last executing test programs: 2m43.142458755s ago: executing program 2 (id=969): r0 = socketpair$auto(0xbf8c0000, 0x1, 0x1c, &(0x7f0000000000)=0x6) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x81) socket(0x10, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004000800100003800c0009"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_FIFREEZE(r0, 0xc0045878, 0x4) 2m42.982088999s ago: executing program 2 (id=970): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="4c91f2c388274610e18d5fc5e5bfd9800e", 0x11) 2m42.736658999s ago: executing program 2 (id=974): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x121102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = getsockopt$auto(0x3, 0x200000000001, 0x11, 0x0, 0x0) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x101100, 0x0) socket(0x2, 0x2, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r2, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x1000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) r3 = memfd_create$auto(0x0, 0xe) r4 = socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x200}, 0x55) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'syzkaller0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'macvtap0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_BIND_RX(r3, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r5, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r6}, @NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r7}, @NETDEV_A_DMABUF_FD={0x8, 0x3, r2}, @NETDEV_A_DMABUF_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) get_mempolicy$auto(0x0, 0x0, 0x81, 0x8, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 2m41.673742836s ago: executing program 2 (id=979): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x6, &(0x7f0000000300)=@token_create={0x9, r0}, 0x1) socket(0x11, 0xa, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x2f, 0x1000000, 0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24040804}, 0x4000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x0, &(0x7f0000000000)={0x5, 0x66, 0x2, 0x14, 0x4, 0x4, 0xffffffffffffffff, [0x0, 0x34, 0x7fffffff], {0x101, 0x6, 0x4355, 0x80000000, 0xa5, 0x7, 0xb, 0xba90, 0x5}, {0xfffffc00, 0x6, 0x0, 0x401, 0x8, 0x8, 0x0, 0x7, 0x6}}) lstat$auto(&(0x7f0000000000)='./file1\x00', 0x0) r2 = socket(0x2, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x20044000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x6, &(0x7f00000002c0)={0x0, 0xc8}, 0x8, 0x0, 0x4, 0x9}, 0x7}, 0x103, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)={0x1c, r1, 0xb01, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x23, 0x80805, 0x0) r7 = getsockopt$auto(r6, 0x40000000113, 0x3, 0xfffffffffffffffc, 0x0) r8 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_ADD(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x2c, r8, 0x300, 0x70bd2c, 0x25dfdc01, {}, [@SMC_PNETID_ETHNAME={0xc, 0x2, '+o*#\x90\x80\x8b\x00'}, @SMC_PNETID_NAME={0xb, 0x1, 'netdev\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x40d0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) ioctl$auto_VHOST_GET_VRING_ENDIAN(r7, 0x4008af14, &(0x7f0000000280)={0x8, 0x8}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) 2m41.233954642s ago: executing program 2 (id=982): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="4c91f2c388274610e18d5fc5e5bfd9800e", 0x11) 2m41.118630758s ago: executing program 2 (id=984): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0xfeff, &(0x7f0000000440)={&(0x7f0000000380)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}]}, 0x1c}}, 0x4000) 2m37.61300621s ago: executing program 3 (id=1005): mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) setsockopt$auto(r0, 0x1ff, 0x7, &(0x7f0000000040)='{-%^.^:\x01[\'!\xb7:-@@\x00', 0x8) sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='L', 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100) 2m37.508021039s ago: executing program 3 (id=1007): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020206, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x20600, 0x0) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) munmap$auto(0x8000, 0xffffffff) close_range$auto(0x2, 0x8, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) write$auto(0x3, 0x0, 0x100082) 2m36.138138967s ago: executing program 3 (id=1011): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x4, 0x3, 0xb, 0x0) r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsu1\x00', 0x80802, 0x0) read$auto_vcs_fops_vc_screen(r0, 0x0, 0x0) io_uring_enter$auto(0x3, 0x4, 0xffffffff, 0x6, 0x0, 0x2) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40940, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_shared\x00', 0x20b42, 0x0) read$auto(r1, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(r1, r2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/tty/tty1/power/autosuspend_delay_ms\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video6\x00', 0x80383, 0x0) socket(0x23, 0x2, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x9, 0x0) close_range$auto(0x2, 0x8000, 0x0) pipe$auto(0x0) close_range$auto(0x2, 0x8, 0x0) 2m35.502750988s ago: executing program 3 (id=1013): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4040804) setreuid$auto(0x3, 0x7) fspick$auto(0x6a, 0x0, 0xe) lstat$auto(0x0, &(0x7f0000000180)={0x3, 0x0, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x2000000000, 0x6, 0x40000402, 0x3, 0x9, 0xffffffff7fffffff, 0x9, 0x2000002003, 0x20000010010b}) r0 = openat$auto_dai_list_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup.cpu/memory.stat\x00', 0x80200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000240)=""/118, 0x76) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r2 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) io_uring_setup$auto(0x9, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r4 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x401, r4, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xd, 0x5, 0xdda, 0x1, 0x10001, 0x0, 0x7fffffff, 0x3, 0x7, 0x4, 0x100000000, 0x8, 0x9b4, 0x4539}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0xae1}, 0xc) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9c, 0x7, 0x8}, 0x9) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x4}, 0xc) read$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00', 0x6) ioctl$auto_UI_SET_KEYBIT(r7, 0x40045565, &(0x7f00000002c0)=0x7) r8 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) read$auto(r8, &(0x7f0000000080)='\xbb\xc8\xcb E\xcb\xc9sI\xaf\xa94', 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) 2m35.304408673s ago: executing program 3 (id=1016): r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x8003, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0x7ff, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyw0\x00', 0x200201, 0x0) r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy14/rc/name\x00', 0x0, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0) pwrite64$auto(r1, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x10, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x6242, 0x0) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x40080, 0x0) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x100000000000000, 0x40009, 0xdf, 0x14, r0, 0x28003) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0xfb01, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) ioctl$auto(r4, 0x4008af23, r2) socket(0x80000000000000a, 0x2, 0x0) socket(0x2, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x13}}, 0x54) ioctl$auto_MON_IOCQ_URB_LEN(r3, 0x9201, 0x0) 2m32.135184819s ago: executing program 3 (id=1020): mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) (async) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) socket(0x2b, 0x1, 0x1) (async) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) (async, rerun: 32) socket(0xa, 0x801, 0x84) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) open(&(0x7f0000000800)='./file0\x00', 0x2240, 0x154) (async, rerun: 64) sysfs$auto(0x2, 0x0, 0x0) (async, rerun: 64) fsopen$auto(0x0, 0x1) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r1, 0x0, 0x6) (async) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) (async, rerun: 32) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x180800, 0x0) (rerun: 32) read$auto(r2, 0x0, 0x39b8) (async, rerun: 64) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) (rerun: 64) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) 2m25.724936832s ago: executing program 32 (id=984): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0xfeff, &(0x7f0000000440)={&(0x7f0000000380)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}]}, 0x1c}}, 0x4000) 2m19.869410557s ago: executing program 4 (id=1035): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r0) sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f0000000200)={0x0, 0xf000, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, r1, 0x374fe8f90a251713, 0x70bd29, 0x25dfdbfc, {0x3, 0x0, 0xf000}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0xfffffff7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20044010}, 0x20000008) 2m19.769049884s ago: executing program 4 (id=1053): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0xa, 0x801, 0x84) ioprio_get$auto(0x1, 0x4) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) write$auto(r1, 0x0, 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) msgctl$auto_IPC_RMID(0xffff, 0x0, &(0x7f0000000280)={{0x4, r2, r3, 0xfffffffd, 0x9, 0xd, 0xb}, &(0x7f0000000200)=0x5, &(0x7f0000000240)=0x5, 0x1, 0x1, 0x6e, 0xe811, 0x5, 0x4, 0x5, 0x10, @raw=0x5, @raw=0x7}) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44050}, 0x4008000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x1, 0x3f, 0x0, 0xb) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f00000000c0), 0x8a082, 0x0) write$auto(r5, 0x0, 0x200) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x5c, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_AUTH_DATA={0x36, 0x9c, "79543dbd7b06712e784c528e2ba48634cd6b170b7c9b286f2bfd8e325adbf115aafb2c850c21411700795a250baf19720688"}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x80}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x200408d0}, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xffffffff, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) 2m18.494092604s ago: executing program 4 (id=1058): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x40fd, &(0x7f0000000440)={&(0x7f0000000380)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}]}, 0x1c}}, 0x4000) 2m16.955939529s ago: executing program 33 (id=1020): mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) (async) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) socket(0x2b, 0x1, 0x1) (async) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) (async, rerun: 32) socket(0xa, 0x801, 0x84) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) open(&(0x7f0000000800)='./file0\x00', 0x2240, 0x154) (async, rerun: 64) sysfs$auto(0x2, 0x0, 0x0) (async, rerun: 64) fsopen$auto(0x0, 0x1) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r1, 0x0, 0x6) (async) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) (async, rerun: 32) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x180800, 0x0) (rerun: 32) read$auto(r2, 0x0, 0x39b8) (async, rerun: 64) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) (rerun: 64) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) 2m11.294093363s ago: executing program 1 (id=1081): socket(0xa, 0x0, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x6, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x1, 0x8, 0xa751, 0x80, 0x4, 0x0, 0xa, 0x728d, 0x200, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x55e, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0xd) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8001) ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, &(0x7f0000000000)="cdb8941ca55f8ccb74") read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40200081) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0x8000000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) fcntl$auto_F_SETLK(0xffffffffffffffff, 0x6, 0xffffffffffffffff) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mprotect$auto(0x0, 0x6, 0x4) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080), 0xfc6}, 0x2, &(0x7f00000001c0), 0x7, 0xa502}, 0x8000800}, 0x80, 0x8) r1 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x7, @old_prog_fd=r1}, 0xa3) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0xa, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x0, 0x26, 0x4, 0x200004000001, 0x384, 0xfffffffffffffffa, 0x3, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x1fe, 0x0, 0x84}, 0xb, 0xd) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd0e, &(0x7f00000001c0)) write$auto(r1, 0x0, 0x1000002000000000) socket$nl_generic(0x10, 0x3, 0x10) 2m10.819375677s ago: executing program 1 (id=1083): unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') madvise$auto(0x0, 0x7fffffffffffffff, 0xa) setns(r0, 0x0) setfsuid$auto(0xee00) r1 = setfsuid$auto(0xee00) setreuid$auto(r1, 0x0) syz_clone(0x14221420, 0x0, 0x0, 0x0, 0x0, 0x0) 2m10.709627933s ago: executing program 1 (id=1084): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x5c8) close_range$auto(0x2, 0x8, 0x0) 2m10.61821422s ago: executing program 1 (id=1085): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x5c8) close_range$auto(0x2, 0x8, 0x0) 2m10.333279189s ago: executing program 1 (id=1086): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/unix\x00', 0x121040, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=""/153, 0x99) fsmount$auto(r0, 0xcff, 0x9) pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88d\x11\x00\x00\x00\x00\x00\x00!\x02\xba\xae\xb8-\x14\xe4\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf6\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9\xc5\x93\x1dD\x811\xb9_\xdd*j\xfd\xeb\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;\x9e\x83\x120\x81\x11\x9a?g`sFh\x00\x00\xda,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xdex\xd8\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/228, 0xfdef, 0x2) socket(0xa, 0x801, 0x106) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x503dc3, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x2001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xbf) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x0, 0x12, 0x0, 0x28) read$auto(0x3, 0x0, 0x80) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, 0x0, 0x7, 0x0) socket(0x1d, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x880) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x5}, 0x7, 0x0) mmap$auto(0x0, 0x2, 0x5, 0x8000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyw8\x00', 0x40603, 0x0) 2m9.695249855s ago: executing program 1 (id=1089): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x1c, r0, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x7fffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) bind$auto(0x4, 0xfffffffffffffffe, 0x0) bind$auto(0x3, 0xfffffffffffffffd, 0x0) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x44}, @HSR_A_IF1_AGE={0x8, 0x3, 0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1ff}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x2, 0x4) statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000020, 0x4, 0x2}, 0x0, 0x7ffffffff000, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r4, &(0x7f0000000000)='-\x00', 0xfdef) 2m3.371601346s ago: executing program 34 (id=1058): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x40fd, &(0x7f0000000440)={&(0x7f0000000380)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}]}, 0x1c}}, 0x4000) 1m55.360731008s ago: executing program 6 (id=1113): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysinfo$auto(0x0) r0 = socket(0x2, 0x6, 0x0) r1 = getsockopt$auto(r0, 0x10d, 0x1, 0x0, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x1255c2, 0xd1) fchdir$auto(r0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/i915/parameters/mitigations\x00', 0x80302, 0x0) write$auto(r1, 0x0, 0x9) mmap$auto(0x0, 0x9, 0x40, 0x32d4, 0x10000, 0xffffffffffffffff) mmap$auto(0x0, 0x2000c, 0x4000000000df, 0x17, 0x401, 0x8000) unshare$auto(0x40000080) r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r2, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MEDIA_GET(r3, &(0x7f0000001c00)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010026bd7000fbdbdf250b0000000c00058008000100", @ANYRES32=0x0, @ANYBLOB="acfccd712239858af11cdb876e152e1dd119397609d7080a999e4f0469ef20358d12aeac7acf4b4a47ffc254b8a027c71acce0e11fe8c4db3626fa7c57dd708183b658fd39bf187b1f06ae77d4421b7244d4511cb8fac9a198b72376ffe406796cdc13ef18e896f549aebb3108c9971a6a29bea43b552474d6e8ecb9d370c770b347c5ecf5b1dced"], 0x20}}, 0x2000c880) sigaltstack$auto(0x0, 0x0) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, 0x0, 0x90) ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, 0x0) ioctl$auto(0x3, 0x89e0, 0x38) close_range$auto(0x2, 0x8, 0x0) truncate$auto(&(0x7f0000000000)='./file0\x00', 0x3f2ec021) socket(0xa, 0x3, 0x3a) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0xb00, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1m54.539821024s ago: executing program 35 (id=1089): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x1c, r0, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x7fffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) bind$auto(0x4, 0xfffffffffffffffe, 0x0) bind$auto(0x3, 0xfffffffffffffffd, 0x0) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x44}, @HSR_A_IF1_AGE={0x8, 0x3, 0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1ff}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x2, 0x4) statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000020, 0x4, 0x2}, 0x0, 0x7ffffffff000, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r4, &(0x7f0000000000)='-\x00', 0xfdef) 1m54.383774639s ago: executing program 6 (id=1143): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/devices.deny\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)='B', 0x1) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc00, 0x0) ioctl$auto_SNDCTL_TMR_TEMPO(r1, 0xc0045405, &(0x7f0000000140)) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) read$auto_v4l2_fops_v4l2_dev(0xffffffffffffffff, &(0x7f0000000000)=""/194, 0x70800) getrandom$auto(0x0, 0x6000000, 0x3) r2 = socket(0xf, 0x3, 0x5) open(&(0x7f0000000000)='./file0\x00', 0x1a9842, 0x2) r3 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_NAPI_GET(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, r4, 0x1, 0x70bd2b, 0x25dfdbfd, {0xb, 0x0, 0x300}}, 0x14}, 0x1, 0x0, 0x0, 0x881}, 0x4) read$auto_tun_fops_tun(r3, &(0x7f0000000000)=""/245, 0xf5) socket(0x23, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x80000541b, r3) setsockopt$auto(r2, 0x114, 0x79, 0x0, 0xbe6) 1m52.976493967s ago: executing program 6 (id=1150): r0 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000000), 0xa01, 0x0) mmap$auto(0xf894, 0x2020006, 0x6, 0xeb1, r0, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) write$auto(0x3, 0x0, 0x81) close_range$auto(0x2, 0x8, 0x0) 1m50.551729377s ago: executing program 6 (id=1156): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x40, 0x1, 0x9070, 0x40416, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_u32_array_fops_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/ports/2/udp_ports_table1\x00', 0x80080, 0x0) recvfrom$auto(r1, &(0x7f0000000040)="c49c65656382bd2b7989794097c45f0c4d3787a4c4ed4f4d415b1a2963ba56ed80fa84bed5022085e974f8b5fb09fe9672db6feb5ce1a447b38b9dcd0b50732ce61ebe1ed5f0a53ccc14e60c6250523370f82186e781a31af1828bc2ef646f6b07a54cf846a51b32388a1af7fc5096", 0x9, 0x3, &(0x7f0000000180)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3d}, 0x3}, &(0x7f00000001c0)=0xffffffff) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) connect$auto(0x3, &(0x7f0000000140), 0x55) sendmsg$auto_BATADV_CMD_GET_HARDIF(r0, 0x0, 0x40080fe) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f00000000c0)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) r2 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x18, 0x4, 0x1) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0xb) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x0, r2, 0x0) acct$auto(&(0x7f0000001080)='/sys//block/nbd3/que\xd6D\xf0\xfa^!\"B\xf9\xee\x0f]r\xd4\xed\xf9ue/rotational\x00\xda\xc8\x83\x8b\x82;\xf4\n\xcfn\thz\xb1\x8b\x96\xfdPw\xa4M@.