last executing test programs:

4m44.311982479s ago: executing program 3 (id=2536):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x3) (async)
r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x8082, 0x0) (async)
socket(0x28, 0x1, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) (async)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0)
readv$auto(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0x2}, 0x2) (async)
madvise$auto(0x0, 0xffffffffffff0003, 0x15) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0)

4m44.021057021s ago: executing program 3 (id=2540):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
r0 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r0, 0x0, 0x483, 0x0, &(0x7f0000000040)=0x3) (fail_nth: 1)

4m43.37962688s ago: executing program 3 (id=2545):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x204041, 0x0)
symlink$auto(&(0x7f0000000080)='\xe6\'\xd4\v{T+\xac', &(0x7f0000000000)='\'--[[\x14+\\\x00') (async)
readlink$auto(&(0x7f0000000040)='\'--[[\x14+\\\x00', 0x0, 0x8) (async)
readlink$auto(&(0x7f0000000180)='\'--[[\x14+\\\x00', &(0x7f0000001100)='\xac\f\x13\rh6\xef\b\x821\x97\x00oB<W\xd9/\xfc\xb3P\x01\xb9~gi\xc6C\x1b-d\x9d\xe0\xcf6\x0e\x11\x81r\x1c\xa0\xdc\x82\xb7:X\xd0\r\xad\xc0\xa0\x18SBw\xd9vy\xcf\xe6#!\xd4\xa5\x1b \xd0\xaci\xb4\xeb\x13\xffI\xa9\xb5\xea_\xe5\xab\x96q\x1e\x15\xa0{\xd5\xce\xab]R\xab\x18\xc1B\xe6c\xc1\xc5\xac*\xa5\x9e}\xdf%b\xde#\x9c\t\xcc=\xc9\xe0\xf2s\xd9\x13p\x82\xbb?\xa4\xd5N&#*\x95L\x87\x8a:N\x8cfF\xd0\xd6+\xb8[\x9d\xfbE\xc4+\xdbC\xcf\x19\xa5\xd0\xbdG&~\xd7\xd8\x03T\xe5\xbc;\xbc\xa4OQA\x94i\xab\xc5\xee\x96\xaf\xe2\v\xc1 \xba\xc5w', 0x80)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0xffff, 0x2, 0xb) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
r0 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r0, &(0x7f0000000040)=""/4096, 0xfffffe82) (async)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async)
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) (async, rerun: 32)
r2 = socket(0x15, 0x5, 0x0) (async, rerun: 32)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0xa0741, 0x0) (async, rerun: 32)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (rerun: 32)
setsockopt$auto(r2, 0x114, 0x8, 0x0, 0x4) (async, rerun: 64)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) (async, rerun: 64)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) (async)
r3 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r3, 0x114, 0x271c, 0xfffffffffffffffc, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x3, 0x100) (async)
socket(0x10, 0x2, 0x0) (async)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x2, 0x0) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001040)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=ANY=[@ANYBLOB="14000000", @ANYRES64=r1, @ANYRES32=r2], 0x14}, 0x1, 0x0, 0x0, 0x4805}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)

4m43.181570143s ago: executing program 3 (id=2548):
r0 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_clock\x00', 0x28801, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/config.gz\x00', 0x40000, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/tty35\x00', 0xc000, 0x0)
ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000300)=""/236, 0xec)
mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000)
r3 = io_uring_setup$auto(0x1, 0x0)
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000000)=""/4096, 0x1000)
socket(0x15, 0x4, 0x1)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume\x00', 0x8100, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd)
r4 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000080), 0x100401, 0x0)
write$auto_evm_xattr_ops_evm_secfs(r4, &(0x7f00000000c0)='.', 0x1)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/cpumask_requested\x00', 0x2400, 0x0)
read$auto(r5, &(0x7f0000002440)='\x00', 0x9)
sysfs$auto(0x2, 0x17, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000380)='nfsd\x00w\xd0\x9bv\x9e_\xdc\xec\xce\xde\xd5\x91n\xa2\a\xe0\xb7\x82\xcb\xe0m\xd5U\xa4\xb6\";2\xde\xafI\xbe\xc5\xab\x06\x13I\xe7t[c@\x91\xb8x+\xab\xa2\x8e\xe3\xfdz\x8aY/O\x134\xd1\xa7\xb7\xe8\r\xfc\xa7\x16\x8b\x1c\xef\x87\xf5au/\x80\x00X\xaa\b\xa6u\xf2\x9aR<!\x01\x00\x00\x00\x00\x00\x00\x000\x98\x9eZ\xc7D\x0f\x88\x84\x8e\xbf\x97\xef\xd0w\x00\xdf\xe2\xe1go\xc9\x1c\xa7\x96\xdaG\xdf\x00#\x16\xbb\xc8\xaag\xb9\xc5J\xbc\x17\x16\xc7\xef\x1e\xd9E\x84\xa6\x91q\xb6\xfb', 0x10001, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
setresuid$auto(0xd, 0x5, 0x81fe)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
epoll_pwait2$auto(r0, &(0x7f0000001000)={0x8000, 0x1800}, 0x10000, &(0x7f0000001040)={0x2, 0x6}, &(0x7f0000001080)={0x7ff}, 0x8)

4m42.923092836s ago: executing program 3 (id=2550):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4000000)
close_range$auto(0x6, 0xb0, 0x6)
ioctl$auto_DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000040)={0x100000001, <r1=>0xffffffffffffffff, <r2=>r0, 0xf37})
read$auto_tomoyo_operations_securityfs_if(r1, &(0x7f0000000180)=""/140, 0x8c)
select$auto(0x804, 0x0, &(0x7f0000000100)={[0x9, 0x0, 0x0, 0x80000300, 0x1, 0x0, 0x2, 0x3, 0x81, 0x10000005e58296b, 0x1e, 0x9, 0x7ff, 0x200, 0x20000000008, 0x4000000000006]}, 0x0, 0x0)
r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysinfo$auto(0x0)
r4 = socket(0x2, 0x6, 0x0)
getsockopt$auto(r4, 0x10d, 0x1, 0x0, 0x0)
mprotect$auto(0x9, 0x7, 0x10001)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000240), r2)
sendmsg$auto_ILA_CMD_GET(r5, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, r6, 0xa00, 0x70bd2b, 0x25dfdbfc, {}, [@ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0xffff}]}, 0x20}, 0x1, 0x0, 0x0, 0x240080c4}, 0x20000010)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f00000000c0)={0x1, "e6c26c22ab89af11056b0001ac097e0a0728d9300000c500"})

4m42.631296698s ago: executing program 3 (id=2552):
socket(0x23, 0x80805, 0x0) (async)
mmap$auto(0x0, 0x200000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
write$auto(0x3, 0x0, 0xfdef)
ioctl$auto(0x3, 0x89ed, 0xfffffffffffff4e0)

4m27.54125683s ago: executing program 32 (id=2552):
socket(0x23, 0x80805, 0x0) (async)
mmap$auto(0x0, 0x200000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
write$auto(0x3, 0x0, 0xfdef)
ioctl$auto(0x3, 0x89ed, 0xfffffffffffff4e0)

10.601597322s ago: executing program 2 (id=4182):
r0 = socket(0x11, 0x3, 0x9)
readv$auto(0x3, 0x0, 0x2)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
wait4$auto(0x0, 0x0, 0x10001, 0x0)
r2 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r2, 0x84, 0xf, 0x0, &(0x7f0000000080)=0x9b)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x800000, &(0x7f0000000100)=@link_update={r1, @new_prog_fd, 0x8, @old_map_fd=r2}, 0x6f4)
bpf$auto(0xf, &(0x7f0000000280)=@iter_create={r0, 0x801fd}, 0x6)
r3 = socket(0x2, 0x801, 0x106)
write$auto(r3, &(0x7f0000000000)='\x00', 0xfd)
r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_POOL_MODE_GET(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [""]}, 0x14}}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x1d, 0x2, 0x6)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r1, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4051}, 0x40008d5)
r7 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r8=>0x0})
ioperm$auto(0x3, 0xe, 0x2000000000000149)
shutdown$auto(0x200000003, 0x2)
sendmsg$auto_NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x20048800)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)
lchown$auto(&(0x7f0000000000)='.\x00', 0x0, 0x6)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, <r9=>r8, 0xfd}, 0x6a)
sendmsg$auto_ETHTOOL_MSG_FEC_SET(r6, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000580)=ANY=[@ANYBLOB='\x00\x00k\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000ffdbdf251e000000050003002600000005000300080000002400018008000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000300030000005000018008000100", @ANYRES32=r8, @ANYBLOB="080003000000010008000100", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="14000200766c616e31000000000000000000000008000100", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=r8, @ANYRESOCT=0x0], 0xfe8}, 0x1, 0x0, 0x0, 0x4005}, 0x2004c090)
r10 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_GTP_CMD_DELPDP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="010005bd7000ffdbdf25010000000800020009000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000894)

7.31682051s ago: executing program 4 (id=4197):
r0 = openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0xb01, 0x0)
write$auto_tracing_err_log_fops_trace(r0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r2, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x34, r1, 0xb77b02080cac5bcb, 0x70bd2c, 0x259fdbff, {}, [@ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x9}, @ETHTOOL_A_MODULE_EEPROM_PAGE={0x5}, @ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0x9}, @ETHTOOL_A_MODULE_EEPROM_OFFSET={0x8, 0x2, 0xf7}]}, 0x34}}, 0x82)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001ac0)=ANY=[@ANYRES32, @ANYBLOB='\b'], 0x30}, 0x1, 0x0, 0x0, 0x44805}, 0x20004000)
r3 = syz_clone(0x2020000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)="6bc9c7800ae3752a85ac1b67b2924d0920b9d4c3a00401668633157112b1db90d2b12e1400f2a44c")
r4 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, <r5=>r4, 0x0, 0x3}, 0xc)
r6 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000240), 0xffffffffffffffff)
msgctl$auto(0x7, 0x0, &(0x7f0000000380)={{0x4, <r7=>0xee00, 0xee01, 0x2, 0x200, 0xe, 0x400}, &(0x7f0000000300)=0x1, &(0x7f0000000340)=0x1, 0x2, 0x6bb, 0x3, 0xe2a5, 0x80000000, 0x7, 0x2, 0x1, @inferred=r3, @raw=0x401})
shutdown$auto(r4, 0x2894)
sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(r5, &(0x7f0000001a80)={&(0x7f0000001980), 0xc, &(0x7f0000001a40)={&(0x7f0000001a00)={0x1c, 0x0, 0x300, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4810)
r8 = openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, 0x0, 0x400, 0x0)
socket(0x15, 0x5, 0x0)
sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001900)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB, @ANYRES32=0xee00, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB], 0x1490}, 0x1, 0x0, 0x0, 0x4000000}, 0x6)
unshare$auto(0x4)
getsockopt$auto(0xffffffffffffffff, 0x40000000113, 0x3, 0xfffffffffffffffc, 0x0)
mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r9 = socket(0x1d, 0x2, 0x6)
setsockopt$auto(r9, 0x6a, 0x5, 0x0, 0x3)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'ip6tnl0\x00'})
sendmsg$auto_ETHTOOL_MSG_MODULE_SET(r10, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0xac, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x0, 0x2, 0x5}]}, 0xdb}, 0x1, 0x0, 0x0, 0x4}, 0x4)

3.779048849s ago: executing program 4 (id=4209):
connect$auto(0x3, &(0x7f0000000140), 0x55)

3.481653446s ago: executing program 4 (id=4211):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x26, 0x5, 0x0)
getsockopt$auto(0x6, 0x40000000029, 0x48, 0x0, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x200)

3.372363535s ago: executing program 1 (id=4212):
mmap$auto(0x0, 0x2020009, 0x40000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000040)={0x3, 0x7, 0x200008})
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r1, 0x540a, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto(0xffffffffffffffff, 0xc0185502, 0xffffffffffffffff)
socket(0xf, 0x3, 0x73)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x8a002, 0x0)
ioctl$auto_TIOCGDEV2(r0, 0x80045432, &(0x7f0000000080)=0xfffffffa)
socket(0x1e, 0x80805, 0x0)
connect$auto(0x3, &(0x7f0000000140), 0x55)
ioctl$auto(r2, 0x5385, r2)
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000040), 0x84040, 0x0)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
ioctl$auto(r3, 0x2275, 0x38)
sendmmsg$auto(r3, &(0x7f0000000280)={{&(0x7f0000000080), 0x2, &(0x7f00000001c0)={&(0x7f00000000c0)="4a27574ca3ef75db85d03adba2e5558d6a1ebabd6e32422a328943871e15fc1f73be4f7d6082828b5e0e254914a71197c7d649d70863b3e90f61b8175680eca60d0d2f5494f77bd5b629438459ef93e378d217fc88f8332cc7525d42ba4153ed7d56b3934ea1b48bf82ef617b2475fd1ef0295a5106f95acb223d61c4c7f0cb1205e192a4c22a4fbcdbf4102ad683af7027b14759a180a93c9854a7df2c7c780ea56e4ceba270755d8ad9f7de6ef1b14742dc2369176f43e3cf4de08f4f1a5b4ec3c8a472f7b3053b2aff7bd6d5d2488a540d63c613b4ea2147ee17fc20b38", 0xf68}, 0x2, &(0x7f0000000200)="fb33195a8231d50daab60111866092c045dd2f88fb5a2011d83f445c0d6f9ac6c08812cdf9f41cd900c44868843d6f543e5c10599ab8129d901a14fbdbe62e38525ab434b7a1425149ed9eb5c273bb842c0743a4a31589fb933b506fef3251d561eea9e1963a6b3cd4ce5cd0a4", 0x4, 0x3}, 0x200}, 0x7fffffff, 0x4)
mmap$auto(0x6, 0x8, 0x6, 0x12, 0xffffffffffffffff, 0x2)
ioctl$auto(r0, 0x4b65, 0x1)
sendfile$auto(r3, r3, 0x0, 0x9)

3.253806113s ago: executing program 0 (id=4213):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.rpcsec.context/channel\x00', 0x907bd8f1f40a8d72, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0xfffffffffffffffd, 0x2, 0x8002)
close_range$auto(r0, 0x5, 0xf)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000040000fdef}, 0x1)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x400080, 0x3)
socket(0x29, 0x5, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
r1 = open$auto(&(0x7f0000000080)='./file0\x00', 0x9, 0xb8a8)
listen$auto(r1, 0x8)
r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="24010000", @ANYRES16=r2, @ANYBLOB="010025bd700002dcdf2503000000040008000c0101800801108004010fc099cb9d0ac5e7ca3db865f48743213f4895a92d889bcc52161a9db0c71042415f87e61e3975a378b736c3306b1a3ee4ce8b655fea2d69b00098f23b1cb37bf85739d04fb10a01766880ff82bbcaf8ffcc48221b11ee52385f95f3ca6366d40c8f351f1acb8150cb3f1cafce4ab8ab2088cd036ec159ace6a86b542d5d8052a4be21311d98044cbdc3a15d34c29150d2cf295ab86ea42b51a5745e2911d0571fa6c66dad9cb30216732f9ba61fcdae60022bfa6da7e5c55339f2d80fbc2405cdbdf77856206c82c836024e4169fc9784aeafa9debd822a1bcf47979c0c1de2e6733f8f747ebdf057a5be351a327b07757bb36f5c3608656cec1929d7701f4f2c26caeedc5e884b84d7051ecf5f2c5482e646c7163747a39635"], 0x124}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800)
pipe$auto(&(0x7f00000000c0)=r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = socket(0xa, 0x80003, 0x300)
setsockopt$auto(r5, 0x107, 0x1, 0x0, 0x4)
clock_nanosleep$auto(0x7, 0x6, 0x0, 0xfffffffffffffffd)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(r4, 0x0, 0x4000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_SMC_PNETID_ADD(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="238429bd7000fedbdf2501ffffe10c00020073797a5f74756e002c000100657468746f6f6c00"], 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)
socket(0x10, 0x2, 0x4)
r8 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r8, 0xae01, 0x0)

3.224753014s ago: executing program 4 (id=4214):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/virt_wifi0/router_solicitations\x00', 0x101202, 0x0)
sendfile$auto(0xffffffffffffffff, r0, 0x0, 0x48)

3.222877374s ago: executing program 1 (id=4215):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x23, 0x80805, 0x0)
mmap$auto(0x4, 0x20007, 0xdf, 0xeb1, 0xffffffffffffffff, 0x7fff)
socket(0xa, 0x3, 0xff)
r1 = fcntl$auto(0x3, 0xf, 0x5)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0xe0080, 0x0)
r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
io_uring_setup$auto(0x1, 0x0)
r3 = socket(0x2b, 0x3, 0x300)
ioctl$auto(r1, 0x2, r2)
setsockopt$auto(r3, 0x107, 0x1, 0x0, 0x8004)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
semctl$auto(0x3, 0x2, 0x13, 0x9)
fcntl$auto(0xffffffffffffffff, 0xf, 0x6)
memfd_secret$auto(0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
fchownat$auto(0x2, 0x0, 0x4, 0x8001, 0x1000)
unshare$auto(0x40000080)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000002c0), 0x242421, 0x0)
r4 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/available_tracers\x00', 0x40000, 0x0)
read$auto_show_traces_fops_trace(r4, &(0x7f0000000640)=""/188, 0xbc)
read$auto_show_traces_fops_trace(r4, &(0x7f0000000000)=""/179, 0xb3)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000e80), 0xffffffffffffffff)
rt_sigtimedwait$auto(&(0x7f00000001c0)={0x1}, &(0x7f0000000340)={@siginfo_0_0={0x1, 0x5, 0x9, @_sigfault={&(0x7f00000004c0)="0981eff850750b30d717503ac661320dbb5fcc59d3d1ad83c2202457b498db2d930379348d8bbd766ca32bb46792307d47a437e0873d22efb854275cf3d4e0a546a64336b224ef4fa29bf97841d0dd1b9260b312c430e22b31c4d75d9406ac8019e44ddaf316a599e943b0514f515d5a4bd736b3743db8ec8e1c5c1db8416be2789f1e85007dfd4dfe507941ae679007df295bce7e9b2b8fc54b0a8165c7a6e7c5a9d4f7b054b95de42a7ed01743f605b20ccb192187b922b4ad155a5b95baa05618126a1383d4b2a3148d2c18376f5338c7376c03bfda6ece4e9fced8b9c24d59662612dcbd04405afe7525092d843a4343", @_perf={0x1, 0x45, 0x9}}}}, &(0x7f0000000140)={0x75e, 0x3}, 0x8)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=ANY=[@ANYRES8, @ANYRES16=r5, @ANYRES32=r5, @ANYRES16, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4100f7b4a8132d759892f424887b55fbcf38553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43341a1e670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100045800c00c50003000000000000001800368014006c800800150002020000050018005d0000000000d0cb580b273180", @ANYRES64=r0, @ANYRES32=0x0], 0xfc}, 0x1, 0x0, 0x0, 0x4044800}, 0x50)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff)

3.025957297s ago: executing program 4 (id=4216):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010029"], 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x20000084) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0)
r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x4601, 0x0) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x42080, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
madvise$auto(0x0, 0xffbfffffffff0005, 0x17) (async, rerun: 64)
mseal$auto(0x1ffff000, 0x7dda, 0x0)

2.279981803s ago: executing program 1 (id=4217):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000001100), r0)
sendmsg$auto_CTRL_CMD_GETFAMILY(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001140)={0x1c, r1, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x34}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20008044) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000)
connect$auto(0x4, 0x0, 0x10) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
socket(0x18, 0xa, 0x1) (async)
socket(0xa, 0x2, 0x0) (async)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x22, 0x0, 0x0) (async)
recvmsg$auto(0x4, 0x0, 0x33c)

2.141589716s ago: executing program 1 (id=4218):
mmap$auto(0xfffffffffffffffc, 0x2020009, 0x7f, 0x200000000eb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x18, 0x17)
futex_requeue$auto(0x0, 0x80, 0x2, 0x101)
fsmount$auto(0xffffffffffffffff, 0x81, 0xc185)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket(0x1d, 0x2, 0x6)
r1 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001400)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="080027bd7000fbdbdf2529000000"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
connect$auto(0x3, 0x0, 0x55)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x600007, 0x19)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

1.562774143s ago: executing program 2 (id=4219):
connect$auto(0x3, &(0x7f0000000140), 0x55)

1.541743577s ago: executing program 0 (id=4220):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
bpf$auto(0x10, &(0x7f0000001700)=@query={@target_fd, 0x7, 0x1, 0x9, 0x7f, @prog_cnt=0x2, 0x0, 0xf, 0x8, 0x7, 0x1}, 0x63a)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
clock_settime$auto(0xfffffff0, &(0x7f0000000000)={0x6, 0x7})
getcwd$auto(0x0, 0xffffffffffffffff)
ioctl$auto_PPPIOCSMAXCID(r0, 0x40047451, 0x0)

