last executing test programs: 8.798693031s ago: executing program 3 (id=2403): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x4) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000000e, 0x0) r1 = open_by_handle_at$auto(r0, &(0x7f0000000040)={0x0, 0x4}, 0x33d) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000080)=""/106, 0x6a) fsopen$auto(0x0, 0x1) sendmsg$auto_MACSEC_CMD_ADD_TXSA(r0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 7.809283737s ago: executing program 3 (id=2406): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x4000, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x161302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) read$auto(0x3, 0x0, 0x1f40) close_range$auto(r0, r0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r2 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x141002, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd5/queue/zoned\x00', 0x60301, 0x0) mmap$auto(0x8a, 0xe7f, 0x3, 0xeb1, r0, 0x9444) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x103541, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) pwritev$auto(r2, &(0x7f0000000180)={0x0, 0x9}, 0x837, 0xb6, 0x3) pwrite64$auto(r1, 0x0, 0x1, 0x2) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES16=0x0, @ANYBLOB="01002b00"/14], 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x40040a2) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub2/xrun_injection\x00', 0x2, 0x0) ioctl$auto(0x3, 0x8008551c, 0x38) unshare$auto(0x40000080) 7.31483292s ago: executing program 3 (id=2412): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x4000, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x161302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) read$auto(0x3, 0x0, 0x1f40) close_range$auto(r0, r0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r2 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x141002, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd5/queue/zoned\x00', 0x60301, 0x0) mmap$auto(0x8a, 0xe7f, 0x3, 0xeb1, r0, 0x9444) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x103541, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) pwritev$auto(r2, &(0x7f0000000180)={0x0, 0x9}, 0x837, 0xb6, 0x3) pwrite64$auto(r1, 0x0, 0x1, 0x2) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES16=0x0, @ANYBLOB="01002b00"/14], 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x40040a2) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub2/xrun_injection\x00', 0x2, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) 6.747399841s ago: executing program 3 (id=2415): socket(0x2b, 0x1, 0x1) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x404, 0x8000) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0x101002, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x381a00, 0x0) openat$auto_proc_environ_operations_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) setgroups$auto(0x0, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='v'], 0x1ac}}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) 6.526758633s ago: executing program 3 (id=2416): mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x6d, 0x0, 0x0) 6.306705712s ago: executing program 3 (id=2417): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x4) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000000e, 0x0) open_by_handle_at$auto(r0, &(0x7f0000000040)={0x0, 0x4}, 0x33d) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 5.729155407s ago: executing program 0 (id=2419): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x4000, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x161302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) read$auto(0x3, 0x0, 0x1f40) close_range$auto(r0, r0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x141002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd5/queue/zoned\x00', 0x60301, 0x0) mmap$auto(0x8a, 0xe7f, 0x3, 0xeb1, r0, 0x9444) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x103541, 0x0) read$auto(r1, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) 5.710078664s ago: executing program 1 (id=2420): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x4) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000000e, 0x0) r1 = open_by_handle_at$auto(r0, &(0x7f0000000040)={0x0, 0x4}, 0x33d) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000080)=""/106, 0x6a) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 5.487810679s ago: executing program 0 (id=2423): openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) timer_create$auto(0x9, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0) read$auto_snd_rawmidi_f_ops_rawmidi(r0, &(0x7f0000000080)=""/45, 0x2d) close_range$auto(0x2, 0x8, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r2 = fsopen$auto(0x0, 0x400) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x2c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_OPER_CLASS={0x5}, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004801}, 0x4008000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003e00), r4) open(&(0x7f00000001c0)='./file0\x00', 0x101000, 0xdb) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r4, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="09032bbd7000fedbdf250b000000080001000819"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000000), 0xe0de}, 0x2) 4.815204087s ago: executing program 1 (id=2426): socket(0x2b, 0x1, 0x1) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x404, 0x8000) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0x101002, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x381a00, 0x0) openat$auto_proc_environ_operations_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) setgroups$auto(0x0, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='v'], 0x1ac}}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) 4.746215444s ago: executing program 1 (id=2427): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x4000, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x161302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) read$auto(0x3, 0x0, 0x1f40) close_range$auto(r0, r0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r2 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x141002, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd5/queue/zoned\x00', 0x60301, 0x0) mmap$auto(0x8a, 0xe7f, 0x3, 0xeb1, r0, 0x9444) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x103541, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) pwritev$auto(r2, &(0x7f0000000180)={0x0, 0x9}, 0x837, 0xb6, 0x3) pwrite64$auto(r1, 0x0, 0x1, 0x2) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES16=0x0, @ANYBLOB="01002b00"/14], 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x40040a2) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub2/xrun_injection\x00', 0x2, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) 4.705717421s ago: executing program 2 (id=2428): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x4000, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x161302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) read$auto(0x3, 0x0, 0x1f40) close_range$auto(r0, r0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r2 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x141002, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd5/queue/zoned\x00', 0x60301, 0x0) mmap$auto(0x8a, 0xe7f, 0x3, 0xeb1, r0, 0x9444) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x103541, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) pwritev$auto(r2, &(0x7f0000000180)={0x0, 0x9}, 0x837, 0xb6, 0x3) pwrite64$auto(r1, 0x0, 0x1, 0x2) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES16=0x0, @ANYBLOB="01002b00"/14], 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x40040a2) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub2/xrun_injection\x00', 0x2, 0x0) ioctl$auto(0x3, 0x8008551c, 0x38) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) 4.497408384s ago: executing program 0 (id=2429): open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x3, 0x67) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/numa_maps\x00', 0x0, 0x0) mq_notify$auto(r0, &(0x7f00000002c0)={@sival_ptr=&(0x7f0000000180)="db8022ddfb1b490ef5cfad5ffb78f032818013f1ae524f34727aba476808c1cc5715149903d72adb3147f637b7707d1d8759b7630a6b272690c910bc37c5531c1983f0b0b595443e50e2b5ac0593c92f0deeef93abaea48a6e7c024c7b9696dbd74d32bc1ebf14fd2a9cf20e4a9f7778ffee122a84f7cdbcf6569e742b0729bb1edf58c97fd78553d28fb3a8fd30925bf03c664ddb5c5612dfc4a360027877b66a", @raw=0x5, 0x1, @_sigev_thread={&(0x7f0000000280)=&(0x7f0000000240)=0xb0, &(0x7f0000000340)="01a85e7466e8ee5815a4ab5ebf2e1ac027273979b1691165291357d6267c09667b1c1ff8401f4d1241f829ad4d4810ed6c677d62b2f5623d144d927bc1099086b0ef875f5533d3664e9a6afa9f3bbc8d410ed39a1f49f98fc591479c69a8cbc3cdc840fd140526a8008204fec20bcfa4b2ca2b5188b0f94867a6567f1674442a94c352cfd6b76cf7223578a4d678aa781af706684008d86281d48c4d323349b1d5af8d8c1e92c8bb0a40"}}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents64$auto(0x0, 0x0, 0x18) getdents$auto(0x0, 0x0, 0x700) madvise$auto(0x1ffff000, 0x5510, 0x8) getsockopt$auto(0x4, 0x6, 0x4, 0x0, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/irq/13/spurious\x00', 0x80240, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mprotect$auto(0x3, 0x8000000000000008, 0xd) r1 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$auto(r1, 0x0, 0x45c) 4.181715979s ago: executing program 2 (id=2430): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x4) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000000e, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 3.489652646s ago: executing program 2 (id=2431): write$auto(0x3, 0x0, 0xfdef) 3.417703968s ago: executing program 0 (id=2432): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x4) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000000e, 0x0) r1 = open_by_handle_at$auto(r0, &(0x7f0000000040)={0x0, 0x4}, 0x33d) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000080)=""/106, 0x6a) fsopen$auto(0x0, 0x1) sendmsg$auto_MACSEC_CMD_ADD_TXSA(r0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 2.305202196s ago: executing program 1 (id=2433): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x4000, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x161302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) read$auto(0x3, 0x0, 0x1f40) close_range$auto(r0, r0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r2 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x141002, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd5/queue/zoned\x00', 0x60301, 0x0) mmap$auto(0x8a, 0xe7f, 0x3, 0xeb1, r0, 0x9444) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x103541, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) pwritev$auto(r2, &(0x7f0000000180)={0x0, 0x9}, 0x837, 0xb6, 0x3) pwrite64$auto(r1, 0x0, 0x1, 0x2) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES16=0x0, @ANYBLOB="01002b00"/14], 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x40040a2) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub2/xrun_injection\x00', 0x2, 0x0) ioctl$auto(0x3, 0x8008551c, 0x38) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) 2.304901656s ago: executing program 2 (id=2434): socket(0x2b, 0x1, 0x1) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x404, 0x8000) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0x101002, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x381a00, 0x0) openat$auto_proc_environ_operations_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) setgroups$auto(0x0, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='v'], 0x1ac}}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) 2.298002996s ago: executing program 0 (id=2440): openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) timer_create$auto(0x9, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0) read$auto_snd_rawmidi_f_ops_rawmidi(r0, &(0x7f0000000080)=""/45, 0x2d) close_range$auto(0x2, 0x8, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r2 = fsopen$auto(&(0x7f0000000000)='\x00', 0x400) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004801}, 0x4008000) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r4, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="09032bbd7000fedbdf250b000000080001000819"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000000), 0xe0de}, 0x2) 1.839477374s ago: executing program 2 (id=2435): openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) timer_create$auto(0x9, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0) read$auto_snd_rawmidi_f_ops_rawmidi(r0, &(0x7f0000000080)=""/45, 0x2d) close_range$auto(0x2, 0x8, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r2 = fsopen$auto(&(0x7f0000000000)='\x00', 0x400) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, 0x0, 0x4008000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003e00), r3) open(&(0x7f00000001c0)='./file0\x00', 0x101000, 0xdb) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r3, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="09032bbd7000fedbdf250b000000080001000819"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000000), 0xe0de}, 0x2) 1.583975099s ago: executing program 1 (id=2436): openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) timer_create$auto(0x9, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0) read$auto_snd_rawmidi_f_ops_rawmidi(r0, &(0x7f0000000080)=""/45, 0x2d) close_range$auto(0x2, 0x8, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r2 = fsopen$auto(&(0x7f0000000000)='\x00', 0x400) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4004801}, 0x4008000) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r3, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="09032bbd7000fedbdf250b000000080001000819"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000000), 0xe0de}, 0x2) 498.091554ms ago: executing program 2 (id=2437): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x4) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000000e, 0x0) r1 = open_by_handle_at$auto(r0, &(0x7f0000000040)={0x0, 0x4}, 0x33d) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000080)=""/106, 0x6a) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 160.57743ms ago: executing program 1 (id=2438): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x4) rseq$auto(&(0x7f0000000000)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x7ffe, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 0s ago: executing program 0 (id=2439): open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x3, 0x67) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/numa_maps\x00', 0x0, 0x0) mq_notify$auto(r0, &(0x7f00000002c0)={@sival_ptr=&(0x7f0000000180)="db8022ddfb1b490ef5cfad5ffb78f032818013f1ae524f34727aba476808c1cc5715149903d72adb3147f637b7707d1d8759b7630a6b272690c910bc37c5531c1983f0b0b595443e50e2b5ac0593c92f0deeef93abaea48a6e7c024c7b9696dbd74d32bc1ebf14fd2a9cf20e4a9f7778ffee122a84f7cdbcf6569e742b0729bb1edf58c97fd78553d28fb3a8fd30925bf03c664ddb5c5612dfc4a360027877b66a", @raw=0x5, 0x1, @_sigev_thread={&(0x7f0000000280)=&(0x7f0000000240)=0xb0, &(0x7f0000000340)="01a85e7466e8ee5815a4ab5ebf2e1ac027273979b1691165291357d6267c09667b1c1ff8401f4d1241f829ad4d4810ed6c677d62b2f5623d144d927bc1099086b0ef875f5533d3664e9a6afa9f3bbc8d410ed39a1f49f98fc591479c69a8cbc3cdc840fd140526a8008204fec20bcfa4b2ca2b5188b0f94867a6567f1674442a94c352cfd6b76cf7223578a4d678aa781af706684008d86281d48c4d323349b1d5af8d8c1e92c8bb0a40"}}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents64$auto(0x0, 0x0, 0x18) getdents$auto(0x0, 0x0, 0x700) madvise$auto(0x1ffff000, 0x5510, 0x8) getsockopt$auto(0x4, 0x6, 0x4, 0x0, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/irq/13/spurious\x00', 0x80240, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mprotect$auto(0x3, 0x8000000000000008, 0xd) r1 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$auto(r1, 0x0, 0x45c) kernel console output (not intermixed with test programs): _filter+0xe8/0x1b0 [ 273.821377][ T9628] ? __pfx_get_filter+0x10/0x10 [ 273.826285][ T9628] ? _copy_from_user+0x59/0xd0 [ 273.831097][ T9628] ppp_ioctl+0xb95/0x2590 [ 273.835479][ T9628] ? __pfx_lock_release+0x10/0x10 [ 273.840541][ T9628] ? trace_lock_acquire+0x14e/0x1f0 [ 273.845784][ T9628] ? __pfx_ppp_ioctl+0x10/0x10 [ 273.850625][ T9628] ? __fget_files+0x206/0x3a0 [ 273.855396][ T9628] ? __pfx_ppp_ioctl+0x10/0x10 [ 273.860216][ T9628] __x64_sys_ioctl+0x190/0x200 [ 273.865034][ T9628] do_syscall_64+0xcd/0x250 [ 273.869599][ T9628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.875544][ T9628] RIP: 0033:0x7fe3da785d29 [ 273.880004][ T9628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.899653][ T9628] RSP: 002b:00007fe3db5e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.908113][ T9628] RAX: ffffffffffffffda RBX: 00007fe3da976080 RCX: 00007fe3da785d29 [ 273.916125][ T9628] RDX: 00000000200000c0 RSI: 0000000040107446 RDI: 0000000000000003 [ 273.924133][ T9628] RBP: 00007fe3db5e3090 R08: 0000000000000000 R09: 0000000000000000 [ 273.932157][ T9628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.940339][ T9628] R13: 0000000000000000 R14: 00007fe3da976080 R15: 00007ffe78c42768 [ 273.948365][ T9628] [ 277.396325][ T9686] netlink: 8 bytes leftover after parsing attributes in process `syz.0.881'. [ 279.223216][ T9725] netlink: zone id is out of range [ 281.709996][ T9792] FAULT_INJECTION: forcing a failure. [ 281.709996][ T9792] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 281.737942][ T9792] CPU: 0 UID: 0 PID: 9792 Comm: syz.1.908 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 281.748602][ T9792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 281.758788][ T9792] Call Trace: [ 281.762095][ T9792] [ 281.765052][ T9792] dump_stack_lvl+0x16c/0x1f0 [ 281.769780][ T9792] should_fail_ex+0x497/0x5b0 [ 281.774492][ T9792] _copy_from_iter+0x29b/0x1400 [ 281.779382][ T9792] ? trace_lock_acquire+0x14e/0x1f0 [ 281.784629][ T9792] ? __alloc_skb+0x200/0x380 [ 281.789247][ T9792] ? __pfx__copy_from_iter+0x10/0x10 [ 281.794550][ T9792] ? __virt_addr_valid+0x1a4/0x590 [ 281.799683][ T9792] ? __virt_addr_valid+0x5e/0x590 [ 281.804729][ T9792] ? __phys_addr_symbol+0x30/0x80 [ 281.809771][ T9792] ? __check_object_size+0x488/0x710 [ 281.815076][ T9792] netlink_sendmsg+0x813/0xd70 [ 281.819884][ T9792] ? __pfx_netlink_sendmsg+0x10/0x10 [ 281.825197][ T9792] ____sys_sendmsg+0x9ae/0xb40 [ 281.829982][ T9792] ? copy_msghdr_from_user+0x10b/0x160 [ 281.835459][ T9792] ? __pfx_____sys_sendmsg+0x10/0x10 [ 281.840765][ T9792] ___sys_sendmsg+0x135/0x1e0 [ 281.845460][ T9792] ? __pfx____sys_sendmsg+0x10/0x10 [ 281.850682][ T9792] ? __pfx_lock_release+0x10/0x10 [ 281.855714][ T9792] ? trace_lock_acquire+0x14e/0x1f0 [ 281.860959][ T9792] ? __fget_files+0x206/0x3a0 [ 281.865659][ T9792] __sys_sendmsg+0x16e/0x220 [ 281.870265][ T9792] ? __pfx___sys_sendmsg+0x10/0x10 [ 281.875405][ T9792] do_syscall_64+0xcd/0x250 [ 281.879924][ T9792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.885832][ T9792] RIP: 0033:0x7fcc8f585d29 [ 281.890254][ T9792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.909877][ T9792] RSP: 002b:00007fcc9031a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 281.918321][ T9792] RAX: ffffffffffffffda RBX: 00007fcc8f775fa0 RCX: 00007fcc8f585d29 [ 281.926300][ T9792] RDX: 0000000000040000 RSI: 0000000020000200 RDI: 0000000000000003 [ 281.934347][ T9792] RBP: 00007fcc9031a090 R08: 0000000000000000 R09: 0000000000000000 [ 281.942324][ T9792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 281.950301][ T9792] R13: 0000000000000000 R14: 00007fcc8f775fa0 R15: 00007ffe26a46658 [ 281.958338][ T9792] [ 282.080996][ T9801] vivid-013: ================= START STATUS ================= [ 282.088894][ T9801] vivid-013: Generate PTS: true [ 282.094322][ T9801] vivid-013: Generate SCR: true [ 282.099414][ T9801] tpg source WxH: 640x360 (Y'CbCr) [ 282.104822][ T9801] tpg field: 1 [ 282.109158][ T9801] tpg crop: 640x360@0x0 [ 282.113518][ T9801] tpg compose: 640x360@0x0 [ 282.118042][ T9801] tpg colorspace: 8 [ 282.121939][ T9801] tpg transfer function: 0/0 [ 282.126658][ T9801] tpg Y'CbCr encoding: 0/0 [ 282.136667][ T9801] tpg quantization: 0/0 [ 282.160267][ T9801] tpg RGB range: 0/2 [ 282.164229][ T9801] vivid-013: ================== END STATUS ================== [ 284.147928][ T9855] netlink: 28 bytes leftover after parsing attributes in process `syz.3.923'. [ 284.502268][ T9873] netlink: 178 bytes leftover after parsing attributes in process `syz.3.928'. [ 284.565656][ T9876] netlink: 342 bytes leftover after parsing attributes in process `syz.2.929'. [ 285.329140][ T9905] netlink: 20 bytes leftover after parsing attributes in process `syz.3.936'. [ 286.092181][ T9925] FAULT_INJECTION: forcing a failure. [ 286.092181][ T9925] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 286.111909][ T9925] CPU: 1 UID: 0 PID: 9925 Comm: syz.2.942 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 286.122573][ T9925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 286.132679][ T9925] Call Trace: [ 286.135978][ T9925] [ 286.138930][ T9925] dump_stack_lvl+0x16c/0x1f0 [ 286.143659][ T9925] should_fail_ex+0x497/0x5b0 [ 286.148386][ T9925] _copy_from_user+0x2e/0xd0 [ 286.153023][ T9925] kstrtouint_from_user+0xd7/0x1c0 [ 286.158175][ T9925] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 286.163949][ T9925] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 286.169635][ T9925] proc_fail_nth_write+0x84/0x250 [ 286.174718][ T9925] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 286.180396][ T9925] ? ksys_write+0x12b/0x250 [ 286.184991][ T9925] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 286.190666][ T9925] vfs_write+0x24c/0x1150 [ 286.195036][ T9925] ? __fget_files+0x1fc/0x3a0 [ 286.199753][ T9925] ? __pfx___mutex_lock+0x10/0x10 [ 286.204818][ T9925] ? __pfx_vfs_write+0x10/0x10 [ 286.209644][ T9925] ? __fget_files+0x206/0x3a0 [ 286.214378][ T9925] ksys_write+0x12b/0x250 [ 286.218749][ T9925] ? __pfx_ksys_write+0x10/0x10 [ 286.223657][ T9925] do_syscall_64+0xcd/0x250 [ 286.228201][ T9925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.234134][ T9925] RIP: 0033:0x7f325d9847df [ 286.238583][ T9925] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 286.258231][ T9925] RSP: 002b:00007f325e86e030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 286.266689][ T9925] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f325d9847df [ 286.274699][ T9925] RDX: 0000000000000001 RSI: 00007f325e86e0a0 RDI: 0000000000000003 [ 286.282716][ T9925] RBP: 00007f325e86e090 R08: 0000000000000000 R09: 0000000000000000 [ 286.290811][ T9925] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 286.298841][ T9925] R13: 0000000000000000 R14: 00007f325db76080 R15: 00007ffc47458a58 [ 286.306882][ T9925] [ 286.556884][ T9910] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 286.569109][ T9910] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 286.600254][ T9910] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 286.607369][ T9910] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 286.863701][ T9936] FAULT_INJECTION: forcing a failure. [ 286.863701][ T9936] name failslab, interval 1, probability 0, space 0, times 0 [ 286.910282][ T9936] CPU: 1 UID: 0 PID: 9936 Comm: syz.3.946 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 286.920959][ T9936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 286.931062][ T9936] Call Trace: [ 286.934379][ T9936] [ 286.937346][ T9936] dump_stack_lvl+0x16c/0x1f0 [ 286.942069][ T9936] should_fail_ex+0x497/0x5b0 [ 286.946793][ T9936] ? fs_reclaim_acquire+0xae/0x150 [ 286.951952][ T9936] should_failslab+0xc2/0x120 [ 286.956679][ T9936] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 286.963058][ T9936] ? sysfs_blk_trace_attr_store+0x488/0x9d0 [ 286.969022][ T9936] kstrdup+0x42/0xb0 [ 286.972966][ T9936] sysfs_blk_trace_attr_store+0x488/0x9d0 [ 286.978737][ T9936] ? __pfx_sysfs_blk_trace_attr_store+0x10/0x10 [ 286.985040][ T9936] ? __pfx_sysfs_blk_trace_attr_store+0x10/0x10 [ 286.991334][ T9936] dev_attr_store+0x55/0x80 [ 286.995890][ T9936] ? __pfx_dev_attr_store+0x10/0x10 [ 287.001138][ T9936] sysfs_kf_write+0x117/0x170 [ 287.005866][ T9936] kernfs_fop_write_iter+0x33d/0x500 [ 287.011193][ T9936] ? __pfx_sysfs_kf_write+0x10/0x10 [ 287.016417][ T9936] vfs_write+0x5ae/0x1150 [ 287.020758][ T9936] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 287.026583][ T9936] ? __pfx___mutex_lock+0x10/0x10 [ 287.031717][ T9936] ? __pfx_vfs_write+0x10/0x10 [ 287.036515][ T9936] ksys_write+0x12b/0x250 [ 287.040858][ T9936] ? __pfx_ksys_write+0x10/0x10 [ 287.045819][ T9936] do_syscall_64+0xcd/0x250 [ 287.050340][ T9936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.056250][ T9936] RIP: 0033:0x7f7c50785d29 [ 287.060674][ T9936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.080297][ T9936] RSP: 002b:00007f7c51517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 287.088726][ T9936] RAX: ffffffffffffffda RBX: 00007f7c50975fa0 RCX: 00007f7c50785d29 [ 287.096705][ T9936] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 287.104683][ T9936] RBP: 00007f7c51517090 R08: 0000000000000000 R09: 0000000000000000 [ 287.112672][ T9936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.120651][ T9936] R13: 0000000000000000 R14: 00007f7c50975fa0 R15: 00007ffe18703798 [ 287.128660][ T9936] [ 287.943664][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 288.580488][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 288.586575][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 288.671173][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 289.308601][ T9967] Process accounting resumed [ 289.683112][ T9996] netlink: 20 bytes leftover after parsing attributes in process `syz.2.957'. [ 291.915556][T10051] netlink: 20 bytes leftover after parsing attributes in process `syz.1.973'. [ 293.203045][T10072] netlink: 342 bytes leftover after parsing attributes in process `syz.0.977'. [ 293.519939][T10076] netlink: 28 bytes leftover after parsing attributes in process `syz.2.978'. [ 296.605181][T10097] netlink: 342 bytes leftover after parsing attributes in process `syz.3.988'. [ 296.766833][T10107] netlink: 20 bytes leftover after parsing attributes in process `syz.0.985'. [ 296.948935][T10110] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 296.986897][T10110] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 298.365394][T10139] netlink: 342 bytes leftover after parsing attributes in process `syz.0.994'. [ 298.607583][T10143] netlink: 342 bytes leftover after parsing attributes in process `syz.2.996'. [ 299.332398][T10168] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 299.349853][T10168] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 300.149660][T10192] netlink: 'syz.2.1010': attribute type 2 has an invalid length. [ 300.190312][T10192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1010'. [ 300.825248][T10208] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1014'. [ 300.901164][T10211] FAULT_INJECTION: forcing a failure. [ 300.901164][T10211] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 300.915405][T10211] CPU: 1 UID: 0 PID: 10211 Comm: syz.3.1015 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 300.926233][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 300.936325][T10211] Call Trace: [ 300.939622][T10211] [ 300.942573][T10211] dump_stack_lvl+0x16c/0x1f0 [ 300.947306][T10211] should_fail_ex+0x497/0x5b0 [ 300.952039][T10211] _copy_from_user+0x2e/0xd0 [ 300.956687][T10211] wext_handle_ioctl+0xc5/0x2b0 [ 300.961580][T10211] ? __pfx_wext_handle_ioctl+0x10/0x10 [ 300.967087][T10211] sock_ioctl+0x3a6/0x6c0 [ 300.971435][T10211] ? __pfx_sock_ioctl+0x10/0x10 [ 300.976303][T10211] ? __fget_files+0x206/0x3a0 [ 300.981090][T10211] ? __pfx_sock_ioctl+0x10/0x10 [ 300.985955][T10211] __x64_sys_ioctl+0x190/0x200 [ 300.990733][T10211] do_syscall_64+0xcd/0x250 [ 300.995254][T10211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.001162][T10211] RIP: 0033:0x7f7c50785d29 [ 301.005586][T10211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.025204][T10211] RSP: 002b:00007f7c51517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 301.033627][T10211] RAX: ffffffffffffffda RBX: 00007f7c50975fa0 RCX: 00007f7c50785d29 [ 301.041605][T10211] RDX: 0000000000000091 RSI: 0000000000008b0b RDI: 0000000000000003 [ 301.049583][T10211] RBP: 00007f7c51517090 R08: 0000000000000000 R09: 0000000000000000 [ 301.057564][T10211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.065548][T10211] R13: 0000000000000000 R14: 00007f7c50975fa0 R15: 00007ffe18703798 [ 301.073540][T10211] [ 302.051821][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1020'. [ 303.031006][T10253] FAULT_INJECTION: forcing a failure. [ 303.031006][T10253] name failslab, interval 1, probability 0, space 0, times 0 [ 303.067839][T10253] CPU: 1 UID: 0 PID: 10253 Comm: syz.2.1024 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 303.078678][T10253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 303.088768][T10253] Call Trace: [ 303.092068][T10253] [ 303.095027][T10253] dump_stack_lvl+0x16c/0x1f0 [ 303.099751][T10253] should_fail_ex+0x497/0x5b0 [ 303.104474][T10253] ? fs_reclaim_acquire+0xae/0x150 [ 303.109629][T10253] should_failslab+0xc2/0x120 [ 303.114354][T10253] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 303.119775][T10253] ? mpol_new+0x11b/0x2d0 [ 303.124156][T10253] ? find_held_lock+0x2d/0x110 [ 303.128972][T10253] mpol_new+0x11b/0x2d0 [ 303.133176][T10253] do_mbind+0x219/0xe90 [ 303.137373][T10253] ? ksys_write+0x191/0x250 [ 303.141911][T10253] ? __pfx_lock_release+0x10/0x10 [ 303.146966][T10253] ? __pfx_do_mbind+0x10/0x10 [ 303.151676][T10253] ? vfs_write+0x306/0x1150 [ 303.156222][T10253] ? __mutex_unlock_slowpath+0x164/0x690 [ 303.161901][T10253] ? __pfx_get_nodes+0x10/0x10 [ 303.166709][T10253] ? __fget_files+0x206/0x3a0 [ 303.171432][T10253] kernel_mbind+0x1e8/0x200 [ 303.175970][T10253] ? __pfx_kernel_mbind+0x10/0x10 [ 303.181038][T10253] do_syscall_64+0xcd/0x250 [ 303.185574][T10253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.191480][T10253] RIP: 0033:0x7f325d985d29 [ 303.195901][T10253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.215520][T10253] RSP: 002b:00007f325e88f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 303.223944][T10253] RAX: ffffffffffffffda RBX: 00007f325db75fa0 RCX: 00007f325d985d29 [ 303.231922][T10253] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 303.239897][T10253] RBP: 00007f325e88f090 R08: 0000000000000006 R09: 0000000000000002 [ 303.247879][T10253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 303.255856][T10253] R13: 0000000000000000 R14: 00007f325db75fa0 R15: 00007ffc47458a58 [ 303.263853][T10253] [ 303.555806][T10265] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1024'. [ 304.105442][T10279] random: crng reseeded on system resumption [ 305.299929][T10292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1033'. [ 306.647976][T10326] FAULT_INJECTION: forcing a failure. [ 306.647976][T10326] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 306.692533][T10326] CPU: 1 UID: 0 PID: 10326 Comm: syz.1.1047 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 306.703365][T10326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 306.713454][T10326] Call Trace: [ 306.716755][T10326] [ 306.719705][T10326] dump_stack_lvl+0x16c/0x1f0 [ 306.724425][T10326] should_fail_ex+0x497/0x5b0 [ 306.729142][T10326] _copy_from_user+0x2e/0xd0 [ 306.733767][T10326] copy_clone_args_from_user+0x156/0x780 [ 306.739415][T10326] ? ksys_write+0x12b/0x250 [ 306.743929][T10326] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 306.750102][T10326] ? vfs_write+0x306/0x1150 [ 306.754620][T10326] __do_sys_clone3+0xac/0x270 [ 306.759310][T10326] ? __pfx___do_sys_clone3+0x10/0x10 [ 306.764631][T10326] do_syscall_64+0xcd/0x250 [ 306.769147][T10326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.775052][T10326] RIP: 0033:0x7fcc8f585d29 [ 306.779476][T10326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.799106][T10326] RSP: 002b:00007fcc90319f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 306.807553][T10326] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fcc8f585d29 [ 306.815546][T10326] RDX: 00007fcc90319f20 RSI: 0000000000000058 RDI: 00007fcc90319f20 [ 306.823623][T10326] RBP: 00007fcc9031a090 R08: 0000000000000000 R09: 0000000000000058 [ 306.831604][T10326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 306.839586][T10326] R13: 0000000000000000 R14: 00007fcc8f775fa0 R15: 00007ffe26a46658 [ 306.847582][T10326] [ 307.566451][T10333] FAULT_INJECTION: forcing a failure. [ 307.566451][T10333] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 307.580245][T10333] CPU: 1 UID: 0 PID: 10333 Comm: syz.1.1049 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 307.591059][T10333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 307.601149][T10333] Call Trace: [ 307.604464][T10333] [ 307.607414][T10333] dump_stack_lvl+0x16c/0x1f0 [ 307.612129][T10333] should_fail_ex+0x497/0x5b0 [ 307.616850][T10333] _copy_to_user+0x32/0xd0 [ 307.621312][T10333] simple_read_from_buffer+0xd0/0x160 [ 307.626722][T10333] proc_fail_nth_read+0x198/0x270 [ 307.631797][T10333] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.637407][T10333] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.643010][T10333] vfs_read+0x1df/0xbe0 [ 307.647206][T10333] ? __fget_files+0x1fc/0x3a0 [ 307.651912][T10333] ? __pfx___mutex_lock+0x10/0x10 [ 307.656951][T10333] ? __pfx_vfs_read+0x10/0x10 [ 307.661643][T10333] ? __fget_files+0x206/0x3a0 [ 307.666341][T10333] ksys_read+0x12b/0x250 [ 307.670594][T10333] ? __pfx_ksys_read+0x10/0x10 [ 307.675375][T10333] do_syscall_64+0xcd/0x250 [ 307.679891][T10333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.685797][T10333] RIP: 0033:0x7fcc8f58473c [ 307.690217][T10333] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 307.709835][T10333] RSP: 002b:00007fcc9031a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 307.718262][T10333] RAX: ffffffffffffffda RBX: 00007fcc8f775fa0 RCX: 00007fcc8f58473c [ 307.726251][T10333] RDX: 000000000000000f RSI: 00007fcc9031a0a0 RDI: 0000000000000003 [ 307.734228][T10333] RBP: 00007fcc9031a090 R08: 0000000000000000 R09: 0000000000000000 [ 307.742211][T10333] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 307.750187][T10333] R13: 0000000000000000 R14: 00007fcc8f775fa0 R15: 00007ffe26a46658 [ 307.758183][T10333] [ 308.137224][T10344] vivid-003: ================= START STATUS ================= [ 308.163546][T10344] vivid-003: Radio HW Seek Mode: Bounded [ 308.169282][T10344] vivid-003: Radio Programmable HW Seek: false [ 308.186137][T10344] vivid-003: RDS Rx I/O Mode: Block I/O [ 308.201148][T10344] vivid-003: Generate RBDS Instead of RDS: false [ 308.222220][T10344] vivid-003: RDS Reception: true [ 308.227253][T10344] vivid-003: RDS Program Type: 0 inactive [ 308.254175][T10344] vivid-003: RDS PS Name: inactive [ 308.270165][T10344] vivid-003: RDS Radio Text: inactive [ 308.290457][T10344] vivid-003: RDS Traffic Announcement: false inactive [ 308.310329][T10344] vivid-003: RDS Traffic Program: false inactive [ 308.316859][T10344] vivid-003: RDS Music: false inactive [ 308.364160][T10344] vivid-003: ================== END STATUS ================== [ 309.907625][T10379] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 309.940332][T10379] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 310.755064][T10408] FAULT_INJECTION: forcing a failure. [ 310.755064][T10408] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 310.773497][T10408] CPU: 0 UID: 0 PID: 10408 Comm: syz.0.1061 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 310.784349][T10408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 310.794443][T10408] Call Trace: [ 310.797749][T10408] [ 310.800713][T10408] dump_stack_lvl+0x16c/0x1f0 [ 310.805438][T10408] should_fail_ex+0x497/0x5b0 [ 310.810165][T10408] _copy_from_user+0x2e/0xd0 [ 310.814817][T10408] copy_msghdr_from_user+0x99/0x160 [ 310.820069][T10408] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 310.825941][T10408] ___sys_sendmsg+0xff/0x1e0 [ 310.830583][T10408] ? __pfx____sys_sendmsg+0x10/0x10 [ 310.835846][T10408] ? __pfx_lock_release+0x10/0x10 [ 310.840916][T10408] ? trace_lock_acquire+0x14e/0x1f0 [ 310.846179][T10408] ? __fget_files+0x206/0x3a0 [ 310.850927][T10408] __sys_sendmsg+0x16e/0x220 [ 310.855575][T10408] ? __pfx___sys_sendmsg+0x10/0x10 [ 310.860763][T10408] do_syscall_64+0xcd/0x250 [ 310.865335][T10408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.871278][T10408] RIP: 0033:0x7fe3da785d29 [ 310.875736][T10408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.895382][T10408] RSP: 002b:00007fe3db604038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 310.903834][T10408] RAX: ffffffffffffffda RBX: 00007fe3da975fa0 RCX: 00007fe3da785d29 [ 310.911843][T10408] RDX: 0000000000044892 RSI: 00000000200011c0 RDI: 0000000000000003 [ 310.919855][T10408] RBP: 00007fe3db604090 R08: 0000000000000000 R09: 0000000000000000 [ 310.927863][T10408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 310.935873][T10408] R13: 0000000000000000 R14: 00007fe3da975fa0 R15: 00007ffe78c42768 [ 310.943898][T10408] [ 312.817773][T10439] FAULT_INJECTION: forcing a failure. [ 312.817773][T10439] name failslab, interval 1, probability 0, space 0, times 0 [ 312.855202][T10439] CPU: 1 UID: 0 PID: 10439 Comm: syz.1.1068 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 312.866038][T10439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 312.876125][T10439] Call Trace: [ 312.879419][T10439] [ 312.882368][T10439] dump_stack_lvl+0x16c/0x1f0 [ 312.887090][T10439] should_fail_ex+0x497/0x5b0 [ 312.891805][T10439] ? fs_reclaim_acquire+0xae/0x150 [ 312.896978][T10439] should_failslab+0xc2/0x120 [ 312.901695][T10439] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 312.907539][T10439] ? copy_process+0x49c/0x6f20 [ 312.912352][T10439] ? _raw_spin_unlock_irq+0x23/0x50 [ 312.917583][T10439] copy_process+0x49c/0x6f20 [ 312.922211][T10439] ? get_pid_task+0xfc/0x250 [ 312.926844][T10439] ? __pfx_lock_release+0x10/0x10 [ 312.931909][T10439] ? trace_lock_acquire+0x14e/0x1f0 [ 312.937153][T10439] ? __pfx_copy_process+0x10/0x10 [ 312.942225][T10439] ? find_held_lock+0x2d/0x110 [ 312.947036][T10439] kernel_clone+0xfd/0x960 [ 312.951495][T10439] ? __pfx_kernel_clone+0x10/0x10 [ 312.956571][T10439] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 312.962597][T10439] __do_sys_clone+0xba/0x100 [ 312.967223][T10439] ? __pfx___do_sys_clone+0x10/0x10 [ 312.972570][T10439] do_syscall_64+0xcd/0x250 [ 312.977115][T10439] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.983050][T10439] RIP: 0033:0x7fcc8f585d29 [ 312.987495][T10439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.007148][T10439] RSP: 002b:00007fcc90319fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 313.015602][T10439] RAX: ffffffffffffffda RBX: 00007fcc8f775fa0 RCX: 00007fcc8f585d29 [ 313.023613][T10439] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002040011 [ 313.031622][T10439] RBP: 00007fcc9031a090 R08: 0000000000000000 R09: 0000000000000000 [ 313.039629][T10439] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 313.047633][T10439] R13: 0000000000000000 R14: 00007fcc8f775fa0 R15: 00007ffe26a46658 [ 313.055660][T10439] [ 313.160932][T10441] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 313.202627][T10441] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 315.869607][T10502] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 315.897034][T10502] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 316.867201][T10520] vivid-003: ================= START STATUS ================= [ 316.890500][T10520] vivid-003: Radio HW Seek Mode: Bounded [ 316.907081][T10520] vivid-003: Radio Programmable HW Seek: false [ 316.927669][T10520] vivid-003: RDS Rx I/O Mode: Block I/O [ 316.945779][T10520] vivid-003: Generate RBDS Instead of RDS: false [ 316.967555][T10520] vivid-003: RDS Reception: true [ 316.980270][T10520] vivid-003: RDS Program Type: 0 inactive [ 317.017325][T10520] vivid-003: RDS PS Name: inactive [ 317.062199][T10520] vivid-003: RDS Radio Text: inactive [ 317.078036][T10520] vivid-003: RDS Traffic Announcement: false inactive [ 317.134356][T10520] vivid-003: RDS Traffic Program: false inactive [ 317.141008][T10520] vivid-003: RDS Music: false inactive [ 317.146540][T10520] vivid-003: ================== END STATUS ================== [ 317.633890][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.641251][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.620078][T10565] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 318.648848][T10565] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 319.389656][T10576] Process accounting paused [ 321.470709][T10636] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 321.490392][T10636] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 323.644246][T10683] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 323.655961][T10683] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 325.427957][T10729] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 325.495489][T10729] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 326.336341][T10743] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 326.347626][T10743] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 330.473925][T10843] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 330.508033][T10843] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 332.300847][T10893] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 332.330746][T10893] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 334.207357][T10949] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 334.250386][T10949] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 336.211766][T11007] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 336.221496][T11007] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 338.384692][T11068] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 338.410267][T11068] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 339.567096][T11095] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 339.594522][T11095] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 340.942738][T11128] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1265'. [ 340.982127][T11128] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1265'. [ 342.071425][T11151] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 342.086864][T11151] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 342.656290][T11179] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1277'. [ 342.666789][T11179] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1277'. [ 344.810878][T11214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1289'. [ 344.828857][T11214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1289'. [ 349.167778][T11297] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 349.177816][T11297] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 353.051486][T11358] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 353.085189][T11358] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 355.547306][T11409] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 355.603940][T11409] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 356.402536][T11422] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 356.412398][T11422] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 356.789921][T11438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1353'. [ 356.815178][T11438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1353'. [ 357.748568][T11455] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 357.794193][T11455] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 357.968648][T11464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1362'. [ 357.979442][T11464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1362'. [ 358.909340][T11479] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 358.931470][T11479] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 359.897878][T11500] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1372'. [ 359.911247][T11500] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1372'. [ 360.003327][T11503] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 360.013199][T11503] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 361.493270][T11537] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 361.527219][T11537] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 362.761570][T11572] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 362.784359][T11572] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 363.742441][T11595] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 363.767011][T11595] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 364.884892][T11620] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 364.941065][T11620] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 365.496950][T11631] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1409'. [ 365.516194][T11631] tc_dump_action: action bad kind [ 366.146596][T11645] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 366.173203][T11645] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 366.246778][T11649] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1413'. [ 366.277907][T11649] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1413'. [ 366.565906][T11655] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1422'. [ 366.576240][T11655] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1422'. [ 367.025543][T11666] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 367.053618][T11666] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 367.950238][T11684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1424'. [ 367.989521][T11684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1424'. [ 368.017584][T11688] FAULT_INJECTION: forcing a failure. [ 368.017584][T11688] name failslab, interval 1, probability 0, space 0, times 0 [ 368.051165][T11688] CPU: 0 UID: 0 PID: 11688 Comm: syz.0.1423 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 368.062006][T11688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 368.072102][T11688] Call Trace: [ 368.075397][T11688] [ 368.078349][T11688] dump_stack_lvl+0x16c/0x1f0 [ 368.083078][T11688] should_fail_ex+0x497/0x5b0 [ 368.087801][T11688] ? fs_reclaim_acquire+0xae/0x150 [ 368.092944][T11688] should_failslab+0xc2/0x120 [ 368.097662][T11688] __kmalloc_cache_noprof+0x68/0x420 [ 368.102990][T11688] ? __pfx___lock_acquire+0x10/0x10 [ 368.108241][T11688] io_uring_alloc_task_context+0x9e/0x690 [ 368.114018][T11688] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 368.120390][T11688] ? find_held_lock+0x2d/0x110 [ 368.125205][T11688] ? __fget_files+0x1fc/0x3a0 [ 368.130098][T11688] __io_uring_add_tctx_node+0x2e0/0x500 [ 368.135665][T11688] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 368.141778][T11688] __io_uring_add_tctx_node_from_submit+0x89/0x130 [ 368.148323][T11688] __do_sys_io_uring_enter+0x1214/0x1620 [ 368.154016][T11688] ? __fget_files+0x206/0x3a0 [ 368.158744][T11688] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 368.164782][T11688] ? fput+0x67/0x440 [ 368.168724][T11688] ? ksys_write+0x1ba/0x250 [ 368.173271][T11688] ? __pfx_ksys_write+0x10/0x10 [ 368.178169][T11688] do_syscall_64+0xcd/0x250 [ 368.182718][T11688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.188652][T11688] RIP: 0033:0x7fe3da785d29 [ 368.193187][T11688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.212832][T11688] RSP: 002b:00007fe3db5e3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 368.221280][T11688] RAX: ffffffffffffffda RBX: 00007fe3da976080 RCX: 00007fe3da785d29 [ 368.229273][T11688] RDX: 0000000000000005 RSI: 00000000fffffffe RDI: 0000000000000003 [ 368.237255][T11688] RBP: 00007fe3db5e3090 R08: 0000000000000000 R09: 000000000000000d [ 368.245237][T11688] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000001 [ 368.253214][T11688] R13: 0000000000000001 R14: 00007fe3da976080 R15: 00007ffe78c42768 [ 368.261215][T11688] [ 368.525149][T11696] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 368.560295][T11696] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 368.578548][T11694] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1428'. [ 368.597350][T11694] tc_dump_action: action bad kind [ 369.389133][T11710] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 369.408026][T11710] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 370.472685][T11744] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 370.502761][T11744] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 372.019086][T11766] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 372.043772][T11766] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 372.870932][T11781] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 372.895654][T11781] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 373.915504][T11808] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 373.938983][T11808] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 375.014737][T11823] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 375.038710][T11823] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 375.280047][T11825] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1462'. [ 375.290422][T11825] tc_dump_action: action bad kind [ 376.211599][T11837] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 376.242391][T11837] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 377.068603][T11855] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 377.073980][T11860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1472'. [ 