last executing test programs: 7m34.740668138s ago: executing program 1 (id=5575): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc4240, 0x0) ioctl$auto(r0, 0x400c4d03, 0x83) setreuid$auto(0x0, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x2dc08f24db163610, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40d81, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000100), 0x0) socket(0x26, 0x80000, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xb, 0x800, 0x800005) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r2 = socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x5, 0x1d, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0x2, 0x8, 0xae, 0x9, 0x2, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x400000, 0x0, 0x80000000000, 0x400000000000000, 0x0, 0x8000000000000000, 0x80000000000000, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffbfe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 7m34.457478531s ago: executing program 1 (id=5577): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x88b82, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)='^', 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) sendmsg$auto_ETHTOOL_MSG_FEC_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="005104", @ANYRES16=r2, @ANYBLOB="11032cbd700001dcdf251d00000020000180080003000700000014000200677265746170300000000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x800) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@ETHTOOL_A_FEC_AUTO={0x5, 0x3, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x8) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video0\x00', 0x240242, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/clear_refs\x00', 0x18801, 0x0) socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0) r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x7, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r4, 0x4030ae7b, 0x0) close_range$auto(0x2, 0x8, 0x0) 7m34.134444646s ago: executing program 1 (id=5581): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x100000, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x3fff, 0xad3, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r3 = open(0x0, 0x261c2, 0x84) r4 = bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) ioctl$auto_TIOCSTI2(r4, 0x5412, 0x0) setns(r3, 0xe020080) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r5 = clone$auto(0x9, 0x3, 0x0, 0x0, 0x7) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x20000010) recvmmsg$auto(0x3, 0x0, 0x80000001, 0x0, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x2272, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_open_procfs$namespace(r5, &(0x7f0000000240)='ns/time\x00') socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xc9, 0xfffffffffffffffc, 0xfd72) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x1000000000008000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) sendmsg$auto_NL80211_CMD_NEW_MPATH(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000427bd7000fbdbdf2517000000b0002c800800010000800000080001000e0000008c0002800400008024000080080002000100000008000200fcffffff08000100ac00000008000100ff7f00002c000080080001000600000008000200010000000800010001000000080002000900000008000200940c000034000080080002000180000008000100040000000800010000000000080001000100000008000200ff0300000800020006000000100002800c00008008000200750f000020001300373e2817490dd95f2ef23c69e27bd6352c68afe79c702b4b1943ce254c00e800ac516e06a95495ea014bc6af766866a9646c8edd5bc602e24d909a1b584f85787d829663087549c3b501d570a63d51d266c4902b40dd0ebffc4c1ce8cccb25586f6050e057238e92"], 0x130}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) fanotify_init$auto(0x5, 0x2000000000002) socket(0x26, 0x80805, 0x0) syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x7) syz_open_procfs$namespace(0x0, &(0x7f0000000040)) syz_open_procfs$namespace(0x0, &(0x7f0000000080)) 7m32.076460106s ago: executing program 1 (id=5588): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0x2, 0x1, 0x0) socket(0x1d, 0x3, 0x1) r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000001c80)='/sys/kernel/debug/block/nbd10/hctx0/tags_bitmap\x00', 0x400, 0x0) r1 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) write$auto_ima_measure_policy_ops_ima_fs(r1, &(0x7f0000000080)="24abef9125eda23d480177235fe93e85e06a09", 0x13) r2 = mq_open$auto(&(0x7f0000000080)='&\'!*\x00', 0x9, 0x6, &(0x7f00000000c0)={0x1, 0x8, 0xfffffffffffffffb, 0x4}) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="810b25bd7000ffdbdf253200000008000300", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r6, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="080027bd7000fedbdf251b0000000800090001000000060096000800000006001000061200000600eb00c3000000060098000400000004007300040008010500d30000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x884}, 0x800) sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="000426bd01000000df25990000000800350080000000"], 0x1c}}, 0x24008811) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r2, &(0x7f0000000040)=""/227, 0xe3) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r0, &(0x7f0000001cc0)=""/123, 0x7b) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r7 = socket(0x1e, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x46, 0x2) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r8, 0x4b47, 0x1) getsockopt$auto(r7, 0x10f, 0x84, 0x0, 0x0) getpeername$auto(0x3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r9, 0x5603, 0x7) 7m29.802658623s ago: executing program 1 (id=5599): truncate$auto(&(0x7f00000000c0)='./file0\x00', 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop12/queue/discard_granularity\x00', 0x80000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/213, 0xd5) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/batadv_slave_1/ioam6_id_wide\x00', 0x101202, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x8000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x0, 0x0) ioctl$auto(0x3, 0x5608, r2) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/neigh/ip_vti0/base_reachable_time_ms\x00', 0x202, 0x0) sendfile$auto(r3, r1, 0x0, 0x48) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000280)='/dev/bus/usb/013/001\x00', 0xc4e00, 0x0) bpf$auto(0x1e, &(0x7f00000000c0)=@raw_tracepoint={0x1009, 0xffffffffffffffff, 0x0, 0x4}, 0x5) r4 = openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/clk/clk_dump\x00', 0x800, 0x0) copy_file_range$auto(r4, &(0x7f0000000200)=0x3, r0, &(0x7f0000000240), 0x8, 0x9) 7m29.187999216s ago: executing program 1 (id=5602): io_uring_setup$auto(0x4, &(0x7f0000000040)={0x7fffffff, 0x7, 0x80000000, 0x4, 0x80000001, 0x10, 0xffffffffffffffff, [0x0, 0x7, 0x40], {0x366, 0x632, 0x200, 0x101, 0x7, 0x8, 0x0, 0x9, 0x8001}, {0x8, 0x83a, 0x4, 0xffffffff, 0x7, 0x7, 0x70, 0x4, 0x7}}) r0 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto_IMADDTIMER(r0, 0x80044940, &(0x7f0000000140)=0x4) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu1/cache/index2/size\x00', 0x180, 0x0) r2 = openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x143980, 0x0) mmap$auto(0x0, 0x4, 0x4000000020df, 0x40eb2, 0x402, 0x300000000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(r3, 0x0, 0x20) read$auto_ptdump_curknl_fops_(r2, &(0x7f0000000000)=""/207, 0xcf) seccomp$auto(0x2, 0x40, 0x0) read$auto(r1, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.7/usb23/23-0:1.0/ep_81/interval\x00', 0x3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/trace\x00', 0x10000, 0x0) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x3a, 0x0, 0x1000) ioctl$auto(r0, 0x8000, r1) close_range$auto(0x2, 0xa, 0x0) 7m13.318501862s ago: executing program 32 (id=5602): io_uring_setup$auto(0x4, &(0x7f0000000040)={0x7fffffff, 0x7, 0x80000000, 0x4, 0x80000001, 0x10, 0xffffffffffffffff, [0x0, 0x7, 0x40], {0x366, 0x632, 0x200, 0x101, 0x7, 0x8, 0x0, 0x9, 0x8001}, {0x8, 0x83a, 0x4, 0xffffffff, 0x7, 0x7, 0x70, 0x4, 0x7}}) r0 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto_IMADDTIMER(r0, 0x80044940, &(0x7f0000000140)=0x4) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu1/cache/index2/size\x00', 0x180, 0x0) r2 = openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x143980, 0x0) mmap$auto(0x0, 0x4, 0x4000000020df, 0x40eb2, 0x402, 0x300000000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(r3, 0x0, 0x20) read$auto_ptdump_curknl_fops_(r2, &(0x7f0000000000)=""/207, 0xcf) seccomp$auto(0x2, 0x40, 0x0) read$auto(r1, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.7/usb23/23-0:1.0/ep_81/interval\x00', 0x3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/trace\x00', 0x10000, 0x0) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x3a, 0x0, 0x1000) ioctl$auto(r0, 0x8000, r1) close_range$auto(0x2, 0xa, 0x0) 5m12.657548108s ago: executing program 3 (id=6259): ioperm$auto(0x7, 0x4, 0xa6) pipe2$auto(0xfffffffffffffffc, 0x3ff) pselect6$auto(0x6, 0xffffffffffffffff, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/freezer.state\x00', 0x8040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003480)=""/247, 0xf7) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video62\x00', 0x81, 0x0) ioctl$auto_v4l2_fops_v4l2_dev(r2, 0xffffffff, 0x0) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='Q}\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000ffdbdf2505000000"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0xd0) 5m12.502606076s ago: executing program 3 (id=6261): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r0 = open(&(0x7f0000000100)='./cgroup\x00', 0x50800, 0x412) getdents$auto(r0, 0x0, 0xde) setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x20000b) 5m12.342364548s ago: executing program 3 (id=6262): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) setuid$auto(0xe) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r0 = open(&(0x7f0000000100)='./cgroup\x00', 0x50800, 0x412) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b6}, {0x4000, 0xfc, 0x9, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x800) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) bpf$auto(0x12, &(0x7f0000000040)=@link_detach, 0x26) getdents$auto(r0, 0x0, 0xde) setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x20000b) 5m12.127676009s ago: executing program 3 (id=6264): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) shutdown$auto(0x200000003, 0x2) newfstatat$auto(0xffffffffffffff9c, 0x0, &(0x7f0000000380)={0x5, 0x6, 0xa9, 0x4, 0x0, 0xee01, 0x0, 0x6, 0x3, 0x0, 0x4, 0x8, 0xbc, 0x1, 0x4, 0x0, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) (fail_nth: 1) 5m11.934396304s ago: executing program 3 (id=6266): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) shutdown$auto(0x200000003, 0x2) newfstatat$auto(0xffffffffffffff9c, 0x0, &(0x7f0000000380)={0x5, 0x6, 0xa9, 0x4, 0x0, 0xee01, 0x0, 0x6, 0x3, 0x0, 0x4, 0x8, 0xbc, 0x1, 0x4, 0x0, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) 5m11.779638199s ago: executing program 3 (id=6267): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x28, 0x801, 0x0) r1 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim6/ports/0/pp_hold\x00', 0x40, 0x0) connect$auto(r0, &(0x7f00000000c0)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e24, 0x4}}, 0x4d) read$auto_nsim_pp_hold_fops_netdev(r1, &(0x7f0000000280)=""/221, 0xdd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r2, 0x0, 0x1) r3 = openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/options/blk_cgroup\x00', 0x5, 0x0) write$auto(r3, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) r4 = socket(0x2, 0x1, 0x0) getsockopt$auto(r4, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x3b) shutdown$auto(0x200000003, 0x2) newfstatat$auto(0xffffffffffffff9c, 0x0, &(0x7f0000000380)={0x5, 0x6, 0xa9, 0x4, 0x0, 0xee01, 0x0, 0x6, 0x3, 0x0, 0x4, 0x8, 0xbc, 0x1, 0x4, 0x0, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) 4m56.556096025s ago: executing program 33 (id=6267): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x28, 0x801, 0x0) r1 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim6/ports/0/pp_hold\x00', 0x40, 0x0) connect$auto(r0, &(0x7f00000000c0)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e24, 0x4}}, 0x4d) read$auto_nsim_pp_hold_fops_netdev(r1, &(0x7f0000000280)=""/221, 0xdd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r2, 0x0, 0x1) r3 = openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/options/blk_cgroup\x00', 0x5, 0x0) write$auto(r3, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) r4 = socket(0x2, 0x1, 0x0) getsockopt$auto(r4, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x3b) shutdown$auto(0x200000003, 0x2) newfstatat$auto(0xffffffffffffff9c, 0x0, &(0x7f0000000380)={0x5, 0x6, 0xa9, 0x4, 0x0, 0xee01, 0x0, 0x6, 0x3, 0x0, 0x4, 0x8, 0xbc, 0x1, 0x4, 0x0, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) 2m3.567450775s ago: executing program 4 (id=7115): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/can/reset_stats\x00', 0x280080, 0x0) read$auto(0x3, 0x0, 0xcc17b38) write$auto(r0, &(0x7f0000000040)='!//\x00', 0x80000001) write$auto(r0, &(0x7f0000000000)='\x00', 0x7) 2m3.240914445s ago: executing program 4 (id=7117): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r1 = socket(0x6, 0x6, 0x7) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1", @ANYRESOCT, @ANYRES8=r1], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0xffffffffffffff07, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB="5402000070b64f185dfd94d1e954214b55a03b85e317c0bf6ac6981b146d112508630fe473d4cdb6a71d04f1ef", @ANYRES8=r0, @ANYBLOB="49c62bbd7000ffdbdf251f0000007d002901b034167f67a3fc2b5a5996d4f84de4bd4240f47cd6c80ffc62f3b860e2bbd5ec4cce56f72f88f5c290c1cb8557d478ed87490d16c346e972502896d69a29be9e489be8e5ae8c9e06c8ef2bd3bb75eea4a774ce164de86f4f0be0fa23ae483bd325ca260f8df3bd1af063c3d949261554c7df88894e6cbc76a500000008003700030000000800a500f4e40000a50111801800478014004300fe8000000000000000000000000000280800de00", @ANYRES64, @ANYRES32=r1], 0x254}, 0x1, 0x0, 0x0, 0x4000004}, 0xc4) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x2, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x2}, 0x10a, 0x6, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(r2, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000300)=ANY=[@ANYBLOB="64160000", @ANYRES16=r3, @ANYBLOB="01002bbd7000fddbdf25110000004f160980a703ed80fc01b380f80102801f69a14d4b4a0d0324073e976b676072e40124800400eb8004004e803f0079002f7379732f6b65726e656c2f64656275672f6e657464657673696d2f6e657464657673696d332f7073616d706c652f6c6174656e63795f6d61780000b4ecf7a98db4d534a6a94d16847dac9336fd38fe8f44b736efb5933af979682e483fb5bb3955206013bcb74f449988a3af924b2d956d7f666ef2176e2e6eeecedd7d4524dee4796aeec5243226b15559ef39e79083e5fc692762bde69a7afda9ca75465446cf1ce86d34631750ea168b2d47754dc71c289d270dc89e47a0a3275ba443db3bfb1bedcc4da109ef90898d52dc1bfba1a7a4e81d3a3de3cc4d10156e81f6205d17f218badcfad61a229593f9a02001941e385610f686d4a302df31a051dad684ac4455942276ce14a4f0cd4433fdb9021272c8b8e0c512da195cd2cf4fdc196d68d36448623d439ce64fda56e575098c0154f6fc8e4427bfeec66d9ea0b208fab3a9f503ce298c69b9cf4d14f3721b1b7abda1c614bca2231b3d83012985a649f436eb39dda509192aa5bfa5059feaaac96dad4655afb2323c4cc73dac2febd20b4e6c66edc01f65b9bcdf73fe6d150374b98cd5a84a92e9580ecd7c0b3645a9a8fa4e830a19c66c916421a7df2b337ebf139c5aa30789478547fbc0cc005b1491c43269529c804b8caaa907009900232e0000e100a68008007b00ff070000d5823b037a8f6e502702cbbc2dcec4e4b0f254d161351f47dd30fda60617f2cd1aa14dd7fa4cea12289d32d719ff0c893d2cdaad2090fe8390c68321f4b9d30225ccb53abf518811560dddb0d51cb7bac558afc5d61c24d48159cf54fc882bf2b09d02cecd0306db58fd0e76d356fb32ff1526685e8138ac22820aa9aa146a54d506317d091891bc0ba588f84f2f71f9450941eb004e8711590555aa6a6f7dbd8267faff9e6aa2291f9edab9d7b057c53db2523e4f0483170926734f3d8849f705cf9db0e8a3b934248dba12ca04000680040028000000000505ac86a1fa25ede5d24b06f5037ab95b8a02609f4b4b6f5dc4a7ecf45beee76ea237a1a113a3c551616be176d4a70af920d29a8d8ba1503b8281c79e4945fc724512d6492bb3cd61c365e77af523a7773427fe3f6a28c1eacfd582e872e7b0df290924b4b41a02ddfc4cc3ce4e11b442e3bd570ac54858af98c7acacf81b34ec232cffffbdd723ce0d4e8699be060f8dfb189bb40bd1bc2df5738afd8e9e70abc656515dfd87f163958bc5f3b507ec9ad68912411f45bf8d641b0be4915eba4d994a000800"], 0x1664}, 0x1, 0x0, 0x0, 0x2200c851}, 0x4) io_uring_setup$auto(0x0, 0x0) ioctl$auto(0x4000000000000c8, 0x400454e2, 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/error_log\x00', 0x40, 0x0) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb1, 0x10006, 0x300000000000) r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0) ioctl$auto(r4, 0x4018620d, 0x9) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r5, 0x4018620d, 0x9) statmount$auto(&(0x7f0000000000)={0x3, @inferred, 0xc616, 0x0, 0x120000}, 0x0, 0x3ff, 0x1) 2m1.633305005s ago: executing program 4 (id=7120): mkdir$auto(&(0x7f0000000040)='./file0\x00', 0xfef) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000080)=0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x3, 0x0, 0x0, 0x0, 0x8000000000000000) keyctl$auto(0x2000000000000017, 0x3ff, 0x2a, 0x0, 0x4) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)=0xd) listen$auto(0xffffffffffffffff, 0x26da) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xffffffffffffffff, @new_prog_fd=0x4, 0x4}, 0xa3) io_cancel$auto(0x7, &(0x7f0000000100)={0x0, 0x3, 0x8, 0x9c9b, 0x9, r1, 0x1, 0x2, 0x6f, 0x0, 0x6, 0xffffffffffffffff}, &(0x7f0000000140)={0x7, 0x3, 0xffffffffffffffff, 0x8}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r3 = open(&(0x7f0000000080)='./file0\x00', 0x22ac2, 0x5d745cb200ae4d7b) utimes$auto(0x0, &(0x7f0000000300)={0x8, 0x8001}) read$auto(r3, 0x0, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) mmap$auto(0x1, 0x400005, 0x100000000, 0x9b75, 0x4, 0x8000) r4 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f00000017c0), 0x400, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r2) sendmsg$auto_NL80211_CMD_MODIFY_LINK_STA(r5, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)={0x1034, r6, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_WIPHY_SELF_MANAGED_REG={0x4}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x7}, @NL80211_ATTR_CQM={0x1004, 0x5e, 0x0, 0x1, [@generic="361ee4b27cce7bac8d858cfb96ec4aee5406196598b0ac4ae3ac96c3be2bd8cf1781cf23caaecb02d1c4f2ace23c2471edf81a82e8f0c5d0a1cde74edb3ecaa4c98a93c5dc5821f569a0a907d003636e0d39666103491b13fce40534fda14298ef728c51f3e4c9e01b3ac05508baf3289bc612c3701761eec6efdf1a76394c6ed8893e257ff5a824ca989075d296b893b16e3327aee8a46021776cea3a5e40a77d50a83302c5e75d7a930bd4a263f5830db9e6d04f28320ef3e95ed3d9d86d1bd178ef65b862c6de63ae7a0975ffa7e70dbbfe92b9e7bc67eb576e17170f20c5c8c18505209a729d7463aaaa5de9b01bd4cc02bfab05dae7a4d58a0f21f4bd675cb1657ab40bae3f8f746878304d7ed90a1ad25fa13cbdc2b3e1315d6fd0e6663429d0197005c8b007bb4a05b42fcaf2bb8873c224d061600acba8da35da7871e4cdc79056ace3edece6516c322d73a66e10764c02876d9256534cddfe1050bdb6e264ec3bbdeec03349fc7d0639077c97ddc8af3be504c45dc6f02c4c8c756ff947233c5cffe500bd41d8aad664c2a392ba3a9db06fb71fc1bc73a9bbba8a89682271e84cb241c04ba5386fbbcdf8e1e6b3aeedb3059c50f720cc3fdafb2184fe48a398e5461f09524e5f0292851cf01a7ad4408044c2b78523e01ba228c9bd30d21f57ead3c39e15d632bbcbb433a3dbb79416eafd0c51ec67b03d848f19205bdb03f37212b01e4d6ee2d835080eac717f6b65e9f7b36a4eaa0c44b13b2618f8439ca4062042af4405925e6471cb40f0163251a0605efd0fb14384b0b58159e512fe5006c0645abc2336087b63b3a61c08680054f95f7f99c9f60e6df057aac452c3f31b7e33fa17e34fe3ca49ffa4c3cf47fc9ce808d26dc90dbaa8df081ffe6700935d07e7d6894f72d26870fd626714ca0b2c21d086cea58fb4e9a1098b2e267f17f6d16420c06bc443ac1e2998c3cf84753268c63ea551da3510fd65e7547205a2d27ce6b88bb776d5f9cd24bc4a100c14af4735e5f83168d53cdef4f47a59a0533529688d4f1599b2b15bbb7b2c63f9cd3f8f34e41582c06d190b5bb1f384ea97dbd25b87e4f73c53a0791326d941ac531ba520a308ab42bcb1a224e02561e423c8b0d61718c8b48143582233d4f6d6568bc3882d07b31caa6e84369402751c52eb13fdd260b95ca16d61d05625e8d1aa56e1a7092f463258fc38cb105881821d0c0338eef30142275becc961c497b26530d940e7db4941beb4b0af33ce94e8b70264990f8db7cec1ea73d2c4a7712a2563bf67f2a13129a8ade0e1e12f2ea420b80f0fbc6d2011c2e25c47779ba573829e6464bb730d48c254fddcdf7b27bbbf322028f988a2cfe06e1879fdc51d214187d641437e7be3c2616f3c1e036d4d68149548f327d1db3f3afe8286afb5f750c2ed492a49c2be546d3ce5249d9e4c468081507f8a4ef27b3a11ec4265a2719d9d782352a7b137164fc2fe116f7dda919a3aae72f267aed542cd933f5af9a165688a675b3af8e456a90d165306f34ec0294e619e033a6fe75ea127124b978c0650f864e93911f7e03186812c3129db44bc06fff578121f67600ae53d90c3e66c14bf6d87990045f3628204c2a5613bb985728885ec6ea7a5307ff1a04a00e589186162a8c1d03b7f766cccb8d6a6c230e5c81a2415d739a40b6087fdea982ef91a188fa885642e7fb239060bca5e988e00d15f7c9fc2f0130b53a2a0aec22457a73bf296c2955d78bf77377864c5b07f496faccb93f14e4c335ed1a332ce797989e41c1698b786c4e0438ab0ad2ecced21270d09950d056b7397d5a8f321137faf46bff5d164830279a0f941b46b44441a8330ae0a1e8631e4737e48227b9189d8cf20a7a45b3cebb336c20d98fa4cd78ed118b670d4ab96b2658843b700c18d4f5d337720c4a888f3ba531b96362e68d9ab7f49e17665985a44ad5b6ddd7cf7e9ddaa07a0bbcfd00a85ea0a9e74e6ae1dead7854f4d81884c85b6d8b87bb7c67c0e9f9039081915296614f3166653d09c1533c2621d72a9e147c2f1a0a85019118dd1496a482f36ddd771df7e6db53bfc520683a9c78b8a6b7c9bcba37cc4c96740b83ac5e081a5c4bb877034977a27bb404a804d915647eb913cdfea8eea133fb0614efcbc99fb2d154001d1d6ee318998a18937aa79682127bb255620b16a5286e38116ded059694f7650d0afe146a0d7404797a045f21bf39dbe5ed6accc1a5cc7af2aeee1e8a0219282b66fe3a61f21c24878809a76ea36bd71c28f4b0ec5d7fb61792f2919d2978a26e10347410e9fddbdc61240e29ae0fdb9be08d4cce0fcfe27fa198cb45a59561cd8476e163297509c6e4f90119d9dc4440440da4f398546117e34a42b9663d8bccc063be015deaca3cba8f078b75179608aa26da3c800ff6dd459fea3306373f31a7cec0d2010824a5c89b09040c31401a265dacafb69daa083efbbee0d703e402cde35493bf0c5a5a96c85b125b55cd171192192881de80b518911cdb3b7491385acbed0db59d576253661a55cb4132b9900cf0849184027ed66292ca228338584efafb13bb102824407f1dcac0bef2513f4068881936e03dcf518056a536b02830e55f53bc7275aa0783b154771c4c45030e96d8a3b375a00fe447aba74e76aa08e7d6d36d2e1906f7e9b9cb0a8407e47f583f688ce95ae224a15b9839321b124024cee5011aa0945814a7028d9a179976ad147e5523ff5f7ab3a44475faa5d3f50186820513bb7e62aca56901ea690bd8e948a3e4956cd687331e3330a6c0f96b90a464f484ae1e33af159e7ddbee1d19773d5ebca1823052c59ba162aceb3758914f7b5d2ef29ed04780774c349f7bbe3a5b258db81feadc282af1839a97238c5eabda8bbe04a28c333f21476a9eabbd6c6d05eada33fbe556c3f7ccd