1.489625426s ago: executing program 2 (id=4221):
write$auto(0x800000000000c8, 0x0, 0x1a) (async)
write$auto(0x800000000000c8, 0x0, 0x1a)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/io_stat\x00', 0x0, 0x0)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x8a240, 0x15e) (async)
open(&(0x7f0000000000)='./file0\x00', 0x8a240, 0x15e)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
shutdown$auto(0x200000003, 0x2) (async)
shutdown$auto(0x200000003, 0x2)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x200000007b, 0x4) (async)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x200000007b, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)

1.422306005s ago: executing program 4 (id=4222):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
io_uring_setup$auto(0x81c5, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0xa0080}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x8}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040004}, 0x4800)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0)
write$auto_fuse_dev_operations_fuse_i(r2, &(0x7f0000000440)="110000001265843a000000000000000000", 0x11)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xf90000, 0x0, 0xfffffffffffffffd)

1.314290669s ago: executing program 2 (id=4223):
getcwd$auto(&(0x7f0000000000)='./\x00', 0x6)
getcwd$auto(&(0x7f0000000040)='./\x00', 0x1)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card1/pcm0p/sub7/info\x00', 0x404900, 0x0)
bind$auto(r0, &(0x7f00000000c0)=@can={0x1d, <r1=>0x0}, 0xd)
getcwd$auto(&(0x7f0000000100)='\x00', 0x5)
getcwd$auto(&(0x7f0000000140)=')-.\x00', 0x4)
getcwd$auto(&(0x7f0000000180)='{-R\x00', 0xffffffffffffff7f)
r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cpu/0/cpuid\x00', 0x10800, 0x0)
mmap$auto(0x0, 0xf4, 0x2, 0x11, r2, 0x1)
r3 = openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x101040, 0x0)
epoll_ctl$auto(r3, 0x400, r2, &(0x7f0000000240)={0xd, 0x10})
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff)
getcwd$auto(&(0x7f00000002c0)='+\x00', 0x8)
ioctl$auto_FUSE_DEV_IOC_BACKING_OPEN(0xffffffffffffffff, 0x4010e501, &(0x7f0000000340)={<r4=>r3, 0xe7})
syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000300), r4)
read$auto_proc_pid_cmdline_ops_base(r4, &(0x7f0000000380)=""/149, 0x95)
mkdir$auto(&(0x7f0000000440)='./file0\x00', 0x0)
read$auto_proc_pid_cmdline_ops_base(r4, &(0x7f0000000480)=""/137, 0x89)
bind$auto(r3, &(0x7f0000000540)=@xdp={0x2c, 0x5, r1, 0x25}, 0x2)
mmap$auto(0xe, 0xca00000000000000, 0x6, 0x70, r2, 0x2)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000005c0), r4)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x24, r5, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x101}, @NFSD_A_SERVER_SCOPE={0x8, 0x4, ':{\'\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000080)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/thread-self/fail-nth\x00', 0x440, 0x0)
getcwd$auto(&(0x7f0000000700)='+\x00', 0x8)
socket(0xa, 0x80000, 0xd)
chmod$auto(&(0x7f0000000740)='./file0\x00', 0x400)
r6 = getpid()
capget$auto(&(0x7f0000000780)={0x0, r6}, &(0x7f00000007c0)={0x101, 0x3, 0x5dd})
ioctl$auto_UBI_IOCATT(r4, 0x40186f40, &(0x7f0000000800)={0x3, 0x2, 0x3ff, 0x8001, 0x5, 0x6})
signalfd4$auto(r2, &(0x7f0000000840)={0x6}, 0x4, 0x7ff)

1.27132032s ago: executing program 1 (id=4224):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x460700, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = memfd_create$auto(0x0, 0xe)
r2 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x31}}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0x800000000000, 0x12f, 0xdf, 0x9b72, 0x7, 0x1)
socket(0x2, 0x1, 0x0)
sendmsg$auto_BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='d', @ANYRES16=0x0], 0x64}, 0x1, 0x0, 0x0, 0x84041}, 0x80448e1)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
bind$auto(0x3, 0x0, 0x6b)
ioctl$auto_VHOST_SET_FEATURES2(r1, 0x4008af00, &(0x7f0000000000)=0x4)
connect$auto(0x3, 0x0, 0x55)
listen$auto(0x3, 0xfffffffa)
tkill$auto(0x1, 0x9)
mincore$auto(0x4, 0x9, &(0x7f0000000080)='/sys/kernel/debug/tracing/uprobe_events\x00')
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x2b, 0x6, 0x400001)
read$auto(r2, &(0x7f00000000c0)='&\x00', 0x8)
madvise$auto(0x60b9ff94, 0x3, 0x4)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
write$auto(0x3, 0x0, 0x7fffffff)
close_range$auto(0x2, 0xa, 0x0)

1.174519002s ago: executing program 2 (id=4225):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x6, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0xd2d2, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x4, 0x80}, 0x96)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc)
mprotect$auto(0x0, 0x8000000000000001, 0x6)
write$auto(r0, 0x0, 0x40)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bond_slave_1\x00', <r2=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8, 0x2, r2}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF1_AGE={0x8, 0x3, 0x6}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x848000000015, 0x805, 0x0)
setsockopt$auto(0x3, 0x114, 0x5, 0x0, 0xa0)

970.587059ms ago: executing program 0 (id=4226):
lstat$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x100000004, 0x3, 0x0, 0x0, 0x0, 0x10001, 0x6, 0x9, 0x400, 0xfffffffffffffffb, 0x9, 0xffffffff80000000, 0x1, 0x65, 0x103})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x83, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), r1)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r2, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4)
ioctl$auto(0x3, 0x80000541b, 0x38)

804.708059ms ago: executing program 2 (id=4227):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0xf, 0x0, 0xc, 0xd}, 0x547}, 0x3c, 0x100)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
pipe2$auto(0x0, 0x80)
close_range$auto(0x7, 0xfffffffffffffff8, 0x2)
bpf$auto(0x10, 0x0, 0x9)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000c40), 0xffffffffffffffff)

625.182134ms ago: executing program 0 (id=4228):
unshare$auto(0x40000080)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYBLOB], 0x14}}, 0x4000000)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
getsockopt$auto(r1, 0x9, 0x40, &(0x7f00000000c0)='/dev/ppp\x00', &(0x7f0000000140)=0x401)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x482080, 0x0)
openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000280)='/dev/media1\x00', 0x101802, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x382, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x5, 0x1, 0x4, 0x4, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0xfffffffffffffffc, 0x300]}, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x80000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000180)=""/218, 0xda)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/wireless\x00', 0x400, 0x0)
pread64$auto(r3, &(0x7f0000000080)='\xd5u+~\xa7x\xe0VQ\x1a6\xcf\xce\xfa\xfbN\x19\b\xf64\r\x122i\xd6\x0e\xfa\x96\x9aV:\xe1G\x14\xb2\xd4N\x0e#jX:\xd0\xe4\xa9\xda\xaf\x98\x94G\xa8\xb4\xa7uPc\x1ang\xdb\xb4\xa7\xad\x1b\xcbonh\xd8\x99\x03\x10\xb0\xa5\xfey\xd5F,70\xecG\x8a\fz\x95\x7f\xb0Y{\xdd\xa1\xa3E\x03\xd4\xc67U\x93\n\xfc\xa4\x0e_\xf8\x94\xc3a\x00\xe6\xea4\xa2\x7ft\xeb\x8b$\x16\x0e\xe8j\xcaI\xe0c\x05\x12(\v\xef\xc5Z\xfb\xed\xa3\x01\x001\xa5\x18%\xae/\x1b6\xaa\xf5ysD\xa6\xee\xbf\xc0v\"\x93\x96\"\xcak.\x0e_\xb3\xf7\xac\x9e\xbd/w\xdf\xfc\xe24z\x0f\x8f\b\xbe\xda\xfb\xd0Jj\x97\xfa{\x9d\xfd\xfb\x14\x1f\xb0\xe7\b#\xb9\x01\xf7\xf5\x1c1\xfbNX\xd9\xf0\x97@\xff(\x99\x13M\xadM\b\xf5\xcd\xa3\xe1Q|\r\x18\xd5\xb4\x1c\xa5\xfd\xdf\x98\xd9\xa7\xf3u\xa8ak\xfaHS\xfa\x12\x85\x85\x14\b\x9c\x15\xc10\xb3\xd5.\x13\xc6\xb6\xbak:\xbf\x8f\xcd\x7f\a\xb8\x00\x00\x00', 0x202, 0x7)

524.736534ms ago: executing program 1 (id=4229):
socket(0xa, 0x3, 0xff)
landlock_create_ruleset$auto(&(0x7f0000000300)={0x0, 0x83, 0xffffffffb412899d}, 0x3, 0xb)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
io_submit$auto(0x8, 0x88001, &(0x7f0000000180)=&(0x7f00000000c0)={0x10000, 0x4, 0x2000005, 0x1ff, 0x6, 0xffffffffffffffff, 0x5, 0x2, 0x6, 0x0, 0x421ffd})
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x1003}, 0x4000000000001, 0x0, 0x1, 0x0)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x40080, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0xa477, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/tcp\x00', 0x0, 0x0)
pread64$auto(r1, 0x0, 0x1000, 0xf31)
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0xfffffffffffffffa, 0x7, 0x2eb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
madvise$auto(0x0, 0x2000040080000016, 0xe)
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x80000004, 0x6, 0x4}, 0x8, 0x414, 0x0, 0x2)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
socket(0xa, 0x800, 0x7)
unshare$auto(0x9)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x8841, 0x0)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xc8)
mprotect$auto(0x0, 0x8000000000000004, 0x5)
mount$auto(&(0x7f0000000000)='pimreg\x00', &(0x7f0000000040)='\x00', 0x0, 0x10dfd057, 0x0)
mount$auto(0x0, &(0x7f0000000040)=':,\x00', 0x0, 0xaa6, 0x0)

303.716981ms ago: executing program 0 (id=4230):
connect$auto(0x3, &(0x7f0000000140), 0x55)

0s ago: executing program 0 (id=4231):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x6, 0x0, 0x0, 0x0, 0x2)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x40044620, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000500)={&(0x7f0000000240)=0x80, 0x8, 0x7766})
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
clone$auto(0xfffffffffffffffe, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xfffffffffffffffe)
r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010029"], 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x20000084)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), r1)
sendmsg$auto_TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r3, @ANYBLOB="000228bd7000fddbdf250a000000160206806beeecbef6b26a6e7082421251c6476bef7d5a7134a08554f08a5e5fd0694d288d41c8ebd5456dba5c792dab13c6a7f0d001f652ba9f522781fd8942ccdd838cf9de093fdca84668fb8d53506be47c4cd8bb1ee22440d66a74f3836bcaa5528ddfaea27ceee44b96572309f788d9bce8792ba3a91614a9792f8c3ca075909d7272f677e3461f5707a436f064fca3f1f9a2bdf4def5622959597cb4b2c073b083969a707ceddcc2aeefb1d67a91de8108abe278edf8ca71367b76d741aa6968fafc1b051b4d0ab69db908de30de019be6568c00a4ec47d6229b517905f62bb4667e2d1499a676fbf79062a278614081dea85b6b80c1b06c22ca801d90cee4917b11fcfb879cf222bf4e505a6c909aa7c5ed4f939b1646669c2ff57d1eb662c9caa675b2174e35b60101552f7fe0abf1ec1a3328014de8cf3dbf32c0af93252009531bb0036c8c1296a7bf4e94dbdc8a673e82700dbd5e152d7af0edb8d4baf9e9ab3b93f11baf191e9e12de82e4e112d49dcf412ab655d332f70e4db59a85384de30b1337338dc1539fe52ef523593a6dc5a9eb37d5c45d5fc27886518f8fa00e951df86f4c9a3bf3301419e1f9e8210f2c492b89df74a3661d1a02a3c870f5a5a9c5b32d3bbbf1ce34329e245f907975c8760185a34519d51dfed0b5cfca875e64627d10a7be49503b42b47b85f070a5137e9a3e357de6f19fa05010c4b900bae77395040989090ebea9c01c169a6954807e0000"], 0x22c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
mmap$auto(0x0, 0x409, 0x1, 0x13, 0xfffffffffffffffa, 0x8000)
r4 = getpid()
process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0x501}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1}, 0x3, 0x0)
r5 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x4601, 0x0)
madvise$auto(0x6, 0x1, 0xb)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="010325bd701f3e9757bc4600000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
madvise$auto(0xe, 0xa08, 0x8)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x400c810}, 0x20000041)
bpf$auto(0xfffff001, &(0x7f0000000000)=@bpf_attr_3={0xa330, 0x2, 0x7, 0x3, 0xfffffbff, 0x2, 0x1, 0x4, 0x7, "8108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x8, 0x81, 0xb03, 0x0, 0x3ff, 0x7, @attach_prog_fd, 0x2, 0x630, 0x57d, 0x9, 0x8}, 0xa3)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)

kernel console output (not intermixed with test programs):

					
	
						
	
						
	
				
	

	

	
	
		
		


	

	

	
	
	

	
		
		
		


			

	
	
	

			

	
	
	

			



	

	

	





	

	









		









	

	









		






	

	

	
				

	
				
	
	



	
			

				



				


				
				
				
	

	
		

	


	





				
	
	

	
	
	
	

	
	
	

	
		
				
				
				






				
				
	

	
		
				
				
	
	

	
	
	
	

	
	
	

	
		
				
				
	

		
	


	
	
	

	


		




	
	
	

		




	
	
	

		




	
	
	

		




	
	
	

		




	
	
	

		




	
	
	

		




	
	
	

		





	

		
		

	
	
	
	

		




	
	
	

		










		

	
	

	
	
	
	

	
	
	

	
		

		

		
		

		

		
		
		

	



		

	



				
				

