last executing test programs: 9.335960703s ago: executing program 0 (id=646): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x2, 0xe983, 0xdf, 0xeb1, 0x401, 0x1000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="d3c8095e0000fedbdf2502000000140003000902000005e4bdee2b0940568fdb3b89d7b400"/46], 0x34}}, 0x8080) socket(0x15, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x6, 0x0, 0x0, 0x84dd) getsockopt$auto(0xffffffffffffffff, 0x10d, 0x10, 0x0, &(0x7f0000000000)=0xb) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000024c0)='/dev/cec9\x00', 0x2000, 0x0) ioctl$auto_CEC_G_MODE(r3, 0x80046108, &(0x7f0000002500)=0xff) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rt_cache\x00', 0xa182, 0x0) read$auto_proc_iter_file_ops_compat_inode(r4, &(0x7f0000000240)=""/4096, 0x1000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x9, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) connect$auto(0x3, 0x0, 0x54) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socket(0xa, 0x3, 0x2c) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x1, 0xf1, 0xb0, @raw=0x68e8}}) statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000028, 0x6, 0x2}, 0x0, 0x227, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="205c2020027e0dc0023af10e9bfa1babfa203753ca9a20370a", 0x19) 7.986900944s ago: executing program 0 (id=652): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) getpriority$auto(0x2, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) io_uring_setup$auto(0xc, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x26, 0x80002, 0xc) socket(0x2, 0x1, 0x84) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) (fail_nth: 8) 7.972588689s ago: executing program 1 (id=653): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x1000000000003, 0x6, 0xdf, 0x8010, r0, 0xf) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f00000089c0)='/sys/kernel/debug/netdevsim/netdevsim1/max_vfs\x00', 0x101000, 0x0) mmap$auto(0x0, 0xfffffffffffffffd, 0xdf, 0x10, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0x23, 0x2, 0x7f) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) adjtimex$auto(0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) ioctl$auto(0x3, 0x4b44, 0x10000000000402) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_clone(0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x2003ec, 0x14) io_setup$auto(0x1, 0x0) socket(0x1d, 0x2, 0x6) 6.892754042s ago: executing program 0 (id=655): mmap$auto(0x7ff, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(r0, 0x0, 0xffff, 0x3, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/oss/devices\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000000)=""/65, 0x41) connect$auto(0x4, 0x0, 0x10) r2 = prctl$auto(0x8, 0x1, 0x0, 0x4000000000001, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0xa, 0x6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/auth.unix.ip/flush\x00', 0x2000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xc, 0x4, 0x1000002, 0x4, 0x15f4da0e, 0x800000000000003, 0xd08, 0xc, 0x5, 0x4, 0x6d3f, 0x4, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) write$auto(r2, &(0x7f00000000c0)='^\x00', 0x6) socket(0x386b6f0b794db972, 0x6, 0x2) 5.274868681s ago: executing program 2 (id=657): rseq$auto(&(0x7f0000000100)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0xfffffff4, 0x0, 0x7) sysfs$auto(0x2, 0x10000000000002a, 0x0) r0 = socket(0x10, 0x2, 0x0) socket(0x2, 0xa, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x401, 0xfffffffffffffffd, 0xd4, 0x4, 0x28c, 0x0, 0x3, 0x368e, 0x9, {0xfffffffe, 0x10000}, 0x5, 0x6, 0xfffffffffff7fffd, 0x1007ffd, 0x0, 0xfe, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfd, {0x2, 0x0, 0xfd}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004081}, 0x20000084) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) stat$auto(&(0x7f0000000300)='./cgroup\x00', &(0x7f0000000340)={0x800000007, 0x8000, 0x6, 0x8001, 0xee00, 0xee01, 0x0, 0x187, 0x2, 0x8, 0x3, 0x5fd0, 0x7f, 0x6, 0xfff, 0x2003, 0x1}) setsockopt$auto(0x3, 0x0, 0x13, 0xffffffffffffffff, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3a600, 0x0) ioctl$auto_KVM_X86_GET_MCE_CAP_SUPPORTED(r5, 0x8008ae9d, 0x0) mmap$auto(0x9, 0x8, 0xdf, 0x9b72, 0x2, 0x3ff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/rpc/nfs4.idtoname/channel\x00', 0x8f3b7a51b80ebd01, 0x0) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2a1a00005d2b97f05578654ad55ff47ddfc9d283e087fc6c8b362b20b0996bb2463d34966c9d1dd296227fe91a23c6b1765c6a59f164918ac42e67c3bb0c9a99231da52c77abdc725af6218d6d37ab122fa27b987d6340f69ded9685d3f5586fc4a7a62dd2c3829dbfc53b39970736acbc363a8b43f727271b8511", @ANYRES16=r1, @ANYBLOB="10002dbd7000fedbdf259800000008001001050000000c00758008002d0000080000"], 0x28}, 0x1, 0x0, 0x0, 0x840}, 0x4080) ioctl$auto_USBDEVFS_CONTROL32(0xffffffffffffffff, 0xc0105500, &(0x7f0000000080)={0x7a, 0x7d, 0x7, 0x4, 0x100, 0x7, 0xa}) unshare$auto(0x40000080) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) r6 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0) writev$auto(r6, &(0x7f0000000080)={&(0x7f0000000000), 0x4}, 0x2) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/vlan/config\x00', 0x41900, 0x0) pread64$auto(r7, 0x0, 0xe, 0x100000000007) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card0/pcm0p/oss\x00', 0x8f3b7a51b80ebc01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r8, &(0x7f00000003c0)="22e030b1f1193fd495b7432f5493d1187f016e4838a0a6c56fbfa2f370311662e39dc20de5c1184cf39787ac657b4a454b6ba4d1ee", 0x35) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 5.263320911s ago: executing program 0 (id=665): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) r2 = ioctl$auto_SW_SYNC_GET_DEADLINE(r1, 0xc0105702, &(0x7f0000000080)={0x6, 0x0, r0}) mmap$auto(0xfffffffffffffffc, 0xfbd3, 0x100003, 0x57, 0xfffffffffffffffa, 0x1) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x6) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000081) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r4 = socket(0x0, 0x40e, 0xd08) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x7fe, 0x7f, 0x7, 0x0, 0x0, 0x0, 0x8, 0x200, 0x800000000100005, 0x5, 0x7, 0xc, 0x80000001, 0x11, 0x53, 0x7}) r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[@ANYBLOB="82ccbb9af7e028f8c22bd5e36d5d6351", @ANYRESOCT=r2, @ANYRESHEX=r1, @ANYRES64=0x0, @ANYRESHEX=r2, @ANYBLOB="3826f0f4902136aeecd5381a5a14f376b4a7beeaca6cb7b0bcaa6ee356cdf436417d828de7ea697a00a3c129803fbeb9e534df429eb1b5a768938e15aba4c4b867068d61c2eccc5e478f619e14f419225bf2b8114ed236b471af8c44fbfe8757e7a45f9f9faef3d1d03339d54a75ddebb4aa27842e02fd388a903e0618c41e50fe8e1f23fcf6b0f329c2899fd82f76d151231f2edd1eaea4cdeaf90f8f69a1866aea6ec18a", @ANYRES64=r4], 0x24}, 0x1, 0x0, 0x0, 0x24008810}, 0x24008005) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xee46}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x800006, 0x400, 0x7}, 0x9, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/airtime_flags\x00', 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/rxrpc/stats\x00', 0x133200, 0x0) splice$auto(0xffffffffffffffff, &(0x7f00000000c0)=0x6, r3, &(0x7f0000000100), 0x8, 0x6) write$auto(0x3, 0x0, 0x5) read$auto(0xffffffffffffffff, &(0x7f0000000580)='\x00', 0xa3eb) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') r7 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_NEW(r7, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000340)=ANY=[@ANYBLOB="88010000", @ANYRES16=r6, @ANYBLOB="00012bbd7000fbdbdf2501000000040001806901018010007f80040010800800b8000104000014005e000000000000000000000000000000000076453965233cd68a3b9458e0a89986c4e539d809afb2d3efcc960d4cf55d6ff34957db36bf108aa7472f59ca7d7a433ac0c64d214b80eba1c54260a5a30048f6e92bdc8d5802fa6c2ab367d5345b755fe739e9886c6b43fafe421c18f8bd7c2743e1004198ed23235200768008009d00", @ANYRES32, @ANYBLOB="7d69ea2f782e7c192f98b0e86d5853660631cc3d181ad39c6136daae23255fd4e77942d8367a5cc66e8b6f5097ca8ed1e8ca3aa9f2949a0111b65458c67a5df03a58b1e78a94000077a901bd2aab1424330800d600", @ANYRES32=r5, @ANYBLOB="e05a0b702f0b2bc3344f58f04b06dc687a705f6d0b330e778fb8f9020f7e10b28f404d375e825b987f724a92971b6ba92936b8e9c444c07952ad8ccb4dac7f77d57262493aae67595c0601cbc76b603ed802defdce9fc143b6643b749152ed360e08006900"/112, @ANYRES32=r5, @ANYBLOB="00000004000600"], 0x188}, 0x1, 0x0, 0x0, 0x4000}, 0x800) lseek$auto(0x3, 0x8000000000000000, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_active\x00', 0x200, 0x0) 4.159996613s ago: executing program 0 (id=659): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000a80)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x40080, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0xf5, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) 4.142517809s ago: executing program 2 (id=660): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x2497a7476db46aa9, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_MODULE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x18000}, 0x1000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030009000000060007000080000008000200", @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa370000080004001000000008000200", @ANYRES32=0x0, @ANYBLOB="88000e"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7100f97bf53b7200000408000300", @ANYRES32=r5], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) 3.998023575s ago: executing program 1 (id=661): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x1, 0x7, 0x4, 0x55a, @prog_cnt=0x1, 0x0, 0x98f, 0x3, 0x0, 0x8}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sysfs$auto(0x2, 0x23, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x1c3043, 0xf7) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.947090895s ago: executing program 3 (id=662): mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0x80000) r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRESDEC=r0, @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x20040090) r3 = ioctl$auto_TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000280)=0x7) bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000080)=@query={@target_fd=r3, 0x5, 0x7, 0x3, 0x6, @count=0x2, 0x0, 0x6, 0x0, 0x0, 0x3}, 0x3c) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) iopl$auto(0x3) getgroups$auto(0xeda, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x6) socket(0xa, 0x1, 0x100) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x3, &(0x7f00000001c0)=@test={r4, 0x8, 0xffff, 0x3, 0x1, 0x9, 0xb, 0x2, 0x6, 0x7, 0x5, 0xc, 0x1, 0x7, 0x1880}, 0xc) sendmsg$auto_OVS_VPORT_CMD_DEL(r5, 0x0, 0x44000) setsockopt$auto(0x3, 0x0, 0xd3, 0xfffffffffffffffc, 0xfd72) mmap$auto(0x0, 0x4, 0x4, 0x40eb1, 0x401, 0x300000000000) mknodat$auto(0x5, 0x0, 0xfffffffffffff084, 0x400) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r6 = epoll_create$auto(0x2) epoll_pwait2$auto(r6, 0x0, 0x8, &(0x7f0000002780)={0x0, 0x6}, 0x0, 0x8) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) setreuid$auto(0x3, 0x7) write$auto(0x3, 0x0, 0x5c8) 3.946214228s ago: executing program 0 (id=663): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0xffffffffffffffff, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r0) sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f00000012c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001280)={&(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYRES16=r1, @ANYBLOB="000126bd7000fbdbdf250700000005000a009800000008000400060000000410190097ff542dd34b6342148892bdb993f7a147113068bbc4ed4a5a6c63a4d65397233898b11a3a1a253631ae4894518e76c23df21c5707b21a3f27d12d4b148dc1c1bf7f67e1ac0c48a3494039e3bcbe8a8e09acff4b149166f13a45a850b9e45ca6b16fbbb335b0c81097dabebcc2b7a7e5fcf55ce5e2a697ddd544e3119603dd90fc8bdcc592189d173c88aad3071921cd97861107d4c6d42804ceac4fc427ec291e7c3673f66dd2d7b6b60650ae7401cb7030d3430db78e2f3595cc3f4d84eb6088cf0a81bf3570a639c7e7c0059677f6f5802b62e1a7ab199cfcb0deb0423eafb8caaaf9c88d1c0620a845aaf63addde3566cdd2de3600ebdfc407247a7771c73dadf97f26edc3fbc74de2b172e2ddb91858e8c4596464d1089496c4db7e03a7fce10a86809692eb48562d3ad28c385564454fcb303c3290cdc724682bf744d8dc127553fa8937a7e6472b80c32b330e0d3cdfed5f22482deda7fc51583dcf8bb7032a69a5937eefe9bc53e57a7292c50acf20cfab3ffac80290d0098ee18696001e3cede8d9a38ed29f53d37f2c51754ed64dec364af0ea4dc6c18d0cc1ba08063f5832866ce87bee16c52d7842487ab3dad449340d530e864a7404efde63745eb3fef68572096ee3ef97421059e40ae5233748b75e02bfe9e00ac5e23933991bf945af0ac30de627ae79aa6d71dca30ce7e84de10ad12f79c52e27df2026163726bc0ba5639e9b407ce9f3ad1eed6de65e1a07ede9d9b84cc837f28a0126e2fb88bba247e2c4e655ecad2f717111d2119a47b1bcd59de62d6d7fab2864f0ffd296fc0c827c0b4485c46f3d8c23edc84458250d10cef9008b4e8828f4697aca0d6169b338c3645db58064b6e450df169de86ce62d93ded85c4c6129391295cb5dbbea5ae9d0762c774b24219804a3c3891c7643a00218cb5fffea676040ed11f5b5b7faf97fee392a87a97d4b9650c3b5068b6dc4ed5d22c096677f12d4e9f9e96e8d09f9fd1debe9450636bb96c35f69bb98e19c1c50deb2c6002d46eeeae096c1e8ca6054753f4893b312df0306ca202c011975dfec11b5d4fe3dd1599bfb20435bdebab3e187e58015dc9be1ec97470b6ac9c23392d3310dbc3778997f753df0dfd93d5e90137f34883c8901f71c6226eb9c4af2fc60e205cb5d71b020c99dbc940f3fd8dbbe8e731876e6054225669f68da438368ea098de9eab5feeb2b753dd74bfbd3c9c04e6e00fa0bd1229322f626c3179c956cf14c444034e7f7dbf7a76eed7cc07f262f898733b57168f910ac861b971c6143f39cb34f19dcdd80d6fe6f70ccd8aaff128a7fae93944efa4dd4a2171c42addbe127d802bb1b2107c7df70310142dc47de137ce2f2a599f3c80a3d3948f4c6207bb94f9518422dc47ea5a881ba40aa227e06998059976339b7e3ae1f14513fc2050920c0d49a0b0d0a795f88865d5ada287a0276801ad44ed6f48c90eb0ec168d15a8504bbff554a4a4502ef3ccba176c2c84fcc915ca3649974399637401e79f38afa6a75bd9b1316a8d6f66057d9240f5cb038cf4e542db08509751910075583bd9af7960d1c7a4c22ab0d3de11fa867f3819708a26bd1899045c535d58c168985618afc32b31e1bdd996da6db83ea599f7bb5b145ba09763e582ac21aa6ac94af35af98a6713a900db90998a260e70863d9407306a421d8fb0c803fc6d9354e9bb374170e5e5c5cb788dbda819f635b45debc529a31bfef34c59ec4df1b39943f3cb5f48770f7afb3642709bf203d6b9fdbe799bc06b6e0f4e84884d30c0a22696efac047a859ef6edda89f038a6a49ae876c56245dc01495e72375e4801a718ffa144b6913bdbd63fd868d09faaaadd891419b7f5ebe05e3269f0c8caa543dc3f695ba7c3d3a26823e99ebac7f670ca79cd96d7c87bc4017c14bd54c688ef90d9982926a4a74700b64c429fb97edd5989a36d882a46386b6eb6d41d0b550b5232af9308718a8c269698224c5e80b4a12c1eb8bf44e1645067ae360a23c66f024fced66d20f57c50a4e98029dd9351fac251bb5dbcbd7daf8e7fc8d008d6a75f24d8f3e5e321a5fb0470753098727a44e95bf453aa18053827b9f7870ee91af9f8612a44a7629665e22425e43054ac31b73f2275c8181a436cefc436b0314d91feff5c4763cdcb45065b5212ed21f95a117028f0f41f62d9286faeb4dde6b9221b04287782c25a084c6e866522b5f2eed72ecb9e55ddcc7fa9d467b532a7664fc6da983c943dd64ae64e0dfb7ae285bd744502c1eb5f41dd5a153ea2a6f84712d677073798a92359f9f47a92f279108fb84199c66b92068fd9c50d3eb6468475b9d55352dcdefa988a62838e346781905efbc56d4ecb21dfbffa1c2433edb96447c37a8270765be1bfddb3a39c74bc2a05dcb3bba00c0ddcf8068a80af25cf2baa4bb29d25618f9850625deada9f45df6895631aa2fbbaaa4757cdcdf2010ad06d992f2f959bd5eecef217bfb5a47302b5538585e53ec68bf88e45d04f09af9f8cb0c989897118e5d40669fa4520b77b36062fb699814d7c1d0a57bfa6320ba49162f10ed6c9daeb56d617b8bb139b170de03ddb9371b5a66228ac7828bbf9e6ba366732adc0d8f2c22a7069b9196163fe40765897f23d24cf7e8b4ecc2d092c9d20497d577a462fb7e41567594b833f899be95d13a9e271cc3152b294a98210210d083af24768466842959ce961141d89c39d494ecd3d2cf27b3b4e337843c109ba938930e13345c94eb4e41ab4b83321eeab430e3477c8067d228a3c7c0585c22ef36862e71cc4193a96340f8c8f58cf17c3ecd36ddcfe5f347f593fe5f1788efbade4a53f22414269a41c4eb6a226ff1648640109ec4d9cf50c4b7614b6c2d18bb0a67b619f6b6588b82373910461f1480e76470720a765acd672c0fc8fec4429fc02e83f7c41ec823af0222086f50095b69b26ebf202955e6d1691c61d93782834d53e29e7a7ca981cecdcd4edb125ecac3f5ab81435e29661209b06bb50534a87ea165347338021816860b5772a9cb6113d9cba536e9f6698e35e126dae33b2036c1f7da23ee0529675788788693efcab5e18cec7121acff7d8444fa0eae821f021772508137b0076a620b925b8061c8c8ee872ce8d6af7f15bdc51c78eaa392633ec219e71cc810024f34d0bcdd76bf56efa6976e68916795c7a83f2393e126aa0cbcdf65750d2c2b3c0c17640745458ecafc71ed24b6e8dd80a082af9fa7998c8ea5ceb9c1b50a8a8c0224eccaf954760a2893e8761e009574932ccaeadb3d533e7d69f8109b387a10216cbe881b744af0e92e9b3a9ba403cf13cf0e48e2fb55c270cdac104ad0e12cb14d8c2f6fdbe2a03f4b5e02600686be67c747a61ff7635b073ade84c4c80b6515271e1667301116b53df544dd7e127aa7c5a088d9dc4f8077795aa44a71f43f6f9296b8e619da6edd52404579ccacf21727e429f962f492ee1c1893c8b29b0e1a5a3af2b5e7a8813b449d792064f42c339d5c2d84f99d3f92ea27661706f5aa76f91511a839649dddea36aa32f43a4ce755d3ccadf96e7a652afdf391eb352bd9ea18bfccb5bb97df8fae8d28c10f62c0482800b17dd89cdd30cd820f052a89cb23b4ce895bca6fd5224f2194ddad524c5b800fba2fdaa47bf4d57c2082408d3d89b8bb67190a891b4c4fec5890cc786f39f5ae42f9be9ee20e43c2d4dc69ef3a363f00ad693b656134a77b600f8843771e7ba5eb7a4398ba3602b68de33dc0ceaee65b27075bd3cd11b039512cf51a2d13ec61b5285e950e7a5cbe678c8135831616a9e4428fbd3f97a3b08a1bdb11a048ca193c346dbd0d57cee9c7479a7941f23a42f4bd58a013327a42fadbbc4b79cf5f6f9a33890eb6ae7ca09136ebff84a547288f98d269e4c9d31dd0a63bd6d050dc5132dffa5c7800d83bd4994bc2c56de8c29763dbfa66d64baaf20e707925e7989adececd2de761c65f9593241bf51bc989c8796b60c9c6067d0124c3f0a5440d5861ed9a8c89bd3f1731962ce2220938f6ce101e803bea5c67e4b54ae9cd601c9ae21226c76881c15c1883ccd890d4403af4d1c3bb0fcf32f9abb25d0971ead5e69a39f7e1341af65c86ea9b8a6864e874f961856b2ca2ad21b72357d1ec9998c1997b45d93dc6224b71cc3c1787ec9b07d6ff1848c3a9b4f7626b5c9505925ef8a53905ff8beba7ed816c478d5f2d773af41ed4ac086c5a2ff04d0501408999593957185fdaf2b63f0b0540d17298e6c79fab4a3e4bacf25a1fa4b192c5242e2004de1849e33f6d1d8fc4e6aa696709c36a0d4ed7aeb8465108808c62eaa997e2258bf5ca167f6a145d8d1d8ad460d94e828750087185dae6c389bf57b952494e8365b8fe4af02c1e83f6cf39e9ba56b691c68b7876bf67710c6be21338f6d5e6f03d8a83ab38ddee5319e123d3e61fe9509da90656170fea1e28e68d21b9d4f1b8cd6ea1ebdd5242ffd53b282c26b95e4264a9cd04843b8a39343de8e6e873a3a3d405015f011fcea4f7b0945ba55500dba30461258cb27bdb3e45ac507c9bde00959efb56076c88d4cc5a97cb44920c62e19f6634326708fd09afbfacdad263b438b78ee30b23e7122e0dd4b026e4c160952ae6718a2b086b011f6ee55ffa9beffe4158b9a76a5ae7a1d934a9dbce1263949b58e186eff8386bd587f3348146f7d7ca5c2f7da20d99a2f9ce5524ec8ba07e2b09fc91c164ef19d9975a34cf74820b9507b7ee266c1daf8943fd007ad8e755cf9dc81d0efcc4becd9f8ac60c88968c2203784ffb3c0b582ea88121b96c49cc38f15af6e3cffcc393070b6c81feb81dcb91671c76a47d4343dca9eb429d6a242d3767f25a5366c2c6e16c3a7f1a4cdcf1328a449b6d2066165ff11edf42b3c15441ebbb680383eee17ef5783f3712026a6ce2e7e9cafea816d68190b78fafc450adcb8901173b31d5cc81a02a2d4559c2d4812a8feef398941723954ecbc43aa3e331902cda0b6a00fa6d48e87d3ca66e67ac94d59dd5a818a65b8166d09b084705026d9ecdc64336dec607d4744c699327448874706480f935b46b6e7664cc84d3c889ad925b9fa43957ee7e26e2b8de06fbb3d0cc6a2feb4c3040fb6f1fcc4ae1b3aa484510cf414e682b217eb6ff9fb2dc363b9ec1aa693607948a7696e464d1bcbea003bc97ba19511803dff83f964f70c50a405d1a4d6767e4ba038609263d1742033a2e3c9bfc2ef239c602232278289410dd4a35fcaf9cc2f110e0d85467f1f2b6a8d903794f56c605d07f3e45007ac9aabb1d6412b564156190d5bc08c084f1d107f2e436388f55826f5d1d653c8a1dcb00ed765902f23aff6c91ee27c758bdb5c82230807a009638f1a0ca3b02e4515ed1d2bcff5b9fc249c421400794f35f0fb1db1a546923f65f676539049d0c6ef6729921da022259143655ecd0c859ac90717a143fa50f86ce23ae1b5b67deeb71bfc1697354603bb0dfbb0d9f509027bb3cce899ed0ab2adceb6e612503881d052fe6e903ea2a373e851252588139cc2e740997315c6b88da824e6041934e5fcc3aa5b665103d3ea4a35d244893e03229fa5936b1a89b36583d0f1c10de2b3daf21e9b78098fda8cb201cd2c0ea953691d49c18d58676a84b879d03dccdb6ed2ec10008abfb7010334e9cb72f9ff75d99a67eb06b1e21e51419aea04d70ddfb964f4b36c1df23d2f3ec938a54cd2ee57132c2b457c63d71554c498220b20bf42bd52e39907299e0d8ecb2f40b26be4d55e2bfb33af4d3dffa5bc68cadea7bdd08001d00810000000800010004000000080015000500000088001f000a0f2c623b5d52925d51ff8df80bc67c2ac163e09d49b9ec852a754be466c490e4e630fa5112fa77f4b566277127eacb731dc8caf2feab8aefa6799c09ad3d93f403cce5c7d9ff3f4ed3340a1cfbf127d94af0bcffbc64865c3c2a4346b1ff942a4583e1e897a6780a5afdc3887482bff02b06e9c31f278220bb859d21d0d5527f054fdd"], 