last executing test programs: 7.424528704s ago: executing program 3 (id=1333): madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001040)='/proc/thread-self/net/rxrpc/peers\x00', 0x100, 0x0) read$auto(0x3, 0x0, 0xf34) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) shutdown$auto(0x200000003, 0x2) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000040), r1) gettid() mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @rand_addr=0x64010102}, 0x1005) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mlockall$auto(0x8000000000000001) mprotect$auto(0x1ffff000, 0x810002, 0x6) 6.203648297s ago: executing program 3 (id=1340): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) get_robust_list$auto(0x0, 0x0, 0x0) sendto$auto(0xffffffffffffffff, 0x0, 0x3fe, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993021400"}, 0x1c) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x1) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/mtdblock0/sched/read0_fifo_list\x00', 0x0, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r0, &(0x7f0000000040)=""/124, 0x7c) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e21, @local}, 0x68) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0c/sub5/xrun_injection\x00', 0x40400, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) munmap$auto(0x1000000, 0x2000000c) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mlockall$auto(0x3) mmap$auto(0x0, 0x402000b, 0x80000000000000df, 0x10000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) write$auto(0x3, 0x0, 0xfdef) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x5dc}, 0x8) close_range$auto(0x2, 0x1d, 0x0) 2.600810231s ago: executing program 2 (id=1362): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/bonding/bond0\x00', 0xc0000, 0x0) sendfile$auto(0x2, 0x3, &(0x7f0000000040)=0x80, 0xc3e0) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2cb8}, 0x1, 0x0, 0x0, 0x40}, 0x2404c084) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x100000001, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x41555856, 0x4, 0x2008, 0x7d, 0x8) socket(0x2, 0x3, 0x6) socketpair$auto(0x3, 0x8, 0x3, &(0x7f0000000100)=0x6) setsockopt$auto(0x3, 0x0, 0x29, 0x0, 0x28) r0 = socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) mmap$auto(0x0, 0xc, 0xdf, 0xeb1, 0x2000000000006, 0x8000) sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000140)="20c995b255c8a6da70b8c77e7e91147313c5ac72dfbd4c9f164c479c1afb6392d0", 0x80000000, &(0x7f00000001c0)={&(0x7f0000000180)="73cad6385a036054e5bc1efa185b7f0acabc7893523a12", 0x7fffffffffffffff}, 0x6, &(0x7f0000000200)="5cb2bed81b95aee4a0afa372d481c9c75e5ac9b8f6f8f407539c4d45ea9695b6f7dbd5a7ade5c672e4877665209846cef4be40d8a445d4fd96a03a95d572231135081d3a06c099cfe14d15cde89ceb8e0d8a90d00391c1a392e71b1a4e5f18150ecd2ca97d06ff1229683be8711a9ceb951a5c27dc0d2a38478a936366601e2756b44594e4a468a5a8940204f9e4e0875d9f16e4d2251ed92a41034235e7096d9f0a2f54e82dc7ff9b8edcc040c577a80ae1e1354ff47ddf2ca39348e94d34465f9b91e5a3f199ccbdf755107c0353ba606149a4f3254d8c99164400d9f272dadccd321a28d2e0ca8ed2f1ef2e74ca2f", 0x5, 0x400}, 0xffffffff}, 0xffffffff, 0x7) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x4, 0x9) 2.225218107s ago: executing program 1 (id=1364): set_tid_address$auto(0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x10de41, 0x0) bpf$auto(0x5, 0x0, 0x7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r1, 0x40045506, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x6, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6e]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31) sendfile$auto(0xffffffffffffffff, r3, 0x0, 0x8000) read$auto_tracing_pipe_fops_trace(r3, &(0x7f0000000180)=""/33, 0x21) r4 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB, @ANYBLOB="06000600ff070000080007", @ANYRES32, @ANYBLOB="566dcf4d6c9bd6774273c0080002000500000005000d00040000000800080009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) shmctl$auto(0x9, 0xe, 0x0) socket(0xa, 0x2, 0x73) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x7bf, 0x7bd6, 0x0) 2.225072155s ago: executing program 2 (id=1365): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7, 0xb) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0x621f, 0x10004) mmap$auto(0x1, 0x2020009, 0xffff, 0x10, 0xfffffffffffffffa, 0x4) r0 = socket(0x2, 0x801, 0x100) r1 = io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) close_range$auto(r0, r0, 0x10001) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), r0) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="000427bd7000fbdbdf250900000004001e000a000500ffffffffffff00000a000900aaaaaaaaaabb000008001c000004000008000300", @ANYRES32=0x0, @ANYBLOB="0a0021000180c200000e000004001e000800170002000000"], 0x58}, 0x1, 0x0, 0x0, 0x20001890}, 0x8080) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mkdir$auto(&(0x7f0000000000)='./file0/file1\x00', 0x2) mkdir$auto(&(0x7f0000000080)='./file0/file0\x00', 0x3) renameat2$auto(r3, &(0x7f00000000c0)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x2) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0x2, 0x7, 0x8080) ioprio_get$auto(0x3, 0x2) 2.017076742s ago: executing program 2 (id=1366): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7, 0xb) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0x621f, 0x10004) mmap$auto(0x1, 0x2020009, 0xffff, 0x10, 0xfffffffffffffffa, 0x4) r0 = socket(0x2, 0x801, 0x100) r1 = io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) close_range$auto(r0, r0, 0x10001) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), r0) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='\t\x00', @ANYRES16=r2, @ANYBLOB="000427bd7000fbdbdf250900000004001e000a000500ffffffffffff00000a000900aaaaaaaaaabb000008001c000004000008000300", @ANYRES32=0x0, @ANYBLOB="0a0021000180c200000e000004001e000800170002000000"], 0x58}, 0x1, 0x0, 0x0, 0x20001890}, 0x8080) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mkdir$auto(&(0x7f0000000000)='./file0/file1\x00', 0x2) mkdir$auto(&(0x7f0000000080)='./file0/file0\x00', 0x3) renameat2$auto(r3, &(0x7f00000000c0)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x2) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0x2, 0x7, 0x8080) ioprio_get$auto(0x3, 0x2) 1.912708513s ago: executing program 0 (id=1367): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)={0x24, r1, 0x14264b2b184ca509, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4) 1.750034585s ago: executing program 2 (id=1368): r0 = socket(0x2, 0x1, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x2000, 0x0) epoll_create$auto(0x4) epoll_create$auto(0xf774) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x3fd, 0x8000) ioctl$auto_KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x60) setitimer$auto(0x2, &(0x7f0000000000)={{0x100000000000002, 0x7f}, {0x800000004, 0x2}}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/nfc/nfc1/rfkill1/index\x00', 0x2000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0xfffffffd, 0x20000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x20008001) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) socket(0x2, 0x3, 0xa) socketpair$auto(0x8, 0x6, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xfffffffe, &(0x7f00000002c0)={0x0, 0x20000000000c4}, 0x1, 0x0, 0x0, 0x9}, 0x3}, 0x1, 0x0) write$auto(0x3, 0x0, 0xfdf3) 1.688670848s ago: executing program 0 (id=1369): set_tid_address$auto(0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x10de41, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@token_create={0x1, r0}, 0x7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r2, 0x40045506, 0x0) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x6, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6e]}, 0x1fe, 0x81) socket(0x10, 0x2, 0x0) read$auto_tracing_pipe_fops_trace(0xffffffffffffffff, &(0x7f0000000180)=""/33, 0x21) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYBLOB="06000600ff070000080007", @ANYRES32, @ANYBLOB="566dcf4d6c9bd6774273c0080002000500000005000d00040000000800080009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x7bf, 0x7bd6, 0x0) 1.60572354s ago: executing program 1 (id=1370): mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0x2, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b64, 0x1) 1.561133188s ago: executing program 3 (id=1371): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) (async) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x3d, 0x4909b6f8, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0xefde, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x4]}, 0x1fe, 0xd) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000000), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}}, 0x40000) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) (async) ioctl$auto(0x3, 0x80045530, 0x38) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) (rerun: 32) ioctl$auto(0x3, 0xc10c5541, 0xb551) (async) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), r2) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x2c, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r4) (async) r6 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) ioctl$auto_RTC_SET_TIME(r6, 0x4024700a, 0x0) (async) r7 = getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, r5, 0xa01, 0x70bd2b, 0x25dfdbfb, {}, [@TASKSTATS_CMD_ATTR_TGID={0x8, 0x2, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) (async, rerun: 32) r8 = openat$auto_userfaultfd_dev_fops_userfaultfd(0xffffffffffffff9c, &(0x7f0000000040), 0x280080, 0x0) (rerun: 32) r9 = getpgid(0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_DEST(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="98000000", @ANYRES16=0x0, @ANYBLOB="000426bd7000fddbdf25080000007c0001802800428008001400", @ANYRES32=r7, @ANYBLOB="0400198008004100", @ANYRES32=0xee01, @ANYBLOB="b0423f30b4ef27e14a00000000000000f93d0e47735f6fdc0acae1bb57fc2ceacb9a087082773c9b8a73000000000000000322d60972376523429507eaf95ed5bb780ee3832ab64ca3d7aa7484bfb81a28ab2f4acd0ddf868a5b98ac56671fa73327", @ANYRES32=r8, @ANYBLOB="08a41800", @ANYRES32=r9, @ANYBLOB="4f003c8004000c802d41271b2ffaaf0c0f553e58fb1f0759491efc77f55a15fc9d414d80e582c0511ff09db7b4aa64eb9eb2c58a53bf8bb290a3babdec1949fb429f8edcf1b82b96dc9e83d46edd43000800050009000000"], 0x98}, 0x1, 0x0, 0x0, 0x4040840}, 0x804) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) 1.538345609s ago: executing program 2 (id=1372): set_tid_address$auto(0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x10de41, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@token_create={0x1, r0}, 0x7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r2, 0x40045506, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) statmount$auto(0x0, 0x0, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r4 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31) sendfile$auto(0xffffffffffffffff, r4, 0x0, 0x8000) read$auto_tracing_pipe_fops_trace(r4, &(0x7f0000000180)=""/33, 0x21) r5 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB, @ANYBLOB="06000600ff070000080007", @ANYRES32, @ANYBLOB="566dcf4d6c9bd6774273c0080002000500000005000d00040000000800080009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) shmctl$auto(0x9, 0xe, 0x0) socket(0xa, 0x2, 0x73) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x7bf, 0x7bd6, 0x0) 1.343991589s ago: executing program 1 (id=1373): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0xa, 0x801, 0x84) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) close_range$auto(r0, r1, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0x9, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f0) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.194487172s ago: executing program 3 (id=1374): mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_RTC_IRQP_READ(r0, 0x8008700b, &(0x7f0000000080)=0x6) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) mlock$auto(0x5, 0xffff) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/content\x00', 0x2800, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001080)=""/244, 0xf4) r2 = openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f0000001440), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB="5de1523353782950"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x4601, 0x0) ioctl$auto__dev_ioctl_fops_dev_ioctl(r2, 0x192ff, 0x0) socket(0xa, 0x3, 0x3a) 1.09335326s ago: executing program 1 (id=1375): r0 = eventfd$auto(0x9) r1 = clone3$auto(&(0x7f0000000100)={0x1423, 0x5, 0x10, 0x9, 0x81, 0xfff, 0x3, 0x61, 0xff, 0x4, 0x7c25}, 0x0) r2 = prctl$auto(0x18, 0x10000000000005, r1, 0x8, 0x4) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) pipe$auto(&(0x7f0000001480)) r3 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x1e, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r4, @ANYRES32], 0x18}}, 0x80) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10048884) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), r2) r8 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) r9 = setfsuid$auto(0xee01) fchown$auto(r8, r9, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000001480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001440)={&(0x7f0000000300)={0x1114, r7, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x1100, 0x2, 0x0, 0x1, [@typed={0x8, 0x143, 0x0, 0x0, @fd=r0}, @nested={0x10, 0x2a, 0x0, 0x1, [@nested={0x4, 0x136}, @typed={0x8, 0x96, 0x0, 0x0, @uid=r9}]}, @nested={0x10e1, 0x7e, 0x0, 0x1, [@nested={0x4, 0x89}, @nested={0x4, 0xe4}, @nested={0x4, 0x91}, @generic="cf0ca1034461687347eb23f1edbbfef745b5e5c9f6be9dd137d24678a37ecc99b23f8b1c7b666c1f2d08d4f7be858944139a67fd5e005f6bd131507ee080e9486acd2b9b0179d84da55125429b148c0c1146469bc8208de077606c134b930c0879bb09249d0e835281badd7a0dbeae79b956dc45b89352e4582d8dfb64eb4f2f0a1ac2a24df9fe913eda64760ef01bad1e2f2c2df2bc12d37d2bf04b597fc6c77f4995413003c85e875a751626e0def497c484db90615b8eaebfbd024cdc408bf3ebe0c768cb381f83613f38deb7ad773d", @generic="b0d8d80452878355d396bd865c5783b457f0b112b482a8b086b3af34bf11aad82ba36a170abb1cdb9e5497db9059447ec2cabd965e35dffc1bd33a9b39fd4d050d15966e13efaab555db164d16eecae8be7bc1d74632d65d70472629e949a010bbe65e7df24a11934101738852200ea038f6b1d260351c86350655da380ed526ce78a77fc496e39ba46635be99e077f1cc09ea5c48ead1541a5427071ed88a4f468179b1af706dd101d406e2c2698a926d003b9a0a894446942f462989a419c876eb091a093dbdf302a952d442557e70c96b222e7b46e9c86db51f5275d08408b1bcdee3c9a7aa053a6e8e1a0a7ec0b4756d5f7a918e99c696f2b41a0fe7072993d3ba03cb311b7afcb5caa5a2d70255350e6dc333d8f557462a32ea1e98a8e66e4f6559ae2466ce3ffdeb54597e49bb1e536fd32ce54adb8d29dfad00513d60baa152b81f67b60588dcdd6a1537dccbc811ac20da1aaf033512e922643a919a4f9e099b63222dc4ac696a6aeec8afd3086dd2c458ac07a0836efe53ded8430335de8a85c0744bf5c23dd824e6d911198836ebee6be788d056a35d7b747fa96db069db222e8e6274d3e6edda46aaf506b5b2a1a7b984672b578a191a7c2a66e992cd6b0ccc5b0824c67e78b0f6b4401a424f38ae6b2e8058088eb6641b88f14790564c998fe759345c7abe980e7ff52217340f609da621b7c4e8e84870e6c47948c852b8a71e8afeb1e622be34d28955239264f9de2fa72a6a1862e8d4ce05f41248e1eaef23234fd60df1b134b3d9d8ea36aeecb3243a8cae1ef28318dd5ad91c79e21e93e9e897b7cdb5d298e018a52bf3c1d6195f9f94bd36541b2d7b388ca3a016ffa75e6f8399f299467ae8eee88a01b1bd1e0bd2b3775c9e297b99a0da767385dd807488a5f41b4a8fad225605cdf275e8bb9f7166c9fcd9112134df1f2f1fa5fede159ddeac6df0736a3f6867e97140225505ecd3bcfa10d723e7bbb0ed143094f2cb17a92dca126b3a8aca9ee0449fcb42e8e13d2b1c58b0beccdb0e93e9cffd444eca24be3e4d5044927abd517bb29483613b73888481dd7199ce3ba491e6bfd00b78228bcacbaab1fb78317984635d41eb641e2df70fab634e9a00402cad6e369b23aad4bdeda53e533fce5f34775c31d8ec9104f5606682b9bc8a95c91a78935d2974fa3d38fc01d992d0477cf473ad2daf7f8a6ce8c4baa00aac79e6f78c0735d99c4987dbf7f230d16e9b116449d79db5b6adcbddb7de23cf5c38ef5a5fe284d912b162b0f7a8c454be2ee646b1c3ca5015cfd4c84ae0ea8211a71fab945072a4f943a767ee49fe00a731dc3f80198d18d2f0969055adfbd9b706f20da44482ca993d2764ff9fd3bbc41ebfd88841f96b9b172b1ef0447e8dff7d6ac95f408ddea37b04403f8ad0e663447ed83ae5cc1f20c81cb9c1d0eeff2a272c9ee123e6d50f5a765ec888669f83ee4538a0433837cfaca5e447d417e40afee4902fb849102b9ca6a80660a369dd4f79db189db7f42c388b21082e309acf25abcd06448b0c490bc38e6ee577dbd3bfa529b81eb515ed5de286a9e3c652db9899349b91372b6165ac2b1d9643f52d3fdedfd5bcaf6043b5ac70afc5f724e3b77cfb536dfbec8cc49e7d116bb7fcba93e7dc0e831c108830a3e5c9d5029e71381104da9bac6208e385a7612bf990ae0568f6c4f4f006612f98c2956a828ba34847dbe6de8911b2c489dc0a3d9be364b9b8b02bb0173541f5db51e09840ae3137a39d58fdc99f60b661bbcc129b845af2f25385ffb1f4a79f551562746aef1582ea7db64f82aacb8db88f24013856e89c684ff3e70fb992096b4e82b043178c971ed92b6b5ae2649abf101fd19fb6c44e9eb0d31799863c47f55766d23bb2fcc61f771f6767dbb36a85db669aa8edec4bd83f516780ff95cd8da00008b4b37f64a564fac397d7a0b8288d37a45cf7cb5ffcf67687f656595975578e6b3144365aec4c1670e0593501a251af0304c684172ed92d2b5a8cf182240500cb27429183ad5f706cad910bc669a0e7a267d2e5ee2c84b2074b2bec74cb49620135a60994fcf4fdfacd8d50e80b8fb5c53cf026b4ad91b283943fbe7da241ba2d0df81b54141793af8a29e7a4a5d3f9a4ecfedc177e5560234dde6f357fac9bb695ac2b7a9d87a4f7a3ab384e07445e61741220f2c16a964468549b611e0e3d1fdbf05cdba90c9475b1a8f6b96e6aed556b08354c70a71a25d7f6f990b9b0549e5f9e332f18fef160f63d02408834e137b99ef77b9e595cec8688a4cf2447ab549ad31518e9ba62373d8f590c2c552867a738a1c59d45a832fa6784469d6f624f8967f5b0f02baebf9821f2ff017cb732d50e94b03505eacd640c91c023ab7fdf9dd4ec30e5351eb838a397b41093eb77a6fb0136ac667e25819befee4c1283adf5426b7f23c716e933ac91999fe8e0a6f763e5e774d1b1ad5b1142fc59bb55ace91fa7a3b000fead7021035dfbb3ad722ac78c0230229bb0bf125a8a8a6ea8fc435e37ed1c59f00d8555c2f4dde1d7954743b19370627c94fe04dbd1109cafe0ec185a68cda84920551a19243e284bd9023fa9148cd4bdababf39ed20a4e022d039c3fd8eac8a4e4c538ac5b4b85c3ef22b99026839dfda2559ddc5756eba94b26ce21e1f954a9df9752165c5f4848e4aa836f7d68dda172f1d099c55aae066c7e34d0c09fc8b103145f014456bd4101054eb69460c3434846d469e756684ff3e4d1d5b327546c52a91776179b894628cd8920c470369d9eb7ce702454109b9f2b265fa69ba62915fd2253177b84b7e0a5c1a26876994f0c408c0506f02e5412ea2ebdd2348a4192069012e54e08be5a736e37d67ddd2c593a61a32862fb7fd5b4bb4a3a62a18e4841cbd8c32b721110cf294c6372cf603b3872ca8e3e3fe30d3c51d8ae886e5c49224eede660c561ebd113cd08f9802cde5f1398bb66f95659d11e93bd2c1f8347d5929743a604f3ef2ce0b4be2d4becf2c3346e2c08e73c599c4e342eae2795a04e8dece49bb54c1d5d47c0e34b8f99123432b3346b9c6723d4075f198afc52531be789073048047174b3814068b9ed89f90eefbaf4ab5ba0a0397dce9251243a854815f11c389f0892db4c740d8441f3da4de79b5e47dee1fce2a20a7ed36ddb2d11db9d7a7d7743d7ccebfcec43d9247c8168f087ded440479b7192942559e72e328c0783a86029217edef2d71e57a69f98503590