syzkaller
syzkaller login: [  525.640540][T18346] kernel write not supported for file /523/mem (pid: 18346 comm: syz.2.2974)
[  525.827650][T18368] netlink: 'syz.4.2979': attribute type 4 has an invalid length.
[  525.879106][T18368] netlink: 'syz.4.2979': attribute type 32 has an invalid length.
[  525.903200][T18368] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2979'.
[  526.064351][T18374] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2982'.
[  526.651788][T18366] kernel write not supported for file /523/mem (pid: 18366 comm: syz.2.2978)
[  526.902913][T18405] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2990'.
[  526.940589][T18405] �: renamed from bridge_slave_1 (while UP)
[  526.995163][T18405] bridge0: port 2(�) entered disabled state
[  526.996001][T18413] FAULT_INJECTION: forcing a failure.
[  526.996001][T18413] name failslab, interval 1, probability 0, space 0, times 0
[  527.033486][T18413] CPU: 1 UID: 0 PID: 18413 Comm: syz.0.2993 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  527.046412][T18413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  527.058474][T18413] Call Trace:
[  527.062404][T18413]  <TASK>
[  527.065915][T18413]  dump_stack_lvl+0x16c/0x1f0
[  527.071535][T18413]  should_fail_ex+0x497/0x5b0
[  527.077157][T18413]  ? fs_reclaim_acquire+0xae/0x150
[  527.083300][T18413]  should_failslab+0xc2/0x120
[  527.088924][T18413]  __kmalloc_noprof+0xce/0x4f0
[  527.094655][T18413]  ? tomoyo_realpath_from_path+0xbf/0x710
[  527.101527][T18413]  tomoyo_realpath_from_path+0xbf/0x710
[  527.108201][T18413]  ? tomoyo_path_number_perm+0x235/0x5b0
[  527.114972][T18413]  tomoyo_path_number_perm+0x248/0x5b0
[  527.121542][T18413]  ? tomoyo_path_number_perm+0x235/0x5b0
[  527.128318][T18413]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  527.135508][T18413]  ? rcu_is_watching+0x12/0xc0
[  527.141235][T18413]  ? preempt_count_add+0x76/0x150
[  527.147284][T18413]  ? __pfx_lock_release+0x10/0x10
[  527.153317][T18413]  ? trace_lock_acquire+0x14e/0x1f0
[  527.159562][T18413]  ? __fget_files+0x40/0x3a0
[  527.165076][T18413]  ? lock_acquire+0x2f/0xb0
[  527.170483][T18413]  ? __fget_files+0x40/0x3a0
[  527.175996][T18413]  ? __fget_files+0x206/0x3a0
[  527.181620][T18413]  security_file_ioctl+0x9b/0x240
[  527.187650][T18413]  __x64_sys_ioctl+0xb7/0x200
[  527.193262][T18413]  do_syscall_64+0xcd/0x250
[  527.198673][T18413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.205748][T18413] RIP: 0033:0x7f71b4785d29
[  527.211050][T18413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.234891][T18413] RSP: 002b:00007f71b5531038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  527.244989][T18413] RAX: ffffffffffffffda RBX: 00007f71b4975fa0 RCX: 00007f71b4785d29
[  527.254560][T18413] RDX: ffffffffffffffff RSI: 00000000800455d1 RDI: 0000000000000003
[  527.264123][T18413] RBP: 00007f71b5531090 R08: 0000000000000000 R09: 0000000000000000
[  527.273687][T18413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.283253][T18413] R13: 0000000000000000 R14: 00007f71b4975fa0 R15: 00007ffe982ff938
[  527.292825][T18413]  </TASK>
[  527.303726][T18413] ERROR: Out of memory at tomoyo_realpath_from_path.
[  527.331456][T18410] kernel write not supported for file /523/mem (pid: 18410 comm: syz.2.2989)
[  527.451384][T18422] kernel write not supported for file /523/mem (pid: 18422 comm: syz.2.2997)
[  527.557059][T18425] kernel write not supported for file /523/mem (pid: 18425 comm: syz.2.2998)
[  527.758911][T18432] kernel write not supported for file /523/mem (pid: 18432 comm: syz.2.3000)
[  527.803676][T18440] kernel write not supported for file /523/mem (pid: 18440 comm: syz.2.3001)
[  527.943746][T18443] Invalid logical block size (768)
[  528.141659][T18450] FAULT_INJECTION: forcing a failure.
[  528.141659][T18450] name failslab, interval 1, probability 0, space 0, times 0
[  528.157290][T18450] CPU: 1 UID: 0 PID: 18450 Comm: syz.4.3004 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  528.170209][T18450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  528.182255][T18450] Call Trace:
[  528.186172][T18450]  <TASK>
[  528.189669][T18450]  dump_stack_lvl+0x16c/0x1f0
[  528.195272][T18450]  should_fail_ex+0x497/0x5b0
[  528.200871][T18450]  ? fs_reclaim_acquire+0xae/0x150
[  528.206988][T18450]  should_failslab+0xc2/0x120
[  528.212590][T18450]  __kmalloc_noprof+0xce/0x4f0
[  528.218296][T18450]  ? d_absolute_path+0x137/0x1b0
[  528.224208][T18450]  ? tomoyo_encode2+0x100/0x3e0
[  528.230011][T18450]  tomoyo_encode2+0x100/0x3e0
[  528.235607][T18450]  tomoyo_realpath_from_path+0x1a7/0x710
[  528.242350][T18450]  tomoyo_path_number_perm+0x248/0x5b0
[  528.248889][T18450]  ? tomoyo_path_number_perm+0x235/0x5b0
[  528.255639][T18450]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  528.262803][T18450]  ? rcu_is_watching+0x12/0xc0
[  528.268512][T18450]  ? preempt_count_add+0x76/0x150
[  528.274541][T18450]  ? __pfx_lock_release+0x10/0x10
[  528.280550][T18450]  ? trace_lock_acquire+0x14e/0x1f0
[  528.286776][T18450]  ? __fget_files+0x40/0x3a0
[  528.292267][T18450]  ? lock_acquire+0x2f/0xb0
[  528.297662][T18450]  ? __fget_files+0x40/0x3a0
[  528.303168][T18450]  ? __fget_files+0x206/0x3a0
[  528.308770][T18450]  security_file_ioctl+0x9b/0x240
[  528.314784][T18450]  __x64_sys_ioctl+0xb7/0x200
[  528.320376][T18450]  do_syscall_64+0xcd/0x250
[  528.325766][T18450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.332826][T18450] RIP: 0033:0x7fd5b9385d29
[  528.338103][T18450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  528.361611][T18450] RSP: 002b:00007fd5ba141038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  528.371686][T18450] RAX: ffffffffffffffda RBX: 00007fd5b9575fa0 RCX: 00007fd5b9385d29
[  528.381233][T18450] RDX: ffffffffffffffff RSI: 00000000800455d1 RDI: 0000000000000003
[  528.390779][T18450] RBP: 00007fd5ba141090 R08: 0000000000000000 R09: 0000000000000000
[  528.400326][T18450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  528.409872][T18450] R13: 0000000000000000 R14: 00007fd5b9575fa0 R15: 00007ffd900a41b8
[  528.419428][T18450]  </TASK>
[  528.442250][T18450] ERROR: Out of memory at tomoyo_realpath_from_path.
[  528.691624][T18441] kernel write not supported for file /523/mem (pid: 18441 comm: syz.2.3002)
[  528.767992][T18469] ima: policy update failed
[  528.775008][   T29] audit: type=1807 audit(4294967492.184:20): UNKNOWN=0"�]$|�1j�0B|d���ӉO��+��/��x����WӦ��^��gq%Ḧr�O� res=0
[  528.814630][   T29] audit: type=1802 audit(4294967492.184:21): pid=18469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.3008" res=0 errno=0
[  528.835672][    C0] vkms_vblank_simulate: vblank timer overrun
[  528.868375][   T29] audit: type=1802 audit(4294967492.224:22): pid=18469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3008" res=0 errno=0
[  529.059219][T18476] vivid-003: =================  START STATUS  =================
[  529.134102][T18476] vivid-003: Radio HW Seek Mode: Bounded
[  529.164776][T18477] ptrace attach of "./syz-executor exec"[10097] was attempted by "./syz-executor exec"[18477]
[  529.228175][T18476] vivid-003: Radio Programmable HW Seek: false
[  529.235605][T18476] vivid-003: RDS Rx I/O Mode: Block I/O
[  529.278045][T18476] vivid-003: Generate RBDS Instead of RDS: false
[  529.285790][T18476] vivid-003: RDS Reception: true
[  529.327738][T18476] vivid-003: RDS Program Type: 0 inactive
[  529.349705][T18476] vivid-003: RDS PS Name:  inactive
[  529.356029][T18476] vivid-003: RDS Radio Text:  inactive
[  529.387090][T18476] vivid-003: RDS Traffic Announcement: false inactive
[  529.417576][T18476] vivid-003: RDS Traffic Program: false inactive
[  529.425279][T18476] vivid-003: RDS Music: false inactive
[  529.444030][T18476] vivid-003: ==================  END STATUS  ==================
[  529.483139][T18484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3009'.
[  529.511748][T18496] FAULT_INJECTION: forcing a failure.
[  529.511748][T18496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  529.551340][T18496] CPU: 0 UID: 0 PID: 18496 Comm: syz.2.3014 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  529.564272][T18496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  529.576335][T18496] Call Trace:
[  529.580267][T18496]  <TASK>
[  529.583781][T18496]  dump_stack_lvl+0x16c/0x1f0
[  529.589411][T18496]  should_fail_ex+0x497/0x5b0
[  529.595043][T18496]  _copy_to_user+0x32/0xd0
[  529.600357][T18496]  simple_read_from_buffer+0xd0/0x160
[  529.606816][T18496]  proc_fail_nth_read+0x198/0x270
[  529.612862][T18496]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  529.619532][T18496]  ? bpf_lsm_file_permission+0x9/0x10
[  529.625991][T18496]  ? security_file_permission+0x71/0x210
[  529.632762][T18496]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  529.639424][T18496]  vfs_read+0x1df/0xbe0
[  529.644421][T18496]  ? __fget_files+0x1fc/0x3a0
[  529.650045][T18496]  ? __pfx___mutex_lock+0x10/0x10
[  529.656084][T18496]  ? __pfx_vfs_read+0x10/0x10
[  529.661702][T18496]  ? __fget_files+0x206/0x3a0
[  529.667324][T18496]  ksys_read+0x12b/0x250
[  529.672420][T18496]  ? __pfx_ksys_read+0x10/0x10
[  529.678143][T18496]  ? rcu_is_watching+0x12/0xc0
[  529.683866][T18496]  ? rcu_is_watching+0x12/0xc0
[  529.689592][T18496]  do_syscall_64+0xcd/0x250
[  529.695011][T18496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.702090][T18496] RIP: 0033:0x7fc2a4b8473c
[  529.707385][T18496] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  529.730912][T18496] RSP: 002b:00007fc2a58fc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  529.741015][T18496] RAX: ffffffffffffffda RBX: 00007fc2a4d75fa0 RCX: 00007fc2a4b8473c
[  529.750578][T18496] RDX: 000000000000000f RSI: 00007fc2a58fc0a0 RDI: 0000000000000004
[  529.760141][T18496] RBP: 00007fc2a58fc090 R08: 0000000000000000 R09: 0000000000000000
[  529.769709][T18496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  529.779271][T18496] R13: 0000000000000000 R14: 00007fc2a4d75fa0 R15: 00007ffd7d5d9218
[  529.788843][T18496]  </TASK>
[  529.792536][    C0] vkms_vblank_simulate: vblank timer overrun
[  529.856131][T18496] warn_unsupported: 4 callbacks suppressed
[  529.856148][T18496] kernel write not supported for file /523/mem (pid: 18496 comm: syz.2.3014)
[  529.896187][T18502] Process accounting resumed
[  529.990660][T18507] netlink: 'syz.2.3018': attribute type 4 has an invalid length.
[  530.000475][T18507] netlink: 'syz.2.3018': attribute type 32 has an invalid length.
[  530.010193][T18507] netlink: 46 bytes leftover after parsing attributes in process `syz.2.3018'.
[  530.057026][T18507] kernel write not supported for file /523/mem (pid: 18507 comm: syz.2.3018)
[  530.201019][T18510] Invalid logical block size (768)
[  530.286172][T18514] kernel write not supported for file /523/mem (pid: 18514 comm: syz.2.3019)
[  530.463946][T18517] hugetlbfs: syz.2.3021 (18517): Using mlock ulimits for SHM_HUGETLB is obsolete
[  530.500123][T18517] kernel write not supported for file /523/mem (pid: 18517 comm: syz.2.3021)
[  530.825264][T18522] kernel write not supported for file /523/mem (pid: 18522 comm: syz.2.3022)
[  531.223672][T18534] FAULT_INJECTION: forcing a failure.
[  531.223672][T18534] name failslab, interval 1, probability 0, space 0, times 0
[  531.244170][T18545] netlink: 'syz.0.3028': attribute type 4 has an invalid length.
[  531.269205][T18545] netlink: 'syz.0.3028': attribute type 32 has an invalid length.
[  531.278730][T18534] CPU: 1 UID: 0 PID: 18534 Comm: syz.4.3026 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  531.291651][T18534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  531.303718][T18534] Call Trace:
[  531.307656][T18534]  <TASK>
[  531.311176][T18534]  dump_stack_lvl+0x16c/0x1f0
[  531.317124][T18534]  should_fail_ex+0x497/0x5b0
[  531.322760][T18534]  ? fs_reclaim_acquire+0xae/0x150
[  531.328911][T18534]  should_failslab+0xc2/0x120
[  531.334542][T18534]  kmem_cache_alloc_lru_noprof+0x73/0x3b0
[  531.341430][T18534]  ? d_alloc+0x17b/0x1e0
[  531.346543][T18534]  ? alloc_inode+0xbf/0x230
[  531.351980][T18534]  alloc_inode+0xbf/0x230
[  531.357197][T18534]  new_inode+0x22/0x210
[  531.362203][T18534]  simple_fill_super+0x306/0x720
[  531.368291][T18534]  ? __pfx_nfsd_fill_super+0x10/0x10
[  531.374661][T18534]  nfsd_fill_super+0x90/0x530
[  531.380295][T18534]  ? __pfx_set_anon_super_fc+0x10/0x10
[  531.386864][T18534]  ? __pfx_nfsd_fill_super+0x10/0x10
[  531.393240][T18534]  get_tree_keyed+0x10b/0x1d0
[  531.398871][T18534]  vfs_get_tree+0x8f/0x380
[  531.404184][T18534]  path_mount+0x6e1/0x1f00
[  531.409506][T18534]  ? kmem_cache_free+0x152/0x4c0
[  531.415447][T18534]  ? __pfx_path_mount+0x10/0x10
[  531.421288][T18534]  ? putname+0x13c/0x180
[  531.426400][T18534]  __x64_sys_mount+0x294/0x320
[  531.432135][T18534]  ? __pfx___x64_sys_mount+0x10/0x10
[  531.438499][T18534]  ? rcu_is_watching+0x12/0xc0
[  531.444232][T18534]  ? rcu_is_watching+0x12/0xc0
[  531.449965][T18534]  do_syscall_64+0xcd/0x250
[  531.455385][T18534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.462474][T18534] RIP: 0033:0x7fd5b9385d29
[  531.467774][T18534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.491317][T18534] RSP: 002b:00007fd5ba141038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  531.501419][T18534] RAX: ffffffffffffffda RBX: 00007fd5b9575fa0 RCX: 00007fd5b9385d29
[  531.510990][T18534] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000000000000
[  531.520558][T18534] RBP: 00007fd5b9401b08 R08: 0000000000000000 R09: 0000000000000000
[  531.530120][T18534] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  531.539686][T18534] R13: 0000000000000000 R14: 00007fd5b9575fa0 R15: 00007ffd900a41b8
[  531.549261][T18534]  </TASK>
[  531.553556][T18545] netlink: 46 bytes leftover after parsing attributes in process `syz.0.3028'.
[  531.801628][T18567] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3031'.
[  531.973604][T18537] kernel write not supported for file /523/mem (pid: 18537 comm: syz.2.3027)
[  532.133088][T18562] device-mapper: ioctl: only supply one of name or uuid, cmd(5)
[  532.150349][T18574] kernel write not supported for file /523/mem (pid: 18574 comm: syz.2.3032)
[  532.211011][T18570] kernel write not supported for file /523/mem (pid: 18570 comm: syz.2.3032)
[  532.354293][T18577] kernel write not supported for file /523/mem (pid: 18577 comm: syz.2.3033)
[  532.529546][T18585] Invalid logical block size (768)
[  532.988262][T18605] netlink: 'syz.4.3038': attribute type 4 has an invalid length.
[  533.019676][T18605] netlink: 'syz.4.3038': attribute type 32 has an invalid length.
[  533.029070][T18605] netlink: 46 bytes leftover after parsing attributes in process `syz.4.3038'.
[  533.279355][T18594] kernel write not supported for file /523/mem (pid: 18594 comm: syz.2.3034)
[  533.283598][T18619] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3040'.
[  534.454084][T18654] netlink: 'syz.2.3048': attribute type 4 has an invalid length.
[  534.480371][T18654] netlink: 'syz.2.3048': attribute type 32 has an invalid length.
[  534.499829][T18654] netlink: 46 bytes leftover after parsing attributes in process `syz.2.3048'.
[  534.515128][T18548] binder: 18528:18548 ioctl c018620c 9 returned -1
[  534.586904][T18548] Invalid ELF header magic: != ELF
[  534.863418][T18667] Invalid logical block size (768)
[  535.061426][T18665] warn_unsupported: 6 callbacks suppressed
[  535.061446][T18665] kernel write not supported for file /523/mem (pid: 18665 comm: syz.2.3049)
[  535.164424][T18691] base_sock_release(ffff888060d27200) sk=ffff888063636000
[  535.246350][T18690] kernel write not supported for file /523/mem (pid: 18690 comm: syz.2.3052)
[  535.751543][T18701] kernel write not supported for file /523/mem (pid: 18701 comm: syz.2.3055)
[  535.803083][T18701] Process accounting resumed
[  535.942320][T18727] program syz.4.3057 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  536.101302][T18730] program syz.4.3057 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  536.172518][T18743] netlink: 'syz.1.3058': attribute type 4 has an invalid length.
[  536.212091][T18743] netlink: 'syz.1.3058': attribute type 32 has an invalid length.
[  536.244919][T18743] netlink: 46 bytes leftover after parsing attributes in process `syz.1.3058'.
[  536.591391][T18756] Invalid logical block size (768)
[  536.810702][T18772] sp0: Synchronizing with TNC
[  539.009908][T18829] netlink: 'syz.4.3071': attribute type 4 has an invalid length.
[  539.062598][T18829] netlink: 'syz.4.3071': attribute type 32 has an invalid length.
[  539.071991][T18829] netlink: 46 bytes leftover after parsing attributes in process `syz.4.3071'.
[  540.714287][T18849] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(5)
[  541.105158][T18859] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3080'.
[  541.154006][T18861] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3080'.
[  541.404631][T18868] netlink: 'syz.2.3081': attribute type 4 has an invalid length.
[  541.433824][T18868] netlink: 'syz.2.3081': attribute type 32 has an invalid length.
[  541.467954][T18868] netlink: 46 bytes leftover after parsing attributes in process `syz.2.3081'.
[  541.685914][T18880] sp0: Synchronizing with TNC
[  541.950376][T18886] Invalid ELF header magic: != ELF
[  542.773427][T18903] can0: slcan on ptm0.
[  542.979297][T18909] Invalid ELF header magic: != ELF
[  543.260353][T18927] netlink: 'syz.2.3092': attribute type 4 has an invalid length.
[  543.444186][T18932] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3094'.
[  543.478899][T18906] can0 (unregistered): slcan off ptm0.
[  543.926861][T18961] sp0: Synchronizing with TNC
[  544.373342][T18949] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3090'.
[  544.466919][T18949] geneve1: entered allmulticast mode
[  546.299380][T19005] sp0: Synchronizing with TNC
[  546.914295][T19024] netlink: 'syz.2.3114': attribute type 4 has an invalid length.
[  546.941870][T19024] netlink: 'syz.2.3114': attribute type 32 has an invalid length.
[  546.968157][T19024] netlink: 46 bytes leftover after parsing attributes in process `syz.2.3114'.
[  547.091183][T19032] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3116'.
[  547.551981][T19037] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  547.619503][T19011] lo: entered allmulticast mode
[  547.634191][T19037] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  548.339507][T19011] lo: left allmulticast mode
[  548.491718][T19056] sp0: Synchronizing with TNC
[  548.842365][T19062] netlink: 'syz.2.3126': attribute type 4 has an invalid length.
[  548.861107][T19064] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3125'.
[  548.874081][T19062] netlink: 'syz.2.3126': attribute type 32 has an invalid length.
[  548.907543][T19062] netlink: 46 bytes leftover after parsing attributes in process `syz.2.3126'.
[  549.270565][T19076] Invalid logical block size (768)
[  549.867297][T19090] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  550.057122][T19110] netlink: 'syz.2.3138': attribute type 4 has an invalid length.
[  550.098139][T19110] netlink: 'syz.2.3138': attribute type 32 has an invalid length.
[  550.128158][T19110] netlink: 46 bytes leftover after parsing attributes in process `syz.2.3138'.
[  551.316442][T19151] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3149'.
[  551.368998][T19151] �: renamed from bridge_slave_1 (while UP)
[  551.384971][T19151] bridge0: port 2(�) entered disabled state
[  551.531634][T19160] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3152'.
[  551.575119][ T5847] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  552.034896][T19177] can: request_module (can-proto-5) failed.
[  553.056949][T19209] sp0: Synchronizing with TNC
[  553.098576][T19211] FAULT_INJECTION: forcing a failure.
[  553.098576][T19211] name failslab, interval 1, probability 0, space 0, times 0
[  553.119530][T19211] CPU: 0 UID: 0 PID: 19211 Comm: syz.0.3166 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  553.132468][T19211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  553.144537][T19211] Call Trace:
[  553.148473][T19211]  <TASK>
[  553.151995][T19211]  dump_stack_lvl+0x16c/0x1f0
[  553.157631][T19211]  should_fail_ex+0x497/0x5b0
[  553.163264][T19211]  ? fs_reclaim_acquire+0xae/0x150
[  553.169413][T19211]  should_failslab+0xc2/0x120
[  553.175046][T19211]  __kmalloc_noprof+0xce/0x4f0
[  553.180782][T19211]  ? tomoyo_realpath_from_path+0xbf/0x710
[  553.187662][T19211]  tomoyo_realpath_from_path+0xbf/0x710
[  553.194337][T19211]  ? tomoyo_path_number_perm+0x235/0x5b0
[  553.201118][T19211]  tomoyo_path_number_perm+0x248/0x5b0
[  553.207688][T19211]  ? tomoyo_path_number_perm+0x235/0x5b0
[  553.214472][T19211]  ? do_raw_spin_unlock+0x174/0x230
[  553.220732][T19211]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  553.227939][T19211]  ? kmem_cache_free+0x152/0x4c0
[  553.233890][T19211]  ? __x64_sys_futex+0x1e1/0x4c0
[  553.239835][T19211]  ? __x64_sys_futex+0x1ea/0x4c0
[  553.245779][T19211]  ? xfd_validate_state+0x5d/0x180
[  553.251921][T19211]  security_file_ioctl+0x9b/0x240
[  553.257961][T19211]  __x64_sys_ioctl+0xb7/0x200
[  553.263583][T19211]  do_syscall_64+0xcd/0x250
[  553.269004][T19211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.276089][T19211] RIP: 0033:0x7f71b4785d29
[  553.281377][T19211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.304901][T19211] RSP: 002b:00007f71b5531038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  553.314990][T19211] RAX: ffffffffffffffda RBX: 00007f71b4975fa0 RCX: 00007f71b4785d29
[  553.324546][T19211] RDX: 0000000000000008 RSI: 0000000040104d14 RDI: 0000000000000005
[  553.334097][T19211] RBP: 00007f71b4801b08 R08: 0000000000000000 R09: 0000000000000000
[  553.343648][T19211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  553.353197][T19211] R13: 0000000000000000 R14: 00007f71b4975fa0 R15: 00007ffe982ff938
[  553.362752][T19211]  </TASK>

