899] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffc90014252000 [ 755.119075][T14899] RDX: 0000000000080000 RSI: ffffffff8179e976 RDI: 0000000000000001 [ 755.128072][T14899] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 755.136673][T14899] R10: 0000000000000001 R11: fffffffffffe6820 R12: ffffffff8bd27980 [ 755.145073][T14899] R13: ffffffff8b6f8240 R14: ffffffff8a539be0 R15: ffffc90004c3fb98 [ 755.153163][T14899] FS: 00007fd4b8a8a6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 755.162293][T14899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 755.168941][T14899] CR2: 0000000020001000 CR3: 000000004fdb2000 CR4: 00000000003526f0 [ 755.177069][T14899] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 755.185918][T14899] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 755.194703][T14899] Call Trace: [ 755.198033][T14899] [ 755.201012][T14899] ? __warn+0xea/0x3c0 [ 755.205782][T14899] ? preempt_schedule_notrace+0x62/0xe0 [ 755.211412][T14899] ? debug_print_object+0x1a2/0x2b0 [ 755.217111][T14899] ? report_bug+0x3c0/0x580 [ 755.221784][T14899] ? handle_bug+0x54/0xa0 [ 755.226308][T14899] ? exc_invalid_op+0x17/0x50 [ 755.231441][T14899] ? asm_exc_invalid_op+0x1a/0x20 [ 755.236888][T14899] ? __pfx_hci_devcd_timeout+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 755.242522][T14899] ? __warn_printk+0x1a6/0x350 [ 755.247348][T14899] ? debug_print_object+0x1a2/0x2b0 [ 755.252698][T14899] ? debug_print_object+0x1a1/0x2b0 [ 755.257980][T14899] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 755.263581][T14899] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 755.269470][T14899] debug_check_no_obj_freed+0x4b7/0x600 [ 755.275209][T14899] ? ida_free+0x2d9/0x2f0 [ 755.279665][T14899] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 755.286800][T14899] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 755.293529][T14899] ? ida_free+0x204/0x2f0 [ 755.297941][T14899] ? __pfx_ida_free+0x10/0x10 [ 755.302801][T14899] kfree+0x2b3/0x4b0 [ 755.306763][T14899] ? hci_release_dev+0x4d9/0x600 [ 755.311822][T14899] hci_release_dev+0x4d9/0x600 [ 755.316792][T14899] ? __pfx_hci_release_dev+0x10/0x10 [ 755.322214][T14899] ? rcu_is_watching+0x12/0xc0 [ 755.327062][T14899] ? kfree+0x274/0x4b0 [ 755.331190][T14899] bt_host_release+0x6a/0xb0 [ 755.336352][T14899] ? __pfx_bt_host_release+0x10/0x10 [ 755.341870][T14899] device_release+0xa1/0x240 [ 755.347054][T14899] kobject_put+0x1e4/0x5a0 [ 755.351553][T14899] ? __pfx_vhci_release+0x10/0x10 [ 755.356718][T14899] put_device+0x1f/0x30 [ 755.360959][T14899] vhci_release+0x81/0xf0 [ 755.365503][T14899] __fput+0x3ff/0xb70 [ 755.369582][T14899] task_work_run+0x14e/0x250 [ 755.374324][T14899] ? __pfx_task_work_run+0x10/0x10 [ 755.379511][T14899] ? __pfx___do_sys_close_range+0x10/0x10 [ 755.386095][T14899] syscall_exit_to_user_mode+0x27b/0x2a0 [ 755.391808][T14899] do_syscall_64+0xda/0x250 [ 755.397228][T14899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.403293][T14899] RIP: 0033:0x7fd4b7b8cd29 [ 755.407796][T14899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.427622][T14899] RSP: 002b:00007fd4b8a8a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 755.436590][T14899] RAX: 0000000000000000 RBX: 00007fd4b7da6160 RCX: 00007fd4b7b8cd29 [ 755.445176][T14899] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 755.453301][T14899] RBP: 00007fd4b7c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 755.461325][T14899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.469463][T14899] R13: 0000000000000000 R14: 00007fd4b7da6160 R15: 00007ffcf7192da8 [ 755.477742][T14899] [ 755.480820][T14899] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 755.488145][T14899] CPU: 1 UID: 0 PID: 14899 Comm: syz.1.2385 Not tainted 6.13.0-syzkaller-05731-g68732c0bf97c #0 [ 755.498615][T14899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 