last executing test programs: 2m46.534283329s ago: executing program 2 (id=203): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.threads\x00', 0x20000, 0x0) utime$auto(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0xa36}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010b27bd7000fbdbdf25058678a509000000", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) setresuid$auto(0x2, 0xffffffffffffffff, 0x200) sendmsg$auto_NL802154_CMD_ASSOCIATE(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002bbd7000fddbdf2528000000050011000700000008000b00a985246406000a000400000024001f0004000000"], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4004080) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xc, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x2, 0x7, 0x5, 0x7}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = socket(0x2, 0x1, 0x0) bind$auto(r5, &(0x7f0000000040)=@isdn={0x22, 0xe, 0x8, 0x8, 0x5}, 0x67) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) rseq$auto(0x0, 0x8000, 0x0, 0x6) geteuid() prctl$auto(0x800003b, 0x1, 0x4, 0x5, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x9, 0x7, 0xa21, 0x13, r3, 0x9) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000022c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r6, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)={&(0x7f0000002300)=ANY=[@ANYBLOB="40240016", @ANYRES16=r7, @ANYBLOB="01002cbd7000fcdbdf25290000002000018014000200766c616e3100000000000000000000000800040001040000"], 0x34}, 0x1, 0x0, 0x0, 0x408d1}, 0x4010) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/156, 0x9c) unshare$auto(0x20000080) 2m46.30176348s ago: executing program 2 (id=205): syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4801}, 0x0) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) 2m46.205456249s ago: executing program 2 (id=208): ioctl$auto_COMEDI_CMD(0xffffffffffffffff, 0x80506409, &(0x7f0000000180)={0x8, 0x10001, 0x3, 0x7f, 0x2, 0x6c, 0x81, 0x4, 0x10001, 0xfffffffc, 0x0, 0xe, 0x0, 0x1, 0x0, 0x400}) r0 = socket(0xa, 0x801, 0x106) socket(0x1f, 0x2, 0x7754) mmap$auto(0x3, 0x2, 0x4000000000df, 0x19, r0, 0x1000000000008000) semctl$auto(0x7, 0x2, 0x13, 0x1) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, 0x0) sendmmsg$auto(r1, &(0x7f0000000080)={{&(0x7f0000000840)="bce582409c484ddebd1e657bbdccad0617d16d74babddb6a2d201f0366e25ec28308c4206dfe9bd04e940c7fc51243e0fedfe20f7851c9c10740f281e409567432afd67b623535939f94d1ac623b76481031a379ef98c6241de124f498f45bd7265ba8041b65622d64b95bfe237dbbce6f924909ccf3c2605b798f250e74f6458f376ecd03d57cb83ad751f95331d652bb9eed358b02053e6f279b704e5e4e321cb68c4d438f1572ebee8dfe627aa699c8a371d55512104a690d7a6959eb4347c3d17d9b4caee6423fdb6da726c300656b34211166f6b536b058b05f2b0136480ccf2c23ae9817a4eee489f2875ab071b5486dd259ad158656d4908e84b37300", 0xfffffffc, &(0x7f0000000200)={&(0x7f0000000700)="ef21e6487bd108ee39c6651be87258fe2213f5ec9082e6c38ec284625b63ba1ad14c313444c5e23bc5299489589da55e4edaeb69d4313db6dd68d177182d0252db710d52c55daf2202a44370fc9b929156d40fa1aafd60c3b750af9ef2b4874de0a68d63a4883ca72cac3d644683a346168ea6d6179a85118e6c88d64707d69c983e3deb5ad890321884630e35fe61f86df4c2df65f6533a5bbc3e68ffbc30cde9ccfef91de153b5a6e5923d774d066ccf32980653e07c99530ad3519708750ee3d43fba92ea8bffe981ba6afb8d1125564e4e5e609934f554502e924d49bc9cffa396750e7b92a6cd17dc10ee4270649000"/254, 0x3}, 0xfffffbffffffda5d, &(0x7f0000000300)="7c3bfe57d44301e128e799742965da37ce4def25c2449c3e214e5a12088c2edac0fcc08de2899cf7754e8595b178fe82354b93a04af330afa054a0be6d05938fc9bcf714caf6065c193ca71931c52723b0d9646f0e937609f09fdfdf7f5f45fc62f28737c840553b077eb694d134e87c45ed4ad19aa576427f3f24c090ea61a161a16d59c1f1073e349f1a0fbe41814a3a49f44d4ce88b4bc3d818d0fe04f59fea388afbe72c24e5d57408f42ef2df1e803d76a8646d8a587596674b685d987c02e161f749b3926d3da424598c3ace305c563b6c23a8ac3b94ace42c60a6cd0853310fbe41eef235a30d7d8870e3caa141", 0x4, 0x80000000}, 0x7}, 0x1ff, 0x7) ioctl$auto_MON_IOCQ_RING_SIZE(r1, 0x9205, 0x0) socket(0x2, 0x6, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) setfsuid$auto(0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/def_reserved_size\x00', 0x402, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x1, 0x1, 0x33, &(0x7f0000000100)='\x00', 0xbb) mmap$auto(0x5, 0x1, 0x2c, 0x13, r2, 0x174c) close_range$auto(0xffffffffffffffff, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(0x3, 0x80000541b, 0xb551) write$auto_proc_reg_file_ops_compat_inode(r3, 0x0, 0x0) r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000400), r0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000440)={'vcan0\x00', 0x0}) sendmsg$auto_IEEE802154_LLSEC_LIST_KEY(r2, &(0x7f00000005c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000480)=ANY=[@ANYBLOB="f0000000", @ANYRES16=r4, @ANYBLOB="000025bd7000ffdbdf25260000000c002d000600000000000000050025000200000005003300fe000000050036000000000084001e0047d5dc86a420f72df6c038db874fb793929ec0d7db8db988895db0af20da2f446504e0bdbff314606f101c78dad4e66fc44ab8fd9088f07dc715355672109ddd665bb833d9176a8ca18b001e881ce436081062dda70dedeb528561332e557507188f0960787c0721d38ce99bbab594705aa6a482f994c8994bcd0e367f2ef1dc08002f00060000000500260008000000060006000200000008000200", @ANYRES32=r5, @ANYBLOB="0400000069705f76746930000000000000000800"], 0xf0}}, 0x20040050) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x45, 0x0, 0x0) 2m46.110834521s ago: executing program 2 (id=210): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.threads\x00', 0x20000, 0x0) utime$auto(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0xa36}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010b27bd7000fbdbdf25058678a509000000", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) setresuid$auto(0x2, 0xffffffffffffffff, 0x200) sendmsg$auto_NL802154_CMD_ASSOCIATE(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002bbd7000fddbdf2528000000050011000700000008000b00a985246406000a000400000024001f0004000000"], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4004080) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xc, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x2, 0x7, 0x5, 0x7}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = socket(0x2, 0x1, 0x0) bind$auto(r5, &(0x7f0000000040)=@isdn={0x22, 0xe, 0x8, 0x8, 0x5}, 0x67) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) rseq$auto(0x0, 0x8000, 0x0, 0x6) geteuid() prctl$auto(0x800003b, 0x1, 0x4, 0x5, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x9, 0x7, 0xa21, 0x13, r3, 0x9) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000022c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r6, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)={&(0x7f0000002300)=ANY=[@ANYBLOB="40240016", @ANYRES16=r7, @ANYBLOB="01002cbd7000fcdbdf25290000002000018014000200766c616e3100000000000000000000000800040001040000"], 0x34}, 0x1, 0x0, 0x0, 0x408d1}, 0x4010) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/156, 0x9c) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) 2m45.953819859s ago: executing program 2 (id=213): read$auto_bdi_debug_stats_fops_(0xffffffffffffffff, &(0x7f0000000140)=""/204, 0xcc) (async) r0 = socket(0x2, 0x6, 0x0) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) migrate_pages$auto(0x1, 0x9, 0x0, &(0x7f0000000840)=0x2) setsockopt$auto(r0, 0x10d, 0x4, 0x0, 0x17) (async) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r0) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="06040000", @ANYRES16=r1, @ANYBLOB="000426bd7000fbdbdf25020000000800010009000000090004006e667364000000000800020001000000"], 0x30}, 0x1, 0x0, 0x0, 0x40080}, 0x2000c000) 2m45.440346755s ago: executing program 2 (id=216): syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4801}, 0x0) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) 2m45.440226487s ago: executing program 32 (id=216): syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4801}, 0x0) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) 4.742622949s ago: executing program 1 (id=1356): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x21, 0x2, 0x2) ioperm$auto(0x8, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x2) socket(0xa, 0x801, 0x106) socketpair$auto(0xfffffffb, 0x69c, 0x623f, &(0x7f0000000000)=0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) mprotect$auto(0xfffffffffffff090, 0x8000000000000001, 0x4) setsockopt$auto(0x4, 0x88, 0x68, &(0x7f0000000000)='!/*:(*\'\x00', 0xe) mmap$auto(0x0, 0x20009, 0x4000000000e3, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev0\x00', 0x169000, 0x0) ioctl$auto(r0, 0x80885659, r0) 4.204505914s ago: executing program 4 (id=1360): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r1, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000002f40)=ANY=[@ANYBLOB="14000000", @ANYBLOB="045626"], 0x14}}, 0x40) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fcdbdf250a0000ff1500000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) 3.847148151s ago: executing program 4 (id=1361): writev$auto(0xe, 0x0, 0x3) r0 = socket(0x15, 0x1, 0x10007f) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0xf, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8000, 0x0) unshare$auto(0x40000080) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r2, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x4, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto_def_blk_fops_fs(r3, 0x5386, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/clear_refs\x00', 0x240641, 0x0) 3.768323563s ago: executing program 1 (id=1362): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) socket(0x2b, 0x1, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fedbdf250300000006000700204c0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c2f7ff0000000a000100aaaaaaaaaa35000000000500bbbbbbbbbbbb000006000600050000002ffd04003d4b0000"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) r2 = socket(0xa, 0x2, 0x88) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf25"], 0x3c}}, 0x22008004) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x6, 0x0) sysfs$auto(0x2, 0x10000000000048, 0x0) r6 = fsopen$auto(0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) open(0x0, 0x12ba7e, 0x45) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0x4010ae67, r6) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x8, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'pim6reg\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000080), 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB="88010000", @ANYRES16=0x0, @ANYBLOB="000829bd7000fddbdf25170000005c00018008000300000000c00800030007000000140002006e696376663000000000000000000000080003000800000008000100", @ANYRES32=0x0, @ANYBLOB='\b\a\x00\x00', @ANYRES32=0x0, @ANYBLOB="140002006e657464657673696d300000000000000800030008000000140001800800030035df000008000100", @ANYRES32=0x0, @ANYBLOB="60000180080003000900000008000100", @ANYRES32=0x0, @ANYBLOB="14000200776731000000000000000000000000001400020073797a5f74756e00000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="1400020070696d7265673000000000000000000008000300010000004c0001800800030008000000080003000400", @ANYRES32=0x0, @ANYBLOB="140002007465616d30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="14000200766c616e3100000000000000000000001c00018008000100", @ANYRESHEX=r0, @ANYBLOB="080003000100000008", @ANYRES32=0x0, @ANYBLOB="3c00018008000100", @ANYRES32=r1, @ANYBLOB="1d0002006d6163766c616e310000000000000000140002006248c023394bda1617319bf9a9617461647630000000000000000003d7000800", @ANYRES32=r8, @ANYBLOB], 0x188}, 0x1, 0x0, 0x0, 0x84}, 0xd0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) mmap$auto(0x0, 0x400008, 0x9, 0x200000000009b7f, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x10, 0x2, 0x6) 3.228780521s ago: executing program 1 (id=1363): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) r0 = fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x400caed0, r0) (fail_nth: 4) 2.799756635s ago: executing program 3 (id=1365): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/misc\x00', 0x10b402, 0x0) pread64$auto(r0, &(0x7f0000000040)='/proc/scsi/sg/devices\x00', 0x100000001, 0x100) r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x52204b}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="020029bd7000fddbdf2502000000080001008e82000008000100f0ffffff08000100080000f90300060004000200040002000c0005000400000000000000080007007f000000b30d8202c2da65816f72dbd5e048e6dbfd8c837860a870b5c727474470c0bdf04dc33c579c10558703ddb8ab2c05209d705c5a4a5e6dee0ea9ad373ee233487023162b9f572ed75a6ce0b2d4d94753483ea84e75a4bd648c99ebc6586b51abd371661f9180dfaf2d497a3881cf8001a2e07ed672d9823dcf45ff0f79f8c8b5ecbdf58ede046e22584ac4b1c1192450916c47cc7c8f22cf6c5ffab528f35209b3c372793a35806482c426b0d8164d762504866fd1fbf4f1ed4f5d89c3469aeac9255a4b834156b7cfe328185d9d59a06b17864cb9c5699b1a289a4e3d9c94a45e950352e7286018d7aaec7ca653ac0253e1fb91c5ca"], 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x880) madvise$auto(0x100000, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) open(&(0x7f0000000300)='./file0\x00', 0x7ffd, 0x12) write$auto(0x3, 0x0, 0x100082) openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/short_retry_limit\x00', 0x0, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) madvise$auto(0x0, 0x200007, 0x19) ioctl$auto_evdev_fops_evdev(r2, 0x8, &(0x7f0000000080)="5f6ed925ed0f5ae9fac58093693a935d1e798dc977284cfdfac160fd82c83058357c2ae2e6f24882fa56f4e6b4bbe7270ed796cd923fd60da80788d579") 2.352317727s ago: executing program 1 (id=1367): openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/comm\x00', 0x2, 0x0) prctl$auto(0x16, 0x1, 0x6, 0xfffffffffffffffe, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) openat$dir(0xffffffffffffff9c, 0x0, 0x40400, 0x48) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) symlink$auto(&(0x7f0000000300)='\\\':.\x00', &(0x7f0000000340)='\xfb\x00') readlink$auto(&(0x7f0000000b00)='\xfb\x00', 0x0, 0x800) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000002680)=0x0) connect$auto(0xffffffffffffffff, &(0x7f00000026c0)=@nfc={0x27, r0, 0x0, 0x1}, 0x2) connect$auto(0xffffffffffffffff, &(0x7f0000000100)=@nfc={0x27, r0, 0x1, 0x7}, 0x9fe8) connect$auto(0x3, 0x0, 0x55) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) prctl$auto(0x23, 0x1, 0x2008, 0x0, 0x0) r1 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c0c5833b1dcff", 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) 2.176879359s ago: executing program 3 (id=1368): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1ff, 0x107, 0x5, 0x6, 0x1ffde, 0x3, 0x7f, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x8, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x80, 0x0, 0x1, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000004, 0x10000000000, 0xb668, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x8, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x7, 0xc567, 0xbb]}, 0x1fe, 0xd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) bind$auto(0xffffffffffffffff, &(0x7f0000000180)=@vsock={0x28, 0x0, 0x2711}, 0x3e) 2.084232398s ago: executing program 3 (id=1369): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r1, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000002f40)=ANY=[@ANYBLOB="14000000", @ANYBLOB="045626"], 0x14}}, 0x40) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fcdbdf250a0000ff150000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) 1.995442192s ago: executing program 3 (id=1370): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x21, 0x2, 0x2) ioperm$auto(0x8, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x2) socket(0xa, 0x801, 0x106) socketpair$auto(0xfffffffb, 0x69c, 0x623f, &(0x7f0000000000)=0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) mprotect$auto(0xfffffffffffff090, 0x8000000000000001, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000e3, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev0\x00', 0x169000, 0x0) ioctl$auto(r0, 0x80885659, r0) 1.864858356s ago: executing program 4 (id=1371): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x21, 0x2, 0x2) ioperm$auto(0x8, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x2) socket(0xa, 0x801, 0x106) socketpair$auto(0xfffffffb, 0x69c, 0x623f, &(0x7f0000000000)=0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x0) mprotect$auto(0xfffffffffffff090, 0x8000000000000001, 0x4) setsockopt$auto(0x4, 0x88, 0x68, &(0x7f0000000000)='!