last executing test programs: 13.148668571s ago: executing program 3 (id=1268): mmap$auto(0x0, 0x20009, 0x809, 0xeb1, 0x401, 0x80000000008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}}, 0x801) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x806, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) (async) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) listen$auto(0x3, 0x81) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003680)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fddbdf250b000000080028800400040008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x890) (async) sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fddbdf250b000000080028800400040008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x890) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 12.659026553s ago: executing program 3 (id=1270): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000031c0)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/vendor\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003200)=""/64, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x2a, 0x2, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x3a, 0x3, 0x0) mlockall$auto(0x7) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ptrace$auto(0x10, r1, 0x4, 0x7ff) ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r1, 0xf72, 0x0) r5 = socket(0x2a, 0x2, 0x1) connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x55) bind$auto(0x3, &(0x7f0000000080)=@sco={0x1f, @none}, 0x6b) 11.396079713s ago: executing program 3 (id=1273): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) mremap$auto(0x2, 0xfffffffffffffc01, 0x40, 0x900000000000000, 0x401) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) 10.173879863s ago: executing program 1 (id=1278): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x40, 0x0) ioctl$auto(r1, 0x9000643f, 0xc35) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) mmap$auto(0x0, 0x400005, 0xe3, 0x9b72, r0, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x1a) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) sendmsg$auto_NFC_CMD_STOP_POLL(r0, 0x0, 0x44084) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) kcmp$auto(0x1, 0x1, 0x0, r2, r2) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020008, 0x3, 0x440000eb1, 0xfffffffffffffffa, 0x8000) 5.441038196s ago: executing program 1 (id=1290): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/xfs/panic_mask\x00', 0xa0202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{@raw=0x5, 0x0, 0x80000001, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @raw=0x7ff}, 0x3, 0x5, 0x4, @raw=0x1, @enumerated={0x3, 0x800, "c832bcbae48ab01ec23457b7fd2dd3547c4e2eeba79edd0d1599ded9d6faf517162fbe6a6f50f1aaa18fb20cabb4f176263bb0e781e3d0a2f992e8fcdcec86d9", 0x400, 0x312}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0ada55bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_settime$auto(0x3, 0x0, 0xfffffffffffffffd, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 5.307837507s ago: executing program 0 (id=1291): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000031c0)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/vendor\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003200)=""/64, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x2a, 0x2, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x3a, 0x3, 0x0) mlockall$auto(0x7) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ptrace$auto(0x10, r1, 0x4, 0x7ff) ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r1, 0xf72, 0x0) r5 = socket(0x2a, 0x2, 0x1) connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x55) bind$auto(0x3, &(0x7f0000000080)=@sco={0x1f, @none}, 0x6b) 5.076365815s ago: executing program 1 (id=1292): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x4f1, 0x2, 0x8000) (async) r0 = socket(0x2b, 0x1, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/pci/devices\x00', 0x10b402, 0x0) pread64$auto(r1, 0x0, 0x8100000041, 0x3) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) (async) r2 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) (async) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) (async) execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=&(0x7f0000000280)='team_slave_1\x00', 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) setsockopt$auto(r0, 0x6, 0x8, 0x0, 0x10000) 4.10133346s ago: executing program 0 (id=1293): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) setsockopt$auto(r0, 0x6, 0x9, &(0x7f0000000140)='\x00', 0x40) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00Q\x00', @ANYRES16=0x0, @ANYBLOB="010072e0fa60fddbdf2500000000000000003c1b73"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) clock_nanosleep$auto(0x8, 0x9beb, &(0x7f0000000040)={0x80, 0x1}, &(0x7f0000000100)={0x1, 0x551}) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.878089228s ago: executing program 0 (id=1294): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x80, 0xb}, 0x800009}, 0x5, 0x20000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x54}, 0x1) r1 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x81c5, 0x0) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x84, 0x16, 0xfffffffffffffffd, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/card0/pcm0p/sub7/hw_params\x00', 0x422600, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) r3 = socket(0xa, 0x5, 0x84) sendto$auto(r3, 0x0, 0x401, 0x8, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fb8000"}, 0x1c) read$auto(r2, 0x0, 0x9) read$auto(0x3, 0x0, 0xfdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) 3.784621275s ago: executing program 1 (id=1295): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x89b0, &(0x7f0000000140)={'vlan0\x00'}) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1e00279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) poll$auto(&(0x7f0000000180)={r0, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x0) ioctl$auto(r3, 0x9, r0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getxattrat$auto(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0, 0x10) capset$auto(0x0, 0x0) ioctl$auto_VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x2, 0x0) r4 = prctl$auto(0x5, 0x1, 0x4, 0x3, 0x9) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, r4, 0x300000000000) read$auto_proc_page_owner_threshold_(r4, &(0x7f0000000300)=""/75, 0x4b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/lacp_active\x00', 0x80, 0x0) mseal$auto(0x0, 0x7dda, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0xa80, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000001040)=""/4088, 0xff8) r6 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000004c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_LINK_GET(r7, &(0x7f0000003e80)={0x0, 0x0, &(0x7f0000003e40)={&(0x7f0000000000)=ANY=[@ANYBLOB="0c7ed411c0ce8534000000", @ANYRES16=r6, @ANYBLOB="010028bd7000ffdbdf2508000000200004801c00018015009c002f6465762f6370752f312f637075696400000000"], 0x34}}, 0x8040) 3.12482951s ago: executing program 1 (id=1296): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x20000000040019, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x40, 0x0) ioctl$auto(r1, 0x9000643f, 0xc35) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) mmap$auto(0x0, 0x400005, 0xe3, 0x9b72, r0, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x1a) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) sendmsg$auto_NFC_CMD_STOP_POLL(r0, 0x0, 0x44084) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) kcmp$auto(0x1, 0x1, 0x0, r2, r2) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020008, 0x3, 0x440000eb1, 0xfffffffffffffffa, 0x8000) 3.106998303s ago: executing program 3 (id=1297): kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) 2.523045213s ago: executing program 0 (id=1298): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x401, 0x1) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x2c) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) mmap$auto(0x0, 0x4, 0xffb, 0x8000000008012, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, 0x0, 0x20000884) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg0\x00', 0x141000, 0x0) bpf$auto(0x40, &(0x7f00000000c0)=@bpf_attr_0={0x0, 0x5, 0x4, 0x4, 0x800, 0xffffffffffffffff, 0x13, "f0f59673e700", 0x0, r4, 0xfffff588, 0x8, 0x2, 0x100000000000200}, 0x7f) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r4, 0x1, &(0x7f00000000c0)) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex_waitv$auto(&(0x7f0000000000)={0xb, 0x1c380, 0x82}, 0x1, 0x0, 0x0, 0x623d) 1.85571665s ago: executing program 0 (id=1300): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:01.1/ata1/power/autosuspend_delay_ms\x00', 0x400000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000004300)=""/108, 0x6c) r1 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x50900, 0x0) write$auto_null_fops_mem(r1, &(0x7f00000000c0)="1cf6369533338bbdc48e845f8ce30f0e08cb2292cb01cdf128b010b41d00eeaee5d07d8a4ee41c575a0f2dd4d301cfce9416d6d9365121099400d5f0f0254842c12183c84a399023210adb3957b3e5409de10962d9158888acc8ebd58a00a4d0cd7e43d1ce2c57aaef0e7ca158f2a08d377c2d10891d6cc10bce9265f7868a76cb8a3834b2ee57ad907b4c6535e3e5b7043b72ff4e07ca1d28a43fb567ea795e3440f44248df7d2d58dd8bc4e34563a2a30f3075ac3b5f4b9fd584221a44e83b4a4188890b74e744143111110cf9b920ff0212271a553282a8b5dbcff661a4b72f9e4f99b67d46824fbf2f098c5bbabc3355f5aee6251dbd971949af05895ce7abc3f849abfe448857df6cac7e13bf3a5a0812f394a489d5dc819415df670ab091451bc23181fc7a0534f073d41a4484222aff6d0216adf9a19ac1ccc7328f640c5d3462f1d99da8905eca357029919ada7c0a1869d7e8d73a711d670ae96c6042a405d8c67110306e575ed780c6e57f4d3b6a0514e135ef0fd1115aae0e8369ec41bd5018f98898a0c7b79953995ae9d0222566fe51eecc1d98fb683cf9bdd7165a6f0b45fe1089fd5c9fb655461fa0ecfdf3d4b686d6792b330719977091e54373dfe3cb64d3b5640e41ad93d77b9b1adaa2caf038c3e69bcd54276ebcd097702e57442aefb0ea385209fafed1a1d953cf68775cd39cf3a0fc337f0ac213f686be9bba9d1930d1eb9361be64a12e9cb778e21d6696911bdec6685651bee9092289842c218c4d2abea567195e6d56763e3c0ffac68f05c3e3934c7d5529e0975c8e303b7f667f76a6d889ffa211e5ea4f72f5f233c63452335e712d5653d0ad9110123d4bf594ad66bfd0aa4a19f8752b6437d1da936238e07e0c7cd86f74ca50cac6b8e931388ffe3ca5e55c7ddd187fc31bf4a239031d9976b7a7be9bdb1c0b53ea709f8f7410d6f9d1531c223a5ab820bc4820cd87bc51e83229b7f916ed1e30cec1010d31c687a8d45f0b38fec862718369013826de83f77439331d4d4626520f54b947e55461e8338a0a5473d4d2e22da64cf50cd98e780871e47830d61a4812b157d900f5d02bc116c46e65b706b73448f5fc65d0a76fb67c034ddd78de4002ee924edaa64cefd875500bdfe80b35b19e81530ef5df99755e7a022585158ed6c6770c125583139dd9d80fe513ec513c16609d24178ff0878f88fef991ae47bca1f1774f8c32a00bef40168d2ab6a303a6e1d5cb702efbd5b01154ca89bb46276852d60e686dd0f2e0971cf497f54f38c8ce962ad92abf086c17ece2e975b3260dce3fe1937b64ab28d15035b599156b54478867af81f460dc3d89827cffbef982b931fdf614b0c0b3f09c7964298835e3a236fd40979803826e8fa1ea091fc29c6389d1c6a63a90c7d28e071d684bb90ea6a71302ec5d516f83c82b8a2f41ee72a55c7e09352e2f5db704181cd30d1cc8372d532c28d74458875554a92be69affadc8b1cadfe81c49537ee8f753800af22656347673a016473220a250176379dc8d323e4648e99473301cdc78557e06339914ffb251b692a89cec066bd2880bda30916e0faaf0aeeb31b79ab0099165223782932d539af65cae2a1fb0b43acf25332fff89159614331d68cb09c6cb40edf7589af2fcb94d470977b45026258bb82f4d0cd1b2b3bfab7efcd7315c6ba659d4029115f2ed91027ca1fec6c6ab52b749dc35cd6f529eabf535feade0378fd3161c6ade74202c98226567c92fef401e14dbc6fb7c3d7e60ff4ba721ae251464d566a66a3d5ee24f62aeab127153bc589d1bb8eafcbdb16d91be23e4abeb8a0f402c19d0f26858e657cef1374da2ce1ed669f3dad4fc374f90851db61bae509b38d3a734c153225067a1c50e4a62d4c33a0caa965ea72a209ba5f575334409c6d19a0bccbf505a78ec60f2f6c167305d0d9909cfdd13cd571602a30d2206d101d79561157f606db1380e2f79f10b80f7701228df1c2b1046688d132be566d950784125df238af58f3643eee1979d91b8f90aad1e0599932657ef8aa1a1623ceb5553649cc1394347a9778d8578180c98d1238fc3b5fddcd21809ccb469c952348c154d63c84402b000c0bfbaf408a0e2aa2585d7af6701c3b516fc5d1968b80fb53fb5f0bb85a9954ce1351cd5d432e2a3b7fa22cfe886b39f98634427dca804e004cb39de5c9aeef7143a22a3a46d43413e222d80b21b4883d0321ac082857154d3a98b73d77ea5df327027d6dd4bb325099a4d6f511bf5df6ebf2d5a03707b6b4d0e96f4b017aee9c73024b621b7ae2350a441fbeeae127d057dc603de30688b60c531a7216b54ad6aabcef3bc057ec9885f41fe9baac030210683f9fbfda64da5899c80337242670add2a8e5f436783b7886dc8b7fe25ab12bc43609ed12accf9bcffd498412f125d5a5c29ad3d6c7dc3630f8d702574fe44289717dd3b441b6451e25eac5a8bfc38ba81ef39ef85648b9e63fadd782018ccc9868535f5983a44178191fdae0b3a6a662283a520e75dc11067a47a302892231391887c2e07e535ccec0f60ea02559d5f29ef7a94f1e016d23a8c7d079024f6c21b5933778460ab1c974eac4b3daeeb9a610a01a1994d1bcf26c8f1377ef086541e4dea41201acc74d8ab51a07ea48a813081165c0e9623380a54a51da96c0cacdb104131f7da3c2196a954d505e06f3ccb68d2fc07d17e3a9a2ede71fcd9cb20c67d44583d5270bd209521ec1162f52f51e5cebf37b3f83be744ab540ee85d80116f972515018e8347bd2230eb869e097dab90fbdec4d6c89912a2ef5731b66a7c62fbae1402dfd9e270fa225e822ebd19a397d5ac5744446e0e6ef3c21910639fe7c88a67c6896bc2eef06cae6406ad612417eeefa2e8621c1a252305fac40b0885bf91753bc25dd2a1e7c1da9f20a88baa9514002a74f882eaec33030c2152c9f341ae20072e799a7f8f2d0750e4b0b723f91521a9e583cbfe506f0154aa48b4c9c21056d8020c8aab7286836025a329f380cce5d814ee43c03205401707cfa90d291b3d13615d1667ef9314bda72f507f7e857235fd69a149c49c59d6138afd4dee4450da7a0aad71ad83502f4af2f7a4c8f77e47edbd2d72b017cc8021238a5556492a85c28f2f985b5a3dd61982363226464865a5d07f366b34aef004640c5bdcf8873f890870bb7ef69cc1dd855e396879789d6120d77e1bbb527f88b1b615a03e2251e0e0c4a181b15acdf73af2fe2b300d1e4ef63379ed1618c1204a0dfff541bbe85ee837b45c543662552134b6c32c0e399fd1ea43c75cc01ec8b7c069e5d92f647c57572e44772f3cc6a34102e2c712aca5917478f7af45d31a6b36ec19915066c06715c8ac5caa6bbbcdcb59eaa96d17e96ab004dc9a18a773b72ba52287b21aa501fea4ab355bdd7631be23a21bfc53e59ce9946e7fb80a7fc38883f702e51e5295b84e95024b44707594feef87916ca9a0d29ea92b74d7836840e2e6e9124abbc5697f132fbb560152a4a1b165df4ebecce4d4b504c74982f49278631e2085873c79d30b71151d2ccfcddf57e3c9067924364e2d7bd068e2a403a292a6cce95b82b5f96a2c1d48afd99785d4d8f11b8cc82470f58f9ab84d08a98a2440319ca296b456aad89cb7ca9ef69dfbd40691b1f8fbd9a4b486edcdd1843064d72eee138142e46525deeedce15a573e913173a9ea66c5210690409f668b0a8c4a8d9c17687f64e5a6144c817b8f4dda083439c8dc823aecb2566f77c3538beb60e52f75bc0c98c6b63a3850ff62c1ba22b1261327ebead7af427d303f2500d2c2222acd801b78c176cf9cbb36e7829918abcba21d9308be9756f58c253f560e45609478334c44242d8c9a7bad5cc0afcbc22638fe869b855346c325aa60cdbcef7841abd534d368cac26e78d27410fdd5531eee28853e70644729a7291dbb23a8be44102795e3d27eab1a5ada49cc9a10edb9a788f5661037ad3f6b3a2eedceff5eb3aabc6080ca3365b33b843ad0d06da6d76c22cc1f8a58c8a11bd7fad2968214909921b37ad0417664722b0beda9dd75900eeb005d9fb8a467a093f7fb9561e311546d8ce7777cd4877a9265b63a9a69dc924be26d7afd6734978e7b858f95f192210091de8f2315ac90ac7a16b7f99984016000d3f486d502ef1069479be9862e7e6a56306206eb0820714108c7e56fc7bc42f91228074aea07f1230014e97e6b32b7e64064680312c3587f29007c5d4afe293828de3dd40051a7537e4761e6672837a232d0e031bcf4e4ce02e8b8435edd9569a25220d5423101566c13e3f4a6b3a7771b41bba8b89e3c280c43b51568e4e2c63f0e47562f839bbc2fb6ac5aa97f10080895cb8daf920fdbe053ae4d1c808e901684917ce8a8cdfc9eeef1f22d13e6f6d791a075f570e9b652b65f888eb4cf70e1f5a0a9580876ce9e9476c6d013c4e46b8abd0154413718cbd4877c6fd979dd827611342190241c89f66c360c7346a18c4517b431d38d2c765a9527a28a1dd935921610e37d15dcdfede6e8ad06444466f8d375b1e44a67a8d9cc5d2f19e4307737f3478b6fab7cce53558187303ca7deb93c54cb66973ffe0948234748b4f2d3f3bbd87ad616e36a89e5acd3070bc1fede197524ffb4680da0f988f98e132179e1125d61fc1ae4a1c50ae311dff80d2b1922bc91781884ef84beae96c347b035b298b135dddd923752a4498d9b3127eb6c9ae1d1dce05b6bfb78d393a705ab8d5cdc8eb35af2dd98d0cceff9f1b461f9e047fff5bb1cdef9744110e1569925663cd8c91d1f8ea5dafa75a398b549b2425fa0bb0433514268ae81306d59092af5a238fc6c8e6f25e6ca323a272b39f9a8b5dcc56fa5caf4edf79c44a32f3f662ce40eb8d009cd60c2f86e25c0c43e97a977087a830e890286bc6277f69806a2e41e9d3a1545db45fd09bcddb19da5cca7f30b7bc11dd461b768bd3214d312a921db2071eb5ae11dce94fadb4547d99382f708676926502c9b64236aad3307deb685b31b653569fb03f727270663e4438480cc1b7dd33d22ac8635d29f53d80b3632640cc4829c1999d8032ae14daa88149eb6aa748e5c0793b3afef48b6d4590528419b3379305ea2cce2e0fbca4a377c6d8d99839728f5c651132acd8e5b57b419b68931f71189f2dc68e7c388cdb46622e5906759479ae88f0fdd887b7b89c18ab5d03f9fef81f815092baf7e6111c0c02fe78f7c6a507895184fbab6bc507e3932c56d3da269e2dee9c9578a2517f7cc5a0329babf1f172281fcd990341f8d4a206183fadd2796fc82338bba7c712ca21ff17b4d5da71a84862cb72a7b2743b9282c0be63a5e58239fcaa55b749eee399052447887587763bb9d6562210f259808ebe57e022f19814cd070f2786dd689fa6500b09c11d5d0545740eb935c7a77c7588b284f0c760108bc02dcfab6c4728630735bc19b22e2fb4b7396407e7bd07630808a71c691786082f75378d3371e9e669ae7e13eff9c54db6e0fecc4198fcaef959d7cc9bad034240ac69c8671d6d647024a7b000db08bfeab0b380367fed31a6d45ec7eed8dd89d78b9a267f65c6b87ac20fa5a7d71e89dd3b52aee6d9c4fe341815a0220448411416f17b530c53927808a1c9cdd24eecb20f1af8c53d0967823b75f991a8cc519b22342777e2e062494d53c45d6182cf08c94e57113659f8c80eb7344724cbeae58f12423dd1f7e98d2d6da2756f46842f9e4c1a083fcf1615b11d94a51e6897c61a4faca862e138cfa6e8188", 0x1000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x4e, 0x0) fsopen$auto(0x0, 0x1) set_tid_address$auto(&(0x7f00000010c0)=0x2) 1.695971884s ago: executing program 2 (id=1301): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x10, 0xdf, 0xeb1, 0x401, 0x8000) uname$auto(0x0) close_range$auto(0x2, 0x8000, 0x0) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x480000, 0x0) ioctl$auto_TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000040)=0x4) socket(0x2b, 0x1, 0x1) socket(0xa, 0x3, 0x3a) uname$auto(&(0x7f00000002c0)={"076e13b4ca700a61d68b8c5fc002505e4e0704dfc5a2f8a3c7885245d38b2d792d1d9bfd823a90632fa90489ad398b3b479459282d54ec95b3802a72c33a8e91e2", "d340b15b1929cff6d7b6989d14a60f6cf9525b26d710d1b76cfe7aaebfd8ccfb444c54bfad24f32c1fa7b8308dc662245b016f5fedfb7342a6416b807695b7efad", "98f3df2b732dd39fdf70feb4fe6c3608e14c344edaf6801dc1c613fc317fa817c195e6ddbb17f3179a6ed0981970c4ea6363e1aca930223113ab0bb108df5b9b6a", "344c697482ef1323997847903e4a62d67279f021f830cfb6d4cbf2b89f8d7c38b5bfa488ba531b6c810d94d41e183260684cd51a5049660b126c4c5546939da616", "85b57c02e88d2d57713474dd1727f0ddfc68d1e2fec5b9e4657fe23ca546f9e364c89b83ea6530c31ad5b84fd8bdaaecae5424f7b5e93fe2d0be70dd863484f6f3", "a584c838675be202028608ae6d00d0b8d3c770fb01dc2135d294515eddc2621ef14a66b54aa6144e475e34e38840dc0d399ea89a55823d682e077b568a3ee42147"}) sendmmsg$auto(r0, &(0x7f0000000280)={{&(0x7f0000000100), 0x80, &(0x7f0000000180)={0x0, 0x448}, 0x6, 0x0, 0x5, 0x37}, 0x101}, 0xffffffc0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2000b, 0x4000000000df, 0xcb1, 0xd4, 