last executing test programs: 11m29.786516744s ago: executing program 1 (id=531): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/udp6\x00', 0x40, 0x0) pread64$auto(r0, &(0x7f00000000c0)='#\x00', 0x653, 0x3) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) (rerun: 32) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async, rerun: 64) mlock$auto(0xfbe8, 0x1000000000000004) (rerun: 64) 11m26.505927168s ago: executing program 1 (id=535): close_range$auto(0x2, 0x8, 0x0) socket(0xf, 0x3, 0x2) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000003640)={r0, 0x7, 0x6}, 0x6, 0x100000) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r0) (async) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'veth0_vlan\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000100aaaaaaaaaa17000079fe010000000000000000000a000500000000000000000008000200", @ANYRES32=r2, @ANYBLOB="05"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) unshare$auto(0x40000080) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r5, 0x0, 0x6) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r7 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) sendmmsg$auto(r7, 0x0, 0x6, 0x401) (async) mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000300), 0x400, 0x1) unshare$auto(0x40000080) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 11m24.813812399s ago: executing program 1 (id=538): r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) socketpair$auto(0xfff, 0x5, 0x10, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-1024kB/stats/split_failed\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000022c0)=""/43, 0x2b) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) fsopen$auto(0x0, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRES16=0x0, @ANYBLOB="2f212abd7800fddb", @ANYRES16=r1], 0x14}}, 0x4000000) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x4, 0xcd81, 0x100000eb1, r2, 0x7bd5) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r4 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_DELAY(r4, 0x80084121, 0x0) r5 = socket(0x1e, 0x1, 0x0) bind$auto(r5, &(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x0, {{0x2}, 0xffffffff}}, 0x66) getsockopt$auto(r2, 0xe5, 0x2, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=0x8000) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) prctl$auto(0x43, 0x17, 0x0, 0x4, 0xfffffffffffffffd) pselect6$auto(0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) shmget$auto(0xa, 0x10563, 0x568d1af2) read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000010c0)=""/4096, 0x1000) 11m19.353582464s ago: executing program 1 (id=554): socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x1000a, 0x400, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0xfffffffffffffffe}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/nvme/parameters/io_queue_depth\x00', 0xa001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000100), 0x8a700, 0x0) socket(0xa, 0x2, 0x88) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/pcm1c/sub1/hw_params\x00', 0x61480, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/irq/15/smp_affinity_list\x00', 0x8c001, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x400c800) madvise$auto(0x0, 0x200007, 0x19) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) clone$auto(0x7fff, 0x200, 0x0, 0x0, 0xf) semctl$auto(0x80001ff, 0x804, 0x3, 0x4) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) 11m11.530888475s ago: executing program 1 (id=564): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) setpgid$auto(r0, 0x0) wait4$auto(0xffffffffffffffff, 0x0, 0x8, 0x0) 11m9.694587896s ago: executing program 3 (id=568): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ovs_ct_limit(0x0, 0xffffffffffffffff) (async) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, 0x0, 0x20040080) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) prctl$auto(0x53564d41, 0x0, 0x0, 0xd, 0xf4ff) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) socket(0x2, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x1, 0x8983, 0x4) (async) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000040), r0) (async) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) writev$auto(r1, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8) (async) socket(0x1e, 0x5, 0x0) (async) sendto$auto(0x3, 0x0, 0x79, 0x2, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) 11m0.444474503s ago: executing program 1 (id=588): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioperm$auto(0xfb, 0x5, 0xe) socket(0x2, 0x3, 0x406) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0xd, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0) r0 = socket(0xa, 0x3, 0x5) r1 = socket(0x11, 0x3, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000000c0), r1) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x404002, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000780), r4) sendmsg$auto_TIPC_NL_BEARER_GET(r4, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x14, r5, 0x1, 0x70bda8, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x40800) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)={0x28, 0x0, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_SCAN_SUPP_RATES={0xa, 0x7d, 0x0, 0x1, [@generic="c733f1a478ca"]}]}, 0x28}}, 0x4000000) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000b40)={0x69c, 0x0, 0x10, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_KEK={0x2d, 0xf2, "0e7960711d747e072d668eb76e6376a91a4aaa34a8caeb09e662dd2cab71a9c49b129e60cf096662db"}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_FTM_RESPONDER={0x1d8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_LCI={0xf4, 0x2, "ed19bb7a547a9fdfe7c9f0ef6af89f379cd7f4670a3c143ef183cab7b0be22de3575c5fe64586a2f9c441539420c49aaf941297021ddb83985c10c4c8073584f43c67e087d08bd430e9852bbb8dd78c6a1816359b5f53c0e76134a6fef3ca55b1b53e69cdb284a19ef4c55c2611cd1487963cb6b696cf4010bed556e4e8d26fddc160a75bb55155e91723cfb571a1dff33b598b1029280a4a152b8c561333aa06489e2039c91bcf853fe069e542de8d9b2858541cc53675d7be30a4912a0d922f3bdf71d10767f88ea94ab6ddc98b3e9fafbfec14dece8474f32f154f773862ae71d2c426559f624aff4146a9a9075a4"}, @NL80211_FTM_RESP_ATTR_LCI={0xd7, 0x2, "2344b6cea7a38458c1a69f32fef678b79ad36be9d872daf6264f4ed78728ec4cab020fc5cd45db0a299d08a8264b181ca42745cae69db3300d070e9e8e5d3f0b26a5067bcaff32cc17cf643e28fe143272797c2f6432087624b8904bf67ce2e9af175002763802246f3e1dfc5fe7923492d8dcf8c8328994d8667a6925834b07e6e2f9d4eb07d8008b82aec0e12d36a0e798096d15c9b892b3906039d58a4caa95bbb37ff089adb8e67fe8ec55233d45d681bee73878a583fc65bd1e4365eac64b228a44d1df5477455a6bc982b18142ab4012"}]}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x21b}, @NL80211_ATTR_IE_ASSOC_RESP={0x472, 0x80, "e83cefac4db902aec2454010d7f517ae5d6cb199722382f44c8182871200de0d4059fc77cb45ca7821049ccfffc34ebc17f74cec4f3b23805ba94dcb5bf5e758fe54b6dd8ef68c63f6c64db9f97510c7140fffe5d4d1bdc2e03f39e42ab5a61992e97c5cf0c2ab36c63f8f56b7fb3735387bc381819118df53663363079c24f8633d740b9f701cc2d079083f6d6fd73ac0473284079cfbd02616a293a8875567ca4d2c78cd7eed7aa32af73217f85083f9ccab1fe1bee67025a8a456ed892107d5790e68b7dd478fb82d0d6f37ce02745968e242a14a5f4cbbeacb2ed7741e009f4f4c5af96cb004b697784ca6eeb09df0a926d633eea5834e9896813b11ca8ddab10712af521a4c898d9861797eb99a129ed4a1aedf39a74f15fd05710b30b712e64eb43604df7b484b8821db3fe9b7c0c5df3e431fad28f4050ee5e2a09c70b0d4ef6afcc5bbab6af055baa8f4a9d152f952772a7bdfd4b228b7a2b06dfb3aae313c424b2ec7e172d453a37ebb2b4b1b3fc443d88296cf7a7c0d37f93b54f9dcd8adc177f948b2b3be500bd6e1934b48b215fc338cbdc8c5e03ed585487900d7c9f058d020b8a0f76be188315bb7636fd9ebbad50c8a141fa9a5c23149c468525e0ad41df6f158e9a2d80888f6ff45c066c404e599c7f7a7082f83a73af271b277644229337ff22497e294616109f66619b972dd447397e6af6c64547eee3c1f9e690703698e8c1b5705ab4bf3a47d1d3aeadc9cfcfcb0073d0c89eb2637a01afb8a2ac5ec2410280efd367d168f2c1cd005921a20cb2a9ed28f5a002fb72e122b8f61efc561586807f19289729e386e4cc8eb6feabdd607d112b95643d2910e42a69f312d29a219f3388f97c71b58a660cbaf66ce221463f55b65a45dc96ca417b69089a3fbb8d3174b0dfa48f86bf028c4fcfc9b79a45c008aab01be3a919ffe90a4f2c0f0b38f1399384a950f8e10d7afc5298de398df314f0c3ed8754a4ceb35dc7d81435053afff5dbd697ffde416df8b6536d544bf1c06dfa5adef628335716475025c9870b0489cf27f75b3b9e5fc6cde2504a509c72b8a1bb6c8d443929187f0cbbe16c1dee1835ca501e808cabd4ac6e9d9b435bfadf3346cfb7af72ca3a1bae38cb5dd14ac4457ed9b9108fc3e2c752539e0faf43cd5ab9c172e7c682afefecb2481c2161f3548b1cca7d73901c3509549b0f0fe892da3540078e9755f783e8a364663a0338b380fdee530e2e3547f6bd479b717f8aa9ac77f2e3ff51501b445496a60ec1637a58d1589328356faaf36cbefbde1fd2ead97b8a83fe092c0c2b746e494b1ba329faa8f8d8bf276ba1fd194a3db46b549a546cfbebf4d19faf3f16f556d33d5cec86a23908a112f0e5f1350becc61e6f99812625bd591d75784aee988030f28dcc138f837159931a5f132cb2278ae85cde56c804d7ca93ecc8c97c6fc11eb505de6d31937ad2f4d67937ae0dec067a013cc210d5446139edb41b742c3560dc836e933b2bce0bb31893b82da34bd0d97547f4a5f4e086c3f6860f5175e78dd899e36b5927d4835db084372630b312e7a73b437edec464040052cde226408f5aad42147"}]}, 0x69c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8004) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) fsopen$auto(0x0, 0x1) 10m59.43546134s ago: executing program 3 (id=592): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x20400, 0x0) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x7ff, 0x4, 0x4, 0x9b72, 0x7, 0xfffffffffffffff9) open(0x0, 0x22240, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/block/ram11/queue/discard_zeroes_data\x00', 0x80800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000180)=""/187, 0xbb) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x3, 0x4, 0x4, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x5, 0x100e3, 0x1010, 0x2, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x2fc) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) read$auto(0xffffffffffffffff, &(0x7f0000002840)='\x00', 0x10000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) readv$auto(r0, 0x0, 0x10) ioperm$auto(0x7, 0x6, 0x1) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) 10m52.207217113s ago: executing program 3 (id=611): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc) io_uring_setup$auto(0x6, 0x0) r0 = clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x7ffe) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001d80)=ANY=[], 0x1374}, 0x1, 0x0, 0x0, 0x200480d0}, 0x20040000) r3 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r4 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r4, 0x0, 0x1) write$auto_proc_clear_refs_operations_internal(r3, 0x0, 0xffffff4b) fstat$auto(r1, &(0x7f0000000240)={0x8, 0x4, 0x9, 0x0, 0xee01, 0xee00, 0x0, 0x1, 0x45, 0xd9b5, 0x0, 0x0, 0x7fff, 0x9, 0x8000, 0x2, 0xa}) shmctl$auto_SHM_INFO(0x7, 0xe, &(0x7f0000000080)={{0x753, 0xee01, 0x0, 0x1, 0x2, 0x1, 0x2e31}, 0x10001, 0xfffffffffffffffb, 0x9, 0x687, @inferred=r0, @raw=0x3, 0x9, 0x0, &(0x7f0000000300)="dfbb9dc3f26e5a1e96b5ac9bb442c56fe75641fc2c1518bc718fee694dddc7ee6620bedc07eba25ae91fd1c7ef8cd2ab34d3f41e9eaa0c9c5b8a12e7ac771b00550a538b05f35179b9939b6c674061a94ad658854007cc30da907a388fcc6b10b392529849301d6b6e30132d453b2636a22eda88295108397760541000a9f546a0602373379702b59f9394a3", &(0x7f0000000640)="deb05bf8316068af3ef75a1321006c072ec102599ac894b7986b9cac050e47ae3b55be4631b47903c916799b641a05fde826beadd7c6dc675f4e35d731d86d7f0ecec73a3985cab738ab0eee14c0e172cef3b2e8c9b80107a494bb6f5cb671591d8420b98a94b77761d63f2a8e01c9eeb15af31ea1fe607eb3a3ea75b292d1a643a8ae6547180c0b15686dfe5258989ce2a1fcd00c45e01b95fb4b98244f2e24f69e94e64432bc2b0b8d88ab596be8f60bc2f62a7c52ff3bc2eb87ce9186e9fee6b50362e84969bc80cb76676749e367cca71a545c0ce81a19322514540205f602767ca24e9c23e7ff3468802158177c13ec0539af095847233c71915c5109246264670ca34a778b7c5affcd271a6265952d303b1b1a7503a969c33b02297e8daaaec0abf62205600bb8f241758e703be8caadb6d6e03f007b1365d9a20ad31d7e758ee70d4c7656419792e860bf30cac825e93f1472b74cf4fc360d0cb8363a40c03d2a30a14f18b189692f202a17376872c5be66a8bd92eb59840e8ba4b2283b88123a387d109171fbb5ca540ac1422a6e21b4ed0b6512ec16bf35d3e2cc4984603ffa36e1053587aa15272f274699ef14074bce3ca45ed7bcbbfada3db0ffc5d99c021c67a4346372076fe64652a18bc671a125dab7c4db168123021b8ba9d7b3fe5b51882201d78bc2137da2e0cde469963b7e5587c641e8543a4711e4e92847bffa584eb465e37fc6847808c82525b86eba97a93ec90436ee9b3a8e5ac30ee00388c15c21413483f93e7492f5e99e5e401243405322cc79e8066fbaca97718af9883eff32473af273baeaa3b4c9641fd6b15b45e3790be12b278c55160f7b241e1aa07c22f6444e0f570e79bf65fb4319d7f3c459e8844e366f3e67d8538d27b9f772dfac86a965f5e82891a19b4ff936ea0114e470dfa6d3e6a3c28acf11f1a85a3ab8c29dbefb04d4f5b4559a3c364909b238e8a9ca431a72dda080641e10ce91df85b4053417e74afca32c6259b8f83d007ce557d74ee7b901b7ec964a3a2cb8b932e6cc2c4814d37b9ab86e4ad4840aa131a4b7fd2224e663acc7d66c794fdb6e3a819353c993ada53007f0ac1f723b4c578977516b4d580b6207afda291a56030165be947b9d55e41df6266a28355f95aa763b745a984e417a88f8601a008faf6727525734fa0a5e8637dd8377c3a89297465584ac83d00bf4c8172dcb2b7afbd2d060d40bae5242eebaac3dab5f3a35167fcb5f078a12808c076a14bbee10faf82565a07690abfdafa2c01e3add8fd7b2e0289a0e3f98f3fcaf2011dde14436786b2607728f33a6d38c52f5fb31bccdf205b699f408118d2cee955b796179ab02509a3334733a9cf5d8e9d6e3ce343a9d179f5fb92573eeaecb68eb6cf330bb110d57528d183cc4c2fa17046cef1ac31f45d2e3ec7ee8b647e33cce8acebbeca6662c62124a530da945b6eb74c41e17129859500fc46deb552fcdc948218ea3f08cede958da339f5d0493764ccb4031bbc540d5169e9f716fc6ceda698486e8b7ab4dc6366d15f021486d61f6567fe5372e693bab6e411b4370602442711bf746fc2ad44a30fcd8d419eed09c86c3233a9cd596c3a6e8e19cb2c98c403421965758b44f5846fea57676a5c954ce32504e1bf1df897dff66c746144b17c21b8f0af91a1a0dc8293ba8c5133fe78e3c891af27607329a1b89bce307761316d238efe84905a94b178b4d92e9d87451543d04ead5e869a3b2a27549651090db4113e724c00554a14e04904a1a612156f444a081edfd2674bbfe4e920c09adc729d286bc03cee8c0749d0be22072189380f3d450316f7c8528f48d0d63c7b905a4a3cb18cd703859c01117b88885c286220a8947643bd112dceb8cf34fcda20485731788f289eaea1a3a29de11a25f7326b78c6fa870ea1cd1c2b7f8b5e7b1d2c5b966cb8233cf58137123341d7f977ebe7380bd4e9622a33c5fe084f417eaf38ac588f9315133198a06d7c31df2c2a0c9cb0c92cc0ee7a787792e6ed6c0c9e47d9a78a07325d993db869ea4c98b0fc054b3d65f7dc69eddd41d03bff3de6b628a0f597ac681b585dc0a446820b3d64d4be8b8bb48508fbccca392b7a6a5c7844c4d636a8a4b7915a1614435679fed1fb3f3f30fbecf44ec954ab3b15cf843658d6dafc6885f8c5a1a8f8ba187073a69941bd73c56f7d7f94ea08ba13d99d3913f83446f8365e3b7221dcc76e44796ee4042bb6b788696ab486fdd7fa4f479f2413318e09af1540ed69ee6a3f8bbbcbcc8a4b8ea6bdf07d2a0621e66ad9c711a5fcc1eb8d1bbba3d2a7a076ee329abcfead852bf1b91f73d4469a0f1fe65a12521aeff6ea7a7715642996373fa40e32b24458bc9ce47efd28afacda69e8676488981765a58037cfd97a9c19cd0cd1749c9b5c8e1db1e941baf1ff7ffc90cfd2ab79bb00034c8f79bb6a937f28f8f642f85c4ab2f108a289e6679bc0df560e7f7e4a2406c0aa1978e61421a3781fb73f9d59a69544914c8787c69a859817e6209aebded0d29cc986e283d10c7f044867feea85f26cdbbfaa8e3d67293189b1d0da284042041ff43ee849b337579b1ea28cf436e1957ed099559976631867422d70127667c70cc28e4afd9b9f8e1c54b6e37e2b505ddc0660f0d2531f3aca582e58f4f61bbb953a07b6fac443ed8c52ff20e341d4f284e41e231b7886b359d2e5072b5f1203053ebb84e5b222976c0ecc330aaf663a979b94d42ce8db2409d45689e3ccd7d52b8310a0db4d8de49fdfa9d0016f01fca42204dbf4fa17683819fdc032f804a14aa77a78dd353147f608bbb9e3858fe97566b33fa962d2b097a83eef40ebddc8044a3b2a43e3cd9ffb701b0c2f0350d7bf2481f0790b0f0f84bdff1934d3adc7a23a7a4ff1b0e72e4903eb7bd841c6bd4c8aa6c8c2cfd04a65ba6118e482226a88340d6b2273f9246eee969f65b3f4d71d1bc0f921753d91a4036377532aef865d103aaf79ecdcdd07494d5cbf436254bb5b9be2f638a16f0242bd8dbe6a83d656a1a809f98c7b9fae70e1601678bb7b2904cee1cfb4d82d7ac566f7552a3a0b50b0663fffd2e6cb2cb8b6e922e2169a7c6fe34272bdbc61ef0b22ef7488b9155fd8790ec2871856efc590e0c5727385c5a8bd26c2b1a857aba1859691ecfc2da84804ac8c7be859f2f5189b456ef9cdc0ce8bb112ec4527a2086ad6a9da600a508acaecd5e0a286ceca5a8347fd78c2470162dac72e4db5f76008a31394a8d10f7efe0c9c92c80be0f94a8a65c2f16fa0e3e57c4f61ad77fe2bbf6526d855134cc636015c31e8d940b8a2bd63a7733b0d022a64f6e3534f32de6cd0c37c84aee095f1d52ac4fd4d58e3a0bd1de87f80d2e497f139ff74e4c337e4293b8025ff2e323e2fc3f2b7b5a76a41a803b0d76f95f13fe57122bdf5418f4b19b0687cdb7f67ed1894f71c734c2d426b3e36cfb8ebea160fa662fb5e1d5a38d95f9aa9236d0abae0de123bd8c695ee910ac4d6952bb0d95b51d1b1d2af0e2e85d6e12e08bfcd5fb7fb169f34baaac268e866ef7111b66b1025032f323ce7fc43fa57620efc8c4361733573b1266e4b658610150795f55ee7c5a104ac5b15444e401fd2a45567a24e285502dd9591300a1225814d03044af306a3faf025deb97d827a744c172b6cc2a180a99380a9e592eaa6c1ca7a0ff5df743ef270717f97f399417f8775483c7e58c4735ecf5dea8bd4144433c372967ad039d471fb47fcd580cba021bb5d2499a2112dcde8bea3bc7af24d7289c50af0ef944d1d600883363a362b6fa3936c52696a471ce3e81ea0cda53f99e730610e8dc298c086af9495961dcd1cc916898fec734002a75ab6e82cc1ff547f08eda1298f713e1b74139d0b9eab3d46c3bad2d7cd616043807e44fe825c570d8eaf2f7cc33419fa219217932272303177e66af31bde4bfaf3d12f2610e1ee6eefcec61f3f9752bc494dbffe3f2564d01ef4117eddf7f471fbf619b0b3a5a85d128e64ffc0bcbe8f1b37d1e70e53299507b0d76eef0dfde53e79fedc8c38350a92dc7faef6a84b9bfb809f7d5ab1125544eccbb016c5b14adbf2efe11203b688e813039ca68a7abec800fe108cf553a2c17f230da845b56b35d262a8722b5115a0c973fb5f991be99813ca84d0058a38bfd66722c87d8dc612b5e6ddbd713861ce086345bcb989fb40b8d21d4254202fd9158bd38b0fe1a4276ca28e059e9ff16117c38f6168033a8b83e26842c11d96ad28a1a3e13518a85d2c275de2fe312e76a92bf595c2b2ff9eaa2ead7b6ddbcefa974416894680373c8cc05e52db5e1a47879ccdee69eba633cd30c9cf345ee919d0acd84b085de89aea5884c4c45125b96a55f330b096f29071ccfaeebc5575acca797b9ef5676941842048d67f64e00027d5da8e213ae5e17274564e8b34b15df45fb512a7deb9d75116af82524717a43ca26cc4c310c69f2a32ffc3b6691e2b363b58af74100bfed2132391d9f867fdb485c708986b9424b354dd1cce427c72637af4a4e319c5df3b0e71569a8f8a3e9f5a962548fefd6e064f284d34e6709e4c5127c90b78e7d5cc9cf6618617a2b653f5c5a7fd0b39a10cfd7e3e3759ed25fac9d4ad2f40b1de47fed4b5c54ae291ae0845e0fea5112b93665d794291d48ad912964cb2a69b0e3f67d3ed15451c20092516bf49cd3fdbd212ee2b6fa474a3c774000de111365d1be9f2b923b357c6cb0a3c597913d20c37f5e72ff21b14d08c422364a1042770d5705f5745c9d424dc374cbfa8ef890b692742bb06b0ecd66b1af1a8da1c3eb7009885382cea248014138f4c75542807975f45d4f722660bc5bb8064b9350cccb8eaf6a56c037b9c90260c156e033b43c0c91176cb7f0018c52364d4f68daa0e239fd11541c8e558f21261ace08f15566ea8592278efd4770a4f715bd693caf04df7513bf3bdde8391d8f7a243ca40e8d3ed29fbb528e911d9519e0b5d68310c03a57fa98f4d0ab699f6197dc918e8d598dcceea300dfac8f8d0d0b36ec4c7d7026113cea1a46fdcee2ecf4fc6ade753e05cba281d352e31abdca02690ede49c8e50288cbb61158c6756d568111b9cba3f843cb3d6ba6070686eeb716221710e2385d8d5612081ce0c71d7e6279092c19f82fbbd3304b47b68e2c0833fe02c15dbb77a2e1910f8646338f95b84705ffbf7ca67c9971603f52cfc5e87aa6dff02501c141a261cdbc051c8ec30fbbbd58e99b3d9b2fad1b036161bb4f18cc744bf64199f90dbab7f27feafa1860fdc6f1c8279de6c4a0326e9b8a735097baa66666d0e3abb79809401197714347cad32f5334dcb179511e904cefa887bc24fb912fbf78ef3f41d26ad97a05a3676e18ce460e0b23dec0bbf7e219e9b0c979ef813d41a236979ca3c9a139ef619a25c22de263abe48b51242bc3e15e7dac8be83b3e0e6be304fbffb72276174ad21ca9ee189fc8e5fd6a88710464c0404b8d2f9e4b91439f20eb95c0e78be4fea16834d0464810f1b7735bb5ad092be8a8cb2aed239736001024f24bda07fa20a406fcc0e38b9e2e9d29db4cfd87346ea6ccadd6bd5ea838b7ceedccf0f5945d7ab8c7a26f8474c16254afd6802752d9d45132cab0ef90b1f8cdef68c7d52cb6de115c2add6a6c49651c881da42e0588ba23e937fb507b20b466e834afd37f3aa6d93a1fdc5a2e331dddf8c69bc99dbdd797969ebd029e3272b00be793acb0fe67efd9389dc1d7e4a62f435fbc10c8550b410ffa07441f60406d164b180934b8b9bace"}) keyctl$auto_KEYCTL_PKEY_QUERY(0x18, 0x0, r5, r6, 0x0) connect$auto(0x3, 0x0, 0x55) r7 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) ioctl$auto(r7, 0x2277, r7) syz_clone(0x1040080, 0x0, 0xffffffffffffff20, 0x0, 0x0, 0x0) 10m44.789903077s ago: executing program 32 (id=588): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioperm$auto(0xfb, 0x5, 0xe) socket(0x2, 0x3, 0x406) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0xd, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0) r0 = socket(0xa, 0x3, 0x5) r1 = socket(0x11, 0x3, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000000c0), r1) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x404002, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000780), r4) sendmsg$auto_TIPC_NL_BEARER_GET(r4, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x14, r5, 0x1, 0x70bda8, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x40800) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)={0x28, 0x0, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_SCAN_SUPP_RATES={0xa, 0x7d, 0x0, 0x1, [@generic="c733f1a478ca"]}]}, 0x28}}, 0x4000000) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000b40)={0x69c, 0x0, 0x10, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_KEK={0x2d, 0xf2, "0e7960711d747e072d668eb76e6376a91a4aaa34a8caeb09e662dd2cab71a9c49b129e60cf096662db"}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_FTM_RESPONDER={0x1d8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_LCI={0xf4, 0x2, "ed19bb7a547a9fdfe7c9f0ef6af89f379cd7f4670a3c143ef183cab7b0be22de3575c5fe64586a2f9c441539420c49aaf941297021ddb83985c10c4c8073584f43c67e087d08bd430e9852bbb8dd78c6a1816359b5f53c0e76134a6fef3ca55b1b53e69cdb284a19ef4c55c2611cd1487963cb6b696cf4010bed556e4e8d26fddc160a75bb55155e91723cfb571a1dff33b598b1029280a4a152b8c561333aa06489e2039c91bcf853fe069e542de8d9b2858541cc53675d7be30a4912a0d922f3bdf71d10767f88ea94ab6ddc98b3e9fafbfec14dece8474f32f154f773862ae71d2c426559f624aff4146a9a9075a4"}, @NL80211_FTM_RESP_ATTR_LCI={0xd7, 0x2, "2344b6cea7a38458c1a69f32fef678b79ad36be9d872daf6264f4ed78728ec4cab020fc5cd45db0a299d08a8264b181ca42745cae69db3300d070e9e8e5d3f0b26a5067bcaff32cc17cf643e28fe143272797c2f6432087624b8904bf67ce2e9af175002763802246f3e1dfc5fe7923492d8dcf8c8328994d8667a6925834b07e6e2f9d4eb07d8008b82aec0e12d36a0e798096d15c9b892b3906039d58a4caa95bbb37ff089adb8e67fe8ec55233d45d681bee73878a583fc65bd1e4365eac64b228a44d1df5477455a6bc982b18142ab4012"}]}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x21b}, @NL80211_ATTR_IE_ASSOC_RESP={0x472, 0x80, "e83cefac4db902aec2454010d7f517ae5d6cb199722382f44c8182871200de0d4059fc77cb45ca7821049ccfffc34ebc17f74cec4f3b23805ba94dcb5bf5e758fe54b6dd8ef68c63f6c64db9f97510c7140fffe5d4d1bdc2e03f39e42ab5a61992e97c5cf0c2ab36c63f8f56b7fb3735387bc381819118df53663363079c24f8633d740b9f701cc2d079083f6d6fd73ac0473284079cfbd02616a293a8875567ca4d2c78cd7eed7aa32af73217f85083f9ccab1fe1bee67025a8a456ed892107d5790e68b7dd478fb82d0d6f37ce02745968e242a14a5f4cbbeacb2ed7741e009f4f4c5af96cb004b697784ca6eeb09df0a926d633eea5834e9896813b11ca8ddab10712af521a4c898d9861797eb99a129ed4a1aedf39a74f15fd05710b30b712e64eb43604df7b484b8821db3fe9b7c0c5df3e431fad28f4050ee5e2a09c70b0d4ef6afcc5bbab6af055baa8f4a9d152f952772a7bdfd4b228b7a2b06dfb3aae313c424b2ec7e172d453a37ebb2b4b1b3fc443d88296cf7a7c0d37f93b54f9dcd8adc177f948b2b3be500bd6e1934b48b215fc338cbdc8c5e03ed585487900d7c9f058d020b8a0f76be188315bb7636fd9ebbad50c8a141fa9a5c23149c468525e0ad41df6f158e9a2d80888f6ff45c066c404e599c7f7a7082f83a73af271b277644229337ff22497e294616109f66619b972dd447397e6af6c64547eee3c1f9e690703698e8c1b5705ab4bf3a47d1d3aeadc9cfcfcb0073d0c89eb2637a01afb8a2ac5ec2410280efd367d168f2c1cd005921a20cb2a9ed28f5a002fb72e122b8f61efc561586807f19289729e386e4cc8eb6feabdd607d112b95643d2910e42a69f312d29a219f3388f97c71b58a660cbaf66ce221463f55b65a45dc96ca417b69089a3fbb8d3174b0dfa48f86bf028c4fcfc9b79a45c008aab01be3a919ffe90a4f2c0f0b38f1399384a950f8e10d7afc5298de398df314f0c3ed8754a4ceb35dc7d81435053afff5dbd697ffde416df8b6536d544bf1c06dfa5adef628335716475025c9870b0489cf27f75b3b9e5fc6cde2504a509c72b8a1bb6c8d443929187f0cbbe16c1dee1835ca501e808cabd4ac6e9d9b435bfadf3346cfb7af72ca3a1bae38cb5dd14ac4457ed9b9108fc3e2c752539e0faf43cd5ab9c172e7c682afefecb2481c2161f3548b1cca7d73901c3509549b0f0fe892da3540078e9755f783e8a364663a0338b380fdee530e2e3547f6bd479b717f8aa9ac77f2e3ff51501b445496a60ec1637a58d1589328356faaf36cbefbde1fd2ead97b8a83fe092c0c2b746e494b1ba329faa8f8d8bf276ba1fd194a3db46b549a546cfbebf4d19faf3f16f556d33d5cec86a23908a112f0e5f1350becc61e6f99812625bd591d75784aee988030f28dcc138f837159931a5f132cb2278ae85cde56c804d7ca93ecc8c97c6fc11eb505de6d31937ad2f4d67937ae0dec067a013cc210d5446139edb41b742c3560dc836e933b2bce0bb31893b82da34bd0d97547f4a5f4e086c3f6860f5175e78dd899e36b5927d4835db084372630b312e7a73b437edec464040052cde226408f5aad42147"}]}, 0x69c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8004) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) fsopen$auto(0x0, 0x1) 10m42.930143109s ago: executing program 3 (id=626): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001980)={0x3c, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x5}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0xfffffffffffffffc, 0x20009, 0xdf, 0xeb1, r0, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x46, 0x0) mmap$auto(0xffffffff, 0x8, 0x8, 0x10, r2, 0x7) close_range$auto(0x2, 0x8000, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x22a40, 0x0) fsconfig$auto(r2, 0x3, &(0x7f0000000200)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96\fd\xa3\xf9&\xc9~\x10\x06X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8\x06\x00\x00\x00z`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x1b\x9d\xd4\x99_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\x06\x00Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2zsx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\xedFx\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\x03\xe2T\xea\xa0\xba\xd7R8T\x00\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3WYX\x8a/\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2', &(0x7f0000000580)="de", 0x0) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/key-users\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0xf42c, 0x400) 10m42.688467625s ago: executing program 3 (id=627): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) rt_sigaction$auto(0x5, &(0x7f0000000140)={&(0x7f0000000040)=0x0, 0x9, 0x0, {0x81}}, 0x0, 0x8) r0 = gettid() sched_setaffinity$auto(0x0, 0x9899, &(0x7f00000000c0)=0xf19d) ioperm$auto(0xefdd, 0x4, 0xfffffffa) rt_sigqueueinfo$auto(r0, 0x1, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) ioctl$auto_TIOCCONS2(r1, 0x541d, &(0x7f0000000200)="8edb8d492455fd3ea7fe6b256e79efc11a9cbf1dfe543eebcb6f4e56b7ecf54e60d81e3b494e226e6e290c7210c0338f49ff54abf6c4937c070b5abe0b5f940b2c47474f2fc1054b9c7c53efc70b0511d8ecb8e8322e718463c7597aaaa54ba262f99b1c4280394caaa74c651324648c3c901b287c0d43e5ee60ff8e757a6378e446f6669902dae9") 10m42.320744749s ago: executing program 3 (id=628): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/1/msr\x00', 0x80080, 0x0) socket(0x11, 