0x10c8}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, 0x0, 0x20048801) munmap$auto(0x8000, 0xffffffff) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000000)=ANY=[@ANYRESDEC=r0, @ANYBLOB='\x00'/14], 0x14}, 0x1, 0x0, 0x0, 0x6000091}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r3, 0x0) 3.767300264s ago: executing program 2 (id=664): sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="04001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0xc4494) unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x40009, 0x20000000de, 0x9b7e, 0x7, 0x28000) unshare$auto(0x3) ioctl$auto_MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, 0x0) r0 = socket(0xa, 0x1, 0x100) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f0000000580)={[0x1, 0x8, 0xfffffffffffffc01, 0x0, 0x100000fff9, 0x40002, 0x1001014, 0x800000007fffffff, 0x7, 0x3fe, 0xfffffffffffffffe, 0x3, 0x2, 0x2, 0x9, 0x2]}, 0x0) sendmmsg$auto(r2, &(0x7f00000003c0)={{0x0, 0x8f, 0x0, 0x5, &(0x7f0000000380), 0x100, 0x8}, 0x1a}, 0x3, 0x6) write$auto(r2, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) sendfile$auto(r1, r1, 0x0, 0x7fff) unshare$auto(0xa4) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0) r4 = socket(0x10, 0x2, 0xc) unshare$auto(0x40000080) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) r6 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB], 0xf8}}, 0x10004010) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x64f4040a6ccda016}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="fffffffd", @ANYRES16=r6, @ANYBLOB="00012cbd7000fcdbdf250a00000005000200000000000600010061c5000008000a000c000000060001005d00000008000a001803000006000100b438000008000a000100010008000a000200000008000a0006"], 0x5c}, 0x1, 0x0, 0x0, 0x220088c0}, 0x40) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r5, 0x80045105, &(0x7f0000000300)="48c9c499a9a55fc2a836723fb70537445460c9f0892a287c9eb350e6b7502695a40747d57c6d503a9321dfb65dfcdd31e011f135fea8b10f802afe673cf64aa66c9f61a38fcb31374ce2e32ab0609681ba696929e2d96bb3682b03969701b37156ff8b4721ea5f896578a106c1f2650052e1d1590d649f") ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f00000003c0)) syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x19, 0x4, 0x4, 0x800efc, 0x100000001, 0x80000c, 0x66b, 0x4, 0xfffffffffffffffa}, 0x6f4) mmap$auto(0x6, 0x4, 0x4000000000df, 0x10, 0x401, 0x300000000002) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) 3.688662489s ago: executing program 1 (id=666): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(r0, &(0x7f0000000040)='/dev/dsp\x00', 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), r1) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) rt_sigaction$auto(0x4, &(0x7f0000000300)={0x0, 0x0, 0x0, {0x1}}, 0x0, 0x8) gettid() r3 = geteuid() bpf$auto_BPF_PROG_LOAD(0x5, 0x0, 0x2) sendmsg$auto_TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f0000000140)={0xb8, r2, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NAME_TABLE={0x5e, 0x8, 0x0, 0x1, [@nested={0x2c, 0x102, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @uid=r3}, @typed={0xc, 0xc3, 0x0, 0x0, @u64=0x1}, @typed={0x14, 0x73, 0x0, 0x0, @ipv6=@empty}]}, @nested={0x4, 0x110}, @typed={0x4, 0x100, 0x0, 0x0, @binary}, @generic="1bdff9b826b6b88f1bcce86b8bbdf5b17f6a1caf7007d8b40e6e", @nested={0x4, 0x7b}, @typed={0x8, 0xf3, 0x0, 0x0, @fd=r0}]}, @TIPC_NLA_LINK={0x43, 0x4, 0x0, 0x1, [@generic="ce3a00e176441528df20e40bcc8780ecbce0df4eed114fc2ac62c348bde0402671e5ebb5bb3ef10ec488d143be6ee9f6a8b53b4f3dfba7962f5f98a3f1a050"]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x40}, 0x90) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) write$auto(0x3, 0x0, 0xfffffdef) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), r4) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r4, &(0x7f000000a5c0)={0x0, 0x0, &(0x7f000000a580)={&(0x7f0000000080)={0x1c, r5, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x20002}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x24008080) ioctl$auto(0x3, 0x541b, 0x38) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001900), 0xffffffffffffffff) 3.362490345s ago: executing program 1 (id=667): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) mkdir$auto(&(0x7f00000002c0)='./file0\x00', 0x3) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x101040, 0x149) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000001dc0)={0x0, 0x10, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r2, 0x1, 0x70bd27, 0x25dfdc02, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x11, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80014) rename$auto(&(0x7f0000000280)='./file1/file0\x00', &(0x7f0000000040)='./file0/file0\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x6) cachestat$auto(r5, 0x0, 0x0, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r7 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r6, 0x4b67, r7) r8 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x0, 0x2, 0xfffffffe) r9 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0xa0202, 0x0) sendfile$auto(r1, r9, 0x0, 0x2000093) read$auto_l2cap_debugfs_fops_(r0, &(0x7f0000000140)=""/197, 0xc5) socket$nl_generic(0x10, 0x3, 0x10) write$auto_nvmf_dev_fops_fabrics(r8, &(0x7f0000001500)='7', 0x1) ioctl$auto_BLKSECTGET(r0, 0x1267, 0x0) 2.666594794s ago: executing program 3 (id=668): socket(0x2, 0x801, 0x100) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@l2={0x1f, 0x4, @none, 0x3, 0x1}, 0x56) r0 = getpgid$auto(0x0) capget$auto(&(0x7f0000000040)={0xffeffff7, r0}, &(0x7f0000000080)={0xfffffff7, 0x9e1, 0x3}) socket$nl_generic(0x10, 0x3, 0x10) r1 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000200)=""/74, 0x92) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) mmap$auto(0x0, 0x200010000, 0x8000, 0x8010, 0xfffffffffffffffa, 0x2) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) madvise$auto(0x0, 0x200007, 0x19) r2 = open(&(0x7f00000001c0)='./cgroup\x00', 0x501402, 0x6e) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x7fffffff) bpf$auto(0x10, &(0x7f00000000c0)=@link_detach={r2}, 0x40) futex_wait$auto(0x0, 0x0, 0x200001, 0x2, 0x0, 0x1) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, 0x0, 0x4) (fail_nth: 4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff) 2.439746297s ago: executing program 1 (id=669): socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/ram5/range\x00', 0x8000, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) shmctl$auto(0x0, 0xd, 0x0) getrandom$auto(0x0, 0xe06, 0x3) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) setreuid$auto(0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) writev$auto(0x1, 0x0, 0x1) readahead$auto(0xffffffffffffffff, 0x6, 0x2) r2 = socket(0x23, 0x5, 0x0) listen$auto(r2, 0x5ed) unshare$auto(0x40000080) r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x9d) read$auto(r3, 0x0, 0x1) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0) write$auto(r4, 0x0, 0x6) socket(0x2, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) 1.978769278s ago: executing program 2 (id=670): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r0) read$auto(r0, &(0x7f0000000040)='nl80211\x00', 0xbe62) r1 = socket(0x29, 0x5, 0x0) sendmmsg$auto(r1, &(0x7f0000000180)={{0x0, 0x2, &(0x7f0000000100)={&(0x7f00000000c0), 0x34000}, 0x1, &(0x7f00000000c0), 0xb4, 0xab}, 0x80670}, 0x3f800000, 0xd9) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/kcm\x00', 0x480, 0x0) read$auto(r2, &(0x7f0000000300)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceW\x1a\x1f\xae\xd8\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xec4\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb0\x18\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk#_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1w\x1eP\xd0\xea\xab\x8f\xc7\a\xe6\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xdd\xbb\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3#\x00\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda', 0x805644) 1.687758208s ago: executing program 2 (id=671): openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x109482, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfff, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x8000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x26, 0x80805, 0x0) socket(0x28, 0x1, 0x0) open(0x0, 0x22042, 0x45) open(0x0, 0x12ba7e, 0x45) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4605, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9) io_uring_setup$auto(0x1, 0x0) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x149102, 0x0) sendfile$auto(r2, r2, 0x0, 0x10000800000003) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) 1.564714716s ago: executing program 3 (id=672): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x9, 0x3c, &(0x7f00000002c0)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\xff\x1b\x01\x1e\xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\xf2Vw\xbe\x1c$\xddm\x8a\x9d\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5h\xae\xec%\xf9\x94>\xd6,\xf3\x98\'\xb0\t~~\xb4\x98\xbb3=A\x9c\x17\xaa\xce\fh-M\xdb-\x15V\xbc\xfe\xca+\xb5\x95\xb3JL\x0fl\xe84\xbd\xa3nO\x9f\xfa\xb1\x06$\b$i3\x83\xd7\x06\xd6\x1e\xdbB\x9bb\x1cXC\x8c\x8b\xd9\xff\xf2Bf\x99!Z\x132\xca\xf3e\x015\x9b\x86\xd6$\x1a\r3\x91\xb7\x942\xeb\xadVA\xfc\x1f\xbf1\xb7T\xc1\xbf\xc0\xc2\xfc\xe8w\xd33\xb2,&\xd5z\xe6\x93\xb9\aE\x825\x94U\xbbNeb\xd2\xa9\x0f\xed\x8b\xea\xfa\x8a\x04.\xffMIw\x0f\xd6\xae^\xd2\xf1j\xcb\r\xa4\x1d0d\xca\x81\x9c\x80GL\x0e\xe6\x19\x8au\x1a7\xc5|\xf6\x1e\xe00\xc6\"\x83\x1c\xa2\x9e\a\x1c\xea\xa3\x9c\xe1BF\x05b\xf6\xdcf\x04\xd9B\xb9\x98\x9cq\xbd\xfb\xb5~\xf2\x8d\x9f`\xec\xd0\xafY\xcf\x84', 0x18000110) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) r2 = socketpair$auto(0x1e, 0x3, 0xb4d, 0x0) ioctl$auto(r1, 0x4008af03, r1) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x3) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/tty/ttyx7/uevent\x00', 0x88300, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000080)=""/28, 0x1c) socketpair$auto(0x3, 0x5, 0x7, 0x0) r4 = socket(0xa, 0x1, 0x0) connect$auto(r4, &(0x7f0000000000)=@rc={0x1f, @none, 0x6}, 0x7) socket(0x2, 0x1, 0x84) connect$auto(0x3, 0x0, 0x55) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) listen$auto(r2, 0xfffffff8) pipe2$auto(0x0, 0x80) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r5, 0x4b48, 0x1) listen$auto(0x3, 0x83) 848.32386ms ago: executing program 2 (id=673): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4001, 0x0) recvmmsg$auto(r0, &(0x7f0000000280)={{0x0, 0x1d, 0x0, 0x10000, &(0x7f00000001c0)="d7cd776347984e13077263bfd5f9f5", 0x962, 0x9}, 0x2e6}, 0x9a, 0x69ac, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x214803, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0xb8b42, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000280)=""/65, 0x41) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) madvise$auto(0x7, 0x80000000000001, 0x80000a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x4020009, 0x8, 0xeb0, 0x401, 0x9) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mmap$auto(0x1, 0x7, 0xdf, 0x1f, r0, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r2, 0x0, 0x39b8) writev$auto(0x3, 0x0, 0x8) 435.986564ms ago: executing program 3 (id=674): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x1, 0x7, 0x4, 0x55a, @prog_cnt=0x1, 0x0, 0x98f, 0x3, 0x0, 0x8}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sysfs$auto(0x2, 0x23, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x1c3043, 0xf7) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 282.592211ms ago: executing program 1 (id=675): socket(0x2, 0x801, 0x100) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@l2={0x1f, 0x4, @none, 0x3, 0x1}, 0x56) r0 = getpgid$auto(0x0) capget$auto(&(0x7f0000000040)={0xffeffff7, r0}, &(0x7f0000000080)={0xfffffff7, 0x9e1, 0x3}) socket$nl_generic(0x10, 0x3, 0x10) r1 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000200)=""/74, 0x92) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r2 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) mmap$auto(0x0, 0x200010000, 0x8000, 0x8010, 0xfffffffffffffffa, 0x2) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) madvise$auto(0x0, 0x200007, 0x19) r3 = open(&(0x7f00000001c0)='./cgroup\x00', 0x501402, 0x6e) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x7fffffff) bpf$auto(0x10, &(0x7f00000000c0)=@link_detach={r3}, 0x40) futex_wait$auto(0x0, 0x0, 0x200001, 0x2, 0x0, 0x1) sysfs$auto(0x2, 0x23, 0x0) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r4, 0x0, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) waitid$auto_P_PIDFD(0x3, r2, &(0x7f0000000280)={@siginfo_0_0={0x820e, 0x100, 0x2, @_sigpoll={0x0, r1}}}, 0x3ff, &(0x7f0000000300)={{0xf754704, 0x10}, {0x9, 0x6}, 0x9, 0x92d3, 0x7, 0x458d, 0x4d, 0x400, 0x4, 0x0, 0x1, 0x10001, 0x2, 0x9, 0x200, 0x3}) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff) 173.593952ms ago: executing program 3 (id=676): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = accept$auto(r0, &(0x7f0000000080)=@isdn={0x22, 0xc, 0x1, 0x80, 0x9}, &(0x7f0000000100)=0x6) eventfd$auto(0x0) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000180)={&(0x7f0000000140)=0xdb, 0x7fff}) mmap$auto(0x6, 0x6, 0x5, 0x31, r0, 0x7) madvise$auto(0x4b, 0xe, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) syz_clone3(&(0x7f0000000200)={0x387081180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xd6401, 0x0) write$auto(r3, 0x0, 0x81) 0s ago: executing program 3 (id=677): mmap$auto(0x7ff, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(r0, 0x0, 0xffff, 0x3, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/oss/devices\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000000)=""/65, 0x41) connect$auto(0x4, 0x0, 0x10) r2 = prctl$auto(0x8, 0x1, 0x0, 0x4000000000001, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0xa, 0x6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/auth.unix.ip/flush\x00', 0x2000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xc, 0x4, 0x1000002, 0x4, 0x15f4da0e, 0x800000000000003, 0xd08, 0xc, 0x5, 0x4, 0x6d3f, 0x4, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) write$auto(r2, &(0x7f00000000c0)='^\x00', 0x6) socket(0x386b6f0b794db972, 0x6, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.121' (ED25519) to the list of known hosts. [ 96.826836][ T5815] cgroup: Unknown subsys name 'net' [ 96.963586][ T5815] cgroup: Unknown subsys name 'cpuset' [ 96.973367][ T5815] cgroup: Unknown subsys name 'rlimit' [ 97.121676][ T50] cfg80211: failed to load regulatory.db Setting up swapspace version 1, size = 127995904 bytes [ 98.833640][ T5815] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 101.066332][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.077098][ T5826] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 101.085392][ T5826] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.093684][ T5826] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 101.101981][ T5826] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 101.109397][ T5826] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.117768][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.138056][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.145670][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 101.155100][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.163387][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.167377][ T5826] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 101.171602][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.177719][ T5826] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 101.185853][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.201052][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 101.204325][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 101.209584][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.223448][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 101.232595][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 101.817341][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 101.876010][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 101.949813][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 102.130797][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 102.219224][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.226973][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.235512][ T5825] bridge_slave_0: entered allmulticast mode [ 102.243245][ T5825] bridge_slave_0: entered promiscuous mode [ 102.259232][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.266399][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.274335][ T5834] bridge_slave_0: entered allmulticast mode [ 102.282009][ T5834] bridge_slave_0: entered promiscuous mode [ 102.290950][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.298127][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.306185][ T5834] bridge_slave_1: entered allmulticast mode [ 102.314264][ T5834] bridge_slave_1: entered promiscuous mode [ 102.342958][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.350240][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.357622][ T5825] bridge_slave_1: entered allmulticast mode [ 102.365330][ T5825] bridge_slave_1: entered promiscuous mode [ 102.484106][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.511614][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.525581][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.534951][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.542742][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.550429][ T5827] bridge_slave_0: entered allmulticast mode [ 102.559472][ T5827] bridge_slave_0: entered promiscuous mode [ 102.570385][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.625432][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.632991][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.640646][ T5827] bridge_slave_1: entered allmulticast mode [ 102.648033][ T5827] bridge_slave_1: entered promiscuous mode [ 102.670101][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.677281][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.687191][ T5829] bridge_slave_0: entered allmulticast mode [ 102.695102][ T5829] bridge_slave_0: entered promiscuous mode [ 102.706019][ T5825] team0: Port device team_slave_0 added [ 102.739932][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.747238][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.754589][ T5829] bridge_slave_1: entered allmulticast mode [ 102.762476][ T5829] bridge_slave_1: entered promiscuous mode [ 102.788690][ T5825] team0: Port device team_slave_1 added [ 102.815796][ T5834] team0: Port device team_slave_0 added [ 102.824652][ T5834] team0: Port device team_slave_1 added [ 102.848173][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.874641][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.921039][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.948689][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.960288][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.967279][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.993450][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.019576][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.026577][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.053799][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.079717][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.086714][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.113105][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.139065][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.146072][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.174979][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.211090][ T5829] team0: Port device team_slave_0 added [ 103.231246][ T5827] team0: Port device team_slave_0 added [ 103.240947][ T5829] team0: Port device team_slave_1 added [ 103.279803][ T5138] Bluetooth: hci1: command tx timeout [ 103.281005][ T5827] team0: Port device team_slave_1 added [ 103.285654][ T5138] Bluetooth: hci2: command tx timeout [ 103.297307][ T5833] Bluetooth: hci3: command tx timeout [ 103.303343][ T5839] Bluetooth: hci0: command tx timeout [ 103.350127][ T5834] hsr_slave_0: entered promiscuous mode [ 103.356818][ T5834] hsr_slave_1: entered promiscuous mode [ 103.395453][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.402543][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.429300][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.442138][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.449662][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.476158][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.488459][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.495499][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.521541][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.554197][ T5825] hsr_slave_0: entered promiscuous mode [ 103.562005][ T5825] hsr_slave_1: entered promiscuous mode [ 103.568185][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.576681][ T5825] Cannot create hsr debugfs directory [ 103.593102][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.600558][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.626574][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.737823][ T5829] hsr_slave_0: entered promiscuous mode [ 103.745536][ T5829] hsr_slave_1: entered promiscuous mode [ 103.752551][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.761041][ T5829] Cannot create hsr debugfs directory [ 103.914934][ T5827] hsr_slave_0: entered promiscuous mode [ 103.924310][ T5827] hsr_slave_1: entered promiscuous mode [ 103.930594][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.938175][ T5827] Cannot create hsr debugfs directory [ 104.314817][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 104.336273][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 104.360379][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 104.381037][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 104.417892][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 104.443892][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 104.455351][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 104.490533][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 104.552273][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 104.573543][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 104.596743][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 104.609868][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.750772][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 104.766254][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 104.794391][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 104.822459][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 104.883850][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.920506][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.966804][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.002191][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.009665][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.033798][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.066368][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.073629][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.084579][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.092187][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.104475][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.111662][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.138537][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.224081][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.238311][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.245522][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.282145][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.289471][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.359139][ T5138] Bluetooth: hci1: command tx timeout [ 105.364630][ T5138] Bluetooth: hci2: command tx timeout [ 105.370497][ T5833] Bluetooth: hci3: command tx timeout [ 105.376018][ T5839] Bluetooth: hci0: command tx timeout [ 105.376631][ T5825] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 105.392362][ T5825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 105.465536][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.552519][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.592964][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.600205][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.641659][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.648936][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.920065][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.981642][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.032047][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.147679][ T5825] veth0_vlan: entered promiscuous mode [ 106.174635][ T5829] veth0_vlan: entered promiscuous mode [ 106.207094][ T5829] veth1_vlan: entered promiscuous mode [ 106.218437][ T5825] veth1_vlan: entered promiscuous mode [ 106.274921][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.286538][ T5834] veth0_vlan: entered promiscuous mode [ 106.316844][ T5825] veth0_macvtap: entered promiscuous mode [ 106.351792][ T5834] veth1_vlan: entered promiscuous mode [ 106.368289][ T5825] veth1_macvtap: entered promiscuous mode [ 106.392194][ T5829] veth0_macvtap: entered promiscuous mode [ 106.417284][ T5829] veth1_macvtap: entered promiscuous mode [ 106.430724][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.460545][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.483976][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.493548][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.503219][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.512425][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.535181][ T5827] veth0_vlan: entered promiscuous mode [ 106.550416][ T5834] veth0_macvtap: entered promiscuous mode [ 106.565331][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.576911][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.590667][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.612119][ T5827] veth1_vlan: entered promiscuous mode [ 106.624432][ T5834] veth1_macvtap: entered promiscuous mode [ 106.662708][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.673562][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.687493][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.713317][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.725225][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.735905][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.746550][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.760750][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.769633][ T5829] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.778398][ T5829] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.787420][ T5829] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.796997][ T5829] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.864388][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.876056][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.886474][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.901269][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.913011][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.922695][ T5827] veth0_macvtap: entered promiscuous mode [ 106.936005][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.936605][ T5827] veth1_macvtap: entered promiscuous mode [ 106.944715][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.972687][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.982109][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.991041][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.000675][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.065843][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.077169][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.087700][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.098259][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.108316][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.119547][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.135986][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.167781][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.178516][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.189767][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.200563][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.210625][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.221146][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.232510][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.263837][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.272075][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.297799][ T5827] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.307080][ T5827] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.316974][ T5827] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.325823][ T5827] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.351560][ T1081] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.361310][ T1081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.439804][ T5138] Bluetooth: hci2: command tx timeout [ 107.445292][ T5138] Bluetooth: hci0: command tx timeout [ 107.450832][ T5839] Bluetooth: hci3: command tx timeout [ 107.456684][ T5833] Bluetooth: hci1: command tx timeout [ 107.481274][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.493883][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.511557][ T5825] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 107.554160][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.564105][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.676538][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.718563][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.765127][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.796173][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.899983][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.912159][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.036200][ T5892] Zero length message leads to an empty skb [ 108.147289][ T5896] Process accounting resumed [ 108.834909][ T5902] netlink: 504 bytes leftover after parsing attributes in process `syz.3.5'. [ 109.171069][ T5923] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 109.329264][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.520202][ T5138] Bluetooth: hci0: command tx timeout [ 109.525738][ T5833] Bluetooth: hci1: command tx timeout [ 109.539990][ T5839] Bluetooth: hci3: command tx timeout [ 109.540008][ T5837] Bluetooth: hci2: command tx timeout [ 110.254202][ T5937] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11'. [ 110.268851][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 112.363935][ T5981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.21'. [ 114.209451][ T6012] netlink: 8 bytes leftover after parsing attributes in process `syz.0.29'. [ 114.976005][ T6026] random: crng reseeded on system resumption [ 115.161157][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 116.604122][ T6052] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 116.632437][ T6052] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 117.466131][ T6064] netlink: 342 bytes leftover after parsing attributes in process `syz.1.42'. [ 121.622875][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 121.632335][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 121.969174][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 121.978814][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 122.016708][ T6110] Invalid ELF header magic: != ELF [ 122.039996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 122.474245][ T6134] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 122.491954][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 122.500671][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 122.917169][ T6139] queue_state_write: unsupported operation '' [ 122.925910][ T6139] queue_state_write: use 'run', 'start' or 'kick' [ 125.483212][ T6178] mmap: syz.3.66 (6178) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 128.050640][ T6202] program syz.3.71 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.359037][ T6208] netlink: 28 bytes leftover after parsing attributes in process `syz.1.74'. [ 128.379702][ T6208] vxcan1: entered promiscuous mode [ 134.543936][ T6289] netlink: 8 bytes leftover after parsing attributes in process `syz.3.94'. [ 134.624991][ T6293] netlink: 16 bytes leftover after parsing attributes in process `syz.3.94'. [ 134.638179][ T6293] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(384.8192.60), cmd(12) [ 137.038505][ T6337] nvme_fabrics: missing parameter 'transport=%s' [ 137.053097][ T6337] nvme_fabrics: missing parameter 'nqn=%s' [ 137.083882][ T6337] netlink: 32 bytes leftover after parsing attributes in process `syz.3.105'. [ 138.085969][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.094293][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.765399][ T6400] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[6400] [ 141.810873][ T6422] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 142.926531][ T6438] netlink: 'syz.3.130': attribute type 32 has an invalid length. [ 147.702635][ T6495] kexec: Could not allocate control_code_buffer [ 148.857794][ T6546] FAULT_INJECTION: forcing a failure. [ 148.857794][ T6546] name failslab, interval 1, probability 0, space 0, times 0 [ 149.107868][ T6546] CPU: 0 UID: 0 PID: 6546 Comm: syz.0.159 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 149.107909][ T6546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 149.107933][ T6546] Call Trace: [ 149.107943][ T6546] [ 149.107959][ T6546] dump_stack_lvl+0x16c/0x1f0 [ 149.108005][ T6546] should_fail_ex+0x512/0x640 [ 149.108046][ T6546] ? fs_reclaim_acquire+0xae/0x150 [ 149.108110][ T6546] ? tomoyo_encode2+0x100/0x3e0 [ 149.108148][ T6546] should_failslab+0xc2/0x120 [ 149.108186][ T6546] __kmalloc_noprof+0xd2/0x510 [ 149.108218][ T6546] ? d_absolute_path+0x136/0x1a0 [ 149.108260][ T6546] tomoyo_encode2+0x100/0x3e0 [ 149.108306][ T6546] tomoyo_encode+0x29/0x50 [ 149.108344][ T6546] tomoyo_realpath_from_path+0x18f/0x6e0 [ 149.108398][ T6546] tomoyo_check_open_permission+0x2ab/0x3c0 [ 149.108436][ T6546] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 149.108514][ T6546] ? do_raw_spin_lock+0x12c/0x2b0 [ 149.108571][ T6546] tomoyo_file_open+0x6b/0x90 [ 149.108620][ T6546] security_file_open+0x84/0x1e0 [ 149.108662][ T6546] do_dentry_open+0x596/0x1c10 [ 149.108709][ T6546] vfs_open+0x82/0x3f0 [ 149.108753][ T6546] path_openat+0x1e5e/0x2d40 [ 149.108798][ T6546] ? __pfx_path_openat+0x10/0x10 [ 149.108840][ T6546] do_filp_open+0x20b/0x470 [ 149.108869][ T6546] ? __pfx_do_filp_open+0x10/0x10 [ 149.108929][ T6546] ? alloc_fd+0x471/0x7d0 [ 149.108987][ T6546] do_sys_openat2+0x11b/0x1d0 [ 149.109028][ T6546] ? __pfx_do_sys_openat2+0x10/0x10 [ 149.109081][ T6546] ? __fget_files+0x20e/0x3c0 [ 149.109137][ T6546] __x64_sys_openat+0x174/0x210 [ 149.109178][ T6546] ? __pfx___x64_sys_openat+0x10/0x10 [ 149.109216][ T6546] ? ksys_write+0x1b9/0x240 [ 149.109256][ T6546] do_syscall_64+0xcd/0x230 [ 149.109300][ T6546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.109332][ T6546] RIP: 0033:0x7f8c5a58e969 [ 149.109355][ T6546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.109393][ T6546] RSP: 002b:00007f8c5b37e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 149.109422][ T6546] RAX: ffffffffffffffda RBX: 00007f8c5a7b6080 RCX: 00007f8c5a58e969 [ 149.109442][ T6546] RDX: 0000000000000102 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 149.109462][ T6546] RBP: 00007f8c5b37e090 R08: 0000000000000000 R09: 0000000000000000 [ 149.109480][ T6546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 149.109498][ T6546] R13: 0000000000000001 R14: 00007f8c5a7b6080 R15: 00007ffdf08e2f68 [ 149.109540][ T6546] [ 149.428970][ T6546] ERROR: Out of memory at tomoyo_realpath_from_path. [ 149.787483][ T6551] netlink: 28 bytes leftover after parsing attributes in process `syz.2.161'. [ 149.863184][ T6553] netlink: 36 bytes leftover after parsing attributes in process `syz.2.161'. [ 150.062845][ T6551] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 150.327554][ T6564] FAULT_INJECTION: forcing a failure. [ 150.327554][ T6564] name fail_futex, interval 1, probability 0, space 0, times 1 [ 150.408926][ T6564] CPU: 0 UID: 0 PID: 6564 Comm: syz.2.164 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 150.408978][ T6564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 150.408996][ T6564] Call Trace: [ 150.409005][ T6564] [ 150.409016][ T6564] dump_stack_lvl+0x16c/0x1f0 [ 150.409061][ T6564] should_fail_ex+0x512/0x640 [ 150.409109][ T6564] get_futex_key+0x49e/0x1000 [ 150.409143][ T6564] ? __pfx_get_futex_key+0x10/0x10 [ 150.409176][ T6564] ? kasan_save_track+0x14/0x30 [ 150.409207][ T6564] ? __kasan_kmalloc+0xaa/0xb0 [ 150.409252][ T6564] futex_lock_pi+0x27c/0x7b0 [ 150.409288][ T6564] ? __lock_acquire+0x5ca/0x1ba0 [ 150.409325][ T6564] ? __pfx_futex_lock_pi+0x10/0x10 [ 150.409377][ T6564] ? find_held_lock+0x2b/0x80 [ 150.409419][ T6564] ? proc_fail_nth_write+0x9f/0x250 [ 150.409465][ T6564] ? __pfx_futex_wake_mark+0x10/0x10 [ 150.409510][ T6564] ? ksys_write+0x190/0x240 [ 150.409545][ T6564] do_futex+0x11a/0x350 [ 150.409577][ T6564] ? __pfx_do_futex+0x10/0x10 [ 150.409618][ T6564] __x64_sys_futex+0x1e0/0x4c0 [ 150.409652][ T6564] ? fput+0x70/0xf0 [ 150.409683][ T6564] ? __pfx___x64_sys_futex+0x10/0x10 [ 150.409713][ T6564] ? ksys_write+0x1b9/0x240 [ 150.409740][ T6564] ? __pfx_ksys_write+0x10/0x10 [ 150.409765][ T6564] ? rcu_is_watching+0x12/0xc0 [ 150.409802][ T6564] do_syscall_64+0xcd/0x230 [ 150.409843][ T6564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.409874][ T6564] RIP: 0033:0x7f63fb38e969 [ 150.409897][ T6564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.409924][ T6564] RSP: 002b:00007f63fc2bd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 150.409958][ T6564] RAX: ffffffffffffffda RBX: 00007f63fb5b5fa0 RCX: 00007f63fb38e969 [ 150.409976][ T6564] RDX: 0000000040000001 RSI: 0000000000000006 RDI: 0000200000000080 [ 150.409994][ T6564] RBP: 00007f63fc2bd090 R08: 0000000000000000 R09: 0000000000000003 [ 150.410011][ T6564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.410029][ T6564] R13: 0000000000000000 R14: 00007f63fb5b5fa0 R15: 00007ffd830e08e8 [ 150.410067][ T6564] [ 150.954111][ T6566] netlink: 8 bytes leftover after parsing attributes in process `syz.2.165'. [ 153.037235][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.3.176'. [ 155.929802][ T6647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.187'. [ 157.160169][ T6671] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 157.201252][ T6671] CIFS mount error: No usable UNC path provided in device string! [ 157.201252][ T6671] [ 157.211645][ T6671] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 158.908343][ T6688] FAULT_INJECTION: forcing a failure. [ 158.908343][ T6688] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 158.944160][ T6688] CPU: 1 UID: 0 PID: 6688 Comm: syz.1.196 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 158.944203][ T6688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 158.944222][ T6688] Call Trace: [ 158.944231][ T6688] [ 158.944242][ T6688] dump_stack_lvl+0x16c/0x1f0 [ 158.944288][ T6688] should_fail_ex+0x512/0x640 [ 158.944338][ T6688] _copy_from_user+0x2e/0xd0 [ 158.944386][ T6688] sctp_getsockopt+0x1314/0x6b10 [ 158.944422][ T6688] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 158.944464][ T6688] ? __pfx_sctp_getsockopt+0x10/0x10 [ 158.944516][ T6688] ? __lock_acquire+0xaa4/0x1ba0 [ 158.944562][ T6688] ? __pfx___might_resched+0x10/0x10 [ 158.944611][ T6688] ? find_held_lock+0x2b/0x80 [ 158.944638][ T6688] ? __might_fault+0xe3/0x190 [ 158.944672][ T6688] ? __might_fault+0xe3/0x190 [ 158.944703][ T6688] ? __might_fault+0x13b/0x190 [ 158.944748][ T6688] ? sock_common_getsockopt+0x21/0xb0 [ 158.944784][ T6688] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 158.944827][ T6688] do_sock_getsockopt+0x3fc/0x800 [ 158.944874][ T6688] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 158.944947][ T6688] ? __fget_files+0x204/0x3c0 [ 158.945016][ T6688] __sys_getsockopt+0x123/0x1a0 [ 158.945068][ T6688] __x64_sys_getsockopt+0xbd/0x160 [ 158.945098][ T6688] ? do_syscall_64+0x91/0x230 [ 158.945155][ T6688] ? lockdep_hardirqs_on+0x7c/0x110 [ 158.945195][ T6688] do_syscall_64+0xcd/0x230 [ 158.945239][ T6688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.945270][ T6688] RIP: 0033:0x7f7f4498e969 [ 158.945294][ T6688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.945323][ T6688] RSP: 002b:00007f7f45847038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 158.945352][ T6688] RAX: ffffffffffffffda RBX: 00007f7f44bb6080 RCX: 00007f7f4498e969 [ 158.945372][ T6688] RDX: 000000000000007d RSI: 0000000000000084 RDI: 0000000000000003 [ 158.945391][ T6688] RBP: 00007f7f45847090 R08: 0000000000000000 R09: 0000000000000000 [ 158.945409][ T6688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.945428][ T6688] R13: 0000000000000000 R14: 00007f7f44bb6080 R15: 00007fff48015728 [ 158.945469][ T6688] [ 160.496851][ T6715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.203'. [ 162.702449][ T6735] FAULT_INJECTION: forcing a failure. [ 162.702449][ T6735] name failslab, interval 1, probability 0, space 0, times 0 [ 162.756918][ T6735] CPU: 0 UID: 0 PID: 6735 Comm: syz.1.209 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 162.756960][ T6735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 162.756977][ T6735] Call Trace: [ 162.756986][ T6735] [ 162.756997][ T6735] dump_stack_lvl+0x16c/0x1f0 [ 162.757040][ T6735] should_fail_ex+0x512/0x640 [ 162.757080][ T6735] ? __kmalloc_noprof+0xbf/0x510 [ 162.757113][ T6735] ? kernfs_fop_write_iter+0x237/0x510 [ 162.757146][ T6735] should_failslab+0xc2/0x120 [ 162.757179][ T6735] __kmalloc_noprof+0xd2/0x510 [ 162.757220][ T6735] kernfs_fop_write_iter+0x237/0x510 [ 162.757260][ T6735] iter_file_splice_write+0x91c/0x1150 [ 162.757326][ T6735] ? __pfx_iter_file_splice_write+0x10/0x10 [ 162.757377][ T6735] ? __pfx_copy_splice_read+0x10/0x10 [ 162.757440][ T6735] ? __pfx_iter_file_splice_write+0x10/0x10 [ 162.757488][ T6735] direct_splice_actor+0x18f/0x6c0 [ 162.757535][ T6735] splice_direct_to_actor+0x342/0xa30 [ 162.757580][ T6735] ? __pfx_direct_splice_actor+0x10/0x10 [ 162.757630][ T6735] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 162.757678][ T6735] ? get_pid_task+0xfc/0x250 [ 162.757725][ T6735] do_splice_direct+0x174/0x240 [ 162.757767][ T6735] ? __pfx_do_splice_direct+0x10/0x10 [ 162.757810][ T6735] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 162.757856][ T6735] ? rw_verify_area+0xcf/0x680 [ 162.757900][ T6735] do_sendfile+0xafd/0xe50 [ 162.757952][ T6735] ? __pfx_do_sendfile+0x10/0x10 [ 162.757997][ T6735] ? __fget_files+0x20e/0x3c0 [ 162.758053][ T6735] __x64_sys_sendfile64+0x1d8/0x220 [ 162.758085][ T6735] ? ksys_write+0x1b9/0x240 [ 162.758110][ T6735] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 162.758142][ T6735] ? rcu_is_watching+0x12/0xc0 [ 162.758178][ T6735] do_syscall_64+0xcd/0x230 [ 162.758222][ T6735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.758251][ T6735] RIP: 0033:0x7f7f4498e969 [ 162.758274][ T6735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.758300][ T6735] RSP: 002b:00007f7f45868038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 162.758327][ T6735] RAX: ffffffffffffffda RBX: 00007f7f44bb5fa0 RCX: 00007f7f4498e969 [ 162.758344][ T6735] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 162.758361][ T6735] RBP: 00007f7f45868090 R08: 0000000000000000 R09: 0000000000000000 [ 162.758378][ T6735] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 162.758393][ T6735] R13: 0000000000000000 R14: 00007f7f44bb5fa0 R15: 00007fff48015728 [ 162.758429][ T6735] [ 163.346203][ T6737] FAULT_INJECTION: forcing a failure. [ 163.346203][ T6737] name failslab, interval 1, probability 0, space 0, times 0 [ 163.367429][ T6737] CPU: 1 UID: 0 PID: 6737 Comm: syz.0.210 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 163.367475][ T6737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 163.367495][ T6737] Call Trace: [ 163.367505][ T6737] [ 163.367518][ T6737] dump_stack_lvl+0x16c/0x1f0 [ 163.367569][ T6737] should_fail_ex+0x512/0x640 [ 163.367618][ T6737] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 163.367659][ T6737] should_failslab+0xc2/0x120 [ 163.367708][ T6737] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 163.367743][ T6737] ? __proc_create+0xc3/0x8c0 [ 163.367778][ T6737] ? __proc_create+0x2ce/0x8c0 [ 163.367819][ T6737] __proc_create+0x2ce/0x8c0 [ 163.367875][ T6737] ? __pfx___proc_create+0x10/0x10 [ 163.367908][ T6737] ? _raw_write_unlock+0x28/0x50 [ 163.367946][ T6737] ? proc_register+0x314/0x5f0 [ 163.367987][ T6737] _proc_mkdir+0xb9/0x200 [ 163.368018][ T6737] ? __pfx__proc_mkdir+0x10/0x10 [ 163.368055][ T6737] ? __pfx_netfilter_net_init+0x10/0x10 [ 163.368099][ T6737] netfilter_net_init+0x37b/0x4b0 [ 163.368145][ T6737] ? sysctl_net_init+0x27/0x30 [ 163.368184][ T6737] ops_init+0x1df/0x5f0 [ 163.368219][ T6737] setup_net+0x21e/0x850 [ 163.368253][ T6737] ? __pfx_setup_net+0x10/0x10 [ 163.368281][ T6737] ? lockdep_init_map_type+0x5c/0x280 [ 163.368323][ T6737] ? __pfx_down_read_killable+0x10/0x10 [ 163.368367][ T6737] ? debug_mutex_init+0x37/0x70 [ 163.368415][ T6737] copy_net_ns+0x2a6/0x5f0 [ 163.368452][ T6737] create_new_namespaces+0x3ea/0xad0 [ 163.368490][ T6737] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 163.368523][ T6737] ksys_unshare+0x45b/0xa40 [ 163.368563][ T6737] ? __pfx_ksys_unshare+0x10/0x10 [ 163.368598][ T6737] ? xfd_validate_state+0x5d/0x180 [ 163.368643][ T6737] ? rcu_is_watching+0x12/0xc0 [ 163.368679][ T6737] __x64_sys_unshare+0x31/0x40 [ 163.368718][ T6737] do_syscall_64+0xcd/0x230 [ 163.368761][ T6737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.368792][ T6737] RIP: 0033:0x7f8c5a58e969 [ 163.368816][ T6737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.368853][ T6737] RSP: 002b:00007f8c5b39f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 163.368882][ T6737] RAX: ffffffffffffffda RBX: 00007f8c5a7b5fa0 RCX: 00007f8c5a58e969 [ 163.368903][ T6737] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 163.368921][ T6737] RBP: 00007f8c5a610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 163.368940][ T6737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.368956][ T6737] R13: 0000000000000000 R14: 00007f8c5a7b5fa0 R15: 00007ffdf08e2f68 [ 163.368989][ T6737] [ 163.706056][ T6737] cannot create netfilter proc entry [ 163.739322][ T6745] FAULT_INJECTION: forcing a failure. [ 163.739322][ T6745] name failslab, interval 1, probability 0, space 0, times 0 [ 163.777388][ T6745] CPU: 0 UID: 0 PID: 6745 Comm: syz.0.210 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 163.777437][ T6745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 163.777456][ T6745] Call Trace: [ 163.777466][ T6745] [ 163.777478][ T6745] dump_stack_lvl+0x16c/0x1f0 [ 163.777536][ T6745] should_fail_ex+0x512/0x640 [ 163.777584][ T6745] ? fs_reclaim_acquire+0xae/0x150 [ 163.777636][ T6745] ? tomoyo_encode2+0x100/0x3e0 [ 163.777678][ T6745] should_failslab+0xc2/0x120 [ 163.777717][ T6745] __kmalloc_noprof+0xd2/0x510 [ 163.777749][ T6745] ? d_absolute_path+0x136/0x1a0 [ 163.777797][ T6745] tomoyo_encode2+0x100/0x3e0 [ 163.777846][ T6745] tomoyo_encode+0x29/0x50 [ 163.777888][ T6745] tomoyo_realpath_from_path+0x18f/0x6e0 [ 163.777947][ T6745] tomoyo_path_number_perm+0x245/0x580 [ 163.777983][ T6745] ? tomoyo_path_number_perm+0x237/0x580 [ 163.778026][ T6745] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 163.778106][ T6745] ? d_alloc_parallel+0x979/0x12e0 [ 163.778153][ T6745] ? current_check_access_path+0x33c/0x460 [ 163.778196][ T6745] ? __pfx_current_check_access_path+0x10/0x10 [ 163.778250][ T6745] tomoyo_path_mknod+0x10c/0x190 [ 163.778302][ T6745] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 163.778356][ T6745] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 163.778409][ T6745] security_path_mknod+0x161/0x310 [ 163.778450][ T6745] lookup_open.isra.0+0xc17/0x1580 [ 163.778508][ T6745] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 163.778587][ T6745] ? __pfx_down_write+0x10/0x10 [ 163.778632][ T6745] ? mnt_get_write_access+0x20c/0x300 [ 163.778683][ T6745] path_openat+0x905/0x2d40 [ 163.778727][ T6745] ? __pfx_path_openat+0x10/0x10 [ 163.778772][ T6745] do_filp_open+0x20b/0x470 [ 163.778804][ T6745] ? __pfx_do_filp_open+0x10/0x10 [ 163.778867][ T6745] ? alloc_fd+0x471/0x7d0 [ 163.778930][ T6745] do_sys_openat2+0x11b/0x1d0 [ 163.778972][ T6745] ? __pfx_do_sys_openat2+0x10/0x10 [ 163.779033][ T6745] __x64_sys_openat+0x174/0x210 [ 163.779078][ T6745] ? __pfx___x64_sys_openat+0x10/0x10 [ 163.779125][ T6745] ? rcu_is_watching+0x12/0xc0 [ 163.779168][ T6745] do_syscall_64+0xcd/0x230 [ 163.779217][ T6745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.779248][ T6745] RIP: 0033:0x7f8c5a58e969 [ 163.779274][ T6745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.779305][ T6745] RSP: 002b:00007f8c5b37e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 163.779336][ T6745] RAX: ffffffffffffffda RBX: 00007f8c5a7b6080 RCX: 00007f8c5a58e969 [ 163.779357][ T6745] RDX: 0000000000020540 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 163.779377][ T6745] RBP: 00007f8c5a610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 163.779397][ T6745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.779416][ T6745] R13: 0000000000000000 R14: 00007f8c5a7b6080 R15: 00007ffdf08e2f68 [ 163.779458][ T6745] [ 164.144269][ T6745] ERROR: Out of memory at tomoyo_realpath_from_path. [ 164.487068][ T6726] process 'syz.2.207' launched '/dev/fd/3/./file0' with NULL argv: empty string added [ 165.487691][ T6769] capability: warning: `syz.3.215' uses 32-bit capabilities (legacy support in use) [ 168.166940][ T6810] [U]  [ 168.170045][ T6810] [U] [ 168.172803][ T6810] [U] [ 168.175558][ T6810] [U] [ 168.212860][ T6810] [U] [ 168.215664][ T6810] [U] [ 168.218422][ T6810] [U] [ 168.221180][ T6810] [U] [ 168.283396][ T6812] [U] [ 171.129337][ T6807] kexec: Could not allocate control_code_buffer [ 171.186277][ T6846] FAULT_INJECTION: forcing a failure. [ 171.186277][ T6846] name failslab, interval 1, probability 0, space 0, times 0 [ 171.232130][ T6846] CPU: 1 UID: 0 PID: 6846 Comm: syz.0.241 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 171.232175][ T6846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 171.232194][ T6846] Call Trace: [ 171.232205][ T6846] [ 171.232217][ T6846] dump_stack_lvl+0x16c/0x1f0 [ 171.232268][ T6846] should_fail_ex+0x512/0x640 [ 171.232313][ T6846] ? __kvmalloc_node_noprof+0x122/0x600 [ 171.232351][ T6846] should_failslab+0xc2/0x120 [ 171.232391][ T6846] __kvmalloc_node_noprof+0x135/0x600 [ 171.232425][ T6846] ? bucket_table_alloc.isra.0+0x83/0x460 [ 171.232486][ T6846] ? bucket_table_alloc.isra.0+0x83/0x460 [ 171.232530][ T6846] bucket_table_alloc.isra.0+0x83/0x460 [ 171.232577][ T6846] rhashtable_init_noprof+0x41a/0x7e0 [ 171.232620][ T6846] ? kasan_save_track+0x14/0x30 [ 171.232657][ T6846] fqdir_init+0xb4/0x1f0 [ 171.232694][ T6846] lowpan_frags_init_net+0x2d/0x3a0 [ 171.232739][ T6846] ? __pfx_lowpan_frags_init_net+0x10/0x10 [ 171.232783][ T6846] ops_init+0x1df/0x5f0 [ 171.232825][ T6846] setup_net+0x21e/0x850 [ 171.232867][ T6846] ? __pfx_setup_net+0x10/0x10 [ 171.232902][ T6846] ? lockdep_init_map_type+0x5c/0x280 [ 171.232946][ T6846] ? __pfx_down_read_killable+0x10/0x10 [ 171.232997][ T6846] ? debug_mutex_init+0x37/0x70 [ 171.233062][ T6846] copy_net_ns+0x2a6/0x5f0 [ 171.233108][ T6846] create_new_namespaces+0x3ea/0xad0 [ 171.233153][ T6846] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 171.233193][ T6846] ksys_unshare+0x45b/0xa40 [ 171.233237][ T6846] ? __pfx_ksys_unshare+0x10/0x10 [ 171.233278][ T6846] ? xfd_validate_state+0x5d/0x180 [ 171.233332][ T6846] ? rcu_is_watching+0x12/0xc0 [ 171.233372][ T6846] __x64_sys_unshare+0x31/0x40 [ 171.233413][ T6846] do_syscall_64+0xcd/0x230 [ 171.233460][ T6846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.233493][ T6846] RIP: 0033:0x7f8c5a58e969 [ 171.233520][ T6846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.233551][ T6846] RSP: 002b:00007f8c5b39f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 171.233581][ T6846] RAX: ffffffffffffffda RBX: 00007f8c5a7b5fa0 RCX: 00007f8c5a58e969 [ 171.233602][ T6846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 171.233621][ T6846] RBP: 00007f8c5a610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 171.233641][ T6846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.233660][ T6846] R13: 0000000000000000 R14: 00007f8c5a7b5fa0 R15: 00007ffdf08e2f68 [ 171.233700][ T6846] [ 171.872937][ T6857] netlink: 294 bytes leftover after parsing attributes in process `syz.2.242'. [ 