/*:(*\'\x00', 0xe) setsockopt$auto(r0, 0x88, 0x64, &(0x7f0000000080)='\xd1\x01fN\f\xeb\x95\xe8', 0xe) connect$auto(0x5, 0x0, 0x9) socket(0x1d, 0x2, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000e3, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev0\x00', 0x169000, 0x0) ioctl$auto(r1, 0x80885659, r1) 1.410298061s ago: executing program 1 (id=1373): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) statmount$auto(0x0, 0x0, 0x1fe, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) get_mempolicy$auto(0x0, 0x0, 0x81, 0x8, 0x3) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x5) socket(0x2, 0x1, 0x106) recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0) mmap$auto(0x2, 0x2020009, 0x3, 0x12, 0xfffffffffffffffa, 0x4000008000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) socket(0x2b, 0x1, 0x1) select$auto(0x7, 0x0, 0x0, &(0x7f0000000100)={[0xa1f, 0x5, 0x555, 0x0, 0x7fffffffffffffff, 0x5, 0xfffffffffffffffc, 0x9, 0x4, 0x8, 0xfff, 0x6, 0x96f9, 0x4, 0x1, 0x5]}, 0x0) socket(0x11, 0x2, 0x88) r0 = socket(0x2, 0x801, 0x106) io_uring_setup$auto(0x7, &(0x7f0000000000)={0x10000, 0x80, 0xe, 0x8, 0x1fd, 0x4, r0, [0x7fffffff, 0x8, 0x6], {0x5, 0x800000a, 0x200, 0xffffffff, 0x81, 0x1ff, 0x7, 0x8, 0x200}, {0x1136400, 0x72, 0x1800000, 0x4, 0x8, 0x4, 0x3b72, 0x80, 0xffffffffffffffff}}) write$auto(0x3, 0x0, 0x3f00) 1.284783926s ago: executing program 0 (id=1374): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_SERVICE(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="0139dc22ef9822751d7b0b632fc266c8880028bd7000fcdbdf2502000012140001800800058004107d00080000000000e380", @ANYRESOCT=0x0, @ANYBLOB, @ANYRES8=r1], 0x28}, 0x1, 0x0, 0x0, 0x4050}, 0x4000000) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000ffdbdf250400000004001d000400190004000f00d2a74c0a729c2dcdef4e97c92d9b798ff2aadb782a1791740ad764cd49265f6d3fb280be1b334961b41280d30253b1c20b87c6763ddfea7b7577b9bf7629060742dc294c3da397532ff69eb6"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) 1.168042087s ago: executing program 0 (id=1375): r0 = socket(0x10, 0x2, 0x0) (async) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES16=r1, @ANYRESDEC=r0], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) 1.095288964s ago: executing program 3 (id=1376): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) write$auto(0x3, 0x0, 0x3f00) socketpair$auto(0x8, 0x2, 0xfffffff7, &(0x7f0000000000)=0x5) recvmmsg$auto(0x3, 0x0, 0x3, 0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) keyctl$auto(0x10, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x4, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x3, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x200000, 0x702955be, 0x5c, 0x4, 0x9, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x2, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x6, 0x10001, 0x0, 0x8001, @attach_prog_fd, 0x7b, 0x4, 0x1, 0x5, 0x3}, 0x5) 1.012780816s ago: executing program 4 (id=1377): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1ff, 0x107, 0x5, 0x6, 0x1ffde, 0x3, 0x7f, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x8, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0x0, 0x2, 0x0, 0x80, 0x0, 0x1, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffd, 0x2000000000000004, 0x10000000000004, 0x10000000000, 0xb668, 0x4, 0xfffffffffffffe00, 0x0, 0x0, 0x1005, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x8, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x7, 0xc567, 0xbb]}, 0x1fe, 0xd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) bind$auto(0xffffffffffffffff, &(0x7f0000000180)=@vsock={0x28, 0x0, 0x2711}, 0x3e) 968.760596ms ago: executing program 0 (id=1378): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r1, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000002f40)=ANY=[@ANYBLOB="14000000", @ANYBLOB="045626"], 0x14}}, 0x40) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fcdbdf250a0000ff150000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) 968.521537ms ago: executing program 3 (id=1379): mmap$auto(0xfd, 0x2020005, 0x100003, 0xffffffffffffffff, 0xfffffffffffffffa, 0x6) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/gro_flush_timeout\x00', 0x88282, 0x0) sendfile$auto(r1, r1, 0x0, 0x1) connect$auto(r1, &(0x7f0000000040)=@sco, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r2 = socket$nl_generic(0x11, 0x3, 0x10) bind$auto(r2, &(0x7f0000000200)=@generic={0x11, "bc340f00"}, 0x80) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_TIPC_NL_PUBL_GET(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001400)={&(0x7f0000000080)=ANY=[@ANYBLOB="07130000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fddbdf2507000000480009000583bfe1cb935773c502cd1a2b2a9903106148fe0cea1e0f5e9ddea45e502110e421b7947d655180465650c326c6744842eeb6e9815994538fcc1530ad1e9ebdeb656bd85a0007008eeb2d306671f0cfac5ae64e0407abd0e16c1e5870b06f3207d324394abd5378786d5999677f2a857fdd5e6d8d893cc6470e8543c86657ff871e15f752e0423746d360840db681b0289db3ad860302d94e9285ca86a10000520002006479dd8150969cfbf6d666173842c2cb28729f186b22a68ad0d01a94eb28c6026b36357efd21f99313994fddfda5b416e53b2c29f047057484aedd7751d0158304a6984ec8ce4e8e4d6db4cc8ff70000e80000004db8d021c34c9090b6f1dbb53e639bd4166d82122bae71b3ae93ea8c056f957f9d30df43efd93395e863dda2bbc11b00d470efaa1fed6165f6493d918931f6c00af6f15fcf0847274858fbea4afb9e2cad07aa0c4bb4aba6ee01112a8861e344399e172c6c2c9ad3481df941c64265ae04799e02a2e2d941a9ab4ce8ef388d31694426afff9da5315bcb3b82349c645010bc76dbf888145c9cbbd129ba234def4f1326f6407ccc807d7188520c2c5d25696c115facf6a924f948a6ef8be112a1be7364503f3a094a2ae59074730ad9bd5a6f797aaedeb59d8b3625ebcf9535d8c4167529ad000200d345619c941912afddb7ea09a9757d5ca111050dcc9a85f58fc931a8975aa27935d05b898af0af1ecd412eceaf7acde661e051400c8ba8b9c66d1acd9dc14b26aa3d7011e7ace4da41c7acbc627add91c757a8cbac64b3d47616da74967bffbc70ae9f164bf958f77476712f20cfe16008cee8bf5b183dd96c9d5151376a88ba95699d4d63b15e65c8b0307c8de2d25407185025df435362cabf13870391d626119d69358eddf48f0a0000001f000400dd24cfd5c3687a80bdda1498e3ed7f35146917eb267adcdb7d438d0067000700bf8d5ab8fc3e9187c5820f1c28b0f71e82f1adde598b0f170dcccf6ac0892788531efeafd121ccdfb242e106dd3cbba12d77cb11cc7cac259a83e042c2c4b9bf5659486475e2ab98796359a161c510f9aa058ae38f1c3121f086a097bfcf9c65455e4200041008009d1149639ba394e8cd1687be0aaca14cd90769ab9a66ff3c90789d3ad7f4e94ec6768934b44bf315cbfd411974320262c3838f4126735c0df07091fa99b1281938c302c0d7c1bd16473283947185c0ec974bc305e5fd73469bd833cd01e13da8b88963127646aff7c3da6b25b3b3430de9ac75ecfada13b79acf5ff699d4e6eedaa33f68d4b316c76eca74f015812bc926c9448adb81473ff178ce6ab37bf2aab0b902049596d4a486cfbf6701b7308a6764e95ed15c440671293b10c2cf35c60c6a759c1b54620a88ba63ffe1dd42bbabcaf66379f88ccae89b19011c8fd21cda00acc23f3541126385a589de4fbdf8265a02c65b0db7e935e69d844d90967230c0a9e1e9b52dd9b9691cb9fc658cd0587cc7e6eed1c87fb7624c5f822022cb0eeba385b74439449e2c0cb64d86d1a139d01fffb110ec041ad9cadc9f6ac2cb936b1ae9e49fa92c697afa82aab77f694806737c8ebd239d67873e0f3c2b4c2d0665e984510ba8b0b7acbfe0b1db23055575ecdeef070d069f8e86d0d9872a59e85e43f0ebb64bc257b01b594e90485d6009c40e4a35bce5b02e258c2defeec81b7800af129616b0dd3fdc7fc91844a2da2c47e5d6e99eecf5abae03bb6481ef9eee687b34f86de26fa7b8190552dad0be4df7d0b7f97931e04c22dd809eb857538eb876998e61a3b60f15f5dc99d35f840b4c269da3f5ce6c1c82e41b661440084382b3be7990a89714402894659d63429a80320872094bd8693a3d85db18ceb25e5904a18fff404ac92fc80ca8bba6ab50ae673e779a938d03a2ef62e60035fbdb31e410abbbf18ffd69e60dc15b496c2b2bea8649e5076f641df194ff601d7b916a0e1f22a5f1b3ef4649bbde772535701084ea5148382954e797d49b2ae97cdea9a029e21cd904e1a8fb03dbeaeddc77a06a6447c43c32e9abb40a76aa802062ca9bcf074b031733c29712eddb8514de7de6ad85ddb189100cde6107c1fc2b3e3fbd2b86e161c660d162b7fe716b9c13db625647b007b2cf9d51edeb40b474fdb6cc84cec0e8fc553c385eab67df20981894f7e0cd531c8479c971ce438319860fe1bc71477b9d2c83839c4bf17ca5f1a15410038001d1d22402f8c92caacdb7369c876a7d92053b681b1bc896c399a8c2d2fc2e5ae7db64ca4b57dec495a65813ed9c8089fe18338c813f20de278ffea18df2c794f1d82d82b677a4338b0a150c149fb4229e708c1d195620d0b899427758e0e8a25d54ff4fc96adea98511d8f5c8c82496e764360b351da63c63b99cde5bb116e737b3cebd4765c6a77e59f761840a0d742db62d6b556c89e0f28794de5859f3a4b38b5643ffc25e1be2ebfd62cff25536945e49f0bdb9850c1672171c2fc5388c81ef4c31aaeae15859c9e004c719a10a07b8cd28ebe23648a1be380c000140b3701622e169274d74835721472b2a0e91aa92f90443e1b5701eb0606be5cb5b5d3d264c303fe71d3b8f6b0d6dd54d7de5f0a88aec2954d39aebf8c587ee96009c5dde2818e9bad320ea52521e5b615dd210f6f159a7e52b3e48a1f37fb090924ef61a9b17a8e85460e66a12b2600782702b051856161c150775258a481587a900fb08abcaa2f56fef8217f24619e7df28ed2783c85b71258455d6bf3f343f63b723ea06256e1b1edc383eeb80ee066c0777341cb5cb08c00f13a984e1e8cdef14e391d41eff54cca65b83f2a3fe7bffe458a2d29fffdd3a845052fc814d203a8e5fe946e0c559e36e89f51cb84612e212916297483485d4ce34d16a4a680ededd3cf0638133628cb7690388d4dc074d43caa4d9baf45703d28861d507f4b107bf1abb9fd7654aa3b29c5cef1e976cadbc249df8aee73d5989d8a24670c31dfd8597bf46dbda1595870ee9ae910cbc56e899b21b60779421b241836be7163b2fb1ee9470bacb7529ae57cfb0d53c21d80dec239e1eb3f4d9d006d80b67c263878441fe2a1b4ee048bfd52d5c27d080043b053670c7e56b8c33892bd9c5424842c70451f1cf203935bb2aaee9addcb4c961d0567788658efa456c36e07873b59b5de0a5b7d32c703b4b1929b699819cf08e856fafed75202585409efb4a83e61d5c3858f29b09dd87c0962848c44a72b622f396f57cfe6b95472825d377695cfa19c55f20dfadfa2c52272c33ee5475830b94695bb9edbd427f3ffde1e12dcfac00cf20e8d97d5372e5be85c4a4f94ae79c1e64ac5d91ea57b924b4791ee3cff92eac70cfa298c995b353b8a70d8a6427053e65e831bd105d364647f5af924c70c7ffbb948588c408a50a62ca961124ccda43e899b39c80e6475eb83b96a1977f15343853dd06d12f693c1445e0b43f49772dcbea5470227a34b79ab54bbdd01d62192e4e5a81b98b7785dc493526a01a52bef6ab98b54b787e5c1e2d9a3d6e03bf7b6c6e2070b9efe1af7ee8407ff626c763f8fbcdef4177b171a472cb202b9deb96313952e3e410a79d32e51532630f0a84bc204d0d2e62dd9655687c03ad2ad90df9bc63981d48ce8514a6c17ed664714ee214ece76e0a40fbac0e1cbb448a669d69885b0dba649e0231a1e05c2db404a3a1c0e7b6b7d8c338ba0712c434d84786644571b67559e0ae416dc030c6e28a9144b903286d97ca85bd030f1c684263f6a1e61b944ac8c63acf1bd2b7df903a6cd87589dc8b979106df6abf4719e3e795e2bffefe3f3382a34ed6d2024e54a3b32ce73b1b605a080c838408fdb1c5e13773a7c46906a9891d662bc10714b9b614358fc6eea36ccdfaf0c36070555108e72eb0760edefad04d0cf369bc167befe2198b21144989f5b9bae5aaa4077a67c58d144aad38014ddfcecc424b2466a22107f81fbd6f1799d277f7285d742b135c768b408743e98d8b80024431cc0efb30858121f19262b404658c19771a34451705b5415c23ba2469b24590b9acd210d64c56fd7b3340a43dfe7c24c6798aec5c953dc9c43e786eeb807e51857a57cbde7be044dd4cbc820582b8d61c2adfa8e9b12366fe55bfbff7b8ab5885a074d7cd525ad4d9d6c907c41cb049a163e0605b54b1f2dd4f715516cb8364092fb6024c424051e955f858371d6dbaa2fb7d001482cf8004b014aec1b3910f6d24b703461fa565d5c63df0d01315be0e78dcb871a9ba178af748762fc487d4843d2f95f180e24df7f425588888a394013b2cb02836f791f344b3c609ff9b9aeaed7ea733b0e1846c286cb9e794198a13698680d1706179d849e69d751cac1ec877c7e90a070e408cffc146abb91b40b3358c8a679ea5f2dae0731133eda60c0f9de1973d13d3a583d3d52cc8dc7d65bb56976941109e3ae28cdaded62213ae88d5840ea87ce24bf8271b0fc453fd82feaf5464c59ade7961251a4196ac4337ad819c2e8afe9d0bd40895bb6b05d4679c1007114055ad688f3d75cc3865fc0c76556783011b3c68aab512aa0f1edd4898e2773c6791b4f6c64336a799a4dd9e8084850e45cd86f7ed9c7b996bc4c2ae77b088ada52d3b39af9d8d77bfece5cd9d9eb24991e73397a321884e559a84ceee6825c578b07fe08c2b77c9a75f5aa6e355dfe0dd0f7112f24e4cbf498e08994cb0ceb61adb754b8a16b1891f1356219fcc1f9bb56036501c4416e08e397c1d731a80ae18ba7e1d1e86cf0e539e23d7572f246fa3f2c0b93b64d62dcc19984a138a05a725525d81dd8421b4fa951ec98a21f9b870392f5ca9fa26ad55ce4a7023b3e9e08433bd698ee2b4a78fc7982f4f0daa85e947bcd00bc3d91fa623c5bb52e1c6b4344040fa2f8f2cff6db0958e136f20dd5e9753299bd0e1b2cab58ac2860042c4193fe500a72224fe2a8e7062c3efad55b747d5914282c63b29527bfac9602c6fc06834844cad5c7252161d484eeb8856000002141079a45293703586307efe0e9e43da10e615779f19d8fe8dfea46a7107b80268368583aee61419fca16055f363ac9075c306fc0e73da9d75bd03b315d6bf404a11c806819d35d164997b8591457078c14864bb46a5150d015ba3b0712efa07761144df5796f633241384df4da59b84b3feef2adf2c68b383389232395707d6caa94a3d0849141f323211a2ca28d2b208a690979bc901ec13e7eb9cf3e8937449694f285f61ab084b64db9712248e3996b07fd50d0c4d30d559337804c708e5c3cd04bbf5dbeb1651e4aad862eefdd135b576aeb8d4de6412"], 0x1354}}, 0x40001) sched_setaffinity$auto(0xffffffffffffffff, 0x401, &(0x7f0000000f80)=0x4e8c) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x112, 0x0, 0xfffffffffffffffd) sendmmsg$auto(r3, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x20000000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mbind$auto(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x20000000000006, 0x100) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) close_range$auto(r0, r0, 0x6) mount$auto(0x0, 0x0, 0x0, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r4) 905.944239ms ago: executing program 4 (id=1380): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sysfs$auto(0x2, 0x10000000000048, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/netdevsim0/hop_limit\x00', 0x101800, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x80091, 0x0) writev$auto(r2, &(0x7f0000000000)={0x0, 0x710d}, 0x8000000000000001) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/radio20\x00', 0x20800, 0x0) pread64$auto(r1, 0x0, 0x3f, 0x7fff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x40400c5) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) setsockopt$auto(0x3, 0x8000000000000006, 0x1f, 0x0, 0x7ffffc) fanotify_init$auto(0x5, 0x800) mmap$auto(0x3, 0x4020029, 0x6, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x2, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x1, 0x202, 0x0, 0x84, [0x6, 0x2, 0x0, 0x2, 0x0, 0x2000, 0x0, 0xe, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0xfffffffffffbfffe, 0x2000000000000004, 0x10000000000001, 0x10000000000, 0xffffffffffffffff, 0x4, 0xfffffffffffffe00, 0x4, 0x0, 0x5, 0x400000000005b8, 0xffff, 0x4, 0x100, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x3, 0xfffffffffffffffc, 0x2, 0x1, 0x7, 0xc567]}, 0x1fe, 0xd) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc041}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x40000000, 0x800c000}, 0x4) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/udp_port\x00', 0x202, 0x0) sendfile$auto(r3, r0, 0x0, 0x6) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 860.63285ms ago: executing program 0 (id=1381): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) (async) madvise$auto(0x0, 0x8000000000000000, 0x15) (async) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) r0 = bpf$auto(0x303d, 0x0, 0x4) ioperm$auto(0x7, 0x6, 0x2) ustat$auto(0x2, 0x0) (async) mincore$auto(0x0, 0x1, 0x0) (async, rerun: 64) syz_genetlink_get_family_id$auto_ipvs(0x0, r0) (async, rerun: 64) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2a, 0x6, 0x200) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async, rerun: 32) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x8, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) (async, rerun: 32) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) (async) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000052033bf3ebcd3e051141c438f71aa2891054afe048293a82b57893b283d1621f769a49afdea4bada4188989d2b6878b59b2f7dbb675752e8cf92487ef30d07ccff98def888fd6219e872f20dc25ed62a591e3f6b4ccb393ad63bc714f69c34f86d8bfe7cc022e46d90848a7ffd527e964961cb0a205829ee92c829c46130b9de61980b4cb2476b1257897e901b6b35dee4a047e896ce1046732a5af40e467b87d585e942f2e9e912c0c180fb2148734f3d041264669c6b20bbe636ca16ed1e34242bb01ddb30129d9dc584f22370329d733b7003d62f64461fe81604a8", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a0000000800010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) (async, rerun: 32) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fbdbdf2502000000080003f9800040000800030009000000"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) (async, rerun: 32) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (rerun: 64) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0x2, 0x3, 0xa) socket(0x2, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x2, 0x3, 0x1) (async) socket(0x2, 0x801, 0x100) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) (async, rerun: 32) bpf$auto(0x0, 0x0, 0x96) (async, rerun: 32) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) 456.70241ms ago: executing program 4 (id=1382): openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/comm\x00', 0x2, 0x0) prctl$auto(0x16, 0x1, 0x6, 0xfffffffffffffffe, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) openat$dir(0xffffffffffffff9c, 0x0, 0x40400, 0x48) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) symlink$auto(&(0x7f0000000300)='\\\':.\x00', &(0x7f0000000340)='\xfb\x00') readlink$auto(&(0x7f0000000b00)='\xfb\x00', 0x0, 0x800) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000002680)=0x0) connect$auto(0xffffffffffffffff, &(0x7f00000026c0)=@nfc={0x27, r0, 0x0, 0x1}, 0x2) connect$auto(0xffffffffffffffff, &(0x7f0000000100)=@nfc={0x27, r0, 0x1, 0x7}, 0x9fe8) connect$auto(0x3, &(0x7f00000001c0)=@ethernet={0x6, @random="c34a343b9621"}, 0x55) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) rt_sigqueueinfo$auto(0x0, 0x4, 0x0) prctl$auto(0x23, 0x1, 0x2008, 0x0, 0x0) r1 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c0c5833b1dcff", 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) 426.195249ms ago: executing program 0 (id=1383): socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x800000404, 0x8000) r0 = userfaultfd$auto(0x1) statx$auto(r0, 0x0, 0x1000, 0x8, 0x0) keyctl$auto(0x4, 0xffffffffffffffff, 0x5, 0x800, 0xa) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x14, 0x0, 0x56b) 310.452686ms ago: executing program 0 (id=1384): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x21, 0x2, 0x2) ioperm$auto(0x8, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x2) socket(0xa, 0x801, 0x106) socketpair$auto(0xfffffffb, 0x69c, 0x623f, &(0x7f0000000000)=0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socket(0x1d, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000e3, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev0\x00', 0x169000, 0x0) ioctl$auto(r0, 0x80885659, r0) 0s ago: executing program 1 (id=1385): socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x800000404, 0x8000) r0 = userfaultfd$auto(0x1) statx$auto(r0, 0x0, 0x1000, 0x8, 0x0) keyctl$auto(0x4, 0xffffffffffffffff, 0x5, 0x800, 0xa) r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r1, &(0x7f0000000440)="110000001265843a0000000000000000", 0x10) setsockopt$auto(0x400000000000003, 0x29, 0x14, 0x0, 0x56b) kernel console output (not intermixed with test programs): T6567] ? __fget_files+0x40/0x3a0 [ 106.173102][ T6567] ? __fget_files+0x206/0x3a0 [ 106.177805][ T6567] security_file_ioctl+0x9b/0x240 [ 106.182849][ T6567] __x64_sys_ioctl+0xb7/0x200 [ 106.187548][ T6567] do_syscall_64+0xcd/0x250 [ 106.192092][ T6567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.198011][ T6567] RIP: 0033:0x7f9210185d29 [ 106.202436][ T6567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.222063][ T6567] RSP: 002b:00007f9210f5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 106.230504][ T6567] RAX: ffffffffffffffda RBX: 00007f9210376080 RCX: 00007f9210185d29 [ 106.238496][ T6567] RDX: 0000000000000000 RSI: 0000000000009205 RDI: 0000000000000004 [ 106.246491][ T6567] RBP: 00007f9210f5a090 R08: 0000000000000000 R09: 0000000000000000 [ 106.254488][ T6567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 106.262478][ T6567] R13: 0000000000000001 R14: 00007f9210376080 R15: 00007ffc5570c0f8 [ 106.270473][ T6567] [ 106.316432][ T6567] ERROR: Out of memory at tomoyo_realpath_from_path. [ 106.505357][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.1.178'. [ 106.529812][ T6576] netlink: 28 bytes leftover after parsing attributes in process `syz.1.178'. [ 106.577786][ T29] audit: type=1326 audit(1735516388.673:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.3.179" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 106.696407][ T6581] Invalid ELF header magic: != ELF [ 106.782887][ T6581] Invalid ELF header magic: != ELF [ 106.923337][ T6581] Invalid ELF header magic: != ELF [ 107.000356][ T6581] Invalid ELF header magic: != ELF [ 107.020815][ T6581] Invalid ELF header magic: != ELF [ 107.062733][ T6581] Invalid ELF header magic: != ELF [ 107.092100][ T6581] Invalid ELF header magic: != ELF [ 107.117382][ T6581] Invalid ELF header magic: != ELF [ 107.142394][ T6581] Invalid ELF header magic: != ELF [ 107.163025][ T6581] Invalid ELF header magic: != ELF [ 107.183151][ T6581] Invalid ELF header magic: != ELF [ 107.201348][ T6581] Invalid ELF header magic: != ELF [ 107.220697][ T6581] Invalid ELF header magic: != ELF [ 107.243002][ T6581] Invalid ELF header magic: != ELF [ 107.265532][ T6581] Invalid ELF header magic: != ELF [ 107.292658][ T6581] Invalid ELF header magic: != ELF [ 107.304203][ T6581] Invalid ELF header magic: != ELF [ 107.314991][ T6581] Invalid ELF header magic: != ELF [ 107.325112][ T6581] Invalid ELF header magic: != ELF [ 107.336296][ T6581] Invalid ELF header magic: != ELF [ 107.352641][ T6581] Invalid ELF header magic: != ELF [ 107.367935][ T6581] Invalid ELF header magic: != ELF [ 107.388087][ T6581] Invalid ELF header magic: != ELF [ 107.407655][ T6581] Invalid ELF header magic: != ELF [ 107.425015][ T6581] Invalid ELF header magic: != ELF [ 107.445057][ T6581] Invalid ELF header magic: != ELF [ 107.472580][ T6581] Invalid ELF header magic: != ELF [ 107.559544][ T6597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.183'. [ 107.597957][ T6597] netlink: 28 bytes leftover after parsing attributes in process `syz.3.183'. [ 107.642106][ T6603] FAULT_INJECTION: forcing a failure. [ 107.642106][ T6603] name failslab, interval 1, probability 0, space 0, times 0 [ 107.669210][ T6603] CPU: 1 UID: 0 PID: 6603 Comm: syz.0.186 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 107.679853][ T6603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 107.689926][ T6603] Call Trace: [ 107.693218][ T6603] [ 