377.092569][T11860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1472'. [ 377.102455][T11855] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 378.080736][T11869] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 378.105507][T11869] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 378.429713][ T29] audit: type=1800 audit(4294967347.810:14): pid=11886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1478" name="members" dev="configfs" ino=30397 res=0 errno=0 [ 378.813223][T11888] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 378.825498][T11888] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 379.083696][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.093476][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.755719][T11903] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 379.766606][T11903] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 380.692703][T11913] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 380.710278][T11913] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 381.734589][T11928] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 381.745821][T11928] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 383.035707][T11951] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 383.060261][T11951] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 383.971595][T11955] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 384.000236][T11955] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 385.139700][T11977] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 385.164139][T11977] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 385.568530][T11994] FAULT_INJECTION: forcing a failure. [ 385.568530][T11994] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 385.582199][T11994] CPU: 1 UID: 0 PID: 11994 Comm: syz.0.1502 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 385.593631][T11994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 385.603712][T11994] Call Trace: [ 385.607006][T11994] [ 385.609945][T11994] dump_stack_lvl+0x16c/0x1f0 [ 385.614645][T11994] should_fail_ex+0x497/0x5b0 [ 385.619347][T11994] _copy_to_user+0x32/0xd0 [ 385.623881][T11994] simple_read_from_buffer+0xd0/0x160 [ 385.629307][T11994] proc_fail_nth_read+0x198/0x270 [ 385.634656][T11994] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 385.640265][T11994] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 385.645950][T11994] vfs_read+0x1df/0xbe0 [ 385.650213][T11994] ? __fget_files+0x1fc/0x3a0 [ 385.654918][T11994] ? __pfx___mutex_lock+0x10/0x10 [ 385.659973][T11994] ? __pfx_vfs_read+0x10/0x10 [ 385.665039][T11994] ? __fget_files+0x206/0x3a0 [ 385.669853][T11994] ksys_read+0x12b/0x250 [ 385.674126][T11994] ? __pfx_ksys_read+0x10/0x10 [ 385.679209][T11994] do_syscall_64+0xcd/0x250 [ 385.683737][T11994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.689935][T11994] RIP: 0033:0x7fe3da78473c [ 385.694477][T11994] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 385.714548][T11994] RSP: 002b:00007fe3db5c2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 385.723166][T11994] RAX: ffffffffffffffda RBX: 00007fe3da976160 RCX: 00007fe3da78473c [ 385.731347][T11994] RDX: 000000000000000f RSI: 00007fe3db5c20a0 RDI: 0000000000000004 [ 385.739509][T11994] RBP: 00007fe3db5c2090 R08: 0000000000000000 R09: 0000000000000000 [ 385.747511][T11994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 385.755553][T11994] R13: 0000000000000001 R14: 00007fe3da976160 R15: 00007ffe78c42768 [ 385.764166][T11994] [ 386.036825][ T29] audit: type=1800 audit(4294967355.420:15): pid=12002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1504" name="members" dev="configfs" ino=30969 res=0 errno=0 [ 387.605910][T12032] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 387.641298][T12032] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 388.545426][T12053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1518'. [ 388.562977][T12053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1518'. [ 390.138851][T12083] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 390.190178][T12083] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 391.203369][T12106] Process accounting resumed [ 391.560942][T12112] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 391.590312][T12112] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 392.615012][T12143] binder: 12141:12143 unknown command 0 [ 392.621060][T12143] binder: 12141:12143 ioctl c0306201 9 returned -22 [ 392.754890][T12148] FAULT_INJECTION: forcing a failure. [ 392.754890][T12148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 392.795307][T12148] CPU: 1 UID: 0 PID: 12148 Comm: syz.0.1544 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 392.806228][T12148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 392.816530][T12148] Call Trace: [ 392.819837][T12148] [ 392.822807][T12148] dump_stack_lvl+0x16c/0x1f0 [ 392.827632][T12148] should_fail_ex+0x497/0x5b0 [ 392.832368][T12148] _copy_from_user+0x2e/0xd0 [ 392.837183][T12148] snd_ctl_elem_add_user+0x9c/0x170 [ 392.842421][T12148] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 392.848481][T12148] snd_ctl_ioctl+0x9cc/0x1080 [ 392.853375][T12148] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 392.858874][T12148] ? __pfx_lock_release+0x10/0x10 [ 392.864297][T12148] ? trace_lock_acquire+0x14e/0x1f0 [ 392.869558][T12148] ? __fget_files+0x206/0x3a0 [ 392.874451][T12148] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 392.880349][T12148] __x64_sys_ioctl+0x190/0x200 [ 392.885155][T12148] do_syscall_64+0xcd/0x250 [ 392.889787][T12148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.895810][T12148] RIP: 0033:0x7fe3da785d29 [ 392.900254][T12148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.920009][T12148] RSP: 002b:00007fe3db604038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 392.928489][T12148] RAX: ffffffffffffffda RBX: 00007fe3da975fa0 RCX: 00007fe3da785d29 [ 392.936589][T12148] RDX: 0000000020000100 RSI: 00000000c1105517 RDI: 0000000000000003 [ 392.944594][T12148] RBP: 00007fe3db604090 R08: 0000000000000000 R09: 0000000000000000 [ 392.952808][T12148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.960995][T12148] R13: 0000000000000000 R14: 00007fe3da975fa0 R15: 00007ffe78c42768 [ 392.969036][T12148] [ 396.627424][T12243] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 396.668738][T12243] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 396.992684][T12251] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1579'. [ 397.551606][T12268] netlink: 'syz.1.1582': attribute type 1 has an invalid length. [ 397.652835][T12271] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1582'. [ 397.712383][T12271] lo: entered promiscuous mode [ 397.740733][T12271] lo: entered allmulticast mode [ 398.412761][T12288] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 398.435512][T12288] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 398.784215][T12305] HfR: entered promiscuous mode [ 398.796385][T12305] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1595'. [ 398.805792][T12305] HfR: left promiscuous mode [ 398.912520][T12297] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1594'. [ 399.455965][T12316] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 399.487061][T12316] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 401.244575][T12370] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 401.272513][T12370] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 401.736133][T12386] netlink: 'syz.2.1623': attribute type 1 has an invalid length. [ 401.841771][T12389] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1623'. [ 401.884469][T12389] lo: entered promiscuous mode [ 401.898385][T12389] lo: entered allmulticast mode [ 403.382212][T12420] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 403.392697][T12420] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 404.195619][T12431] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1637'. [ 405.949643][T12475] netlink: 'syz.1.1652': attribute type 5 has an invalid length. [ 406.000278][T12475] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1652'. [ 406.055431][T12471] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 406.116206][T12471] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 407.410013][T12487] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 407.460290][T12487] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 407.841516][T12483] < [ 409.437196][T12523] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 409.519841][T12523] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 411.909004][T12544] HfR: entered promiscuous mode [ 411.936750][T12549] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1677'. [ 411.971431][T12546] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 412.001007][T12549] HfR: left promiscuous mode [ 412.056821][T12546] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 415.193134][T12589] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1683'. [ 416.664803][T12621] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 416.674862][T12621] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 417.677751][ T29] audit: type=1807 audit(4294967387.060:16): UNKNOWN=$ res=0 [ 417.688243][T12616] ima: policy update failed [ 417.700244][ T29] audit: type=1802 audit(4294967387.060:17): pid=12616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.1691" res=0 errno=0 [ 417.761117][T12633] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 417.773805][ T29] audit: type=1802 audit(4294967387.160:18): pid=12616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1691" res=0 errno=0 [ 417.806978][T12640] netlink: 4368 bytes leftover after parsing attributes in process `syz.0.1697'. [ 417.892953][T12633] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 418.662226][T12652] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 418.714406][T12652] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 420.461890][T12684] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1711'. [ 420.861719][T12704] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 420.884800][T12704] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 422.445125][T12744] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 422.459435][T12744] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 423.306689][T12766] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 423.368930][T12766] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 424.540967][T12800] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 424.574801][T12800] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 425.015985][T12814] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1754'. [ 425.450824][T12826] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 425.495746][T12826] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 425.601528][T12829] FAULT_INJECTION: forcing a failure. [ 425.601528][T12829] name failslab, interval 1, probability 0, space 0, times 0 [ 425.630150][T12829] CPU: 1 UID: 0 PID: 12829 Comm: syz.2.1757 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 425.641160][T12829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 425.651363][T12829] Call Trace: [ 425.654767][T12829] [ 425.657822][T12829] dump_stack_lvl+0x16c/0x1f0 [ 425.662743][T12829] should_fail_ex+0x497/0x5b0 [ 425.667644][T12829] ? fs_reclaim_acquire+0xae/0x150 [ 425.673165][T12829] should_failslab+0xc2/0x120 [ 425.677986][T12829] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 425.683416][T12829] ? security_file_alloc+0x34/0x2b0 [ 425.688927][T12829] security_file_alloc+0x34/0x2b0 [ 425.693999][T12829] init_file+0x93/0x480 [ 425.698303][T12829] alloc_empty_file+0x91/0x1e0 [ 425.703124][T12829] path_openat+0xe1/0x2d60 [ 425.707561][T12829] ? hlock_class+0x4e/0x130 [ 425.712258][T12829] ? __lock_acquire+0x15a9/0x3c40 [ 425.717608][T12829] ? __pfx_path_openat+0x10/0x10 [ 425.722587][T12829] ? __pfx___lock_acquire+0x10/0x10 [ 425.727802][T12829] ? lock_acquire.part.0+0x11b/0x380 [ 425.733098][T12829] ? find_held_lock+0x2d/0x110 [ 425.737887][T12829] do_filp_open+0x20c/0x470 [ 425.742420][T12829] ? __pfx_do_filp_open+0x10/0x10 [ 425.747638][T12829] ? find_held_lock+0x2d/0x110 [ 425.752535][T12829] ? alloc_fd+0x41f/0x760 [ 425.756889][T12829] do_sys_openat2+0x17a/0x1e0 [ 425.761597][T12829] ? __pfx_do_sys_openat2+0x10/0x10 [ 425.766843][T12829] ? __fget_files+0x206/0x3a0 [ 425.771825][T12829] __x64_sys_openat+0x175/0x210 [ 425.777000][T12829] ? __pfx___x64_sys_openat+0x10/0x10 [ 425.782400][T12829] ? ksys_write+0x1ba/0x250 [ 425.786930][T12829] do_syscall_64+0xcd/0x250 [ 425.791451][T12829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.797361][T12829] RIP: 0033:0x7f325d985d29 [ 425.801962][T12829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.821616][T12829] RSP: 002b:00007f325e86e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 425.830499][T12829] RAX: ffffffffffffffda RBX: 00007f325db76080 RCX: 00007f325d985d29 [ 425.838856][T12829] RDX: 0000000000000001 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 425.846848][T12829] RBP: 00007f325e86e090 R08: 0000000000000000 R09: 0000000000000000 [ 425.854860][T12829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 425.862868][T12829] R13: 0000000000000001 R14: 00007f325db76080 R15: 00007ffc47458a58 [ 425.870988][T12829] [ 425.976892][T12836] FAULT_INJECTION: forcing a failure. [ 425.976892][T12836] name failslab, interval 1, probability 0, space 0, times 0 [ 426.032919][T12834] sp0: Synchronizing with TNC [ 426.097304][T12836] CPU: 1 UID: 0 PID: 12836 Comm: syz.3.1758 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 426.108322][T12836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 426.118423][T12836] Call Trace: [ 426.121916][T12836] [ 426.124888][T12836] dump_stack_lvl+0x16c/0x1f0 [ 426.129707][T12836] should_fail_ex+0x497/0x5b0 [ 426.134696][T12836] ? fs_reclaim_acquire+0xae/0x150 [ 426.140552][T12836] should_failslab+0xc2/0x120 [ 426.145381][T12836] __kmalloc_noprof+0xce/0x4f0 [ 426.150730][T12836] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 426.156446][T12836] ? tomoyo_realpath_from_path+0xbf/0x710 [ 426.162309][T12836] ? rcu_is_watching+0x12/0xc0 [ 426.167212][T12836] tomoyo_realpath_from_path+0xbf/0x710 [ 426.172816][T12836] tomoyo_check_open_permission+0x2ad/0x3c0 [ 426.178898][T12836] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 426.185401][T12836] ? __pfx___lock_acquire+0x10/0x10 [ 426.190754][T12836] ? __pfx_hook_file_open+0x10/0x10 [ 426.196749][T12836] ? lock_acquire+0x2f/0xb0 [ 426.201307][T12836] tomoyo_file_open+0x6b/0x90 [ 426.206145][T12836] security_file_open+0x84/0x1e0 [ 426.211198][T12836] do_dentry_open+0x57e/0x1ea0 [ 426.216105][T12836] ? inode_permission+0xdd/0x5f0 [ 426.221191][T12836] vfs_open+0x82/0x3f0 [ 426.225403][T12836] ? may_open+0x1f2/0x400 [ 426.229796][T12836] path_openat+0x1e6a/0x2d60 [ 426.234627][T12836] ? __pfx_path_openat+0x10/0x10 [ 426.239701][T12836] ? __pfx___lock_acquire+0x10/0x10 [ 426.244954][T12836] ? lock_acquire.part.0+0x11b/0x380 [ 426.250453][T12836] ? find_held_lock+0x2d/0x110 [ 426.255276][T12836] do_filp_open+0x20c/0x470 [ 426.259911][T12836] ? __pfx_do_filp_open+0x10/0x10 [ 426.264979][T12836] ? find_held_lock+0x2d/0x110 [ 426.269808][T12836] ? alloc_fd+0x41f/0x760 [ 426.274190][T12836] do_sys_openat2+0x17a/0x1e0 [ 426.278922][T12836] ? __pfx_do_sys_openat2+0x10/0x10 [ 426.284274][T12836] ? __fget_files+0x206/0x3a0 [ 426.289356][T12836] __x64_sys_openat+0x175/0x210 [ 426.294444][T12836] ? __pfx___x64_sys_openat+0x10/0x10 [ 426.300189][T12836] ? ksys_write+0x1ba/0x250 [ 426.304806][T12836] do_syscall_64+0xcd/0x250 [ 426.309328][T12836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 426.315237][T12836] RIP: 0033:0x7f7c50785d29 [ 426.319660][T12836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 426.340017][T12836] RSP: 002b:00007f7c51517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 426.348468][T12836] RAX: ffffffffffffffda RBX: 00007f7c50975fa0 RCX: 00007f7c50785d29 [ 426.356567][T12836] RDX: 0000000000000800 RSI: 0000000020004fc0 RDI: ffffffffffffff9c [ 426.365609][T12836] RBP: 00007f7c51517090 R08: 0000000000000000 R09: 0000000000000000 [ 426.375355][T12836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 426.383459][T12836] R13: 0000000000000000 R14: 00007f7c50975fa0 R15: 00007ffe18703798 [ 426.391564][T12836] [ 426.497692][T12836] ERROR: Out of memory at tomoyo_realpath_from_path. [ 427.013877][T12854] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 