last executing test programs: 7.685065345s ago: executing program 3 (id=311): write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) 7.360329697s ago: executing program 3 (id=314): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x24542, 0x0) ioctl$auto_RTC_RD_TIME(r0, 0x80247009, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x8000, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x460f, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0x18, 0xa, 0x1) r3 = socket(0xa, 0x2, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x0, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r5, 0x4c04, 0x0) sendmsg$auto_NL80211_CMD_STOP_AP(r3, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="40110000", @ANYRES16=r4, @ANYBLOB="000228bd7000ffdbdf25100000000500130108000000201138801c11008004009300050088004b00000006001a010400000008002201ff07000004006700e2002100cdf9f282bb28bb17b280358ec8683ec84ce86fa05c523fac30e423d4ad622d74a525a268eafc2349d75c050224522225df2adaff043987bf9aa8c1add44f973e110d2c9a904d31fc0a46ab76ea74f547bc0b46d8fed2620167fc6815b57980165903daa7403a36d5649cd9135fe49db71951191de3ea3747c9c355356288f52a7eefeec2995537714d1e72ba5459ebf4a14b3c897a86ca9ed28cab31d72b03496ca714ccbd3f32f9b9222d941cdc3c4b7b688a2489a96d863e9b96557897e07c75fa9e82223daaef5a2ec17b9c25e8ec4aa400e865d6784ea8d108782cbf000008006100e200000005001901020000000410c5005ec1a6a736681b0cf3cdd5ad94978643165a00d2bcd8a512d526403622d0cc4abfd7a2cee8330e45c8e9547b7b5c693808dfe91ff45a2f24a5cc68e354eff53fe3a51fbb2ea000088d945eae7935fdbde7d51ffeb40447119ce7f16233eaaf65ca58668a4fe351fc95008cb0727e359c796b9c986939214c2a5b2a416d641bac8f87e0e3c8e97d364eb36c8d11a685a96c5bdefa2c6aa3cc40cd1b1ec996eb1c5551fc15ae74c44f2184d5268cd1e1451904a6715fdab2f628c5a51af4c133e4044dcbed7cfb6957994e1cf702db9821b597f4ee5db24ea9da269942695c9cf069a86fd8464570cea763719385eeca158607572adc55d594b2f32c265ded85e4b4e4bb21bd400423b009d4f1222a6a13b9d0e674dc64c23d273925f4be5220d91e08e1ce18e8a2da53fefa0267ebc10dcb055fdde0e1b47a7bbb67b4f165d28724b62f078974b1dd97b5529971f8893fc25d4a95342b3dc1dd64253fcd57590dfb8ca746368bef82f06ae1e4e5ee126b7d7dd89b18184c8fc4e1e9fb51ced07448aa50bf6d169b4ec1cf80cca957613ff566e3e6e6ec3ca05b2ddd468c16df0c6907039fa701b93b0b52da48b95ae31d186097a78c99e9b997dd901cff8ba3444781000f871454320c81c980c235fb6aba68e9a400dce0070eb2a03515e5c5cf697e5b4a23c03a43d45815880403b2d461b6c7e1929a9f5bc348afae1d007495b45894035bb480d8de1e9a40f21a2cb8dd6d07e8b5da1d416e2c725f15abd4d89af86c7cc954fca2ba9d33c376e090cbc97837a24ab50e8bc79da2faeaccc1395b74d667560ca10d5c6a7c8db11358dc55d7daf7f2737d8f6266b22a8277afe800690581fd4f37308fb212bad6539a6f67fb5f631edc9ec5a930a103b5b139d1421f4cc1cf275d1479195d6557ba07d95432c9451a9d3b401a29b3d5bc9f9644e514221286e6f5ca34badb577b89d3c7e18805b7a3ef125623fdb40d3268bfae757febe78bdd967eba238e029a35271cafe31a6a48a8607e8e37c236e5dde18bf29b4bb28e7e122ebb7a3fb1dc9a8f312b477888b4c78c7a10f077df1ef01f08255dcc755657eac0e0996f3b7fff468e995acaf3de0eaaa99e84398f0126ff3105a85a83e41f31b6908b23743aaecd89708ee6ca2e18fed6c953e09d2013d0f97338517de7bb83b6ee383128e9b5e24740b39eb3bd2ba154008890d97b37f70dc010f89838f7972d993658d555ed8a68b8e6dee1e6bf8d5f69b4a7d00df62db97848ca784cc1b7f1c3a33208ef76bf04d6a1fd2ca384a2d9d0e0ce4eca29422b8f833952b9cc7ad2f66dc324cd45de59a230a9563dc3a7d22f5af9a8aed597cf5389ce3c43937102c004e19afc45d33c2c4e1b03ffd76d5b60a41edfd16baa70c7ffa28781e3f7224e0e046b8d461dd6f2d581329eca1f6e5c98c1ccc7bba6f8392ee61f896d0397cdeb38303a020e3869bd05590f3f11819e71b56fc722438d0f996a51083340b72a6704fbc5fd90ba99ef4d5b5fc426406930c1385aff7e3607cbd80a8a695cd32fdfdbe5a0d2e732b03a1ae418871747ff9de74f285e4a96a0d4b7fa673e047f729ac982f4a8efd57bc7f9ae72553906590c966d8129c525602463a836e36247fc9d781eb19dc1f632afeb152d5a4d7e8f669e1cd5b1af1a79ad0953394591ff434c6e7f62230598036a7b2cc6365bdc39a997459b7d2ddfc3a7b1a7a674f437854114d0fc4944ffcbb2eded18e2591a336208974c3516155c7810ea2b5dece774bd09769ad944fea39144bc24bc24124b02e3c10b248b03eb14e808189495532838f03d559b8288803fe68a0e9cc4269481f86b98f9b083b754a59036a5becba52c7350a5ef3ff2702904b2fa69b2cfeeec9ee9d9a6888255e5a1dbda71f2e1bba9e19dd3e931a97d80538dd216e36dc3a6bffad6bfda0d8f7db0703b0247f8e06ed9664e6eece3f16bc8950812e7a204ab2acba9f4d9f57ed54bddcea40cc9917d80d01b4eb335b346ef92c035ba2b9bdc3a98328197352f832dd2d0b1103bb7c18e88d2b8f9f0ce1860c67edb999188d326e9b65931c6a8fc03b3235e64f513917eed3226e5e6c5a189986633d35deb2d1221c72a02bc48962a39afcfd31cbe666bf70d0b3aedb759a4b36ecd36bcc7420bd4a0dd05d482dce4fe889f8f1a800e26b106e97e2d33956b25cbc067c4ae22e19f12ed6bd6114e7b291e809e852a761cf5b06c36dcd2d258a467a4001e6fc30c45bc4f5f06f213b18596f28b01ddf2582c30f67d7a58d617409595dfd4aedb3579757437d815a6f9df4f7a7c75a95879e16bd864a0ddfbd5aeb058fcd6f9fde4f743cb95d6bfb04c84e56996dea18991fbfc7d5bbcd0c849c9110a08a7efc83aae73e4cb31aaa1f5e476f952b6dbd09985bb018c5179fb1d08e90b76c2db6b1ab3487049674559e7f80fd99e10b6e61c4f99c58512c805825b0c2c51561b92a52fac8ea2ab75095d64bd02a9ffff16f84b450b2949bf7bc97ad0fb634cc3bf8920346c33ab5893fc4d63835d8340a8bd26b49bc1acdef800cd790935c26ef7a675083ffd09aa35e47cc9c41854c22e34c841d5e53c119abff7ed06c2f2dee857ec3789fe3c940c779bd2e7330d682ac7819255e2bd8301548b75db793aa71e004e029837cfd642bb04d703c1b36350bbfa698f41de30d43b4d08886abacb45db0161aabeefaf79bffb423251676ff2ae68ae9870250d656e182911dce78390c9846c26810eb73a7b18b7fea9f2809550bc045986a70c1c94d6a01fdbef89c40143033b55192390df8acb90ca71989a452743c521b9a348a1dfd87eb3055e25d20040058d1b1bdaec255fb7561dff0f6c9bad81d97f791a1626f53b837a1b4eca2dff8cfabc0af436f515ad36fc7e4556be50b89a067b09a338052511e555f9a1aef4ccfb882bb99291554d2f1f78c8296c1e0542b12d0999da905b420586e8131b8ee35e7da2446e1de31a18e4b908eb1334cdb438eb63df945938522a1a7464b439ebf9962c51381053b7e74dda8423d5d0df7c365876d2d685e52973ba4dcfe92dfefa66aaf03b00fb2a690accb8b0b113b026e80d2f184426b94f4617db288b3a81f0158db1658c88ed1e22a3d3efd0777fd807a5a9c57cf6a957d5227713cb15db71c64e05fce4511c95844803a56d1b67dc3215f83e90e3c767c36f7c9189f3d89be06aefcc87486f5c548ff020cf7d9cc25ee364a4fd30675e45e539bedf8079b384216eff8d1f48f15e4ab5d3852f8cdd74b727fc20008c6f116798f89f2f991fdf606201b311a335c8cc71483b737adec48dae149ebda7a34bb11ef7d5fbc0b1b8ba8a6d57dc3a5a421c7f345927b72c1ef96cbf3e194767dba34229208068780ccbe7b14317b7bb93d3d89a194ffb98d88f2c1eb219897a554580f92c14cde8276c3df39c9a9d3aeba1ef1510be123a0c016ae72806be1c47f323a4e73b12ecbaf484caea2b59c6b770de5dbbe01c3f7417e13dda680127c541a421f268ae4fae4a60ae9c7fb75dbb25dd717c5a56b9a19b8a53046cbcd760ca23040717da578babd4f481c3342ed7b51de4402263fea846d808f5992556e0e458748cf5ffab79985f7d5bfcd959dfdb36f6c2390620bfa0b6459facfb387b224cf8d6c184a6010497b1c8b0cafe07abadc03c645053c2280142da31c5a994ed9f7189400195fa9f7ad4735613c4a35a1db9a457d5402ad2d1b062935fb47690e6ac33e6227436122f61d5eb4f43e520fa0179d81a6ef3156f1fb668299c108c75868fe54b84c49121be73ff49a8f21d6eed1732567e1530061783f7dca2c1d4b50aa4f31c8fdc516f88ca431ea3d650de37d9b4ef4ad71ed41924227e83e12bd59397a7dab36bc64ff190924f4f01496579f1d2e4e5a7251d363382a92b1708f4c79e7a55bd6491d68a4f2ed5c6a3197bd518b73ec264bac3181a3a127a46b2dea81ec212788b5aab6590e3b748fab4d428ec0ccd0751225edb730553ae7c56ee020c9daacd6ec59c9a97bc4280807ec8ba143e9eb6bbf943279490188d6d833d37b3140031bdb2f4898a4a8e1938840e6eef26025f795e437704dbb558aadd18fd391e0a596199d15ed0ab85bdff2b636cdbbfc3962b5e0f4f62615a61ab7e19993013f8face561722315a9ef16882d4b1f90ac4101172a6c07b1ba2945a111543e8d7e30e39a09d5ef4bd521fbe40080f325b203b894910ada111aafa471979ffb8412dfb16bfcf1830dbde1257b9c6eee39240b24297e4010b1a0ca5948142928dbfba0b51e418b9d1d0bc95cc061e0585b0b461bfcf79ff910d4b1db9c7be62102aa3f8b7e985ad447301c9eb25109a893b01878f6c9886cd920a7c899ed5c7919b5b7c51b1d1fa5a2b630ed45ac76b5c63574b68f918a1065393a34aa483cfd1ee9529618feec5ebc9bfef438a687e591712a87796baea22b0a06efe91f99b63eed17cf8d8dc9f74dd359434e1d4db36403ecafa17df700bcbe300e04c243a2e5f66c49bc30fd7002c5f620c583f55fe8166ba22d099f254f60332de07f45ef2fa9fbeaf8b4719168fdf46ee78caba9abd180ee00a5000f15472c8afa5ed3bf554d0574db8aae599f155901a411bf3d8d3af211185de85805978ef9ecd3f55d42f1604436456580154c2ffc2026e59c4e33ed03b57fc9bb0ae737d698211c2f9a24091b32e574343afb0226e98ff9717ff757b168b02a9d0c3f7e2f5c1b8a74163ef6c4ddf5e29181ce10bc6ef18c799758002a16ee8047c04567a17c92165e6b221bbdc3f8367d0dc1937bcc5799b8610b1f9e424a80800fd4305a2223386416c909e0322fb4acdd9f89b23d2b9e5a731f5229f56b350a5c78bb1ea22e3e078e00dad8f97b2762d4d4b637fa8063878cc1521bedfeba46818bacde54a90f26afeb2246d1759233ce2103cb7ec76e384f55a191df2034bf5cbe88923077604d8a51679a8b26921ab761172f31311c8fbb9ebfbb55d080d47f452000f34db4c06d0cd7e7828a810e01e4ae071737e395f983f2877ea24d273a4e91d10d8465731a8f27770d8b5f05902cd31be7191441e19ddc9dac4dcf955eeaaf73ce897b8d945fb8b3ae6a33384aed54e9bbbb09c3a8115310431e16a4325c1758d0881a5865481d1e7b928bad43999238135cea6169a13e08a553f14751cf9d3ff7a288ac62a0968e369d2ed7b01c72f2ab2bcbcc242f3200b9ba9c8ddd7568139f8994a8102ae47d470500e7c08d65f0bb18e4044cf2b76a6a838b8cac0f096080277d8270df677b1aca4d66d2708fe584dc9e90a7da729ba27017bd4dc510ecdb187dad2557152f1f99277282a5f1c6af7e2ac45166f1091872374ed8e77f2be184e4028617e86bfc535083aa7565f594e89dacd6d8bf04f111afc06e35129e866d17034ff56eeb4be033a6153ead796db92e11449b6d382c1d8a744cbcb7dd7abad8798ee718b88660c11196c248cfc9d741bdb1084cb508559965b8ae2bf06248478fc624689c424bc29e355d96847b702a693f7c849572cc70fe29982c4263e686bff113f8a3ba520f4e512a2b072e3bcf1e359fd1fb1af40ff69c4c2e4bee31c7152c032c0010550b6bd74cd13d283ed282c1774f2658b08b52a100994e3f7ac5b829dfee8d807da9b59b5a4d3b12caa208cd40a559a1baa4cb572cf55cc7774e186972f0bc87811a9a54a373fb3db493f4ed85b8d52c4fea743fe50c238f2f69ac550c60d3e833d65aa6a9d21f4743ca9e941f4d87f91f807a83557de"], 0x1140}, 0x1, 0x0, 0x0, 0x4800}, 0x20000001) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttynull\x00', 0x200, 0x0) mmap$auto(0x0, 0x9, 0x800000000df, 0x9b72, 0xea8a, 0x8000) open(0x0, 0x842, 0x91) open(0x0, 0x10000, 0x124) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60301, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x1) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0xffffffff, 0x10000000000002d, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x1000, 0x5, 0x15) 6.4397441s ago: executing program 1 (id=319): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x3f00, 0x9}, 0x7}, 0x3, 0x0) 5.98034827s ago: executing program 1 (id=322): mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) getsockopt$auto(0x6, 0x84, 0x81, 0x0, &(0x7f00000000c0)=0x10000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r0, 0x5453, 0x0) 5.10908359s ago: executing program 1 (id=325): write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) 5.045402266s ago: executing program 3 (id=326): write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) 4.598945006s ago: executing program 3 (id=329): r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0) read$auto_safesetid_gid_file_fops_securityfs(r0, 0x0, 0x0) 4.598761221s ago: executing program 1 (id=330): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2400, 0x0) sendmsg$auto_OVS_VPORT_CMD_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x40084}, 0x408c4) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) 4.325935574s ago: executing program 3 (id=332): r0 = socket$nl_generic(0x10, 0x3, 0x10) pwrite64$auto(0xffffffffffffffff, 0x0, 0xf4a, 0x100000001) close_range$auto(r0, 0xffffffffffffffff, 0x1b) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'team_slave_0\x00'}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) mkdir$auto(&(0x7f0000000080)='./file0\x00', 0xfffe) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000000)='./file1/file0\x00', &(0x7f0000000040)='./file0/file0\x00') sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x5f}, 0x1, 0x0, 0x0, 0x240480d0}, 0x40050) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0xf, 0x9, 0x63, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x400000000010, 0x8, 0x40000402, 0x7ffffffb, 0x9, 0xffffffff80000000, 0x9, 0x7, 0x200000100103}) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x8, 0x10007, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) ioperm$auto(0x7, 0x71, 0x863) iopl$auto(0x3) ioperm$auto(0x5, 0x3432, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x1a9382, 0x0) write$auto(r2, 0x0, 0x5) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/vivid/parameters/vid_cap_nr\x00', 0x48040, 0x0) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) setsockopt$auto(0xffffffffffffffff, 0x29, 0x12, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x8) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) tkill$auto(0x80000000000001, 0x7) ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) 4.170189946s ago: executing program 2 (id=333): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptysb\x00', 0x181002, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) shutdown$auto(0x200000003, 0x2) openat$auto_stats_fops_(0xffffffffffffff9c, 0x0, 0x400000, 0x0) writev$auto(r0, &(0x7f0000000240)={&(0x7f0000000180), 0x4ac}, 0x60) r1 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg$auto(r1, &(0x7f00000007c0)={&(0x7f00000006c0), 0x200, &(0x7f0000000740)={&(0x7f0000000700), 0xf}, 0x400, 0x0, 0xe, 0x466d}, 0x6) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000008177f983d747efbdf57202ed9d1d77b12fe2e4db8580ed9ef306e5c123d85256615aa666b2de879da392c9436bc8e635dcdeb4b35438d766faca36acc73f550e081d84b656c5a2c5447485b8c0c8b44ae6598a500d525b07d75f0ef3e475bf3329c55cea0b1938f7206268577b58f4eca168fd76477e1a369c1df65a68cf5773077e827940eaf9e053738620af43933f8b84f1d398b721dd3852f50463b00b5d429108d2c13d8a0e8c8b7cf29d171736a9da7e466443981d265fd5544e843b90ea0b09b799e5e2a52e4005a4f62b0f51ca45f4fd8f3a7e0c38dc064f15fdbe55ad35cfb7af0718089727d3b6a530597b2f5259c5af091cb2c6140c80183c25b0e8d48a710509dfd243565a1ad273eb6d6bb03c159b48a43e96a24f72fc4d9c18e2590fa05ac0f62d0103636f8257e97c57a0ddcaa58c87d700000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4008890}, 0x4000000) rseq$auto(&(0x7f0000000080)={0x4c, 0x0, 0xfffffffffffffeff, 0xd, 0x5a18, 0x3, "2f83cc0203f7f435d6dabcc41d3f5733b46a11dc2650a9739be101a3d5e2f4af8ee06b8385548eb65796777b14435b793b5e"}, 0x9, 0x7, 0x3) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r2, 0x0, 0x100002) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS32(r2, 0xc0245720, &(0x7f0000000140)={0xfffffff9, 0xf0e3, 0x1, 0x3, 0x401, "09972eaf1766673f75947e38228d3bc9"}) 3.699965564s ago: executing program 2 (id=334): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0x3, 0xfffff0b6, 0xffff, 0x88, 0xac1, 0x2, 0x36242398, 0x7ff, 0x3bb, 0x8, 0xfffe, 0x1, 0x81, 0x68198}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010027bd7000"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.570704947s ago: executing program 1 (id=336): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/tty/ptyd5/power/control\x00', 0x183042, 0x0) sendfile$auto(r0, r0, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000000)='+*&(\'\x00', 0x1ff) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x0, 0x0) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) close_range$auto(0x6, 0xb0, 0x6) select$auto(0x804, 0x0, &(0x7f0000000100)={[0x9, 0x0, 0x0, 0x80000300, 0x1, 0x0, 0x2, 0x3, 0x81, 0x10000005e58296b, 0x1e, 0x9, 0x7ff, 0x200, 0x20000000008, 0x4000000000006]}, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/net/bonding_masters\x00', 0x100, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.2/usb3/remove\x00', 0x141c01, 0x0) write$auto(r2, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0xe18) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) setsockopt$auto(r1, 0x2, 0x4, &(0x7f0000000000)='.