last executing test programs: 20m48.880428696s ago: executing program 3 (id=1251): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000a80), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x20000040) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r1) sendmsg$auto_TIPC_NL_MEDIA_SET(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x3b8, r2, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0xe0, 0x3, 0x0, 0x1, [@typed={0xda, 0x12a, 0x0, 0x0, @binary="f7ae0bbe8f0b0eb51651ec1bd45dbd8406023d742667651efe895fb8f9b375e380e8dff8b6d9798b101a5b99b694b929a272bf093b195f78b9ebd2f2c8fa4606ed4f5fdcfbf11a299899ffbb57e6d7270b9129972399aff29b320f2a3c83f5b1378bd345856702685b76789105f57ab25f243001bc12efbbe58d0859b70dae613d779455572f7f791d2fc409c21f3e679c0a2815b19900832b7cf41346cf337e7eeb663be9b0039dfd139ca2ecf40f12b07b008dfd99a1a64d0e2e9925d1b4247dc83d762737c16a51b80e0cfcf609a32a309c60fd49"}]}, @TIPC_NLA_MEDIA={0x25c, 0x5, 0x0, 0x1, [@generic="1cc33175b4f1b4c77a8d20153b1bf9c3ae2dcb89e0695db24ca73dfdf32c25a6a6c6d58105359b8b20efdda24bf0619c6652ac03de938b5ac26bb4e9fd9b64578e2404b0335ccec23f988f259ad7426c760cdb0cd8abd3539f75b08f7a3d950e978245ab81c1b66689e0b1cb", @nested={0x1d8, 0x47, 0x0, 0x1, [@generic="3dba17389056fce06ddcb285901a1907f50de1bcf7918c33f904d6142cd12114e04c3387c0a4e62a7d549f9178fe4d8f1101b67b9a69e89f2dc67bac798cb75de43fb05d89d9fe953a7523ba9becf9975ceec48e7d1056c7dea6e6fd281d6aeefb67a0c7892c6af7c7842ea8f3c34006f7bf35401d63a729f8a9966033210e75af5296718fccce9666308d21cbed48c36c6f2b19aa5b1ce847016558ad4b2edcc349ae5a0cc9c38cef2075452fe665909f90d363a96ed3c36156983ebcabaafbbdf2525e87e5741d2bcf1adb3cd0418f56ce569311562316092d76d9f31b55fc", @generic="eb5e81171ee613d6bdf42e46ace609a23000adfe0863258b37e2e5d4c77c9be42e7c217d301ec04ffd3e89dcee322ad6ec964edb02e2ab50d9edf538179055c6db6f6c750c1cd8fc8ceda65d312f3be5ea1b7ace899d3d5edbaad777077be3f37e76e070d5ee8ca2779d93b550f7e3fa074461000927630d46544adf94c96c18011173c18d53b2eb6b652b85c56474f9a6bd03dfc91cf885eabbe37f2594ff19ed4dccc5e5a08cfeed8fb39b2ba4745b5990ce346aa18e463ebacb71733f608271e8ddd99bd3ad3c4e08b0e82cf05fec9b4e1cdb7307efad73ded08cb39fcd2af8355e93518c9eccc0757d15", @nested={0x4, 0x8b}, @nested={0x4, 0x12c}]}, @typed={0x14, 0x119, 0x0, 0x0, @ipv6=@mcast2}]}, @TIPC_NLA_MON={0x64, 0x9, 0x0, 0x1, [@generic, @nested={0x5e, 0x44, 0x0, 0x1, [@typed={0x8, 0x5e, 0x0, 0x0, @fd=r0}, @generic="428c6286eb5566afad847e3452a15b047d431ac987d7e34a5743f24aee55b557296107fb2104d62d449fd3c8e8612794331147e1a543b7e55fb46014cede77dcb626ac23e4b4", @typed={0x4, 0xc7, 0x0, 0x0, @binary}, @typed={0x8, 0x4c, 0x0, 0x0, @uid}]}]}, @TIPC_NLA_UNSPEC={0x4}]}, 0x3b8}, 0x1, 0x0, 0x0, 0x8004}, 0x44004) 20m48.782927349s ago: executing program 3 (id=1254): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000900), 0x81, 0x0) ioctl$auto_TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000940)=0x3) write$auto_tap_fops_tap(r0, &(0x7f00000000c0)="558dfbaff0debeeb75f3", 0xa) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4040000) pipe2$auto(0x0, 0x5) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) 20m47.994108491s ago: executing program 3 (id=1259): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x200007, 0x8) open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x23, 0x80805, 0x0) epoll_create$auto(0x4) epoll_pwait$auto(r0, 0x0, 0x3, 0x6, &(0x7f00000001c0)={0x100000001}, 0x8) mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xc8) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mount$auto(&(0x7f0000000000)='pimreg\x00', &(0x7f0000000040)='\x00', 0x0, 0x10dfd057, 0x0) mount$auto(0x0, &(0x7f0000000040)='802_15_4_MAC\x00', 0x0, 0xaaa, 0x0) access$auto(&(0x7f0000000040)='./cgroup\x00', 0x7) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x4c100, 0x0) 20m47.469418463s ago: executing program 3 (id=1266): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x30, 0x80000006, 0x4) r0 = semctl$auto(0x3, 0x8, 0x5, 0x4) capset$auto(&(0x7f0000000040)={0x9, r0}, &(0x7f0000000080)={0x7d013ce8}) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setdomainname$auto(&(0x7f00000000c0)=']^#&.r(\x00', 0x10) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x42, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffbffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xe3, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) pivot_root$auto(0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) setdomainname$auto(&(0x7f0000000100)=']^#&.r(\x00', 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x200000, 0x200006, 0x1, 0x40eb1, 0x602, 0xb00000000000) 20m46.501396241s ago: executing program 3 (id=1275): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r0) sendmsg$auto_SMC_NETLINK_FLUSH_UEID(r0, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000002500)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20008090}, 0x10) 20m46.40839062s ago: executing program 3 (id=1278): openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x200, 0x0) getdents$auto(0x600000000, 0xfffffffffffffffd, 0xd00) mmap$auto(0x0, 0x20000a, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) move_pages$auto(0x0, 0x664e1808, 0x0, &(0x7f0000001140), 0x0, 0x2) r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0) read$auto_safesetid_gid_file_fops_securityfs(r0, 0x0, 0x0) socketpair$auto(0x1d, 0x2, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x22240, 0x118) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0xfffffffffffffffd, 0x40000b, 0xdf, 0x9b72, r1, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x8005, 0x0) io_uring_register$auto(0x2, 0x19, &(0x7f0000000180), 0x1) r2 = getpid() openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/radio18\x00', 0x28001, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) prctl$auto(0x1000000003b, 0x1, r2, 0x7fe, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7ffffffffff7fff6, 0x9) mremap$auto(0x0, 0x3, 0x3fd6, 0x3, 0x1000000000f1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x17, 0x2, 0x8000) readv$auto(0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x7ffc) 20m31.070501425s ago: executing program 32 (id=1278): openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x200, 0x0) getdents$auto(0x600000000, 0xfffffffffffffffd, 0xd00) mmap$auto(0x0, 0x20000a, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) move_pages$auto(0x0, 0x664e1808, 0x0, &(0x7f0000001140), 0x0, 0x2) r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0) read$auto_safesetid_gid_file_fops_securityfs(r0, 0x0, 0x0) socketpair$auto(0x1d, 0x2, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x22240, 0x118) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0xfffffffffffffffd, 0x40000b, 0xdf, 0x9b72, r1, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x8005, 0x0) io_uring_register$auto(0x2, 0x19, &(0x7f0000000180), 0x1) r2 = getpid() openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/radio18\x00', 0x28001, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) prctl$auto(0x1000000003b, 0x1, r2, 0x7fe, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7ffffffffff7fff6, 0x9) mremap$auto(0x0, 0x3, 0x3fd6, 0x3, 0x1000000000f1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x17, 0x2, 0x8000) readv$auto(0xffffffffffffffff, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x7ffc) 19m44.837564945s ago: executing program 4 (id=1665): r0 = socket(0x23, 0x80805, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4040000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000c00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_VLAN(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fcdbdf251100000008000300", @ANYRES32=r3, @ANYBLOB="0a0005007fffbbbbbbbb8000060028"], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4008090) sendmsg$auto_BATADV_CMD_SET_VLAN(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x78, r2, 0x100, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_MESH_IFNAME={0x14, 0x4, 'veth1_to_team\x00'}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_TT_VID={0x6, 0x14, 0x9}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x10000}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x7}, @BATADV_ATTR_BLA_BACKBONE={0xa, 0x21, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}}, @BATADV_ATTR_TT_ADDRESS={0xa, 0x10, @multicast}]}, 0x78}, 0x1, 0x0, 0x0, 0x4000004}, 0x4040) pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) 19m44.523369948s ago: executing program 4 (id=1667): r0 = socket(0xa, 0x3, 0x87) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f00000029c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x181041, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x48891}, 0x20) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r2) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) mq_notify$auto(0x5cf5, &(0x7f0000000100)={@sival_ptr=0x0, @inferred=r0, 0x2, @_sigev_thread={0x0, 0x0}}) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) 19m43.625304s ago: executing program 4 (id=1674): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fcntl$auto(0x0, 0x408, 0x0) 19m43.534934205s ago: executing program 4 (id=1675): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000480), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0xa, 0x3, 0x6) io_uring_setup$auto(0x8, 0x0) ioctl$auto(r2, 0x890c, 0x1) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_JOIN_MESH(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f00000004c0)={0x634, r3, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_S1G_CAPABILITY={0x70, 0x128, "139ae6d7039800a00515e011817fcf76d1865aa3eea6486444955747ed8fb542f3577ef8abefed9a82a91f00ce61d9e4d2fe6ccd9c5a4dac29cda1d401b586c34d8b07a045ac5bb213e496e415446cb68c536fd840e0cecdcaff34e0e3775c73d12265df6127df852051949c"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x58a, 0x2c, 0x0, 0x1, [@typed={0x8, 0x11b, 0x0, 0x0, @u32=0x10}, @nested={0xee, 0x10, 0x0, 0x1, [@generic="7a33c80f2d263237b06330538b3eb577fad5839a0558c3d53e7862b0108c7e59be165022184fbe4fb7f5222996b6f5d88befef1e64921f808038b2c422f0d165f04a2c00739b688467fc16ebaf4174ba268481f0fa865af32b7467ff5454c26d2313839577c1c444d00dc273c03849f26c0c6acb691106f2d683345fb978374101bb0a20f23ac22f", @nested={0x4, 0x22}, @generic="946bc5fef431dbf00eb61aa37a517d76ff8a6b44f503ab95d2ff49054cade2cba9890ff0ee38752b6810cf14f45fab7454979164daf303840caa3179ff6d127dacd1c1b1a204c4f15c3a34f1d3f717b6a21aa156de7ddf761194cd7b0838"]}, @generic="b52d5f2ff3f7d510284051b8acbd8b62e730214419295ef0f442ad1e476b99bb76479333f2121733488f8700443381734dad01fdf8736a9bda281d71f6886d74754a48861448a4ddc830fc92c34bf0eb7eec68e7fb065d6c953694309b11cec96d9fe6b76d11611b61b7f6b58b83c2d7c05028ff07055a2b2924a7355603a14cb2fba9cfaf966012be3da67fb1c07abce7e31d2cf691542588218681b09ab8a6f6e69d534561ab8ca3896e156fcf98f5e45337bf7989a972aa7901005b09ce0a134ede49e62c", @nested={0x2ab, 0x142, 0x0, 0x1, [@typed={0x8, 0xdd, 0x0, 0x0, @ipv4=@private=0xa010101}, @typed={0x5, 0xe0, 0x0, 0x0, @str='\x00'}, @generic="b3b92c9cc2e5b2394b3aa1244057c44910019a186286aff4dc418ac76bb4227d7efe7555d59c03cb91546f782c9dd7d16c993630d5107be847a07a9feea407051578f694706f0d2095c81d6a9415b9ce72de1a6988608db20aad07e55823afc18ba1f64374801ea9633f0a3acf74e21bc3168a92c76d4494cc6559072217e08df0ab6674258d352eed33d2643fa9e6165828727ae7735e2b792c3702a7d335be9eb5c4a4ddbe27b764849cacb9480e772392c8c1f0a5ee7dc68667e86aa0c4d8c652a512fd7c998ad7ceed4aa6c15ad2fd1f20336ebdd10e1e7d8f425d404a5650f88aa90d", @generic="b125a2515048a89d4a24e8e0d9bcaa38a6dd583761e17c5a3fafdb6a43054ae288401d3a7a22c7bcff57347e1a38e53ca5902fa5d0d62ac492154e47fa2d2f3904cc30c33c971d334c93f2d50149f09b5cf52e627cb1a98202e599a44353bd4caaf8427e63e0004139064beeac271127c2eca79b4a0a274e9cede7526c546f2e69d1633545", @generic="969cca37942c2ddb34c6273b5c148d0c79b30bcd40e6b5af2e88dba19b5609f3a423f4f5fc26d168af618180653ca25980f3029a98596ae799eea2824b2ee77d637c7df4a16f8172a84f038914a04314d48f27fe552141004b90f307ce220dd539e2b45d09b3081d4daf8f3e72a5c85f2c294845daa313d4af6a308aec2cf0e0b662b6c8508d61ceff6d0d856f7d3f3af270ac0a675b6c44f04cd33ed5b526de05cb5265d859", @generic="7e257072399c51657101ad7f1a94ef0bafa37e831abc56e52a1b0b7ffbaaf621dce5366a1ed7202af3aa7f354dc35a12ffda8926f6073c87d74d3f5aba16ff75b39774376ac5b3fb66a30ed45e615d626411e7f30e543750360549d91c494b6ff398cfe9680494a40bf29fd398f8be2fa33f53d834e5faa5b0e4e0", @nested={0x4, 0xd6}, @typed={0x8, 0x5, 0x0, 0x0, @u32=0x5}]}, @nested={0x14, 0x24, 0x0, 0x1, [@typed={0x8, 0xe7, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x19}}, @nested={0x4, 0x64}, @nested={0x4, 0x8e}]}, @nested={0x8, 0xda, 0x0, 0x1, [@nested={0x4, 0xb9}]}, @generic="eb8f957b0793877744c5539c1ac6cd7df462ccbb319db055d833ca57353ede998eed", @generic="50e172e44ce968c8cb31cd0c9a7086a56f6a5128b26c9af201becd710d4e70d429bb8e805b1bc32e357e12bc214512d4843cdf8569386b373c6aa35047ec63419144a59c9e4092ee1296ff26c40b2fe4bd47b99a06ed910ae1bd1dd3e64d9e7eff7608554d189fb6d566079c512897e1f3e9c43354b35e06bc0482b6e8df3e5427349b097af492268baa46e49625b78a648c76310953d7681620bc6ea7011fedc9df6a537546f9d51982bba0850fe991531ea29b4dacd9eee6e78b0435bb352c63d52149e3954147336d28a2542275965300bca79158d2a0790b8ab23c14"]}, @NL80211_ATTR_MLD_ADDR={0x24, 0x13a, "687aa369b805459f4f0b1370a90309eaed1457252e671192c8f2f3b987bef155"}]}, 0x634}, 0x1, 0x0, 0x0, 0x4000004}, 0xc1) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x28}, 0x1, 0x0, 0x0, 0x14}, 0x804) 19m43.231225432s ago: executing program 4 (id=1678): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x31}}, 0x6a) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) tkill$auto(0x1, 0x7) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000400), r0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) select$auto(0xb, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0xff, 0x2000000000000002, 0x9, 0x8, 0xffffffffffffffff, 0xa, 0x4, 0x400, 0x6, 0x4006]}, 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) write$auto_seq_oss_f_ops_seq_oss(r1, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52", 0xf8) socket(0xa, 0x3, 0x3b) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000880), r2) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x6, 0x1ff, 0x7, 0x1d, 0x7181, 0x7fffffff, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0xffffffffffff8001, 0x8, 0x10007, 0x80, 0x629d, 0x0, 0xa, 0x8022000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0xfffffffffffff6c6, 0x0, 0x2000, 0x0, 0xe, 0x3, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x90, 0x8000000000000, 0x6, 0x7, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x2000000000000004, 0xfffffffffffffe00, 0x0, 0x5, 0x5, 0xdcb, 0xffff, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0x8000000000a38, 0x0, 0x3, 0xfffffffffff7fffc, 0x1, 0x3ff, 0x7, 0xc567]}, 0x1fe, 0xd) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffffffffffd11, &(0x7f00000001c0)) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000940)={'batadv0\x00'}) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000380), 0x80a00, 0x0) 19m42.665871729s ago: executing program 4 (id=1681): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4040000) pipe2$auto(0x0, 0x80) r0 = socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0xfffffffffffffffc, 0xe2, 0x12, r0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x2c8480, 0x0) select$auto(0x5, &(0x7f0000000080)={[0x2000000d, 0xfffffffffffffffc, 0x9, 0x5, 0x2, 0xfffffffffffffffe, 0x3, 0x2f, 0xcad, 0x2, 0x6, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/phonet\x00', 0xc8000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000000c0)=""/10, 0xa) r3 = socket(0x2, 0x5, 0x0) sendmmsg$auto(r3, &(0x7f00000003c0)={{&(0x7f0000000440)="aa2aaad3907d02df2615f6850f908a6242f9e7d4c69f515236ffc81442a3847ec8ba96ad8b5e31d4517acc6b1e3c57a9d2fb59def7cf92dd92201c74336d08f11cc4cb3ca91930ff6cba", 0x10, 0x0, 0x3, 0x0, 0x11e9, 0x10}, 0x400a7}, 0x7, 0x7fffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x4000, 0x0) io_submit$auto(0xbe2f, 0xfffffffffffffffc, &(0x7f0000000140)=&(0x7f0000000380)={0x7, 0x2, 0xfffff541, 0x5, 0x7ffb, r1, 0x8, 0xfffffffffffffffb, 0xb, 0x0, 0xe1, r4}) pwrite64$auto(r7, &(0x7f0000000200)='+)\x00', 0x8, 0x7fffffff) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0040000", @ANYRES16=r5, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r6, @ANYBLOB], 0x4d0}}, 0x4000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) readahead$auto(0xffffffffffffffff, 0x10000000e, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYRES32=r11, @ANYRESOCT=r8], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) ioctl$auto(0x3, 0x8904, 0xfffffffffffffffe) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) 19m42.412058652s ago: executing program 33 (id=1681): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4040000) pipe2$auto(0x0, 0x80) r0 = socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0xfffffffffffffffc, 0xe2, 0x12, r0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x2c8480, 0x0) select$auto(0x5, &(0x7f0000000080)={[0x2000000d, 0xfffffffffffffffc, 0x9, 0x5, 0x2, 0xfffffffffffffffe, 0x3, 0x2f, 0xcad, 0x2, 0x6, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/phonet\x00', 0xc8000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000000c0)=""/10, 0xa) r3 = socket(0x2, 0x5, 0x0) sendmmsg$auto(r3, &(0x7f00000003c0)={{&(0x7f0000000440)="aa2aaad3907d02df2615f6850f908a6242f9e7d4c69f515236ffc81442a3847ec8ba96ad8b5e31d4517acc6b1e3c57a9d2fb59def7cf92dd92201c74336d08f11cc4cb3ca91930ff6cba", 0x10, 0x0, 0x3, 0x0, 0x11e9, 0x10}, 0x400a7}, 0x7, 0x7fffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x4000, 0x0) io_submit$auto(0xbe2f, 0xfffffffffffffffc, &(0x7f0000000140)=&(0x7f0000000380)={0x7, 0x2, 0xfffff541, 0x5, 0x7ffb, r1, 0x8, 0xfffffffffffffffb, 0xb, 0x0, 0xe1, r4}) pwrite64$auto(r7, &(0x7f0000000200)='+)\x00', 0x8, 0x7fffffff) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0040000", @ANYRES16=r5, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r6, @ANYBLOB], 0x4d0}}, 0x4000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) readahead$auto(0xffffffffffffffff, 0x10000000e, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYRES32=r11, @ANYRESOCT=r8], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) ioctl$auto(0x3, 0x8904, 0xfffffffffffffffe) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) 37.55700788s ago: executing program 2 (id=7002): r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) newfstatat$auto(r0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x4, 0x5b, 0x3, 0x0, 0xee00, 0xee01, 0x0, 0x2, 0x2, 0x7, 0xfffffffffffff801, 0x8, 0x7, 0x8, 0x8c27, 0x8000, 0x180000000}, 0x70) msgctl$auto(0x6, 0x0, &(0x7f0000000200)={{0x5, 0xee01, r1, 0x6, 0x80, 0x4, 0x2}, &(0x7f0000000180)=0x12, &(0x7f00000001c0)=0x4, 0x1, 0xfffffffffffffffe, 0x6, 0x8000000000000001, 0x92d6, 0x81, 0x1, 0x3, @raw=0x10000006, @raw}) fstat$auto(r0, &(0x7f0000000000)={0x9, 0x81, 0x7, 0xfffffffd, r2, 0xee01, 0x0, 0x6, 0x1, 0x5, 0xc0f, 0x4000000000000002, 0x7ff, 0x92bc, 0xffffffff, 0x6, 0x3}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x1d, &(0x7f0000000080)={0x9, 0x60, 0x0, @raw=0x2}}) mmap$auto(0x0, 0x20009, 0x4100000000df, 0xeb5, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, 0x0, 0x10) quotactl$auto(0xc000000, &(0x7f0000000100)='/\x00', 0x8, 0x0) r3 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/tty/driver/serial\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r4 = socket(0x15, 0x5, 0x0) setsockopt$auto(r4, 0x114, 0x1d, 0x0, 0x4) read$auto_proc_single_file_operations_base(r3, &(0x7f00000000c0)=""/41, 0x11) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x16c) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x1) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, 0x0, 0x2000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) socket(0x2, 0x801, 0x106) bind$auto(0x3, &(0x7f0000000000), 0x68) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(0x3, 0x6, 0xb, 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r6 = open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8) write$auto(r6, 0x0, 0xeffd) 36.604680082s ago: executing program 2 (id=7004): mlockall$auto(0x7) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x300000000000000, 0x20499d, 0x9) 36.449831975s ago: executing program 2 (id=7006): getsockopt$auto(0x3, 0x6, 0x9, 0x0, 0x0) socket(0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x3, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) io_uring_setup$auto(0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x412a42, 0x5c) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(&(0x7f0000000240)=0x8) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) close_range$auto(0x2, 0x8000, 0x0) r0 = inotify_init1$auto(0xfffffff9) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), r0) sendto$auto(0x3, 0x0, 0xc93b, 0x100101, 0x0, 0x10001) 36.161304508s ago: executing program 2 (id=7010): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x604c837}, 0x4010) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101000, 0x0) socket(0x1d, 0x3, 0x1) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x1, 0x9, 0x93d, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x401c, 0x5, 0x2, 0x7, 0xb0, 0x7, 0x2, 0x3, 