last executing test programs: 9.614540594s ago: executing program 2 (id=6226): mmap$auto(0xfffffffffffffffc, 0x2420009, 0x0, 0xeb1, 0xfffffffffffffffa, 0x4) socket(0x10, 0x2, 0x0) open_by_handle_at$auto(0xffffff9c, &(0x7f0000000040)={0x2, 0x2, 'Ll'}, 0x2) socket(0x2b, 0x1, 0x1) getsockopt$auto(0x4, 0x6, 0x15, 0xfffffffffffffffc, 0x0) 9.214661716s ago: executing program 2 (id=6228): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 8.981941863s ago: executing program 2 (id=6229): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer2\x00', 0x20440, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="afa72db57000ffdbdf250e00000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x300}, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r4 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000080)={r4, 0x9, 0x9816}, 0x7f, 0x3) ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x0) getsockopt$auto_SO_RESERVE_MEM(r3, 0x45d9, 0x49, &(0x7f0000000040)='/dev/dvb/adapter0/frontend0\x00', &(0x7f00000000c0)=0xf) 8.526584576s ago: executing program 2 (id=6231): r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x40901, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) r1 = socket(0x2b, 0x1, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) msgsnd$auto(0x4, 0x0, 0x401, 0xffa) socket(0xa, 0x2, 0x73) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) socket(0x18, 0x80802, 0x0) ioctl$auto(0xc8, 0x800454e0, 0xe) r3 = socket(0xa, 0x5, 0x84) sendto$auto(r3, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffe00"}, 0x1c) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x80) sendmsg$auto_NFC_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x8080) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0xc0403d11, 0x0) 7.57097198s ago: executing program 2 (id=6237): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 7.493326084s ago: executing program 2 (id=6238): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0xf42d, 0x100) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D1c\x00', 0x101102, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_WRITEI_FRAMES2(r0, 0x40184150, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x20000000eb1, r1, 0x400000000008000) r2 = io_uring_setup$auto(0x9, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/add_random\x00', 0x1a1842, 0x0) r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000300), r2) sendmsg$auto_NET_SHAPER_CMD_DELETE(r2, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, r3, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [@NET_SHAPER_A_IFINDEX={0x8}, @NET_SHAPER_A_HANDLE={0x24, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x8}, @NET_SHAPER_A_HANDLE_ID={0x8}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x3}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x1}]}, @NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x599}]}, @NET_SHAPER_A_HANDLE={0x14, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1000}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0xaa}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x4004891) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r4, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100261fad76decffa5303000000180002800c000100060000000000000008000200", @ANYRES32=r4, @ANYBLOB="080001"], 0x34}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) ioctl$auto_SNDRV_PCM_IOCTL_READI_FRAMES2(r0, 0x80184151, &(0x7f0000000000)={0x1, &(0x7f0000000100)="bdc997f19932bbd637c4b0aade19fdcfbf41da0b62976dda86ec404874cd7475c5b86fcd0edbf0034e87e764e70f6805103840deb30ab6cf7d2dc42bad175de1aa94cbb187dc6050f3555682be26c9c69f7bc91b0ad91145b98c5c12642330fc0924f5a9939ed362cba308e73ee6a0", 0x3}) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCGPTPEER2(r6, 0x5441, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.987744011s ago: executing program 0 (id=6247): r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/loop3/hctx0/sched_tags\x00', 0x60000, 0x0) pread64$auto(r0, 0x0, 0xf42d, 0x100) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D1c\x00', 0x101102, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_WRITEI_FRAMES2(r1, 0x40184150, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x20000000eb1, r2, 0x400000000008000) r3 = io_uring_setup$auto(0x9, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/add_random\x00', 0x1a1842, 0x0) r4 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000300), r3) sendmsg$auto_NET_SHAPER_CMD_DELETE(r3, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, r4, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [@NET_SHAPER_A_IFINDEX={0x8}, @NET_SHAPER_A_HANDLE={0x24, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x8}, @NET_SHAPER_A_HANDLE_ID={0x8}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x3}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x1}]}, @NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x599}]}, @NET_SHAPER_A_HANDLE={0x14, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1000}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0xaa}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x4004891) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r5, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100261fad76decffa5303000000180002800c000100060000000000000008000200", @ANYRES32=r5, @ANYBLOB="080001"], 0x34}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) ioctl$auto_SNDRV_PCM_IOCTL_READI_FRAMES2(r1, 0x80184151, &(0x7f0000000000)={0x1, &(0x7f0000000100)="bdc997f19932bbd637c4b0aade19fdcfbf41da0b62976dda86ec404874cd7475c5b86fcd0edbf0034e87e764e70f6805103840deb30ab6cf7d2dc42bad175de1aa94cbb187dc6050f3555682be26c9c69f7bc91b0ad91145b98c5c12642330fc0924f5a9939ed362cba308e73ee6a0", 0x3}) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCGPTPEER2(r7, 0x5441, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.871248799s ago: executing program 0 (id=6248): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r0, 0xd, 0x2) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x62a6, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x73) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x2, 0xfffffffe) inotify_init1$auto(0x3000000000000) write$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffffff, 0x0, 0x3f00) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) setgroups$auto(0xe32, 0x0) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) madvise$auto(0x0, 0x200007, 0x19) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0xffffffffffffffff, 0x400008, 0xdf, 0x111, 0x2, 0x3ff) mmap$auto(0x8000, 0x1, 0x7f800001, 0x4000000044eb1, 0x3, 0x200000000000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e23}, 0x67) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000) rseq$auto(0x0, 0x8000, 0x0, 0x6) mmap$auto(0xffffffffffffffff, 0x5, 0x1, 0x8011, 0x3, 0xbd1c) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 4.776452921s ago: executing program 0 (id=6252): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x3, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0x4110, 0x3, 0x600, 0x6}, "66ac0801cefa303f4b917a169eef4c1f9a8fdcc8ecc66fdd10316fb4c0bbc3b82e9b6d2924ad63d5e2bddb6aaf40cddc110d71771552c03de65800", 0xb}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) truncate$auto(&(0x7f00000000c0)='./cgroup\x00', 0x100000000000001) lseek$auto(0xffffffffffffffff, 0x8001, 0x4) unshare$auto(0x40000080) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x4) write$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x408, 0x3, 0x10101, 0x6fb3, 0x8a, 0xffffd387, 0xffffffffffffffff, [0x100, 0x7, 0x7f], {0x2, 0x7, 0x3034, 0xc, 0x8f, 0x5, 0x5, 0xfffffff9, 0x6}, {0x4000, 0x2, 0x0, 0xfffff000, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) socket(0x28, 0x1, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom$auto(0xffffffffffffffff, 0x0, 0xc, 0xb21, 0x0, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf9779d790fb28"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) r2 = socket(0x10, 0x2, 0x4) write$auto(r2, &(0x7f0000000000)='-\x00', 0x2fb) 3.955846305s ago: executing program 0 (id=6253): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) (async) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="20002abd70006a08001f0105000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000044}, 0x20005000) (async) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="20002abd70006a08001f0105000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000044}, 0x20005000) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000b80), 0xffffffffffffffff) (async) r1 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003d80)=ANY=[@ANYBLOB="10290000", @ANYRES16=r1, @ANYBLOB="010029bd7000fcdbdf250300000004000180f82801"], 0x2910}, 0x1, 0x0, 0x0, 0x20000000}, 0x200400d0) (async) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003d80)=ANY=[@ANYBLOB="10290000", @ANYRES16=r1, @ANYBLOB="010029bd7000fcdbdf250300000004000180f82801"], 0x2910}, 0x1, 0x0, 0x0, 0x20000000}, 0x200400d0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{&(0x7f0000000240)="a13bcc70a1af150ff83d005022a88f8a1dc814c417b33e255c58c54944c3b60b346dbd9a5e493eb6781cda0ae5f59ec924250f1ec88a198e48c63a8a53f922e09cbb05212b29b840d7eaa7e3d866cfb51602ddf9c779409ea4382298b112e38153a454c6a2cbfe1f61d7b41bb6e720d2191559145e5019d0c4925056388ed9fcca0e161cd7927d46c57bd7c5c034b7c28e8a36f023d466a1da871a34d45ea5c0c9d8b61cb142d7090faf1981452cd88cfdcce17c59a5bc854218fc332942e32bd089196e851e6136496f81a3ae6c7f413a6367d4", 0x4, &(0x7f00000003c0)={&(0x7f0000000340)="e77ba72782bd103a39bc3b4c3fe7a6b77c3079babe08a12036c7c34ebec20cb18018967b2b89d5da6ce97ae34e029ffb96f213a860f7dc1512716d7ea94e0ca9a31ffba191bbdfeb736c", 0xa00000000000000}, 0x3, &(0x7f0000000400)="cf765bc8e1e2fae13e8a5399c86716dda06f9a6d9e58b863c0f6d9e7873292de05e6aa420ef120cc14bf1bdf937041ca654eda29741b3c5b69db81ac3b7189427aa61efbf96d06245e06009c437809238fef0a3c23de6085a6cf26abe94d46999626eaf502", 0x9}, 0x5}, 0xdd5, 0x245f) mmap$auto(0x0, 0x20006, 0x3, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x23, 0x80805, 0x0) socket(0x1, 0x1, 0x1) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000040), r2) getsockopt$auto(0xffffffffffffffff, 0x0, 0x26, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) semctl$auto_SEM_STAT_ANY(0x8000, 0x2, 0x14, 0x2) sendmsg$auto_HANDSHAKE_CMD_DONE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x400c4}, 0x20040040) setsockopt$auto(0x3, 0x1, 0x3d, 0x0, 0x8) (async) setsockopt$auto(0x3, 0x1, 0x3d, 0x0, 0x8) 2.519277069s ago: executing program 3 (id=6254): r0 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x100000, 0x0) ioctl$auto(r0, 0xfffff369, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) uname$auto(0x0) ioctl$auto(0x3, 0x540a, 0x38) mmap$auto(0x0, 0x440009, 0xdf, 0x9b72, 0x7, 0x28000) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1) socket(0x2a, 0x2, 0x6) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) 1.865100496s ago: executing program 3 (id=6257): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x38a1, 0x8003, 0x26, 0x940, 0x1ffde, 0x3, 0x9, 0x902c, 0x29, 0x400005, 0x3, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, [0x4, 0x2, 0x200000000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0, 0xffff, 0x0, 0xffffffeffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x96f, 0xffffffffffffffff, 0x2, 0x4001, 0x3, 0x0, 0xb544, 0x8, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x3]}, 0xfffff7fffffffffa, 0x81) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) splice$auto(r1, &(0x7f0000000040)=0x40, r1, &(0x7f00000000c0)=0x3, 0x7000000000000000, 0x5) socketcall$auto_SYS_LISTEN(0x4, &(0x7f0000000100)=0x9) socket$nl_generic(0x10, 0x3, 0x10) 1.786240125s ago: executing program 1 (id=6258): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000280)='}[,&*}\x00', 0x0, 0x101, 0x0) statfs$auto(&(0x7f0000000180)='}[,&*}\x00', &(0x7f00000001c0)={0x8, 0x2, 0x9, 0x3, 0x4, 0x7ff, 0x8000000000000001, {[0x6, 0x3]}, 0x9a, 0x7, 0x0, [0x8, 0x9, 0x6269, 0xfffffffffffffffa]}) 1.551181308s ago: executing program 3 (id=6259): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x24, r1, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_SCAN_SUPP_RATES={0x8, 0x7d, 0x0, 0x1, [@typed={0x0, 0xb4, 0x0, 0x0, @binary="6cc3548cbf9c83c131f74b643d9d886de7a8619d6859e1ecfeaa5c0ae8da6e108243c3e343a0e5586cf826283bd922d6d19322975a510e98c3fdb6479f048caefe21f373f0b8af05ed12beb0c19099d48d13e929746bc596ee680b0d9723a70be2a26edf3e66f8ed8585d19ed6c7980d601f145e16bc99c4f188dd2bcf3e5bdd891b47f5e7a53c5de84f7ecc4fd6170a09561fade7cea6682465b432e282786373cccda7a5fdc90048d9d12e2c07fd463e73ea7e4a5aa5974d42842220c521f55aba43e2a13a6a11133aaf0db12d9865bb88686a759cf92a3f463530d1384961018840a63c9bb85fdcdea6cfec1b277254a945b2af6baf46f980320ba7f8965b3b1e95792415b03e3acc19e8a2ac90a0e765b7519b67af234c1bc293ed3101ffa4b031c0dabcf7e75240ce0078209725c7e5b7974f11b4dad5579719bc3846b741691d37729e726309ac4d6aa4c1c4cf24a8d417d0f668e15abaafe46a1a3b39b566bde7cdd9b94483a661178fc2b5fcc4f3f46584c6e6e36fec4ad41b6e40a5bc27f7eb80189cfbe5f976e5aa43a75446897f2a941d13e990c0b8e17eff50bfa760640319c9867041175bf34cbf52eec8af7a047984c1a779e5eae0604ee2b98ed5996f032787eb82ff8a07d5f0d5f7b55ba09689af15dbd7e8bb9678843c223966ffc688341b87f105bdf49b25c219913ad1745fd2ca3abc431feca14bde454336f85fda2ce64c54d95b0453e76f2b100c101c6a14b33debfad94fd67ca60bb9cdad59898d50d85be95659d21e3a1dbd91dc9a1f2af3d55c89106a4a7de9d099d0a5d3134afac99b2ed092f9fa27c088dd3ecddad59c6a37811bc300407e3192783593b454b79ad8a61eed82f28723e216032640aec6b8efe0b14af2fdd2383f87d63805691f52db951486ad3e441238debf513c8fb05ff89b4115e937f1a57539fd70e2432301fb4f707a7217d4ddd3908ad96edf5f74d84c24f217f3cb3591368fb96a7271472c4a83c0a8f85c43d9a333af2b9dec7873602a5a4531cd5e13fd51873cc60dfe2b55b40a6d908f45795914e6952e9d3feda638a077148836e55fe2767228d312148e724cf49e911db92eb543ba7fc3338fd9fc7cca74ddcae654eeb156d425c7779b088b7c6fe26294213722f683b88f1f911a28911c7f3ca5fd381936d78acfb30258fc8672f03e79df83543ec391f449ce3a778b8f5563de1d5662e28b14d7375069be6f90e1669749cad0fa637703b69a3a0c1e83f22cd313d7dee2379619f9bee02a6a8923991df71e264aba44f5a972aed1bef4f5867c551531f0aff3ba0c4506e6d6ae06154e4950cd664b257ebcab34da95ae518943907757b22723e31b3a63b4b5cdf08f28869b137f5155e033761f9f2fe99e186bd08eb3c7c898d172ea45d49ded8513e79327e5a54faf9dbee437330abd5036a6de5c2eaf1b9fde57489a845fc90250e560635cfa33cf4cf7fe6ed29bd75820f2529db96a416a45321ae0d26c9f6c932686eb78616cb0fcaf33318010b8911cc993e8c056110baa95dc85b54d54351077767297ec00114613d3eff94865b83375723f5d802510e5cda5d38d5ffbbb666fef3ac17696c900d2109f403a169c9a3344a3535e4b3cd3ed0cf40d2a59a0afbdb0aef608d50df2a209292ba7545abc6ac3ca32714483e0237905a7cbe6b47d63ba23f0068d1a2a3b2809062755e0988e84dd04211ee5fd24da99b6cd1cd133a047b7b80679e013c3cc8456b187052f17ffbea17d9ea4307648fdccdd73fbd6f62a22cb437828916cb3ff2f0b8e92fa4de4040a29c851abec2f5fa94adf9a23c730b7cb0d0f90772a7c3bb1772bff93867419cece6c7bfb967bbf16caf71b31c32502c95657b9dea65d7426033afe7f90770e273e6e6bdc52643e9f11a0fe0b76dd7a7eeff451f850cd7cfdcad58a1a705aece4c0bf1326d4851fe398d98271612ab5f9dd44589fbfca219d023cc5a1bb5ea191959c5d409bda9c1cb01d7830bc6b6699d717da5b6407348629aa9646adf5c9e5cd92a5c1f5fb06af9e9893d39bed1809f50238cdae5ef190362149939bba1c057c1b64517ba5e6789608bb77e25855d86899229b985fe6b83ac048a447772599ef9c92d9d1a4f6eee0d52123273625095bc1934ea32419bbc0d3fa772b0c5b137a363234d77299d6dd12a4e1449db26b554e470d56200af4579c69deb43f8869f330f2abb18e30f07f68ba271921879820234daf72b61beeff690f860251d8ca91ef282bc8eb321113884de613b85cb377ed0b2ac18997485c61d7a4e9d30b2a9a8ed2a841eb51dcc7cc256f7ad4b6e718900b0b244357bbbbf0f974c3ffe3203a488a8bb99f9c8d3c6fcfec28a6d602fe46980d74cd5bacd5423a41c4a42bbdabe3c16f38eabd82da5ebb0ebc1f8db5e5dfd9b894e4f44e1456cb0846da4b982e05e8067281ec508bf187b882d67b939b451b37621be6218e33a2efbc85acb323a46d10a88c6c1112da6f0654f66d2d6ffc8f34e2facf9e423a918ce6f168974edea1b7c8a8cce4a175515e314ffd62a094616d5ce078c02bbdaa326521a2d4893a4c6ce8efd7d71128cf09256bf78ee3d344b67736e5e2788498d226d8c20537c454c3f77082f962fa3f06b1251d1c42ba8195dfc81a3da0a6839acb17c2867cc899f85a2033e228f7849ed5a09e18392a05fd257c9cc807c65face494a28453938ba286e45921b2d622bc99c6c93978f42630e82ec6a0c73bee5f6336ce15706923eb72b26c6d4cd34db01e3e231ab1fcdb123db4e7875765792b68a9044e74f905ae3db4c88d2896c72d32fcd428dd87a5a7d1931eee8c5193421724671130f986b712fe37963f07635e5b231f84cbfe00d118dc1295bba8211dfc1edb3bc015be842fe9a96e36d50d2d79fefb5e9986ab5015b9390205eb08ed184e54797e05e5dd1243590fc9e7358d8bbbf90b6eacd6e4cbcfa7119759cd17814a04e72b75ac155a6e24c5b799a7bf084ce11ec6ca12f8e8102b43cc5c726b120d38975274ee5807799ef8504487c7387d8218d5c3d6ef1964148a7f92d638de5d0a91492cd6b78c556d1c31c2ee79cd6c2cc3a8a142fe58a2d3598bc15d240e72905a29a020ef1b1a40d92915210117bfea45037c94e4740afbc9ce247836832a69bda984a51cfd8e91af547dd5f3ff1e901cde80042af1946f837e210a8b2c151c0e7067125e476e215a5d5c3dbbe9ed266558c806fa846eab0dd97948280386e1ca678c6d38bbd65fecf376b7dd3d8ad3c11a9acd52682437bec401de5408c5972963818d1ed10109c4f48da48bc394e2f0be9a3d48f8f864e8426bd7f213376e1cb0dbbd7e7037e0b9ec0760220def7874e4bbaa8f102a0c67ff49258eb171e32ffc6882daa1b4f5cdb91ebaa4ba0f6fd92cb4e24b39803acab5fb77ede9db520c53212fbfdff03c25b34f9cfca3d6eced658de24eed7237e5a0c994155190716387fd653a6edb9b3554cac70e492b8ed215aa3500b83658e080acb0ec19da46660e9c75ee04a7ec24c153c24ed72143a3e8ae82ca999a579976b329b988a2a3e4b06a228b0e4bb6225aa0dea451f54f95039797fb8c0d0ee9954cbca0f2b80397cf7bb379adf0dbf8e12729676726a192c7439eaaeda35db6516da11f8741d848ba20480b0730b260548b2e1050dced74b008285fb1eff0961587d0bbb02aa612e944514f46308fa4efa6ca321632bc3a1ab0acd55b82cd9c620d255c40e92a3989a23fda78ba98423d0d779f8caccf7cb6a8b89793dab7fbb9c20bd3f30f88eedf1292f48f929003b1eb8802a8e2e6c0b82906fb8e8702d47f81661d47a8bd186212a33dbc1237ef7f48889d6133ae382e99f54d4b9a1f6892c735da1b82c3e14703033d79562ea9250774e96a9bf21b29e58c8e5219326cb6978ca1ace1b38ccfbf660e2006b6885b642df725b4654c85f3687b2de1a541e3b8c4ed16e15079352387b316cde737feb74ed460dcfe0614635f2883a8b9aa1c595ead92d0e44a176d5f9c397e52b2332761a13e175eb6c8be4a3aa077b430815e165b266deb5edbc3676fcdd34a4ef25243baa9d690fedbf03fd5bdf13d691d37cfceb8f7fc23c688e868abba6fc11219eb62e614aa45d357f5a8feb0785c431b617f6424d632fe44c68a999d9eab885d4ece68d5ff47881c5a8aedf47ad36f89de9b3a17ff969c75a776326f41eedbe0a3740cbf1ca2d30ca2b468c8793738a4d6390e4562aba0b07496014068d8864d6bf0e98b5bf096294f3cbeb421e4a49cf55ec4bda7453d59a46b7e8f3ee6bb52932f7798ce191ab20d548057ec5751f0797e889718ed49eb2ed756c817f90cabc60d19a5b465246b233fe96fad67e4afa467aea6430ca2895263d070cd7afddfa735cfd573cdf99938f9369018c8655de0e943e1fc0f20eb49598656990fd0600268517602eff673bef47ddcbce09aaef33672ac6e5f7a8f69ecc699ea1f90479f36f55a8ac4666533d60b0971c12eb43972a4be5d64651c62fcd9b110cce8722bb15c5298863b26a378798933b4335818fef90fe8e98cd96ca1bb7d98697939bbf4cef6511947484b03f9000ba4fc013ce45d36f9a64513e61b6f000ab645af4463e5ddc2195459480771b83b219a91215eff72793a02281edecf4eb8d3cf2c9f9e40ab7d606f435432f38063be67216fdbd835b1312bbeefca66b8476b9fd98edbb136cf47863f3879727530aac14186e290dc87fb6927a99d961718d36f59980e03a1c26cf12e17a57c02dc8312898053168361438d60a858ffec18732d9254069da92e82038966773b2c987dc7954e1949a1ef37127d26d5c16414bb97e982531370b382c3d9b7ed957f430678eef43107d9a5a131c6026c555ebba5e88f56778a02752523b05703738de1922bffcd521f48b1744aa396714bc3d826067612c2d5890ec3dacbaf2a93f9e6b5a1480773ebca1a18a230b1f6bd69c11ebde76323f9077bccfd3abbe5cbe75d4ed2a72fa987bc10c05d1ae3e1a50f64c47ee9608934ffba02565db30cd24a22275caec8dab63f421ad617ba87a2346f3f9e0b957c9bf5d8843dce735892dff07f0f76139c2114e270f7fbd63ab9da4eb6f72c32706eebcc1d25b9646751b7fcbc7064b75ccbabe700c6959a9534bbe897d5a6b9f8ece59c7cf59ab429b0eb436964a611dc9db696776d3161bd405226a4288ea267befe0713a336bd10446fcbf96a3b5131fa567c550b153d875d62fa40e52023c3067aa79e3b69bf38fc6d272102c9789959861296116d09dd590c9db2f32e671ec82137a8e70998134e08a473d4faad846e43e8885244b775c37d1877fc417ffcce758f807ed506bd002f2af0d3f75a07e2566ce1e960369496dcb446c1fd598cfc20424ce701935d6bd8c3971d97e75a991ce946dcc3fe6e896bb39b6117a296d008598962211ab487add86b40dbf0f2b2949b1d9724e9e2589d96352f54daf97ae32d36c9400347f3f5fbe948188b31e2e826cf45439734b6098bcbe91003f808490b56441ac88d16977a50b84581912d9d16c83ae5651ae1f757e343f282c3136cfd1db7a5aad33370fce7e6af71334345fa703b4cd453285c433b52024a54d3bdc36e8422baba8a39e60dca66743a4668be34fee3c1bf2515e155b457cf16438708151f77e44409f28964474147b1c0b7594a260ede597762c33b5c574dc0f521c5ac610a314df506849165f17386d67317c04780425b1cbcd4137f296fe40a577b8f914063aa22786fe0458f5078"}]}]}, 