171.936642][ T6857] FAULT_INJECTION: forcing a failure. [ 171.936642][ T6857] name failslab, interval 1, probability 0, space 0, times 0 [ 171.958941][ T6857] CPU: 1 UID: 0 PID: 6857 Comm: syz.2.242 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 171.958985][ T6857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 171.959003][ T6857] Call Trace: [ 171.959013][ T6857] [ 171.959023][ T6857] dump_stack_lvl+0x16c/0x1f0 [ 171.959075][ T6857] should_fail_ex+0x512/0x640 [ 171.959116][ T6857] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 171.959155][ T6857] should_failslab+0xc2/0x120 [ 171.959190][ T6857] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 171.959225][ T6857] ? shmem_alloc_inode+0x25/0x50 [ 171.959273][ T6857] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 171.959315][ T6857] shmem_alloc_inode+0x25/0x50 [ 171.959355][ T6857] alloc_inode+0x61/0x240 [ 171.959390][ T6857] new_inode+0x22/0x1c0 [ 171.959422][ T6857] ? alloc_fd+0x471/0x7d0 [ 171.959472][ T6857] shmem_get_inode+0x19a/0xfb0 [ 171.959525][ T6857] __shmem_file_setup+0x16f/0x300 [ 171.959562][ T6857] __do_sys_memfd_create+0x267/0x8a0 [ 171.959608][ T6857] do_syscall_64+0xcd/0x230 [ 171.959650][ T6857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.959678][ T6857] RIP: 0033:0x7f63fb38e969 [ 171.959700][ T6857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.959729][ T6857] RSP: 002b:00007f63fc2bd038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 171.959756][ T6857] RAX: ffffffffffffffda RBX: 00007f63fb5b5fa0 RCX: 00007f63fb38e969 [ 171.959775][ T6857] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 171.959793][ T6857] RBP: 00007f63fb410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 171.959811][ T6857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.959828][ T6857] R13: 0000000000000000 R14: 00007f63fb5b5fa0 R15: 00007ffd830e08e8 [ 171.959864][ T6857] [ 174.549686][ T6899] Invalid ELF header magic: != ELF [ 175.284592][ T6933] can: request_module (can-proto-3) failed. [ 175.450044][ T6938] FAULT_INJECTION: forcing a failure. [ 175.450044][ T6938] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 175.488443][ T6938] CPU: 1 UID: 0 PID: 6938 Comm: syz.3.261 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 175.488485][ T6938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 175.488502][ T6938] Call Trace: [ 175.488511][ T6938] [ 175.488522][ T6938] dump_stack_lvl+0x16c/0x1f0 [ 175.488568][ T6938] should_fail_ex+0x512/0x640 [ 175.488619][ T6938] _copy_to_user+0x32/0xd0 [ 175.488679][ T6938] rng_dev_read+0x1ea/0x810 [ 175.488721][ T6938] ? __pfx_virtio_read+0x10/0x10 [ 175.488763][ T6938] ? __pfx_rng_dev_read+0x10/0x10 [ 175.488812][ T6938] ? bpf_lsm_file_permission+0x9/0x10 [ 175.488859][ T6938] ? security_file_permission+0x71/0x210 [ 175.488899][ T6938] ? rw_verify_area+0xcf/0x680 [ 175.488941][ T6938] ? __pfx_rng_dev_read+0x10/0x10 [ 175.488983][ T6938] vfs_read+0x1de/0xc70 [ 175.489020][ T6938] ? __pfx_vfs_read+0x10/0x10 [ 175.489045][ T6938] ? find_held_lock+0x2b/0x80 [ 175.489076][ T6938] ? __fget_files+0x204/0x3c0 [ 175.489131][ T6938] ? __fget_files+0x20e/0x3c0 [ 175.489191][ T6938] ksys_read+0x12a/0x240 [ 175.489219][ T6938] ? __pfx_ksys_read+0x10/0x10 [ 175.489242][ T6938] ? rcu_is_watching+0x12/0xc0 [ 175.489274][ T6938] do_syscall_64+0xcd/0x230 [ 175.489311][ T6938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.489337][ T6938] RIP: 0033:0x7fa80198e969 [ 175.489357][ T6938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.489382][ T6938] RSP: 002b:00007fa8028ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 175.489405][ T6938] RAX: ffffffffffffffda RBX: 00007fa801bb5fa0 RCX: 00007fa80198e969 [ 175.489424][ T6938] RDX: 00000000fffffe82 RSI: 0000200000000040 RDI: 0000000000000002 [ 175.489440][ T6938] RBP: 00007fa8028ad090 R08: 0000000000000000 R09: 0000000000000000 [ 175.489455][ T6938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 175.489470][ T6938] R13: 0000000000000000 R14: 00007fa801bb5fa0 R15: 00007ffc355d3fb8 [ 175.489501][ T6938] [ 175.689373][ C1] vkms_vblank_simulate: vblank timer overrun [ 175.869782][ T6943] netlink: 8 bytes leftover after parsing attributes in process `syz.1.263'. [ 177.390596][ T6972] FAULT_INJECTION: forcing a failure. [ 177.390596][ T6972] name failslab, interval 1, probability 0, space 0, times 0 [ 177.392443][ T53] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.416404][ T6972] CPU: 0 UID: 0 PID: 6972 Comm: syz.3.274 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 177.416437][ T6972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 177.416450][ T6972] Call Trace: [ 177.416458][ T6972] [ 177.416467][ T6972] dump_stack_lvl+0x16c/0x1f0 [ 177.416509][ T6972] should_fail_ex+0x512/0x640 [ 177.416540][ T6972] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 177.416568][ T6972] should_failslab+0xc2/0x120 [ 177.416595][ T6972] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 177.416618][ T6972] ? kasan_save_stack+0x42/0x60 [ 177.416639][ T6972] ? __alloc_skb+0x2b2/0x380 [ 177.416664][ T6972] __alloc_skb+0x2b2/0x380 [ 177.416685][ T6972] ? __pfx___alloc_skb+0x10/0x10 [ 177.416703][ T6972] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.416737][ T6972] netlink_dump+0x698/0xd00 [ 177.416765][ T6972] ? __pfx_netlink_dump+0x10/0x10 [ 177.416803][ T6972] ? __asan_memset+0x23/0x50 [ 177.416837][ T6972] ? genl_start+0x67f/0x980 [ 177.416869][ T6972] __netlink_dump_start+0x6d6/0x990 [ 177.416905][ T6972] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 177.416952][ T6972] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 177.416995][ T6972] ? genl_op_from_small+0x25/0x440 [ 177.417030][ T6972] ? __pfx_genl_get_cmd+0x10/0x10 [ 177.417056][ T6972] ? __pfx_genl_start+0x10/0x10 [ 177.417084][ T6972] ? __pfx_genl_dumpit+0x10/0x10 [ 177.417112][ T6972] ? __pfx_genl_done+0x10/0x10 [ 177.417145][ T6972] ? __local_bh_enable_ip+0xa4/0x120 [ 177.417170][ T6972] ? __dev_queue_xmit+0x896/0x43e0 [ 177.417204][ T6972] ? __radix_tree_lookup+0x21f/0x2c0 [ 177.417238][ T6972] genl_rcv_msg+0x46e/0x800 [ 177.417272][ T6972] ? __pfx_genl_rcv_msg+0x10/0x10 [ 177.417302][ T6972] ? __pfx___dev_queue_xmit+0x10/0x10 [ 177.417337][ T6972] ? __pfx_macsec_dump_txsc+0x10/0x10 [ 177.417375][ T6972] ? __lock_acquire+0xaa4/0x1ba0 [ 177.417410][ T6972] netlink_rcv_skb+0x16a/0x440 [ 177.417437][ T6972] ? __pfx_genl_rcv_msg+0x10/0x10 [ 177.417470][ T6972] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 177.417518][ T6972] ? __pfx_down_read+0x10/0x10 [ 177.417553][ T6972] ? netlink_deliver_tap+0x1ae/0xd30 [ 177.417583][ T6972] genl_rcv+0x28/0x40 [ 177.417610][ T6972] netlink_unicast+0x53a/0x7f0 [ 177.417640][ T6972] ? __pfx_netlink_unicast+0x10/0x10 [ 177.417665][ T6972] ? __lock_acquire+0xaa4/0x1ba0 [ 177.417702][ T6972] netlink_sendmsg+0x8d1/0xdd0 [ 177.417733][ T6972] ? __pfx_netlink_sendmsg+0x10/0x10 [ 177.417772][ T6972] ____sys_sendmsg+0xa95/0xc70 [ 177.417805][ T6972] ? copy_msghdr_from_user+0x10a/0x160 [ 177.417829][ T6972] ? __pfx_____sys_sendmsg+0x10/0x10 [ 177.417875][ T6972] ___sys_sendmsg+0x134/0x1d0 [ 177.417900][ T6972] ? __pfx____sys_sendmsg+0x10/0x10 [ 177.417962][ T6972] __sys_sendmsg+0x16d/0x220 [ 177.417986][ T6972] ? __pfx___sys_sendmsg+0x10/0x10 [ 177.418026][ T6972] ? rcu_is_watching+0x12/0xc0 [ 177.418068][ T6972] do_syscall_64+0xcd/0x230 [ 177.418111][ T6972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.418142][ T6972] RIP: 0033:0x7fa80198e969 [ 177.418172][ T6972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.418201][ T6972] RSP: 002b:00007fa8028ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 177.418229][ T6972] RAX: ffffffffffffffda RBX: 00007fa801bb5fa0 RCX: 00007fa80198e969 [ 177.418248][ T6972] RDX: 00000000040080c4 RSI: 00002000000000c0 RDI: 0000000000000003 [ 177.418266][ T6972] RBP: 00007fa8028ad090 R08: 0000000000000000 R09: 0000000000000000 [ 177.418285][ T6972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 177.418303][ T6972] R13: 0000000000000000 R14: 00007fa801bb5fa0 R15: 00007ffc355d3fb8 [ 177.418355][ T6972] [ 177.856814][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 177.868536][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 177.877522][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 177.885715][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 177.894395][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 178.250978][ T53] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.623257][ T53] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.393868][ T53] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.762004][ T7001] netlink: 20 bytes leftover after parsing attributes in process `syz.1.277'. [ 179.999098][ T5839] Bluetooth: hci2: command tx timeout [ 180.467786][ T53] bridge_slave_1: left allmulticast mode [ 180.490314][ T53] bridge_slave_1: left promiscuous mode [ 180.498986][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.545590][ T53] bridge_slave_0: left allmulticast mode [ 180.551405][ T53] bridge_slave_0: left promiscuous mode [ 180.557203][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.926310][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 180.938504][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 180.950002][ T53] bond0 (unregistering): Released all slaves [ 180.990546][ T6973] chnl_net:caif_netlink_parms(): no params data found [ 181.284042][ T7014] netlink: 342 bytes leftover after parsing attributes in process `syz.0.280'. [ 181.305959][ T6973] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.318217][ T6973] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.326170][ T6973] bridge_slave_0: entered allmulticast mode [ 181.334372][ T6973] bridge_slave_0: entered promiscuous mode [ 181.459139][ T6973] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.467601][ T6973] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.483059][ T6973] bridge_slave_1: entered allmulticast mode [ 181.502627][ T6973] bridge_slave_1: entered promiscuous mode [ 181.619978][ T6973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 181.687077][ T53] hsr_slave_0: left promiscuous mode [ 181.708767][ T53] hsr_slave_1: left promiscuous mode [ 181.715306][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 181.739213][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 181.748230][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 181.758769][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 181.835711][ T53] veth1_macvtap: left promiscuous mode [ 181.851460][ T53] veth0_macvtap: left promiscuous mode [ 181.864873][ T53] veth1_vlan: left promiscuous mode [ 181.876452][ T53] veth0_vlan: left promiscuous mode [ 182.079344][ T5839] Bluetooth: hci2: command tx timeout [ 183.021697][ T53] team0 (unregistering): Port device team_slave_1 removed [ 183.099051][ T53] team0 (unregistering): Port device team_slave_0 removed [ 184.159116][ T5839] Bluetooth: hci2: command tx timeout [ 184.249688][ T6973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 184.475887][ T6973] team0: Port device team_slave_0 added [ 184.547140][ T6973] team0: Port device team_slave_1 added [ 184.745694][ T6973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 184.756890][ T6973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.798764][ T6973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 184.836588][ T6973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 184.851657][ T6973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.918755][ T6973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 185.205065][ T6973] hsr_slave_0: entered promiscuous mode [ 185.219969][ T6973] hsr_slave_1: entered promiscuous mode [ 185.226474][ T6973] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 185.248833][ T6973] Cannot create hsr debugfs directory [ 185.583013][ T7063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.285'. [ 186.239592][ T5839] Bluetooth: hci2: command tx timeout [ 186.912170][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805f338000: rx timeout, send abort [ 187.421460][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805f338000: abort rx timeout. Force session deactivation [ 187.633783][ T6973] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 187.648887][ T7091] ima: policy update failed [ 187.663300][ T30] audit: type=1802 audit(4294967321.420:2): pid=7091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.291" res=0 errno=0 [ 187.668575][ T6973] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 187.708355][ T6973] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 187.833967][ T6973] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 189.482718][ T6973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.557056][ T6973] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.626546][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.633838][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.688438][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.695755][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.622869][ T7173] FAULT_INJECTION: forcing a failure. [ 190.622869][ T7173] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.680950][ T7173] CPU: 0 UID: 0 PID: 7173 Comm: syz.1.302 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 190.680997][ T7173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 190.681015][ T7173] Call Trace: [ 190.681033][ T7173] [ 190.681044][ T7173] dump_stack_lvl+0x16c/0x1f0 [ 190.681093][ T7173] should_fail_ex+0x512/0x640 [ 190.681143][ T7173] _copy_to_user+0x32/0xd0 [ 190.681194][ T7173] simple_read_from_buffer+0xcb/0x170 [ 190.681244][ T7173] proc_fail_nth_read+0x197/0x270 [ 190.681289][ T7173] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 190.681337][ T7173] ? rw_verify_area+0xcf/0x680 [ 190.681381][ T7173] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 190.681425][ T7173] vfs_read+0x1de/0xc70 [ 190.681460][ T7173] ? __pfx___mutex_lock+0x10/0x10 [ 190.681515][ T7173] ? __pfx_vfs_read+0x10/0x10 [ 190.681554][ T7173] ? __fget_files+0x20e/0x3c0 [ 190.681598][ T7173] ? rcu_watching_snap_stopped_since+0x50/0x110 [ 190.681643][ T7173] ksys_read+0x12a/0x240 [ 190.681670][ T7173] ? __pfx_ksys_read+0x10/0x10 [ 190.681695][ T7173] ? rcu_is_watching+0x12/0xc0 [ 190.681733][ T7173] do_syscall_64+0xcd/0x230 [ 190.681775][ T7173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.681805][ T7173] RIP: 0033:0x7f7f4498d37c [ 190.681829][ T7173] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 190.681857][ T7173] RSP: 002b:00007f7f45847030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 190.681891][ T7173] RAX: ffffffffffffffda RBX: 00007f7f44bb6080 RCX: 00007f7f4498d37c [ 190.681911][ T7173] RDX: 000000000000000f RSI: 00007f7f458470a0 RDI: 0000000000000006 [ 190.681928][ T7173] RBP: 00007f7f45847090 R08: 0000000000000000 R09: 0000000000000000 [ 190.681946][ T7173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.681982][ T7173] R13: 0000000000000001 R14: 00007f7f44bb6080 R15: 00007fff48015728 [ 190.682028][ T7173] [ 190.881557][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.284591][ T7157] netlink: 146 bytes leftover after parsing attributes in process `syz.0.300'. [ 191.587445][ T6973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.882460][ T7194] FAULT_INJECTION: forcing a failure. [ 191.882460][ T7194] name failslab, interval 1, probability 0, space 0, times 0 [ 191.895763][ T7194] CPU: 0 UID: 0 PID: 7194 Comm: syz.3.304 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 191.895803][ T7194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 191.895821][ T7194] Call Trace: [ 191.895830][ T7194] [ 191.895841][ T7194] dump_stack_lvl+0x16c/0x1f0 [ 191.895886][ T7194] should_fail_ex+0x512/0x640 [ 191.895928][ T7194] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 191.895981][ T7194] should_failslab+0xc2/0x120 [ 191.896018][ T7194] __kmalloc_cache_noprof+0x6a/0x3e0 [ 191.896067][ T7194] ? io_uring_setup+0x24f/0x1ff0 [ 191.896109][ T7194] io_uring_setup+0x24f/0x1ff0 [ 191.896148][ T7194] ? __pfx_io_uring_setup+0x10/0x10 [ 191.896192][ T7194] ? do_futex+0x122/0x350 [ 191.896224][ T7194] ? __pfx_do_futex+0x10/0x10 [ 191.896254][ T7194] ? find_held_lock+0x2b/0x80 [ 191.896299][ T7194] ? rcu_is_watching+0x12/0xc0 [ 191.896331][ T7194] __x64_sys_io_uring_setup+0xc2/0x170 [ 191.896369][ T7194] do_syscall_64+0xcd/0x230 [ 191.896410][ T7194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.896439][ T7194] RIP: 0033:0x7fa80198e969 [ 191.896461][ T7194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.896488][ T7194] RSP: 002b:00007fa80286b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 191.896515][ T7194] RAX: ffffffffffffffda RBX: 00007fa801bb6160 RCX: 00007fa80198e969 [ 191.896534][ T7194] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 191.896551][ T7194] RBP: 00007fa801a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 191.896568][ T7194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.896585][ T7194] R13: 0000000000000000 R14: 00007fa801bb6160 R15: 00007ffc355d3fb8 [ 191.896621][ T7194] [ 192.076708][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.087811][ T6973] veth0_vlan: entered promiscuous mode [ 192.101150][ T6973] veth1_vlan: entered promiscuous mode [ 192.132312][ T6973] veth0_macvtap: entered promiscuous mode [ 192.143059][ T6973] veth1_macvtap: entered promiscuous mode [ 192.164351][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.176506][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.186454][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.197034][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.206954][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.217519][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.229288][ T6973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 192.549391][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.567061][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.606507][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.645685][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.668841][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.689243][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.706685][ T6973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 