0x8, 0x7, 0x0, 0x6, 0x0, 0x0, 0x1fffffff, 0x0, [0x0, 0x8000000, 0x0, 0x7, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0x81) socket(0x1d, 0x3, 0x1) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40400c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)="f5926efb02ca11d742218538645cd364c8b39c9ca1af149652c8d28c305879e66b3824814230bd58643e440947326479014896514622cccd294a5e33ec42d47fa1ac73837d6da69d0aaece6fc5c17a41bbbb8abc1893ac97cd305a6eab8a24d8aa0d9393640b6677a4f5843f815f8fed10c2cd999dcdcd9814ef01ae82b6f8dacffdbece368dd587a0a8452cfaa3a241c84ac05c3c4de9aaa60c93f6aec52bea6721c3b23ba2823464e8a3", 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_dfs_dom_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x1e, 0x1, 0x0) getsockname$auto(r2, &(0x7f0000000000), 0x0) 34.906208385s ago: executing program 2 (id=7019): mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) inotify_add_watch$auto(0xe535, 0xfffffffffffffffc, 0xd9) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0xa) sysfs$auto(0x2, 0x4, 0x0) setsockopt$auto(0x3, 0x0, 0x14, 0x0, 0x6) read$auto(0x3, 0x0, 0x80) connect$auto(0x3, &(0x7f00000000c0), 0x55) write$auto(r0, 0x0, 0x8) socket(0x2, 0x801, 0x100) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/remaddr\x00', 0x242101, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) statmount$auto(0x0, 0x0, 0x1fe, 0x81) pread64$auto(r1, 0x0, 0x2, 0x8001) socket(0x29, 0x5, 0x3) 34.438922868s ago: executing program 2 (id=7021): r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_CLEAR_HALT(r0, 0x4004550e, &(0x7f00000000c0)=0x91e676b5) r1 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) mmap$auto(0x0, 0xda, 0x1, 0xeb1, 0x40000000000a5, 0x8000) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) ioperm$auto(0x7, 0x7, 0x4) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) timer_create$auto(0x8, 0x0, 0x0) timer_getoverrun$auto(0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x4) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x101, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:01.3/power/control\x00', 0x1cd102, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6tnl0/carrier_down_count\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/195, 0xc3) socket(0x21, 0x2, 0x2) r3 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/prev\x00', 0x1, 0x0) write$auto_proc_pid_attr_operations_base(r3, &(0x7f0000000800)="50c3d5", 0x3) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) sysfs$auto(0x2, 0x9, 0x0) fsopen$auto(0x0, 0x1) ioctl$auto(r4, 0x40045407, 0x3) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) 18.893012258s ago: executing program 34 (id=7021): r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_CLEAR_HALT(r0, 0x4004550e, &(0x7f00000000c0)=0x91e676b5) r1 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) mmap$auto(0x0, 0xda, 0x1, 0xeb1, 0x40000000000a5, 0x8000) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) ioperm$auto(0x7, 0x7, 0x4) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) timer_create$auto(0x8, 0x0, 0x0) timer_getoverrun$auto(0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x4) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x101, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:01.3/power/control\x00', 0x1cd102, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6tnl0/carrier_down_count\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/195, 0xc3) socket(0x21, 0x2, 0x2) r3 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/prev\x00', 0x1, 0x0) write$auto_proc_pid_attr_operations_base(r3, &(0x7f0000000800)="50c3d5", 0x3) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) sysfs$auto(0x2, 0x9, 0x0) fsopen$auto(0x0, 0x1) ioctl$auto(r4, 0x40045407, 0x3) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) 5.66914494s ago: executing program 6 (id=7106): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x0, 0x0) ioctl$auto_def_blk_fops_fs(r0, 0x1262, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r1 = socket(0x9, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setrlimit$auto(0x1000000007, 0x0) mlockall$auto(0x3) io_uring_setup$auto(0x6, 0x0) mlockall$auto(0x6) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r1, 0x0, 0x5, 0x20000000) close_range$auto(0x2, 0x8000, 0x0) 3.364259752s ago: executing program 1 (id=7117): keyctl$auto(0x20000016, 0x0, 0xfffffffe, 0x400040, 0xa8) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0xd8) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/dummy_hcd.5/usb6/power/wakeup_count\x00', 0x80, 0x0) mmap$auto(0x0, 0x21e, 0x7, 0x100000000eb1, 0x0, 0x2008000) read$auto(r0, 0x0, 0x4) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x1cdd81, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x4c06, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) setreuid$auto(0x4, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket(0x2b, 0x1, 0x1) socketpair$auto(0xffffffff, 0x1, 0x6, 0x0) ioctl$auto(r2, 0x8941, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) get_robust_list$auto(0x0, 0x0, 0x0) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r3, 0x80104592, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/rpc/auth.unix.ip/content\x00', 0x2000, 0x0) pread64$auto(r4, 0x0, 0xf42c, 0x38) ioctl$auto(0x3, 0xc0585605, 0x38) shmget$auto(0x7fff, 0xfffffffffffffff7, 0x4) 3.248455809s ago: executing program 1 (id=7118): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fremovexattr$auto(0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7f}]}, 0x28}, 0x1, 0x0, 0x0, 0x8080890}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c004}, 0x40080c0) ioctl$auto(0x3, 0xc038563c, 0x38) 2.750351069s ago: executing program 0 (id=7120): r0 = socket(0x27, 0x80000, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140)) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r1 = socket$nl_generic(0x10, 0x3, 0x10) memfd_secret$auto(0xffff0000) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000440), r0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002e00"/14], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x24004080) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x9) mmap$auto(0x0, 0x4000000020009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) lsm_get_self_attr$auto(0x3, &(0x7f0000000080)={0x427b7269, 0x0, 0x2}, &(0x7f0000000000)=0x645c6b85, 0x1) socket(0x1e, 0x5, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x189002, 0x0) futex$auto(0x0, 0x5, 0x4, 0x0, 0x0, 0xa000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mknod$auto(0x0, 0xc9, 0xc8) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) mmap$auto(0x0, 0x400008, 0xdf, 0x210, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munlock$auto(0x9, 0x29b9) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/current\x00', 0x10001, 0x0) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) writev$auto(0x4, &(0x7f0000002bc0)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) r3 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000000c0), r0) sendmsg$auto_IPVS_CMD_ZERO(r1, &(0x7f0000000040)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES8, @ANYRES16=r3, @ANYBLOB="08002cbd7000fefbdf251000000008000600090000000800060008000000080004008a030000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x1) madvise$auto(0x0, 0x20200, 0x15) 2.651497421s ago: executing program 1 (id=7121): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_DELPDP(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000024c0)={0x1c, r1, 0x9, 0x70bd2a, 0x25dfdbfe, {}, [@GTPA_VERSION={0x8, 0x2, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0xddabd4b821bb06c6) r2 = socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0x4000eb1, 0xfffffffffffffffa, 0x8000) r3 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8000, 0x0) ioctl$auto_IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r3, 0x7a6, 0x0) fanotify_mark$auto(r2, 0x8, 0x1, r3, &(0x7f00000001c0)='./file0\x00') open(0x0, 0x1b3640, 0x155) r4 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r4, 0x107, 0xf, 0x0, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r3) pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00') sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, r5, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@ETHTOOL_A_MODULE_FW_FLASH_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @ETHTOOL_A_MODULE_FW_FLASH_FILE_NAME={0x6, 0x2, ')\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x4008018) sendmmsg$auto(r2, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='S', 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002480), 0xffffffffffffffff) (async) sendmsg$auto_GTP_CMD_DELPDP(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000024c0)={0x1c, r1, 0x9, 0x70bd2a, 0x25dfdbfe, {}, [@GTPA_VERSION={0x8, 0x2, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0xddabd4b821bb06c6) (async) socket(0x11, 0x3, 0x9) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x4000eb1, 0xfffffffffffffffa, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async) close_range$auto(0x2, 0x8000, 0x0) (async) ioctl$auto_IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r3, 0x7a6, 0x0) (async) fanotify_mark$auto(r2, 0x8, 0x1, r3, &(0x7f00000001c0)='./file0\x00') (async) open(0x0, 0x1b3640, 0x155) (async) socket(0x11, 0x80003, 0x300) (async) setsockopt$auto(r4, 0x107, 0xf, 0x0, 0x6) (async) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) (async) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r3) (async) pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00') (async) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, r5, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@ETHTOOL_A_MODULE_FW_FLASH_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @ETHTOOL_A_MODULE_FW_FLASH_FILE_NAME={0x6, 0x2, ')\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x4008018) (async) sendmmsg$auto(r2, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='S', 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100) (async) 2.475800085s ago: executing program 5 (id=7122): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x604c837}, 0x4010) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101000, 0x0) socket(0x1d, 0x3, 0x1) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x1, 0x9, 0x93d, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x401c, 0x5, 0x2, 0x7, 0xb0, 0x7, 0x2, 0x3, 0x8, 0x7, 0x0, 0x6, 0x0, 0x0, 0x1fffffff, 0x0, [0x0, 0x8000000, 0x0, 0x7, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0x81) socket(0x1d, 0x3, 0x1) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40400c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)="f5926efb02ca11d742218538645cd364c8b39c9ca1af149652c8d28c305879e66b3824814230bd58643e440947326479014896514622cccd294a5e33ec42d47fa1ac73837d6da69d0aaece6fc5c17a41bbbb8abc1893ac97cd305a6eab8a24d8aa0d9393640b6677a4f5843f815f8fed10c2cd999dcdcd9814ef01ae82b6f8dacffdbece368dd587a0a8452cfaa3a241c84ac05c3c4de9aaa60c93f6aec52bea6721c3b23ba2823464e8a3", 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_dfs_dom_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x1e, 0x1, 0x0) getsockname$auto(r2, &(0x7f0000000000), 0x0) 2.458261447s ago: executing program 6 (id=7123): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0xfffffffffffffeff, &(0x7f0000000000)={0x0, 0x2cb8}, 0x1, 0x0, 0x0, 0x401c054}, 0x2404c084) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0xfffffffffffffffc, 0x400008, 0x1000000000df, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) bind$auto(0x3, 0xfffffffffffffffd, 0x0) write$auto(0x3, 0x0, 0x1) socket(0x10, 0x2, 0x0) close_range$auto(0xffffffffffffffff, 0x8000, 0x0) socket(0x26, 0x1, 0x106) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000840), 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00', 0x0}) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000001c40)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fcdbdf251200140008000600020000000c00018008000100", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x0) openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x19ba81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x6, 0x0) 2.382468036s ago: executing program 1 (id=7124): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810002, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0xa, 0x80000, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe1, 0xeb1, 0x40000000000a5, 0x8000) setrlimit$auto(0x1000000007, 0x0) open_tree$auto(0xffffffffffffffff, 0x0, 0x1001) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x7ff, 0x4) pidfd_open$auto(0x1, 0x0) setsockopt$auto(0x5, 0x104000000000010e, 0x1, 0x0, 0x16) 2.339940988s ago: executing program 6 (id=7125): r0 = socket(0x25, 0x1, 0x0) r1 = socket(0x10, 0x2, 0xc) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r2, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001380)={0x14, r3, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40b4ff742f26f502}, 0x20000812) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xce, 0xf, 0x9, 0x3bb4155d, 0xff, 0x3) socket(0xa, 0x2, 0x88) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) io_submit$auto(0x1, 0x80, &(0x7f0000000640)=&(0x7f0000000600)={0x6, 0xfffffff7, 0xda, 0xbd, 0xa1b, r1, 0x8000000000000001, 0x0, 0x6, 0x0, 0xab27, r1}) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(r0, 0x0, 0x8000, 0x7000000) (fail_nth: 2) setrlimit$auto(0x9, 0x0) 2.2409595s ago: executing program 0 (id=7126): mmap$auto(0x2000000, 0x400008, 0xdf, 0x9b72, 0x100000000002, 0x8000) mmap$auto(0x9, 0x20009, 0x4000000000df, 0xffffffffffff5b5a, 0xffffffffffffffff, 0x8d0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = getpgid(0x0) rt_tgsigqueueinfo$auto(r0, r0, 0x8, &(0x7f0000000100)={@_si_pad}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x14) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) creat$auto(&(0x7f0000001680)='./file0\x00', 0xffff) open_tree$auto(r1, &(0x7f0000000180)='./file0\x00', 0x0) socket(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0xff80000000000000, 0x406, 0x1) r2 = socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f00000001c0)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}}, 0x7, 0x0) ppoll$auto(&(0x7f0000000380)={r4, 0x0, 0xfffc}, 0x2, 0x0, 0x0, 0x8) r5 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r5, @new_prog_fd=r3, 0x4, @old_prog_fd=r2}, 0xa3) mprotect$auto(0x1ffff000, 0x8000000000002001, 0x4) 1.834742834s ago: executing program 1 (id=7127): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x15) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = timerfd_create$auto(0x0, 0x0) eventfd$auto(0xfffffffb) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) syz_open_procfs$namespace(0x0, &(0x7f0000002700)='ns/net\x00') sysfs$auto(0x2, 0x4, 0x6) timerfd_settime$auto(0xffffffffffffffff, 0x3, 0x0, 0x0) sysfs$auto(0x2, 0x4, 0x4) mmap$auto(0xf, 0x7e, 0xd3bc, 0x13, r1, 0x34f7) mincore$auto(0x1000, 0x8001, 0x0) io_uring_setup$auto(0x2, 0x0) io_uring_enter$auto(r0, 0x1, 0xcd00, 0x7, 0x0, 0xffffffffffffffff) 1.779672433s ago: executing program 1 (id=7128): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x4000008000) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = socket(0x2, 0x1, 0x106) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) setsockopt$auto(r1, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) getpeername$auto(0x3, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mtdblock0\x00', 0x10d041, 0x0) r3 = openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r4 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) ioctl$auto_TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)=0x4) read$auto_ptdump_curknl_fops_(r3, &(0x7f0000000040)=""/115, 0x73) write$auto(r2, 0x0, 0xfffffffc) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) 1.342521149s ago: executing program 6 (id=7129): r0 = socket(0x25, 0x1, 0x0) r1 = socket(0x10, 0x2, 0xc) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r2, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001380)={0x14, r3, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40b4ff742f26f502}, 0x20000812) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xce, 0xf, 0x9, 0x3bb4155d, 0xff, 0x3) socket(0xa, 0x2, 0x88) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) io_submit$auto(0x1, 0x80, &(0x7f0000000640)=&(0x7f0000000600)={0x6, 0xfffffff7, 0xda, 0xbd, 0xa1b, r1, 0x8000000000000001, 0x0, 0x6, 0x0, 0xab27, r1}) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(r0, 0x0, 0x8000, 0x7000000) setrlimit$auto(0x9, 0x0) 1.325259011s ago: executing program 5 (id=7130): socket(0x10, 0x800, 0x5) 1.287789882s ago: executing program 0 (id=7131): r0 = socket(0x25, 0x1, 0x0) r1 = socket(0x10, 0x2, 0xc) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r2, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001380)={0x14, r3, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40b4ff742f26f502}, 0x20000812) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xce, 0xf, 0x9, 0x3bb4155d, 0xff, 0x3) socket(0xa, 0x2, 0x5) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) io_submit$auto(0x1, 0x80, &(0x7f0000000640)=&(0x7f0000000600)={0x6, 0xfffffff7, 0xda, 0xbd, 0xa1b, r1, 0x8000000000000001, 0x0, 0x6, 0x0, 0xab27, r1}) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(r0, 0x0, 0x8000, 0x7000000) setrlimit$auto(0x9, 0x0) 1.158471805s ago: executing program 5 (id=7132): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x15) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) eventfd$auto(0xfffffffb) sysfs$auto(0x2, 0x4, 0x4) mincore$auto(0x1000, 0x8001, 0x0) io_uring_setup$auto(0x2, 0x0) io_uring_enter$auto(r0, 0x1, 0xcd3f, 0x7, 0x0, 0xffffffffffffffff) 1.040483481s ago: executing program 5 (id=7133): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) io_uring_setup$auto(0x4a, 0x0) open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xc008ae09, 0x0) io_uring_setup$auto(0x9, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setrlimit$auto(0x1000000007, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mlockall$auto(0x7) madvise$auto(0x0, 0x7, 0xfffffffa) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000780)='/proc/slabinfo\x00', 0x100, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) connect$auto(0x3, &(0x7f0000000140), 0x59) 767.155899ms ago: executing program 5 (id=7134): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0xfffffffffffffeff, &(0x7f0000000000)={0x0, 0x2cb8}, 0x1, 0x0, 0x0, 0x401c054}, 0x2404c084) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0xfffffffffffffffc, 0x400008, 0x1000000000df, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) bind$auto(0x3, 0xfffffffffffffffd, 0x0) write$auto(0x3, 0x0, 0x1) socket(0x10, 0x2, 0x0) close_range$auto(0xffffffffffffffff, 0x8000, 0x0) socket(0x26, 0x1, 0x106) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000840), 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000001c40)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fcdbdf251200140008000600020000000c00018008000100", @ANYRES32, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x0) openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x19ba81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x6, 0x0) 644.726287ms ago: executing program 5 (id=7135): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810002, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0xa, 0x80000, 0x3a) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_DELPDP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@GTPA_VERSION={0x8, 0x2, 0x9}, @GTPA_LINK={0x8, 0x1, 0x80}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000894) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) prctl$auto(0xf, 0x2, 0x7, 0x2, 0x1) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/nullb/features\x00', 0x40283, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/libceph/parameters/supported_features\x00', 0x181a00, 0x0) read$auto(r2, 0x0, 0x20) poll$auto(&(0x7f0000000280)={0xffffffffffffffff, 0x8, 0x27}, 0x400, 0x95) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ioam6(0x0, r3) sysfs$auto(0x58, 0xe, 0xe934) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r4, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0xe1, 0xeb1, 0x40000000000a5, 0x8000) setrlimit$auto(0x1000000007, 0x0) open_tree$auto(0xffffffffffffffff, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 429.509964ms ago: executing program 6 (id=7136): mmap$auto(0x0, 0x70, 0x4000000000df, 0xeb1, 0x401, 0x8001) r0 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x84) openat$auto_fops_init_pkru_pkeys(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000080)={0x0, 0xfff}, 0x4800000001, &(0x7f0000000040)={&(0x7f0000000000), 0x200000004}, 0x59, 0x0) setsockopt$auto(0x3, 0x10000000084, 0xb, 0x0, 0x8) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r2 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000006700), 0x181c00, 0x0) ioctl$auto_RNDADDTOENTCNT2(r2, 0x40045201, &(0x7f0000006740)=0xe) r3 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r3, &(0x7f0000000000)='\x00', 0xfcf) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r4) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/tlb_dynamic_lb\x00', 