\xe1\xe7P\xf0}\x98\xb6(\xa6[\xc2\xfcn\x115\xfbHX\x83\xbf\x141\xd6s\xa8\xb1\a-HG\xae\x03\xc3\x1f`\x84\x1b\x81\xda2r{$3d') 1m49.894075586s ago: executing program 6 (id=1161): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003680)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000100)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd700002dcdf25090000030400070008000300", @ANYRES32=r3], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x890) 1m49.503760154s ago: executing program 36 (id=1161): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003680)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000100)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd700002dcdf25090000030400070008000300", @ANYRES32=r3], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x890) 7.153351363s ago: executing program 8 (id=1563): r0 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000002c0)='}[,&*}\x00', &(0x7f0000000180)='nfsd\x00', 0x6, &(0x7f00000001c0)="5e0842d42d") openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x800, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x209b72, 0x4e477f5a, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0x8915, 0x93) write$auto_drm_edid_fops_drm_debugfs(r0, &(0x7f0000000380)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5cf1c8594d316e7ab584244b3adeed4e17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa280f0000000000000042c6720cff2f6f9bf902b74f94e7187a6f348ce9cfc5ac64a8977e242b9ca63c58d603fea4fad558f09b060c0ea075f9e9bda2b835957f69bf6c0d62d698634aa013bdd4b8db86be62388110e03558411efd9796be867e603eff001fadaffc761c3fa220cbbfbf9e94d03a0fe782881888a7b237632954062b9ebd27fd3f82dac5008e4cf2fe2ff4ef", 0x4e00) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000000c0), 0x40800, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r1, 0x41015500, &(0x7f0000000480)={"a7217f78c421292a6ae4a8befaafbea15bdf020ad7f736d1069f7d01975c87207a08191de4f494f6953bc3dd3c189bbf2b63d1d0f2bbd8a0cb04841e5c80fa9c3c96fb4e2bd22af126415968b524095087e9e538abbe28c13df79a5c58da1340e69019385ad2237da1f31f45a71276561e75e30ea90dacd6644b6a17cf1abffb", "2e127d4950f5c2d1ffb12f960103da8071f9f55de93b098e1dcdb4b91f8b3616cb6aeea7bf792a5b837f8a321ada746588566b2b7ec444ee3ce0f75c34af9debe5be9557f4b2ff27630d391e483afb1520f9de1f52e35f0d8c579f29b2bc12ffff171bab6d5b3a718f610885b3e85039414468de9fe059477e223e6882ef1bb6", 0xc}) 6.862833089s ago: executing program 8 (id=1564): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x300, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x6, 0x6, 0x0, 0x10000, 0x7fffffff, 0xe7e6, {0x2100000000, 0x10000}, 0x3, 0x6, 0x3, 0x1008000, 0x0, 0x100000000, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dJ\x19\x81\xbe5\xbbio1\x00', 0x100008a3d9) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x100000000008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x81, 0x4020009, 0xde, 0xeb1, 0x401, 0x7fff) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, 0x0, 0x44084) remap_file_pages$auto(0x6a27, 0xfff, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) close_range$auto(0x2, 0x8, 0x0) 6.470612521s ago: executing program 5 (id=1567): listmount$auto(0x0, 0x0, 0xf4240, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/idle\x00', 0xa001, 0x0) socket(0x2, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) readv$auto(0x3, 0x0, 0x1) openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vhci_hcd.9/usb27/27-0:1.0/usb27-port5/over_current_count\x00', 0x40442, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x18, 0x3, 0x2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@hci={0x1f, 0x2}, 0x55) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f00000007c0)=""/153, 0x99) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vivid.0/video4linux/vbi4/dev\x00', 0x2500, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="08002dbd7000fedbdf259800000013000700e5fb5a2ed8d7545b00ced556ea36ae0044030e804300030005f0d2ac6ad2c2fef4588f1bed13847b05a3333e8b9d82674361ba522c06ed1c49bca60d4026d9fd50caee460e33e287d51c10b3f52b94882d56adc8e7028000f30003007625b0198aae0453640c13fc2d6f768e6acde84ff6dd2ad116e5584643f08bebd7cb583bac54b7f480e9b1bebc494baed96c17a8d7182690887302692a996723576dc1970f39527cd902562047cd0f0693ec5353416f9e94a161e61ce9fb2bfa13e7c8fbb917f3d7b989ed069ce118a4856d9607560ef9fad65c11afef65e8e63f38864449e71d1747ae9f22d27b3404ef8e8d7f4de222e0c0d878048c1ffe4a355c4b69573424b2b0307c9046cb33d42194143c2dfa249abcabea1217066cf1a421cb8948906158f02602c583d2698b996379e3bdbcdb15283348b9adf53fb134354479ec9e289e459321ed0ba0540084000200b1ba8823050091359df3405f3da2595bfbd2e03a6c2bd1dd653a3a5ae1f967d42da688554bf396bb06cd16202006be24583fd81aeb4ffcf1d9feb46a75716c734b5e9fa18dea4bbab790a216703ecc9d313d01800c8bf84f280c67d80abe07d62065bc8536e4b4a5fa54a57fc108ed0b4b2c6a496c12831a233c64afa709680bc5000200dfefdce76c37eb9adcc5dd406771d3b96e4419039310d8f6628a63332c7f30d508798b2be747d634094d7ab065ad2e5a0f3bb0094194cd1f73427030fbe6fef0f4cd7393f1ee0c327e30660b0968246e3ba9f8627862e5fea3b9e2945467fd8f9f022f54bc3d33dda8a3d854cdb3c845e324aafe5d929352bf991e35b91340de665e59754bb073991f57051688f2db577c6c4c596130f0608cb69712e62b3ed83bb028392eb3701455e8b1228df97f32225888355a82da59ea2a465b21d6925c3d000000bc0003007ba62de575bd9e9d40e64c18d06d1e06b39fb146f1b21930f23f9e3117f2956d0c298572d08263542b3364218dcfb8e518dc6112c38fb0030e05fa08bceb545d1f0075cef20e6b1e0d8ec949ff140f04c06d4d5143d19c6d21929c86c42a201248de6466894cc7fee40f0d787e3b8946d39eefdb97829629850a4f97d13d4de4124b"], 0x36c}}, 0x20040840) io_uring_setup$auto(0x59, 0x0) socket(0x15, 0x5, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x1a21c3, 0x0) 4.947051217s ago: executing program 8 (id=1570): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x80000000000000a, 0x2, 0x0) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x11, 0x80003, 0x300) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4) sendto$auto(r1, 0x0, 0x13, 0x2, &(0x7f0000000000)=@tipc=@name={0x1e, 0x2, 0x0, {{0x40, 0x4}, 0x2}}, 0x1e) r2 = socket(0x23, 0x80805, 0x7ffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r2, 0x7ffc) capget$auto(&(0x7f0000000100)={0x7f, 0xffffffffffffffff}, &(0x7f00000001c0)={0x4, 0x5, 0x4}) r4 = fcntl$auto_F_GETOWN(r0, 0x9, 0x1000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r5, 0x0, 0x1e) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mq_open$auto(0x0, 0x40, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/blank\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper\x00', 0x80, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0xa401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000a00)={0x304, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKMODES_OURS={0x2d6, 0x3, 0x0, 0x1, [@generic="19929ee6e0e87e696435cf779e1ee765bccc612bb539ce3bc718167dcdc983f334981907f749d831be9f69b098df6a707707fe4f9ee3843be01f68452f53537da02b3eb48dd6033f4931af83c24c2e0c4852b205e45d5bc63d279caf3fc3b5d8110146506242624d2f266ff9254924a36db7b8f1a1ddbdaecfba1f81fc21528970b8e687714d13ffb99ae15b43fc9bb92321d829eff8d1dd879288311557d337af1fe60530c84cdd03f221b7a5fe5157b94e881ca116540cb48b357e9fa9dd1596de5357e23dac1f96fab4113c8c65d10e676f0023db5a06d87ebd9442b73dabed12ff6fb23a868201ca230c6262894d70f5eefaada4dd033360430638574c07960c8d52fbcab170596cc7f8dee4ca601b4c8486caa8cf4639d2646560fc87684d8a5f4b2da22108ab61873210fb82a863e1e4f0e54ace909654ae4a52d7775b4b8423d652aa25c04a9cbf2c3a214de8c3", @nested={0xf7, 0x7d, 0x0, 0x1, [@typed={0xa, 0x115, 0x0, 0x0, @str='*!\x9e}\n\x00'}, @typed={0x8, 0xcd, 0x0, 0x0, @pid=r3}, @typed={0x57, 0x5d, 0x0, 0x0, @binary="a6dedcb35bd977b8eb367941502c7991feb34eeb75fbd96b75e2a7b16db4bd2509fd6f46231bcf013b48aa8b6f8c59a23135fe3ff647b53313dc121435ef140569676816a034d7a06b25e5618916d30a8adff0"}, @typed={0x8, 0x10a, 0x0, 0x0, @u32=0xf1}, @generic="161e3fbe2da9b2a6b34614081ca5943f53c438e2bde401035e25f0cf248b70dc962fbbaa18cbbc268dff93766e24632260ff7269e1e8f0174828e486e7fed62fa0bcfcac13b79ed5cab7e7228f4501687626ca877241b441c839167e10127e9dca2bfcee546bf000"/119, @typed={0x8, 0x140, 0x0, 0x0, @pid=r4}]}, @generic="4c5068c035c5cd399b45d09b8a5f774c189dfae068fdc1654c4eb74156eedb706278f2356290490125c521c47934defa39b881952a850c49521a394b7ed5e0cce66e6a45f826d53488c114cc8f67e7795a64a79e68805dcadec1097ae15da5698620562ec857c7cde017f56661fbe67d0ce8acc06a8a6d7139b0272e4c", @typed={0xa, 0x74, 0x0, 0x0, @str='*!\x9e}\n\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0xf7}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x8001}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x8}]}, 0x304}, 0x1, 0x0, 0x0, 0x800}, 0x40010) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) 4.946200115s ago: executing program 0 (id=1578): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x300, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x6, 0x6, 0x0, 0x10000, 0x7fffffff, 0xe7e6, {0x2100000000, 0x10000}, 0x3, 0x6, 0x3, 0x1008000, 0x0, 0x100000000, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dJ\x19\x81\xbe5\xbbio1\x00', 0x100008a3d9) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x100000000008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x81, 0x4020009, 0xde, 0xeb1, 0x401, 0x7fff) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, 0x0, 0x44084) remap_file_pages$auto(0x6a27, 0xfff, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.818560608s ago: executing program 5 (id=1571): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0xa, 0x1, 0x80) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8004) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x101000, 0x0) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioperm$auto(0x7, 0x86, 0x40006) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x0, 0x0) ioctl$auto_SNDCTL_DSP_POST(r3, 0x5008, 0x0) r4 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000080)={r4, 0x9, 0x9816}, 0x7f, 0x3) ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x0) close_range$auto(0x2, 0x8, 0xfffffffe) ioctl$auto_EVIOCSREP(r2, 0x40084503, 0x0) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x4000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x20001000, 0x7) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:18/power/control\x00', 0xe001, 0x0) write$auto(r6, &(0x7f0000000040)='\"\x81=\"\xad\b\x00\xf9;\x18\xa4\xb0\xb4\xd9\x82=\xe1P~\x17\xfb&L\xeb-j\a\xf1y\xb3\"\xaf~4:\x7f\x98\xcaeP\xe9N\x9f\xe1[YM\xf2\x1b\x975\xc5Q1\r\xd1\xa2\x88&T\xf0\xd4L\xcfO[\x89n\xady\xael\xc8\xa1\xc8\xa40x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x200, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) socket(0x1d, 0x2, 0x6) r5 = socket(0x2, 0x1, 0x1) fdatasync$auto(r5) add_key$auto_KEY_SPEC_USER_SESSION_KEYRING(0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffb) add_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000000)='/dev/ttyS2\x00', 0x0, 0x0, 0xd, 0xfffffffffffffffb) io_uring_setup$auto(0x6, 0x0) r6 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa101, 0x0) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) madvise$auto(0x110c230000, 0x8031ca, 0x9) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r7, 0x5437, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, r6) close_range$auto(r1, 0x8000, 0x0) 3.349005247s ago: executing program 0 (id=1577): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0xa, 0x801, 0x84) ioprio_get$auto(0x1, 0x4) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) write$auto(r1, 0x0, 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) msgctl$auto_IPC_RMID(0xffff, 0x0, &(0x7f0000000280)={{0x4, r2, r3, 0xfffffffd, 0x9, 0xd, 0xb}, &(0x7f0000000200)=0x5, &(0x7f0000000240)=0x5, 0x1, 0x1, 0x6e, 0xe811, 0x5, 0x4, 0x5, 0x10, @raw=0x5, @raw=0x7}) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44050}, 0x4008000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x1, 0x3f, 0x0, 0xb) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f00000000c0), 0x8a082, 0x0) write$auto(r5, 0x0, 0x200) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x5c, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_AUTH_DATA={0x36, 0x9c, "79543dbd7b06712e784c528e2ba48634cd6b170b7c9b286f2bfd8e325adbf115aafb2c850c21411700795a250baf19720688"}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x80}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x200408d0}, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xffffffff, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) 3.222870392s ago: executing program 7 (id=1579): openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000000), 0xa01, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) write$auto(0x3, 0x0, 0x81) close_range$auto(0x2, 0x8, 0x0) 2.698406285s ago: executing program 5 (id=1580): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x80, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) socket(0x28, 0x3, 0x4000100) r0 = socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r1, @ANYRES32=r0], 0x18}}, 0x80) socket$nl_generic(0x10, 0x3, 0x10) 1.967108845s ago: executing program 7 (id=1581): listmount$auto(0x0, 0x0, 0xf4240, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/idle\x00', 0xa001, 0x0) socket(0x2, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) readv$auto(0x3, 0x0, 0x1) openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vhci_hcd.9/usb27/27-0:1.0/usb27-port5/over_current_count\x00', 0x40442, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x18, 0x3, 0x2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@hci={0x1f, 0x2}, 0x55) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f00000007c0)=""/153, 0x99) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vivid.0/video4linux/vbi4/dev\x00', 0x2500, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="08002dbd7000fedbdf259800000013000700e5fb5a2ed8d7545b00ced556ea36ae0044030e804300030005f0d2ac6ad2c2fef4588f1bed13847b05a3333e8b9d82674361ba522c06ed1c49bca60d4026d9fd50caee460e33e287d51c10b3f52b94882d56adc8e7028000f30003007625b0198aae0453640c13fc2d6f768e6acde84ff6dd2ad116e5584643f08bebd7cb583bac54b7f480e9b1bebc494baed96c17a8d7182690887302692a996723576dc1970f39527cd902562047cd0f0693ec5353416f9e94a161e61ce9fb2bfa13e7c8fbb917f3d7b989ed069ce118a4856d9607560ef9fad65c11afef65e8e63f38864449e71d1747ae9f22d27b3404ef8e8d7f4de222e0c0d878048c1ffe4a355c4b69573424b2b0307c9046cb33d42194143c2dfa249abcabea1217066cf1a421cb8948906158f02602c583d2698b996379e3bdbcdb15283348b9adf53fb134354479ec9e289e459321ed0ba0540084000200b1ba8823050091359df3405f3da2595bfbd2e03a6c2bd1dd653a3a5ae1f967d42da688554bf396bb06cd16202006be24583fd81aeb4ffcf1d9feb46a75716c734b5e9fa18dea4bbab790a216703ecc9d313d01800c8bf84f280c67d80abe07d62065bc8536e4b4a5fa54a57fc108ed0b4b2c6a496c12831a233c64afa709680bc5000200dfefdce76c37eb9adcc5dd406771d3b96e4419039310d8f6628a63332c7f30d508798b2be747d634094d7ab065ad2e5a0f3bb0094194cd1f73427030fbe6fef0f4cd7393f1ee0c327e30660b0968246e3ba9f8627862e5fea3b9e2945467fd8f9f022f54bc3d33dda8a3d854cdb3c845e324aafe5d929352bf991e35b91340de665e59754bb073991f57051688f2db577c6c4c596130f0608cb69712e62b3ed83bb028392eb3701455e8b1228df97f32225888355a82da59ea2a465b21d6925c3d000000bc0003007ba62de575bd9e9d40e64c18d06d1e06b39fb146f1b21930f23f9e3117f2956d0c298572d08263542b3364218dcfb8e518dc6112c38fb0030e05fa08bceb545d1f0075cef20e6b1e0d8ec949ff140f04c06d4d5143d19c6d21929c86c42a201248de6466894cc7fee40f0d787e3b8946d39eefdb97829629850a4f97d13d4de4124b"], 0x36c}}, 0x20040840) io_uring_setup$auto(0x59, 0x0) socket(0x15, 0x5, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x1a21c3, 0x0) 1.93684473s ago: executing program 5 (id=1582): r0 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000000), 0xa01, 0x0) mmap$auto(0xf894, 0x2020006, 0x6, 0xeb1, r0, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0x81) close_range$auto(0x2, 0x8, 0x0) 1.797224348s ago: executing program 0 (id=1583): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000640)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/iosched/write_expire\x00', 0x102, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) (async) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x40000000000f, 0x7, 0x40000402, 0x7ffffffb, 0x9, 0xffffffff80000000, 0x9, 0x7, 0x200000100103}) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) (async) io_uring_register$auto(0x2, 0x19, &(0x7f0000000380)="28378f774039b8e6", 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_udc.6/udc/dummy_udc.6/state\x00', 0x2000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001100)=""/4106, 0x100a) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) (async) sendfile$auto(r0, r0, 0x0, 0x7) 723.305132ms ago: executing program 8 (id=1585): unshare$auto(0x40000080) socket(0x0, 0x6, 0x7fffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r0, &(0x7f0000000040)='\x06\x00\'k', 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) r1 = socket(0x28, 0x1, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r1], 0x14}}, 0x4000000) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb1\x00', 0x0, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f00000000c0)="58fcb282bcbc38bfaef257e019406e8ec445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e9ce53883444996d1721d7f3ae627c6c68118e15b5a753fd37910fbc02d898cfc8254c80582fc6184113a38c8937e") openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/platform/i8042/serio0/input/input1/event1/power/runtime_suspended_time\x00', 0x30001, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) read$auto(0x3, 0x0, 0x80) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f00000001c0), 0x1cb803, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x80100, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0xa, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) io_uring_setup$auto(0x4bf15e08, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) 721.093754ms ago: executing program 0 (id=1586): socket(0xa, 0x0, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x6, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x1, 0x8, 0xa751, 0x80, 0x4, 0x0, 0xa, 0x728d, 0x200, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x55e, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0xd) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8001) prctl$auto_PR_SET_FPEXC(0xc, 0x9, 0x0, 0x5, 0xfef) ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, &(0x7f0000000000)="cdb8941ca55f8ccb74") read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40200081) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0x8000000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) fcntl$auto_F_SETLK(0xffffffffffffffff, 0x6, 0xffffffffffffffff) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mprotect$auto(0x0, 0x6, 0x4) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080), 0xfc6}, 0x2, &(0x7f00000001c0), 0x7, 0xa502}, 0x8000800}, 0x80, 0x8) r1 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x7, @old_prog_fd=r1}, 0xa3) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0xa, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x0, 0x26, 0x4, 0x200004000001, 0x384, 0xfffffffffffffffa, 0x3, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x1fe, 0x0, 0x84}, 0xb, 0xd) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd0e, &(0x7f00000001c0)) write$auto(r1, 0x0, 0x1000002000000000) socket$nl_generic(0x10, 0x3, 0x10) 549.584318ms ago: executing program 7 (id=1587): r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x8003, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0x7ff, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyw0\x00', 0x200201, 0x0) r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy14/rc/name\x00', 0x0, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0) pwrite64$auto(r1, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x10, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x6242, 0x0) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x40080, 0x0) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x100000000000000, 0x40009, 0xdf, 0x14, r0, 0x28003) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0xfb01, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) ioctl$auto(r4, 0x4008af23, r2) socket(0x80000000000000a, 0x2, 0x0) socket(0x2, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x13}}, 0x54) ioctl$auto_MON_IOCQ_URB_LEN(r3, 0x9201, 0x0) 406.788207ms ago: executing program 5 (id=1588): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x300, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x6, 0x6, 0x0, 0x10000, 0x7fffffff, 0xe7e6, {0x2100000000, 0x10000}, 0x3, 0x6, 0x3, 0x1008000, 0x0, 0x100000000, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dJ\x19\x81\xbe5\xbbio1\x00', 