192.785329][ T6973] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.808770][ T6973] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.817636][ T6973] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.827164][ T6973] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.104372][ T7217] netlink: 28 bytes leftover after parsing attributes in process `syz.1.308'. [ 193.120471][ T7217] ipvlan1: entered allmulticast mode [ 193.141529][ T7217] veth0_vlan: entered allmulticast mode [ 193.167258][ T7217] netlink: 330 bytes leftover after parsing attributes in process `syz.1.308'. [ 193.409749][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.417653][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.664327][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.685133][ T7225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078413400 pfn:0x78410 [ 193.691458][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.715080][ T7225] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 193.732161][ T7225] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 193.774697][ T7225] raw: ffff888078413400 0000000000000000 00000001ffffffff 0000000000000000 [ 193.848807][ T7225] page dumped because: unmovable page [ 193.886595][ T7225] page_owner tracks the page as allocated [ 193.937623][ T7225] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x92cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC), pid 6138, tgid 6137 (syz.3.57), ts 122845738957, free_ts 118405851871 [ 194.039265][ T7225] register_dummy_stack+0x89/0xd0 [ 194.044430][ T7225] init_page_owner+0x48/0xc30 [ 194.086456][ T7225] page_ext_init+0x6b8/0xab0 [ 194.086554][ T7225] mm_core_init+0x13c/0x220 [ 194.086598][ T7225] page last free pid 6077 tgid 6063 stack trace: [ 194.086619][ T7225] __free_frozen_pages+0x69d/0xff0 [ 194.086673][ T7225] stack_depot_save_flags+0x354/0xa50 [ 194.086722][ T7225] kasan_save_stack+0x42/0x60 [ 194.086755][ T7225] kasan_save_track+0x14/0x30 [ 194.086787][ T7225] __kasan_kmalloc+0xaa/0xb0 [ 194.086819][ T7225] __kthread_create_on_node+0xce/0x3f0 [ 194.086861][ T7225] kthread_create_on_node+0xc7/0x100 [ 194.086901][ T7225] tomoyo_notify_gc+0xea/0x470 [ 194.086939][ T7225] tomoyo_release+0x31/0x40 [ 194.086991][ T7225] __fput+0x3ff/0xb70 [ 194.087029][ T7225] task_work_run+0x14d/0x240 [ 194.087078][ T7225] get_signal+0x1d1/0x26d0 [ 194.087113][ T7225] arch_do_signal_or_restart+0x8f/0x7a0 [ 194.087159][ T7225] syscall_exit_to_user_mode+0x150/0x2a0 [ 194.087204][ T7225] do_syscall_64+0xda/0x230 [ 194.087249][ T7225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.092892][ T7235] TCP: TCP_TX_DELAY enabled [ 196.583762][ T7270] syz.1.316 uses obsolete (PF_INET,SOCK_PACKET) [ 199.524726][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.538723][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.293310][ T7324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.327'. [ 211.865399][ T7485] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 211.916479][ T7485] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 213.389473][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.3.365'. [ 218.544955][ T7578] netlink: 8 bytes leftover after parsing attributes in process `syz.0.382'. [ 220.140778][ T7602] netlink: 4 bytes leftover after parsing attributes in process `syz.1.389'. [ 221.871416][ T30] audit: type=1800 audit(4294967355.630:3): pid=7621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.396" name="discovery_nqn" dev="configfs" ino=14331 res=0 errno=0 [ 222.359480][ C0] vcan0: j1939_tp_rxtimer: 0xffff888013039c00: rx timeout, send abort [ 222.868190][ C0] vcan0: j1939_tp_rxtimer: 0xffff888013039c00: abort rx timeout. Force session deactivation [ 225.938985][ T7677] Per memcg swappiness does not exist in cgroup v2. See memory.reclaim or memory.swap.max there [ 225.938985][ T7677] [ 227.198879][ T55] Bluetooth: hci1: command 0x0406 tx timeout [ 227.218123][ T5835] Bluetooth: hci0: command 0x0406 tx timeout [ 227.224615][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 230.471849][ T7715] ubi0: attaching mtd0 [ 230.494327][ T7715] ubi0: scanning is finished [ 230.523589][ T7715] ubi0: empty MTD device detected [ 230.959272][ T7715] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 230.966841][ T7715] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 230.988876][ T7715] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 230.996692][ T7715] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 231.006718][ T7715] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 231.014073][ T7715] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 231.022554][ T7715] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3904422466 [ 231.033059][ T7715] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 231.045866][ T7737] ubi0: background thread "ubi_bgt0d" started, PID 7737 [ 231.309583][ T7741] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 232.981290][ T7768] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 233.007661][ T7770] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 238.010245][ T7792] kexec: Could not allocate control_code_buffer [ 241.656766][ T7873] FAULT_INJECTION: forcing a failure. [ 241.656766][ T7873] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 241.677755][ T7873] CPU: 1 UID: 0 PID: 7873 Comm: syz.2.449 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 241.677798][ T7873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 241.677816][ T7873] Call Trace: [ 241.677826][ T7873] [ 241.677838][ T7873] dump_stack_lvl+0x16c/0x1f0 [ 241.677883][ T7873] should_fail_ex+0x512/0x640 [ 241.677933][ T7873] should_fail_alloc_page+0xe7/0x130 [ 241.677973][ T7873] prepare_alloc_pages+0x3c2/0x610 [ 241.678028][ T7873] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 241.678066][ T7873] ? copy_splice_read+0x1a8/0xba0 [ 241.678110][ T7873] ? stack_trace_save+0x8e/0xc0 [ 241.678141][ T7873] ? __pfx_stack_trace_save+0x10/0x10 [ 241.678172][ T7873] ? stack_depot_save_flags+0x28/0xa50 [ 241.678227][ T7873] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 241.678260][ T7873] ? kasan_save_stack+0x33/0x60 [ 241.678291][ T7873] ? __kasan_kmalloc+0xaa/0xb0 [ 241.678321][ T7873] ? copy_splice_read+0x1a8/0xba0 [ 241.678363][ T7873] ? do_splice_read+0x282/0x370 [ 241.678404][ T7873] ? splice_direct_to_actor+0x2a1/0xa30 [ 241.678447][ T7873] ? do_splice_direct+0x174/0x240 [ 241.678488][ T7873] ? do_sendfile+0xafd/0xe50 [ 241.678533][ T7873] ? __x64_sys_sendfile64+0x1d8/0x220 [ 241.678568][ T7873] ? do_syscall_64+0xcd/0x230 [ 241.678644][ T7873] alloc_pages_bulk_noprof+0x703/0x13b0 [ 241.678695][ T7873] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 241.678739][ T7873] ? trace_kmalloc+0x2b/0xd0 [ 241.678777][ T7873] ? __kmalloc_noprof+0x242/0x510 [ 241.678818][ T7873] copy_splice_read+0x1e1/0xba0 [ 241.678864][ T7873] ? __pfx_pipe_to_null+0x10/0x10 [ 241.678906][ T7873] ? __pfx_copy_splice_read+0x10/0x10 [ 241.678948][ T7873] ? pipe_unlock+0x4a/0x70 [ 241.678979][ T7873] ? __pfx_splice_from_pipe+0x10/0x10 [ 241.679037][ T7873] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 241.679089][ T7873] ? __pfx_copy_splice_read+0x10/0x10 [ 241.679130][ T7873] do_splice_read+0x282/0x370 [ 241.679177][ T7873] splice_direct_to_actor+0x2a1/0xa30 [ 241.679226][ T7873] ? __pfx_direct_splice_actor+0x10/0x10 [ 241.679280][ T7873] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 241.679323][ T7873] ? get_pid_task+0xfc/0x250 [ 241.679376][ T7873] do_splice_direct+0x174/0x240 [ 241.679422][ T7873] ? __pfx_do_splice_direct+0x10/0x10 [ 241.679466][ T7873] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 241.679510][ T7873] ? bpf_lsm_file_permission+0x9/0x10 [ 241.679557][ T7873] ? security_file_permission+0x71/0x210 [ 241.679599][ T7873] ? rw_verify_area+0xcf/0x680 [ 241.679649][ T7873] do_sendfile+0xafd/0xe50 [ 241.679712][ T7873] ? __pfx_do_sendfile+0x10/0x10 [ 241.679759][ T7873] ? __pfx___might_resched+0x10/0x10 [ 241.679806][ T7873] __x64_sys_sendfile64+0x1d8/0x220 [ 241.679842][ T7873] ? ksys_write+0x1b9/0x240 [ 241.679870][ T7873] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 241.679906][ T7873] ? rcu_is_watching+0x12/0xc0 [ 241.679946][ T7873] do_syscall_64+0xcd/0x230 [ 241.679990][ T7873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.680022][ T7873] RIP: 0033:0x7f726798e969 [ 241.680047][ T7873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.680076][ T7873] RSP: 002b:00007f726887a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 241.680105][ T7873] RAX: ffffffffffffffda RBX: 00007f7267bb6080 RCX: 00007f726798e969 [ 241.680124][ T7873] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 241.680142][ T7873] RBP: 00007f726887a090 R08: 0000000000000000 R09: 0000000000000000 [ 241.680161][ T7873] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000001 [ 241.680181][ T7873] R13: 0000000000000000 R14: 00007f7267bb6080 R15: 00007ffda6ff8028 [ 241.680221][ T7873] [ 242.495844][ T7877] netlink: 8 bytes leftover after parsing attributes in process `syz.3.451'. [ 242.812379][ T7882] Process accounting resumed [ 243.019251][ T7898] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input10 [ 243.184940][ T7902] program syz.2.453 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 245.014227][ T7944] sp0: Synchronizing with TNC [ 245.176098][ T7942] vivid-003: ================= START STATUS ================= [ 245.233745][ T7942] vivid-003: Radio HW Seek Mode: Bounded [ 245.323351][ T7942] vivid-003: Radio Programmable HW Seek: false [ 245.380564][ T7942] vivid-003: RDS Rx I/O Mode: Block I/O [ 245.392583][ T7942] vivid-003: Generate RBDS Instead of RDS: false [ 245.399295][ T7942] vivid-003: RDS Reception: true [ 245.453093][ T7942] vivid-003: RDS Program Type: 0 inactive [ 245.576112][ T7942] vivid-003: RDS PS Name: inactive [ 245.581672][ T7942] vivid-003: RDS Radio Text: inactive [ 245.643838][ T7942] vivid-003: RDS Traffic Announcement: false inactive [ 245.681148][ T7942] vivid-003: RDS Traffic Program: false inactive [ 245.729366][ T7942] vivid-003: RDS Music: false inactive [ 245.767895][ T7942] vivid-003: ================== END STATUS ================== [ 246.415687][ T7963] FAULT_INJECTION: forcing a failure. [ 246.415687][ T7963] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 246.433106][ T7963] CPU: 0 UID: 0 PID: 7963 Comm: syz.2.467 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 246.433157][ T7963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 246.433175][ T7963] Call Trace: [ 246.433183][ T7963] [ 246.433195][ T7963] dump_stack_lvl+0x16c/0x1f0 [ 246.433230][ T7963] should_fail_ex+0x512/0x640 [ 246.433268][ T7963] _copy_to_iter+0x2a4/0x15a0 [ 246.433305][ T7963] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 246.433341][ T7963] ? __pfx__copy_to_iter+0x10/0x10 [ 246.433377][ T7963] ? kernfs_seq_stop+0xcd/0x120 [ 246.433410][ T7963] ? kernfs_put_active+0x86/0xe0 [ 246.433436][ T7963] seq_read_iter+0xcf8/0x12c0 [ 246.433485][ T7963] kernfs_fop_read_iter+0x40f/0x5a0 [ 246.433513][ T7963] ? rw_verify_area+0xcf/0x680 [ 246.433550][ T7963] vfs_read+0x8c8/0xc70 [ 246.433578][ T7963] ? __pfx___mutex_lock+0x10/0x10 [ 246.433613][ T7963] ? __pfx_vfs_read+0x10/0x10 [ 246.433652][ T7963] ksys_read+0x12a/0x240 [ 246.433673][ T7963] ? __pfx_ksys_read+0x10/0x10 [ 246.433702][ T7963] do_syscall_64+0xcd/0x230 [ 246.433754][ T7963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.433777][ T7963] RIP: 0033:0x7f726798e969 [ 246.433795][ T7963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.433817][ T7963] RSP: 002b:00007f726887a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 246.433839][ T7963] RAX: ffffffffffffffda RBX: 00007f7267bb6080 RCX: 00007f726798e969 [ 246.433859][ T7963] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000007 [ 246.433876][ T7963] RBP: 00007f726887a090 R08: 0000000000000000 R09: 0000000000000000 [ 246.433894][ T7963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 246.433911][ T7963] R13: 0000000000000000 R14: 00007f7267bb6080 R15: 00007ffda6ff8028 [ 246.433949][ T7963] [ 248.731041][ T8003] FAULT_INJECTION: forcing a failure. [ 248.731041][ T8003] name failslab, interval 1, probability 0, space 0, times 0 [ 248.813690][ T8003] CPU: 0 UID: 0 PID: 8003 Comm: syz.3.475 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 248.813734][ T8003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 248.813753][ T8003] Call Trace: [ 248.813763][ T8003] [ 248.813774][ T8003] dump_stack_lvl+0x16c/0x1f0 [ 248.813821][ T8003] should_fail_ex+0x512/0x640 [ 248.813871][ T8003] should_failslab+0xc2/0x120 [ 248.813910][ T8003] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 248.813947][ T8003] ? skb_clone+0x190/0x3f0 [ 248.813995][ T8003] skb_clone+0x190/0x3f0 [ 248.814031][ T8003] netlink_deliver_tap+0xabd/0xd30 [ 248.814077][ T8003] netlink_dump+0xb6d/0xd00 [ 248.814116][ T8003] ? __pfx_netlink_dump+0x10/0x10 [ 248.814174][ T8003] ? __asan_memset+0x23/0x50 [ 248.814222][ T8003] ? genl_start+0x67f/0x980 [ 248.814269][ T8003] __netlink_dump_start+0x6d6/0x990 [ 248.814312][ T8003] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 248.814360][ T8003] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 248.814417][ T8003] ? __pfx_genl_start+0x10/0x10 [ 248.814455][ T8003] ? __pfx_genl_dumpit+0x10/0x10 [ 248.814493][ T8003] ? __pfx_genl_done+0x10/0x10 [ 248.814535][ T8003] ? bpf_lsm_capable+0x9/0x10 [ 248.814566][ T8003] ? security_capable+0x7e/0x260 [ 248.814619][ T8003] ? ns_capable+0xd7/0x110 [ 248.814655][ T8003] genl_rcv_msg+0x46e/0x800 [ 248.814704][ T8003] ? __pfx_genl_rcv_msg+0x10/0x10 [ 248.814750][ T8003] ? __pfx___dev_queue_xmit+0x10/0x10 [ 248.814798][ T8003] ? __pfx_batadv_orig_dump+0x10/0x10 [ 248.814845][ T8003] ? __lock_acquire+0xaa4/0x1ba0 [ 248.814901][ T8003] netlink_rcv_skb+0x16a/0x440 [ 248.814937][ T8003] ? __pfx_genl_rcv_msg+0x10/0x10 [ 248.814987][ T8003] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 248.815045][ T8003] ? __pfx_down_read+0x10/0x10 [ 248.815093][ T8003] ? netlink_deliver_tap+0x1ae/0xd30 [ 248.815135][ T8003] genl_rcv+0x28/0x40 [ 248.815172][ T8003] netlink_unicast+0x53a/0x7f0 [ 248.815212][ T8003] ? __pfx_netlink_unicast+0x10/0x10 [ 248.815246][ T8003] ? __lock_acquire+0xaa4/0x1ba0 [ 248.815299][ T8003] netlink_sendmsg+0x8d1/0xdd0 [ 248.815344][ T8003] ? __pfx_netlink_sendmsg+0x10/0x10 [ 248.815399][ T8003] ____sys_sendmsg+0xa95/0xc70 [ 248.815442][ T8003] ? copy_msghdr_from_user+0x10a/0x160 [ 248.815474][ T8003] ? __pfx_____sys_sendmsg+0x10/0x10 [ 248.815540][ T8003] ___sys_sendmsg+0x134/0x1d0 [ 248.815576][ T8003] ? __pfx____sys_sendmsg+0x10/0x10 [ 248.815667][ T8003] __sys_sendmsg+0x16d/0x220 [ 248.815700][ T8003] ? __pfx___sys_sendmsg+0x10/0x10 [ 248.815749][ T8003] ? rcu_is_watching+0x12/0xc0 [ 248.815791][ T8003] do_syscall_64+0xcd/0x230 [ 248.815837][ T8003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.815868][ T8003] RIP: 0033:0x7fa80198e969 [ 248.815892][ T8003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.815921][ T8003] RSP: 002b:00007fa8028ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 248.815951][ T8003] RAX: ffffffffffffffda RBX: 00007fa801bb5fa0 RCX: 00007fa80198e969 [ 248.815978][ T8003] RDX: 0000000004000054 RSI: 0000200000000000 RDI: 0000000000000003 [ 248.815996][ T8003] RBP: 00007fa8028ad090 R08: 0000000000000000 R09: 0000000000000000 [ 248.816015][ T8003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 248.816034][ T8003] R13: 0000000000000000 R14: 00007fa801bb5fa0 R15: 00007ffc355d3fb8 [ 248.816090][ T8003] [ 251.052551][ T8033] netlink: 'syz.1.484': attribute type 4 has an invalid length. [ 251.093269][ T8033] netlink: 314 bytes leftover after parsing attributes in process `syz.1.484'. [ 251.216169][ T8042] usb usb34: usbfs: process 8042 (syz.3.486) did not claim interface 0 before use [ 251.267518][ T8042] netlink: 186 bytes leftover after parsing attributes in process `syz.3.486'. [ 251.800644][ T8062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.489'. [ 252.500007][ T30] audit: type=1800 audit(4294967386.270:4): pid=8067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.491" name="dbroot" dev="configfs" ino=16849 res=0 errno=0 [ 253.894648][ T8095] syz.1.497 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 254.049072][ T8095] FAULT_INJECTION: forcing a failure. [ 254.049072][ T8095] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 254.055571][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.2.499'. [ 254.088870][ T8095] CPU: 0 UID: 0 PID: 8095 Comm: syz.1.497 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 254.088917][ T8095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 254.088936][ T8095] Call Trace: [ 254.088947][ T8095] [ 254.088959][ T8095] dump_stack_lvl+0x16c/0x1f0 [ 254.089007][ T8095] should_fail_ex+0x512/0x640 [ 254.089056][ T8095] should_fail_alloc_page+0xe7/0x130 [ 254.089099][ T8095] prepare_alloc_pages+0x3c2/0x610 [ 254.089148][ T8095] ? rcu_is_watching+0x12/0xc0 [ 254.089182][ T8095] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 254.089227][ T8095] ? do_raw_spin_lock+0x12c/0x2b0 [ 254.089275][ T8095] ? find_held_lock+0x2b/0x80 [ 254.089311][ T8095] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 254.089351][ T8095] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 254.089391][ T8095] ? stack_depot_save_flags+0x3e6/0xa50 [ 254.089455][ T8095] ? kasan_save_stack+0x42/0x60 [ 254.089494][ T8095] ? __lock_acquire+0xaa4/0x1ba0 [ 254.089533][ T8095] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 254.089580][ T8095] ? policy_nodemask+0xea/0x4e0 [ 254.089621][ T8095] alloc_pages_mpol+0x1fb/0x550 [ 254.089659][ T8095] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 254.089692][ T8095] ? __page_table_check_ptes_set+0x1ae/0x420 [ 254.089729][ T8095] ? find_held_lock+0x2b/0x80 [ 254.089764][ T8095] alloc_pages_noprof+0x131/0x390 [ 254.089803][ T8095] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 254.089835][ T8095] get_free_pages_noprof+0xc/0x40 [ 254.089877][ T8095] kasan_populate_vmalloc_pte+0x2d/0x160 [ 254.089916][ T8095] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 254.089948][ T8095] __apply_to_page_range+0x617/0xd60 [ 254.090004][ T8095] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 254.090043][ T8095] ? __pfx___apply_to_page_range+0x10/0x10 [ 254.090094][ T8095] ? alloc_vmap_area+0x872/0x2970 [ 254.090147][ T8095] alloc_vmap_area+0x919/0x2970 [ 254.090211][ T8095] ? __pfx_alloc_vmap_area+0x10/0x10 [ 254.090268][ T8095] __get_vm_area_node+0x1a7/0x300 [ 254.090325][ T8095] __vmalloc_node_range_noprof+0x277/0x1540 [ 254.090376][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.090442][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.090498][ T8095] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 254.090569][ T8095] __kvmalloc_node_noprof+0x2ff/0x600 [ 254.090604][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.090652][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.090706][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.090749][ T8095] __do_sys_listmount+0x1c2/0xed0 [ 254.090803][ T8095] ? __x64_sys_futex+0x1e0/0x4c0 [ 254.090833][ T8095] ? __x64_sys_futex+0x1e9/0x4c0 [ 254.090867][ T8095] ? __pfx___do_sys_listmount+0x10/0x10 [ 254.090913][ T8095] ? xfd_validate_state+0x5d/0x180 [ 254.090982][ T8095] do_syscall_64+0xcd/0x230 [ 254.091029][ T8095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.091060][ T8095] RIP: 0033:0x7f7f4498e969 [ 254.091085][ T8095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.091115][ T8095] RSP: 002b:00007f7f45847038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 254.091145][ T8095] RAX: ffffffffffffffda RBX: 00007f7f44bb6080 RCX: 00007f7f4498e969 [ 254.091167][ T8095] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 254.091188][ T8095] RBP: 00007f7f44a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 254.091207][ T8095] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 254.091225][ T8095] R13: 0000000000000000 R14: 00007f7f44bb6080 R15: 00007fff48015728 [ 254.091262][ T8095] [ 254.091639][ T8095] syz.1.497: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null) [ 254.399537][ C0] vkms_vblank_simulate: vblank timer overrun [ 254.484989][ T8095] ,cpuset=/,mems_allowed=0-1 [ 254.540740][ T8095] CPU: 1 UID: 0 PID: 8095 Comm: syz.1.497 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 254.540786][ T8095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 254.540805][ T8095] Call Trace: [ 254.540815][ T8095] [ 254.540828][ T8095] dump_stack_lvl+0x16c/0x1f0 [ 254.540873][ T8095] warn_alloc+0x248/0x3a0 [ 254.540905][ T8095] ? __pfx_warn_alloc+0x10/0x10 [ 254.540936][ T8095] ? kfree+0x2b6/0x4d0 [ 254.540993][ T8095] ? __get_vm_area_node+0x1e5/0x300 [ 254.541049][ T8095] __vmalloc_node_range_noprof+0xd31/0x1540 [ 254.541115][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.541172][ T8095] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 254.541239][ T8095] __kvmalloc_node_noprof+0x2ff/0x600 [ 254.541273][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.541321][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.541374][ T8095] ? __do_sys_listmount+0x1c2/0xed0 [ 254.541425][ T8095] __do_sys_listmount+0x1c2/0xed0 [ 254.541478][ T8095] ? __x64_sys_futex+0x1e0/0x4c0 [ 254.541511][ T8095] ? __x64_sys_futex+0x1e9/0x4c0 [ 254.541547][ T8095] ? __pfx___do_sys_listmount+0x10/0x10 [ 254.541593][ T8095] ? xfd_validate_state+0x5d/0x180 [ 254.541662][ T8095] do_syscall_64+0xcd/0x230 [ 254.541712][ T8095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.541745][ T8095] RIP: 0033:0x7f7f4498e969 [ 254.541770][ T8095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.541801][ T8095] RSP: 002b:00007f7f45847038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 254.541831][ T8095] RAX: ffffffffffffffda RBX: 00007f7f44bb6080 RCX: 00007f7f4498e969 [ 254.541851][ T8095] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 254.541871][ T8095] RBP: 00007f7f44a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 254.541890][ T8095] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 254.541909][ T8095] R13: 0000000000000000 R14: 00007f7f44bb6080 R15: 00007fff48015728 [ 254.541951][ T8095] [ 254.542034][ T8095] Mem-Info: [ 254.818440][ T8095] active_anon:10486 inactive_anon:0 isolated_anon:0 [ 254.818440][ T8095] active_file:14963 inactive_file:39398 isolated_file:0 [ 254.818440][ T8095] unevictable:768 dirty:804 writeback:0 [ 254.818440][ T8095] slab_reclaimable:10122 slab_unreclaimable:96277 [ 254.818440][ T8095] mapped:26017 shmem:1562 pagetables:912 [ 254.818440][ T8095] sec_pagetables:0 bounce:0 [ 254.818440][ T8095] kernel_misc_reclaimable:0 [ 254.818440][ T8095] free:1336091 free_pcp:1629 free_cma:0 [ 254.876153][ T8095] Node 0 active_anon:42044kB inactive_anon:0kB active_file:59852kB inactive_file:157524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:104168kB dirty:3212kB writeback:0kB shmem:4812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10908kB pagetables:3648kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 254.920691][ T8095] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 255.024860][ T8095] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 255.125761][ T8095] lowmem_reserve[]: 0 2484 2486 2486 2486 [ 255.140754][ T8095] Node 0 DMA32 free:1420684kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:43980kB inactive_anon:0kB active_file:59852kB inactive_file:155704kB unevictable:1536kB writepending:3228kB present:3129332kB managed:2544188kB mlocked:0kB bounce:0kB free_pcp:1536kB local_pcp:716kB free_cma:0kB [ 255.200989][ T8095] lowmem_reserve[]: 0 0 1 1 1 [ 255.207265][ T8095] Node 0 Normal free:24kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1820kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB [ 255.245626][ T8095] lowmem_reserve[]: 0 0 0 0 0 [ 255.251340][ T8095] Node 1 Normal free:3901508kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:5316kB local_pcp:5316kB free_cma:0kB [ 255.342627][ T8095] lowmem_reserve[]: 0 0 0 0 0 [ 255.357836][ T8095] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 255.408014][ T8095] Node 0 DMA32: 22*4kB (E) 37*8kB (UE) 611*16kB (UME) 729*32kB (UME) 346*64kB (UME) 103*128kB (UME) 72*256kB (UME) 63*512kB (UME) 52*1024kB (UME) 14*2048kB (UM) 297*4096kB (UM) = 1417936kB [ 255.474444][ T8095] Node 0 Normal: 2*4kB (M) 2*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 255.512427][ T8095] Node 1 Normal: 23*4kB (UME) 71*8kB (UE) 27*16kB (UME) 196*32kB (UME) 86*64kB (UME) 34*128kB (UE) 17*256kB (UME) 4*512kB (UME) 5*1024kB (UME) 3*2048kB (UME) 944*4096kB (M) = 3901508kB [ 255.533573][ T8095] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 255.547207][ T8095] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 255.573523][ T8095] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 255.587086][ T8095] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 255.629140][ T8095] 57651 total pagecache pages [ 255.637208][ T8095] 0 pages in swap cache [ 255.665036][ T8095] Free swap = 124996kB [ 255.677011][ T8095] Total swap = 124996kB [ 255.698875][ T8095] 2097051 pages RAM [ 255.702765][ T8095] 0 pages HighMem/MovableOnly [ 255.707916][ T8095] 428898 pages reserved [ 255.757304][ T8095] 0 pages cma reserved [ 258.331822][ T8149] FAULT_INJECTION: forcing a failure. [ 258.331822][ T8149] name failslab, interval 1, probability 0, space 0, times 0 [ 258.353316][ T8149] CPU: 0 UID: 0 PID: 8149 Comm: syz.2.512 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 258.353358][ T8149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 258.353376][ T8149] Call Trace: [ 258.353386][ T8149] [ 258.353398][ T8149] dump_stack_lvl+0x16c/0x1f0 [ 258.353444][ T8149] should_fail_ex+0x512/0x640 [ 258.353487][ T8149] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 258.353543][ T8149] should_failslab+0xc2/0x120 [ 258.353582][ T8149] __kmalloc_cache_noprof+0x6a/0x3e0 [ 258.353630][ T8149] ? alloc_tty_struct+0x96/0x8c0 [ 258.353675][ T8149] alloc_tty_struct+0x96/0x8c0 [ 258.353714][ T8149] ? __pfx_alloc_tty_struct+0x10/0x10 [ 258.353763][ T8149] tty_init_dev.part.0+0x1e/0x500 [ 258.353798][ T8149] tty_open+0xa50/0xf90 [ 258.353843][ T8149] ? __pfx_tty_open+0x10/0x10 [ 258.353875][ T8149] ? chrdev_open+0x10b/0x6a0 [ 258.353906][ T8149] ? __pfx_tty_open+0x10/0x10 [ 258.353936][ T8149] chrdev_open+0x231/0x6a0 [ 258.353962][ T8149] ? __pfx_apparmor_file_open+0x10/0x10 [ 258.353995][ T8149] ? __pfx_chrdev_open+0x10/0x10 [ 258.354024][ T8149] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 258.354069][ T8149] do_dentry_open+0x741/0x1c10 [ 258.354096][ T8149] ? __pfx_chrdev_open+0x10/0x10 [ 258.354129][ T8149] vfs_open+0x82/0x3f0 [ 258.354167][ T8149] path_openat+0x1e5e/0x2d40 [ 258.354204][ T8149] ? __pfx_path_openat+0x10/0x10 [ 258.354236][ T8149] do_filp_open+0x20b/0x470 [ 258.354260][ T8149] ? __pfx_do_filp_open+0x10/0x10 [ 258.354308][ T8149] ? alloc_fd+0x471/0x7d0 [ 258.354356][ T8149] do_sys_openat2+0x11b/0x1d0 [ 258.354389][ T8149] ? __pfx_do_sys_openat2+0x10/0x10 [ 258.354426][ T8149] ? __fget_files+0x20e/0x3c0 [ 258.354471][ T8149] __x64_sys_openat+0x174/0x210 [ 258.354506][ T8149] ? __pfx___x64_sys_openat+0x10/0x10 [ 258.354539][ T8149] ? ksys_write+0x1b9/0x240 [ 258.354574][ T8149] do_syscall_64+0xcd/0x230 [ 258.354611][ T8149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.354636][ T8149] RIP: 0033:0x7f726798e969 [ 258.354656][ T8149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.354680][ T8149] RSP: 002b:00007f726889b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 258.354704][ T8149] RAX: ffffffffffffffda RBX: 00007f7267bb5fa0 RCX: 00007f726798e969 [ 258.354721][ T8149] RDX: 0000000000103800 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 258.354737][ T8149] RBP: 00007f726889b090 R08: 0000000000000000 R09: 0000000000000000 [ 258.354753][ T8149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 258.354767][ T8149] R13: 0000000000000001 R14: 00007f7267bb5fa0 R15: 00007ffda6ff8028 [ 258.354799][ T8149] [ 258.624133][ C0] vkms_vblank_simulate: vblank timer overrun [ 259.485720][ T8167] FAULT_INJECTION: forcing a failure. [ 259.485720][ T8167] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 259.504250][ T8167] CPU: 1 UID: 0 PID: 8167 Comm: syz.1.515 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 259.504293][ T8167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 259.504311][ T8167] Call Trace: [ 259.504321][ T8167] [ 259.504332][ T8167] dump_stack_lvl+0x16c/0x1f0 [ 259.504378][ T8167] should_fail_ex+0x512/0x640 [ 259.504426][ T8167] should_fail_alloc_page+0xe7/0x130 [ 259.504467][ T8167] prepare_alloc_pages+0x3c2/0x610 [ 259.504521][ T8167] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 259.504562][ T8167] ? find_held_lock+0x2b/0x80 [ 259.504604][ T8167] ? __lock_acquire+0x5ca/0x1ba0 [ 259.504646][ T8167] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 259.504685][ T8167] ? __lock_acquire+0x5ca/0x1ba0 [ 259.504736][ T8167] ? __lock_acquire+0x5ca/0x1ba0 [ 259.504781][ T8167] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 259.504827][ T8167] ? policy_nodemask+0xea/0x4e0 [ 259.504866][ T8167] alloc_pages_mpol+0x1fb/0x550 [ 259.504906][ T8167] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 259.504962][ T8167] alloc_pages_noprof+0x131/0x390 [ 259.505002][ T8167] __pmd_alloc+0x3f/0x870 [ 259.505045][ T8167] ? find_held_lock+0x2b/0x80 [ 259.505077][ T8167] __handle_mm_fault+0x948/0x2a40 [ 259.505118][ T8167] ? __pfx___handle_mm_fault+0x10/0x10 [ 259.505172][ T8167] ? find_vma+0xbf/0x140 [ 259.505213][ T8167] ? __pfx_find_vma+0x10/0x10 [ 259.505253][ T8167] ? __kasan_slab_free+0x51/0x70 [ 259.505291][ T8167] handle_mm_fault+0x3fe/0xad0 [ 259.505329][ T8167] do_user_addr_fault+0x7a6/0x1370 [ 259.505366][ T8167] ? rcu_is_watching+0x12/0xc0 [ 259.505397][ T8167] exc_page_fault+0x5c/0xc0 [ 259.505437][ T8167] asm_exc_page_fault+0x26/0x30 [ 259.505466][ T8167] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 259.505498][ T8167] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 259.505527][ T8167] RSP: 0018:ffffc90014e4fb90 EFLAGS: 00050202 [ 259.505552][ T8167] RAX: 0000000000000001 RBX: 0000000000000009 RCX: 0000000000000050 [ 259.505569][ T8167] RDX: fffff520029c9f8a RSI: 0000000000000009 RDI: ffffc90014e4fc00 [ 259.505588][ T8167] RBP: 0000000000000050 R08: 0000000000000001 R09: fffff520029c9f89 [ 259.505606][ T8167] R10: ffffc90014e4fc4f R11: 0000000000000000 R12: 0000000000000000 [ 259.505624][ T8167] R13: ffffc90014e4fc00 R14: ffff88806175c000 R15: ffffc90014e4fc00 [ 259.505665][ T8167] _copy_from_user+0x98/0xd0 [ 259.505715][ T8167] inet6_ioctl+0x232/0x2b0 [ 259.505765][ T8167] ? __pfx_inet6_ioctl+0x10/0x10 [ 259.505813][ T8167] ? tomoyo_path_number_perm+0x295/0x580 [ 259.505862][ T8167] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 259.505897][ T8167] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 259.505951][ T8167] sock_do_ioctl+0x115/0x280 [ 259.505993][ T8167] ? __pfx_sock_do_ioctl+0x10/0x10 [ 259.506055][ T8167] sock_ioctl+0x227/0x6b0 [ 259.506099][ T8167] ? __pfx_sock_ioctl+0x10/0x10 [ 259.506139][ T8167] ? hook_file_ioctl_common+0x145/0x410 [ 259.506179][ T8167] ? __fget_files+0x20e/0x3c0 [ 259.506224][ T8167] ? update_triggers+0x560/0x5a0 [ 259.506266][ T8167] ? __pfx_sock_ioctl+0x10/0x10 [ 259.506311][ T8167] __x64_sys_ioctl+0x190/0x200 [ 259.506354][ T8167] do_syscall_64+0xcd/0x230 [ 259.506398][ T8167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.506429][ T8167] RIP: 0033:0x7f7f4498e969 [ 259.506454][ T8167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.506480][ T8167] RSP: 002b:00007f7f45868038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.506506][ T8167] RAX: ffffffffffffffda RBX: 00007f7f44bb5fa0 RCX: 00007f7f4498e969 [ 259.506525][ T8167] RDX: 0000000000000009 RSI: 000000000000890c RDI: 0000000000000003 [ 259.506542][ T8167] RBP: 00007f7f45868090 R08: 0000000000000000 R09: 0000000000000000 [ 259.506561][ T8167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.506579][ T8167] R13: 0000000000000000 R14: 00007f7f44bb5fa0 R15: 00007fff48015728 [ 259.506620][ T8167] [ 260.970391][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.976783][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.617087][ T8234] netlink: 72 bytes leftover after parsing attributes in process `syz.3.527'. [ 264.007131][ T8248] Invalid ELF header magic: != ELF [ 264.018270][ T8246] Invalid ELF header magic: != ELF [ 267.529398][ T8296] FAULT_INJECTION: forcing a failure. [ 267.529398][ T8296] name failslab, interval 1, probability 0, space 0, times 0 [ 267.554735][ T8296] CPU: 1 UID: 0 PID: 8296 Comm: syz.0.540 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 267.554799][ T8296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 267.554826][ T8296] Call Trace: [ 267.554840][ T8296] [ 267.554857][ T8296] dump_stack_lvl+0x16c/0x1f0 [ 267.554925][ T8296] should_fail_ex+0x512/0x640 [ 267.554979][ T8296] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 267.555035][ T8296] should_failslab+0xc2/0x120 [ 267.555074][ T8296] __kmalloc_cache_noprof+0x6a/0x3e0 [ 267.555127][ T8296] ? snd_seq_pool_new+0x44/0x230 [ 267.555175][ T8296] ? __pfx_snd_seq_open+0x10/0x10 [ 267.555222][ T8296] snd_seq_pool_new+0x44/0x230 [ 267.555269][ T8296] seq_create_client1+0x66/0x5e0 [ 267.555312][ T8296] ? __pfx_snd_seq_open+0x10/0x10 [ 267.555349][ T8296] snd_seq_open+0x59/0x550 [ 267.555387][ T8296] ? __pfx_snd_seq_open+0x10/0x10 [ 267.555430][ T8296] snd_open+0x1fe/0x450 [ 267.555480][ T8296] ? __pfx_snd_open+0x10/0x10 [ 267.555522][ T8296] chrdev_open+0x231/0x6a0 [ 267.555555][ T8296] ? __pfx_apparmor_file_open+0x10/0x10 [ 267.555602][ T8296] ? __pfx_chrdev_open+0x10/0x10 [ 267.555638][ T8296] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 267.555691][ T8296] do_dentry_open+0x741/0x1c10 [ 267.555722][ T8296] ? __pfx_chrdev_open+0x10/0x10 [ 267.555760][ T8296] vfs_open+0x82/0x3f0 [ 267.555802][ T8296] path_openat+0x1e5e/0x2d40 [ 267.555848][ T8296] ? __pfx_path_openat+0x10/0x10 [ 267.555897][ T8296] do_filp_open+0x20b/0x470 [ 267.555928][ T8296] ? __pfx_do_filp_open+0x10/0x10 [ 267.555990][ T8296] ? alloc_fd+0x471/0x7d0 [ 267.556051][ T8296] do_sys_openat2+0x11b/0x1d0 [ 267.556093][ T8296] ? __pfx_do_sys_openat2+0x10/0x10 [ 267.556139][ T8296] ? __fget_files+0x20e/0x3c0 [ 267.556196][ T8296] __x64_sys_openat+0x174/0x210 [ 267.556245][ T8296] ? __pfx___x64_sys_openat+0x10/0x10 [ 267.556287][ T8296] ? ksys_write+0x1b9/0x240 [ 267.556317][ T8296] ? rcu_is_watching+0x12/0xc0 [ 267.556357][ T8296] do_syscall_64+0xcd/0x230 [ 267.556402][ T8296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.556432][ T8296] RIP: 0033:0x7f8c5a58e969 [ 267.556455][ T8296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.556484][ T8296] RSP: 002b:00007f8c5b39f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 267.556512][ T8296] RAX: ffffffffffffffda RBX: 00007f8c5a7b5fa0 RCX: 00007f8c5a58e969 [ 267.556532][ T8296] RDX: 0000000000101180 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 267.556550][ T8296] RBP: 00007f8c5b39f090 R08: 0000000000000000 R09: 0000000000000000 [ 267.556568][ T8296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 267.556584][ T8296] R13: 0000000000000000 R14: 00007f8c5a7b5fa0 R15: 00007ffdf08e2f68 [ 267.556624][ T8296] [ 271.743988][ T8352] netlink: 8 bytes leftover after parsing attributes in process `syz.1.550'. [ 272.010714][ T8362] netlink: 330 bytes leftover after parsing attributes in process `syz.0.552'. [ 272.291811][ T8368] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 272.291850][ T8368] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 273.314364][ T8383] Process accounting paused [ 276.105493][ T8413] netlink: 72 bytes leftover after parsing attributes in process `syz.0.563'. [ 277.264021][ T8425] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 277.370841][ T8420] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 277.384555][ T8420] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 277.467195][ T8420] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 277.486748][ T8420] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 277.555607][ T8420] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 277.573290][ T8420] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 277.597311][ T8420] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 277.616376][ T8420] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 