last executing test programs: 8.609468267s ago: executing program 0 (id=73): r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/arch_status\x00', 0x109480, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYRES64=r0, @ANYRES16=r2, @ANYRES8=r1, @ANYRES32=0x0, @ANYBLOB="e9389731647f046b2e837ca78691ac16e903db86ecbcb08f0db664da3c181a210e47f26659d2296fc83187b5e34f565887e3e793f8527d5804dd15357f307f4c4657f19e87eaf1a95bf628871438d6a09323abaf27d972f8af80428facdffdc5256d6a52510a4f3448834e7c3ffc75b6fce3767c1752a4f7677db51015c958241ec5483f9f694b4d3cc51dac6614395780796ceeec0f18ec1bedfddfada7d2593dfaf3d48685de74a677413995ff5aeecf0a94f8d01954c83c65d21fef0419e65847755f31f0cd5809a01ec19e970fe699d737fbf55ba4af95bd25f0d3d83e495db4291e2af35bb7bfb202"], 0x24}}, 0x80) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/oom_adj\x00', 0x142, 0x0) read$auto(r1, 0x0, 0x1) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/fail-nth\x00', 0x40, 0x0) writev$auto(r3, &(0x7f00000000c0)={0x0, 0x8}, 0x3) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0xffffffffffffffff, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) r4 = io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x1) semctl$auto_IPC_INFO(0x10, 0x3, 0x3, 0x1) setsockopt$auto(r3, 0x7, 0x7, 0x0, 0x3) sendto$auto(0x3, 0x0, 0xae, 0x3, &(0x7f0000000100)=@ethernet={0x6, @multicast}, 0x19) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/rpc/auth.unix.gid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) mmap$auto(0x6514, 0x2020009, 0x2000, 0x13, r4, 0x7) socket(0x1, 0x800, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x400) setsockopt$auto(0x3, 0x1, 0x3d, 0x0, 0x8) write$auto(0x3, 0x0, 0xfdef) unshare$auto(0x7f) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x10003e, 0x1, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x40, 0x3) readahead$auto(r5, 0x7, 0x7) sysfs$auto(0x401, 0xb, 0x5) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) 5.489432279s ago: executing program 3 (id=91): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="040028bd700000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0xc0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001bc0), r1) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_DEL_MPATH(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, r2, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "7612440dfd35c7dcfb6c74cfab46fa700a35914e769719d26030"}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x2}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x80000000}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x840}, 0x1) r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000004a80), r1) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r6, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r6, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r6, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="010027bd7000fcdbdf250500000008006cef", @ANYRES32=r10, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4000801}, 0x4000084) socket(0xa, 0x2, 0x3) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x491, 0x400, 0x9}]}) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYRES16=r11], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4044820) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x48, r5, 0x800, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_HASH={0xc, 0xb, 0x5}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x16, 0x0, 0x1, [@nested={0x8, 0xa4, 0x0, 0x1, [@nested={0x4, 0x33}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828848"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0xfffffffffffffc6a}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) setregid$auto(0x5, 0x6) sendmsg$auto_NET_SHAPER_CMD_DELETE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000004b40)={&(0x7f0000004ac0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="2504000000000000000003c20b00"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x20040810) 5.223775897s ago: executing program 1 (id=92): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="720100", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) 4.96591688s ago: executing program 1 (id=93): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r0, 0x0, 0x80000001, 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) stat$auto(0x0, &(0x7f0000000380)={0x506f, 0x7, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x2, 0x101, 0x4, 0x1, 0x20fd, 0x3ff, 0x800000401, 0x5f54, 0x0, 0xfffffffeffffffff}) r1 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) writev$auto(r1, &(0x7f00000003c0)={0x0, 0x8}, 0x3) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0x0, 0xfffffffffffff4e0) open(&(0x7f0000000340)='./cgroup/file0\x00', 0x101840, 0x100) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) truncate$auto(&(0x7f0000000080)='./cgroup\x00', 0xc0ce) get_robust_list$auto(0x0, 0x0, 0x0) r2 = socket(0xa, 0x80000, 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x20000000000, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000) prctl$auto(0x3, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL802154_CMD_STOP_BEACONS(0xffffffffffffffff, 0x0, 0x50) sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r2, 0x0, 0x20044841) ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000200)=0x823) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 4.72172407s ago: executing program 0 (id=94): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x44eb1, 0x602, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r1, 0x8912, r1) read$auto(r0, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x15, 0x5, 0x0) getsockopt$auto(r2, 0x114, 0x2710, 0xfffffffffffffffc, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x1200020) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="18a1e89f63b149ebda8fa9740057100000000010", @ANYRES16=r6, @ANYBLOB="01002cbd7000fedbdf250400000004001d00"], 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x28, r8, 0x1, 0x70bd29, 0x25dfdc00, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4089c}, 0x0) r10 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/dfscache\x00', 0x101a41, 0x0) write$auto(r10, 0x0, 0x6) geteuid() 4.511875851s ago: executing program 3 (id=96): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r0, 0x0, 0x80000001, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0x8, 0x311) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) stat$auto(0x0, &(0x7f0000000380)={0x506f, 0x7, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x2, 0x101, 0x4, 0x1, 0x20fd, 0x3ff, 0x800000401, 0x5f54, 0x0, 0xfffffffeffffffff}) r1 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) writev$auto(r1, &(0x7f00000003c0)={0x0, 0x8}, 0x3) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0x0, 0xfffffffffffff4e0) open(&(0x7f0000000340)='./cgroup/file0\x00', 0x101840, 0x100) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) truncate$auto(&(0x7f0000000080)='./cgroup\x00', 0xc0ce) get_robust_list$auto(0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x20000000000, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000) prctl$auto(0x3, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL802154_CMD_STOP_BEACONS(0xffffffffffffffff, 0x0, 0x50) sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, 0x0, 0x20044841) ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000200)=0x823) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 4.054152986s ago: executing program 1 (id=97): mlockall$auto(0x3) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000200002) mlockall$auto(0x7) mlockall$auto(0x80) mlockall$auto(0x3) (async) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000200002) (async) mlockall$auto(0x7) (async) mlockall$auto(0x80) (async) 3.971508249s ago: executing program 3 (id=98): r0 = socket(0x1e, 0x4, 0x0) socket(0x2b, 0x80000, 0xfffffff5) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) setuid$auto(0xe) bpf$auto(0x5, &(0x7f0000001100)=@bpf_attr_7={@start_id=0x1, 0x4, 0xf}, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x8c, 0x1, 0x0, 0x0, 0x1) connect$auto(0x3, 0x0, 0x54) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) r2 = socket(0x1a, 0x2, 0x0) ftruncate$auto(r2, 0xd3f) setsockopt$auto(r2, 0x6, 0x1f, 0x0, 0x3d) syz_genetlink_get_family_id$auto_tipcv2(0x0, r2) write$auto(r2, 0x0, 0xffffffff00000001) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, 0x0, 0x20004000) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) r4 = socket(0x18, 0x5, 0x1) connect$auto(r4, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r4, 0x0, 0x30004850) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 3.131901604s ago: executing program 2 (id=100): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) waitid$auto(0x5, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0x8, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) lsm_set_self_attr$auto(0x3, 0xfffffffffffffffc, 0x1f, 0x8000000000000000) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000036, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0xa, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6}, 0x6, 0x3, 0xff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) socket(0x3b, 0x5, 0x8) socket(0x27, 0x3, 0x3a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) 2.833009441s ago: executing program 0 (id=101): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="720100", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) 2.593860298s ago: executing program 0 (id=102): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) personality$auto(0xfffffffc) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x800, 0xe4b, 0x0, 0x14) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x6f8000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16, @ANYRES16=r0, @ANYBLOB="0b351b5a6448"], 0x14}, 0x1, 0x0, 0x0, 0xefb7e0348b6a14d8}, 0x24000084) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0}, 0x1, &(0x7f0000000280)={&(0x7f00000002c0)="896753448861777c3f3e0e6c627657b41a50195f705a659a334fddb148849bf3af3537f694f4af24c2fcbf1838dbb93ec1bd9229fbd70c5029ebbcd5fb77928f191d71546330ac3ab60e2820e20e8610da6fa4317808c96b1945154f7660751239870c52db6c35173132672f622e6fad815be94f054b351c373841e1468fd573b285e51b1f44a0b896061b40d04f5ca28ef876c4e34bb49e4c58a48a84f3c8be291a7b3efb17f2c8c3", 0xffffffff}, 0x806, 0xfffffffffffffffc) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x4b72, r3) write$auto(0xffffffffffffffff, 0x0, 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @local}, 0x68) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4044}, 0xc800) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x80000, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_DRAIN2(r4, 0x4144, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x6) mmap$auto(0x7fffffffffffffff, 0x5, 0x2, 0x11, 0x602, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x8b72, 0x2, 0x8000) r5 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/ipc\x00') ioctl$auto(0x3, 0x40103e05, r5) openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x400c00, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x5c843c919ef1d89a, 0x0) openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/0000:00:02.0/Virtual-2/force\x00', 0x220683, 0x0) stat$auto(0x0, &(0x7f0000000380)={0x506b, 0x7, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x2, 0x101, 0x6161, 0x1, 0x20fd, 0x3ff, 0x800000401, 0x5f54, 0x0, 0xfffffffeffffffff}) 2.515724228s ago: executing program 3 (id=103): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) r3 = socket(0x10, 0x2, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x9) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) pwritev$auto(r3, &(0x7f0000000100)={&(0x7f0000000080)="99d053649de56b5c7d62a77ff09818be6a9456b6cb564f26c8e0678ed00272f4360b928e674183d83581957e192a6050f157fbd8c3b9c9853e366309df22b13562a4453467b15e5959", 0x5}, 0x80000001, 0x3, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_tun_fops_tun(r1, 0x0, 0x0) madvise$auto(0x0, 0x600009, 0x19) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r4, 0x4b4e, r4) setsockopt$auto_SO_NO_CHECK(r3, 0xffffffff, 0xb, &(0x7f0000000040)='/dev/tty12\x00', 0xd) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r5, 0x0, 0x6) mmap$auto(0x100, 0x2020008, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) 2.033598541s ago: executing program 1 (id=104): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) landlock_restrict_self$auto(0xffffffffffffffff, 0x0) madvise$auto(0xb4, 0x8, 0x45c) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000", @ANYRESDEC=r0, @ANYBLOB="00080bbd7000fddbdf255a0000000400b5aeca3788171f29ad82e2c307b50c3232b82d4b17336188289292a8b1de08f97dafaf834e3caa503b863aa7d9ee18059e161ff5c792f38f473e8b955e0a0b059de3f318d7e78635eedde0dcbcb8c88402f6da5ef2e21f62abee533434691e4346d380"], 0x18}, 0x1, 0x0, 0x0, 0x48000}, 0x20080014) madvise$auto(0x6, 0x3, 0xffff) syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0x0], 0x1}, 0x58) 1.768081221s ago: executing program 1 (id=105): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x44eb1, 0x602, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r1, 0x8912, r1) read$auto(r0, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x15, 0x5, 0x0) getsockopt$auto(r2, 0x114, 0x2710, 0xfffffffffffffffc, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x1200020) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="18a1e89f63b149ebda8fa9740057100000000010", @ANYRES16=r6, @ANYBLOB="01002cbd7000fedbdf250400000004001d00"], 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x28, r8, 0x1, 0x70bd29, 0x25dfdc00, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4089c}, 0x0) r10 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/dfscache\x00', 0x101a41, 0x0) write$auto(r10, 0x0, 0x6) geteuid() 1.519756547s ago: executing program 2 (id=106): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r0, 0x0, 0x80000001, 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) stat$auto(0x0, &(0x7f0000000380)={0x506f, 0x7, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x2, 0x101, 0x4, 0x1, 0x20fd, 0x3ff, 0x800000401, 0x5f54, 0x0, 0xfffffffeffffffff}) r1 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) writev$auto(r1, &(0x7f00000003c0)={0x0, 0x8}, 0x3) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0x0, 0xfffffffffffff4e0) open(&(0x7f0000000340)='./cgroup/file0\x00', 0x101840, 0x100) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) truncate$auto(&(0x7f0000000080)='./cgroup\x00', 0xc0ce) get_robust_list$auto(0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x20000000000, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000) prctl$auto(0x3, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL802154_CMD_STOP_BEACONS(0xffffffffffffffff, 0x0, 0x50) sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, 0x0, 0x20044841) ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000200)=0x823) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 1.519480607s ago: executing program 0 (id=107): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x400) setsockopt$auto(0x3, 0x1, 0x3d, 0x0, 0x8) write$auto(0x3, 0x0, 0xfdef) unshare$auto(0x7f) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) socket(0x2c, 0x3, 0x0) socket(0x2b, 0x1, 0xba6) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, 0x0, 0x80000, 0x0) exit$auto(0x7) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000240)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000440)="1100000007000000000000000000000001", 0x11) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 989.872594ms ago: executing program 3 (id=108): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x400) setsockopt$auto(0x3, 0x1, 0x3d, 0x0, 0x8) write$auto(0x3, 0x0, 0xfdef) unshare$auto(0x7f) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) readahead$auto(0xffffffffffffffff, 0x4, 0x8) sysfs$auto(0x3, 0x401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x1000000, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) 764.66501ms ago: executing program 2 (id=109): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x3) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0x1e, 0x1, 0x0) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800) sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x400c0}, 0x4040000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x9, &(0x7f0000000180)={0x0, 0xc4}, 0x3, 0x0, 0x0, 0x4004}, 0x7}, 0x5, 0x0) 757.025729ms ago: executing program 1 (id=110): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) write$auto_tracing_iter_fops_trace(0xffffffffffffffff, &(0x7f0000000080)="b156e0e0f90b25d5ce63b806efd903ca7af3e0184397eb57b11a74588b1a490ebeb9438995eb50f375f0cf9bce70f2038ad2484221598000f2d52871047a765ce10736cdf4f466754046c29e55641f886145e88ef6264a3a1b4e098e7a83b21d18ce81ae6077108dad3a97cbab8aaf22b1ab08ef61ec0347b686ad2abb44ba13a75ab0eb5870a7513ac8bc0640", 0x8d) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x4004501f, 0x0) 683.711189ms ago: executing program 3 (id=111): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f00000004c0)={0xb8, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10000}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}, @ETHTOOL_A_CHANNELS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xb}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6d2}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001bc0), r1) r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000004a80), r1) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r4, 0x80dc5521, 0xffffffffffffffff) r5 = socket(0x10, 0x3, 0x6) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), 0xffffffffffffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) setpgid$auto(0x0, 0xffffffffffffffff) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r7, 0x0, 0x20) r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(r9, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002040)={&(0x7f0000002000)={0x2c, r6, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_TSCONFIG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) r10 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x14, r10, 0x1, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20008080) sendmsg$auto_KSMBD_EVENT_STARTING_UP(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r10, 0x1, 0x70bd29, 0x25dfdbfd, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x8c8) sendmsg$auto_NET_SHAPER_CMD_DELETE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000004b40)={&(0x7f0000004ac0)={0x14, r3, 0x425, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x20040810) 577.331149ms ago: executing program 2 (id=112): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, r1, 