last executing test programs: 3m4.202496849s ago: executing program 0 (id=113): mmap$auto(0x0, 0x2020009, 0x9, 0xeb3, 0xfffefffffffffffa, 0x8000) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) r0 = prctl$auto_PR_SET_VMA_ANON_NAME(0x4, 0x0, 0x0, 0x7a, 0x7) poll$auto(&(0x7f0000000180)={r0, 0x72d7, 0x7}, 0xffffffff, 0x80) writev$auto(r0, &(0x7f0000000140)={&(0x7f00000000c0)="bbc69f44294e96f44775c8ae2f799d5b6cd3299545567a43016b6aec10e08a4fb9dbbca984cc42f44cdd54999180d823053a2bcc3081d962d5d7782de2cd2ad59a53569f780f1c9034ccad3581883cc6b1a76687a38c9eeb864081f5aa5c16157d43f44f0da3d1f57668fd3b292a2de512328f", 0x3}, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) futex_requeue$auto(&(0x7f0000000080)={0x0, 0x39c3c00000000, 0xdd54}, 0x80800001, 0x1007fc, 0x8001) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/swaps\x00', 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x104, 0x80000001, 0x7, 0x1, 0x3, 0x15f4da0a, 0x6, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x2, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$auto_XFS_IOC_GET_RESBLKS(r1, 0x80105873, &(0x7f0000000040)={0x7, 0x1}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x63f) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) init_module$auto(0x0, 0xffff9, 0x0) pidfd_open$auto(0x1, 0x0) 3m2.391572683s ago: executing program 0 (id=118): futex$auto(0x0, 0x9, 0x2948, 0x0, 0x0, 0x5) mmap$auto(0xffffffffffffff01, 0xe983, 0x7, 0x1d14, 0x401, 0xe92) futex_waitv$auto(0x0, 0x0, 0xffff, &(0x7f0000000040)={0x6, 0x10000}, 0xc6a) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto(0x30, 0x5c5, 0x0, 0x4, 0x0) 3m2.328489692s ago: executing program 0 (id=119): socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x18, 0x0, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) r1 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=r0, 0x4, @old_prog_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) r2 = socket(0x2, 0x3, 0x6) pipe$auto(&(0x7f0000000780)=0xffffffffffffffff) splice$auto(r3, 0x0, r2, &(0x7f0000002100)=0x1ff, 0x768, 0x6) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) ioctl$auto_SG_SET_FORCE_PACK_ID(r4, 0x227b, 0x0) 3m2.067977195s ago: executing program 0 (id=121): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup.cpu/memory.stat\x00', 0x80200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/118, 0x76) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyu3\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, &(0x7f0000000080)="f5c94556d7b994ee4c7d6b964e87cfce41d8b86d8574badcc9a0191d85605665e0fa950b247f4667f57ca338d45bd2f88e5dd3dfe6600774e6503521259e0c7c3ddd5099e4b948915c1d3f49efad80b766") mmap$auto(0x3ff, 0x40000a, 0x880, 0x18, 0x2, 0x89d) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x8742, 0x0) unshare$auto(0x803) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0xd35) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x801, 0x84) r4 = socket(0x26, 0x5, 0x1) sysinfo$auto(0x0) socket(0x1d, 0x6, 0x216) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_STOP_AP(r4, 0x0, 0x4000010) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video52\x00', 0x0, 0x0) ioctl$auto(r5, 0x40085618, r5) mmap$auto(0x0, 0x5, 0x22, 0x40eb1, r3, 0x300000000000) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x101800, 0x0) ioctl$auto(r6, 0x4b46, 0x1) close_range$auto(0x2, r2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x580f, 0xffb, 0x8000000008011, 0x3, 0x0) getresgid$auto(0x0, &(0x7f0000000a40)=0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) 3m1.636188178s ago: executing program 0 (id=122): futex$auto(0x0, 0x9, 0x2948, 0x0, 0x0, 0x5) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/usb/drivers/snd-usb-hiface/remove_id\x00', 0x103841, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001180)='/proc/pressure/irq\x00', 0x48041, 0x0) sendmsg$auto_IEEE802154_START_REQ(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)={0x1c, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4004802) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x7, 0x4}, 0x7f, 0x0, 0x0, 0x8) mmap$auto(0xffffffffffffff01, 0xe983, 0x7, 0x1d14, 0x401, 0xe92) futex_waitv$auto(0x0, 0x0, 0xffff, &(0x7f0000000040)={0x6, 0x10000}, 0xc6a) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x400000, 0x0) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_options\x00', 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x2, &(0x7f0000000000), 0x3) setsockopt$auto_SO_LOCK_FILTER(r0, 0x80000001, 0x2c, &(0x7f0000000080)='#.\x92,\\\xb4&*\x00', 0x8001) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto(0x0, 0x5c5, 0x0, 0x4, 0x0) 3m0.456064643s ago: executing program 0 (id=125): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000) (async) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) (async, rerun: 32) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) (rerun: 32) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) (async) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) (async) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, 0x0) (async) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) (async) listxattr$auto(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='-\\::\x00', 0x6) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) 2m45.258188175s ago: executing program 32 (id=125): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3d7}, 0x7}, 0x803, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000) (async) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) (async, rerun: 32) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) (rerun: 32) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) (async) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) (async) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, 0x0) (async) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) (async) listxattr$auto(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='-\\::\x00', 0x6) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) 7.577240514s ago: executing program 1 (id=754): r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x20000000) recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0) unshare$auto(0x40000080) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="00000000000000000000000000001153b404bb9016c9935bf28b89f31367d7c84a7835d9250844eb362cab1c270d4428c63fc99517f2fb4f2bbaa6888b60f2f34ce38ac02d9aaf90bce1723c7e165dc3efa2455211e010df16f962121249be2a8dc1bc436334345e4d465c5fe458026cb54f2831c1d55fa96b9a9ce4e89118cf45271402d4db63889b594c8bb0c007d49967172e028de2a619a339e32de41f0d62ab2eacc1822437c71c4ff1e8dd9fd2db515fe2b0f079e56c80bad5d0c1f52f2ca3f02aec6474c016c8d25c71bfa88881b14f2e8f0dddd300"/226], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x400, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/kernel/usermodehelper/bset\x00', 0x8a802, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) ioctl$auto(r2, 0x800064bc, 0x1e6) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000200), r3) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r4, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010025bd5000fddbdf2500000008000780040001800c000200060000000020000000"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x8880) readv$auto(r4, &(0x7f0000000240)={0x0, 0x10001}, 0x80000004) semctl$auto_GETVAL(0x0, 0x1, 0xc, 0x10000) ioperm$auto(0x7, 0x6, 0x2) pwritev2$auto(0xffffffffffffffff, 0x0, 0x100, 0x2, 0x9, 0x43) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0xd5, 0x8, 0x4) r6 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/dynamic_events\x00', 0x105540, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r6, &(0x7f0000000140)="65507307ff6587a725ca87720ef9769f20592e775f", 0x15) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) 6.603578413s ago: executing program 2 (id=759): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0x8004ae98, 0x1000000) 5.75654646s ago: executing program 2 (id=761): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) ioctl$auto(0x3, 0xc0305615, 0x38) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001300"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) 5.50163682s ago: executing program 4 (id=762): mmap$auto(0x0, 0x2020009, 0x9, 0xeb3, 0xfffefffffffffffa, 0x8000) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) r0 = prctl$auto_PR_SET_VMA_ANON_NAME(0x4, 0x0, 0x0, 0x7a, 0x7) poll$auto(&(0x7f0000000180)={r0, 0x72d7, 0x7}, 0xffffffff, 0x80) writev$auto(r0, &(0x7f0000000140)={&(0x7f00000000c0)="bbc69f44294e96f44775c8ae2f799d5b6cd3299545567a43016b6aec10e08a4fb9dbbca984cc42f44cdd54999180d823053a2bcc3081d962d5d7782de2cd2ad59a53569f780f1c9034ccad3581883cc6b1a76687a38c9eeb864081f5aa5c16157d43f44f0da3d1f57668fd3b292a2de512328f62", 0x3}, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) futex_requeue$auto(&(0x7f0000000080)={0x0, 0x39c3c00000000, 0xdd54}, 0x80800001, 0x1007fc, 0x8001) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/swaps\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x149400, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x104, 0x80000001, 0x7, 0x1, 0x3, 0x15f4da0a, 0x6, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x2, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_XFS_IOC_GET_RESBLKS(r1, 0x80105873, &(0x7f0000000040)={0x7, 0x1}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x10, 0x2, 0x63f) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00", @ANYBLOB="5e0027617c36720add70ab"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) init_module$auto(0x0, 0xffff9, 0x0) pidfd_open$auto(0x1, 0x0) 5.50076548s ago: executing program 3 (id=763): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x180342, 0x0) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002780)={0x14, r1, 0x1b, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) 5.374610422s ago: executing program 1 (id=764): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7fffefff) (fail_nth: 2) 5.276160515s ago: executing program 2 (id=765): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x84, 0x7, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x3c, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000001280)='/dev/ptyee\x00', 0x980, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001240)='/dev/sequencer2\x00', 0x8480, 0x0) keyctl$auto(0x5, 0xffffffffffffffff, 0x2, 0x4, 0x8) r4 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) execveat$auto(r4, 0x0, 0x0, 0x0, 0x11000) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/nomerges\x00', 0x2, 0x0) write$auto(r5, &(0x7f0000000080)='\'Vd1L\xff\x15~\x8f\xf8\xfe\xce\xda\xd3q^L\xd1\x8d\x96]\x0f;\xb6\xd0\\\xbft0=\xf8Q#\xc1&\'JM6\xad\xc6\x02\x7f>\x05j\x9dL\x95a\xb4\xc7\xfd/\xea', 0x8) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) sendmsg$auto_NL802154_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='$7O\x00\x00\x00', @ANYRES16, @ANYBLOB="040025bd"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x0, 0x0) r7 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001200)='/sys/kernel/security/tomoyo/profile\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r7, &(0x7f0000000040)=""/4099, 0xfd98) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_TYPE(r1, 0x5, 0x3, &(0x7f0000000000)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/nomerges\x00', 0x2) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r8, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000001080)=ANY=[@ANYBLOB="00e601bf0000008c75ed0431ff1599681338de504c5591457452fe4876c4727c19284a51bba328c01654a523e7c9ed286df086af316b6e5dda0100745fd1229071c3c5a8c728c4b44c211beca8cdc25cb6bd000800de1951ce29f6a3a5e36b990000000000e42ae2f79bc95348712ce702e2c9b2000000008ed3f0926441cad18bb29492131a963ffd2f90c21db2cc93c01086d98296328011cc2b9d6131dfdac932978c85fc64db36c7dcb30e8318ba9d64e3ae83668f99da935ef45a124d71a38789cb2b467849d0c8996079bade4e7948a3f2a88270d45ed4b6cfe0b3c4e3f3bc93ea01c8d826aad1ac18acb969086464d793366dff5a6add986f763ad37f3ca082ac72ea8b7496862bca51673cfc2c49bafd6d7053607a66ab5a128da054f38e57f2e7ec1b786918", @ANYRESDEC=r7, @ANYBLOB="cb5b2cbd7000ffdb9f251f00000005000600090000000500040000000000080003000900000008000200f7000000"], 0x34}}, 0x82) r9 = openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/cec/cec20/status\x00', 0x80441, 0x0) read$auto_debugfs_devm_entry_ops_file(r9, &(0x7f0000000940)=""/46, 0x2e) ioctl$auto_SG_GET_RESERVED_SIZE(r6, 0x4c00, 0x0) 4.446626461s ago: executing program 3 (id=766): socket(0x2, 0x1, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x341843, 0x0) r1 = bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x4, 0x80}, 0x96) bpf$auto(0xffffffff, 0x0, 0xb) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0xc0285628, 0x38) madvise$auto(0xd057, 0x8000000000000000, 0x4) r2 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) preadv$auto(r2, &(0x7f0000000100)={&(0x7f0000000200), 0x82}, 0x8, 0xd62a, 0x5) sendmsg$auto_NL80211_CMD_NEW_MPATH(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8800010}, 0xc, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000425bd7000fddbdf251700000033016e8008000300e00000014aaaff237f86cb195d10dd2b2dea889d71778fabff84e7999146fb5b6866ecc551ba62b701aed2b1f94b4e38a7fea5945a853dd6bc7d103cc20563a61212fada2196d0e23ee39260c0e7ad91c5730e6e5593500111fe92b15d8ef9a949fdafbb44a39d4a3757078f2e3314bc1ac27ca8ecac8394634b8ba1db9e3a8c59e7e3535657cfec0072ba1ce4857811f32246e20b6c88369d8ef3d38934df7d08e254f47c026c18db7dec8991f308fc1be97b006a766b121bea3657f1155ed400e592210f3ed30caf1cd0920d6f8784ed77bb855109f901537dc8d2646d6146e108d92b3bf706f3e24c3d881f0d92a52e1dd5f8322a55d34be3174ac1e57e225bb0b83871e1fe038210ad08867ad020cad6aebddf2a5f36c67b8139c8a2709f6190a60800fd0001000000000800230101000000"], 0x150}, 0x1, 0x0, 0x0, 0x1b6efac7cd8fe165}, 0x8010) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x807, 0xe2, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) pkey_free$auto(0xfffffffd) madvise$auto(0x1ff, 0x5d, 0xc2c) 4.052014554s ago: executing program 1 (id=767): madvise$auto_MADV_UNMERGEABLE(0x2, 0x7, 0xd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40280, 0x0) madvise$auto_MADV_UNMERGEABLE(0x9, 0x6094, 0xd) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/mpls/conf/netdevsim2/input\x00', 0x40802, 0x0) sendfile$auto(0x6, 0x3, 0x0, 0xc01) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\b\x00\x00', @ANYRES16=r1], 0x60}, 0x1, 0x0, 0x0, 0x54}, 0x1) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x81c5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) getsockopt$auto(r2, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x8, 0x200006, 0x2, 0x40ebd, 0x602, 0x300400000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r3, 0x0, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000040)) 3.668100603s ago: executing program 4 (id=768): socket$nl_generic(0x10, 0x3, 0x10) r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000001c0)=""/65, 0x41) mmap$auto(0xffffffffffffffff, 0xfffffffffffffffe, 0xdc, 0x8011, 0x2, 0xa) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x4de, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x106000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x200007, 0x19) syz_clone3(0x0, 0x0) mmap$auto(0x6, 0x9, 0x103, 0x5b, r1, 0x8000) mmap$auto(0x0, 0x8, 0x2, 0xffff, 0x5, 0x0) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2) sysfs$auto(0x2, 0x23, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) socket$nl_generic(0x10, 0x3, 0x10) msgctl$auto_MSG_STAT(0x5, 0xb, &(0x7f00000000c0)={{0x380000, 0x0, 0xee01, 0x6, 0x1, 0x3, 0x1}, &(0x7f0000000040), &(0x7f0000000140)=0x2, 0x1000, 0x8001, 0x3, 0x9, 0x8001, 0x258b, 0x6, 0x2, @inferred=0xffffffffffffffff}) 3.219649441s ago: executing program 2 (id=769): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) io_uring_setup$auto(0x8000, &(0x7f0000000180)={0x6, 0x6, 0x8, 0x7fff, 0x2, 0xfffe, 0xffffffffffffffff, [], {0x6, 0x9, 0x10001, 0x6, 0x9, 0x2d9, 0xfffffff9, 0x7ff, 0x18}, {0x5, 0x60b, 0x1000, 0x2, 0x200, 0x1, 0xff, 0x6, 0xe0000000000000}}) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0x8004ae98, 0x1000000) 2.964667496s ago: executing program 4 (id=770): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x101140, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000012c0)="7448e620de7d1007d2a8c2992ecb67fcda72f1816e830b9b7f67119ee261c68b978a97bfbbef0a4a62307d34385bc99ba9a726ec4245915c40e399d4ce45d123e3b91f01c997a624700faa97db018c7bf65a0daa8355d008bdf34f3e01ae00"/108) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setitimer$auto(0x4, &(0x7f0000000000)={{0x1ff, 0x10001}, {0x200000000004, 0x6}}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) bpf$auto(0x12, &(0x7f0000000000)=@info={0x2800, 0x1ff, 0x2}, 0xcf) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001200)='/sys/devices/virtual/bluetooth/hci5/rfkill30/index\x00', 0x20001, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xebe, r0, 0x8000) r1 = socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, r1, 0x0) r2 = open(0x0, 0x22240, 0x55) ioctl$auto_CEC_DQEVENT(r2, 0xc0506107, &(0x7f0000001240)={0x8001, 0x77, 0x2, @lost_msgs={0x6}}) mmap$auto(0x0, 0x2000809, 0x1000000003, 0xeb1, 0xffffffffffffffff, 0x7ffc) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/name\x00', 0xa000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/4096, 0x1000) r4 = memfd_create$auto(0x0, 