9392984f3ccc5b509beaee79f195a83df3d70248b817f2f4ecc763c6acb697337c23bd8d1cc2c9cb13bb94333c0396a73355906e2194a69c1524173a74682a8772969b3f6272052cc56f04796766a2759a3d8b51f8d0f31954f76e3fd804ec27f8102d293b23cec9152d4f673c31ac20527f88d1ce674b17c1d4f8276aea91ba5b58e97b11f168a89bb7759122257a05d16ded8a5fdd401bb3b5e70f439cee1b45889404d0a22a1b071ce0a856cbc330c42a186b85eb424e6f44fa70ef4cb23ef9972940ada56d3b668773963df757da6fd2f44fd84d7cfbe46e5d922f0e6a4d8015fdf7c4bb91047f4ca79e3b390091993315a569b3bea829b5a4266663558769c466a7e3e6e1e1f700c96ee6ad0391ce35f77219383535f11fd9a968fe05e77e1fb53892f408b7999534e978d26bf305ee3dde1fa4e0b2d76445a600f0bbe0bab8024f3ffdee7b133a5a79e0d01c3db20c976a48ac8b4653b3d52ea5098ed6fb1f2c3a023481f59b98ff601b850fdb4d0b0533b2bcb63cccf222686ca7851822d68dddc70a2e7272614d333cb15c567fac88d2e89c2ca0029bb6ba0cdc99617071fb6bf795b021ab223482acf4452e998d7d17fa5970bfca2967f662d95fe4e1e82d645ad5fded57b4c644e1172553b79102fa8793f8ac305d33aeda85570237ae220cb8f89fb8b2cb9827e8c02d10dd3da391820304e7d2e8bfd8816e446da130ed20ecb8fb08890cef957f4e4013693a5bd97dceb0f905fc2c2329fcd7d14444bf0b6acf0b245fdf2351b1dcc14ede3a035beaead089b64758b698900b15663db3279cc860c0fdff277898156664cb768ec81f9daa91bbd290c7b95d9eafcf4b5bd437a3fd2731422cc6c34e4781adfe67e551f5296dbdff5fac16b3b88cff0b9821f67b88c9f861265e6c034eb86db344af726ea643968a9cc19b6639cfed1aecea45edc8f21007151e20af52339efbc2f43beaae05191a620c87981c3d3fc7b6b83ac82286ec1991a4270efab16469b9fccca5edbec250db302f72d281aca00c13ebf03b9364a5ef55d3548a286f243982eaf914526d9adadcc4d7db729971417434ac1e0c04b29015a4459e0898b99b720b2f066a4d847ddee2318c3aab927a097feb0a17817892691b80d647a339949759e6caf092bd7153601b294164db31c8167cef50d55de694f09922a5497be31cda5b708976a1268ddbed9dd029311e72af007ea29185407674bcee6ce5c7bd750d6cd9ee460aec94c5c935c5a16336fad959acc303f1e8d77e81a7be7a3ce9b8c5d62e5f2d3d07264f27e40970700383ad61e9ba7ef1037c91b8a4ecdb85853497d1341ba5e536bb27ae864e52cb35c529bce04a9e197a7d919774694944fb6875f104ee790f82fe4bac271d88f1478106fa1760200f8318e28bc9512e3573f4af18913e2f1b60fc326cb6fb996b8f30179b1ac075a11c86d10a0675ff16883bcda56ce8356ba9f3ee032a80f1c61ef648091d5e1f14c95ef6078543ccad8d029c77973b75b4276def72830ef6c6464d90f89f7dbb2be559138e2c067e086db3cb1b63c138953667023406c4d6369cd0d5d564fa966637a6db1c01060a840b9b4060fa839fbda969724c8e33b1a4d32744189139cd6a5c9d70861713ffa5be21e5aae3630b5ca881678a970dfb2d64868125972b5f55b69f3cb68caf7fff39222158f2a58c0eb9bdda2f687337375abcd894f8655ed1acfa096e30344cbab087ba522a9d49fdc590314a237475e166f1e4fdbafc509f6eee019a6595d0cca1baefad3daeeabcd01f7e1b5bb76b1a20b9e2770ba146443980ac84a054f65c60cb1bc5a034dad7aea41fed47453db5cfc304ef2c5902c70fd002e8b58ee9abc3ea9b36c7dfaefb44f8d1c88831e4d8c178f3d80bfce1640afac2799af2332f483046a44b0d179507aa30ef00c577c07ca25fea276874c8aadaada03c9f7d72a9a8ffdc40b17f134519d86857ad98858e8a874b777bfc3226c4ea4894326c453c2c0e0f0824f63ebdbdb89ac87bef306dd59dd4fab8c1f1f0981a8a2fe089df4a3ee1f2af0dcc86e3918dd986b5e09e72e8239ffa832bcd842e7ac89c4e3af5ad6728b2823f704a6671c33f34d19782b48ae167152e8f32d44412d8089db05f9a2bc7125de83a57c6bd16e6a4d505d4504e1bd967bba0ee3962d82208363cf04eb78a1693b0877cff612f32d2f2202c218987fb103e4d55553f3b9357908a381e44b408dea66884c55b7d29063d80312ccae5b296e7ee321326849a1ab76758cd709185163a1741613c677875345ec36060cc6165c0af341cd8b4376500db00fb4947ccd25cd41dbb99ddd7202e659c68f2b11d3a5fc548713b215eab235a25882b021e86ec30239f15376e578af9b293cc24ae8cc34fdb98d14be4a047835de439f00196324df758f2cc214e061725b01f1445ed4573032cbfae8fdf913aeb39b2481e239940d436f67b08fc4df30e1df27fbaeb4faacde7d7f8db53347656a39a34c4ca208a37b33ccea9e604cb15e51c515e3ebd3df0f70273a29523d53ef772a60e7ef3c959ab139140963f6e96ac274b837cf182347609d05f661fadd0b3dcdbb2995a3c13e5868a5f07cc72f02902426f052e45d672c6f6e2bed60a21ec1b77236180a4bf519142df5285d18711afe89c265d7f51c10dc108cd6b90be8e7b266c953f985ed83bc6fb7ca2b6aac4ff387325d524e4eebd8293650ad92887032878fce95a0a414204aa9090fc1b9e7b030d1b67513a1e618fd1618aba41e3d9716fbca4595786c9c04ca91807ffff4423176a0afbf8d1069309c0cc78c0cdb0fb54f76c58b91d0427063c7717c8"]}, @NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x67a}]}, 0x1034}, 0x1, 0x0, 0x0, 0x4840}, 0x8004) read$auto_supply_map_fops_(r4, &(0x7f0000001800)=""/22, 0x16) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file0\x00') 2m0.977159904s ago: executing program 4 (id=7124): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socket(0x23, 0x2, 0x0) ioctl$auto(0x3, 0x89ef, 0x38) 2m0.470086572s ago: executing program 4 (id=7126): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/ext4/sda1/reserved_clusters\x00', 0x2101, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='6', 0x1) r1 = openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, 0x0, 0xa0000, 0x0) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(0xffffffffffffffff, 0x0, 0x40) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) fcntl$auto(0x8000000000000001, 0x26, 0x8) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyu1\x00', 0x840, 0x0) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) mmap$auto(0x0, 0x8000000000000003, 0x7, 0xeb1, r1, 0x8000) ioperm$auto(0x7, 0x6, 0x1) tkill$auto(0x80000000000001, 0x7) bpf$auto(0x3ff, 0x0, 0x81) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x57, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x20800, 0x0) ioctl$auto(0x3, 0x541b, 0x38) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000740)='/proc/key-users\x00', 0x2, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f00000007c0)=""/153, 0x99) mbind$auto(0x1000, 0x4, 0xc, &(0x7f0000000000)=0x5, 0x1, 0x7) 1m58.736663495s ago: executing program 4 (id=7132): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) r0 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40802, 0x0) write$auto_evm_key_ops_evm_secfs(r0, 0x0, 0xa) socket(0x2, 0x6, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0x7, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f0000000000), 0x55) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x9) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r2, 0x0, 0x2) r3 = openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/options/blk_cgroup\x00', 0x5, 0x0) write$auto(r3, 0x0, 0x6) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r4 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r4, &(0x7f0000000180)={{&(0x7f0000000040), 0xc8b, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x348, @loopback}, 0x55) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x85, 0x0) r5 = socket(0xa, 0x1, 0x84) getsockopt$auto(r5, 0x0, 0x480, 0x0, 0x0) ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000000)={0x4, 0x4, 0x3, 0x200, 0x5, 0x5, 0x0, 0x40000000000001, 0x1000008, 0xfffffffffffffffe, 0x7b2}) socket(0x840000000002, 0x3, 0xff) 1m58.298281149s ago: executing program 34 (id=7132): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) r0 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40802, 0x0) write$auto_evm_key_ops_evm_secfs(r0, 0x0, 0xa) socket(0x2, 0x6, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0x7, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f0000000000), 0x55) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x9) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r2, 0x0, 0x2) r3 = openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/options/blk_cgroup\x00', 0x5, 0x0) write$auto(r3, 0x0, 0x6) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r4 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r4, &(0x7f0000000180)={{&(0x7f0000000040), 0xc8b, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x348, @loopback}, 0x55) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x85, 0x0) r5 = socket(0xa, 0x1, 0x84) getsockopt$auto(r5, 0x0, 0x480, 0x0, 0x0) ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000000)={0x4, 0x4, 0x3, 0x200, 0x5, 0x5, 0x0, 0x40000000000001, 0x1000008, 0xfffffffffffffffe, 0x7b2}) socket(0x840000000002, 0x3, 0xff) 5.925401678s ago: executing program 2 (id=7562): prctl$auto(0x4, 0x1, 0x3ff, 0x8000000000000001, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x2, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x542, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000140)="65507307ff6587a725ca87720ef9769f20592e77a8977acfd064c712782b89f145862d9956b07a7c40f8a41e4c4cd45ac0bdf9b7d5cf78f6b7b354a69aaecc3922f2e2df504d01273dd7e6e3c25f55a98d1f81", 0x53) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) prctl$auto(0xf, 0x2, 0x7, 0x2, 0x1) openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000040), 0x8a02, 0x0) r2 = socket(0x2, 0x5, 0x0) shutdown$auto(0x200000003, 0x2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0xa0fc}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002900)=ANY=[], 0x101c}, 0x1, 0x0, 0x0, 0x40010}, 0x8800) sendmsg$auto_NFC_CMD_GET_SE(r3, 0x0, 0x90) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f00000000c0), r0) r5 = clone$auto(0x100000000, 0x3, &(0x7f0000000100)=0x9, &(0x7f00000001c0)=0x863, 0x0) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xd4, r4, 0x280c5358122b94d5, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_DEVICE_LIST={0x8, 0x9, 0x0, 0x1, [@typed={0x4, 0x26}]}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x81}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x5}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x5}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1fffffffc00}, @NBD_ATTR_SOCKETS={0x58, 0x7, 0x0, 0x1, [@nested={0x28, 0x50, 0x0, 0x1, [@typed={0x8, 0x15, 0x0, 0x0, @pid=r5}, @nested={0x4, 0x53}, @typed={0x14, 0x47, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @nested={0x4, 0x140}, @generic]}, @nested={0x2c, 0xb7, 0x0, 0x1, [@nested={0x4, 0x98}, @typed={0xc, 0x0, 0x0, 0x0, @u64=0xb}, @typed={0x15, 0x115, 0x0, 0x0, @str='/dev/virtual_nci\x00'}]}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7}]}, 0xd4}, 0x1, 0x0, 0x0, 0x10}, 0x4080) io_uring_setup$auto(0x6, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) 4.709570202s ago: executing program 2 (id=7571): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ptp/ptp0/n_periodic_outputs\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/58, 0x3a) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x0, 0x0) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000040)={"a2e88999", 0x7fff, 0x0, 0x2, 0x9, 0x10000, "7207661b123ebfab150d5b41ec06a2", "daa98e20", "930a0c1a", "310f5514", ["f1448f541c30b99a96561625", "229d96ef5eac0e1bdb7b7eda", "105d6dc99314e86c9f351da7", "77ea06a4b734ff1c8eb66fe0"]}) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) r3 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) read$auto_snd_ctl_f_ops_control(r3, 0x0, 0x0) 4.411456933s ago: executing program 2 (id=7572): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0x6, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0xa, 0x2, 0x3a) setsockopt$auto(0x3, 0x29, 0x11, 0xffffffffffffffff, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB="04000000a33554c18e2c0904a3d5667cab771635693e78ab3a3f50ec60b66eee241614609b5a1dfac0a4c37ed89058d515f97659e5"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027"], 0x1ac}}, 0x40000) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x40043d0d, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x4601, 0x0) 3.470249052s ago: executing program 0 (id=7578): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x80400, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x4000008000) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x46) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x200001f4) close_range$auto(0x2, 0x8, 0x0) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f0000000700)='/proc/thread-self/cmdline\x00', 0x0, 0x0, 0x200) 3.445432195s ago: executing program 6 (id=7579): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/dev/cdrom/autoclose\x00', 0x202, 0x0) mmap$auto(0x0, 0x4020009, 0xfffffffffffffffb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x800) 3.374217862s ago: executing program 2 (id=7580): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x80002, 0x0) futex_wake$auto(0x0, 0x7, 0x0, 0x82) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/status\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mincore$auto(0x1000, 0x800008001, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x8001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyd7\x00', 0x50000, 0x0) ioctl$auto(r2, 0x5393, 0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002c00), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_LINK_GET(r3, &(0x7f0000003580)={0x0, 0x0, &(0x7f0000003540)={&(0x7f0000002cc0)={0x20, r4, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xc, 0x4, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @pid}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x880}, 0x814) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)="de", 0x1) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 3.251395236s ago: executing program 6 (id=7581): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ptp/ptp0/n_periodic_outputs\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/58, 0x3a) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x0, 0x0) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000040)={"a2e88999", 0x7fff, 0x0, 0x2, 0x9, 0x10000, "7207661b123ebfab150d5b41ec06a2", "daa98e20", "930a0c1a", "310f5514", ["f1448f541c30b99a96561625", "229d96ef5eac0e1bdb7b7eda", "105d6dc99314e86c9f351da7", "77ea06a4b734ff1c8eb66fe0"]}) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) 3.038259095s ago: executing program 6 (id=7582): getsockopt$auto(0xffffffffffffffff, 0x84, 0x12, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume\x00', 0x8100, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000001680)='\v\x90\xd1\xda\xbc>1\x8ag\x14\x18\xbe\xdc\x00', 0x1) 3.011911604s ago: executing program 0 (id=7583): open(&(0x7f0000000080)='./bus\x00', 0x14927f, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x80002, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000003b00)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01f7"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x0, 0x7}, 0x9}, 0x3, 0x4) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/dev_snmp6/bond_slave_0\x00', 0x8000, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) socket(0xa, 0x5, 0x0) socket(0x1d, 0x2, 0x2) socket(0xa, 0x3, 0x3a) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0xa, 0x0) 2.685158429s ago: executing program 0 (id=7585): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/nfc/nfc0/rfkill0/persistent\x00', 0x2640, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), r2) sendmsg$auto_NETDEV_CMD_QSTATS_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x20, r3, 0x301, 0x70bd29, 0x25dfdbfe, {}, [@NETDEV_A_QSTATS_SCOPE={0x9, 0x4, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'veth0_to_bond\x00', 0x0}) sendmsg$auto_NETDEV_CMD_BIND_RX(r1, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000480)={0x9c, r3, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@NETDEV_A_DMABUF_QUEUES={0x1c, 0x2, 0x0, 0x1, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x6}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x7}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x9}]}, @NETDEV_A_DMABUF_QUEUES={0x1c, 0x2, 0x0, 0x1, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x7fff}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x6}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x9a4}]}, @NETDEV_A_DMABUF_IFINDEX={0x8}, @NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r4}, @NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r5}, @NETDEV_A_DMABUF_QUEUES={0x14, 0x2, 0x0, 0x1, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x4a61}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x2}]}, @NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r6}, @NETDEV_A_DMABUF_FD={0x8, 0x3, r0}, @NETDEV_A_DMABUF_QUEUES={0x14, 0x2, 0x0, 0x1, [@NETDEV_A_QUEUE_ID={0x8, 0x1, 0x7fffffff}, @NETDEV_A_QUEUE_ID={0x8}]}]}, 0x9c}}, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x894}, 0x4) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) sendmmsg$auto(r0, &(0x7f0000000800)={{&(0x7f00000005c0)="fb023111524d019ed98b5ace5061ca4abb852169d35d209a1a4eda53118d91cb8f0aaa955e85d80842cdcc3e8aace6867189306a758537683fcffc644e2e0050bf5bd3b2596c9bb0bb0af21ed794ca48d4b69fa33d4a68c68786d8bdef2a623a10bd51da556a86a62a09f6d696492d21f5827e6f174e156a615ccbc12f47ab40a302057549f309aee09c7ec6b3ecc919408c5c37c2aaeb01dd4d8cf47ec80eab6b3afb0eb942f112e22f8f4dbbec1dc799435da85173e37e7769fbd12b9d698a3205e94927ceec7ce638207eca73b5f4c62e5f6dd548e2c52fb3d8213d190a66d8cf45c2e96296d84f1f17c9e72b", 0x6, &(0x7f0000000780)={&(0x7f00000006c0)="06be356e918cbf3c1410a76cf5880f23a956ab0dc581b8cb799d7acc63a1b0670787851858a4b8dd6a1a4cdad87086277726a26cad0fa7c0e74fdef777742080fa6a6e564d53fe3ffed5322a151c482868c500b4b87c87d95c9777bf285972596009e6f38240d868ebff4e42570eebd6ca75a4e506764e49ba873fa840e8d4baff", 0x7}, 0xe00d, &(0x7f00000007c0), 0x5, 0x2}, 0x4}, 0xff84, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/mtd-0/min_bytes\x00', 0xc0002, 0x0) read$auto(0x3, 0x0, 0x80) select$auto(0x7, &(0x7f00000001c0)={[0x7ff, 0xb, 0x2, 0x0, 0xa, 0x1, 0x2, 0x8, 0x4, 0x7, 0x8, 0x3, 0x8, 0x200, 0x6, 0x2]}, &(0x7f0000000240)={[0x2, 0xf2, 0x0, 0x6, 0x3c, 0x7fff, 0x7, 0x7, 0x7, 0x6, 0x7, 0x1000, 0x80, 0x1, 0x2]}, &(0x7f00000002c0)={[0x3, 0x1, 0x400, 0x5, 0x0, 0xd, 0x9, 0x5, 0x0, 0x0, 0x997, 0x2, 0x6, 0x6, 0x5, 0xfffffffffffffff7]}, &(0x7f0000000040)={0x9, 0x8}) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0x0, 0x0) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys1\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r7, 0x5423, 0x0) ioctl$auto_TCFLSH2(r7, 0x80047456, 0xfdfdffffffffffff) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/228, 0xe4) 2.621259736s ago: executing program 6 (id=7586): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim0/ieee80211/phy0/rfkill2/hard\x00', 0x2600, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0x14) socket(0x2, 0x5, 0x0) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) clock_getres$auto(0x9, &(0x7f0000000080)={0xfffffffffffffff8, 0xfdd5}) syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) getsockopt$auto(0x6, 0x11c, 0x7, 0xfffffffffffffffe, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000001c0)=""/231, 0xe7) 2.430823589s ago: executing program 5 (id=7587): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="24000600", @ANYRES16=r1, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="08009e"], 0x24}}, 0x4000000) 2.285902897s ago: executing program 5 (id=7588): mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r0 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x129941, 0x0) write$auto_buffer_subbuf_size_fops_trace(r0, 0x0, 0x0) madvise$auto(0x0, 0xf663, 0x15) 2.051168072s ago: executing program 5 (id=7589): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/dev/cdrom/autoclose\x00', 0x202, 0x0) mmap$auto(0x0, 0x4020009, 0xfffffffffffffffb, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x800) 1.914193878s ago: executing program 5 (id=7590): socket(0xa, 0x3, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x8000, 0xc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2, 0x1, &(0x7f0000002100)=0x4, 0x5, 0x0) madvise$auto(0xa, 0x8ce, 0x19) getsockopt$auto(0x6, 0x0, 0xd0, 0xfffffffffffffffe, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) ioperm$auto(0x7, 0x6, 0x2) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto(0x0, 0x5c5, 0x0, 0x4, 0x0) 1.717752261s ago: executing program 2 (id=7591): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ptp/ptp0/n_periodic_outputs\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/58, 0x3a) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x0, 0x0) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000040)={"a2e88999", 0x7fff, 0x0, 0x2, 0x9, 0x10000, "7207661b123ebfab150d5b41ec06a2", "daa98e20", "930a0c1a", "310f5514", ["f1448f541c30b99a96561625", "229d96ef5eac0e1bdb7b7eda", "105d6dc99314e86c9f351da7", "77ea06a4b734ff1c8eb66fe0"]}) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) 1.627585558s ago: executing program 0 (id=7592): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x80400, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x4000008000) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x46) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x200001f4) close_range$auto(0x2, 0x8, 0x0) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f0000000700)='/proc/thread-self/cmdline\x00', 0x0, 0x0, 0x200) 1.599975137s ago: executing program 6 (id=7593): mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) newfstatat$auto(0xffffffffffffffff, 0x0, 0x0, 0xc472) io_cancel$auto(0x64, &(0x7f0000000000)={0x6, 0x9, 0x7, 0x4, 0x1, 0x409691, 0x5a43, 0x0, 0x5, 0x10, 0x7f, 0x4}, 0x0) clone$auto(0xd2d2, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r0 = socket(0x11, 0x2, 0x0) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) 1.203808348s ago: executing program 0 (id=7594): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) bind$auto(0x2, 0x0, 0x5) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x342, 0x0) getpeername$auto(0x3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram0\x00', 0x200, 0x0) read$auto(r0, 0x0, 0x80000001) socket(0x28, 0x1, 0x0) ioctl$auto(0x3, 0x5411, 0x3) r1 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/sockcreate\x00', 0x1, 0x0) eventfd$auto(0xfffffff8) listmount$auto(&(0x7f0000000040)={0x1c, @inferred, 0x80000024, 0x800000876e, 0x2}, 0x0, 0x74240, 0x1) write$auto_proc_pid_attr_operations_base(r1, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x2) socket(0x2, 0x1, 0x106) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x4) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) unshare$auto(0x20000080) unshare$auto(0x3ff) mmap$auto(0xffffffff, 0x4, 0x8, 0xfffffffffffffffd, 0x1, 0x7) setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x840000000002, 0x3, 0xff) socket(0x1, 0x80000, 0x3) getpid() 1.126824569s ago: executing program 2 (id=7595): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c0010"], 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) socket(0x1e, 0x5, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x201c2, 0x10e) bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0xfff, 