-%(\x00', 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) read$auto_proc_pid_maps_operations_internal(r3, &(0x7f0000000980)=""/4098, 0x1002) 3.376891583s ago: executing program 2 (id=337): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0xa42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fstat$auto(0xffffffffffffffff, &(0x7f0000000180)={0x5, 0x8, 0x458, 0xc9, 0x0, 0xee01, 0x0, 0x607a, 0x20000000000ad, 0x1000, 0xc3, 0x7, 0x3, 0x8, 0x5, 0x480, 0xd277}) sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4) ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xfffffff7effffd05, &(0x7f00000001c0)) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x6, 0x0) socket(0x10, 0x3, 0x6) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b4a, 0x2, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, r1, 0x0, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x91) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x1, &(0x7f00000001c0)=@link_create={@prog_fd=r0, @target_ifindex=r3, 0x4, 0x3ff, @bpf_attr_link_create_4_1={0x6, 0x3}}, 0xc) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x8880) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) fadvise64$auto(r4, 0x8, 0x400000000000006, 0x4) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000600), 0x8000, 0x0) read$auto_proc_timers_operations_base(r5, &(0x7f0000000640)=""/111, 0x6f) socket(0x2, 0x1, 0x84) mmap$auto(0x974, 0x0, 0x3, 0x14, 0xffffffffffffffff, 0x4) 2.958750976s ago: executing program 2 (id=339): write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) 2.648968596s ago: executing program 0 (id=340): r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0) read$auto_safesetid_gid_file_fops_securityfs(r0, 0x0, 0x0) 2.391695362s ago: executing program 2 (id=341): r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r1, 0x8, 0x1) io_uring_setup$auto(0x6, 0x0) fcntl$auto(r1, 0x10, 0x2) r2 = socket(0x2, 0x6, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.0/usb1/bcdDevice\x00', 0x28440, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000001c0)=""/176, 0xb0) setsockopt$auto(r2, 0x0, 0x10, 0x0, 0x101) write$auto(r0, 0x0, 0x5) 2.389794611s ago: executing program 0 (id=349): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101a01, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) 2.293615909s ago: executing program 3 (id=342): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptysb\x00', 0x181002, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) shutdown$auto(0x200000003, 0x2) openat$auto_stats_fops_(0xffffffffffffff9c, 0x0, 0x400000, 0x0) writev$auto(r0, &(0x7f0000000240)={&(0x7f0000000180), 0x4ac}, 0x60) r1 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg$auto(r1, &(0x7f00000007c0)={&(0x7f00000006c0), 0x200, &(0x7f0000000740)={&(0x7f0000000700), 0xf}, 0x400, 0x0, 0xe, 0x466d}, 0x6) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000008177f983d747efbdf57202ed9d1d77b12fe2e4db8580ed9ef306e5c123d85256615aa666b2de879da392c9436bc8e635dcdeb4b35438d766faca36acc73f550e081d84b656c5a2c5447485b8c0c8b44ae6598a500d525b07d75f0ef3e475bf3329c55cea0b1938f7206268577b58f4eca168fd76477e1a369c1df65a68cf5773077e827940eaf9e053738620af43933f8b84f1d398b721dd3852f50463b00b5d429108d2c13d8a0e8c8b7cf29d171736a9da7e466443981d265fd5544e843b90ea0b09b799e5e2a52e4005a4f62b0f51ca45f4fd8f3a7e0c38dc064f15fdbe55ad35cfb7af0718089727d3b6a530597b2f5259c5af091cb2c6140c80183c25b0e8d48a710509dfd243565a1ad273eb6d6bb03c159b48a43e96a24f72fc4d9c18e2590fa05ac0f62d0103636f8257e97c57a0ddcaa58c87d700000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4008890}, 0x4000000) rseq$auto(&(0x7f0000000080)={0x4c, 0x0, 0xfffffffffffffeff, 0xd, 0x5a18, 0x3, "2f83cc0203f7f435d6dabcc41d3f5733b46a11dc2650a9739be101a3d5e2f4af8ee06b8385548eb65796777b14435b793b5e"}, 0x9, 0x7, 0x3) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r2, 0x0, 0x100002) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS32(r2, 0xc0245720, &(0x7f0000000140)={0xfffffff9, 0xf0e3, 0x1, 0x3, 0x401, "09972eaf1766673f75947e38228d3bc9"}) 1.683363854s ago: executing program 32 (id=342): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptysb\x00', 0x181002, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) shutdown$auto(0x200000003, 0x2) openat$auto_stats_fops_(0xffffffffffffff9c, 0x0, 0x400000, 0x0) writev$auto(r0, &(0x7f0000000240)={&(0x7f0000000180), 0x4ac}, 0x60) r1 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg$auto(r1, &(0x7f00000007c0)={&(0x7f00000006c0), 0x200, &(0x7f0000000740)={&(0x7f0000000700), 0xf}, 0x400, 0x0, 0xe, 0x466d}, 0x6) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000008177f983d747efbdf57202ed9d1d77b12fe2e4db8580ed9ef306e5c123d85256615aa666b2de879da392c9436bc8e635dcdeb4b35438d766faca36acc73f550e081d84b656c5a2c5447485b8c0c8b44ae6598a500d525b07d75f0ef3e475bf3329c55cea0b1938f7206268577b58f4eca168fd76477e1a369c1df65a68cf5773077e827940eaf9e053738620af43933f8b84f1d398b721dd3852f50463b00b5d429108d2c13d8a0e8c8b7cf29d171736a9da7e466443981d265fd5544e843b90ea0b09b799e5e2a52e4005a4f62b0f51ca45f4fd8f3a7e0c38dc064f15fdbe55ad35cfb7af0718089727d3b6a530597b2f5259c5af091cb2c6140c80183c25b0e8d48a710509dfd243565a1ad273eb6d6bb03c159b48a43e96a24f72fc4d9c18e2590fa05ac0f62d0103636f8257e97c57a0ddcaa58c87d700000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4008890}, 0x4000000) rseq$auto(&(0x7f0000000080)={0x4c, 0x0, 0xfffffffffffffeff, 0xd, 0x5a18, 0x3, "2f83cc0203f7f435d6dabcc41d3f5733b46a11dc2650a9739be101a3d5e2f4af8ee06b8385548eb65796777b14435b793b5e"}, 0x9, 0x7, 0x3) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r2, 0x0, 0x100002) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS32(r2, 0xc0245720, &(0x7f0000000140)={0xfffffff9, 0xf0e3, 0x1, 0x3, 0x401, "09972eaf1766673f75947e38228d3bc9"}) 1.641002051s ago: executing program 0 (id=344): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2400, 0x0) sendmsg$auto_OVS_VPORT_CMD_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x40084}, 0x408c4) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) 1.640773174s ago: executing program 1 (id=345): close_range$auto(0x2, 0x8, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x2001, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram11\x00', 0x2a203, 0x0) pwrite64$auto(r0, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x99f59a446481d24a, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) pipe$auto(0x0) pipe$auto(0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x1a3340, 0x0) ioctl$auto(r1, 0x5646, r1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/hwsim0/carrier\x00', 0x121902, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/vlan/config\x00', 0x2800, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000001080)=""/244, 0xf4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.4/usb17/authorized\x00', 0x0, 0x0) r3 = socket(0x2000000000000021, 0x2, 0x10000000000002) sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setsockopt$auto(r3, 0x7fffffff, 0x4, 0x0, 0x4) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PVERSION(0xffffffffffffffff, 0x80045700, &(0x7f0000000180)=0xc65) setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2) unshare$auto(0x40000080) socket(0x2a, 0x3, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) select$auto(0xffffffff, 0x0, &(0x7f0000000100)={[0xb, 0x4, 0x0, 0x8000000000000000, 0x1, 0x6, 0x9, 0x3, 0x83, 0x6, 0x1e, 0xa, 0x7ff, 0x7, 0x20000000008, 0x7]}, 0x0, 0x0) unshare$auto(0x40000080) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x40044620, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) 1.284784671s ago: executing program 0 (id=346): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0x4, 0x0) socket(0x1d, 0x2, 0x6) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0) prctl$auto(0x23, 0x4, 0x2008, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptyc9\x00', 0x20c40, 0x0) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mounts\x00', 0x121080, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/loop9/queue/rotational\x00', 0x103400, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40d40, 0x1a0) socket(0x10, 0x2, 0x14) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) ioctl$auto(r1, 0xc1205531, r0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyu9\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) write$auto(0x3, 0x0, 0xffd8) 1.138668554s ago: executing program 2 (id=347): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (fail_nth: 7) 961.580635ms ago: executing program 0 (id=348): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000"], 0x1ac}, 0x1, 0x0, 0x0, 0x8841}, 0x40000) read$auto(r1, 0x0, 0x10001) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x54, 0x0, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x3}, @L2TP_ATTR_IP6_SADDR={0x14}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @mcast1}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x0) write$auto(r0, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) 0s ago: executing program 0 (id=350): close_range$auto(0x2, 0x8, 0x0) bpf$auto(0x1c, &(0x7f0000000040)=@link_update={0xffffffffffffffff, @new_prog_fd=0xffffffffffffffff, 0x2c}, 0x92) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r2, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) read$auto(r0, &(0x7f00000003c0)=')}\x84\x1a\x1al\xc7T\xad\xb0\xd2nl80!\xd2\xc5\xba\xd1\x02\x82\x00\x00\x00\xb1\x03\x00\x00\x00\x00\x00\x00\x00\xeb\xb0\xde[\xc7\x9a\x85p\x82A!{vv\xe5\b\x8bI8\xc8ch\"\x0f\xc2\xe5*h\xd2?K\xd2\xe2\xebKm\xc6\xec\x86&\xed\xb2CZ\xd2]B\x9a\xda\xc4\x9d\xb4\xe2\n\x97 t\x9f\xbe\t\x90\x95\t\x95\xea\x97\xec\xd1\xfa\xaei\x92Zt\xbce\xd9\xbb\xfeO\xe9\xdc\xc4\x1b\xe3\xa1\xb3\xf6\xb8\x8b\x95\xdfy\x01\x8f\x91\xe2\x00'/156, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, &(0x7f0000000340)="22f470de762b7d12bacfb792720a18f482cb29f6507909d905d03ed64ad0e80d037bca79c2a42ac42604613217d5019137957503b70b1a15904cf4fd2c1dfb103bd48a30efe81ad06eef261816fc83f10a2a") sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0xc0082, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_CTRL_CMD_GETPOLICY(r5, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000841) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x24008081}, 0x4000841) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r6, &(0x7f0000000000)='//\xf2\x00', 0x80000000) readv$auto(r6, &(0x7f0000000a80)={0x0, 0x10002}, 0x401) ioctl$auto(r6, 0xfffffffe, r3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/queues\x00', 0x20000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.232' (ED25519) to the list of known hosts. [ 84.140014][ T5825] cgroup: Unknown subsys name 'net' [ 84.266170][ T5825] cgroup: Unknown subsys name 'cpuset' [ 84.275589][ T5825] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.994698][ T5825] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 88.053009][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.062962][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.072222][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.080361][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.088356][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.096786][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.104900][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.113277][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.122740][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.127862][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.130760][ T5845] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.143592][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.151928][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.152917][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.160585][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.175087][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.184679][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.193019][ T5846] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.200967][ T5852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.203310][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.217069][ T5846] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.220683][ T5852] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.226747][ T5146] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.232151][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.666457][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 88.698465][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 88.713828][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 88.818639][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 88.874294][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.882062][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.890872][ T5840] bridge_slave_0: entered allmulticast mode [ 88.897996][ T5840] bridge_slave_0: entered promiscuous mode [ 88.925483][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.932763][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.940022][ T5834] bridge_slave_0: entered allmulticast mode [ 88.947149][ T5834] bridge_slave_0: entered promiscuous mode [ 88.955533][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.962822][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.970017][ T5840] bridge_slave_1: entered allmulticast mode [ 88.977771][ T5840] bridge_slave_1: entered promiscuous mode [ 88.998554][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.006867][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.014554][ T5834] bridge_slave_1: entered allmulticast mode [ 89.021451][ T5834] bridge_slave_1: entered promiscuous mode [ 89.098422][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.121884][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.133212][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.154086][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.161298][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.169333][ T5841] bridge_slave_0: entered allmulticast mode [ 89.177473][ T5841] bridge_slave_0: entered promiscuous mode [ 89.206871][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.233052][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.240198][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.247684][ T5841] bridge_slave_1: entered allmulticast mode [ 89.255425][ T5841] bridge_slave_1: entered promiscuous mode [ 89.262219][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.269629][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.277068][ T5835] bridge_slave_0: entered allmulticast mode [ 89.284844][ T5835] bridge_slave_0: entered promiscuous mode [ 89.303581][ T5834] team0: Port device team_slave_0 added [ 89.311964][ T5840] team0: Port device team_slave_0 added [ 89.320474][ T5840] team0: Port device team_slave_1 added [ 89.345916][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.353764][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.360949][ T5835] bridge_slave_1: entered allmulticast mode [ 89.368275][ T5835] bridge_slave_1: entered promiscuous mode [ 89.386303][ T5834] team0: Port device team_slave_1 added [ 89.439641][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.446816][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.472836][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.487314][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.499384][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.511264][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.521401][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.528667][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.554683][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.566558][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.573778][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.599805][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.637075][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.656849][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.664427][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.690619][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.718260][ T5841] team0: Port device team_slave_0 added [ 89.727098][ T5841] team0: Port device team_slave_1 added [ 89.745725][ T5835] team0: Port device team_slave_0 added [ 89.760384][ T5835] team0: Port device team_slave_1 added [ 89.825883][ T5840] hsr_slave_0: entered promiscuous mode [ 89.832260][ T5840] hsr_slave_1: entered promiscuous mode [ 89.870581][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.877666][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.903960][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.915754][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.923063][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.949082][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.964757][ T5834] hsr_slave_0: entered promiscuous mode [ 89.971007][ T5834] hsr_slave_1: entered promiscuous mode [ 89.977453][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.985560][ T5834] Cannot create hsr debugfs directory [ 89.992662][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.999649][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.025594][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.037605][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.044766][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.070887][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.166442][ T5841] hsr_slave_0: entered promiscuous mode [ 90.173605][ T5841] hsr_slave_1: entered promiscuous mode [ 90.179643][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.187344][ T5841] Cannot create hsr debugfs directory [ 90.213989][ T5852] Bluetooth: hci2: command tx timeout [ 90.243122][ T5835] hsr_slave_0: entered promiscuous mode [ 90.249408][ T5835] hsr_slave_1: entered promiscuous mode [ 90.255872][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.263708][ T5835] Cannot create hsr debugfs directory [ 90.305419][ T5852] Bluetooth: hci1: command tx timeout [ 90.311356][ T5852] Bluetooth: hci3: command tx timeout [ 90.317043][ T54] Bluetooth: hci0: command tx timeout [ 90.537986][ T5840] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.569700][ T5840] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.587100][ T5840] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.603000][ T5840] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.635352][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.660940][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.681437][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.705053][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.747835][ T5841] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.764513][ T5841] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.799869][ T5841] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.810484][ T5841] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.894855][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.909212][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.919571][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.930567][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.038889][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.049979][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.087015][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.107600][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.129159][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.136495][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.150076][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.157295][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.187272][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.194406][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.226818][ T249] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.234021][ T249] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.269521][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.319880][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.368810][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.412339][ T249] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.419506][ T249] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.441269][ T249] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.448466][ T249] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.478027][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.529818][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.560016][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.567182][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.637310][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.644483][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.737925][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.874577][ T5840] veth0_vlan: entered promiscuous mode [ 91.895449][ T5840] veth1_vlan: entered promiscuous mode [ 91.979100][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.003846][ T5840] veth0_macvtap: entered promiscuous mode [ 92.021932][ T5840] veth1_macvtap: entered promiscuous mode [ 92.050222][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.086727][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.122231][ T5834] veth0_vlan: entered promiscuous mode [ 92.131361][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.160461][ T5840] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.169994][ T5840] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.180206][ T5840] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.189302][ T5840] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.203949][ T5834] veth1_vlan: entered promiscuous mode [ 92.253298][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.292985][ T5852] Bluetooth: hci2: command tx timeout [ 92.309011][ T5841] veth0_vlan: entered promiscuous mode [ 92.373048][ T5852] Bluetooth: hci1: command tx timeout [ 92.383338][ T5852] Bluetooth: hci3: command tx timeout [ 92.384887][ T5841] veth1_vlan: entered promiscuous mode [ 92.388795][ T5852] Bluetooth: hci0: command tx timeout [ 92.441471][ T5834] veth0_macvtap: entered promiscuous mode [ 92.497445][ T5834] veth1_macvtap: entered promiscuous mode [ 92.526808][ T5835] veth0_vlan: entered promiscuous mode [ 92.538486][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.548174][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.591627][ T5835] veth1_vlan: entered promiscuous mode [ 92.606227][ T5841] veth0_macvtap: entered promiscuous mode [ 92.620462][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.633671][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.653595][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.683702][ T5841] veth1_macvtap: entered promiscuous mode [ 92.709567][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.722977][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.734694][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.781051][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.795578][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.809096][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.820597][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.833802][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.859884][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.872918][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.875133][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.884412][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.902442][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.912923][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.928366][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.983564][ T5835] veth0_macvtap: entered promiscuous mode [ 92.992976][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.005439][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.021120][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.031813][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.056507][ T5841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.081405][ T5841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.091432][ T5841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.102058][ T5841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.125657][ T5835] veth1_macvtap: entered promiscuous mode [ 93.139451][ T5840] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 93.238900][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.272762][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.292514][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.314224][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.329624][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.341822][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.354287][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.411032][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.424228][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.435305][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.449777][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.459749][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.475990][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.490245][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.526077][ T5835] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.540341][ T5835] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.549280][ T5835] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.564980][ T5835] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.590762][ T2948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.601123][ T2948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.686508][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.706093][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.745539][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.764220][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.833846][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.841740][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.944392][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.971409][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.079731][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.142603][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.308918][ T5909] Zero length message leads to an empty skb [ 94.339030][ T5914] mmap: syz.2.3 (5914) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 94.378336][ T5852] Bluetooth: hci2: command tx timeout [ 94.452678][ T5852] Bluetooth: hci0: command tx timeout [ 94.452858][ T54] Bluetooth: hci3: command tx timeout [ 94.458858][ T5852] Bluetooth: hci1: command tx timeout [ 94.977462][ T5925] FAULT_INJECTION: forcing a failure. [ 94.977462][ T5925] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 95.051210][ T5925] CPU: 0 UID: 0 PID: 5925 Comm: syz.1.2 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 95.051250][ T5925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 95.051275][ T5925] Call Trace: [ 95.051284][ T5925] [ 95.051299][ T5925] dump_stack_lvl+0x16c/0x1f0 [ 95.051355][ T5925] should_fail_ex+0x50a/0x650 [ 95.051397][ T5925] _copy_to_iter+0x29b/0x1400 [ 95.051441][ T5925] ? trace_lock_acquire+0x14e/0x1f0 [ 95.051473][ T5925] ? hlock_class+0x4e/0x130 [ 95.051535][ T5925] ? __pfx__copy_to_iter+0x10/0x10 [ 95.051574][ T5925] ? __virt_addr_valid+0x1a4/0x590 [ 95.051610][ T5925] ? __virt_addr_valid+0x5e/0x590 [ 95.051638][ T5925] ? __phys_addr+0xc6/0x150 [ 95.051664][ T5925] ? __phys_addr_symbol+0x30/0x80 [ 95.051719][ T5925] ? __check_object_size+0x488/0x710 [ 95.051766][ T5925] simple_copy_to_iter+0x4f/0x80 [ 95.051811][ T5925] __skb_datagram_iter+0x5a6/0x8c0 [ 95.051852][ T5925] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 95.051907][ T5925] skb_copy_datagram_iter+0x40/0x50 [ 95.051955][ T5925] mptcp_recvmsg+0x559/0x1ff0 [ 95.052014][ T5925] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 95.052060][ T5925] ? __pfx___might_resched+0x10/0x10 [ 95.052111][ T5925] ? aa_sk_perm+0x2f5/0xb20 [ 95.052165][ T5925] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 95.052202][ T5925] inet_recvmsg+0x469/0x6a0 [ 95.052244][ T5925] ? lock_acquire+0x2f/0xb0 [ 95.052281][ T5925] ? __pfx_inet_recvmsg+0x10/0x10 [ 95.052336][ T5925] sock_recvmsg+0x1b2/0x250 [ 95.052376][ T5925] __sys_recvfrom+0x204/0x310 [ 95.052428][ T5925] ? 