0x9) fallocate$auto(r4, 0x3, 0x2, 0x4) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000001340)='/dev/ptyd9\x00', 0x113100, 0x0) timer_create$auto(0x9, 0x0, &(0x7f0000000140)=0x6) openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x1a3540, 0x0) read$auto_proc_timers_operations_base(r4, &(0x7f0000001380)=""/180, 0xb4) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) bpf$auto(0x6, &(0x7f0000000200)=@raw_tracepoint={0x9, 0xffffffffffffffff, 0x0, 0x9}, 0x4101) ioctl$auto_FIDEDUPERANGE(r5, 0xc0189436, 0x7ff) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x800c6f46, r6) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200000, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r7, &(0x7f00000010c0)="09f58a9b9b2bde8e1dad07415745c203f005f801658dbe80f3f639a2c98649ae8853aba6772b59b7350e6a8fe9d61f921be6f39c110e94cd1c74ded2bf9eef8faa3a967b9b6c1e51037dd3f7338e84ae7e9d545ce55ba1d7ac678d2a64b930434fcab77306c1378b7862495c1f25c6ea738b2b90412a8042ec8b39f7f14b97d9afdadbe2fb8353def22279ef950040c13b427940ce1a07b16220dba84bf79cbb352d4a6898c3ce231d6b75685edc5957e25acf3e8256ca3e863b0061af674ed039eedaa0845d164a23fb1340f195f1c85a79b624db04e35c255cedf8840ee0390bb77d6987d4a05d1cf7", 0xea) 2.730174224s ago: executing program 3 (id=771): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/006/001\x00', 0x40940, 0x0) mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, 0x0, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_shared\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x82842, 0x85) read$auto(r1, 0x0, 0x1) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0) write$auto(r2, 0x0, 0x6) (fail_nth: 5) 2.664784329s ago: executing program 4 (id=772): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, r0, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x700) 2.553159071s ago: executing program 4 (id=773): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) write$auto(0xca, &(0x7f0000000140)='\x04\x0e\x06\xd5\x89|d\v\x00\x00@\x00\x81\x00\x00\x00\xf6\xf5\x00\xdf\xff\x00', 0x10) socket(0xa, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(r0, &(0x7f00000001c0)=@llc={0x1a, 0x322, 0x3, 0x7, 0x7f, 0xf4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10006a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40400, 0x4) r1 = socket(0x2b, 0x1, 0x1) ioctl$auto(r1, 0x8901, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/bond0/unres_qlen\x00', 0xa000, 0x0) mmap$auto(0x0, 0x400008, 0x4, 0x16, 0x2, 0x8000) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000100), 0xffffffffffffffff) read$auto(r3, 0x0, 0x1ff) write$auto(r2, 0x0, 0xfdef) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x44010) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) 2.523224058s ago: executing program 2 (id=774): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x5, 0x10000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x121142, 0x13d) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0x7fffffff) write$auto(0x3, 0x0, 0xfffffdef) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x71) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x1a, 0x0, 0x8, &(0x7f00000000c0), 0x3f, 0x10009}, 0xfffffffb}, 0x5, 0x6586, 0x0) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x21, 0x3}, 0x9}, 0xb, 0x0) openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000000), 0x6e0980, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r1, 0x22284, r0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="720100009d295b7f411fb940f3710f50cada42b8428928c269ef03bb5c570c2998b23aa4f9f94e9d081e476d18c35c9d3dd0952e0934af", @ANYBLOB="01"], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) close_range$auto(r2, r2, 0x0) 2.047935297s ago: executing program 3 (id=775): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) mmap$auto(0x0, 0x8, 0x7f, 0x100009b72, 0x2, 0x40) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x100) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x161201, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) 1.88546216s ago: executing program 1 (id=776): setgroups$auto(0xc00000000, 0xfffffffffffffffc) r0 = openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/current_tracer\x00', 0x1a3642, 0x0) writev$auto(r0, &(0x7f0000000100)={0x0, 0x40}, 0x8) setresgid$auto(0x81, 0x800000a0, 0x8) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) read$auto_evdev_fops_evdev(r1, 0x0, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/timer_source\x00', 0x20080, 0x0) pread64$auto(r2, 0x0, 0x1fffe001, 0xb) socket(0x2, 0x2, 0x1) socket(0x29, 0x800, 0xfffffffd) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x2, 0xa00006, 0x2, 0x40eb1, 0x602, 0x3ff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)={0x38, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_COALESCE_TX_USECS_HIGH={0x8, 0x15, 0x1ce9c523}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x2}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x4000) 1.789597393s ago: executing program 4 (id=777): r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) ftruncate$auto(r0, 0xa0) read$auto_proc_pid_set_comm_operations_base(r0, &(0x7f0000000040)=""/42, 0x2a) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x452a00, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) ioctl$auto_BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, &(0x7f0000000080)=0x10001) capget$auto(0x0, 0xfffffffffffffffe) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x261c2, 0x84) mmap$auto(0x1000001, 0x9, 0xfffffffffffffffc, 0x12, r1, 0x7ffc) 1.787113756s ago: executing program 1 (id=778): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x84, 0x7, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x3c, r3, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000001280)='/dev/ptyee\x00', 0x980, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001240)='/dev/sequencer2\x00', 0x8480, 0x0) keyctl$auto(0x5, 0xffffffffffffffff, 0x2, 0x4, 0x8) r4 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) execveat$auto(r4, 0x0, 0x0, 0x0, 0x11000) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/nomerges\x00', 0x2, 0x0) write$auto(r5, &(0x7f0000000080)='\'Vd1L\xff\x15~\x8f\xf8\xfe\xce\xda\xd3q^L\xd1\x8d\x96]\x0f;\xb6\xd0\\\xbft0=\xf8Q#\xc1&\'JM6\xad\xc6\x02\x7f>\x05j\x9dL\x95a\xb4\xc7\xfd/\xea', 0x8) r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) write$auto(r6, &(0x7f0000000000)='/dev/\xe9nput/event0\x00', 0x7fe) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x0, 0x0) r8 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001200)='/sys/kernel/security/tomoyo/profile\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r8, &(0x7f0000000040)=""/4099, 0xfd98) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_TYPE(r1, 0x5, 0x3, &(0x7f0000000000)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/nomerges\x00', 0x2) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r9, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000001080)=ANY=[@ANYBLOB="00e601bf0000008c75ed0431ff1599681338de504c5591457452fe4876c4727c19284a51bba328c01654a523e7c9ed286df086af316b6e5dda0100745fd1229071c3c5a8c728c4b44c211beca8cdc25cb6bd000800de1951ce29f6a3a5e36b990000000000e42ae2f79bc95348712ce702e2c9b2000000008ed3f0926441cad18bb29492131a963ffd2f90c21db2cc93c01086d98296328011cc2b9d6131dfdac932978c85fc64db36c7dcb30e8318ba9d64e3ae83668f99da935ef45a124d71a38789cb2b467849d0c8996079bade4e7948a3f2a88270d45ed4b6cfe0b3c4e3f3bc93ea01c8d826aad1ac18acb969086464d793366dff5a6add986f763ad37f3ca082ac72ea8b7496862bca51673cfc2c49bafd6d7053607a66ab5a128da054f38e57f2e7ec1b786918", @ANYRESDEC=r8, @ANYBLOB="cb5b2cbd7000ffdb9f251f00000005000600090000000500040000000000080003000900000008000200f7000000"], 0x34}}, 0x82) r10 = openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/cec/cec20/status\x00', 0x80441, 0x0) read$auto_debugfs_devm_entry_ops_file(r10, &(0x7f0000000940)=""/46, 0x2e) ioctl$auto_SG_GET_RESERVED_SIZE(r7, 0x4c00, 0x0) 1.293961932s ago: executing program 1 (id=779): mmap$auto(0x0, 0x2020009, 0x9, 0xeb3, 0xfffefffffffffffa, 0x8000) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) r0 = prctl$auto_PR_SET_VMA_ANON_NAME(0x4, 0x0, 0x0, 0x7a, 0x7) poll$auto(&(0x7f0000000180)={r0, 0x72d7, 0x7}, 0xffffffff, 0x80) writev$auto(r0, &(0x7f0000000140)={&(0x7f00000000c0)="bbc69f44294e96f44775c8ae2f799d5b6cd3299545567a43016b6aec10e08a4fb9dbbca984cc42f44cdd54999180d823053a2bcc3081d962d5d7782de2cd2ad59a53569f780f1c9034ccad3581883cc6b1a76687a38c9eeb864081f5aa5c16157d43f44f0da3d1f57668fd3b292a2de512328f62", 0x3}, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) futex_requeue$auto(&(0x7f0000000080)={0x0, 0x39c3c00000000, 0xdd54}, 0x80800001, 0x1007fc, 0x8001) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/swaps\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x149400, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x104, 0x80000001, 0x7, 0x1, 0x3, 0x15f4da0a, 0x6, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x2, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) ioctl$auto_XFS_IOC_GET_RESBLKS(r1, 0x80105873, &(0x7f0000000040)={0x7, 0x1}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x10, 0x2, 0x63f) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00", @ANYBLOB="5e0027617c36720add70ab"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) init_module$auto(0x0, 0xffff9, 0x0) pidfd_open$auto(0x1, 0x0) 1.270441951s ago: executing program 3 (id=780): r0 = openat$auto_fops_x16_ro_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/x86/boot_params/version\x00', 0x287f896641c8c89e, 0x0) mmap$auto(0x400000000000000, 0x8001, 0x5, 0xeb1, r0, 0xb) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r3 = openat$auto_userfaultfd_dev_fops_userfaultfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) (async) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000180)={"ef13a5421a8765cadfca437c4d1316833843180bb151ed36e8ce6cb454168d6c", 0x3ff, 0x403, 0x1000, 0x2, 0x9}) (async) ioctl$auto_BLKTRACESTART(r4, 0x1274, 0x0) (async) ioctl$auto(0x3, 0x200009, r3) (async) mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x405, 0x8000) (async) ioperm$auto(0x7fb, 0x1, 0x4000007) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) memfd_create$auto(0x0, 0xd) (async) ftruncate$auto(0x0, 0x8800000) (async) setsockopt$auto_SO_MAX_PACING_RATE(r1, 0x7, 0x2f, &(0x7f0000000000)='/dev/ppp\x00', 0xb30b) (async) r5 = openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000840)='/sys/kernel/debug/tracing/tracing_on\x00', 0x400, 0x0) readv$auto(r5, &(0x7f0000000c80)={&(0x7f0000000c40), 0xa80}, 0x1) (async) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r7, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) io_uring_setup$auto(0x6, 0x0) 543.988748ms ago: executing program 2 (id=781): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, r0, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) (fail_nth: 5) 0s ago: executing program 3 (id=782): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) io_uring_setup$auto(0x8000, &(0x7f0000000180)={0x6, 0x6, 0x8, 0x7fff, 0x2, 0xfffe, 0xffffffffffffffff, [], {0x6, 0x9, 0x10001, 0x6, 0x9, 0x2d9, 0xfffffff9, 0x7ff, 0x18}, {0x5, 0x60b, 0x1000, 0x2, 0x200, 0x1, 0xff, 0x6, 0xe0000000000000}}) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0x8004ae98, 0x1000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts. [ 93.204608][ T5830] cgroup: Unknown subsys name 'net' [ 93.378753][ T5830] cgroup: Unknown subsys name 'cpuset' [ 93.388345][ T5830] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 95.187542][ T5830] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 97.235262][ T10] cfg80211: failed to load regulatory.db [ 97.746129][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 97.759522][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 97.767782][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 97.775470][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 97.784478][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 97.792382][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 97.811511][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 97.824788][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 97.829140][ T5154] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 97.839207][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 97.839816][ T5154] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 97.855270][ T5154] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 97.863337][ T5154] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 97.863347][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 97.880249][ T5154] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 97.922058][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 97.930391][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 97.938376][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 97.960383][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 97.969749][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 98.440393][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 98.533773][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 98.628725][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 98.771635][ T5852] chnl_net:caif_netlink_parms(): no params data found [ 98.825952][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.833344][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.842435][ T5841] bridge_slave_0: entered allmulticast mode [ 98.850362][ T5841] bridge_slave_0: entered promiscuous mode [ 98.871897][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.879602][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.887279][ T5845] bridge_slave_0: entered allmulticast mode [ 98.895182][ T5845] bridge_slave_0: entered promiscuous mode [ 98.903800][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.910946][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.919688][ T5841] bridge_slave_1: entered allmulticast mode [ 98.927080][ T5841] bridge_slave_1: entered promiscuous mode [ 98.972239][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.979576][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.987051][ T5845] bridge_slave_1: entered allmulticast mode [ 98.995629][ T5845] bridge_slave_1: entered promiscuous mode [ 99.059860][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.122304][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.147589][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.155150][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.162359][ T5844] bridge_slave_0: entered allmulticast mode [ 99.169945][ T5844] bridge_slave_0: entered promiscuous mode [ 99.178540][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.185875][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.193156][ T5844] bridge_slave_1: entered allmulticast mode [ 99.201080][ T5844] bridge_slave_1: entered promiscuous mode [ 99.210635][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.246775][ T5841] team0: Port device team_slave_0 added [ 99.268943][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.294408][ T5841] team0: Port device team_slave_1 added [ 99.367634][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.379573][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.401077][ T5852] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.408788][ T5852] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.416165][ T5852] bridge_slave_0: entered allmulticast mode [ 99.423548][ T5852] bridge_slave_0: entered promiscuous mode [ 99.447777][ T5845] team0: Port device team_slave_0 added [ 99.458098][ T5845] team0: Port device team_slave_1 added [ 99.479405][ T5852] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.486827][ T5852] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.496570][ T5852] bridge_slave_1: entered allmulticast mode [ 99.504480][ T5852] bridge_slave_1: entered promiscuous mode [ 99.512678][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.519726][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.547003][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.600279][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.607587][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.637694][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.667033][ T5844] team0: Port device team_slave_0 added [ 99.697759][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.705233][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.731443][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.745011][ T5844] team0: Port device team_slave_1 added [ 99.756046][ T5852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.768730][ T5852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.779487][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.787159][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.813699][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.864348][ T5154] Bluetooth: hci0: command tx timeout [ 99.928942][ T5841] hsr_slave_0: entered promiscuous mode [ 99.935532][ T5841] hsr_slave_1: entered promiscuous mode [ 99.943166][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.950527][ T5154] Bluetooth: hci2: command tx timeout [ 99.950738][ T5154] Bluetooth: hci1: command tx timeout [ 99.962120][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.988258][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.003656][ T5852] team0: Port device team_slave_0 added [ 100.012868][ T5852] team0: Port device team_slave_1 added [ 100.023608][ T5842] Bluetooth: hci3: command tx timeout [ 100.037509][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.044528][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.070547][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.172048][ T5845] hsr_slave_0: entered promiscuous mode [ 100.178953][ T5845] hsr_slave_1: entered promiscuous mode [ 100.185622][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.193395][ T5845] Cannot create hsr debugfs directory [ 100.200087][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.207341][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.233381][ T5852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.246520][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.253825][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.279927][ T5852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.422977][ T5844] hsr_slave_0: entered promiscuous mode [ 100.430492][ T5844] hsr_slave_1: entered promiscuous mode [ 100.437780][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.445868][ T5844] Cannot create hsr debugfs directory [ 100.524807][ T5852] hsr_slave_0: entered promiscuous mode [ 100.531311][ T5852] hsr_slave_1: entered promiscuous mode [ 100.538581][ T5852] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.546201][ T5852] Cannot create hsr debugfs directory [ 100.861746][ T5841] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 100.898881][ T5841] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 100.911286][ T5841] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 100.969748][ T5841] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 101.047929][ T5845] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 101.058928][ T5845] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 101.079691][ T5845] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 101.106428][ T5845] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 101.189387][ T5844] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 101.201825][ T5844] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 101.224552][ T5844] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 101.248418][ T5844] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 101.356325][ T5852] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 101.367777][ T5852] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 101.380723][ T5852] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 101.409932][ T5852] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 101.469931][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.550308][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.586958][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.594312][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.628767][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.651404][ T1158] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.658615][ T1158] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.737654][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.750980][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.783692][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.790983][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.834760][ T2982] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.842379][ T2982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.862338][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.898839][ T2982] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.906212][ T2982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.937721][ T3023] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.944970][ T3023] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.957859][ T5842] Bluetooth: hci0: command tx timeout [ 101.987552][ T5852] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.024265][ T5842] Bluetooth: hci1: command tx timeout [ 102.027742][ T5154] Bluetooth: hci2: command tx timeout [ 102.105155][ T5154] Bluetooth: hci3: command tx timeout [ 102.117509][ T5852] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.149886][ T3023] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.157536][ T3023] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.196048][ T1098] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.203259][ T1098] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.317388][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.537631][ T5841] veth0_vlan: entered promiscuous mode [ 102.579523][ T5841] veth1_vlan: entered promiscuous mode [ 102.717483][ T5841] veth0_macvtap: entered promiscuous mode [ 102.730587][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.742198][ T5841] veth1_macvtap: entered promiscuous mode [ 102.782917][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.833061][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.872455][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.896559][ T5852] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.909307][ T5841] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.919155][ T5841] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.928326][ T5841] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.937434][ T5841] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.966254][ T5844] veth0_vlan: entered promiscuous mode [ 103.000863][ T5844] veth1_vlan: entered promiscuous mode [ 103.095192][ T5845] veth0_vlan: entered promiscuous mode [ 103.135034][ T1098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.143252][ T1098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.174305][ T5845] veth1_vlan: entered promiscuous mode [ 103.191328][ T5852] veth0_vlan: entered promiscuous mode [ 103.212249][ T5844] veth0_macvtap: entered promiscuous mode [ 103.237575][ T5844] veth1_macvtap: entered promiscuous mode [ 103.257535][ T5852] veth1_vlan: entered promiscuous mode [ 103.263195][ T3023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.282904][ T3023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.319800][ T5845] veth0_macvtap: entered promiscuous mode [ 103.344742][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.359986][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.377580][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.390035][ T5845] veth1_macvtap: entered promiscuous mode [ 103.440243][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.451409][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.470195][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.490177][ T5844] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.495931][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 103.499707][ T5844] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.522290][ T5844] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.533920][ T5844] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.553306][ T5852] veth0_macvtap: entered promiscuous mode [ 103.575711][ T5852] veth1_macvtap: entered promiscuous mode [ 103.606684][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.626078][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.647121][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.658011][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.670073][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.702264][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.715077][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.725060][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.736091][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.747627][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.797668][ T5845] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.808863][ T5845] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.819559][ T5845] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.829021][ T5845] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.852956][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.869967][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.881156][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.894225][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.904430][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.921276][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.940303][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.979688][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.025930][ T5154] Bluetooth: hci0: command tx timeout [ 104.035888][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.047221][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.058115][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.070288][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.081672][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.099903][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.107347][ T5154] Bluetooth: hci1: command tx timeout [ 104.113540][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 104.117910][ T5154] Bluetooth: hci2: command tx timeout [ 104.198349][ T5154] Bluetooth: hci3: command tx timeout [ 104.262406][ T5852] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.295943][ T5852] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.326855][ T5852] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.352474][ T5852] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.502313][ T5902] Invalid ELF header magic: != ELF [ 104.539540][ T1098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.556157][ T1098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.681936][ T1098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.690023][ T1098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.871703][ T2902] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.898681][ T2902] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.911154][ T3023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.940770][ T3023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.965756][ T3023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.980490][ T3023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.084251][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.093813][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 105.175721][ T2902] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.187304][ T2902] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.454070][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.513852][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.522687][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 105.531913][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.633982][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.642644][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.651539][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.159469][ T5154] Bluetooth: hci0: command tx timeout [ 106.184598][ T5154] Bluetooth: hci2: command tx timeout [ 106.185090][ T5842] Bluetooth: hci1: command tx timeout [ 106.265988][ T5842] Bluetooth: hci3: command tx timeout [ 107.388166][ T5916] Invalid ELF header magic: != ELF [ 108.019459][ T5919] Invalid ELF header magic: != ELF [ 108.239786][ T5941] Invalid ELF header magic: != ELF [ 110.913878][ T5964] Invalid ELF header magic: != ELF [ 111.087416][ T5948] Invalid ELF header magic: != ELF [ 111.580688][ T5956] Invalid ELF header magic: != ELF [ 113.819528][ T5976] Invalid ELF header magic: != ELF [ 114.787930][ T5989] Invalid ELF header magic: != ELF [ 115.621836][ T5999] Invalid ELF header magic: != ELF [ 117.029658][ T6012] Invalid ELF header magic: != ELF [ 119.517534][ T6020] Invalid ELF header magic: != ELF [ 120.280239][ T6033] Invalid ELF header magic: != ELF [ 121.677203][ T6047] Invalid ELF header magic: != ELF [ 121.937850][ T6061] Invalid ELF header magic: != ELF [ 122.398510][ T6077] Invalid ELF header magic: != ELF [ 122.980833][ T6065] Invalid ELF header magic: != ELF [ 124.963129][ T6088] Invalid ELF header magic: != ELF [ 125.373347][ T6096] Invalid ELF header magic: != ELF [ 125.731271][ T6108] Invalid ELF header magic: != ELF [ 127.209197][ T6119] Invalid ELF header magic: != ELF [ 127.317461][ T6121] Invalid ELF header magic: != ELF [ 129.852032][ T6154] Invalid ELF header magic: != ELF [ 129.931773][ T6160] Invalid ELF header magic: != ELF [ 131.544690][ T6180] Invalid ELF header magic: != ELF [ 132.378610][ T6200] Zero length message leads to an empty skb [ 134.612268][ T6222] Invalid ELF header magic: != ELF [ 134.798923][ T6218] Invalid ELF header magic: != ELF [ 136.307734][ T6236] netlink: 28 bytes leftover after parsing attributes in process `syz.3.44'. [ 136.392694][ T6236] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 137.148366][ T6251] Invalid ELF header magic: != ELF [ 138.202357][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.214148][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.609163][ T6271] Invalid ELF header magic: != ELF [ 139.224175][ T6284] Invalid ELF header magic: != ELF [ 141.539639][ T6297] Invalid ELF header magic: != ELF [ 142.411544][ T6295] Invalid ELF header magic: != ELF [ 145.222760][ T6334] Invalid ELF header magic: != ELF [ 146.193318][ T6342] Invalid ELF header magic: != ELF [ 148.324216][ T6379] Invalid ELF header magic: != ELF [ 148.342975][ T6368] Invalid ELF header magic: != ELF [ 148.924321][ T6369] Invalid ELF header magic: != ELF [ 151.282312][ T6404] Invalid ELF header magic: != ELF [ 151.318658][ T6417] Invalid ELF header magic: != ELF [ 152.202083][ T6422] Invalid ELF header magic: != ELF [ 154.476353][ T6448] Invalid ELF header magic: != ELF [ 155.065758][ T6447] Invalid ELF header magic: != ELF [ 156.890005][ T6477] Invalid ELF header magic: != ELF [ 157.416870][ T6486] Invalid ELF header magic: != ELF [ 157.816672][ T6494] Invalid ELF header magic: != ELF [ 159.911877][ T6514] Invalid ELF header magic: != ELF [ 161.828636][ T6536] Invalid ELF header magic: != ELF [ 162.653163][ T6547] Invalid ELF header magic: != ELF [ 162.811423][ T6560] Invalid ELF header magic: != ELF [ 165.261520][ T6581] Invalid ELF header magic: != ELF [ 165.797597][ T6594] Invalid ELF header magic: != ELF [ 165.951034][ T6595] Invalid ELF header magic: != ELF [ 168.433900][ T6621] Invalid ELF header magic: != ELF [ 169.020203][ T6642] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 169.027412][ T6642] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 169.043924][ T6642] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 169.051836][ T6642] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 169.073381][ T6642] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 169.112126][ T6642] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 169.130417][ T6642] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 169.139205][ T6642] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 169.216870][ T6642] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 169.265105][ T6642] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 169.271138][ T6642] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 169.386858][ T6642] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 169.569090][ T6644] Invalid ELF header magic: != ELF [ 170.513544][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.597584][ T6669] Invalid ELF header magic: != ELF [ 170.696027][ T6682] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 170.871266][ T6683] netlink: 4 bytes leftover after parsing attributes in process `syz.2.116'. [ 171.063647][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 171.143909][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 171.304404][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 171.682635][ T6699] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 172.524352][ T6677] mmap: syz.1.115 (6677) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 172.583525][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.912065][ T6715] mkiss: ax0: crc mode is auto. [ 173.145783][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.223658][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 173.385226][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 173.877987][ T6728] process 'syz.0.125' launched './file0' with NULL argv: empty string added [ 174.663628][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.247318][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 175.304167][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 175.463509][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.791898][ T6737] Invalid ELF header magic: != ELF [ 176.548758][ T6761] netlink: 198 bytes leftover after parsing attributes in process `syz.3.130'. [ 179.622156][ T6791] Invalid ELF header magic: != ELF [ 181.869855][ T6817] Invalid ELF header magic: != ELF [ 183.778403][ T6831] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 183.798833][ T6831] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 183.816676][ T6831] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 183.826811][ T6831] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 184.585292][ T6860] netlink: 302 bytes leftover after parsing attributes in process `syz.1.148'. [ 185.143486][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 