0x5, 0x10, 0x0) ioprio_set$auto(0x3, 0x0, 0x4b34) socket(0x15, 0x5, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x6, 0xfffffffb) pselect6$auto(0xffffffff, &(0x7f00000000c0)={[0x2, 0xfff, 0x6, 0xbda3, 0x0, 0x9, 0x5, 0xc7, 0x5, 0x400, 0x7, 0x3, 0x2, 0x7fffffff, 0x87d9, 0xa]}, &(0x7f0000000180)={[0x182, 0x9bbb, 0x0, 0x3, 0x58, 0xb5, 0x8, 0x400, 0x6, 0x4, 0x7ff, 0xa5, 0x2, 0x7de1, 0xed1b, 0x8c5]}, &(0x7f0000000200)={[0x8001, 0x0, 0x36d7, 0x39, 0x0, 0x7ff, 0x8, 0x7fffffff, 0x6, 0xe51d, 0x401, 0xffff, 0x95, 0x39d9eb, 0x8, 0x9]}, &(0x7f0000000280)={0xa}, 0x0) flock$auto(0x6, 0x1) mknod$auto(0x0, 0xc9, 0xc8) execve$auto(0x0, 0x0, 0x0) shmget$auto(0xa, 0x10563, 0x568d1af2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram9\x00', 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0004, 0x19) io_uring_setup$auto(0x5, 0x0) shmat$auto(0x0, 0x0, 0xfffffffa) mremap$auto(0x0, 0x4, 0x3fd6, 0x3, 0x20000000) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a"], 0x1ac}}, 0x40000) socket(0x10, 0x2, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001500)='/proc/kpagecgroup\x00', 0x101000, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/pid_for_children\x00') 1.050978261s ago: executing program 5 (id=7596): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram5/power/control\x00', 0x303f80, 0x0) mmap$auto(0xfffffffffffffffc, 0x400008, 0xdf, 0x1000000018, 0x2, 0x8000) mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb2, r0, 0x300000000000) socket(0xa, 0x2, 0x0) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x60500, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', 0x2841, 0x0) write$auto(r1, &(0x7f0000000040)='($k]&\x00', 0xc408) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r2, 0xae03, 0xd0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x3, 0x67) readv$auto(0x3, &(0x7f0000000080)={0x0, 0x8}, 0x4) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x20000084) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0) rseq$auto(0x0, 0x8000, 0x0, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) fanotify_mark$auto(0x0, 0x451, 0xa, r3, 0x0) mknod$auto(&(0x7f0000000180)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e', 0x1, 0x4) acct$auto(&(0x7f0000000380)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e') acct$auto(0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{&(0x7f0000000100)="459bcf7606b0395865e179f281fce4", 0x3, &(0x7f0000000140)={&(0x7f00000005c0)="dbe4b2134f4d997d7529c637ac3a48b373408cdf96f3fd4463fcc4279c4b5ae85e7a2308a84beee7d55d06ad34d66eb6a21e779453dd7742825490df3b33c409cee55eba325e9b1554e12010e3afdc1b5c2ff183116a822a44934ac9786a3b52661a2be4ccecce68dc6587e09ffaada02830e0b0ea17c1b80ef47b9cc3a77210f76ca8c7fd6ecea4500d46cfe88cc6c770beec888db8606f7fabe8891e0ed742fa69f848f6d9d653cdcf906a85c178f6dc9cd80ff383a82ff5d983cda3d547e24bc9cd71ecacd160102c0f6b298e568836c1046cb5df316e56b32901976cda55a63d08afd0673945d8772f63c7af5a623e173ed5ade2bf12a13cfa339086af73aa5dc9c031cdb8fe4ddbc0dc3d811093724b9df52ebb01c504051642d66616a6f4b53a7ab34867db98a711f5d66b1a7a52e79e32ac783e18e3b197175edc9f50248970c477763235bd2f47a34561c8b7a581fc6040983e05181116a212455e9e001f8526b73e2ca222894a8f2dd0114d61c7ccbc683c55fdb2d3b52cb15a6485297b535bc6984b39b9bee48d729f433ef9b4349ebf6bb99475daade4976979b2c87049099018658e69888bbe0599819602a62af8a6f54dadd699e64c28d941799067e34d20c16b455a7b91ffb18a312e9554c6db642d59df6db59fccc9e38452c1d13dc6eaae20049a74dc12ac6f56f2b705c97764911750d7a820a1aa13fd5fd3a3bbf93dedfea670b73bc7c9f5fb5eb75547f84ae27cf80ea3bbfd4d4bfc0d3716c77ef1169ea4edfbc63a8e57a9b3ceb102cf5f43ad6a4a976af483fd4f5681f3279f6ef57d4d5d7e810d1e0f16f8b605036245745bb28994ac61e5d246a49c58954baed915b32fde49c2dc5af8d2de8cff1b19b582909ee7b0e6da88b86fc884cf740856232b5bb881e903201006a4a00fa6383edbcd8e4a9d20c136a91124586e66fd5a810d7596ea90947485d6e1b9f45b741342aa22b451032841ece7b12d8af7e5745e2a125e7a8546d57969aa7018cd65e27a7a39d61855a6249a289a3d1cc44932d1aaedb385875890aaf511ad5aca7f4b1da0af82fefa2084b1505bb04ebf503be4e41f6813a562220adafcabb3ae7ce51df37ff484de9c10d7472884c733a51b438c251e0ee58ca4d432ce3c837d5e2285f45816fc5ea768ad50f0d660d336998886e279fa31a3dd608e6dbfc9d4822d081f8a58b21293cd82c0557fc53530fe72a98e4a70eae3f565b9f0394dc306b09e1ab845202029f301ed871907b36481911b38b0dc8752f5030b5666b67ced466f07dcf2d0e0c6a27135901464871d6a7398fcd5eee28189ee4e9320b9affe3b60991f8c38fcd5f21285f667e0ac99a1b665346c447fd33a8f4dae7eeaf3333b7211fdc78a2ce0ab5ba2e5fdcbde66b01b34381d638af4ea6394dccfdbdb2f03c746849a981cf1d24273655ab7eae2e5da87283b400394a11ab3f686a9f4b59de8bb7e06b43b7ea39c9b42e0f9d370e82b776e11f33669cd3e6d9bef5f2b60fffab042c4ebd8c910f795040b036d2b7e2620693528a9cdfd5a6555b94ec5644eea602e021ba445a13d333128b906c280d478d6c61f7b078f2c39159c780f18acf6814c4a48be35e0039dcfb7b83fdaa5558c157f80af77d3a6cf9f89e867f612ecdcb2a2a56084a14b84ff7e0625716b94cc855e00efefdc9b273a9377aafb791dfd2da937d3b5c82e8ba6286c678814ee8f78694f1557cec4f111f583fa621c31554de5521f088ca957d27df2f2495766ceca7fb18e4cf1b2ff43f5a4041d417da97ed63d24c19dfb88ec4b35d836b1113cdd6e2a2c9176a8242d5ab62bfe2590fc3c793f69448189cbe1817e8e6913c7fa19f88cfb10f70d460c5aae5eb6eb62644d86679a5b04f6d9abb7b3a85e32a9e764c74c4368730508435ed682b9491ed6a26730492d7f4eb615a4799f0149320ac841a87ec7507c3adfe5d735ecdf74546d5ba5bb8cdfd654beddd01d2a5b381c9f5b2fd4620913d2d9533516615f9aada212dd2717242397a6ff5c1f007f99cf56add4483ee42fb943c8528953798a1f24387194bc729cf0a700c9a7a86e23ac489d931bc91a811ec5f3ec7318272ea7d59989780859bb4c0b19a8e77cf33769052a6ca4140b9700be89fae039b95e42c19b5f7731bd264214a87cc26f91da7a7e6cb9bfaeafec8fa9a6fa3414964b30c9166b001fa4fb9e8b0e0650ccb48bc46980f913a3d3cf3749cc74b1c9dc24c5c2a4246ca66c9af243d839140fd11f9b82b1115b84bf98d3a88793e3ab25792d81fce43d15abe76b63fa48b96894d14612e36bc5eb4733443dbf982e3ce904b1107d7c272163ebbe1ad9b9481d1756e36561920e89cb4c72441d08311d250c7be08a34f8e5599f17dedcc06194887f03e2cbbbab2472897851f4c5c16debe0c8d171521aea7c1861e1fdce140927f261e544b37823e9acb28d1f0fe1539ff06ff6915bc9fbcdb851d67d32c6186db343265548014bae295bd6f3809ffa69d0ea0caa8bf146608f977ec4ae6b4bce85e4a1c18a4f54cce560d68c52783b8d8f0723b6406e87dd3a92b7160d83490326c39a192bc2cee4950d940f08696cfe09d8a9bb9f019f4d2ba1b53cbfbe092faaee447332715d586cdde8e8dc56568d7b9e71bfd6d2f98047851fde5fc994bc62569cac2975b3becf14c6192646def8910dc0514db046741314c6bb4d024104e41da99d788d1e2faaf719c8376f34807ba46accfced127fa4f82af7c66764c60c70432dce9d6cea61e275b45f7aaab25f226b1315e82a72299f1dca93c60aa0f5a9097aef196a67b6f747b932bbf47d7c60bd8bff4058fa3d6a905e3d3a3d8cbb90cb2565bed20e9f91a50b949426b21b5656047c60256e46cf5a3313811e93392697e1f3c9d67619d35fd14d02e5d6edaa1c125546c1f0bd8c609f34fbe65e39d7a5b7d10a8909fcff85a48925ab77aafb5d2391331b8a31a1263cf7855da4680f021660b40d374de92aaf1df87767726b89a3eb632e839a808564aa4ce73007fa0b2b7f8581e50ff02b19137460dfed2b6c08ac4919ae5c5b22cd6af2fb69bdfa8db964f18415ac5de13b6d16de66caa7c1ce091efab922eed052dd4741531bfd567b2881acab534d7fbeda728cddf48e6d276ae4485356c4ddbe6dc70e7cf97106d6d801305db7665eb5f8d0b00e51062686a1117d5625d1d1000250d24b61e1c14f9a890ba56d828899905a5f49089c1b001e4a1772257d6e666d281da6b6fd2211afa1d3afe797c420f4806cfe5b0a97e9fbde46eed8fbd02ee6572ad737d3eed08b792f6ea34bab7080879ad6ce2f680180ccd7415bd27db86aa2925fbbd151a624dde244e50894a6dcf1ef2d8e74b98d07a7149dcfccaed91b68c6fd4c132d13f23f2f13e4710dd7dce5d976382bb04c9a0762bc77c707389d5c7787a3874497ca7a2dafbcf06a2b36d6f0044267b62dbb043fafb6629aa0f9764588540e1af43f677666960ad6aca933d4bcf28dbd2c4d2201f430722cdf876f2fee33913a969d1ea217681cde03054cc09f89b9c253861e7644727e21acb73ad5952cfaa39e14bf40274e3f99086f36d04defcbaebd3dac09b09d97794e00f4216cba4bc9e99d8b3578559b32cde018db7cc8211137fada14fc4f046158e7ff2062a7658486036645fde61fb503e9dad5a637f45eee10e3746dd933aae9aabd1455669955cebf53db77d300de114d9155adb511d6cd074a4c2814403ca728fa8528532655ad57dd1e2e702f9dfcdb003eb4a76826835ab430ed9f451041d2c344124edde2815623115ebcfd6b905e48d3228201abd6cbe6045f50e22d61b0937a5913457e16e2c83c8d98e112b79971deb8f4deb206576eeb11e71c6e80f89163dbb6feb93cb2ce0711e55b8c3f53e84e1c1aa099e7dfb7cdff738ae948f500b67d9a177327450a3422a153b98ec295a09f3deec9adbd0f7962151e92764fb08aec4b4546d63fe9575cfe1c5554c18cd215fa277234cee5df8b3d32599f94ef94d4eecff7e9392b37cb63aeba5a29980e7168ceec259880bc6bceb720b754bc253688f944f9771c89e1ef62cc3a440a071cf281997419d6c500f441664b3a6a370babd723856fdbfa34bfd860312895f9e133ea10518b9eccf62a415d835405d776889638b2fd8a23d3384bb591c96d9a1241b7de624d2e656c3139b6d633f1a78ff3d4a7d0b3ae2bea68e5890952a0c009cdcdd385bef7650b5947bb2d20606f2acb21f1a5458781cf82f4f44b66d2089b06664a5344158b7fd9ec94299cca6ff2a45f3863610d6689f0ddb51f1ee605f8e550452e2c84b9eb853cf4b305081ef5ae58e208153475106cebcb3baa246d7c7a097293f841de88ce2afbddc4f07a06a635bd105271fd47a71b355eeb558f1e8eb1227e07af70aa49855a7295fe2e3b6c0c6d01e5d8a70baa68c08fed2409150136b781a580cc267969b1cd2f6577c167bb6b37ff4e4f1a9b260e476415e7ff2dbc0f1e5f83d849392130483049f7a147b87113b7d19bb316df45475e29ac0f6be784499671f7fd07e235604fddc301ac97869eb529a5386d104b0367899f5da1c9a2af1a00d63f2aa48db104d8c8132f237a2b63dc25d63af743962d5f141692f2a54c5a757421159335c70faae45679e8e8a1775573477d457df3716fecf2f34f35034a666db76b1d3e66b3993f193d636627f7681152cc97f38d24e3c012d3605e3a7600465c2cdb6cc4cc0dff247a334524620052c3e35a6a4ec6120c95a63f1c9dc71f7070d291642b5ea1d3293501d868883cd211fe03131d08369e6b2936ba2a105f3bbd2a3cdf10407711555b470df66bfddccb43cfbe7259027a72e9daf0391cdeda8d4df5c6a337f8ead6ce25a64849974f3bf8f37b5ae03fba606f33de0a94743c696a3696990383603409afe0fc651f53e75fd41d796b57fab583460b9f757b2a9a79d45c856e9e954b35c44f118a143496188bd5b546feb9fbfe3f7406c930d34f18987b979c05d59dadcba4a2d67d49ad6dca25fe34a9bd260e584b36cfdcc2a581331bb0e419ffe0c69a1fe9b17550d59df527910773a20de611e9251e5c746b9a87c413ee930d8c34c506a3c1f8d0c8502027d396d5a9058bc5868a39ed7f2cb0788306193504b1f4dfa37eab2ea9604e87b08312639ab8797a2f05ec4227574ef2b61826262b4dc30c3ecf5f856fa7a9f5788934aef48b5ecddb06374986abf53ead8262d40821a7a7eb42ab1a2682a88253b2f8c6167887f1a3aef7ba4199c0526610580e7a276ddd35c4e23c7fe6d12bc683be0d99616ac030867c3245cc5110a14ddee2186271ee7d0beec495c5c1881cc09b569ec20844e3af95625e6db749d305fe3e9f00b370532bd764e3ea2e5de0d9c14915408432153b13ce7b5190a22b75dcf7ab69be94f6005f751530b5cd37823a8476a0aa68493ae988b57b792aa62c6acf87d230613c4d024333af62de1ef27203aaa07fd9116019361ae55c86e7367d7b2b23ee7366fddfad35fd712d6bf5760627f80129e2ede518e6157e8dee631c517dd81ce0a2266efe95f3ee4180dbfce639ffad2146b5cfa5e29b8315b9459733d26fbea4f23d068a0d6905608d73956f69af61c444b2621b8bf8130caeb253cbf04c79605a2ceacacc3f9cd4706f46f779a35d270746231df9a923b03b07fbcf63f4a978b69b8359fd889c1082fb4f5954013d61289aeac852e2bb872b53b8852c6de8ae8d2d46e49d566133a3b344b99f0f34927ae7a013cd4e21c5", 0x7}, 0x1, &(0x7f0000000180)="66b5da25ae1c96ccd6ad2eb0c9336b7b89108f041152a521cfcfab65f97ad44f1d1ecd064ee0ed2a23cb8611a567057ed5934b48dd75bbf848a0586c237be8de62e488b082841ce03aa2397b39a936daa153b7308dde4f0e75e6", 0x7, 0xb0}, 0xe58}, 0x4, 0x0) write$auto(0x3, 0x0, 0xfdef) 894.54642ms ago: executing program 0 (id=7597): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) (async) socket(0x2, 0x5, 0x0) (async) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x43, 0x0, 0x0, 0x0) (async, rerun: 64) clone$auto(0x0, 0x5, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x9) (async, rerun: 64) r1 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r1, 0x6b, 0x3, 0xfffffffffffffffe, 0x0) (async) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x9, 0x800000000000, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80, 0x8, 0x2, 0xfffffffbfffffff8}) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/radio18\x00', 0x40000, 0x0) fsetxattr$auto(0xffffffffffffffff, &(0x7f0000000040)='#\x00', &(0x7f0000000080), 0x11a1, 0x1) (async) read$auto(r2, 0x0, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x0, 0xfffff004, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) r5 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) (async) r6 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r8, r7, 0x4, 0x1ff, r6, @relative_id=0x13, 0xe600}, 0xf) (async) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x20, r4, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@HWSIM_ATTR_PERM_ADDR={0xa, 0x16, "a38891697bd9"}]}, 0x20}, 0x1, 0x0, 0x0, 0x801}, 0x4044820) (async) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40000) (rerun: 64) 536.949902ms ago: executing program 6 (id=7598): recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000000), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) read$auto(r0, 0x0, 0x80) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x2) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041) bind$auto(0x3, &(0x7f0000000080), 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, 0x0, 0x40) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) setsockopt$auto(0x3, 0x6, 0x19, 0x0, 0xfb3) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'geneve0\x00', 0x0}) socket(0x11, 0x80003, 0x300) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="7d472d00fcdbdf2509000000080003000000", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044) r3 = socket(0xa, 0x5, 0x84) sendto$auto(r3, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 0s ago: executing program 5 (id=7599): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000018c0)='/proc/thread-self/net/rxrpc/bundles\x00', 0x100, 0x0) pread64$auto(r0, 0x0, 0xf429, 0x100) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0xc, 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x30, r1, 0x1, 0x70bd29, 0x25dfdc00, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x18, 0x1, 0x0, 0x1, [@nested={0x14, 0x10, 0x0, 0x1, [@typed={0x10, 0x8, 0x0, 0x0, @binary="f5411d09338486ed0aa185c1"}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) kernel console output (not intermixed with test programs): 0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 896.765917][T24457] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 896.774330][T24457] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 896.782300][T24457] RDX: 0000000000000002 RSI: 0000000020000040 RDI: 0000000000000004 [ 896.790264][T24457] RBP: 00007fbf8f9eb090 R08: 0000000000000000 R09: 0000000000000000 [ 896.798249][T24457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 896.806228][T24457] R13: 0000000000000000 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 896.814211][T24457] [ 897.126260][T24454] team0: Port device team_slave_0 removed [ 897.242079][T24459] nbd: must specify an index to disconnect [ 897.862134][T24476] FAULT_INJECTION: forcing a failure. [ 897.862134][T24476] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 897.937715][T24476] CPU: 0 UID: 0 PID: 24476 Comm: syz.0.6839 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 897.948527][T24476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 897.958574][T24476] Call Trace: [ 897.961843][T24476] [ 897.964787][T24476] dump_stack_lvl+0x16c/0x1f0 [ 897.969462][T24476] should_fail_ex+0x497/0x5b0 [ 897.974149][T24476] ? fs_reclaim_acquire+0xae/0x150 [ 897.979253][T24476] should_fail_alloc_page+0xe7/0x130 [ 897.984543][T24476] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 897.990708][T24476] ? __lock_acquire+0xcc5/0x3c40 [ 897.995662][T24476] __alloc_pages_noprof+0x190/0x25b0 [ 898.000949][T24476] ? __pfx___lock_acquire+0x10/0x10 [ 898.006149][T24476] ? hlock_class+0x4e/0x130 [ 898.010646][T24476] ? mark_lock+0xb5/0xc60 [ 898.015235][T24476] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 898.020970][T24476] ? find_held_lock+0x2d/0x110 [ 898.025737][T24476] ? mtree_load+0x30a/0xa40 [ 898.030241][T24476] ? __pfx_lock_release+0x10/0x10 [ 898.035260][T24476] ? trace_lock_acquire+0x14e/0x1f0 [ 898.040485][T24476] ? __pfx_lock_release+0x10/0x10 [ 898.045515][T24476] ___kmalloc_large_node+0x84/0x1b0 [ 898.050710][T24476] __kmalloc_large_node_noprof+0x1c/0x70 [ 898.056352][T24476] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 898.062943][T24476] ? bitmap_parselist_user+0x24/0x90 [ 898.068230][T24476] memdup_user_nul+0x2b/0x110 [ 898.072921][T24476] bitmap_parselist_user+0x24/0x90 [ 898.078033][T24476] irq_affinity_list_proc_write+0x148/0x260 [ 898.083919][T24476] ? __pfx_irq_affinity_list_proc_write+0x10/0x10 [ 898.090326][T24476] ? rcu_is_watching+0x12/0xc0 [ 898.095102][T24476] ? trace_lock_acquire+0x14e/0x1f0 [ 898.100296][T24476] ? __pfx_irq_affinity_list_proc_write+0x10/0x10 [ 898.106704][T24476] proc_reg_write+0x23d/0x330 [ 898.111400][T24476] ? __pfx_proc_reg_write+0x10/0x10 [ 898.116591][T24476] vfs_writev+0x6da/0xdd0 [ 898.120913][T24476] ? fdget_pos+0x267/0x390 [ 898.125350][T24476] ? __pfx_vfs_writev+0x10/0x10 [ 898.130301][T24476] ? __mutex_lock+0x1cc/0xa60 [ 898.135001][T24476] ? find_held_lock+0x2d/0x110 [ 898.139806][T24476] ? __pfx___mutex_lock+0x10/0x10 [ 898.145036][T24476] ? trace_lock_acquire+0x14e/0x1f0 [ 898.150386][T24476] ? __fget_files+0x206/0x3a0 [ 898.155086][T24476] ? do_writev+0x133/0x340 [ 898.159932][T24476] do_writev+0x133/0x340 [ 898.164166][T24476] ? __pfx_do_writev+0x10/0x10 [ 898.168936][T24476] do_syscall_64+0xcd/0x250 [ 898.173436][T24476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 898.179328][T24476] RIP: 0033:0x7fbf8eb85d29 [ 898.183750][T24476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 898.205199][T24476] RSP: 002b:00007fbf8f9ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 898.213623][T24476] RAX: ffffffffffffffda RBX: 00007fbf8ed76080 RCX: 00007fbf8eb85d29 [ 898.221582][T24476] RDX: 0000000000000008 RSI: 0000000020000100 RDI: 0000000000000003 [ 898.229540][T24476] RBP: 00007fbf8f9ca090 R08: 0000000000000000 R09: 0000000000000000 [ 898.237497][T24476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 898.245454][T24476] R13: 0000000000000000 R14: 00007fbf8ed76080 R15: 00007ffe05ad3d08 [ 898.253427][T24476] [ 898.716216][T24484] nbd: must specify an index to disconnect [ 898.722680][T24482] vhci_hcd: not connected 4 [ 899.389331][T24489] sysfs_service_op_show: Client not running :-5: [ 899.695641][T24495] FAULT_INJECTION: forcing a failure. [ 899.695641][T24495] name failslab, interval 1, probability 0, space 0, times 0 [ 899.763059][T24495] CPU: 0 UID: 0 PID: 24495 Comm: syz.0.6849 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 899.773948][T24495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 899.783994][T24495] Call Trace: [ 899.787259][T24495] [ 899.790178][T24495] dump_stack_lvl+0x16c/0x1f0 [ 899.794849][T24495] should_fail_ex+0x497/0x5b0 [ 899.799520][T24495] ? fs_reclaim_acquire+0xae/0x150 [ 899.804622][T24495] should_failslab+0xc2/0x120 [ 899.809295][T24495] __kmalloc_noprof+0xce/0x4f0 [ 899.814050][T24495] ? rcu_is_watching+0x12/0xc0 [ 899.818803][T24495] ? kernfs_fop_write_iter+0x223/0x500 [ 899.824262][T24495] kernfs_fop_write_iter+0x223/0x500 [ 899.829544][T24495] vfs_write+0x5ae/0x1150 [ 899.833886][T24495] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 899.839698][T24495] ? __pfx___mutex_lock+0x10/0x10 [ 899.844730][T24495] ? __pfx_vfs_write+0x10/0x10 [ 899.849520][T24495] ksys_write+0x12b/0x250 [ 899.853865][T24495] ? __pfx_ksys_write+0x10/0x10 [ 899.858727][T24495] do_syscall_64+0xcd/0x250 [ 899.863238][T24495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 899.869132][T24495] RIP: 0033:0x7fbf8eb85d29 [ 899.873538][T24495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 899.893156][T24495] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 899.901577][T24495] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 899.909535][T24495] RDX: 000000000000000a RSI: 0000000000000000 RDI: 0000000000000003 [ 899.917497][T24495] RBP: 00007fbf8f9eb090 R08: 0000000000000000 R09: 0000000000000000 [ 899.925651][T24495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 899.933826][T24495] R13: 0000000000000000 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 899.941863][T24495] [ 899.992538][T24497] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6850'. [ 900.460644][T24500] can: request_module (can-proto-0) failed. [ 900.658370][T24497] team0: Port device team_slave_0 removed [ 900.836243][T24503] netlink: 48 bytes leftover after parsing attributes in process `syz.5.6851'. [ 900.945690][T24507] FAULT_INJECTION: forcing a failure. [ 900.945690][T24507] name failslab, interval 1, probability 0, space 0, times 0 [ 901.015682][T24507] CPU: 0 UID: 0 PID: 24507 Comm: syz.0.6852 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 901.026499][T24507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 901.036635][T24507] Call Trace: [ 901.039902][T24507] [ 901.042824][T24507] dump_stack_lvl+0x16c/0x1f0 [ 901.047522][T24507] should_fail_ex+0x497/0x5b0 [ 901.052193][T24507] ? fs_reclaim_acquire+0xae/0x150 [ 901.057302][T24507] should_failslab+0xc2/0x120 [ 901.061983][T24507] __kmalloc_noprof+0xce/0x4f0 [ 901.066758][T24507] ? rcu_is_watching+0x12/0xc0 [ 901.071527][T24507] ? kernfs_fop_write_iter+0x223/0x500 [ 901.076991][T24507] kernfs_fop_write_iter+0x223/0x500 [ 901.082274][T24507] vfs_write+0x5ae/0x1150 [ 901.086600][T24507] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 901.092402][T24507] ? __pfx___mutex_lock+0x10/0x10 [ 901.097437][T24507] ? __pfx_vfs_write+0x10/0x10 [ 901.102210][T24507] ksys_write+0x12b/0x250 [ 901.106534][T24507] ? __pfx_ksys_write+0x10/0x10 [ 901.111381][T24507] do_syscall_64+0xcd/0x250 [ 901.115896][T24507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.121786][T24507] RIP: 0033:0x7fbf8eb85d29 [ 901.126228][T24507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 901.145848][T24507] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 901.154340][T24507] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 901.162344][T24507] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 901.170308][T24507] RBP: 00007fbf8f9eb090 R08: 0000000000000000 R09: 0000000000000000 [ 901.178286][T24507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 901.186265][T24507] R13: 0000000000000000 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 901.194761][T24507] [ 902.145903][T24523] FAULT_INJECTION: forcing a failure. [ 902.145903][T24523] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 902.227063][T24529] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6862'. [ 902.297185][T24523] CPU: 0 UID: 0 PID: 24523 Comm: syz.4.6860 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 