0x2) open_by_handle_at$auto(r1, &(0x7f00000004c0)={0x1, 0x0, "ed"}, 0xffffffff) r2 = socket(0x2, 0x3, 0xa) connect$auto(r2, &(0x7f0000000080)=@hci={0x1f, 0x4, 0x2}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) fchown$auto(0xffffffffffffffff, 0xee00, 0x0) keyctl$auto(0x7, 0x0, 0x0, 0x0, 0x5) r3 = setfsuid$auto(0xee00) setreuid$auto(r3, 0x0) getegid() r4 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000280)={@_si_pad}, 0x3, &(0x7f0000000440)={{0x8, 0x6}, {0x8, 0xc5e}, 0x100000001, 0x3, 0x1, 0xf9, 0xfffffffffffffffc, 0x5, 0x6274, 0x9, 0x0, 0xb, 0x35d, 0x439c, 0x9, 0x7}) stat$auto(&(0x7f0000002dc0)='./file0\x00', &(0x7f0000002e00)={0x8, 0x3, 0x0, 0x2, 0xee00, 0xee01, 0x0, 0x6, 0xff, 0x3, 0x0, 0x1, 0x4b1, 0x6, 0x4, 0xfffffffffffffff8, 0x9a}) lstat$auto(&(0x7f0000002ec0)='./file0\x00', &(0x7f0000002f00)={0x8, 0x1, 0xd, 0x1, 0xee00, 0xee00, 0x0, 0xfff, 0x3, 0x9, 0x3, 0x2, 0xc, 0x7, 0xc3b, 0x1, 0x8}) statmount$auto(0x0, &(0x7f0000000180)={0x315, 0xfffffffd, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x6, 0x3, 0x2, 0x9, 0x2, 0x4000006, 0x4, 0xb6, 0x80000000009, 0x6, 0x10003, 0xb, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84}, 0x1fe, 0xd) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf25030000000600070008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060006004000000006000600"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={"9fdd2e4289f90c0815adb619b1b30ca2982f986e3fccdc79be11ad40062d5999", 0x1, 0xc1d2, 0x7fff, 0x10001, 0x7, r4}) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 220.790942ms ago: executing program 2 (id=113): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/xfrm_stat\x00', 0x40, 0x0) pread64$auto(r0, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) r1 = socket(0xa, 0x2, 0x0) setsockopt$auto(r1, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) setsockopt$auto(0x400000000000003, 0x29, 0x36, 0xffffffffffffffff, 0x0) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd3/hctx0/sched_tags_bitmap\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0xa, 0x3, 0x3a) semctl$auto_IPC_INFO(0x1000, 0x9, 0x3, 0xb) ioctl$auto(r2, 0x8916, 0x1) 60.135304ms ago: executing program 0 (id=114): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="720100", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) 0s ago: executing program 2 (id=115): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/xfrm_stat\x00', 0x40, 0x0) pread64$auto(r0, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) r1 = socket(0xa, 0x2, 0x0) setsockopt$auto(r1, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) setsockopt$auto(0x400000000000003, 0x29, 0x36, 0xffffffffffffffff, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x4c, 0x0) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd3/hctx0/sched_tags_bitmap\x00', 0x0, 0x0) pread64$auto(r2, 0x0, 0x6c, 0xfc) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/tx_queue_len\x00', 0x80302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0xa, 0x3, 0x3a) semctl$auto_IPC_INFO(0x1000, 0x9, 0x3, 0xb) ioctl$auto(r4, 0x8916, 0x1) sendfile$auto(r3, r3, 0x0, 0x2) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bdi/1:10/min_bytes\x00', 0x0, 0x0) pread64$auto(r5, 0x0, 0x3ff, 0x9) r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event0\x00', 0x40000, 0x0) r7 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) ioprio_set$auto_IOPRIO_WHO_PGRP(0x2, r7, 0x8) readv$auto(r6, &(0x7f0000000040)={0x0, 0x36a}, 0x8) ioctl$auto_EVIOCREVOKE(r6, 0x40044591, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.154' (ED25519) to the list of known hosts. [ 78.732195][ T5815] cgroup: Unknown subsys name 'net' [ 78.840783][ T5815] cgroup: Unknown subsys name 'cpuset' [ 78.849510][ T5815] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 80.355591][ T5815] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 82.297152][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.305973][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.314204][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.322673][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.357376][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.401178][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 82.409664][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 82.417800][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 82.426651][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 82.437344][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 82.505500][ T5149] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 82.513864][ T5149] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 82.522785][ T5149] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 82.534008][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 82.542301][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 82.592037][ T5825] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 82.608096][ T5825] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 82.617385][ T5825] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 82.625967][ T5825] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 82.634101][ T5825] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 82.969547][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 83.094557][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 83.247027][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.254927][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.262870][ T5828] bridge_slave_0: entered allmulticast mode [ 83.271654][ T5828] bridge_slave_0: entered promiscuous mode [ 83.299520][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.306724][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.314142][ T5828] bridge_slave_1: entered allmulticast mode [ 83.321581][ T5828] bridge_slave_1: entered promiscuous mode [ 83.347993][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 83.383717][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 83.402242][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.451498][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.460861][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.468774][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.475962][ T5824] bridge_slave_0: entered allmulticast mode [ 83.483413][ T5824] bridge_slave_0: entered promiscuous mode [ 83.524079][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.531404][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.538857][ T5824] bridge_slave_1: entered allmulticast mode [ 83.545883][ T5824] bridge_slave_1: entered promiscuous mode [ 83.597617][ T5828] team0: Port device team_slave_0 added [ 83.626274][ T5828] team0: Port device team_slave_1 added [ 83.634976][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.681256][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.725924][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.732970][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 83.759507][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.782103][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.790017][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.797277][ T5831] bridge_slave_0: entered allmulticast mode [ 83.804248][ T5831] bridge_slave_0: entered promiscuous mode [ 83.813033][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.820239][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.827923][ T5831] bridge_slave_1: entered allmulticast mode [ 83.834944][ T5831] bridge_slave_1: entered promiscuous mode [ 83.842414][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.849600][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.856728][ T5830] bridge_slave_0: entered allmulticast mode [ 83.863926][ T5830] bridge_slave_0: entered promiscuous mode [ 83.871882][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.879074][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 83.905459][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.938615][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.945738][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.953482][ T5830] bridge_slave_1: entered allmulticast mode [ 83.960716][ T5830] bridge_slave_1: entered promiscuous mode [ 83.976702][ T5824] team0: Port device team_slave_0 added [ 84.018037][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.029823][ T5824] team0: Port device team_slave_1 added [ 84.039209][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.051055][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.063610][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.160807][ T5828] hsr_slave_0: entered promiscuous mode [ 84.167794][ T5828] hsr_slave_1: entered promiscuous mode [ 84.185038][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.192401][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.219247][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.231945][ T5830] team0: Port device team_slave_0 added [ 84.240612][ T5830] team0: Port device team_slave_1 added [ 84.262985][ T5831] team0: Port device team_slave_0 added [ 84.269540][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.276504][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.302795][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.335921][ T5831] team0: Port device team_slave_1 added [ 