185.344043][ T6846] Invalid ELF header magic: != ELF [ 185.863697][ T5154] Bluetooth: hci2: command 0x0c1a tx timeout [ 185.867890][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.869834][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 186.079717][ T6871] FAULT_INJECTION: forcing a failure. [ 186.079717][ T6871] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 186.112192][ T6871] CPU: 0 UID: 0 PID: 6871 Comm: syz.3.150 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 186.112232][ T6871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 186.112253][ T6871] Call Trace: [ 186.112263][ T6871] [ 186.112278][ T6871] dump_stack_lvl+0x16c/0x1f0 [ 186.112327][ T6871] should_fail_ex+0x512/0x640 [ 186.112367][ T6871] _copy_to_user+0x32/0xd0 [ 186.112407][ T6871] simple_read_from_buffer+0xcb/0x170 [ 186.112451][ T6871] proc_fail_nth_read+0x197/0x270 [ 186.112494][ T6871] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 186.112539][ T6871] ? rw_verify_area+0xcf/0x680 [ 186.112574][ T6871] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 186.112616][ T6871] vfs_read+0x1de/0xc70 [ 186.112662][ T6871] ? __pfx___mutex_lock+0x10/0x10 [ 186.112708][ T6871] ? __pfx_vfs_read+0x10/0x10 [ 186.112764][ T6871] ? __fget_files+0x20e/0x3c0 [ 186.112819][ T6871] ksys_read+0x12a/0x240 [ 186.112860][ T6871] ? __pfx_ksys_read+0x10/0x10 [ 186.112899][ T6871] ? rcu_is_watching+0x12/0xc0 [ 186.112949][ T6871] do_syscall_64+0xcd/0x260 [ 186.112998][ T6871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.113029][ T6871] RIP: 0033:0x7f26db98bb7c [ 186.113060][ T6871] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 186.113089][ T6871] RSP: 002b:00007f26dc7c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 186.113117][ T6871] RAX: ffffffffffffffda RBX: 00007f26dbba5fa0 RCX: 00007f26db98bb7c [ 186.113136][ T6871] RDX: 000000000000000f RSI: 00007f26dc7c60a0 RDI: 0000000000000003 [ 186.113153][ T6871] RBP: 00007f26dc7c6090 R08: 0000000000000000 R09: 0000000000000000 [ 186.113170][ T6871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.113186][ T6871] R13: 0000000000000000 R14: 00007f26dbba5fa0 R15: 00007fff2efc5978 [ 186.113225][ T6871] [ 187.442766][ T6873] Invalid ELF header magic: != ELF [ 187.656122][ T6876] netlink: 338 bytes leftover after parsing attributes in process `syz.2.152'. [ 187.708794][ T6876] netlink: 338 bytes leftover after parsing attributes in process `syz.2.152'. [ 189.880216][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 189.895256][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 189.914725][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 189.935365][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 189.946354][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 190.506005][ T6917] nbd: socks must be embedded in a SOCK_ITEM attr [ 190.984280][ T6908] chnl_net:caif_netlink_parms(): no params data found [ 191.813345][ T6926] Invalid ELF header magic: != ELF [ 192.027417][ T5842] Bluetooth: hci4: command tx timeout [ 192.065209][ T6908] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.123814][ T6908] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.173993][ T6908] bridge_slave_0: entered allmulticast mode [ 192.181814][ T6908] bridge_slave_0: entered promiscuous mode [ 192.243363][ T6908] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.271572][ T6908] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.288278][ T6908] bridge_slave_1: entered allmulticast mode [ 192.325701][ T6908] bridge_slave_1: entered promiscuous mode [ 192.511505][ T6908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.548384][ T6908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.672957][ T6908] team0: Port device team_slave_0 added [ 192.725475][ T6908] team0: Port device team_slave_1 added [ 192.890438][ T6908] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.912222][ T6908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.003475][ T6908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 193.049710][ T6908] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 193.057765][ T6908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.133968][ T6908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 193.445550][ T6908] hsr_slave_0: entered promiscuous mode [ 193.514747][ T6908] hsr_slave_1: entered promiscuous mode [ 193.521240][ T6908] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 193.563532][ T6908] Cannot create hsr debugfs directory [ 193.736820][ T6953] Invalid ELF header magic: != ELF [ 194.043714][ T6908] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 194.055858][ T6908] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 194.113796][ T5842] Bluetooth: hci4: command tx timeout [ 194.141402][ T6908] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 194.153030][ T6908] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 194.562261][ T6908] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.657548][ T6908] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.691254][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.698490][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.806617][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.813846][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.498487][ T6974] ubi0: attaching mtd0 [ 195.519146][ T6974] ubi0: scanning is finished [ 195.551476][ T6974] ubi0: empty MTD device detected [ 195.617499][ T6967] Invalid ELF header magic: != ELF [ 195.631466][ T6970] Invalid ELF header magic: != ELF [ 196.022605][ T6908] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.157831][ T6974] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 196.194109][ T5842] Bluetooth: hci4: command tx timeout [ 196.195582][ T6974] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 196.283827][ T6974] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 196.373803][ T6974] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 196.381242][ T6974] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 196.429873][ T6974] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 196.507067][ T6974] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1511089381 [ 196.573552][ T6974] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 196.659197][ T6987] ubi0: background thread "ubi_bgt0d" started, PID 6987 [ 196.916911][ T6908] veth0_vlan: entered promiscuous mode [ 196.958301][ T6908] veth1_vlan: entered promiscuous mode [ 197.089449][ T6908] veth0_macvtap: entered promiscuous mode [ 197.117366][ T6908] veth1_macvtap: entered promiscuous mode [ 197.179463][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.179508][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.179519][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.179535][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.179546][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.179561][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.179572][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.179587][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.180720][ T6908] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.190377][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.190398][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.190410][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.190425][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.190436][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.190452][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.190462][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.190478][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.191532][ T6908] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.224568][ T6908] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.224618][ T6908] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.224660][ T6908] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.224702][ T6908] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.747561][ T1098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.747605][ T1098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.960792][ T2902] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.960820][ T2902] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.020127][ T6997] ima: policy update failed [ 198.028324][ T30] audit: type=1802 audit(6039702519.680:2): pid=6997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.174" res=0 errno=0 [ 198.264192][ T5842] Bluetooth: hci4: command tx timeout [ 199.498673][ T7024] nbd: socks must be embedded in a SOCK_ITEM attr [ 199.633257][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.643624][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.160355][ T7031] can: request_module (can-proto-3) failed. [ 201.430874][ T7049] Invalid ELF header magic: != ELF [ 202.297963][ T7035] tipc: Enabling of bearer rejected, media not registered [ 203.009501][ T7070] kAFS: Invalid Command on /proc/fs/afs/cells file [ 203.093766][ T7071] FAULT_INJECTION: forcing a failure. [ 203.093766][ T7071] name failslab, interval 1, probability 0, space 0, times 1 [ 203.154229][ T7071] CPU: 1 UID: 0 PID: 7071 Comm: syz.3.189 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 203.154273][ T7071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 203.154292][ T7071] Call Trace: [ 203.154302][ T7071] [ 203.154314][ T7071] dump_stack_lvl+0x16c/0x1f0 [ 203.154365][ T7071] should_fail_ex+0x512/0x640 [ 203.154401][ T7071] ? __kmalloc_noprof+0xbf/0x510 [ 203.154452][ T7071] ? __alloc_workqueue+0xd5c/0x1810 [ 203.154501][ T7071] should_failslab+0xc2/0x120 [ 203.154530][ T7071] __kmalloc_noprof+0xd2/0x510 [ 203.154577][ T7071] ? vsnprintf+0x318/0x1160 [ 203.154636][ T7071] __alloc_workqueue+0xd5c/0x1810 [ 203.154686][ T7071] ? __pfx_vsnprintf+0x10/0x10 [ 203.154727][ T7071] ? lockdep_hardirqs_on+0x7c/0x110 [ 203.154771][ T7071] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 203.154817][ T7071] alloc_workqueue+0xd2/0x200 [ 203.154867][ T7071] ? __pfx_alloc_workqueue+0x10/0x10 [ 203.154926][ T7071] ? __pfx___debug_object_init+0x10/0x10 [ 203.154982][ T7071] nci_register_device+0x511/0xb80 [ 203.155026][ T7071] ? __pfx_nci_register_device+0x10/0x10 [ 203.155075][ T7071] ? lockdep_init_map_type+0x5c/0x280 [ 203.155113][ T7071] virtual_ncidev_open+0x141/0x220 [ 203.155152][ T7071] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 203.155188][ T7071] misc_open+0x35a/0x420 [ 203.155230][ T7071] ? __pfx_misc_open+0x10/0x10 [ 203.155268][ T7071] chrdev_open+0x231/0x6a0 [ 203.155316][ T7071] ? __pfx_apparmor_file_open+0x10/0x10 [ 203.155356][ T7071] ? __pfx_chrdev_open+0x10/0x10 [ 203.155408][ T7071] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 203.155460][ T7071] do_dentry_open+0x741/0x1c10 [ 203.155506][ T7071] ? __pfx_chrdev_open+0x10/0x10 [ 203.155562][ T7071] vfs_open+0x82/0x3f0 [ 203.155609][ T7071] path_openat+0x1e5e/0x2d40 [ 203.155670][ T7071] ? __pfx_path_openat+0x10/0x10 [ 203.155727][ T7071] do_filp_open+0x20b/0x470 [ 203.155774][ T7071] ? __pfx_do_filp_open+0x10/0x10 [ 203.155847][ T7071] ? alloc_fd+0x471/0x7d0 [ 203.155904][ T7071] do_sys_openat2+0x11b/0x1d0 [ 203.155937][ T7071] ? __pfx_do_sys_openat2+0x10/0x10 [ 203.155985][ T7071] __x64_sys_openat+0x174/0x210 [ 203.156020][ T7071] ? __pfx___x64_sys_openat+0x10/0x10 [ 203.156056][ T7071] ? rcu_is_watching+0x12/0xc0 [ 203.156106][ T7071] do_syscall_64+0xcd/0x260 [ 203.156155][ T7071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.156186][ T7071] RIP: 0033:0x7f26db98d169 [ 203.156211][ T7071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.156240][ T7071] RSP: 002b:00007f26dc7c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 203.156268][ T7071] RAX: ffffffffffffffda RBX: 00007f26dbba5fa0 RCX: 00007f26db98d169 [ 203.156287][ T7071] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 203.156305][ T7071] RBP: 00007f26dba0e990 R08: 0000000000000000 R09: 0000000000000000 [ 203.156322][ T7071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 203.156340][ T7071] R13: 0000000000000000 R14: 00007f26dbba5fa0 R15: 00007fff2efc5978 [ 203.156379][ T7071] [ 203.678535][ T7070] FAULT_INJECTION: forcing a failure. [ 203.678535][ T7070] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 203.692173][ T7070] CPU: 0 UID: 0 PID: 7070 Comm: syz.4.188 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 203.692213][ T7070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 203.692230][ T7070] Call Trace: [ 203.692240][ T7070] [ 203.692250][ T7070] dump_stack_lvl+0x16c/0x1f0 [ 203.692300][ T7070] should_fail_ex+0x512/0x640 [ 203.692341][ T7070] _copy_from_user+0x2e/0xd0 [ 203.692380][ T7070] core_sys_select+0x35a/0xbe0 [ 203.692434][ T7070] ? __pfx_core_sys_select+0x10/0x10 [ 203.692485][ T7070] ? proc_fail_nth_write+0x9f/0x250 [ 203.692561][ T7070] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 203.692620][ T7070] kern_select+0x15d/0x1e0 [ 203.692663][ T7070] ? __pfx_kern_select+0x10/0x10 [ 203.692712][ T7070] ? __pfx_ksys_write+0x10/0x10 [ 203.692761][ T7070] ? rcu_is_watching+0x12/0xc0 [ 203.692806][ T7070] __x64_sys_select+0xbd/0x160 [ 203.692848][ T7070] ? do_syscall_64+0x91/0x260 [ 203.692893][ T7070] ? lockdep_hardirqs_on+0x7c/0x110 [ 203.692937][ T7070] do_syscall_64+0xcd/0x260 [ 203.692986][ T7070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.693016][ T7070] RIP: 0033:0x7fdac438d169 [ 203.693039][ T7070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.693068][ T7070] RSP: 002b:00007fdac528b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 203.693096][ T7070] RAX: ffffffffffffffda RBX: 00007fdac45a5fa0 RCX: 00007fdac438d169 [ 203.693116][ T7070] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 203.693132][ T7070] RBP: 00007fdac528b090 R08: 0000000000000000 R09: 0000000000000000 [ 203.693150][ T7070] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 203.693167][ T7070] R13: 0000000000000000 R14: 00007fdac45a5fa0 R15: 00007fffdffbfa38 [ 203.693205][ T7070] [ 204.563714][ T7093] netlink: 'syz.1.192': attribute type 4 has an invalid length. [ 204.940216][ T7100] netlink: 338 bytes leftover after parsing attributes in process `syz.2.196'. [ 205.001778][ T5842] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18 [ 205.016549][ T30] audit: type=1800 audit(6039702534.676:3): pid=7101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.195" name="dbroot" dev="configfs" ino=11580 res=0 errno=0 [ 205.393149][ T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.431060][ T7110] netlink: 342 bytes leftover after parsing attributes in process `syz.4.197'. [ 205.646585][ T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.809792][ T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.923123][ T7118] kAFS: Invalid Command on /proc/fs/afs/cells file [ 206.089664][ T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.712940][ T7135] netlink: 330 bytes leftover after parsing attributes in process `syz.3.203'. [ 206.899052][ T36] bridge_slave_1: left allmulticast mode [ 206.933478][ T36] bridge_slave_1: left promiscuous mode [ 206.960112][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.089822][ T36] bridge_slave_0: left allmulticast mode [ 207.114486][ T36] bridge_slave_0: left promiscuous mode [ 207.120252][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.635887][ T7135] Process accounting resumed [ 208.490307][ T7159] FAULT_INJECTION: forcing a failure. [ 208.490307][ T7159] name failslab, interval 1, probability 0, space 0, times 0 [ 208.519255][ T7159] CPU: 0 UID: 0 PID: 7159 Comm: syz.2.210 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 208.519286][ T7159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 208.519299][ T7159] Call Trace: [ 208.519306][ T7159] [ 208.519314][ T7159] dump_stack_lvl+0x16c/0x1f0 [ 208.519352][ T7159] should_fail_ex+0x512/0x640 [ 208.519378][ T7159] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 208.519418][ T7159] should_failslab+0xc2/0x120 [ 208.519440][ T7159] __kmalloc_cache_noprof+0x6a/0x3e0 [ 208.519468][ T7159] ? find_held_lock+0x2b/0x80 [ 208.519497][ T7159] ? snd_seq_port_connect+0x61/0x550 [ 208.519535][ T7159] snd_seq_port_connect+0x61/0x550 [ 208.519567][ T7159] ? _raw_read_unlock+0x28/0x50 [ 208.519597][ T7159] ? check_subscription_permission.isra.0+0xf5/0x240 [ 208.519636][ T7159] snd_seq_ioctl_subscribe_port+0x211/0x450 [ 208.519676][ T7159] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 208.519732][ T7159] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 208.519771][ T7159] snd_seq_oss_midi_open+0x564/0x660 [ 208.519799][ T7159] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 208.519836][ T7159] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 208.519868][ T7159] snd_seq_oss_synth_reset+0x437/0x880 [ 208.519896][ T7159] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 208.519922][ T7159] ? rcu_is_watching+0x12/0xc0 [ 208.519950][ T7159] ? trace_contention_end+0xdd/0x130 [ 208.519972][ T7159] ? __mutex_lock+0x1ca/0xb90 [ 208.520007][ T7159] snd_seq_oss_reset+0x73/0x290 [ 208.520045][ T7159] snd_seq_oss_ioctl+0xc23/0xda0 [ 208.520067][ T7159] ? __pfx_snd_seq_oss_ioctl+0x10/0x10 [ 208.520087][ T7159] ? hook_file_ioctl_common+0x145/0x410 [ 208.520123][ T7159] ? __fget_files+0x20e/0x3c0 [ 208.520177][ T7159] odev_ioctl+0x94/0x120 [ 208.520221][ T7159] ? __pfx_odev_ioctl+0x10/0x10 [ 208.520268][ T7159] __x64_sys_ioctl+0x190/0x200 [ 208.520311][ T7159] do_syscall_64+0xcd/0x260 [ 208.520351][ T7159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.520374][ T7159] RIP: 0033:0x7f4cd4b8d169 [ 208.520391][ T7159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.520419][ T7159] RSP: 002b:00007f4cd5a7a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 208.520439][ T7159] RAX: ffffffffffffffda RBX: 00007f4cd4da6080 RCX: 00007f4cd4b8d169 [ 208.520454][ T7159] RDX: 0000000000000000 RSI: 0000000000005111 RDI: 0000000000000008 [ 208.520467][ T7159] RBP: 00007f4cd5a7a090 R08: 0000000000000000 R09: 0000000000000000 [ 208.520480][ T7159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.520493][ T7159] R13: 0000000000000001 R14: 00007f4cd4da6080 R15: 00007fff60586468 [ 208.520521][ T7159] [ 209.047604][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 209.107962][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 209.125163][ T36] bond0 (unregistering): Released all slaves [ 209.731276][ T7175] Invalid ELF header magic: != ELF [ 209.854114][ T36] hsr_slave_0: left promiscuous mode [ 209.887113][ T36] hsr_slave_1: left promiscuous mode [ 209.903840][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.911322][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.945388][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.957797][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.991891][ T36] veth1_macvtap: left promiscuous mode [ 210.013817][ T36] veth0_macvtap: left promiscuous mode [ 210.024146][ T36] veth1_vlan: left promiscuous mode [ 210.034025][ T36] veth0_vlan: left promiscuous mode [ 211.980931][ T7214] FAULT_INJECTION: forcing a failure. [ 211.980931][ T7214] name failslab, interval 1, probability 0, space 0, times 0 [ 212.039422][ T7214] CPU: 1 UID: 0 PID: 7214 Comm: syz.4.221 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 212.039486][ T7214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 212.039514][ T7214] Call Trace: [ 212.039529][ T7214] [ 212.039546][ T7214] dump_stack_lvl+0x16c/0x1f0 [ 212.039599][ T7214] should_fail_ex+0x512/0x640 [ 212.039635][ T7214] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 212.039688][ T7214] should_failslab+0xc2/0x120 [ 212.039718][ T7214] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 212.039768][ T7214] ? __alloc_skb+0x2b2/0x380 [ 212.039813][ T7214] __alloc_skb+0x2b2/0x380 [ 212.039851][ T7214] ? __pfx___alloc_skb+0x10/0x10 [ 212.039897][ T7214] ? __lock_acquire+0xaa4/0x1ba0 [ 212.039953][ T7214] netlink_alloc_large_skb+0x69/0x130 [ 212.040004][ T7214] netlink_sendmsg+0x6a1/0xdd0 [ 212.040058][ T7214] ? __pfx_netlink_sendmsg+0x10/0x10 [ 212.040130][ T7214] ____sys_sendmsg+0xa95/0xc70 [ 212.040161][ T7214] ? copy_msghdr_from_user+0x10a/0x160 [ 212.040204][ T7214] ? __pfx_____sys_sendmsg+0x10/0x10 [ 212.040241][ T7214] ? __pfx__kstrtoull+0x10/0x10 [ 212.040299][ T7214] ___sys_sendmsg+0x134/0x1d0 [ 212.040344][ T7214] ? __pfx____sys_sendmsg+0x10/0x10 [ 212.040405][ T7214] ? find_held_lock+0x2b/0x80 [ 212.040472][ T7214] __sys_sendmmsg+0x200/0x420 [ 212.040519][ T7214] ? __pfx___sys_sendmmsg+0x10/0x10 [ 212.040576][ T7214] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 212.040643][ T7214] ? fput+0x70/0xf0 [ 212.040673][ T7214] ? ksys_write+0x1b9/0x240 [ 212.040717][ T7214] ? __pfx_ksys_write+0x10/0x10 [ 212.040759][ T7214] ? rcu_is_watching+0x12/0xc0 [ 212.040805][ T7214] __x64_sys_sendmmsg+0x9c/0x100 [ 212.040848][ T7214] ? lockdep_hardirqs_on+0x7c/0x110 [ 212.040892][ T7214] do_syscall_64+0xcd/0x260 [ 212.040943][ T7214] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.040974][ T7214] RIP: 0033:0x7fdac438d169 [ 212.040999][ T7214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.041028][ T7214] RSP: 002b:00007fdac528b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 212.041058][ T7214] RAX: ffffffffffffffda RBX: 00007fdac45a5fa0 RCX: 00007fdac438d169 [ 212.041078][ T7214] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 212.041097][ T7214] RBP: 00007fdac528b090 R08: 0000000000000000 R09: 0000000000000000 [ 212.041116][ T7214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.041142][ T7214] R13: 0000000000000000 R14: 00007fdac45a5fa0 R15: 00007fffdffbfa38 [ 212.041182][ T7214] [ 212.307997][ T7218] ptrace attach of "./syz-executor exec"[6908] was attempted by "./syz-executor exec"[7218] [ 212.458034][ T36] team0 (unregistering): Port device team_slave_1 removed [ 212.611559][ T36] team0 (unregistering): Port device team_slave_0 removed [ 213.129086][ T7221] Invalid ELF header magic: != ELF [ 213.790281][ T7242] FAULT_INJECTION: forcing a failure. [ 213.790281][ T7242] name failslab, interval 1, probability 0, space 0, times 0 [ 213.816873][ T7242] CPU: 0 UID: 0 PID: 7242 Comm: syz.3.225 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 213.816910][ T7242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 213.816927][ T7242] Call Trace: [ 213.816936][ T7242] [ 213.816947][ T7242] dump_stack_lvl+0x16c/0x1f0 [ 213.816994][ T7242] should_fail_ex+0x512/0x640 [ 213.817025][ T7242] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 213.817074][ T7242] should_failslab+0xc2/0x120 [ 213.817099][ T7242] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 213.817142][ T7242] ? __alloc_skb+0x2b2/0x380 [ 213.817201][ T7242] __alloc_skb+0x2b2/0x380 [ 213.817238][ T7242] ? __pfx___alloc_skb+0x10/0x10 [ 213.817290][ T7242] netlink_ack+0x15d/0xb80 [ 213.817333][ T7242] ? __mutex_trylock_common+0xe9/0x250 [ 213.817394][ T7242] netlink_rcv_skb+0x347/0x440 [ 213.817440][ T7242] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 213.817492][ T7242] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 213.817567][ T7242] ? netlink_deliver_tap+0x1ae/0xd30 [ 213.817617][ T7242] xfrm_netlink_rcv+0x71/0x90 [ 213.817661][ T7242] netlink_unicast+0x53a/0x7f0 [ 213.817714][ T7242] ? __pfx_netlink_unicast+0x10/0x10 [ 213.817765][ T7242] ? __lock_acquire+0xaa4/0x1ba0 [ 213.817838][ T7242] netlink_sendmsg+0x8d1/0xdd0 [ 213.817890][ T7242] ? __pfx_netlink_sendmsg+0x10/0x10 [ 213.817952][ T7242] ____sys_sendmsg+0xa95/0xc70 [ 213.817983][ T7242] ? copy_msghdr_from_user+0x10a/0x160 [ 213.818023][ T7242] ? __pfx_____sys_sendmsg+0x10/0x10 [ 213.818071][ T7242] ___sys_sendmsg+0x134/0x1d0 [ 213.818133][ T7242] ? __pfx____sys_sendmsg+0x10/0x10 [ 213.818228][ T7242] __sys_sendmsg+0x16d/0x220 [ 213.818271][ T7242] ? __pfx___sys_sendmsg+0x10/0x10 [ 213.818326][ T7242] ? rcu_is_watching+0x12/0xc0 [ 213.818389][ T7242] do_syscall_64+0xcd/0x260 [ 213.818437][ T7242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.818468][ T7242] RIP: 0033:0x7f26db98d169 [ 213.818492][ T7242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.818520][ T7242] RSP: 002b:00007f26dc7c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 213.818548][ T7242] RAX: ffffffffffffffda RBX: 00007f26dbba5fa0 RCX: 00007f26db98d169 [ 213.818567][ T7242] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 213.818585][ T7242] RBP: 00007f26dc7c6090 R08: 0000000000000000 R09: 0000000000000000 [ 213.818603][ T7242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 213.818621][ T7242] R13: 0000000000000000 R14: 00007f26dbba5fa0 R15: 00007fff2efc5978 [ 213.818661][ T7242] [ 214.176644][ T7244] netlink: 'syz.2.224': attribute type 4 has an invalid length. [ 215.244259][ T7234] Invalid ELF header magic: != ELF [ 215.962962][ T7271] capability: warning: `syz.4.229' uses 32-bit capabilities (legacy support in use) [ 216.775555][ T7284] ======================================================= [ 216.775555][ T7284] WARNING: The mand mount option has been deprecated and [ 216.775555][ T7284] and is ignored by this kernel. Remove the mand [ 216.775555][ T7284] option from the mount to silence this warning. [ 216.775555][ T7284] ======================================================= [ 218.019154][ T7299] netlink: 'syz.3.236': attribute type 4 has an invalid length. [ 218.957541][ T7309] Invalid ELF header magic: != ELF [ 219.460634][ T7341] Invalid ELF header magic: != ELF [ 219.692457][ T7350] Invalid ELF header magic: != ELF [ 220.059967][ T7357] netlink: 338 bytes leftover after parsing attributes in process `syz.4.244'. [ 220.097392][ T7360] netlink: 338 bytes leftover after parsing attributes in process `syz.4.244'. [ 223.493866][ T7421] syz.2.254 uses obsolete (PF_INET,SOCK_PACKET) [ 224.079550][ T7414] Invalid ELF header magic: != ELF [ 226.039791][ T7436] Invalid ELF header magic: != ELF [ 226.415591][ T7465] FAULT_INJECTION: forcing a failure. [ 226.415591][ T7465] name failslab, interval 1, probability 0, space 0, times 0 [ 226.415644][ T7465] CPU: 0 UID: 0 PID: 7465 Comm: syz.2.260 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 226.415682][ T7465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 226.415701][ T7465] Call Trace: [ 226.415710][ T7465] [ 226.415722][ T7465] dump_stack_lvl+0x16c/0x1f0 [ 226.415772][ T7465] should_fail_ex+0x512/0x640 [ 226.415808][ T7465] ? __kmalloc_noprof+0xbf/0x510 [ 226.415859][ T7465] ? vc_allocate+0x489/0x880 [ 226.415905][ T7465] should_failslab+0xc2/0x120 [ 226.415935][ T7465] __kmalloc_noprof+0xd2/0x510 [ 226.415992][ T7465] vc_allocate+0x489/0x880 [ 226.416040][ T7465] ? __pfx_vc_allocate+0x10/0x10 [ 226.416102][ T7465] con_install+0xa1/0x600 [ 226.416159][ T7465] ? __pfx_con_install+0x10/0x10 [ 226.416216][ T7465] ? __pfx_con_install+0x10/0x10 [ 226.416268][ T7465] tty_init_dev.part.0+0x99/0x500 [ 226.416304][ T7465] tty_open+0xa50/0xf90 [ 226.416343][ T7465] ? __pfx_tty_open+0x10/0x10 [ 226.416375][ T7465] ? chrdev_open+0x58c/0x6a0 [ 226.416429][ T7465] ? __pfx_tty_open+0x10/0x10 [ 226.416459][ T7465] chrdev_open+0x231/0x6a0 [ 226.416515][ T7465] ? __pfx_chrdev_open+0x10/0x10 [ 226.416567][ T7465] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 226.416620][ T7465] do_dentry_open+0x741/0x1c10 [ 226.416666][ T7465] ? __pfx_chrdev_open+0x10/0x10 [ 226.416724][ T7465] vfs_open+0x82/0x3f0 [ 226.416761][ T7465] path_openat+0x1e5e/0x2d40 [ 226.416823][ T7465] ? __pfx_path_openat+0x10/0x10 [ 226.416881][ T7465] do_filp_open+0x20b/0x470 [ 226.416929][ T7465] ? __pfx_do_filp_open+0x10/0x10 [ 226.417007][ T7465] ? alloc_fd+0x471/0x7d0 [ 226.417066][ T7465] do_sys_openat2+0x11b/0x1d0 [ 226.417099][ T7465] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.417154][ T7465] __x64_sys_openat+0x174/0x210 [ 226.417190][ T7465] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.417224][ T7465] ? rcu_is_watching+0x12/0xc0 [ 226.417271][ T7465] do_syscall_64+0xcd/0x260 [ 226.417322][ T7465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.417353][ T7465] RIP: 0033:0x7f4cd4b8d169 [ 226.417377][ T7465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.417406][ T7465] RSP: 002b:00007f4cd5a9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.417435][ T7465] RAX: ffffffffffffffda RBX: 00007f4cd4da5fa0 RCX: 00007f4cd4b8d169 [ 226.417455][ T7465] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 226.417475][ T7465] RBP: 00007f4cd4c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 226.417493][ T7465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.417510][ T7465] R13: 0000000000000000 R14: 00007f4cd4da5fa0 R15: 00007fff60586468 [ 226.417551][ T7465] [ 226.861242][ T7476] netlink: 330 bytes leftover after parsing attributes in process `syz.1.262'. [ 226.861347][ T7476] : renamed from gre0 (while UP) [ 226.898529][ T7476] netlink: 330 bytes leftover after parsing attributes in process `syz.1.262'. [ 228.569697][ T7508] Invalid ELF header magic: != ELF [ 228.999280][ T7529] futex_wake_op: syz.4.271 tries to shift op by 64; fix this program [ 230.327226][ T7559] Invalid ELF header magic: != ELF [ 231.048014][ T7571] could not allocate digest TFM handle [ 231.144276][ T7571] netlink: 16 bytes leftover after parsing attributes in process `syz.4.280'. [ 233.285290][ T7633] netlink: 330 bytes leftover after parsing attributes in process `syz.4.289'. [ 233.330556][ T7633] : renamed from bond0 (while UP) [ 235.250513][ T7658] cougar: G6 mapped to F18 [ 236.309388][ T7648] kexec: Could not allocate control_code_buffer [ 237.042441][ T7698] FAULT_INJECTION: forcing a failure. [ 237.042441][ T7698] name failslab, interval 1, probability 0, space 0, times 0 [ 237.083501][ T7698] CPU: 0 UID: 0 PID: 7698 Comm: syz.1.300 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 237.083541][ T7698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 237.083559][ T7698] Call Trace: [ 237.083568][ T7698] [ 237.083578][ T7698] dump_stack_lvl+0x16c/0x1f0 [ 237.083629][ T7698] should_fail_ex+0x512/0x640 [ 237.083663][ T7698] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 237.083715][ T7698] should_failslab+0xc2/0x120 [ 237.083743][ T7698] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 237.083791][ T7698] ? copy_process+0x4bd/0x91a0 [ 237.083842][ T7698] copy_process+0x4bd/0x91a0 [ 237.083886][ T7698] ? _kstrtoull+0x145/0x200 [ 237.083931][ T7698] ? __pfx__kstrtoull+0x10/0x10 [ 237.083986][ T7698] ? find_held_lock+0x2b/0x80 [ 237.084035][ T7698] ? __pfx_copy_process+0x10/0x10 [ 237.084102][ T7698] ? find_held_lock+0x2b/0x80 [ 237.084162][ T7698] kernel_clone+0xfc/0x960 [ 237.084210][ T7698] ? __pfx_kernel_clone+0x10/0x10 [ 237.084269][ T7698] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 237.084322][ T7698] __do_sys_clone+0xce/0x120 [ 237.084386][ T7698] ? __pfx___do_sys_clone+0x10/0x10 [ 237.084443][ T7698] ? ksys_write+0x1b9/0x240 [ 237.084483][ T7698] ? __pfx_ksys_write+0x10/0x10 [ 237.084520][ T7698] ? rcu_is_watching+0x12/0xc0 [ 237.084566][ T7698] do_syscall_64+0xcd/0x260 [ 237.084612][ T7698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.084640][ T7698] RIP: 0033:0x7fe72f98d169 [ 237.084663][ T7698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.084689][ T7698] RSP: 002b:00007fe72d7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 237.084715][ T7698] RAX: ffffffffffffffda RBX: 00007fe72fba6080 RCX: 00007fe72f98d169 [ 237.084733][ T7698] RDX: 0000000000000000 RSI: 00000000000003ff RDI: 0000000000007fff [ 237.084749][ T7698] RBP: 00007fe72d7f6090 R08: 000000000000000f R09: 0000000000000000 [ 237.084765][ T7698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 237.084780][ T7698] R13: 0000000000000001 R14: 00007fe72fba6080 R15: 00007ffd38456bb8 [ 237.084815][ T7698] [ 237.948031][ T7682] Process accounting paused [ 238.332034][ T7714] netlink: 350 bytes leftover after parsing attributes in process `syz.3.305'. [ 238.574032][ T7722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.306'. [ 238.877287][ T7731] Invalid ELF header magic: != ELF [ 238.914512][ T7730] FAULT_INJECTION: forcing a failure. [ 238.914512][ T7730] name failslab, interval 1, probability 0, space 0, times 0 [ 238.980328][ T7730] CPU: 0 UID: 0 PID: 7730 Comm: syz.3.307 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 238.980367][ T7730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 238.980382][ T7730] Call Trace: [ 238.980391][ T7730] [ 238.980402][ T7730] dump_stack_lvl+0x16c/0x1f0 [ 238.980448][ T7730] should_fail_ex+0x512/0x640 [ 238.980480][ T7730] ? fs_reclaim_acquire+0xae/0x150 [ 238.980516][ T7730] ? tomoyo_encode2+0x100/0x3e0 [ 238.980553][ T7730] should_failslab+0xc2/0x120 [ 238.980580][ T7730] __kmalloc_noprof+0xd2/0x510 [ 238.980623][ T7730] ? d_absolute_path+0x136/0x1a0 [ 238.980661][ T7730] tomoyo_encode2+0x100/0x3e0 [ 238.980705][ T7730] tomoyo_encode+0x29/0x50 [ 238.980743][ T7730] tomoyo_realpath_from_path+0x18f/0x6e0 [ 238.980793][ T7730] tomoyo_path_number_perm+0x245/0x580 [ 238.980826][ T7730] ? tomoyo_path_number_perm+0x237/0x580 [ 238.980863][ T7730] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 238.980899][ T7730] ? find_held_lock+0x2b/0x80 [ 238.980969][ T7730] ? find_held_lock+0x2b/0x80 [ 238.981005][ T7730] ? hook_file_ioctl_common+0x145/0x410 [ 238.981052][ T7730] ? __fget_files+0x20e/0x3c0 [ 238.981100][ T7730] security_file_ioctl+0x9b/0x240 [ 238.981139][ T7730] __x64_sys_ioctl+0xb7/0x200 [ 238.981177][ T7730] do_syscall_64+0xcd/0x260 [ 238.981224][ T7730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.981253][ T7730] RIP: 0033:0x7f26db98d169 [ 238.981275][ T7730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.981301][ T7730] RSP: 002b:00007f26dc7c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 238.981326][ T7730] RAX: ffffffffffffffda RBX: 00007f26dbba5fa0 RCX: 00007f26db98d169 [ 238.981345][ T7730] RDX: 0000000000000000 RSI: 000000000000540b RDI: 000000000000000c [ 238.981361][ T7730] RBP: 00007f26dc7c6090 R08: 0000000000000000 R09: 0000000000000000 [ 238.981376][ T7730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 238.981392][ T7730] R13: 0000000000000000 R14: 00007f26dbba5fa0 R15: 00007fff2efc5978 [ 238.981427][ T7730] [ 238.981722][ T7730] ERROR: Out of memory at tomoyo_realpath_from_path. [ 239.713133][ T7743] netlink: 28 bytes leftover after parsing attributes in process `syz.1.310'. [ 239.861111][ T7742] delete_channel: no stack [ 240.672210][ T7759] netlink: 56 bytes leftover after parsing attributes in process `syz.3.313'. [ 240.686057][ T7766] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 241.467499][ T7787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.317'. [ 242.270433][ T7798] nbd: must specify an index to disconnect [ 242.387888][ T7790] Invalid ELF header magic: != ELF [ 243.950505][ T7831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 243.990392][ T7831] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 244.013693][ T7831] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 244.022191][ T7831] page_type: f5(slab) [ 244.025266][ T7836] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 244.118396][ T7831] raw: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 244.220805][ T7831] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 244.289374][ T7831] head: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 244.408535][ T30] audit: type=1800 audit(6039702584.067:4): pid=7843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.329" name="members" dev="configfs" ino=13936 res=0 errno=0 [ 244.451810][ T7831] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 244.477224][ T7831] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 244.523519][ T7831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 244.579030][ T7831] page dumped because: unmovable page [ 244.647295][ T7831] page_owner tracks the page as allocated [ 244.653280][ T7831] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7575, tgid 7568 (syz.4.280), ts 231121983597, free_ts 231030633014 [ 244.823772][ T7831] post_alloc_hook+0x181/0x1b0 [ 244.828638][ T7831] get_page_from_freelist+0x1193/0x39b0 [ 244.887043][ T7831] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 244.933674][ T7831] alloc_pages_mpol+0x1fb/0x550 [ 244.989291][ T7831] new_slab+0x23c/0x330 [ 245.022101][ T7831] ___slab_alloc+0xd9c/0x1940 [ 245.083619][ T7831] __slab_alloc.constprop.0+0x56/0xb0 [ 245.089085][ T7831] __kmalloc_cache_noprof+0xfb/0x3e0 [ 245.160516][ T7831] kobject_uevent_env+0x265/0x1870 [ 245.243422][ T7831] netdev_queue_update_kobjects+0x1a7/0x720 [ 245.269954][ T7831] netdev_register_kobject+0x28c/0x3a0 [ 245.334517][ T7831] register_netdevice+0x13dc/0x2270 [ 245.339822][ T7831] __ip_tunnel_create+0x4a8/0x680 [ 245.413559][ T7831] ip_tunnel_init_net+0x22f/0x7d0 [ 245.449787][ T7831] ops_init+0x1df/0x5f0 [ 245.483463][ T7831] setup_net+0x21e/0x850 [ 245.493613][ T7831] page last free pid 7556 tgid 7555 stack trace: [ 245.499993][ T7831] __free_frozen_pages+0x69d/0xff0 [ 245.563302][ T7831] __put_partials+0x16d/0x1c0 [ 245.586889][ T7861] QAT: Stopping all acceleration devices. [ 245.610320][ T7861] block nbd0: Unsupported socket: shutdown callout must be supported. [ 245.623092][ T7831] qlist_free_all+0x4e/0x120 [ 245.652123][ T7831] kasan_quarantine_reduce+0x195/0x1e0 [ 245.668109][ T7831] __kasan_slab_alloc+0x69/0x90 [ 245.673048][ T7831] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 245.712004][ T7831] ptlock_alloc+0x1f/0x70 [ 245.722122][ T7831] pte_alloc_one+0x6d/0x380 [ 245.733448][ T7831] do_pte_missing+0x1c0b/0x3fb0 [ 245.748572][ T7831] __handle_mm_fault+0x103d/0x2a40 [ 245.763464][ T7831] handle_mm_fault+0x3fe/0xad0 [ 245.783711][ T7831] __get_user_pages+0x771/0x36f0 [ 245.803620][ T7831] get_dump_page+0x257/0x3d0 [ 245.808287][ T7831] dump_user_range+0x1c3/0xb30 [ 245.863439][ T7831] elf_core_dump+0x288a/0x3a90 [ 245.868305][ T7831] do_coredump+0x3183/0x4480 [ 249.045713][ T7924] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 249.149143][ T7924] netlink: 338 bytes leftover after parsing attributes in process `syz.3.338'. [ 249.252918][ T7927] can0: slcan on ttyS2. [ 249.545093][ T7927] can0 (unregistered): slcan off ttyS2. [ 249.846202][ T7939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 249.925112][ T7939] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 249.953859][ T7939] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 249.954987][ T7948] netlink: 194 bytes leftover after parsing attributes in process `syz.1.344'. [ 250.000913][ T7939] page_type: f5(slab) [ 250.014135][ T7939] raw: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 250.073511][ T7939] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 250.082177][ T7939] head: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 250.223691][ T7939] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 250.273501][ T7939] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 250.289763][ T7942] could not allocate digest TFM handle [ 250.314141][ T7939] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 250.343518][ T7939] page dumped because: unmovable page [ 250.364297][ T7939] page_owner tracks the page as allocated [ 250.383493][ T7939] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 62, tgid 62 (kworker/u8:4), ts 246888243735, free_ts 245893915745 [ 250.413641][ T7939] post_alloc_hook+0x181/0x1b0 [ 250.418865][ T7939] get_page_from_freelist+0x1193/0x39b0 [ 250.425028][ T7939] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 250.448643][ T7939] alloc_pages_mpol+0x1fb/0x550 [ 250.533468][ T7939] new_slab+0x23c/0x330 [ 250.537727][ T7939] ___slab_alloc+0xd9c/0x1940 [ 250.614462][ T7939] __slab_alloc.constprop.0+0x56/0xb0 [ 250.619939][ T7939] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 250.674087][ T7939] kmalloc_reserve+0xef/0x2c0 [ 250.678887][ T7939] __alloc_skb+0x166/0x380 [ 250.723486][ T7939] nsim_dev_trap_report_work+0x2b1/0xcf0 [ 250.729617][ T7939] process_one_work+0x9cc/0x1b70 [ 250.808195][ T7939] worker_thread+0x6c8/0xf10 [ 250.812870][ T7939] kthread+0x3c2/0x780 [ 250.853426][ T7939] ret_from_fork+0x45/0x80 [ 250.878372][ T7939] ret_from_fork_asm+0x1a/0x30 [ 250.903445][ T7939] page last free pid 7866 tgid 7866 stack trace: [ 250.937680][ T7939] __free_frozen_pages+0x69d/0xff0 [ 250.973483][ T7939] __put_partials+0x16d/0x1c0 [ 250.979106][ T7939] qlist_free_all+0x4e/0x120 [ 250.998679][ T7939] kasan_quarantine_reduce+0x195/0x1e0 [ 251.033470][ T7939] __kasan_slab_alloc+0x69/0x90 [ 251.038410][ T7939] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 251.170870][ T7939] proc_reg_open+0x21d/0x610 [ 251.197853][ T7939] do_dentry_open+0x741/0x1c10 [ 251.211564][ T7939] vfs_open+0x82/0x3f0 [ 251.254465][ T7939] path_openat+0x1e5e/0x2d40 [ 251.328402][ T7939] do_filp_open+0x20b/0x470 [ 251.343418][ T7939] do_sys_openat2+0x11b/0x1d0 [ 251.363946][ T7939] __x64_sys_openat+0x174/0x210 [ 251.384103][ T7939] do_syscall_64+0xcd/0x260 [ 251.433455][ T7939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.147111][ T7994] netlink: 28 bytes leftover after parsing attributes in process `syz.2.348'. [ 253.227554][ T8019] netlink: 4 bytes leftover after parsing attributes in process `syz.1.354'. [ 257.591799][ T8066] netlink: 4 bytes leftover after parsing attributes in process `syz.4.364'. [ 258.769685][ T8082] netlink: 330 bytes leftover after parsing attributes in process `syz.4.366'. [ 259.805545][ T8096] netlink: 28 bytes leftover after parsing attributes in process `syz.3.369'. [ 261.070659][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.081186][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.918426][ T8143] netlink: 338 bytes leftover after parsing attributes in process `syz.3.382'. [ 263.928805][ T8143] netlink: 338 bytes leftover after parsing attributes in process `syz.3.382'. [ 265.380494][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.393587][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.694798][ T8181] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 266.934707][ T8178] Invalid ELF header magic: != ELF [ 267.748633][ T8209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 267.791314][ T8209] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 267.871126][ T8209] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 267.930759][ T8209] page_type: f5(slab) [ 267.975779][ T8209] raw: 00fff00000000040 ffff888140408640 dead000000000122 0000000000000000 [ 268.099453][ T8209] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 268.121856][ T8209] head: 00fff00000000040 ffff888140408640 dead000000000122 0000000000000000 [ 268.165926][ T8209] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 268.198083][ T8209] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 268.206969][ T8209] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 268.215983][ T8209] page dumped because: unmovable page [ 268.233463][ T8209] page_owner tracks the page as allocated [ 268.457238][ T8209] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 261352323014, free_ts 261333917882 [ 268.533625][ T8209] post_alloc_hook+0x181/0x1b0 [ 268.538479][ T8209] get_page_from_freelist+0x1193/0x39b0 [ 268.609500][ T8209] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 268.617148][ T8209] alloc_pages_mpol+0x1fb/0x550 [ 268.706957][ T8224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 268.716780][ T8209] new_slab+0x23c/0x330 [ 268.721110][ T8209] ___slab_alloc+0xd9c/0x1940 [ 268.767971][ T8224] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 268.818055][ T8209] __slab_alloc.constprop.0+0x56/0xb0 [ 268.823819][ T8209] kmem_cache_alloc_noprof+0xef/0x3b0 [ 268.829274][ T8209] getname_flags.part.0+0x4c/0x550 [ 268.834555][ T8209] getname_flags+0x93/0xf0 [ 268.839046][ T8209] do_readlinkat+0xb4/0x3a0 [ 268.843656][ T8209] __x64_sys_readlink+0x78/0xc0 [ 268.848562][ T8209] do_syscall_64+0xcd/0x260 [ 268.853884][ T8209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.859860][ T8209] page last free pid 5214 tgid 5214 stack trace: [ 268.866305][ T8209] __free_frozen_pages+0x69d/0xff0 [ 268.871483][ T8209] __put_partials+0x16d/0x1c0 [ 268.876366][ T8209] qlist_free_all+0x4e/0x120 [ 268.882257][ T8209] kasan_quarantine_reduce+0x195/0x1e0 [ 268.893577][ T8209] __kasan_slab_alloc+0x69/0x90 [ 268.898500][ T8209] __kmalloc_cache_noprof+0x1f1/0x3e0 [ 268.959915][ T8209] kernfs_fop_open+0x244/0xda0 [ 268.973753][ T8209] do_dentry_open+0x741/0x1c10 [ 268.978597][ T8209] vfs_open+0x82/0x3f0 [ 269.027308][ T8209] path_openat+0x1e5e/0x2d40 [ 269.032023][ T8209] do_filp_open+0x20b/0x470 [ 269.052531][ T8209] do_sys_openat2+0x11b/0x1d0 [ 269.062661][ T8209] __x64_sys_openat+0x174/0x210 [ 269.072773][ T8209] do_syscall_64+0xcd/0x260 [ 269.089600][ T8209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.868660][ T8244] netlink: 'syz.3.404': attribute type 5 has an invalid length. [ 270.127918][ T8244] netlink: 'syz.3.404': attribute type 1 has an invalid length. [ 271.726211][ T8260] Process accounting resumed [ 272.374291][ T8279] netlink: 342 bytes leftover after parsing attributes in process `syz.4.413'. [ 272.815573][ T8287] netlink: 'syz.4.415': attribute type 5 has an invalid length. [ 272.823283][ T8287] netlink: 'syz.4.415': attribute type 1 has an invalid length. [ 274.817510][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 274.824016][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 275.039281][ T8312] Process accounting resumed [ 275.801981][ T8351] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 276.642382][ T8372] Unable to find swap-space signature [ 276.984227][ T8378] nbd: failed to add new device [ 280.659988][ T8447] Invalid ELF header magic: != ELF [ 283.887229][ T8510] netlink: 350 bytes leftover after parsing attributes in process `syz.4.471'. [ 285.624666][ T8531] Invalid ELF header magic: != ELF [ 288.493147][ T8605] netlink: 4 bytes leftover after parsing attributes in process `syz.4.497'. [ 290.328807][ T8630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 290.343812][ T8630] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 290.376721][ T8630] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 290.412339][ T8630] page_type: f5(slab) [ 290.437218][ T8630] raw: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 290.485656][ T8630] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 290.562264][ T8630] head: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 290.600801][ T8630] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 290.778122][ T8630] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 290.993579][ T8630] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 291.023223][ T8630] page dumped because: unmovable page [ 291.032567][ T8630] page_owner tracks the page as allocated [ 291.050306][ T8630] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2982, tgid 2982 (kworker/u8:9), ts 289536412637, free_ts 289444443589 [ 291.076840][ T8630] post_alloc_hook+0x181/0x1b0 [ 291.081881][ T8630] get_page_from_freelist+0x1193/0x39b0 [ 291.088071][ T8630] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 291.173815][ T8633] could not allocate digest TFM handle binfmt_misc [ 291.180550][ T8630] alloc_pages_mpol+0x1fb/0x550 [ 291.185761][ T8630] new_slab+0x23c/0x330 [ 291.190031][ T8630] ___slab_alloc+0xd9c/0x1940 [ 291.195169][ T8630] __slab_alloc.constprop.0+0x56/0xb0 [ 291.200665][ T8630] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 291.207272][ T8630] kmalloc_reserve+0xef/0x2c0 [ 291.212083][ T8630] __alloc_skb+0x166/0x380 [ 291.216908][ T8630] nsim_dev_trap_report_work+0x2b1/0xcf0 [ 291.223589][ T8630] process_one_work+0x9cc/0x1b70 [ 291.228670][ T8630] worker_thread+0x6c8/0xf10 [ 291.233498][ T8630] kthread+0x3c2/0x780 [ 291.237703][ T8630] ret_from_fork+0x45/0x80 [ 291.242226][ T8630] ret_from_fork_asm+0x1a/0x30 [ 291.247396][ T8630] page last free pid 5844 tgid 5844 stack trace: [ 291.299562][ T8630] __free_frozen_pages+0x69d/0xff0 [ 291.332883][ T8630] __put_partials+0x16d/0x1c0 [ 291.340341][ T8630] qlist_free_all+0x4e/0x120 [ 291.379092][ T8630] kasan_quarantine_reduce+0x195/0x1e0 [ 291.393431][ T8630] __kasan_slab_alloc+0x69/0x90 [ 291.433437][ T8630] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 291.439063][ T8630] ptlock_alloc+0x1f/0x70 [ 291.523445][ T8630] pte_alloc_one+0x6d/0x380 [ 291.528113][ T8630] __pte_alloc+0x6d/0x3c0 [ 291.568201][ T8630] copy_page_range+0x39a7/0x5ec0 [ 291.573294][ T8630] copy_process+0x862b/0x91a0 [ 291.620708][ T8630] kernel_clone+0xfc/0x960 [ 291.646465][ T8630] __do_sys_clone+0xce/0x120 [ 291.669106][ T8630] do_syscall_64+0xcd/0x260 [ 291.758541][ T8630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.391106][ T8659] netlink: 28 bytes leftover after parsing attributes in process `syz.2.511'. [ 292.466021][ T8659] mac80211_hwsim hwsim6 wlan1: entered allmulticast mode [ 293.176211][ T8678] netlink: 28 bytes leftover after parsing attributes in process `syz.1.523'. [ 293.206746][ T8678] veth1_macvtap: entered allmulticast mode [ 293.325124][ T8673] netlink: 330 bytes leftover after parsing attributes in process `syz.1.523'. [ 293.435516][ T8678] netlink: 20 bytes leftover after parsing attributes in process `syz.1.523'. [ 293.735952][ T8690] netlink: 252 bytes leftover after parsing attributes in process `syz.3.520'. [ 293.775753][ T8690] netlink: 252 bytes leftover after parsing attributes in process `syz.3.520'. [ 295.809210][ T8737] FAULT_INJECTION: forcing a failure. [ 295.809210][ T8737] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 295.984141][ T8737] CPU: 1 UID: 0 PID: 8737 Comm: syz.2.534 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 295.984180][ T8737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 295.984197][ T8737] Call Trace: [ 295.984206][ T8737] [ 295.984227][ T8737] dump_stack_lvl+0x16c/0x1f0 [ 295.984274][ T8737] should_fail_ex+0x512/0x640 [ 295.984313][ T8737] _copy_from_user+0x2e/0xd0 [ 295.984351][ T8737] copy_msghdr_from_user+0x98/0x160 [ 295.984400][ T8737] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 295.984443][ T8737] ? __lock_acquire+0x5ca/0x1ba0 [ 295.984494][ T8737] ___sys_recvmsg+0xdb/0x1a0 [ 295.984530][ T8737] ? __pfx____sys_recvmsg+0x10/0x10 [ 295.984570][ T8737] ? find_held_lock+0x2b/0x80 [ 295.984625][ T8737] do_recvmmsg+0x2fe/0x740 [ 295.984666][ T8737] ? __pfx_do_recvmmsg+0x10/0x10 [ 295.984710][ T8737] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 295.984779][ T8737] ? __fget_files+0x20e/0x3c0 [ 295.984828][ T8737] __x64_sys_recvmmsg+0x22a/0x280 [ 295.984871][ T8737] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 295.984909][ T8737] ? rcu_is_watching+0x12/0xc0 [ 295.984955][ T8737] do_syscall_64+0xcd/0x260 [ 295.985001][ T8737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.985030][ T8737] RIP: 0033:0x7f4cd4b8d169 [ 295.985052][ T8737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.985079][ T8737] RSP: 002b:00007f4cd5a38038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 295.985105][ T8737] RAX: ffffffffffffffda RBX: 00007f4cd4da6240 RCX: 00007f4cd4b8d169 [ 295.985147][ T8737] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 295.985167][ T8737] RBP: 00007f4cd5a38090 R08: 0000000000000000 R09: 0000000000000000 [ 295.985186][ T8737] R10: 0000000000001102 R11: 0000000000000246 R12: 0000000000000001 [ 295.985204][ T8737] R13: 0000000000000000 R14: 00007f4cd4da6240 R15: 00007fff60586468 [ 295.985242][ T8737] [ 297.653652][ T5842] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 301.337458][ T8813] netlink: 28 bytes leftover after parsing attributes in process `syz.2.552'. [ 301.805150][ T8815] Process accounting paused [ 301.950449][ T8783] Invalid ELF header magic: != ELF [ 303.162824][ T8834] netlink: 252 bytes leftover after parsing attributes in process `syz.2.557'. [ 303.222406][ T8834] netlink: 252 bytes leftover after parsing attributes in process `syz.2.557'. [ 