107.696156][ T6603] dump_stack_lvl+0x16c/0x1f0 [ 107.700864][ T6603] should_fail_ex+0x497/0x5b0 [ 107.705564][ T6603] ? fs_reclaim_acquire+0xae/0x150 [ 107.710697][ T6603] should_failslab+0xc2/0x120 [ 107.715399][ T6603] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 107.721231][ T6603] ? __alloc_skb+0x2b3/0x380 [ 107.725833][ T6603] __alloc_skb+0x2b3/0x380 [ 107.730258][ T6603] ? __pfx___alloc_skb+0x10/0x10 [ 107.735202][ T6603] ? lock_acquire+0x2f/0xb0 [ 107.739716][ T6603] netlink_alloc_large_skb+0x69/0x130 [ 107.745093][ T6603] netlink_sendmsg+0x689/0xd70 [ 107.749860][ T6603] ? __pfx_netlink_sendmsg+0x10/0x10 [ 107.755151][ T6603] ____sys_sendmsg+0x9ae/0xb40 [ 107.759919][ T6603] ? copy_msghdr_from_user+0x10b/0x160 [ 107.765385][ T6603] ? __pfx_____sys_sendmsg+0x10/0x10 [ 107.770677][ T6603] ? rcu_is_watching+0x12/0xc0 [ 107.775446][ T6603] ? lock_release+0x4e2/0x6f0 [ 107.780124][ T6603] ? get_pid_task+0xfc/0x250 [ 107.784733][ T6603] ___sys_sendmsg+0x135/0x1e0 [ 107.789417][ T6603] ? get_pid_task+0x35/0x250 [ 107.794014][ T6603] ? __pfx____sys_sendmsg+0x10/0x10 [ 107.799221][ T6603] ? lock_release+0x4e2/0x6f0 [ 107.803901][ T6603] ? __pfx_lock_release+0x10/0x10 [ 107.808923][ T6603] ? trace_lock_acquire+0x14e/0x1f0 [ 107.814131][ T6603] ? __fget_files+0x206/0x3a0 [ 107.818814][ T6603] __sys_sendmsg+0x16e/0x220 [ 107.823428][ T6603] ? __pfx___sys_sendmsg+0x10/0x10 [ 107.828553][ T6603] ? syscall_user_dispatch+0x77/0x140 [ 107.833929][ T6603] ? rcu_is_watching+0x12/0xc0 [ 107.838701][ T6603] do_syscall_64+0xcd/0x250 [ 107.843220][ T6603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.849121][ T6603] RIP: 0033:0x7f3a34785d29 [ 107.853533][ T6603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.873141][ T6603] RSP: 002b:00007f3a35627038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 107.881558][ T6603] RAX: ffffffffffffffda RBX: 00007f3a34975fa0 RCX: 00007f3a34785d29 [ 107.889531][ T6603] RDX: 000000000004c848 RSI: 0000000020000000 RDI: 0000000000000004 [ 107.897499][ T6603] RBP: 00007f3a35627090 R08: 0000000000000000 R09: 0000000000000000 [ 107.905465][ T6603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 107.913433][ T6603] R13: 0000000000000000 R14: 00007f3a34975fa0 R15: 00007ffd56439e78 [ 107.921410][ T6603] [ 108.299643][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.189'. [ 108.489683][ T29] audit: type=1326 audit(1735516390.593:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.3.191" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 110.394169][ T6675] __nla_validate_parse: 8 callbacks suppressed [ 110.394192][ T6675] netlink: 8 bytes leftover after parsing attributes in process `syz.3.211'. [ 110.412536][ T6675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.211'. [ 110.496559][ T6681] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 110.725427][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.747178][ T6685] FAULT_INJECTION: forcing a failure. [ 110.747178][ T6685] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 110.777717][ T6685] CPU: 0 UID: 0 PID: 6685 Comm: syz.3.214 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 110.788361][ T6685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 110.798438][ T6685] Call Trace: [ 110.801745][ T6685] [ 110.804687][ T6685] dump_stack_lvl+0x16c/0x1f0 [ 110.809389][ T6685] should_fail_ex+0x497/0x5b0 [ 110.814092][ T6685] _copy_to_user+0x32/0xd0 [ 110.818540][ T6685] simple_read_from_buffer+0xd0/0x160 [ 110.823933][ T6685] proc_fail_nth_read+0x198/0x270 [ 110.828991][ T6685] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 110.834573][ T6685] ? bpf_lsm_file_permission+0x9/0x10 [ 110.839983][ T6685] ? security_file_permission+0x71/0x210 [ 110.845638][ T6685] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 110.851214][ T6685] vfs_read+0x1df/0xbe0 [ 110.855391][ T6685] ? __fget_files+0x1fc/0x3a0 [ 110.860090][ T6685] ? __pfx___mutex_lock+0x10/0x10 [ 110.865143][ T6685] ? __pfx_vfs_read+0x10/0x10 [ 110.869852][ T6685] ? __fget_files+0x206/0x3a0 [ 110.874557][ T6685] ksys_read+0x12b/0x250 [ 110.878817][ T6685] ? __pfx_ksys_read+0x10/0x10 [ 110.883587][ T6685] ? rcu_is_watching+0x12/0xc0 [ 110.888360][ T6685] ? rcu_is_watching+0x12/0xc0 [ 110.893133][ T6685] do_syscall_64+0xcd/0x250 [ 110.897705][ T6685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.903611][ T6685] RIP: 0033:0x7f921018473c [ 110.908027][ T6685] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 110.927637][ T6685] RSP: 002b:00007f9210f7b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 110.936051][ T6685] RAX: ffffffffffffffda RBX: 00007f9210375fa0 RCX: 00007f921018473c [ 110.944022][ T6685] RDX: 000000000000000f RSI: 00007f9210f7b0a0 RDI: 0000000000000007 [ 110.951996][ T6685] RBP: 00007f9210f7b090 R08: 0000000000000000 R09: 0000000000000000 [ 110.959966][ T6685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.967936][ T6685] R13: 0000000000000000 R14: 00007f9210375fa0 R15: 00007ffc5570c0f8 [ 110.975915][ T6685] [ 110.995838][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.156394][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.187372][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 111.194668][ T5830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 111.202116][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 111.210911][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 111.218697][ T5830] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 111.225993][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 111.234872][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.433166][ T12] bridge_slave_1: left allmulticast mode [ 111.446856][ T12] bridge_slave_1: left promiscuous mode [ 111.452564][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.467488][ T12] bridge_slave_0: left allmulticast mode [ 111.476144][ T12] bridge_slave_0: left promiscuous mode [ 111.482142][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.492062][ T6711] netlink: 28 bytes leftover after parsing attributes in process `syz.1.221'. [ 111.702307][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 111.719686][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 111.738972][ T12] bond0 (unregistering): Released all slaves [ 111.755363][ T6709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.221'. [ 112.027839][ T6699] chnl_net:caif_netlink_parms(): no params data found [ 112.253215][ T12] hsr_slave_0: left promiscuous mode [ 112.337028][ T12] hsr_slave_1: left promiscuous mode [ 112.353351][ T12] veth1_macvtap: left promiscuous mode [ 112.360044][ T12] veth0_macvtap: left promiscuous mode [ 112.365635][ T12] veth1_vlan: left promiscuous mode [ 112.379881][ T12] veth0_vlan: left promiscuous mode [ 112.631649][ T12] team0 (unregistering): Port device team_slave_1 removed [ 112.657598][ T12] team0 (unregistering): Port device team_slave_0 removed [ 113.010395][ T6699] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.046912][ T6699] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.054126][ T6699] bridge_slave_0: entered allmulticast mode [ 113.067091][ T6699] bridge_slave_0: entered promiscuous mode [ 113.082372][ T6699] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.120975][ T6699] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.138208][ T6699] bridge_slave_1: entered allmulticast mode [ 113.159152][ T6699] bridge_slave_1: entered promiscuous mode [ 113.268614][ T5829] Bluetooth: hci2: command tx timeout [ 113.850366][ T6699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 113.888766][ T6699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 114.040025][ T6699] team0: Port device team_slave_0 added [ 114.064265][ T6699] team0: Port device team_slave_1 added [ 114.166425][ T6699] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 114.176782][ T6699] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.231765][ T6699] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 114.307582][ T6699] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 114.314582][ T6699] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.344399][ T6699] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.401555][ T6699] hsr_slave_0: entered promiscuous mode [ 114.410360][ T6699] hsr_slave_1: entered promiscuous mode [ 114.420117][ T6699] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.427925][ T6699] Cannot create hsr debugfs directory [ 114.577481][ T6699] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 114.598850][ T6699] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 114.610447][ T6699] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 114.632443][ T6699] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 114.724268][ T6699] 8021q: adding VLAN 0 to HW filter on device bond0 [ 114.758990][ T6699] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.781656][ T3461] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.788815][ T3461] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.807092][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.814243][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 115.057143][ T6699] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.332318][ T6699] veth0_vlan: entered promiscuous mode [ 115.346859][ T5829] Bluetooth: hci2: command tx timeout [ 115.373601][ T6699] veth1_vlan: entered promiscuous mode [ 115.467606][ T6699] veth0_macvtap: entered promiscuous mode [ 115.476710][ T29] audit: type=1326 audit(1735516397.573:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 115.501144][ T6699] veth1_macvtap: entered promiscuous mode [ 115.528175][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.547374][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.562142][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.573358][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.583843][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.594796][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.607966][ T6699] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.621932][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.634665][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.645126][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.656053][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.666866][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.677926][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.692405][ T6699] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.715161][ T6699] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.725666][ T6699] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.735149][ T6699] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.745572][ T6699] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.799242][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.820741][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.854062][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.866705][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.488368][ T6876] netlink: 8 bytes leftover after parsing attributes in process `syz.4.243'. [ 116.517944][ T6876] netlink: 28 bytes leftover after parsing attributes in process `syz.4.243'. [ 116.529035][ T6879] FAULT_INJECTION: forcing a failure. [ 116.529035][ T6879] name failslab, interval 1, probability 0, space 0, times 0 [ 116.578745][ T6879] CPU: 0 UID: 0 PID: 6879 Comm: syz.1.244 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 116.589394][ T6879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 116.599475][ T6879] Call Trace: [ 116.602775][ T6879] [ 116.605718][ T6879] dump_stack_lvl+0x16c/0x1f0 [ 116.610424][ T6879] should_fail_ex+0x497/0x5b0 [ 116.615127][ T6879] ? fs_reclaim_acquire+0xae/0x150 [ 116.620265][ T6879] should_failslab+0xc2/0x120 [ 116.624973][ T6879] __kmalloc_noprof+0xce/0x4f0 [ 116.629766][ T6879] ? __pfx___mutex_lock+0x10/0x10 [ 116.634818][ T6879] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 116.642137][ T6879] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 116.649283][ T6879] genl_start+0x18e/0x960 [ 116.653638][ T6879] __netlink_dump_start+0x615/0x980 [ 116.658862][ T6879] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 116.664597][ T6879] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 116.670845][ T6879] ? genl_rcv_msg+0x580/0x800 [ 116.675531][ T6879] ? __pfx_genl_get_cmd+0x10/0x10 [ 116.680557][ T6879] ? __pfx_genl_start+0x10/0x10 [ 116.685416][ T6879] ? __pfx_genl_dumpit+0x10/0x10 [ 116.690363][ T6879] ? __pfx_genl_done+0x10/0x10 [ 116.695137][ T6879] ? __dev_queue_xmit+0x89b/0x43e0 [ 116.700253][ T6879] ? __radix_tree_lookup+0x21f/0x2c0 [ 116.705545][ T6879] genl_rcv_msg+0x470/0x800 [ 116.710056][ T6879] ? __pfx_genl_rcv_msg+0x10/0x10 [ 116.715097][ T6879] ? __pfx_tipc_nl_node_dump_monitor_peer+0x10/0x10 [ 116.721695][ T6879] netlink_rcv_skb+0x165/0x410 [ 116.726461][ T6879] ? __pfx_genl_rcv_msg+0x10/0x10 [ 116.731499][ T6879] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 116.736792][ T6879] ? down_read+0xc9/0x330 [ 116.741129][ T6879] ? __pfx_down_read+0x10/0x10 [ 116.745899][ T6879] ? netlink_deliver_tap+0x1ae/0xca0 [ 116.751186][ T6879] genl_rcv+0x28/0x40 [ 116.755170][ T6879] netlink_unicast+0x53c/0x7f0 [ 116.759942][ T6879] ? __pfx_netlink_unicast+0x10/0x10 [ 116.765229][ T6879] ? __phys_addr_symbol+0x30/0x80 [ 116.770261][ T6879] ? __check_object_size+0x488/0x710 [ 116.775557][ T6879] netlink_sendmsg+0x8b8/0xd70 [ 116.780345][ T6879] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.785656][ T6879] ____sys_sendmsg+0x9ae/0xb40 [ 116.790437][ T6879] ? copy_msghdr_from_user+0x10b/0x160 [ 116.795909][ T6879] ? __pfx_____sys_sendmsg+0x10/0x10 [ 116.801204][ T6879] ? rcu_is_watching+0x12/0xc0 [ 116.805978][ T6879] ? lock_release+0x4e2/0x6f0 [ 116.810658][ T6879] ? get_pid_task+0xfc/0x250 [ 116.815258][ T6879] ___sys_sendmsg+0x135/0x1e0 [ 116.819940][ T6879] ? get_pid_task+0x35/0x250 [ 116.824538][ T6879] ? __pfx____sys_sendmsg+0x10/0x10 [ 116.829747][ T6879] ? lock_release+0x4e2/0x6f0 [ 116.834428][ T6879] ? __pfx_lock_release+0x10/0x10 [ 116.839449][ T6879] ? trace_lock_acquire+0x14e/0x1f0 [ 116.844678][ T6879] ? __fget_files+0x206/0x3a0 [ 116.849385][ T6879] __sys_sendmsg+0x16e/0x220 [ 116.853993][ T6879] ? __pfx___sys_sendmsg+0x10/0x10 [ 116.859128][ T6879] ? syscall_user_dispatch+0x77/0x140 [ 116.864504][ T6879] ? rcu_is_watching+0x12/0xc0 [ 116.869277][ T6879] do_syscall_64+0xcd/0x250 [ 116.873789][ T6879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.879689][ T6879] RIP: 0033:0x7fa0e6f85d29 [ 116.884105][ T6879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.903717][ T6879] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 116.912134][ T6879] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 116.920108][ T6879] RDX: 000000000004c848 RSI: 0000000020000000 RDI: 0000000000000004 [ 116.928076][ T6879] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 116.936046][ T6879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.944016][ T6879] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 116.951993][ T6879] [ 116.955051][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.156212][ T6895] netlink: 'syz.1.246': attribute type 1 has an invalid length. [ 117.427238][ T5829] Bluetooth: hci2: command tx timeout [ 117.630768][ T29] audit: type=1326 audit(1735516399.733:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6922 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 119.046437][ T6973] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 119.408098][ T6975] syz.0.260 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 119.506940][ T5829] Bluetooth: hci2: command tx timeout [ 119.805912][ T6995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.271'. [ 119.838089][ T6995] netlink: 28 bytes leftover after parsing attributes in process `syz.1.271'. [ 120.215610][ T7011] vivid-013: ================= START STATUS ================= [ 120.233537][ T7011] vivid-013: Generate PTS: true [ 120.238852][ T7011] vivid-013: Generate SCR: true [ 120.243760][ T7011] tpg source WxH: 640x360 (Y'CbCr) [ 120.256825][ T7011] tpg field: 1 [ 120.266973][ T7011] tpg crop: 640x360@0x0 [ 120.271824][ T7011] tpg compose: 640x360@0x0 [ 120.276271][ T7011] tpg colorspace: 8 [ 120.289067][ T7011] tpg transfer function: 0/0 [ 120.297433][ T7011] tpg Y'CbCr encoding: 0/0 [ 120.301881][ T7011] tpg quantization: 0/0 [ 120.317803][ T7011] tpg RGB range: 0/2 [ 120.321734][ T7011] vivid-013: ================== END STATUS ================== [ 120.849931][ T7028] netlink: 8 bytes leftover after parsing attributes in process `syz.3.270'. [ 120.861313][ T7028] netlink: 28 bytes leftover after parsing attributes in process `syz.3.270'. [ 121.272643][ T29] audit: type=1800 audit(1735516403.373:14): pid=7037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.275" name="discovery_nqn" dev="configfs" ino=12772 res=0 errno=0 [ 121.656064][ T29] audit: type=1326 audit(1735516403.753:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 121.903388][ T29] audit: type=1326 audit(1735516404.003:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7064 comm="syz.3.282" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 123.745510][ T29] audit: type=1326 audit(1735516405.843:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7101 comm="syz.1.295" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 124.000703][ T29] audit: type=1326 audit(1735516406.103:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7105 comm="syz.0.297" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 124.649854][ T7115] netlink: 334 bytes leftover after parsing attributes in process `syz.4.299'. [ 125.484076][ T29] audit: type=1326 audit(1735516407.583:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7150 comm="syz.1.306" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 126.309601][ T29] audit: type=1326 audit(1735516408.413:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.0.309" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 126.740454][ T7176] FAULT_INJECTION: forcing a failure. [ 126.740454][ T7176] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 126.754978][ T7176] CPU: 1 UID: 0 PID: 7176 Comm: syz.4.314 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 126.765617][ T7176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 126.775703][ T7176] Call Trace: [ 126.778996][ T7176] [ 126.781937][ T7176] dump_stack_lvl+0x16c/0x1f0 [ 126.786641][ T7176] should_fail_ex+0x497/0x5b0 [ 126.791346][ T7176] ? fs_reclaim_acquire+0xae/0x150 [ 126.796485][ T7176] should_fail_alloc_page+0xe7/0x130 [ 126.801821][ T7176] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 126.808002][ T7176] __alloc_pages_noprof+0x190/0x25b0 [ 126.813316][ T7176] ? rcu_is_watching+0x12/0xc0 [ 126.818100][ T7176] ? lock_release+0x4e2/0x6f0 [ 126.822806][ T7176] ? rcu_is_watching+0x12/0xc0 [ 126.827600][ T7176] ? page_ext_put+0x3e/0xd0 [ 126.832133][ T7176] ? __pfx_lock_release+0x10/0x10 [ 126.837180][ T7176] ? do_user_addr_fault+0x7a3/0x13f0 [ 126.842488][ T7176] ? exc_page_fault+0x5c/0xc0 [ 126.847193][ T7176] ? page_ext_get+0x34/0x310 [ 126.851826][ T7176] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 