427.057416][T12854] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 427.173755][T12858] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 427.200230][T12858] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 427.381138][T12863] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1764'. [ 427.913293][T12874] netlink: 4368 bytes leftover after parsing attributes in process `syz.2.1771'. [ 428.379956][T12892] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 428.609585][T12895] HfR: entered promiscuous mode [ 429.296105][T12913] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 429.336327][T12913] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 431.011753][T12957] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 431.065034][T12957] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 431.641206][ T29] audit: type=1807 audit(4294967401.020:19): UNKNOWN=$ res=0 [ 431.657568][ T29] audit: type=1802 audit(4294967401.040:20): pid=12953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.1794" res=0 errno=0 [ 431.680275][T12953] ima: policy update failed [ 431.706652][ T29] audit: type=1802 audit(4294967401.070:21): pid=12953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1794" res=0 errno=0 [ 432.007924][T12983] FAULT_INJECTION: forcing a failure. [ 432.007924][T12983] name failslab, interval 1, probability 0, space 0, times 0 [ 432.044787][T12983] CPU: 0 UID: 0 PID: 12983 Comm: syz.0.1804 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 432.055876][T12983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 432.066577][T12983] Call Trace: [ 432.070547][T12983] [ 432.073696][T12983] dump_stack_lvl+0x16c/0x1f0 [ 432.078613][T12983] should_fail_ex+0x497/0x5b0 [ 432.083442][T12983] ? fs_reclaim_acquire+0xae/0x150 [ 432.088964][T12983] should_failslab+0xc2/0x120 [ 432.093792][T12983] __kmalloc_noprof+0xce/0x4f0 [ 432.098805][T12983] ? d_absolute_path+0x137/0x1b0 [ 432.103888][T12983] ? tomoyo_encode2+0x100/0x3e0 [ 432.109140][T12983] tomoyo_encode2+0x100/0x3e0 [ 432.113985][T12983] tomoyo_realpath_from_path+0x1a7/0x710 [ 432.119977][T12983] tomoyo_path_perm+0x276/0x480 [ 432.125322][T12983] ? tomoyo_path_perm+0x262/0x480 [ 432.130590][T12983] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 432.136208][T12983] ? path_lookupat+0x212/0x770 [ 432.141207][T12983] ? __pfx_filename_lookup+0x10/0x10 [ 432.147711][T12983] security_inode_getattr+0x116/0x290 [ 432.153301][T12983] vfs_statx_path+0x2b/0x310 [ 432.158036][T12983] vfs_statx+0x11f/0x1c0 [ 432.162349][T12983] ? __pfx_vfs_statx+0x10/0x10 [ 432.167455][T12983] ? __virt_addr_valid+0x2b4/0x590 [ 432.172643][T12983] do_statx+0xf7/0x180 [ 432.176931][T12983] ? __pfx_do_statx+0x10/0x10 [ 432.181664][T12983] ? __virt_addr_valid+0x1a4/0x590 [ 432.186857][T12983] ? getname_flags.part.0+0x1c5/0x550 [ 432.192289][T12983] __x64_sys_statx+0x136/0x1e0 [ 432.197106][T12983] do_syscall_64+0xcd/0x250 [ 432.201674][T12983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.207791][T12983] RIP: 0033:0x7fe3da785d29 [ 432.212252][T12983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.233167][T12983] RSP: 002b:00007fe3db604038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c [ 432.241820][T12983] RAX: ffffffffffffffda RBX: 00007fe3da975fa0 RCX: 00007fe3da785d29 [ 432.250365][T12983] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 432.258638][T12983] RBP: 00007fe3db604090 R08: 0000000000000000 R09: 0000000000000000 [ 432.267301][T12983] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 432.275535][T12983] R13: 0000000000000000 R14: 00007fe3da975fa0 R15: 00007ffe78c42768 [ 432.283874][T12983] [ 432.293553][T12983] ERROR: Out of memory at tomoyo_realpath_from_path. [ 432.599467][T13003] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 432.630323][T13003] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 434.208811][T13032] netlink: 'syz.3.1818': attribute type 28 has an invalid length. [ 434.224625][ T29] audit: type=1807 audit(4294967403.610:22): UNKNOWN=$ res=0 [ 434.239482][T13032] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1818'. [ 434.248967][ T29] audit: type=1802 audit(4294967403.630:23): pid=13014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.1812" res=0 errno=0 [ 434.269648][T13014] ima: policy update failed [ 434.296385][ T29] audit: type=1802 audit(4294967403.680:24): pid=13014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1812" res=0 errno=0 [ 434.930838][T13052] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 434.960265][T13052] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 435.827483][T13069] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 435.875546][T13067] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 437.074901][T13093] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 437.103729][T13093] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 437.859211][T13110] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 437.889687][T13110] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 438.026940][T13116] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 439.034993][T13116] HfR: entered promiscuous mode [ 439.104015][T13131] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 439.139180][T13131] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 439.564194][T13140] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1846'. [ 439.870490][T13149] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 439.932210][T13149] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 440.088634][T13155] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 440.119487][T13155] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 440.504618][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.511259][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.294447][T13179] FAULT_INJECTION: forcing a failure. [ 441.294447][T13179] name failslab, interval 1, probability 0, space 0, times 0 [ 441.350186][T13179] CPU: 0 UID: 0 PID: 13179 Comm: syz.1.1854 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 441.361033][T13179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 441.371580][T13179] Call Trace: [ 441.374972][T13179] [ 441.378054][T13179] dump_stack_lvl+0x16c/0x1f0 [ 441.382867][T13179] should_fail_ex+0x497/0x5b0 [ 441.387700][T13179] should_failslab+0xc2/0x120 [ 441.392515][T13179] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 441.397917][T13179] ? skb_clone+0x190/0x3f0 [ 441.402355][T13179] skb_clone+0x190/0x3f0 [ 441.406903][T13179] netlink_deliver_tap+0xafd/0xca0 [ 441.412050][T13179] netlink_unicast+0x5e1/0x7f0 [ 441.416986][T13179] ? __pfx_netlink_unicast+0x10/0x10 [ 441.422504][T13179] ? __phys_addr_symbol+0x30/0x80 [ 441.427732][T13179] ? __check_object_size+0x488/0x710 [ 441.433061][T13179] netlink_sendmsg+0x8b8/0xd70 [ 441.437852][T13179] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.443269][T13179] ____sys_sendmsg+0x9ae/0xb40 [ 441.448158][T13179] ? copy_msghdr_from_user+0x10b/0x160 [ 441.453860][T13179] ? __pfx_____sys_sendmsg+0x10/0x10 [ 441.459360][T13179] ___sys_sendmsg+0x135/0x1e0 [ 441.464071][T13179] ? __pfx____sys_sendmsg+0x10/0x10 [ 441.469296][T13179] ? __pfx_lock_release+0x10/0x10 [ 441.474441][T13179] ? trace_lock_acquire+0x14e/0x1f0 [ 441.479882][T13179] ? __fget_files+0x206/0x3a0 [ 441.485027][T13179] __sys_sendmsg+0x16e/0x220 [ 441.489885][T13179] ? __pfx___sys_sendmsg+0x10/0x10 [ 441.495178][T13179] do_syscall_64+0xcd/0x250 [ 441.499899][T13179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.505847][T13179] RIP: 0033:0x7fcc8f585d29 [ 441.510276][T13179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 441.531045][T13179] RSP: 002b:00007fcc9031a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 441.540099][T13179] RAX: ffffffffffffffda RBX: 00007fcc8f775fa0 RCX: 00007fcc8f585d29 [ 441.548374][T13179] RDX: 0000000010048000 RSI: 0000000020006400 RDI: 0000000000000003 [ 441.556711][T13179] RBP: 00007fcc9031a090 R08: 0000000000000000 R09: 0000000000000000 [ 441.564737][T13179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 441.573299][T13179] R13: 0000000000000000 R14: 00007fcc8f775fa0 R15: 00007ffe26a46658 [ 441.582201][T13179] [ 442.046356][T13182] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1855'. [ 442.535321][T13182] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 442.566333][T13182] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 442.596610][T13182] bond0 (unregistering): Released all slaves [ 442.691731][T13188] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 442.717441][T13194] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1858'. [ 442.747022][T13188] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 443.219562][T13205] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 443.233192][T13205] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 443.442515][T13207] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 443.479910][T13207] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 444.357157][T13230] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1869'. [ 444.664832][T13237] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 444.675867][T13237] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 445.423952][T13256] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 445.440943][T13249] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1875'. [ 445.460891][T13256] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 447.730543][T13309] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 447.752658][T13309] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 448.706936][T13324] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 448.740216][T13324] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 449.930839][T13351] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 449.964486][T13351] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 451.155124][T13372] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 451.198212][T13371] FAULT_INJECTION: forcing a failure. [ 451.198212][T13371] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 451.222082][T13372] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 451.430269][T13371] CPU: 1 UID: 0 PID: 13371 Comm: syz.3.1913 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 451.441226][T13371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 451.451310][T13371] Call Trace: [ 451.454612][T13371] [ 451.457568][T13371] dump_stack_lvl+0x16c/0x1f0 [ 451.462405][T13371] should_fail_ex+0x497/0x5b0 [ 451.467230][T13371] _copy_from_user+0x2e/0xd0 [ 451.471956][T13371] move_addr_to_kernel+0x68/0x160 [ 451.477385][T13371] __sys_connect+0xb0/0x170 [ 451.481963][T13371] ? __pfx___sys_connect+0x10/0x10 [ 451.487230][T13371] ? __pfx_ksys_write+0x10/0x10 [ 451.492179][T13371] __x64_sys_connect+0x72/0xb0 [ 451.496986][T13371] ? lockdep_hardirqs_on+0x7c/0x110 [ 451.502395][T13371] do_syscall_64+0xcd/0x250 [ 451.506990][T13371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.513035][T13371] RIP: 0033:0x7f7c50785d29 [ 451.517580][T13371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.537669][T13371] RSP: 002b:00007f7c51517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 451.546126][T13371] RAX: ffffffffffffffda RBX: 00007f7c50975fa0 RCX: 00007f7c50785d29 [ 451.554236][T13371] RDX: 0000000000000055 RSI: 00000000200000c0 RDI: 0000000000000003 [ 451.562335][T13371] RBP: 00007f7c51517090 R08: 0000000000000000 R09: 0000000000000000 [ 451.570432][T13371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 451.578527][T13371] R13: 0000000000000000 R14: 00007f7c50975fa0 R15: 00007ffe18703798 [ 451.586551][T13371] [ 452.067749][T13387] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 452.077546][T13387] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 453.499675][T13422] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 453.520244][T13422] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 454.307006][T13441] zero sized request [ 454.604014][T13454] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 454.843853][T13461] FAULT_INJECTION: forcing a failure. [ 454.843853][T13461] name failslab, interval 1, probability 0, space 0, times 0 [ 454.893581][T13461] CPU: 0 UID: 0 PID: 13461 Comm: syz.2.1940 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 454.904889][T13461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 454.915248][T13461] Call Trace: [ 454.918639][T13461] [ 454.921601][T13461] dump_stack_lvl+0x16c/0x1f0 [ 454.926404][T13461] should_fail_ex+0x497/0x5b0 [ 454.931240][T13461] ? fs_reclaim_acquire+0xae/0x150 [ 454.936723][T13461] should_failslab+0xc2/0x120 [ 454.941562][T13461] __kmalloc_noprof+0xce/0x4f0 [ 454.946613][T13461] ? __pfx___mutex_trylock_common+0x10/0x10 [ 454.954360][T13461] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 454.962447][T13461] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 454.972010][T13461] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 454.979288][T13461] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 454.987460][T13461] ? genl_get_cmd+0x195/0x580 [ 454.993685][T13461] ? bpf_lsm_capable+0x9/0x10 [ 454.999551][T13461] ? security_capable+0x7e/0x260 [ 455.005663][T13461] genl_rcv_msg+0x565/0x800 [ 455.010320][T13461] ? __pfx_genl_rcv_msg+0x10/0x10 [ 455.015692][T13461] ? __pfx_macsec_del_rxsc+0x10/0x10 [ 455.021312][T13461] netlink_rcv_skb+0x165/0x410 [ 455.026137][T13461] ? __pfx_genl_rcv_msg+0x10/0x10 [ 455.031211][T13461] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 455.036965][T13461] ? down_read+0xc9/0x330 [ 455.041577][T13461] ? __pfx_down_read+0x10/0x10 [ 455.046480][T13461] ? netlink_deliver_tap+0x1ae/0xca0 [ 455.052096][T13461] genl_rcv+0x28/0x40 [ 455.056708][T13461] netlink_unicast+0x53c/0x7f0 [ 455.061584][T13461] ? __pfx_netlink_unicast+0x10/0x10 [ 455.067152][T13461] ? __phys_addr_symbol+0x30/0x80 [ 455.072210][T13461] ? __check_object_size+0x488/0x710 [ 455.077578][T13461] netlink_sendmsg+0x8b8/0xd70 [ 455.082366][T13461] ? __pfx_netlink_sendmsg+0x10/0x10 [ 455.088483][T13461] ____sys_sendmsg+0x9ae/0xb40 [ 455.093269][T13461] ? copy_msghdr_from_user+0x10b/0x160 [ 455.099404][T13461] ? __pfx_____sys_sendmsg+0x10/0x10 [ 455.105610][T13461] ___sys_sendmsg+0x135/0x1e0 [ 455.110444][T13461] ? __pfx____sys_sendmsg+0x10/0x10 [ 455.115874][T13461] ? __pfx_lock_release+0x10/0x10 [ 455.121372][T13461] ? trace_lock_acquire+0x14e/0x1f0 [ 455.126870][T13461] ? __fget_files+0x206/0x3a0 [ 455.131567][T13461] __sys_sendmsg+0x16e/0x220 [ 455.136289][T13461] ? __pfx___sys_sendmsg+0x10/0x10 [ 455.141582][T13461] do_syscall_64+0xcd/0x250 [ 455.146470][T13461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.152917][T13461] RIP: 0033:0x7f325d985d29 [ 455.157920][T13461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.178164][T13461] RSP: 002b:00007f325e88f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 455.186967][T13461] RAX: ffffffffffffffda RBX: 00007f325db75fa0 RCX: 00007f325d985d29 [ 455.194997][T13461] RDX: 0000000000000080 RSI: 0000000020007500 RDI: 0000000000000003 [ 455.204150][T13461] RBP: 00007f325e88f090 R08: 0000000000000000 R09: 0000000000000000 [ 455.213301][T13461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 455.221741][T13461] R13: 0000000000000000 R14: 00007f325db75fa0 R15: 00007ffc47458a58 [ 455.229966][T13461] [ 455.371047][T13464] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 455.420288][T13464] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 456.033077][T13477] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 456.060439][T13477] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 457.013902][T13499] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 457.032800][T13499] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 457.702792][T13519] netlink: zone id is out of range [ 457.730305][T13519] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1956'. [ 457.991344][T13530] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 458.001087][T13530] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 458.882128][T13542] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 458.923907][T13542] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 459.031685][T13547] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1964'. [ 459.547706][T13566] FAULT_INJECTION: forcing a failure. [ 459.547706][T13566] name failslab, interval 1, probability 0, space 0, times 0 [ 459.561263][T13566] CPU: 1 UID: 0 PID: 13566 Comm: syz.2.1971 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 459.572440][T13566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 