last executing test programs: 9.737517568s ago: executing program 2 (id=120): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.1/power/runtime_status\x00', 0x400, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/hugetlb.1GB.rsvd.limit_in_bytes\x00', 0xc2481, 0x0) write$auto(r1, &(0x7f0000000040)='\xdb\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x8) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) r2 = timerfd_create$auto(0x9, 0x0) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)=""/49, 0x31) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, &(0x7f0000000000)={0xe8d, [0x2, 0xffffffff, 0x80000000], [{0x80, 0x2, 0x1, 0x1, 0x1}, {0x8000, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x6, 0x0, 0x1, 0x1}, {0x95, 0x400, 0x1, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x1}, {0x9, 0xfffffffe, 0x1, 0x1}, {0x1, 0xc1f, 0x1, 0x0, 0x1}, {0x2, 0xfe, 0x1, 0x0, 0x0, 0x1}, {0x3ff, 0x1, 0x0, 0x1, 0x1}, {0xc12, 0x5, 0x1, 0x0, 0x1}, {0x7ff, 0x4d3c, 0x0, 0x0, 0x1}, {0x2, 0x9, 0x1, 0x1, 0x1}], 0x7f, 0xfff, 0x3, 0x3, 0x6, 0x9, 0x80000000, "64b91cc75e50f9bfb73422d302bb9262ca4383f3137e87364ff62cfa69013312b39e05e3bb4c990e99e06e310552976c2f5b0732887c3a8873bae9024b524de3"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r3, &(0x7f00000001c0)={&(0x7f0000000200)="6044bb67f5459d8e4e1e504b25452ef3e83b0b52c8f49e50044485180830a1ed51282827b917476d5ad380335434bdb1c564508879b5e5d57f2e26b641f809355a93e70dbfaf2f0b63d20cbc16247dc38b5b9a471f4ae0e2e7ba7d1b81eb247c8f12d9dc892059ba5533480195d2cf6ae62b01db81c6a987ae4049f3c8a3792bfa2ffd7fe02e4488d3f8cb44073a7975173dbeb67b1bbce6f6dbdd6b06f4236720ac56b65894942276743116", 0x4}, 0x3) r5 = ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, 0x0) r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f0000000540)={0x0, 0x6, "7636151d9b02ba4db36efb8adaeb205490055c8160618a793bc0ef02be6b53ab874d163664e76626154e19585266b4280ac77b4953f03208c9d0d81de29f87c95b44caf734b5f2e59f69b0fe4a5494f48d5300607cd488d34e391975e1aa7743568be0d261cfaa4f9b6174c390954234be5d151787f0c9c66dc02b5a5a89a56682d58f67fb6efb456c4569af2df4c3e2fe0f9223c43727d728cc77183d2ceb9a4b6797048cd4d028ae420b7deabcd6b4a367d87ec44bbe2522223a45c3c8c504c1bae057da778451ca39ef604724c73e5f577cda46ab42dd3392401d1c9bf8ba15c8299371980687c12430b63a504592439e0580a6f2a60bed1efbb23b7596b3"}) socket(0x2a, 0x2, 0x1) writev$auto(r2, &(0x7f0000000100)={0x0, 0x27111}, 0x8) ioctl$auto(r5, 0x9, r6) sysfs$auto(0x0, 0x6, 0xc9ea) 8.44567154s ago: executing program 2 (id=126): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) unshare$auto(0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x24300, 0x0) socket(0xa, 0x5, 0x0) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) 6.911135866s ago: executing program 1 (id=130): mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (rerun: 32) socket(0x80000000000000a, 0x2, 0x0) (async, rerun: 32) r0 = socket(0xa, 0x801, 0x84) (rerun: 32) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) (async) r1 = getsockopt$auto(r0, 0x84, 0x6c, 0x0, &(0x7f0000000280)=0x1000c0) (async) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x24, 0x0, 0x10, 0x70bd2c, 0x25dfdbfa, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_FAMILY_NAME={0x0, 0x2, '%/\x00\xe2\xa8\\A\xe7Z\x02q[-\x00\x00\x00\x10\x00\xdf(\xff\xfee\xc3\x17py\x9f\xda\xb88\xaa\xf6q*\x82\xe6(\xc9\xe6B\x9aJ82\v-i(c\x92{\xd7D\xb4\xf7\xb4\t\xb2\x98b\xd3%vu\xd4\xfd\t\xd7J\x83\x19)\xb1\x00[\xdd(\xef?\xc5\xae(\x84\xefjx\xfe\xdb\xeb\xbceaAw\x1eW\x12Bh\xc3y2\xc9\x0e\xc9\x99#\x92j\x97\xbbDOi\x03\xa4\x11\x02Fr2}, 0xc7) fcntl$auto_F_OFD_SETLK(r5, 0x25, 0x75) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = getegid() setregid$auto(r7, r7) (async) msgctl$auto(0x2, 0x8, &(0x7f00000002c0)={{0xfffffe00, 0xee00, r7, 0x80, 0x5, 0x100, 0x5}, &(0x7f00000000c0)=0x9, &(0x7f0000000140)=0xf, 0x10f4, 0x10000, 0xc000000000000, 0x6, 0x9, 0x2, 0x8, 0x8, @inferred, @raw=0x3}) (async, rerun: 32) ioctl$auto(0x3, 0xae41, r6) (async, rerun: 32) ioctl$auto_KVM_CREATE_VM(r4, 0x4048aecb, 0x0) 6.847874136s ago: executing program 0 (id=131): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) exit$auto(0x5) (async) exit$auto(0x5) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x1003, 0xeb1, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x5, 0x0, 0x0, 0x0, 0x2) 6.642917969s ago: executing program 2 (id=132): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) r1 = socket(0x2, 0x2, 0x1) r2 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1b, r1, 0x10000}, 0x10) mmap$auto(0x80000000000, 0x9, 0xe994, 0x8000000008011, r2, 0x8000) process_madvise$auto_MADV_DONTNEED_LOCKED(r2, &(0x7f0000000180)={&(0x7f0000000080)="754ec7a1441b8eef92fc2b3677749ff2be1a0558ef916f8dd6e49e8fb4177f11d74597d1a9cd06dcc69a08c5ea60d4905a73e9b25cd62853760729dda9bb19c1f25d2fc06095e3457cd7d14c0d931385e81484ea25646599779c4683bf5c6b8784bd181e02d9d49dc8b7e2ad84ff987e73ea01ff30c50bd45e56a1b791b2e88b8025ed2253fd4e052b61e09f4c3a4f", 0x2}, 0x1, 0x18, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0xffff, 0x20000000) io_uring_setup$auto(0x80, &(0x7f00000001c0)={0xffff, 0x3, 0x8, 0x9c, 0xfffffffa, 0xfffffffe, r1, [0x9, 0x1ff, 0x5ce3], {0x2, 0x5, 0x2, 0xb4d, 0x5, 0x80, 0x7, 0x6, 0x8}, {0x100, 0x10, 0x4, 0x80, 0x8, 0xec9, 0x4, 0x6000000, 0x6}}) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) write$auto(0x3, 0x0, 0x100082) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x86) madvise$auto(0x0, 0xffffffffffff0001, 0x14) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) 6.241159641s ago: executing program 1 (id=133): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket(0x2, 0x1, 0x0) listen$auto(r0, 0x7) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xa200, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) timerfd_create$auto(0x9, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)=""/49, 0x31) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, &(0x7f0000000000)={0x8, [0x2, 0xffffffff, 0x80000000], [{0x80, 0x2, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x6, 0x0, 0x1, 0x1}, {0x94, 0x400, 0x1, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x1}, {0x9, 0xfffffffe, 0x1, 0x1}, {0x1, 0xc1f, 0x1, 0x0, 0x1}, {0x2, 0xfe, 0x1, 0x0, 0x0, 0x1}, {0x3ff, 0x1, 0x0, 0x1, 0x1}, {0xc12, 0xd11, 0x1, 0x0, 0x1}, {0x7ff, 0x4d3c, 0x0, 0x0, 0x1}, {0xffffffff, 0x7, 0x1, 0x1, 0x1}], 0x7f, 0xfff, 0x3, 0x3, 0x6, 0x9, 0x80000000, "64b91cc75e50f9bfb73422d302bb9262ca4383f3137e87364ff62cfa69013312b39e05e3bb4c990e99e06e310552976c2f5b0732887c3a8873bae9024b524de3"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r1, &(0x7f00000001c0)={&(0x7f0000000100)="6044bb67f5459d8e4e1e504b25452ef3e83b0b52c8f49e50044485180830a1ed51282827b917476d5ad380335434bdb1c564508879b5e5d57f2e26b641f809355a93e70dbfaf2f0b63d20cbc16247dc38b5b9a471f4ae0e2e7ba7d1b81eb247c8f12d9dc892059ba5533480195d2cf6ae62b01db81c6a987ae4049f3c8a3792bfa2ffd7fe02e4488d3f8cb44073a7975173dbeb67b1bbce6f6dbdd6b06f4236720ac56b65894942276743116", 0x4}, 0x3) r3 = ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, 0x0) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000000540)={0x0, 0x6, "7636151d9b02ba4db36efb8adaeb205490055c8160618a793bc0ef02be6b53ab874d163664e76626154e19585266b4280ac77b4953f03208c9d0d81de29f87c95b44caf734b5f2e59f69b0fe4a5494f48d5300607cd488d34e391975e1aa7743568be0d261cfaa4f9b6174c390954234be5d151787f0c9c66dc02b5a5a89a56682d58f67fb6efb456c4569af2df4c3e2fe0f9223c43727d728cc77183d2ceb9a4b6797048cd4d028ae420b7deabcd6b4a367d87ec44bbe2522223a45c3c8c504c1bae057da778451ca39ef604724c73e5f577cda46ab42dd3392401d1c9bf8ba15c8299371980687c12430b63a504592439e0580a6f2a60bed1efbb23b7596b3"}) ioctl$auto(r3, 0x9, r4) 5.745216985s ago: executing program 2 (id=135): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/014/001\x00', 0x40880, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(r0, 0x4, r1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/thread-self/net/if_inet6\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, 0x0, 0x0) r3 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip_vti0\x00'}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x4, 0x1ff, r3, @relative_id=0x8, 0xa}, 0xf) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) listmount$auto(&(0x7f0000000080)={0x2, @inferred=r4, 0x7fff, 0x0, 0x3}, &(0x7f0000000180)=0x8, 0xfffffffffffffffa, 0x7) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x22000, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) bpf$auto(0x5, 0x0, 0x4a) close_range$auto(0x0, 0xfffffffffffff000, 0x0) prctl$auto(0x34, 0x0, 0x0, 0x0, 0x0) r6 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000100)='/proc/devices\x00', 0x40002, 0x0) sendfile$auto(r6, r6, &(0x7f0000000040)=0x8010, 0x788b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000140)={0x4, 0x7, 0x8}) 5.706178388s ago: executing program 0 (id=136): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/010/001\x00', 0xa101, 0x0) ioctl$auto(r0, 0x551f, r0) capget$auto(0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) close_range$auto(0x2, 0x8000, 0x0) r1 = io_uring_setup$auto(0x3, 0x0) socket(0x18, 0x80009, 0x0) socket$nl_generic(0x10, 0x3, 0x10) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x84) socket(0x1d, 0x3, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/cec/cec20/status\x00', 0x80440, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC1\x00', 0x100000, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC0D0p\x00', 0x40, 0x0) r2 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) 4.569421452s ago: executing program 3 (id=137): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r1, 0x0, 0x7) ioctl$auto_EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x8, 0x80805, 0x0) close_range$auto(r1, r1, 0x4) r2 = socket(0xa, 0x5, 0x84) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x40000025, 0x400, 0x2}]}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x25, 0x5, 0x5) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6e) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r2, 0x84, 0xe, 0x0, &(0x7f0000000040)=0xb0) keyctl$auto_KEYCTL_CLEAR(0x7, 0x7, 0x9, 0x2, 0x4662) socket(0x2, 0x3, 0xa) timer_delete$auto(0x0) 4.409145613s ago: executing program 0 (id=138): mmap$auto(0x0, 0x40000d, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x4a, 0x0) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r2, 0x2275, r1) write$auto(r0, &(0x7f0000000000)='\x10\x00', 0x2fb) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) r3 = socket(0xa, 0x802, 0x3a) setsockopt$auto(r3, 0x29, 0x21, &(0x7f0000000880)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\xff\x1b\x01\x1e\xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\xf2Vw\xbe\x1c$\xddm\x8a\x9d\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5h\xae\xec%\xf9\x94>\xd6,\xf3\x98\'\xb0\t~~\xb4\x98\xbb3=A\x9c\x17\xaa\xce\fh-M\xdb-\x15VX\xfe\xca+\xb5\x95\xb3JL\x0fl\xe84\xbd\xa3nO\x9f\xfa\xb1\x06$\b$i3\x83\xd7\x06\xd6\x1e\xdbB\x9bb\x1cXC\x8c\x8b\xd9\xff\xf2Bf\x99!Z\x13\xff\xca\xf3e\x015\x9b\x86\xd6$\x1a\r3\x91\xb7\x942\xeb\xadVA\xfc\x1f\xbf1\xb7T\xc1\xbf\xc0\xc2\xfc\xe8w\xd33\xb2,\xb0\x9fA3\xc2\xa2\x1cM\x825\x94U\xbbNeb\xd2\xa9\x0f\xed\x8b\xea\xfa\x8a\x04.