0x80003, 0x300) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyc3\x00', 0x0, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x20a000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) open(0x0, 0x2a4c0, 0x20) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x3e, 0x0, 0x1ff) finit_module$auto(0x3, 0xfffffffffffffffe, 0x2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) timer_settime$auto(0x7fff, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x480008, 0x100000000df, 0x9b72, 0x2, 0x8000) 10m26.241391882s ago: executing program 33 (id=628): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/1/msr\x00', 0x80080, 0x0) socket(0x11, 0x80003, 0x300) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyc3\x00', 0x0, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x20a000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) open(0x0, 0x2a4c0, 0x20) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x3e, 0x0, 0x1ff) finit_module$auto(0x3, 0xfffffffffffffffe, 0x2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) timer_settime$auto(0x7fff, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x480008, 0x100000000df, 0x9b72, 0x2, 0x8000) 5m39.691903974s ago: executing program 0 (id=1747): mmap$auto(0x0, 0x2020009, 0x3, 0xeb5, 0xffffffffffffffff, 0x7fc) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x101800, 0x0) ioctl$auto(r0, 0x80045440, 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) r2 = memfd_create$auto(0x0, 0xe) socket(0x2, 0x1, 0x106) futex$auto(0x0, 0x7, 0x4, 0x0, 0x0, 0xffffe459) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x200}, 0x55) setsockopt$auto(r2, 0xd21, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0xf6fd50bd48364b4c, 0x2, 0x2}}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e24, @rand_addr=0x64010102}, 0x54) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) socket(0x2, 0x5, 0x0) socketpair$auto(0x1e, 0x1, 0xfffffffe, 0x0) syz_genetlink_get_family_id$auto_batadv(&(0x7f00000001c0), r3) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_TCFLSH2(r4, 0x8926, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) close_range$auto(0x2, 0x8, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8202, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) futex$auto(&(0x7f0000000100)=0xf6, 0x8, 0x187e, &(0x7f0000000140)={0x80000006, 0x953}, &(0x7f0000000180), 0x80000001) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fanotify_init$auto(0x5, 0x0) 5m31.647446737s ago: executing program 0 (id=1778): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0xa, 0x801, 0x84) adjtimex$auto(&(0x7f00000005c0)={0x4, 0x0, 0x0, 0x8, 0xd4, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8, 0xfffd}, 0x1, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628b, 0xa747, 0x5, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) ioctl$auto_UI_DEV_CREATE(r3, 0x5501, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r4 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0x0, 0x2020009, 0xfffffffffffffffb, 0x12, 0xfffffffffffffffa, 0x8000) msgget$auto(0xa, 0x77d9) msgsnd$auto(0x7, &(0x7f0000000140)={0x6, 0x9}, 0x8001, 0x7) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyq9\x00', 0x1, 0x0) getpeername$auto(r4, &(0x7f0000000100)=@ax25={0x3, @bcast}, &(0x7f0000000180)=0xfff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r5 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r5, &(0x7f0000000440)="110000000100"/17, 0x11) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) 5m22.191415831s ago: executing program 0 (id=1795): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/snd_hda_intel/parameters/power_save\x00', 0x80002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) pipe$auto(0x0) r1 = socket(0xa, 0x5, 0x0) r2 = getsockopt$auto(r1, 0x84, 0xc, 0x0, 0x0) ioctl$auto_I2C_SMBUS(r0, 0x720, 0x0) fdatasync$auto(r2) 5m16.758128457s ago: executing program 0 (id=1809): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/mqueue/msgsize_max\x00', 0x101201, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, r0, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) r4 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x40047452, 0x0) r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x1d, 0x8000000000000001, r5, 0x5, 0x1) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000240)={"6a487939bcccc992e4f4fc41570fec3af111ac217c46865fe8631b955c73b383", 0x1ff, 0x8, 0x2, 0x5, 0x7, r5}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r7 = socketcall$auto_SYS_GETSOCKNAME(0x6, 0x0) fcntl$auto_F_GETOWN_EX(r7, 0x10, 0x0) r8 = getpgid(r6) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto_PR_PPC_GET_DEXCR(0x48, 0x1, r8, 0x81, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/usb/drivers/imon/remove_id\x00', 0x88002, 0x0) r11 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0) write$auto(r11, &(0x7f0000000000)='\"\x81=\xe2\xad\xff\xf1y\xb3\x1d]\n\xcf\xfa\xee@\"', 0x81) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x28, r9, 0x13, 0x70bd2e, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r12}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894) sendmsg$auto_NL80211_CMD_TDLS_MGMT(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="000128bd7000ffdbdf2552000000050039010600000004001601060048000200000008000200275e27000500f600030000000600ab0001000000"], 0x40}, 0x1, 0x0, 0x0, 0x24008011}, 0x20040800) 5m15.966385552s ago: executing program 0 (id=1810): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/module/parameters/sig_enforce\x00', 0x2402, 0x0) mmap$auto(0x0, 0x1, 0x0, 0xfffffffffffff811, 0x8, 0x8000) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0xfdef) 5m11.153833229s ago: executing program 0 (id=1821): unshare$auto(0x200) unshare$auto(0x20000) r0 = memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/soft_connect\x00', 0xc2481, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ftruncate$auto(0x3, 0x700) r2 = getsockopt$auto_SO_BUSY_POLL(r0, 0x3, 0x2e, &(0x7f0000000000)='MAC80211_HWSIM\x00', &(0x7f0000000080)=0x1) r3 = io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYRES8=r4, @ANYRES16=r0, @ANYBLOB="010025bd7000fedbdf25040000000800170000000000", @ANYRESOCT=r2, @ANYBLOB="416af3e9a28db09cb823955c925ea5d158d24717155a1663005cc7984254e835137ffae1646dcd11f242fbb2ebfad71315b6c8cba6bcfe702eba9103a9cc9c7a813d70301a87402583b2e779ddc73606bc683c7d7a53064ec50ec135eb3c320c2699e2786fbc90837c51f07909823d483154abe375e8452283cf2e896c06db15e06d61d3cadfb3a6862fa87b6f0d91d06c95a5f41c29884c93e0556c495abf5ed2423611acbd34b10310595b48fd4c57f7cd405590243a6cf57c03d4e0b4b29fb5c82472bf72fe31ca22ceee40f96ebd4b7e3b9486667e0a50d786ed42f93e59a8753efa1e51d7759543e8a1e6d0f8a63e13"], 0x1c}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) ioctl$auto(r3, 0x30f, r0) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x23, 0x0, 0x2ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socketcall$auto_SYS_RECV(0xa, &(0x7f0000000080)=0xf5) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_GET_FBACK_STATS(r5, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x40001) statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x3, 0x14, 0x4000000940, 0x1ffe0, 0x8003, 0x6, 0x6, 0x7, 0x5, 0x2, 0x9, 0x6, 0x9, 0x2, 0x3, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb]}, 0x1fe, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) setregid$auto(0x5, 0x6) r8 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r7, &(0x7f0000007b00)={0x0, 0x0, &(0x7f0000007ac0)={&(0x7f0000007a80)={0x14, r8, 0x311, 0x70bd29, 0x25dfdbfe}, 0x14}}, 0x0) ioctl$auto(r6, 0x5101, 0x3) ioctl$auto_USBDEVFS_RELEASEINTERFACE(0xffffffffffffffff, 0x80045510, &(0x7f0000000580)=0xfffff78b) 4m55.884452518s ago: executing program 34 (id=1821): unshare$auto(0x200) unshare$auto(0x20000) r0 = memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/soft_connect\x00', 0xc2481, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ftruncate$auto(0x3, 0x700) r2 = getsockopt$auto_SO_BUSY_POLL(r0, 0x3, 0x2e, &(0x7f0000000000)='MAC80211_HWSIM\x00', &(0x7f0000000080)=0x1) r3 = io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYRES8=r4, @ANYRES16=r0, @ANYBLOB="010025bd7000fedbdf25040000000800170000000000", @ANYRESOCT=r2, @ANYBLOB="416af3e9a28db09cb823955c925ea5d158d24717155a1663005cc7984254e835137ffae1646dcd11f242fbb2ebfad71315b6c8cba6bcfe702eba9103a9cc9c7a813d70301a87402583b2e779ddc73606bc683c7d7a53064ec50ec135eb3c320c2699e2786fbc90837c51f07909823d483154abe375e8452283cf2e896c06db15e06d61d3cadfb3a6862fa87b6f0d91d06c95a5f41c29884c93e0556c495abf5ed2423611acbd34b10310595b48fd4c57f7cd405590243a6cf57c03d4e0b4b29fb5c82472bf72fe31ca22ceee40f96ebd4b7e3b9486667e0a50d786ed42f93e59a8753efa1e51d7759543e8a1e6d0f8a63e13"], 0x1c}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) ioctl$auto(r3, 0x30f, r0) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x23, 0x0, 0x2ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socketcall$auto_SYS_RECV(0xa, &(0x7f0000000080)=0xf5) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_GET_FBACK_STATS(r5, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x40001) statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x3, 0x14, 0x4000000940, 0x1ffe0, 0x8003, 0x6, 0x6, 0x7, 0x5, 0x2, 0x9, 0x6, 0x9, 0x2, 0x3, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb]}, 0x1fe, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) setregid$auto(0x5, 0x6) r8 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r7, &(0x7f0000007b00)={0x0, 0x0, &(0x7f0000007ac0)={&(0x7f0000007a80)={0x14, r8, 0x311, 0x70bd29, 0x25dfdbfe}, 0x14}}, 0x0) ioctl$auto(r6, 0x5101, 0x3) ioctl$auto_USBDEVFS_RELEASEINTERFACE(0xffffffffffffffff, 0x80045510, &(0x7f0000000580)=0xfffff78b) 15.285351521s ago: executing program 5 (id=2711): close_range$auto(0x0, 0xffffffffffffffff, 0x2) r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r1 = socket(0x22, 0x2, 0x1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2081, 0xc7) fanotify_mark$auto(r1, 0x1ff, 0x81, r2, &(0x7f0000000080)='./file0\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r3 = gettid() r4 = syz_open_procfs$namespace(r3, &(0x7f0000000080)) getdents$auto(r4, 0x0, 0x200001a) r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/loop13/rqos/wbt/inflight\x00', 0x2040, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff001, 0x2) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x1fc, 0x0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xedb1}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "8b09791485470000004000"}, @OVS_PACKET_ATTR_ACTIONS={0x1c4, 0x3, 0x0, 0x1, [@typed={0x8, 0x67, 0x0, 0x0, @fd=r5}, @nested={0x20, 0x32, 0x0, 0x1, [@typed={0x8, 0x6d, 0x0, 0x0, @u32=0x80000000}, @generic, @nested={0x4, 0xa5}, @typed={0x4, 0x13e}, @nested={0x4, 0x1c}, @nested={0x4, 0xfb}, @typed={0x4, 0xcc}]}, @nested={0xda, 0x8, 0x0, 0x1, [@generic="87a26e0633b531f6014bdb89bedffc0ad8706a7a3fa4c3c8c61b8f7cc3c8eda42ace496b28aa911ce297e405280bcc8a7b547d32a2af8cb83e50f3ab7f21fa0ced51450c7e8a4e056592e260b812952f2d6c3f1bda140437503b34eea9d4db8d2d57b9c047bdb260278ccaa48d05db5bf92cbfef2eaebafed0a2e1f33b23ad0a7f7a102e235804a85358f174e2bb51724735cd3c13ff26f4df418e84d7679fbcb67ea81f259b4df364f1176c6ac0902f0a4a183d72a4b1cd03b3f6be122064e75f1c6329eef8dfcd2ab0f99015c66291280b1d7456d4"]}, @typed={0x8, 0x67, 0x0, 0x0, @u32}, @nested={0xa0, 0x61, 0x0, 0x1, [@typed={0x8, 0x145, 0x0, 0x0, @fd=r0}, @typed={0x4, 0x122}, @typed={0x8, 0x32, 0x0, 0x0, @uid}, @nested={0x4, 0x148}, @nested={0x4, 0x18}, @typed={0x14, 0xac, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x2f}}, @nested={0x4, 0x10f}, @generic="e14b25530fa80e825b3ebf47", @generic="52b3eefe587afc8d7c5f48a720c1885e854a8d71eb54b4c7ae91feca34eb5e4a6dbcac87ceb3787f218d9841588d1ddee64fafee3c9557e2ee3bf6f31875098759d56dc2a1969190b560771dc61dd61f6925ee8ce2ab29581eda9014"]}, @nested={0xc, 0x81, 0x0, 0x1, [@nested={0x4, 0x11c}, @nested={0x4, 0x9}]}, @typed={0x8, 0x145, 0x0, 0x0, @uid}]}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x8, 0x0, 0x2, 0x0, 0x9, 0xb52}, 0x6}, 0x40, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000a00000008000200", @ANYRES32=0x0, @ANYBLOB="0801"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x5, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xbfe}, 0x7}, 0x3, 0x0) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) r6 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r6, &(0x7f0000000040)={0x8, 0x2, '\v\x00\x00\x00\x00\x00\x00\x00'}, 0x2) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004c18}, 0x810) 13.508555182s ago: executing program 5 (id=2715): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) ppoll$auto(0x0, 0x7, 0x0, 0x0, 0x8) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x84c, 0x0, 0x9, 0x0, 0x3, 0x10b}, 0x800009}, 0x1, 0x20000000) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$auto_VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000080)={0x6, r0}) write$auto(0x3, 0x0, 0xfdef) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000003e80), 0x80000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/admmidi2\x00', 0x101000, 0x0) recvfrom$auto(0x3, 0x0, 0x800000004e, 0x2, 0x0, 0xfffffffffffffffd) 12.301646294s ago: executing program 5 (id=2717): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) r0 = openat$auto_tracing_thresh_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/tracing_thresh\x00', 0x2000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES8=r0, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c00038008001500", @ANYRES32, @ANYBLOB="12010100898771f1c19f1779042d89ba552f76090a85908295e79a8e826aa439ed8bbf9b4d9dca4af27eb9153fcc15a78c54c54c6989027887c1d47a4ddfb4c75b1456e3a8f694c459e2d9235bde4535b58f68f26fa72283eed517dd518d57d1aa6e87b33c86a6eead004d06ed857d1ff6a6d90f0e2443ad2ed85c12f88da263a2917be9786e135f184def3715253a2f44ef83d9f3b4c3968ea13f5d2cc53c5580ca891abcd49f241f51836ef78f8ca83cb8822b4097008115f32bb3472d674cc0af9c0589d3bf8c0e5ea48deef5315cb96dba13fe38b254134e403887380002ba8121e4313f1531172447037213ffe05b3fa4c8"], 0x40}, 0x1, 0x0, 0x0, 0x4044890}, 0x8011) set_mempolicy$auto(0xe, &(0x7f00000001c0)=0x200000087d, 0x9) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r3, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x4000000, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001a80)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYBLOB="01002cbd7000fbdbdf2504000000ce00180044dfbe224c834750f93eb683a4e7e1916cf47649bb07b14de1671057e54c9e804466d29325f94dc9c62b59df4c20d3f5f8576b099d5235f1ea29029ccb6d39dc9a8fe663b7171ad01848e2fa77903fe86239d4a76f26bbb9c20b4b6f53ccecbac8f223ea339a7f7fc48873f07e730836cd85aedf59e7d0297f4bb6f88b46b220270d61c9dbdd19e3029030c0f8bf3805fc057b041dadcc1ef6353ae1a941ea6a2c16a8763f8341121b4d15e89b4a8ef4e9f1275a5ecb13dc287f9dc734f4cacd37a5c908085442a400850000080005000100000050001800c5c0246e70da69c9fa02cf05a78f4a22c0de74c2a5a70b946dc7b83691f3ae428e0e18bb1b0970db877cc4fe2d7a513336f41b633668083acdf4042d8561f19b6d12781d81200ae006b5f163c70203002586e57c0e0604be41cf746e9fc46c64612b272de2b7fa765246dc3d0dea92aa6fe5442440ad358f4a1c761718a7ca5c43220d0f6bc56585f24caf223ce20464aea7d8b8baa6352ea9972d2e908d86ee5bc40f3acd3188c207796e96c89a18df82bed1ec9fc07934d6ef3b75b4fd5a2ef457e04b5bf4573487182fd684e8f59ce9e3d479fcb8bc77340faae517ee7e7f889907c25d01c5f0b8477f77062c4829099115004bca8b8c01181c889a93b06c92cd763593e6a42792ccff38f52fe326d8513c8e915b6f1b052481faa59b29ab5cd8d2629c3333cd3f815775642c73c3ad3f9225c68823332f471b6f79f628fa9b3a3caf450718a799debcfcdeb85325a25f8895dbe04cb0a8cc0e7aacbb009efdf942d5214621f8eb7b2e06cb9df29be0be0411966d46ac8458ba5dd6dd5744456a300f681f6c57dccd64c611565d4e012a039e7b5f3baf41f9fdfd04a4f35b49fb4558fd2079c954a3e4f6f5bce6663a7b980432249d915f5aae6081f19db5aaeff8ad862ea6ddecee0a0c8dfce054a68596c9ae95c8ffa3add3e998903365efb6d08e42efdca7aace8f29a9a0626efdfca13e8fe2afa4499f18a9f652e341b54f443628582c5467de32008a2bc4706452057b329961a9453f991e2e2a69c4cf193ba6bba804e55b89669416f2b11247a666c64b8e5a8e2b0a94349ee4c93af7a109605c6b522b3b848ac06ffee2aee5fad7292c0df37bb2ae9708c19edcc2967cc95290deb052573816303a8a2fc343a504d743e9fe588adf2a7094dab6aeb6e92ee098123244d9feaaed93caf8ba7aad736adc5c2399dd3ebfff3423ce7bd02134e3a530519f61108bfa73859919e22f77545e01dfba99c91283bb6220489261a97bbc2d9aefd83c97bc4a139c0c9aef13385bbbbdf0f9620622b358582376b494018e131bba4b53d010cc9df4e20cc76e8a34781e863ed8fd1fb7308fbd330d366f7017a4b71db836e0440f3165ff863b0030021c802c02058064010080e80001005ab8c8449d617089cde8c175151e0624c653a7a392385f772038f4056e7e82947239ab4e69c4c8117e12d5aa829b61e60dd2cc0ca2542be8f85344570c24531f6a757b5b2f6b0fd0358547b1e68c37a4c5b413d20b5aadfff9b577d933bbcb64368c9b1507a10a77b63dd9e2548e9d079d63ee490ef568bc46618cf56d23e4bbc494f4b65db872f504bd78993a9db8884970db58b710c4f2e1fa6b708a37b5742497122405999a80f9cb36c7cfdd21aefd010696733fe802d91e4892996d99a157e177cbfe7c58c7139abe5e29177910a7594d7a531061cac25cb44951d5b4bff83edd51240004800c00030002000000000000000c000300100000000000000008000200020000000c000480040005000400050008000480040005003f0001001fcb07832f181ee40270354d8df8a678b5c8b2ed5378ed4427c3221042cbad573c60327658974f1790cec781d7610471797ac5e0cf15b7a16994ce00c40000807100010049ae7c767d3302dc532f6405e1486d16f37267419405f7aa6b60bbe881e616b5dc22c76aaa8ecce089c56570b66b0fa2fc3c954adfeda4ab48ee7544393282a0c5c2e437683d17fc498298d883aa603864b8d75cb4ea35770b521a46b31cf3802c38925bd28fea35dad97b61f00000004c000480040005000c00040004000000000000000c000400ff0100000000000004000500040005000c000300ff0f0000000000000c00030003000000000000000c00040000080000000000000c000800040000000000000064001a8060000480180001800400010004000400080005006a00000004000200140001800400040004000400080005000a0000002400018004000100080006000800000004000200050008000000000004000a0004000a000c000180080005000f000000b0001a80040003001c0004801400018004000200050007000000000004000200040001808c00048038000180050007000a000000040003000400020005000800070000000500080003000000050008000400000008000600080000000400030028000180050007000c00000004000200080006000104000004000a0004000400080005003c0000000c00018004000900040004001c0001800800060005000000080005000000000004000a0004000100"], 0x754}, 0x1, 0x0, 0x0, 0x44004811}, 0x40000c0) ioctl$auto_LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) 8.478118726s ago: executing program 5 (id=2728): r0 = fcntl$auto_F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x8100000041, 0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000000006, 0xeb1, r1, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) read$auto(r1, 0x0, 0x8) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyr6\x00', 0x101e81, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000001340)='\xbb\xbb\xbb\xbb\xbb\xbb', 0xe, 0xff) execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=&(0x7f0000000280)='team_slave_1\x00', 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) 6.961515489s ago: executing program 6 (id=2733): r0 = fcntl$auto_F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x8100000041, 0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000000006, 0xeb1, r2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) read$auto(r2, 0x0, 0x8) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyr6\x00', 0x101e81, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000001340)='\xbb\xbb\xbb\xbb\xbb\xbb', 0xe, 0xff) execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=&(0x7f0000000280)='team_slave_1\x00', 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) 4.192194626s ago: executing program 6 (id=2745): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/loop4/zone_wplugs\x00', 0x121000, 0x0) pread64$auto(r0, 0x0, 0x20000006, 0x8) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fcdbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB="0800010048530400080002"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x80) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x20400, 0x0) 4.036485169s ago: executing program 6 (id=2746): r0 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000040), 0x86240, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, &(0x7f0000000000)={0x6, 0x0, 0x8}, 0xfff) lseek$auto(r0, 0x0, 0x1) userfaultfd$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setregid$auto(0x0, 0xee00) setreuid$auto(0x0, 0x0) keyctl$auto(0x12, 0x10001, 0x8, 0x293a, 0x7) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/afs/stats\x00', 0x42500, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000001080)=""/244, 0xf4) 3.941885518s ago: executing program 2 (id=2748): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/mtd/mtd0/bad_blocks\x00', 0x80040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/225, 0xe1) (async, rerun: 32) r1 = socket(0x10, 0x2, 0x0) (rerun: 32) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) mmap$auto(0x9, 0x2000d, 0x10000000000df, 0xeb2, r0, 0x4) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000099455d8bd1bd8eed0331392a252a9c992b3e42b905341aebc9eda1e3ddab06908f01b65724a4dac4799ebb6756917f554ef8b426665b5503ec3a448daa5965b9c1bb39ec6ee15d61", @ANYBLOB="3b8e91f02e39aa6cddac193df7f296bf22675b53c7f9c5f172ef1b8eb71c1e83986cf1e9e0f46c1ded5c1b9dfda82d7fa66d0e9b5f87ee03b8c49954b20305b84116cb4d34508f1b8550434d37b00357f9e7cf9ade5d270903fcffc670f3c9dcea92078b0bedc19a98cb6c09550e909bf2a3ede8d45c5368491b7cf376d9b2d0e8051094e629552bdcd7c9344bc84af2d655971278fb4caab1e80c911411deedb5df8afa7bb72569bbe61b9b9eef0c584321e9c2a5ff3c7794dfded4956f84f157e8c4709529cb0b8ee0ec659978715e1f0a05562ab6975fd71d4c0c863b", @ANYBLOB="0b3f4e87a43fd202d20e739960de95e20f8b05070c282ce07e5f5f7f1ad66c711379"], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) (async) mmap$auto(0x0, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x6a0b17a4) (async) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/can/rcvlist_sff\x00', 0x400, 0x0) pread64$auto(r3, 0x0, 0x1ff, 0x8800000000) (async) mlockall$auto(0x7) (async, rerun: 32) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/net/nr1/queues/rx-0/rps_flow_cnt\x00', 0x0, 0x0) (async, rerun: 32) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) (async) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async, rerun: 64) r5 = prctl$auto(0xc8, 0x2, 0x9, 0xffffffffffff8001, 0xbef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) futex$auto(0x0, 0x8d, 0x0, 0x0, 0x0, 0x100) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async) io_getevents$auto(0x422, 0xfff, 0x5, 0x0, &(0x7f0000000040)={0x8, 0x8}) (async) pwrite64$auto(r4, &(0x7f0000000180)='+:\\&\x00', 0x80000000, 0x1) (async, rerun: 32) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) (async, rerun: 32) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) (async) read$auto(r2, &(0x7f0000000140)='nl80211\x00', 0xbe61) (async, rerun: 32) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40050) (async, rerun: 32) fspick$auto(r5, 0x0, 0xfffffff7) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x2, 0xc}, 0x9}, 0x2, 0x0) 3.844307931s ago: executing program 2 (id=2750): mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4008081}, 0x10004010) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setregid$auto(0xee01, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f0000000240), 0x40, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0xc800) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x0, 0x0) ioperm$auto(0x3, 0x8001, 0x2000000000000149) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x9, 0x84, 0x4, &(0x7f0000000000), 0x80000000, 0x7f) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x20048800) ioprio_set$auto(0x7, 0x0, 0xfff) 3.485835496s ago: executing program 2 (id=2751): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/v4l-subdev0\x00', 0x200, 0x0) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x40000, 0x0) r0 = clone$auto(0x9, 0x81, &(0x7f0000000000)=0x3, &(0x7f0000000040)=0x2400, 0x121) mmap$auto(0x0, 0x2020009, 0x87, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0xc008af12, r2) ptrace$auto(0xffffffffffffffff, r0, 0x7, 0xffffffffffffffab) r3 = getsockopt$auto_SO_DOMAIN(r1, 0x6b0dae69, 0x27, &(0x7f0000000100)='\x00', &(0x7f0000000140)=0x9) setsockopt$auto_SO_ERROR(r3, 0x2, 0x4, &(0x7f0000000180)='\x00', 0x5) syslog$auto(0x4, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x4) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x284100, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0x40603d07, 0x0) mmap$auto(0x0, 0xa, 0x4000000000df, 0x1000000000000eb1, r4, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, 0xffffffffffffffff, 0x4, 0x1ff, 0xffffffffffffffff, @relative_fd=0xffffffffffffffff, 0xe600}, 0x6) r9 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) recvmmsg$auto(r9, &(0x7f0000000200)={{&(0x7f0000000000)="be8a26da86b692033b45701794fbc2439a7c52b6df330ed978f3fc015b10d9f0b81ca2e8ade9be05331f5da4875f4dd0d4fd5b292dab2977df8e5f61c57ecc837be2f9ac5a392a62e73ab28ec5a685b89c4409c6f60bf857f7b49740e41a12008f4a13e583865c3131935b9ab58ebdb5480ae5de63a7caf0f6c2d608219b9dc12d39e2b9d5be541645c877ef787d80602597ed072981b00cedd18b68e36e0e6979f10948f72d4d674e931cd574ab1715c7a0f115d82472e170c3e53bb364d5570f55f4abf6e1a6ea2f830004adb4f7d527c5e9ee45ee4f4a5d906b1783b6edd775e3cbfa4075c767bd7e182c8e98be746ec11f57", 0x0, &(0x7f0000000180)={&(0x7f0000000100)="4e7040d4c6d7e73738324d3df3748c7b55090e10adb5d996ed99301b361b108bc292462b354cf47636372e930412a3c7dcc34a075966d9438a87f0e71534b0113fd53b1f126e9640364d7b0bfc4e313810ca54d3848222a1b2c1d7", 0x5}, 0x7fff, &(0x7f00000002c0)="543b2a35c51f5144b43c6a9f1d83eebbd6522d24f28648027c8b715eda1b018424b8e94db5bdab618b960827ddbf378805dbe2f62793b0372bab5a1b87ec9f4a6a51c05f17010defa683649d42f1170700f41ed055e52c4ff65b3b9b626947e5defabd99eb961eb3b557e5e76415e4a5f7ba01ad541b46b4518723933b55dd900b3f74478c86d1680a991de7ad3380ced4d466ee86f7be047d84a784991924a2e2088ba652c533b8964ba44045491e531d41c94358a91c78683deb7df2e72591491d6ea35dad0f8b03bf240f6f74553d2e86d197d0d358875c42bb51881874912c8b18da15d70dc79af5", 0x7, 0x1}, 0x2db97048}, 0x7fffffff, 0x9, &(0x7f0000000240)={0x400, 0xffffffffe0877bd4}) r10 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x8, 0xdf, 0x19, 0x2, 0x8000) setsockopt$auto(r8, 0x80000000, 0x7ffffc, 0x0, 0x5) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r11 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/jfs/TxAnchor\x00', 0x0, 0x0) lseek$auto(r11, 0x5, 0x0) r12 = setfsuid$auto(0xee00) setreuid$auto(r12, 0x0) r13 = semctl$auto_SEM_STAT_ANY(0x1ff, 0x8, 0x14, 0x0) sendmsg$auto_NCSI_CMD_SET_INTERFACE(r10, &(0x7f0000000940)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40084}, 