0x6) write$auto_drm_edid_fops_drm_debugfs(0xffffffffffffffff, &(0x7f00000015c0)="3995586495c3ec927131b8b0d4cbfe44868003f083bfd46bf5e48ea564f3fa4a2b7f20eb701dc295526d0d072b25dd02c55a928e46f9be50117e30cd1a403e9e689b8edb526c7930783ae89bff230695c8834dc9d216f2fea6bbd0d1b17d03bfdee8421480585ed27b7e587f245379b69bfa42a3c78dbba1676806eb25a401eb1e972e8ca9315809147cb15dbb9e1fc70be47e562885c71180184726fc3201afeec1406155d5c97109eb86430220175b677d6f4f82629a09fe417feaf2a68c7529666f276cc3ad85a067e1c805f09f2094a680ee790ec8e93b8ff4716ec2ee2c4a103875d73bedbf319910a684e56f24598100a2b14944c56b62f0e94ec0245233d6dc5d914ebcf287a7e4a517c0f1522546d5cf59f07392cc7127311a475897b36834eae277c8d3339b47b1ca3a67a66e332cccce56a550b42a35d36fad8ee35640d639895fb1f120e596866ea5d005324b4a160fe151d2bc526b46db509be97fafc7af316343d4ad2c22eaeae27093897a51c0b77f2bc7dfa40c8abf5b7041d18121018662e0d5d174ebbb774210113ec04cdcc2db45aff900043146cb849498356232081d3057acfccaa1bc71a920d8475c82712f085bd85c37a0301cc69df54d8df3e2601443cd0a35ac8f58ad61200e202080a42f8894554e206e1aecd33031adbd446e7f2c2197374bd4e5ebdca3d7b232f408d39d8a5f29d5742ec9cb0fe5a94d7cb8b04f5970fd45cf50803a2793257baec8e5ad44ac89a447ae5424752f706c665cd89e0013794e0bc72954814ce08a9c9169b9e4c62ce2a2c9b1a35429864589fa1ad963018eea9b807e82acbec4516d8b1fe05a853451f200cb0a9a8aafdfd9fb73c30475034012da95216a829f4a6e05cf38b93cd286dee42d9c13aa65c2de79157d35ecac37af9d5d369b641068fa45b2f253014105fbb6e078adcc9c9f483c0cbeeae19c03554c614c18e5ff3449fb1cd6127ccd7c1ec03088091b5bdddacf0184da30dbdcf4a9d3629737f155809d027cacd3f65a509104fd40af15748c72ad430445b309bf8de2f7b7af88d6430c80ff4468bd347dd594da9ee4390807bd7adc8910a22cf68b8a30497e352cb017c1af91", 0x319) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0xa, 0x1, 0x0) socketpair$auto(0x21, 0x7, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) uname$auto(0x0) setsockopt$auto(r1, 0x10000000084, 0x579c, 0x0, 0x3ff) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000080), 0x80400, 0x0) 1.534257095s ago: executing program 0 (id=1302): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x40, 0x0) ioctl$auto(r1, 0x9000643f, 0xc35) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) mmap$auto(0x0, 0x400005, 0xe3, 0x9b72, r0, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x1a) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) sendmsg$auto_NFC_CMD_STOP_POLL(r0, 0x0, 0x44084) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) kcmp$auto(0x1, 0x1, 0x0, r2, r2) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020008, 0x3, 0x440000eb1, 0xfffffffffffffffa, 0x8000) 1.194662827s ago: executing program 2 (id=1303): mknod$auto(&(0x7f0000000080)=':,\x00', 0x287, 0x400001ff) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0x40000000009b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x201, 0x0) ioctl$auto_SNDCTL_SEQ_NRSYNTHS(r0, 0x8004510a, &(0x7f0000000180)="e3195f2f817a73ac9bfedefe12e713e2b3d3ae005b88ad4c9427efb14ac3e37a1ac73d91bfb73959ad319999a593ff44d874ccde4905fc9dccb6117f5e0eb2e73e32848c55ca9c7b78b209028b77b2bca3fc4607292dc1b771cd103fc2575e284d7ab122956ee46ab002dde8447c55743f0d54c07d7200a8db7b1227887903aaa66bb256361690") io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) get_robust_list$auto(0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = open(0x0, 0x261c2, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) close_range$auto(0x2, 0x8000, 0x0) r3 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_ILA_CMD_ADD(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x10}, 0x20000815) r4 = getpgrp(0xffffffffffffffff) process_vm_writev$auto(r4, &(0x7f0000000340)={0x0, 0x1000000011}, 0x8, &(0x7f00000003c0)={0x0, 0x9}, 0x3ff, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/nr15/carrier\x00', 0x1a1842, 0x0) sendfile$auto(r6, r6, 0x0, 0xe00000000) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r5, 0x4, 0x5, r3, @relative_fd=r5, 0x100000000}, 0xf) bpf$auto(0x4, &(0x7f00000002c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc) connect$auto(0x3, 0x0, 0x55) listen$auto(0x3, 0x81) 1.159552687s ago: executing program 3 (id=1304): socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0xc, 0x0, 0x4) listen$auto(0x3, 0x81) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3a, 0xfff, 0x948b, 0x8, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_SCSI_IOCTL_STOP_UNIT(r1, 0x6, &(0x7f0000000100)="9e18d97b81891e57d7746fd7c1f85c052367b6902bbcd188ec44d08ed00b8fd9a67aa006a65f98ce5734e1cda484ce67d01a3cdaa8f2ca407679e5d782641d2bddcc7ff793895faf76498db1871f991f012adfd2ff9989b4") write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) fsopen$auto(0x0, 0x1) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) splice$auto(0xffffffffffffffff, &(0x7f0000000040)=0xc52, 0xffffffffffffffff, &(0x7f00000000c0)=0x7, 0x800, 0x5) io_uring_setup$auto(0x6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x6, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 863.952958ms ago: executing program 2 (id=1305): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram15\x00', 0x82680, 0x0) ioctl$auto_BLKDISCARD(r0, 0x1277, 0x0) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vlan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'nicvf0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@NETDEV_A_QUEUE_ID={0x8, 0x1, 0x4}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x14}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r2}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r3}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x4}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004000}, 0x800) munmap$auto(0x5, 0x9) (async) r4 = getsockopt$auto(r0, 0xffff1ff8, 0xd43, &(0x7f0000000240)='\x9d)\x00', &(0x7f0000000280)=0x5) ioctl$auto_BTRFS_IOC_SEND_32(r4, 0x40449426, &(0x7f00000002c0)={@inferred=r0, 0xfffffffffffffff9, 0x0, 0xccda, 0x7, 0xc, "da49cd7b5f2cc35d05c9b38301cfc6e5c972f36684249aec2e3e6e4e"}) (async) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/bus/usb/drivers/sonixb/new_id\x00', 0x40880, 0x0) r7 = getsockopt$auto(r6, 0x7f, 0x4, &(0x7f0000000380)='\x00', &(0x7f00000003c0)=0x6) recvmmsg$auto(r7, &(0x7f00000005c0)={{&(0x7f0000000400)="6715b58f20b0e4804520676842a20a684e634b948e175b0dad175a8c242ce0092573ac66d9a65ee32bb8593aad31a88ccd0d032211557d3d13bec871f63eebfdd5ba211f44172b8d2a84dddd7f13e135d35d1d5b0f57b2132a110980d13bda5c463b888617bc203953d5766a0eb4a397220e0264c59a339a0937beeea7dbf7c1429d3ff84472b027271d6362be4f27a0554ca1002da0e455a48c9db25bf4e935b9786f6a", 0x8, &(0x7f0000000540)={&(0x7f00000004c0)="da614262e9e0c546a978c5a2ab77cfa96d7a1a1386606a8fa8c5444a7f08ba6d0e3120a7419ffd351a778a912a3a3374c26da69d0ca196e950d001edb513a45a496960c9278344c90b1309dbf417c9eadb7cbae6df0d3d35aa3d6ac15d2e3ca446449dd470561d4d1df87d", 0xfffffffffffffff7}, 0xa, &(0x7f0000000580)="75614992ca7e7ddbc6badbc91f26ca665391b66cad14beaea4ad2aca1d78fe44", 0x7f, 0x5}, 0x1}, 0x7, 0xe0, &(0x7f0000000600)={0x5, 0x5}) (async) adjtimex$auto(&(0x7f0000000640)={0x9, 0x0, 0x800, 0x0, 0x7, 0x1, 0x4, 0x0, 0x8, 0x1, 0x5, {0x8000000000000001, 0x7}, 0x22f, 0x0, 0x67, 0x1ff, 0x0, 0x6, 0x4, 0x9be4, 0x7fffffff, 0x6}) (async) munmap$auto(0x10000, 0x4) r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000780), r7) (async) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000007c0)={'macsec0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000800)={'ip6gretap0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000980)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000940)={&(0x7f0000000840)={0xe8, r8, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}]}, @ETHTOOL_A_CHANNELS_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1000}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x100}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7e}]}, @ETHTOOL_A_CHANNELS_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xfffffc00}]}, @ETHTOOL_A_CHANNELS_HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xe8}}, 0x88090) munmap$auto(0xe, 0xffff) r11 = socket(0x25, 0x5, 0x1) (async) mmap$auto(0x5, 0x8, 0x2, 0x696, r4, 0x2) (async) r12 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/ttyda\x00', 0x40000, 0x0) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r4, &(0x7f0000000ac0)={&(0x7f0000000a00), 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x2c, r1, 0x620, 0x70bd2d, 0x25dfdbfd, {}, [@NETDEV_A_NAPI_IFINDEX={0x8, 0x1, r2}, @NETDEV_A_NAPI_IFINDEX={0x8, 0x1, r10}, @NETDEV_A_NAPI_IFINDEX={0x8, 0x1, r10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004404}, 0x8002) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000b00), r11) (async) read$auto(r12, &(0x7f0000000b40)='ethtool\x00', 0x6) r13 = socket$nl_generic(0x10, 0x3, 0x10) r14 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000b80)='/dev/usbmon5\x00', 0xa4a02, 0x0) ioctl$auto_MON_IOCX_GETX(r14, 0x4018920a, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x3, 0x0, 0xa1, 0xee, 0x40, 0x1, 0x4, 0x5, 0x7f, 0x9, 0x819, 0x8, 0x9c, @iso={0x10, 0x7}, 0x0, 0x2, 0x80000001, 0x2}, &(0x7f0000000c00)="fee6af3ebc1333c6c1", 0x7fff}) (async) r15 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000cc0), r13) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r7, &(0x7f0000000f80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000f40)={&(0x7f0000000d00)={0x224, r15, 0x4, 0x70bd25, 0x25dfdbff, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x8}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x8000}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x7358}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x9}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0xd276}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xb59}, @NFC_ATTR_LLC_SDP={0x1de, 0x13, 0x0, 0x1, [@generic="a56af5fb9cc6d68c1d4108d21e8a2754212c82bf3cb45729c20e0869b2c556f919d4bf1097221212de4e0731f1588ea10d44a34343a067bd160462aa1a0d5e3a519ff0c293b32a00e8f4c2f1e1a9c9cea040e5abb6835cf90d1f53494e75857e105285cb90cfd64fe4e3c9e2441530d1306ccf9acf45864976fc19de7878b802a26638a53bd690f2e615a8dec94b67699a93ce5e06609e5fce73af557e9f8ec8c5ce6c8c80ab48881dfeaff01aa75e64d1eec604a3f3ead83446f319b1820679f737fb6e04536372f4d178e680bccb31031ccd5cee92", @nested={0xc, 0x14a, 0x0, 0x1, [@nested={0x4, 0x10a}, @nested={0x4, 0x77}]}, @generic="2e6f34412fb7f1ccf4b8e4bfd256e621d95e67cdc6d92a4a20406b5a5449f85fdbbded71eb2c139e7546414ac7", @generic="4014203d7202bf70d72f708ae43a9d715d5d0d28bc093c2a3157436e647ee314fcc99d81d96c67f281e8e35102b7f845f7d873186340e7d011bbc65c081fb6ab86648e7cad87c3521264c15e47a6dc3a7c138ad72db5e223a7e91beacccc01df53676d53603f9f96067980a6fa0760097dd04c5115a4dd64450cd6c3b513593a633f76867e64b50c8fddbc598c7eeaa0db4f8b0b6f980c22efd2fce9bee385af2de448c70dd15e5c90ecfb1e26659b201b36f53fe53ee929b291bd263c6cddce80e2084523db01af3d57bc"]}]}, 0x224}, 0x1, 0x0, 0x0, 0x4096}, 0x24004891) 696.670202ms ago: executing program 2 (id=1306): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x5, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/cgroup.type\x00', 0x103042, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) close_range$auto(0x2, 0x8000, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec19\x00', 0x169d40, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) fanotify_init$auto(0x4, 0xf9) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioperm$auto(0x7, 0x6, 0xffffffff) setpriority$auto(0x2, 0x0, 0x20008) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) io_uring_register$auto_IORING_REGISTER_NAPI(0xffffffffffffffff, 0x1b, &(0x7f0000000040)="d49ac93bc3fa3ec7294a06b2f8", 0x89) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x2, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x2, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x21, &(0x7f0000000240), 0x1) ioctl$auto_KVM_CREATE_VM(r1, 0xc048aeca, 0x0) 581.010599ms ago: executing program 2 (id=1307): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14c, r1, 0x1b, 0x70bd26, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xffffffffffffffff}, @OVS_PACKET_ATTR_MRU={0x6, 0x9, 0x7fff}, @OVS_PACKET_ATTR_ACTIONS={0x124, 0x3, 0x0, 0x1, [@generic="70daa3ce64c331c4ba021e126078c946b342199880143ac6483c82bdd1997f1a850a0ffd7ce63edf3a69a9d6f88262d50eada3d2c56334cc4f9971b38b6234682358075f0db24a", @generic="30b2e813aa2e63b4798a3ff69b8ebd2beb780c019cc9d9cccaee8eee7d8e69ae65f5baab5de886aea5b7b262c92f54fe442cb9fbb3d3de6d70e5bec9173fccb570fb275369a1f025e9d1459a14848fd2936c26725e62d25bfb76ce70a1f1f822315cde28972873fe80811664bbc5496b9d5d7440f58ffff68ae92e6b9b13bc384d299e1a962c278cc9341d91cd4315b3ee8029e3115be10586582ddeea2e4b0f36a6d51db6b2a465f2159c39682cc7ec2135dbbadfd6b54959f0f1877f6ba13e4967bd193dc418cd99dbd2d0e13dc32b5945397b1034ee3479"]}]}, 0x14c}, 0x1, 0x0, 0x0, 0x4010}, 0x4800) 289.860024ms ago: executing program 2 (id=1308): r0 = socket(0x18, 0x5, 0x0) bind$auto(r0, &(0x7f0000000140)=@in={0x2, 0x4e21, @multicast1}, 0x6a) mmap$auto(0x7, 0x20009, 0x4000000000df, 0x18, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @remote}, 0x54) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x2000000}, 0x24004804) readv$auto(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x7}, 0x4) mmap$auto(0x6ba, 0x2020009, 0xf9c7, 0xeb1, r0, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0xffff, 0x7, 0x0, 0x9) read$auto(0x3, 0x0, 0x80) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000240)="bca2a6be1a6ca98a3d9a30fb8d1c2059a44307fe8eb2db843f4b288760db47eea48f05258ca23655929f1d648df96eec5a03d8dda5ae33d573306f0de07405a912e6cb4d8cdafdd2ee57b20525ac8f53ab2ac2befc0eb0751c07a41983260d574a16b1bdab514c6aed5ffcdf7d23c685f56e13ae1949beaa77a2bd77322c8ac5", 0x20007fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r2 = socket(0x3d, 0x5, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x0, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x68182, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0xffffffffffffffff, 0x1ff, &(0x7f00000010c0)="7ced47bf2357", 0x2) writev$auto(r0, &(0x7f0000000100)={0x0, 0x9}, 0x5) mmap$auto(0x40, 0x2, 0x3, 0x100000011, r2, 0x4) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/vulnerabilities/gather_data_sampling\x00', 0x80000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001100)=""/4105, 0x1009) 144.123428ms ago: executing program 3 (id=1309): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000031c0)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/vendor\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003200)=""/64, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x2a, 0x2, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x3a, 0x3, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ptrace$auto(0x10, r1, 0x4, 0x7ff) ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r1, 0xf72, 0x0) r5 = socket(0x2a, 0x2, 0x1) connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x55) bind$auto(0x3, &(0x7f0000000080)=@sco={0x1f, @none}, 0x6b) 0s ago: executing program 1 (id=1310): mmap$auto(0x0, 0x2020009, 0xe, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/tunl0/queues/tx-0/traffic_class\x00', 0x2600, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) r0 = socket(0xa, 0x2, 0x0) setsockopt$auto(r0, 0x29, 0x30, 0x0, 0x20002) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000afd0"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) kernel console output (not intermixed with test programs): 3029][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.810014][ T5856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.818023][ T5856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.379191][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 93.586168][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 93.686688][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 93.744343][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.751712][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.761041][ T5839] bridge_slave_0: entered allmulticast mode [ 93.768613][ T5839] bridge_slave_0: entered promiscuous mode [ 93.782395][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.789669][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.796949][ T5839] bridge_slave_1: entered allmulticast mode [ 93.804772][ T5839] bridge_slave_1: entered promiscuous mode [ 93.843682][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 93.942234][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.956721][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.003658][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.012361][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.020538][ T5840] bridge_slave_0: entered allmulticast mode [ 94.029446][ T5840] bridge_slave_0: entered promiscuous mode [ 94.093768][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.101308][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.108761][ T5840] bridge_slave_1: entered allmulticast mode [ 94.116147][ T5840] bridge_slave_1: entered promiscuous mode [ 94.122773][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.130218][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.137749][ T5845] bridge_slave_0: entered allmulticast mode [ 94.145502][ T5845] bridge_slave_0: entered promiscuous mode [ 94.162489][ T5839] team0: Port device team_slave_0 added [ 94.172237][ T5839] team0: Port device team_slave_1 added [ 94.192887][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.200286][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.207727][ T5845] bridge_slave_1: entered allmulticast mode [ 94.215126][ T5845] bridge_slave_1: entered promiscuous mode [ 94.302867][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.317270][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.341749][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.349068][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.356944][ T5838] bridge_slave_0: entered allmulticast mode [ 94.364586][ T5838] bridge_slave_0: entered promiscuous mode [ 94.372770][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.380226][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.406399][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.441326][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.450984][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.458537][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.466036][ T5838] bridge_slave_1: entered allmulticast mode [ 94.473189][ T5838] bridge_slave_1: entered promiscuous mode [ 94.481355][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.488668][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.515458][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.540931][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.594304][ T5840] team0: Port device team_slave_0 added [ 94.629367][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.643873][ T5840] team0: Port device team_slave_1 added [ 94.653916][ T5845] team0: Port device team_slave_0 added [ 94.679652][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.705880][ T5845] team0: Port device team_slave_1 added [ 94.730249][ T5839] hsr_slave_0: entered promiscuous mode [ 94.737270][ T5839] hsr_slave_1: entered promiscuous mode [ 94.795184][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.802221][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.831067][ T5849] Bluetooth: hci1: command tx timeout [ 94.831072][ T5856] Bluetooth: hci0: command tx timeout [ 94.831448][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.837037][ T5850] Bluetooth: hci2: command tx timeout [ 94.863635][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.872000][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.898608][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.909633][ T5850] Bluetooth: hci3: command tx timeout [ 94.928031][ T5838] team0: Port device team_slave_0 added [ 94.935600][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.942622][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.968980][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.981095][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.988220][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.014442][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.034892][ T5838] team0: Port device team_slave_1 added [ 95.139789][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.147183][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.173379][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.186678][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.193673][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.220301][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.237890][ T5840] hsr_slave_0: entered promiscuous mode [ 95.244737][ T5840] hsr_slave_1: entered promiscuous mode [ 95.251244][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.260276][ T5840] Cannot create hsr debugfs directory [ 95.332236][ T5845] hsr_slave_0: entered promiscuous mode [ 95.338842][ T5845] hsr_slave_1: entered promiscuous mode [ 95.345236][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.352812][ T5845] Cannot create hsr debugfs directory [ 95.469427][ T5838] hsr_slave_0: entered promiscuous mode [ 95.479005][ T5838] hsr_slave_1: entered promiscuous mode [ 95.485568][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.493157][ T5838] Cannot create hsr debugfs directory [ 95.783834][ T5839] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.817004][ T5839] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.862515][ T5839] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.880511][ T5839] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.980898][ T5840] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.999911][ T5840] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 96.019099][ T5840] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 96.033030][ T5840] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 96.118247][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 96.133214][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 96.168058][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 96.184887][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 96.291377][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 96.306181][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 96.328756][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 96.347454][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 96.422040][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.497241][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.533383][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.540750][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.560324][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.602417][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.609713][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.642288][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.663453][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.687370][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.694652][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.742409][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.749710][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.795403][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.833293][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.840536][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.861222][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.876824][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.884071][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.894929][ T5849] Bluetooth: hci2: command tx timeout [ 96.895044][ T5856] Bluetooth: hci1: command tx timeout [ 96.900437][ T5850] Bluetooth: hci0: command tx timeout [ 96.975022][ T5850] Bluetooth: hci3: command tx timeout [ 96.998261][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.029256][ T5845] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 97.040884][ T5845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 97.086910][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.094236][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.143992][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.151253][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.450332][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.641609][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.666011][ T5839] veth0_vlan: entered promiscuous mode [ 97.691753][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.740063][ T5839] veth1_vlan: entered promiscuous mode [ 97.784041][ T1210] cfg80211: failed to load regulatory.db [ 97.812167][ T5845] veth0_vlan: entered promiscuous mode [ 97.821560][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.869146][ T5845] veth1_vlan: entered promiscuous mode [ 97.876697][ T5839] veth0_macvtap: entered promiscuous mode [ 97.944753][ T5839] veth1_macvtap: entered promiscuous mode [ 97.959354][ T5840] veth0_vlan: entered promiscuous mode [ 98.008962][ T5838] veth0_vlan: entered promiscuous mode [ 98.017837][ T5845] veth0_macvtap: entered promiscuous mode [ 98.029067][ T5845] veth1_macvtap: entered promiscuous mode [ 98.045771][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.058446][ T5840] veth1_vlan: entered promiscuous mode [ 98.079295][ T5838] veth1_vlan: entered promiscuous mode [ 98.089046][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.121688][ T5839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.131589][ T5839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.142163][ T5839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.151814][ T5839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.181536][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.192515][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.206572][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.231861][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.242923][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.256341][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.310511][ T5845] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.319844][ T5845] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.329549][ T5845] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.338630][ T5845] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.359642][ T5840] veth0_macvtap: entered promiscuous mode [ 98.391468][ T5838] veth0_macvtap: entered promiscuous mode [ 98.401652][ T5840] veth1_macvtap: entered promiscuous mode [ 98.437415][ T5838] veth1_macvtap: entered promiscuous mode [ 98.512320][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.523614][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.529936][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.531747][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.541529][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.560111][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.572018][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.625806][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.637267][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.647622][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.659706][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.671375][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.686909][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.698411][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.709427][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.720062][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.730768][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.741858][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.755109][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.779884][ T5840] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.788988][ T5840] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.797878][ T5840] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.806693][ T5840] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.838200][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.850063][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.855485][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.864137][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.880336][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.890924][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.901376][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.911924][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.923672][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.952305][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.958363][ T5838] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.969205][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.972252][ T5838] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.977233][ T5850] Bluetooth: hci0: command tx timeout [ 98.985906][ T5856] Bluetooth: hci2: command tx timeout [ 98.991269][ T5849] Bluetooth: hci1: command tx timeout [ 99.005371][ T5838] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.014203][ T5838] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.056235][ T5849] Bluetooth: hci3: command tx timeout [ 99.107532][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.140686][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.240290][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.299827][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.342016][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.440244][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.477158][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.507585][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.538548][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.666748][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.678983][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.748133][ T5913] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.886342][ T5912] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1'. [ 100.210560][ T5910] Zero length message leads to an empty skb [ 101.054627][ T5849] Bluetooth: hci1: command tx timeout [ 101.060608][ T5850] Bluetooth: hci0: command tx timeout [ 101.060750][ T5856] Bluetooth: hci2: command tx timeout [ 101.135987][ T5856] Bluetooth: hci3: command tx timeout [ 102.125126][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 102.224494][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.244438][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.252857][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.300169][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 102.309323][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 102.494659][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 102.505158][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.217244][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.228775][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.282363][ T5962] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13'. [ 104.974495][ T5969] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14'. [ 105.188337][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.488760][ T5969] bridge_slave_1 (unregistering): left allmulticast mode [ 105.509615][ T5969] bridge_slave_1 (unregistering): left promiscuous mode [ 105.579752][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.360369][ T6025] Invalid ELF header magic: != ELF [ 111.455394][ T6027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.26'. [ 112.848181][ T6048] netlink: 'syz.0.29': attribute type 29 has an invalid length. [ 119.063345][ T6101] svc: failed to register nfsdv3 RPC service (errno 111). [ 119.088449][ T6101] svc: failed to register nfsaclv3 RPC service (errno 111). [ 119.310657][ T6106] ceph: Failed to parse sending metrics switch value 'P^' [ 119.514808][ T6106] Invalid ELF header magic: != ELF [ 121.655356][ T6124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.666620][ T6124] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.922195][ T6124] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 123.803095][ T6135] mmap: syz.2.46 (6135) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 125.959768][ T6162] openvswitch: netlink: IP tunnel dst address not specified [ 126.246818][ T6180] FAULT_INJECTION: forcing a failure. [ 126.246818][ T6180] name failslab, interval 1, probability 0, space 0, times 1 [ 126.265817][ T6180] CPU: 0 UID: 0 PID: 6180 Comm: syz.0.58 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 126.265869][ T6180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 126.265887][ T6180] Call Trace: [ 126.265902][ T6180] [ 126.265915][ T6180] dump_stack_lvl+0x16c/0x1f0 [ 126.265971][ T6180] should_fail_ex+0x512/0x640 [ 126.266008][ T6180] ? fs_reclaim_acquire+0xae/0x150 [ 126.266052][ T6180] ? tomoyo_encode2+0x100/0x3e0 [ 126.266107][ T6180] should_failslab+0xc2/0x120 [ 126.266137][ T6180] __kmalloc_noprof+0xd2/0x510 [ 126.266192][ T6180] tomoyo_encode2+0x100/0x3e0 [ 126.266241][ T6180] tomoyo_encode+0x29/0x50 [ 126.266282][ T6180] tomoyo_realpath_from_path+0x18f/0x6e0 [ 126.266332][ T6180] ? tomoyo_profile+0x47/0x60 [ 126.266376][ T6180] tomoyo_path_number_perm+0x245/0x580 [ 126.266408][ T6180] ? tomoyo_path_number_perm+0x237/0x580 [ 126.266447][ T6180] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 126.266525][ T6180] ? find_held_lock+0x2b/0x80 [ 126.266574][ T6180] ? hook_file_ioctl_common+0x145/0x410 [ 126.266616][ T6180] ? __fget_files+0x20e/0x3c0 [ 126.266668][ T6180] security_file_ioctl+0x9b/0x240 [ 126.266711][ T6180] __x64_sys_ioctl+0xb7/0x200 [ 126.266754][ T6180] do_syscall_64+0xcd/0x260 [ 126.266805][ T6180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.266835][ T6180] RIP: 0033:0x7f1ff7b8e169 [ 126.266860][ T6180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.266887][ T6180] RSP: 002b:00007f1ff8ad5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 126.266916][ T6180] RAX: ffffffffffffffda RBX: 00007f1ff7db5fa0 RCX: 00007f1ff7b8e169 [ 126.266934][ T6180] RDX: 0000200000000040 RSI: 000000004008af24 RDI: 0000000000000004 [ 126.266952][ T6180] RBP: 00007f1ff7c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 126.266968][ T6180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.266985][ T6180] R13: 0000000000000000 R14: 00007f1ff7db5fa0 R15: 00007ffee6b94b68 [ 126.267024][ T6180] [ 126.267058][ T6180] ERROR: Out of memory at tomoyo_realpath_from_path. [ 127.014891][ T6192] netlink: 342 bytes leftover after parsing attributes in process `syz.0.61'. [ 127.342700][ T6199] netlink: 20 bytes leftover after parsing attributes in process `syz.1.62'. [ 127.574387][ T6193] FAULT_INJECTION: forcing a failure. [ 127.574387][ T6193] name failslab, interval 1, probability 0, space 0, times 0 [ 127.620916][ T6193] CPU: 0 UID: 0 PID: 6193 Comm: syz.2.60 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 127.620946][ T6193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 127.620957][ T6193] Call Trace: [ 127.620963][ T6193] [ 127.620970][ T6193] dump_stack_lvl+0x16c/0x1f0 [ 127.621004][ T6193] should_fail_ex+0x512/0x640 [ 127.621025][ T6193] ? __kmalloc_noprof+0xbf/0x510 [ 127.621054][ T6193] ? ops_init+0x77/0x5f0 [ 127.621077][ T6193] should_failslab+0xc2/0x120 [ 127.621095][ T6193] __kmalloc_noprof+0xd2/0x510 [ 127.621121][ T6193] ? __pfx_geneve_init_net+0x10/0x10 [ 127.621150][ T6193] ops_init+0x77/0x5f0 [ 127.621176][ T6193] setup_net+0x21e/0x850 [ 127.621203][ T6193] ? __pfx_setup_net+0x10/0x10 [ 127.621226][ T6193] ? lockdep_init_map_type+0x5c/0x280 [ 127.621244][ T6193] ? __pfx_down_read_killable+0x10/0x10 [ 127.621264][ T6193] ? debug_mutex_init+0x37/0x70 [ 127.621289][ T6193] copy_net_ns+0x2a6/0x5f0 [ 127.621317][ T6193] create_new_namespaces+0x3ea/0xad0 [ 127.621359][ T6193] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 127.621386][ T6193] ksys_unshare+0x45b/0xa40 [ 127.621415][ T6193] ? __pfx_ksys_unshare+0x10/0x10 [ 127.621440][ T6193] ? xfd_validate_state+0x5d/0x180 [ 127.621461][ T6193] ? rcu_is_watching+0x12/0xc0 [ 127.621489][ T6193] __x64_sys_unshare+0x31/0x40 [ 127.621514][ T6193] do_syscall_64+0xcd/0x260 [ 127.621542][ T6193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.621560][ T6193] RIP: 0033:0x7fa61df8e169 [ 127.621575][ T6193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.621591][ T6193] RSP: 002b:00007fa61ed1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 127.621608][ T6193] RAX: ffffffffffffffda RBX: 00007fa61e1b6080 RCX: 00007fa61df8e169 [ 127.621619][ T6193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 127.621629][ T6193] RBP: 00007fa61e010a68 R08: 0000000000000000 R09: 0000000000000000 [ 127.621639][ T6193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.621648][ T6193] R13: 0000000000000000 R14: 00007fa61e1b6080 R15: 00007ffc7af00688 [ 127.621669][ T6193] [ 127.840757][ C0] vkms_vblank_simulate: vblank timer overrun [ 130.315698][ T6238] openvswitch: netlink: IP tunnel dst address not specified [ 132.018683][ T6251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 132.044683][ T6251] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 138.740444][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.748577][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 141.857464][ T6324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.887924][ T6324] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.810932][ T6348] Invalid ELF header magic: != ELF [ 145.586134][ T6372] netlink: 20 bytes leftover after parsing attributes in process `syz.3.95'. [ 149.212243][ T6412] Invalid ELF header magic: != ELF [ 149.827086][ T6422] netlink: 20 bytes leftover after parsing attributes in process `syz.0.106'. [ 152.752583][ T6465] netlink: 20 bytes leftover after parsing attributes in process `syz.2.116'. [ 154.896254][ T6493] type: 4278190080 invalid [ 155.185013][ T5856] Bluetooth: hci0: Malformed Event: 0x02 [ 157.567960][ T6529] netlink: 28 bytes leftover after parsing attributes in process `syz.1.133'. [ 157.634319][ T6529] bridge_slave_1: left allmulticast mode [ 157.681632][ T6529] bridge_slave_1: left promiscuous mode [ 157.753342][ T6529] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.793665][ T6527] syz.2.134 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 157.858110][ T6529] bridge_slave_0: left allmulticast mode [ 157.894242][ T6529] bridge_slave_0: left promiscuous mode [ 157.900235][ T6529] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.106638][ T6534] ubi0: attaching mtd0 [ 158.161967][ T6534] ubi0: scanning is finished [ 158.208458][ T6534] ubi0: empty MTD device detected [ 158.250343][ T6534] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 158.457442][ T6534] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 158.489760][ T6539] ubi0: attaching mtd0 [ 158.540476][ T6539] ubi0: scanning is finished [ 158.635600][ T6539] ubi0: empty MTD device detected [ 158.734458][ T6539] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 158.876023][ T6539] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 161.013144][ T6602] FAULT_INJECTION: forcing a failure. [ 161.013144][ T6602] name failslab, interval 1, probability 0, space 0, times 0 [ 161.029142][ T6602] CPU: 1 UID: 0 PID: 6602 Comm: syz.0.149 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 