459.583324][T13566] Call Trace: [ 459.586891][T13566] [ 459.591189][T13566] dump_stack_lvl+0x16c/0x1f0 [ 459.596468][T13566] should_fail_ex+0x497/0x5b0 [ 459.602425][T13566] should_failslab+0xc2/0x120 [ 459.607497][T13566] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 459.613380][T13566] ? skb_clone+0x190/0x3f0 [ 459.617854][T13566] skb_clone+0x190/0x3f0 [ 459.622267][T13566] netlink_deliver_tap+0xafd/0xca0 [ 459.627881][T13566] netlink_unicast+0x5e1/0x7f0 [ 459.632860][T13566] ? __pfx_netlink_unicast+0x10/0x10 [ 459.638891][T13566] ? __phys_addr_symbol+0x30/0x80 [ 459.644196][T13566] ? __check_object_size+0x488/0x710 [ 459.649765][T13566] netlink_sendmsg+0x8b8/0xd70 [ 459.654823][T13566] ? __pfx_netlink_sendmsg+0x10/0x10 [ 459.660336][T13566] ____sys_sendmsg+0x9ae/0xb40 [ 459.665332][T13566] ? copy_msghdr_from_user+0x10b/0x160 [ 459.671006][T13566] ? __pfx_____sys_sendmsg+0x10/0x10 [ 459.676601][T13566] ___sys_sendmsg+0x135/0x1e0 [ 459.681479][T13566] ? __pfx____sys_sendmsg+0x10/0x10 [ 459.686703][T13566] ? __pfx_lock_release+0x10/0x10 [ 459.692200][T13566] ? trace_lock_acquire+0x14e/0x1f0 [ 459.697450][T13566] ? __fget_files+0x206/0x3a0 [ 459.702247][T13566] __sys_sendmsg+0x16e/0x220 [ 459.706988][T13566] ? __pfx___sys_sendmsg+0x10/0x10 [ 459.712337][T13566] do_syscall_64+0xcd/0x250 [ 459.716966][T13566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.723224][T13566] RIP: 0033:0x7f325d985d29 [ 459.727755][T13566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 459.748183][T13566] RSP: 002b:00007f325e88f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 459.756722][T13566] RAX: ffffffffffffffda RBX: 00007f325db75fa0 RCX: 00007f325d985d29 [ 459.765441][T13566] RDX: 0000000000040000 RSI: 0000000020000200 RDI: 0000000000000003 [ 459.774314][T13566] RBP: 00007f325e88f090 R08: 0000000000000000 R09: 0000000000000000 [ 459.782400][T13566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 459.790579][T13566] R13: 0000000000000000 R14: 00007f325db75fa0 R15: 00007ffc47458a58 [ 459.798571][T13566] [ 459.823045][T13566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1971'. [ 460.022631][T13575] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 460.046159][T13575] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 460.958579][T13596] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 460.983003][T13596] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 461.111618][T13588] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1976'. [ 461.646654][T13615] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1986'. [ 461.724407][T13618] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1987'. [ 461.749192][T13614] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 461.760764][T13614] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 462.390906][T13626] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1992'. [ 462.791134][T13636] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1995'. [ 462.836522][T13640] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 462.995439][T13646] capability: warning: `syz.1.1999' uses deprecated v2 capabilities in a way that may be insecure [ 463.074966][T13646] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1999'. [ 463.247629][T13652] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2002'. [ 463.518278][T13655] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 463.586898][T13660] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 463.811243][T13663] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2007'. [ 463.816771][T13668] Invalid ELF header magic: != ELF [ 464.255087][T13678] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2013'. [ 464.585055][T13689] CIFS mount error: No usable UNC path provided in device string! [ 464.585055][T13689] [ 464.612503][T13689] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 464.950329][T13693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2025'. [ 464.953174][T13695] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2017'. [ 465.276037][T13698] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 465.294498][T13698] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 465.406148][T13702] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2019'. [ 465.795749][T13713] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2023'. [ 466.192389][T13720] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 466.296766][T13725] Invalid ELF header magic: != ELF [ 467.291773][T13740] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2030'. [ 467.428098][T13745] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 467.611375][T13749] CIFS mount error: No usable UNC path provided in device string! [ 467.611375][T13749] [ 467.638559][T13749] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 467.687643][T13751] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 467.700394][T13751] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 467.766343][T13755] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 467.963725][T13759] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 468.410261][T13768] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2041'. [ 468.459387][T13773] nl80211: entered promiscuous mode [ 468.704666][T13776] Invalid ELF header magic: != ELF [ 469.466006][T13779] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 469.475197][T13779] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 469.490345][T13779] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 469.502815][T13779] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 470.024680][T13798] FAULT_INJECTION: forcing a failure. [ 470.024680][T13798] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 470.030983][T13796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2049'. [ 470.063504][T13798] CPU: 0 UID: 0 PID: 13798 Comm: syz.2.2050 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 470.074355][T13798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 470.084546][T13798] Call Trace: [ 470.087861][T13798] [ 470.090823][T13798] dump_stack_lvl+0x16c/0x1f0 [ 470.095554][T13798] should_fail_ex+0x497/0x5b0 [ 470.100365][T13798] _copy_to_user+0x32/0xd0 [ 470.104826][T13798] simple_read_from_buffer+0xd0/0x160 [ 470.110237][T13798] proc_fail_nth_read+0x198/0x270 [ 470.115310][T13798] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 470.120917][T13798] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 470.126527][T13798] vfs_read+0x1df/0xbe0 [ 470.130723][T13798] ? __fget_files+0x1fc/0x3a0 [ 470.135438][T13798] ? __pfx___mutex_lock+0x10/0x10 [ 470.140504][T13798] ? __pfx_vfs_read+0x10/0x10 [ 470.145325][T13798] ? __fget_files+0x206/0x3a0 [ 470.150051][T13798] ksys_read+0x12b/0x250 [ 470.154330][T13798] ? __pfx_ksys_read+0x10/0x10 [ 470.159151][T13798] do_syscall_64+0xcd/0x250 [ 470.163198][T13805] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2052'. [ 470.163673][T13798] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.178699][T13798] RIP: 0033:0x7f325d98473c [ 470.183154][T13798] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 470.202798][T13798] RSP: 002b:00007f325e88f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 470.211251][T13798] RAX: ffffffffffffffda RBX: 00007f325db75fa0 RCX: 00007f325d98473c [ 470.219265][T13798] RDX: 000000000000000f RSI: 00007f325e88f0a0 RDI: 0000000000000004 [ 470.227278][T13798] RBP: 00007f325e88f090 R08: 0000000000000000 R09: 0000000000000000 [ 470.235289][T13798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 470.243412][T13798] R13: 0000000000000000 R14: 00007f325db75fa0 R15: 00007ffc47458a58 [ 470.251525][T13798] [ 470.381070][T13808] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 470.394301][T13808] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 470.740144][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 470.837668][T13825] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2058'. [ 471.358564][T13841] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 471.394922][T13841] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 471.397929][T13840] Invalid ELF header magic: != ELF [ 471.540163][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 471.543634][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 471.546382][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 472.357936][T13869] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 472.404053][T13869] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 473.724846][T13901] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 473.785676][T13910] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2082'. [ 473.831103][T13901] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 474.022026][T13913] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2083'. [ 474.211405][T13916] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2084'. [ 474.597682][T13925] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 474.620231][T13925] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db syzkaller syzkaller login: [ 476.279651][T13943] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2092'. [ 476.510523][T13945] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2091'. [ 476.890466][T13929] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 477.423376][T13983] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 477.450200][T13983] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 478.484747][T14014] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 478.499568][T14014] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 478.708826][T13923] kexec: Could not allocate control_code_buffer [ 479.112709][T14023] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2104'. [ 479.386972][T14020] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2102'. [ 479.694507][T14038] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2107'. [ 479.804472][T14041] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 479.830184][T14041] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 481.414293][T14068] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2119'. [ 481.436331][T14064] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2115'. [ 481.699647][T14077] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 481.750459][T14077] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 481.906769][T14083] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2124'. [ 482.258303][T14095] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2128'. [ 483.050267][T14106] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2132'. [ 484.473940][T14137] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 484.501439][T14123] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 484.508243][T14123] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 484.520507][T14123] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 484.525003][T14137] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 484.527556][T14123] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 485.066197][T14146] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 485.096226][T14146] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 485.550927][T14154] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2144'. [ 486.260161][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 486.580265][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 486.587136][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 486.592585][T13850] Bluetooth: hci1: command 0x0c1a tx timeout [ 486.699991][T14183] binder: 14182:14183 ioctl 40044900 800000000000003 returned -22 [ 486.758028][T14181] bond0: option arp_validate: invalid value () [ 487.014391][T14188] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 487.085915][T14188] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 487.208811][T14195] FAULT_INJECTION: forcing a failure. [ 487.208811][T14195] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 487.242624][T14195] CPU: 1 UID: 0 PID: 14195 Comm: syz.0.2156 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 487.253467][T14195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 487.263561][T14195] Call Trace: [ 487.266870][T14195] [ 487.269834][T14195] dump_stack_lvl+0x16c/0x1f0 [ 487.274557][T14195] should_fail_ex+0x497/0x5b0 [ 487.279284][T14195] ? fs_reclaim_acquire+0xae/0x150 [ 487.284526][T14195] should_fail_alloc_page+0xe7/0x130 [ 487.290024][T14195] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 487.296259][T14195] __alloc_pages_noprof+0x190/0x25b0 [ 487.301717][T14195] ? __pfx_mark_lock+0x10/0x10 [ 487.306529][T14195] ? __pfx___lock_acquire+0x10/0x10 [ 487.311766][T14195] ? find_held_lock+0x2d/0x110 [ 487.316589][T14195] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 487.322387][T14195] ? find_held_lock+0x2d/0x110 [ 487.327369][T14195] ? hlock_class+0x4e/0x130 [ 487.331972][T14195] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 487.338095][T14195] ? policy_nodemask+0xea/0x4e0 [ 487.343009][T14195] alloc_pages_mpol_noprof+0x2c9/0x610 [ 487.348524][T14195] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 487.354555][T14195] ? find_held_lock+0x2d/0x110 [ 487.359363][T14195] ? __thp_vma_allowable_orders+0x1ca/0xb30 [ 487.365315][T14195] __pmd_alloc+0x3f/0x860 [ 487.369694][T14195] __handle_mm_fault+0x94a/0x2a40 [ 487.374762][T14195] ? __pfx___handle_mm_fault+0x10/0x10 [ 487.380228][T14195] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 487.385872][T14195] ? find_vma+0xc0/0x140 [ 487.390128][T14195] ? __pfx_find_vma+0x10/0x10 [ 487.395054][T14195] handle_mm_fault+0x3fa/0xaa0 [ 487.399842][T14195] do_user_addr_fault+0x7a3/0x13f0 [ 487.404968][T14195] exc_page_fault+0x5c/0xc0 [ 487.409489][T14195] asm_exc_page_fault+0x26/0x30 [ 487.414347][T14195] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 487.420526][T14195] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 487.441368][T14195] RSP: 0018:ffffc900194b7cc0 EFLAGS: 00050216 [ 487.447881][T14195] RAX: 0000000000000001 RBX: 0000000000000091 RCX: 0000000000000020 [ 487.455873][T14195] RDX: fffff52003296fac RSI: 0000000000000091 RDI: ffffc900194b7d40 [ 487.463859][T14195] RBP: 0000000000000020 R08: 0000000000000001 R09: fffff52003296fab [ 487.471838][T14195] R10: ffffc900194b7d5f R11: 0000000000000000 R12: 0000000000000000 [ 487.479899][T14195] R13: ffffc900194b7d40 R14: ffff888035668000 R15: 000000000000000b [ 487.487882][T14195] _copy_from_user+0x9a/0xd0 [ 487.492515][T14195] wext_handle_ioctl+0xc5/0x2b0 [ 487.497554][T14195] ? __pfx_wext_handle_ioctl+0x10/0x10 [ 487.503226][T14195] sock_ioctl+0x3a6/0x6c0 [ 487.508115][T14195] ? __pfx_sock_ioctl+0x10/0x10 [ 487.513088][T14195] ? __fget_files+0x206/0x3a0 [ 487.517803][T14195] ? __pfx_sock_ioctl+0x10/0x10 [ 487.522753][T14195] __x64_sys_ioctl+0x190/0x200 [ 487.527542][T14195] do_syscall_64+0xcd/0x250 [ 487.532157][T14195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 487.538105][T14195] RIP: 0033:0x7fe3da785d29 [ 487.542526][T14195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 487.562141][T14195] RSP: 002b:00007fe3db604038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 487.570560][T14195] RAX: ffffffffffffffda RBX: 00007fe3da975fa0 RCX: 00007fe3da785d29 [ 487.578538][T14195] RDX: 0000000000000091 RSI: 0000000000008b0b RDI: 0000000000000003 [ 487.586547][T14195] RBP: 00007fe3db604090 R08: 0000000000000000 R09: 0000000000000000 [ 487.594553][T14195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 487.602547][T14195] R13: 0000000000000000 R14: 00007fe3da975fa0 R15: 00007ffe78c42768 [ 487.610637][T14195] [ 487.896812][T14206] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2159'. [ 488.669773][T14236] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2167'. [ 489.056794][T14242] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 489.084100][T14242] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 489.320160][T14251] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2172'. syzkaller syzkaller login: [ 490.212113][T14278] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2178'. [ 490.511195][T14262] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 491.833743][T14306] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 491.861017][T14306] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 492.087980][T14312] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2187'. [ 492.768561][T14231] kexec: Could not allocate control_code_buffer [ 492.816987][T14326] CIFS mount error: No usable UNC path provided in device string! [ 492.816987][T14326] [ 