0x24}}, 0x4000000) (fail_nth: 6) 1.380198923s ago: executing program 1 (id=6260): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x108002, 0x0) epoll_create$auto(0x3e) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) eventfd$auto(0x3) socketpair$auto(0x9, 0x2, 0xb, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x40045431, 0x0) 974.24742ms ago: executing program 0 (id=6261): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0xd, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x101140, 0x0) waitid$auto_P_PIDFD(0x3, r0, &(0x7f0000000040)={@_si_pad}, 0x847b, &(0x7f00000000c0)={{0x6, 0x80000001}, {0xfffffffffffffff3, 0xff}, 0x2, 0x6, 0x10000, 0xe6, 0x5, 0xfffffffffffffff3, 0x880, 0xff, 0x3, 0x4, 0x6, 0x1, 0xd0a6, 0xc3}) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 974.137353ms ago: executing program 3 (id=6262): mmap$auto(0x0, 0xe983, 0xdf, 0xffffffffffffffff, 0x401, 0xc000) r0 = socket(0xa, 0x3, 0x3c) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x88) socketpair$auto(0x1e, 0x1, 0x4, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TCFLSH2(r1, 0x540b, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x28240, 0x0) ioctl$auto(0xffffffffffffffff, 0x5609, r0) 927.481445ms ago: executing program 1 (id=6263): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x3, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0x4110, 0x3, 0x600, 0x6}, "66ac0801cefa303f4b917a169eef4c1f9a8fdcc8ecc66fdd10316fb4c0bbc3b82e9b6d2924ad63d5e2bddb6aaf40cddc110d71771552c03de65800", 0xb}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) truncate$auto(&(0x7f00000000c0)='./cgroup\x00', 0x100000000000001) lseek$auto(0xffffffffffffffff, 0x8001, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x4) write$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x408, 0x3, 0x10101, 0x6fb3, 0x8a, 0xffffd387, 0xffffffffffffffff, [0x100, 0x7, 0x7f], {0x2, 0x7, 0x3034, 0xc, 0x8f, 0x5, 0x5, 0xfffffff9, 0x6}, {0x4000, 0x2, 0x0, 0xfffff000, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) socket(0x28, 0x1, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom$auto(0xffffffffffffffff, 0x0, 0xc, 0xb21, 0x0, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf9779d790fb28"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) r2 = socket(0x10, 0x2, 0x4) write$auto(r2, &(0x7f0000000000)='-\x00', 0x2fb) 837.738298ms ago: executing program 0 (id=6264): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC0\x00', 0x80100, 0x0) r1 = semctl$auto(0x0, 0x6, 0x3, 0x3) prctl$auto_PR_GET_TSC(0x19, 0x780e, r1, 0x9, 0x8) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x3ff) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) unshare$auto(0x40000080) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mbind$auto(0x0, 0x2, 0x2, &(0x7f0000002100)=0x4, 0x7, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0x1d, 0x2, 0x6) io_uring_setup$auto(0x2, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x23, 0x80805, 0x0) socketpair$auto(0x4, 0x1, 0x20000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) 635.141399ms ago: executing program 3 (id=6265): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/card1/pcm0p/sub7/xrun_injection\x00', 0x8f3b7a51b8162d21, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000100), 0x0) write$auto(0x3, 0x0, 0x3f00) 429.62522ms ago: executing program 3 (id=6266): openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/pagemap\x00', 0x400000, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(0x0, 0x2a4c0, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) ioperm$auto(0x7, 0x6, 0x2) sysfs$auto(0x3, 0xffff, 0x0) r1 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000040), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)={0x30, r3, 0xd0d58b333228212f, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_SCAN_FREQUENCIES={0x13, 0x2c, 0x0, 0x1, [@typed={0x8, 0x34, 0x0, 0x0, @pid}, @generic="67a8b510f25add"]}]}, 0x30}, 0x1, 0x0, 0x0, 0x2bdbc9d0405473ae}, 0x4000000) sendmsg$auto_IEEE802154_LLSEC_LIST_KEY(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, r1, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}, @IEEE802154_ATTR_SRC_PAN_ID={0x6}, @IEEE802154_ATTR_ED_LIST={0x1f, 0x16, "3356db5792f93622695c8c4e3c3a09a53119ddbf3bad8061e35fc2"}, @IEEE802154_ATTR_PAN_COORD={0x5, 0x19, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0xff}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004000}, 0x40) r5 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0) ioctl$auto_CEC_RECEIVE(r5, 0xc0386106, 0x0) 360.021954ms ago: executing program 1 (id=6267): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000280)='}[,&*}\x00', &(0x7f00000002c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\x83\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8cU?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xf2S\xf2\xc2pF9a\x0e\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)\x17\xbby\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0Z>\xe1=\xb9\x92\xda\x13\xfe\x00\xfb\xc6\xd8>\x01\xd4\x14\x00'/194, 0x101, 0x0) statfs$auto(0x0, &(0x7f00000001c0)={0x8, 0x2, 0x9, 0x3, 0x4, 0x7ff, 0x8000000000000001, {[0x6, 0x3]}, 0x9a, 0x7, 0x0, [0x8, 0x9, 0x6269, 0xfffffffffffffffa]}) 102.289563ms ago: executing program 1 (id=6268): close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x7, 0xeb1, 0x400, 0x8000) ioctl$auto(0x3, 0x80026f47, 0x38) 0s ago: executing program 1 (id=6269): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x40, 0x0) pread64$auto(r0, &(0x7f0000000000), 0xf, 0x5af) (fail_nth: 2) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                  syzkaller syzkaller login: [ 1892.244275][T31464] netlink: 'syz.3.5930': attribute type 2 has an invalid length. [ 1892.792507][T31459] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1892.800355][T31459] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1892.826139][T31459] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1892.874406][T31459] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1894.852488][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 1894.852802][T31345] Bluetooth: hci2: command 0x0406 tx timeout [ 1894.861394][ T5833] Bluetooth: hci4: command 0x0406 tx timeout [ 1894.942310][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 1895.127052][T31512] FAULT_INJECTION: forcing a failure. [ 1895.127052][T31512] name failslab, interval 1, probability 0, space 0, times 0 [ 1895.142369][T31512] CPU: 0 UID: 0 PID: 31512 Comm: syz.0.5943 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1895.142400][T31512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1895.142415][T31512] Call Trace: [ 1895.142422][T31512] [ 1895.142431][T31512] dump_stack_lvl+0x16c/0x1f0 [ 1895.142467][T31512] should_fail_ex+0x50a/0x650 [ 1895.142501][T31512] ? fs_reclaim_acquire+0xae/0x150 [ 1895.142534][T31512] should_failslab+0xc2/0x120 [ 1895.142558][T31512] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 1895.142600][T31512] ? __pmd_alloc+0xc3/0x870 [ 1895.142635][T31512] __pmd_alloc+0xc3/0x870 [ 1895.142668][T31512] move_page_tables+0x2a11/0x3bd0 [ 1895.142709][T31512] ? __pfx_move_page_tables+0x10/0x10 [ 1895.142734][T31512] ? move_vma+0x5c7/0x1c60 [ 1895.142772][T31512] ? up_write+0x1b2/0x520 [ 1895.142808][T31512] move_vma+0x67b/0x1c60 [ 1895.142842][T31512] ? __pfx_move_vma+0x10/0x10 [ 1895.142863][T31512] ? mtree_load+0x230/0xa40 [ 1895.142897][T31512] ? mm_get_unmapped_area+0x95/0xe0 [ 1895.142932][T31512] ? may_expand_vm+0xe8/0x430 [ 1895.142962][T31512] ? cap_mmap_addr+0x4b/0x120 [ 1895.142985][T31512] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1895.143018][T31512] ? security_mmap_addr+0x6c/0x1e0 [ 1895.143053][T31512] __do_sys_mremap+0x1007/0x1630 [ 1895.143088][T31512] ? __pfx___do_sys_mremap+0x10/0x10 [ 1895.143114][T31512] ? kvm_sched_clock_read+0x11/0x20 [ 1895.143140][T31512] ? sched_clock+0x38/0x60 [ 1895.143167][T31512] ? sched_clock_cpu+0x6d/0x4d0 [ 1895.143203][T31512] ? __pfx_sched_clock_cpu+0x10/0x10 [ 1895.143233][T31512] ? __pfx___rdmsr_safe_on_cpu+0x10/0x10 [ 1895.143262][T31512] ? rcu_is_watching+0x12/0xc0 [ 1895.143287][T31512] ? trace_csd_function_exit+0x17f/0x1f0 [ 1895.143332][T31512] do_syscall_64+0xcd/0x250 [ 1895.143365][T31512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1895.143397][T31512] RIP: 0033:0x7fdf44b8d169 [ 1895.143418][T31512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1895.143440][T31512] RSP: 002b:00007fdf45967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1895.143463][T31512] RAX: ffffffffffffffda RBX: 00007fdf44da6080 RCX: 00007fdf44b8d169 [ 1895.143480][T31512] RDX: 0000000000013fd4 RSI: 00000000000000b8 RDI: 0000000000004000 [ 1895.143495][T31512] RBP: 00007fdf45967090 R08: 00000000fffff000 R09: 0000000000000000 [ 1895.143510][T31512] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1895.143524][T31512] R13: 0000000000000001 R14: 00007fdf44da6080 R15: 00007ffd92db1a28 [ 1895.143556][T31512] [ 1896.110352][T31523] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1896.624656][T31523] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1896.631342][T31523] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1896.807855][T31523] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1897.029639][T31544] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input22 [ 1897.299215][T31551] vivid-003: ================= START STATUS ================= [ 1897.322260][T31551] vivid-003: Radio HW Seek Mode: Bounded [ 1897.341071][T31551] vivid-003: Radio Programmable HW Seek: false [ 1897.368104][T31551] vivid-003: RDS Rx I/O Mode: Block I/O [ 1897.402422][T31551] vivid-003: Generate RBDS Instead of RDS: false [ 1897.418956][T31551] vivid-003: RDS Reception: true [ 1897.435838][T31551] vivid-003: RDS Program Type: 0 inactive [ 1897.444877][T31551] vivid-003: RDS PS Name: inactive [ 1897.450955][T31551] vivid-003: RDS Radio Text: inactive [ 1897.463620][T31551] vivid-003: RDS Traffic Announcement: false inactive [ 1897.471332][T31551] vivid-003: RDS Traffic Program: false inactive [ 1897.478973][T31551] vivid-003: RDS Music: false inactive [ 1897.485587][T31551] vivid-003: ================== END STATUS ================== [ 1897.977095][T31566] FAULT_INJECTION: forcing a failure. [ 1897.977095][T31566] name failslab, interval 1, probability 0, space 0, times 0 [ 1898.011349][T31566] CPU: 1 UID: 0 PID: 31566 Comm: syz.3.5954 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1898.011385][T31566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1898.011401][T31566] Call Trace: [ 1898.011409][T31566] [ 1898.011423][T31566] dump_stack_lvl+0x16c/0x1f0 [ 1898.011462][T31566] should_fail_ex+0x50a/0x650 [ 1898.011500][T31566] ? fs_reclaim_acquire+0xae/0x150 [ 1898.011533][T31566] should_failslab+0xc2/0x120 [ 1898.011558][T31566] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 1898.011594][T31566] ? __kernfs_new_node+0xd3/0x890 [ 1898.011631][T31566] __kernfs_new_node+0xd3/0x890 [ 1898.011669][T31566] ? __pfx___kernfs_new_node+0x10/0x10 [ 1898.011699][T31566] ? __pfx_lock_release+0x10/0x10 [ 1898.011732][T31566] ? kernfs_add_one+0x39d/0x520 [ 1898.011777][T31566] ? up_write+0x1b2/0x520 [ 1898.011815][T31566] kernfs_new_node+0x186/0x240 [ 1898.011856][T31566] __kernfs_create_file+0x53/0x350 [ 1898.011884][T31566] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 1898.011919][T31566] internal_create_group+0x56c/0xf10 [ 1898.011962][T31566] ? __pfx_internal_create_group+0x10/0x10 [ 1898.012010][T31566] ? kernfs_create_link+0x1bd/0x240 [ 1898.012046][T31566] internal_create_groups+0x9d/0x150 [ 1898.012092][T31566] device_add+0x6d3/0x1a70 [ 1898.012135][T31566] ? __pfx_device_add+0x10/0x10 [ 1898.012181][T31566] ? __init_waitqueue_head+0xca/0x150 [ 1898.012222][T31566] netdev_register_kobject+0x183/0x3a0 [ 1898.012270][T31566] register_netdevice+0x147b/0x1eb0 [ 1898.012323][T31566] ? idr_alloc+0xde/0x130 [ 1898.012356][T31566] ? __pfx_register_netdevice+0x10/0x10 [ 1898.012409][T31566] ppp_dev_configure+0x99e/0xc80 [ 1898.012453][T31566] ppp_ioctl+0x17eb/0x2590 [ 1898.012484][T31566] ? __pfx_lock_release+0x10/0x10 [ 1898.012520][T31566] ? trace_lock_acquire+0x14e/0x1f0 [ 1898.012554][T31566] ? __pfx_ppp_ioctl+0x10/0x10 [ 1898.012593][T31566] ? __fget_files+0x206/0x3a0 [ 1898.012639][T31566] ? __pfx_ppp_ioctl+0x10/0x10 [ 1898.012673][T31566] __x64_sys_ioctl+0x190/0x200 [ 1898.012711][T31566] do_syscall_64+0xcd/0x250 [ 1898.012752][T31566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1898.012793][T31566] RIP: 0033:0x7efda1d8d169 [ 1898.012816][T31566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1898.012845][T31566] RSP: 002b:00007efda2c21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1898.012871][T31566] RAX: ffffffffffffffda RBX: 00007efda1fa6080 RCX: 00007efda1d8d169 [ 1898.012890][T31566] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 000000000000000a [ 1898.012907][T31566] RBP: 00007efda1e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1898.012924][T31566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1898.012941][T31566] R13: 0000000000000000 R14: 00007efda1fa6080 R15: 00007ffcf0fe87a8 [ 1898.012977][T31566] [ 1898.632173][ T5833] Bluetooth: hci4: command 0x0406 tx timeout [ 1898.702203][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 1898.702216][T31507] Bluetooth: hci2: command 0x0406 tx timeout [ 1898.734250][T31573] size and base must be multiples of 4 kiB [ 1898.802806][T31573] CPU: 1 UID: 0 PID: 31573 Comm: syz.2.5957 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1898.802843][T31573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1898.802858][T31573] Call Trace: [ 1898.802866][T31573] [ 1898.802876][T31573] dump_stack_lvl+0x16c/0x1f0 [ 1898.802914][T31573] mtrr_add+0xdf/0x110 [ 1898.802963][T31573] mtrr_ioctl+0x7f1/0xcf0 [ 1898.802998][T31573] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1898.803033][T31573] ? __pfx_lock_release+0x10/0x10 [ 1898.803079][T31573] ? __fget_files+0x206/0x3a0 [ 1898.803114][T31573] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1898.803144][T31573] proc_reg_unlocked_ioctl+0x226/0x320 [ 1898.803178][T31573] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1898.803216][T31573] __x64_sys_ioctl+0x190/0x200 [ 1898.803247][T31573] do_syscall_64+0xcd/0x250 [ 1898.803281][T31573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1898.803313][T31573] RIP: 0033:0x7f9d1738d169 [ 1898.803331][T31573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1898.803354][T31573] RSP: 002b:00007f9d1823b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1898.803377][T31573] RAX: ffffffffffffffda RBX: 00007f9d175a6080 RCX: 00007f9d1738d169 [ 1898.803393][T31573] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1898.803408][T31573] RBP: 00007f9d1740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1898.803423][T31573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1898.803438][T31573] R13: 0000000000000000 R14: 00007f9d175a6080 R15: 00007ffefca7de48 [ 1898.803468][T31573] [ 1898.989838][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 1899.843609][T31584] FAULT_INJECTION: forcing a failure. [ 1899.843609][T31584] name failslab, interval 1, probability 0, space 0, times 0 [ 1899.858370][T31584] CPU: 1 UID: 0 PID: 31584 Comm: syz.1.5960 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1899.858404][T31584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1899.858423][T31584] Call Trace: [ 1899.858431][T31584] [ 1899.858445][T31584] dump_stack_lvl+0x16c/0x1f0 [ 1899.858483][T31584] should_fail_ex+0x50a/0x650 [ 1899.858520][T31584] ? fs_reclaim_acquire+0xae/0x150 [ 1899.858554][T31584] ? constrain_params_by_rules+0x176/0xca0 [ 1899.858582][T31584] should_failslab+0xc2/0x120 [ 1899.858607][T31584] __kmalloc_noprof+0xcb/0x510 [ 1899.858641][T31584] ? mark_lock+0xb5/0xc60 [ 1899.858680][T31584] constrain_params_by_rules+0x176/0xca0 [ 1899.858713][T31584] ? __pfx___lock_acquire+0x10/0x10 [ 1899.858752][T31584] ? stack_trace_save+0x95/0xd0 [ 1899.858786][T31584] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1899.858815][T31584] ? lock_acquire.part.0+0x11b/0x380 [ 1899.858868][T31584] ? hlock_class+0x4e/0x130 [ 1899.858894][T31584] ? mark_lock+0xb5/0xc60 [ 1899.858925][T31584] ? snd_interval_refine+0x2fa/0x580 [ 1899.858965][T31584] snd_pcm_hw_refine+0x7e8/0xad0 [ 1899.858999][T31584] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1899.859033][T31584] ? __pfx_lock_release+0x10/0x10 [ 1899.859070][T31584] ? mark_held_locks+0x9f/0xe0 [ 1899.859117][T31584] snd_pcm_hw_params+0x3e6/0x1b20 [ 1899.859152][T31584] ? snd_pcm_hw_param_first+0x301/0x6e0 [ 1899.859178][T31584] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 1899.859211][T31584] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 1899.859244][T31584] ? snd_pcm_hw_param_near.constprop.0+0x743/0x8f0 [ 1899.859279][T31584] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1899.859316][T31584] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 