last executing test programs: 11.07594325s ago: executing program 2 (id=736): mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r1 = mq_open$auto(&(0x7f0000000040)='$\x15.\\]/(:\x00', 0x5, 0x40, &(0x7f0000000080)={0xfffffffffffffffe, 0x10001, 0x4}) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1d0}, 0x8880) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x5, 0x400020009, 0x10000000000df, 0x13, r0, 0x80000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1d, 0x1, 0xa) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x80c00, 0x0) ioctl$auto(0x3, 0x80081270, 0x38) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) semctl$auto_SETALL(0x2, 0x6, 0x11, 0xe4b) 9.375988219s ago: executing program 2 (id=746): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000000)=0x7f67) (fail_nth: 1) 9.301789192s ago: executing program 1 (id=747): openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, 0x0, 0x200, 0x0) ioperm$auto(0x0, 0x7, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0x1, 0x1, 0x81, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x401, 0x5, 0x4, @inferred, @integer={0xdbe, 0x255, 0x8}, "7a9fc199a16a2311eacf2fc7ae1d8778dc618090334fdd73340238d21000debe0eda71bdd709254592b67f9cb5adb17884a16f7ce8cbce0bb32791702b8d7c2d"}) bpf$auto(0x8000000, &(0x7f0000000000)=@query={@target_fd=r0, 0x4, 0xa93, 0x8f, 0x5, @prog_cnt=0x3, 0x0, 0x2, 0x3, 0xbc16, 0xfffffffffffffff7}, 0x0) r1 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x11}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00"}, 0x55) mmap$auto(0x0, 0x12000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r2 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$auto_mISDN_fops_timerdev(r2, &(0x7f0000001a00)=""/4097, 0x1001) ioctl$auto_IMADDTIMER(r2, 0x80044940, 0x0) 8.387733531s ago: executing program 1 (id=749): sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)={0x220, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@THERMAL_GENL_ATTR_TZ_ID={0x8, 0x2, 0x8}, @THERMAL_GENL_ATTR_TZ_GOV_NAME={0x48, 0xe, '/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/mtu\x00'}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_PERFORMANCE={0x8, 0x17, 0x2}, @THERMAL_GENL_ATTR_CDEV={0x1b4, 0xf, 0x0, 0x1, [@typed={0x4, 0x141}, @nested={0x4c, 0x46, 0x0, 0x1, [@typed={0x48, 0x32, 0x0, 0x0, @str='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/mtu\x00'}]}, @typed={0xc, 0x14b, 0x0, 0x0, @u64=0xa000}, @nested={0x13d, 0x6d, 0x0, 0x1, [@nested={0x4, 0x12f}, @typed={0xc, 0x146, 0x0, 0x0, @str='&\xe9+]-+]\x00'}, @typed={0x8, 0x77, 0x0, 0x0, @fd}, @generic="b8b5b2616848ae5fa2515134d65a3933c56cc6a6d921ad9e45183772846a328d0aea50ada50612338e3fa28ebaa6bdd2dba268d58992ef3b8b23137afdc21187a851239cc577cd3528d80f44ab6d5623d17a0384acdd012bb1da1b52274abd81ec4736664490a2af84bead65cbaf920c9ba08889136662673946c6f420ebe2d4d1a6c4ae8d16baa73e000671707e196445a2e90cdfa3eda094968dc8fbdfabc17952a3c72eb6d52dcf032e", @generic="b3a5aaf35204cc706284114537b036978aee345518a7cadc25b59114802720c24bb9a7c0acaf4aa000994848362fd77b6647a8803213cf4687cf88583bdfd16adf5b48b934276ffa3e746ded4bf8bd4e6db49da85879b90ac19b77b9660f25a9455147e4d24c8f540ccdc9e28b6c4fc2fce8de1271a2"]}, @typed={0x14, 0x103, 0x0, 0x0, @ipv6=@loopback}]}]}, 0x220}, 0x1, 0x0, 0x0, 0x4000080}, 0x4040080) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) socket(0x25, 0x1, 0x1) mmap$auto(0x0, 0x7, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x4) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) r2 = gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) kill$auto(r2, 0x4) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc) mmap$auto(0x0, 0x400028, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/mtu\x00', 0x103041, 0x0) mmap$auto(0x0, 0x2030109, 0xb, 0xebf, 0xfffffffffffffffa, 0xa) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp1\x00', 0x80502, 0x0) socket(0x2, 0x1, 0x0) sysfs$auto(0x2, 0x10000000000048, 0x0) fsopen$auto(0x0, 0x1) 7.872900273s ago: executing program 2 (id=753): r0 = socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x40181, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x1, 0x2, 0x3}}, 0x66) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) close_range$auto(0x2, r1, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x400}, 0x4}, 0xfff, 0xb07e) r2 = prctl$auto(0xfffffffd, 0xfffffffffffffffc, 0xffffffffffffffff, 0x7, 0xffff) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x4010744d, 0x0) socket(0x10, 0x2, 0x4) (async) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) (async) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x40181, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x1, 0x2, 0x3}}, 0x66) (async) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) (async) close_range$auto(0x2, r1, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) sendmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x400}, 0x4}, 0xfff, 0xb07e) (async) prctl$auto(0xfffffffd, 0xfffffffffffffffc, 0xffffffffffffffff, 0x7, 0xffff) (async) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x4010744d, 0x0) (async) 6.856976173s ago: executing program 2 (id=757): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket(0x11, 0x80003, 0x304) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYBLOB="000325bd7000fedbdf2525000000"], 0x2c}, 0x1, 0x0, 0x0, 0xc4}, 0x24000081) socket(0x10, 0x2, 0x0) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) mmap$auto(0xec8, 0x2020008, 0x3, 0xeb0, 0xfffffffffffffffa, 0x8001) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cec2\x00', 0x101000, 0x0) prctl$auto_PR_SVE_GET_VL(0x33, 0xfffffffffffffbff, r0, 0xebc1, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x4b72, r2) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getgid() close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) 5.350892691s ago: executing program 2 (id=761): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) syz_clone(0xa0100000, &(0x7f0000000080)="0b80731acc362068bf8c79256e14b4e4e33bfbfb0a3f7806d4ea49c8272bc1c25f432307582f778d49815586bea4963a110017c317f480f0b71b1bc1d8208b0853c3a1832785116a562f56eb98", 0x4d, &(0x7f0000000100), &(0x7f0000000180), 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x101, 0x0, 0x9, 0x0, 0xc, 0xb}, 0x800009}, 0x9, 0x1ffffffc) r1 = io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ftruncate$auto(0x3, 0x800000000008) socket(0x29, 0x2, 0x0) r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x1, 0x3, 0x0, 0x74c) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3b87, 0xa) sendmsg$auto_NLBL_MGMT_C_ADDDEF(r1, &(0x7f00000012c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xc1882110}, 0xc, &(0x7f0000001280)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRESOCT, @ANYBLOB="00dbdf2504000000150001002f64e56a014c346c2d73212b0273dbc24a75626465763300000b9400ee17147d3712d2980b372c5a4b5a33178ecf8d5fff91729d11476098529e8b6fe73a51abc3feff8a520108e7868f9555c65e19a24af974c177ec3c9643a1b9d353849767a0309a5ef51953039f6a034c57cdc60a28dc6002e02644e757049d953445bd54f49c28846fbdaa770b92efb72f72317f5248f5934c838386fef74868b81bb967b28285edcab829c79540fca94a6628e0c82fa07d9ff7e291486ec4c3a5124625ae4489989017abdddf53ecd631f3a806f649b94c9d325020150c7242132c62620ada3a112f100724b59f6717647a2b8d9527a4a4a406985e7d62801e6659fd7f1fbad63bdf025b2617f044740372880801972a56", @ANYBLOB="d50b07d7d4910ec531450f362d113afd38c35611b6074cf3b811484ab2ce3132a07f4a80da7a442e48241dfadbe4fdfd97db5487d5c75dfadcef9c1c0ce5481b1f3c267dcc70110a144838807c56e5f94fd866b23ccc18970dae057b4ef1911abface4ca1942b2c3d82a7ebcb2295887324026c0923ee895c8d88fb6b1c7e69c39e567cba414f0212a1db78aaaea", @ANYRESOCT=r2, @ANYRES8=r1, @ANYRES32=r1, @ANYRES32=r3], 0x34}, 0x1, 0x0, 0x0, 0x24000000}, 0x8040) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0) io_uring_register$auto(0x2, 0x9, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(r4, 0xfffffffffffff000, 0xff) io_uring_setup$auto(0x7, 0x0) clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9) exit$auto(0x7) socketpair$auto(0x1, 0x0, 0x9, 0x0) socketpair$auto(0x1e, 0x1, 0xf, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) 4.685218859s ago: executing program 1 (id=763): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x800000008000) socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) getsockopt$auto(0x4, 0x1, 0x4, 0xfffffffffffffffc, 0x0) keyctl$auto_KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x6) socket(0x10, 0x2, 0x0) 3.780935963s ago: executing program 3 (id=766): r0 = socket(0x28, 0x4, 0x0) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000140), r0) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x50, r1, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@WGDEVICE_A_PRIVATE_KEY={0x20, 0x3, "3292da89f841664537f03e0527d9a66b78ab783a8e1377da902c96e7"}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e22}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'dummy0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x40010}, 0x0) (async) socket(0x10, 0x2, 0x0) (async) memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x5) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) (async) r3 = socket(0x2c, 0x3, 0x0) (async) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r3, &(0x7f0000000500)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000300)={0x1b0, r4, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x9}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x18, 0x75, 0x0, 0x1, [@typed={0x14, 0x96, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}}]}, @NL80211_ATTR_QOS_MAP={0x67, 0xc7, "6b9432e829e65b4653443018d0b5cd1516142a2105632b7a661a5c6d249b2b6c5b558dc117e73ac72b4ffed4b69e0bfaac4a9be2d11bad466547edffa65a22f04033c15a3477e1ea2b353a58e9d2eef8cabfb88963955446a1cc27b7be3a555d12e7e3"}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0xf8, 0x129, "2d1b26e0f02daf9b21df2088bf74ce1a22c07e6aef0cecebbbffe48e351fda211f6f1ec3c9b7bf9af68b157d0abaa815ceb84f1c030073a28f1f818bd3ee0198714a944218935a61d78cfc7682e75c7e9dfe42645faf2faa3fcdcc0d3b7a52d1daf08883688e4c3ce78cba81463979aabcff61d3245a58593e554698ce769651595b4954039df7783e2d8dc12dc1cd027267b14edea5eb8f7d19bac939f023ab3289a270c72278e97142da330a362841cff9ea56259ea0e9effe00e439d59194192ae9d8d8185b205b849dd994aff51361c0e48b0ccfe9738f7c1d1f1e425020af93d6181066dfa769fd57beb8c6dfbd52ce3eec"}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x9}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x1b0}, 0x1, 0x0, 0x0, 0x10040081}, 0x8880) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x3, 0x6) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) eventfd$auto(0x3) (async) socket(0xa, 0x2, 0x88) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x102, 0x0) ioctl$auto_SNDCTL_SEQ_GETOUTCOUNT(r5, 0x80045104, &(0x7f0000000040)) (async) r6 = socket(0x11, 0x2, 0x4) (async) mmap$auto(0x0, 0x400008, 0x400000df, 0x9b72, 0x2, 0x8000) (async) mlockall$auto(0x7) (async) madvise$auto(0x0, 0x200007, 0x19) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002240)='/dev/cec17\x00', 0x181680, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@iter_create={r6, 0x8}, 0xa3) (async) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) 3.54448948s ago: executing program 1 (id=767): mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r1 = mq_open$auto(&(0x7f0000000040)='$\x15.\\]/(:\x00', 0x5, 0x40, &(0x7f0000000080)={0xfffffffffffffffe, 0x10001, 0x4}) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1d0}, 0x8880) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x5, 0x400020009, 0x10000000000df, 0x13, r0, 0x80000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1d, 0x1, 0xa) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x80c00, 0x0) ioctl$auto(0x3, 0x80081270, 0x38) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) semctl$auto_SETALL(0x2, 0x6, 0x11, 0xe4b) 3.445306509s ago: executing program 0 (id=768): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x7, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x8000) unshare$auto(0x40000080) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x440101, 0x0) socketcall$auto_SYS_RECVMSG(0x11, &(0x7f0000000000)=0x10001) ioctl$auto(r1, 0x2, r1) socket$nl_generic(0x10, 0x3, 0x10) lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0) 3.265039345s ago: executing program 3 (id=769): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket(0x11, 0x80003, 0x304) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYBLOB="000325bd7000fedbdf2525000000"], 0x2c}, 0x1, 0x0, 0x0, 0xc4}, 0x24000081) socket(0x10, 0x2, 0x0) init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00') prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) mmap$auto(0xec8, 0x2020008, 0x3, 0xeb0, 0xfffffffffffffffa, 0x8001) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) prctl$auto_PR_SVE_GET_VL(0x33, 0xfffffffffffffbff, r0, 0xebc1, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x4b72, r2) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getgid() close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) 2.822780131s ago: executing program 0 (id=770): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x40802, 0x0) writev$auto(r1, 0x0, 0x3) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x64842, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0) msgctl$auto(0x1, 0x3, &(0x7f00000001c0)={{0x1, 0xffffffffffffffff, 0xee01, 0x6, 0x0, 0x6, 0x3}, 0x0, 0x0, 0x0, 0x9, 0x6, 0x205, 0x5b73, 0x49, 0x5, 0x2}) pwrite64$auto(0xc8, 0x0, 0xfdf2, 0x3a) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_FIOASYNC(r2, 0x5452, r2) (fail_nth: 1) 2.236829377s ago: executing program 2 (id=771): mmap$auto(0x0, 0xe985, 0xdf, 0xeb1, 0x401, 0x8000) timer_settime$auto(0xfff, 0xfffffffe, &(0x7f0000000080)={{0x9, 0xb}, {0x9, 0x5}}, 0x0) r0 = socket(0x18, 0x5, 0x2) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x81) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000005c0), 0xffffffffffffffff) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="e1ff2bbd7000fedbdf25010000000400018004000280040003"], 0x20}, 0x1, 0x0, 0x0, 0x20000004}, 0x10) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) clone3$auto(&(0x7f0000000400)={0x100008000, 0x980, 0x4, 0x6, 0x0, 0x2, 0x1, 0x8, 0x1, 0x0, 0x3}, 0x40) ioctl$auto_PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007) mmap$auto(0x0, 0x8, 0xdc, 0x9b72, 0x2, 0x8000) 1.667990096s ago: executing program 1 (id=772): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x40802, 0x0) writev$auto(r1, 0x0, 0x3) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x64842, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0) msgctl$auto(0x1, 0x3, &(0x7f00000001c0)={{0x1, 0xffffffffffffffff, 0xee01, 0x6, 0x0, 0x6, 0x3}, 0x0, 0x0, 0x0, 0x9, 0x6, 0x205, 0x5b73, 0x49, 0x5, 0x2}) pwrite64$auto(0xc8, 0x0, 0xfdf2, 0x3a) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_FIOASYNC(r2, 0x5452, r2) 1.479810542s ago: executing program 3 (id=773): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001640), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_INTERFACE(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000080)=ANY=[@ANYBLOB="1400000047f737041f51e3261fa9ab44d9ff00ad539ba2cfac772cfdef685e4d9e6c8fabe2c546ab47bd3176eb8ad81b71812d03b2344a65a885615f10605b9548c0346a157c599c5e27e77099ffffe5f185eaaa478c89a94f314d3f3e935b60656ccf0cdb865cc46d", @ANYRES16=r2, @ANYBLOB="13032bbd7000fedbdf2505000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) r3 = gettid() process_vm_writev$auto(r3, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x21c, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_MAC_HINT={0x7, 0xc8, 'PLC'}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x630d}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_BSS_SELECT={0x1f4, 0xe3, 0x0, 0x1, [@nested={0x108, 0x9, 0x0, 0x1, [@nested={0x4, 0xb4}, @nested={0x4, 0x118}, @typed={0x4, 0xf2}, @typed={0xc, 0xcc, 0x0, 0x0, @u64=0x2}, @nested={0x4, 0x47}, @typed={0x8, 0x8, 0x0, 0x0, @pid=r3}, @generic="6a40ee38ed4a1c0d3e408bc3ff4f417d888ff5e2a1a8563f1c97273ff6acbcaaba7bb88bf23ec13a592915ea3d044d9d31d67390c0b30cd6e433f2ff797f722d8e2ce6263d06c831f8e1bdf0855f5272b15c716d3b68c9cf62158908ae682678178480505006055cd09786af1b6d1af35210e463ff6de9e4fa858038d5b4389d1d99377cfc249397b63302872a9b043955df8b3c04bb3fee30c933cedc412c280b0af460c5ecb534c9886aedbf9c57499f4c523699f5e629985283641a147c4484f4b0479b90fda76b725e43ef3f0bb65bf7530231bc4f23c67eb635fc90ef7d"]}, @nested={0xe8, 0xce, 0x0, 0x1, [@generic="c9f53da998f59ee3dcbc63a58d0f8d1f57a73a39f19033724f6aa2133c28708e5548851532c470a1fc47caf1ea26ad53689cc0f574ae0a7379a8e81a752825f89dcec4fd89ed845016d5be3d1dd75fb689d73397fb4cb47b4c0b84934639b6a41cc6a10cf92e9ca6ab6710ca853def31801002134948c26a19ec20004f86af4324bbe9ae67fbaca2f3845357bbb5c21aa4cbb7fe016dddb27e51720bca61d4649e37003179fe2badf2e78379bb9b856ef991e7f4fba99756d731fc13c02fd5ee584586ca47d1a501", @typed={0xe, 0x5b, 0x0, 0x0, @str='}\xe4@-!