84.356211][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.363656][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.389579][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.427988][ T5149] Bluetooth: hci0: command tx timeout [ 84.438513][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.445477][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.471665][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.485077][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.492363][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.518439][ T5149] Bluetooth: hci1: command tx timeout [ 84.519328][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.556353][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.563429][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.589666][ T5149] Bluetooth: hci2: command tx timeout [ 84.595225][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.636912][ T5824] hsr_slave_0: entered promiscuous mode [ 84.643442][ T5824] hsr_slave_1: entered promiscuous mode [ 84.649987][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 84.655825][ T5824] Cannot create hsr debugfs directory [ 84.747322][ T5149] Bluetooth: hci3: command tx timeout [ 84.759787][ T5830] hsr_slave_0: entered promiscuous mode [ 84.766077][ T5830] hsr_slave_1: entered promiscuous mode [ 84.772462][ T5830] debugfs: 'hsr0' already exists in 'hsr' [ 84.778458][ T5830] Cannot create hsr debugfs directory [ 84.814893][ T5831] hsr_slave_0: entered promiscuous mode [ 84.821644][ T5831] hsr_slave_1: entered promiscuous mode [ 84.828835][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 84.834578][ T5831] Cannot create hsr debugfs directory [ 85.145949][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 85.175009][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 85.196205][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 85.215183][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 85.281395][ T5824] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 85.293254][ T5824] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 85.303710][ T5824] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 85.315341][ T5824] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.417986][ T5830] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 85.455292][ T5830] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 85.465998][ T5830] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 85.488905][ T5830] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 85.556653][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 85.571987][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 85.582800][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 85.593927][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 85.613876][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.651262][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.683258][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.719254][ T4499] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.726569][ T4499] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.751114][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.758289][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.792643][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.828538][ T4499] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.835678][ T4499] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.870471][ T4499] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.877689][ T4499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.894115][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.942174][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.992647][ T4499] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.999840][ T4499] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.034154][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.041399][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.060036][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 86.081902][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.151817][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.219565][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.226740][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.250506][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.257703][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.387019][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 86.488382][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.516334][ T5149] Bluetooth: hci0: command tx timeout [ 86.542577][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.590494][ T5149] Bluetooth: hci1: command tx timeout [ 86.632564][ T5824] veth0_vlan: entered promiscuous mode [ 86.649595][ T5824] veth1_vlan: entered promiscuous mode [ 86.667283][ T5149] Bluetooth: hci2: command tx timeout [ 86.749880][ T5824] veth0_macvtap: entered promiscuous mode [ 86.774986][ T5824] veth1_macvtap: entered promiscuous mode [ 86.794005][ T5828] veth0_vlan: entered promiscuous mode [ 86.810854][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.827396][ T5149] Bluetooth: hci3: command tx timeout [ 86.855715][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.871678][ T5828] veth1_vlan: entered promiscuous mode [ 86.905713][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.936248][ T4499] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.946065][ T4499] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.976901][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.998421][ T4499] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.062716][ T5828] veth0_macvtap: entered promiscuous mode [ 87.072893][ T4499] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.096347][ T5828] veth1_macvtap: entered promiscuous mode [ 87.140444][ T5830] veth0_vlan: entered promiscuous mode [ 87.182623][ T5830] veth1_vlan: entered promiscuous mode [ 87.236921][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.281604][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.297926][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.305886][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.343821][ T4499] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.354660][ T5831] veth0_vlan: entered promiscuous mode [ 87.381860][ T4499] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.392817][ T4499] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.413651][ T1149] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.417299][ T4499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.430757][ T4499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.433608][ T5831] veth1_vlan: entered promiscuous mode [ 87.459861][ T5830] veth0_macvtap: entered promiscuous mode [ 87.484575][ T5830] veth1_macvtap: entered promiscuous mode [ 87.541575][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 87.558911][ T5831] veth0_macvtap: entered promiscuous mode [ 87.594042][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.626222][ T5831] veth1_macvtap: entered promiscuous mode [ 87.644037][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.671471][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.695052][ T1011] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.708740][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.730149][ T1011] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.743373][ T1011] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.765001][ T1011] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.787071][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.811764][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.838276][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.846305][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.919999][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.936548][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.945705][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.125922][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.222619][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.298697][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.312091][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.408940][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 88.493769][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.528043][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.571891][ T4499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.588525][ T5149] Bluetooth: hci0: command tx timeout [ 88.630938][ T4499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.653641][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.668982][ T5149] Bluetooth: hci1: command tx timeout [ 88.675352][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.734573][ T5930] FAULT_INJECTION: forcing a failure. [ 88.734573][ T5930] name failslab, interval 1, probability 0, space 0, times 1 [ 88.759331][ T5149] Bluetooth: hci2: command tx timeout [ 88.771762][ T5930] CPU: 0 UID: 0 PID: 5930 Comm: syz.1.5 Not tainted syzkaller #0 PREEMPT(full) [ 88.771810][ T5930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 88.771828][ T5930] Call Trace: [ 88.771836][ T5930] [ 88.771847][ T5930] dump_stack_lvl+0x16c/0x1f0 [ 88.771885][ T5930] should_fail_ex+0x512/0x640 [ 88.771922][ T5930] ? __kmalloc_cache_noprof+0x5f/0x780 [ 88.771962][ T5930] should_failslab+0xc2/0x120 [ 88.771995][ T5930] __kmalloc_cache_noprof+0x72/0x780 [ 88.772028][ T5930] ? trace_kmalloc+0x2b/0xd0 [ 88.772055][ T5930] ? __kmalloc_noprof+0x34f/0x880 [ 88.772088][ T5930] ? __asan_memcpy+0x3c/0x60 [ 88.772110][ T5930] ? __alloc_workqueue+0x158/0x1810 [ 88.772147][ T5930] ? __alloc_workqueue+0x158/0x1810 [ 88.772176][ T5930] __alloc_workqueue+0x158/0x1810 [ 88.772207][ T5930] ? __pfx_vsnprintf+0x10/0x10 [ 88.772229][ T5930] ? lockdep_hardirqs_on+0x7c/0x110 [ 88.772252][ T5930] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 88.772272][ T5930] alloc_workqueue_noprof+0xd2/0x200 [ 88.772301][ T5930] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 88.772343][ T5930] ? __pfx___debug_object_init+0x10/0x10 [ 88.772382][ T5930] nci_register_device+0x511/0xb80 [ 88.772419][ T5930] ? __pfx_nci_register_device+0x10/0x10 [ 88.772456][ T5930] ? lockdep_init_map_type+0x5c/0x280 [ 88.772491][ T5930] virtual_ncidev_open+0x141/0x220 [ 88.772512][ T5930] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 88.772535][ T5930] misc_open+0x26d/0x450 [ 88.772566][ T5930] ? __pfx_misc_open+0x10/0x10 [ 88.772595][ T5930] chrdev_open+0x234/0x6a0 [ 88.772625][ T5930] ? __pfx_chrdev_open+0x10/0x10 [ 88.772654][ T5930] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 88.772688][ T5930] do_dentry_open+0x982/0x1530 [ 88.772717][ T5930] ? __pfx_chrdev_open+0x10/0x10 [ 88.772758][ T5930] vfs_open+0x82/0x3f0 [ 88.772806][ T5930] path_openat+0x1de4/0x2cb0 [ 88.772847][ T5930] ? __pfx_path_openat+0x10/0x10 [ 88.772877][ T5930] ? __lock_acquire+0xb8a/0x1c90 [ 88.772914][ T5930] do_filp_open+0x20b/0x470 [ 88.772942][ T5930] ? __pfx_do_filp_open+0x10/0x10 [ 88.772996][ T5930] ? alloc_fd+0x471/0x7d0 [ 88.773030][ T5930] do_sys_openat2+0x11b/0x1d0 [ 88.773063][ T5930] ? __pfx_do_sys_openat2+0x10/0x10 [ 88.773096][ T5930] ? find_held_lock+0x2b/0x80 [ 88.773130][ T5930] __x64_sys_openat+0x174/0x210 [ 88.773165][ T5930] ? __pfx___x64_sys_openat+0x10/0x10 [ 88.773215][ T5930] do_syscall_64+0xcd/0xfa0 [ 88.773245][ T5930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.773271][ T5930] RIP: 0033:0x7f1e69f8efc9 [ 88.773299][ T5930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.773323][ T5930] RSP: 002b:00007f1e6ad75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 88.773349][ T5930] RAX: ffffffffffffffda RBX: 00007f1e6a1e5fa0 RCX: 00007f1e69f8efc9 [ 88.773365][ T5930] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 88.773381][ T5930] RBP: 00007f1e6a011f91 R08: 0000000000000000 R09: 0000000000000000 [ 88.773395][ T5930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.773410][ T5930] R13: 00007f1e6a1e6038 R14: 00007f1e6a1e5fa0 R15: 00007ffebe946a68 [ 88.773445][ T5930] [ 89.109224][ T5149] Bluetooth: hci3: command tx timeout [ 89.283305][ T5935] Zero length message leads to an empty skb [ 89.315864][ T5937] FAULT_INJECTION: forcing a failure. [ 89.315864][ T5937] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 89.333374][ T5937] CPU: 0 UID: 0 PID: 5937 Comm: syz.1.7 Not tainted syzkaller #0 PREEMPT(full) [ 89.333410][ T5937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 89.333424][ T5937] Call Trace: [ 89.333432][ T5937] [ 89.333443][ T5937] dump_stack_lvl+0x16c/0x1f0 [ 89.333474][ T5937] should_fail_ex+0x512/0x640 [ 89.333512][ T5937] _copy_from_user+0x2e/0xd0 [ 89.333548][ T5937] copy_msghdr_from_user+0x98/0x160 [ 89.333585][ T5937] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 89.333627][ T5937] ? __pfx__kstrtoull+0x10/0x10 [ 89.333658][ T5937] ___sys_sendmsg+0xfe/0x1d0 [ 89.333677][ T5937] ? __pfx____sys_sendmsg+0x10/0x10 [ 89.333724][ T5937] ? find_held_lock+0x2b/0x80 [ 89.333759][ T5937] ? proc_fail_nth_write+0x9f/0x220 [ 89.333785][ T5937] ? find_held_lock+0x2b/0x80 [ 89.333813][ T5937] __sys_sendmmsg+0x200/0x420 [ 89.333839][ T5937] ? __pfx___sys_sendmmsg+0x10/0x10 [ 89.333871][ T5937] ? do_sys_openat2+0x157/0x1d0 [ 89.333919][ T5937] ? __pfx_do_sys_openat2+0x10/0x10 [ 89.333968][ T5937] ? ksys_write+0x1ac/0x250 [ 89.333992][ T5937] ? __pfx_ksys_write+0x10/0x10 [ 89.334023][ T5937] __x64_sys_sendmmsg+0x9c/0x100 [ 89.334045][ T5937] ? lockdep_hardirqs_on+0x7c/0x110 [ 89.334070][ T5937] do_syscall_64+0xcd/0xfa0 [ 89.334098][ T5937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.334122][ T5937] RIP: 0033:0x7f1e69f8efc9 [ 89.334142][ T5937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.334163][ T5937] RSP: 002b:00007f1e6ad75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 89.334187][ T5937] RAX: ffffffffffffffda RBX: 00007f1e6a1e5fa0 RCX: 00007f1e69f8efc9 [ 89.334202][ T5937] RDX: 0000000000000005 RSI: 0000200000000080 RDI: 0000000000000003 [ 89.334216][ T5937] RBP: 00007f1e6ad75090 R08: 0000000000000000 R09: 0000000000000000 [ 89.334230][ T5937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.334244][ T5937] R13: 00007f1e6a1e6038 R14: 00007f1e6a1e5fa0 R15: 00007ffebe946a68 [ 89.334274][ T5937] [ 89.868597][ T5947] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 90.057389][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.670007][ T5149] Bluetooth: hci0: command tx timeout [ 90.757319][ T5149] Bluetooth: hci1: command tx timeout [ 90.828769][ T5149] Bluetooth: hci2: command tx timeout [ 90.867500][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 91.147781][ T5149] Bluetooth: hci3: command tx timeout [ 91.968152][ T9] cfg80211: failed to load regulatory.db [ 92.467236][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 92.812763][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 92.914804][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 93.704981][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.713934][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 93.723616][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.702871][ T6059] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 96.731398][ T6059] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 96.874226][ T6059] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 96.921730][ T6059] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 96.937334][ T6059] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 96.996261][ T6059] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 97.009768][ T6082] netlink: 'syz.3.34': attribute type 3 has an invalid length. [ 97.064470][ T6059] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 97.133848][ T6059] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 97.159976][ T6059] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 97.234420][ T6059] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 97.250889][ T6059] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 97.261959][ T6084] usb usb36: usbfs: process 6084 (syz.1.35) did not claim interface 0 before use [ 97.275942][ T6059] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 97.702016][ T6109] FAULT_INJECTION: forcing a failure. [ 97.702016][ T6109] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 97.798375][ T6109] CPU: 1 UID: 0 PID: 6109 Comm: syz.3.41 Not tainted syzkaller #0 PREEMPT(full) [ 97.798409][ T6109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 97.798423][ T6109] Call Trace: [ 97.798430][ T6109] [ 97.798440][ T6109] dump_stack_lvl+0x16c/0x1f0 [ 97.798470][ T6109] should_fail_ex+0x512/0x640 [ 97.798507][ T6109] _copy_from_iter+0x29f/0x1720 [ 97.798546][ T6109] ? rcu_is_watching+0x12/0xc0 [ 97.798573][ T6109] ? __pfx__copy_from_iter+0x10/0x10 [ 97.798607][ T6109] ? __asan_memset+0x23/0x50 [ 97.798632][ T6109] ? __build_skb_around+0x278/0x3b0 [ 97.798664][ T6109] ? is_vmalloc_addr+0x86/0xa0 [ 97.798692][ T6109] netlink_sendmsg+0x820/0xdd0 [ 97.798724][ T6109] ? __pfx_netlink_sendmsg+0x10/0x10 [ 97.798752][ T6109] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 97.798790][ T6109] sock_write_iter+0x566/0x610 [ 97.798820][ T6109] ? __pfx_sock_write_iter+0x10/0x10 [ 97.798859][ T6109] ? bpf_lsm_file_permission+0x9/0x10 [ 97.798885][ T6109] ? security_file_permission+0x71/0x210 [ 97.798911][ T6109] ? rw_verify_area+0xcf/0x6c0 [ 97.798937][ T6109] vfs_write+0x7d3/0x11d0 [ 97.798963][ T6109] ? __pfx_sock_write_iter+0x10/0x10 [ 97.798994][ T6109] ? __pfx_vfs_write+0x10/0x10 [ 97.799016][ T6109] ? find_held_lock+0x2b/0x80 [ 97.799069][ T6109] ksys_write+0x1f8/0x250 [ 97.799094][ T6109] ? __pfx_ksys_write+0x10/0x10 [ 97.799129][ T6109] do_syscall_64+0xcd/0xfa0 [ 97.799157][ T6109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.799180][ T6109] RIP: 0033:0x7f9f9858efc9 [ 97.799200][ T6109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.799220][ T6109] RSP: 002b:00007f9f993d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 97.799243][ T6109] RAX: ffffffffffffffda RBX: 00007f9f987e5fa0 RCX: 00007f9f9858efc9 [ 97.799259][ T6109] RDX: 000000000000fded RSI: 0000200000000000 RDI: 0000000000000002 [ 97.799273][ T6109] RBP: 00007f9f993d0090 R08: 0000000000000000 R09: 0000000000000000 [ 97.799287][ T6109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.799300][ T6109] R13: 00007f9f987e6038 R14: 00007f9f987e5fa0 R15: 00007ffe7161e4b8 [ 97.799335][ T6109] [ 98.029079][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout [ 98.042192][ T6112] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 98.871755][ T6129] ubi31: attaching mtd0 [ 98.924942][ T6131] binder: 6130:6131 unknown