0xffffffff81000000 [ 95.052449][ T5925] ? __pfx___sys_recvfrom+0x10/0x10 [ 95.052518][ T5925] ? ksys_write+0x1ba/0x250 [ 95.052549][ T5925] ? __pfx_ksys_write+0x10/0x10 [ 95.052577][ T5925] __x64_sys_recvfrom+0xe0/0x1c0 [ 95.052615][ T5925] ? do_syscall_64+0x91/0x250 [ 95.052654][ T5925] ? lockdep_hardirqs_on+0x7c/0x110 [ 95.052690][ T5925] do_syscall_64+0xcd/0x250 [ 95.052729][ T5925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.052767][ T5925] RIP: 0033:0x7fbfe238cda9 [ 95.052786][ T5925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.052812][ T5925] RSP: 002b:00007fbfe32b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 95.052855][ T5925] RAX: ffffffffffffffda RBX: 00007fbfe25a5fa0 RCX: 00007fbfe238cda9 [ 95.052912][ T5925] RDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003 [ 95.052933][ T5925] RBP: 00007fbfe32b7090 R08: 0000000000000000 R09: ffffffff81000000 [ 95.052950][ T5925] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 95.052965][ T5925] R13: 0000000000000000 R14: 00007fbfe25a5fa0 R15: 00007ffe201779d8 [ 95.052990][ T5925] ? 0xffffffff81000000 [ 95.053026][ T5925] [ 95.866648][ T5935] FAULT_INJECTION: forcing a failure. [ 95.866648][ T5935] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 95.884574][ T5935] CPU: 0 UID: 0 PID: 5935 Comm: syz.3.8 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 95.884610][ T5935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 95.884625][ T5935] Call Trace: [ 95.884632][ T5935] [ 95.884641][ T5935] dump_stack_lvl+0x16c/0x1f0 [ 95.884685][ T5935] should_fail_ex+0x50a/0x650 [ 95.884712][ T5935] ? __pfx___might_resched+0x10/0x10 [ 95.884750][ T5935] should_fail_alloc_page+0xe7/0x130 [ 95.884785][ T5935] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 95.884828][ T5935] ? __pfx_mark_lock+0x10/0x10 [ 95.884861][ T5935] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 95.884895][ T5935] ? __pfx_hlock_conflict+0x10/0x10 [ 95.884922][ T5935] ? hlock_class+0x4e/0x130 [ 95.884962][ T5935] ? mark_lock+0xb5/0xc60 [ 95.884995][ T5935] ? hlock_class+0x4e/0x130 [ 95.885042][ T5935] ? __lock_acquire+0xcc5/0x3c40 [ 95.885080][ T5935] ? __pfx_mark_lock+0x10/0x10 [ 95.885127][ T5935] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 95.885190][ T5935] ? hlock_class+0x4e/0x130 [ 95.885235][ T5935] ? hlock_class+0x4e/0x130 [ 95.885281][ T5935] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 95.885323][ T5935] ? policy_nodemask+0xea/0x4e0 [ 95.885362][ T5935] alloc_pages_mpol+0x1fc/0x540 [ 95.885402][ T5935] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 95.885438][ T5935] ? __pfx___lock_acquire+0x10/0x10 [ 95.885474][ T5935] ? lock_acquire+0x2f/0xb0 [ 95.885517][ T5935] ? is_bpf_text_address+0x30/0x1a0 [ 95.885558][ T5935] alloc_pages_noprof+0x131/0x390 [ 95.885597][ T5935] pte_alloc_one+0x20/0x390 [ 95.885640][ T5935] do_pte_missing+0x1aff/0x3e10 [ 95.885674][ T5935] ? __pfx_lock_release+0x10/0x10 [ 95.885717][ T5935] __handle_mm_fault+0x1166/0x2c60 [ 95.885762][ T5935] ? __pfx___handle_mm_fault+0x10/0x10 [ 95.885795][ T5935] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 95.885855][ T5935] ? find_vma+0xc0/0x140 [ 95.885903][ T5935] ? __pfx_find_vma+0x10/0x10 [ 95.885957][ T5935] handle_mm_fault+0x3fa/0xaa0 [ 95.885998][ T5935] do_user_addr_fault+0x7a3/0x13f0 [ 95.886044][ T5935] exc_page_fault+0x5c/0xc0 [ 95.886089][ T5935] asm_exc_page_fault+0x26/0x30 [ 95.886130][ T5935] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 95.886166][ T5935] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 95.886194][ T5935] RSP: 0018:ffffc900040f77e8 EFLAGS: 00050206 [ 95.886218][ T5935] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000000000c4 [ 95.886236][ T5935] RDX: ffffed1005066c99 RSI: 0000000000000000 RDI: ffff888028336400 [ 95.886255][ T5935] RBP: ffffc900040f7d60 R08: 0000000000000001 R09: ffffed1005066c98 [ 95.886275][ T5935] R10: ffff8880283364c3 R11: 0000000000000000 R12: 00000000000000c4 [ 95.886293][ T5935] R13: 00007ffffffff000 R14: ffff888028336400 R15: 00000000000000c4 [ 95.886334][ T5935] _copy_from_iter+0x384/0x1400 [ 95.886378][ T5935] ? trace_lock_acquire+0x14e/0x1f0 [ 95.886407][ T5935] ? __alloc_skb+0x200/0x380 [ 95.886456][ T5935] ? __pfx__copy_from_iter+0x10/0x10 [ 95.886503][ T5935] ? __virt_addr_valid+0x1a4/0x590 [ 95.886537][ T5935] ? __virt_addr_valid+0x5e/0x590 [ 95.886564][ T5935] ? __phys_addr_symbol+0x30/0x80 [ 95.886613][ T5935] ? __check_object_size+0x488/0x710 [ 95.886659][ T5935] netlink_sendmsg+0x813/0xd70 [ 95.886708][ T5935] ? __pfx_netlink_sendmsg+0x10/0x10 [ 95.886765][ T5935] ____sys_sendmsg+0x9ae/0xb40 [ 95.886803][ T5935] ? copy_msghdr_from_user+0x10b/0x160 [ 95.886851][ T5935] ? __pfx_____sys_sendmsg+0x10/0x10 [ 95.886887][ T5935] ? __lock_acquire+0xcc5/0x3c40 [ 95.886938][ T5935] ___sys_sendmsg+0x135/0x1e0 [ 95.886991][ T5935] ? __pfx____sys_sendmsg+0x10/0x10 [ 95.887059][ T5935] ? trace_lock_acquire+0x14e/0x1f0 [ 95.887113][ T5935] __sys_sendmmsg+0x201/0x420 [ 95.887146][ T5935] ? __pfx___sys_sendmmsg+0x10/0x10 [ 95.887189][ T5935] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 95.887252][ T5935] ? fput+0x67/0x440 [ 95.887292][ T5935] ? ksys_write+0x1ba/0x250 [ 95.887322][ T5935] ? __pfx_ksys_write+0x10/0x10 [ 95.887359][ T5935] __x64_sys_sendmmsg+0x9c/0x100 [ 95.887388][ T5935] ? lockdep_hardirqs_on+0x7c/0x110 [ 95.887445][ T5935] do_syscall_64+0xcd/0x250 [ 95.887500][ T5935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.887541][ T5935] RIP: 0033:0x7f411118cda9 [ 95.887564][ T5935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.887591][ T5935] RSP: 002b:00007f4111f5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 95.887617][ T5935] RAX: ffffffffffffffda RBX: 00007f41113a5fa0 RCX: 00007f411118cda9 [ 95.887636][ T5935] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 95.887654][ T5935] RBP: 00007f4111f5f090 R08: 0000000000000000 R09: 0000000000000000 [ 95.887672][ T5935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.887690][ T5935] R13: 0000000000000000 R14: 00007f41113a5fa0 R15: 00007fff43063ac8 [ 95.887728][ T5935] [ 96.452743][ T5852] Bluetooth: hci2: command tx timeout [ 96.535690][ T5852] Bluetooth: hci3: command tx timeout [ 96.535703][ T5846] Bluetooth: hci0: command tx timeout [ 96.544489][ T5846] Bluetooth: hci1: command tx timeout [ 96.660385][ T5944] Process accounting resumed [ 97.208205][ T5958] Process accounting resumed [ 97.250110][ T5958] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15'. [ 97.336408][ T25] cfg80211: failed to load regulatory.db [ 98.070101][ T5975] bridge0: port 3(team0) entered blocking state [ 98.077207][ T5966] Process accounting resumed [ 98.077605][ T5975] bridge0: port 3(team0) entered disabled state [ 98.096185][ T5975] team0: entered allmulticast mode [ 98.101384][ T5975] team_slave_0: entered allmulticast mode [ 98.112432][ T5975] team_slave_1: entered allmulticast mode [ 98.140018][ T5975] team0: entered promiscuous mode [ 98.199183][ T5975] team_slave_0: entered promiscuous mode [ 98.222796][ T5975] team_slave_1: entered promiscuous mode [ 98.236602][ T5975] bridge0: port 3(team0) entered blocking state [ 98.243293][ T5975] bridge0: port 3(team0) entered forwarding state [ 98.627117][ T5982] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.849594][ T5970] Process accounting resumed [ 99.065877][ T5995] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.082095][ T5995] FAULT_INJECTION: forcing a failure. [ 99.082095][ T5995] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 99.082133][ T5995] CPU: 1 UID: 0 PID: 5995 Comm: syz.1.22 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 99.082174][ T5995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 99.082192][ T5995] Call Trace: [ 99.082200][ T5995] [ 99.082223][ T5995] dump_stack_lvl+0x16c/0x1f0 [ 99.082270][ T5995] should_fail_ex+0x50a/0x650 [ 99.082315][ T5995] _copy_to_user+0x32/0xd0 [ 99.082357][ T5995] simple_read_from_buffer+0xd0/0x160 [ 99.082406][ T5995] proc_fail_nth_read+0x198/0x270 [ 99.082456][ T5995] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 99.082501][ T5995] ? rw_verify_area+0xcf/0x680 [ 99.082545][ T5995] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 99.082586][ T5995] vfs_read+0x1df/0xbf0 [ 99.082620][ T5995] ? __pfx_vfs_read+0x10/0x10 [ 99.082649][ T5995] ? do_sys_openat2+0xb1/0x1e0 [ 99.082689][ T5995] ? __pfx_do_sys_openat2+0x10/0x10 [ 99.082763][ T5995] ksys_read+0x12b/0x250 [ 99.082792][ T5995] ? __pfx_ksys_read+0x10/0x10 [ 99.082831][ T5995] do_syscall_64+0xcd/0x250 [ 99.082881][ T5995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.082930][ T5995] RIP: 0033:0x7fbfe238b7bc [ 99.082953][ T5995] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 99.082981][ T5995] RSP: 002b:00007fbfe32b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 99.083009][ T5995] RAX: ffffffffffffffda RBX: 00007fbfe25a5fa0 RCX: 00007fbfe238b7bc [ 99.083027][ T5995] RDX: 000000000000000f RSI: 00007fbfe32b70a0 RDI: 0000000000000006 [ 99.083045][ T5995] RBP: 00007fbfe32b7090 R08: 0000000000000000 R09: 0000000000000000 [ 99.083061][ T5995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.083078][ T5995] R13: 0000000000000000 R14: 00007fbfe25a5fa0 R15: 00007ffe201779d8 [ 99.083122][ T5995] [ 99.887790][ T6011] FAULT_INJECTION: forcing a failure. [ 99.887790][ T6011] name failslab, interval 1, probability 0, space 0, times 1 [ 100.156156][ T6011] CPU: 0 UID: 0 PID: 6011 Comm: syz.2.28 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 100.156211][ T6011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 100.156234][ T6011] Call Trace: [ 100.156244][ T6011] [ 100.156256][ T6011] dump_stack_lvl+0x16c/0x1f0 [ 100.156309][ T6011] should_fail_ex+0x50a/0x650 [ 100.156346][ T6011] ? fs_reclaim_acquire+0xae/0x150 [ 100.156426][ T6011] ? kobject_uevent_env+0x265/0x1670 [ 100.156459][ T6011] should_failslab+0xc2/0x120 [ 100.156501][ T6011] __kmalloc_cache_noprof+0x68/0x420 [ 100.156560][ T6011] kobject_uevent_env+0x265/0x1670 [ 100.156595][ T6011] ? __pfx_dev_uevent_name+0x10/0x10 [ 100.156654][ T6011] ? kobject_put+0xab/0x5a0 [ 100.156716][ T6011] device_add+0x10e0/0x1a70 [ 100.156763][ T6011] ? __pfx_device_add+0x10/0x10 [ 100.156805][ T6011] ? mark_held_locks+0x9f/0xe0 [ 100.156860][ T6011] usb_set_configuration+0x10ea/0x1ca0 [ 100.156932][ T6011] bConfigurationValue_store+0x101/0x180 [ 100.156979][ T6011] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 100.157027][ T6011] ? __pfx__copy_from_iter+0x10/0x10 [ 100.157082][ T6011] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 100.157128][ T6011] dev_attr_store+0x55/0x80 [ 100.157179][ T6011] ? __pfx_dev_attr_store+0x10/0x10 [ 100.157219][ T6011] sysfs_kf_write+0x117/0x170 [ 100.157270][ T6011] kernfs_fop_write_iter+0x33d/0x500 [ 100.157310][ T6011] ? __pfx_sysfs_kf_write+0x10/0x10 [ 100.157360][ T6011] iter_file_splice_write+0x90f/0x10b0 [ 100.157415][ T6011] ? __pfx_iter_file_splice_write+0x10/0x10 [ 100.157466][ T6011] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 100.157516][ T6011] ? splice_direct_to_actor+0x346/0xa40 [ 100.157577][ T6011] ? __pfx_iter_file_splice_write+0x10/0x10 [ 100.157612][ T6011] direct_splice_actor+0x18f/0x6c0 [ 100.157697][ T6011] splice_direct_to_actor+0x346/0xa40 [ 100.157754][ T6011] ? __pfx_direct_splice_actor+0x10/0x10 [ 100.157819][ T6011] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 100.157878][ T6011] ? __fget_files+0x1fc/0x3a0 [ 100.157918][ T6011] do_splice_direct+0x178/0x250 [ 100.157972][ T6011] ? __pfx_do_splice_direct+0x10/0x10 [ 100.158030][ T6011] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 100.158086][ T6011] ? rw_verify_area+0xcf/0x680 [ 100.158140][ T6011] do_sendfile+0xafb/0xe40 [ 100.158214][ T6011] ? __pfx_do_sendfile+0x10/0x10 [ 100.158279][ T6011] ? __x64_sys_futex+0x1e1/0x4c0 [ 100.158311][ T6011] ? __x64_sys_futex+0x1ea/0x4c0 [ 100.158353][ T6011] __x64_sys_sendfile64+0x1da/0x220 [ 100.158396][ T6011] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 100.158455][ T6011] do_syscall_64+0xcd/0x250 [ 100.158511][ T6011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.158564][ T6011] RIP: 0033:0x7ff57738cda9 [ 100.158593][ T6011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.158625][ T6011] RSP: 002b:00007ff5781fb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 100.158655][ T6011] RAX: ffffffffffffffda RBX: 00007ff5775a5fa0 RCX: 00007ff57738cda9 [ 100.158677][ T6011] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 100.158697][ T6011] RBP: 00007ff57740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.158716][ T6011] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 100.158734][ T6011] R13: 0000000000000000 R14: 00007ff5775a5fa0 R15: 00007ffc34731728 [ 100.158781][ T6011] [ 100.171319][ T6011] hub 5-0:1.0: USB hub found [ 100.173317][ T6011] hub 5-0:1.0: 1 port detected [ 101.124205][ T6026] capability: warning: `syz.2.33' uses 32-bit capabilities (legacy support in use) [ 101.137350][ T6026] : entered promiscuous mode [ 101.605709][ T6033] Process accounting resumed [ 101.663594][ T6033] netlink: 4 bytes leftover after parsing attributes in process `syz.3.35'. [ 102.001781][ T6040] random: crng reseeded on system resumption [ 103.763305][ T6058] FAULT_INJECTION: forcing a failure. [ 103.763305][ T6058] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.827654][ T6058] CPU: 1 UID: 0 PID: 6058 Comm: syz.1.41 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 103.827695][ T6058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 103.827712][ T6058] Call Trace: [ 103.827722][ T6058] [ 103.827734][ T6058] dump_stack_lvl+0x16c/0x1f0 [ 103.827783][ T6058] should_fail_ex+0x50a/0x650 [ 103.827822][ T6058] _copy_from_user+0x2e/0xd0 [ 103.827870][ T6058] copy_msghdr_from_user+0x99/0x160 [ 103.827922][ T6058] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 103.827970][ T6058] ? __lock_acquire+0xcc5/0x3c40 [ 103.828022][ T6058] ___sys_sendmsg+0xff/0x1e0 [ 103.828072][ T6058] ? __pfx____sys_sendmsg+0x10/0x10 [ 103.828137][ T6058] ? trace_lock_acquire+0x14e/0x1f0 [ 103.828190][ T6058] __sys_sendmmsg+0x201/0x420 [ 103.828223][ T6058] ? __pfx___sys_sendmmsg+0x10/0x10 [ 103.828264][ T6058] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 103.828325][ T6058] ? fput+0x67/0x440 [ 103.828364][ T6058] ? ksys_write+0x1ba/0x250 [ 103.828393][ T6058] ? __pfx_ksys_write+0x10/0x10 [ 103.828428][ T6058] __x64_sys_sendmmsg+0x9c/0x100 [ 103.828457][ T6058] ? lockdep_hardirqs_on+0x7c/0x110 [ 103.828500][ T6058] do_syscall_64+0xcd/0x250 [ 103.828548][ T6058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.828590][ T6058] RIP: 0033:0x7fbfe238cda9 [ 103.828612][ T6058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.828640][ T6058] RSP: 002b:00007fbfe32b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 103.828667][ T6058] RAX: ffffffffffffffda RBX: 00007fbfe25a5fa0 RCX: 00007fbfe238cda9 [ 103.828691][ T6058] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003 [ 103.828707][ T6058] RBP: 00007fbfe32b7090 R08: 0000000000000000 R09: 0000000000000000 [ 103.828737][ T6058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.828753][ T6058] R13: 0000000000000000 R14: 00007fbfe25a5fa0 R15: 00007ffe201779d8 [ 103.828789][ T6058] [ 107.070419][ T6088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.51'. [ 109.502680][ T6121] FAULT_INJECTION: forcing a failure. [ 109.502680][ T6121] name fail_futex, interval 1, probability 0, space 0, times 1 [ 109.526764][ T6121] CPU: 1 UID: 0 PID: 6121 Comm: syz.1.60 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 109.526807][ T6121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 109.526826][ T6121] Call Trace: [ 109.526834][ T6121] [ 109.526846][ T6121] dump_stack_lvl+0x16c/0x1f0 [ 109.526901][ T6121] should_fail_ex+0x50a/0x650 [ 109.526944][ T6121] get_futex_key+0x4a3/0x1000 [ 109.527011][ T6121] ? __pfx_get_futex_key+0x10/0x10 [ 109.527064][ T6121] ? __pfx_lock_release+0x10/0x10 [ 109.527105][ T6121] ? plist_check_prev_next+0x12a/0x1a0 [ 109.527151][ T6121] futex_wait_setup+0x78/0x290 [ 109.527199][ T6121] __futex_wait+0x267/0x3c0 [ 109.527240][ T6121] ? __pfx___futex_wait+0x10/0x10 [ 109.527287][ T6121] ? __pfx_futex_wake_mark+0x10/0x10 [ 109.527351][ T6121] futex_wait+0xe9/0x380 [ 109.527392][ T6121] ? __pfx_futex_wait+0x10/0x10 [ 109.527443][ T6121] ? find_held_lock+0x2d/0x110 [ 109.527504][ T6121] do_futex+0x22b/0x350 [ 109.527537][ T6121] ? __pfx_do_futex+0x10/0x10 [ 109.527569][ T6121] ? lock_acquire+0x2f/0xb0 [ 109.527606][ T6121] ? __fget_files+0x40/0x3a0 [ 109.527645][ T6121] __x64_sys_futex+0x1e1/0x4c0 [ 109.527683][ T6121] ? __pfx___x64_sys_futex+0x10/0x10 [ 109.527718][ T6121] ? __sys_setsockopt+0x1cd/0x230 [ 109.527779][ T6121] do_syscall_64+0xcd/0x250 [ 109.527830][ T6121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.527876][ T6121] RIP: 0033:0x7fbfe238cda9 [ 109.527900][ T6121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.527928][ T6121] RSP: 002b:00007fbfe32b70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 109.527959][ T6121] RAX: ffffffffffffffda RBX: 00007fbfe25a5fa8 RCX: 00007fbfe238cda9 [ 109.527980][ T6121] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbfe25a5fa8 [ 109.528000][ T6121] RBP: 00007fbfe25a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 109.528018][ T6121] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbfe25a5fac [ 109.528036][ T6121] R13: 0000000000000000 R14: 00007ffe201778f0 R15: 00007ffe201779d8 [ 109.528075][ T6121] [ 110.764692][ T6135] FAULT_INJECTION: forcing a failure. [ 110.764692][ T6135] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 110.906633][ T6137] netlink: 'syz.1.65': attribute type 2 has an invalid length. [ 110.917417][ T6135] CPU: 0 UID: 0 PID: 6135 Comm: syz.0.64 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 110.917454][ T6135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 110.917470][ T6135] Call Trace: [ 110.917479][ T6135] [ 110.917490][ T6135] dump_stack_lvl+0x16c/0x1f0 [ 110.917539][ T6135] should_fail_ex+0x50a/0x650 [ 110.917579][ T6135] _copy_from_iter+0x29b/0x1400 [ 110.917623][ T6135] ? trace_lock_acquire+0x14e/0x1f0 [ 110.917657][ T6135] ? __pfx__copy_from_iter+0x10/0x10 [ 110.917697][ T6135] ? __virt_addr_valid+0x1a4/0x590 [ 110.917728][ T6135] ? __virt_addr_valid+0x5e/0x590 [ 110.917754][ T6135] ? __phys_addr_symbol+0x30/0x80 [ 110.917797][ T6135] ? __check_object_size+0x488/0x710 [ 110.917842][ T6135] j1939_sk_sendmsg+0x805/0x13c0 [ 110.917894][ T6135] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 110.917952][ T6135] __sys_sendto+0x488/0x4f0 [ 110.918001][ T6135] ? __pfx___sys_sendto+0x10/0x10 [ 110.918081][ T6135] ? ksys_write+0x1ba/0x250 [ 110.918111][ T6135] ? __pfx_ksys_write+0x10/0x10 [ 110.918152][ T6135] __x64_sys_sendto+0xe0/0x1c0 [ 110.918198][ T6135] ? do_syscall_64+0x91/0x250 [ 110.918244][ T6135] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.918289][ T6135] do_syscall_64+0xcd/0x250 [ 110.918336][ T6135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.918376][ T6135] RIP: 0033:0x7f442bb8cda9 [ 110.918397][ T6135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.918423][ T6135] RSP: 002b:00007f44299d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 110.918448][ T6135] RAX: ffffffffffffffda RBX: 00007f442bda6080 RCX: 00007f442bb8cda9 [ 110.918465][ T6135] RDX: 0000000006fffffa RSI: 0000000000000000 RDI: 0000000000000003 [ 110.918480][ T6135] RBP: 00007f44299d5090 R08: 0000000020000440 R09: 0000000000000036 [ 110.918496][ T6135] R10: 00000000fffffff8 R11: 0000000000000246 R12: 0000000000000001 [ 110.918511][ T6135] R13: 0000000000000000 R14: 00007f442bda6080 R15: 00007ffd27e1cbb8 [ 110.918545][ T6135] [ 111.373375][ T6143] FAULT_INJECTION: forcing a failure. [ 111.373375][ T6143] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 111.462617][ T6143] CPU: 1 UID: 0 PID: 6143 Comm: syz.3.68 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 111.462656][ T6143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 111.462674][ T6143] Call Trace: [ 111.462683][ T6143] [ 111.462694][ T6143] dump_stack_lvl+0x16c/0x1f0 [ 111.462745][ T6143] should_fail_ex+0x50a/0x650 [ 111.462786][ T6143] _copy_from_user+0x2e/0xd0 [ 111.462829][ T6143] core_sys_select+0x34f/0xa10 [ 111.462868][ T6143] ? __pfx_core_sys_select+0x10/0x10 [ 111.462906][ T6143] ? find_held_lock+0x2d/0x110 [ 111.462987][ T6143] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 111.463045][ T6143] kern_select+0x15e/0x1e0 [ 111.463076][ T6143] ? __pfx_kern_select+0x10/0x10 [ 111.463125][ T6143] ? __pfx_ksys_write+0x10/0x10 [ 111.463161][ T6143] __x64_sys_select+0xbd/0x160 [ 111.463198][ T6143] ? do_syscall_64+0x91/0x250 [ 111.463244][ T6143] ? lockdep_hardirqs_on+0x7c/0x110 [ 111.463285][ T6143] do_syscall_64+0xcd/0x250 [ 111.463334][ T6143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.463376][ T6143] RIP: 0033:0x7f411118cda9 [ 111.463399][ T6143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.463427][ T6143] RSP: 002b:00007f4111f3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 111.463454][ T6143] RAX: ffffffffffffffda RBX: 00007f41113a6080 RCX: 00007f411118cda9 [ 111.463473][ T6143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 111.463490][ T6143] RBP: 00007f4111f3e090 R08: 0000000000000000 R09: 0000000000000000 [ 111.463508][ T6143] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001 [ 111.463526][ T6143] R13: 0000000000000001 R14: 00007f41113a6080 R15: 00007fff43063ac8 [ 111.463571][ T6143] [ 111.803445][ T6146] netlink: 12 bytes leftover after parsing attributes in process `syz.0.69'. [ 111.845549][ T6146] netlink: 5 bytes leftover after parsing attributes in process `syz.0.69'. [ 114.446755][ T6180] netlink: 12 bytes leftover after parsing attributes in process `syz.2.78'. [ 114.478912][ T6177] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 114.502825][ T6180] netlink: 5 bytes leftover after parsing attributes in process `syz.2.78'. [ 116.147883][ T6202] Process accounting resumed [ 117.254470][ T6220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.92'. [ 117.297160][ T6220] FAULT_INJECTION: forcing a failure. [ 117.297160][ T6220] name failslab, interval 1, probability 0, space 0, times 0 [ 117.342591][ T6220] CPU: 0 UID: 0 PID: 6220 Comm: syz.3.92 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 117.342629][ T6220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 117.342646][ T6220] Call Trace: [ 117.342654][ T6220] [ 117.342665][ T6220] dump_stack_lvl+0x16c/0x1f0 [ 117.342715][ T6220] should_fail_ex+0x50a/0x650 [ 117.342750][ T6220] ? fs_reclaim_acquire+0xae/0x150 [ 117.342800][ T6220] should_failslab+0xc2/0x120 [ 117.342839][ T6220] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 117.342874][ T6220] ? lock_acquire.part.0+0x11b/0x380 [ 117.342911][ T6220] ? __alloc_skb+0x2b3/0x380 [ 117.342964][ T6220] __alloc_skb+0x2b3/0x380 [ 117.343011][ T6220] ? __pfx___alloc_skb+0x10/0x10 [ 117.343055][ T6220] ? l2tp_ip_sendmsg+0x2a/0x18b0 [ 117.343084][ T6220] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 117.343131][ T6220] ? mark_held_locks+0x9f/0xe0 [ 117.343170][ T6220] sock_wmalloc+0xd4/0x120 [ 117.343215][ T6220] l2tp_ip_sendmsg+0x1b5/0x18b0 [ 117.343250][ T6220] ? __pfx_l2tp_ip_sendmsg+0x10/0x10 [ 117.343281][ T6220] inet_sendmsg+0x119/0x140 [ 117.343325][ T6220] ____sys_sendmsg+0x907/0xb40 [ 117.343369][ T6220] ? copy_msghdr_from_user+0x10b/0x160 [ 117.343410][ T6220] ? __pfx_____sys_sendmsg+0x10/0x10 [ 117.343440][ T6220] ? __lock_acquire+0xcc5/0x3c40 [ 117.343473][ T6220] ? hlock_class+0x4e/0x130 [ 117.343511][ T6220] ? __lock_acquire+0x15a9/0x3c40 [ 117.343549][ T6220] ___sys_sendmsg+0x135/0x1e0 [ 117.343591][ T6220] ? __pfx____sys_sendmsg+0x10/0x10 [ 117.343636][ T6220] ? __pfx___lock_acquire+0x10/0x10 [ 117.343710][ T6220] ? __pfx___might_resched+0x10/0x10 [ 117.343751][ T6220] ? __might_fault+0xe3/0x190 [ 117.343798][ T6220] __sys_sendmmsg+0x201/0x420 [ 117.343833][ T6220] ? __pfx___sys_sendmmsg+0x10/0x10 [ 117.343877][ T6220] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 117.343941][ T6220] ? fput+0x67/0x440 [ 117.343981][ T6220] ? ksys_write+0x1ba/0x250 [ 117.344012][ T6220] ? __pfx_ksys_write+0x10/0x10 [ 117.344050][ T6220] __x64_sys_sendmmsg+0x9c/0x100 [ 117.344080][ T6220] ? lockdep_hardirqs_on+0x7c/0x110 [ 117.344124][ T6220] do_syscall_64+0xcd/0x250 [ 117.344172][ T6220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.344215][ T6220] RIP: 0033:0x7f411118cda9 [ 117.344238][ T6220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.344267][ T6220] RSP: 002b:00007f4111f5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 117.344294][ T6220] RAX: ffffffffffffffda RBX: 00007f41113a5fa0 RCX: 00007f411118cda9 [ 117.344313][ T6220] RDX: 0000000000010001 RSI: 0000000000000000 RDI: 0000000000000003 [ 117.344331][ T6220] RBP: 00007f4111f5f090 R08: 0000000000000000 R09: 0000000000000000 [ 117.344350][ T6220] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002 [ 117.344375][ T6220] R13: 0000000000000000 R14: 00007f41113a5fa0 R15: 00007fff43063ac8 [ 117.344407][ T6220] [ 118.532381][ T6233] Process accounting resumed [ 119.906972][ T6241] netlink: 'syz.3.98': attribute type 2 has an invalid length. [ 124.560637][ T6291] Process accounting resumed [ 125.869448][ T6298] FAULT_INJECTION: forcing a failure. [ 125.869448][ T6298] name failslab, interval 1, probability 0, space 0, times 0 [ 125.883373][ T6298] CPU: 0 UID: 0 PID: 6298 Comm: syz.2.113 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 125.883411][ T6298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 125.883430][ T6298] Call Trace: [ 125.883438][ T6298] [ 125.883449][ T6298] dump_stack_lvl+0x16c/0x1f0 [ 125.883499][ T6298] should_fail_ex+0x50a/0x650 [ 125.883533][ T6298] ? fs_reclaim_acquire+0xae/0x150 [ 125.883587][ T6298] should_failslab+0xc2/0x120 [ 125.883627][ T6298] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 125.883663][ T6298] ? lockdep_init_map_type+0x16d/0x7d0 [ 125.883703][ T6298] ? security_inode_alloc+0x3b/0x2b0 [ 125.883758][ T6298] security_inode_alloc+0x3b/0x2b0 [ 125.883809][ T6298] inode_init_always_gfp+0xce4/0x1030 [ 125.883849][ T6298] alloc_inode+0x82/0x230 [ 125.883894][ T6298] alloc_anon_inode+0x28/0x3e0 [ 125.883927][ T6298] __anon_inode_getfile+0x25b/0x3c0 [ 125.883982][ T6298] ? __pfx___anon_inode_getfile+0x10/0x10 [ 125.884045][ T6298] io_uring_setup+0x1952/0x3370 [ 125.884094][ T6298] ? __pfx_io_uring_setup+0x10/0x10 [ 125.884161][ T6298] ? rcu_is_watching+0x12/0xc0 [ 125.884216][ T6298] __x64_sys_io_uring_setup+0x98/0x140 [ 125.884259][ T6298] do_syscall_64+0xcd/0x250 [ 125.884308][ T6298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.884351][ T6298] RIP: 0033:0x7ff57738cda9 [ 125.884375][ T6298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.884402][ T6298] RSP: 002b:00007ff5781da038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 125.884429][ T6298] RAX: ffffffffffffffda RBX: 00007ff5775a6080 RCX: 00007ff57738cda9 [ 125.884449][ T6298] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 125.884467][ T6298] RBP: 00007ff57740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 125.884486][ T6298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.884505][ T6298] R13: 0000000000000000 R14: 00007ff5775a6080 R15: 00007ffc34731728 [ 125.884543][ T6298] [ 126.247533][ T6310] FAULT_INJECTION: forcing a failure. [ 126.247533][ T6310] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 126.437515][ T6310] CPU: 1 UID: 0 PID: 6310 Comm: syz.3.116 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 126.437555][ T6310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 126.437573][ T6310] Call Trace: [ 126.437582][ T6310] [ 126.437594][ T6310] dump_stack_lvl+0x16c/0x1f0 [ 126.437653][ T6310] should_fail_ex+0x50a/0x650 [ 126.437694][ T6310] _copy_from_user+0x2e/0xd0 [ 126.437737][ T6310] csum_and_copy_from_iter_full+0x218/0x1eb0 [ 126.437790][ T6310] ? policy_nodemask+0xea/0x4e0 [ 126.437832][ T6310] ? __pfx_csum_and_copy_from_iter_full+0x10/0x10 [ 126.437875][ T6310] ? alloc_pages_mpol+0x25b/0x540 [ 126.437917][ T6310] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 126.437968][ T6310] ip_generic_getfrag+0x175/0x260 [ 126.438004][ T6310] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 126.438038][ T6310] ? skb_page_frag_refill+0x11b/0x350 [ 126.438082][ T6310] ? sk_page_frag_refill+0x6c/0x300 [ 126.438128][ T6310] __ip6_append_data.isra.0+0x1b0a/0x4650 [ 126.438170][ T6310] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 126.438224][ T6310] ? __pfx___ip6_append_data.isra.0+0x10/0x10 [ 126.438258][ T6310] ? ip6_mtu+0x231/0x4a0 [ 126.438304][ T6310] ? ip6_setup_cork+0xcbb/0x14d0 [ 126.438338][ T6310] ip6_make_skb+0x30b/0x4e0 [ 126.438377][ T6310] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 126.438417][ T6310] ? __pfx_ip6_make_skb+0x10/0x10 [ 126.438464][ T6310] ? sk_dst_check+0x1da/0x540 [ 126.438519][ T6310] ? udpv6_sendmsg+0x255e/0x3090 [ 126.438558][ T6310] udpv6_sendmsg+0x255e/0x3090 [ 126.438600][ T6310] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 126.438668][ T6310] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 126.438706][ T6310] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 126.438752][ T6310] ? hlock_class+0x4e/0x130 [ 126.438817][ T6310] ? __lock_acquire+0x15a9/0x3c40 [ 126.438914][ T6310] ? __pfx_aa_sk_perm+0x10/0x10 [ 126.438964][ T6310] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 126.439007][ T6310] ? inet6_sendmsg+0x105/0x140 [ 126.439048][ T6310] inet6_sendmsg+0x105/0x140 [ 126.439092][ T6310] ____sys_sendmsg+0x649/0xb40 [ 126.439130][ T6310] ? copy_msghdr_from_user+0x10b/0x160 [ 126.439179][ T6310] ? __pfx_____sys_sendmsg+0x10/0x10 [ 126.439216][ T6310] ? __lock_acquire+0xcc5/0x3c40 [ 126.439268][ T6310] ___sys_sendmsg+0x135/0x1e0 [ 126.439321][ T6310] ? __pfx____sys_sendmsg+0x10/0x10 [ 126.439386][ T6310] ? trace_lock_acquire+0x14e/0x1f0 [ 126.439440][ T6310] __sys_sendmmsg+0x201/0x420 [ 126.439473][ T6310] ? __pfx___sys_sendmmsg+0x10/0x10 [ 126.439515][ T6310] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 126.439576][ T6310] ? fput+0x67/0x440 [ 126.439623][ T6310] ? ksys_write+0x1ba/0x250 [ 126.439653][ T6310] ? __pfx_ksys_write+0x10/0x10 [ 126.439689][ T6310] __x64_sys_sendmmsg+0x9c/0x100 [ 126.439717][ T6310] ? lockdep_hardirqs_on+0x7c/0x110 [ 126.439760][ T6310] do_syscall_64+0xcd/0x250 [ 126.439808][ T6310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.439849][ T6310] RIP: 0033:0x7f411118cda9 [ 126.439872][ T6310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.439900][ T6310] RSP: 002b:00007f4111f5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 126.439927][ T6310] RAX: ffffffffffffffda RBX: 00007f41113a5fa0 RCX: 00007f411118cda9 [ 126.439945][ T6310] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 126.439964][ T6310] RBP: 00007f4111f5f090 R08: 0000000000000000 R09: 0000000000000000 [ 126.439981][ T6310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.439998][ T6310] R13: 0000000000000000 R14: 00007f41113a5fa0 R15: 00007fff43063ac8 [ 126.440034][ T6310] [ 127.997653][ T6319] Process accounting resumed [ 128.684864][ T29] audit: type=1800 audit(6033230511.374:2): pid=6334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.126" name="file0" dev="tmpfs" ino=164 res=0 errno=0 [ 128.786746][ T6331] netlink: 4 bytes leftover after parsing attributes in process `syz.2.126'. [ 134.277003][ T6415] netlink: 4 bytes leftover after parsing attributes in process `syz.0.142'. [ 138.307403][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.314644][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.239300][ T6516] Process accounting resumed [ 140.791658][ T6528] random: crng reseeded on system resumption [ 141.270962][ T6535] FAULT_INJECTION: forcing a failure. [ 141.270962][ T6535] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.293680][ T6535] CPU: 1 UID: 0 PID: 6535 Comm: syz.0.183 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 141.293722][ T6535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 141.293740][ T6535] Call Trace: [ 141.293749][ T6535] [ 141.293761][ T6535] dump_stack_lvl+0x16c/0x1f0 [ 141.293813][ T6535] should_fail_ex+0x50a/0x650 [ 141.293856][ T6535] _copy_from_user+0x2e/0xd0 [ 141.293900][ T6535] move_addr_to_kernel+0x68/0x160 [ 141.293946][ T6535] __sys_connect+0xb0/0x170 [ 141.293992][ T6535] ? __pfx___sys_connect+0x10/0x10 [ 141.294052][ T6535] ? __pfx_ksys_write+0x10/0x10 [ 141.294092][ T6535] __x64_sys_connect+0x72/0xb0 [ 141.294156][ T6535] ? lockdep_hardirqs_on+0x7c/0x110 [ 141.294205][ T6535] do_syscall_64+0xcd/0x250 [ 141.294258][ T6535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.294305][ T6535] RIP: 0033:0x7f442bb8cda9 [ 141.294330][ T6535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.294358][ T6535] RSP: 002b:00007f44299f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 141.294385][ T6535] RAX: ffffffffffffffda RBX: 00007f442bda5fa0 RCX: 00007f442bb8cda9 [ 141.294406][ T6535] RDX: 0000000000000055 RSI: 0000000000000000 RDI: 0000000000000003 [ 141.294425][ T6535] RBP: 00007f44299f6090 R08: 0000000000000000 R09: 0000000000000000 [ 141.294445][ T6535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.294465][ T6535] R13: 0000000000000000 R14: 00007f442bda5fa0 R15: 00007ffd27e1cbb8 [ 141.294506][ T6535] [ 141.505181][ T6539] process 'syz.1.182' launched ':,' with NULL argv: empty string added [ 142.828322][ T6561] FAULT_INJECTION: forcing a failure. [ 142.828322][ T6561] name failslab, interval 1, probability 0, space 0, times 0 [ 142.828415][ T6561] CPU: 1 UID: 0 PID: 6561 Comm: syz.0.193 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 142.828462][ T6561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 142.828481][ T6561] Call Trace: [ 142.828490][ T6561] [ 142.828502][ T6561] dump_stack_lvl+0x16c/0x1f0 [ 142.828555][ T6561] should_fail_ex+0x50a/0x650 [ 142.828592][ T6561] ? fs_reclaim_acquire+0xae/0x150 [ 142.828647][ T6561] should_failslab+0xc2/0x120 [ 142.828690][ T6561] __kmalloc_noprof+0xce/0x4f0 [ 142.828729][ T6561] ? constrain_params_by_rules+0x176/0xca0 [ 142.828787][ T6561] constrain_params_by_rules+0x176/0xca0 [ 142.828837][ T6561] ? mark_held_locks+0x9f/0xe0 [ 142.828881][ T6561] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 142.828926][ T6561] ? lockdep_hardirqs_on+0x7c/0x110 [ 142.828976][ T6561] ? stack_depot_save_flags+0x36d/0x9e0 [ 142.829014][ T6561] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 142.829075][ T6561] ? __kasan_kmalloc+0xaa/0xb0 [ 142.829110][ T6561] ? snd_pcm_oss_change_params_locked+0x242/0x3a50 [ 142.829157][ T6561] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 142.829198][ T6561] ? snd_pcm_oss_sync+0x326/0x7f0 [ 142.829255][ T6561] ? rcu_is_watching+0x12/0xc0 [ 142.829307][ T6561] ? snd_interval_refine+0x2fa/0x580 [ 142.829349][ T6561] snd_pcm_hw_refine+0x7ec/0xad0 [ 142.829406][ T6561] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 142.829481][ T6561] ? _snd_pcm_hw_param_min+0x259/0x630 [ 142.829548][ T6561] snd_pcm_oss_change_params_locked+0x651/0x3a50 [ 142.829594][ T6561] ? __pfx___mutex_trylock_common+0x5/0x10 [ 142.829644][ T6561] ? trace_contention_end+0xee/0x140 [ 142.829689][ T6561] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 142.829735][ T6561] ? tomoyo_path_number_perm+0x190/0x5b0 [ 142.829789][ T6561] ? snd_pcm_oss_sync+0x306/0x7f0 [ 142.829842][ T6561] ? do_vfs_ioctl+0x513/0x1950 [ 142.829906][ T6561] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 142.829953][ T6561] snd_pcm_oss_sync+0x326/0x7f0 [ 142.829999][ T6561] ? 0xffffffffff600000 [ 142.830025][ T6561] snd_pcm_oss_ioctl+0x114a/0x3780 [ 142.830067][ T6561] ? trace_lock_acquire+0x14e/0x1f0 [ 142.830103][ T6561] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 142.830154][ T6561] ? __fget_files+0x206/0x3a0 [ 142.830192][ T6561] ? 0xffffffffff600000 [ 142.830215][ T6561] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 142.830261][ T6561] ? 0xffffffffff600000 [ 142.830282][ T6561] __x64_sys_ioctl+0x190/0x200 [ 142.830334][ T6561] do_syscall_64+0xcd/0x250 [ 142.830384][ T6561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.830430][ T6561] RIP: 0033:0x7f442bb8cda9 [ 142.830461][ T6561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.830488][ T6561] RSP: 002b:00007f44299f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.830516][ T6561] RAX: ffffffffffffffda RBX: 00007f442bda5fa0 RCX: 00007f442bb8cda9 [ 142.830534][ T6561] RDX: ffffffffff600000 RSI: 0000000000005001 RDI: 0000000000000005 [ 142.830553][ T6561] RBP: 00007f44299f6090 R08: 0000000000000000 R09: 0000000000000000 [ 142.830568][ T6561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.830585][ T6561] R13: 0000000000000000 R14: 00007f442bda5fa0 R15: 00007ffd27e1cbb8 [ 142.830616][ T6561] ? 0xffffffffff600000 [ 142.830648][ T6561] [ 145.253121][ T6591] FAULT_INJECTION: forcing a failure. [ 145.253121][ T6591] name failslab, interval 1, probability 0, space 0, times 0 [ 145.289344][ T6591] CPU: 1 UID: 0 PID: 6591 Comm: syz.3.203 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 145.289387][ T6591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 145.289405][ T6591] Call Trace: [ 145.289413][ T6591] [ 145.289425][ T6591] dump_stack_lvl+0x16c/0x1f0 [ 145.289478][ T6591] should_fail_ex+0x50a/0x650 [ 145.289514][ T6591] ? fs_reclaim_acquire+0xae/0x150 [ 145.289566][ T6591] should_failslab+0xc2/0x120 [ 145.289607][ T6591] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 145.289647][ T6591] ? ptlock_alloc+0x1f/0x70 [ 145.289689][ T6591] ptlock_alloc+0x1f/0x70 [ 145.289724][ T6591] pte_alloc_one+0x74/0x390 [ 145.289774][ T6591] do_pte_missing+0x1aff/0x3e10 [ 145.289815][ T6591] ? __pfx_lock_release+0x10/0x10 [ 145.289866][ T6591] __handle_mm_fault+0x1166/0x2c60 [ 145.289914][ T6591] ? __pfx___handle_mm_fault+0x10/0x10 [ 145.289950][ T6591] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 145.290007][ T6591] ? find_vma+0xc0/0x140 [ 145.290052][ T6591] ? __pfx_find_vma+0x10/0x10 [ 145.290105][ T6591] handle_mm_fault+0x3fa/0xaa0 [ 145.290151][ T6591] do_user_addr_fault+0x7a3/0x13f0 [ 145.290203][ T6591] exc_page_fault+0x5c/0xc0 [ 145.290364][ T6591] asm_exc_page_fault+0x26/0x30 [ 145.290408][ T6591] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 145.290448][ T6591] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 145.290476][ T6591] RSP: 0018:ffffc90018ae79f8 EFLAGS: 00050206 [ 145.290501][ T6591] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000038 [ 145.290518][ T6591] RDX: fffff5200315cf50 RSI: 0000000000000000 RDI: ffffc90018ae7a48 [ 145.290536][ T6591] RBP: 0000000000000038 R08: 0000000000000001 R09: fffff5200315cf4f [ 145.290555][ T6591] R10: ffffc90018ae7a7f R11: 0000000000000000 R12: 0000000000000000 [ 145.290573][ T6591] R13: ffffc90018ae7a48 R14: ffffc90018ae7b40 R15: ffffc90018ae7a48 [ 145.290613][ T6591] _copy_from_user+0x98/0xd0 [ 145.290659][ T6591] copy_msghdr_from_user+0x99/0x160 [ 145.290711][ T6591] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 145.290762][ T6591] ? __lock_acquire+0xcc5/0x3c40 [ 145.290832][ T6591] ___sys_sendmsg+0xff/0x1e0 [ 145.290890][ T6591] ? __pfx____sys_sendmsg+0x10/0x10 [ 145.290973][ T6591] ? trace_lock_acquire+0x14e/0x1f0 [ 145.291030][ T6591] __sys_sendmmsg+0x201/0x420 [ 145.291065][ T6591] ? __pfx___sys_sendmmsg+0x10/0x10 [ 145.291111][ T6591] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 145.291178][ T6591] ? fput+0x67/0x440 [ 145.291266][ T6591] ? ksys_write+0x1ba/0x250 [ 145.291299][ T6591] ? __pfx_ksys_write+0x10/0x10 [ 145.291340][ T6591] __x64_sys_sendmmsg+0x9c/0x100 [ 145.291370][ T6591] ? lockdep_hardirqs_on+0x7c/0x110 [ 145.291416][ T6591] do_syscall_64+0xcd/0x250 [ 145.291464][ T6591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.291507][ T6591] RIP: 0033:0x7f411118cda9 [ 145.291531][ T6591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.291568][ T6591] RSP: 002b:00007f4111f5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 145.291596][ T6591] RAX: ffffffffffffffda RBX: 00007f41113a5fa0 RCX: 00007f411118cda9 [ 145.291616][ T6591] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003 [ 145.291634][ T6591] RBP: 00007f4111f5f090 R08: 0000000000000000 R09: 0000000000000000 [ 145.291653][ T6591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.291671][ T6591] R13: 0000000000000000 R14: 00007f41113a5fa0 R15: 00007fff43063ac8 [ 145.291711][ T6591] [ 146.910335][ T6607] netlink: 28 bytes leftover after parsing attributes in process `syz.1.209'. [ 146.967083][ T6607] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 147.014795][ T5846] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 148.049329][ T6638] FAULT_INJECTION: forcing a failure. [ 148.049329][ T6638] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 148.086261][ T6638] CPU: 0 UID: 0 PID: 6638 Comm: syz.1.217 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 148.086304][ T6638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 148.086322][ T6638] Call Trace: [ 148.086335][ T6638] [ 148.086346][ T6638] dump_stack_lvl+0x16c/0x1f0 [ 148.086402][ T6638] should_fail_ex+0x50a/0x650 [ 148.086436][ T6638] ? __pfx___might_resched+0x10/0x10 [ 148.086486][ T6638] should_fail_alloc_page+0xe7/0x130 [ 148.086530][ T6638] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 148.086592][ T6638] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 148.086640][ T6638] ? stack_depot_save_flags+0x36d/0x9e0 [ 148.086682][ T6638] ? __pfx_lock_release+0x10/0x10 [ 148.086729][ T6638] ? hlock_class+0x4e/0x130 [ 148.086782][ T6638] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 148.086857][ T6638] ? __pfx___lock_acquire+0x10/0x10 [ 148.086900][ T6638] ? kasan_save_stack+0x42/0x60 [ 148.086936][ T6638] ? kasan_save_stack+0x33/0x60 [ 148.086972][ T6638] ? kasan_save_track+0x14/0x30 [ 148.087008][ T6638] ? __kasan_slab_alloc+0x89/0x90 [ 148.087047][ T6638] ? kmem_cache_alloc_node_noprof+0x1ca/0x3b0 [ 148.087086][ T6638] ? alloc_vmap_area+0xdc8/0x2a60 [ 148.087136][ T6638] ? __get_vm_area_node+0x19e/0x2f0 [ 148.087191][ T6638] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 148.087241][ T6638] ? policy_nodemask+0xea/0x4e0 [ 148.087289][ T6638] alloc_pages_mpol+0x1fc/0x540 [ 148.087334][ T6638] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 148.087376][ T6638] ? __page_table_check_ptes_set+0x16b/0x3e0 [ 148.087420][ T6638] ? do_raw_spin_lock+0x12d/0x2c0 [ 148.087470][ T6638] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 148.087527][ T6638] alloc_pages_noprof+0x131/0x390 [ 148.087571][ T6638] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 148.087607][ T6638] get_free_pages_noprof+0xc/0x40 [ 148.087657][ T6638] kasan_populate_vmalloc_pte+0x2d/0x160 [ 148.087692][ T6638] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 148.087731][ T6638] __apply_to_page_range+0x5fd/0xd30 [ 148.087770][ T6638] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 