1899.859352][T31584] snd_pcm_oss_change_params_locked+0x1406/0x3a60 [ 1899.859394][T31584] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1899.859423][T31584] ? __pfx___mutex_lock+0x10/0x10 [ 1899.859479][T31584] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1899.859511][T31584] snd_pcm_oss_sync+0x1d7/0x7f0 [ 1899.859544][T31584] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1899.859574][T31584] snd_pcm_oss_release+0x28b/0x310 [ 1899.859604][T31584] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1899.859632][T31584] __fput+0x3ff/0xb70 [ 1899.859666][T31584] task_work_run+0x14e/0x250 [ 1899.859699][T31584] ? __pfx_task_work_run+0x10/0x10 [ 1899.859731][T31584] ? __pfx___do_sys_close_range+0x10/0x10 [ 1899.859777][T31584] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1899.859811][T31584] do_syscall_64+0xda/0x250 [ 1899.859845][T31584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1899.859878][T31584] RIP: 0033:0x7fe96858d169 [ 1899.859898][T31584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1899.859922][T31584] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1899.859946][T31584] RAX: 0000000000000000 RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1899.859963][T31584] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1899.859978][T31584] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1899.859994][T31584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1899.860010][T31584] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1899.860045][T31584] [ 1900.607375][T31593] vivid-003: ================= START STATUS ================= [ 1900.616138][T31593] vivid-003: Radio HW Seek Mode: Bounded [ 1900.626522][T31593] vivid-003: Radio Programmable HW Seek: false [ 1900.649386][T31593] vivid-003: RDS Rx I/O Mode: Block I/O [ 1900.659032][T31593] vivid-003: Generate RBDS Instead of RDS: false [ 1900.677945][T31593] vivid-003: RDS Reception: true [ 1900.686475][T31593] vivid-003: RDS Program Type: 0 inactive [ 1900.695492][T31593] vivid-003: RDS PS Name: inactive [ 1900.701449][T31593] vivid-003: RDS Radio Text: inactive [ 1900.708089][T31593] vivid-003: RDS Traffic Announcement: false inactive [ 1900.716076][T31593] vivid-003: RDS Traffic Program: false inactive [ 1900.723668][T31593] vivid-003: RDS Music: false inactive [ 1900.729955][T31593] vivid-003: ================== END STATUS ================== [ 1901.531149][T31615] netlink: 'syz.1.5968': attribute type 2 has an invalid length. [ 1902.035957][T31634] FAULT_INJECTION: forcing a failure. [ 1902.035957][T31634] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1902.050573][T31634] CPU: 0 UID: 0 PID: 31634 Comm: syz.0.5975 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1902.050603][T31634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1902.050616][T31634] Call Trace: [ 1902.050624][T31634] [ 1902.050633][T31634] dump_stack_lvl+0x16c/0x1f0 [ 1902.050668][T31634] should_fail_ex+0x50a/0x650 [ 1902.050708][T31634] _copy_from_user+0x2e/0xd0 [ 1902.050734][T31634] copy_msghdr_from_user+0x99/0x160 [ 1902.050767][T31634] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1902.050797][T31634] ? __lock_acquire+0xcc5/0x3c40 [ 1902.050831][T31634] ? hlock_class+0x4e/0x130 [ 1902.050855][T31634] ? __lock_acquire+0x15a9/0x3c40 [ 1902.050900][T31634] ___sys_sendmsg+0xff/0x1e0 [ 1902.050935][T31634] ? __pfx____sys_sendmsg+0x10/0x10 [ 1902.050965][T31634] ? __pfx___lock_acquire+0x10/0x10 [ 1902.051025][T31634] ? __pfx___might_resched+0x10/0x10 [ 1902.051058][T31634] ? __might_fault+0xe3/0x190 [ 1902.051088][T31634] __sys_sendmmsg+0x201/0x420 [ 1902.051124][T31634] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1902.051167][T31634] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1902.051211][T31634] ? fput+0x67/0x440 [ 1902.051235][T31634] ? ksys_write+0x1ba/0x250 [ 1902.051265][T31634] ? __pfx_ksys_write+0x10/0x10 [ 1902.051301][T31634] __x64_sys_sendmmsg+0x9c/0x100 [ 1902.051333][T31634] ? lockdep_hardirqs_on+0x7c/0x110 [ 1902.051361][T31634] do_syscall_64+0xcd/0x250 [ 1902.051393][T31634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1902.051424][T31634] RIP: 0033:0x7fdf44b8d169 [ 1902.051443][T31634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1902.051466][T31634] RSP: 002b:00007fdf45967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1902.051489][T31634] RAX: ffffffffffffffda RBX: 00007fdf44da6080 RCX: 00007fdf44b8d169 [ 1902.051505][T31634] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1902.051519][T31634] RBP: 00007fdf45967090 R08: 0000000000000000 R09: 0000000000000000 [ 1902.051534][T31634] R10: 0000000000000a00 R11: 0000000000000246 R12: 0000000000000001 [ 1902.051548][T31634] R13: 0000000000000000 R14: 00007fdf44da6080 R15: 00007ffd92db1a28 [ 1902.051579][T31634] [ 1902.335547][T31637] FAULT_INJECTION: forcing a failure. [ 1902.335547][T31637] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1902.351660][T31637] CPU: 0 UID: 0 PID: 31637 Comm: syz.2.5977 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1902.351690][T31637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1902.351704][T31637] Call Trace: [ 1902.351712][T31637] [ 1902.351721][T31637] dump_stack_lvl+0x16c/0x1f0 [ 1902.351757][T31637] should_fail_ex+0x50a/0x650 [ 1902.351797][T31637] _copy_to_user+0x32/0xd0 [ 1902.351826][T31637] simple_read_from_buffer+0xd0/0x160 [ 1902.351865][T31637] proc_fail_nth_read+0x198/0x270 [ 1902.351895][T31637] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1902.351926][T31637] ? rw_verify_area+0xcf/0x680 [ 1902.351954][T31637] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1902.351983][T31637] vfs_read+0x1df/0xbf0 [ 1902.352014][T31637] ? __fget_files+0x1fc/0x3a0 [ 1902.352046][T31637] ? __pfx___mutex_lock+0x10/0x10 [ 1902.352079][T31637] ? __pfx_vfs_read+0x10/0x10 [ 1902.352117][T31637] ? __fget_files+0x206/0x3a0 [ 1902.352160][T31637] ksys_read+0x12b/0x250 [ 1902.352189][T31637] ? __pfx_ksys_read+0x10/0x10 [ 1902.352230][T31637] do_syscall_64+0xcd/0x250 [ 1902.352264][T31637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1902.352296][T31637] RIP: 0033:0x7f9d1738bb7c [ 1902.352315][T31637] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1902.352337][T31637] RSP: 002b:00007f9d1825c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1902.352359][T31637] RAX: ffffffffffffffda RBX: 00007f9d175a5fa0 RCX: 00007f9d1738bb7c [ 1902.352376][T31637] RDX: 000000000000000f RSI: 00007f9d1825c0a0 RDI: 000000000000000f [ 1902.352390][T31637] RBP: 00007f9d1825c090 R08: 0000000000000000 R09: 0000000000000000 [ 1902.352405][T31637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1902.352419][T31637] R13: 0000000000000000 R14: 00007f9d175a5fa0 R15: 00007ffefca7de48 [ 1902.352452][T31637] syzkaller syzkaller login: [ 1905.265094][T31697] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5995'. [ 1905.333117][T31708] size and base must be multiples of 4 kiB [ 1905.339671][T31708] CPU: 0 UID: 0 PID: 31708 Comm: syz.1.5997 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1905.339705][T31708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1905.339720][T31708] Call Trace: [ 1905.339728][T31708] [ 1905.339738][T31708] dump_stack_lvl+0x16c/0x1f0 [ 1905.339777][T31708] mtrr_add+0xdf/0x110 [ 1905.339810][T31708] mtrr_ioctl+0x7f1/0xcf0 [ 1905.339841][T31708] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1905.339875][T31708] ? __pfx_lock_release+0x10/0x10 [ 1905.339921][T31708] ? __fget_files+0x206/0x3a0 [ 1905.339956][T31708] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1905.339986][T31708] proc_reg_unlocked_ioctl+0x226/0x320 [ 1905.340021][T31708] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1905.340059][T31708] __x64_sys_ioctl+0x190/0x200 [ 1905.340090][T31708] do_syscall_64+0xcd/0x250 [ 1905.340125][T31708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1905.340159][T31708] RIP: 0033:0x7fe96858d169 [ 1905.340178][T31708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1905.340203][T31708] RSP: 002b:00007fe9693e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1905.340227][T31708] RAX: ffffffffffffffda RBX: 00007fe9687a6080 RCX: 00007fe96858d169 [ 1905.340244][T31708] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1905.340259][T31708] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1905.340274][T31708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1905.340289][T31708] R13: 0000000000000000 R14: 00007fe9687a6080 R15: 00007ffde82ceab8 [ 1905.340319][T31708] [ 1905.610286][T31712] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input23 [ 1905.957330][T31726] FAULT_INJECTION: forcing a failure. [ 1905.957330][T31726] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1905.978119][T31726] CPU: 0 UID: 0 PID: 31726 Comm: syz.1.6002 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1905.978159][T31726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1905.978174][T31726] Call Trace: [ 1905.978183][T31726] [ 1905.978194][T31726] dump_stack_lvl+0x16c/0x1f0 [ 1905.978232][T31726] should_fail_ex+0x50a/0x650 [ 1905.978275][T31726] ? __pfx___might_resched+0x10/0x10 [ 1905.978317][T31726] should_fail_alloc_page+0xe7/0x130 [ 1905.978344][T31726] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 1905.978382][T31726] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 1905.978431][T31726] ? __pfx___lock_acquire+0x10/0x10 [ 1905.978464][T31726] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1905.978500][T31726] ? __pfx___lock_acquire+0x10/0x10 [ 1905.978545][T31726] ? xa_load+0x14a/0x2c0 [ 1905.978576][T31726] ? __pfx_lock_release+0x10/0x10 [ 1905.978608][T31726] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1905.978646][T31726] ? policy_nodemask+0xea/0x4e0 [ 1905.978685][T31726] alloc_pages_mpol+0x1fc/0x540 [ 1905.978710][T31726] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1905.978742][T31726] alloc_pages_noprof+0x131/0x390 [ 1905.978767][T31726] brd_insert_page+0x59/0x120 [ 1905.978799][T31726] brd_submit_bio+0x36e/0xe60 [ 1905.978840][T31726] __submit_bio+0x302/0x690 [ 1905.978868][T31726] ? __pfx___submit_bio+0x10/0x10 [ 1905.978895][T31726] ? trace_lock_acquire+0x14e/0x1f0 [ 1905.978921][T31726] ? trace_lock_acquire+0x14e/0x1f0 [ 1905.978962][T31726] ? submit_bio_noacct_nocheck+0x892/0xd70 [ 1905.978990][T31726] submit_bio_noacct_nocheck+0x892/0xd70 [ 1905.979022][T31726] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 1905.979055][T31726] ? __pfx___might_resched+0x10/0x10 [ 1905.979089][T31726] ? __pfx_bio_iov_iter_get_pages+0x10/0x10 [ 1905.979133][T31726] submit_bio_noacct+0x50d/0x1ec0 [ 1905.979168][T31726] blkdev_direct_IO+0x1362/0x1c50 [ 1905.979214][T31726] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 1905.979268][T31726] blkdev_write_iter+0x6f9/0xdd0 [ 1905.979306][T31726] vfs_write+0x5ae/0x1150 [ 1905.979340][T31726] ? __pfx_blkdev_write_iter+0x10/0x10 [ 1905.979376][T31726] ? __pfx_vfs_write+0x10/0x10 [ 1905.979405][T31726] ? do_futex+0x123/0x350 [ 1905.979435][T31726] ? __fget_files+0x40/0x3a0 [ 1905.979484][T31726] ksys_write+0x12b/0x250 [ 1905.979515][T31726] ? __pfx_ksys_write+0x10/0x10 [ 1905.979555][T31726] do_syscall_64+0xcd/0x250 [ 1905.979590][T31726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1905.979624][T31726] RIP: 0033:0x7fe96858d169 [ 1905.979644][T31726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1905.979668][T31726] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1905.979693][T31726] RAX: ffffffffffffffda RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1905.979711][T31726] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1905.979727][T31726] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1905.979743][T31726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1905.979757][T31726] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1905.979788][T31726] [ 1907.357713][T31747] FAULT_INJECTION: forcing a failure. [ 1907.357713][T31747] name failslab, interval 1, probability 0, space 0, times 0 [ 1907.371945][T31747] CPU: 0 UID: 0 PID: 31747 Comm: syz.3.6008 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1907.371979][T31747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1907.371995][T31747] Call Trace: [ 1907.372004][T31747] [ 1907.372014][T31747] dump_stack_lvl+0x16c/0x1f0 [ 1907.372055][T31747] should_fail_ex+0x50a/0x650 [ 1907.372092][T31747] ? fs_reclaim_acquire+0xae/0x150 [ 1907.372124][T31747] ? constrain_params_by_rules+0x176/0xca0 [ 1907.372155][T31747] should_failslab+0xc2/0x120 [ 1907.372178][T31747] __kmalloc_noprof+0xcb/0x510 [ 1907.372207][T31747] ? kasan_quarantine_put+0x10a/0x240 [ 1907.372236][T31747] ? lockdep_hardirqs_on+0x7c/0x110 [ 1907.372271][T31747] constrain_params_by_rules+0x176/0xca0 [ 1907.372300][T31747] ? constrain_params_by_rules+0xa0e/0xca0 [ 1907.372336][T31747] ? constrain_params_by_rules+0xa13/0xca0 [ 1907.372380][T31747] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1907.372417][T31747] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1907.372456][T31747] ? snd_pcm_oss_change_params_locked+0x136c/0x3a60 [ 1907.372485][T31747] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1907.372516][T31747] ? snd_interval_refine+0x2fa/0x580 [ 1907.372556][T31747] snd_pcm_hw_refine+0x7e8/0xad0 [ 1907.372591][T31747] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1907.372628][T31747] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1907.372670][T31747] snd_pcm_hw_param_first+0x328/0x6e0 [ 1907.372706][T31747] snd_pcm_hw_param_near.constprop.0+0x711/0x8f0 [ 1907.372741][T31747] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1907.372773][T31747] ? calc_src_frames.isra.0+0x187/0x1d0 [ 1907.372810][T31747] snd_pcm_oss_change_params_locked+0x136c/0x3a60 [ 1907.372855][T31747] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1907.372887][T31747] ? __pfx___mutex_lock+0x10/0x10 [ 1907.372941][T31747] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1907.372972][T31747] snd_pcm_oss_sync+0x1d7/0x7f0 [ 1907.373005][T31747] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1907.373032][T31747] snd_pcm_oss_release+0x28b/0x310 [ 1907.373062][T31747] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1907.373089][T31747] __fput+0x3ff/0xb70 [ 1907.373121][T31747] task_work_run+0x14e/0x250 [ 1907.373155][T31747] ? __pfx_task_work_run+0x10/0x10 [ 1907.373189][T31747] ? __pfx___do_sys_close_range+0x10/0x10 [ 1907.373233][T31747] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1907.373268][T31747] do_syscall_64+0xda/0x250 [ 1907.373301][T31747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1907.373334][T31747] RIP: 0033:0x7efda1d8d169 [ 1907.373361][T31747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1907.373386][T31747] RSP: 002b:00007efda2c42038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1907.373410][T31747] RAX: 0000000000000000 RBX: 00007efda1fa5fa0 RCX: 00007efda1d8d169 [ 1907.373426][T31747] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1907.373441][T31747] RBP: 00007efda1e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1907.373456][T31747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1907.373471][T31747] R13: 0000000000000000 R14: 00007efda1fa5fa0 R15: 00007ffcf0fe87a8 [ 1907.373504][T31747] [ 1907.803452][T31741] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6007'. [ 1907.924074][T31743] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1907.963380][T31752] netlink: 'syz.3.6010': attribute type 2 has an invalid length. [ 1908.318213][T31759] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input24 [ 1908.898514][T31767] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input25 [ 1909.021202][T31769] vivid-003: ================= START STATUS ================= [ 1909.072276][T31769] vivid-003: Radio HW Seek Mode: Bounded [ 1909.078552][T31769] vivid-003: Radio Programmable HW Seek: false [ 1909.135781][T31769] vivid-003: RDS Rx I/O Mode: Block I/O [ 1909.141959][T31769] vivid-003: Generate RBDS Instead of RDS: false [ 1909.192241][T31769] vivid-003: RDS Reception: true [ 1909.210154][T31769] vivid-003: RDS Program Type: 0 inactive [ 1909.247288][T31769] vivid-003: RDS PS Name: inactive [ 1909.277970][T31777] FAULT_INJECTION: forcing a failure. [ 1909.277970][T31777] name failslab, interval 1, probability 0, space 0, times 0 [ 1909.292335][T31769] vivid-003: RDS Radio Text: inactive [ 1909.305390][T31769] vivid-003: RDS Traffic Announcement: false inactive [ 1909.319859][T31769] vivid-003: RDS Traffic Program: false inactive [ 1909.334885][T31777] CPU: 1 UID: 0 PID: 31777 Comm: syz.1.6017 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1909.334926][T31777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1909.334941][T31777] Call Trace: [ 1909.334949][T31777] [ 1909.334958][T31777] dump_stack_lvl+0x16c/0x1f0 [ 1909.334998][T31777] should_fail_ex+0x50a/0x650 [ 1909.335037][T31777] ? fs_reclaim_acquire+0xae/0x150 [ 1909.335071][T31777] ? constrain_params_by_rules+0x176/0xca0 [ 1909.335100][T31777] should_failslab+0xc2/0x120 [ 1909.335123][T31777] __kmalloc_noprof+0xcb/0x510 [ 1909.335154][T31777] ? mark_lock+0xb5/0xc60 [ 1909.335188][T31777] constrain_params_by_rules+0x176/0xca0 [ 1909.335216][T31777] ? __pfx___lock_acquire+0x10/0x10 [ 1909.335248][T31777] ? stack_trace_save+0x95/0xd0 [ 1909.335278][T31777] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1909.335306][T31777] ? lock_acquire.part.0+0x11b/0x380 [ 1909.335360][T31777] ? hlock_class+0x4e/0x130 [ 1909.335384][T31777] ? mark_lock+0xb5/0xc60 [ 1909.335415][T31777] ? snd_interval_refine+0x2fa/0x580 [ 1909.335454][T31777] snd_pcm_hw_refine+0x7e8/0xad0 [ 1909.335490][T31777] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1909.335525][T31777] ? __pfx_lock_release+0x10/0x10 [ 1909.335562][T31777] ? mark_held_locks+0x9f/0xe0 [ 1909.335602][T31777] snd_pcm_hw_params+0x3e6/0x1b20 [ 1909.335635][T31777] ? snd_pcm_hw_param_first+0x301/0x6e0 [ 1909.335661][T31777] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 1909.335694][T31777] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 1909.335728][T31777] ? snd_pcm_hw_param_near.constprop.0+0x743/0x8f0 [ 1909.335762][T31777] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1909.335799][T31777] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 1909.335834][T31777] snd_pcm_oss_change_params_locked+0x1406/0x3a60 [ 1909.335880][T31777] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1909.335920][T31777] ? __pfx___mutex_lock+0x10/0x10 [ 1909.335974][T31777] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1909.336003][T31777] snd_pcm_oss_sync+0x1d7/0x7f0 [ 