0x2400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000440)=""/209, 0xd1) sendmsg$auto_TASKSTATS_CMD_GET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010a2bbd7000fbdbdf25010000060e00e8ff4d2d4e4b5354415453000000ee439c61418624090f4ad85137fa8e66f1bde89d6f239c11bd651ed7e9024a7f52e016b2b58ec913a58ba3c4035ca67d4fb55be724308b92961896930498e13a775335ccce33717e54ad64e03a8d3a426a5b2b9d6867745dc8debc3512608c9717d136dcced8e4e1a8afa956521382bd3d89bae37a1043c39713a30a3f475b45c603e8a8b521f1dd0daded638b8f4d19d003ff3f5a92"], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) sendmsg$auto_NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000002440)={0x1c, r5, 0x4bcedae9142a5f4d, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_MLO_LINKS={0x8, 0x138, 0x0, 0x1, [{0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004001}, 0x800) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioprio_get$auto(0x3, 0x9) 298.832056ms ago: executing program 0 (id=7137): mmap$auto(0x9, 0x2020009, 0x3, 0x100000012, 0xfffffffffffffffa, 0x800) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = memfd_create$auto(0x0, 0xe) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[], 0x34}}, 0x4000080) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/loop4/size\x00', 0x80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/17, 0x11) socket(0x1f, 0x1, 0x106) connect$auto(0x3, &(0x7f00000000c0), 0x55) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/usb/usbmon/27t\x00', 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x40008000) open(0x0, 0x149443, 0x1) bpf$auto(0xf9b6, 0x0, 0x5) fsetxattr$auto(r0, &(0x7f00000001c0)='ovs_datapath\x00', &(0x7f0000000200)="66bc1c5ba7d7aba075a5973b06ecc70da0a7ae7191fa2db85a4d6267cefdc98767a131256ee66df247ab713d53d5663525ae8bede1c16eb1372fa2869de4db6bfa622692e741d74e9501262aefb6a375082a73200bfac799da82fc", 0x7, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x4225f231, 0x1, 0xc, 0x14, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fuse\x00', 0x400902, 0x0) ioctl$auto_FUSE_DEV_IOC_CLONE(r3, 0x8004e500, 0x0) write$auto(0x3, 0x0, 0xfdf3) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x80, 0x0) shutdown$auto(0xffffffffffffffff, 0x2) mmap$auto(0x100000000, 0x7, 0xd0a8, 0x1e, 0xffffffffffffffff, 0x9) madvise$auto(0xffffffffffffffff, 0xffffffff7fffffff, 0x40000019) 140.13055ms ago: executing program 0 (id=7138): r0 = socket(0xa, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000040), 0xb8, 0x0, 0x0, 0x0, 0xffffff7f00000000, 0x2001000}, 0x9}, 0x1, 0x8008) 98.649742ms ago: executing program 6 (id=7139): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x604c837}, 0x4010) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101000, 0x0) socket(0x1d, 0x3, 0x1) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x1, 0x9, 0x93d, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x401c, 0x5, 0x2, 0x7, 0xb0, 0x7, 0x2, 0x3, 0x8, 0x7, 0x0, 0x6, 0x0, 0x0, 0x1fffffff, 0x0, [0x0, 0x8000000, 0x0, 0x7, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0x81) socket(0x1d, 0x3, 0x1) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40400c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)="f5926efb02ca11d742218538645cd364c8b39c9ca1af149652c8d28c305879e66b3824814230bd58643e440947326479014896514622cccd294a5e33ec42d47fa1ac73837d6da69d0aaece6fc5c17a41bbbb8abc1893ac97cd305a6eab8a24d8aa0d9393640b6677a4f5843f815f8fed10c2cd999dcdcd9814ef01ae82b6f8dacffdbece368dd587a0a8452cfaa3a241c84ac05c3c4de9aaa60c93f6aec52bea6721c3b23ba2823464e8a3", 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_dfs_dom_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x1e, 0x1, 0x0) getsockname$auto(r2, &(0x7f0000000000), 0x0) 0s ago: executing program 0 (id=7140): mmap$auto(0x0, 0xe, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x0) r0 = openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000c80)='/sys/kernel/debug/dri/vkms/Virtual-1/vrr_range\x00', 0xc0400, 0x0) read$auto_vrr_range_fops_(r0, &(0x7f0000000cc0)=""/208, 0xd0) socket(0xa, 0x801, 0x84) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) socket(0x2, 0x6, 0x0) setsockopt$auto(0x3, 0x10d, 0x7, 0xffffffffffffffff, 0x3) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r1, 0x400, 0x1) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x2000, 0x40) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2c, 0x2, 0x100073) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/ipc\x00') socket(0x2, 0x5, 0x0) socket(0x11, 0x80003, 0x2) open(&(0x7f0000000800)='./file0\x00', 0x424240, 0x11d) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1182.417776][T27266] RSP: 002b:00007f98961f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1182.426225][T27266] RAX: ffffffffffffffda RBX: 00007f9898575fa0 RCX: 00007f9898385d29 [ 1182.434243][T27266] RDX: 000000000000002d RSI: 0000000000008000 RDI: 2000000000000017 [ 1182.442239][T27266] RBP: 00007f98961f6090 R08: 0000000000020803 R09: 0000000000000000 [ 1182.450235][T27266] R10: 00000000000000c4 R11: 0000000000000246 R12: 0000000000000001 [ 1182.458232][T27266] R13: 0000000000000000 R14: 00007f9898575fa0 R15: 00007ffe6d351448 [ 1182.466238][T27266] [ 1182.475536][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1182.482749][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1182.554148][T27264] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5858'. [ 1182.602509][T27264] ip6tnl0: entered promiscuous mode [ 1184.416302][T27292] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5862'. [ 1184.438365][T27300] could not allocate digest TFM handle [ 1185.490108][T27319] vivid-013: ================= START STATUS ================= [ 1185.498147][T27319] vivid-013: Generate PTS: true [ 1185.559304][T27319] vivid-013: Generate SCR: true [ 1185.583714][T27319] tpg source WxH: 640x360 (Y'CbCr) [ 1185.629258][T27319] tpg field: 1 [ 1185.659447][T27319] tpg crop: 640x360@0x0 [ 1185.692587][T27319] tpg compose: 640x360@0x0 [ 1185.714511][T27319] tpg colorspace: 8 [ 1185.718405][T27319] tpg transfer function: 0/0 [ 1185.791609][T27319] tpg Y'CbCr encoding: 0/0 [ 1185.826651][T27319] tpg quantization: 0/0 [ 1185.889334][T27319] tpg RGB range: 0/2 [ 1185.919352][T27319] vivid-013: ================== END STATUS ================== [ 1186.346461][T27314] Process accounting resumed [ 1187.187397][T27348] vivid-013: ================= START STATUS ================= [ 1187.219676][T27348] vivid-013: Generate PTS: true [ 1187.230505][T27348] vivid-013: Generate SCR: true [ 1187.246333][T27348] tpg source WxH: 640x360 (Y'CbCr) [ 1187.278817][T27350] FAULT_INJECTION: forcing a failure. [ 1187.278817][T27350] name failslab, interval 1, probability 0, space 0, times 0 [ 1187.304698][T27348] tpg field: 1 [ 1187.308143][T27348] tpg crop: 640x360@0x0 [ 1187.328080][T27348] tpg compose: 640x360@0x0 [ 1187.346570][T27350] CPU: 1 UID: 0 PID: 27350 Comm: syz.5.5875 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1187.357420][T27350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1187.367526][T27350] Call Trace: [ 1187.370845][T27350] [ 1187.373819][T27350] dump_stack_lvl+0x16c/0x1f0 [ 1187.378562][T27350] should_fail_ex+0x497/0x5b0 [ 1187.383295][T27350] ? fs_reclaim_acquire+0xae/0x150 [ 1187.388457][T27350] should_failslab+0xc2/0x120 [ 1187.393194][T27350] __kmalloc_noprof+0xce/0x4f0 [ 1187.398021][T27350] ? d_absolute_path+0x137/0x1b0 [ 1187.403028][T27350] ? tomoyo_encode2+0x100/0x3e0 [ 1187.407943][T27350] tomoyo_encode2+0x100/0x3e0 [ 1187.412683][T27350] tomoyo_realpath_from_path+0x1a7/0x710 [ 1187.418379][T27350] tomoyo_path_number_perm+0x248/0x5b0 [ 1187.423906][T27350] ? tomoyo_path_number_perm+0x235/0x5b0 [ 1187.429606][T27350] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1187.435664][T27350] ? rcu_is_watching+0x12/0xc0 [ 1187.440496][T27350] ? preempt_count_add+0x76/0x150 [ 1187.445599][T27350] ? __pfx_lock_release+0x10/0x10 [ 1187.450675][T27350] ? trace_lock_acquire+0x14e/0x1f0 [ 1187.455935][T27350] ? __fget_files+0x40/0x3a0 [ 1187.460597][T27350] ? lock_acquire+0x2f/0xb0 [ 1187.465151][T27350] ? __fget_files+0x40/0x3a0 [ 1187.469806][T27350] ? __fget_files+0x206/0x3a0 [ 1187.474559][T27350] security_file_ioctl+0x9b/0x240 [ 1187.479666][T27350] __x64_sys_ioctl+0xb7/0x200 [ 1187.484390][T27350] do_syscall_64+0xcd/0x250 [ 1187.488953][T27350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1187.494913][T27350] RIP: 0033:0x7f7ff9385d29 [ 1187.499380][T27350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1187.519049][T27350] RSP: 002b:00007f7ff71d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1187.527531][T27350] RAX: ffffffffffffffda RBX: 00007f7ff9576080 RCX: 00007f7ff9385d29 [ 1187.535566][T27350] RDX: 0000000000000003 RSI: 0000000000000081 RDI: 0000000000000003 [ 1187.543592][T27350] RBP: 00007f7ff71d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1187.551614][T27350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1187.559634][T27350] R13: 0000000000000001 R14: 00007f7ff9576080 R15: 00007fffc008fa28 [ 1187.567672][T27350] [ 1187.629519][T27348] tpg colorspace: 8 [ 1187.633397][T27348] tpg transfer function: 0/0 [ 1187.663869][T27348] tpg Y'CbCr encoding: 0/0 [ 1187.729886][T27348] tpg quantization: 0/0 [ 1187.734125][T27348] tpg RGB range: 0/2 [ 1187.809440][T27348] vivid-013: ================== END STATUS ================== [ 1187.848225][T27350] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1194.526566][T27417] FAULT_INJECTION: forcing a failure. [ 1194.526566][T27417] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1194.577272][T27417] CPU: 0 UID: 0 PID: 27417 Comm: syz.0.5888 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1194.588137][T27417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1194.598241][T27417] Call Trace: [ 1194.601554][T27417] [ 1194.604524][T27417] dump_stack_lvl+0x16c/0x1f0 [ 1194.609265][T27417] should_fail_ex+0x497/0x5b0 [ 1194.614013][T27417] _copy_to_user+0x32/0xd0 [ 1194.618496][T27417] simple_read_from_buffer+0xd0/0x160 [ 1194.623931][T27417] proc_fail_nth_read+0x198/0x270 [ 1194.629028][T27417] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1194.634646][T27417] ? bpf_lsm_file_permission+0x9/0x10 [ 1194.640077][T27417] ? security_file_permission+0x71/0x210 [ 1194.645770][T27417] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1194.651390][T27417] vfs_read+0x1df/0xbe0 [ 1194.655606][T27417] ? __fget_files+0x1fc/0x3a0 [ 1194.660347][T27417] ? __pfx___mutex_lock+0x10/0x10 [ 1194.665438][T27417] ? __pfx_vfs_read+0x10/0x10 [ 1194.670181][T27417] ? __fget_files+0x206/0x3a0 [ 1194.674924][T27417] ksys_read+0x12b/0x250 [ 1194.679224][T27417] ? __pfx_ksys_read+0x10/0x10 [ 1194.684043][T27417] ? rcu_is_watching+0x12/0xc0 [ 1194.688872][T27417] ? rcu_is_watching+0x12/0xc0 [ 1194.693725][T27417] do_syscall_64+0xcd/0x250 [ 1194.698292][T27417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1194.704252][T27417] RIP: 0033:0x7f238ad8473c [ 1194.708718][T27417] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1194.728386][T27417] RSP: 002b:00007f2388bf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1194.736860][T27417] RAX: ffffffffffffffda RBX: 00007f238af76080 RCX: 00007f238ad8473c [ 1194.744882][T27417] RDX: 000000000000000f RSI: 00007f2388bf60a0 RDI: 0000000000000005 [ 1194.752913][T27417] RBP: 00007f2388bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1194.760941][T27417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1194.768967][T27417] R13: 0000000000000000 R14: 00007f238af76080 R15: 00007ffec922cd98 [ 1194.776998][T27417] [ 1194.780102][ C0] vkms_vblank_simulate: vblank timer overrun [ 1210.033339][T27546] FAULT_INJECTION: forcing a failure. [ 1210.033339][T27546] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1210.064912][T27546] CPU: 0 UID: 0 PID: 27546 Comm: syz.2.5922 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1210.075776][T27546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1210.085883][T27546] Call Trace: [ 1210.089193][T27546] [ 1210.092155][T27546] dump_stack_lvl+0x16c/0x1f0 [ 1210.096886][T27546] should_fail_ex+0x497/0x5b0 [ 1210.101612][T27546] _copy_from_user+0x2e/0xd0 [ 1210.106260][T27546] copy_msghdr_from_user+0x99/0x160 [ 1210.111614][T27546] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1210.117488][T27546] ? rcu_is_watching+0x12/0xc0 [ 1210.122306][T27546] ? lock_release+0x4e2/0x6f0 [ 1210.127067][T27546] ? get_pid_task+0xfc/0x250 [ 1210.131719][T27546] ___sys_sendmsg+0xff/0x1e0 [ 1210.136380][T27546] ? get_pid_task+0x35/0x250 [ 1210.141048][T27546] ? __pfx____sys_sendmsg+0x10/0x10 [ 1210.146312][T27546] ? lock_release+0x4e2/0x6f0 [ 1210.151046][T27546] ? __pfx_lock_release+0x10/0x10 [ 1210.156124][T27546] ? trace_lock_acquire+0x14e/0x1f0 [ 1210.161392][T27546] ? __fget_files+0x206/0x3a0 [ 1210.166124][T27546] __sys_sendmsg+0x16e/0x220 [ 1210.170951][T27546] ? __pfx___sys_sendmsg+0x10/0x10 [ 1210.176134][T27546] ? rcu_is_watching+0x12/0xc0 [ 1210.180952][T27546] ? rcu_is_watching+0x12/0xc0 [ 1210.185769][T27546] do_syscall_64+0xcd/0x250 [ 1210.190340][T27546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1210.196288][T27546] RIP: 0033:0x7f5efd385d29 [ 1210.200743][T27546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1210.220404][T27546] RSP: 002b:00007f5efe243038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1210.228882][T27546] RAX: ffffffffffffffda RBX: 00007f5efd575fa0 RCX: 00007f5efd385d29 [ 1210.236893][T27546] RDX: 0000000020004814 RSI: 0000000020000100 RDI: 0000000000000003 [ 1210.244909][T27546] RBP: 00007f5efe243090 R08: 0000000000000000 R09: 0000000000000000 [ 1210.252923][T27546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1210.260933][T27546] R13: 0000000000000000 R14: 00007f5efd575fa0 R15: 00007ffe5e337e48 [ 1210.268958][T27546] [ 1216.978739][T27654] Process accounting paused [ 1230.320273][T27761] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5978'. [ 1230.337695][T27761] ip6tnl0: entered promiscuous mode [ 1233.601033][T27810] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5996'. [ 1233.615897][T27810] ip6tnl0: entered promiscuous mode [ 1241.884331][T27899] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6016'. [ 1243.813201][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1243.822817][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1245.122295][T27943] bond0: option mode: unable to set because the bond device is up [ 1246.529771][T27949] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6030'. [ 1246.561397][T27949] ip6tnl0: entered promiscuous mode [ 1247.256741][T27959] Process accounting resumed [ 1248.602500][T27987] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6040'. [ 1250.095533][T28012] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6045'. [ 1250.134485][T28012] ip6tnl0: entered promiscuous mode [ 1252.396331][T28054] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6066'. [ 1252.544601][T28054] ip6tnl0: entered promiscuous mode [ 1255.605611][T28120] netlink: 'syz.0.6075': attribute type 11 has an invalid length. [ 1255.667663][T28121] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6072'. [ 1259.013673][T28159] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6089'. [ 1259.133493][T28159] ip6tnl0: entered promiscuous mode [ 1260.970960][T28193] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6100'. [ 1261.001361][T28193] ip6tnl0: entered promiscuous mode [ 1261.110216][T28204] vhci_hcd: default hub control req: 0600 v0000 i0000 l0 [ 1261.240899][T28204] Invalid ELF header magic: != ELF [ 1264.469949][T28254] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6117'. [ 1264.650883][T28260] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6118'. [ 1265.219890][T28269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6123'. [ 1266.324042][T28284] vhci_hcd: default hub control req: 0600 v0000 i0000 l0 [ 1266.513318][T28284] Invalid ELF header magic: != ELF [ 1268.960364][T28323] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6136'. [ 1269.815120][T28337] vhci_hcd: default hub control req: 0600 v0000 i0000 l0 [ 1269.975636][T28337] Invalid ELF header magic: != ELF [ 1270.183769][T28342] Failed to create region snapshot [ 1270.207606][T28342] Failed to create region snapshot [ 1270.213378][T28342] Failed to create region snapshot [ 1270.249437][T28342] Failed to create region snapshot [ 1270.255218][T28342] Failed to create region snapshot [ 1270.309414][T28342] Failed to create region snapshot [ 1270.315184][T28342] Failed to create region snapshot [ 1270.327696][T28342] Failed to create region snapshot [ 1270.335879][T28342] Failed to create region snapshot [ 1270.349196][T28342] Failed to create region snapshot [ 1270.362003][T28342] Failed to create region snapshot [ 1270.374361][T28342] Failed to create region snapshot [ 1270.385828][T28342] Failed to create region snapshot [ 1270.398360][T28342] Failed to create region snapshot [ 1270.410251][T28342] Failed to create region snapshot [ 1270.420411][T28342] Failed to create region snapshot [ 1270.430535][T28342] Failed to create region snapshot [ 1271.131356][T28365] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6148'. [ 1271.440999][T28371] vhci_hcd: default hub control req: 0600 v0000 i0000 l0 [ 1271.531659][T28371] Invalid ELF header magic: != ELF [ 1274.979425][T28413] FAULT_INJECTION: forcing a failure. [ 1274.979425][T28413] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1275.040079][T28413] CPU: 0 UID: 0 PID: 28413 Comm: syz.0.6164 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1275.050934][T28413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1275.061028][T28413] Call Trace: [ 1275.064340][T28413] [ 1275.067302][T28413] dump_stack_lvl+0x16c/0x1f0 [ 1275.072036][T28413] should_fail_ex+0x497/0x5b0 [ 1275.076768][T28413] _copy_from_user+0x2e/0xd0 [ 1275.081417][T28413] copy_msghdr_from_user+0x99/0x160 [ 1275.086679][T28413] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1275.092569][T28413] ? rcu_is_watching+0x12/0xc0 [ 1275.097396][T28413] ? lock_release+0x4e2/0x6f0 [ 1275.102118][T28413] ? get_pid_task+0xfc/0x250 [ 1275.106769][T28413] ___sys_sendmsg+0xff/0x1e0 [ 1275.111420][T28413] ? get_pid_task+0x35/0x250 [ 1275.116080][T28413] ? __pfx____sys_sendmsg+0x10/0x10 [ 1275.121339][T28413] ? lock_release+0x4e2/0x6f0 [ 1275.126067][T28413] ? __pfx_lock_release+0x10/0x10 [ 1275.131134][T28413] ? trace_lock_acquire+0x14e/0x1f0 [ 1275.136396][T28413] ? __fget_files+0x206/0x3a0 [ 1275.141134][T28413] __sys_sendmsg+0x16e/0x220 [ 1275.145782][T28413] ? __pfx___sys_sendmsg+0x10/0x10 [ 1275.150963][T28413] ? rcu_is_watching+0x12/0xc0 [ 1275.155779][T28413] ? rcu_is_watching+0x12/0xc0 [ 1275.160596][T28413] do_syscall_64+0xcd/0x250 [ 1275.165159][T28413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1275.171108][T28413] RIP: 0033:0x7f238ad85d29 [ 1275.175562][T28413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1275.195220][T28413] RSP: 002b:00007f238bad7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1275.203680][T28413] RAX: ffffffffffffffda RBX: 00007f238af75fa0 RCX: 00007f238ad85d29 [ 1275.211694][T28413] RDX: 0000000000000c50 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1275.219708][T28413] RBP: 00007f238bad7090 R08: 0000000000000000 R09: 0000000000000000 [ 1275.227714][T28413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1275.235720][T28413] R13: 0000000000000000 R14: 00007f238af75fa0 R15: 00007ffec922cd98 [ 1275.243739][T28413] [ 1275.485651][T28417] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6162'. [ 1276.408564][T28432] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6172'. [ 1278.456488][T28402] Process accounting paused [ 1279.455633][T28458] FAULT_INJECTION: forcing a failure. [ 1279.455633][T28458] name failslab, interval 1, probability 0, space 0, times 0 [ 1279.493239][T28458] CPU: 1 UID: 0 PID: 28458 Comm: syz.2.6181 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1279.504190][T28458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1279.514393][T28458] Call Trace: [ 1279.517716][T28458] [ 1279.520684][T28458] dump_stack_lvl+0x16c/0x1f0 [ 1279.525420][T28458] should_fail_ex+0x497/0x5b0 [ 1279.530155][T28458] ? fs_reclaim_acquire+0xae/0x150 [ 1279.535321][T28458] should_failslab+0xc2/0x120 [ 1279.540070][T28458] __kmalloc_node_noprof+0xd1/0x520 [ 1279.545329][T28458] ? lock_release+0x4e2/0x6f0 [ 1279.550055][T28458] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 1279.555582][T28458] ? __pfx_lock_release+0x10/0x10 [ 1279.560655][T28458] __kvmalloc_node_noprof+0xad/0x1a0 [ 1279.566003][T28458] seq_read_iter+0x82a/0x12b0 [ 1279.570755][T28458] seq_read+0x39f/0x4e0 [ 1279.574966][T28458] ? __pfx_seq_read+0x10/0x10 [ 1279.579695][T28458] ? __pfx_lock_release+0x10/0x10 [ 1279.584772][T28458] ? lock_acquire+0x2f/0xb0 [ 1279.589330][T28458] ? apparmor_file_permission+0x251/0x400 [ 1279.595115][T28458] full_proxy_read+0xfb/0x1b0 [ 1279.599854][T28458] ? __pfx_full_proxy_read+0x10/0x10 [ 1279.605200][T28458] vfs_read+0x1df/0xbe0 [ 1279.609414][T28458] ? __fget_files+0x1fc/0x3a0 [ 