0xc, &(0x7f0000000900)={&(0x7f0000000400)={0x4dc, 0x0, 0x8, 0x70bd27, 0x25dfdbff, {}, [@NCSI_ATTR_PACKAGE_LIST={0x188, 0x2, 0x0, 0x1, [@typed={0x10, 0xeb, 0x0, 0x0, @str=',&]\'+$@,%%@\x00'}, @nested={0x1b, 0xa8, 0x0, 0x1, [@generic="efb438538cf7646531243ad7190297d9b77b77fc213cb5"]}, @nested={0x149, 0x12b, 0x0, 0x1, [@generic="3af41435c42bf9c758aec92c5f131243dbd66a7f9868cb34c9c59241f19799f23b6f95b2f6ed8e15e9ffe71f1bb72912a8703596bfbb84630d335b38dac9cc6b42b9b640ca4016c858138e76790d6cc837414a428860fb2ecb93bdf0801773cf281c1a094cf619b5cc88fd719f9687899403f622947c6d95f3626ba69ce96eb4f2767b7bab592d170c4d2e3b332b9e062c771d5399", @typed={0xb, 0xe, 0x0, 0x0, @str='dummy0\x00'}, @generic="986fd765f3f72f7458a177d611aceebb8118d6acb3fd6d4f12eb9fa7cc6c6375f7a07007232ad7577af6d157cfd3954642f7da2603376a8bee6f34cb73c758d21b6363260696383cb64488f0bf7c6b1bf1919baef2c38eea30fcd86d700df783efd59189ebb63e025307c979dfeccf367180140e0dff514ff34f67206be1aaf3", @nested={0x4, 0x8e}, @typed={0x8, 0x83, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @nested={0x4, 0xc9}, @typed={0x8, 0x23, 0x0, 0x0, @uid=r12}, @nested={0x4, 0xdb}, @typed={0x8, 0xec, 0x0, 0x0, @pid=r13}]}, @typed={0xc, 0x26, 0x0, 0x0, @u64=0x3}]}, @NCSI_ATTR_MULTI_FLAG={0x4}, @NCSI_ATTR_IFINDEX={0x8, 0x1, r7}, @NCSI_ATTR_DATA={0x32a, 0x5, "c31e01636f3548925a288c112e588232bb78c3c5c0a97bc732e9fc77ecf974104c2f256b32a8f6722f51db04e0a9b7d38f71b472ef808483a95a5a74cad2bacf065c27d4c70f01ed0f74331c64aa8260acc235fae07a18a77a37734c65d5a0c714073f06d05cc88b0feb43fc5d089ead4cab893f4fc606233892e88280cfc8600a57c0336dd61abc0490bf27f335508fe316bd6d407a1334fc293bf3e0be531b3809a98697d47ffe5f94dab8196e56d7bb5dd46cfef2d48f080b2aa2f020f247d2f048a95697488a5233bddba7f5bdc03a9cebc6cfe89afceba8c2cf48bc3c2f06731f70dc60b51db96f3ae582b61ad3038324628547cda7a1f4b95081d9a4df4b92d5e028ce944f27dc95812a20c925f6e492024f3badfc29953cfd7750b8a09fbb52f79fa86c2b9540b9c6f8cca8245ffee2cfb437875f73265f81fbe4687662e9ae0f3d15d29cb9b36991463d5c8e8aed4a6380ab9cff8d7e82a725269f594f197e22151370144f6b6b604fefc63eb481800f343e393673e0a911d96448b4ba14f85d3c29c6c6b02d53797d0bd466abd97dfdff76e5c97d372e0474d329d05ecfc4280b5ca55491c9dc885c9649c3bce3933fdc08a655d25d85af4ad2ef43966cd5bc3d516dba2a04e74d74d4399c10d3f7801933a9beb385d5275eeb192e321bbf3acd5b9b9d965a83f22ec03da59beff20a3b67acd6706ab2dc856a3d10766df721c4b8b6dde1266cbce077f83c2b4636996430eb8b825b36b9c598292eb98abcacaf4cee9b3bf6b45110a89feed96e22692799ac7f85b500f5ec777664c0642161f711bc63f26e33d4bd52d1e8401bd682c1c1767aecf0affdbc4c2d20ad8c51b999c83ef7271a90b000a7585ad212df3ecc90daa2fd4ce35859c4ff126dd9edb2b72bb168884fe489ba9138d7256e86e7ddc0ad70210ba11d4c38dbdbc2d2ae440c0164f53db15392aff734d69394c9a5a32403208b0415415dfc5e5ecbfbe9639ba493b5411559e2b8e9803bef20ab24834474a54c1387671d3d3444f3d007645634efae4e72acc95dae7bfd44ef89ffb4e09097c7d14d64b182dc76ae44758adebb660b6a4b22cb4adc42f96d4adaf6149847bfe90cc95cddd2beca2d74ef8c30ad"}, @NCSI_ATTR_IFINDEX={0x8, 0x1, r6}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) 3.430287404s ago: executing program 5 (id=2752): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setreuid$auto(0xffffffffffffffff, 0x8) timer_create$auto(0x9, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0x14, 0xffffffffffffffff, 0xdea) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/oom_adj\x00', 0x22c40, 0x0) socket(0x2, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r1, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f00000000c0)={0x20, r2, 0x301, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_PHY_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) listen$auto(0x3, 0x81) ioctl$auto(0x3, 0x894b, 0x38) read$auto(r0, 0x0, 0x1f40) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000008) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) setsockopt$auto(0x3, 0x84, 0x15, 0x0, 0x28) semctl$auto_IPC_INFO(0x7ff, 0x200, 0x3, 0xa0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x241, 0x0) 3.344951177s ago: executing program 5 (id=2753): r0 = fcntl$auto_F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x8100000041, 0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000000006, 0xeb1, r2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) read$auto(r2, 0x0, 0x8) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyr6\x00', 0x101e81, 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) 3.078082934s ago: executing program 2 (id=2754): r0 = fcntl$auto_F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x8100000041, 0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000000006, 0xeb1, r2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) read$auto(r2, 0x0, 0x8) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyr6\x00', 0x101e81, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000001340)='\xbb\xbb\xbb\xbb\xbb\xbb', 0xe, 0xff) execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=&(0x7f0000000280)='team_slave_1\x00', 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) 3.077803253s ago: executing program 6 (id=2755): socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) rt_sigaction$auto(0x1, 0x0, 0x0, 0x8) (async) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0) read$auto(r0, &(0x7f0000000080)='MAC80211_HWSIM\x00', 0x6) (async) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x8, 0x0, 0xc, 0xe3, 0x4e, 0x3}, 0x6f4) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) (async) bpf$auto(0x16, 0xffffffffffffffff, 0x0) (async) bpf$auto(0x4, 0x0, 0xe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x42}, 0x4) r1 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) setsockopt$auto(0x3, 0x0, 0x60, 0x0, 0x10001) 2.671141605s ago: executing program 6 (id=2757): r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) getxattrat$auto(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x34, r0, 0x1, 0x70bd29, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x1c, 0x1, 0x0, 0x1, [@nested={0x18, 0x10, 0x0, 0x1, [@typed={0x14, 0x8, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x42}}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) 2.473186561s ago: executing program 6 (id=2759): r0 = fcntl$auto_F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x8100000041, 0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000000006, 0xeb1, r2, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) read$auto(r2, 0x0, 0x8) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=&(0x7f0000000280)='team_slave_1\x00', 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) 1.89882488s ago: executing program 4 (id=2761): bpf$auto(0x23, 0x0, 0x2ff) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r0 = socketcall$auto_SYS_RECV(0xa, &(0x7f0000000080)=0xf5) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_GET_FBACK_STATS(r0, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x40001) statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x3, 0x14, 0x940, 0x1ffe0, 0x8003, 0x6, 0x6, 0x7, 0x5, 0x2, 0x9, 0x6, 0x9, 0x2, 0x3, 0x2, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff]}, 0x1fe, 0x7) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000) (async, rerun: 32) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) setregid$auto(0x5, 0x6) (async) r3 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r2, &(0x7f0000007b00)={0x0, 0x0, &(0x7f0000007ac0)={&(0x7f0000007a80)={0x14, r3, 0x311, 0x70bd29, 0x25dfdbfe}, 0x14}}, 0x0) (async) ioctl$auto(r1, 0x5101, 0x3) (async) ioctl$auto_USBDEVFS_RELEASEINTERFACE(0xffffffffffffffff, 0x80045510, &(0x7f0000000580)=0xce) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x1000009, 0x3, 0x2a, 0x940, 0x1ffde, 0x3, 0x6, 0x3ff, 0x9, 0x400005, 0xfff, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x9, 0xffffffff, 0x0, 0x0, 0x0, 0x0, [0x1, 0x3, 0x200000000, 0x400000000, 0x0, 0x3903, 0x5, 0x4, 0x3, 0x40000000000, 0x6, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x20000000000000, 0x0, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x2, 0x3fff, 0xfffffffffffffffd, 0x0, 0xb548, 0x8, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0xfffff7fffffffffa, 0x81) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async, rerun: 64) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0xa4e00, 0x0) (rerun: 64) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) sendmsg$auto_TIPC_NL_PUBL_GET(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001400)={&(0x7f0000000080)=ANY=[@ANYBLOB="07130000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fddbdf2507000000480009000583bfe1cb935773c502cd1a2b2a9903106148fe0cea1e0f5e9ddea45e502110e421b7947d655180465650c326c6744842eeb6e9815994538fcc1530ad1e9ebdeb656bd85a0007008eeb2d306671f0cfac5ae64e0407abd0e16c1e5870b06f3207d324394abd5378786d5999677f2a857fdd5e6d8d893cc6470e8543c86657ff871e15f752e0423746d360840db681b0289db3ad860302d94e9285ca86a10000520002006479dd8150969cfbf6d666173842c2cb28729f186b22a68ad0d01a94eb28c6026b36357efd21f99313994fddfda5b416e53b2c29f047057484aedd7751d0158304a6984ec8ce4e8e4d6db4cc8ff70000e80000004db8d021c34c9090b6f1dbb53e639bd4166d82122bae71b3ae93ea8c056f957f9d30df43efd93395e863dda2bbc11b00d470efaa1fed6165f6493d918931f6c00af6f15fcf0847274858fbea4afb9e2cad07aa0c4bb4aba6ee01112a8861e344399e172c6c2c9ad3481df941c64265ae04799e02a2e2d941a9ab4ce8ef388d31694426afff9da5315bcb3b82349c645010bc76dbf888145c9cbbd129ba234def4f1326f6407ccc807d7188520c2c5d25696c115facf6a924f948a6ef8be112a1be7364503f3a094a2ae59074730ad9bd5a6f797aaedeb59d8b3625ebcf9535d8c4167529ad000200d345619c941912afddb7ea09a9757d5ca111050dcc9a85f58fc931a8975aa27935d05b898af0af1ecd412eceaf7acde661e051400c8ba8b9c66d1acd9dc14b26aa3d7011e7ace4da41c7acbc627add91c757a8cbac64b3d47616da74967bffbc70ae9f164bf958f77476712f20cfe16008cee8bf5b183dd96c9d5151376a88ba95699d4d63b15e65c8b0307c8de2d25407185025df435362cabf13870391d626119d69358eddf48f0a0000001f000400dd24cfd5c3687a80bdda1498e3ed7f35146917eb267adcdb7d438d0067000700bf8d5ab8fc3e9187c5820f1c28b0f71e82f1adde598b0f170dcccf6ac0892788531efeafd121ccdfb242e106dd3cbba12d77cb11cc7cac259a83e042c2c4b9bf5659486475e2ab98796359a161c510f9aa058ae38f1c3121f086a097bfcf9c65455e4200041008009d1149639ba394e8cd1687be0aaca14cd90769ab9a66ff3c90789d3ad7f4e94ec6768934b44bf315cbfd411974320262c3838f4126735c0df07091fa99b1281938c302c0d7c1bd16473283947185c0ec974bc305e5fd73469bd833cd01e13da8b88963127646aff7c3da6b25b3b3430de9ac75ecfada13b79acf5ff699d4e6eedaa33f68d4b316c76eca74f015812bc926c9448adb81473ff178ce6ab37bf2aab0b902049596d4a486cfbf6701b7308a6764e95ed15c440671293b10c2cf35c60c6a759c1b54620a88ba63ffe1dd42bbabcaf66379f88ccae89b19011c8fd21cda00acc23f3541126385a589de4fbdf8265a02c65b0db7e935e69d844d90967230c0a9e1e9b52dd9b9691cb9fc658cd0587cc7e6eed1c87fb7624c5f822022cb0eeba385b74439449e2c0cb64d86d1a139d01fffb110ec041ad9cadc9f6ac2cb936b1ae9e49fa92c697afa82aab77f694806737c8ebd239d67873e0f3c2b4c2d0665e984510ba8b0b7acbfe0b1db23055575ecdeef070d069f8e86d0d9872a59e85e43f0ebb64bc257b01b594e90485d6009c40e4a35bce5b02e258c2defeec81b7800af129616b0dd3fdc7fc91844a2da2c47e5d6e99eecf5abae03bb6481ef9eee687b34f86de26fa7b8190552dad0be4df7d0b7f97931e04c22dd809eb857538eb876998e61a3b60f15f5dc99d35f840b4c269da3f5ce6c1c82e41b661440084382b3be7990a89714402894659d63429a80320872094bd8693a3d85db18ceb25e5904a18fff404ac92fc80ca8bba6ab50ae673e779a938d03a2ef62e60035fbdb31e410abbbf18ffd69e60dc15b496c2b2bea8649e5076f641df194ff601d7b916a0e1f22a5f1b3ef4649bbde772535701084ea5148382954e797d49b2ae97cdea9a029e21cd904e1a8fb03dbeaeddc77a06a6447c43c32e9abb40a76aa802062ca9bcf074b031733c29712eddb8514de7de6ad85ddb189100cde6107c1fc2b3e3fbd2b86e161c660d162b7fe716b9c13db625647b007b2cf9d51edeb40b474fdb6cc84cec0e8fc553c385eab67df20981894f7e0cd531c8479c971ce438319860fe1bc71477b9d2c83839c4bf17ca5f1a15410038001d1d22402f8c92caacdb7369c876a7d92053b681b1bc896c399a8c2d2fc2e5ae7db64ca4b57dec495a65813ed9c8089fe18338c813f20de278ffea18df2c794f1d82d82b677a4338b0a150c149fb4229e708c1d195620d0b899427758e0e8a25d54ff4fc96adea98511d8f5c8c82496e764360b351da63c63b99cde5bb116e737b3cebd4765c6a77e59f761840a0d742db62d6b556c89e0f28794de5859f3a4b38b5643ffc25e1be2ebfd62cff25536945e49f0bdb9850c1672171c2fc5388c81ef4c31aaeae15859c9e004c719a10a07b8cd28ebe23648a1be380c000140b3701622e169274d74835721472b2a0e91aa92f90443e1b5701eb0606be5cb5b5d3d264c303fe71d3b8f6b0d6dd54d7de5f0a88aec2954d39aebf8c587ee96009c5dde2818e9bad320ea52521e5b615dd210f6f159a7e52b3e48a1f37fb090924ef61a9b17a8e85460e66a12b2600782702b051856161c150775258a481587a900fb08abcaa2f56fef8217f24619e7df28ed2783c85b71258455d6bf3f343f63b723ea06256e1b1edc383eeb80ee066c0777341cb5cb08c00f13a984e1e8cdef14e391d41eff54cca65b83f2a3fe7bffe458a2d29fffdd3a845052fc814d203a8e5fe946e0c559e36e89f51cb84612e212916297483485d4ce34d16a4a680ededd3cf0638133628cb7690388d4dc074d43caa4d9baf45703d28861d507f4b107bf1abb9fd7654aa3b29c5cef1e976cadbc249df8aee73d5989d8a24670c31dfd8597bf46dbda1595870ee9ae910cbc56e899b21b60779421b241836be7163b2fb1ee9470bacb7529ae57cfb0d53c21d80dec239e1eb3f4d9d006d80b67c263878441fe2a1b4ee048bfd52d5c27d080043b053670c7e56b8c33892bd9c5424842c70451f1cf203935bb2aaee9addcb4c961d0567788658efa456c36e07873b59b5de0a5b7d32c703b4b1929b699819cf08e856fafed75202585409efb4a83e61d5c3858f29b09dd87c0962848c44a72b622f396f57cfe6b95472825d377695cfa19c55f20dfadfa2c52272c33ee5475830b94695bb9edbd427f3ffde1e12dcfac00cf20e8d97d5372e5be85c4a4f94ae79c1e64ac5d91ea57b924b4791ee3cff92eac70cfa298c995b353b8a70d8a6427053e65e831bd105d364647f5af924c70c7ffbb948588c408a50a62ca961124ccda43e899b39c80e6475eb83b96a1977f15343853dd06d12f693c1445e0b43f49772dcbea5470227a34b79ab54bbdd01d62192e4e5a81b98b7785dc493526a01a52bef6ab98b54b787e5c1e2d9a3d6e03bf7b6c6e2070b9efe1af7ee8407ff626c763f8fbcdef4177b171a472cb202b9deb96313952e3e410a79d32e51532630f0a84bc204d0d2e62dd9655687c03ad2ad90df9bc63981d48ce8514a6c17ed664714ee214ece76e0a40fbac0e1cbb448a669d69885b0dba649e0231a1e05c2db404a3a1c0e7b6b7d8c338ba0712c434d84786644571b67559e0ae416dc030c6e28a9144b903286d97ca85bd030f1c684263f6a1e61b944ac8c63acf1bd2b7df903a6cd87589dc8b979106df6abf4719e3e795e2bffefe3f3382a34ed6d2024e54a3b32ce73b1b605a080c838408fdb1c5e13773a7c46906a9891d662bc10714b9b614358fc6eea36ccdfaf0c36070555108e72eb0760edefad04d0cf369bc167befe2198b21144989f5b9bae5aaa4077a67c58d144aad38014ddfcecc424b2466a22107f81fbd6f1799d277f7285d742b135c768b408743e98d8b80024431cc0efb30858121f19262b404658c19771a34451705b5415c23ba2469b24590b9acd210d64c56fd7b3340a43dfe7c24c6798aec5c953dc9c43e786eeb807e51857a57cbde7be044dd4cbc820582b8d61c2adfa8e9b12366fe55bfbff7b8ab5885a074d7cd525ad4d9d6c907c41cb049a163e0605b54b1f2dd4f715516cb8364092fb6024c424051e955f858371d6dbaa2fb7d001482cf8004b014aec1b3910f6d24b703461fa565d5c63df0d01315be0e78dcb871a9ba178af748762fc487d4843d2f95f180e24df7f425588888a394013b2cb02836f791f344b3c609ff9b9aeaed7ea733b0e1846c286cb9e794198a13698680d1706179d849e69d751cac1ec877c7e90a070e408cffc146abb91b40b3358c8a679ea5f2dae0731133eda60c0f9de1973d13d3a583d3d52cc8dc7d65bb56976941109e3ae28cdaded62213ae88d5840ea87ce24bf8271b0fc453fd82feaf5464c59ade7961251a4196ac4337ad819c2e8afe9d0bd40895bb6b05d4679c1007114055ad688f3d75cc3865fc0c76556783011b3c68aab512aa0f1edd4898e2773c6791b4f6c64336a799a4dd9e8084850e45cd86f7ed9c7b996bc4c2ae77b088ada52d3b39af9d8d77bfece5cd9d9eb24991e73397a321884e559a84ceee6825c578b07fe08c2b77c9a75f5aa6e355dfe0dd0f7112f24e4cbf498e08994cb0ceb61adb754b8a16b1891f1356219fcc1f9bb56036501c4416e08e397c1d731a80ae18ba7e1d1e86cf0e539e23d7572f246fa3f2c0b93b64d62dcc19984a138a05a725525d81dd8421b4fa951ec98a21f9b870392f5ca9fa26ad55ce4a7023b3e9e08433bd698ee2b4a78fc7982f4f0daa85e947bcd00bc3d91fa623c5bb52e1c6b4344040fa2f8f2cff6db0958e136f20dd5e9753299bd0e1b2cab58ac2860042c4193fe500a72224fe2a8e7062c3efad55b747d5914282c63b29527bfac9602c6fc06834844cad5c7252161d484eeb8856000002141079a45293703586307efe0e9e43da10e615779f19d8fe8dfea46a7107b80268368583aee61419fca16055f363ac9075c306fc0e73da9d75bd03b315d6bf404a11c806819d35d164997b8591457078c14864bb46a5150d015ba3b0712efa07761144df5796f633241384df4da59b84b3feef2adf2c68b383389232395707d6caa94a3d0849141f323211a2ca28d2b208a690979bc901ec13e7eb9cf3e8937449694f285f61ab084b64db9712248e3996b07fd50d0c4d30d559337804c708e5c3cd04bbf5dbeb1651e4aad862eefdd135b576aeb8d4de6412"], 0x1354}}, 0x40001) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) r5 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 1.183501091s ago: executing program 4 (id=2762): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7ffd) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x2, 0x8, 0x0) flistxattr$auto(0xffffffffffffffff, 0x0, 0xf) socket(0x2, 0x80002, 0x73) r2 = socket(0x2b, 0x1, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0xd6c6}, 0x2, 0x0, 0x16}, 0x4}, 0xfff, 0xb07e) socket(0xa, 0x1, 0x84) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044000}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) setsockopt$auto(r2, 0x0, 0x33, 0x0, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x8, 0x8000000000000000, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) 1.003430909s ago: executing program 4 (id=2763): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x2, 0x3a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x50bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x200000000006}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r3, 0x80dc5521, r2) getsockopt$auto_SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000)='{,\'[#\'---)#+\x11*\x00', &(0x7f0000000040)=0x3) 707.918633ms ago: executing program 4 (id=2764): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0x2, 0x1, 0x106) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setreuid$auto(0x9, 0x1) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x621f, 0x10004) getpriority$auto(0x2, 0x9) io_uring_setup$auto(0x6, 0x0) setresgid$auto(0x800, 0xee01, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) read$auto_rng_chrdev_ops_core(r1, &(0x7f0000000100)=""/212, 0xd4) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'caif0\x00', 0x0}) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)={0x1c, r2, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x6, 0x0) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008810}, 0x20008000) 485.40809ms ago: executing program 2 (id=2765): mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fsconfig$auto(0xfb5, 0x4, 0xfffffffffffffffc, 0xffffffffffffffff, 0xffffffffffffffff) mbind$auto(0x8, 0x100000004, 0x100002000, 0x0, 0x20000000000006, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) settimeofday$auto(&(0x7f0000000080)={0x3, 0xffffffffffffffa0}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x3, 0x6) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) connect$auto(0x3, 0x0, 0x55) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r0, @ANYBLOB="0800fb00", @ANYRES32=r1], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) ioctl$auto(0x3, 0x890d, 0x38) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 373.861479ms ago: executing program 4 (id=2766): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x84c, 0x0, 0x9, 0x0, 0x3, 0x10b}, 0x800009}, 0x1, 0x20000000) write$auto(0x3, 0x0, 0xfdef) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x7, 0x0, 0x3) syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) r2 = semctl$auto_SEM_STAT(0x80000000, 0x852, 0x12, 0xc7c3) kill$auto(r2, 0x6) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event0\x00', 0x101600, 0x0) sendmsg$auto_NL802154_CMD_SET_TX_POWER(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x88c0}, 0x40) recvfrom$auto(0x3, 0x0, 0x800000004e, 0x2, 0x0, 0xfffffffffffffffd) 160.702136ms ago: executing program 2 (id=2767): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/rose14/tx_queue_len\x00', 0xe3102, 0x0) openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/netdevsim/netdevsim3/bpf_bind_verifier_accept\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x5, 0x0) socket(0xa, 0x1, 0x0) socket(0x2, 0x1, 0x84) listen$auto(0x3, 0x81) (async) listen$auto(0x3, 0x81) listen$auto(0x3, 0x0) listen$auto(0x3, 0x81) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) (async) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) close_range$auto(r0, 0x8, 0x0) socket(0x2, 0x3, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) ioperm$auto(0x90d5, 0xb, 0x2) (async) ioperm$auto(0x90d5, 0xb, 0x2) 0s ago: executing program 4 (id=2768): r0 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) pread64$auto(r0, &(0x7f0000000040)='+{)[\\:}:@\x00', 0x8, 0xffffffffffff2692) r1 = semctl$auto_GETALL(0x6, 0x5, 0xd, 0x40) r2 = prctl$auto_SECCOMP_MODE_STRICT(0xe, 0x1, r1, 0x200, 0x0) ioctl$auto_VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000080)={0x0, r0}) read$auto_ptdump_fops_(r3, &(0x7f00000000c0)=""/54, 0x36) ptrace$auto_PTRACE_GETSIGINFO(0x4202, r1, 0x6, 0x4) r4 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000100), 0x4000, 0x0) poll$auto(&(0x7f0000000140)={r4, 0x1, 0x9b}, 0x3, 0xf0c) r6 = prctl$auto_PR_MCE_KILL_GET(0x22, 0x7, r1, 0xfffffffffffffff7, 0x8) r7 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000001c0), r5) sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r5, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, r7, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@NFC_ATTR_FIRMWARE_NAME={0xe, 0x14, '+{)[\\:}:@\x00'}, @NFC_ATTR_DEVICE_NAME={0x8, 0x2, '[[-!'}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0xfffffe01}, @NFC_ATTR_LLC_PARAM_LTO={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44814}, 0x8000) prctl$auto_PR_SET_MM_BRK(0x3fe, 0x7, r1, 0x3, 0x400) read$auto_ptdump_fops_(r2, &(0x7f00000002c0)=""/90, 0x5a) r8 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x2100, 0x0) ioctl$auto_KVM_GET_EMULATED_CPUID(r8, 0xc008ae09, &(0x7f0000000380)={0x9, 0x0, [{0xfffffffc, 0x8, 0x2, 0x111, 0x81, 0x3}, {0x1, 0x5, 0xfff, 0x200, 0x697, 0x7, 0x3ff}]}) r9 = getpgid$auto(r1) r10 = fcntl$auto_F_GET_RW_HINT(r4, 0x40b, r9) fadvise64$auto_POSIX_FADV_NOREUSE(0xffffffffffffffff, 0x5, 0x80000000, 0x5) r11 = fcntl$auto_F_RDLCK(r10, 0xf, 0x0) read$auto_trace_options_fops_trace(r11, &(0x7f0000000400)=""/197, 0xc5) r12 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000540), r5) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000580)={'team0\x00', 0x0}) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r2, &(0x7f0000000e00)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000dc0)={&(0x7f00000005c0)={0x7ec, r12, 0x20, 0x70bd25, 0x25dfdbfc, {}, [@NCSI_ATTR_IFINDEX={0x8, 0x1, r13}, @NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x5}, @NCSI_ATTR_CHANNEL_MASK={0x8, 0x8, 0x1}, @NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0x6}, @NCSI_ATTR_DATA={0x7af, 0x5, "0d7d95af21cd052276019d23bf377e672814882e49eae4701c1d1411b7e92d827f0cae1b35259094bc059f98157a211e8768ed0b83ac7b3384c6757fef6f34d67f284830e9ab240d0bdf05ec8c43824173e89614778524aa505c9bf8c8cb263dde74f441a39d5a5af0ce4418303b232a0820dfb66f1a564bfc517817fd1c93c6c092abc97114230368e59047677d9b0f5e1db886bc38ce8656f4d3a21bfd3d00e24d37c6a024736f4d0e3ba636a9651bdc5f0c16502ef616df991ade470e0bfc33bc6ab8c206d7f3f525afe1b6e50dd808c5f2a3e5836d0e2ab4155cc3eea4d9777e03b9b9280ba398fe4e35475124d927562dd7af4be0e4d26679107ab184436eb66345dabc019fe7de4bfa9d6f3c7988c31842ac3b36e530569cd4b88d5f63a49e600cbf7ce94aab6e2454880d7a5062da54f5ff4512dd5bc7566c6d60ff0b70e167ba4fcb410837748bab42be8c3399fe3c5acf92556fae9291cd5226eebf2274f17117d99e2d79ef88546c753274813136b9fce3d5bcd9179c6aa850491414e7a9815b6415229cfff0b4ac9710febcc801945c97e971428930a15b3e21fad8cb4ac86bf61ce38be3a86a8d989a9a171a837ef6d824f88b8ec3b3e43f2d3e1ba93a7e598e09aeb703aa8b1759750699ee62afc7d0009e5f2f493238d060db5dd6bfb4b2cd05dc4a18f5db706fb912f7b7c0cd27dcadee2f6e227ac9f33848a10a98e02d7d5ca56d72efa14667a80c87e1ad006ed85dcf76fcb3963faafc9cde4f8111cc1acb7ff88ac6caeb3d5826faf25db05444ae5deab6618beb3879ef683bbea094e7c62cf80a694d1c414759d7c4d6ed2bf7c2ae47729b107603ff9ab12eae5e28d5b4cc714bb65004d08e17d4aba23b5cfb4aba4a8e00403d99f8b1802f4d6cde8d7892c178b0b1e5ca6ed07c01f22d2ed79899e8127ee024e06d8f2605f9ea3f80a5f4504776bce4de8094e36ee0c14d90a16c3f27db7136b4d6790f0c5b271c503215c7cfa7f3ee076a365efa5faa98b0da06ff301ba7a8ab20359944b8d4c3ead36883ef76b0b0d3dfbff8165d7bec80535cd01eba11d8ad6f9b602f7e61f19b4bfbfc6a1558242e0f14a7ae20e80f24933b3f875136af5263dcc9f199700646cb52f425dd697b4c820462d0f367943929f6330ee78ab99017d0a5fdac17d95fe7475b39eba9dc1011a04696136eeb75cc9892721ae4fea084b60f3b0ab1aa2d97a98d926d3980b37d875dc9705a995fbae5220e206fde643433b635b762b74546f5286ee3884eb8ea5a8cd5254cb2f16ad45a17e51e11e4d5dfb2e4bb42f870dfcf0d74bdc19eb113078e635fc87c95ef5387e214c8e3d39da308d4e0f79bebbd1b5bc87b48e6682857ab45c5580bf20d0b2d643a4f44381c7e1e087cbb0fadd37705f0e5c73fb8a9dcfe9ad8146cac5b15f2b491d1efd1ceb88b42dec8720863df3f798848aa734786b5e4ad75391694d689bf1ef998526d2abde22c7a7718d34b3fea13698f2458fcca2ca1604006e42b823d571639dc27e0db2184a6359916730f29e957f972a30e8766cad3f3874e16b67db4b59d1558b3aade7640eb471b390b8113614ba7ad0b97bd3b798907fc0ea64028ace47c4f5bd7dfda3c7565deb370e9d80cac368b2e2513e50ba666a231ab8af9cec1c7a753954b75b934781d63dec364025f593dada489d1e63abb1e2642a98533c59e4bc5353cc1889e3161619f3e32199972eb724eab0f3cf3e5a507a95b08b9e1de1aa986f8b1a3e58384ce84de161f19b20899801035aa92a847bc8984d109a8ad47d0e1f785179511a1ac5d687075af6f66b1266b042c591374a3071beabefd80ec5793100bcac66b2c5ba530b30c010388cb251d8dc52b521fd37c5a92bb14af5af2408300654b136f681af8ee08ea189b20f6389d712688f5e791c93bc204680d033d06c7bc6f3e824a81cbd6d8e4ac290061cbc786657f835bc15db7c3b3ae8376fd312d42bf555af13383a9a4f96680b12cca466f769e5c12c15773919cc406302bd12abf6b8eaefe6a9733d6ded367eee9a9b9602f0111afd5f9a763a2e4104de8ae3a7b13d265abb9afe305e74225a98ea6975be75917846fbfad107ecda5a1a7050dc78139dace768ce45671cc39a67eab4464955057dfe669fc2804ee92bb7d3b532e1a72775430464570bbbcb4d63341c002ad8565298f723054494d126f8607629f18162ed06b8263d12725d7979d586817bcd37759c0df80f7451d81a6d3a1d89d72fec924c36222d174be8c588c18976c12a729611daccaddd9b8d02663d501107a8a6835601a11e5354cefc3e7eb7b00d303150b0a9fc56e2a51d7e7e38d463f9f38cbc246d4c647e80cab4da39f926d48a480dd2f8b9ae38020465bd3b1717b088d116b3babae6d043fd38e96f6a51d46baa5647c1e4dd1eb378612cd60e9a4a84b3b1d31e95af20a50efa80a2428c48310e00bece15cc781379efc8869e30cc0c60c876e47cc5a4709fccab58d11b32d246a86596f5ba61d191fcff1f36579dcb2b436a24b6b5c82429b36444f218eea3998b9feb57a0a0e0681ea12f5c95e330fe60468c28ccac634c0601a96435684be1ed82c743b45b041ce5e8f4ffc4e9a41a2fb38d6ff99aa4db702b7094c6b45b9bb52a9956bca7fbc8f6d5012302c7eb35487c98d227a4c406af79267015a23ee2e6f504bd90e6622a482d3f3b6426cff5fbb3cbdacc671b31dfc0471537191be0b471dd890dbf742feecd0a304de81b70d9bd51d93"}, @NCSI_ATTR_IFINDEX={0x8}]}, 0x7ec}, 0x1, 0x0, 0x0, 0x4}, 0x10) r14 