277.700736][ T8420] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 278.418244][ T8458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.574'. [ 278.719132][ T5138] Bluetooth: hci0: command 0x0406 tx timeout [ 279.499751][ T8460] ima: policy update failed [ 279.504997][ T30] audit: type=1802 audit(4294967413.270:5): pid=8460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.575" res=0 errno=0 [ 279.529052][ T5138] Bluetooth: hci1: command 0x0406 tx timeout [ 279.598937][ T5138] Bluetooth: hci2: command 0x0c1a tx timeout [ 279.606502][ T5138] Bluetooth: hci3: command 0x0406 tx timeout [ 280.818138][ T5138] Bluetooth: hci0: command 0x0406 tx timeout [ 280.958991][ T8491] netlink: 8 bytes leftover after parsing attributes in process `syz.0.589'. [ 281.598822][ T5138] Bluetooth: hci1: command 0x0406 tx timeout [ 281.679966][ T5138] Bluetooth: hci2: command 0x0c1a tx timeout [ 281.690134][ T5138] Bluetooth: hci3: command 0x0406 tx timeout [ 282.460485][ T8516] usb usb34: usbfs: process 8516 (syz.0.586) did not claim interface 0 before use [ 283.535906][ T8530] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 283.578975][ T8530] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 283.760000][ T5138] Bluetooth: hci2: command 0x0c1a tx timeout [ 283.908391][ T8531] openvswitch: netlink: Duplicate key (type 15). [ 284.738817][ T8558] can: request_module (can-proto-5) failed. [ 286.606633][ T8580] netlink: 330 bytes leftover after parsing attributes in process `syz.1.599'. [ 286.717807][ T8568] netlink: 334 bytes leftover after parsing attributes in process `syz.0.605'. [ 286.832261][ T8585] FAULT_INJECTION: forcing a failure. [ 286.832261][ T8585] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 286.848936][ T8585] CPU: 0 UID: 0 PID: 8585 Comm: syz.3.601 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 286.848977][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 286.848995][ T8585] Call Trace: [ 286.849004][ T8585] [ 286.849015][ T8585] dump_stack_lvl+0x16c/0x1f0 [ 286.849060][ T8585] should_fail_ex+0x512/0x640 [ 286.849106][ T8585] _copy_from_user+0x2e/0xd0 [ 286.849151][ T8585] copy_msghdr_from_user+0x98/0x160 [ 286.849193][ T8585] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 286.849233][ T8585] ? __pfx__kstrtoull+0x10/0x10 [ 286.849273][ T8585] ___sys_sendmsg+0xfe/0x1d0 [ 286.849307][ T8585] ? __pfx____sys_sendmsg+0x10/0x10 [ 286.849357][ T8585] ? find_held_lock+0x2b/0x80 [ 286.849410][ T8585] __sys_sendmmsg+0x200/0x420 [ 286.849447][ T8585] ? __pfx___sys_sendmmsg+0x10/0x10 [ 286.849492][ T8585] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 286.849554][ T8585] ? fput+0x70/0xf0 [ 286.849589][ T8585] ? ksys_write+0x1b9/0x240 [ 286.849615][ T8585] ? __pfx_ksys_write+0x10/0x10 [ 286.849642][ T8585] ? rcu_is_watching+0x12/0xc0 [ 286.849677][ T8585] __x64_sys_sendmmsg+0x9c/0x100 [ 286.849708][ T8585] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.849747][ T8585] do_syscall_64+0xcd/0x230 [ 286.849792][ T8585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.849823][ T8585] RIP: 0033:0x7fa80198e969 [ 286.849847][ T8585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.849877][ T8585] RSP: 002b:00007fa8028ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 286.849905][ T8585] RAX: ffffffffffffffda RBX: 00007fa801bb5fa0 RCX: 00007fa80198e969 [ 286.849924][ T8585] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 286.849943][ T8585] RBP: 00007fa8028ad090 R08: 0000000000000000 R09: 0000000000000000 [ 286.849962][ T8585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.849980][ T8585] R13: 0000000000000000 R14: 00007fa801bb5fa0 R15: 00007ffc355d3fb8 [ 286.850019][ T8585] [ 287.826684][ T8606] netlink: 8 bytes leftover after parsing attributes in process `syz.2.607'. [ 287.981229][ T8608] Invalid ELF header magic: != ELF [ 290.032647][ T8654] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 290.154284][ T8656] mkiss: ax0: crc mode is auto. [ 292.888048][ T8714] snd_aloop snd_aloop.0: control 1:6:-2147483647:_heR:6 is already present [ 295.799679][ T8749] netlink: 8 bytes leftover after parsing attributes in process `syz.2.644'. [ 296.726577][ T8758] FAULT_INJECTION: forcing a failure. [ 296.726577][ T8758] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 296.778314][ T8754] netlink: 28 bytes leftover after parsing attributes in process `syz.0.646'. [ 296.813340][ T8758] CPU: 0 UID: 0 PID: 8758 Comm: syz.1.648 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 296.813396][ T8758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 296.813413][ T8758] Call Trace: [ 296.813423][ T8758] [ 296.813434][ T8758] dump_stack_lvl+0x16c/0x1f0 [ 296.813478][ T8758] should_fail_ex+0x512/0x640 [ 296.813546][ T8758] _copy_to_iter+0x2a4/0x15a0 [ 296.813596][ T8758] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 296.813658][ T8758] ? __pfx__copy_to_iter+0x10/0x10 [ 296.813706][ T8758] ? kernfs_seq_stop+0xcd/0x120 [ 296.813752][ T8758] ? kernfs_put_active+0x86/0xe0 [ 296.813789][ T8758] seq_read_iter+0xcf8/0x12c0 [ 296.813852][ T8758] kernfs_fop_read_iter+0x40f/0x5a0 [ 296.813889][ T8758] ? rw_verify_area+0xcf/0x680 [ 296.813937][ T8758] vfs_read+0x8c8/0xc70 [ 296.813971][ T8758] ? __pfx___mutex_lock+0x10/0x10 [ 296.814009][ T8758] ? __pfx_vfs_read+0x10/0x10 [ 296.814067][ T8758] ksys_read+0x12a/0x240 [ 296.814094][ T8758] ? __pfx_ksys_read+0x10/0x10 [ 296.814120][ T8758] ? rcu_is_watching+0x12/0xc0 [ 296.814159][ T8758] do_syscall_64+0xcd/0x230 [ 296.814204][ T8758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.814235][ T8758] RIP: 0033:0x7f7f4498e969 [ 296.814259][ T8758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 296.814288][ T8758] RSP: 002b:00007f7f45868038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 296.814315][ T8758] RAX: ffffffffffffffda RBX: 00007f7f44bb5fa0 RCX: 00007f7f4498e969 [ 296.814335][ T8758] RDX: 00000000000000a8 RSI: 0000200000003800 RDI: 0000000000000003 [ 296.814353][ T8758] RBP: 00007f7f45868090 R08: 0000000000000000 R09: 0000000000000000 [ 296.814370][ T8758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 296.814387][ T8758] R13: 0000000000000000 R14: 00007f7f44bb5fa0 R15: 00007fff48015728 [ 296.814423][ T8758] [ 297.979821][ T8776] FAULT_INJECTION: forcing a failure. [ 297.979821][ T8776] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 298.018837][ T8776] CPU: 0 UID: 0 PID: 8776 Comm: syz.0.652 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 298.018879][ T8776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 298.018896][ T8776] Call Trace: [ 298.018906][ T8776] [ 298.018918][ T8776] dump_stack_lvl+0x16c/0x1f0 [ 298.018962][ T8776] should_fail_ex+0x512/0x640 [ 298.019009][ T8776] _copy_to_user+0x32/0xd0 [ 298.019056][ T8776] simple_read_from_buffer+0xcb/0x170 [ 298.019103][ T8776] proc_fail_nth_read+0x197/0x270 [ 298.019146][ T8776] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 298.019191][ T8776] ? rw_verify_area+0xcf/0x680 [ 298.019235][ T8776] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 298.019278][ T8776] vfs_read+0x1de/0xc70 [ 298.019311][ T8776] ? __pfx___mutex_lock+0x10/0x10 [ 298.019352][ T8776] ? __pfx_vfs_read+0x10/0x10 [ 298.019416][ T8776] ? __fget_files+0x20e/0x3c0 [ 298.019478][ T8776] ksys_read+0x12a/0x240 [ 298.019506][ T8776] ? __pfx_ksys_read+0x10/0x10 [ 298.019532][ T8776] ? rcu_is_watching+0x12/0xc0 [ 298.019574][ T8776] do_syscall_64+0xcd/0x230 [ 298.019619][ T8776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.019650][ T8776] RIP: 0033:0x7f8c5a58d37c [ 298.019675][ T8776] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 298.019703][ T8776] RSP: 002b:00007f8c5b37e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 298.019731][ T8776] RAX: ffffffffffffffda RBX: 00007f8c5a7b6080 RCX: 00007f8c5a58d37c [ 298.019752][ T8776] RDX: 000000000000000f RSI: 00007f8c5b37e0a0 RDI: 0000000000000004 [ 298.019770][ T8776] RBP: 00007f8c5b37e090 R08: 0000000000000000 R09: 0000000000000000 [ 298.019801][ T8776] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 298.019825][ T8776] R13: 0000000000000000 R14: 00007f8c5a7b6080 R15: 00007ffdf08e2f68 [ 298.019868][ T8776] [ 298.429998][ T30] audit: type=1800 audit(4294967432.100:6): pid=8781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.654" name="discovery_nqn" dev="configfs" ino=20151 res=0 errno=0 [ 301.706426][ T8818] netlink: 8 bytes leftover after parsing attributes in process `syz.2.660'. [ 303.387283][ T8852] FAULT_INJECTION: forcing a failure. [ 303.387283][ T8852] name failslab, interval 1, probability 0, space 0, times 0 [ 303.441870][ T8852] CPU: 1 UID: 0 PID: 8852 Comm: syz.3.668 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 303.441914][ T8852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 303.441933][ T8852] Call Trace: [ 303.441943][ T8852] [ 303.441954][ T8852] dump_stack_lvl+0x16c/0x1f0 [ 303.442000][ T8852] should_fail_ex+0x512/0x640 [ 303.442043][ T8852] ? __kmalloc_noprof+0xbf/0x510 [ 303.442079][ T8852] ? tracepoint_add_func+0x2a6/0xea0 [ 303.442119][ T8852] should_failslab+0xc2/0x120 [ 303.442157][ T8852] __kmalloc_noprof+0xd2/0x510 [ 303.442195][ T8852] ? __pfx_probe_sched_switch+0x10/0x10 [ 303.442234][ T8852] tracepoint_add_func+0x2a6/0xea0 [ 303.442274][ T8852] ? __pfx_probe_sched_switch+0x10/0x10 [ 303.442322][ T8852] ? __pfx_probe_sched_switch+0x10/0x10 [ 303.442360][ T8852] tracepoint_probe_register+0xbf/0x100 [ 303.442403][ T8852] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 303.442446][ T8852] ? __pfx_probe_sched_switch+0x10/0x10 [ 303.442498][ T8852] tracing_start_sched_switch+0x109/0x1e0 [ 303.442536][ T8852] __ftrace_event_enable_disable+0x670/0x8b0 [ 303.442587][ T8852] __ftrace_set_clr_event_nolock+0x390/0xb70 [ 303.442644][ T8852] ftrace_set_clr_event+0x16e/0x330 [ 303.442692][ T8852] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 303.442760][ T8852] ftrace_event_write+0x243/0x290 [ 303.442805][ T8852] ? __pfx_ftrace_event_write+0x10/0x10 [ 303.442870][ T8852] vfs_write+0x25c/0x1180 [ 303.442896][ T8852] ? __pfx_ftrace_event_write+0x10/0x10 [ 303.442950][ T8852] ? __pfx___mutex_lock+0x10/0x10 [ 303.442991][ T8852] ? __pfx_vfs_write+0x10/0x10 [ 303.443032][ T8852] ? __fget_files+0x20e/0x3c0 [ 303.443094][ T8852] ksys_write+0x12a/0x240 [ 303.443123][ T8852] ? __pfx_ksys_write+0x10/0x10 [ 303.443149][ T8852] ? rcu_is_watching+0x12/0xc0 [ 303.443190][ T8852] do_syscall_64+0xcd/0x230 [ 303.443233][ T8852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.443264][ T8852] RIP: 0033:0x7fa80198e969 [ 303.443288][ T8852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.443318][ T8852] RSP: 002b:00007fa80286b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 303.443346][ T8852] RAX: ffffffffffffffda RBX: 00007fa801bb6160 RCX: 00007fa80198e969 [ 303.443380][ T8852] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000004 [ 303.443397][ T8852] RBP: 00007fa80286b090 R08: 0000000000000000 R09: 0000000000000000 [ 303.443415][ T8852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 303.443432][ T8852] R13: 0000000000000000 R14: 00007fa801bb6160 R15: 00007ffc355d3fb8 [ 303.443474][ T8852] [ 303.443486][ T8852] sched trace: Couldn't activate tracepoint probe to kernel_sched_switch [ 305.285546][ T8855] Process accounting resumed [ 305.860905][ T8875] ------------[ cut here ]------------ [ 305.866704][ T8875] WARNING: CPU: 0 PID: 8875 at kernel/tracepoint.c:358 tracepoint_probe_unregister+0x894/0xd70 [ 305.877294][ T8875] Modules linked in: [ 305.881611][ T8875] CPU: 0 UID: 0 PID: 8875 Comm: syz.1.675 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 305.893974][ T8875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 305.904431][ T8875] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 305.911495][ T8875] Code: 41 5e 41 5f c3 cc cc cc cc e8 38 1e fe ff 48 c7 c6 70 7d bc 81 48 89 df e8 e9 29 e5 ff eb 9f bb fe ff ff ff e8 1d 1e fe ff 90 <0f> 0b 90 eb 91 e8 12 1e fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 305.931489][ T8875] RSP: 0018:ffffc9000d007890 EFLAGS: 00010283 [ 305.939137][ T8875] RAX: 000000000004c057 RBX: 00000000fffffffe RCX: ffffc9000b85b000 [ 305.947185][ T8875] RDX: 0000000000080000 RSI: ffffffff81bc8eb3 RDI: 0000000000000005 [ 305.956349][ T8875] RBP: ffffffff8e787280 R08: 0000000000000005 R09: 0000000000000000 [ 305.964773][ T8875] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff81c26040 [ 305.973128][ T8875] R13: ffff88801c28ad48 R14: 0000000000000002 R15: ffff88801c28ad00 [ 305.981439][ T8875] FS: 00007f7f458686c0(0000) GS:ffff8881249ed000(0000) knlGS:0000000000000000 [ 305.990497][ T8875] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 305.997387][ T8875] CR2: 0000001b2eaffff8 CR3: 000000005cb40000 CR4: 00000000003526f0 [ 306.005793][ T8875] Call Trace: [ 306.009156][ T8875] [ 306.012156][ T8875] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 306.018591][ T8875] tracing_stop_cmdline_record+0x66/0xa0 [ 306.024408][ T8875] __ftrace_event_enable_disable+0x762/0x8b0 [ 306.030585][ T8875] ftrace_event_set_open+0x232/0x380 [ 306.036765][ T8875] do_dentry_open+0x741/0x1c10 [ 306.042459][ T8875] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 306.048369][ T8875] vfs_open+0x82/0x3f0 [ 306.052637][ T8875] path_openat+0x1e5e/0x2d40 [ 306.057310][ T8875] ? __pfx_path_openat+0x10/0x10 [ 306.062401][ T8875] do_filp_open+0x20b/0x470 [ 306.066978][ T8875] ? __pfx_do_filp_open+0x10/0x10 [ 306.072145][ T8875] ? alloc_fd+0x471/0x7d0 [ 306.076584][ T8875] do_sys_openat2+0x11b/0x1d0 [ 306.081394][ T8875] ? __pfx_do_sys_openat2+0x10/0x10 [ 306.086701][ T8875] ? find_held_lock+0x2b/0x80 [ 306.091509][ T8875] __x64_sys_openat+0x174/0x210 [ 306.096439][ T8875] ? __pfx___x64_sys_openat+0x10/0x10 [ 306.102194][ T8875] ? rcu_is_watching+0x12/0xc0 [ 306.107041][ T8875] do_syscall_64+0xcd/0x230 [ 306.112003][ T8875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.117973][ T8875] RIP: 0033:0x7f7f4498e969 [ 306.122524][ T8875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.143197][ T8875] RSP: 002b:00007f7f45868038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 306.152484][ T8875] RAX: ffffffffffffffda RBX: 00007f7f44bb5fa0 RCX: 00007f7f4498e969 [ 306.160789][ T8875] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 306.169036][ T8875] RBP: 00007f7f44a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 306.177065][ T8875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.185127][ T8875] R13: 0000000000000000 R14: 00007f7f44bb5fa0 R15: 00007fff48015728 [ 306.193237][ T8875] [ 306.196308][ T8875] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 306.203639][ T8875] CPU: 0 UID: 0 PID: 8875 Comm: syz.1.675 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 306.215580][ T8875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 306.225657][ T8875] Call Trace: [ 306.228961][ T8875] [ 306.231913][ T8875] dump_stack_lvl+0x3d/0x1f0 [ 306.236540][ T8875] panic+0x71c/0x800 [ 306.240471][ T8875] ? __pfx_panic+0x10/0x10 [ 306.244935][ T8875] ? show_trace_log_lvl+0x29b/0x3e0 [ 306.250186][ T8875] ? tracepoint_probe_unregister+0x894/0xd70 [ 306.256197][ T8875] check_panic_on_warn+0xab/0xb0 [ 306.261171][ T8875] __warn+0xf6/0x3c0 [ 306.265104][ T8875] ? tracepoint_probe_unregister+0x894/0xd70 [ 306.271119][ T8875] report_bug+0x3c3/0x580 [ 306.275479][ T8875] ? tracepoint_probe_unregister+0x894/0xd70 [ 306.281495][ T8875] handle_bug+0x184/0x210 [ 306.285861][ T8875] exc_invalid_op+0x17/0x50 [ 306.290396][ T8875] asm_exc_invalid_op+0x1a/0x20 [ 306.295271][ T8875] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 306.301904][ T8875] Code: 41 5e 41 5f c3 cc cc cc cc e8 38 1e fe ff 48 c7 c6 70 7d bc 81 48 89 df e8 e9 29 e5 ff eb 9f bb fe ff ff ff e8 1d 1e fe ff 90 <0f> 0b 90 eb 91 e8 12 1e fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 306.321550][ T8875] RSP: 0018:ffffc9000d007890 EFLAGS: 00010283 [ 306.327644][ T8875] RAX: 000000000004c057 RBX: 00000000fffffffe RCX: ffffc9000b85b000 [ 306.335639][ T8875] RDX: 0000000000080000 RSI: ffffffff81bc8eb3 RDI: 0000000000000005 [ 306.343635][ T8875] RBP: ffffffff8e787280 R08: 0000000000000005 R09: 0000000000000000 [ 306.351655][ T8875] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff81c26040 [ 306.359650][ T8875] R13: ffff88801c28ad48 R14: 0000000000000002 R15: ffff88801c28ad00 [ 306.367649][ T8875] ? __pfx_probe_sched_switch+0x10/0x10 [ 306.373241][ T8875] ? tracepoint_probe_unregister+0x893/0xd70 [ 306.379269][ T8875] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 306.385639][ T8875] tracing_stop_cmdline_record+0x66/0xa0 [ 306.391302][ T8875] __ftrace_event_enable_disable+0x762/0x8b0 [ 306.397322][ T8875] ftrace_event_set_open+0x232/0x380 [ 306.402682][ T8875] do_dentry_open+0x741/0x1c10 [ 306.407475][ T8875] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 306.413421][ T8875] vfs_open+0x82/0x3f0 [ 306.417530][ T8875] path_openat+0x1e5e/0x2d40 [ 306.422162][ T8875] ? __pfx_path_openat+0x10/0x10 [ 306.427138][ T8875] do_filp_open+0x20b/0x470 [ 306.431671][ T8875] ? __pfx_do_filp_open+0x10/0x10 [ 306.436745][ T8875] ? alloc_fd+0x471/0x7d0 [ 306.441125][ T8875] do_sys_openat2+0x11b/0x1d0 [ 306.445836][ T8875] ? __pfx_do_sys_openat2+0x10/0x10 [ 306.451074][ T8875] ? find_held_lock+0x2b/0x80 [ 306.455789][ T8875] __x64_sys_openat+0x174/0x210 [ 306.460688][ T8875] ? __pfx___x64_sys_openat+0x10/0x10 [ 306.466100][ T8875] ? rcu_is_watching+0x12/0xc0 [ 306.470897][ T8875] do_syscall_64+0xcd/0x230 [ 306.475443][ T8875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.481368][ T8875] RIP: 0033:0x7f7f4498e969 [ 306.485808][ T8875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.505446][ T8875] RSP: 002b:00007f7f45868038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 306.513892][ T8875] RAX: ffffffffffffffda RBX: 00007f7f44bb5fa0 RCX: 00007f7f4498e969 [ 306.521902][ T8875] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 306.529919][ T8875] RBP: 00007f7f44a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 306.537975][ T8875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.545980][ T8875] R13: 0000000000000000 R14: 00007f7f44bb5fa0 R15: 00007fff48015728 [ 306.553995][ T8875] [ 306.557417][ T8875] Kernel Offset: disabled [ 306.561756][ T8875] Rebooting in 86400 seconds..