\xffMIw\x0f\xd6\xae^\xd2\xf1j\xcb\r\xa4\x1d0d\xca\x81\x9c\x80GL\x0e\xe6\x19\x8au\x1a7\xc5|\xf6\x1e\xe00\xc6\"\x83\x1c\xa2\x9e\a\x1c\xea\xa3\x9c\xe1BF\x05b\xf6\xdcf\x04\xd9B\xb9\x98\x9cq\xbd\xfb\xb5~\xf2\x8d\x9f`\xec\xd0\xafY\xcf\x84', 0x18000113) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "3d64dc8bff7fff7f610000000024"}, 0x55) mmap$auto(0x7, 0x400, 0x6, 0x15, r3, 0x7) write$auto(0x3, 0x0, 0xfdef) 4.086141148s ago: executing program 2 (id=139): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x400008, 0x1000df, 0x9b72, 0x2, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), r1) sendmsg$auto_OVS_VPORT_CMD_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x18, r2, 0x319, 0x70bd2c, 0x25dfdbf9, {}, [@OVS_VPORT_ATTR_OPTIONS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x44004}, 0x4000040) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x110c230000, 0x1, 0x9) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0xc) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, &(0x7f00000001c0)={0x7, 0x82, 0x1}, 0x5, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x20) close_range$auto(0x2, 0x8000, 0x0) socket(0x2b, 0x1, 0x1) r3 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) ioperm$auto(0x3, 0xe, 0x2000000000000149) r4 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) lseek$auto(r4, 0x4, 0x1) close_range$auto(0x0, 0xfffffffffffff001, 0x0) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x8) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9) copy_file_range$auto(r3, 0x0, r3, &(0x7f0000000080)=0x8, 0x2, 0x0) 3.983642712s ago: executing program 1 (id=140): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r1, 0x0, 0x7) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x8, 0x80805, 0x0) close_range$auto(r1, r1, 0x4) r3 = socket(0xa, 0x5, 0x84) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r5) ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x40000025, 0x400, 0x2}]}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x25, 0x5, 0x5) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6e) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r3, 0x84, 0xe, 0x0, &(0x7f0000000040)=0xb0) keyctl$auto_KEYCTL_CLEAR(0x7, 0x7, 0x9, 0x2, 0x4662) socket(0x2, 0x3, 0xa) timer_delete$auto(0x0) 3.428295753s ago: executing program 0 (id=141): r0 = socket(0x57, 0x2, 0x6) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = getsockopt$auto(r0, 0x6a, 0xea98, 0x0, 0x0) close_range$auto(0x2, r1, 0xfffffffd) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) (async) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) (async) r3 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r3, 0x0, 0x8fb5) (async) dup2$auto(0x0, 0x3) (async) sysfs$auto(0x1000006, 0x3, 0x81) r4 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) (async) read$auto(0x3, 0x0, 0x7fffffff) (async) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x202000d, 0x8000000002, 0xeb1, 0xffffffffffffffff, 0x8000) (async) unshare$auto(0x40000080) (async) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000227bd7000fcdbdf250a00000060000180140002006e65747063693000000000000000000008000300f8ffffff140002006d6163767461703000000000000000001400020067656e6576653000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08ffff0008000000"], 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x20) fcntl$auto(0x0, 0x407, 0x100000) (async) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="110000001265843a000000000000000000", 0x11) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x882, 0x0) ioctl$auto_SNDCTL_DSP_GETOSPACE(r5, 0x8010500c, &(0x7f0000000040)="8dd7c3ddaeba5429a5ddcebaed6bbc8b0819fd56073e8482b26b30aa82253ab9cf7da5358c0727") mmap$auto(0x0, 0x13, 0xdf, 0x9b72, 0x2, 0x8000) 3.214981125s ago: executing program 3 (id=142): mq_open$auto(&(0x7f0000000040)='\xb0&&/\x00', 0xe, 0x9, &(0x7f0000000080)={0x2, 0x8000, 0xfffffffffffffe01, 0xf71}) (async) r0 = mq_open$auto(&(0x7f0000000040)='\xb0&&/\x00', 0xe, 0x9, &(0x7f0000000080)={0x2, 0x8000, 0xfffffffffffffe01, 0xf71}) mmap$auto(0xfffffffffffffff9, 0x472931b3, 0x42, 0xeb2, r0, 0x8000) r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x3b71, 0x0) select$auto(0x4242, &(0x7f00000000c0)={[0x6, 0x8000000000000001, 0xaa3, 0x57e, 0x0, 0x7, 0x5, 0x10000, 0x5, 0x6, 0x401, 0x100000000, 0x925e, 0xb, 0xffffffff, 0x401]}, &(0x7f0000000140)={[0x2, 0x81, 0x9, 0x2, 0x4, 0xe, 0x8, 0x9, 0x800, 0x7fffffffffffffff, 0x2, 0x80, 0x8, 0xe41, 0x9, 0x642]}, &(0x7f00000001c0)={[0x0, 0x0, 0x7, 0x1, 0xffffffffffffffff, 0x1000, 0x4, 0x12, 0x400, 0x7fd91531, 0x5, 0x81, 0x5, 0x0, 0x6, 0x9]}, &(0x7f0000000240)={0xfffffffffffffffb, 0x101}) 2.954499375s ago: executing program 1 (id=143): openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000080)={0x5, 0xffff3155, 0x3}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x280303, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, 0x0, 0x8010) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8) connect$auto(0x4, 0x0, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/mem_limit\x00', 0x183841, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x200000000000b, 0x4, 0x16, r1, 0x8) sysfs$auto(0x2, 0x9, 0x0) fsopen$auto(0x0, 0x1) io_uring_setup$auto(0x7, 0x0) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x1, 0x0, 0x8004) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc1}, 0x4000) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3a8044}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYRES64, @ANYRES16=r4, @ANYBLOB="000028bd7000fbdbdf25490000000800a4000002000015023380061748a31e9559a89a4fc849603b836e17cc1ad03c2d358b7cd98671dcce5d23f89f762f92570b697347f18346ef4250cb71b9fa43d9c5e1de71dd871f6df113cb2671f1cb1b0d163b7e91fddd9b004caf256d76bc7f70ebd40ead7e4a1dda77abc34766febcd56585a1ccc4f87709a6d3a0cc905aaa2927fc8f44c979e5efafb09ea37cd512f1a83098177aa0f2909efa3d84ee934dfbed7e0d4ff5ba59245273d073052da52bdae7de371030594c3a920526175ee507f1b12dcbfd6666653205ab0b404aa78364b908e93fe5de707725065b141aa24268fbb3f9534f4e64235b12a87b44bc4c4a9fc4c6b86cde80d40f601251bad939cd850f194b28d9ff8146805b0fe3d9b8b2962127ecb8cc2b488541601f66136480fc5d29bd9bb7b948492abe285fee16b5e0fbe0caf6c4c356d5d5e65f279a385650a40b5d6dbccc16c8262108e9796de764b942e7eba5f24b55fc37a525cd43a930261ac3fe4f64253d2c6863b0c4957b963d3d707659f7a48c2ce767f0cd23a8f0f659adcf9aacc8004a485e48002a1e511aff423af9082b89855f98218ffbf94478b42e64d23973aa862f33be95b2a26c33120ea700c2c51130a2cabbd5e21a8f75755c9836c67b1f800e847f28850493f1488e1a299f111a063bf1386c570adb51caee0d88ad9a639a69b986e411eec9394f3886dc205db362e7647de5dfc919cbded6063aba8bbf4d60836b2bc5d8b2b8e0040001000000000600ed0009000000060096000700000004008b000600fb00ff000000060066004e2200000000"], 0x258}, 0x1, 0x0, 0x0, 0xc814}, 0x10) mmap$auto(0xfffffffffffffff9, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) 2.719894241s ago: executing program 3 (id=144): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) ioctl$auto_EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x8, 0x80805, 0x0) close_range$auto(r1, r1, 0x4) r3 = socket(0xa, 0x5, 0x84) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r5) ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x40000025, 0x400, 0x2}]}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x25, 0x5, 0x5) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6e) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r3, 0x84, 0xe, 0x0, &(0x7f0000000040)=0xb0) keyctl$auto_KEYCTL_CLEAR(0x7, 0x7, 0x9, 0x2, 0x4662) socket(0x2, 0x3, 0xa) timer_delete$auto(0x0) 2.027532743s ago: executing program 1 (id=145): unshare$auto(0x40000080) r0 = socket(0x3d, 0x5, 0x100) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.2/usb13/power/autosuspend_delay_ms\x00', 0xad0c0, 0x0) sendfile$auto(r1, r1, 0x0, 0x7fff) unshare$auto(0xa4) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) r2 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f00000001c0), r0) capset$auto(&(0x7f0000000340)={0xffffff15, 0x0}, &(0x7f0000000380)={0x9, 0x4c2, 0x5}) sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00012bbd7000fbdbdf2501000000100003002f6465efe7617564696f310008000100", @ANYRES32=r3, @ANYBLOB='q.&.', @ANYRES32, @ANYBLOB="130003002f6465762f73657175656e636572000004000400100004002f6465efe7617564696f310008000200", @ANYRES32, @ANYBLOB], 0x64}, 0x1, 0x0, 0x0, 0x44000885}, 0x800) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="130026bd7000fcdbdf2517c5edd808000300", @ANYRES32=r7], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, 0x0) unshare$auto(0x40000080) r8 = socket(0x29, 0x5, 0xfffffffc) sendto$auto(r8, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa}, 0x8) r9 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) r10 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES64=r1, @ANYRES16, @ANYBLOB="02002abd7000ffdbdf2502000000040002001c00048005bc48242d10b34cfb6a801306b44fd2162bb3596680cddf080007000010000008000100"], 0x44}, 0x1, 0x0, 0x0, 0x4004004}, 0x8000) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='T'], 0x1ac}}, 0x40000) sendmmsg$auto(r10, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) write$auto(r9, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) 2.005202023s ago: executing program 0 (id=146): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001440)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24044000}, 0x18800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r2, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000000)={0x14, r3, 0x301, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40880) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000041}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x40, r4, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x10}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x101}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x8}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, "6220da0c3557019a6ac43dc5"}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x24000800) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1e0, r3, 0x0, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x100}, @ETHTOOL_A_COALESCE_RX_PROFILE={0x90, 0x1d, 0x0, 0x1, [@ETHTOOL_A_PROFILE_IRQ_MODERATION={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x3244}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0xfffffff1}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x8}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x8}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x63}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x2}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x66}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x6}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x6}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0xb}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x7b}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x2}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x1}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x4}]}]}, @ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x8, 0x4, 0x7fffffff}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x4}, @ETHTOOL_A_COALESCE_TX_PROFILE={0x124, 0x1e, 0x0, 0x1, [@ETHTOOL_A_PROFILE_IRQ_MODERATION={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x2}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x6}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0xff}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x2}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_COMPS={0x8}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x1}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x4}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0xe}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x1ff}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x9}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x54}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x7594}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x5}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x6}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x1}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0xcc}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x8}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0xbd3}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x9}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x9}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0xc}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x7}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x3}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x9}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0xf}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x8}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x8}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x9}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x4}]}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x4000}, 0x800) 1.707633331s ago: executing program 3 (id=147): r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x22880, 0x0) unshare$auto(0x40000080) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/de\xef\xe7auDio1\x00\f\'\x8b\xd9\xfeN\xcd#)\x8c\x89>-o\xd7\x8f$\xac\xfc\xa2\xccm\x0e \xfb\xe5\xe9\x92\xaa\xef\x84$\x84Ia>6pV;{\'\xaa\xbeS\x14\xb6\xd2\xf6\xb7\xcd\xf6P\x05X\x1dK\x18\x99\x02\xb3\x0fY0\x80\x99\xe3\x0e\xa2D\xc0\xecE\x86\xd9J\x9c\xa8\x98\x02\xdb\xf1\x81TMpS\xc5\xab\xa1\x1bG\v>\x03\xf7\xe1\xaf\xe3\x04\xc3 ffF\x0f\xa6}\xa3\xa8\xd1\xe2\xd0QG\xa6\xa6\x8e7\x80\xd9\xd0\xdf\xad\xb1\x15\xca\xbb\xd5j\x94\xc6<\x18\x15\xcc\x8d\x14\xd8\xb8L\x03\xdd~\xe7%\xcb\xdd\xda!