last executing test programs: 11.592418346s ago: executing program 2 (id=608): r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/7u\x00', 0x28000, 0x0) mkdir$auto(&(0x7f0000000000)='\xe6/\x00', 0x2) utime$auto(&(0x7f0000000040)='\xe6/\x00', 0x0) socket(0x1e, 0x6, 0xd) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) write$auto(0x1, 0x0, 0x100) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @rand_addr=0x2}, 0x52) shutdown$auto(0x200000003, 0x2) read$auto_mon_fops_text_t_mon_text(r0, 0x0, 0x0) mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1) mmap$auto(0x0, 0x4005, 0x2, 0x10040eb2, 0x401, 0x300000000000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x200300, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x8080, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x200, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0xc040aed5, 0x0) ioctl$auto(0xffffffffffffffff, 0x8004552d, 0xffffffffffffffff) rmdir$auto(0x0) 10.783674171s ago: executing program 2 (id=611): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) ioctl$auto_USBDEVFS_CONTROL32(r0, 0xc0105500, &(0x7f0000000080)={0x2, 0x0, 0x101, 0x0, 0x3, 0x4, 0x69}) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0x3, 0x15) (async) adjtimex$auto(0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) (async) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1006, 0x2d6) (async) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) (async) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) write$auto_snd_pcm_oss_f_reg_pcm_oss(r1, 0x0, 0x0) (async) nanosleep$auto(0x0, 0x0) (async) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/002/001\x00', 0xa00, 0x0) mbind$auto(0xf000, 0x7e8, 0x1, 0x0, 0x7fff, 0x2) (async) mbind$auto(0xffffffffffff7fff, 0x1, 0x800, 0x0, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/tty/ttyc2/power/runtime_active_time\x00', 0x0, 0x0) (async) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 8.705062479s ago: executing program 1 (id=620): r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r0, &(0x7f0000000700)='(dev_\x00\x00\x00\x00\x00', 0x1) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) socket(0x2, 0x801, 0x100) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) socket(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r1, 0xffffffffffffffff, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0) ioctl$auto(r2, 0xc0585611, r2) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) pselect6$auto(0x9, &(0x7f0000000000)={[0x8, 0x4, 0x0, 0x6, 0x8001, 0xfffffffffffff000, 0xfff, 0x9, 0xcf1, 0x100000003, 0x8000000000000001, 0x0, 0x2f, 0x4002, 0x8000000000000002, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r3, 0x1, 0xb, 0x0, 0x4) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1800118}, 0xc, &(0x7f0000000080)={&(0x7f0000000740)={0x1148, r4, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_NAME={0xa, 0x11, '(dev_\x00'}, @HWSIM_ATTR_COOKIE={0xc, 0x8, 0x4}, @HWSIM_ATTR_CIPHER_SUPPORT={0x1004, 0x18, "baeaf64c6c24bc18755794eacaffe3dfe5bd7264aa97d0aeb85cbb622ee21964389975e7f344bea56872ed43f21e4cd0fd5942957a05f195796d3def3ad8cc836e09240e11551b5d42b83e096f0070b4d3037069282bfa6330161fa5827cd13d08d70d68e16555e2db0d07934dbee072203f1869090612dc69c89de541db918207838e5c114b65443d9fa19c21126718ec9932597b608e29ede472c25276058e3975a14f06d1626067bf677f7df4deda415afa0efde817ca7b891febcd7e81c82fcc1c7e05b7457c02730955a8e372d66657263ed0e2f4b252eaab834e61f6b144dd0c392c04f6beee40dc96003f8fb7b1eb3b56232fdafb419e1ddf827b196ef71a9613a2d6d354a9c953ad337e415f6730d715dfb67fc204b1e3c17cdec47f018e54d65669d5ffb2506c31979803d7739d7dcac0af55704b870aa96161ab0c04d5e463a6ea01f724c972e7625c8f89561ff2bf0f135f26cc009e684c3e4214d141a95d2e6b20a7530927362b7cffb94414a5ec28ca347948cf2c4f9a989b79f44454f99856967cdb636e95fe4c744cde41686bb5d5e35a3c0182288b5fad0529495308df31df7549a2d8f980c468a2ae1d8719d1788fc8dc9928f07ab6dfa7b49e704ccd384b99ac0dcfd867d88b1d0fd0ecadb9e68f453bd92253387ab8c153d846453b2c1177b8e30e912308f6d833c6d4a44b62ab163f889a84cb7f0e84af689d87f3b80cc30ed926114d12bb8b2070ebba432bb4bc16ed89343c7f4ef7dcddd4c4c1d2295c6ef675096c4c3949f20bc6601867a15cccf971accd0cadfe53ba1299b029ad31a2f225dfde5201b811a67010d654b1dbe1272d22a3a70349744c6b5fe4cb2cd47e61ea6967301e27d244a553f5fe19d9030f6c551945e13853bafc9930e6709deb36131f6ee76899d336d9cffe8aec0fea1953a86ecacfe356034f79c0d13225137a0bf228fc1380099ab27b34d994108b68485a755102707abb85697e275a6ad6e32d75af5b28ffe6cc087a52df14b56249f311b3f85b93a19e2dfef81e2acce5dc754366a092a45a8532c1a5ca55ff5c2ba6610828972f4dd515da76aec213d5a6071878a95a50dfaa779a6f0b82884c2dc4f48fcfdaea583deff17189a8b62f20423217ae56b44e021ca5a7b6857b461a7ac46a62fd7e27fe44f3650f26909ca98f72ec5cc45ee98f1035c88b24efd0bfd1a85bf8c0f8d2a7b912e6aaa95ba535d460a0e5076a794c624b15638d3086622267472baf1fb5261afbbdcafdcb2a704103ed1c1c54d5d085bc498657bb25f6df748119f46c6eb89a80ba008210d85c00b605fd54260249c35e8c1ff7ff26b2e358316b11e5c2b2f7e0e75481e819b39f74d7750b468520a7ae33b3a1a3390233c70e4ad51d443bc5a0d0e95cf019d0dff15d284539d4090ae2d3dc7967ce680400a213a5bcedad8e11f2843f9fa23424262670cb464dd5eee75205779facfe9682ce57510eee4ff644d3bba52f951c062bcc1beceabb45eaa8d801cee38f52747baccf6fa98c944757d1b92d3e5f55ac9dcd613b3144fba3905610256519372d5bf1fae173c7871604edd44e33c8f6d11fba1683e168be62fd3e9b66c0482f6910dfeedce3484e10241e3ebffc27fc6b8eb48175a12b7c8733635e26c9c59c1d0e0f9b1a6f0ee86935e5f7b7f9ae4ad5bec682d10513dec870d56cdc6338067fa45e0847c9736ea8a72ab9f47660111b4a884f92e4296806ecdf012e85f88508b9b9b8ae5e0181b9d894a3518dda4c22a1af76e3a8541d0bc42abcf9460a6c794dbc2d0b9b3d2482cab306028de2d95a2dfdb694af56a029c2eb8794cb08ea8f9a7828e14501d23f6d0fad6f4d83d97446ddf65738dbf6c94924e7700778892eb92427ae8e89e843e3c603cdb3bf0496da1b3e74c92fbe55ed2126b88a6905b6b4c5649189075ad5193f1823fb0b214fa5044c4ac01d3e22860f705c9b608deb60ee9501db1e58afd486e65196e08b6181bf36a32ae664f3b8daa4ba0517a1c0d6f1b2ff9da06f70ec4289efc372540e096bd3fa04fe1f1e31c00ae687b980f331b6877aa4acccf0af1a7ec781980d6620896572c015d5b9bd0ab8ea7bd882786376386f480a4464c3b7dccd58f53988f6d5d60d842e863d035eec5f7683bac1a4bba3e35260ee9dc6c4accdd2a30a237e4b11530de400830feaab06283fc5328c980e9c56614e8111176d70ae7ea75f6610836f6666a9817220b150a950b6a18291b2149b73a1979a3280d889d7587a8be16961839793cb17c0406a9c1bc40539edc1fb6177bdd0487261c55abf8d2cdc2591aade5ff541281eb7b8d0f9a2a31dfc555b39101383f541b49ff2b767b8b77cdb7fbc20090087d554c9e1e954070d502edf2fbf2dbcc47108e2195ac33e8d372de343984300c6fd68ee08fa9faf00044c47c18b15230b060f3daf7e8a9fad473968e3620eca2f4a813f10b1011e460f6549bb0f26fad8fccab5117744112de4ecda9ac59277c722dda692f412489891f0461c6c97bc23fa16e60dc1597888268ca8f630285f7332a01005d823ae818692dac67b8ca7aec8df2166395b0fbbdc2bf2c5be683b601245f268348661191fbee171e720811616713e2af6735750f8745b68b97f65c1562cc7e2f651a637b9ec059fa71a5e7e1ec2cd4c7676f103ef82705102a080bcd0072ccd454e28a40506d7acb19e6350d58e043baa6de88114548e362fda5da7dcb2bb187be520dddf2a6909a564edc68ba20889e57f2e224cc4f80fee141bdeeb2a924c1f117704f1c8b6eb9d6e5d3fdf2164fa294a45b44c4f0d6400ad9b337c63aa9e3c69eb8d424915863b12e251159c181f9c1282dd7cb28f2f1f02dfd47cb6cfccb2371a03dfe4897a0a357fba5111a119e7021cb36c8bf4453b8ac97c2ee19d9f8eb48b2e0fa13155c321d77af1fa21a8133f4337e7f953f09c354ab267b25afae9b1bf85f34b74fd0a222bf23ce09ee7a2bd7c36ef2d430ff72523df0276e8c2e4b71712f3dbc6bb575745296e23fe6bec19cff1480cfae99f2b2a482a24ea0d11a8028a118bd8d29f83b2972940b6ab75a4b53827756c3d5532118401253855f14bf0793428ef01d7c6749028b53c9371f671024641ae019c707bad07f53f234debb81ce447266fccbe5d8d3fb18452d94cee9d959ca615e1df967cf697f15e9ccd67420aa7891e7883a3dce81c556105f5216769c206358f3c9ab7a5df7d0174a320d30b5ce14f5ddcc750dd5fd02a8ff1c55230c32721be0afc7c2340199cb996032100b34d805a5f96cf8b6b901c2a2d62d368778594648d5022fc310bd3aa3185529d30b56217960d467c1cc4d23ffbdfa371cde63a9082ea4ed0e37292faea560e273649afa7b3491ef5e884a91b5c3f3d9f9cd2f7e4b7ca77c97e29d68e9b9b568423d3757647d9f3284c8b23692163deb60451973adbe3c5dc1ba9ea31d6bdd5f608e6545dd74827f540502ec8499ce8ee8f91a9813c88cabcf09733e4172d2aef4ce0551cfaef9a6fd442b5993feea89e549929104d7a2d956c7fcaa002f0f3a36d4857b444306b0bfbd29ccc844f7c9698deb8f8d62b808fa435d14726d20191d2cbab9a7d03255aae686380a3c56d98046bcf6378bab37a70abef3b07f6b71ae6aec58f1c4adb9e883a43e6fe4b4f710d184d2ef59313323609cc8615bba41c7dfec1a646de66be1451a7e52c0e02042d5fd565f66b8afd4ce9760a59febe88fa48f1700f3d3b5f71fc5a95179ec29a1c7b853a703077ff9388125ea78b4fdfd1f19518bc31bc72eb273c15d1d38250d7136faac0fa40a5834675d528a657292a025cba66cd20a57b034ba7ae0dad023918de7981b74b9dde0235e5df5c90c4b54be800c666f7eeba5b844db4097537e9358080464319be59e2535d9bc90033772639acc2e4a46d4b17f46f563a186910aa9e8ac5c832914350c4e7bcfe83a5859ab67f6d665435cb38a6c8b92919433fd4681c152a0a1b99d1b54e38c0a9b4bf73388ec106fa64ffc2853c29a58c53c1fc8fa52598417390e6d7104e4055f7fa2c91d1d1d27b2f88980fc1a87c246722b38efd41fe84453b16c54a06001a5ee67cbdb12d4749e9cd767968cfac2f81b01c07fb6c8b607c790db5f198389e76e79dd5e4d13fbce38fb0b240c07af3c66465552369de2ded7dbed16e9b2471b3053a2b06b806775c69558670b4cc1825106492dea4b49d03180dfd36febd35e34be9bf91c39fad3421871e91251cfc2c97ac309fcb3e2f761891ea20e80a8d990a5facc85a396c654a7d4b74c07a7f05850f61149088c1bf173549cb2d2b31214f640876d2ecbe72e171180e83a5ec13362f1bf308382344ccff1cbef5e418652395f0620baf99df5d4f6bf53de05ffe4ee8848509ee9b66e3ca63872c1d48f99c19b0d3d591a33c452cb25c5fcad6edd6b32467fd516120655adf3594a90ef732ce4d0b00675932ae9e96691073981ec9b6e0356ce0c2b994bdb2805e86c6152f75ab2346472ae8b6bcf4b43ce8aaac8f35cbcb77e472f2ed5c36c8fb659670c4250c9c01d09d423f24a4fe7d9d289e13da9f21724203c346e05fe06f7254136d01d4a11be0140f0072a315d4c157525ed0242fc23b9e41bc34e6c51d74fccd1e2cc5ecd187b11b9d55a7bcf46b5b65ad7a0a6cc29adfefacbf53731b17a3aa07e1c9c7e2b12d3cc262ddf8d9da2e6b392dde8a2d1d8a9c751657f76a1369a25e1f30e1590026dd9f504cd1c76b1b029ba41636a6246ef3c1b0ac07be3e14d62587944769ad5ce67ed839b9c1458658a43ba3759c0722e78c0a146e5ae36f5c888d3291ce51862d580c22995eaded4ecb9bea62350a82f30464edcf29ba2857920244a13c6645c17b19f9dc25eada8712be1bd1bb87babacf8ecd42f491e0a4d821069c9df314fb8bfc1ddf4420ccb92352234d9b8615d858046fabfe97fc0f1ad08bcd68bb2cd13abf482e8c9ef4042f74fd412d7c5d8e1db5633c4e72373eef34b5f56f7f1e2ef16f74a63f103b6032734f2fcbff752ed96ec342e0651e609fd880c37239f74844322f0740333cb40e99c06e7c7fb5454ac098dbb50fbe7954f8bfa129da52ac2493a87d146740004e8ebffb2089763e6f8a7034dc55042662476c706f1289b8710d256d813e439ae5869b25cf2b6c731cc7a467e5f266d6bcadb175625a7a0358a518981347f6a68ba3803bc9f195522d75ca177d771310e4bbfef512cfe9df4270592bb089b8764017874d8fd7cd298cdfa126fa6ee476a0c392f0625fc300e681ea2d0ccb7fb757fd8904edff1379556a32b1895317ff87715d23b5f4b9c477ef6e7f1e97b6c5c5fa06f7ad2a74c18eed40a7b552b4237adb9843885765144b116a9f24f81fc774ba002dd9e2720b8a2838700cd68100863e1051ff6842b4537e6d40e00903313a3ff9f20576fd3d29a4129f7a9447aab5e33adb4f918fb5b8edd66d9c0c611d4a782882dcc81b0fe00a59c5f210345e2d147b9082d1a414931746649f37bab1a06cb32f0b4f023678c480418525e84b7caf4e7dd7fd672fd6fabf7d41135e9f049b37de93edf7f01ab09d83ab7de955c6bb85d93cf0cf35a379469282997aaeb5faf1a41a81c2ab90ef77186ac560ddfdd55ff1fbecbe4b01c698626b81c688b143382ff88447500bfbef44107c2707448a8f5755742d6c867704915f76a1e39a71d3932e37e8bd2864be983947ef49c7099b425ef3ecf0da87c966928fdac6e295ac54ca431234a218535e31059cf8e87b56"}, @HWSIM_ATTR_TX_INFO_FLAGS={0xb, 0x15, "a7077d91d98fa5"}, @HWSIM_ATTR_MULTI_RADIO={0x4}, @HWSIM_ATTR_MLO_SUPPORT={0x4}, @HWSIM_ATTR_TX_INFO={0x4}, @HWSIM_ATTR_TX_INFO_FLAGS={0x100, 0x15, "72d29e3d6e99761fb3246857ac1fac6b1b2924dfd44b5051ff6e9801faf70d7e55b199d62d7167d27d434690f7007d83575a27cabe975989202f266802974768a8ccc175c1d9f7e43c1dcafd8c42b1f06fd6758c008db298c33c61b9e5991c84c22eb2ebec7e38e485b7a562b32f3ebf14ad23e787bfdcf5226b61b7a43a34b8b65cf856ad5f456499fa2e1c6860db13a62d7d55d157833562b99b8a7388a0f62493038c0623b3abc4c65948eac75ae1508f82087287869e9867e66218172b2d818f6e21f2be2f614f572b1a2b1c79cf7cadc3d476057b8975860fb38e44f9b58c456029b0bcf4f5717f449d34683268395990d0a9d81616b0cd42a0"}]}, 0x1148}, 0x1, 0x0, 0x0, 0x48c0}, 0x20000000) 8.553098702s ago: executing program 0 (id=622): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x20401, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000032c0)='/dev/mtd0\x00', 0x22801, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x1) fcntl$auto(0x3, 0x401, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/veth0_virt_wifi/base_reachable_time\x00', 0x80000, 0x0) ioctl$auto(r1, 0x541c, r2) recvfrom$auto(0x3, 0x0, 0x8000000017, 0x10e, 0x0, 0xfffffffffffffffd) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, 0x0, 0x301, 0x4070bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 8.225457099s ago: executing program 1 (id=623): rseq$auto(&(0x7f00000002c0)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0xffffffd4, 0x0, 0x7) ioperm$auto(0x3, 0xe, 0x2000000000000149) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000380), 0x101100, 0x0) r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd9162e47520395e435d57b029957000e236ecfc595c1a5e3fd76cf0b16ef09009000014000100fc000052a876e85e4f6cae05842248f221d881712f3d7adcaeb5101b9493be2517a92c4f577236c3afd2599c130f814dd15360b050188683c783d308477e4740c88bdf8693c2db1e4700001f51b57747855612ff91b84f240a3cb1a0ffe7a54f68cba98035076ae2a923453fb8fff0d8d9ed0bc324af4482ae"], 0x28}, 0x1, 0x0, 0x0, 0x20000088}, 0x20000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0d566b3dd008e4edd96502"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="18"], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0) kcmp$auto(0x1, 0x100000001, 0x5, 0x8f0, 0x24000) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) keyctl$auto(0x1e, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x936355e497c8b7e3, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x44004) 8.009124246s ago: executing program 2 (id=624): openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/rose14/statistics/rx_length_errors\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/4105, 0x1009) fcntl$auto(0x3, 0x4, 0xa553) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x2, 0x0) r1 = fsopen$auto(0x0, 0x1) futex$auto(0xfffffffffffffffc, 0xc, 0x7, 0xffffffffffffffff, 0xfffffffffffffffc, 0x8) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x8081, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c04, 0x0) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 7.822847396s ago: executing program 3 (id=625): sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x3, 0x0, 0xab77, 0x9}, 0xaad}, 0x80000000, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x5e, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYRES16, @ANYRES16=r1, @ANYBLOB="64e6"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40400d4) ioctl$auto(r0, 0x89fd, 0x24) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) r2 = socket(0x2, 0x5, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/wakeup/wakeup7/event_count\x00', 0x1c2580, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000080)=""/86, 0x56) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioperm$auto(0x6, 0x18001, 0x80001) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2080000004, 0x156) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) shutdown$auto(0x200000003, 0x2) ioprio_set$auto(0x7, 0x0, 0xfff) unshare$auto(0x40000080) recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) ioctl$auto(r4, 0x5420, 0xffffffffffffffff) 7.407859541s ago: executing program 0 (id=626): sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'team_slave_0\x00'}) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/ext4/sda1/mb_groups\x00', 0x40102, 0x0) pread64$auto(r1, 0x0, 0x100000001, 0x100) 6.94385983s ago: executing program 0 (id=627): r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) read$auto_proc_sessionid_operations_base(r0, &(0x7f00000000c0)=""/4096, 0x1000) mmap$auto(0x8001, 0x5, 0x7, 0x100000010, r0, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="140002f4e0ee745cb100", @ANYRES16=0x0, @ANYBLOB="040028bd7000fcdbdf2511000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000010c0), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000004a80), 0xffffffffffffffff) sendmsg$auto_NET_SHAPER_CMD_DELETE(r1, &(0x7f0000004b80)={0x0, 0x700, &(0x7f0000004b40)={&(0x7f0000004ac0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="250429bd7000ffdbdf25030000001400018008000200dd00000008002d07e31eebec"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp\x00', 0x8400, 0x0) read$auto(r3, 0x0, 0xcefbce6) mmap$auto(0x0, 0x400005, 0xdb, 0x16, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x4, 0x4, 0x5, 0x7) pselect6$auto(0x1, 0x0, &(0x7f0000000240)={[0x8, 0x5e9, 0x4, 0x8e, 0x4, 0xfffffffffffff801, 0x2d40b40f, 0xfffffffffffffffd, 0x4, 0x4, 0x100000001, 0x81, 0x8000004, 0x2, 0x2, 0x5]}, 0x0, 0x0, 0x0) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x8, 0x400008, 0xdf, 0x111, 0x2, 0x8004) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd6\x00', 0x3a3c02, 0x0) mmap$auto(0x0, 0x1, 0x7fffffff, 0x44eb1, 0x3, 0x300007000000) close_range$auto(0x2, 0x8, 0x0) r5 = io_uring_setup$auto(0x406, 0x0) bind$auto(0xffffffffffffffff, 0x0, 0x67) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) socket(0xa, 0x3, 0x3) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) bpf$auto_BPF_OBJ_PIN(0x6, &(0x7f0000001100)=@prog_bind_map={r3, r5, 0x100}, 0x6) shutdown$auto(r4, 0x2) 6.734863986s ago: executing program 3 (id=628): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) ioperm$auto(0x800, 0x5, 0xd) arch_prctl$auto(0x1012, 0x400000000001000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000040)={&(0x7f00000000c0), 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="01002b7651b51a4e20090000000016000400a6c974becb83d8fe726b91c2aa709c57f4e44c8e1fc4437160ed6fb815a1f3053ce6364c6fe76e64202102f41b922edc1c6100"/81], 0x18}, 0x1, 0x0, 0x0, 0x20000010}, 0x6844) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) iopl$auto(0x3) write$auto_proc_mem_operations_base(r0, &(0x7f0000000000)="e1", 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 5.459499872s ago: executing program 2 (id=629): capset$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b67, 0x1) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000400)='\x04>\x00\x1d\xa4\xd2\xc3\xec&9\v\xbc\xdein\xe1G8\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1GH\xb5\x8f\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x97}Z\x7f\x0f\x90\xce\x85-e\xb6n\xbc\xc6=\xf8\xce\xe7\x1e]\x85|\xce\xd7L\x9b\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\xd9\xd3\xf8 \xe9e\xe5\x80\x1c7B+]\\!