1279.614151][T28458] ? __pfx___mutex_lock+0x10/0x10 [ 1279.619239][T28458] ? __pfx_vfs_read+0x10/0x10 [ 1279.623982][T28458] ? __fget_files+0x206/0x3a0 [ 1279.628725][T28458] ksys_read+0x12b/0x250 [ 1279.633023][T28458] ? __pfx_ksys_read+0x10/0x10 [ 1279.637836][T28458] ? rcu_is_watching+0x12/0xc0 [ 1279.642653][T28458] ? rcu_is_watching+0x12/0xc0 [ 1279.647476][T28458] do_syscall_64+0xcd/0x250 [ 1279.652049][T28458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1279.657997][T28458] RIP: 0033:0x7f5efd385d29 [ 1279.662447][T28458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1279.682136][T28458] RSP: 002b:00007f5efe243038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1279.690613][T28458] RAX: ffffffffffffffda RBX: 00007f5efd575fa0 RCX: 00007f5efd385d29 [ 1279.698642][T28458] RDX: 0000000000000073 RSI: 0000000020000040 RDI: 0000000000000008 [ 1279.706665][T28458] RBP: 00007f5efe243090 R08: 0000000000000000 R09: 0000000000000000 [ 1279.714690][T28458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1279.722707][T28458] R13: 0000000000000000 R14: 00007f5efd575fa0 R15: 00007ffe5e337e48 [ 1279.730733][T28458] [ 1281.198596][ T29] audit: type=1806 audit(8277293213.630:16): xattr="." res=0 [ 1282.363722][T28481] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6180'. [ 1287.904437][T28510] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6195'. [ 1287.978202][T28510] ip6tnl0: entered promiscuous mode [ 1289.196849][T28519] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6197'. [ 1292.358845][T28541] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6206'. [ 1292.419569][T28541] ip6tnl0: entered promiscuous mode [ 1295.385226][T28593] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6218'. [ 1295.615630][T28596] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6219'. [ 1298.569747][T28630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6229'. [ 1300.429074][T28665] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6241'. [ 1305.223262][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1305.229812][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1305.655771][T28692] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6250'. [ 1305.759135][T28693] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6250'. [ 1307.374755][T28701] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6253'. [ 1308.749854][T28710] Process accounting resumed [ 1308.895968][T28722] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6261'. [ 1309.047711][T28716] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.6259'. [ 1313.680374][T28755] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 1315.404385][T28751] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6268'. [ 1315.449861][T28751] ip6tnl0: entered promiscuous mode [ 1316.616046][T28787] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6280'. [ 1316.730771][T28787] bridge0: port 2(bridge_slave_1) entered disabled state [ 1316.817117][T28787] bridge_slave_1 (unregistering): left allmulticast mode [ 1316.855607][T28787] bridge_slave_1 (unregistering): left promiscuous mode [ 1316.862783][T28787] bridge0: port 2(bridge_slave_1) entered disabled state [ 1317.494638][T28795] netlink: 11 bytes leftover after parsing attributes in process `syz.2.6283'. [ 1317.585998][T28796] netlink: zone id is out of range [ 1317.591194][T28796] netlink: zone id is out of range [ 1317.623297][T28796] netlink: zone id is out of range [ 1319.163973][T28821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6291'. [ 1320.105777][T28829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6293'. [ 1320.532977][T28823] Falling back ldisc for ptm0. [ 1321.312393][T28829] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1321.478150][T28829] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1326.030632][T28871] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6303'. [ 1332.628403][T28922] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6314'. [ 1334.076203][T28940] FAULT_INJECTION: forcing a failure. [ 1334.076203][T28940] name failslab, interval 1, probability 0, space 0, times 0 [ 1334.274854][T28940] CPU: 0 UID: 0 PID: 28940 Comm: syz.1.6320 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1334.285724][T28940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1334.295827][T28940] Call Trace: [ 1334.299147][T28940] [ 1334.302118][T28940] dump_stack_lvl+0x16c/0x1f0 [ 1334.306864][T28940] should_fail_ex+0x497/0x5b0 [ 1334.311648][T28940] ? fs_reclaim_acquire+0xae/0x150 [ 1334.316822][T28940] should_failslab+0xc2/0x120 [ 1334.321565][T28940] __kmalloc_node_noprof+0xd1/0x520 [ 1334.326845][T28940] ? __pfx_lock_release+0x10/0x10 [ 1334.332100][T28940] ? load_msg+0x43/0x470 [ 1334.336402][T28940] load_msg+0x43/0x470 [ 1334.340523][T28940] ? 0xffffffff81000000 [ 1334.344727][T28940] do_msgrcv+0x20f/0x1690 [ 1334.349118][T28940] ? __pfx_do_msg_fill+0x10/0x10 [ 1334.354113][T28940] ? 0xffffffff81000000 [ 1334.358307][T28940] ? __fget_files+0x206/0x3a0 [ 1334.363070][T28940] ? __pfx_do_msgrcv+0x10/0x10 [ 1334.367900][T28940] ? fput+0x67/0x440 [ 1334.371858][T28940] ? ksys_write+0x1ba/0x250 [ 1334.376413][T28940] ? __pfx_ksys_write+0x10/0x10 [ 1334.381326][T28940] ? rcu_is_watching+0x12/0xc0 [ 1334.386166][T28940] ? do_syscall_64+0xcd/0x250 [ 1334.390906][T28940] do_syscall_64+0xcd/0x250 [ 1334.395475][T28940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1334.401430][T28940] RIP: 0033:0x7f9898385d29 [ 1334.405905][T28940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1334.425569][T28940] RSP: 002b:00007f98961f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000046 [ 1334.434040][T28940] RAX: ffffffffffffffda RBX: 00007f9898575fa0 RCX: 00007f9898385d29 [ 1334.442062][T28940] RDX: 0200000000000000 RSI: ffffffff81000000 RDI: 0000000000000000 [ 1334.450086][T28940] RBP: 00007f98961f6090 R08: 000000000000df66 R09: 0000000000000000 [ 1334.458108][T28940] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 [ 1334.466128][T28940] R13: 0000000000000001 R14: 00007f9898575fa0 R15: 00007ffe6d351448 [ 1334.474157][T28940] ? 0xffffffff81000000 [ 1334.478386][T28940] [ 1336.360644][T28982] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6329'. [ 1338.160197][T29004] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6336'. [ 1338.296888][T29004] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1338.396518][T29004] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1338.470217][T29004] bond0 (unregistering): Released all slaves [ 1338.936123][T29011] Process accounting paused [ 1340.242408][T29028] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6342'. [ 1344.002368][T28549] syz.5.6207 (28549) used greatest stack depth: 18960 bytes left [ 1345.512218][T29085] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6356'. [ 1345.549431][T29085] ip6tnl0: entered promiscuous mode [ 1346.607509][T29111] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 1347.282314][T29132] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6369'. [ 1347.919040][T28555] syz.5.6208 (28555) used greatest stack depth: 18784 bytes left [ 1349.967679][T29177] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6382'. [ 1353.378779][T29227] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6398'. [ 1353.585250][T29227] geneve1: entered allmulticast mode [ 1353.676185][T29236] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6399'. [ 1353.839702][T29243] ptrace attach of "./syz-executor exec"[21930] was attempted by "./syz-executor exec"[29243] [ 1354.055203][T29245] ptrace attach of "./syz-executor exec"[21018] was attempted by "./syz-executor exec"[29245] [ 1355.008129][T29270] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6412'. [ 1355.438440][T29277] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6414'. [ 1357.140975][T29271] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1357.309000][T29289] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6417'. [ 1357.333763][T29289] ip6tnl0: entered promiscuous mode [ 1357.610735][T29298] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6420'. [ 1358.300252][T29317] netlink: 'syz.1.6426': attribute type 5 has an invalid length. [ 1358.313179][T29317] netlink: 314 bytes leftover after parsing attributes in process `syz.1.6426'. [ 1358.353097][T29315] netlink: 'syz.1.6426': attribute type 5 has an invalid length. [ 1358.360901][T29315] netlink: 314 bytes leftover after parsing attributes in process `syz.1.6426'. [ 1360.189864][T29333] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6431'. [ 1360.302539][T29333] ip6tnl0: entered promiscuous mode [ 1360.771272][T29353] could not allocate digest TFM handle binfmt_misc [ 1361.860474][T29370] FAULT_INJECTION: forcing a failure. [ 1361.860474][T29370] name failslab, interval 1, probability 0, space 0, times 0 [ 1361.911095][T29370] CPU: 1 UID: 0 PID: 29370 Comm: syz.1.6439 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1361.921950][T29370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1361.932037][T29370] Call Trace: [ 1361.935329][T29370] [ 1361.938276][T29370] dump_stack_lvl+0x16c/0x1f0 [ 1361.942993][T29370] should_fail_ex+0x497/0x5b0 [ 1361.947703][T29370] ? fs_reclaim_acquire+0xae/0x150 [ 1361.952845][T29370] should_failslab+0xc2/0x120 [ 1361.957564][T29370] __kmalloc_noprof+0xce/0x4f0 [ 1361.962367][T29370] ? tomoyo_realpath_from_path+0xbf/0x710 [ 1361.968122][T29370] tomoyo_realpath_from_path+0xbf/0x710 [ 1361.973701][T29370] ? tomoyo_path_number_perm+0x235/0x5b0 [ 1361.979379][T29370] tomoyo_path_number_perm+0x248/0x5b0 [ 1361.984904][T29370] ? tomoyo_path_number_perm+0x235/0x5b0 [ 1361.990582][T29370] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1361.996879][T29370] ? rcu_is_watching+0x12/0xc0 [ 1362.001713][T29370] ? preempt_count_add+0x76/0x150 [ 1362.006810][T29370] ? __pfx_lock_release+0x10/0x10 [ 1362.011881][T29370] ? trace_lock_acquire+0x14e/0x1f0 [ 1362.017133][T29370] ? __fget_files+0x40/0x3a0 [ 1362.021774][T29370] ? lock_acquire+0x2f/0xb0 [ 1362.026316][T29370] ? __fget_files+0x40/0x3a0 [ 1362.030945][T29370] ? __fget_files+0x206/0x3a0 [ 1362.035658][T29370] security_file_ioctl+0x9b/0x240 [ 1362.040712][T29370] __x64_sys_ioctl+0xb7/0x200 [ 1362.045416][T29370] do_syscall_64+0xcd/0x250 [ 1362.049964][T29370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1362.055891][T29370] RIP: 0033:0x7f9898385d29 [ 1362.060345][T29370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1362.080017][T29370] RSP: 002b:00007f98961f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1362.088465][T29370] RAX: ffffffffffffffda RBX: 00007f9898575fa0 RCX: 00007f9898385d29 [ 1362.096486][T29370] RDX: 0000000020000000 RSI: 0000000080045017 RDI: 0000000000000004 [ 1362.104504][T29370] RBP: 00007f98961f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1362.112502][T29370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1362.120500][T29370] R13: 0000000000000000 R14: 00007f9898575fa0 R15: 00007ffe6d351448 [ 1362.128523][T29370] [ 1362.170998][T29370] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1362.452464][T29379] FAULT_INJECTION: forcing a failure. [ 1362.452464][T29379] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1362.480736][T29379] CPU: 0 UID: 0 PID: 29379 Comm: syz.1.6442 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1362.491588][T29379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1362.501688][T29379] Call Trace: [ 1362.505001][T29379] [ 1362.507966][T29379] dump_stack_lvl+0x16c/0x1f0 [ 1362.512702][T29379] should_fail_ex+0x497/0x5b0 [ 1362.517441][T29379] ? fs_reclaim_acquire+0xae/0x150 [ 1362.522605][T29379] should_fail_alloc_page+0xe7/0x130 [ 1362.527950][T29379] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 1362.534156][T29379] ? lock_acquire+0x2f/0xb0 [ 1362.538703][T29379] __alloc_pages_noprof+0x190/0x25b0 [ 1362.544053][T29379] ? kernel_text_address+0x8d/0x100 [ 1362.549301][T29379] ? __kernel_text_address+0xd/0x40 [ 1362.554554][T29379] ? unwind_get_return_address+0x59/0xa0 [ 1362.560238][T29379] ? arch_stack_walk+0xa7/0x100 [ 1362.565146][T29379] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1362.570937][T29379] ? stack_trace_save+0x95/0xd0 [ 1362.575844][T29379] ? lock_release+0x4e2/0x6f0 [ 1362.580561][T29379] ? ima_match_policy+0x855/0x2290 [ 1362.585734][T29379] ? __pfx_lock_release+0x10/0x10 [ 1362.590807][T29379] ? trace_lock_acquire+0x14e/0x1f0 [ 1362.596069][T29379] ? kasan_save_stack+0x42/0x60 [ 1362.600975][T29379] ? kasan_save_stack+0x33/0x60 [ 1362.605874][T29379] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1362.611804][T29379] ? policy_nodemask+0xea/0x4e0 [ 1362.616702][T29379] alloc_pages_mpol_noprof+0x2c9/0x610 [ 1362.622212][T29379] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 1362.628247][T29379] ? rcu_is_watching+0x12/0xc0 [ 1362.633056][T29379] folio_alloc_mpol_noprof+0x36/0xd0 [ 1362.638381][T29379] shmem_alloc_folio+0x135/0x160 [ 1362.643365][T29379] shmem_alloc_and_add_folio+0x48b/0xc00 [ 1362.649029][T29379] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1362.654956][T29379] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1362.661138][T29379] ? shmem_huge_global_enabled+0x176/0x250 [ 1362.666983][T29379] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 1362.672914][T29379] shmem_get_folio_gfp+0x689/0x1530 [ 1362.678148][T29379] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1362.683813][T29379] ? filemap_map_pages+0xf92/0x16b0 [ 1362.689058][T29379] shmem_fault+0x200/0xae0 [ 1362.693506][T29379] ? __pfx_shmem_fault+0x10/0x10 [ 1362.698482][T29379] ? rcu_is_watching+0x12/0xc0 [ 1362.703287][T29379] ? lock_release+0x4e2/0x6f0 [ 1362.707999][T29379] ? __pfx_filemap_map_pages+0x10/0x10 [ 1362.713518][T29379] ? do_pte_missing+0xdd7/0x3e00 [ 1362.718496][T29379] ? __pfx_lock_release+0x10/0x10 [ 1362.723553][T29379] __do_fault+0x10a/0x490 [ 1362.727921][T29379] do_pte_missing+0xebd/0x3e00 [ 1362.732725][T29379] ? ___pte_offset_map+0x1b9/0x540 [ 1362.737873][T29379] __handle_mm_fault+0x103c/0x2a40 [ 1362.743031][T29379] ? __pfx___handle_mm_fault+0x10/0x10 [ 1362.748536][T29379] ? find_vma+0xc0/0x140 [ 1362.752814][T29379] ? __pfx_find_vma+0x10/0x10 [ 1362.757525][T29379] handle_mm_fault+0x3fa/0xaa0 [ 1362.762335][T29379] do_user_addr_fault+0x7a3/0x13f0 [ 1362.767482][T29379] exc_page_fault+0x5c/0xc0 [ 1362.772020][T29379] asm_exc_page_fault+0x26/0x30 [ 1362.776906][T29379] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 1362.782759][T29379] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 1362.802573][T29379] RSP: 0018:ffffc90004a1fdf0 EFLAGS: 00050206 [ 1362.808667][T29379] RAX: 0000000000000001 RBX: 0000000000020803 RCX: 0000000000000038 [ 1362.816661][T29379] RDX: fffff52000943fcf RSI: 0000000000020803 RDI: ffffc90004a1fe40 [ 1362.824660][T29379] RBP: 0000000000000038 R08: 0000000000000001 R09: fffff52000943fce [ 1362.832669][T29379] R10: ffffc90004a1fe77 R11: 0000000000000000 R12: 0000000000000000 [ 1362.840673][T29379] R13: ffffc90004a1fe40 R14: 00000000000000c4 R15: ffffc90004a1fe40 [ 1362.848681][T29379] _copy_from_user+0x9a/0xd0 [ 1362.853323][T29379] keyctl_dh_compute+0xab/0x140 [ 1362.858209][T29379] ? __pfx_keyctl_dh_compute+0x10/0x10 [ 1362.863709][T29379] ? ksys_write+0x1ba/0x250 [ 1362.868245][T29379] ? __pfx_ksys_write+0x10/0x10 [ 1362.873133][T29379] __do_sys_keyctl+0x4df/0x590 [ 1362.877943][T29379] do_syscall_64+0xcd/0x250 [ 1362.882489][T29379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1362.888432][T29379] RIP: 0033:0x7f9898385d29 [ 1362.892878][T29379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1362.912519][T29379] RSP: 002b:00007f98961f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1362.920969][T29379] RAX: ffffffffffffffda RBX: 00007f9898575fa0 RCX: 00007f9898385d29 [ 1362.928969][T29379] RDX: 000000000000002d RSI: 0000000000008000 RDI: 2000000000000017 [ 1362.936970][T29379] RBP: 00007f98961f6090 R08: 0000000000020803 R09: 0000000000000000 [ 1362.944972][T29379] R10: 00000000000000c4 R11: 0000000000000246 R12: 0000000000000001 [ 1362.952969][T29379] R13: 0000000000000000 R14: 00007f9898575fa0 R15: 00007ffe6d351448 [ 1362.960985][T29379] [ 1363.262410][T29383] could not allocate digest TFM handle binfmt_misc [ 1363.366187][T29401] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6445'. [ 1363.462720][T29379] could not allocate digest TFM handle binfmt_misc [ 1364.411504][T29415] vivid-013: ================= START STATUS ================= [ 1364.421686][T29415] vivid-013: Generate PTS: true [ 1364.438767][T29415] vivid-013: Generate SCR: true [ 1364.455430][T29415] tpg source WxH: 640x360 (Y'CbCr) [ 1364.465892][T29415] tpg field: 1 [ 1364.469341][T29415] tpg crop: 640x360@0x0 [ 1364.659042][T29415] tpg compose: 640x360@0x0 [ 1364.686353][T29415] tpg colorspace: 8 [ 1364.729653][T29415] tpg transfer function: 0/0 [ 1364.758654][T29415] tpg Y'CbCr encoding: 0/0 [ 1364.806390][T29415] tpg quantization: 0/0 [ 1364.849685][T29415] tpg RGB range: 0/2 [ 1364.853652][T29415] vivid-013: ================== END STATUS ================== [ 1364.908624][T29417] vivid-013: ================= START STATUS ================= [ 1364.989578][T29417] vivid-013: Generate PTS: true [ 1365.014475][T29417] vivid-013: Generate SCR: true [ 1365.057720][T29417] tpg source WxH: 640x360 (Y'CbCr) [ 1365.099869][T29417] tpg field: 1 [ 1365.127111][T29417] tpg crop: 640x360@0x0 [ 1365.170287][T29417] tpg compose: 640x360@0x0 [ 1365.229130][T29417] tpg colorspace: 8 [ 1365.283203][T29418] FAULT_INJECTION: forcing a failure. [ 1365.283203][T29418] name fail_futex, interval 1, probability 0, space 0, times 1 [ 1365.438810][T29417] tpg transfer function: 0/0 [ 1365.459035][T29418] CPU: 1 UID: 0 PID: 29418 Comm: syz.5.6448 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1365.469893][T29418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1365.479980][T29418] Call Trace: [ 1365.483293][T29418] [ 1365.486253][T29418] dump_stack_lvl+0x16c/0x1f0 [ 1365.490983][T29418] should_fail_ex+0x497/0x5b0 [ 1365.495713][T29418] get_futex_key+0x4a3/0x1000 [ 1365.500440][T29418] ? lock_release+0x4e2/0x6f0 [ 1365.505160][T29418] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 1365.511712][T29418] ? __pfx_lock_release+0x10/0x10 [ 1365.516805][T29418] ? __pfx_get_futex_key+0x10/0x10 [ 1365.521977][T29418] ? rcu_is_watching+0x12/0xc0 [ 1365.526796][T29418] ? lock_release+0x4e2/0x6f0 [ 1365.531520][T29418] ? __up_read+0x1fb/0x760 [ 1365.535988][T29418] futex_wake+0xe8/0x4e0 [ 1365.540295][T29418] ? handle_mm_fault+0x497/0xaa0 [ 1365.543413][T29417] tpg Y'CbCr encoding: 0/0 [ 1365.545274][T29418] ? __pfx_futex_wake+0x10/0x10 [ 1365.554573][T29418] ? do_user_addr_fault+0x83d/0x13f0 [ 1365.559910][T29418] ? rcu_is_watching+0x12/0xc0 [ 1365.564737][T29418] do_futex+0x1e5/0x350 [ 1365.565219][T29417] tpg quantization: 0/0 [ 1365.568931][T29418] ? __pfx_do_futex+0x10/0x10 [ 1365.573201][T29417] tpg RGB range: 0/2 [ 1365.577769][T29418] ? mm_release+0x209/0x300 [ 1365.577808][T29418] mm_release+0x24e/0x300 [ 1365.581830][T29417] vivid-013: ================== END STATUS ================== [ 1365.586184][T29418] do_exit+0x886/0x2d70 [ 1365.586231][T29418] ? rcu_is_watching+0x12/0xc0 [ 1365.586270][T29418] ? lock_release+0x4e2/0x6f0 [ 1365.586299][T29418] ? get_signal+0x8f7/0x2610 [ 1365.586334][T29418] ? __pfx_do_exit+0x10/0x10 [ 1365.586380][T29418] ? do_raw_spin_lock+0x12d/0x2c0 [ 1365.586417][T29418] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1365.586457][T29418] do_group_exit+0xd3/0x2a0 [ 1365.586500][T29418] get_signal+0x2576/0x2610 [ 1365.586543][T29418] ? __pfx_get_signal+0x10/0x10 [ 1365.586578][T29418] ? __pfx_video_usercopy+0x10/0x10 [ 1365.586621][T29418] arch_do_signal_or_restart+0x90/0x7e0 [ 1365.586667][T29418] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1365.662739][T29418] ? rcu_is_watching+0x12/0xc0 [ 1365.667570][T29418] syscall_exit_to_user_mode+0x150/0x2a0 [ 1365.673264][T29418] do_syscall_64+0xda/0x250 [ 1365.677831][T29418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1365.683786][T29418] RIP: 0033:0x7f7ff9385d29 [ 1365.688245][T29418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1365.707908][T29418] RSP: 002b:00007f7ff71d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1365.716381][T29418] RAX: fffffffffffffe00 RBX: 00007f7ff9576080 RCX: 00007f7ff9385d29 [ 1365.724400][T29418] RDX: 0000000000000003 RSI: 0000000000000081 RDI: 0000000000000003 [ 1365.732417][T29418] RBP: 00007f7ff71d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1365.740439][T29418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1365.748461][T29418] R13: 0000000000000001 R14: 00007f7ff9576080 R15: 00007fffc008fa28 [ 1365.756488][T29418] [ 1365.931475][T29453] vivid-013: ================= START STATUS ================= [ 1365.939624][T29453] vivid-013: Generate PTS: true [ 1365.944552][T29453] vivid-013: Generate SCR: true [ 1365.950060][T29453] tpg source WxH: 640x360 (Y'CbCr) [ 1365.955225][T29453] tpg field: 1 [ 1365.958628][T29453] tpg crop: 640x360@0x0 [ 1365.963403][T29453] tpg compose: 640x360@0x0 [ 1365.967871][T29453] tpg