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/cpu/0/msr\x00', 0x608800, 0x0) fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r14, 0x2, &(0x7f0000000e80)='\x00', &(0x7f0000000ec0)="dfe1d9681f4d39289cdf4d7d42db22d51e8d46397985070978ab54957aee62892f4aaf0e40928f84e57fca35614fe55169e1ba614d33b01090aa50b1b74b9355c415d20b986bd66866285dc58f5f8c946510caad11e9e84d0ad4b3919ff120886534fe03883c08343d0b3767ddbd0eeb99ee0527873392c3ae1014deb1e4dde3fafae26bc85faff0fef506197152bf9af2b31c00343eba41db3c0a7215e3591f9bbcb5f1e4f35af19edd0ec6705be3cfa93faa0499839b8b0568101686ab192a47a0fb6d3ccd43a41295819c23", 0x80) write$auto_msft_opcode_fops_(r6, &(0x7f0000000fc0)="71d40fc6f5c1228255fc1b7524d48587efeeecd0403094", 0x17) r15 = fsmount$auto(r0, 0x63, 0x1) fsync$auto(r8) write$auto_evm_xattr_ops_evm_secfs(r15, &(0x7f0000001000)="f46b5e3271ff98d4696250fde0b50b94728a3cba5e303a9aa80e434e46415bd133c5a83c98eb30387973b71177c3d2019d90701a1494368bf678dc8ae9fae6e604c0b6e8c631b8da40704e8f435327c2d4d090804524734d835f9922a076770da114f9132e081da5b8786e47ed98e945a586c4a8a088c0ca86424b8bd78f2beb0e2ef9cc42039c4a90d78ba5b3b7de91f59a565f3f9bf512faeb4854802bae", 0x9f) kernel console output (not intermixed with test programs): 30.365417][T15133] hsr_slave_0: entered promiscuous mode [ 630.383305][T15133] hsr_slave_1: entered promiscuous mode [ 630.390943][T15133] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 630.433071][T15133] Cannot create hsr debugfs directory [ 631.393311][ T5840] Bluetooth: hci4: command tx timeout [ 632.003564][T15133] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 632.201110][T15133] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 632.293431][T15133] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 632.373148][T15133] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 633.095565][T15133] 8021q: adding VLAN 0 to HW filter on device bond0 [ 633.183765][T15133] 8021q: adding VLAN 0 to HW filter on device team0 [ 633.268969][T14566] bridge0: port 1(bridge_slave_0) entered blocking state [ 633.277559][T14566] bridge0: port 1(bridge_slave_0) entered forwarding state [ 633.418801][T14566] bridge0: port 2(bridge_slave_1) entered blocking state [ 633.427446][T14566] bridge0: port 2(bridge_slave_1) entered forwarding state [ 633.473104][ T5840] Bluetooth: hci4: command tx timeout [ 634.045992][T15133] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 634.727811][T15133] veth0_vlan: entered promiscuous mode [ 634.814199][T15133] veth1_vlan: entered promiscuous mode [ 634.903645][T15133] veth0_macvtap: entered promiscuous mode [ 634.934825][T15133] veth1_macvtap: entered promiscuous mode [ 634.981005][T15133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 635.060158][T15133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.103145][T15133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 635.143402][T15133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.172938][T15133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 635.212892][T15133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.264583][T15133] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 635.296403][T15133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 635.352977][T15133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.413090][T15133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 635.462939][T15133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.503040][T15133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 635.537570][T15133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 635.563185][ T5840] Bluetooth: hci4: command tx timeout [ 635.572743][T15133] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 635.658221][T15267] netlink: 266 bytes leftover after parsing attributes in process `syz.5.1913'. [ 635.723090][T15267] IPv6: NLM_F_CREATE should be specified when creating new route [ 635.784918][T15133] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.824661][T15133] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.863312][T15133] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.892946][T15133] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.653506][T14351] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.678012][T14351] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 636.779628][T14567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.818000][T14567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 637.412103][T15304] netlink: 130 bytes leftover after parsing attributes in process `syz.6.1884'. [ 642.659474][T15377] FAULT_INJECTION: forcing a failure. [ 642.659474][T15377] name failslab, interval 1, probability 0, space 0, times 0 [ 642.725556][T15377] CPU: 0 UID: 0 PID: 15377 Comm: syz.6.1929 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 642.725602][T15377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 642.725625][T15377] Call Trace: [ 642.725635][T15377] [ 642.725646][T15377] dump_stack_lvl+0x16c/0x1f0 [ 642.725694][T15377] should_fail_ex+0x50a/0x650 [ 642.725757][T15377] ? fs_reclaim_acquire+0xae/0x150 [ 642.725801][T15377] should_failslab+0xc2/0x120 [ 642.725837][T15377] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 642.725884][T15377] ? trace_cap_capable+0x1a2/0x210 [ 642.725917][T15377] ? create_new_namespaces+0x30/0xad0 [ 642.725974][T15377] create_new_namespaces+0x30/0xad0 [ 642.726027][T15377] ? bpf_lsm_capable+0x9/0x10 [ 642.726059][T15377] ? security_capable+0x7e/0x260 [ 642.726099][T15377] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 642.726155][T15377] ksys_unshare+0x45d/0xa40 [ 642.726190][T15377] ? __pfx_ksys_unshare+0x10/0x10 [ 642.726221][T15377] ? xfd_validate_state+0x5d/0x180 [ 642.726280][T15377] __x64_sys_unshare+0x31/0x40 [ 642.726316][T15377] do_syscall_64+0xcd/0x250 [ 642.726362][T15377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.726409][T15377] RIP: 0033:0x7f9e2d18d169 [ 642.726433][T15377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 642.726464][T15377] RSP: 002b:00007f9e2df25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 642.726493][T15377] RAX: ffffffffffffffda RBX: 00007f9e2d3a5fa0 RCX: 00007f9e2d18d169 [ 642.726514][T15377] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 642.726533][T15377] RBP: 00007f9e2d20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 642.726552][T15377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 642.726570][T15377] R13: 0000000000000000 R14: 00007f9e2d3a5fa0 R15: 00007ffd17ce64e8 [ 642.726607][T15377] [ 643.117983][T15377] device-mapper: ioctl: name not supplied when creating device [ 643.280922][T15377] netlink: 'syz.6.1929': attribute type 2 has an invalid length. [ 643.549428][T15384] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1931'. [ 645.101710][T15421] openvswitch: HfR: Dropping previously announced user features [ 645.165040][T15421] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1937'. [ 645.217426][T15421] HfR: left promiscuous mode [ 645.729486][T15422] Process accounting paused [ 648.441938][T15472] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1947'. [ 648.591188][T15470] ovsóãƒõ9Ûõ: entered promiscuous mode [ 648.636243][T15472] mac80211_hwsim hwsim23 wlan1: entered promiscuous mode [ 651.270173][T15546] FAULT_INJECTION: forcing a failure. [ 651.270173][T15546] name failslab, interval 1, probability 0, space 0, times 0 [ 651.299733][T15546] CPU: 1 UID: 0 PID: 15546 Comm: syz.5.1964 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 651.299786][T15546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 651.299806][T15546] Call Trace: [ 651.299815][T15546] [ 651.299828][T15546] dump_stack_lvl+0x16c/0x1f0 [ 651.299879][T15546] should_fail_ex+0x50a/0x650 [ 651.299932][T15546] ? fs_reclaim_acquire+0xae/0x150 [ 651.299977][T15546] ? __register_sysctl_table+0xb4/0x1910 [ 651.300030][T15546] should_failslab+0xc2/0x120 [ 651.300063][T15546] __kmalloc_noprof+0xcb/0x510 [ 651.300124][T15546] __register_sysctl_table+0xb4/0x1910 [ 651.300181][T15546] ? rcu_is_watching+0x12/0xc0 [ 651.300220][T15546] ? __pfx___register_sysctl_table+0x10/0x10 [ 651.300273][T15546] ? is_module_address+0x2a/0x50 [ 651.300320][T15546] ? register_net_sysctl_sz+0x228/0x3e0 [ 651.300366][T15546] ? __asan_memcpy+0x3c/0x60 [ 651.300409][T15546] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 651.300455][T15546] nf_lwtunnel_net_init+0x60/0xf0 [ 651.300498][T15546] ops_init+0x1df/0x5f0 [ 651.300555][T15546] setup_net+0x21f/0x860 [ 651.300610][T15546] ? __pfx_setup_net+0x10/0x10 [ 651.300659][T15546] ? down_read_killable+0xcc/0x380 [ 651.300711][T15546] ? __pfx_down_read_killable+0x10/0x10 [ 651.300766][T15546] ? __raw_spin_lock_init+0x3a/0x110 [ 651.300802][T15546] ? debug_mutex_init+0x37/0x70 [ 651.300841][T15546] copy_net_ns+0x2a6/0x5f0 [ 651.300891][T15546] create_new_namespaces+0x3ea/0xad0 [ 651.300972][T15546] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 651.301031][T15546] ksys_unshare+0x45d/0xa40 [ 651.301066][T15546] ? __pfx_ksys_unshare+0x10/0x10 [ 651.301098][T15546] ? xfd_validate_state+0x5d/0x180 [ 651.301158][T15546] __x64_sys_unshare+0x31/0x40 [ 651.301192][T15546] do_syscall_64+0xcd/0x250 [ 651.301240][T15546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.301285][T15546] RIP: 0033:0x7f023298d169 [ 651.301310][T15546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.301343][T15546] RSP: 002b:00007f023388d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 651.301374][T15546] RAX: ffffffffffffffda RBX: 00007f0232ba5fa0 RCX: 00007f023298d169 [ 651.301396][T15546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 651.301416][T15546] RBP: 00007f0232a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 651.301434][T15546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.301453][T15546] R13: 0000000000000000 R14: 00007f0232ba5fa0 R15: 00007fffdc35ab78 [ 651.301493][T15546] [ 653.290897][T15593] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 653.332249][T15593] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 653.833002][T15608] FAULT_INJECTION: forcing a failure. [ 653.833002][T15608] name failslab, interval 1, probability 0, space 0, times 0 [ 653.929858][T15608] CPU: 1 UID: 0 PID: 15608 Comm: syz.5.1978 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 653.929902][T15608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 653.929922][T15608] Call Trace: [ 653.929931][T15608] [ 653.929943][T15608] dump_stack_lvl+0x16c/0x1f0 [ 653.929994][T15608] should_fail_ex+0x50a/0x650 [ 653.930048][T15608] ? fs_reclaim_acquire+0xae/0x150 [ 653.930094][T15608] should_failslab+0xc2/0x120 [ 653.930127][T15608] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 653.930179][T15608] ? alloc_empty_file+0x73/0x1e0 [ 653.930219][T15608] alloc_empty_file+0x73/0x1e0 [ 653.930257][T15608] path_openat+0xe1/0x2d80 [ 653.930303][T15608] ? hlock_class+0x4e/0x130 [ 653.930336][T15608] ? __lock_acquire+0x15a9/0x3c40 [ 653.930395][T15608] ? __pfx_path_openat+0x10/0x10 [ 653.930452][T15608] ? __pfx___lock_acquire+0x10/0x10 [ 653.930499][T15608] ? lock_acquire.part.0+0x11b/0x380 [ 653.930547][T15608] ? find_held_lock+0x2d/0x110 [ 653.930587][T15608] do_filp_open+0x20c/0x470 [ 653.930636][T15608] ? __pfx_do_filp_open+0x10/0x10 [ 653.930683][T15608] ? find_held_lock+0x2d/0x110 [ 653.930744][T15608] ? alloc_fd+0x41f/0x760 [ 653.930802][T15608] do_sys_openat2+0x17a/0x1e0 [ 653.930837][T15608] ? __pfx_do_sys_openat2+0x10/0x10 [ 653.930887][T15608] __x64_sys_openat+0x175/0x210 [ 653.930924][T15608] ? __pfx___x64_sys_openat+0x10/0x10 [ 653.930976][T15608] do_syscall_64+0xcd/0x250 [ 653.931024][T15608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.931071][T15608] RIP: 0033:0x7f023298d169 [ 653.931095][T15608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.931128][T15608] RSP: 002b:00007f023388d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 653.931160][T15608] RAX: ffffffffffffffda RBX: 00007f0232ba5fa0 RCX: 00007f023298d169 [ 653.931181][T15608] RDX: 0000000000000400 RSI: 0000400000000080 RDI: ffffffffffffff9c [ 653.931202][T15608] RBP: 00007f0232a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 653.931223][T15608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 653.931241][T15608] R13: 0000000000000000 R14: 00007f0232ba5fa0 R15: 00007fffdc35ab78 [ 653.931279][T15608] [ 654.354159][T15612] could not allocate digest TFM handle binfmt_misc [ 654.371716][T15610] page: refcount:2 mapcount:1 mapping:0000000000000000 index:0x7200 pfn:0x78200 [ 654.383159][T15610] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 654.391761][T15610] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 654.402263][T15610] raw: 0000000000007200 0000000000000000 0000000200000000 0000000000000000 [ 654.412731][T15610] page dumped because: unmovable page [ 654.419425][T15610] page_owner tracks the page as allocated [ 654.427350][T15610] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 15113, tgid 15113 (syz-executor), ts 626803781867, free_ts 608713507513 [ 654.451238][T15610] post_alloc_hook+0x181/0x1b0 [ 654.457367][T15610] get_page_from_freelist+0xfce/0x2f80 [ 654.464105][T15610] __alloc_frozen_pages_noprof+0x221/0x2470 [ 654.471280][T15610] alloc_pages_mpol+0x1fc/0x540 [ 654.479735][T15610] alloc_pages_noprof+0x131/0x390 [ 654.487354][T15610] __vmalloc_node_range_noprof+0x721/0x1530 [ 654.494747][T15610] vmalloc_user_noprof+0x6b/0x90 [ 654.500860][T15610] kcov_ioctl+0x4c/0x730 [ 654.506268][T15610] __x64_sys_ioctl+0x190/0x200 [ 654.512101][T15610] do_syscall_64+0xcd/0x250 [ 654.517707][T15610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.525103][T15610] page last free pid 5880 tgid 5880 stack trace: [ 654.538770][T15610] free_frozen_pages+0x6db/0xfb0 [ 654.544883][T15610] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 654.552004][T15610] __apply_to_page_range+0x5fd/0xd30 [ 654.558768][T15610] kasan_release_vmalloc+0xd1/0xe0 [ 654.572901][T15610] purge_vmap_node+0x1d1/0xa40 [ 654.583036][T15610] __purge_vmap_area_lazy+0x9bf/0xc10 [ 654.595136][T15610] drain_vmap_area_work+0x27/0x40 [ 654.632904][T15610] process_one_work+0x9c5/0x1ba0 [ 654.638990][T15610] worker_thread+0x6c8/0xf00 [ 654.652913][T15610] kthread+0x3af/0x750 [ 654.662889][T15610] ret_from_fork+0x45/0x80 [ 654.682939][T15610] ret_from_fork_asm+0x1a/0x30 [ 656.227725][T15654] ima: policy update failed [ 656.291847][ T29] audit: type=1802 audit(4294976324.578:24): pid=15654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1991" res=0 errno=0 [ 657.509647][T15700] netlink: 'syz.5.1999': attribute type 2 has an invalid length. [ 657.582991][T15702] netlink: 'syz.5.1999': attribute type 2 has an invalid length. [ 658.652670][T15712] Process accounting paused [ 659.098301][T15738] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2008'. [ 659.132952][T15738] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2008'. [ 659.190338][T15741] netlink: 210 bytes leftover after parsing attributes in process `syz.5.2008'. [ 659.401781][T15740] netlink: 186 bytes leftover after parsing attributes in process `syz.6.2009'. [ 660.561468][T15789] ptrace attach of "./syz-executor exec"[5837] was attempted by ""[15789] [ 662.751476][T15835] FAULT_INJECTION: forcing a failure. [ 662.751476][T15835] name fail_futex, interval 1, probability 0, space 0, times 0 [ 662.893281][T15835] CPU: 0 UID: 0 PID: 15835 Comm: syz.5.2029 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 662.893325][T15835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 662.893344][T15835] Call Trace: [ 662.893353][T15835] [ 662.893366][T15835] dump_stack_lvl+0x16c/0x1f0 [ 662.893414][T15835] should_fail_ex+0x50a/0x650 [ 662.893469][T15835] get_futex_key+0x4a3/0x1000 [ 662.893520][T15835] ? __pfx_get_futex_key+0x10/0x10 [ 662.893558][T15835] ? pick_eevdf+0x2f6/0x6b0 [ 662.893606][T15835] ? update_curr_se+0x8b/0x220 [ 662.893657][T15835] ? find_held_lock+0x2d/0x110 [ 662.893695][T15835] futex_wait_setup+0x78/0x290 [ 662.893751][T15835] __futex_wait+0x267/0x3c0 [ 662.893800][T15835] ? __pfx___futex_wait+0x10/0x10 [ 662.893848][T15835] ? try_to_wake_up+0x158/0x1490 [ 662.893894][T15835] ? __pfx_futex_wake_mark+0x10/0x10 [ 662.893956][T15835] futex_wait+0xe9/0x380 [ 662.894001][T15835] ? __pfx_futex_wait+0x10/0x10 [ 662.894057][T15835] ? lock_acquire+0x2f/0xb0 [ 662.894100][T15835] ? __fget_files+0x40/0x3a0 [ 662.894153][T15835] do_futex+0x22b/0x350 [ 662.894212][T15835] ? __pfx_do_futex+0x10/0x10 [ 662.894270][T15835] ? map_id_up+0x290/0x370 [ 662.894327][T15835] __x64_sys_futex+0x1e1/0x4c0 [ 662.894372][T15835] ? __pfx___x64_sys_futex+0x10/0x10 [ 662.894411][T15835] ? from_kgid_munged+0xa7/0x130 [ 662.894442][T15835] ? __pfx_from_kgid_munged+0x10/0x10 [ 662.894490][T15835] do_syscall_64+0xcd/0x250 [ 662.894540][T15835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.894585][T15835] RIP: 0033:0x7f023298d169 [ 662.894611][T15835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.894642][T15835] RSP: 002b:00007f023388d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 662.894673][T15835] RAX: ffffffffffffffda RBX: 00007f0232ba5fa8 RCX: 00007f023298d169 [ 662.894694][T15835] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0232ba5fa8 [ 662.894713][T15835] RBP: 00007f0232ba5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 662.894733][T15835] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0232ba5fac [ 662.894752][T15835] R13: 0000000000000000 R14: 00007fffdc35aa90 R15: 00007fffdc35ab78 [ 662.894790][T15835] [ 664.375987][T15860] FAULT_INJECTION: forcing a failure. [ 664.375987][T15860] name failslab, interval 1, probability 0, space 0, times 0 [ 664.458329][T15860] CPU: 1 UID: 0 PID: 15860 Comm: syz.2.2035 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 664.458367][T15860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 664.458384][T15860] Call Trace: [ 664.458393][T15860] [ 664.458403][T15860] dump_stack_lvl+0x16c/0x1f0 [ 664.458444][T15860] should_fail_ex+0x50a/0x650 [ 664.458489][T15860] ? fs_reclaim_acquire+0xae/0x150 [ 664.458530][T15860] should_failslab+0xc2/0x120 [ 664.458557][T15860] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 664.458601][T15860] ? alloc_vfsmnt+0x23/0x6f0 [ 664.458631][T15860] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 664.458677][T15860] alloc_vfsmnt+0x23/0x6f0 [ 664.458709][T15860] clone_mnt+0x6d/0xf90 [ 664.458741][T15860] ? lock_acquire+0x2f/0xb0 [ 664.458779][T15860] ? copy_mnt_ns+0x14d/0xa70 [ 664.458809][T15860] copy_tree+0xeb/0x9c0 [ 664.458848][T15860] ? __pfx_down_write+0x10/0x10 [ 664.458892][T15860] ? alloc_mnt_ns+0x325/0x520 [ 664.458929][T15860] copy_mnt_ns+0x1b5/0xa70 [ 664.458954][T15860] ? kmem_cache_alloc_noprof+0x279/0x3d0 [ 664.458999][T15860] ? create_new_namespaces+0x30/0xad0 [ 664.459181][T15860] create_new_namespaces+0xd3/0xad0 [ 664.459239][T15860] ? bpf_lsm_capable+0x9/0x10 [ 664.459273][T15860] ? security_capable+0x7e/0x260 [ 664.459310][T15860] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 664.459370][T15860] ksys_unshare+0x45d/0xa40 [ 664.459404][T15860] ? __pfx_ksys_unshare+0x10/0x10 [ 664.459436][T15860] ? xfd_validate_state+0x5d/0x180 [ 664.459494][T15860] __x64_sys_unshare+0x31/0x40 [ 664.459527][T15860] do_syscall_64+0xcd/0x250 [ 664.459575][T15860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.459640][T15860] RIP: 0033:0x7f3733f8d169 [ 664.459666][T15860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 664.459698][T15860] RSP: 002b:00007f3734d6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 664.459728][T15860] RAX: ffffffffffffffda RBX: 00007f37341a5fa0 RCX: 00007f3733f8d169 [ 664.459749][T15860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 664.459767][T15860] RBP: 00007f373400e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 664.459786][T15860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 664.459804][T15860] R13: 0000000000000000 R14: 00007f37341a5fa0 R15: 00007fffc58218c8 [ 664.459844][T15860] [ 666.285506][T15900] netlink: 346 bytes leftover after parsing attributes in process `syz.4.2045'. [ 670.349158][ T29] audit: type=1800 audit(4294976338.658:25): pid=15957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2055" name="lu_gp_id" dev="configfs" ino=54056 res=0 errno=0 [ 670.373596][ C1] vkms_vblank_simulate: vblank timer overrun [ 673.978688][T15988] mkiss: ax0: crc mode is auto. [ 674.395701][T16000] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7200 pfn:0x78200 [ 674.476109][T16000] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff) [ 674.528586][T16000] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000 [ 674.568210][T16000] raw: 0000000000007200 0000000000000000 00000001ffffffff 0000000000000000 [ 674.668399][T16000] page dumped because: unmovable page [ 674.726197][T16000] page_owner tracks the page as allocated [ 674.804891][T16003] could not allocate digest TFM handle binfmt_misc [ 674.812220][T16000] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 15113, tgid 15113 (syz-executor), ts 626803781867, free_ts 608713507513 [ 674.836226][ C1] vkms_vblank_simulate: vblank timer overrun [ 675.261512][T16000] post_alloc_hook+0x181/0x1b0 [ 675.383417][T16000] get_page_from_freelist+0xfce/0x2f80 [ 675.562924][T16000] __alloc_frozen_pages_noprof+0x221/0x2470 [ 675.570107][T16000] alloc_pages_mpol+0x1fc/0x540 [ 675.645142][T16000] alloc_pages_noprof+0x131/0x390 [ 675.651545][T16000] __vmalloc_node_range_noprof+0x721/0x1530 [ 675.753094][T16000] vmalloc_user_noprof+0x6b/0x90 [ 675.759413][T16000] kcov_ioctl+0x4c/0x730 [ 675.764793][T16000] __x64_sys_ioctl+0x190/0x200 [ 675.770583][T16000] do_syscall_64+0xcd/0x250 [ 675.776187][T16000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.783759][T16000] page last free pid 5880 tgid 5880 stack trace: [ 675.791495][T16000] free_frozen_pages+0x6db/0xfb0 [ 675.797552][T16000] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 675.804689][T16000] __apply_to_page_range+0x5fd/0xd30 [ 675.811092][T16000] kasan_release_vmalloc+0xd1/0xe0 [ 675.817472][T16000] purge_vmap_node+0x1d1/0xa40 [ 675.823418][T16000] __purge_vmap_area_lazy+0x9bf/0xc10 [ 675.830041][T16000] drain_vmap_area_work+0x27/0x40 [ 675.836237][T16000] process_one_work+0x9c5/0x1ba0 [ 675.842322][T16000] worker_thread+0x6c8/0xf00 [ 675.848770][T16000] kthread+0x3af/0x750 [ 675.853869][T16000] ret_from_fork+0x45/0x80 [ 675.859539][T16000] ret_from_fork_asm+0x1a/0x30 [ 675.942907][T16013] Process accounting resumed [ 676.760743][T16034] FAULT_INJECTION: forcing a failure. [ 676.760743][T16034] name failslab, interval 1, probability 0, space 0, times 0 [ 676.851680][T16034] CPU: 1 UID: 0 PID: 16034 Comm: syz.2.2068 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 676.851724][T16034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 676.851741][T16034] Call Trace: [ 676.851751][T16034] [ 676.851762][T16034] dump_stack_lvl+0x16c/0x1f0 [ 676.851809][T16034] should_fail_ex+0x50a/0x650 [ 676.851857][T16034] ? fs_reclaim_acquire+0xae/0x150 [ 676.851905][T16034] should_failslab+0xc2/0x120 [ 676.851933][T16034] __kmalloc_node_noprof+0xd1/0x510 [ 676.851982][T16034] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 676.852024][T16034] ? lockdep_init_map_type+0x16d/0x7d0 [ 676.852072][T16034] __kvmalloc_node_noprof+0xad/0x1a0 [ 676.852116][T16034] bucket_table_alloc.isra.0+0x86/0x460 [ 676.852168][T16034] rhashtable_init_noprof+0x41a/0x7e0 [ 676.852240][T16034] ioam6_net_init+0xb1/0x170 [ 676.852290][T16034] ? __pfx_ioam6_net_init+0x10/0x10 [ 676.852323][T16034] ops_init+0x1df/0x5f0 [ 676.852373][T16034] setup_net+0x21f/0x860 [ 676.852422][T16034] ? __pfx_setup_net+0x10/0x10 [ 676.852467][T16034] ? down_read_killable+0xcc/0x380 [ 676.852511][T16034] ? __pfx_down_read_killable+0x10/0x10 [ 676.852554][T16034] ? __raw_spin_lock_init+0x3a/0x110 [ 676.852585][T16034] ? debug_mutex_init+0x37/0x70 [ 676.852630][T16034] copy_net_ns+0x2a6/0x5f0 [ 676.852683][T16034] create_new_namespaces+0x3ea/0xad0 [ 676.852752][T16034] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 676.852810][T16034] ksys_unshare+0x45d/0xa40 [ 676.852845][T16034] ? __pfx_ksys_unshare+0x10/0x10 [ 676.852884][T16034] ? xfd_validate_state+0x5d/0x180 [ 676.852934][T16034] ? syscall_user_dispatch+0x7a/0x130 [ 676.852996][T16034] __x64_sys_unshare+0x31/0x40 [ 676.853030][T16034] do_syscall_64+0xcd/0x250 [ 676.853070][T16034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 676.853107][T16034] RIP: 0033:0x7f3733f8d169 [ 676.853127][T16034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 676.853153][T16034] RSP: 002b:00007f3734d6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 676.853178][T16034] RAX: ffffffffffffffda RBX: 00007f37341a5fa0 RCX: 00007f3733f8d169 [ 676.853195][T16034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 676.853211][T16034] RBP: 00007f373400e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 676.853226][T16034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 676.853242][T16034] R13: 0000000000000000 R14: 00007f37341a5fa0 R15: 00007fffc58218c8 [ 676.853274][T16034] [ 678.949558][T16052] could not allocate digest TFM handle [ 679.024345][T16050] could not allocate digest TFM handle [ 681.211282][T16109] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7200 pfn:0x78200 [ 681.262966][T16109] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff) [ 681.423317][T16109] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000 [ 681.492950][T16109] raw: 0000000000007200 0000000000000000 00000001ffffffff 0000000000000000 [ 681.523029][T16109] page dumped because: unmovable page [ 681.560022][T16109] page_owner tracks the page as allocated [ 681.662851][T16109] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 15113, tgid 15113 (syz-executor), ts 626803781867, free_ts 608713507513 [ 681.889558][T16109] post_alloc_hook+0x181/0x1b0 [ 681.972873][T16109] get_page_from_freelist+0xfce/0x2f80 [ 682.006300][T16109] __alloc_frozen_pages_noprof+0x221/0x2470 [ 682.021566][T16113] could not allocate digest TFM handle binfmt_misc [ 682.069784][T16109] alloc_pages_mpol+0x1fc/0x540 [ 682.101682][T16109] alloc_pages_noprof+0x131/0x390 [ 682.151403][T16109] __vmalloc_node_range_noprof+0x721/0x1530 [ 682.198257][T16109] vmalloc_user_noprof+0x6b/0x90 [ 682.228385][T16109] kcov_ioctl+0x4c/0x730 [ 682.245522][T16109] __x64_sys_ioctl+0x190/0x200 [ 682.251331][T16109] do_syscall_64+0xcd/0x250 [ 682.277410][T16109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.308292][T16109] page last free pid 