\xd45Z\xd0\xfc\x1b\xf0\xe1\xd6:\xd7\xe9N\xc1W\xe3\xae\xe9\xb27>k\xf8\xdf\xe1\xf9\xcc\xcb\v\x01D\xc3\xa9T\xb9UY\xaf\xa4\xe4\xfec\xa3\x9bI@\xb7w\xf8\x14\xc0\xd5\xd5\x95', 0x8) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x807}, 0x4, 0x8) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000140)={0x893, [{[0xe5, 0x9af5, 0x800, 0x61b, 0x8, 0x100, 0xa18]}, {[0x0, 0xd3, 0x3ff, 0x6, 0x5, 0x8e, 0x6, 0x7]}, {[0xfffffff9, 0x6, 0x0, 0x282, 0x81, 0x6, 0x8da, 0x51e74508]}], [{[0x2, 0xffff5414, 0xffffffe3, 0xcce, 0x5, 0x3, 0x6, 0xfff]}, {[0x3, 0x0, 0x1, 0xffff54a1, 0x10, 0x7fff, 0x80000000, 0x6]}, {[0x5b88, 0x0, 0x5, 0x5, 0x1, 0x5, 0x8, 0xfffffffd]}, {[0x7ff, 0x3a, 0x7, 0x2, 0xe0000, 0x0, 0x1, 0xe]}, {[0x6, 0x1, 0x400, 0x66b, 0x1, 0xe111, 0x8, 0x8]}], [{0x6, 0x9, 0x1, 0x0, 0x1, 0x1}, {0xfffffff7, 0xd06, 0x0, 0x0, 0x1, 0x1}, {0x5, 0x7fffffff, 0x1}, {0x4000000, 0x4, 0x1, 0x1, 0x1, 0x1}, {0xfff, 0xf, 0x0, 0x0, 0x0, 0x1}, {0xffff0000, 0x4, 0x0, 0x1, 0x0, 0x1}, {0x81, 0xfffffffa, 0x1, 0x0, 0x1, 0x1}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {0xfffffff8, 0x2, 0x0, 0x0, 0x0, 0x1}, {0x7, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x2, 0x1, 0x0, 0x0, 0x1}, {0xe773, 0xf, 0x0, 0x1, 0x1}], [{0x2, 0x4, 0x1, 0x1, 0x1}, {0x79ee, 0x18, 0x1}, {0xd, 0xfff, 0x1, 0x1}, {0x0, 0x10001, 0x1, 0x0, 0x1}, {0x1000, 0xe3, 0x0, 0x0, 0x1, 0x1}, {0x8, 0x5, 0x0, 0x1, 0x1, 0x1}, {0x4, 0xc75, 0x0, 0x0, 0x0, 0x1}, {0x2, 0x3, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x7f, 0x1, 0x0, 0x1}], 0xfffffff7, 0x4, 0xfff, 0x7cf, 0x7fffffff, 0x1, 0x80000000, "5c896ca88ba58154fce9b9c8036e4b70", "a51918ca16112d850d189bc08a1061d5d9ed4d4dbcba2ffc49acc05cf84f5a9bbde306bbfe6eeb14882546e23a9fab3d"}) socket(0x2, 0x1, 0x106) r2 = socket(0xa, 0x801, 0x84) r3 = getsockopt$auto(r2, 0x84, 0x83, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x7, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev3\x00', 0x2, 0x0) ioctl$auto(r4, 0xc0845658, r4) getsockopt$auto_SO_PROTOCOL(r3, 0x7, 0x26, &(0x7f0000000040)='\x00', &(0x7f00000003c0)=0xc7f) listen$auto(0x3, 0x400000) 1.614338729s ago: executing program 2 (id=148): r0 = socket(0xa, 0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x19, 0xffffffffffffffff, 0x0) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x8001, 0xfffffffffffffff8, 0x80000001, 0x1010, 0xffffffffffffffff, 0x28000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8008000) socket(0xa, 0x801, 0x1) unshare$auto(0x40000080) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) write$auto(0xca, 0x0, 0x10) sendfile$auto(r1, r1, 0x0, 0x3) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000002c0), 0x260a83, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000804}, 0x40000) write$auto(r1, &(0x7f00000000c0)=']\\/\x00', 0x5) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x24044840) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)="53b51ef61e316ba89e7ef2b95bd2b3199917c2244c5b8530fec6f8bc91c3d858a2e99ded8c1f3e2206bd08ccc7147307d3be76635200ebbea2b0dc86c82a79ef0d19e9ce798724e2ef6a80f5a484a15ae889a26ddd3b7a0008b818665ac8419ffc5106f4c12a337cbab88fa3330d078167f2dccf80a3a7", 0xfc2}, 0x20002, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr2/queues/tx-0/xps_rxqs\x00', 0x22701, 0x0) setresuid$auto(0x2, 0x7, 0x8080) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000003c0)="af17f2dc38825ccb5ebacf6b318afe1ea673ba9ba023cf32ee201cd4908d8072a0ab2e5946c77e9627891ac54f56a6b87659cee21cdfe6f4d68dfab3ee50ff81fece4c24c8b5f8aef6d3b0d0ea044da79b7807926b8d61fbe54e65a92b4e656976fe1aee75c6364dc19f757f53494e19f7", 0x71) rseq$auto(&(0x7f0000000440)={0xffffffff, 0x401, 0x5b46423e, 0xfffffff8, 0x6, 0x2, "295dcb763ddb53734c25efff8b6cebffc07c2b59eea89ae4b33f72e1ed8a60030000005738fe2afca535ba16c247335572c8786ab2fc6d73f761caea72ca9d1918f29a0bd3184070a15628921ad7fd0fc61eeaa2fd891f4e14263d3c0a1984f237f0895c092971ce670db829e4831ea8dbc5f28ea9a70f1196d16c2d2d7056083f00f2ee24447029201a0eec1ac51306d89c32f5a550d2c932f1c0d26356718fe46ce977d9d9d9391bac1523e9e8420709b062ac9200"/192}, 0x8006, 0x4, 0x8000006) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x4, 0x0, 0x100082) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/set_event\x00', 0x80c00, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00012cbd700005000000000000005f787d5fe269c41730f92a7090bd6ea905df7034087fcea332c3673406943e70e433c3fb9730471d484e70e0b18a6935f8ae908dff91e7cdd5d6d141adfa487093005e9da9fc14e35a1bec77186481635900d4f5eba09ab40196618868bcf4f66ac090017938bfeac89f179d710bcda118fb232505a7690c2ccb7e70aa73d47390c1a88a366a8c820668c95607569ed32da1eded8e55986249b15e0face95f500d894da645b4a1c1d90da2b95a52935bbe316c"], 0x14}, 0x1, 0x0, 0x0, 0x10044}, 0x11) 1.547587702s ago: executing program 0 (id=149): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) ioctl$auto(r0, 0x64c4, 0xffffffffffffffff) semctl$auto_GETNCNT(0x85c, 0xfa5, 0xe, 0x2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r1 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) mmap$auto(0x80, 0xfc0000000, 0x57ae, 0x200004000eb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r0) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) setsockopt$auto(0x3, 0x0, 0x60, 0x0, 0x10001) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) prctl$auto(0x1000000003b, 0xa, r2, 0x5, 0x10004) get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r1, r0, 0x0, 0x1020200) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgrcv$auto(0x0, 0x0, 0x9, 0x10001, 0xda4e) r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) ioctl$auto_IOCTL_VMCI_GET_CONTEXT_ID(r3, 0x7b3, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop11/queue/io_poll_delay\x00', 0xa8002, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r5, 0x80045017, &(0x7f0000000100)) 842.884853ms ago: executing program 3 (id=150): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x2100, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, r0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video23\x00', 0x200400, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0) socketpair$auto(0x1a, 0x4, 0x8000000000000000, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000004c0), 0x22000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/nr1/netdev_group\x00', 0x200001, 0x0) socket(0xa, 0x3, 0x3b) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x14) r2 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socket(0xa, 0x2, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r2, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r4, &(0x7f0000000000)='-\x00', 0xfdef) mmap$auto(0xe819, 0x400008, 0x36, 0x1009b72, r1, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) write$auto(0x3, 0x0, 0x17) mmap$auto(0xf1, 0xff, 0x3, 0xeb1, 0x401, 0xd75) 574.867932ms ago: executing program 3 (id=151): getpid() mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r0, 0x0, 0x20) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCMGET2(r1, 0x5415, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) semctl$auto_SETVAL(0x6, 0x4, 0x10, 0x8) prctl$auto_PR_SET_MM_START_DATA(0x80000001, 0x3, 0x0, 0x9, 0x10) mmap$auto(0xfffffffffffffffd, 0x83e0, 0xdb, 0x16, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)={0xfffffffe, 0x0, [{0x400000ff, 0x8, 0xb789}]}) madvise$auto(0x0, 0xffffffffffff0005, 0x17) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x8, 0x400008, 0xdf, 0x111, 0x2, 0x8004) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x84102, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ram4\x00', 0x0, 0x0) mmap$auto(0x0, 0x7ff, 0x7fffffff, 0x44eb1, 0x3, 0x300000000000) 0s ago: executing program 1 (id=152): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x5, 0x6, 0xa, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c5b, 0x4, 0x100, 0x7ffffffb, 0x101, 0x800, 0x3}, {0x8, 0x0, 0x52, 0x5, 0x0, 0x42, 0x76c5, 0x8, 0x100000000}}) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20002, 0x0) r1 = socket(0xf, 0x4, 0x6) setsockopt$auto(r1, 0x10f, 0x86, 0x0, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)) eventfd$auto(0x200) mmap$auto(0x3, 0x8001, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x880080, 0x0) bpf$auto(0x40000e, &(0x7f00000002c0)=@bpf_attr_4={0x2, r2, 0x1, r2}, 0x5) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) r3 = open(0x0, 0x222ac2, 0x5d745cb200ae4d73) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x8000000}, 0x3, 0xf8, 0x10) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/oom_adj\x00', 0x4000, 0x0) read$auto(r4, 0x0, 0x1f40) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop12/queue/nr_requests\x00', 0x80302, 0x0) mmap$auto(0x0, 0x4, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8002008000) read$auto(r5, 0x0, 0xf30) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r3, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="0956feb11fa823ac510530d808002bbd7000fc606ebb000000006b7cdbdf000000000000000000070000"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x24004000) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/kvm/guest_mode\x00', 0x100, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) r6 = gettid() openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000080), 0x10001, 0x0) r7 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/6t\x00', 0x486d01, 0x0) read$auto_mon_fops_text_t_mon_text(r7, 0x0, 0x0) kill$auto(r6, 0x11) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.202' (ED25519) to the list of known hosts. [ 98.873453][ T5817] cgroup: Unknown subsys name 'net' [ 99.009033][ T5817] cgroup: Unknown subsys name 'cpuset' [ 99.018643][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 100.855899][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.196367][ T976] cfg80211: failed to load regulatory.db [ 103.281524][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.322415][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.328269][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.331940][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.343835][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.352406][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.360293][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.368527][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.368749][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.376895][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.384299][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.392133][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.399052][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.405294][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.412634][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.419263][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.424788][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.432803][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.448835][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.474585][ T5140] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.109503][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 104.166569][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 104.255260][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 104.396064][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 104.445368][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.453167][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.461188][ T5831] bridge_slave_0: entered allmulticast mode [ 104.469376][ T5831] bridge_slave_0: entered promiscuous mode [ 104.557462][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.564934][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.572127][ T5831] bridge_slave_1: entered allmulticast mode [ 104.579807][ T5831] bridge_slave_1: entered promiscuous mode [ 104.587499][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.594809][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.602030][ T5829] bridge_slave_0: entered allmulticast mode [ 104.609979][ T5829] bridge_slave_0: entered promiscuous mode [ 104.670466][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.680376][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.687725][ T5829] bridge_slave_1: entered allmulticast mode [ 104.695609][ T5829] bridge_slave_1: entered promiscuous mode [ 104.717397][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.724748][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.731966][ T5830] bridge_slave_0: entered allmulticast mode [ 104.739669][ T5830] bridge_slave_0: entered promiscuous mode [ 104.766015][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.790549][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.798108][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.806054][ T5830] bridge_slave_1: entered allmulticast mode [ 104.814808][ T5830] bridge_slave_1: entered promiscuous mode [ 104.839079][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.931372][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.946263][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.973067][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.980656][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.988136][ T5837] bridge_slave_0: entered allmulticast mode [ 104.995622][ T5837] bridge_slave_0: entered promiscuous mode [ 105.010000][ T5831] team0: Port device team_slave_0 added [ 105.035990][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.048176][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.055750][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.062944][ T5837] bridge_slave_1: entered allmulticast mode [ 105.070562][ T5837] bridge_slave_1: entered promiscuous mode [ 105.080282][ T5831] team0: Port device team_slave_1 added [ 105.120943][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.162352][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.169673][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.195856][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.213334][ T5829] team0: Port device team_slave_0 added [ 105.248296][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.255561][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.282029][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.296285][ T5829] team0: Port device team_slave_1 added [ 105.319592][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.333822][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.370296][ T5830] team0: Port device team_slave_0 added [ 105.426272][ T5830] team0: Port device team_slave_1 added [ 105.433031][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.440076][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.467278][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.478744][ T5838] Bluetooth: hci1: command tx timeout [ 105.478749][ T5140] Bluetooth: hci2: command tx timeout [ 105.500296][ T5837] team0: Port device team_slave_0 added [ 105.523683][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.532738][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.555083][ T5140] Bluetooth: hci0: command tx timeout [ 105.563990][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.564618][ T5838] Bluetooth: hci3: command tx timeout [ 105.603363][ T5837] team0: Port device team_slave_1 added [ 105.627104][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.634419][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.660903][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.718882][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.726066][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.752810][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.779459][ T5831] hsr_slave_0: entered promiscuous mode [ 105.786096][ T5831] hsr_slave_1: entered promiscuous mode [ 105.808610][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.816128][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.842355][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.856373][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.863361][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.890350][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.924540][ T5829] hsr_slave_0: entered promiscuous mode [ 105.931269][ T5829] hsr_slave_1: entered promiscuous mode [ 105.937936][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 105.946409][ T5829] Cannot create hsr debugfs directory [ 106.038389][ T5830] hsr_slave_0: entered promiscuous mode [ 106.045101][ T5830] hsr_slave_1: entered promiscuous mode [ 106.051409][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.059628][ T5830] Cannot create hsr debugfs directory [ 106.193341][ T5837] hsr_slave_0: entered promiscuous mode [ 106.200978][ T5837] hsr_slave_1: entered promiscuous mode [ 106.207980][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.216573][ T5837] Cannot create hsr debugfs directory [ 106.663477][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.688038][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.712277][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.735946][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.789639][ T5829] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.802358][ T5829] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.815358][ T5829] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.830720][ T5829] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.952892][ T5830] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 106.967577][ T5830] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 106.980705][ T5830] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.000395][ T5830] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.111751][ T5837] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.128659][ T5837] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.142684][ T5837] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.166650][ T5837] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 107.200194][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.290705][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.335800][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.343351][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.361090][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.396482][ T163] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.404145][ T163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.452303][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.481030][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.542769][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.550001][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.558314][ T5838] Bluetooth: hci1: command tx timeout [ 107.564877][ T5838] Bluetooth: hci2: command tx timeout [ 107.581620][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.599361][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.606579][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.621570][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.628754][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.639113][ T5140] Bluetooth: hci0: command tx timeout [ 107.645750][ T5838] Bluetooth: hci3: command tx timeout [ 107.683396][ T163] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.690688][ T163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.738496][ T5829] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 107.749163][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 107.875407][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.981824][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.077261][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.084537][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.149572][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.156836][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.290556][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.378818][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.463639][ T5829] veth0_vlan: entered promiscuous mode [ 108.536804][ T5829] veth1_vlan: entered promiscuous mode [ 108.638887][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.693613][ T5831] veth0_vlan: entered promiscuous mode [ 108.734859][ T5829] veth0_macvtap: entered promiscuous mode [ 108.746641][ T5831] veth1_vlan: entered promiscuous mode [ 108.774896][ T5829] veth1_macvtap: entered promiscuous mode [ 108.801440][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.828221][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.895540][ T5831] veth0_macvtap: entered promiscuous mode [ 108.904920][ T5830] veth0_vlan: entered promiscuous mode [ 108.918893][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.943041][ T5831] veth1_macvtap: entered promiscuous mode [ 108.952513][ T5829] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.963555][ T5829] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.975510][ T5829] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.984583][ T5829] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.022007][ T5830] veth1_vlan: entered promiscuous mode [ 109.050963][ T5837] veth0_vlan: entered promiscuous mode [ 109.116286][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.133533][ T5837] veth1_vlan: entered promiscuous mode [ 109.145856][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.188212][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.198661][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.229335][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.239838][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.250705][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.259660][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.299560][ T5830] veth0_macvtap: entered promiscuous mode [ 109.316823][ T5830] veth1_macvtap: entered promiscuous mode [ 109.336241][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.347491][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.428289][ T5837] veth0_macvtap: entered promiscuous mode [ 109.453453][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.483296][ T5837] veth1_macvtap: entered promiscuous mode [ 109.491173][ T5829] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.531754][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.602542][ T5830] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.614791][ T5830] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.623561][ T5830] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.633036][ T5830] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.642239][ T5140] Bluetooth: hci2: command tx timeout [ 109.648248][ T5838] Bluetooth: hci1: command tx timeout [ 109.661131][ T163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.676293][ T163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.714974][ T5140] Bluetooth: hci0: command tx timeout [ 109.720454][ T5140] Bluetooth: hci3: command tx timeout [ 109.740013][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.782450][ T163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.793776][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.805472][ T163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.820022][ T5837] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.833691][ T5837] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.842901][ T5837] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.856420][ T5837] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.032644][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.056561][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.179788][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.202101][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.292718][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.331754][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.467592][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.483995][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.538821][ T5922] Zero length message leads to an empty skb [ 111.545693][ T5923] capability: warning: `syz.2.9' uses 32-bit capabilities (legacy support in use) [ 111.719003][ T5140] Bluetooth: hci2: command tx timeout [ 111.724576][ T5838] Bluetooth: hci1: command tx timeout [ 111.794960][ T5140] Bluetooth: hci3: command tx timeout [ 111.801176][ T5838] Bluetooth: hci0: command tx timeout [ 112.115330][ T5936] can: request_module (can-proto-3) failed. [ 112.805450][ T5942] FAULT_INJECTION: forcing a failure. [ 112.805450][ T5942] name failslab, interval 1, probability 0, space 0, times 0 [ 112.894273][ T5942] CPU: 1 UID: 0 PID: 5942 Comm: syz.0.13 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 112.894315][ T5942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.894355][ T5942] Call Trace: [ 112.894365][ T5942] [ 112.894381][ T5942] dump_stack_lvl+0x16c/0x1f0 [ 112.894440][ T5942] should_fail_ex+0x512/0x640 [ 112.894495][ T5942] should_failslab+0xc2/0x120 [ 112.894537][ T5942] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 112.894577][ T5942] ? skb_clone+0x190/0x3f0 [ 112.894623][ T5942] skb_clone+0x190/0x3f0 [ 112.894665][ T5942] netlink_deliver_tap+0xabd/0xd30 [ 112.894715][ T5942] netlink_dump+0xb6d/0xd00 [ 112.894771][ T5942] ? __pfx_netlink_dump+0x10/0x10 [ 112.894809][ T5942] ? __rhashtable_lookup.constprop.0+0x3a5/0x760 [ 112.894851][ T5942] ? __netlink_dump_start+0x150/0x990 [ 112.894910][ T5942] ? netlink_lookup+0x258/0x520 [ 112.894950][ T5942] ? __pfx_netlink_lookup+0x10/0x10 [ 112.895003][ T5942] __netlink_dump_start+0x6d6/0x990 [ 112.895051][ T5942] ? __pfx_inet6_dump_ifacaddr+0x10/0x10 [ 112.895096][ T5942] rtnetlink_rcv_msg+0xb3e/0xe90 [ 112.895140][ T5942] ? __pfx_inet6_dump_ifacaddr+0x10/0x10 [ 112.895188][ T5942] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 112.895231][ T5942] ? __pfx_inet6_dump_ifacaddr+0x10/0x10 [ 112.895303][ T5942] netlink_rcv_skb+0x16d/0x440 [ 112.895346][ T5942] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 112.895392][ T5942] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 112.895459][ T5942] ? netlink_deliver_tap+0x1ae/0xd30 [ 112.895510][ T5942] netlink_unicast+0x53a/0x7f0 [ 112.895559][ T5942] ? __pfx_netlink_unicast+0x10/0x10 [ 112.895599][ T5942] ? __lock_acquire+0xaa4/0x1ba0 [ 112.895665][ T5942] netlink_sendmsg+0x8d1/0xdd0 [ 112.895714][ T5942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 112.895800][ T5942] ____sys_sendmsg+0xa95/0xc70 [ 112.895851][ T5942] ? copy_msghdr_from_user+0x10a/0x160 [ 112.895891][ T5942] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.895949][ T5942] ? kfree+0x252/0x4d0 [ 112.895975][ T5942] ? __pfx__kstrtoull+0x10/0x10 [ 112.896024][ T5942] ___sys_sendmsg+0x134/0x1d0 [ 112.896067][ T5942] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.896148][ T5942] ? __pfx___might_resched+0x10/0x10 [ 112.896193][ T5942] __sys_sendmmsg+0x200/0x420 [ 112.896239][ T5942] ? __pfx___sys_sendmmsg+0x10/0x10 [ 112.896293][ T5942] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 112.896362][ T5942] ? fput+0x70/0xf0 [ 112.896400][ T5942] ? ksys_write+0x1b9/0x240 [ 112.896433][ T5942] ? __pfx_ksys_write+0x10/0x10 [ 112.896462][ T5942] ? rcu_is_watching+0x12/0xc0 [ 112.896501][ T5942] __x64_sys_sendmmsg+0x9c/0x100 [ 112.896541][ T5942] ? lockdep_hardirqs_on+0x7c/0x110 [ 112.896587][ T5942] do_syscall_64+0xcd/0x230 [ 112.896642][ T5942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.896674][ T5942] RIP: 0033:0x7f485038e969 [ 112.896699][ T5942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.896737][ T5942] RSP: 002b:00007f485119a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 112.896766][ T5942] RAX: ffffffffffffffda RBX: 00007f48505b5fa0 RCX: 00007f485038e969 [ 112.896787][ T5942] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 112.896805][ T5942] RBP: 00007f485119a090 R08: 0000000000000000 R09: 0000000000000000 [ 112.896823][ T5942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 112.896842][ T5942] R13: 0000000000000000 R14: 00007f48505b5fa0 R15: 00007ffc8ef91058 [ 112.896884][ T5942] [ 113.295771][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.661789][ T5948] netlink: 330 bytes leftover after parsing attributes in process `syz.2.14'. [ 113.844303][ T5948] : renamed from lo (while UP) [ 114.259652][ T5960] mmap: syz.1.16 (5960) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 115.558652][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 115.568028][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 115.577737][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.589005][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.825786][ T6014] ptrace attach of "./syz-executor exec"[5829] was attempted by ""[6014] [ 116.260546][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.269390][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.195367][ T5140] Bluetooth: hci1: unexpected subevent 0x01 length: 5 < 18 [ 117.399340][ T6049] process 'syz.2.32' launched '/dev/fd/3' with NULL argv: empty string added [ 117.850218][ T6060] FAULT_INJECTION: forcing a failure. [ 117.850218][ T6060] name failslab, interval 1, probability 0, space 0, times 0 [ 117.874300][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.913731][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 118.114956][ T6060] CPU: 1 UID: 0 PID: 6060 Comm: syz.2.36 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 118.115000][ T6060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.115017][ T6060] Call Trace: [ 118.115028][ T6060] [ 118.115039][ T6060] dump_stack_lvl+0x16c/0x1f0 [ 118.115092][ T6060] should_fail_ex+0x512/0x640 [ 118.115145][ T6060] should_failslab+0xc2/0x120 [ 118.115187][ T6060] __kmalloc_cache_noprof+0x6a/0x3e0 [ 118.115221][ T6060] ? sctp_add_bind_addr+0xae/0x3f0 [ 118.115273][ T6060] sctp_add_bind_addr+0xae/0x3f0 [ 118.115382][ T6060] sctp_copy_local_addr_list+0x39d/0x5a0 [ 118.115449][ T6060] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 118.115509][ T6060] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 118.115565][ T6060] ? sctp_bind_addr_copy+0xe0/0x530 [ 118.115609][ T6060] sctp_bind_addr_copy+0xe0/0x530 [ 118.115665][ T6060] sctp_connect_new_asoc+0x1d7/0x790 [ 118.115707][ T6060] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 118.115749][ T6060] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 118.115797][ T6060] __sctp_connect+0x3f3/0xc60 [ 118.115842][ T6060] ? do_raw_spin_lock+0x12c/0x2b0 [ 118.115893][ T6060] ? __pfx___sctp_connect+0x10/0x10 [ 118.115936][ T6060] ? __pfx_sctp_inet_connect+0x10/0x10 [ 118.115977][ T6060] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.116026][ T6060] ? __pfx_sctp_inet_connect+0x10/0x10 [ 118.116062][ T6060] sctp_inet_connect+0x15f/0x200 [ 118.116100][ T6060] __sys_connect_file+0x141/0x1a0 [ 118.116140][ T6060] __sys_connect+0x14d/0x170 [ 118.116172][ T6060] ? __pfx___sys_connect+0x10/0x10 [ 118.116219][ T6060] ? __pfx_ksys_write+0x10/0x10 [ 118.116244][ T6060] ? rcu_is_watching+0x12/0xc0 [ 118.116277][ T6060] __x64_sys_connect+0x72/0xb0 [ 118.116303][ T6060] ? lockdep_hardirqs_on+0x7c/0x110 [ 118.116343][ T6060] do_syscall_64+0xcd/0x230 [ 118.116387][ T6060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.116414][ T6060] RIP: 0033:0x7f1a2e58e969 [ 118.116435][ T6060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.116460][ T6060] RSP: 002b:00007f1a2f36c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 118.116485][ T6060] RAX: ffffffffffffffda RBX: 00007f1a2e7b6080 RCX: 00007f1a2e58e969 [ 118.116502][ T6060] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 118.116518][ T6060] RBP: 00007f1a2f36c090 R08: 0000000000000000 R09: 0000000000000000 [ 118.116541][ T6060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 118.116556][ T6060] R13: 0000000000000000 R14: 00007f1a2e7b6080 R15: 00007ffe0b850fc8 [ 118.116589][ T6060] [ 118.677401][ T6066] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 118.710069][ T6071] FAULT_INJECTION: forcing a failure. [ 118.710069][ T6071] name failslab, interval 1, probability 0, space 0, times 0 [ 118.726105][ T6071] CPU: 1 UID: 0 PID: 6071 Comm: syz.2.42 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 118.726146][ T6071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.726163][ T6071] Call Trace: [ 118.726173][ T6071] [ 118.726185][ T6071] dump_stack_lvl+0x16c/0x1f0 [ 118.726239][ T6071] should_fail_ex+0x512/0x640 [ 118.726287][ T6071] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 118.726325][ T6071] should_failslab+0xc2/0x120 [ 118.726366][ T6071] __kmalloc_cache_noprof+0x6a/0x3e0 [ 118.726398][ T6071] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 118.726450][ T6071] ? genl_start+0x1e8/0x980 [ 118.726518][ T6071] genl_start+0x1e8/0x980 [ 118.726573][ T6071] __netlink_dump_start+0x60b/0x990 [ 118.726624][ T6071] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 118.726679][ T6071] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 118.726729][ T6071] ? genl_op_from_small+0x25/0x440 [ 118.726783][ T6071] ? __pfx_genl_get_cmd+0x10/0x10 [ 118.726824][ T6071] ? __pfx_genl_start+0x10/0x10 [ 118.726869][ T6071] ? __pfx_genl_dumpit+0x10/0x10 [ 118.726914][ T6071] ? __pfx_genl_done+0x10/0x10 [ 118.726966][ T6071] ? __local_bh_enable_ip+0xa4/0x120 [ 118.727004][ T6071] ? __dev_queue_xmit+0x896/0x43e0 [ 118.727035][ T6071] ? __radix_tree_lookup+0x21f/0x2c0 [ 118.727093][ T6071] genl_rcv_msg+0x46e/0x800 [ 118.727148][ T6071] ? __pfx_genl_rcv_msg+0x10/0x10 [ 118.727196][ T6071] ? __pfx___dev_queue_xmit+0x10/0x10 [ 118.727228][ T6071] ? __pfx_nl80211_dump_survey+0x10/0x10 [ 118.727277][ T6071] ? __lock_acquire+0xaa4/0x1ba0 [ 118.727330][ T6071] netlink_rcv_skb+0x16d/0x440 [ 118.727374][ T6071] ? __pfx_genl_rcv_msg+0x10/0x10 [ 118.727427][ T6071] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 118.727511][ T6071] ? __pfx_down_read+0x10/0x10 [ 118.727544][ T6071] ? netlink_deliver_tap+0x1ae/0xd30 [ 118.727588][ T6071] genl_rcv+0x28/0x40 [ 118.727630][ T6071] netlink_unicast+0x53a/0x7f0 [ 118.727677][ T6071] ? __pfx_netlink_unicast+0x10/0x10 [ 118.727736][ T6071] ? __lock_acquire+0xaa4/0x1ba0 [ 118.727793][ T6071] netlink_sendmsg+0x8d1/0xdd0 [ 118.727842][ T6071] ? __pfx_netlink_sendmsg+0x10/0x10 [ 118.727900][ T6071] ____sys_sendmsg+0xa95/0xc70 [ 118.727950][ T6071] ? copy_msghdr_from_user+0x10a/0x160 [ 118.727991][ T6071] ? __pfx_____sys_sendmsg+0x10/0x10 [ 118.728038][ T6071] ? lockdep_hardirqs_on+0x7c/0x110 [ 118.728091][ T6071] ? kfree+0x2b6/0x4d0 [ 118.728117][ T6071] ? __pfx__kstrtoull+0x10/0x10 [ 118.728155][ T6071] ? ___sys_sendmsg+0x141/0x1d0 [ 118.728202][ T6071] ___sys_sendmsg+0x134/0x1d0 [ 118.728246][ T6071] ? __pfx____sys_sendmsg+0x10/0x10 [ 118.728328][ T6071] ? __pfx___might_resched+0x10/0x10 [ 118.728375][ T6071] __sys_sendmmsg+0x200/0x420 [ 118.728421][ T6071] ? __pfx___sys_sendmmsg+0x10/0x10 [ 118.728488][ T6071] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 118.728558][ T6071] ? fput+0x70/0xf0 [ 118.728595][ T6071] ? ksys_write+0x1b9/0x240 [ 118.728626][ T6071] ? __pfx_ksys_write+0x10/0x10 [ 118.728656][ T6071] ? rcu_is_watching+0x12/0xc0 [ 118.728695][ T6071] __x64_sys_sendmmsg+0x9c/0x100 [ 118.728735][ T6071] ? lockdep_hardirqs_on+0x7c/0x110 [ 118.728781][ T6071] do_syscall_64+0xcd/0x230 [ 118.728843][ T6071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.728875][ T6071] RIP: 0033:0x7f1a2e58e969 [ 118.728900][ T6071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.728931][ T6071] RSP: 002b:00007f1a2f38d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 118.728959][ T6071] RAX: ffffffffffffffda RBX: 00007f1a2e7b5fa0 RCX: 00007f1a2e58e969 [ 118.728979][ T6071] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003 [ 118.728998][ T6071] RBP: 00007f1a2f38d090 R08: 0000000000000000 R09: 0000000000000000 [ 118.729016][ T6071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 118.729034][ T6071] R13: 0000000000000000 R14: 00007f1a2e7b5fa0 R15: 00007ffe0b850fc8 [ 118.729076][ T6071] [ 119.974649][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 121.143065][ T6118] FAULT_INJECTION: forcing a failure. [ 121.143065][ T6118] name failslab, interval 1, probability 0, space 0, times 0 [ 121.160369][ T6118] CPU: 0 UID: 0 PID: 6118 Comm: syz.1.53 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 121.160411][ T6118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 121.160430][ T6118] Call Trace: [ 121.160440][ T6118] [ 121.160452][ T6118] dump_stack_lvl+0x16c/0x1f0 [ 121.160511][ T6118] should_fail_ex+0x512/0x640 [ 121.160560][ T6118] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 121.160597][ T6118] should_failslab+0xc2/0x120 [ 121.160638][ T6118] __kmalloc_cache_noprof+0x6a/0x3e0 [ 121.160670][ T6118] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 121.160724][ T6118] ? genl_start+0x1e8/0x980 [ 121.160775][ T6118] genl_start+0x1e8/0x980 [ 121.160829][ T6118] __netlink_dump_start+0x60b/0x990 [ 121.160878][ T6118] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 121.160930][ T6118] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 121.160991][ T6118] ? genl_op_from_small+0x25/0x440 [ 121.161045][ T6118] ? __pfx_genl_get_cmd+0x10/0x10 [ 121.161088][ T6118] ? __pfx_genl_start+0x10/0x10 [ 121.161131][ T6118] ? __pfx_genl_dumpit+0x10/0x10 [ 121.161176][ T6118] ? __pfx_genl_done+0x10/0x10 [ 121.161228][ T6118] ? __local_bh_enable_ip+0xa4/0x120 [ 121.161265][ T6118] ? __dev_queue_xmit+0x896/0x43e0 [ 121.161296][ T6118] ? __radix_tree_lookup+0x21f/0x2c0 [ 121.161350][ T6118] genl_rcv_msg+0x46e/0x800 [ 121.161405][ T6118] ? __pfx_genl_rcv_msg+0x10/0x10 [ 121.161454][ T6118] ? __pfx___dev_queue_xmit+0x10/0x10 [ 121.161487][ T6118] ? __pfx_nl80211_dump_survey+0x10/0x10 [ 121.161535][ T6118] ? __lock_acquire+0xaa4/0x1ba0 [ 121.161588][ T6118] netlink_rcv_skb+0x16d/0x440 [ 121.161633][ T6118] ? __pfx_genl_rcv_msg+0x10/0x10 [ 121.161685][ T6118] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 121.161752][ T6118] ? __pfx_down_read+0x10/0x10 [ 121.161784][ T6118] ? netlink_deliver_tap+0x1ae/0xd30 [ 121.161832][ T6118] genl_rcv+0x28/0x40 [ 121.161876][ T6118] netlink_unicast+0x53a/0x7f0 [ 121.161923][ T6118] ? __pfx_netlink_unicast+0x10/0x10 [ 121.161980][ T6118] ? __lock_acquire+0xaa4/0x1ba0 [ 121.162035][ T6118] netlink_sendmsg+0x8d1/0xdd0 [ 121.162088][ T6118] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.162151][ T6118] ____sys_sendmsg+0xa95/0xc70 [ 121.162203][ T6118] ? copy_msghdr_from_user+0x10a/0x160 [ 121.162244][ T6118] ? __pfx_____sys_sendmsg+0x10/0x10 [ 121.162291][ T6118] ? lockdep_hardirqs_on+0x7c/0x110 [ 121.162344][ T6118] ? kfree+0x2b6/0x4d0 [ 121.162370][ T6118] ? __pfx__kstrtoull+0x10/0x10 [ 121.162409][ T6118] ? ___sys_sendmsg+0x141/0x1d0 [ 121.162457][ T6118] ___sys_sendmsg+0x134/0x1d0 [ 121.162501][ T6118] ? __pfx____sys_sendmsg+0x10/0x10 [ 121.162584][ T6118] ? __pfx___might_resched+0x10/0x10 [ 121.162632][ T6118] __sys_sendmmsg+0x200/0x420 [ 121.162678][ T6118] ? __pfx___sys_sendmmsg+0x10/0x10 [ 121.162734][ T6118] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 121.162804][ T6118] ? fput+0x70/0xf0 [ 121.162844][ T6118] ? ksys_write+0x1b9/0x240 [ 121.162876][ T6118] ? __pfx_ksys_write+0x10/0x10 [ 121.162906][ T6118] ? rcu_is_watching+0x12/0xc0 [ 121.162947][ T6118] __x64_sys_sendmmsg+0x9c/0x100 [ 121.162994][ T6118] ? lockdep_hardirqs_on+0x7c/0x110 [ 121.163042][ T6118] do_syscall_64+0xcd/0x230 [ 121.163096][ T6118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.163130][ T6118] RIP: 0033:0x7f785cf8e969 [ 121.163154][ T6118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.163193][ T6118] RSP: 002b:00007f785de7a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 121.163223][ T6118] RAX: ffffffffffffffda RBX: 00007f785d1b5fa0 RCX: 00007f785cf8e969 [ 121.163243][ T6118] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003 [ 121.163263][ T6118] RBP: 00007f785de7a090 R08: 0000000000000000 R09: 0000000000000000 [ 121.163281][ T6118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 121.163299][ T6118] R13: 0000000000000000 R14: 00007f785d1b5fa0 R15: 00007ffc6d2b9668 [ 121.163343][ T6118] [ 122.193317][ T6127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.55'. [ 122.319733][ T6132] FAULT_INJECTION: forcing a failure. [ 122.319733][ T6132] name failslab, interval 1, probability 0, space 0, times 0 [ 122.381410][ T6132] CPU: 1 UID: 0 PID: 6132 Comm: syz.2.57 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 122.381455][ T6132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 122.381473][ T6132] Call Trace: [ 122.381483][ T6132] [ 122.381495][ T6132] dump_stack_lvl+0x16c/0x1f0 [ 122.381548][ T6132] should_fail_ex+0x512/0x640 [ 122.381601][ T6132] should_failslab+0xc2/0x120 [ 122.381642][ T6132] __kmalloc_cache_noprof+0x6a/0x3e0 [ 122.381675][ T6132] ? sctp_add_bind_addr+0xae/0x3f0 [ 122.381728][ T6132] sctp_add_bind_addr+0xae/0x3f0 [ 122.381782][ T6132] sctp_copy_local_addr_list+0x39d/0x5a0 [ 122.381848][ T6132] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 122.381904][ T6132] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 122.381938][ T6132] ? sctp_bind_addr_copy+0xe0/0x530 [ 122.381983][ T6132] sctp_bind_addr_copy+0xe0/0x530 [ 122.382038][ T6132] sctp_connect_new_asoc+0x1d7/0x790 [ 122.382082][ T6132] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 122.382125][ T6132] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 122.382172][ T6132] __sctp_connect+0x3f3/0xc60 [ 122.382216][ T6132] ? do_raw_spin_lock+0x12c/0x2b0 [ 122.382267][ T6132] ? __pfx___sctp_connect+0x10/0x10 [ 122.382308][ T6132] ? __pfx_sctp_inet_connect+0x10/0x10 [ 122.382348][ T6132] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 122.382402][ T6132] ? __pfx_sctp_inet_connect+0x10/0x10 [ 122.382436][ T6132] sctp_inet_connect+0x15f/0x200 [ 122.382476][ T6132] __sys_connect_file+0x141/0x1a0 [ 122.382514][ T6132] __sys_connect+0x14d/0x170 [ 122.382547][ T6132] ? __pfx___sys_connect+0x10/0x10 [ 122.382598][ T6132] ? __pfx_ksys_write+0x10/0x10 [ 122.382628][ T6132] ? rcu_is_watching+0x12/0xc0 [ 122.382667][ T6132] __x64_sys_connect+0x72/0xb0 [ 122.382698][ T6132] ? lockdep_hardirqs_on+0x7c/0x110 [ 122.382743][ T6132] do_syscall_64+0xcd/0x230 [ 122.382795][ T6132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.382827][ T6132] RIP: 0033:0x7f1a2e58e969 [ 122.382858][ T6132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.382887][ T6132] RSP: 002b:00007f1a2f36c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 122.382916][ T6132] RAX: ffffffffffffffda RBX: 00007f1a2e7b6080 RCX: 00007f1a2e58e969 [ 122.382937][ T6132] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 122.382955][ T6132] RBP: 00007f1a2f36c090 R08: 0000000000000000 R09: 0000000000000000 [ 122.382974][ T6132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 122.382993][ T6132] R13: 0000000000000000 R14: 00007f1a2e7b6080 R15: 00007ffe0b850fc8 [ 122.383035][ T6132] [ 123.633796][ T6157] FAULT_INJECTION: forcing a failure. [ 123.633796][ T6157] name failslab, interval 1, probability 0, space 0, times 0 [ 123.697488][ T6157] CPU: 0 UID: 0 PID: 6157 Comm: syz.3.64 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 123.697532][ T6157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 123.697550][ T6157] Call Trace: [ 123.697561][ T6157] [ 123.697573][ T6157] dump_stack_lvl+0x16c/0x1f0 [ 123.697626][ T6157] should_fail_ex+0x512/0x640 [ 123.697678][ T6157] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 123.697715][ T6157] should_failslab+0xc2/0x120 [ 123.697756][ T6157] __kmalloc_cache_noprof+0x6a/0x3e0 [ 123.697789][ T6157] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 123.697843][ T6157] ? genl_start+0x1e8/0x980 [ 123.697896][ T6157] genl_start+0x1e8/0x980 [ 123.697951][ T6157] __netlink_dump_start+0x60b/0x990 [ 123.698009][ T6157] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 123.698063][ T6157] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 123.698120][ T6157] ? genl_op_from_small+0x25/0x440 [ 123.698174][ T6157] ? __pfx_genl_get_cmd+0x10/0x10 [ 123.698218][ T6157] ? __pfx_genl_start+0x10/0x10 [ 123.698261][ T6157] ? __pfx_genl_dumpit+0x10/0x10 [ 123.698307][ T6157] ? __pfx_genl_done+0x10/0x10 [ 123.698359][ T6157] ? __local_bh_enable_ip+0xa4/0x120 [ 123.698396][ T6157] ? __dev_queue_xmit+0x896/0x43e0 [ 123.698425][ T6157] ? __radix_tree_lookup+0x21f/0x2c0 [ 123.698478][ T6157] genl_rcv_msg+0x46e/0x800 [ 123.698533][ T6157] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.698582][ T6157] ? __pfx___dev_queue_xmit+0x10/0x10 [ 123.698614][ T6157] ? __pfx_nl80211_dump_survey+0x10/0x10 [ 123.698663][ T6157] ? __lock_acquire+0xaa4/0x1ba0 [ 123.698715][ T6157] netlink_rcv_skb+0x16d/0x440 [ 123.698759][ T6157] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.698812][ T6157] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 123.698880][ T6157] ? __pfx_down_read+0x10/0x10 [ 123.698915][ T6157] ? netlink_deliver_tap+0x1ae/0xd30 [ 123.698970][ T6157] genl_rcv+0x28/0x40 [ 123.699015][ T6157] netlink_unicast+0x53a/0x7f0 [ 123.699065][ T6157] ? __pfx_netlink_unicast+0x10/0x10 [ 123.699105][ T6157] ? __lock_acquire+0xaa4/0x1ba0 [ 123.699157][ T6157] netlink_sendmsg+0x8d1/0xdd0 [ 123.699209][ T6157] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.699271][ T6157] ____sys_sendmsg+0xa95/0xc70 [ 123.699323][ T6157] ? copy_msghdr_from_user+0x10a/0x160 [ 123.699363][ T6157] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.699408][ T6157] ? lockdep_hardirqs_on+0x7c/0x110 [ 123.699460][ T6157] ? kfree+0x2b6/0x4d0 [ 123.699486][ T6157] ? __pfx__kstrtoull+0x10/0x10 [ 123.699522][ T6157] ? ___sys_sendmsg+0x141/0x1d0 [ 123.699568][ T6157] ___sys_sendmsg+0x134/0x1d0 [ 123.699623][ T6157] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.699702][ T6157] ? __pfx___might_resched+0x10/0x10 [ 123.699749][ T6157] __sys_sendmmsg+0x200/0x420 [ 123.699794][ T6157] ? __pfx___sys_sendmmsg+0x10/0x10 [ 123.699849][ T6157] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 123.699917][ T6157] ? fput+0x70/0xf0 [ 123.699959][ T6157] ? ksys_write+0x1b9/0x240 [ 123.699989][ T6157] ? __pfx_ksys_write+0x10/0x10 [ 123.700018][ T6157] ? rcu_is_watching+0x12/0xc0 [ 123.700055][ T6157] __x64_sys_sendmmsg+0x9c/0x100 [ 123.700093][ T6157] ? lockdep_hardirqs_on+0x7c/0x110 [ 123.700136][ T6157] do_syscall_64+0xcd/0x230 [ 123.700188][ T6157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.700220][ T6157] RIP: 0033:0x7f3a14f8e969 [ 123.700244][ T6157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.700273][ T6157] RSP: 002b:00007f3a15ead038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 123.700301][ T6157] RAX: ffffffffffffffda RBX: 00007f3a151b5fa0 RCX: 00007f3a14f8e969 [ 123.700321][ T6157] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003 [ 123.700339][ T6157] RBP: 00007f3a15ead090 R08: 0000000000000000 R09: 0000000000000000 [ 123.700357][ T6157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 123.700376][ T6157] R13: 0000000000000000 R14: 00007f3a151b5fa0 R15: 00007ffcbbfba338 [ 123.700416][ T6157] [ 125.114627][ T6166] FAULT_INJECTION: forcing a failure. [ 125.114627][ T6166] name failslab, interval 1, probability 0, space 0, times 0 [ 125.162854][ T6166] CPU: 1 UID: 0 PID: 6166 Comm: syz.1.68 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 125.162898][ T6166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 125.162916][ T6166] Call Trace: [ 125.162926][ T6166] [ 125.162939][ T6166] dump_stack_lvl+0x16c/0x1f0 [ 125.162991][ T6166] should_fail_ex+0x512/0x640 [ 125.163047][ T6166] should_failslab+0xc2/0x120 [ 