cee75c2f5f9e1c0c9b9664fcd115b3bb4d7325d0b6f2f6a0e0c610e330b925d6af2006533ba86f2b88b994e8c90b6a771ee5da7021384c7f3a1bb85a644b46a2b6724b0a79b67e08f82e9cff6370936f136b80205e21c4e0c7d0435a301d22b24f00364e63ced1171e58724885294c0de07c839c4ee1a5902abc93a5295ffd804a963936b8af8e8c94b0ee2d4d57f15db6756a637e1ceced47a7fd46b9ba94563376080eb38b6b090c9eb2c2a66a3a3fb89b7e5a315f016c8ff479d762a06cddc584c6d7b3bc45c9b663d845f1aa46e3a72c89646c600be71f455eabc6d6354b81e9f578a88d8ac59e46ed837ec5bfaec9dfd98efd2fd156d86e9fbc981ae36fd29c45fbf6320647437001be15afecbfd7f7b5e64f230f52a9394d336df66ac457ed9e4b2f5c8e9dcaf5c332374835a98d8fc5c7f5a31f097a95f921edcffc98cb31d0092df36dd6c1cc22496d4a9a4f6011e6b94150345c345168fea28cd38feee8203c6a9883656f10110e33f44894c460d05f9ac740a0785990e41213678cf1edb8d474fc6914ed73dee19210bfc3e136674d04c0a90fb8721001c509beeab4104789f73b480c718e7d90defd61984922a2e8c372b9b6f5ff61e730d272227b1138cc8e5f0d2802304207c4463c212ae3e10d989608d562c9970bf82515e24aca0091c485eb073a73614634ce067e50f35da9f9e8f544b3273ffc7339ba6a0a6980130cccc1237a12f3e8d289361b0eda2e20486a3f8a88374b4fa5b00e349eb8f398895aa2e2c084675e0e0a71e73c9ac56b372c49d276ee72459a28d0137dced660398837456262c42badf452a5f9f5524fe720cb8b2e676bbb99a3db6837bc4046585e5ccff2994d3a135648210214b8d62f6138632c7ff442c858caf7b4cbb30b080af2c9590c4159f07c8a8671cc5eda0dc07ba430a5ce432dd9b276362d40e10482c9a13d557273725978d1563430a5aabb1c10dcb5e9adad00b0b099807105b69589d70e6847e6107de0539fffae86ae34ef38e595d56b66c1c687b8631a9abd26239d8550f6e563ea83cc58b52d7eadb07332af38ba1b01c9253af45801113564f102e266e9e566ae78730688c3b1720d385117f4e955893e67fc9fd4b2e1dd8e33f6ee617c3cf9eb94b561281d5ff89441c2281f2f2e354356f2d132126df9c2f2e7186372f00b59d699f3575cd48f0bde0fb3021e5c45906425413ef04881ed670ffc3026816b8663b25feca2906a68b005093fccbb317e1b9f0ea160e833bdfe0259f0b12b8bfd0158877a93a9af28146d5f522d2f29ed1556b742d58cce7a973d7053ee3c8ec72912871ce6823138defdf2a653140045e867ba77719b3e2e218b21eec31ca1f59574106ae00ccdf73501319f4c5afa7809d14158d322821749ddabc477687b2684a8bd1fb11e5b6636db109551bbee21d537dca03e24baf5bde4c12cc8981862626f5d9640c583ee1be701444d1ab8d9d0f4843e55521080363a825afbad9cc56091e081e24a78e66395bf866d75620fcedf8061b9e1e4e39b7b358a6564fd3cc2a6e52edb0c55ee06a50f5860e529c5c4e002736a69a0512e5821a7ebf0e67cac73006f5e38b3c178f046477fcb3279bb026b52842cea0c4a718a709edac6a266573ad40d97157c9075f1cc364c545c117f265edacc31e66d77cf237edb247c920e4b0991bdac9906c5a5dc0e88e0693060cfc8633fe08d08d19640e1676b4867eb7b734ea1fc77924e0a15308c746ced493fc476e817bfc18f0e73f93dd684fe7b9e9f32e1e3febb79827a08a4412e9dbad5fe01b5a0240873318209c41567f32c6c0d46e9e0d7069999aada7599c813fcefce9cf75a0dc62a4f492a5e97992c6ff433c5038700b81bd058c5626f634d18f5fa1ba0709b83e9e5b56bd060e5db2694aee0669257164ab3efa5672d2276b6ffe740107147f0e90cf93ec694a238cb69c625dd76d9a3464c0bfd742f4d794c48b2513cc6e7b76652c28378b6c62f1c2a88b27dc02cce7390ba9ed31e1d95378a4d41065a0764a8d964bd41a62af504d683326ad70ff62179ee7fc46c88a2d44c3c5113ab14a802f5cb5d790f431b904d7259cda89193121163fc12e686e8758ddb5b815ffb79ec3ebc41bc8976c474c4d26d25102b2d21e13ca2222aecdbb5bd732c015b7a3c2ccc71b7966c6a4025d7bc8032ee7f22fb1a85970a0afdceada3dda88417026227875dc67b6b2e3c2366cfda69ef900ff7c99ca325d6a16b6ec7c855481bd0dd64e047c04189f30b0a38a6187707a777937f37715af2351cb8c6d3d39b5c4f3bd8777c88bdc98f91d34d40adc4ff8c2ff22d5914f7a06497bd0abe19355dac1425a048b9993a8fde59cd2afcc9222a7c77edbf38e58885a6af7ee36a96605ba804fdf51e9c0fe0c47b65655997f460ad73013949e7066b0bf87841ecd2bc056818c865df654019fca243ab7505d42304ee4a749690f3cb4587e3d19e44d9f2021e82af3dc2b54cde23499a7371feef706bb8740895189af5ebd29e9e9e0c7e"]}]}]}, 0x1114}, 0x1, 0x0, 0x0, 0x8004}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xf) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) sendto$auto(0xffffffffffffffff, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 990.038667ms ago: executing program 3 (id=1376): mmap$auto(0x0, 0xff, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x800) socket(0x15, 0x5, 0x0) getsockopt$auto(0x2, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) (fail_nth: 1) 862.142891ms ago: executing program 1 (id=1377): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7, 0xb) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0x621f, 0x10004) mmap$auto(0x1, 0x2020009, 0xffff, 0x10, 0xfffffffffffffffa, 0x4) r0 = socket(0x2, 0x801, 0x100) r1 = io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) close_range$auto(r0, r0, 0x10001) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), r0) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='\t\x00\x00', @ANYRES16=r2, @ANYBLOB="000427bd7000fbdbdf250900000004001e000a000500ffffffffffff00000a000900aaaaaaaaaabb000008001c000004000008000300", @ANYRES32=0x0, @ANYBLOB="0a0021000180c200000e000004001e000800170002000000"], 0x58}, 0x1, 0x0, 0x0, 0x20001890}, 0x8080) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mkdir$auto(&(0x7f0000000000)='./file0/file1\x00', 0x2) mkdir$auto(&(0x7f0000000080)='./file0/file0\x00', 0x3) renameat2$auto(r3, &(0x7f00000000c0)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x2) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0x2, 0x7, 0x8080) ioprio_get$auto(0x3, 0x2) 696.467967ms ago: executing program 2 (id=1378): set_tid_address$auto(0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x10de41, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@token_create={0x1, r0}, 0x7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r2, 0x40045506, 0x0) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) read$auto_tracing_pipe_fops_trace(0xffffffffffffffff, &(0x7f0000000180)=""/33, 0x21) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYBLOB="06000600ff070000080007", @ANYRES32, @ANYBLOB="566dcf4d6c9bd6774273c0080002000500000005000d00040000000800080009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x7bf, 0x7bd6, 0x0) 593.233682ms ago: executing program 3 (id=1379): set_tid_address$auto(0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x10de41, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@token_create={0x1, r0}, 0x7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r2, 0x40045506, 0x0) move_pages$auto(0x0, 0x33b, &(0x7f0000000080)=0x0, 0x0, 0x0, 0x4) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) read$auto_tracing_pipe_fops_trace(0xffffffffffffffff, &(0x7f0000000180)=""/33, 0x21) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYBLOB="06000600ff070000080007", @ANYRES32, @ANYBLOB="566dcf4d6c9bd6774273c0080002000500000005000d00040000000800080009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20440c0}, 0x4000004) write$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x7bf, 0x7bd6, 0x0) 498.299536ms ago: executing program 0 (id=1380): select$auto(0x2, &(0x7f0000000200)={[0x2, 0x8eac, 0x6, 0x1c00000, 0x8, 0x2, 0x3c, 0x0, 0x0, 0x4, 0x6, 0x406, 0x80000000, 0x8, 0x80000000, 0x80000000]}, 0x0, &(0x7f0000000100)={[0xa, 0x5, 0x3, 0x8, 0x7, 0x800008, 0x1, 0x10001, 0x377, 0x0, 0x7, 0x8000, 0x3, 0x9, 0xf963, 0x401]}, &(0x7f0000000180)={0x0, 0x35}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/bond0/bonding/resend_igmp\x00', 0xc8f00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/44, 0x2c) 453.843917ms ago: executing program 1 (id=1381): r0 = socket(0x2, 0x1, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x2000, 0x0) epoll_create$auto(0x4) epoll_create$auto(0xf774) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x3fd, 0x8000) ioctl$auto_KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x60) setitimer$auto(0x2, &(0x7f0000000000)={{0x100000000000002, 0x7f}, {0x800000004, 0x2}}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/nfc/nfc1/rfkill1/index\x00', 0x2000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0xfffffffd, 0x20000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x20008001) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) socket(0x2, 0x3, 0xa) socketpair$auto(0x8, 0x6, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xfffffffe, &(0x7f00000002c0)={0x0, 0x20000000000c4}, 0x1, 0x0, 0x0, 0x9}, 0x3}, 0x1, 0x0) write$auto(0x3, 0x0, 0xfdf3) 338.587362ms ago: executing program 0 (id=1382): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x2, 0x0) socketpair$auto(0x1e, 0x1, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_TCFLSH2(r0, 0x8926, 0xfdfd) 101.102976ms ago: executing program 0 (id=1383): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0xa, 0x801, 0x84) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) close_range$auto(r0, r1, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0x9, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f0) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 0s ago: executing program 0 (id=1384): openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) mq_open$auto(&(0x7f0000000080)='\b', 0x76d0, 0x101, &(0x7f0000000100)={0xa, 0x8, 0x7fffffffffffffff, 0x5b}) r0 = socket(0xa, 0x801, 0x84) splice$auto(r0, 0x0, r0, &(0x7f00000000c0)=0x200, 0x7, 0x3) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x2, 0x5, 0x0) socket(0x2, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, 0x0, 0xb) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x5) prctl$auto(0x35, 0x1, 0x0, 0x0, 0x0) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, 0x0, 0x7, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x202, 0x0) pwrite64$auto(r3, &(0x7f0000000000)='/proc/sys/user/max_fanotify_groups\x00', 0x8, 0xf) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xf5s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4d, 0x1003) shutdown$auto(0x200000003, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.57' (ED25519) to the list of known hosts. [ 83.627584][ T5820] cgroup: Unknown subsys name 'net' [ 83.780843][ T5820] cgroup: Unknown subsys name 'cpuset' [ 83.789219][ T5820] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.514570][ T5820] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.756052][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.764276][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.776548][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.786494][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.795256][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.803242][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.811043][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.813430][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.827484][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.836249][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.844875][ T5846] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.852849][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.856269][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.869081][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.876564][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.879372][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.884770][ T5846] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.898534][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.906188][ T5842] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.906819][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.921060][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.929040][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.937972][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.955417][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.264211][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 88.401631][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 88.465584][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 88.525122][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 88.550400][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.558741][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.566140][ T5829] bridge_slave_0: entered allmulticast mode [ 88.573373][ T5829] bridge_slave_0: entered promiscuous mode [ 88.603884][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.614471][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.622222][ T5829] bridge_slave_1: entered allmulticast mode [ 88.629364][ T5829] bridge_slave_1: entered promiscuous mode [ 88.660582][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.667793][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.675017][ T5831] bridge_slave_0: entered allmulticast mode [ 88.682285][ T5831] bridge_slave_0: entered promiscuous mode [ 88.712604][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.720175][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.727550][ T5831] bridge_slave_1: entered allmulticast mode [ 88.734363][ T5831] bridge_slave_1: entered promiscuous mode [ 88.751374][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.790624][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.831762][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.842456][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.849854][ T5830] bridge_slave_0: entered allmulticast mode [ 88.857073][ T5830] bridge_slave_0: entered promiscuous mode [ 88.870264][ T5829] team0: Port device team_slave_0 added [ 88.880041][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.887350][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.894549][ T5830] bridge_slave_1: entered allmulticast mode [ 88.902026][ T5830] bridge_slave_1: entered promiscuous mode [ 88.918424][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.929124][ T5829] team0: Port device team_slave_1 added [ 88.937518][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.989372][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.000118][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.008854][ T5832] bridge_slave_0: entered allmulticast mode [ 89.015677][ T5832] bridge_slave_0: entered promiscuous mode [ 89.024956][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.032597][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.039992][ T5832] bridge_slave_1: entered allmulticast mode [ 89.047255][ T5832] bridge_slave_1: entered promiscuous mode [ 89.072828][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.085675][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.108949][ T5831] team0: Port device team_slave_0 added [ 89.115795][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.122924][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.149244][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.180226][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.191130][ T5831] team0: Port device team_slave_1 added [ 89.208229][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.215225][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.241774][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.271927][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.316037][ T5830] team0: Port device team_slave_0 added [ 89.332864][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.340580][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.370438][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.383683][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.395596][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.421838][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.443993][ T5830] team0: Port device team_slave_1 added [ 89.452333][ T5832] team0: Port device team_slave_0 added [ 89.478440][ T5829] hsr_slave_0: entered promiscuous mode [ 89.484890][ T5829] hsr_slave_1: entered promiscuous mode [ 89.503020][ T5832] team0: Port device team_slave_1 added [ 89.565052][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.572400][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.598492][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.610953][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.620488][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.646714][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.665657][ T5831] hsr_slave_0: entered promiscuous mode [ 89.672280][ T5831] hsr_slave_1: entered promiscuous mode [ 89.678585][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.686438][ T5831] Cannot create hsr debugfs directory [ 89.692747][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.699981][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.726717][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.739219][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.746182][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.772259][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.901180][ T5830] hsr_slave_0: entered promiscuous mode [ 89.911558][ T5830] hsr_slave_1: entered promiscuous mode [ 89.917956][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.925567][ T5830] Cannot create hsr debugfs directory [ 89.938168][ T5833] Bluetooth: hci2: command tx timeout [ 89.944243][ T54] Bluetooth: hci0: command tx timeout [ 89.948530][ T5832] hsr_slave_0: entered promiscuous mode [ 89.956763][ T5832] hsr_slave_1: entered promiscuous mode [ 89.963290][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.971015][ T5832] Cannot create hsr debugfs directory [ 90.021026][ T54] Bluetooth: hci1: command tx timeout [ 90.028763][ T5833] Bluetooth: hci3: command tx timeout [ 90.161961][ T5829] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.195059][ T5829] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.205303][ T5829] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.231555][ T5829] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.371235][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.402225][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.414689][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.433705][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.474839][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.488841][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.503023][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.514541][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.593596][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.603738][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.614873][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.635320][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.679379][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.734474][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.781394][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.788891][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.820365][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.827575][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.856206][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.887199][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.937659][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.952153][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.979447][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.986728][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.995672][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.002924][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.032246][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.039414][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.063759][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.078385][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.095379][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.102547][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.177417][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.214708][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.236515][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.243684][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.262490][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.269703][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.338504][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.529976][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.643604][ T5829] veth0_vlan: entered promiscuous mode [ 91.663901][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.690709][ T5829] veth1_vlan: entered promiscuous mode [ 91.791780][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.822982][ T5831] veth0_vlan: entered promiscuous mode [ 91.855267][ T5829] veth0_macvtap: entered promiscuous mode [ 91.872531][ T5831] veth1_vlan: entered promiscuous mode [ 91.884698][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.894496][ T5829] veth1_macvtap: entered promiscuous mode [ 91.931512][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.963268][ T5832] veth0_vlan: entered promiscuous mode [ 91.975339][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.003091][ T5832] veth1_vlan: entered promiscuous mode [ 92.012382][ T5829] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.016876][ T54] Bluetooth: hci0: command tx timeout [ 92.025604][ T5829] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.026998][ T54] Bluetooth: hci2: command tx timeout [ 92.041085][ T5829] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.041139][ T5829] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.068828][ T5831] veth0_macvtap: entered promiscuous mode [ 92.100829][ T5831] veth1_macvtap: entered promiscuous mode [ 92.103830][ T54] Bluetooth: hci1: command tx timeout [ 92.107841][ T5833] Bluetooth: hci3: command tx timeout [ 92.125010][ T5830] veth0_vlan: entered promiscuous mode [ 92.165453][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.191357][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.205001][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.243282][ T5832] veth0_macvtap: entered promiscuous mode [ 92.277753][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.291705][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.303534][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.339189][ T5830] veth1_vlan: entered promiscuous mode [ 92.346815][ T5832] veth1_macvtap: entered promiscuous mode [ 92.363867][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.373735][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.383395][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.392674][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.447378][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.462890][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.473403][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.490691][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.520057][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.532075][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.540959][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.581025][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.594362][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.605132][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.616078][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.628074][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.672481][ T5832] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.689142][ T5832] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.701542][ T5832] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.713580][ T5832] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.747100][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.755004][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.813264][ T5830] veth0_macvtap: entered promiscuous mode [ 92.838961][ T5830] veth1_macvtap: entered promiscuous mode [ 92.875799][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.897635][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.914614][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.933272][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.940213][ T5829] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 92.943229][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.970972][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.981287][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.992300][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.003781][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.055840][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.067511][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.087099][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.101680][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.113214][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.163611][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.179602][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.202469][ T1331] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.230356][ T1331] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.245153][ T5830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.259555][ T5830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.268898][ T5830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.282866][ T5830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.315903][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.339882][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.402900][ T5896] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'. [ 93.585746][ T5900] Zero length message leads to an empty skb [ 93.625389][ T5896] team0: Port device team_slave_0 removed [ 93.631210][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.631258][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.754687][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.754718][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.839485][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.839513][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.099160][ T5833] Bluetooth: hci2: command tx timeout [ 94.099735][ T54] Bluetooth: hci0: command tx timeout [ 94.176790][ T54] Bluetooth: hci1: command tx timeout [ 94.178464][ T5833] Bluetooth: hci3: command tx timeout [ 94.212693][ T5905] netlink: 'syz.0.5': attribute type 33 has an invalid length. [ 94.235814][ T5905] netlink: 322 bytes leftover after parsing attributes in process `syz.0.5'. [ 94.654627][ T5917] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8'. [ 94.667112][ T5919] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9'. [ 94.879098][ T5919] team0: Port device team_slave_0 removed [ 95.867994][ T5949] netlink: 28 bytes leftover after parsing attributes in process `syz.1.17'. [ 95.886747][ T5947] netlink: 28 bytes leftover after parsing attributes in process `syz.2.16'. [ 96.114773][ T5957] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 96.181431][ T5833] Bluetooth: hci0: command tx timeout [ 96.181457][ T54] Bluetooth: hci2: command tx timeout [ 96.256866][ T5833] Bluetooth: hci1: command tx timeout [ 96.256872][ T54] Bluetooth: hci3: command tx timeout [ 96.342241][ T5947] team0: Port device team_slave_0 removed [ 96.881080][ T5971] netlink: 28 bytes leftover after parsing attributes in process `syz.0.23'. [ 96.907852][ T5974] netlink: 28 bytes leftover after parsing attributes in process `syz.2.24'. [ 97.157767][ T5969] netlink: 28 bytes leftover after parsing attributes in process `syz.1.22'. [ 97.301611][ T8] cfg80211: failed to load regulatory.db [ 98.893038][ T6020] netlink: 28 bytes leftover after parsing attributes in process `syz.0.37'. [ 99.142815][ T6029] netlink: 28 bytes leftover after parsing attributes in process `syz.2.38'. [ 99.438811][ T6037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.41'. [ 99.730197][ T6037] team0: Port device team_slave_0 removed [ 101.357048][ T6076] netlink: 28 bytes leftover after parsing attributes in process `syz.1.53'. [ 101.877390][ T6091] netlink: 28 bytes leftover after parsing attributes in process `syz.3.59'. [ 102.049326][ T6097] netlink: 28 bytes leftover after parsing attributes in process `syz.2.60'. [ 102.323198][ T6101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.62'. [ 102.481178][ T6106] netlink: 28 bytes leftover after parsing attributes in process `syz.2.64'. [ 102.893056][ T5833] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 102.897345][ T6112] netlink: 28 bytes leftover after parsing attributes in process `syz.1.66'. [ 104.434320][ T6135] capability: warning: `syz.3.76' uses 32-bit capabilities (legacy support in use) [ 104.963336][ T6146] process 'syz.1.78' launched ':,' with NULL argv: empty string added [ 105.830960][ T6165] mkiss: ax0: crc mode is auto. [ 106.802088][ T6186] netlink: 28 bytes leftover after parsing attributes in process `syz.0.90'. [ 110.219115][ T6239] can0: slcan on ttyS2. [ 110.512889][ T6253] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 110.592118][ T6253] QAT: Stopping all acceleration devices. [ 110.777300][ T6261] netlink: 28 bytes leftover after parsing attributes in process `syz.0.110'. [ 111.176739][ T6238] can0 (unregistered): slcan off ttyS2. [ 113.600582][ T6306] Process accounting resumed [ 113.632648][ T6306] syz.0.118 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 114.317604][ T6319] netlink: 28 bytes leftover after parsing attributes in process `syz.3.121'. [ 117.159228][ T6363] netlink: 28 bytes leftover after parsing attributes in process `syz.0.133'. [ 117.213999][ T6363] veth0_macvtap: left promiscuous mode [ 117.267154][ T6363] macvtap0: entered allmulticast mode [ 118.493415][ T6388] netlink: 28 bytes leftover after parsing attributes in process `syz.0.139'. [ 119.257949][ T6399] netlink: 28 bytes leftover after parsing attributes in process `syz.3.141'. [ 119.685037][ T6410] netlink: 28 bytes leftover after parsing attributes in process `syz.0.145'. [ 119.920057][ T6412] netlink: 28 bytes leftover after parsing attributes in process `syz.3.146'. [ 120.279287][ T6420] netlink: 28 bytes leftover after parsing attributes in process `syz.0.148'. [ 122.277877][ T6453] netlink: 28 bytes leftover after parsing attributes in process `syz.3.157'. [ 122.477251][ T6459] netlink: 28 bytes leftover after parsing attributes in process `syz.2.159'. [ 124.487278][ T6498] netlink: 28 bytes leftover after parsing attributes in process `syz.2.169'. [ 125.597280][ T6510] netlink: 28 bytes leftover after parsing attributes in process `syz.2.180'. [ 127.160642][ T6537] netlink: 28 bytes leftover after parsing attributes in process `syz.2.181'. [ 128.290198][ T6555] netlink: 'syz.3.187': attribute type 33 has an invalid length. [ 128.316965][ T6555] netlink: 322 bytes leftover after parsing attributes in process `syz.3.187'. [ 128.699216][ T6563] netlink: 338 bytes leftover after parsing attributes in process `syz.0.198'. [ 128.731693][ T6563] netlink: 338 bytes leftover after parsing attributes in process `syz.0.198'. [ 129.003103][ T6571] netlink: 28 bytes leftover after parsing attributes in process `syz.1.191'. [ 129.725854][ T6586] netlink: 28 bytes leftover after parsing attributes in process `syz.1.195'. [ 130.209174][ T6600] netlink: 'syz.0.200': attribute type 33 has an invalid length. [ 130.226188][ T6600] netlink: 322 bytes leftover after parsing attributes in process `syz.0.200'. [ 130.306458][ T6603] netlink: 28 bytes leftover after parsing attributes in process `syz.3.201'. [ 130.740027][ T6611] netlink: 28 bytes leftover after parsing attributes in process `syz.0.204'. [ 131.352268][ T6625] netlink: 28 bytes leftover after parsing attributes in process `syz.0.207'. [ 131.904780][ T6637] netlink: 'syz.0.211': attribute type 33 has an invalid length. [ 131.951264][ T6637] netlink: 322 bytes leftover after parsing attributes in process `syz.0.211'. [ 132.374055][ T6648] netlink: 28 bytes leftover after parsing attributes in process `syz.0.213'. [ 132.427203][ T6650] netlink: 28 bytes leftover after parsing attributes in process `syz.3.215'. [ 132.998602][ T6656] netlink: 338 bytes leftover after parsing attributes in process `syz.1.216'. [ 133.046628][ T6656] netlink: 338 bytes leftover after parsing attributes in process `syz.1.216'. [ 133.134210][ T6662] netlink: 'syz.3.219': attribute type 33 has an invalid length. [ 133.153147][ T6662] netlink: 322 bytes leftover after parsing attributes in process `syz.3.219'. [ 133.839479][ T6673] netlink: 28 bytes leftover after parsing attributes in process `syz.2.222'. [ 134.227206][ T6686] netlink: 28 bytes leftover after parsing attributes in process `syz.0.226'. [ 136.099138][ T6730] netlink: 'syz.2.241': attribute type 33 has an invalid length. [ 136.118716][ T6730] __nla_validate_parse: 4 callbacks suppressed [ 136.118738][ T6730] netlink: 322 bytes leftover after parsing attributes in process `syz.2.241'. [ 136.796908][ T6746] netlink: 338 bytes leftover after parsing attributes in process `syz.2.248'. [ 136.830724][ T6746] netlink: 338 bytes leftover after parsing attributes in process `syz.2.248'. [ 136.973716][ T6751] netlink: 28 bytes leftover after parsing attributes in process `syz.0.249'. [ 138.111412][ T6780] netlink: 28 bytes leftover after parsing attributes in process `syz.3.257'. [ 138.145977][ T6782] netlink: 338 bytes leftover after parsing attributes in process `syz.1.258'. [ 138.161108][ T6782] netlink: 338 bytes leftover after parsing attributes in process `syz.1.258'. [ 138.263629][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.270719][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.428952][ T6784] netlink: 28 bytes leftover after parsing attributes in process `syz.0.259'. [ 138.983087][ T6801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.265'. [ 139.025184][ T6801] FAULT_INJECTION: forcing a failure. [ 139.025184][ T6801] name failslab, interval 1, probability 0, space 0, times 1 [ 139.049221][ T6801] CPU: 1 UID: 0 PID: 6801 Comm: syz.1.265 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 139.059913][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 139.070060][ T6801] Call Trace: [ 139.073397][ T6801] [ 139.076374][ T6801] dump_stack_lvl+0x16c/0x1f0 [ 139.081144][ T6801] should_fail_ex+0x497/0x5b0 [ 139.085900][ T6801] should_failslab+0xc2/0x120 [ 139.090760][ T6801] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 139.096215][ T6801] ? skb_clone+0x190/0x3f0 [ 139.100711][ T6801] skb_clone+0x190/0x3f0 [ 139.105026][ T6801] netlink_deliver_tap+0xafd/0xca0 [ 139.110196][ T6801] netlink_unicast+0x6b4/0x7f0 [ 139.115023][ T6801] ? __pfx_netlink_unicast+0x10/0x10 [ 139.120368][ T6801] netlink_ack+0x6a5/0xb20 [ 139.124885][ T6801] netlink_rcv_skb+0x327/0x410 [ 139.129689][ T6801] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 139.135271][ T6801] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 139.140595][ T6801] ? __pfx_aa_get_newest_label+0x10/0x10 [ 139.146315][ T6801] ? bpf_lsm_capable+0x9/0x10 [ 139.151044][ T6801] ? security_capable+0x7e/0x260 [ 139.156074][ T6801] ? ns_capable+0xd7/0x110 [ 139.160534][ T6801] nfnetlink_rcv+0x1b4/0x430 [ 139.165175][ T6801] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 139.170312][ T6801] ? netlink_deliver_tap+0x1ae/0xca0 [ 139.175641][ T6801] netlink_unicast+0x53c/0x7f0 [ 139.180445][ T6801] ? __pfx_netlink_unicast+0x10/0x10 [ 139.185782][ T6801] ? __phys_addr_symbol+0x30/0x80 [ 139.190857][ T6801] ? __check_object_size+0x488/0x710 [ 139.196181][ T6801] netlink_sendmsg+0x8b8/0xd70 [ 139.200981][ T6801] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.206310][ T6801] ____sys_sendmsg+0x9ae/0xb40 [ 139.211132][ T6801] ? copy_msghdr_from_user+0x10b/0x160 [ 139.216654][ T6801] ? __pfx_____sys_sendmsg+0x10/0x10 [ 139.221979][ T6801] ? get_pid_task+0xfc/0x250 [ 139.226646][ T6801] ___sys_sendmsg+0x135/0x1e0 [ 139.231377][ T6801] ? __pfx____sys_sendmsg+0x10/0x10 [ 139.236640][ T6801] ? __pfx_vfs_write+0x10/0x10 [ 139.241462][ T6801] ? do_sys_openat2+0xb1/0x1e0 [ 139.246272][ T6801] __sys_sendmsg+0x16e/0x220 [ 139.250917][ T6801] ? __pfx___sys_sendmsg+0x10/0x10 [ 139.256104][ T6801] do_syscall_64+0xcd/0x250 [ 139.260720][ T6801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.266674][ T6801] RIP: 0033:0x7f4339185d29 [ 139.271162][ T6801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.290812][ T6801] RSP: 002b:00007f4339fce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 139.299289][ T6801] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f4339185d29 [ 139.307306][ T6801] RDX: 0000000000000080 RSI: 0000000020000180 RDI: 0000000000000002 [ 139.315362][ T6801] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 139.323368][ T6801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.331380][ T6801] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 139.339413][ T6801] [ 139.342479][ C1] vkms_vblank_simulate: vblank timer overrun [ 139.706844][ T6812] netlink: 28 bytes leftover after parsing attributes in process `syz.1.268'. [ 140.539176][ T6838] mkiss: ax0: crc mode is auto. [ 141.021550][ T6848] FAULT_INJECTION: forcing a failure. [ 141.021550][ T6848] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 141.066382][ T6848] CPU: 0 UID: 0 PID: 6848 Comm: syz.1.278 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 141.077066][ T6848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 141.087263][ T6848] Call Trace: [ 