5880 tgid 5880 stack trace: [ 682.328910][T16109] free_frozen_pages+0x6db/0xfb0 [ 682.338093][T16109] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 682.369495][T16109] __apply_to_page_range+0x5fd/0xd30 [ 682.398903][T16109] kasan_release_vmalloc+0xd1/0xe0 [ 682.416349][T16109] purge_vmap_node+0x1d1/0xa40 [ 682.436615][T16109] __purge_vmap_area_lazy+0x9bf/0xc10 [ 682.456868][T16109] drain_vmap_area_work+0x27/0x40 [ 682.482935][T16109] process_one_work+0x9c5/0x1ba0 [ 682.513019][T16109] worker_thread+0x6c8/0xf00 [ 682.518635][T16109] kthread+0x3af/0x750 [ 682.542911][T16109] ret_from_fork+0x45/0x80 [ 682.568678][T16109] ret_from_fork_asm+0x1a/0x30 [ 683.887585][T16141] netlink: 'syz.5.2088': attribute type 16 has an invalid length. [ 683.945081][T16141] netlink: 322 bytes leftover after parsing attributes in process `syz.5.2088'. [ 684.421323][T16144] sp0: Synchronizing with TNC [ 685.901286][T16169] FAULT_INJECTION: forcing a failure. [ 685.901286][T16169] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 685.925341][T16169] CPU: 0 UID: 0 PID: 16169 Comm: syz.6.2094 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 685.925384][T16169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 685.925403][T16169] Call Trace: [ 685.925413][T16169] [ 685.925425][T16169] dump_stack_lvl+0x16c/0x1f0 [ 685.925476][T16169] should_fail_ex+0x50a/0x650 [ 685.925528][T16169] ? __pfx___might_resched+0x10/0x10 [ 685.925584][T16169] should_fail_alloc_page+0xe7/0x130 [ 685.925621][T16169] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 685.925674][T16169] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 685.925733][T16169] ? __pfx_mark_lock+0x10/0x10 [ 685.925779][T16169] ? lock_acquire.part.0+0x11b/0x380 [ 685.925830][T16169] ? hlock_class+0x4e/0x130 [ 685.925872][T16169] ? __lock_acquire+0x15a9/0x3c40 [ 685.925919][T16169] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 685.925977][T16169] ? mark_lock+0xb5/0xc60 [ 685.926041][T16169] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 685.926098][T16169] ? policy_nodemask+0xea/0x4e0 [ 685.926132][T16169] alloc_pages_mpol+0x1fc/0x540 [ 685.926165][T16169] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 685.926198][T16169] ? find_held_lock+0x2d/0x110 [ 685.926242][T16169] folio_alloc_mpol_noprof+0x36/0x2f0 [ 685.926283][T16169] shmem_alloc_folio+0x135/0x160 [ 685.926339][T16169] shmem_alloc_and_add_folio+0x48e/0xc10 [ 685.926384][T16169] ? shmem_huge_global_enabled+0x72/0x6b0 [ 685.926420][T16169] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 685.926464][T16169] ? shmem_allowable_huge_orders+0xd0/0x410 [ 685.926513][T16169] shmem_get_folio_gfp+0x689/0x1530 [ 685.926560][T16169] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 685.926600][T16169] ? find_held_lock+0x2d/0x110 [ 685.926644][T16169] shmem_write_begin+0x161/0x300 [ 685.926686][T16169] ? __pfx_shmem_write_begin+0x10/0x10 [ 685.926726][T16169] ? timestamp_truncate+0x21f/0x2e0 [ 685.926780][T16169] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 685.926846][T16169] generic_perform_write+0x2ba/0x920 [ 685.926904][T16169] ? __pfx_generic_perform_write+0x10/0x10 [ 685.926945][T16169] ? inode_needs_update_time.part.0+0x191/0x270 [ 685.927012][T16169] shmem_file_write_iter+0x10e/0x140 [ 685.927061][T16169] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 685.927106][T16169] __kernel_write_iter+0x318/0xa90 [ 685.927157][T16169] ? __pfx___kernel_write_iter+0x10/0x10 [ 685.927203][T16169] ? get_dump_page+0x15b/0x230 [ 685.927259][T16169] ? __pfx___might_resched+0x10/0x10 [ 685.927320][T16169] dump_user_range+0x389/0x8c0 [ 685.927369][T16169] ? __pfx_dump_user_range+0x10/0x10 [ 685.927413][T16169] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 685.927470][T16169] ? __pfx_writenote+0x10/0x10 [ 685.927525][T16169] elf_core_dump+0x287c/0x3a50 [ 685.927600][T16169] ? __pfx_elf_core_dump+0x10/0x10 [ 685.927640][T16169] ? kasan_save_stack+0x33/0x60 [ 685.927685][T16169] ? __kasan_kmalloc+0xaa/0xb0 [ 685.927729][T16169] ? __kmalloc_node_noprof+0x21f/0x510 [ 685.927778][T16169] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 685.927822][T16169] ? get_signal+0x230b/0x26c0 [ 685.927875][T16169] ? arch_do_signal_or_restart+0x90/0x7e0 [ 685.927909][T16169] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 685.928009][T16169] ? rcu_is_watching+0x12/0xc0 [ 685.928044][T16169] ? trace_lock_acquire+0x14e/0x1f0 [ 685.928079][T16169] ? __pfx_sort+0x10/0x10 [ 685.928109][T16169] ? get_signal+0x230b/0x26c0 [ 685.928166][T16169] ? do_coredump+0x3134/0x4400 [ 685.928201][T16169] do_coredump+0x3134/0x4400 [ 685.928252][T16169] ? __pfx_do_coredump+0x10/0x10 [ 685.928292][T16169] ? stack_trace_save+0x95/0xd0 [ 685.928326][T16169] ? __pfx_stack_trace_save+0x10/0x10 [ 685.928359][T16169] ? hlock_class+0x4e/0x130 [ 685.928392][T16169] ? stack_depot_save_flags+0x28/0x9c0 [ 685.928456][T16169] ? kmem_cache_free+0x2e2/0x4d0 [ 685.928500][T16169] ? __sigqueue_free+0xba/0x2a0 [ 685.928532][T16169] ? get_signal+0xcbc/0x26c0 [ 685.928578][T16169] ? arch_do_signal_or_restart+0x90/0x7e0 [ 685.928612][T16169] ? syscall_exit_to_user_mode+0x150/0x2a0 [ 685.928698][T16169] ? find_held_lock+0x2d/0x110 [ 685.928738][T16169] ? proc_coredump_connector+0x2d2/0x4f0 [ 685.928790][T16169] ? __pfx_proc_coredump_connector+0x10/0x10 [ 685.928864][T16169] get_signal+0x230b/0x26c0 [ 685.928924][T16169] ? lockdep_hardirqs_on+0x7c/0x110 [ 685.928967][T16169] ? __pfx_get_signal+0x10/0x10 [ 685.929028][T16169] arch_do_signal_or_restart+0x90/0x7e0 [ 685.929066][T16169] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 685.929127][T16169] syscall_exit_to_user_mode+0x150/0x2a0 [ 685.929173][T16169] do_syscall_64+0xda/0x250 [ 685.929219][T16169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.929263][T16169] RIP: 0033:0x7f9e2d18d169 [ 685.929287][T16169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.929318][T16169] RSP: 002b:00007f9e2df250e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 685.929347][T16169] RAX: ffffffffffffffda RBX: 00007f9e2d3a5fa8 RCX: 00007f9e2d18d169 [ 685.929368][T16169] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9e2d3a5fac [ 685.929388][T16169] RBP: 00007f9e2d3a5fa0 R08: 00007f9e2df26000 R09: 0000000000000000 [ 685.929407][T16169] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e2d3a5fac [ 685.929424][T16169] R13: 0000000000000000 R14: 00007ffd17ce6400 R15: 00007ffd17ce64e8 [ 685.929462][T16169] [ 687.057132][T16182] FAULT_INJECTION: forcing a failure. [ 687.057132][T16182] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 687.106900][T16182] CPU: 0 UID: 0 PID: 16182 Comm: syz.4.2098 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 687.106935][T16182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 687.106952][T16182] Call Trace: [ 687.106960][T16182] [ 687.106970][T16182] dump_stack_lvl+0x16c/0x1f0 [ 687.107013][T16182] should_fail_ex+0x50a/0x650 [ 687.107064][T16182] strncpy_from_user+0x3b/0x2d0 [ 687.107119][T16182] getname_flags.part.0+0x8f/0x550 [ 687.107154][T16182] getname+0x8d/0xe0 [ 687.107190][T16182] do_sys_openat2+0x104/0x1e0 [ 687.107219][T16182] ? __pfx_do_sys_openat2+0x10/0x10 [ 687.107259][T16182] __x64_sys_openat+0x175/0x210 [ 687.107289][T16182] ? __pfx___x64_sys_openat+0x10/0x10 [ 687.107331][T16182] do_syscall_64+0xcd/0x250 [ 687.107370][T16182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.107409][T16182] RIP: 0033:0x7fbd7fb8d169 [ 687.107429][T16182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.107454][T16182] RSP: 002b:00007fbd809a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 687.107484][T16182] RAX: ffffffffffffffda RBX: 00007fbd7fda5fa0 RCX: 00007fbd7fb8d169 [ 687.107502][T16182] RDX: 00000000000c0000 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 687.107519][T16182] RBP: 00007fbd7fc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 687.107535][T16182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 687.107551][T16182] R13: 0000000000000000 R14: 00007fbd7fda5fa0 R15: 00007ffd897ff208 [ 687.107583][T16182] [ 687.817081][T16204] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7200 pfn:0x78200 [ 687.858586][T16204] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff) [ 687.909489][ T29] audit: type=1326 audit(4294976380.215:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16200 comm="syz.4.2112" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbd7fb8d169 code=0x0 [ 688.010862][T16204] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000 [ 688.154774][T16204] raw: 0000000000007200 0000000000000000 00000001ffffffff 0000000000000000 [ 688.242632][T16208] could not allocate digest TFM handle binfmt_misc [ 688.263099][T16204] page dumped because: unmovable page [ 688.340212][T16204] page_owner tracks the page as allocated [ 688.377153][T16204] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 15113, tgid 15113 (syz-executor), ts 626803781867, free_ts 608713507513 [ 688.665884][T16204] post_alloc_hook+0x181/0x1b0 [ 688.671800][T16204] get_page_from_freelist+0xfce/0x2f80 [ 688.754691][T16189] Process accounting resumed [ 688.822944][T16204] __alloc_frozen_pages_noprof+0x221/0x2470 [ 688.830339][T16204] alloc_pages_mpol+0x1fc/0x540 [ 688.942852][T16204] alloc_pages_noprof+0x131/0x390 [ 688.948986][T16204] __vmalloc_node_range_noprof+0x721/0x1530 [ 689.062863][T16204] vmalloc_user_noprof+0x6b/0x90 [ 689.134265][T16204] kcov_ioctl+0x4c/0x730 [ 689.233829][T16204] __x64_sys_ioctl+0x190/0x200 [ 689.239896][T16204] do_syscall_64+0xcd/0x250 [ 689.327242][T16204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.402866][T16204] page last free pid 5880 tgid 5880 stack trace: [ 689.462928][T16204] free_frozen_pages+0x6db/0xfb0 [ 689.478224][T16204] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 689.536002][T16204] __apply_to_page_range+0x5fd/0xd30 [ 689.542598][T16204] kasan_release_vmalloc+0xd1/0xe0 [ 689.682843][T16204] purge_vmap_node+0x1d1/0xa40 [ 689.688624][T16204] __purge_vmap_area_lazy+0x9bf/0xc10 [ 689.813776][T16204] drain_vmap_area_work+0x27/0x40 [ 689.859191][T16204] process_one_work+0x9c5/0x1ba0 [ 689.890792][T16204] worker_thread+0x6c8/0xf00 [ 690.254418][T16204] kthread+0x3af/0x750 [ 690.282874][T16204] ret_from_fork+0x45/0x80 [ 690.322948][T16204] ret_from_fork_asm+0x1a/0x30 [ 691.067834][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.075592][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 695.601661][T16317] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7200 pfn:0x78200 [ 695.746225][T16317] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff) [ 695.858485][T16317] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000 [ 695.905468][T16317] raw: 0000000000007200 0000000000000000 00000001ffffffff 0000000000000000 [ 696.014324][T16317] page dumped because: unmovable page [ 696.055280][T16317] page_owner tracks the page as allocated [ 696.187101][T16317] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 15113, tgid 15113 (syz-executor), ts 626803781867, free_ts 608713507513 [ 696.332948][T16320] could not allocate digest TFM handle binfmt_misc [ 696.371832][T16317] post_alloc_hook+0x181/0x1b0 [ 696.428901][T16317] get_page_from_freelist+0xfce/0x2f80 [ 696.452872][T16317] __alloc_frozen_pages_noprof+0x221/0x2470 [ 696.492872][T16317] alloc_pages_mpol+0x1fc/0x540 [ 696.498757][T16317] alloc_pages_noprof+0x131/0x390 [ 696.608135][T16317] __vmalloc_node_range_noprof+0x721/0x1530 [ 696.652821][T16317] vmalloc_user_noprof+0x6b/0x90 [ 696.725304][T16317] kcov_ioctl+0x4c/0x730 [ 696.730484][T16317] __x64_sys_ioctl+0x190/0x200 [ 696.819224][T16317] do_syscall_64+0xcd/0x250 [ 696.909136][T16317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.162978][T16317] page last free pid 5880 tgid 5880 stack trace: [ 697.185401][T16317] free_frozen_pages+0x6db/0xfb0 [ 697.209475][T16317] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 697.246455][T16317] __apply_to_page_range+0x5fd/0xd30 [ 697.301369][T16317] kasan_release_vmalloc+0xd1/0xe0 [ 697.384044][T16317] purge_vmap_node+0x1d1/0xa40 [ 697.462147][T16317] __purge_vmap_area_lazy+0x9bf/0xc10 [ 697.591952][T16317] drain_vmap_area_work+0x27/0x40 [ 697.641516][T16317] process_one_work+0x9c5/0x1ba0 [ 697.674394][T16317] worker_thread+0x6c8/0xf00 [ 697.679988][T16317] kthread+0x3af/0x750 [ 697.837719][T16317] ret_from_fork+0x45/0x80 [ 697.895524][T16317] ret_from_fork_asm+0x1a/0x30 [ 700.710807][T15136] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 700.764272][T15136] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 700.790572][T15136] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 700.826041][T15136] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 700.868690][T15136] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 700.878619][T15136] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 701.691748][ T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 701.973175][ T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.175911][ T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.219140][T16407] chnl_net:caif_netlink_parms(): no params data found [ 702.286768][T16423] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 702.419948][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.813002][T16423] FAULT_INJECTION: forcing a failure. [ 702.813002][T16423] name failslab, interval 1, probability 0, space 0, times 0 [ 702.847276][T16407] bridge0: port 1(bridge_slave_0) entered blocking state [ 702.856945][T16407] bridge0: port 1(bridge_slave_0) entered disabled state [ 702.865775][T16407] bridge_slave_0: entered allmulticast mode [ 702.874357][T16407] bridge_slave_0: entered promiscuous mode [ 702.902969][ T5840] Bluetooth: hci3: command tx timeout [ 702.921565][T16423] CPU: 1 UID: 0 PID: 16423 Comm: syz.4.2145 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 702.921604][T16423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 702.921625][T16423] Call Trace: [ 702.921634][T16423] [ 702.921645][T16423] dump_stack_lvl+0x16c/0x1f0 [ 702.921690][T16423] should_fail_ex+0x50a/0x650 [ 702.921742][T16423] ? fs_reclaim_acquire+0xae/0x150 [ 702.921784][T16423] ? __do_sys_fanotify_init+0x4b3/0xb50 [ 702.921816][T16423] should_failslab+0xc2/0x120 [ 702.921845][T16423] __kmalloc_cache_noprof+0x68/0x410 [ 702.921893][T16423] ? kasan_save_track+0x14/0x30 [ 702.921942][T16423] __do_sys_fanotify_init+0x4b3/0xb50 [ 702.921980][T16423] do_syscall_64+0xcd/0x250 [ 702.922034][T16423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.922080][T16423] RIP: 0033:0x7fbd7fb8d169 [ 702.922103][T16423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.922134][T16423] RSP: 002b:00007fbd809a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 702.922163][T16423] RAX: ffffffffffffffda RBX: 00007fbd7fda5fa0 RCX: 00007fbd7fb8d169 [ 702.922183][T16423] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 702.922202][T16423] RBP: 00007fbd7fc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 702.922220][T16423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 702.922237][T16423] R13: 0000000000000000 R14: 00007fbd7fda5fa0 R15: 00007ffd897ff208 [ 702.922274][T16423] [ 703.106110][ C1] vkms_vblank_simulate: vblank timer overrun [ 703.289991][T16407] bridge0: port 2(bridge_slave_1) entered blocking state [ 703.323010][T16407] bridge0: port 2(bridge_slave_1) entered disabled state [ 703.373360][T16407] bridge_slave_1: entered allmulticast mode [ 703.401559][T16407] bridge_slave_1: entered promiscuous mode [ 703.635263][ T35] team0: left allmulticast mode [ 703.641235][ T35] team_slave_0: left allmulticast mode [ 703.655537][ T35] team_slave_1: left allmulticast mode [ 703.672683][ T35] team0: left promiscuous mode [ 703.685399][ T35] team_slave_0: left promiscuous mode [ 703.692123][ T35] team_slave_1: left promiscuous mode [ 703.727236][ T35] bridge0: port 3(team0) entered disabled state [ 703.777834][ T35] bridge_slave_1: left allmulticast mode [ 703.804472][ T35] bridge_slave_1: left promiscuous mode [ 703.834819][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 703.874087][ T35] bridge_slave_0: left allmulticast mode [ 703.881012][ T35] bridge_slave_0: left promiscuous mode [ 703.893171][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 704.449184][T16407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 704.477262][T16407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 704.513326][ T35] : left promiscuous mode [ 704.700340][ T35] ovs_: left promiscuous mode [ 704.725709][T16407] team0: Port device team_slave_0 added [ 704.776286][ T35] ovsóãƒõ9Ûõ: left promiscuous mode [ 704.865676][T16407] team0: Port device team_slave_1 added [ 704.975587][T16407] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 704.983599][ T5840] Bluetooth: hci3: command tx timeout [ 705.012223][T16407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 705.058614][T16407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 705.102054][T16407] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 705.128590][T16407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 705.200055][T16407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 705.329971][T16459] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7200 pfn:0x78200 [ 705.389691][T16459] flags: 0xfff10000000014(referenced|dirty|node=0|zone=1|lastcpupid=0x7ff) [ 705.452932][T16459] raw: 00fff10000000014 0000000000000000 dead000000000122 0000000000000000 [ 705.501999][T16459] raw: 0000000000007200 0000000000000000 00000001ffffffff 0000000000000000 [ 705.567711][T16459] page dumped because: unmovable page [ 705.597112][T16459] page_owner tracks the page as allocated [ 705.653113][T16459] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 15113, tgid 15113 (syz-executor), ts 626803781867, free_ts 608713507513 [ 705.775189][T16459] post_alloc_hook+0x181/0x1b0 [ 705.782316][T16459] get_page_from_freelist+0xfce/0x2f80 [ 705.810359][T16459] __alloc_frozen_pages_noprof+0x221/0x2470 [ 705.818543][T16461] could not allocate digest TFM handle binfmt_misc [ 705.912846][T16459] alloc_pages_mpol+0x1fc/0x540 [ 705.939504][T16459] alloc_pages_noprof+0x131/0x390 [ 705.968966][T16459] __vmalloc_node_range_noprof+0x721/0x1530 [ 705.988480][T16459] vmalloc_user_noprof+0x6b/0x90 [ 706.008628][T16459] kcov_ioctl+0x4c/0x730 [ 706.015307][T16459] __x64_sys_ioctl+0x190/0x200 [ 706.021088][T16459] do_syscall_64+0xcd/0x250 [ 706.035392][T16459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 706.042656][T16459] page last free pid 5880 tgid 5880 stack trace: [ 706.059277][T16459] free_frozen_pages+0x6db/0xfb0 [ 706.080278][T16459] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 706.099882][T16459] __apply_to_page_range+0x5fd/0xd30 [ 706.114050][T16459] kasan_release_vmalloc+0xd1/0xe0 [ 706.131611][T16459] purge_vmap_node+0x1d1/0xa40 [ 706.158861][T16459] __purge_vmap_area_lazy+0x9bf/0xc10 [ 706.178257][T16459] drain_vmap_area_work+0x27/0x40 [ 706.205992][T16459] process_one_work+0x9c5/0x1ba0 [ 706.212021][T16459] worker_thread+0x6c8/0xf00 [ 706.237355][T16459] kthread+0x3af/0x750 [ 706.252564][T16459] ret_from_fork+0x45/0x80 [ 706.278873][T16459] ret_from_fork_asm+0x1a/0x30 [ 706.361344][T16407] hsr_slave_0: entered promiscuous mode [ 706.380002][T16407] hsr_slave_1: entered promiscuous mode [ 706.406232][T16407] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 706.418547][T16407] Cannot create hsr debugfs directory [ 706.656773][T16488] FAULT_INJECTION: forcing a failure. [ 706.656773][T16488] name failslab, interval 1, probability 0, space 0, times 0 [ 706.687475][T16488] CPU: 1 UID: 0 PID: 16488 Comm: syz.6.2154 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 706.687512][T16488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 706.687528][T16488] Call Trace: [ 706.687537][T16488] [ 706.687547][T16488] dump_stack_lvl+0x16c/0x1f0 [ 706.687590][T16488] should_fail_ex+0x50a/0x650 [ 706.687635][T16488] ? fs_reclaim_acquire+0xae/0x150 [ 706.687672][T16488] ? trace_pid_list_alloc+0x27c/0x3f0 [ 706.687706][T16488] should_failslab+0xc2/0x120 [ 706.687733][T16488] __kmalloc_cache_noprof+0x68/0x410 [ 706.687780][T16488] trace_pid_list_alloc+0x27c/0x3f0 [ 706.687838][T16488] trace_pid_write+0x10f/0x460 [ 706.687890][T16488] ? __pfx_trace_pid_write+0x10/0x10 [ 706.687937][T16488] ? __pfx___mutex_lock+0x10/0x10 [ 706.688002][T16488] event_pid_write.isra.0+0x3b3/0x7a0 [ 706.688055][T16488] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 706.688104][T16488] ? __pfx_ftrace_event_pid_write+0x10/0x10 [ 706.688142][T16488] vfs_write+0x24c/0x1150 [ 706.688180][T16488] ? __fget_files+0x1fc/0x3a0 [ 706.688221][T16488] ? __pfx___mutex_lock+0x10/0x10 [ 706.688257][T16488] ? __pfx_vfs_write+0x10/0x10 [ 706.688316][T16488] ? __fget_files+0x206/0x3a0 [ 706.688368][T16488] ksys_write+0x12b/0x250 [ 706.688407][T16488] ? __pfx_ksys_write+0x10/0x10 [ 706.688452][T16488] do_syscall_64+0xcd/0x250 [ 706.688493][T16488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 706.688532][T16488] RIP: 0033:0x7f9e2d18d169 [ 706.688554][T16488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 706.688582][T16488] RSP: 002b:00007f9e2df25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 706.688608][T16488] RAX: ffffffffffffffda RBX: 00007f9e2d3a5fa0 RCX: 00007f9e2d18d169 [ 706.688626][T16488] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 706.688642][T16488] RBP: 00007f9e2d20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 706.688658][T16488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 706.688674][T16488] R13: 0000000000000000 R14: 00007f9e2d3a5fa0 R15: 00007ffd17ce64e8 [ 706.688708][T16488] [ 707.096168][ T5840] Bluetooth: hci3: command tx timeout [ 707.215665][T16490] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 707.601442][T16490] FAULT_INJECTION: forcing a failure. [ 707.601442][T16490] name failslab, interval 1, probability 0, space 0, times 0 [ 707.617328][T16490] CPU: 1 UID: 0 PID: 16490 Comm: syz.6.2155 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 707.617371][T16490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 707.617391][T16490] Call Trace: [ 707.617400][T16490] [ 707.617411][T16490] dump_stack_lvl+0x16c/0x1f0 [ 707.617460][T16490] should_fail_ex+0x50a/0x650 [ 707.617512][T16490] ? fs_reclaim_acquire+0xae/0x150 [ 707.617556][T16490] ? __do_sys_fanotify_init+0x4b3/0xb50 [ 707.617599][T16490] should_failslab+0xc2/0x120 [ 707.617627][T16490] __kmalloc_cache_noprof+0x68/0x410 [ 707.617672][T16490] ? kasan_save_track+0x14/0x30 [ 707.617719][T16490] __do_sys_fanotify_init+0x4b3/0xb50 [ 707.617756][T16490] do_syscall_64+0xcd/0x250 [ 707.617798][T16490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 707.617841][T16490] RIP: 0033:0x7f9e2d18d169 [ 707.617862][T16490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 707.617890][T16490] RSP: 002b:00007f9e2df25038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 707.617917][T16490] RAX: ffffffffffffffda RBX: 00007f9e2d3a5fa0 RCX: 00007f9e2d18d169 [ 707.617936][T16490] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 707.617953][T16490] RBP: 00007f9e2d20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 707.617970][T16490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 707.617988][T16490] R13: 0000000000000000 R14: 00007f9e2d3a5fa0 R15: 00007ffd17ce64e8 [ 707.618022][T16490] [ 708.539943][ T35] hsr_slave_0: left promiscuous mode [ 708.564607][ T35] hsr_slave_1: left promiscuous mode [ 708.587652][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 708.611778][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 708.643815][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 708.672278][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 709.152891][ T5840] Bluetooth: hci3: command tx timeout [ 709.398145][ T35] veth1_vlan: left promiscuous mode [ 709.436531][ T35] veth0_vlan: left promiscuous mode [ 710.086421][T16536] FAULT_INJECTION: forcing a failure. [ 710.086421][T16536] name failslab, interval 1, probability 0, space 0, times 0 [ 710.133951][T16536] CPU: 1 UID: 0 PID: 16536 Comm: syz.4.2163 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 710.133991][T16536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 710.134010][T16536] Call Trace: [ 710.134019][T16536] [ 710.134031][T16536] dump_stack_lvl+0x16c/0x1f0 [ 710.134079][T16536] should_fail_ex+0x50a/0x650 [ 710.134140][T16536] ? fs_reclaim_acquire+0xae/0x150 [ 710.134179][T16536] ? trace_pid_list_alloc+0x27c/0x3f0 [ 710.134215][T16536] should_failslab+0xc2/0x120 [ 710.134243][T16536] __kmalloc_cache_noprof+0x68/0x410 [ 710.134293][T16536] trace_pid_list_alloc+0x27c/0x3f0 [ 710.134352][T16536] trace_pid_write+0x10f/0x460 [ 710.134404][T16536] ? __pfx_trace_pid_write+0x10/0x10 [ 710.134449][T16536] ? __pfx___mutex_lock+0x10/0x10 [ 710.134511][T16536] event_pid_write.isra.0+0x3b3/0x7a0 [ 710.134553][T16536] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 710.134602][T16536] ? __pfx_ftrace_event_pid_write+0x10/0x10 [ 710.134642][T16536] vfs_write+0x24c/0x1150 [ 710.134700][T16536] ? __fget_files+0x1fc/0x3a0 [ 710.134746][T16536] ? __pfx___mutex_lock+0x10/0x10 [ 710.134786][T16536] ? __pfx_vfs_write+0x10/0x10 [ 710.134839][T16536] ? __fget_files+0x206/0x3a0 [ 710.134905][T16536] ksys_write+0x12b/0x250 [ 710.134946][T16536] ? __pfx_ksys_write+0x10/0x10 [ 710.135000][T16536] do_syscall_64+0xcd/0x250 [ 710.135045][T16536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.135089][T16536] RIP: 0033:0x7fbd7fb8d169 [ 710.135112][T16536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.135140][T16536] RSP: 002b:00007fbd809a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 710.135168][T16536] RAX: ffffffffffffffda RBX: 00007fbd7fda5fa0 RCX: 00007fbd7fb8d169 [ 710.135187][T16536] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 710.135203][T16536] RBP: 00007fbd7fc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 710.135221][T16536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.135256][T16536] R13: 0000000000000000 R14: 00007fbd7fda5fa0 R15: 00007ffd897ff208 [ 710.135298][T16536] [ 711.088236][ T35] team0 (unregistering): Port device team_slave_1 removed [ 711.129205][ T35] team0 (unregistering): Port device team_slave_0 removed [ 711.781583][T16553] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 712.129400][T16407] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 712.138106][T16553] FAULT_INJECTION: forcing a failure. [ 712.138106][T16553] name