command 0 [ 98.944081][ T6131] binder: 6130:6131 ioctl c0306201 2000000000c0 returned -22 [ 98.991700][ T5149] Bluetooth: hci1: command 0x0c1a tx timeout [ 99.067305][ T5149] Bluetooth: hci2: command 0x0c1a tx timeout [ 99.307697][ T5149] Bluetooth: hci3: command 0x0c1a tx timeout [ 99.531144][ T6148] FAULT_INJECTION: forcing a failure. [ 99.531144][ T6148] name failslab, interval 1, probability 0, space 0, times 0 [ 99.587857][ T6148] CPU: 1 UID: 0 PID: 6148 Comm: syz.1.53 Not tainted syzkaller #0 PREEMPT(full) [ 99.587890][ T6148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 99.587903][ T6148] Call Trace: [ 99.587911][ T6148] [ 99.587920][ T6148] dump_stack_lvl+0x16c/0x1f0 [ 99.587951][ T6148] should_fail_ex+0x512/0x640 [ 99.587981][ T6148] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 99.588010][ T6148] should_failslab+0xc2/0x120 [ 99.588039][ T6148] kmem_cache_alloc_node_noprof+0x78/0x770 [ 99.588063][ T6148] ? __alloc_skb+0x2b2/0x380 [ 99.588101][ T6148] ? __alloc_skb+0x2b2/0x380 [ 99.588130][ T6148] ? __pfx_netlink_insert+0x10/0x10 [ 99.588150][ T6148] __alloc_skb+0x2b2/0x380 [ 99.588182][ T6148] ? __pfx___alloc_skb+0x10/0x10 [ 99.588214][ T6148] ? netlink_autobind.isra.0+0x158/0x370 [ 99.588247][ T6148] netlink_alloc_large_skb+0x69/0x140 [ 99.588274][ T6148] netlink_sendmsg+0x698/0xdd0 [ 99.588304][ T6148] ? __pfx_netlink_sendmsg+0x10/0x10 [ 99.588332][ T6148] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 99.588370][ T6148] ____sys_sendmsg+0xa98/0xc70 [ 99.588399][ T6148] ? copy_msghdr_from_user+0x10a/0x160 [ 99.588434][ T6148] ? __pfx_____sys_sendmsg+0x10/0x10 [ 99.588467][ T6148] ? __pfx__kstrtoull+0x10/0x10 [ 99.588501][ T6148] ___sys_sendmsg+0x134/0x1d0 [ 99.588526][ T6148] ? __pfx____sys_sendmsg+0x10/0x10 [ 99.588578][ T6148] ? find_held_lock+0x2b/0x80 [ 99.588615][ T6148] ? proc_fail_nth_write+0x9f/0x220 [ 99.588644][ T6148] ? find_held_lock+0x2b/0x80 [ 99.588672][ T6148] __sys_sendmmsg+0x200/0x420 [ 99.588699][ T6148] ? __pfx___sys_sendmmsg+0x10/0x10 [ 99.588731][ T6148] ? do_sys_openat2+0x157/0x1d0 [ 99.588763][ T6148] ? __pfx_do_sys_openat2+0x10/0x10 [ 99.588811][ T6148] ? ksys_write+0x1ac/0x250 [ 99.588835][ T6148] ? __pfx_ksys_write+0x10/0x10 [ 99.588871][ T6148] __x64_sys_sendmmsg+0x9c/0x100 [ 99.588893][ T6148] ? lockdep_hardirqs_on+0x7c/0x110 [ 99.588917][ T6148] do_syscall_64+0xcd/0xfa0 [ 99.588945][ T6148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.588969][ T6148] RIP: 0033:0x7f1e69f8efc9 [ 99.588987][ T6148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.589009][ T6148] RSP: 002b:00007f1e6ad75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 99.589031][ T6148] RAX: ffffffffffffffda RBX: 00007f1e6a1e5fa0 RCX: 00007f1e69f8efc9 [ 99.589047][ T6148] RDX: 0000000000000005 RSI: 0000200000000080 RDI: 0000000000000003 [ 99.589061][ T6148] RBP: 00007f1e6ad75090 R08: 0000000000000000 R09: 0000000000000000 [ 99.589075][ T6148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.589089][ T6148] R13: 00007f1e6a1e6038 R14: 00007f1e6a1e5fa0 R15: 00007ffebe946a68 [ 99.589123][ T6148] [ 99.637901][ T6146] FAULT_INJECTION: forcing a failure. [ 99.637901][ T6146] name failslab, interval 1, probability 0, space 0, times 0 [ 99.642576][ C1] vkms_vblank_simulate: vblank timer overrun [ 99.887182][ C1] vkms_vblank_simulate: vblank timer overrun [ 99.903350][ T6146] CPU: 0 UID: 0 PID: 6146 Comm: syz.3.51 Not tainted syzkaller #0 PREEMPT(full) [ 99.903385][ T6146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 99.903401][ T6146] Call Trace: [ 99.903408][ T6146] [ 99.903418][ T6146] dump_stack_lvl+0x16c/0x1f0 [ 99.903454][ T6146] should_fail_ex+0x512/0x640 [ 99.903487][ T6146] ? __kmalloc_noprof+0xca/0x880 [ 99.903533][ T6146] should_failslab+0xc2/0x120 [ 99.903565][ T6146] __kmalloc_noprof+0xdd/0x880 [ 99.903602][ T6146] ? ethnl_default_notify+0x176/0xa40 [ 99.903646][ T6146] ? ethnl_default_notify+0x176/0xa40 [ 99.903685][ T6146] ethnl_default_notify+0x176/0xa40 [ 99.903726][ T6146] ? __pfx_ethnl_default_notify+0x10/0x10 [ 99.903773][ T6146] ? ethnl_set_coalesce+0xb8/0x170 [ 99.903813][ T6146] ? __pfx_ethnl_set_coalesce+0x10/0x10 [ 99.903849][ T6146] ? __pfx_ethnl_default_notify+0x10/0x10 [ 99.903881][ T6146] ethnl_notify+0xc2/0x200 [ 99.903911][ T6146] ethnl_default_set_doit+0x401/0x9d0 [ 99.903935][ T6146] genl_family_rcv_msg_doit+0x209/0x2f0 [ 99.903960][ T6146] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 99.903993][ T6146] ? bpf_lsm_capable+0x9/0x10 [ 99.904018][ T6146] ? security_capable+0x7e/0x260 [ 99.904045][ T6146] ? ns_capable+0xd7/0x110 [ 99.904069][ T6146] genl_rcv_msg+0x55c/0x800 [ 99.904099][ T6146] ? __pfx_genl_rcv_msg+0x10/0x10 [ 99.904123][ T6146] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 99.904163][ T6146] netlink_rcv_skb+0x158/0x420 [ 99.904183][ T6146] ? __pfx_genl_rcv_msg+0x10/0x10 [ 99.904207][ T6146] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 99.904239][ T6146] ? netlink_deliver_tap+0x1ae/0xd30 [ 99.904273][ T6146] genl_rcv+0x28/0x40 [ 99.904292][ T6146] netlink_unicast+0x5aa/0x870 [ 99.904316][ T6146] ? __pfx_netlink_unicast+0x10/0x10 [ 99.904347][ T6146] netlink_sendmsg+0x8c8/0xdd0 [ 99.904371][ T6146] ? __pfx_netlink_sendmsg+0x10/0x10 [ 99.904395][ T6146] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 99.904427][ T6146] ____sys_sendmsg+0xa98/0xc70 [ 99.904456][ T6146] ? copy_msghdr_from_user+0x10a/0x160 [ 99.904486][ T6146] ? __pfx_____sys_sendmsg+0x10/0x10 [ 99.904522][ T6146] ___sys_sendmsg+0x134/0x1d0 [ 99.904538][ T6146] ? futex_private_hash_put+0x176/0x300 [ 99.904567][ T6146] ? __pfx____sys_sendmsg+0x10/0x10 [ 99.904595][ T6146] ? __lock_acquire+0x622/0x1c90 [ 99.904656][ T6146] __sys_sendmsg+0x16d/0x220 [ 99.904674][ T6146] ? __pfx___sys_sendmsg+0x10/0x10 [ 99.904692][ T6146] ? __x64_sys_futex+0x1e0/0x4c0 [ 99.904734][ T6146] do_syscall_64+0xcd/0xfa0 [ 99.904758][ T6146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.904777][ T6146] RIP: 0033:0x7f9f9858efc9 [ 99.904802][ T6146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.904822][ T6146] RSP: 002b:00007f9f993af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 99.904843][ T6146] RAX: ffffffffffffffda RBX: 00007f9f987e6090 RCX: 00007f9f9858efc9 [ 99.904857][ T6146] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000009 [ 99.904869][ T6146] RBP: 00007f9f98611f91 R08: 0000000000000000 R09: 0000000000000000 [ 99.904882][ T6146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.904894][ T6146] R13: 00007f9f987e6128 R14: 00007f9f987e6090 R15: 00007ffe7161e4b8 [ 99.904923][ T6146] [ 100.288411][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout [ 101.067277][ T5149] Bluetooth: hci1: command 0x0c1a tx timeout [ 101.148133][ T5149] Bluetooth: hci2: command 0x0c1a tx timeout [ 101.391421][ T5149] Bluetooth: hci3: command 0x0c1a tx timeout [ 101.663032][ T6180] FAULT_INJECTION: forcing a failure. [ 101.663032][ T6180] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 101.676300][ T6180] CPU: 0 UID: 0 PID: 6180 Comm: syz.3.60 Not tainted syzkaller #0 PREEMPT(full) [ 101.676333][ T6180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 101.676347][ T6180] Call Trace: [ 101.676355][ T6180] [ 101.676364][ T6180] dump_stack_lvl+0x16c/0x1f0 [ 101.676396][ T6180] should_fail_ex+0x512/0x640 [ 101.676435][ T6180] _copy_from_iter+0x463/0x1720 [ 101.676483][ T6180] ? __pfx__copy_from_iter+0x10/0x10 [ 101.676515][ T6180] ? do_raw_spin_lock+0x12c/0x2b0 [ 101.676552][ T6180] ? find_held_lock+0x2b/0x80 [ 101.676579][ T6180] ? rcu_is_watching+0x12/0xc0 [ 101.676604][ T6180] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 101.676633][ T6180] write_pool_user+0xe8/0x2f0 [ 101.676666][ T6180] ? __pfx_write_pool_user+0x10/0x10 [ 101.676703][ T6180] ? __lock_acquire+0x622/0x1c90 [ 101.676731][ T6180] ? copy_iovec_from_user+0x131/0x170 [ 101.676768][ T6180] do_iter_readv_writev+0x662/0x9e0 [ 101.676796][ T6180] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 101.676826][ T6180] ? bpf_lsm_file_permission+0x9/0x10 [ 101.676853][ T6180] ? security_file_permission+0x71/0x210 [ 101.676879][ T6180] ? rw_verify_area+0xcf/0x6c0 [ 101.676905][ T6180] vfs_writev+0x35f/0xde0 [ 101.676938][ T6180] ? __pfx_vfs_writev+0x10/0x10 [ 101.676994][ T6180] ? __fget_files+0x20e/0x3c0 [ 101.677016][ T6180] ? __fget_files+0x1a0/0x3c0 [ 101.677048][ T6180] ? do_writev+0x132/0x340 [ 101.677068][ T6180] do_writev+0x132/0x340 [ 101.677094][ T6180] ? __pfx_do_writev+0x10/0x10 [ 101.677125][ T6180] do_syscall_64+0xcd/0xfa0 [ 101.677149][ T6180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.677168][ T6180] RIP: 0033:0x7f9f9858efc9 [ 101.677184][ T6180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.677204][ T6180] RSP: 002b:00007f9f993d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 101.677227][ T6180] RAX: ffffffffffffffda RBX: 00007f9f987e5fa0 RCX: 00007f9f9858efc9 [ 101.677242][ T6180] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003 [ 101.677256][ T6180] RBP: 00007f9f993d0090 R08: 0000000000000000 R09: 0000000000000000 [ 101.677268][ T6180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.677280][ T6180] R13: 00007f9f987e6038 R14: 00007f9f987e5fa0 R15: 00007ffe7161e4b8 [ 101.677311][ T6180] [ 102.347668][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout [ 103.143754][ T6217] netlink: 