\xcej}H\x03x\x83Z\x98\xb8\t\xde\xd4\xf5\xf32\xccR\xaa\xdd\x16\xab\xd8\x1d\"\xc7\xa5\xe1k\x1d\xd9k\xc6\xb2\xa7\x97\x9a\xf6\xfe\xef\x1a\xbd\xcb\xb8*\x8b9\x00R\xe9)?Em\xb2\xac\xd1\xf6\xff\xc1\xc7\xbdl\xa2+tI\xa3\xa8\xabVe\x87\xa9\xae9\x82\xd2.SCt\xcc\x8c7\x7f\xdc\xc3\xfb\x94\xfc\xdfc+\x04\xfb\xf5$\xecO1@\x99l;\xd3X\xd5\"\xec\x17hR\xc5\x99\x8b\x9f\xf3\xf48%\xfa\xf2\x1d\xc5\x10T\x83p0\xd7]\x83{\x81\xdei\xd2\xfc\xfd=3K\xc3\xfe\x12\x98\x8b\xbe\xd1+\xc4r\x7f\x8f5\xcc\xa6\xd8>k\xcc\xee\xe0\x9bW\x0e\xc63\x84^\xde`\xd2\xe8\xfc\x02\xef\xa4\xdc\xd0A\xd5`?9D\x1c\x1b\x1b\xd5\xcb\xfb\x03I\xc9\x97\xac#\x0ee\xc8ltL\x88\x17m~aA%\xd3\xaf\xaa6hf\x9b\x83\x02A\xb0\xf6\x14\xb3\x18B\xfd\x9ai\xf8j \a\x1es\xa3U\x98sqq,\xd2A4?l\xa2\x9c\xc9\x9fa\xe8\x99qw\xf3\x18\x12R+(%x\xb6\xf8\x92\xa5\xe4\xdd\xe9\xf2\x0e\xc8', 0x100) r2 = socket(0x11, 0x1, 0x87) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r2) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000180)="285ecf7e037b55e1ab7a4f76992f65c6415bf83a1dbdf2c6c5e006b2e5e027c00f96dad6274a64b2878a42144a92217419d1586fc6d20bdf574fae2b958d59a2518677c559eba44de9112cf6c1fa7f9f93f6fd92bc4e4c39199566e6357935fffc05c8b7523b36cd1db40563ab0d5ef018172ca9860267e22834fb3e01c71b86121c9b09f81877d895ba10c871673dc023c9a133074d031b377b9b1c638b2450d6e4") ioctl$auto(r3, 0x541c, r4) setsockopt$auto_SO_TIMESTAMPNS_OLD(0xffffffffffffffff, 0x9, 0x23, &(0x7f0000000140)='/dev/tty12\x00', 0x7) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/udplite6\x00', 0x101000, 0x0) pread64$auto(r6, 0x0, 0x8, 0x8000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$auto_SNDCTL_DSP_PROFILE(r7, 0x40045017, &(0x7f0000000040)="6a2b05b8d86611c188e8b4bd54bef4b867b018934f7fd90acda2bef2ff8fa18c76e7b2655e95bd730e305ad612ec19331381a624b8d6154d7ff9069c4a434e5713a501c406abd9ea4fc40e87f798dbbf8997598c6ff3a103e0e972d6938cb225c00f70640706fe0b2d6de083df828dc571798532f2f284509e7d91d923dc5ed1e6c67d561b7fd4e5a0a49da50ea29f5124bdd37710fc8a92e90613cf20c4") 5.355874727s ago: executing program 0 (id=630): r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r0, 0x0, 0x0) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/security/tomoyo/profile\x00', 0x1, 0x0) write$auto_tomoyo_operations_securityfs_if(r1, &(0x7f0000001300)="25e259507fb9509d0ce72d7f3d9df70fb0b24a3e71c5a22312cb4b20c67d837c40bb00766f5a399d2963bb98c87d7c0d37dff2bfebd2b3fb76bbdd59caff3eea77aa81a52333cfe068b2e942ee187872b20cd153be81685a37bcc58b73712aa9a57eb98392c121766623125a8814dcb7dc4dfa345808da34b7505c28c0322152cc1f3c42b8c095891b24ee67cd8e33f1e0ec92d86df456c28ae68ba72ab680a5593d9ceef13c2c8eea382ddf3268079d5c64b49a7261de3978f7dcb61c6275a6552b0925d20ff921139c9ee6bee806df4a90ec8ca9779e639167eb7fec19e247ba0cca4da18c918992bddf5efdde517cce33174d08e6488052b2bf1a6b40c5611ef4af2bc59f6b6e9e49e22094d6d0e129dc8935f70ef3ced0f98e4f829191f6090c9741ecfe38be19cb2df0b4ab03b34f08b7fc906cd6197a9955ab6f5c117d72cf26efc16636ab09946555f7dc0f5bd81f7f7f6f8b260a89bd95c9900ee9f65bfda8a3daa9c337d2e5691708f251771b710b1facaaff72e680a9b695303c408b15c329551ef2b4c9ffaf52217b4286a48edca1911f6c127ba423dcc2150dbd64fd8d5efebeda5bda144626ba3184861d8f865138caef202779c665db08ed90e776ace1d7c6ed7a2c5ddc5baeeed981785f570a5d13e01fe99471b769c46a1c54ba6244139ed57e5b5776f85e8f60ce29ce87540f20009834fbdb52aaa94246c8b8bf2bdaf04c8162c9cfb38d9534d6474a9657170fc52d6c09daaf5f68273cc1ced6790f952e6ceaaf050597a1311618d41a503f97cb5417f5577486a5f0a81fbbf6d54e23a51b7ab87c75c86496fcb0ce18083d59b1b53cd385365ff966353d326fff39c02832f1b73dd367881d9aa9a63b1a687cccd5031e0530948b6f92321ce87b79e64828d5a2197133113d741f7ed4affb08196970a75879525f66b9312634ffd46000d5c464e711f43a87bfc936514bdf671911189fa0b998e4da2904d61318135a40554339d34e79b8c0c9dee1ab05e9b1faa5ca88869c8ecf41a6a0b4a110caf39dfb43d8fc3f469db64a09e693cf396a606065e6fea1aede34b90cc6bd79903baeead161da0ebbb1469faa7d52328db82ac4793f7feb16033b8902516f68661031d9c90bef9897654772cdae5a7ff1aef8bfd4d52ff11e7ae8eb23e222bcdcd0205d11f6535552d721bfdb3709febb96a3f7cd39d2e7b58dc5b5f060fadea7a8c74ffe1ff41a0c2fda9012c768660e2d8ef92c8006bf64f87e27a641e72719a13be6a0300eb9db973fbe9aea1878e84fffc3c22a4d88ce458fb043466d951631b323fdd5fc4f5661bb3ed8b0a5a48bfa6b89935a2e781fde31e3bd71d92bf5a29eebf781b7a8ace95cf69a10f5bfc313cc27d6ecef697fb5f84cdea10a0024dc66c4a47adba718d056e5357c55332f370518a066b4be54535a1a489744918e13c53b74ab0cb9d2326551499217f543805cd66397c7b517a8422d15575e2af87b335622559a2edaef84b4e9595bcd7c472f1a6d3ac2585d01829c2c2ff26e1dc72c53174acd8d817f4912baaa3732dcdc695559ed49fdfe951eea779b62e3ef071806c19ded607cea630dff87b811ed6dd63458d9ce5482346c9b5ee84178fc3c9a79a931859e61960e97fbc19126bfe4f552dcf8a5955fcb405e7a91bf679b8d6a797b3f9f15ec6441407f5b4fabefc7e6f0f7830c5c49bd97f87048b0df64b32d5d40d02d95003d78db89f88c41a8c278a109fcb24b341b7c8e13828b6fa50c3ba1caef5e237bbc2a18cab35105083d45d76bfdf42d077f8a870c697c2a932f0dc97c8778a9f9dc13235099e224f8a825dedb1465a59dad5b69285cab2b5084d69f0f37e6416ed771200fc05c48dbf220fddfa8f229fe1b9524698a6926c0194373f2697a08f6134c8b82c0fe2bd87e27923a16ec7c6bb53855d87723c86d8ac73ab733fc04af4534c967cacdf09b1acb914541880363b873655e6ef01f221f469f3f477265b9caa63949b8673226f4fc6e4ed823a4194a82327a1e7d6ef7e0420749304df76c808a1c9583907afe3f8538b34e2655a3b21932a17939f654b616e50fec9d188c234da9c0d8aebe0cf2ad5add478f928e7f641f1c7020a5e3e3a919d218b68de374da17792bfa73bfa5d0fecb17772c690b6d6d5e38496737bc6142ad684c4a8fc2bd6238b20e0725ffb8a024abff98872bbfd09529c5d8c796931c5f92bd128ffaa4f67a1e1c6f3e1cacac8cffa165f7662450c119c0802442b7c478ba500bf95401caa0bfbe985dc531e3daa728cf5c502e9422c7518d3f9eba9c3d47cfbfaed00782e8f06d6748ca612bd17fe913adf1734a20c6f4c66cce71eee7e06f63f3e76d5dbfba3b6c675239b3da01a0cf673b66d3683c2785f9524813b91c65a423625c3cdcb250594a61359bf5922e4c8d8b6a02b7f8667f82164546d5a0aea33f06bf19ba5a8b27642aeb6ebede40204cf9bfab910150aafaa66b568b63e6f1299d1760e0ad97df89d835851277ad155924d354a8389396012a1e4c3d6b2d6491aa4cecc9ade4382e1eac59c5b9c5960826bb2eabe89172bb535cf970524100d6ff0648c9216b6d9a40389d1911def22d0b89b779068dc27b7abe769cea231c22217eee04121fc9be691922c26ce7578a84dc0d341de951c76a8fae6b525022ab70747e2e05eb4935657c95b0a3ec6d6c0a3a2fde941bbdeb1e697062b8c057eb1f12820a7d0ed0b98ccc5096d90a6d7e880bd6e728e0fb85aac52c1d540a97e3b4c7e9936768ff0420e48229a598d15a5cb834b3007abee4129bedcef197dd91c154d2cc85e9029a4ea78b875ea4115cb36c1e87aa7aad47aaca2ab63044f9ebf3320964f934769ff615ba2eaf08ff3babcf927e5e1b8fbfcbe07fb55f6f1a96e44069d738b391d58662d29a64c1d016abdded6503a439ef4503bc4563d152ba55d07b0759a79e6568ad3a4000e4cf7f3a1e22b9e9c74e50435a0bb6cf9fc266072202e374794d674b798a8d14178c288f8edd274d7a578520acc68b0eb7771948e614bf42240e51800bb3596bebd74d6a4009a8f3ddb2e0c982dc286eb57b671100b54dfa035ad997caf570041db7be0f6fd39bcbfe32127051450be7e503c28053ac95a6c13ec1b68d9fd4452367e71149e9b1e4f4a89ebebc22c9f86447a261dea1242067c288453d6d6cb80444cf040b7598c04b55d10b3c8f6cf6c197f8c9102cd8c316e1ff805ea42c5700ab3551c69a458b7f2dc9e70acfd794532c6197e7ac44ceb766f0f567d511e4acfca601e6f8623eb835a71bcc3772480700d7d6c49847f02b0863dab4c19a85841e4b7901627d5804a145d1be399e26f10e6d969bffd051c9502786c86c8264e5f8e6395ccb3b770a7b778697b7f5bb78a837747b588b0b86a9753179728050a5bf9dd57691fd50b5df61ad797b059b6bc1d754b30a2b146077f319669bee0760e386f0c97abbdbbc7ed5970d66e093203fd83dfe74e6bb94bc9c2c9213b1f33e6f879e8d88c97ef788a95065f8f22467ced75b8f77ef9c2e2a0d1a536dc6b566d151dd91bc3540dd52e1f1b6a0252c0fef63e18616f3a69004e29e5bd3697664402004a0f854b8bf9c8bc4ad7bf836eee360fd3b5a02ae8b834eae6934756f66ad8819cb9bacbe8c9c788ce336c6a9c23dbefad3b27d4b4052834fa65496175a64b444f44b42c19e72b22e056af2de7f6f117d82655bb1cfa4985a8bede8a6252db93d29195debe0891c08057eccf27e7cdc26a23304ee08df01da58321bb68b8f531461e15c2f4476ee78edbfd651a25f146d507eeba4ef1a470ee8b97cea6beafcf6766cf4f263b1ba4d241d6b8dc9c7eaa9f2adee352824ca4e229b7af81f48ce671a25c2611219dd49f31d22696a58b76eb34dcbee8d4909b404bf64ddfcb5391865386acc4f0ff38ff77cdc7b30cde35292dfb7389bb7e9abe727a442e4ceffd3b522e2f1d9a37534e367ba4e7a26c074b1359e16f68053196481c01c9ed6f5a9e7ec3ff7562a420ad1322ddab6090e67baf0bc138115e2b6f94feecbee9242ca706c72c9a1125ec0de134b58ae532dc570cd0f59a39df310d231c2f38ab5c1d818c8f1dbde998ba32a63823bd387c4a1e96de81552d07e84dd176378ee257dc21f0471bc24b0face11cb7b23b7626617ada9d28738a851a23a88445a70edd816d0ced7f04634eb064886e06df8d88197f546bdbd438a3883b9a7815186af0147752e24f8b0a0aa62051756f3a156bd4abfa630480a874b56bc736e", 0xbd9) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/ns_last_pid\x00', 0x68001, 0x0) write$auto(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0x3, 0x3, 0xc24) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x3, 0x3, 0x95f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) setsockopt$auto(r3, 0xc, 0x7fff, &(0x7f0000000040)='/]&&\x00', 0x7) r5 = socket(0xa, 0x5, 0x94) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci8/force_suspend\x00', 0x100, 0x0) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000100), r5) set_tid_address$auto(&(0x7f00000001c0)=0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) 4.780079125s ago: executing program 1 (id=631): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x26, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000800)='./file0\x00', 0x187503, 0xec) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b5, 0xffff, 0xd, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700201000000000000000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) open(0x0, 0x389c0, 0x75) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40000) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x0, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r4, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x3}) ioctl$auto_USB_RAW_IOCTL_RUN(r4, 0x5501, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f00000002c0), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000002) sendfile$auto(r0, 0x3, 0x0, 0x7ffff000) write$auto(r0, 0x0, 0xfffffde9) shutdown$auto(0x200000003, 0x2) ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(r1, 0x4048587b, &(0x7f0000000580)={{r2, &(0x7f0000000300)="cd9abb9aa0f570f381709afcbdac2ee70da54a5b1a27dbbfd46120f2434df173a3154d6392683fcaf408c90d7a9381387b4b038fef4419f74e6fa67a753c0c63a8a0081300ca2103c11e64c5e0a27a59cf844500fb6106071c952aa0b17bb7b62774c3427563543e06f7bd2b20fd9adcc9c8b67f1847dfc2e3bddd2f309dcad5ef093af57d0c3d5cab127b72f3c62d0b4929f29faa4c151dcb82688e3ab2edc6cd708519f0", 0x7, &(0x7f00000003c0)="8f3386da822fe3151580ab7938770a2f07c8ee4433e242b1a02168d224c95a2ccdf5f0594267b88eba7e8f707ecc86941553dbb49fee6a69efba8b002045d250665f4e5e6930630e51cf0386becbc0315550a8dd1e6b713d0bc4cb0c46e71d2f685c461015803e3e638ab1", 0x0, &(0x7f0000000000)="42f18c9b1a4e3cad2591dba0775e42baa5", &(0x7f0000000280)=0x7}, 0x8, &(0x7f0000000540)={0x9, 0xe0, &(0x7f0000000440)="af2838d9cb25defe7b557f617fe91d776ae155f8c8eac858ef6f46ab076675", &(0x7f0000000480)="c38d5cc2d10709979ea3090ac087ac0fb9405ede238090ceca017e982fd958cd5b4777319f180e2b187044bcd5bb5f7921109e3dc9b8b721a218c110058b2124189200823ccb4f7e0485b76776e7fb1cbaf8486cc22f68cfbb7a45d547761641a6a220a2db324b41fcf9edcdc8d320a4002100e45d5ac5b143567e45feac7e29d33b0605558fe24d7e038df1bf4d16d59288a147827bebe77b5da28bf9baab18e73ba5fdf05f4f43367635bfd9a63ffb8c", 0x1cc2, 0x7}}) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x11cb00, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x143241, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) 4.499276786s ago: executing program 3 (id=632): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) readv$auto(r0, &(0x7f0000000680)={&(0x7f0000000340), 0x40200}, 0x3) io_setup$auto(0x0, &(0x7f0000000000)=0xf) (async) io_setup$auto(0x0, &(0x7f0000000000)=0xf) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) 3.947534905s ago: executing program 0 (id=633): r0 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f00000000c0), 0x82f00, 0x0) mq_getsetattr$auto(r0, &(0x7f0000000100)={0x7, 0xc, 0x2, 0xffffffffffffff80}, &(0x7f0000000140)={0x0, 0x0, 0x401, 0x481e}) (async) mq_getsetattr$auto(r0, &(0x7f0000000100)={0x7, 0xc, 0x2, 0xffffffffffffff80}, &(0x7f0000000140)={0x0, 0x0, 0x401, 0x481e}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), r2) sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(r2, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000080)=ANY=[@ANYRES16=r3, @ANYBLOB="14000000", @ANYBLOB="370f2dbd7000fedbdf2513000000", @ANYRESOCT=r1], 0x14}, 0x1, 0x0, 0x0, 0x60080d1}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r4, 0x400, 0x1) (async) fcntl$auto(r4, 0x400, 0x1) execve$auto(&(0x7f0000001100)='./file0\x00', 0x0, 0x0) (async) execve$auto(&(0x7f0000001100)='./file0\x00', 0x0, 0x0) socket(0xa, 0x2, 0x0) unshare$auto(0x40000080) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0c/sub3/info\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f00000000c0)=""/4087, 0xff7) (async) read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f00000000c0)=""/4087, 0xff7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/software/power/autosuspend_delay_ms\x00', 0x20200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000140)=""/12, 0xc) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0) r8 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r9 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) writev$auto(r9, &(0x7f00000035c0)={0x0, 0x4}, 0x9) (async) writev$auto(r9, &(0x7f00000035c0)={0x0, 0x4}, 0x9) fcntl$auto(r8, 0xfffffffd, 0x0) (async) fcntl$auto(r8, 0xfffffffd, 0x0) r10 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x101a02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r10, 0xc1105517, &(0x7f00000001c0)={{@raw=0xfff, 0x100110d, 0xfffd, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa0000000000040000660e0701000000000000008000"}, 0x6, 0x0, 0x4, @raw=0x404, @enumerated={0x55d3, 0x7, "bf154d70dcfcea02faacb07c4222db1f207fdb681dc9b0bf2c6c9ce16d51ebc73df6a7aa16659cd5e4dc8374caf945548e604179f1f87c3bd8701d3d5c3d998c", 0xffffffffffffffff, 0x91e0}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r10, 0xc1105517, &(0x7f00000001c0)={{@raw=0xfff, 0x100110d, 0xfffd, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa0000000000040000660e0701000000000000008000"}, 0x6, 0x0, 0x4, @raw=0x404, @enumerated={0x55d3, 0x7, "bf154d70dcfcea02faacb07c4222db1f207fdb681dc9b0bf2c6c9ce16d51ebc73df6a7aa16659cd5e4dc8374caf945548e604179f1f87c3bd8701d3d5c3d998c", 0xffffffffffffffff, 0x91e0}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) (async) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f00000000c0)='-7', 0x2) close_range$auto(r1, 0x8, 0x5) 3.309155848s ago: executing program 3 (id=634): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd7\x00', 0x80283, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) (async) sendmmsg$auto(r0, 0x0, 0x7, 0x17) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x4, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4de0a, 0x10, 0x800001, 0x62, 0x80000001, 0x2, 0x6d3f, 0x9, 0x2, 0x8]}, 0x0) (async) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={0x0, 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80502, 0x0) bpf$auto(0x0, 0x0, 0x6f3) (async) ioctl$auto_BLKIOMIN(r2, 0x1278, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x9) (async) mlockall$auto(0x3) (async) semctl$auto_IPC_INFO(0xffc9, 0x1, 0x3, 0xfffffffffffffffc) (async) mlockall$auto(0x5) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) 3.028576607s ago: executing program 1 (id=635): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @broadcast}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa, 0x1, @random="70b28a70c5dc"}, @HSR_A_IF1_AGE={0x8, 0x3, 0x36}, @HSR_A_IF2_SEQ={0x6, 0x7, 0xff}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, r0, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) eventfd$auto(0x2200000c) close_range$auto(0xffffffffffffffff, 0xa, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) r1 = socket(0x2, 0x3, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x84, 0xf, 0x0, &(0x7f0000000080)=0x9b) socket(0x2, 0x3, 0x100) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2aa82, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x280, 0x0) sendmsg$auto_MACSEC_CMD_GET_TXSC(0xffffffffffffffff, 0x0, 0x8014) write$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r3 = socket(0xa, 0x1, 0x84) setsockopt$auto(r3, 0x10000000084, 0x7f, 0x0, 0xad4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r4, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0xa901, 0x0) 2.065671475s ago: executing program 2 (id=636): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x2607c1, 0x0) socket(0x18, 0x4, 0x0) write$auto(0x3, 0x0, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x2, 0x0) ustat$auto(0x801, 0x0) ioctl$auto(0xc8, 0x401054d6, 0x5c8d) setsockopt$auto(0x3, 0x1, 0x2d, 0x0, 0x8) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) timer_create$auto(0x2, 0x0, 0x0) timer_settime$auto(0x0, 0x7ff, &(0x7f0000000000)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x22, 0x3, 0x0) ioctl$auto_I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, 0x0, 0x0) acct$auto(0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)=""/112, 0x70) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) pread64$auto(r1, 0x0, 0x5, 0x5) ioctl$auto_BLKRRPART(r0, 0xc0401289, 0x0) 2.03715528s ago: executing program 3 (id=637): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) io_uring_setup$auto(0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0xfff, 0x7, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x6}, 0x1fe, 0x81) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='T'], 0x1ac}, 0x1, 0x0, 0x0, 0x801}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$dir(0xffffffffffffff9c, 0x0, 0x42200, 0x100) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto(0xffffffffffffffff, 0xc0285629, 0xffffffffffffffff) socket(0x2, 0x3, 0x2) fanotify_init$auto(0x5, 0x2000000000002) fanotify_init$auto(0xe, 0x0) 1.045226895s ago: executing program 1 (id=638): sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'team_slave_0\x00'}) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/ext4/sda1/mb_groups\x00', 0x40102, 0x0) pread64$auto(r1, 0x0, 0x100000001, 0x100) 904.723529ms ago: executing program 1 (id=639): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x2, 0x4) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, &(0x7f0000000040)='nbd\x00', 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r3 = fanotify_init$auto(0x5, 0x2) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x3, 0xde, 0x10, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) r5 = io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/vulnerabilities/mmio_stale_data\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) io_uring_register$auto(r5, 0x0, 0x0, 0xfffff801) write$auto(r4, &(0x7f0000000100)='/d-:\xe7J\x00'/23, 0x1eb0800) mmap$auto(0x0, 0x0, 0x400000dc, 0x937e, 0x2, 0x8000) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4) unshare$auto(0x40000080) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0xdb81, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r6 = eventfd$auto(0x80) readv$auto(r6, &(0x7f0000000380)={0x0, 0x8}, 0x4) r7 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0) writev$auto(r7, &(0x7f0000000000)={&(0x7f0000000000), 0x4}, 0x2) setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x11000000, 0xfe, 0x7, 0x200000006d3c, 0x7ff, 0x10, 0xfffffffffffffffd]}, 0x0) close_range$auto(r1, r3, 0x5) 901.599313ms ago: executing program 0 (id=647): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @broadcast}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa, 0x1, @random="70b28a70c5dc"}, @HSR_A_IF1_AGE={0x8, 0x3, 0x36}, @HSR_A_IF2_SEQ={0x6, 0x7, 0xff}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, r0, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) eventfd$auto(0x2200000c) close_range$auto(0xffffffffffffffff, 0xa, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) r1 = socket(0x2, 0x3, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x84, 0xf, 0x0, &(0x7f0000000080)=0x9b) socket(0x2, 0x3, 0x100) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2aa82, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x280, 0x0) sendmsg$auto_MACSEC_CMD_GET_TXSC(0xffffffffffffffff, 0x0, 0x8014) write$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r3 = socket(0xa, 0x1, 0x84) setsockopt$auto(r3, 0x10000000084, 0x7f, 0x0, 0xad4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r4, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0xa901, 0x0) 299.642369ms ago: executing program 3 (id=640): r0 = open(0x0, 0x261c2, 0x84) r1 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000640), 0x401, 0x0) write$auto(r1, 0x0, 0xff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(r2, r2, 0x0) r3 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0) r4 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x22081, 0x0) close_range$auto(0x2, r4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) socket(0xf, 0x3, 0x2) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2e, 0xffffffffffffffff, 0x3, 0x62, 0x7, 0x7, 0x6d3f, 0x9, 0x4, 0x5]}, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r3, 0x4018bc13, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/mountinfo\x00', 0xe0000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x1, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x800010000000003, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffdfffffe]}, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x200000, 0x200006, 0x1, 0x40eb1, 0x602, 0xb00000000000) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x6}, 0xc) ioctl$auto_BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000140)={@inferred=r0, 0x8000, &(0x7f0000000080)=0x1, 0x101, 0x6, 0x3569, "d65d4dcd4f9d9727f107bcb6cc51e2580315f4e611e4c73b6b805ee7"}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 2 (id=641): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x6f) bpf$auto(0x10, &(0x7f00000000c0)=@info={r1, 0x2b, 0x200000007fff}, 0x8) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/oom_score_adj\x00', 0x80000, 0x0) socket(0x2, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0x40001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/kernel/random/boot_id\x00', 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/004/001\x00', 0xa941, 0x0) socketpair$auto(0xfffffffd, 0x2, 0x8000000000000000, 0x0) semctl$auto(0x204, 0xfffffffe, 0x3, 0x4) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r2, 0x0, 0xc3) madvise$auto(0x0, 0xffffffffffff0005, 0x17) setgroups$auto(0xe32, 0x0) madvise$auto(0xfffffffffffffffe, 0x2, 