0x100008a3d9) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x100000000008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x81, 0x4020009, 0xde, 0xeb1, 0x401, 0x7fff) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, 0x0, 0x44084) remap_file_pages$auto(0x6a27, 0xfff, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) close_range$auto(0x2, 0x8, 0x0) 237.785512ms ago: executing program 0 (id=1589): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = io_uring_setup$auto(0x85, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) ioctl$auto(r0, 0xc0303e03, r1) 0s ago: executing program 0 (id=1590): mmap$auto(0x0, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x10008000) r0 = io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) setsockopt$auto(r0, 0x0, 0x40, 0x0, 0x10000) kernel console output (not intermixed with test programs): BX: 00007f68875a5fa8 RCX: 00007f688738d169 [ 349.226815][T10237] RDX: 00007f6888151b40 RSI: 00007f6888151c70 RDI: 000000000000000b [ 349.226835][T10237] RBP: 00007f68875a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 349.226855][T10237] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f68875a5fac [ 349.226874][T10237] R13: 0000000000000000 R14: 00007fff517ef460 R15: 00007fff517ef548 [ 349.226916][T10237] [ 350.732251][T10258] nbd: illegal input index 2147483647 [ 350.801056][T10258] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1023'. [ 350.835490][T10258] netlink: 'syz.1.1023': attribute type 1 has an invalid length. [ 350.873593][T10258] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1023'. [ 352.120861][T10281] FAULT_INJECTION: forcing a failure. [ 352.120861][T10281] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 352.181765][T10281] CPU: 0 UID: 0 PID: 10281 Comm: syz.0.1026 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 352.181810][T10281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 352.181829][T10281] Call Trace: [ 352.181839][T10281] [ 352.181850][T10281] dump_stack_lvl+0x16c/0x1f0 [ 352.181902][T10281] should_fail_ex+0x512/0x640 [ 352.181954][T10281] _copy_to_user+0x32/0xd0 [ 352.181997][T10281] simple_read_from_buffer+0xcb/0x170 [ 352.182046][T10281] proc_fail_nth_read+0x197/0x270 [ 352.182092][T10281] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 352.182140][T10281] ? rw_verify_area+0xcf/0x680 [ 352.182177][T10281] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 352.182223][T10281] vfs_read+0x1de/0xc70 [ 352.182272][T10281] ? __pfx___mutex_lock+0x10/0x10 [ 352.182320][T10281] ? __pfx_vfs_read+0x10/0x10 [ 352.182376][T10281] ? __fget_files+0x20e/0x3c0 [ 352.182435][T10281] ksys_read+0x12a/0x240 [ 352.182478][T10281] ? __pfx_ksys_read+0x10/0x10 [ 352.182519][T10281] ? rcu_is_watching+0x12/0xc0 [ 352.182570][T10281] do_syscall_64+0xcd/0x260 [ 352.182620][T10281] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.182664][T10281] RIP: 0033:0x7f688738bb7c [ 352.182699][T10281] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 352.182727][T10281] RSP: 002b:00007f6888131030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 352.182753][T10281] RAX: ffffffffffffffda RBX: 00007f68875a6080 RCX: 00007f688738bb7c [ 352.182771][T10281] RDX: 000000000000000f RSI: 00007f68881310a0 RDI: 0000000000000008 [ 352.182789][T10281] RBP: 00007f6888131090 R08: 0000000000000000 R09: 0000000000000000 [ 352.182810][T10281] R10: 0000000000001102 R11: 0000000000000246 R12: 0000000000000001 [ 352.182827][T10281] R13: 0000000000000000 R14: 00007f68875a6080 R15: 00007fff517ef548 [ 352.182865][T10281] [ 352.899176][T10295] FAULT_INJECTION: forcing a failure. [ 352.899176][T10295] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 352.998951][T10295] CPU: 0 UID: 0 PID: 10295 Comm: syz.0.1028 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 352.998994][T10295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 352.999012][T10295] Call Trace: [ 352.999022][T10295] [ 352.999033][T10295] dump_stack_lvl+0x16c/0x1f0 [ 352.999085][T10295] should_fail_ex+0x512/0x640 [ 352.999132][T10295] _copy_from_iter+0x2a4/0x15b0 [ 352.999176][T10295] ? __alloc_skb+0x200/0x380 [ 352.999215][T10295] ? __pfx__copy_from_iter+0x10/0x10 [ 352.999259][T10295] ? __lock_acquire+0xaa4/0x1ba0 [ 352.999320][T10295] netlink_sendmsg+0x829/0xdd0 [ 352.999371][T10295] ? __pfx_netlink_sendmsg+0x10/0x10 [ 352.999434][T10295] ____sys_sendmsg+0xa95/0xc70 [ 352.999464][T10295] ? copy_msghdr_from_user+0x10a/0x160 [ 352.999504][T10295] ? __pfx_____sys_sendmsg+0x10/0x10 [ 352.999539][T10295] ? kfree+0x252/0x4d0 [ 352.999576][T10295] ? __pfx__kstrtoull+0x10/0x10 [ 352.999642][T10295] ___sys_sendmsg+0x134/0x1d0 [ 352.999686][T10295] ? __pfx____sys_sendmsg+0x10/0x10 [ 352.999762][T10295] ? __pfx___might_resched+0x10/0x10 [ 352.999813][T10295] __sys_sendmmsg+0x200/0x420 [ 352.999858][T10295] ? __pfx___sys_sendmmsg+0x10/0x10 [ 352.999945][T10295] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 353.000012][T10295] ? fput+0x70/0xf0 [ 353.000042][T10295] ? ksys_write+0x1b9/0x240 [ 353.000085][T10295] ? __pfx_ksys_write+0x10/0x10 [ 353.000145][T10295] ? rcu_is_watching+0x12/0xc0 [ 353.000192][T10295] __x64_sys_sendmmsg+0x9c/0x100 [ 353.000233][T10295] ? lockdep_hardirqs_on+0x7c/0x110 [ 353.000278][T10295] do_syscall_64+0xcd/0x260 [ 353.000328][T10295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.000361][T10295] RIP: 0033:0x7f688738d169 [ 353.000384][T10295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.000415][T10295] RSP: 002b:00007f6888152038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 353.000444][T10295] RAX: ffffffffffffffda RBX: 00007f68875a5fa0 RCX: 00007f688738d169 [ 353.000464][T10295] RDX: 0000000000000103 RSI: 0000200000000080 RDI: 0000000000000003 [ 353.000482][T10295] RBP: 00007f6888152090 R08: 0000000000000000 R09: 0000000000000000 [ 353.000500][T10295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 353.000518][T10295] R13: 0000000000000000 R14: 00007f68875a5fa0 R15: 00007fff517ef548 [ 353.000557][T10295] [ 355.059900][ T5854] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 357.563871][ T5856] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 357.580424][ T5856] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 357.589151][ T5856] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 357.602208][ T5856] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 357.616448][ T5856] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 357.715318][T10346] delete_channel: no stack [ 357.912913][T10341] chnl_net:caif_netlink_parms(): no params data found [ 358.016317][T10341] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.026736][T10341] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.034114][T10341] bridge_slave_0: entered allmulticast mode [ 358.041596][T10341] bridge_slave_0: entered promiscuous mode [ 358.050825][T10341] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.058414][T10341] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.066011][T10341] bridge_slave_1: entered allmulticast mode [ 358.073609][T10341] bridge_slave_1: entered promiscuous mode [ 358.123588][T10341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 358.136926][T10341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 358.185544][T10341] team0: Port device team_slave_0 added [ 358.194853][T10341] team0: Port device team_slave_1 added [ 358.232094][T10341] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 358.239187][T10341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 358.267137][T10341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 358.279802][T10341] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 358.287828][T10341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 358.313990][T10341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 358.372352][T10341] hsr_slave_0: entered promiscuous mode [ 358.378779][T10341] hsr_slave_1: entered promiscuous mode [ 358.386866][T10341] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 358.395061][T10341] Cannot create hsr debugfs directory [ 358.634229][T10341] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 358.636690][T10356] FAULT_INJECTION: forcing a failure. [ 358.636690][T10356] name failslab, interval 1, probability 0, space 0, times 0 [ 358.664584][T10356] CPU: 0 UID: 0 PID: 10356 Comm: syz.1.1040 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 358.664627][T10356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 358.664647][T10356] Call Trace: [ 358.664657][T10356] [ 358.664668][T10356] dump_stack_lvl+0x16c/0x1f0 [ 358.664719][T10356] should_fail_ex+0x512/0x640 [ 358.664754][T10356] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 358.664807][T10356] should_failslab+0xc2/0x120 [ 358.664836][T10356] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 358.664884][T10356] ? __alloc_skb+0x2b2/0x380 [ 358.664928][T10356] __alloc_skb+0x2b2/0x380 [ 358.664964][T10356] ? __pfx___alloc_skb+0x10/0x10 [ 358.665008][T10356] ? __lock_acquire+0xaa4/0x1ba0 [ 358.665063][T10356] netlink_alloc_large_skb+0x69/0x130 [ 358.665114][T10356] netlink_sendmsg+0x6a1/0xdd0 [ 358.665165][T10356] ? __pfx_netlink_sendmsg+0x10/0x10 [ 358.665246][T10356] ____sys_sendmsg+0xa95/0xc70 [ 358.665277][T10356] ? copy_msghdr_from_user+0x10a/0x160 [ 358.665318][T10356] ? __pfx_____sys_sendmsg+0x10/0x10 [ 358.665364][T10356] ___sys_sendmsg+0x134/0x1d0 [ 358.665408][T10356] ? __pfx____sys_sendmsg+0x10/0x10 [ 358.665507][T10356] __sys_sendmsg+0x16d/0x220 [ 358.665549][T10356] ? __pfx___sys_sendmsg+0x10/0x10 [ 358.665601][T10356] ? rcu_is_watching+0x12/0xc0 [ 358.665650][T10356] do_syscall_64+0xcd/0x260 [ 358.665699][T10356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.665730][T10356] RIP: 0033:0x7f6c2fb8d169 [ 358.665754][T10356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.665784][T10356] RSP: 002b:00007f6c30a8a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 358.665812][T10356] RAX: ffffffffffffffda RBX: 00007f6c2fda5fa0 RCX: 00007f6c2fb8d169 [ 358.665831][T10356] RDX: 0000000020000008 RSI: 0000200000000200 RDI: 0000000000000004 [ 358.665849][T10356] RBP: 00007f6c30a8a090 R08: 0000000000000000 R09: 0000000000000000 [ 358.665866][T10356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 358.665883][T10356] R13: 0000000000000000 R14: 00007f6c2fda5fa0 R15: 00007ffcee409938 [ 358.665920][T10356] [ 358.698217][T10341] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 359.448669][T10341] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 359.497950][T10341] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 359.683519][ T5856] Bluetooth: hci4: command tx timeout [ 359.767500][T10341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 359.791904][T10341] 8021q: adding VLAN 0 to HW filter on device team0 [ 359.824366][ T8560] bridge0: port 1(bridge_slave_0) entered blocking state [ 359.831684][ T8560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 359.900342][ T8560] bridge0: port 2(bridge_slave_1) entered blocking state [ 359.907582][ T8560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.439514][T10341] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 361.511092][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1046'. [ 361.568319][T10341] veth0_vlan: entered promiscuous mode [ 361.624890][T10341] veth1_vlan: entered promiscuous mode [ 361.661711][T10341] veth0_macvtap: entered promiscuous mode [ 361.674800][T10341] veth1_macvtap: entered promiscuous mode [ 361.710034][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.733507][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.747204][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.766934][ T5856] Bluetooth: hci4: command tx timeout [ 361.775763][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.788348][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.800723][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.819366][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.855544][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.886472][T10341] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 361.937064][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.951060][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.977730][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.993371][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.003254][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 362.028934][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.046538][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 362.057459][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.069759][T10341] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 362.082825][T10341] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.103773][T10341] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.112519][T10341] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.133874][T10341] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.320951][ T3125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.338320][ T3125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.433588][ T3125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.441489][ T3125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 363.843634][ T5856] Bluetooth: hci4: command tx timeout [ 365.273483][T10457] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1062'. [ 365.706981][T10469] sd 0:0:1:0: device reset [ 365.933765][ T5854] Bluetooth: hci4: command tx timeout [ 366.208091][ T30] audit: type=1800 audit(4294967378.875:5): pid=10479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1067" name="dummy_udc" dev="gadgetfs" ino=5773 res=0 errno=0 [ 366.300170][ T5856] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 366.317815][ T5856] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 366.338282][ T5856] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 366.347478][ T5856] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 366.355432][ T5856] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 367.131989][T10482] chnl_net:caif_netlink_parms(): no params data found [ 367.429493][T10482] bridge0: port 1(bridge_slave_0) entered blocking state [ 367.440009][T10482] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.448522][T10482] bridge_slave_0: entered allmulticast mode [ 367.458797][T10482] bridge_slave_0: entered promiscuous mode [ 367.469988][T10482] bridge0: port 2(bridge_slave_1) entered blocking state [ 367.477556][T10482] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.485163][T10482] bridge_slave_1: entered allmulticast mode [ 367.493170][T10482] bridge_slave_1: entered promiscuous mode [ 367.537863][T10482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 367.550780][T10482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 367.602512][T10482] team0: Port device team_slave_0 added [ 367.615635][T10482] team0: Port device team_slave_1 added [ 367.651290][T10482] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 367.658347][T10482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 367.687461][T10482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 367.701466][T10482] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 367.709879][T10482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 367.736335][T10482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 367.852727][T10482] hsr_slave_0: entered promiscuous mode [ 367.867049][T10482] hsr_slave_1: entered promiscuous mode [ 367.880488][T10482] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 367.890984][T10482] Cannot create hsr debugfs directory [ 368.322621][T10482] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 368.368410][T10482] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 368.400624][T10482] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 368.433832][T10482] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 368.483898][ T5856] Bluetooth: hci5: command tx timeout [ 368.736502][T10482] 8021q: adding VLAN 0 to HW filter on device bond0 [ 369.000339][T10482] 8021q: adding VLAN 0 to HW filter on device team0 [ 369.138586][ T8560] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.145827][ T8560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 369.156083][ T8560] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.163343][ T8560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 369.699385][T10482] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 370.059920][T10482] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 370.564072][ T5856] Bluetooth: hci5: command tx timeout [ 370.798592][T10482] veth0_vlan: entered promiscuous mode [ 370.848662][T10482] veth1_vlan: entered promiscuous mode [ 370.892681][T10548] nbd: illegal input index 2147483647 [ 370.917070][T10482] veth0_macvtap: entered promiscuous mode [ 370.930769][T10482] veth1_macvtap: entered promiscuous mode [ 370.984974][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.013653][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.029061][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.040206][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.053053][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.064143][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.074516][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.102600][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.132839][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.152825][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.165453][T10482] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 371.187564][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.203998][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.220515][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.237673][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.263858][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.287277][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.303564][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.323773][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.345885][T10482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.371311][T10482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.386258][T10482] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.420753][T10482] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.453593][T10482] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.471560][T10482] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.482374][T10482] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.756420][ T3496] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.766828][ T3496] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.842220][ T8560] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.876886][ T8560] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.404818][T10579] input: isc as /devices/virtual/input/input10 [ 372.419157][T10579] FAULT_INJECTION: forcing a failure. [ 372.419157][T10579] name failslab, interval 1, probability 0, space 0, times 0 [ 372.423499][T10581] ======================================================= [ 372.423499][T10581] WARNING: The mand mount option has been deprecated and [ 372.423499][T10581] and is ignored by this kernel. Remove the mand [ 372.423499][T10581] option from the mount to silence this warning. [ 372.423499][T10581] ======================================================= [ 372.434705][T10579] CPU: 1 UID: 0 PID: 10579 Comm: syz.5.1065 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 372.434754][T10579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 372.434774][T10579] Call Trace: [ 372.434785][T10579] [ 372.434798][T10579] dump_stack_lvl+0x16c/0x1f0 [ 372.434853][T10579] should_fail_ex+0x512/0x640 [ 372.434892][T10579] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 372.434948][T10579] should_failslab+0xc2/0x120 [ 372.434981][T10579] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 372.435032][T10579] ? __kernfs_new_node+0xd2/0x8a0 [ 372.435091][T10579] __kernfs_new_node+0xd2/0x8a0 [ 372.435167][T10579] ? __pfx___kernfs_new_node+0x10/0x10 [ 372.435246][T10579] ? find_held_lock+0x2b/0x80 [ 372.435295][T10579] ? kernfs_root+0xee/0x2a0 [ 372.435358][T10579] kernfs_new_node+0x13c/0x1e0 [ 372.435403][T10579] kernfs_create_link+0xcc/0x240 [ 372.435453][T10579] sysfs_do_create_link_sd+0x90/0x140 [ 372.435510][T10579] sysfs_create_link+0x61/0xc0 [ 372.435563][T10579] device_add+0x62c/0x1a70 [ 372.435605][T10579] ? __pfx_device_add+0x10/0x10 [ 