failslab, interval 1, probability 0, space 0, times 0 [ 712.158315][T16407] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 712.174127][T16553] CPU: 1 UID: 0 PID: 16553 Comm: syz.5.2166 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 712.174165][T16553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 712.174181][T16553] Call Trace: [ 712.174189][T16553] [ 712.174199][T16553] dump_stack_lvl+0x16c/0x1f0 [ 712.174241][T16553] should_fail_ex+0x50a/0x650 [ 712.174290][T16553] ? fs_reclaim_acquire+0xae/0x150 [ 712.174331][T16553] ? __do_sys_fanotify_init+0x4b3/0xb50 [ 712.174363][T16553] should_failslab+0xc2/0x120 [ 712.174391][T16553] __kmalloc_cache_noprof+0x68/0x410 [ 712.174436][T16553] ? kasan_save_track+0x14/0x30 [ 712.174480][T16553] __do_sys_fanotify_init+0x4b3/0xb50 [ 712.174513][T16553] do_syscall_64+0xcd/0x250 [ 712.174553][T16553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.174595][T16553] RIP: 0033:0x7f023298d169 [ 712.174619][T16553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 712.174649][T16553] RSP: 002b:00007f023388d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 712.174678][T16553] RAX: ffffffffffffffda RBX: 00007f0232ba5fa0 RCX: 00007f023298d169 [ 712.174697][T16553] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 712.174713][T16553] RBP: 00007f0232a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 712.174730][T16553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 712.174746][T16553] R13: 0000000000000000 R14: 00007f0232ba5fa0 R15: 00007fffdc35ab78 [ 712.174779][T16553] [ 712.389425][T16407] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 712.406345][T16407] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 712.483124][T16407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 712.612082][T16407] 8021q: adding VLAN 0 to HW filter on device team0 [ 712.662278][T11871] bridge0: port 1(bridge_slave_0) entered blocking state [ 712.670891][T11871] bridge0: port 1(bridge_slave_0) entered forwarding state [ 712.801268][T16259] bridge0: port 2(bridge_slave_1) entered blocking state [ 712.809877][T16259] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.494145][T16407] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 713.578356][T16407] veth0_vlan: entered promiscuous mode [ 713.593086][T16407] veth1_vlan: entered promiscuous mode [ 713.632427][T16407] veth0_macvtap: entered promiscuous mode [ 713.651987][T16407] veth1_macvtap: entered promiscuous mode [ 713.675585][T16407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 713.710493][T16407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.759298][T16407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 713.774767][T16407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.786960][T16407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 713.799896][T16407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.840042][T16407] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 713.858708][T16407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 713.873795][T16407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.893187][T16407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 713.913390][T16407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.933165][T16407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 713.977770][T16407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.990987][T16407] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 714.035879][T16407] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.214459][T16407] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.233241][T16407] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.253759][T16407] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.573373][T11871] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 714.622554][T16623] FAULT_INJECTION: forcing a failure. [ 714.622554][T16623] name failslab, interval 1, probability 0, space 0, times 0 [ 714.643110][T11871] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 714.684100][T16623] CPU: 0 UID: 0 PID: 16623 Comm: syz.5.2173 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 714.684136][T16623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 714.684152][T16623] Call Trace: [ 714.684160][T16623] [ 714.684171][T16623] dump_stack_lvl+0x16c/0x1f0 [ 714.684215][T16623] should_fail_ex+0x50a/0x650 [ 714.684260][T16623] ? fs_reclaim_acquire+0xae/0x150 [ 714.684300][T16623] ? trace_pid_list_alloc+0x27c/0x3f0 [ 714.684335][T16623] should_failslab+0xc2/0x120 [ 714.684363][T16623] __kmalloc_cache_noprof+0x68/0x410 [ 714.684412][T16623] trace_pid_list_alloc+0x27c/0x3f0 [ 714.684453][T16623] trace_pid_write+0x10f/0x460 [ 714.684503][T16623] ? __pfx_trace_pid_write+0x10/0x10 [ 714.684548][T16623] ? __pfx___mutex_lock+0x10/0x10 [ 714.684609][T16623] event_pid_write.isra.0+0x3b3/0x7a0 [ 714.684656][T16623] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 714.684707][T16623] ? __pfx_ftrace_event_pid_write+0x10/0x10 [ 714.684746][T16623] vfs_write+0x24c/0x1150 [ 714.684788][T16623] ? __fget_files+0x1fc/0x3a0 [ 714.684848][T16623] ? __pfx___mutex_lock+0x10/0x10 [ 714.684889][T16623] ? __pfx_vfs_write+0x10/0x10 [ 714.684942][T16623] ? __fget_files+0x206/0x3a0 [ 714.684997][T16623] ksys_write+0x12b/0x250 [ 714.685036][T16623] ? __pfx_ksys_write+0x10/0x10 [ 714.685088][T16623] do_syscall_64+0xcd/0x250 [ 714.685132][T16623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.685175][T16623] RIP: 0033:0x7f023298d169 [ 714.685198][T16623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 714.685227][T16623] RSP: 002b:00007f023388d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 714.685256][T16623] RAX: ffffffffffffffda RBX: 00007f0232ba5fa0 RCX: 00007f023298d169 [ 714.685276][T16623] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 714.685292][T16623] RBP: 00007f0232a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 714.685309][T16623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 714.685326][T16623] R13: 0000000000000000 R14: 00007f0232ba5fa0 R15: 00007fffdc35ab78 [ 714.685364][T16623] [ 715.084706][T16259] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 715.094322][T16259] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 717.079278][T16684] kAFS: unparsable volume name [ 718.744514][T16695] kAFS: unparsable volume name [ 719.500412][T16692] Process accounting paused [ 719.612392][T16714] ptrace attach of "./syz-executor exec"[9043] was attempted by ""[16714] [ 720.983867][ T5840] Bluetooth: hci0: Malformed Event: 0x13 [ 721.332301][T16727] netlink: 85 bytes leftover after parsing attributes in process `syz.4.2190'. [ 721.407536][T16732] netlink: 'syz.5.2191': attribute type 11 has an invalid length. [ 723.729815][T16756] FAULT_INJECTION: forcing a failure. [ 723.729815][T16756] name failslab, interval 1, probability 0, space 0, times 0 [ 723.772848][T16756] CPU: 0 UID: 0 PID: 16756 Comm: syz.2.2196 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 723.772887][T16756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 723.772904][T16756] Call Trace: [ 723.772912][T16756] [ 723.772923][T16756] dump_stack_lvl+0x16c/0x1f0 [ 723.772968][T16756] should_fail_ex+0x50a/0x650 [ 723.773015][T16756] ? fs_reclaim_acquire+0xae/0x150 [ 723.773055][T16756] ? trace_pid_list_alloc+0x27c/0x3f0 [ 723.773090][T16756] should_failslab+0xc2/0x120 [ 723.773118][T16756] __kmalloc_cache_noprof+0x68/0x410 [ 723.773166][T16756] trace_pid_list_alloc+0x27c/0x3f0 [ 723.773208][T16756] trace_pid_write+0x10f/0x460 [ 723.773258][T16756] ? __pfx_trace_pid_write+0x10/0x10 [ 723.773302][T16756] ? __pfx___mutex_lock+0x10/0x10 [ 723.773373][T16756] event_pid_write.isra.0+0x3b3/0x7a0 [ 723.773417][T16756] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 723.773468][T16756] ? __pfx_ftrace_event_pid_write+0x10/0x10 [ 723.773508][T16756] vfs_write+0x24c/0x1150 [ 723.773550][T16756] ? __fget_files+0x1fc/0x3a0 [ 723.773591][T16756] ? __pfx___mutex_lock+0x10/0x10 [ 723.773628][T16756] ? __pfx_vfs_write+0x10/0x10 [ 723.773677][T16756] ? __fget_files+0x206/0x3a0 [ 723.773745][T16756] ksys_write+0x12b/0x250 [ 723.773786][T16756] ? __pfx_ksys_write+0x10/0x10 [ 723.773839][T16756] do_syscall_64+0xcd/0x250 [ 723.773883][T16756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 723.773926][T16756] RIP: 0033:0x7f0da238d169 [ 723.773949][T16756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 723.773977][T16756] RSP: 002b:00007f0da31a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 723.774003][T16756] RAX: ffffffffffffffda RBX: 00007f0da25a5fa0 RCX: 00007f0da238d169 [ 723.774022][T16756] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 723.774039][T16756] RBP: 00007f0da240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 723.774057][T16756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 723.774074][T16756] R13: 0000000000000000 R14: 00007f0da25a5fa0 R15: 00007ffefa1c2d28 [ 723.774121][T16756] [ 725.384148][T16781] kAFS: unparsable volume name [ 727.000424][ T5840] Bluetooth: hci3: Malformed Event: 0x13 [ 727.351988][T16803] netlink: 85 bytes leftover after parsing attributes in process `syz.2.2203'. [ 727.561361][T16809] could not allocate digest TFM handle [ 727.743071][T16811] could not allocate digest TFM handle [ 732.215059][ T5840] Bluetooth: hci4: Malformed Event: 0x13 [ 732.257882][T16887] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2229'. [ 732.540339][T16888] netlink: 85 bytes leftover after parsing attributes in process `syz.6.2225'. [ 732.878720][T16903] Invalid ELF header magic: != ELF [ 734.005017][T16919] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2235'. [ 734.107870][T16919] FAULT_INJECTION: forcing a failure. [ 734.107870][T16919] name failslab, interval 1, probability 0, space 0, times 0 [ 734.158702][T16919] CPU: 1 UID: 0 PID: 16919 Comm: syz.6.2235 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 734.158742][T16919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 734.158759][T16919] Call Trace: [ 734.158767][T16919] [ 734.158778][T16919] dump_stack_lvl+0x16c/0x1f0 [ 734.158824][T16919] should_fail_ex+0x50a/0x650 [ 734.158870][T16919] ? fs_reclaim_acquire+0xae/0x150 [ 734.158911][T16919] ? sk_prot_alloc+0x1a8/0x2a0 [ 734.158939][T16919] should_failslab+0xc2/0x120 [ 734.158966][T16919] __kmalloc_noprof+0xcb/0x510 [ 734.159008][T16919] ? evm_inode_alloc_security+0x49/0xc0 [ 734.159052][T16919] ? security_inode_alloc+0xcf/0x2b0 [ 734.159089][T16919] sk_prot_alloc+0x1a8/0x2a0 [ 734.159121][T16919] sk_alloc+0x36/0xc20 [ 734.159161][T16919] __netlink_create+0x5e/0x2c0 [ 734.159195][T16919] __netlink_kernel_create+0xee/0x750 [ 734.159233][T16919] ? __pfx_lock_release+0x10/0x10 [ 734.159274][T16919] ? __pfx___netlink_kernel_create+0x10/0x10 [ 734.159322][T16919] ? __pfx_crypto_netlink_init+0x10/0x10 [ 734.159361][T16919] crypto_netlink_init+0xb8/0x140 [ 734.159396][T16919] ? cpus_read_unlock+0x83/0x150 [ 734.159437][T16919] ? __pfx_crypto_netlink_init+0x10/0x10 [ 734.159481][T16919] ? __nf_register_net_hook+0x371/0x730 [ 734.159513][T16919] ? lockdep_init_map_type+0x16d/0x7d0 [ 734.159557][T16919] ? __pfx_crypto_netlink_rcv+0x10/0x10 [ 734.159619][T16919] ? nf_register_net_hook+0x117/0x160 [ 734.159673][T16919] ? nf_register_net_hooks+0xb1/0xd0 [ 734.159717][T16919] ops_init+0x1df/0x5f0 [ 734.159776][T16919] setup_net+0x21f/0x860 [ 734.159831][T16919] ? __pfx_setup_net+0x10/0x10 [ 734.159881][T16919] ? down_read_killable+0xcc/0x380 [ 734.159933][T16919] ? __pfx_down_read_killable+0x10/0x10 [ 734.159985][T16919] ? __raw_spin_lock_init+0x3a/0x110 [ 734.160020][T16919] ? debug_mutex_init+0x37/0x70 [ 734.160059][T16919] copy_net_ns+0x2a6/0x5f0 [ 734.160097][T16919] create_new_namespaces+0x3ea/0xad0 [ 734.160162][T16919] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 734.160221][T16919] ksys_unshare+0x45d/0xa40 [ 734.160257][T16919] ? __pfx_ksys_unshare+0x10/0x10 [ 734.160291][T16919] ? xfd_validate_state+0x5d/0x180 [ 734.160353][T16919] __x64_sys_unshare+0x31/0x40 [ 734.160388][T16919] do_syscall_64+0xcd/0x250 [ 734.160436][T16919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.160492][T16919] RIP: 0033:0x7f9e2d18d169 [ 734.160518][T16919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.160551][T16919] RSP: 002b:00007f9e2df04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 734.160582][T16919] RAX: ffffffffffffffda RBX: 00007f9e2d3a6080 RCX: 00007f9e2d18d169 [ 734.160603][T16919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 734.160622][T16919] RBP: 00007f9e2d20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 734.160641][T16919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 734.160660][T16919] R13: 0000000000000000 R14: 00007f9e2d3a6080 R15: 00007ffd17ce64e8 [ 734.160700][T16919] [ 734.739585][T16924] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2236'. [ 735.914724][T16927] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 735.930838][T16927] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 735.945777][T16927] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 735.983953][T16927] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 736.011485][T16927] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 736.040872][T16927] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 736.059456][T16927] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 736.071604][T16927] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 736.086789][T16927] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 737.140287][T16953] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2242'. [ 737.863602][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 737.953089][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 738.027989][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 738.103012][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 740.103094][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 740.183131][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 741.013147][T16987] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 741.033977][T16987] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 741.041245][T16987] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 741.074380][T16987] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 741.087824][T16987] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 742.283585][T17009] netlink: zone id is out of range [ 742.289776][T17009] netlink: zone id is out of range [ 742.830367][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 743.000823][T17009] netlink: zone id is out of range [ 743.063190][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 743.067084][T15136] Bluetooth: hci0: command 0x0c1a tx timeout [ 743.143077][T15136] Bluetooth: hci3: command 0x0c1a tx timeout [ 743.567614][T17009] netlink: zone id is out of range [ 744.133261][T17009] netlink: zone id is out of range [ 744.139436][T17009] netlink: zone id is out of range [ 744.206450][T17009] netlink: zone id is out of range [ 744.220879][T17009] netlink: zone id is out of range [ 744.232874][T17009] netlink: zone id is out of range [ 744.253989][T17009] netlink: zone id is out of range [ 744.653699][T17027] Invalid ELF header magic: != ELF [ 745.144433][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 747.232997][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 747.354005][T17050] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 747.361330][T17050] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 747.423680][T17050] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 747.430916][T17050] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 747.483041][T17050] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 748.844115][T17080] net_ratelimit: 96 callbacks suppressed [ 748.844139][T17080] netlink: zone id is out of range [ 748.993240][T15136] Bluetooth: hci2: command 0x0c1a tx timeout [ 749.372987][T17080] netlink: zone id is out of range [ 749.392367][T15136] Bluetooth: hci0: command 0x0c1a tx timeout [ 749.401084][T17080] netlink: zone id is out of range [ 749.422899][T17080] netlink: zone id is out of range [ 749.439298][T17080] netlink: zone id is out of range [ 749.455742][T17080] netlink: zone id is out of range [ 749.462943][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 749.474712][T17080] netlink: zone id is out of range [ 749.492879][T17080] netlink: zone id is out of range [ 749.512807][T17080] netlink: zone id is out of range [ 749.531166][T17080] netlink: zone id is out of range [ 749.543040][T15136] Bluetooth: hci3: command 0x0c1a tx timeout [ 749.645155][T17080] Process accounting resumed [ 749.815998][T17093] Invalid ELF header magic: != ELF [ 750.940041][T17110] ima: policy update failed [ 750.940191][ T29] audit: type=1802 audit(4295074750.249:27): pid=17110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2278" res=0 errno=0 [ 751.552941][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 752.515061][T17134] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2284'. [ 752.520506][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.543356][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.607026][T17136] Invalid ELF header magic: != ELF [ 756.037680][T17190] snd_aloop snd_aloop.0: control 1:6:6:¢¸è_ÅheºRŸª:0 is already present [ 756.513192][T17203] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2296'. [ 756.660495][T17192] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2296'. [ 760.184227][T17219] Invalid ELF header magic: != ELF [ 760.247889][T17223] HfR: entered promiscuous mode [ 761.721797][T17244] snd_aloop snd_aloop.0: control 1:6:6:¢¸è_ÅheºRŸª:0 is already present [ 763.246019][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 763.480408][ T35] bridge0: port 6(netdevsim2) entered disabled state [ 763.587788][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): left allmulticast mode [ 763.607916][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): left promiscuous mode [ 763.646682][ T35] bridge0: port 6(netdevsim2) entered disabled state [ 763.680301][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 763.879675][T17276] Invalid ELF header magic: != ELF [ 763.909448][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.275446][ T35] bond0: left allmulticast mode [ 764.281367][ T35] bond_slave_0: left allmulticast mode [ 764.313443][ T35] bond_slave_1: left allmulticast mode [ 764.320102][ T35] bond0: left promiscuous mode [ 764.355164][ T35] bond_slave_0: left promiscuous mode [ 764.361836][ T35] bond_slave_1: left promiscuous mode [ 764.386009][ T35] bridge0: port 5(bond0) entered disabled state [ 764.476401][ T35] gretap0: left allmulticast mode [ 764.499329][ T35] gretap0: left promiscuous mode [ 764.523002][ T35] bridge0: port 4(gretap0) entered disabled state [ 764.608475][ T35] hsr0: left allmulticast mode [ 764.620387][ T35] hsr_slave_0: left allmulticast mode [ 764.642706][ T35] hsr_slave_1: left allmulticast mode [ 764.649410][ T35] hsr0: left promiscuous mode [ 764.678549][ T35] bridge0: port 3(hsr0) entered disabled state [ 764.780456][ T35] bridge_slave_1: left allmulticast mode [ 764.804658][ T35] bridge_slave_1: left promiscuous mode [ 764.819497][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 764.902645][ T35] bridge_slave_0: left allmulticast mode [ 764.947400][ T35] bridge_slave_0: left promiscuous mode [ 764.970600][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.278424][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 766.341212][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 766.364923][ T35] bond0 (unregistering): Released all slaves [ 766.398406][T17295] HfR: entered promiscuous mode [ 767.483094][ T35] hsr_slave_0: left promiscuous mode [ 767.516557][ T35] hsr_slave_1: left promiscuous mode [ 767.532617][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 767.563759][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 767.599129][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 767.618590][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 767.755019][ T35] veth1_macvtap: left promiscuous mode [ 767.772107][ T35] veth0_macvtap: left promiscuous mode [ 767.783253][ T35] veth1_vlan: left promiscuous mode [ 767.798565][ T35] veth0_vlan: left promiscuous mode [ 769.248132][ T35] team0 (unregistering): Port device team_slave_1 removed [ 769.349269][ T35] team0 (unregistering): Port device team_slave_0 removed [ 770.686702][T17398] .SR: entered promiscuous mode [ 770.711847][T17404] openvswitch: .SR: Dropping previously announced user features [ 771.904142][T17444] FAULT_INJECTION: forcing a failure. [ 771.904142][T17444] name failslab, interval 1, probability 0, space 0, times 0 [ 771.953046][T17444] CPU: 1 UID: 0 PID: 17444 Comm: syz.6.2341 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 771.953088][T17444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 771.953108][T17444] Call Trace: [ 771.953117][T17444] [ 771.953129][T17444] dump_stack_lvl+0x16c/0x1f0 [ 771.953180][T17444] should_fail_ex+0x50a/0x650 [ 771.953234][T17444] ? fs_reclaim_acquire+0xae/0x150 [ 771.953280][T17444] ? blk_alloc_queue_stats+0x3f/0x110 [ 771.953329][T17444] should_failslab+0xc2/0x120 [ 771.953360][T17444] __kmalloc_cache_noprof+0x68/0x410 [ 771.953405][T17444] ? kmem_cache_alloc_node_noprof+0x272/0x3c0 [ 771.953477][T17444] blk_alloc_queue_stats+0x3f/0x110 [ 771.953525][T17444] blk_alloc_queue+0xda/0x700 [ 771.953561][T17444] blk_mq_alloc_queue+0x17a/0x290 [ 771.953603][T17444] ? __pfx_blk_mq_alloc_queue+0x10/0x10 [ 771.953663][T17444] ? debug_mutex_init+0x37/0x70 [ 771.953697][T17444] ? blk_mq_alloc_tag_set+0xcd0/0x1240 [ 771.953745][T17444] __blk_mq_alloc_disk+0x29/0x120 [ 771.953788][T17444] loop_add+0x49f/0xb60 [ 771.953830][T17444] ? 0xffffffff81000000 [ 771.953853][T17444] ? do_vfs_ioctl+0x513/0x1990 [ 771.953902][T17444] ? __pfx_loop_add+0x10/0x10 [ 771.953941][T17444] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 771.954004][T17444] ? __pfx_lock_release+0x10/0x10 [ 771.954046][T17444] ? trace_lock_acquire+0x14e/0x1f0 [ 771.954081][T17444] ? __pfx___might_resched+0x10/0x10 [ 771.954132][T17444] ? 0xffffffff81000000 [ 771.954151][T17444] ? 0xffffffff81000000 [ 771.954170][T17444] loop_control_ioctl+0x13e/0x640 [ 771.954214][T17444] ? __pfx_loop_control_ioctl+0x10/0x10 [ 771.954256][T17444] ? __fget_files+0x206/0x3a0 [ 771.954302][T17444] ? 0xffffffff81000000 [ 771.954321][T17444] ? __pfx_loop_control_ioctl+0x10/0x10 [ 771.954367][T17444] ? 0xffffffff81000000 [ 771.954386][T17444] __x64_sys_ioctl+0x190/0x200 [ 771.954425][T17444] do_syscall_64+0xcd/0x250 [ 771.954466][T17444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.954506][T17444] RIP: 0033:0x7f9e2d18d169 [ 771.954529][T17444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 771.954569][T17444] RSP: 002b:00007f9e2df25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 771.954596][T17444] RAX: ffffffffffffffda RBX: 00007f9e2d3a5fa0 RCX: 00007f9e2d18d169 [ 771.954615][T17444] RDX: ffffffff81000000 RSI: 0000000000004c80 RDI: 0000000000000009 [ 771.954632][T17444] RBP: 00007f9e2d20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 771.954648][T17444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 771.954665][T17444] R13: 0000000000000000 R14: 00007f9e2d3a5fa0 R15: 00007ffd17ce64e8 [ 771.954692][T17444] ? 