colorspace: 8 [ 1365.972112][T29453] tpg transfer function: 0/0 [ 1365.976826][T29453] tpg Y'CbCr encoding: 0/0 [ 1365.981872][T29453] tpg quantization: 0/0 [ 1365.986860][T29453] tpg RGB range: 0/2 [ 1365.992131][T29453] vivid-013: ================== END STATUS ================== [ 1366.068382][T29458] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6457'. [ 1366.128974][T29459] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6456'. [ 1366.364815][T29465] ip6_vti0: entered allmulticast mode [ 1366.639095][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1366.645550][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1367.870268][T29509] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6470'. [ 1369.058963][T29540] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6479'. [ 1369.112931][T29522] Process accounting resumed [ 1369.129441][T29540] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6479'. [ 1369.150243][T29540] bridge0: port 2(bridge_slave_1) entered disabled state [ 1369.157865][T29540] bridge0: port 1(bridge_slave_0) entered disabled state [ 1369.178802][T29540] bridge0: entered allmulticast mode [ 1369.783631][T29562] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6486'. [ 1371.100092][T24358] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1371.186638][T24358] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1371.301147][T24358] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1371.312444][T29583] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1371.336958][T29583] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1371.346268][T29583] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1371.357165][T29583] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1371.364919][T29583] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1371.372396][T29583] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1371.444921][T24358] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1371.739188][T29597] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6496'. [ 1371.782398][T24358] bridge_slave_1: left allmulticast mode [ 1371.808911][T24358] bridge_slave_1: left promiscuous mode [ 1371.833759][T24358] bridge0: port 2(bridge_slave_1) entered disabled state [ 1371.868560][T24358] bridge_slave_0: left allmulticast mode [ 1371.888552][T24358] bridge_slave_0: left promiscuous mode [ 1371.904792][T24358] bridge0: port 1(bridge_slave_0) entered disabled state [ 1372.056926][T24358] erspan0 (unregistering): left allmulticast mode [ 1372.195262][T24358] ovs_: left promiscuous mode [ 1372.349147][T29582] chnl_net:caif_netlink_parms(): no params data found [ 1372.562942][T29631] FAULT_INJECTION: forcing a failure. [ 1372.562942][T29631] name failslab, interval 1, probability 0, space 0, times 0 [ 1372.595899][T29582] bridge0: port 1(bridge_slave_0) entered blocking state [ 1372.607332][T29631] CPU: 0 UID: 0 PID: 29631 Comm: syz.1.6501 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1372.618178][T29631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1372.628269][T29631] Call Trace: [ 1372.631578][T29631] [ 1372.634539][T29631] dump_stack_lvl+0x16c/0x1f0 [ 1372.639268][T29631] should_fail_ex+0x497/0x5b0 [ 1372.643996][T29631] ? fs_reclaim_acquire+0xae/0x150 [ 1372.649163][T29631] should_failslab+0xc2/0x120 [ 1372.653903][T29631] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 1372.659765][T29631] ? __alloc_skb+0x2b3/0x380 [ 1372.664415][T29631] __alloc_skb+0x2b3/0x380 [ 1372.665864][T29582] bridge0: port 1(bridge_slave_0) entered disabled state [ 1372.668900][T29631] ? __pfx___alloc_skb+0x10/0x10 [ 1372.676907][T29582] bridge_slave_0: entered allmulticast mode [ 1372.680851][T29631] ? lock_acquire+0x2f/0xb0 [ 1372.691316][T29631] netlink_alloc_large_skb+0x69/0x130 [ 1372.692034][T29582] bridge_slave_0: entered promiscuous mode [ 1372.696724][T29631] netlink_sendmsg+0x689/0xd70 [ 1372.696773][T29631] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1372.712684][T29631] ____sys_sendmsg+0x9ae/0xb40 [ 1372.717516][T29631] ? copy_msghdr_from_user+0x10b/0x160 [ 1372.723044][T29631] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1372.728388][T29631] ? rcu_is_watching+0x12/0xc0 [ 1372.733219][T29631] ? lock_release+0x4e2/0x6f0 [ 1372.737951][T29631] ? get_pid_task+0xfc/0x250 [ 1372.742608][T29631] ___sys_sendmsg+0x135/0x1e0 [ 1372.747354][T29631] ? get_pid_task+0x35/0x250 [ 1372.752011][T29631] ? __pfx____sys_sendmsg+0x10/0x10 [ 1372.757283][T29631] ? lock_release+0x4e2/0x6f0 [ 1372.762015][T29631] ? __pfx_lock_release+0x10/0x10 [ 1372.767086][T29631] ? trace_lock_acquire+0x14e/0x1f0 [ 1372.772350][T29631] ? __fget_files+0x206/0x3a0 [ 1372.777089][T29631] __sys_sendmsg+0x16e/0x220 [ 1372.781755][T29631] ? __pfx___sys_sendmsg+0x10/0x10 [ 1372.786944][T29631] ? rcu_is_watching+0x12/0xc0 [ 1372.791779][T29631] ? rcu_is_watching+0x12/0xc0 [ 1372.796607][T29631] do_syscall_64+0xcd/0x250 [ 1372.801174][T29631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1372.807128][T29631] RIP: 0033:0x7f9898385d29 [ 1372.811587][T29631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1372.831253][T29631] RSP: 002b:00007f98961f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1372.839733][T29631] RAX: ffffffffffffffda RBX: 00007f9898575fa0 RCX: 00007f9898385d29 [ 1372.847761][T29631] RDX: 0000000020004814 RSI: 0000000020000100 RDI: 0000000000000003 [ 1372.855784][T29631] RBP: 00007f98961f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1372.863809][T29631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1372.871839][T29631] R13: 0000000000000000 R14: 00007f9898575fa0 R15: 00007ffe6d351448 [ 1372.879872][T29631] [ 1372.883043][ C0] vkms_vblank_simulate: vblank timer overrun [ 1372.903303][T29582] bridge0: port 2(bridge_slave_1) entered blocking state [ 1372.912010][T29582] bridge0: port 2(bridge_slave_1) entered disabled state [ 1372.925358][T29582] bridge_slave_1: entered allmulticast mode [ 1372.938647][T29582] bridge_slave_1: entered promiscuous mode [ 1372.983372][T29582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1373.014971][T29582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1373.059371][T24358] hsr_slave_0: left promiscuous mode [ 1373.077108][T24358] hsr_slave_1: left promiscuous mode [ 1373.091475][T24358] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1373.107892][T24358] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1373.128146][T24358] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1373.183334][T24358] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1373.208429][T24358] veth1_macvtap: left promiscuous mode [ 1373.214013][T24358] veth0_macvtap: left promiscuous mode [ 1373.233135][T24358] veth1_vlan: left promiscuous mode [ 1373.248722][T24358] veth0_vlan: left promiscuous mode [ 1373.435045][T29583] Bluetooth: hci3: command tx timeout [ 1373.759447][T24358] team0 (unregistering): Port device team_slave_1 removed [ 1373.823574][T24358] team0 (unregistering): Port device team_slave_0 removed [ 1373.859089][T29674] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6509'. [ 1374.203236][T29582] team0: Port device team_slave_0 added [ 1374.235663][T29582] team0: Port device team_slave_1 added [ 1374.269331][T29582] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1374.288329][T29582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1374.336993][T29582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1374.372396][T29582] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1374.417763][T29582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1374.484685][T29582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1374.603716][T29582] hsr_slave_0: entered promiscuous mode [ 1374.615611][T29582] hsr_slave_1: entered promiscuous mode [ 1375.514334][T29583] Bluetooth: hci3: command tx timeout [ 1376.165025][T29582] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1376.210341][T29582] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1376.240832][T29582] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1376.271507][T29582] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1376.486690][T29582] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1376.528719][T29582] 8021q: adding VLAN 0 to HW filter on device team0 [ 1376.556579][T24358] bridge0: port 1(bridge_slave_0) entered blocking state [ 1376.563798][T24358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1376.607162][T24358] bridge0: port 2(bridge_slave_1) entered blocking state [ 1376.614351][T24358] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1376.680410][T29582] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1376.941886][T29582] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1377.037809][T29582] veth0_vlan: entered promiscuous mode [ 1377.066770][T29582] veth1_vlan: entered promiscuous mode [ 1377.121156][T29582] veth0_macvtap: entered promiscuous mode [ 1377.154484][T29582] veth1_macvtap: entered promiscuous mode [ 1377.223131][T29582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1377.251903][T29582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1377.282310][T29582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1377.306917][T29582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1377.352731][T29582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1377.383376][T29582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1377.411678][T29582] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1377.449880][T29582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1377.483183][T29582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1377.513255][T29582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1377.540296][T29582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1377.573149][T29582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1377.583856][T29583] Bluetooth: hci3: command tx timeout [ 1377.613132][T29582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1377.623413][T29582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1377.633982][T29582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1377.645308][T29582] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1377.697103][T29582] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1377.717210][T29582] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1377.745976][T29582] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1377.773485][T29582] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1377.948612][T24368] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1377.993713][T24368] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1378.039051][T24357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1378.053742][T24357] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1378.912531][T29750] FAULT_INJECTION: forcing a failure. [ 1378.912531][T29750] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1378.953063][T29750] CPU: 1 UID: 0 PID: 29750 Comm: syz.0.6517 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1378.963929][T29750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1378.974034][T29750] Call Trace: [ 1378.977348][T29750] [ 1378.980314][T29750] dump_stack_lvl+0x16c/0x1f0 [ 1378.985050][T29750] should_fail_ex+0x497/0x5b0 [ 1378.989799][T29750] _copy_to_user+0x32/0xd0 [ 1378.994286][T29750] store_msg+0x4a/0x140 [ 1378.998505][T29750] do_msg_fill+0xa2/0xf0 [ 1379.002811][T29750] ? do_msgrcv+0xcdd/0x1690 [ 1379.007373][T29750] do_msgrcv+0xfed/0x1690 [ 1379.011758][T29750] ? __pfx_do_msg_fill+0x10/0x10 [ 1379.016801][T29750] ? __pfx_do_msgrcv+0x10/0x10 [ 1379.021653][T29750] ? __pfx_ksys_write+0x10/0x10 [ 1379.026560][T29750] ? rcu_is_watching+0x12/0xc0 [ 1379.031393][T29750] ? do_syscall_64+0xcd/0x250 [ 1379.036153][T29750] do_syscall_64+0xcd/0x250 [ 1379.040721][T29750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1379.046673][T29750] RIP: 0033:0x7f238ad85d29 [ 1379.051134][T29750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1379.070797][T29750] RSP: 002b:00007f238bad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000046 [ 1379.079264][T29750] RAX: ffffffffffffffda RBX: 00007f238af75fa0 RCX: 00007f238ad85d29 [ 1379.087282][T29750] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1379.095304][T29750] RBP: 00007f238bad7090 R08: 00000000000000b5 R09: 0000000000000000 [ 1379.103323][T29750] R10: 8000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1379.111350][T29750] R13: 0000000000000000 R14: 00007f238af75fa0 R15: 00007ffec922cd98 [ 1379.119382][T29750] [ 1379.481301][T29802] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6522'. [ 1379.672271][T29583] Bluetooth: hci3: command tx timeout [ 1379.802188][T29802] ip6tnl0: entered promiscuous mode [ 1381.045799][T29843] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 1381.584916][T29862] FAULT_INJECTION: forcing a failure. [ 1381.584916][T29862] name failslab, interval 1, probability 0, space 0, times 0 [ 1381.653450][T29862] CPU: 1 UID: 0 PID: 29862 Comm: syz.5.6533 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1381.664311][T29862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1381.674413][T29862] Call Trace: [ 1381.677725][T29862] [ 1381.680693][T29862] dump_stack_lvl+0x16c/0x1f0 [ 1381.683009][T29860] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6534'. [ 1381.685407][T29862] should_fail_ex+0x497/0x5b0 [ 1381.695087][T29860] ip6tnl0: entered promiscuous mode [ 1381.699010][T29862] ? fs_reclaim_acquire+0xae/0x150 [ 1381.709393][T29862] should_failslab+0xc2/0x120 [ 1381.714140][T29862] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1381.719580][T29862] ? getname_flags.part.0+0x4c/0x550 [ 1381.724939][T29862] getname_flags.part.0+0x4c/0x550 [ 1381.730124][T29862] getname+0x8d/0xe0 [ 1381.734075][T29862] __x64_sys_execve+0x72/0xb0 [ 1381.738807][T29862] do_syscall_64+0xcd/0x250 [ 1381.743367][T29862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1381.749317][T29862] RIP: 0033:0x7f7ff9385d29 [ 1381.753773][T29862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1381.773438][T29862] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1381.781921][T29862] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 [ 1381.789945][T29862] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000020000180 [ 1381.797978][T29862] RBP: 00007f7ff71f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1381.806001][T29862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1381.814036][T29862] R13: 0000000000000000 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1381.822071][T29862] [ 1383.527732][T29906] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1384.360464][T29926] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6549'. [ 1385.302698][T29940] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1386.884049][T29967] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6561'. [ 1387.118900][T29981] random: crng reseeded on system resumption [ 1387.340351][T29989] warning: `syz.1.6565' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1388.911562][T30016] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6577'. [ 1388.988901][T30016] ip6tnl0: entered promiscuous mode [ 1390.680400][T30057] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6588'. [ 1390.812988][T30064] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6590'. [ 1391.669248][T30087] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6597'. [ 1391.890516][T30093] FAULT_INJECTION: forcing a failure. [ 1391.890516][T30093] name failslab, interval 1, probability 0, space 0, times 0 [ 1391.932832][T30093] CPU: 0 UID: 0 PID: 30093 Comm: syz.5.6600 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1391.943691][T30093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1391.953917][T30093] Call Trace: [ 1391.957233][T30093] [ 1391.960219][T30093] dump_stack_lvl+0x16c/0x1f0 [ 1391.964950][T30093] should_fail_ex+0x497/0x5b0 [ 1391.969681][T30093] ? fs_reclaim_acquire+0xae/0x150 [ 1391.974843][T30093] should_failslab+0xc2/0x120 [ 1391.979592][T30093] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 1391.985461][T30093] ? __alloc_skb+0x2b3/0x380 [ 1391.990120][T30093] __alloc_skb+0x2b3/0x380 [ 1391.994600][T30093] ? __pfx___alloc_skb+0x10/0x10 [ 1391.999610][T30093] ? lock_acquire+0x2f/0xb0 [ 1392.004167][T30093] netlink_alloc_large_skb+0x69/0x130 [ 1392.009601][T30093] netlink_sendmsg+0x689/0xd70 [ 1392.014423][T30093] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1392.019771][T30093] ____sys_sendmsg+0x9ae/0xb40 [ 1392.024593][T30093] ? copy_msghdr_from_user+0x10b/0x160 [ 1392.030141][T30093] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1392.035480][T30093] ? rcu_is_watching+0x12/0xc0 [ 1392.040310][T30093] ? lock_release+0x4e2/0x6f0 [ 1392.045154][T30093] ? get_pid_task+0xfc/0x250 [ 1392.049811][T30093] ___sys_sendmsg+0x135/0x1e0 [ 1392.054533][T30093] ? get_pid_task+0x35/0x250 [ 1392.059163][T30093] ? __pfx____sys_sendmsg+0x10/0x10 [ 1392.064424][T30093] ? lock_release+0x4e2/0x6f0 [ 1392.069134][T30093] ? __pfx_lock_release+0x10/0x10 [ 1392.074289][T30093] ? trace_lock_acquire+0x14e/0x1f0 [ 1392.079554][T30093] ? __fget_files+0x206/0x3a0 [ 1392.084279][T30093] __sys_sendmsg+0x16e/0x220 [ 1392.088924][T30093] ? __pfx___sys_sendmsg+0x10/0x10 [ 1392.094102][T30093] ? rcu_is_watching+0x12/0xc0 [ 1392.098952][T30093] ? rcu_is_watching+0x12/0xc0 [ 1392.103763][T30093] do_syscall_64+0xcd/0x250 [ 1392.108310][T30093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1392.114269][T30093] RIP: 0033:0x7f7ff9385d29 [ 1392.118710][T30093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1392.138353][T30093] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1392.146799][T30093] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 [ 1392.154792][T30093] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 1392.162806][T30093] RBP: 00007f7ff71f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1392.170842][T30093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1392.178841][T30093] R13: 0000000000000000 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1392.186847][T30093] [ 1392.754471][T30107] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6604'. [ 1394.933440][T30143] mkiss: ax0: crc mode is auto. [ 1395.890742][T30173] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6622'. [ 1395.908946][T30173] ip6tnl0: entered promiscuous mode [ 1396.657104][T30200] FAULT_INJECTION: forcing a failure. [ 1396.657104][T30200] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.745182][T30200] CPU: 0 UID: 0 PID: 30200 Comm: syz.5.6630 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1396.756045][T30200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1396.766153][T30200] Call Trace: [ 1396.769468][T30200] [ 1396.772431][T30200] dump_stack_lvl+0x16c/0x1f0 [ 1396.777171][T30200] should_fail_ex+0x497/0x5b0 [ 1396.781913][T30200] ? fs_reclaim_acquire+0xae/0x150 [ 1396.787082][T30200] should_failslab+0xc2/0x120 [ 1396.791826][T30200] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 1396.797697][T30200] ? is_bpf_text_address+0x30/0x1a0 [ 1396.802967][T30200] ? __alloc_skb+0x2b3/0x380 [ 1396.807641][T30200] ? is_bpf_text_address+0x30/0x1a0 [ 1396.812920][T30200] __alloc_skb+0x2b3/0x380 [ 1396.817409][T30200] ? __pfx___alloc_skb+0x10/0x10 [ 1396.822416][T30200] ? kernel_text_address+0x8d/0x100 [ 1396.827710][T30200] ? kernel_text_address+0x30/0x100 [ 1396.833025][T30200] netlink_alloc_large_skb+0x69/0x130 [ 1396.838464][T30200] netlink_sendmsg+0x689/0xd70 [ 1396.843294][T30200] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1396.848657][T30200] ____sys_sendmsg+0x9ae/0xb40 [ 1396.853482][T30200] ? copy_msghdr_from_user+0x10b/0x160 [ 1396.859014][T30200] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1396.864371][T30200] ? rcu_is_watching+0x12/0xc0 [ 1396.869195][T30200] ? lock_release+0x4e2/0x6f0 [ 1396.873930][T30200] ? get_pid_task+0xfc/0x250 [ 1396.878599][T30200] ___sys_sendmsg+0x135/0x1e0 [ 1396.883345][T30200] ? get_pid_task+0x35/0x250 [ 1396.888005][T30200] ? __pfx____sys_sendmsg+0x10/0x10 [ 1396.893273][T30200] ? lock_release+0x4e2/0x6f0 [ 1396.898007][T30200] ? __pfx_lock_release+0x10/0x10 [ 1396.903091][T30200] ? trace_lock_acquire+0x14e/0x1f0 [ 1396.908364][T30200] ? __fget_files+0x206/0x3a0 [ 1396.913104][T30200] __sys_sendmsg+0x16e/0x220 [ 1396.917766][T30200] ? __pfx___sys_sendmsg+0x10/0x10 [ 1396.922951][T30200] ? rcu_is_watching+0x12/0xc0 [ 1396.927779][T30200] ? rcu_is_watching+0x12/0xc0 [ 1396.932604][T30200] do_syscall_64+0xcd/0x250 [ 1396.937174][T30200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1396.943138][T30200] RIP: 0033:0x7f7ff9385d29 [ 1396.947602][T30200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1396.967274][T30200] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1396.975763][T30200] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 [ 1396.983791][T30200] RDX: 0000000000000c50 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1396.991817][T30200] RBP: 00007f7ff71f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1396.999840][T30200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1397.007862][T30200] R13: 