902.307985][T24523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 902.318210][T24523] Call Trace: [ 902.321477][T24523] [ 902.324393][T24523] dump_stack_lvl+0x16c/0x1f0 [ 902.329066][T24523] should_fail_ex+0x497/0x5b0 [ 902.333751][T24523] _copy_from_user+0x2e/0xd0 [ 902.338344][T24523] copy_msghdr_from_user+0x99/0x160 [ 902.343549][T24523] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 902.349351][T24523] ? __lock_acquire+0xcc5/0x3c40 [ 902.354298][T24523] ___sys_sendmsg+0xff/0x1e0 [ 902.358897][T24523] ? __pfx____sys_sendmsg+0x10/0x10 [ 902.364145][T24523] ? trace_lock_acquire+0x14e/0x1f0 [ 902.369374][T24523] __sys_sendmmsg+0x201/0x420 [ 902.374061][T24523] ? __pfx___sys_sendmmsg+0x10/0x10 [ 902.379269][T24523] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 902.385429][T24523] ? fput+0x67/0x440 [ 902.389348][T24523] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 902.395586][T24523] ? syscall_user_dispatch+0x77/0x140 [ 902.401055][T24523] __x64_sys_sendmmsg+0x9c/0x100 [ 902.406095][T24523] do_syscall_64+0xcd/0x250 [ 902.410602][T24523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 902.416523][T24523] RIP: 0033:0x7f70e2d85d29 [ 902.420973][T24523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 902.440591][T24523] RSP: 002b:00007f70e3b46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 902.449003][T24523] RAX: ffffffffffffffda RBX: 00007f70e2f75fa0 RCX: 00007f70e2d85d29 [ 902.456981][T24523] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000006 [ 902.464942][T24523] RBP: 00007f70e3b46090 R08: 0000000000000000 R09: 0000000000000000 [ 902.472902][T24523] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 902.480893][T24523] R13: 0000000000000000 R14: 00007f70e2f75fa0 R15: 00007ffec8bdbbb8 [ 902.488905][T24523] [ 902.702493][T24532] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6863'. [ 903.405394][T24540] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6867'. [ 903.575682][T24540] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.6867'. [ 904.543418][T24575] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6876'. [ 904.606163][T24577] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6878'. [ 904.829127][T24575] team0: Port device team_slave_0 removed [ 905.146808][T24590] FAULT_INJECTION: forcing a failure. [ 905.146808][T24590] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 905.225875][T24590] CPU: 0 UID: 0 PID: 24590 Comm: syz.0.6882 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 905.236679][T24590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 905.246735][T24590] Call Trace: [ 905.250011][T24590] [ 905.252939][T24590] dump_stack_lvl+0x16c/0x1f0 [ 905.257617][T24590] should_fail_ex+0x497/0x5b0 [ 905.262295][T24590] _copy_from_user+0x2e/0xd0 [ 905.266887][T24590] isotp_setsockopt+0x22d/0xb60 [ 905.271761][T24590] ? __pfx_isotp_setsockopt+0x10/0x10 [ 905.277135][T24590] ? __pfx_isotp_setsockopt+0x10/0x10 [ 905.282502][T24590] do_sock_setsockopt+0x222/0x480 [ 905.287544][T24590] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 905.293085][T24590] ? lock_acquire+0x2f/0xb0 [ 905.297613][T24590] __sys_setsockopt+0x1a0/0x230 [ 905.302582][T24590] __x64_sys_setsockopt+0xbd/0x160 [ 905.307708][T24590] ? do_syscall_64+0x91/0x250 [ 905.312387][T24590] ? lockdep_hardirqs_on+0x7c/0x110 [ 905.317585][T24590] do_syscall_64+0xcd/0x250 [ 905.322204][T24590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 905.328113][T24590] RIP: 0033:0x7fbf8eb85d29 [ 905.332528][T24590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 905.352231][T24590] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 905.360940][T24590] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 905.368906][T24590] RDX: 0000000000000005 RSI: 000000000000006a RDI: 0000000000000003 [ 905.376926][T24590] RBP: 00007fbf8f9eb090 R08: 0000000000000003 R09: 0000000000000000 [ 905.384916][T24590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 905.392886][T24590] R13: 0000000000000000 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 905.400871][T24590] [ 905.490840][T24588] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6881'. [ 905.611566][T24591] Process accounting resumed [ 905.616479][T24588] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.6881'. [ 905.636792][T24591] kernel write not supported for file /tomoyo/query (pid: 24591 comm: syz.4.6883) [ 905.814601][T24597] kernel write not supported for file /tomoyo/query (pid: 24597 comm: syz.4.6885) [ 906.011248][T24601] kernel write not supported for file /tomoyo/query (pid: 24601 comm: syz.4.6887) [ 906.884391][T24620] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 906.915020][T24620] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 906.924022][T24620] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 906.938073][T24620] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 906.945593][T24620] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 906.952768][T24620] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 907.544045][T24619] chnl_net:caif_netlink_parms(): no params data found [ 907.819935][T24619] bridge0: port 1(bridge_slave_0) entered blocking state [ 907.875285][T24619] bridge0: port 1(bridge_slave_0) entered disabled state [ 907.896069][T24619] bridge_slave_0: entered allmulticast mode [ 907.941055][T24619] bridge_slave_0: entered promiscuous mode [ 907.984399][T24619] bridge0: port 2(bridge_slave_1) entered blocking state [ 908.035194][T24619] bridge0: port 2(bridge_slave_1) entered disabled state [ 908.042427][T24619] bridge_slave_1: entered allmulticast mode [ 908.103353][T24619] bridge_slave_1: entered promiscuous mode [ 908.250593][T24619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 908.320372][T24619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 908.345898][T24635] FAULT_INJECTION: forcing a failure. [ 908.345898][T24635] name failslab, interval 1, probability 0, space 0, times 0 [ 908.464832][T24619] team0: Port device team_slave_0 added [ 908.495332][T24635] CPU: 0 UID: 0 PID: 24635 Comm: syz.0.6893 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 908.506204][T24635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 908.516285][T24635] Call Trace: [ 908.519614][T24635] [ 908.522566][T24635] dump_stack_lvl+0x16c/0x1f0 [ 908.527269][T24635] should_fail_ex+0x497/0x5b0 [ 908.531958][T24635] ? fs_reclaim_acquire+0xae/0x150 [ 908.537097][T24635] should_failslab+0xc2/0x120 [ 908.541783][T24635] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 908.548114][T24635] ? proc_simple_write+0xc7/0x1b0 [ 908.553261][T24635] memdup_user_nul+0x2b/0x110 [ 908.557976][T24635] proc_simple_write+0xc7/0x1b0 [ 908.562836][T24635] ? __pfx_proc_simple_write+0x10/0x10 [ 908.568410][T24635] proc_reg_write+0x23d/0x330 [ 908.573099][T24635] ? __pfx_proc_reg_write+0x10/0x10 [ 908.578322][T24635] vfs_write+0x24c/0x1150 [ 908.582731][T24635] ? __fget_files+0x1fc/0x3a0 [ 908.587549][T24635] ? __pfx___mutex_lock+0x10/0x10 [ 908.592614][T24635] ? __pfx_vfs_write+0x10/0x10 [ 908.597385][T24635] ? __fget_files+0x206/0x3a0 [ 908.602081][T24635] ksys_write+0x12b/0x250 [ 908.606426][T24635] ? __pfx_ksys_write+0x10/0x10 [ 908.611292][T24635] do_syscall_64+0xcd/0x250 [ 908.615909][T24635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.621846][T24635] RIP: 0033:0x7fbf8eb85d29 [ 908.626263][T24635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 908.645872][T24635] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 908.654280][T24635] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 908.662245][T24635] RDX: 000000000000009d RSI: 0000000020000200 RDI: 0000000000000003 [ 908.670209][T24635] RBP: 00007fbf8f9eb090 R08: 0000000000000000 R09: 0000000000000000 [ 908.678189][T24635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 908.686153][T24635] R13: 0000000000000000 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 908.694129][T24635] [ 908.708137][T24619] team0: Port device team_slave_1 added [ 908.785212][T24620] Bluetooth: hci0: command 0x0406 tx timeout [ 909.056544][T24620] Bluetooth: hci2: command tx timeout [ 909.287715][T24619] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 909.317614][T24619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 909.447459][T24619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 909.525424][T24619] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 909.532509][T24619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 909.648636][T24605] kernel write not supported for file /tomoyo/query (pid: 24605 comm: syz.4.6889) [ 909.717045][T24619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 909.963406][T24606] kernel write not supported for file /tomoyo/query (pid: 24606 comm: syz.4.6889) [ 910.120516][T24619] hsr_slave_0: entered promiscuous mode [ 910.183025][T24641] kAFS: bad VL server IP address [ 910.243182][T24619] hsr_slave_1: entered promiscuous mode [ 910.297497][T24619] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 910.347630][T24619] Cannot create hsr debugfs directory [ 910.435410][T24640] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6895'. [ 910.498713][T24641] kernel write not supported for file /tomoyo/query (pid: 24641 comm: syz.4.6894) [ 910.727504][T24645] FAULT_INJECTION: forcing a failure. [ 910.727504][T24645] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 910.805493][T24645] CPU: 0 UID: 0 PID: 24645 Comm: syz.5.6896 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 910.816294][T24645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 910.826351][T24645] Call Trace: [ 910.829709][T24645] [ 910.832635][T24645] dump_stack_lvl+0x16c/0x1f0 [ 910.837325][T24645] should_fail_ex+0x497/0x5b0 [ 910.842002][T24645] _copy_from_user+0x2e/0xd0 [ 910.846590][T24645] copy_msghdr_from_user+0x99/0x160 [ 910.851794][T24645] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 910.857603][T24645] ? __lock_acquire+0xcc5/0x3c40 [ 910.862548][T24645] ___sys_sendmsg+0xff/0x1e0 [ 910.867141][T24645] ? __pfx____sys_sendmsg+0x10/0x10 [ 910.872368][T24645] ? trace_lock_acquire+0x14e/0x1f0 [ 910.877589][T24645] __sys_sendmmsg+0x201/0x420 [ 910.882271][T24645] ? __pfx___sys_sendmmsg+0x10/0x10 [ 910.887472][T24645] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 910.893475][T24645] ? fput+0x67/0x440 [ 910.897377][T24645] ? ksys_write+0x1ba/0x250 [ 910.901909][T24645] ? __pfx_ksys_write+0x10/0x10 [ 910.906755][T24645] __x64_sys_sendmmsg+0x9c/0x100 [ 910.911718][T24645] ? lockdep_hardirqs_on+0x7c/0x110 [ 910.916911][T24645] do_syscall_64+0xcd/0x250 [ 910.921419][T24645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 910.927353][T24645] RIP: 0033:0x7f9f09185d29 [ 910.931770][T24645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 910.951397][T24645] RSP: 002b:00007f9f0a019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 910.959857][T24645] RAX: ffffffffffffffda RBX: 00007f9f09375fa0 RCX: 00007f9f09185d29 [ 910.967828][T24645] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 910.975793][T24645] RBP: 00007f9f0a019090 R08: 0000000000000000 R09: 0000000000000000 [ 910.983788][T24645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 910.991754][T24645] R13: 0000000000000000 R14: 00007f9f09375fa0 R15: 00007ffe611812d8 [ 910.999733][T24645] [ 911.148594][ T54] Bluetooth: hci2: command tx timeout [ 911.343200][T24648] kernel write not supported for file /tomoyo/query (pid: 24648 comm: syz.4.6898) [ 911.648940][T24619] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 911.877157][T24619] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 912.046688][T24619] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 912.192464][T24619] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 912.493789][T24619] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 912.506682][T24619] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 912.525551][T24619] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 912.527300][T24619] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 912.697969][T24619] 8021q: adding VLAN 0 to HW filter on device bond0 [ 912.756099][T24619] 8021q: adding VLAN 0 to HW filter on device team0 [ 912.788617][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 912.788700][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 912.789983][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 912.790025][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 912.821783][T24619] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 912.821803][T24619] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 913.158532][T24619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 913.208595][T24609] Bluetooth: hci2: command tx timeout [ 913.256322][T24619] veth0_vlan: entered promiscuous mode [ 913.259485][T24619] veth1_vlan: entered promiscuous mode [ 913.307323][T24619] veth0_macvtap: entered promiscuous mode [ 913.319797][T24619] veth1_macvtap: entered promiscuous mode [ 913.368444][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368464][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368471][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368482][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368489][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368499][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368506][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368516][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368525][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368535][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368543][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368554][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368562][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368572][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368580][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368590][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368601][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368611][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.368619][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.368629][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.369281][T24619] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 913.370622][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370638][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370645][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370655][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370662][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370672][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370679][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370689][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370699][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370708][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370716][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370726][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370734][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370744][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370752][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370762][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370770][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370779][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370788][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370798][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.370806][T24619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 913.370816][T24619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.371371][T24619] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 913.372821][T24619] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 913.372884][T24619] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 913.372906][T24619] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 913.372927][T24619] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 913.678283][T18410] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 913.678300][T18410] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 913.743072][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 913.743090][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 914.178196][T24682] FAULT_INJECTION: forcing a failure. [ 914.178196][T24682] name failslab, interval 1, probability 0, space 0, times 0 [ 914.178242][T24682] CPU: 0 UID: 0 PID: 24682 Comm: syz.5.6905 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 914.178261][T24682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 914.178270][T24682] Call Trace: [ 914.178276][T24682] [ 914.178282][T24682] dump_stack_lvl+0x16c/0x1f0 [ 914.178305][T24682] should_fail_ex+0x497/0x5b0 [ 914.178324][T24682] ? fs_reclaim_acquire+0xae/0x150 [ 914.178344][T24682] should_failslab+0xc2/0x120 [ 914.178365][T24682] __kmalloc_noprof+0xce/0x4f0 [ 914.178384][T24682] ? rcu_is_watching+0x12/0xc0 [ 914.178403][T24682] ? kernfs_fop_write_iter+0x223/0x500 [ 914.178426][T24682] kernfs_fop_write_iter+0x223/0x500 [ 914.178448][T24682] vfs_write+0x5ae/0x1150 [ 914.178466][T24682] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 914.178486][T24682] ? __pfx___mutex_lock+0x10/0x10 [ 914.178506][T24682] ? __pfx_vfs_write+0x10/0x10 [ 914.178533][T24682] ksys_write+0x12b/0x250 [ 914.178550][T24682] ? __pfx_ksys_write+0x10/0x10 [ 914.178572][T24682] do_syscall_64+0xcd/0x250 [ 914.178592][T24682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 914.178611][T24682] RIP: 0033:0x7f9f09185d29 [ 914.178624][T24682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 914.178639][T24682] RSP: 002b:00007f9f0a019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 914.178655][T24682] RAX: ffffffffffffffda RBX: 00007f9f09375fa0 RCX: 00007f9f09185d29 [ 914.178666][T24682] RDX: 0000000000000004 RSI: 0000000020000100 RDI: 0000000000000003 [ 914.178676][T24682] RBP: 00007f9f0a019090 R08: 0000000000000000 R09: 0000000000000000 [ 914.178686][T24682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 914.178695][T24682] R13: 0000000000000000 R14: 00007f9f09375fa0 R15: 00007ffe611812d8 [ 914.178714][T24682] [ 914.226526][T24683] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6904'. [ 915.295286][T24609] Bluetooth: hci2: command tx timeout [ 915.964826][T24703] sysfs_service_op_show: Client not running :-5: [ 916.785708][T24708] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6915'. [ 917.092763][T24709] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.6915'. [ 917.219200][T24717] netlink: 'syz.2.6918': attribute type 4 has an invalid length. [ 917.304317][T24658] kernel write not supported for file /tomoyo/query (pid: 24658 comm: syz.4.6901) [ 917.988729][T24736] FAULT_INJECTION: forcing a failure. [ 917.988729][T24736] name failslab, interval 1, probability 0, space 0, times 0 [ 918.080707][T24736] CPU: 0 UID: 0 PID: 24736 Comm: syz.2.6924 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 918.091528][T24736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 918.101576][T24736] Call Trace: [ 918.104850][T24736] [ 918.107792][T24736] dump_stack_lvl+0x16c/0x1f0 [ 918.112469][T24736] should_fail_ex+0x497/0x5b0 [ 918.117137][T24736] ? fs_reclaim_acquire+0xae/0x150 [ 918.122242][T24736] should_failslab+0xc2/0x120 [ 918.126917][T24736] __kmalloc_noprof+0xce/0x4f0 [ 918.131763][T24736] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 918.137387][T24736] ? tomoyo_realpath_from_path+0xbf/0x710 [ 918.143345][T24736] tomoyo_realpath_from_path+0xbf/0x710 [ 918.148930][T24736] ? tomoyo_path_number_perm+0x235/0x5b0 [ 918.154598][T24736] tomoyo_path_number_perm+0x248/0x5b0 [ 918.160145][T24736] ? tomoyo_path_number_perm+0x235/0x5b0 [ 918.165799][T24736] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 918.171829][T24736] ? __pfx_lock_release+0x10/0x10 [ 918.176879][T24736] ? trace_lock_acquire+0x14e/0x1f0 [ 918.182089][T24736] ? lock_acquire+0x2f/0xb0 [ 918.186614][T24736] ? __fget_files+0x40/0x3a0 [ 918.191247][T24736] ? __fget_files+0x206/0x3a0 [ 918.195970][T24736] security_file_ioctl+0x9b/0x240 [ 918.201037][T24736] __x64_sys_ioctl+0xb7/0x200 [ 918.205721][T24736] do_syscall_64+0xcd/0x250 [ 918.210229][T24736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.216134][T24736] RIP: 0033:0x7fb3e8185d29 [ 918.220561][T24736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 918.240183][T24736] RSP: 002b:00007fb3e8eee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 918.248591][T24736] RAX: ffffffffffffffda RBX: 00007fb3e8375fa0 RCX: 00007fb3e8185d29 [ 918.256574][T24736] RDX: 0000000020000040 RSI: 00000000c0045002 RDI: 0000000000000003 [ 918.264554][T24736] RBP: 00007fb3e8eee090 R08: 0000000000000000 R09: 0000000000000000 [ 918.272519][T24736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 918.280488][T24736] R13: 0000000000000000 R14: 00007fb3e8375fa0 R15: 00007ffc858399a8 [ 918.288509][T24736] [ 919.300962][T24736] ERROR: Out of memory at tomoyo_realpath_from_path. [ 919.643352][T24756] batman_adv: Routing algorithm '' is not supported [ 920.276010][T24761] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6932'. [ 920.538119][T24764] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.6932'. [ 920.879361][T24725] kernel write not supported for file /tomoyo/query (pid: 24725 comm: syz.4.6921) [ 922.057691][T24774] kernel write not supported for file /tomoyo/query (pid: 24774 comm: syz.4.6936) [ 922.258654][T24793] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 922.354139][T24793] kernel write not supported for file /tomoyo/query (pid: 24793 comm: syz.4.6941) [ 922.645925][T24798] kernel write not supported for file /tomoyo/query (pid: 24798 comm: syz.4.6944) [ 923.434177][T24805] kernel write not supported for file /tomoyo/query (pid: 24805 comm: syz.4.6946) [ 923.684546][T24817] kernel write not supported for file /tomoyo/query (pid: 24817 comm: syz.4.6951) [ 923.924115][T24820] kernel write not supported for file /tomoyo/query (pid: 24820 comm: syz.4.6953) [ 924.909458][T24825] kernel write not supported for file /tomoyo/query (pid: 24825 comm: syz.4.6954) [ 925.609243][T24847] kernel write not supported for file /tomoyo/query (pid: 24847 comm: syz.4.6958) [ 926.364495][T24857] kernel write not supported for file /tomoyo/query (pid: 24857 comm: syz.4.6960) [ 926.586900][T24870] FAULT_INJECTION: forcing a failure. [ 926.586900][T24870] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 926.752665][T24870] CPU: 0 UID: 0 PID: 24870 Comm: syz.5.6965 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 926.763511][T24870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 926.773561][T24870] Call Trace: [ 926.776834][T24870] [ 926.779775][T24870] dump_stack_lvl+0x16c/0x1f0 [ 926.784460][T24870] should_fail_ex+0x497/0x5b0 [ 926.789140][T24870] _copy_from_user+0x2e/0xd0 [ 926.793739][T24870] copy_msghdr_from_user+0x99/0x160 [ 926.798941][T24870] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 926.804772][T24870] ___sys_sendmsg+0xff/0x1e0 [ 926.809358][T24870] ? __pfx____sys_sendmsg+0x10/0x10 [ 926.814580][T24870] ? __pfx_lock_release+0x10/0x10 [ 926.819597][T24870] ? trace_lock_acquire+0x14e/0x1f0 [ 926.824798][T24870] ? __fget_files+0x206/0x3a0 [ 926.829500][T24870] __sys_sendmsg+0x16e/0x220 [ 926.834090][T24870] ? __pfx___sys_sendmsg+0x10/0x10 [ 926.839226][T24870] do_syscall_64+0xcd/0x250 [ 926.843727][T24870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 926.849616][T24870] RIP: 0033:0x7f9f09185d29 [ 926.854018][T24870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 926.873625][T24870] RSP: 002b:00007f9f0a019038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 926.882035][T24870] RAX: ffffffffffffffda RBX: 00007f9f09375fa0 RCX: 00007f9f09185d29 [ 926.889997][T24870] RDX: 0000000000000040 RSI: 00000000200001c0 RDI: 0000000000000004 [ 926.897956][T24870] RBP: 00007f9f0a019090 R08: 0000000000000000 R09: 0000000000000000 [ 926.905920][T24870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 926.913882][T24870] R13: 0000000000000000 R14: 00007f9f09375fa0 R15: 00007ffe611812d8 [ 926.921873][T24870] [ 926.990955][T24875] kernel write not supported for file /tomoyo/query (pid: 24875 comm: syz.4.6967) [ 927.234076][T24880] kernel write not supported for file /tomoyo/query (pid: 24880 comm: syz.4.6969) [ 927.864770][T24888] sysfs_service_op_show: Client not running :-5: [ 928.091145][T24893] kernel write not supported for file /tomoyo/query (pid: 24893 comm: syz.4.6973) [ 928.969466][T24899] kernel write not supported for file /tomoyo/query (pid: 24899 comm: syz.4.6976) [ 929.085943][T24911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6979'. [ 929.919618][T24933] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.6983'. [ 930.226806][T24829] kernel write not supported for file /tomoyo/query (pid: 24829 comm: syz.4.6954) [ 930.272106][T24915] kernel write not supported for file /tomoyo/query (pid: 24915 comm: syz.4.6981) [ 930.394492][T24939] netlink: 'syz.0.6987': attribute type 1 has an invalid length. [ 930.680827][T24940] kernel write not supported for file /tomoyo/query (pid: 24940 comm: syz.4.6988) [ 930.757327][T24945] [U] [ 930.760059][T24945] [U] [ 930.762760][T24945] [U] [ 930.765443][T24945] [U] [ 930.883319][T24945] [U] [ 930.886051][T24945] [U] [ 930.888735][T24945] [U] [ 930.891415][T24945] [U] [ 931.118401][T24945] [U] [ 931.121138][T24945] [U] [ 931.123824][T24945] [U] [ 931.126510][T24945] [U] [ 931.135965][T24956] binder: 24955:24956 ioctl c0306201 9 returned -14 [ 931.150448][T24951] kernel write not supported for file /tomoyo/query (pid: 24951 comm: syz.4.6992) [ 931.359769][T24945] [U] [ 931.362492][T24945] [U] [ 931.365174][T24945] [U] [ 931.367849][T24945] [U] [ 931.519542][T24958] sysfs_service_op_show: Client not running :-5: [ 931.626335][T24945] [U] [ 931.629067][T24945] [U] [ 931.631765][T24945] [U] [ 931.634547][T24945] [U] [ 931.905811][T24945] [U] [ 932.038016][T24961] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.6995'. [ 932.078519][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.084820][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.706640][T24962] kernel write not supported for file /tomoyo/query (pid: 24962 comm: syz.4.6996) [ 933.408960][T24989] kernel write not supported for file /tomoyo/query (pid: 24989 comm: syz.4.7003) [ 933.656014][T25002] sysfs_service_op_show: Client not running :-5: [ 933.952289][T25014] netlink: 'syz.2.7009': attribute type 1 has an invalid length. [ 934.021312][T25017] netlink: 4763 bytes leftover after parsing attributes in process `syz.4.7008'. [ 934.030937][T25018] FAULT_INJECTION: forcing a failure. [ 934.030937][T25018] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 934.030979][T25018] CPU: 0 UID: 0 PID: 25018 Comm: syz.5.7011 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 934.030997][T25018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 934.031015][T25018] Call Trace: [ 934.031020][T25018] [ 934.031027][T25018] dump_stack_lvl+0x16c/0x1f0 [ 934.031050][T25018] should_fail_ex+0x497/0x5b0 [ 934.031072][T25018] _copy_to_user+0x32/0xd0 [ 934.031096][T25018] simple_read_from_buffer+0xd0/0x160 [ 934.031123][T25018] proc_fail_nth_read+0x198/0x270 [ 934.031147][T25018] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 934.031171][T25018] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 934.031201][T25018] vfs_read+0x1df/0xbe0 [ 934.031219][T25018] ? __fget_files+0x1fc/0x3a0 [ 934.031237][T25018] ? __pfx___mutex_lock+0x10/0x10 [ 934.031256][T25018] ? __pfx_vfs_read+0x10/0x10 [ 934.031276][T25018] ? __fget_files+0x206/0x3a0 [ 934.031298][T25018] ksys_read+0x12b/0x250 [ 934.031314][T25018] ? __pfx_ksys_read+0x10/0x10 [ 934.031336][T25018] do_syscall_64+0xcd/0x250 [ 934.031355][T25018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 934.031375][T25018] RIP: 0033:0x7f9f0918473c [ 934.031387][T25018] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 934.031402][T25018] RSP: 002b:00007f9f09ff8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 934.031418][T25018] RAX: ffffffffffffffda RBX: 00007f9f09376080 RCX: 00007f9f0918473c [ 934.031429][T25018] RDX: 000000000000000f RSI: 00007f9f09ff80a0 RDI: 0000000000000005 [ 934.031439][T25018] RBP: 00007f9f09ff8090 R08: 0000000000000000 R09: 0000000000000000 [ 934.031449][T25018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 934.031458][T25018] R13: 0000000000000001 R14: 00007f9f09376080 R15: 00007ffe611812d8 [ 934.031477][T25018] [ 934.227545][T25004] kernel write not supported for file /tomoyo/query (pid: 25004 comm: syz.4.7008) [ 934.486324][T25023] kernel write not supported for file /tomoyo/query (pid: 25023 comm: syz.4.7014) [ 935.440142][T25031] kernel write not supported for file /tomoyo/query (pid: 25031 comm: syz.4.7015) [ 935.735888][T25041] Process accounting paused [ 936.000923][T25043] sysfs_service_op_show: Client not running :-5: [ 936.710661][T25067] netlink: 'syz.0.7028': attribute type 1 has an invalid length. [ 937.561817][T25048] kexec: Could not allocate control_code_buffer [ 937.885779][T25098] FAULT_INJECTION: forcing a failure. [ 937.885779][T25098] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 937.885805][T25098] CPU: 0 UID: 0 PID: 25098 Comm: syz.2.7037 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 937.885823][T25098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 937.885833][T25098] Call Trace: [ 937.885838][T25098] [ 937.885845][T25098] dump_stack_lvl+0x16c/0x1f0 [ 937.885867][T25098] should_fail_ex+0x497/0x5b0 [ 937.885889][T25098] _copy_to_user+0x32/0xd0 [ 937.885912][T25098] simple_read_from_buffer+0xd0/0x160 [ 937.885938][T25098] proc_fail_nth_read+0x198/0x270 [ 937.885962][T25098] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 937.885986][T25098] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 937.886008][T25098] vfs_read+0x1df/0xbe0 [ 937.886026][T25098] ? __fget_files+0x1fc/0x3a0 [ 937.886044][T25098] ? __pfx___mutex_lock+0x10/0x10 [ 937.886063][T25098] ? __pfx_vfs_read+0x10/0x10 [ 937.886084][T25098] ? __fget_files+0x206/0x3a0 [ 937.886106][T25098] ksys_read+0x12b/0x250 [ 937.886122][T25098] ? __pfx_ksys_read+0x10/0x10 [ 937.886143][T25098] do_syscall_64+0xcd/0x250 [ 937.886164][T25098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 937.886183][T25098] RIP: 0033:0x7fb3e818473c [ 937.886196][T25098] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 937.886210][T25098] RSP: 002b:00007fb3e8eee030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 937.886226][T25098] RAX: ffffffffffffffda RBX: 00007fb3e8375fa0 RCX: 00007fb3e818473c [ 937.886237][T25098] RDX: 000000000000000f RSI: 00007fb3e8eee0a0 RDI: 0000000000000003 [ 937.886247][T25098] RBP: 00007fb3e8eee090 R08: 0000000000000000 R09: 0000000000000000 [ 937.886257][T25098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 937.886266][T25098] R13: 0000000000000001 R14: 00007fb3e8375fa0 R15: 00007ffc858399a8 [ 937.886285][T25098] [ 938.116675][T25106] netlink: 'syz.2.7039': attribute type 1 has an invalid length. [ 939.566541][T25138] netlink: 350 bytes leftover after parsing attributes in process `syz.2.7048'. [ 940.000135][T25155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7055'. [ 940.330592][T25167] netlink: 146 bytes leftover after parsing attributes in process `syz.2.7059'. [ 941.116286][T25182] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7062'. [ 941.209941][T25186] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7062'. [ 942.916783][T25216] sysfs_service_op_show: Client not running :-5: [ 942.987759][T25223] netlink: 'syz.2.7071': attribute type 1 has an invalid length. [ 944.913064][T25251] sysfs_service_op_show: Client not running :-5: [ 944.921476][T25231] [U] [ 944.924187][T25231] [U] [ 944.926868][T25231] [U] [ 944.929547][T25231] [U] [ 944.989644][T25231] [U] [ 944.992370][T25231] [U] [ 944.995079][T25231] [U] [ 944.997794][T25231] [U] [ 945.073441][T25235] [U] [ 947.833236][T25289] netlink: 342 bytes leftover after parsing attributes in process `syz.5.7092'. [ 948.479231][T25289] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7092'. [ 948.827122][T25306] FAULT_INJECTION: forcing a failure. [ 948.827122][T25306] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 948.910642][T25306] CPU: 0 UID: 0 PID: 25306 Comm: syz.5.7097 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 948.921466][T25306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 948.931514][T25306] Call Trace: [ 948.934782][T25306] [ 948.937710][T25306] dump_stack_lvl+0x16c/0x1f0 [ 948.942425][T25306] should_fail_ex+0x497/0x5b0 [ 948.947133][T25306] _copy_from_user+0x2e/0xd0 [ 948.951743][T25306] copy_msghdr_from_user+0x99/0x160 [ 948.956944][T25306] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 948.962753][T25306] ___sys_sendmsg+0xff/0x1e0 [ 948.967341][T25306] ? __pfx____sys_sendmsg+0x10/0x10 [ 948.972570][T25306] ? __pfx_lock_release+0x10/0x10 [ 948.977588][T25306] ? trace_lock_acquire+0x14e/0x1f0 [ 948.982836][T25306] ? __fget_files+0x206/0x3a0 [ 948.987599][T25306] __sys_sendmsg+0x16e/0x220 [ 948.992185][T25306] ? __pfx___sys_sendmsg+0x10/0x10 [ 948.997306][T25306] do_syscall_64+0xcd/0x250 [ 949.001805][T25306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 949.007690][T25306] RIP: 0033:0x7f9f09185d29 [ 949.012104][T25306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 949.031715][T25306] RSP: 002b:00007f9f0a019038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 949.040137][T25306] RAX: ffffffffffffffda RBX: 00007f9f09375fa0 RCX: 00007f9f09185d29 [ 949.048097][T25306] RDX: 000000000400c854 RSI: 0000000020000300 RDI: 0000000000000003 [ 949.056060][T25306] RBP: 00007f9f0a019090 R08: 0000000000000000 R09: 0000000000000000 [ 949.064026][T25306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 949.072038][T25306] R13: 0000000000000000 R14: 00007f9f09375fa0 R15: 00007ffe611812d8 [ 949.080037][T25306] [ 949.140044][T25303] sysfs_service_op_show: Client not running :-5: [ 950.296805][T25322] netlink: 'syz.4.7102': attribute type 1 has an invalid length. [ 950.986688][T25329] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7103'. [ 951.329832][T25334] netlink: 4763 bytes leftover after parsing attributes in process `syz.4.7103'. [ 952.171037][T25357] FAULT_INJECTION: forcing a failure. [ 952.171037][T25357] name failslab, interval 1, probability 0, space 0, times 0 [ 952.241707][T25355] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 952.255285][T25357] CPU: 0 UID: 0 PID: 25357 Comm: syz.5.7110 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 952.266093][T25357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 952.276154][T25357] Call Trace: [ 952.279430][T25357] [ 952.282352][T25357] dump_stack_lvl+0x16c/0x1f0 [ 952.287034][T25357] should_fail_ex+0x497/0x5b0 [ 952.291825][T25357] ? fs_reclaim_acquire+0xae/0x150 [ 952.296961][T25357] should_failslab+0xc2/0x120 [ 952.301655][T25357] __kmalloc_noprof+0xce/0x4f0 [ 952.306429][T25357] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 952.312132][T25357] ? tomoyo_realpath_from_path+0xbf/0x710 [ 952.317981][T25357] tomoyo_realpath_from_path+0xbf/0x710 [ 952.323529][T25357] ? tomoyo_path_number_perm+0x235/0x5b0 [ 952.329161][T25357] tomoyo_path_number_perm+0x248/0x5b0 [ 952.334717][T25357] ? tomoyo_path_number_perm+0x235/0x5b0 [ 952.340348][T25357] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 952.346349][T25357] ? __pfx_lock_release+0x10/0x10 [ 952.351401][T25357] ? trace_lock_acquire+0x14e/0x1f0 [ 952.356603][T25357] ? lock_acquire+0x2f/0xb0 [ 952.361094][T25357] ? __fget_files+0x40/0x3a0 [ 952.365679][T25357] ? __fget_files+0x206/0x3a0 [ 952.370352][T25357] security_file_ioctl+0x9b/0x240 [ 952.375398][T25357] __x64_sys_ioctl+0xb7/0x200 [ 952.380068][T25357] do_syscall_64+0xcd/0x250 [ 952.384570][T25357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 952.390573][T25357] RIP: 0033:0x7f9f09185d29 [ 952.394982][T25357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 952.414598][T25357] RSP: 002b:00007f9f0a019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 952.423015][T25357] RAX: ffffffffffffffda RBX: 00007f9f09375fa0 RCX: 00007f9f09185d29 [ 952.430979][T25357] RDX: 00000000200001c0 RSI: fffffff7effffd05 RDI: 0000000000000003 [ 952.438943][T25357] RBP: 00007f9f0a019090 R08: 0000000000000000 R09: 0000000000000000 [ 952.447346][T25357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 952.455335][T25357] R13: 0000000000000000 R14: 00007f9f09375fa0 R15: 00007ffe611812d8 [ 952.463310][T25357] [ 953.446517][T25357] ERROR: Out of memory at tomoyo_realpath_from_path. [ 953.453335][T25357] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 954.007278][T25376] sysfs_service_op_show: Client not running :-5: [ 954.342919][T25381] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7117'. [ 954.884421][T25381] netlink: 4763 bytes leftover after parsing attributes in process `syz.4.7117'. [ 955.737900][T25389] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 957.477326][T25414] netlink: 342 bytes leftover after parsing attributes in process `syz.5.7129'. [ 957.837788][T25414] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7129'. [ 958.186783][T25420] netlink: 56 bytes leftover after parsing attributes in process `syz.5.7131'. [ 958.942361][T25426] sysfs_service_op_show: Client not running :-5: [ 959.493613][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 959.504296][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 959.514474][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 959.523750][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 959.531350][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 959.538814][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 960.043712][T25435] chnl_net:caif_netlink_parms(): no params data found [ 960.440388][T25457] Process accounting resumed [ 960.813428][T25435] bridge0: port 1(bridge_slave_0) entered blocking state [ 960.813471][T25435] bridge0: port 1(bridge_slave_0) entered disabled state [ 960.813575][T25435] bridge_slave_0: entered allmulticast mode [ 960.814302][T25435] bridge_slave_0: entered promiscuous mode [ 960.817648][T25435] bridge0: port 2(bridge_slave_1) entered blocking state [ 960.817716][T25435] bridge0: port 2(bridge_slave_1) entered disabled state [ 960.817862][T25435] bridge_slave_1: entered allmulticast mode [ 960.818550][T25435] bridge_slave_1: entered promiscuous mode [ 961.010219][T25467] sysfs_service_op_show: Client not running :-5: [ 961.080182][T25435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 961.081749][T25435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 961.184529][T25435] team0: Port device team_slave_0 added [ 961.212785][T25435] team0: Port device team_slave_1 added [ 961.484093][T25435] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 961.484108][T25435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 961.484126][T25435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 961.495675][T25435] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 961.495689][T25435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 961.495707][T25435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 961.595461][T24609] Bluetooth: hci3: command tx timeout [ 961.637408][T25435] hsr_slave_0: entered promiscuous mode [ 961.670618][T25435] hsr_slave_1: entered promiscuous mode [ 961.673313][T25435] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 961.673387][T25435] Cannot create hsr debugfs directory [ 961.965347][T25471] netlink: 342 bytes leftover after parsing attributes in process `syz.2.7147'. [ 962.029576][T25471] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7147'. [ 962.677614][T25435] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 962.738189][T25435] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 962.877495][T25435] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 963.057929][T25477] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7148'. [ 963.265241][T25477] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7148'. [ 963.383713][T25435] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 963.684631][T24609] Bluetooth: hci3: command tx timeout [ 963.930122][T25435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 964.002337][T25435] 8021q: adding VLAN 0 to HW filter on device team0 [ 964.131791][T18403] bridge0: port 1(bridge_slave_0) entered blocking state [ 964.138944][T18403] bridge0: port 1(bridge_slave_0) entered forwarding state [ 964.226245][T18403] bridge0: port 2(bridge_slave_1) entered blocking state [ 964.233377][T18403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 964.400075][T25482] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7149'. [ 964.877503][T25487] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7149'. [ 964.956821][T25435] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 965.641206][T25435] veth0_vlan: entered promiscuous mode [ 965.706230][T25435] veth1_vlan: entered promiscuous mode [ 965.755344][T24609] Bluetooth: hci3: command tx timeout [ 965.819619][T25435] veth0_macvtap: entered promiscuous mode [ 965.887166][T25435] veth1_macvtap: entered promiscuous mode [ 965.961902][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.045290][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.135372][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.185244][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.235494][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.268833][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.309269][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.371256][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.420583][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.479668][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.522487][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.595454][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.655109][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.694234][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.732394][T25511] Process accounting resumed [ 966.740202][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.776426][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.825258][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.875841][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 966.917188][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 966.975523][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.017663][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 967.065190][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.109231][T25435] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 967.314423][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 967.383631][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.455830][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 967.506658][T25519] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7156'. [ 967.523271][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.568373][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 967.605319][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.651710][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 967.702009][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.746300][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 967.795394][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.835640][T24609] Bluetooth: hci3: command tx timeout [ 967.852244][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 967.905184][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 967.951573][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 967.999018][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 968.052381][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 968.087490][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 968.124991][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 968.158891][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 968.192831][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 968.229347][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 968.229367][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 968.229380][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 968.229393][T25435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 968.229404][T25435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 968.234407][T25435] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 968.259501][T25517] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7155'. [ 