161.029188][ T6602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 161.029208][ T6602] Call Trace: [ 161.029219][ T6602] [ 161.029232][ T6602] dump_stack_lvl+0x16c/0x1f0 [ 161.029287][ T6602] should_fail_ex+0x512/0x640 [ 161.029324][ T6602] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 161.029375][ T6602] should_failslab+0xc2/0x120 [ 161.029405][ T6602] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 161.029454][ T6602] ? alloc_inode+0xc3/0x240 [ 161.029496][ T6602] alloc_inode+0xc3/0x240 [ 161.029529][ T6602] iget_locked+0x2e4/0x830 [ 161.029567][ T6602] ? __pfx_iget_locked+0x10/0x10 [ 161.029603][ T6602] ? find_held_lock+0x2b/0x80 [ 161.029643][ T6602] ? kernfs_root+0xee/0x2a0 [ 161.029699][ T6602] kernfs_get_inode+0x48/0x460 [ 161.029754][ T6602] kernfs_iop_lookup+0x1a7/0x2d0 [ 161.029784][ T6602] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 161.029813][ T6602] lookup_open.isra.0+0x4d7/0x1580 [ 161.029864][ T6602] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 161.029927][ T6602] ? mnt_get_write_access+0x20c/0x300 [ 161.029968][ T6602] path_openat+0x905/0x2d40 [ 161.030025][ T6602] ? __pfx_path_openat+0x10/0x10 [ 161.030081][ T6602] do_filp_open+0x20b/0x470 [ 161.030125][ T6602] ? __pfx_do_filp_open+0x10/0x10 [ 161.030198][ T6602] ? alloc_fd+0x471/0x7d0 [ 161.030253][ T6602] do_sys_openat2+0x11b/0x1d0 [ 161.030285][ T6602] ? __pfx_do_sys_openat2+0x10/0x10 [ 161.030334][ T6602] __x64_sys_openat+0x174/0x210 [ 161.030368][ T6602] ? __pfx___x64_sys_openat+0x10/0x10 [ 161.030403][ T6602] ? rcu_is_watching+0x12/0xc0 [ 161.030452][ T6602] do_syscall_64+0xcd/0x260 [ 161.030500][ T6602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.030526][ T6602] RIP: 0033:0x7f1ff7b8e169 [ 161.030548][ T6602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.030571][ T6602] RSP: 002b:00007f1ff8ab4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 161.030598][ T6602] RAX: ffffffffffffffda RBX: 00007f1ff7db6080 RCX: 00007f1ff7b8e169 [ 161.030618][ T6602] RDX: 0000000000124001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 161.030636][ T6602] RBP: 00007f1ff7c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 161.030653][ T6602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 161.030670][ T6602] R13: 0000000000000000 R14: 00007f1ff7db6080 R15: 00007ffee6b94b68 [ 161.030760][ T6602] [ 161.282077][ C1] vkms_vblank_simulate: vblank timer overrun [ 165.026348][ T6659] netlink: 186 bytes leftover after parsing attributes in process `syz.2.161'. [ 166.441490][ T6685] Invalid ELF header magic: != ELF [ 166.760899][ T6696] Invalid ELF header magic: != ELF [ 166.770932][ T6700] FAULT_INJECTION: forcing a failure. [ 166.770932][ T6700] name failslab, interval 1, probability 0, space 0, times 0 [ 166.816752][ T6700] CPU: 0 UID: 0 PID: 6700 Comm: syz.2.170 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 166.816792][ T6700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 166.816808][ T6700] Call Trace: [ 166.816818][ T6700] [ 166.816829][ T6700] dump_stack_lvl+0x16c/0x1f0 [ 166.816876][ T6700] should_fail_ex+0x512/0x640 [ 166.816907][ T6700] ? __kvmalloc_node_noprof+0x122/0x600 [ 166.816961][ T6700] should_failslab+0xc2/0x120 [ 166.816989][ T6700] __kvmalloc_node_noprof+0x135/0x600 [ 166.817024][ T6700] ? __lock_acquire+0xaa4/0x1ba0 [ 166.817066][ T6700] ? seq_read_iter+0x826/0x12c0 [ 166.817110][ T6700] ? seq_read_iter+0x826/0x12c0 [ 166.817142][ T6700] seq_read_iter+0x826/0x12c0 [ 166.817176][ T6700] ? __mutex_trylock_common+0xe9/0x250 [ 166.817219][ T6700] proc_reg_read_iter+0x118/0x310 [ 166.817250][ T6700] vfs_read+0x8c8/0xc70 [ 166.817292][ T6700] ? __pfx___mutex_lock+0x10/0x10 [ 166.817331][ T6700] ? __pfx_vfs_read+0x10/0x10 [ 166.817393][ T6700] ksys_read+0x12a/0x240 [ 166.817428][ T6700] ? __pfx_ksys_read+0x10/0x10 [ 166.817460][ T6700] ? rcu_is_watching+0x12/0xc0 [ 166.817506][ T6700] do_syscall_64+0xcd/0x260 [ 166.817548][ T6700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.817577][ T6700] RIP: 0033:0x7fa61df8e169 [ 166.817598][ T6700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.817621][ T6700] RSP: 002b:00007fa61ed3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 166.817648][ T6700] RAX: ffffffffffffffda RBX: 00007fa61e1b5fa0 RCX: 00007fa61df8e169 [ 166.817665][ T6700] RDX: 0000000000000042 RSI: 0000200000000040 RDI: 0000000000000003 [ 166.817681][ T6700] RBP: 00007fa61ed3b090 R08: 0000000000000000 R09: 0000000000000000 [ 166.817701][ T6700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.817717][ T6700] R13: 0000000000000000 R14: 00007fa61e1b5fa0 R15: 00007ffc7af00688 [ 166.817753][ T6700] [ 168.403917][ T6715] netlink: 7 bytes leftover after parsing attributes in process `syz.1.172'. [ 169.137786][ T6722] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 170.019700][ T6734] FAULT_INJECTION: forcing a failure. [ 170.019700][ T6734] name failslab, interval 1, probability 0, space 0, times 0 [ 170.055867][ T6734] CPU: 0 UID: 0 PID: 6734 Comm: syz.3.179 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 170.055915][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 170.055934][ T6734] Call Trace: [ 170.055945][ T6734] [ 170.055959][ T6734] dump_stack_lvl+0x16c/0x1f0 [ 170.056011][ T6734] should_fail_ex+0x512/0x640 [ 170.056045][ T6734] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 170.056098][ T6734] should_failslab+0xc2/0x120 [ 170.056126][ T6734] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 170.056168][ T6734] ? __proc_create+0xc3/0x8c0 [ 170.056200][ T6734] ? __proc_create+0x2ce/0x8c0 [ 170.056236][ T6734] __proc_create+0x2ce/0x8c0 [ 170.056269][ T6734] ? __pfx___proc_create+0x10/0x10 [ 170.056305][ T6734] ? proc_register+0x314/0x5f0 [ 170.056346][ T6734] proc_create_reg+0x7d/0x180 [ 170.056381][ T6734] ? __pfx_kcm_stats_seq_show+0x10/0x10 [ 170.056427][ T6734] proc_create_net_single+0x86/0x170 [ 170.056461][ T6734] ? __pfx_proc_create_net_single+0x10/0x10 [ 170.056505][ T6734] ? __pfx_kcm_proc_init_net+0x10/0x10 [ 170.056549][ T6734] kcm_proc_init_net+0x52/0x120 [ 170.056592][ T6734] ops_init+0x1df/0x5f0 [ 170.056638][ T6734] setup_net+0x21e/0x850 [ 170.056683][ T6734] ? __pfx_setup_net+0x10/0x10 [ 170.056721][ T6734] ? lockdep_init_map_type+0x5c/0x280 [ 170.056751][ T6734] ? __pfx_down_read_killable+0x10/0x10 [ 170.056787][ T6734] ? debug_mutex_init+0x37/0x70 [ 170.056838][ T6734] copy_net_ns+0x2a6/0x5f0 [ 170.056887][ T6734] create_new_namespaces+0x3ea/0xad0 [ 170.056938][ T6734] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 170.056984][ T6734] ksys_unshare+0x45b/0xa40 [ 170.057032][ T6734] ? __pfx_ksys_unshare+0x10/0x10 [ 170.057077][ T6734] ? xfd_validate_state+0x5d/0x180 [ 170.057112][ T6734] ? rcu_is_watching+0x12/0xc0 [ 170.057158][ T6734] __x64_sys_unshare+0x31/0x40 [ 170.057201][ T6734] do_syscall_64+0xcd/0x260 [ 170.057247][ T6734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.057278][ T6734] RIP: 0033:0x7fb83998e169 [ 170.057303][ T6734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.057330][ T6734] RSP: 002b:00007fb83a759038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 170.057359][ T6734] RAX: ffffffffffffffda RBX: 00007fb839bb5fa0 RCX: 00007fb83998e169 [ 170.057378][ T6734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 170.057395][ T6734] RBP: 00007fb839a10a68 R08: 0000000000000000 R09: 0000000000000000 [ 170.057412][ T6734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.057429][ T6734] R13: 0000000000000000 R14: 00007fb839bb5fa0 R15: 00007fffe98fdcb8 [ 170.057468][ T6734] [ 170.968157][ T6750] kernel read not supported for file /\*)A (pid: 6750 comm: syz.1.182) [ 171.074260][ T30] audit: type=1800 audit(6039820281.667:2): pid=6750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.182" name="\*)A" dev="mqueue" ino=10493 res=0 errno=0 [ 172.644397][ T6786] netlink: 20 bytes leftover after parsing attributes in process `syz.3.188'. [ 173.137709][ T6790] overlayfs: "check_copy_up" module option is obsolete [ 173.805976][ T6808] syz.3.194 uses obsolete (PF_INET,SOCK_PACKET) [ 175.393768][ T6837] netlink: 68 bytes leftover after parsing attributes in process `syz.3.199'. [ 176.415835][ T6847] WARNING! power/level is deprecated; use power/control instead [ 176.426919][ T6847] ICMPv6: process `syz.1.203' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 178.476240][ T6896] netlink: 44 bytes leftover after parsing attributes in process `syz.0.215'. [ 181.080401][ T6952] netlink: 20 bytes leftover after parsing attributes in process `syz.0.223'. [ 181.125347][ T6952] process 'syz.0.223' launched '/dev/fd/2' with NULL argv: empty string added [ 181.334489][ T6960] netlink: 28 bytes leftover after parsing attributes in process `syz.3.224'. [ 181.351939][ T6960] ipvlan1: entered allmulticast mode [ 181.366641][ T6960] veth0_vlan: entered allmulticast mode [ 182.908350][ T6967] Invalid ELF header magic: != ELF [ 183.307513][ T5849] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 185.922384][ T7024] Invalid ELF header magic: != ELF [ 189.381511][ T7089] zero sized request [ 189.411237][ T7088] netlink: 28 bytes leftover after parsing attributes in process `syz.0.257'. [ 189.432064][ T7082] kernel read not supported for file /\*)A (pid: 7082 comm: syz.3.254) [ 189.460309][ T30] audit: type=1800 audit(6039820300.077:3): pid=7082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.254" name="\*)A" dev="mqueue" ino=11185 res=0 errno=0 [ 190.358520][ T7101] netlink: 20 bytes leftover after parsing attributes in process `syz.0.259'. [ 191.805839][ T7121] input input7: cannot allocate more than FF_MAX_EFFECTS effects [ 192.838649][ T7148] netlink: 20 bytes leftover after parsing attributes in process `syz.0.271'. [ 194.071267][ T7179] netlink: 20 bytes leftover after parsing attributes in process `syz.3.280'. [ 194.225024][ T7181] random: crng reseeded on system resumption [ 194.656903][ T7184] netlink: 20 bytes leftover after parsing attributes in process `syz.2.277'. [ 195.638980][ T7197] netlink: 504 bytes leftover after parsing attributes in process `syz.1.284'. [ 195.694570][ T7197] netlink: 350 bytes leftover after parsing attributes in process `syz.1.284'. [ 196.703964][ T7215] netlink: 20 bytes leftover after parsing attributes in process `syz.0.289'. [ 198.145245][ T7243] netlink: 'syz.3.296': attribute type 19 has an invalid length. [ 198.164183][ T7243] netlink: 334 bytes leftover after parsing attributes in process `syz.3.296'. [ 199.047795][ T7256] kafs: addr_prefs: Invalid Command [ 199.283709][ T7263] netlink: 28 bytes leftover after parsing attributes in process `syz.2.301'. [ 199.588502][ T7249] openvswitch: netlink: nsh attr 1 has unexpected len 14 expected 8 [ 200.189491][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.214233][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.687905][ T7288] FAULT_INJECTION: forcing a failure. [ 200.687905][ T7288] name failslab, interval 1, probability 0, space 0, times 0 [ 200.746445][ T7288] CPU: 1 UID: 0 PID: 7288 Comm: syz.1.308 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 200.746491][ T7288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 200.746510][ T7288] Call Trace: [ 200.746520][ T7288] [ 200.746544][ T7288] dump_stack_lvl+0x16c/0x1f0 [ 200.746595][ T7288] should_fail_ex+0x512/0x640 [ 200.746629][ T7288] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 200.746683][ T7288] should_failslab+0xc2/0x120 [ 200.746710][ T7288] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 200.746753][ T7288] ? d_instantiate+0x77/0x90 [ 200.746782][ T7288] ? alloc_empty_file+0x55/0x1e0 [ 200.746819][ T7288] alloc_empty_file+0x55/0x1e0 [ 200.746850][ T7288] alloc_file_pseudo+0x13a/0x230 [ 200.746882][ T7288] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 200.746929][ T7288] __shmem_file_setup+0x210/0x300 [ 200.746974][ T7288] shmem_zero_setup+0x93/0x1a0 [ 200.747002][ T7288] __mmap_region+0x2036/0x27c0 [ 200.747050][ T7288] ? __pfx___mmap_region+0x10/0x10 [ 200.747091][ T7288] ? trace_sched_exit_tp+0xde/0x130 [ 200.747161][ T7288] ? __pfx___schedule+0x10/0x10 [ 200.747241][ T7288] ? trace_cap_capable+0x18d/0x200 [ 200.747271][ T7288] ? cap_capable+0xb3/0x250 [ 200.747300][ T7288] mmap_region+0x1ab/0x3f0 [ 200.747350][ T7288] do_mmap+0xd8e/0x11b0 [ 200.747390][ T7288] ? __pfx_do_mmap+0x10/0x10 [ 200.747423][ T7288] ? __pfx_down_write_killable+0x10/0x10 [ 200.747448][ T7288] ? kmem_cache_free+0x2d4/0x4d0 [ 200.747494][ T7288] vm_mmap_pgoff+0x281/0x450 [ 200.747543][ T7288] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 200.747584][ T7288] ? __x64_sys_futex+0x1e0/0x4c0 [ 200.747623][ T7288] ? __x64_sys_futex+0x1e9/0x4c0 [ 200.747667][ T7288] ksys_mmap_pgoff+0x7d/0x5c0 [ 200.747699][ T7288] ? rcu_is_watching+0x12/0xc0 [ 200.747737][ T7288] __x64_sys_mmap+0x125/0x190 [ 200.747779][ T7288] do_syscall_64+0xcd/0x260 [ 200.747823][ T7288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.747850][ T7288] RIP: 0033:0x7f1a03b8e169 [ 200.747873][ T7288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.747898][ T7288] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 200.747925][ T7288] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 200.747943][ T7288] RDX: 0000000000000fff RSI: 0000000002020009 RDI: 0000000000000000 [ 200.747959][ T7288] RBP: 00007f1a03c10a68 R08: fffffffffffffffa R09: 0000000000008000 [ 200.747976][ T7288] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 200.747993][ T7288] R13: 0000000000000000 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 200.748029][ T7288] [ 201.014745][ C1] vkms_vblank_simulate: vblank timer overrun [ 201.209399][ T7296] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[7296] [ 201.801183][ T7304] netlink: 64 bytes leftover after parsing attributes in process `syz.1.309'. [ 203.833877][ T7323] random: crng reseeded on system resumption [ 204.582987][ T7358] FAULT_INJECTION: forcing a failure. [ 204.582987][ T7358] name failslab, interval 1, probability 0, space 0, times 0 [ 204.598896][ T7358] CPU: 1 UID: 0 PID: 7358 Comm: syz.2.322 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 204.598944][ T7358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 204.598963][ T7358] Call Trace: [ 204.598975][ T7358] [ 204.598987][ T7358] dump_stack_lvl+0x16c/0x1f0 [ 204.599042][ T7358] should_fail_ex+0x512/0x640 [ 204.599079][ T7358] ? __kmalloc_noprof+0xbf/0x510 [ 204.599127][ T7358] ? slhc_init+0x3dd/0x570 [ 204.599157][ T7358] should_failslab+0xc2/0x120 [ 204.599187][ T7358] __kmalloc_noprof+0xd2/0x510 [ 204.599238][ T7358] slhc_init+0x3dd/0x570 [ 204.599266][ T7358] ? kasan_save_track+0x14/0x30 [ 204.599311][ T7358] slip_open+0x8ee/0x1150 [ 204.599344][ T7358] ? __pfx_n_tty_close+0x10/0x10 [ 204.599381][ T7358] ? __pfx_slip_open+0x10/0x10 [ 204.599409][ T7358] ? down_write+0x14d/0x200 [ 204.599440][ T7358] ? __pfx_slip_open+0x10/0x10 [ 204.599469][ T7358] tty_ldisc_open+0x9c/0x120 [ 204.599614][ T7358] tty_set_ldisc+0x32b/0x780 [ 204.599667][ T7358] tty_ioctl+0xc42/0x1610 [ 204.599714][ T7358] ? __pfx_tty_ioctl+0x10/0x10 [ 204.599768][ T7358] ? fdget+0x187/0x210 [ 204.599810][ T7358] ? __sys_sendmsg+0x199/0x220 [ 204.599848][ T7358] ? hook_file_ioctl_common+0x145/0x410 [ 204.599892][ T7358] ? xfd_validate_state+0x5d/0x180 [ 204.599932][ T7358] ? __pfx_tty_ioctl+0x10/0x10 [ 204.599979][ T7358] __x64_sys_ioctl+0x190/0x200 [ 204.600019][ T7358] do_syscall_64+0xcd/0x260 [ 204.600068][ T7358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.600098][ T7358] RIP: 0033:0x7fa61df8e169 [ 204.600124][ T7358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.600152][ T7358] RSP: 002b:00007fa61ed3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 204.600180][ T7358] RAX: ffffffffffffffda RBX: 00007fa61e1b5fa0 RCX: 00007fa61df8e169 [ 204.600200][ T7358] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001 [ 204.600216][ T7358] RBP: 00007fa61e010a68 R08: 0000000000000000 R09: 0000000000000000 [ 204.600234][ T7358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.600251][ T7358] R13: 0000000000000000 R14: 00007fa61e1b5fa0 R15: 00007ffc7af00688 [ 204.600291][ T7358] [ 204.826486][ C1] vkms_vblank_simulate: vblank timer overrun [ 204.870530][ T7363] netlink: 28 bytes leftover after parsing attributes in process `syz.0.324'. [ 205.779195][ T7382] netlink: 20 bytes leftover after parsing attributes in process `syz.2.330'. [ 206.717170][ T7394] FAULT_INJECTION: forcing a failure. [ 206.717170][ T7394] name failslab, interval 1, probability 0, space 0, times 0 [ 206.794144][ T7394] CPU: 0 UID: 0 PID: 7394 Comm: syz.3.333 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 206.794201][ T7394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 206.794222][ T7394] Call Trace: [ 206.794232][ T7394] [ 206.794245][ T7394] dump_stack_lvl+0x16c/0x1f0 [ 206.794300][ T7394] should_fail_ex+0x512/0x640 [ 206.794338][ T7394] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 206.794387][ T7394] should_failslab+0xc2/0x120 [ 206.794415][ T7394] __kmalloc_cache_noprof+0x6a/0x3e0 [ 206.794459][ T7394] ? pidlist_array_load+0x524/0x9c0 [ 206.794509][ T7394] pidlist_array_load+0x524/0x9c0 [ 206.794555][ T7394] ? __pfx_pidlist_array_load+0x10/0x10 [ 206.794596][ T7394] ? __pfx___mutex_lock+0x10/0x10 [ 206.794657][ T7394] ? kernfs_root+0xf8/0x2a0 [ 206.794714][ T7394] cgroup_pidlist_start+0x3a3/0x4f0 [ 206.794766][ T7394] ? __pfx_cgroup_seqfile_start+0x10/0x10 [ 206.794812][ T7394] kernfs_seq_start+0xd8/0x240 [ 206.794851][ T7394] seq_read_iter+0x2be/0x12c0 [ 206.794911][ T7394] kernfs_fop_read_iter+0x40f/0x5a0 [ 206.794946][ T7394] ? rw_verify_area+0xcf/0x680 [ 206.794986][ T7394] vfs_read+0x8c8/0xc70 [ 206.795025][ T7394] ? __pfx___mutex_lock+0x10/0x10 [ 206.795064][ T7394] ? __pfx_vfs_read+0x10/0x10 [ 206.795129][ T7394] ksys_read+0x12a/0x240 [ 206.795177][ T7394] ? __pfx_ksys_read+0x10/0x10 [ 206.795215][ T7394] ? rcu_is_watching+0x12/0xc0 [ 206.795267][ T7394] do_syscall_64+0xcd/0x260 [ 206.795317][ T7394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.795346][ T7394] RIP: 0033:0x7fb83998e169 [ 206.795371][ T7394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.795396][ T7394] RSP: 002b:00007fb83a717038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 206.795423][ T7394] RAX: ffffffffffffffda RBX: 00007fb839bb6160 RCX: 00007fb83998e169 [ 206.795442][ T7394] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000007 [ 206.795459][ T7394] RBP: 00007fb839a10a68 R08: 0000000000000000 R09: 0000000000000000 [ 206.795475][ T7394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.795491][ T7394] R13: 0000000000000000 R14: 00007fb839bb6160 R15: 00007fffe98fdcb8 [ 206.795532][ T7394] [ 208.574704][ T7422] netlink: 20 bytes leftover after parsing attributes in process `syz.3.341'. [ 209.181228][ T7431] usbip-vudc usbip-vudc.0: gadget not bound [ 209.925582][ T7449] netlink: 330 bytes leftover after parsing attributes in process `syz.1.345'. [ 210.051672][ T7452] netlink: 28 bytes leftover after parsing attributes in process `syz.3.346'. [ 211.003205][ T5849] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 212.133948][ T7483] udc dummy_udc.0: soft-connect without a gadget driver [ 212.529967][ T7486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.353'. [ 