0000000000000000 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1397.015895][T30200] [ 1397.392338][T30214] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6635'. [ 1397.584664][T30221] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1397.893434][T30230] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6639'. [ 1398.955673][T30242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6643'. [ 1399.398161][T30247] netlink: 'syz.1.6644': attribute type 21 has an invalid length. [ 1399.447126][T30247] netlink: 326 bytes leftover after parsing attributes in process `syz.1.6644'. [ 1400.313460][T30258] HfR: entered promiscuous mode [ 1400.352190][T30258] openvswitch: HfR: Dropping previously announced user features [ 1400.387923][T30258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6647'. [ 1400.416855][T30258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6647'. [ 1400.970256][T30276] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6651'. [ 1401.293611][T30283] FAULT_INJECTION: forcing a failure. [ 1401.293611][T30283] name failslab, interval 1, probability 0, space 0, times 0 [ 1401.337934][T30283] CPU: 0 UID: 0 PID: 30283 Comm: syz.1.6654 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1401.348795][T30283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1401.358895][T30283] Call Trace: [ 1401.362264][T30283] [ 1401.365237][T30283] dump_stack_lvl+0x16c/0x1f0 [ 1401.369970][T30283] should_fail_ex+0x497/0x5b0 [ 1401.374702][T30283] ? fs_reclaim_acquire+0xae/0x150 [ 1401.379914][T30283] should_failslab+0xc2/0x120 [ 1401.384656][T30283] __kmalloc_node_noprof+0xd1/0x520 [ 1401.389915][T30283] ? lock_release+0x4e2/0x6f0 [ 1401.394635][T30283] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 1401.400152][T30283] ? __pfx_lock_release+0x10/0x10 [ 1401.405223][T30283] __kvmalloc_node_noprof+0xad/0x1a0 [ 1401.410568][T30283] seq_read_iter+0x82a/0x12b0 [ 1401.415305][T30283] seq_read+0x39f/0x4e0 [ 1401.419512][T30283] ? __pfx_seq_read+0x10/0x10 [ 1401.424232][T30283] ? __pfx_lock_release+0x10/0x10 [ 1401.429306][T30283] ? lock_acquire+0x2f/0xb0 [ 1401.433862][T30283] ? apparmor_file_permission+0x251/0x400 [ 1401.439651][T30283] ? __pfx_seq_read+0x10/0x10 [ 1401.444374][T30283] proc_reg_read+0x23d/0x330 [ 1401.449019][T30283] ? __pfx_proc_reg_read+0x10/0x10 [ 1401.454190][T30283] vfs_read+0x1df/0xbe0 [ 1401.458394][T30283] ? __fget_files+0x1fc/0x3a0 [ 1401.463124][T30283] ? __pfx___mutex_lock+0x10/0x10 [ 1401.468207][T30283] ? __pfx_vfs_read+0x10/0x10 [ 1401.472938][T30283] ? __fget_files+0x206/0x3a0 [ 1401.477671][T30283] ksys_read+0x12b/0x250 [ 1401.481962][T30283] ? __pfx_ksys_read+0x10/0x10 [ 1401.486775][T30283] ? rcu_is_watching+0x12/0xc0 [ 1401.491595][T30283] ? rcu_is_watching+0x12/0xc0 [ 1401.496436][T30283] do_syscall_64+0xcd/0x250 [ 1401.501005][T30283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1401.506962][T30283] RIP: 0033:0x7f9898385d29 [ 1401.511425][T30283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1401.531086][T30283] RSP: 002b:00007f98961f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1401.539553][T30283] RAX: ffffffffffffffda RBX: 00007f9898575fa0 RCX: 00007f9898385d29 [ 1401.547566][T30283] RDX: 0000000000000057 RSI: 0000000020000040 RDI: 0000000000000003 [ 1401.555578][T30283] RBP: 00007f98961f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1401.563592][T30283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1401.571601][T30283] R13: 0000000000000000 R14: 00007f9898575fa0 R15: 00007ffe6d351448 [ 1401.579627][T30283] [ 1403.369871][T30294] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6658'. [ 1405.954935][T30318] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6665'. [ 1407.745869][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1407.753724][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1407.761126][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1407.768881][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1407.776409][ T5840] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1407.785783][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1407.866553][T24357] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1407.944910][T24357] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1408.124780][T30349] FAULT_INJECTION: forcing a failure. [ 1408.124780][T30349] name failslab, interval 1, probability 0, space 0, times 0 [ 1408.137967][T30349] CPU: 0 UID: 0 PID: 30349 Comm: syz.5.6673 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1408.148782][T30349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1408.158872][T30349] Call Trace: [ 1408.162182][T30349] [ 1408.165143][T30349] dump_stack_lvl+0x16c/0x1f0 [ 1408.169879][T30349] should_fail_ex+0x497/0x5b0 [ 1408.174612][T30349] ? fs_reclaim_acquire+0xae/0x150 [ 1408.179773][T30349] should_failslab+0xc2/0x120 [ 1408.184520][T30349] __kmalloc_node_noprof+0xd1/0x520 [ 1408.189786][T30349] ? __pfx___mutex_lock+0x10/0x10 [ 1408.194864][T30349] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 1408.200389][T30349] __kvmalloc_node_noprof+0xad/0x1a0 [ 1408.205729][T30349] traverse.part.0.constprop.0+0x392/0x640 [ 1408.211583][T30349] ? __pfx_lock_release+0x10/0x10 [ 1408.216651][T30349] seq_read_iter+0x934/0x12b0 [ 1408.221373][T30349] ? __pfx_kstrtouint+0x10/0x10 [ 1408.226272][T30349] seq_read+0x39f/0x4e0 [ 1408.230471][T30349] ? lock_release+0x4e2/0x6f0 [ 1408.235194][T30349] ? __pfx_seq_read+0x10/0x10 [ 1408.239922][T30349] ? trace_lock_acquire+0x14e/0x1f0 [ 1408.245184][T30349] ? lock_acquire+0x2f/0xb0 [ 1408.249735][T30349] ? apparmor_file_permission+0x251/0x400 [ 1408.255520][T30349] ? __pfx_seq_read+0x10/0x10 [ 1408.260240][T30349] proc_reg_read+0x23d/0x330 [ 1408.264892][T30349] ? __pfx_proc_reg_read+0x10/0x10 [ 1408.270057][T30349] vfs_read+0x1df/0xbe0 [ 1408.274262][T30349] ? __fget_files+0x1fc/0x3a0 [ 1408.278988][T30349] ? __pfx_lock_release+0x10/0x10 [ 1408.284059][T30349] ? __pfx_vfs_read+0x10/0x10 [ 1408.288797][T30349] ? __fget_files+0x40/0x3a0 [ 1408.293450][T30349] ? lock_acquire+0x2f/0xb0 [ 1408.298015][T30349] ? __fget_files+0x40/0x3a0 [ 1408.302663][T30349] ? __fget_files+0x206/0x3a0 [ 1408.307403][T30349] __x64_sys_pread64+0x1f6/0x250 [ 1408.312400][T30349] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1408.317944][T30349] ? rcu_is_watching+0x12/0xc0 [ 1408.322770][T30349] ? rcu_is_watching+0x12/0xc0 [ 1408.327600][T30349] do_syscall_64+0xcd/0x250 [ 1408.332168][T30349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1408.338131][T30349] RIP: 0033:0x7f7ff9385d29 [ 1408.342594][T30349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1408.362257][T30349] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1408.370730][T30349] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 [ 1408.378746][T30349] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000003 [ 1408.386767][T30349] RBP: 00007f7ff71f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1408.394789][T30349] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 1408.402806][T30349] R13: 0000000000000000 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1408.410842][T30349] [ 1408.415318][T24357] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1408.442337][T30336] chnl_net:caif_netlink_parms(): no params data found [ 1408.535178][T24357] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1409.367741][T24357] ip6_vti0 (unregistering): left allmulticast mode [ 1409.417689][T24357] erspan0 (unregistering): left allmulticast mode [ 1409.827127][ T5840] Bluetooth: hci0: command tx timeout [ 1409.869369][T24357] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1409.879632][T24357] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1409.889528][T24357] bond0 (unregistering): Released all slaves [ 1409.914169][T30336] bridge0: port 1(bridge_slave_0) entered blocking state [ 1409.921732][T30336] bridge0: port 1(bridge_slave_0) entered disabled state [ 1409.929025][T30336] bridge_slave_0: entered allmulticast mode [ 1409.936005][T30336] bridge_slave_0: entered promiscuous mode [ 1409.948055][T30336] bridge0: port 2(bridge_slave_1) entered blocking state [ 1409.956429][T30336] bridge0: port 2(bridge_slave_1) entered disabled state [ 1409.977140][T30336] bridge_slave_1: entered allmulticast mode [ 1409.984194][T30336] bridge_slave_1: entered promiscuous mode [ 1410.164948][T30336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1410.322675][T30336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1410.504753][T30336] team0: Port device team_slave_0 added [ 1410.521709][T30336] team0: Port device team_slave_1 added [ 1411.204310][T30336] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1411.223805][T30336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1411.305135][T30336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1411.406747][T30336] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1411.434137][T30336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1411.589042][T30336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1411.772381][T30336] hsr_slave_0: entered promiscuous mode [ 1411.797622][T30336] hsr_slave_1: entered promiscuous mode [ 1411.826091][T30336] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1411.833833][T30336] Cannot create hsr debugfs directory [ 1411.870171][T24357] hsr_slave_0: left promiscuous mode [ 1411.879215][T24357] hsr_slave_1: left promiscuous mode [ 1411.885662][T24357] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1411.893389][ T5840] Bluetooth: hci0: command tx timeout [ 1411.900382][T24357] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1411.913439][T24357] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1411.923747][T24357] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1411.961310][T24357] veth1_macvtap: left promiscuous mode [ 1411.972863][T24357] veth0_macvtap: left promiscuous mode [ 1411.986699][T24357] veth1_vlan: left promiscuous mode [ 1411.998721][T24357] veth0_vlan: left promiscuous mode [ 1412.316296][T24357] team0 (unregistering): Port device team_slave_1 removed [ 1412.334676][T24357] team0 (unregistering): Port device team_slave_0 removed [ 1413.965071][ T5840] Bluetooth: hci0: command tx timeout [ 1414.045073][T30336] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1414.059008][T30336] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1414.078421][T30336] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1414.091493][T30336] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1414.247520][T30336] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1414.288654][T30336] 8021q: adding VLAN 0 to HW filter on device team0 [ 1414.299103][T24358] bridge0: port 1(bridge_slave_0) entered blocking state [ 1414.306291][T24358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1414.328943][T30455] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6689'. [ 1414.357353][T24358] bridge0: port 2(bridge_slave_1) entered blocking state [ 1414.364511][T24358] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1414.818832][T30336] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1414.960941][T30336] veth0_vlan: entered promiscuous mode [ 1414.972030][T30336] veth1_vlan: entered promiscuous mode [ 1414.993050][T30336] veth0_macvtap: entered promiscuous mode [ 1415.002331][T30336] veth1_macvtap: entered promiscuous mode [ 1415.061631][T30336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1415.081201][T30336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1415.096851][T30336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1415.113576][T30336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1415.129955][T30336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1415.151892][T30336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1415.177807][T30336] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1415.231128][T30336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1415.261638][T30336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1415.297377][T30336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1415.320442][T30336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1415.334761][T30336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1415.346177][T30336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1415.376467][T30336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1415.399513][T30336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1415.430210][T30336] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1415.494607][T30336] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1415.503396][T30336] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1415.524595][T30336] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1415.533630][T30336] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1415.792597][T24362] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1415.832994][T24362] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1415.981059][T24362] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1416.003938][T24362] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1416.044117][T29583] Bluetooth: hci0: command tx timeout [ 1416.182241][T30521] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6669'. [ 1418.333532][T30561] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.6701'. [ 1420.473207][T30618] netlink: 11 bytes leftover after parsing attributes in process `syz.5.6712'. [ 1423.949051][T30670] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.6725'. [ 1424.046039][T30670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6725'. [ 1424.501334][T30696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6730'. [ 1425.535062][T30724] FAULT_INJECTION: forcing a failure. [ 1425.535062][T30724] name failslab, interval 1, probability 0, space 0, times 0 [ 1425.559373][T30724] CPU: 0 UID: 0 PID: 30724 Comm: syz.5.6738 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1425.570226][T30724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1425.580372][T30724] Call Trace: [ 1425.583691][T30724] [ 1425.586663][T30724] dump_stack_lvl+0x16c/0x1f0 [ 1425.591405][T30724] should_fail_ex+0x497/0x5b0 [ 1425.596171][T30724] ? fs_reclaim_acquire+0xae/0x150 [ 1425.601342][T30724] should_failslab+0xc2/0x120 [ 1425.606086][T30724] __kmalloc_noprof+0xce/0x4f0 [ 1425.610917][T30724] ? __pfx___might_resched+0x10/0x10 [ 1425.616260][T30724] ? reacquire_held_locks+0x481/0x4c0 [ 1425.621679][T30724] ? load_msg+0x118/0x470 [ 1425.626072][T30724] load_msg+0x118/0x470 [ 1425.630283][T30724] ? 0xffffffff81000000 [ 1425.634481][T30724] do_msgrcv+0x20f/0x1690 [ 1425.638874][T30724] ? __pfx_do_msg_fill+0x10/0x10 [ 1425.643872][T30724] ? 0xffffffff81000000 [ 1425.648068][T30724] ? __fget_files+0x206/0x3a0 [ 1425.652810][T30724] ? __pfx_do_msgrcv+0x10/0x10 [ 1425.657635][T30724] ? fput+0x67/0x440 [ 1425.661594][T30724] ? ksys_write+0x1ba/0x250 [ 1425.666156][T30724] ? __pfx_ksys_write+0x10/0x10 [ 1425.671064][T30724] ? rcu_is_watching+0x12/0xc0 [ 1425.675892][T30724] ? do_syscall_64+0xcd/0x250 [ 1425.680629][T30724] do_syscall_64+0xcd/0x250 [ 1425.685198][T30724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1425.691148][T30724] RIP: 0033:0x7f7ff9385d29 [ 1425.695603][T30724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1425.715264][T30724] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000046 [ 1425.723717][T30724] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 [ 1425.731721][T30724] RDX: 0200000000000000 RSI: ffffffff81000000 RDI: 0000000000000000 [ 1425.739742][T30724] RBP: 00007f7ff71f6090 R08: 000000000000df66 R09: 0000000000000000 [ 1425.747748][T30724] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 [ 1425.755753][T30724] R13: 0000000000000001 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1425.763765][T30724] ? 0xffffffff81000000 [ 1425.767950][T30724] [ 1426.070679][T30731] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6741'. [ 1426.104576][T30731] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6741'. [ 1426.858641][T30745] sctp: [Deprecated]: syz.0.6745 (pid 30745) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1426.858641][T30745] Use struct sctp_sack_info instead [ 1427.764830][T30780] FAULT_INJECTION: forcing a failure. [ 1427.764830][T30780] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1427.798171][T30780] CPU: 0 UID: 0 PID: 30780 Comm: syz.1.6752 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1427.809021][T30780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1427.819124][T30780] Call Trace: [ 1427.822448][T30780] [ 1427.825426][T30780] dump_stack_lvl+0x16c/0x1f0 [ 1427.830168][T30780] should_fail_ex+0x497/0x5b0 [ 1427.834912][T30780] _copy_from_user+0x2e/0xd0 [ 1427.839577][T30780] copy_msghdr_from_user+0x99/0x160 [ 1427.844857][T30780] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1427.850740][T30780] ? rcu_is_watching+0x12/0xc0 [ 1427.855566][T30780] ? lock_release+0x4e2/0x6f0 [ 1427.860293][T30780] ? get_pid_task+0xfc/0x250 [ 1427.864949][T30780] ___sys_sendmsg+0xff/0x1e0 [ 1427.869607][T30780] ? get_pid_task+0x35/0x250 [ 1427.874269][T30780] ? __pfx____sys_sendmsg+0x10/0x10 [ 1427.879530][T30780] ? lock_release+0x4e2/0x6f0 [ 1427.884272][T30780] ? __pfx_lock_release+0x10/0x10 [ 1427.889345][T30780] ? trace_lock_acquire+0x14e/0x1f0 [ 1427.894620][T30780] ? __fget_files+0x206/0x3a0 [ 1427.899425][T30780] __sys_sendmsg+0x16e/0x220 [ 1427.904086][T30780] ? __pfx___sys_sendmsg+0x10/0x10 [ 1427.909286][T30780] ? rcu_is_watching+0x12/0xc0 [ 1427.914110][T30780] ? rcu_is_watching+0x12/0xc0 [ 1427.918930][T30780] do_syscall_64+0xcd/0x250 [ 1427.923493][T30780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1427.929461][T30780] RIP: 0033:0x7f9898385d29 [ 1427.933926][T30780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1427.953676][T30780] RSP: 002b:00007f98961f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1427.962155][T30780] RAX: ffffffffffffffda RBX: 00007f9898575fa0 RCX: 00007f9898385d29 [ 1427.970173][T30780] RDX: 0000000024004080 RSI: 0000000020000c00 RDI: 0000000000000003 [ 1427.978201][T30780] RBP: 00007f98961f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1427.986222][T30780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1427.994241][T30780] R13: 0000000000000000 R14: 00007f9898575fa0 R15: 00007ffe6d351448 [ 1428.002282][T30780] [ 1428.060657][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1428.077477][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1428.363781][T30784] Process accounting resumed [ 1428.762744][T30812] FAULT_INJECTION: forcing a failure. [ 1428.762744][T30812] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1428.833136][T30812] CPU: 0 UID: 0 PID: 30812 Comm: syz.2.6760 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1428.844000][T30812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1428.854102][T30812] Call Trace: [ 1428.857421][T30812] [ 1428.860403][T30812] dump_stack_lvl+0x16c/0x1f0 [ 1428.865151][T30812] should_fail_ex+0x497/0x5b0 [ 1428.869893][T30812] _copy_from_user+0x2e/0xd0 [ 1428.874551][T30812] copy_msghdr_from_user+0x99/0x160 [ 1428.879829][T30812] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1428.885710][T30812] ? _kstrtoull+0x146/0x200 [ 1428.890270][T30812] ? __pfx__kstrtoull+0x10/0x10 [ 1428.895168][T30812] ? lock_release+0x4e2/0x6f0 [ 1428.899896][T30812] ___sys_sendmsg+0xff/0x1e0 [ 1428.904554][T30812] ? __pfx____sys_sendmsg+0x10/0x10 [ 1428.909829][T30812] ? __pfx_kstrtouint+0x10/0x10 [ 1428.914749][T30812] ? trace_lock_acquire+0x14e/0x1f0 [ 1428.920030][T30812] __sys_sendmmsg+0x201/0x420 [ 1428.924791][T30812] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1428.930065][T30812] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1428.936122][T30812] ? fput+0x67/0x440 [ 1428.940090][T30812] ? ksys_write+0x1ba/0x250 [ 1428.944651][T30812] ? __pfx_ksys_write+0x10/0x10 [ 1428.949560][T30812] __x64_sys_sendmmsg+0x9c/0x100 [ 1428.954571][T30812] do_syscall_64+0xcd/0x250 [ 1428.959144][T30812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1428.965099][T30812] RIP: 0033:0x7f6760f85d29 [ 1428.969557][T30812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1428.989222][T30812] RSP: 002b:00007f675edf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1428.997699][T30812] RAX: ffffffffffffffda RBX: 00007f6761176080 RCX: 00007f6760f85d29 [ 1429.005723][T30812] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1429.013745][T30812] RBP: 00007f675edf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1429.021780][T30812] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000001 [ 1429.029805][T30812] R13: 0000000000000000 R14: 00007f6761176080 R15: 00007ffd38dc2df8 [ 1429.037921][T30812] [ 1431.042296][T30851] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6770'. [ 1432.111694][T30885] device-mapper: ioctl: only supply one of name or uuid, cmd(17) [ 1434.635893][T30959] Process accounting resumed [ 1434.648064][T30953] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6802'. [ 1434.665341][T30953] geneve1: entered allmulticast mode [ 1435.739146][T30981] FAULT_INJECTION: forcing a failure. [ 1435.739146][T30981] name failslab, interval 1, probability 0, space 0, times 0 [ 1435.796764][T30981] CPU: 0 UID: 0 PID: 30981 Comm: syz.5.6810 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1435.807627][T30981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1435.817727][T30981] Call Trace: [ 1435.821035][T30981] [ 1435.824010][T30981] dump_stack_lvl+0x16c/0x1f0 [ 1435.828741][T30981] should_fail_ex+0x497/0x5b0 [ 1435.833474][T30981] ? fs_reclaim_acquire+0xae/0x150 [ 1435.838639][T30981] should_failslab+0xc2/0x120 [ 1435.843377][T30981] __kmalloc_node_noprof+0xd1/0x520 [ 1435.848741][T30981] ? __pfx___mutex_lock+0x10/0x10 [ 1435.853835][T30981] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 1435.859361][T30981] __kvmalloc_node_noprof+0xad/0x1a0 [ 1435.864709][T30981] traverse.part.0.constprop.0+0x392/0x640 [ 1435.870567][T30981] ? aa_file_perm+0x142/0xfe0 [ 1435.875293][T30981] seq_read_iter+0x934/0x12b0 [ 1435.880023][T30981] ? __pfx_kstrtouint+0x10/0x10 [ 1435.884922][T30981] ? __pfx_aa_file_perm+0x10/0x10 [ 1435.890018][T30981] seq_read+0x39f/0x4e0 [ 1435.894228][T30981] ? __pfx_seq_read+0x10/0x10 [ 1435.898953][T30981] ? lock_acquire+0x2f/0xb0 [ 1435.903510][T30981] ? lock_release+0x4e2/0x6f0 [ 1435.908238][T30981] ? bpf_lsm_file_permission+0x9/0x10 [ 1435.913690][T30981] ? security_file_permission+0x71/0x210 [ 1435.919381][T30981] ? __pfx_seq_read+0x10/0x10 [ 1435.924108][T30981] vfs_read+0x1df/0xbe0 [ 1435.928322][T30981] ? __pfx_vfs_read+0x10/0x10 [ 1435.933054][T30981] ? __pfx_vfs_write+0x10/0x10 [ 1435.937873][T30981] ? do_sys_openat2+0xb1/0x1e0 [ 1435.942699][T30981] ? __pfx_do_sys_openat2+0x10/0x10 [ 1435.947966][T30981] ? put_files_struct+0x3b/0x370 [ 1435.952971][T30981] __x64_sys_pread64+0x1f6/0x250 [ 1435.957974][T30981] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1435.963492][T30981] ? rcu_is_watching+0x12/0xc0 [ 1435.968315][T30981] ? rcu_is_watching+0x12/0xc0 [ 1435.973145][T30981] do_syscall_64+0xcd/0x250 [ 1435.977712][T30981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1435.983664][T30981] RIP: 0033:0x7f7ff9385d29 [ 1435.988116][T30981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1436.007784][T30981] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1436.016250][T30981] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 [ 1436.024267][T30981] RDX: 00000000000000a8 RSI: 0000000000000000 RDI: 0000000000000000 [ 1436.032277][T30981] RBP: 00007f7ff71f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1436.040297][T30981] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 1436.048322][T30981] R13: 0000000000000000 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1436.056350][T30981] [ 1436.062435][T30972] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1436.074820][T30972] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1436.095206][T30972] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1436.101213][T30972] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1436.117975][T30972] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1436.144688][T30972] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1436.151665][T30972] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1436.180835][T30972] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1436.187415][T30972] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1436.203335][T30972] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1436.476460][T30996] mtrr: base(0x1000) is not aligned on a size(0x10000000) boundary [ 1437.153530][T29583] Bluetooth: hci2: command 0x0406 tx timeout [ 1438.112886][T29583] Bluetooth: hci1: command 0x0406 tx timeout [ 1438.202905][T29583] Bluetooth: hci0: command 0x0c1a tx timeout [ 1438.203372][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 1439.232346][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 1439.462513][T31049] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6829'. [ 1440.192777][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 1440.274420][T29583] Bluetooth: hci0: command 0x0c1a tx timeout [ 1440.280521][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 1441.421437][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1441.430073][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1441.451336][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1441.916626][T31088] could not allocate digest TFM handle binfmt_misc [ 1441.931357][T31096] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1442.076293][T31099] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1442.096095][T31099] FAULT_INJECTION: forcing a failure. [ 1442.096095][T31099] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1442.122022][T31099] CPU: 0 UID: 0 PID: 31099 Comm: syz.0.6845 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1442.132874][T31099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1442.142977][T31099] Call Trace: [ 1442.146292][T31099] [ 1442.149259][T31099] dump_stack_lvl+0x16c/0x1f0 [ 1442.154001][T31099] should_fail_ex+0x497/0x5b0 [ 1442.158743][T31099] _copy_from_user+0x2e/0xd0 [ 1442.163400][T31099] kstrtouint_from_user+0xd7/0x1c0 [ 1442.168573][T31099] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1442.174351][T31099] ? __mutex_trylock_common+0xea/0x250 [ 1442.179871][T31099] proc_fail_nth_write+0x84/0x250 [ 1442.184964][T31099] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1442.190667][T31099] ? ksys_write+0x12b/0x250 [ 1442.195229][T31099] ? lock_acquire+0x2f/0xb0 [ 1442.199779][T31099] ? ksys_write+0x12b/0x250 [ 1442.204337][T31099] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1442.210036][T31099] vfs_write+0x24c/0x1150 [ 1442.214425][T31099] ? __fget_files+0x1fc/0x3a0 [ 1442.219160][T31099] ? __pfx___mutex_lock+0x10/0x10 [ 1442.224242][T31099] ? __pfx_vfs_write+0x10/0x10 [ 1442.229063][T31099] ? __fget_files+0x206/0x3a0 [ 1442.233814][T31099] ksys_write+0x12b/0x250 [ 1442.238196][T31099] ? __pfx_ksys_write+0x10/0x10 [ 1442.243108][T31099] ? rcu_is_watching+0x12/0xc0 [ 1442.247939][T31099] ? rcu_is_watching+0x12/0xc0 [ 1442.252764][T31099] do_syscall_64+0xcd/0x250 [ 1442.257343][T31099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1442.263306][T31099] RIP: 0033:0x7fc8faf847df [ 1442.267767][T31099] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 1442.287433][T31099] RSP: 002b:00007fc8fbd71030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1442.295906][T31099] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc8faf847df [ 1442.303929][T31099] RDX: 0000000000000001 RSI: 00007fc8fbd710a0 RDI: 0000000000000004 [ 1442.311950][T31099] RBP: 00007fc8fbd71090 R08: 0000000000000000 R09: 0000000000000000 [ 1442.319968][T31099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1442.327989][T31099] R13: 0000000000000000 R14: 00007fc8fb175fa0 R15: 00007fffee956688 [ 1442.336021][T31099] [ 1442.360739][T29583] Bluetooth: hci0: command 0x0c1a tx timeout [ 1442.366815][T29583] Bluetooth: hci3: command 0x0c1a tx timeout [ 1442.934492][T31115] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1444.071686][T31122] could not allocate digest TFM handle binfmt_misc [ 1444.974686][T31148] vivid-013: ================= START STATUS ================= [ 1444.999482][T31148] vivid-013: Generate PTS: true [ 1445.014687][T31148] vivid-013: Generate SCR: true [ 1445.036093][T31148] tpg source WxH: 640x360 (Y'CbCr) [ 1445.046196][T31148] tpg field: 1 [ 1445.049808][T31148] tpg crop: 640x360@0x0 [ 1445.064654][T31148] tpg compose: 640x360@0x0 [ 1445.084588][T31148] tpg colorspace: 8 [ 1445.088469][T31148] tpg transfer function: 0/0 [ 1445.099431][T31148] tpg Y'CbCr encoding: 0/0 [ 1445.109693][T31148] tpg quantization: 0/0 [ 1445.141051][T31148] tpg RGB range: 0/2 [ 1445.145071][T31148] vivid-013: ================== END STATUS ================== [ 1446.491748][T31175] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6862'. [ 1446.993953][T31175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1447.151052][T31175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1447.210221][T31175] bond0 (unregistering): Released all slaves [ 1448.813815][T31203] vivid-013: ================= START STATUS ================= [ 1448.832770][T31203] vivid-013: Generate PTS: true [ 1448.858277][T31203] vivid-013: Generate SCR: true [ 1448.864389][T31203] tpg source WxH: 640x360 (Y'CbCr) [ 1448.910389][T31203] tpg field: 1 [ 1448.913843][T31203] tpg crop: 640x360@0x0 [ 1448.934035][T31203] tpg compose: 640x360@0x0 [ 1448.976006][T31203] tpg colorspace: 8 [ 1449.007440][T31203] tpg transfer function: 0/0 [ 1449.044810][T31203] tpg Y'CbCr encoding: 0/0 [ 1449.053530][T31203] tpg quantization: 0/0 [ 1449.090889][T31203] tpg RGB range: 0/2 [ 1449.103724][T31203] vivid-013: ================== END STATUS ================== [ 1451.978755][T31276] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1452.335990][T31280] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1455.274195][T31344] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 1455.833613][T31337] kexec: Could not allocate control_code_buffer [ 1456.801011][T31376] FAULT_INJECTION: forcing a failure. [ 1456.801011][T31376] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1456.814302][T31376] CPU: 0 UID: 0 PID: 31376 Comm: syz.5.6920 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1456.825128][T31376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1456.835393][T31376] Call Trace: [ 1456.838708][T31376] [ 1456.841671][T31376] dump_stack_lvl+0x16c/0x1f0 [ 1456.846408][T31376] should_fail_ex+0x497/0x5b0 [ 1456.851149][T31376] strncpy_from_user+0x3b/0x2d0 [ 1456.856064][T31376] getname_flags.part.0+0x8f/0x550 [ 1456.861257][T31376] getname+0x8d/0xe0 [ 1456.865216][T31376] __x64_sys_execve+0x72/0xb0 [ 1456.869948][T31376] do_syscall_64+0xcd/0x250 [ 1456.874511][T31376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1456.880899][T31376] RIP: 0033:0x7f7ff9385d29 [ 1456.885363][T31376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1456.905030][T31376] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1456.913762][T31376] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 [ 1456.921789][T31376] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000020000180 [ 1456.929930][T31376] RBP: 00007f7ff71f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1456.937954][T31376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1456.945973][T31376] R13: 0000000000000000 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1456.954006][T31376] [ 1464.070242][T31468] kernel profiling enabled (shift: 8) [ 1464.416074][T31472] netlink: 146 bytes leftover after parsing attributes in process `syz.1.6952'. [ 1464.737392][T31482] Process accounting resumed [ 1464.957560][T31486] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1466.285022][T31513] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6963'. [ 1467.092786][T31531] delete_channel: no stack [ 1468.797626][T31557] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6977'. [ 1469.159459][T31563] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6979'. [ 1469.306807][T31565] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6980'. [ 1469.340838][T31565] bridge_slave_0 (unregistering): left allmulticast mode [ 1469.354746][T31565] bridge_slave_0 (unregistering): left promiscuous mode [ 1469.375495][T31565] bridge0: port 1(bridge_slave_0) entered disabled state [ 1472.413813][T31619] binder: BINDER_SET_CONTEXT_MGR already set [ 1472.430957][T31619] binder: 31618:31619 ioctl 4018620d 9 returned -16 [ 1474.124519][T31632] Process accounting resumed [ 1474.144653][T31637] [U] [ 1474.147458][T31637] [U] [ 1474.150220][T31637] [U] [ 1474.152982][T31637] [U] [ 1474.187039][T31631] Process accounting resumed [ 1474.194703][T31637] [U] [ 1474.197494][T31637] [U] [ 1474.200248][T31637] [U] [ 1474.202999][T31637] [U] [ 1474.206146][T31637] [U] [ 1474.208929][T31637] [U] [ 1474.211680][T31637] [U] [ 1474.214430][T31637] [U] [ 1474.217678][T31637] [U] [ 1474.220447][T31637] [U] [ 1474.223206][T31637] [U] [ 1474.225957][T31637] [U] [ 1474.229360][T31637] [U] [ 1474.232140][T31637] [U] [ 1474.234904][T31637] [U] [ 1474.237661][T31637] [U] [ 1474.265068][T31637] [U] [ 1474.267905][T31637] [U] [ 1474.270668][T31637] [U] [ 1474.273424][T31637] [U] [ 1474.285064][T31637] [U] [ 1474.287889][T31637] [U] [ 1474.290650][T31637] [U] [ 1474.293449][T31637] [U] [ 1474.315025][T31637] [U] [ 1474.317824][T31637] [U] [ 1474.320593][T31637] [U] [ 1474.323375][T31637] [U] [ 1474.335067][T31637] [U] [ 1474.337881][T31637] [U] [ 1474.340644][T31637] [U] [ 1474.343407][T31637] [U] [ 1474.364956][T31637] [U] [ 1474.367766][T31637] [U] [ 1474.370549][T31637] [U] [ 1474.373304][T31637] [U] [ 1474.376436][T31637] [U] [ 1474.379202][T31637] [U] [ 1474.381963][T31637] [U] [ 1474.384716][T31637] [U] [ 1474.405663][T31637] [U] [ 1474.408468][T31637] [U] [ 1474.411231][T31637] [U] [ 1474.413990][T31637] [U] [ 1474.435015][T31637] [U] [ 1474.437816][T31637] [U] [ 1474.440603][T31637] [U] [ 1474.443386][T31637] [U] [ 1474.464923][T31637] [U] [ 1474.467722][T31637] [U] [ 1474.470473][T31637] [U] [ 1474.473230][T31637] [U] [ 1474.484997][T31637] [U] [ 1474.487833][T31637] [U] [ 1474.490597][T31637] [U] [ 1474.493356][T31637] [U] [ 1474.505337][T31637] [U] [ 1474.508132][T31637] [U] [ 1474.511101][T31637] [U] [ 1474.513873][T31637] [U] [ 1474.534921][T31637] [U] [ 1474.537717][T31637] [U] [ 1474.540472][T31637] [U] [ 1474.543261][T31637] [U] [ 1474.556064][T31637] [U] [ 1474.558864][T31637] [U] [ 1474.561615][T31637] [U] [ 1474.564368][T31637] [U] [ 1474.585159][T31637] [U] [ 1474.587961][T31637] [U] [ 1474.590714][T31637] [U] [ 1474.593469][T31637] [U] [ 1474.605273][T31637] [U] [ 1474.608061][T31637] [U] [ 1474.610824][T31637] [U] [ 1474.613578][T31637] [U] [ 1474.634864][T31637] [U] [ 1474.637659][T31637] [U] [ 1474.640415][T31637] [U] [ 1474.643174][T31637] [U] [ 1474.654852][T31637] [U] [ 1474.657644][T31637] [U] [ 1474.660400][T31637] [U] [ 1474.663155][T31637] [U] [ 1474.684930][T31637] [U] [ 1474.687736][T31637] [U] [ 1474.690530][T31637] [U] [ 1474.693281][T31637] [U] [ 1474.704788][T31637] [U] [ 1474.707599][T31637] [U] [ 1474.710355][T31637] [U] [ 1474.713125][T31637] [U] [ 1474.724830][T31637] [U] [ 1474.727621][T31637] [U] [ 1474.730383][T31637] [U] [ 1474.733140][T31637] [U] [ 1474.754739][T31637] [U] [ 1474.757547][T31637] [U] [ 1474.760305][T31637] [U] [ 1474.763068][T31637] [U] [ 1474.774866][T31637] [U] [ 1474.777663][T31637] [U] [ 1474.780417][T31637] [U] [ 1474.783175][T31637] [U] [ 1474.794702][T31637] [U] [ 1474.797502][T31637] [U] [ 1474.800261][T31637] [U] [ 1474.803045][T31637] [U] [ 1474.815307][T31637] [U] [ 1474.818182][T31637] [U] [ 1474.820942][T31637] [U] [ 1474.823699][T31637] [U] [ 1474.844659][T31637] [U] [ 1474.847460][T31637] [U] [ 1474.850217][T31637] [U] [ 1474.852975][T31637] [U] [ 1474.892871][T31636] [U] [ 1475.266363][T31653] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7003'. [ 1475.570466][T31666] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1476.140383][T31679] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7015'. [ 1477.052830][T31710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7020'. [ 1477.088842][T31710] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 1477.307404][T31713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7022'. [ 1477.831629][T31726] FAULT_INJECTION: forcing a failure. [ 1477.831629][T31726] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.850406][T31726] CPU: 1 UID: 0 PID: 31726 Comm: syz.0.7026 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1477.861256][T31726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1477.871358][T31726] Call Trace: [ 1477.874676][T31726] [ 1477.877642][T31726] dump_stack_lvl+0x16c/0x1f0 [ 1477.882386][T31726] should_fail_ex+0x497/0x5b0 [ 1477.887129][T31726] _copy_to_iter+0x4a5/0x1400 [ 1477.891883][T31726] ? __pfx__copy_to_iter+0x10/0x10 [ 1477.897236][T31726] ? __virt_addr_valid+0x1a4/0x590 [ 1477.902417][T31726] ? __virt_addr_valid+0x5e/0x590 [ 1477.907509][T31726] ? __phys_addr_symbol+0x30/0x80 [ 1477.912624][T31726] ? __check_object_size+0x488/0x710 [ 1477.917984][T31726] seq_read_iter+0xd00/0x12b0 [ 1477.922718][T31726] seq_read+0x39f/0x4e0 [ 1477.926923][T31726] ? __pfx_seq_read+0x10/0x10 [ 1477.931648][T31726] ? __pfx_lock_release+0x10/0x10 [ 1477.936731][T31726] ? lock_acquire+0x2f/0xb0 [ 1477.941294][T31726] ? apparmor_file_permission+0x251/0x400 [ 1477.947085][T31726] ? __pfx_seq_read+0x10/0x10 [ 1477.951818][T31726] proc_reg_read+0x23d/0x330 [ 1477.956479][T31726] ? __pfx_proc_reg_read+0x10/0x10 [ 1477.961645][T31726] vfs_read+0x1df/0xbe0 [ 1477.965859][T31726] ? __fget_files+0x1fc/0x3a0 [ 1477.970594][T31726] ? __pfx___mutex_lock+0x10/0x10 [ 1477.975676][T31726] ? __pfx_vfs_read+0x10/0x10 [ 1477.980410][T31726] ? __fget_files+0x206/0x3a0 [ 1477.985147][T31726] ksys_read+0x12b/0x250 [ 1477.989442][T31726] ? __pfx_ksys_read+0x10/0x10 [ 1477.994259][T31726] ? rcu_is_watching+0x12/0xc0 [ 1477.999082][T31726] ? rcu_is_watching+0x12/0xc0 [ 1478.003903][T31726] do_syscall_64+0xcd/0x250 [ 1478.008477][T31726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1478.014432][T31726] RIP: 0033:0x7fc8faf85d29 [ 1478.018904][T31726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1478.038574][T31726] RSP: 002b:00007fc8fbd71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1478.047046][T31726] RAX: ffffffffffffffda RBX: 00007fc8fb175fa0 RCX: 00007fc8faf85d29 [ 1478.055067][T31726] RDX: 0000000000000057 RSI: 0000000020000040 RDI: 0000000000000003 [ 1478.063083][T31726] RBP: 00007fc8fbd71090 R08: 0000000000000000 R09: 0000000000000000 [ 1478.071103][T31726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1478.079122][T31726] R13: 0000000000000000 R14: 00007fc8fb175fa0 R15: 00007fffee956688 [ 1478.087147][T31726] [ 1478.736284][T31758] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 1485.549681][T31796] FAULT_INJECTION: forcing a failure. [ 1485.549681][T31796] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1485.615535][T31796] CPU: 0 UID: 0 PID: 31796 Comm: syz.0.7042 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1485.626398][T31796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1485.636532][T31796] Call Trace: [ 1485.639848][T31796] [ 1485.642812][T31796] dump_stack_lvl+0x16c/0x1f0 [ 1485.647550][T31796] should_fail_ex+0x497/0x5b0 [ 1485.652290][T31796] _copy_to_user+0x32/0xd0 [ 1485.656810][T31796] simple_read_from_buffer+0xd0/0x160 [ 1485.662233][T31796] proc_fail_nth_read+0x198/0x270 [ 1485.667322][T31796] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1485.672963][T31796] ? bpf_lsm_file_permission+0x9/0x10 [ 1485.678407][T31796] ? security_file_permission+0x71/0x210 [ 1485.684098][T31796] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1485.689717][T31796] vfs_read+0x1df/0xbe0 [ 1485.693930][T31796] ? __fget_files+0x1fc/0x3a0 [ 1485.698662][T31796] ? __pfx___mutex_lock+0x10/0x10 [ 1485.703746][T31796] ? __pfx_vfs_read+0x10/0x10 [ 1485.708484][T31796] ? __fget_files+0x206/0x3a0 [ 1485.713231][T31796] ksys_read+0x12b/0x250 [ 1485.717525][T31796] ? __pfx_ksys_read+0x10/0x10 [ 1485.722352][T31796] ? rcu_is_watching+0x12/0xc0 [ 1485.727174][T31796] ? rcu_is_watching+0x12/0xc0 [ 1485.732013][T31796] do_syscall_64+0xcd/0x250 [ 1485.736575][T31796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1485.742530][T31796] RIP: 0033:0x7fc8faf8473c [ 1485.746987][T31796] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1485.766648][T31796] RSP: 002b:00007fc8fbd71030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1485.775118][T31796] RAX: ffffffffffffffda RBX: 00007fc8fb175fa0 RCX: 00007fc8faf8473c [ 1485.783142][T31796] RDX: 000000000000000f RSI: 00007fc8fbd710a0 RDI: 0000000000000004 [ 1485.791174][T31796] RBP: 00007fc8fbd71090 R08: 0000000000000000 R09: 0000000000000000 [ 1485.799237][T31796] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 1485.807254][T31796] R13: 0000000000000000 R14: 00007fc8fb175fa0 R15: 00007fffee956688 [ 1485.815466][T31796] [ 1488.468099][T31830] lo: entered promiscuous mode [ 1488.530246][T31832] lo: left promiscuous mode [ 1489.451473][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1489.465178][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1494.511567][T29583] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1494.519720][T29583] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1494.529686][T29583] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1494.537679][T29583] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1494.545734][T29583] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1494.553029][T29583] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1495.144634][T31873] chnl_net:caif_netlink_parms(): no params data found [ 1495.365370][T31873] bridge0: port 1(bridge_slave_0) entered blocking state [ 1495.392889][T31873] bridge0: port 1(bridge_slave_0) entered disabled state [ 1495.425613][T31873] bridge_slave_0: entered allmulticast mode [ 1495.432626][T31873] bridge_slave_0: entered promiscuous mode [ 1495.449067][T31873] bridge0: port 2(bridge_slave_1) entered blocking state [ 1495.475050][T31873] bridge0: port 2(bridge_slave_1) entered disabled state [ 1495.482320][T31873] bridge_slave_1: entered allmulticast mode [ 1495.495090][T31873] bridge_slave_1: entered promiscuous mode [ 1495.667050][T31873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1495.721328][T31873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1495.745437][T31888] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7064'. [ 1495.885180][T31742] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1496.029570][T31873] team0: Port device team_slave_0 added [ 1496.045854][T31873] team0: Port device team_slave_1 added [ 1496.124019][T31742] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1496.184699][T31873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1496.205831][T31873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1496.303880][T31873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1496.345092][T31873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1496.352134][T31873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1496.453693][T31873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1496.643653][ T5840] Bluetooth: hci4: command tx timeout [ 1496.868539][T31742] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1496.979581][T31742] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1497.077222][T31873] hsr_slave_0: entered promiscuous mode [ 1497.091228][T31873] hsr_slave_1: entered promiscuous mode [ 1497.097498][T31873] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1497.119459][T31873] Cannot create hsr debugfs directory [ 1497.318261][T31893] openvswitch: netlink: VXLAN extension 0 has unexpected len 1 expected 0 [ 1497.342829][T31742] bridge_slave_1: left allmulticast mode [ 1497.365014][T31742] bridge_slave_1: left promiscuous mode [ 1497.385324][T31742] bridge0: port 2(bridge_slave_1) entered disabled state [ 1497.444716][T31742] bridge_slave_0: left allmulticast mode [ 1497.458487][T31742] bridge_slave_0: left promiscuous mode [ 1497.481192][T31742] bridge0: port 1(bridge_slave_0) entered disabled state [ 1497.733775][T31902] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.7069'. [ 1497.843886][T31742] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1497.878586][T31742] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1497.915534][T31742] bond0 (unregistering): Released all slaves [ 1498.024658][T31742] HfR: left promiscuous mode [ 1498.211000][T31919] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 1498.216026][T31873] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1498.259450][T31873] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1498.297245][T31873] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1498.420088][T31873] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1498.635055][T31742] hsr_slave_0: left promiscuous mode [ 1498.666460][T31742] hsr_slave_1: left promiscuous mode [ 1498.673183][T31742] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1498.680843][T31742] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1498.693176][T31742] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1498.700744][T31742] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1498.719646][T31742] veth1_macvtap: left promiscuous mode [ 1498.725526][ T5840] Bluetooth: hci4: command tx timeout [ 1498.739520][T31742] veth0_macvtap: left promiscuous mode [ 1498.759768][T31742] veth1_vlan: left promiscuous mode [ 1498.777784][T31742] veth0_vlan: left promiscuous mode [ 1498.972455][T31944] program syz.1.7076 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1498.989955][T31944] futex_wake_op: syz.1.7076 tries to shift op by 64; fix this program [ 1499.045429][T31742] team0 (unregistering): Port device team_slave_1 removed [ 1499.067780][T31742] team0 (unregistering): Port device team_slave_0 removed [ 1499.274015][T31934] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1499.293130][T31934] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1499.318428][T31873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1499.332699][T31934] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1499.358612][T31934] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1499.386110][T31873] 8021q: adding VLAN 0 to HW filter on device team0 [ 1499.386284][T31934] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1499.406768][T31739] bridge0: port 1(bridge_slave_0) entered blocking state [ 1499.413948][T31739] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1499.422873][T31934] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1499.528766][T24362] bridge0: port 2(bridge_slave_1) entered blocking state [ 1499.535988][T24362] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1499.825526][T31972] netlink: 11 bytes leftover after parsing attributes in process `syz.0.7079'. [ 1500.127835][T31873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1500.647251][T31873] veth0_vlan: entered promiscuous mode [ 1500.690184][T31873] veth1_vlan: entered promiscuous mode [ 1500.793912][T31873] veth0_macvtap: entered promiscuous mode [ 1500.828194][T31873] veth1_macvtap: entered promiscuous mode [ 1500.858754][T31873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.879786][T31873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.902721][T31873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.929164][T31873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.953002][T31873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.974808][T31873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.998792][T31873] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1501.026980][T31873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.073542][T31873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.111655][T31873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.141326][T31873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.166081][T31873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.193638][T31873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.215615][T31873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.251289][T31873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.281303][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 1501.287732][T31873] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1501.311930][T31873] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1501.320856][T31873] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1501.329898][T31873] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1501.339074][T31873] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1501.361433][ T5840] Bluetooth: hci4: command 0x0419 tx timeout [ 1501.365547][T29583] Bluetooth: hci0: command 0x0c1a tx timeout [ 1501.367751][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 1501.574794][T24358] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1501.585161][T24358] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1501.692191][T24368] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1501.731455][T24368] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1503.222623][T32099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7092'. [ 1503.372727][T32104] openvswitch: netlink: IP tunnel dst address not specified [ 1503.440306][T32039] Bluetooth: hci4: command 0x0419 tx timeout [ 1505.312273][T32205] delete_channel: no stack [ 1505.407845][T32208] FAULT_INJECTION: forcing a failure. [ 1505.407845][T32208] name failslab, interval 1, probability 0, space 0, times 0 [ 1505.458896][T32208] CPU: 0 UID: 0 PID: 32208 Comm: syz.0.7103 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1505.469925][T32208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1505.480028][T32208] Call Trace: [ 1505.483354][T32208] [ 1505.486320][T32208] dump_stack_lvl+0x16c/0x1f0 [ 1505.491059][T32208] should_fail_ex+0x497/0x5b0 [ 1505.495808][T32208] ? fs_reclaim_acquire+0xae/0x150 [ 1505.500976][T32208] should_failslab+0xc2/0x120 [ 1505.505717][T32208] __kmalloc_noprof+0xce/0x4f0 [ 1505.510541][T32208] ? __pfx___might_resched+0x10/0x10 [ 1505.515878][T32208] ? reacquire_held_locks+0x481/0x4c0 [ 1505.521292][T32208] ? load_msg+0x118/0x470 [ 1505.525684][T32208] load_msg+0x118/0x470 [ 1505.529897][T32208] ? 0xffffffff81000000 [ 1505.534090][T32208] do_msgrcv+0x20f/0x1690 [ 1505.538472][T32208] ? __pfx_do_msg_fill+0x10/0x10 [ 1505.543459][T32208] ? 0xffffffff81000000 [ 1505.547650][T32208] ? __fget_files+0x206/0x3a0 [ 1505.552380][T32208] ? __pfx_do_msgrcv+0x10/0x10 [ 1505.557196][T32208] ? fput+0x67/0x440 [ 1505.561154][T32208] ? ksys_write+0x1ba/0x250 [ 1505.565718][T32208] ? __pfx_ksys_write+0x10/0x10 [ 1505.570627][T32208] ? rcu_is_watching+0x12/0xc0 [ 1505.575449][T32208] ? do_syscall_64+0xcd/0x250 [ 1505.580183][T32208] do_syscall_64+0xcd/0x250 [ 1505.584747][T32208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1505.590747][T32208] RIP: 0033:0x7fc8faf85d29 [ 1505.595206][T32208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1505.614870][T32208] RSP: 002b:00007fc8fbd71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000046 [ 1505.623339][T32208] RAX: ffffffffffffffda RBX: 00007fc8fb175fa0 RCX: 00007fc8faf85d29 [ 1505.631358][T32208] RDX: 0200000000000000 RSI: ffffffff81000000 RDI: 0000000000000000 [ 1505.639378][T32208] RBP: 00007fc8fbd71090 R08: 000000000000df66 R09: 0000000000000000 [ 1505.647396][T32208] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 [ 1505.655412][T32208] R13: 0000000000000001 R14: 00007fc8fb175fa0 R15: 00007fffee956688 [ 1505.663440][T32208] ? 0xffffffff81000000 [ 1505.667637][T32208] [ 1505.670842][ C0] vkms_vblank_simulate: vblank timer overrun [ 1505.733625][T32039] Bluetooth: hci4: command 0x0419 tx timeout [ 1507.770147][T32039] Bluetooth: hci4: command 0x0419 tx timeout [ 1507.941661][T32271] FAULT_INJECTION: forcing a failure. [ 1507.941661][T32271] name failslab, interval 1, probability 0, space 0, times 0 [ 1507.975066][T32271] CPU: 0 UID: 0 PID: 32271 Comm: syz.0.7116 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1507.985925][T32271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1507.996028][T32271] Call Trace: [ 1507.999342][T32271] [ 1508.002305][T32271] dump_stack_lvl+0x16c/0x1f0 [ 1508.007052][T32271] should_fail_ex+0x497/0x5b0 [ 1508.011795][T32271] ? fs_reclaim_acquire+0xae/0x150 [ 1508.016956][T32271] should_failslab+0xc2/0x120 [ 1508.021704][T32271] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 1508.027576][T32271] ? is_bpf_text_address+0x30/0x1a0 [ 1508.032850][T32271] ? __alloc_skb+0x2b3/0x380 [ 1508.037514][T32271] ? is_bpf_text_address+0x30/0x1a0 [ 1508.042785][T32271] __alloc_skb+0x2b3/0x380 [ 1508.047262][T32271] ? __pfx___alloc_skb+0x10/0x10 [ 1508.052265][T32271] ? kernel_text_address+0x8d/0x100 [ 1508.057519][T32271] ? kernel_text_address+0x30/0x100 [ 1508.062769][T32271] netlink_alloc_large_skb+0x69/0x130 [ 1508.068193][T32271] netlink_sendmsg+0x689/0xd70 [ 1508.073010][T32271] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1508.078360][T32271] ____sys_sendmsg+0x9ae/0xb40 [ 1508.083188][T32271] ? copy_msghdr_from_user+0x10b/0x160 [ 1508.088714][T32271] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1508.094059][T32271] ? rcu_is_watching+0x12/0xc0 [ 1508.098881][T32271] ? lock_release+0x4e2/0x6f0 [ 1508.103595][T32271] ? get_pid_task+0xfc/0x250 [ 1508.108244][T32271] ___sys_sendmsg+0x135/0x1e0 [ 1508.112981][T32271] ? get_pid_task+0x35/0x250 [ 1508.117630][T32271] ? __pfx____sys_sendmsg+0x10/0x10 [ 1508.122889][T32271] ? lock_release+0x4e2/0x6f0 [ 1508.127614][T32271] ? __pfx_lock_release+0x10/0x10 [ 1508.132682][T32271] ? trace_lock_acquire+0x14e/0x1f0 [ 1508.137943][T32271] ? __fget_files+0x206/0x3a0 [ 1508.142685][T32271] __sys_sendmsg+0x16e/0x220 [ 1508.147341][T32271] ? __pfx___sys_sendmsg+0x10/0x10 [ 1508.152521][T32271] ? rcu_is_watching+0x12/0xc0 [ 1508.157352][T32271] ? rcu_is_watching+0x12/0xc0 [ 1508.162174][T32271] do_syscall_64+0xcd/0x250 [ 1508.166736][T32271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1508.172687][T32271] RIP: 0033:0x7fc8faf85d29 [ 1508.177142][T32271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1508.196804][T32271] RSP: 002b:00007fc8fbd71038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1508.205300][T32271] RAX: ffffffffffffffda RBX: 00007fc8fb175fa0 RCX: 00007fc8faf85d29 [ 1508.213329][T32271] RDX: 0000000024004080 RSI: 0000000020000c00 RDI: 0000000000000003 [ 1508.221354][T32271] RBP: 00007fc8fbd71090 R08: 0000000000000000 R09: 0000000000000000 [ 1508.229375][T32271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1508.237390][T32271] R13: 0000000000000000 R14: 00007fc8fb175fa0 R15: 00007fffee956688 [ 1508.245414][T32271] [ 1508.248547][ C0] vkms_vblank_simulate: vblank timer overrun [ 1508.820153][T32276] netlink: 'syz.1.7118': attribute type 4 has an invalid length. [ 1508.841951][T32276] netlink: 330 bytes leftover after parsing attributes in process `syz.1.7118'. [ 1508.881501][ T29] audit: type=1800 audit(8277292201.223:17): pid=32284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7120" name="discovery_nqn" dev="configfs" ino=112720 res=0 errno=0 [ 1509.455079][T32310] FAULT_INJECTION: forcing a failure. [ 1509.455079][T32310] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1509.468377][T32310] CPU: 0 UID: 0 PID: 32310 Comm: syz.6.7125 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1509.479196][T32310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1509.489301][T32310] Call Trace: [ 1509.492616][T32310] [ 1509.495673][T32310] dump_stack_lvl+0x16c/0x1f0 [ 1509.500411][T32310] should_fail_ex+0x497/0x5b0 [ 1509.505185][T32310] _copy_from_user+0x2e/0xd0 [ 1509.509841][T32310] copy_msghdr_from_user+0x99/0x160 [ 1509.515104][T32310] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1509.520978][T32310] ? kfree+0x274/0x4b0 [ 1509.525097][T32310] ? __pfx__kstrtoull+0x10/0x10 [ 1509.530020][T32310] ? lock_release+0x4e2/0x6f0 [ 1509.534751][T32310] ___sys_sendmsg+0xff/0x1e0 [ 1509.539407][T32310] ? __pfx____sys_sendmsg+0x10/0x10 [ 1509.544674][T32310] ? __pfx_kstrtouint+0x10/0x10 [ 1509.549590][T32310] ? rcu_is_watching+0x12/0xc0 [ 1509.554431][T32310] ? __pfx___might_resched+0x10/0x10 [ 1509.559777][T32310] ? __might_fault+0xe3/0x190 [ 1509.564520][T32310] __sys_sendmmsg+0x201/0x420 [ 1509.569274][T32310] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1509.574542][T32310] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1509.580591][T32310] ? fput+0x67/0x440 [ 1509.584550][T32310] ? ksys_write+0x1ba/0x250 [ 1509.589112][T32310] ? __pfx_ksys_write+0x10/0x10 [ 1509.594026][T32310] __x64_sys_sendmmsg+0x9c/0x100 [ 1509.599032][T32310] do_syscall_64+0xcd/0x250 [ 1509.603595][T32310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1509.609554][T32310] RIP: 0033:0x7f7db7785d29 [ 1509.614016][T32310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1509.633681][T32310] RSP: 002b:00007f7db85b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1509.642149][T32310] RAX: ffffffffffffffda RBX: 00007f7db7976080 RCX: 00007f7db7785d29 [ 1509.650170][T32310] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1509.658196][T32310] RBP: 00007f7db85b4090 R08: 0000000000000000 R09: 0000000000000000 [ 1509.666230][T32310] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000001 [ 1509.674256][T32310] R13: 0000000000000000 R14: 00007f7db7976080 R15: 00007ffd342ebf48 [ 1509.682284][T32310] [ 1509.685359][ C0] vkms_vblank_simulate: vblank timer overrun [ 1511.539737][ T29] audit: type=1800 audit(8277292203.884:18): pid=32344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=FFFFF2FFFFFFF2FFFFFFF2FFFFFFF2 name="features" dev="configfs" ino=112908 res=0 errno=0 [ 1511.860263][T32344] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI [ 1511.872948][T32344] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [ 1511.881412][T32344] CPU: 0 UID: 0 PID: 32344 Comm: Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 1511.892670][T32344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1511.902783][T32344] RIP: 0010:tomoyo_print_entry+0x83/0x2720 [ 1511.908669][T32344] Code: f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 38 01 00 00 31 c0 e8 6e f1 48 fd 48 8d 7d 19 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <0f> b6 04 18 38 d0 7f 08 84 c0 0f 85 2e 14 00 00 49 8d 8e f3 00 00 [ 1511.928346][T32344] RSP: 0018:ffffc9000c07fa90 EFLAGS: 00010202 [ 1511.934485][T32344] RAX: 0000000000000003 RBX: dffffc0000000000 RCX: ffffc9000d171000 [ 1511.942512][T32344] RDX: 0000000000000001 RSI: ffffffff84505de2 RDI: 0000000000000019 [ 1511.950537][T32344] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1511.958564][T32344] R10: 0000000000000000 R11: 0000000000000000 R12: ffffed1012942b1a [ 1511.966591][T32344] R13: ffff88807dbee910 R14: ffff888094a15800 R15: 0000000000000000 [ 1511.974622][T32344] FS: 00007f7ff71f66c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1511.983616][T32344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1511.990265][T32344] CR2: 0000000000007000 CR3: 0000000068f42000 CR4: 00000000003526f0 [ 1511.998298][T32344] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1512.006630][T32344] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1512.014658][T32344] Call Trace: [ 1512.017984][T32344] [ 1512.020965][T32344] ? die_addr+0x3b/0xa0 [ 1512.025172][T32344] ? exc_general_protection+0x155/0x230 [ 1512.030799][T32344] ? asm_exc_general_protection+0x26/0x30 [ 1512.036597][T32344] ? tomoyo_print_entry+0x72/0x2720 [ 1512.041866][T32344] ? tomoyo_print_entry+0x83/0x2720 [ 1512.047134][T32344] ? __might_fault+0x13b/0x190 [ 1512.051975][T32344] ? __pfx_lock_release+0x10/0x10 [ 1512.057065][T32344] ? __virt_addr_valid+0x1a4/0x590 [ 1512.062251][T32344] ? __pfx_tomoyo_print_entry+0x10/0x10 [ 1512.067876][T32344] ? lock_acquire+0x2f/0xb0 [ 1512.072441][T32344] ? __might_fault+0xe3/0x190 [ 1512.077196][T32344] ? __might_fault+0xe3/0x190 [ 1512.081948][T32344] ? _copy_to_user+0x48/0xd0 [ 1512.086618][T32344] tomoyo_read_domain2+0xa3/0x380 [ 1512.091713][T32344] tomoyo_read_domain+0x3d2/0x9c0 [ 1512.096811][T32344] tomoyo_read_control+0x281/0x510 [ 1512.101986][T32344] ? rw_verify_area+0xd0/0x700 [ 1512.106795][T32344] ? __pfx_tomoyo_read+0x10/0x10 [ 1512.111771][T32344] vfs_read+0x1df/0xbe0 [ 1512.115968][T32344] ? __fget_files+0x1fc/0x3a0 [ 1512.120700][T32344] ? __pfx___mutex_lock+0x10/0x10 [ 1512.125766][T32344] ? __pfx_vfs_read+0x10/0x10 [ 1512.130491][T32344] ? __fget_files+0x206/0x3a0 [ 1512.135207][T32344] ksys_read+0x12b/0x250 [ 1512.139487][T32344] ? __pfx_ksys_read+0x10/0x10 [ 1512.144286][T32344] ? rcu_is_watching+0x12/0xc0 [ 1512.149089][T32344] ? rcu_is_watching+0x12/0xc0 [ 1512.153896][T32344] do_syscall_64+0xcd/0x250 [ 1512.158436][T32344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1512.164369][T32344] RIP: 0033:0x7f7ff9385d29 [ 1512.168807][T32344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1512.188447][T32344] RSP: 002b:00007f7ff71f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1512.196896][T32344] RAX: ffffffffffffffda RBX: 00007f7ff9575fa0 RCX: 00007f7ff9385d29 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1512.204899][T32344] RDX: 000000000000b4d3 RSI: 0000000000000000 RDI: 0000000000000003 [ 1512.212915][T32344] RBP: 00007f7ff9401b08 R08: 0000000000000000 R09: 0000000000000000 [ 1512.220915][T32344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1512.228913][T32344] R13: 0000000000000000 R14: 00007f7ff9575fa0 R15: 00007fffc008fa28 [ 1512.236917][T32344] [ 1512.239954][T32344] Modules linked in: [ 1512.244757][T32344] ---[ end trace 0000000000000000 ]--- [ 1512.310870][T32344] RIP: 0010:tomoyo_print_entry+0x83/0x2720 [ 1512.350394][T32344] Code: f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 38 01 00 00 31 c0 e8 6e f1 48 fd 48 8d 7d 19 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <0f> b6 04 18 38 d0 7f 08 84 c0 0f 85 2e 14 00 00 49 8d 8e f3 00 00 [ 1512.427134][T32344] RSP: 0018:ffffc9000c07fa90 EFLAGS: 00010202 [ 1512.463762][T32344] RAX: 0000000000000003 RBX: dffffc0000000000 RCX: ffffc9000d171000 [ 1512.495640][T32344] RDX: 0000000000000001 RSI: ffffffff84505de2 RDI: 0000000000000019 [ 1512.503703][T32344] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1512.555919][T32344] R10: 0000000000000000 R11: 0000000000000000 R12: ffffed1012942b1a [ 1512.564309][T32344] R13: ffff88807dbee910 R14: ffff888094a15800 R15: 0000000000000000 [ 1512.595585][T32344] FS: 00007f7ff71f66c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1512.604607][T32344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1512.648156][T32344] CR2: 000056499b8a5680 CR3: 0000000068f42000 CR4: 00000000003526f0 [ 1512.659344][T32344] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1512.667659][T32344] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1512.726122][T32344] Kernel panic - not syncing: Fatal exception [ 1512.732685][T32344] Kernel Offset: disabled [ 1512.737029][T32344] Rebooting in 86400 seconds..