141.090594][ T6848] [ 141.093581][ T6848] dump_stack_lvl+0x16c/0x1f0 [ 141.098321][ T6848] should_fail_ex+0x497/0x5b0 [ 141.103067][ T6848] _copy_to_user+0x32/0xd0 [ 141.107562][ T6848] simple_read_from_buffer+0xd0/0x160 [ 141.113006][ T6848] proc_fail_nth_read+0x198/0x270 [ 141.118107][ T6848] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 141.123735][ T6848] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 141.129361][ T6848] vfs_read+0x1df/0xbe0 [ 141.133594][ T6848] ? __fget_files+0x1fc/0x3a0 [ 141.138335][ T6848] ? __pfx___mutex_lock+0x10/0x10 [ 141.143430][ T6848] ? __pfx_vfs_read+0x10/0x10 [ 141.148183][ T6848] ? __fget_files+0x206/0x3a0 [ 141.152934][ T6848] ksys_read+0x12b/0x250 [ 141.157249][ T6848] ? __pfx_ksys_read+0x10/0x10 [ 141.162082][ T6848] do_syscall_64+0xcd/0x250 [ 141.166660][ T6848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.172621][ T6848] RIP: 0033:0x7f433918473c [ 141.177091][ T6848] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 141.196760][ T6848] RSP: 002b:00007f4339fad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 141.205239][ T6848] RAX: ffffffffffffffda RBX: 00007f4339376080 RCX: 00007f433918473c [ 141.213267][ T6848] RDX: 000000000000000f RSI: 00007f4339fad0a0 RDI: 0000000000000003 [ 141.221289][ T6848] RBP: 00007f4339fad090 R08: 0000000000000000 R09: 0000000000000000 [ 141.229315][ T6848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.237338][ T6848] R13: 0000000000000001 R14: 00007f4339376080 R15: 00007ffe0af98278 [ 141.245388][ T6848] [ 141.617764][ T6861] __nla_validate_parse: 1 callbacks suppressed [ 141.617788][ T6861] netlink: 28 bytes leftover after parsing attributes in process `syz.0.282'. [ 141.683397][ T6866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.284'. [ 141.746947][ T6866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.284'. [ 142.152864][ T6877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.288'. [ 142.965804][ T6901] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 143.033973][ T6902] netlink: 28 bytes leftover after parsing attributes in process `syz.3.295'. [ 144.059713][ T6913] mmap: syz.0.297 (6913) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 144.230296][ T6927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.301'. [ 145.163674][ T6945] netlink: 28 bytes leftover after parsing attributes in process `syz.1.306'. [ 145.387896][ T6949] mkiss: ax0: crc mode is auto. [ 146.111165][ T6962] netlink: 28 bytes leftover after parsing attributes in process `syz.0.314'. [ 146.541871][ T6971] netlink: 28 bytes leftover after parsing attributes in process `syz.3.316'. [ 146.651672][ T6973] netlink: 28 bytes leftover after parsing attributes in process `syz.1.315'. [ 146.679172][ T6975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.317'. [ 146.980965][ T6978] netlink: 'syz.2.318': attribute type 33 has an invalid length. [ 146.996081][ T6978] netlink: 322 bytes leftover after parsing attributes in process `syz.2.318'. [ 147.503797][ T6996] ecryptfs_parse_packet_length: Five-byte packet length not supported [ 147.541583][ T6996] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 147.591679][ T6994] syz.1.323 uses obsolete (PF_INET,SOCK_PACKET) [ 147.886116][ T6998] netlink: 28 bytes leftover after parsing attributes in process `syz.0.325'. [ 148.253224][ T7007] netlink: 'syz.1.329': attribute type 33 has an invalid length. [ 148.281856][ T7007] netlink: 322 bytes leftover after parsing attributes in process `syz.1.329'. [ 150.021364][ T7037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.336'. [ 150.577913][ T7042] netlink: 'syz.1.338': attribute type 33 has an invalid length. [ 150.593249][ T7042] netlink: 322 bytes leftover after parsing attributes in process `syz.1.338'. [ 150.874800][ T7046] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 151.001471][ T7050] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 151.427327][ T7060] netlink: 28 bytes leftover after parsing attributes in process `syz.0.342'. [ 152.119264][ T7078] netlink: 'syz.1.349': attribute type 33 has an invalid length. [ 152.151798][ T7078] netlink: 322 bytes leftover after parsing attributes in process `syz.1.349'. [ 152.294332][ T7073] netlink: 28 bytes leftover after parsing attributes in process `syz.2.348'. [ 152.671944][ T7095] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 153.411973][ T7107] netlink: 28 bytes leftover after parsing attributes in process `syz.2.358'. [ 153.469685][ T7108] netlink: 28 bytes leftover after parsing attributes in process `syz.1.359'. [ 153.980055][ T7113] netlink: 'syz.2.360': attribute type 33 has an invalid length. [ 154.006402][ T7113] netlink: 322 bytes leftover after parsing attributes in process `syz.2.360'. [ 156.686250][ T7133] netlink: 28 bytes leftover after parsing attributes in process `syz.2.367'. [ 156.714743][ T7134] netlink: 28 bytes leftover after parsing attributes in process `syz.1.368'. [ 156.904386][ T7139] netlink: 28 bytes leftover after parsing attributes in process `syz.0.365'. [ 156.914709][ T7143] netlink: 'syz.3.370': attribute type 33 has an invalid length. [ 156.935272][ T7143] netlink: 322 bytes leftover after parsing attributes in process `syz.3.370'. [ 157.171919][ T7147] FAULT_INJECTION: forcing a failure. [ 157.171919][ T7147] name failslab, interval 1, probability 0, space 0, times 0 [ 157.197213][ T7147] CPU: 0 UID: 0 PID: 7147 Comm: syz.3.371 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 157.207920][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 157.218037][ T7147] Call Trace: [ 157.221359][ T7147] [ 157.224335][ T7147] dump_stack_lvl+0x16c/0x1f0 [ 157.229081][ T7147] should_fail_ex+0x497/0x5b0 [ 157.233823][ T7147] ? fs_reclaim_acquire+0xae/0x150 [ 157.239003][ T7147] should_failslab+0xc2/0x120 [ 157.243754][ T7147] __kmalloc_noprof+0xce/0x4f0 [ 157.248581][ T7147] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 157.254267][ T7147] ? tomoyo_realpath_from_path+0xbf/0x710 [ 157.260054][ T7147] tomoyo_realpath_from_path+0xbf/0x710 [ 157.265664][ T7147] ? tomoyo_path_number_perm+0x235/0x5b0 [ 157.271369][ T7147] tomoyo_path_number_perm+0x248/0x5b0 [ 157.276899][ T7147] ? tomoyo_path_number_perm+0x235/0x5b0 [ 157.282621][ T7147] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 157.288710][ T7147] ? __pfx_lock_release+0x10/0x10 [ 157.293788][ T7147] ? trace_lock_acquire+0x14e/0x1f0 [ 157.299052][ T7147] ? lock_acquire+0x2f/0xb0 [ 157.303590][ T7147] ? __fget_files+0x40/0x3a0 [ 157.308218][ T7147] ? __fget_files+0x206/0x3a0 [ 157.312943][ T7147] security_file_ioctl+0x9b/0x240 [ 157.318004][ T7147] __x64_sys_ioctl+0xb7/0x200 [ 157.322714][ T7147] do_syscall_64+0xcd/0x250 [ 157.327258][ T7147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.333192][ T7147] RIP: 0033:0x7f8d93d85d29 [ 157.337634][ T7147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.357273][ T7147] RSP: 002b:00007f8d91bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 157.365721][ T7147] RAX: ffffffffffffffda RBX: 00007f8d93f75fa0 RCX: 00007f8d93d85d29 [ 157.373716][ T7147] RDX: 0000000000000009 RSI: 0000000000004b49 RDI: 0000000000000003 [ 157.381716][ T7147] RBP: 00007f8d91bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 157.389718][ T7147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.397724][ T7147] R13: 0000000000000000 R14: 00007f8d93f75fa0 R15: 00007ffcc2e79f98 [ 157.405742][ T7147] [ 157.424649][ T7147] ERROR: Out of memory at tomoyo_realpath_from_path. [ 157.651491][ T7155] netlink: 28 bytes leftover after parsing attributes in process `syz.0.373'. [ 158.480142][ T7175] netlink: 'syz.2.380': attribute type 33 has an invalid length. [ 158.488078][ T7175] netlink: 322 bytes leftover after parsing attributes in process `syz.2.380'. [ 158.705720][ T7178] netlink: 28 bytes leftover after parsing attributes in process `syz.2.381'. [ 158.975297][ T7181] netlink: 28 bytes leftover after parsing attributes in process `syz.1.382'. [ 159.936184][ T7186] netlink: 28 bytes leftover after parsing attributes in process `syz.3.384'. [ 160.437327][ T7207] netlink: 28 bytes leftover after parsing attributes in process `syz.3.390'. [ 160.741510][ T7213] netlink: 'syz.2.389': attribute type 33 has an invalid length. [ 160.786461][ T7213] netlink: 322 bytes leftover after parsing attributes in process `syz.2.389'. [ 161.687918][ T7236] FAULT_INJECTION: forcing a failure. [ 161.687918][ T7236] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.716721][ T7236] CPU: 0 UID: 0 PID: 7236 Comm: syz.3.399 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 161.727413][ T7236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 161.738579][ T7236] Call Trace: [ 161.738606][ T7236] [ 161.738620][ T7236] dump_stack_lvl+0x16c/0x1f0 [ 161.738669][ T7236] should_fail_ex+0x497/0x5b0 [ 161.738719][ T7236] _copy_to_user+0x32/0xd0 [ 161.738772][ T7236] mon_text_copy_to_user+0xd7/0x190 [ 161.738832][ T7236] mon_text_read_t+0x47c/0x5f0 [ 161.738894][ T7236] ? __pfx_mon_text_read_t+0x10/0x10 [ 161.738962][ T7236] full_proxy_read+0xfb/0x1b0 [ 161.739005][ T7236] ? __pfx_full_proxy_read+0x10/0x10 [ 161.739051][ T7236] vfs_read+0x1df/0xbe0 [ 161.739093][ T7236] ? __fget_files+0x1fc/0x3a0 [ 161.739136][ T7236] ? __pfx___mutex_lock+0x10/0x10 [ 161.739179][ T7236] ? __pfx_vfs_read+0x10/0x10 [ 161.739231][ T7236] ? __fget_files+0x206/0x3a0 [ 161.739283][ T7236] ksys_read+0x12b/0x250 [ 161.739324][ T7236] ? __pfx_ksys_read+0x10/0x10 [ 161.739377][ T7236] do_syscall_64+0xcd/0x250 [ 161.739426][ T7236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.739473][ T7236] RIP: 0033:0x7f8d93d85d29 [ 161.739502][ T7236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.739544][ T7236] RSP: 002b:00007f8d91bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 161.739579][ T7236] RAX: ffffffffffffffda RBX: 00007f8d93f75fa0 RCX: 00007f8d93d85d29 [ 161.739603][ T7236] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000004 [ 161.739625][ T7236] RBP: 00007f8d91bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 161.739649][ T7236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.739672][ T7236] R13: 0000000000000000 R14: 00007f8d93f75fa0 R15: 00007ffcc2e79f98 [ 161.739717][ T7236] [ 162.493852][ T7251] netlink: 28 bytes leftover after parsing attributes in process `syz.1.403'. [ 162.530870][ T7252] netlink: 'syz.3.404': attribute type 33 has an invalid length. [ 162.530903][ T7252] netlink: 322 bytes leftover after parsing attributes in process `syz.3.404'. [ 162.672959][ T7238] tty tty10: ldisc open failed (-12), clearing slot 9 [ 162.960691][ T7260] netlink: 28 bytes leftover after parsing attributes in process `syz.3.406'. [ 163.480350][ T7269] netlink: 28 bytes leftover after parsing attributes in process `syz.3.409'. [ 163.504529][ T7271] netlink: 28 bytes leftover after parsing attributes in process `syz.0.410'. [ 163.775287][ T7278] netlink: 8 bytes leftover after parsing attributes in process `syz.0.412'. [ 164.027799][ T7283] netlink: 28 bytes leftover after parsing attributes in process `syz.0.413'. [ 164.139285][ T7285] FAULT_INJECTION: forcing a failure. [ 164.139285][ T7285] name failslab, interval 1, probability 0, space 0, times 0 [ 164.184441][ T7285] CPU: 1 UID: 0 PID: 7285 Comm: syz.2.415 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 164.195167][ T7285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 164.205288][ T7285] Call Trace: [ 164.208617][ T7285] [ 164.211595][ T7285] dump_stack_lvl+0x16c/0x1f0 [ 164.216347][ T7285] should_fail_ex+0x497/0x5b0 [ 164.221184][ T7285] ? fs_reclaim_acquire+0xae/0x150 [ 164.226366][ T7285] should_failslab+0xc2/0x120 [ 164.231118][ T7285] __kmalloc_noprof+0xce/0x4f0 [ 164.235962][ T7285] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 164.241661][ T7285] ? tomoyo_realpath_from_path+0xbf/0x710 [ 164.247463][ T7285] tomoyo_realpath_from_path+0xbf/0x710 [ 164.253085][ T7285] ? tomoyo_path_number_perm+0x235/0x5b0 [ 164.258814][ T7285] tomoyo_path_number_perm+0x248/0x5b0 [ 164.264358][ T7285] ? tomoyo_path_number_perm+0x235/0x5b0 [ 164.270083][ T7285] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 164.276229][ T7285] ? __pfx_lock_release+0x10/0x10 [ 164.281321][ T7285] ? trace_lock_acquire+0x14e/0x1f0 [ 164.286602][ T7285] ? lock_acquire+0x2f/0xb0 [ 164.291256][ T7285] ? __fget_files+0x40/0x3a0 [ 164.295927][ T7285] ? __fget_files+0x206/0x3a0 [ 164.300690][ T7285] security_file_ioctl+0x9b/0x240 [ 164.305785][ T7285] __x64_sys_ioctl+0xb7/0x200 [ 164.310535][ T7285] do_syscall_64+0xcd/0x250 [ 164.315119][ T7285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.321095][ T7285] RIP: 0033:0x7fb651585d29 [ 164.325576][ T7285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.345246][ T7285] RSP: 002b:00007fb65246a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 164.353727][ T7285] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb651585d29 [ 164.361765][ T7285] RDX: 0000000000000001 RSI: 0000000000004b32 RDI: 0000000000000003 [ 164.369811][ T7285] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 164.377841][ T7285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.385871][ T7285] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 164.393934][ T7285] [ 164.429156][ T7289] netlink: 28 bytes leftover after parsing attributes in process `syz.3.417'. [ 164.437632][ T7285] ERROR: Out of memory at tomoyo_realpath_from_path. [ 164.470647][ T7295] binder: 7294:7295 ioctl 40046210 9 returned -14 [ 164.521536][ T7297] FAULT_INJECTION: forcing a failure. [ 164.521536][ T7297] name failslab, interval 1, probability 0, space 0, times 0 [ 164.541868][ T7297] CPU: 1 UID: 0 PID: 7297 Comm: syz.2.419 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 164.552576][ T7297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 164.562689][ T7297] Call Trace: [ 164.566015][ T7297] [ 164.568995][ T7297] dump_stack_lvl+0x16c/0x1f0 [ 164.573757][ T7297] should_fail_ex+0x497/0x5b0 [ 164.578505][ T7297] ? fs_reclaim_acquire+0xae/0x150 [ 164.583691][ T7297] should_failslab+0xc2/0x120 [ 164.588455][ T7297] __kmalloc_noprof+0xce/0x4f0 [ 164.593302][ T7297] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 164.599004][ T7297] ? tomoyo_realpath_from_path+0xbf/0x710 [ 164.604793][ T7297] tomoyo_realpath_from_path+0xbf/0x710 [ 164.610415][ T7297] ? tomoyo_path_number_perm+0x235/0x5b0 [ 164.616138][ T7297] tomoyo_path_number_perm+0x248/0x5b0 [ 164.621680][ T7297] ? tomoyo_path_number_perm+0x235/0x5b0 [ 164.627406][ T7297] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 164.633772][ T7297] ? __pfx_lock_release+0x10/0x10 [ 164.638879][ T7297] ? trace_lock_acquire+0x14e/0x1f0 [ 164.644163][ T7297] ? lock_acquire+0x2f/0xb0 [ 164.648728][ T7297] ? __fget_files+0x40/0x3a0 [ 164.653393][ T7297] ? __fget_files+0x206/0x3a0 [ 164.658150][ T7297] security_file_ioctl+0x9b/0x240 [ 164.663246][ T7297] __x64_sys_ioctl+0xb7/0x200 [ 164.667993][ T7297] do_syscall_64+0xcd/0x250 [ 164.672571][ T7297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.678539][ T7297] RIP: 0033:0x7fb651585d29 [ 164.683007][ T7297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.702740][ T7297] RSP: 002b:00007fb65246a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 164.711244][ T7297] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb651585d29 [ 164.719272][ T7297] RDX: 0000000000000009 RSI: 0000000040046210 RDI: 0000000000000003 [ 164.727302][ T7297] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 164.735333][ T7297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.743363][ T7297] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 164.751412][ T7297] [ 164.779430][ T7297] ERROR: Out of memory at tomoyo_realpath_from_path. [ 164.786271][ T7297] binder: 7296:7297 ioctl 40046210 9 returned -14 [ 164.840172][ T7302] binder: 7298:7302 ioctl 40046210 9 returned -14 [ 165.746646][ T7328] FAULT_INJECTION: forcing a failure. [ 165.746646][ T7328] name failslab, interval 1, probability 0, space 0, times 0 [ 165.859541][ T7328] CPU: 0 UID: 0 PID: 7328 Comm: syz.3.431 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 165.870225][ T7328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 165.880335][ T7328] Call Trace: [ 165.883663][ T7328] [ 165.886633][ T7328] dump_stack_lvl+0x16c/0x1f0 [ 165.891376][ T7328] should_fail_ex+0x497/0x5b0 [ 165.896124][ T7328] ? fs_reclaim_acquire+0xae/0x150 [ 165.901304][ T7328] should_failslab+0xc2/0x120 [ 165.906068][ T7328] __kmalloc_noprof+0xce/0x4f0 [ 165.910904][ T7328] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 165.916593][ T7328] ? tomoyo_realpath_from_path+0xbf/0x710 [ 165.922390][ T7328] tomoyo_realpath_from_path+0xbf/0x710 [ 165.928009][ T7328] ? tomoyo_path_number_perm+0x235/0x5b0 [ 165.933726][ T7328] tomoyo_path_number_perm+0x248/0x5b0 [ 165.939268][ T7328] ? tomoyo_path_number_perm+0x235/0x5b0 [ 165.944987][ T7328] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 165.951051][ T7328] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 165.956835][ T7328] security_file_ioctl+0x9b/0x240 [ 165.961928][ T7328] __x64_sys_ioctl+0xb7/0x200 [ 165.966667][ T7328] do_syscall_64+0xcd/0x250 [ 165.971259][ T7328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.977222][ T7328] RIP: 0033:0x7f8d93d85d29 [ 165.981689][ T7328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.001353][ T7328] RSP: 002b:00007f8d91bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 166.009832][ T7328] RAX: ffffffffffffffda RBX: 00007f8d93f75fa0 RCX: 00007f8d93d85d29 [ 166.017862][ T7328] RDX: 0000000000000008 RSI: 000000000000890c RDI: 0000000000000001 [ 166.025888][ T7328] RBP: 00007f8d91bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 166.033914][ T7328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.041941][ T7328] R13: 0000000000000000 R14: 00007f8d93f75fa0 R15: 00007ffcc2e79f98 [ 166.049984][ T7328] [ 166.165039][ T7328] ERROR: Out of memory at tomoyo_realpath_from_path. [ 166.605743][ T7346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.436'. [ 166.821035][ T7352] Invalid ELF header magic: != ELF [ 166.854798][ T7354] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'. [ 166.917574][ T7354] FAULT_INJECTION: forcing a failure. [ 166.917574][ T7354] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 167.010015][ T7354] CPU: 0 UID: 0 PID: 7354 Comm: syz.1.438 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 167.020704][ T7354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 167.030813][ T7354] Call Trace: [ 167.034134][ T7354] [ 167.037113][ T7354] dump_stack_lvl+0x16c/0x1f0 [ 167.041854][ T7354] should_fail_ex+0x497/0x5b0 [ 167.046611][ T7354] _copy_to_user+0x32/0xd0 [ 167.051105][ T7354] simple_read_from_buffer+0xd0/0x160 [ 167.056537][ T7354] proc_fail_nth_read+0x198/0x270 [ 167.061635][ T7354] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 167.067228][ T7354] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 167.072818][ T7354] vfs_read+0x1df/0xbe0 [ 167.077010][ T7354] ? __pfx_vfs_read+0x10/0x10 [ 167.081731][ T7354] ? do_sys_openat2+0xb1/0x1e0 [ 167.086557][ T7354] ? __sys_sendmsg+0x19a/0x220 [ 167.091397][ T7354] ? __pfx___sys_sendmsg+0x10/0x10 [ 167.096561][ T7354] ksys_read+0x12b/0x250 [ 167.100845][ T7354] ? __pfx_ksys_read+0x10/0x10 [ 167.105653][ T7354] do_syscall_64+0xcd/0x250 [ 167.110197][ T7354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.116128][ T7354] RIP: 0033:0x7f433918473c [ 167.120568][ T7354] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 167.140208][ T7354] RSP: 002b:00007f4339fad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 167.148659][ T7354] RAX: ffffffffffffffda RBX: 00007f4339376080 RCX: 00007f433918473c [ 167.156661][ T7354] RDX: 000000000000000f RSI: 00007f4339fad0a0 RDI: 0000000000000003 [ 167.164661][ T7354] RBP: 00007f4339fad090 R08: 0000000000000000 R09: 0000000000000000 [ 167.172683][ T7354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.180677][ T7354] R13: 0000000000000000 R14: 00007f4339376080 R15: 00007ffe0af98278 [ 167.188687][ T7354] [ 167.217699][ T7352] Invalid ELF header magic: != ELF [ 168.625435][ T7395] netlink: 28 bytes leftover after parsing attributes in process `syz.1.449'. [ 169.015256][ T7400] netlink: 28 bytes leftover after parsing attributes in process `syz.3.451'. [ 169.498246][ T7416] FAULT_INJECTION: forcing a failure. [ 169.498246][ T7416] name failslab, interval 1, probability 0, space 0, times 0 [ 169.546795][ T7416] CPU: 1 UID: 0 PID: 7416 Comm: syz.0.456 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 169.557489][ T7416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 169.567608][ T7416] Call Trace: [ 169.570942][ T7416] [ 169.573927][ T7416] dump_stack_lvl+0x16c/0x1f0 [ 169.578683][ T7416] should_fail_ex+0x497/0x5b0 [ 169.583446][ T7416] ? fs_reclaim_acquire+0xae/0x150 [ 169.588631][ T7416] should_failslab+0xc2/0x120 [ 169.593391][ T7416] __kmalloc_node_noprof+0xd1/0x520 [ 169.598676][ T7416] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 169.604218][ T7416] __kvmalloc_node_noprof+0xad/0x1a0 [ 169.609576][ T7416] seq_read_iter+0x82a/0x12b0 [ 169.614323][ T7416] ? __mutex_trylock_common+0xea/0x250 [ 169.619850][ T7416] kernfs_fop_read_iter+0x414/0x580 [ 169.625110][ T7416] ? rw_verify_area+0xd0/0x700 [ 169.629927][ T7416] vfs_read+0x87f/0xbe0 [ 169.634153][ T7416] ? __pfx_vfs_read+0x10/0x10 [ 169.638917][ T7416] ksys_read+0x12b/0x250 [ 169.643223][ T7416] ? __pfx_ksys_read+0x10/0x10 [ 169.648066][ T7416] do_syscall_64+0xcd/0x250 [ 169.652649][ T7416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.658624][ T7416] RIP: 0033:0x7f5b58d85d29 [ 169.663089][ T7416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.682759][ T7416] RSP: 002b:00007f5b59ae0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 169.691240][ T7416] RAX: ffffffffffffffda RBX: 00007f5b58f75fa0 RCX: 00007f5b58d85d29 [ 169.699269][ T7416] RDX: 00000000000001ff RSI: 0000000020000000 RDI: 0000000000000003 [ 169.707315][ T7416] RBP: 00007f5b59ae0090 R08: 0000000000000000 R09: 0000000000000000 [ 169.715348][ T7416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 169.723370][ T7416] R13: 0000000000000000 R14: 00007f5b58f75fa0 R15: 00007ffd2bd50ca8 [ 169.731401][ T7416] [ 169.831198][ T7418] netlink: 4 bytes leftover after parsing attributes in process `syz.2.457'. [ 169.851460][ T7418] netlink: 4 bytes leftover after parsing attributes in process `syz.2.457'. [ 169.947080][ T7421] netlink: 28 bytes leftover after parsing attributes in process `syz.3.458'. [ 171.049564][ T7449] netlink: 28 bytes leftover after parsing attributes in process `syz.0.467'. [ 171.472353][ T7456] netlink: 28 bytes leftover after parsing attributes in process `syz.3.470'. [ 171.993581][ T7479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.476'. [ 172.009172][ T7479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.476'. [ 172.839880][ T7501] mkiss: ax0: crc mode is auto. [ 173.060299][ T7506] netlink: 4 bytes leftover after parsing attributes in process `syz.1.486'. [ 173.338400][ T7510] netlink: 'syz.1.495': attribute type 33 has an invalid length. [ 173.906685][ T7526] __nla_validate_parse: 3 callbacks suppressed [ 173.906710][ T7526] netlink: 16 bytes leftover after parsing attributes in process `syz.0.491'. [ 174.674562][ T7543] netlink: 28 bytes leftover after parsing attributes in process `syz.2.498'. [ 175.387832][ T7557] netlink: 28 bytes leftover after parsing attributes in process `syz.2.502'. [ 175.878124][ T7575] FAULT_INJECTION: forcing a failure. [ 175.878124][ T7575] name failslab, interval 1, probability 0, space 0, times 0 [ 175.922489][ T7575] CPU: 0 UID: 0 PID: 7575 Comm: syz.3.510 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 175.933180][ T7575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 175.943291][ T7575] Call Trace: [ 175.946612][ T7575] [ 175.949577][ T7575] dump_stack_lvl+0x16c/0x1f0 [ 175.954325][ T7575] should_fail_ex+0x497/0x5b0 [ 175.959068][ T7575] ? fs_reclaim_acquire+0xae/0x150 [ 175.964245][ T7575] should_failslab+0xc2/0x120 [ 175.968998][ T7575] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 175.974439][ T7575] ? getname_flags.part.0+0x4c/0x550 [ 175.979806][ T7575] ? vfs_write+0x306/0x1150 [ 175.984377][ T7575] getname_flags.part.0+0x4c/0x550 [ 175.989659][ T7575] getname+0x8d/0xe0 [ 175.993621][ T7575] do_sys_openat2+0x104/0x1e0 [ 175.998372][ T7575] ? __pfx_do_sys_openat2+0x10/0x10 [ 176.003644][ T7575] ? __fget_files+0x206/0x3a0 [ 176.008476][ T7575] __x64_sys_openat+0x175/0x210 [ 176.013403][ T7575] ? __pfx___x64_sys_openat+0x10/0x10 [ 176.018857][ T7575] ? ksys_write+0x1ba/0x250 [ 176.023430][ T7575] do_syscall_64+0xcd/0x250 [ 176.027995][ T7575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.033952][ T7575] RIP: 0033:0x7f8d93d85d29 [ 176.038413][ T7575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.058081][ T7575] RSP: 002b:00007f8d91bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 176.066564][ T7575] RAX: ffffffffffffffda RBX: 00007f8d93f75fa0 RCX: 00007f8d93d85d29 [ 176.074602][ T7575] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 176.082626][ T7575] RBP: 00007f8d91bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 176.090658][ T7575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 176.098681][ T7575] R13: 0000000000000000 R14: 00007f8d93f75fa0 R15: 00007ffcc2e79f98 [ 176.106731][ T7575] [ 176.242452][ T7582] netlink: 'syz.1.512': attribute type 33 has an invalid length. [ 176.250750][ T7582] netlink: 322 bytes leftover after parsing attributes in process `syz.1.512'. [ 176.412081][ T7588] mkiss: ax0: crc mode is auto. [ 178.318208][ T7615] FAULT_INJECTION: forcing a failure. [ 178.318208][ T7615] name failslab, interval 1, probability 0, space 0, times 0 [ 178.353645][ T7615] CPU: 1 UID: 0 PID: 7615 Comm: syz.1.522 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 178.364347][ T7615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 178.374493][ T7615] Call Trace: [ 178.377821][ T7615] [ 178.380799][ T7615] dump_stack_lvl+0x16c/0x1f0 [ 178.385547][ T7615] should_fail_ex+0x497/0x5b0 [ 178.390289][ T7615] ? fs_reclaim_acquire+0xae/0x150 [ 178.395466][ T7615] should_failslab+0xc2/0x120 [ 178.400218][ T7615] __kmalloc_node_noprof+0xd1/0x520 [ 178.405490][ T7615] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 178.411037][ T7615] __kvmalloc_node_noprof+0xad/0x1a0 [ 178.416396][ T7615] io_uring_setup+0x920/0x3230 [ 178.421264][ T7615] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 178.427321][ T7615] ? __pfx_io_uring_setup+0x10/0x10 [ 178.432605][ T7615] ? __fget_files+0x206/0x3a0 [ 178.437365][ T7615] ? ksys_write+0x1ba/0x250 [ 178.441934][ T7615] ? __pfx_ksys_write+0x10/0x10 [ 178.446858][ T7615] __x64_sys_io_uring_setup+0x98/0x140 [ 178.452392][ T7615] do_syscall_64+0xcd/0x250 [ 178.456968][ T7615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.462932][ T7615] RIP: 0033:0x7f4339185d29 [ 178.467399][ T7615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.487070][ T7615] RSP: 002b:00007f4339fce038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 178.495578][ T7615] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f4339185d29 [ 178.503616][ T7615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 178.511648][ T7615] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 178.519729][ T7615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.527755][ T7615] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 178.535801][ T7615] [ 178.538960][ C1] vkms_vblank_simulate: vblank timer overrun [ 178.545004][ T7623] netlink: 28 bytes leftover after parsing attributes in process `syz.0.523'. [ 179.213233][ T7633] netlink: 'syz.2.528': attribute type 33 has an invalid length. [ 179.222109][ T7633] netlink: 322 bytes leftover after parsing attributes in process `syz.2.528'. [ 179.613240][ T7648] netlink: 28 bytes leftover after parsing attributes in process `syz.2.533'. [ 180.212391][ T7651] Invalid ELF header magic: != ELF [ 180.679367][ T7668] program syz.1.537 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 181.567319][ T7687] FAULT_INJECTION: forcing a failure. [ 181.567319][ T7687] name failslab, interval 1, probability 0, space 0, times 0 [ 181.596518][ T7687] CPU: 1 UID: 0 PID: 7687 Comm: syz.2.544 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 181.607216][ T7687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 181.617330][ T7687] Call Trace: [ 181.620646][ T7687] [ 181.623627][ T7687] dump_stack_lvl+0x16c/0x1f0 [ 181.628373][ T7687] should_fail_ex+0x497/0x5b0 [ 181.633120][ T7687] ? fs_reclaim_acquire+0xae/0x150 [ 181.638301][ T7687] should_failslab+0xc2/0x120 [ 181.643054][ T7687] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 181.648934][ T7687] ? __alloc_skb+0x2b3/0x380 [ 181.653605][ T7687] __alloc_skb+0x2b3/0x380 [ 181.658103][ T7687] ? __pfx___alloc_skb+0x10/0x10 [ 181.663119][ T7687] ? lock_acquire+0x2f/0xb0 [ 181.667694][ T7687] netlink_alloc_large_skb+0x69/0x130 [ 181.673128][ T7687] netlink_sendmsg+0x689/0xd70 [ 181.677978][ T7687] ? __pfx_netlink_sendmsg+0x10/0x10 [ 181.683337][ T7687] ____sys_sendmsg+0x9ae/0xb40 [ 181.688158][ T7687] ? copy_msghdr_from_user+0x10b/0x160 [ 181.693687][ T7687] ? __pfx_____sys_sendmsg+0x10/0x10 [ 181.699051][ T7687] ___sys_sendmsg+0x135/0x1e0 [ 181.703798][ T7687] ? __pfx____sys_sendmsg+0x10/0x10 [ 181.709078][ T7687] ? __pfx_lock_release+0x10/0x10 [ 181.714164][ T7687] ? trace_lock_acquire+0x14e/0x1f0 [ 181.719429][ T7687] ? __fget_files+0x206/0x3a0 [ 181.724163][ T7687] __sys_sendmsg+0x16e/0x220 [ 181.728809][ T7687] ? __pfx___sys_sendmsg+0x10/0x10 [ 181.734022][ T7687] do_syscall_64+0xcd/0x250 [ 181.738573][ T7687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.744510][ T7687] RIP: 0033:0x7fb651585d29 [ 181.748953][ T7687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.768605][ T7687] RSP: 002b:00007fb65246a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 181.777054][ T7687] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb651585d29 [ 181.785057][ T7687] RDX: 0000000000000000 RSI: 0000000020003f40 RDI: 0000000000000003 [ 181.793050][ T7687] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 181.801047][ T7687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.809047][ T7687] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 181.817067][ T7687] [ 181.820263][ C1] vkms_vblank_simulate: vblank timer overrun [ 183.156524][ T7712] netlink: 28 bytes leftover after parsing attributes in process `syz.0.551'. [ 183.288277][ T7717] netlink: 28 bytes leftover after parsing attributes in process `syz.1.553'. [ 183.919622][ T7723] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.556'. [ 183.970299][ T7723] netlink: 8 bytes leftover after parsing attributes in process `syz.2.556'. [ 185.151351][ T7759] netlink: 'syz.0.566': attribute type 33 has an invalid length. [ 185.159296][ T7759] netlink: 322 bytes leftover after parsing attributes in process `syz.0.566'. [ 185.209755][ T7746] netlink: 28 bytes leftover after parsing attributes in process `syz.2.563'. [ 185.298665][ T7746] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 185.384873][ T7767] netlink: 'syz.0.578': attribute type 33 has an invalid length. [ 185.403108][ T7767] netlink: 322 bytes leftover after parsing attributes in process `syz.0.578'. [ 185.971954][ T7779] FAULT_INJECTION: forcing a failure. [ 185.971954][ T7779] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.010705][ T7779] CPU: 1 UID: 0 PID: 7779 Comm: syz.2.575 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 186.021386][ T7779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 186.031494][ T7779] Call Trace: [ 186.034821][ T7779] [ 186.037796][ T7779] dump_stack_lvl+0x16c/0x1f0 [ 186.042542][ T7779] should_fail_ex+0x497/0x5b0 [ 186.047299][ T7779] _copy_to_user+0x32/0xd0 [ 186.051806][ T7779] simple_read_from_buffer+0xd0/0x160 [ 186.057240][ T7779] proc_fail_nth_read+0x198/0x270 [ 186.062335][ T7779] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 186.067957][ T7779] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 186.073553][ T7779] vfs_read+0x1df/0xbe0 [ 186.077744][ T7779] ? __fget_files+0x1fc/0x3a0 [ 186.082469][ T7779] ? __pfx___mutex_lock+0x10/0x10 [ 186.087534][ T7779] ? __pfx_vfs_read+0x10/0x10 [ 186.092255][ T7779] ? __fget_files+0x206/0x3a0 [ 186.096985][ T7779] ksys_read+0x12b/0x250 [ 186.101262][ T7779] ? __pfx_ksys_read+0x10/0x10 [ 186.106072][ T7779] do_syscall_64+0xcd/0x250 [ 186.110619][ T7779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.116559][ T7779] RIP: 0033:0x7fb65158473c [ 186.120998][ T7779] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 186.140641][ T7779] RSP: 002b:00007fb65246a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 186.149086][ T7779] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb65158473c [ 186.157085][ T7779] RDX: 000000000000000f RSI: 00007fb65246a0a0 RDI: 0000000000000004 [ 186.165083][ T7779] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 186.173167][ T7779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.181164][ T7779] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 186.189184][ T7779] [ 186.361416][ T7783] netlink: 28 bytes leftover after parsing attributes in process `syz.3.576'. [ 186.424540][ T7770] netlink: 28 bytes leftover after parsing attributes in process `syz.0.571'. [ 186.485578][ T7770] bond0: (slave bond_slave_0): Releasing backup interface [ 186.789707][ T7793] netlink: 'syz.1.580': attribute type 33 has an invalid length. [ 186.797734][ T7793] netlink: 322 bytes leftover after parsing attributes in process `syz.1.580'. [ 187.177477][ T7802] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.586'. [ 187.212908][ T7802] netlink: 8 bytes leftover after parsing attributes in process `syz.1.586'. [ 187.654675][ T7814] netlink: 'syz.0.591': attribute type 33 has an invalid length. [ 187.662854][ T7814] netlink: 322 bytes leftover after parsing attributes in process `syz.0.591'. [ 187.710215][ T7818] FAULT_INJECTION: forcing a failure. [ 187.710215][ T7818] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 187.786473][ T7818] CPU: 1 UID: 0 PID: 7818 Comm: syz.1.590 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 187.797160][ T7818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 187.807273][ T7818] Call Trace: [ 187.810594][ T7818] [ 187.813596][ T7818] dump_stack_lvl+0x16c/0x1f0 [ 187.818343][ T7818] should_fail_ex+0x497/0x5b0 [ 187.823098][ T7818] _copy_to_user+0x32/0xd0 [ 187.827601][ T7818] simple_read_from_buffer+0xd0/0x160 [ 187.833039][ T7818] proc_fail_nth_read+0x198/0x270 [ 187.838147][ T7818] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 187.843783][ T7818] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 187.849408][ T7818] vfs_read+0x1df/0xbe0 [ 187.853632][ T7818] ? __fget_files+0x1fc/0x3a0 [ 187.858391][ T7818] ? __pfx___mutex_lock+0x10/0x10 [ 187.863497][ T7818] ? __pfx_vfs_read+0x10/0x10 [ 187.868257][ T7818] ? __fget_files+0x206/0x3a0 [ 187.873014][ T7818] ksys_read+0x12b/0x250 [ 187.877322][ T7818] ? __pfx_ksys_read+0x10/0x10 [ 187.882163][ T7818] do_syscall_64+0xcd/0x250 [ 187.886735][ T7818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.892694][ T7818] RIP: 0033:0x7f433918473c [ 187.897158][ T7818] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 187.916823][ T7818] RSP: 002b:00007f4339fce030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 187.925307][ T7818] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f433918473c [ 187.933342][ T7818] RDX: 000000000000000f RSI: 00007f4339fce0a0 RDI: 0000000000000004 [ 187.941378][ T7818] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 187.949407][ T7818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 187.957434][ T7818] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 187.965489][ T7818] [ 188.460126][ T7839] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.599'. [ 188.937419][ T7858] FAULT_INJECTION: forcing a failure. [ 188.937419][ T7858] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 188.950971][ T7858] CPU: 1 UID: 0 PID: 7858 Comm: syz.1.603 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 188.961637][ T7858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 188.971749][ T7858] Call Trace: [ 188.975078][ T7858] [ 188.978060][ T7858] dump_stack_lvl+0x16c/0x1f0 [ 188.982808][ T7858] should_fail_ex+0x497/0x5b0 [ 188.987573][ T7858] _copy_to_iter+0x29b/0x1400 [ 188.992330][ T7858] ? trace_lock_acquire+0x14e/0x1f0 [ 188.997600][ T7858] ? __pfx_lock_release+0x10/0x10 [ 189.002698][ T7858] ? __pfx__copy_to_iter+0x10/0x10 [ 189.007883][ T7858] ? __virt_addr_valid+0x1a4/0x590 [ 189.013070][ T7858] ? __virt_addr_valid+0x5e/0x590 [ 189.018169][ T7858] ? __phys_addr_symbol+0x30/0x80 [ 189.023263][ T7858] ? __check_object_size+0x488/0x710 [ 189.028631][ T7858] seq_read_iter+0xd00/0x12b0 [ 189.033382][ T7858] kernfs_fop_read_iter+0x414/0x580 [ 189.038650][ T7858] ? rw_verify_area+0xd0/0x700 [ 189.043480][ T7858] vfs_read+0x87f/0xbe0 [ 189.047711][ T7858] ? __pfx_vfs_read+0x10/0x10 [ 189.052481][ T7858] ksys_read+0x12b/0x250 [ 189.056791][ T7858] ? __pfx_ksys_read+0x10/0x10 [ 189.061626][ T7858] do_syscall_64+0xcd/0x250 [ 189.066201][ T7858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.072162][ T7858] RIP: 0033:0x7f4339185d29 [ 189.076628][ T7858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.096296][ T7858] RSP: 002b:00007f4339fce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 189.104781][ T7858] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f4339185d29 [ 189.112807][ T7858] RDX: 0000000000000009 RSI: 0000000020000040 RDI: 0000000000000003 [ 189.120839][ T7858] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 189.128872][ T7858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.136901][ T7858] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 189.144962][ T7858] [ 189.646261][ T29] audit: type=1800 audit(1735256235.824:2): pid=7856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.601" name="dbroot" dev="configfs" ino=15586 res=0 errno=0 [ 190.669217][ T7904] __nla_validate_parse: 1 callbacks suppressed [ 190.669246][ T7904] netlink: 28 bytes leftover after parsing attributes in process `syz.0.617'. [ 191.308222][ T7921] netlink: 28 bytes leftover after parsing attributes in process `syz.2.622'. [ 191.688727][ T7931] netlink: 28 bytes leftover after parsing attributes in process `syz.1.625'. [ 191.743880][ T7936] binder: 7935:7936 ioctl 40046210 9 returned -14 [ 192.149051][ T7946] binder: 7945:7946 ioctl 40046210 9 returned -14 [ 192.506852][ T7961] binder: 7958:7961 ioctl 40046210 9 returned -14 [ 192.646111][ T7965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.637'. [ 192.872782][ T7968] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.638'. [ 193.188265][ T7975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.640'. [ 194.012859][ T7998] netlink: 28 bytes leftover after parsing attributes in process `syz.1.648'. [ 194.352540][ T8004] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.649'. [ 195.493711][ T8030] netlink: 28 bytes leftover after parsing attributes in process `syz.1.658'. [ 195.505714][ T8034] netlink: 28 bytes leftover after parsing attributes in process `syz.2.659'. [ 196.740778][ T8040] netlink: 28 bytes leftover after parsing attributes in process `syz.2.661'. [ 196.863699][ T8040] bond0: (slave bond_slave_0): Releasing backup interface [ 197.247526][ T8062] netlink: 28 bytes leftover after parsing attributes in process `syz.0.669'. [ 197.268216][ T8061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.668'. [ 197.722391][ T8073] netlink: 28 bytes leftover after parsing attributes in process `syz.1.673'. [ 198.756467][ T8101] netlink: 28 bytes leftover after parsing attributes in process `syz.1.681'. [ 199.125396][ T8109] netlink: 28 bytes leftover after parsing attributes in process `syz.3.682'. [ 199.705210][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.713024][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.807575][ T8127] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 200.120451][ T8136] FAULT_INJECTION: forcing a failure. [ 200.120451][ T8136] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 200.136116][ T8135] netlink: 28 bytes leftover after parsing attributes in process `syz.1.694'. [ 200.145981][ T8136] CPU: 1 UID: 0 PID: 8136 Comm: syz.3.692 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 200.156648][ T8136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 200.166752][ T8136] Call Trace: [ 200.170074][ T8136] [ 200.173045][ T8136] dump_stack_lvl+0x16c/0x1f0 [ 200.177795][ T8136] should_fail_ex+0x497/0x5b0 [ 200.182555][ T8136] _copy_to_iter+0x29b/0x1400 [ 200.187310][ T8136] ? trace_lock_acquire+0x14e/0x1f0 [ 200.192580][ T8136] ? __pfx_lock_release+0x10/0x10 [ 200.197665][ T8136] ? __pfx__copy_to_iter+0x10/0x10 [ 200.202853][ T8136] ? __virt_addr_valid+0x1a4/0x590 [ 200.208036][ T8136] ? __virt_addr_valid+0x5e/0x590 [ 200.213131][ T8136] ? __phys_addr_symbol+0x30/0x80 [ 200.218225][ T8136] ? __check_object_size+0x488/0x710 [ 200.223587][ T8136] seq_read_iter+0xd00/0x12b0 [ 200.228346][ T8136] kernfs_fop_read_iter+0x414/0x580 [ 200.233613][ T8136] ? rw_verify_area+0xd0/0x700 [ 200.238440][ T8136] vfs_read+0x87f/0xbe0 [ 200.242666][ T8136] ? __pfx_vfs_read+0x10/0x10 [ 200.247418][ T8136] ksys_read+0x12b/0x250 [ 200.251699][ T8136] ? __pfx_ksys_read+0x10/0x10 [ 200.256530][ T8136] do_syscall_64+0xcd/0x250 [ 200.261081][ T8136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.267014][ T8136] RIP: 0033:0x7f8d93d85d29 [ 200.271454][ T8136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.291095][ T8136] RSP: 002b:00007f8d91bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 200.299544][ T8136] RAX: ffffffffffffffda RBX: 00007f8d93f75fa0 RCX: 00007f8d93d85d29 [ 200.307542][ T8136] RDX: 00000000000001ff RSI: 0000000020000000 RDI: 0000000000000003 [ 200.315540][ T8136] RBP: 00007f8d91bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 200.323537][ T8136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 200.331531][ T8136] R13: 0000000000000000 R14: 00007f8d93f75fa0 R15: 00007ffcc2e79f98 [ 200.339545][ T8136] [ 201.476877][ T8158] netlink: 28 bytes leftover after parsing attributes in process `syz.3.700'. [ 202.639333][ T8169] mkiss: ax0: crc mode is auto. [ 204.504414][ T8209] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 204.601255][ T8207] Invalid ELF header magic: != ELF [ 204.785691][ T8207] Invalid ELF header magic: != ELF [ 205.407102][ T8224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.720'. [ 206.340622][ T8247] FAULT_INJECTION: forcing a failure. [ 206.340622][ T8247] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 206.351645][ T8243] netlink: 28 bytes leftover after parsing attributes in process `syz.2.727'. [ 206.376464][ T8247] CPU: 1 UID: 0 PID: 8247 Comm: syz.1.729 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 206.387143][ T8247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 206.397230][ T8247] Call Trace: [ 206.400529][ T8247] [ 206.403483][ T8247] dump_stack_lvl+0x16c/0x1f0 [ 206.408204][ T8247] should_fail_ex+0x497/0x5b0 [ 206.412923][ T8247] strncpy_from_user+0x3b/0x2d0 [ 206.417814][ T8247] getname_flags.part.0+0x8f/0x550 [ 206.422974][ T8247] getname+0x8d/0xe0 [ 206.426905][ T8247] do_sys_openat2+0x104/0x1e0 [ 206.431631][ T8247] ? __pfx_do_sys_openat2+0x10/0x10 [ 206.436881][ T8247] ? __fget_files+0x206/0x3a0 [ 206.441606][ T8247] __x64_sys_openat+0x175/0x210 [ 206.446503][ T8247] ? __pfx___x64_sys_openat+0x10/0x10 [ 206.451921][ T8247] ? ksys_write+0x1ba/0x250 [ 206.456473][ T8247] do_syscall_64+0xcd/0x250 [ 206.461029][ T8247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.466966][ T8247] RIP: 0033:0x7f4339185d29 [ 206.471411][ T8247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.491053][ T8247] RSP: 002b:00007f4339fce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 206.499504][ T8247] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f4339185d29 [ 206.507502][ T8247] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 206.515500][ T8247] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 206.523499][ T8247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 206.531497][ T8247] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 206.539515][ T8247] [ 207.174848][ T8266] netlink: 28 bytes leftover after parsing attributes in process `syz.3.732'. [ 207.336081][ T8269] netlink: 28 bytes leftover after parsing attributes in process `syz.0.733'. [ 207.993848][ T8286] netlink: 28 bytes leftover after parsing attributes in process `syz.3.738'. [ 208.307330][ T8290] netlink: 28 bytes leftover after parsing attributes in process `syz.1.742'. [ 208.444561][ T8295] FAULT_INJECTION: forcing a failure. [ 208.444561][ T8295] name failslab, interval 1, probability 0, space 0, times 0 [ 208.501264][ T8295] CPU: 0 UID: 0 PID: 8295 Comm: syz.2.743 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 208.511950][ T8295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 208.522066][ T8295] Call Trace: [ 208.525387][ T8295] [ 208.528362][ T8295] dump_stack_lvl+0x16c/0x1f0 [ 208.533113][ T8295] should_fail_ex+0x497/0x5b0 [ 208.537865][ T8295] ? fs_reclaim_acquire+0xae/0x150 [ 208.543052][ T8295] should_failslab+0xc2/0x120 [ 208.547810][ T8295] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 208.553270][ T8295] ? getname_flags.part.0+0x4c/0x550 [ 208.558639][ T8295] ? vfs_write+0x306/0x1150 [ 208.563211][ T8295] getname_flags.part.0+0x4c/0x550 [ 208.568405][ T8295] getname+0x8d/0xe0 [ 208.572362][ T8295] do_sys_openat2+0x104/0x1e0 [ 208.577099][ T8295] ? __pfx_do_sys_openat2+0x10/0x10 [ 208.582350][ T8295] ? __fget_files+0x206/0x3a0 [ 208.587075][ T8295] __x64_sys_openat+0x175/0x210 [ 208.591973][ T8295] ? __pfx___x64_sys_openat+0x10/0x10 [ 208.597388][ T8295] ? ksys_write+0x1ba/0x250 [ 208.601935][ T8295] do_syscall_64+0xcd/0x250 [ 208.606484][ T8295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.612425][ T8295] RIP: 0033:0x7fb651585d29 [ 208.616873][ T8295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.636542][ T8295] RSP: 002b:00007fb65246a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 208.644996][ T8295] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb651585d29 [ 208.652999][ T8295] RDX: 0000000000080102 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 208.660999][ T8295] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 208.669009][ T8295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.677016][ T8295] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 208.685033][ T8295] [ 208.688202][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.956085][ T8308] netlink: 28 bytes leftover after parsing attributes in process `syz.0.745'. [ 210.085188][ T8337] netlink: 28 bytes leftover after parsing attributes in process `syz.3.754'. [ 210.133532][ T8338] netlink: 28 bytes leftover after parsing attributes in process `syz.2.753'. [ 212.017161][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 212.028140][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 212.034324][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 212.042688][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 212.165406][ T8377] netlink: 28 bytes leftover after parsing attributes in process `syz.3.768'. [ 212.559177][ T8384] netlink: 28 bytes leftover after parsing attributes in process `syz.1.770'. [ 212.774812][ T8387] mkiss: ax0: crc mode is auto. [ 212.844478][ T5842] Bluetooth: hci3: unexpected event 0x02 length: 0 < 1 [ 214.048516][ T8403] netlink: 28 bytes leftover after parsing attributes in process `syz.1.777'. [ 214.137493][ T8407] netlink: 28 bytes leftover after parsing attributes in process `syz.3.778'. [ 214.567944][ T8414] netlink: 28 bytes leftover after parsing attributes in process `syz.0.781'. [ 215.651933][ T8432] netlink: 28 bytes leftover after parsing attributes in process `syz.1.787'. [ 215.960961][ T8435] netlink: 28 bytes leftover after parsing attributes in process `syz.3.788'. [ 216.074044][ T8441] netlink: 28 bytes leftover after parsing attributes in process `syz.2.790'. [ 216.645015][ T8449] Invalid ELF header magic: != ELF [ 216.918259][ T8450] netlink: 28 bytes leftover after parsing attributes in process `syz.0.791'. [ 217.927034][ T8480] netlink: 28 bytes leftover after parsing attributes in process `syz.0.800'. [ 218.104193][ T8483] netlink: 28 bytes leftover after parsing attributes in process `syz.1.801'. [ 219.168610][ T8516] FAULT_INJECTION: forcing a failure. [ 219.168610][ T8516] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 219.217186][ T8516] CPU: 1 UID: 0 PID: 8516 Comm: syz.2.811 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 219.227873][ T8516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 219.237984][ T8516] Call Trace: [ 219.241305][ T8516] [ 219.244272][ T8516] dump_stack_lvl+0x16c/0x1f0 [ 219.249013][ T8516] should_fail_ex+0x497/0x5b0 [ 219.253758][ T8516] _copy_to_user+0x32/0xd0 [ 219.258245][ T8516] simple_read_from_buffer+0xd0/0x160 [ 219.263687][ T8516] proc_fail_nth_read+0x198/0x270 [ 219.268796][ T8516] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 219.274430][ T8516] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 219.280060][ T8516] vfs_read+0x1df/0xbe0 [ 219.284284][ T8516] ? __fget_files+0x1fc/0x3a0 [ 219.289032][ T8516] ? __pfx___mutex_lock+0x10/0x10 [ 219.294122][ T8516] ? __pfx_vfs_read+0x10/0x10 [ 219.298874][ T8516] ? __fget_files+0x206/0x3a0 [ 219.303636][ T8516] ksys_read+0x12b/0x250 [ 219.307943][ T8516] ? __pfx_ksys_read+0x10/0x10 [ 219.312782][ T8516] do_syscall_64+0xcd/0x250 [ 219.317359][ T8516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.323350][ T8516] RIP: 0033:0x7fb65158473c [ 219.327816][ T8516] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 219.347483][ T8516] RSP: 002b:00007fb65246a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 219.355929][ T8516] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb65158473c [ 219.363925][ T8516] RDX: 000000000000000f RSI: 00007fb65246a0a0 RDI: 0000000000000004 [ 219.371921][ T8516] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 219.379919][ T8516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 219.387915][ T8516] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 219.395930][ T8516] [ 219.553863][ T8511] netlink: 28 bytes leftover after parsing attributes in process `syz.3.812'. [ 220.194321][ T8541] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.817'. [ 220.517160][ T8546] netlink: 28 bytes leftover after parsing attributes in process `syz.3.823'. [ 221.011429][ T8562] netlink: 28 bytes leftover after parsing attributes in process `syz.3.827'. [ 222.456995][ T8593] netlink: 28 bytes leftover after parsing attributes in process `syz.3.838'. [ 222.642187][ T8596] netlink: 28 bytes leftover after parsing attributes in process `syz.0.839'. [ 223.198798][ T8609] FAULT_INJECTION: forcing a failure. [ 223.198798][ T8609] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 223.216117][ T8609] CPU: 0 UID: 0 PID: 8609 Comm: syz.2.842 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 223.226796][ T8609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 223.236908][ T8609] Call Trace: [ 223.240226][ T8609] [ 223.243205][ T8609] dump_stack_lvl+0x16c/0x1f0 [ 223.247946][ T8609] should_fail_ex+0x497/0x5b0 [ 223.252702][ T8609] _copy_to_user+0x32/0xd0 [ 223.257194][ T8609] simple_read_from_buffer+0xd0/0x160 [ 223.262623][ T8609] proc_fail_nth_read+0x198/0x270 [ 223.267724][ T8609] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 223.273347][ T8609] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 223.278975][ T8609] vfs_read+0x1df/0xbe0 [ 223.283190][ T8609] ? __fget_files+0x1fc/0x3a0 [ 223.287927][ T8609] ? __pfx___mutex_lock+0x10/0x10 [ 223.293021][ T8609] ? __pfx_vfs_read+0x10/0x10 [ 223.297777][ T8609] ? __fget_files+0x206/0x3a0 [ 223.302527][ T8609] ksys_read+0x12b/0x250 [ 223.306830][ T8609] ? __pfx_ksys_read+0x10/0x10 [ 223.311710][ T8609] do_syscall_64+0xcd/0x250 [ 223.316289][ T8609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.322249][ T8609] RIP: 0033:0x7fb65158473c [ 223.326715][ T8609] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 223.346385][ T8609] RSP: 002b:00007fb65246a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 223.354863][ T8609] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb65158473c [ 223.362976][ T8609] RDX: 000000000000000f RSI: 00007fb65246a0a0 RDI: 0000000000000004 [ 223.370998][ T8609] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 223.379024][ T8609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 223.387051][ T8609] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 223.395097][ T8609] [ 224.361534][ T8634] netlink: 28 bytes leftover after parsing attributes in process `syz.2.849'. [ 224.556029][ T8639] netlink: 28 bytes leftover after parsing attributes in process `syz.1.850'. [ 225.175680][ T29] audit: type=1326 audit(1735256271.354:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.0.854" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5b58d85d29 code=0x0 [ 225.592337][ T8668] FAULT_INJECTION: forcing a failure. [ 225.592337][ T8668] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 225.627918][ T8668] CPU: 1 UID: 0 PID: 8668 Comm: syz.1.862 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 225.638603][ T8668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 225.648725][ T8668] Call Trace: [ 225.652059][ T8668] [ 225.655035][ T8668] dump_stack_lvl+0x16c/0x1f0 [ 225.659785][ T8668] should_fail_ex+0x497/0x5b0 [ 225.664538][ T8668] _copy_from_user+0x2e/0xd0 [ 225.669209][ T8668] inet_ioctl+0x31f/0x3f0 [ 225.673621][ T8668] ? __pfx_inet_ioctl+0x10/0x10 [ 225.678555][ T8668] ? __pfx_lock_release+0x10/0x10 [ 225.683656][ T8668] ? tomoyo_path_number_perm+0x190/0x5b0 [ 225.689382][ T8668] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 225.695447][ T8668] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 225.701413][ T8668] sock_do_ioctl+0x116/0x280 [ 225.706065][ T8668] ? __pfx_sock_do_ioctl+0x10/0x10 [ 225.711270][ T8668] sock_ioctl+0x228/0x6c0 [ 225.715666][ T8668] ? __pfx_sock_ioctl+0x10/0x10 [ 225.720622][ T8668] ? __pfx_sock_ioctl+0x10/0x10 [ 225.725542][ T8668] __x64_sys_ioctl+0x190/0x200 [ 225.730369][ T8668] do_syscall_64+0xcd/0x250 [ 225.734944][ T8668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.740913][ T8668] RIP: 0033:0x7f4339185d29 [ 225.745381][ T8668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.765138][ T8668] RSP: 002b:00007f4339fce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 225.773622][ T8668] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f4339185d29 [ 225.781655][ T8668] RDX: 0000000000000008 RSI: 000000000000890c RDI: 0000000000000001 [ 225.789682][ T8668] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 225.797705][ T8668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.805729][ T8668] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 225.813770][ T8668] [ 225.816870][ C1] vkms_vblank_simulate: vblank timer overrun [ 225.983040][ T8678] netlink: 334 bytes leftover after parsing attributes in process `syz.3.864'. [ 227.058505][ T8702] netlink: 28 bytes leftover after parsing attributes in process `syz.1.873'. [ 227.609331][ T8706] netlink: 28 bytes leftover