@\\\xe7]\x00'}, @nested={0x4, 0x62}, @typed={0x8, 0x10a, 0x0, 0x0, @str='-$$\x00'}]}]}]}, 0x21c}, 0x1, 0x0, 0x0, 0x4045081}, 0x1) socket(0x2b, 0x1, 0x1) r4 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x400c000) socket(0x2, 0x80002, 0x73) socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2000000000000021, 0x2, 0x10000000000002) io_uring_setup$auto(0x59, 0x0) r5 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r5, 0x0, 0x2f) ioctl$auto_MON_IOCG_STATS(r5, 0x80089203, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x1000000, 0xff, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) socket(0x2b, 0x1, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x109402, 0x0) read$auto(0x3, 0x0, 0x7d) mmap$auto(0x2, 0x400009, 0x40000000080000df, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) ioctl$auto_USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000000)=0x7f67) 1.291389919s ago: executing program 1 (id=774): socket(0xa, 0x3, 0x3a) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) r1 = getsockopt$auto(r0, 0x0, 0x60, 0x0, &(0x7f00000000c0)=0x44) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) (async, rerun: 32) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) (async) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) symlink$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') (async, rerun: 64) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (async, rerun: 64) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0) 1.153024543s ago: executing program 0 (id=775): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) open(0x0, 0x22240, 0x154) prctl$auto(0x22, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.events\x00', 0x60640, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000010c0)=""/4111, 0x100f) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setreuid$auto(0x3, 0x7) syz_clone3(&(0x7f0000000000)={0x28020000, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0, 0x1d}, 0x58) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) ioperm$auto(0x800, 0x5, 0xd) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x40, 0x4005, 0x8000000000000000, 0x0) mmap$auto(0x1ba6, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socket(0xa, 0x801, 0x84) setsockopt$auto(r2, 0x10000000084, 0x22, 0x0, 0x30) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r1, 0x0, 0x8010) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) shmctl$auto(0xfffffffa, 0x3d1, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/manager\x00', 0x40202, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x1}, 0x1) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) 902.595985ms ago: executing program 0 (id=776): unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) getsockopt$auto(0x4, 0x1, 0x4, 0xfffffffffffffffc, 0x0) keyctl$auto_KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x6) socket(0x10, 0x2, 0x0) 511.055269ms ago: executing program 0 (id=777): socket(0x11, 0xa, 0x300) r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) setresuid$auto(0x2, 0x7, 0x0) socket(0xa, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x12, 0xffffffffffffffff, 0x0) prctl$auto_PR_GET_IO_FLUSHER(0x3a, 0x4000000000004, 0x0, 0x6, 0xa) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x4a0fc}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 333.055412ms ago: executing program 3 (id=778): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000280)=""/237, 0xed) 210.791982ms ago: executing program 3 (id=779): mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYRESHEX=r0, @ANYRESDEC=0x0, @ANYRES64=r0, @ANYBLOB="e2402eb365b0bc18a87df48e1b72e0500d7abe988a9d209c65f0aea5a58dea8db94b8baf19936920f9bdb30097d6dabdbf5eaac0c4e3d57b4fa2727e18ab515b7f75dfacde42eddc70b19ad00cd526d4414cb0032bce4b234b9e89caf48d226ad07d7d2d2f3e0ca74045bac25aaf11ab40d7b2e1c1c3ee3d3b720b34a7592894bdcb192bf1071b1cd58541efa261d83cfcdd819285099c851abcf4ff5d78c0a73c35a2dbd824eb007d0b6d5664a24ce0b7a121c6e02a4f9590f3e944b3e2a1ac612344589b10346f79fc49f8f0f67d81c99024dce05260958c31f7f0289221b54fde03dea65eb9", @ANYRES8], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 108.385781ms ago: executing program 0 (id=780): r0 = socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f00000000c0), 0x55) connect$auto(0x3, &(0x7f00000000c0), 0x55) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = prctl$auto_PR_GET_TSC(0x19, 0xfff, 0x0, 0x0, 0x10000) read$auto_proc_mountinfo_operations_mnt_namespace(r2, &(0x7f0000000280)=""/28, 0x1c) r3 = socket(0x11, 0x3, 0x9) r4 = prctl$auto_PR_SET_MM_START_BRK(0x90e6, 0x6, 0x0, 0x8, 0x9) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r4) r5 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000140), r0) mmap$auto(0x0, 0x20009, 0x20000000000000e2, 0xeb1, 0x405, 0x8000) r6 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/mixer\x00', 0x40000, 0x0) ioctl$auto_SOUND_MIXER_WRITE_RECSRC(r6, 0xc0044dff, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x6c, r5, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@HSR_A_IF2_AGE={0x8}, @HSR_A_NODE_ADDR={0xa, 0x1, @local}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local}, @HSR_A_IF2_SEQ={0x6}, @HSR_A_NODE_ADDR={0xa, 0x1, @multicast}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x4}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @multicast}]}, 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x40) sendmmsg$auto(r3, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440), 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100) move_pages$auto(0x1, 0x1, 0x0, 0x0, 0x0, 0x8000000000000000) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/memory.pressure\x00', 0x1, 0x0) r8 = open(0x0, 0x261c2, 0x84) r9 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r9, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x59f, 0x0, 0x20}, 0x5b3}, 0x40, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) syz_genetlink_get_family_id$auto_nfsd(0x0, r9) recvmmsg$auto(r9, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) r10 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000340), r2) sendmsg$auto_ETHTOOL_MSG_FEC_GET(r9, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000500)={0x88, r10, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_FEC_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_FEC_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x452f0976}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x400}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x45}, 0x0) r11 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r8, 0x0, 0x7}, 0xc) sendmsg$auto_HWSIM_CMD_REGISTER(r11, &(0x7f0000000600)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000480)={0x1c, 0x0, 0x0, 0x70bd2a, 0x25dfdbff, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}, @HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008044}, 0x2000c010) ioctl$auto_TUNGETFEATURES(r8, 0x800454cf, &(0x7f00000002c0)=0x1) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000040)='8', 0x1) 0s ago: executing program 3 (id=781): mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r1 = mq_open$auto(&(0x7f0000000040)='$\x15.\\]/(:\x00', 0x5, 0x40, &(0x7f0000000080)={0xfffffffffffffffe, 0x10001, 0x4}) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1d0}, 0x8880) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x5, 0x400020009, 0x10000000000df, 0x13, r0, 0x80000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1d, 0x1, 0xa) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x80c00, 0x0) ioctl$auto(0x3, 0x80081270, 0x38) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) semctl$auto_SETALL(0x2, 0x6, 0x11, 0xe4b) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.67' (ED25519) to the list of known hosts. [ 80.592034][ T5821] cgroup: Unknown subsys name 'net' [ 80.738286][ T5821] cgroup: Unknown subsys name 'cpuset' [ 80.746882][ T5821] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.362701][ T5821] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.146816][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.155382][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.163236][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.171333][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.179786][ T5833] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.187715][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.311639][ T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.321015][ T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.331294][ T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.347548][ T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.364222][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.384981][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.401842][ T5147] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.409617][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.417172][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.425616][ T5147] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.433134][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.440920][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.448947][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.469196][ T5833] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.472918][ T5147] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.477596][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.493046][ T55] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.506089][ T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.545182][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 84.684948][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.692218][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.699808][ T5830] bridge_slave_0: entered allmulticast mode [ 84.706662][ T5830] bridge_slave_0: entered promiscuous mode [ 84.716580][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.723744][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.732085][ T5830] bridge_slave_1: entered allmulticast mode [ 84.739493][ T5830] bridge_slave_1: entered promiscuous mode [ 84.801379][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.813578][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.852253][ T5830] team0: Port device team_slave_0 added [ 84.860859][ T5830] team0: Port device team_slave_1 added [ 84.916633][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.923677][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.950087][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.963299][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.970373][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.996545][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.042880][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 85.092692][ T5830] hsr_slave_0: entered promiscuous mode [ 85.099168][ T5830] hsr_slave_1: entered promiscuous mode [ 85.162409][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 85.218968][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.226907][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.234485][ T5834] bridge_slave_0: entered allmulticast mode [ 85.241253][ T5834] bridge_slave_0: entered promiscuous mode [ 85.254056][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.261213][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.268525][ T5834] bridge_slave_1: entered allmulticast mode [ 85.275549][ T5834] bridge_slave_1: entered promiscuous mode [ 85.285106][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 85.339649][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.371846][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.448482][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.455852][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.463070][ T5839] bridge_slave_0: entered allmulticast mode [ 85.470338][ T5839] bridge_slave_0: entered promiscuous mode [ 85.480052][ T5834] team0: Port device team_slave_0 added [ 85.486346][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.493469][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.500936][ T5839] bridge_slave_1: entered allmulticast mode [ 85.508063][ T5839] bridge_slave_1: entered promiscuous mode [ 85.537426][ T5834] team0: Port device team_slave_1 added [ 85.558994][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.566383][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.573676][ T5840] bridge_slave_0: entered allmulticast mode [ 85.580976][ T5840] bridge_slave_0: entered promiscuous mode [ 85.616414][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.623717][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.632339][ T5840] bridge_slave_1: entered allmulticast mode [ 85.639445][ T5840] bridge_slave_1: entered promiscuous mode [ 85.652865][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.660296][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.686517][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.702260][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.714698][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.740420][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.747467][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.774202][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.799947][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.811588][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.845397][ T5839] team0: Port device team_slave_0 added [ 85.890079][ T5834] hsr_slave_0: entered promiscuous mode [ 85.896401][ T5834] hsr_slave_1: entered promiscuous mode [ 85.902479][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.910330][ T5834] Cannot create hsr debugfs directory [ 85.917526][ T5839] team0: Port device team_slave_1 added [ 85.926370][ T5840] team0: Port device team_slave_0 added [ 85.932532][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 85.963755][ T5840] team0: Port device team_slave_1 added [ 85.970040][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 85.989705][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.997236][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.023997][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.036556][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.043564][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.069596][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.088729][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.113863][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.139732][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.146866][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.173028][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.185740][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.192727][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.218947][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.255131][ T5147] Bluetooth: hci0: command tx timeout [ 86.272901][ T5839] hsr_slave_0: entered promiscuous mode [ 86.279707][ T5839] hsr_slave_1: entered promiscuous mode [ 86.285873][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.293458][ T5839] Cannot create hsr debugfs directory [ 86.365702][ T5840] hsr_slave_0: entered promiscuous mode [ 86.371934][ T5840] hsr_slave_1: entered promiscuous mode [ 86.378266][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.386340][ T5840] Cannot create hsr debugfs directory [ 86.494338][ T5147] Bluetooth: hci1: command tx timeout [ 86.508829][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.535979][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.546356][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.559729][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.574169][ T5147] Bluetooth: hci2: command tx timeout [ 86.574389][ T55] Bluetooth: hci3: command tx timeout [ 86.697793][ T5839] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 86.708031][ T5839] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 86.719908][ T5839] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 86.730171][ T5839] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 86.757078][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.799427][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.820516][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.827827][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.856685][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.863823][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.880932][ T5840] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 86.892974][ T5840] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 86.905489][ T5840] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.922876][ T5840] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 86.951744][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.035373][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.089527][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.096719][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.129810][ T3447] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.137028][ T3447] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.194923][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.247335][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.266737][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.280918][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.295950][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.303103][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.327359][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.334529][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.376711][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.428920][ T4488] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.436128][ T4488] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.471451][ T4488] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.478678][ T4488] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.497315][ T5830] veth0_vlan: entered promiscuous mode [ 87.525870][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.560809][ T5830] veth1_vlan: entered promiscuous mode [ 87.649445][ T5830] veth0_macvtap: entered promiscuous mode [ 87.678541][ T5834] veth0_vlan: entered promiscuous mode [ 87.688558][ T5830] veth1_macvtap: entered promiscuous mode [ 87.707658][ T5834] veth1_vlan: entered promiscuous mode [ 87.736358][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.760517][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.771620][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.783137][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.792616][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.801511][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.835970][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.861508][ T5834] veth0_macvtap: entered promiscuous mode [ 87.883894][ T5834] veth1_macvtap: entered promiscuous mode [ 87.977905][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 87.989112][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.001588][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.025062][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 88.036510][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.048519][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.059052][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.068334][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.077990][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.087266][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.112377][ T1332] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.118371][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.132088][ T1332] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.149946][ T5839] veth0_vlan: entered promiscuous mode [ 88.186240][ T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.198851][ T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.224667][ T5839] veth1_vlan: entered promiscuous mode [ 88.284269][ T4488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.292147][ T4488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.311336][ T5839] veth0_macvtap: entered promiscuous mode [ 88.334252][ T55] Bluetooth: hci0: command tx timeout [ 88.343618][ T5839] veth1_macvtap: entered promiscuous mode [ 88.352826][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.367635][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.378106][ T5840] veth0_vlan: entered promiscuous mode [ 88.410399][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 88.410608][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.448558][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.458948][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.469810][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.480832][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.490560][ T5840] veth1_vlan: entered promiscuous mode [ 88.511997][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 88.524304][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.534452][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 88.545330][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.557291][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.580095][ T55] Bluetooth: hci1: command tx timeout [ 88.606371][ T5839] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.616090][ T5839] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.627381][ T5839] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.636437][ T5839] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.653817][ T5840] veth0_macvtap: entered promiscuous mode [ 88.660097][ T55] Bluetooth: hci2: command tx timeout [ 88.665663][ T5147] Bluetooth: hci3: command tx timeout [ 88.672864][ T5840] veth1_macvtap: entered promiscuous mode [ 88.773879][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.796089][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.817040][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.839877][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.860624][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.883095][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.912409][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.930515][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.931864][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 88.955911][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.965825][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.997557][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.033596][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.043923][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.058231][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.069998][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.169568][ T5840] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.182708][ T5840] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.205125][ T5840] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.213913][ T5840] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.249518][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.268012][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.417848][ T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.434831][ T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.524247][ T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.544278][ T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.729177][ T5908] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5'. [ 89.871713][ T5912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6'. [ 90.414814][ T5147] Bluetooth: hci0: command tx timeout [ 90.662047][ T5147] Bluetooth: hci1: command tx timeout [ 90.736963][ T55] Bluetooth: hci2: command tx timeout [ 90.737022][ T55] Bluetooth: hci3: command tx timeout [ 91.486570][ T5936] Zero length message leads to an empty skb [ 91.966855][ T47] cfg80211: failed to load regulatory.db [ 92.473223][ T5945] process 'syz.1.12' launched ':,' with NULL argv: empty string added [ 92.507474][ T5147] Bluetooth: hci0: command tx timeout [ 92.723346][ T5948] Invalid ELF header magic: != ELF [ 92.729129][ T5919] mmap: syz.3.4 (5919) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 92.744653][ T5147] Bluetooth: hci1: command tx timeout [ 92.814786][ T5147] Bluetooth: hci3: command tx timeout [ 92.820289][ T5147] Bluetooth: hci2: command tx timeout [ 94.167084][ T5147] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 94.379855][ T5957] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 96.073887][ T5986] Invalid ELF header magic: != ELF [ 98.374046][ T6016] netlink: 504 bytes leftover after parsing attributes in process `syz.3.27'. [ 98.432387][ T6016] netlink: 504 bytes leftover after parsing attributes in process `syz.3.27'. [ 99.066369][ T6027] netlink: 338 bytes leftover after parsing attributes in process `syz.1.29'. [ 99.108550][ T6029] netlink: 338 bytes leftover after parsing attributes in process `syz.1.29'. [ 99.139785][ T6027] netlink: 134 bytes leftover after parsing attributes in process `syz.1.29'. [ 100.000076][ T6008] FAULT_INJECTION: forcing a failure. [ 100.000076][ T6008] name failslab, interval 1, probability 0, space 0, times 1 [ 100.019706][ T6008] CPU: 0 UID: 0 PID: 6008 Comm: syz.2.25 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 100.019751][ T6008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 100.019774][ T6008] Call Trace: [ 100.019784][ T6008] [ 100.019800][ T6008] dump_stack_lvl+0x16c/0x1f0 [ 100.019854][ T6008] should_fail_ex+0x512/0x640 [ 100.019887][ T6008] ? __kmalloc_noprof+0xbf/0x510 [ 100.019936][ T6008] ? __register_sysctl_table+0xea2/0x1900 [ 100.019969][ T6008] should_failslab+0xc2/0x120 [ 100.020020][ T6008] __kmalloc_noprof+0xd2/0x510 [ 100.020063][ T6008] ? __register_sysctl_table+0xe8e/0x1900 [ 100.020103][ T6008] __register_sysctl_table+0xea2/0x1900 [ 100.020141][ T6008] ? __pfx___register_sysctl_table+0x10/0x10 [ 100.020174][ T6008] ? is_module_address+0x2a/0x50 [ 100.020217][ T6008] ? register_net_sysctl_sz+0x228/0x3e0 [ 100.020258][ T6008] ? __asan_memcpy+0x3c/0x60 [ 100.020310][ T6008] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 100.020352][ T6008] nf_lwtunnel_net_init+0x60/0xf0 [ 100.020393][ T6008] ops_init+0x1df/0x5f0 [ 100.020443][ T6008] setup_net+0x21e/0x850 [ 100.020492][ T6008] ? __pfx_setup_net+0x10/0x10 [ 100.020537][ T6008] ? lockdep_init_map_type+0x5c/0x280 [ 100.020583][ T6008] ? __pfx_down_read_killable+0x10/0x10 [ 100.020634][ T6008] ? debug_mutex_init+0x37/0x70 [ 100.020669][ T6008] copy_net_ns+0x2a6/0x5f0 [ 100.020700][ T6008] create_new_namespaces+0x3ea/0xad0 [ 100.020747][ T6008] copy_namespaces+0x468/0x560 [ 100.020788][ T6008] copy_process+0x2b75/0x9130 [ 100.020845][ T6008] ? __pfx_copy_process+0x10/0x10 [ 100.020884][ T6008] ? __pfx___futex_wait+0x10/0x10 [ 100.020949][ T6008] kernel_clone+0xfc/0x960 [ 100.020991][ T6008] ? __pfx_kernel_clone+0x10/0x10 [ 100.021048][ T6008] __do_sys_clone+0xce/0x120 [ 100.021089][ T6008] ? __pfx___do_sys_clone+0x10/0x10 [ 100.021146][ T6008] ? rcu_is_watching+0x12/0xc0 [ 100.021185][ T6008] do_syscall_64+0xcd/0x260 [ 100.021228][ T6008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.021259][ T6008] RIP: 0033:0x7f219a18d169 [ 100.021285][ T6008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.021330][ T6008] RSP: 002b:00007f219af3afe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 100.021359][ T6008] RAX: ffffffffffffffda RBX: 00007f219a3a5fa0 RCX: 00007f219a18d169 [ 100.021379][ T6008] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000001432a0091 [ 100.021397][ T6008] RBP: 00007f219a20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.021416][ T6008] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 100.021434][ T6008] R13: 0000000000000000 R14: 00007f219a3a5fa0 R15: 00007ffc483c8a68 [ 100.021468][ T6008] [ 100.295667][ T6008] sysctl could not get directory: /net -12 [ 102.638397][ T6065] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 104.101838][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 104.231891][ T6075] netlink: 28 bytes leftover after parsing attributes in process `syz.2.38'. [ 104.640962][ T6075] bond0: (slave bond_slave_1): Releasing backup interface [ 105.974211][ T6077] kexec: Could not allocate control_code_buffer [ 106.135342][ T6092] netlink: 28 bytes leftover after parsing attributes in process `syz.0.43'. [ 106.822948][ T5147] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 109.294957][ T6118] ptrace attach of "./syz-executor exec"[5839] was attempted by ""[6118] [ 110.855105][ T6149] mkiss: ax0: crc mode is auto. [ 111.353300][ T6144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.55'. [ 111.548562][ T6162] FAULT_INJECTION: forcing a failure. [ 111.548562][ T6162] name failslab, interval 1, probability 0, space 0, times 0 [ 111.572046][ T6162] CPU: 1 UID: 0 PID: 6162 Comm: syz.3.58 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 111.572095][ T6162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 111.572114][ T6162] Call Trace: [ 111.572124][ T6162] [ 111.572137][ T6162] dump_stack_lvl+0x16c/0x1f0 [ 111.572186][ T6162] should_fail_ex+0x512/0x640 [ 111.572218][ T6162] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 111.572273][ T6162] should_failslab+0xc2/0x120 [ 111.572325][ T6162] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 111.572377][ T6162] ? drm_atomic_get_connector_state+0x231/0x740 [ 111.572432][ T6162] krealloc_noprof+0x1fb/0x380 [ 111.572483][ T6162] drm_atomic_get_connector_state+0x231/0x740 [ 111.572542][ T6162] drm_atomic_add_affected_connectors+0x2e0/0x3f0 [ 111.572596][ T6162] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 111.572647][ T6162] ? ww_mutex_lock+0x37/0x160 [ 111.572697][ T6162] ? modeset_lock+0x114/0x6e0 [ 111.572740][ T6162] __drm_atomic_helper_set_config+0x5ef/0xea0 [ 111.572796][ T6162] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 111.572853][ T6162] ? drm_client_rotation+0x4d9/0x6a0 [ 111.572902][ T6162] drm_client_modeset_commit_atomic+0x53d/0x7e0 [ 111.572958][ T6162] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 111.573027][ T6162] ? __pfx___mutex_lock+0x10/0x10 [ 111.573077][ T6162] drm_client_modeset_commit_locked+0x14d/0x580 [ 111.573129][ T6162] drm_client_modeset_commit+0x4f/0x80 [ 111.573176][ T6162] drm_fb_helper_lastclose+0xc7/0x160 [ 111.573216][ T6162] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 111.573248][ T6162] drm_fbdev_client_restore+0x2c/0x40 [ 111.573279][ T6162] drm_client_dev_restore+0x183/0x290 [ 111.573328][ T6162] drm_release+0x2c2/0x360 [ 111.573373][ T6162] ? __pfx_drm_release+0x10/0x10 [ 111.573414][ T6162] __fput+0x3ff/0xb70 [ 111.573451][ T6162] task_work_run+0x14d/0x240 [ 111.573485][ T6162] ? __pfx_task_work_run+0x10/0x10 [ 111.573516][ T6162] ? __pfx___do_sys_close_range+0x10/0x10 [ 111.573562][ T6162] ? rcu_is_watching+0x12/0xc0 [ 111.573600][ T6162] syscall_exit_to_user_mode+0x27b/0x2a0 [ 111.573644][ T6162] do_syscall_64+0xda/0x260 [ 111.573798][ T6162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.573837][ T6162] RIP: 0033:0x7f3d5a78d169 [ 111.573866][ T6162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.573896][ T6162] RSP: 002b:00007f3d5b62b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 111.573927][ T6162] RAX: 0000000000000000 RBX: 00007f3d5a9a5fa0 RCX: 00007f3d5a78d169 [ 111.573957][ T6162] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 111.573975][ T6162] RBP: 00007f3d5a80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 111.573995][ T6162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.574014][ T6162] R13: 0000000000000000 R14: 00007f3d5a9a5fa0 R15: 00007ffeba3fcf68 [ 111.574048][ T6162] [ 112.217432][ T6172] netlink: 342 bytes leftover after parsing attributes in process `syz.1.60'. [ 112.236708][ T6172] netlink: 342 bytes leftover after parsing attributes in process `syz.1.60'. [ 112.246989][ T6172] netlink: 342 bytes leftover after parsing attributes in process `syz.1.60'. [ 112.601141][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 