492.847089][T14326] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 493.379447][T14336] CIFS mount error: No usable UNC path provided in device string! [ 493.379447][T14336] [ 493.389946][T14336] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 493.672079][T14327] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 493.678332][T14327] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 493.720714][T14327] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 493.727149][T14327] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 493.941037][T14344] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2196'. [ 493.970095][T14346] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2197'. [ 494.246489][T14353] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 494.271464][T14353] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 494.757977][T14370] random: crng reseeded on system resumption [ 495.322231][T14387] CIFS mount error: No usable UNC path provided in device string! [ 495.322231][T14387] [ 495.335867][T14387] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 495.349303][T14386] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2207'. [ 495.460220][T13849] Bluetooth: hci0: command 0x0c1a tx timeout [ 495.509519][T14379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2206'. [ 495.705901][T13849] Bluetooth: hci1: command 0x0c1a tx timeout [ 495.780190][T13849] Bluetooth: hci3: command 0x0c1a tx timeout [ 495.786377][T13850] Bluetooth: hci2: command 0x0c1a tx timeout [ 496.316044][T14400] CIFS mount error: No usable UNC path provided in device string! [ 496.316044][T14400] [ 496.327320][T14400] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 496.334817][T14399] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 496.361101][T14399] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 497.094478][T14417] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 497.104334][T14417] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 497.340193][T14427] random: crng reseeded on system resumption [ 497.519948][T14431] lo: entered allmulticast mode [ 497.544393][T14431] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2217'. [ 498.127435][T14442] CIFS mount error: No usable UNC path provided in device string! [ 498.127435][T14442] [ 498.180215][T14442] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 498.264944][T14421] lo: left allmulticast mode [ 498.547558][T14451] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 498.556922][T14453] CIFS mount error: No usable UNC path provided in device string! [ 498.556922][T14453] [ 498.569650][T14451] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 498.583770][T14453] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 499.440782][T14467] random: crng reseeded on system resumption [ 499.742964][T14471] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 499.782095][T14471] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 500.641602][T14493] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2236'. [ 500.694589][T14500] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 500.740735][T14500] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 501.110625][T14517] CIFS mount error: No usable UNC path provided in device string! [ 501.110625][T14517] [ 501.134066][T14517] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 501.942730][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.949319][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.166935][T14532] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 502.200681][T14532] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 502.951943][T14554] vivid-003: ================= START STATUS ================= [ 502.959653][T14554] vivid-003: Radio HW Seek Mode: Bounded [ 502.983487][T14554] vivid-003: Radio Programmable HW Seek: false [ 503.000170][T14554] vivid-003: RDS Rx I/O Mode: Block I/O [ 503.005807][T14554] vivid-003: Generate RBDS Instead of RDS: false [ 503.025446][T14554] vivid-003: RDS Reception: true [ 503.060197][T14554] vivid-003: RDS Program Type: 0 inactive [ 503.080190][T14554] vivid-003: RDS PS Name: inactive [ 503.085795][T14554] vivid-003: RDS Radio Text: inactive [ 503.098516][T14554] vivid-003: RDS Traffic Announcement: false inactive [ 503.106689][T14554] vivid-003: RDS Traffic Program: false inactive [ 503.120253][T14554] vivid-003: RDS Music: false inactive [ 503.125819][T14554] vivid-003: ================== END STATUS ================== [ 503.150761][T14555] FAULT_INJECTION: forcing a failure. [ 503.150761][T14555] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 503.183194][T14555] CPU: 0 UID: 0 PID: 14555 Comm: syz.1.2253 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 503.194159][T14555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 503.204238][T14555] Call Trace: [ 503.207523][T14555] [ 503.210467][T14555] dump_stack_lvl+0x16c/0x1f0 [ 503.215195][T14555] should_fail_ex+0x497/0x5b0 [ 503.219889][T14555] _copy_to_user+0x32/0xd0 [ 503.224337][T14555] vivid_radio_rx_read+0x7c9/0xb90 [ 503.229490][T14555] ? __pfx_vivid_radio_rx_read+0x10/0x10 [ 503.235157][T14555] vivid_radio_read+0x86/0xc0 [ 503.239849][T14555] v4l2_read+0x226/0x360 [ 503.244214][T14555] ? __pfx_v4l2_read+0x10/0x10 [ 503.249020][T14555] vfs_read+0x1df/0xbe0 [ 503.253300][T14555] ? __fget_files+0x1fc/0x3a0 [ 503.258094][T14555] ? __pfx_lock_release+0x10/0x10 [ 503.263153][T14555] ? __pfx_vfs_read+0x10/0x10 [ 503.267859][T14555] ? lock_acquire+0x2f/0xb0 [ 503.272386][T14555] ? __fget_files+0x40/0x3a0 [ 503.277023][T14555] ? __fget_files+0x206/0x3a0 [ 503.281994][T14555] ksys_read+0x12b/0x250 [ 503.286349][T14555] ? __pfx_ksys_read+0x10/0x10 [ 503.291737][T14555] do_syscall_64+0xcd/0x250 [ 503.296267][T14555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.302192][T14555] RIP: 0033:0x7fcc8f585d29 [ 503.306716][T14555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.326439][T14555] RSP: 002b:00007fcc902f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 503.335131][T14555] RAX: ffffffffffffffda RBX: 00007fcc8f776080 RCX: 00007fcc8f585d29 [ 503.343211][T14555] RDX: 000000000000001b RSI: 0000000020000080 RDI: 0000000000000003 [ 503.351188][T14555] RBP: 00007fcc902f9090 R08: 0000000000000000 R09: 0000000000000000 [ 503.359272][T14555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 503.367259][T14555] R13: 0000000000000001 R14: 00007fcc8f776080 R15: 00007ffe26a46658 [ 503.375448][T14555] [ 503.547198][T14561] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2262'. [ 503.919765][T14570] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2264'. [ 504.141048][T14563] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2254'. [ 504.174119][T14577] CIFS mount error: No usable UNC path provided in device string! [ 504.174119][T14577] [ 504.210717][T14577] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 504.262060][T14580] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006 [ 505.114806][T14590] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 505.132462][T14590] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 506.503942][T14601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2266'. [ 507.204094][T14635] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 507.240169][T14635] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 507.257411][T14638] CIFS mount error: No usable UNC path provided in device string! [ 507.257411][T14638] [ 507.277976][T14638] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 508.385359][T14655] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 508.410098][T14655] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 508.446357][T14657] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2278'. [ 509.368841][T14685] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 509.410176][T14685] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 509.730543][T14693] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2288'. [ 509.737273][T14694] CIFS mount error: No usable UNC path provided in device string! [ 509.737273][T14694] [ 509.782581][T14694] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 509.855148][T14681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2283'. [ 510.472601][T14706] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 510.509452][T14706] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 511.253111][T14730] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2297'. [ 511.318454][T14732] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 511.342678][T14732] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 511.654566][T14742] CIFS mount error: No usable UNC path provided in device string! [ 511.654566][T14742] [ 511.698198][T14742] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 512.850907][T14754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2302'. [ 513.478561][T14772] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 513.510977][T14772] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 513.545694][T14775] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2308'. [ 513.789169][T14777] FAULT_INJECTION: forcing a failure. [ 513.789169][T14777] name failslab, interval 1, probability 0, space 0, times 0 [ 513.802434][T14777] CPU: 0 UID: 0 PID: 14777 Comm: syz.0.2310 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 513.813238][T14777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 513.823402][T14777] Call Trace: [ 513.826690][T14777] [ 513.829636][T14777] dump_stack_lvl+0x16c/0x1f0 [ 513.834336][T14777] should_fail_ex+0x497/0x5b0 [ 513.839037][T14777] ? fs_reclaim_acquire+0xae/0x150 [ 513.844170][T14777] should_failslab+0xc2/0x120 [ 513.848866][T14777] __kmalloc_noprof+0xce/0x4f0 [ 513.853648][T14777] ? tomoyo_encode2+0x100/0x3e0 [ 513.858520][T14777] tomoyo_encode2+0x100/0x3e0 [ 513.863318][T14777] tomoyo_realpath_from_path+0x1a7/0x710 [ 513.868982][T14777] ? tomoyo_path_number_perm+0x235/0x5b0 [ 513.874653][T14777] tomoyo_path_number_perm+0x248/0x5b0 [ 513.880207][T14777] ? tomoyo_path_number_perm+0x235/0x5b0 [ 513.885870][T14777] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 513.891981][T14777] ? __pfx_lock_release+0x10/0x10 [ 513.897019][T14777] ? trace_lock_acquire+0x14e/0x1f0 [ 513.902236][T14777] ? lock_acquire+0x2f/0xb0 [ 513.906764][T14777] ? __fget_files+0x40/0x3a0 [ 513.911384][T14777] ? __fget_files+0x206/0x3a0 [ 513.916087][T14777] security_file_ioctl+0x9b/0x240 [ 513.921135][T14777] __x64_sys_ioctl+0xb7/0x200 [ 513.925836][T14777] do_syscall_64+0xcd/0x250 [ 513.930374][T14777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.936282][T14777] RIP: 0033:0x7fe3da785d29 [ 513.940705][T14777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 513.960335][T14777] RSP: 002b:00007fe3db604038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 513.968935][T14777] RAX: ffffffffffffffda RBX: 00007fe3da975fa0 RCX: 00007fe3da785d29 [ 513.976915][T14777] RDX: 000000002000c380 RSI: 00000000c0606610 RDI: 0000000000000003 [ 513.984987][T14777] RBP: 00007fe3db604090 R08: 0000000000000000 R09: 0000000000000000 [ 513.992987][T14777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 514.001574][T14777] R13: 0000000000000000 R14: 00007fe3da975fa0 R15: 00007ffe78c42768 [ 514.009567][T14777] [ 514.024378][T14777] ERROR: Out of memory at tomoyo_realpath_from_path. [ 514.025089][T14779] CIFS mount error: No usable UNC path provided in device string! [ 514.025089][T14779] [ 514.060185][T14779] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 514.553905][T14789] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 514.574977][T14789] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 515.601816][T14811] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2318'. [ 516.367742][T14827] CIFS mount error: No usable UNC path provided in device string! [ 516.367742][T14827] [ 516.407573][T14827] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 517.189989][T14841] CIFS mount error: No usable UNC path provided in device string! [ 517.189989][T14841] [ 517.201834][T14841] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 517.613549][T14847] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 517.771852][T14847] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 518.404987][T14859] CIFS mount error: No usable UNC path provided in device string! [ 518.404987][T14859] [ 518.460327][T14859] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 518.579477][T13850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 518.589457][T13850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 518.612415][T13850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 518.622306][T13850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 518.635744][T13850] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 518.645879][T13850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 518.904495][T14860] chnl_net:caif_netlink_parms(): no params data found [ 519.038995][T14860] bridge0: port 1(bridge_slave_0) entered blocking state [ 519.052354][T14860] bridge0: port 1(bridge_slave_0) entered disabled state [ 519.059620][T14860] bridge_slave_0: entered allmulticast mode [ 519.087389][T14860] bridge_slave_0: entered promiscuous mode [ 519.107534][T14860] bridge0: port 2(bridge_slave_1) entered blocking state [ 519.128086][T14860] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.141211][T14860] bridge_slave_1: entered allmulticast mode [ 519.160158][T14860] bridge_slave_1: entered promiscuous mode [ 519.211748][T14860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 519.232900][T14860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 519.267714][T14860] team0: Port device team_slave_0 added [ 519.277966][T14860] team0: Port device team_slave_1 added [ 519.306668][T14860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 519.313933][T14860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 519.347522][T14860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 519.364707][T14860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 519.380690][T14860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 519.427132][T14860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 519.490589][T14860] hsr_slave_0: entered promiscuous mode [ 519.500602][T14860] hsr_slave_1: entered promiscuous mode [ 519.510709][T14860] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 519.529538][T14860] Cannot create hsr debugfs directory [ 519.753358][T14860] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 519.832071][T14860] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 519.893649][T14860] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 520.021984][T14860] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 520.262042][T14860] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 520.316640][T14860] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 520.403090][T14860] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 520.491864][T14860] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 520.598922][T14860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 520.639371][T14860] 8021q: adding VLAN 0 to HW filter on device team0 [ 520.666480][ T3496] bridge0: port 1(bridge_slave_0) entered blocking state [ 520.673966][ T3496] bridge0: port 1(bridge_slave_0) entered forwarding state [ 520.741831][ T3496] bridge0: port 2(bridge_slave_1) entered blocking state [ 520.749100][ T3496] bridge0: port 2(bridge_slave_1) entered forwarding state [ 520.750235][T13849] Bluetooth: hci2: command tx timeout [ 520.854255][T14860] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 520.880242][T14860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 521.078645][T14895] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 521.110166][T14895] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 521.191948][T14900] CIFS mount error: No usable UNC path provided in device string! [ 521.191948][T14900] [ 521.203226][T14900] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 521.301902][T14860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 521.373006][T14860] veth0_vlan: entered promiscuous mode [ 521.406033][T14860] veth1_vlan: entered promiscuous mode [ 521.452310][T14860] veth0_macvtap: entered promiscuous mode [ 521.464855][T14860] veth1_macvtap: entered promiscuous mode [ 521.508543][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 521.534288][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.554566][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 521.565752][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.583672][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 