syzkaller
syzkaller login: [  553.448759][T19211] ERROR: Out of memory at tomoyo_realpath_from_path.
[  553.765688][T19225] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  554.420106][T19247] base_sock_release(ffff88807ea44200) sk=ffff88807d9b4000
[  554.979279][T19223] kexec: Could not allocate control_code_buffer
[  555.097410][T19260] sp0: Synchronizing with TNC
[  555.234277][T19253] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3178'.
[  555.274961][T19266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3182'.
[  555.507401][T19271] program syz.0.3183 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  555.539475][T19271] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  556.220180][T19285] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3185'.
[  556.220881][T19286] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3185'.
[  556.621831][T19263] base_sock_release(ffff88807e99bc00) sk=ffff88807d8bc000
[  557.021840][T19309] Invalid logical block size (768)
[  557.329957][T19320] HfR: entered promiscuous mode
[  557.823985][T19348] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[  558.242205][T19360] Invalid logical block size (768)
[  561.074670][T19447] Invalid logical block size (768)
[  561.444630][T19450] Invalid logical block size (768)
[  562.242330][T19473] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  563.250596][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  563.260166][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  563.847272][T19494] Invalid logical block size (768)
[  564.461288][T19478] binder: 19469:19478 ioctl c018620c 9 returned -22
[  564.484213][T19478] Invalid ELF header magic: != ELF
[  564.776334][T19525] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3236'.
[  565.584104][T19544] base_sock_release(ffff88807eab1e00) sk=ffff888031085000
[  566.372107][T19573] Invalid ELF header magic: != ELF
[  566.768770][   T29] audit: type=1800 audit(8277292062.206:23): pid=19588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3251" name="discovery_nqn" dev="configfs" ino=72867 res=0 errno=0
[  566.980262][T19580] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3246'.
[  567.035678][T19580] geneve1: entered allmulticast mode
[  567.046704][T19607] Invalid logical block size (768)
[  567.197068][T19613] Invalid logical block size (768)
[  568.081002][T19668] Invalid logical block size (768)
[  568.094589][T19664] futex_wake_op: syz.0.3268 tries to shift op by 64; fix this program
[  568.378137][T19681] MTRR 1 not used
[  568.435418][T19683] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3274'.
[  568.535746][T19680] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3274'.
[  569.457912][T19736] Invalid logical block size (768)
[  569.872462][T19748] netlink: 130 bytes leftover after parsing attributes in process `syz.2.3287'.
[  569.951298][T19757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3289'.
[  569.972319][T19757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3289'.
[  570.897919][T19792] program syz.1.3298 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  570.928792][T19792] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  571.329490][T19816] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3303'.
[  571.629960][T19835] can: request_module (can-proto-0) failed.
[  572.859566][T19873] Invalid logical block size (768)
[  573.123339][T19878] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3313'.
[  573.183345][T19878] �: renamed from bridge_slave_1 (while UP)
[  573.243369][T19878] bridge0: port 2(�) entered disabled state
[  573.414015][T19888] Invalid ELF header magic: != ELF
[  574.189944][T19911] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3322'.
[  574.810831][T19929] Invalid logical block size (768)
[  575.145858][T19944] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3332'.
[  575.250291][T19949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3333'.
[  575.844866][T19953] ucma_write: process 974 (syz.1.3331) changed security contexts after opening file descriptor, this is not allowed.
[  576.642997][T20001] FAULT_INJECTION: forcing a failure.
[  576.642997][T20001] name failslab, interval 1, probability 0, space 0, times 0
[  576.685769][T20001] CPU: 1 UID: 0 PID: 20001 Comm: syz.1.3344 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  576.698711][T20001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  576.710781][T20001] Call Trace:
[  576.714720][T20001]  <TASK>
[  576.718243][T20001]  dump_stack_lvl+0x16c/0x1f0
[  576.723879][T20001]  should_fail_ex+0x497/0x5b0
[  576.729512][T20001]  ? fs_reclaim_acquire+0xae/0x150
[  576.735667][T20001]  should_failslab+0xc2/0x120
[  576.741306][T20001]  __kmalloc_noprof+0xce/0x4f0
[  576.747040][T20001]  ? __pfx_d_absolute_path+0x10/0x10
[  576.753415][T20001]  ? tomoyo_encode2+0x100/0x3e0
[  576.759261][T20001]  tomoyo_encode2+0x100/0x3e0
[  576.764891][T20001]  ? rcu_is_watching+0x12/0xc0
[  576.770634][T20001]  tomoyo_realpath_from_path+0x1a7/0x710
[  576.777418][T20001]  tomoyo_check_open_permission+0x2ad/0x3c0
[  576.784511][T20001]  ? init_file+0x93/0x480
[  576.789726][T20001]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  576.797431][T20001]  ? do_sys_openat2+0x17a/0x1e0
[  576.803283][T20001]  ? trace_lock_acquire+0x14e/0x1f0
[  576.809540][T20001]  ? nd_jump_root+0x3d5/0x580
[  576.815172][T20001]  ? __pfx_hook_file_open+0x10/0x10
[  576.821431][T20001]  ? lock_acquire+0x2f/0xb0
[  576.826853][T20001]  tomoyo_file_open+0x6b/0x90
[  576.832487][T20001]  security_file_open+0x84/0x1e0
[  576.838437][T20001]  do_dentry_open+0x57e/0x1ea0
[  576.844173][T20001]  ? inode_permission+0xdd/0x5f0
[  576.850126][T20001]  vfs_open+0x82/0x3f0
[  576.855031][T20001]  ? may_open+0x1f2/0x400
[  576.860234][T20001]  path_openat+0x1e6a/0x2d60
[  576.865763][T20001]  ? __pfx_path_openat+0x10/0x10
[  576.871708][T20001]  do_filp_open+0x20c/0x470
[  576.877127][T20001]  ? __pfx_do_filp_open+0x10/0x10
[  576.883181][T20001]  ? alloc_fd+0x41f/0x760
[  576.888396][T20001]  do_sys_openat2+0x17a/0x1e0
[  576.894037][T20001]  ? __pfx_do_sys_openat2+0x10/0x10
[  576.900307][T20001]  __x64_sys_openat+0x175/0x210
[  576.906151][T20001]  ? __pfx___x64_sys_openat+0x10/0x10
[  576.912613][T20001]  ? rcu_is_watching+0x12/0xc0
[  576.918337][T20001]  ? rcu_is_watching+0x12/0xc0
[  576.924064][T20001]  do_syscall_64+0xcd/0x250
[  576.929482][T20001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.936568][T20001] RIP: 0033:0x7f37bb185d29
[  576.941868][T20001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.965398][T20001] RSP: 002b:00007f37bbee4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  576.975506][T20001] RAX: ffffffffffffffda RBX: 00007f37bb375fa0 RCX: 00007f37bb185d29
[  576.985075][T20001] RDX: 0000000000028082 RSI: 0000000020000400 RDI: ffffffffffffff9c
[  576.994641][T20001] RBP: 00007f37bb201b08 R08: 0000000000000000 R09: 0000000000000000
[  577.004208][T20001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  577.013775][T20001] R13: 0000000000000000 R14: 00007f37bb375fa0 R15: 00007ffcbbc01548
[  577.023348][T20001]  </TASK>
[  577.092588][T20001] ERROR: Out of memory at tomoyo_realpath_from_path.
[  577.543531][T20019] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3346'.
[  577.741616][   T29] audit: type=1800 audit(8277292073.160:24): pid=20025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3349" name="features" dev="configfs" ino=75157 res=0 errno=0
[  578.926608][T20069] : Can't lookup blockdev
[  579.005399][T20066] Process accounting resumed
[  579.074019][T20073] FAULT_INJECTION: forcing a failure.
[  579.074019][T20073] name failslab, interval 1, probability 0, space 0, times 0
[  579.089939][T20073] CPU: 0 UID: 0 PID: 20073 Comm: syz.0.3363 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  579.102876][T20073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  579.114945][T20073] Call Trace:
[  579.118879][T20073]  <TASK>
[  579.122394][T20073]  dump_stack_lvl+0x16c/0x1f0
[  579.128024][T20073]  should_fail_ex+0x497/0x5b0
[  579.133645][T20073]  ? fs_reclaim_acquire+0xae/0x150
[  579.139789][T20073]  should_failslab+0xc2/0x120
[  579.145416][T20073]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  579.152397][T20073]  ? __alloc_skb+0x2b3/0x380
[  579.157917][T20073]  __alloc_skb+0x2b3/0x380
[  579.163227][T20073]  ? __pfx___alloc_skb+0x10/0x10
[  579.169166][T20073]  ? lock_acquire+0x2f/0xb0
[  579.174573][T20073]  netlink_alloc_large_skb+0x69/0x130
[  579.181033][T20073]  netlink_sendmsg+0x689/0xd70
[  579.186754][T20073]  ? __pfx_netlink_sendmsg+0x10/0x10
[  579.193104][T20073]  ____sys_sendmsg+0x9ae/0xb40
[  579.198827][T20073]  ? copy_msghdr_from_user+0x10b/0x160
[  579.205392][T20073]  ? __pfx_____sys_sendmsg+0x10/0x10
[  579.211742][T20073]  ? rcu_is_watching+0x12/0xc0
[  579.217468][T20073]  ? lock_release+0x4e2/0x6f0
[  579.223081][T20073]  ? get_pid_task+0xfc/0x250
[  579.228600][T20073]  ___sys_sendmsg+0x135/0x1e0
[  579.234226][T20073]  ? get_pid_task+0x35/0x250
[  579.239744][T20073]  ? __pfx____sys_sendmsg+0x10/0x10
[  579.245993][T20073]  ? lock_release+0x4e2/0x6f0
[  579.251623][T20073]  ? __pfx_lock_release+0x10/0x10
[  579.257653][T20073]  ? trace_lock_acquire+0x14e/0x1f0
[  579.263905][T20073]  ? __fget_files+0x206/0x3a0
[  579.269528][T20073]  __sys_sendmsg+0x16e/0x220
[  579.275052][T20073]  ? __pfx___sys_sendmsg+0x10/0x10
[  579.281204][T20073]  ? rcu_is_watching+0x12/0xc0
[  579.286926][T20073]  ? rcu_is_watching+0x12/0xc0
[  579.292653][T20073]  do_syscall_64+0xcd/0x250
[  579.298071][T20073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.305155][T20073] RIP: 0033:0x7f71b4785d29
[  579.310452][T20073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.333983][T20073] RSP: 002b:00007f71b5531038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  579.344090][T20073] RAX: ffffffffffffffda RBX: 00007f71b4975fa0 RCX: 00007f71b4785d29
[  579.353657][T20073] RDX: 0000000004000000 RSI: 0000000020000180 RDI: 0000000000000003
[  579.363222][T20073] RBP: 00007f71b5531090 R08: 0000000000000000 R09: 0000000000000000
[  579.372788][T20073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  579.382354][T20073] R13: 0000000000000000 R14: 00007f71b4975fa0 R15: 00007ffe982ff938
[  579.391927][T20073]  </TASK>
[  579.395636][    C0] vkms_vblank_simulate: vblank timer overrun
[  579.888581][T20098] Process accounting resumed
[  580.434797][T20114] netlink: set zone limit has 4 unknown bytes
[  580.815611][T20142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3379'.
[  580.971101][T20145] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3381'.
[  581.102241][T20155] FAULT_INJECTION: forcing a failure.
[  581.102241][T20155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.138381][T20155] CPU: 0 UID: 0 PID: 20155 Comm: syz.1.3383 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  581.151322][T20155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  581.163388][T20155] Call Trace:
[  581.167318][T20155]  <TASK>
[  581.170832][T20155]  dump_stack_lvl+0x16c/0x1f0
[  581.176457][T20155]  should_fail_ex+0x497/0x5b0
[  581.182079][T20155]  _copy_from_iter+0x29b/0x1400
[  581.187918][T20155]  ? trace_lock_acquire+0x14e/0x1f0
[  581.194168][T20155]  ? __alloc_skb+0x200/0x380
[  581.199688][T20155]  ? __virt_addr_valid+0x1a4/0x590
[  581.205833][T20155]  ? __pfx__copy_from_iter+0x10/0x10
[  581.212184][T20155]  ? __virt_addr_valid+0x1a4/0x590
[  581.218329][T20155]  ? __virt_addr_valid+0x5e/0x590
[  581.224369][T20155]  ? __phys_addr_symbol+0x30/0x80
[  581.230405][T20155]  ? __check_object_size+0x488/0x710
[  581.236762][T20155]  netlink_sendmsg+0x813/0xd70
[  581.242489][T20155]  ? __pfx_netlink_sendmsg+0x10/0x10
[  581.248840][T20155]  ____sys_sendmsg+0x9ae/0xb40
[  581.254559][T20155]  ? copy_msghdr_from_user+0x10b/0x160
[  581.261125][T20155]  ? __pfx_____sys_sendmsg+0x10/0x10
[  581.267473][T20155]  ? rcu_is_watching+0x12/0xc0
[  581.273199][T20155]  ? lock_release+0x4e2/0x6f0
[  581.278810][T20155]  ? get_pid_task+0xfc/0x250
[  581.284334][T20155]  ___sys_sendmsg+0x135/0x1e0
[  581.289960][T20155]  ? get_pid_task+0x35/0x250
[  581.295480][T20155]  ? __pfx____sys_sendmsg+0x10/0x10
[  581.301730][T20155]  ? lock_release+0x4e2/0x6f0
[  581.307356][T20155]  ? __pfx_lock_release+0x10/0x10
[  581.313386][T20155]  ? trace_lock_acquire+0x14e/0x1f0
[  581.319635][T20155]  ? __fget_files+0x206/0x3a0
[  581.325258][T20155]  __sys_sendmsg+0x16e/0x220
[  581.330787][T20155]  ? __pfx___sys_sendmsg+0x10/0x10
[  581.336937][T20155]  ? rcu_is_watching+0x12/0xc0
[  581.342661][T20155]  ? rcu_is_watching+0x12/0xc0
[  581.348385][T20155]  do_syscall_64+0xcd/0x250
[  581.353798][T20155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.360880][T20155] RIP: 0033:0x7f37bb185d29
[  581.366179][T20155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  581.389706][T20155] RSP: 002b:00007f37bbee4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  581.399817][T20155] RAX: ffffffffffffffda RBX: 00007f37bb375fa0 RCX: 00007f37bb185d29
[  581.409384][T20155] RDX: 0000000004000000 RSI: 0000000020000180 RDI: 0000000000000003
[  581.418948][T20155] RBP: 00007f37bbee4090 R08: 0000000000000000 R09: 0000000000000000
[  581.428519][T20155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  581.438085][T20155] R13: 0000000000000000 R14: 00007f37bb375fa0 R15: 00007ffcbbc01548
[  581.447660][T20155]  </TASK>
[  581.451293][    C0] vkms_vblank_simulate: vblank timer overrun
[  581.574206][T20163] Invalid logical block size (768)
[  581.754006][T20173] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3389'.
[  582.019735][T20177] syz.2.3388 (20177): /proc/20169/oom_adj is deprecated, please use /proc/20169/oom_score_adj instead.
[  582.480451][T20206] FAULT_INJECTION: forcing a failure.
[  582.480451][T20206] name failslab, interval 1, probability 0, space 0, times 0
[  582.528655][T20206] CPU: 1 UID: 0 PID: 20206 Comm: syz.4.3395 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  582.541593][T20206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  582.553659][T20206] Call Trace:
[  582.557594][T20206]  <TASK>
[  582.561107][T20206]  dump_stack_lvl+0x16c/0x1f0
[  582.566733][T20206]  should_fail_ex+0x497/0x5b0
[  582.572362][T20206]  should_failslab+0xc2/0x120
[  582.577991][T20206]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  582.584455][T20206]  ? skb_clone+0x190/0x3f0
[  582.589770][T20206]  skb_clone+0x190/0x3f0
[  582.594884][T20206]  netlink_deliver_tap+0xafd/0xca0
[  582.601026][T20206]  netlink_unicast+0x5e1/0x7f0
[  582.606752][T20206]  ? __pfx_netlink_unicast+0x10/0x10
[  582.613100][T20206]  ? __phys_addr_symbol+0x30/0x80
[  582.619138][T20206]  ? __check_object_size+0x488/0x710
[  582.625493][T20206]  netlink_sendmsg+0x8b8/0xd70
[  582.631218][T20206]  ? __pfx_netlink_sendmsg+0x10/0x10
[  582.637571][T20206]  ____sys_sendmsg+0x9ae/0xb40
[  582.643293][T20206]  ? copy_msghdr_from_user+0x10b/0x160
[  582.649859][T20206]  ? __pfx_____sys_sendmsg+0x10/0x10
[  582.656215][T20206]  ? rcu_is_watching+0x12/0xc0
[  582.661944][T20206]  ? lock_release+0x4e2/0x6f0
[  582.667560][T20206]  ? get_pid_task+0xfc/0x250
[  582.673078][T20206]  ___sys_sendmsg+0x135/0x1e0
[  582.678701][T20206]  ? get_pid_task+0x35/0x250
[  582.684223][T20206]  ? __pfx____sys_sendmsg+0x10/0x10
[  582.690473][T20206]  ? lock_release+0x4e2/0x6f0
[  582.696092][T20206]  ? __pfx_lock_release+0x10/0x10
[  582.702123][T20206]  ? trace_lock_acquire+0x14e/0x1f0
[  582.708374][T20206]  ? __fget_files+0x206/0x3a0
[  582.713998][T20206]  __sys_sendmsg+0x16e/0x220
[  582.719555][T20206]  ? __pfx___sys_sendmsg+0x10/0x10
[  582.725709][T20206]  ? rcu_is_watching+0x12/0xc0
[  582.731436][T20206]  ? rcu_is_watching+0x12/0xc0
[  582.737164][T20206]  do_syscall_64+0xcd/0x250
[  582.742580][T20206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.749663][T20206] RIP: 0033:0x7fd5b9385d29
[  582.754961][T20206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  582.778491][T20206] RSP: 002b:00007fd5ba141038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  582.788586][T20206] RAX: ffffffffffffffda RBX: 00007fd5b9575fa0 RCX: 00007fd5b9385d29
[  582.798151][T20206] RDX: 0000000004000000 RSI: 0000000020000180 RDI: 0000000000000003
[  582.807715][T20206] RBP: 00007fd5ba141090 R08: 0000000000000000 R09: 0000000000000000
[  582.817278][T20206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  582.826843][T20206] R13: 0000000000000000 R14: 00007fd5b9575fa0 R15: 00007ffd900a41b8
[  582.836421][T20206]  </TASK>
[  582.844493][T20203] FAULT_INJECTION: forcing a failure.
[  582.844493][T20203] name failslab, interval 1, probability 0, space 0, times 0
[  582.885107][T20203] CPU: 1 UID: 0 PID: 20203 Comm: syz.1.3394 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  582.898039][T20203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  582.910109][T20203] Call Trace:
[  582.914042][T20203]  <TASK>
[  582.917563][T20203]  dump_stack_lvl+0x16c/0x1f0
[  582.923195][T20203]  should_fail_ex+0x497/0x5b0
[  582.928823][T20203]  ? fs_reclaim_acquire+0xae/0x150
[  582.934981][T20203]  should_failslab+0xc2/0x120
[  582.940614][T20203]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  582.947084][T20203]  ? security_file_alloc+0x34/0x2b0
[  582.953339][T20203]  security_file_alloc+0x34/0x2b0
[  582.959384][T20203]  init_file+0x93/0x480
[  582.964390][T20203]  alloc_empty_file+0x91/0x1e0
[  582.970129][T20203]  path_openat+0xe1/0x2d60
[  582.975442][T20203]  ? __x64_sys_openat+0x175/0x210
[  582.981490][T20203]  ? do_syscall_64+0xcd/0x250
[  582.987115][T20203]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.994420][T20203]  ? __pfx_path_openat+0x10/0x10
[  583.000366][T20203]  do_filp_open+0x20c/0x470
[  583.005785][T20203]  ? __pfx_do_filp_open+0x10/0x10
[  583.011852][T20203]  ? alloc_fd+0x41f/0x760
[  583.017068][T20203]  do_sys_openat2+0x17a/0x1e0
[  583.022704][T20203]  ? __pfx_do_sys_openat2+0x10/0x10
[  583.028971][T20203]  __x64_sys_openat+0x175/0x210
[  583.034812][T20203]  ? __pfx___x64_sys_openat+0x10/0x10
[  583.041291][T20203]  ? rcu_is_watching+0x12/0xc0
[  583.047024][T20203]  ? rcu_is_watching+0x12/0xc0
[  583.052760][T20203]  do_syscall_64+0xcd/0x250
[  583.058191][T20203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.065284][T20203] RIP: 0033:0x7f37bb185d29
[  583.070585][T20203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.094122][T20203] RSP: 002b:00007f37bbee4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  583.104223][T20203] RAX: ffffffffffffffda RBX: 00007f37bb375fa0 RCX: 00007f37bb185d29
[  583.113795][T20203] RDX: 0000000000000200 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  583.123371][T20203] RBP: 00007f37bb201b08 R08: 0000000000000000 R09: 0000000000000000
[  583.132939][T20203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  583.142510][T20203] R13: 0000000000000000 R14: 00007f37bb375fa0 R15: 00007ffcbbc01548
[  583.152083][T20203]  </TASK>
[  583.369414][T20218] Invalid logical block size (768)
[  583.563028][T20232] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3399'.
[  584.197874][T20259] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3406'.
[  584.386312][T20255] [U] 
[  584.389575][T20255] [U] 
[  584.392806][T20255] [U] 
[  584.396038][T20255] [U] 
[  584.415725][T20255] [U] 
[  584.418975][T20255] [U] 
[  584.422194][T20255] [U] 
[  584.425413][T20255] [U] 
[  584.457935][T20255] [U] 
[  584.461187][T20255] [U] 
[  584.464422][T20255] [U] 
[  584.467664][T20255] [U] 
[  584.474924][T20269] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3408'.
[  584.527627][T20255] [U] 
[  584.530892][T20255] [U] ��[�Xw���P��&w����0\hz�Q��/�.��M\�op;0(Ҩ;2���HV�q̌��P�%3��S-C���s�J(�+Rh�\���ˣ�j�s��
[  584.544012][T20255] [U] ����-����1���&#R�@�!˰aC�8iwH��N���>9���R����A�g>��Y�
[  584.604893][T20255] [U] 8}WD��/E��R9v�k\��HMY<�kX*���:�n^�J5�#�Xޅ6in�P7sO�&A�kUd�o15�
[  584.650254][T20277] Invalid ELF header magic: != ELF
[  584.709917][T20255] [U] �����5%�
[  584.718193][T20255] [U] pE���-B����N��:J�]lz�$�<G�`5"14��
[  584.739590][T20255] [U] \��������6�31�\���cX����("<k2���ː3��fa�&U�B����~�4+��h.{��d��T!(���X�q�Cef����]�"��Dv&Vd�;p�^��\53#�}a�&A��w<'*���j&�ǹ��SF�(Ր;#@�޾ԫ�l���fx��c�Ξ뾺�J���S����UN�+<�����V��ЁԵ5w���kR�G���E+
[  584.766373][T20255] [U] ���4|�
[  584.770309][T20255] [U] �O�BD�y��)ܳ.�M��~�)���
[  584.885349][T20255] [U] �qj���d�r�G�t�3�r�����[#���IT��;���Ba�ٷ��o?�t�a�}
[  584.907224][T20255] [U] �|#��KZ�)�`��e��WC��	^է
[  584.914090][T20255] [U] k���6����� �ɓW��We�΅Be��k-��Xl�Y�A��x�m�X��b��h�EJ�iz����j�U��g`Sc�`�zE�|P�_���F�,�i�����$��-�+�HK��JSm�J������!�%�9*H$�e�Z2�l�G';�:��}6/��!�1��4�����
LM����۷�2F�78(�\X;��pU��ȽD�X&e��Q��)�Ȁ���M�(
[  584.946624][T20255] [U] ��M�-���'m����%Tm�s
[  584.961776][T20255] [U] /m�33E��U��)���\" �w����;���D�6�6]?�^
[  584.981677][T20255] [U] �a�\�n#b�_4��)��;�&��O/2������/}%e��Y���y���e�鍃��|X�ݬ���*�#Xuמ�Cf��bQ���mtr�(�x��穾y��l���h
[  584.996609][T20255] [U] 
[  584.999847][T20255] [U] 
[  585.003084][T20255] [U] 
[  585.021956][T20255] [U] 
[  585.774024][T20311] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3416'.
[  585.785217][T20311] �: renamed from bridge_slave_1 (while UP)
[  585.823232][T20311] bridge0: port 2(�) entered disabled state
[  585.894781][T20320] FAULT_INJECTION: forcing a failure.
[  585.894781][T20320] name failslab, interval 1, probability 0, space 0, times 0
[  585.918007][T20320] CPU: 0 UID: 0 PID: 20320 Comm: syz.0.3420 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  585.930934][T20320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  585.942995][T20320] Call Trace:
[  585.946926][T20320]  <TASK>
[  585.950441][T20320]  dump_stack_lvl+0x16c/0x1f0
[  585.956066][T20320]  should_fail_ex+0x497/0x5b0
[  585.961690][T20320]  ? fs_reclaim_acquire+0xae/0x150
[  585.967835][T20320]  should_failslab+0xc2/0x120
[  585.973463][T20320]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  585.980441][T20320]  ? __alloc_skb+0x2b3/0x380
[  585.985961][T20320]  __alloc_skb+0x2b3/0x380
[  585.991267][T20320]  ? __pfx___alloc_skb+0x10/0x10
[  585.997203][T20320]  ? genl_rcv_msg+0x540/0x800
[  586.002819][T20320]  ? genl_rcv_msg+0x4bd/0x800
[  586.008447][T20320]  netlink_ack+0x164/0xb20
[  586.013757][T20320]  netlink_rcv_skb+0x327/0x410
[  586.019482][T20320]  ? __pfx_genl_rcv_msg+0x10/0x10
[  586.025524][T20320]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  586.031884][T20320]  ? down_read+0xc9/0x330
[  586.037096][T20320]  ? __pfx_down_read+0x10/0x10
[  586.042826][T20320]  ? netlink_deliver_tap+0x1ae/0xca0
[  586.049176][T20320]  genl_rcv+0x28/0x40
[  586.053964][T20320]  netlink_unicast+0x53c/0x7f0
[  586.059688][T20320]  ? __pfx_netlink_unicast+0x10/0x10
[  586.066034][T20320]  ? __phys_addr_symbol+0x30/0x80
[  586.072076][T20320]  ? __check_object_size+0x488/0x710
[  586.078434][T20320]  netlink_sendmsg+0x8b8/0xd70
[  586.084158][T20320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  586.090516][T20320]  ____sys_sendmsg+0x9ae/0xb40
[  586.096248][T20320]  ? copy_msghdr_from_user+0x10b/0x160
[  586.102809][T20320]  ? __pfx_____sys_sendmsg+0x10/0x10
[  586.109159][T20320]  ? rcu_is_watching+0x12/0xc0
[  586.114886][T20320]  ? lock_release+0x4e2/0x6f0
[  586.120501][T20320]  ? get_pid_task+0xfc/0x250
[  586.126031][T20320]  ___sys_sendmsg+0x135/0x1e0
[  586.131656][T20320]  ? get_pid_task+0x35/0x250
[  586.137177][T20320]  ? __pfx____sys_sendmsg+0x10/0x10
[  586.143428][T20320]  ? lock_release+0x4e2/0x6f0
[  586.149053][T20320]  ? __pfx_lock_release+0x10/0x10
[  586.155086][T20320]  ? trace_lock_acquire+0x14e/0x1f0
[  586.161338][T20320]  ? __fget_files+0x206/0x3a0
[  586.166960][T20320]  __sys_sendmsg+0x16e/0x220
[  586.172481][T20320]  ? __pfx___sys_sendmsg+0x10/0x10
[  586.178635][T20320]  ? rcu_is_watching+0x12/0xc0
[  586.184360][T20320]  ? rcu_is_watching+0x12/0xc0
[  586.190085][T20320]  do_syscall_64+0xcd/0x250
[  586.195503][T20320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.202590][T20320] RIP: 0033:0x7f71b4785d29
[  586.207887][T20320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  586.231419][T20320] RSP: 002b:00007f71b5531038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  586.241517][T20320] RAX: ffffffffffffffda RBX: 00007f71b4975fa0 RCX: 00007f71b4785d29
[  586.251092][T20320] RDX: 0000000004000000 RSI: 0000000020000180 RDI: 0000000000000003
[  586.260655][T20320] RBP: 00007f71b5531090 R08: 0000000000000000 R09: 0000000000000000
[  586.270218][T20320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  586.279787][T20320] R13: 0000000000000000 R14: 00007f71b4975fa0 R15: 00007ffe982ff938
[  586.289365][T20320]  </TASK>
[  586.348851][T20323] WARNING! power/level is deprecated; use power/control instead
[  586.466380][T20326] Invalid logical block size (768)