148.087822][ T6638] ? __pfx___apply_to_page_range+0x10/0x10 [ 148.087862][ T6638] ? insert_vmap_area+0x2ef/0x4d0 [ 148.087919][ T6638] alloc_vmap_area+0x93e/0x2a60 [ 148.087991][ T6638] ? __pfx_alloc_vmap_area+0x10/0x10 [ 148.088058][ T6638] __get_vm_area_node+0x19e/0x2f0 [ 148.088116][ T6638] ? lock_acquire.part.0+0x11b/0x380 [ 148.088163][ T6638] __vmalloc_node_range_noprof+0x26a/0x1530 [ 148.088203][ T6638] ? __snd_dma_alloc_pages+0x50/0x90 [ 148.088235][ T6638] ? find_held_lock+0x2d/0x110 [ 148.088297][ T6638] ? do_alloc_pages+0xd3/0x270 [ 148.088347][ T6638] ? __pfx_lock_release+0x10/0x10 [ 148.088389][ T6638] ? __snd_dma_alloc_pages+0x50/0x90 [ 148.088419][ T6638] ? trace_contention_end+0xee/0x140 [ 148.088472][ T6638] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 148.088511][ T6638] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 148.088574][ T6638] ? __snd_dma_alloc_pages+0x50/0x90 [ 148.088609][ T6638] vmalloc_noprof+0x6b/0x90 [ 148.088644][ T6638] ? __snd_dma_alloc_pages+0x50/0x90 [ 148.088676][ T6638] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 148.088712][ T6638] __snd_dma_alloc_pages+0x50/0x90 [ 148.088747][ T6638] snd_dma_alloc_dir_pages+0x151/0x240 [ 148.088786][ T6638] do_alloc_pages+0x115/0x270 [ 148.088853][ T6638] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 148.088920][ T6638] snd_pcm_hw_params+0x15e6/0x1b20 [ 148.088989][ T6638] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 148.089047][ T6638] ? snd_pcm_hw_param_near.constprop.0+0x743/0x8f0 [ 148.089102][ T6638] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 148.089152][ T6638] ? kfree+0x2c4/0x4d0 [ 148.089188][ T6638] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 148.089249][ T6638] snd_pcm_oss_change_params_locked+0x1410/0x3a50 [ 148.089318][ T6638] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 148.089370][ T6638] ? snd_pcm_oss_sync+0x306/0x7f0 [ 148.089446][ T6638] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 148.089497][ T6638] snd_pcm_oss_sync+0x326/0x7f0 [ 148.089549][ T6638] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 148.089597][ T6638] snd_pcm_oss_release+0x28b/0x310 [ 148.089647][ T6638] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 148.089693][ T6638] __fput+0x3ff/0xb70 [ 148.089748][ T6638] task_work_run+0x14e/0x250 [ 148.089790][ T6638] ? __pfx_task_work_run+0x10/0x10 [ 148.089851][ T6638] syscall_exit_to_user_mode+0x27b/0x2a0 [ 148.089908][ T6638] do_syscall_64+0xda/0x250 [ 148.089965][ T6638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.090016][ T6638] RIP: 0033:0x7fbfe238cda9 [ 148.090043][ T6638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.090076][ T6638] RSP: 002b:00007fbfe32b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 148.090109][ T6638] RAX: 0000000000000000 RBX: 00007fbfe25a5fa0 RCX: 00007fbfe238cda9 [ 148.090130][ T6638] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 148.090151][ T6638] RBP: 00007fbfe240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 148.090172][ T6638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.090192][ T6638] R13: 0000000000000000 R14: 00007fbfe25a5fa0 R15: 00007ffe201779d8 [ 148.090236][ T6638] [ 148.090948][ T6638] syz.1.217: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 148.852406][ T6638] CPU: 0 UID: 0 PID: 6638 Comm: syz.1.217 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 148.852457][ T6638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 148.852477][ T6638] Call Trace: [ 148.852486][ T6638] [ 148.852499][ T6638] dump_stack_lvl+0x16c/0x1f0 [ 148.852557][ T6638] warn_alloc+0x24d/0x3a0 [ 148.852602][ T6638] ? __pfx_warn_alloc+0x10/0x10 [ 148.852649][ T6638] ? kfree+0x2c4/0x4d0 [ 148.852689][ T6638] ? __get_vm_area_node+0x1dc/0x2f0 [ 148.852763][ T6638] __vmalloc_node_range_noprof+0xd24/0x1530 [ 148.852813][ T6638] ? find_held_lock+0x2d/0x110 [ 148.852871][ T6638] ? do_alloc_pages+0xd3/0x270 [ 148.852923][ T6638] ? __pfx_lock_release+0x10/0x10 [ 148.852963][ T6638] ? __snd_dma_alloc_pages+0x50/0x90 [ 148.852994][ T6638] ? trace_contention_end+0xee/0x140 [ 148.853062][ T6638] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 148.853100][ T6638] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 148.853159][ T6638] ? __snd_dma_alloc_pages+0x50/0x90 [ 148.853193][ T6638] vmalloc_noprof+0x6b/0x90 [ 148.853225][ T6638] ? __snd_dma_alloc_pages+0x50/0x90 [ 148.853255][ T6638] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 148.853288][ T6638] __snd_dma_alloc_pages+0x50/0x90 [ 148.853322][ T6638] snd_dma_alloc_dir_pages+0x151/0x240 [ 148.853358][ T6638] do_alloc_pages+0x115/0x270 [ 148.853417][ T6638] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 148.853479][ T6638] snd_pcm_hw_params+0x15e6/0x1b20 [ 148.853542][ T6638] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 148.853597][ T6638] ? snd_pcm_hw_param_near.constprop.0+0x743/0x8f0 [ 148.853651][ T6638] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 148.853707][ T6638] ? kfree+0x2c4/0x4d0 [ 148.853740][ T6638] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 148.853794][ T6638] snd_pcm_oss_change_params_locked+0x1410/0x3a50 [ 148.853856][ T6638] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 148.853905][ T6638] ? snd_pcm_oss_sync+0x306/0x7f0 [ 148.853977][ T6638] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 148.854025][ T6638] snd_pcm_oss_sync+0x326/0x7f0 [ 148.854076][ T6638] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 148.854121][ T6638] snd_pcm_oss_release+0x28b/0x310 [ 148.854167][ T6638] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 148.854208][ T6638] __fput+0x3ff/0xb70 [ 148.854256][ T6638] task_work_run+0x14e/0x250 [ 148.854295][ T6638] ? __pfx_task_work_run+0x10/0x10 [ 148.854346][ T6638] syscall_exit_to_user_mode+0x27b/0x2a0 [ 148.854396][ T6638] do_syscall_64+0xda/0x250 [ 148.854446][ T6638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.854492][ T6638] RIP: 0033:0x7fbfe238cda9 [ 148.854518][ T6638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.854549][ T6638] RSP: 002b:00007fbfe32b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 148.854580][ T6638] RAX: 0000000000000000 RBX: 00007fbfe25a5fa0 RCX: 00007fbfe238cda9 [ 148.854600][ T6638] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 148.854618][ T6638] RBP: 00007fbfe240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 148.854650][ T6638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.854668][ T6638] R13: 0000000000000000 R14: 00007fbfe25a5fa0 R15: 00007ffe201779d8 [ 148.854716][ T6638] [ 148.854771][ T6638] Mem-Info: [ 149.237665][ T6638] active_anon:9441 inactive_anon:0 isolated_anon:0 [ 149.237665][ T6638] active_file:19231 inactive_file:38317 isolated_file:0 [ 149.237665][ T6638] unevictable:768 dirty:305 writeback:0 [ 149.237665][ T6638] slab_reclaimable:10227 slab_unreclaimable:94256 [ 149.237665][ T6638] mapped:25098 shmem:1397 pagetables:818 [ 149.237665][ T6638] sec_pagetables:0 bounce:0 [ 149.237665][ T6638] kernel_misc_reclaimable:0 [ 149.237665][ T6638] free:1335867 free_pcp:1392 free_cma:0 [ 149.312474][ T29] audit: type=1800 audit(6033230531.994:3): pid=6643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.219" name="file0" dev="tmpfs" ino=358 res=0 errno=0 [ 149.329615][ T6638] Node 0 active_anon:36464kB inactive_anon:0kB active_file:76924kB inactive_file:153264kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100392kB dirty:1216kB writeback:0kB shmem:4052kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10644kB pagetables:3172kB sec_pagetables:0kB all_unreclaimable? no [ 149.399144][ T6643] netlink: 4 bytes leftover after parsing attributes in process `syz.3.219'. [ 149.449143][ T6638] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 149.548810][ T6638] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 149.630288][ T6638] lowmem_reserve[]: 0 2490 2491 0 0 [ 149.660072][ T6638] Node 0 DMA32 free:1416852kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:41924kB inactive_anon:0kB active_file:76924kB inactive_file:154652kB unevictable:1536kB writepending:3016kB present:3129332kB managed:2550632kB mlocked:0kB bounce:0kB free_pcp:3060kB local_pcp:2348kB free_cma:0kB [ 149.772481][ T6638] lowmem_reserve[]: 0 0 0 0 0 [ 149.778034][ T6638] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:312kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 149.935509][ T6638] lowmem_reserve[]: 0 0 0 0 0 [ 149.959874][ T6638] Node 1 Normal free:3907340kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 150.000363][ T6638] lowmem_reserve[]: 0 0 0 0 0 [ 150.008544][ T6638] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 150.033044][ T6638] Node 0 DMA32: 22*4kB (UME) 979*8kB (UM) 1418*16kB (UME) 957*32kB (UME) 788*64kB (UME) 458*128kB (UME) 250*256kB (UM) 141*512kB (ME) 42*1024kB (UME) 23*2048kB (M) 249*4096kB (M) = 1416496kB [ 150.064362][ T6638] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 150.094528][ T6638] Node 1 Normal: 235*4kB (UME) 52*8kB (UME) 42*16kB (UME) 201*32kB (UME) 102*64kB (UME) 29*128kB (UME) 14*256kB (UME) 8*512kB (UME) 6*1024kB (UME) 4*2048kB (UE) 944*4096kB (ME) = 3907340kB [ 150.172469][ T6638] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 150.231423][ T6638] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 150.277144][ T6638] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 150.307468][ T6638] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 150.340735][ T6638] 59984 total pagecache pages [ 150.368150][ T6638] 0 pages in swap cache [ 150.375988][ T6638] Free swap = 124676kB [ 150.401735][ T6638] Total swap = 124996kB [ 150.415965][ T6638] 2097051 pages RAM [ 150.420566][ T6638] 0 pages HighMem/MovableOnly [ 150.444701][ T6638] 427671 pages reserved [ 150.475285][ T6638] 0 pages cma reserved [ 151.556081][ T6673] bridge0: port 3(batadv0) entered blocking state [ 151.603437][ T6673] bridge0: port 3(batadv0) entered disabled state [ 151.610609][ T6673] batadv0: entered allmulticast mode [ 151.697820][ T6673] batadv0: entered promiscuous mode [ 151.745741][ T6673] bridge0: port 3(batadv0) entered blocking state [ 151.754041][ T6673] bridge0: port 3(batadv0) entered forwarding state [ 152.059967][ T2948] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 152.070964][ T2948] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 153.538942][ T6703] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 153.539029][ T6703] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 155.444703][ T6732] netlink: 342 bytes leftover after parsing attributes in process `syz.2.249'. [ 156.312459][ T29] audit: type=1326 audit(6033230538.994:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.1.250" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbfe238cda9 code=0x0 [ 157.247602][ T6754] netlink: 342 bytes leftover after parsing attributes in process `syz.2.255'. [ 158.462912][ T6762] syz.2.256 uses obsolete (PF_INET,SOCK_PACKET) [ 159.774169][ T6773] QAT: Device 2 not found [ 160.625214][ T29] audit: type=1800 audit(6033230543.314:5): pid=6780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.258" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 160.771298][ T6783] netlink: 4 bytes leftover after parsing attributes in process `syz.0.263'. [ 162.047838][ T6804] netlink: 28 bytes leftover after parsing attributes in process `syz.1.269'. [ 162.163697][ T6804] geneve1: entered allmulticast mode [ 163.984506][ T6822] Process accounting resumed [ 164.699916][ T6851] : entered promiscuous mode [ 166.796340][ T6858] netlink: zone id is out of range [ 166.804159][ T6858] netlink: zone id is out of range [ 166.809992][ T6858] netlink: zone id is out of range [ 166.846828][ T6858] netlink: zone id is out of range [ 166.880705][ T6858] netlink: zone id is out of range [ 166.907765][ T6858] netlink: zone id is out of range [ 166.995887][ T6858] netlink: zone id is out of range [ 167.025731][ T6858] netlink: zone id is out of range [ 167.058521][ T6858] netlink: zone id is out of range [ 167.076826][ T6858] netlink: zone id is out of range [ 167.801562][ T6885] FAULT_INJECTION: forcing a failure. [ 167.801562][ T6885] name failslab, interval 1, probability 0, space 0, times 0 [ 167.872484][ T6885] CPU: 1 UID: 0 PID: 6885 Comm: syz.3.292 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 167.872528][ T6885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 167.872546][ T6885] Call Trace: [ 167.872555][ T6885] [ 167.872566][ T6885] dump_stack_lvl+0x16c/0x1f0 [ 167.872620][ T6885] should_fail_ex+0x50a/0x650 [ 167.872657][ T6885] ? fs_reclaim_acquire+0xae/0x150 [ 167.872714][ T6885] ? snd_pcm_oss_change_params_locked+0x6e5/0x3a50 [ 167.872762][ T6885] should_failslab+0xc2/0x120 [ 167.872804][ T6885] __kmalloc_cache_noprof+0x68/0x420 [ 167.872837][ T6885] ? _snd_pcm_hw_param_min+0x259/0x630 [ 167.872885][ T6885] snd_pcm_oss_change_params_locked+0x6e5/0x3a50 [ 167.872945][ T6885] ? trace_contention_end+0xee/0x140 [ 167.872992][ T6885] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 167.873052][ T6885] ? tomoyo_path_number_perm+0x190/0x5b0 [ 167.873112][ T6885] ? snd_pcm_oss_sync+0x306/0x7f0 [ 167.873168][ T6885] ? do_vfs_ioctl+0x513/0x1950 [ 167.873239][ T6885] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 167.873290][ T6885] snd_pcm_oss_sync+0x326/0x7f0 [ 167.873339][ T6885] ? 0xffffffffff600000 [ 167.873367][ T6885] snd_pcm_oss_ioctl+0x114a/0x3780 [ 167.873417][ T6885] ? trace_lock_acquire+0x14e/0x1f0 [ 167.873457][ T6885] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 167.873517][ T6885] ? __fget_files+0x206/0x3a0 [ 167.873557][ T6885] ? 0xffffffffff600000 [ 167.873580][ T6885] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 167.873635][ T6885] ? 0xffffffffff600000 [ 167.873657][ T6885] __x64_sys_ioctl+0x190/0x200 [ 167.873712][ T6885] do_syscall_64+0xcd/0x250 [ 167.873771][ T6885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.873820][ T6885] RIP: 0033:0x7f411118cda9 [ 167.873851][ T6885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.873901][ T6885] RSP: 002b:00007f4111f5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 167.873931][ T6885] RAX: ffffffffffffffda RBX: 00007f41113a5fa0 RCX: 00007f411118cda9 [ 167.873952][ T6885] RDX: ffffffffff600000 RSI: 0000000000005001 RDI: 0000000000000005 [ 167.873974][ T6885] RBP: 00007f4111f5f090 R08: 0000000000000000 R09: 0000000000000000 [ 167.874012][ T6885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.874032][ T6885] R13: 0000000000000000 R14: 00007f41113a5fa0 R15: 00007fff43063ac8 [ 167.874076][ T6885] ? 