126.857573][ T7176] ? lock_release+0x4e2/0x6f0 [ 126.862253][ T7176] ? rcu_is_watching+0x12/0xc0 [ 126.867024][ T7176] ? page_ext_put+0x3e/0xd0 [ 126.871535][ T7176] ? __pfx_lock_release+0x10/0x10 [ 126.876563][ T7176] ? rcu_is_watching+0x12/0xc0 [ 126.881333][ T7176] ? lock_release+0x4e2/0x6f0 [ 126.886011][ T7176] ? is_bpf_text_address+0x8a/0x1a0 [ 126.891222][ T7176] ? __pfx_lock_release+0x10/0x10 [ 126.896250][ T7176] ? trace_lock_acquire+0x14e/0x1f0 [ 126.901457][ T7176] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 126.907356][ T7176] ? policy_nodemask+0xea/0x4e0 [ 126.912217][ T7176] alloc_pages_mpol_noprof+0x2c9/0x610 [ 126.917692][ T7176] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 126.923681][ T7176] ? __kernel_text_address+0xd/0x40 [ 126.928884][ T7176] ? unwind_get_return_address+0x59/0xa0 [ 126.934522][ T7176] ? rcu_is_watching+0x12/0xc0 [ 126.939295][ T7176] folio_alloc_mpol_noprof+0x36/0xd0 [ 126.944587][ T7176] shmem_alloc_folio+0x135/0x160 [ 126.949536][ T7176] shmem_alloc_and_add_folio+0x48b/0xc00 [ 126.955172][ T7176] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 126.961070][ T7176] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 126.967224][ T7176] ? shmem_huge_global_enabled+0x176/0x250 [ 126.973036][ T7176] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 126.978942][ T7176] shmem_get_folio_gfp+0x689/0x1530 [ 126.984146][ T7176] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 126.989790][ T7176] ? filemap_map_pages+0xf92/0x16b0 [ 126.994995][ T7176] shmem_fault+0x200/0xae0 [ 126.999415][ T7176] ? __pfx_shmem_fault+0x10/0x10 [ 127.004355][ T7176] ? rcu_is_watching+0x12/0xc0 [ 127.009127][ T7176] ? lock_release+0x4e2/0x6f0 [ 127.013810][ T7176] ? __pfx_filemap_map_pages+0x10/0x10 [ 127.019289][ T7176] ? do_pte_missing+0xdd7/0x3e00 [ 127.024246][ T7176] ? __pfx_lock_release+0x10/0x10 [ 127.029289][ T7176] __do_fault+0x10a/0x490 [ 127.033715][ T7176] do_pte_missing+0xebd/0x3e00 [ 127.038494][ T7176] __handle_mm_fault+0x103c/0x2a40 [ 127.043623][ T7176] ? __pfx___handle_mm_fault+0x10/0x10 [ 127.049096][ T7176] ? find_vma+0xc0/0x140 [ 127.053340][ T7176] ? __pfx_find_vma+0x10/0x10 [ 127.058021][ T7176] handle_mm_fault+0x3fa/0xaa0 [ 127.062794][ T7176] do_user_addr_fault+0x7a3/0x13f0 [ 127.067917][ T7176] exc_page_fault+0x5c/0xc0 [ 127.072427][ T7176] asm_exc_page_fault+0x26/0x30 [ 127.077288][ T7176] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 127.083111][ T7176] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 127.102731][ T7176] RSP: 0018:ffffc900043dfc60 EFLAGS: 00050202 [ 127.108803][ T7176] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000f [ 127.116777][ T7176] RDX: fffff5200087bf98 RSI: 0000000000000000 RDI: ffffc900043dfcb0 [ 127.124747][ T7176] RBP: 000000000000000f R08: 0000000000000001 R09: fffff5200087bf97 [ 127.132715][ T7176] R10: ffffc900043dfcbe R11: 0000000000000000 R12: 0000000000000000 [ 127.140689][ T7176] R13: ffffc900043dfcb0 R14: 0000000000000000 R15: ffff88805f74c048 [ 127.148670][ T7176] _copy_from_user+0x9a/0xd0 [ 127.153279][ T7176] comm_write+0xc4/0x2d0 [ 127.157531][ T7176] ? __pfx_comm_write+0x10/0x10 [ 127.162394][ T7176] ? lock_acquire+0x2f/0xb0 [ 127.166897][ T7176] ? ksys_write+0x12b/0x250 [ 127.171406][ T7176] ? __pfx_comm_write+0x10/0x10 [ 127.176266][ T7176] vfs_write+0x24c/0x1150 [ 127.180603][ T7176] ? __fget_files+0x1fc/0x3a0 [ 127.185287][ T7176] ? __pfx___mutex_lock+0x10/0x10 [ 127.190320][ T7176] ? __pfx_vfs_write+0x10/0x10 [ 127.195094][ T7176] ? __fget_files+0x206/0x3a0 [ 127.199786][ T7176] ksys_write+0x12b/0x250 [ 127.204128][ T7176] ? __pfx_ksys_write+0x10/0x10 [ 127.208992][ T7176] ? rcu_is_watching+0x12/0xc0 [ 127.213765][ T7176] ? rcu_is_watching+0x12/0xc0 [ 127.218536][ T7176] do_syscall_64+0xcd/0x250 [ 127.223047][ T7176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.228947][ T7176] RIP: 0033:0x7fcb1e585d29 [ 127.233363][ T7176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.252973][ T7176] RSP: 002b:00007fcb1f419038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 127.261390][ T7176] RAX: ffffffffffffffda RBX: 00007fcb1e775fa0 RCX: 00007fcb1e585d29 [ 127.269364][ T7176] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 127.277406][ T7176] RBP: 00007fcb1f419090 R08: 0000000000000000 R09: 0000000000000000 [ 127.285379][ T7176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.293349][ T7176] R13: 0000000000000000 R14: 00007fcb1e775fa0 R15: 00007ffe431e1798 [ 127.301327][ T7176] [ 127.449187][ T7184] netlink: 8 bytes leftover after parsing attributes in process `syz.4.315'. [ 127.472934][ T7180] netlink: 28 bytes leftover after parsing attributes in process `syz.4.315'. [ 127.519217][ T29] audit: type=1326 audit(1735516409.623:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.3.318" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 128.520652][ T7219] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 128.648686][ T29] audit: type=1326 audit(1735516410.753:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7221 comm="syz.1.325" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 129.170011][ T7240] netlink: 'syz.4.326': attribute type 1 has an invalid length. [ 130.691699][ T7313] netlink: 'syz.1.335': attribute type 1 has an invalid length. [ 130.879325][ T7326] netlink: 8 bytes leftover after parsing attributes in process `syz.1.336'. [ 130.906010][ T7326] netlink: 28 bytes leftover after parsing attributes in process `syz.1.336'. [ 131.223934][ T29] audit: type=1326 audit(1735516413.323:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7338 comm="syz.1.337" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 131.616789][ T29] audit: type=1326 audit(1735516413.703:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7355 comm=636F6E7469672D7A6F6E65730A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 133.057364][ T7406] netlink: 8 bytes leftover after parsing attributes in process `syz.1.349'. [ 133.069747][ T7406] netlink: 28 bytes leftover after parsing attributes in process `syz.1.349'. [ 133.162334][ T29] audit: type=1326 audit(1735516415.263:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.1.350" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 133.188954][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.195540][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.427160][ T29] audit: type=1326 audit(1735516415.523:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm=636F6E7469672D7A6F6E65730A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 134.088442][ T7437] netlink: 28 bytes leftover after parsing attributes in process `syz.1.362'. [ 134.538569][ T29] audit: type=1326 audit(1735516416.633:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7455 comm="syz.3.369" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 134.584809][ T29] audit: type=1326 audit(1735516416.683:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.0.370" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 135.071028][ T29] audit: type=1326 audit(1735516417.173:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7464 comm="syz.1.372" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 135.397720][ T29] audit: type=1326 audit(1735516417.503:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.4.381" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 136.251826][ T29] audit: type=1326 audit(1735516418.353:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.1.386" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 136.270048][ T7483] netlink: 8 bytes leftover after parsing attributes in process `syz.4.377'. [ 136.289728][ T7483] netlink: 28 bytes leftover after parsing attributes in process `syz.4.377'. [ 137.143151][ T7502] netlink: 8 bytes leftover after parsing attributes in process `syz.1.383'. [ 137.169835][ T7502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.383'. [ 137.316801][ T29] audit: type=1326 audit(1735516419.413:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.4.387" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 138.323930][ T29] audit: type=1326 audit(1735516420.423:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7527 comm="syz.1.392" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 138.515228][ T7536] delete_channel: no stack [ 139.017994][ T7546] netlink: 'syz.0.399': attribute type 1 has an invalid length. [ 139.224604][ T29] audit: type=1326 audit(1735516421.323:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7551 comm="syz.1.401" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 140.320244][ T29] audit: type=1326 audit(1735516422.423:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7574 comm="syz.3.409" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 140.998828][ T7578] netlink: 'syz.1.410': attribute type 1 has an invalid length. [ 141.134075][ T29] audit: type=1326 audit(1735516423.233:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7585 comm="syz.0.414" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 141.290393][ T7591] netlink: 'syz.1.416': attribute type 1 has an invalid length. [ 141.368013][ T7594] netlink: 'syz.3.417': attribute type 1 has an invalid length. [ 141.662844][ T7597] zswap: compressor not available [ 141.730026][ T7597] netlink: 'syz.1.418': attribute type 2 has an invalid length. [ 141.746893][ T7597] netlink: 674 bytes leftover after parsing attributes in process `syz.1.418'. [ 141.841915][ T29] audit: type=1326 audit(1735516423.943:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7607 comm="syz.1.420" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 142.627923][ T7621] netlink: 'syz.3.426': attribute type 1 has an invalid length. [ 142.892871][ T29] audit: type=1326 audit(1735516424.993:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.429" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 142.914959][ T7635] capability: warning: `syz.3.428' uses 32-bit capabilities (legacy support in use) [ 144.558545][ T29] audit: type=1326 audit(1735516426.663:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7658 comm="syz.3.435" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 145.887708][ T7671] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 145.905444][ T7671] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 145.936702][ T7671] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 146.002213][ T7671] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 146.042348][ T7671] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 146.089852][ T7671] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 146.720436][ T7697] netlink: 8 bytes leftover after parsing attributes in process `syz.3.447'. [ 146.745415][ T7703] netlink: 28 bytes leftover after parsing attributes in process `syz.3.447'. [ 146.908279][ T7684] zswap: compressor not available [ 146.993421][ T7684] netlink: 'syz.4.443': attribute type 2 has an invalid length. [ 147.004868][ T7684] netlink: 674 bytes leftover after parsing attributes in process `syz.4.443'. [ 147.427173][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 147.907131][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 147.986908][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 148.066873][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 148.696073][ T7751] Line length is too long: Should be less than 4094 [ 148.767611][ T7751] Line length is too long: Should be less than 4094 [ 148.789408][ T7751] netlink: 338 bytes leftover after parsing attributes in process `syz.1.464'. [ 148.821870][ T7751] Line length is too long: Should be less than 4094 [ 149.917095][ T29] audit: type=1326 audit(1735516432.013:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 150.093515][ T29] audit: type=1326 audit(1735516432.193:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7781 comm="syz.4.471" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 150.146951][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 150.939861][ T7790] netlink: 'syz.1.473': attribute type 1 has an invalid length. [ 152.147368][ T7809] Process accounting resumed [ 152.227199][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 152.638566][ T29] audit: type=1326 audit(1735516434.743:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7820 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 153.652954][ T29] audit: type=1326 audit(1735516435.753:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7829 comm="syz.3.483" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 156.107687][ T29] audit: type=1326 audit(1735516438.193:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 156.878892][ T29] audit: type=1326 audit(1735516438.983:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7876 comm="syz.4.497" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 157.519065][ T7893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.501'. [ 157.592202][ T7893] netlink: 28 bytes leftover after parsing attributes in process `syz.1.501'. [ 159.378417][ T7921] netlink: 8 bytes leftover after parsing attributes in process `syz.3.510'. [ 159.406830][ T7921] netlink: 28 bytes leftover after parsing attributes in process `syz.3.510'. [ 159.556631][ T7927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.513'. [ 159.609395][ T7927] hsr_slave_0 (unregistering): left promiscuous mode [ 160.791693][ T29] audit: type=1326 audit(1735516442.893:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.3.521" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 161.828073][ T29] audit: type=1326 audit(1735516443.933:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7967 comm="syz.1.524" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 163.012569][ T29] audit: type=1326 audit(1735516445.113:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.531" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 163.808362][ T29] audit: type=1326 audit(1735516445.913:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8014 comm="syz.0.537" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 163.925134][ T8019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.538'. [ 163.953452][ T8019] netlink: 28 bytes leftover after parsing attributes in process `syz.1.538'. [ 165.343011][ T29] audit: type=1326 audit(1735516447.443:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8044 comm=636F6E7469672D7A6F6E65730A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 165.370323][ T8047] netlink: 'syz.4.545': attribute type 1 has an invalid length. [ 165.533020][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.4.548'. [ 165.551686][ T8049] netlink: 28 bytes leftover after parsing attributes in process `syz.4.548'. [ 166.161030][ T8070] netlink: 'syz.0.556': attribute type 1 has an invalid length. [ 166.441834][ T8079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.558'. [ 166.458973][ T8079] netlink: 28 bytes leftover after parsing attributes in process `syz.1.558'. [ 166.698836][ T8092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.561'. [ 167.451249][ T8109] netlink: 'syz.3.567': attribute type 1 has an invalid length. [ 167.678620][ T8115] netlink: 8 bytes leftover after parsing attributes in process `syz.3.569'. [ 167.698872][ T8115] netlink: 28 bytes leftover after parsing attributes in process `syz.3.569'. [ 168.558860][ T8132] binder: 8131:8132 ioctl 40044900 800000000000003 returned -22 [ 168.980348][ T29] audit: type=1326 audit(1735516451.083:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8147 comm="syz.3.578" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 170.311206][ T8166] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 170.903893][ T29] audit: type=1326 audit(1735516453.003:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8177 comm="syz.0.587" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 171.166912][ T29] audit: type=1326 audit(1735516453.263:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.1.589" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 171.451629][ T8191] netlink: 'syz.3.592': attribute type 1 has an invalid length. [ 171.842475][ T29] audit: type=1326 audit(1735516453.943:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8199 comm=636F6E7469672D7A6F6E65730A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 171.979140][ T8205] netlink: 8 bytes leftover after parsing attributes in process `syz.0.597'. [ 171.998371][ T8205] netlink: 28 bytes leftover after parsing attributes in process `syz.0.597'. [ 172.065789][ T29] audit: type=1326 audit(1735516454.163:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8206 comm="syz.1.598" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 172.398956][ T8216] netlink: 'syz.4.601': attribute type 1 has an invalid length. [ 172.656174][ T29] audit: type=1326 audit(1735516454.753:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8228 comm="syz.0.606" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 172.695228][ T8231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.607'. [ 172.713213][ T8231] netlink: 28 bytes leftover after parsing attributes in process `syz.4.607'. [ 172.852623][ T8240] netlink: 'syz.4.610': attribute type 1 has an invalid length. [ 173.386642][ T8252] netlink: 330 bytes leftover after parsing attributes in process `syz.4.613'. [ 173.723017][ T8264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.617'. [ 173.733193][ T8264] netlink: 28 bytes leftover after parsing attributes in process `syz.3.617'. [ 173.856894][ T29] audit: type=1326 audit(1735516455.953:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8271 comm="syz.1.620" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 173.894305][ T8273] netlink: 'syz.3.619': attribute type 1 has an invalid length. [ 173.905086][ T29] audit: type=1326 audit(1735516456.003:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz.0.622" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 174.156392][ T29] audit: type=1326 audit(1735516456.253:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.3.625" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 174.212595][ T8292] bridge0: port 3(vlan1) entered blocking state [ 174.219098][ T8292] bridge0: port 3(vlan1) entered disabled state [ 174.225609][ T8292] vlan1: entered allmulticast mode [ 174.232601][ T8292] veth0_vlan: entered allmulticast mode [ 174.241147][ T8292] vlan1: entered promiscuous mode [ 174.252616][ T8292] bridge0: port 3(vlan1) entered blocking state [ 174.258991][ T8292] bridge0: port 3(vlan1) entered forwarding state [ 174.747717][ T8309] netlink: 'syz.1.631': attribute type 1 has an invalid length. [ 175.361727][ T29] audit: type=1326 audit(1735516457.463:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8335 comm="syz.3.641" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 175.923155][ T8357] netlink: 'syz.4.648': attribute type 1 has an invalid length. [ 176.502448][ T8375] netlink: 8 bytes leftover after parsing attributes in process `syz.1.655'. [ 176.544694][ T8375] netlink: 28 bytes leftover after parsing attributes in process `syz.1.655'. [ 177.046818][ T29] audit: type=1326 