521.610088][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.636927][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 521.650305][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.676669][T14860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 521.704183][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 521.717615][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.749401][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 521.769861][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.797191][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 521.812908][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.840257][T14860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 521.860343][T14860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 521.901306][T14860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 521.944850][T14860] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.964600][T14860] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.980193][T14860] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.998868][T14860] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 522.150538][T14914] CIFS mount error: No usable UNC path provided in device string! [ 522.150538][T14914] [ 522.187443][T14914] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 522.269898][ T3443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 522.288361][ T3443] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 522.348444][ T3563] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 522.369894][ T3563] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 522.609438][T14920] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 522.640784][T14920] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 522.820349][T13849] Bluetooth: hci2: command tx timeout [ 523.113601][T14928] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2344'. [ 523.793532][T14943] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 523.842244][T14943] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 523.924885][T14951] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 524.652547][T14965] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2353'. [ 524.910084][T13849] Bluetooth: hci2: command tx timeout [ 525.156409][T14978] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 525.175988][T14978] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 526.067859][T15000] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2365'. [ 526.981512][T13849] Bluetooth: hci2: command tx timeout [ 527.454065][T15043] CIFS mount error: No usable UNC path provided in device string! [ 527.454065][T15043] [ 527.470147][T15043] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 527.624418][T15046] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2375'. [ 527.639347][T15040] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 527.686294][T15040] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 528.414461][T15057] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 529.960423][T15099] CIFS mount error: No usable UNC path provided in device string! [ 529.960423][T15099] [ 529.976873][T15099] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 530.256275][T15110] CIFS mount error: No usable UNC path provided in device string! [ 530.256275][T15110] [ 530.362867][T15110] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 531.176845][T15124] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 531.690739][T15135] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 531.716604][T15135] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 532.358152][T15159] CIFS mount error: No usable UNC path provided in device string! [ 532.358152][T15159] [ 532.420985][T15159] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 532.731428][T15163] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2405'. [ 533.815020][T15195] CIFS mount error: No usable UNC path provided in device string! [ 533.815020][T15195] [ 533.828783][T15195] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 533.988879][T15198] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2415'. [ 535.375590][T15227] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 535.400193][T15227] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 535.716480][T13850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 535.731598][T13850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 535.745267][T13850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 535.758457][T13850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 535.766456][T13850] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 535.774794][T13850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 536.004299][ T3443] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.187077][T15247] CIFS mount error: No usable UNC path provided in device string! [ 536.187077][T15247] [ 536.199266][ T3443] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.228632][T15247] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 536.378109][ T3443] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.603721][ T3443] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.654752][T15232] chnl_net:caif_netlink_parms(): no params data found [ 537.019763][ T3443] bridge_slave_1: left allmulticast mode [ 537.026101][ T3443] bridge_slave_1: left promiscuous mode [ 537.034514][ T3443] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.058331][ T3443] bridge_slave_0: left allmulticast mode [ 537.075472][ T3443] bridge_slave_0: left promiscuous mode [ 537.085920][ T3443] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.722718][ T3443] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 537.737494][ T3443] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 537.748132][ T3443] bond0 (unregistering): Released all slaves [ 537.759766][T15232] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.767614][T15232] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.775345][T15232] bridge_slave_0: entered allmulticast mode [ 537.784126][T15232] bridge_slave_0: entered promiscuous mode [ 537.825917][T15232] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.833238][T15232] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.841324][T15232] bridge_slave_1: entered allmulticast mode [ 537.848908][T15232] bridge_slave_1: entered promiscuous mode [ 537.856247][ T3443] HfR: left promiscuous mode [ 537.861805][T13849] Bluetooth: hci3: command tx timeout [ 537.900761][T15232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 537.912705][T15232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 537.954879][T15232] team0: Port device team_slave_0 added [ 537.981360][T15232] team0: Port device team_slave_1 added [ 538.034653][T15232] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 538.041733][T15232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 538.069093][T15232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 538.087741][T15232] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 538.095169][T15232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 538.121889][T15232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 538.229286][T15232] hsr_slave_0: entered promiscuous mode [ 538.241524][T15232] hsr_slave_1: entered promiscuous mode [ 538.260193][T15232] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 538.280219][T15232] Cannot create hsr debugfs directory [ 538.656075][T15285] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 538.694583][T15285] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 539.033226][ T3443] hsr_slave_0: left promiscuous mode [ 539.048448][ T3443] hsr_slave_1: left promiscuous mode [ 539.058404][ T3443] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 539.067325][ T3443] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 539.076665][ T3443] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 539.084472][ T3443] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 539.102550][ T3443] veth1_macvtap: left promiscuous mode [ 539.108566][ T3443] veth0_macvtap: left promiscuous mode [ 539.114553][ T3443] veth1_vlan: left allmulticast mode [ 539.119970][ T3443] veth1_vlan: left promiscuous mode [ 539.126964][ T3443] veth0_vlan: left promiscuous mode [ 539.957612][T13849] Bluetooth: hci3: command tx timeout [ 540.647546][ T3443] ref_tracker: net notrefcnt@ffff88803566a020 has 1/2 users at [ 540.647546][ T3443] sk_alloc+0xa93/0xb90 [ 540.647546][ T3443] inet6_create+0x380/0x1320 [ 540.647546][ T3443] __sock_create+0x335/0x8d0 [ 540.647546][ T3443] udp_sock_create6+0xc8/0x660 [ 540.647546][ T3443] sctp_udp_sock_start+0x280/0x4b0 [ 540.647546][ T3443] proc_sctp_do_udp_port+0x3ba/0x4a0 [ 540.647546][ T3443] proc_sys_call_handler+0x403/0x5d0 [ 540.647546][ T3443] iter_file_splice_write+0x90f/0x10b0 [ 540.647546][ T3443] direct_splice_actor+0x18f/0x6c0 [ 540.647546][ T3443] splice_direct_to_actor+0x346/0xa40 [ 540.647546][ T3443] do_splice_direct+0x178/0x250 [ 540.647546][ T3443] do_sendfile+0xaed/0xe30 [ 540.647546][ T3443] __x64_sys_sendfile64+0x1da/0x220 [ 540.647546][ T3443] do_syscall_64+0xcd/0x250 [ 540.647546][ T3443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.647546][ T3443] [ 540.736466][ T3443] ref_tracker: net notrefcnt@ffff88803566a020 has 1/2 users at [ 540.736466][ T3443] sk_alloc+0xa93/0xb90 [ 540.736466][ T3443] inet_create+0x3a1/0x10a0 [ 540.736466][ T3443] __sock_create+0x335/0x8d0 [ 540.736466][ T3443] udp_sock_create4+0xa7/0x450 [ 540.736466][ T3443] sctp_udp_sock_start+0x10b/0x4b0 [ 540.736466][ T3443] proc_sctp_do_udp_port+0x3ba/0x4a0 [ 540.736466][ T3443] proc_sys_call_handler+0x403/0x5d0 [ 540.736466][ T3443] iter_file_splice_write+0x90f/0x10b0 [ 540.736466][ T3443] direct_splice_actor+0x18f/0x6c0 [ 540.736466][ T3443] splice_direct_to_actor+0x346/0xa40 [ 540.736466][ T3443] do_splice_direct+0x178/0x250 [ 540.736466][ T3443] do_sendfile+0xaed/0xe30 [ 540.736466][ T3443] __x64_sys_sendfile64+0x1da/0x220 [ 540.736466][ T3443] do_syscall_64+0xcd/0x250 [ 540.736466][ T3443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.736466][ T3443] [ 540.737877][T15232] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 540.850288][ T3443] ------------[ cut here ]------------ [ 540.856209][ T3443] WARNING: CPU: 0 PID: 3443 at lib/ref_tracker.c:179 ref_tracker_dir_exit+0x3e3/0x680 [ 540.866032][ T3443] Modules linked in: [ 540.869973][ T3443] CPU: 0 UID: 0 PID: 3443 Comm: kworker/u8:7 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 540.881185][ T3443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 540.891497][ T3443] Workqueue: netns cleanup_net SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 540.892659][T15319] CIFS mount error: No usable UNC path provided in device string! [ 540.892659][T15319] [ 540.896306][ T3443] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 540.913070][ T3443] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 8b 32 d1 fc 48 8b 74 24 18 48 89 ef e8 7e 98 54 06 90 <0f> 0b 90 e8 75 32 d1 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 04 [ 540.933371][ T3443] RSP: 0018:ffffc9000c947b38 EFLAGS: 00010246 [ 540.939578][ T3443] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 540.948351][ T3443] RDX: 0000000000000001 RSI: ffffffff8b4cd280 RDI: 0000000000000001 [ 540.956541][ T3443] RBP: ffff88803566a020 R08: 0000000000000001 R09: fffffbfff2d36dbc [ 540.964567][ T3443] R10: ffffffff969b6de7 R11: 0000000000000b8f R12: ffff88803566a070 [ 540.972606][ T3443] R13: ffff88803566a070 R14: ffff88803566a070 R15: ffff88803566a070 [ 540.981528][ T3443] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 540.990712][ T3443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 540.997341][ T3443] CR2: 00007f2660816440 CR3: 0000000032ae6000 CR4: 00000000003526f0 [ 541.005569][ T3443] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 541.013657][ T3443] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 541.021805][ T3443] Call Trace: [ 541.025118][ T3443] [ 541.028087][ T3443] ? __warn+0xea/0x3c0 [ 541.032486][ T3443] ? ref_tracker_dir_exit+0x3e3/0x680 [ 541.037924][ T3443] ? report_bug+0x3c0/0x580 [ 541.042782][ T3443] ? handle_bug+0x54/0xa0 [ 541.047206][ T3443] ? exc_invalid_op+0x17/0x50 [ 541.051994][ T3443] ? asm_exc_invalid_op+0x1a/0x20 [ 541.057175][ T3443] ? ref_tracker_dir_exit+0x3e3/0x680 [ 541.062712][ T3443] ? ref_tracker_dir_exit+0x3e2/0x680 [ 541.068153][ T3443] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 541.073979][ T3443] ? lockdep_hardirqs_on+0x7c/0x110 [ 541.079453][ T3443] ? cleanup_net+0x984/0xbd0 [ 541.084299][ T3443] cleanup_net+0x990/0xbd0 [ 541.088908][ T3443] ? __pfx_cleanup_net+0x10/0x10 [ 541.094034][ T3443] ? lock_acquire+0x2f/0xb0 [ 541.098608][ T3443] ? process_one_work+0x8bb/0x1b30 [ 541.103829][ T3443] process_one_work+0x958/0x1b30 [ 541.108836][ T3443] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 541.109221][T15319] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 541.114541][ T3443] ? __pfx_process_one_work+0x10/0x10 [ 541.114576][ T3443] ? rcu_is_watching+0x12/0xc0 [ 541.133679][ T3443] ? assign_work+0x1a0/0x250 [ 541.138588][ T3443] worker_thread+0x6c8/0xf00 [ 541.143581][ T3443] ? __pfx_worker_thread+0x10/0x10 [ 541.148757][ T3443] kthread+0x2c1/0x3a0 [ 541.152940][ T3443] ? _raw_spin_unlock_irq+0x23/0x50 [ 541.158187][ T3443] ? __pfx_kthread+0x10/0x10 [ 541.162888][ T3443] ret_from_fork+0x45/0x80 [ 541.167362][ T3443] ? __pfx_kthread+0x10/0x10 [ 541.172043][ T3443] ret_from_fork_asm+0x1a/0x30 [ 541.176884][ T3443] [ 541.180158][ T3443] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 541.187520][ T3443] CPU: 0 UID: 0 PID: 3443 Comm: kworker/u8:7 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 541.198406][ T3443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 541.208499][ T3443] Workqueue: netns cleanup_net [ 541.213308][ T3443] Call Trace: [ 541.216606][ T3443] [ 541.219539][ T3443] dump_stack_lvl+0x3d/0x1f0 [ 541.224149][ T3443] panic+0x71d/0x800 [ 541.228076][ T3443] ? __pfx_panic+0x10/0x10 [ 541.232605][ T3443] ? show_trace_log_lvl+0x29d/0x3d0 [ 541.237823][ T3443] ? check_panic_on_warn+0x1f/0xb0 [ 541.243040][ T3443] ? ref_tracker_dir_exit+0x3e3/0x680 [ 541.248429][ T3443] check_panic_on_warn+0xab/0xb0 [ 541.253387][ T3443] __warn+0xf6/0x3c0 [ 541.257296][ T3443] ? ref_tracker_dir_exit+0x3e3/0x680 [ 541.262688][ T3443] report_bug+0x3c0/0x580 [ 541.267050][ T3443] handle_bug+0x54/0xa0 [ 541.271252][ T3443] exc_invalid_op+0x17/0x50 [ 541.275773][ T3443] asm_exc_invalid_op+0x1a/0x20 [ 541.280757][ T3443] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 541.286758][ T3443] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 8b 32 d1 fc 48 8b 74 24 18 48 89 ef e8 7e 98 54 06 90 <0f> 0b 90 e8 75 32 d1 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 04 [ 541.306473][ T3443] RSP: 0018:ffffc9000c947b38 EFLAGS: 00010246 [ 541.312550][ T3443] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 541.320530][ T3443] RDX: 0000000000000001 RSI: ffffffff8b4cd280 RDI: 0000000000000001 [ 541.328619][ T3443] RBP: ffff88803566a020 R08: 0000000000000001 R09: fffffbfff2d36dbc [ 541.337046][ T3443] R10: ffffffff969b6de7 R11: 0000000000000b8f R12: ffff88803566a070 [ 541.345078][ T3443] R13: ffff88803566a070 R14: ffff88803566a070 R15: ffff88803566a070 [ 541.353094][ T3443] ? ref_tracker_dir_exit+0x3e2/0x680 [ 541.358524][ T3443] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 541.364270][ T3443] ? lockdep_hardirqs_on+0x7c/0x110 [ 541.369485][ T3443] ? cleanup_net+0x984/0xbd0 [ 541.374163][ T3443] cleanup_net+0x990/0xbd0 [ 541.378623][ T3443] ? __pfx_cleanup_net+0x10/0x10 [ 541.383586][ T3443] ? lock_acquire+0x2f/0xb0 [ 541.388177][ T3443] ? process_one_work+0x8bb/0x1b30 [ 541.393304][ T3443] process_one_work+0x958/0x1b30 [ 541.398273][ T3443] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 541.403919][ T3443] ? __pfx_process_one_work+0x10/0x10 [ 541.409300][ T3443] ? rcu_is_watching+0x12/0xc0 [ 541.414114][ T3443] ? assign_work+0x1a0/0x250 [ 541.418723][ T3443] worker_thread+0x6c8/0xf00 [ 541.423432][ T3443] ? __pfx_worker_thread+0x10/0x10 [ 541.428644][ T3443] kthread+0x2c1/0x3a0 [ 541.432835][ T3443] ? _raw_spin_unlock_irq+0x23/0x50 [ 541.438047][ T3443] ? __pfx_kthread+0x10/0x10 [ 541.442738][ T3443] ret_from_fork+0x45/0x80 [ 541.447197][ T3443] ? __pfx_kthread+0x10/0x10 [ 541.451814][ T3443] ret_from_fork_asm+0x1a/0x30 [ 541.456624][ T3443] [ 541.459948][ T3443] Kernel Offset: disabled [ 541.464340][ T3443] Rebooting in 86400 seconds..