304.781329][ T8839] Invalid ELF header magic: != ELF [ 305.268648][ T8865] Process accounting paused [ 306.211845][ T8884] ima: policy update failed [ 306.245178][ T30] audit: type=1802 audit(6039702653.900:5): pid=8884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.568" res=0 errno=0 [ 306.665873][ T8890] netlink: 252 bytes leftover after parsing attributes in process `syz.1.571'. [ 306.723859][ T8892] netlink: 252 bytes leftover after parsing attributes in process `syz.1.571'. [ 306.808302][ T8894] netlink: 338 bytes leftover after parsing attributes in process `syz.3.573'. [ 308.864577][ T8934] ucma_write: process 679 (syz.3.585) changed security contexts after opening file descriptor, this is not allowed. [ 308.911884][ T8935] nbd: socks must be embedded in a SOCK_ITEM attr [ 308.995204][ T8934] netlink: 334 bytes leftover after parsing attributes in process `syz.3.585'. [ 310.414162][ T8963] vivid-007: ================= START STATUS ================= [ 310.511075][ T8963] vivid-007: Generate PTS: true [ 310.517791][ T8963] vivid-007: Generate SCR: true [ 310.522891][ T8963] tpg source WxH: 640x360 (Y'CbCr) [ 310.529132][ T8963] tpg field: 1 [ 310.532602][ T8963] tpg crop: (0,0)/640x360 [ 310.537482][ T8963] tpg compose: (0,0)/640x360 [ 310.542118][ T8963] tpg colorspace: 8 [ 310.546456][ T8963] tpg transfer function: 0/0 [ 310.551087][ T8963] tpg Y'CbCr encoding: 0/0 [ 310.555993][ T8963] tpg quantization: 0/0 [ 310.560186][ T8963] tpg RGB range: 0/2 [ 310.565684][ T8963] vivid-007: ================== END STATUS ================== [ 310.603621][ T8969] netlink: 8 bytes leftover after parsing attributes in process `syz.4.595'. [ 311.727433][ T8986] vivid-009: ================= START STATUS ================= [ 311.739205][ T8986] vivid-009: Enable Output Cropping: true grabbed [ 311.750402][ T8986] vivid-009: Enable Output Composing: true grabbed [ 311.759252][ T8986] vivid-009: Enable Output Scaler: true grabbed [ 311.769308][ T8986] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 311.777643][ T8986] vivid-009: Transmit Mode: HDMI grabbed [ 311.787293][ T8986] vivid-009: Hotplug Present: 0x00000000 [ 311.795059][ T8986] vivid-009: RxSense Present: 0x00000000 [ 311.800930][ T8986] vivid-009: EDID Present: 0x00000000 [ 311.812080][ T8986] vivid-009: ================== END STATUS ================== [ 313.378854][ T8993] Invalid ELF header magic: != ELF [ 314.030322][ T30] audit: type=1804 audit(6039702661.690:6): pid=9017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.605" name=2F6E6577726F6F742F3137352F08 dev="tmpfs" ino=948 res=1 errno=0 [ 314.331521][ T9032] Process accounting resumed [ 314.345372][ T55] Bluetooth: hci4: command 0x0406 tx timeout [ 314.956985][ T9047] netlink: 28 bytes leftover after parsing attributes in process `syz.2.613'. [ 315.091863][ T9057] netlink: 330 bytes leftover after parsing attributes in process `syz.1.617'. [ 315.460829][ T9064] netlink: 334 bytes leftover after parsing attributes in process `syz.1.618'. [ 316.416607][ T9059] Invalid ELF header magic: != ELF [ 318.912103][ T9111] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(1) [ 321.108181][ T9176] netlink: 12 bytes leftover after parsing attributes in process `syz.2.647'. [ 321.803666][ T9184] FAULT_INJECTION: forcing a failure. [ 321.803666][ T9184] name failslab, interval 1, probability 0, space 0, times 0 [ 321.873029][ T9184] CPU: 0 UID: 0 PID: 9184 Comm: syz.3.651 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 321.873073][ T9184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 321.873091][ T9184] Call Trace: [ 321.873101][ T9184] [ 321.873112][ T9184] dump_stack_lvl+0x16c/0x1f0 [ 321.873163][ T9184] should_fail_ex+0x512/0x640 [ 321.873198][ T9184] ? __kvmalloc_node_noprof+0x122/0x600 [ 321.873248][ T9184] should_failslab+0xc2/0x120 [ 321.873279][ T9184] __kvmalloc_node_noprof+0x135/0x600 [ 321.873323][ T9184] ? lockdep_init_map_type+0x5c/0x280 [ 321.873358][ T9184] ? alloc_netdev_mqs+0xb5b/0x1570 [ 321.873428][ T9184] ? alloc_netdev_mqs+0xb5b/0x1570 [ 321.873468][ T9184] alloc_netdev_mqs+0xb5b/0x1570 [ 321.873515][ T9184] ? __pfx_loopback_net_init+0x10/0x10 [ 321.873545][ T9184] loopback_net_init+0x38/0x170 [ 321.873575][ T9184] ? __pfx_loopback_net_init+0x10/0x10 [ 321.873602][ T9184] ops_init+0x1df/0x5f0 [ 321.873647][ T9184] setup_net+0x21e/0x850 [ 321.873692][ T9184] ? __pfx_setup_net+0x10/0x10 [ 321.873731][ T9184] ? lockdep_init_map_type+0x5c/0x280 [ 321.873760][ T9184] ? __pfx_down_read_killable+0x10/0x10 [ 321.873792][ T9184] ? debug_mutex_init+0x37/0x70 [ 321.873833][ T9184] copy_net_ns+0x2a6/0x5f0 [ 321.873881][ T9184] create_new_namespaces+0x3ea/0xad0 [ 321.873931][ T9184] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 321.873977][ T9184] ksys_unshare+0x45b/0xa40 [ 321.874022][ T9184] ? __pfx_ksys_unshare+0x10/0x10 [ 321.874065][ T9184] ? xfd_validate_state+0x5d/0x180 [ 321.874100][ T9184] ? rcu_is_watching+0x12/0xc0 [ 321.874146][ T9184] __x64_sys_unshare+0x31/0x40 [ 321.874190][ T9184] do_syscall_64+0xcd/0x260 [ 321.874256][ T9184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.874288][ T9184] RIP: 0033:0x7f26db98d169 [ 321.874312][ T9184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.874343][ T9184] RSP: 002b:00007f26dc7a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 321.874382][ T9184] RAX: ffffffffffffffda RBX: 00007f26dbba6080 RCX: 00007f26db98d169 [ 321.874402][ T9184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 321.874420][ T9184] RBP: 00007f26dba0e990 R08: 0000000000000000 R09: 0000000000000000 [ 321.874437][ T9184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.874455][ T9184] R13: 0000000000000000 R14: 00007f26dbba6080 R15: 00007fff2efc5978 [ 321.874495][ T9184] [ 322.511308][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.518796][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.796735][ T9216] netlink: 12 bytes leftover after parsing attributes in process `syz.1.659'. [ 324.457872][ T9206] Invalid ELF header magic: != ELF [ 324.781393][ T9207] bridge0: port 3(team0) entered blocking state [ 324.856924][ T9207] bridge0: port 3(team0) entered disabled state [ 324.907623][ T9207] team0: entered allmulticast mode [ 324.913739][ T9207] team_slave_0: entered allmulticast mode [ 324.919644][ T9207] team_slave_1: entered allmulticast mode [ 324.928442][ T9207] team0: entered promiscuous mode [ 324.933689][ T9207] team_slave_0: entered promiscuous mode [ 324.941030][ T9207] team_slave_1: entered promiscuous mode [ 324.957586][ T9207] bridge0: port 3(team0) entered blocking state [ 324.964240][ T9207] bridge0: port 3(team0) entered forwarding state [ 326.429622][ T9233] Invalid ELF header magic: != ELF [ 327.330583][ T9248] netlink: 12 bytes leftover after parsing attributes in process `syz.4.663'. [ 328.839427][ T9276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.672'. [ 329.514294][ T9287] netlink: zone id is out of range [ 329.520635][ T9287] netlink: zone id is out of range [ 329.525860][ T9287] netlink: zone id is out of range [ 329.531000][ T9287] netlink: zone id is out of range [ 329.537342][ T9287] netlink: zone id is out of range [ 329.542667][ T9287] netlink: zone id is out of range [ 329.588488][ T9287] netlink: zone id is out of range [ 329.605347][ T9287] netlink: zone id is out of range [ 329.613871][ T9287] netlink: zone id is out of range [ 329.619029][ T9287] netlink: zone id is out of range [ 330.954048][ T9293] Invalid ELF header magic: != ELF [ 331.574291][ T9312] netlink: 4 bytes leftover after parsing attributes in process `syz.4.680'. [ 332.993738][ T9338] usb usb34: usbfs: process 9338 (syz.1.686) did not claim interface 0 before use [ 333.034506][ T9324] netlink: 4 bytes leftover after parsing attributes in process `syz.4.690'. [ 335.758559][ T9389] Process accounting resumed [ 336.213967][ T9409] FAULT_INJECTION: forcing a failure. [ 336.213967][ T9409] name failslab, interval 1, probability 0, space 0, times 0 [ 336.257563][ T9409] CPU: 1 UID: 0 PID: 9409 Comm: syz.3.707 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 336.257627][ T9409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 336.257655][ T9409] Call Trace: [ 336.257672][ T9409] [ 336.257689][ T9409] dump_stack_lvl+0x16c/0x1f0 [ 336.257736][ T9409] should_fail_ex+0x512/0x640 [ 336.257767][ T9409] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 336.257808][ T9409] should_failslab+0xc2/0x120 [ 336.257832][ T9409] __kmalloc_cache_noprof+0x6a/0x3e0 [ 336.257867][ T9409] ? __might_fault+0x13b/0x190 [ 336.257908][ T9409] ? alloc_bprm+0x86/0xdd0 [ 336.257948][ T9409] alloc_bprm+0x86/0xdd0 [ 336.257982][ T9409] ? strncpy_from_user+0x203/0x2e0 [ 336.258013][ T9409] do_execveat_common.isra.0+0x1ce/0x610 [ 336.258060][ T9409] __x64_sys_execve+0x8e/0xb0 [ 336.258098][ T9409] do_syscall_64+0xcd/0x260 [ 336.258142][ T9409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.258169][ T9409] RIP: 0033:0x7f26db98d169 [ 336.258190][ T9409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.258216][ T9409] RSP: 002b:00007f26dc7c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 336.258241][ T9409] RAX: ffffffffffffffda RBX: 00007f26dbba5fa0 RCX: 00007f26db98d169 [ 336.258259][ T9409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000140 [ 336.258282][ T9409] RBP: 00007f26dc7c6090 R08: 0000000000000000 R09: 0000000000000000 [ 336.258298][ T9409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 336.258313][ T9409] R13: 0000000000000000 R14: 00007f26dbba5fa0 R15: 00007fff2efc5978 [ 336.258347][ T9409] [ 336.273387][ T9410] netlink: 338 bytes leftover after parsing attributes in process `syz.2.706'. [ 338.018169][ T9441] FAULT_INJECTION: forcing a failure. [ 338.018169][ T9441] name failslab, interval 1, probability 0, space 0, times 0 [ 338.093665][ T9441] CPU: 1 UID: 0 PID: 9441 Comm: syz.1.717 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 338.093703][ T9441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 338.093721][ T9441] Call Trace: [ 338.093731][ T9441] [ 338.093741][ T9441] dump_stack_lvl+0x16c/0x1f0 [ 338.093789][ T9441] should_fail_ex+0x512/0x640 [ 338.093840][ T9441] ? __kmalloc_noprof+0xbf/0x510 [ 338.093888][ T9441] ? memcg_list_lru_alloc+0x4e9/0x740 [ 338.093916][ T9441] should_failslab+0xc2/0x120 [ 338.093946][ T9441] __kmalloc_noprof+0xd2/0x510 [ 338.094016][ T9441] memcg_list_lru_alloc+0x4e9/0x740 [ 338.094056][ T9441] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 338.094106][ T9441] __memcg_slab_post_alloc_hook+0x131/0x940 [ 338.094143][ T9441] ? kasan_save_track+0x14/0x30 [ 338.094194][ T9441] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 338.094243][ T9441] ? pcpu_alloc_noprof+0x1f5/0x1470 [ 338.094291][ T9441] ? alloc_inode+0xc3/0x240 [ 338.094332][ T9441] alloc_inode+0xc3/0x240 [ 338.094368][ T9441] alloc_anon_inode+0x28/0x3e0 [ 338.094417][ T9441] ioctx_alloc+0x4ad/0x2060 [ 338.094460][ T9441] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 338.094534][ T9441] ? find_held_lock+0x2b/0x80 [ 338.094574][ T9441] ? __pfx_ioctx_alloc+0x10/0x10 [ 338.094614][ T9441] ? __might_fault+0x13b/0x190 [ 338.094673][ T9441] __x64_sys_io_setup+0xc9/0x210 [ 338.094721][ T9441] do_syscall_64+0xcd/0x260 [ 338.094778][ T9441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.094805][ T9441] RIP: 0033:0x7fe72f98d169 [ 338.094828][ T9441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.094853][ T9441] RSP: 002b:00007fe730714038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 338.094879][ T9441] RAX: ffffffffffffffda RBX: 00007fe72fba5fa0 RCX: 00007fe72f98d169 [ 338.094913][ T9441] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 338.094930][ T9441] RBP: 00007fe730714090 R08: 0000000000000000 R09: 0000000000000000 [ 338.094945][ T9441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 338.094967][ T9441] R13: 0000000000000001 R14: 00007fe72fba5fa0 R15: 00007ffd38456bb8 [ 338.095001][ T9441] [ 339.051715][ T9456] Invalid ELF header magic: != ELF [ 340.568933][ T9499] ptrace attach of "./syz-executor exec"[5844] was attempted by "./syz-executor exec"[9499] [ 340.750341][ T9496] netlink: 4 bytes leftover after parsing attributes in process `syz.1.733'. [ 342.240563][ T9505] bridge0: port 3(team0) entered blocking state [ 342.248060][ T9505] bridge0: port 3(team0) entered disabled state [ 342.267595][ T9505] team0: entered allmulticast mode [ 342.289361][ T9505] team_slave_0: entered allmulticast mode [ 342.315456][ T9505] team_slave_1: entered allmulticast mode [ 342.344353][ T9505] team0: entered promiscuous mode [ 342.349450][ T9505] team_slave_0: entered promiscuous mode [ 342.360450][ T9505] team_slave_1: entered promiscuous mode [ 342.372516][ T9524] netlink: 28 bytes leftover after parsing attributes in process `syz.1.739'. [ 342.374871][ T9505] bridge0: port 3(team0) entered blocking state [ 342.388740][ T9505] bridge0: port 3(team0) entered forwarding state [ 343.174436][ T9532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.741'. [ 343.214810][ T9532] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.398728][ T9532] bridge_slave_1 (unregistering): left allmulticast mode [ 343.427009][ T9532] bridge_slave_1 (unregistering): left promiscuous mode [ 343.558427][ T9532] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.578431][ T9538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.742'. [ 345.095146][ T9554] netlink: 346 bytes leftover after parsing attributes in process `syz.1.745'. [ 345.794214][ T9570] netlink: 'syz.3.752': attribute type 1 has an invalid length. [ 346.471718][ T9581] FAULT_INJECTION: forcing a failure. [ 346.471718][ T9581] name failslab, interval 1, probability 0, space 0, times 0 [ 346.533491][ T9581] CPU: 1 UID: 0 PID: 9581 Comm: syz.3.755 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 346.533532][ T9581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 346.533550][ T9581] Call Trace: [ 346.533566][ T9581] [ 346.533577][ T9581] dump_stack_lvl+0x16c/0x1f0 [ 346.533627][ T9581] should_fail_ex+0x512/0x640 [ 346.533662][ T9581] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 346.533716][ T9581] should_failslab+0xc2/0x120 [ 346.533744][ T9581] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 346.533812][ T9581] ? __d_alloc+0x31/0xaa0 [ 346.533840][ T9581] ? __pfx_dquot_alloc_inode+0x10/0x10 [ 346.533876][ T9581] __d_alloc+0x31/0xaa0 [ 346.533911][ T9581] d_alloc_pseudo+0x1c/0xc0 [ 346.533949][ T9581] alloc_file_pseudo+0xcf/0x230 [ 346.533987][ T9581] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 346.534034][ T9581] __shmem_file_setup+0x210/0x300 [ 346.534085][ T9581] shmem_zero_setup+0x93/0x1a0 [ 346.534118][ T9581] __mmap_region+0x2036/0x27c0 [ 346.534172][ T9581] ? __pfx___mmap_region+0x10/0x10 [ 346.534218][ T9581] ? bpf_ksym_find+0x124/0x1c0 [ 346.534268][ T9581] ? __kernel_text_address+0xd/0x40 [ 346.534325][ T9581] ? unwind_get_return_address+0x59/0xa0 [ 346.534431][ T9581] ? trace_cap_capable+0x18d/0x200 [ 346.534467][ T9581] ? cap_capable+0xb3/0x250 [ 346.534504][ T9581] mmap_region+0x1ab/0x3f0 [ 346.534567][ T9581] do_mmap+0xd8e/0x11b0 [ 346.534613][ T9581] ? __pfx_do_mmap+0x10/0x10 [ 346.534652][ T9581] ? __pfx_down_write_killable+0x10/0x10 [ 346.534691][ T9581] vm_mmap_pgoff+0x281/0x450 [ 346.534735][ T9581] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.534776][ T9581] ? __fget_files+0x20e/0x3c0 [ 346.534834][ T9581] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.534871][ T9581] ? __pfx_ksys_write+0x10/0x10 [ 346.534912][ T9581] ? rcu_is_watching+0x12/0xc0 [ 346.534955][ T9581] __x64_sys_mmap+0x125/0x190 [ 346.535009][ T9581] do_syscall_64+0xcd/0x260 [ 346.535058][ T9581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.535088][ T9581] RIP: 0033:0x7f26db98d169 [ 346.535111][ T9581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.535140][ T9581] RSP: 002b:00007f26dc7c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 346.535167][ T9581] RAX: ffffffffffffffda RBX: 00007f26dbba5fa0 RCX: 00007f26db98d169 [ 346.535186][ T9581] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 346.535204][ T9581] RBP: 00007f26dc7c6090 R08: fffffffffffffffa R09: 0000000000008000 [ 346.535222][ T9581] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001 [ 346.535239][ T9581] R13: 0000000000000000 R14: 00007f26dbba5fa0 R15: 00007fff2efc5978 [ 346.535276][ T9581] [ 347.285383][ T9596] FAULT_INJECTION: forcing a failure. [ 347.285383][ T9596] name failslab, interval 1, probability 0, space 0, times 0 [ 347.336137][ T9596] CPU: 0 UID: 0 PID: 9596 Comm: syz.4.757 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 347.336180][ T9596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 347.336198][ T9596] Call Trace: [ 347.336208][ T9596] [ 347.336220][ T9596] dump_stack_lvl+0x16c/0x1f0 [ 347.336281][ T9596] should_fail_ex+0x512/0x640 [ 347.336316][ T9596] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 347.336374][ T9596] ? __pfx_filemap_map_pages+0x10/0x10 [ 347.336404][ T9596] should_failslab+0xc2/0x120 [ 347.336433][ T9596] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 347.336482][ T9596] ? ptlock_alloc+0x1f/0x70 [ 347.336537][ T9596] ? __pfx_filemap_map_pages+0x10/0x10 [ 347.336567][ T9596] ptlock_alloc+0x1f/0x70 [ 347.336609][ T9596] pte_alloc_one+0x6d/0x380 [ 347.336652][ T9596] __do_fault+0x320/0x490 [ 347.336683][ T9596] ? __pfx_filemap_map_pages+0x10/0x10 [ 347.336712][ T9596] do_pte_missing+0x1a6/0x3fb0 [ 347.336757][ T9596] ? do_raw_spin_unlock+0x172/0x230 [ 347.336797][ T9596] ? __pmd_alloc+0x3c2/0x870 [ 347.336831][ T9596] ? find_held_lock+0x2b/0x80 [ 347.336874][ T9596] __handle_mm_fault+0x103d/0x2a40 [ 347.336932][ T9596] ? __pfx___handle_mm_fault+0x10/0x10 [ 347.337002][ T9596] ? find_vma+0xbf/0x140 [ 347.337035][ T9596] ? __pfx_find_vma+0x10/0x10 [ 347.337075][ T9596] handle_mm_fault+0x3fe/0xad0 [ 347.337127][ T9596] do_user_addr_fault+0x7a6/0x1370 [ 347.337169][ T9596] ? rcu_is_watching+0x12/0xc0 [ 347.337213][ T9596] exc_page_fault+0x5c/0xc0 [ 347.337264][ T9596] asm_exc_page_fault+0x26/0x30 [ 347.337295][ T9596] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 347.337331][ T9596] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 347.337360][ T9596] RSP: 0018:ffffc9000bca7940 EFLAGS: 00050246 [ 347.337385][ T9596] RAX: 0000000000000080 RBX: 0000000000000008 RCX: 0000000000000008 [ 347.337402][ T9596] RDX: fffff52001794f59 RSI: ffffc9000bca7ac0 RDI: 0000000000000000 [ 347.337422][ T9596] RBP: 0000000000000008 R08: 0000000000000000 R09: fffff52001794f58 [ 347.337439][ T9596] R10: ffffc9000bca7ac7 R11: 0000000000000000 R12: ffffc9000bca7d80 [ 347.337465][ T9596] R13: 0000000000000000 R14: ffffc9000bca7d88 R15: ffffc9000bca7ac0 [ 347.337507][ T9596] _copy_to_iter+0x50c/0x15a0 [ 347.337558][ T9596] ? __pfx__copy_to_iter+0x10/0x10 [ 347.337601][ T9596] ? do_raw_spin_lock+0x12c/0x2b0 [ 347.337636][ T9596] ? find_held_lock+0x2b/0x80 [ 347.337679][ T9596] ? rcu_is_watching+0x12/0xc0 [ 347.337724][ T9596] eventfd_read+0x491/0x610 [ 347.337762][ T9596] ? __pfx_eventfd_read+0x10/0x10 [ 347.337802][ T9596] ? __pfx_aa_file_perm+0x10/0x10 [ 347.337850][ T9596] ? __lock_acquire+0x5ca/0x1ba0 [ 347.337900][ T9596] ? copy_iovec_from_user+0x138/0x170 [ 347.337943][ T9596] do_iter_readv_writev+0x735/0x950 [ 347.337988][ T9596] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 347.338037][ T9596] ? bpf_lsm_file_permission+0x9/0x10 [ 347.338078][ T9596] ? security_file_permission+0x71/0x210 [ 347.338121][ T9596] ? rw_verify_area+0xcf/0x680 [ 347.338163][ T9596] vfs_readv+0x4c5/0x8a0 [ 347.338214][ T9596] ? __pfx_vfs_readv+0x10/0x10 [ 347.338294][ T9596] ? __fget_files+0x20e/0x3c0 [ 347.338338][ T9596] ? __fget_files+0x150/0x3c0 [ 347.338393][ T9596] ? do_readv+0x132/0x330 [ 347.338428][ T9596] do_readv+0x132/0x330 [ 347.338466][ T9596] ? __pfx_do_readv+0x10/0x10 [ 347.338503][ T9596] ? rcu_is_watching+0x12/0xc0 [ 347.338553][ T9596] do_syscall_64+0xcd/0x260 [ 347.338602][ T9596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.338632][ T9596] RIP: 0033:0x7fdac438d169 [ 347.338656][ T9596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.338686][ T9596] RSP: 002b:00007fdac528b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 347.338713][ T9596] RAX: ffffffffffffffda RBX: 00007fdac45a5fa0 RCX: 00007fdac438d169 [ 347.338732][ T9596] RDX: 0000000000000004 RSI: 0000200000000380 RDI: 0000000000000003 [ 347.338750][ T9596] RBP: 00007fdac528b090 R08: 0000000000000000 R09: 0000000000000000 [ 347.338768][ T9596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 347.338785][ T9596] R13: 0000000000000000 R14: 00007fdac45a5fa0 R15: 00007fffdffbfa38 [ 347.338824][ T9596] [ 349.323121][ T9625] FAULT_INJECTION: forcing a failure. [ 349.323121][ T9625] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 349.426374][ T9625] CPU: 0 UID: 0 PID: 9625 Comm: syz.1.764 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 349.426434][ T9625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 349.426451][ T9625] Call Trace: [ 349.426461][ T9625] [ 349.426472][ T9625] dump_stack_lvl+0x16c/0x1f0 [ 349.426522][ T9625] should_fail_ex+0x512/0x640 [ 349.426563][ T9625] should_fail_alloc_page+0xe7/0x130 [ 349.426595][ T9625] prepare_alloc_pages+0x3c2/0x610 [ 349.426639][ T9625] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 349.426690][ T9625] ? copy_splice_read+0x1a8/0xba0 [ 349.426729][ T9625] ? stack_trace_save+0x8e/0xc0 [ 349.426770][ T9625] ? __pfx_stack_trace_save+0x10/0x10 [ 349.426810][ T9625] ? stack_depot_save_flags+0x28/0xa50 [ 349.426855][ T9625] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 349.426901][ T9625] ? kasan_save_stack+0x42/0x60 [ 349.426944][ T9625] ? kasan_save_track+0x14/0x30 [ 349.426987][ T9625] ? __kmalloc_noprof+0x223/0x510 [ 349.427029][ T9625] ? copy_splice_read+0x1a8/0xba0 [ 349.427067][ T9625] ? do_splice_read+0x282/0x370 [ 349.427103][ T9625] ? splice_file_to_pipe+0x109/0x120 [ 349.427145][ T9625] ? do_sendfile+0x400/0xe50 [ 349.427181][ T9625] ? __x64_sys_sendfile64+0x1d8/0x220 [ 349.427208][ T9625] ? do_syscall_64+0xcd/0x260 [ 349.427302][ T9625] alloc_pages_bulk_noprof+0x703/0x13b0 [ 349.427366][ T9625] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 349.427431][ T9625] ? trace_kmalloc+0x2b/0xd0 [ 349.427461][ T9625] ? __kmalloc_noprof+0x242/0x510 [ 349.427518][ T9625] copy_splice_read+0x1e1/0xba0 [ 349.427562][ T9625] ? trace_contention_end+0xdd/0x130 [ 349.427594][ T9625] ? __mutex_lock+0x1ca/0xb90 [ 349.427642][ T9625] ? __pfx_copy_splice_read+0x10/0x10 [ 349.427689][ T9625] ? __pfx___mutex_lock+0x10/0x10 [ 349.427747][ T9625] ? __fget_files+0x204/0x3c0 [ 349.427794][ T9625] ? __pfx_copy_splice_read+0x10/0x10 [ 349.427836][ T9625] do_splice_read+0x282/0x370 [ 349.427883][ T9625] splice_file_to_pipe+0x109/0x120 [ 349.427932][ T9625] do_sendfile+0x400/0xe50 [ 349.427981][ T9625] ? __pfx_do_sendfile+0x10/0x10 [ 349.428024][ T9625] ? __fget_files+0x20e/0x3c0 [ 349.428080][ T9625] __x64_sys_sendfile64+0x1d8/0x220 [ 349.428110][ T9625] ? ksys_write+0x1b9/0x240 [ 349.428152][ T9625] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 349.428181][ T9625] ? rcu_is_watching+0x12/0xc0 [ 349.428233][ T9625] do_syscall_64+0xcd/0x260 [ 349.428283][ T9625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.428314][ T9625] RIP: 0033:0x7fe72f98d169 [ 349.428338][ T9625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.428368][ T9625] RSP: 002b:00007fe730714038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 349.428402][ T9625] RAX: ffffffffffffffda RBX: 00007fe72fba5fa0 RCX: 00007fe72f98d169 [ 349.428421][ T9625] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 349.428439][ T9625] RBP: 00007fe730714090 R08: 0000000000000000 R09: 0000000000000000 [ 349.428456][ T9625] R10: 000000007fffefff R11: 0000000000000246 R12: 0000000000000001 [ 349.428474][ T9625] R13: 0000000000000000 R14: 00007fe72fba5fa0 R15: 00007ffd38456bb8 [ 349.428524][ T9625] [ 349.803498][ T9615] Invalid ELF header magic: != ELF [ 351.250535][ T9651] FAULT_INJECTION: forcing a failure. [ 351.250535][ T9651] name failslab, interval 1, probability 0, space 0, times 0 [ 351.363548][ T9651] CPU: 1 UID: 0 PID: 9651 Comm: syz.3.771 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 351.363588][ T9651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 351.363605][ T9651] Call Trace: [ 351.363614][ T9651] [ 351.363624][ T9651] dump_stack_lvl+0x16c/0x1f0 [ 351.363670][ T9651] should_fail_ex+0x512/0x640 [ 351.363702][ T9651] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 351.363753][ T9651] should_failslab+0xc2/0x120 [ 351.363779][ T9651] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 351.363827][ T9651] ? xs_format_common_peer_addresses+0x1b1/0x4a0 [ 351.363880][ T9651] kstrdup+0x53/0x100 [ 351.363909][ T9651] xs_format_common_peer_addresses+0x1b1/0x4a0 [ 351.363957][ T9651] ? __pfx_xs_format_common_peer_addresses+0x10/0x10 [ 351.364052][ T9651] ? lockdep_init_map_type+0x5c/0x280 [ 351.364083][ T9651] ? do_init_timer+0xc9/0x110 [ 351.364146][ T9651] xs_setup_local+0x5bb/0x820 [ 351.364181][ T9651] xprt_create_transport+0x169/0x730 [ 351.364230][ T9651] rpc_create+0x38e/0x7f0 [ 351.364259][ T9651] ? __pfx_stack_trace_save+0x10/0x10 [ 351.364302][ T9651] ? __pfx_rpc_create+0x10/0x10 [ 351.364343][ T9651] ? add_lock_to_list+0x9d/0x130 [ 351.364425][ T9651] ? __pfx___might_resched+0x10/0x10 [ 351.364472][ T9651] ? rcu_is_watching+0x12/0xc0 [ 351.364519][ T9651] gssp_rpc_create+0xe2/0x180 [ 351.364553][ T9651] ? __pfx_gssp_rpc_create+0x10/0x10 [ 351.364610][ T9651] ? net_generic+0xea/0x2a0 [ 351.364654][ T9651] set_gssp_clnt+0xc3/0x1b0 [ 351.364688][ T9651] ? __pfx_set_gssp_clnt+0x10/0x10 [ 351.364737][ T9651] write_gssp+0x200/0x310 [ 351.364765][ T9651] ? __pfx_write_gssp+0x10/0x10 [ 351.364811][ T9651] ? __pfx_write_gssp+0x10/0x10 [ 351.364841][ T9651] proc_reg_write+0x23d/0x330 [ 351.364877][ T9651] vfs_write+0x25c/0x1180 [ 351.364918][ T9651] ? __pfx_proc_reg_write+0x10/0x10 [ 351.364956][ T9651] ? __pfx___mutex_lock+0x10/0x10 [ 351.365011][ T9651] ? __pfx_vfs_write+0x10/0x10 [ 351.365068][ T9651] ? __fget_files+0x20e/0x3c0 [ 351.365127][ T9651] ksys_write+0x12a/0x240 [ 351.365171][ T9651] ? __pfx_ksys_write+0x10/0x10 [ 351.365213][ T9651] ? rcu_is_watching+0x12/0xc0 [ 351.365264][ T9651] do_syscall_64+0xcd/0x260 [ 351.365314][ T9651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.365346][ T9651] RIP: 0033:0x7f26db98d169 [ 351.365371][ T9651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.365401][ T9651] RSP: 002b:00007f26dc7c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 351.365429][ T9651] RAX: ffffffffffffffda RBX: 00007f26dbba5fa0 RCX: 00007f26db98d169 [ 351.365449][ T9651] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000006 [ 351.365466][ T9651] RBP: 00007f26dc7c6090 R08: 0000000000000000 R09: 0000000000000000 [ 351.365483][ T9651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 351.365501][ T9651] R13: 0000000000000000 R14: 00007f26dbba5fa0 R15: 00007fff2efc5978 [ 351.365542][ T9651] [ 351.839397][ T5842] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 353.711333][ T9672] Invalid ELF header magic: != ELF [ 353.834766][ T9690] FAULT_INJECTION: forcing a failure. [ 353.834766][ T9690] name failslab, interval 1, probability 0, space 0, times 0 [ 353.913387][ T9690] CPU: 1 UID: 0 PID: 9690 Comm: syz.2.781 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 353.913429][ T9690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 353.913446][ T9690] Call Trace: [ 353.913456][ T9690] [ 353.913467][ T9690] dump_stack_lvl+0x16c/0x1f0 [ 353.913517][ T9690] should_fail_ex+0x512/0x640 [ 353.913551][ T9690] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 353.913596][ T9690] should_failslab+0xc2/0x120 [ 353.913625][ T9690] __kmalloc_cache_noprof+0x6a/0x3e0 [ 353.913664][ T9690] ? get_mm_exe_file+0x8a/0x1a0 [ 353.913707][ T9690] ? landlock_init_hierarchy_log+0xa7/0x870 [ 353.913754][ T9690] landlock_init_hierarchy_log+0xa7/0x870 [ 353.913815][ T9690] landlock_merge_ruleset+0x6e1/0x870 [ 353.913847][ T9690] ? prepare_creds+0x583/0x7d0 [ 353.913883][ T9690] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 353.913939][ T9690] do_syscall_64+0xcd/0x260 [ 353.913986][ T9690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.914016][ T9690] RIP: 0033:0x7f4cd4b8d169 [ 353.914040][ T9690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.914074][ T9690] RSP: 002b:00007f4cd5a9b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 353.914102][ T9690] RAX: ffffffffffffffda RBX: 00007f4cd4da5fa0 RCX: 00007f4cd4b8d169 [ 353.914122][ T9690] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 353.914138][ T9690] RBP: 00007f4cd5a9b090 R08: 0000000000000000 R09: 0000000000000000 [ 353.914155][ T9690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 353.914172][ T9690] R13: 0000000000000000 R14: 00007f4cd4da5fa0 R15: 00007fff60586468 [ 353.914210][ T9690] [ 353.915012][ T9690] ------------[ cut here ]------------ [ 354.096785][ T9690] WARNING: CPU: 1 PID: 9690 at security/landlock/domain.h:133 free_ruleset+0x226/0x270 [ 354.107524][ T9690] Modules linked in: [ 354.111471][ T9690] CPU: 1 UID: 0 PID: 9690 Comm: syz.2.781 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 354.123833][ T9690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 354.133958][ T9690] RIP: 0010:free_ruleset+0x226/0x270 [ 354.139306][ T9690] Code: 84 61 ff ff ff 48 89 eb e9 12 ff ff ff e8 a2 d7 2c fd be 03 00 00 00 4c 89 f7 e8 15 fa 3e 00 e9 42 ff ff ff e8 8b d7 2c fd 90 <0f> 0b 90 eb af e8 20 54 91 fd e9 4a fe ff ff 48 89 df e8 13 54 91 [ 354.159242][ T9690] RSP: 0018:ffffc9000c3dfe38 EFLAGS: 00010293 [ 354.165613][ T9690] RAX: 0000000000000000 RBX: ffff88804db7b780 RCX: ffffffff848f5c4f [ 354.173673][ T9690] RDX: ffff8880363f1e00 RSI: ffffffff848e6535 RDI: 0000000000000005 [ 354.181684][ T9690] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 354.189755][ T9690] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888012b7e600 [ 354.198045][ T9690] R13: dffffc0000000000 R14: ffff88804db7b7a0 R15: fffffffffffffff4 [ 354.206324][ T9690] FS: 00007f4cd5a9b6c0(0000) GS:ffff888124ab7000(0000) knlGS:0000000000000000 [ 354.215341][ T9690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 354.221962][ T9690] CR2: 00007f26dc6d56c0 CR3: 000000003ac30000 CR4: 00000000003526f0 [ 354.230001][ T9690] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 354.238005][ T9690] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 354.246064][ T9690] Call Trace: [ 354.249347][ T9690] [ 354.252414][ T9690] landlock_put_ruleset+0xa5/0xb0 [ 354.257597][ T9690] landlock_merge_ruleset+0x218/0x870 [ 354.262972][ T9690] ? prepare_creds+0x583/0x7d0 [ 354.267785][ T9690] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 354.274038][ T9690] do_syscall_64+0xcd/0x260 [ 354.278561][ T9690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.284505][ T9690] RIP: 0033:0x7f4cd4b8d169 [ 354.288951][ T9690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.308937][ T9690] RSP: 002b:00007f4cd5a9b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 354.317635][ T9690] RAX: ffffffffffffffda RBX: 00007f4cd4da5fa0 RCX: 00007f4cd4b8d169 [ 354.325642][ T9690] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 354.333645][ T9690] RBP: 00007f4cd5a9b090 R08: 0000000000000000 R09: 0000000000000000 [ 354.341617][ T9690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 354.349647][ T9690] R13: 0000000000000000 R14: 00007f4cd4da5fa0 R15: 00007fff60586468 [ 354.357841][ T9690] [ 354.360865][ T9690] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 354.368145][ T9690] CPU: 1 UID: 0 PID: 9690 Comm: syz.2.781 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) [ 354.380045][ T9690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 354.390104][ T9690] Call Trace: [ 354.393390][ T9690] [ 354.396328][ T9690] dump_stack_lvl+0x3d/0x1f0 [ 354.400938][ T9690] panic+0x71c/0x800 [ 354.404841][ T9690] ? __pfx_panic+0x10/0x10 [ 354.409280][ T9690] ? show_trace_log_lvl+0x29b/0x3e0 [ 354.414501][ T9690] ? check_panic_on_warn+0x1f/0xb0 [ 354.419621][ T9690] ? free_ruleset+0x226/0x270 [ 354.424323][ T9690] check_panic_on_warn+0xab/0xb0 [ 354.429270][ T9690] __warn+0xf6/0x3c0 [ 354.433171][ T9690] ? free_ruleset+0x226/0x270 [ 354.437976][ T9690] report_bug+0x3c3/0x580 [ 354.442332][ T9690] ? free_ruleset+0x226/0x270 [ 354.447036][ T9690] handle_bug+0x184/0x210 [ 354.451374][ T9690] exc_invalid_op+0x17/0x50 [ 354.455884][ T9690] asm_exc_invalid_op+0x1a/0x20 [ 354.460741][ T9690] RIP: 0010:free_ruleset+0x226/0x270 [ 354.466046][ T9690] Code: 84 61 ff ff ff 48 89 eb e9 12 ff ff ff e8 a2 d7 2c fd be 03 00 00 00 4c 89 f7 e8 15 fa 3e 00 e9 42 ff ff ff e8 8b d7 2c fd 90 <0f> 0b 90 eb af e8 20 54 91 fd e9 4a fe ff ff 48 89 df e8 13 54 91 [ 354.485659][ T9690] RSP: 0018:ffffc9000c3dfe38 EFLAGS: 00010293 [ 354.491730][ T9690] RAX: 0000000000000000 RBX: ffff88804db7b780 RCX: ffffffff848f5c4f [ 354.499706][ T9690] RDX: ffff8880363f1e00 RSI: ffffffff848e6535 RDI: 0000000000000005 [ 354.507683][ T9690] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 354.515654][ T9690] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888012b7e600 [ 354.523626][ T9690] R13: dffffc0000000000 R14: ffff88804db7b7a0 R15: fffffffffffffff4 [ 354.531605][ T9690] ? landlock_log_drop_domain+0x5f/0x1e0 [ 354.537250][ T9690] ? free_ruleset+0x225/0x270 [ 354.541945][ T9690] ? free_ruleset+0x225/0x270 [ 354.546639][ T9690] landlock_put_ruleset+0xa5/0xb0 [ 354.551667][ T9690] landlock_merge_ruleset+0x218/0x870 [ 354.557064][ T9690] ? prepare_creds+0x583/0x7d0 [ 354.561846][ T9690] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 354.568116][ T9690] do_syscall_64+0xcd/0x260 [ 354.572646][ T9690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.578547][ T9690] RIP: 0033:0x7f4cd4b8d169 [ 354.582964][ T9690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.602582][ T9690] RSP: 002b:00007f4cd5a9b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 354.611005][ T9690] RAX: ffffffffffffffda RBX: 00007f4cd4da5fa0 RCX: 00007f4cd4b8d169 [ 354.618994][ T9690] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 354.626988][ T9690] RBP: 00007f4cd5a9b090 R08: 0000000000000000 R09: 0000000000000000 [ 354.635060][ T9690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 354.643034][ T9690] R13: 0000000000000000 R14: 00007f4cd4da5fa0 R15: 00007fff60586468 [ 354.651020][ T9690] [ 354.654384][ T9690] Kernel Offset: disabled [ 354.658722][ T9690] Rebooting in 86400 seconds..