syzkaller
syzkaller login: [  586.896519][T20298] kexec: Could not allocate control_code_buffer
[  587.293481][T20362] binder: 20361:20362 ioctl 400c620e 9 returned -14
[  587.562651][T20376] FAULT_INJECTION: forcing a failure.
[  587.562651][T20376] name failslab, interval 1, probability 0, space 0, times 0
[  587.600995][T20376] CPU: 1 UID: 0 PID: 20376 Comm: syz.0.3439 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  587.613926][T20376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  587.625994][T20376] Call Trace:
[  587.629939][T20376]  <TASK>
[  587.633454][T20376]  dump_stack_lvl+0x16c/0x1f0
[  587.639071][T20376]  should_fail_ex+0x497/0x5b0
[  587.644695][T20376]  should_failslab+0xc2/0x120
[  587.650320][T20376]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  587.656773][T20376]  ? skb_clone+0x190/0x3f0
[  587.662080][T20376]  skb_clone+0x190/0x3f0
[  587.667182][T20376]  netlink_deliver_tap+0xafd/0xca0
[  587.673323][T20376]  netlink_unicast+0x6b4/0x7f0
[  587.679046][T20376]  ? __pfx_netlink_unicast+0x10/0x10
[  587.685394][T20376]  ? genl_rcv_msg+0x4bd/0x800
[  587.691017][T20376]  netlink_ack+0x6a5/0xb20
[  587.696333][T20376]  netlink_rcv_skb+0x327/0x410
[  587.702055][T20376]  ? __pfx_genl_rcv_msg+0x10/0x10
[  587.708095][T20376]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  587.714448][T20376]  ? down_read+0xc9/0x330
[  587.719651][T20376]  ? __pfx_down_read+0x10/0x10
[  587.725380][T20376]  ? netlink_deliver_tap+0x1ae/0xca0
[  587.731727][T20376]  genl_rcv+0x28/0x40
[  587.736518][T20376]  netlink_unicast+0x53c/0x7f0
[  587.742240][T20376]  ? __pfx_netlink_unicast+0x10/0x10
[  587.748588][T20376]  ? __phys_addr_symbol+0x30/0x80
[  587.754623][T20376]  ? __check_object_size+0x488/0x710
[  587.760983][T20376]  netlink_sendmsg+0x8b8/0xd70
[  587.766706][T20376]  ? __pfx_netlink_sendmsg+0x10/0x10
[  587.773060][T20376]  ____sys_sendmsg+0x9ae/0xb40
[  587.778782][T20376]  ? copy_msghdr_from_user+0x10b/0x160
[  587.785348][T20376]  ? __pfx_____sys_sendmsg+0x10/0x10
[  587.791696][T20376]  ? rcu_is_watching+0x12/0xc0
[  587.797422][T20376]  ? lock_release+0x4e2/0x6f0
[  587.803035][T20376]  ? get_pid_task+0xfc/0x250
[  587.808556][T20376]  ___sys_sendmsg+0x135/0x1e0
[  587.814178][T20376]  ? get_pid_task+0x35/0x250
[  587.819697][T20376]  ? __pfx____sys_sendmsg+0x10/0x10
[  587.825944][T20376]  ? lock_release+0x4e2/0x6f0
[  587.831562][T20376]  ? __pfx_lock_release+0x10/0x10
[  587.837567][T20376]  ? trace_lock_acquire+0x14e/0x1f0
[  587.843811][T20376]  ? __fget_files+0x206/0x3a0
[  587.849403][T20376]  __sys_sendmsg+0x16e/0x220
[  587.854895][T20376]  ? __pfx___sys_sendmsg+0x10/0x10
[  587.861015][T20376]  ? rcu_is_watching+0x12/0xc0
[  587.866718][T20376]  ? rcu_is_watching+0x12/0xc0
[  587.872444][T20376]  do_syscall_64+0xcd/0x250
[  587.877861][T20376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.884942][T20376] RIP: 0033:0x7f71b4785d29
[  587.890244][T20376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  587.913772][T20376] RSP: 002b:00007f71b5531038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  587.923870][T20376] RAX: ffffffffffffffda RBX: 00007f71b4975fa0 RCX: 00007f71b4785d29
[  587.933433][T20376] RDX: 0000000004000000 RSI: 0000000020000180 RDI: 0000000000000003
[  587.942998][T20376] RBP: 00007f71b5531090 R08: 0000000000000000 R09: 0000000000000000
[  587.952560][T20376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  587.962129][T20376] R13: 0000000000000000 R14: 00007f71b4975fa0 R15: 00007ffe982ff938
[  587.971702][T20376]  </TASK>
[  588.233339][   T29] audit: type=1807 audit(8277292083.655:25): UNKNOWN=0"�]$|�1j�0B|d���ӉO��+��/��x����WӦ��^��gq%Ḧr�O� res=0
[  588.249591][T20401] ima: policy update failed
[  588.284201][   T29] audit: type=1802 audit(8277292083.675:26): pid=20401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.3444" res=0 errno=0
[  588.348409][   T29] audit: type=1802 audit(8277292083.675:27): pid=20401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3444" res=0 errno=0
[  588.762903][T20418] netlink: 'syz.1.3449': attribute type 1 has an invalid length.
[  588.873211][T20423] FAULT_INJECTION: forcing a failure.
[  588.873211][T20423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  588.927562][T20423] CPU: 0 UID: 0 PID: 20423 Comm: syz.1.3451 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  588.940493][T20423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  588.952555][T20423] Call Trace:
[  588.956484][T20423]  <TASK>
[  588.960001][T20423]  dump_stack_lvl+0x16c/0x1f0
[  588.965634][T20423]  should_fail_ex+0x497/0x5b0
[  588.971257][T20423]  _copy_to_user+0x32/0xd0
[  588.976571][T20423]  simple_read_from_buffer+0xd0/0x160
[  588.983027][T20423]  proc_fail_nth_read+0x198/0x270
[  588.989073][T20423]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  588.995740][T20423]  ? bpf_lsm_file_permission+0x9/0x10
[  589.002199][T20423]  ? security_file_permission+0x71/0x210
[  589.008965][T20423]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  589.015640][T20423]  vfs_read+0x1df/0xbe0
[  589.020633][T20423]  ? __fget_files+0x1fc/0x3a0
[  589.026255][T20423]  ? __pfx___mutex_lock+0x10/0x10
[  589.032296][T20423]  ? __pfx_vfs_read+0x10/0x10
[  589.037916][T20423]  ? __fget_files+0x206/0x3a0
[  589.043537][T20423]  ksys_read+0x12b/0x250
[  589.048635][T20423]  ? __pfx_ksys_read+0x10/0x10
[  589.054355][T20423]  ? rcu_is_watching+0x12/0xc0
[  589.060082][T20423]  ? rcu_is_watching+0x12/0xc0
[  589.065809][T20423]  do_syscall_64+0xcd/0x250
[  589.071232][T20423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.078313][T20423] RIP: 0033:0x7f37bb18473c
[  589.083610][T20423] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  589.107153][T20423] RSP: 002b:00007f37bbee4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  589.117248][T20423] RAX: ffffffffffffffda RBX: 00007f37bb375fa0 RCX: 00007f37bb18473c
[  589.126817][T20423] RDX: 000000000000000f RSI: 00007f37bbee40a0 RDI: 0000000000000004
[  589.136389][T20423] RBP: 00007f37bbee4090 R08: 0000000000000000 R09: 0000000000000000
[  589.145953][T20423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  589.155518][T20423] R13: 0000000000000000 R14: 00007f37bb375fa0 R15: 00007ffcbbc01548
[  589.165094][T20423]  </TASK>
[  589.783028][ T5143] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  589.795927][ T5143] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  589.806747][ T5143] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  589.818506][ T5143] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  589.827331][ T5143] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  589.836482][ T5143] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  589.877028][T20440] netlink: 74 bytes leftover after parsing attributes in process `syz.4.3455'.
[  590.135805][T20445] chnl_net:caif_netlink_parms(): no params data found
[  590.292413][T20445] bridge0: port 1(bridge_slave_0) entered blocking state
[  590.305093][T20445] bridge0: port 1(bridge_slave_0) entered disabled state
[  590.325011][T20445] bridge_slave_0: entered allmulticast mode
[  590.365199][T20445] bridge_slave_0: entered promiscuous mode
[  590.427443][T20445] bridge0: port 2(bridge_slave_1) entered blocking state
[  590.436120][T20445] bridge0: port 2(bridge_slave_1) entered disabled state
[  590.446082][T20445] bridge_slave_1: entered allmulticast mode
[  590.459805][T20445] bridge_slave_1: entered promiscuous mode
[  590.489749][T20445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  590.507352][T20445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  590.535544][T20445] team0: Port device team_slave_0 added
[  590.567475][T20445] team0: Port device team_slave_1 added
[  590.631522][T20445] batman_adv: batadv0: Adding interface: batadv_slave_0
[  590.652524][T20445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  590.686501][T20445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  590.710211][T20445] batman_adv: batadv0: Adding interface: batadv_slave_1
[  590.719004][T20445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  590.750050][    C1] vkms_vblank_simulate: vblank timer overrun
[  590.760518][T20445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  590.800409][T20445] hsr_slave_0: entered promiscuous mode
[  590.807994][T20445] hsr_slave_1: entered promiscuous mode
[  590.816302][T20445] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  590.827363][T20445] Cannot create hsr debugfs directory
[  590.976462][T20445] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  591.045627][T20445] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  591.107189][T20445] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  591.164591][T20445] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  591.272157][T20445] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  591.284830][T20445] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  591.305059][T20445] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  591.330634][T20445] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  591.422808][T20445] 8021q: adding VLAN 0 to HW filter on device bond0
[  591.451655][T20445] 8021q: adding VLAN 0 to HW filter on device team0
[  591.467000][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  591.475530][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  591.494903][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  591.503402][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  591.722495][T20445] 8021q: adding VLAN 0 to HW filter on device batadv0
[  591.792691][T20445] veth0_vlan: entered promiscuous mode
[  591.813539][T20445] veth1_vlan: entered promiscuous mode
[  591.834718][T20445] veth0_macvtap: entered promiscuous mode
[  591.844061][T20445] veth1_macvtap: entered promiscuous mode
[  591.859070][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  591.871742][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  591.883740][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  591.896527][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  591.908344][ T5143] Bluetooth: hci1: command tx timeout
[  591.915004][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  591.927595][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  591.939385][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  591.951938][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  591.963846][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  591.976461][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  591.988471][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  592.001112][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.013815][T20445] batman_adv: batadv0: Interface activated: batadv_slave_0
[  592.024735][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.037258][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.049095][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.061648][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.073515][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.086257][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.098161][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.110835][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.122660][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.135198][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.147220][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.159800][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.171690][T20445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.184325][T20445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.197089][T20445] batman_adv: batadv0: Interface activated: batadv_slave_1
[  592.217882][T20445] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  592.228578][T20445] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  592.239085][T20445] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  592.249625][T20445] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  592.284037][T20445] ieee80211 phy31: Selected rate control algorithm 'minstrel_ht'
[  592.322676][T10261] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  592.348242][T10261] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  592.376352][T20445] ieee80211 phy32: Selected rate control algorithm 'minstrel_ht'
[  592.512394][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  592.528442][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  592.710449][T20550] Invalid logical block size (768)
[  592.876683][T20553] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3479'.
[  593.006948][T20574] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3483'.
[  593.092280][T20581] FAULT_INJECTION: forcing a failure.
[  593.092280][T20581] name fail_futex, interval 1, probability 0, space 0, times 1
[  593.115783][T20581] CPU: 0 UID: 0 PID: 20581 Comm: syz.1.3486 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  593.128721][T20581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  593.140792][T20581] Call Trace:
[  593.144729][T20581]  <TASK>
[  593.148253][T20581]  dump_stack_lvl+0x16c/0x1f0
[  593.153892][T20581]  should_fail_ex+0x497/0x5b0
[  593.159531][T20581]  get_futex_key+0x4a3/0x1000
[  593.165164][T20581]  ? rcu_is_watching+0x12/0xc0
[  593.170905][T20581]  ? __pfx_get_futex_key+0x10/0x10
[  593.177063][T20581]  ? __pfx___up_read+0x10/0x10
[  593.182796][T20581]  futex_wait_setup+0x72/0x290
[  593.188529][T20581]  __futex_wait+0x267/0x3c0
[  593.193949][T20581]  ? __pfx___futex_wait+0x10/0x10
[  593.199996][T20581]  ? __pfx_futex_wake_mark+0x10/0x10
[  593.206356][T20581]  futex_wait+0xe9/0x380
[  593.211456][T20581]  ? __pfx_futex_wait+0x10/0x10
[  593.217295][T20581]  do_futex+0x22b/0x350
[  593.222305][T20581]  ? __pfx_do_futex+0x10/0x10
[  593.227940][T20581]  ? __vm_munmap+0x18b/0x340
[  593.233465][T20581]  __x64_sys_futex+0x1e1/0x4c0
[  593.239208][T20581]  ? __pfx___x64_sys_futex+0x10/0x10
[  593.245574][T20581]  ? rcu_is_watching+0x12/0xc0
[  593.251311][T20581]  ? rcu_is_watching+0x12/0xc0
[  593.257046][T20581]  ? rcu_is_watching+0x12/0xc0
[  593.262782][T20581]  do_syscall_64+0xcd/0x250
[  593.268206][T20581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  593.275301][T20581] RIP: 0033:0x7f37bb185d29
[  593.280605][T20581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  593.304142][T20581] RSP: 002b:00007f37bbee40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  593.314255][T20581] RAX: ffffffffffffffda RBX: 00007f37bb375fa8 RCX: 00007f37bb185d29
[  593.323831][T20581] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f37bb375fa8
[  593.333413][T20581] RBP: 00007f37bb375fa0 R08: 0000000000000000 R09: 0000000000000000
[  593.342984][T20581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f37bb375fac
[  593.352557][T20581] R13: 0000000000000000 R14: 00007ffcbbc01460 R15: 00007ffcbbc01548
[  593.362137][T20581]  </TASK>
[  594.000086][ T5143] Bluetooth: hci1: command tx timeout
[  595.232391][T20678] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3498'.
[  595.386617][T20685] random: crng reseeded on system resumption
[  595.406067][T20680] netlink: 296 bytes leftover after parsing attributes in process `syz.0.3501'.
[  595.422236][T20685] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff]
[  595.436719][T20680] futex_wake_op: syz.0.3501 tries to shift op by 64; fix this program
[  595.446861][T20685] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff]
[  595.464180][T20685] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff]
[  595.616720][T20685] PM: hibernation: Basic memory bitmaps created
[  596.061330][ T5143] Bluetooth: hci1: command tx timeout
[  596.128012][T20714] blktrace: Concurrent blktraces are not allowed on sg0
[  596.146801][T20714] relay: one or more items not logged [item size (48) > sub-buffer size (28)]
[  596.206361][T20684] PM: hibernation: Basic memory bitmaps freed
[  597.299491][T20742] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.3516'.
[  597.400315][T20753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3516'.
[  597.902661][T20773] Invalid logical block size (768)
[  598.144818][ T5143] Bluetooth: hci1: command tx timeout
[  598.603533][T20800] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3530'.
[  598.698091][T20796] cgroup2: Unknown parameter 'S'
[  598.982772][T20813] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3533'.
[  599.021524][T20813] veth1_macvtap: left promiscuous mode
[  599.034236][T20816] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3534'.
[  599.052748][T20816] �: renamed from bridge_slave_1 (while UP)
[  599.069598][T20816] bridge0: port 2(�) entered disabled state
[  599.083434][T20818] Invalid logical block size (768)
[  600.253233][T20864] Invalid logical block size (768)
[  601.370948][T20898] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3552'.
[  601.766539][T20916] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3556'.
[  601.798382][T20918] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3558'.
[  603.430151][T20999] Invalid logical block size (768)
[  603.684043][T21002] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  603.712344][T21002] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  603.734403][T21002] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  603.764389][T21002] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  603.792753][T21002] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  603.831830][T21002] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  604.260441][T21021] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3584'.
[  605.153596][T21047] [U] �쒬���ޘ0vvA�T|P>�@Ld\����2dX|�����p�ګ�y#>���D�mw�Y ����i�`@�����Bs�/�Q
[  605.166827][T21047] [U] r�Y�;2"YO�K�&U����L;=#~���ws�<2Y�٪e��"��
[  605.175371][T21047] [U]  �����i�tX��;ט�h��$v�лt�8���'#_*��fû�H��9�-rS��m����#-����H%�F��:����]F�g���e��}��z��l�
[  605.586552][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout
[  605.703990][T21080] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3599'.
[  605.748599][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  605.756579][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout
[  605.826101][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout
[  606.744308][T21124] Invalid logical block size (768)
[  607.102371][T21147] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3620'.
[  607.300706][T21162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3622'.
[  607.637445][T21176] Invalid logical block size (768)
[  607.719946][T21179] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3628'.
[  607.917758][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout
[  608.317663][T21205] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3632'.
[  608.507036][T21214] sd 0:0:1:0: device reset
[  608.781391][T21213] base_sock_release(ffff8880638fa400) sk=ffff88802a5a6000