125.163091][ T6166] __kmalloc_cache_noprof+0x6a/0x3e0 [ 125.163125][ T6166] ? sctp_add_bind_addr+0xae/0x3f0 [ 125.163179][ T6166] sctp_add_bind_addr+0xae/0x3f0 [ 125.163231][ T6166] sctp_copy_local_addr_list+0x39d/0x5a0 [ 125.163292][ T6166] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 125.163353][ T6166] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 125.163396][ T6166] ? sctp_bind_addr_copy+0xe0/0x530 [ 125.163443][ T6166] sctp_bind_addr_copy+0xe0/0x530 [ 125.163501][ T6166] sctp_connect_new_asoc+0x1d7/0x790 [ 125.163542][ T6166] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 125.163592][ T6166] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 125.163640][ T6166] __sctp_connect+0x3f3/0xc60 [ 125.163684][ T6166] ? do_raw_spin_lock+0x12c/0x2b0 [ 125.163737][ T6166] ? __pfx___sctp_connect+0x10/0x10 [ 125.163780][ T6166] ? __pfx_sctp_inet_connect+0x10/0x10 [ 125.163822][ T6166] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 125.163871][ T6166] ? __pfx_sctp_inet_connect+0x10/0x10 [ 125.163913][ T6166] sctp_inet_connect+0x15f/0x200 [ 125.163951][ T6166] __sys_connect_file+0x141/0x1a0 [ 125.163989][ T6166] __sys_connect+0x14d/0x170 [ 125.164020][ T6166] ? __pfx___sys_connect+0x10/0x10 [ 125.164064][ T6166] ? __pfx_ksys_write+0x10/0x10 [ 125.164093][ T6166] ? rcu_is_watching+0x12/0xc0 [ 125.164132][ T6166] __x64_sys_connect+0x72/0xb0 [ 125.164164][ T6166] ? lockdep_hardirqs_on+0x7c/0x110 [ 125.164210][ T6166] do_syscall_64+0xcd/0x230 [ 125.164264][ T6166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.164294][ T6166] RIP: 0033:0x7f785cf8e969 [ 125.164319][ T6166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.164348][ T6166] RSP: 002b:00007f785de7a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 125.164377][ T6166] RAX: ffffffffffffffda RBX: 00007f785d1b5fa0 RCX: 00007f785cf8e969 [ 125.164397][ T6166] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 125.164415][ T6166] RBP: 00007f785de7a090 R08: 0000000000000000 R09: 0000000000000000 [ 125.164433][ T6166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 125.164451][ T6166] R13: 0000000000000000 R14: 00007f785d1b5fa0 R15: 00007ffc6d2b9668 [ 125.164491][ T6166] [ 126.657157][ T6184] netlink: 28 bytes leftover after parsing attributes in process `syz.1.72'. [ 126.666357][ T6184] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 126.673820][ T6184] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 126.727925][ T6184] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.739217][ T6184] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 128.294342][ T6213] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 132.325737][ T6278] netlink: 330 bytes leftover after parsing attributes in process `syz.3.92'. [ 132.356380][ T6278] : renamed from lo (while UP) [ 132.626720][ T6276] FAULT_INJECTION: forcing a failure. [ 132.626720][ T6276] name failslab, interval 1, probability 0, space 0, times 0 [ 132.644451][ T6276] CPU: 1 UID: 0 PID: 6276 Comm: syz.0.91 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 132.644494][ T6276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 132.644512][ T6276] Call Trace: [ 132.644522][ T6276] [ 132.644534][ T6276] dump_stack_lvl+0x16c/0x1f0 [ 132.644593][ T6276] should_fail_ex+0x512/0x640 [ 132.644642][ T6276] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 132.644684][ T6276] should_failslab+0xc2/0x120 [ 132.644724][ T6276] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 132.644762][ T6276] ? vma_merge_new_range+0x3f8/0xc10 [ 132.644798][ T6276] ? vm_area_alloc+0x1f/0x160 [ 132.644841][ T6276] vm_area_alloc+0x1f/0x160 [ 132.644874][ T6276] __mmap_region+0xfd0/0x27c0 [ 132.644907][ T6276] ? finish_task_switch.isra.0+0x221/0xc10 [ 132.644939][ T6276] ? __pfx___mmap_region+0x10/0x10 [ 132.644970][ T6276] ? trace_sched_exit_tp+0xde/0x130 [ 132.645028][ T6276] ? __pfx___schedule+0x10/0x10 [ 132.645103][ T6276] ? trace_cap_capable+0x18d/0x200 [ 132.645143][ T6276] ? cap_capable+0xb3/0x250 [ 132.645177][ T6276] mmap_region+0x1ab/0x3f0 [ 132.645217][ T6276] do_mmap+0xd8e/0x11b0 [ 132.645266][ T6276] ? __pfx_do_mmap+0x10/0x10 [ 132.645310][ T6276] ? __pfx_down_write_killable+0x10/0x10 [ 132.645345][ T6276] vm_mmap_pgoff+0x281/0x450 [ 132.645393][ T6276] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 132.645442][ T6276] ? __x64_sys_futex+0x1e0/0x4c0 [ 132.645471][ T6276] ? __x64_sys_futex+0x1e9/0x4c0 [ 132.645506][ T6276] ksys_mmap_pgoff+0x7d/0x5c0 [ 132.645547][ T6276] ? rcu_is_watching+0x12/0xc0 [ 132.645577][ T6276] __x64_sys_mmap+0x125/0x190 [ 132.645608][ T6276] do_syscall_64+0xcd/0x230 [ 132.645653][ T6276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.645681][ T6276] RIP: 0033:0x7f485038e969 [ 132.645701][ T6276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.645729][ T6276] RSP: 002b:00007f485119a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 132.645754][ T6276] RAX: ffffffffffffffda RBX: 00007f48505b5fa0 RCX: 00007f485038e969 [ 132.645771][ T6276] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 132.645787][ T6276] RBP: 00007f4850410ab1 R08: 0000000000000401 R09: 0000000000008000 [ 132.645804][ T6276] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 132.645819][ T6276] R13: 0000000000000000 R14: 00007f48505b5fa0 R15: 00007ffc8ef91058 [ 132.645854][ T6276] [ 132.652191][ T6283] kvm: kvm [6281]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000025) = 0x2 [ 133.213366][ T6288] netlink: 'syz.2.94': attribute type 11 has an invalid length. [ 133.235051][ T6288] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 133.378802][ T6289] ima: policy update failed [ 133.394043][ T30] audit: type=1802 audit(6042555381.753:2): pid=6289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.95" res=0 errno=0 [ 133.844763][ T6300] FAULT_INJECTION: forcing a failure. [ 133.844763][ T6300] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 133.994051][ T6300] CPU: 1 UID: 0 PID: 6300 Comm: syz.3.98 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 133.994093][ T6300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 133.994111][ T6300] Call Trace: [ 133.994121][ T6300] [ 133.994133][ T6300] dump_stack_lvl+0x16c/0x1f0 [ 133.994187][ T6300] should_fail_ex+0x512/0x640 [ 133.994243][ T6300] _copy_from_user+0x2e/0xd0 [ 133.994297][ T6300] copy_msghdr_from_user+0x98/0x160 [ 133.994337][ T6300] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 133.994375][ T6300] ? lockdep_hardirqs_on+0x7c/0x110 [ 133.994429][ T6300] ? kfree+0x252/0x4d0 [ 133.994456][ T6300] ? __pfx__kstrtoull+0x10/0x10 [ 133.994493][ T6300] ? ___sys_sendmsg+0x141/0x1d0 [ 133.994540][ T6300] ___sys_sendmsg+0xfe/0x1d0 [ 133.994583][ T6300] ? __pfx____sys_sendmsg+0x10/0x10 [ 133.994662][ T6300] ? __pfx___might_resched+0x10/0x10 [ 133.994717][ T6300] __sys_sendmmsg+0x200/0x420 [ 133.994765][ T6300] ? __pfx___sys_sendmmsg+0x10/0x10 [ 133.994820][ T6300] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 133.994889][ T6300] ? fput+0x70/0xf0 [ 133.994929][ T6300] ? ksys_write+0x1b9/0x240 [ 133.994961][ T6300] ? __pfx_ksys_write+0x10/0x10 [ 133.994991][ T6300] ? rcu_is_watching+0x12/0xc0 [ 133.995030][ T6300] __x64_sys_sendmmsg+0x9c/0x100 [ 133.995068][ T6300] ? lockdep_hardirqs_on+0x7c/0x110 [ 133.995118][ T6300] do_syscall_64+0xcd/0x230 [ 133.995172][ T6300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.995206][ T6300] RIP: 0033:0x7f3a14f8e969 [ 133.995230][ T6300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.995260][ T6300] RSP: 002b:00007f3a15ead038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 133.995289][ T6300] RAX: ffffffffffffffda RBX: 00007f3a151b5fa0 RCX: 00007f3a14f8e969 [ 133.995309][ T6300] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003 [ 133.995328][ T6300] RBP: 00007f3a15ead090 R08: 0000000000000000 R09: 0000000000000000 [ 133.995347][ T6300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 133.995365][ T6300] R13: 0000000000000000 R14: 00007f3a151b5fa0 R15: 00007ffcbbfba338 [ 133.995406][ T6300] [ 134.552283][ T6315] netlink: 338 bytes leftover after parsing attributes in process `syz.0.101'. [ 134.596021][ T6316] netlink: 8 bytes leftover after parsing attributes in process `syz.2.100'. [ 134.671741][ T6315] IPv6: NLM_F_CREATE should be specified when creating new route [ 137.474307][ T6357] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 137.903967][ T6318] ima: policy update failed [ 137.925905][ T30] audit: type=1802 audit(6042555386.283:3): pid=6318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.102" res=0 errno=0 [ 138.841515][ T6375] FAULT_INJECTION: forcing a failure. [ 138.841515][ T6375] name failslab, interval 1, probability 0, space 0, times 0 [ 138.854842][ T6375] CPU: 1 UID: 0 PID: 6375 Comm: syz.3.110 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 138.854889][ T6375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 138.854910][ T6375] Call Trace: [ 138.854921][ T6375] [ 138.854933][ T6375] dump_stack_lvl+0x16c/0x1f0 [ 138.854991][ T6375] should_fail_ex+0x512/0x640 [ 138.855042][ T6375] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 138.855088][ T6375] should_failslab+0xc2/0x120 [ 138.855131][ T6375] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 138.855172][ T6375] ? __d_alloc+0x31/0xaa0 [ 138.855214][ T6375] __d_alloc+0x31/0xaa0 [ 138.855266][ T6375] d_alloc+0x4a/0x1e0 [ 138.855306][ T6375] d_alloc_parallel+0xe3/0x12e0 [ 138.855352][ T6375] ? kasan_save_stack+0x42/0x60 [ 138.855388][ T6375] ? kasan_save_track+0x14/0x30 [ 138.855423][ T6375] ? kasan_save_free_info+0x3b/0x60 [ 138.855474][ T6375] ? kfree+0x2b6/0x4d0 [ 138.855501][ T6375] ? walk_component+0x1a5/0x5b0 [ 138.855549][ T6375] ? link_path_walk.part.0.constprop.0+0x553/0xd60 [ 138.855613][ T6375] ? __lock_acquire+0xaa4/0x1ba0 [ 138.855657][ T6375] ? __pfx_d_alloc_parallel+0x10/0x10 [ 138.855710][ T6375] ? lockdep_init_map_type+0x5c/0x280 [ 138.855757][ T6375] ? lockdep_init_map_type+0x5c/0x280 [ 138.855811][ T6375] __lookup_slow+0x193/0x460 [ 138.855858][ T6375] ? __pfx___lookup_slow+0x10/0x10 [ 138.855938][ T6375] ? lookup_fast+0x156/0x610 [ 138.855995][ T6375] walk_component+0x353/0x5b0 [ 138.856051][ T6375] link_path_walk.part.0.constprop.0+0x685/0xd60 [ 138.856124][ T6375] path_openat+0x227/0x2d40 [ 138.856155][ T6375] ? __x64_sys_openat+0x174/0x210 [ 138.856227][ T6375] ? __pfx_path_openat+0x10/0x10 [ 138.856274][ T6375] do_filp_open+0x20b/0x470 [ 138.856310][ T6375] ? __pfx_do_filp_open+0x10/0x10 [ 138.856361][ T6375] ? __pfx_kfree_link+0x10/0x10 [ 138.856421][ T6375] ? alloc_fd+0x471/0x7d0 [ 138.856489][ T6375] do_sys_openat2+0x11b/0x1d0 [ 138.856536][ T6375] ? __pfx_do_sys_openat2+0x10/0x10 [ 138.856600][ T6375] __x64_sys_openat+0x174/0x210 [ 138.856649][ T6375] ? __pfx___x64_sys_openat+0x10/0x10 [ 138.856698][ T6375] ? rcu_is_watching+0x12/0xc0 [ 138.856743][ T6375] do_syscall_64+0xcd/0x230 [ 138.856799][ T6375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.856834][ T6375] RIP: 0033:0x7f3a14f8d2d0 [ 138.856861][ T6375] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 138.856893][ T6375] RSP: 002b:00007f3a15eacf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 138.856924][ T6375] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f3a14f8d2d0 [ 138.856945][ T6375] RDX: 0000000000000002 RSI: 00007f3a15eacfa0 RDI: 00000000ffffff9c [ 138.856966][ T6375] RBP: 00007f3a15eacfa0 R08: 0000000000000000 R09: 0000000000000000 [ 138.856985][ T6375] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 138.857004][ T6375] R13: 0000000000000000 R14: 00007f3a151b5fa0 R15: 00007ffcbbfba338 [ 138.857047][ T6375] [ 139.275251][ T6375] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.951323][ T6380] kvm: kvm [6379]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000025) = 0x2 [ 140.037385][ T6384] FAULT_INJECTION: forcing a failure. [ 140.037385][ T6384] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 140.104011][ T6384] CPU: 1 UID: 0 PID: 6384 Comm: syz.0.114 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 