after parsing attributes in process `syz.0.875'. [ 227.964438][ T8726] ======================================================= [ 227.964438][ T8726] WARNING: The mand mount option has been deprecated and [ 227.964438][ T8726] and is ignored by this kernel. Remove the mand [ 227.964438][ T8726] option from the mount to silence this warning. [ 227.964438][ T8726] ======================================================= [ 227.999384][ C1] vkms_vblank_simulate: vblank timer overrun [ 229.395199][ T8748] netlink: 28 bytes leftover after parsing attributes in process `syz.0.887'. [ 229.772652][ T8760] netlink: 28 bytes leftover after parsing attributes in process `syz.2.890'. [ 230.063324][ T8770] netlink: 28 bytes leftover after parsing attributes in process `syz.3.893'. [ 230.403029][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.897'. [ 230.431508][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.897'. [ 230.594649][ T8780] mkiss: ax0: crc mode is auto. [ 231.007329][ T8792] netlink: 28 bytes leftover after parsing attributes in process `syz.3.900'. [ 231.131769][ T8790] netlink: 28 bytes leftover after parsing attributes in process `syz.0.902'. [ 231.237561][ T8798] netlink: 252 bytes leftover after parsing attributes in process `syz.1.904'. [ 231.493160][ T8806] netlink: 28 bytes leftover after parsing attributes in process `syz.2.905'. [ 231.533442][ T8805] netlink: 28 bytes leftover after parsing attributes in process `syz.1.906'. [ 232.482965][ T29] audit: type=1800 audit(1735256278.664:4): pid=8830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.913" name="discovery_nqn" dev="configfs" ino=19399 res=0 errno=0 [ 233.193660][ T8849] mkiss: ax0: crc mode is auto. [ 234.451907][ T8885] __nla_validate_parse: 7 callbacks suppressed [ 234.451942][ T8885] netlink: 28 bytes leftover after parsing attributes in process `syz.3.931'. [ 234.512672][ T8886] netlink: 28 bytes leftover after parsing attributes in process `syz.1.932'. [ 234.810084][ T8891] binder: 8890:8891 ioctl c00c620f 9 returned -14 [ 235.490728][ T8909] netlink: 28 bytes leftover after parsing attributes in process `syz.0.939'. [ 235.747169][ T8913] netlink: 28 bytes leftover after parsing attributes in process `syz.2.941'. [ 236.230480][ T8924] netlink: 28 bytes leftover after parsing attributes in process `syz.0.944'. [ 236.324570][ T8925] netlink: 28 bytes leftover after parsing attributes in process `syz.3.943'. [ 237.084000][ T8950] netlink: 28 bytes leftover after parsing attributes in process `syz.1.950'. [ 237.335687][ T8957] netlink: 28 bytes leftover after parsing attributes in process `syz.3.951'. [ 237.573268][ T8962] netlink: 4 bytes leftover after parsing attributes in process `syz.1.953'. [ 238.050800][ T8970] netlink: 28 bytes leftover after parsing attributes in process `syz.2.956'. [ 238.332553][ T8972] FAULT_INJECTION: forcing a failure. [ 238.332553][ T8972] name failslab, interval 1, probability 0, space 0, times 0 [ 238.347158][ T8972] CPU: 0 UID: 0 PID: 8972 Comm: syz.1.957 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 238.357833][ T8972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 238.367942][ T8972] Call Trace: [ 238.371263][ T8972] [ 238.374234][ T8972] dump_stack_lvl+0x16c/0x1f0 [ 238.379012][ T8972] should_fail_ex+0x497/0x5b0 [ 238.383756][ T8972] ? fs_reclaim_acquire+0xae/0x150 [ 238.388936][ T8972] should_failslab+0xc2/0x120 [ 238.393684][ T8972] __kmalloc_node_noprof+0xd1/0x520 [ 238.398955][ T8972] ? trace_kmalloc+0x2d/0xd0 [ 238.403595][ T8972] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 238.409129][ T8972] __kvmalloc_node_noprof+0xad/0x1a0 [ 238.414486][ T8972] io_futex_cache_init+0x26/0x130 [ 238.419580][ T8972] io_uring_setup+0x9fb/0x3230 [ 238.424417][ T8972] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 238.430462][ T8972] ? __pfx_io_uring_setup+0x10/0x10 [ 238.435710][ T8972] ? __fget_files+0x206/0x3a0 [ 238.440439][ T8972] ? ksys_write+0x1ba/0x250 [ 238.445013][ T8972] ? __pfx_ksys_write+0x10/0x10 [ 238.449907][ T8972] __x64_sys_io_uring_setup+0x98/0x140 [ 238.455409][ T8972] do_syscall_64+0xcd/0x250 [ 238.459954][ T8972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.465888][ T8972] RIP: 0033:0x7f4339185d29 [ 238.470333][ T8972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.489978][ T8972] RSP: 002b:00007f4339fce038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 238.498427][ T8972] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f4339185d29 [ 238.506428][ T8972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 238.514430][ T8972] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 238.522432][ T8972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 238.530430][ T8972] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 238.538446][ T8972] [ 238.889325][ T8990] FAULT_INJECTION: forcing a failure. [ 238.889325][ T8990] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 238.918763][ T8990] CPU: 1 UID: 0 PID: 8990 Comm: syz.2.962 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 238.929458][ T8990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 238.939582][ T8990] Call Trace: [ 238.942912][ T8990] [ 238.945894][ T8990] dump_stack_lvl+0x16c/0x1f0 [ 238.950647][ T8990] should_fail_ex+0x497/0x5b0 [ 238.955404][ T8990] _copy_to_user+0x32/0xd0 [ 238.959901][ T8990] simple_read_from_buffer+0xd0/0x160 [ 238.965349][ T8990] proc_fail_nth_read+0x198/0x270 [ 238.970462][ T8990] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 238.976104][ T8990] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 238.981739][ T8990] vfs_read+0x1df/0xbe0 [ 238.985968][ T8990] ? __fget_files+0x1fc/0x3a0 [ 238.990721][ T8990] ? __pfx___mutex_lock+0x10/0x10 [ 238.995823][ T8990] ? __pfx_vfs_read+0x10/0x10 [ 239.000586][ T8990] ? __fget_files+0x206/0x3a0 [ 239.005346][ T8990] ksys_read+0x12b/0x250 [ 239.009659][ T8990] ? __pfx_ksys_read+0x10/0x10 [ 239.014496][ T8990] do_syscall_64+0xcd/0x250 [ 239.019082][ T8990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.025051][ T8990] RIP: 0033:0x7fb65158473c [ 239.029525][ T8990] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 239.049210][ T8990] RSP: 002b:00007fb65246a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 239.057691][ T8990] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb65158473c [ 239.065732][ T8990] RDX: 000000000000000f RSI: 00007fb65246a0a0 RDI: 0000000000000004 [ 239.073761][ T8990] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 239.081795][ T8990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 239.089821][ T8990] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 239.097867][ T8990] [ 239.100947][ C1] vkms_vblank_simulate: vblank timer overrun [ 239.693273][ T9005] __nla_validate_parse: 2 callbacks suppressed [ 239.693301][ T9005] netlink: 28 bytes leftover after parsing attributes in process `syz.1.966'. [ 239.965800][ T9014] netlink: 28 bytes leftover after parsing attributes in process `syz.3.968'. [ 240.974714][ T9028] Invalid ELF header magic: != ELF [ 242.140550][ T9064] netlink: 28 bytes leftover after parsing attributes in process `syz.2.983'. [ 243.316085][ T9088] netlink: 28 bytes leftover after parsing attributes in process `syz.2.993'. [ 243.637602][ T9103] netlink: 28 bytes leftover after parsing attributes in process `syz.0.995'. [ 244.582480][ T9131] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1003'. [ 244.672951][ T9132] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1004'. [ 244.743081][ T9136] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1006'. [ 245.305847][ T9144] vivid-013: ================= START STATUS ================= [ 245.326502][ T9144] vivid-013: Generate PTS: true [ 245.352218][ T9144] vivid-013: Generate SCR: true [ 245.393892][ T9144] tpg source WxH: 640x360 (Y'CbCr) [ 245.450735][ T9144] tpg field: 1 [ 245.454194][ T9144] tpg crop: 640x360@0x0 [ 245.499811][ T9144] tpg compose: 640x360@0x0 [ 245.527042][ T9144] tpg colorspace: 8 [ 245.530939][ T9144] tpg transfer function: 0/0 [ 245.535585][ T9144] tpg Y'CbCr encoding: 0/0 [ 245.544164][ T9144] tpg quantization: 0/0 [ 245.550984][ T9144] tpg RGB range: 0/2 [ 245.555033][ T9144] vivid-013: ================== END STATUS ================== [ 246.598833][ T9175] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1015'. [ 246.798307][ T9178] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1016'. [ 247.422401][ T9190] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1020'. [ 247.812374][ T9203] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1026'. [ 248.328447][ T9220] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1030'. [ 248.549541][ T9228] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1031'. [ 248.791303][ T9233] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 249.109480][ T9240] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1036'. [ 249.780261][ T9260] FAULT_INJECTION: forcing a failure. [ 249.780261][ T9260] name failslab, interval 1, probability 0, space 0, times 0 [ 249.812745][ T9260] CPU: 0 UID: 0 PID: 9260 Comm: syz.2.1044 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 249.823513][ T9260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 249.833619][ T9260] Call Trace: [ 249.836944][ T9260] [ 249.839923][ T9260] dump_stack_lvl+0x16c/0x1f0 [ 249.844665][ T9260] should_fail_ex+0x497/0x5b0 [ 249.849407][ T9260] ? fs_reclaim_acquire+0xae/0x150 [ 249.854590][ T9260] should_failslab+0xc2/0x120 [ 249.859330][ T9260] __kmalloc_cache_noprof+0x68/0x420 [ 249.864654][ T9260] ? lock_acquire+0x2f/0xb0 [ 249.869193][ T9260] binder_get_thread+0x223/0x8c0 [ 249.874188][ T9260] binder_ioctl+0x1f4/0x7080 [ 249.878823][ T9260] ? __pfx_lock_release+0x10/0x10 [ 249.883892][ T9260] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 249.889582][ T9260] ? tomoyo_path_number_perm+0x190/0x5b0 [ 249.895271][ T9260] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 249.901311][ T9260] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 249.907250][ T9260] ? __pfx_binder_ioctl+0x10/0x10 [ 249.912322][ T9260] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 249.917391][ T9260] ? __pfx_lock_release+0x10/0x10 [ 249.922441][ T9260] ? trace_lock_acquire+0x14e/0x1f0 [ 249.927689][ T9260] ? __fget_files+0x206/0x3a0 [ 249.932404][ T9260] ? __pfx_binder_ioctl+0x10/0x10 [ 249.937470][ T9260] __x64_sys_ioctl+0x190/0x200 [ 249.942266][ T9260] do_syscall_64+0xcd/0x250 [ 249.946815][ T9260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.952746][ T9260] RIP: 0033:0x7fb651585d29 [ 249.957190][ T9260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.976832][ T9260] RSP: 002b:00007fb65246a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.985276][ T9260] RAX: ffffffffffffffda RBX: 00007fb651775fa0 RCX: 00007fb651585d29 [ 249.993279][ T9260] RDX: 0000000000000009 RSI: 0000000040046210 RDI: 0000000000000003 [ 250.001281][ T9260] RBP: 00007fb65246a090 R08: 0000000000000000 R09: 0000000000000000 [ 250.009290][ T9260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 250.017289][ T9260] R13: 0000000000000000 R14: 00007fb651775fa0 R15: 00007ffd3541b468 [ 250.025386][ T9260] [ 250.039477][ T9260] binder: 9259:9260 ioctl 40046210 9 returned -12 [ 250.304084][ T9270] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1047'. [ 250.391558][ T9274] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1048'. [ 250.590493][ T9280] netlink: 'syz.2.1051': attribute type 33 has an invalid length. [ 250.605975][ T9280] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1051'. [ 250.694355][ T9284] netlink: 'syz.1.1050': attribute type 33 has an invalid length. [ 250.727149][ T9284] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1050'. [ 250.905411][ T9290] vivid-013: ================= START STATUS ================= [ 250.914983][ T9290] vivid-013: Generate PTS: true [ 250.942021][ T9290] vivid-013: Generate SCR: true [ 250.955294][ T9290] tpg source WxH: 640x360 (Y'CbCr) [ 250.966489][ T9290] tpg field: 1 [ 250.970020][ T9290] tpg crop: 640x360@0x0 [ 250.975741][ T9290] tpg compose: 640x360@0x0 [ 250.999754][ T9290] tpg colorspace: 8 [ 251.004260][ T9290] tpg transfer function: 0/0 [ 251.009691][ T9290] tpg Y'CbCr encoding: 0/0 [ 251.014538][ T9290] tpg quantization: 0/0 [ 251.024884][ T9290] tpg RGB range: 0/2 [ 251.031039][ T9290] vivid-013: ================== END STATUS ================== [ 251.168353][ T9297] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 251.254502][ T9304] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1060'. [ 251.357864][ T9307] netlink: 'syz.0.1059': attribute type 33 has an invalid length. [ 251.365759][ T9307] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1059'. [ 251.791959][ T9318] netlink: 'syz.2.1065': attribute type 33 has an invalid length. [ 251.832433][ T9318] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1065'. [ 252.066089][ T9328] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1067'. [ 252.147652][ T9329] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1068'. [ 252.372510][ T9335] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1070'. [ 252.652782][ T9342] Invalid ELF header magic: != ELF [ 252.671461][ T9339] binder: 9338:9339 ioctl 40046210 9 returned -14 [ 253.088414][ T9351] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 254.502124][ T9390] netlink: 'syz.1.1088': attribute type 33 has an invalid length. [ 255.348345][ T9411] __nla_validate_parse: 7 callbacks suppressed [ 255.348371][ T9411] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1095'. [ 255.520680][ T9416] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 255.655497][ T9424] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.1097'. [ 255.665211][ T9422] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1098'. [ 256.062709][ T9433] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1099'. [ 256.458715][ T9443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1104'. [ 257.071387][ T9457] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1108'. [ 258.065447][ T9474] mkiss: ax0: crc mode is auto. [ 258.881813][ T9484] netlink: 'syz.2.1119': attribute type 33 has an invalid length. [ 258.900471][ T9484] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1119'. [ 259.210918][ T9491] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1121'. [ 259.557406][ T9501] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1123'. [ 259.745498][ T9506] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1127'. [ 260.155758][ T9515] netlink: 'syz.1.1130': attribute type 33 has an invalid length. [ 260.773281][ T9535] __nla_validate_parse: 1 callbacks suppressed [ 260.773306][ T9535] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1144'. [ 261.149384][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.155823][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.421262][ T9547] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1139'. [ 261.686531][ T9543] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1138'. [ 262.118316][ T9564] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1146'. [ 262.909182][ T9590] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1156'. [ 264.411851][ T9618] netlink: 'syz.1.1167': attribute type 33 has an invalid length. [ 264.420133][ T9618] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1167'. [ 265.435585][ T9639] mkiss: ax0: crc mode is auto. [ 265.733547][ T9647] netlink: 'syz.0.1177': attribute type 33 has an invalid length. [ 265.744446][ T9647] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1177'. [ 267.310267][ T9675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1185'. [ 267.671423][ T9682] netlink: 'syz.1.1187': attribute type 33 has an invalid length. [ 267.681490][ T9682] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1187'. [ 267.931960][ T9684] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1188'. [ 268.318966][ T9693] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1190'. [ 269.310198][ T9703] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1195'. [ 269.366143][ T9701] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1194'. [ 269.604733][ T9689] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[9689] [ 270.114231][ T9720] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1199'. [ 270.317480][ T9723] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1201'. [ 270.745771][ T9732] mkiss: ax0: crc mode is auto. [ 271.118693][ T9740] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1206'. [ 271.131320][ T9742] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1196'. [ 271.457711][ T29] audit: type=1800 audit(1735256317.624:5): pid=9749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1208" name="discovery_nqn" dev="configfs" ino=22433 res=0 errno=0 [ 272.460392][ T9768] syz.3.1214 (9768): /proc/9767/oom_adj is deprecated, please use /proc/9767/oom_score_adj instead. [ 272.919672][ T9789] __nla_validate_parse: 3 callbacks suppressed [ 272.919697][ T9789] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1219'. [ 272.968800][ T9790] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1220'. [ 273.788360][ T9809] FAULT_INJECTION: forcing a failure. [ 273.788360][ T9809] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 273.807367][ T9809] CPU: 1 UID: 0 PID: 9809 Comm: syz.3.1226 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 273.818142][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 273.828227][ T9809] Call Trace: [ 273.831527][ T9809] [ 273.834486][ T9809] dump_stack_lvl+0x16c/0x1f0 [ 273.839208][ T9809] should_fail_ex+0x497/0x5b0 [ 273.843930][ T9809] _copy_from_user+0x2e/0xd0 [ 273.848621][ T9809] snd_seq_oss_write+0x398/0x7b0 [ 273.853635][ T9809] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 273.859149][ T9809] ? apparmor_file_permission+0x251/0x400 [ 273.864920][ T9809] ? __pfx_odev_write+0x10/0x10 [ 273.869814][ T9809] odev_write+0x51/0xa0 [ 273.874033][ T9809] vfs_write+0x24c/0x1150 [ 273.878411][ T9809] ? __fget_files+0x1fc/0x3a0 [ 273.883158][ T9809] ? __pfx_lock_release+0x10/0x10 [ 273.888217][ T9809] ? __pfx_vfs_write+0x10/0x10 [ 273.893021][ T9809] ? lock_acquire+0x2f/0xb0 [ 273.897553][ T9809] ? __fget_files+0x40/0x3a0 [ 273.902269][ T9809] ? __fget_files+0x206/0x3a0 [ 273.906988][ T9809] ksys_write+0x12b/0x250 [ 273.911364][ T9809] ? __pfx_ksys_write+0x10/0x10 [ 273.916281][ T9809] do_syscall_64+0xcd/0x250 [ 273.920841][ T9809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.926775][ T9809] RIP: 0033:0x7f8d93d85d29 [ 273.931218][ T9809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.950859][ T9809] RSP: 002b:00007f8d91bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 273.959307][ T9809] RAX: ffffffffffffffda RBX: 00007f8d93f75fa0 RCX: 00007f8d93d85d29 [ 273.967310][ T9809] RDX: 00000000000000f8 RSI: 0000000020000040 RDI: 0000000000000006 [ 273.975327][ T9809] RBP: 00007f8d91bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 273.983323][ T9809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.991319][ T9809] R13: 0000000000000000 R14: 00007f8d93f75fa0 R15: 00007ffcc2e79f98 [ 273.999332][ T9809] [ 274.773424][ T9838] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1231'. [ 275.057412][ T9844] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1235'. [ 275.125609][ T9848] mkiss: ax0: crc mode is auto. [ 275.160697][ T9849] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1236'. [ 275.497491][ T9856] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1240'. [ 275.727704][ T9860] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1241'. [ 275.891629][ T9866] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1243'. [ 276.326721][ T9883] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1249'. [ 277.376078][ T9902] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1254'. [ 278.617283][ T9909] ptrace attach of "./syz-executor exec"[5832] was attempted by "./syz-executor exec"[9909] [ 279.667363][ T9945] mkiss: ax0: crc mode is auto. [ 280.837065][ T9974] __nla_validate_parse: 2 callbacks suppressed [ 280.837092][ T9974] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1277'. [ 280.854206][ T9976] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1276'. [ 280.933128][ T9977] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1279'. [ 282.413370][T10006] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1287'. [ 282.570455][T10014] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1290'. [ 282.586711][T10010] Invalid ELF header magic: != ELF [ 282.835482][T10020] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1291'. [ 283.505284][T10038] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1296'. [ 284.145707][T10048] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1298'. [ 284.783049][T10065] Invalid ELF header magic: != ELF [ 284.921204][T10071] delete_channel: no stack [ 285.790360][T10091] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1313'. [ 286.088472][T10098] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1315'. [ 286.407806][T10103] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1316'. [ 286.806830][T10115] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1319'. [ 286.857204][T10117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1320'. [ 287.464219][T10142] FAULT_INJECTION: forcing a failure. [ 287.464219][T10142] name failslab, interval 1, probability 0, space 0, times 0 [ 287.477108][T10142] CPU: 1 UID: 0 PID: 10142 Comm: syz.1.1328 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 287.487937][T10142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.498045][T10142] Call Trace: [ 287.501359][T10142] [ 287.504326][T10142] dump_stack_lvl+0x16c/0x1f0 [ 287.509069][T10142] should_fail_ex+0x497/0x5b0 [ 287.513806][T10142] ? fs_reclaim_acquire+0xae/0x150 [ 287.518983][T10142] should_failslab+0xc2/0x120 [ 287.523731][T10142] __kmalloc_noprof+0xce/0x4f0 [ 287.528555][T10142] ? d_absolute_path+0x137/0x1b0 [ 287.533583][T10142] ? tomoyo_encode2+0x100/0x3e0 [ 287.538507][T10142] tomoyo_encode2+0x100/0x3e0 [ 287.543247][T10142] tomoyo_realpath_from_path+0x1a7/0x710 [ 287.548957][T10142] tomoyo_path_number_perm+0x248/0x5b0 [ 287.554495][T10142] ? tomoyo_path_number_perm+0x235/0x5b0 [ 287.560212][T10142] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 287.566312][T10142] ? __pfx_lock_release+0x10/0x10 [ 287.571392][T10142] ? trace_lock_acquire+0x14e/0x1f0 [ 287.576667][T10142] ? lock_acquire+0x2f/0xb0 [ 287.581229][T10142] ? __fget_files+0x40/0x3a0 [ 287.585889][T10142] ? __fget_files+0x206/0x3a0 [ 287.590640][T10142] security_file_ioctl+0x9b/0x240 [ 287.595722][T10142] __x64_sys_ioctl+0xb7/0x200 [ 287.600434][T10142] do_syscall_64+0xcd/0x250 [ 287.604977][T10142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.610909][T10142] RIP: 0033:0x7f4339185d29 [ 287.615346][T10142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.635029][T10142] RSP: 002b:00007f4339fce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 287.643510][T10142] RAX: ffffffffffffffda RBX: 00007f4339375fa0 RCX: 00007f4339185d29 [ 287.651515][T10142] RDX: 0000000000000000 RSI: 0000000040345410 RDI: 0000000000000003 [ 287.659513][T10142] RBP: 00007f4339fce090 R08: 0000000000000000 R09: 0000000000000000 [ 287.667508][T10142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.675537][T10142] R13: 0000000000000000 R14: 00007f4339375fa0 R15: 00007ffe0af98278 [ 287.683572][T10142] [ 287.687558][T10142] ERROR: Out of memory at tomoyo_realpath_from_path. [ 287.762041][T10137] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1327'. [ 288.073426][T10155] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1332'. [ 288.318133][T10161] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1334'. [ 288.847988][T10173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1337'. [ 289.814089][T10187] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1342'. [ 289.847803][T10187] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1342'. [ 291.755292][T10227] __nla_validate_parse: 4 callbacks suppressed [ 291.755319][T10227] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1353'. [ 291.870765][T10226] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1354'. [ 292.894733][T10250] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1361'. [ 293.341189][T10261] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1364'. [ 293.839457][T10275] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1371'. [ 293.855473][T10274] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1371'. [ 293.871114][T10274] netlink: 130 bytes leftover after parsing attributes in process `syz.3.1371'. [ 294.067119][T10282] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1372'. [ 294.199387][T10289] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1374'. [ 294.233118][T10289] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1374'. [ 294.382970][T10295] FAULT_INJECTION: forcing a failure. [ 294.382970][T10295] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 294.397162][T10295] CPU: 1 UID: 0 PID: 10295 Comm: syz.3.1376 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 294.407999][T10295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 294.418104][T10295] Call Trace: [ 294.421425][T10295] [ 294.424395][T10295] dump_stack_lvl+0x16c/0x1f0 [ 294.429146][T10295] should_fail_ex+0x497/0x5b0 [ 294.433898][T10295] _copy_from_user+0x2e/0xd0 [ 294.438559][T10295] do_sock_getsockopt+0x319/0x870 [ 294.443651][T10295] ? trace_lock_acquire+0x110/0x1f0 [ 294.448929][T10295] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 294.454533][T10295] ? lock_acquire+0x2f/0xb0 [ 294.459087][T10295] ? __fget_files+0x40/0x3a0 [ 294.463743][T10295] ? 0xffffffffff600000 [ 294.467944][T10295] ? __fget_files+0x206/0x3a0 [ 294.472694][T10295] __sys_getsockopt+0x12f/0x260 [ 294.477612][T10295] ? 0xffffffffff600000 [ 294.481818][T10295] __x64_sys_getsockopt+0xbd/0x160 [ 294.487000][T10295] ? do_syscall_64+0x91/0x250 [ 294.491739][T10295] ? lockdep_hardirqs_on+0x7c/0x110 [ 294.497158][T10295] do_syscall_64+0xcd/0x250 [ 294.501707][T10295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.507642][T10295] RIP: 0033:0x7f8d93d85d29 [ 294.512085][T10295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.531737][T10295] RSP: 002b:00007f8d91bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 294.540186][T10295] RAX: ffffffffffffffda RBX: 00007f8d93f75fa0 RCX: 00007f8d93d85d29 [ 294.548180][T10295] RDX: 0000000000002720 RSI: 0000000000000114 RDI: 0000000000000002 [ 294.556180][T10295] RBP: 00007f8d91bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 294.564172][T10295] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 294.572168][T10295] R13: 0000000000000000 R14: 00007f8d93f75fa0 R15: 00007ffcc2e79f98 [ 294.580174][T10295] ? 0xffffffffff600000 [ 294.584357][T10295] [ 295.361178][T10317] ================================================================== [ 295.369309][T10317] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 295.377068][T10317] Read of size 8 at addr ffff888029122418 by task syz.0.1384/10317 [ 295.384994][T10317] [ 295.387333][T10317] CPU: 0 UID: 0 PID: 10317 Comm: syz.0.1384 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 295.398129][T10317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 295.408216][T10317] Call Trace: [ 295.411516][T10317] [ 295.414479][T10317] dump_stack_lvl+0x116/0x1f0 [ 295.419214][T10317] print_report+0xc3/0x620 [ 295.423675][T10317] ? __virt_addr_valid+0x5e/0x590 [ 295.428739][T10317] ? __phys_addr+0xc6/0x150 [ 295.433278][T10317] kasan_report+0xd9/0x110 [ 295.437730][T10317] ? dvb_device_open+0x36a/0x3b0 [ 295.442726][T10317] ? dvb_device_open+0x36a/0x3b0 [ 295.447697][T10317] ? __pfx_dvb_device_open+0x10/0x10 [ 295.453040][T10317] dvb_device_open+0x36a/0x3b0 [ 295.457858][T10317] ? __pfx_dvb_device_open+0x10/0x10 [ 295.463177][T10317] chrdev_open+0x237/0x6a0 [ 295.467668][T10317] ? __pfx_apparmor_file_open+0x10/0x10 [ 295.473336][T10317] ? __pfx_chrdev_open+0x10/0x10 [ 295.478313][T10317] do_dentry_open+0xf59/0x1ea0 [ 295.483108][T10317] ? __pfx_chrdev_open+0x10/0x10 [ 295.488083][T10317] ? inode_permission+0xdd/0x5f0 [ 295.493063][T10317] vfs_open+0x82/0x3f0 [ 295.497173][T10317] ? may_open+0x1f2/0x400 [ 295.501543][T10317] path_openat+0x1e6a/0x2d60 [ 295.506166][T10317] ? __pfx_path_openat+0x10/0x10 [ 295.511134][T10317] ? __pfx___lock_acquire+0x10/0x10 [ 295.516363][T10317] ? lock_acquire.part.0+0x11b/0x380 [ 295.521676][T10317] ? find_held_lock+0x2d/0x110 [ 295.526477][T10317] do_filp_open+0x20c/0x470 [ 295.531012][T10317] ? __pfx_do_filp_open+0x10/0x10 [ 295.536066][T10317] ? find_held_lock+0x2d/0x110 [ 295.540902][T10317] ? alloc_fd+0x41f/0x760 [ 295.545265][T10317] do_sys_openat2+0x17a/0x1e0 [ 295.549980][T10317] ? __pfx_do_sys_openat2+0x10/0x10 [ 295.555220][T10317] __x64_sys_openat+0x175/0x210 [ 295.560109][T10317] ? __pfx___x64_sys_openat+0x10/0x10 [ 295.565556][T10317] do_syscall_64+0xcd/0x250 [ 295.570097][T10317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.576026][T10317] RIP: 0033:0x7f5b58d85d29 [ 295.580464][T10317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.600103][T10317] RSP: 002b:00007f5b59ae0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 295.608542][T10317] RAX: ffffffffffffffda RBX: 00007f5b58f75fa0 RCX: 00007f5b58d85d29 [ 295.616530][T10317] RDX: 0000000000000001 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 295.624519][T10317] RBP: 00007f5b58e01b08 R08: 0000000000000000 R09: 0000000000000000 [ 295.632510][T10317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.640502][T10317] R13: 0000000000000000 R14: 00007f5b58f75fa0 R15: 00007ffd2bd50ca8 [ 295.648499][T10317] [ 295.651531][T10317] [ 295.653861][T10317] Allocated by task 9596: [ 295.658200][T10317] kasan_save_stack+0x33/0x60 [ 295.662905][T10317] kasan_save_track+0x14/0x30 [ 295.667608][T10317] __kasan_kmalloc+0xaa/0xb0 [ 295.672223][T10317] __kmalloc_node_noprof+0x21f/0x520 [ 295.677548][T10317] __kvmalloc_node_noprof+0xad/0x1a0 [ 295.682864][T10317] io_futex_cache_init+0x26/0x130 [ 295.687919][T10317] io_uring_setup+0x9fb/0x3230 [ 295.692716][T10317] __x64_sys_io_uring_setup+0x98/0x140 [ 295.698423][T10317] do_syscall_64+0xcd/0x250 [ 295.702959][T10317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.708891][T10317] [ 295.711227][T10317] Freed by task 12: [ 295.715049][T10317] kasan_save_stack+0x33/0x60 [ 295.719843][T10317] kasan_save_track+0x14/0x30 [ 295.724552][T10317] kasan_save_free_info+0x3b/0x60 [ 295.729600][T10317] __kasan_slab_free+0x51/0x70 [ 295.734395][T10317] kfree+0x14f/0x4b0 [ 295.738313][T10317] kvfree+0x47/0x50 [ 295.742231][T10317] io_futex_cache_free+0x9b/0x260 [ 295.747287][T10317] io_ring_exit_work+0xb08/0x1b20 [ 295.752339][T10317] process_one_work+0x958/0x1b30 [ 295.757300][T10317] worker_thread+0x6c8/0xf00 [ 295.761906][T10317] kthread+0x2c1/0x3a0 [ 295.765997][T10317] ret_from_fork+0x45/0x80 [ 295.770439][T10317] ret_from_fork_asm+0x1a/0x30 [ 295.775245][T10317] [ 295.777583][T10317] The buggy address belongs to the object at ffff888029122400 [ 295.777583][T10317] which belongs to the cache kmalloc-256 of size 256 [ 295.791652][T10317] The buggy address is located 24 bytes inside of [ 295.791652][T10317] freed 256-byte region [ffff888029122400, ffff888029122500) [ 295.805379][T10317] [ 295.807724][T10317] The buggy address belongs to the physical page: [ 295.814151][T10317] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888029122400 pfn:0x29122 [ 295.824250][T10317] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 295.832775][T10317] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 295.841298][T10317] page_type: f5(slab) [ 295.845299][T10317] raw: 00fff00000000240 ffff88801ac41b40 ffffea0000cd3f10 ffffea0001ff6490 [ 295.853911][T10317] raw: ffff888029122400 000000000010000f 00000001f5000000 0000000000000000 [ 295.862516][T10317] head: 00fff00000000240 ffff88801ac41b40 ffffea0000cd3f10 ffffea0001ff6490 [ 295.871213][T10317] head: ffff888029122400 000000000010000f 00000001f5000000 0000000000000000 [ 295.879909][T10317] head: 00fff00000000001 ffffea0000a44881 ffffffffffffffff 0000000000000000 [ 295.888614][T10317] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 295.897304][T10317] page dumped because: kasan: bad access detected [ 295.903768][T10317] page_owner tracks the page as allocated [ 295.909493][T10317] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2, tgid 2 (kthreadd), ts 23144123398, free_ts 0 [ 295.929150][T10317] post_alloc_hook+0x2d1/0x350 [ 295.933950][T10317] get_page_from_freelist+0xfce/0x2f80 [ 295.939441][T10317] __alloc_pages_noprof+0x223/0x25b0 [ 295.944764][T10317] alloc_pages_mpol_noprof+0x2c9/0x610 [ 295.950268][T10317] new_slab+0x2c9/0x410 [ 295.954448][T10317] ___slab_alloc+0xce2/0x1650 [ 295.959148][T10317] __slab_alloc.constprop.0+0x56/0xb0 [ 295.964545][T10317] __kmalloc_cache_noprof+0xf6/0x420 [ 295.969857][T10317] set_kthread_struct+0xc9/0x230 [ 295.974827][T10317] copy_process+0x2edc/0x6f20 [ 295.979529][T10317] kernel_clone+0xfd/0x960 [ 295.983970][T10317] kernel_thread+0xc0/0x100 [ 295.988501][T10317] kthreadd+0x4ef/0x7d0 [ 295.992690][T10317] ret_from_fork+0x45/0x80 [ 295.997129][T10317] ret_from_fork_asm+0x1a/0x30 [ 296.001924][T10317] page_owner free stack trace missing [ 296.007298][T10317] [ 296.009631][T10317] Memory state around the buggy address: [ 296.015269][T10317] ffff888029122300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 296.023351][T10317] ffff888029122380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 296.031429][T10317] >ffff888029122400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 296.039503][T10317] ^ [ 296.044367][T10317] ffff888029122480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 296.052445][T10317] ffff888029122500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 296.060519][T10317] ================================================================== [ 296.096570][T10317] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 296.103924][T10317] CPU: 0 UID: 0 PID: 10317 Comm: syz.0.1384 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 296.114747][T10317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 296.124840][T10317] Call Trace: [ 296.128158][T10317] [ 296.131120][T10317] dump_stack_lvl+0x3d/0x1f0 [ 296.135778][T10317] panic+0x71d/0x800 [ 296.139739][T10317] ? __pfx_panic+0x10/0x10 [ 296.144223][T10317] ? irqentry_exit+0x3b/0x90 [ 296.148875][T10317] ? lockdep_hardirqs_on+0x7c/0x110 [ 296.154133][T10317] ? preempt_schedule_thunk+0x1a/0x30 [ 296.159558][T10317] ? preempt_schedule_common+0x44/0xc0 [ 296.165079][T10317] check_panic_on_warn+0xab/0xb0 [ 296.170080][T10317] end_report+0x117/0x180 [ 296.174472][T10317] kasan_report+0xe9/0x110 [ 296.178949][T10317] ? dvb_device_open+0x36a/0x3b0 [ 296.183949][T10317] ? dvb_device_open+0x36a/0x3b0 [ 296.188949][T10317] ? __pfx_dvb_device_open+0x10/0x10 [ 296.194290][T10317] dvb_device_open+0x36a/0x3b0 [ 296.199113][T10317] ? __pfx_dvb_device_open+0x10/0x10 [ 296.204457][T10317] chrdev_open+0x237/0x6a0 [ 296.208933][T10317] ? __pfx_apparmor_file_open+0x10/0x10 [ 296.214527][T10317] ? __pfx_chrdev_open+0x10/0x10 [ 296.219533][T10317] do_dentry_open+0xf59/0x1ea0 [ 296.224359][T10317] ? __pfx_chrdev_open+0x10/0x10 [ 296.229363][T10317] ? inode_permission+0xdd/0x5f0 [ 296.234368][T10317] vfs_open+0x82/0x3f0 [ 296.238510][T10317] ? may_open+0x1f2/0x400 [ 296.242910][T10317] path_openat+0x1e6a/0x2d60 [ 296.247560][T10317] ? __pfx_path_openat+0x10/0x10 [ 296.252564][T10317] ? __pfx___lock_acquire+0x10/0x10 [ 296.257812][T10317] ? lock_acquire.part.0+0x11b/0x380 [ 296.263142][T10317] ? find_held_lock+0x2d/0x110 [ 296.267963][T10317] do_filp_open+0x20c/0x470 [ 296.272524][T10317] ? __pfx_do_filp_open+0x10/0x10 [ 296.277601][T10317] ? find_held_lock+0x2d/0x110 [ 296.282431][T10317] ? alloc_fd+0x41f/0x760 [ 296.286823][T10317] do_sys_openat2+0x17a/0x1e0 [ 296.291611][T10317] ? __pfx_do_sys_openat2+0x10/0x10 [ 296.296888][T10317] __x64_sys_openat+0x175/0x210 [ 296.301808][T10317] ? __pfx___x64_sys_openat+0x10/0x10 [ 296.307260][T10317] do_syscall_64+0xcd/0x250 [ 296.311838][T10317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.317796][T10317] RIP: 0033:0x7f5b58d85d29 [ 296.322255][T10317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.341924][T10317] RSP: 002b:00007f5b59ae0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 296.350396][T10317] RAX: ffffffffffffffda RBX: 00007f5b58f75fa0 RCX: 00007f5b58d85d29 [ 296.358420][T10317] RDX: 0000000000000001 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 296.366439][T10317] RBP: 00007f5b58e01b08 R08: 0000000000000000 R09: 0000000000000000 [ 296.374456][T10317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.382471][T10317] R13: 0000000000000000 R14: 00007f5b58f75fa0 R15: 00007ffd2bd50ca8 [ 296.390583][T10317] [ 296.393976][T10317] Kernel Offset: disabled [ 296.398315][T10317] Rebooting in 86400 seconds..