372.435639][T10579] ? __pfx_exact_lock+0x10/0x10 [ 372.435698][T10579] ? kobject_get+0xbb/0x150 [ 372.435755][T10579] cdev_device_add+0xc2/0x1e0 [ 372.435811][T10579] evdev_connect+0x3a4/0x4c0 [ 372.435870][T10579] input_attach_handler.isra.0+0x181/0x260 [ 372.435928][T10579] input_register_device+0xa84/0x1130 [ 372.435990][T10579] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 372.436038][T10579] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 372.436092][T10579] ? find_held_lock+0x2b/0x80 [ 372.436161][T10579] ? __pfx_uinput_ioctl+0x10/0x10 [ 372.436203][T10579] __x64_sys_ioctl+0x190/0x200 [ 372.436255][T10579] do_syscall_64+0xcd/0x260 [ 372.436310][T10579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.436345][T10579] RIP: 0033:0x7f0e9818d169 [ 372.436372][T10579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.436405][T10579] RSP: 002b:00007f0e98f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 372.436436][T10579] RAX: ffffffffffffffda RBX: 00007f0e983a5fa0 RCX: 00007f0e9818d169 [ 372.436459][T10579] RDX: 0200000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 372.436480][T10579] RBP: 00007f0e9820e990 R08: 0000000000000000 R09: 0000000000000000 [ 372.436501][T10579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.436521][T10579] R13: 0000000000000000 R14: 00007f0e983a5fa0 R15: 00007ffdcd7073e8 [ 372.436566][T10579] [ 372.644248][ T5856] Bluetooth: hci5: command tx timeout [ 372.713621][T10579] input: failed to attach handler evdev to device input10, error: -12 [ 372.752329][T10584] can: request_module (can-proto-0) failed. [ 374.618737][T10621] syz.5.1098: vmalloc error: size 16384, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 374.640071][T10621] CPU: 1 UID: 0 PID: 10621 Comm: syz.5.1098 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 374.640102][T10621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 374.640115][T10621] Call Trace: [ 374.640123][T10621] [ 374.640149][T10621] dump_stack_lvl+0x16c/0x1f0 [ 374.640186][T10621] warn_alloc+0x248/0x3a0 [ 374.640222][T10621] ? __pfx_warn_alloc+0x10/0x10 [ 374.640256][T10621] ? alloc_pages_mpol+0x25a/0x550 [ 374.640278][T10621] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 374.640301][T10621] ? trace_kmalloc+0x2b/0xd0 [ 374.640333][T10621] __vmalloc_node_range_noprof+0x12d2/0x1540 [ 374.640373][T10621] ? kernel_clone+0xfc/0x960 [ 374.640412][T10621] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 374.640441][T10621] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 374.640471][T10621] ? rcu_is_watching+0x12/0xc0 [ 374.640512][T10621] ? kernel_clone+0xfc/0x960 [ 374.640542][T10621] __vmalloc_node_noprof+0x74/0xa0 [ 374.640571][T10621] ? kernel_clone+0xfc/0x960 [ 374.640603][T10621] copy_process+0x2ead/0x91a0 [ 374.640635][T10621] ? _kstrtoull+0x145/0x200 [ 374.640685][T10621] ? __pfx__kstrtoull+0x10/0x10 [ 374.640725][T10621] ? find_held_lock+0x2b/0x80 [ 374.640760][T10621] ? __pfx_copy_process+0x10/0x10 [ 374.640801][T10621] ? find_held_lock+0x2b/0x80 [ 374.640840][T10621] kernel_clone+0xfc/0x960 [ 374.640874][T10621] ? __pfx_kernel_clone+0x10/0x10 [ 374.640917][T10621] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 374.640953][T10621] ? 0xffffffff81000000 [ 374.640968][T10621] __do_sys_clone+0xce/0x120 [ 374.641000][T10621] ? __pfx___do_sys_clone+0x10/0x10 [ 374.641035][T10621] ? 0xffffffff81000000 [ 374.641058][T10621] ? ksys_write+0x1b9/0x240 [ 374.641107][T10621] ? __pfx_ksys_write+0x10/0x10 [ 374.641149][T10621] ? rcu_is_watching+0x12/0xc0 [ 374.641193][T10621] do_syscall_64+0xcd/0x260 [ 374.641229][T10621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.641253][T10621] RIP: 0033:0x7f0e9818d169 [ 374.641269][T10621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 374.641292][T10621] RSP: 002b:00007f0e98f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 374.641314][T10621] RAX: ffffffffffffffda RBX: 00007f0e983a5fa0 RCX: 00007f0e9818d169 [ 374.641329][T10621] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000000021002 [ 374.641343][T10621] RBP: 00007f0e98f17090 R08: 0000000000000009 R09: 0000000000000000 [ 374.641357][T10621] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000001 [ 374.641371][T10621] R13: 0000000000000000 R14: 00007f0e983a5fa0 R15: 00007ffdcd7073e8 [ 374.641389][T10621] ? 0xffffffff81000000 [ 374.641412][T10621] [ 374.641419][T10621] Mem-Info: [ 374.793512][ T5856] Bluetooth: hci5: command tx timeout [ 374.811570][T10621] active_anon:23422 inactive_anon:0 isolated_anon:0 [ 374.811570][T10621] active_file:8495 inactive_file:48591 isolated_file:0 [ 374.811570][T10621] unevictable:768 dirty:652 writeback:0 [ 374.811570][T10621] slab_reclaimable:10579 slab_unreclaimable:101722 [ 374.811570][T10621] mapped:42704 shmem:17672 pagetables:839 [ 374.811570][T10621] sec_pagetables:0 bounce:0 [ 374.811570][T10621] kernel_misc_reclaimable:0 [ 374.811570][T10621] free:1281442 free_pcp:1738 free_cma:0 [ 374.971438][T10621] Node 0 active_anon:93688kB inactive_anon:0kB active_file:33980kB inactive_file:194312kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:170772kB dirty:2608kB writeback:0kB shmem:69160kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11312kB pagetables:3356kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 375.007186][T10621] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:52kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 375.039802][T10621] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 375.073893][T10621] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 375.090910][T10621] Node 0 DMA32 free:1212920kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:93436kB inactive_anon:0kB active_file:33980kB inactive_file:192744kB unevictable:1536kB writepending:2608kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:1188kB local_pcp:720kB free_cma:0kB [ 375.168197][T10621] lowmem_reserve[]: 0 0 1 1 1 [ 375.173030][T10621] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1568kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 375.202161][T10621] lowmem_reserve[]: 0 0 0 0 0 [ 375.212769][T10621] Node 1 Normal free:3900204kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:52kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4556kB local_pcp:2104kB free_cma:0kB [ 375.246793][T10621] lowmem_reserve[]: 0 0 0 0 0 [ 375.252295][T10621] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 375.265495][T10621] Node 0 DMA32: 764*4kB (UME) 863*8kB (ME) 677*16kB (UM) 357*32kB (UME) 428*64kB (UME) 86*128kB (UME) 81*256kB (UME) 73*512kB (UME) 36*1024kB (UME) 19*2048kB (UME) 246*4096kB (UM) = 1212120kB [ 375.286589][T10621] Node 0 Normal: 2*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 375.299319][T10621] Node 1 Normal: 203*4kB (UME) 54*8kB (UE) 35*16kB (UE) 191*32kB (UE) 95*64kB (UME) 31*128kB (UE) 11*256kB (UM) 7*512kB (UM) 1*1024kB (M) 2*2048kB (U) 945*4096kB (ME) = 3900204kB [ 375.317912][T10621] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 375.327842][T10621] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 375.337348][T10621] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 375.347112][T10621] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 375.357925][T10621] 74772 total pagecache pages [ 375.362715][T10621] 12 pages in swap cache [ 375.370820][T10621] Free swap = 124948kB [ 375.375086][T10621] Total swap = 124996kB [ 375.380260][T10621] 2097051 pages RAM [ 375.384514][T10621] 0 pages HighMem/MovableOnly [ 375.389228][T10621] 429591 pages reserved [ 375.393490][T10621] 0 pages cma reserved [ 377.670776][T10653] FAULT_INJECTION: forcing a failure. [ 377.670776][T10653] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 377.684438][T10653] CPU: 0 UID: 0 PID: 10653 Comm: syz.0.1108 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 377.684469][T10653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 377.684482][T10653] Call Trace: [ 377.684489][T10653] [ 377.684497][T10653] dump_stack_lvl+0x16c/0x1f0 [ 377.684534][T10653] should_fail_ex+0x512/0x640 [ 377.684564][T10653] strncpy_from_user+0x3b/0x2e0 [ 377.684599][T10653] getname_flags.part.0+0x8b/0x540 [ 377.684639][T10653] getname_flags+0x93/0xf0 [ 377.684686][T10653] __x64_sys_unlinkat+0xe4/0x130 [ 377.684747][T10653] do_syscall_64+0xcd/0x260 [ 377.684783][T10653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.684827][T10653] RIP: 0033:0x7f688738d169 [ 377.684844][T10653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.684865][T10653] RSP: 002b:00007f6888152038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 377.684886][T10653] RAX: ffffffffffffffda RBX: 00007f68875a5fa0 RCX: 00007f688738d169 [ 377.684900][T10653] RDX: 0000000000000200 RSI: 0000000000000000 RDI: ffffffffffffffff [ 377.684914][T10653] RBP: 00007f6888152090 R08: 0000000000000000 R09: 0000000000000000 [ 377.684927][T10653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 377.684940][T10653] R13: 0000000000000000 R14: 00007f68875a5fa0 R15: 00007fff517ef548 [ 377.684967][T10653] [ 377.921588][T10656] HfR: entered promiscuous mode syzkaller syzkaller login: [ 378.171888][T10666] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1112'. [ 378.294919][T10666] netlink: 11 bytes leftover after parsing attributes in process `syz.0.1112'. [ 380.260901][ T5854] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 380.303455][ T5854] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 380.313714][ T5854] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 380.343843][ T5854] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 380.367489][ T5854] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 381.001369][T10703] kmem.limit_in_bytes is deprecated and will be removed. Writing any value to this file has no effect. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 381.129367][T10688] chnl_net:caif_netlink_parms(): no params data found [ 381.341537][T10688] bridge0: port 1(bridge_slave_0) entered blocking state [ 381.348901][T10688] bridge0: port 1(bridge_slave_0) entered disabled state [ 381.357714][T10688] bridge_slave_0: entered allmulticast mode [ 381.366496][T10688] bridge_slave_0: entered promiscuous mode [ 381.376501][T10688] bridge0: port 2(bridge_slave_1) entered blocking state [ 381.383902][T10688] bridge0: port 2(bridge_slave_1) entered disabled state [ 381.392528][T10688] bridge_slave_1: entered allmulticast mode [ 381.401378][T10688] bridge_slave_1: entered promiscuous mode [ 381.462422][T10688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 381.499154][T10688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 381.569824][T10688] team0: Port device team_slave_0 added [ 381.580193][T10688] team0: Port device team_slave_1 added [ 381.629348][T10688] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 381.637364][T10688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 381.664148][T10688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 381.677917][T10688] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 381.685574][T10688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 381.713186][T10688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 381.771715][T10688] hsr_slave_0: entered promiscuous mode [ 381.778660][T10688] hsr_slave_1: entered promiscuous mode [ 381.786722][T10688] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 381.794894][T10688] Cannot create hsr debugfs directory [ 382.073599][T10688] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 382.118672][T10688] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 382.151744][T10688] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 382.175719][T10688] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 382.483610][ T5854] Bluetooth: hci6: command tx timeout [ 383.558181][T10740] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1127'. [ 383.707085][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.718588][T10688] 8021q: adding VLAN 0 to HW filter on device bond0 [ 383.750881][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.777943][T10688] 8021q: adding VLAN 0 to HW filter on device team0 [ 383.847331][ T8565] bridge0: port 1(bridge_slave_0) entered blocking state [ 383.854585][ T8565] bridge0: port 1(bridge_slave_0) entered forwarding state [ 383.922167][ T8565] bridge0: port 2(bridge_slave_1) entered blocking state [ 383.929434][ T8565] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.379334][T10688] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 384.563503][ T5854] Bluetooth: hci6: command tx timeout [ 385.179701][T10688] veth0_vlan: entered promiscuous mode [ 385.202160][T10688] veth1_vlan: entered promiscuous mode [ 385.301653][T10688] veth0_macvtap: entered promiscuous mode [ 385.336443][T10688] veth1_macvtap: entered promiscuous mode [ 385.362822][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.375001][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.386834][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.397545][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.407786][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.420246][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.430814][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.441805][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.452083][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.464043][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.474426][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.485600][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.498200][T10688] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 385.526724][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.540517][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.551489][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.562208][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.572367][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.584228][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.595582][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.612103][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.622714][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.636391][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.646674][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.657308][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.669093][T10688] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 385.747908][T10688] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.758124][T10688] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.767307][T10688] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.776115][T10688] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.935816][ T8560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.957819][ T8560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.457491][ T3467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.465418][ T3467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.653633][ T5854] Bluetooth: hci6: command tx timeout [ 387.254685][T10792] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 387.345224][T10793] blktrace: Concurrent blktraces are not allowed on loop2 [ 388.733676][ T5854] Bluetooth: hci6: command tx timeout [ 389.230786][ T5856] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 389.247884][ T5856] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 389.265083][ T5856] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 389.306922][ T5856] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 389.333746][ T5856] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 389.548090][T10833] netlink: 'syz.0.1149': attribute type 7 has an invalid length. [ 389.575746][T10833] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1149'. [ 389.912162][T10822] chnl_net:caif_netlink_parms(): no params data found [ 390.439951][T10822] bridge0: port 1(bridge_slave_0) entered blocking state [ 390.484637][T10822] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.526078][T10822] bridge_slave_0: entered allmulticast mode [ 390.551550][T10822] bridge_slave_0: entered promiscuous mode [ 390.952554][T10822] bridge0: port 2(bridge_slave_1) entered blocking state [ 391.009036][T10822] bridge0: port 2(bridge_slave_1) entered disabled state [ 391.026657][T10822] bridge_slave_1: entered allmulticast mode [ 391.066038][T10822] bridge_slave_1: entered promiscuous mode [ 391.443657][ T5854] Bluetooth: hci7: command tx timeout [ 391.468474][T10822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 391.501583][T10822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 391.683268][T10822] team0: Port device team_slave_0 added [ 391.707393][T10822] team0: Port device team_slave_1 added [ 391.789957][T10822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 391.798026][T10822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 391.824774][T10822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 391.856977][T10822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 391.880753][T10822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 391.907698][T10822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 392.072006][T10822] hsr_slave_0: entered promiscuous mode [ 392.089369][T10822] hsr_slave_1: entered promiscuous mode [ 392.100012][T10822] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 392.112103][T10822] Cannot create hsr debugfs directory [ 392.907679][ T8567] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.061369][ T8567] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.110068][T10822] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 393.173818][T10822] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 393.308315][ T8567] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.338363][T10822] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 393.381288][T10822] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 393.432570][ T8567] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.524056][ T5854] Bluetooth: hci7: command tx timeout [ 393.976824][ T8567] bridge_slave_1: left allmulticast mode [ 393.982793][ T8567] bridge_slave_1: left promiscuous mode [ 394.020198][ T8567] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.046215][ T8567] bridge_slave_0: left allmulticast mode [ 394.058534][ T5856] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 394.062113][ T8567] bridge_slave_0: left promiscuous mode [ 394.073876][ T5856] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 394.079362][ T8567] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.097281][ T5856] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 394.107863][ T5856] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 394.116124][ T5856] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 394.741253][ T8567] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 394.753919][ T8567] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 394.767376][ T8567] bond0 (unregistering): Released all slaves [ 394.857795][T10822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 395.118905][T10822] 8021q: adding VLAN 0 to HW filter on device team0 [ 395.177845][ T5854] Bluetooth: hci3: unexpected event 0x23 length: 127 > 13 [ 395.216015][ T3467] bridge0: port 1(bridge_slave_0) entered blocking state [ 395.230384][ T3467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 395.412887][ T8565] bridge0: port 2(bridge_slave_1) entered blocking state [ 395.420093][ T8565] bridge0: port 2(bridge_slave_1) entered forwarding state [ 395.603605][ T5854] Bluetooth: hci7: command tx timeout [ 395.630912][ T8567] hsr_slave_0: left promiscuous mode [ 395.670168][ T8567] hsr_slave_1: left promiscuous mode [ 395.677228][ T8567] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 395.712518][ T8567] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 395.741011][ T8567] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 395.760181][ T8567] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 395.825529][ T8567] veth1_macvtap: left promiscuous mode [ 395.832726][ T8567] veth0_macvtap: left promiscuous mode [ 395.890889][ T8567] veth1_vlan: left promiscuous mode [ 395.897144][ T8567] veth0_vlan: left promiscuous mode [ 396.165115][ T5854] Bluetooth: hci6: command tx timeout [ 396.609148][ T8567] team0 (unregistering): Port device team_slave_1 removed [ 396.653949][ T8567] team0 (unregistering): Port device team_slave_0 removed [ 397.683520][ T5854] Bluetooth: hci7: command tx timeout [ 397.999108][T10822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 