140.104068][ T6384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 140.104091][ T6384] Call Trace: [ 140.104101][ T6384] [ 140.104113][ T6384] dump_stack_lvl+0x16c/0x1f0 [ 140.104167][ T6384] should_fail_ex+0x512/0x640 [ 140.104221][ T6384] _copy_from_user+0x2e/0xd0 [ 140.104275][ T6384] kstrtouint_from_user+0xd6/0x1d0 [ 140.104317][ T6384] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 140.104355][ T6384] ? __lock_acquire+0xaa4/0x1ba0 [ 140.104427][ T6384] proc_fail_nth_write+0x83/0x250 [ 140.104476][ T6384] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 140.104536][ T6384] vfs_write+0x25f/0x1180 [ 140.104577][ T6384] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 140.104630][ T6384] ? __pfx___mutex_lock+0x10/0x10 [ 140.104688][ T6384] ? __pfx_vfs_write+0x10/0x10 [ 140.104734][ T6384] ? __fget_files+0x20e/0x3c0 [ 140.104778][ T6384] ksys_write+0x12a/0x240 [ 140.104810][ T6384] ? __pfx_ksys_write+0x10/0x10 [ 140.104840][ T6384] ? rcu_is_watching+0x12/0xc0 [ 140.104885][ T6384] do_syscall_64+0xcd/0x230 [ 140.104940][ T6384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.104973][ T6384] RIP: 0033:0x7f485038d41f [ 140.104998][ T6384] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 140.105027][ T6384] RSP: 002b:00007f485119a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 140.105057][ T6384] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f485038d41f [ 140.105075][ T6384] RDX: 0000000000000001 RSI: 00007f485119a0a0 RDI: 0000000000000004 [ 140.105094][ T6384] RBP: 00007f485119a090 R08: 0000000000000000 R09: 0000000000000000 [ 140.105113][ T6384] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 140.105131][ T6384] R13: 0000000000000000 R14: 00007f48505b5fa0 R15: 00007ffc8ef91058 [ 140.105174][ T6384] [ 141.119297][ T6398] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 142.446688][ T6419] netlink: 20 bytes leftover after parsing attributes in process `syz.3.125'. [ 142.544957][ T6424] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 143.162156][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.174085][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 146.584872][ T6492] kvm: kvm [6491]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000025) = 0x2 [ 146.958033][ T6500] FAULT_INJECTION: forcing a failure. [ 146.958033][ T6500] name failslab, interval 1, probability 0, space 0, times 0 [ 147.084108][ T6500] CPU: 1 UID: 0 PID: 6500 Comm: syz.1.140 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 147.084157][ T6500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 147.084176][ T6500] Call Trace: [ 147.084187][ T6500] [ 147.084200][ T6500] dump_stack_lvl+0x16c/0x1f0 [ 147.084257][ T6500] should_fail_ex+0x512/0x640 [ 147.084307][ T6500] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 147.084347][ T6500] should_failslab+0xc2/0x120 [ 147.084389][ T6500] __kmalloc_cache_noprof+0x6a/0x3e0 [ 147.084424][ T6500] ? kvm_dev_ioctl+0x15b8/0x1ad0 [ 147.084471][ T6500] kvm_dev_ioctl+0x15b8/0x1ad0 [ 147.084524][ T6500] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 147.084580][ T6500] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 147.084623][ T6500] __x64_sys_ioctl+0x190/0x200 [ 147.084675][ T6500] do_syscall_64+0xcd/0x230 [ 147.084730][ T6500] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.084764][ T6500] RIP: 0033:0x7f785cf8e969 [ 147.084799][ T6500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.084831][ T6500] RSP: 002b:00007f785de7a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 147.084862][ T6500] RAX: ffffffffffffffda RBX: 00007f785d1b5fa0 RCX: 00007f785cf8e969 [ 147.084883][ T6500] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 147.084902][ T6500] RBP: 00007f785d010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 147.084922][ T6500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.084942][ T6500] R13: 0000000000000000 R14: 00007f785d1b5fa0 R15: 00007ffc6d2b9668 [ 147.084984][ T6500] [ 147.257405][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.418352][ T6528] kvm: kvm [6527]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000025) = 0x2 [ 149.041038][ T6536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.145'. [ 149.205437][ T6536] netlink: 346 bytes leftover after parsing attributes in process `syz.1.145'. [ 149.990705][ T6558] ima: policy update failed [ 149.996237][ T30] audit: type=1802 audit(6042555398.373:4): pid=6558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.150" res=0 errno=0 [ 150.017044][ T6558] netlink: 25 bytes leftover after parsing attributes in process `syz.3.150'. [ 150.926537][ T6566] [ 150.928938][ T6566] ====================================================== [ 150.935992][ T6566] WARNING: possible circular locking dependency detected [ 150.943048][ T6566] 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 Not tainted [ 150.950205][ T6566] ------------------------------------------------------ [ 150.957246][ T6566] syz.1.152/6566 is trying to acquire lock: [ 150.963171][ T6566] ffff8881433c1958 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 150.973071][ T6566] [ 150.973071][ T6566] but task is already holding lock: [ 150.980451][ T6566] ffff8881433c1428 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 150.991749][ T6566] [ 150.991749][ T6566] which lock already depends on the new lock. [ 150.991749][ T6566] [ 151.002180][ T6566] [ 151.002180][ T6566] the existing dependency chain (in reverse order) is: [ 151.011209][ T6566] [ 151.011209][ T6566] -> #2 (&q->q_usage_counter(io)#29){++++}-{0:0}: [ 151.019861][ T6566] blk_alloc_queue+0x619/0x760 [ 151.025189][ T6566] blk_mq_alloc_queue+0x179/0x290 [ 151.030772][ T6566] __blk_mq_alloc_disk+0x29/0x120 [ 151.036353][ T6566] loop_add+0x496/0xb70 [ 151.041066][ T6566] loop_init+0x164/0x270 [ 151.045860][ T6566] do_one_initcall+0x120/0x6e0 [ 151.051184][ T6566] kernel_init_freeable+0x5c2/0x900 [ 151.056956][ T6566] kernel_init+0x1c/0x2b0 [ 151.061828][ T6566] ret_from_fork+0x48/0x80 [ 151.066786][ T6566] ret_from_fork_asm+0x1a/0x30 [ 151.072108][ T6566] [ 151.072108][ T6566] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 151.079378][ T6566] fs_reclaim_acquire+0x102/0x150 [ 151.084988][ T6566] kmem_cache_alloc_noprof+0x53/0x3b0 [ 151.090928][ T6566] __kernfs_new_node+0xd2/0x8a0 [ 151.096343][ T6566] kernfs_new_node+0x13c/0x1e0 [ 151.101816][ T6566] kernfs_create_dir_ns+0x4c/0x1a0 [ 151.107488][ T6566] sysfs_create_dir_ns+0x13a/0x2b0 [ 151.113164][ T6566] kobject_add_internal+0x2c4/0x9b0 [ 151.118941][ T6566] kobject_add+0x16e/0x240 [ 151.123904][ T6566] elv_register_queue+0xd3/0x2a0 [ 151.129399][ T6566] blk_register_queue+0x3c4/0x560 [ 151.134968][ T6566] add_disk_fwnode+0x911/0x13a0 [ 151.140374][ T6566] nbd_dev_add+0x78e/0xbb0 [ 151.145336][ T6566] nbd_init+0x181/0x320 [ 151.150049][ T6566] do_one_initcall+0x120/0x6e0 [ 151.155371][ T6566] kernel_init_freeable+0x5c2/0x900 [ 151.161162][ T6566] kernel_init+0x1c/0x2b0 [ 151.166038][ T6566] ret_from_fork+0x48/0x80 [ 151.170999][ T6566] ret_from_fork_asm+0x1a/0x30 [ 151.176351][ T6566] [ 151.176351][ T6566] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 151.184204][ T6566] __lock_acquire+0x1173/0x1ba0 [ 151.189621][ T6566] lock_acquire+0x179/0x350 [ 151.194681][ T6566] __mutex_lock+0x199/0xb90 [ 151.199748][ T6566] queue_requests_store+0x1c7/0x310 [ 151.205493][ T6566] queue_attr_store+0x273/0x310 [ 151.210889][ T6566] sysfs_kf_write+0xf2/0x150 [ 151.216033][ T6566] kernfs_fop_write_iter+0x351/0x510 [ 151.221868][ T6566] vfs_write+0x5ba/0x1180 [ 151.226741][ T6566] ksys_write+0x12a/0x240 [ 151.231611][ T6566] do_syscall_64+0xcd/0x230 [ 151.236674][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.243120][ T6566] [ 151.243120][ T6566] other info that might help us debug this: [ 151.243120][ T6566] [ 151.253360][ T6566] Chain exists of: [ 151.253360][ T6566] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#29 [ 151.253360][ T6566] [ 151.267142][ T6566] Possible unsafe locking scenario: [ 151.267142][ T6566] [ 151.274603][ T6566] CPU0 CPU1 [ 151.279974][ T6566] ---- ---- [ 151.285368][ T6566] lock(&q->q_usage_counter(io)#29); [ 151.290777][ T6566] lock(fs_reclaim); [ 151.297392][ T6566] lock(&q->q_usage_counter(io)#29); [ 151.305321][ T6566] lock(&q->elevator_lock); [ 151.309963][ T6566] [ 151.309963][ T6566] *** DEADLOCK *** [ 151.309963][ T6566] [ 151.318123][ T6566] 6 locks held by syz.1.152/6566: [ 151.323166][ T6566] #0: ffff8880649bfcf8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 151.332305][ T6566] #1: ffff888031858420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240 [ 151.341418][ T6566] #2: ffff88807cd91488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 151.351223][ T6566] #3: ffff888141b7f698 (kn->active#94){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 151.361299][ T6566] #4: ffff8881433c1428 (&q->q_usage_counter(io)#29){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 151.373051][ T6566] #5: ffff8881433c1460 (&q->q_usage_counter(queue)#19){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 151.385125][ T6566] [ 151.385125][ T6566] stack backtrace: [ 151.391029][ T6566] CPU: 1 UID: 0 PID: 6566 Comm: syz.1.152 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) [ 151.391063][ T6566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 151.391079][ T6566] Call Trace: [ 151.391088][ T6566] [ 151.391099][ T6566] dump_stack_lvl+0x116/0x1f0 [ 151.391141][ T6566] print_circular_bug+0x275/0x350 [ 151.391178][ T6566] check_noncircular+0x14c/0x170 [ 151.391216][ T6566] __lock_acquire+0x1173/0x1ba0 [ 151.391257][ T6566] lock_acquire+0x179/0x350 [ 151.391291][ T6566] ? queue_requests_store+0x1c7/0x310 [ 151.391326][ T6566] ? __pfx___might_resched+0x10/0x10 [ 151.391357][ T6566] ? do_raw_spin_lock+0x12c/0x2b0 [ 151.391400][ T6566] __mutex_lock+0x199/0xb90 [ 151.391440][ T6566] ? queue_requests_store+0x1c7/0x310 [ 151.391468][ T6566] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 151.391505][ T6566] ? queue_requests_store+0x1c7/0x310 [ 151.391531][ T6566] ? lockdep_hardirqs_on+0x7c/0x110 [ 151.391571][ T6566] ? __pfx___mutex_lock+0x10/0x10 [ 151.391616][ T6566] ? __pfx_autoremove_wake_function+0x10/0x10 [ 151.391653][ T6566] ? queue_requests_store+0x1c7/0x310 [ 151.391679][ T6566] queue_requests_store+0x1c7/0x310 [ 151.391707][ T6566] ? __pfx_queue_requests_store+0x10/0x10 [ 151.391737][ T6566] ? __mutex_trylock_common+0xe9/0x250 [ 151.391774][ T6566] ? __pfx_queue_requests_store+0x10/0x10 [ 151.391802][ T6566] queue_attr_store+0x273/0x310 [ 151.391827][ T6566] ? __pfx_queue_attr_store+0x10/0x10 [ 151.391860][ T6566] ? find_held_lock+0x2b/0x80 [ 151.391885][ T6566] ? sysfs_file_kobj+0xe4/0x290 [ 151.391925][ T6566] ? __pfx_queue_attr_store+0x10/0x10 [ 151.391950][ T6566] sysfs_kf_write+0xf2/0x150 [ 151.391989][ T6566] kernfs_fop_write_iter+0x351/0x510 [ 151.392024][ T6566] ? __pfx_sysfs_kf_write+0x10/0x10 [ 151.392064][ T6566] vfs_write+0x5ba/0x1180 [ 151.392091][ T6566] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 151.392128][ T6566] ? __pfx___mutex_lock+0x10/0x10 [ 151.392169][ T6566] ? __pfx_vfs_write+0x10/0x10 [ 151.392205][ T6566] ksys_write+0x12a/0x240 [ 151.392230][ T6566] ? __pfx_ksys_write+0x10/0x10 [ 151.392255][ T6566] ? rcu_is_watching+0x12/0xc0 [ 151.392285][ T6566] do_syscall_64+0xcd/0x230 [ 151.392334][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.392361][ T6566] RIP: 0033:0x7f785cf8e969 [ 151.392382][ T6566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.392407][ T6566] RSP: 002b:00007f785de7a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 151.392431][ T6566] RAX: ffffffffffffffda RBX: 00007f785d1b5fa0 RCX: 00007f785cf8e969 [ 151.392449][ T6566] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 151.392465][ T6566] RBP: 00007f785d010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 151.392481][ T6566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.392496][ T6566] R13: 0000000000000000 R14: 00007f785d1b5fa0 R15: 00007ffc6d2b9668 [ 151.392521][ T6566]