0x7) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x8081, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c04, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/pnp/drivers/i8042 aux/uevent\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) kernel console output (not intermixed with test programs): fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.481512][ T55] Bluetooth: hci1: command tx timeout [ 114.484777][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 114.489528][ T55] Bluetooth: hci2: command tx timeout [ 114.504064][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 114.514686][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.542347][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.558336][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 114.568924][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 114.571904][ T55] Bluetooth: hci3: command tx timeout [ 114.577321][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.609621][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.626999][ T5829] team0: Port device team_slave_0 added [ 114.650375][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 114.685284][ T5829] team0: Port device team_slave_1 added [ 114.728374][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 114.736601][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.766490][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 114.828509][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 114.836351][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.863907][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.878335][ T5839] team0: Port device team_slave_0 added [ 114.888808][ T5839] team0: Port device team_slave_1 added [ 114.915199][ T5836] hsr_slave_0: entered promiscuous mode [ 114.923565][ T5836] hsr_slave_1: entered promiscuous mode [ 114.978838][ T5832] hsr_slave_0: entered promiscuous mode [ 114.987401][ T5832] hsr_slave_1: entered promiscuous mode [ 114.996568][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 115.006363][ T5832] Cannot create hsr debugfs directory [ 115.033447][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 115.043931][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 115.081156][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 115.156040][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 115.164903][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 115.193867][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 115.299811][ T5829] hsr_slave_0: entered promiscuous mode [ 115.307494][ T5829] hsr_slave_1: entered promiscuous mode [ 115.314905][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 115.323930][ T5829] Cannot create hsr debugfs directory [ 115.482360][ T5839] hsr_slave_0: entered promiscuous mode [ 115.489661][ T5839] hsr_slave_1: entered promiscuous mode [ 115.496298][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 115.505978][ T5839] Cannot create hsr debugfs directory [ 115.885250][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 115.902774][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 115.931405][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 115.955632][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 116.039641][ T5832] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 116.058829][ T5832] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 116.091738][ T5832] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 116.107609][ T5832] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 116.208426][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 116.223420][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 116.235188][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 116.248436][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 116.373683][ T5829] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 116.387863][ T5829] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 116.404904][ T5829] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 116.423472][ T5829] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 116.457592][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.483143][ T55] Bluetooth: hci0: command tx timeout [ 116.534894][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.564139][ T5830] Bluetooth: hci1: command tx timeout [ 116.569816][ T55] Bluetooth: hci2: command tx timeout [ 116.596931][ T1333] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.604861][ T1333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.642139][ T55] Bluetooth: hci3: command tx timeout [ 116.649287][ T1333] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.656892][ T1333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.700744][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.778335][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.833594][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.847372][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.854824][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.890581][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.897910][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.930725][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.963853][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.003672][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.011024][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.047554][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.070870][ T1333] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.078096][ T1333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.110756][ T1333] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.118020][ T1333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.159033][ T152] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.166501][ T152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.385362][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 117.577324][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.725997][ T5836] veth0_vlan: entered promiscuous mode [ 117.760960][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.810264][ T5836] veth1_vlan: entered promiscuous mode [ 117.900659][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.918984][ T5832] veth0_vlan: entered promiscuous mode [ 117.943053][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.971693][ T5836] veth0_macvtap: entered promiscuous mode [ 117.987223][ T5832] veth1_vlan: entered promiscuous mode [ 118.009043][ T5836] veth1_macvtap: entered promiscuous mode [ 118.053996][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.075066][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.097212][ T5836] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.106443][ T5836] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.116032][ T5836] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.125198][ T5836] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.198643][ T5839] veth0_vlan: entered promiscuous mode [ 118.217292][ T5829] veth0_vlan: entered promiscuous mode [ 118.284070][ T5829] veth1_vlan: entered promiscuous mode [ 118.297575][ T5832] veth0_macvtap: entered promiscuous mode [ 118.316759][ T5839] veth1_vlan: entered promiscuous mode [ 118.338899][ T5832] veth1_macvtap: entered promiscuous mode [ 118.395050][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.416542][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.473638][ T5839] veth0_macvtap: entered promiscuous mode [ 118.484598][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.498420][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.510981][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.538225][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.549139][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.562267][ T55] Bluetooth: hci0: command tx timeout [ 118.567064][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.579129][ T5829] veth0_macvtap: entered promiscuous mode [ 118.590465][ T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.602107][ T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.613730][ T5839] veth1_macvtap: entered promiscuous mode [ 118.624438][ T5832] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.633369][ T5832] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.643657][ T5832] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.651632][ T5830] Bluetooth: hci1: command tx timeout [ 118.653073][ T5832] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.657988][ T55] Bluetooth: hci2: command tx timeout [ 118.683356][ T5829] veth1_macvtap: entered promiscuous mode [ 118.722639][ T55] Bluetooth: hci3: command tx timeout [ 118.744666][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.756051][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.766526][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.777738][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.790736][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.803566][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.814960][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.824979][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 118.835863][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.848312][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.873950][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 118.893191][ T5829] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.902365][ T5829] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.911998][ T5829] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.921039][ T5829] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.932778][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.943871][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.954544][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.965680][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.976079][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 118.986849][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 118.998721][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 119.033607][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 119.062577][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.088920][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 119.110165][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.121453][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 119.129394][ T5891] mmap: syz.0.1 (5891) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 119.132580][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 119.156289][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 119.215318][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.229954][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.245828][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.255514][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.308484][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.338045][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.454449][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.470227][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.600475][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.619515][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.697286][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.719616][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.733628][ T55] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 119.837904][ T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.864606][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.875546][ T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.894591][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.973027][ T5895] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 120.614405][ T5904] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2'. [ 120.643720][ T55] Bluetooth: hci0: command tx timeout [ 120.654463][ T5904] Zero length message leads to an empty skb [ 120.722744][ T55] Bluetooth: hci2: command tx timeout [ 120.722776][ T5830] Bluetooth: hci1: command tx timeout [ 120.801814][ T5830] Bluetooth: hci3: command tx timeout [ 121.697382][ T5901] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 122.604277][ T5926] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.659628][ T5926] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.288370][ T5953] syz.2.16 uses obsolete (PF_INET,SOCK_PACKET) [ 124.418953][ T30] audit: type=1800 audit(1746357643.846:2): pid=5954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.15" name="file0" dev="tmpfs" ino=35 res=0 errno=0 [ 125.759972][ T5970] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 126.012244][ T5830] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 127.651911][ T5982] FAULT_INJECTION: forcing a failure. [ 127.651911][ T5982] name failslab, interval 1, probability 0, space 0, times 1 [ 127.711899][ T5982] CPU: 0 UID: 0 PID: 5982 Comm: syz.2.23 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 127.711948][ T5982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 127.711972][ T5982] Call Trace: [ 127.711983][ T5982] [ 127.712000][ T5982] dump_stack_lvl+0x16c/0x1f0 [ 127.712057][ T5982] should_fail_ex+0x512/0x640 [ 127.712103][ T5982] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 127.712149][ T5982] should_failslab+0xc2/0x120 [ 127.712189][ T5982] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 127.712231][ T5982] ? __split_page_owner+0x222/0x380 [ 127.712264][ T5982] ? snd_pcm_hw_rule_add+0x414/0x5a0 [ 127.712311][ T5982] krealloc_noprof+0x1fb/0x380 [ 127.712360][ T5982] snd_pcm_hw_rule_add+0x414/0x5a0 [ 127.712402][ T5982] ? __pfx_snd_pcm_hw_rule_format+0x10/0x10 [ 127.712452][ T5982] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 127.712494][ T5982] ? lockdep_init_map_type+0x5c/0x280 [ 127.712539][ T5982] ? debug_mutex_init+0x37/0x70 [ 127.712588][ T5982] ? snd_pcm_attach_substream+0x89d/0xd60 [ 127.712623][ T5982] snd_pcm_open_substream+0x534/0x17f0 [ 127.712671][ T5982] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 127.712717][ T5982] ? rcu_is_watching+0x12/0xc0 [ 127.712747][ T5982] snd_pcm_open+0x29e/0x730 [ 127.712794][ T5982] ? __pfx_snd_pcm_open+0x10/0x10 [ 127.712841][ T5982] ? __pfx_default_wake_function+0x10/0x10 [ 127.712877][ T5982] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 127.712921][ T5982] snd_pcm_playback_open+0x86/0xe0 [ 127.712964][ T5982] snd_open+0x1fe/0x450 [ 127.712998][ T5982] ? __pfx_snd_open+0x10/0x10 [ 127.713030][ T5982] chrdev_open+0x231/0x6a0 [ 127.713059][ T5982] ? __pfx_chrdev_open+0x10/0x10 [ 127.713090][ T5982] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 127.713136][ T5982] do_dentry_open+0x741/0x1c10 [ 127.713164][ T5982] ? __pfx_chrdev_open+0x10/0x10 [ 127.713198][ T5982] vfs_open+0x82/0x3f0 [ 127.713236][ T5982] path_openat+0x1e5e/0x2d40 [ 127.713274][ T5982] ? __pfx_path_openat+0x10/0x10 [ 127.713307][ T5982] do_filp_open+0x20b/0x470 [ 127.713333][ T5982] ? __pfx_do_filp_open+0x10/0x10 [ 127.713388][ T5982] ? alloc_fd+0x471/0x7d0 [ 127.713438][ T5982] do_sys_openat2+0x11b/0x1d0 [ 127.713473][ T5982] ? __pfx_do_sys_openat2+0x10/0x10 [ 127.713523][ T5982] __x64_sys_openat+0x174/0x210 [ 127.713561][ T5982] ? __pfx___x64_sys_openat+0x10/0x10 [ 127.713599][ T5982] ? rcu_is_watching+0x12/0xc0 [ 127.713634][ T5982] do_syscall_64+0xcd/0x230 [ 127.713675][ T5982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.713702][ T5982] RIP: 0033:0x7f6cdcb8e969 [ 127.713724][ T5982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.713757][ T5982] RSP: 002b:00007f6cdd918038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 127.713783][ T5982] RAX: ffffffffffffffda RBX: 00007f6cdcdb5fa0 RCX: 00007f6cdcb8e969 [ 127.713801][ T5982] RDX: 000000000016b042 RSI: 0000200000005480 RDI: ffffffffffffff9c [ 127.713818][ T5982] RBP: 00007f6cdcc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 127.713834][ T5982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.713850][ T5982] R13: 0000000000000000 R14: 00007f6cdcdb5fa0 R15: 00007fff3518e0c8 [ 127.713883][ T5982] [ 128.662542][ T5993] netlink: 186 bytes leftover after parsing attributes in process `syz.1.22'. [ 128.928389][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 130.447095][ T6004] ubi0: attaching mtd0 [ 130.503827][ T6004] ubi0: scanning is finished [ 130.508512][ T6004] ubi0: empty MTD device detected [ 130.531353][ T6004] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 130.695099][ T6006] netlink: 32 bytes leftover after parsing attributes in process `syz.1.27'. [ 130.754694][ T6004] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 131.561483][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 132.313433][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 132.527419][ T30] audit: type=1806 audit(6041324945.947:3): xattr="." res=0 [ 133.848499][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 134.341650][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 134.359258][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 135.707127][ T6064] netlink: 20 bytes leftover after parsing attributes in process `syz.0.38'. [ 135.733367][ T6064] netlink: 32 bytes leftover after parsing attributes in process `syz.0.38'. [ 136.511414][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 141.611429][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 141.992321][ T6097] netlink: 330 bytes leftover after parsing attributes in process `syz.1.44'. [ 142.011585][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 142.021975][ T6097] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 143.882540][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 143.936553][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.948514][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.370719][ T6137] FAULT_INJECTION: forcing a failure. [ 144.370719][ T6137] name failslab, interval 1, probability 0, space 0, times 0 [ 144.411443][ T6137] CPU: 0 UID: 0 PID: 6137 Comm: syz.1.53 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 144.411483][ T6137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 144.411499][ T6137] Call Trace: [ 144.411507][ T6137] [ 144.411517][ T6137] dump_stack_lvl+0x16c/0x1f0 [ 144.411561][ T6137] should_fail_ex+0x512/0x640 [ 144.411600][ T6137] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 144.411635][ T6137] should_failslab+0xc2/0x120 [ 144.411666][ T6137] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 144.411698][ T6137] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 144.411734][ T6137] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 144.411763][ T6137] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 144.411794][ T6137] alloc_inode+0x61/0x240 [ 144.411827][ T6137] new_inode+0x22/0x1c0 [ 144.411882][ T6137] hugetlbfs_get_inode+0x354/0x730 [ 144.411923][ T6137] hugetlb_file_setup+0x15b/0x620 [ 144.411962][ T6137] ksys_mmap_pgoff+0x189/0x5c0 [ 144.412003][ T6137] ? rcu_is_watching+0x12/0xc0 [ 144.412046][ T6137] __x64_sys_mmap+0x125/0x190 [ 144.412080][ T6137] do_syscall_64+0xcd/0x230 [ 144.412129][ T6137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.412163][ T6137] RIP: 0033:0x7f9e2e98e969 [ 144.412187][ T6137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.412213][ T6137] RSP: 002b:00007f9e2f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 144.412234][ T6137] RAX: ffffffffffffffda RBX: 00007f9e2ebb5fa0 RCX: 00007f9e2e98e969 [ 144.412249][ T6137] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 144.412263][ T6137] RBP: 00007f9e2ea10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 144.412278][ T6137] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 144.412291][ T6137] R13: 0000000000000000 R14: 00007f9e2ebb5fa0 R15: 00007fff066e8f38 [ 144.412320][ T6137] [ 145.171363][ T55] Bluetooth: hci3: unexpected subevent 0x01 length: 121 > 18 [ 145.171530][ T55] Bluetooth: hci3: Invalid handle: 0x1e1a > 0x0eff [ 145.335908][ T6125] netlink: 'syz.0.51': attribute type 2 has an invalid length. [ 145.597574][ T6141] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 145.644955][ T6141] FAULT_INJECTION: forcing a failure. [ 145.644955][ T6141] name failslab, interval 1, probability 0, space 0, times 0 [ 145.672144][ T6141] CPU: 1 UID: 0 PID: 6141 Comm: syz.2.54 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 145.672200][ T6141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 145.672217][ T6141] Call Trace: [ 145.672227][ T6141] [ 145.672239][ T6141] dump_stack_lvl+0x16c/0x1f0 [ 145.672287][ T6141] should_fail_ex+0x512/0x640 [ 145.672327][ T6141] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 145.672380][ T6141] should_failslab+0xc2/0x120 [ 145.672416][ T6141] __kmalloc_cache_noprof+0x6a/0x3e0 [ 145.672464][ T6141] ? read_tsc+0x9/0x20 [ 145.672499][ T6141] ? ktime_get_with_offset+0x20a/0x3b0 [ 145.672533][ T6141] ? nfs_netns_sysfs_setup+0x55/0x1f0 [ 145.672577][ T6141] nfs_netns_sysfs_setup+0x55/0x1f0 [ 145.672617][ T6141] nfs_net_init+0x10a/0x300 [ 145.672658][ T6141] ? __pfx_nfs_net_init+0x10/0x10 [ 145.672698][ T6141] ops_init+0x1df/0x5f0 [ 145.672738][ T6141] setup_net+0x21e/0x850 [ 145.672777][ T6141] ? __pfx_setup_net+0x10/0x10 [ 145.672810][ T6141] ? lockdep_init_map_type+0x5c/0x280 [ 145.672850][ T6141] ? __pfx_down_read_killable+0x10/0x10 [ 145.672902][ T6141] ? debug_mutex_init+0x37/0x70 [ 145.672955][ T6141] copy_net_ns+0x2a6/0x5f0 [ 145.672999][ T6141] create_new_namespaces+0x3ea/0xad0 [ 145.673043][ T6141] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 145.673080][ T6141] ksys_unshare+0x45b/0xa40 [ 145.673121][ T6141] ? __pfx_ksys_unshare+0x10/0x10 [ 145.673167][ T6141] ? xfd_validate_state+0x5d/0x180 [ 145.673218][ T6141] ? rcu_is_watching+0x12/0xc0 [ 145.673255][ T6141] __x64_sys_unshare+0x31/0x40 [ 145.673295][ T6141] do_syscall_64+0xcd/0x230 [ 145.673341][ T6141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.673369][ T6141] RIP: 0033:0x7f6cdcb8e969 [ 145.673393][ T6141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.673421][ T6141] RSP: 002b:00007f6cda9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 145.673448][ T6141] RAX: ffffffffffffffda RBX: 00007f6cdcdb6080 RCX: 00007f6cdcb8e969 [ 145.673467][ T6141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 145.673483][ T6141] RBP: 00007f6cdcc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 145.673500][ T6141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.673516][ T6141] R13: 0000000000000000 R14: 00007f6cdcdb6080 R15: 00007fff3518e0c8 [ 145.673552][ T6141] [ 147.294682][ T6144] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 147.322165][ T6144] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 147.402139][ T6144] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 147.553648][ T6144] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 147.638447][ T6144] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 147.897255][ T6144] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 148.014899][ T6144] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 148.056193][ T6144] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 148.112757][ T6144] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 148.164897][ T6144] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 148.211558][ T6144] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 148.261420][ T6144] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 148.318166][ T6144] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 149.371202][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 149.601394][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 150.021060][ T6203] FAULT_INJECTION: forcing a failure. [ 150.021060][ T6203] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 150.072361][ T6196] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[6196] [ 150.092025][ T6203] CPU: 1 UID: 0 PID: 6203 Comm: syz.2.65 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 150.092073][ T6203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 150.092092][ T6203] Call Trace: [ 150.092102][ T6203] [ 150.092114][ T6203] dump_stack_lvl+0x16c/0x1f0 [ 150.092164][ T6203] should_fail_ex+0x512/0x640 [ 150.092216][ T6203] should_fail_alloc_page+0xe7/0x130 [ 150.092260][ T6203] prepare_alloc_pages+0x3c2/0x610 [ 150.092309][ T6203] ? rcu_is_watching+0x12/0xc0 [ 150.092344][ T6203] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 150.092407][ T6203] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 150.092445][ T6203] ? do_raw_spin_lock+0x12c/0x2b0 [ 150.092496][ T6203] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 150.092547][ T6203] ? find_held_lock+0x2b/0x80 [ 150.092589][ T6203] ? __lock_acquire+0xaa4/0x1ba0 [ 150.092630][ T6203] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.092678][ T6203] ? policy_nodemask+0xea/0x4e0 [ 150.092721][ T6203] alloc_pages_mpol+0x1fb/0x550 [ 150.092764][ T6203] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 150.092826][ T6203] folio_alloc_mpol_noprof+0x36/0x2f0 [ 150.092877][ T6203] shmem_alloc_folio+0x135/0x160 [ 150.092934][ T6203] shmem_alloc_and_add_folio+0x499/0xc20 [ 150.092980][ T6203] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 150.093051][ T6203] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 150.093099][ T6203] shmem_get_folio_gfp+0x687/0x1530 [ 150.093148][ T6203] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 150.093192][ T6203] ? filemap_map_pages+0xf6c/0x1680 [ 150.093240][ T6203] shmem_fault+0x1fe/0xa30 [ 150.093278][ T6203] ? __pfx_shmem_fault+0x10/0x10 [ 150.093324][ T6203] ? __pfx_filemap_map_pages+0x10/0x10 [ 150.093378][ T6203] __do_fault+0x10a/0x490 [ 150.093423][ T6203] do_pte_missing+0x1031/0x3fb0 [ 150.093459][ T6203] ? __handle_mm_fault+0x1010/0x2a40 [ 150.093498][ T6203] __handle_mm_fault+0x103d/0x2a40 [ 150.093541][ T6203] ? __pfx___handle_mm_fault+0x10/0x10 [ 150.093594][ T6203] ? find_vma+0xbf/0x140 [ 150.093635][ T6203] ? __pfx_find_vma+0x10/0x10 [ 150.093685][ T6203] handle_mm_fault+0x3fe/0xad0 [ 150.093725][ T6203] do_user_addr_fault+0x7a6/0x1370 [ 150.093756][ T6203] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 150.093795][ T6203] ? rcu_is_watching+0x12/0xc0 [ 150.093840][ T6203] exc_page_fault+0x5c/0xc0 [ 150.093886][ T6203] asm_exc_page_fault+0x26/0x30 [ 150.093918][ T6203] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 150.093953][ T6203] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 150.093983][ T6203] RSP: 0018:ffffc9000c077670 EFLAGS: 00050206 [ 150.094009][ T6203] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 000000000000053f [ 150.094028][ T6203] RDX: 0000000000000000 RSI: 000000000002c000 RDI: ffff88803649cac1 [ 150.094048][ T6203] RBP: 0000000000001000 R08: 0000000000000001 R09: ffffed1006c939ff [ 150.094068][ T6203] R10: ffff88803649cfff R11: 0000000000000000 R12: ffffc9000c077c60 [ 150.094089][ T6203] R13: 0000000000005000 R14: ffffc9000c077c68 R15: ffff88803649c000 [ 150.094132][ T6203] _copy_from_iter+0x50c/0x15b0 [ 150.094193][ T6203] ? __pfx__copy_from_iter+0x10/0x10 [ 150.094253][ T6203] ? alloc_pages_noprof+0x23c/0x390 [ 150.094298][ T6203] copy_page_from_iter+0xa5/0x120 [ 150.094352][ T6203] rds_message_copy_from_user+0x37a/0xd90 [ 150.094422][ T6203] ? __pfx_rds_message_copy_from_user+0x10/0x10 [ 150.094476][ T6203] ? lockdep_init_map_type+0x5c/0x280 [ 150.094521][ T6203] ? __asan_memset+0x23/0x50 [ 150.094571][ T6203] ? sg_init_table+0x20/0x60 [ 150.094613][ T6203] rds_sendmsg+0x206a/0x31f0 [ 150.094668][ T6203] ? __pfx_rds_sendmsg+0x10/0x10 [ 150.094708][ T6203] ? aa_sk_perm+0x2f4/0xb10 [ 150.094750][ T6203] ? __pfx_aa_sk_perm+0x10/0x10 [ 150.094803][ T6203] ? ____sys_sendmsg+0xa95/0xc70 [ 150.094855][ T6203] ____sys_sendmsg+0xa95/0xc70 [ 150.094908][ T6203] ? __pfx_____sys_sendmsg+0x10/0x10 [ 150.094965][ T6203] ? try_to_wake_up+0xa2f/0x1680 [ 150.095003][ T6203] ___sys_sendmsg+0x134/0x1d0 [ 150.095043][ T6203] ? __pfx____sys_sendmsg+0x10/0x10 [ 150.095133][ T6203] __sys_sendmsg+0x16d/0x220 [ 150.095171][ T6203] ? __pfx___sys_sendmsg+0x10/0x10 [ 150.095207][ T6203] ? __x64_sys_futex+0x1e0/0x4c0 [ 150.095253][ T6203] ? rcu_is_watching+0x12/0xc0 [ 150.095296][ T6203] do_syscall_64+0xcd/0x230 [ 150.095344][ T6203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.095377][ T6203] RIP: 0033:0x7f6cdcb8e969 [ 150.095403][ T6203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.095434][ T6203] RSP: 002b:00007f6cda9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 150.095462][ T6203] RAX: ffffffffffffffda RBX: 00007f6cdcdb6080 RCX: 00007f6cdcb8e969 [ 150.095483][ T6203] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 000000000000000b [ 150.095503][ T6203] RBP: 00007f6cdcc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 150.095523][ T6203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.095542][ T6203] R13: 0000000000000000 R14: 00007f6cdcdb6080 R15: 00007fff3518e0c8 [ 150.095585][ T6203] [ 150.095780][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 150.244151][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 150.936263][ T30] audit: type=1400 audit(6041324964.377:4): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=6209 comm="syz.1.75" [ 151.441252][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.682836][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 151.963617][ T6222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 151.983617][ T6222] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 152.282413][ T55] Bluetooth: hci2: unexpected subevent 0x01 length: 121 > 18 [ 152.290244][ T55] Bluetooth: hci2: Invalid handle: 0x1e1a > 0x0eff [ 152.321360][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 152.724960][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 153.521634][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.725320][ T6251] random: crng reseeded on system resumption [ 153.764214][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 154.401285][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 154.789656][ T6265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 154.801479][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 154.882663][ T6265] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 156.884091][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 157.107506][ T6312] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 157.131648][ T6312] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 157.547672][ T6322] binder: 6318:6322 ioctl 41045508 1 returned -22 [ 157.696448][ T6322] binder: 6318:6322 ioctl 40081271 38 returned -22 [ 157.717539][ T6322] netlink: 342 bytes leftover after parsing attributes in process `syz.1.94'. [ 157.731039][ T6322] netlink: 342 bytes leftover after parsing attributes in process `syz.1.94'. [ 157.771776][ T6322] netlink: 342 bytes leftover after parsing attributes in process `syz.1.94'. [ 158.153576][ T6338] netlink: 20 bytes leftover after parsing attributes in process `syz.0.98'. [ 158.185316][ T6338] netlink: 32 bytes leftover after parsing attributes in process `syz.0.98'. [ 158.373840][ T6344] sp0: Synchronizing with TNC [ 158.665461][ T6354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 158.683600][ T6354] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 158.718377][ T6357] openvswitch: netlink: Duplicate or invalid key (type 0). syzkaller syzkaller login: [ 160.374845][ T6396] netlink: 20 bytes leftover after parsing attributes in process `syz.1.110'. [ 160.422867][ T6396] netlink: 32 bytes leftover after parsing attributes in process `syz.1.110'. [ 161.102686][ T6405] Invalid ELF header magic: != ELF [ 161.515998][ T6418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 161.548423][ T6418] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 161.804622][ T6423] input: isc as /devices/virtual/input/input5 [ 162.467835][ T6436] block2mtd: parameter too long [ 163.454979][ T6452] netlink: 20 bytes leftover after parsing attributes in process `syz.1.120'. [ 163.494658][ T6452] netlink: 32 bytes leftover after parsing attributes in process `syz.1.120'. [ 166.055924][ T6473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 166.109398][ T6473] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.280983][ T6490] netlink: 'syz.2.128': attribute type 1 has an invalid length. [ 167.356749][ T6490] netlink: 306 bytes leftover after parsing attributes in process `syz.2.128'. [ 167.384124][ C1] vkms_vblank_simulate: vblank timer overrun [ 168.547148][ T6510] netlink: 346 bytes leftover after parsing attributes in process `syz.1.132'. [ 169.845860][ T6520] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.911744][ T6520] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 172.274386][ T6577] netlink: 20 bytes leftover after parsing attributes in process `syz.1.144'. [ 172.309329][ T6577] netlink: 32 bytes leftover after parsing attributes in process `syz.1.144'. [ 173.727379][ T6593] input: f¬ as /devices/virtual/input/input6 [ 173.882943][ T6601] kexec: Could not allocate control_code_buffer [ 176.414952][ T6651] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 177.223819][ T6652] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 178.077485][ T6665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 178.090859][ T6665] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 178.296680][ T6670] netlink: 4 bytes leftover after parsing attributes in process `syz.3.159'. [ 178.522443][ T6679] netlink: 28 bytes leftover after parsing attributes in process `syz.0.163'. [ 178.545917][ T6679] team_slave_0: entered allmulticast mode [ 179.961034][ T6729] netlink: 20 bytes leftover after parsing attributes in process `syz.2.167'. [ 180.045273][ T6729] netlink: 32 bytes leftover after parsing attributes in process `syz.2.167'. [ 180.441653][ T6740] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 181.362190][ T6739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 181.462102][ T6739] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 182.490995][ T6766] netlink: 20 bytes leftover after parsing attributes in process `syz.3.178'. [ 182.519598][ T6766] netlink: 32 bytes leftover after parsing attributes in process `syz.3.178'. [ 183.304559][ T6779] can: request_module (can-proto-3) failed. [ 183.417563][ T6767] process 'syz.2.176' launched '/dev/fd/2' with NULL argv: empty string added [ 183.626678][ T6784] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 183.635777][ T6784] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 184.532778][ T55] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 185.918465][ T6819] Invalid ELF header magic: != ELF [ 186.239407][ T6828] netlink: 20 bytes leftover after parsing attributes in process `syz.2.189'. [ 186.359686][ T6828] netlink: 32 bytes leftover after parsing attributes in process `syz.2.189'. [ 186.554061][ T6831] futex_wake_op: syz.1.190 tries to shift op by 64; fix this program [ 186.767811][ T6833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.838888][ T6833] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 187.398456][ T6819] Invalid ELF header magic: != ELF [ 187.470197][ T6819] Invalid ELF header magic: != ELF [ 187.585673][ T6819] Invalid ELF header magic: != ELF [ 187.940309][ T6819] Invalid ELF header magic: != ELF [ 188.541886][ T6826] netlink: zone id is out of range [ 188.557111][ T6819] Invalid ELF header magic: != ELF [ 188.820419][ T6819] Invalid ELF header magic: != ELF [ 189.223072][ T6819] Invalid ELF header magic: != ELF [ 189.992895][ T6880] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(257.0.7), cmd(1) [ 190.460646][ T6887] netlink: 306 bytes leftover after parsing attributes in process `syz.1.200'. [ 190.806940][ T6890] netlink: 20 bytes leftover after parsing attributes in process `syz.0.201'. [ 190.819029][ T6890] netlink: 32 bytes leftover after parsing attributes in process `syz.0.201'. [ 191.119885][ T6901] netlink: 4 bytes leftover after parsing attributes in process `syz.0.203'. [ 191.153774][ T6898] netlink: 25 bytes leftover after parsing attributes in process `syz.0.203'. [ 192.432578][ T6919] netlink: 'syz.0.206': attribute type 11 has an invalid length. [ 192.451003][ T6919] netlink: 'syz.0.206': attribute type 11 has an invalid length. [ 192.521389][ T6919] netlink: 'syz.0.206': attribute type 11 has an invalid length. [ 194.419676][ T6964] can: request_module (can-proto-0) failed. [ 196.903648][ T7005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 196.943063][ T7005] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 197.285659][ T7021] netlink: 20 bytes leftover after parsing attributes in process `syz.1.230'. [ 197.358915][ T7021] netlink: 32 bytes leftover after parsing attributes in process `syz.1.230'. [ 199.287865][ T7073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 199.398828][ T7073] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 203.352986][ T7116] FAULT_INJECTION: forcing a failure. [ 203.352986][ T7116] name failslab, interval 1, probability 0, space 0, times 0 [ 203.377547][ T7116] CPU: 1 UID: 0 PID: 7116 Comm: syz.3.249 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 203.377594][ T7116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 203.377618][ T7116] Call Trace: [ 203.377628][ T7116] [ 203.377645][ T7116] dump_stack_lvl+0x16c/0x1f0 [ 203.377696][ T7116] should_fail_ex+0x512/0x640 [ 203.377741][ T7116] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 203.377783][ T7116] should_failslab+0xc2/0x120 [ 203.377822][ T7116] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 203.377860][ T7116] ? __kernfs_new_node+0xd2/0x8a0 [ 203.377919][ T7116] __kernfs_new_node+0xd2/0x8a0 [ 203.377976][ T7116] ? __pfx___kernfs_new_node+0x10/0x10 [ 203.378041][ T7116] ? find_held_lock+0x2b/0x80 [ 203.378074][ T7116] ? kernfs_root+0xee/0x2a0 [ 203.378133][ T7116] kernfs_new_node+0x13c/0x1e0 [ 203.378174][ T7116] __kernfs_create_file+0x53/0x350 [ 203.378229][ T7116] sysfs_add_file_mode_ns+0x207/0x3c0 [ 203.378297][ T7116] internal_create_group+0x578/0xf30 [ 203.378342][ T7116] ? __pfx_internal_create_group+0x10/0x10 [ 203.378423][ T7116] ? kernfs_create_link+0x1bd/0x240 [ 203.378475][ T7116] internal_create_groups+0x9d/0x150 [ 203.378513][ T7116] device_add+0xf30/0x1a70 [ 203.378563][ T7116] ? __pfx_device_add+0x10/0x10 [ 203.378608][ T7116] ? lockdep_init_map_type+0x5c/0x280 [ 203.378653][ T7116] ? __init_waitqueue_head+0xca/0x150 [ 203.378714][ T7116] netdev_register_kobject+0x182/0x3a0 [ 203.378765][ T7116] register_netdevice+0x13dc/0x2270 [ 203.378815][ T7116] ? __pfx_register_netdevice+0x10/0x10 [ 203.378870][ T7116] internal_dev_create+0x2d3/0x520 [ 203.378926][ T7116] ovs_vport_add+0x144/0x4d0 [ 203.378979][ T7116] new_vport+0x16/0x1d0 [ 203.379019][ T7116] ovs_dp_cmd_new+0x6ba/0xe60 [ 203.379073][ T7116] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 203.379124][ T7116] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 203.379173][ T7116] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 203.379231][ T7116] genl_family_rcv_msg_doit+0x206/0x2f0 [ 203.379290][ T7116] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 203.379339][ T7116] ? trace_cap_capable+0x18d/0x200 [ 203.379383][ T7116] ? bpf_lsm_capable+0x9/0x10 [ 203.379417][ T7116] ? security_capable+0x7e/0x260 [ 203.379472][ T7116] ? ns_capable+0xd7/0x110 [ 203.379510][ T7116] genl_rcv_msg+0x55c/0x800 [ 203.379562][ T7116] ? __pfx_genl_rcv_msg+0x10/0x10 [ 203.379607][ T7116] ? __pfx___dev_queue_xmit+0x10/0x10 [ 203.379658][ T7116] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 203.379703][ T7116] ? __lock_acquire+0xaa4/0x1ba0 [ 203.379752][ T7116] netlink_rcv_skb+0x16a/0x440 [ 203.379792][ T7116] ? __pfx_genl_rcv_msg+0x10/0x10 [ 203.379838][ T7116] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 203.379901][ T7116] ? __pfx_down_read+0x10/0x10 [ 203.379953][ T7116] ? netlink_deliver_tap+0x1ae/0xd30 [ 203.379997][ T7116] genl_rcv+0x28/0x40 [ 203.380036][ T7116] netlink_unicast+0x53a/0x7f0 [ 203.380082][ T7116] ? __pfx_netlink_unicast+0x10/0x10 [ 203.380119][ T7116] ? __lock_acquire+0xaa4/0x1ba0 [ 203.380171][ T7116] netlink_sendmsg+0x8d1/0xdd0 [ 203.380219][ T7116] ? __pfx_netlink_sendmsg+0x10/0x10 [ 203.380281][ T7116] ____sys_sendmsg+0xa95/0xc70 [ 203.380332][ T7116] ? copy_msghdr_from_user+0x10a/0x160 [ 203.380370][ T7116] ? __pfx_____sys_sendmsg+0x10/0x10 [ 203.380427][ T7116] ? try_to_wake_up+0xa2f/0x1680 [ 203.380467][ T7116] ___sys_sendmsg+0x134/0x1d0 [ 203.380507][ T7116] ? __pfx____sys_sendmsg+0x10/0x10 [ 203.380600][ T7116] __sys_sendmsg+0x16d/0x220 [ 203.380639][ T7116] ? __pfx___sys_sendmsg+0x10/0x10 [ 203.380675][ T7116] ? __x64_sys_futex+0x1e0/0x4c0 [ 203.380722][ T7116] ? rcu_is_watching+0x12/0xc0 [ 203.380765][ T7116] do_syscall_64+0xcd/0x230 [ 203.380816][ T7116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.380850][ T7116] RIP: 0033:0x7fddb4b8e969 [ 203.380877][ T7116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.380909][ T7116] RSP: 002b:00007fddb5993038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 