112.624528][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.630217][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.632184][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.634245][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.640531][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.153891][ T6174] netlink: 28 bytes leftover after parsing attributes in process `syz.2.61'. [ 113.164691][ T6174] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 114.228935][ T6179] kexec: Could not allocate control_code_buffer [ 114.324364][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 115.080827][ T6205] mkiss: ax0: crc mode is auto. [ 116.248378][ T6224] netlink: 342 bytes leftover after parsing attributes in process `syz.0.71'. [ 116.351288][ T6227] netlink: 342 bytes leftover after parsing attributes in process `syz.0.71'. [ 116.361663][ T6226] mkiss: ax0: crc mode is auto. [ 116.474825][ T6227] netlink: 342 bytes leftover after parsing attributes in process `syz.0.71'. [ 116.669700][ T6209] netlink: 28 bytes leftover after parsing attributes in process `syz.3.69'. [ 117.641374][ T6249] netlink: 28 bytes leftover after parsing attributes in process `syz.0.75'. [ 117.702603][ T6240] netlink: 28 bytes leftover after parsing attributes in process `syz.3.74'. [ 117.807432][ T6246] ptrace attach of "./syz-executor exec"[5834] was attempted by ""[6246] [ 118.404624][ T6249] bond0: (slave bond_slave_1): Releasing backup interface [ 118.679483][ T6240] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 119.698645][ T6250] kexec: Could not allocate control_code_buffer [ 119.864109][ T5147] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 122.535086][ T6286] FAULT_INJECTION: forcing a failure. [ 122.535086][ T6286] name failslab, interval 1, probability 0, space 0, times 0 [ 122.634019][ T6286] CPU: 0 UID: 0 PID: 6286 Comm: syz.2.93 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 122.634062][ T6286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 122.634082][ T6286] Call Trace: [ 122.634090][ T6286] [ 122.634102][ T6286] dump_stack_lvl+0x16c/0x1f0 [ 122.634150][ T6286] should_fail_ex+0x512/0x640 [ 122.634183][ T6286] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 122.634237][ T6286] should_failslab+0xc2/0x120 [ 122.634288][ T6286] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 122.634339][ T6286] ? drm_atomic_get_connector_state+0x231/0x740 [ 122.634395][ T6286] krealloc_noprof+0x1fb/0x380 [ 122.634445][ T6286] drm_atomic_get_connector_state+0x231/0x740 [ 122.634502][ T6286] drm_atomic_add_affected_connectors+0x2e0/0x3f0 [ 122.634558][ T6286] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 122.634609][ T6286] ? ww_mutex_lock+0x37/0x160 [ 122.634661][ T6286] ? modeset_lock+0x114/0x6e0 [ 122.634703][ T6286] __drm_atomic_helper_set_config+0x5ef/0xea0 [ 122.634761][ T6286] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 122.634816][ T6286] ? drm_client_rotation+0x4d9/0x6a0 [ 122.634866][ T6286] drm_client_modeset_commit_atomic+0x53d/0x7e0 [ 122.634922][ T6286] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 122.634991][ T6286] ? __pfx___mutex_lock+0x10/0x10 [ 122.635039][ T6286] drm_client_modeset_commit_locked+0x14d/0x580 [ 122.635091][ T6286] drm_client_modeset_commit+0x4f/0x80 [ 122.635138][ T6286] drm_fb_helper_lastclose+0xc7/0x160 [ 122.635178][ T6286] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 122.635210][ T6286] drm_fbdev_client_restore+0x2c/0x40 [ 122.635241][ T6286] drm_client_dev_restore+0x183/0x290 [ 122.635291][ T6286] drm_release+0x2c2/0x360 [ 122.635335][ T6286] ? __pfx_drm_release+0x10/0x10 [ 122.635376][ T6286] __fput+0x3ff/0xb70 [ 122.635413][ T6286] task_work_run+0x14d/0x240 [ 122.635446][ T6286] ? __pfx_task_work_run+0x10/0x10 [ 122.635478][ T6286] ? __pfx___do_sys_close_range+0x10/0x10 [ 122.635525][ T6286] ? rcu_is_watching+0x12/0xc0 [ 122.635563][ T6286] syscall_exit_to_user_mode+0x27b/0x2a0 [ 122.635605][ T6286] do_syscall_64+0xda/0x260 [ 122.635656][ T6286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.635690][ T6286] RIP: 0033:0x7f219a18d169 [ 122.635715][ T6286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.635749][ T6286] RSP: 002b:00007f219af3b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 122.635776][ T6286] RAX: 0000000000000000 RBX: 00007f219a3a5fa0 RCX: 00007f219a18d169 [ 122.635795][ T6286] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 122.635813][ T6286] RBP: 00007f219a20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 122.635831][ T6286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.635848][ T6286] R13: 0000000000000000 R14: 00007f219a3a5fa0 R15: 00007ffc483c8a68 [ 122.635883][ T6286] [ 123.264168][ T6290] mkiss: ax0: crc mode is auto. [ 124.515202][ T6300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.87'. [ 126.066212][ T6322] netlink: 504 bytes leftover after parsing attributes in process `syz.2.91'. [ 126.101410][ T6322] netlink: 504 bytes leftover after parsing attributes in process `syz.2.91'. [ 126.930871][ T6319] kexec: Could not allocate control_code_buffer [ 129.516887][ T6360] mkiss: ax0: crc mode is auto. [ 130.661412][ T6367] FAULT_INJECTION: forcing a failure. [ 130.661412][ T6367] name failslab, interval 1, probability 0, space 0, times 0 [ 130.674613][ T6367] CPU: 0 UID: 0 PID: 6367 Comm: syz.3.101 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 130.674655][ T6367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 130.674672][ T6367] Call Trace: [ 130.674681][ T6367] [ 130.674692][ T6367] dump_stack_lvl+0x16c/0x1f0 [ 130.674738][ T6367] should_fail_ex+0x512/0x640 [ 130.674770][ T6367] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 130.674820][ T6367] should_failslab+0xc2/0x120 [ 130.674870][ T6367] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 130.674917][ T6367] ? bdev_alloc_inode+0x26/0x90 [ 130.674953][ T6367] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 130.674992][ T6367] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 130.675027][ T6367] bdev_alloc_inode+0x26/0x90 [ 130.675061][ T6367] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 130.675095][ T6367] alloc_inode+0x61/0x240 [ 130.675128][ T6367] new_inode+0x22/0x1c0 [ 130.675162][ T6367] bdev_alloc+0x2b/0x420 [ 130.675204][ T6367] __alloc_disk_node+0x116/0x610 [ 130.675253][ T6367] __blk_mq_alloc_disk+0x89/0x120 [ 130.675299][ T6367] loop_add+0x496/0xb70 [ 130.675342][ T6367] ? 0xffffffff81000000 [ 130.675371][ T6367] ? do_vfs_ioctl+0x512/0x1990 [ 130.675407][ T6367] ? __pfx_loop_add+0x10/0x10 [ 130.675452][ T6367] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 130.675510][ T6367] ? 0xffffffff81000000 [ 130.675531][ T6367] loop_control_ioctl+0x13c/0x630 [ 130.675579][ T6367] ? __pfx_loop_control_ioctl+0x10/0x10 [ 130.675627][ T6367] ? xfd_validate_state+0x5d/0x180 [ 130.675658][ T6367] ? 0xffffffff81000000 [ 130.675679][ T6367] ? __pfx_loop_control_ioctl+0x10/0x10 [ 130.675728][ T6367] ? 0xffffffff81000000 [ 130.675749][ T6367] __x64_sys_ioctl+0x190/0x200 [ 130.675786][ T6367] do_syscall_64+0xcd/0x260 [ 130.675827][ T6367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.675858][ T6367] RIP: 0033:0x7f3d5a78d169 [ 130.675881][ T6367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.675911][ T6367] RSP: 002b:00007f3d5b62b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 130.675939][ T6367] RAX: ffffffffffffffda RBX: 00007f3d5a9a5fa0 RCX: 00007f3d5a78d169 [ 130.675959][ T6367] RDX: ffffffff81000000 RSI: 0000000000004c80 RDI: 0000000000000007 [ 130.675979][ T6367] RBP: 00007f3d5a80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 130.675998][ T6367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.676016][ T6367] R13: 0000000000000000 R14: 00007f3d5a9a5fa0 R15: 00007ffeba3fcf68 [ 130.676043][ T6367] ? 0xffffffff81000000 [ 130.676068][ T6367] [ 133.272841][ T6399] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 133.554199][ T6401] netlink: 20 bytes leftover after parsing attributes in process `syz.1.116'. [ 133.584395][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 133.593277][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 134.418994][ T6406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.108'. [ 134.540733][ T6395] kexec: Could not allocate control_code_buffer [ 135.349889][ T6423] netlink: 342 bytes leftover after parsing attributes in process `syz.3.112'. [ 135.376216][ T6423] netlink: 342 bytes leftover after parsing attributes in process `syz.3.112'. [ 135.436025][ T6423] netlink: 342 bytes leftover after parsing attributes in process `syz.3.112'. [ 135.865973][ T6433] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 137.892964][ T6462] netlink: 'syz.3.122': attribute type 15 has an invalid length. [ 137.914144][ T6462] netlink: 'syz.3.122': attribute type 16 has an invalid length. [ 137.921958][ T6462] netlink: 'syz.3.122': attribute type 17 has an invalid length. [ 137.954156][ T6462] netlink: 'syz.3.122': attribute type 19 has an invalid length. [ 137.969428][ T6462] netlink: 238 bytes leftover after parsing attributes in process `syz.3.122'. [ 138.036647][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.043379][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.374350][ T6468] Invalid ELF header magic: != ELF [ 139.088044][ T6480] netlink: 12 bytes leftover after parsing attributes in process `syz.3.127'. [ 140.399132][ T5147] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 140.463425][ T5147] Bluetooth: hci2: unexpected event 0x1d length: 1 < 5 [ 140.492740][ T6520] device-mapper: ioctl: device name cannot contain '/' [ 140.542201][ T30] audit: type=1800 audit(6037938192.230:2): pid=6522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.134" name="members" dev="configfs" ino=11372 res=0 errno=0 syzkaller syzkaller login: [ 142.101349][ T6543] can: request_module (can-proto-5) failed. [ 143.566068][ T5147] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 143.664083][ T30] audit: type=1800 audit(6037938203.417:3): pid=6569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.148" name="members" dev="configfs" ino=10786 res=0 errno=0 [ 144.838582][ T6582] program syz.3.152 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 145.225450][ T6604] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 145.739338][ T6608] netlink: 20 bytes leftover after parsing attributes in process `syz.0.158'. [ 147.009315][ T6602] kexec: Could not allocate control_code_buffer [ 147.076654][ T6633] delete_channel: no stack [ 147.592413][ T5147] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 147.651486][ T30] audit: type=1800 audit(6037938215.399:4): pid=6642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.165" name="members" dev="configfs" ino=11169 res=0 errno=0 [ 149.788493][ T6673] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.237966][ T6688] netlink: 342 bytes leftover after parsing attributes in process `syz.1.181'. [ 150.559553][ T6698] FAULT_INJECTION: forcing a failure. [ 150.559553][ T6698] name fail_futex, interval 1, probability 0, space 0, times 1 [ 150.604206][ T6698] CPU: 0 UID: 0 PID: 6698 Comm: syz.3.182 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 150.604250][ T6698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 150.604268][ T6698] Call Trace: [ 150.604277][ T6698] [ 150.604290][ T6698] dump_stack_lvl+0x16c/0x1f0 [ 150.604337][ T6698] should_fail_ex+0x512/0x640 [ 150.604376][ T6698] get_futex_key+0x49e/0x1000 [ 150.604415][ T6698] ? __pfx_get_futex_key+0x10/0x10 [ 150.604452][ T6698] ? find_held_lock+0x2b/0x80 [ 150.604488][ T6698] futex_wait_setup+0x78/0x290 [ 150.604540][ T6698] __futex_wait+0x266/0x3c0 [ 150.604585][ T6698] ? __pfx___futex_wait+0x10/0x10 [ 150.604632][ T6698] ? __pfx_futex_wake_mark+0x10/0x10 [ 150.604697][ T6698] futex_wait+0xe8/0x380 [ 150.604739][ T6698] ? __pfx_futex_wait+0x10/0x10 [ 150.604788][ T6698] ? __lock_acquire+0x5ca/0x1ba0 [ 150.604834][ T6698] do_futex+0x229/0x350 [ 150.604869][ T6698] ? __pfx_do_futex+0x10/0x10 [ 150.604907][ T6698] ? find_held_lock+0x2b/0x80 [ 150.604940][ T6698] __x64_sys_futex+0x1e0/0x4c0 [ 150.604978][ T6698] ? __fget_files+0x20e/0x3c0 [ 150.605021][ T6698] ? __pfx___x64_sys_futex+0x10/0x10 [ 150.605070][ T6698] do_syscall_64+0xcd/0x260 [ 150.605113][ T6698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.605144][ T6698] RIP: 0033:0x7f3d5a78d169 [ 150.605169][ T6698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.605200][ T6698] RSP: 002b:00007f3d5b62b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 150.605229][ T6698] RAX: ffffffffffffffda RBX: 00007f3d5a9a5fa8 RCX: 00007f3d5a78d169 [ 150.605250][ T6698] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3d5a9a5fa8 [ 150.605269][ T6698] RBP: 00007f3d5a9a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 150.605288][ T6698] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3d5a9a5fac [ 150.605305][ T6698] R13: 0000000000000000 R14: 00007ffeba3fce80 R15: 00007ffeba3fcf68 [ 150.605338][ T6698] [ 150.813194][ C0] vkms_vblank_simulate: vblank timer overrun [ 151.961975][ T5147] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 151.962024][ T5147] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 151.977227][ T5147] Bluetooth: hci2: adv larger than maximum supported [ 152.720642][ T6747] Invalid ELF header magic: != ELF [ 153.113074][ T30] audit: type=1800 audit(6037938220.859:5): pid=6744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.195" name="features" dev="configfs" ino=12433 res=0 errno=0 [ 153.629700][ T26] ERROR: Out of memory at tomoyo_memory_ok. [ 153.962778][ T6766] delete_channel: no stack [ 155.120548][ T6797] netlink: 342 bytes leftover after parsing attributes in process `syz.0.207'. [ 155.364787][ T6801] FAULT_INJECTION: forcing a failure. [ 155.364787][ T6801] name failslab, interval 1, probability 0, space 0, times 0 [ 155.424122][ T6801] CPU: 1 UID: 0 PID: 6801 Comm: syz.1.209 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 155.424162][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 155.424179][ T6801] Call Trace: [ 155.424188][ T6801] [ 155.424198][ T6801] dump_stack_lvl+0x16c/0x1f0 [ 155.424240][ T6801] should_fail_ex+0x512/0x640 [ 155.424268][ T6801] ? fs_reclaim_acquire+0xae/0x150 [ 155.424304][ T6801] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 155.424348][ T6801] should_failslab+0xc2/0x120 [ 155.424394][ T6801] __kmalloc_noprof+0xd2/0x510 [ 155.424440][ T6801] tomoyo_realpath_from_path+0xc2/0x6e0 [ 155.424488][ T6801] ? tomoyo_profile+0x47/0x60 [ 155.424521][ T6801] tomoyo_path_number_perm+0x245/0x580 [ 155.424569][ T6801] ? tomoyo_path_number_perm+0x237/0x580 [ 155.424613][ T6801] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 155.424655][ T6801] ? find_held_lock+0x2b/0x80 [ 155.424708][ T6801] ? find_held_lock+0x2b/0x80 [ 155.424739][ T6801] ? __fget_files+0x204/0x3c0 [ 155.424783][ T6801] ? __fget_files+0x20e/0x3c0 [ 155.424827][ T6801] security_file_ioctl+0x9b/0x240 [ 155.424871][ T6801] __x64_sys_ioctl+0xb7/0x200 [ 155.424907][ T6801] do_syscall_64+0xcd/0x260 [ 155.424948][ T6801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.424978][ T6801] RIP: 0033:0x7f0c7758d169 [ 155.425003][ T6801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.425031][ T6801] RSP: 002b:00007f0c783b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 155.425058][ T6801] RAX: ffffffffffffffda RBX: 00007f0c777a5fa0 RCX: 00007f0c7758d169 [ 155.425078][ T6801] RDX: 0000000000000000 RSI: 0000000083c0550b RDI: 0000000000000003 [ 155.425096][ T6801] RBP: 00007f0c783b5090 R08: 0000000000000000 R09: 0000000000000000 [ 155.425114][ T6801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.425132][ T6801] R13: 0000000000000000 R14: 00007f0c777a5fa0 R15: 00007fff68eaf0d8 [ 155.425163][ T6801] [ 155.425175][ T6801] ERROR: Out of memory at tomoyo_realpath_from_path. [ 155.561655][ T6802] Invalid ELF header magic: != ELF [ 156.565505][ T6825] ERROR: Out of memory at tomoyo_memory_ok. [ 156.592424][ T6825] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor /newroot/50/file0' not defined. [ 156.722119][ T30] audit: type=1800 audit(6037938224.469:6): pid=6807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.211" name="features" dev="configfs" ino=13500 res=0 errno=0 [ 158.747418][ T6879] Invalid ELF header magic: != ELF [ 159.036285][ T6886] syz.1.227 uses obsolete (PF_INET,SOCK_PACKET) [ 159.802731][ T6915] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 159.884403][ T6907] ima: policy update failed [ 159.908521][ T30] audit: type=1800 audit(6037938227.649:7): pid=6893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.231" name="features" dev="configfs" ino=13697 res=0 errno=0 [ 159.957033][ T30] audit: type=1802 audit(6037938227.689:8): pid=6907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.234" res=0 errno=0 [ 161.514446][ T6959] bridge0: port 3(team0) entered blocking state [ 161.520821][ T6959] bridge0: port 3(team0) entered disabled state [ 161.577938][ T6959] team0: entered allmulticast mode [ 161.614593][ T6959] team_slave_0: entered allmulticast mode [ 161.614650][ T6959] team_slave_1: entered allmulticast mode [ 161.616294][ T6959] team0: entered promiscuous mode [ 161.616321][ T6959] team_slave_0: entered promiscuous mode [ 161.616498][ T6959] team_slave_1: entered promiscuous mode [ 161.617938][ T6959] bridge0: port 3(team0) entered blocking state [ 161.618540][ T6959] bridge0: port 3(team0) entered forwarding state [ 164.068335][ T7020] Invalid ELF header magic: != ELF [ 164.232845][ T7025] bridge0: port 3(team0) entered blocking state [ 164.256262][ T7025] bridge0: port 3(team0) entered disabled state [ 164.262901][ T7025] team0: entered allmulticast mode [ 164.268217][ T7025] team_slave_0: entered allmulticast mode [ 164.274107][ T7025] team_slave_1: entered allmulticast mode [ 164.281487][ T7025] team0: entered promiscuous mode [ 164.293232][ T7025] team_slave_0: entered promiscuous mode [ 164.299301][ T7025] team_slave_1: entered promiscuous mode [ 164.305657][ T7025] bridge0: port 3(team0) entered blocking state [ 164.312466][ T7025] bridge0: port 3(team0) entered forwarding state [ 166.148038][ T7078] ecryptfs_miscdev_write: Invalid packet size [192] [ 166.183737][ T7073] FAULT_INJECTION: forcing a failure. [ 166.183737][ T7073] name failslab, interval 1, probability 0, space 0, times 0 [ 166.196661][ T7073] CPU: 0 UID: 0 PID: 7073 Comm: syz.0.268 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 166.196700][ T7073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 166.196729][ T7073] Call Trace: [ 166.196737][ T7073] [ 166.196747][ T7073] dump_stack_lvl+0x16c/0x1f0 [ 166.196790][ T7073] should_fail_ex+0x512/0x640 [ 166.196820][ T7073] ? __kmalloc_noprof+0xbf/0x510 [ 166.196862][ T7073] ? sk_prot_alloc+0x1a8/0x2a0 [ 166.196887][ T7073] should_failslab+0xc2/0x120 [ 166.196932][ T7073] __kmalloc_noprof+0xd2/0x510 [ 166.196980][ T7073] sk_prot_alloc+0x1a8/0x2a0 [ 166.197007][ T7073] sk_alloc+0x36/0xc20 [ 166.197044][ T7073] __netlink_create+0x5e/0x2c0 [ 166.197069][ T7073] ? __wake_up+0x3f/0x60 [ 166.197103][ T7073] netlink_create+0x39e/0x620 [ 166.197133][ T7073] ? __pfx_genl_bind+0x10/0x10 [ 166.197171][ T7073] ? __pfx_genl_unbind+0x10/0x10 [ 166.197208][ T7073] ? __pfx_genl_release+0x10/0x10 [ 166.197252][ T7073] __sock_create+0x335/0x8d0 [ 166.197288][ T7073] __sys_socket+0x14d/0x260 [ 166.197320][ T7073] ? __pfx___sys_socket+0x10/0x10 [ 166.197350][ T7073] ? rcu_is_watching+0x12/0xc0 [ 166.197385][ T7073] __x64_sys_socket+0x72/0xb0 [ 166.197415][ T7073] ? lockdep_hardirqs_on+0x7c/0x110 [ 166.197451][ T7073] do_syscall_64+0xcd/0x260 [ 166.197491][ T7073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.197519][ T7073] RIP: 0033:0x7fbae7b8d169 [ 166.197542][ T7073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.197570][ T7073] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 166.197598][ T7073] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 166.197617][ T7073] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 166.197635][ T7073] RBP: 00007fbae7c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 166.197653][ T7073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.197670][ T7073] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 166.197703][ T7073] [ 166.662907][ T7073] sctp: failed to load transform for md5: -2 [ 166.908446][ T7086] Invalid ELF header magic: != ELF [ 167.168171][ T7100] netlink: 28 bytes leftover after parsing attributes in process `syz.0.281'. [ 167.178934][ T7099] Invalid ELF header magic: != ELF [ 167.263786][ T7102] sctp: [Deprecated]: syz.0.281 (pid 7102) Use of struct sctp_assoc_value in delayed_ack socket option. [ 167.263786][ T7102] Use struct sctp_sack_info instead [ 167.941576][ T7105] FAULT_INJECTION: forcing a failure. [ 167.941576][ T7105] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 168.006184][ T7105] CPU: 0 UID: 0 PID: 7105 Comm: syz.1.274 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 168.006226][ T7105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 168.006244][ T7105] Call Trace: [ 168.006253][ T7105] [ 168.006263][ T7105] dump_stack_lvl+0x16c/0x1f0 [ 168.006307][ T7105] should_fail_ex+0x512/0x640 [ 168.006342][ T7105] _copy_to_user+0x32/0xd0 [ 168.006379][ T7105] simple_read_from_buffer+0xe0/0x170 [ 168.006430][ T7105] proc_fail_nth_read+0x197/0x270 [ 168.006472][ T7105] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 168.006512][ T7105] ? rw_verify_area+0xcf/0x680 [ 168.006546][ T7105] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 168.006586][ T7105] vfs_read+0x1de/0xc70 [ 168.006625][ T7105] ? fdget_pos+0x2a2/0x370 [ 168.006669][ T7105] ? __pfx___mutex_lock+0x10/0x10 [ 168.006709][ T7105] ? __pfx_vfs_read+0x10/0x10 [ 168.006756][ T7105] ? __fget_files+0x20e/0x3c0 [ 168.006806][ T7105] ksys_read+0x12a/0x240 [ 168.006845][ T7105] ? __pfx_ksys_read+0x10/0x10 [ 168.006892][ T7105] do_syscall_64+0xcd/0x260 [ 168.006932][ T7105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.006962][ T7105] RIP: 0033:0x7f0c7758bb7c [ 168.006985][ T7105] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 168.007014][ T7105] RSP: 002b:00007f0c783b5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 168.007042][ T7105] RAX: ffffffffffffffda RBX: 00007f0c777a5fa0 RCX: 00007f0c7758bb7c [ 168.007062][ T7105] RDX: 000000000000000f RSI: 00007f0c783b50a0 RDI: 0000000000000004 [ 168.007081][ T7105] RBP: 00007f0c783b5090 R08: 0000000000000000 R09: 0000000000000000 [ 168.007099][ T7105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 168.007117][ T7105] R13: 0000000000000000 R14: 00007f0c777a5fa0 R15: 00007fff68eaf0d8 [ 168.007151][ T7105] [ 168.318226][ T7109] mkiss: ax0: crc mode is auto. [ 168.468860][ T7111] TCP: TCP_TX_DELAY enabled [ 168.858316][ T7132] bridge0: port 3(team0) entered blocking state [ 168.873905][ T7132] bridge0: port 3(team0) entered disabled state [ 168.882335][ T7132] team0: entered allmulticast mode [ 168.891064][ T7132] team_slave_0: entered allmulticast mode [ 168.902416][ T7132] team_slave_1: entered allmulticast mode [ 168.917070][ T7132] team0: entered promiscuous mode [ 168.923207][ T7132] team_slave_0: entered promiscuous mode [ 168.929749][ T7132] team_slave_1: entered promiscuous mode [ 168.936579][ T7132] bridge0: port 3(team0) entered blocking state [ 168.943006][ T7132] bridge0: port 3(team0) entered forwarding state [ 171.502176][ T7182] Invalid ELF header magic: != ELF [ 171.538357][ T7188] syz.0.294 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 172.138991][ T7183] sctp: failed to load transform for md5: -4 [ 172.418225][ T7213] netlink: 28 bytes leftover after parsing attributes in process `syz.1.298'. [ 172.674731][ T7222] sctp: [Deprecated]: syz.1.298 (pid 7222) Use of struct sctp_assoc_value in delayed_ack socket option. [ 172.674731][ T7222] Use struct sctp_sack_info instead [ 172.714622][ T7213] bond0: (slave bond_slave_1): Releasing backup interface [ 173.786375][ T7230] netlink: 8 bytes leftover after parsing attributes in process `syz.3.302'. [ 173.897817][ T7239] mkiss: ax0: crc mode is auto. [ 173.999556][ T7241] netlink: 330 bytes leftover after parsing attributes in process `syz.3.306'. [ 174.517450][ T26] ERROR: Out of memory at tomoyo_memory_ok. [ 174.560702][ T24] smpboot: CPU 0 is now offline [ 175.551581][ T7265] Invalid ELF header magic: != ELF [ 176.674650][ T7284] mkiss: ax0: crc mode is auto. [ 178.494822][ T7300] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 178.987402][ T7311] mkiss: ax0: crc mode is auto. [ 179.818268][ T7322] FAULT_INJECTION: forcing a failure. [ 179.818268][ T7322] name failslab, interval 1, probability 0, space 0, times 0 [ 180.016392][ T7322] CPU: 1 UID: 0 PID: 7322 Comm: syz.0.322 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 180.016428][ T7322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 180.016449][ T7322] Call Trace: [ 180.016456][ T7322] [ 180.016467][ T7322] dump_stack_lvl+0x16c/0x1f0 [ 180.016502][ T7322] should_fail_ex+0x512/0x640 [ 180.016529][ T7322] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 180.016566][ T7322] should_failslab+0xc2/0x120 [ 180.016607][ T7322] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 180.016641][ T7322] ? ioctx_alloc+0x1a4/0x2060 [ 180.016672][ T7322] ? __lock_acquire+0xaa4/0x1ba0 [ 180.016706][ T7322] ioctx_alloc+0x1a4/0x2060 [ 180.016744][ T7322] ? find_held_lock+0x2b/0x80 [ 180.016767][ T7322] ? __pfx_ioctx_alloc+0x10/0x10 [ 180.016797][ T7322] ? __might_fault+0x13b/0x190 [ 180.016823][ T7322] __x64_sys_io_setup+0xc9/0x210 [ 180.016856][ T7322] do_syscall_64+0xcd/0x260 [ 180.016888][ T7322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.016911][ T7322] RIP: 0033:0x7fbae7b8d169 [ 180.016932][ T7322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.016955][ T7322] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 180.016976][ T7322] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 180.016991][ T7322] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 180.017005][ T7322] RBP: 00007fbae7c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 180.017019][ T7322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.017032][ T7322] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 180.017056][ T7322] [ 180.195639][ C1] vkms_vblank_simulate: vblank timer overrun [ 181.150098][ T7344] Invalid ELF header magic: != ELF [ 181.198159][ T30] audit: type=1806 audit(6037938248.949:9): xattr="" res=-22 [ 181.231023][ T7343] mkiss: ax0: crc mode is auto. [ 181.765479][ T7350] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 183.281220][ T7377] mkiss: ax0: crc mode is auto. [ 185.192777][ T7412] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 185.456790][ T7421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.345'. [ 185.535029][ T7426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.345'. [ 186.040439][ T7431] capability: warning: `syz.3.347' uses 32-bit capabilities (legacy support in use) [ 188.058181][ T7466] Invalid ELF header magic: != ELF [ 188.823161][ T7477] Invalid ELF header magic: != ELF [ 189.609980][ T7474] kexec: Could not allocate control_code_buffer [ 189.934248][ T7488] mkiss: ax0: crc mode is auto. [ 191.254802][ T7508] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 192.087786][ T7529] mkiss: ax0: crc mode is auto. [ 193.186956][ T7548] can: request_module (can-proto-5) failed. [ 193.721124][ T7565] Invalid ELF header magic: != ELF [ 194.224681][ T7574] syz.1.380 (7574): /proc/7574/oom_adj is deprecated, please use /proc/7574/oom_score_adj instead. [ 194.371885][ T7577] kexec: Could not allocate control_code_buffer [ 195.649043][ T7605] Invalid ELF header magic: != ELF [ 196.452266][ T7627] sctp: [Deprecated]: syz.3.393 (pid 7627) Use of int in max_burst socket option deprecated. [ 196.452266][ T7627] Use struct sctp_assoc_value instead [ 197.073009][ T7637] mkiss: ax0: crc mode is auto. [ 198.177700][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 198.177755][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.311099][ T30] audit: type=1800 audit(6037938266.059:10): pid=7651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.399" name="features" dev="configfs" ino=17985 res=0 errno=0 [ 198.327326][ T7651] Debayer A: ================= START STATUS ================= [ 198.327359][ T7651] Debayer A: Debayer Mean Window Size: 3 [ 198.327406][ T7651] Debayer A: ================== END STATUS ================== [ 198.454532][ T7660] netlink: 28 bytes leftover after parsing attributes in process `syz.2.400'. [ 200.222810][ T7692] mkiss: ax0: crc mode is auto. [ 200.324929][ T7689] Invalid ELF header magic: != ELF [ 200.513310][ T7699] hub 8-0:1.0: USB hub found [ 200.539615][ T7699] hub 8-0:1.0: 1 port detected [ 201.404607][ T7720] netlink: 28 bytes leftover after parsing attributes in process `syz.0.416'. [ 201.487808][ T7720] veth1_macvtap: left promiscuous mode [ 201.545871][ T7720] macsec0: entered allmulticast mode [ 201.707190][ T7721] netlink: 138 bytes leftover after parsing attributes in process `syz.1.417'. [ 202.676894][ T7733] mkiss: ax0: crc mode is auto. [ 203.154635][ T7744] netlink: 8 bytes leftover after parsing attributes in process `syz.2.423'. [ 206.659707][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 206.666253][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 206.673466][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 206.679856][ T5845] Bluetooth: hci2: command 0x0406 tx timeout [ 207.290923][ T7825] Invalid ELF header magic: != ELF [ 208.947777][ T7854] FAULT_INJECTION: forcing a failure. [ 208.947777][ T7854] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 209.039193][ T7854] CPU: 1 UID: 0 PID: 7854 Comm: syz.0.451 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 209.039226][ T7854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 209.039239][ T7854] Call Trace: [ 209.039246][ T7854] [ 209.039254][ T7854] dump_stack_lvl+0x16c/0x1f0 [ 209.039288][ T7854] should_fail_ex+0x512/0x640 [ 209.039313][ T7854] _copy_from_user+0x2e/0xd0 [ 209.039339][ T7854] __sys_bpf+0x226/0x4c80 [ 209.039391][ T7854] ? __pfx___sys_bpf+0x10/0x10 [ 209.039425][ T7854] ? ksys_write+0x190/0x240 [ 209.039458][ T7854] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 209.039499][ T7854] ? fput+0x70/0xf0 [ 209.039519][ T7854] ? ksys_write+0x1b9/0x240 [ 209.039548][ T7854] ? __pfx_ksys_write+0x10/0x10 [ 209.039576][ T7854] ? rcu_is_watching+0x12/0xc0 [ 209.039602][ T7854] __x64_sys_bpf+0x78/0xc0 [ 209.039636][ T7854] ? lockdep_hardirqs_on+0x7c/0x110 [ 209.039663][ T7854] do_syscall_64+0xcd/0x260 [ 209.039693][ T7854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.039715][ T7854] RIP: 0033:0x7fbae7b8d169 [ 209.039736][ T7854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.039758][ T7854] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 209.039778][ T7854] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 209.039793][ T7854] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000003 [ 209.039806][ T7854] RBP: 00007fbae8a66090 R08: 0000000000000000 R09: 0000000000000000 [ 209.039820][ T7854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 209.039833][ T7854] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 209.039856][ T7854] [ 209.951576][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 210.039464][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 210.088876][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 210.247662][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 210.350396][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 210.536589][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 210.649374][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 210.721282][ T7875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.455'. [ 212.415729][ T7930] FAULT_INJECTION: forcing a failure. [ 212.415729][ T7930] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 212.510800][ T7930] CPU: 1 UID: 0 PID: 7930 Comm: syz.0.474 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 212.510833][ T7930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 212.510847][ T7930] Call Trace: [ 212.510853][ T7930] [ 212.510861][ T7930] dump_stack_lvl+0x16c/0x1f0 [ 212.510895][ T7930] should_fail_ex+0x512/0x640 [ 212.510921][ T7930] _copy_from_user+0x2e/0xd0 [ 212.510948][ T7930] map_delete_elem+0x719/0xa00 [ 212.510975][ T7930] ? __might_fault+0xc0/0x190 [ 212.510995][ T7930] ? __pfx_map_delete_elem+0x10/0x10 [ 212.511027][ T7930] __sys_bpf+0x63a/0x4c80 [ 212.511060][ T7930] ? __pfx___sys_bpf+0x10/0x10 [ 212.511092][ T7930] ? ksys_write+0x190/0x240 [ 212.511124][ T7930] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 212.511164][ T7930] ? fput+0x70/0xf0 [ 212.511183][ T7930] ? ksys_write+0x1b9/0x240 [ 212.511211][ T7930] ? __pfx_ksys_write+0x10/0x10 [ 