398.244843][ T5854] Bluetooth: hci6: command tx timeout [ 398.462206][T10899] chnl_net:caif_netlink_parms(): no params data found [ 399.028698][T10822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 399.073578][T10899] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.094335][T10899] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.101609][T10899] bridge_slave_0: entered allmulticast mode [ 399.166100][T10899] bridge_slave_0: entered promiscuous mode [ 399.211901][T10899] bridge0: port 2(bridge_slave_1) entered blocking state [ 399.238728][T10899] bridge0: port 2(bridge_slave_1) entered disabled state [ 399.263629][T10899] bridge_slave_1: entered allmulticast mode [ 399.271594][T10899] bridge_slave_1: entered promiscuous mode [ 399.485886][T10899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 399.593586][T10899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 399.917830][T10899] team0: Port device team_slave_0 added [ 399.962218][T10899] team0: Port device team_slave_1 added [ 400.293997][T10899] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 400.314644][T10899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.325046][ T5854] Bluetooth: hci6: command tx timeout [ 400.400075][T10899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 400.581194][T10899] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 400.588257][T10899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.614283][T10899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 400.837253][T10899] hsr_slave_0: entered promiscuous mode [ 400.854870][T10899] hsr_slave_1: entered promiscuous mode [ 400.883156][T10899] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 400.913904][T10899] Cannot create hsr debugfs directory [ 402.411553][ T5854] Bluetooth: hci6: command tx timeout [ 402.495761][T10822] veth0_vlan: entered promiscuous mode [ 402.542306][T10822] veth1_vlan: entered promiscuous mode [ 402.928298][T10822] veth0_macvtap: entered promiscuous mode [ 402.966380][T10822] veth1_macvtap: entered promiscuous mode [ 403.072107][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.102426][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.142985][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.160864][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.171235][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.193800][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.220273][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.235456][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.246529][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.270697][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.280770][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.298079][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.317101][T10822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 403.332103][T10899] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 403.414588][T10899] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 403.447843][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 403.465973][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.476713][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 403.487233][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.497183][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 403.507723][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.519215][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 403.530946][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.556773][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 403.576938][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.587315][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 403.598068][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.634712][T10822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 403.644300][T10899] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 403.671909][T10899] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 403.723773][T10822] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.761889][T10822] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.792022][T10822] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.801946][T10822] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 404.225957][ T3467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 404.253390][ T3467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 404.390921][ T3125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 404.411246][T10899] 8021q: adding VLAN 0 to HW filter on device bond0 [ 404.427090][ T3125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 404.503663][T10899] 8021q: adding VLAN 0 to HW filter on device team0 [ 404.545857][ T8560] bridge0: port 1(bridge_slave_0) entered blocking state [ 404.553214][ T8560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 404.643462][ T8560] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.650656][ T8560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 406.255403][T10899] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 407.698277][T10899] veth0_vlan: entered promiscuous mode [ 407.760501][T10899] veth1_vlan: entered promiscuous mode [ 408.001824][T10899] veth0_macvtap: entered promiscuous mode [ 408.023807][T10899] veth1_macvtap: entered promiscuous mode [ 408.088939][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.127213][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.155559][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.175245][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.190788][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.228672][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.257369][T11120] kexec: Could not allocate control_code_buffer [ 408.260897][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.300775][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.330403][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.362598][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.397622][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.459351][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.493355][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.527127][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.580074][T10899] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 408.633701][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.712399][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.740219][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.763280][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.783363][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.803840][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.823353][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.855356][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.898723][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.923352][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.950086][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.960988][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.980438][T10899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.998574][T10899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.012137][T10899] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 409.086892][T10899] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.105832][T10899] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.115262][T10899] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.129407][T10899] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.391561][ T3467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 409.413510][ T3467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 409.523667][ T8560] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 409.548884][ T8560] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 409.828858][T11165] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1208'. [ 409.866329][T11165] netlink: 354 bytes leftover after parsing attributes in process `syz.7.1208'. [ 415.027132][T11298] netlink: 'syz.8.1232': attribute type 1 has an invalid length. [ 416.265158][T11316] FAULT_INJECTION: forcing a failure. [ 416.265158][T11316] name failslab, interval 1, probability 0, space 0, times 0 [ 416.306198][T11318] FAULT_INJECTION: forcing a failure. [ 416.306198][T11318] name failslab, interval 1, probability 0, space 0, times 0 [ 416.322357][T11318] CPU: 1 UID: 0 PID: 11318 Comm: syz.7.1238 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 416.322399][T11318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 416.322416][T11318] Call Trace: [ 416.322427][T11318] [ 416.322438][T11318] dump_stack_lvl+0x16c/0x1f0 [ 416.322490][T11318] should_fail_ex+0x512/0x640 [ 416.322524][T11318] ? fs_reclaim_acquire+0xae/0x150 [ 416.322565][T11318] ? tomoyo_encode2+0x100/0x3e0 [ 416.322605][T11318] should_failslab+0xc2/0x120 [ 416.322634][T11318] __kmalloc_noprof+0xd2/0x510 [ 416.322696][T11318] ? d_absolute_path+0x136/0x1a0 [ 416.322734][T11318] tomoyo_encode2+0x100/0x3e0 [ 416.322777][T11318] tomoyo_encode+0x29/0x50 [ 416.322814][T11318] tomoyo_realpath_from_path+0x18f/0x6e0 [ 416.322865][T11318] tomoyo_path_number_perm+0x245/0x580 [ 416.322897][T11318] ? tomoyo_path_number_perm+0x237/0x580 [ 416.322934][T11318] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 416.322970][T11318] ? find_held_lock+0x2b/0x80 [ 416.323038][T11318] ? find_held_lock+0x2b/0x80 [ 416.323072][T11318] ? hook_file_ioctl_common+0x145/0x410 [ 416.323111][T11318] ? __fget_files+0x20e/0x3c0 [ 416.323159][T11318] security_file_ioctl+0x9b/0x240 [ 416.323196][T11318] __x64_sys_ioctl+0xb7/0x200 [ 416.323233][T11318] do_syscall_64+0xcd/0x260 [ 416.323300][T11318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.323332][T11318] RIP: 0033:0x7fe6d0b8d169 [ 416.323354][T11318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 416.323384][T11318] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 416.323411][T11318] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 416.323431][T11318] RDX: 0000000000000003 RSI: 000000004008af23 RDI: 0000000000000004 [ 416.323449][T11318] RBP: 00007fe6d1a48090 R08: 0000000000000000 R09: 0000000000000000 [ 416.323466][T11318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 416.323483][T11318] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 416.323519][T11318] [ 416.565398][T11318] ERROR: Out of memory at tomoyo_realpath_from_path. [ 416.624639][T11316] CPU: 0 UID: 0 PID: 11316 Comm: syz.8.1236 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 416.624698][T11316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 416.624716][T11316] Call Trace: [ 416.624725][T11316] [ 416.624737][T11316] dump_stack_lvl+0x16c/0x1f0 [ 416.624786][T11316] should_fail_ex+0x512/0x640 [ 416.624821][T11316] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 416.624873][T11316] should_failslab+0xc2/0x120 [ 416.624902][T11316] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 416.624951][T11316] ? mas_alloc_nodes+0x18b/0x8b0 [ 416.624997][T11316] mas_alloc_nodes+0x18b/0x8b0 [ 416.625044][T11316] mas_node_count_gfp+0x105/0x130 [ 416.625087][T11316] mas_preallocate+0x53e/0xcd0 [ 416.625124][T11316] ? __pfx_mas_preallocate+0x10/0x10 [ 416.625163][T11316] ? vm_area_alloc+0x1f/0x160 [ 416.625204][T11316] ? lockdep_init_map_type+0x5c/0x280 [ 416.625239][T11316] __mmap_region+0x139b/0x27c0 [ 416.625288][T11316] ? __pfx___mmap_region+0x10/0x10 [ 416.625331][T11316] ? bpf_ksym_find+0x124/0x1c0 [ 416.625376][T11316] ? __kernel_text_address+0xd/0x40 [ 416.625412][T11316] ? unwind_get_return_address+0x59/0xa0 [ 416.625520][T11316] ? trace_cap_capable+0x18d/0x200 [ 416.625552][T11316] ? cap_capable+0xb3/0x250 [ 416.625586][T11316] mmap_region+0x1ab/0x3f0 [ 416.625642][T11316] do_mmap+0xd8e/0x11b0 [ 416.625687][T11316] ? __pfx_do_mmap+0x10/0x10 [ 416.625724][T11316] ? __pfx_down_write_killable+0x10/0x10 [ 416.625761][T11316] vm_mmap_pgoff+0x281/0x450 [ 416.625804][T11316] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 416.625846][T11316] ? __fget_files+0x20e/0x3c0 [ 416.625898][T11316] ksys_mmap_pgoff+0x32c/0x5c0 [ 416.625933][T11316] ? __pfx_ksys_write+0x10/0x10 [ 416.625972][T11316] ? rcu_is_watching+0x12/0xc0 [ 416.626013][T11316] __x64_sys_mmap+0x125/0x190 [ 416.626055][T11316] do_syscall_64+0xcd/0x260 [ 416.626102][T11316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.626134][T11316] RIP: 0033:0x7f70a2b8d169 [ 416.626157][T11316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 416.626186][T11316] RSP: 002b:00007f70a29f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 416.626213][T11316] RAX: ffffffffffffffda RBX: 00007f70a2da5fa0 RCX: 00007f70a2b8d169 [ 416.626233][T11316] RDX: fffffffffffffe01 RSI: 0000000000000005 RDI: 0000000000000000 [ 416.626251][T11316] RBP: 00007f70a29f7090 R08: 0000000000000003 R09: 0000000000008000 [ 416.626269][T11316] R10: 0000000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 416.626287][T11316] R13: 0000000000000000 R14: 00007f70a2da5fa0 R15: 00007ffedf4b6e38 [ 416.626325][T11316] [ 417.356936][T11340] FAULT_INJECTION: forcing a failure. [ 417.356936][T11340] name failslab, interval 1, probability 0, space 0, times 0 [ 417.386545][T11341] FAULT_INJECTION: forcing a failure. [ 417.386545][T11341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 417.400003][T11341] CPU: 0 UID: 0 PID: 11341 Comm: syz.8.1241 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 417.400042][T11341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 417.400060][T11341] Call Trace: [ 417.400070][T11341] [ 417.400080][T11341] dump_stack_lvl+0x16c/0x1f0 [ 417.400129][T11341] should_fail_ex+0x512/0x640 [ 417.400183][T11341] _copy_from_user+0x2e/0xd0 [ 417.400239][T11341] ____sys_sendmsg+0x607/0xc70 [ 417.400271][T11341] ? __pfx_____sys_sendmsg+0x10/0x10 [ 417.400315][T11341] ? __pfx__kstrtoull+0x10/0x10 [ 417.400372][T11341] ___sys_sendmsg+0x134/0x1d0 [ 417.400415][T11341] ? __pfx____sys_sendmsg+0x10/0x10 [ 417.400475][T11341] ? find_held_lock+0x2b/0x80 [ 417.400538][T11341] __sys_sendmmsg+0x200/0x420 [ 417.400584][T11341] ? __pfx___sys_sendmmsg+0x10/0x10 [ 417.400637][T11341] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 417.400701][T11341] ? fput+0x70/0xf0 [ 417.400730][T11341] ? ksys_write+0x1b9/0x240 [ 417.400770][T11341] ? __pfx_ksys_write+0x10/0x10 [ 417.400811][T11341] ? rcu_is_watching+0x12/0xc0 [ 417.400855][T11341] __x64_sys_sendmmsg+0x9c/0x100 [ 417.400894][T11341] ? lockdep_hardirqs_on+0x7c/0x110 [ 417.400939][T11341] do_syscall_64+0xcd/0x260 [ 417.400986][T11341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.401019][T11341] RIP: 0033:0x7f70a2b8d169 [ 417.401042][T11341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.401073][T11341] RSP: 002b:00007f70a29b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 417.401102][T11341] RAX: ffffffffffffffda RBX: 00007f70a2da6160 RCX: 00007f70a2b8d169 [ 417.401122][T11341] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 417.401140][T11341] RBP: 00007f70a29b5090 R08: 0000000000000000 R09: 0000000000000000 [ 417.401159][T11341] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 417.401177][T11341] R13: 0000000000000000 R14: 00007f70a2da6160 R15: 00007ffedf4b6e38 [ 417.401216][T11341] [ 417.534562][T11340] CPU: 1 UID: 0 PID: 11340 Comm: syz.7.1244 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 417.534606][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 417.534625][T11340] Call Trace: [ 417.534637][T11340] [ 417.534650][T11340] dump_stack_lvl+0x16c/0x1f0 [ 417.534702][T11340] should_fail_ex+0x512/0x640 [ 417.534738][T11340] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 417.534787][T11340] should_failslab+0xc2/0x120 [ 417.534817][T11340] __kmalloc_cache_noprof+0x6a/0x3e0 [ 417.534861][T11340] ? snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 417.534924][T11340] snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 417.534981][T11340] ? preempt_count_sub+0x127/0x160 [ 417.535030][T11340] ? trace_contention_end+0xdd/0x130 [ 417.535063][T11340] ? __mutex_lock+0x1ca/0xb90 [ 417.535107][T11340] ? rcu_is_watching+0x12/0xc0 [ 417.535150][T11340] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 417.535228][T11340] ? __pfx___mutex_lock+0x10/0x10 [ 417.535296][T11340] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 417.535361][T11340] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 417.535403][T11340] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 417.535441][T11340] ? hook_file_ioctl_common+0x145/0x410 [ 417.535481][T11340] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 417.535520][T11340] ? __fget_files+0x20e/0x3c0 [ 417.535579][T11340] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 417.535616][T11340] __x64_sys_ioctl+0x190/0x200 [ 417.535658][T11340] do_syscall_64+0xcd/0x260 [ 417.535712][T11340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.535745][T11340] RIP: 0033:0x7fe6d0b8d169 [ 417.535771][T11340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.535803][T11340] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 417.535834][T11340] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 417.535855][T11340] RDX: 0000200000000000 RSI: 00000000c0045002 RDI: 0000000000000003 [ 417.535876][T11340] RBP: 00007fe6d1a48090 R08: 0000000000000000 R09: 0000000000000000 [ 417.535897][T11340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 417.535916][T11340] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 417.535959][T11340] [ 421.427337][ T30] audit: type=1326 audit(4294967434.085:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.8.1254" exe="/root/syz-executor" sig=9 arch=c000003e syscall=157 compat=0 ip=0x7f70a2b8d169 code=0x0 [ 424.339020][T11457] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1272'. [ 427.342869][T11509] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1283'. [ 428.028192][T11519] cgroup: fork rejected by pids controller in /syz5 [ 428.528362][T11580] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1289'. [ 429.056137][T11596] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1293'. [ 431.045947][T11631] FAULT_INJECTION: forcing a failure. [ 431.045947][T11631] name failslab, interval 1, probability 0, space 0, times 0 [ 431.114845][T11631] CPU: 0 UID: 0 PID: 11631 Comm: syz.7.1299 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 431.114883][T11631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 431.114899][T11631] Call Trace: [ 431.114907][T11631] [ 431.114917][T11631] dump_stack_lvl+0x16c/0x1f0 [ 431.114962][T11631] should_fail_ex+0x512/0x640 [ 431.114992][T11631] ? __kmalloc_noprof+0xbf/0x510 [ 431.115051][T11631] ? inotify_handle_inode_event+0x1cf/0x6f0 [ 431.115079][T11631] should_failslab+0xc2/0x120 [ 431.115106][T11631] __kmalloc_noprof+0xd2/0x510 [ 431.115165][T11631] inotify_handle_inode_event+0x1cf/0x6f0 [ 431.115203][T11631] inotify_ignored_and_remove_idr+0x28/0x70 [ 431.115235][T11631] ? __pfx_inotify_freeing_mark+0x10/0x10 [ 431.115261][T11631] fsnotify_free_mark+0xe9/0x140 [ 431.115308][T11631] fsnotify_clear_marks_by_group+0x4b9/0x7c0 [ 431.115357][T11631] ? do_raw_spin_lock+0x12c/0x2b0 [ 431.115389][T11631] ? __pfx_fsnotify_clear_marks_by_group+0x10/0x10 [ 431.115437][T11631] ? fsnotify_destroy_group+0xc7/0x390 [ 431.115481][T11631] ? __pfx_inotify_release+0x10/0x10 [ 431.115508][T11631] fsnotify_destroy_group+0xd4/0x390 [ 431.115551][T11631] ? __pfx_fsnotify_destroy_group+0x10/0x10 [ 431.115591][T11631] ? locks_remove_file+0x39e/0x5b0 [ 431.115632][T11631] ? __pfx_locks_remove_file+0x10/0x10 [ 431.115671][T11631] ? __pfx___might_resched+0x10/0x10 [ 431.115715][T11631] ? __pfx_inotify_release+0x10/0x10 [ 431.115741][T11631] inotify_release+0x3b/0x70 [ 431.115785][T11631] __fput+0x3ff/0xb70 [ 431.115817][T11631] ? _raw_spin_unlock_irq+0x23/0x50 [ 431.115860][T11631] task_work_run+0x14d/0x240 [ 431.115896][T11631] ? __pfx_task_work_run+0x10/0x10 [ 431.115933][T11631] ? do_raw_spin_unlock+0x172/0x230 [ 431.115975][T11631] do_exit+0xafb/0x2c30 [ 431.116021][T11631] ? __pfx_futex_wake_mark+0x10/0x10 [ 431.116059][T11631] ? __pfx_do_exit+0x10/0x10 [ 431.116106][T11631] ? do_raw_spin_lock+0x12c/0x2b0 [ 431.116140][T11631] ? find_held_lock+0x2b/0x80 [ 431.116189][T11631] do_group_exit+0xd3/0x2a0 [ 431.116220][T11631] get_signal+0x2673/0x26d0 [ 431.116263][T11631] ? find_held_lock+0x2b/0x80 [ 431.116303][T11631] ? mntput_no_expire+0x148/0xb20 [ 