[  608.969510][T21234] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  608.996914][T21234] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  609.627675][T21234] Process accounting paused
[  609.988393][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout
[  610.052941][T21282] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3649'.
[  610.205938][T21271] Process accounting paused
[  610.284426][T21297] FAULT_INJECTION: forcing a failure.
[  610.284426][T21297] name failslab, interval 1, probability 0, space 0, times 0
[  610.320948][T21297] CPU: 1 UID: 0 PID: 21297 Comm: syz.4.3654 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  610.333883][T21297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  610.345947][T21297] Call Trace:
[  610.349879][T21297]  <TASK>
[  610.353398][T21297]  dump_stack_lvl+0x16c/0x1f0
[  610.359027][T21297]  should_fail_ex+0x497/0x5b0
[  610.364650][T21297]  ? fs_reclaim_acquire+0xae/0x150
[  610.370793][T21297]  should_failslab+0xc2/0x120
[  610.376424][T21297]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  610.382884][T21297]  ? lock_acquire+0x2f/0xb0
[  610.388290][T21297]  ? __proc_create+0xa4/0x8b0
[  610.393910][T21297]  ? __proc_create+0x2c3/0x8b0
[  610.399641][T21297]  __proc_create+0x2c3/0x8b0
[  610.405161][T21297]  ? __pfx___proc_create+0x10/0x10
[  610.411307][T21297]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  610.417762][T21297]  ? rcu_is_watching+0x12/0xc0
[  610.423490][T21297]  proc_create_reg+0x7d/0x180
[  610.429111][T21297]  proc_create_net_data+0x8f/0x1b0
[  610.435256][T21297]  ? __pfx_proc_create_net_data+0x10/0x10
[  610.442132][T21297]  ? __pfx___netlink_kernel_create+0x10/0x10
[  610.449313][T21297]  ? fib_default_rule_add+0x342/0x420
[  610.455769][T21297]  fib_proc_init+0x58/0x1b0
[  610.461183][T21297]  fib_net_init+0x279/0x3d0
[  610.466607][T21297]  ? __pfx_fib_net_init+0x10/0x10
[  610.472650][T21297]  ? __pfx_nl_fib_input+0x10/0x10
[  610.478687][T21297]  ? devinet_init_net+0x5b3/0x8f0
[  610.484730][T21297]  ? __pfx_fib_net_init+0x10/0x10
[  610.490770][T21297]  ops_init+0x1df/0x5f0
[  610.495772][T21297]  setup_net+0x21f/0x860
[  610.500879][T21297]  ? __pfx_setup_net+0x10/0x10
[  610.506608][T21297]  ? down_read_killable+0xcc/0x380
[  610.512756][T21297]  ? __pfx_down_read_killable+0x10/0x10
[  610.519421][T21297]  ? debug_mutex_init+0x37/0x70
[  610.525253][T21297]  copy_net_ns+0x2b4/0x6c0
[  610.530557][T21297]  create_new_namespaces+0x3ea/0xad0
[  610.536922][T21297]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  610.543691][T21297]  ksys_unshare+0x45d/0xa40
[  610.549105][T21297]  ? __pfx_ksys_unshare+0x10/0x10
[  610.555140][T21297]  ? xfd_validate_state+0x5d/0x180
[  610.561280][T21297]  ? rcu_is_watching+0x12/0xc0
[  610.567007][T21297]  __x64_sys_unshare+0x31/0x40
[  610.572732][T21297]  do_syscall_64+0xcd/0x250
[  610.578148][T21297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  610.585232][T21297] RIP: 0033:0x7fd5b9385d29
[  610.590525][T21297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  610.614060][T21297] RSP: 002b:00007fd5ba141038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  610.624155][T21297] RAX: ffffffffffffffda RBX: 00007fd5b9575fa0 RCX: 00007fd5b9385d29
[  610.633728][T21297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  610.643296][T21297] RBP: 00007fd5b9401b08 R08: 0000000000000000 R09: 0000000000000000
[  610.652861][T21297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  610.662423][T21297] R13: 0000000000000000 R14: 00007fd5b9575fa0 R15: 00007ffd900a41b8
[  610.671994][T21297]  </TASK>
[  611.028897][T21334] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3659'.
[  611.092385][T21335] Process accounting resumed
[  612.092001][T21362] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3663'.
[  612.374545][T21380] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3665'.
[  615.178622][T21469] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  615.216328][T21469] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  618.786511][T21614] nbd: must specify at least one socket
[  619.419138][T21645] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3717'.
[  620.563672][T21663] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3721'.
[  622.755821][T21739] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3733'.
[  622.877550][T21743] FAULT_INJECTION: forcing a failure.
[  622.877550][T21743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  622.903571][T21743] CPU: 0 UID: 0 PID: 21743 Comm: syz.4.3735 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  622.916501][T21743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  622.928562][T21743] Call Trace:
[  622.932495][T21743]  <TASK>
[  622.936012][T21743]  dump_stack_lvl+0x16c/0x1f0
[  622.941642][T21743]  should_fail_ex+0x497/0x5b0
[  622.947265][T21743]  _copy_to_iter+0x29b/0x1400
[  622.952886][T21743]  ? trace_lock_acquire+0x14e/0x1f0
[  622.959131][T21743]  ? __pfx_lock_release+0x10/0x10
[  622.965156][T21743]  ? __virt_addr_valid+0x1a4/0x590
[  622.971297][T21743]  ? __pfx__copy_to_iter+0x10/0x10
[  622.977439][T21743]  ? __virt_addr_valid+0x1a4/0x590
[  622.983579][T21743]  ? __virt_addr_valid+0x5e/0x590
[  622.989617][T21743]  ? __phys_addr_symbol+0x30/0x80
[  622.995656][T21743]  ? __check_object_size+0x488/0x710
[  623.002014][T21743]  seq_read_iter+0xd00/0x12b0
[  623.007638][T21743]  kernfs_fop_read_iter+0x414/0x580
[  623.013888][T21743]  ? rw_verify_area+0xd0/0x700
[  623.019608][T21743]  vfs_read+0x87f/0xbe0
[  623.024603][T21743]  ? __pfx_vfs_read+0x10/0x10
[  623.030226][T21743]  ksys_read+0x12b/0x250
[  623.035318][T21743]  ? __pfx_ksys_read+0x10/0x10
[  623.041038][T21743]  ? rcu_is_watching+0x12/0xc0
[  623.046763][T21743]  ? rcu_is_watching+0x12/0xc0
[  623.052486][T21743]  do_syscall_64+0xcd/0x250
[  623.057899][T21743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.064979][T21743] RIP: 0033:0x7fd5b9385d29
[  623.070271][T21743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.093799][T21743] RSP: 002b:00007fd5ba141038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  623.103896][T21743] RAX: ffffffffffffffda RBX: 00007fd5b9575fa0 RCX: 00007fd5b9385d29
[  623.113463][T21743] RDX: 00000000000000d2 RSI: 0000000020000300 RDI: 0000000000000003
[  623.123026][T21743] RBP: 00007fd5ba141090 R08: 0000000000000000 R09: 0000000000000000
[  623.132591][T21743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.142157][T21743] R13: 0000000000000000 R14: 00007fd5b9575fa0 R15: 00007ffd900a41b8
[  623.151739][T21743]  </TASK>
[  624.504105][T21783] FAULT_INJECTION: forcing a failure.
[  624.504105][T21783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  624.532769][T21783] CPU: 1 UID: 0 PID: 21783 Comm: syz.4.3745 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  624.545696][T21783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  624.557757][T21783] Call Trace:
[  624.561685][T21783]  <TASK>
[  624.565198][T21783]  dump_stack_lvl+0x16c/0x1f0
[  624.570819][T21783]  should_fail_ex+0x497/0x5b0
[  624.576447][T21783]  _copy_to_user+0x32/0xd0
[  624.581763][T21783]  simple_read_from_buffer+0xd0/0x160
[  624.588212][T21783]  proc_fail_nth_read+0x198/0x270
[  624.594252][T21783]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  624.600917][T21783]  ? bpf_lsm_file_permission+0x9/0x10
[  624.607374][T21783]  ? security_file_permission+0x71/0x210
[  624.614137][T21783]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  624.620803][T21783]  vfs_read+0x1df/0xbe0
[  624.625797][T21783]  ? __fget_files+0x1fc/0x3a0
[  624.631413][T21783]  ? __pfx___mutex_lock+0x10/0x10
[  624.637449][T21783]  ? __pfx_vfs_read+0x10/0x10
[  624.643067][T21783]  ? __fget_files+0x206/0x3a0
[  624.648687][T21783]  ksys_read+0x12b/0x250
[  624.653782][T21783]  ? __pfx_ksys_read+0x10/0x10
[  624.659506][T21783]  ? rcu_is_watching+0x12/0xc0
[  624.665232][T21783]  ? rcu_is_watching+0x12/0xc0
[  624.670953][T21783]  do_syscall_64+0xcd/0x250
[  624.676365][T21783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.683446][T21783] RIP: 0033:0x7fd5b938473c
[  624.688743][T21783] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  624.712270][T21783] RSP: 002b:00007fd5ba141030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  624.722368][T21783] RAX: ffffffffffffffda RBX: 00007fd5b9575fa0 RCX: 00007fd5b938473c
[  624.731941][T21783] RDX: 000000000000000f RSI: 00007fd5ba1410a0 RDI: 0000000000000004
[  624.741504][T21783] RBP: 00007fd5ba141090 R08: 0000000000000000 R09: 0000000000000000
[  624.751065][T21783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  624.760633][T21783] R13: 0000000000000000 R14: 00007fd5b9575fa0 R15: 00007ffd900a41b8
[  624.770205][T21783]  </TASK>
[  625.306932][T21789] base_sock_release(ffff888060e55400) sk=ffff8880336c0000
[  625.567988][T21801] Invalid logical block size (768)
[  627.909588][T21825] netlink: 'syz.4.3756': attribute type 11 has an invalid length.
[  628.305392][T21805] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3751'.
[  628.658094][T21846] Invalid logical block size (768)
[  628.833790][T21852] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3763'.
[  628.850255][T21852] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3763'.
[  628.862097][T21852] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3763'.
[  628.890521][T21852] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3763'.
[  628.917670][T21852] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3763'.
[  629.968170][T21865] device-mapper: ioctl: only supply one of name or uuid, cmd(5)
[  631.579126][T21902] Invalid logical block size (768)
[  632.423891][T21927] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.3781'.
[  635.049108][T21990] mkiss: ax0: crc mode is auto.
[  635.121440][T21982] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3793'.
[  637.506184][T22016] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3800'.
[  640.692970][T22102] FAULT_INJECTION: forcing a failure.
[  640.692970][T22102] name failslab, interval 1, probability 0, space 0, times 0
[  640.729025][T22102] CPU: 1 UID: 0 PID: 22102 Comm: syz.4.3822 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  640.741963][T22102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  640.754030][T22102] Call Trace:
[  640.757969][T22102]  <TASK>
[  640.761490][T22102]  dump_stack_lvl+0x16c/0x1f0
[  640.767124][T22102]  should_fail_ex+0x497/0x5b0
[  640.772754][T22102]  ? fs_reclaim_acquire+0xae/0x150
[  640.778905][T22102]  should_failslab+0xc2/0x120
[  640.784540][T22102]  __kmalloc_noprof+0xce/0x4f0
[  640.790280][T22102]  ? tomoyo_realpath_from_path+0xbf/0x710
[  640.797158][T22102]  ? rcu_is_watching+0x12/0xc0
[  640.802896][T22102]  tomoyo_realpath_from_path+0xbf/0x710
[  640.809568][T22102]  tomoyo_check_open_permission+0x2ad/0x3c0
[  640.816650][T22102]  ? init_file+0x93/0x480
[  640.821864][T22102]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  640.829568][T22102]  ? do_sys_openat2+0x17a/0x1e0
[  640.835417][T22102]  ? trace_lock_acquire+0x14e/0x1f0
[  640.841670][T22102]  ? nd_jump_root+0x3d5/0x580
[  640.847301][T22102]  ? __pfx_hook_file_open+0x10/0x10
[  640.853565][T22102]  ? lock_acquire+0x2f/0xb0
[  640.858979][T22102]  tomoyo_file_open+0x6b/0x90
[  640.864615][T22102]  security_file_open+0x84/0x1e0
[  640.870556][T22102]  do_dentry_open+0x57e/0x1ea0
[  640.876295][T22102]  ? inode_permission+0xdd/0x5f0
[  640.882246][T22102]  vfs_open+0x82/0x3f0
[  640.887154][T22102]  ? may_open+0x1f2/0x400
[  640.892357][T22102]  path_openat+0x1e6a/0x2d60
[  640.897887][T22102]  ? __pfx_path_openat+0x10/0x10
[  640.903833][T22102]  do_filp_open+0x20c/0x470
[  640.909248][T22102]  ? __pfx_do_filp_open+0x10/0x10
[  640.915306][T22102]  ? alloc_fd+0x41f/0x760
[  640.920520][T22102]  do_sys_openat2+0x17a/0x1e0
[  640.926152][T22102]  ? __pfx_do_sys_openat2+0x10/0x10
[  640.932414][T22102]  __x64_sys_openat+0x175/0x210
[  640.938263][T22102]  ? __pfx___x64_sys_openat+0x10/0x10
[  640.944735][T22102]  ? rcu_is_watching+0x12/0xc0
[  640.950471][T22102]  ? rcu_is_watching+0x12/0xc0
[  640.956204][T22102]  do_syscall_64+0xcd/0x250
[  640.961625][T22102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.968707][T22102] RIP: 0033:0x7fd5b9385d29
[  640.974005][T22102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.997538][T22102] RSP: 002b:00007fd5ba141038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  641.007642][T22102] RAX: ffffffffffffffda RBX: 00007fd5b9575fa0 RCX: 00007fd5b9385d29
[  641.017211][T22102] RDX: 0000000000084000 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[  641.026779][T22102] RBP: 00007fd5b9401b08 R08: 0000000000000000 R09: 0000000000000000
[  641.036344][T22102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  641.045913][T22102] R13: 0000000000000000 R14: 00007fd5b9575fa0 R15: 00007ffd900a41b8
[  641.055488][T22102]  </TASK>
[  641.076818][T22102] ERROR: Out of memory at tomoyo_realpath_from_path.
[  641.683788][T22114] Process accounting resumed
[  643.333854][T21958] Process accounting resumed
[  644.978823][T22160] random: crng reseeded on system resumption
[  644.999957][T22160] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff]
[  645.016353][T22160] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff]
[  645.036477][T22160] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff]
[  645.188610][T22160] PM: hibernation: Basic memory bitmaps created
[  646.094056][T22159] PM: hibernation: Basic memory bitmaps freed
[  646.426361][T22179] ima: policy update failed
[  646.433431][   T29] audit: type=1802 audit(8277292062.946:28): pid=22179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3842" res=0 errno=0
[  648.517539][T22225] netlink: 'syz.0.3853': attribute type 1 has an invalid length.
[  648.532008][T22225] netlink: 'syz.0.3853': attribute type 1 has an invalid length.
[  649.965551][T22158] syz.4.3831 (22158) used greatest stack depth: 17536 bytes left
[  650.608933][T22267] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3864'.
[  650.894313][T22270] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3865'.
[  650.911581][T22270] team0: Port device team_slave_0 removed
[  653.250722][T22321] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3877'.
[  655.202281][T22358] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3885'.
[  655.601138][T22351] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  655.616636][T22351] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  655.641381][T22351] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  655.661177][T22351] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  655.822237][T22364] Invalid logical block size (768)
[  655.897963][T22366] Invalid logical block size (768)
[  656.914640][T22387] Process accounting resumed
[  656.971611][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout
[  657.612710][ T5143] Bluetooth: hci0: command 0x0c1a tx timeout
[  657.696233][ T5143] Bluetooth: hci1: command 0x0c1a tx timeout
[  657.703718][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  659.633081][T22444] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(4.536870912.4294967293), cmd(3)
[  660.032919][T22444] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3910'.
[  660.050603][T21581] syz.1.3707 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  660.062606][T22444] veth1_macvtap: entered allmulticast mode
[  660.083432][T21581] CPU: 0 UID: 0 PID: 21581 Comm: syz.1.3707 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  660.096359][T21581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  660.108430][T21581] Call Trace:
[  660.112363][T21581]  <TASK>
[  660.115885][T21581]  dump_stack_lvl+0x16c/0x1f0
[  660.121513][T21581]  dump_header+0x101/0x900
[  660.126829][T21581]  oom_kill_process+0x270/0xa60
[  660.132661][T21581]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  660.139426][T21581]  out_of_memory+0x351/0x1700
[  660.145051][T21581]  ? __pfx_out_of_memory+0x10/0x10
[  660.151190][T21581]  ? rcu_read_unlock+0x17/0x60
[  660.156915][T21581]  ? __pfx_lock_release+0x10/0x10
[  660.162951][T21581]  mem_cgroup_out_of_memory+0x207/0x270
[  660.169608][T21581]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  660.176894][T21581]  ? do_raw_spin_unlock+0x172/0x230
[  660.183140][T21581]  try_charge_memcg+0x54c/0xaf0
[  660.188970][T21581]  ? __pfx_try_charge_memcg+0x10/0x10
[  660.195426][T21581]  ? trace_lock_acquire+0x14e/0x1f0
[  660.201672][T21581]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  660.208227][T21581]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  660.214781][T21581]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[  660.221441][T21581]  __mem_cgroup_charge+0x9b/0x280
[  660.227484][T21581]  shmem_alloc_and_add_folio+0x507/0xc00
[  660.234251][T21581]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  660.241640][T21581]  ? shmem_allowable_huge_orders+0xd0/0x410
[  660.248721][T21581]  shmem_get_folio_gfp+0x689/0x1530
[  660.254964][T21581]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  660.261728][T21581]  ? inode_set_ctime_current+0xa4/0x900
[  660.268394][T21581]  ? timestamp_truncate+0x21f/0x2e0
[  660.274639][T21581]  shmem_write_begin+0x161/0x300
[  660.280573][T21581]  ? __pfx_shmem_write_begin+0x10/0x10
[  660.287134][T21581]  ? inode_set_ctime_current+0x2a7/0x900
[  660.293904][T21581]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  660.302138][T21581]  ? __pfx_inode_set_ctime_current+0x10/0x10
[  660.309328][T21581]  generic_perform_write+0x2ba/0x920
[  660.315689][T21581]  ? __pfx_generic_perform_write+0x10/0x10
[  660.322665][T21581]  ? __mark_inode_dirty+0x2a5/0xe50
[  660.328921][T21581]  ? generic_update_time+0xcf/0xf0
[  660.335063][T21581]  ? mnt_put_write_access_file+0x45/0xf0
[  660.341832][T21581]  shmem_file_write_iter+0x10e/0x140
[  660.348179][T21581]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  660.355154][T21581]  __kernel_write_iter+0x318/0xa80
[  660.361290][T21581]  ? __pfx___kernel_write_iter+0x10/0x10
[  660.368052][T21581]  ? get_dump_page+0x15b/0x230
[  660.373779][T21581]  ? __pfx___might_resched+0x10/0x10
[  660.380131][T21581]  dump_user_range+0x389/0x8c0
[  660.385860][T21581]  ? __pfx_dump_user_range+0x10/0x10
[  660.392207][T21581]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  660.399594][T21581]  ? __pfx_writenote+0x10/0x10
[  660.405311][T21581]  elf_core_dump+0x2787/0x3880
[  660.411023][T21581]  ? __pfx_sched_clock_cpu+0x10/0x10
[  660.417356][T21581]  ? psi_task_change+0x1a2/0x2d0
[  660.423292][T21581]  ? __pfx_elf_core_dump+0x10/0x10
[  660.429425][T21581]  ? rcu_is_watching+0x12/0xc0
[  660.435140][T21581]  ? lock_release+0x4e2/0x6f0
[  660.440751][T21581]  ? lock_release+0x4e2/0x6f0
[  660.446364][T21581]  ? try_to_wake_up+0x949/0x1490
[  660.452288][T21581]  ? __pfx_lock_release+0x10/0x10
[  660.458320][T21581]  ? trace_irq_enable.constprop.0+0xea/0x140
[  660.465499][T21581]  ? rwsem_wake.isra.0+0xbe/0x120
[  660.471536][T21581]  ? rcu_is_watching+0x12/0xc0