212.511239][ T7930] ? rcu_is_watching+0x12/0xc0 [ 212.511264][ T7930] __x64_sys_bpf+0x78/0xc0 [ 212.511295][ T7930] ? lockdep_hardirqs_on+0x7c/0x110 [ 212.511322][ T7930] do_syscall_64+0xcd/0x260 [ 212.511351][ T7930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.511372][ T7930] RIP: 0033:0x7fbae7b8d169 [ 212.511389][ T7930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.511411][ T7930] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 212.511432][ T7930] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 212.511446][ T7930] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000003 [ 212.511460][ T7930] RBP: 00007fbae8a66090 R08: 0000000000000000 R09: 0000000000000000 [ 212.511479][ T7930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.511493][ T7930] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 212.511516][ T7930] [ 213.475035][ T7943] Invalid ELF header magic: != ELF [ 215.443780][ T7982] FAULT_INJECTION: forcing a failure. [ 215.443780][ T7982] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 215.504124][ T7982] CPU: 1 UID: 0 PID: 7982 Comm: syz.0.487 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 215.504157][ T7982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 215.504170][ T7982] Call Trace: [ 215.504177][ T7982] [ 215.504185][ T7982] dump_stack_lvl+0x16c/0x1f0 [ 215.504220][ T7982] should_fail_ex+0x512/0x640 [ 215.504247][ T7982] should_fail_alloc_page+0xe7/0x130 [ 215.504293][ T7982] prepare_alloc_pages.constprop.0+0x172/0x570 [ 215.504322][ T7982] ? find_held_lock+0x2b/0x80 [ 215.504348][ T7982] __alloc_frozen_pages_noprof+0x18f/0x24d0 [ 215.504392][ T7982] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 215.504430][ T7982] ? __lock_acquire+0x5ca/0x1ba0 [ 215.504462][ T7982] ? process_measurement+0x51f/0x2360 [ 215.504483][ T7982] ? down_write+0x14d/0x200 [ 215.504516][ T7982] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 215.504553][ T7982] ? policy_nodemask+0xea/0x4e0 [ 215.504589][ T7982] alloc_pages_mpol+0x1fb/0x540 [ 215.504626][ T7982] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 215.504667][ T7982] alloc_pages_noprof+0x131/0x390 [ 215.504703][ T7982] __pmd_alloc+0x3f/0x870 [ 215.504729][ T7982] ? find_held_lock+0x2b/0x80 [ 215.504752][ T7982] __handle_mm_fault+0x94e/0x2a50 [ 215.504790][ T7982] ? __pfx___handle_mm_fault+0x10/0x10 [ 215.504833][ T7982] ? find_vma+0xbf/0x140 [ 215.504856][ T7982] ? __pfx_find_vma+0x10/0x10 [ 215.504883][ T7982] handle_mm_fault+0x3fa/0xaa0 [ 215.504918][ T7982] do_user_addr_fault+0x7a9/0x1430 [ 215.504946][ T7982] exc_page_fault+0x5c/0xc0 [ 215.504973][ T7982] asm_exc_page_fault+0x26/0x30 [ 215.504993][ T7982] RIP: 0010:rep_movs_alternative+0xf/0x70 [ 215.505014][ T7982] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 215.505036][ T7982] RSP: 0018:ffffc9000b4bfbd8 EFLAGS: 00050202 [ 215.505054][ T7982] RAX: 0000000000000001 RBX: 000000000000ffff RCX: 0000000000000004 [ 215.505067][ T7982] RDX: ffffed100522b85c RSI: 000000000000ffff RDI: ffff88802915c2e0 [ 215.505082][ T7982] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed100522b85c [ 215.505095][ T7982] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 215.505108][ T7982] R13: ffff88802915c2e0 R14: ffff88802915c2e0 R15: 1ffff92001697f86 [ 215.505133][ T7982] _copy_from_user+0x98/0xd0 [ 215.505161][ T7982] map_delete_elem+0x719/0xa00 [ 215.505190][ T7982] ? __might_fault+0xc0/0x190 [ 215.505209][ T7982] ? __pfx_map_delete_elem+0x10/0x10 [ 215.505242][ T7982] __sys_bpf+0x63a/0x4c80 [ 215.505282][ T7982] ? __pfx___sys_bpf+0x10/0x10 [ 215.505316][ T7982] ? ksys_write+0x190/0x240 [ 215.505349][ T7982] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 215.505390][ T7982] ? fput+0x70/0xf0 [ 215.505409][ T7982] ? ksys_write+0x1b9/0x240 [ 215.505438][ T7982] ? __pfx_ksys_write+0x10/0x10 [ 215.505467][ T7982] ? rcu_is_watching+0x12/0xc0 [ 215.505492][ T7982] __x64_sys_bpf+0x78/0xc0 [ 215.505526][ T7982] ? lockdep_hardirqs_on+0x7c/0x110 [ 215.505553][ T7982] do_syscall_64+0xcd/0x260 [ 215.505583][ T7982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.505605][ T7982] RIP: 0033:0x7fbae7b8d169 [ 215.505621][ T7982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.505642][ T7982] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 215.505661][ T7982] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 215.505676][ T7982] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000003 [ 215.505689][ T7982] RBP: 00007fbae8a66090 R08: 0000000000000000 R09: 0000000000000000 [ 215.505703][ T7982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.505716][ T7982] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 215.505739][ T7982] [ 217.385569][ T8008] Invalid ELF header magic: != ELF [ 217.703678][ T8016] mkiss: ax0: crc mode is auto. [ 218.242496][ T8026] FAULT_INJECTION: forcing a failure. [ 218.242496][ T8026] name failslab, interval 1, probability 0, space 0, times 0 [ 218.306584][ T8026] CPU: 1 UID: 0 PID: 8026 Comm: syz.1.498 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 218.306617][ T8026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 218.306631][ T8026] Call Trace: [ 218.306638][ T8026] [ 218.306646][ T8026] dump_stack_lvl+0x16c/0x1f0 [ 218.306679][ T8026] should_fail_ex+0x512/0x640 [ 218.306703][ T8026] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 218.306738][ T8026] should_failslab+0xc2/0x120 [ 218.306781][ T8026] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 218.306813][ T8026] ? __pmd_alloc+0xc3/0x870 [ 218.306842][ T8026] __pmd_alloc+0xc3/0x870 [ 218.306867][ T8026] ? find_held_lock+0x2b/0x80 [ 218.306892][ T8026] __handle_mm_fault+0x94e/0x2a50 [ 218.306929][ T8026] ? __pfx___handle_mm_fault+0x10/0x10 [ 218.306972][ T8026] ? find_vma+0xbf/0x140 [ 218.306996][ T8026] ? __pfx_find_vma+0x10/0x10 [ 218.307022][ T8026] handle_mm_fault+0x3fa/0xaa0 [ 218.307057][ T8026] do_user_addr_fault+0x7a9/0x1430 [ 218.307086][ T8026] exc_page_fault+0x5c/0xc0 [ 218.307113][ T8026] asm_exc_page_fault+0x26/0x30 [ 218.307133][ T8026] RIP: 0010:rep_movs_alternative+0xf/0x70 [ 218.307154][ T8026] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 218.307176][ T8026] RSP: 0018:ffffc9000b397bd8 EFLAGS: 00050202 [ 218.307193][ T8026] RAX: 0000000000000001 RBX: 000000000000ffff RCX: 0000000000000004 [ 218.307207][ T8026] RDX: ffffed100f08fba0 RSI: 000000000000ffff RDI: ffff88807847dd00 [ 218.307225][ T8026] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed100f08fba0 [ 218.307239][ T8026] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 218.307252][ T8026] R13: ffff88807847dd00 R14: ffff88807847dd00 R15: 1ffff92001672f86 [ 218.307277][ T8026] _copy_from_user+0x98/0xd0 [ 218.307304][ T8026] map_delete_elem+0x719/0xa00 [ 218.307333][ T8026] ? __might_fault+0xc0/0x190 [ 218.307353][ T8026] ? __pfx_map_delete_elem+0x10/0x10 [ 218.307386][ T8026] __sys_bpf+0x63a/0x4c80 [ 218.307421][ T8026] ? __pfx___sys_bpf+0x10/0x10 [ 218.307454][ T8026] ? ksys_write+0x190/0x240 [ 218.307488][ T8026] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 218.307530][ T8026] ? fput+0x70/0xf0 [ 218.307549][ T8026] ? ksys_write+0x1b9/0x240 [ 218.307578][ T8026] ? __pfx_ksys_write+0x10/0x10 [ 218.307607][ T8026] ? rcu_is_watching+0x12/0xc0 [ 218.307633][ T8026] __x64_sys_bpf+0x78/0xc0 [ 218.307666][ T8026] ? lockdep_hardirqs_on+0x7c/0x110 [ 218.307693][ T8026] do_syscall_64+0xcd/0x260 [ 218.307724][ T8026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.307753][ T8026] RIP: 0033:0x7f0c7758d169 [ 218.307769][ T8026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.307790][ T8026] RSP: 002b:00007f0c783b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 218.307809][ T8026] RAX: ffffffffffffffda RBX: 00007f0c777a5fa0 RCX: 00007f0c7758d169 [ 218.307824][ T8026] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000003 [ 218.307838][ T8026] RBP: 00007f0c783b5090 R08: 0000000000000000 R09: 0000000000000000 [ 218.307851][ T8026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 218.307864][ T8026] R13: 0000000000000000 R14: 00007f0c777a5fa0 R15: 00007fff68eaf0d8 [ 218.307887][ T8026] [ 220.687120][ T8056] mkiss: ax0: crc mode is auto. [ 220.826091][ T8059] Invalid ELF header magic: != ELF [ 222.715924][ T8093] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 222.866587][ T8093] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 223.182715][ T8093] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 223.257822][ T8093] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 223.325613][ T8093] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 223.344710][ T8093] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 223.436755][ T8093] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 223.475910][ T8093] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 223.501914][ T8093] CPU0 is offline. [ 223.610314][ T8109] mkiss: ax0: crc mode is auto. [ 224.185136][ T8127] netlink: 28 bytes leftover after parsing attributes in process `syz.1.520'. [ 224.247763][ T8127] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.321311][ T8133] FAULT_INJECTION: forcing a failure. [ 224.321311][ T8133] name failslab, interval 1, probability 0, space 0, times 0 [ 224.365489][ T8129] netlink: 28 bytes leftover after parsing attributes in process `syz.1.520'. [ 224.416592][ T8133] CPU: 1 UID: 0 PID: 8133 Comm: syz.0.521 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 224.416625][ T8133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 224.416639][ T8133] Call Trace: [ 224.416646][ T8133] [ 224.416654][ T8133] dump_stack_lvl+0x16c/0x1f0 [ 224.416688][ T8133] should_fail_ex+0x512/0x640 [ 224.416711][ T8133] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 224.416746][ T8133] should_failslab+0xc2/0x120 [ 224.416783][ T8133] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 224.416816][ T8133] ? ptlock_alloc+0x1f/0x70 [ 224.416849][ T8133] ptlock_alloc+0x1f/0x70 [ 224.416879][ T8133] pte_alloc_one+0x6d/0x380 [ 224.416906][ T8133] do_pte_missing+0x1b1c/0x3ea0 [ 224.416938][ T8133] ? do_raw_spin_unlock+0x172/0x230 [ 224.416960][ T8133] ? __pmd_alloc+0x3c2/0x870 [ 224.416985][ T8133] ? find_held_lock+0x2b/0x80 [ 224.417009][ T8133] __handle_mm_fault+0x1043/0x2a50 [ 224.417046][ T8133] ? __pfx___handle_mm_fault+0x10/0x10 [ 224.417089][ T8133] ? find_vma+0xbf/0x140 [ 224.417113][ T8133] ? __pfx_find_vma+0x10/0x10 [ 224.417140][ T8133] handle_mm_fault+0x3fa/0xaa0 [ 224.417175][ T8133] do_user_addr_fault+0x7a9/0x1430 [ 224.417202][ T8133] exc_page_fault+0x5c/0xc0 [ 224.417229][ T8133] asm_exc_page_fault+0x26/0x30 [ 224.417250][ T8133] RIP: 0010:rep_movs_alternative+0xf/0x70 [ 224.417271][ T8133] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 224.417292][ T8133] RSP: 0018:ffffc9000436fbd8 EFLAGS: 00050202 [ 224.417310][ T8133] RAX: 0000000000000001 RBX: 000000000000ffff RCX: 0000000000000004 [ 224.417323][ T8133] RDX: ffffed1005e18674 RSI: 000000000000ffff RDI: ffff88802f0c33a0 [ 224.417338][ T8133] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed1005e18674 [ 224.417351][ T8133] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 224.417364][ T8133] R13: ffff88802f0c33a0 R14: ffff88802f0c33a0 R15: 1ffff9200086df86 [ 224.417394][ T8133] _copy_from_user+0x98/0xd0 [ 224.417422][ T8133] map_delete_elem+0x719/0xa00 [ 224.417450][ T8133] ? __might_fault+0xc0/0x190 [ 224.417469][ T8133] ? __pfx_map_delete_elem+0x10/0x10 [ 224.417503][ T8133] __sys_bpf+0x63a/0x4c80 [ 224.417538][ T8133] ? __pfx___sys_bpf+0x10/0x10 [ 224.417571][ T8133] ? ksys_write+0x190/0x240 [ 224.417604][ T8133] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 224.417650][ T8133] ? fput+0x70/0xf0 [ 224.417670][ T8133] ? ksys_write+0x1b9/0x240 [ 224.417699][ T8133] ? __pfx_ksys_write+0x10/0x10 [ 224.417728][ T8133] ? rcu_is_watching+0x12/0xc0 [ 224.417753][ T8133] __x64_sys_bpf+0x78/0xc0 [ 224.417786][ T8133] ? lockdep_hardirqs_on+0x7c/0x110 [ 224.417813][ T8133] do_syscall_64+0xcd/0x260 [ 224.417844][ T8133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.417866][ T8133] RIP: 0033:0x7fbae7b8d169 [ 224.417881][ T8133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.417902][ T8133] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 224.417922][ T8133] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 224.417936][ T8133] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000003 [ 224.417950][ T8133] RBP: 00007fbae8a66090 R08: 0000000000000000 R09: 0000000000000000 [ 224.417963][ T8133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 224.417976][ T8133] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 224.418000][ T8133] [ 224.422351][ T8127] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.822780][ T8131] Invalid ELF header magic: != ELF [ 224.870231][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 225.251092][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 225.282071][ T8149] FAULT_INJECTION: forcing a failure. [ 225.282071][ T8149] name failslab, interval 1, probability 0, space 0, times 0 [ 225.314046][ T8149] CPU: 1 UID: 0 PID: 8149 Comm: syz.0.525 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 225.314079][ T8149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 225.314093][ T8149] Call Trace: [ 225.314099][ T8149] [ 225.314108][ T8149] dump_stack_lvl+0x16c/0x1f0 [ 225.314142][ T8149] should_fail_ex+0x512/0x640 [ 225.314165][ T8149] ? __kmalloc_noprof+0xbf/0x510 [ 225.314198][ T8149] ? kernfs_fop_write_iter+0x22f/0x510 [ 225.314223][ T8149] should_failslab+0xc2/0x120 [ 225.314264][ T8149] __kmalloc_noprof+0xd2/0x510 [ 225.314300][ T8149] kernfs_fop_write_iter+0x22f/0x510 [ 225.314329][ T8149] vfs_write+0x5ba/0x1180 [ 225.314359][ T8149] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 225.314387][ T8149] ? __pfx___mutex_lock+0x10/0x10 [ 225.314416][ T8149] ? __pfx_vfs_write+0x10/0x10 [ 225.314458][ T8149] ksys_write+0x12a/0x240 [ 225.314488][ T8149] ? __pfx_ksys_write+0x10/0x10 [ 225.314517][ T8149] ? rcu_is_watching+0x12/0xc0 [ 225.314545][ T8149] do_syscall_64+0xcd/0x260 [ 225.314577][ T8149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.314598][ T8149] RIP: 0033:0x7fbae7b8d169 [ 225.314615][ T8149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.314636][ T8149] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 225.314657][ T8149] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 225.314671][ T8149] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 225.314685][ T8149] RBP: 00007fbae8a66090 R08: 0000000000000000 R09: 0000000000000000 [ 225.314698][ T8149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.314711][ T8149] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 225.314735][ T8149] [ 225.609817][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 225.616074][ T5833] Bluetooth: hci3: command 0x0406 tx timeout [ 225.763065][ T8127] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.793218][ T8127] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 226.894107][ T5147] Bluetooth: hci0: command 0x0406 tx timeout [ 227.081554][ T8186] FAULT_INJECTION: forcing a failure. [ 227.081554][ T8186] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 227.131360][ T8186] CPU: 1 UID: 0 PID: 8186 Comm: syz.2.533 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 227.131397][ T8186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 227.131411][ T8186] Call Trace: [ 227.131417][ T8186] [ 227.131425][ T8186] dump_stack_lvl+0x16c/0x1f0 [ 227.131459][ T8186] should_fail_ex+0x512/0x640 [ 227.131486][ T8186] should_fail_alloc_page+0xe7/0x130 [ 227.131524][ T8186] prepare_alloc_pages.constprop.0+0x172/0x570 [ 227.131557][ T8186] __alloc_frozen_pages_noprof+0x18f/0x24d0 [ 227.131594][ T8186] ? __lock_acquire+0x5ca/0x1ba0 [ 227.131628][ T8186] ? find_held_lock+0x2b/0x80 [ 227.131652][ T8186] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 227.131690][ T8186] ? find_held_lock+0x2b/0x80 [ 227.131717][ T8186] ? find_held_lock+0x2b/0x80 [ 227.131740][ T8186] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 227.131776][ T8186] ? policy_nodemask+0xea/0x4e0 [ 227.131813][ T8186] alloc_pages_mpol+0x1fb/0x540 [ 227.131849][ T8186] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 227.131890][ T8186] folio_alloc_mpol_noprof+0x36/0x2f0 [ 227.131915][ T8186] shmem_alloc_folio+0x135/0x160 [ 227.131951][ T8186] shmem_alloc_and_add_folio+0x499/0xc20 [ 