1909.336035][T31777] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1909.336062][T31777] snd_pcm_oss_release+0x28b/0x310 [ 1909.336091][T31777] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1909.336120][T31777] __fput+0x3ff/0xb70 [ 1909.336154][T31777] task_work_run+0x14e/0x250 [ 1909.336190][T31777] ? __pfx_task_work_run+0x10/0x10 [ 1909.336225][T31777] ? __pfx___do_sys_close_range+0x10/0x10 [ 1909.336270][T31777] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1909.336301][T31777] do_syscall_64+0xda/0x250 [ 1909.336333][T31777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1909.336363][T31777] RIP: 0033:0x7fe96858d169 [ 1909.336383][T31777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1909.336406][T31777] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1909.336429][T31777] RAX: 0000000000000000 RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1909.336446][T31777] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1909.336459][T31777] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1909.336474][T31777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1909.336488][T31777] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1909.336521][T31777] [ 1909.336930][T31769] vivid-003: RDS Music: false inactive [ 1909.703394][T31769] vivid-003: ================== END STATUS ================== [ 1909.730689][T31781] FAULT_INJECTION: forcing a failure. [ 1909.730689][T31781] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1909.781266][T31781] CPU: 0 UID: 0 PID: 31781 Comm: syz.1.6019 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1909.781298][T31781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1909.781311][T31781] Call Trace: [ 1909.781318][T31781] [ 1909.781327][T31781] dump_stack_lvl+0x16c/0x1f0 [ 1909.781363][T31781] should_fail_ex+0x50a/0x650 [ 1909.781396][T31781] ? __pfx___might_resched+0x10/0x10 [ 1909.781434][T31781] should_fail_alloc_page+0xe7/0x130 [ 1909.781457][T31781] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 1909.781494][T31781] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 1909.781527][T31781] ? __pfx_mark_lock+0x10/0x10 [ 1909.781554][T31781] ? __pfx_stack_trace_save+0x10/0x10 [ 1909.781581][T31781] ? stack_depot_save_flags+0x28/0x9c0 [ 1909.781615][T31781] ? rcu_is_watching+0x12/0xc0 [ 1909.781644][T31781] ? kasan_save_stack+0x42/0x60 [ 1909.781677][T31781] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1909.781715][T31781] ? hlock_class+0x4e/0x130 [ 1909.781741][T31781] ? hlock_class+0x4e/0x130 [ 1909.781778][T31781] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1909.781815][T31781] ? policy_nodemask+0xea/0x4e0 [ 1909.781853][T31781] alloc_pages_mpol+0x1fc/0x540 [ 1909.781877][T31781] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1909.781908][T31781] alloc_pages_noprof+0x131/0x390 [ 1909.781932][T31781] pte_alloc_one+0x20/0x390 [ 1909.781966][T31781] do_pte_missing+0x1aff/0x3e10 [ 1909.782001][T31781] ? do_raw_spin_unlock+0x172/0x230 [ 1909.782025][T31781] ? __pmd_alloc+0x3c2/0x870 [ 1909.782062][T31781] __handle_mm_fault+0x1166/0x2c60 [ 1909.782103][T31781] ? __pfx___handle_mm_fault+0x10/0x10 [ 1909.782141][T31781] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1909.782193][T31781] ? find_vma+0xc0/0x140 [ 1909.782218][T31781] ? __pfx_find_vma+0x10/0x10 [ 1909.782250][T31781] handle_mm_fault+0x3fa/0xaa0 [ 1909.782290][T31781] do_user_addr_fault+0x7a3/0x13f0 [ 1909.782329][T31781] exc_page_fault+0x5c/0xc0 [ 1909.782358][T31781] asm_exc_page_fault+0x26/0x30 [ 1909.782389][T31781] RIP: 0010:__get_user_4+0x18/0x30 [ 1909.782414][T31781] Code: 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 [ 1909.782435][T31781] RSP: 0018:ffffc90010437ca8 EFLAGS: 00050287 [ 1909.782454][T31781] RAX: 0000000000000003 RBX: 0000000000000007 RCX: ffffc90010437c10 [ 1909.782468][T31781] RDX: 00007ffffffff000 RSI: ffffffff88c41990 RDI: ffffffff8bd34800 [ 1909.782483][T31781] RBP: ffff88806ae90000 R08: 0000000000000000 R09: fffffbfff20c4ee2 [ 1909.782498][T31781] R10: ffffffff90627717 R11: 0000000000000001 R12: 0000000000000007 [ 1909.782512][T31781] R13: 1ffff92002086f99 R14: dffffc0000000000 R15: 0000000000000003 [ 1909.782538][T31781] ? vhost_vring_ioctl+0xc0/0x1390 [ 1909.782570][T31781] vhost_vring_ioctl+0xc8/0x1390 [ 1909.782595][T31781] ? do_vfs_ioctl+0x513/0x1990 [ 1909.782621][T31781] ? __pfx_vhost_vring_ioctl+0x10/0x10 [ 1909.782648][T31781] ? vhost_dev_ioctl+0x131/0xdb0 [ 1909.782678][T31781] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 1909.782715][T31781] vhost_vsock_dev_ioctl+0x8be/0xb50 [ 1909.782742][T31781] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1909.782770][T31781] ? __fget_files+0x206/0x3a0 [ 1909.782805][T31781] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1909.782832][T31781] __x64_sys_ioctl+0x190/0x200 [ 1909.782862][T31781] do_syscall_64+0xcd/0x250 [ 1909.782894][T31781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1909.782925][T31781] RIP: 0033:0x7fe96858d169 [ 1909.782943][T31781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1909.782962][T31781] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1909.782983][T31781] RAX: ffffffffffffffda RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1909.782999][T31781] RDX: 0000000000000003 RSI: 0000000000000007 RDI: 0000000000000003 [ 1909.783012][T31781] RBP: 00007fe969401090 R08: 0000000000000000 R09: 0000000000000000 [ 1909.783026][T31781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1909.783039][T31781] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1909.783070][T31781] [ 1910.288609][T31786] netlink: 'syz.3.6020': attribute type 2 has an invalid length. [ 1910.513741][T31797] netlink: 330 bytes leftover after parsing attributes in process `syz.0.6025'. [ 1910.807815][T31797] syz.0.6025 (31797) used greatest stack depth: 20784 bytes left [ 1911.002435][T31790] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1911.077356][T31790] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1911.116052][T31790] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1911.176384][T31790] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1911.694551][T31814] FAULT_INJECTION: forcing a failure. [ 1911.694551][T31814] name failslab, interval 1, probability 0, space 0, times 0 [ 1911.708957][T31814] CPU: 1 UID: 0 PID: 31814 Comm: syz.0.6028 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1911.708991][T31814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1911.709007][T31814] Call Trace: [ 1911.709015][T31814] [ 1911.709026][T31814] dump_stack_lvl+0x16c/0x1f0 [ 1911.709066][T31814] should_fail_ex+0x50a/0x650 [ 1911.709104][T31814] ? fs_reclaim_acquire+0xae/0x150 [ 1911.709137][T31814] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 1911.709166][T31814] should_failslab+0xc2/0x120 [ 1911.709191][T31814] __kmalloc_cache_noprof+0x68/0x410 [ 1911.709224][T31814] ? snd_pcm_hw_param_first+0x301/0x6e0 [ 1911.709251][T31814] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 1911.709287][T31814] snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 1911.709322][T31814] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1911.709355][T31814] ? calc_src_frames.isra.0+0x187/0x1d0 [ 1911.709391][T31814] snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 1911.709437][T31814] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1911.709469][T31814] ? __pfx___mutex_lock+0x10/0x10 [ 1911.709523][T31814] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1911.709554][T31814] snd_pcm_oss_sync+0x1d7/0x7f0 [ 1911.709586][T31814] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1911.709615][T31814] snd_pcm_oss_release+0x28b/0x310 [ 1911.709645][T31814] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1911.709672][T31814] __fput+0x3ff/0xb70 [ 1911.709715][T31814] task_work_run+0x14e/0x250 [ 1911.709749][T31814] ? __pfx_task_work_run+0x10/0x10 [ 1911.709778][T31814] ? __pfx___do_sys_close_range+0x10/0x10 [ 1911.709822][T31814] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1911.709856][T31814] do_syscall_64+0xda/0x250 [ 1911.709889][T31814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1911.709929][T31814] RIP: 0033:0x7fdf44b8d169 [ 1911.709949][T31814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1911.709973][T31814] RSP: 002b:00007fdf45988038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1911.709998][T31814] RAX: 0000000000000000 RBX: 00007fdf44da5fa0 RCX: 00007fdf44b8d169 [ 1911.710015][T31814] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1911.710030][T31814] RBP: 00007fdf44c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1911.710046][T31814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1911.710061][T31814] R13: 0000000000000000 R14: 00007fdf44da5fa0 R15: 00007ffd92db1a28 [ 1911.710096][T31814] [ 1912.316917][T31821] vivid-003: ================= START STATUS ================= [ 1912.325498][T31821] vivid-003: Radio HW Seek Mode: Bounded [ 1912.331748][T31821] vivid-003: Radio Programmable HW Seek: false [ 1912.352219][T31821] vivid-003: RDS Rx I/O Mode: Block I/O [ 1912.358530][T31821] vivid-003: Generate RBDS Instead of RDS: false [ 1912.366333][T31821] vivid-003: RDS Reception: true [ 1912.375836][T31821] vivid-003: RDS Program Type: 0 inactive [ 1912.393255][T31821] vivid-003: RDS PS Name: inactive [ 1912.399049][T31821] vivid-003: RDS Radio Text: inactive [ 1912.412359][T31821] vivid-003: RDS Traffic Announcement: false inactive [ 1912.430233][T31821] vivid-003: RDS Traffic Program: false inactive [ 1912.437682][T31821] vivid-003: RDS Music: false inactive [ 1912.452314][T31821] vivid-003: ================== END STATUS ================== [ 1913.042695][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 1913.049373][ T5833] Bluetooth: hci4: command 0x0406 tx timeout [ 1913.202200][T31507] Bluetooth: hci0: command 0x0406 tx timeout [ 1913.262135][T31507] Bluetooth: hci1: command 0x0406 tx timeout [ 1913.747937][T31838] nvme_fabrics: missing parameter 'transport=%s' [ 1913.768512][T31838] nvme_fabrics: missing parameter 'nqn=%s' [ 1913.851394][T31842] nvme_fabrics: missing parameter 'transport=%s' [ 1913.863099][T31842] nvme_fabrics: missing parameter 'nqn=%s' [ 1914.126882][T31848] nvme_fabrics: missing parameter 'transport=%s' [ 1914.149579][T31848] nvme_fabrics: missing parameter 'nqn=%s' [ 1914.486440][T31856] vivid-003: ================= START STATUS ================= [ 1914.526528][T31856] vivid-003: Radio HW Seek Mode: Bounded [ 1914.606823][T31856] vivid-003: Radio Programmable HW Seek: false [ 1914.649220][T31856] vivid-003: RDS Rx I/O Mode: Block I/O [ 1914.655563][T31856] vivid-003: Generate RBDS Instead of RDS: false [ 1914.662628][T31856] vivid-003: RDS Reception: true [ 1914.668101][T31856] vivid-003: RDS Program Type: 0 inactive [ 1914.674573][T31856] vivid-003: RDS PS Name: inactive [ 1914.680338][T31856] vivid-003: RDS Radio Text: inactive [ 1914.686586][T31856] vivid-003: RDS Traffic Announcement: false inactive [ 1914.694188][T31856] vivid-003: RDS Traffic Program: false inactive [ 1914.701202][T31856] vivid-003: RDS Music: false inactive [ 1914.707316][T31856] vivid-003: ================== END STATUS ================== [ 1914.891261][T31869] FAULT_INJECTION: forcing a failure. [ 1914.891261][T31869] name failslab, interval 1, probability 0, space 0, times 0 [ 1914.905340][T31869] CPU: 1 UID: 0 PID: 31869 Comm: syz.1.6046 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1914.905373][T31869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1914.905395][T31869] Call Trace: [ 1914.905403][T31869] [ 1914.905413][T31869] dump_stack_lvl+0x16c/0x1f0 [ 1914.905451][T31869] should_fail_ex+0x50a/0x650 [ 1914.905489][T31869] ? fs_reclaim_acquire+0xae/0x150 [ 1914.905524][T31869] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 1914.905554][T31869] should_failslab+0xc2/0x120 [ 1914.905579][T31869] __kmalloc_cache_noprof+0x68/0x410 [ 1914.905611][T31869] ? snd_pcm_hw_param_first+0x301/0x6e0 [ 1914.905637][T31869] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 1914.905673][T31869] snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 1914.905707][T31869] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1914.905738][T31869] ? calc_src_frames.isra.0+0x187/0x1d0 [ 1914.905774][T31869] snd_pcm_oss_change_params_locked+0x136c/0x3a60 [ 1914.905819][T31869] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1914.905852][T31869] ? __pfx___mutex_lock+0x10/0x10 [ 1914.905907][T31869] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1914.905937][T31869] snd_pcm_oss_sync+0x1d7/0x7f0 [ 1914.905969][T31869] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1914.905997][T31869] snd_pcm_oss_release+0x28b/0x310 [ 1914.906026][T31869] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1914.906054][T31869] __fput+0x3ff/0xb70 [ 1914.906087][T31869] task_work_run+0x14e/0x250 [ 1914.906120][T31869] ? __pfx_task_work_run+0x10/0x10 [ 1914.906153][T31869] ? __pfx___do_sys_close_range+0x10/0x10 [ 1914.906197][T31869] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1914.906231][T31869] do_syscall_64+0xda/0x250 [ 1914.906265][T31869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1914.906299][T31869] RIP: 0033:0x7fe96858d169 [ 1914.906319][T31869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1914.906345][T31869] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1914.906369][T31869] RAX: 0000000000000000 RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1914.906392][T31869] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1914.906407][T31869] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1914.906424][T31869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1914.906440][T31869] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1914.906474][T31869] [ 1915.196533][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 1915.196657][T31872] FAULT_INJECTION: forcing a failure. [ 1915.196657][T31872] name failslab, interval 1, probability 0, space 0, times 0 [ 1915.205072][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 1915.219303][T31872] CPU: 0 UID: 0 PID: 31872 Comm: syz.3.6048 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1915.219334][T31872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1915.219348][T31872] Call Trace: [ 1915.219355][T31872] [ 1915.219365][T31872] dump_stack_lvl+0x16c/0x1f0 [ 1915.219400][T31872] should_fail_ex+0x50a/0x650 [ 1915.219435][T31872] ? fs_reclaim_acquire+0xae/0x150 [ 1915.219466][T31872] ? __pfx_filemap_map_pages+0x10/0x10 [ 1915.219493][T31872] should_failslab+0xc2/0x120 [ 1915.219516][T31872] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 1915.219550][T31872] ? ptlock_alloc+0x1f/0x70 [ 1915.219587][T31872] ? __pfx_filemap_map_pages+0x10/0x10 [ 1915.219620][T31872] ptlock_alloc+0x1f/0x70 [ 1915.219652][T31872] pte_alloc_one+0x74/0x390 [ 1915.219686][T31872] __do_fault+0x320/0x490 [ 1915.219714][T31872] ? __pfx_filemap_map_pages+0x10/0x10 [ 1915.219740][T31872] do_pte_missing+0x1a8/0x3e10 [ 1915.219774][T31872] ? do_raw_spin_unlock+0x172/0x230 [ 1915.219800][T31872] ? __pmd_alloc+0x3c2/0x870 [ 1915.219832][T31872] __handle_mm_fault+0x1166/0x2c60 [ 1915.219875][T31872] ? __pfx___handle_mm_fault+0x10/0x10 [ 1915.219906][T31872] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1915.219957][T31872] ? find_vma+0xc0/0x140 [ 1915.219984][T31872] ? __pfx_find_vma+0x10/0x10 [ 1915.220015][T31872] handle_mm_fault+0x3fa/0xaa0 [ 1915.220054][T31872] do_user_addr_fault+0x7a3/0x13f0 [ 1915.220093][T31872] exc_page_fault+0x5c/0xc0 [ 1915.220121][T31872] asm_exc_page_fault+0x26/0x30 [ 1915.220150][T31872] RIP: 0010:rep_movs_alternative+0x15/0x70 [ 1915.220175][T31872] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 [ 1915.220197][T31872] RSP: 0018:ffffc9000d647ba8 EFLAGS: 00050202 [ 1915.220216][T31872] RAX: 0000000000000006 RBX: 0000000000000002 RCX: 0000000000000002 [ 1915.220230][T31872] RDX: ffffed10043d8c40 RSI: ffff888021ec6200 RDI: 0000000000000000 [ 1915.220246][T31872] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed10043d8c40 [ 1915.220261][T31872] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc9000d647da0 [ 1915.220274][T31872] R13: 0000000000000002 R14: ffff888021ec6200 R15: 00007ffffffff000 [ 1915.220306][T31872] _copy_to_iter+0x385/0x1560 [ 1915.220333][T31872] ? trace_lock_acquire+0x14e/0x1f0 [ 1915.220363][T31872] ? __pfx__copy_to_iter+0x10/0x10 [ 1915.220386][T31872] ? __virt_addr_valid+0x1a4/0x590 [ 1915.220413][T31872] ? __virt_addr_valid+0x5e/0x590 [ 1915.220438][T31872] ? __phys_addr_symbol+0x30/0x80 [ 1915.220460][T31872] ? __check_object_size+0x488/0x710 [ 1915.220488][T31872] kernfs_fop_read_iter+0x34d/0x580 [ 1915.220514][T31872] ? __pfx_sysfs_kf_bin_read+0x10/0x10 [ 1915.220543][T31872] vfs_read+0x886/0xbf0 [ 1915.220579][T31872] ? __pfx_vfs_read+0x10/0x10 [ 1915.220636][T31872] ksys_read+0x12b/0x250 [ 1915.220665][T31872] ? __pfx_ksys_read+0x10/0x10 [ 1915.220704][T31872] do_syscall_64+0xcd/0x250 [ 1915.220736][T31872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1915.220766][T31872] RIP: 0033:0x7efda1d8d169 [ 1915.220785][T31872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1915.220806][T31872] RSP: 002b:00007efda2c42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1915.220827][T31872] RAX: ffffffffffffffda RBX: 00007efda1fa5fa0 RCX: 00007efda1d8d169 [ 1915.220843][T31872] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003 [ 1915.220857][T31872] RBP: 00007efda2c42090 R08: 0000000000000000 R09: 0000000000000000 [ 1915.220871][T31872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1915.220885][T31872] R13: 0000000000000000 R14: 00007efda1fa5fa0 R15: 00007ffcf0fe87a8 [ 1915.220916][T31872] [ 1915.285008][T31873] size and base must be multiples of 4 kiB [ 1915.646838][T31873] CPU: 0 UID: 0 PID: 31873 Comm: syz.2.6047 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1915.646869][T31873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1915.646881][T31873] Call Trace: [ 1915.646889][T31873] [ 1915.646898][T31873] dump_stack_lvl+0x16c/0x1f0 [ 1915.646933][T31873] mtrr_add+0xdf/0x110 [ 1915.646960][T31873] mtrr_ioctl+0x7f1/0xcf0 [ 1915.646988][T31873] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1915.647017][T31873] ? __pfx_lock_release+0x10/0x10 [ 1915.647061][T31873] ? __fget_files+0x206/0x3a0 [ 1915.647093][T31873] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1915.647122][T31873] proc_reg_unlocked_ioctl+0x226/0x320 [ 1915.647155][T31873] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1915.647191][T31873] __x64_sys_ioctl+0x190/0x200 [ 1915.647221][T31873] do_syscall_64+0xcd/0x250 [ 