216.613352][ T7549] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 216.991345][ T7561] random: crng reseeded on system resumption [ 217.625068][ T5848] Bluetooth: hci1: command 0x0406 tx timeout [ 217.631274][ T55] Bluetooth: hci0: command 0x0406 tx timeout [ 217.637432][ T5848] Bluetooth: hci2: command 0x0406 tx timeout [ 217.643559][ T5848] Bluetooth: hci3: command 0x0406 tx timeout [ 222.497887][ T7611] FAULT_INJECTION: forcing a failure. [ 222.497887][ T7611] name failslab, interval 1, probability 0, space 0, times 0 [ 222.542930][ T7611] CPU: 1 UID: 0 PID: 7611 Comm: syz.1.379 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 222.542981][ T7611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 222.543009][ T7611] Call Trace: [ 222.543033][ T7611] [ 222.543046][ T7611] dump_stack_lvl+0x16c/0x1f0 [ 222.543100][ T7611] should_fail_ex+0x512/0x640 [ 222.543136][ T7611] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 222.543186][ T7611] should_failslab+0xc2/0x120 [ 222.543216][ T7611] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 222.543275][ T7611] ? __proc_create+0xc3/0x8c0 [ 222.543307][ T7611] ? __proc_create+0x2ce/0x8c0 [ 222.543343][ T7611] __proc_create+0x2ce/0x8c0 [ 222.543375][ T7611] ? __pfx___proc_create+0x10/0x10 [ 222.543406][ T7611] ? _raw_spin_unlock+0x28/0x50 [ 222.543457][ T7611] proc_create_reg+0x7d/0x180 [ 222.543503][ T7611] proc_create_net_data+0x8e/0x1b0 [ 222.543547][ T7611] ? __pfx_proc_create_net_data+0x10/0x10 [ 222.543580][ T7611] ? mptcp_net_init+0x4d0/0x620 [ 222.543613][ T7611] ? udp_pernet_init+0x61a/0x830 [ 222.543653][ T7611] ? __pfx_udplite4_proc_init_net+0x10/0x10 [ 222.543703][ T7611] udplite4_proc_init_net+0x57/0x80 [ 222.543747][ T7611] ops_init+0x1df/0x5f0 [ 222.543800][ T7611] setup_net+0x21e/0x850 [ 222.543869][ T7611] ? __pfx_setup_net+0x10/0x10 [ 222.543915][ T7611] ? lockdep_init_map_type+0x5c/0x280 [ 222.543945][ T7611] ? __pfx_down_read_killable+0x10/0x10 [ 222.543986][ T7611] ? debug_mutex_init+0x37/0x70 [ 222.544034][ T7611] copy_net_ns+0x2a6/0x5f0 [ 222.544076][ T7611] create_new_namespaces+0x3ea/0xad0 [ 222.544123][ T7611] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 222.544166][ T7611] ksys_unshare+0x45b/0xa40 [ 222.544211][ T7611] ? __pfx_ksys_unshare+0x10/0x10 [ 222.544265][ T7611] ? xfd_validate_state+0x5d/0x180 [ 222.544302][ T7611] ? rcu_is_watching+0x12/0xc0 [ 222.544345][ T7611] __x64_sys_unshare+0x31/0x40 [ 222.544386][ T7611] do_syscall_64+0xcd/0x260 [ 222.544440][ T7611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.544467][ T7611] RIP: 0033:0x7f1a03b8e169 [ 222.544492][ T7611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.544518][ T7611] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 222.544546][ T7611] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 222.544572][ T7611] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 222.544589][ T7611] RBP: 00007f1a03c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 222.544606][ T7611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.544624][ T7611] R13: 0000000000000000 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 222.544662][ T7611] [ 223.195177][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.382'. [ 224.925184][ T7657] netlink: 20 bytes leftover after parsing attributes in process `syz.1.389'. [ 226.462122][ T7691] netlink: 20 bytes leftover after parsing attributes in process `syz.2.400'. [ 226.551670][ T7693] netlink: 'syz.3.401': attribute type 1 has an invalid length. [ 226.567805][ T7693] scsi_strcpy_devinfo: vendor string 'íÙ/&cžÀ~n] ò | [ 226.567805][ T7693] MÅ' is too long [ 226.608364][ T7693] scsi_strcpy_devinfo: model string '’Dd5‚ ÕK€2bÛ [ 226.608364][ T7693] ††½WÏõ›ú «ú' is too long [ 226.689705][ T7697] netlink: 'syz.3.401': attribute type 27 has an invalid length. [ 226.698838][ T7697] netlink: 334 bytes leftover after parsing attributes in process `syz.3.401'. [ 227.447515][ T7709] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 227.488343][ T7709] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 227.534516][ T7709] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 227.669292][ T7709] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 227.679421][ T7709] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 227.742882][ T7709] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 227.789663][ T5849] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 227.881682][ T7709] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 227.904289][ T7709] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 227.923532][ T7709] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 227.929814][ T7709] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 228.153827][ T7728] netlink: 20 bytes leftover after parsing attributes in process `syz.0.410'. [ 228.873656][ T7764] netlink: 338 bytes leftover after parsing attributes in process `syz.0.417'. [ 228.977786][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.417'. [ 229.044643][ T7765] netlink: 338 bytes leftover after parsing attributes in process `syz.0.417'. [ 229.454741][ T5849] Bluetooth: hci0: command 0x0406 tx timeout [ 229.697193][ T5849] Bluetooth: hci1: command 0x0406 tx timeout [ 229.762095][ T7786] netlink: 20 bytes leftover after parsing attributes in process `syz.1.423'. [ 229.944302][ T5849] Bluetooth: hci3: command 0x0406 tx timeout [ 229.950511][ T5849] Bluetooth: hci2: command 0x0406 tx timeout [ 230.319275][ T7790] netlink: 28 bytes leftover after parsing attributes in process `syz.1.424'. [ 230.486413][ T7790] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 230.712434][ T7798] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[7798] [ 231.536300][ T5850] Bluetooth: hci0: command 0x0406 tx timeout [ 231.774230][ T5850] Bluetooth: hci1: command 0x0406 tx timeout [ 232.016125][ T5850] Bluetooth: hci2: command 0x0406 tx timeout [ 232.016143][ T5849] Bluetooth: hci3: command 0x0406 tx timeout [ 232.635524][ T7831] netlink: 28 bytes leftover after parsing attributes in process `syz.0.432'. [ 232.794461][ T7831] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 232.886975][ T7838] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 233.303561][ T7831] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 233.454487][ T7856] netlink: 20 bytes leftover after parsing attributes in process `syz.2.438'. [ 233.616632][ T5849] Bluetooth: hci0: command 0x0406 tx timeout [ 233.854289][ T5849] Bluetooth: hci1: command 0x0406 tx timeout [ 234.338499][ T30] audit: type=1804 audit(8187303991.967:4): pid=7879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.445" name="/newroot/sys/kernel/debug/tracing/trace" dev="tracefs" ino=1240 res=1 errno=0 [ 235.595535][ T7902] netlink: 20 bytes leftover after parsing attributes in process `syz.2.450'. [ 235.881045][ T7908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.452'. [ 235.933286][ T7908] netlink: 'syz.2.452': attribute type 4 has an invalid length. [ 235.971248][ T7908] netlink: 314 bytes leftover after parsing attributes in process `syz.2.452'. [ 236.004885][ T7911] netlink: 'syz.2.452': attribute type 4 has an invalid length. [ 236.012639][ T7911] netlink: 314 bytes leftover after parsing attributes in process `syz.2.452'. [ 236.111320][ T7912] netlink: 28 bytes leftover after parsing attributes in process `syz.3.453'. [ 236.727539][ T7923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.456'. [ 236.808249][ T7923] Invalid ELF header magic: != ELF [ 237.045531][ T7922] netlink: 342 bytes leftover after parsing attributes in process `syz.3.455'. [ 237.488466][ T7939] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[7939] [ 238.272022][ T7952] netlink: 20 bytes leftover after parsing attributes in process `syz.3.461'. [ 238.785948][ T7954] vivid-007: ================= START STATUS ================= [ 238.786049][ T7954] vivid-007: Generate PTS: true [ 238.786122][ T7954] vivid-007: Generate SCR: true [ 238.786156][ T7954] tpg source WxH: 640x360 (Y'CbCr) [ 238.786177][ T7954] tpg field: 1 [ 238.786189][ T7954] tpg crop: (0,0)/640x360 [ 238.786209][ T7954] tpg compose: (0,0)/640x360 [ 238.786230][ T7954] tpg colorspace: 8 [ 238.786243][ T7954] tpg transfer function: 0/0 [ 238.786260][ T7954] tpg Y'CbCr encoding: 0/0 [ 238.786276][ T7954] tpg quantization: 0/0 [ 238.786292][ T7954] tpg RGB range: 0/2 [ 238.786307][ T7954] vivid-007: ================== END STATUS ================== [ 240.612051][ T7991] netlink: 20 bytes leftover after parsing attributes in process `syz.3.471'. [ 241.450046][ T8000] netlink: 8 bytes leftover after parsing attributes in process `syz.1.473'. [ 241.518328][ T8000] netlink: 'syz.1.473': attribute type 4 has an invalid length. [ 241.550783][ T8000] netlink: 314 bytes leftover after parsing attributes in process `syz.1.473'. [ 241.613075][ T8000] netlink: 'syz.1.473': attribute type 4 has an invalid length. [ 241.648040][ T8000] netlink: 314 bytes leftover after parsing attributes in process `syz.1.473'. [ 243.887878][ T5849] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 244.815080][ T8050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.484'. [ 244.844395][ T8050] netlink: 'syz.0.484': attribute type 4 has an invalid length. [ 244.853173][ T8050] netlink: 314 bytes leftover after parsing attributes in process `syz.0.484'. [ 244.891445][ T8050] netlink: 'syz.0.484': attribute type 4 has an invalid length. [ 244.931054][ T8050] netlink: 314 bytes leftover after parsing attributes in process `syz.0.484'. [ 245.229363][ T8058] FAULT_INJECTION: forcing a failure. [ 245.229363][ T8058] name failslab, interval 1, probability 0, space 0, times 0 [ 245.229416][ T8058] CPU: 0 UID: 0 PID: 8058 Comm: syz.3.486 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 245.229439][ T8058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 245.229449][ T8058] Call Trace: [ 245.229455][ T8058] [ 245.229462][ T8058] dump_stack_lvl+0x16c/0x1f0 [ 245.229496][ T8058] should_fail_ex+0x512/0x640 [ 245.229517][ T8058] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 245.229548][ T8058] should_failslab+0xc2/0x120 [ 245.229567][ T8058] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 245.229593][ T8058] ? __proc_create+0xc3/0x8c0 [ 245.229612][ T8058] ? __proc_create+0x2ce/0x8c0 [ 245.229633][ T8058] __proc_create+0x2ce/0x8c0 [ 245.229654][ T8058] ? __pfx___proc_create+0x10/0x10 [ 245.229672][ T8058] ? _raw_write_unlock+0x28/0x50 [ 245.229708][ T8058] ? proc_register+0x314/0x5f0 [ 245.229733][ T8058] _proc_mkdir+0xb9/0x200 [ 245.229753][ T8058] ? __pfx__proc_mkdir+0x10/0x10 [ 245.229779][ T8058] ? __pfx_netfilter_net_init+0x10/0x10 [ 245.229804][ T8058] netfilter_net_init+0x37b/0x4b0 [ 245.229826][ T8058] ? sysctl_net_init+0x27/0x30 [ 245.229854][ T8058] ops_init+0x1df/0x5f0 [ 245.229883][ T8058] setup_net+0x21e/0x850 [ 245.229909][ T8058] ? __pfx_setup_net+0x10/0x10 [ 245.229932][ T8058] ? lockdep_init_map_type+0x5c/0x280 [ 245.229950][ T8058] ? __pfx_down_read_killable+0x10/0x10 [ 245.229969][ T8058] ? debug_mutex_init+0x37/0x70 [ 245.229993][ T8058] copy_net_ns+0x2a6/0x5f0 [ 245.230022][ T8058] create_new_namespaces+0x3ea/0xad0 [ 245.230051][ T8058] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 245.230077][ T8058] ksys_unshare+0x45b/0xa40 [ 245.230104][ T8058] ? __pfx_ksys_unshare+0x10/0x10 [ 245.230128][ T8058] ? xfd_validate_state+0x5d/0x180 [ 245.230149][ T8058] ? rcu_is_watching+0x12/0xc0 [ 245.230176][ T8058] __x64_sys_unshare+0x31/0x40 [ 245.230202][ T8058] do_syscall_64+0xcd/0x260 [ 245.230229][ T8058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.230247][ T8058] RIP: 0033:0x7fb83998e169 [ 245.230262][ T8058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.230278][ T8058] RSP: 002b:00007fb83a738038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 245.230296][ T8058] RAX: ffffffffffffffda RBX: 00007fb839bb6080 RCX: 00007fb83998e169 [ 245.230307][ T8058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 245.230316][ T8058] RBP: 00007fb839a10a68 R08: 0000000000000000 R09: 0000000000000000 [ 245.230326][ T8058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 245.230336][ T8058] R13: 0000000000000000 R14: 00007fb839bb6080 R15: 00007fffe98fdcb8 [ 245.230357][ T8058] [ 245.230364][ T8058] cannot create netfilter proc entry [ 247.150797][ T8096] tipc: Can't bind to reserved service type 1 [ 248.561277][ T8120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.500'. [ 248.641327][ T8120] HfR: entered promiscuous mode [ 248.984424][ T30] audit: type=1800 audit(8187304022.589:5): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.501" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 249.377849][ T8130] netlink: 28 bytes leftover after parsing attributes in process `syz.3.504'. [ 251.174339][ T8151] netlink: 20 bytes leftover after parsing attributes in process `syz.3.511'. [ 251.568562][ T8157] FAULT_INJECTION: forcing a failure. [ 251.568562][ T8157] name failslab, interval 1, probability 0, space 0, times 0 [ 251.625521][ T8157] CPU: 1 UID: 0 PID: 8157 Comm: syz.3.513 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 251.625571][ T8157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 251.625590][ T8157] Call Trace: [ 251.625601][ T8157] [ 251.625614][ T8157] dump_stack_lvl+0x16c/0x1f0 [ 251.625668][ T8157] should_fail_ex+0x512/0x640 [ 251.625704][ T8157] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 251.625750][ T8157] should_failslab+0xc2/0x120 [ 251.625780][ T8157] __kmalloc_cache_noprof+0x6a/0x3e0 [ 251.625821][ T8157] ? kasan_record_aux_stack+0xb8/0xd0 [ 251.625855][ T8157] ? __call_rcu_common.constprop.0+0x9a/0x9f0 [ 251.625899][ T8157] ? kmem_cache_free+0x173/0x4d0 [ 251.625938][ T8157] ? snd_pcm_oss_change_params_locked+0x1db/0x3b40 [ 251.626003][ T8157] snd_pcm_oss_change_params_locked+0x1db/0x3b40 [ 251.626064][ T8157] ? __mutex_init+0xc5/0x120 [ 251.626094][ T8157] ? __pfx___might_resched+0x10/0x10 [ 251.626137][ T8157] ? rcu_is_watching+0x12/0xc0 [ 251.626173][ T8157] ? trace_contention_end+0xdd/0x130 [ 251.626205][ T8157] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 251.626256][ T8157] ? snd_pcm_oss_sync+0x30c/0x840 [ 251.626295][ T8157] ? __fsnotify_parent+0x24b/0xc40 [ 251.626348][ T8157] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 251.626399][ T8157] snd_pcm_oss_sync+0x32e/0x840 [ 251.626433][ T8157] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 251.626461][ T8157] snd_pcm_oss_release+0x28b/0x310 [ 251.626491][ T8157] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 251.626518][ T8157] __fput+0x3ff/0xb70 [ 251.626558][ T8157] task_work_run+0x14d/0x240 [ 251.626594][ T8157] ? __pfx_task_work_run+0x10/0x10 [ 251.626625][ T8157] ? __pfx___do_sys_close_range+0x10/0x10 [ 251.626667][ T8157] ? rcu_is_watching+0x12/0xc0 [ 251.626705][ T8157] syscall_exit_to_user_mode+0x27b/0x2a0 [ 251.626746][ T8157] do_syscall_64+0xda/0x260 [ 251.626792][ T8157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.626822][ T8157] RIP: 0033:0x7fb83998e169 [ 251.626846][ T8157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.626882][ T8157] RSP: 002b:00007fb83a759038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 251.626912][ T8157] RAX: 0000000000000000 RBX: 00007fb839bb5fa0 RCX: 00007fb83998e169 [ 251.626928][ T8157] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 251.626942][ T8157] RBP: 00007fb839a10a68 R08: 0000000000000000 R09: 0000000000000000 [ 251.626957][ T8157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.626973][ T8157] R13: 0000000000000000 R14: 00007fb839bb5fa0 R15: 00007fffe98fdcb8 [ 251.627004][ T8157] [ 251.899058][ C1] vkms_vblank_simulate: vblank timer overrun [ 251.921381][ T8161] netlink: 20 bytes leftover after parsing attributes in process `syz.1.514'. [ 254.307886][ T8185] netlink: 28 bytes leftover after parsing attributes in process `syz.0.520'. [ 254.871501][ T8193] netlink: 20 bytes leftover after parsing attributes in process `syz.2.522'. [ 257.023630][ T8227] netlink: 342 bytes leftover after parsing attributes in process `syz.0.531'. [ 257.129883][ T8233] netlink: 4 bytes leftover after parsing attributes in process `syz.0.534'. [ 257.345309][ T8238] netlink: 20 bytes leftover after parsing attributes in process `syz.0.535'. [ 258.051718][ T8244] netlink: 20 bytes leftover after parsing attributes in process `syz.0.537'. [ 259.030527][ T8253] netlink: 28 bytes leftover after parsing attributes in process `syz.2.541'. [ 259.750995][ T8269] netlink: 4 bytes leftover after parsing attributes in process `syz.1.544'. [ 261.042672][ T8290] netlink: 20 bytes leftover after parsing attributes in process `syz.2.546'. [ 261.532532][ T8304] netlink: 20 bytes leftover after parsing attributes in process `syz.1.548'. [ 261.623440][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.631662][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.719226][ T8309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.555'. [ 262.962025][ T8319] netlink: 20 bytes leftover after parsing attributes in process `syz.2.558'. [ 263.164655][ T8328] netlink: 28 bytes leftover after parsing attributes in process `syz.1.556'. [ 264.887490][ T8352] netlink: 'syz.0.564': attribute type 15 has an invalid length. [ 264.896578][ T8352] netlink: 'syz.0.564': attribute type 16 has an invalid length. [ 264.912570][ T8352] netlink: 'syz.0.564': attribute type 17 has an invalid length. [ 264.924135][ T8352] netlink: 'syz.0.564': attribute type 19 has an invalid length. [ 264.938699][ T8352] netlink: 238 bytes leftover after parsing attributes in process `syz.0.564'. [ 265.651493][ T8366] netlink: 20 bytes leftover after parsing attributes in process `syz.2.569'. [ 267.148828][ T30] audit: type=1807 audit(8187304040.769:6): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 267.202948][ T8382] ima: policy update failed [ 267.203840][ T30] audit: type=1802 audit(8187304040.829:7): pid=8383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.574" res=0 errno=0 [ 267.236582][ T30] audit: type=1802 audit(8187304040.859:8): pid=8382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.574" res=0 errno=0 [ 267.458543][ T8388] netlink: 12 bytes leftover after parsing attributes in process `syz.0.576'. [ 268.114462][ T8406] netlink: 20 bytes leftover after parsing attributes in process `syz.1.581'. [ 270.626414][ T8434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.587'. [ 273.892192][ T8475] [U]  [ 273.895511][ T8475] [U] [ 273.898284][ T8475] [U] [ 273.901048][ T8475] [U] [ 274.054517][ T8475] [U] [ 274.057357][ T8475] [U] [ 274.060094][ T8475] [U] [ 274.062820][ T8475] [U] [ 274.147204][ T8475] [U] [ 274.150013][ T8475] [U] [ 274.152741][ T8475] [U] [ 274.155473][ T8475] [U] [ 274.246729][ T8475] [U] [ 274.249551][ T8475] [U] [ 274.252278][ T8475] [U] [ 274.255015][ T8475] [U] [ 274.260202][ T8475] [U] [ 274.262987][ T8475] [U] [ 274.265737][ T8475] [U] [ 274.268489][ T8475] [U] [ 274.272559][ T8475] [U] [ 274.275347][ T8475] [U] [ 274.278100][ T8475] [U] [ 274.280842][ T8475] [U] [ 274.285240][ T8475] [U] [ 276.006106][ T8507] netlink: 28 bytes leftover after parsing attributes in process `syz.0.605'. [ 276.028922][ T8507] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.061612][ T8499] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 276.077409][ T8499] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 276.106968][ T8499] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 276.113272][ T8499] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 276.205090][ T8507] bridge_slave_1 (unregistering): left allmulticast mode [ 276.246144][ T8507] bridge_slave_1 (unregistering): left promiscuous mode [ 276.258744][ T8507] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.454373][ T5849] Bluetooth: hci0: command 0x0406 tx timeout [ 278.094399][ T5849] Bluetooth: hci1: command 0x0406 tx timeout [ 278.177839][ T5849] Bluetooth: hci3: command 0x0406 tx timeout [ 278.183940][ T5850] Bluetooth: hci2: command 0x0406 tx timeout [ 279.279263][ T8551] netlink: 20 bytes leftover after parsing attributes in process `syz.0.613'. [ 280.054405][ T8562] netlink: 20 bytes leftover after parsing attributes in process `syz.2.617'. [ 280.232536][ T8566] netlink: 28 bytes leftover after parsing attributes in process `syz.2.618'. [ 280.257804][ T8566] bridge0: port 2(bridge_slave_1) entered disabled state [ 280.352423][ T8566] bridge_slave_1 (unregistering): left allmulticast mode [ 280.360682][ T8566] bridge_slave_1 (unregistering): left promiscuous mode [ 280.410965][ T8566] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.671420][ T8611] netlink: 4 bytes leftover after parsing attributes in process `syz.2.627'. [ 283.732879][ T8611] HfR: entered promiscuous mode [ 285.604977][ T8639] netlink: 28 bytes leftover after parsing attributes in process `syz.1.631'. [ 287.196606][ T8663] netlink: 20 bytes leftover after parsing attributes in process `syz.0.638'. [ 288.293359][ T8677] netlink: 4 bytes leftover after parsing attributes in process `syz.1.643'. [ 288.578228][ T8684] FAULT_INJECTION: forcing a failure. [ 288.578228][ T8684] name failslab, interval 1, probability 0, space 0, times 0 [ 288.604312][ T8684] CPU: 1 UID: 0 PID: 8684 Comm: syz.1.644 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 288.604361][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 288.604379][ T8684] Call Trace: [ 288.604390][ T8684] [ 288.604401][ T8684] dump_stack_lvl+0x16c/0x1f0 [ 288.604462][ T8684] should_fail_ex+0x512/0x640 [ 288.604499][ T8684] ? __kmalloc_noprof+0xbf/0x510 [ 288.604549][ T8684] ? ops_init+0x77/0x5f0 [ 288.604588][ T8684] should_failslab+0xc2/0x120 [ 288.604619][ T8684] __kmalloc_noprof+0xd2/0x510 [ 288.604665][ T8684] ? __raw_spin_lock_init+0x3a/0x110 [ 288.604701][ T8684] ops_init+0x77/0x5f0 [ 288.604744][ T8684] setup_net+0x21e/0x850 [ 288.604789][ T8684] ? __pfx_setup_net+0x10/0x10 [ 288.604826][ T8684] ? lockdep_init_map_type+0x5c/0x280 [ 288.604854][ T8684] ? __pfx_down_read_killable+0x10/0x10 [ 288.604885][ T8684] ? debug_mutex_init+0x37/0x70 [ 288.604928][ T8684] copy_net_ns+0x2a6/0x5f0 [ 288.604977][ T8684] create_new_namespaces+0x3ea/0xad0 [ 288.605028][ T8684] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 288.605074][ T8684] ksys_unshare+0x45b/0xa40 [ 288.605120][ T8684] ? __pfx_ksys_unshare+0x10/0x10 [ 288.605162][ T8684] ? xfd_validate_state+0x5d/0x180 [ 288.605196][ T8684] ? rcu_is_watching+0x12/0xc0 [ 288.605243][ T8684] __x64_sys_unshare+0x31/0x40 [ 288.605285][ T8684] do_syscall_64+0xcd/0x260 [ 288.605339][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.605368][ T8684] RIP: 0033:0x7f1a03b8e169 [ 288.605392][ T8684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.605419][ T8684] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 288.605455][ T8684] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 288.605474][ T8684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 288.605490][ T8684] RBP: 00007f1a03c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 288.605507][ T8684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 288.605523][ T8684] R13: 0000000000000000 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 288.605560][ T8684] [ 288.831423][ C1] vkms_vblank_simulate: vblank timer overrun [ 289.814441][ T8690] [U]  [ 289.817370][ T8690] [U] [ 289.820132][ T8690] [U] [ 289.822941][ T8690] [U] [ 289.850317][ T8690] [U] [ 289.853146][ T8690] [U] [ 289.855908][ T8690] [U] [ 289.858663][ T8690] [U] [ 289.901205][ T8690] [U] [ 289.904025][ T8690] [U] [ 289.906778][ T8690] [U] [ 289.909532][ T8690] [U] [ 289.978243][ T8690] [U] [ 289.981064][ T8690] [U] [ 289.983829][ T8690] [U] [ 289.986588][ T8690] [U] [ 290.110451][ T8690] [U] [ 290.113279][ T8690] [U] [ 290.116035][ T8690] [U] [ 290.118792][ T8690] [U] [ 290.184392][ T8690] [U] [ 290.187230][ T8690] [U] [ 290.189989][ T8690] [U] [ 290.192751][ T8690] [U] [ 290.227065][ T8690] [U] [ 290.229894][ T8690] [U] [ 290.232655][ T8690] [U] [ 290.235408][ T8690] [U] [ 290.401708][ T8690] [U] [ 290.404763][ T8690] [U] [ 290.407502][ T8690] [U] [ 290.410242][ T8690] [U] [ 290.434571][ T8690] [U] [ 290.437390][ T8690] [U] [ 290.440156][ T8690] [U] [ 290.442915][ T8690] [U] [ 290.514275][ T8690] [U] [ 290.517106][ T8690] [U] [ 290.519865][ T8690] [U] [ 290.522630][ T8690] [U] [ 290.587129][ T8690] [U] [ 290.589955][ T8690] [U] [ 290.592727][ T8690] [U] [ 290.595488][ T8690] [U] [ 290.633946][ T8690] [U] [ 291.384555][ T8709] netlink: 20 bytes leftover after parsing attributes in process `syz.0.648'. [ 291.910506][ T8726] netlink: 4 bytes leftover after parsing attributes in process `syz.0.652'. [ 292.293599][ T8726] HfR: entered promiscuous mode [ 293.007281][ T8743] netlink: 20 bytes leftover after parsing attributes in process `syz.3.659'. [ 293.306262][ T8739] netlink: 'syz.2.656': attribute type 1 has an invalid length. syzkaller syzkaller login: [ 295.906814][ T8794] netlink: 20 bytes leftover after parsing attributes in process `syz.1.670'. [ 300.815225][ T8876] netlink: 93 bytes leftover after parsing attributes in process `syz.1.685'. [ 302.142391][ T8886] netlink: 28 bytes leftover after parsing attributes in process `syz.3.686'. [ 302.163220][ T8886] bridge_slave_0: left allmulticast mode [ 302.215413][ T8886] bridge_slave_0: left promiscuous mode [ 302.254531][ T8886] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.090238][ T8979] netlink: 93 bytes leftover after parsing attributes in process `syz.0.703'. [ 309.449119][ T8984] netlink: 20 bytes leftover after parsing attributes in process `syz.3.704'. [ 309.888630][ T8990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.706'. [ 309.900769][ T8989] netlink: 342 bytes leftover after parsing attributes in process `syz.1.707'. [ 309.913065][ T8989] netlink: 342 bytes leftover after parsing attributes in process `syz.1.707'. [ 309.933599][ T8989] netlink: 342 bytes leftover after parsing attributes in process `syz.1.707'. [ 311.865840][ T9016] netlink: 'syz.3.712': attribute type 1 has an invalid length. [ 312.772317][ T9035] netlink: 93 bytes leftover after parsing attributes in process `syz.2.717'. syzkaller syzkaller login: [ 313.270181][ T9043] netlink: 20 bytes leftover after parsing attributes in process `syz.0.719'. [ 315.205155][ T9067] FAULT_INJECTION: forcing a failure. [ 315.205155][ T9067] name failslab, interval 1, probability 0, space 0, times 0 [ 315.222085][ T9067] CPU: 0 UID: 0 PID: 9067 Comm: syz.1.726 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 315.222139][ T9067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 315.222157][ T9067] Call Trace: [ 315.222167][ T9067] [ 315.222179][ T9067] dump_stack_lvl+0x16c/0x1f0 [ 315.222231][ T9067] should_fail_ex+0x512/0x640 [ 315.222263][ T9067] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 315.222316][ T9067] should_failslab+0xc2/0x120 [ 315.222343][ T9067] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 315.222384][ T9067] ? __proc_create+0xc3/0x8c0 [ 315.222417][ T9067] ? __proc_create+0x2ce/0x8c0 [ 315.222453][ T9067] __proc_create+0x2ce/0x8c0 [ 315.222484][ T9067] ? __pfx___proc_create+0x10/0x10 [ 315.222529][ T9067] proc_create_reg+0x7d/0x180 [ 315.222563][ T9067] proc_create_net_data+0x8e/0x1b0 [ 315.222596][ T9067] ? __pfx_proc_create_net_data+0x10/0x10 [ 315.222637][ T9067] ? __pfx_phonet_init_net+0x10/0x10 [ 315.222667][ T9067] phonet_init_net+0x66/0x120 [ 315.222695][ T9067] ops_init+0x1df/0x5f0 [ 315.222746][ T9067] setup_net+0x21e/0x850 [ 315.222789][ T9067] ? __pfx_setup_net+0x10/0x10 [ 315.222825][ T9067] ? lockdep_init_map_type+0x5c/0x280 [ 315.222853][ T9067] ? __pfx_down_read_killable+0x10/0x10 [ 315.222884][ T9067] ? debug_mutex_init+0x37/0x70 [ 315.222924][ T9067] copy_net_ns+0x2a6/0x5f0 [ 315.222971][ T9067] create_new_namespaces+0x3ea/0xad0 [ 315.223020][ T9067] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 315.223064][ T9067] ksys_unshare+0x45b/0xa40 [ 315.223115][ T9067] ? __pfx_ksys_unshare+0x10/0x10 [ 315.223155][ T9067] ? xfd_validate_state+0x5d/0x180 [ 315.223189][ T9067] ? rcu_is_watching+0x12/0xc0 [ 315.223232][ T9067] __x64_sys_unshare+0x31/0x40 [ 315.223274][ T9067] do_syscall_64+0xcd/0x260 [ 315.223319][ T9067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.223347][ T9067] RIP: 0033:0x7f1a03b8e169 [ 315.223370][ T9067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.223396][ T9067] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 315.223423][ T9067] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 315.223441][ T9067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 315.223457][ T9067] RBP: 00007f1a03c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 315.223473][ T9067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.223489][ T9067] R13: 0000000000000000 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 315.223525][ T9067] [ 316.432265][ T9080] netlink: 20 bytes leftover after parsing attributes in process `syz.3.729'. [ 319.419045][ T9100] netlink: 4 bytes leftover after parsing attributes in process `syz.1.736'. [ 320.266506][ T9119] netlink: 20 bytes leftover after parsing attributes in process `syz.0.739'. [ 321.968926][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.746'. [ 322.083045][ T9143] HfR: entered promiscuous mode [ 322.104973][ T9145] Invalid ELF header magic: != ELF [ 322.298274][ T9148] netlink: 'syz.3.748': attribute type 22 has an invalid length. [ 322.319618][ T9148] netlink: 334 bytes leftover after parsing attributes in process `syz.3.748'. [ 322.706412][ T9155] netlink: 20 bytes leftover after parsing attributes in process `syz.3.750'. [ 323.073015][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 323.073128][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.854936][ T9256] FAULT_INJECTION: forcing a failure. [ 327.854936][ T9256] name failslab, interval 1, probability 0, space 0, times 0 [ 327.906423][ T9256] CPU: 0 UID: 0 PID: 9256 Comm: syz.1.776 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 327.906465][ T9256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 327.906479][ T9256] Call Trace: [ 327.906488][ T9256] [ 327.906498][ T9256] dump_stack_lvl+0x16c/0x1f0 [ 327.906546][ T9256] should_fail_ex+0x512/0x640 [ 327.906577][ T9256] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 327.906619][ T9256] should_failslab+0xc2/0x120 [ 327.906646][ T9256] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 327.906685][ T9256] ? getname_flags.part.0+0x4c/0x550 [ 327.906730][ T9256] getname_flags.part.0+0x4c/0x550 [ 327.906762][ T9256] getname_flags+0x93/0xf0 [ 327.906798][ T9256] do_sys_openat2+0xb8/0x1d0 [ 327.906825][ T9256] ? __pfx_do_sys_openat2+0x10/0x10 [ 327.906858][ T9256] ? __fget_files+0x20e/0x3c0 [ 327.906903][ T9256] __x64_sys_openat+0x174/0x210 [ 327.906932][ T9256] ? __pfx___x64_sys_openat+0x10/0x10 [ 327.906957][ T9256] ? ksys_write+0x1b9/0x240 [ 327.907002][ T9256] do_syscall_64+0xcd/0x260 [ 327.907045][ T9256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.907072][ T9256] RIP: 0033:0x7f1a03b8e169 [ 327.907093][ T9256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.907116][ T9256] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 327.907142][ T9256] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 327.907158][ T9256] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 327.907174][ T9256] RBP: 00007f1a04a66090 R08: 0000000000000000 R09: 0000000000000000 [ 327.907189][ T9256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 327.907205][ T9256] R13: 0000000000000001 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 327.907239][ T9256] [ 328.097303][ C0] vkms_vblank_simulate: vblank timer overrun [ 329.401472][ T9270] capability: warning: `syz.2.781' uses 32-bit capabilities (legacy support in use) [ 331.516937][ T9300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.786'. [ 331.712229][ T9309] netlink: 20 bytes leftover after parsing attributes in process `syz.2.788'. [ 332.229752][ T9312] could not allocate digest TFM handle [ 333.428567][ T9338] program syz.2.795 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 334.938933][ T9359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.801'. [ 335.796972][ T9374] netlink: 20 bytes leftover after parsing attributes in process `syz.0.803'. [ 336.107552][ T9378] FAULT_INJECTION: forcing a failure. [ 336.107552][ T9378] name failslab, interval 1, probability 0, space 0, times 0 [ 336.120548][ T9378] CPU: 0 UID: 0 PID: 9378 Comm: syz.0.804 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 336.120588][ T9378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 336.120605][ T9378] Call Trace: [ 336.120615][ T9378] [ 336.120625][ T9378] dump_stack_lvl+0x16c/0x1f0 [ 336.120672][ T9378] should_fail_ex+0x512/0x640 [ 336.120705][ T9378] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 336.120751][ T9378] should_failslab+0xc2/0x120 [ 336.120779][ T9378] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 336.120820][ T9378] ? alloc_empty_file+0x55/0x1e0 [ 336.120857][ T9378] alloc_empty_file+0x55/0x1e0 [ 336.120898][ T9378] path_openat+0xe0/0x2d40 [ 336.120936][ T9378] ? __x64_sys_openat+0x174/0x210 [ 336.120966][ T9378] ? do_syscall_64+0xcd/0x260 [ 336.121004][ T9378] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.121047][ T9378] ? __pfx_path_openat+0x10/0x10 [ 336.121100][ T9378] do_filp_open+0x20b/0x470 [ 336.121141][ T9378] ? __pfx_do_filp_open+0x10/0x10 [ 336.121209][ T9378] ? alloc_fd+0x471/0x7d0 [ 336.121259][ T9378] do_sys_openat2+0x11b/0x1d0 [ 336.121288][ T9378] ? __pfx_do_sys_openat2+0x10/0x10 [ 336.121322][ T9378] ? __fget_files+0x20e/0x3c0 [ 336.121369][ T9378] __x64_sys_openat+0x174/0x210 [ 336.121399][ T9378] ? __pfx___x64_sys_openat+0x10/0x10 [ 336.121427][ T9378] ? ksys_write+0x1b9/0x240 [ 336.121479][ T9378] do_syscall_64+0xcd/0x260 [ 336.121523][ T9378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.121550][ T9378] RIP: 0033:0x7f1ff7b8e169 [ 336.121573][ T9378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.121599][ T9378] RSP: 002b:00007f1ff8ad5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 336.121626][ T9378] RAX: ffffffffffffffda RBX: 00007f1ff7db5fa0 RCX: 00007f1ff7b8e169 [ 336.121644][ T9378] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 336.121660][ T9378] RBP: 00007f1ff8ad5090 R08: 0000000000000000 R09: 0000000000000000 [ 336.121676][ T9378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 336.121691][ T9378] R13: 0000000000000001 R14: 00007f1ff7db5fa0 R15: 00007ffee6b94b68 [ 336.121726][ T9378] [ 337.092038][ T9381] FAULT_INJECTION: forcing a failure. [ 337.092038][ T9381] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 337.220670][ T9381] CPU: 1 UID: 0 PID: 9381 Comm: syz.0.805 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 337.220718][ T9381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 337.220736][ T9381] Call Trace: [ 337.220746][ T9381] [ 337.220758][ T9381] dump_stack_lvl+0x16c/0x1f0 [ 337.220807][ T9381] should_fail_ex+0x512/0x640 [ 337.220849][ T9381] should_fail_alloc_page+0xe7/0x130 [ 337.220880][ T9381] prepare_alloc_pages+0x3c2/0x610 [ 337.220918][ T9381] ? rcu_is_watching+0x12/0xc0 [ 337.220961][ T9381] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 337.221007][ T9381] ? kasan_save_stack+0x33/0x60 [ 337.221054][ T9381] ? cgroup_rstat_updated+0x2a/0xb20 [ 337.221099][ T9381] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 337.221145][ T9381] ? lru_gen_add_folio+0x1a4/0xef0 [ 337.221177][ T9381] ? __lock_acquire+0x5ca/0x1ba0 [ 337.221223][ T9381] ? __lock_acquire+0x5ca/0x1ba0 [ 337.221260][ T9381] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 337.221292][ T9381] ? policy_nodemask+0xea/0x4e0 [ 337.221336][ T9381] alloc_pages_mpol+0x1fb/0x550 [ 337.221366][ T9381] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 337.221393][ T9381] ? __lock_acquire+0x5ca/0x1ba0 [ 337.221439][ T9381] folio_alloc_mpol_noprof+0x36/0x2f0 [ 337.221472][ T9381] vma_alloc_folio_noprof+0xed/0x1e0 [ 337.221500][ T9381] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 337.221541][ T9381] do_pte_missing+0x223d/0x3fb0 [ 337.221590][ T9381] __handle_mm_fault+0x103d/0x2a40 [ 337.221646][ T9381] ? __pfx___handle_mm_fault+0x10/0x10 [ 337.221680][ T9381] ? __pte_offset_map_lock+0x155/0x2f0 [ 337.221712][ T9381] ? find_held_lock+0x2b/0x80 [ 337.221749][ T9381] ? find_held_lock+0x2b/0x80 [ 337.221816][ T9381] handle_mm_fault+0x3fe/0xad0 [ 337.221863][ T9381] __get_user_pages+0x771/0x36f0 [ 337.221907][ T9381] ? __pfx_mt_find+0x10/0x10 [ 337.221950][ T9381] ? __pfx___get_user_pages+0x10/0x10 [ 337.222000][ T9381] populate_vma_page_range+0x278/0x3a0 [ 337.222043][ T9381] ? __pfx_populate_vma_page_range+0x10/0x10 [ 337.222083][ T9381] ? __pfx_find_vma_intersection+0x10/0x10 [ 337.222112][ T9381] ? do_mmap+0x69c/0x11b0 [ 337.222148][ T9381] __mm_populate+0x1d8/0x380 [ 337.222186][ T9381] ? __pfx___mm_populate+0x10/0x10 [ 337.222225][ T9381] ? up_write+0x1b2/0x520 [ 337.222258][ T9381] vm_mmap_pgoff+0x362/0x450 [ 337.222295][ T9381] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 337.222336][ T9381] ? __x64_sys_futex+0x1e0/0x4c0 [ 337.222374][ T9381] ? __x64_sys_futex+0x1e9/0x4c0 [ 337.222414][ T9381] ksys_mmap_pgoff+0x7d/0x5c0 [ 337.222442][ T9381] ? rcu_is_watching+0x12/0xc0 [ 337.222476][ T9381] __x64_sys_mmap+0x125/0x190 [ 337.222510][ T9381] do_syscall_64+0xcd/0x260 [ 337.222555][ T9381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.222587][ T9381] RIP: 0033:0x7f1ff7b8e169 [ 337.222614][ T9381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.222658][ T9381] RSP: 002b:00007f1ff8ad5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 337.222690][ T9381] RAX: ffffffffffffffda RBX: 00007f1ff7db5fa0 RCX: 00007f1ff7b8e169 [ 337.222711][ T9381] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 337.222731][ T9381] RBP: 00007f1ff7c10a68 R08: 0000000000000002 R09: 0000000000008000 [ 337.222751][ T9381] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 337.222770][ T9381] R13: 0000000000000000 R14: 00007f1ff7db5fa0 R15: 00007ffee6b94b68 [ 337.222814][ T9381] [ 337.730505][ T9388] could not allocate digest TFM handle [ 340.075375][ T9411] FAULT_INJECTION: forcing a failure. [ 340.075375][ T9411] name failslab, interval 1, probability 0, space 0, times 0 [ 340.097456][ T9413] netlink: 4 bytes leftover after parsing attributes in process `syz.3.812'. [ 340.159627][ T9411] CPU: 0 UID: 0 PID: 9411 Comm: syz.0.818 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 340.159674][ T9411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 