755.508722][T14899] Call Trace: [ 755.512044][T14899] [ 755.515017][T14899] dump_stack_lvl+0x3d/0x1f0 [ 755.519680][T14899] panic+0x71d/0x800 [ 755.523628][T14899] ? __pfx_panic+0x10/0x10 [ 755.528095][T14899] ? show_trace_log_lvl+0x29d/0x3d0 [ 755.533376][T14899] ? debug_print_object+0x1a2/0x2b0 [ 755.538642][T14899] check_panic_on_warn+0xab/0xb0 [ 755.543635][T14899] __warn+0xf6/0x3c0 [ 755.547582][T14899] ? preempt_schedule_notrace+0x62/0xe0 [ 755.553198][T14899] ? debug_print_object+0x1a2/0x2b0 [ 755.558471][T14899] report_bug+0x3c0/0x580 [ 755.562873][T14899] handle_bug+0x54/0xa0 [ 755.567104][T14899] exc_invalid_op+0x17/0x50 [ 755.571691][T14899] asm_exc_invalid_op+0x1a/0x20 [ 755.576618][T14899] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 755.582497][T14899] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd 60 7e d2 8b 41 56 4c 89 e6 48 c7 c7 e0 72 d2 8b e8 4f fd b7 fc 90 <0f> 0b 90 90 58 83 05 56 3d 9e 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 755.602167][T14899] RSP: 0018:ffffc90004c3fa88 EFLAGS: 00010286 [ 755.608288][T14899] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffc90014252000 [ 755.616301][T14899] RDX: 0000000000080000 RSI: ffffffff8179e976 RDI: 0000000000000001 [ 755.624328][T14899] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 755.632346][T14899] R10: 0000000000000001 R11: fffffffffffe6820 R12: ffffffff8bd27980 [ 755.640363][T14899] R13: ffffffff8b6f8240 R14: ffffffff8a539be0 R15: ffffc90004c3fb98 [ 755.648381][T14899] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 755.653909][T14899] ? __warn_printk+0x1a6/0x350 [ 755.659167][T14899] ? debug_print_object+0x1a1/0x2b0 [ 755.664432][T14899] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 755.669942][T14899] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 755.675813][T14899] debug_check_no_obj_freed+0x4b7/0x600 [ 755.681443][T14899] ? ida_free+0x2d9/0x2f0 [ 755.685867][T14899] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 755.692030][T14899] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 755.697915][T14899] ? ida_free+0x204/0x2f0 [ 755.702319][T14899] ? __pfx_ida_free+0x10/0x10 [ 755.707070][T14899] kfree+0x2b3/0x4b0 [ 755.711018][T14899] ? hci_release_dev+0x4d9/0x600 [ 755.716033][T14899] hci_release_dev+0x4d9/0x600 [ 755.720954][T14899] ? __pfx_hci_release_dev+0x10/0x10 [ 755.726313][T14899] ? rcu_is_watching+0x12/0xc0 [ 755.731155][T14899] ? kfree+0x274/0x4b0 [ 755.735279][T14899] bt_host_release+0x6a/0xb0 [ 755.739942][T14899] ? __pfx_bt_host_release+0x10/0x10 [ 755.745300][T14899] device_release+0xa1/0x240 [ 755.749955][T14899] kobject_put+0x1e4/0x5a0 [ 755.754443][T14899] ? __pfx_vhci_release+0x10/0x10 [ 755.759538][T14899] put_device+0x1f/0x30 [ 755.763760][T14899] vhci_release+0x81/0xf0 [ 755.768161][T14899] __fput+0x3ff/0xb70 [ 755.772203][T14899] task_work_run+0x14e/0x250 [ 755.776859][T14899] ? __pfx_task_work_run+0x10/0x10 [ 755.782039][T14899] ? __pfx___do_sys_close_range+0x10/0x10 [ 755.787819][T14899] syscall_exit_to_user_mode+0x27b/0x2a0 [ 755.793528][T14899] do_syscall_64+0xda/0x250 [ 755.798106][T14899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.804071][T14899] RIP: 0033:0x7fd4b7b8cd29 [ 755.808552][T14899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.828265][T14899] RSP: 002b:00007fd4b8a8a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 755.836749][T14899] RAX: 0000000000000000 RBX: 00007fd4b7da6160 RCX: 00007fd4b7b8cd29 [ 755.844774][T14899] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 755.852800][T14899] RBP: 00007fd4b7c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 755.860830][T14899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.868848][T14899] R13: 0000000000000000 R14: 00007fd4b7da6160 R15: 00007ffcf7192da8 [ 755.876896][T14899] [ 755.880285][T14899] Kernel Offset: disabled [ 755.884623][T14899] Rebooting in 86400 seconds..