431.116348][T11631] ? __pfx_get_signal+0x10/0x10 [ 431.116389][T11631] ? do_futex+0x122/0x350 [ 431.116444][T11631] ? __pfx_do_futex+0x10/0x10 [ 431.116489][T11631] arch_do_signal_or_restart+0x8f/0x7d0 [ 431.116535][T11631] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 431.116591][T11631] ? __pfx___x64_sys_inotify_add_watch+0x10/0x10 [ 431.116622][T11631] ? rcu_is_watching+0x12/0xc0 [ 431.116665][T11631] syscall_exit_to_user_mode+0x150/0x2a0 [ 431.116731][T11631] do_syscall_64+0xda/0x260 [ 431.116780][T11631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.116811][T11631] RIP: 0033:0x7fe6d0b8d169 [ 431.116834][T11631] Code: Unable to access opcode bytes at 0x7fe6d0b8d13f. [ 431.116847][T11631] RSP: 002b:00007fe6d1a480e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 431.116876][T11631] RAX: fffffffffffffe00 RBX: 00007fe6d0da5fa8 RCX: 00007fe6d0b8d169 [ 431.116895][T11631] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe6d0da5fa8 [ 431.116926][T11631] RBP: 00007fe6d0da5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 431.116944][T11631] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe6d0da5fac [ 431.116961][T11631] R13: 0000000000000000 R14: 00007ffd530eeaf0 R15: 00007ffd530eebd8 [ 431.116998][T11631] [ 432.005373][T11658] FAULT_INJECTION: forcing a failure. [ 432.005373][T11658] name failslab, interval 1, probability 0, space 0, times 0 [ 432.050048][T11658] CPU: 0 UID: 0 PID: 11658 Comm: syz.8.1304 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 432.050090][T11658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 432.050109][T11658] Call Trace: [ 432.050119][T11658] [ 432.050131][T11658] dump_stack_lvl+0x16c/0x1f0 [ 432.050183][T11658] should_fail_ex+0x512/0x640 [ 432.050220][T11658] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 432.050272][T11658] should_failslab+0xc2/0x120 [ 432.050301][T11658] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 432.050356][T11658] ? __proc_create+0xc3/0x8c0 [ 432.050391][T11658] ? __proc_create+0x2ce/0x8c0 [ 432.050424][T11658] __proc_create+0x2ce/0x8c0 [ 432.050454][T11658] ? __pfx___proc_create+0x10/0x10 [ 432.050480][T11658] ? __register_sysctl_table+0x736/0x1900 [ 432.050516][T11658] ? _raw_spin_unlock+0x28/0x50 [ 432.050554][T11658] proc_create_reg+0x7d/0x180 [ 432.050586][T11658] proc_create_net_data+0x8e/0x1b0 [ 432.050616][T11658] ? __pfx_proc_create_net_data+0x10/0x10 [ 432.050671][T11658] ? __pfx_arp_net_init+0x10/0x10 [ 432.050696][T11658] arp_net_init+0x53/0x70 [ 432.050720][T11658] ops_init+0x1df/0x5f0 [ 432.050760][T11658] setup_net+0x21e/0x850 [ 432.050800][T11658] ? __pfx_setup_net+0x10/0x10 [ 432.050841][T11658] ? lockdep_init_map_type+0x5c/0x280 [ 432.050867][T11658] ? __pfx_down_read_killable+0x10/0x10 [ 432.050897][T11658] ? debug_mutex_init+0x37/0x70 [ 432.050933][T11658] copy_net_ns+0x2a6/0x5f0 [ 432.050977][T11658] create_new_namespaces+0x3ea/0xad0 [ 432.051023][T11658] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 432.051066][T11658] ksys_unshare+0x45b/0xa40 [ 432.051108][T11658] ? __pfx_ksys_unshare+0x10/0x10 [ 432.051147][T11658] ? xfd_validate_state+0x5d/0x180 [ 432.051178][T11658] ? rcu_is_watching+0x12/0xc0 [ 432.051219][T11658] __x64_sys_unshare+0x31/0x40 [ 432.051259][T11658] do_syscall_64+0xcd/0x260 [ 432.051302][T11658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.051336][T11658] RIP: 0033:0x7f70a2b8d169 [ 432.051357][T11658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.051385][T11658] RSP: 002b:00007f70a29f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 432.051412][T11658] RAX: ffffffffffffffda RBX: 00007f70a2da5fa0 RCX: 00007f70a2b8d169 [ 432.051430][T11658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 432.051446][T11658] RBP: 00007f70a2c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 432.051465][T11658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.051480][T11658] R13: 0000000000000000 R14: 00007f70a2da5fa0 R15: 00007ffedf4b6e38 [ 432.051513][T11658] [ 432.326823][T11664] [U] [ 432.329864][T11664] [U] [ 432.332618][T11664] [U] [ 432.335380][T11664] [U] [ 432.353673][T11664] [U] [ 432.356449][T11664] [U] [ 432.359205][T11664] [U] [ 432.361988][T11664] [U] [ 432.365510][T11664] [U] [ 432.368298][T11664] [U] [ 432.371051][T11664] [U] [ 432.373815][T11664] [U] [ 432.398670][T11664] [U] [ 432.401446][T11664] [U] [ 432.404200][T11664] [U] [ 432.406969][T11664] [U] [ 432.425591][T11664] [U] [ 432.428370][T11664] [U] [ 432.431141][T11664] [U] [ 432.433912][T11664] [U] [ 432.634522][T11664] [U] [ 432.637302][T11664] [U] [ 432.640106][T11664] [U] [ 432.642850][T11664] [U] [ 432.654439][T11664] [U] [ 432.657200][T11664] [U] [ 432.659944][T11664] [U] [ 432.662718][T11664] [U] [ 432.703778][T11664] [U] [ 432.706544][T11664] [U] [ 432.709291][T11664] [U] [ 432.712024][T11664] [U] [ 432.749110][T11664] [U] [ 432.751893][T11664] [U] [ 432.754676][T11664] [U] [ 432.757424][T11664] [U] [ 432.824224][T11664] [U] [ 438.039977][T11802] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1328'. [ 438.657819][T11816] can: request_module (can-proto-5) failed. [ 439.814933][T11852] netlink: 'syz.8.1336': attribute type 11 has an invalid length. [ 440.533021][T11875] netlink: 'syz.7.1340': attribute type 15 has an invalid length. [ 440.541701][T11875] netlink: 'syz.7.1340': attribute type 16 has an invalid length. [ 440.573873][T11875] netlink: 'syz.7.1340': attribute type 17 has an invalid length. [ 440.608477][T11875] netlink: 'syz.7.1340': attribute type 19 has an invalid length. [ 440.637480][T11875] netlink: 'syz.7.1340': attribute type 27 has an invalid length. [ 440.647135][T11875] netlink: 'syz.7.1340': attribute type 28 has an invalid length. [ 440.655671][T11875] netlink: 'syz.7.1340': attribute type 29 has an invalid length. [ 440.664455][T11875] netlink: 'syz.7.1340': attribute type 30 has an invalid length. [ 440.672434][T11875] netlink: 18 bytes leftover after parsing attributes in process `syz.7.1340'. [ 444.139383][T11934] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 445.140135][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.148504][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.583344][T11959] netlink: 302 bytes leftover after parsing attributes in process `syz.7.1361'. [ 445.962479][T11965] block nbd3: Unsupported socket: shutdown callout must be supported. [ 449.251794][T12008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1375'. [ 449.744449][T12022] FAULT_INJECTION: forcing a failure. [ 449.744449][T12022] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 449.776483][T12022] CPU: 1 UID: 0 PID: 12022 Comm: syz.8.1378 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 449.776530][T12022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 449.776547][T12022] Call Trace: [ 449.776556][T12022] [ 449.776566][T12022] dump_stack_lvl+0x16c/0x1f0 [ 449.776612][T12022] should_fail_ex+0x512/0x640 [ 449.776650][T12022] should_fail_alloc_page+0xe7/0x130 [ 449.776679][T12022] prepare_alloc_pages+0x3c2/0x610 [ 449.776713][T12022] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 449.776748][T12022] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 449.776817][T12022] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 449.776863][T12022] ? do_raw_spin_lock+0x12c/0x2b0 [ 449.776898][T12022] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 449.776929][T12022] ? cgroup_rstat_updated+0x2a/0xb20 [ 449.776964][T12022] ? find_held_lock+0x2b/0x80 [ 449.777010][T12022] ? __lock_acquire+0xaa4/0x1ba0 [ 449.777057][T12022] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 449.777091][T12022] ? policy_nodemask+0xea/0x4e0 [ 449.777141][T12022] alloc_pages_mpol+0x1fb/0x550 [ 449.777170][T12022] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 449.777208][T12022] folio_alloc_mpol_noprof+0x36/0x2f0 [ 449.777244][T12022] shmem_alloc_folio+0x135/0x160 [ 449.777286][T12022] shmem_alloc_and_add_folio+0x499/0xc20 [ 449.777341][T12022] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 449.777410][T12022] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 449.777484][T12022] shmem_get_folio_gfp+0x687/0x1530 [ 449.777541][T12022] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 449.777594][T12022] ? filemap_map_pages+0xf6c/0x1680 [ 449.777629][T12022] shmem_fault+0x1fe/0xa30 [ 449.777682][T12022] ? __pfx_shmem_fault+0x10/0x10 [ 449.777741][T12022] ? __pfx_filemap_map_pages+0x10/0x10 [ 449.777792][T12022] __do_fault+0x10a/0x490 [ 449.777825][T12022] do_pte_missing+0x1031/0x3fb0 [ 449.777875][T12022] ? __handle_mm_fault+0x1010/0x2a40 [ 449.777925][T12022] __handle_mm_fault+0x103d/0x2a40 [ 449.777983][T12022] ? __pfx___handle_mm_fault+0x10/0x10 [ 449.778026][T12022] ? __pte_offset_map_lock+0x155/0x2f0 [ 449.778063][T12022] ? find_held_lock+0x2b/0x80 [ 449.778099][T12022] ? find_held_lock+0x2b/0x80 [ 449.778166][T12022] handle_mm_fault+0x3fe/0xad0 [ 449.778219][T12022] __get_user_pages+0x771/0x36f0 [ 449.778277][T12022] ? __pfx___get_user_pages+0x10/0x10 [ 449.778318][T12022] ? __pfx_down_read_killable+0x10/0x10 [ 449.778363][T12022] __gup_longterm_locked+0x20d/0x1850 [ 449.778418][T12022] ? __pfx___gup_longterm_locked+0x10/0x10 [ 449.778467][T12022] ? find_held_lock+0x2b/0x80 [ 449.778507][T12022] ? sanity_check_pinned_pages+0x23/0x11e0 [ 449.778555][T12022] gup_fast_fallback+0x183d/0x2650 [ 449.778621][T12022] ? __pfx_gup_fast_fallback+0x10/0x10 [ 449.778671][T12022] ? __lock_acquire+0xaa4/0x1ba0 [ 449.778738][T12022] pin_user_pages_fast+0xa7/0xf0 [ 449.778784][T12022] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 449.778820][T12022] ? find_held_lock+0x2b/0x80 [ 449.778863][T12022] ? __debug_object_init+0x2de/0x3d0 [ 449.778910][T12022] iov_iter_extract_pages+0x3a2/0x2000 [ 449.778957][T12022] ? __lock_acquire+0xaa4/0x1ba0 [ 449.779010][T12022] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 449.779053][T12022] ? __lock_acquire+0x5ca/0x1ba0 [ 449.779109][T12022] ? do_raw_spin_lock+0x12c/0x2b0 [ 449.779140][T12022] ? find_held_lock+0x2b/0x80 [ 449.779184][T12022] bio_iov_iter_get_pages+0x374/0x10e0 [ 449.779230][T12022] ? find_held_lock+0x2b/0x80 [ 449.779282][T12022] ? __pfx_bio_iov_iter_get_pages+0x10/0x10 [ 449.779328][T12022] ? bio_associate_blkg+0x137/0x2a0 [ 449.779386][T12022] __blkdev_direct_IO_simple+0x358/0x810 [ 449.779420][T12022] ? kernel_text_address+0x8d/0x100 [ 449.779462][T12022] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 449.779530][T12022] ? ktime_get_coarse_real_ts64_mg+0x26c/0x320 [ 449.779579][T12022] ? rcu_is_watching+0x12/0xc0 [ 449.779614][T12022] ? iov_iter_is_aligned+0xf2/0x5a0 [ 449.779646][T12022] ? iov_iter_npages+0xf0/0x5a0 [ 449.779680][T12022] blkdev_direct_IO+0xa97/0x1cc0 [ 449.779733][T12022] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 449.779776][T12022] ? rcu_is_watching+0x12/0xc0 [ 449.779817][T12022] ? filemap_check_errors+0xa9/0x160 [ 449.779870][T12022] blkdev_write_iter+0x702/0xdf0 [ 449.779915][T12022] vfs_write+0x5ba/0x1180 [ 449.779960][T12022] ? __pfx_blkdev_write_iter+0x10/0x10 [ 449.780000][T12022] ? __pfx_vfs_write+0x10/0x10 [ 449.780040][T12022] ? find_held_lock+0x2b/0x80 [ 449.780105][T12022] ksys_write+0x12a/0x240 [ 449.780156][T12022] ? __pfx_ksys_write+0x10/0x10 [ 449.780194][T12022] ? rcu_is_watching+0x12/0xc0 [ 449.780258][T12022] do_syscall_64+0xcd/0x260 [ 449.780308][T12022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.780340][T12022] RIP: 0033:0x7f70a2b8d169 [ 449.780363][T12022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.780393][T12022] RSP: 002b:00007f70a29f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 449.780420][T12022] RAX: ffffffffffffffda RBX: 00007f70a2da5fa0 RCX: 00007f70a2b8d169 [ 449.780440][T12022] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 449.780458][T12022] RBP: 00007f70a29f7090 R08: 0000000000000000 R09: 0000000000000000 [ 449.780475][T12022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 449.780492][T12022] R13: 0000000000000000 R14: 00007f70a2da5fa0 R15: 00007ffedf4b6e38 [ 449.780531][T12022] [ 450.752019][T12025] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1379'. [ 450.805807][T12025] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.930659][T12025] bridge_slave_1 (unregistering): left allmulticast mode [ 450.938556][T12025] bridge_slave_1 (unregistering): left promiscuous mode [ 450.945775][T12025] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.225939][ T30] audit: type=1800 audit(4294967463.895:7): pid=12018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1376" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 451.459207][T12043] FAULT_INJECTION: forcing a failure. [ 451.459207][T12043] name failslab, interval 1, probability 0, space 0, times 0 [ 451.473848][T12043] CPU: 1 UID: 0 PID: 12043 Comm: syz.7.1385 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 451.473889][T12043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 451.473907][T12043] Call Trace: [ 451.473916][T12043] [ 451.473927][T12043] dump_stack_lvl+0x16c/0x1f0 [ 451.473977][T12043] should_fail_ex+0x512/0x640 [ 451.474012][T12043] ? __kvmalloc_node_noprof+0x122/0x600 [ 451.474062][T12043] should_failslab+0xc2/0x120 [ 451.474091][T12043] __kvmalloc_node_noprof+0x135/0x600 [ 451.474138][T12043] ? file_tty_write.constprop.0+0x6ed/0x9b0 [ 451.474196][T12043] ? file_tty_write.constprop.0+0x6ed/0x9b0 [ 451.474245][T12043] file_tty_write.constprop.0+0x6ed/0x9b0 [ 451.474309][T12043] redirected_tty_write+0xd4/0x150 [ 451.474360][T12043] vfs_write+0x5ba/0x1180 [ 451.474404][T12043] ? __pfx_redirected_tty_write+0x10/0x10 [ 451.474459][T12043] ? __pfx_vfs_write+0x10/0x10 [ 451.474498][T12043] ? find_held_lock+0x2b/0x80 [ 451.474565][T12043] ksys_write+0x12a/0x240 [ 451.474607][T12043] ? __pfx_ksys_write+0x10/0x10 [ 451.474659][T12043] ? rcu_is_watching+0x12/0xc0 [ 451.474716][T12043] do_syscall_64+0xcd/0x260 [ 451.474785][T12043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.474835][T12043] RIP: 0033:0x7fe6d0b8d169 [ 451.474859][T12043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.474891][T12043] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 451.474921][T12043] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 451.474942][T12043] RDX: 0000000000000013 RSI: 0000200000000000 RDI: 0000000000000003 [ 451.474962][T12043] RBP: 00007fe6d1a48090 R08: 0000000000000000 R09: 0000000000000000 [ 451.474980][T12043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 451.474998][T12043] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 451.475040][T12043] [ 453.081157][T12074] blktrace: Concurrent blktraces are not allowed on nullb0 [ 453.180953][T12077] FAULT_INJECTION: forcing a failure. [ 453.180953][T12077] name failslab, interval 1, probability 0, space 0, times 0 [ 453.214083][T12077] CPU: 0 UID: 0 PID: 12077 Comm: syz.5.1393 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 453.214126][T12077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 453.214146][T12077] Call Trace: [ 453.214160][T12077] [ 453.214172][T12077] dump_stack_lvl+0x16c/0x1f0 [ 453.214231][T12077] should_fail_ex+0x512/0x640 [ 453.214267][T12077] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 453.214321][T12077] should_failslab+0xc2/0x120 [ 453.214351][T12077] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 453.214401][T12077] ? __kernfs_new_node+0xd2/0x8a0 [ 453.214456][T12077] __kernfs_new_node+0xd2/0x8a0 [ 453.214508][T12077] ? kernfs_add_one+0x14e/0x840 [ 453.214541][T12077] ? __pfx___kernfs_new_node+0x10/0x10 [ 453.214602][T12077] ? find_held_lock+0x2b/0x80 [ 453.214644][T12077] ? kernfs_root+0xee/0x2a0 [ 453.214701][T12077] kernfs_new_node+0x13c/0x1e0 [ 453.214742][T12077] kernfs_create_link+0xcc/0x240 [ 453.214787][T12077] sysfs_do_create_link_sd+0x90/0x140 [ 453.214861][T12077] sysfs_create_link+0x61/0xc0 [ 453.214910][T12077] device_add+0x50a/0x1a70 [ 453.214949][T12077] ? __pfx_device_add+0x10/0x10 [ 453.214983][T12077] ? lockdep_init_map_type+0x5c/0x280 [ 453.215016][T12077] ? __init_waitqueue_head+0xca/0x150 [ 453.215065][T12077] netdev_register_kobject+0x182/0x3a0 [ 453.215121][T12077] register_netdevice+0x13dc/0x2270 [ 453.215177][T12077] ? __pfx_register_netdevice+0x10/0x10 [ 453.215286][T12077] slip_open+0xb86/0x1150 [ 453.215331][T12077] ? __pfx_slip_open+0x10/0x10 [ 453.215364][T12077] ? down_write+0x14d/0x200 [ 453.215397][T12077] ? __pfx_slip_open+0x10/0x10 [ 453.215431][T12077] tty_ldisc_open+0x9c/0x120 [ 453.215476][T12077] tty_set_ldisc+0x32b/0x780 [ 453.215531][T12077] tty_ioctl+0xc42/0x1610 [ 453.215585][T12077] ? __pfx_tty_ioctl+0x10/0x10 [ 453.215650][T12077] ? find_held_lock+0x2b/0x80 [ 453.215691][T12077] ? hook_file_ioctl_common+0x145/0x410 [ 453.215737][T12077] ? __fget_files+0x20e/0x3c0 [ 453.215790][T12077] ? __pfx_tty_ioctl+0x10/0x10 [ 453.215843][T12077] __x64_sys_ioctl+0x190/0x200 [ 453.215886][T12077] do_syscall_64+0xcd/0x260 [ 453.215938][T12077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.215972][T12077] RIP: 0033:0x7f0e9818d169 [ 453.215997][T12077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.216029][T12077] RSP: 002b:00007f0e98f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 453.216058][T12077] RAX: ffffffffffffffda RBX: 00007f0e983a5fa0 RCX: 00007f0e9818d169 [ 453.216080][T12077] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000008 [ 453.216098][T12077] RBP: 00007f0e9820e990 R08: 0000000000000000 R09: 0000000000000000 [ 453.216117][T12077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 453.216136][T12077] R13: 0000000000000000 R14: 00007f0e983a5fa0 R15: 00007ffdcd7073e8 [ 453.216178][T12077] [ 453.589133][T12084] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1394'. [ 453.656223][T12084] vcan0: entered promiscuous mode [ 454.042554][T12090] FAULT_INJECTION: forcing a failure. [ 454.042554][T12090] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 454.074136][T12090] CPU: 0 UID: 0 PID: 12090 Comm: syz.5.1396 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 454.074178][T12090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 454.074197][T12090] Call Trace: [ 454.074206][T12090] [ 454.074217][T12090] dump_stack_lvl+0x16c/0x1f0 [ 454.074266][T12090] should_fail_ex+0x512/0x640 [ 454.074307][T12090] should_fail_alloc_page+0xe7/0x130 [ 454.074339][T12090] prepare_alloc_pages+0x3c2/0x610 [ 454.074376][T12090] ? __memcg_slab_post_alloc_hook+0x4d0/0x940 [ 454.074422][T12090] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 454.074492][T12090] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 454.074542][T12090] ? do_raw_spin_lock+0x12c/0x2b0 [ 454.074578][T12090] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 454.074611][T12090] ? cgroup_rstat_updated+0x2a/0xb20 [ 454.074650][T12090] ? find_held_lock+0x2b/0x80 [ 454.074701][T12090] ? __lock_acquire+0xaa4/0x1ba0 [ 454.074750][T12090] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 454.074785][T12090] ? policy_nodemask+0xea/0x4e0 [ 454.074839][T12090] alloc_pages_mpol+0x1fb/0x550 [ 454.074870][T12090] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 454.074911][T12090] folio_alloc_mpol_noprof+0x36/0x2f0 [ 454.074950][T12090] shmem_alloc_folio+0x135/0x160 [ 454.074993][T12090] shmem_alloc_and_add_folio+0x499/0xc20 [ 454.075069][T12090] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 454.075138][T12090] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 454.075194][T12090] shmem_get_folio_gfp+0x687/0x1530 [ 454.075250][T12090] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 454.075304][T12090] ? filemap_map_pages+0xf6c/0x1680 [ 454.075338][T12090] shmem_fault+0x1fe/0xa30 [ 454.075395][T12090] ? __pfx_shmem_fault+0x10/0x10 [ 454.075460][T12090] ? __pfx_filemap_map_pages+0x10/0x10 [ 454.075503][T12090] __do_fault+0x10a/0x490 [ 454.075535][T12090] do_pte_missing+0x1031/0x3fb0 [ 454.075582][T12090] ? __handle_mm_fault+0x1010/0x2a40 [ 454.075630][T12090] __handle_mm_fault+0x103d/0x2a40 [ 454.075685][T12090] ? __pfx___handle_mm_fault+0x10/0x10 [ 454.075726][T12090] ? __pte_offset_map_lock+0x155/0x2f0 [ 454.075762][T12090] ? find_held_lock+0x2b/0x80 [ 454.075799][T12090] ? find_held_lock+0x2b/0x80 [ 454.075862][T12090] handle_mm_fault+0x3fe/0xad0 [ 454.075912][T12090] __get_user_pages+0x771/0x36f0 [ 454.075967][T12090] ? __pfx___get_user_pages+0x10/0x10 [ 454.076007][T12090] ? __pfx_down_read_killable+0x10/0x10 [ 454.076051][T12090] __gup_longterm_locked+0x20d/0x1850 [ 454.076104][T12090] ? __pfx___gup_longterm_locked+0x10/0x10 [ 454.076150][T12090] ? find_held_lock+0x2b/0x80 [ 454.076188][T12090] ? sanity_check_pinned_pages+0x23/0x11e0 [ 454.076235][T12090] gup_fast_fallback+0x183d/0x2650 [ 454.076299][T12090] ? __pfx_gup_fast_fallback+0x10/0x10 [ 454.076337][T12090] ? __lock_acquire+0xaa4/0x1ba0 [ 454.076398][T12090] ? pcpu_block_update+0x278/0x660 [ 454.076447][T12090] pin_user_pages_fast+0xa7/0xf0 [ 454.076487][T12090] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 454.076524][T12090] ? find_held_lock+0x2b/0x80 [ 454.076564][T12090] ? __debug_object_init+0x2de/0x3d0 [ 454.076613][T12090] iov_iter_extract_pages+0x3a2/0x2000 [ 454.076663][T12090] ? __lock_acquire+0xaa4/0x1ba0 [ 454.076714][T12090] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 454.076761][T12090] ? __lock_acquire+0x5ca/0x1ba0 [ 454.076813][T12090] ? do_raw_spin_lock+0x12c/0x2b0 [ 454.076847][T12090] ? find_held_lock+0x2b/0x80 [ 454.076894][T12090] bio_iov_iter_get_pages+0x374/0x10e0 [ 454.076942][T12090] ? find_held_lock+0x2b/0x80 [ 454.076997][T12090] ? __pfx_bio_iov_iter_get_pages+0x10/0x10 [ 454.077083][T12090] ? bio_associate_blkg+0x137/0x2a0 [ 454.077146][T12090] __blkdev_direct_IO_simple+0x358/0x810 [ 454.077184][T12090] ? kernel_text_address+0x8d/0x100 [ 454.077230][T12090] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 454.077311][T12090] ? ktime_get_coarse_real_ts64_mg+0x26c/0x320 [ 454.077365][T12090] ? rcu_is_watching+0x12/0xc0 [ 454.077409][T12090] ? iov_iter_is_aligned+0xf2/0x5a0 [ 454.077444][T12090] ? iov_iter_npages+0xf0/0x5a0 [ 454.077482][T12090] blkdev_direct_IO+0xa97/0x1cc0 [ 454.077546][T12090] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 454.077585][T12090] ? rcu_is_watching+0x12/0xc0 [ 454.077627][T12090] ? filemap_check_errors+0xa9/0x160 [ 454.077680][T12090] blkdev_write_iter+0x702/0xdf0 [ 454.077727][T12090] vfs_write+0x5ba/0x1180 [ 454.077772][T12090] ? __pfx_blkdev_write_iter+0x10/0x10 [ 454.077817][T12090] ? __pfx_vfs_write+0x10/0x10 [ 454.077856][T12090] ? find_held_lock+0x2b/0x80 [ 454.077921][T12090] ksys_write+0x12a/0x240 [ 454.077964][T12090] ? __pfx_ksys_write+0x10/0x10 [ 454.078007][T12090] ? rcu_is_watching+0x12/0xc0 [ 454.078058][T12090] do_syscall_64+0xcd/0x260 [ 454.078109][T12090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.078142][T12090] RIP: 0033:0x7f0e9818d169 [ 454.078167][T12090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.078197][T12090] RSP: 002b:00007f0e98f17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 454.078226][T12090] RAX: ffffffffffffffda RBX: 00007f0e983a5fa0 RCX: 00007f0e9818d169 [ 454.078246][T12090] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 454.078264][T12090] RBP: 00007f0e98f17090 R08: 0000000000000000 R09: 0000000000000000 [ 454.078295][T12090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 454.078312][T12090] R13: 0000000000000000 R14: 00007f0e983a5fa0 R15: 00007ffdcd7073e8 [ 454.078351][T12090] [ 455.234232][T12102] ima: policy update failed [ 455.260444][ T30] audit: type=1802 audit(4294968490.905:8): pid=12102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1401" res=0 errno=0 [ 455.840251][T12121] netlink: 'syz.7.1406': attribute type 2 has an invalid length. [ 455.915887][T12125] FAULT_INJECTION: forcing a failure. [ 455.915887][T12125] name failslab, interval 1, probability 0, space 0, times 0 [ 455.952952][T12125] CPU: 0 UID: 0 PID: 12125 Comm: syz.8.1407 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 455.952996][T12125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 455.953014][T12125] Call Trace: [ 455.953024][T12125] [ 455.953035][T12125] dump_stack_lvl+0x16c/0x1f0 [ 455.953084][T12125] should_fail_ex+0x512/0x640 [ 455.953126][T12125] should_failslab+0xc2/0x120 [ 455.953155][T12125] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 455.953203][T12125] ? skb_clone+0x190/0x3f0 [ 455.953248][T12125] skb_clone+0x190/0x3f0 [ 455.953291][T12125] netlink_deliver_tap+0xabd/0xd30 [ 455.953347][T12125] netlink_unicast+0x5df/0x7f0 [ 455.953399][T12125] ? __pfx_netlink_unicast+0x10/0x10 [ 455.953443][T12125] ? __lock_acquire+0xaa4/0x1ba0 [ 455.953502][T12125] netlink_sendmsg+0x8d1/0xdd0 [ 455.953556][T12125] ? __pfx_netlink_sendmsg+0x10/0x10 [ 455.953617][T12125] ____sys_sendmsg+0xa95/0xc70 [ 455.953647][T12125] ? copy_msghdr_from_user+0x10a/0x160 [ 455.953686][T12125] ? __pfx_____sys_sendmsg+0x10/0x10 [ 455.953721][T12125] ? kfree+0x252/0x4d0 [ 455.953762][T12125] ? __pfx__kstrtoull+0x10/0x10 [ 455.953817][T12125] ___sys_sendmsg+0x134/0x1d0 [ 455.953860][T12125] ? __pfx____sys_sendmsg+0x10/0x10 [ 455.953939][T12125] ? __pfx___might_resched+0x10/0x10 [ 455.953992][T12125] __sys_sendmmsg+0x200/0x420 [ 455.954038][T12125] ? __pfx___sys_sendmmsg+0x10/0x10 [ 455.954092][T12125] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 455.954151][T12125] ? fput+0x70/0xf0 [ 455.954178][T12125] ? ksys_write+0x1b9/0x240 [ 455.954221][T12125] ? __pfx_ksys_write+0x10/0x10 [ 455.954261][T12125] ? rcu_is_watching+0x12/0xc0 [ 455.954311][T12125] __x64_sys_sendmmsg+0x9c/0x100 [ 455.954352][T12125] ? lockdep_hardirqs_on+0x7c/0x110 [ 455.954394][T12125] do_syscall_64+0xcd/0x260 [ 455.954442][T12125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.954473][T12125] RIP: 0033:0x7f70a2b8d169 [ 455.954495][T12125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.954524][T12125] RSP: 002b:00007f70a29f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 455.954552][T12125] RAX: ffffffffffffffda RBX: 00007f70a2da5fa0 RCX: 00007f70a2b8d169 [ 455.954572][T12125] RDX: 0000000000000103 RSI: 0000200000000080 RDI: 0000000000000003 [ 455.954589][T12125] RBP: 00007f70a29f7090 R08: 0000000000000000 R09: 0000000000000000 [ 455.954607][T12125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 455.954624][T12125] R13: 0000000000000000 R14: 00007f70a2da5fa0 R15: 00007ffedf4b6e38 [ 455.954663][T12125] [ 455.954730][T12125] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1407'. [ 456.269543][T12133] ptrace attach of "./syz-executor exec"[10822] was attempted by "./syz-executor exec"[12133] [ 460.392774][T12193] Process accounting resumed [ 460.717564][T12199] syz.0.1418 (12199): /proc/12195/oom_adj is deprecated, please use /proc/12195/oom_score_adj instead. [ 461.529771][T12212] Invalid ELF header magic: != ELF [ 462.103847][T12218] FAULT_INJECTION: forcing a failure. [ 462.103847][T12218] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 462.142759][T12216] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 462.142759][T12216] The task syz.0.1422 (12216) triggered the difference, watch for misbehavior. [ 462.162387][T12218] CPU: 1 UID: 0 PID: 12218 Comm: syz.5.1423 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 462.162431][T12218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 462.162451][T12218] Call Trace: [ 462.162462][T12218] [ 462.162473][T12218] dump_stack_lvl+0x16c/0x1f0 [ 462.162527][T12218] should_fail_ex+0x512/0x640 [ 462.162570][T12218] should_fail_alloc_page+0xe7/0x130 [ 462.162606][T12218] prepare_alloc_pages+0x3c2/0x610 [ 462.162647][T12218] ? rcu_is_watching+0x12/0xc0 [ 462.162711][T12218] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 462.162781][T12218] ? __lock_acquire+0x5ca/0x1ba0 [ 462.162833][T12218] ? xas_create+0x1d7/0x1460 [ 462.162861][T12218] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 462.162928][T12218] ? __lock_acquire+0x5ca/0x1ba0 [ 462.162974][T12218] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 462.163008][T12218] ? policy_nodemask+0xea/0x4e0 [ 462.163059][T12218] alloc_pages_mpol+0x1fb/0x550 [ 462.163088][T12218] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 462.163119][T12218] ? filemap_get_entry+0x1a7/0x3b0 [ 462.163157][T12218] folio_alloc_noprof+0x20/0x2d0 [ 462.163191][T12218] filemap_alloc_folio_noprof+0x3a1/0x470 [ 462.163237][T12218] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 462.163282][T12218] ? rcu_is_watching+0x12/0xc0 [ 462.163321][T12218] __filemap_get_folio+0x5e9/0xc10 [ 462.163360][T12218] ioctx_alloc+0x761/0x2060 [ 462.163418][T12218] ? __pfx_ioctx_alloc+0x10/0x10 [ 462.163451][T12218] ? __might_fault+0x13b/0x190 [ 462.163504][T12218] __x64_sys_io_setup+0xc9/0x210 [ 462.163549][T12218] do_syscall_64+0xcd/0x260 [ 462.163616][T12218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 462.163647][T12218] RIP: 0033:0x7f0e9818d169 [ 462.163672][T12218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 462.163711][T12218] RSP: 002b:00007f0e98f17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 462.163742][T12218] RAX: ffffffffffffffda RBX: 00007f0e983a5fa0 RCX: 00007f0e9818d169 [ 462.163763][T12218] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 462.163783][T12218] RBP: 00007f0e9820e990 R08: 0000000000000000 R09: 0000000000000000 [ 462.163802][T12218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 462.163821][T12218] R13: 0000000000000000 R14: 00007f0e983a5fa0 R15: 00007ffdcd7073e8 [ 462.163862][T12218] [ 462.405863][ C1] vkms_vblank_simulate: vblank timer overrun [ 462.451017][T12216] snd_aloop snd_aloop.0: control 16781581:65535:6:'x?F/zF˷fC:8 is already present [ 463.005345][T12235] Invalid ELF header magic: != ELF [ 463.186357][T12239] netlink: 130 bytes leftover after parsing attributes in process `syz.5.1429'. [ 464.816785][T12279] HfR: entered promiscuous mode [ 466.402241][T12304] vivid-003: ================= START STATUS ================= [ 466.423241][T12304] vivid-003: Radio HW Seek Mode: Bounded [ 466.457248][T12304] vivid-003: Radio Programmable HW Seek: false [ 466.480363][T12304] vivid-003: RDS Rx I/O Mode: Block I/O [ 466.532407][T12304] vivid-003: Generate RBDS Instead of RDS: false [ 466.539257][T12304] vivid-003: RDS Reception: true [ 466.569987][T12309] input: isc as /devices/virtual/input/input11 [ 466.632988][T12309] FAULT_INJECTION: forcing a failure. [ 466.632988][T12309] name failslab, interval 1, probability 0, space 0, times 0 [ 466.670515][T12304] vivid-003: RDS Program Type: 0 inactive [ 466.712556][T12304] vivid-003: RDS PS Name: inactive [ 466.720356][T12309] CPU: 0 UID: 0 PID: 12309 Comm: syz.7.1449 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 466.720398][T12309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 466.720416][T12309] Call Trace: [ 466.720427][T12309] [ 466.720438][T12309] dump_stack_lvl+0x16c/0x1f0 [ 466.720488][T12309] should_fail_ex+0x512/0x640 [ 466.720523][T12309] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 466.720578][T12309] should_failslab+0xc2/0x120 [ 466.720611][T12309] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 466.720659][T12309] ? __kernfs_new_node+0xd2/0x8a0 [ 466.720712][T12309] __kernfs_new_node+0xd2/0x8a0 [ 466.720763][T12309] ? __pfx___kernfs_new_node+0x10/0x10 [ 466.720822][T12309] ? find_held_lock+0x2b/0x80 [ 466.720860][T12309] ? kernfs_root+0xee/0x2a0 [ 466.720926][T12309] kernfs_new_node+0x13c/0x1e0 [ 466.720964][T12309] __kernfs_create_file+0x53/0x350 [ 466.721024][T12309] sysfs_add_file_mode_ns+0x207/0x3c0 [ 466.721082][T12309] sysfs_merge_group+0x1aa/0x340 [ 466.721124][T12309] ? __pfx_sysfs_merge_group+0x10/0x10 [ 466.721161][T12309] ? __pfx_dev_add_physical_location+0x10/0x10 [ 466.721214][T12309] ? bus_to_subsys+0x12d/0x160 [ 466.721257][T12309] dpm_sysfs_add+0x237/0x280 [ 466.721289][T12309] device_add+0x9a6/0x1a70 [ 466.721326][T12309] ? __pfx_device_add+0x10/0x10 [ 466.721359][T12309] ? __pfx_exact_lock+0x10/0x10 [ 466.721412][T12309] ? kobject_get+0xbb/0x150 [ 466.721466][T12309] cdev_device_add+0xc2/0x1e0 [ 466.721524][T12309] evdev_connect+0x3a4/0x4c0 [ 466.721599][T12309] input_attach_handler.isra.0+0x181/0x260 [ 466.721656][T12309] input_register_device+0xa84/0x1130 [ 466.721715][T12309] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 466.721761][T12309] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 466.721813][T12309] ? find_held_lock+0x2b/0x80 [ 466.721877][T12309] ? __pfx_uinput_ioctl+0x10/0x10 [ 466.721917][T12309] __x64_sys_ioctl+0x190/0x200 [ 466.721961][T12309] do_syscall_64+0xcd/0x260 [ 466.722016][T12309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.722048][T12309] RIP: 0033:0x7fe6d0b8d169 [ 466.722074][T12309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.722114][T12309] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 466.722144][T12309] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 466.722166][T12309] RDX: 0700000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 466.722187][T12309] RBP: 00007fe6d0c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 466.722208][T12309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.722227][T12309] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 466.722271][T12309] [ 466.758586][T12304] vivid-003: RDS Radio Text: inactive [ 467.004695][T12304] vivid-003: RDS Traffic Announcement: false inactive [ 467.011710][T12304] vivid-003: RDS Traffic Program: false inactive [ 467.019279][T12304] vivid-003: RDS Music: false inactive [ 467.025170][T12304] vivid-003: ================== END STATUS ================== [ 467.150851][T12309] input: failed to attach handler evdev to device input11, error: -12 [ 467.356780][T12314] FAULT_INJECTION: forcing a failure. [ 467.356780][T12314] name failslab, interval 1, probability 0, space 0, times 0 [ 467.371169][T12314] CPU: 0 UID: 0 PID: 12314 Comm: syz.7.1450 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 467.371210][T12314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 467.371229][T12314] Call Trace: [ 467.371238][T12314] [ 467.371250][T12314] dump_stack_lvl+0x16c/0x1f0 [ 467.371298][T12314] should_fail_ex+0x512/0x640 [ 467.371331][T12314] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 467.371384][T12314] should_failslab+0xc2/0x120 [ 467.371413][T12314] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 467.371461][T12314] ? __alloc_skb+0x2b2/0x380 [ 467.371504][T12314] __alloc_skb+0x2b2/0x380 [ 467.371560][T12314] ? __pfx___alloc_skb+0x10/0x10 [ 467.371596][T12314] ? ip6_dst_lookup_tail.constprop.0+0x852/0x2140 [ 467.371654][T12314] ? xfrm_lookup_with_ifid+0x8b4/0x1e40 [ 467.371696][T12314] alloc_skb_with_frags+0xe0/0x860 [ 467.371740][T12314] ? __pfx_xfrm_lookup_with_ifid+0x10/0x10 [ 467.371779][T12314] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 467.371836][T12314] sock_alloc_send_pskb+0x7fb/0x990 [ 467.371887][T12314] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 467.371926][T12314] ? ip6_dst_lookup_flow+0x164/0x1d0 [ 467.371975][T12314] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 467.372021][T12314] ? find_held_lock+0x2b/0x80 [ 467.372063][T12314] ? rawv6_sendmsg+0xc33/0x4890 [ 467.372118][T12314] rawv6_sendmsg+0x1c7b/0x4890 [ 467.372165][T12314] ? load_module+0x6d7f/0x8460 [ 467.372222][T12314] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 467.372263][T12314] ? arch_stack_walk+0xa6/0x100 [ 467.372311][T12314] ? __lock_acquire+0x5ca/0x1ba0 [ 467.372367][T12314] ? __lock_acquire+0xaa4/0x1ba0 [ 467.372430][T12314] ? __pfx___might_resched+0x10/0x10 [ 467.372493][T12314] ? __pfx_aa_sk_perm+0x10/0x10 [ 467.372538][T12314] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 467.372583][T12314] ? inet_sendmsg+0x119/0x140 [ 467.372612][T12314] inet_sendmsg+0x119/0x140 [ 467.372645][T12314] sock_write_iter+0x4aa/0x5b0 [ 467.372688][T12314] ? __pfx_sock_write_iter+0x10/0x10 [ 467.372732][T12314] ? bpf_lsm_file_permission+0x9/0x10 [ 467.372782][T12314] ? security_file_permission+0x71/0x210 [ 467.372821][T12314] ? rw_verify_area+0xcf/0x680 [ 467.372860][T12314] vfs_write+0x5ba/0x1180 [ 467.372901][T12314] ? __pfx_sock_write_iter+0x10/0x10 [ 467.372932][T12314] ? __pfx_vfs_write+0x10/0x10 [ 467.372969][T12314] ? find_held_lock+0x2b/0x80 [ 467.373027][T12314] ksys_write+0x205/0x240 [ 467.373066][T12314] ? __pfx_ksys_write+0x10/0x10 [ 467.373110][T12314] ? rcu_is_watching+0x12/0xc0 [ 467.373156][T12314] do_syscall_64+0xcd/0x260 [ 467.373202][T12314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.373231][T12314] RIP: 0033:0x7fe6d0b8d169 [ 467.373252][T12314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.373280][T12314] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 467.373307][T12314] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 467.373327][T12314] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 467.373344][T12314] RBP: 00007fe6d1a48090 R08: 0000000000000000 R09: 0000000000000000 [ 467.373361][T12314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 467.373378][T12314] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 467.373414][T12314] [ 468.712728][T12326] FAULT_INJECTION: forcing a failure. [ 468.712728][T12326] name failslab, interval 1, probability 0, space 0, times 0 [ 468.808668][T12326] CPU: 1 UID: 0 PID: 12326 Comm: syz.7.1453 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 468.808708][T12326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 468.808724][T12326] Call Trace: [ 468.808733][T12326] [ 468.808744][T12326] dump_stack_lvl+0x16c/0x1f0 [ 468.808789][T12326] should_fail_ex+0x512/0x640 [ 468.808820][T12326] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 468.808868][T12326] should_failslab+0xc2/0x120 [ 468.808901][T12326] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 468.808946][T12326] ? copy_sighand+0x43/0x2c0 [ 468.808989][T12326] copy_sighand+0x43/0x2c0 [ 468.809027][T12326] copy_process+0x271a/0x91a0 [ 468.809078][T12326] ? _kstrtoull+0x145/0x200 [ 468.809138][T12326] ? __pfx__kstrtoull+0x10/0x10 [ 468.809202][T12326] ? __pfx_copy_process+0x10/0x10 [ 468.809255][T12326] ? find_held_lock+0x2b/0x80 [ 468.809307][T12326] kernel_clone+0xfc/0x960 [ 468.809351][T12326] ? __pfx_kernel_clone+0x10/0x10 [ 468.809407][T12326] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 468.809454][T12326] ? 0xffffffff81000000 [ 468.809474][T12326] __do_sys_clone+0xce/0x120 [ 468.809515][T12326] ? __pfx___do_sys_clone+0x10/0x10 [ 468.809560][T12326] ? 0xffffffff81000000 [ 468.809591][T12326] ? ksys_write+0x1b9/0x240 [ 468.809630][T12326] ? __pfx_ksys_write+0x10/0x10 [ 468.809667][T12326] ? rcu_is_watching+0x12/0xc0 [ 468.809712][T12326] do_syscall_64+0xcd/0x260 [ 468.809758][T12326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.809788][T12326] RIP: 0033:0x7fe6d0b8d169 [ 468.809809][T12326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.809837][T12326] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 468.809864][T12326] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 468.809889][T12326] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000000021002 [ 468.809907][T12326] RBP: 00007fe6d1a48090 R08: 0000000000000009 R09: 0000000000000000 [ 468.809924][T12326] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000002 [ 468.809942][T12326] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 468.809967][T12326] ? 