968.280562][T25435] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 968.280595][T25435] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 968.280618][T25435] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 968.280640][T25435] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 968.534057][T18412] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 968.534074][T18412] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 968.641160][T18388] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 968.641180][T18388] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 969.032779][T25534] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7159'. [ 969.046316][T25533] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7134'. [ 969.630232][T25531] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7159'. [ 969.825478][T25543] kafs: addr_prefs: Invalid Command [ 972.783873][T25574] netlink: 338 bytes leftover after parsing attributes in process `syz.6.7168'. [ 973.178391][T25577] Process accounting resumed [ 974.135401][T25583] kafs: addr_prefs: Invalid Command [ 974.526095][T25592] netlink: 342 bytes leftover after parsing attributes in process `syz.6.7171'. [ 974.792482][T25595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7173'. [ 976.010437][T25586] netlink: 4763 bytes leftover after parsing attributes in process `syz.6.7171'. [ 976.076625][T25610] FAULT_INJECTION: forcing a failure. [ 976.076625][T25610] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 976.269281][T25610] CPU: 0 UID: 0 PID: 25610 Comm: syz.2.7177 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 976.280100][T25610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 976.290159][T25610] Call Trace: [ 976.293434][T25610] [ 976.296371][T25610] dump_stack_lvl+0x16c/0x1f0 [ 976.301047][T25610] should_fail_ex+0x497/0x5b0 [ 976.305754][T25610] _copy_to_user+0x32/0xd0 [ 976.310179][T25610] simple_read_from_buffer+0xd0/0x160 [ 976.315574][T25610] proc_fail_nth_read+0x198/0x270 [ 976.320623][T25610] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 976.326185][T25610] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 976.331737][T25610] vfs_read+0x1df/0xbe0 [ 976.335912][T25610] ? __fget_files+0x1fc/0x3a0 [ 976.340585][T25610] ? __pfx___mutex_lock+0x10/0x10 [ 976.345629][T25610] ? __pfx_vfs_read+0x10/0x10 [ 976.350322][T25610] ? __fget_files+0x206/0x3a0 [ 976.354999][T25610] ksys_read+0x12b/0x250 [ 976.359239][T25610] ? __pfx_ksys_read+0x10/0x10 [ 976.364008][T25610] do_syscall_64+0xcd/0x250 [ 976.368516][T25610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 976.374410][T25610] RIP: 0033:0x7fb3e818473c [ 976.378834][T25610] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 976.398438][T25610] RSP: 002b:00007fb3e8eee030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 976.406939][T25610] RAX: ffffffffffffffda RBX: 00007fb3e8375fa0 RCX: 00007fb3e818473c [ 976.414912][T25610] RDX: 000000000000000f RSI: 00007fb3e8eee0a0 RDI: 0000000000000004 [ 976.422881][T25610] RBP: 00007fb3e8eee090 R08: 0000000000000000 R09: 0000000000000000 [ 976.430846][T25610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 976.438812][T25610] R13: 0000000000000000 R14: 00007fb3e8375fa0 R15: 00007ffc858399a8 [ 976.446796][T25610] [ 976.846763][T25618] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7182'. [ 976.883797][T25618] FAULT_INJECTION: forcing a failure. [ 976.883797][T25618] name failslab, interval 1, probability 0, space 0, times 0 [ 976.942787][T25618] CPU: 0 UID: 0 PID: 25618 Comm: syz.0.7182 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 976.953583][T25618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 976.963653][T25618] Call Trace: [ 976.966939][T25618] [ 976.969884][T25618] dump_stack_lvl+0x16c/0x1f0 [ 976.974564][T25618] should_fail_ex+0x497/0x5b0 [ 976.979272][T25618] should_failslab+0xc2/0x120 [ 976.983982][T25618] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 976.989372][T25618] ? skb_clone+0x190/0x3f0 [ 976.993805][T25618] skb_clone+0x190/0x3f0 [ 976.998052][T25618] netlink_deliver_tap+0xafd/0xca0 [ 977.003161][T25618] netlink_dump+0xb60/0xd00 [ 977.007657][T25618] ? __pfx_netlink_dump+0x10/0x10 [ 977.012682][T25618] ? lock_acquire+0x2f/0xb0 [ 977.017273][T25618] ? netlink_lookup+0x3d/0x270 [ 977.022046][T25618] __netlink_dump_start+0x6d9/0x980 [ 977.027242][T25618] ctnetlink_get_expect+0x79c/0x8f0 [ 977.032442][T25618] ? __pfx_ctnetlink_get_expect+0x10/0x10 [ 977.038162][T25618] ? __pfx_ctnetlink_exp_dump_table+0x10/0x10 [ 977.044229][T25618] ? __pfx_ctnetlink_exp_done+0x10/0x10 [ 977.049772][T25618] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 977.055579][T25618] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 977.060624][T25618] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 977.066076][T25618] ? find_held_lock+0x2d/0x110 [ 977.070863][T25618] netlink_rcv_skb+0x165/0x410 [ 977.075638][T25618] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 977.081093][T25618] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 977.086370][T25618] ? __pfx_aa_get_newest_label+0x10/0x10 [ 977.092010][T25618] ? bpf_lsm_capable+0x9/0x10 [ 977.096765][T25618] ? security_capable+0x7e/0x260 [ 977.101703][T25618] ? ns_capable+0xd7/0x110 [ 977.106117][T25618] nfnetlink_rcv+0x1b4/0x430 [ 977.110700][T25618] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 977.115807][T25618] ? netlink_deliver_tap+0x1ae/0xca0 [ 977.121093][T25618] netlink_unicast+0x53c/0x7f0 [ 977.125855][T25618] ? __pfx_netlink_unicast+0x10/0x10 [ 977.131137][T25618] ? __phys_addr_symbol+0x30/0x80 [ 977.136158][T25618] ? __check_object_size+0x488/0x710 [ 977.141471][T25618] netlink_sendmsg+0x8b8/0xd70 [ 977.146245][T25618] ? __pfx_netlink_sendmsg+0x10/0x10 [ 977.151648][T25618] ____sys_sendmsg+0x9ae/0xb40 [ 977.156409][T25618] ? copy_msghdr_from_user+0x10b/0x160 [ 977.161893][T25618] ? __pfx_____sys_sendmsg+0x10/0x10 [ 977.167189][T25618] ? get_pid_task+0xfc/0x250 [ 977.171871][T25618] ___sys_sendmsg+0x135/0x1e0 [ 977.176667][T25618] ? __pfx____sys_sendmsg+0x10/0x10 [ 977.181895][T25618] ? __pfx_vfs_write+0x10/0x10 [ 977.186668][T25618] ? do_sys_openat2+0xb1/0x1e0 [ 977.191453][T25618] __sys_sendmsg+0x16e/0x220 [ 977.196136][T25618] ? __pfx___sys_sendmsg+0x10/0x10 [ 977.201271][T25618] do_syscall_64+0xcd/0x250 [ 977.205772][T25618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.211687][T25618] RIP: 0033:0x7fbf8eb85d29 [ 977.216128][T25618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 977.235754][T25618] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 977.244201][T25618] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 977.252188][T25618] RDX: 0000000000000080 RSI: 0000000020000180 RDI: 0000000000000001 [ 977.260149][T25618] RBP: 00007fbf8f9eb090 R08: 0000000000000000 R09: 0000000000000000 [ 977.268108][T25618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 977.276069][T25618] R13: 0000000000000000 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 977.284043][T25618] [ 977.354764][T25622] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7183'. [ 977.871964][T25615] delete_channel: no stack [ 979.050756][T25644] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7189'. [ 979.792281][T25654] openvswitch: netlink: Key type 239 is out of range max 32 [ 980.195987][T25662] sysfs_service_op_show: Client not running :-5: [ 980.386427][T25664] kafs: addr_prefs: Invalid Command [ 981.120480][T25672] netlink: 32 bytes leftover after parsing attributes in process `syz.6.7199'. [ 983.307596][T25714] nl80211: entered promiscuous mode [ 983.976473][T25733] netlink: 342 bytes leftover after parsing attributes in process `syz.6.7217'. [ 984.270123][T25734] netlink: 4763 bytes leftover after parsing attributes in process `syz.6.7217'. [ 984.323988][T25737] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7218'. [ 984.680776][T25744] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7218'. [ 985.250542][T25756] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7223'. [ 985.299189][T25756] nbd: must specify a size in bytes for the device [ 986.995510][T25778] netlink: 342 bytes leftover after parsing attributes in process `syz.6.7230'. [ 987.156011][T25770] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7227'. [ 987.273778][T25779] netlink: 4763 bytes leftover after parsing attributes in process `syz.6.7230'. [ 987.850757][T25783] lo: entered allmulticast mode [ 987.875747][T25790] netlink: zone id is out of range [ 987.919500][T25781] lo: left allmulticast mode [ 987.928416][T25790] netlink: set zone limit has 8 unknown bytes [ 989.545793][T25813] netlink: 244 bytes leftover after parsing attributes in process `syz.2.7240'. [ 989.640701][T25815] netlink: zone id is out of range [ 989.715005][T25815] netlink: set zone limit has 8 unknown bytes [ 990.164169][T25821] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7243'. [ 990.469060][T25830] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7247'. [ 990.525825][T25830] nbd: must specify a size in bytes for the device [ 991.810865][T25848] Process accounting paused [ 992.315019][T25854] Process accounting resumed [ 993.270258][T25869] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7255'. [ 993.517753][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.524476][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 994.051883][T25884] bond0: no command found in slaves file - use +ifname or -ifname [ 995.330944][T25897] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7262'. [ 995.506588][T25897] nbd: must specify a size in bytes for the device [ 997.206708][T25925] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7267'. [ 997.398424][T25931] FAULT_INJECTION: forcing a failure. [ 997.398424][T25931] name failslab, interval 1, probability 0, space 0, times 0 [ 997.628631][T25931] CPU: 0 UID: 0 PID: 25931 Comm: syz.6.7269 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 997.639425][T25931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 997.649468][T25931] Call Trace: [ 997.652745][T25931] [ 997.655693][T25931] dump_stack_lvl+0x16c/0x1f0 [ 997.660370][T25931] should_fail_ex+0x497/0x5b0 [ 997.665150][T25931] ? fs_reclaim_acquire+0xae/0x150 [ 997.670267][T25931] should_failslab+0xc2/0x120 [ 997.675030][T25931] __kmalloc_noprof+0xce/0x4f0 [ 997.679793][T25931] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 997.685417][T25931] ? tomoyo_realpath_from_path+0xbf/0x710 [ 997.691133][T25931] tomoyo_realpath_from_path+0xbf/0x710 [ 997.696674][T25931] ? tomoyo_path_number_perm+0x235/0x5b0 [ 997.702305][T25931] tomoyo_path_number_perm+0x248/0x5b0 [ 997.707763][T25931] ? tomoyo_path_number_perm+0x235/0x5b0 [ 997.713420][T25931] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 997.719417][T25931] ? __pfx_lock_release+0x10/0x10 [ 997.724431][T25931] ? trace_lock_acquire+0x14e/0x1f0 [ 997.729722][T25931] ? lock_acquire+0x2f/0xb0 [ 997.734237][T25931] ? __fget_files+0x40/0x3a0 [ 997.738832][T25931] ? __fget_files+0x206/0x3a0 [ 997.743526][T25931] security_file_ioctl+0x9b/0x240 [ 997.748566][T25931] __x64_sys_ioctl+0xb7/0x200 [ 997.753236][T25931] do_syscall_64+0xcd/0x250 [ 997.757742][T25931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.763632][T25931] RIP: 0033:0x7f7e4b185d29 [ 997.768038][T25931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 997.787642][T25931] RSP: 002b:00007f7e4c018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 997.796051][T25931] RAX: ffffffffffffffda RBX: 00007f7e4b376080 RCX: 00007f7e4b185d29 [ 997.804031][T25931] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 997.811996][T25931] RBP: 00007f7e4c018090 R08: 0000000000000000 R09: 0000000000000000 [ 997.819959][T25931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 997.827923][T25931] R13: 0000000000000000 R14: 00007f7e4b376080 R15: 00007ffda85c24f8 [ 997.835896][T25931] [ 997.893167][T25913] Process accounting paused [ 998.344020][T25943] bond0: no command found in slaves file - use +ifname or -ifname [ 998.453335][T25945] Loading of unsigned module is rejected [ 999.265299][ T29] audit: type=1804 audit(8277292090.260:27): pid=25949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.7276" name="/newroot/sys/kernel/tracing/free_buffer" dev="tracefs" ino=1172 res=1 errno=0 [ 999.662167][T25931] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1000.998766][T25971] erspan0: entered allmulticast mode [ 1001.607629][T25987] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7285'. [ 1002.332353][T26002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7287'. [ 1004.215833][T26021] netlink: 4763 bytes leftover after parsing attributes in process `syz.6.7293'. [ 1004.974486][T26034] Process accounting resumed [ 1005.032001][T26035] Process accounting resumed [ 1005.103312][T26035] FAULT_INJECTION: forcing a failure. [ 1005.103312][T26035] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.306259][T26035] CPU: 0 UID: 0 PID: 26035 Comm: syz.2.7296 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1005.317062][T26035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1005.327130][T26035] Call Trace: [ 1005.330445][T26035] [ 1005.333377][T26035] dump_stack_lvl+0x16c/0x1f0 [ 1005.338061][T26035] should_fail_ex+0x497/0x5b0 [ 1005.342733][T26035] ? fs_reclaim_acquire+0xae/0x150 [ 1005.347872][T26035] should_failslab+0xc2/0x120 [ 1005.352643][T26035] __kmalloc_noprof+0xce/0x4f0 [ 1005.357419][T26035] ? kernfs_fop_write_iter+0x223/0x500 [ 1005.362964][T26035] kernfs_fop_write_iter+0x223/0x500 [ 1005.368941][T26035] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1005.374916][T26035] __kernel_write_iter+0x318/0xa80 [ 1005.380043][T26035] ? __pfx___kernel_write_iter+0x10/0x10 [ 1005.385678][T26035] __kernel_write+0xf6/0x140 [ 1005.390261][T26035] ? __pfx___kernel_write+0x10/0x10 [ 1005.395451][T26035] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1005.401122][T26035] ? rcu_is_watching+0x12/0xc0 [ 1005.405898][T26035] ? acct_pin_kill+0x2d/0x100 [ 1005.410576][T26035] ? lock_acquire+0x2f/0xb0 [ 1005.415074][T26035] ? acct_pin_kill+0x2d/0x100 [ 1005.419745][T26035] do_acct_process+0xcb0/0x14a0 [ 1005.424590][T26035] ? __pfx_do_acct_process+0x10/0x10 [ 1005.429870][T26035] ? do_raw_spin_lock+0x12d/0x2c0 [ 1005.434892][T26035] acct_pin_kill+0x2d/0x100 [ 1005.439406][T26035] pin_kill+0x194/0x7c0 [ 1005.443558][T26035] ? __pfx_pin_kill+0x10/0x10 [ 1005.448227][T26035] ? rcu_is_watching+0x12/0xc0 [ 1005.452986][T26035] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1005.459054][T26035] ? __x64_sys_acct+0xfe/0x220 [ 1005.463830][T26035] ? lock_acquire+0x2f/0xb0 [ 1005.468322][T26035] ? __x64_sys_acct+0xfe/0x220 [ 1005.473169][T26035] __x64_sys_acct+0x15b/0x220 [ 1005.477840][T26035] ? lockdep_hardirqs_on+0x7c/0x110 [ 1005.483033][T26035] do_syscall_64+0xcd/0x250 [ 1005.487549][T26035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.493437][T26035] RIP: 0033:0x7fb3e8185d29 [ 1005.497846][T26035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.517623][T26035] RSP: 002b:00007fb3e8eee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 1005.526035][T26035] RAX: ffffffffffffffda RBX: 00007fb3e8375fa0 RCX: 00007fb3e8185d29 [ 1005.534018][T26035] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1005.542001][T26035] RBP: 00007fb3e8eee090 R08: 0000000000000000 R09: 0000000000000000 [ 1005.549980][T26035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1005.557952][T26035] R13: 0000000000000000 R14: 00007fb3e8375fa0 R15: 00007ffc858399a8 [ 1005.565926][T26035] [ 1006.146069][T26050] binder: 26049:26050 ioctl 7 ffffffffffffffff returned -22 [ 1006.274870][T26052] binder: 26049:26052 ioctl 401870c8 38 returned -22 [ 1006.972912][T26055] Loading of unsigned module is rejected [ 1008.222804][T26073] Process accounting resumed [ 1009.300880][T26098] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7315'. [ 1010.060426][T26090] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7314'. [ 1010.479366][T26109] FAULT_INJECTION: forcing a failure. [ 1010.479366][T26109] name failslab, interval 1, probability 0, space 0, times 0 [ 1010.574722][T26109] CPU: 0 UID: 0 PID: 26109 Comm: syz.5.7318 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1010.585542][T26109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1010.595592][T26109] Call Trace: [ 1010.598876][T26109] [ 1010.601824][T26109] dump_stack_lvl+0x16c/0x1f0 [ 1010.606505][T26109] should_fail_ex+0x497/0x5b0 [ 1010.611175][T26109] ? fs_reclaim_acquire+0xae/0x150 [ 1010.616280][T26109] should_failslab+0xc2/0x120 [ 1010.620961][T26109] __kmalloc_cache_noprof+0x68/0x420 [ 1010.626240][T26109] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1010.633603][T26109] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1010.640972][T26109] genl_start+0x1e7/0x960 [ 1010.645321][T26109] __netlink_dump_start+0x615/0x980 [ 1010.650514][T26109] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 1010.656230][T26109] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 1010.662550][T26109] ? genl_rcv_msg+0x580/0x800 [ 1010.667316][T26109] ? __pfx_genl_get_cmd+0x10/0x10 [ 1010.672345][T26109] ? __pfx_genl_start+0x10/0x10 [ 1010.677187][T26109] ? __pfx_genl_dumpit+0x10/0x10 [ 1010.682131][T26109] ? __pfx_genl_done+0x10/0x10 [ 1010.686904][T26109] ? __radix_tree_lookup+0x21f/0x2c0 [ 1010.692201][T26109] genl_rcv_msg+0x470/0x800 [ 1010.696704][T26109] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1010.701722][T26109] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 1010.707522][T26109] ? __pfx_ctrl_dumppolicy+0x10/0x10 [ 1010.712797][T26109] ? __pfx_ctrl_dumppolicy_done+0x10/0x10 [ 1010.718514][T26109] netlink_rcv_skb+0x165/0x410 [ 1010.723349][T26109] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1010.728398][T26109] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1010.733697][T26109] ? down_read+0xc9/0x330 [ 1010.738028][T26109] ? __pfx_down_read+0x10/0x10 [ 1010.742812][T26109] ? netlink_deliver_tap+0x1ae/0xca0 [ 1010.748091][T26109] genl_rcv+0x28/0x40 [ 1010.752066][T26109] netlink_unicast+0x53c/0x7f0 [ 1010.756824][T26109] ? __pfx_netlink_unicast+0x10/0x10 [ 1010.762118][T26109] ? __phys_addr_symbol+0x30/0x80 [ 1010.767137][T26109] ? __check_object_size+0x488/0x710 [ 1010.772418][T26109] netlink_sendmsg+0x8b8/0xd70 [ 1010.777177][T26109] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1010.782478][T26109] ____sys_sendmsg+0x9ae/0xb40 [ 1010.787239][T26109] ? copy_msghdr_from_user+0x10b/0x160 [ 1010.792696][T26109] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1010.797993][T26109] ___sys_sendmsg+0x135/0x1e0 [ 1010.802685][T26109] ? __pfx____sys_sendmsg+0x10/0x10 [ 1010.807892][T26109] ? __pfx_lock_release+0x10/0x10 [ 1010.812903][T26109] ? trace_lock_acquire+0x14e/0x1f0 [ 1010.818103][T26109] ? __fget_files+0x206/0x3a0 [ 1010.822803][T26109] __sys_sendmsg+0x16e/0x220 [ 1010.827407][T26109] ? __pfx___sys_sendmsg+0x10/0x10 [ 1010.832532][T26109] do_syscall_64+0xcd/0x250 [ 1010.837041][T26109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.842930][T26109] RIP: 0033:0x7f9f09185d29 [ 1010.847347][T26109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1010.866974][T26109] RSP: 002b:00007f9f0a019038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1010.875382][T26109] RAX: ffffffffffffffda RBX: 00007f9f09375fa0 RCX: 00007f9f09185d29 [ 1010.883343][T26109] RDX: 000000000c040810 RSI: 00000000200011c0 RDI: 0000000000000003 [ 1010.891308][T26109] RBP: 00007f9f0a019090 R08: 0000000000000000 R09: 0000000000000000 [ 1010.899274][T26109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1010.907237][T26109] R13: 0000000000000000 R14: 00007f9f09375fa0 R15: 00007ffe611812d8 [ 1010.915213][T26109] [ 1013.315971][T26131] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7325'. [ 1013.337803][T26142] Loading of unsigned module is rejected [ 1014.515967][T26160] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7334'. [ 1014.982454][T26165] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7335'. [ 1015.350487][T26183] Loading of unsigned module is rejected [ 1016.064996][T26186] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7340'. [ 1016.962503][T26219] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7350'. [ 1018.367553][T26268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7362'. [ 1018.956391][T26278] FAULT_INJECTION: forcing a failure. [ 1018.956391][T26278] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.056336][T26278] CPU: 0 UID: 0 PID: 26278 Comm: syz.2.7364 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1019.067158][T26278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1019.077204][T26278] Call Trace: [ 1019.080490][T26278] [ 1019.083415][T26278] dump_stack_lvl+0x16c/0x1f0 [ 1019.088100][T26278] should_fail_ex+0x497/0x5b0 [ 1019.092771][T26278] ? fs_reclaim_acquire+0xae/0x150 [ 1019.097882][T26278] should_failslab+0xc2/0x120 [ 1019.102554][T26278] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 1019.107921][T26278] ? vma_merge_new_range+0x3f0/0xb70 [ 1019.113204][T26278] ? vm_area_alloc+0x1f/0x1c0 [ 1019.117879][T26278] vm_area_alloc+0x1f/0x1c0 [ 1019.122381][T26278] __mmap_region+0x101b/0x2670 [ 1019.127146][T26278] ? __pfx___mmap_region+0x10/0x10 [ 1019.132257][T26278] ? hlock_class+0x4e/0x130 [ 1019.136762][T26278] ? mark_lock+0xb5/0xc60 [ 1019.141122][T26278] ? mm_get_unmapped_area+0x95/0xe0 [ 1019.146317][T26278] ? shmem_get_unmapped_area+0x183/0xa20 [ 1019.151974][T26278] ? cap_mmap_addr+0x53/0x320 [ 1019.156667][T26278] mmap_region+0x270/0x320 [ 1019.161086][T26278] do_mmap+0xc00/0xfc0 [ 1019.165330][T26278] vm_mmap_pgoff+0x1ba/0x360 [ 1019.169924][T26278] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1019.175044][T26278] ? __fget_files+0x206/0x3a0 [ 1019.179805][T26278] ksys_mmap_pgoff+0x32c/0x5c0 [ 1019.184560][T26278] ? __pfx_ksys_write+0x10/0x10 [ 1019.189406][T26278] __x64_sys_mmap+0x125/0x190 [ 1019.194094][T26278] do_syscall_64+0xcd/0x250 [ 1019.198596][T26278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1019.204486][T26278] RIP: 0033:0x7fb3e8185d29 [ 1019.208900][T26278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1019.228502][T26278] RSP: 002b:00007fb3e8eee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1019.236908][T26278] RAX: ffffffffffffffda