0xffffffff81000000 [ 771.954716][T17444] [ 772.284697][ C1] vkms_vblank_simulate: vblank timer overrun [ 773.230578][T17439] HfR: entered promiscuous mode [ 773.366277][T17461] kernel read not supported for file /\*)A (pid: 17461 comm: syz.2.2344) [ 773.385453][ T29] audit: type=1800 audit(4295074772.699:28): pid=17461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2344" name="\*)A" dev="mqueue" ino=62145 res=0 errno=0 [ 779.434158][T17604] openvswitch: HfR: Dropping previously announced user features [ 779.767696][T17602] kernel read not supported for file /\*)A (pid: 17602 comm: syz.4.2357) [ 780.506751][ T29] audit: type=1800 audit(4295074779.819:29): pid=17602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2357" name="\*)A" dev="mqueue" ino=35207 res=0 errno=0 [ 780.642965][T17597] Process accounting paused [ 785.393437][T17721] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 785.407528][T17721] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 787.112866][T17710] kernel read not supported for file /\*)A (pid: 17710 comm: syz.5.2376) [ 787.432825][ T29] audit: type=1800 audit(4295074786.739:30): pid=17710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2376" name="\*)A" dev="mqueue" ino=63537 res=0 errno=0 [ 791.643661][T17813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2396'. [ 798.761589][T15136] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 799.208174][T17934] kernel read not supported for file /\*)A (pid: 17934 comm: syz.6.2405) [ 799.814693][ T29] audit: type=1800 audit(4295074799.129:31): pid=17934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2405" name="\*)A" dev="mqueue" ino=63776 res=0 errno=0 [ 806.943481][T15136] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 807.682045][T15136] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 807.682088][T15136] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 807.708735][T15136] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 807.708800][T15136] Bluetooth: hci3: adv larger than maximum supported [ 807.717771][T15136] Bluetooth: hci3: adv larger than maximum supported [ 807.725935][T15136] Bluetooth: hci3: Malformed LE Event: 0x0d [ 807.757918][T18014] openvswitch: HfR: Dropping previously announced user features [ 809.596620][T18037] HfR: entered promiscuous mode [ 811.533360][T15136] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 812.300341][T18037] Process accounting resumed [ 812.706066][T11871] HfR: left promiscuous mode [ 813.963123][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.970712][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 815.173898][T18115] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 816.023995][T15136] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 817.969824][T18129] HfR: entered promiscuous mode [ 820.836394][T15136] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 821.872266][T11871] HfR: left promiscuous mode [ 823.648530][T18198] Invalid ELF header magic: != ELF [ 824.133156][T18190] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 824.191841][T18190] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 824.219746][T18190] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 824.291029][T18190] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 824.317674][T18190] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 825.223016][T15136] Bluetooth: hci2: command 0x0c1a tx timeout [ 826.263000][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 826.270271][T15136] Bluetooth: hci0: command 0x0c1a tx timeout [ 826.342880][T15136] Bluetooth: hci3: command 0x0c1a tx timeout [ 827.883676][T18232] Invalid ELF header magic: != ELF [ 828.343030][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 829.203302][ T29] audit: type=1800 audit(4295074828.519:32): pid=18242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2494" name="lu_gp_id" dev="configfs" ino=65907 res=0 errno=0 [ 831.954259][T18277] Invalid ELF header magic: != ELF [ 832.405131][T18258] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 832.461554][T18258] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 832.509614][T18258] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 832.550120][T18258] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 832.602951][T18258] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 833.390016][T18292] Invalid ELF header magic: != ELF [ 833.400656][ T29] audit: type=1800 audit(4295074832.709:33): pid=18294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2502" name="lu_gp_id" dev="configfs" ino=65249 res=0 errno=0 [ 833.475540][T15136] Bluetooth: hci2: command 0x0c1a tx timeout [ 834.506549][T15136] Bluetooth: hci0: command 0x0c1a tx timeout [ 834.582917][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 834.662995][T15136] Bluetooth: hci3: command 0x0c1a tx timeout [ 836.663712][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 837.308160][T18330] Invalid ELF header magic: != ELF [ 837.701387][T18321] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 837.740450][T18321] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 837.756935][T18321] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 837.778956][T18321] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 837.805340][T18321] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 838.871486][T18338] Invalid ELF header magic: != ELF [ 838.983058][T15136] Bluetooth: hci2: command 0x0c1a tx timeout [ 839.783099][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 839.790866][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 839.862818][T15136] Bluetooth: hci3: command 0x0c1a tx timeout [ 840.228346][ T29] audit: type=1800 audit(4295074839.539:34): pid=18351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2517" name="lu_gp_id" dev="configfs" ino=66247 res=0 errno=0 [ 840.295049][T18350] Invalid ELF header magic: != ELF [ 840.979312][T18358] Invalid ELF header magic: != ELF [ 841.252350][T18339] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 841.266190][T18339] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 841.283048][T18339] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 841.300370][T18339] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 841.312924][T18339] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 842.102553][T18378] program syz.6.2524 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 842.663250][T15136] Bluetooth: hci2: command 0x0c1a tx timeout [ 843.302980][T15136] Bluetooth: hci4: command 0x0c1a tx timeout [ 843.303087][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 843.383283][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 844.270397][T18366] Process accounting paused [ 845.382951][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 846.980267][T18431] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2540'. [ 846.991272][T18431] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 847.001404][T18431] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 847.015586][T18431] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 847.027694][T18431] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 848.052838][T18443] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2544'. [ 859.551553][T18469] program syz.4.2550 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 859.687705][T18475] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2552'. [ 859.720486][T18475] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 859.740146][T18475] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 859.760668][T18475] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 859.802923][T18475] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 863.479064][T18516] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 863.816747][T18518] program syz.5.2565 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 864.546935][T18527] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2568'. [ 864.594848][T18527] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 864.626346][T18527] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 864.673645][T18527] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 864.713769][T18527] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 866.493051][T18559] CIFS: VFS: Invalid SecurityFlags:  [ 866.533988][T18559] mkiss: ax0: crc mode is auto. [ 867.463724][T18574] nbd: socks must be embedded in a SOCK_ITEM attr [ 867.495426][T18574] block nbd2: shutting down sockets [ 868.053452][T18588] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2589'. [ 868.242657][T18588] bond0: (slave bond_slave_0): Releasing backup interface [ 868.280883][T18590] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2589'. [ 868.587072][T18601] netlink: 504 bytes leftover after parsing attributes in process `syz.6.2593'. [ 868.610718][T18601] netlink: 504 bytes leftover after parsing attributes in process `syz.6.2593'. [ 868.635360][T18601] netlink: 504 bytes leftover after parsing attributes in process `syz.6.2593'. [ 870.993801][T18628] netlink: 346 bytes leftover after parsing attributes in process `syz.5.2600'. [ 871.303979][T18632] net_ratelimit: 72 callbacks suppressed [ 871.303994][T18632] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 874.512955][T18668] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2610'. [ 875.387212][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.395149][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 876.798754][T18688] Process accounting resumed [ 877.159964][T18696] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2616'. [ 877.382803][ T5840] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 877.382875][T15136] Bluetooth: hci1: command 0x1003 tx timeout [ 878.378374][T18711] Invalid ELF header magic: != ELF [ 878.645399][T18719] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2622'. [ 881.735469][T18751] FAULT_INJECTION: forcing a failure. [ 881.735469][T18751] name failslab, interval 1, probability 0, space 0, times 0 [ 881.751190][T18751] CPU: 0 UID: 0 PID: 18751 Comm: syz.2.2631 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 881.751229][T18751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 881.751247][T18751] Call Trace: [ 881.751255][T18751] [ 881.751266][T18751] dump_stack_lvl+0x16c/0x1f0 [ 881.751315][T18751] should_fail_ex+0x50a/0x650 [ 881.751364][T18751] ? fs_reclaim_acquire+0xae/0x150 [ 881.751405][T18751] should_failslab+0xc2/0x120 [ 881.751435][T18751] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 881.751481][T18751] ? lockdep_init_map_type+0x16d/0x7d0 [ 881.751546][T18751] ? security_inode_alloc+0x3b/0x2b0 [ 881.751588][T18751] security_inode_alloc+0x3b/0x2b0 [ 881.751626][T18751] inode_init_always_gfp+0xce4/0x1030 [ 881.751682][T18751] alloc_inode+0x82/0x230 [ 881.751713][T18751] sock_alloc+0x40/0x280 [ 881.751744][T18751] sock_create_lite+0x82/0x120 [ 881.751778][T18751] __netlink_kernel_create+0xbe/0x750 [ 881.751826][T18751] ? __pfx___netlink_kernel_create+0x10/0x10 [ 881.751873][T18751] ? find_held_lock+0x2d/0x110 [ 881.751919][T18751] ? __pfx_diag_net_init+0x10/0x10 [ 881.751957][T18751] diag_net_init+0xbe/0x140 [ 881.751991][T18751] ? __pfx_lock_release+0x10/0x10 [ 881.752055][T18751] ? __pfx_diag_net_init+0x10/0x10 [ 881.752092][T18751] ? lockdep_init_map_type+0x16d/0x7d0 [ 881.752140][T18751] ? __pfx_sock_diag_rcv+0x10/0x10 [ 881.752175][T18751] ? __pfx_sock_diag_bind+0x10/0x10 [ 881.752215][T18751] ? __raw_spin_lock_init+0x3a/0x110 [ 881.752248][T18751] ? __pfx_cma_init_net+0x10/0x10 [ 881.752283][T18751] ops_init+0x1df/0x5f0 [ 881.752338][T18751] setup_net+0x21f/0x860 [ 881.752393][T18751] ? __pfx_setup_net+0x10/0x10 [ 881.752441][T18751] ? down_read_killable+0xcc/0x380 [ 881.752492][T18751] ? __pfx_down_read_killable+0x10/0x10 [ 881.752540][T18751] ? __raw_spin_lock_init+0x3a/0x110 [ 881.752574][T18751] ? debug_mutex_init+0x37/0x70 [ 881.752613][T18751] copy_net_ns+0x2a6/0x5f0 [ 881.752650][T18751] create_new_namespaces+0x3ea/0xad0 [ 881.752718][T18751] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 881.752775][T18751] ksys_unshare+0x45d/0xa40 [ 881.752810][T18751] ? __pfx_ksys_unshare+0x10/0x10 [ 881.752840][T18751] ? xfd_validate_state+0x5d/0x180 [ 881.752891][T18751] __x64_sys_unshare+0x31/0x40 [ 881.752929][T18751] do_syscall_64+0xcd/0x250 [ 881.752969][T18751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 881.753006][T18751] RIP: 0033:0x7f0da238d169 [ 881.753027][T18751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 881.753053][T18751] RSP: 002b:00007f0da31a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 881.753079][T18751] RAX: ffffffffffffffda RBX: 00007f0da25a5fa0 RCX: 00007f0da238d169 [ 881.753097][T18751] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 881.753113][T18751] RBP: 00007f0da240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 881.753128][T18751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 881.753144][T18751] R13: 0000000000000000 R14: 00007f0da25a5fa0 R15: 00007ffefa1c2d28 [ 881.753177][T18751] [ 882.919343][T18759] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2633'. [ 883.726194][T18777] Invalid ELF header magic: != ELF [ 884.262861][T15136] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 885.236656][T18800] FAULT_INJECTION: forcing a failure. [ 885.236656][T18800] name failslab, interval 1, probability 0, space 0, times 0 [ 885.295108][T18800] CPU: 1 UID: 0 PID: 18800 Comm: syz.5.2643 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 885.295139][T18800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 885.295152][T18800] Call Trace: [ 885.295158][T18800] [ 885.295166][T18800] dump_stack_lvl+0x16c/0x1f0 [ 885.295199][T18800] should_fail_ex+0x50a/0x650 [ 885.295234][T18800] ? fs_reclaim_acquire+0xae/0x150 [ 885.295268][T18800] should_failslab+0xc2/0x120 [ 885.295288][T18800] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 885.295324][T18800] ? lockdep_init_map_type+0x16d/0x7d0 [ 885.295354][T18800] ? vrf_netns_init+0x107/0x1f0 [ 885.295389][T18800] kmemdup_noprof+0x29/0x60 [ 885.295415][T18800] vrf_netns_init+0x107/0x1f0 [ 885.295447][T18800] ? __pfx_vrf_netns_init+0x10/0x10 [ 885.295477][T18800] ops_init+0x1df/0x5f0 [ 885.295513][T18800] setup_net+0x21f/0x860 [ 885.295547][T18800] ? __pfx_setup_net+0x10/0x10 [ 885.295578][T18800] ? down_read_killable+0xcc/0x380 [ 885.295629][T18800] ? __pfx_down_read_killable+0x10/0x10 [ 885.295662][T18800] ? __raw_spin_lock_init+0x3a/0x110 [ 885.295684][T18800] ? debug_mutex_init+0x37/0x70 [ 885.295710][T18800] copy_net_ns+0x2a6/0x5f0 [ 885.295735][T18800] create_new_namespaces+0x3ea/0xad0 [ 885.295778][T18800] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 885.295817][T18800] ksys_unshare+0x45d/0xa40 [ 885.295840][T18800] ? __pfx_ksys_unshare+0x10/0x10 [ 885.295862][T18800] ? xfd_validate_state+0x5d/0x180 [ 885.295902][T18800] __x64_sys_unshare+0x31/0x40 [ 885.295924][T18800] do_syscall_64+0xcd/0x250 [ 885.295956][T18800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 885.295988][T18800] RIP: 0033:0x7f023298d169 [ 885.296004][T18800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 885.296026][T18800] RSP: 002b:00007f023388d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 885.296047][T18800] RAX: ffffffffffffffda RBX: 00007f0232ba5fa0 RCX: 00007f023298d169 [ 885.296062][T18800] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 885.296076][T18800] RBP: 00007f0232a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 885.296089][T18800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 885.296102][T18800] R13: 0000000000000000 R14: 00007f0232ba5fa0 R15: 00007fffdc35ab78 [ 885.296129][T18800] [ 886.748130][T18809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2647'. [ 889.634438][T18849] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2659'. [ 890.274044][ T5840] Bluetooth: hci1: command 0x1003 tx timeout [ 890.277327][T15136] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 890.671201][T18860] openvswitch: netlink: IP tunnel dst address not specified [ 890.993147][T18866] netlink: 326 bytes leftover after parsing attributes in process `syz.6.2663'. [ 892.324187][T18874] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2667'. [ 893.164832][T18883] random: crng reseeded on system resumption [ 893.575670][T18888] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2670'. [ 897.227254][T18927] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2681'. [ 898.094451][T18933] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 898.486240][T18935] ima: policy update failed [ 898.492610][ T29] audit: type=1802 audit(4295074897.799:35): pid=18935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2684" res=0 errno=0 [ 900.163507][T15136] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 900.163551][T15136] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 900.181459][T15136] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 900.181528][T15136] Bluetooth: hci4: adv larger than maximum supported [ 900.190824][T15136] Bluetooth: hci4: Unknown advertising packet type: 0x75 [ 900.198954][T15136] Bluetooth: hci4: Malformed LE Event: 0x0d [ 900.908143][T18960] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2691'. [ 901.923036][T18976] could not allocate digest TFM handle binfmt_misc [ 903.299756][T18994] netlink: 62 bytes leftover after parsing attributes in process `syz.2.2700'. [ 904.543219][T19017] FAULT_INJECTION: forcing a failure. [ 904.543219][T19017] name failslab, interval 1, probability 0, space 0, times 0 [ 904.637148][T19018] device-mapper: ioctl: name not supplied when creating device [ 904.681282][T19017] CPU: 1 UID: 0 PID: 19017 Comm: syz.4.2704 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 904.681325][T19017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 904.681343][T19017] Call Trace: [ 904.681351][T19017] [ 904.681362][T19017] dump_stack_lvl+0x16c/0x1f0 [ 904.681407][T19017] should_fail_ex+0x50a/0x650 [ 904.681472][T19017] ? fs_reclaim_acquire+0xae/0x150 [ 904.681513][T19017] should_failslab+0xc2/0x120 [ 904.681543][T19017] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 904.681588][T19017] ? trace_cap_capable+0x1a2/0x210 [ 904.681619][T19017] ? create_new_namespaces+0x30/0xad0 [ 904.681673][T19017] create_new_namespaces+0x30/0xad0 [ 904.681721][T19017] ? bpf_lsm_capable+0x9/0x10 [ 904.681751][T19017] ? security_capable+0x7e/0x260 [ 904.681786][T19017] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 904.681838][T19017] ksys_unshare+0x45d/0xa40 [ 904.681870][T19017] ? __pfx_ksys_unshare+0x10/0x10 [ 904.681899][T19017] ? xfd_validate_state+0x5d/0x180 [ 904.681953][T19017] __x64_sys_unshare+0x31/0x40 [ 904.681983][T19017] do_syscall_64+0xcd/0x250 [ 904.682026][T19017] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 904.682068][T19017] RIP: 0033:0x7fbd7fb8d169 [ 904.682099][T19017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 904.682129][T19017] RSP: 002b:00007fbd809a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 904.682175][T19017] RAX: ffffffffffffffda RBX: 00007fbd7fda5fa0 RCX: 00007fbd7fb8d169 [ 904.682197][T19017] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 904.682228][T19017] RBP: 00007fbd7fc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 904.682246][T19017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 904.682262][T19017] R13: 0000000000000000 R14: 00007fbd7fda5fa0 R15: 00007ffd897ff208 [ 904.682297][T19017] [ 906.030518][T19017] netlink: 'syz.4.2704': attribute type 2 has an invalid length. [ 906.863746][T19028] Process accounting paused [ 907.623507][T19035] nbd: socks must be embedded in a SOCK_ITEM attr [ 907.633391][T19035] block nbd2: shutting down sockets [ 907.864411][T19041] netlink: 62 bytes leftover after parsing attributes in process `syz.5.2711'. [ 909.954707][T19055] FAULT_INJECTION: forcing a failure. [ 909.954707][T19055] name failslab, interval 1, probability 0, space 0, times 0 [ 909.982776][T19055] CPU: 0 UID: 0 PID: 19055 Comm: syz.2.2718 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 909.982820][T19055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 909.982837][T19055] Call Trace: [ 909.982846][T19055] [ 909.982856][T19055] dump_stack_lvl+0x16c/0x1f0 [ 909.982901][T19055] should_fail_ex+0x50a/0x650 [ 909.982946][T19055] ? fs_reclaim_acquire+0xae/0x150 [ 909.982985][T19055] should_failslab+0xc2/0x120 [ 909.983011][T19055] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 909.983052][T19055] ? trace_cap_capable+0x1a2/0x210 [ 909.983081][T19055] ? create_new_namespaces+0x30/0xad0 [ 909.983132][T19055] create_new_namespaces+0x30/0xad0 [ 909.983174][T19055] ? bpf_lsm_capable+0x9/0x10 [ 909.983204][T19055] ? security_capable+0x7e/0x260 [ 909.983236][T19055] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 909.983285][T19055] ksys_unshare+0x45d/0xa40 [ 909.983314][T19055] ? __pfx_ksys_unshare+0x10/0x10 [ 909.983342][T19055] ? xfd_validate_state+0x5d/0x180 [ 909.983391][T19055] __x64_sys_unshare+0x31/0x40 [ 909.983420][T19055] do_syscall_64+0xcd/0x250 [ 909.983459][T19055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 909.983498][T19055] RIP: 0033:0x7f0da238d169 [ 909.983526][T19055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 909.983554][T19055] RSP: 002b:00007f0da31a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 909.983581][T19055] RAX: ffffffffffffffda RBX: 00007f0da25a5fa0 RCX: 00007f0da238d169 [ 909.983599][T19055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 909.983615][T19055] RBP: 00007f0da240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 909.983632][T19055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 909.983649][T19055] R13: 0000000000000000 R14: 00007f0da25a5fa0 R15: 00007ffefa1c2d28 [ 909.983682][T19055] [ 910.227825][T19055] device-mapper: ioctl: name not supplied when creating device [ 910.365969][T19061] FAULT_INJECTION: forcing a failure. [ 910.365969][T19061] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 910.406411][T19061] CPU: 1 UID: 0 PID: 19061 Comm: syz.4.2719 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 910.406454][T19061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 910.406467][T19061] Call Trace: [ 910.406493][T19061] [ 910.406501][T19061] dump_stack_lvl+0x16c/0x1f0 [ 910.406536][T19061] should_fail_ex+0x50a/0x650 [ 910.406576][T19061] _copy_to_iter+0x2a1/0x1560 [ 910.406603][T19061] ? trace_lock_acquire+0x14e/0x1f0 [ 910.406630][T19061] ? __pfx_mark_lock+0x10/0x10 [ 910.406662][T19061] ? __pfx__copy_to_iter+0x10/0x10 [ 910.406685][T19061] ? __virt_addr_valid+0x1a4/0x590 [ 910.406713][T19061] ? __virt_addr_valid+0x5e/0x590 [ 910.406740][T19061] ? __phys_addr+0xc6/0x150 [ 910.406761][T19061] ? __phys_addr_symbol+0x30/0x80 [ 910.406784][T19061] ? __check_object_size+0x488/0x710 [ 910.406810][T19061] simple_copy_to_iter+0x4f/0x80 [ 910.406839][T19061] __skb_datagram_iter+0x5a6/0x8c0 [ 910.406866][T19061] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 910.406903][T19061] skb_copy_datagram_iter+0x40/0x50 [ 910.406933][T19061] tcp_recvmsg_locked+0x1aa3/0x2780 [ 910.406968][T19061] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 910.406995][T19061] ? __local_bh_enable_ip+0xa4/0x120 [ 910.407033][T19061] tcp_recvmsg+0x12e/0x680 [ 910.407056][T19061] ? __pfx_tcp_recvmsg+0x10/0x10 [ 910.407086][T19061] ? aa_sk_perm+0x2f5/0xb20 [ 910.407129][T19061] ? __pfx_tcp_recvmsg+0x10/0x10 [ 910.407157][T19061] inet_recvmsg+0x12b/0x6a0 [ 910.407204][T19061] ? lock_acquire+0x2f/0xb0 [ 910.407249][T19061] ? __pfx_inet_recvmsg+0x10/0x10 [ 910.407294][T19061] sock_recvmsg+0x1b2/0x250 [ 910.407320][T19061] __sys_recvfrom+0x204/0x310 [ 910.407351][T19061] ? 0xffffffff81000000 [ 910.407367][T19061] ? __pfx___sys_recvfrom+0x10/0x10 [ 910.407421][T19061] ? ksys_write+0x1ba/0x250 [ 910.407454][T19061] ? __pfx_ksys_write+0x10/0x10 [ 910.407489][T19061] __x64_sys_recvfrom+0xe0/0x1c0 [ 910.407520][T19061] ? do_syscall_64+0x91/0x250 [ 910.407551][T19061] ? lockdep_hardirqs_on+0x7c/0x110 [ 910.407581][T19061] do_syscall_64+0xcd/0x250 [ 910.407613][T19061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 910.407656][T19061] RIP: 0033:0x7fbd7fb8d169 [ 910.407684][T19061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 910.407716][T19061] RSP: 002b:00007fbd809a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 910.407740][T19061] RAX: ffffffffffffffda RBX: 00007fbd7fda5fa0 RCX: 00007fbd7fb8d169 [ 910.407752][T19061] RDX: 000000800000004e RSI: 0000000000000000 RDI: 0000000000000003 [ 910.407764][T19061] RBP: 00007fbd809a1090 R08: 0000000000000000 R09: ffffffff81000000 [ 910.407776][T19061] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 910.407788][T19061] R13: 0000000000000000 R14: 00007fbd7fda5fa0 R15: 00007ffd897ff208 [ 910.407804][T19061] ? 0xffffffff81000000 [ 910.407822][T19061] [ 911.393344][T19069] FAULT_INJECTION: forcing a failure. [ 911.393344][T19069] name failslab, interval 1, probability 0, space 0, times 0 [ 911.422767][T19069] CPU: 1 UID: 0 PID: 19069 Comm: syz.4.2722 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 911.422801][T19069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 911.422817][T19069] Call Trace: [ 911.422825][T19069] [ 911.422834][T19069] dump_stack_lvl+0x16c/0x1f0 [ 911.422873][T19069] should_fail_ex+0x50a/0x650 [ 911.422914][T19069] ? fs_reclaim_acquire+0xae/0x150 [ 911.422951][T19069] ? tomoyo_realpath_from_path+0xb9/0x720 [ 911.422990][T19069] should_failslab+0xc2/0x120 [ 911.423016][T19069] __kmalloc_noprof+0xcb/0x510 [ 911.423056][T19069] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 911.423101][T19069] tomoyo_realpath_from_path+0xb9/0x720 [ 911.423139][T19069] ? tomoyo_path_number_perm+0x235/0x590 [ 911.423174][T19069] ? tomoyo_path_number_perm+0x235/0x590 [ 911.423211][T19069] tomoyo_path_number_perm+0x248/0x590 [ 911.423242][T19069] ? tomoyo_path_number_perm+0x235/0x590 [ 911.423278][T19069] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 911.423349][T19069] ? __pfx_lock_release+0x10/0x10 [ 911.423386][T19069] ? trace_lock_acquire+0x14e/0x1f0 [ 911.423422][T19069] ? lock_acquire+0x2f/0xb0 [ 911.423457][T19069] ? __fget_files+0x40/0x3a0 [ 911.423501][T19069] ? __fget_files+0x206/0x3a0 [ 911.423545][T19069] security_file_ioctl+0x9b/0x240 [ 911.423580][T19069] __x64_sys_ioctl+0xb7/0x200 [ 911.423617][T19069] do_syscall_64+0xcd/0x250 [ 911.423656][T19069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 911.423694][T19069] RIP: 0033:0x7fbd7fb8d169 [ 911.423714][T19069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 911.423739][T19069] RSP: 002b:00007fbd809a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 911.423763][T19069] RAX: ffffffffffffffda RBX: 00007fbd7fda5fa0 RCX: 00007fbd7fb8d169 [ 911.423779][T19069] RDX: 0000000000000003 RSI: 0000000080dc5521 RDI: 0000000000000004 [ 911.423794][T19069] RBP: 00007fbd809a1090 R08: 0000000000000000 R09: 0000000000000000 [ 911.423808][T19069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 911.423823][T19069] R13: 0000000000000000 R14: 00007fbd7fda5fa0 R15: 00007ffd897ff208 [ 911.423854][T19069] [ 911.423865][T19069] ERROR: Out of memory at tomoyo_realpath_from_path. [ 914.579808][T19103] FAULT_INJECTION: forcing a failure. [ 914.579808][T19103] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 914.614458][T19103] CPU: 1 UID: 0 PID: 19103 Comm: syz.4.2731 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 914.614496][T19103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 914.614512][T19103] Call Trace: [ 914.614520][T19103] [ 914.614529][T19103] dump_stack_lvl+0x16c/0x1f0 [ 914.614572][T19103] should_fail_ex+0x50a/0x650 [ 914.614620][T19103] _copy_to_iter+0x2a1/0x1560 [ 914.614652][T19103] ? trace_lock_acquire+0x14e/0x1f0 [ 914.614687][T19103] ? __pfx__copy_to_iter+0x10/0x10 [ 914.614714][T19103] ? __virt_addr_valid+0x1a4/0x590 [ 914.614747][T19103] ? __virt_addr_valid+0x5e/0x590 [ 914.614790][T19103] ? __phys_addr+0xc6/0x150 [ 914.614816][T19103] ? __phys_addr_symbol+0x30/0x80 [ 914.614845][T19103] ? __check_object_size+0x488/0x710 [ 914.614878][T19103] simple_copy_to_iter+0x4f/0x80 [ 914.614915][T19103] __skb_datagram_iter+0x5a6/0x8c0 [ 914.614947][T19103] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 914.614995][T19103] skb_copy_datagram_iter+0x40/0x50 [ 914.615035][T19103] tcp_recvmsg_locked+0x1aa3/0x2780 [ 914.615082][T19103] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 914.615119][T19103] ? __local_bh_enable_ip+0xa4/0x120 [ 914.615167][T19103] tcp_recvmsg+0x12e/0x680 [ 914.615198][T19103] ? __pfx_tcp_recvmsg+0x10/0x10 [ 914.615241][T19103] ? aa_sk_perm+0x2f5/0xb20 [ 914.615279][T19103] ? __pfx_tcp_recvmsg+0x10/0x10 [ 914.615306][T19103] inet_recvmsg+0x12b/0x6a0 [ 914.615351][T19103] ? lock_acquire+0x2f/0xb0 [ 914.615390][T19103] ? __pfx_inet_recvmsg+0x10/0x10 [ 914.615447][T19103] sock_recvmsg+0x1b2/0x250 [ 914.615480][T19103] __sys_recvfrom+0x204/0x310 [ 914.615519][T19103] ? 0xffffffff81000000 [ 914.615540][T19103] ? __pfx___sys_recvfrom+0x10/0x10 [ 914.615610][T19103] ? ksys_write+0x1ba/0x250 [ 914.615650][T19103] ? __pfx_ksys_write+0x10/0x10 [ 914.615694][T19103] __x64_sys_recvfrom+0xe0/0x1c0 [ 914.615732][T19103] ? do_syscall_64+0x91/0x250 [ 914.615771][T19103] ? lockdep_hardirqs_on+0x7c/0x110 [ 914.615807][T19103] do_syscall_64+0xcd/0x250 [ 914.615848][T19103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 914.615888][T19103] RIP: 0033:0x7fbd7fb8d169 [ 914.615912][T19103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 914.615938][T19103] RSP: 002b:00007fbd80980038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 914.615962][T19103] RAX: ffffffffffffffda RBX: 00007fbd7fda6080 RCX: 00007fbd7fb8d169 [ 914.615980][T19103] RDX: 000000800000004e RSI: 0000000000000000 RDI: 0000000000000003 [ 914.615996][T19103] RBP: 00007fbd80980090 R08: 0000000000000000 R09: ffffffff81000000 [ 914.616012][T19103] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 914.616028][T19103] R13: 0000000000000000 R14: 00007fbd7fda6080 R15: 00007ffd897ff208 [ 914.616051][T19103] ? 