1915.647253][T31873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1915.647303][T31873] RIP: 0033:0x7f9d1738d169 [ 1915.647323][T31873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1915.647347][T31873] RSP: 002b:00007f9d1823b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1915.647370][T31873] RAX: ffffffffffffffda RBX: 00007f9d175a6080 RCX: 00007f9d1738d169 [ 1915.647387][T31873] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1915.647402][T31873] RBP: 00007f9d1740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1915.647415][T31873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1915.647428][T31873] R13: 0000000000000000 R14: 00007f9d175a6080 R15: 00007ffefca7de48 [ 1915.647460][T31873] [ 1915.898337][T31888] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6052'. [ 1916.547847][T31905] size and base must be multiples of 4 kiB [ 1916.580340][T31905] CPU: 0 UID: 0 PID: 31905 Comm: syz.0.6057 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1916.580377][T31905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1916.580394][T31905] Call Trace: [ 1916.580402][T31905] [ 1916.580413][T31905] dump_stack_lvl+0x16c/0x1f0 [ 1916.580464][T31905] mtrr_add+0xdf/0x110 [ 1916.580498][T31905] mtrr_ioctl+0x7f1/0xcf0 [ 1916.580533][T31905] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1916.580569][T31905] ? __pfx_lock_release+0x10/0x10 [ 1916.580618][T31905] ? __fget_files+0x206/0x3a0 [ 1916.580653][T31905] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1916.580686][T31905] proc_reg_unlocked_ioctl+0x226/0x320 [ 1916.580722][T31905] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1916.580763][T31905] __x64_sys_ioctl+0x190/0x200 [ 1916.580797][T31905] do_syscall_64+0xcd/0x250 [ 1916.580832][T31905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1916.580867][T31905] RIP: 0033:0x7fdf44b8d169 [ 1916.580887][T31905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1916.580912][T31905] RSP: 002b:00007fdf45967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1916.580937][T31905] RAX: ffffffffffffffda RBX: 00007fdf44da6080 RCX: 00007fdf44b8d169 [ 1916.580955][T31905] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1916.580971][T31905] RBP: 00007fdf44c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1916.580991][T31905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1916.581006][T31905] R13: 0000000000000000 R14: 00007fdf44da6080 R15: 00007ffd92db1a28 [ 1916.581040][T31905] [ 1916.790478][T31907] FAULT_INJECTION: forcing a failure. [ 1916.790478][T31907] name failslab, interval 1, probability 0, space 0, times 0 [ 1916.804439][T31907] CPU: 0 UID: 0 PID: 31907 Comm: syz.3.6059 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1916.804469][T31907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1916.804483][T31907] Call Trace: [ 1916.804490][T31907] [ 1916.804500][T31907] dump_stack_lvl+0x16c/0x1f0 [ 1916.804540][T31907] should_fail_ex+0x50a/0x650 [ 1916.804574][T31907] ? fs_reclaim_acquire+0xae/0x150 [ 1916.804604][T31907] ? constrain_params_by_rules+0x176/0xca0 [ 1916.804630][T31907] should_failslab+0xc2/0x120 [ 1916.804652][T31907] __kmalloc_noprof+0xcb/0x510 [ 1916.804683][T31907] ? unwind_get_return_address+0x59/0xa0 [ 1916.804722][T31907] constrain_params_by_rules+0x176/0xca0 [ 1916.804752][T31907] ? stack_trace_save+0x95/0xd0 [ 1916.804778][T31907] ? stack_depot_save_flags+0x28/0x9c0 [ 1916.804810][T31907] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1916.804842][T31907] ? __kasan_kmalloc+0xaa/0xb0 [ 1916.804869][T31907] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 1916.804893][T31907] ? snd_pcm_oss_change_params_locked+0x136c/0x3a60 [ 1916.804917][T31907] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1916.804949][T31907] ? snd_interval_refine+0x2fa/0x580 [ 1916.804983][T31907] snd_pcm_hw_refine+0x7e8/0xad0 [ 1916.805013][T31907] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1916.805049][T31907] ? _snd_pcm_hw_param_min+0x259/0x630 [ 1916.805076][T31907] snd_pcm_hw_param_near.constprop.0+0x597/0x8f0 [ 1916.805105][T31907] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1916.805131][T31907] ? calc_src_frames.isra.0+0x187/0x1d0 [ 1916.805162][T31907] snd_pcm_oss_change_params_locked+0x136c/0x3a60 [ 1916.805200][T31907] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1916.805226][T31907] ? __pfx___mutex_lock+0x10/0x10 [ 1916.805273][T31907] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1916.805299][T31907] snd_pcm_oss_sync+0x1d7/0x7f0 [ 1916.805326][T31907] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1916.805350][T31907] snd_pcm_oss_release+0x28b/0x310 [ 1916.805375][T31907] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1916.805397][T31907] __fput+0x3ff/0xb70 [ 1916.805425][T31907] task_work_run+0x14e/0x250 [ 1916.805454][T31907] ? __pfx_task_work_run+0x10/0x10 [ 1916.805482][T31907] ? __pfx___do_sys_close_range+0x10/0x10 [ 1916.805525][T31907] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1916.805554][T31907] do_syscall_64+0xda/0x250 [ 1916.805585][T31907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1916.805616][T31907] RIP: 0033:0x7efda1d8d169 [ 1916.805634][T31907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1916.805654][T31907] RSP: 002b:00007efda2c42038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1916.805675][T31907] RAX: 0000000000000000 RBX: 00007efda1fa5fa0 RCX: 00007efda1d8d169 [ 1916.805689][T31907] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1916.805702][T31907] RBP: 00007efda1e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1916.805715][T31907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1916.805729][T31907] R13: 0000000000000000 R14: 00007efda1fa5fa0 R15: 00007ffcf0fe87a8 [ 1916.805757][T31907] [ 1917.349431][T31914] FAULT_INJECTION: forcing a failure. [ 1917.349431][T31914] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1917.364090][T31914] CPU: 0 UID: 0 PID: 31914 Comm: syz.1.6064 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1917.364119][T31914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1917.364134][T31914] Call Trace: [ 1917.364141][T31914] [ 1917.364151][T31914] dump_stack_lvl+0x16c/0x1f0 [ 1917.364187][T31914] should_fail_ex+0x50a/0x650 [ 1917.364221][T31914] ? __pfx___might_resched+0x10/0x10 [ 1917.364261][T31914] should_fail_alloc_page+0xe7/0x130 [ 1917.364287][T31914] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 1917.364325][T31914] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 1917.364364][T31914] ? __pfx_mark_lock+0x10/0x10 [ 1917.364398][T31914] ? __pfx___lock_acquire+0x10/0x10 [ 1917.364429][T31914] ? mark_lock+0xb5/0xc60 [ 1917.364463][T31914] ? find_held_lock+0x2d/0x110 [ 1917.364490][T31914] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1917.364549][T31914] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1917.364587][T31914] ? policy_nodemask+0xea/0x4e0 [ 1917.364626][T31914] alloc_pages_mpol+0x1fc/0x540 [ 1917.364651][T31914] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1917.364675][T31914] ? find_held_lock+0x2d/0x110 [ 1917.364707][T31914] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1917.364736][T31914] shmem_alloc_folio+0x135/0x160 [ 1917.364775][T31914] shmem_alloc_and_add_folio+0x48e/0xc10 [ 1917.364808][T31914] ? shmem_huge_global_enabled+0x72/0x6b0 [ 1917.364833][T31914] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1917.364865][T31914] ? shmem_allowable_huge_orders+0xd0/0x410 [ 1917.364901][T31914] shmem_get_folio_gfp+0x689/0x1530 [ 1917.364936][T31914] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1917.364968][T31914] ? filemap_map_pages+0xf92/0x16b0 [ 1917.365001][T31914] shmem_fault+0x200/0xae0 [ 1917.365030][T31914] ? __pfx_shmem_fault+0x10/0x10 [ 1917.365065][T31914] ? do_pte_missing+0xde9/0x3e10 [ 1917.365097][T31914] ? __pfx_lock_release+0x10/0x10 [ 1917.365136][T31914] __do_fault+0x10a/0x490 [ 1917.365165][T31914] do_pte_missing+0xecf/0x3e10 [ 1917.365200][T31914] ? do_raw_spin_unlock+0x172/0x230 [ 1917.365226][T31914] ? __pmd_alloc+0x3c2/0x870 [ 1917.365258][T31914] __handle_mm_fault+0x1166/0x2c60 [ 1917.365300][T31914] ? __pfx___handle_mm_fault+0x10/0x10 [ 1917.365331][T31914] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1917.365383][T31914] ? find_vma+0xc0/0x140 [ 1917.365410][T31914] ? __pfx_find_vma+0x10/0x10 [ 1917.365442][T31914] handle_mm_fault+0x3fa/0xaa0 [ 1917.365488][T31914] do_user_addr_fault+0x7a3/0x13f0 [ 1917.365528][T31914] exc_page_fault+0x5c/0xc0 [ 1917.365558][T31914] asm_exc_page_fault+0x26/0x30 [ 1917.365588][T31914] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 1917.365614][T31914] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 1917.365636][T31914] RSP: 0018:ffffc9000d48fd40 EFLAGS: 00050212 [ 1917.365655][T31914] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000010 [ 1917.365670][T31914] RDX: fffff52001a91fb4 RSI: 0000000000000000 RDI: ffffc9000d48fd90 [ 1917.365686][T31914] RBP: 0000000000000010 R08: 0000000000000001 R09: fffff52001a91fb3 [ 1917.365701][T31914] R10: ffffc9000d48fd9f R11: 0000000000000000 R12: 0000000000000000 [ 1917.365716][T31914] R13: ffffc9000d48fd90 R14: dffffc0000000000 R15: 0000000000000003 [ 1917.365748][T31914] _copy_from_user+0x98/0xd0 [ 1917.365776][T31914] get_timespec64+0x8c/0x240 [ 1917.365804][T31914] ? __pfx_get_timespec64+0x10/0x10 [ 1917.365842][T31914] get_itimerspec64+0x1e/0x60 [ 1917.365871][T31914] __x64_sys_timerfd_settime+0x160/0x280 [ 1917.365909][T31914] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 1917.365950][T31914] ? ksys_write+0x1ba/0x250 [ 1917.365994][T31914] do_syscall_64+0xcd/0x250 [ 1917.366026][T31914] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1917.366057][T31914] RIP: 0033:0x7fe96858d169 [ 1917.366076][T31914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1917.366098][T31914] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 1917.366119][T31914] RAX: ffffffffffffffda RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1917.366136][T31914] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1917.366150][T31914] RBP: 00007fe969401090 R08: 0000000000000000 R09: 0000000000000000 [ 1917.366165][T31914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1917.366179][T31914] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1917.366211][T31914] [ 1918.622460][T31929] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1918.644989][T31929] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1918.651686][T31929] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1918.676637][T31929] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1919.054149][T31954] FAULT_INJECTION: forcing a failure. [ 1919.054149][T31954] name failslab, interval 1, probability 0, space 0, times 0 [ 1919.068315][T31954] CPU: 1 UID: 0 PID: 31954 Comm: syz.0.6071 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1919.068350][T31954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1919.068366][T31954] Call Trace: [ 1919.068374][T31954] [ 1919.068384][T31954] dump_stack_lvl+0x16c/0x1f0 [ 1919.068423][T31954] should_fail_ex+0x50a/0x650 [ 1919.068461][T31954] ? fs_reclaim_acquire+0xae/0x150 [ 1919.068496][T31954] ? constrain_params_by_rules+0x176/0xca0 [ 1919.068526][T31954] should_failslab+0xc2/0x120 [ 1919.068551][T31954] __kmalloc_noprof+0xcb/0x510 [ 1919.068587][T31954] ? unwind_get_return_address+0x59/0xa0 [ 1919.068632][T31954] constrain_params_by_rules+0x176/0xca0 [ 1919.068669][T31954] ? stack_trace_save+0x95/0xd0 [ 1919.068700][T31954] ? stack_depot_save_flags+0x28/0x9c0 [ 1919.068738][T31954] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1919.068777][T31954] ? __kasan_kmalloc+0xaa/0xb0 [ 1919.068810][T31954] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 1919.068837][T31954] ? snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 1919.068865][T31954] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1919.068904][T31954] ? snd_interval_refine+0x2fa/0x580 [ 1919.068945][T31954] snd_pcm_hw_refine+0x7e8/0xad0 [ 1919.068992][T31954] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1919.069039][T31954] ? _snd_pcm_hw_param_min+0x259/0x630 [ 1919.069072][T31954] snd_pcm_hw_param_near.constprop.0+0x597/0x8f0 [ 1919.069106][T31954] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1919.069136][T31954] ? calc_src_frames.isra.0+0x187/0x1d0 [ 1919.069171][T31954] snd_pcm_oss_change_params_locked+0x13cd/0x3a60 [ 1919.069217][T31954] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1919.069249][T31954] ? __pfx___mutex_lock+0x10/0x10 [ 1919.069303][T31954] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1919.069335][T31954] snd_pcm_oss_sync+0x1d7/0x7f0 [ 1919.069368][T31954] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1919.069397][T31954] snd_pcm_oss_release+0x28b/0x310 [ 1919.069427][T31954] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1919.069454][T31954] __fput+0x3ff/0xb70 [ 1919.069487][T31954] task_work_run+0x14e/0x250 [ 1919.069521][T31954] ? __pfx_task_work_run+0x10/0x10 [ 1919.069554][T31954] ? __pfx___do_sys_close_range+0x10/0x10 [ 1919.069599][T31954] syscall_exit_to_user_mode+0x27b/0x2a0 [ 1919.069633][T31954] do_syscall_64+0xda/0x250 [ 1919.069667][T31954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1919.069701][T31954] RIP: 0033:0x7fdf44b8d169 [ 1919.069721][T31954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1919.069745][T31954] RSP: 002b:00007fdf45988038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1919.069770][T31954] RAX: 0000000000000000 RBX: 00007fdf44da5fa0 RCX: 00007fdf44b8d169 [ 1919.069788][T31954] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1919.069803][T31954] RBP: 00007fdf44c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1919.069819][T31954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1919.069835][T31954] R13: 0000000000000000 R14: 00007fdf44da5fa0 R15: 00007ffd92db1a28 [ 1919.069869][T31954] [ 1920.698920][T31507] Bluetooth: hci1: command 0x0406 tx timeout [ 1920.705892][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 1920.705920][T13470] Bluetooth: hci2: command 0x0406 tx timeout [ 1920.712906][ T5833] Bluetooth: hci4: command 0x0406 tx timeout [ 1920.819774][T31972] size and base must be multiples of 4 kiB [ 1920.868456][T31972] CPU: 0 UID: 0 PID: 31972 Comm: syz.1.6073 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1920.868495][T31972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1920.868510][T31972] Call Trace: [ 1920.868518][T31972] [ 1920.868529][T31972] dump_stack_lvl+0x16c/0x1f0 [ 1920.868568][T31972] mtrr_add+0xdf/0x110 [ 1920.868602][T31972] mtrr_ioctl+0x7f1/0xcf0 [ 1920.868634][T31972] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1920.868669][T31972] ? __pfx_lock_release+0x10/0x10 [ 1920.868716][T31972] ? __fget_files+0x206/0x3a0 [ 1920.868752][T31972] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1920.868783][T31972] proc_reg_unlocked_ioctl+0x226/0x320 [ 1920.868819][T31972] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1920.868859][T31972] __x64_sys_ioctl+0x190/0x200 [ 1920.868891][T31972] do_syscall_64+0xcd/0x250 [ 1920.868927][T31972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1920.868961][T31972] RIP: 0033:0x7fe96858d169 [ 1920.868981][T31972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1920.869005][T31972] RSP: 002b:00007fe9693e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1920.869049][T31972] RAX: ffffffffffffffda RBX: 00007fe9687a6080 RCX: 00007fe96858d169 [ 1920.869067][T31972] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1920.869083][T31972] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1920.869100][T31972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1920.869116][T31972] R13: 0000000000000000 R14: 00007fe9687a6080 R15: 00007ffde82ceab8 [ 1920.869149][T31972] [ 1921.465142][T31974] FAULT_INJECTION: forcing a failure. [ 1921.465142][T31974] name failslab, interval 1, probability 0, space 0, times 0 [ 1921.532133][T31974] CPU: 0 UID: 0 PID: 31974 Comm: syz.1.6074 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1921.532174][T31974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1921.532187][T31974] Call Trace: [ 1921.532195][T31974] [ 1921.532206][T31974] dump_stack_lvl+0x16c/0x1f0 [ 1921.532244][T31974] should_fail_ex+0x50a/0x650 [ 1921.532284][T31974] ? fs_reclaim_acquire+0xae/0x150 [ 1921.532319][T31974] ? alloc_netdev_mqs+0xf93/0x15d0 [ 1921.532353][T31974] should_failslab+0xc2/0x120 [ 1921.532378][T31974] __kmalloc_cache_noprof+0x68/0x410 [ 1921.532419][T31974] alloc_netdev_mqs+0xf93/0x15d0 [ 1921.532461][T31974] gprs_attach+0x8d/0x640 [ 1921.532495][T31974] pep_setsockopt+0x419/0x510 [ 1921.532524][T31974] ? __pfx_pep_setsockopt+0x10/0x10 [ 1921.532558][T31974] ? sock_common_setsockopt+0x2e/0xf0 [ 1921.532586][T31974] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1921.532613][T31974] do_sock_setsockopt+0x222/0x480 [ 1921.532638][T31974] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1921.532665][T31974] ? lock_acquire+0x2f/0xb0 [ 1921.532715][T31974] __sys_setsockopt+0x1a0/0x230 [ 1921.532754][T31974] __x64_sys_setsockopt+0xbd/0x160 [ 1921.532785][T31974] ? do_syscall_64+0x91/0x250 [ 1921.532816][T31974] ? lockdep_hardirqs_on+0x7c/0x110 [ 1921.532846][T31974] do_syscall_64+0xcd/0x250 [ 1921.532880][T31974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1921.532914][T31974] RIP: 0033:0x7fe96858d169 [ 1921.532934][T31974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1921.532957][T31974] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1921.532981][T31974] RAX: ffffffffffffffda RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1921.533012][T31974] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000006 [ 1921.533028][T31974] RBP: 00007fe96860e2a0 R08: 0000000000000081 R09: 0000000000000000 [ 1921.533043][T31974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1921.533059][T31974] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1921.533092][T31974] [ 1922.296402][T31992] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input26 [ 1922.557241][T31997] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input27 [ 1923.153126][T32008] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6084'. [ 1923.163495][T32008] IPv6: NLM_F_CREATE should be specified when creating new route [ 1923.588047][T32017] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input28 [ 1923.893645][T32018] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1923.962176][T32018] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1923.992561][T32018] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1924.012385][T32018] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1925.982180][T31507] Bluetooth: hci4: command 0x0406 tx timeout [ 1926.052913][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 1926.052924][T31971] Bluetooth: hci2: command 0x0406 tx timeout [ 1926.066354][T31507] Bluetooth: hci1: command 0x0406 tx timeout [ 1929.564760][T32089] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1929.662807][T32089] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1929.669986][T32089] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1929.743028][T32089] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1929.956427][T32104] vivid-003: ================= START STATUS ================= [ 1929.968754][T32104] vivid-003: Radio HW Seek Mode: Bounded [ 1929.989272][T32104] vivid-003: Radio Programmable HW Seek: false [ 1930.006842][T32104] vivid-003: RDS Rx I/O Mode: Block I/O [ 1930.037393][T32104] vivid-003: Generate RBDS Instead of RDS: false [ 1930.071760][T32104] vivid-003: RDS Reception: true [ 1930.092299][T32104] vivid-003: RDS Program Type: 0 inactive [ 1930.126379][T32104] vivid-003: RDS PS Name: inactive [ 1930.164327][T32104] vivid-003: RDS Radio Text: inactive [ 1930.185760][T32104] vivid-003: RDS Traffic Announcement: false inactive [ 1930.208494][T32104] vivid-003: RDS Traffic Program: false inactive [ 1930.216205][T32104] vivid-003: RDS Music: false inactive [ 1930.223639][T32104] vivid-003: ================== END STATUS ================== [ 1931.380032][T32116] netlink: 'syz.3.6108': attribute type 2 has an invalid length. [ 1931.578032][T31507] Bluetooth: hci4: command 0x0406 tx timeout [ 1931.583041][T32121] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input29 [ 1931.732901][T31507] Bluetooth: hci0: command 0x0406 tx timeout [ 1931.732912][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 1931.812191][T31507] Bluetooth: hci1: command 0x0406 tx timeout [ 1932.024306][T32128] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input30 [ 1934.268937][T32152] size and base must be multiples of 4 kiB [ 1934.275558][T32152] CPU: 0 UID: 0 PID: 32152 Comm: syz.2.6116 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1934.275590][T32152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1934.275606][T32152] Call Trace: [ 1934.275614][T32152] [ 1934.275624][T32152] dump_stack_lvl+0x16c/0x1f0 [ 1934.275661][T32152] mtrr_add+0xdf/0x110 [ 1934.275693][T32152] mtrr_ioctl+0x7f1/0xcf0 [ 1934.275725][T32152] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1934.275760][T32152] ? __pfx_lock_release+0x10/0x10 [ 1934.275807][T32152] ? __fget_files+0x206/0x3a0 [ 1934.275839][T32152] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1934.275868][T32152] proc_reg_unlocked_ioctl+0x226/0x320 [ 1934.275898][T32152] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1934.275921][T32152] __x64_sys_ioctl+0x190/0x200 [ 1934.275939][T32152] do_syscall_64+0xcd/0x250 [ 1934.275958][T32152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1934.275978][T32152] RIP: 0033:0x7f9d1738d169 [ 1934.275989][T32152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1934.276003][T32152] RSP: 002b:00007f9d1823b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1934.276016][T32152] RAX: ffffffffffffffda RBX: 00007f9d175a6080 RCX: 00007f9d1738d169 [ 1934.276025][T32152] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1934.276033][T32152] RBP: 00007f9d1740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1934.276042][T32152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1934.276050][T32152] R13: 0000000000000000 R14: 00007f9d175a6080 R15: 00007ffefca7de48 [ 1934.276067][T32152] [ 1936.835689][T32176] vivid-003: ================= START STATUS ================= [ 1936.862310][T32176] vivid-003: Radio HW Seek Mode: Bounded [ 1936.872764][T32176] vivid-003: Radio Programmable HW Seek: false [ 1936.892158][T32176] vivid-003: RDS Rx I/O Mode: Block I/O [ 1936.893009][T32178] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input31 [ 1936.924193][T32176] vivid-003: Generate RBDS Instead of RDS: false [ 1936.941014][T32176] vivid-003: RDS Reception: true [ 1936.965664][T32176] vivid-003: RDS Program Type: 0 inactive [ 1936.972430][T32164] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1936.982347][T32164] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1937.012614][T32176] vivid-003: RDS PS Name: inactive [ 1937.029148][T32164] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1937.046810][T32176] vivid-003: RDS Radio Text: inactive [ 1937.105018][T32176] vivid-003: RDS Traffic Announcement: false inactive [ 1937.131079][T32164] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1937.144719][T32176] vivid-003: RDS Traffic Program: false inactive [ 1937.194575][T32176] vivid-003: RDS Music: false inactive [ 1937.218389][T32176] vivid-003: ================== END STATUS ================== [ 1938.170462][T32203] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input32 [ 1939.022333][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 1939.022341][T31971] Bluetooth: hci4: command 0x0406 tx timeout [ 1939.022397][T31507] Bluetooth: hci0: command 0x0406 tx timeout [ 1939.172423][T31507] Bluetooth: hci1: command 0x0406 tx timeout [ 1939.542477][T32213] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1939.558599][T32213] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1939.566373][T32213] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1939.576516][T32213] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1939.692491][T32232] usb usb32: usbfs: process 32232 (syz.0.6137) did not claim interface 0 before use [ 1939.795619][T32234] size and base must be multiples of 4 kiB [ 1939.802226][T32234] CPU: 1 UID: 0 PID: 32234 Comm: syz.1.6136 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1939.802259][T32234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1939.802274][T32234] Call Trace: [ 1939.802281][T32234] [ 1939.802291][T32234] dump_stack_lvl+0x16c/0x1f0 [ 1939.802332][T32234] mtrr_add+0xdf/0x110 [ 1939.802364][T32234] mtrr_ioctl+0x7f1/0xcf0 [ 1939.802396][T32234] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1939.802430][T32234] ? __pfx_lock_release+0x10/0x10 [ 1939.802476][T32234] ? __fget_files+0x206/0x3a0 [ 1939.802511][T32234] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1939.802542][T32234] proc_reg_unlocked_ioctl+0x226/0x320 [ 1939.802578][T32234] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1939.802617][T32234] __x64_sys_ioctl+0x190/0x200 [ 1939.802649][T32234] do_syscall_64+0xcd/0x250 [ 1939.802683][T32234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1939.802717][T32234] RIP: 0033:0x7fe96858d169 [ 1939.802738][T32234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1939.802761][T32234] RSP: 002b:00007fe9693e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1939.802784][T32234] RAX: ffffffffffffffda RBX: 00007fe9687a6080 RCX: 00007fe96858d169 [ 1939.802802][T32234] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1939.802816][T32234] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1939.802832][T32234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1939.802846][T32234] R13: 0000000000000000 R14: 00007fe9687a6080 R15: 00007ffde82ceab8 [ 1939.802878][T32234] [ 1940.228939][T32233] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1940.278975][T32233] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1940.355629][T32233] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1940.438095][T32233] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1940.895574][T32255] FAULT_INJECTION: forcing a failure. [ 1940.895574][T32255] name failslab, interval 1, probability 0, space 0, times 0 [ 1941.003080][T32255] CPU: 0 UID: 0 PID: 32255 Comm: syz.2.6141 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1941.003115][T32255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1941.003129][T32255] Call Trace: [ 1941.003137][T32255] [ 1941.003147][T32255] dump_stack_lvl+0x16c/0x1f0 [ 1941.003183][T32255] should_fail_ex+0x50a/0x650 [ 1941.003218][T32255] ? fs_reclaim_acquire+0xae/0x150 [ 1941.003251][T32255] ? sctp_auth_shkey_create+0x87/0x1f0 [ 1941.003281][T32255] should_failslab+0xc2/0x120 [ 1941.003305][T32255] __kmalloc_cache_noprof+0x68/0x410 [ 1941.003337][T32255] ? __genradix_ptr_alloc+0x32e/0x5d0 [ 1941.003371][T32255] sctp_auth_shkey_create+0x87/0x1f0 [ 1941.003404][T32255] sctp_auth_asoc_copy_shkeys+0x1f4/0x360 [ 1941.003443][T32255] sctp_association_new+0x1976/0x2ab0 [ 1941.003486][T32255] sctp_connect_new_asoc+0x1b7/0x790 [ 1941.003524][T32255] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1941.003562][T32255] ? mark_held_locks+0x9f/0xe0 [ 1941.003597][T32255] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 1941.003636][T32255] sctp_sendmsg+0x1610/0x1eb0 [ 1941.003669][T32255] ? __pfx___lock_acquire+0x10/0x10 [ 1941.003710][T32255] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1941.003766][T32255] ? __pfx_aa_sk_perm+0x10/0x10 [ 1941.003798][T32255] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1941.003834][T32255] inet_sendmsg+0x119/0x140 [ 1941.003871][T32255] __sys_sendto+0x42a/0x4f0 [ 1941.003903][T32255] ? __pfx___sys_sendto+0x10/0x10 [ 1941.003964][T32255] ? ksys_write+0x1ba/0x250 [ 1941.003995][T32255] ? __pfx_ksys_write+0x10/0x10 [ 1941.004031][T32255] __x64_sys_sendto+0xe0/0x1c0 [ 1941.004066][T32255] ? do_syscall_64+0x91/0x250 [ 1941.004096][T32255] ? lockdep_hardirqs_on+0x7c/0x110 [ 1941.004125][T32255] do_syscall_64+0xcd/0x250 [ 1941.004158][T32255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1941.004191][T32255] RIP: 0033:0x7f9d1738d169 [ 1941.004210][T32255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1941.004233][T32255] RSP: 002b:00007f9d1823b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1941.004256][T32255] RAX: ffffffffffffffda RBX: 00007f9d175a6080 RCX: 00007f9d1738d169 [ 1941.004273][T32255] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000009 [ 1941.004288][T32255] RBP: 00007f9d1823b090 R08: 0000400000000000 R09: 000000000000001c [ 1941.004303][T32255] R10: 000000000000007f R11: 0000000000000246 R12: 0000000000000001 [ 1941.004318][T32255] R13: 0000000000000000 R14: 00007f9d175a6080 R15: 00007ffefca7de48 [ 1941.004351][T32255] [ 1941.566324][T32263] size and base must be multiples of 4 kiB [ 1941.582249][T32263] CPU: 0 UID: 0 PID: 32263 Comm: syz.1.6144 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1941.582283][T32263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1941.582297][T32263] Call Trace: [ 1941.582305][T32263] [ 1941.582315][T32263] dump_stack_lvl+0x16c/0x1f0 [ 1941.582352][T32263] mtrr_add+0xdf/0x110 [ 1941.582382][T32263] mtrr_ioctl+0x7f1/0xcf0 [ 1941.582414][T32263] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1941.582447][T32263] ? __pfx_lock_release+0x10/0x10 [ 1941.582489][T32263] ? __fget_files+0x206/0x3a0 [ 1941.582521][T32263] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1941.582549][T32263] proc_reg_unlocked_ioctl+0x226/0x320 [ 1941.582581][T32263] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1941.582619][T32263] __x64_sys_ioctl+0x190/0x200 [ 1941.582647][T32263] do_syscall_64+0xcd/0x250 [ 1941.582681][T32263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1941.582711][T32263] RIP: 0033:0x7fe96858d169 [ 1941.582729][T32263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1941.582749][T32263] RSP: 002b:00007fe9693e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1941.582769][T32263] RAX: ffffffffffffffda RBX: 00007fe9687a6080 RCX: 00007fe96858d169 [ 1941.582783][T32263] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1941.582796][T32263] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1941.582809][T32263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1941.582822][T32263] R13: 0000000000000000 R14: 00007fe9687a6080 R15: 00007ffde82ceab8 [ 1941.582858][T32263] [ 1942.292453][T31507] Bluetooth: hci2: command 0x0406 tx timeout [ 1942.299238][ T5833] Bluetooth: hci4: command 0x0406 tx timeout [ 1942.372931][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 1942.452244][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 1943.074281][T32282] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input33 [ 1943.850796][T32297] netlink: 'syz.0.6154': attribute type 2 has an invalid length. [ 1945.517320][T32323] netlink: 'syz.3.6159': attribute type 2 has an invalid length. [ 1946.567558][T32340] size and base must be multiples of 4 kiB [ 1946.652014][T32340] CPU: 1 UID: 0 PID: 32340 Comm: syz.0.6163 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1946.652053][T32340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1946.652071][T32340] Call Trace: [ 1946.652078][T32340] [ 1946.652088][T32340] dump_stack_lvl+0x16c/0x1f0 [ 1946.652127][T32340] mtrr_add+0xdf/0x110 [ 1946.652161][T32340] mtrr_ioctl+0x7f1/0xcf0 [ 1946.652194][T32340] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1946.652228][T32340] ? __pfx_lock_release+0x10/0x10 [ 1946.652285][T32340] ? __fget_files+0x206/0x3a0 [ 1946.652323][T32340] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1946.652356][T32340] proc_reg_unlocked_ioctl+0x226/0x320 [ 1946.652394][T32340] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1946.652434][T32340] __x64_sys_ioctl+0x190/0x200 [ 1946.652467][T32340] do_syscall_64+0xcd/0x250 [ 1946.652501][T32340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1946.652536][T32340] RIP: 0033:0x7fdf44b8d169 [ 1946.652558][T32340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1946.652582][T32340] RSP: 002b:00007fdf45967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1946.652606][T32340] RAX: ffffffffffffffda RBX: 00007fdf44da6080 RCX: 00007fdf44b8d169 [ 1946.652623][T32340] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1946.652639][T32340] RBP: 00007fdf44c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1946.652655][T32340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1946.652670][T32340] R13: 0000000000000000 R14: 00007fdf44da6080 R15: 00007ffd92db1a28 [ 1946.652703][T32340] [ 1947.637936][T32356] vivid-003: ================= START STATUS ================= [ 1947.646554][T32356] vivid-003: Radio HW Seek Mode: Bounded [ 1947.653405][T32356] vivid-003: Radio Programmable HW Seek: false [ 1947.660592][T32356] vivid-003: RDS Rx I/O Mode: Block I/O [ 1947.667052][T32356] vivid-003: Generate RBDS Instead of RDS: false [ 1947.674487][T32356] vivid-003: RDS Reception: true [ 1947.679968][T32356] vivid-003: RDS Program Type: 0 inactive [ 1947.686739][T32356] vivid-003: RDS PS Name: inactive [ 1947.692882][T32356] vivid-003: RDS Radio Text: inactive [ 1947.699956][T32356] vivid-003: RDS Traffic Announcement: false inactive [ 1947.707874][T32356] vivid-003: RDS Traffic Program: false inactive [ 1947.717501][T32356] vivid-003: RDS Music: false inactive [ 1947.731689][T32356] vivid-003: ================== END STATUS ================== [ 1948.031214][T32363] netlink: 'syz.1.6171': attribute type 2 has an invalid length. [ 1948.578466][T32377] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input34 [ 1948.815691][T32381] FAULT_INJECTION: forcing a failure. [ 1948.815691][T32381] name failslab, interval 1, probability 0, space 0, times 0 [ 1948.840818][T32381] CPU: 0 UID: 0 PID: 32381 Comm: syz.2.6177 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1948.840853][T32381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1948.840869][T32381] Call Trace: [ 1948.840877][T32381] [ 1948.840888][T32381] dump_stack_lvl+0x16c/0x1f0 [ 1948.840927][T32381] should_fail_ex+0x50a/0x650 [ 1948.840964][T32381] ? fs_reclaim_acquire+0xae/0x150 [ 1948.841000][T32381] should_failslab+0xc2/0x120 [ 1948.841025][T32381] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 1948.841064][T32381] ? ptlock_alloc+0x1f/0x70 [ 1948.841107][T32381] ptlock_alloc+0x1f/0x70 [ 1948.841141][T32381] pte_alloc_one+0x74/0x390 [ 1948.841178][T32381] __pte_alloc+0x6e/0x3d0 [ 1948.841207][T32381] ? __pfx___pte_alloc+0x10/0x10 [ 1948.841236][T32381] ? __pfx_lock_release+0x10/0x10 [ 1948.841269][T32381] ? do_raw_spin_lock+0x12d/0x2c0 [ 1948.841305][T32381] do_pte_missing+0x2828/0x3e10 [ 1948.841347][T32381] ? _raw_spin_unlock+0x28/0x50 [ 1948.841374][T32381] ? __pmd_alloc+0x3c2/0x870 [ 1948.841411][T32381] __handle_mm_fault+0x1166/0x2c60 [ 1948.841455][T32381] ? __pfx___handle_mm_fault+0x10/0x10 [ 1948.841521][T32381] handle_mm_fault+0x3fa/0xaa0 [ 1948.841562][T32381] __get_user_pages+0x773/0x36f0 [ 1948.841605][T32381] ? __pfx_mt_find+0x10/0x10 [ 1948.841638][T32381] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 1948.841673][T32381] ? __pfx___get_user_pages+0x10/0x10 [ 1948.841711][T32381] ? __mm_populate+0x21d/0x380 [ 1948.841753][T32381] populate_vma_page_range+0x27f/0x3a0 [ 1948.841795][T32381] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1948.841833][T32381] ? __pfx_find_vma_intersection+0x10/0x10 [ 1948.841868][T32381] ? vm_mmap_pgoff+0x29b/0x3a0 [ 1948.841908][T32381] __mm_populate+0x1d6/0x380 [ 1948.841945][T32381] ? __pfx___mm_populate+0x10/0x10 [ 1948.841985][T32381] ? up_write+0x1b2/0x520 [ 1948.842025][T32381] vm_mmap_pgoff+0x2d3/0x3a0 [ 1948.842062][T32381] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1948.842096][T32381] ? native_tss_update_io_bitmap+0x3cc/0x730 [ 1948.842128][T32381] ? __x64_sys_futex+0x1ea/0x4c0 [ 1948.842159][T32381] ksys_mmap_pgoff+0x7d/0x5c0 [ 1948.842185][T32381] ? rcu_is_watching+0x12/0xc0 [ 1948.842216][T32381] __x64_sys_mmap+0x125/0x190 [ 1948.842253][T32381] do_syscall_64+0xcd/0x250 [ 1948.842297][T32381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1948.842335][T32381] RIP: 0033:0x7f9d1738d169 [ 1948.842356][T32381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1948.842380][T32381] RSP: 002b:00007f9d1825c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1948.842403][T32381] RAX: ffffffffffffffda RBX: 00007f9d175a5fa0 RCX: 00007f9d1738d169 [ 1948.842421][T32381] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1948.842438][T32381] RBP: 00007f9d1740e2a0 R08: 0000000000000002 R09: 0000000000008000 [ 1948.842455][T32381] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1948.842472][T32381] R13: 0000000000000000 R14: 00007f9d175a5fa0 R15: 00007ffefca7de48 [ 1948.842507][T32381] [ 1949.426338][T32388] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input35 [ 1949.557585][T32390] vivid-003: ================= START STATUS ================= [ 1949.580916][T32390] vivid-003: Radio HW Seek Mode: Bounded [ 1949.612200][T32390] vivid-003: Radio Programmable HW Seek: false [ 1949.619063][T32390] vivid-003: RDS Rx I/O Mode: Block I/O [ 1949.658993][T32390] vivid-003: Generate RBDS Instead of RDS: false [ 1949.688180][T32390] vivid-003: RDS Reception: true [ 1949.694280][T32390] vivid-003: RDS Program Type: 0 inactive [ 1949.700722][T32390] vivid-003: RDS PS Name: inactive [ 1949.707987][T32390] vivid-003: RDS Radio Text: inactive [ 1949.714657][T32390] vivid-003: RDS Traffic Announcement: false inactive [ 1949.722693][T32390] vivid-003: RDS Traffic Program: false inactive [ 1949.729849][T32390] vivid-003: RDS Music: false inactive [ 1949.739818][T32390] vivid-003: ================== END STATUS ================== [ 1950.657528][T32386] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1950.757783][T32386] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1950.792890][T32386] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1950.799576][T32386] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1952.335371][T32431] size and base must be multiples of 4 kiB [ 1952.398755][T32431] CPU: 1 UID: 0 PID: 32431 Comm: syz.1.6189 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1952.398792][T32431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1952.398808][T32431] Call Trace: [ 1952.398817][T32431] [ 1952.398828][T32431] dump_stack_lvl+0x16c/0x1f0 [ 1952.398868][T32431] mtrr_add+0xdf/0x110 [ 1952.398901][T32431] mtrr_ioctl+0x7f1/0xcf0 [ 1952.398933][T32431] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1952.398969][T32431] ? __pfx_lock_release+0x10/0x10 [ 1952.399015][T32431] ? __fget_files+0x206/0x3a0 [ 1952.399053][T32431] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1952.399081][T32431] proc_reg_unlocked_ioctl+0x226/0x320 [ 1952.399113][T32431] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1952.399152][T32431] __x64_sys_ioctl+0x190/0x200 [ 1952.399184][T32431] do_syscall_64+0xcd/0x250 [ 1952.399219][T32431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1952.399253][T32431] RIP: 0033:0x7fe96858d169 [ 1952.399273][T32431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1952.399298][T32431] RSP: 002b:00007fe9693e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1952.399323][T32431] RAX: ffffffffffffffda RBX: 00007fe9687a6080 RCX: 00007fe96858d169 [ 1952.399341][T32431] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1952.399357][T32431] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1952.399372][T32431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1952.399388][T32431] R13: 0000000000000000 R14: 00007fe9687a6080 R15: 00007ffde82ceab8 [ 1952.399420][T32431] [ 1952.692370][ T5833] Bluetooth: hci4: command 0x0406 tx timeout [ 1952.735734][T32438] size and base must be multiples of 4 kiB [ 1952.742363][T32438] CPU: 0 UID: 0 PID: 32438 Comm: syz.0.6191 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1952.742396][T32438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1952.742412][T32438] Call Trace: [ 1952.742420][T32438] [ 1952.742430][T32438] dump_stack_lvl+0x16c/0x1f0 [ 1952.742469][T32438] mtrr_add+0xdf/0x110 [ 1952.742500][T32438] mtrr_ioctl+0x7f1/0xcf0 [ 1952.742534][T32438] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1952.742569][T32438] ? __pfx_lock_release+0x10/0x10 [ 1952.742615][T32438] ? __fget_files+0x206/0x3a0 [ 1952.742648][T32438] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1952.742678][T32438] proc_reg_unlocked_ioctl+0x226/0x320 [ 1952.742714][T32438] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1952.742754][T32438] __x64_sys_ioctl+0x190/0x200 [ 1952.742785][T32438] do_syscall_64+0xcd/0x250 [ 1952.742820][T32438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1952.742853][T32438] RIP: 0033:0x7fdf44b8d169 [ 1952.742874][T32438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1952.742957][T32438] RSP: 002b:00007fdf45967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1952.742981][T32438] RAX: ffffffffffffffda RBX: 00007fdf44da6080 RCX: 00007fdf44b8d169 [ 1952.742998][T32438] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1952.743014][T32438] RBP: 00007fdf44c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1952.743030][T32438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1952.743042][T32438] R13: 0000000000000000 R14: 00007fdf44da6080 R15: 00007ffd92db1a28 [ 1952.743075][T32438] [ 1952.993646][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 1953.000314][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 1953.007004][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 1953.015633][T32445] netlink: 'syz.1.6195': attribute type 2 has an invalid length. [ 1953.428676][T32460] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input36 [ 1953.816456][T32478] FAULT_INJECTION: forcing a failure. [ 1953.816456][T32478] name failslab, interval 1, probability 0, space 0, times 0 [ 1953.852250][T32478] CPU: 0 UID: 0 PID: 32478 Comm: syz.1.6201 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1953.852284][T32478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1953.852297][T32478] Call Trace: [ 1953.852304][T32478] [ 1953.852313][T32478] dump_stack_lvl+0x16c/0x1f0 [ 1953.852347][T32478] should_fail_ex+0x50a/0x650 [ 1953.852383][T32478] ? fs_reclaim_acquire+0xae/0x150 [ 1953.852415][T32478] should_failslab+0xc2/0x120 [ 1953.852438][T32478] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 1953.852473][T32478] ? __alloc_skb+0x2b1/0x380 [ 1953.852504][T32478] ? hlock_class+0x4e/0x130 [ 1953.852531][T32478] __alloc_skb+0x2b1/0x380 [ 1953.852558][T32478] ? __pfx___alloc_skb+0x10/0x10 [ 1953.852583][T32478] ? hlock_class+0x4e/0x130 [ 1953.852603][T32478] ? __lock_acquire+0x1580/0x3c40 [ 1953.852639][T32478] alloc_skb_with_frags+0xe4/0x850 [ 1953.852658][T32478] ? mark_lock+0xb5/0xc60 [ 1953.852688][T32478] sock_alloc_send_pskb+0x7f1/0x980 [ 1953.852724][T32478] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1953.852750][T32478] ? __pfx_lock_release+0x10/0x10 [ 1953.852786][T32478] ? mark_held_locks+0x9f/0xe0 [ 1953.852813][T32478] ? __local_bh_enable_ip+0xa4/0x120 [ 1953.852846][T32478] j1939_sk_sendmsg+0x6b7/0x1350 [ 1953.852874][T32478] ? __pfx_lock_release+0x10/0x10 [ 1953.852904][T32478] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 1953.852934][T32478] ____sys_sendmsg+0xaaf/0xc90 [ 1953.852956][T32478] ? copy_msghdr_from_user+0x10b/0x160 [ 1953.852985][T32478] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1953.853005][T32478] ? __lock_acquire+0xcc5/0x3c40 [ 1953.853035][T32478] ? hlock_class+0x4e/0x130 [ 1953.853055][T32478] ? __lock_acquire+0x15a9/0x3c40 [ 1953.853088][T32478] ___sys_sendmsg+0x135/0x1e0 [ 1953.853117][T32478] ? __pfx____sys_sendmsg+0x10/0x10 [ 1953.853144][T32478] ? __pfx___lock_acquire+0x10/0x10 [ 1953.853196][T32478] ? __pfx___might_resched+0x10/0x10 [ 1953.853226][T32478] ? __might_fault+0xe3/0x190 [ 1953.853251][T32478] __sys_sendmmsg+0x201/0x420 [ 1953.853283][T32478] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1953.853321][T32478] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1953.853359][T32478] ? fput+0x67/0x440 [ 1953.853380][T32478] ? ksys_write+0x1ba/0x250 [ 1953.853406][T32478] ? __pfx_ksys_write+0x10/0x10 [ 1953.853437][T32478] __x64_sys_sendmmsg+0x9c/0x100 [ 1953.853465][T32478] ? lockdep_hardirqs_on+0x7c/0x110 [ 1953.853490][T32478] do_syscall_64+0xcd/0x250 [ 1953.853517][T32478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1953.853545][T32478] RIP: 0033:0x7fe96858d169 [ 1953.853562][T32478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1953.853582][T32478] RSP: 002b:00007fe9693e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1953.853601][T32478] RAX: ffffffffffffffda RBX: 00007fe9687a6080 RCX: 00007fe96858d169 [ 1953.853616][T32478] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1953.853628][T32478] RBP: 00007fe9693e0090 R08: 0000000000000000 R09: 0000000000000000 [ 1953.853641][T32478] R10: 0000000000000a00 R11: 0000000000000246 R12: 0000000000000001 [ 1953.853653][T32478] R13: 0000000000000000 R14: 00007fe9687a6080 R15: 00007ffde82ceab8 [ 1953.853681][T32478] [ 1954.514154][T32491] size and base must be multiples of 4 kiB [ 1954.520651][T32491] CPU: 0 UID: 0 PID: 32491 Comm: syz.0.6204 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1954.520682][T32491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1954.520698][T32491] Call Trace: [ 1954.520706][T32491] [ 1954.520722][T32491] dump_stack_lvl+0x16c/0x1f0 [ 1954.520761][T32491] mtrr_add+0xdf/0x110 [ 1954.520795][T32491] mtrr_ioctl+0x7f1/0xcf0 [ 1954.520828][T32491] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1954.520864][T32491] ? __pfx_lock_release+0x10/0x10 [ 1954.520900][T32491] ? __pfx___might_resched+0x10/0x10 [ 1954.520945][T32491] ? __fget_files+0x206/0x3a0 [ 1954.520980][T32491] ? __pfx_mtrr_ioctl+0x10/0x10 [ 1954.521011][T32491] proc_reg_unlocked_ioctl+0x226/0x320 [ 1954.521047][T32491] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 1954.521086][T32491] __x64_sys_ioctl+0x190/0x200 [ 1954.521118][T32491] do_syscall_64+0xcd/0x250 [ 1954.521152][T32491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1954.521186][T32491] RIP: 0033:0x7fdf44b8d169 [ 1954.521205][T32491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1954.521229][T32491] RSP: 002b:00007fdf45967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1954.521253][T32491] RAX: ffffffffffffffda RBX: 00007fdf44da6080 RCX: 00007fdf44b8d169 [ 1954.521271][T32491] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 1954.521287][T32491] RBP: 00007fdf44c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1954.521304][T32491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1954.521320][T32491] R13: 0000000000000000 R14: 00007fdf44da6080 R15: 00007ffd92db1a28 [ 1954.521352][T32491] [ 1955.044738][T32511] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6209'. [ 1956.031460][T32547] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input37 [ 1956.773484][T32555] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1956.817245][T32555] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1956.858556][T32555] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1956.875624][T32555] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1957.101362][T32564] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input38 [ 1957.429006][T32571] FAULT_INJECTION: forcing a failure. [ 1957.429006][T32571] name failslab, interval 1, probability 0, space 0, times 0 [ 1957.478579][T32571] CPU: 1 UID: 0 PID: 32571 Comm: syz.1.6220 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1957.478612][T32571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1957.478624][T32571] Call Trace: [ 1957.478633][T32571] [ 1957.478643][T32571] dump_stack_lvl+0x16c/0x1f0 [ 1957.478679][T32571] should_fail_ex+0x50a/0x650 [ 1957.478713][T32571] ? fs_reclaim_acquire+0xae/0x150 [ 1957.478746][T32571] should_failslab+0xc2/0x120 [ 1957.478770][T32571] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 1957.478804][T32571] ? __alloc_skb+0x2b1/0x380 [ 1957.478840][T32571] __alloc_skb+0x2b1/0x380 [ 1957.478871][T32571] ? __pfx___alloc_skb+0x10/0x10 [ 1957.478899][T32571] ? hlock_class+0x4e/0x130 [ 1957.478924][T32571] ? __lock_acquire+0x1580/0x3c40 [ 1957.478964][T32571] alloc_skb_with_frags+0xe4/0x850 [ 1957.478987][T32571] ? mark_lock+0xb5/0xc60 [ 1957.479020][T32571] sock_alloc_send_pskb+0x7f1/0x980 [ 1957.479063][T32571] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1957.479094][T32571] ? __pfx_lock_release+0x10/0x10 [ 1957.479129][T32571] ? mark_held_locks+0x9f/0xe0 [ 1957.479160][T32571] ? __local_bh_enable_ip+0xa4/0x120 [ 1957.479198][T32571] j1939_sk_sendmsg+0x6b7/0x1350 [ 1957.479219][T32571] ? __pfx_lock_release+0x10/0x10 [ 1957.479240][T32571] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 1957.479263][T32571] ____sys_sendmsg+0xaaf/0xc90 [ 1957.479278][T32571] ? copy_msghdr_from_user+0x10b/0x160 [ 1957.479298][T32571] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1957.479312][T32571] ? __lock_acquire+0xcc5/0x3c40 [ 1957.479338][T32571] ___sys_sendmsg+0x135/0x1e0 [ 1957.479359][T32571] ? __pfx____sys_sendmsg+0x10/0x10 [ 1957.479387][T32571] ? trace_lock_acquire+0x14e/0x1f0 [ 1957.479415][T32571] __sys_sendmmsg+0x201/0x420 [ 1957.479443][T32571] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1957.479469][T32571] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1957.479497][T32571] ? fput+0x67/0x440 [ 1957.479511][T32571] ? ksys_write+0x1ba/0x250 [ 1957.479529][T32571] ? __pfx_ksys_write+0x10/0x10 [ 1957.479551][T32571] __x64_sys_sendmmsg+0x9c/0x100 [ 1957.479571][T32571] ? lockdep_hardirqs_on+0x7c/0x110 [ 1957.479588][T32571] do_syscall_64+0xcd/0x250 [ 1957.479608][T32571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1957.479628][T32571] RIP: 0033:0x7fe96858d169 [ 1957.479639][T32571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1957.479654][T32571] RSP: 002b:00007fe9693e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1957.479668][T32571] RAX: ffffffffffffffda RBX: 00007fe9687a6080 RCX: 00007fe96858d169 [ 1957.479677][T32571] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1957.479686][T32571] RBP: 00007fe9693e0090 R08: 0000000000000000 R09: 0000000000000000 [ 1957.479694][T32571] R10: 0000000000000a00 R11: 0000000000000246 R12: 0000000000000001 [ 1957.479702][T32571] R13: 0000000000000001 R14: 00007fe9687a6080 R15: 00007ffde82ceab8 [ 1957.479719][T32571] [ 1958.852557][T31507] Bluetooth: hci2: command 0x0406 tx timeout [ 1958.859234][T31507] Bluetooth: hci4: command 0x0406 tx timeout [ 1958.933741][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 1958.940430][T31507] Bluetooth: hci1: command 0x0406 tx timeout [ 1961.496516][T32623] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input39 [ 1961.611333][T32629] netlink: 'syz.2.6238': attribute type 2 has an invalid length. [ 1962.193497][T32641] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input40 [ 1962.459839][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1962.470841][ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1962.481744][ T5833] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1962.496442][ T5833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1962.506240][ T5833] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1962.514492][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1962.736745][ T3515] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1962.893244][ T3515] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1962.999554][ T3515] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1963.089506][T32646] chnl_net:caif_netlink_parms(): no params data found [ 1963.138621][T32664] netlink: 'syz.0.6247': attribute type 2 has an invalid length. [ 1963.195487][ T3515] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1963.303192][T32660] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1963.348000][T32660] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1963.372594][T32660] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1963.395411][T32660] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1963.409431][T32660] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1963.451275][T32646] bridge0: port 1(bridge_slave_0) entered blocking state [ 1963.452535][T32660] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1963.459337][T32646] bridge0: port 1(bridge_slave_0) entered disabled state [ 1963.474736][T32646] bridge_slave_0: entered allmulticast mode [ 1963.482565][T32646] bridge_slave_0: entered promiscuous mode [ 1963.491226][T32646] bridge0: port 2(bridge_slave_1) entered blocking state [ 1963.500727][T32646] bridge0: port 2(bridge_slave_1) entered disabled state [ 1963.508864][T32646] bridge_slave_1: entered allmulticast mode [ 1963.516690][T32646] bridge_slave_1: entered promiscuous mode [ 1963.692466][T32646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1963.703811][ T3515] bridge_slave_1: left allmulticast mode [ 1963.710047][ T3515] bridge_slave_1: left promiscuous mode [ 1963.717896][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state [ 1963.734973][ T3515] bridge_slave_0: left allmulticast mode [ 1963.741215][ T3515] bridge_slave_0: left promiscuous mode [ 1963.747964][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state [ 1964.321911][T32689] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input41 [ 1964.586955][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1964.600550][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1964.615521][ T3515] bond0 (unregistering): Released all slaves [ 1964.629021][T32646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1964.703545][T32693] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1964.710251][T32693] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1964.725348][T32693] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1964.735924][T32693] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1964.749389][ T3515] tipc: Left network mode [ 1964.777546][T32646] team0: Port device team_slave_0 added [ 1964.872581][T32646] team0: Port device team_slave_1 added [ 1965.021951][T32646] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1965.037657][T32646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1965.073486][T32646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1965.141287][ T3515] hsr_slave_0: left promiscuous mode [ 1965.155479][ T3515] hsr_slave_1: left promiscuous mode [ 1965.161858][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1965.171954][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1965.183912][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1965.192556][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1965.211302][ T3515] veth1_macvtap: left promiscuous mode [ 1965.217612][ T3515] veth0_macvtap: left promiscuous mode [ 1965.224225][ T3515] veth1_vlan: left promiscuous mode [ 1965.230070][ T3515] veth0_vlan: left promiscuous mode [ 1965.617770][ T3515] team0 (unregistering): Port device team_slave_1 removed [ 1965.662159][ T3515] team0 (unregistering): Port device team_slave_0 removed [ 1966.059979][T32646] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1966.067760][T32646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1966.096718][T32646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1966.188252][T32646] hsr_slave_0: entered promiscuous mode [ 1966.197901][T32646] hsr_slave_1: entered promiscuous mode [ 1966.205018][T32646] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1966.214415][T32646] Cannot create hsr debugfs directory [ 1966.703906][T32716] FAULT_INJECTION: forcing a failure. [ 1966.703906][T32716] name failslab, interval 1, probability 0, space 0, times 0 [ 1966.742406][T32716] CPU: 1 UID: 0 PID: 32716 Comm: syz.1.6255 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1966.742446][T32716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1966.742461][T32716] Call