RBX: 00007fb3e8375fa0 RCX: 00007fb3e8185d29 [ 1019.244887][T26278] RDX: 0000000000000009 RSI: 0000000002020006 RDI: 00007ffffdfde000 [ 1019.252853][T26278] RBP: 00007fb3e8eee090 R08: 8000000000000000 R09: 0000000000008000 [ 1019.260815][T26278] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 1019.268778][T26278] R13: 0000000000000000 R14: 00007fb3e8375fa0 R15: 00007ffc858399a8 [ 1019.276785][T26278] [ 1019.279832][ C0] vkms_vblank_simulate: vblank timer overrun [ 1019.354348][T26255] netlink: 4763 bytes leftover after parsing attributes in process `syz.6.7359'. [ 1019.719335][T26281] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7365'. [ 1019.784073][T26290] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7368'. [ 1019.911595][T26292] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7368'. [ 1019.995568][T26290] HfR: left promiscuous mode [ 1020.172266][ T29] audit: type=1800 audit(8277292111.160:28): pid=26299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.7369" name="lu_gp_id" dev="configfs" ino=89750 res=0 errno=0 [ 1020.200011][T26300] FAULT_INJECTION: forcing a failure. [ 1020.200011][T26300] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.258150][T26300] CPU: 0 UID: 0 PID: 26300 Comm: syz.0.7370 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1020.268963][T26300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1020.279035][T26300] Call Trace: [ 1020.282303][T26300] [ 1020.285226][T26300] dump_stack_lvl+0x16c/0x1f0 [ 1020.289921][T26300] should_fail_ex+0x497/0x5b0 [ 1020.294606][T26300] ? fs_reclaim_acquire+0xae/0x150 [ 1020.299768][T26300] should_failslab+0xc2/0x120 [ 1020.304447][T26300] __kmalloc_noprof+0xce/0x4f0 [ 1020.309215][T26300] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1020.314860][T26300] ? tomoyo_realpath_from_path+0xbf/0x710 [ 1020.320576][T26300] tomoyo_realpath_from_path+0xbf/0x710 [ 1020.326134][T26300] ? tomoyo_path_perm+0x262/0x480 [ 1020.331769][T26300] tomoyo_path_perm+0x276/0x480 [ 1020.336632][T26300] ? tomoyo_path_perm+0x262/0x480 [ 1020.341686][T26300] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1020.347082][T26300] ? __pfx_ima_file_check+0x10/0x10 [ 1020.352283][T26300] security_file_truncate+0x84/0x1e0 [ 1020.357655][T26300] path_openat+0x1ba9/0x2d60 [ 1020.362261][T26300] ? __pfx_path_openat+0x10/0x10 [ 1020.367208][T26300] ? __pfx___lock_acquire+0x10/0x10 [ 1020.372422][T26300] ? lock_acquire.part.0+0x11b/0x380 [ 1020.377725][T26300] ? find_held_lock+0x2d/0x110 [ 1020.382522][T26300] do_filp_open+0x20c/0x470 [ 1020.387121][T26300] ? __pfx_do_filp_open+0x10/0x10 [ 1020.392169][T26300] ? find_held_lock+0x2d/0x110 [ 1020.396954][T26300] ? alloc_fd+0x41f/0x760 [ 1020.401287][T26300] do_sys_openat2+0x17a/0x1e0 [ 1020.405964][T26300] ? __pfx_do_sys_openat2+0x10/0x10 [ 1020.411187][T26300] ? __fget_files+0x206/0x3a0 [ 1020.415888][T26300] __x64_sys_openat+0x175/0x210 [ 1020.420756][T26300] ? __pfx___x64_sys_openat+0x10/0x10 [ 1020.426140][T26300] ? ksys_write+0x1ba/0x250 [ 1020.430649][T26300] do_syscall_64+0xcd/0x250 [ 1020.435151][T26300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.441214][T26300] RIP: 0033:0x7fbf8eb85d29 [ 1020.445629][T26300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1020.465230][T26300] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1020.473725][T26300] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 1020.481685][T26300] RDX: 0000000000002306 RSI: 00000000200000c0 RDI: ffffffffffffff9c [ 1020.489647][T26300] RBP: 00007fbf8f9eb090 R08: 0000000000000000 R09: 0000000000000000 [ 1020.497640][T26300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1020.505712][T26300] R13: 0000000000000001 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 1020.513706][T26300] [ 1020.516776][ C0] vkms_vblank_simulate: vblank timer overrun [ 1021.255803][T26300] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1021.666164][T26323] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7380'. [ 1022.485873][T26322] Process accounting resumed [ 1022.959501][T26355] netlink: 334 bytes leftover after parsing attributes in process `syz.6.7387'. [ 1023.017732][T26358] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7388'. [ 1024.892012][T26385] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7396'. [ 1025.642731][T26408] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7402'. [ 1026.317220][T26405] netlink: 4763 bytes leftover after parsing attributes in process `syz.6.7399'. [ 1026.367052][T26422] FAULT_INJECTION: forcing a failure. [ 1026.367052][T26422] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1026.553219][T26422] CPU: 0 UID: 0 PID: 26422 Comm: syz.0.7403 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1026.564023][T26422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1026.574073][T26422] Call Trace: [ 1026.577343][T26422] [ 1026.580271][T26422] dump_stack_lvl+0x16c/0x1f0 [ 1026.584947][T26422] should_fail_ex+0x497/0x5b0 [ 1026.589619][T26422] ? fs_reclaim_acquire+0xae/0x150 [ 1026.594726][T26422] should_fail_alloc_page+0xe7/0x130 [ 1026.600008][T26422] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 1026.606252][T26422] __alloc_pages_noprof+0x190/0x25b0 [ 1026.611537][T26422] ? __pfx_mark_lock+0x10/0x10 [ 1026.616390][T26422] ? __pfx___lock_acquire+0x10/0x10 [ 1026.621610][T26422] ? mark_lock+0xb5/0xc60 [ 1026.626046][T26422] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1026.631785][T26422] ? hlock_class+0x4e/0x130 [ 1026.636293][T26422] ? __lock_acquire+0xcc5/0x3c40 [ 1026.641261][T26422] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1026.647187][T26422] ? policy_nodemask+0xea/0x4e0 [ 1026.652080][T26422] alloc_pages_mpol_noprof+0x2c9/0x610 [ 1026.657581][T26422] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 1026.663588][T26422] ? find_held_lock+0x2d/0x110 [ 1026.668358][T26422] folio_alloc_mpol_noprof+0x36/0xd0 [ 1026.673653][T26422] shmem_alloc_folio+0x135/0x160 [ 1026.678590][T26422] shmem_alloc_and_add_folio+0x48b/0xc00 [ 1026.684224][T26422] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1026.690113][T26422] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1026.696349][T26422] ? shmem_huge_global_enabled+0x176/0x250 [ 1026.702183][T26422] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 1026.708082][T26422] shmem_get_folio_gfp+0x689/0x1530 [ 1026.713277][T26422] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1026.718926][T26422] ? filemap_map_pages+0xf92/0x16b0 [ 1026.724154][T26422] shmem_fault+0x200/0xae0 [ 1026.728572][T26422] ? __pfx_shmem_fault+0x10/0x10 [ 1026.733522][T26422] ? do_pte_missing+0xdd7/0x3e00 [ 1026.738456][T26422] ? __pfx_lock_release+0x10/0x10 [ 1026.743472][T26422] __do_fault+0x10a/0x490 [ 1026.747796][T26422] do_pte_missing+0xebd/0x3e00 [ 1026.752562][T26422] __handle_mm_fault+0x103c/0x2a40 [ 1026.757673][T26422] ? __pfx___handle_mm_fault+0x10/0x10 [ 1026.763157][T26422] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1026.768813][T26422] ? find_vma+0xc0/0x140 [ 1026.773130][T26422] ? __pfx_find_vma+0x10/0x10 [ 1026.777910][T26422] handle_mm_fault+0x3fa/0xaa0 [ 1026.782704][T26422] do_user_addr_fault+0x7a3/0x13f0 [ 1026.788022][T26422] exc_page_fault+0x5c/0xc0 [ 1026.792549][T26422] asm_exc_page_fault+0x26/0x30 [ 1026.797417][T26422] RIP: 0010:rep_movs_alternative+0x13/0x70 [ 1026.803239][T26422] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f [ 1026.822848][T26422] RSP: 0018:ffffc90003807c80 EFLAGS: 00050202 [ 1026.828915][T26422] RAX: 0000000000000001 RBX: 000000000000ffff RCX: 0000000000000004 [ 1026.836912][T26422] RDX: ffffed1006351074 RSI: 000000000000ffff RDI: ffff888031a883a0 [ 1026.844879][T26422] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed1006351074 [ 1026.852841][T26422] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 1026.860817][T26422] R13: ffff888031a883a0 R14: ffff888067dae000 R15: ffff88806bceec40 [ 1026.868808][T26422] _copy_from_user+0x9a/0xd0 [ 1026.873405][T26422] vmemdup_user+0x6c/0x100 [ 1026.877836][T26422] __sys_bpf+0x5147/0x57a0 [ 1026.882248][T26422] ? __pfx___sys_bpf+0x10/0x10 [ 1026.887004][T26422] ? vfs_write+0x306/0x1150 [ 1026.891592][T26422] ? __mutex_unlock_slowpath+0x164/0x690 [ 1026.897245][T26422] ? fput+0x67/0x440 [ 1026.901158][T26422] ? ksys_write+0x1ba/0x250 [ 1026.905681][T26422] ? __pfx_ksys_write+0x10/0x10 [ 1026.910541][T26422] __x64_sys_bpf+0x78/0xc0 [ 1026.914956][T26422] ? lockdep_hardirqs_on+0x7c/0x110 [ 1026.920173][T26422] do_syscall_64+0xcd/0x250 [ 1026.924674][T26422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1026.930563][T26422] RIP: 0033:0x7fbf8eb85d29 [ 1026.934968][T26422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1026.954570][T26422] RSP: 002b:00007fbf8f9eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1026.962975][T26422] RAX: ffffffffffffffda RBX: 00007fbf8ed75fa0 RCX: 00007fbf8eb85d29 [ 1026.970938][T26422] RDX: 000000000000000c RSI: 00000000200001c0 RDI: 0000000000000001 [ 1026.978920][T26422] RBP: 00007fbf8f9eb090 R08: 0000000000000000 R09: 0000000000000000 [ 1026.986906][T26422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1026.994964][T26422] R13: 0000000000000000 R14: 00007fbf8ed75fa0 R15: 00007ffe05ad3d08 [ 1027.002958][T26422] [ 1027.461734][T26433] [U]  [ 1028.041980][T26448] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7410'. [ 1028.548415][T26456] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7414'. [ 1029.344282][T26457] ptrace attach of "./syz-executor exec"[25435] was attempted by "./syz-executor exec"[26457] [ 1030.711353][T26482] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7417'. [ 1030.799417][T26487] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 1030.811577][T26482] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7417'. [ 1031.436955][T24620] Bluetooth: hci2: command 0x0406 tx timeout [ 1033.455584][T26529] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7429'. [ 1034.010506][T26544] can: request_module (can-proto-0) failed. [ 1035.071439][T26562] netlink: 338 bytes leftover after parsing attributes in process `syz.0.7443'. [ 1035.135407][T26564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7441'. [ 1035.250913][T26562] netlink: 338 bytes leftover after parsing attributes in process `syz.0.7443'. [ 1036.145128][ T29] audit: type=1800 audit(8277292127.140:29): pid=26565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.7442" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1036.513114][T24620] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1036.525345][T24620] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1036.534636][T24620] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1036.542274][T24620] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1036.549832][T24620] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1036.564433][T24620] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1036.626275][T26584] ptrace attach of "./syz-executor exec"[25435] was attempted by ""[26584] [ 1037.606743][T26599] netlink: 302 bytes leftover after parsing attributes in process `syz.5.7448'. [ 1037.707831][T26585] chnl_net:caif_netlink_parms(): no params data found [ 1038.386425][T26585] bridge0: port 1(bridge_slave_0) entered blocking state [ 1038.393527][T26585] bridge0: port 1(bridge_slave_0) entered disabled state [ 1038.473199][T26585] bridge_slave_0: entered allmulticast mode [ 1038.491430][T26585] bridge_slave_0: entered promiscuous mode [ 1038.540064][T26585] bridge0: port 2(bridge_slave_1) entered blocking state [ 1038.607441][T26585] bridge0: port 2(bridge_slave_1) entered disabled state [ 1038.614694][T26585] bridge_slave_1: entered allmulticast mode [ 1038.639334][T24620] Bluetooth: hci1: command tx timeout [ 1038.726110][T26585] bridge_slave_1: entered promiscuous mode [ 1039.299642][T26585] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1039.332553][T26585] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1040.155274][T26585] team0: Port device team_slave_0 added [ 1040.208505][T26585] team0: Port device team_slave_1 added [ 1040.711038][T26585] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1040.723567][T24620] Bluetooth: hci1: command tx timeout [ 1040.740279][T26585] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1040.896862][T26585] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1041.235509][T26585] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1041.275509][T26585] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1041.445144][T26585] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1041.689083][T26585] hsr_slave_0: entered promiscuous mode [ 1041.853183][T26585] hsr_slave_1: entered promiscuous mode [ 1041.953872][T26585] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1041.994295][T26585] Cannot create hsr debugfs directory [ 1042.795375][T24620] Bluetooth: hci1: command tx timeout [ 1044.318217][T26585] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1044.879323][T24620] Bluetooth: hci1: command tx timeout [ 1045.768606][T26660] FAULT_INJECTION: forcing a failure. [ 1045.768606][T26660] name failslab, interval 1, probability 0, space 0, times 0 [ 1045.826485][T26585] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1046.064628][T26660] CPU: 0 UID: 0 PID: 26660 Comm: syz.6.7465 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1046.075450][T26660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1046.085534][T26660] Call Trace: [ 1046.088812][T26660] [ 1046.091740][T26660] dump_stack_lvl+0x16c/0x1f0 [ 1046.096425][T26660] should_fail_ex+0x497/0x5b0 [ 1046.101100][T26660] ? fs_reclaim_acquire+0xae/0x150 [ 1046.106207][T26660] should_failslab+0xc2/0x120 [ 1046.110905][T26660] __kmalloc_cache_noprof+0x68/0x420 [ 1046.116249][T26660] madvise_collapse+0x1ce/0xac0 [ 1046.121127][T26660] ? mtree_range_walk+0x715/0xbe0 [ 1046.126157][T26660] ? __pfx_madvise_collapse+0x10/0x10 [ 1046.131539][T26660] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1046.137462][T26660] madvise_vma_behavior+0xbb0/0x1da0 [ 1046.142781][T26660] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1046.148547][T26660] ? find_vma_prev+0xdb/0x160 [ 1046.153230][T26660] ? __pfx_find_vma_prev+0x10/0x10 [ 1046.158365][T26660] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 1046.163931][T26660] ? do_madvise+0x25b/0x770 [ 1046.168436][T26660] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1046.174175][T26660] madvise_walk_vmas+0x1cf/0x2c0 [ 1046.179149][T26660] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1046.184622][T26660] do_madvise+0x30e/0x770 [ 1046.188964][T26660] ? __pfx_do_madvise+0x10/0x10 [ 1046.193848][T26660] ? ksys_write+0x1ba/0x250 [ 1046.198350][T26660] ? __pfx_ksys_write+0x10/0x10 [ 1046.203194][T26660] __x64_sys_madvise+0xa9/0x110 [ 1046.208046][T26660] ? lockdep_hardirqs_on+0x7c/0x110 [ 1046.213252][T26660] do_syscall_64+0xcd/0x250 [ 1046.217855][T26660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1046.223823][T26660] RIP: 0033:0x7f7e4b185d29 [ 1046.228256][T26660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1046.247984][T26660] RSP: 002b:00007f7e4c018038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1046.256396][T26660] RAX: ffffffffffffffda RBX: 00007f7e4b376080 RCX: 00007f7e4b185d29 [ 1046.264375][T26660] RDX: 0000000000000019 RSI: 0000000000600007 RDI: 0000000000000000 [ 1046.272358][T26660] RBP: 00007f7e4c018090 R08: 0000000000000000 R09: 0000000000000000 [ 1046.280344][T26660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1046.288307][T26660] R13: 0000000000000001 R14: 00007f7e4b376080 R15: 00007ffda85c24f8 [ 1046.296369][T26660] [ 1047.378532][T26585] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1048.286509][T26585] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1048.724363][T26585] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1048.891970][T26585] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1049.052643][T26585] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1049.130346][T26585] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1049.479978][T26585] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1049.530232][T26585] 8021q: adding VLAN 0 to HW filter on device team0 [ 1049.608361][T18378] bridge0: port 1(bridge_slave_0) entered blocking state [ 1049.615508][T18378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1049.686200][T18378] bridge0: port 2(bridge_slave_1) entered blocking state [ 1049.693358][T18378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1049.785678][T26585] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1049.830701][T26585] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1050.058330][T26665] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7466'. [ 1050.313106][T26676] netlink: 338 bytes leftover after parsing attributes in process `syz.5.7468'. [ 1050.382825][T26585] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1050.523895][T26585] veth0_vlan: entered promiscuous mode [ 1050.606313][T26585] veth1_vlan: entered promiscuous mode [ 1050.819708][T26585] veth0_macvtap: entered promiscuous mode [ 1050.849068][T26585] veth1_macvtap: entered promiscuous mode [ 1051.241892][T26690] FAULT_INJECTION: forcing a failure. [ 1051.241892][T26690] name failslab, interval 1, probability 0, space 0, times 0 [ 1051.300911][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1051.404819][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.461345][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1051.507812][T26690] CPU: 0 UID: 0 PID: 26690 Comm: syz.2.7470 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1051.518695][T26690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1051.528748][T26690] Call Trace: [ 1051.532022][T26690] [ 1051.534946][T26690] dump_stack_lvl+0x16c/0x1f0 [ 1051.539621][T26690] should_fail_ex+0x497/0x5b0 [ 1051.544293][T26690] ? fs_reclaim_acquire+0xae/0x150 [ 1051.549418][T26690] should_failslab+0xc2/0x120 [ 1051.554101][T26690] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 1051.559902][T26690] ? __alloc_skb+0x2b3/0x380 [ 1051.564498][T26690] __alloc_skb+0x2b3/0x380 [ 1051.568927][T26690] ? __pfx___alloc_skb+0x10/0x10 [ 1051.573893][T26690] netlink_alloc_large_skb+0x69/0x130 [ 1051.579276][T26690] netlink_sendmsg+0x689/0xd70 [ 1051.584039][T26690] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1051.589325][T26690] ____sys_sendmsg+0x9ae/0xb40 [ 1051.594086][T26690] ? copy_msghdr_from_user+0x10b/0x160 [ 1051.599549][T26690] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1051.604826][T26690] ? __lock_acquire+0xcc5/0x3c40 [ 1051.609765][T26690] ? hlock_class+0x4e/0x130 [ 1051.614287][T26690] ? __lock_acquire+0x15a9/0x3c40 [ 1051.619314][T26690] ___sys_sendmsg+0x135/0x1e0 [ 1051.623993][T26690] ? __pfx____sys_sendmsg+0x10/0x10 [ 1051.629185][T26690] ? __pfx___lock_acquire+0x10/0x10 [ 1051.634402][T26690] ? __pfx___might_resched+0x10/0x10 [ 1051.639684][T26690] ? __might_fault+0xe3/0x190 [ 1051.644450][T26690] __sys_sendmmsg+0x201/0x420 [ 1051.649147][T26690] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1051.654346][T26690] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1051.660359][T26690] ? fput+0x67/0x440 [ 1051.664353][T26690] ? ksys_write+0x1ba/0x250 [ 1051.668872][T26690] ? __pfx_ksys_write+0x10/0x10 [ 1051.673722][T26690] __x64_sys_sendmmsg+0x9c/0x100 [ 1051.678683][T26690] ? lockdep_hardirqs_on+0x7c/0x110 [ 1051.683894][T26690] do_syscall_64+0xcd/0x250 [ 1051.688433][T26690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1051.694332][T26690] RIP: 0033:0x7fb3e8185d29 [ 1051.698782][T26690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1051.718393][T26690] RSP: 002b:00007fb3e8eee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1051.726800][T26690] RAX: ffffffffffffffda RBX: 00007fb3e8375fa0 RCX: 00007fb3e8185d29 [ 1051.734767][T26690] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 1051.742745][T26690] RBP: 00007fb3e8eee090 R08: 0000000000000000 R09: 0000000000000000 [ 1051.750722][T26690] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 1051.758697][T26690] R13: 0000000000000000 R14: 00007fb3e8375fa0 R15: 00007ffc858399a8 [ 1051.766672][T26690] [ 1051.787627][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.811290][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1051.855082][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.864925][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1051.946768][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.975251][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.016700][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.062980][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.073626][ T29] audit: type=1800 audit(8277292143.000:30): pid=26688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.7467" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1052.140070][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.185700][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.224399][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.245178][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.265356][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.305194][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.335444][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.375343][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.423749][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.434443][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.465102][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.505354][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1052.544858][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.576017][T26585] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1052.617467][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1052.656512][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.685356][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1052.726386][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.773972][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1052.818802][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.865736][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1052.912876][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1052.969808][T26696] Process