[  660.477252][T21581]  ? trace_lock_acquire+0x14e/0x1f0
[  660.483493][T21581]  ? __pfx_sort+0x10/0x10
[  660.488693][T21581]  ? get_signal+0x23f3/0x2610
[  660.494312][T21581]  ? do_coredump+0x2dd5/0x43e0
[  660.500038][T21581]  do_coredump+0x2dd5/0x43e0
[  660.505567][T21581]  ? __pfx_do_coredump+0x10/0x10
[  660.511502][T21581]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  660.518603][T21581]  ? rcu_is_watching+0x12/0xc0
[  660.524331][T21581]  get_signal+0x23f3/0x2610
[  660.529743][T21581]  ? force_sig_fault+0xad/0xf0
[  660.535461][T21581]  ? __pfx_get_signal+0x10/0x10
[  660.541286][T21581]  ? __pfx_is_prefetch.constprop.0+0x10/0x10
[  660.548479][T21581]  arch_do_signal_or_restart+0x90/0x7e0
[  660.555146][T21581]  ? trace_irq_disable.constprop.0+0xea/0x140
[  660.562426][T21581]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  660.569817][T21581]  ? __bad_area_nosemaphore+0x334/0x6a0
[  660.576483][T21581]  ? do_user_addr_fault+0x920/0x13f0
[  660.582824][T21581]  ? rcu_is_watching+0x12/0xc0
[  660.588549][T21581]  irqentry_exit_to_user_mode+0x13f/0x280
[  660.595423][T21581]  asm_exc_page_fault+0x26/0x30
[  660.601254][T21581] RIP: 0033:0x401000
[  660.605927][T21581] Code: Unable to access opcode bytes at 0x400fd6.
[  660.613710][T21581] RSP: 002b:000000000000000f EFLAGS: 00010202
[  660.620984][T21581] RAX: 0000000000000000 RBX: 00007f37bb375fa0 RCX: 00007f37bb185d29
[  660.630545][T21581] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000020003b46
[  660.640111][T21581] RBP: 00007f37bb201b08 R08: 0000000000000002 R09: 0000000000000000
[  660.649683][T21581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  660.659247][T21581] R13: 0000000000000000 R14: 00007f37bb375fa0 R15: 00007ffcbbc01548
[  660.668823][T21581]  </TASK>
[  660.668840][T22465] svc: failed to register nfsdv3 RPC service (errno 111).
[  660.694997][T21581] memory: usage 307188kB, limit 307200kB, failcnt 19160
[  660.703390][T21581] memory+swap: usage 430132kB, limit 9007199254740988kB, failcnt 0
[  660.710833][T22465] svc: failed to register nfsaclv3 RPC service (errno 111).
[  660.717569][T21581] kmem: usage 4828kB, limit 9007199254740988kB, failcnt 0
[  660.730271][T21581] Memory cgroup stats for /syz1:
[  660.730428][T21581] cache 306003968
[  660.740018][T22467] vivid-009: =================  START STATUS  =================
[  660.741981][T21581] rss 2347008
[  660.754533][T21581] rss_huge 2097152
[  660.758985][T21581] shmem 306003968
[  660.763408][T21581] mapped_file 0
[  660.767555][T21581] dirty 0
[  660.771070][T21581] writeback 0
[  660.775064][T21581] workingset_refault_anon 19644
[  660.780867][T21581] workingset_refault_file 405
[  660.786636][T21581] swap 125894656
[  660.790972][T21581] swapcached 1265664
[  660.795699][T21581] pgpgin 1989332
[  660.797233][T22467] vivid-009: Enable Output Cropping: true
[  660.800420][T21581] pgpgout 1930605
[  660.811265][T21581] pgfault 1036220
[  660.816214][T21581] pgmajfault 2374
[  660.817253][T22467] vivid-009: Enable Output Composing: true
[  660.823495][T21581] inactive_anon 224210944
[  660.832937][T21581] active_anon 85405696
[  660.835022][T22467] vivid-009: Enable Output Scaler: true
[  660.839616][T21581] inactive_file 0
[  660.847878][T22467] vivid-009: Tx RGB Quantization Range: Automatic
[  660.849894][T21581] active_file 0
[  660.857745][T22467] vivid-009: Transmit Mode: HDMI
[  660.861544][T21581] unevictable 0
[  660.870307][T22467] vivid-009: Hotplug Present: 0x00000000
[  660.877001][T21581] hierarchical_memory_limit 314572800
[  660.878937][T22467] vivid-009: RxSense Present: 0x00000000
[  660.893645][T21581] hierarchical_memsw_limit 9223372036854771712
[  660.897366][T22467] vivid-009: EDID Present: 0x00000000
[  660.905222][T21581] total_cache 306003968
[  660.914490][T22467] vivid-009: ==================  END STATUS  ==================
[  660.920345][T21581] total_rss 2347008
[  660.935086][T21581] total_rss_huge 2097152
[  660.940237][T21581] total_shmem 306003968
[  660.951510][T21581] total_mapped_file 0
[  660.965995][T21581] total_dirty 0
[  660.971744][T21581] total_writeback 0
[  660.977459][T21581] total_workingset_refault_anon 19644
[  660.987443][T21581] total_workingset_refault_file 405
[  661.018005][T21581] total_swap 125894656
[  661.022901][T21581] total_swapcached 1265664
[  661.043590][T21581] total_pgpgin 1989332
[  661.048652][T21581] total_pgpgout 1930605
[  661.069790][T21581] total_pgfault 1036220
[  661.076627][T21581] total_pgmajfault 2374
[  661.081613][T21581] total_inactive_anon 224210944
[  661.099141][T21581] total_active_anon 85405696
[  661.113691][T21581] total_inactive_file 0
[  661.122279][T21581] total_active_file 0
[  661.132645][T21581] total_unevictable 0
[  661.143584][T21581] anon_cost 0
[  661.147533][T21581] file_cost 0
[  661.163906][T21581] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3707,pid=21600,uid=0
[  661.206240][T21581] Memory cgroup out of memory: Killed process 21600 (syz.1.3707) total-vm:102632kB, anon-rss:3072kB, file-rss:23260kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  661.278719][T22489] Invalid ELF header magic: != ELF
[  661.303761][T22495] Invalid logical block size (768)
[  661.694636][T22489] Invalid ELF header magic: != ELF
[  662.929534][T22533] could not allocate digest TFM handle 
[  663.474404][   T31] oom_reaper: reaped process 21600 (syz.1.3707), now anon-rss:184kB, file-rss:20672kB, shmem-rss:0kB
[  665.232912][T22559] bridge0: port 3(hsr0) entered blocking state
[  665.301639][T22559] bridge0: port 3(hsr0) entered disabled state
[  665.435990][T22559] hsr0: entered allmulticast mode
[  665.442185][T22559] hsr_slave_0: entered allmulticast mode
[  665.471962][T22559] hsr_slave_1: entered allmulticast mode
[  665.486893][T22559] hsr0: entered promiscuous mode
[  665.522301][T22559] bridge0: port 3(hsr0) entered blocking state
[  665.529783][T22559] bridge0: port 3(hsr0) entered forwarding state
[  666.586011][T22613] mkiss: ax0: crc mode is auto.
[  667.059675][T22626] Invalid logical block size (768)
[  668.432632][T22670] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3961'.
[  668.543751][T22670] lo: entered promiscuous mode
[  668.587578][T22669] lo: left promiscuous mode
[  668.819246][T22685] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3963'.
[  668.877927][T22687] Invalid logical block size (768)
[  668.992864][T22684] base_sock_release(ffff88805079d400) sk=ffff88807ec55000
[  669.521261][T22705] queue_state_write: unsupported operation ''
[  669.539017][T22705] queue_state_write: use 'run', 'start' or 'kick'
[  669.974276][T22728] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3974'.
[  670.824826][   T29] audit: type=1800 audit(8277292087.323:29): pid=22760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3981" name="discovery_nqn" dev="configfs" ino=88100 res=0 errno=0
[  672.090749][T22787] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[  672.148207][T22787] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  672.309298][T22794] netlink: ct family unspecified
[  672.516808][T22805] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3991'.
[  673.215433][T22814] ieee80211 phy33: Selected rate control algorithm 'minstrel_ht'
[  673.656217][T22832] kafs: addr_prefs: Invalid Command
[  673.823565][   T29] audit: type=1804 audit(8277292090.312:30): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  673.849328][T22836] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3997'.
[  673.910070][   T29] audit: type=1804 audit(8277292090.312:31): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  673.926152][T22740] Process accounting paused
[  673.977762][   T29] audit: type=1804 audit(8277292090.312:32): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  674.054682][   T29] audit: type=1804 audit(8277292090.312:33): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  674.131753][   T29] audit: type=1804 audit(8277292090.322:34): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  674.200128][   T29] audit: type=1804 audit(8277292090.322:35): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  674.252706][   T29] audit: type=1804 audit(8277292090.322:36): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  674.320484][   T29] audit: type=1804 audit(8277292090.322:37): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  674.396483][   T29] audit: type=1804 audit(8277292090.322:38): pid=22838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3998" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=22 res=1 errno=0
[  674.940711][T22860] Invalid logical block size (768)
[  675.734522][T22887] unsupported nla_type 32969
[  676.039794][T22894] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  677.433366][T22920] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4017'.
[  677.646887][T22920] vxcan1: entered promiscuous mode
[  678.112578][T22948] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4019'.
[  679.949054][T22993] dlm: non-version read from control device 0
[  681.572070][T23033] HfR: entered promiscuous mode
[  683.955127][T23079] Invalid logical block size (768)
[  685.550042][T23111] base_sock_release(ffff88807ebe8c00) sk=ffff888024b64000
[  686.957770][T23133] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4054'.
[  687.947234][T23147] Invalid logical block size (768)
[  690.188837][T23185] netlink: 'syz.1.4067': attribute type 2 has an invalid length.
[  690.676450][T23198] MTRR 1 not used
[  691.083693][T23210] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4073'.
[  691.829882][T23221] netlink: 'syz.2.4077': attribute type 13 has an invalid length.
[  693.723992][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  693.724010][   T29] audit: type=1326 audit(8277292110.212:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23250 comm="syz.2.4085" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc2a4b85d29 code=0x0
[  694.046242][T23255] base_sock_release(ffff88809e8a1e00) sk=ffff88807d8bb000
[  694.854888][T23297] Invalid logical block size (768)
[  695.291910][T23317] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4095'.
[  695.324746][T23317] ipvlan0: entered promiscuous mode
[  695.340681][T23317] ipvlan0: entered allmulticast mode
[  695.360672][T23317] veth0_vlan: entered allmulticast mode
[  695.751632][T23324] ieee80211 phy34: Selected rate control algorithm 'minstrel_ht'
[  696.192302][T23346] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4103'.
[  696.222332][T23346] netdevsim netdevsim0 netdevsim2: entered allmulticast mode
[  696.254861][T23347] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4104'.
[  696.336904][T23347] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4104'.
[  697.452753][T23381] [U] ����j�FDU6CH6=F��H��!2�j�����cnɆd}���~R$�'�9Y��	(�-iY
O4��Զ���#��x)�� V{`+墋ns�����Q��ā۝W�(Y`mq��v���W����7��ʊ��we��f�=pƓ���W6�,��F��z�0m�~Lb3�C4 �s7�wU<��|�ߚ�e�c~���V��
������!h:��;ק�xT�^��T�fJ��|#�y�L�n����È�bL�n����È�b*'F�
[  697.485312][T23381] [U] 
[  697.488549][T23381] [U] 
[  697.491775][T23381] [U] 
[  697.562367][T23381] [U] 
[  697.565617][T23381] [U] 
[  697.568848][T23381] [U] 
[  697.572078][T23381] [U] 
[  697.575554][T23381] [U] 
[  697.578787][T23381] [U] 
[  697.582017][T23381] [U] 
[  697.585244][T23381] [U] 
[  697.634984][T23381] [U] 
[  697.638235][T23381] [U] 
[  697.641464][T23381] [U] 
[  697.644695][T23381] [U] 
[  697.681995][T23381] [U] 
[  697.685240][T23381] [U] 
[  697.688483][T23381] [U] 
[  697.691720][T23381] [U] 
[  697.714167][T23381] [U] 
[  697.717413][T23381] [U] 
[  697.720642][T23381] [U] 
[  697.723870][T23381] [U] 
[  697.754117][T23381] [U] 
[  697.757362][T23381] [U] 
[  697.760594][T23381] [U] 
[  697.763826][T23381] [U] 
[  697.782187][T23381] [U] 
[  697.785428][T23381] [U] 
[  697.788666][T23381] [U] 
[  697.791895][T23381] [U] 
[  697.812032][T23381] [U] 
[  697.815277][T23381] [U] 
[  697.818509][T23381] [U] 
[  697.821734][T23381] [U] 
[  697.842229][T23381] [U] 
[  697.845477][T23381] [U] 
[  697.848706][T23381] [U] 
[  697.851931][T23381] [U] 
[  697.882167][T23381] [U] 
[  697.885414][T23381] [U] 
[  697.888647][T23381] [U] 
[  697.891872][T23381] [U] 
[  697.902540][T23381] [U] 
[  697.905781][T23381] [U] 
[  697.909010][T23381] [U] 
[  697.912240][T23381] [U] 
[  697.932569][T23381] [U] 
[  697.935809][T23381] [U] 
[  697.939043][T23381] [U] 
[  697.942272][T23381] [U] 
[  697.945500][T23381] [U] 
[  697.972279][T23381] [U] 
[  697.975525][T23381] [U] 
[  697.978749][T23381] [U] 
[  697.981975][T23381] [U] 
[  698.002156][T23381] [U] 
[  698.005401][T23381] [U] 
[  698.008636][T23381] [U] 
[  698.011868][T23381] [U] 
[  698.022619][T23381] [U] 
[  698.025859][T23381] [U] 
[  698.029086][T23381] [U] 
[  698.032316][T23381] [U] 
[  698.053912][T23381] [U] 
[  698.057157][T23381] [U] 
[  698.060386][T23381] [U] 
[  698.063615][T23381] [U] 
[  698.092255][T23381] [U] 
[  698.095503][T23381] [U] 
[  698.098729][T23381] [U] 
[  698.101959][T23381] [U] 
[  698.112759][T23381] [U] 
[  698.116001][T23381] [U] 
[  698.119232][T23381] [U] 
[  698.122473][T23381] [U] 
[  698.142276][T23381] [U] 
[  698.145526][T23381] [U] 
[  698.148755][T23381] [U] 
[  698.151983][T23381] [U] 
[  698.182298][T23381] [U] 
[  698.185547][T23381] [U] 
[  698.188774][T23381] [U] 
[  698.191997][T23381] [U] 
[  698.217739][T23381] [U] 
[  698.220980][T23381] [U] 
[  698.224210][T23381] [U] 
[  698.227443][T23381] [U] 
[  698.247102][T23381] [U] 
[  698.250344][T23381] [U] 
[  698.253580][T23381] [U] 
[  698.256811][T23381] [U] 
[  698.309892][T23391] netlink: 'syz.2.4112': attribute type 10 has an invalid length.
[  698.330510][T23391] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4112'.
[  699.395323][T23397] FAULT_INJECTION: forcing a failure.
[  699.395323][T23397] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  699.435573][T23397] CPU: 1 UID: 0 PID: 23397 Comm: syz.2.4113 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  699.448502][T23397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  699.460576][T23397] Call Trace:
[  699.464504][T23397]  <TASK>
[  699.468017][T23397]  dump_stack_lvl+0x16c/0x1f0
[  699.473639][T23397]  should_fail_ex+0x497/0x5b0
[  699.479260][T23397]  _copy_from_user+0x2e/0xd0
[  699.484777][T23397]  snd_seq_oss_write+0x398/0x7b0
[  699.490710][T23397]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  699.497260][T23397]  ? rcu_is_watching+0x12/0xc0
[  699.502978][T23397]  ? lock_release+0x4e2/0x6f0
[  699.508587][T23397]  ? apparmor_file_permission+0x251/0x400
[  699.515467][T23397]  ? __pfx_odev_write+0x10/0x10
[  699.521294][T23397]  odev_write+0x51/0xa0
[  699.526283][T23397]  vfs_write+0x24c/0x1150
[  699.531486][T23397]  ? __fget_files+0x1fc/0x3a0
[  699.537104][T23397]  ? __pfx_lock_release+0x10/0x10
[  699.543135][T23397]  ? __pfx_vfs_write+0x10/0x10
[  699.548856][T23397]  ? __fget_files+0x40/0x3a0
[  699.554370][T23397]  ? lock_acquire+0x2f/0xb0
[  699.559770][T23397]  ? __fget_files+0x40/0x3a0
[  699.565286][T23397]  ? __fget_files+0x206/0x3a0
[  699.570908][T23397]  ksys_write+0x12b/0x250
[  699.576109][T23397]  ? __pfx_ksys_write+0x10/0x10
[  699.581930][T23397]  ? rcu_is_watching+0x12/0xc0
[  699.587653][T23397]  ? rcu_is_watching+0x12/0xc0
[  699.593374][T23397]  do_syscall_64+0xcd/0x250
[  699.598785][T23397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.605868][T23397] RIP: 0033:0x7fc2a4b85d29
[  699.611161][T23397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  699.634691][T23397] RSP: 002b:00007fc2a58db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  699.644786][T23397] RAX: ffffffffffffffda RBX: 00007fc2a4d76080 RCX: 00007fc2a4b85d29
[  699.654351][T23397] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  699.665059][T23397] RBP: 00007fc2a58db090 R08: 0000000000000000 R09: 0000000000000000
[  699.674621][T23397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  699.684181][T23397] R13: 0000000000000000 R14: 00007fc2a4d76080 R15: 00007ffd7d5d9218
[  699.693752][T23397]  </TASK>
[  699.703417][T22413] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  700.385211][T23411] netlink: 'syz.2.4118': attribute type 4 has an invalid length.
[  700.433966][T23411] netlink: 'syz.2.4118': attribute type 32 has an invalid length.
[  700.489667][T23411] netlink: 46 bytes leftover after parsing attributes in process `syz.2.4118'.
[  700.695144][T23417] Invalid logical block size (768)
[  700.873492][T23422] Invalid logical block size (768)
[  701.245065][T23434] FAULT_INJECTION: forcing a failure.
[  701.245065][T23434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  701.340050][T23434] CPU: 0 UID: 0 PID: 23434 Comm: syz.0.4124 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  701.352986][T23434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  701.365053][T23434] Call Trace:
[  701.368983][T23434]  <TASK>
[  701.372494][T23434]  dump_stack_lvl+0x16c/0x1f0
[  701.378118][T23434]  should_fail_ex+0x497/0x5b0
[  701.383742][T23434]  _copy_from_user+0x2e/0xd0
[  701.389264][T23434]  snd_seq_oss_write+0x4fc/0x7b0
[  701.395204][T23434]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  701.401773][T23434]  ? rcu_is_watching+0x12/0xc0
[  701.407500][T23434]  ? lock_release+0x4e2/0x6f0
[  701.413121][T23434]  ? apparmor_file_permission+0x251/0x400
[  701.420003][T23434]  ? __pfx_odev_write+0x10/0x10
[  701.425828][T23434]  odev_write+0x51/0xa0
[  701.430820][T23434]  vfs_write+0x24c/0x1150
[  701.436019][T23434]  ? __fget_files+0x1fc/0x3a0
[  701.441637][T23434]  ? __pfx_lock_release+0x10/0x10
[  701.447666][T23434]  ? __pfx_vfs_write+0x10/0x10
[  701.453389][T23434]  ? __fget_files+0x40/0x3a0
[  701.458904][T23434]  ? lock_acquire+0x2f/0xb0
[  701.464306][T23434]  ? __fget_files+0x40/0x3a0
[  701.469825][T23434]  ? __fget_files+0x206/0x3a0
[  701.475446][T23434]  ksys_write+0x12b/0x250
[  701.480647][T23434]  ? __pfx_ksys_write+0x10/0x10
[  701.486477][T23434]  ? rcu_is_watching+0x12/0xc0
[  701.492205][T23434]  ? rcu_is_watching+0x12/0xc0
[  701.497929][T23434]  do_syscall_64+0xcd/0x250
[  701.503347][T23434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.510436][T23434] RIP: 0033:0x7f2ea2f85d29
[  701.515732][T23434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  701.539261][T23434] RSP: 002b:00007f2ea3e30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  701.549362][T23434] RAX: ffffffffffffffda RBX: 00007f2ea3176080 RCX: 00007f2ea2f85d29
[  701.558928][T23434] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  701.568493][T23434] RBP: 00007f2ea3e30090 R08: 0000000000000000 R09: 0000000000000000
[  701.578055][T23434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  701.587616][T23434] R13: 0000000000000000 R14: 00007f2ea3176080 R15: 00007ffd7010dfc8
[  701.597189][T23434]  </TASK>
[  701.906547][T23448] netlink: 'syz.0.4128': attribute type 27 has an invalid length.
[  701.916543][T23448] netlink: 146 bytes leftover after parsing attributes in process `syz.0.4128'.