audit(1735516459.143:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm=636F6E7469672D7A6F6E65730A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 177.106877][ T29] audit: type=1326 audit(1735516459.203:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8384 comm="syz.0.658" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 177.326514][ T29] audit: type=1326 audit(1735516459.413:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8390 comm=636F6E7469672D7A6F6E65730A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 177.932129][ T8401] netlink: 8 bytes leftover after parsing attributes in process `syz.3.664'. [ 177.962118][ T8401] netlink: 28 bytes leftover after parsing attributes in process `syz.3.664'. [ 178.778427][ T8418] netlink: 28 bytes leftover after parsing attributes in process `syz.0.668'. [ 179.197105][ T29] audit: type=1326 audit(1735516461.293:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8431 comm="syz.0.673" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 179.405988][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.1.674'. [ 181.090070][ T29] audit: type=1326 audit(1735516463.193:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8477 comm="syz.1.686" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 181.498207][ T29] audit: type=1326 audit(1735516463.603:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8480 comm="syz.4.687" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 181.554919][ T8483] FAULT_INJECTION: forcing a failure. [ 181.554919][ T8483] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 181.615939][ T8483] CPU: 0 UID: 0 PID: 8483 Comm: syz.4.687 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 181.626586][ T8483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 181.636683][ T8483] Call Trace: [ 181.639982][ T8483] [ 181.642931][ T8483] dump_stack_lvl+0x16c/0x1f0 [ 181.647642][ T8483] should_fail_ex+0x497/0x5b0 [ 181.652348][ T8483] ? fs_reclaim_acquire+0xae/0x150 [ 181.657490][ T8483] should_fail_alloc_page+0xe7/0x130 [ 181.662819][ T8483] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 181.669004][ T8483] ? rcu_is_watching+0x12/0xc0 [ 181.673821][ T8483] __alloc_pages_noprof+0x190/0x25b0 [ 181.679142][ T8483] ? trace_lock_acquire+0x14e/0x1f0 [ 181.684360][ T8483] ? kasan_save_stack+0x33/0x60 [ 181.689221][ T8483] ? ima_match_policy+0x134/0x2290 [ 181.694346][ T8483] ? lock_acquire+0x2f/0xb0 [ 181.698861][ T8483] ? ima_match_policy+0x134/0x2290 [ 181.704000][ T8483] ? ima_match_policy+0x85f/0x2290 [ 181.709131][ T8483] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 181.714870][ T8483] ? lock_release+0x4e2/0x6f0 [ 181.719549][ T8483] ? process_measurement+0x521/0x2370 [ 181.724927][ T8483] ? __pfx_lock_release+0x10/0x10 [ 181.729964][ T8483] ? lock_acquire+0x2f/0xb0 [ 181.734478][ T8483] ? process_measurement+0x39c/0x2370 [ 181.739868][ T8483] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 181.745773][ T8483] ? policy_nodemask+0xea/0x4e0 [ 181.750642][ T8483] alloc_pages_mpol_noprof+0x2c9/0x610 [ 181.756134][ T8483] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 181.762147][ T8483] ? process_measurement+0x1e8/0x2370 [ 181.767536][ T8483] pte_alloc_one+0x20/0x390 [ 181.772047][ T8483] __pte_alloc+0x6e/0x3b0 [ 181.776382][ T8483] ? __pfx___pte_alloc+0x10/0x10 [ 181.781329][ T8483] do_pte_missing+0x2810/0x3e00 [ 181.786189][ T8483] ? mt_find+0x366/0xa20 [ 181.790442][ T8483] ? __pfx_lock_release+0x10/0x10 [ 181.795467][ T8483] __handle_mm_fault+0x103c/0x2a40 [ 181.800683][ T8483] ? __pfx___handle_mm_fault+0x10/0x10 [ 181.806155][ T8483] ? find_vma+0xc0/0x140 [ 181.810400][ T8483] ? __pfx_find_vma+0x10/0x10 [ 181.815086][ T8483] handle_mm_fault+0x3fa/0xaa0 [ 181.819863][ T8483] do_user_addr_fault+0x7a3/0x13f0 [ 181.824982][ T8483] exc_page_fault+0x5c/0xc0 [ 181.829494][ T8483] asm_exc_page_fault+0x26/0x30 [ 181.834354][ T8483] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 181.840176][ T8483] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 181.859792][ T8483] RSP: 0018:ffffc90002f97c60 EFLAGS: 00050202 [ 181.865880][ T8483] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000f [ 181.873864][ T8483] RDX: fffff520005f2f98 RSI: 0000000000000000 RDI: ffffc90002f97cb0 [ 181.881843][ T8483] RBP: 000000000000000f R08: 0000000000000001 R09: fffff520005f2f97 [ 181.889814][ T8483] R10: ffffc90002f97cbe R11: 0000000000000000 R12: 0000000000000000 [ 181.897783][ T8483] R13: ffffc90002f97cb0 R14: 0000000000000000 R15: ffff88805f74dad8 [ 181.905764][ T8483] _copy_from_user+0x9a/0xd0 [ 181.910371][ T8483] comm_write+0xc4/0x2d0 [ 181.914627][ T8483] ? __pfx_comm_write+0x10/0x10 [ 181.919490][ T8483] ? lock_acquire+0x2f/0xb0 [ 181.923994][ T8483] ? ksys_write+0x12b/0x250 [ 181.928503][ T8483] ? __pfx_comm_write+0x10/0x10 [ 181.933364][ T8483] vfs_write+0x24c/0x1150 [ 181.937697][ T8483] ? __fget_files+0x1fc/0x3a0 [ 181.942385][ T8483] ? __pfx___mutex_lock+0x10/0x10 [ 181.947415][ T8483] ? __pfx_vfs_write+0x10/0x10 [ 181.952184][ T8483] ? __fget_files+0x206/0x3a0 [ 181.956898][ T8483] ksys_write+0x12b/0x250 [ 181.961230][ T8483] ? __pfx_ksys_write+0x10/0x10 [ 181.966085][ T8483] ? rcu_is_watching+0x12/0xc0 [ 181.970855][ T8483] ? rcu_is_watching+0x12/0xc0 [ 181.975624][ T8483] do_syscall_64+0xcd/0x250 [ 181.980133][ T8483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.986048][ T8483] RIP: 0033:0x7fcb1e585d29 [ 181.990476][ T8483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.010090][ T8483] RSP: 002b:00007fcb1f3f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 182.018511][ T8483] RAX: ffffffffffffffda RBX: 00007fcb1e776080 RCX: 00007fcb1e585d29 [ 182.026481][ T8483] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 182.034451][ T8483] RBP: 00007fcb1f3f8090 R08: 0000000000000000 R09: 0000000000000000 [ 182.042419][ T8483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.050404][ T8483] R13: 0000000000000000 R14: 00007fcb1e776080 R15: 00007ffe431e1798 [ 182.058394][ T8483] [ 183.540937][ T8525] syz_tun: tun_chr_ioctl cmd 1074025681 [ 185.663411][ T8583] netlink: 'syz.4.718': attribute type 1 has an invalid length. [ 186.376642][ T8604] FAULT_INJECTION: forcing a failure. [ 186.376642][ T8604] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.556799][ T8604] CPU: 0 UID: 0 PID: 8604 Comm: syz.1.723 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 186.567443][ T8604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 186.577528][ T8604] Call Trace: [ 186.580818][ T8604] [ 186.583761][ T8604] dump_stack_lvl+0x16c/0x1f0 [ 186.588466][ T8604] should_fail_ex+0x497/0x5b0 [ 186.593160][ T8604] _copy_from_user+0x2e/0xd0 [ 186.597761][ T8604] __sys_bpf+0x215/0x57a0 [ 186.602095][ T8604] ? __pfx_lock_release+0x10/0x10 [ 186.607121][ T8604] ? __pfx___sys_bpf+0x10/0x10 [ 186.611885][ T8604] ? vfs_write+0x306/0x1150 [ 186.616395][ T8604] ? __mutex_unlock_slowpath+0x164/0x690 [ 186.622044][ T8604] ? fput+0x67/0x440 [ 186.625946][ T8604] ? ksys_write+0x1ba/0x250 [ 186.630466][ T8604] ? __pfx_ksys_write+0x10/0x10 [ 186.635329][ T8604] __x64_sys_bpf+0x78/0xc0 [ 186.639749][ T8604] do_syscall_64+0xcd/0x250 [ 186.644258][ T8604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.650159][ T8604] RIP: 0033:0x7fa0e6f85d29 [ 186.654577][ T8604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.674185][ T8604] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 186.682603][ T8604] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 186.690575][ T8604] RDX: 0000000000000005 RSI: 0000000020000080 RDI: 0000000000000003 [ 186.698567][ T8604] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 186.706536][ T8604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.714504][ T8604] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 186.722480][ T8604] [ 188.228078][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.732'. [ 188.357826][ T8635] netlink: 28 bytes leftover after parsing attributes in process `syz.1.732'. [ 188.888035][ T8656] netlink: 28 bytes leftover after parsing attributes in process `syz.3.738'. [ 188.993954][ T8660] FAULT_INJECTION: forcing a failure. [ 188.993954][ T8660] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.020861][ T8660] CPU: 0 UID: 0 PID: 8660 Comm: syz.3.741 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 189.031505][ T8660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 189.041581][ T8660] Call Trace: [ 189.044870][ T8660] [ 189.047817][ T8660] dump_stack_lvl+0x16c/0x1f0 [ 189.052521][ T8660] should_fail_ex+0x497/0x5b0 [ 189.057226][ T8660] _copy_from_user+0x2e/0xd0 [ 189.061841][ T8660] copy_msghdr_from_user+0x99/0x160 [ 189.067073][ T8660] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 189.072912][ T8660] ? _kstrtoull+0x146/0x200 [ 189.077432][ T8660] ? __pfx__kstrtoull+0x10/0x10 [ 189.082301][ T8660] ? lock_release+0x4e2/0x6f0 [ 189.087008][ T8660] ___sys_sendmsg+0xff/0x1e0 [ 189.091637][ T8660] ? __pfx____sys_sendmsg+0x10/0x10 [ 189.096864][ T8660] ? __pfx_kstrtouint+0x10/0x10 [ 189.101744][ T8660] ? trace_lock_acquire+0x14e/0x1f0 [ 189.106981][ T8660] __sys_sendmmsg+0x201/0x420 [ 189.111692][ T8660] ? __pfx___sys_sendmmsg+0x10/0x10 [ 189.116921][ T8660] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 189.122933][ T8660] ? fput+0x67/0x440 [ 189.126854][ T8660] ? ksys_write+0x1ba/0x250 [ 189.131381][ T8660] ? __pfx_ksys_write+0x10/0x10 [ 189.136252][ T8660] __x64_sys_sendmmsg+0x9c/0x100 [ 189.141217][ T8660] do_syscall_64+0xcd/0x250 [ 189.145739][ T8660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.151657][ T8660] RIP: 0033:0x7f9210185d29 [ 189.156084][ T8660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.175711][ T8660] RSP: 002b:00007f9210f7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 189.184146][ T8660] RAX: ffffffffffffffda RBX: 00007f9210375fa0 RCX: 00007f9210185d29 [ 189.192138][ T8660] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 189.200127][ T8660] RBP: 00007f9210f7b090 R08: 0000000000000000 R09: 0000000000000000 [ 189.208115][ T8660] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 189.216099][ T8660] R13: 0000000000000000 R14: 00007f9210375fa0 R15: 00007ffc5570c0f8 [ 189.224101][ T8660] [ 189.769799][ T8678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.745'. [ 189.821352][ T8684] netlink: 28 bytes leftover after parsing attributes in process `syz.0.745'. [ 190.427480][ T8693] netlink: 28 bytes leftover after parsing attributes in process `syz.4.749'. [ 192.381011][ T8739] netlink: 28 bytes leftover after parsing attributes in process `syz.4.761'. [ 193.918295][ T8770] netlink: 28 bytes leftover after parsing attributes in process `syz.0.771'. [ 194.638105][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.644507][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.010682][ T8797] FAULT_INJECTION: forcing a failure. [ 195.010682][ T8797] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 195.048101][ T8797] CPU: 0 UID: 0 PID: 8797 Comm: syz.0.779 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 195.058757][ T8797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 195.068834][ T8797] Call Trace: [ 195.072127][ T8797] [ 195.075067][ T8797] dump_stack_lvl+0x16c/0x1f0 [ 195.079776][ T8797] should_fail_ex+0x497/0x5b0 [ 195.084478][ T8797] _copy_from_user+0x2e/0xd0 [ 195.089096][ T8797] __sys_bpf+0x4266/0x57a0 [ 195.093535][ T8797] ? __pfx___sys_bpf+0x10/0x10 [ 195.098318][ T8797] ? vfs_write+0x306/0x1150 [ 195.102849][ T8797] ? __mutex_unlock_slowpath+0x164/0x690 [ 195.108518][ T8797] ? fput+0x67/0x440 [ 195.112442][ T8797] ? ksys_write+0x1ba/0x250 [ 195.116967][ T8797] ? __pfx_ksys_write+0x10/0x10 [ 195.121843][ T8797] __x64_sys_bpf+0x78/0xc0 [ 195.126289][ T8797] do_syscall_64+0xcd/0x250 [ 195.130817][ T8797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.136737][ T8797] RIP: 0033:0x7f3a34785d29 [ 195.141166][ T8797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.160795][ T8797] RSP: 002b:00007f3a35627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 195.169231][ T8797] RAX: ffffffffffffffda RBX: 00007f3a34975fa0 RCX: 00007f3a34785d29 [ 195.177221][ T8797] RDX: 0000000000000005 RSI: 0000000020000080 RDI: 0000000000000003 [ 195.185215][ T8797] RBP: 00007f3a35627090 R08: 0000000000000000 R09: 0000000000000000 [ 195.193207][ T8797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 195.201193][ T8797] R13: 0000000000000000 R14: 00007f3a34975fa0 R15: 00007ffd56439e78 [ 195.209193][ T8797] [ 195.334614][ T8803] netlink: 28 bytes leftover after parsing attributes in process `syz.4.780'. [ 195.391272][ T8803] hsr_slave_0 (unregistering): left promiscuous mode [ 195.561227][ T29] audit: type=1326 audit(1735516477.663:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 195.666129][ T8819] FAULT_INJECTION: forcing a failure. [ 195.666129][ T8819] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 195.683200][ T8819] CPU: 1 UID: 0 PID: 8819 Comm: syz.3.786 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 195.693849][ T8819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 195.703924][ T8819] Call Trace: [ 195.707216][ T8819] [ 195.710159][ T8819] dump_stack_lvl+0x16c/0x1f0 [ 195.714864][ T8819] should_fail_ex+0x497/0x5b0 [ 195.719571][ T8819] _copy_from_user+0x2e/0xd0 [ 195.724195][ T8819] ____sys_sendmsg+0x56e/0xb40 [ 195.728990][ T8819] ? __pfx_____sys_sendmsg+0x10/0x10 [ 195.734313][ T8819] ? _kstrtoull+0x146/0x200 [ 195.738844][ T8819] ? __pfx__kstrtoull+0x10/0x10 [ 195.743721][ T8819] ? lock_release+0x4e2/0x6f0 [ 195.748428][ T8819] ___sys_sendmsg+0x135/0x1e0 [ 195.753142][ T8819] ? __pfx____sys_sendmsg+0x10/0x10 [ 195.758375][ T8819] ? __pfx_kstrtouint+0x10/0x10 [ 195.763261][ T8819] ? trace_lock_acquire+0x14e/0x1f0 [ 195.768505][ T8819] __sys_sendmmsg+0x201/0x420 [ 195.773225][ T8819] ? __pfx___sys_sendmmsg+0x10/0x10 [ 195.778471][ T8819] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 195.784489][ T8819] ? fput+0x67/0x440 [ 195.788413][ T8819] ? ksys_write+0x1ba/0x250 [ 195.792924][ T8819] ? __pfx_ksys_write+0x10/0x10 [ 195.797781][ T8819] __x64_sys_sendmmsg+0x9c/0x100 [ 195.802728][ T8819] do_syscall_64+0xcd/0x250 [ 195.807239][ T8819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.813145][ T8819] RIP: 0033:0x7f9210185d29 [ 195.817558][ T8819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.837167][ T8819] RSP: 002b:00007f9210f7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 195.845584][ T8819] RAX: ffffffffffffffda RBX: 00007f9210375fa0 RCX: 00007f9210185d29 [ 195.853557][ T8819] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 195.861532][ T8819] RBP: 00007f9210f7b090 R08: 0000000000000000 R09: 0000000000000000 [ 195.869502][ T8819] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 195.877475][ T8819] R13: 0000000000000000 R14: 00007f9210375fa0 R15: 00007ffc5570c0f8 [ 195.885453][ T8819] [ 197.539763][ T8867] FAULT_INJECTION: forcing a failure. [ 197.539763][ T8867] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 197.567268][ T8870] FAULT_INJECTION: forcing a failure. [ 197.567268][ T8870] name failslab, interval 1, probability 0, space 0, times 0 [ 197.613901][ T8867] CPU: 0 UID: 0 PID: 8867 Comm: syz.3.801 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 197.624545][ T8867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 197.634622][ T8867] Call Trace: [ 197.637918][ T8867] [ 197.640854][ T8867] dump_stack_lvl+0x16c/0x1f0 [ 197.645542][ T8867] should_fail_ex+0x497/0x5b0 [ 197.650239][ T8867] ? fs_reclaim_acquire+0xae/0x150 [ 197.655380][ T8867] should_fail_alloc_page+0xe7/0x130 [ 197.660708][ T8867] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 197.666934][ T8867] __alloc_pages_noprof+0x190/0x25b0 [ 197.672245][ T8867] ? rcu_is_watching+0x12/0xc0 [ 197.677023][ T8867] ? lock_release+0x4e2/0x6f0 [ 197.681720][ T8867] ? process_measurement+0x521/0x2370 [ 197.687124][ T8867] ? __pfx_lock_release+0x10/0x10 [ 197.692179][ T8867] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 197.697935][ T8867] ? down_write+0x14e/0x200 [ 197.702454][ T8867] ? up_write+0x1b2/0x520 [ 197.706797][ T8867] ? process_measurement+0x1e8/0x2370 [ 197.712173][ T8867] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 197.718068][ T8867] ? policy_nodemask+0xea/0x4e0 [ 197.722930][ T8867] alloc_pages_mpol_noprof+0x2c9/0x610 [ 197.728402][ T8867] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 197.734393][ T8867] ? lock_acquire+0x2f/0xb0 [ 197.738899][ T8867] ? is_bpf_text_address+0x30/0x1a0 [ 197.744105][ T8867] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 197.750273][ T8867] pte_alloc_one+0x20/0x390 [ 197.754784][ T8867] do_pte_missing+0x1ae7/0x3e00 [ 197.759650][ T8867] __handle_mm_fault+0x103c/0x2a40 [ 197.764774][ T8867] ? __pfx___handle_mm_fault+0x10/0x10 [ 197.770255][ T8867] ? find_vma+0xc0/0x140 [ 197.774499][ T8867] ? __pfx_find_vma+0x10/0x10 [ 197.779194][ T8867] handle_mm_fault+0x3fa/0xaa0 [ 197.783971][ T8867] do_user_addr_fault+0x7a3/0x13f0 [ 197.789089][ T8867] exc_page_fault+0x5c/0xc0 [ 197.793619][ T8867] asm_exc_page_fault+0x26/0x30 [ 197.798492][ T8867] RIP: 0010:rep_movs_alternative+0x13/0x70 [ 197.804318][ T8867] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f [ 197.823929][ T8867] RSP: 0018:ffffc9000411fca0 EFLAGS: 00050202 [ 197.830001][ T8867] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 197.837972][ T8867] RDX: ffffed10058c7dd4 RSI: 0000000000000000 RDI: ffff88802c63eea0 [ 197.845942][ T8867] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed10058c7dd4 [ 197.853913][ T8867] R10: 0000000000000003 R11: 00000000000a2001 R12: 0000000000000000 [ 197.861897][ T8867] R13: ffff88802c63eea0 R14: ffff88802c63eea0 R15: ffff88807ac8c380 [ 197.869893][ T8867] _copy_from_user+0x9a/0xd0 [ 197.874501][ T8867] __sys_bpf+0x4266/0x57a0 [ 197.878925][ T8867] ? __pfx___sys_bpf+0x10/0x10 [ 197.883690][ T8867] ? vfs_write+0x306/0x1150 [ 197.888202][ T8867] ? __mutex_unlock_slowpath+0x164/0x690 [ 197.893854][ T8867] ? fput+0x67/0x440 [ 197.897760][ T8867] ? ksys_write+0x1ba/0x250 [ 197.902269][ T8867] ? __pfx_ksys_write+0x10/0x10 [ 197.907125][ T8867] __x64_sys_bpf+0x78/0xc0 [ 197.911545][ T8867] do_syscall_64+0xcd/0x250 [ 197.916058][ T8867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.921956][ T8867] RIP: 0033:0x7f9210185d29 [ 197.926371][ T8867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.945979][ T8867] RSP: 002b:00007f9210f7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 197.954395][ T8867] RAX: ffffffffffffffda RBX: 00007f9210375fa0 RCX: 00007f9210185d29 [ 197.962365][ T8867] RDX: 0000000000000005 RSI: 0000000020000080 RDI: 0000000000000003 [ 197.970333][ T8867] RBP: 00007f9210f7b090 R08: 0000000000000000 R09: 0000000000000000 [ 197.978300][ T8867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 197.986285][ T8867] R13: 0000000000000000 R14: 00007f9210375fa0 R15: 00007ffc5570c0f8 [ 197.994277][ T8867] [ 198.027340][ T8870] CPU: 0 UID: 0 PID: 8870 Comm: syz.1.803 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 198.037987][ T8870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 198.048068][ T8870] Call Trace: [ 198.051364][ T8870] [ 198.054311][ T8870] dump_stack_lvl+0x16c/0x1f0 [ 198.059037][ T8870] should_fail_ex+0x497/0x5b0 [ 198.063743][ T8870] ? fs_reclaim_acquire+0xae/0x150 [ 198.068884][ T8870] should_failslab+0xc2/0x120 [ 198.073590][ T8870] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 198.079422][ T8870] ? kasan_save_stack+0x42/0x60 [ 198.084297][ T8870] ? kasan_save_stack+0x33/0x60 [ 198.089170][ T8870] ? __alloc_skb+0x2b3/0x380 [ 198.093788][ T8870] __alloc_skb+0x2b3/0x380 [ 198.098234][ T8870] ? __pfx___alloc_skb+0x10/0x10 [ 198.103203][ T8870] alloc_skb_with_frags+0xe4/0x850 [ 198.108346][ T8870] ? lock_release+0x4e2/0x6f0 [ 198.113037][ T8870] ? process_measurement+0x521/0x2370 [ 198.118433][ T8870] ? __pfx_lock_release+0x10/0x10 [ 198.123475][ T8870] sock_alloc_send_pskb+0x7f1/0x980 [ 198.128696][ T8870] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 198.134181][ T8870] ? rcu_is_watching+0x12/0xc0 [ 198.138969][ T8870] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 198.144717][ T8870] ? dev_get_by_index+0x37/0x380 [ 198.149680][ T8870] ? lock_acquire+0x2f/0xb0 [ 198.154201][ T8870] ? sock_cmsg_send+0x1a0/0x280 [ 198.159077][ T8870] packet_sendmsg+0x1f70/0x5660 [ 198.163955][ T8870] ? rcu_is_watching+0x12/0xc0 [ 198.168746][ T8870] ? lock_release+0x4e2/0x6f0 [ 198.173442][ T8870] ? is_bpf_text_address+0x8a/0x1a0 [ 198.178670][ T8870] ? rcu_is_watching+0x12/0xc0 [ 198.183458][ T8870] ? __pfx___might_resched+0x10/0x10 [ 198.188766][ T8870] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 198.194689][ T8870] ? __pfx_packet_sendmsg+0x10/0x10 [ 198.199916][ T8870] ? aa_umount+0x140/0x6e0 [ 198.204362][ T8870] ? __might_fault+0xe3/0x190 [ 198.209072][ T8870] ? __might_fault+0xe3/0x190 [ 198.213784][ T8870] ____sys_sendmsg+0x9ae/0xb40 [ 198.218568][ T8870] ? __pfx_____sys_sendmsg+0x10/0x10 [ 198.223877][ T8870] ? _kstrtoull+0x146/0x200 [ 198.228401][ T8870] ? __pfx__kstrtoull+0x10/0x10 [ 198.233277][ T8870] ? lock_release+0x4e2/0x6f0 [ 198.237979][ T8870] ___sys_sendmsg+0x135/0x1e0 [ 198.242695][ T8870] ? __pfx____sys_sendmsg+0x10/0x10 [ 198.247925][ T8870] ? __pfx_kstrtouint+0x10/0x10 [ 198.252799][ T8870] ? trace_lock_acquire+0x14e/0x1f0 [ 198.258030][ T8870] __sys_sendmmsg+0x201/0x420 [ 198.262741][ T8870] ? __pfx___sys_sendmmsg+0x10/0x10 [ 198.267961][ T8870] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 198.273955][ T8870] ? fput+0x67/0x440 [ 198.277859][ T8870] ? ksys_write+0x1ba/0x250 [ 198.282365][ T8870] ? __pfx_ksys_write+0x10/0x10 [ 198.287223][ T8870] __x64_sys_sendmmsg+0x9c/0x100 [ 198.292171][ T8870] do_syscall_64+0xcd/0x250 [ 198.296687][ T8870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.302590][ T8870] RIP: 0033:0x7fa0e6f85d29 [ 198.307013][ T8870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.326630][ T8870] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 198.335047][ T8870] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 198.343016][ T8870] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 198.350985][ T8870] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 198.358954][ T8870] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 198.366923][ T8870] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 198.374898][ T8870] [ 199.781866][ T8894] program syz.0.810 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.831988][ T8894] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 200.088290][ T29] audit: type=1326 audit(1735516482.183:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.4.811" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 200.380191][ T8903] netlink: 28 bytes leftover after parsing attributes in process `syz.1.813'. [ 200.498756][ T8903] hsr_slave_0 (unregistering): left promiscuous mode [ 203.240948][ T8970] netlink: 8 bytes leftover after parsing attributes in process `syz.1.832'. [ 204.470231][ T29] audit: type=1326 audit(1735516486.563:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8996 comm="syz.0.840" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 206.040400][ T9041] FAULT_INJECTION: forcing a failure. [ 206.040400][ T9041] name failslab, interval 1, probability 0, space 0, times 0 [ 206.088197][ T9041] CPU: 0 UID: 0 PID: 9041 Comm: syz.1.855 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 206.098847][ T9041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 206.108927][ T9041] Call Trace: [ 206.112224][ T9041] [ 206.115177][ T9041] dump_stack_lvl+0x16c/0x1f0 [ 206.119885][ T9041] should_fail_ex+0x497/0x5b0 [ 206.124592][ T9041] ? fs_reclaim_acquire+0xae/0x150 [ 206.129730][ T9041] should_failslab+0xc2/0x120 [ 206.134449][ T9041] __kmalloc_noprof+0xce/0x4f0 [ 206.139244][ T9041] ? tomoyo_realpath_from_path+0xbf/0x710 [ 206.145001][ T9041] tomoyo_realpath_from_path+0xbf/0x710 [ 206.150585][ T9041] ? tomoyo_path_number_perm+0x235/0x5b0 [ 206.156264][ T9041] tomoyo_path_number_perm+0x248/0x5b0 [ 206.161768][ T9041] ? tomoyo_path_number_perm+0x235/0x5b0 [ 206.167457][ T9041] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 206.173478][ T9041] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 206.179155][ T9041] ? preempt_count_add+0x76/0x150 [ 206.184241][ T9041] security_file_ioctl+0x9b/0x240 [ 206.189303][ T9041] __x64_sys_ioctl+0xb7/0x200 [ 206.194017][ T9041] do_syscall_64+0xcd/0x250 [ 206.198561][ T9041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.204491][ T9041] RIP: 0033:0x7fa0e6f85d29 [ 206.208932][ T9041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.228568][ T9041] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 206.237011][ T9041] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 206.245010][ T9041] RDX: 0000000000000008 RSI: 0000000000008941 RDI: 0000000000000001 [ 206.253005][ T9041] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 206.261001][ T9041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 206.269003][ T9041] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 206.277005][ T9041] [ 206.326865][ T9041] ERROR: Out of memory at tomoyo_realpath_from_path. [ 206.486847][ T29] audit: type=1326 audit(1735516488.583:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9047 comm="syz.1.858" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 207.399125][ T9078] netlink: 28 bytes leftover after parsing attributes in process `syz.1.866'. [ 207.879635][ T29] audit: type=1326 audit(1735516489.983:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz.3.874" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 208.121661][ T29] audit: type=1326 audit(1735516490.223:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.4.876" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 208.307198][ T9113] netlink: 28 bytes leftover after parsing attributes in process `syz.1.877'. [ 208.537976][ T9118] FAULT_INJECTION: forcing a failure. [ 208.537976][ T9118] name failslab, interval 1, probability 0, space 0, times 0 [ 208.556908][ T9118] CPU: 0 UID: 0 PID: 9118 Comm: syz.1.879 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 208.567546][ T9118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 208.577622][ T9118] Call Trace: [ 208.580912][ T9118] [ 208.583854][ T9118] dump_stack_lvl+0x16c/0x1f0 [ 208.588557][ T9118] should_fail_ex+0x497/0x5b0 [ 208.593256][ T9118] ? fs_reclaim_acquire+0xae/0x150 [ 208.598385][ T9118] should_failslab+0xc2/0x120 [ 208.603088][ T9118] __kmalloc_noprof+0xce/0x4f0 [ 208.607877][ T9118] ? tomoyo_encode2+0x100/0x3e0 [ 208.612753][ T9118] tomoyo_encode2+0x100/0x3e0 [ 208.617461][ T9118] tomoyo_realpath_from_path+0x1a7/0x710 [ 208.623121][ T9118] ? tomoyo_path_number_perm+0x235/0x5b0 [ 208.628785][ T9118] tomoyo_path_number_perm+0x248/0x5b0 [ 208.634273][ T9118] ? tomoyo_path_number_perm+0x235/0x5b0 [ 208.639936][ T9118] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 208.645943][ T9118] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 208.651609][ T9118] ? preempt_count_add+0x76/0x150 [ 208.656679][ T9118] security_file_ioctl+0x9b/0x240 [ 208.661717][ T9118] __x64_sys_ioctl+0xb7/0x200 [ 208.666426][ T9118] do_syscall_64+0xcd/0x250 [ 208.670955][ T9118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.676869][ T9118] RIP: 0033:0x7fa0e6f85d29 [ 208.681298][ T9118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.700935][ T9118] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 208.709377][ T9118] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 208.717368][ T9118] RDX: 0000000000000008 RSI: 0000000000008941 RDI: 0000000000000001 [ 208.725352][ T9118] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 208.733340][ T9118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.741331][ T9118] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 208.749327][ T9118] [ 208.776465][ T9118] ERROR: Out of memory at tomoyo_realpath_from_path. [ 208.959087][ T9129] netlink: 8 bytes leftover after parsing attributes in process `syz.1.882'. [ 209.296321][ T29] audit: type=1326 audit(1735516491.393:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.4.889" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 209.604356][ T9162] netlink: 8 bytes leftover after parsing attributes in process `syz.3.894'. [ 210.401116][ T9187] scsi_strcpy_devinfo: vendor string ';íÙ/&cŒÀ' is too long [ 210.494748][ T9189] netlink: 28 bytes leftover after parsing attributes in process `syz.1.905'. [ 210.497836][ T9194] FAULT_INJECTION: forcing a failure. [ 210.497836][ T9194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 210.518331][ T9194] CPU: 0 UID: 0 PID: 9194 Comm: syz.3.907 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 210.528965][ T9194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 210.539042][ T9194] Call Trace: [ 210.542370][ T9194] [ 210.545311][ T9194] dump_stack_lvl+0x16c/0x1f0 [ 210.550018][ T9194] should_fail_ex+0x497/0x5b0 [ 210.554725][ T9194] _copy_from_user+0x2e/0xd0 [ 210.559343][ T9194] br_dev_read_uargs+0x149/0x3b0 [ 210.564310][ T9194] ? __pfx_br_dev_read_uargs+0x10/0x10 [ 210.569793][ T9194] ? trace_contention_end+0xee/0x140 [ 210.575102][ T9194] br_ioctl_stub+0x112/0x8b0 [ 210.579724][ T9194] ? __pfx_br_ioctl_stub+0x10/0x10 [ 210.584864][ T9194] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 210.589916][ T9194] ? __pfx_br_ioctl_stub+0x10/0x10 [ 210.595054][ T9194] br_ioctl_call+0x62/0xb0 [ 210.599493][ T9194] sock_ioctl+0x36a/0x6c0 [ 210.603848][ T9194] ? __pfx_sock_ioctl+0x10/0x10 [ 210.608724][ T9194] ? __pfx_sock_ioctl+0x10/0x10 [ 210.613595][ T9194] __x64_sys_ioctl+0x190/0x200 [ 210.618381][ T9194] do_syscall_64+0xcd/0x250 [ 210.622910][ T9194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.628829][ T9194] RIP: 0033:0x7f9210185d29 [ 210.633261][ T9194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.652891][ T9194] RSP: 002b:00007f9210f7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 210.661330][ T9194] RAX: ffffffffffffffda RBX: 00007f9210375fa0 RCX: 00007f9210185d29 [ 210.669326][ T9194] RDX: 0000000000000008 RSI: 0000000000008941 RDI: 0000000000000001 [ 210.677315][ T9194] RBP: 00007f9210f7b090 R08: 0000000000000000 R09: 0000000000000000 [ 210.685306][ T9194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 210.693293][ T9194] R13: 0000000000000000 R14: 00007f9210375fa0 R15: 00007ffc5570c0f8 [ 210.701289][ T9194] [ 210.822686][ T29] audit: type=1326 audit(1735516492.923:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.1.909" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 212.808873][ T9254] netlink: 28 bytes leftover after parsing attributes in process `syz.3.924'. [ 213.563120][ T9285] FAULT_INJECTION: forcing a failure. [ 213.563120][ T9285] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 213.577036][ T9285] CPU: 1 UID: 0 PID: 9285 Comm: syz.3.935 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 213.587667][ T9285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 213.597744][ T9285] Call Trace: [ 213.601036][ T9285] [ 213.603991][ T9285] dump_stack_lvl+0x16c/0x1f0 [ 213.608701][ T9285] should_fail_ex+0x497/0x5b0 [ 213.613406][ T9285] _copy_from_user+0x2e/0xd0 [ 213.618027][ T9285] copy_msghdr_from_user+0x99/0x160 [ 213.623261][ T9285] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 213.629101][ T9285] ? _kstrtoull+0x146/0x200 [ 213.633625][ T9285] ? __pfx__kstrtoull+0x10/0x10 [ 213.638499][ T9285] ? lock_release+0x4e2/0x6f0 [ 213.643196][ T9285] ___sys_sendmsg+0xff/0x1e0 [ 213.647816][ T9285] ? __pfx____sys_sendmsg+0x10/0x10 [ 213.653054][ T9285] ? __pfx_kstrtouint+0x10/0x10 [ 213.657984][ T9285] ? trace_lock_acquire+0x14e/0x1f0 [ 213.663221][ T9285] __sys_sendmmsg+0x201/0x420 [ 213.667930][ T9285] ? __pfx___sys_sendmmsg+0x10/0x10 [ 213.673160][ T9285] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 213.679172][ T9285] ? fput+0x67/0x440 [ 213.683099][ T9285] ? ksys_write+0x1ba/0x250 [ 213.687623][ T9285] ? __pfx_ksys_write+0x10/0x10 [ 213.692496][ T9285] __x64_sys_sendmmsg+0x9c/0x100 [ 213.697464][ T9285] do_syscall_64+0xcd/0x250 [ 213.701996][ T9285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.707920][ T9285] RIP: 0033:0x7f9210185d29 [ 213.712349][ T9285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.731986][ T9285] RSP: 002b:00007f9210f7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 213.740429][ T9285] RAX: ffffffffffffffda RBX: 00007f9210375fa0 RCX: 00007f9210185d29 [ 213.748424][ T9285] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 213.756418][ T9285] RBP: 00007f9210f7b090 R08: 0000000000000000 R09: 0000000000000000 [ 213.764416][ T9285] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 213.772412][ T9285] R13: 0000000000000000 R14: 00007f9210375fa0 R15: 00007ffc5570c0f8 [ 213.780412][ T9285] [ 213.783455][ C1] vkms_vblank_simulate: vblank timer overrun [ 214.159315][ T9293] futex_wake_op: syz.1.937 tries to shift op by 64; fix this program [ 214.526501][ T29] audit: type=1326 audit(1735516496.623:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm=6175746F0A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 216.646285][ T9361] FAULT_INJECTION: forcing a failure. [ 216.646285][ T9361] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 216.706898][ T9361] CPU: 1 UID: 0 PID: 9361 Comm: syz.1.958 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 216.717541][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 216.727617][ T9361] Call Trace: [ 216.730910][ T9361] [ 216.733854][ T9361] dump_stack_lvl+0x16c/0x1f0 [ 216.738561][ T9361] should_fail_ex+0x497/0x5b0 [ 216.743264][ T9361] _copy_from_user+0x2e/0xd0 [ 216.747880][ T9361] move_addr_to_kernel+0x68/0x160 [ 216.752927][ T9361] __copy_msghdr+0x386/0x470 [ 216.757546][ T9361] copy_msghdr_from_user+0xc2/0x160 [ 216.762769][ T9361] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 216.768603][ T9361] ? _kstrtoull+0x146/0x200 [ 216.773110][ T9361] ? __pfx__kstrtoull+0x10/0x10 [ 216.777961][ T9361] ? lock_release+0x4e2/0x6f0 [ 216.782640][ T9361] ___sys_sendmsg+0xff/0x1e0 [ 216.787246][ T9361] ? __pfx____sys_sendmsg+0x10/0x10 [ 216.792453][ T9361] ? __pfx_kstrtouint+0x10/0x10 [ 216.797320][ T9361] ? trace_lock_acquire+0x14e/0x1f0 [ 216.802577][ T9361] __sys_sendmmsg+0x201/0x420 [ 216.807277][ T9361] ? __pfx___sys_sendmmsg+0x10/0x10 [ 216.812497][ T9361] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 216.818501][ T9361] ? fput+0x67/0x440 [ 216.822410][ T9361] ? ksys_write+0x1ba/0x250 [ 216.826921][ T9361] ? __pfx_ksys_write+0x10/0x10 [ 216.831786][ T9361] __x64_sys_sendmmsg+0x9c/0x100 [ 216.836744][ T9361] do_syscall_64+0xcd/0x250 [ 216.841261][ T9361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.847160][ T9361] RIP: 0033:0x7fa0e6f85d29 [ 216.851574][ T9361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.871192][ T9361] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 216.879610][ T9361] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 216.887585][ T9361] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 216.895554][ T9361] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 216.903524][ T9361] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 216.911495][ T9361] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 216.919474][ T9361] [ 217.438269][ T9370] netlink: 342 bytes leftover after parsing attributes in process `syz.0.961'. [ 217.997322][ T9378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.963'. [ 218.048134][ T9378] netlink: 28 bytes leftover after parsing attributes in process `syz.3.963'. [ 218.218473][ T29] audit: type=1326 audit(1735516500.323:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.0.968" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 218.283246][ T9385] netlink: 'syz.3.966': attribute type 2 has an invalid length. [ 218.301267][ T9385] netlink: 674 bytes leftover after parsing attributes in process `syz.3.966'. [ 218.751708][ T9407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.975'. [ 218.783986][ T9407] netlink: 28 bytes leftover after parsing attributes in process `syz.3.975'. [ 219.642334][ T9432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.984'. [ 219.688577][ T9432] netlink: 28 bytes leftover after parsing attributes in process `syz.1.984'. [ 220.258760][ T29] audit: type=1326 audit(1735516502.363:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9440 comm="syz.4.987" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 221.417615][ T9458] netlink: 342 bytes leftover after parsing attributes in process `syz.3.993'. [ 222.936938][ T29] audit: type=1326 audit(1735516505.023:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9489 comm="syz.0.1003" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 225.049169][ T29] audit: type=1326 audit(1735516507.153:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9521 comm="syz.4.1014" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 225.822382][ T9534] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1018'. [ 225.866784][ T29] audit: type=1326 audit(1735516507.953:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.1.1018" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 226.741876][ T9547] FAULT_INJECTION: forcing a failure. [ 226.741876][ T9547] name failslab, interval 1, probability 0, space 0, times 0 [ 226.765586][ T9547] CPU: 0 UID: 0 PID: 9547 Comm: syz.1.1022 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 226.776322][ T9547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 226.786408][ T9547] Call Trace: [ 226.789709][ T9547] [ 226.792660][ T9547] dump_stack_lvl+0x16c/0x1f0 [ 226.797367][ T9547] should_fail_ex+0x497/0x5b0 [ 226.802077][ T9547] ? fs_reclaim_acquire+0xae/0x150 [ 226.807233][ T9547] should_failslab+0xc2/0x120 [ 226.811953][ T9547] __kmalloc_noprof+0xce/0x4f0 [ 226.816834][ T9547] ? tomoyo_realpath_from_path+0xbf/0x710 [ 226.822585][ T9547] tomoyo_realpath_from_path+0xbf/0x710 [ 226.828156][ T9547] ? tomoyo_path_number_perm+0x235/0x5b0 [ 226.833822][ T9547] tomoyo_path_number_perm+0x248/0x5b0 [ 226.839322][ T9547] ? tomoyo_path_number_perm+0x235/0x5b0 [ 226.845001][ T9547] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 226.851022][ T9547] ? rcu_is_watching+0x12/0xc0 [ 226.855825][ T9547] ? preempt_count_add+0x76/0x150 [ 226.860892][ T9547] ? __pfx_lock_release+0x10/0x10 [ 226.865922][ T9547] ? trace_lock_acquire+0x14e/0x1f0 [ 226.871130][ T9547] ? __fget_files+0x40/0x3a0 [ 