Trace: [ 1966.742469][T32716] [ 1966.742479][T32716] dump_stack_lvl+0x16c/0x1f0 [ 1966.742517][T32716] should_fail_ex+0x50a/0x650 [ 1966.742564][T32716] ? fs_reclaim_acquire+0xae/0x150 [ 1966.742601][T32716] ? sk_prot_alloc+0x1a8/0x2a0 [ 1966.742626][T32716] should_failslab+0xc2/0x120 [ 1966.742650][T32716] __kmalloc_noprof+0xcb/0x510 [ 1966.742685][T32716] ? __wake_up+0x3f/0x60 [ 1966.742721][T32716] sk_prot_alloc+0x1a8/0x2a0 [ 1966.742748][T32716] sk_alloc+0x36/0xc20 [ 1966.742781][T32716] ? __pfx_genl_release+0x10/0x10 [ 1966.742816][T32716] __netlink_create+0x5e/0x2c0 [ 1966.742841][T32716] ? __wake_up+0x3f/0x60 [ 1966.742872][T32716] netlink_create+0x3a4/0x630 [ 1966.742901][T32716] ? __pfx_genl_bind+0x10/0x10 [ 1966.742934][T32716] ? __pfx_genl_unbind+0x10/0x10 [ 1966.742971][T32716] __sock_create+0x335/0x8d0 [ 1966.743005][T32716] __sys_socket+0x14f/0x260 [ 1966.743034][T32716] ? __pfx___sys_socket+0x10/0x10 [ 1966.743064][T32716] ? rcu_is_watching+0x12/0xc0 [ 1966.743098][T32716] __x64_sys_socket+0x72/0xb0 [ 1966.743125][T32716] ? lockdep_hardirqs_on+0x7c/0x110 [ 1966.743156][T32716] do_syscall_64+0xcd/0x250 [ 1966.743198][T32716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1966.743233][T32716] RIP: 0033:0x7fe96858d169 [ 1966.743254][T32716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1966.743278][T32716] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1966.743302][T32716] RAX: ffffffffffffffda RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1966.743320][T32716] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1966.743336][T32716] RBP: 00007fe96860e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1966.743352][T32716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1966.743367][T32716] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1966.743397][T32716] [ 1966.812644][ T5833] Bluetooth: hci3: command 0x041b tx timeout [ 1966.815920][T31507] Bluetooth: hci1: command 0x0406 tx timeout [ 1966.818504][T31971] Bluetooth: hci0: command 0x0406 tx timeout [ 1966.823556][T31507] Bluetooth: hci2: command 0x0406 tx timeout [ 1967.228270][T32726] FAULT_INJECTION: forcing a failure. [ 1967.228270][T32726] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1967.249767][T32726] CPU: 0 UID: 0 PID: 32726 Comm: syz.3.6257 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1967.249803][T32726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1967.249819][T32726] Call Trace: [ 1967.249827][T32726] [ 1967.249837][T32726] dump_stack_lvl+0x16c/0x1f0 [ 1967.249877][T32726] should_fail_ex+0x50a/0x650 [ 1967.249921][T32726] get_futex_key+0x4a3/0x1000 [ 1967.249952][T32726] ? __pfx_try_to_wake_up+0x10/0x10 [ 1967.249986][T32726] ? __pfx_get_futex_key+0x10/0x10 [ 1967.250011][T32726] ? plist_check_head+0xa3/0x150 [ 1967.250049][T32726] futex_wake+0xe8/0x4e0 [ 1967.250084][T32726] ? __pfx_futex_wake+0x10/0x10 [ 1967.250118][T32726] ? do_splice+0x825/0x1f70 [ 1967.250152][T32726] ? __might_fault+0x13b/0x190 [ 1967.250177][T32726] ? __pfx_lock_release+0x10/0x10 [ 1967.250217][T32726] do_futex+0x1e5/0x350 [ 1967.250257][T32726] ? __pfx_do_futex+0x10/0x10 [ 1967.250288][T32726] ? map_id_up+0x290/0x370 [ 1967.250332][T32726] __x64_sys_futex+0x1e1/0x4c0 [ 1967.250367][T32726] ? __pfx___x64_sys_futex+0x10/0x10 [ 1967.250396][T32726] ? from_kuid_munged+0xa6/0x130 [ 1967.250433][T32726] ? __pfx_from_kuid_munged+0x10/0x10 [ 1967.250479][T32726] do_syscall_64+0xcd/0x250 [ 1967.250514][T32726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1967.250547][T32726] RIP: 0033:0x7efda1d8d169 [ 1967.250568][T32726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1967.250592][T32726] RSP: 002b:00007efda2c420e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1967.250616][T32726] RAX: ffffffffffffffda RBX: 00007efda1fa5fa8 RCX: 00007efda1d8d169 [ 1967.250632][T32726] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007efda1fa5fac [ 1967.250646][T32726] RBP: 00007efda1fa5fa0 R08: 00007efda2c43000 R09: 0000000000000000 [ 1967.250661][T32726] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efda1fa5fac [ 1967.250677][T32726] R13: 0000000000000000 R14: 00007ffcf0fe86c0 R15: 00007ffcf0fe87a8 [ 1967.250708][T32726] [ 1967.611782][T32735] FAULT_INJECTION: forcing a failure. [ 1967.611782][T32735] name failslab, interval 1, probability 0, space 0, times 0 [ 1967.626979][T32735] CPU: 0 UID: 0 PID: 32735 Comm: syz.3.6259 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1967.627010][T32735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1967.627023][T32735] Call Trace: [ 1967.627030][T32735] [ 1967.627040][T32735] dump_stack_lvl+0x16c/0x1f0 [ 1967.627074][T32735] should_fail_ex+0x50a/0x650 [ 1967.627109][T32735] ? fs_reclaim_acquire+0xae/0x150 [ 1967.627139][T32735] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 1967.627175][T32735] should_failslab+0xc2/0x120 [ 1967.627206][T32735] __kmalloc_noprof+0xcb/0x510 [ 1967.627237][T32735] ? kasan_quarantine_put+0x10a/0x240 [ 1967.627268][T32735] ? lockdep_hardirqs_on+0x7c/0x110 [ 1967.627302][T32735] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 1967.627344][T32735] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 1967.627380][T32735] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1967.627413][T32735] ? trace_cap_capable+0x1a2/0x210 [ 1967.627445][T32735] ? bpf_lsm_capable+0x9/0x10 [ 1967.627468][T32735] ? security_capable+0x7e/0x260 [ 1967.627493][T32735] ? ns_capable+0xd7/0x110 [ 1967.627527][T32735] genl_rcv_msg+0x565/0x800 [ 1967.627564][T32735] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1967.627597][T32735] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1967.627623][T32735] ? __pfx_nl80211_trigger_scan+0x10/0x10 [ 1967.627650][T32735] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1967.627694][T32735] netlink_rcv_skb+0x16b/0x440 [ 1967.627725][T32735] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1967.627759][T32735] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1967.627804][T32735] ? down_read+0xc9/0x330 [ 1967.627834][T32735] ? __pfx_down_read+0x10/0x10 [ 1967.627866][T32735] ? netlink_deliver_tap+0x1ae/0xd30 [ 1967.627901][T32735] genl_rcv+0x28/0x40 [ 1967.627930][T32735] netlink_unicast+0x53c/0x7f0 [ 1967.627964][T32735] ? __pfx_netlink_unicast+0x10/0x10 [ 1967.627995][T32735] ? __phys_addr_symbol+0x30/0x80 [ 1967.628019][T32735] ? __check_object_size+0x488/0x710 [ 1967.628045][T32735] netlink_sendmsg+0x8b8/0xd70 [ 1967.628080][T32735] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1967.628121][T32735] ____sys_sendmsg+0xaaf/0xc90 [ 1967.628147][T32735] ? copy_msghdr_from_user+0x10b/0x160 [ 1967.628180][T32735] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1967.628227][T32735] ___sys_sendmsg+0x135/0x1e0 [ 1967.628261][T32735] ? __pfx____sys_sendmsg+0x10/0x10 [ 1967.628308][T32735] ? __pfx_lock_release+0x10/0x10 [ 1967.628338][T32735] ? trace_lock_acquire+0x14e/0x1f0 [ 1967.628377][T32735] ? __fget_files+0x206/0x3a0 [ 1967.628418][T32735] __sys_sendmsg+0x16e/0x220 [ 1967.628450][T32735] ? __pfx___sys_sendmsg+0x10/0x10 [ 1967.628505][T32735] do_syscall_64+0xcd/0x250 [ 1967.628537][T32735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1967.628568][T32735] RIP: 0033:0x7efda1d8d169 [ 1967.628587][T32735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1967.628609][T32735] RSP: 002b:00007efda2c21038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1967.628631][T32735] RAX: ffffffffffffffda RBX: 00007efda1fa6080 RCX: 00007efda1d8d169 [ 1967.628647][T32735] RDX: 0000000004000000 RSI: 00004000000002c0 RDI: 0000000000000003 [ 1967.628662][T32735] RBP: 00007efda2c21090 R08: 0000000000000000 R09: 0000000000000000 [ 1967.628676][T32735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1967.628690][T32735] R13: 0000000000000001 R14: 00007efda1fa6080 R15: 00007ffcf0fe87a8 [ 1967.628722][T32735] [ 1968.282158][T32745] input: f0?KzLo1oø.m)$cj@qwR=X as /devices/virtual/input/input42 [ 1968.433222][T32646] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1968.514248][T32646] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1968.538653][T32646] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1968.634079][T32646] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1968.853870][T31507] Bluetooth: hci3: command 0x041b tx timeout [ 1969.120489][ T315] FAULT_INJECTION: forcing a failure. [ 1969.120489][ T315] name failslab, interval 1, probability 0, space 0, times 0 [ 1969.134762][ T315] CPU: 0 UID: 0 PID: 315 Comm: syz.1.6269 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1969.134792][ T315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1969.134807][ T315] Call Trace: [ 1969.134815][ T315] [ 1969.134825][ T315] dump_stack_lvl+0x16c/0x1f0 [ 1969.134861][ T315] should_fail_ex+0x50a/0x650 [ 1969.134897][ T315] ? fs_reclaim_acquire+0xae/0x150 [ 1969.134929][ T315] ? s_start+0x7b/0x320 [ 1969.134959][ T315] should_failslab+0xc2/0x120 [ 1969.134982][ T315] __kmalloc_cache_noprof+0x68/0x410 [ 1969.135012][ T315] ? rcu_is_watching+0x12/0xc0 [ 1969.135046][ T315] ? trace_kmalloc+0x2d/0xd0 [ 1969.135076][ T315] s_start+0x7b/0x320 [ 1969.135111][ T315] traverse.part.0.constprop.0+0xac/0x640 [ 1969.135153][ T315] seq_read_iter+0x934/0x12b0 [ 1969.135196][ T315] seq_read+0x39f/0x4e0 [ 1969.135226][ T315] ? __pfx_seq_read+0x10/0x10 [ 1969.135273][ T315] ? rw_verify_area+0xcf/0x680 [ 1969.135301][ T315] ? __pfx_seq_read+0x10/0x10 [ 1969.135331][ T315] vfs_read+0x1df/0xbf0 [ 1969.135362][ T315] ? __fget_files+0x1fc/0x3a0 [ 1969.135394][ T315] ? __pfx_lock_release+0x10/0x10 [ 1969.135426][ T315] ? __pfx_vfs_read+0x10/0x10 [ 1969.135459][ T315] ? lock_acquire+0x2f/0xb0 [ 1969.135488][ T315] ? __fget_files+0x40/0x3a0 [ 1969.135524][ T315] ? __fget_files+0x206/0x3a0 [ 1969.135565][ T315] __x64_sys_pread64+0x1f6/0x250 [ 1969.135598][ T315] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1969.135640][ T315] do_syscall_64+0xcd/0x250 [ 1969.135674][ T315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1969.135710][ T315] RIP: 0033:0x7fe96858d169 [ 1969.135728][ T315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1969.135749][ T315] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1969.135773][ T315] RAX: ffffffffffffffda RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1969.135788][ T315] RDX: 000000000000000f RSI: 0000400000000000 RDI: 0000000000000003 [ 1969.135801][ T315] RBP: 00007fe969401090 R08: 0000000000000000 R09: 0000000000000000 [ 1969.135815][ T315] R10: 00000000000005af R11: 0000000000000246 R12: 0000000000000001 [ 1969.135829][ T315] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1969.135859][ T315] [ 1969.135956][ T315] [ 1969.144417][T32646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1969.147580][ T315] ===================================== [ 1969.147589][ T315] WARNING: bad unlock balance detected! [ 1969.405086][ T315] 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 Not tainted [ 1969.412898][ T315] ------------------------------------- [ 1969.418976][ T315] syz.1.6269/315 is trying to release lock (event_mutex) at: [ 1969.427084][ T315] [] traverse.part.0.constprop.0+0x2bd/0x640 [ 1969.435387][ T315] but there are no more locks to release! [ 1969.441659][ T315] [ 1969.441659][ T315] other info that might help us debug this: [ 1969.450514][ T315] 1 lock held by syz.1.6269/315: [ 1969.455930][ T315] #0: ffff888064bd19e0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xd8/0x12b0 [ 1969.465701][ T315] [ 1969.465701][ T315] stack backtrace: [ 1969.472163][ T315] CPU: 0 UID: 0 PID: 315 Comm: syz.1.6269 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0 [ 1969.472188][ T315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1969.472200][ T315] Call Trace: [ 1969.472207][ T315] [ 1969.472216][ T315] dump_stack_lvl+0x116/0x1f0 [ 1969.472251][ T315] ? traverse.part.0.constprop.0+0x2bd/0x640 [ 1969.472278][ T315] print_unlock_imbalance_bug+0x1aa/0x1f0 [ 1969.472306][ T315] lock_release+0x525/0x6f0 [ 1969.472331][ T315] ? traverse.part.0.constprop.0+0x2bd/0x640 [ 1969.472357][ T315] ? __pfx_lock_release+0x10/0x10 [ 1969.472384][ T315] ? dump_stack_lvl+0x1a3/0x1f0 [ 1969.472409][ T315] __mutex_unlock_slowpath+0xa3/0x6a0 [ 1969.472436][ T315] ? rcu_is_watching+0x12/0xc0 [ 1969.472457][ T315] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1969.472483][ T315] ? rcu_is_watching+0x12/0xc0 [ 1969.472503][ T315] ? rcu_is_watching+0x12/0xc0 [ 1969.472523][ T315] ? kfree+0x260/0x4d0 [ 1969.472547][ T315] ? __kasan_kmalloc+0x8a/0xb0 [ 1969.472577][ T315] traverse.part.0.constprop.0+0x2bd/0x640 [ 1969.472606][ T315] seq_read_iter+0x934/0x12b0 [ 1969.472635][ T315] seq_read+0x39f/0x4e0 [ 1969.472658][ T315] ? __pfx_seq_read+0x10/0x10 [ 1969.472687][ T315] ? rw_verify_area+0xcf/0x680 [ 1969.472710][ T315] ? __pfx_seq_read+0x10/0x10 [ 1969.472733][ T315] vfs_read+0x1df/0xbf0 [ 1969.472758][ T315] ? __fget_files+0x1fc/0x3a0 [ 1969.472785][ T315] ? __pfx_lock_release+0x10/0x10 [ 1969.472811][ T315] ? __pfx_vfs_read+0x10/0x10 [ 1969.472836][ T315] ? lock_acquire+0x2f/0xb0 [ 1969.472861][ T315] ? __fget_files+0x40/0x3a0 [ 1969.472889][ T315] ? __fget_files+0x206/0x3a0 [ 1969.472917][ T315] __x64_sys_pread64+0x1f6/0x250 [ 1969.472945][ T315] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1969.472975][ T315] do_syscall_64+0xcd/0x250 [ 1969.473001][ T315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1969.473029][ T315] RIP: 0033:0x7fe96858d169 [ 1969.473044][ T315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1969.473064][ T315] RSP: 002b:00007fe969401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1969.473083][ T315] RAX: ffffffffffffffda RBX: 00007fe9687a5fa0 RCX: 00007fe96858d169 [ 1969.473097][ T315] RDX: 000000000000000f RSI: 0000400000000000 RDI: 0000000000000003 [ 1969.473110][ T315] RBP: 00007fe969401090 R08: 0000000000000000 R09: 0000000000000000 [ 1969.473123][ T315] R10: 00000000000005af R11: 0000000000000246 R12: 0000000000000001 [ 1969.473135][ T315] R13: 0000000000000000 R14: 00007fe9687a5fa0 R15: 00007ffde82ceab8 [ 1969.473154][ T315] [ 1969.852198][T32646] 8021q: adding VLAN 0 to HW filter on device team0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1969.920825][T13360] bridge0: port 1(bridge_slave_0) entered blocking state [ 1969.928662][T13360] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1969.943226][T13360] bridge0: port 2(bridge_slave_1) entered blocking state [ 1969.951023][T13360] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1970.428362][ T3515] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.495019][ T3515] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.556850][ T3515] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.615705][ T3515] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.693517][ T3515] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.736795][ T3515] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.818224][ T3515] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.878344][ T3515] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.962589][ T3515] bridge_slave_1: left allmulticast mode [ 1970.972027][ T3515] bridge_slave_1: left promiscuous mode [ 1970.979745][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state [ 1970.991489][ T3515] bridge_slave_0: left allmulticast mode [ 1970.999263][ T3515] bridge_slave_0: left promiscuous mode [ 1971.007384][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state [ 1971.217906][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1971.230877][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1971.242217][ T3515] bond0 (unregistering): Released all slaves [ 1971.265823][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1971.279750][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1971.290289][ T3515] bond0 (unregistering): Released all slaves [ 1971.350730][ T3515] tipc: Left network mode [ 1971.372779][ T3515] tipc: Left network mode [ 1971.526532][ T3515] hsr_slave_0: left promiscuous mode [ 1971.535685][ T3515] hsr_slave_1: left promiscuous mode [ 1971.541932][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1971.550474][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1971.558841][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1971.567206][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1971.578296][ T3515] hsr_slave_0: left promiscuous mode [ 1971.585638][ T3515] hsr_slave_1: left promiscuous mode [ 1971.591697][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1971.599858][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1971.608108][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1971.616445][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1971.626546][ T3515] veth1_macvtap: left promiscuous mode [ 1971.632669][ T3515] veth0_macvtap: left promiscuous mode [ 1971.638716][ T3515] veth1_vlan: left promiscuous mode [ 1971.644505][ T3515] veth0_vlan: left promiscuous mode [ 1971.650814][ T3515] veth1_macvtap: left promiscuous mode [ 1971.656939][ T3515] veth0_macvtap: left promiscuous mode [ 1971.663089][ T3515] veth1_vlan: left promiscuous mode [ 1971.668856][ T3515] veth0_vlan: left promiscuous mode [ 1971.798316][ T3515] team0 (unregistering): Port device team_slave_1 removed [ 1971.827221][ T3515] team0 (unregistering): Port device team_slave_0 removed [ 1971.965710][ T3515] team0 (unregistering): Port device team_slave_1 removed [ 1971.988470][ T3515] team0 (unregistering): Port device team_slave_0 removed [ 1972.747138][ T3515] bridge_slave_1: left allmulticast mode [ 1972.754975][ T3515] bridge_slave_1: left promiscuous mode [ 1972.761225][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state [ 1972.772737][ T3515] bridge_slave_0: left allmulticast mode [ 1972.779050][ T3515] bridge_slave_0: left promiscuous mode [ 1972.786288][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state [ 1972.889243][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1972.900021][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1972.911750][ T3515] bond0 (unregistering): Released all slaves [ 1972.985402][ T3515] hsr_slave_0: left promiscuous mode [ 1972.991647][ T3515] hsr_slave_1: left promiscuous mode [ 1973.000816][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1973.010630][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1973.159427][ T3515] team0 (unregistering): Port device team_slave_1 removed [ 1973.187848][ T3515] team0 (unregistering): Port device team_slave_0 removed [ 1976.373528][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 1976.381338][ T1295] ieee802154 phy1 wpan1: encryption failed: -22