'syz.3.68': attribute type 2 has an invalid length. [ 103.147738][ T5149] Bluetooth: hci1: command 0x0c1a tx timeout [ 103.158671][ T6217] FAULT_INJECTION: forcing a failure. [ 103.158671][ T6217] name failslab, interval 1, probability 0, space 0, times 0 [ 103.158739][ T6217] CPU: 0 UID: 0 PID: 6217 Comm: syz.3.68 Not tainted syzkaller #0 PREEMPT(full) [ 103.158766][ T6217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 103.158779][ T6217] Call Trace: [ 103.158787][ T6217] [ 103.158796][ T6217] dump_stack_lvl+0x16c/0x1f0 [ 103.158825][ T6217] should_fail_ex+0x512/0x640 [ 103.158857][ T6217] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 103.158895][ T6217] should_failslab+0xc2/0x120 [ 103.158925][ T6217] kmem_cache_alloc_noprof+0x75/0x6e0 [ 103.158949][ T6217] ? skb_clone+0x190/0x3f0 [ 103.158978][ T6217] ? skb_clone+0x190/0x3f0 [ 103.158998][ T6217] skb_clone+0x190/0x3f0 [ 103.159021][ T6217] netlink_deliver_tap+0xabd/0xd30 [ 103.159064][ T6217] netlink_unicast+0x71f/0x870 [ 103.159094][ T6217] ? __pfx_netlink_unicast+0x10/0x10 [ 103.159120][ T6217] ? genl_rcv_msg+0x4bb/0x800 [ 103.159155][ T6217] netlink_ack+0x696/0xb80 [ 103.159191][ T6217] netlink_rcv_skb+0x332/0x420 [ 103.159214][ T6217] ? __pfx_genl_rcv_msg+0x10/0x10 [ 103.159243][ T6217] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 103.159283][ T6217] ? netlink_deliver_tap+0x1ae/0xd30 [ 103.159321][ T6217] genl_rcv+0x28/0x40 [ 103.159343][ T6217] netlink_unicast+0x5aa/0x870 [ 103.159371][ T6217] ? __pfx_netlink_unicast+0x10/0x10 [ 103.159408][ T6217] netlink_sendmsg+0x8c8/0xdd0 [ 103.159439][ T6217] ? __pfx_netlink_sendmsg+0x10/0x10 [ 103.159466][ T6217] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 103.159504][ T6217] ____sys_sendmsg+0xa98/0xc70 [ 103.159534][ T6217] ? copy_msghdr_from_user+0x10a/0x160 [ 103.159568][ T6217] ? __pfx_____sys_sendmsg+0x10/0x10 [ 103.159620][ T6217] ___sys_sendmsg+0x134/0x1d0 [ 103.159645][ T6217] ? __pfx____sys_sendmsg+0x10/0x10 [ 103.159677][ T6217] ? __lock_acquire+0x622/0x1c90 [ 103.159751][ T6217] __sys_sendmsg+0x16d/0x220 [ 103.159773][ T6217] ? __pfx___sys_sendmsg+0x10/0x10 [ 103.159819][ T6217] do_syscall_64+0xcd/0xfa0 [ 103.159846][ T6217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.159869][ T6217] RIP: 0033:0x7f9f9858efc9 [ 103.159888][ T6217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.159909][ T6217] RSP: 002b:00007f9f993d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 103.159932][ T6217] RAX: ffffffffffffffda RBX: 00007f9f987e5fa0 RCX: 00007f9f9858efc9 [ 103.159948][ T6217] RDX: 0000000000000040 RSI: 00002000000110c0 RDI: 0000000000000003 [ 103.159961][ T6217] RBP: 00007f9f993d0090 R08: 0000000000000000 R09: 0000000000000000 [ 103.159975][ T6217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.159988][ T6217] R13: 00007f9f987e6038 R14: 00007f9f987e5fa0 R15: 00007ffe7161e4b8 [ 103.160023][ T6217] [ 103.247214][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 103.473170][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout [ 104.129783][ T6239] FAULT_INJECTION: forcing a failure. [ 104.129783][ T6239] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 104.170939][ T6239] CPU: 1 UID: 0 PID: 6239 Comm: syz.2.74 Not tainted syzkaller #0 PREEMPT(full) [ 104.170973][ T6239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 104.170986][ T6239] Call Trace: [ 104.170994][ T6239] [ 104.171004][ T6239] dump_stack_lvl+0x16c/0x1f0 [ 104.171036][ T6239] should_fail_ex+0x512/0x640 [ 104.171074][ T6239] _copy_from_user+0x2e/0xd0 [ 104.171106][ T6239] kstrtouint_from_user+0xd6/0x1d0 [ 104.171131][ T6239] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 104.171155][ T6239] ? __lock_acquire+0xb8a/0x1c90 [ 104.171199][ T6239] proc_fail_nth_write+0x83/0x220 [ 104.171224][ T6239] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 104.171257][ T6239] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 104.171279][ T6239] vfs_write+0x2a0/0x11d0 [ 104.171308][ T6239] ? __pfx___mutex_lock+0x10/0x10 [ 104.171334][ T6239] ? __pfx_vfs_write+0x10/0x10 [ 104.171366][ T6239] ? __fget_files+0x20e/0x3c0 [ 104.171398][ T6239] ksys_write+0x12a/0x250 [ 104.171421][ T6239] ? __pfx_ksys_write+0x10/0x10 [ 104.171453][ T6239] do_syscall_64+0xcd/0xfa0 [ 104.171480][ T6239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.171502][ T6239] RIP: 0033:0x7f41e1b8da7f [ 104.171521][ T6239] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 104.171540][ T6239] RSP: 002b:00007f41e2a5c030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 104.171561][ T6239] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f41e1b8da7f [ 104.171575][ T6239] RDX: 0000000000000001 RSI: 00007f41e2a5c0a0 RDI: 0000000000000004 [ 104.171594][ T6239] RBP: 00007f41e2a5c090 R08: 0000000000000000 R09: 0000000000000000 [ 104.171607][ T6239] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 104.171620][ T6239] R13: 00007f41e1de6038 R14: 00007f41e1de5fa0 R15: 00007fff443e7ca8 [ 104.171652][ T6239] [ 104.847123][ T6248] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 107.256332][ T6296] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 107.626825][ T6298] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 108.827904][ T6332] FAULT_INJECTION: forcing a failure. [ 108.827904][ T6332] name failslab, interval 1, probability 0, space 0, times 0 [ 108.864138][ T6332] CPU: 1 UID: 0 PID: 6332 Comm: syz.0.94 Not tainted syzkaller #0 PREEMPT(full) [ 108.864178][ T6332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 108.864193][ T6332] Call Trace: [ 108.864200][ T6332] [ 108.864211][ T6332] dump_stack_lvl+0x16c/0x1f0 [ 108.864237][ T6332] should_fail_ex+0x512/0x640 [ 108.864261][ T6332] ? __kmalloc_noprof+0xca/0x880 [ 108.864286][ T6332] should_failslab+0xc2/0x120 [ 108.864305][ T6332] __kmalloc_noprof+0xdd/0x880 [ 108.864327][ T6332] ? ethnl_default_notify+0x176/0xa40 [ 108.864353][ T6332] ? ethnl_default_notify+0x176/0xa40 [ 108.864373][ T6332] ethnl_default_notify+0x176/0xa40 [ 108.864398][ T6332] ? __pfx_ethnl_default_notify+0x10/0x10 [ 108.864428][ T6332] ? ethnl_set_coalesce+0xb8/0x170 [ 108.864447][ T6332] ? __pfx_ethnl_set_coalesce+0x10/0x10 [ 108.864473][ T6332] ? __pfx_ethnl_default_notify+0x10/0x10 [ 108.864494][ T6332] ethnl_notify+0xc2/0x200 [ 108.864516][ T6332] ethnl_default_set_doit+0x401/0x9d0 [ 108.864532][ T6332] genl_family_rcv_msg_doit+0x209/0x2f0 [ 108.864551][ T6332] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 108.864574][ T6332] ? bpf_lsm_capable+0x9/0x10 [ 108.864592][ T6332] ? security_capable+0x7e/0x260 [ 108.864617][ T6332] ? ns_capable+0xd7/0x110 [ 108.864635][ T6332] genl_rcv_msg+0x55c/0x800 [ 108.864655][ T6332] ? __pfx_genl_rcv_msg+0x10/0x10 [ 108.864672][ T6332] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 108.864701][ T6332] netlink_rcv_skb+0x158/0x420 [ 108.864716][ T6332] ? __pfx_genl_rcv_msg+0x10/0x10 [ 108.864734][ T6332] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 108.864757][ T6332] ? netlink_deliver_tap+0x1ae/0xd30 [ 108.864782][ T6332] genl_rcv+0x28/0x40 [ 108.864796][ T6332] netlink_unicast+0x5aa/0x870 [ 108.864813][ T6332] ? __pfx_netlink_unicast+0x10/0x10 [ 108.864834][ T6332] netlink_sendmsg+0x8c8/0xdd0 [ 108.864851][ T6332] ? __pfx_netlink_sendmsg+0x10/0x10 [ 108.864868][ T6332] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 108.864892][ T6332] ____sys_sendmsg+0xa98/0xc70 [ 108.864910][ T6332] ? copy_msghdr_from_user+0x10a/0x160 [ 108.864931][ T6332] ? __pfx_____sys_sendmsg+0x10/0x10 [ 108.864952][ T6332] ? __pfx_futex_wake_mark+0x10/0x10 [ 108.864976][ T6332] ___sys_sendmsg+0x134/0x1d0 [ 108.864987][ T6332] ? futex_private_hash_put+0x176/0x300 [ 108.865006][ T6332] ? __pfx____sys_sendmsg+0x10/0x10 [ 108.865026][ T6332] ? __lock_acquire+0x622/0x1c90 [ 108.865068][ T6332] __sys_sendmsg+0x16d/0x220 [ 108.865081][ T6332] ? __pfx___sys_sendmsg+0x10/0x10 [ 108.865093][ T6332] ? __x64_sys_futex+0x1e0/0x4c0 [ 108.865123][ T6332] do_syscall_64+0xcd/0xfa0 [ 108.865145][ T6332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.865160][ T6332] RIP: 0033:0x7f1c4158efc9 [ 108.865173][ T6332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.865186][ T6332] RSP: 002b:00007f1c423c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 108.865201][ T6332] RAX: ffffffffffffffda RBX: 00007f1c417e6090 RCX: 00007f1c4158efc9 [ 108.865210][ T6332] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000009 [ 108.865218][ T6332] RBP: 00007f1c41611f91 R08: 0000000000000000 R09: 0000000000000000 [ 108.865227][ T6332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.865235][ T6332] R13: 00007f1c417e6128 R14: 00007f1c417e6090 R15: 00007ffc7ed04b88 [ 108.865255][ T6332] [ 109.196037][ C1] vkms_vblank_simulate: vblank timer overrun [ 110.884431][ T6345] kexec: Could not allocate control_code_buffer [ 111.067268][ T6366] FAULT_INJECTION: forcing a failure. [ 111.067268][ T6366] name failslab, interval 1, probability 0, space 0, times 0 [ 111.106426][ T6366] CPU: 1 UID: 0 PID: 6366 Comm: syz.1.105 Not tainted syzkaller #0 PREEMPT(full) [ 111.106463][ T6366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 111.106483][ T6366] Call Trace: [ 111.106492][ T6366] [ 111.106503][ T6366] dump_stack_lvl+0x16c/0x1f0 [ 111.106537][ T6366] should_fail_ex+0x512/0x640 [ 111.106573][ T6366] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 111.106605][ T6366] should_failslab+0xc2/0x120 [ 111.106638][ T6366] kmem_cache_alloc_node_noprof+0x78/0x770 [ 111.106664][ T6366] ? do_raw_spin_lock+0x12c/0x2b0 [ 111.106699][ T6366] ? __alloc_skb+0x2b2/0x380 [ 111.106741][ T6366] ? __alloc_skb+0x2b2/0x380 [ 111.106773][ T6366] __alloc_skb+0x2b2/0x380 [ 111.106808][ T6366] ? __pfx___alloc_skb+0x10/0x10 [ 111.106841][ T6366] ? trace_rpm_usage+0x18e/0x210 [ 111.106879][ T6366] ? ethnl_ops_complete+0xaf/0xd0 [ 111.106920][ T6366] ethnl_default_notify+0x56a/0xa40 [ 111.106963][ T6366] ? __pfx_ethnl_default_notify+0x10/0x10 [ 111.107025][ T6366] ? ethnl_set_coalesce+0xb8/0x170 [ 111.107059][ T6366] ? __pfx_ethnl_set_coalesce+0x10/0x10 [ 111.107098][ T6366] ? __pfx_ethnl_default_notify+0x10/0x10 [ 111.107131][ T6366] ethnl_notify+0xc2/0x200 [ 111.107165][ T6366] ethnl_default_set_doit+0x401/0x9d0 [ 111.107194][ T6366] genl_family_rcv_msg_doit+0x209/0x2f0 [ 111.107225][ T6366] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 111.107263][ T6366] ? bpf_lsm_capable+0x9/0x10 [ 111.107293][ T6366] ? security_capable+0x7e/0x260 [ 111.107327][ T6366] ? ns_capable+0xd7/0x110 [ 111.107355][ T6366] genl_rcv_msg+0x55c/0x800 [ 111.107386][ T6366] ? __pfx_genl_rcv_msg+0x10/0x10 [ 111.107413][ T6366] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 111.107455][ T6366] netlink_rcv_skb+0x158/0x420 [ 111.107475][ T6366] ? __pfx_genl_rcv_msg+0x10/0x10 [ 111.107502][ T6366] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 111.107539][ T6366] ? netlink_deliver_tap+0x1ae/0xd30 [ 111.107582][ T6366] genl_rcv+0x28/0x40 [ 111.107607][ T6366] netlink_unicast+0x5aa/0x870 [ 111.107645][ T6366] ? __pfx_netlink_unicast+0x10/0x10 [ 111.107681][ T6366] netlink_sendmsg+0x8c8/0xdd0 [ 111.107710][ T6366] ? __pfx_netlink_sendmsg+0x10/0x10 [ 111.107739][ T6366] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 111.107780][ T6366] ____sys_sendmsg+0xa98/0xc70 [ 111.107810][ T6366] ? copy_msghdr_from_user+0x10a/0x160 [ 111.107843][ T6366] ? __pfx_____sys_sendmsg+0x10/0x10 [ 111.107890][ T6366] ___sys_sendmsg+0x134/0x1d0 [ 111.107910][ T6366] ? futex_private_hash_put+0x176/0x300 [ 111.107943][ T6366] ? __pfx____sys_sendmsg+0x10/0x10 [ 111.107975][ T6366] ? __lock_acquire+0x622/0x1c90 [ 111.108060][ T6366] __sys_sendmsg+0x16d/0x220 [ 111.108085][ T6366] ? __pfx___sys_sendmsg+0x10/0x10 [ 111.108108][ T6366] ? __x64_sys_futex+0x1e0/0x4c0 [ 111.108161][ T6366] do_syscall_64+0xcd/0xfa0 [ 111.108192][ T6366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.108217][ T6366] RIP: 0033:0x7f1e69f8efc9 [ 111.108237][ T6366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.108261][ T6366] RSP: 002b:00007f1e6ad75038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 111.108285][ T6366] RAX: ffffffffffffffda RBX: 00007f1e6a1e5fa0 RCX: 00007f1e69f8efc9 [ 111.108302][ T6366] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000009 [ 111.108316][ T6366] RBP: 00007f1e6a011f91 R08: 0000000000000000 R09: 0000000000000000 [ 111.108330][ T6366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.108344][ T6366] R13: 00007f1e6a1e6038 R14: 00007f1e6a1e5fa0 R15: 00007ffebe946a68 [ 111.108381][ T6366] [ 112.186010][ T6393] netlink: 338 bytes leftover after parsing attributes in process `syz.2.112'. [ 112.202141][ T6393] veth1_macvtap: left promiscuous mode [ 112.553675][ T6384] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN PTI [ 112.565585][ T6384] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 112.574013][ T6384] CPU: 1 UID: 0 PID: 6384 Comm: syz.3.111 Not tainted syzkaller #0 PREEMPT(full) [ 112.583227][ T6384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 112.593297][ T6384] RIP: 0010:generic_hwtstamp_ioctl_lower+0x185/0x380 [ 112.599989][ T6384] Code: 4c 89 e2 48 c1 ea 03 80 3c 02 00 0f 85 e1 01 00 00 48 be 00 00 00 00 00 fc ff df 49 8b 45 10 48 8d 78 10 48 89 fa 48 c1 ea 03 <0f> b6 0c 32 48 8d 50 27 49 89 d0 83 e2 07 49 c1 e8 03 41 0f b6 34 [ 112.619690][ T6384] RSP: 0018:ffffc90003097260 EFLAGS: 00010202 [ 112.625757][ T6384] RAX: 0000000000000000 RBX: 1ffff92000612e4e RCX: ffffc9000caed000 [ 112.633719][ T6384] RDX: 0000000000000002 RSI: dffffc0000000000 RDI: 0000000000000010 [ 112.641685][ T6384] RBP: ffffc90003097338 R08: 0000000000000001 R09: 0000000000000006 [ 112.649735][ T6384] R10: ffffc900030972ae R11: 0000000000000001 R12: ffffc90003097428 [ 112.657795][ T6384] R13: ffffc90003097418 R14: ffff88805f0c2000 R15: ffffc900030972a0 [ 112.665784][ T6384] FS: 00007f9f993d06c0(0000) GS:ffff888124b12000(0000) knlGS:0000000000000000 [ 112.674814][ T6384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.681405][ T6384] CR2: 00005555568b3808 CR3: 0000000028cda000 CR4: 00000000003526f0 [ 112.689386][ T6384] Call Trace: [ 112.692671][ T6384] [ 112.695597][ T6384] ? __pfx_generic_hwtstamp_ioctl_lower+0x10/0x10 [ 112.702023][ T6384] ? __mutex_trylock_common+0xe9/0x250 [ 112.707505][ T6384] ? __pfx___might_resched+0x10/0x10 [ 112.712789][ T6384] generic_hwtstamp_get_lower+0x269/0x360 [ 112.718515][ T6384] dev_get_hwtstamp_phylib+0x184/0x610 [ 112.724007][ T6384] tsconfig_prepare_data+0x15e/0x620 [ 112.729301][ T6384] ? __pfx_tsconfig_prepare_data+0x10/0x10 [ 112.735113][ T6384] ? __pfx___mutex_lock+0x10/0x10 [ 112.740144][ T6384] ethnl_default_doit+0x3d1/0xed0 [ 112.745177][ T6384] ? __nla_parse+0x40/0x60 [ 112.749588][ T6384] ? __pfx_ethnl_default_doit+0x10/0x10 [ 112.755145][ T6384] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 112.762513][ T6384] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 112.769898][ T6384] genl_family_rcv_msg_doit+0x209/0x2f0 [ 112.775459][ T6384] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 112.781537][ T6384] ? genl_get_cmd+0x194/0x580 [ 112.786216][ T6384] ? __radix_tree_lookup+0x21f/0x2c0 [ 112.791609][ T6384] genl_rcv_msg+0x55c/0x800 [ 112.796124][ T6384] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.801191][ T6384] ? __pfx_ethnl_default_doit+0x10/0x10 [ 112.806764][ T6384] netlink_rcv_skb+0x158/0x420 [ 112.811539][ T6384] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.816567][ T6384] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 112.821872][ T6384] ? netlink_deliver_tap+0x1ae/0xd30 [ 112.827194][ T6384] genl_rcv+0x28/0x40 [ 112.831206][ T6384] netlink_unicast+0x5aa/0x870 [ 112.835981][ T6384] ? __pfx_netlink_unicast+0x10/0x10 [ 112.841276][ T6384] netlink_sendmsg+0x8c8/0xdd0 [ 112.846039][ T6384] ? __pfx_netlink_sendmsg+0x10/0x10 [ 112.851320][ T6384] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 112.857386][ T6384] ____sys_sendmsg+0xa98/0xc70 [ 112.862142][ T6384] ? copy_msghdr_from_user+0x10a/0x160 [ 112.867602][ T6384] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.872884][ T6384] ? __pfx_futex_wake_mark+0x10/0x10 [ 112.878170][ T6384] ___sys_sendmsg+0x134/0x1d0 [ 112.882834][ T6384] ? futex_private_hash_put+0x176/0x300 [ 112.888385][ T6384] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.893595][ T6384] ? __lock_acquire+0x622/0x1c90 [ 112.898546][ T6384] __sys_sendmsg+0x16d/0x220 [ 112.903131][ T6384] ? __pfx___sys_sendmsg+0x10/0x10 [ 112.908234][ T6384] ? __x64_sys_futex+0x1e0/0x4c0 [ 112.913179][ T6384] do_syscall_64+0xcd/0xfa0 [ 112.917681][ T6384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.923569][ T6384] RIP: 0033:0x7f9f9858efc9 [ 112.927971][ T6384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.947570][ T6384] RSP: 002b:00007f9f993d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.955987][ T6384] RAX: ffffffffffffffda RBX: 00007f9f987e5fa0 RCX: 00007f9f9858efc9 [ 112.963951][ T6384] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 000000000000000a [ 112.971911][ T6384] RBP: 00007f9f98611f91 R08: 0000000000000000 R09: 0000000000000000 [ 112.979872][ T6384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.987839][ T6384] R13: 00007f9f987e6038 R14: 00007f9f987e5fa0 R15: 00007ffe7161e4b8 [ 112.995826][ T6384] [ 112.998837][ T6384] Modules linked in: [ 113.004174][ T6384] ---[ end trace 0000000000000000 ]--- [ 113.013859][ T6392] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 113.028594][ T6384] RIP: 0010:generic_hwtstamp_ioctl_lower+0x185/0x380 [ 113.035336][ T6384] Code: 4c 89 e2 48 c1 ea 03 80 3c 02 00 0f 85 e1 01 00 00 48 be 00 00 00 00 00 fc ff df 49 8b 45 10 48 8d 78 10 48 89 fa 48 c1 ea 03 <0f> b6 0c 32 48 8d 50 27 49 89 d0 83 e2 07 49 c1 e8 03 41 0f b6 34 [ 113.055354][ T6384] RSP: 0018:ffffc90003097260 EFLAGS: 00010202 [ 113.077235][ T6384] RAX: 0000000000000000 RBX: 1ffff92000612e4e RCX: ffffc9000caed000 [ 113.086461][ T6384] RDX: 0000000000000002 RSI: dffffc0000000000 RDI: 0000000000000010 [ 113.096321][ T6384] RBP: ffffc90003097338 R08: 0000000000000001 R09: 0000000000000006 [ 113.126232][ T6384] R10: ffffc900030972ae R11: 0000000000000001 R12: ffffc90003097428 [ 113.134466][ T6384] R13: ffffc90003097418 R14: ffff88805f0c2000 R15: ffffc900030972a0 [ 113.147374][ T6384] FS: 00007f9f993d06c0(0000) GS:ffff888124b12000(0000) knlGS:0000000000000000 [ 113.156918][ T6384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.164966][ T6384] CR2: 00007f41e2a1a9c8 CR3: 0000000028cda000 CR4: 00000000003526f0 [ 113.173499][ T6384] Kernel panic - not syncing: Fatal exception [ 113.179897][ T6384] Kernel Offset: disabled [ 113.184207][ T6384] Rebooting in 86400 seconds..