accounting paused [ 1052.997759][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.075071][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.125128][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.184655][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.240722][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.295139][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.345320][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.415295][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.465207][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.516909][T26705] Loading of unsigned module is rejected [ 1053.529231][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.593068][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.648601][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.707405][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.764404][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.822122][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1053.885121][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1053.894970][T26585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1054.002097][T26585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1054.056085][T26585] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1054.133145][T26585] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1054.201881][T26585] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1054.265424][T26585] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1054.319713][T26585] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1054.967875][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.974291][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.388370][T26719] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7478'. [ 1055.738450][T26717] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1055.816911][T26717] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1056.045187][T26717] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1056.079259][T26717] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1056.406004][T26719] team0: Port device team_slave_0 removed [ 1056.426568][T26717] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1056.432523][T26717] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1056.793748][T26717] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1057.111441][T26717] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1057.144284][T26717] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1057.560440][T26717] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1057.598354][T24620] Bluetooth: hci0: command 0x0406 tx timeout [ 1057.839652][T18399] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1057.881767][T18399] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1057.998487][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1058.029967][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1058.075367][T24620] Bluetooth: hci2: command 0x0406 tx timeout [ 1058.476153][T24620] Bluetooth: hci3: command 0x0c1a tx timeout [ 1058.544528][T26730] could not allocate digest TFM handle [ 1059.115463][T24620] Bluetooth: hci1: command 0x0c1a tx timeout [ 1059.675901][T24620] Bluetooth: hci0: command 0x0406 tx timeout [ 1060.155422][T24620] Bluetooth: hci2: command 0x0406 tx timeout [ 1060.424208][T26759] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1060.457917][T26759] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1060.505312][T26759] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1060.545164][T26759] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1060.631219][T26773] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7494'. [ 1061.038268][T26787] FAULT_INJECTION: forcing a failure. [ 1061.038268][T26787] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1061.145204][T26787] CPU: 0 UID: 0 PID: 26787 Comm: syz.2.7498 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1061.156013][T26787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1061.166064][T26787] Call Trace: [ 1061.169334][T26787] [ 1061.172351][T26787] dump_stack_lvl+0x16c/0x1f0 [ 1061.177040][T26787] should_fail_ex+0x497/0x5b0 [ 1061.181735][T26787] _copy_to_iter+0x4a5/0x1400 [ 1061.186415][T26787] ? __pfx__copy_to_iter+0x10/0x10 [ 1061.191528][T26787] ? __folio_put+0x32f/0x450 [ 1061.196119][T26787] ? __pfx___folio_put+0x10/0x10 [ 1061.201054][T26787] copy_page_to_iter+0xf1/0x180 [ 1061.205920][T26787] pipe_to_user+0xb0/0x170 [ 1061.210336][T26787] ? anon_pipe_buf_release+0x11a/0x240 [ 1061.215795][T26787] __splice_from_pipe+0x3a0/0x810 [ 1061.220832][T26787] ? __pfx_pipe_to_user+0x10/0x10 [ 1061.225849][T26787] __do_sys_vmsplice+0x6f9/0xee0 [ 1061.230776][T26787] ? __pfx_lock_release+0x10/0x10 [ 1061.235790][T26787] ? trace_lock_acquire+0x14e/0x1f0 [ 1061.240998][T26787] ? __pfx___do_sys_vmsplice+0x10/0x10 [ 1061.246451][T26787] ? ksys_write+0x12b/0x250 [ 1061.250951][T26787] ? ksys_write+0x191/0x250 [ 1061.255446][T26787] ? __pfx_lock_release+0x10/0x10 [ 1061.260476][T26787] ? __fget_files+0x206/0x3a0 [ 1061.265149][T26787] ? fput+0x67/0x440 [ 1061.269044][T26787] ? ksys_write+0x1ba/0x250 [ 1061.273541][T26787] ? __pfx_ksys_write+0x10/0x10 [ 1061.278396][T26787] ? do_syscall_64+0xcd/0x250 [ 1061.283087][T26787] do_syscall_64+0xcd/0x250 [ 1061.287602][T26787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1061.293492][T26787] RIP: 0033:0x7fb3e8185d29 [ 1061.297918][T26787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1061.317518][T26787] RSP: 002b:00007fb3e5ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1061.325923][T26787] RAX: ffffffffffffffda RBX: 00007fb3e8376080 RCX: 00007fb3e8185d29 [ 1061.333885][T26787] RDX: 0000000000000003 RSI: 0000000020000040 RDI: 0000000000000004 [ 1061.342407][T26787] RBP: 00007fb3e5ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 1061.350401][T26787] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 1061.358370][T26787] R13: 0000000000000001 R14: 00007fb3e8376080 R15: 00007ffc858399a8 [ 1061.366470][T26787] [ 1061.382701][T26785] Loading of unsigned module is rejected [ 1061.915297][T24620] Bluetooth: hci0: command 0x0406 tx timeout [ 1062.485302][T24620] Bluetooth: hci3: command 0x0c1a tx timeout [ 1062.491342][T24620] Bluetooth: hci2: command 0x0406 tx timeout [ 1062.559780][T24620] Bluetooth: hci1: command 0x0c1a tx timeout [ 1062.993882][T26814] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7507'. [ 1063.276737][T26818] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7506'. [ 1063.364455][T26814] team0: Port device team_slave_0 removed [ 1064.555683][T24620] Bluetooth: hci3: command 0x0c1a tx timeout [ 1064.635543][T24620] Bluetooth: hci1: command 0x0c1a tx timeout [ 1065.366978][T26867] FAULT_INJECTION: forcing a failure. [ 1065.366978][T26867] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1065.396305][T26869] netlink: 4763 bytes leftover after parsing attributes in process `syz.2.7521'. [ 1065.444454][T26867] CPU: 0 UID: 0 PID: 26867 Comm: syz.6.7525 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1065.455248][T26867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1065.465315][T26867] Call Trace: [ 1065.468585][T26867] [ 1065.471509][T26867] dump_stack_lvl+0x16c/0x1f0 [ 1065.476273][T26867] should_fail_ex+0x497/0x5b0 [ 1065.480947][T26867] ? fs_reclaim_acquire+0xae/0x150 [ 1065.486053][T26867] should_fail_alloc_page+0xe7/0x130 [ 1065.491338][T26867] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 1065.497497][T26867] ? __pfx_mark_lock+0x10/0x10 [ 1065.502362][T26867] __alloc_pages_noprof+0x190/0x25b0 [ 1065.507652][T26867] ? __pfx_mark_lock+0x10/0x10 [ 1065.512506][T26867] ? hlock_class+0x4e/0x130 [ 1065.517001][T26867] ? mark_lock+0xb5/0xc60 [ 1065.521328][T26867] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1065.527128][T26867] ? mark_lock+0xb5/0xc60 [ 1065.531492][T26867] ? hlock_class+0x4e/0x130 [ 1065.536034][T26867] ? mark_lock+0xb5/0xc60 [ 1065.540372][T26867] ? __pfx_mark_lock+0x10/0x10 [ 1065.545162][T26867] ? hlock_class+0x4e/0x130 [ 1065.549748][T26867] ? __lock_acquire+0xcc5/0x3c40 [ 1065.554946][T26867] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1065.560917][T26867] ? policy_nodemask+0xea/0x4e0 [ 1065.565769][T26867] alloc_pages_mpol_noprof+0x2c9/0x610 [ 1065.571242][T26867] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 1065.577248][T26867] ? find_held_lock+0x2d/0x110 [ 1065.582509][T26867] folio_alloc_mpol_noprof+0x36/0xd0 [ 1065.587807][T26867] shmem_alloc_folio+0x135/0x160 [ 1065.592765][T26867] shmem_alloc_and_add_folio+0x48b/0xc00 [ 1065.598394][T26867] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1065.604305][T26867] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1065.610467][T26867] ? shmem_huge_global_enabled+0x176/0x250 [ 1065.616299][T26867] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 1065.622218][T26867] shmem_get_folio_gfp+0x689/0x1530 [ 1065.627438][T26867] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1065.633078][T26867] ? filemap_map_pages+0xf92/0x16b0 [ 1065.638278][T26867] shmem_fault+0x200/0xae0 [ 1065.642691][T26867] ? __pfx_shmem_fault+0x10/0x10 [ 1065.647652][T26867] ? do_pte_missing+0xdd7/0x3e00 [ 1065.652615][T26867] ? __pfx_lock_release+0x10/0x10 [ 1065.657673][T26867] __do_fault+0x10a/0x490 [ 1065.661999][T26867] do_pte_missing+0xebd/0x3e00 [ 1065.666806][T26867] __handle_mm_fault+0x103c/0x2a40 [ 1065.671925][T26867] ? __pfx___handle_mm_fault+0x10/0x10 [ 1065.677408][T26867] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1065.683088][T26867] ? find_vma+0xc0/0x140 [ 1065.687332][T26867] ? __pfx_find_vma+0x10/0x10 [ 1065.692006][T26867] handle_mm_fault+0x3fa/0xaa0 [ 1065.696793][T26867] do_user_addr_fault+0x7a3/0x13f0 [ 1065.701913][T26867] exc_page_fault+0x5c/0xc0 [ 1065.706435][T26867] asm_exc_page_fault+0x26/0x30 [ 1065.711285][T26867] RIP: 0010:__get_user_1+0x1a/0x30 [ 1065.716419][T26867] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <0f> b6 10 31 c0 0f 01 ca c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 [ 1065.736048][T26867] RSP: 0018:ffffc900047bfcc0 EFLAGS: 00050206 [ 1065.742222][T26867] RAX: 0000000000002000 RBX: ffff88805f62a000 RCX: ffffc900047bfc28 [ 1065.750184][T26867] RDX: 0000000000000000 RSI: ffffffff8761aa25 RDI: ffffffff8bb16ec0 [ 1065.759129][T26867] RBP: 0000000000002000 R08: 0000000000000000 R09: fffffbfff2039c42 [ 1065.767186][T26867] R10: ffffffff901ce217 R11: 0000000000000000 R12: dffffc0000000000 [ 1065.775167][T26867] R13: ffff88805f62a1f8 R14: 0000000000002000 R15: 000000000000ffd8 [ 1065.783171][T26867] ? mousedev_write+0x175/0x820 [ 1065.788048][T26867] mousedev_write+0x182/0x820 [ 1065.792747][T26867] ? __pfx_mousedev_write+0x10/0x10 [ 1065.797974][T26867] vfs_write+0x24c/0x1150 [ 1065.802330][T26867] ? __fget_files+0x1fc/0x3a0 [ 1065.807031][T26867] ? __pfx_lock_release+0x10/0x10 [ 1065.812054][T26867] ? __pfx_vfs_write+0x10/0x10 [ 1065.816832][T26867] ? lock_acquire+0x2f/0xb0 [ 1065.821327][T26867] ? __fget_files+0x40/0x3a0 [ 1065.825938][T26867] ? __fget_files+0x206/0x3a0 [ 1065.830703][T26867] ksys_write+0x207/0x250 [ 1065.835060][T26867] ? __pfx_ksys_write+0x10/0x10 [ 1065.839909][T26867] do_syscall_64+0xcd/0x250 [ 1065.844413][T26867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.850335][T26867] RIP: 0033:0x7f7e4b185d29 [ 1065.854753][T26867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1065.874362][T26867] RSP: 002b:00007f7e4c039038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1065.882779][T26867] RAX: ffffffffffffffda RBX: 00007f7e4b375fa0 RCX: 00007f7e4b185d29 [ 1065.890855][T26867] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1065.898826][T26867] RBP: 00007f7e4c039090 R08: 0000000000000000 R09: 0000000000000000 [ 1065.906804][T26867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1065.914769][T26867] R13: 0000000000000000 R14: 00007f7e4b375fa0 R15: 00007ffda85c24f8 [ 1065.922748][T26867] [ 1065.925899][ C0] vkms_vblank_simulate: vblank timer overrun [ 1066.642115][T26872] Loading of unsigned module is rejected [ 1067.204914][T26893] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7532'. [ 1068.042549][T26907] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.7535'. [ 1069.267224][T26918] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1069.293829][T26918] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1069.350004][T26918] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1069.374172][T26918] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1069.547612][T26932] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7544'. [ 1069.625390][T26932] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1069.632923][T26932] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1069.757789][T26932] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1069.791491][T26932] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1070.140020][T26955] program syz.5.7551 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1070.715248][T24620] Bluetooth: hci0: command 0x0406 tx timeout [ 1071.356984][T24609] Bluetooth: hci2: command 0x0406 tx timeout [ 1071.363057][T24620] Bluetooth: hci3: command 0x0c1a tx timeout [ 1071.435568][T24620] Bluetooth: hci1: command 0x0c1a tx timeout [ 1071.567689][T26980] netlink: 4763 bytes leftover after parsing attributes in process `syz.6.7560'. [ 1072.776392][T26997] netlink: 4763 bytes leftover after parsing attributes in process `syz.5.7567'. [ 1073.434980][T27028] vivid-011: ================= START STATUS ================= [ 1073.480328][T27028] vivid-011: Radio HW Seek Mode: Bounded [ 1073.523825][T27028] vivid-011: Radio Programmable HW Seek: false [ 1073.557425][T27028] vivid-011: RDS Rx I/O Mode: Block I/O [ 1073.601944][T27028] vivid-011: Generate RBDS Instead of RDS: false [ 1073.648757][T27028] vivid-011: RDS Reception: true [ 1073.705218][T27028] vivid-011: RDS Program Type: 0 inactive [ 1073.728153][T27028] vivid-011: RDS PS Name: inactive [ 1073.773783][T27028] vivid-011: RDS Radio Text: inactive [ 1073.794498][T27028] vivid-011: RDS Traffic Announcement: false inactive [ 1073.848423][T27028] vivid-011: RDS Traffic Program: false inactive [ 1073.889038][T27028] vivid-011: RDS Music: false inactive [ 1073.904109][T27028] vivid-011: ================== END STATUS ================== [ 1074.221592][T27045] Process accounting resumed [ 1076.427285][T27087] Process accounting resumed [ 1077.255526][T27104] openvswitch: netlink: IP tunnel dst address not specified [ 1077.345491][T27102] ------------[ cut here ]------------ [ 1077.351021][T27102] WARNING: CPU: 0 PID: 27102 at mm/page_alloc.c:4727 __alloc_pages_noprof+0xeff/0x25b0 [ 1077.361602][T27102] Modules linked in: [ 1077.365620][T27102] CPU: 0 UID: 0 PID: 27102 Comm: syz.6.7598 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1077.377010][T27102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1077.387902][T27102] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 1077.394028][T27102] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e3 70 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a3 0c 00 8b 14 24 e9 [ 1077.414645][T27102] RSP: 0018:ffffc90003707958 EFLAGS: 00010246 [ 1077.420965][T27102] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 1077.429029][T27102] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 1077.438299][T27102] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1077.447411][T27102] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000013 [ 1077.455492][T27102] R13: 0000000000040cc0 R14: 1ffff920006e0f3f R15: 00000000ffffffff [ 1077.463460][T27102] FS: 00007f7e4c0186c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1077.473135][T27102] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1077.480329][T27102] CR2: 0000001b2dcf7ff8 CR3: 000000006a40e000 CR4: 00000000003526f0 [ 1077.488749][T27102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1077.497063][T27102] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1077.505133][T27102] Call Trace: [ 1077.508418][T27102] [ 1077.511349][T27102] ? __warn+0xea/0x3c0 [ 1077.515759][T27102] ? __alloc_pages_noprof+0xeff/0x25b0 [ 1077.521225][T27102] ? report_bug+0x3c0/0x580 [ 1077.525815][T27102] ? handle_bug+0x54/0xa0 [ 1077.530144][T27102] ? exc_invalid_op+0x17/0x50 [ 1077.535957][T27102] ? asm_exc_invalid_op+0x1a/0x20 [ 1077.540991][T27102] ? __alloc_pages_noprof+0xeff/0x25b0 [ 1077.547503][T27102] ? hlock_class+0x4e/0x130 [ 1077.552038][T27102] ? mark_lock+0xb5/0xc60 [ 1077.556442][T27102] ? __pfx_mark_lock+0x10/0x10 [ 1077.561210][T27102] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1077.567007][T27102] ? trace_lock_acquire+0x14e/0x1f0 [ 1077.572719][T27102] ? hlock_class+0x4e/0x130 [ 1077.577742][T27102] ? __lock_acquire+0x15a9/0x3c40 [ 1077.582785][T27102] ___kmalloc_large_node+0x84/0x1b0 [ 1077.588080][T27102] __kmalloc_large_node_noprof+0x1c/0x70 [ 1077.593985][T27102] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 1077.601305][T27102] ? bitmap_parse_user+0x24/0x90 [ 1077.606372][T27102] memdup_user_nul+0x2b/0x110 [ 1077.611063][T27102] bitmap_parse_user+0x24/0x90 [ 1077.615907][T27102] tracing_cpumask_write+0xfc/0x1a0 [ 1077.621111][T27102] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 1077.627017][T27102] ? ksys_write+0x12b/0x250 [ 1077.631523][T27102] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 1077.638463][T27102] vfs_write+0x24c/0x1150 [ 1077.642799][T27102] ? __fget_files+0x1fc/0x3a0 [ 1077.648555][T27102] ? __pfx___mutex_lock+0x10/0x10 [ 1077.653593][T27102] ? __pfx_vfs_write+0x10/0x10 [ 1077.658407][T27102] ? __fget_files+0x206/0x3a0 [ 1077.663091][T27102] ksys_write+0x12b/0x250 [ 1077.667608][T27102] ? __pfx_ksys_write+0x10/0x10 [ 1077.672473][T27102] do_syscall_64+0xcd/0x250 [ 1077.677618][T27102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1077.683516][T27102] RIP: 0033:0x7f7e4b185d29 [ 1077.688485][T27102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1077.708556][T27102] RSP: 002b:00007f7e4c018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1077.717302][T27102] RAX: ffffffffffffffda RBX: 00007f7e4b376080 RCX: 00007f7e4b185d29 [ 1077.725385][T27102] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1077.733400][T27102] RBP: 00007f7e4b201aa8 R08: 0000000000000000 R09: 0000000000000000 [ 1077.742539][T27102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1077.751682][T27102] R13: 0000000000000000 R14: 00007f7e4b376080 R15: 00007ffda85c24f8 [ 1077.759897][T27102] [ 1077.762914][T27102] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1077.770201][T27102] CPU: 0 UID: 0 PID: 27102 Comm: syz.6.7598 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 1077.780970][T27102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1077.791042][T27102] Call Trace: [ 1077.794318][T27102] [ 1077.797241][T27102] dump_stack_lvl+0x3d/0x1f0 [ 1077.801830][T27102] panic+0x71d/0x800 [ 1077.805727][T27102] ? __pfx_panic+0x10/0x10 [ 1077.810153][T27102] ? show_trace_log_lvl+0x29d/0x3d0 [ 1077.815383][T27102] ? __alloc_pages_noprof+0xeff/0x25b0 [ 1077.820852][T27102] check_panic_on_warn+0xab/0xb0 [ 1077.825795][T27102] __warn+0xf6/0x3c0 [ 1077.829693][T27102] ? __alloc_pages_noprof+0xeff/0x25b0 [ 1077.835188][T27102] report_bug+0x3c0/0x580 [ 1077.839513][T27102] handle_bug+0x54/0xa0 [ 1077.843667][T27102] exc_invalid_op+0x17/0x50 [ 1077.848164][T27102] asm_exc_invalid_op+0x1a/0x20 [ 1077.853023][T27102] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 1077.859089][T27102] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 e3 70 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 9f a3 0c 00 8b 14 24 e9 [ 1077.878702][T27102] RSP: 0018:ffffc90003707958 EFLAGS: 00010246 [ 1077.884761][T27102] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 1077.892726][T27102] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 1077.900685][T27102] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1077.908680][T27102] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000013 [ 1077.916646][T27102] R13: 0000000000040cc0 R14: 1ffff920006e0f3f R15: 00000000ffffffff [ 1077.924624][T27102] ? hlock_class+0x4e/0x130 [ 1077.929294][T27102] ? mark_lock+0xb5/0xc60 [ 1077.933634][T27102] ? __pfx_mark_lock+0x10/0x10 [ 1077.938401][T27102] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 1077.944124][T27102] ? trace_lock_acquire+0x14e/0x1f0 [ 1077.949341][T27102] ? hlock_class+0x4e/0x130 [ 1077.953840][T27102] ? __lock_acquire+0x15a9/0x3c40 [ 1077.958890][T27102] ___kmalloc_large_node+0x84/0x1b0 [ 1077.964086][T27102] __kmalloc_large_node_noprof+0x1c/0x70 [ 1077.969712][T27102] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 1077.976301][T27102] ? bitmap_parse_user+0x24/0x90 [ 1077.981242][T27102] memdup_user_nul+0x2b/0x110 [ 1077.985917][T27102] bitmap_parse_user+0x24/0x90 [ 1077.990681][T27102] tracing_cpumask_write+0xfc/0x1a0 [ 1077.995879][T27102] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 1078.001691][T27102] ? ksys_write+0x12b/0x250 [ 1078.006190][T27102] ? __pfx_tracing_cpumask_write+0x10/0x10 [ 1078.012030][T27102] vfs_write+0x24c/0x1150 [ 1078.016384][T27102] ? __fget_files+0x1fc/0x3a0 [ 1078.021058][T27102] ? __pfx___mutex_lock+0x10/0x10 [ 1078.026096][T27102] ? __pfx_vfs_write+0x10/0x10 [ 1078.030977][T27102] ? __fget_files+0x206/0x3a0 [ 1078.035698][T27102] ksys_write+0x12b/0x250 [ 1078.040057][T27102] ? __pfx_ksys_write+0x10/0x10 [ 1078.044936][T27102] do_syscall_64+0xcd/0x250 [ 1078.049479][T27102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1078.055378][T27102] RIP: 0033:0x7f7e4b185d29 [ 1078.059788][T27102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1078.079482][T27102] RSP: 002b:00007f7e4c018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1078.087890][T27102] RAX: ffffffffffffffda RBX: 00007f7e4b376080 RCX: 00007f7e4b185d29 [ 1078.095851][T27102] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1078.103828][T27102] RBP: 00007f7e4b201aa8 R08: 0000000000000000 R09: 0000000000000000 [ 1078.111810][T27102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1078.119796][T27102] R13: 0000000000000000 R14: 00007f7e4b376080 R15: 00007ffda85c24f8 [ 1078.127925][T27102] [ 1078.131030][T27102] Kernel Offset: disabled [ 1078.135430][T27102] Rebooting in 86400 seconds..