226.875725][ T9547] ? lock_acquire+0x2f/0xb0 [ 226.880235][ T9547] ? __fget_files+0x40/0x3a0 [ 226.884834][ T9547] ? __fget_files+0x206/0x3a0 [ 226.889521][ T9547] security_file_ioctl+0x9b/0x240 [ 226.894547][ T9547] __x64_sys_ioctl+0xb7/0x200 [ 226.899230][ T9547] do_syscall_64+0xcd/0x250 [ 226.903741][ T9547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.909642][ T9547] RIP: 0033:0x7fa0e6f85d29 [ 226.914054][ T9547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.933664][ T9547] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 226.942081][ T9547] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 226.950055][ T9547] RDX: 0000000000000005 RSI: 00000000400caed0 RDI: 0000000000000003 [ 226.958025][ T9547] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 226.965992][ T9547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 226.973963][ T9547] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 226.981942][ T9547] [ 227.106827][ T9547] ERROR: Out of memory at tomoyo_realpath_from_path. [ 227.973854][ T29] audit: type=1326 audit(1735516510.073:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9562 comm="syz.1.1027" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 228.368462][ T9566] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1028'. [ 228.390800][ T9568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1029'. [ 228.791850][ T9575] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1033'. [ 229.567076][ T9590] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1035'. [ 230.105026][ T9603] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1039'. [ 231.606377][ T9641] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1050'. [ 231.869411][ T9648] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1052'. [ 233.384130][ T9596] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 234.527314][ T9678] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1061'. [ 234.866996][ T29] audit: type=1326 audit(1735516516.953:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.3.1063" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 235.879745][ T9699] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1068'. [ 237.040607][ T9716] netlink: 130 bytes leftover after parsing attributes in process `syz.4.1073'. [ 237.634915][ T9736] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1080'. [ 238.564575][ T9759] FAULT_INJECTION: forcing a failure. [ 238.564575][ T9759] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 238.577823][ T9759] CPU: 1 UID: 0 PID: 9759 Comm: syz.4.1088 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 238.588523][ T9759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 238.598608][ T9759] Call Trace: [ 238.601899][ T9759] [ 238.604838][ T9759] dump_stack_lvl+0x16c/0x1f0 [ 238.609540][ T9759] should_fail_ex+0x497/0x5b0 [ 238.614246][ T9759] _copy_from_user+0x2e/0xd0 [ 238.618876][ T9759] move_addr_to_kernel+0x68/0x160 [ 238.623924][ T9759] __copy_msghdr+0x386/0x470 [ 238.628556][ T9759] copy_msghdr_from_user+0xc2/0x160 [ 238.633786][ T9759] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 238.639621][ T9759] ? _kstrtoull+0x146/0x200 [ 238.644126][ T9759] ? __pfx__kstrtoull+0x10/0x10 [ 238.648973][ T9759] ? lock_release+0x4e2/0x6f0 [ 238.653653][ T9759] ___sys_sendmsg+0xff/0x1e0 [ 238.658252][ T9759] ? __pfx____sys_sendmsg+0x10/0x10 [ 238.663453][ T9759] ? __pfx_kstrtouint+0x10/0x10 [ 238.668304][ T9759] ? trace_lock_acquire+0x14e/0x1f0 [ 238.673508][ T9759] __sys_sendmmsg+0x201/0x420 [ 238.678189][ T9759] ? __pfx___sys_sendmmsg+0x10/0x10 [ 238.683394][ T9759] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 238.689381][ T9759] ? fput+0x67/0x440 [ 238.693280][ T9759] ? ksys_write+0x1ba/0x250 [ 238.697784][ T9759] ? __pfx_ksys_write+0x10/0x10 [ 238.702633][ T9759] __x64_sys_sendmmsg+0x9c/0x100 [ 238.707589][ T9759] do_syscall_64+0xcd/0x250 [ 238.712092][ T9759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.717990][ T9759] RIP: 0033:0x7fcb1e585d29 [ 238.722397][ T9759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.742000][ T9759] RSP: 002b:00007fcb1f419038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 238.750410][ T9759] RAX: ffffffffffffffda RBX: 00007fcb1e775fa0 RCX: 00007fcb1e585d29 [ 238.758378][ T9759] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 238.766345][ T9759] RBP: 00007fcb1f419090 R08: 0000000000000000 R09: 0000000000000000 [ 238.774312][ T9759] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 238.782275][ T9759] R13: 0000000000000000 R14: 00007fcb1e775fa0 R15: 00007ffe431e1798 [ 238.790245][ T9759] [ 238.977899][ T9768] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1093'. [ 239.195756][ T29] audit: type=1326 audit(1735516521.293:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9779 comm="syz.4.1096" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 239.794665][ T9794] FAULT_INJECTION: forcing a failure. [ 239.794665][ T9794] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 239.827021][ T9794] CPU: 0 UID: 0 PID: 9794 Comm: syz.1.1100 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 239.837762][ T9794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 239.847821][ T9794] Call Trace: [ 239.851098][ T9794] [ 239.854027][ T9794] dump_stack_lvl+0x16c/0x1f0 [ 239.858721][ T9794] should_fail_ex+0x497/0x5b0 [ 239.863408][ T9794] _copy_from_user+0x2e/0xd0 [ 239.868005][ T9794] kvm_arch_vm_ioctl+0x11d1/0x1ca0 [ 239.873128][ T9794] ? ima_match_policy+0x855/0x2290 [ 239.878250][ T9794] ? __pfx_lock_release+0x10/0x10 [ 239.883276][ T9794] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 239.888747][ T9794] ? kasan_save_stack+0x42/0x60 [ 239.893603][ T9794] ? kasan_save_stack+0x33/0x60 [ 239.898459][ T9794] ? ima_match_policy+0x134/0x2290 [ 239.903581][ T9794] ? ima_match_policy+0x134/0x2290 [ 239.908705][ T9794] ? ima_match_policy+0x85f/0x2290 [ 239.913827][ T9794] ? rcu_is_watching+0x12/0xc0 [ 239.918601][ T9794] ? lock_release+0x4e2/0x6f0 [ 239.923277][ T9794] ? process_measurement+0x521/0x2370 [ 239.928658][ T9794] ? rcu_is_watching+0x12/0xc0 [ 239.933426][ T9794] ? lock_release+0x4e2/0x6f0 [ 239.938099][ T9794] ? is_bpf_text_address+0x8a/0x1a0 [ 239.943306][ T9794] ? rcu_is_watching+0x12/0xc0 [ 239.948074][ T9794] ? lock_release+0x4e2/0x6f0 [ 239.952748][ T9794] ? is_bpf_text_address+0x8a/0x1a0 [ 239.957957][ T9794] ? __pfx_lock_release+0x10/0x10 [ 239.962988][ T9794] ? trace_lock_acquire+0x14e/0x1f0 [ 239.968191][ T9794] ? is_bpf_text_address+0x30/0x1a0 [ 239.973399][ T9794] ? lock_acquire+0x2f/0xb0 [ 239.977905][ T9794] ? is_bpf_text_address+0x30/0x1a0 [ 239.983114][ T9794] ? bpf_ksym_find+0x124/0x1c0 [ 239.987880][ T9794] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 239.994041][ T9794] ? is_bpf_text_address+0x94/0x1a0 [ 239.999249][ T9794] ? kernel_text_address+0x8d/0x100 [ 240.004447][ T9794] ? __kernel_text_address+0xd/0x40 [ 240.009645][ T9794] ? unwind_get_return_address+0x59/0xa0 [ 240.015280][ T9794] ? arch_stack_walk+0xa7/0x100 [ 240.020139][ T9794] ? stack_trace_save+0x95/0xd0 [ 240.025016][ T9794] ? __pfx_stack_trace_save+0x10/0x10 [ 240.030416][ T9794] ? format_decode+0x2d4/0xba0 [ 240.035207][ T9794] ? stack_depot_save_flags+0x28/0x9e0 [ 240.040686][ T9794] ? __pfx_format_decode+0x10/0x10 [ 240.045814][ T9794] ? number+0x8d9/0xb80 [ 240.049983][ T9794] kvm_vm_ioctl+0x1a87/0x3df0 [ 240.054664][ T9794] ? security_file_ioctl+0x9b/0x240 [ 240.059861][ T9794] ? do_syscall_64+0xcd/0x250 [ 240.064546][ T9794] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.070621][ T9794] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 240.075656][ T9794] ? rcu_is_watching+0x12/0xc0 [ 240.080427][ T9794] ? lock_release+0x4e2/0x6f0 [ 240.085104][ T9794] ? tomoyo_path_number_perm+0x298/0x5b0 [ 240.090748][ T9794] ? __pfx_lock_release+0x10/0x10 [ 240.095772][ T9794] ? kfree+0x14f/0x4b0 [ 240.099845][ T9794] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 240.105490][ T9794] ? tomoyo_path_number_perm+0x190/0x5b0 [ 240.111140][ T9794] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 240.117128][ T9794] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 240.123027][ T9794] ? do_vfs_ioctl+0x513/0x1950 [ 240.127793][ T9794] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 240.132816][ T9794] ? preempt_count_add+0x76/0x150 [ 240.137854][ T9794] ? __pfx_lock_release+0x10/0x10 [ 240.142876][ T9794] ? trace_lock_acquire+0x14e/0x1f0 [ 240.148082][ T9794] ? __fget_files+0x40/0x3a0 [ 240.152678][ T9794] ? __fget_files+0x206/0x3a0 [ 240.157357][ T9794] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 240.162386][ T9794] __x64_sys_ioctl+0x190/0x200 [ 240.167151][ T9794] do_syscall_64+0xcd/0x250 [ 240.171664][ T9794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.177564][ T9794] RIP: 0033:0x7fa0e6f85d29 [ 240.181981][ T9794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.201596][ T9794] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.210016][ T9794] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 240.217990][ T9794] RDX: 0000000000000005 RSI: 00000000400caed0 RDI: 0000000000000003 [ 240.225963][ T9794] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 240.233931][ T9794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 240.241900][ T9794] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 240.249878][ T9794] [ 240.702807][ T9805] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1103'. [ 241.038589][ T9819] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1109'. [ 242.419344][ T9837] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1113'. [ 242.433003][ T9845] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1115'. [ 242.874925][ T9854] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1119'. [ 243.286666][ T9862] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1122'. [ 243.478196][ T9868] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1125'. [ 243.725571][ T9877] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1130'. [ 243.839427][ T29] audit: type=1326 audit(1735516525.943:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9885 comm="syz.3.1131" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 244.336841][ T29] audit: type=1326 audit(1735516526.423:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9897 comm="syz.1.1135" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 244.421969][ T9900] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1136'. [ 244.734219][ T9910] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1140'. [ 246.423100][ T29] audit: type=1326 audit(1735516528.523:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9934 comm="syz.3.1150" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 246.550793][ T29] audit: type=1326 audit(1735516528.643:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9942 comm="syz.4.1154" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 246.712488][ T29] audit: type=1326 audit(1735516528.813:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9953 comm=636F6E7469672D7A6F6E65730A exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 247.153923][ T9963] FAULT_INJECTION: forcing a failure. [ 247.153923][ T9963] name failslab, interval 1, probability 0, space 0, times 0 [ 247.183310][ T9963] CPU: 0 UID: 0 PID: 9963 Comm: syz.1.1160 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 247.194045][ T9963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 247.204125][ T9963] Call Trace: [ 247.207418][ T9963] [ 247.210358][ T9963] dump_stack_lvl+0x16c/0x1f0 [ 247.215062][ T9963] should_fail_ex+0x497/0x5b0 [ 247.219767][ T9963] ? fs_reclaim_acquire+0xae/0x150 [ 247.224904][ T9963] should_failslab+0xc2/0x120 [ 247.229611][ T9963] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 247.235450][ T9963] ? kasan_save_stack+0x42/0x60 [ 247.240325][ T9963] ? kasan_save_stack+0x33/0x60 [ 247.245202][ T9963] ? __alloc_skb+0x2b3/0x380 [ 247.249825][ T9963] __alloc_skb+0x2b3/0x380 [ 247.254255][ T9963] ? __pfx___alloc_skb+0x10/0x10 [ 247.259206][ T9963] alloc_skb_with_frags+0xe4/0x850 [ 247.264327][ T9963] ? lock_release+0x4e2/0x6f0 [ 247.269007][ T9963] ? process_measurement+0x521/0x2370 [ 247.274386][ T9963] ? __pfx_lock_release+0x10/0x10 [ 247.279410][ T9963] sock_alloc_send_pskb+0x7f1/0x980 [ 247.284617][ T9963] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 247.290087][ T9963] ? rcu_is_watching+0x12/0xc0 [ 247.294857][ T9963] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 247.300585][ T9963] ? dev_get_by_index+0x37/0x380 [ 247.305532][ T9963] ? lock_acquire+0x2f/0xb0 [ 247.310035][ T9963] ? sock_cmsg_send+0x1a0/0x280 [ 247.314892][ T9963] packet_sendmsg+0x1f70/0x5660 [ 247.319757][ T9963] ? rcu_is_watching+0x12/0xc0 [ 247.324529][ T9963] ? lock_release+0x4e2/0x6f0 [ 247.329207][ T9963] ? is_bpf_text_address+0x8a/0x1a0 [ 247.334417][ T9963] ? rcu_is_watching+0x12/0xc0 [ 247.339185][ T9963] ? __pfx___might_resched+0x10/0x10 [ 247.344473][ T9963] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 247.350374][ T9963] ? __pfx_packet_sendmsg+0x10/0x10 [ 247.355583][ T9963] ? aa_umount+0x140/0x6e0 [ 247.360012][ T9963] ? __might_fault+0xe3/0x190 [ 247.364703][ T9963] ? __might_fault+0xe3/0x190 [ 247.369393][ T9963] ____sys_sendmsg+0x9ae/0xb40 [ 247.374160][ T9963] ? __pfx_____sys_sendmsg+0x10/0x10 [ 247.379449][ T9963] ? _kstrtoull+0x146/0x200 [ 247.383954][ T9963] ? __pfx__kstrtoull+0x10/0x10 [ 247.388808][ T9963] ? lock_release+0x4e2/0x6f0 [ 247.393488][ T9963] ___sys_sendmsg+0x135/0x1e0 [ 247.398173][ T9963] ? __pfx____sys_sendmsg+0x10/0x10 [ 247.403379][ T9963] ? __pfx_kstrtouint+0x10/0x10 [ 247.408235][ T9963] ? trace_lock_acquire+0x14e/0x1f0 [ 247.413448][ T9963] __sys_sendmmsg+0x201/0x420 [ 247.418133][ T9963] ? __pfx___sys_sendmmsg+0x10/0x10 [ 247.423344][ T9963] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 247.429334][ T9963] ? fput+0x67/0x440 [ 247.433237][ T9963] ? ksys_write+0x1ba/0x250 [ 247.437743][ T9963] ? __pfx_ksys_write+0x10/0x10 [ 247.442600][ T9963] __x64_sys_sendmmsg+0x9c/0x100 [ 247.447554][ T9963] do_syscall_64+0xcd/0x250 [ 247.452069][ T9963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.457973][ T9963] RIP: 0033:0x7fa0e6f85d29 [ 247.462387][ T9963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.481997][ T9963] RSP: 002b:00007fa0e7e85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 247.490416][ T9963] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f85d29 [ 247.498388][ T9963] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 247.506358][ T9963] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 247.514329][ T9963] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 247.522299][ T9963] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 247.530278][ T9963] [ 248.519644][ T29] audit: type=1326 audit(1735516530.603:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9990 comm="syz.3.1171" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 248.545163][ T9993] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1172'. [ 249.211428][ T9989] Process accounting resumed [ 250.077185][ T29] audit: type=1326 audit(1735516532.173:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10042 comm="syz.1.1189" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 250.867965][T10058] FAULT_INJECTION: forcing a failure. [ 250.867965][T10058] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 250.896829][T10058] CPU: 1 UID: 0 PID: 10058 Comm: syz.4.1193 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 250.907650][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 250.917904][T10058] Call Trace: [ 250.921220][T10058] [ 250.924179][T10058] dump_stack_lvl+0x16c/0x1f0 [ 250.928895][T10058] should_fail_ex+0x497/0x5b0 [ 250.933609][T10058] _copy_to_user+0x32/0xd0 [ 250.938064][T10058] simple_read_from_buffer+0xd0/0x160 [ 250.943456][T10058] proc_fail_nth_read+0x198/0x270 [ 250.948500][T10058] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 250.954059][T10058] ? bpf_lsm_file_permission+0x9/0x10 [ 250.959441][T10058] ? security_file_permission+0x71/0x210 [ 250.965077][T10058] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 250.970653][T10058] vfs_read+0x1df/0xbe0 [ 250.974837][T10058] ? __fget_files+0x1fc/0x3a0 [ 250.979531][T10058] ? __pfx___mutex_lock+0x10/0x10 [ 250.984567][T10058] ? __pfx_vfs_read+0x10/0x10 [ 250.989251][T10058] ? __fget_files+0x206/0x3a0 [ 250.993935][T10058] ksys_read+0x12b/0x250 [ 250.998182][T10058] ? __pfx_ksys_read+0x10/0x10 [ 251.002950][T10058] ? rcu_is_watching+0x12/0xc0 [ 251.007723][T10058] ? rcu_is_watching+0x12/0xc0 [ 251.012493][T10058] do_syscall_64+0xcd/0x250 [ 251.017003][T10058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.022904][T10058] RIP: 0033:0x7fcb1e58473c [ 251.027318][T10058] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 251.046940][T10058] RSP: 002b:00007fcb1f419030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 251.055363][T10058] RAX: ffffffffffffffda RBX: 00007fcb1e775fa0 RCX: 00007fcb1e58473c [ 251.063332][T10058] RDX: 000000000000000f RSI: 00007fcb1f4190a0 RDI: 0000000000000004 [ 251.071298][T10058] RBP: 00007fcb1f419090 R08: 0000000000000000 R09: 0000000000000000 [ 251.079267][T10058] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 251.087235][T10058] R13: 0000000000000000 R14: 00007fcb1e775fa0 R15: 00007ffe431e1798 [ 251.095210][T10058] [ 252.321863][ T29] audit: type=1326 audit(1735516534.423:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10084 comm="syz.3.1202" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 254.670027][ T29] audit: type=1326 audit(1735516536.773:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10123 comm="syz.3.1214" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 254.871948][T10126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1215'. [ 255.883757][T10143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1220'. [ 256.069156][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.078465][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.650885][ T29] audit: type=1326 audit(1735516538.753:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10167 comm="syz.0.1230" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 257.403249][T10181] FAULT_INJECTION: forcing a failure. [ 257.403249][T10181] name failslab, interval 1, probability 0, space 0, times 0 [ 257.455088][T10181] CPU: 1 UID: 0 PID: 10181 Comm: syz.3.1235 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 257.465901][T10181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 257.475980][T10181] Call Trace: [ 257.479268][T10181] [ 257.482207][T10181] dump_stack_lvl+0x16c/0x1f0 [ 257.486915][T10181] should_fail_ex+0x497/0x5b0 [ 257.491619][T10181] ? fs_reclaim_acquire+0xae/0x150 [ 257.496753][T10181] should_failslab+0xc2/0x120 [ 257.501469][T10181] __kmalloc_noprof+0xce/0x4f0 [ 257.506260][T10181] ? tomoyo_encode2+0x100/0x3e0 [ 257.511132][T10181] tomoyo_encode2+0x100/0x3e0 [ 257.515831][T10181] tomoyo_realpath_from_path+0x1a7/0x710 [ 257.521485][T10181] ? tomoyo_path_number_perm+0x235/0x5b0 [ 257.527147][T10181] tomoyo_path_number_perm+0x248/0x5b0 [ 257.532627][T10181] ? tomoyo_path_number_perm+0x235/0x5b0 [ 