0xffffffff81000000 [ 914.616079][T19103] [ 915.387938][T19105] nbd: socks must be embedded in a SOCK_ITEM attr [ 915.396363][T19105] block nbd2: shutting down sockets [ 915.461621][T19114] FAULT_INJECTION: forcing a failure. [ 915.461621][T19114] name failslab, interval 1, probability 0, space 0, times 0 [ 915.478115][T19114] CPU: 0 UID: 0 PID: 19114 Comm: syz.2.2734 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 915.478157][T19114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 915.478174][T19114] Call Trace: [ 915.478182][T19114] [ 915.478194][T19114] dump_stack_lvl+0x16c/0x1f0 [ 915.478239][T19114] should_fail_ex+0x50a/0x650 [ 915.478286][T19114] ? fs_reclaim_acquire+0xae/0x150 [ 915.478327][T19114] should_failslab+0xc2/0x120 [ 915.478355][T19114] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 915.478399][T19114] ? trace_cap_capable+0x1a2/0x210 [ 915.478429][T19114] ? create_new_namespaces+0x30/0xad0 [ 915.478483][T19114] create_new_namespaces+0x30/0xad0 [ 915.478537][T19114] ? bpf_lsm_capable+0x9/0x10 [ 915.478568][T19114] ? security_capable+0x7e/0x260 [ 915.478603][T19114] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 915.478654][T19114] ksys_unshare+0x45d/0xa40 [ 915.478686][T19114] ? __pfx_ksys_unshare+0x10/0x10 [ 915.478715][T19114] ? xfd_validate_state+0x5d/0x180 [ 915.478768][T19114] __x64_sys_unshare+0x31/0x40 [ 915.478798][T19114] do_syscall_64+0xcd/0x250 [ 915.478840][T19114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 915.478889][T19114] RIP: 0033:0x7f0da238d169 [ 915.478911][T19114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 915.478941][T19114] RSP: 002b:00007f0da31a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 915.478968][T19114] RAX: ffffffffffffffda RBX: 00007f0da25a5fa0 RCX: 00007f0da238d169 [ 915.478987][T19114] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 915.479004][T19114] RBP: 00007f0da240e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 915.479021][T19114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 915.479036][T19114] R13: 0000000000000000 R14: 00007f0da25a5fa0 R15: 00007ffefa1c2d28 [ 915.479070][T19114] [ 915.734579][T19114] device-mapper: ioctl: name not supplied when creating device [ 915.902863][T19121] FAULT_INJECTION: forcing a failure. [ 915.902863][T19121] name failslab, interval 1, probability 0, space 0, times 0 [ 915.918173][T19121] CPU: 0 UID: 0 PID: 19121 Comm: syz.2.2738 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 915.918208][T19121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 915.918224][T19121] Call Trace: [ 915.918232][T19121] [ 915.918242][T19121] dump_stack_lvl+0x16c/0x1f0 [ 915.918283][T19121] should_fail_ex+0x50a/0x650 [ 915.918329][T19121] ? fs_reclaim_acquire+0xae/0x150 [ 915.918368][T19121] ? tomoyo_realpath_from_path+0xb9/0x720 [ 915.918408][T19121] should_failslab+0xc2/0x120 [ 915.918436][T19121] __kmalloc_noprof+0xcb/0x510 [ 915.918478][T19121] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 915.918526][T19121] tomoyo_realpath_from_path+0xb9/0x720 [ 915.918566][T19121] ? tomoyo_path_number_perm+0x235/0x590 [ 915.918602][T19121] ? tomoyo_path_number_perm+0x235/0x590 [ 915.918641][T19121] tomoyo_path_number_perm+0x248/0x590 [ 915.918673][T19121] ? tomoyo_path_number_perm+0x235/0x590 [ 915.918711][T19121] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 915.918778][T19121] ? __pfx_lock_release+0x10/0x10 [ 915.918816][T19121] ? trace_lock_acquire+0x14e/0x1f0 [ 915.918859][T19121] ? lock_acquire+0x2f/0xb0 [ 915.918896][T19121] ? __fget_files+0x40/0x3a0 [ 915.918941][T19121] ? __fget_files+0x206/0x3a0 [ 915.918987][T19121] security_file_ioctl+0x9b/0x240 [ 915.919026][T19121] __x64_sys_ioctl+0xb7/0x200 [ 915.919064][T19121] do_syscall_64+0xcd/0x250 [ 915.919106][T19121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 915.919147][T19121] RIP: 0033:0x7f0da238d169 [ 915.919168][T19121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 915.919196][T19121] RSP: 002b:00007f0da31a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 915.919222][T19121] RAX: ffffffffffffffda RBX: 00007f0da25a5fa0 RCX: 00007f0da238d169 [ 915.919240][T19121] RDX: 0000000000000000 RSI: 0000000040084149 RDI: 0000000000000003 [ 915.919256][T19121] RBP: 00007f0da31a4090 R08: 0000000000000000 R09: 0000000000000000 [ 915.919272][T19121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 915.919307][T19121] R13: 0000000000000000 R14: 00007f0da25a5fa0 R15: 00007ffefa1c2d28 [ 915.919344][T19121] [ 915.919356][T19121] ERROR: Out of memory at tomoyo_realpath_from_path. [ 916.724642][T19133] FAULT_INJECTION: forcing a failure. [ 916.724642][T19133] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 916.782430][T19133] CPU: 1 UID: 0 PID: 19133 Comm: syz.4.2743 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 916.782473][T19133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 916.782490][T19133] Call Trace: [ 916.782499][T19133] [ 916.782510][T19133] dump_stack_lvl+0x16c/0x1f0 [ 916.782555][T19133] should_fail_ex+0x50a/0x650 [ 916.782611][T19133] _copy_to_iter+0x2a1/0x1560 [ 916.782644][T19133] ? trace_lock_acquire+0x14e/0x1f0 [ 916.782688][T19133] ? __pfx__copy_to_iter+0x10/0x10 [ 916.782720][T19133] ? __virt_addr_valid+0x1a4/0x590 [ 916.782757][T19133] ? __virt_addr_valid+0x5e/0x590 [ 916.782788][T19133] ? __phys_addr+0xc6/0x150 [ 916.782816][T19133] ? __phys_addr_symbol+0x30/0x80 [ 916.782848][T19133] ? __check_object_size+0x488/0x710 [ 916.782902][T19133] simple_copy_to_iter+0x4f/0x80 [ 916.782961][T19133] __skb_datagram_iter+0x5a6/0x8c0 [ 916.782998][T19133] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 916.783057][T19133] skb_copy_datagram_iter+0x40/0x50 [ 916.783100][T19133] tcp_recvmsg_locked+0x1aa3/0x2780 [ 916.783151][T19133] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 916.783192][T19133] ? __local_bh_enable_ip+0xa4/0x120 [ 916.783244][T19133] tcp_recvmsg+0x12e/0x680 [ 916.783279][T19133] ? __pfx_tcp_recvmsg+0x10/0x10 [ 916.783321][T19133] ? aa_sk_perm+0x2f5/0xb20 [ 916.783361][T19133] ? __pfx_tcp_recvmsg+0x10/0x10 [ 916.783391][T19133] inet_recvmsg+0x12b/0x6a0 [ 916.783439][T19133] ? lock_acquire+0x2f/0xb0 [ 916.783482][T19133] ? __pfx_inet_recvmsg+0x10/0x10 [ 916.783544][T19133] sock_recvmsg+0x1b2/0x250 [ 916.783580][T19133] __sys_recvfrom+0x204/0x310 [ 916.783623][T19133] ? 0xffffffff81000000 [ 916.783646][T19133] ? __pfx___sys_recvfrom+0x10/0x10 [ 916.783724][T19133] ? ksys_write+0x1ba/0x250 [ 916.783767][T19133] ? __pfx_ksys_write+0x10/0x10 [ 916.783816][T19133] __x64_sys_recvfrom+0xe0/0x1c0 [ 916.783860][T19133] ? do_syscall_64+0x91/0x250 [ 916.783902][T19133] ? lockdep_hardirqs_on+0x7c/0x110 [ 916.783944][T19133] do_syscall_64+0xcd/0x250 [ 916.783990][T19133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.784039][T19133] RIP: 0033:0x7fbd7fb8d169 [ 916.784062][T19133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 916.784092][T19133] RSP: 002b:00007fbd80980038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 916.784120][T19133] RAX: ffffffffffffffda RBX: 00007fbd7fda6080 RCX: 00007fbd7fb8d169 [ 916.784140][T19133] RDX: 000000800000004e RSI: 0000000000000000 RDI: 0000000000000003 [ 916.784158][T19133] RBP: 00007fbd80980090 R08: 0000000000000000 R09: ffffffff81000000 [ 916.784177][T19133] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 916.784194][T19133] R13: 0000000000000000 R14: 00007fbd7fda6080 R15: 00007ffd897ff208 [ 916.784220][T19133] ? 0xffffffff81000000 [ 916.784251][T19133] [ 918.058119][T19137] netlink: 326 bytes leftover after parsing attributes in process `syz.6.2745'. [ 918.344666][T19149] FAULT_INJECTION: forcing a failure. [ 918.344666][T19149] name failslab, interval 1, probability 0, space 0, times 0 [ 918.389383][T19149] CPU: 1 UID: 0 PID: 19149 Comm: syz.4.2749 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 918.389416][T19149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 918.389431][T19149] Call Trace: [ 918.389439][T19149] [ 918.389449][T19149] dump_stack_lvl+0x16c/0x1f0 [ 918.389491][T19149] should_fail_ex+0x50a/0x650 [ 918.389535][T19149] ? fs_reclaim_acquire+0xae/0x150 [ 918.389573][T19149] ? tomoyo_encode2+0x100/0x3e0 [ 918.389609][T19149] should_failslab+0xc2/0x120 [ 918.389636][T19149] __kmalloc_noprof+0xcb/0x510 [ 918.389676][T19149] ? d_absolute_path+0x137/0x1b0 [ 918.389725][T19149] ? rcu_is_watching+0x12/0xc0 [ 918.389762][T19149] tomoyo_encode2+0x100/0x3e0 [ 918.389812][T19149] tomoyo_encode+0x29/0x50 [ 918.389855][T19149] tomoyo_realpath_from_path+0x19d/0x720 [ 918.389918][T19149] tomoyo_path_number_perm+0x248/0x590 [ 918.389953][T19149] ? tomoyo_path_number_perm+0x235/0x590 [ 918.389995][T19149] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 918.390070][T19149] ? __pfx_lock_release+0x10/0x10 [ 918.390114][T19149] ? trace_lock_acquire+0x14e/0x1f0 [ 918.390156][T19149] ? lock_acquire+0x2f/0xb0 [ 918.390197][T19149] ? __fget_files+0x40/0x3a0 [ 918.390248][T19149] ? __fget_files+0x206/0x3a0 [ 918.390300][T19149] security_file_ioctl+0x9b/0x240 [ 918.390343][T19149] __x64_sys_ioctl+0xb7/0x200 [ 918.390385][T19149] do_syscall_64+0xcd/0x250 [ 918.390432][T19149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.390476][T19149] RIP: 0033:0x7fbd7fb8d169 [ 918.390501][T19149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 918.390530][T19149] RSP: 002b:00007fbd809a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 918.390558][T19149] RAX: ffffffffffffffda RBX: 00007fbd7fda5fa0 RCX: 00007fbd7fb8d169 [ 918.390578][T19149] RDX: 0000000000000000 RSI: 0000000040084149 RDI: 0000000000000003 [ 918.390597][T19149] RBP: 00007fbd809a1090 R08: 0000000000000000 R09: 0000000000000000 [ 918.390614][T19149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 918.390631][T19149] R13: 0000000000000000 R14: 00007fbd7fda5fa0 R15: 00007ffd897ff208 [ 918.390670][T19149] [ 918.391819][T19149] ERROR: Out of memory at tomoyo_realpath_from_path. [ 919.581644][T19177] openvswitch: netlink: IP tunnel dst address not specified [ 920.584036][T19192] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2761'. [ 921.362793][T19197] nbd2: detected capacity change from 0 to 68719476736 [ 921.400697][T19199] block nbd2: Send control failed (result -22) [ 921.428725][T19199] block nbd2: Request send failed, requeueing [ 921.450479][T15136] block nbd2: Receive control failed (result -32) [ 921.472601][ T42] block nbd2: Dead connection, failed to find a fallback [ 921.481506][ T42] block nbd2: shutting down sockets [ 921.488222][ T42] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.499663][ T42] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.514228][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.572805][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.582538][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.662144][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.681792][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.693368][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.713887][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.733782][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.756409][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.777981][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.804426][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.822648][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.842290][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.872869][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.893586][T19199] ldm_validate_partition_table(): Disk read failed. [ 921.902414][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 921.940194][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 921.952748][T19206] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:42: corrupted in-inode xattr: bad magic number in in-inode xattr [ 921.983043][T19199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 922.012783][T19199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 922.022537][T19199] Dev nbd2: unable to read RDB block 0 [ 922.053311][T19199] nbd2: unable to read partition table [ 922.067694][T19199] ldm_validate_partition_table(): Disk read failed. [ 922.083256][T19199] Dev nbd2: unable to read RDB block 0 [ 922.090370][T19199] nbd2: unable to read partition table [ 922.122524][T19199] [ 922.125353][T19199] ====================================================== [ 922.133781][T19199] WARNING: possible circular locking dependency detected [ 922.142196][T19199] 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 Not tainted [ 922.150726][T19199] ------------------------------------------------------ [ 922.159159][T19199] udevd/19199 is trying to acquire lock: [ 922.165926][T19199] ffff8880258aca28 (&q->q_usage_counter(io)#51){++++}-{0:0}, at: __submit_bio+0x3d1/0x690 [ 922.177895][T19199] [ 922.177895][T19199] but task is already holding lock: [ 922.186751][T19199] ffff888023906540 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 922.199758][T19199] [ 922.199758][T19199] which lock already depends on the new lock. [ 922.199758][T19199] [ 922.212251][T19199] [ 922.212251][T19199] the existing dependency chain (in reverse order) is: [ 922.223074][T19199] [ 922.223074][T19199] -> #6 (mapping.invalidate_lock#2){++++}-{4:4}: [ 922.233337][T19199] down_read+0x9a/0x330 [ 922.239013][T19199] filemap_fault+0x2e7/0x2ca0 [ 922.245311][T19199] __do_fault+0x10a/0x490 [ 922.251154][T19199] do_pte_missing+0xecf/0x3e10 [ 922.257517][T19199] __handle_mm_fault+0x1166/0x2c60 [ 922.264295][T19199] handle_mm_fault+0x3fa/0xaa0 [ 922.270711][T19199] do_user_addr_fault+0x7a3/0x13f0 [ 922.277500][T19199] exc_page_fault+0x5c/0xc0 [ 922.283550][T19199] asm_exc_page_fault+0x26/0x30 [ 922.290035][T19199] fault_in_readable+0x160/0x200 [ 922.296624][T19199] fault_in_iov_iter_readable+0x101/0x2c0 [ 922.304262][T19199] iomap_file_buffered_write+0x3e2/0xc70 [ 922.311674][T19199] blkdev_write_iter+0x545/0xdd0 [ 922.318257][T19199] vfs_write+0x5ae/0x1150 [ 922.324108][T19199] ksys_write+0x12b/0x250 [ 922.329970][T19199] do_syscall_64+0xcd/0x250 [ 922.336029][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.343770][T19199] [ 922.343770][T19199] -> #5 (&mm->mmap_lock){++++}-{4:4}: [ 922.352872][T19199] __might_fault+0x11b/0x190 [ 922.359023][T19199] _copy_from_iter+0x1c4/0x1560 [ 922.365491][T19199] tcp_sendmsg_locked+0x1979/0x37c0 [ 922.372377][T19199] tcp_sendmsg+0x2e/0x50 [ 922.378107][T19199] inet_sendmsg+0xb9/0x140 [ 922.384073][T19199] sock_write_iter+0x4ac/0x5b0 [ 922.390448][T19199] vfs_write+0x5ae/0x1150 [ 922.396299][T19199] ksys_write+0x207/0x250 [ 922.402155][T19199] do_syscall_64+0xcd/0x250 [ 922.408209][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.415936][T19199] [ 922.415936][T19199] -> #4 (sk_lock-AF_INET){+.+.}-{0:0}: [ 922.425171][T19199] lock_sock_nested+0x3a/0xf0 [ 922.431426][T19199] smc_shutdown+0x65/0x7f0 [ 922.437405][T19199] nbd_mark_nsock_dead+0xae/0x5d0 [ 922.444055][T19199] sock_shutdown+0x17c/0x280 [ 922.450221][T19199] nbd_config_put+0x1e6/0x750 [ 922.456475][T19199] nbd_genl_connect+0x12d5/0x1c00 [ 922.463131][T19199] genl_family_rcv_msg_doit+0x202/0x2f0 [ 922.470438][T19199] genl_rcv_msg+0x565/0x800 [ 922.476516][T19199] netlink_rcv_skb+0x16b/0x440 [ 922.482859][T19199] genl_rcv+0x28/0x40 [ 922.488275][T19199] netlink_unicast+0x53c/0x7f0 [ 922.494621][T19199] netlink_sendmsg+0x8b8/0xd70 [ 922.500975][T19199] ____sys_sendmsg+0xaaf/0xc90 [ 922.507309][T19199] ___sys_sendmsg+0x135/0x1e0 [ 922.513563][T19199] __sys_sendmsg+0x16e/0x220 [ 922.519752][T19199] do_syscall_64+0xcd/0x250 [ 922.525792][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.533516][T19199] [ 922.533516][T19199] -> #3 (&nsock->tx_lock){+.+.}-{4:4}: [ 922.542691][T19199] __mutex_lock+0x19b/0xb10 [ 922.548766][T19199] nbd_queue_rq+0x424/0x1220 [ 922.554911][T19199] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 922.562207][T19199] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 922.570428][T19199] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 922.578227][T19199] blk_mq_run_hw_queue+0x239/0x670 [ 922.584996][T19199] blk_mq_flush_plug_list+0x673/0x1c60 [ 922.592176][T19199] __blk_flush_plug+0x2c5/0x4b0 [ 922.598620][T19199] __submit_bio+0x547/0x690 [ 922.604648][T19199] submit_bio_noacct_nocheck+0x698/0xd70 [ 922.612035][T19199] submit_bio_noacct+0x50d/0x1ec0 [ 922.618690][T19199] block_read_full_folio+0x812/0xa50 [ 922.625668][T19199] filemap_read_folio+0xc6/0x2a0 [ 922.632229][T19199] do_read_cache_folio+0x263/0x5c0 [ 922.638993][T19199] read_part_sector+0xd4/0x310 [ 922.645348][T19199] adfspart_check_ICS+0x94/0x940 [ 922.651911][T19199] bdev_disk_changed+0x71f/0x1520 [ 922.658574][T19199] blkdev_get_whole+0x187/0x290 [ 922.665046][T19199] bdev_open+0x2c7/0xe20 [ 922.670803][T19199] blkdev_open+0x27b/0x3f0 [ 922.676737][T19199] do_dentry_open+0x735/0x1c40 [ 922.683104][T19199] vfs_open+0x82/0x3f0 [ 922.688603][T19199] path_openat+0x1e88/0x2d80 [ 922.694744][T19199] do_filp_open+0x20c/0x470 [ 922.700780][T19199] do_sys_openat2+0x17a/0x1e0 [ 922.707015][T19199] __x64_sys_openat+0x175/0x210 [ 922.713470][T19199] do_syscall_64+0xcd/0x250 [ 922.719499][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.727206][T19199] [ 922.727206][T19199] -> #2 (&cmd->lock){+.+.}-{4:4}: [ 922.735866][T19199] __mutex_lock+0x19b/0xb10 [ 922.741900][T19199] nbd_queue_rq+0xbe/0x1220 [ 922.747927][T19199] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 922.755206][T19199] __blk_mq_sched_dispatch_requests+0xcdf/0x1620 [ 922.763409][T19199] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 922.771217][T19199] blk_mq_run_hw_queue+0x239/0x670 [ 922.777959][T19199] blk_mq_flush_plug_list+0x673/0x1c60 [ 922.785163][T19199] __blk_flush_plug+0x2c5/0x4b0 [ 922.791605][T19199] __submit_bio+0x547/0x690 [ 922.797628][T19199] submit_bio_noacct_nocheck+0x698/0xd70 [ 922.805007][T19199] submit_bio_noacct+0x50d/0x1ec0 [ 922.811672][T19199] block_read_full_folio+0x812/0xa50 [ 922.818642][T19199] filemap_read_folio+0xc6/0x2a0 [ 922.825192][T19199] do_read_cache_folio+0x263/0x5c0 [ 922.831955][T19199] read_part_sector+0xd4/0x310 [ 922.838299][T19199] adfspart_check_ICS+0x94/0x940 [ 922.844856][T19199] bdev_disk_changed+0x71f/0x1520 [ 922.851520][T19199] blkdev_get_whole+0x187/0x290 [ 922.857963][T19199] bdev_open+0x2c7/0xe20 [ 922.863675][T19199] blkdev_open+0x27b/0x3f0 [ 922.869601][T19199] do_dentry_open+0x735/0x1c40 [ 922.875973][T19199] vfs_open+0x82/0x3f0 [ 922.881474][T19199] path_openat+0x1e88/0x2d80 [ 922.887607][T19199] do_filp_open+0x20c/0x470 [ 922.893638][T19199] do_sys_openat2+0x17a/0x1e0 [ 922.899868][T19199] __x64_sys_openat+0x175/0x210 [ 922.906314][T19199] do_syscall_64+0xcd/0x250 [ 922.912360][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.920069][T19199] [ 922.920069][T19199] -> #1 (set->srcu){.+.+}-{0:0}: [ 922.928621][T19199] __synchronize_srcu+0xa9/0x2a0 [ 922.935241][T19199] blk_mq_update_nr_requests+0x288/0x670 [ 922.942624][T19199] queue_requests_store+0x161/0x210 [ 922.949498][T19199] queue_attr_store+0x370/0x510 [ 922.955952][T19199] sysfs_kf_write+0x117/0x170 [ 922.962198][T19199] kernfs_fop_write_iter+0x33d/0x500 [ 922.969159][T19199] vfs_write+0x5ae/0x1150 [ 922.974985][T19199] ksys_write+0x12b/0x250 [ 922.980816][T19199] do_syscall_64+0xcd/0x250 [ 922.986866][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.994573][T19199] [ 922.994573][T19199] -> #0 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 923.004911][T19199] __lock_acquire+0x249e/0x3c40 [ 923.011364][T19199] lock_acquire.part.0+0x11b/0x380 [ 923.018131][T19199] blk_mq_submit_bio+0x20f5/0x2610 [ 923.024889][T19199] __submit_bio+0x3d1/0x690 [ 923.030917][T19199] submit_bio_noacct_nocheck+0x698/0xd70 [ 923.038301][T19199] submit_bio_noacct+0x50d/0x1ec0 [ 923.044951][T19199] mpage_readahead+0x41d/0x590 [ 923.051294][T19199] read_pages+0x1a7/0xc60 [ 923.057115][T19199] page_cache_ra_unbounded+0x426/0x7d0 [ 923.064296][T19199] force_page_cache_ra+0x24b/0x340 [ 923.071058][T19199] page_cache_sync_ra+0x158/0xa30 [ 923.077725][T19199] filemap_get_pages+0xb62/0x1c30 [ 923.084384][T19199] filemap_read+0x3c5/0xe70 [ 923.090418][T19199] blkdev_read_iter+0x187/0x4b0 [ 923.096872][T19199] vfs_read+0x886/0xbf0 [ 923.102490][T19199] ksys_read+0x12b/0x250 [ 923.108209][T19199] do_syscall_64+0xcd/0x250 [ 923.114245][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 923.121948][T19199] [ 923.121948][T19199] other info that might help us debug this: [ 923.121948][T19199] [ 923.134207][T19199] Chain exists of: [ 923.134207][T19199] &q->q_usage_counter(io)#51 --> &mm->mmap_lock --> mapping.invalidate_lock#2 [ 923.134207][T19199] [ 923.151960][T19199] Possible unsafe locking scenario: [ 923.151960][T19199] [ 923.160923][T19199] CPU0 CPU1 [ 923.167352][T19199] ---- ---- [ 923.173793][T19199] rlock(mapping.invalidate_lock#2); [ 923.180247][T19199] lock(&mm->mmap_lock); [ 923.188467][T19199] lock(mapping.invalidate_lock#2); [ 923.197839][T19199] rlock(&q->q_usage_counter(io)#51); [ 923.204409][T19199] [ 923.204409][T19199] *** DEADLOCK *** [ 923.204409][T19199] [ 923.214172][T19199] 1 lock held by udevd/19199: [ 923.219801][T19199] #0: ffff888023906540 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x173/0x7d0 [ 923.233299][T19199] [ 923.233299][T19199] stack backtrace: [ 923.240352][T19199] CPU: 0 UID: 0 PID: 19199 Comm: udevd Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 923.240382][T19199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 923.240398][T19199] Call Trace: [ 923.240406][T19199] [ 923.240415][T19199] dump_stack_lvl+0x116/0x1f0 [ 923.240452][T19199] print_circular_bug+0x490/0x760 [ 923.240490][T19199] check_noncircular+0x31a/0x400 [ 923.240525][T19199] ? __pfx_check_noncircular+0x10/0x10 [ 923.240559][T19199] ? __kernel_text_address+0xd/0x40 [ 923.240596][T19199] ? unwind_get_return_address+0x59/0xa0 [ 923.240639][T19199] ? lockdep_lock+0xc6/0x200 [ 923.240667][T19199] ? __pfx_lockdep_lock+0x10/0x10 [ 923.240698][T19199] __lock_acquire+0x249e/0x3c40 [ 923.240739][T19199] ? __pfx___lock_acquire+0x10/0x10 [ 923.240775][T19199] ? hlock_class+0x4e/0x130 [ 923.240801][T19199] ? mark_lock+0xb5/0xc60 [ 923.240834][T19199] ? mark_lock+0xb5/0xc60 [ 923.240878][T19199] ? page_cache_ra_unbounded+0x426/0x7d0 [ 923.240907][T19199] ? page_cache_sync_ra+0x158/0xa30 [ 923.240937][T19199] lock_acquire.part.0+0x11b/0x380 [ 923.240972][T19199] ? __submit_bio+0x3d1/0x690 [ 923.241001][T19199] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 923.241044][T19199] ? rcu_is_watching+0x12/0xc0 [ 923.241070][T19199] ? trace_lock_acquire+0x14e/0x1f0 [ 923.241099][T19199] ? __submit_bio+0x3d1/0x690 [ 923.241125][T19199] ? lock_acquire+0x2f/0xb0 [ 923.241158][T19199] ? __submit_bio+0x3d1/0x690 [ 923.241185][T19199] blk_mq_submit_bio+0x20f5/0x2610 [ 923.241216][T19199] ? __submit_bio+0x3d1/0x690 [ 923.241245][T19199] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 923.241276][T19199] ? mark_lock+0xb5/0xc60 [ 923.241308][T19199] ? __pfx___lock_acquire+0x10/0x10 [ 923.241341][T19199] ? __pfx___lock_acquire+0x10/0x10 [ 923.241375][T19199] ? trace_lock_acquire+0x14e/0x1f0 [ 923.241404][T19199] ? __pfx_mark_lock+0x10/0x10 [ 923.241441][T19199] __submit_bio+0x3d1/0x690 [ 923.241468][T19199] ? __pfx___submit_bio+0x10/0x10 [ 923.241495][T19199] ? trace_lock_acquire+0x14e/0x1f0 [ 923.241530][T19199] ? submit_bio_noacct_nocheck+0x698/0xd70 [ 923.241559][T19199] submit_bio_noacct_nocheck+0x698/0xd70 [ 923.241589][T19199] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 923.241621][T19199] ? __pfx___might_resched+0x10/0x10 [ 923.241663][T19199] submit_bio_noacct+0x50d/0x1ec0 [ 923.241694][T19199] mpage_readahead+0x41d/0x590 [ 923.241721][T19199] ? __pfx_mpage_readahead+0x10/0x10 [ 923.241754][T19199] ? __pfx_blkdev_get_block+0x10/0x10 [ 923.241788][T19199] ? __folio_batch_add_and_move+0x5f3/0xc60 [ 923.241823][T19199] ? __pfx_lock_release+0x10/0x10 [ 923.241856][T19199] ? trace_lock_acquire+0x14e/0x1f0 [ 923.241884][T19199] ? __pfx_blkdev_readahead+0x10/0x10 [ 923.241916][T19199] read_pages+0x1a7/0xc60 [ 923.241942][T19199] ? __folio_batch_add_and_move+0x689/0xc60 [ 923.241980][T19199] ? __pfx_read_pages+0x10/0x10 [ 923.242018][T19199] page_cache_ra_unbounded+0x426/0x7d0 [ 923.242053][T19199] force_page_cache_ra+0x24b/0x340 [ 923.242084][T19199] page_cache_sync_ra+0x158/0xa30 [ 923.242113][T19199] ? __lock_acquire+0xcc5/0x3c40 [ 923.242148][T19199] filemap_get_pages+0xb62/0x1c30 [ 923.242186][T19199] ? __pfx_filemap_get_pages+0x10/0x10 [ 923.242222][T19199] ? __pfx___might_resched+0x10/0x10 [ 923.242264][T19199] filemap_read+0x3c5/0xe70 [ 923.242297][T19199] ? trace_lock_acquire+0x14e/0x1f0 [ 923.242330][T19199] ? __pfx_filemap_read+0x10/0x10 [ 923.242376][T19199] ? apparmor_file_permission+0x251/0x400 [ 923.242406][T19199] blkdev_read_iter+0x187/0x4b0 [ 923.242441][T19199] vfs_read+0x886/0xbf0 [ 923.242477][T19199] ? __pfx_vfs_read+0x10/0x10 [ 923.242510][T19199] ? blkdev_llseek+0x9b/0xd0 [ 923.242541][T19199] ? __pfx_lock_release+0x10/0x10 [ 923.242577][T19199] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 923.242619][T19199] ksys_read+0x12b/0x250 [ 923.242652][T19199] ? __pfx_ksys_read+0x10/0x10 [ 923.242694][T19199] do_syscall_64+0xcd/0x250 [ 923.242732][T19199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 923.242768][T19199] RIP: 0033:0x7f2742516b6a [ 923.242787][T19199] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 923.242811][T19199] RSP: 002b:00007ffd1d5b12d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 923.242834][T19199] RAX: ffffffffffffffda RBX: 00001fffffff0000 RCX: 00007f2742516b6a [ 923.242850][T19199] RDX: 0000000000000040 RSI: 000055b821e73048 RDI: 0000000000000009 [ 923.242866][T19199] RBP: 0000000000000040 R08: 000055b821e73020 R09: 00007f27425f1b60 [ 923.242881][T19199] R10: 0000000000000007 R11: 0000000000000246 R12: 000055b821e73020 [ 923.242897][T19199] R13: 000055b821e73038 R14: 000055b821e79ad8 R15: 000055b821e79a80 [ 923.242919][T19199]