[  702.254427][T23459] Invalid logical block size (768)
[  702.914670][T22413] Bluetooth: hci4: command 0x0c1a tx timeout
[  702.927439][T23420] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  703.739036][T23420] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  703.758057][T23420] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  703.785084][T23420] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  704.068048][T23479] FAULT_INJECTION: forcing a failure.
[  704.068048][T23479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  704.127146][T23479] CPU: 0 UID: 0 PID: 23479 Comm: syz.1.4136 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  704.140091][T23479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  704.152160][T23479] Call Trace:
[  704.156088][T23479]  <TASK>
[  704.159606][T23479]  dump_stack_lvl+0x16c/0x1f0
[  704.165223][T23479]  should_fail_ex+0x497/0x5b0
[  704.170852][T23479]  _copy_from_user+0x2e/0xd0
[  704.176368][T23479]  snd_seq_oss_write+0x398/0x7b0
[  704.182304][T23479]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  704.188862][T23479]  ? rcu_is_watching+0x12/0xc0
[  704.194586][T23479]  ? lock_release+0x4e2/0x6f0
[  704.200200][T23479]  ? apparmor_file_permission+0x251/0x400
[  704.207079][T23479]  ? __pfx_odev_write+0x10/0x10
[  704.212904][T23479]  odev_write+0x51/0xa0
[  704.217891][T23479]  vfs_write+0x24c/0x1150
[  704.223093][T23479]  ? __fget_files+0x1fc/0x3a0
[  704.228709][T23479]  ? __pfx_lock_release+0x10/0x10
[  704.234748][T23479]  ? __pfx_vfs_write+0x10/0x10
[  704.240468][T23479]  ? __fget_files+0x40/0x3a0
[  704.245982][T23479]  ? lock_acquire+0x2f/0xb0
[  704.251388][T23479]  ? __fget_files+0x40/0x3a0
[  704.256910][T23479]  ? __fget_files+0x206/0x3a0
[  704.262530][T23479]  ksys_write+0x12b/0x250
[  704.267729][T23479]  ? __pfx_ksys_write+0x10/0x10
[  704.273556][T23479]  ? rcu_is_watching+0x12/0xc0
[  704.279283][T23479]  ? rcu_is_watching+0x12/0xc0
[  704.285012][T23479]  do_syscall_64+0xcd/0x250
[  704.290435][T23479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.297520][T23479] RIP: 0033:0x7f37bb185d29
[  704.302818][T23479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  704.326345][T23479] RSP: 002b:00007f37b8ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  704.336444][T23479] RAX: ffffffffffffffda RBX: 00007f37bb376080 RCX: 00007f37bb185d29
[  704.346011][T23479] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  704.355575][T23479] RBP: 00007f37b8ff6090 R08: 0000000000000000 R09: 0000000000000000
[  704.365141][T23479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  704.374716][T23479] R13: 0000000000000000 R14: 00007f37bb376080 R15: 00007ffcbbc01548
[  704.384291][T23479]  </TASK>
[  704.459943][T23476] Process accounting resumed
[  704.792547][T23500] Invalid logical block size (768)
[  704.996379][T22413] Bluetooth: hci0: command 0x0c1a tx timeout
[  705.796289][T22413] Bluetooth: hci1: command 0x0c1a tx timeout
[  705.803519][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  706.203313][T23524] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.4147'.
[  706.268193][T23526] vivid-003: =================  START STATUS  =================
[  706.295786][T23526] vivid-003: Radio HW Seek Mode: Bounded
[  706.320220][T23526] vivid-003: Radio Programmable HW Seek: false
[  706.336717][T23526] vivid-003: RDS Rx I/O Mode: Block I/O
[  706.343471][T23526] vivid-003: Generate RBDS Instead of RDS: false
[  706.357210][T23526] vivid-003: RDS Reception: true
[  706.376340][T23526] vivid-003: RDS Program Type: 0 inactive
[  706.399160][T23526] vivid-003: RDS PS Name:  inactive
[  706.419544][T23526] vivid-003: RDS Radio Text:  inactive
[  706.444802][T23526] vivid-003: RDS Traffic Announcement: false inactive
[  706.453663][T23526] vivid-003: RDS Traffic Program: false inactive
[  706.464036][T23526] vivid-003: RDS Music: false inactive
[  706.471432][T23526] vivid-003: ==================  END STATUS  ==================
[  706.695634][T23538] Process accounting resumed
[  706.985125][T23541] Invalid ELF header magic: != ELF
[  707.277218][T23552] block mtdblock0: the capability attribute has been deprecated.
[  708.535322][T23582] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4161'.
[  708.591731][T23582] ip_vti0: entered promiscuous mode
[  709.255649][T23593] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  709.268705][T23593] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  710.208105][T23607] Invalid logical block size (768)
[  711.691912][   T29] audit: type=1804 audit(4294968326.513:56): pid=23622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4172" name="/newroot/sys/kernel/tracing/tracing_on" dev="tracefs" ino=139 res=1 errno=0
[  713.049630][T23648] Invalid logical block size (768)
[  713.696145][T23677] Invalid ELF header magic: != ELF
[  720.878308][T23792] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[  721.128246][T23792] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4213'.
[  723.122451][T23839] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4225'.
[  723.148349][T23839] : renamed from bond_slave_1 (while UP)
[  723.610478][T22759] syz.4.3977 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  723.622645][T22759] CPU: 1 UID: 0 PID: 22759 Comm: syz.4.3977 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  723.635571][T22759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  723.647636][T22759] Call Trace:
[  723.651568][T22759]  <TASK>
[  723.655090][T22759]  dump_stack_lvl+0x16c/0x1f0
[  723.660717][T22759]  dump_header+0x101/0x900
[  723.666032][T22759]  oom_kill_process+0x270/0xa60
[  723.671866][T22759]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  723.678633][T22759]  out_of_memory+0x351/0x1700
[  723.684257][T22759]  ? __pfx_out_of_memory+0x10/0x10
[  723.690400][T22759]  ? rcu_read_unlock+0x17/0x60
[  723.696131][T22759]  ? __pfx_lock_release+0x10/0x10
[  723.702166][T22759]  mem_cgroup_out_of_memory+0x207/0x270
[  723.708830][T22759]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  723.716115][T22759]  ? do_raw_spin_unlock+0x172/0x230
[  723.722362][T22759]  try_charge_memcg+0x54c/0xaf0
[  723.728202][T22759]  ? __pfx_try_charge_memcg+0x10/0x10
[  723.734659][T22759]  ? trace_lock_acquire+0x14e/0x1f0
[  723.740906][T22759]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  723.747463][T22759]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  723.754021][T22759]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[  723.760683][T22759]  __mem_cgroup_charge+0x9b/0x280
[  723.766730][T22759]  shmem_alloc_and_add_folio+0x507/0xc00
[  723.773494][T22759]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  723.780889][T22759]  ? shmem_allowable_huge_orders+0xd0/0x410
[  723.787967][T22759]  shmem_get_folio_gfp+0x689/0x1530
[  723.794214][T22759]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  723.800979][T22759]  ? lock_release+0x4e2/0x6f0
[  723.806591][T22759]  ? follow_page_pte+0x374/0x1b20
[  723.812629][T22759]  ? rcu_is_watching+0x12/0xc0
[  723.818355][T22759]  shmem_write_begin+0x161/0x300
[  723.824289][T22759]  ? __pfx_shmem_write_begin+0x10/0x10
[  723.830844][T22759]  ? timestamp_truncate+0x21f/0x2e0
[  723.837091][T22759]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  723.845331][T22759]  generic_perform_write+0x2ba/0x920
[  723.851686][T22759]  ? __pfx_generic_perform_write+0x10/0x10
[  723.858662][T22759]  ? inode_needs_update_time.part.0+0x191/0x270
[  723.866157][T22759]  shmem_file_write_iter+0x10e/0x140
[  723.872488][T22759]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  723.879434][T22759]  __kernel_write_iter+0x318/0xa80
[  723.885548][T22759]  ? __pfx___kernel_write_iter+0x10/0x10
[  723.892313][T22759]  ? get_dump_page+0x15b/0x230
[  723.898011][T22759]  ? __pfx___might_resched+0x10/0x10
[  723.904328][T22759]  ? copy_mc_enhanced_fast_string+0xa/0x13
[  723.911274][T22759]  dump_user_range+0x389/0x8c0
[  723.916986][T22759]  ? __pfx_dump_user_range+0x10/0x10
[  723.923345][T22759]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  723.930741][T22759]  ? __pfx_writenote+0x10/0x10
[  723.936455][T22759]  elf_core_dump+0x2787/0x3880
[  723.942153][T22759]  ? __pfx_elf_core_dump+0x10/0x10
[  723.948272][T22759]  ? kasan_save_stack+0x42/0x60
[  723.954073][T22759]  ? kasan_save_stack+0x33/0x60
[  723.959879][T22759]  ? kasan_save_track+0x14/0x30
[  723.965177][T23862] ------------[ cut here ]------------
[  723.965679][T22759]  ? __kasan_kmalloc+0xaa/0xb0
[  723.965712][T22759]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  723.972226][T23862] platform vkms: [drm] vblank wait timed out on crtc 0
[  723.977902][T22759]  ? do_coredump+0x1665/0x43e0
[  723.977936][T22759]  ? get_signal+0x23f3/0x2610
[  723.977969][T22759]  ? mas_ascend+0x519/0x930
[  723.992709][T23862] WARNING: CPU: 0 PID: 23862 at drivers/gpu/drm/drm_vblank.c:1307 drm_wait_one_vblank+0x334/0x550
[  723.998371][T22759]  ? rcu_is_watching+0x12/0xc0
[  723.998404][T22759]  ? trace_lock_acquire+0x14e/0x1f0
[  723.998434][T22759]  ? __pfx_sort+0x10/0x10
[  724.004117][T23862] Modules linked in:
[  724.009385][T22759]  ? get_signal+0x23f3/0x2610
[  724.009417][T22759]  ? do_coredump+0x2dd5/0x43e0
[  724.009449][T22759]  do_coredump+0x2dd5/0x43e0
[  724.022126][T23862] 
[  724.027786][T22759]  ? __pfx_do_coredump+0x10/0x10
[  724.027819][T22759]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  724.027869][T22759]  ? rcu_is_watching+0x12/0xc0
[  724.027899][T22759]  get_signal+0x23f3/0x2610
[  724.027929][T22759]  ? __pfx_get_signal+0x10/0x10
[  724.027955][T22759]  ? __pfx_force_sig+0x10/0x10
[  724.027981][T22759]  arch_do_signal_or_restart+0x90/0x7e0
[  724.028014][T22759]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  724.028050][T22759]  ? trace_irq_disable.constprop.0+0xea/0x140
[  724.028077][T22759]  ? rcu_is_watching+0x12/0xc0
[  724.034267][T23862] CPU: 0 UID: 0 PID: 23862 Comm: syz.0.4231 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  724.039420][T22759]  irqentry_exit_to_user_mode+0x13f/0x280
[  724.039452][T22759]  asm_exc_stack_segment+0x26/0x30
[  724.039481][T22759] RIP: 0033:0x7fd5b9385d31
[  724.039500][T22759] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  724.039521][T22759] RSP: 002b:7fffffffffffffff EFLAGS: 00010217
[  724.039541][T22759] RAX: 0000000000000000 RBX: 00007fd5b9576240 RCX: 00007fd5b9385d29
[  724.039556][T22759] RDX: ffffffffffffffff RSI: 7fffffffffffffff RDI: 0000000000000007
[  724.039571][T22759] RBP: 00007fd5b9401b08 R08: 0000000000000001 R09: 0000000000000000
[  724.039586][T22759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  724.039601][T22759] R13: 0000000000000000 R14: 00007fd5b9576240 R15: 00007ffd900a41b8
[  724.039624][T22759]  </TASK>
[  724.039685][    C1] vkms_vblank_simulate: vblank timer overrun
[  724.044368][T23862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  724.060769][T22759] memory: usage 307200kB, limit 307200kB, failcnt 15323
[  724.061400][T23862] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  724.064232][T22759] memory+swap: usage 425608kB, limit 9007199254740988kB, failcnt 0
[  724.070373][T23862] Code: 85 ed 0f 84 54 01 00 00 e8 39 8f 64 fc 4c 89 e7 e8 f1 57 88 00 89 e9 4c 89 ea 48 c7 c7 40 2f c7 8b 48 89 c6 e8 0d 57 25 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 0e 8f 64 fc 90 48 8d 7b 08 48 b8 00
[  724.130233][T22759] kmem: usage 5096kB, limit 9007199254740988kB, failcnt 0
[  724.141035][T23862] RSP: 0018:ffffc9000d577b28 EFLAGS: 00010286
[  724.141060][T23862] RAX: 0000000000000000 RBX: ffff888024ba0000 RCX: ffffc9000f9bc000
[  724.141077][T23862] RDX: 0000000000080000 RSI: ffffffff815a17d6 RDI: 0000000000000001
[  724.141092][T23862] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  724.141108][T23862] R10: 0000000000000001 R11: 205d393537323254 R12: ffff888025546010
[  724.170307][T22759] Memory cgroup stats for 
[  724.183601][T23862] R13: ffff888024d60560 R14: 1ffff92001aaef67 R15: 000000000000a79f
[  724.213720][T22759] /syz4
[  724.219621][T23862] FS:  00007f2ea3e516c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  724.251823][T22759] :
[  724.262301][T23862] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  724.262323][T23862] CR2: 00007f2ea3e0fd58 CR3: 0000000027578000 CR4: 00000000003526f0
[  724.365394][T22759] cache 302206976
[  724.366094][T23862] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  724.379209][T22759] rss 4096000
[  724.380737][T23862] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  724.384593][T22759] rss_huge 0
[  724.394547][T23862] Call Trace:
[  724.394558][T23862]  <TASK>
[  724.394567][T23862]  ? __warn+0xea/0x3c0
[  724.394602][T23862]  ? preempt_schedule_notrace+0x62/0xe0
[  724.394632][T23862]  ? drm_wait_one_vblank+0x334/0x550
[  724.394669][T23862]  ? report_bug+0x3c0/0x580
[  724.394697][T23862]  ? handle_bug+0x54/0xa0
[  724.394729][T23862]  ? exc_invalid_op+0x17/0x50
[  724.394761][T23862]  ? asm_exc_invalid_op+0x1a/0x20
[  724.400777][T22759] shmem 302206976
[  724.405581][T23862]  ? __warn_printk+0x1a6/0x350
[  724.416495][T22759] mapped_file 33959936
[  724.419549][T23862]  ? drm_wait_one_vblank+0x334/0x550
[  724.434254][T22759] dirty 0
[  724.442800][T23862]  ? drm_wait_one_vblank+0x333/0x550
[  724.451962][T22759] writeback 0
[  724.454118][T23862]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  724.459230][T22759] workingset_refault_anon 5524
[  724.465902][T23862]  ? __pfx_autoremove_wake_function+0x10/0x10
[  724.475002][T22759] workingset_refault_file 46
[  724.477709][T23862]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  724.483209][T22759] swap 121249792
[  724.488330][T23862]  ? drm_vblank_get+0x150/0x280
[  724.488370][T23862]  drm_fb_helper_ioctl+0x156/0x1a0
[  724.488395][T23862]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  724.488418][T23862]  do_fb_ioctl+0x3d4/0x7d0
[  724.488447][T23862]  ? __pfx_do_fb_ioctl+0x10/0x10
[  724.488478][T23862]  ? do_vfs_ioctl+0x513/0x1950
[  724.488504][T23862]  ? kmem_cache_free+0x152/0x4c0
[  724.497522][T22759] swapcached 2883584
[  724.498929][T23862]  ? __fget_files+0x206/0x3a0
[  724.504771][T22759] pgpgin 802099
[  724.509390][T23862]  fb_ioctl+0xe5/0x150
[  724.509420][T23862]  ? __pfx_fb_ioctl+0x10/0x10
[  724.509449][T23862]  __x64_sys_ioctl+0x190/0x200
[  724.509474][T23862]  do_syscall_64+0xcd/0x250
[  724.509507][T23862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.509540][T23862] RIP: 0033:0x7f2ea2f85d29
[  724.509559][T23862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  724.509583][T23862] RSP: 002b:00007f2ea3e51038 EFLAGS: 00000246
[  724.519020][T22759] pgpgout 731213
[  724.519507][T23862]  ORIG_RAX: 0000000000000010
[  724.529060][T22759] pgfault 437791
[  724.529834][T23862] RAX: ffffffffffffffda RBX: 00007f2ea3175fa0 RCX: 00007f2ea2f85d29
[  724.543258][T22759] pgmajfault 923
[  724.549891][T23862] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000004
[  724.558254][T22759] inactive_anon 154300416
[  724.562216][T23862] RBP: 00007f2ea3001b08 R08: 0000000000000000 R09: 0000000000000000
[  724.562235][T23862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  724.567128][T22759] active_anon 154886144
[  724.572651][T23862] R13: 0000000000000000 R14: 00007f2ea3175fa0 R15: 00007ffd7010dfc8
[  724.581664][T22759] inactive_file 0
[  724.585474][T23862]  </TASK>
[  724.591034][T22759] active_file 0
[  724.596633][T23862] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  724.596647][T23862] CPU: 0 UID: 0 PID: 23862 Comm: syz.0.4231 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  724.596675][T23862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  724.596690][T23862] Call Trace:
[  724.596697][T23862]  <TASK>
[  724.596706][T23862]  dump_stack_lvl+0x3d/0x1f0
[  724.596740][T23862]  panic+0x71d/0x800
[  724.596771][T23862]  ? __pfx_panic+0x10/0x10
[  724.596802][T23862]  ? show_trace_log_lvl+0x29d/0x3d0
[  724.596832][T23862]  ? drm_wait_one_vblank+0x334/0x550
[  724.596868][T23862]  check_panic_on_warn+0xab/0xb0
[  724.596902][T23862]  __warn+0xf6/0x3c0
[  724.596931][T23862]  ? preempt_schedule_notrace+0x62/0xe0
[  724.596967][T23862]  ? drm_wait_one_vblank+0x334/0x550
[  724.597002][T23862]  report_bug+0x3c0/0x580
[  724.597028][T23862]  handle_bug+0x54/0xa0
[  724.597060][T23862]  exc_invalid_op+0x17/0x50
[  724.597092][T23862]  asm_exc_invalid_op+0x1a/0x20
[  724.597122][T23862] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  724.597159][T23862] Code: 85 ed 0f 84 54 01 00 00 e8 39 8f 64 fc 4c 89 e7 e8 f1 57 88 00 89 e9 4c 89 ea 48 c7 c7 40 2f c7 8b 48 89 c6 e8 0d 57 25 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 0e 8f 64 fc 90 48 8d 7b 08 48 b8 00
[  724.597183][T23862] RSP: 0018:ffffc9000d577b28 EFLAGS: 00010286
[  724.597203][T23862] RAX: 0000000000000000 RBX: ffff888024ba0000 RCX: ffffc9000f9bc000
[  724.597219][T23862] RDX: 0000000000080000 RSI: ffffffff815a17d6 RDI: 0000000000000001
[  724.597235][T23862] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  724.597250][T23862] R10: 0000000000000001 R11: 205d393537323254 R12: ffff888025546010
[  724.597266][T23862] R13: ffff888024d60560 R14: 1ffff92001aaef67 R15: 000000000000a79f
[  724.597287][T23862]  ? __warn_printk+0x1a6/0x350
[  724.597318][T23862]  ? drm_wait_one_vblank+0x333/0x550
[  724.597354][T23862]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  724.597390][T23862]  ? __pfx_autoremove_wake_function+0x10/0x10
[  724.597427][T23862]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  724.597455][T23862]  ? drm_vblank_get+0x150/0x280
[  724.597490][T23862]  drm_fb_helper_ioctl+0x156/0x1a0
[  724.597513][T23862]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  724.597535][T23862]  do_fb_ioctl+0x3d4/0x7d0
[  724.597564][T23862]  ? __pfx_do_fb_ioctl+0x10/0x10
[  724.597593][T23862]  ? do_vfs_ioctl+0x513/0x1950
[  724.597618][T23862]  ? kmem_cache_free+0x152/0x4c0
[  724.597659][T23862]  ? __fget_files+0x206/0x3a0
[  724.597689][T23862]  fb_ioctl+0xe5/0x150
[  724.597714][T23862]  ? __pfx_fb_ioctl+0x10/0x10
[  724.597741][T23862]  __x64_sys_ioctl+0x190/0x200
[  724.597764][T23862]  do_syscall_64+0xcd/0x250
[  724.597795][T23862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.597825][T23862] RIP: 0033:0x7f2ea2f85d29
[  724.597843][T23862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  724.597866][T23862] RSP: 002b:00007f2ea3e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  724.597889][T23862] RAX: ffffffffffffffda RBX: 00007f2ea3175fa0 RCX: 00007f2ea2f85d29
[  724.597906][T23862] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000004
[  724.597921][T23862] RBP: 00007f2ea3001b08 R08: 0000000000000000 R09: 0000000000000000
[  724.597936][T23862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  724.597951][T23862] R13: 0000000000000000 R14: 00007f2ea3175fa0 R15: 00007ffd7010dfc8
[  724.597978][T23862]  </TASK>
[  724.602673][T23862] Kernel Offset: disabled