340.159690][ T9411] Call Trace: [ 340.159700][ T9411] [ 340.159712][ T9411] dump_stack_lvl+0x16c/0x1f0 [ 340.159763][ T9411] should_fail_ex+0x512/0x640 [ 340.159795][ T9411] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 340.159841][ T9411] should_failslab+0xc2/0x120 [ 340.159869][ T9411] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 340.159910][ T9411] ? security_file_alloc+0x34/0x2b0 [ 340.159953][ T9411] security_file_alloc+0x34/0x2b0 [ 340.159990][ T9411] init_file+0x93/0x4c0 [ 340.160020][ T9411] alloc_empty_file+0x73/0x1e0 [ 340.160052][ T9411] path_openat+0xe0/0x2d40 [ 340.160089][ T9411] ? __x64_sys_openat+0x174/0x210 [ 340.160118][ T9411] ? do_syscall_64+0xcd/0x260 [ 340.160156][ T9411] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.160198][ T9411] ? __pfx_path_openat+0x10/0x10 [ 340.160249][ T9411] do_filp_open+0x20b/0x470 [ 340.160290][ T9411] ? __pfx_do_filp_open+0x10/0x10 [ 340.160358][ T9411] ? alloc_fd+0x471/0x7d0 [ 340.160408][ T9411] do_sys_openat2+0x11b/0x1d0 [ 340.160438][ T9411] ? __pfx_do_sys_openat2+0x10/0x10 [ 340.160472][ T9411] ? __fget_files+0x20e/0x3c0 [ 340.160518][ T9411] __x64_sys_openat+0x174/0x210 [ 340.160563][ T9411] ? __pfx___x64_sys_openat+0x10/0x10 [ 340.160592][ T9411] ? ksys_write+0x1b9/0x240 [ 340.160644][ T9411] do_syscall_64+0xcd/0x260 [ 340.160687][ T9411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.160714][ T9411] RIP: 0033:0x7f1ff7b8e169 [ 340.160737][ T9411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.160762][ T9411] RSP: 002b:00007f1ff8ad5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 340.160791][ T9411] RAX: ffffffffffffffda RBX: 00007f1ff7db5fa0 RCX: 00007f1ff7b8e169 [ 340.160808][ T9411] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 340.160825][ T9411] RBP: 00007f1ff8ad5090 R08: 0000000000000000 R09: 0000000000000000 [ 340.160841][ T9411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 340.160857][ T9411] R13: 0000000000000001 R14: 00007f1ff7db5fa0 R15: 00007ffee6b94b68 [ 340.160895][ T9411] syzkaller syzkaller login: [ 341.793032][ T9438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.816'. [ 343.902637][ T9465] FAULT_INJECTION: forcing a failure. [ 343.902637][ T9465] name failslab, interval 1, probability 0, space 0, times 0 [ 343.943879][ T9465] CPU: 0 UID: 0 PID: 9465 Comm: syz.1.823 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 343.943925][ T9465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 343.943941][ T9465] Call Trace: [ 343.943952][ T9465] [ 343.943963][ T9465] dump_stack_lvl+0x16c/0x1f0 [ 343.944018][ T9465] should_fail_ex+0x512/0x640 [ 343.944048][ T9465] ? fs_reclaim_acquire+0xae/0x150 [ 343.944082][ T9465] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 343.944118][ T9465] should_failslab+0xc2/0x120 [ 343.944145][ T9465] __kmalloc_noprof+0xd2/0x510 [ 343.944196][ T9465] tomoyo_realpath_from_path+0xc2/0x6e0 [ 343.944245][ T9465] tomoyo_check_open_permission+0x2ab/0x3c0 [ 343.944279][ T9465] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 343.944354][ T9465] ? do_raw_spin_lock+0x12c/0x2b0 [ 343.944399][ T9465] tomoyo_file_open+0x6b/0x90 [ 343.944444][ T9465] security_file_open+0x84/0x1e0 [ 343.944482][ T9465] do_dentry_open+0x596/0x1c10 [ 343.944534][ T9465] vfs_open+0x82/0x3f0 [ 343.944567][ T9465] path_openat+0x1e5e/0x2d40 [ 343.944621][ T9465] ? __pfx_path_openat+0x10/0x10 [ 343.944671][ T9465] do_filp_open+0x20b/0x470 [ 343.944711][ T9465] ? __pfx_do_filp_open+0x10/0x10 [ 343.944789][ T9465] ? alloc_fd+0x471/0x7d0 [ 343.944841][ T9465] do_sys_openat2+0x11b/0x1d0 [ 343.944868][ T9465] ? __pfx_do_sys_openat2+0x10/0x10 [ 343.944898][ T9465] ? __fget_files+0x20e/0x3c0 [ 343.944942][ T9465] __x64_sys_openat+0x174/0x210 [ 343.944970][ T9465] ? __pfx___x64_sys_openat+0x10/0x10 [ 343.944997][ T9465] ? ksys_write+0x1b9/0x240 [ 343.945045][ T9465] do_syscall_64+0xcd/0x260 [ 343.945085][ T9465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.945111][ T9465] RIP: 0033:0x7f1a03b8e169 [ 343.945133][ T9465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.945157][ T9465] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 343.945185][ T9465] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 343.945202][ T9465] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 343.945219][ T9465] RBP: 00007f1a04a66090 R08: 0000000000000000 R09: 0000000000000000 [ 343.945235][ T9465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 343.945250][ T9465] R13: 0000000000000001 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 343.945286][ T9465] [ 344.342773][ T9465] ERROR: Out of memory at tomoyo_realpath_from_path. [ 344.769703][ T9476] netlink: 20 bytes leftover after parsing attributes in process `syz.1.829'. [ 347.047495][ T9508] FAULT_INJECTION: forcing a failure. [ 347.047495][ T9508] name failslab, interval 1, probability 0, space 0, times 0 [ 347.060825][ T9508] CPU: 0 UID: 0 PID: 9508 Comm: syz.0.835 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 347.060861][ T9508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 347.060872][ T9508] Call Trace: [ 347.060878][ T9508] [ 347.060885][ T9508] dump_stack_lvl+0x16c/0x1f0 [ 347.060917][ T9508] should_fail_ex+0x512/0x640 [ 347.060938][ T9508] ? fs_reclaim_acquire+0xae/0x150 [ 347.060962][ T9508] ? tomoyo_encode2+0x100/0x3e0 [ 347.060985][ T9508] should_failslab+0xc2/0x120 [ 347.061003][ T9508] __kmalloc_noprof+0xd2/0x510 [ 347.061034][ T9508] tomoyo_encode2+0x100/0x3e0 [ 347.061060][ T9508] tomoyo_encode+0x29/0x50 [ 347.061083][ T9508] tomoyo_realpath_from_path+0x18f/0x6e0 [ 347.061113][ T9508] tomoyo_check_open_permission+0x2ab/0x3c0 [ 347.061135][ T9508] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 347.061177][ T9508] ? do_raw_spin_lock+0x12c/0x2b0 [ 347.061204][ T9508] tomoyo_file_open+0x6b/0x90 [ 347.061232][ T9508] security_file_open+0x84/0x1e0 [ 347.061257][ T9508] do_dentry_open+0x596/0x1c10 [ 347.061289][ T9508] vfs_open+0x82/0x3f0 [ 347.061309][ T9508] path_openat+0x1e5e/0x2d40 [ 347.061343][ T9508] ? __pfx_path_openat+0x10/0x10 [ 347.061374][ T9508] do_filp_open+0x20b/0x470 [ 347.061400][ T9508] ? __pfx_do_filp_open+0x10/0x10 [ 347.061440][ T9508] ? alloc_fd+0x471/0x7d0 [ 347.061471][ T9508] do_sys_openat2+0x11b/0x1d0 [ 347.061496][ T9508] ? __pfx_do_sys_openat2+0x10/0x10 [ 347.061517][ T9508] ? __fget_files+0x20e/0x3c0 [ 347.061546][ T9508] __x64_sys_openat+0x174/0x210 [ 347.061565][ T9508] ? __pfx___x64_sys_openat+0x10/0x10 [ 347.061583][ T9508] ? ksys_write+0x1b9/0x240 [ 347.061614][ T9508] do_syscall_64+0xcd/0x260 [ 347.061642][ T9508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.061660][ T9508] RIP: 0033:0x7f1ff7b8e169 [ 347.061674][ T9508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.061691][ T9508] RSP: 002b:00007f1ff8ad5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 347.061714][ T9508] RAX: ffffffffffffffda RBX: 00007f1ff7db5fa0 RCX: 00007f1ff7b8e169 [ 347.061726][ T9508] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 347.061740][ T9508] RBP: 00007f1ff8ad5090 R08: 0000000000000000 R09: 0000000000000000 [ 347.061750][ T9508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 347.061759][ T9508] R13: 0000000000000001 R14: 00007f1ff7db5fa0 R15: 00007ffee6b94b68 [ 347.061780][ T9508] [ 347.061883][ T9508] ERROR: Out of memory at tomoyo_realpath_from_path. [ 347.848863][ T9518] netlink: 20 bytes leftover after parsing attributes in process `syz.2.841'. [ 348.294389][ T9520] netlink: 20 bytes leftover after parsing attributes in process `syz.1.839'. [ 349.179530][ T9532] netlink: 16 bytes leftover after parsing attributes in process `syz.0.845'. [ 349.246904][ T9534] netlink: 28 bytes leftover after parsing attributes in process `syz.2.846'. [ 349.564589][ T9542] FAULT_INJECTION: forcing a failure. [ 349.564589][ T9542] name failslab, interval 1, probability 0, space 0, times 0 [ 349.611276][ T9542] CPU: 0 UID: 0 PID: 9542 Comm: syz.0.848 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 349.611321][ T9542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 349.611338][ T9542] Call Trace: [ 349.611347][ T9542] [ 349.611358][ T9542] dump_stack_lvl+0x16c/0x1f0 [ 349.611406][ T9542] should_fail_ex+0x512/0x640 [ 349.611439][ T9542] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 349.611491][ T9542] ? __pfx_debugfs_u64_get+0x10/0x10 [ 349.611531][ T9542] should_failslab+0xc2/0x120 [ 349.611558][ T9542] __kmalloc_cache_noprof+0x6a/0x3e0 [ 349.611593][ T9542] ? __debugfs_file_get+0x1fe/0x840 [ 349.611621][ T9542] ? simple_attr_open+0x57/0x1c0 [ 349.611663][ T9542] ? __pfx_debugfs_u64_get+0x10/0x10 [ 349.611699][ T9542] simple_attr_open+0x57/0x1c0 [ 349.611734][ T9542] ? __pfx_fops_x64_ro_open+0x10/0x10 [ 349.611763][ T9542] open_proxy_open+0x26f/0x3e0 [ 349.611800][ T9542] do_dentry_open+0x741/0x1c10 [ 349.611840][ T9542] ? __pfx_open_proxy_open+0x10/0x10 [ 349.611879][ T9542] vfs_open+0x82/0x3f0 [ 349.611912][ T9542] path_openat+0x1e5e/0x2d40 [ 349.611967][ T9542] ? __pfx_path_openat+0x10/0x10 [ 349.612018][ T9542] do_filp_open+0x20b/0x470 [ 349.612058][ T9542] ? __pfx_do_filp_open+0x10/0x10 [ 349.612126][ T9542] ? alloc_fd+0x471/0x7d0 [ 349.612176][ T9542] do_sys_openat2+0x11b/0x1d0 [ 349.612205][ T9542] ? __pfx_do_sys_openat2+0x10/0x10 [ 349.612238][ T9542] ? __fget_files+0x20e/0x3c0 [ 349.612284][ T9542] __x64_sys_openat+0x174/0x210 [ 349.612314][ T9542] ? __pfx___x64_sys_openat+0x10/0x10 [ 349.612342][ T9542] ? ksys_write+0x1b9/0x240 [ 349.612393][ T9542] do_syscall_64+0xcd/0x260 [ 349.612438][ T9542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.612474][ T9542] RIP: 0033:0x7f1ff7b8e169 [ 349.612497][ T9542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.612522][ T9542] RSP: 002b:00007f1ff8ad5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 349.612551][ T9542] RAX: ffffffffffffffda RBX: 00007f1ff7db5fa0 RCX: 00007f1ff7b8e169 [ 349.612570][ T9542] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 349.612587][ T9542] RBP: 00007f1ff8ad5090 R08: 0000000000000000 R09: 0000000000000000 [ 349.612603][ T9542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.612619][ T9542] R13: 0000000000000001 R14: 00007f1ff7db5fa0 R15: 00007ffee6b94b68 [ 349.612656][ T9542] [ 349.914551][ T9544] random: crng reseeded on system resumption [ 350.201441][ T9559] netlink: 504 bytes leftover after parsing attributes in process `syz.2.854'. [ 350.214710][ T9559] netlink: 350 bytes leftover after parsing attributes in process `syz.2.854'. [ 351.146483][ T9554] Unrecognized hibernate image header format! [ 351.153111][ T9554] PM: hibernation: Image mismatch: architecture specific data syzkaller syzkaller login: [ 351.523198][ T9579] netlink: 20 bytes leftover after parsing attributes in process `syz.3.859'. [ 352.890247][ T9600] netlink: 504 bytes leftover after parsing attributes in process `syz.3.864'. [ 352.907001][ T9600] netlink: 350 bytes leftover after parsing attributes in process `syz.3.864'. [ 353.289942][ T9596] FAULT_INJECTION: forcing a failure. [ 353.289942][ T9596] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 353.354571][ T9596] CPU: 0 UID: 0 PID: 9596 Comm: syz.1.865 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 353.354619][ T9596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 353.354647][ T9596] Call Trace: [ 353.354656][ T9596] [ 353.354666][ T9596] dump_stack_lvl+0x16c/0x1f0 [ 353.354720][ T9596] should_fail_ex+0x512/0x640 [ 353.354758][ T9596] should_fail_alloc_page+0xe7/0x130 [ 353.354791][ T9596] prepare_alloc_pages+0x3c2/0x610 [ 353.354826][ T9596] ? rcu_is_watching+0x12/0xc0 [ 353.354866][ T9596] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 353.354910][ T9596] ? kasan_save_stack+0x33/0x60 [ 353.354954][ T9596] ? cgroup_rstat_updated+0x2a/0xb20 [ 353.355000][ T9596] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 353.355063][ T9596] ? __lock_acquire+0x5ca/0x1ba0 [ 353.355113][ T9596] ? __lock_acquire+0x5ca/0x1ba0 [ 353.355155][ T9596] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 353.355187][ T9596] ? policy_nodemask+0xea/0x4e0 [ 353.355235][ T9596] alloc_pages_mpol+0x1fb/0x550 [ 353.355262][ T9596] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 353.355289][ T9596] ? __lock_acquire+0x5ca/0x1ba0 [ 353.355338][ T9596] folio_alloc_mpol_noprof+0x36/0x2f0 [ 353.355372][ T9596] vma_alloc_folio_noprof+0xed/0x1e0 [ 353.355401][ T9596] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 353.355444][ T9596] do_pte_missing+0x223d/0x3fb0 [ 353.355496][ T9596] __handle_mm_fault+0x103d/0x2a40 [ 353.355546][ T9596] ? __pfx___handle_mm_fault+0x10/0x10 [ 353.355582][ T9596] ? __pte_offset_map_lock+0x155/0x2f0 [ 353.355613][ T9596] ? find_held_lock+0x2b/0x80 [ 353.355656][ T9596] ? find_held_lock+0x2b/0x80 [ 353.355715][ T9596] handle_mm_fault+0x3fe/0xad0 [ 353.355759][ T9596] __get_user_pages+0x771/0x36f0 [ 353.355808][ T9596] ? __pfx_mt_find+0x10/0x10 [ 353.355858][ T9596] ? __pfx___get_user_pages+0x10/0x10 [ 353.355906][ T9596] populate_vma_page_range+0x278/0x3a0 [ 353.355945][ T9596] ? __pfx_populate_vma_page_range+0x10/0x10 [ 353.355980][ T9596] ? __pfx_find_vma_intersection+0x10/0x10 [ 353.356017][ T9596] ? do_mmap+0x69c/0x11b0 [ 353.356055][ T9596] __mm_populate+0x1d8/0x380 [ 353.356093][ T9596] ? __pfx___mm_populate+0x10/0x10 [ 353.356133][ T9596] ? up_write+0x1b2/0x520 [ 353.356166][ T9596] vm_mmap_pgoff+0x362/0x450 [ 353.356203][ T9596] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 353.356243][ T9596] ? __x64_sys_futex+0x1e0/0x4c0 [ 353.356281][ T9596] ? __x64_sys_futex+0x1e9/0x4c0 [ 353.356325][ T9596] ksys_mmap_pgoff+0x7d/0x5c0 [ 353.356357][ T9596] ? rcu_is_watching+0x12/0xc0 [ 353.356393][ T9596] __x64_sys_mmap+0x125/0x190 [ 353.356430][ T9596] do_syscall_64+0xcd/0x260 [ 353.356474][ T9596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.356502][ T9596] RIP: 0033:0x7f1a03b8e169 [ 353.356526][ T9596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.356552][ T9596] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 353.356580][ T9596] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 353.356600][ T9596] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 353.356619][ T9596] RBP: 00007f1a03c10a68 R08: 0000000000000002 R09: 0000000000008000 [ 353.356646][ T9596] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 353.356662][ T9596] R13: 0000000000000000 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 353.356698][ T9596] [ 354.318663][ T9617] netlink: 21 bytes leftover after parsing attributes in process `syz.1.869'. [ 354.477344][ T9607] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[9607] [ 354.554374][ T9618] FAULT_INJECTION: forcing a failure. [ 354.554374][ T9618] name failslab, interval 1, probability 0, space 0, times 0 [ 354.574321][ T9618] CPU: 0 UID: 0 PID: 9618 Comm: syz.0.870 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 354.574381][ T9618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 354.574400][ T9618] Call Trace: [ 354.574411][ T9618] [ 354.574424][ T9618] dump_stack_lvl+0x16c/0x1f0 [ 354.574479][ T9618] should_fail_ex+0x512/0x640 [ 354.574516][ T9618] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 354.574570][ T9618] should_failslab+0xc2/0x120 [ 354.574602][ T9618] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 354.574646][ T9618] ? __pfx__proc_mkdir+0x10/0x10 [ 354.574677][ T9618] ? nf_lwtunnel_net_init+0x38/0xf0 [ 354.574721][ T9618] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 354.574763][ T9618] kmemdup_noprof+0x29/0x60 [ 354.574792][ T9618] nf_lwtunnel_net_init+0x38/0xf0 [ 354.574834][ T9618] ops_init+0x1df/0x5f0 [ 354.574879][ T9618] setup_net+0x21e/0x850 [ 354.574922][ T9618] ? __pfx_setup_net+0x10/0x10 [ 354.574960][ T9618] ? lockdep_init_map_type+0x5c/0x280 [ 354.574990][ T9618] ? __pfx_down_read_killable+0x10/0x10 [ 354.575025][ T9618] ? debug_mutex_init+0x37/0x70 [ 354.575067][ T9618] copy_net_ns+0x2a6/0x5f0 [ 354.575115][ T9618] create_new_namespaces+0x3ea/0xad0 [ 354.575167][ T9618] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 354.575215][ T9618] ksys_unshare+0x45b/0xa40 [ 354.575261][ T9618] ? __pfx_ksys_unshare+0x10/0x10 [ 354.575320][ T9618] ? __sys_getsockopt+0x15d/0x260 [ 354.575381][ T9618] __x64_sys_unshare+0x31/0x40 [ 354.575428][ T9618] do_syscall_64+0xcd/0x260 [ 354.575475][ T9618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.575505][ T9618] RIP: 0033:0x7f1ff7b8e169 [ 354.575530][ T9618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.575557][ T9618] RSP: 002b:00007f1ff8ab4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 354.575586][ T9618] RAX: ffffffffffffffda RBX: 00007f1ff7db6080 RCX: 00007f1ff7b8e169 [ 354.575604][ T9618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 354.575621][ T9618] RBP: 00007f1ff7c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 354.575637][ T9618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 354.575654][ T9618] R13: 0000000000000000 R14: 00007f1ff7db6080 R15: 00007ffee6b94b68 [ 354.575692][ T9618] [ 356.279957][ T9631] netlink: 20 bytes leftover after parsing attributes in process `syz.3.872'. [ 359.411748][ T9659] netlink: 4 bytes leftover after parsing attributes in process `syz.0.889'. [ 359.468487][ T9661] netlink: 'syz.2.882': attribute type 19 has an invalid length. [ 359.496769][ T9661] netlink: 334 bytes leftover after parsing attributes in process `syz.2.882'. [ 360.597589][ T9677] netlink: 21 bytes leftover after parsing attributes in process `syz.0.884'. syzkaller syzkaller login: [ 361.826496][ T9695] netlink: 20 bytes leftover after parsing attributes in process `syz.1.891'. [ 363.305725][ T9731] netlink: 28 bytes leftover after parsing attributes in process `syz.2.902'. [ 363.542947][ T9731] team0: Port device team_slave_0 removed [ 363.811316][ T9732] tipc: Started in network mode [ 363.848735][ T9732] tipc: Node identity ee00, cluster identity 4711 [ 363.861365][ T9732] tipc: Node number set to 60928 [ 364.482102][ T9743] netlink: 20 bytes leftover after parsing attributes in process `syz.2.904'. [ 364.644140][ T9749] netlink: 20 bytes leftover after parsing attributes in process `syz.1.915'. [ 364.697455][ T9751] netlink: 20 bytes leftover after parsing attributes in process `syz.2.907'. [ 365.557079][ T9784] netlink: 20 bytes leftover after parsing attributes in process `syz.2.918'. [ 365.788418][ T9782] netlink: 20 bytes leftover after parsing attributes in process `syz.3.917'. [ 366.167726][ T9795] netlink: 20 bytes leftover after parsing attributes in process `syz.3.920'. [ 367.071074][ T9802] Invalid ELF header magic: != ELF [ 369.304719][ T9831] netlink: 20 bytes leftover after parsing attributes in process `syz.2.928'. [ 370.288815][ T9841] netlink: 28 bytes leftover after parsing attributes in process `syz.3.932'. [ 370.960932][ T9841] team0: Port device team_slave_0 removed [ 371.121554][ T9847] tipc: Started in network mode [ 371.146547][ T9847] tipc: Node identity ee00, cluster identity 4711 [ 371.173736][ T9847] tipc: Node number set to 60928 [ 372.033301][ T9873] netlink: 20 bytes leftover after parsing attributes in process `syz.2.941'. [ 373.217368][ T9875] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[9875] [ 373.307351][ T9882] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 373.431557][ T9884] udc dummy_udc.0: soft-connect without a gadget driver [ 375.913452][ T9912] netlink: 28 bytes leftover after parsing attributes in process `syz.1.948'. [ 376.245359][ T5849] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 377.259763][ T9912] team0: Port device team_slave_0 removed [ 377.990328][ T9917] tipc: Started in network mode [ 378.020505][ T9917] tipc: Node identity ee00, cluster identity 4711 [ 378.049595][ T9917] tipc: Node number set to 60928 [ 379.124241][ T9936] netlink: 20 bytes leftover after parsing attributes in process `syz.3.952'. [ 379.333808][ T9939] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 379.706373][ T9945] random: crng reseeded on system resumption [ 381.365097][ T9947] syz.0.964 (9947) used greatest stack depth: 19720 bytes left [ 381.774904][ T9965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.959'. [ 384.502269][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.508959][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.313940][T10002] netlink: 20 bytes leftover after parsing attributes in process `syz.2.966'. [ 385.994555][T10008] netlink: 20 bytes leftover after parsing attributes in process `syz.2.968'. [ 388.243876][T10033] netlink: 20 bytes leftover after parsing attributes in process `syz.1.972'. [ 389.676867][T10047] netlink: 20 bytes leftover after parsing attributes in process `syz.1.984'. [ 390.765679][ T9788] syz.0.911 (9788) used greatest stack depth: 19000 bytes left [ 393.053075][ T9771] syz.0.911 (9771) used greatest stack depth: 15848 bytes left [ 393.514231][T10102] netlink: 20 bytes leftover after parsing attributes in process `syz.1.993'. [ 395.160479][T10115] netlink: 28 bytes leftover after parsing attributes in process `syz.2.997'. [ 395.235000][T10115] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 396.644264][T10132] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[10132] [ 397.741026][T10147] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1003'. [ 399.627440][T10172] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[10172] [ 400.528962][T10184] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1016'. [ 401.926930][T10209] busy [ 403.015394][T10207] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1021'. [ 403.199076][T10207] mac80211_hwsim hwsim4 wlan1: entered allmulticast mode [ 405.307996][T10261] Invalid ELF header magic: != ELF syzkaller syzkaller login: [ 418.111638][T10447] random: crng reseeded on system resumption [ 418.130438][T10432] cgroup: fork rejected by pids controller in /syz0 [ 419.585742][T10604] FAULT_INJECTION: forcing a failure. [ 419.585742][T10604] name failslab, interval 1, probability 0, space 0, times 0 [ 419.621502][T10604] CPU: 0 UID: 0 PID: 10604 Comm: syz.1.1081 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 419.621551][T10604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 419.621570][T10604] Call Trace: [ 419.621581][T10604] [ 419.621592][T10604] dump_stack_lvl+0x16c/0x1f0 [ 419.621645][T10604] should_fail_ex+0x512/0x640 [ 419.621679][T10604] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 419.621728][T10604] should_failslab+0xc2/0x120 [ 419.621760][T10604] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 419.621802][T10604] ? __proc_create+0xc3/0x8c0 [ 419.621833][T10604] ? __proc_create+0x2ce/0x8c0 [ 419.621870][T10604] __proc_create+0x2ce/0x8c0 [ 419.621902][T10604] ? __pfx___proc_create+0x10/0x10 [ 419.621940][T10604] ? _raw_write_unlock+0x28/0x50 [ 419.621978][T10604] ? proc_register+0x314/0x5f0 [ 419.622023][T10604] _proc_mkdir+0xb9/0x200 [ 419.622055][T10604] ? __pfx__proc_mkdir+0x10/0x10 [ 419.622097][T10604] ? __pfx_netfilter_net_init+0x10/0x10 [ 419.622138][T10604] netfilter_net_init+0x37b/0x4b0 [ 419.622173][T10604] ? sysctl_net_init+0x27/0x30 [ 419.622219][T10604] ops_init+0x1df/0x5f0 [ 419.622265][T10604] setup_net+0x21e/0x850 [ 419.622310][T10604] ? __pfx_setup_net+0x10/0x10 [ 419.622347][T10604] ? lockdep_init_map_type+0x5c/0x280 [ 419.622376][T10604] ? __pfx_down_read_killable+0x10/0x10 [ 419.622407][T10604] ? debug_mutex_init+0x37/0x70 [ 419.622448][T10604] copy_net_ns+0x2a6/0x5f0 [ 419.622496][T10604] create_new_namespaces+0x3ea/0xad0 [ 419.622548][T10604] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 419.622593][T10604] ksys_unshare+0x45b/0xa40 [ 419.622638][T10604] ? __pfx_ksys_unshare+0x10/0x10 [ 419.622678][T10604] ? xfd_validate_state+0x5d/0x180 [ 419.622712][T10604] ? rcu_is_watching+0x12/0xc0 [ 419.622756][T10604] __x64_sys_unshare+0x31/0x40 [ 419.622799][T10604] do_syscall_64+0xcd/0x260 [ 419.622844][T10604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.622869][T10604] RIP: 0033:0x7f1a03b8e169 [ 419.622889][T10604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 419.622910][T10604] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 419.622942][T10604] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 419.622956][T10604] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 419.622969][T10604] RBP: 00007f1a03c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 419.622981][T10604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 419.622994][T10604] R13: 0000000000000000 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 419.623023][T10604] [ 419.623040][T10604] cannot create netfilter proc entry [ 419.811232][T10614] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1084'. [ 421.887381][T10641] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1090'. [ 423.834683][T10688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1103'. [ 423.870259][T10688] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1103'. [ 427.447626][T10742] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1115'. [ 427.476420][T10742] ipvlan1: entered allmulticast mode [ 427.710315][T10742] veth0_vlan: entered allmulticast mode [ 428.243564][T10742] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1115'. [ 428.755269][T10756] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1118'. [ 428.867228][T10764] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1118'. [ 429.400443][T10768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1120'. [ 429.463790][T10768] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1120'. [ 431.289532][T10803] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1127'. [ 431.427987][T10804] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1127'. [ 431.445835][T10803] ipvlan1: entered allmulticast mode [ 431.451225][T10803] veth0_vlan: entered allmulticast mode [ 431.881751][T10804] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1127'. [ 433.342930][T10843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1137'. [ 435.768548][T10871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1142'. syzkaller syzkaller login: [ 437.462968][ T30] audit: type=1326 audit(4294967407.940:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.2.1148" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa61df8e169 code=0x0 [ 438.071111][T10922] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1152'. [ 438.277814][T10924] netlink: 'syz.2.1153': attribute type 7 has an invalid length. [ 439.025523][T10935] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1155'. [ 441.920575][T10964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1159'. [ 442.100140][T10979] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1161'. [ 443.764913][T11006] kexec: Could not allocate control_code_buffer [ 444.845588][T11032] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1178'. [ 445.939111][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.946459][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 447.542064][T11063] Process accounting resumed [ 449.719896][T11083] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1189'. [ 450.229362][T11094] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1194'. [ 450.847191][T11100] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1195'. [ 453.599140][T11131] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1202'. [ 453.732140][T11138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1204'. [ 455.232615][T11168] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1209'. [ 456.083490][T11179] Invalid ELF header magic: != ELF [ 457.456792][T11211] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1221'. [ 461.095002][T11282] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1234'. [ 462.003623][T11299] vivid-009: ================= START STATUS ================= [ 462.138439][T11299] vivid-009: Enable Output Cropping: true [ 462.194419][T11299] vivid-009: Enable Output Composing: true [ 462.200369][T11299] vivid-009: Enable Output Scaler: true [ 462.264286][T11299] vivid-009: Tx RGB Quantization Range: Automatic [ 462.284137][T11299] vivid-009: Transmit Mode: HDMI [ 462.311626][T11299] vivid-009: Hotplug Present: 0x00000000 [ 462.330233][T11299] vivid-009: RxSense Present: 0x00000000 [ 462.377828][T11299] vivid-009: EDID Present: 0x00000000 [ 462.397912][T11299] vivid-009: ================== END STATUS ================== [ 462.805400][T11317] program syz.0.1241 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 462.865551][ T30] audit: type=1807 audit(4294967433.350:10): UNKNOWN=§ res=0 [ 462.880998][T11316] ima: policy update failed [ 462.932657][ T30] audit: type=1802 audit(4294967433.360:11): pid=11317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.1241" res=0 errno=0 [ 463.003255][ T30] audit: type=1802 audit(4294967433.380:12): pid=11316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1241" res=0 errno=0 [ 463.344205][T11324] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1243'. [ 463.645589][T11338] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1247'. [ 463.674206][T11338] ›: renamed from hsr0 (while UP) [ 464.232901][T11332] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1245'. [ 469.155097][T11402] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1258'. [ 472.200916][T11452] netlink: 'syz.3.1267': attribute type 4 has an invalid length. [ 473.863775][T11478] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1270'. [ 473.981303][T11471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1269'. [ 474.794404][T11493] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1276'. [ 475.221470][T11501] Invalid ELF header magic: != ELF [ 477.144838][T11522] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1281'. [ 479.072177][ T30] audit: type=1800 audit(4294967449.550:13): pid=11545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1285" name="members" dev="configfs" ino=30288 res=0 errno=0 [ 481.255610][T11566] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1291'. [ 481.822478][T11573] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1293'. [ 483.374148][T11590] program syz.0.1298 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 483.416005][T11590] FAULT_INJECTION: forcing a failure. [ 483.416005][T11590] name fail_futex, interval 1, probability 0, space 0, times 1 [ 483.446186][T11590] CPU: 0 UID: 0 PID: 11590 Comm: syz.0.1298 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 483.446236][T11590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 483.446257][T11590] Call Trace: [ 483.446267][T11590] [ 483.446280][T11590] dump_stack_lvl+0x16c/0x1f0 [ 483.446335][T11590] should_fail_ex+0x512/0x640 [ 483.446378][T11590] get_futex_key+0x49e/0x1000 [ 483.446425][T11590] ? __pfx_get_futex_key+0x10/0x10 [ 483.446484][T11590] ? find_held_lock+0x2b/0x80 [ 483.446521][T11590] futex_wait_multiple_setup+0x12f/0x730 [ 483.446564][T11590] futex_wait_multiple+0xe6/0x480 [ 483.446593][T11590] ? __pfx_futex_wait_multiple+0x10/0x10 [ 483.446617][T11590] ? __kmalloc_noprof+0x242/0x510 [ 483.446655][T11590] ? sched_mm_cid_remote_clear+0x411/0x4f0 [ 483.446693][T11590] __do_sys_futex_waitv+0x183/0x2c0 [ 483.446730][T11590] ? __pfx___do_sys_futex_waitv+0x10/0x10 [ 483.446772][T11590] ? rcu_is_watching+0x12/0xc0 [ 483.446814][T11590] do_syscall_64+0xcd/0x260 [ 483.446853][T11590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.446879][T11590] RIP: 0033:0x7f1ff7b8e169 [ 483.446904][T11590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 483.446932][T11590] RSP: 002b:00007f1ff8ad5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c1 [ 483.446963][T11590] RAX: ffffffffffffffda RBX: 00007f1ff7db5fa0 RCX: 00007f1ff7b8e169 [ 483.446985][T11590] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000000 [ 483.447005][T11590] RBP: 00007f1ff7c10a68 R08: 000000000000623d R09: 0000000000000000 [ 483.447025][T11590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 483.447045][T11590] R13: 0000000000000000 R14: 00007f1ff7db5fa0 R15: 00007ffee6b94b68 [ 483.447086][T11590] [ 484.463785][T11586] kexec: Could not allocate control_code_buffer [ 485.371181][T11624] netlink: 308 bytes leftover after parsing attributes in process `syz.2.1307'. [ 485.972604][T11632] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1309'. [ 485.986398][T11635] [ 485.988836][T11635] ====================================================== [ 485.995896][T11635] WARNING: possible circular locking dependency detected [ 486.002958][T11635] 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 Not tainted [ 486.010101][T11635] ------------------------------------------------------ [ 486.017135][T11635] syz.1.1310/11635 is trying to acquire lock: [ 486.023209][T11635] ffff8880334e6858 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 486.032567][T11635] [ 486.032567][T11635] but task is already holding lock: [ 486.039943][T11635] ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 486.049320][T11635] [ 486.049320][T11635] which lock already depends on the new lock. [ 486.049320][T11635] [ 486.059827][T11635] [ 486.059827][T11635] the existing dependency chain (in reverse order) is: [ 486.068857][T11635] [ 486.068857][T11635] -> #2 (rtnl_mutex){+.+.}-{4:4}: [ 486.076103][T11635] __mutex_lock+0x199/0xb90 [ 486.081176][T11635] do_ip_setsockopt+0xf6/0x3240 [ 486.086584][T11635] ip_setsockopt+0x59/0xf0 [ 486.091540][T11635] ipv6_setsockopt+0x155/0x170 [ 486.096862][T11635] tcp_setsockopt+0xa4/0x100 [ 486.101998][T11635] smc_setsockopt+0x1b3/0xa00 [ 486.107213][T11635] do_sock_setsockopt+0x221/0x470 [ 486.112788][T11635] __sys_setsockopt+0x1a0/0x230 [ 486.118190][T11635] __x64_sys_setsockopt+0xbd/0x160 [ 486.123856][T11635] do_syscall_64+0xcd/0x260 [ 486.128915][T11635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.135349][T11635] [ 486.135349][T11635] -> #1 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 486.143994][T11635] __mutex_lock+0x199/0xb90 [ 486.149047][T11635] smc_switch_to_fallback+0x2d/0x9f0 [ 486.154878][T11635] smc_sendmsg+0x13d/0x520 [ 486.159853][T11635] ____sys_sendmsg+0xa95/0xc70 [ 486.165157][T11635] ___sys_sendmsg+0x134/0x1d0 [ 486.170391][T11635] __sys_sendmsg+0x16d/0x220 [ 486.175521][T11635] do_syscall_64+0xcd/0x260 [ 486.180574][T11635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.187018][T11635] [ 486.187018][T11635] -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 486.194801][T11635] __lock_acquire+0x1173/0x1ba0 [ 486.200218][T11635] lock_acquire+0x179/0x350 [ 486.205257][T11635] lock_sock_nested+0x41/0xf0 [ 486.210473][T11635] sockopt_lock_sock+0x54/0x70 [ 486.215783][T11635] do_ipv6_setsockopt+0x204a/0x4420 [ 486.221542][T11635] ipv6_setsockopt+0xcb/0x170 [ 486.226764][T11635] udpv6_setsockopt+0x7d/0xd0 [ 486.232007][T11635] do_sock_setsockopt+0x221/0x470 [ 486.237586][T11635] __sys_setsockopt+0x1a0/0x230 [ 486.243152][T11635] __x64_sys_setsockopt+0xbd/0x160 [ 486.248821][T11635] do_syscall_64+0xcd/0x260 [ 486.253877][T11635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.260313][T11635] [ 486.260313][T11635] other info that might help us debug this: [ 486.260313][T11635] [ 486.270551][T11635] Chain exists of: [ 486.270551][T11635] sk_lock-AF_INET6 --> &smc->clcsock_release_lock --> rtnl_mutex [ 486.270551][T11635] [ 486.284239][T11635] Possible unsafe locking scenario: [ 486.284239][T11635] [ 486.291696][T11635] CPU0 CPU1 [ 486.297068][T11635] ---- ---- [ 486.302444][T11635] lock(rtnl_mutex); [ 486.306441][T11635] lock(&smc->clcsock_release_lock); [ 486.314350][T11635] lock(rtnl_mutex); [ 486.320881][T11635] lock(sk_lock-AF_INET6); [ 486.325402][T11635] [ 486.325402][T11635] *** DEADLOCK *** [ 486.325402][T11635] [ 486.333551][T11635] 1 lock held by syz.1.1310/11635: [ 486.338680][T11635] #0: ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x2042/0x4420 [ 486.348386][T11635] [ 486.348386][T11635] stack backtrace: [ 486.354289][T11635] CPU: 1 UID: 0 PID: 11635 Comm: syz.1.1310 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 486.354319][T11635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 486.354334][T11635] Call Trace: [ 486.354341][T11635] [ 486.354349][T11635] dump_stack_lvl+0x116/0x1f0 [ 486.354384][T11635] print_circular_bug+0x275/0x350 [ 486.354420][T11635] check_noncircular+0x14c/0x170 [ 486.354456][T11635] __lock_acquire+0x1173/0x1ba0 [ 486.354492][T11635] ? do_ipv6_setsockopt+0x2042/0x4420 [ 486.354525][T11635] lock_acquire+0x179/0x350 [ 486.354544][T11635] ? sockopt_lock_sock+0x54/0x70 [ 486.354578][T11635] lock_sock_nested+0x41/0xf0 [ 486.354604][T11635] ? sockopt_lock_sock+0x54/0x70 [ 486.354631][T11635] sockopt_lock_sock+0x54/0x70 [ 486.354658][T11635] do_ipv6_setsockopt+0x204a/0x4420 [ 486.354693][T11635] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 486.354724][T11635] ? futex_wait_queue+0x24/0x220 [ 486.354747][T11635] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 486.354772][T11635] ? futex_unqueue+0xba/0x140 [ 486.354803][T11635] ? __futex_wait+0x323/0x3c0 [ 486.354832][T11635] ? __pfx___futex_wait+0x10/0x10 [ 486.354853][T11635] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 486.354888][T11635] ? __pfx___might_resched+0x10/0x10 [ 486.354922][T11635] ? aa_sk_perm+0x2f4/0xb10 [ 486.354947][T11635] ? ipv6_setsockopt+0xcb/0x170 [ 486.354975][T11635] ipv6_setsockopt+0xcb/0x170 [ 486.355007][T11635] udpv6_setsockopt+0x7d/0xd0 [ 486.355029][T11635] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 486.355064][T11635] do_sock_setsockopt+0x221/0x470 [ 486.355098][T11635] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 486.355138][T11635] __sys_setsockopt+0x1a0/0x230 [ 486.355166][T11635] __x64_sys_setsockopt+0xbd/0x160 [ 486.355191][T11635] ? do_syscall_64+0x91/0x260 [ 486.355223][T11635] ? lockdep_hardirqs_on+0x7c/0x110 [ 486.355252][T11635] do_syscall_64+0xcd/0x260 [ 486.355283][T11635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.355305][T11635] RIP: 0033:0x7f1a03b8e169 [ 486.355325][T11635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.355347][T11635] RSP: 002b:00007f1a04a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 486.355368][T11635] RAX: ffffffffffffffda RBX: 00007f1a03db5fa0 RCX: 00007f1a03b8e169 [ 486.355383][T11635] RDX: 0000000000000030 RSI: 0000000000000029 RDI: 0000000000000004 [ 486.355396][T11635] RBP: 00007f1a03c10a68 R08: 0000000000020002 R09: 0000000000000000 [ 486.355409][T11635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.355423][T11635] R13: 0000000000000000 R14: 00007f1a03db5fa0 R15: 00007ffed3f26ee8 [ 486.355443][T11635] [ 486.635894][T11638] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1310'.