257.538285][T10181] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 257.544291][T10181] ? rcu_is_watching+0x12/0xc0 [ 257.549085][T10181] ? preempt_count_add+0x76/0x150 [ 257.554143][T10181] ? __pfx_lock_release+0x10/0x10 [ 257.559193][T10181] ? trace_lock_acquire+0x14e/0x1f0 [ 257.564410][T10181] ? __fget_files+0x40/0x3a0 [ 257.569024][T10181] ? lock_acquire+0x2f/0xb0 [ 257.573538][T10181] ? __fget_files+0x40/0x3a0 [ 257.578148][T10181] ? __fget_files+0x206/0x3a0 [ 257.582845][T10181] security_file_ioctl+0x9b/0x240 [ 257.587891][T10181] __x64_sys_ioctl+0xb7/0x200 [ 257.592587][T10181] do_syscall_64+0xcd/0x250 [ 257.597114][T10181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.603029][T10181] RIP: 0033:0x7f9210185d29 [ 257.607458][T10181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.627086][T10181] RSP: 002b:00007f9210f7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.635520][T10181] RAX: ffffffffffffffda RBX: 00007f9210375fa0 RCX: 00007f9210185d29 [ 257.643510][T10181] RDX: 0000000000000003 RSI: 00000000400caed0 RDI: 0000000000000003 [ 257.651493][T10181] RBP: 00007f9210f7b090 R08: 0000000000000000 R09: 0000000000000000 [ 257.659476][T10181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 257.667457][T10181] R13: 0000000000000000 R14: 00007f9210375fa0 R15: 00007ffc5570c0f8 [ 257.675456][T10181] [ 257.756909][T10181] ERROR: Out of memory at tomoyo_realpath_from_path. [ 257.794999][T10191] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1241'. [ 258.225949][T10210] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1247'. [ 258.300094][ T29] audit: type=1326 audit(1735516540.403:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10212 comm="syz.4.1248" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 258.372695][T10217] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1250'. [ 258.449606][T10219] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1251'. [ 259.201465][T10232] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1257'. [ 260.609349][ T29] audit: type=1326 audit(1735516542.713:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.0.1264" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 261.735510][T10289] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1276'. [ 261.927808][ T29] audit: type=1326 audit(1735516544.033:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10297 comm="syz.1.1280" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 262.031393][T10295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1279'. [ 262.906991][T10323] sp0: Synchronizing with TNC [ 262.941044][T10323] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1289'. [ 263.417790][T10336] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 263.434438][T10336] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 263.451675][T10336] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 263.476302][T10336] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 263.791355][T10347] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1296'. [ 263.867814][ T29] audit: type=1326 audit(1735516545.973:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10348 comm="syz.3.1298" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9210185d29 code=0x0 [ 263.985653][T10355] sp0: Synchronizing with TNC [ 263.994528][T10355] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1301'. [ 264.427927][T10377] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1309'. [ 264.437206][T10377] team_slave_0: entered allmulticast mode [ 265.219027][T10397] FAULT_INJECTION: forcing a failure. [ 265.219027][T10397] name failslab, interval 1, probability 0, space 0, times 0 [ 265.231748][T10397] CPU: 1 UID: 0 PID: 10397 Comm: syz.0.1316 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 265.242534][T10397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 265.252609][T10397] Call Trace: [ 265.255902][T10397] [ 265.258848][T10397] dump_stack_lvl+0x16c/0x1f0 [ 265.263555][T10397] should_fail_ex+0x497/0x5b0 [ 265.268260][T10397] ? rcu_is_watching+0x12/0xc0 [ 265.273055][T10397] should_failslab+0xc2/0x120 [ 265.277762][T10397] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 265.283163][T10397] ? stack_depot_save_flags+0x28/0x9e0 [ 265.288648][T10397] ? br_multicast_count+0x8a/0xbd0 [ 265.293779][T10397] ? skb_clone+0x190/0x3f0 [ 265.298206][T10397] skb_clone+0x190/0x3f0 [ 265.302456][T10397] deliver_clone+0x3f/0xa0 [ 265.306880][T10397] maybe_deliver+0xa7/0x120 [ 265.311386][T10397] br_flood+0x17e/0x5c0 [ 265.315547][T10397] br_dev_xmit+0x1510/0x18b0 [ 265.320137][T10397] ? __pfx_br_dev_xmit+0x10/0x10 [ 265.325085][T10397] ? __pfx_skb_network_protocol+0x10/0x10 [ 265.330809][T10397] ? validate_xmit_xfrm+0x492/0x12c0 [ 265.336096][T10397] ? __pfx_passthru_features_check+0x10/0x10 [ 265.342078][T10397] ? netif_skb_features+0x3b0/0xd50 [ 265.347278][T10397] dev_hard_start_xmit+0x9a/0x7b0 [ 265.352309][T10397] __dev_queue_xmit+0x7f0/0x43e0 [ 265.357251][T10397] ? __pfx_lock_release+0x10/0x10 [ 265.362276][T10397] ? trace_lock_acquire+0x14e/0x1f0 [ 265.367494][T10397] ? __might_fault+0xe3/0x190 [ 265.372185][T10397] ? __pfx___dev_queue_xmit+0x10/0x10 [ 265.377563][T10397] ? __might_fault+0xd0/0x190 [ 265.382253][T10397] ? _copy_from_iter+0x159/0x1400 [ 265.387288][T10397] ? packet_parse_headers+0x787/0xaf0 [ 265.392662][T10397] ? packet_parse_headers+0x793/0xaf0 [ 265.398044][T10397] ? packet_parse_headers+0x201/0xaf0 [ 265.403426][T10397] ? __phys_addr_symbol+0x30/0x80 [ 265.408457][T10397] ? __check_object_size+0x488/0x710 [ 265.413750][T10397] ? __pfx_packet_parse_headers+0x10/0x10 [ 265.419472][T10397] ? skb_copy_datagram_from_iter+0x4ce/0x710 [ 265.425457][T10397] ? lock_acquire+0x2f/0xb0 [ 265.429958][T10397] packet_xmit+0x23e/0x360 [ 265.434379][T10397] packet_sendmsg+0x2700/0x5660 [ 265.439238][T10397] ? is_bpf_text_address+0x8a/0x1a0 [ 265.444447][T10397] ? rcu_is_watching+0x12/0xc0 [ 265.449213][T10397] ? __pfx___might_resched+0x10/0x10 [ 265.454504][T10397] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 265.460485][T10397] ? __pfx_packet_sendmsg+0x10/0x10 [ 265.465692][T10397] ? aa_umount+0x140/0x6e0 [ 265.470114][T10397] ? __might_fault+0xe3/0x190 [ 265.474799][T10397] ? __might_fault+0xe3/0x190 [ 265.479498][T10397] ____sys_sendmsg+0x9ae/0xb40 [ 265.484269][T10397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 265.489557][T10397] ? _kstrtoull+0x146/0x200 [ 265.494059][T10397] ? __pfx__kstrtoull+0x10/0x10 [ 265.498908][T10397] ? lock_release+0x4e2/0x6f0 [ 265.503586][T10397] ___sys_sendmsg+0x135/0x1e0 [ 265.508271][T10397] ? __pfx____sys_sendmsg+0x10/0x10 [ 265.513474][T10397] ? __pfx_kstrtouint+0x10/0x10 [ 265.518327][T10397] ? trace_lock_acquire+0x14e/0x1f0 [ 265.523537][T10397] __sys_sendmmsg+0x201/0x420 [ 265.528223][T10397] ? __pfx___sys_sendmmsg+0x10/0x10 [ 265.533430][T10397] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 265.539430][T10397] ? fput+0x67/0x440 [ 265.543332][T10397] ? ksys_write+0x1ba/0x250 [ 265.547840][T10397] ? __pfx_ksys_write+0x10/0x10 [ 265.552697][T10397] __x64_sys_sendmmsg+0x9c/0x100 [ 265.557646][T10397] do_syscall_64+0xcd/0x250 [ 265.562160][T10397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.568058][T10397] RIP: 0033:0x7f3a34785d29 [ 265.572472][T10397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.592084][T10397] RSP: 002b:00007f3a35627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 265.600498][T10397] RAX: ffffffffffffffda RBX: 00007f3a34975fa0 RCX: 00007f3a34785d29 [ 265.608469][T10397] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 265.616437][T10397] RBP: 00007f3a35627090 R08: 0000000000000000 R09: 0000000000000000 [ 265.624508][T10397] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 265.632479][T10397] R13: 0000000000000000 R14: 00007f3a34975fa0 R15: 00007ffd56439e78 [ 265.640453][T10397] [ 265.651957][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 265.658413][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 265.664442][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 265.672419][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 265.879492][ T29] audit: type=1326 audit(1735516547.973:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10406 comm="syz.0.1320" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 266.968178][T10435] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1330'. [ 267.466572][ T29] audit: type=1326 audit(1735516549.563:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10451 comm="syz.0.1336" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 268.487220][T10471] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1341'. [ 268.651770][T10478] Process accounting resumed [ 269.376868][T10483] sp0: Synchronizing with TNC [ 269.412938][T10483] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1344'. [ 271.225969][ T29] audit: type=1326 audit(1735516553.323:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.1349" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a34785d29 code=0x0 [ 271.488603][T10511] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1352'. [ 271.508075][T10508] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 271.769292][T10517] sp0: Synchronizing with TNC [ 271.788378][T10517] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1355'. [ 273.288658][T10543] FAULT_INJECTION: forcing a failure. [ 273.288658][T10543] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 273.370193][T10543] CPU: 0 UID: 0 PID: 10543 Comm: syz.1.1363 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 273.381014][T10543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 273.391082][T10543] Call Trace: [ 273.394366][T10543] [ 273.397305][T10543] dump_stack_lvl+0x16c/0x1f0 [ 273.402009][T10543] should_fail_ex+0x497/0x5b0 [ 273.406716][T10543] _copy_to_user+0x32/0xd0 [ 273.411165][T10543] simple_read_from_buffer+0xd0/0x160 [ 273.416560][T10543] proc_fail_nth_read+0x198/0x270 [ 273.421619][T10543] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 273.427193][T10543] ? bpf_lsm_file_permission+0x9/0x10 [ 273.432593][T10543] ? security_file_permission+0x71/0x210 [ 273.438241][T10543] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 273.443812][T10543] vfs_read+0x1df/0xbe0 [ 273.447986][T10543] ? __fget_files+0x1fc/0x3a0 [ 273.452681][T10543] ? __pfx___mutex_lock+0x10/0x10 [ 273.457732][T10543] ? __pfx_vfs_read+0x10/0x10 [ 273.462435][T10543] ? __fget_files+0x206/0x3a0 [ 273.467135][T10543] ksys_read+0x12b/0x250 [ 273.471397][T10543] ? __pfx_ksys_read+0x10/0x10 [ 273.476180][T10543] ? rcu_is_watching+0x12/0xc0 [ 273.480964][T10543] ? rcu_is_watching+0x12/0xc0 [ 273.485751][T10543] do_syscall_64+0xcd/0x250 [ 273.490275][T10543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.496188][T10543] RIP: 0033:0x7fa0e6f8473c [ 273.500612][T10543] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 273.520236][T10543] RSP: 002b:00007fa0e7e85030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 273.528667][T10543] RAX: ffffffffffffffda RBX: 00007fa0e7175fa0 RCX: 00007fa0e6f8473c [ 273.536661][T10543] RDX: 000000000000000f RSI: 00007fa0e7e850a0 RDI: 0000000000000004 [ 273.544650][T10543] RBP: 00007fa0e7e85090 R08: 0000000000000000 R09: 0000000000000000 [ 273.552638][T10543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.560626][T10543] R13: 0000000000000000 R14: 00007fa0e7175fa0 R15: 00007fff9f570558 [ 273.568622][T10543] [ 274.120231][ T29] audit: type=1326 audit(1735516556.223:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10553 comm="syz.1.1367" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0e6f85d29 code=0x0 [ 275.969251][ T29] audit: type=1326 audit(1735516558.073:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10600 comm="syz.4.1382" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb1e585d29 code=0x0 [ 276.147819][ T52] ref_tracker: net notrefcnt@ffff88805e4781e0 has 1/2 users at [ 276.147819][ T52] sk_alloc+0xa93/0xb90 [ 276.147819][ T52] inet6_create+0x380/0x1320 [ 276.147819][ T52] __sock_create+0x335/0x8d0 [ 276.147819][ T52] udp_sock_create6+0xc8/0x660 [ 276.147819][ T52] sctp_udp_sock_start+0x280/0x4b0 [ 276.147819][ T52] proc_sctp_do_udp_port+0x3ba/0x4a0 [ 276.147819][ T52] proc_sys_call_handler+0x403/0x5d0 [ 276.147819][ T52] iter_file_splice_write+0x90f/0x10b0 [ 276.147819][ T52] direct_splice_actor+0x18f/0x6c0 [ 276.147819][ T52] splice_direct_to_actor+0x346/0xa40 [ 276.147819][ T52] do_splice_direct+0x178/0x250 [ 276.147819][ T52] do_sendfile+0xaed/0xe30 [ 276.147819][ T52] __x64_sys_sendfile64+0x1da/0x220 [ 276.147819][ T52] do_syscall_64+0xcd/0x250 [ 276.147819][ T52] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.147819][ T52] [ 276.235118][ T52] ref_tracker: net notrefcnt@ffff88805e4781e0 has 1/2 users at [ 276.235118][ T52] sk_alloc+0xa93/0xb90 [ 276.235118][ T52] inet_create+0x3a1/0x10a0 [ 276.235118][ T52] __sock_create+0x335/0x8d0 [ 276.235118][ T52] udp_sock_create4+0xa7/0x450 [ 276.235118][ T52] sctp_udp_sock_start+0x10b/0x4b0 [ 276.235118][ T52] proc_sctp_do_udp_port+0x3ba/0x4a0 [ 276.235118][ T52] proc_sys_call_handler+0x403/0x5d0 [ 276.235118][ T52] iter_file_splice_write+0x90f/0x10b0 [ 276.235118][ T52] direct_splice_actor+0x18f/0x6c0 [ 276.235118][ T52] splice_direct_to_actor+0x346/0xa40 [ 276.235118][ T52] do_splice_direct+0x178/0x250 [ 276.235118][ T52] do_sendfile+0xaed/0xe30 [ 276.235118][ T52] __x64_sys_sendfile64+0x1da/0x220 [ 276.235118][ T52] do_syscall_64+0xcd/0x250 [ 276.235118][ T52] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.235118][ T52] [ 276.404601][ T52] ------------[ cut here ]------------ [ 276.410128][ T52] WARNING: CPU: 0 PID: 52 at lib/ref_tracker.c:179 ref_tracker_dir_exit+0x3e3/0x680 [ 276.419807][ T52] Modules linked in: [ 276.423720][ T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 276.435003][ T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 276.445647][ T52] Workqueue: netns cleanup_net [ 276.450714][ T52] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 276.456990][ T52] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 bb 2d d1 fc 48 8b 74 24 18 48 89 ef e8 ee a4 54 06 90 <0f> 0b 90 e8 a5 2d d1 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 34 [ 276.476979][ T52] RSP: 0018:ffffc90000bd7b38 EFLAGS: 00010246 [ 276.483079][ T52] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 276.491346][ T52] RDX: 0000000000000001 RSI: ffffffff8bb17080 RDI: 0000000000000001 [ 276.499594][ T52] RBP: ffff88805e4781e0 R08: 0000000000000000 R09: 0000000000000000 [ 276.507833][ T52] R10: ffffffff901ce557 R11: 0000000000000b8f R12: ffff88805e478230 [ 276.515829][ T52] R13: ffff88805e478230 R14: ffff88805e478230 R15: ffff88805e478230 [ 276.523926][ T52] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 276.533356][ T52] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 276.540381][ T52] CR2: 000055555ab3e808 CR3: 0000000068c1e000 CR4: 00000000003526f0 [ 276.548492][ T52] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 276.556482][ T52] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 276.564550][ T52] Call Trace: [ 276.567874][ T52] [ 276.570819][ T52] ? __warn+0xea/0x3c0 [ 276.574923][ T52] ? ref_tracker_dir_exit+0x3e3/0x680 [ 276.580361][ T52] ? report_bug+0x3c0/0x580 [ 276.584887][ T52] ? handle_bug+0x54/0xa0 [ 276.589291][ T52] ? exc_invalid_op+0x17/0x50 [ 276.593994][ T52] ? asm_exc_invalid_op+0x1a/0x20 [ 276.599085][ T52] ? ref_tracker_dir_exit+0x3e3/0x680 [ 276.604479][ T52] ? ref_tracker_dir_exit+0x3e2/0x680 [ 276.609920][ T52] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 276.615664][ T52] ? cleanup_net+0x984/0xbd0 [ 276.620378][ T52] cleanup_net+0x990/0xbd0 [ 276.624819][ T52] ? __pfx_cleanup_net+0x10/0x10 [ 276.629822][ T52] ? __schedule+0xe60/0x5ad0 [ 276.634748][ T52] ? lock_acquire+0x2f/0xb0 [ 276.639631][ T52] ? process_one_work+0x8bb/0x1b30 [ 276.644765][ T52] process_one_work+0x958/0x1b30 [ 276.649776][ T52] ? __pfx_process_one_work+0x10/0x10 [ 276.655169][ T52] ? rcu_is_watching+0x12/0xc0 [ 276.660019][ T52] ? assign_work+0x1a0/0x250 [ 276.664640][ T52] worker_thread+0x6c8/0xf00 [ 276.669303][ T52] ? __pfx_worker_thread+0x10/0x10 [ 276.674434][ T52] kthread+0x2c1/0x3a0 [ 276.678576][ T52] ? _raw_spin_unlock_irq+0x23/0x50 [ 276.683797][ T52] ? __pfx_kthread+0x10/0x10 [ 276.688448][ T52] ret_from_fork+0x45/0x80 [ 276.692882][ T52] ? __pfx_kthread+0x10/0x10 [ 276.697528][ T52] ret_from_fork_asm+0x1a/0x30 [ 276.702328][ T52] [ 276.705361][ T52] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 276.712646][ T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 276.723340][ T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 276.733414][ T52] Workqueue: netns cleanup_net [ 276.738218][ T52] Call Trace: [ 276.741507][ T52] [ 276.744445][ T52] dump_stack_lvl+0x3d/0x1f0 [ 276.749054][ T52] panic+0x71d/0x800 [ 276.752974][ T52] ? __pfx_panic+0x10/0x10 [ 276.757414][ T52] ? show_trace_log_lvl+0x29d/0x3d0 [ 276.762634][ T52] ? check_panic_on_warn+0x1f/0xb0 [ 276.767775][ T52] ? ref_tracker_dir_exit+0x3e3/0x680 [ 276.773171][ T52] check_panic_on_warn+0xab/0xb0 [ 276.778131][ T52] __warn+0xf6/0x3c0 [ 276.782051][ T52] ? ref_tracker_dir_exit+0x3e3/0x680 [ 276.787444][ T52] report_bug+0x3c0/0x580 [ 276.791790][ T52] handle_bug+0x54/0xa0 [ 276.795972][ T52] exc_invalid_op+0x17/0x50 [ 276.800499][ T52] asm_exc_invalid_op+0x1a/0x20 [ 276.805369][ T52] RIP: 0010:ref_tracker_dir_exit+0x3e3/0x680 [ 276.811369][ T52] Code: 11 02 00 00 4d 39 f5 49 8b 06 4d 89 f7 0f 85 0e ff ff ff 48 8b 2c 24 e8 bb 2d d1 fc 48 8b 74 24 18 48 89 ef e8 ee a4 54 06 90 <0f> 0b 90 e8 a5 2d d1 fc 48 8d 5d 44 be 04 00 00 00 48 89 df e8 34 [ 276.830978][ T52] RSP: 0018:ffffc90000bd7b38 EFLAGS: 00010246 [ 276.837049][ T52] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 276.845024][ T52] RDX: 0000000000000001 RSI: ffffffff8bb17080 RDI: 0000000000000001 [ 276.852995][ T52] RBP: ffff88805e4781e0 R08: 0000000000000000 R09: 0000000000000000 [ 276.860970][ T52] R10: ffffffff901ce557 R11: 0000000000000b8f R12: ffff88805e478230 [ 276.868941][ T52] R13: ffff88805e478230 R14: ffff88805e478230 R15: ffff88805e478230 [ 276.876918][ T52] ? ref_tracker_dir_exit+0x3e2/0x680 [ 276.882301][ T52] ? __pfx_ref_tracker_dir_exit+0x10/0x10 [ 276.888031][ T52] ? cleanup_net+0x984/0xbd0 [ 276.892631][ T52] cleanup_net+0x990/0xbd0 [ 276.897056][ T52] ? __pfx_cleanup_net+0x10/0x10 [ 276.902004][ T52] ? __schedule+0xe60/0x5ad0 [ 276.906596][ T52] ? lock_acquire+0x2f/0xb0 [ 276.911098][ T52] ? process_one_work+0x8bb/0x1b30 [ 276.916210][ T52] process_one_work+0x958/0x1b30 [ 276.921155][ T52] ? __pfx_process_one_work+0x10/0x10 [ 276.926523][ T52] ? rcu_is_watching+0x12/0xc0 [ 276.931293][ T52] ? assign_work+0x1a0/0x250 [ 276.935895][ T52] worker_thread+0x6c8/0xf00 [ 276.940491][ T52] ? __pfx_worker_thread+0x10/0x10 [ 276.945606][ T52] kthread+0x2c1/0x3a0 [ 276.949678][ T52] ? _raw_spin_unlock_irq+0x23/0x50 [ 276.954877][ T52] ? __pfx_kthread+0x10/0x10 [ 276.959472][ T52] ret_from_fork+0x45/0x80 [ 276.963892][ T52] ? __pfx_kthread+0x10/0x10 [ 276.968484][ T52] ret_from_fork_asm+0x1a/0x30 [ 276.973262][ T52] [ 276.976533][ T52] Kernel Offset: disabled [ 276.980848][ T52] Rebooting in 86400 seconds..