203.380952][ T7116] RAX: ffffffffffffffda RBX: 00007fddb4db5fa0 RCX: 00007fddb4b8e969 [ 203.380973][ T7116] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000005 [ 203.380994][ T7116] RBP: 00007fddb4c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 203.381013][ T7116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 203.381032][ T7116] R13: 0000000000000000 R14: 00007fddb4db5fa0 R15: 00007fff70010228 [ 203.381078][ T7116] [ 204.480411][ T7119] FAULT_INJECTION: forcing a failure. [ 204.480411][ T7119] name fail_futex, interval 1, probability 0, space 0, times 1 [ 204.541289][ T7119] CPU: 0 UID: 0 PID: 7119 Comm: syz.0.246 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 204.541333][ T7119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 204.541351][ T7119] Call Trace: [ 204.541360][ T7119] [ 204.541372][ T7119] dump_stack_lvl+0x16c/0x1f0 [ 204.541422][ T7119] should_fail_ex+0x512/0x640 [ 204.541478][ T7119] get_futex_key+0x49e/0x1000 [ 204.541510][ T7119] ? __pfx_get_futex_key+0x10/0x10 [ 204.541537][ T7119] ? find_held_lock+0x2b/0x80 [ 204.541567][ T7119] ? get_pid_task+0xfc/0x250 [ 204.541621][ T7119] futex_wake+0xe7/0x4e0 [ 204.541672][ T7119] ? __pfx_futex_wake+0x10/0x10 [ 204.541725][ T7119] ? ksys_write+0x190/0x240 [ 204.541765][ T7119] do_futex+0x1e3/0x350 [ 204.541803][ T7119] ? __pfx_do_futex+0x10/0x10 [ 204.541851][ T7119] __x64_sys_futex+0x1e0/0x4c0 [ 204.541891][ T7119] ? fput+0x70/0xf0 [ 204.541929][ T7119] ? __pfx___x64_sys_futex+0x10/0x10 [ 204.541965][ T7119] ? ksys_write+0x1b9/0x240 [ 204.541996][ T7119] ? __pfx_ksys_write+0x10/0x10 [ 204.542025][ T7119] ? rcu_is_watching+0x12/0xc0 [ 204.542068][ T7119] do_syscall_64+0xcd/0x230 [ 204.542120][ T7119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.542154][ T7119] RIP: 0033:0x7f0790b8e969 [ 204.542182][ T7119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.542226][ T7119] RSP: 002b:00007f0791a960e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 204.542257][ T7119] RAX: ffffffffffffffda RBX: 00007f0790db5fa8 RCX: 00007f0790b8e969 [ 204.542280][ T7119] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0790db5fac [ 204.542302][ T7119] RBP: 00007f0790db5fa0 R08: 00007f0791a97000 R09: 0000000000000000 [ 204.542323][ T7119] R10: 000000000000ffd8 R11: 0000000000000246 R12: 00007f0790db5fac [ 204.542344][ T7119] R13: 0000000000000000 R14: 00007ffc92cbad30 R15: 00007ffc92cbae18 [ 204.542387][ T7119] [ 205.368357][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.374920][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 206.225127][ T7136] netlink: 338 bytes leftover after parsing attributes in process `syz.0.252'. [ 206.261708][ T7139] netlink: 338 bytes leftover after parsing attributes in process `syz.0.252'. [ 206.287055][ T7138] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 206.359871][ T7138] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 206.381494][ T7136] netlink: 290 bytes leftover after parsing attributes in process `syz.0.252'. [ 206.911328][ T7155] netlink: 20 bytes leftover after parsing attributes in process `syz.1.258'. [ 209.279896][ T7193] sd 0:0:1:0: PR command failed: 1026 [ 209.310645][ T7206] netlink: 20 bytes leftover after parsing attributes in process `syz.0.268'. [ 209.434915][ T7193] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 209.443608][ T7193] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 211.648947][ T7232] FAULT_INJECTION: forcing a failure. [ 211.648947][ T7232] name failslab, interval 1, probability 0, space 0, times 0 [ 211.675420][ T7232] CPU: 1 UID: 0 PID: 7232 Comm: syz.0.274 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 211.675467][ T7232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 211.675486][ T7232] Call Trace: [ 211.675498][ T7232] [ 211.675510][ T7232] dump_stack_lvl+0x16c/0x1f0 [ 211.675563][ T7232] should_fail_ex+0x512/0x640 [ 211.675617][ T7232] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 211.675659][ T7232] should_failslab+0xc2/0x120 [ 211.675700][ T7232] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 211.675738][ T7232] ? __kernfs_new_node+0xd2/0x8a0 [ 211.675797][ T7232] __kernfs_new_node+0xd2/0x8a0 [ 211.675854][ T7232] ? __pfx___kernfs_new_node+0x10/0x10 [ 211.675918][ T7232] ? find_held_lock+0x2b/0x80 [ 211.675951][ T7232] ? kernfs_root+0xee/0x2a0 [ 211.676011][ T7232] kernfs_new_node+0x13c/0x1e0 [ 211.676054][ T7232] __kernfs_create_file+0x53/0x350 [ 211.676103][ T7232] sysfs_add_file_mode_ns+0x207/0x3c0 [ 211.676164][ T7232] internal_create_group+0x578/0xf30 [ 211.676207][ T7232] ? __pfx_internal_create_group+0x10/0x10 [ 211.676268][ T7232] ? kernfs_create_link+0x1bd/0x240 [ 211.676319][ T7232] internal_create_groups+0x9d/0x150 [ 211.676355][ T7232] device_add+0xf30/0x1a70 [ 211.676404][ T7232] ? __pfx_device_add+0x10/0x10 [ 211.676447][ T7232] ? lockdep_init_map_type+0x5c/0x280 [ 211.676491][ T7232] ? __init_waitqueue_head+0xca/0x150 [ 211.676552][ T7232] netdev_register_kobject+0x182/0x3a0 [ 211.676602][ T7232] register_netdevice+0x13dc/0x2270 [ 211.676692][ T7232] ? __pfx_register_netdevice+0x10/0x10 [ 211.676747][ T7232] internal_dev_create+0x2d3/0x520 [ 211.676804][ T7232] ovs_vport_add+0x144/0x4d0 [ 211.676856][ T7232] new_vport+0x16/0x1d0 [ 211.676896][ T7232] ovs_dp_cmd_new+0x6ba/0xe60 [ 211.676950][ T7232] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 211.677003][ T7232] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 211.677052][ T7232] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 211.677110][ T7232] genl_family_rcv_msg_doit+0x206/0x2f0 [ 211.677160][ T7232] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 211.677206][ T7232] ? trace_cap_capable+0x18d/0x200 [ 211.677250][ T7232] ? bpf_lsm_capable+0x9/0x10 [ 211.677282][ T7232] ? security_capable+0x7e/0x260 [ 211.677337][ T7232] ? ns_capable+0xd7/0x110 [ 211.677375][ T7232] genl_rcv_msg+0x55c/0x800 [ 211.677426][ T7232] ? __pfx_genl_rcv_msg+0x10/0x10 [ 211.677471][ T7232] ? __pfx___dev_queue_xmit+0x10/0x10 [ 211.677523][ T7232] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 211.677569][ T7232] ? __lock_acquire+0xaa4/0x1ba0 [ 211.677626][ T7232] netlink_rcv_skb+0x16a/0x440 [ 211.677668][ T7232] ? __pfx_genl_rcv_msg+0x10/0x10 [ 211.677716][ T7232] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 211.677778][ T7232] ? __pfx_down_read+0x10/0x10 [ 211.677828][ T7232] ? netlink_deliver_tap+0x1ae/0xd30 [ 211.677874][ T7232] genl_rcv+0x28/0x40 [ 211.677913][ T7232] netlink_unicast+0x53a/0x7f0 [ 211.677959][ T7232] ? __pfx_netlink_unicast+0x10/0x10 [ 211.677996][ T7232] ? __lock_acquire+0xaa4/0x1ba0 [ 211.678049][ T7232] netlink_sendmsg+0x8d1/0xdd0 [ 211.678097][ T7232] ? __pfx_netlink_sendmsg+0x10/0x10 [ 211.678155][ T7232] ____sys_sendmsg+0xa95/0xc70 [ 211.678208][ T7232] ? copy_msghdr_from_user+0x10a/0x160 [ 211.678245][ T7232] ? __pfx_____sys_sendmsg+0x10/0x10 [ 211.678310][ T7232] ___sys_sendmsg+0x134/0x1d0 [ 211.678348][ T7232] ? __pfx____sys_sendmsg+0x10/0x10 [ 211.678440][ T7232] __sys_sendmsg+0x16d/0x220 [ 211.678478][ T7232] ? __pfx___sys_sendmsg+0x10/0x10 [ 211.678514][ T7232] ? __x64_sys_futex+0x1e0/0x4c0 [ 211.678562][ T7232] ? rcu_is_watching+0x12/0xc0 [ 211.678617][ T7232] do_syscall_64+0xcd/0x230 [ 211.678669][ T7232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.678704][ T7232] RIP: 0033:0x7f0790b8e969 [ 211.678730][ T7232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.678762][ T7232] RSP: 002b:00007f0791a96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 211.678792][ T7232] RAX: ffffffffffffffda RBX: 00007f0790db5fa0 RCX: 00007f0790b8e969 [ 211.678812][ T7232] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000005 [ 211.678833][ T7232] RBP: 00007f0790c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 211.678852][ T7232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 211.678871][ T7232] R13: 0000000000000000 R14: 00007f0790db5fa0 R15: 00007ffc92cbae18 [ 211.678913][ T7232] [ 212.320379][ T7234] ovs_ÿþ: entered promiscuous mode [ 212.805195][ T7246] netlink: 8 bytes leftover after parsing attributes in process `syz.1.277'. [ 212.887852][ T7244] netlink: 20 bytes leftover after parsing attributes in process `syz.3.278'. [ 213.699117][ T7264] netlink: 354 bytes leftover after parsing attributes in process `syz.2.282'. [ 214.502802][ T7273] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.522442][ T7273] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 214.580322][ T7278] ovs_ÿþ: entered promiscuous mode [ 214.916344][ T7283] netlink: 20 bytes leftover after parsing attributes in process `syz.0.288'. [ 215.097364][ T7288] netlink: 504 bytes leftover after parsing attributes in process `syz.2.289'. [ 215.143031][ T7288] netlink: 504 bytes leftover after parsing attributes in process `syz.2.289'. [ 215.218932][ T7267] netlink: 338 bytes leftover after parsing attributes in process `syz.1.283'. [ 215.671537][ T7300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.293'. [ 215.740353][ T7300] netlink: 'syz.0.293': attribute type 1 has an invalid length. [ 216.770773][ T7316] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 216.793853][ T7316] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 217.645088][ T7329] FAULT_INJECTION: forcing a failure. [ 217.645088][ T7329] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 217.669205][ T7329] CPU: 0 UID: 0 PID: 7329 Comm: syz.0.297 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 217.669254][ T7329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 217.669274][ T7329] Call Trace: [ 217.669285][ T7329] [ 217.669299][ T7329] dump_stack_lvl+0x16c/0x1f0 [ 217.669356][ T7329] should_fail_ex+0x512/0x640 [ 217.669423][ T7329] should_fail_alloc_page+0xe7/0x130 [ 217.669469][ T7329] prepare_alloc_pages+0x3c2/0x610 [ 217.669521][ T7329] ? rcu_is_watching+0x12/0xc0 [ 217.669558][ T7329] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 217.669611][ T7329] ? __pfx___schedule+0x10/0x10 [ 217.669650][ T7329] ? rcu_is_watching+0x12/0xc0 [ 217.669688][ T7329] ? trace_sched_exit_tp+0xde/0x130 [ 217.669729][ T7329] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 217.669779][ T7329] ? lockdep_hardirqs_on+0x7c/0x110 [ 217.669827][ T7329] ? __lock_acquire+0xaa4/0x1ba0 [ 217.669864][ T7329] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 217.669909][ T7329] ? policy_nodemask+0xea/0x4e0 [ 217.669951][ T7329] alloc_pages_mpol+0x1fb/0x550 [ 217.669992][ T7329] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 217.670027][ T7329] ? __page_table_check_ptes_set+0x1ae/0x420 [ 217.670065][ T7329] ? find_held_lock+0x2b/0x80 [ 217.670101][ T7329] alloc_pages_noprof+0x131/0x390 [ 217.670141][ T7329] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 217.670189][ T7329] get_free_pages_noprof+0xc/0x40 [ 217.670235][ T7329] kasan_populate_vmalloc_pte+0x2d/0x160 [ 217.670268][ T7329] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 217.670299][ T7329] __apply_to_page_range+0x617/0xd60 [ 217.670352][ T7329] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 217.670398][ T7329] ? __pfx___apply_to_page_range+0x10/0x10 [ 217.670449][ T7329] ? preempt_schedule_thunk+0x16/0x30 [ 217.670517][ T7329] alloc_vmap_area+0x919/0x2970 [ 217.670583][ T7329] ? __pfx_alloc_vmap_area+0x10/0x10 [ 217.670639][ T7329] __get_vm_area_node+0x1a7/0x300 [ 217.670697][ T7329] __vmalloc_node_range_noprof+0x277/0x1540 [ 217.670753][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 217.670820][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 217.670875][ T7329] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 217.670941][ T7329] __kvmalloc_node_noprof+0x2ff/0x600 [ 217.670974][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 217.671022][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 217.671077][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 217.671119][ T7329] __do_sys_listmount+0x1c2/0xed0 [ 217.671172][ T7329] ? __x64_sys_futex+0x1e0/0x4c0 [ 217.671202][ T7329] ? __x64_sys_futex+0x1e9/0x4c0 [ 217.671237][ T7329] ? __pfx___do_sys_listmount+0x10/0x10 [ 217.671282][ T7329] ? xfd_validate_state+0x5d/0x180 [ 217.671348][ T7329] do_syscall_64+0xcd/0x230 [ 217.671413][ T7329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.671447][ T7329] RIP: 0033:0x7f0790b8e969 [ 217.671474][ T7329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.671505][ T7329] RSP: 002b:00007f0791a33038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 217.671537][ T7329] RAX: ffffffffffffffda RBX: 00007f0790db6240 RCX: 00007f0790b8e969 [ 217.671558][ T7329] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 217.671578][ T7329] RBP: 00007f0790c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 217.671597][ T7329] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 217.671616][ T7329] R13: 0000000000000000 R14: 00007f0790db6240 R15: 00007ffc92cbae18 [ 217.671656][ T7329] [ 218.040377][ T7329] syz.0.297: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 218.055677][ T7329] CPU: 1 UID: 0 PID: 7329 Comm: syz.0.297 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 218.055721][ T7329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 218.055740][ T7329] Call Trace: [ 218.055751][ T7329] [ 218.055763][ T7329] dump_stack_lvl+0x16c/0x1f0 [ 218.055812][ T7329] warn_alloc+0x248/0x3a0 [ 218.055849][ T7329] ? __pfx_warn_alloc+0x10/0x10 [ 218.055886][ T7329] ? kfree+0x2b6/0x4d0 [ 218.055945][ T7329] ? __get_vm_area_node+0x1e5/0x300 [ 218.056004][ T7329] __vmalloc_node_range_noprof+0xd31/0x1540 [ 218.056070][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 218.056125][ T7329] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 218.056194][ T7329] __kvmalloc_node_noprof+0x2ff/0x600 [ 218.056228][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 218.056275][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 218.056329][ T7329] ? __do_sys_listmount+0x1c2/0xed0 [ 218.056379][ T7329] __do_sys_listmount+0x1c2/0xed0 [ 218.056433][ T7329] ? __x64_sys_futex+0x1e0/0x4c0 [ 218.056468][ T7329] ? __x64_sys_futex+0x1e9/0x4c0 [ 218.056502][ T7329] ? __pfx___do_sys_listmount+0x10/0x10 [ 218.056550][ T7329] ? xfd_validate_state+0x5d/0x180 [ 218.056618][ T7329] do_syscall_64+0xcd/0x230 [ 218.056667][ T7329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.056699][ T7329] RIP: 0033:0x7f0790b8e969 [ 218.056725][ T7329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.056754][ T7329] RSP: 002b:00007f0791a33038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 218.056783][ T7329] RAX: ffffffffffffffda RBX: 00007f0790db6240 RCX: 00007f0790b8e969 [ 218.056804][ T7329] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 218.056824][ T7329] RBP: 00007f0790c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 218.056843][ T7329] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 218.056861][ T7329] R13: 0000000000000000 R14: 00007f0790db6240 R15: 00007ffc92cbae18 [ 218.056900][ T7329] [ 218.056910][ T7329] Mem-Info: [ 218.402684][ T7329] active_anon:71065 inactive_anon:0 isolated_anon:0 [ 218.402684][ T7329] active_file:13936 inactive_file:38978 isolated_file:0 [ 218.402684][ T7329] unevictable:5399 dirty:338 writeback:0 [ 218.402684][ T7329] slab_reclaimable:10483 slab_unreclaimable:94377 [ 218.402684][ T7329] mapped:45267 shmem:57529 pagetables:1004 [ 218.402684][ T7329] sec_pagetables:0 bounce:0 [ 218.402684][ T7329] kernel_misc_reclaimable:0 [ 218.402684][ T7329] free:1271896 free_pcp:3764 free_cma:0 [ 218.480084][ T7329] Node 0 active_anon:286060kB inactive_anon:0kB active_file:55744kB inactive_file:160804kB unevictable:15160kB isolated(anon):0kB isolated(file):0kB mapped:181068kB dirty:1348kB writeback:0kB shmem:230376kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11628kB pagetables:4116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 218.539279][ T7329] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 218.581260][ T7329] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 218.610278][ T7329] lowmem_reserve[]: 0 2484 2486 2486 2486 [ 218.618625][ T7329] Node 0 DMA32 free:1167344kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:286912kB inactive_anon:0kB active_file:55744kB inactive_file:169092kB unevictable:5060kB writepending:1448kB present:3129332kB managed:2544168kB mlocked:3548kB bounce:0kB free_pcp:3128kB local_pcp:964kB free_cma:0kB [ 218.755971][ T7329] lowmem_reserve[]: 0 0 1 1 1 [ 218.793734][ T7329] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1812kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 218.928313][ T7329] lowmem_reserve[]: 0 0 0 0 0 [ 218.937781][ T7329] Node 1 Normal free:3905792kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:8388kB local_pcp:400kB free_cma:0kB [ 219.009212][ T7329] lowmem_reserve[]: 0 0 0 0 0 [ 219.041535][ T7329] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 219.091307][ T7329] Node 0 DMA32: 792*4kB (M) 976*8kB (UM) 557*16kB (ME) 473*32kB (UME) 77*64kB (UME) 13*128kB (UME) 13*256kB (UE) 7*512kB (UME) 0*1024kB 0*2048kB 271*4096kB (UME) = 1158544kB [ 219.211424][ T7329] Node 0 Normal: 3*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB [ 219.301142][ T7329] Node 1 Normal: 222*4kB (UE) 71*8kB (UME) 39*16kB (UME) 201*32kB (UME) 97*64kB (UME) 31*128kB (UE) 10*256kB (UE) 3*512kB (UM) 2*1024kB (UE) 5*2048kB (UME) 945*4096kB (UM) = 3905792kB [ 219.381347][ T7329] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 219.390947][ T7329] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 219.431284][ T7329] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 219.440916][ T7329] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 219.550123][ T7329] 115981 total pagecache pages [ 219.590153][ T7329] 1 pages in swap cache [ 219.600282][ T7329] Free swap = 124996kB [ 219.621196][ T7329] Total swap = 124996kB [ 219.625408][ T7329] 2097051 pages RAM [ 219.629216][ T7329] 0 pages HighMem/MovableOnly [ 219.682928][ T7329] 428903 pages reserved [ 219.688817][ T7329] 0 pages cma reserved [ 221.255001][ T55] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 222.028389][ T7377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 222.061773][ T7377] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 223.296980][ T7388] netlink: 40 bytes leftover after parsing attributes in process `syz.2.309'. [ 224.454542][ T7401] capability: warning: `syz.1.313' uses 32-bit capabilities (legacy support in use) [ 224.562254][ T7400] HfR: entered promiscuous mode [ 225.931884][ T7417] openvswitch: netlink: IP tunnel dst address not specified [ 228.144293][ T7454] netlink: zone id is out of range [ 228.149610][ T7454] netlink: zone id is out of range [ 228.156174][ T7454] netlink: zone id is out of range [ 228.163971][ T7454] netlink: zone id is out of range [ 228.169626][ T7454] netlink: zone id is out of range [ 228.176339][ T7454] netlink: zone id is out of range [ 228.193026][ T7454] netlink: zone id is out of range [ 228.207756][ T7454] netlink: zone id is out of range [ 228.261204][ T7454] netlink: zone id is out of range [ 229.462638][ T7499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 229.616920][ T7499] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 230.466358][ T7523] netlink: 4 bytes leftover after parsing attributes in process `syz.1.339'. [ 230.633156][ T7529] netlink: 40 bytes leftover after parsing attributes in process `syz.2.340'. [ 232.427434][ T7554] cgroup: fork rejected by pids controller in /syz1 [ 234.554161][ T7620] Invalid ELF header magic: != ELF [ 235.330384][ T7627] sd 0:0:1:0: PR command failed: 1026 [ 235.338052][ T7627] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 235.347698][ T7627] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 236.096093][ T7642] FAULT_INJECTION: forcing a failure. [ 236.096093][ T7642] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 236.121129][ T7642] CPU: 1 UID: 0 PID: 7642 Comm: syz.3.362 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 236.121172][ T7642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 236.121190][ T7642] Call Trace: [ 236.121200][ T7642] [ 236.121211][ T7642] dump_stack_lvl+0x16c/0x1f0 [ 236.121258][ T7642] should_fail_ex+0x512/0x640 [ 236.121306][ T7642] strncpy_from_user+0x3b/0x2e0 [ 236.121352][ T7642] getname_flags.part.0+0x8f/0x550 [ 236.121399][ T7642] getname_flags+0x93/0xf0 [ 236.121447][ T7642] do_sys_openat2+0xb8/0x1d0 [ 236.121489][ T7642] ? __pfx_do_sys_openat2+0x10/0x10 [ 236.121537][ T7642] ? __fget_files+0x20e/0x3c0 [ 236.121625][ T7642] __x64_sys_openat+0x174/0x210 [ 236.121668][ T7642] ? __pfx___x64_sys_openat+0x10/0x10 [ 236.121709][ T7642] ? ksys_write+0x1b9/0x240 [ 236.121753][ T7642] do_syscall_64+0xcd/0x230 [ 236.121800][ T7642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.121831][ T7642] RIP: 0033:0x7fddb4b8e969 [ 236.121854][ T7642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.121884][ T7642] RSP: 002b:00007fddb5972038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 236.121913][ T7642] RAX: ffffffffffffffda RBX: 00007fddb4db6080 RCX: 00007fddb4b8e969 [ 236.121933][ T7642] RDX: 0000000000088083 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 236.121952][ T7642] RBP: 00007fddb5972090 R08: 0000000000000000 R09: 0000000000000000 [ 236.121970][ T7642] R10: 000000000000ffeb R11: 0000000000000246 R12: 0000000000000001 [ 236.121988][ T7642] R13: 0000000000000001 R14: 00007fddb4db6080 R15: 00007fff70010228 [ 236.122028][ T7642] [ 236.681779][ T7644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 236.705223][ T7644] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 237.306788][ T7662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.370'. [ 239.232127][ T7693] FAULT_INJECTION: forcing a failure. [ 239.232127][ T7693] name failslab, interval 1, probability 0, space 0, times 0 [ 239.232732][ T7690] bridge0: port 3(dummy0) entered blocking state [ 239.258708][ T7693] CPU: 0 UID: 0 PID: 7693 Comm: syz.0.374 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 239.258752][ T7693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 239.258769][ T7693] Call Trace: [ 239.258779][ T7693] [ 239.258791][ T7693] dump_stack_lvl+0x16c/0x1f0 [ 239.258839][ T7693] should_fail_ex+0x512/0x640 [ 239.258880][ T7693] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 239.258920][ T7693] should_failslab+0xc2/0x120 [ 239.258958][ T7693] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 239.258994][ T7693] ? alloc_empty_file+0x55/0x1e0 [ 239.259039][ T7693] alloc_empty_file+0x55/0x1e0 [ 239.259081][ T7693] path_openat+0xe0/0x2d40 [ 239.259107][ T7693] ? __x64_sys_openat+0x174/0x210 [ 239.259147][ T7693] ? do_syscall_64+0xcd/0x230 [ 239.259189][ T7693] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.259235][ T7693] ? __pfx_path_openat+0x10/0x10 [ 239.259275][ T7693] do_filp_open+0x20b/0x470 [ 239.259306][ T7693] ? __pfx_do_filp_open+0x10/0x10 [ 239.259365][ T7693] ? alloc_fd+0x471/0x7d0 [ 239.259433][ T7693] do_sys_openat2+0x11b/0x1d0 [ 239.259474][ T7693] ? __pfx_do_sys_openat2+0x10/0x10 [ 239.259520][ T7693] ? __fget_files+0x20e/0x3c0 [ 239.259577][ T7693] __x64_sys_openat+0x174/0x210 [ 239.259620][ T7693] ? __pfx___x64_sys_openat+0x10/0x10 [ 239.259660][ T7693] ? ksys_write+0x1b9/0x240 [ 239.259703][ T7693] do_syscall_64+0xcd/0x230 [ 239.259750][ T7693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.259782][ T7693] RIP: 0033:0x7f0790b8e969 [ 239.259807][ T7693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.259836][ T7693] RSP: 002b:00007f0791a75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 239.259865][ T7693] RAX: ffffffffffffffda RBX: 00007f0790db6080 RCX: 00007f0790b8e969 [ 239.259885][ T7693] RDX: 0000000000088083 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 239.259905][ T7693] RBP: 00007f0791a75090 R08: 0000000000000000 R09: 0000000000000000 [ 239.259924][ T7693] R10: 000000000000ffeb R11: 0000000000000246 R12: 0000000000000001 [ 239.259942][ T7693] R13: 0000000000000001 R14: 00007f0790db6080 R15: 00007ffc92cbae18 [ 239.259982][ T7693] [ 239.365173][ T7690] bridge0: port 3(dummy0) entered disabled state [ 239.369908][ C0] vkms_vblank_simulate: vblank timer overrun [ 239.499592][ C0] vkms_vblank_simulate: vblank timer overrun [ 239.505891][ C0] hrtimer: interrupt took 244829625 ns [ 239.591496][ T7690] dummy0: entered allmulticast mode [ 239.599291][ T7690] dummy0: entered promiscuous mode [ 239.605951][ C0] vkms_vblank_simulate: vblank timer overrun [ 239.613101][ T7690] bridge0: port 3(dummy0) entered blocking state [ 239.620649][ T7690] bridge0: port 3(dummy0) entered forwarding state [ 240.358544][ T7695] netlink: 'syz.3.375': attribute type 21 has an invalid length. [ 240.366849][ T7695] netlink: 326 bytes leftover after parsing attributes in process `syz.3.375'. [ 240.383999][ T7696] netlink: 'syz.3.375': attribute type 21 has an invalid length. [ 240.411184][ T7696] netlink: 326 bytes leftover after parsing attributes in process `syz.3.375'. [ 241.934883][ T7737] ubi0: attaching mtd0 [ 241.939187][ T7737] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 241.976448][ T7737] netlink: 252 bytes leftover after parsing attributes in process `syz.2.384'. [ 242.014222][ T7737] netlink: 252 bytes leftover after parsing attributes in process `syz.2.384'. [ 243.391654][ T7760] can: request_module (can-proto-3) failed. [ 243.556995][ T7765] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 244.439931][ T7778] netlink: 252 bytes leftover after parsing attributes in process `syz.3.393'. [ 244.737268][ T7785] binder: 7782:7785 ioctl c0306201 0 returned -14 [ 247.121969][ T7807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 247.152483][ T7807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 syzkaller syzkaller login: [ 251.511989][ T7876] net_ratelimit: 21 callbacks suppressed [ 251.512015][ T7876] openvswitch: netlink: Key 2 has unexpected len 0 expected 4 [ 251.537009][ T7875] openvswitch: netlink: Key 2 has unexpected len 0 expected 4 [ 252.798158][ T55] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 253.001130][ T30] audit: type=1800 audit(6041325074.346:5): pid=7903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.420" name="dbroot" dev="configfs" ino=16226 res=0 errno=0 [ 253.573401][ T7906] FAULT_INJECTION: forcing a failure. [ 253.573401][ T7906] name failslab, interval 1, probability 0, space 0, times 0 [ 253.751415][ T7906] CPU: 1 UID: 0 PID: 7906 Comm: syz.0.421 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 253.751465][ T7906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 253.751485][ T7906] Call Trace: [ 253.751496][ T7906] [ 253.751508][ T7906] dump_stack_lvl+0x16c/0x1f0 [ 253.751564][ T7906] should_fail_ex+0x512/0x640 [ 253.751611][ T7906] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 253.751654][ T7906] should_failslab+0xc2/0x120 [ 253.751694][ T7906] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 253.751732][ T7906] ? __kernfs_new_node+0xd2/0x8a0 [ 253.751792][ T7906] __kernfs_new_node+0xd2/0x8a0 [ 253.751849][ T7906] ? __pfx___kernfs_new_node+0x10/0x10 [ 253.751914][ T7906] ? find_held_lock+0x2b/0x80 [ 253.751947][ T7906] ? kernfs_root+0xee/0x2a0 [ 253.752006][ T7906] kernfs_new_node+0x13c/0x1e0 [ 253.752050][ T7906] __kernfs_create_file+0x53/0x350 [ 253.752171][ T7906] sysfs_add_file_mode_ns+0x207/0x3c0 [ 253.752259][ T7906] internal_create_group+0x578/0xf30 [ 253.752305][ T7906] ? __pfx_internal_create_group+0x10/0x10 [ 253.752370][ T7906] ? kernfs_create_link+0x1bd/0x240 [ 253.752424][ T7906] internal_create_groups+0x9d/0x150 [ 253.752466][ T7906] device_add+0xf30/0x1a70 [ 253.752518][ T7906] ? __pfx_device_add+0x10/0x10 [ 253.752564][ T7906] ? lockdep_init_map_type+0x5c/0x280 [ 253.752610][ T7906] ? __init_waitqueue_head+0xca/0x150 [ 253.752676][ T7906] netdev_register_kobject+0x182/0x3a0 [ 253.752727][ T7906] register_netdevice+0x13dc/0x2270 [ 253.752778][ T7906] ? __pfx_register_netdevice+0x10/0x10 [ 253.752835][ T7906] internal_dev_create+0x2d3/0x520 [ 253.752895][ T7906] ovs_vport_add+0x144/0x4d0 [ 253.752948][ T7906] new_vport+0x16/0x1d0 [ 253.752989][ T7906] ovs_dp_cmd_new+0x6ba/0xe60 [ 253.753046][ T7906] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 253.753102][ T7906] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 253.753154][ T7906] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 253.753217][ T7906] genl_family_rcv_msg_doit+0x206/0x2f0 [ 253.753278][ T7906] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 253.753330][ T7906] ? trace_cap_capable+0x18d/0x200 [ 253.753375][ T7906] ? bpf_lsm_capable+0x9/0x10 [ 253.753410][ T7906] ? security_capable+0x7e/0x260 [ 253.753469][ T7906] ? ns_capable+0xd7/0x110 [ 253.753510][ T7906] genl_rcv_msg+0x55c/0x800 [ 253.753565][ T7906] ? __pfx_genl_rcv_msg+0x10/0x10 [ 253.753613][ T7906] ? __pfx___dev_queue_xmit+0x10/0x10 [ 253.753667][ T7906] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 253.753715][ T7906] ? __lock_acquire+0xaa4/0x1ba0 [ 253.753770][ T7906] netlink_rcv_skb+0x16a/0x440 [ 253.753812][ T7906] ? __pfx_genl_rcv_msg+0x10/0x10 [ 253.753861][ T7906] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 253.753941][ T7906] ? __pfx_down_read+0x10/0x10 [ 253.753997][ T7906] ? netlink_deliver_tap+0x1ae/0xd30 [ 253.754043][ T7906] genl_rcv+0x28/0x40 [ 253.754085][ T7906] netlink_unicast+0x53a/0x7f0 [ 253.754131][ T7906] ? __pfx_netlink_unicast+0x10/0x10 [ 253.754169][ T7906] ? __lock_acquire+0xaa4/0x1ba0 [ 253.754232][ T7906] netlink_sendmsg+0x8d1/0xdd0 [ 253.754283][ T7906] ? __pfx_netlink_sendmsg+0x10/0x10 [ 253.754344][ T7906] ____sys_sendmsg+0xa95/0xc70 [ 253.754396][ T7906] ? copy_msghdr_from_user+0x10a/0x160 [ 253.754431][ T7906] ? __pfx_____sys_sendmsg+0x10/0x10 [ 253.754486][ T7906] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 253.754541][ T7906] ___sys_sendmsg+0x134/0x1d0 [ 253.754581][ T7906] ? __pfx____sys_sendmsg+0x10/0x10 [ 253.754677][ T7906] __sys_sendmsg+0x16d/0x220 [ 253.754716][ T7906] ? __pfx___sys_sendmsg+0x10/0x10 [ 253.754751][ T7906] ? __x64_sys_futex+0x1e0/0x4c0 [ 253.754799][ T7906] ? rcu_is_watching+0x12/0xc0 [ 253.754842][ T7906] do_syscall_64+0xcd/0x230 [ 253.754894][ T7906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.754927][ T7906] RIP: 0033:0x7f0790b8e969 [ 253.754956][ T7906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.754988][ T7906] RSP: 002b:00007f0791a96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 253.755019][ T7906] RAX: ffffffffffffffda RBX: 00007f0790db5fa0 RCX: 00007f0790b8e969 [ 253.755041][ T7906] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000005 [ 253.755062][ T7906] RBP: 00007f0790c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 253.755082][ T7906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.755102][ T7906] R13: 0000000000000000 R14: 00007f0790db5fa0 R15: 00007ffc92cbae18 [ 253.755146][ T7906] [ 255.493927][ T7920] FAULT_INJECTION: forcing a failure. [ 255.493927][ T7920] name failslab, interval 1, probability 0, space 0, times 0 [ 255.513323][ T7920] CPU: 1 UID: 0 PID: 7920 Comm: syz.3.426 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 255.513377][ T7920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 255.513396][ T7920] Call Trace: [ 255.513406][ T7920] [ 255.513419][ T7920] dump_stack_lvl+0x16c/0x1f0 [ 255.513472][ T7920] should_fail_ex+0x512/0x640 [ 255.513518][ T7920] ? __kmalloc_noprof+0xbf/0x510 [ 255.513557][ T7920] ? __register_sysctl_table+0xb3/0x1900 [ 255.513592][ T7920] should_failslab+0xc2/0x120 [ 255.513631][ T7920] __kmalloc_noprof+0xd2/0x510 [ 255.513677][ T7920] __register_sysctl_table+0xb3/0x1900 [ 255.513715][ T7920] ? is_module_address+0x5f/0xf0 [ 255.513764][ T7920] ? __pfx___register_sysctl_table+0x10/0x10 [ 255.513801][ T7920] ? is_module_address+0x69/0xf0 [ 255.513842][ T7920] ? register_net_sysctl_sz+0x228/0x3e0 [ 255.513895][ T7920] ? __asan_memcpy+0x3c/0x60 [ 255.513949][ T7920] devinet_init_net+0x378/0x910 [ 255.513994][ T7920] ? __pfx_devinet_init_net+0x10/0x10 [ 255.514035][ T7920] ops_init+0x1df/0x5f0 [ 255.514079][ T7920] setup_net+0x21e/0x850 [ 255.514122][ T7920] ? __pfx_setup_net+0x10/0x10 [ 255.514159][ T7920] ? lockdep_init_map_type+0x5c/0x280 [ 255.514203][ T7920] ? __pfx_down_read_killable+0x10/0x10 [ 255.514259][ T7920] ? debug_mutex_init+0x37/0x70 [ 255.514319][ T7920] copy_net_ns+0x2a6/0x5f0 [ 255.514376][ T7920] create_new_namespaces+0x3ea/0xad0 [ 255.514423][ T7920] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 255.514465][ T7920] ksys_unshare+0x45b/0xa40 [ 255.514511][ T7920] ? __pfx_ksys_unshare+0x10/0x10 [ 255.514553][ T7920] ? xfd_validate_state+0x5d/0x180 [ 255.514608][ T7920] ? rcu_is_watching+0x12/0xc0 [ 255.514648][ T7920] __x64_sys_unshare+0x31/0x40 [ 255.514692][ T7920] do_syscall_64+0xcd/0x230 [ 255.514739][ T7920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.514770][ T7920] RIP: 0033:0x7fddb4b8e969 [ 255.514797][ T7920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.514828][ T7920] RSP: 002b:00007fddb5993038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 255.514859][ T7920] RAX: ffffffffffffffda RBX: 00007fddb4db5fa0 RCX: 00007fddb4b8e969 [ 255.514880][ T7920] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 255.514900][ T7920] RBP: 00007fddb4c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 255.514919][ T7920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.514938][ T7920] R13: 0000000000000000 R14: 00007fddb4db5fa0 R15: 00007fff70010228 [ 255.514981][ T7920] [ 255.832229][ T7922] netlink: 504 bytes leftover after parsing attributes in process `syz.3.426'. [ 256.838805][ T7939] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 257.175695][ T7918] svc: failed to register nfsdv3 RPC service (errno 512). [ 257.251548][ T7918] svc: failed to register nfsaclv3 RPC service (errno 512). [ 257.613254][ T7944] netlink: 28 bytes leftover after parsing attributes in process `syz.3.430'. [ 258.208247][ T7954] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 261.128814][ T7976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 261.174798][ T7976] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 262.339972][ T7575] syz.1.343 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 262.357133][ T7575] CPU: 0 UID: 0 PID: 7575 Comm: syz.1.343 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 262.357177][ T7575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 262.357195][ T7575] Call Trace: [ 262.357205][ T7575] [ 262.357216][ T7575] dump_stack_lvl+0x16c/0x1f0 [ 262.357262][ T7575] dump_header+0x101/0x930 [ 262.357307][ T7575] oom_kill_process+0x270/0xa60 [ 262.357354][ T7575] out_of_memory+0x350/0x1700 [ 262.357405][ T7575] ? __pfx_out_of_memory+0x10/0x10 [ 262.357458][ T7575] mem_cgroup_out_of_memory+0x205/0x270 [ 262.357508][ T7575] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 262.357565][ T7575] ? do_raw_spin_unlock+0x172/0x230 [ 262.357621][ T7575] try_charge_memcg+0xa07/0x10c0 [ 262.357670][ T7575] ? __pfx_try_charge_memcg+0x10/0x10 [ 262.357715][ T7575] ? __print_lock_name+0xc1/0xe0 [ 262.357745][ T7575] ? rcu_read_unlock+0x17/0x60 [ 262.357797][ T7575] charge_memcg+0x8a/0x230 [ 262.357836][ T7575] __mem_cgroup_charge+0x2b/0x1e0 [ 262.357882][ T7575] shmem_alloc_and_add_folio+0x514/0xc20 [ 262.357930][ T7575] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 262.357971][ T7575] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 262.358018][ T7575] shmem_get_folio_gfp+0x687/0x1530 [ 262.358062][ T7575] ? __lock_acquire+0xaa4/0x1ba0 [ 262.358101][ T7575] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 262.358142][ T7575] ? __pte_offset_map_lock+0x155/0x2f0 [ 262.358193][ T7575] shmem_write_begin+0x160/0x300 [ 262.358236][ T7575] ? __pfx_shmem_write_begin+0x10/0x10 [ 262.358274][ T7575] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 262.358327][ T7575] ? __pfx_timestamp_truncate+0x10/0x10 [ 262.358366][ T7575] generic_perform_write+0x3cd/0x930 [ 262.358418][ T7575] ? __pfx_generic_perform_write+0x10/0x10 [ 262.358615][ T7575] ? inode_needs_update_time.part.0+0x191/0x270 [ 262.358669][ T7575] shmem_file_write_iter+0x10e/0x140 [ 262.358715][ T7575] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 262.358765][ T7575] __kernel_write_iter+0x317/0xa90 [ 262.358800][ T7575] ? __pfx___kernel_write_iter+0x10/0x10 [ 262.358829][ T7575] ? __up_read+0x1f8/0x750 [ 262.358881][ T7575] ? dump_user_range+0x73d/0xb30 [ 262.358935][ T7575] dump_user_range+0x418/0xb30 [ 262.358991][ T7575] ? __pfx_dump_user_range+0x10/0x10 [ 262.359036][ T7575] ? elf_coredump_extra_notes_write+0xbd/0x430 [ 262.359076][ T7575] ? __pfx_writenote+0x10/0x10 [ 262.359134][ T7575] elf_core_dump+0x288a/0x3a90 [ 262.359201][ T7575] ? __pfx_elf_core_dump+0x10/0x10 [ 262.359260][ T7575] ? find_held_lock+0x2b/0x80 [ 262.359289][ T7575] ? 0xffffffffff600000 [ 262.359316][ T7575] ? rcu_is_watching+0x12/0xc0 [ 262.359344][ T7575] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 262.359382][ T7575] ? lockdep_hardirqs_on+0x7c/0x110 [ 262.359526][ T7575] ? do_coredump+0x3183/0x4480 [ 262.359566][ T7575] do_coredump+0x3183/0x4480 [ 262.359625][ T7575] ? __pfx_do_coredump+0x10/0x10 [ 262.359672][ T7575] ? stack_trace_save+0x8e/0xc0 [ 262.359705][ T7575] ? __pfx_stack_trace_save+0x10/0x10 [ 262.359738][ T7575] ? stack_depot_save_flags+0x28/0xa50 [ 262.359793][ T7575] ? __lock_acquire+0xaa4/0x1ba0 [ 262.359842][ T7575] ? __kasan_slab_free+0x51/0x70 [ 262.359873][ T7575] ? kmem_cache_free+0x2d4/0x4d0 [ 262.359902][ T7575] ? __sigqueue_free+0xba/0x2a0 [ 262.359944][ T7575] ? get_signal+0xcba/0x26d0 [ 262.359977][ T7575] ? arch_do_signal_or_restart+0x8f/0x7a0 [ 262.360082][ T7575] ? proc_coredump_connector+0x2d1/0x4f0 [ 262.360130][ T7575] ? __pfx_proc_coredump_connector+0x10/0x10 [ 262.360190][ T7575] ? rcu_is_watching+0x12/0xc0 [ 262.360225][ T7575] get_signal+0x22e3/0x26d0 [ 262.360276][ T7575] ? __pfx_get_signal+0x10/0x10 [ 262.360313][ T7575] ? rcu_is_watching+0x12/0xc0 [ 262.360341][ T7575] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 262.360391][ T7575] arch_do_signal_or_restart+0x8f/0x7a0 [ 262.360439][ T7575] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 262.360511][ T7575] irqentry_exit_to_user_mode+0x13f/0x280 [ 262.360560][ T7575] asm_exc_page_fault+0x26/0x30 [ 262.360592][ T7575] RIP: 0033:0x20fff [ 262.360622][ T7575] Code: Unable to access opcode bytes at 0x20fd5. [ 262.360635][ T7575] RSP: 002b:000000000000000a EFLAGS: 00010206 [ 262.360660][ T7575] RAX: 0000000000000000 RBX: 00007f9e2ebb64e0 RCX: 00007f9e2e98e969 [ 262.360679][ T7575] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 262.360698][ T7575] RBP: 00007f9e2ea10ab1 R08: 0000000000000002 R09: 0000000000000000 [ 262.360717][ T7575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 262.360736][ T7575] R13: 0000000000000000 R14: 00007f9e2ebb64e0 R15: 00007fff066e8f38 [ 262.360785][ T7575] [ 262.893432][ T7575] memory: usage 307200kB, limit 307200kB, failcnt 25976 [ 262.900478][ T7575] memory+swap: usage 432112kB, limit 9007199254740988kB, failcnt 0 [ 263.003256][ T7575] kmem: usage 2916kB, limit 9007199254740988kB, failcnt 0 [ 263.010573][ T7575] Memory cgroup stats for /syz1: [ 263.010875][ T7575] cache 311312384 [ 263.019714][ T7575] rss 151552 [ 263.023676][ T7575] rss_huge 0 [ 263.027025][ T7575] shmem 311308288 [ 263.030880][ T7575] mapped_file 13447168 [ 263.035262][ T7575] dirty 0 [ 263.038330][ T7575] writeback 0 [ 263.041989][ T7575] workingset_refault_anon 349 [ 263.046737][ T7575] workingset_refault_file 129 [ 263.051976][ T7575] swap 127909888 [ 263.055669][ T7575] swapcached 86016 [ 263.058010][ T7991] kexec: Could not allocate control_code_buffer [ 263.059663][ T7575] pgpgin 287361 [ 263.069704][ T7575] pgpgout 211321 [ 263.073381][ T7575] pgfault 109724 [ 263.078807][ T7575] pgmajfault 205 [ 263.082665][ T7575] inactive_anon 234590208 [ 263.087031][ T7575] active_anon 74813440 [ 263.091258][ T7575] inactive_file 4096 [ 263.095199][ T7575] active_file 0 [ 263.098785][ T7575] unevictable 0 [ 263.102348][ T7575] hierarchical_memory_limit 314572800 [ 263.107769][ T7575] hierarchical_memsw_limit 9223372036854771712 [ 263.114044][ T7575] total_cache 311312384 [ 263.118253][ T7575] total_rss 151552 [ 263.122058][ T7575] total_rss_huge 0 [ 263.125826][ T7575] total_shmem 311308288 [ 263.130016][ T7575] total_mapped_file 13447168 [ 263.134894][ T7575] total_dirty 0 [ 263.138396][ T7575] total_writeback 0 [ 263.142318][ T7575] total_workingset_refault_anon 349 [ 263.147648][ T7575] total_workingset_refault_file 129 [ 263.152955][ T7575] total_swap 127909888 [ 263.158312][ T7575] total_swapcached 86016 [ 263.162659][ T7575] total_pgpgin 287361 [ 263.166696][ T7575] total_pgpgout 211321 [ 263.170815][ T7575] total_pgfault 109724 [ 263.175001][ T7575] total_pgmajfault 205 [ 263.180789][ T7575] total_inactive_anon 234590208 [ 263.185780][ T7575] total_active_anon 74813440 [ 263.190408][ T7575] total_inactive_file 4096 [ 263.194959][ T7575] total_active_file 0 [ 263.198995][ T7575] total_unevictable 0 [ 263.205790][ T7575] anon_cost 0 [ 263.209698][ T7575] file_cost 0 [ 263.213093][ T7575] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.343,pid=7580,uid=0 [ 263.228593][ T7575] Memory cgroup out of memory: Killed process 7580 (syz.1.343) total-vm:132060kB, anon-rss:944kB, file-rss:21668kB, shmem-rss:12800kB, UID:0 pgtables:176kB oom_score_adj:1000 [ 264.875037][ T7575] syz.1.343 (7575) used greatest stack depth: 19704 bytes left [ 265.270649][ T8030] netlink: 330 bytes leftover after parsing attributes in process `syz.3.450'. [ 265.306767][ T32] oom_reaper: reaped process 7580 (syz.1.343), now anon-rss:120kB, file-rss:20556kB, shmem-rss:12544kB [ 265.432655][ T7561] syz.1.343 (7561) used greatest stack depth: 19640 bytes left [ 265.861681][ T7578] syz.1.343 (7578) used greatest stack depth: 19464 bytes left [ 266.308795][ T8034] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 266.342496][ T8034] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 266.807386][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.822787][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.156040][ T8058] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 267.909895][ T7569] syz.1.343 (7569) used greatest stack depth: 18904 bytes left [ 268.296799][ T8080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 268.316920][ T8080] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 268.881205][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 268.881361][ T5869] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 269.361650][ T8095] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 270.214231][ T8112] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 270.238705][ T8112] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 270.742611][ T8120] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 270.805287][ T8120] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 272.159103][ T8139] ovs_ÿþ: entered promiscuous mode [ 272.800678][ T8156] FAULT_INJECTION: forcing a failure. [ 272.800678][ T8156] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 272.875171][ T8156] CPU: 0 UID: 0 PID: 8156 Comm: syz.1.482 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 272.875213][ T8156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 272.875230][ T8156] Call Trace: [ 272.875240][ T8156] [ 272.875251][ T8156] dump_stack_lvl+0x16c/0x1f0 [ 272.875297][ T8156] should_fail_ex+0x512/0x640 [ 272.875348][ T8156] should_fail_alloc_page+0xe7/0x130 [ 272.875394][ T8156] prepare_alloc_pages+0x3c2/0x610 [ 272.875442][ T8156] ? rcu_is_watching+0x12/0xc0 [ 272.875476][ T8156] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 272.875522][ T8156] ? cgroup_rstat_updated+0x2a/0xb20 [ 272.875571][ T8156] ? __lock_acquire+0x5ca/0x1ba0 [ 272.875619][ T8156] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 272.875664][ T8156] ? lru_gen_add_folio+0x1a4/0xef0 [ 272.875708][ T8156] ? __lock_acquire+0x5ca/0x1ba0 [ 272.875752][ T8156] ? __lock_acquire+0x5ca/0x1ba0 [ 272.875793][ T8156] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 272.875836][ T8156] ? policy_nodemask+0xea/0x4e0 [ 272.875877][ T8156] alloc_pages_mpol+0x1fb/0x550 [ 272.875916][ T8156] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 272.875963][ T8156] ? __lock_acquire+0x5ca/0x1ba0 [ 272.876011][ T8156] folio_alloc_mpol_noprof+0x36/0x2f0 [ 272.876058][ T8156] vma_alloc_folio_noprof+0xed/0x1e0 [ 272.876103][ T8156] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 272.876161][ T8156] do_pte_missing+0x223d/0x3fb0 [ 272.876208][ T8156] __handle_mm_fault+0x103d/0x2a40 [ 272.876252][ T8156] ? __pfx___handle_mm_fault+0x10/0x10 [ 272.876281][ T8156] ? __pte_offset_map_lock+0x155/0x2f0 [ 272.876325][ T8156] ? find_held_lock+0x2b/0x80 [ 272.876352][ T8156] ? find_held_lock+0x2b/0x80 [ 272.876409][ T8156] handle_mm_fault+0x3fe/0xad0 [ 272.876449][ T8156] __get_user_pages+0x771/0x36f0 [ 272.876509][ T8156] ? __pfx_mt_find+0x10/0x10 [ 272.876554][ T8156] ? __pfx___get_user_pages+0x10/0x10 [ 272.876618][ T8156] populate_vma_page_range+0x278/0x3a0 [ 272.876652][ T8156] ? __pfx_populate_vma_page_range+0x10/0x10 [ 272.876703][ T8156] ? __pfx_find_vma_intersection+0x10/0x10 [ 272.876752][ T8156] ? do_mmap+0x69c/0x11b0 [ 272.876803][ T8156] __mm_populate+0x1d8/0x380 [ 272.876835][ T8156] ? __pfx___mm_populate+0x10/0x10 [ 272.876867][ T8156] ? up_write+0x1b2/0x520 [ 272.876916][ T8156] vm_mmap_pgoff+0x362/0x450 [ 272.876972][ T8156] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 272.877028][ T8156] ? __x64_sys_futex+0x1e0/0x4c0 [ 272.877060][ T8156] ? __x64_sys_futex+0x1e9/0x4c0 [ 272.877100][ T8156] ksys_mmap_pgoff+0x7d/0x5c0 [ 272.877146][ T8156] ? rcu_is_watching+0x12/0xc0 [ 272.877178][ T8156] __x64_sys_mmap+0x125/0x190 [ 272.877213][ T8156] do_syscall_64+0xcd/0x230 [ 272.877260][ T8156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.877291][ T8156] RIP: 0033:0x7f9e2e98e969 [ 272.877316][ T8156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.877345][ T8156] RSP: 002b:00007f9e2f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 272.877374][ T8156] RAX: ffffffffffffffda RBX: 00007f9e2ebb5fa0 RCX: 00007f9e2e98e969 [ 272.877393][ T8156] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 272.877412][ T8156] RBP: 00007f9e2ea10ab1 R08: 0000000000000002 R09: 0000000000008000 [ 272.877430][ T8156] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 272.877447][ T8156] R13: 0000000000000000 R14: 00007f9e2ebb5fa0 R15: 00007fff066e8f38 [ 272.877488][ T8156] [ 272.877597][ T8158] sd 0:0:1:0: PR command failed: 1026 [ 273.176616][ C0] vkms_vblank_simulate: vblank timer overrun [ 273.264288][ T8158] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 273.288691][ T8160] FAULT_INJECTION: forcing a failure. [ 273.288691][ T8160] name failslab, interval 1, probability 0, space 0, times 0 [ 273.294958][ T8158] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 273.436945][ T8160] CPU: 1 UID: 0 PID: 8160 Comm: syz.0.483 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 273.436990][ T8160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 273.437010][ T8160] Call Trace: [ 273.437021][ T8160] [ 273.437033][ T8160] dump_stack_lvl+0x16c/0x1f0 [ 273.437085][ T8160] should_fail_ex+0x512/0x640 [ 273.437130][ T8160] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 273.437173][ T8160] should_failslab+0xc2/0x120 [ 273.437214][ T8160] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 273.437251][ T8160] ? acpi_ut_create_integer_object+0x64/0x180 [ 273.437303][ T8160] ? acpi_ds_init_aml_walk+0x2d3/0x590 [ 273.437346][ T8160] acpi_ut_create_integer_object+0x64/0x180 [ 273.437398][ T8160] acpi_ps_execute_method+0x516/0xb30 [ 273.437443][ T8160] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 273.437494][ T8160] acpi_ns_evaluate+0x76c/0xca0 [ 273.437541][ T8160] ? kasan_save_track+0x14/0x30 [ 273.437580][ T8160] acpi_evaluate_object+0x1fa/0xa90 [ 273.437617][ T8160] ? do_syscall_64+0xcd/0x230 [ 273.437670][ T8160] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.437706][ T8160] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 273.437743][ T8160] ? __mutex_trylock_common+0xe9/0x250 [ 273.437796][ T8160] acpi_evaluate_integer+0xdd/0x200 [ 273.437849][ T8160] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 273.437922][ T8160] ? __pfx_status_show+0x10/0x10 [ 273.437957][ T8160] status_show+0xa0/0x120 [ 273.437994][ T8160] ? __pfx_status_show+0x10/0x10 [ 273.438043][ T8160] dev_attr_show+0x53/0xe0 [ 273.438087][ T8160] ? __pfx_dev_attr_show+0x10/0x10 [ 273.438126][ T8160] sysfs_kf_seq_show+0x213/0x3e0 [ 273.438180][ T8160] seq_read_iter+0x506/0x12c0 [ 273.438253][ T8160] kernfs_fop_read_iter+0x40f/0x5a0 [ 273.438295][ T8160] ? rw_verify_area+0xcf/0x680 [ 273.438348][ T8160] vfs_read+0x8c8/0xc70 [ 273.438384][ T8160] ? __pfx___mutex_lock+0x10/0x10 [ 273.438430][ T8160] ? __pfx_vfs_read+0x10/0x10 [ 273.438491][ T8160] ksys_read+0x12a/0x240 [ 273.438521][ T8160] ? __pfx_ksys_read+0x10/0x10 [ 273.438570][ T8160] ? rcu_is_watching+0x12/0xc0 [ 273.438614][ T8160] do_syscall_64+0xcd/0x230 [ 273.438672][ T8160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.438706][ T8160] RIP: 0033:0x7f0790b8e969 [ 273.438732][ T8160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.438762][ T8160] RSP: 002b:00007f0791a96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 273.438792][ T8160] RAX: ffffffffffffffda RBX: 00007f0790db5fa0 RCX: 00007f0790b8e969 [ 273.438814][ T8160] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003 [ 273.438835][ T8160] RBP: 00007f0790c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 273.438854][ T8160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.438872][ T8160] R13: 0000000000000000 R14: 00007f0790db5fa0 R15: 00007ffc92cbae18 [ 273.438914][ T8160] [ 273.438946][ T8160] ACPI Error: Could not allocate an object descriptor (20240827/utobject-180) [ 273.867398][ T8160] ACPI Error: ffff888064239000 walk still has a scope list (20240827/dswstate-694) [ 274.662296][ T8169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 274.730246][ T8169] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 274.799616][ T8178] netlink: 504 bytes leftover after parsing attributes in process `syz.0.489'. [ 275.246144][ T8183] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 276.977841][ T8211] ubi0: attaching mtd0 [ 276.984875][ T8211] ubi0: scanning is finished [ 276.989673][ T8211] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 277.115009][ T8220] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 277.262771][ T8211] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 277.271428][ T8209] ubi0: attaching mtd0 [ 277.286332][ T8209] ubi0: scanning is finished [ 277.291767][ T8209] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 277.453689][ T8225] FAULT_INJECTION: forcing a failure. [ 277.453689][ T8225] name failslab, interval 1, probability 0, space 0, times 0 [ 277.466811][ T8225] CPU: 1 UID: 0 PID: 8225 Comm: syz.2.501 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 277.466856][ T8225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 277.466876][ T8225] Call Trace: [ 277.466887][ T8225] [ 277.466900][ T8225] dump_stack_lvl+0x16c/0x1f0 [ 277.466952][ T8225] should_fail_ex+0x512/0x640 [ 277.466999][ T8225] ? __kmalloc_noprof+0xbf/0x510 [ 277.467039][ T8225] ? __register_sysctl_table+0xea2/0x1900 [ 277.467075][ T8225] should_failslab+0xc2/0x120 [ 277.467114][ T8225] __kmalloc_noprof+0xd2/0x510 [ 277.467145][ T8225] ? __register_sysctl_table+0xe8e/0x1900 [ 277.467190][ T8225] __register_sysctl_table+0xea2/0x1900 [ 277.467236][ T8225] ? __pfx___register_sysctl_table+0x10/0x10 [ 277.467273][ T8225] ? is_module_address+0x69/0xf0 [ 277.467316][ T8225] ? register_net_sysctl_sz+0x228/0x3e0 [ 277.467388][ T8225] __devinet_sysctl_register+0x1b9/0x360 [ 277.467438][ T8225] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 277.467478][ T8225] ? trace_kmalloc+0x2b/0xd0 [ 277.467523][ T8225] ? devinet_init_net+0xeb/0x910 [ 277.467566][ T8225] ? __asan_memcpy+0x3c/0x60 [ 277.467623][ T8225] devinet_init_net+0x347/0x910 [ 277.467667][ T8225] ? __pfx_devinet_init_net+0x10/0x10 [ 277.467707][ T8225] ops_init+0x1df/0x5f0 [ 277.467750][ T8225] setup_net+0x21e/0x850 [ 277.467800][ T8225] ? __pfx_setup_net+0x10/0x10 [ 277.467836][ T8225] ? lockdep_init_map_type+0x5c/0x280 [ 277.467882][ T8225] ? __pfx_down_read_killable+0x10/0x10 [ 277.467936][ T8225] ? debug_mutex_init+0x37/0x70 [ 277.467993][ T8225] copy_net_ns+0x2a6/0x5f0 [ 277.468041][ T8225] create_new_namespaces+0x3ea/0xad0 [ 277.468087][ T8225] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 277.468128][ T8225] ksys_unshare+0x45b/0xa40 [ 277.468173][ T8225] ? __pfx_ksys_unshare+0x10/0x10 [ 277.468216][ T8225] ? xfd_validate_state+0x5d/0x180 [ 277.468277][ T8225] ? rcu_is_watching+0x12/0xc0 [ 277.468318][ T8225] __x64_sys_unshare+0x31/0x40 [ 277.468370][ T8225] do_syscall_64+0xcd/0x230 [ 277.468420][ T8225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.468453][ T8225] RIP: 0033:0x7f6cdcb8e969 [ 277.468480][ T8225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.468512][ T8225] RSP: 002b:00007f6cdd918038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 277.468544][ T8225] RAX: ffffffffffffffda RBX: 00007f6cdcdb5fa0 RCX: 00007f6cdcb8e969 [ 277.468565][ T8225] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 277.468584][ T8225] RBP: 00007f6cdcc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 277.468604][ T8225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.468622][ T8225] R13: 0000000000000000 R14: 00007f6cdcdb5fa0 R15: 00007fff3518e0c8 [ 277.468663][ T8225] [ 277.468785][ T8225] sysctl could not get directory: [ 277.535693][ T8231] netlink: 504 bytes leftover after parsing attributes in process `syz.2.501'. [ 277.540822][ T8225] /net/ipv4/conf/default -12 [ 277.826051][ T8209] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 278.328422][ T8246] svc: failed to register nfsdv3 RPC service (errno 111). [ 278.377635][ T8246] svc: failed to register nfsaclv3 RPC service (errno 111). [ 279.298165][ T5885] Process accounting resumed [ 279.732178][ T8266] random: crng reseeded on system resumption [ 280.527028][ T8268] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 281.172810][ T8280] FAULT_INJECTION: forcing a failure. [ 281.172810][ T8280] name failslab, interval 1, probability 0, space 0, times 0 [ 281.205107][ T8280] CPU: 1 UID: 0 PID: 8280 Comm: syz.2.516 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 281.205153][ T8280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 281.205172][ T8280] Call Trace: [ 281.205182][ T8280] [ 281.205196][ T8280] dump_stack_lvl+0x16c/0x1f0 [ 281.205281][ T8280] should_fail_ex+0x512/0x640 [ 281.205327][ T8280] ? fs_reclaim_acquire+0xae/0x150 [ 281.205377][ T8280] ? tomoyo_encode2+0x100/0x3e0 [ 281.205420][ T8280] should_failslab+0xc2/0x120 [ 281.205460][ T8280] __kmalloc_noprof+0xd2/0x510 [ 281.205495][ T8280] ? d_absolute_path+0x136/0x1a0 [ 281.205542][ T8280] tomoyo_encode2+0x100/0x3e0 [ 281.205591][ T8280] tomoyo_encode+0x29/0x50 [ 281.205634][ T8280] tomoyo_realpath_from_path+0x18f/0x6e0 [ 281.205691][ T8280] tomoyo_path_number_perm+0x245/0x580 [ 281.205729][ T8280] ? tomoyo_path_number_perm+0x237/0x580 [ 281.205767][ T8280] ? do_raw_spin_unlock+0x144/0x230 [ 281.205817][ T8280] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 281.205900][ T8280] ? find_held_lock+0x2b/0x80 [ 281.205930][ T8280] ? hook_file_ioctl_common+0x145/0x410 [ 281.205976][ T8280] ? __fget_files+0x20e/0x3c0 [ 281.206029][ T8280] security_file_ioctl+0x9b/0x240 [ 281.206073][ T8280] __x64_sys_ioctl+0xb7/0x200 [ 281.206122][ T8280] do_syscall_64+0xcd/0x230 [ 281.206171][ T8280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.206205][ T8280] RIP: 0033:0x7f6cdcb8e969 [ 281.206230][ T8280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.206269][ T8280] RSP: 002b:00007f6cdd918038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.206299][ T8280] RAX: ffffffffffffffda RBX: 00007f6cdcdb5fa0 RCX: 00007f6cdcb8e969 [ 281.206321][ T8280] RDX: 00002000000000c0 RSI: 0000000040345410 RDI: 000000000000000a [ 281.206341][ T8280] RBP: 00007f6cdcc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 281.206361][ T8280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.206380][ T8280] R13: 0000000000000000 R14: 00007f6cdcdb5fa0 R15: 00007fff3518e0c8 [ 281.206422][ T8280] [ 281.206451][ T8280] ERROR: Out of memory at tomoyo_realpath_from_path. [ 281.634039][ T8289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.711748][ T8289] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.919899][ T30] audit: type=1804 audit(6041325103.356:6): pid=8298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.519" name="/newroot/sys/kernel/tracing/tracing_cpumask" dev="tracefs" ino=1260 res=1 errno=0 [ 282.282841][ T8309] FAULT_INJECTION: forcing a failure. [ 282.282841][ T8309] name failslab, interval 1, probability 0, space 0, times 0 [ 282.306436][ T8309] CPU: 0 UID: 0 PID: 8309 Comm: syz.3.521 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 282.306487][ T8309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 282.306507][ T8309] Call Trace: [ 282.306518][ T8309] [ 282.306532][ T8309] dump_stack_lvl+0x16c/0x1f0 [ 282.306589][ T8309] should_fail_ex+0x512/0x640 [ 282.306635][ T8309] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 282.306680][ T8309] should_failslab+0xc2/0x120 [ 282.306722][ T8309] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 282.306762][ T8309] ? acpi_ut_create_integer_object+0x64/0x180 [ 282.306817][ T8309] ? acpi_ds_init_aml_walk+0x2d3/0x590 [ 282.306875][ T8309] acpi_ut_create_integer_object+0x64/0x180 [ 282.306930][ T8309] acpi_ps_execute_method+0x516/0xb30 [ 282.306979][ T8309] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 282.307033][ T8309] acpi_ns_evaluate+0x76c/0xca0 [ 282.307082][ T8309] ? kasan_save_track+0x14/0x30 [ 282.307122][ T8309] acpi_evaluate_object+0x1fa/0xa90 [ 282.307162][ T8309] ? do_syscall_64+0xcd/0x230 [ 282.307207][ T8309] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.307245][ T8309] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 282.307283][ T8309] ? __mutex_trylock_common+0xe9/0x250 [ 282.307335][ T8309] acpi_evaluate_integer+0xdd/0x200 [ 282.307391][ T8309] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 282.307467][ T8309] ? __pfx_status_show+0x10/0x10 [ 282.307505][ T8309] status_show+0xa0/0x120 [ 282.307543][ T8309] ? __pfx_status_show+0x10/0x10 [ 282.307594][ T8309] dev_attr_show+0x53/0xe0 [ 282.307639][ T8309] ? __pfx_dev_attr_show+0x10/0x10 [ 282.307680][ T8309] sysfs_kf_seq_show+0x213/0x3e0 [ 282.307738][ T8309] seq_read_iter+0x506/0x12c0 [ 282.307809][ T8309] kernfs_fop_read_iter+0x40f/0x5a0 [ 282.307864][ T8309] ? rw_verify_area+0xcf/0x680 [ 282.307922][ T8309] vfs_read+0x8c8/0xc70 [ 282.307960][ T8309] ? __pfx___mutex_lock+0x10/0x10 [ 282.308008][ T8309] ? __pfx_vfs_read+0x10/0x10 [ 282.308070][ T8309] ksys_read+0x12a/0x240 [ 282.308102][ T8309] ? __pfx_ksys_read+0x10/0x10 [ 282.308130][ T8309] ? rcu_is_watching+0x12/0xc0 [ 282.308174][ T8309] do_syscall_64+0xcd/0x230 [ 282.308226][ T8309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.308260][ T8309] RIP: 0033:0x7fddb4b8e969 [ 282.308289][ T8309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.308321][ T8309] RSP: 002b:00007fddb5993038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 282.308352][ T8309] RAX: ffffffffffffffda RBX: 00007fddb4db5fa0 RCX: 00007fddb4b8e969 [ 282.308374][ T8309] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003 [ 282.308394][ T8309] RBP: 00007fddb4c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 282.308414][ T8309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.308434][ T8309] R13: 0000000000000000 R14: 00007fddb4db5fa0 R15: 00007fff70010228 [ 282.308478][ T8309] [ 282.308493][ T8309] ACPI Error: Could not allocate an object descriptor (20240827/utobject-180) [ 282.805129][ T8309] ACPI Error: ffff8880642a9000 walk still has a scope list (20240827/dswstate-694) [ 282.880878][ T8317] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 283.389972][ T8328] openvswitch: ovs_ÿþ: Dropping previously announced user features [ 284.003024][ T8337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 284.041987][ T8337] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 285.464806][ T8356] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(3743150687.229344274.3283233628), cmd(17) [ 286.835393][ T8384] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 286.877724][ T8384] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 289.182386][ T8442] FAULT_INJECTION: forcing a failure. [ 289.182386][ T8442] name failslab, interval 1, probability 0, space 0, times 0 [ 289.349069][ T8442] CPU: 0 UID: 0 PID: 8442 Comm: syz.2.549 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 289.349114][ T8442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 289.349132][ T8442] Call Trace: [ 289.349143][ T8442] [ 289.349156][ T8442] dump_stack_lvl+0x16c/0x1f0 [ 289.349205][ T8442] should_fail_ex+0x512/0x640 [ 289.349248][ T8442] ? fs_reclaim_acquire+0xae/0x150 [ 289.349299][ T8442] ? usb_alloc_urb+0x66/0xa0 [ 289.349325][ T8442] should_failslab+0xc2/0x120 [ 289.349362][ T8442] __kmalloc_noprof+0xd2/0x510 [ 289.349405][ T8442] usb_alloc_urb+0x66/0xa0 [ 289.349434][ T8442] usb_control_msg+0x1d3/0x4a0 [ 289.349468][ T8442] ? __pfx_usb_control_msg+0x10/0x10 [ 289.349513][ T8442] hub_ext_port_status+0x14e/0x670 [ 289.349593][ T8442] hub_activate+0x6e5/0x1be0 [ 289.349640][ T8442] ? __pfx_hub_activate+0x10/0x10 [ 289.349671][ T8442] ? find_held_lock+0x2b/0x80 [ 289.349703][ T8442] ? usbdev_notify+0x300/0x370 [ 289.349752][ T8442] ? usbfs_notify_resume+0x25/0xf0 [ 289.349790][ T8442] hub_resume+0xa8/0x3f0 [ 289.349824][ T8442] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 289.349870][ T8442] ? __pfx_hub_resume+0x10/0x10 [ 289.349904][ T8442] ? __pfx_hcd_bus_resume+0x10/0x10 [ 289.349961][ T8442] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 289.350013][ T8442] usb_resume_both+0x273/0x800 [ 289.350059][ T8442] ? __pfx_usb_resume_both+0x10/0x10 [ 289.350103][ T8442] ? __pfx_usb_runtime_resume+0x10/0x10 [ 289.350153][ T8442] ? __pfx_usb_runtime_resume+0x10/0x10 [ 289.350202][ T8442] __rpm_callback+0xc5/0x610 [ 289.350237][ T8442] ? __pfx_usb_runtime_resume+0x10/0x10 [ 289.350284][ T8442] rpm_callback+0x1b7/0x200 [ 289.350314][ T8442] ? __pfx_usb_runtime_resume+0x10/0x10 [ 289.350361][ T8442] rpm_resume+0xd0a/0x1310 [ 289.350389][ T8442] ? trace_contention_end+0x121/0x130 [ 289.350441][ T8442] ? __pfx_rpm_resume+0x10/0x10 [ 289.350469][ T8442] ? do_raw_spin_lock+0x12c/0x2b0 [ 289.350515][ T8442] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 289.350586][ T8442] __pm_runtime_resume+0xb6/0x170 [ 289.350622][ T8442] usb_autoresume_device+0x23/0xe0 [ 289.350671][ T8442] usbdev_open+0x228/0x8b0 [ 289.350720][ T8442] ? kobject_get_unless_zero+0x156/0x1e0 [ 289.350776][ T8442] ? __pfx_usbdev_open+0x10/0x10 [ 289.350825][ T8442] ? chrdev_open+0x10b/0x6a0 [ 289.350863][ T8442] ? __pfx_usbdev_open+0x10/0x10 [ 289.350918][ T8442] chrdev_open+0x231/0x6a0 [ 289.350949][ T8442] ? __pfx_apparmor_file_open+0x10/0x10 [ 289.350988][ T8442] ? __pfx_chrdev_open+0x10/0x10 [ 289.351024][ T8442] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 289.351081][ T8442] do_dentry_open+0x741/0x1c10 [ 289.351114][ T8442] ? __pfx_chrdev_open+0x10/0x10 [ 289.351152][ T8442] vfs_open+0x82/0x3f0 [ 289.351195][ T8442] path_openat+0x1e5e/0x2d40 [ 289.351240][ T8442] ? __pfx_path_openat+0x10/0x10 [ 289.351279][ T8442] do_filp_open+0x20b/0x470 [ 289.351310][ T8442] ? __pfx_do_filp_open+0x10/0x10 [ 289.351368][ T8442] ? alloc_fd+0x471/0x7d0 [ 289.351429][ T8442] do_sys_openat2+0x11b/0x1d0 [ 289.351472][ T8442] ? __pfx_do_sys_openat2+0x10/0x10 [ 289.351532][ T8442] __x64_sys_openat+0x174/0x210 [ 289.351677][ T8442] ? __pfx___x64_sys_openat+0x10/0x10 [ 289.351725][ T8442] ? rcu_is_watching+0x12/0xc0 [ 289.351764][ T8442] do_syscall_64+0xcd/0x230 [ 289.351824][ T8442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.351863][ T8442] RIP: 0033:0x7f6cdcb8e969 [ 289.351890][ T8442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.351920][ T8442] RSP: 002b:00007f6cda9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 289.351949][ T8442] RAX: ffffffffffffffda RBX: 00007f6cdcdb6080 RCX: 00007f6cdcb8e969 [ 289.351969][ T8442] RDX: 000000000002ab01 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 289.351990][ T8442] RBP: 00007f6cdcc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 289.352010][ T8442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.352028][ T8442] R13: 0000000000000000 R14: 00007f6cdcdb6080 R15: 00007fff3518e0c8 [ 289.352067][ T8442] [ 289.955159][ T8442] hub 24-0:1.0: hub_ext_port_status failed (err = -12) [ 294.283802][ T8519] ptrace attach of "./syz-executor exec"[5839] was attempted by "./syz-executor exec"[8519] [ 294.413886][ T8519] loop6: detected capacity change from 0 to 8192 [ 296.902901][ T8549] Invalid ELF header magic: != ELF [ 299.659376][ T8611] netlink: 16 bytes leftover after parsing attributes in process `syz.0.588'. [ 300.911013][ T8641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'. [ 301.665460][ T8648] 0x000200000001-0xa29656a63616329 : "" [ 301.681360][ T8648] mtd: partition "" is out of reach -- disabled [ 301.705390][ T8660] netlink: 8 bytes leftover after parsing attributes in process `syz.1.600'. [ 301.757319][ T8648] ftl_cs: FTL header not found. [ 302.808948][ T8677] Invalid ELF header magic: != ELF [ 303.014670][ T8683] netlink: 8 bytes leftover after parsing attributes in process `syz.0.605'. [ 304.527336][ T8709] FAULT_INJECTION: forcing a failure. [ 304.527336][ T8709] name failslab, interval 1, probability 0, space 0, times 0 [ 304.571204][ T8709] CPU: 0 UID: 0 PID: 8709 Comm: syz.1.613 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 304.571254][ T8709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 304.571274][ T8709] Call Trace: [ 304.571285][ T8709] [ 304.571297][ T8709] dump_stack_lvl+0x16c/0x1f0 [ 304.571350][ T8709] should_fail_ex+0x512/0x640 [ 304.571401][ T8709] ? fs_reclaim_acquire+0xae/0x150 [ 304.571456][ T8709] ? tomoyo_encode2+0x100/0x3e0 [ 304.571500][ T8709] should_failslab+0xc2/0x120 [ 304.571541][ T8709] __kmalloc_noprof+0xd2/0x510 [ 304.571575][ T8709] ? d_absolute_path+0x136/0x1a0 [ 304.571622][ T8709] tomoyo_encode2+0x100/0x3e0 [ 304.571673][ T8709] tomoyo_encode+0x29/0x50 [ 304.571717][ T8709] tomoyo_realpath_from_path+0x18f/0x6e0 [ 304.571775][ T8709] tomoyo_check_open_permission+0x2ab/0x3c0 [ 304.571817][ T8709] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 304.571901][ T8709] ? do_raw_spin_lock+0x12c/0x2b0 [ 304.571964][ T8709] tomoyo_file_open+0x6b/0x90 [ 304.572017][ T8709] security_file_open+0x84/0x1e0 [ 304.572062][ T8709] do_dentry_open+0x596/0x1c10 [ 304.572108][ T8709] vfs_open+0x82/0x3f0 [ 304.572164][ T8709] path_openat+0x1e5e/0x2d40 [ 304.572213][ T8709] ? __pfx_path_openat+0x10/0x10 [ 304.572257][ T8709] do_filp_open+0x20b/0x470 [ 304.572289][ T8709] ? __pfx_do_filp_open+0x10/0x10 [ 304.572352][ T8709] ? alloc_fd+0x471/0x7d0 [ 304.572415][ T8709] do_sys_openat2+0x11b/0x1d0 [ 304.572458][ T8709] ? __pfx_do_sys_openat2+0x10/0x10 [ 304.572505][ T8709] ? __sys_sendmsg+0x199/0x220 [ 304.572552][ T8709] __x64_sys_openat+0x174/0x210 [ 304.572597][ T8709] ? __pfx___x64_sys_openat+0x10/0x10 [ 304.572644][ T8709] ? rcu_is_watching+0x12/0xc0 [ 304.572687][ T8709] do_syscall_64+0xcd/0x230 [ 304.572735][ T8709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.572768][ T8709] RIP: 0033:0x7f9e2e98e969 [ 304.572794][ T8709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.572825][ T8709] RSP: 002b:00007f9e2f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 304.572855][ T8709] RAX: ffffffffffffffda RBX: 00007f9e2ebb5fa0 RCX: 00007f9e2e98e969 [ 304.572876][ T8709] RDX: 0000000000080100 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 304.572897][ T8709] RBP: 00007f9e2ea10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 304.572917][ T8709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.572935][ T8709] R13: 0000000000000000 R14: 00007f9e2ebb5fa0 R15: 00007fff066e8f38 [ 304.572977][ T8709] [ 304.573057][ T8709] ERROR: Out of memory at tomoyo_realpath_from_path. [ 305.126073][ T8709] FAULT_INJECTION: forcing a failure. [ 305.126073][ T8709] name failslab, interval 1, probability 0, space 0, times 0 [ 305.171351][ T8709] CPU: 1 UID: 0 PID: 8709 Comm: syz.1.613 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 305.171398][ T8709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 305.171417][ T8709] Call Trace: [ 305.171427][ T8709] [ 305.171440][ T8709] dump_stack_lvl+0x16c/0x1f0 [ 305.171495][ T8709] should_fail_ex+0x512/0x640 [ 305.171541][ T8709] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 305.171583][ T8709] should_failslab+0xc2/0x120 [ 305.171623][ T8709] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 305.171662][ T8709] ? __d_alloc+0x31/0xaa0 [ 305.171700][ T8709] __d_alloc+0x31/0xaa0 [ 305.171738][ T8709] d_alloc+0x4a/0x1e0 [ 305.171774][ T8709] d_alloc_parallel+0xe3/0x12e0 [ 305.171837][ T8709] ? __pfx_d_alloc_parallel+0x10/0x10 [ 305.171878][ T8709] ? __lock_acquire+0xaa4/0x1ba0 [ 305.171924][ T8709] ? lockdep_init_map_type+0x5c/0x280 [ 305.171970][ T8709] ? lockdep_init_map_type+0x5c/0x280 [ 305.172023][ T8709] __lookup_slow+0x193/0x460 [ 305.172075][ T8709] ? __pfx___lookup_slow+0x10/0x10 [ 305.172144][ T8709] ? lookup_fast+0x156/0x610 [ 305.172189][ T8709] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 305.172246][ T8709] walk_component+0x353/0x5b0 [ 305.172299][ T8709] link_path_walk.part.0.constprop.0+0x685/0xd60 [ 305.172369][ T8709] path_openat+0x227/0x2d40 [ 305.172397][ T8709] ? __x64_sys_openat+0x174/0x210 [ 305.172464][ T8709] ? __pfx_path_openat+0x10/0x10 [ 305.172508][ T8709] do_filp_open+0x20b/0x470 [ 305.172540][ T8709] ? __pfx_do_filp_open+0x10/0x10 [ 305.172602][ T8709] ? alloc_fd+0x471/0x7d0 [ 305.172665][ T8709] do_sys_openat2+0x11b/0x1d0 [ 305.172710][ T8709] ? __pfx_do_sys_openat2+0x10/0x10 [ 305.172757][ T8709] ? __pfx___might_resched+0x10/0x10 [ 305.172803][ T8709] __x64_sys_openat+0x174/0x210 [ 305.172850][ T8709] ? __pfx___x64_sys_openat+0x10/0x10 [ 305.172897][ T8709] ? rcu_is_watching+0x12/0xc0 [ 305.172940][ T8709] do_syscall_64+0xcd/0x230 [ 305.172990][ T8709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.173024][ T8709] RIP: 0033:0x7f9e2e98e969 [ 305.173058][ T8709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.173091][ T8709] RSP: 002b:00007f9e2f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 305.173124][ T8709] RAX: ffffffffffffffda RBX: 00007f9e2ebb5fa0 RCX: 00007f9e2e98e969 [ 305.173146][ T8709] RDX: 0000000000080302 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 305.173167][ T8709] RBP: 00007f9e2ea10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 305.173188][ T8709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 305.173207][ T8709] R13: 0000000000000000 R14: 00007f9e2ebb5fa0 R15: 00007fff066e8f38 [ 305.173249][ T8709] [ 306.281187][ T8735] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 306.331801][ T8735] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 306.587602][ T8746] FAULT_INJECTION: forcing a failure. [ 306.587602][ T8746] name failslab, interval 1, probability 0, space 0, times 0 [ 306.631222][ T8746] CPU: 1 UID: 0 PID: 8746 Comm: syz.3.621 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 306.631268][ T8746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 306.631287][ T8746] Call Trace: [ 306.631297][ T8746] [ 306.631309][ T8746] dump_stack_lvl+0x16c/0x1f0 [ 306.631356][ T8746] should_fail_ex+0x512/0x640 [ 306.631401][ T8746] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 306.631456][ T8746] ? __pfx_blk_mq_debugfs_open+0x10/0x10 [ 306.631493][ T8746] should_failslab+0xc2/0x120 [ 306.631533][ T8746] __kmalloc_cache_noprof+0x6a/0x3e0 [ 306.631586][ T8746] ? single_open+0x4d/0x1f0 [ 306.631629][ T8746] ? __pfx_blk_mq_debugfs_open+0x10/0x10 [ 306.631663][ T8746] ? __pfx_blk_mq_debugfs_show+0x10/0x10 [ 306.631694][ T8746] single_open+0x4d/0x1f0 [ 306.631735][ T8746] blk_mq_debugfs_open+0x14a/0x250 [ 306.631773][ T8746] full_proxy_open_regular+0x1b6/0x360 [ 306.631819][ T8746] do_dentry_open+0x741/0x1c10 [ 306.631855][ T8746] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 306.631903][ T8746] vfs_open+0x82/0x3f0 [ 306.631950][ T8746] path_openat+0x1e5e/0x2d40 [ 306.631999][ T8746] ? __pfx_path_openat+0x10/0x10 [ 306.632042][ T8746] do_filp_open+0x20b/0x470 [ 306.632076][ T8746] ? __pfx_do_filp_open+0x10/0x10 [ 306.632150][ T8746] ? alloc_fd+0x471/0x7d0 [ 306.632214][ T8746] do_sys_openat2+0x11b/0x1d0 [ 306.632257][ T8746] ? __pfx_do_sys_openat2+0x10/0x10 [ 306.632304][ T8746] ? __pfx___might_resched+0x10/0x10 [ 306.632351][ T8746] __x64_sys_openat+0x174/0x210 [ 306.632397][ T8746] ? __pfx___x64_sys_openat+0x10/0x10 [ 306.632443][ T8746] ? rcu_is_watching+0x12/0xc0 [ 306.632485][ T8746] do_syscall_64+0xcd/0x230 [ 306.632534][ T8746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.632566][ T8746] RIP: 0033:0x7fddb4b8e969 [ 306.632590][ T8746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.632621][ T8746] RSP: 002b:00007fddb5993038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 306.632652][ T8746] RAX: ffffffffffffffda RBX: 00007fddb4db5fa0 RCX: 00007fddb4b8e969 [ 306.632674][ T8746] RDX: 0000000000143642 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 306.632694][ T8746] RBP: 00007fddb4c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 306.632713][ T8746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.632731][ T8746] R13: 0000000000000000 R14: 00007fddb4db5fa0 R15: 00007fff70010228 [ 306.632773][ T8746] [ 306.640851][ T8746] sock: sock_timestamping_bind_phc: sock not bind to device [ 306.928149][ T8752] netlink: 20 bytes leftover after parsing attributes in process `syz.1.623'. [ 310.260084][ T55] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 310.712835][ T8782] netlink: 4 bytes leftover after parsing attributes in process `syz.0.630'. [ 311.711184][ T8805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.768789][ T8805] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 313.401840][ T8821] netlink: 346 bytes leftover after parsing attributes in process `syz.3.637'. [ 314.660037][ T8824] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 315.362415][ T8849] loop6: detected capacity change from 8192 to 0 [ 315.411806][ T8849] [ 315.414210][ T8849] ====================================================== [ 315.421265][ T8849] WARNING: possible circular locking dependency detected [ 315.428320][ T8849] 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 Not tainted [ 315.435466][ T8849] ------------------------------------------------------ [ 315.442529][ T8849] syz.2.641/8849 is trying to acquire lock: [ 315.448452][ T8849] ffffffff90684fe8 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_env+0xb36/0x1870 [ 315.458301][ T8849] [ 315.458301][ T8849] but task is already holding lock: [ 315.465710][ T8849] ffff888025dd5868 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 315.477060][ T8849] [ 315.477060][ T8849] which lock already depends on the new lock. [ 315.477060][ T8849] [ 315.487502][ T8849] [ 315.487502][ T8849] the existing dependency chain (in reverse order) is: [ 315.496532][ T8849] [ 315.496532][ T8849] -> #2 (&q->q_usage_counter(io)#23){++++}-{0:0}: [ 315.505180][ T8849] blk_alloc_queue+0x619/0x760 [ 315.510520][ T8849] blk_mq_alloc_queue+0x179/0x290 [ 315.516099][ T8849] __blk_mq_alloc_disk+0x29/0x120 [ 315.521687][ T8849] loop_add+0x496/0xb70 [ 315.526407][ T8849] loop_init+0x164/0x270 [ 315.531218][ T8849] do_one_initcall+0x120/0x6e0 [ 315.536552][ T8849] kernel_init_freeable+0x5c2/0x900 [ 315.542332][ T8849] kernel_init+0x1c/0x2b0 [ 315.547225][ T8849] ret_from_fork+0x45/0x80 [ 315.552209][ T8849] ret_from_fork_asm+0x1a/0x30 [ 315.557558][ T8849] [ 315.557558][ T8849] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 315.564797][ T8849] fs_reclaim_acquire+0x102/0x150 [ 315.570388][ T8849] kmem_cache_alloc_node_noprof+0x57/0x3b0 [ 315.576754][ T8849] __alloc_skb+0x2b2/0x380 [ 315.581710][ T8849] alloc_uevent_skb+0x7d/0x210 [ 315.587021][ T8849] kobject_uevent_env+0xca4/0x1870 [ 315.592676][ T8849] kobject_synth_uevent+0x7d4/0x8a0 [ 315.598413][ T8849] bus_uevent_store+0x3d/0x90 [ 315.603673][ T8849] bus_attr_store+0x71/0xb0 [ 315.608754][ T8849] sysfs_kf_write+0xef/0x150 [ 315.613907][ T8849] kernfs_fop_write_iter+0x351/0x510 [ 315.619732][ T8849] vfs_write+0x5ba/0x1180 [ 315.624601][ T8849] ksys_write+0x12a/0x240 [ 315.629464][ T8849] do_syscall_64+0xcd/0x230 [ 315.634517][ T8849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.640956][ T8849] [ 315.640956][ T8849] -> #0 (uevent_sock_mutex){+.+.}-{4:4}: [ 315.648811][ T8849] __lock_acquire+0x1173/0x1ba0 [ 315.654211][ T8849] lock_acquire+0x179/0x350 [ 315.659263][ T8849] __mutex_lock+0x199/0xb90 [ 315.664309][ T8849] kobject_uevent_env+0xb36/0x1870 [ 315.669956][ T8849] loop_set_status+0x9c7/0xb90 [ 315.675276][ T8849] lo_ioctl+0x7e6/0x27e0 [ 315.680058][ T8849] blkdev_ioctl+0x274/0x6d0 [ 315.685096][ T8849] __x64_sys_ioctl+0x190/0x200 [ 315.690400][ T8849] do_syscall_64+0xcd/0x230 [ 315.695446][ T8849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.701881][ T8849] [ 315.701881][ T8849] other info that might help us debug this: [ 315.701881][ T8849] [ 315.712121][ T8849] Chain exists of: [ 315.712121][ T8849] uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#23 [ 315.712121][ T8849] [ 315.725895][ T8849] Possible unsafe locking scenario: [ 315.725895][ T8849] [ 315.733347][ T8849] CPU0 CPU1 [ 315.738714][ T8849] ---- ---- [ 315.744082][ T8849] lock(&q->q_usage_counter(io)#23); [ 315.749476][ T8849] lock(fs_reclaim); [ 315.756002][ T8849] lock(&q->q_usage_counter(io)#23); [ 315.763910][ T8849] lock(uevent_sock_mutex); [ 315.768512][ T8849] [ 315.768512][ T8849] *** DEADLOCK *** [ 315.768512][ T8849] [ 315.776752][ T8849] 3 locks held by syz.2.641/8849: [ 315.781780][ T8849] #0: ffff888025f19368 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2a/0xb90 [ 315.791229][ T8849] #1: ffff888025dd5868 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 315.802984][ T8849] #2: ffff888025dd58a0 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 315.814955][ T8849] [ 315.814955][ T8849] stack backtrace: [ 315.820852][ T8849] CPU: 1 UID: 0 PID: 8849 Comm: syz.2.641 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 315.820883][ T8849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 315.820897][ T8849] Call Trace: [ 315.820905][ T8849] [ 315.820913][ T8849] dump_stack_lvl+0x116/0x1f0 [ 315.820949][ T8849] print_circular_bug+0x275/0x350 [ 315.820980][ T8849] check_noncircular+0x14c/0x170 [ 315.821012][ T8849] __lock_acquire+0x1173/0x1ba0 [ 315.821057][ T8849] lock_acquire+0x179/0x350 [ 315.821095][ T8849] ? kobject_uevent_env+0xb36/0x1870 [ 315.821124][ T8849] ? __pfx___might_resched+0x10/0x10 [ 315.821161][ T8849] __mutex_lock+0x199/0xb90 [ 315.821193][ T8849] ? kobject_uevent_env+0xb36/0x1870 [ 315.821216][ T8849] ? kobject_uevent_env+0xb36/0x1870 [ 315.821255][ T8849] ? __pfx___mutex_lock+0x10/0x10 [ 315.821292][ T8849] ? __asan_memcpy+0x3c/0x60 [ 315.821329][ T8849] ? kobject_get_path+0x8e/0x2a0 [ 315.821365][ T8849] ? kobject_uevent_env+0xb36/0x1870 [ 315.821386][ T8849] kobject_uevent_env+0xb36/0x1870 [ 315.821410][ T8849] ? __asan_memcpy+0x3c/0x60 [ 315.821448][ T8849] loop_set_status+0x9c7/0xb90 [ 315.821487][ T8849] lo_ioctl+0x7e6/0x27e0 [ 315.821521][ T8849] ? kasan_save_stack+0x42/0x60 [ 315.821544][ T8849] ? kasan_save_stack+0x33/0x60 [ 315.821567][ T8849] ? kasan_save_track+0x14/0x30 [ 315.821590][ T8849] ? kasan_save_free_info+0x3b/0x60 [ 315.821625][ T8849] ? __kasan_slab_free+0x51/0x70 [ 315.821649][ T8849] ? kfree+0x2b6/0x4d0 [ 315.821684][ T8849] ? tomoyo_path_number_perm+0x470/0x580 [ 315.821712][ T8849] ? security_file_ioctl+0x9b/0x240 [ 315.821740][ T8849] ? __x64_sys_ioctl+0xb7/0x200 [ 315.821771][ T8849] ? do_syscall_64+0xcd/0x230 [ 315.821803][ T8849] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.821831][ T8849] ? __pfx_lo_ioctl+0x10/0x10 [ 315.821882][ T8849] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 315.821915][ T8849] ? blkdev_common_ioctl+0x1dd/0x2480 [ 315.821941][ T8849] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 315.821969][ T8849] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 315.822000][ T8849] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 315.822028][ T8849] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 315.822068][ T8849] ? find_held_lock+0x2b/0x80 [ 315.822090][ T8849] ? __pfx_lo_ioctl+0x10/0x10 [ 315.822122][ T8849] blkdev_ioctl+0x274/0x6d0 [ 315.822148][ T8849] ? __pfx_blkdev_ioctl+0x10/0x10 [ 315.822178][ T8849] ? __pfx_blkdev_ioctl+0x10/0x10 [ 315.822204][ T8849] __x64_sys_ioctl+0x190/0x200 [ 315.822244][ T8849] do_syscall_64+0xcd/0x230 [ 315.822277][ T8849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.822301][ T8849] RIP: 0033:0x7f6cdcb8e969 [ 315.822320][ T8849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.822343][ T8849] RSP: 002b:00007f6cda9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.822365][ T8849] RAX: ffffffffffffffda RBX: 00007f6cdcdb6080 RCX: 00007f6cdcb8e969 [ 315.822381][ T8849] RDX: 0000000000000000 RSI: 0000000000004c04 RDI: 000000000000000f [ 315.822395][ T8849] RBP: 00007f6cdcc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 315.822410][ T8849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.822424][ T8849] R13: 0000000000000000 R14: 00007f6cdcdb6080 R15: 00007fff3518e0c8 [ 315.822445][ T8849]