0xffffffffff600000 [ 167.874108][ T6885] [ 168.619750][ T6874] Process accounting resumed [ 170.910905][ T6913] Process accounting resumed [ 171.592609][ T6931] netlink: 342 bytes leftover after parsing attributes in process `syz.1.315'. [ 172.126025][ T6926] netlink: 28 bytes leftover after parsing attributes in process `syz.2.308'. [ 172.243793][ T6926] geneve1: entered allmulticast mode [ 172.625681][ T6947] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 172.744794][ T6947] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 176.952416][ T7017] bonding: no command found in bonding_masters - use +ifname or -ifname [ 178.135993][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.424211][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.761770][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.036073][ T7040] FAULT_INJECTION: forcing a failure. [ 179.036073][ T7040] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 179.097394][ T7040] CPU: 0 UID: 0 PID: 7040 Comm: syz.2.347 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 179.097436][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 179.097454][ T7040] Call Trace: [ 179.097463][ T7040] [ 179.097475][ T7040] dump_stack_lvl+0x16c/0x1f0 [ 179.097528][ T7040] should_fail_ex+0x50a/0x650 [ 179.097563][ T7040] ? __pfx___might_resched+0x10/0x10 [ 179.097611][ T7040] should_fail_alloc_page+0xe7/0x130 [ 179.097657][ T7040] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 179.097719][ T7040] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 179.097764][ T7040] ? __pfx_mark_lock+0x10/0x10 [ 179.097810][ T7040] ? __pfx___lock_acquire+0x10/0x10 [ 179.097848][ T7040] ? mark_lock+0xb5/0xc60 [ 179.097883][ T7040] ? find_held_lock+0x2d/0x110 [ 179.097937][ T7040] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 179.098005][ T7040] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 179.098053][ T7040] ? policy_nodemask+0xea/0x4e0 [ 179.098098][ T7040] alloc_pages_mpol+0x1fc/0x540 [ 179.098141][ T7040] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 179.098184][ T7040] ? find_held_lock+0x2d/0x110 [ 179.098243][ T7040] folio_alloc_mpol_noprof+0x36/0x2f0 [ 179.098294][ T7040] shmem_alloc_folio+0x135/0x160 [ 179.098345][ T7040] shmem_alloc_and_add_folio+0x48e/0xc10 [ 179.098401][ T7040] ? shmem_huge_global_enabled+0x72/0x6b0 [ 179.098452][ T7040] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 179.098505][ T7040] ? shmem_allowable_huge_orders+0xd0/0x410 [ 179.098564][ T7040] shmem_get_folio_gfp+0x689/0x1530 [ 179.098623][ T7040] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 179.098676][ T7040] ? filemap_map_pages+0xf92/0x16b0 [ 179.098734][ T7040] shmem_fault+0x200/0xae0 [ 179.098786][ T7040] ? __pfx_shmem_fault+0x10/0x10 [ 179.098843][ T7040] ? do_pte_missing+0xde9/0x3e10 [ 179.098880][ T7040] ? __pfx_lock_release+0x10/0x10 [ 179.098928][ T7040] __do_fault+0x10a/0x490 [ 179.098978][ T7040] do_pte_missing+0xecf/0x3e10 [ 179.099017][ T7040] ? __pfx_lock_release+0x10/0x10 [ 179.099066][ T7040] __handle_mm_fault+0x1166/0x2c60 [ 179.099115][ T7040] ? __pfx___handle_mm_fault+0x10/0x10 [ 179.099151][ T7040] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 179.099215][ T7040] ? find_vma+0xc0/0x140 [ 179.099264][ T7040] ? __pfx_find_vma+0x10/0x10 [ 179.099321][ T7040] handle_mm_fault+0x3fa/0xaa0 [ 179.099372][ T7040] do_user_addr_fault+0x7a3/0x13f0 [ 179.099426][ T7040] exc_page_fault+0x5c/0xc0 [ 179.099473][ T7040] asm_exc_page_fault+0x26/0x30 [ 179.099518][ T7040] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 179.099555][ T7040] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 179.099584][ T7040] RSP: 0018:ffffc900190377e8 EFLAGS: 00050206 [ 179.099610][ T7040] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000000000c4 [ 179.099628][ T7040] RDX: ffffed100f6e7db9 RSI: 0000000000000000 RDI: ffff88807b73ed00 [ 179.099648][ T7040] RBP: ffffc90019037d60 R08: 0000000000000001 R09: ffffed100f6e7db8 [ 179.099668][ T7040] R10: ffff88807b73edc3 R11: 0000000000000000 R12: 00000000000000c4 [ 179.099687][ T7040] R13: 00007ffffffff000 R14: ffff88807b73ed00 R15: 00000000000000c4 [ 179.099729][ T7040] _copy_from_iter+0x384/0x1400 [ 179.099776][ T7040] ? trace_lock_acquire+0x14e/0x1f0 [ 179.099807][ T7040] ? __alloc_skb+0x200/0x380 [ 179.099858][ T7040] ? __pfx__copy_from_iter+0x10/0x10 [ 179.099899][ T7040] ? __virt_addr_valid+0x1a4/0x590 [ 179.099935][ T7040] ? __virt_addr_valid+0x5e/0x590 [ 179.099965][ T7040] ? __phys_addr_symbol+0x30/0x80 [ 179.100018][ T7040] ? __check_object_size+0x488/0x710 [ 179.100065][ T7040] netlink_sendmsg+0x813/0xd70 [ 179.100117][ T7040] ? __pfx_netlink_sendmsg+0x10/0x10 [ 179.100178][ T7040] ____sys_sendmsg+0x9ae/0xb40 [ 179.100218][ T7040] ? copy_msghdr_from_user+0x10b/0x160 [ 179.100272][ T7040] ? __pfx_____sys_sendmsg+0x10/0x10 [ 179.100311][ T7040] ? __lock_acquire+0xcc5/0x3c40 [ 179.100375][ T7040] ___sys_sendmsg+0x135/0x1e0 [ 179.100432][ T7040] ? __pfx____sys_sendmsg+0x10/0x10 [ 179.100505][ T7040] ? trace_lock_acquire+0x14e/0x1f0 [ 179.100565][ T7040] __sys_sendmmsg+0x201/0x420 [ 179.100602][ T7040] ? __pfx___sys_sendmmsg+0x10/0x10 [ 179.100647][ T7040] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 179.100714][ T7040] ? fput+0x67/0x440 [ 179.100756][ T7040] ? ksys_write+0x1ba/0x250 [ 179.100788][ T7040] ? __pfx_ksys_write+0x10/0x10 [ 179.100828][ T7040] __x64_sys_sendmmsg+0x9c/0x100 [ 179.100858][ T7040] ? lockdep_hardirqs_on+0x7c/0x110 [ 179.100904][ T7040] do_syscall_64+0xcd/0x250 [ 179.100955][ T7040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.101001][ T7040] RIP: 0033:0x7ff57738cda9 [ 179.101025][ T7040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.101054][ T7040] RSP: 002b:00007ff5781fb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 179.101081][ T7040] RAX: ffffffffffffffda RBX: 00007ff5775a5fa0 RCX: 00007ff57738cda9 [ 179.101102][ T7040] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003 [ 179.101120][ T7040] RBP: 00007ff5781fb090 R08: 0000000000000000 R09: 0000000000000000 [ 179.101139][ T7040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 179.101158][ T7040] R13: 0000000000000000 R14: 00007ff5775a5fa0 R15: 00007ffc34731728 [ 179.101199][ T7040] [ 179.423043][ T7042] ------------[ cut here ]------------ [ 179.425648][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.433345][ T7042] platform vkms: [drm] vblank wait timed out on crtc 0 [ 179.944799][ T7042] WARNING: CPU: 0 PID: 7042 at drivers/gpu/drm/drm_vblank.c:1307 drm_wait_one_vblank+0x334/0x550 [ 179.958338][ T7042] Modules linked in: [ 179.963881][ T7042] CPU: 0 UID: 0 PID: 7042 Comm: syz.1.345 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 179.977748][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 179.990589][ T7042] RIP: 0010:drm_wait_one_vblank+0x334/0x550 [ 179.997016][ T7042] Code: 85 ed 0f 84 54 01 00 00 e8 c9 a6 60 fc 4c 89 e7 e8 d1 d3 8a 00 89 e9 4c 89 ea 48 c7 c7 80 37 e8 8b 48 89 c6 e8 fd 8e 21 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 9e a6 60 fc 90 48 8d 7b 08 48 b8 00 [ 180.030905][ C0] vkms_vblank_simulate: vblank timer overrun SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 180.039107][ T7042] RSP: 0018:ffffc9001026fb28 EFLAGS: 00010286 [ 180.046960][ T7042] RAX: 0000000000000000 RBX: ffff888024f30000 RCX: ffffc9000e3b9000 [ 180.058047][ T7042] RDX: 0000000000080000 RSI: ffffffff8179c506 RDI: 0000000000000001 [ 180.067205][ T7042] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 180.076913][ T7042] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88802550b010 [ 180.088740][ T7042] R13: ffff88814177ef40 R14: 1ffff9200204df67 R15: 00000000000026c8 [ 180.097883][ T7042] FS: 00007fbfe32756c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 180.107979][ T7042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.117161][ T7042] CR2: 00007f442bd762d8 CR3: 0000000030312000 CR4: 00000000003526f0 [ 180.126272][ T7042] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 180.135294][ T7042] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 180.144321][ T7042] Call Trace: [ 180.145882][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.147752][ T7042] [ 180.163329][ T7042] ? __warn+0xea/0x3c0 [ 180.168404][ T7042] ? preempt_schedule_notrace+0x62/0xe0 [ 180.177483][ T7042] ? drm_wait_one_vblank+0x334/0x550 [ 180.184028][ T7042] ? report_bug+0x3c0/0x580 [ 180.191905][ T7042] ? handle_bug+0x54/0xa0 [ 180.197019][ T7042] ? exc_invalid_op+0x17/0x50 [ 180.202900][ T7042] ? asm_exc_invalid_op+0x1a/0x20 [ 180.208261][ T7042] ? __warn_printk+0x1a6/0x350 [ 180.216491][ T7042] ? drm_wait_one_vblank+0x334/0x550 [ 180.224975][ T7042] ? drm_wait_one_vblank+0x333/0x550 [ 180.232115][ T7042] ? __pfx_drm_wait_one_vblank+0x10/0x10 [ 180.238457][ T7042] ? mark_held_locks+0x9f/0xe0 [ 180.249391][ T7042] ? __pfx_autoremove_wake_function+0x10/0x10 [ 180.257050][ T7042] ? lockdep_hardirqs_on+0x7c/0x110 [ 180.264646][ T7042] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 180.275519][ T7042] ? drm_vblank_get+0x150/0x280 [ 180.282769][ T7042] drm_fb_helper_ioctl+0x156/0x1a0 [ 180.288449][ T7042] ? __pfx_drm_fb_helper_ioctl+0x10/0x10 [ 180.295344][ T7042] do_fb_ioctl+0x3d4/0x7d0 [ 180.296851][ T5852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 180.300092][ T7042] ? __pfx_do_fb_ioctl+0x10/0x10 [ 180.315955][ T7042] ? do_vfs_ioctl+0x513/0x1950 [ 180.317579][ T5852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 180.321279][ T7042] ? kmem_cache_free+0x2e2/0x4d0 [ 180.331910][ T5852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 180.334920][ T7042] ? __fget_files+0x206/0x3a0 [ 180.343895][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 180.347485][ T7042] fb_ioctl+0xe5/0x150 [ 180.366731][ T5852] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 180.369828][ T7042] ? __pfx_fb_ioctl+0x10/0x10 [ 180.369877][ T7042] __x64_sys_ioctl+0x190/0x200 [ 180.387884][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 180.390351][ T7042] do_syscall_64+0xcd/0x250 [ 180.410538][ T7042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.418671][ T7042] RIP: 0033:0x7fbfe238cda9 [ 180.424077][ T7042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.445116][ C0] vkms_vblank_simulate: vblank timer overrun [ 180.451752][ T7042] RSP: 002b:00007fbfe3275038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.461134][ T7042] RAX: ffffffffffffffda RBX: 00007fbfe25a6160 RCX: 00007fbfe238cda9 [ 180.471619][ T7042] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 000000000000000d [ 180.481282][ T7042] RBP: 00007fbfe240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 180.490148][ T7042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.499314][ T7042] R13: 0000000000000000 R14: 00007fbfe25a6160 R15: 00007ffe201779d8 [ 180.508119][ T7042] [ 180.511744][ T7042] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 180.519873][ T7042] CPU: 0 UID: 0 PID: 7042 Comm: syz.1.345 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 180.531591][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 180.542113][ T7042] Call Trace: [ 180.545833][ T7042] [ 180.549262][ T7042] dump_stack_lvl+0x3d/0x1f0 [ 180.554429][ T7042] panic+0x71d/0x800 [ 180.558609][ T7042] ? __pfx_panic+0x10/0x10 [ 180.563968][ T7042] ? show_trace_log_lvl+0x29d/0x3d0 [ 180.571396][ T7042] ? drm_wait_one_vblank+0x334/0x550 [ 180.577198][ T7042] check_panic_on_warn+0xab/0xb0 [ 180.582726][ T7042] __warn+0xf6/0x3c0 [ 180.590142][ T7042] ? preempt_schedule_notrace+0x62/0xe0 [ 180.596397][ T7042] ? drm_wait_one_vblank+0x334/0x550 [ 180.602517][ T7042] report_bug+0x3c0/0x580 [ 180.607195][ T7042] handle_bug+0x54/0xa0 [ 180.612079][ T7042] exc_invalid_op+0x17/0x50 [ 180.616915][ T7042] asm_exc_invalid_op+0x1a/0x20 [ 180.622395][ T7042] RIP: 0010:drm_wait_one_vblank+0x334/0x550 [ 180.630313][ T7042] Code: 85 ed 0f 84 54 01 00 00 e8 c9 a6 60 fc 4c 89 e7 e8 d1 d3 8a 00 89 e9 4c 89 ea 48 c7 c7 80 37 e8 8b 48 89 c6 e8 fd 8e 21 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 9e a6 60 fc 90 48 8d 7b 08 48 b8 00 [ 180.651372][ T7042] RSP: 0018:ffffc9001026fb28 EFLAGS: 00010286 [ 180.660514][ T7042] RAX: 0000000000000000 RBX: ffff888024f30000 RCX: ffffc9000e3b9000 [ 180.668939][ T7042] RDX: 0000000000080000 RSI: ffffffff8179c506 RDI: 0000000000000001 [ 180.677945][ T7042] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 180.688363][ T7042] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88802550b010 [ 180.701369][ T7042] R13: ffff88814177ef40 R14: 1ffff9200204df67 R15: 00000000000026c8 [ 180.711167][ T7042] ? __warn_printk+0x1a6/0x350 [ 180.716805][ T7042] ? drm_wait_one_vblank+0x333/0x550 [ 180.722638][ T7042] ? __pfx_drm_wait_one_vblank+0x10/0x10 [ 180.728718][ T7042] ? mark_held_locks+0x9f/0xe0 [ 180.738361][ T7042] ? __pfx_autoremove_wake_function+0x10/0x10 [ 180.744936][ T7042] ? lockdep_hardirqs_on+0x7c/0x110 [ 180.750391][ T7042] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 180.757217][ T7042] ? drm_vblank_get+0x150/0x280 [ 180.763461][ T7042] drm_fb_helper_ioctl+0x156/0x1a0 [ 180.768871][ T7042] ? __pfx_drm_fb_helper_ioctl+0x10/0x10 [ 180.777211][ T7042] do_fb_ioctl+0x3d4/0x7d0 [ 180.783839][ T7042] ? __pfx_do_fb_ioctl+0x10/0x10 [ 180.790100][ T7042] ? do_vfs_ioctl+0x513/0x1950 [ 180.797205][ T7042] ? kmem_cache_free+0x2e2/0x4d0 [ 180.802772][ T7042] ? __fget_files+0x206/0x3a0 [ 180.809538][ T7042] fb_ioctl+0xe5/0x150 [ 180.813851][ T7042] ? __pfx_fb_ioctl+0x10/0x10 [ 180.818752][ T7042] __x64_sys_ioctl+0x190/0x200 [ 180.823687][ T7042] do_syscall_64+0xcd/0x250 [ 180.829151][ T7042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.843113][ T7042] RIP: 0033:0x7fbfe238cda9 [ 180.848277][ T7042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.872067][ T7042] RSP: 002b:00007fbfe3275038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.881082][ T7042] RAX: ffffffffffffffda RBX: 00007fbfe25a6160 RCX: 00007fbfe238cda9 [ 180.892154][ T7042] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 000000000000000d [ 180.900706][ T7042] RBP: 00007fbfe240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 180.910678][ T7042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.926749][ T7042] R13: 0000000000000000 R14: 00007fbfe25a6160 R15: 00007ffe201779d8 [ 180.935334][ T7042] [ 180.938638][ T7042] Kernel Offset: disabled [ 180.944101][ T7042] Rebooting in 86400 seconds..