227.131978][ T8186] ? shmem_huge_global_enabled+0x72/0x6b0 [ 227.132000][ T8186] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 227.132025][ T8186] ? shmem_allowable_huge_orders+0xd0/0x410 [ 227.132054][ T8186] shmem_get_folio_gfp+0x687/0x1530 [ 227.132082][ T8186] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 227.132114][ T8186] ? filemap_map_pages+0xf72/0x1680 [ 227.132143][ T8186] shmem_fault+0x204/0xb10 [ 227.132167][ T8186] ? __pfx_shmem_fault+0x10/0x10 [ 227.132194][ T8186] ? __pfx_filemap_map_pages+0x10/0x10 [ 227.132226][ T8186] __do_fault+0x10a/0x490 [ 227.132249][ T8186] do_pte_missing+0xed5/0x3ea0 [ 227.132281][ T8186] ? do_raw_spin_unlock+0x172/0x230 [ 227.132302][ T8186] ? __pmd_alloc+0x3c2/0x870 [ 227.132327][ T8186] ? find_held_lock+0x2b/0x80 [ 227.132351][ T8186] __handle_mm_fault+0x1043/0x2a50 [ 227.132388][ T8186] ? __pfx___handle_mm_fault+0x10/0x10 [ 227.132431][ T8186] ? find_vma+0xbf/0x140 [ 227.132455][ T8186] ? __pfx_find_vma+0x10/0x10 [ 227.132481][ T8186] handle_mm_fault+0x3fa/0xaa0 [ 227.132516][ T8186] do_user_addr_fault+0x7a9/0x1430 [ 227.132545][ T8186] exc_page_fault+0x5c/0xc0 [ 227.132572][ T8186] asm_exc_page_fault+0x26/0x30 [ 227.132594][ T8186] RIP: 0010:rep_movs_alternative+0xf/0x70 [ 227.132617][ T8186] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 227.132638][ T8186] RSP: 0018:ffffc9000465fbd8 EFLAGS: 00050202 [ 227.132655][ T8186] RAX: 0000000000000001 RBX: 000000000000ffff RCX: 0000000000000004 [ 227.132669][ T8186] RDX: ffffed1005272a68 RSI: 000000000000ffff RDI: ffff888029395340 [ 227.132684][ T8186] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed1005272a68 [ 227.132698][ T8186] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 227.132710][ T8186] R13: ffff888029395340 R14: ffff888029395340 R15: 1ffff920008cbf86 [ 227.132735][ T8186] _copy_from_user+0x98/0xd0 [ 227.132763][ T8186] map_delete_elem+0x719/0xa00 [ 227.132791][ T8186] ? __might_fault+0xc0/0x190 [ 227.132811][ T8186] ? __pfx_map_delete_elem+0x10/0x10 [ 227.132844][ T8186] __sys_bpf+0x63a/0x4c80 [ 227.132879][ T8186] ? __pfx___sys_bpf+0x10/0x10 [ 227.132912][ T8186] ? ksys_write+0x190/0x240 [ 227.132945][ T8186] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 227.132987][ T8186] ? fput+0x70/0xf0 [ 227.133006][ T8186] ? ksys_write+0x1b9/0x240 [ 227.133035][ T8186] ? __pfx_ksys_write+0x10/0x10 [ 227.133064][ T8186] ? rcu_is_watching+0x12/0xc0 [ 227.133090][ T8186] __x64_sys_bpf+0x78/0xc0 [ 227.133127][ T8186] ? lockdep_hardirqs_on+0x7c/0x110 [ 227.133154][ T8186] do_syscall_64+0xcd/0x260 [ 227.133185][ T8186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.133207][ T8186] RIP: 0033:0x7f219a18d169 [ 227.133223][ T8186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.133243][ T8186] RSP: 002b:00007f219af3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 227.133263][ T8186] RAX: ffffffffffffffda RBX: 00007f219a3a5fa0 RCX: 00007f219a18d169 [ 227.133278][ T8186] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000003 [ 227.133291][ T8186] RBP: 00007f219af3b090 R08: 0000000000000000 R09: 0000000000000000 [ 227.133304][ T8186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.133317][ T8186] R13: 0000000000000000 R14: 00007f219a3a5fa0 R15: 00007ffc483c8a68 [ 227.133340][ T8186] [ 227.645522][ T5147] Bluetooth: hci1: command 0x0406 tx timeout [ 227.818822][ T8193] FAULT_INJECTION: forcing a failure. [ 227.818822][ T8193] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.832111][ T8193] CPU: 1 UID: 0 PID: 8193 Comm: syz.0.536 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 227.832141][ T8193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 227.832154][ T8193] Call Trace: [ 227.832163][ T8193] [ 227.832173][ T8193] dump_stack_lvl+0x16c/0x1f0 [ 227.832207][ T8193] should_fail_ex+0x512/0x640 [ 227.832234][ T8193] _copy_from_iter+0x2a4/0x15b0 [ 227.832264][ T8193] ? find_held_lock+0x2b/0x80 [ 227.832289][ T8193] ? __pfx__copy_from_iter+0x10/0x10 [ 227.832318][ T8193] ? __virt_addr_valid+0x5e/0x590 [ 227.832350][ T8193] ? __phys_addr_symbol+0x30/0x80 [ 227.832380][ T8193] ? __check_object_size+0x4c7/0x710 [ 227.832421][ T8193] kernfs_fop_write_iter+0x1a9/0x510 [ 227.832451][ T8193] vfs_write+0x5ba/0x1180 [ 227.832482][ T8193] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 227.832510][ T8193] ? __pfx___mutex_lock+0x10/0x10 [ 227.832540][ T8193] ? __pfx_vfs_write+0x10/0x10 [ 227.832582][ T8193] ksys_write+0x12a/0x240 [ 227.832612][ T8193] ? __pfx_ksys_write+0x10/0x10 [ 227.832641][ T8193] ? rcu_is_watching+0x12/0xc0 [ 227.832669][ T8193] do_syscall_64+0xcd/0x260 [ 227.832700][ T8193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.832722][ T8193] RIP: 0033:0x7fbae7b8d169 [ 227.832740][ T8193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.832759][ T8193] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 227.832779][ T8193] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 227.832792][ T8193] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 227.832805][ T8193] RBP: 00007fbae8a66090 R08: 0000000000000000 R09: 0000000000000000 [ 227.832818][ T8193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.832830][ T8193] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 227.832853][ T8193] [ 228.233760][ T5147] Bluetooth: hci3: command 0x0406 tx timeout [ 228.240000][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 228.451942][ T8208] Invalid ELF header magic: != ELF [ 228.910432][ T8212] zram: Added device: zram1 [ 229.452050][ T8227] FAULT_INJECTION: forcing a failure. [ 229.452050][ T8227] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 229.518431][ T8227] CPU: 1 UID: 0 PID: 8227 Comm: syz.3.546 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 229.518465][ T8227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 229.518478][ T8227] Call Trace: [ 229.518485][ T8227] [ 229.518493][ T8227] dump_stack_lvl+0x16c/0x1f0 [ 229.518527][ T8227] should_fail_ex+0x512/0x640 [ 229.518553][ T8227] _copy_to_user+0x32/0xd0 [ 229.518582][ T8227] simple_read_from_buffer+0xe0/0x170 [ 229.518614][ T8227] proc_fail_nth_read+0x197/0x270 [ 229.518645][ T8227] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 229.518675][ T8227] ? rw_verify_area+0xcf/0x680 [ 229.518701][ T8227] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 229.518731][ T8227] vfs_read+0x1de/0xc70 [ 229.518759][ T8227] ? fdget_pos+0x2a2/0x370 [ 229.518794][ T8227] ? __pfx___mutex_lock+0x10/0x10 [ 229.518824][ T8227] ? __pfx_vfs_read+0x10/0x10 [ 229.518858][ T8227] ? __fget_files+0x20e/0x3c0 [ 229.518895][ T8227] ksys_read+0x12a/0x240 [ 229.518923][ T8227] ? __pfx_ksys_read+0x10/0x10 [ 229.518959][ T8227] ? rcu_is_watching+0x12/0xc0 [ 229.518987][ T8227] do_syscall_64+0xcd/0x260 [ 229.519018][ T8227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.519040][ T8227] RIP: 0033:0x7f3d5a78bb7c [ 229.519056][ T8227] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 229.519077][ T8227] RSP: 002b:00007f3d5b62b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 229.519098][ T8227] RAX: ffffffffffffffda RBX: 00007f3d5a9a5fa0 RCX: 00007f3d5a78bb7c [ 229.519113][ T8227] RDX: 000000000000000f RSI: 00007f3d5b62b0a0 RDI: 0000000000000004 [ 229.519127][ T8227] RBP: 00007f3d5b62b090 R08: 0000000000000000 R09: 0000000000000000 [ 229.519140][ T8227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 229.519153][ T8227] R13: 0000000000000000 R14: 00007f3d5a9a5fa0 R15: 00007ffeba3fcf68 [ 229.519176][ T8227] [ 230.275522][ T8224] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 230.282437][ T8224] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 230.295282][ T8224] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 230.301371][ T8224] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 230.414376][ T8224] CPU0 is offline. [ 230.600567][ T8240] Invalid ELF header magic: != ELF [ 230.794689][ T8246] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[8246] [ 231.869183][ T8264] netlink: zone id is out of range [ 232.109064][ T8264] netlink: zone id is out of range [ 232.334046][ T5147] Bluetooth: hci3: command 0x0406 tx timeout [ 232.340108][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 232.346291][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 232.352299][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 232.560978][ T8264] netlink: zone id is out of range [ 232.570026][ T8271] ERROR: Out of memory at tomoyo_memory_ok. [ 232.615539][ T8264] netlink: zone id is out of range [ 232.643403][ T8272] mkiss: ax0: crc mode is auto. [ 232.690616][ T8264] netlink: zone id is out of range [ 232.748202][ T8264] netlink: zone id is out of range [ 232.783877][ T8264] netlink: zone id is out of range [ 232.789084][ T8264] netlink: zone id is out of range [ 232.837400][ T8264] netlink: zone id is out of range [ 232.842549][ T8264] netlink: zone id is out of range [ 232.898675][ T5147] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 232.898708][ T5147] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 232.914048][ T5147] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 232.914082][ T5147] Bluetooth: hci2: adv larger than maximum supported [ 232.922164][ T5147] Bluetooth: hci2: Malformed LE Event: 0x0d [ 233.844804][ T8314] FAULT_INJECTION: forcing a failure. [ 233.844804][ T8314] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 233.940080][ T8314] CPU: 1 UID: 0 PID: 8314 Comm: syz.3.565 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 233.940112][ T8314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 233.940125][ T8314] Call Trace: [ 233.940132][ T8314] [ 233.940140][ T8314] dump_stack_lvl+0x16c/0x1f0 [ 233.940176][ T8314] should_fail_ex+0x512/0x640 [ 233.940202][ T8314] _copy_to_user+0x32/0xd0 [ 233.940228][ T8314] simple_read_from_buffer+0xe0/0x170 [ 233.940258][ T8314] proc_fail_nth_read+0x197/0x270 [ 233.940287][ T8314] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 233.940315][ T8314] ? rw_verify_area+0xcf/0x680 [ 233.940340][ T8314] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 233.940367][ T8314] vfs_read+0x1de/0xc70 [ 233.940394][ T8314] ? fdget_pos+0x2a2/0x370 [ 233.940427][ T8314] ? __pfx___mutex_lock+0x10/0x10 [ 233.940455][ T8314] ? __pfx_vfs_read+0x10/0x10 [ 233.940487][ T8314] ? __fget_files+0x20e/0x3c0 [ 233.940521][ T8314] ksys_read+0x12a/0x240 [ 233.940548][ T8314] ? __pfx_ksys_read+0x10/0x10 [ 233.940583][ T8314] ? rcu_is_watching+0x12/0xc0 [ 233.940612][ T8314] do_syscall_64+0xcd/0x260 [ 233.940643][ T8314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.940664][ T8314] RIP: 0033:0x7f3d5a78bb7c [ 233.940680][ T8314] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 233.940701][ T8314] RSP: 002b:00007f3d5b62b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 233.940722][ T8314] RAX: ffffffffffffffda RBX: 00007f3d5a9a5fa0 RCX: 00007f3d5a78bb7c [ 233.940737][ T8314] RDX: 000000000000000f RSI: 00007f3d5b62b0a0 RDI: 0000000000000006 [ 233.940750][ T8314] RBP: 00007f3d5b62b090 R08: 0000000000000000 R09: 0000000000000000 [ 233.940763][ T8314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 233.940776][ T8314] R13: 0000000000000000 R14: 00007f3d5a9a5fa0 R15: 00007ffeba3fcf68 [ 233.940800][ T8314] [ 234.676410][ T8326] mkiss: ax0: crc mode is auto. [ 234.773454][ T8319] ERROR: Out of memory at tomoyo_memory_ok. [ 235.306863][ T8335] netlink: 24 bytes leftover after parsing attributes in process `syz.1.570'. [ 235.394804][ T30] audit: type=1800 audit(6037938311.152:11): pid=8336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.570" name="dbroot" dev="configfs" ino=21287 res=0 errno=0 [ 235.606284][ T8336] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 235.875276][ T8337] netlink: 28 bytes leftover after parsing attributes in process `syz.3.571'. [ 236.099399][ T5194] ERROR: Out of memory at tomoyo_memory_ok. [ 236.140603][ T26] ERROR: Out of memory at tomoyo_memory_ok. [ 236.175942][ T5194] ERROR: Out of memory at tomoyo_memory_ok. [ 236.488210][ T8350] netlink: 16 bytes leftover after parsing attributes in process `syz.2.572'. [ 237.663329][ T8373] mkiss: ax0: crc mode is auto. [ 237.979473][ T8384] Invalid ELF header magic: != ELF [ 238.669570][ T5147] Bluetooth: hci2: Malformed Event: 0x13 [ 241.210340][ T8471] Invalid ELF header magic: != ELF [ 242.756232][ T8500] net_ratelimit: 332 callbacks suppressed [ 242.756249][ T8500] netlink: zone id is out of range [ 242.831705][ T8500] netlink: zone id is out of range [ 242.873618][ T8500] netlink: zone id is out of range [ 242.905402][ T8500] netlink: zone id is out of range [ 242.934669][ T8500] netlink: zone id is out of range [ 242.943292][ T8504] Invalid ELF header magic: != ELF [ 242.956850][ T8500] netlink: zone id is out of range [ 242.989420][ T8500] netlink: zone id is out of range [ 243.024951][ T8500] netlink: zone id is out of range [ 243.054402][ T8500] netlink: zone id is out of range [ 243.076742][ T8500] netlink: zone id is out of range [ 243.909679][ T8528] netlink: 334 bytes leftover after parsing attributes in process `syz.1.608'. [ 244.956612][ T8540] netlink: 8 bytes leftover after parsing attributes in process `syz.2.610'. [ 245.494614][ T8526] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 245.594793][ T8526] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 245.670262][ T8526] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 245.746143][ T8526] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 245.792668][ T8526] CPU0 is offline. [ 246.014333][ T5147] Bluetooth: hci0: command 0x0406 tx timeout [ 246.122826][ T8554] Invalid ELF header magic: != ELF [ 246.549556][ T5147] Bluetooth: hci1: unexpected event 0x17 length: 123 > 6 [ 247.107996][ T8575] random: crng reseeded on system resumption [ 247.614131][ T5147] Bluetooth: hci1: command 0x0406 tx timeout [ 247.694879][ T5147] Bluetooth: hci2: command 0x0406 tx timeout [ 247.774076][ T5147] Bluetooth: hci3: command 0x0406 tx timeout [ 248.963020][ T8593] ERROR: Out of memory at tomoyo_memory_ok. [ 249.835002][ T8630] aoe: invalid device specification [ 250.617245][ T5147] Bluetooth: hci2: unexpected event 0x17 length: 123 > 6 [ 250.836090][ T8623] kexec: Could not allocate control_code_buffer [ 251.326174][ T8654] FAULT_INJECTION: forcing a failure. [ 251.326174][ T8654] name failslab, interval 1, probability 0, space 0, times 0 [ 251.377445][ T8654] CPU: 1 UID: 0 PID: 8654 Comm: syz.1.640 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 251.377480][ T8654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 251.377493][ T8654] Call Trace: [ 251.377500][ T8654] [ 251.377509][ T8654] dump_stack_lvl+0x16c/0x1f0 [ 251.377544][ T8654] should_fail_ex+0x512/0x640 [ 251.377569][ T8654] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 251.377602][ T8654] should_failslab+0xc2/0x120 [ 251.377639][ T8654] __kmalloc_cache_noprof+0x6a/0x3e0 [ 251.377670][ T8654] ? percpu_ref_init+0xec/0x410 [ 251.377691][ T8654] ? __pfx_blkg_release+0x10/0x10 [ 251.377713][ T8654] percpu_ref_init+0xec/0x410 [ 251.377732][ T8654] ? kasan_save_track+0x14/0x30 [ 251.377766][ T8654] blkg_alloc+0xea/0xb00 [ 251.377792][ T8654] blkcg_init_disk+0x51/0x160 [ 251.377819][ T8654] __alloc_disk_node+0x299/0x610 [ 251.377856][ T8654] __blk_alloc_disk+0xd7/0x170 [ 251.377889][ T8654] ? __pfx___blk_alloc_disk+0x10/0x10 [ 251.377936][ T8654] ? lockdep_init_map_type+0x5c/0x280 [ 251.377970][ T8654] ? __raw_spin_lock_init+0x3a/0x110 [ 251.378010][ T8654] ? __pfx_hot_add_show+0x10/0x10 [ 251.378031][ T8654] zram_add+0x16e/0x6c0 [ 251.378050][ T8654] ? __pfx_zram_add+0x10/0x10 [ 251.378088][ T8654] ? __pfx_hot_add_show+0x10/0x10 [ 251.378108][ T8654] hot_add_show+0x21/0x80 [ 251.378127][ T8654] class_attr_show+0x6f/0xa0 [ 251.378162][ T8654] ? __pfx_class_attr_show+0x10/0x10 [ 251.378195][ T8654] sysfs_kf_seq_show+0x23e/0x410 [ 251.378231][ T8654] seq_read_iter+0x506/0x12b0 [ 251.378270][ T8654] kernfs_fop_read_iter+0x422/0x5a0 [ 251.378296][ T8654] ? rw_verify_area+0xcf/0x680 [ 251.378333][ T8654] vfs_read+0x8c8/0xc70 [ 251.378366][ T8654] ? __pfx___mutex_lock+0x10/0x10 [ 251.378397][ T8654] ? __pfx_vfs_read+0x10/0x10 [ 251.378445][ T8654] ksys_read+0x12a/0x240 [ 251.378475][ T8654] ? __pfx_ksys_read+0x10/0x10 [ 251.378504][ T8654] ? rcu_is_watching+0x12/0xc0 [ 251.378533][ T8654] do_syscall_64+0xcd/0x260 [ 251.378565][ T8654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.378588][ T8654] RIP: 0033:0x7f0c7758d169 [ 251.378606][ T8654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.378628][ T8654] RSP: 002b:00007f0c783b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 251.378650][ T8654] RAX: ffffffffffffffda RBX: 00007f0c777a5fa0 RCX: 00007f0c7758d169 [ 251.378665][ T8654] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 251.378679][ T8654] RBP: 00007f0c7760e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 251.378693][ T8654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.378707][ T8654] R13: 0000000000000000 R14: 00007f0c777a5fa0 R15: 00007fff68eaf0d8 [ 251.378731][ T8654] [ 252.154201][ T8654] zram: Error allocating disk structure for device 2 [ 252.536746][ T8678] futex_wake_op: syz.2.644 tries to shift op by 64; fix this program [ 254.241698][ T8702] Invalid ELF header magic: != ELF [ 254.399668][ T8705] Invalid ELF header magic: != ELF [ 256.474258][ T8719] [ 256.764274][ T8715] netlink: 338 bytes leftover after parsing attributes in process `syz.0.655'. [ 258.592591][ T8760] Invalid ELF header magic: != ELF [ 259.959363][ T30] audit: type=1800 audit(6037938343.704:12): pid=8776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.667" name="dbroot" dev="configfs" ino=23131 res=0 errno=0 [ 260.094962][ T8777] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 260.110996][ T5194] ERROR: Out of memory at tomoyo_memory_ok. [ 260.577691][ T26] ERROR: Out of memory at tomoyo_memory_ok. [ 260.584220][ T5194] ERROR: Out of memory at tomoyo_memory_ok. [ 260.896061][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.902401][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.787426][ T8788] netlink: 28 bytes leftover after parsing attributes in process `syz.3.670'. [ 264.231800][ T8824] Invalid ELF header magic: != ELF [ 264.663261][ T8832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.682'. [ 264.726881][ T8833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.682'. [ 265.027098][ T8839] tipc: Started in network mode [ 265.065114][ T8839] tipc: Node identity 8e4e6f15, cluster identity 4711 [ 265.104875][ T8839] tipc: Node number set to 2387504917 [ 265.211195][ T8843] mkiss: ax0: crc mode is auto. [ 266.709419][ T8861] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input11 [ 267.652110][ T26] ERROR: Out of memory at tomoyo_memory_ok. [ 269.736501][ T8875] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 269.885852][ T5194] ERROR: Out of memory at tomoyo_memory_ok. [ 269.917680][ T8878] mkiss: ax0: crc mode is auto. [ 270.096282][ T26] ERROR: Out of memory at tomoyo_memory_ok. [ 270.156707][ T8888] netlink: 28 bytes leftover after parsing attributes in process `syz.0.694'. [ 270.692870][ T8896] netlink: 4 bytes leftover after parsing attributes in process `syz.2.697'. [ 270.771502][ T8897] netlink: 354 bytes leftover after parsing attributes in process `syz.2.697'. [ 271.012432][ T8902] Invalid ELF header magic: != ELF [ 272.241351][ T8932] mkiss: ax0: crc mode is auto. [ 272.308053][ T8934] netlink: 342 bytes leftover after parsing attributes in process `syz.1.707'. [ 272.509023][ T8938] Invalid ELF header magic: != ELF [ 272.988946][ T8950] netlink: 330 bytes leftover after parsing attributes in process `syz.3.713'. [ 273.177278][ T8945] netlink: 330 bytes leftover after parsing attributes in process `syz.1.709'. [ 273.573016][ T8956] ovs9: entered promiscuous mode [ 274.405004][ T8977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.718'. [ 274.462045][ T8978] netlink: 4 bytes leftover after parsing attributes in process `syz.1.718'. [ 275.301891][ T9000] Invalid ELF header magic: != ELF [ 276.237006][ T9014] netlink: 12 bytes leftover after parsing attributes in process `syz.0.728'. [ 277.857787][ T9040] netlink: 28 bytes leftover after parsing attributes in process `syz.3.734'. [ 277.983543][ T9042] Invalid ELF header magic: != ELF [ 278.731285][ T9055] net_ratelimit: 76 callbacks suppressed [ 278.731304][ T9055] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 279.926240][ T9084] FAULT_INJECTION: forcing a failure. [ 279.926240][ T9084] name failslab, interval 1, probability 0, space 0, times 0 [ 279.993560][ T9084] CPU: 1 UID: 0 PID: 9084 Comm: syz.2.746 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 279.993592][ T9084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 279.993606][ T9084] Call Trace: [ 279.993612][ T9084] [ 279.993620][ T9084] dump_stack_lvl+0x16c/0x1f0 [ 279.993654][ T9084] should_fail_ex+0x512/0x640 [ 279.993677][ T9084] ? fs_reclaim_acquire+0xae/0x150 [ 279.993705][ T9084] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 279.993740][ T9084] should_failslab+0xc2/0x120 [ 279.993775][ T9084] __kmalloc_noprof+0xd2/0x510 [ 279.993810][ T9084] tomoyo_realpath_from_path+0xc2/0x6e0 [ 279.993847][ T9084] ? tomoyo_profile+0x47/0x60 [ 279.993874][ T9084] tomoyo_path_number_perm+0x245/0x580 [ 279.993903][ T9084] ? tomoyo_path_number_perm+0x237/0x580 [ 279.993935][ T9084] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 279.993967][ T9084] ? find_held_lock+0x2b/0x80 [ 279.994007][ T9084] ? find_held_lock+0x2b/0x80 [ 279.994030][ T9084] ? __fget_files+0x204/0x3c0 [ 279.994064][ T9084] ? __fget_files+0x20e/0x3c0 [ 279.994098][ T9084] security_file_ioctl+0x9b/0x240 [ 279.994131][ T9084] __x64_sys_ioctl+0xb7/0x200 [ 279.994159][ T9084] do_syscall_64+0xcd/0x260 [ 279.994190][ T9084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.994211][ T9084] RIP: 0033:0x7f219a18d169 [ 279.994244][ T9084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.994266][ T9084] RSP: 002b:00007f219af3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 279.994287][ T9084] RAX: ffffffffffffffda RBX: 00007f219a3a5fa0 RCX: 00007f219a18d169 [ 279.994301][ T9084] RDX: 0000200000000000 RSI: 0000000080045518 RDI: 0000000000000003 [ 279.994315][ T9084] RBP: 00007f219af3b090 R08: 0000000000000000 R09: 0000000000000000 [ 279.994328][ T9084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 279.994346][ T9084] R13: 0000000000000000 R14: 00007f219a3a5fa0 R15: 00007ffc483c8a68 [ 279.994370][ T9084] [ 281.108710][ T9084] ERROR: Out of memory at tomoyo_realpath_from_path. [ 282.457303][ T9123] Invalid ELF header magic: != ELF [ 284.621064][ T9164] FAULT_INJECTION: forcing a failure. [ 284.621064][ T9164] name failslab, interval 1, probability 0, space 0, times 0 [ 284.670638][ T9164] CPU: 1 UID: 0 PID: 9164 Comm: syz.0.762 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 284.670670][ T9164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 284.670684][ T9164] Call Trace: [ 284.670690][ T9164] [ 284.670698][ T9164] dump_stack_lvl+0x16c/0x1f0 [ 284.670732][ T9164] should_fail_ex+0x512/0x640 [ 284.670755][ T9164] ? fs_reclaim_acquire+0xae/0x150 [ 284.670783][ T9164] ? tomoyo_encode2+0x100/0x3e0 [ 284.670817][ T9164] should_failslab+0xc2/0x120 [ 284.670852][ T9164] __kmalloc_noprof+0xd2/0x510 [ 284.670884][ T9164] ? d_absolute_path+0x136/0x1a0 [ 284.670911][ T9164] tomoyo_encode2+0x100/0x3e0 [ 284.670953][ T9164] tomoyo_encode+0x29/0x50 [ 284.670986][ T9164] tomoyo_realpath_from_path+0x18f/0x6e0 [ 284.671028][ T9164] tomoyo_path_number_perm+0x245/0x580 [ 284.671057][ T9164] ? tomoyo_path_number_perm+0x237/0x580 [ 284.671089][ T9164] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 284.671120][ T9164] ? find_held_lock+0x2b/0x80 [ 284.671161][ T9164] ? find_held_lock+0x2b/0x80 [ 284.671183][ T9164] ? __fget_files+0x204/0x3c0 [ 284.671218][ T9164] ? __fget_files+0x20e/0x3c0 [ 284.671252][ T9164] security_file_ioctl+0x9b/0x240 [ 284.671285][ T9164] __x64_sys_ioctl+0xb7/0x200 [ 284.671313][ T9164] do_syscall_64+0xcd/0x260 [ 284.671344][ T9164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.671365][ T9164] RIP: 0033:0x7fbae7b8d169 [ 284.671381][ T9164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.671403][ T9164] RSP: 002b:00007fbae8a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.671424][ T9164] RAX: ffffffffffffffda RBX: 00007fbae7da5fa0 RCX: 00007fbae7b8d169 [ 284.671439][ T9164] RDX: 0000200000000000 RSI: 0000000080045518 RDI: 0000000000000003 [ 284.671453][ T9164] RBP: 00007fbae8a66090 R08: 0000000000000000 R09: 0000000000000000 [ 284.671466][ T9164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 284.671479][ T9164] R13: 0000000000000000 R14: 00007fbae7da5fa0 R15: 00007fffd97a01e8 [ 284.671503][ T9164] [ 284.671518][ T9164] ERROR: Out of memory at tomoyo_realpath_from_path. [ 285.236315][ T9173] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 286.058853][ T9189] Invalid ELF header magic: != ELF [ 286.485428][ T9197] mkiss: ax0: crc mode is auto. [ 286.535483][ T9198] FAULT_INJECTION: forcing a failure. [ 286.535483][ T9198] name failslab, interval 1, probability 0, space 0, times 0 [ 286.600892][ T9198] CPU: 1 UID: 0 PID: 9198 Comm: syz.0.770 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 286.600926][ T9198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.600940][ T9198] Call Trace: [ 286.600946][ T9198] [ 286.600954][ T9198] dump_stack_lvl+0x16c/0x1f0 [ 286.600988][ T9198] should_fail_ex+0x512/0x640 [ 286.601012][ T9198] ? fs_reclaim_acquire+0xae/0x150 [ 286.601046][ T9198] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 286.601082][ T9198] should_failslab+0xc2/0x120 [ 286.601118][ T9198] __kmalloc_noprof+0xd2/0x510 [ 286.601155][ T9198] tomoyo_realpath_from_path+0xc2/0x6e0 [ 286.601193][ T9198] ? tomoyo_profile+0x47/0x60 [ 286.601217][ T9198] tomoyo_path_number_perm+0x245/0x580 [ 286.601246][ T9198] ? tomoyo_path_number_perm+0x237/0x580 [ 286.601278][ T9198] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 286.601310][ T9198] ? find_held_lock+0x2b/0x80 [ 286.601350][ T9198] ? find_held_lock+0x2b/0x80 [ 286.601373][ T9198] ? __fget_files+0x204/0x3c0 [ 286.601407][ T9198] ? __fget_files+0x20e/0x3c0 [ 286.601441][ T9198] security_file_ioctl+0x9b/0x240 [ 286.601474][ T9198] __x64_sys_ioctl+0xb7/0x200 [ 286.601502][ T9198] do_syscall_64+0xcd/0x260 [ 286.601533][ T9198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.601554][ T9198] RIP: 0033:0x7fbae7b8d169 [ 286.601571][ T9198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.601592][ T9198] RSP: 002b:00007fbae8a45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.601613][ T9198] RAX: ffffffffffffffda RBX: 00007fbae7da6080 RCX: 00007fbae7b8d169 [ 286.601628][ T9198] RDX: 0000000000000003 RSI: 0000000000005452 RDI: 0000000000000003 [ 286.601641][ T9198] RBP: 00007fbae8a45090 R08: 0000000000000000 R09: 0000000000000000 [ 286.601654][ T9198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.601667][ T9198] R13: 0000000000000001 R14: 00007fbae7da6080 R15: 00007fffd97a01e8 [ 286.601691][ T9198] [ 286.602480][ T9198] ERROR: Out of memory at tomoyo_realpath_from_path. [ 289.176204][ T47] [ 289.178572][ T47] ====================================================== [ 289.185594][ T47] WARNING: possible circular locking dependency detected [ 289.192630][ T47] 6.14.0-syzkaller-01103-g2df0c02dab82 #0 Not tainted [ 289.199397][ T47] ------------------------------------------------------ [ 289.206412][ T47] kworker/1:1/47 is trying to acquire lock: [ 289.212299][ T47] ffffffff8fefa328 (rtnl_mutex){+.+.}-{4:4}, at: smc_vlan_by_tcpsk+0x251/0x620 [ 289.221283][ T47] [ 289.221283][ T47] but task is already holding lock: [ 289.228649][ T47] ffff8880783be9d8 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53a/0xae0 [ 289.237992][ T47] [ 289.237992][ T47] which lock already depends on the new lock. [ 289.237992][ T47] [ 289.248397][ T47] [ 289.248397][ T47] the existing dependency chain (in reverse order) is: [ 289.257413][ T47] [ 289.257413][ T47] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 289.265094][ T47] lock_sock_nested+0x41/0xf0 [ 289.270688][ T47] sockopt_lock_sock+0x54/0x70 [ 289.276001][ T47] do_ip_getsockopt+0x13e4/0x2220 [ 289.281568][ T47] ip_getsockopt+0x9b/0x1e0 [ 289.286628][ T47] raw_getsockopt+0x4d/0x1f0 [ 289.291870][ T47] do_sock_getsockopt+0x3fc/0x800 [ 289.297438][ T47] __sys_getsockopt+0x12f/0x260 [ 289.302827][ T47] __x64_sys_getsockopt+0xbd/0x160 [ 289.308502][ T47] do_syscall_64+0xcd/0x260 [ 289.313573][ T47] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.320013][ T47] [ 289.320013][ T47] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 289.327244][ T47] __lock_acquire+0x1173/0x1ba0 [ 289.332633][ T47] lock_acquire+0x179/0x350 [ 289.337674][ T47] __mutex_lock+0x19a/0xb00 [ 289.342728][ T47] smc_vlan_by_tcpsk+0x251/0x620 [ 289.348205][ T47] __smc_connect+0x44b/0x4880 [ 289.353448][ T47] smc_connect_work+0x54c/0xae0 [ 289.358846][ T47] process_one_work+0x9cc/0x1b70 [ 289.364315][ T47] worker_thread+0x6c1/0xef0 [ 289.369475][ T47] kthread+0x3a4/0x760 [ 289.374103][ T47] ret_from_fork+0x45/0x80 [ 289.379054][ T47] ret_from_fork_asm+0x1a/0x30 [ 289.384397][ T47] [ 289.384397][ T47] other info that might help us debug this: [ 289.384397][ T47] [ 289.394645][ T47] Possible unsafe locking scenario: [ 289.394645][ T47] [ 289.402106][ T47] CPU0 CPU1 [ 289.407472][ T47] ---- ---- [ 289.412833][ T47] lock(sk_lock-AF_INET); [ 289.417259][ T47] lock(rtnl_mutex); [ 289.423767][ T47] lock(sk_lock-AF_INET); [ 289.430710][ T47] lock(rtnl_mutex); [ 289.434704][ T47] [ 289.434704][ T47] *** DEADLOCK *** [ 289.434704][ T47] [ 289.442847][ T47] 3 locks held by kworker/1:1/47: [ 289.447879][ T47] #0: ffff888030b7f148 ((wq_completion)smc_hs_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 289.458609][ T47] #1: ffffc90000b77d18 ((work_completion)(&smc->connect_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 289.470391][ T47] #2: ffff8880783be9d8 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53a/0xae0 [ 289.480221][ T47] [ 289.480221][ T47] stack backtrace: [ 289.486132][ T47] CPU: 1 UID: 0 PID: 47 Comm: kworker/1:1 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) [ 289.486162][ T47] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 289.486178][ T47] Workqueue: smc_hs_wq smc_connect_work [ 289.486217][ T47] Call Trace: [ 289.486226][ T47] [ 289.486234][ T47] dump_stack_lvl+0x116/0x1f0 [ 289.486265][ T47] print_circular_bug+0x275/0x350 [ 289.486297][ T47] check_noncircular+0x14c/0x170 [ 289.486329][ T47] __lock_acquire+0x1173/0x1ba0 [ 289.486361][ T47] ? lockdep_hardirqs_on+0x7c/0x110 [ 289.486389][ T47] lock_acquire+0x179/0x350 [ 289.486419][ T47] ? smc_vlan_by_tcpsk+0x251/0x620 [ 289.486440][ T47] ? __pfx___might_resched+0x10/0x10 [ 289.486467][ T47] ? kasan_save_stack+0x42/0x60 [ 289.486501][ T47] ? kasan_save_stack+0x33/0x60 [ 289.486531][ T47] ? kasan_save_track+0x14/0x30 [ 289.486563][ T47] __mutex_lock+0x19a/0xb00 [ 289.486595][ T47] ? smc_vlan_by_tcpsk+0x251/0x620 [ 289.486691][ T47] ? __lock_acquire+0x5ca/0x1ba0 [ 289.486723][ T47] ? smc_vlan_by_tcpsk+0x251/0x620 [ 289.486742][ T47] ? __pfx___mutex_lock+0x10/0x10 [ 289.486772][ T47] ? find_held_lock+0x2b/0x80 [ 289.486795][ T47] ? smc_vlan_by_tcpsk+0x251/0x620 [ 289.486813][ T47] ? rtnl_lock+0x9/0x20 [ 289.486831][ T47] smc_vlan_by_tcpsk+0x251/0x620 [ 289.486851][ T47] ? __pfx_smc_vlan_by_tcpsk+0x10/0x10 [ 289.486881][ T47] __smc_connect+0x44b/0x4880 [ 289.486919][ T47] ? __pfx___smc_connect+0x10/0x10 [ 289.486952][ T47] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 289.486990][ T47] ? __local_bh_enable_ip+0xa4/0x120 [ 289.487018][ T47] smc_connect_work+0x54c/0xae0 [ 289.487052][ T47] ? __pfx_smc_connect_work+0x10/0x10 [ 289.487087][ T47] ? rcu_is_watching+0x12/0xc0 [ 289.487111][ T47] process_one_work+0x9cc/0x1b70 [ 289.487136][ T47] ? __pfx_process_one_work+0x10/0x10 [ 289.487159][ T47] ? assign_work+0x1a0/0x250 [ 289.487193][ T47] worker_thread+0x6c1/0xef0 [ 289.487216][ T47] ? __kthread_parkme+0x148/0x220 [ 289.487243][ T47] ? __pfx_worker_thread+0x10/0x10 [ 289.487264][ T47] kthread+0x3a4/0x760 [ 289.487295][ T47] ? __pfx_kthread+0x10/0x10 [ 289.487326][ T47] ? __pfx_kthread+0x10/0x10 [ 289.487358][ T47] ? __pfx_kthread+0x10/0x10 [ 289.487389][ T47] ? __pfx_kthread+0x10/0x10 [ 289.487420][ T47] ? rcu_is_watching+0x12/0xc0 [ 289.487441][ T47] ? __pfx_kthread+0x10/0x10 [ 289.487472][ T47] ret_from_fork+0x45/0x80 [ 289.487492][ T47] ? __pfx_kthread+0x10/0x10 [ 289.487524][ T47] ret_from_fork_asm+0x1a/0x30 [ 289.487559][ T47] [ 290.312619][ T9239] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 290.319100][ T9239] hsr_slave_1: hsr_addr_subst_dest: Unknown node