0xffffffff81000000 [ 468.809998][T12326] [ 469.322549][T12331] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1456'. [ 470.811619][T12369] Invalid ELF header magic: != ELF [ 471.175461][T12376] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1467'. [ 474.069504][T12427] FAULT_INJECTION: forcing a failure. [ 474.069504][T12427] name failslab, interval 1, probability 0, space 0, times 0 [ 474.092221][T12427] CPU: 1 UID: 0 PID: 12427 Comm: syz.5.1477 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 474.092263][T12427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 474.092283][T12427] Call Trace: [ 474.092293][T12427] [ 474.092304][T12427] dump_stack_lvl+0x16c/0x1f0 [ 474.092354][T12427] should_fail_ex+0x512/0x640 [ 474.092389][T12427] ? fs_reclaim_acquire+0xae/0x150 [ 474.092429][T12427] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 474.092470][T12427] should_failslab+0xc2/0x120 [ 474.092500][T12427] __kmalloc_noprof+0xd2/0x510 [ 474.092555][T12427] tomoyo_realpath_from_path+0xc2/0x6e0 [ 474.092602][T12427] ? tomoyo_profile+0x47/0x60 [ 474.092653][T12427] tomoyo_path_number_perm+0x245/0x580 [ 474.092704][T12427] ? tomoyo_path_number_perm+0x237/0x580 [ 474.092743][T12427] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 474.092781][T12427] ? find_held_lock+0x2b/0x80 [ 474.092855][T12427] ? find_held_lock+0x2b/0x80 [ 474.092893][T12427] ? hook_file_ioctl_common+0x145/0x410 [ 474.092935][T12427] ? __fget_files+0x20e/0x3c0 [ 474.092985][T12427] security_file_ioctl+0x9b/0x240 [ 474.093025][T12427] __x64_sys_ioctl+0xb7/0x200 [ 474.093064][T12427] do_syscall_64+0xcd/0x260 [ 474.093112][T12427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.093143][T12427] RIP: 0033:0x7f0e9818d169 [ 474.093166][T12427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 474.093195][T12427] RSP: 002b:00007f0e95fd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 474.093222][T12427] RAX: ffffffffffffffda RBX: 00007f0e983a6160 RCX: 00007f0e9818d169 [ 474.093241][T12427] RDX: 0000000000000007 RSI: 000000004008af23 RDI: 0000000000000002 [ 474.093258][T12427] RBP: 00007f0e95fd5090 R08: 0000000000000000 R09: 0000000000000000 [ 474.093275][T12427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 474.093291][T12427] R13: 0000000000000000 R14: 00007f0e983a6160 R15: 00007ffdcd7073e8 [ 474.093329][T12427] [ 474.093341][T12427] ERROR: Out of memory at tomoyo_realpath_from_path. [ 474.403398][ T5854] Bluetooth: hci7: unexpected subevent 0x01 length: 4 < 18 [ 476.343570][T12444] ima: policy update failed [ 476.349376][ T30] audit: type=1802 audit(4294969543.009:9): pid=12444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.8.1483" res=0 errno=0 [ 477.096620][T12462] FAULT_INJECTION: forcing a failure. [ 477.096620][T12462] name failslab, interval 1, probability 0, space 0, times 0 [ 477.132655][T12462] CPU: 0 UID: 0 PID: 12462 Comm: syz.7.1486 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 477.132699][T12462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 477.132717][T12462] Call Trace: [ 477.132728][T12462] [ 477.132739][T12462] dump_stack_lvl+0x16c/0x1f0 [ 477.132790][T12462] should_fail_ex+0x512/0x640 [ 477.132832][T12462] should_failslab+0xc2/0x120 [ 477.132862][T12462] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 477.132912][T12462] ? skb_clone+0x190/0x3f0 [ 477.132961][T12462] skb_clone+0x190/0x3f0 [ 477.133006][T12462] netlink_deliver_tap+0xabd/0xd30 [ 477.133061][T12462] netlink_unicast+0x5df/0x7f0 [ 477.133111][T12462] ? __pfx_netlink_unicast+0x10/0x10 [ 477.133156][T12462] ? __lock_acquire+0xaa4/0x1ba0 [ 477.133227][T12462] netlink_sendmsg+0x8d1/0xdd0 [ 477.133281][T12462] ? __pfx_netlink_sendmsg+0x10/0x10 [ 477.133346][T12462] ____sys_sendmsg+0xa95/0xc70 [ 477.133378][T12462] ? copy_msghdr_from_user+0x10a/0x160 [ 477.133421][T12462] ? __pfx_____sys_sendmsg+0x10/0x10 [ 477.133472][T12462] ___sys_sendmsg+0x134/0x1d0 [ 477.133522][T12462] ? __pfx____sys_sendmsg+0x10/0x10 [ 477.133617][T12462] __sys_sendmsg+0x16d/0x220 [ 477.133659][T12462] ? __pfx___sys_sendmsg+0x10/0x10 [ 477.133714][T12462] ? rcu_is_watching+0x12/0xc0 [ 477.133766][T12462] do_syscall_64+0xcd/0x260 [ 477.133817][T12462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.133849][T12462] RIP: 0033:0x7fe6d0b8d169 [ 477.133873][T12462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 477.133903][T12462] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 477.133932][T12462] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 477.133952][T12462] RDX: 0000000000040000 RSI: 0000200000000540 RDI: 0000000000000003 [ 477.133970][T12462] RBP: 00007fe6d1a48090 R08: 0000000000000000 R09: 0000000000000000 [ 477.133988][T12462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 477.134006][T12462] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 477.134046][T12462] [ 477.608089][T12470] usb usb37: usbfs: interface 0 claimed by hub while 'syz.8.1490' sets config #9 [ 477.906838][T12479] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 477.913717][T12479] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 478.627386][T12504] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1501'. [ 479.002949][T12514] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1505'. [ 479.542982][ T5854] Bluetooth: hci7: SCO packet for unknown connection handle 0 [ 480.817477][ T5854] Bluetooth: hci6: SCO packet for unknown connection handle 0 [ 481.511375][T12550] ?: entered promiscuous mode [ 483.054295][ T5856] Bluetooth: hci4: command 0x0406 tx timeout [ 485.390051][T12605] netlink: zone id is out of range [ 485.411292][T12605] netlink: zone id is out of range [ 485.426744][T12605] netlink: zone id is out of range [ 485.454685][T12605] netlink: zone id is out of range [ 485.494563][T12605] netlink: zone id is out of range [ 485.499731][T12605] netlink: zone id is out of range [ 485.543451][T12605] netlink: zone id is out of range [ 485.561027][T12605] netlink: zone id is out of range [ 485.582952][T12605] netlink: zone id is out of range [ 485.630917][T12605] netlink: zone id is out of range [ 486.709729][T12623] FAULT_INJECTION: forcing a failure. [ 486.709729][T12623] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 486.751870][T12623] CPU: 1 UID: 0 PID: 12623 Comm: syz.7.1530 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 486.751913][T12623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 486.751931][T12623] Call Trace: [ 486.751942][T12623] [ 486.751953][T12623] dump_stack_lvl+0x16c/0x1f0 [ 486.752005][T12623] should_fail_ex+0x512/0x640 [ 486.752046][T12623] _copy_from_iter+0x477/0x15b0 [ 486.752089][T12623] ? __alloc_skb+0x200/0x380 [ 486.752130][T12623] ? __pfx__copy_from_iter+0x10/0x10 [ 486.752173][T12623] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 486.752231][T12623] netlink_sendmsg+0x829/0xdd0 [ 486.752285][T12623] ? __pfx_netlink_sendmsg+0x10/0x10 [ 486.752347][T12623] ____sys_sendmsg+0xa95/0xc70 [ 486.752378][T12623] ? copy_msghdr_from_user+0x10a/0x160 [ 486.752420][T12623] ? __pfx_____sys_sendmsg+0x10/0x10 [ 486.752469][T12623] ___sys_sendmsg+0x134/0x1d0 [ 486.752514][T12623] ? __pfx____sys_sendmsg+0x10/0x10 [ 486.752602][T12623] __sys_sendmsg+0x16d/0x220 [ 486.752658][T12623] ? __pfx___sys_sendmsg+0x10/0x10 [ 486.752735][T12623] ? rcu_is_watching+0x12/0xc0 [ 486.752780][T12623] do_syscall_64+0xcd/0x260 [ 486.752825][T12623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.752854][T12623] RIP: 0033:0x7fe6d0b8d169 [ 486.752877][T12623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.752904][T12623] RSP: 002b:00007fe6d1a48038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 486.752937][T12623] RAX: ffffffffffffffda RBX: 00007fe6d0da5fa0 RCX: 00007fe6d0b8d169 [ 486.752956][T12623] RDX: 0000000000040010 RSI: 0000200000001b40 RDI: 0000000000000003 [ 486.752974][T12623] RBP: 00007fe6d1a48090 R08: 0000000000000000 R09: 0000000000000000 [ 486.752990][T12623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 486.753007][T12623] R13: 0000000000000000 R14: 00007fe6d0da5fa0 R15: 00007ffd530eebd8 [ 486.753043][T12623] [ 487.333186][T12630] syz.0.1534(12630): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 487.393889][T12633] netlink: 334 bytes leftover after parsing attributes in process `syz.8.1533'. [ 488.837371][T12651] blktrace: Concurrent blktraces are not allowed on loop2 [ 489.451229][T12666] netlink: 338 bytes leftover after parsing attributes in process `syz.7.1540'. [ 490.261603][T12682] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1543'. [ 491.075140][T12703] blktrace: Concurrent blktraces are not allowed on loop2 [ 491.673811][T12724] FAULT_INJECTION: forcing a failure. [ 491.673811][T12724] name failslab, interval 1, probability 0, space 0, times 0 [ 491.720037][T12724] CPU: 1 UID: 0 PID: 12724 Comm: syz.0.1551 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 491.720075][T12724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 491.720090][T12724] Call Trace: [ 491.720099][T12724] [ 491.720108][T12724] dump_stack_lvl+0x16c/0x1f0 [ 491.720154][T12724] should_fail_ex+0x512/0x640 [ 491.720183][T12724] ? fs_reclaim_acquire+0xae/0x150 [ 491.720219][T12724] ? tomoyo_encode2+0x100/0x3e0 [ 491.720253][T12724] should_failslab+0xc2/0x120 [ 491.720279][T12724] __kmalloc_noprof+0xd2/0x510 [ 491.720328][T12724] tomoyo_encode2+0x100/0x3e0 [ 491.720370][T12724] tomoyo_encode+0x29/0x50 [ 491.720406][T12724] tomoyo_realpath_from_path+0x18f/0x6e0 [ 491.720447][T12724] ? tomoyo_profile+0x47/0x60 [ 491.720492][T12724] tomoyo_path_number_perm+0x245/0x580 [ 491.720522][T12724] ? tomoyo_path_number_perm+0x237/0x580 [ 491.720558][T12724] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 491.720593][T12724] ? find_held_lock+0x2b/0x80 [ 491.720658][T12724] ? find_held_lock+0x2b/0x80 [ 491.720690][T12724] ? hook_file_ioctl_common+0x145/0x410 [ 491.720727][T12724] ? __fget_files+0x20e/0x3c0 [ 491.720772][T12724] security_file_ioctl+0x9b/0x240 [ 491.720825][T12724] __x64_sys_ioctl+0xb7/0x200 [ 491.720862][T12724] do_syscall_64+0xcd/0x260 [ 491.720908][T12724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.720947][T12724] RIP: 0033:0x7f688738d169 [ 491.720969][T12724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 491.720996][T12724] RSP: 002b:00007f6888152038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 491.721022][T12724] RAX: ffffffffffffffda RBX: 00007f68875a5fa0 RCX: 00007f688738d169 [ 491.721040][T12724] RDX: 0000200000000040 RSI: 000000004008ae89 RDI: 0000000000000004 [ 491.721056][T12724] RBP: 00007f6888152090 R08: 0000000000000000 R09: 0000000000000000 [ 491.721072][T12724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 491.721088][T12724] R13: 0000000000000000 R14: 00007f68875a5fa0 R15: 00007fff517ef548 [ 491.721123][T12724] [ 491.938700][T12724] ERROR: Out of memory at tomoyo_realpath_from_path. [ 493.296958][ T5854] Bluetooth: hci5: command 0x0406 tx timeout [ 493.716066][T12753] netlink: 334 bytes leftover after parsing attributes in process `syz.7.1556'. [ 494.848279][T12764] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1559'. [ 495.551657][T12777] nfsd: Unknown parameter '^B-' [ 498.361829][T12819] nfsd: Unknown parameter '^B-' [ 502.734635][ T31] INFO: task syz.3.1020:10250 blocked for more than 143 seconds. [ 502.742402][ T31] Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 [ 502.796104][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 502.809895][ T31] task:syz.3.1020 state:D stack:27592 pid:10250 tgid:10242 ppid:5843 task_flags:0x400140 flags:0x00000004 [ 502.885499][ T31] Call Trace: [ 502.888836][ T31] [ 502.891805][ T31] __schedule+0x116f/0x5de0 [ 502.896845][ T31] ? save_trace+0x4e/0x380 [ 502.901340][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 502.906420][ T31] ? __pfx___schedule+0x10/0x10 [ 502.911468][ T31] ? find_held_lock+0x2b/0x80 [ 502.916272][ T31] ? schedule+0x2d7/0x3a0 [ 502.921571][ T31] schedule+0xe7/0x3a0 [ 502.925762][ T31] schedule_preempt_disabled+0x13/0x30 [ 502.931276][ T31] __mutex_lock+0x6c7/0xb90 [ 502.935975][ T31] ? expkey_flush+0x20/0x90 [ 502.940536][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 502.945693][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 502.952004][ T31] ? _raw_spin_unlock+0x28/0x50 [ 502.956961][ T31] ? __pfx_cache_clean+0x10/0x10 [ 502.961924][ T31] ? __pfx___might_resched+0x10/0x10 [ 502.968681][ T31] ? __pfx_expkey_flush+0x10/0x10 [ 502.973776][ T31] ? expkey_flush+0x20/0x90 [ 502.984336][ T31] expkey_flush+0x20/0x90 [ 502.994146][ T31] write_flush.constprop.0+0x2d3/0x3f0 [ 502.999817][ T31] ? __pfx_write_flush.constprop.0+0x10/0x10 [ 503.008200][ T31] ? __pfx_write_flush_procfs+0x10/0x10 [ 503.023995][ T31] proc_reg_write+0x23d/0x330 [ 503.028897][ T31] vfs_write+0x25c/0x1180 [ 503.033290][ T31] ? __pfx_proc_reg_write+0x10/0x10 [ 503.051148][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 503.162086][ T31] ? __pfx_vfs_write+0x10/0x10 [ 503.209848][ T31] ? __fget_files+0x20e/0x3c0 [ 503.215695][ T31] ksys_write+0x12a/0x240 [ 503.222456][ T31] ? __pfx_ksys_write+0x10/0x10 [ 503.227512][ T31] ? rcu_is_watching+0x12/0xc0 [ 503.232377][ T31] do_syscall_64+0xcd/0x260 [ 503.261797][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.296282][ T31] RIP: 0033:0x7f37f1f8d169 [ 503.306005][ T31] RSP: 002b:00007f37efdb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 503.314858][ T31] RAX: ffffffffffffffda RBX: 00007f37f21a6320 RCX: 00007f37f1f8d169 [ 503.322876][ T31] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 000000000000007f [ 503.331598][ T31] RBP: 00007f37f200e990 R08: 0000000000000000 R09: 0000000000000000 [ 503.339859][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 503.348111][ T31] R13: 0000000000000000 R14: 00007f37f21a6320 R15: 00007ffcbc703718 [ 503.356389][ T31] [ 503.360731][ T31] [ 503.360731][ T31] Showing all locks held in the system: [ 503.369429][ T31] 1 lock held by khungtaskd/31: [ 503.374977][ T31] #0: ffffffff8e3c15c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 503.385134][ T31] 2 locks held by kworker/u9:1/5153: [ 503.391805][ T31] #0: ffff888143348148 ((wq_completion)nbd2-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 503.424297][ T31] #1: ffffc9000fc17d18 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 503.471140][ T31] 2 locks held by syz-executor/5842: [ 503.490788][ T31] #0: ffff888051e0e0e0 (&type->s_umount_key#51){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 503.555296][ T31] #1: ffffffff8e7cd328 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 503.640747][ T31] 2 locks held by kworker/u9:3/5849: [ 503.647059][ T31] #0: ffff8880261f8148 ((wq_completion)nbd1-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 503.657941][ T31] #1: ffffc90003f8fd18 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 503.669971][ T31] 2 locks held by kworker/u9:5/5853: [ 503.675345][ T31] #0: ffff888026159948 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 503.686349][ T31] #1: ffffc90003fffd18 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 503.698998][ T31] 4 locks held by kworker/u8:19/8567: [ 503.770737][ T31] #0: ffff88801c2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 503.788689][ T31] #1: ffffc90003187d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 503.803008][ T31] #2: ffffffff90117c10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30 [ 503.822058][ T31] #3: ffffffff9012daa8 (rtnl_mutex){+.+.}-{4:4}, at: netdev_run_todo+0xe33/0x1320 [ 503.882376][ T31] 2 locks held by syz.2.984/10111: [ 503.939679][ T31] #0: ffffffff901cfb50 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 503.948708][ T31] #1: ffffffff8e7cd328 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0 [ 503.959109][ T31] 3 locks held by syz.3.1020/10250: [ 503.964497][ T31] #0: ffff888030d9a638 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 503.974661][ T31] #1: ffff888029364420 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x12a/0x240 [ 503.983843][ T31] #2: ffffffff8e7cd328 (nfsd_mutex){+.+.}-{4:4}, at: expkey_flush+0x20/0x90 [ 503.992970][ T31] 2 locks held by syz.4.1058/10441: [ 503.998320][ T31] #0: ffffffff901cfb50 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 504.007941][ T31] #1: ffffffff8e7cd328 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0 [ 504.019714][ T31] 2 locks held by getty/10654: [ 504.025743][ T31] #0: ffff8880363120a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 504.035991][ T31] #1: ffffc900044b52f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 504.051172][ T31] 3 locks held by syz.7.1587/12873: [ 504.061816][ T31] #0: ffffffff90117c10 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 504.071732][ T31] #1: ffffffff9012daa8 (rtnl_mutex){+.+.}-{4:4}, at: setup_net+0x3f9/0x850 [ 504.088338][ T31] #2: ffffffff8e3ccaf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x280/0x3c0 [ 504.099095][ T31] 1 lock held by syz.5.1588/12874: [ 504.105217][ T31] [ 504.108867][ T31] ============================================= [ 504.108867][ T31] [ 504.119366][ T31] NMI backtrace for cpu 0 [ 504.119385][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 504.119420][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 504.119437][ T31] Call Trace: [ 504.119447][ T31] [ 504.119457][ T31] dump_stack_lvl+0x116/0x1f0 [ 504.119504][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 504.119537][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 504.119581][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 504.119622][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 504.119663][ T31] watchdog+0xf70/0x12c0 [ 504.119702][ T31] ? __pfx_watchdog+0x10/0x10 [ 504.119731][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 504.119777][ T31] ? __kthread_parkme+0x19e/0x250 [ 504.119825][ T31] ? __pfx_watchdog+0x10/0x10 [ 504.119869][ T31] kthread+0x3c2/0x780 [ 504.119899][ T31] ? __pfx_kthread+0x10/0x10 [ 504.119928][ T31] ? __pfx_kthread+0x10/0x10 [ 504.119957][ T31] ? __pfx_kthread+0x10/0x10 [ 504.119986][ T31] ? __pfx_kthread+0x10/0x10 [ 504.120015][ T31] ? rcu_is_watching+0x12/0xc0 [ 504.120054][ T31] ? __pfx_kthread+0x10/0x10 [ 504.120085][ T31] ret_from_fork+0x45/0x80 [ 504.120116][ T31] ? __pfx_kthread+0x10/0x10 [ 504.120146][ T31] ret_from_fork_asm+0x1a/0x30 [ 504.120211][ T31] [ 504.120247][ T31] Sending NMI from CPU 0 to CPUs 1: [ 504.267275][ C1] NMI backtrace for cpu 1 [ 504.267301][ C1] CPU: 1 UID: 0 PID: 3509 Comm: kworker/u8:9 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 504.267330][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 504.267345][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 504.267376][ C1] RIP: 0010:kasan_check_range+0x105/0x1a0 [ 504.267404][ C1] Code: 75 0a b8 01 00 00 00 45 3a 11 7c 0b 44 89 c2 e8 61 ec ff ff 83 f0 01 5b 5d 41 5c c3 cc cc cc cc 48 85 d2 74 4f 48 01 ea eb 09 <48> 83 c0 01 48 39 d0 74 41 80 38 00 74 f2 eb b2 41 bc 08 00 00 00 [ 504.267426][ C1] RSP: 0018:ffffc9000c6a7b68 EFLAGS: 00000246 [ 504.267443][ C1] RAX: ffffed100c8cb405 RBX: ffffed100c8cb412 RCX: ffffffff870e0efd [ 504.267458][ C1] RDX: ffffed100c8cb412 RSI: 000000000000006c RDI: ffff88806465a022 [ 504.267472][ C1] RBP: ffffed100c8cb404 R08: 0000000000000001 R09: ffffed100c8cb411 [ 504.267487][ C1] R10: ffff88806465a08d R11: 24d7fb3a2c18db23 R12: 0000000000000000 [ 504.267501][ C1] R13: ffffffff8c4df8fc R14: dffffc0000000000 R15: 0000000000000022 [ 504.267516][ C1] FS: 0000000000000000(0000) GS:ffff888124ab9000(0000) knlGS:0000000000000000 [ 504.267537][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 504.267552][ C1] CR2: 00007f0e9837a178 CR3: 000000000e182000 CR4: 00000000003526f0 [ 504.267566][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 504.267579][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 504.267592][ C1] Call Trace: [ 504.267599][ C1] [ 504.267608][ C1] __asan_memset+0x23/0x50 [ 504.267636][ C1] nsim_dev_trap_report_work+0x77d/0xcf0 [ 504.267668][ C1] process_one_work+0x9cc/0x1b70 [ 504.267699][ C1] ? __pfx_process_one_work+0x10/0x10 [ 504.267729][ C1] ? assign_work+0x1a0/0x250 [ 504.267753][ C1] worker_thread+0x6c8/0xf10 [ 504.267782][ C1] ? __kthread_parkme+0x19e/0x250 [ 504.267816][ C1] ? __pfx_worker_thread+0x10/0x10 [ 504.267842][ C1] kthread+0x3c2/0x780 [ 504.267863][ C1] ? __pfx_kthread+0x10/0x10 [ 504.267884][ C1] ? __pfx_kthread+0x10/0x10 [ 504.267904][ C1] ? __pfx_kthread+0x10/0x10 [ 504.267925][ C1] ? __pfx_kthread+0x10/0x10 [ 504.267945][ C1] ? rcu_is_watching+0x12/0xc0 [ 504.267974][ C1] ? __pfx_kthread+0x10/0x10 [ 504.267995][ C1] ret_from_fork+0x45/0x80 [ 504.268017][ C1] ? __pfx_kthread+0x10/0x10 [ 504.268039][ C1] ret_from_fork_asm+0x1a/0x30 [ 504.268092][ C1] [ 504.276273][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 504.276298][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) [ 504.276340][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 504.276361][ T31] Call Trace: [ 504.276372][ T31] [ 504.276385][ T31] dump_stack_lvl+0x3d/0x1f0 [ 504.276441][ T31] panic+0x71c/0x800 [ 504.276472][ T31] ? __pfx_panic+0x10/0x10 [ 504.276502][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 504.276544][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 504.276580][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 504.276618][ T31] ? watchdog+0xdda/0x12c0 [ 504.276653][ T31] ? watchdog+0xdcd/0x12c0 [ 504.276692][ T31] watchdog+0xdeb/0x12c0 [ 504.276735][ T31] ? __pfx_watchdog+0x10/0x10 [ 504.276768][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 504.276819][ T31] ? __kthread_parkme+0x19e/0x250 [ 504.276881][ T31] ? __pfx_watchdog+0x10/0x10 [ 504.276915][ T31] kthread+0x3c2/0x780 [ 504.276952][ T31] ? __pfx_kthread+0x10/0x10 [ 504.276997][ T31] ? __pfx_kthread+0x10/0x10 [ 504.277030][ T31] ? __pfx_kthread+0x10/0x10 [ 504.277062][ T31] ? __pfx_kthread+0x10/0x10 [ 504.277094][ T31] ? rcu_is_watching+0x12/0xc0 [ 504.277136][ T31] ? __pfx_kthread+0x10/0x10 [ 504.277170][ T31] ret_from_fork+0x45/0x80 [ 504.277204][ T31] ? __pfx_kthread+0x10/0x10 [ 504.277237][ T31] ret_from_fork_asm+0x1a/0x30 [ 504.277305][ T31] [ 504.657709][ T31] Kernel Offset: disabled [ 504.662040][ T31] Rebooting in 86400 seconds..